diff options
Diffstat (limited to 'samples')
70 files changed, 1655 insertions, 29 deletions
diff --git a/samples/DotNetOpenAuth.ApplicationBlock/TwitterConsumer.cs b/samples/DotNetOpenAuth.ApplicationBlock/TwitterConsumer.cs index ecb7d6c..29973c2 100644 --- a/samples/DotNetOpenAuth.ApplicationBlock/TwitterConsumer.cs +++ b/samples/DotNetOpenAuth.ApplicationBlock/TwitterConsumer.cs @@ -62,13 +62,13 @@ namespace DotNetOpenAuth.ApplicationBlock { } public static XDocument UpdateProfileBackgroundImage(ConsumerBase twitter, string accessToken, string image, bool tile) { - HttpWebRequest request = twitter.PrepareAuthorizedRequest(UpdateProfileBackgroundImageEndpoint, accessToken); - request.ServicePoint.Expect100Continue = false; var parts = new[] { MultipartPostPart.CreateFormFilePart("image", image, "image/" + Path.GetExtension(image).Substring(1).ToLowerInvariant()), MultipartPostPart.CreateFormPart("tile", tile.ToString().ToLowerInvariant()), }; - IncomingWebResponse response = request.PostMultipart(twitter.Channel.WebRequestHandler, parts); + HttpWebRequest request = twitter.PrepareAuthorizedRequest(UpdateProfileBackgroundImageEndpoint, accessToken, parts); + request.ServicePoint.Expect100Continue = false; + IncomingWebResponse response = twitter.Channel.WebRequestHandler.GetResponse(request); string responseString = response.GetResponseReader().ReadToEnd(); return XDocument.Parse(responseString); } @@ -79,11 +79,11 @@ namespace DotNetOpenAuth.ApplicationBlock { } public static XDocument UpdateProfileImage(ConsumerBase twitter, string accessToken, Stream image, string contentType) { - HttpWebRequest request = twitter.PrepareAuthorizedRequest(UpdateProfileImageEndpoint, accessToken); var parts = new[] { MultipartPostPart.CreateFormFilePart("image", "twitterPhoto", contentType, image), }; - IncomingWebResponse response = request.PostMultipart(twitter.Channel.WebRequestHandler, parts); + HttpWebRequest request = twitter.PrepareAuthorizedRequest(UpdateProfileImageEndpoint, accessToken, parts); + IncomingWebResponse response = twitter.Channel.WebRequestHandler.GetResponse(request); string responseString = response.GetResponseReader().ReadToEnd(); return XDocument.Parse(responseString); } diff --git a/samples/InfoCardRelyingParty/Site.Master b/samples/InfoCardRelyingParty/Site.Master index 508f62c..bd3f896 100644 --- a/samples/InfoCardRelyingParty/Site.Master +++ b/samples/InfoCardRelyingParty/Site.Master @@ -20,7 +20,7 @@ </span> <div> <a href="http://dotnetopenauth.net"> - <img runat="server" src="~/images/dotnetopenid_tiny.gif" title="Jump to the project web site." + <img runat="server" src="~/images/DotNetOpenAuth.png" title="Jump to the project web site." alt="DotNetOpenAuth" border='0' /></a> </div> <div> diff --git a/samples/InfoCardRelyingParty/favicon.ico b/samples/InfoCardRelyingParty/favicon.ico Binary files differnew file mode 100644 index 0000000..e227dbe --- /dev/null +++ b/samples/InfoCardRelyingParty/favicon.ico diff --git a/samples/InfoCardRelyingParty/images/DotNetOpenAuth.png b/samples/InfoCardRelyingParty/images/DotNetOpenAuth.png Binary files differnew file mode 100644 index 0000000..442b986 --- /dev/null +++ b/samples/InfoCardRelyingParty/images/DotNetOpenAuth.png diff --git a/samples/InfoCardRelyingParty/images/dotnetopenid_tiny.gif b/samples/InfoCardRelyingParty/images/dotnetopenid_tiny.gif Binary files differdeleted file mode 100644 index c4ed4f5..0000000 --- a/samples/InfoCardRelyingParty/images/dotnetopenid_tiny.gif +++ /dev/null diff --git a/samples/OAuthConsumer/favicon.ico b/samples/OAuthConsumer/favicon.ico Binary files differnew file mode 100644 index 0000000..e227dbe --- /dev/null +++ b/samples/OAuthConsumer/favicon.ico diff --git a/samples/OAuthConsumerWpf/favicon.ico b/samples/OAuthConsumerWpf/favicon.ico Binary files differnew file mode 100644 index 0000000..e227dbe --- /dev/null +++ b/samples/OAuthConsumerWpf/favicon.ico diff --git a/samples/OAuthServiceProvider/favicon.ico b/samples/OAuthServiceProvider/favicon.ico Binary files differnew file mode 100644 index 0000000..e227dbe --- /dev/null +++ b/samples/OAuthServiceProvider/favicon.ico diff --git a/samples/OpenIdOfflineProvider/OpenIdOfflineProvider.csproj b/samples/OpenIdOfflineProvider/OpenIdOfflineProvider.csproj index 43a8093..2860365 100644 --- a/samples/OpenIdOfflineProvider/OpenIdOfflineProvider.csproj +++ b/samples/OpenIdOfflineProvider/OpenIdOfflineProvider.csproj @@ -1,8 +1,12 @@ <?xml version="1.0" encoding="utf-8"?> <Project ToolsVersion="3.5" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003"> <PropertyGroup> + <ProjectRoot Condition="'$(ProjectRoot)' == ''">$(MSBuildProjectDirectory)\..\..\</ProjectRoot> <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration> <Platform Condition=" '$(Platform)' == '' ">AnyCPU</Platform> + </PropertyGroup> + <Import Project="$(ProjectRoot)tools\DotNetOpenAuth.props" /> + <PropertyGroup> <ProductVersion>9.0.30729</ProductVersion> <SchemaVersion>2.0</SchemaVersion> <ProjectGuid>{5C65603B-235F-47E6-B536-06385C60DE7F}</ProjectGuid> @@ -15,13 +19,13 @@ <ProjectTypeGuids>{60dc8134-eba5-43b8-bcc9-bb4bc16c2548};{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}</ProjectTypeGuids> <WarningLevel>4</WarningLevel> <UICulture>en-US</UICulture> + <OutputPath Condition=" '$(OutputPath)' == '' ">bin\$(Configuration)\</OutputPath> <ApplicationIcon>openid.ico</ApplicationIcon> </PropertyGroup> <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' "> <DebugSymbols>true</DebugSymbols> <DebugType>full</DebugType> <Optimize>false</Optimize> - <OutputPath>bin\Debug\</OutputPath> <DefineConstants>DEBUG;TRACE</DefineConstants> <ErrorReport>prompt</ErrorReport> <WarningLevel>4</WarningLevel> @@ -52,14 +56,10 @@ <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Release|AnyCPU' "> <DebugType>pdbonly</DebugType> <Optimize>true</Optimize> - <OutputPath>bin\Release\</OutputPath> <DefineConstants>TRACE</DefineConstants> <ErrorReport>prompt</ErrorReport> <WarningLevel>4</WarningLevel> </PropertyGroup> - <PropertyGroup> - <SignAssembly>true</SignAssembly> - </PropertyGroup> <ItemGroup> <Reference Include="log4net, Version=1.2.10.0, Culture=neutral, PublicKeyToken=1b44e1d426115821, processorArchitecture=MSIL"> <SpecificVersion>False</SpecificVersion> @@ -159,5 +159,5 @@ <Resource Include="openid.ico" /> </ItemGroup> <Import Project="$(MSBuildToolsPath)\Microsoft.CSharp.targets" /> - <Import Project="..\..\tools\DotNetOpenAuth.Versioning.targets" /> + <Import Project="$(ProjectRoot)tools\DotNetOpenAuth.targets" /> </Project> diff --git a/samples/OpenIdOfflineProvider/openid.ico b/samples/OpenIdOfflineProvider/openid.ico Binary files differindex 651aeba..e227dbe 100644 --- a/samples/OpenIdOfflineProvider/openid.ico +++ b/samples/OpenIdOfflineProvider/openid.ico diff --git a/samples/OpenIdProviderMvc/OpenIdProviderMvc.csproj b/samples/OpenIdProviderMvc/OpenIdProviderMvc.csproj index 0c01c64..512ab71 100644 --- a/samples/OpenIdProviderMvc/OpenIdProviderMvc.csproj +++ b/samples/OpenIdProviderMvc/OpenIdProviderMvc.csproj @@ -88,6 +88,7 @@ <ItemGroup> <Content Include="App_Data\Users.xml" /> <Content Include="Default.aspx" /> + <Content Include="favicon.ico" /> <Content Include="Global.asax" /> <Content Include="Views\Account\ChangePassword.aspx" /> <Content Include="Views\Account\ChangePasswordSuccess.aspx" /> diff --git a/samples/OpenIdProviderMvc/Web.config b/samples/OpenIdProviderMvc/Web.config index 93dbf58..fcca524 100644 --- a/samples/OpenIdProviderMvc/Web.config +++ b/samples/OpenIdProviderMvc/Web.config @@ -192,5 +192,13 @@ <runtime> <legacyHMACWarning enabled="0" /> + + <!-- If you target ASP.NET MVC 2, uncomment this so that MVC 1 components such as DotNetOpenAuth will work with it. + <assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1"> + <dependentAssembly> + <assemblyIdentity name="System.Web.Mvc" publicKeyToken="31bf3856ad364e35" /> + <bindingRedirect oldVersion="1.0.0.0" newVersion="2.0.0.0" /> + </dependentAssembly> + </assemblyBinding>--> </runtime> </configuration> diff --git a/samples/OpenIdProviderMvc/favicon.ico b/samples/OpenIdProviderMvc/favicon.ico Binary files differnew file mode 100644 index 0000000..e227dbe --- /dev/null +++ b/samples/OpenIdProviderMvc/favicon.ico diff --git a/samples/OpenIdProviderWebForms/OpenIdProviderWebForms.csproj b/samples/OpenIdProviderWebForms/OpenIdProviderWebForms.csproj index ffb0f2f..8e8fd6e 100644 --- a/samples/OpenIdProviderWebForms/OpenIdProviderWebForms.csproj +++ b/samples/OpenIdProviderWebForms/OpenIdProviderWebForms.csproj @@ -159,7 +159,6 @@ </ItemGroup> <ItemGroup> <Content Include="favicon.ico" /> - <Content Include="images\dotnetopenid_tiny.gif" /> <Content Include="Site.Master" /> <Content Include="styles.css" /> <Content Include="TracePage.aspx" /> @@ -177,6 +176,7 @@ <None Include="Code\CustomStoreDataSet.xss"> <DependentUpon>CustomStoreDataSet.xsd</DependentUpon> </None> + <Content Include="images\DotNetOpenAuth.png" /> <Content Include="Provider.ashx" /> </ItemGroup> <ItemGroup> diff --git a/samples/OpenIdProviderWebForms/Site.Master b/samples/OpenIdProviderWebForms/Site.Master index 4df9e0a..bc4f933 100644 --- a/samples/OpenIdProviderWebForms/Site.Master +++ b/samples/OpenIdProviderWebForms/Site.Master @@ -10,7 +10,7 @@ <body> <form id="form1" runat="server"> <div><a href="http://dotnetopenauth.net"> - <img runat="server" src="~/images/dotnetopenid_tiny.gif" title="Jump to the project web site." + <img runat="server" src="~/images/DotNetOpenAuth.png" title="Jump to the project web site." alt="DotNetOpenAuth" border='0' /></a> </div> <div> <asp:ContentPlaceHolder ID="Main" runat="server" /> diff --git a/samples/OpenIdProviderWebForms/Web.config b/samples/OpenIdProviderWebForms/Web.config index 94abc6e..a978dc7 100644 --- a/samples/OpenIdProviderWebForms/Web.config +++ b/samples/OpenIdProviderWebForms/Web.config @@ -85,14 +85,14 @@ </providers> </membership> <authentication mode="Forms"> - <forms name="ProviderSession"/> <!-- named cookie prevents conflicts with other samples --> + <forms name="OpenIdProviderWebForms"/> </authentication> <customErrors mode="RemoteOnly"/> <!-- Trust level discussion: - Full: everything works + Full: everything works (this is required for Google Apps for Domains support) High: TRACE compilation symbol must NOT be defined - Medium: doesn't work unless originUrl=".*" or WebPermission.Connect is extended. + Medium: doesn't work unless originUrl=".*" or WebPermission.Connect is extended, and Google Apps doesn't work. Low: doesn't work because WebPermission.Connect is denied. --> <trust level="Medium" originUrl=".