Unsolicited assertion successfully sent if RP login page is given by …

…user. We still need to add RP discovery to this so that the realm URL can be given by the user rather than the full login page.
DotNetOpenAuth · Apr 7, 2008 · 0386773 · 0386773
1 parent 6229450
commit 0386773
Show file tree

Hide file tree

Showing 5 changed files with 68 additions and 5 deletions.
diff --git a/samples/ProviderPortal/Default.aspx b/samples/ProviderPortal/Default.aspx
@@ -1,7 +1,19 @@
 <%@ Page Language="C#" AutoEventWireup="true" %>
-<%@ Register Assembly="DotNetOpenId" Namespace="DotNetOpenId" TagPrefix="openid" %>
 
+<%@ Import Namespace="DotNetOpenId.Provider" %>
+<%@ Register Assembly="DotNetOpenId" Namespace="DotNetOpenId" TagPrefix="openid" %>
 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+
+<script runat="server">
+	protected void sendAssertionButton_Click(object sender, EventArgs e) {
+		TextBox relyingPartySite = (TextBox)loginView.FindControl("relyingPartySite");
+		Uri providerEndpoint = new Uri(Request.Url, Page.ResolveUrl("~/server.aspx"));
+		OpenIdProvider op = new OpenIdProvider(OpenIdProvider.HttpApplicationAssociationStore,
+			providerEndpoint, Request.Url, Request.QueryString);
+		op.PrepareUnsolicitedAssertion(relyingPartySite.Text, Util.BuildIdentityUrl(), Util.BuildIdentityUrl()).Send();
+	}
+</script>
+
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head runat="server">
 	<openid:XrdsPublisher runat="server" XrdsUrl="~/op_xrds.aspx" />
@@ -16,9 +28,26 @@
 		Provided by <a href="http://dotnetopenid.googlecode.com">DotNetOpenId</a>
 	</h2>
 	<p>
-		Welcome.  This site doesn't do anything more than simple authentication of
-		users.  Start the authentication process on the Relying Party sample site.
+		Welcome. This site doesn't do anything more than simple authentication of users.
+		Start the authentication process on the Relying Party sample site, or log in here
+		and send an unsolicited assertion.
 	</p>
+	<asp:LoginView runat="server" ID="loginView">
+		<LoggedInTemplate>
+			<asp:Panel runat="server" DefaultButton="sendAssertionButton">
+				Since you're logged in, try sending an unsolicited assertion to an OpenID 2.0 relying
+				party site. Just type in the URL to the site's home page. This could be the sample
+				relying party web site.
+				<br />
+				<asp:TextBox runat="server" ID="relyingPartySite" Columns="40" />
+				<asp:Button runat="server" ID="sendAssertionButton" Text="Send assertion" OnClick="sendAssertionButton_Click" />
+				<asp:RequiredFieldValidator runat="server" ControlToValidate="relyingPartySite" Text="Specify relying party site first" />
+				<br />
+				An unsolicited assertion is a way to log in to a relying party site directly from
+				your OpenID Provider.
+			</asp:Panel>
+		</LoggedInTemplate>
+	</asp:LoginView>
 	<asp:LoginStatus runat="server" />
 	</form>
 </body>

