diff options
Diffstat (limited to 'samples')
36 files changed, 1488 insertions, 19 deletions
diff --git a/samples/OAuthConsumer/Twitter.aspx.cs b/samples/OAuthConsumer/Twitter.aspx.cs index a4fb0cb..9b9eced 100644 --- a/samples/OAuthConsumer/Twitter.aspx.cs +++ b/samples/OAuthConsumer/Twitter.aspx.cs @@ -54,7 +54,7 @@ public partial class Twitter : System.Web.UI.Page { protected void downloadUpdates_Click(object sender, EventArgs e) { var twitter = new WebConsumer(TwitterConsumer.ServiceDescription, this.TokenManager); - XPathDocument updates = new XPathDocument(TwitterConsumer.GetUpdates(twitter, AccessToken).CreateReader()); + XPathDocument updates = new XPathDocument(TwitterConsumer.GetUpdates(twitter, this.AccessToken).CreateReader()); XPathNavigator nav = updates.CreateNavigator(); var parsedUpdates = from status in nav.Select("/statuses/status").OfType<XPathNavigator>() where !status.SelectSingleNode("user/protected").ValueAsBoolean diff --git a/samples/OpenIdOfflineProvider/OpenIdOfflineProvider.csproj b/samples/OpenIdOfflineProvider/OpenIdOfflineProvider.csproj index 43a8093..472135c 100644 --- a/samples/OpenIdOfflineProvider/OpenIdOfflineProvider.csproj +++ b/samples/OpenIdOfflineProvider/OpenIdOfflineProvider.csproj @@ -1,8 +1,12 @@ <?xml version="1.0" encoding="utf-8"?> <Project ToolsVersion="3.5" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003"> <PropertyGroup> + <ProjectRoot Condition="'$(ProjectRoot)' == ''">$(MSBuildProjectDirectory)\..\..\</ProjectRoot> <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration> <Platform Condition=" '$(Platform)' == '' ">AnyCPU</Platform> + </PropertyGroup> + <Import Project="$(ProjectRoot)tools\DotNetOpenAuth.props" /> + <PropertyGroup> <ProductVersion>9.0.30729</ProductVersion> <SchemaVersion>2.0</SchemaVersion> <ProjectGuid>{5C65603B-235F-47E6-B536-06385C60DE7F}</ProjectGuid> @@ -21,7 +25,6 @@ <DebugSymbols>true</DebugSymbols> <DebugType>full</DebugType> <Optimize>false</Optimize> - <OutputPath>bin\Debug\</OutputPath> <DefineConstants>DEBUG;TRACE</DefineConstants> <ErrorReport>prompt</ErrorReport> <WarningLevel>4</WarningLevel> @@ -52,14 +55,10 @@ <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Release|AnyCPU' "> <DebugType>pdbonly</DebugType> <Optimize>true</Optimize> - <OutputPath>bin\Release\</OutputPath> <DefineConstants>TRACE</DefineConstants> <ErrorReport>prompt</ErrorReport> <WarningLevel>4</WarningLevel> </PropertyGroup> - <PropertyGroup> - <SignAssembly>true</SignAssembly> - </PropertyGroup> <ItemGroup> <Reference Include="log4net, Version=1.2.10.0, Culture=neutral, PublicKeyToken=1b44e1d426115821, processorArchitecture=MSIL"> <SpecificVersion>False</SpecificVersion> @@ -159,5 +158,5 @@ <Resource Include="openid.ico" /> </ItemGroup> <Import Project="$(MSBuildToolsPath)\Microsoft.CSharp.targets" /> - <Import Project="..\..\tools\DotNetOpenAuth.Versioning.targets" /> + <Import Project="$(ProjectRoot)tools\DotNetOpenAuth.targets" /> </Project> diff --git a/samples/OpenIdOfflineProvider/TextBoxTextWriter.cs b/samples/OpenIdOfflineProvider/TextBoxTextWriter.cs index 8118986..5319a78 100644 --- a/samples/OpenIdOfflineProvider/TextBoxTextWriter.cs +++ b/samples/OpenIdOfflineProvider/TextBoxTextWriter.cs @@ -71,7 +71,7 @@ namespace DotNetOpenAuth.OpenIdOfflineProvider { /// Verifies conditions that should be true for any valid state of this object. /// </summary> [ContractInvariantMethod] - protected void ObjectInvariant() { + private void ObjectInvariant() { Contract.Invariant(this.Box != null); } diff --git a/samples/OpenIdProviderWebForms/ProfileFields.ascx.cs b/samples/OpenIdProviderWebForms/ProfileFields.ascx.cs index 893830f..6954aa6 100644 --- a/samples/OpenIdProviderWebForms/ProfileFields.ascx.cs +++ b/samples/OpenIdProviderWebForms/ProfileFields.ascx.cs @@ -76,15 +76,15 @@ namespace OpenIdProviderWebForms { this.privacyLink.Visible = false; } - this.dobRequiredLabel.Visible = (requestFields.BirthDate == DemandLevel.Require); - this.countryRequiredLabel.Visible = (requestFields.Country == DemandLevel.Require); - this.emailRequiredLabel.Visible = (requestFields.Email == DemandLevel.Require); - this.fullnameRequiredLabel.Visible = (requestFields.FullName == DemandLevel.Require); - this.genderRequiredLabel.Visible = (requestFields.Gender == DemandLevel.Require); - this.languageRequiredLabel.Visible = (requestFields.Language == DemandLevel.Require); - this.nicknameRequiredLabel.Visible = (requestFields.Nickname == DemandLevel.Require); - this.postcodeRequiredLabel.Visible = (requestFields.PostalCode == DemandLevel.Require); - this.timezoneRequiredLabel.Visible = (requestFields.TimeZone == DemandLevel.Require); + this.dobRequiredLabel.Visible = requestFields.BirthDate == DemandLevel.Require; + this.countryRequiredLabel.Visible = requestFields.Country == DemandLevel.Require; + this.emailRequiredLabel.Visible = requestFields.Email == DemandLevel.Require; + this.fullnameRequiredLabel.Visible = requestFields.FullName == DemandLevel.Require; + this.genderRequiredLabel.Visible = requestFields.Gender == DemandLevel.Require; + this.languageRequiredLabel.Visible = requestFields.Language == DemandLevel.Require; + this.nicknameRequiredLabel.Visible = requestFields.Nickname == DemandLevel.Require; + this.postcodeRequiredLabel.Visible = requestFields.PostalCode == DemandLevel.Require; + this.timezoneRequiredLabel.Visible = requestFields.TimeZone == DemandLevel.Require; this.dateOfBirthRow.Visible = !(requestFields.BirthDate == DemandLevel.NoRequest); this.countryRow.Visible = !(requestFields.Country == DemandLevel.NoRequest); diff --git a/samples/OpenIdProviderWebForms/Web.config b/samples/OpenIdProviderWebForms/Web.config index 845f541..a978dc7 100644 --- a/samples/OpenIdProviderWebForms/Web.config +++ b/samples/OpenIdProviderWebForms/Web.config @@ -85,8 +85,8 @@ </providers> </membership> <authentication mode="Forms"> - <forms name="ProviderSession"/> <!-- named cookie prevents conflicts with other samples --> + <forms name="OpenIdProviderWebForms"/> </authentication> <customErrors mode="RemoteOnly"/> <!-- Trust level discussion: diff --git a/samples/OpenIdRelyingPartyWebForms/ajaxlogin.aspx.cs b/samples/OpenIdRelyingPartyWebForms/ajaxlogin.aspx.cs index 78d08f3..f7d44d5 100644 --- a/samples/OpenIdRelyingPartyWebForms/ajaxlogin.aspx.cs +++ b/samples/OpenIdRelyingPartyWebForms/ajaxlogin.aspx.cs @@ -18,7 +18,7 @@ } protected void OpenIdAjaxTextBox1_LoggedIn(object sender, OpenIdEventArgs e) { - Label label = ((Label)this.commentSubmitted.FindControl("emailLabel")); + Label label = (Label)this.commentSubmitted.FindControl("emailLabel"); label.Text = e.Response.FriendlyIdentifierForDisplay; // We COULD get the sreg extension response here for the email, but since we let the user diff --git a/samples/OpenIdWebRingSsoProvider/Code/Util.cs b/samples/OpenIdWebRingSsoProvider/Code/Util.cs new file mode 100644 index 0000000..07064a2 --- /dev/null +++ b/samples/OpenIdWebRingSsoProvider/Code/Util.cs @@ -0,0 +1,87 @@ +//----------------------------------------------------------------------- +// <copyright file="Util.cs" company="Andrew Arnott"> +// Copyright (c) Andrew Arnott. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- + +namespace OpenIdWebRingSsoProvider.Code { + using System; + using System.Configuration; + using System.Web; + using DotNetOpenAuth.OpenId; + using DotNetOpenAuth.OpenId.Extensions.AttributeExchange; + using DotNetOpenAuth.OpenId.Provider; + + public class Util { + private const string RolesAttribute = "http://samples.dotnetopenauth.net/sso/roles"; + + public static string ExtractUserName(Uri url) { + return url.Segments[url.Segments.Length - 1]; + } + + public static string ExtractUserName(Identifier identifier) { + return ExtractUserName(new Uri(identifier.ToString())); + } + + public static Identifier BuildIdentityUrl() { + string username = HttpContext.Current.User.Identity.Name; + int slash = username.IndexOf('\\'); + if (slash >= 0) { + username = username.Substring(slash + 1); + } + return BuildIdentityUrl(username); + } + + public static Identifier BuildIdentityUrl(string username) { + // This sample Provider has a custom policy for normalizing URIs, which is that the whole + // path of the URI be lowercase except for the first letter of the username. + username = username.Substring(0, 1).ToUpperInvariant() + username.Substring(1).ToLowerInvariant(); + return new Uri(HttpContext.Current.Request.Url, HttpContext.Current.Response.ApplyAppPathModifier("~/user.aspx/" + username)); + } + + internal static void ProcessAuthenticationChallenge(IAuthenticationRequest idrequest) { + // Verify that RP discovery is successful. + if (idrequest.IsReturnUrlDiscoverable(ProviderEndpoint.Provider) != RelyingPartyDiscoveryResult.Success) { + idrequest.IsAuthenticated = false; + return; + } + + // Verify that the RP is on the whitelist. Realms are case sensitive. + string[] whitelist = ConfigurationManager.AppSettings["whitelistedRealms"].Split(';'); + if (Array.IndexOf(whitelist, idrequest.Realm.ToString()) < 0) { + idrequest.IsAuthenticated = false; + return; + } + + if (idrequest.IsDirectedIdentity) { + if (HttpContext.Current.User.Identity.IsAuthenticated) { + idrequest.LocalIdentifier = Util.BuildIdentityUrl(); + idrequest.IsAuthenticated = true; + } else { + idrequest.IsAuthenticated = false; + } + } else { + string userOwningOpenIdUrl = Util.ExtractUserName(idrequest.LocalIdentifier); + + // NOTE: in a production provider site, you may want to only + // respond affirmatively if the user has already authorized this consumer + // to know the answer. + idrequest.IsAuthenticated = userOwningOpenIdUrl == HttpContext.Current.User.Identity.Name; + } + + if (idrequest.IsAuthenticated.Value) { + // add extension responses here. + var fetchRequest = idrequest.GetExtension<FetchRequest>(); + if (fetchRequest != null) { + var fetchResponse = new FetchResponse(); + if (fetchRequest.Attributes.Contains(RolesAttribute)) { + // Inform the RP what roles this user should fill + // These roles would normally come out of the user database. + fetchResponse.Attributes.Add(RolesAttribute, "Member", "Admin"); + } + idrequest.AddResponseExtension(fetchResponse); + } + } + } + } +}
\ No newline at end of file diff --git a/samples/OpenIdWebRingSsoProvider/Default.aspx b/samples/OpenIdWebRingSsoProvider/Default.aspx new file mode 100644 index 0000000..9bddc98 --- /dev/null +++ b/samples/OpenIdWebRingSsoProvider/Default.aspx @@ -0,0 +1,25 @@ +<%@ Page Language="C#" AutoEventWireup="true" CodeBehind="Default.aspx.cs" Inherits="OpenIdWebRingSsoProvider._Default" %> + +<%@ Register Assembly="DotNetOpenAuth" Namespace="DotNetOpenAuth" TagPrefix="openid" %> +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> +<html xmlns="http://www.w3.org/1999/xhtml"> +<head runat="server"> + <title></title> + <openid:XrdsPublisher ID="XrdsPublisher1" runat="server" XrdsUrl="~/op_xrds.aspx" /> +</head> +<body> + <form id="form1" runat="server"> + <p> + This sample is of an OpenID Provider that acts within a controlled set of web + sites (perhaps all belonging to the same organization). It authenticates + the user in its own way (Windows Auth, username/password, InfoCard, X.509, + anything), and then sends an automatically OpenID assertion to a limited set of + whitelisted RPs without prompting the user. + </p> + <p> + This particular sample uses Windows Authentication so that when the user visits + an RP and the RP sends the user to this OP for authentication, the process is + completely implicit -- the user never sees the OP.</p> + </form> +</body> +</html> diff --git a/samples/OpenIdWebRingSsoProvider/Default.aspx.cs b/samples/OpenIdWebRingSsoProvider/Default.aspx.cs new file mode 100644 index 0000000..1f64fea --- /dev/null +++ b/samples/OpenIdWebRingSsoProvider/Default.aspx.cs @@ -0,0 +1,13 @@ +namespace OpenIdWebRingSsoProvider { + using System; + using System.Collections.Generic; + using System.Linq; + using System.Web; + using System.Web.UI; + using System.Web.UI.WebControls; + + public partial class _Default : System.Web.UI.Page { + protected void Page_Load(object sender, EventArgs e) { + } + } +} diff --git a/samples/OpenIdWebRingSsoProvider/Default.aspx.designer.cs b/samples/OpenIdWebRingSsoProvider/Default.aspx.designer.cs new file mode 100644 index 0000000..b2f84f7 --- /dev/null +++ b/samples/OpenIdWebRingSsoProvider/Default.aspx.designer.cs @@ -0,0 +1,34 @@ +//------------------------------------------------------------------------------ +// <auto-generated> +// This code was generated by a tool. +// Runtime Version:2.0.50727.4927 +// +// Changes to this file may cause incorrect behavior and will be lost if +// the code is regenerated. +// </auto-generated> +//------------------------------------------------------------------------------ + +namespace OpenIdWebRingSsoProvider { + + + public partial class _Default { + + /// <summary> + /// XrdsPublisher1 control. + /// </summary> + /// <remarks> + /// Auto-generated field. + /// To modify move field declaration from designer file to code-behind file. + /// </remarks> + protected global::DotNetOpenAuth.XrdsPublisher XrdsPublisher1; + + /// <summary> + /// form1 control. + /// </summary> + /// <remarks> + /// Auto-generated field. + /// To modify move field declaration from designer file to code-behind file. + /// </remarks> + protected global::System.Web.UI.HtmlControls.HtmlForm form1; + } +} diff --git a/samples/OpenIdWebRingSsoProvider/OpenIdWebRingSsoProvider.csproj b/samples/OpenIdWebRingSsoProvider/OpenIdWebRingSsoProvider.csproj new file mode 100644 index 0000000..29963c4 --- /dev/null +++ b/samples/OpenIdWebRingSsoProvider/OpenIdWebRingSsoProvider.csproj @@ -0,0 +1,125 @@ +<Project ToolsVersion="3.5" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003"> + <PropertyGroup> + <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration> + <Platform Condition=" '$(Platform)' == '' ">AnyCPU</Platform> + <ProductVersion>9.0.30729</ProductVersion> + <SchemaVersion>2.0</SchemaVersion> + <ProjectGuid>{0B4EB2A8-283D-48FB-BCD0-85B8DFFE05E4}</ProjectGuid> + <ProjectTypeGuids>{349c5851-65df-11da-9384-00065b846f21};{fae04ec0-301f-11d3-bf4b-00c04f79efbc}</ProjectTypeGuids> + <OutputType>Library</OutputType> + <AppDesignerFolder>Properties</AppDesignerFolder> + <RootNamespace>OpenIdWebRingSsoProvider</RootNamespace> + <AssemblyName>OpenIdWebRingSsoProvider</AssemblyName> + <TargetFrameworkVersion>v3.5</TargetFrameworkVersion> + </PropertyGroup> + <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' "> + <DebugSymbols>true</DebugSymbols> + <DebugType>full</DebugType> + <Optimize>false</Optimize> + <OutputPath>bin\</OutputPath> + <DefineConstants>DEBUG;TRACE</DefineConstants> + <ErrorReport>prompt</ErrorReport> + <WarningLevel>4</WarningLevel> + </PropertyGroup> + <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Release|AnyCPU' "> + <DebugType>pdbonly</DebugType> + <Optimize>true</Optimize> + <OutputPath>bin\</OutputPath> + <DefineConstants>TRACE</DefineConstants> + <ErrorReport>prompt</ErrorReport> + <WarningLevel>4</WarningLevel> + </PropertyGroup> + <ItemGroup> + <Reference Include="System" /> + <Reference Include="System.Data" /> + <Reference Include="System.Core"> + <RequiredTargetFramework>3.5</RequiredTargetFramework> + </Reference> + <Reference Include="System.Data.DataSetExtensions"> + <RequiredTargetFramework>3.5</RequiredTargetFramework> + </Reference> + <Reference Include="System.Web.Extensions"> + <RequiredTargetFramework>3.5</RequiredTargetFramework> + </Reference> + <Reference Include="System.Xml.Linq"> + <RequiredTargetFramework>3.5</RequiredTargetFramework> + </Reference> + <Reference Include="System.Drawing" /> + <Reference Include="System.Web" /> + <Reference Include="System.Xml" /> + <Reference Include="System.Configuration" /> + <Reference Include="System.Web.Services" /> + <Reference Include="System.EnterpriseServices" /> + <Reference Include="System.Web.Mobile" /> + </ItemGroup> + <ItemGroup> + <Content Include="Default.aspx" /> + <Content Include="op_xrds.aspx" /> + <Content Include="Server.aspx" /> + <Content Include="user.aspx" /> + <Content Include="user_xrds.aspx" /> + <Content Include="Web.config" /> + </ItemGroup> + <ItemGroup> + <Compile Include="Code\Util.cs" /> + <Compile Include="Default.aspx.cs"> + <SubType>ASPXCodeBehind</SubType> + <DependentUpon>Default.aspx</DependentUpon> + </Compile> + <Compile Include="Default.aspx.designer.cs"> + <DependentUpon>Default.aspx</DependentUpon> + </Compile> + <Compile Include="Properties\AssemblyInfo.cs" /> + <Compile Include="Server.aspx.cs"> + <DependentUpon>Server.aspx</DependentUpon> + <SubType>ASPXCodeBehind</SubType> + </Compile> + <Compile Include="Server.aspx.designer.cs"> + <DependentUpon>Server.aspx</DependentUpon> + </Compile> + <Compile Include="user.aspx.cs"> + <DependentUpon>user.aspx</DependentUpon> + <SubType>ASPXCodeBehind</SubType> + </Compile> + <Compile Include="user.aspx.designer.cs"> + <DependentUpon>user.aspx</DependentUpon> + </Compile> + </ItemGroup> + <ItemGroup> + <ProjectReference Include="..\..\src\DotNetOpenAuth\DotNetOpenAuth.csproj"> + <Project>{3191B653-F76D-4C1A-9A5A-347BC3AAAAB7}</Project> + <Name>DotNetOpenAuth</Name> + </ProjectReference> + </ItemGroup> + <ItemGroup> + <Folder Include="App_Data\" /> + </ItemGroup> + <Import Project="$(MSBuildBinPath)\Microsoft.CSharp.targets" /> + <Import Project="$(MSBuildExtensionsPath)\Microsoft\VisualStudio\v9.0\WebApplications\Microsoft.WebApplication.targets" /> + <!-- To modify your build process, add your task inside one of the targets below and uncomment it. + Other similar extension points exist, see Microsoft.Common.targets. + <Target Name="BeforeBuild"> + </Target> + <Target Name="AfterBuild"> + </Target> + --> + <ProjectExtensions> + <VisualStudio> + <FlavorProperties GUID="{349c5851-65df-11da-9384-00065b846f21}"> + <WebProjectProperties> + <UseIIS>False</UseIIS> + <AutoAssignPort>False</AutoAssignPort> + <DevelopmentServerPort>39167</DevelopmentServerPort> + <DevelopmentServerVPath>/</DevelopmentServerVPath> + <IISUrl> + </IISUrl> + <NTLMAuthentication>False</NTLMAuthentication> + <UseCustomServer>False</UseCustomServer> + <CustomServerUrl> + </CustomServerUrl> + <SaveServerSettingsInUserFile>False</SaveServerSettingsInUserFile> + </WebProjectProperties> + </FlavorProperties> + </VisualStudio> + </ProjectExtensions> +</Project>