*"/> diff --git a/samples/OpenIdProviderWebForms/favicon.ico b/samples/OpenIdProviderWebForms/favicon.ico Binary files differindex beb3cb5..e227dbe 100644 --- a/samples/OpenIdProviderWebForms/favicon.ico +++ b/samples/OpenIdProviderWebForms/favicon.ico diff --git a/samples/OpenIdProviderWebForms/images/DotNetOpenAuth.png b/samples/OpenIdProviderWebForms/images/DotNetOpenAuth.png Binary files differnew file mode 100644 index 0000000..442b986 --- /dev/null +++ b/samples/OpenIdProviderWebForms/images/DotNetOpenAuth.png diff --git a/samples/OpenIdProviderWebForms/images/dotnetopenid_tiny.gif b/samples/OpenIdProviderWebForms/images/dotnetopenid_tiny.gif Binary files differdeleted file mode 100644 index c4ed4f5..0000000 --- a/samples/OpenIdProviderWebForms/images/dotnetopenid_tiny.gif +++ /dev/null diff --git a/samples/OpenIdRelyingPartyClassicAsp/MembersOnly.asp b/samples/OpenIdRelyingPartyClassicAsp/MembersOnly.asp index da6c18b..9f5917e 100644 --- a/samples/OpenIdRelyingPartyClassicAsp/MembersOnly.asp +++ b/samples/OpenIdRelyingPartyClassicAsp/MembersOnly.asp @@ -12,7 +12,7 @@ End If <body> <div> <a href="http://dotnetopenauth.net"> - <img runat="server" src="images/DotNetOpenId_tiny.gif" title="Jump to the project web site." + <img runat="server" src="images/DotNetOpenAuth.png" title="Jump to the project web site." alt="DotNetOpenAuth" border='0' /></a> </div> <h2> diff --git a/samples/OpenIdRelyingPartyClassicAsp/default.asp b/samples/OpenIdRelyingPartyClassicAsp/default.asp index f4d1d1d..cc2bd57 100644 --- a/samples/OpenIdRelyingPartyClassicAsp/default.asp +++ b/samples/OpenIdRelyingPartyClassicAsp/default.asp @@ -7,7 +7,7 @@ <body> <div> <a href="http://dotnetopenauth.net"> - <img runat="server" src="images/DotNetOpenId_tiny.gif" title="Jump to the project web site." + <img runat="server" src="images/DotNetOpenAuth.png" title="Jump to the project web site." alt="DotNetOpenAuth" border='0' /></a> </div> <h2>Classic ASP OpenID Relying Party</h2> diff --git a/samples/OpenIdRelyingPartyClassicAsp/favicon.ico b/samples/OpenIdRelyingPartyClassicAsp/favicon.ico Binary files differnew file mode 100644 index 0000000..e227dbe --- /dev/null +++ b/samples/OpenIdRelyingPartyClassicAsp/favicon.ico diff --git a/samples/OpenIdRelyingPartyClassicAsp/images/DotNetOpenAuth.png b/samples/OpenIdRelyingPartyClassicAsp/images/DotNetOpenAuth.png Binary files differnew file mode 100644 index 0000000..442b986 --- /dev/null +++ b/samples/OpenIdRelyingPartyClassicAsp/images/DotNetOpenAuth.png diff --git a/samples/OpenIdRelyingPartyClassicAsp/images/dotnetopenid_tiny.gif b/samples/OpenIdRelyingPartyClassicAsp/images/dotnetopenid_tiny.gif Binary files differdeleted file mode 100644 index c4ed4f5..0000000 --- a/samples/OpenIdRelyingPartyClassicAsp/images/dotnetopenid_tiny.gif +++ /dev/null diff --git a/samples/OpenIdRelyingPartyClassicAsp/login.asp b/samples/OpenIdRelyingPartyClassicAsp/login.asp index 449af3e..18c4d4f 100644 --- a/samples/OpenIdRelyingPartyClassicAsp/login.asp +++ b/samples/OpenIdRelyingPartyClassicAsp/login.asp @@ -7,7 +7,7 @@ <body> <div> <a href="http://dotnetopenauth.net"> - <img runat="server" src="images/DotNetOpenId_tiny.gif" title="Jump to the project web site." + <img runat="server" src="images/DotNetOpenAuth.png" title="Jump to the project web site." alt="DotNetOpenAuth" border='0' /></a> </div> <h2>Login Page</h2> diff --git a/samples/OpenIdRelyingPartyMvc/OpenIdRelyingPartyMvc.csproj b/samples/OpenIdRelyingPartyMvc/OpenIdRelyingPartyMvc.csproj index a6fab7c..26322bb 100644 --- a/samples/OpenIdRelyingPartyMvc/OpenIdRelyingPartyMvc.csproj +++ b/samples/OpenIdRelyingPartyMvc/OpenIdRelyingPartyMvc.csproj @@ -116,6 +116,7 @@ <Content Include="Content\theme\ui.tabs.css" /> <Content Include="Content\theme\ui.theme.css" /> <Content Include="Default.aspx" /> + <Content Include="favicon.ico" /> <Content Include="Global.asax" /> <Content Include="Views\User\Index.aspx" /> <Content Include="Views\User\Login.aspx" /> diff --git a/samples/OpenIdRelyingPartyMvc/Web.config b/samples/OpenIdRelyingPartyMvc/Web.config index 315eaa9..f23c5d7 100644 --- a/samples/OpenIdRelyingPartyMvc/Web.config +++ b/samples/OpenIdRelyingPartyMvc/Web.config @@ -169,5 +169,13 @@ <runtime> <legacyHMACWarning enabled="0" /> + + <!-- If you target ASP.NET MVC 2, uncomment this so that MVC 1 components such as DotNetOpenAuth will work with it. + <assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1"> + <dependentAssembly> + <assemblyIdentity name="System.Web.Mvc" publicKeyToken="31bf3856ad364e35" /> + <bindingRedirect oldVersion="1.0.0.0" newVersion="2.0.0.0" /> + </dependentAssembly> + </assemblyBinding>--> </runtime> </configuration> diff --git a/samples/OpenIdRelyingPartyMvc/favicon.ico b/samples/OpenIdRelyingPartyMvc/favicon.ico Binary files differnew file mode 100644 index 0000000..e227dbe --- /dev/null +++ b/samples/OpenIdRelyingPartyMvc/favicon.ico diff --git a/samples/OpenIdRelyingPartyWebForms/OpenIdRelyingPartyWebForms.csproj b/samples/OpenIdRelyingPartyWebForms/OpenIdRelyingPartyWebForms.csproj index 6f5df5c..d2548cf 100644 --- a/samples/OpenIdRelyingPartyWebForms/OpenIdRelyingPartyWebForms.csproj +++ b/samples/OpenIdRelyingPartyWebForms/OpenIdRelyingPartyWebForms.csproj @@ -101,6 +101,13 @@ <Compile Include="Code\InMemoryTokenManager.cs" /> <Compile Include="Code\State.cs" /> <Compile Include="Code\TracePageAppender.cs" /> + <Compile Include="loginGoogleApps.aspx.cs"> + <DependentUpon>loginGoogleApps.aspx</DependentUpon> + <SubType>ASPXCodeBehind</SubType> + </Compile> + <Compile Include="loginGoogleApps.aspx.designer.cs"> + <DependentUpon>loginGoogleApps.aspx</DependentUpon> + </Compile> <Compile Include="loginPlusOAuthSampleOP.aspx.cs"> <DependentUpon>loginPlusOAuthSampleOP.aspx</DependentUpon> <SubType>ASPXCodeBehind</SubType> @@ -176,9 +183,11 @@ <Content Include="xrds.aspx" /> </ItemGroup> <ItemGroup> + <Content Include="favicon.ico" /> + <Content Include="images\DotNetOpenAuth.png" /> + <Content Include="loginGoogleApps.aspx" /> <Content Include="loginPlusOAuthSampleOP.aspx" /> <Content Include="images\attention.png" /> - <Content Include="images\dotnetopenid_tiny.gif" /> <Content Include="images\openid_login.gif" /> <Content Include="images\yahoo.png" /> <Content Include="loginPlusOAuth.aspx" /> diff --git a/samples/OpenIdRelyingPartyWebForms/Site.Master b/samples/OpenIdRelyingPartyWebForms/Site.Master index cf8c507..c4f3dda 100644 --- a/samples/OpenIdRelyingPartyWebForms/Site.Master +++ b/samples/OpenIdRelyingPartyWebForms/Site.Master @@ -28,7 +28,7 @@ </span> <div> <a href="http://dotnetopenauth.net"> - <img runat="server" src="~/images/dotnetopenid_tiny.gif" title="Jump to the project web site." + <img runat="server" src="~/images/DotNetOpenAuth.png" title="Jump to the project web site." alt="DotNetOpenAuth" border='0' /></a> </div> <div> diff --git a/samples/OpenIdRelyingPartyWebForms/Web.config b/samples/OpenIdRelyingPartyWebForms/Web.config index 936a632..b0aa965 100644 --- a/samples/OpenIdRelyingPartyWebForms/Web.config +++ b/samples/OpenIdRelyingPartyWebForms/Web.config @@ -68,9 +68,9 @@ </authentication> <trace enabled="false" writeToDiagnosticsTrace="true" /> <!-- Trust level discussion: - Full: everything works + Full: everything works (this is required for Google Apps for Domains support) High: TRACE compilation symbol must NOT be defined - Medium: doesn't work unless originUrl=".*" or WebPermission.Connect is extended. + Medium: doesn't work unless originUrl=".*" or WebPermission.Connect is extended, and Google Apps doesn't work. Low: doesn't work because WebPermission.Connect is denied. --> <trust level="Medium" originUrl=".*"/> diff --git a/samples/OpenIdRelyingPartyWebForms/favicon.ico b/samples/OpenIdRelyingPartyWebForms/favicon.ico Binary files differnew file mode 100644 index 0000000..e227dbe --- /dev/null +++ b/samples/OpenIdRelyingPartyWebForms/favicon.ico diff --git a/samples/OpenIdRelyingPartyWebForms/images/DotNetOpenAuth.png b/samples/OpenIdRelyingPartyWebForms/images/DotNetOpenAuth.png Binary files differnew file mode 100644 index 0000000..442b986 --- /dev/null +++ b/samples/OpenIdRelyingPartyWebForms/images/DotNetOpenAuth.png diff --git a/samples/OpenIdRelyingPartyWebForms/images/dotnetopenid_tiny.gif b/samples/OpenIdRelyingPartyWebForms/images/dotnetopenid_tiny.gif Binary files differdeleted file mode 100644 index c4ed4f5..0000000 --- a/samples/OpenIdRelyingPartyWebForms/images/dotnetopenid_tiny.gif +++ /dev/null diff --git a/samples/OpenIdRelyingPartyWebForms/login.aspx b/samples/OpenIdRelyingPartyWebForms/login.aspx index d0cdb1a..efa2052 100644 --- a/samples/OpenIdRelyingPartyWebForms/login.aspx +++ b/samples/OpenIdRelyingPartyWebForms/login.aspx @@ -21,6 +21,7 @@ </asp:CheckBoxList> <p>Try the PPID identifier functionality against the OpenIDProviderMvc sample.</p> </fieldset> + <p><a href="loginGoogleApps.aspx">Log in using Google Apps for Domains</a>. </p> <p> <rp:OpenIdButton runat="server" ImageUrl="~/images/yahoo.png" Text="Login with Yahoo!" ID="yahooLoginButton" Identifier="https://me.yahoo.com/" OnLoggingIn="OpenIdLogin1_LoggingIn" OnLoggedIn="OpenIdLogin1_LoggedIn" /> diff --git a/samples/OpenIdRelyingPartyWebForms/loginGoogleApps.aspx b/samples/OpenIdRelyingPartyWebForms/loginGoogleApps.aspx new file mode 100644 index 0000000..3f3860e --- /dev/null +++ b/samples/OpenIdRelyingPartyWebForms/loginGoogleApps.aspx @@ -0,0 +1,16 @@ +<%@ Page Language="C#" AutoEventWireup="True" CodeBehind="loginGoogleApps.aspx.cs" + Inherits="OpenIdRelyingPartyWebForms.loginGoogleApps" ValidateRequest="false" + MasterPageFile="~/Site.Master" %> + +<%@ Register Assembly="DotNetOpenAuth" Namespace="DotNetOpenAuth.OpenId.RelyingParty" + TagPrefix="rp" %> +<asp:Content ID="Content1" runat="server" ContentPlaceHolderID="Main"> + <rp:OpenIdLogin ID="OpenIdLogin1" runat="server" ExampleUrl="yourname@yourdomain.com" + TabIndex="1" LabelText="Google Apps email address or domain:" + RegisterVisible="False" onloggedin="OpenIdLogin1_LoggedIn" /> + <asp:Panel runat="server" ID="fullTrustRequired" EnableViewState="false"> + <b>STOP:</b> Full trust permissions are required for Google Apps support + due to certificate chain verification requirements. + Modify web.config to allow full trust before trying this sample. + </asp:Panel> +</asp:Content> diff --git a/samples/OpenIdRelyingPartyWebForms/loginGoogleApps.aspx.cs b/samples/OpenIdRelyingPartyWebForms/loginGoogleApps.aspx.cs new file mode 100644 index 0000000..8c84b40 --- /dev/null +++ b/samples/OpenIdRelyingPartyWebForms/loginGoogleApps.aspx.cs @@ -0,0 +1,51 @@ +namespace OpenIdRelyingPartyWebForms { + using System; + using System.Collections.Generic; + using System.Linq; + using System.Security; + using System.Security.Permissions; + using System.Web; + using System.Web.UI; + using System.Web.UI.WebControls; + using DotNetOpenAuth.OpenId; + using DotNetOpenAuth.OpenId.RelyingParty; + + public partial class loginGoogleApps : System.Web.UI.Page { + private static readonly HostMetaDiscoveryService GoogleAppsDiscovery = new HostMetaDiscoveryService { + UseGoogleHostedHostMeta = true, + }; + + private static readonly OpenIdRelyingParty relyingParty; + + static loginGoogleApps() { + relyingParty = new OpenIdRelyingParty(); + + // We don't necessarily HAVE to clear the other discovery services, but + // because host-meta discovery (particularly with Google) can cause ambiguity + // in knowing which discovered endpoints are authoritative. Because of the + // extra security concerns it's a good idea to have a separate box + relyingParty.DiscoveryServices.Clear(); + relyingParty.DiscoveryServices.Insert(0, GoogleAppsDiscovery); // it should be first if we don't clear the other discovery services + } + + protected void Page_Load(object sender, EventArgs e) { + this.OpenIdLogin1.RelyingParty = relyingParty; + this.OpenIdLogin1.Focus(); + + this.fullTrustRequired.Visible = IsPartiallyTrusted(); + } + + protected void OpenIdLogin1_LoggedIn(object sender, OpenIdEventArgs e) { + State.FriendlyLoginName = e.Response.FriendlyIdentifierForDisplay; + } + + private static bool IsPartiallyTrusted() { + try { + new SecurityPermission(PermissionState.Unrestricted).Demand(); + return false; + } catch (SecurityException) { + return true; + } + } + } +} diff --git a/samples/OpenIdRelyingPartyWebForms/loginGoogleApps.aspx.designer.cs b/samples/OpenIdRelyingPartyWebForms/loginGoogleApps.aspx.designer.cs new file mode 100644 index 0000000..e927f65 --- /dev/null +++ b/samples/OpenIdRelyingPartyWebForms/loginGoogleApps.aspx.designer.cs @@ -0,0 +1,34 @@ +//------------------------------------------------------------------------------ +// <auto-generated> +// This code was generated by a tool. +// Runtime Version:2.0.50727.4927 +// +// Changes to this file may cause incorrect behavior and will be lost if +// the code is regenerated. +// </auto-generated> +//------------------------------------------------------------------------------ + +namespace OpenIdRelyingPartyWebForms { + + + public partial class loginGoogleApps { + + /// <summary> + /// OpenIdLogin1 control. + /// </summary> + /// <remarks> + /// Auto-generated field. + /// To modify move field declaration from designer file to code-behind file. + /// </remarks> + protected global::DotNetOpenAuth.OpenId.RelyingParty.OpenIdLogin OpenIdLogin1; + + /// <summary> + /// fullTrustRequired control. + /// </summary> + /// <remarks> + /// Auto-generated field. + /// To modify move field declaration from designer file to code-behind file. + /// </remarks> + protected global::System.Web.UI.WebControls.Panel fullTrustRequired; + } +} diff --git a/samples/OpenIdRelyingPartyWebForms/xrds.aspx b/samples/OpenIdRelyingPartyWebForms/xrds.aspx index 92983fd..55b5e35 100644 --- a/samples/OpenIdRelyingPartyWebForms/xrds.aspx +++ b/samples/OpenIdRelyingPartyWebForms/xrds.aspx @@ -23,7 +23,7 @@ is default.aspx. </Service> <Service> <Type>http://specs.openid.net/extensions/ui/icon</Type> - <URI><%=new Uri(Request.Url, Response.ApplyAppPathModifier("~/images/dotnetopenid_tiny.gif"))%></URI> + <URI><%=new Uri(Request.Url, Response.ApplyAppPathModifier("~/images/DotNetOpenAuth.png"))%></URI> </Service> </XRD> </xrds:XRDS> diff --git a/samples/OpenIdWebRingSsoProvider/Code/Util.cs b/samples/OpenIdWebRingSsoProvider/Code/Util.cs new file mode 100644 index 0000000..07064a2 --- /dev/null +++ b/samples/OpenIdWebRingSsoProvider/Code/Util.cs @@ -0,0 +1,87 @@ +//----------------------------------------------------------------------- +// <copyright file="Util.cs" company="Andrew Arnott"> +// Copyright (c) Andrew Arnott. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- + +namespace OpenIdWebRingSsoProvider.Code { + using System; + using System.Configuration; + using System.Web; + using DotNetOpenAuth.OpenId; + using DotNetOpenAuth.OpenId.Extensions.AttributeExchange; + using DotNetOpenAuth.OpenId.Provider; + + public class Util { + private const string RolesAttribute = "http://samples.dotnetopenauth.net/sso/roles"; + + public static string ExtractUserName(Uri url) { + return url.Segments[url.Segments.Length - 1]; + } + + public static string ExtractUserName(Identifier identifier) { + return ExtractUserName(new Uri(identifier.ToString())); + } + + public static Identifier BuildIdentityUrl() { + string username = HttpContext.Current.User.Identity.Name; + int slash = username.IndexOf('\\'); + if (slash >= 0) { + username = username.Substring(slash + 1); + } + return BuildIdentityUrl(username); + } + + public static Identifier BuildIdentityUrl(string username) { + // This sample Provider has a custom policy for normalizing URIs, which is that the whole + // path of the URI be lowercase except for the first letter of the username. + username = username.Substring(0, 1).ToUpperInvariant() + username.Substring(1).ToLowerInvariant(); + return new Uri(HttpContext.Current.Request.Url, HttpContext.Current.Response.ApplyAppPathModifier("~/user.aspx/" + username)); + } + + internal static void ProcessAuthenticationChallenge(IAuthenticationRequest idrequest) { + // Verify that RP discovery is successful. + if (idrequest.IsReturnUrlDiscoverable(ProviderEndpoint.Provider) != RelyingPartyDiscoveryResult.Success) { + idrequest.IsAuthenticated = false; + return; + } + + // Verify that the RP is on the whitelist. Realms are case sensitive. + string[] whitelist = ConfigurationManager.AppSettings["whitelistedRealms"].Split(';'); + if (Array.IndexOf(whitelist, idrequest.Realm.ToString()) < 0) { + idrequest.IsAuthenticated = false; + return; + } + + if (idrequest.IsDirectedIdentity) { + if (HttpContext.Current.User.Identity.IsAuthenticated) { + idrequest.LocalIdentifier = Util.BuildIdentityUrl(); + idrequest.IsAuthenticated = true; + } else { + idrequest.IsAuthenticated = false; + } + } else { + string userOwningOpenIdUrl = Util.ExtractUserName(idrequest.LocalIdentifier); + + // NOTE: in a production provider site, you may want to only + // respond affirmatively if the user has already authorized this consumer + // to know the answer. + idrequest.IsAuthenticated = userOwningOpenIdUrl == HttpContext.Current.User.Identity.Name; + } + + if (idrequest.IsAuthenticated.Value) { + // add extension responses here. + var fetchRequest = idrequest.GetExtension<FetchRequest>(); + if (fetchRequest != null) { + var fetchResponse = new FetchResponse(); + if (fetchRequest.Attributes.Contains(RolesAttribute)) { + // Inform the RP what roles this user should fill + // These roles would normally come out of the user database. + fetchResponse.Attributes.Add(RolesAttribute, "Member", "Admin"); + } + idrequest.AddResponseExtension(fetchResponse); + } + } + } + } +}
\ No newline at end of file diff --git a/samples/OpenIdWebRingSsoProvider/Default.aspx b/samples/OpenIdWebRingSsoProvider/Default.aspx new file mode 100644 index 0000000..9bddc98 --- /dev/null +++ b/samples/OpenIdWebRingSsoProvider/Default.aspx @@ -0,0 +1,25 @@ +<%@ Page Language="C#" AutoEventWireup="true" CodeBehind="Default.aspx.cs" Inherits="OpenIdWebRingSsoProvider._Default" %> + +<%@ Register Assembly="DotNetOpenAuth" Namespace="DotNetOpenAuth" TagPrefix="openid" %> +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> +<html xmlns="http://www.w3.org/1999/xhtml"> +<head runat="server"> + <title></title> + <openid:XrdsPublisher ID="XrdsPublisher1" runat="server" XrdsUrl="~/op_xrds.aspx" /> +</head> +<body> + <form id="form1" runat="server"> + <p> + This sample is of an OpenID Provider that acts within a controlled set of web + sites (perhaps all belonging to the same organization). It authenticates + the user in its own way (Windows Auth, username/password, InfoCard, X.509, + anything), and then sends an automatically OpenID assertion to a limited set of + whitelisted RPs without prompting the user. + </p> + <p> + This particular sample uses Windows Authentication so that when the user visits + an RP and the RP sends the user to this OP for authentication, the process is + completely implicit -- the user never sees the OP.</p> + </form> +</body> +</html> diff --git a/samples/OpenIdWebRingSsoProvider/Default.aspx.cs b/samples/OpenIdWebRingSsoProvider/Default.aspx.cs new file mode 100644 index 0000000..1f64fea --- /dev/null +++ b/samples/OpenIdWebRingSsoProvider/Default.aspx.cs @@ -0,0 +1,13 @@ +namespace OpenIdWebRingSsoProvider { + using System; + using System.Collections.Generic; + using System.Linq; + using System.Web; + using System.Web.UI; + using System.Web.UI.WebControls; + + public partial class _Default : System.Web.UI.Page { + protected void Page_Load(object sender, EventArgs e) { + } + } +} diff --git a/samples/OpenIdWebRingSsoProvider/Default.aspx.designer.cs b/samples/OpenIdWebRingSsoProvider/Default.aspx.designer.cs new file mode 100644 index 0000000..b2f84f7 --- /dev/null +++ b/samples/OpenIdWebRingSsoProvider/Default.aspx.designer.cs @@ -0,0 +1,34 @@ +//------------------------------------------------------------------------------ +// <auto-generated> +// This code was generated by a tool. +// Runtime Version:2.0.50727.4927 +// +// Changes to this file may cause incorrect behavior and will be lost if +// the code is regenerated. +// </auto-generated> +//------------------------------------------------------------------------------ + +namespace OpenIdWebRingSsoProvider { + + + public partial class _Default { + + /// <summary> + /// XrdsPublisher1 control. + /// </summary> + /// <remarks> + /// Auto-generated field. + /// To modify move field declaration from designer file to code-behind file. + /// </remarks> + protected global::DotNetOpenAuth.XrdsPublisher XrdsPublisher1; + + /// <summary> + /// form1 control. + /// </summary> + /// <remarks> + /// Auto-generated field. + /// To modify move field declaration from designer file to code-behind file. + /// </remarks> + protected global::System.Web.UI.HtmlControls.HtmlForm form1; + } +} diff --git a/samples/OpenIdWebRingSsoProvider/OpenIdWebRingSsoProvider.csproj b/samples/OpenIdWebRingSsoProvider/OpenIdWebRingSsoProvider.csproj new file mode 100644 index 0000000..29963c4 --- /dev/null +++ b/samples/OpenIdWebRingSsoProvider/OpenIdWebRingSsoProvider.csproj @@ -0,0 +1,125 @@ +<Project ToolsVersion="3.5" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003"> + <PropertyGroup> + <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration> + <Platform Condition=" '$(Platform)' == '' ">AnyCPU</Platform> + <ProductVersion>9.0.30729</ProductVersion> + <SchemaVersion>2.0</SchemaVersion> + <ProjectGuid>{0B4EB2A8-283D-48FB-BCD0-85B8DFFE05E4}</ProjectGuid> + <ProjectTypeGuids>{349c5851-65df-11da-9384-00065b846f21};{fae04ec0-301f-11d3-bf4b-00c04f79efbc}</ProjectTypeGuids> + <OutputType>Library</OutputType> + <AppDesignerFolder>Properties</AppDesignerFolder> + <RootNamespace>OpenIdWebRingSsoProvider</RootNamespace> + <AssemblyName>OpenIdWebRingSsoProvider</AssemblyName> + <TargetFrameworkVersion>v3.5</TargetFrameworkVersion> + </PropertyGroup> + <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' "> + <DebugSymbols>true</DebugSymbols> + <DebugType>full</DebugType> + <Optimize>false</Optimize> + <OutputPath>bin\</OutputPath> + <DefineConstants>DEBUG;TRACE</DefineConstants> + <ErrorReport>prompt</ErrorReport> + <WarningLevel>4</WarningLevel> + </PropertyGroup> + <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Release|AnyCPU' "> + <DebugType>pdbonly</DebugType> + <Optimize>true</Optimize> + <OutputPath>bin\</OutputPath> + <DefineConstants>TRACE</DefineConstants> + <ErrorReport>prompt</ErrorReport> + <WarningLevel>4</WarningLevel> + </PropertyGroup> + <ItemGroup> + <Reference Include="System" /> + <Reference Include="System.Data" /> + <Reference Include="System.Core"> + <RequiredTargetFramework>3.5</RequiredTargetFramework> + </Reference> + <Reference Include="System.Data.DataSetExtensions"> + <RequiredTargetFramework>3.5</RequiredTargetFramework> + </Reference> + <Reference Include="System.Web.Extensions"> + <RequiredTargetFramework>3.5</RequiredTargetFramework> + </Reference> + <Reference Include="System.Xml.Linq"> + <RequiredTargetFramework>3.5</RequiredTargetFramework> + </Reference> + <Reference Include="System.Drawing" /> + <Reference Include="System.Web" /> + <Reference Include="System.Xml" /> + <Reference Include="System.Configuration" /> + <Reference Include="System.Web.Services" /> + <Reference Include="System.EnterpriseServices" /> + <Reference Include="System.Web.Mobile" /> + </ItemGroup> + <ItemGroup> + <Content Include="Default.aspx" /> + <Content Include="op_xrds.aspx" /> + <Content Include="Server.aspx" /> + <Content Include="user.aspx" /> + <Content Include="user_xrds.aspx" /> + <Content Include="Web.config" /> + </ItemGroup> + <ItemGroup> + <Compile Include="Code\Util.cs" /> + <Compile Include="Default.aspx.cs"> + <SubType>ASPXCodeBehind</SubType> + <DependentUpon>Default.aspx</DependentUpon> + </Compile> + <Compile Include="Default.aspx.designer.cs"> + <DependentUpon>Default.aspx</DependentUpon> + </Compile> + <Compile Include="Properties\AssemblyInfo.cs" /> + <Compile Include="Server.aspx.cs"> + <DependentUpon>Server.aspx</DependentUpon> + <SubType>ASPXCodeBehind</SubType> + </Compile> + <Compile Include="Server.aspx.designer.cs"> + <DependentUpon>Server.aspx</DependentUpon> + </Compile> + <Compile Include="user.aspx.cs"> + <DependentUpon>user.aspx</DependentUpon> + <SubType>ASPXCodeBehind</SubType> + </Compile> + <Compile Include="user.aspx.designer.cs"> + <DependentUpon>user.aspx</DependentUpon> + </Compile> + </ItemGroup> + <ItemGroup> + <ProjectReference Include="..\..\src\DotNetOpenAuth\DotNetOpenAuth.csproj"> + <Project>{3191B653-F76D-4C1A-9A5A-347BC3AAAAB7}</Project> + <Name>DotNetOpenAuth</Name> + </ProjectReference> + </ItemGroup> + <ItemGroup> + <Folder Include="App_Data\" /> + </ItemGroup> + <Import Project="$(MSBuildBinPath)\Microsoft.CSharp.targets" /> + <Import Project="$(MSBuildExtensionsPath)\Microsoft\VisualStudio\v9.0\WebApplications\Microsoft.WebApplication.targets" /> + <!-- To modify your build process, add your task inside one of the targets below and uncomment it. + Other similar extension points exist, see Microsoft.Common.targets. + <Target Name="BeforeBuild"> + </Target> + <Target Name="AfterBuild"> + </Target> + --> + <ProjectExtensions> + <VisualStudio> + <FlavorProperties GUID="{349c5851-65df-11da-9384-00065b846f21}"> + <WebProjectProperties> + <UseIIS>False</UseIIS> + <AutoAssignPort>False</AutoAssignPort> + <DevelopmentServerPort>39167</DevelopmentServerPort> + <DevelopmentServerVPath>/</DevelopmentServerVPath> + <IISUrl> + </IISUrl> + <NTLMAuthentication>False</NTLMAuthentication> + <UseCustomServer>False</UseCustomServer> + <CustomServerUrl> + </CustomServerUrl> + <SaveServerSettingsInUserFile>False</SaveServerSettingsInUserFile> + </WebProjectProperties> + </FlavorProperties> + </VisualStudio> + </ProjectExtensions> +</Project>
