5 files changed, 118 insertions, 1 deletions

diff --git a/samples/OpenIdRelyingPartyWebForms/DetectGoogleSession.aspx b/samples/OpenIdRelyingPartyWebForms/DetectGoogleSession.aspx
new file mode 100644
index 0000000..403858f
--- /dev/null
+++ b/samples/OpenIdRelyingPartyWebForms/DetectGoogleSession.aspx
@@ -0,0 +1,16 @@
+<%@ Page Language="C#" AutoEventWireup="true" CodeBehind="DetectGoogleSession.aspx.cs"
+	Inherits="OpenIdRelyingPartyWebForms.DetectGoogleSession" ValidateRequest="false"
+	MasterPageFile="~/Site.Master" %>
+
+<%@ Register Assembly="DotNetOpenAuth" Namespace="DotNetOpenAuth.OpenId.RelyingParty"
+	TagPrefix="rp" %>
+<%@ Register Assembly="DotNetOpenAuth" Namespace="DotNetOpenAuth.OpenId.Extensions.SimpleRegistration"
+	TagPrefix="sreg" %>
+<asp:Content ID="Content1" runat="server" ContentPlaceHolderID="Main">
+	<asp:Label Text="We've detected that you're logged into Google!" runat="server" Visible="false"
+		ID="YouAreLoggedInLabel" />
+	<asp:Label Text="We've detected that you're logged into Google because your Google account trusts this site!" runat="server" Visible="false"
+		ID="YouTrustUsLabel" />
+	<asp:Label Text="We've detected that you're NOT logged into Google!" runat="server" Visible="false"
+		ID="YouAreNotLoggedInLabel" />
+</asp:Content>
diff --git a/samples/OpenIdRelyingPartyWebForms/DetectGoogleSession.aspx.cs b/samples/OpenIdRelyingPartyWebForms/DetectGoogleSession.aspx.cs
new file mode 100644
index 0000000..98fe745
--- /dev/null
+++ b/samples/OpenIdRelyingPartyWebForms/DetectGoogleSession.aspx.cs
@@ -0,0 +1,46 @@
+namespace OpenIdRelyingPartyWebForms {
+	using System;
+	using DotNetOpenAuth.ApplicationBlock.CustomExtensions;
+	using DotNetOpenAuth.OpenId.Extensions.UI;
+	using DotNetOpenAuth.OpenId.RelyingParty;
+
+	public partial class DetectGoogleSession : System.Web.UI.Page {
+		private const string GoogleOPIdentifier = "https://www.google.com/accounts/o8/id";
+
+		private const string UIModeDetectSession = "x-has-session";
+
+		protected void Page_Load(object sender, EventArgs e) {
+			using (var openid = new OpenIdRelyingParty()) {
+				// In order to receive the UIRequest as a response, we must register a custom extension factory.
+				openid.ExtensionFactories.Add(new UIRequestAtRelyingPartyFactory());
+
+				var response = openid.GetResponse();
+				if (response == null) {
+					// Submit an OpenID request which Google must reply to immediately.
+					// If the user hasn't established a trust relationship with this site yet,
+					// Google will not give us the user identity, but they will tell us whether the user
+					// at least has an active login session with them so we know whether to promote the
+					// "Log in with Google" button.
+					IAuthenticationRequest request = openid.CreateRequest("https://www.google.com/accounts/o8/id");
+					request.AddExtension(new UIRequest { Mode = UIModeDetectSession });
+					request.Mode = AuthenticationRequestMode.Immediate;
+					request.RedirectToProvider();
+				} else {
+					if (response.Status == AuthenticationStatus.Authenticated) {
+						this.YouTrustUsLabel.Visible = true;
+					} else if (response.Status == AuthenticationStatus.SetupRequired) {
+						// Google refused to authenticate the user without user interaction.
+						// This is either because Google doesn't know who the user is yet,
+						// or because the user hasn't indicated to Google to trust this site.
+						// Google uniquely offers the RP a tip as to which of the above situations is true.
+						// Figure out which it is.  In a real app, you might use this value to promote a 
+						// Google login button on your site if you detect that a Google session exists.