\ No newline at end of file diff --git a/samples/OpenIdWebRingSsoProvider/Properties/AssemblyInfo.cs b/samples/OpenIdWebRingSsoProvider/Properties/AssemblyInfo.cs new file mode 100644 index 0000000..41e7441 --- /dev/null +++ b/samples/OpenIdWebRingSsoProvider/Properties/AssemblyInfo.cs @@ -0,0 +1,35 @@ +using System.Reflection; +using System.Runtime.CompilerServices; +using System.Runtime.InteropServices; + +// General Information about an assembly is controlled through the following +// set of attributes. Change these attribute values to modify the information +// associated with an assembly. +[assembly: AssemblyTitle("OpenIdWebRingSsoProvider")] +[assembly: AssemblyDescription("")] +[assembly: AssemblyConfiguration("")] +[assembly: AssemblyCompany("Microsoft IT")] +[assembly: AssemblyProduct("OpenIdWebRingSsoProvider")] +[assembly: AssemblyCopyright("Copyright © Microsoft IT 2009")] +[assembly: AssemblyTrademark("")] +[assembly: AssemblyCulture("")] + +// Setting ComVisible to false makes the types in this assembly not visible +// to COM components. If you need to access a type in this assembly from +// COM, set the ComVisible attribute to true on that type. +[assembly: ComVisible(false)] + +// The following GUID is for the ID of the typelib if this project is exposed to COM +[assembly: Guid("3d5900ae-111a-45be-96b3-d9e4606ca793")] + +// Version information for an assembly consists of the following four values: +// +// Major Version +// Minor Version +// Build Number +// Revision +// +// You can specify all the values or you can default the Revision and Build Numbers +// by using the '*' as shown below: +[assembly: AssemblyVersion("1.0.0.0")] +[assembly: AssemblyFileVersion("1.0.0.0")] diff --git a/samples/OpenIdWebRingSsoProvider/Server.aspx b/samples/OpenIdWebRingSsoProvider/Server.aspx new file mode 100644 index 0000000..0665320 --- /dev/null +++ b/samples/OpenIdWebRingSsoProvider/Server.aspx @@ -0,0 +1,17 @@ +<%@ Page Language="C#" AutoEventWireup="true" CodeBehind="Server.aspx.cs" Inherits="OpenIdWebRingSsoProvider.Server" %> + +<%@ Register Assembly="DotNetOpenAuth" Namespace="DotNetOpenAuth.OpenId.Provider" + TagPrefix="openid" %> +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> +<html xmlns="http://www.w3.org/1999/xhtml"> +<head runat="server"> + <title></title> + <openid:ProviderEndpoint runat="server" ID="providerEndpoint1" OnAuthenticationChallenge="providerEndpoint1_AuthenticationChallenge" /> +</head> +<body> + <form id="form1" runat="server"> + <div> + </div> + </form> +</body> +</html> diff --git a/samples/OpenIdWebRingSsoProvider/Server.aspx.cs b/samples/OpenIdWebRingSsoProvider/Server.aspx.cs new file mode 100644 index 0000000..101e608 --- /dev/null +++ b/samples/OpenIdWebRingSsoProvider/Server.aspx.cs @@ -0,0 +1,19 @@ +namespace OpenIdWebRingSsoProvider { + using System; + using System.Collections.Generic; + using System.Linq; + using System.Web; + using System.Web.UI; + using System.Web.UI.WebControls; + using DotNetOpenAuth.OpenId.Provider; + using OpenIdWebRingSsoProvider.Code; + + public partial class Server : System.Web.UI.Page { + protected void Page_Load(object sender, EventArgs e) { + } + + protected void providerEndpoint1_AuthenticationChallenge(object sender, AuthenticationChallengeEventArgs e) { + Util.ProcessAuthenticationChallenge(e.Request); + } + } +} diff --git a/samples/OpenIdWebRingSsoProvider/Server.aspx.designer.cs b/samples/OpenIdWebRingSsoProvider/Server.aspx.designer.cs new file mode 100644 index 0000000..0fdea16 --- /dev/null +++ b/samples/OpenIdWebRingSsoProvider/Server.aspx.designer.cs @@ -0,0 +1,34 @@ +//------------------------------------------------------------------------------ +// <auto-generated> +// This code was generated by a tool. +// Runtime Version:2.0.50727.4927 +// +// Changes to this file may cause incorrect behavior and will be lost if +// the code is regenerated. +// </auto-generated> +//------------------------------------------------------------------------------ + +namespace OpenIdWebRingSsoProvider { + + + public partial class Server { + + /// <summary> + /// providerEndpoint1 control. + /// </summary> + /// <remarks> + /// Auto-generated field. + /// To modify move field declaration from designer file to code-behind file. + /// </remarks> + protected global::DotNetOpenAuth.OpenId.Provider.ProviderEndpoint providerEndpoint1; + + /// <summary> + /// form1 control. + /// </summary> + /// <remarks> + /// Auto-generated field. + /// To modify move field declaration from designer file to code-behind file. + /// </remarks> + protected global::System.Web.UI.HtmlControls.HtmlForm form1; + } +} diff --git a/samples/OpenIdWebRingSsoProvider/Web.config b/samples/OpenIdWebRingSsoProvider/Web.config new file mode 100644 index 0000000..c32e0e3 --- /dev/null +++ b/samples/OpenIdWebRingSsoProvider/Web.config @@ -0,0 +1,169 @@ +<?xml version="1.0"?> +<configuration> + <configSections> + <section name="uri" type="System.Configuration.UriSection, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"/> + <section name="log4net" type="log4net.Config.Log4NetConfigurationSectionHandler" requirePermission="false"/> + <section name="dotNetOpenAuth" type="DotNetOpenAuth.Configuration.DotNetOpenAuthSection" requirePermission="false" allowLocation="true"/> + <sectionGroup name="system.web.extensions" type="System.Web.Configuration.SystemWebExtensionsSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"> + <sectionGroup name="scripting" type="System.Web.Configuration.ScriptingSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"> + <section name="scriptResourceHandler" type="System.Web.Configuration.ScriptingScriptResourceHandlerSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication"/> + <sectionGroup name="webServices" type="System.Web.Configuration.ScriptingWebServicesSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"> + <section name="jsonSerialization" type="System.Web.Configuration.ScriptingJsonSerializationSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="Everywhere" /> + <section name="profileService" type="System.Web.Configuration.ScriptingProfileServiceSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication" /> + <section name="authenticationService" type="System.Web.Configuration.ScriptingAuthenticationServiceSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication" /> + <section name="roleService" type="System.Web.Configuration.ScriptingRoleServiceSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication" /> + </sectionGroup> + </sectionGroup> + </sectionGroup> + </configSections> + + <!-- The uri section is necessary to turn on .NET 3.5 support for IDN (international domain names), + which is necessary for OpenID urls with unicode characters in the domain/host name. + It is also required to put the Uri class into RFC 3986 escaping mode, which OpenID and OAuth require. --> + <uri> + <idn enabled="All"/> + <iriParsing enabled="true"/> + </uri> + + <system.net> + <defaultProxy enabled="true" /> + <settings> + <!-- This setting causes .NET to check certificate revocation lists (CRL) + before trusting HTTPS certificates. But this setting tends to not + be allowed in shared hosting environments. --> + <!--<servicePointManager checkCertificateRevocationList="true"/>--> + </settings> + </system.net> + + <!-- this is an optional configuration section where aspects of DotNetOpenAuth can be customized --> + <dotNetOpenAuth> + <openid> + <provider> + <security requireSsl="false" /> + <behaviors> + <!-- Behaviors activate themselves automatically for individual matching requests. + The first one in this list to match an incoming request "owns" the request. If no + profile matches, the default behavior is assumed. --> + <!--<add type="DotNetOpenAuth.OpenId.Behaviors.PpidGeneration, DotNetOpenAuth" />--> + </behaviors> + </provider> + </openid> + <messaging> + <untrustedWebRequest> + <whitelistHosts> + <!