\ No newline at end of file diff --git a/samples/OpenIdWebRingSsoProvider/Properties/AssemblyInfo.cs b/samples/OpenIdWebRingSsoProvider/Properties/AssemblyInfo.cs new file mode 100644 index 0000000..41e7441 --- /dev/null +++ b/samples/OpenIdWebRingSsoProvider/Properties/AssemblyInfo.cs @@ -0,0 +1,35 @@ +using System.Reflection; +using System.Runtime.CompilerServices; +using System.Runtime.InteropServices; + +// General Information about an assembly is controlled through the following +// set of attributes. Change these attribute values to modify the information +// associated with an assembly. +[assembly: AssemblyTitle("OpenIdWebRingSsoProvider")] +[assembly: AssemblyDescription("")] +[assembly: AssemblyConfiguration("")] +[assembly: AssemblyCompany("Microsoft IT")] +[assembly: AssemblyProduct("OpenIdWebRingSsoProvider")] +[assembly: AssemblyCopyright("Copyright © Microsoft IT 2009")] +[assembly: AssemblyTrademark("")] +[assembly: AssemblyCulture("")] + +// Setting ComVisible to false makes the types in this assembly not visible +// to COM components. If you need to access a type in this assembly from +// COM, set the ComVisible attribute to true on that type. +[assembly: ComVisible(false)] + +// The following GUID is for the ID of the typelib if this project is exposed to COM +[assembly: Guid("3d5900ae-111a-45be-96b3-d9e4606ca793")] + +// Version information for an assembly consists of the following four values: +// +// Major Version +// Minor Version +// Build Number +// Revision +// +// You can specify all the values or you can default the Revision and Build Numbers +// by using the '*' as shown below: +[assembly: AssemblyVersion("1.0.0.0")] +[assembly: AssemblyFileVersion("1.0.0.0")] diff --git a/samples/OpenIdWebRingSsoProvider/Server.aspx b/samples/OpenIdWebRingSsoProvider/Server.aspx new file mode 100644 index 0000000..0665320 --- /dev/null +++ b/samples/OpenIdWebRingSsoProvider/Server.aspx @@ -0,0 +1,17 @@ +<%@ Page Language="C#" AutoEventWireup="true" CodeBehind="Server.aspx.cs" Inherits="OpenIdWebRingSsoProvider.Server" %> + +<%@ Register Assembly="DotNetOpenAuth" Namespace="DotNetOpenAuth.OpenId.Provider" + TagPrefix="openid" %> +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> +<html xmlns="http://www.w3.org/1999/xhtml"> +<head runat="server"> + <title></title> + <openid:ProviderEndpoint runat="server" ID="providerEndpoint1" OnAuthenticationChallenge="providerEndpoint1_AuthenticationChallenge" /> +</head> +<body> + <form id="form1" runat="server"> + <div> + </div> + </form> +</body> +</html> diff --git a/samples/OpenIdWebRingSsoProvider/Server.aspx.cs b/samples/OpenIdWebRingSsoProvider/Server.aspx.cs new file mode 100644 index 0000000..101e608 --- /dev/null +++ b/samples/OpenIdWebRingSsoProvider/Server.aspx.cs @@ -0,0 +1,19 @@ +namespace OpenIdWebRingSsoProvider { + using System; + using System.Collections.Generic; + using System.Linq; + using System.Web; + using System.Web.UI; + using System.Web.UI.WebControls; + using DotNetOpenAuth.OpenId.Provider; + using OpenIdWebRingSsoProvider.Code; + + public partial class Server : System.Web.UI.Page { + protected void Page_Load(object sender, EventArgs e) { + } + + protected void providerEndpoint1_AuthenticationChallenge(object sender, AuthenticationChallengeEventArgs e) { + Util.ProcessAuthenticationChallenge(e.Request); + } + } +} diff --git a/samples/OpenIdWebRingSsoProvider/Server.aspx.designer.cs b/samples/OpenIdWebRingSsoProvider/Server.aspx.designer.cs new file mode 100644 index 0000000..0fdea16 --- /dev/null +++ b/samples/OpenIdWebRingSsoProvider/Server.aspx.designer.cs @@ -0,0 +1,34 @@ +//------------------------------------------------------------------------------ +// <auto-generated> +// This code was generated by a tool. +// Runtime Version:2.0.50727.4927 +// +// Changes to this file may cause incorrect behavior and will be lost if +// the code is regenerated. +// </auto-generated> +//------------------------------------------------------------------------------ + +namespace OpenIdWebRingSsoProvider { + + + public partial class Server { + + /// <summary> + /// providerEndpoint1 control. + /// </summary> + /// <remarks> + /// Auto-generated field. + /// To modify move field declaration from designer file to code-behind file. + /// </remarks> + protected global::DotNetOpenAuth.OpenId.Provider.ProviderEndpoint providerEndpoint1; + + /// <summary> + /// form1 control. + /// </summary> + /// <remarks> + /// Auto-generated field. + /// To modify move field declaration from designer file to code-behind file. + /// </remarks> + protected global::System.Web.UI.HtmlControls.HtmlForm form1; + } +} diff --git a/samples/OpenIdWebRingSsoProvider/Web.config b/samples/OpenIdWebRingSsoProvider/Web.config new file mode 100644 index 0000000..c32e0e3 --- /dev/null +++ b/samples/OpenIdWebRingSsoProvider/Web.config @@ -0,0 +1,169 @@ +<?xml version="1.0"?> +<configuration> + <configSections> + <section name="uri" type="System.Configuration.UriSection, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"/> + <section name="log4net" type="log4net.Config.Log4NetConfigurationSectionHandler" requirePermission="false"/> + <section name="dotNetOpenAuth" type="DotNetOpenAuth.Configuration.DotNetOpenAuthSection" requirePermission="false" allowLocation="true"/> + <sectionGroup name="system.web.extensions" type="System.Web.Configuration.SystemWebExtensionsSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"> + <sectionGroup name="scripting" type="System.Web.Configuration.ScriptingSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"> + <section name="scriptResourceHandler" type="System.Web.Configuration.ScriptingScriptResourceHandlerSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication"/> + <sectionGroup name="webServices" type="System.Web.Configuration.ScriptingWebServicesSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"> + <section name="jsonSerialization" type="System.Web.Configuration.ScriptingJsonSerializationSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="Everywhere" /> + <section name="profileService" type="System.Web.Configuration.ScriptingProfileServiceSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication" /> + <section name="authenticationService" type="System.Web.Configuration.ScriptingAuthenticationServiceSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication" /> + <section name="roleService" type="System.Web.Configuration.ScriptingRoleServiceSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication" /> + </sectionGroup> + </sectionGroup> + </sectionGroup> + </configSections> + + <!-- The uri section is necessary to turn on .NET 3.5 support for IDN (international domain names), + which is necessary for OpenID urls with unicode characters in the domain/host name. + It is also required to put the Uri class into RFC 3986 escaping mode, which OpenID and OAuth require. --> + <uri> + <idn enabled="All"/> + <iriParsing enabled="true"/> + </uri> + + <system.net> + <defaultProxy enabled="true" /> + <settings> + <!-- This setting causes .NET to check certificate revocation lists (CRL) + before trusting HTTPS certificates. But this setting tends to not + be allowed in shared hosting environments. --> + <!--<servicePointManager checkCertificateRevocationList="true"/>--> + </settings> + </system.net> + + <!-- this is an optional configuration section where aspects of DotNetOpenAuth can be customized --> + <dotNetOpenAuth> + <openid> + <provider> + <security requireSsl="false" /> + <behaviors> + <!-- Behaviors activate themselves automatically for individual matching requests. + The first one in this list to match an incoming request "owns" the request. If no + profile matches, the default behavior is assumed. --> + <!--<add type="DotNetOpenAuth.OpenId.Behaviors.PpidGeneration, DotNetOpenAuth" />--> + </behaviors> + </provider> + </openid> + <messaging> + <untrustedWebRequest> + <whitelistHosts> + <!-- since this is a sample, and will often be used with localhost --> + <add name="localhost"/> + </whitelistHosts> + </untrustedWebRequest> + </messaging> + <!-- Allow DotNetOpenAuth to publish usage statistics to library authors to improve the library. --> + <reporting enabled="true" /> + </dotNetOpenAuth> + + <appSettings> + <add key="whitelistedRealms" value="http://localhost:39165/;http://othertrustedrealm/"/> + </appSettings> + <connectionStrings/> + + <system.web> + <!-- + Set compilation debug="true" to insert debugging + symbols into the compiled page. Because this + affects performance, set this value to true only + during development. + --> + <compilation debug="false"> + + <assemblies> + <add assembly="System.Core, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/> + <add assembly="System.Data.DataSetExtensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/> + <add assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> + <add assembly="System.Xml.Linq, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/> + </assemblies> + + </compilation> + <!-- + The <authentication> section enables configuration + of the security authentication mode used by + ASP.NET to identify an incoming user. + --> + <authentication mode="Windows" /> + <!-- + The <customErrors> section enables configuration + of what to do if/when an unhandled error occurs + during the execution of a request. Specifically, + it enables developers to configure html error pages + to be displayed in place of a error stack trace. + + <customErrors mode="RemoteOnly" defaultRedirect="GenericErrorPage.htm"> + <error statusCode="403" redirect="NoAccess.htm" /> + <error statusCode="404" redirect="FileNotFound.htm" /> + </customErrors> + --> + + <pages> + <controls> + <add tagPrefix="asp" namespace="System.Web.UI" assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> + <add tagPrefix="asp" namespace="System.Web.UI.WebControls" assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> + </controls> + </pages> + + <httpHandlers> + <remove verb="*" path="*.asmx"/> + <add verb="*" path="*.asmx" validate="false" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> + <add verb="*" path="*_AppService.axd" validate="false" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> + <add verb="GET,HEAD" path="ScriptResource.axd" type="System.Web.Handlers.ScriptResourceHandler, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" validate="false"/> + </httpHandlers> + <httpModules> + <add name="ScriptModule" type="System.Web.Handlers.ScriptModule, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> + </httpModules> + + </system.web> + + <system.codedom> + <compilers> + <compiler language="c#;cs;csharp" extension=".cs" warningLevel="4" + type="Microsoft.CSharp.CSharpCodeProvider, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"> + <providerOption name="CompilerVersion" value="v3.5"/> + <providerOption name="WarnAsError" value="false"/> + </compiler> + </compilers> + </system.codedom> + + <!