+						var ext = response.GetUntrustedExtension<UIRequest>();
+						this.YouAreLoggedInLabel.Visible = ext != null && ext.Mode == UIModeDetectSession;
+						this.YouAreNotLoggedInLabel.Visible = !this.YouAreLoggedInLabel.Visible;
+					}
+				}
+			}
+		}
+	}
+}
\ No newline at end of file
diff --git a/samples/OpenIdRelyingPartyWebForms/DetectGoogleSession.aspx.designer.cs b/samples/OpenIdRelyingPartyWebForms/DetectGoogleSession.aspx.designer.cs
new file mode 100644
index 0000000..576c646
--- /dev/null
+++ b/samples/OpenIdRelyingPartyWebForms/DetectGoogleSession.aspx.designer.cs
@@ -0,0 +1,42 @@
+//------------------------------------------------------------------------------
+// <auto-generated>
+//     This code was generated by a tool.
+//
+//     Changes to this file may cause incorrect behavior and will be lost if
+//     the code is regenerated. 
+// </auto-generated>
+//------------------------------------------------------------------------------
+
+namespace OpenIdRelyingPartyWebForms {
+    
+    
+    public partial class DetectGoogleSession {
+        
+        /// <summary>
+        /// YouAreLoggedInLabel control.
+        /// </summary>
+        /// <remarks>
+        /// Auto-generated field.
+        /// To modify move field declaration from designer file to code-behind file.
+        /// </remarks>
+        protected global::System.Web.UI.WebControls.Label YouAreLoggedInLabel;
+        
+        /// <summary>
+        /// YouTrustUsLabel control.
+        /// </summary>
+        /// <remarks>
+        /// Auto-generated field.
+        /// To modify move field declaration from designer file to code-behind file.
+        /// </remarks>
+        protected global::System.Web.UI.WebControls.Label YouTrustUsLabel;
+        
+        /// <summary>
+        /// YouAreNotLoggedInLabel control.
+        /// </summary>
+        /// <remarks>
+        /// Auto-generated field.
+        /// To modify move field declaration from designer file to code-behind file.
+        /// </remarks>
+        protected global::System.Web.UI.WebControls.Label YouAreNotLoggedInLabel;
+    }
+}
diff --git a/samples/OpenIdRelyingPartyWebForms/OpenIdRelyingPartyWebForms.csproj b/samples/OpenIdRelyingPartyWebForms/OpenIdRelyingPartyWebForms.csproj
index 69c3e91..cbcd758 100644
--- a/samples/OpenIdRelyingPartyWebForms/OpenIdRelyingPartyWebForms.csproj
+++ b/samples/OpenIdRelyingPartyWebForms/OpenIdRelyingPartyWebForms.csproj
@@ -74,6 +74,7 @@
   </ItemGroup>
   <ItemGroup>
     <Content Include="Default.aspx" />
+    <Content Include="DetectGoogleSession.aspx" />
     <Content Include="Global.asax" />
     <Content Include="images\openid_login.png" />
     <Content Include="login.aspx" />
@@ -110,6 +111,13 @@
     </Compile>
     <Compile Include="Code\State.cs" />
     <Compile Include="Code\TracePageAppender.cs" />
+    <Compile Include="DetectGoogleSession.aspx.cs">
+      <DependentUpon>DetectGoogleSession.aspx</DependentUpon>
+      <SubType>ASPXCodeBehind</SubType>
+    </Compile>
+    <Compile Include="DetectGoogleSession.aspx.designer.cs">
+      <DependentUpon>DetectGoogleSession.aspx</DependentUpon>
+    </Compile>
     <Compile Include="loginGoogleApps.aspx.cs">
       <DependentUpon>loginGoogleApps.aspx</DependentUpon>
       <SubType>ASPXCodeBehind</SubType>
diff --git a/samples/OpenIdRelyingPartyWebForms/Web.config b/samples/OpenIdRelyingPartyWebForms/Web.config
index 5d3a33b..1f1842b 100644
--- a/samples/OpenIdRelyingPartyWebForms/Web.config
+++ b/samples/OpenIdRelyingPartyWebForms/Web.config
@@ -28,7 +28,12 @@
 	<dotNetOpenAuth>
 		<openid>
 			<relyingParty>
-				<security requireSsl="false" />
+				<security requireSsl="false">
+					<!-- Uncomment the trustedProviders tag if your relying party should only accept positive assertions from a closed set of OpenID Providers. -->
+					<!--<trustedProviders rejectAssertionsFromUntrustedProviders="true">
+						<add endpoint="https://www.google.com/accounts/o8/ud" />
+					</trustedProviders>-->
+				</security>
 				<behaviors>
 					<!-- The following OPTIONAL behavior allows RPs to use SREG only, but be compatible
 					     with OPs that use Attribute Exchange (in various formats). -->