-- since this is a sample, and will often be used with localhost --> + <add name="localhost"/> + </whitelistHosts> + </untrustedWebRequest> + </messaging> + <!-- Allow DotNetOpenAuth to publish usage statistics to library authors to improve the library. --> + <reporting enabled="true" /> + </dotNetOpenAuth> + + <appSettings> + <add key="whitelistedRealms" value="http://localhost:39165/;http://othertrustedrealm/"/> + </appSettings> + <connectionStrings/> + + <system.web> + <!-- + Set compilation debug="true" to insert debugging + symbols into the compiled page. Because this + affects performance, set this value to true only + during development. + --> + <compilation debug="false"> + + <assemblies> + <add assembly="System.Core, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/> + <add assembly="System.Data.DataSetExtensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/> + <add assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> + <add assembly="System.Xml.Linq, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/> + </assemblies> + + </compilation> + <!-- + The <authentication> section enables configuration + of the security authentication mode used by + ASP.NET to identify an incoming user. + --> + <authentication mode="Windows" /> + <!-- + The <customErrors> section enables configuration + of what to do if/when an unhandled error occurs + during the execution of a request. Specifically, + it enables developers to configure html error pages + to be displayed in place of a error stack trace. + + <customErrors mode="RemoteOnly" defaultRedirect="GenericErrorPage.htm"> + <error statusCode="403" redirect="NoAccess.htm" /> + <error statusCode="404" redirect="FileNotFound.htm" /> + </customErrors> + --> + + <pages> + <controls> + <add tagPrefix="asp" namespace="System.Web.UI" assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> + <add tagPrefix="asp" namespace="System.Web.UI.WebControls" assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> + </controls> + </pages> + + <httpHandlers> + <remove verb="*" path="*.asmx"/> + <add verb="*" path="*.asmx" validate="false" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> + <add verb="*" path="*_AppService.axd" validate="false" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> + <add verb="GET,HEAD" path="ScriptResource.axd" type="System.Web.Handlers.ScriptResourceHandler, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" validate="false"/> + </httpHandlers> + <httpModules> + <add name="ScriptModule" type="System.Web.Handlers.ScriptModule, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> + </httpModules> + + </system.web> + + <system.codedom> + <compilers> + <compiler language="c#;cs;csharp" extension=".cs" warningLevel="4" + type="Microsoft.CSharp.CSharpCodeProvider, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"> + <providerOption name="CompilerVersion" value="v3.5"/> + <providerOption name="WarnAsError" value="false"/> + </compiler> + </compilers> + </system.codedom> + + <!-- + The system.webServer section is required for running ASP.NET AJAX under Internet + Information Services 7.0. It is not necessary for previous version of IIS. + --> + <system.webServer> + <validation validateIntegratedModeConfiguration="false"/> + <modules> + <remove name="ScriptModule" /> + <add name="ScriptModule" preCondition="managedHandler" type="System.Web.Handlers.ScriptModule, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> + </modules> + <handlers> + <remove name="WebServiceHandlerFactory-Integrated"/> + <remove name="ScriptHandlerFactory" /> + <remove name="ScriptHandlerFactoryAppServices" /> + <remove name="ScriptResource" /> + <add name="ScriptHandlerFactory" verb="*" path="*.asmx" preCondition="integratedMode" + type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> + <add name="ScriptHandlerFactoryAppServices" verb="*" path="*_AppService.axd" preCondition="integratedMode" + type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> + <add name="ScriptResource" preCondition="integratedMode" verb="GET,HEAD" path="ScriptResource.axd" type="System.Web.Handlers.ScriptResourceHandler, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" /> + </handlers> + </system.webServer> + + <runtime> + <assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1"> + <dependentAssembly> + <assemblyIdentity name="System.Web.Extensions" publicKeyToken="31bf3856ad364e35"/> + <bindingRedirect oldVersion="1.0.0.0-1.1.0.0" newVersion="3.5.0.0"/> + </dependentAssembly> + <dependentAssembly> + <assemblyIdentity name="System.Web.Extensions.Design" publicKeyToken="31bf3856ad364e35"/> + <bindingRedirect oldVersion="1.0.0.0-1.1.0.0" newVersion="3.5.0.0"/> + </dependentAssembly> + </assemblyBinding> + </runtime> + +</configuration> diff --git a/samples/OpenIdWebRingSsoProvider/op_xrds.aspx b/samples/OpenIdWebRingSsoProvider/op_xrds.aspx new file mode 100644 index 0000000..afcfc75 --- /dev/null +++ b/samples/OpenIdWebRingSsoProvider/op_xrds.aspx @@ -0,0 +1,19 @@ +<%@ Page Language="C#" AutoEventWireup="true" ContentType="application/xrds+xml" %><?xml version="1.0" encoding="UTF-8"?> +<%-- +This page is a required as part of the service discovery phase of the openid +protocol (step 1). It simply renders the xml for doing service discovery of +server.aspx using the xrds mechanism. +This XRDS doc is discovered via the user.aspx page. +--%> +<xrds:XRDS + xmlns:xrds="xri://$xrds" + xmlns:openid="http://openid.net/xmlns/1.0" + xmlns="xri://$xrd*($v*2.0)"> + <XRD> + <Service priority="10"> + <Type>http://specs.openid.net/auth/2.0/server</Type> + <Type>http://openid.net/extensions/sreg/1.1</Type> + <URI><%=new Uri(Request.Url, Response.ApplyAppPathModifier("~/server.aspx"))%></URI> + </Service> + </XRD> +</xrds:XRDS> diff --git a/samples/OpenIdWebRingSsoProvider/user.aspx b/samples/OpenIdWebRingSsoProvider/user.aspx new file mode 100644 index 0000000..0cef559 --- /dev/null +++ b/samples/OpenIdWebRingSsoProvider/user.aspx @@ -0,0 +1,22 @@ +<%@ Page Language="C#" AutoEventWireup="true" Inherits="OpenIdWebRingSsoProvider.User" + CodeBehind="user.aspx.cs" %> + +<%@ Register Assembly="DotNetOpenAuth" Namespace="DotNetOpenAuth.OpenId.Provider" + TagPrefix="openid" %> +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> +<html xmlns="http://www.w3.org/1999/xhtml"> +<head id="Head1" runat="server"> + <openid:IdentityEndpoint ID="IdentityEndpoint20" runat="server" ProviderEndpointUrl="~/Server.aspx" + XrdsUrl="~/user_xrds.aspx" ProviderVersion="V20" AutoNormalizeRequest="true" + OnNormalizeUri="IdentityEndpoint20_NormalizeUri" /> + <!-- and for backward compatibility with OpenID 1.x RPs... --> + <openid:IdentityEndpoint ID="IdentityEndpoint11" runat="server" ProviderEndpointUrl="~/Server.aspx" + ProviderVersion="V11" /> +</head> +<body> + <p> + OpenID identity page for + <asp:Label runat="server" ID="usernameLabel" EnableViewState="false" /> + </p> +</body> +</html> diff --git a/samples/OpenIdWebRingSsoProvider/user.aspx.cs b/samples/OpenIdWebRingSsoProvider/user.aspx.cs new file mode 100644 index 0000000..8050367 --- /dev/null +++ b/samples/OpenIdWebRingSsoProvider/user.aspx.cs @@ -0,0 +1,23 @@ +namespace OpenIdWebRingSsoProvider { + using System; + using DotNetOpenAuth.OpenId.Provider; + using OpenIdWebRingSsoProvider.Code; + + /// <summary> + /// This page is a required as part of the service discovery phase of the openid protocol (step 1). + /// </summary> + /// <remarks> + /// <para>The XRDS (or Yadis) content is also rendered to provide the consumer with an alternative discovery mechanism. The Yadis protocol allows the consumer + /// to provide the user with a more flexible range of authentication mechanisms (which ever has been defined in xrds.aspx). See http://en.wikipedia.org/wiki/Yadis.</para> + /// </remarks> + public partial class User : System.Web.UI.Page { + protected void Page_Load(object sender, EventArgs e) { + this.usernameLabel.Text = Util.ExtractUserName(Page.Request.Url); + } + + protected void IdentityEndpoint20_NormalizeUri(object sender, IdentityEndpointNormalizationEventArgs e) { + string username = Util.ExtractUserName(Page.Request.Url); + e.NormalizedIdentifier = new Uri(Util.BuildIdentityUrl(username)); + } + } +}