-- + The system.webServer section is required for running ASP.NET AJAX under Internet + Information Services 7.0. It is not necessary for previous version of IIS. + --> + <system.webServer> + <validation validateIntegratedModeConfiguration="false"/> + <modules> + <remove name="ScriptModule" /> + <add name="ScriptModule" preCondition="managedHandler" type="System.Web.Handlers.ScriptModule, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> + </modules> + <handlers> + <remove name="WebServiceHandlerFactory-Integrated"/> + <remove name="ScriptHandlerFactory" /> + <remove name="ScriptHandlerFactoryAppServices" /> + <remove name="ScriptResource" /> + <add name="ScriptHandlerFactory" verb="*" path="*.asmx" preCondition="integratedMode" + type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> + <add name="ScriptHandlerFactoryAppServices" verb="*" path="*_AppService.axd" preCondition="integratedMode" + type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> + <add name="ScriptResource" preCondition="integratedMode" verb="GET,HEAD" path="ScriptResource.axd" type="System.Web.Handlers.ScriptResourceHandler, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" /> + </handlers> + </system.webServer> + + <runtime> + <assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1"> + <dependentAssembly> + <assemblyIdentity name="System.Web.Extensions" publicKeyToken="31bf3856ad364e35"/> + <bindingRedirect oldVersion="1.0.0.0-1.1.0.0" newVersion="3.5.0.0"/> + </dependentAssembly> + <dependentAssembly> + <assemblyIdentity name="System.Web.Extensions.Design" publicKeyToken="31bf3856ad364e35"/> + <bindingRedirect oldVersion="1.0.0.0-1.1.0.0" newVersion="3.5.0.0"/> + </dependentAssembly> + </assemblyBinding> + </runtime> + +</configuration> diff --git a/samples/OpenIdWebRingSsoProvider/op_xrds.aspx b/samples/OpenIdWebRingSsoProvider/op_xrds.aspx new file mode 100644 index 0000000..afcfc75 --- /dev/null +++ b/samples/OpenIdWebRingSsoProvider/op_xrds.aspx @@ -0,0 +1,19 @@ +<%@ Page Language="C#" AutoEventWireup="true" ContentType="application/xrds+xml" %><?xml version="1.0" encoding="UTF-8"?> +<%-- +This page is a required as part of the service discovery phase of the openid +protocol (step 1). It simply renders the xml for doing service discovery of +server.aspx using the xrds mechanism. +This XRDS doc is discovered via the user.aspx page. +--%> +<xrds:XRDS + xmlns:xrds="xri://$xrds" + xmlns:openid="http://openid.net/xmlns/1.0" + xmlns="xri://$xrd*($v*2.0)"> + <XRD> + <Service priority="10"> + <Type>http://specs.openid.net/auth/2.0/server</Type> + <Type>http://openid.net/extensions/sreg/1.1</Type> + <URI><%=new Uri(Request.Url, Response.ApplyAppPathModifier("~/server.aspx"))%></URI> + </Service> + </XRD> +</xrds:XRDS> diff --git a/samples/OpenIdWebRingSsoProvider/user.aspx b/samples/OpenIdWebRingSsoProvider/user.aspx new file mode 100644 index 0000000..0cef559 --- /dev/null +++ b/samples/OpenIdWebRingSsoProvider/user.aspx @@ -0,0 +1,22 @@ +<%@ Page Language="C#" AutoEventWireup="true" Inherits="OpenIdWebRingSsoProvider.User" + CodeBehind="user.aspx.cs" %> + +<%@ Register Assembly="DotNetOpenAuth" Namespace="DotNetOpenAuth.OpenId.Provider" + TagPrefix="openid" %> +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> +<html xmlns="http://www.w3.org/1999/xhtml"> +<head id="Head1" runat="server"> + <openid:IdentityEndpoint ID="IdentityEndpoint20" runat="server" ProviderEndpointUrl="~/Server.aspx" + XrdsUrl="~/user_xrds.aspx" ProviderVersion="V20" AutoNormalizeRequest="true" + OnNormalizeUri="IdentityEndpoint20_NormalizeUri" /> + <!-- and for backward compatibility with OpenID 1.x RPs... --> + <openid:IdentityEndpoint ID="IdentityEndpoint11" runat="server" ProviderEndpointUrl="~/Server.aspx" + ProviderVersion="V11" /> +</head> +<body> + <p> + OpenID identity page for + <asp:Label runat="server" ID="usernameLabel" EnableViewState="false" /> + </p> +</body> +</html> diff --git a/samples/OpenIdWebRingSsoProvider/user.aspx.cs b/samples/OpenIdWebRingSsoProvider/user.aspx.cs new file mode 100644 index 0000000..8050367 --- /dev/null +++ b/samples/OpenIdWebRingSsoProvider/user.aspx.cs @@ -0,0 +1,23 @@ +namespace OpenIdWebRingSsoProvider { + using System; + using DotNetOpenAuth.OpenId.Provider; + using OpenIdWebRingSsoProvider.Code; + + /// <summary> + /// This page is a required as part of the service discovery phase of the openid protocol (step 1). + /// </summary> + /// <remarks> + /// <para>The XRDS (or Yadis) content is also rendered to provide the consumer with an alternative discovery mechanism. The Yadis protocol allows the consumer + /// to provide the user with a more flexible range of authentication mechanisms (which ever has been defined in xrds.aspx). See http://en.wikipedia.org/wiki/Yadis.</para> + /// </remarks> + public partial class User : System.Web.UI.Page { + protected void Page_Load(object sender, EventArgs e) { + this.usernameLabel.Text = Util.ExtractUserName(Page.Request.Url); + } + + protected void IdentityEndpoint20_NormalizeUri(object sender, IdentityEndpointNormalizationEventArgs e) { + string username = Util.ExtractUserName(Page.Request.Url); + e.NormalizedIdentifier = new Uri(Util.BuildIdentityUrl(username)); + } + } +}
\ No newline at end of file diff --git a/samples/OpenIdWebRingSsoProvider/user.aspx.designer.cs b/samples/OpenIdWebRingSsoProvider/user.aspx.designer.cs new file mode 100644 index 0000000..171c898 --- /dev/null +++ b/samples/OpenIdWebRingSsoProvider/user.aspx.designer.cs @@ -0,0 +1,52 @@ +//------------------------------------------------------------------------------ +// <auto-generated> +// This code was generated by a tool. +// Runtime Version:2.0.50727.4927 +// +// Changes to this file may cause incorrect behavior and will be lost if +// the code is regenerated. +// </auto-generated> +//------------------------------------------------------------------------------ + +namespace OpenIdWebRingSsoProvider { + + + public partial class User { + + /// <summary> + /// Head1 control. + /// </summary> + /// <remarks> + /// Auto-generated field. + /// To modify move field declaration from designer file to code-behind file. + /// </remarks> + protected global::System.Web.UI.HtmlControls.HtmlHead Head1; + + /// <summary> + /// IdentityEndpoint20 control. + /// </summary> + /// <remarks> + /// Auto-generated field. + /// To modify move field declaration from designer file to code-behind file. + /// </remarks> + protected global::DotNetOpenAuth.OpenId.Provider.IdentityEndpoint IdentityEndpoint20; + + /// <summary> + /// IdentityEndpoint11 control. + /// </summary> + /// <remarks> + /// Auto-generated field. + /// To modify move field declaration from designer file to code-behind file. + /// </remarks> + protected global::DotNetOpenAuth.OpenId.Provider.IdentityEndpoint IdentityEndpoint11; + + /// <summary> + /// usernameLabel control. + /// </summary> + /// <remarks> + /// Auto-generated field. + /// To modify move field declaration from designer file to code-behind file. + /// </remarks> + protected global::System.Web.UI.WebControls.Label usernameLabel; + } +} diff --git a/samples/OpenIdWebRingSsoProvider/user_xrds.aspx b/samples/OpenIdWebRingSsoProvider/user_xrds.aspx new file mode 100644 index 0000000..275e413 --- /dev/null +++ b/samples/OpenIdWebRingSsoProvider/user_xrds.aspx @@ -0,0 +1,24 @@ +<%@ Page Language="C#" AutoEventWireup="true" ContentType="application/xrds+xml" %><?xml version="1.0" encoding="UTF-8"?> +<%-- +This page is a required as part of the service discovery phase of the openid +protocol (step 1). It simply renders the xml for doing service discovery of +server.aspx using the xrds mechanism. +This XRDS doc is discovered via the user.aspx page. +--%> +<xrds:XRDS + xmlns:xrds="xri://$xrds" + xmlns:openid="http://openid.net/xmlns/1.0" + xmlns="xri://$xrd*($v*2.0)"> + <XRD> + <Service priority="10"> + <Type>http://specs.openid.net/auth/2.0/signon</Type> + <Type>http://openid.net/extensions/sreg/1.1</Type> + <URI><%=new Uri(Request.Url, Response.ApplyAppPathModifier("~/server.aspx"))%></URI> + </Service> + <Service priority="20"> + <Type>http://openid.net/signon/1.0</Type> + <Type>http://openid.net/extensions/sreg/1.1</Type> + <URI><%=new Uri(Request.Url, Response.ApplyAppPathModifier("~/server.aspx"))%></URI> + </Service> + </XRD> +</xrds:XRDS> diff --git a/samples/OpenIdWebRingSsoRelyingParty/Admin/Default.aspx b/samples/OpenIdWebRingSsoRelyingParty/Admin/Default.aspx new file mode 100644 index 0000000..d3653e7 --- /dev/null +++ b/samples/OpenIdWebRingSsoRelyingParty/Admin/Default.aspx @@ -0,0 +1,19 @@ +<%@ Page Language="C#" AutoEventWireup="true" CodeBehind="Default.aspx.cs" Inherits="OpenIdWebRingSsoRelyingParty.Admin.Default" %> + +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> +<html xmlns="http://www.w3.org/1999/xhtml"> +<head runat="server"> + <title></title> +</head> +<body> + <form id="form1" runat="server"> + <div> + You must be an admin! + </div> + <p> + The roles you're assigned come from the trusted Provider's identity assertion. The + sample OP comes hard-wired to assert membership in the Admin and Member roles. + </p> + </form> +</body> +</html> diff --git a/samples/OpenIdWebRingSsoRelyingParty/Admin/Default.aspx.cs b/samples/OpenIdWebRingSsoRelyingParty/Admin/Default.aspx.cs new file mode 100644 index 0000000..94da1f7 --- /dev/null +++ b/samples/OpenIdWebRingSsoRelyingParty/Admin/Default.aspx.cs @@ -0,0 +1,13 @@ +namespace OpenIdWebRingSsoRelyingParty.Admin { + using System; + using System.Collections.Generic; + using System.Linq; + using System.Web; + using System.Web.UI; + using System.Web.UI.WebControls; + + public partial class Default : System.Web.UI.Page { + protected void Page_Load(object sender, EventArgs e) { + } + } +} diff --git a/samples/OpenIdWebRingSsoRelyingParty/Admin/Default.aspx.designer.cs b/samples/OpenIdWebRingSsoRelyingParty/Admin/Default.aspx.designer.cs new file mode 100644 index 0000000..9519fc3 --- /dev/null +++ b/samples/OpenIdWebRingSsoRelyingParty/Admin/Default.aspx.designer.cs @@ -0,0 +1,25 @@ +//------------------------------------------------------------------------------ +// <auto-generated> +// This code was generated by a tool. +// Runtime Version:2.0.50727.4927 +// +// Changes to this file may cause incorrect behavior and will be lost if +// the code is regenerated. +// </auto-generated> +//------------------------------------------------------------------------------ + +namespace OpenIdWebRingSsoRelyingParty.Admin { + + + public partial class Default { + + /// <summary> + /// form1 control. + /// </summary> + /// <remarks> + /// Auto-generated field. + /// To modify move field declaration from designer file to code-behind file. + /// </remarks> + protected global::System.Web.UI.HtmlControls.HtmlForm form1; + } +} diff --git a/samples/OpenIdWebRingSsoRelyingParty/Admin/Web.config b/samples/OpenIdWebRingSsoRelyingParty/Admin/Web.config new file mode 100644 index 0000000..52a5faf --- /dev/null +++ b/samples/OpenIdWebRingSsoRelyingParty/Admin/Web.config @@ -0,0 +1,9 @@ +<?xml version="1.0"?> +<configuration> + <system.web> + <authorization> + <allow roles="Admin"/> + <deny users="*"/> + </authorization> + </system.web> +</configuration> diff --git a/samples/OpenIdWebRingSsoRelyingParty/AuthTicketRoles.cs b/samples/OpenIdWebRingSsoRelyingParty/AuthTicketRoles.cs new file mode 100644 index 0000000..06783bd --- /dev/null +++ b/samples/OpenIdWebRingSsoRelyingParty/AuthTicketRoles.cs @@ -0,0 +1,57 @@ +//----------------------------------------------------------------------- +// <copyright file="AuthTicketRoles.cs" company="Andrew Arnott"> +// Copyright (c) Andrew Arnott. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- + +namespace OpenIdWebRingSsoRelyingParty { + using System; + using System.Collections.Generic; + using System.Linq; + using System.Security.Principal; + using System.Web; + using System.Web.Security; + using DotNetOpenAuth.Messaging; + using DotNetOpenAuth.OAuth; + using DotNetOpenAuth.OAuth.ChannelElements; + using DotNetOpenAuth.OAuth.Messages; + + /// <summary> + /// An authentication module that utilizes the forms auth ticket cookie + /// as a cache for the users' roles, since those roles are determined by + /// the OpenID Provider and we don't have a local user-roles cache at this + /// RP since those relationships are always managed by the Provider. + /// </summary> + public class AuthTicketRoles : IHttpModule { + #region IHttpModule Members + + /// <summary> + /// Initializes a module and prepares it to handle requests. + /// </summary> + /// <param name="context">An <see cref="T:System.Web.HttpApplication"/> that provides access to the methods, properties, and events common to all application objects within an ASP.NET application</param> + public void Init(HttpApplication context) { + context.AuthenticateRequest += this.application_AuthenticateRequest; + } + + /// <summary> + /// Disposes of the resources (other than memory) used by the module that implements <see cref="T:System.Web.IHttpModule"/>. + /// </summary> + public void Dispose() { + } + + #endregion + + private void application_AuthenticateRequest(object sender, EventArgs e) { + if (HttpContext.Current.User != null) { + var cookie = HttpContext.Current.Request.Cookies[FormsAuthentication.FormsCookieName]; + if (cookie != null) { + var ticket = FormsAuthentication.Decrypt(cookie.Value); + if (!string.IsNullOrEmpty(ticket.UserData)) { + string[] roles = ticket.UserData.Split(';'); + HttpContext.Current.User = new GenericPrincipal(HttpContext.Current.User.Identity, roles); + } + } + } + } + } +} diff --git a/samples/OpenIdWebRingSsoRelyingParty/Default.aspx b/samples/OpenIdWebRingSsoRelyingParty/Default.aspx new file mode 100644 index 0000000..00efb08 --- /dev/null +++ b/samples/OpenIdWebRingSsoRelyingParty/Default.aspx @@ -0,0 +1,29 @@ +<%@ Page Language="C#" AutoEventWireup="true" CodeBehind="Default.aspx.cs" Inherits="OpenIdWebRingSsoRelyingParty._Default" %> + +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> +<html xmlns="http://www.w3.org/1999/xhtml"> +<head runat="server"> + <title>Sample SSO relying party</title> +</head> +<body> + <form id="form1" runat="server"> + <div> + We've recognized you (via the SSO OP) as: + <asp:LoginName ID="LoginName1" runat="server" /> + <p>Try visiting the <a href="Admin/Default.aspx">Admin area</a></p> + </div> + <p>This sample is of an OpenID Relying Party that acts within a controlled set of + web sites (perhaps all belonging to the same organization). This + particular RP is configured to require authentication for all web pages, and to + always use just one (trusted) OP (the OpenIdWebRingSsoProvider) without ever + prompting the user.</p> + <p>Although the sample OP uses Windows Authentication, and so this RP could easily + do the same, the idea is that the OP and RP may exist on different network + topologies, or the OP may be the only site with access to the user credential + database, or any number of other scenarios where the RP doesn't have the freedom + to authenticate the user the way the OP has, yet this set of web sites want to + have the users only authenticate themselves to one site with one set of + credentials.</p> + </form> +</body> +</html> diff --git a/samples/OpenIdWebRingSsoRelyingParty/Default.aspx.cs b/samples/OpenIdWebRingSsoRelyingParty/Default.aspx.cs new file mode 100644 index 0000000..9e6009e --- /dev/null +++ b/samples/OpenIdWebRingSsoRelyingParty/Default.aspx.cs @@ -0,0 +1,18 @@ +namespace OpenIdWebRingSsoRelyingParty { + using System; + using System.Collections.Generic; + using System.Linq; + using System.Web; + using System.Web.UI; + using System.Web.UI.WebControls; + + public partial class _Default : System.Web.UI.Page { + protected void Page_Load(object sender, EventArgs e) { + if (Array.IndexOf(Request.AcceptTypes, "application/xrds+xml") >= 0) { + Server.Transfer("xrds.aspx"); + } else if (!User.Identity.IsAuthenticated) { + Response.Redirect("Login.aspx"); + } + } + } +} diff --git a/samples/OpenIdWebRingSsoRelyingParty/Default.aspx.designer.cs b/samples/OpenIdWebRingSsoRelyingParty/Default.aspx.designer.cs new file mode 100644 index 0000000..49d071e --- /dev/null +++ b/samples/OpenIdWebRingSsoRelyingParty/Default.aspx.designer.cs @@ -0,0 +1,34 @@ +//------------------------------------------------------------------------------ +// <auto-generated> +// This code was generated by a tool. +// Runtime Version:2.0.50727.4927 +// +// Changes to this file may cause incorrect behavior and will be lost if +// the code is regenerated. +// </auto-generated> +//------------------------------------------------------------------------------ + +namespace OpenIdWebRingSsoRelyingParty { + + + public partial class _Default { + + /// <summary> + /// form1 control. + /// </summary> + /// <remarks> + /// Auto-generated field. + /// To modify move field declaration from designer file to code-behind file. + /// </remarks> + protected global::System.Web.UI.HtmlControls.HtmlForm form1; + + /// <summary> + /// LoginName1 control. + /// </summary> + /// <remarks> + /// Auto-generated field. + /// To modify move field declaration from designer file to code-behind file. + /// </remarks> + protected global::System.Web.UI.WebControls.LoginName LoginName1; + } +} diff --git a/samples/OpenIdWebRingSsoRelyingParty/Login.aspx b/samples/OpenIdWebRingSsoRelyingParty/Login.aspx new file mode 100644 index 0000000..2e7df2e --- /dev/null +++ b/samples/OpenIdWebRingSsoRelyingParty/Login.aspx @@ -0,0 +1,26 @@ +<%@ Page Language="C#" AutoEventWireup="true" CodeBehind="Login.aspx.cs" Inherits="OpenIdWebRingSsoRelyingParty.Login" %> + +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> +<html xmlns="http://www.w3.org/1999/xhtml"> +<head runat="server"> + <title></title> +</head> +<body> + <form id="form1" runat="server"> + <asp:MultiView ID="MultiView1" runat="server" ActiveViewIndex="0"> + <asp:View ID="View1" runat="server"> + <div> + Sorry. We couldn't log you in. + </div> + <asp:Label runat="server" ID="errorLabel" /> + <p> + <asp:Button ID="retryButton" runat="server" Text="Try Again" OnClick="retryButton_Click" /> + </p> + </asp:View> + <asp:View ID="View2" runat="server"> + You don't have permission to visit <%=HttpUtility.HtmlEncode(Request.QueryString["ReturnUrl"]) %>. + </asp:View> + </asp:MultiView> + </form> +</body> +</html> diff --git a/samples/OpenIdWebRingSsoRelyingParty/Login.aspx.cs b/samples/OpenIdWebRingSsoRelyingParty/Login.aspx.cs new file mode 100644 index 0000000..7f7f91e --- /dev/null +++ b/samples/OpenIdWebRingSsoRelyingParty/Login.aspx.cs @@ -0,0 +1,96 @@ +namespace OpenIdWebRingSsoRelyingParty { + using System; + using System.Collections.Generic; + using System.Configuration; + using System.Linq; + using System.Web; + using System.Web.Security; + using System.Web.UI; + using System.Web.UI.WebControls; + using DotNetOpenAuth.OpenId; + using DotNetOpenAuth.OpenId.Extensions.AttributeExchange; + using DotNetOpenAuth.OpenId.RelyingParty; + + public partial class Login : System.Web.UI.Page { + private const string RolesAttribute = "http://samples.dotnetopenauth.net/sso/roles"; + + private static OpenIdRelyingParty relyingParty = new OpenIdRelyingParty(); + + static Login() { + // Configure the RP to only allow assertions from our trusted OP endpoint. + relyingParty.EndpointFilter = ep => ep.Uri.AbsoluteUri == ConfigurationManager.AppSettings["SsoProviderOPEndpoint"]; + } + + protected void Page_Load(object sender, EventArgs e) { + UriBuilder returnToBuilder = new UriBuilder(Request.Url); + returnToBuilder.Path = "/login.aspx"; + returnToBuilder.Query = null; + returnToBuilder.Fragment = null; + Uri returnTo = returnToBuilder.Uri; + returnToBuilder.Path = "/"; + Realm realm = returnToBuilder.Uri; + + var response = relyingParty.GetResponse(); + if (response == null) { + if (Request.QueryString["ReturnUrl"] != null && User.Identity.IsAuthenticated) { + // The user must have been directed here because he has insufficient + // permissions to access something. + this.MultiView1.ActiveViewIndex = 1; + } else { + // Because this is a sample of a controlled SSO environment, + // we don't ask the user which Provider to use... we just send + // them straight off to the one Provider we trust. + var request = relyingParty.CreateRequest( + ConfigurationManager.AppSettings["SsoProviderOPIdentifier"], + realm, + returnTo); + var fetchRequest = new FetchRequest(); + fetchRequest.Attributes.AddOptional(RolesAttribute); + request.AddExtension(fetchRequest); + request.RedirectToProvider(); + } + } else { + switch (response.Status) { + case AuthenticationStatus.Canceled: + this.errorLabel.Text = "Login canceled."; + break; + case AuthenticationStatus.Failed: + this.errorLabel.Text = HttpUtility.HtmlEncode(response.Exception.Message); + break; + case AuthenticationStatus.Authenticated: + IList<string> roles = null; + var fetchResponse = response.GetExtension<FetchResponse>(); + if (fetchResponse != null) { + if (fetchResponse.Attributes.Contains(RolesAttribute)) { + roles = fetchResponse.Attributes[RolesAttribute].Values; + } + } + if (roles == null) { + roles = new List<string>(0); + } + + // Apply the roles to this auth ticket + const int TimeoutInMinutes = 100; // TODO: look up the right value from the web.config file + var ticket = new FormsAuthenticationTicket( + 2, + response.ClaimedIdentifier, + DateTime.Now, + DateTime.Now.AddMinutes(TimeoutInMinutes), + false, // non-persistent, since login is automatic and we wanted updated roles + string.Join(";", roles.ToArray())); + + HttpCookie cookie = new HttpCookie(FormsAuthentication.FormsCookieName, FormsAuthentication.Encrypt(ticket)); + Response.SetCookie(cookie); + Response.Redirect(Request.QueryString["ReturnUrl"] ?? FormsAuthentication.DefaultUrl); + break; + default: + break; + } + } + } + + protected void retryButton_Click(object sender, EventArgs e) { + Response.Redirect("/login.aspx"); + } + } +} diff --git a/samples/OpenIdWebRingSsoRelyingParty/Login.aspx.designer.cs b/samples/OpenIdWebRingSsoRelyingParty/Login.aspx.designer.cs new file mode 100644 index 0000000..7ed2669 --- /dev/null +++ b/samples/OpenIdWebRingSsoRelyingParty/Login.aspx.designer.cs @@ -0,0 +1,70 @@ +//------------------------------------------------------------------------------ +// <auto-generated> +// This code was generated by a tool. +// Runtime Version:2.0.50727.4927 +// +// Changes to this file may cause incorrect behavior and will be lost if +// the code is regenerated. +// </auto-generated> +//------------------------------------------------------------------------------ + +namespace OpenIdWebRingSsoRelyingParty { + + + public partial class Login { + + /// <summary> + /// form1 control. + /// </summary> + /// <remarks> + /// Auto-generated field. + /// To modify move field declaration from designer file to code-behind file. + /// </remarks> + protected global::System.Web.UI.HtmlControls.HtmlForm form1; + + /// <summary> + /// MultiView1 control. + /// </summary> + /// <remarks> + /// Auto-generated field. + /// To modify move field declaration from designer file to code-behind file. + /// </remarks> + protected global::System.Web.UI.WebControls.MultiView MultiView1; + + /// <summary> + /// View1 control. + /// </summary> + /// <remarks> + /// Auto-generated field. + /// To modify move field declaration from designer file to code-behind file. + /// </remarks> + protected global::System.Web.UI.WebControls.View