From 0386773ac51408c71de85012879f341541e5a069 Mon Sep 17 00:00:00 2001
From: Andrew Arnott <andrewarnott@gmail.com>
Date: Sun, 6 Apr 2008 19:56:36 -0700
Subject: [PATCH] Unsolicited assertion successfully sent if RP login page is
 given by user.

We still need to add RP discovery to this so that the realm URL can be given by the user rather than the full login page.
---
 samples/ProviderPortal/Default.aspx           | 35 +++++++++++++++++--
 samples/RelyingPartyPortal/Default.aspx       |  1 +
 src/DotNetOpenId/Provider/AssertionMessage.cs | 19 ++++++++++
 src/DotNetOpenId/Provider/OpenIdProvider.cs   | 14 ++++++--
 src/DotNetOpenId/Realm.cs                     |  4 +++
 5 files changed, 68 insertions(+), 5 deletions(-)

diff --git a/samples/ProviderPortal/Default.aspx b/samples/ProviderPortal/Default.aspx
index 86629e6f5e..17d3f50d4a 100644
--- a/samples/ProviderPortal/Default.aspx
+++ b/samples/ProviderPortal/Default.aspx
@@ -1,7 +1,19 @@
 <%@ Page Language="C#" AutoEventWireup="true" %>
-<%@ Register Assembly="DotNetOpenId" Namespace="DotNetOpenId" TagPrefix="openid" %>
 
+<%@ Import Namespace="DotNetOpenId.Provider" %>
+<%@ Register Assembly="DotNetOpenId" Namespace="DotNetOpenId" TagPrefix="openid" %>
 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+
+<script runat="server">
+	protected void sendAssertionButton_Click(object sender, EventArgs e) {
+		TextBox relyingPartySite = (TextBox)loginView.FindControl("relyingPartySite");
+		Uri providerEndpoint = new Uri(Request.Url, Page.ResolveUrl("~/server.aspx"));
+		OpenIdProvider op = new OpenIdProvider(OpenIdProvider.HttpApplicationAssociationStore,
+			providerEndpoint, Request.Url, Request.QueryString);
+		op.PrepareUnsolicitedAssertion(relyingPartySite.Text, Util.BuildIdentityUrl(), Util.BuildIdentityUrl()).Send();
+	}
+</script>
+
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head runat="server">
 	<openid:XrdsPublisher runat="server" XrdsUrl="~/op_xrds.aspx" />
@@ -16,9 +28,26 @@
 		Provided by <a href="http://dotnetopenid.googlecode.com">DotNetOpenId</a>
 	</h2>
 	<p>
-		Welcome.  This site doesn't do anything more than simple authentication of
-		users.  Start the authentication process on the Relying Party sample site.
+		Welcome. This site doesn't do anything more than simple authentication of users.
+		Start the authentication process on the Relying Party sample site, or log in here
+		and send an unsolicited assertion.
 	</p>
+	<asp:LoginView runat="server" ID="loginView">
+		<LoggedInTemplate>
+			<asp:Panel runat="server" DefaultButton="sendAssertionButton">
+				Since you're logged in, try sending an unsolicited assertion to an OpenID 2.0 relying
+				party site. Just type in the URL to the site's home page. This could be the sample
+				relying party web site.
+				<br />
+				<asp:TextBox runat="server" ID="relyingPartySite" Columns="40" />
+				<asp:Button runat="server" ID="sendAssertionButton" Text="Send assertion" OnClick="sendAssertionButton_Click" />
+				<asp:RequiredFieldValidator runat="server" ControlToValidate="relyingPartySite" Text="Specify relying party site first" />
+				<br />
+				An unsolicited assertion is a way to log in to a relying party site directly from
+				your OpenID Provider.
+			</asp:Panel>
+		</LoggedInTemplate>
+	</asp:LoginView>
 	<asp:LoginStatus runat="server" />
 	</form>
 </body>
diff --git a/samples/RelyingPartyPortal/Default.aspx b/samples/RelyingPartyPortal/Default.aspx
index 47f26e963a..b303c120e0 100644
--- a/samples/RelyingPartyPortal/Default.aspx
+++ b/samples/RelyingPartyPortal/Default.aspx
@@ -20,6 +20,7 @@
 		<asp:HyperLink runat="server" NavigateUrl="~/MembersOnly/Default.aspx" Text="Members Only" />
 		area. (This will trigger a login demo).
 	</p>
+	<asp:LoginStatus runat="server" />
 	</form>
 </body>
 </html>
diff --git a/src/DotNetOpenId/Provider/AssertionMessage.cs b/src/DotNetOpenId/Provider/AssertionMessage.cs
index 859f3898d9..1957f15a5c 100644
--- a/src/DotNetOpenId/Provider/AssertionMessage.cs
+++ b/src/DotNetOpenId/Provider/AssertionMessage.cs
@@ -61,5 +61,24 @@ static class AssertionMessage {
 				AssertionMessage.CreateNegativeAssertion(response, request.Immediate, request.SetupUrl);
 			return response;
 		}
+
+		/// <summary>
+		/// Creates a message that can be sent to a user agent to redirect them to a 
+		/// relying party web site complete with authentication information to 
+		/// automatically log them into that web site.
+		/// </summary>
+		public static IResponse CreateUnsolicitedAssertion(OpenIdProvider provider,
+			Realm relyingParty, Identifier claimedIdentifier, Identifier localIdentifier) {
+			if (relyingParty == null) throw new ArgumentNullException("relyingParty");
+			if (claimedIdentifier == null) throw new ArgumentNullException("claimedIdentifier");
+			if (localIdentifier == null) throw new ArgumentNullException("localIdentifier");
+
+			Uri relyingPartyLoginUrl = relyingParty.NoWildcardUri;
+			Protocol protocol = Protocol.Default;
+
+			EncodableResponse message = EncodableResponse.PrepareIndirectMessage(protocol, relyingPartyLoginUrl, null);
+			CreatePositiveAssertion(message, provider, localIdentifier, claimedIdentifier);
+			return provider.Encoder.Encode(message);
+		}
 	}
 }
diff --git a/src/DotNetOpenId/Provider/OpenIdProvider.cs b/src/DotNetOpenId/Provider/OpenIdProvider.cs
index 7315aec7da..45525d34c7 100644
--- a/src/DotNetOpenId/Provider/OpenIdProvider.cs
+++ b/src/DotNetOpenId/Provider/OpenIdProvider.cs
@@ -6,6 +6,7 @@
 using ProviderMemoryStore = DotNetOpenId.AssociationMemoryStore<DotNetOpenId.AssociationRelyingPartyType>;
 using System.Collections.Generic;
 using System.Diagnostics;
+using System.Net;
 