\ No newline at end of file diff --git a/samples/OpenIdWebRingSsoProvider/user.aspx.designer.cs b/samples/OpenIdWebRingSsoProvider/user.aspx.designer.cs new file mode 100644 index 0000000..171c898 --- /dev/null +++ b/samples/OpenIdWebRingSsoProvider/user.aspx.designer.cs @@ -0,0 +1,52 @@ +//------------------------------------------------------------------------------ +// <auto-generated> +// This code was generated by a tool. +// Runtime Version:2.0.50727.4927 +// +// Changes to this file may cause incorrect behavior and will be lost if +// the code is regenerated. +// </auto-generated> +//------------------------------------------------------------------------------ + +namespace OpenIdWebRingSsoProvider { + + + public partial class User { + + /// <summary> + /// Head1 control. + /// </summary> + /// <remarks> + /// Auto-generated field. + /// To modify move field declaration from designer file to code-behind file. + /// </remarks> + protected global::System.Web.UI.HtmlControls.HtmlHead Head1; + + /// <summary> + /// IdentityEndpoint20 control. + /// </summary> + /// <remarks> + /// Auto-generated field. + /// To modify move field declaration from designer file to code-behind file. + /// </remarks> + protected global::DotNetOpenAuth.OpenId.Provider.IdentityEndpoint IdentityEndpoint20; + + /// <summary> + /// IdentityEndpoint11 control. + /// </summary> + /// <remarks> + /// Auto-generated field. + /// To modify move field declaration from designer file to code-behind file. + /// </remarks> + protected global::DotNetOpenAuth.OpenId.Provider.IdentityEndpoint IdentityEndpoint11; + + /// <summary> + /// usernameLabel control. + /// </summary> + /// <remarks> + /// Auto-generated field. + /// To modify move field declaration from designer file to code-behind file. + /// </remarks> + protected global::System.Web.UI.WebControls.Label usernameLabel; + } +} diff --git a/samples/OpenIdWebRingSsoProvider/user_xrds.aspx b/samples/OpenIdWebRingSsoProvider/user_xrds.aspx new file mode 100644 index 0000000..275e413 --- /dev/null +++ b/samples/OpenIdWebRingSsoProvider/user_xrds.aspx @@ -0,0 +1,24 @@ +<%@ Page Language="C#" AutoEventWireup="true" ContentType="application/xrds+xml" %><?xml version="1.0" encoding="UTF-8"?> +<%-- +This page is a required as part of the service discovery phase of the openid +protocol (step 1). It simply renders the xml for doing service discovery of +server.aspx using the xrds mechanism. +This XRDS doc is discovered via the user.aspx page. +--%> +<xrds:XRDS + xmlns:xrds="xri://$xrds" + xmlns:openid="http://openid.net/xmlns/1.0" + xmlns="xri://$xrd*($v*2.0)"> + <XRD> + <Service priority="10"> + <Type>http://specs.openid.net/auth/2.0/signon</Type> + <Type>http://openid.net/extensions/sreg/1.1</Type> + <URI><%=new Uri(Request.Url, Response.ApplyAppPathModifier("~/server.aspx"))%></URI> + </Service> + <Service priority="20"> + <Type>http://openid.net/signon/1.0</Type> + <Type>http://openid.net/extensions/sreg/1.1</Type> + <URI><%=new Uri(Request.Url, Response.ApplyAppPathModifier("~/server.aspx"))%></URI> + </Service> + </XRD> +</xrds:XRDS> diff --git a/samples/OpenIdWebRingSsoRelyingParty/Admin/Default.aspx b/samples/OpenIdWebRingSsoRelyingParty/Admin/Default.aspx new file mode 100644 index 0000000..d3653e7 --- /dev/null +++ b/samples/OpenIdWebRingSsoRelyingParty/Admin/Default.aspx @@ -0,0 +1,19 @@ +<%@ Page Language="C#" AutoEventWireup="true" CodeBehind="Default.aspx.cs" Inherits="OpenIdWebRingSsoRelyingParty.Admin.Default" %> + +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> +<html xmlns="http://www.w3.org/1999/xhtml"> +<head runat="server"> + <title></title> +</head> +<body> + <form id="form1" runat="server"> + <div> + You must be an admin! + </div> + <p> + The roles you're assigned come from the trusted Provider's identity assertion. The + sample OP comes hard-wired to assert membership in the Admin and Member roles. + </p> + </form> +</body> +</html> diff --git a/samples/OpenIdWebRingSsoRelyingParty/Admin/Default.aspx.cs b/samples/OpenIdWebRingSsoRelyingParty/Admin/Default.aspx.cs new file mode 100644 index 0000000..94da1f7 --- /dev/null +++ b/samples/OpenIdWebRingSsoRelyingParty/Admin/Default.aspx.cs @@ -0,0 +1,13 @@ +namespace OpenIdWebRingSsoRelyingParty.Admin { + using System; + using System.Collections.Generic; + using System.Linq; + using System.Web; + using System.Web.UI; + using System.Web.UI.WebControls; + + public partial class Default : System.Web.UI.Page { + protected void Page_Load(object sender, EventArgs e) { + } + } +} diff --git a/samples/OpenIdWebRingSsoRelyingParty/Admin/Default.aspx.designer.cs b/samples/OpenIdWebRingSsoRelyingParty/Admin/Default.aspx.designer.cs new file mode 100644 index 0000000..9519fc3 --- /dev/null +++ b/samples/OpenIdWebRingSsoRelyingParty/Admin/Default.aspx.designer.cs @@ -0,0 +1,25 @@ +//------------------------------------------------------------------------------ +// <auto-generated> +// This code was generated by a tool. +// Runtime Version:2.0.50727.4927 +// +// Changes to this file may cause incorrect behavior and will be lost if +// the code is regenerated. +// </auto-generated> +//------------------------------------------------------------------------------ + +namespace OpenIdWebRingSsoRelyingParty.Admin { + + + public partial class Default { + + /// <summary> + /// form1 control. + /// </summary> + /// <remarks> + /// Auto-generated field. + /// To modify move field declaration from designer file to code-behind file. + /// </remarks> + protected global::System.Web.UI.HtmlControls.HtmlForm form1; + } +} diff --git a/samples/OpenIdWebRingSsoRelyingParty/Admin/Web.config b/samples/OpenIdWebRingSsoRelyingParty/Admin/Web.config new file mode 100644 index 0000000..52a5faf --- /dev/null +++ b/samples/OpenIdWebRingSsoRelyingParty/Admin/Web.config @@ -0,0 +1,9 @@ +<?xml version="1.0"?> +<configuration> + <system.web> + <authorization> + <allow roles="Admin"/> + <deny users="*"/> + </authorization> + </system.web> +</configuration> diff --git a/samples/OpenIdWebRingSsoRelyingParty/AuthTicketRoles.cs b/samples/OpenIdWebRingSsoRelyingParty/AuthTicketRoles.cs new file mode 100644 index 0000000..06783bd --- /dev/null +++ b/samples/OpenIdWebRingSsoRelyingParty/AuthTicketRoles.cs @@ -0,0 +1,57 @@ +//----------------------------------------------------------------------- +// <copyright file="AuthTicketRoles.cs" company="Andrew Arnott"> +// Copyright (c) Andrew Arnott. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- + +namespace OpenIdWebRingSsoRelyingParty { + using System; + using System.Collections.Generic; + using System.Linq; + using System.Security.Principal; + using System.Web; + using System.Web.Security; + using DotNetOpenAuth.Messaging; + using DotNetOpenAuth.OAuth; + using DotNetOpenAuth.OAuth.ChannelElements; + using DotNetOpenAuth.OAuth.Messages; + + /// <summary> + /// An authentication module that utilizes the forms auth ticket cookie + /// as a cache for the users' roles, since those roles are determined by + /// the OpenID Provider and we don't have a local user-roles cache at this + /// RP since those relationships are always managed by the Provider. + /// </summary> + public class AuthTicketRoles : IHttpModule { + #region IHttpModule Members + + /// <summary> + /// Initializes a module and prepares it to handle requests. + /// </summary> + /// <param name="context">An <see cref="T:System.Web.HttpApplication"/> that provides access to the methods, properties, and events common to all application objects within an ASP.NET application</param> + public void Init(HttpApplication context) { + context.AuthenticateRequest += this.application_AuthenticateRequest; + } + + /// <summary> + /// Disposes of the resources (other than memory) used by the module that implements <see cref="T:System.Web.IHttpModule"/>. + /// </summary> + public void Dispose() { + } + + #endregion + + private void application_AuthenticateRequest(object sender, EventArgs e) { + if (HttpContext.Current.User != null) { + var cookie = HttpContext.Current.Request.Cookies[FormsAuthentication.FormsCookieName]; + if (cookie != null) { + var ticket = FormsAuthentication.Decrypt(cookie.Value); + if (!string.IsNullOrEmpty(ticket.UserData)) { + string[] roles = ticket.UserData.Split(';'); + HttpContext.Current.User = new GenericPrincipal(HttpContext.Current.User.Identity, roles); + } + } + } + } + } +} diff --git a/samples/OpenIdWebRingSsoRelyingParty/Default.aspx b/samples/OpenIdWebRingSsoRelyingParty/Default.aspx new file mode 100644 index 0000000..00efb08 --- /dev/null +++ b/samples/OpenIdWebRingSsoRelyingParty/Default.aspx @@ -0,0 +1,29 @@ +<%@ Page Language="C#" AutoEventWireup="true" CodeBehind="Default.aspx.cs" Inherits="OpenIdWebRingSsoRelyingParty._Default" %> + +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> +<html xmlns="http://www.w3.org/1999/xhtml"> +<head runat="server"> + <title>Sample SSO relying party</title> +</head> +<body> + <form id="form1" runat="server"> + <div> + We've recognized you (via the SSO OP) as: + <asp:LoginName ID="LoginName1" runat="server" /> + <p>Try visiting the <a href="Admin/Default.aspx">Admin area</a></p> + </div> + <p>This sample is of an OpenID Relying Party that acts within a controlled set of + web sites (perhaps all belonging to the same organization). This + particular RP is configured to require authentication for all web pages, and to + always use just one (trusted) OP (the OpenIdWebRingSsoProvider) without ever + prompting the user.