View1; + + /// <summary> + /// errorLabel control. + /// </summary> + /// <remarks> + /// Auto-generated field. + /// To modify move field declaration from designer file to code-behind file. + /// </remarks> + protected global::System.Web.UI.WebControls.Label errorLabel; + + /// <summary> + /// retryButton control. + /// </summary> + /// <remarks> + /// Auto-generated field. + /// To modify move field declaration from designer file to code-behind file. + /// </remarks> + protected global::System.Web.UI.WebControls.Button retryButton; + + /// <summary> + /// View2 control. + /// </summary> + /// <remarks> + /// Auto-generated field. + /// To modify move field declaration from designer file to code-behind file. + /// </remarks> + protected global::System.Web.UI.WebControls.View View2; + } +} diff --git a/samples/OpenIdWebRingSsoRelyingParty/OpenIdWebRingSsoRelyingParty.csproj b/samples/OpenIdWebRingSsoRelyingParty/OpenIdWebRingSsoRelyingParty.csproj new file mode 100644 index 0000000..978a1a57 --- /dev/null +++ b/samples/OpenIdWebRingSsoRelyingParty/OpenIdWebRingSsoRelyingParty.csproj @@ -0,0 +1,127 @@ +<Project ToolsVersion="3.5" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003"> + <PropertyGroup> + <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration> + <Platform Condition=" '$(Platform)' == '' ">AnyCPU</Platform> + <ProductVersion>9.0.30729</ProductVersion> + <SchemaVersion>2.0</SchemaVersion> + <ProjectGuid>{B64A1E7E-6A15-4B91-AF13-7D48F7DA5942}</ProjectGuid> + <ProjectTypeGuids>{349c5851-65df-11da-9384-00065b846f21};{fae04ec0-301f-11d3-bf4b-00c04f79efbc}</ProjectTypeGuids> + <OutputType>Library</OutputType> + <AppDesignerFolder>Properties</AppDesignerFolder> + <RootNamespace>OpenIdWebRingSsoRelyingParty</RootNamespace> + <AssemblyName>OpenIdWebRingSsoRelyingParty</AssemblyName> + <TargetFrameworkVersion>v3.5</TargetFrameworkVersion> + </PropertyGroup> + <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' "> + <DebugSymbols>true</DebugSymbols> + <DebugType>full</DebugType> + <Optimize>false</Optimize> + <OutputPath>bin\</OutputPath> + <DefineConstants>DEBUG;TRACE</DefineConstants> + <ErrorReport>prompt</ErrorReport> + <WarningLevel>4</WarningLevel> + </PropertyGroup> + <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Release|AnyCPU' "> + <DebugType>pdbonly</DebugType> + <Optimize>true</Optimize> + <OutputPath>bin\</OutputPath> + <DefineConstants>TRACE</DefineConstants> + <ErrorReport>prompt</ErrorReport> + <WarningLevel>4</WarningLevel> + </PropertyGroup> + <ItemGroup> + <Reference Include="System" /> + <Reference Include="System.Data" /> + <Reference Include="System.Core"> + <RequiredTargetFramework>3.5</RequiredTargetFramework> + </Reference> + <Reference Include="System.Data.DataSetExtensions"> + <RequiredTargetFramework>3.5</RequiredTargetFramework> + </Reference> + <Reference Include="System.Web.Extensions"> + <RequiredTargetFramework>3.5</RequiredTargetFramework> + </Reference> + <Reference Include="System.Xml.Linq"> + <RequiredTargetFramework>3.5</RequiredTargetFramework> + </Reference> + <Reference Include="System.Drawing" /> + <Reference Include="System.Web" /> + <Reference Include="System.Xml" /> + <Reference Include="System.Configuration" /> + <Reference Include="System.Web.Services" /> + <Reference Include="System.EnterpriseServices" /> + <Reference Include="System.Web.Mobile" /> + </ItemGroup> + <ItemGroup> + <Content Include="Default.aspx" /> + <Content Include="Login.aspx" /> + <Content Include="Web.config" /> + <Content Include="xrds.aspx" /> + </ItemGroup> + <ItemGroup> + <Compile Include="Admin\Default.aspx.cs"> + <DependentUpon>Default.aspx</DependentUpon> + <SubType>ASPXCodeBehind</SubType> + </Compile> + <Compile Include="Admin\Default.aspx.designer.cs"> + <DependentUpon>Default.aspx</DependentUpon> + </Compile> + <Compile Include="Default.aspx.cs"> + <SubType>ASPXCodeBehind</SubType> + <DependentUpon>Default.aspx</DependentUpon> + </Compile> + <Compile Include="Default.aspx.designer.cs"> + <DependentUpon>Default.aspx</DependentUpon> + </Compile> + <Compile Include="Login.aspx.cs"> + <DependentUpon>Login.aspx</DependentUpon> + <SubType>ASPXCodeBehind</SubType> + </Compile> + <Compile Include="Login.aspx.designer.cs"> + <DependentUpon>Login.aspx</DependentUpon> + </Compile> + <Compile Include="AuthTicketRoles.cs" /> + <Compile Include="Properties\AssemblyInfo.cs" /> + </ItemGroup> + <ItemGroup> + <ProjectReference Include="..\..\src\DotNetOpenAuth\DotNetOpenAuth.csproj"> + <Project>{3191B653-F76D-4C1A-9A5A-347BC3AAAAB7}</Project> + <Name>DotNetOpenAuth</Name> + </ProjectReference> + </ItemGroup> + <ItemGroup> + <Content Include="Admin\Default.aspx" /> + <Content Include="Admin\Web.config" /> + </ItemGroup> + <ItemGroup> + <Folder Include="App_Data\" /> + </ItemGroup> + <Import Project="$(MSBuildBinPath)\Microsoft.CSharp.targets" /> + <Import Project="$(MSBuildExtensionsPath)\Microsoft\VisualStudio\v9.0\WebApplications\Microsoft.WebApplication.targets" /> + <!-- To modify your build process, add your task inside one of the targets below and uncomment it. + Other similar extension points exist, see Microsoft.Common.targets. + <Target Name="BeforeBuild"> + </Target> + <Target Name="AfterBuild"> + </Target> + --> + <ProjectExtensions> + <VisualStudio> + <FlavorProperties GUID="{349c5851-65df-11da-9384-00065b846f21}"> + <WebProjectProperties> + <UseIIS>False</UseIIS> + <AutoAssignPort>False</AutoAssignPort> + <DevelopmentServerPort>39165</DevelopmentServerPort> + <DevelopmentServerVPath>/</DevelopmentServerVPath> + <IISUrl> + </IISUrl> + <NTLMAuthentication>False</NTLMAuthentication> + <UseCustomServer>False</UseCustomServer> + <CustomServerUrl> + </CustomServerUrl> + <SaveServerSettingsInUserFile>False</SaveServerSettingsInUserFile> + </WebProjectProperties> + </FlavorProperties> + </VisualStudio> + </ProjectExtensions> +</Project>
\ No newline at end of file diff --git a/samples/OpenIdWebRingSsoRelyingParty/Properties/AssemblyInfo.cs b/samples/OpenIdWebRingSsoRelyingParty/Properties/AssemblyInfo.cs new file mode 100644 index 0000000..eaf99ae --- /dev/null +++ b/samples/OpenIdWebRingSsoRelyingParty/Properties/AssemblyInfo.cs @@ -0,0 +1,35 @@ +using System.Reflection; +using System.Runtime.CompilerServices; +using System.Runtime.InteropServices; + +// General Information about an assembly is controlled through the following +// set of attributes. Change these attribute values to modify the information +// associated with an assembly. +[assembly: AssemblyTitle("OpenIdWebRingSsoRelyingParty")] +[assembly: AssemblyDescription("")] +[assembly: AssemblyConfiguration("")] +[assembly: AssemblyCompany("Microsoft IT")] +[assembly: AssemblyProduct("OpenIdWebRingSsoRelyingParty")] +[assembly: AssemblyCopyright("Copyright © Microsoft IT 2009")] +[assembly: AssemblyTrademark("")] +[assembly: AssemblyCulture("")] + +// Setting ComVisible to false makes the types in this assembly not visible +// to COM components. If you need to access a type in this assembly from +// COM, set the ComVisible attribute to true on that type. +[assembly: ComVisible(false)] + +// The following GUID is for the ID of the typelib if this project is exposed to COM +[assembly: Guid("3d5900ae-111a-45be-96b3-d9e4606ca793")] + +// Version information for an assembly consists of the following four values: +// +// Major Version +// Minor Version +// Build Number +// Revision +// +// You can specify all the values or you can default the Revision and Build Numbers +// by using the '*' as shown below: +[assembly: AssemblyVersion("1.0.0.0")] +[assembly: AssemblyFileVersion("1.0.0.0")] diff --git a/samples/OpenIdWebRingSsoRelyingParty/Web.config b/samples/OpenIdWebRingSsoRelyingParty/Web.config new file mode 100644 index 0000000..94ef60c --- /dev/null +++ b/samples/OpenIdWebRingSsoRelyingParty/Web.config @@ -0,0 +1,194 @@ +<?xml version="1.0"?> + +<configuration> + <configSections> + <section name="uri" type="System.Configuration.UriSection, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" /> + <section name="log4net" type="log4net.Config.Log4NetConfigurationSectionHandler" requirePermission="false" /> + <section name="dotNetOpenAuth" type="DotNetOpenAuth.Configuration.DotNetOpenAuthSection" requirePermission="false" allowLocation="true"/> + <sectionGroup name="system.web.extensions" type="System.Web.Configuration.SystemWebExtensionsSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"> + <sectionGroup name="scripting" type="System.Web.Configuration.ScriptingSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"> + <section name="scriptResourceHandler" type="System.Web.Configuration.ScriptingScriptResourceHandlerSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication"/> + <sectionGroup name="webServices" type="System.Web.Configuration.ScriptingWebServicesSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"> + <section name="jsonSerialization" type="System.Web.Configuration.ScriptingJsonSerializationSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="Everywhere" /> + <section name="profileService" type="System.Web.Configuration.ScriptingProfileServiceSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication" /> + <section name="authenticationService" type="System.Web.Configuration.ScriptingAuthenticationServiceSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication" /> + <section name="roleService" type="System.Web.Configuration.ScriptingRoleServiceSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication" /> + </sectionGroup> + </sectionGroup> + </sectionGroup> + </configSections> + + <!-- The uri section is necessary to turn on .NET 3.5 support for IDN (international domain names), + which is necessary for OpenID urls with unicode characters in the domain/host name. + It is also required to put the Uri class into RFC 3986 escaping mode, which OpenID and OAuth require. --> + <uri> + <idn enabled="All"/> + <iriParsing enabled="true"/> + </uri> + + <system.net> + <defaultProxy enabled="true" /> + <settings> + <!-- This setting causes .NET to check certificate revocation lists (CRL) + before trusting HTTPS certificates. But this setting tends to not + be allowed in shared hosting environments. --> + <!--<servicePointManager checkCertificateRevocationList="true"/>--> + </settings> + </system.net> + + <!-- this is an optional configuration section where aspects of dotnetopenauth can be customized --> + <dotNetOpenAuth> + <openid> + <relyingParty> + <security requireSsl="false" /> + <behaviors> + <!-- The following OPTIONAL behavior allows RPs to use SREG only, but be compatible + with OPs that use Attribute Exchange (in various formats). --> + <add type="DotNetOpenAuth.OpenId.Behaviors.AXFetchAsSregTransform, DotNetOpenAuth" /> + <!--<add type="DotNetOpenAuth.OpenId.Behaviors.GsaIcamProfile, DotNetOpenAuth" />--> + </behaviors> + <!-- Uncomment the following to activate the sample custom store. --> + <!--<store type="OpenIdRelyingPartyWebForms.CustomStore, OpenIdRelyingPartyWebForms" />--> + </relyingParty> + </openid> + <messaging> + <untrustedWebRequest> + <whitelistHosts> + <!-- since this is a sample, and will often be used with localhost --> + <add name="localhost" /> + </whitelistHosts> + </untrustedWebRequest> + </messaging> + <!-- Allow DotNetOpenAuth to publish usage statistics to library authors to improve the library. --> + <reporting enabled="true" /> + </dotNetOpenAuth> + + <appSettings> + <add key="SsoProviderOPIdentifier" value="http://localhost:39167/" /> + <add key="SsoProviderOPEndpoint" value="http://localhost:39167/server.aspx" /> + </appSettings> + <connectionStrings/> + + <system.web> + <!