//----------------------------------------------------------------------- // // Copyright (c) Microsoft. All rights reserved. // //----------------------------------------------------------------------- namespace DotNetOpenAuth.AspNet { using System; using System.Diagnostics.CodeAnalysis; using System.Web; using DotNetOpenAuth.Messaging; ///

/// Manage authenticating with an external OAuth or OpenID provider ///

public class OpenAuthSecurityManager { #region Constants and Fields ///

/// The provider query string name. ///

private const string ProviderQueryStringName = "__provider__"; ///

/// The _authentication provider. ///

private readonly IAuthenticationClient _authenticationProvider; ///

/// The _data provider. ///

private readonly IOpenAuthDataProvider _dataProvider; ///

/// The _request context. ///

private readonly HttpContextBase _requestContext; #endregion #region Constructors and Destructors ///

/// Initializes a new instance of the class. ///

/// /// The request context. /// public OpenAuthSecurityManager(HttpContextBase requestContext) : this(requestContext, provider: null, dataProvider: null) {} ///

/// Initializes a new instance of the class. ///

/// /// The request context. /// /// /// The provider. /// /// /// The data provider. /// public OpenAuthSecurityManager( HttpContextBase requestContext, IAuthenticationClient provider, IOpenAuthDataProvider dataProvider) { if (requestContext == null) { throw new ArgumentNullException("requestContext"); } this._requestContext = requestContext; this._dataProvider = dataProvider; this._authenticationProvider = provider; } #endregion #region Public Properties ///

/// Gets a value indicating whether IsAuthenticatedWithOpenAuth. ///

public bool IsAuthenticatedWithOpenAuth { get { return this._requestContext.Request.IsAuthenticated && OpenAuthAuthenticationTicketHelper.IsValidAuthenticationTicket(this._requestContext); } } #endregion #region Public Methods and Operators ///

/// The get provider name. ///

/// /// The context. /// /// /// The get provider name. /// public static string GetProviderName(HttpContextBase context) { return context.Request.QueryString[ProviderQueryStringName]; } ///

/// Checks if the specified provider user id represents a valid account. If it does, log user in. ///

/// /// The provider user id. /// /// /// if set to true create persistent cookie. /// /// /// true if the login is successful. /// [SuppressMessage("Microsoft.Naming", "CA1726:UsePreferredTerms", MessageId = "Login", Justification = "Login is used more consistently in ASP.Net")] public bool Login(string providerUserId, bool createPersistentCookie) { string userName = this._dataProvider.GetUserNameFromOpenAuth( this._authenticationProvider.ProviderName, providerUserId); if (string.IsNullOrEmpty(userName)) { return false; } OpenAuthAuthenticationTicketHelper.SetAuthenticationTicket(this._requestContext, userName, createPersistentCookie); return true; } ///

/// Requests the specified provider to start the authentication by directing users to an external website ///

/// /// The return url after user is authenticated. /// public void RequestAuthentication(string returnUrl) { // convert returnUrl to an absolute path Uri uri; if (!string.IsNullOrEmpty(returnUrl)) { uri = UriHelper.ConvertToAbsoluteUri(returnUrl, this._requestContext); } else { uri = HttpRequestInfo.GetPublicFacingUrl(this._requestContext.Request, this._requestContext.Request.ServerVariables); } // attach the provider parameter so that we know which provider initiated // the login when user is redirected back to this page uri = uri.AttachQueryStringParameter(ProviderQueryStringName, this._authenticationProvider.ProviderName); this._authenticationProvider.RequestAuthentication(this._requestContext, uri); } ///

/// Checks if user is successfully authenticated when user is redirected back to this user. ///

/// /// public AuthenticationResult VerifyAuthentication() { AuthenticationResult result = this._authenticationProvider.VerifyAuthentication(this._requestContext); if (!result.IsSuccessful) { // if the result is a Failed result, creates a new Failed response which has providerName info. result = new AuthenticationResult( isSuccessful: false, provider: this._authenticationProvider.ProviderName, providerUserId: null, userName: null, extraData: null); } return result; } #endregion } }