</p> + <p>Although the sample OP uses Windows Authentication, and so this RP could easily + do the same, the idea is that the OP and RP may exist on different network + topologies, or the OP may be the only site with access to the user credential + database, or any number of other scenarios where the RP doesn't have the freedom + to authenticate the user the way the OP has, yet this set of web sites want to + have the users only authenticate themselves to one site with one set of + credentials.</p> + </form> +</body> +</html> diff --git a/samples/OpenIdWebRingSsoRelyingParty/Default.aspx.cs b/samples/OpenIdWebRingSsoRelyingParty/Default.aspx.cs new file mode 100644 index 0000000..9e6009e --- /dev/null +++ b/samples/OpenIdWebRingSsoRelyingParty/Default.aspx.cs @@ -0,0 +1,18 @@ +namespace OpenIdWebRingSsoRelyingParty { + using System; + using System.Collections.Generic; + using System.Linq; + using System.Web; + using System.Web.UI; + using System.Web.UI.WebControls; + + public partial class _Default : System.Web.UI.Page { + protected void Page_Load(object sender, EventArgs e) { + if (Array.IndexOf(Request.AcceptTypes, "application/xrds+xml") >= 0) { + Server.Transfer("xrds.aspx"); + } else if (!User.Identity.IsAuthenticated) { + Response.Redirect("Login.aspx"); + } + } + } +} diff --git a/samples/OpenIdWebRingSsoRelyingParty/Default.aspx.designer.cs b/samples/OpenIdWebRingSsoRelyingParty/Default.aspx.designer.cs new file mode 100644 index 0000000..49d071e --- /dev/null +++ b/samples/OpenIdWebRingSsoRelyingParty/Default.aspx.designer.cs @@ -0,0 +1,34 @@ +//------------------------------------------------------------------------------ +// <auto-generated> +// This code was generated by a tool. +// Runtime Version:2.0.50727.4927 +// +// Changes to this file may cause incorrect behavior and will be lost if +// the code is regenerated. +// </auto-generated> +//------------------------------------------------------------------------------ + +namespace OpenIdWebRingSsoRelyingParty { + + + public partial class _Default { + + /// <summary> + /// form1 control. + /// </summary> + /// <remarks> + /// Auto-generated field. + /// To modify move field declaration from designer file to code-behind file. + /// </remarks> + protected global::System.Web.UI.HtmlControls.HtmlForm form1; + + /// <summary> + /// LoginName1 control. + /// </summary> + /// <remarks> + /// Auto-generated field. + /// To modify move field declaration from designer file to code-behind file. + /// </remarks> + protected global::System.Web.UI.WebControls.LoginName LoginName1; + } +} diff --git a/samples/OpenIdWebRingSsoRelyingParty/Login.aspx b/samples/OpenIdWebRingSsoRelyingParty/Login.aspx new file mode 100644 index 0000000..2e7df2e --- /dev/null +++ b/samples/OpenIdWebRingSsoRelyingParty/Login.aspx @@ -0,0 +1,26 @@ +<%@ Page Language="C#" AutoEventWireup="true" CodeBehind="Login.aspx.cs" Inherits="OpenIdWebRingSsoRelyingParty.Login" %> + +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> +<html xmlns="http://www.w3.org/1999/xhtml"> +<head runat="server"> + <title></title> +</head> +<body> + <form id="form1" runat="server"> + <asp:MultiView ID="MultiView1" runat="server" ActiveViewIndex="0"> + <asp:View ID="View1" runat="server"> + <div> + Sorry. We couldn't log you in. + </div> + <asp:Label runat="server" ID="errorLabel" /> + <p> + <asp:Button ID="retryButton" runat="server" Text="Try Again" OnClick="retryButton_Click" /> + </p> + </asp:View> + <asp:View ID="View2" runat="server"> + You don't have permission to visit <%=HttpUtility.HtmlEncode(Request.QueryString["ReturnUrl"]) %>. + </asp:View> + </asp:MultiView> + </form> +</body> +</html> diff --git a/samples/OpenIdWebRingSsoRelyingParty/Login.aspx.cs b/samples/OpenIdWebRingSsoRelyingParty/Login.aspx.cs new file mode 100644 index 0000000..7f7f91e --- /dev/null +++ b/samples/OpenIdWebRingSsoRelyingParty/Login.aspx.cs @@ -0,0 +1,96 @@ +namespace OpenIdWebRingSsoRelyingParty { + using System; + using System.Collections.Generic; + using System.Configuration; + using System.Linq; + using System.Web; + using System.Web.Security; + using System.Web.UI; + using System.Web.UI.WebControls; + using DotNetOpenAuth.OpenId; + using DotNetOpenAuth.OpenId.Extensions.AttributeExchange; + using DotNetOpenAuth.OpenId.RelyingParty; + + public partial class Login : System.Web.UI.Page { + private const string RolesAttribute = "http://samples.dotnetopenauth.net/sso/roles"; + + private static OpenIdRelyingParty relyingParty = new OpenIdRelyingParty(); + + static Login() { + // Configure the RP to only allow assertions from our trusted OP endpoint. + relyingParty.EndpointFilter = ep => ep.Uri.AbsoluteUri == ConfigurationManager.AppSettings["SsoProviderOPEndpoint"]; + } + + protected void Page_Load(object sender, EventArgs e) { + UriBuilder returnToBuilder = new UriBuilder(Request.Url); + returnToBuilder.Path = "/login.aspx"; + returnToBuilder.Query = null; + returnToBuilder.Fragment = null; + Uri returnTo = returnToBuilder.Uri; + returnToBuilder.Path = "/"; + Realm realm = returnToBuilder.Uri; + + var response = relyingParty.GetResponse(); + if (response == null) { + if (Request.QueryString["ReturnUrl"] != null && User.Identity.IsAuthenticated) { + // The user must have been directed here because he has insufficient + // permissions to access something. + this.MultiView1.ActiveViewIndex = 1; + } else { + // Because this is a sample of a controlled SSO environment, + // we don't ask the user which Provider to use... we just send + // them straight off to the one Provider we trust. + var request = relyingParty.CreateRequest( + ConfigurationManager.AppSettings["SsoProviderOPIdentifier"], + realm, + returnTo); + var fetchRequest = new FetchRequest(); + fetchRequest.Attributes.AddOptional(RolesAttribute); + request.AddExtension(fetchRequest); + request.RedirectToProvider(); + } + } else { + switch (response.Status) { + case AuthenticationStatus.Canceled: + this.errorLabel.Text = "Login canceled."; + break; + case AuthenticationStatus.Failed: + this.errorLabel.Text = HttpUtility.HtmlEncode(response.Exception.Message); + break; + case AuthenticationStatus.Authenticated: + IList<string> roles = null; + var fetchResponse = response.GetExtension<FetchResponse>(); + if (fetchResponse != null) { + if (fetchResponse.Attributes.Contains(RolesAttribute)) { + roles = fetchResponse.Attributes[RolesAttribute].Values; + } + } + if (roles == null) { + roles = new List<string>(0); + } + + // Apply the roles to this auth ticket + const int TimeoutInMinutes = 100; // TODO: look up the right value from the web.config file + var ticket = new FormsAuthenticationTicket( + 2, + response.ClaimedIdentifier, + DateTime.Now, + DateTime.Now.AddMinutes(TimeoutInMinutes), + false, // non-persistent, since login is automatic and we wanted updated roles + string.Join(";", roles.ToArray())); + + HttpCookie cookie = new HttpCookie(FormsAuthentication.FormsCookieName, FormsAuthentication.Encrypt(ticket)); + Response.SetCookie(cookie); + Response.Redirect(Request.QueryString["ReturnUrl"] ?? FormsAuthentication.DefaultUrl); + break; + default: + break; + } + } + } + + protected void retryButton_Click(object sender, EventArgs e) { + Response.Redirect("/login.aspx"); + } + } +} diff --git a/samples/OpenIdWebRingSsoRelyingParty/Login.aspx.designer.cs b/samples/OpenIdWebRingSsoRelyingParty/Login.aspx.designer.cs new file mode 100644 index 0000000..7ed2669 --- /dev/null +++ b/samples/OpenIdWebRingSsoRelyingParty/Login.aspx.designer.cs @@ -0,0 +1,70 @@ +//------------------------------------------------------------------------------ +// <auto-generated> +// This code was generated by a tool. +// Runtime Version:2.0.50727.4927 +// +// Changes to this file may cause incorrect behavior and will be lost if +// the code is regenerated. +// </auto-generated> +//------------------------------------------------------------------------------ + +namespace OpenIdWebRingSsoRelyingParty { + + + public partial class Login { + + /// <summary> + /// form1 control. + /// </summary> + /// <remarks> + /// Auto-generated field. + /// To modify move field declaration from designer file to code-behind file. + /// </remarks> + protected global::System.Web.UI.HtmlControls.HtmlForm form1; + + /// <summary> + /// MultiView1 control. + /// </summary> + /// <remarks> + /// Auto-generated field. + /// To modify move field declaration from designer file to code-behind file. + /// </remarks> + protected global::System.Web.UI.WebControls.MultiView MultiView1; + + /// <summary> + /// View1 control. + /// </summary> + /// <remarks> + /// Auto-generated field. + /// To modify move field declaration from designer file to code-behind