diff --git a/samples/RelyingPartyPortal/Default.aspx b/samples/RelyingPartyPortal/Default.aspx
@@ -20,6 +20,7 @@
 		<asp:HyperLink runat="server" NavigateUrl="~/MembersOnly/Default.aspx" Text="Members Only" />
 		area. (This will trigger a login demo).
 	</p>
+	<asp:LoginStatus runat="server" />
 	</form>
 </body>
 </html>
diff --git a/src/DotNetOpenId/Provider/AssertionMessage.cs b/src/DotNetOpenId/Provider/AssertionMessage.cs
@@ -61,5 +61,24 @@ static class AssertionMessage {
 				AssertionMessage.CreateNegativeAssertion(response, request.Immediate, request.SetupUrl);
 			return response;
 		}
+
+		/// <summary>
+		/// Creates a message that can be sent to a user agent to redirect them to a 
+		/// relying party web site complete with authentication information to 
+		/// automatically log them into that web site.
+		/// </summary>
+		public static IResponse CreateUnsolicitedAssertion(OpenIdProvider provider,
+			Realm relyingParty, Identifier claimedIdentifier, Identifier localIdentifier) {
+			if (relyingParty == null) throw new ArgumentNullException("relyingParty");
+			if (claimedIdentifier == null) throw new ArgumentNullException("claimedIdentifier");
+			if (localIdentifier == null) throw new ArgumentNullException("localIdentifier");
+
+			Uri relyingPartyLoginUrl = relyingParty.NoWildcardUri;
+			Protocol protocol = Protocol.Default;
+
+			EncodableResponse message = EncodableResponse.PrepareIndirectMessage(protocol, relyingPartyLoginUrl, null);
+			CreatePositiveAssertion(message, provider, localIdentifier, claimedIdentifier);
+			return provider.Encoder.Encode(message);
+		}
 	}
 }
diff --git a/src/DotNetOpenId/Provider/OpenIdProvider.cs b/src/DotNetOpenId/Provider/OpenIdProvider.cs
@@ -6,6 +6,7 @@
 using ProviderMemoryStore = DotNetOpenId.AssociationMemoryStore<DotNetOpenId.AssociationRelyingPartyType>;
 using System.Collections.Generic;
 using System.Diagnostics;
+using System.Net;
 
 namespace DotNetOpenId.Provider {
 	/// <summary>
@@ -41,7 +42,7 @@ public class OpenIdProvider {
 		/// This method requires a current ASP.NET HttpContext.
 		/// </remarks>
 		public OpenIdProvider()
-			: this(httpApplicationAssociationStore,
+			: this(HttpApplicationAssociationStore,
 			getProviderEndpointFromContext(), Util.GetRequestUrlFromContext(), Util.GetQueryFromContext()) { }
 		/// <summary>
 		/// Constructs an OpenId server that uses a given query and IAssociationStore.
@@ -114,8 +115,17 @@ public OpenIdProvider(IProviderAssociationStore store, Uri providerEndpoint, Uri
 			return req;
 		}
 
+		public IResponse PrepareUnsolicitedAssertion(Realm relyingParty, 
+			Identifier claimedIdentifier, Identifier localIdentifier) {
+			if (relyingParty == null) throw new ArgumentNullException("relyingParty");
+			if (claimedIdentifier == null) throw new ArgumentNullException("claimedIdentifier");
+			if (localIdentifier == null) throw new ArgumentNullException("localIdentifier");
+			return AssertionMessage.CreateUnsolicitedAssertion(this, 
+				relyingParty, claimedIdentifier, localIdentifier);
+		}
+
 		const string associationStoreKey = "DotNetOpenId.Provider.OpenIdProvider.AssociationStore";
-		static IProviderAssociationStore httpApplicationAssociationStore {
+		public static IProviderAssociationStore HttpApplicationAssociationStore {
 			get {
 				HttpContext context = HttpContext.Current;
 				if (context == null)

diff --git a/src/DotNetOpenId/Realm.cs b/src/DotNetOpenId/Realm.cs
@@ -72,6 +72,10 @@ public class Realm {
 		/// by a question mark (?).
 		/// </summary>
 		public string PathAndQuery { get { return uri.PathAndQuery; } }
+		/// <summary>
+		/// Gets the realm URL.  If the realm includes a wildcard, it is not included here.
+		/// </summary>
+		internal Uri NoWildcardUri { get { return uri; } }
 
 		static string[] _top_level_domains =    {"com", "edu", "gov", "int", "mil", "net", "org", "biz", "info", "name", "museum", "coop", "aero", "ac", "ad", "ae",
 			"af", "ag", "ai", "al", "am", "an", "ao", "aq", "ar", "as", "at", "au", "aw", "az", "ba", "bb", "bd", "be", "bf", "bg", "bh", "bi", "bj",