diff options
Diffstat (limited to 'samples/ProviderPortal/Code/Util.cs')
| -rw-r--r-- | samples/ProviderPortal/Code/Util.cs | 25 |
1 files changed, 24 insertions, 1 deletions
diff --git a/samples/ProviderPortal/Code/Util.cs b/samples/ProviderPortal/Code/Util.cs index 982748c..f864972 100644 --- a/samples/ProviderPortal/Code/Util.cs +++ b/samples/ProviderPortal/Code/Util.cs @@ -19,6 +19,29 @@ public class Util { return ExtractUserName(new Uri(identifier.ToString()));
}
public static Identifier BuildIdentityUrl() {
- return new Uri(HttpContext.Current.Request.Url, "/user/" + HttpContext.Current.User.Identity.Name);
+ string username = HttpContext.Current.User.Identity.Name;
+ // be sure to normalize case the way the user's identity page does.
+ username = username.Substring(0, 1).ToUpperInvariant() + username.Substring(1).ToLowerInvariant();
+ return new Uri(HttpContext.Current.Request.Url, "/user/" + username);
+ }
+ internal static void ProcessAuthenticationChallenge(IAuthenticationRequest idrequest) {
+ if (idrequest.Immediate) {
+ if (idrequest.IsDirectedIdentity) {
+ if (HttpContext.Current.User.Identity.IsAuthenticated) {
+ idrequest.LocalIdentifier = Util.BuildIdentityUrl();
+ idrequest.IsAuthenticated = true;
+ } else {
+ idrequest.IsAuthenticated = false;
+ }
+ } else {
+ string userOwningOpenIdUrl = Util.ExtractUserName(idrequest.LocalIdentifier);
+ // NOTE: in a production provider site, you may want to only
+ // respond affirmatively if the user has already authorized this consumer
+ // to know the answer.
+ idrequest.IsAuthenticated = userOwningOpenIdUrl == HttpContext.Current.User.Identity.Name;
+ }
+ } else {
+ HttpContext.Current.Response.Redirect("~/decide.aspx", true);
+ }
}
}
|