file. + /// </remarks> + protected global::System.Web.UI.WebControls.View View1; + + /// <summary> + /// errorLabel control. + /// </summary> + /// <remarks> + /// Auto-generated field. + /// To modify move field declaration from designer file to code-behind file. + /// </remarks> + protected global::System.Web.UI.WebControls.Label errorLabel; + + /// <summary> + /// retryButton control. + /// </summary> + /// <remarks> + /// Auto-generated field. + /// To modify move field declaration from designer file to code-behind file. + /// </remarks> + protected global::System.Web.UI.WebControls.Button retryButton; + + /// <summary> + /// View2 control. + /// </summary> + /// <remarks> + /// Auto-generated field. + /// To modify move field declaration from designer file to code-behind file. + /// </remarks> + protected global::System.Web.UI.WebControls.View View2; + } +} diff --git a/samples/OpenIdWebRingSsoRelyingParty/OpenIdWebRingSsoRelyingParty.csproj b/samples/OpenIdWebRingSsoRelyingParty/OpenIdWebRingSsoRelyingParty.csproj new file mode 100644 index 0000000..978a1a57 --- /dev/null +++ b/samples/OpenIdWebRingSsoRelyingParty/OpenIdWebRingSsoRelyingParty.csproj @@ -0,0 +1,127 @@ +<Project ToolsVersion="3.5" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003"> + <PropertyGroup> + <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration> + <Platform Condition=" '$(Platform)' == '' ">AnyCPU</Platform> + <ProductVersion>9.0.30729</ProductVersion> + <SchemaVersion>2.0</SchemaVersion> + <ProjectGuid>{B64A1E7E-6A15-4B91-AF13-7D48F7DA5942}</ProjectGuid> + <ProjectTypeGuids>{349c5851-65df-11da-9384-00065b846f21};{fae04ec0-301f-11d3-bf4b-00c04f79efbc}</ProjectTypeGuids> + <OutputType>Library</OutputType> + <AppDesignerFolder>Properties</AppDesignerFolder> + <RootNamespace>OpenIdWebRingSsoRelyingParty</RootNamespace> + <AssemblyName>OpenIdWebRingSsoRelyingParty</AssemblyName> + <TargetFrameworkVersion>v3.5</TargetFrameworkVersion> + </PropertyGroup> + <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' "> + <DebugSymbols>true</DebugSymbols> + <DebugType>full</DebugType> + <Optimize>false</Optimize> + <OutputPath>bin\</OutputPath> + <DefineConstants>DEBUG;TRACE</DefineConstants> + <ErrorReport>prompt</ErrorReport> + <WarningLevel>4</WarningLevel> + </PropertyGroup> + <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Release|AnyCPU' "> + <DebugType>pdbonly</DebugType> + <Optimize>true</Optimize> + <OutputPath>bin\</OutputPath> + <DefineConstants>TRACE</DefineConstants> + <ErrorReport>prompt</ErrorReport> + <WarningLevel>4</WarningLevel> + </PropertyGroup> + <ItemGroup> + <Reference Include="System" /> + <Reference Include="System.Data" /> + <Reference Include="System.Core"> + <RequiredTargetFramework>3.5</RequiredTargetFramework> + </Reference> + <Reference Include="System.Data.DataSetExtensions"> + <RequiredTargetFramework>3.5</RequiredTargetFramework> + </Reference> + <Reference Include="System.Web.Extensions"> + <RequiredTargetFramework>3.5</RequiredTargetFramework> + </Reference> + <Reference Include="System.Xml.Linq"> + <RequiredTargetFramework>3.5</RequiredTargetFramework> + </Reference> + <Reference Include="System.Drawing" /> + <Reference Include="System.Web" /> + <Reference Include="System.Xml" /> + <Reference Include="System.Configuration" /> + <Reference Include="System.Web.Services" /> + <Reference Include="System.EnterpriseServices" /> + <Reference Include="System.Web.Mobile" /> + </ItemGroup> + <ItemGroup> + <Content Include="Default.aspx" /> + <Content Include="Login.aspx" /> + <Content Include="Web.config" /> + <Content Include="xrds.aspx" /> + </ItemGroup> + <ItemGroup> + <Compile Include="Admin\Default.aspx.cs"> + <DependentUpon>Default.aspx</DependentUpon> + <SubType>ASPXCodeBehind</SubType> + </Compile> + <Compile Include="Admin\Default.aspx.designer.cs"> + <DependentUpon>Default.aspx</DependentUpon> + </Compile> + <Compile Include="Default.aspx.cs"> + <SubType>ASPXCodeBehind</SubType> + <DependentUpon>Default.aspx</DependentUpon> + </Compile> + <Compile Include="Default.aspx.designer.cs"> + <DependentUpon>Default.aspx</DependentUpon> + </Compile> + <Compile Include="Login.aspx.cs"> + <DependentUpon>Login.aspx</DependentUpon> + <SubType>ASPXCodeBehind</SubType> + </Compile> + <Compile Include="Login.aspx.designer.cs"> + <DependentUpon>Login.aspx</DependentUpon> + </Compile> + <Compile Include="AuthTicketRoles.cs" /> + <Compile Include="Properties\AssemblyInfo.cs" /> + </ItemGroup> + <ItemGroup> + <ProjectReference Include="..\..\src\DotNetOpenAuth\DotNetOpenAuth.csproj"> + <Project>{3191B653-F76D-4C1A-9A5A-347BC3AAAAB7}</Project> + <Name>DotNetOpenAuth</Name> + </ProjectReference> + </ItemGroup> + <ItemGroup> + <Content Include="Admin\Default.aspx" /> + <Content Include="Admin\Web.config" /> + </ItemGroup> + <ItemGroup> + <Folder Include="App_Data\" /> + </ItemGroup> + <Import Project="$(MSBuildBinPath)\Microsoft.CSharp.targets" /> + <Import Project="$(MSBuildExtensionsPath)\Microsoft\VisualStudio\v9.0\WebApplications\Microsoft.WebApplication.targets" /> + <!-- To modify your build process, add your task inside one of the targets below and uncomment it. + Other similar extension points exist, see Microsoft.Common.targets. + <Target Name="BeforeBuild"> + </Target> + <Target Name="AfterBuild"> + </Target> + --> + <ProjectExtensions> + <VisualStudio> + <FlavorProperties GUID="{349c5851-65df-11da-9384-00065b846f21}"> + <WebProjectProperties> + <UseIIS>False</UseIIS> + <AutoAssignPort>False</AutoAssignPort> + <DevelopmentServerPort>39165</DevelopmentServerPort> + <DevelopmentServerVPath>/</DevelopmentServerVPath> + <IISUrl> + </IISUrl> + <NTLMAuthentication>False</NTLMAuthentication> + <UseCustomServer>False</UseCustomServer> + <CustomServerUrl> + </CustomServerUrl> + <SaveServerSettingsInUserFile>False</SaveServerSettingsInUserFile> + </WebProjectProperties> + </FlavorProperties> + </VisualStudio> + </ProjectExtensions> +</Project>
\ No newline at end of file diff --git a/samples/OpenIdWebRingSsoRelyingParty/Properties/AssemblyInfo.cs b/samples/OpenIdWebRingSsoRelyingParty/Properties/AssemblyInfo.cs new file mode 100644 index 0000000..eaf99ae --- /dev/null +++ b/samples/OpenIdWebRingSsoRelyingParty/Properties/AssemblyInfo.cs @@ -0,0 +1,35 @@ +using System.Reflection; +using System.Runtime.CompilerServices; +using System.Runtime.InteropServices; + +// General Information about an assembly is controlled through the following +// set of attributes. Change these attribute values to modify the information +// associated with an assembly. +[assembly: AssemblyTitle("OpenIdWebRingSsoRelyingParty")] +[assembly: AssemblyDescription("")] +[assembly: AssemblyConfiguration("")] +[assembly: AssemblyCompany("Microsoft IT")] +[assembly: AssemblyProduct("OpenIdWebRingSsoRelyingParty")] +[assembly: AssemblyCopyright("Copyright © Microsoft IT 2009")] +[assembly: AssemblyTrademark("")] +[assembly: AssemblyCulture("")] + +// Setting ComVisible to false makes the types in this assembly not visible +// to COM components. If you need to access a type in this assembly from +// COM, set the ComVisible attribute to true on that type. +[assembly: ComVisible(false)] + +// The following GUID is for the ID of the typelib if this project is exposed to COM +[assembly: Guid("3d5900ae-111a-45be-96b3-d9e4606ca793")] + +// Version information for an assembly consists of the following four values: +// +// Major Version +// Minor Version +// Build Number +// Revision +// +// You can specify all the values or you can default the Revision and Build Numbers +// by using the '*' as shown below: +[assembly: AssemblyVersion("1.0.0.0")] +[assembly: AssemblyFileVersion("1.0.0.0")] diff --git a/samples/OpenIdWebRingSsoRelyingParty/Web.config b/samples/OpenIdWebRingSsoRelyingParty/Web.config new file mode 100644 index 0000000..94ef60c --- /dev/null +++ b/samples/OpenIdWebRingSsoRelyingParty/Web.config @@ -0,0 +1,194 @@ +<?xml version="1.0"?