-- + Set compilation debug="true" to insert debugging + symbols into the compiled page. Because this + affects performance, set this value to true only + during development. + --> + <compilation debug="false"> + + <assemblies> + <add assembly="System.Core, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/> + <add assembly="System.Data.DataSetExtensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/> + <add assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> + <add assembly="System.Xml.Linq, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/> + </assemblies> + + </compilation> + <!-- + The <authentication> section enables configuration + of the security authentication mode used by + ASP.NET to identify an incoming user. + --> + <authentication mode="Forms"> + <forms name="OpenIdWebRingSsoRelyingParty" /> + </authentication> + <authorization> + <deny users="?"/> + </authorization> + <!-- + The <customErrors> section enables configuration + of what to do if/when an unhandled error occurs + during the execution of a request. Specifically, + it enables developers to configure html error pages + to be displayed in place of a error stack trace. + + <customErrors mode="RemoteOnly" defaultRedirect="GenericErrorPage.htm"> + <error statusCode="403" redirect="NoAccess.htm" /> + <error statusCode="404" redirect="FileNotFound.htm" /> + </customErrors> + --> + + <pages> + <controls> + <add tagPrefix="asp" namespace="System.Web.UI" assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> + <add tagPrefix="asp" namespace="System.Web.UI.WebControls" assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> + </controls> + </pages> + + <httpHandlers> + <remove verb="*" path="*.asmx"/> + <add verb="*" path="*.asmx" validate="false" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> + <add verb="*" path="*_AppService.axd" validate="false" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> + <add verb="GET,HEAD" path="ScriptResource.axd" type="System.Web.Handlers.ScriptResourceHandler, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" validate="false"/> + </httpHandlers> + <httpModules> + <add name="ScriptModule" type="System.Web.Handlers.ScriptModule, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> + <add name="AuthTicketRoles" type="OpenIdWebRingSsoRelyingParty.AuthTicketRoles, OpenIdWebRingSsoRelyingParty"/> + </httpModules> + + </system.web> + + <system.codedom> + <compilers> + <compiler language="c#;cs;csharp" extension=".cs" warningLevel="4" + type="Microsoft.CSharp.CSharpCodeProvider, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"> + <providerOption name="CompilerVersion" value="v3.5"/> + <providerOption name="WarnAsError" value="false"/> + </compiler> + </compilers> + </system.codedom> + + <!-- + The system.webServer section is required for running ASP.NET AJAX under Internet + Information Services 7.0. It is not necessary for previous version of IIS. + --> + <system.webServer> + <validation validateIntegratedModeConfiguration="false"/> + <modules> + <remove name="ScriptModule" /> + <add name="ScriptModule" preCondition="managedHandler" type="System.Web.Handlers.ScriptModule, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> + </modules> + <handlers> + <remove name="WebServiceHandlerFactory-Integrated"/> + <remove name="ScriptHandlerFactory" /> + <remove name="ScriptHandlerFactoryAppServices" /> + <remove name="ScriptResource" /> + <add name="ScriptHandlerFactory" verb="*" path="*.asmx" preCondition="integratedMode" + type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> + <add name="ScriptHandlerFactoryAppServices" verb="*" path="*_AppService.axd" preCondition="integratedMode" + type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> + <add name="ScriptResource" preCondition="integratedMode" verb="GET,HEAD" path="ScriptResource.axd" type="System.Web.Handlers.ScriptResourceHandler, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" /> + </handlers> + </system.webServer> + + <runtime> + <assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1"> + <dependentAssembly> + <assemblyIdentity name="System.Web.Extensions" publicKeyToken="31bf3856ad364e35"/> + <bindingRedirect oldVersion="1.0.0.0-1.1.0.0" newVersion="3.5.0.0"/> + </dependentAssembly> + <dependentAssembly> + <assemblyIdentity name="System.Web.Extensions.Design" publicKeyToken="31bf3856ad364e35"/> + <bindingRedirect oldVersion="1.0.0.0-1.1.0.0" newVersion="3.5.0.0"/> + </dependentAssembly> + </assemblyBinding> + </runtime> + + <location path="xrds.aspx"> + <system.web> + <authorization> + <allow users="*"/> + </authorization> + </system.web> + </location> + + <location path="default.aspx"> + <system.web> + <authorization> + <allow users="*"/> + </authorization> + </system.web> + </location> +</configuration> diff --git a/samples/OpenIdWebRingSsoRelyingParty/xrds.aspx b/samples/OpenIdWebRingSsoRelyingParty/xrds.aspx new file mode 100644 index 0000000..b45d063 --- /dev/null +++ b/samples/OpenIdWebRingSsoRelyingParty/xrds.aspx @@ -0,0 +1,20 @@ +<%@ Page Language="C#" AutoEventWireup="true" ContentType="application/xrds+xml" %><?xml version="1.0" encoding="UTF-8"?> +<%-- +This page is a required for relying party discovery per OpenID 2.0. +It allows Providers to call back to the relying party site to confirm the +identity that it is claiming in the realm and return_to URLs. +This page should be pointed to by the 'realm' home page, which in this sample +is default.aspx. +--%> +<xrds:XRDS + xmlns:xrds="xri://$xrds" + xmlns:openid="http://openid.net/xmlns/1.0" + xmlns="xri://$xrd*($v*2.0)"> + <XRD> + <Service priority="1"> + <Type>http://specs.openid.net/auth/2.0/return_to</Type> + <%-- Every page with an OpenID login should be listed here. --%> + <URI priority="1"><%=new Uri(Request.Url, Response.ApplyAppPathModifier("~/login.aspx"))%></URI> + </Service> + </XRD> +</xrds:XRDS> diff --git a/samples/Samples.sln b/samples/Samples.sln index b586268..4c65c27 100644 --- a/samples/Samples.sln +++ b/samples/Samples.sln @@ -13,7 +13,7 @@ Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "OAuth", "OAuth", "{812D828E EndProject Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "InfoCard", "InfoCard", "{9145144C-1192-41C9-9A6D-D8F6BFE350F2}" EndProject -Project("{E24C65DC-7377-472B-9ABA-BC803B73C61A}") = "InfoCardRelyingParty", "InfoCardRelyingParty", "{BE7016A8-D1B9-471A-AA53-A3D0CB800D35}" +Project("{E24C65DC-7377-472B-9ABA-BC803B73C61A}") = "InfoCardRelyingParty", "InfoCardRelyingParty\", "{BE7016A8-D1B9-471A-AA53-A3D0CB800D35}" ProjectSection(WebsiteProperties) = preProject TargetFramework = "3.5" Debug.AspNetCompiler.VirtualPath = "/InfoCardRelyingParty" @@ -33,7 +33,7 @@ Project("{E24C65DC-7377-472B-9ABA-BC803B73C61A}") = "InfoCardRelyingParty", "Inf VWDPort = "4490" EndProjectSection EndProject -Project("{E24C65DC-7377-472B-9ABA-BC803B73C61A}") = "OAuthConsumer", "OAuthConsumer", "{5100F73C-3082-4B81-95DD-F443F90B8EA7}" +Project("{E24C65DC-7377-472B-9ABA-BC803B73C61A}") = "OAuthConsumer", "OAuthConsumer\", "{5100F73C-3082-4B81-95DD-F443F90B8EA7}" ProjectSection(WebsiteProperties) = preProject TargetFramework = "3.5" Debug.AspNetCompiler.VirtualPath = "/OAuthConsumer" @@ -53,7 +53,7 @@ Project("{E24C65DC-7377-472B-9ABA-BC803B73C61A}") = "OAuthConsumer", "OAuthConsu VWDPort = "10335" EndProjectSection EndProject -Project("{E24C65DC-7377-472B-9ABA-BC803B73C61A}") = "OAuthServiceProvider", "OAuthServiceProvider", "{DD52C0C8-F986-495A-AAA1-090CFE2F801F}" +Project("{E24C65DC-7377-472B-9ABA-BC803B73C61A}") = "OAuthServiceProvider", "OAuthServiceProvider\", "{DD52C0C8-F986-495A-AAA1-090CFE2F801F}" ProjectSection(WebsiteProperties) = preProject TargetFramework = "3.5" Debug.AspNetCompiler.VirtualPath = "/OAuthServiceProvider" @@ -80,7 +80,7 @@ Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "OpenIdRelyingPartyMvc", "Op EndProject Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "OpenIdRelyingPartyWebForms", "OpenIdRelyingPartyWebForms\OpenIdRelyingPartyWebForms.csproj", "{1E8AEA89-BF69-47A1-B290-E8B0FE588700}" EndProject -Project("{E24C65DC-7377-472B-9ABA-BC803B73C61A}") = "OpenIdRelyingPartyClassicAsp", "OpenIdRelyingPartyClassicAsp", "{9F9A83C3-55FC-42F1-A6B6-15A52BD01FC0}" +Project("{E24C65DC-7377-472B-9ABA-BC803B73C61A}") = "OpenIdRelyingPartyClassicAsp", "OpenIdRelyingPartyClassicAsp\", "{9F9A83C3-55FC-42F1-A6B6-15A52BD01FC0}" ProjectSection(WebsiteProperties) = preProject TargetFramework = "2.0" Debug.AspNetCompiler.VirtualPath = "/OpenIdRelyingPartyClassicAsp" @@ -100,6 +100,12 @@ Project("{E24C65DC-7377-472B-9ABA-BC803B73C61A}") = "OpenIdRelyingPartyClassicAs VWDPort = "10318" EndProjectSection EndProject +Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "OpenIdWebRingSsoProvider", "OpenIdWebRingSsoProvider\OpenIdWebRingSsoProvider.csproj", "{0B4EB2A8-283D-48FB-BCD0-85B8DFFE05E4}" +EndProject +Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "OpenIdWebRingSsoRelyingParty", "OpenIdWebRingSsoRelyingParty\OpenIdWebRingSsoRelyingParty.csproj", "{B64A1E7E-6A15-4B91-AF13-7D48F7DA5942}" +EndProject +Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "OpenIdOfflineProvider", "OpenIdOfflineProvider\OpenIdOfflineProvider.csproj", "{5C65603B-235F-47E6-B536-06385C60DE7F}" +EndProject Global GlobalSection(SolutionConfigurationPlatforms) = preSolution CodeAnalysis|Any CPU = CodeAnalysis|Any CPU @@ -167,6 +173,24 @@ Global {9F9A83C3-55FC-42F1-A6B6-15A52BD01FC0}.Debug|Any CPU.Build.0 = Debug|Any CPU {9F9A83C3-55FC-42F1-A6B6-15A52BD01FC0}.Release|Any CPU.ActiveCfg = Debug|Any CPU {9F9A83C3-55FC-42F1-A6B6-15A52BD01FC0}.Release|Any CPU.Build.0 = Debug|Any CPU + {0B4EB2A8-283D-48FB-BCD0-85B8DFFE05E4}.CodeAnalysis|Any CPU.ActiveCfg = Release|Any CPU + {0B4EB2A8-283D-48FB-BCD0-85B8DFFE05E4}.CodeAnalysis|Any CPU.Build.0 = Release|Any CPU + {0B4EB2A8-283D-48FB-BCD0-85B8DFFE05E4}.Debug|Any CPU.ActiveCfg = Debug|Any CPU + {0B4EB2A8-283D-48FB-BCD0-85B8DFFE05E4}.Debug|Any CPU.Build.0 = Debug|Any CPU + {0B4EB2A8-283D-48FB-BCD0-85B8DFFE05E4}.Release|Any CPU.ActiveCfg = Release|Any CPU + {0B4EB2A8-283D-48FB-BCD0-85B8DFFE05E4}.Release|Any CPU.Build.0 = Release|Any CPU + {B64A1E7E-6A15-4B91-AF13-7D48F7DA5942}.CodeAnalysis|Any CPU.ActiveCfg = Release|Any CPU + {B64A1E7E-6A15-4B91-AF13-7D48F7DA5942}.CodeAnalysis|Any CPU.Build.0 = Release|Any CPU + {B64A1E7E-6A15-4B91-AF13-7D48F7DA5942}.Debug|Any CPU.ActiveCfg = Debug|Any CPU + {B64A1E7E-6A15-4B91-AF13-7D48F7DA5942}.Debug|Any CPU.Build.0 = Debug|Any CPU + {B64A1E7E-6A15-4B91-AF13-7D48F7DA5942}.Release|Any CPU.ActiveCfg = Release|Any CPU + {B64A1E7E-6A15-4B91-AF13-7D48F7DA5942}.Release|Any CPU.Build.0 = Release|Any CPU + {5C65603B-235F-47E6-B536-06385C60DE7F}.CodeAnalysis|Any CPU.ActiveCfg = Release|Any CPU + {5C65603B-235F-47E6-B536-06385C60DE7F}.CodeAnalysis|Any CPU.Build.0 = Release|Any CPU + {5C65603B-235F-47E6-B536-06385C60DE7F}.Debug|Any CPU.ActiveCfg = Debug|Any CPU + {5C65603B-235F-47E6-B536-06385C60DE7F}.Debug|Any CPU.Build.0 = Debug|Any CPU + {5C65603B-235F-47E6-B536-06385C60DE7F}.Release|Any CPU.ActiveCfg = Release|Any CPU + {5C65603B-235F-47E6-B536-06385C60DE7F}.Release|Any CPU.Build.0 = Release|Any CPU EndGlobalSection GlobalSection(SolutionProperties) = preSolution HideSolutionNode = FALSE @@ -177,6 +201,9 @@ Global {07B193F1-68AD-4E9C-98AF-BEFB5E9403CB} = {A4059F7E-8E6F-4FA2-A1D5-1B9B46C93F82} {1E8AEA89-BF69-47A1-B290-E8B0FE588700} = {A4059F7E-8E6F-4FA2-A1D5-1B9B46C93F82} {9F9A83C3-55FC-42F1-A6B6-15A52BD01FC0} = {A4059F7E-8E6F-4FA2-A1D5-1B9B46C93F82} + {0B4EB2A8-283D-48FB-BCD0-85B8DFFE05E4} = {A4059F7E-8E6F-4FA2-A1D5-1B9B46C93F82} + {B64A1E7E-6A15-4B91-AF13-7D48F7DA5942} = {A4059F7E-8E6F-4FA2-A1D5-1B9B46C93F82} + {5C65603B-235F-47E6-B536-06385C60DE7F} = {A4059F7E-8E6F-4FA2-A1D5-1B9B46C93F82} {5100F73C-3082-4B81-95DD-F443F90B8EA7} = {812D828E-C91A-45AB-BAE9-3FC6D9560F9F} {DD52C0C8-F986-495A-AAA1-090CFE2F801F} = {812D828E-C91A-45AB-BAE9-3FC6D9560F9F} {6EC36418-DBC5-4AD1-A402-413604AA7A08} = {812D828E-C91A-45AB-BAE9-3FC6D9560F9F} |