> + +<configuration> + <configSections> + <section name="uri" type="System.Configuration.UriSection, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" /> + <section name="log4net" type="log4net.Config.Log4NetConfigurationSectionHandler" requirePermission="false" /> + <section name="dotNetOpenAuth" type="DotNetOpenAuth.Configuration.DotNetOpenAuthSection" requirePermission="false" allowLocation="true"/> + <sectionGroup name="system.web.extensions" type="System.Web.Configuration.SystemWebExtensionsSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"> + <sectionGroup name="scripting" type="System.Web.Configuration.ScriptingSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"> + <section name="scriptResourceHandler" type="System.Web.Configuration.ScriptingScriptResourceHandlerSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication"/> + <sectionGroup name="webServices" type="System.Web.Configuration.ScriptingWebServicesSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"> + <section name="jsonSerialization" type="System.Web.Configuration.ScriptingJsonSerializationSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="Everywhere" /> + <section name="profileService" type="System.Web.Configuration.ScriptingProfileServiceSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication" /> + <section name="authenticationService" type="System.Web.Configuration.ScriptingAuthenticationServiceSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication" /> + <section name="roleService" type="System.Web.Configuration.ScriptingRoleServiceSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication" /> + </sectionGroup> + </sectionGroup> + </sectionGroup> + </configSections> + + <!-- The uri section is necessary to turn on .NET 3.5 support for IDN (international domain names), + which is necessary for OpenID urls with unicode characters in the domain/host name. + It is also required to put the Uri class into RFC 3986 escaping mode, which OpenID and OAuth require. --> + <uri> + <idn enabled="All"/> + <iriParsing enabled="true"/> + </uri> + + <system.net> + <defaultProxy enabled="true" /> + <settings> + <!-- This setting causes .NET to check certificate revocation lists (CRL) + before trusting HTTPS certificates. But this setting tends to not + be allowed in shared hosting environments. --> + <!--<servicePointManager checkCertificateRevocationList="true"/>--> + </settings> + </system.net> + + <!-- this is an optional configuration section where aspects of dotnetopenauth can be customized --> + <dotNetOpenAuth> + <openid> + <relyingParty> + <security requireSsl="false" /> + <behaviors> + <!-- The following OPTIONAL behavior allows RPs to use SREG only, but be compatible + with OPs that use Attribute Exchange (in various formats). --> + <add type="DotNetOpenAuth.OpenId.Behaviors.AXFetchAsSregTransform, DotNetOpenAuth" /> + <!--<add type="DotNetOpenAuth.OpenId.Behaviors.GsaIcamProfile, DotNetOpenAuth" />--> + </behaviors> + <!-- Uncomment the following to activate the sample custom store. --> + <!--<store type="OpenIdRelyingPartyWebForms.CustomStore, OpenIdRelyingPartyWebForms" />--> + </relyingParty> + </openid> + <messaging> + <untrustedWebRequest> + <whitelistHosts> + <!-- since this is a sample, and will often be used with localhost --> + <add name="localhost" /> + </whitelistHosts> + </untrustedWebRequest> + </messaging> + <!-- Allow DotNetOpenAuth to publish usage statistics to library authors to improve the library. --> + <reporting enabled="true" /> + </dotNetOpenAuth> + + <appSettings> + <add key="SsoProviderOPIdentifier" value="http://localhost:39167/" /> + <add key="SsoProviderOPEndpoint" value="http://localhost:39167/server.aspx" /> + </appSettings> + <connectionStrings/> + + <system.web> + <!-- + Set compilation debug="true" to insert debugging + symbols into the compiled page. Because this + affects performance, set this value to true only + during development. + --> + <compilation debug="false"> + + <assemblies> + <add assembly="System.Core, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/> + <add assembly="System.Data.DataSetExtensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/> + <add assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> + <add assembly="System.Xml.Linq, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/> + </assemblies> + + </compilation> + <!-- + The <authentication> section enables configuration + of the security authentication mode used by + ASP.NET to identify an incoming user. + --> + <authentication mode="Forms"> + <forms name="OpenIdWebRingSsoRelyingParty" /> + </authentication> + <authorization> + <deny users="?"/> + </authorization> + <!-- + The <customErrors> section enables configuration + of what to do if/when an unhandled error occurs + during the execution of a request. Specifically, + it enables developers to configure html error pages + to be displayed in place of a error stack trace. + + <customErrors mode="RemoteOnly" defaultRedirect="GenericErrorPage.htm"> + <error statusCode="403" redirect="NoAccess.htm" /> + <error statusCode="404" redirect="FileNotFound.htm" /> + </customErrors> + --> + + <pages> + <controls> + <add tagPrefix="asp" namespace="System.Web.UI" assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> + <add tagPrefix="asp" namespace="System.Web.UI.WebControls" assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> + </controls> + </pages> + + <httpHandlers> + <remove verb="*" path="*.asmx"/> + <add verb="*" path="*.asmx" validate="false" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> + <add verb="*" path="*_AppService.axd" validate="false" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> + <add verb="GET,HEAD" path="ScriptResource.axd" type="System.Web.Handlers.ScriptResourceHandler, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" validate="false"/> + </httpHandlers> + <httpModules> + <add name="ScriptModule" type="System.Web.Handlers.ScriptModule, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> + <add name="AuthTicketRoles" type="OpenIdWebRingSsoRelyingParty.AuthTicketRoles, OpenIdWebRingSsoRelyingParty"/> + </httpModules> + + </system.web> + + <system.codedom> + <compilers> + <compiler language="c#;cs;csharp" extension=".cs" warningLevel="4" + type="Microsoft.CSharp.CSharpCodeProvider, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"> + <providerOption name="CompilerVersion" value="v3.5"/> + <providerOption name="WarnAsError" value="false"/> + </compiler> + </compilers> + </system.codedom> + + <!-- + The system.webServer section is required for running ASP.NET AJAX under Internet + Information Services 7.0. It is not necessary for previous version of IIS. + --> + <system.webServer> + <validation validateIntegratedModeConfiguration="false"/> + <modules> + <remove name="ScriptModule" /> + <add name="ScriptModule" preCondition="managedHandler" type="System.Web.Handlers.ScriptModule, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> + </modules> + <handlers> + <remove name="WebServiceHandlerFactory-Integrated"/> + <remove name="ScriptHandlerFactory" /> + <remove name="ScriptHandlerFactoryAppServices" /> + <remove name="ScriptResource" /> + <add name="ScriptHandlerFactory" verb="*" path="*.asmx" preCondition="integratedMode" + type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> + <add name="ScriptHandlerFactoryAppServices" verb="*" path="*_AppService.axd" preCondition="integratedMode" + type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> + <add name="ScriptResource" preCondition="integratedMode" verb="GET,HEAD" path="ScriptResource.axd" type="System.Web.Handlers.ScriptResourceHandler, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" /> + </handlers> + </system.webServer> + + <runtime> + <assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1"> + <dependentAssembly> + <assemblyIdentity name="System.Web.Extensions" publicKeyToken="31bf3856ad364e35"/> + <bindingRedirect oldVersion="1.0.0.0-1.1.0.0" newVersion="3.5.0.0"/> + </dependentAssembly> + <dependentAssembly> + <assemblyIdentity name="System.Web.Extensions.Design" publicKeyToken="31bf3856ad364e35"/> + <bindingRedirect oldVersion="1.0.0.0-1.1.0.0" newVersion="3.5.0.0"/> + </dependentAssembly> + </assemblyBinding> + </runtime> + + <location path="xrds.aspx"> + <system.web> + <authorization> + <allow users="*"/> + </authorization> + </system.web> + </location> + + <location path="default.aspx"> + <system.web> + <authorization> + <allow users="*"/> + </authorization> + </system.web> + </location> +</configuration> diff --git a/samples/OpenIdWebRingSsoRelyingParty/xrds.aspx b/samples/OpenIdWebRingSsoRelyingParty/xrds.aspx new file mode 100644 index 0000000..b45d063 --- /dev/null +++ b/samples/OpenIdWebRingSsoRelyingParty/xrds.aspx @@ -0,0 +1,20 @@ +<%@ Page Language="C#" AutoEventWireup="true" ContentType="application/xrds+xml" %><?xml version="1.0" encoding="UTF-8"?> +<%-- +This page is a required for relying party discovery per OpenID 2.0. +It allows Providers to call back to the relying party site to confirm the +identity that it is claiming in the realm and return_to URLs. +This page should be pointed to by the 'realm' home page, which in this sample +is default.aspx. +--%> +<xrds:XRDS + xmlns:xrds="xri://$xrds" + xmlns:openid="http://openid.net/xmlns/1.0" + xmlns="xri://$xrd*($v*2.0)"> + <XRD> + <Service priority="1"> + <Type>http://specs.openid.net/auth/2.0/return_to</Type> + <%-- Every page with an OpenID login should be listed here. --%> + <URI priority="1"><%=new Uri(Request.Url, Response.ApplyAppPathModifier("~/login.aspx"))%></URI> + </Service> + </XRD> +</xrds:XRDS> |