 namespace DotNetOpenId.Provider {
 	/// <summary>
@@ -41,7 +42,7 @@ public class OpenIdProvider {
 		/// This method requires a current ASP.NET HttpContext.
 		/// </remarks>
 		public OpenIdProvider()
-			: this(httpApplicationAssociationStore,
+			: this(HttpApplicationAssociationStore,
 			getProviderEndpointFromContext(), Util.GetRequestUrlFromContext(), Util.GetQueryFromContext()) { }
 		/// <summary>
 		/// Constructs an OpenId server that uses a given query and IAssociationStore.
@@ -114,8 +115,17 @@ public OpenIdProvider(IProviderAssociationStore store, Uri providerEndpoint, Uri
 			return req;
 		}
 
+		public IResponse PrepareUnsolicitedAssertion(Realm relyingParty, 
+			Identifier claimedIdentifier, Identifier localIdentifier) {
+			if (relyingParty == null) throw new ArgumentNullException("relyingParty");
+			if (claimedIdentifier == null) throw new ArgumentNullException("claimedIdentifier");
+			if (localIdentifier == null) throw new ArgumentNullException("localIdentifier");
+			return AssertionMessage.CreateUnsolicitedAssertion(this, 
+				relyingParty, claimedIdentifier, localIdentifier);
+		}
+
 		const string associationStoreKey = "DotNetOpenId.Provider.OpenIdProvider.AssociationStore";
-		static IProviderAssociationStore httpApplicationAssociationStore {
+		public static IProviderAssociationStore HttpApplicationAssociationStore {
 			get {
 				HttpContext context = HttpContext.Current;
 				if (context == null)
diff --git a/src/DotNetOpenId/Realm.cs b/src/DotNetOpenId/Realm.cs
index 2cea647b9e..e757134137 100644
--- a/src/DotNetOpenId/Realm.cs
+++ b/src/DotNetOpenId/Realm.cs
@@ -72,6 +72,10 @@ public class Realm {
 		/// by a question mark (?).
 		/// </summary>
 		public string PathAndQuery { get { return uri.PathAndQuery; } }
+		/// <summary>
+		/// Gets the realm URL.  If the realm includes a wildcard, it is not included here.
+		/// </summary>
+		internal Uri NoWildcardUri { get { return uri; } }
 
 		static string[] _top_level_domains =    {"com", "edu", "gov", "int", "mil", "net", "org", "biz", "info", "name", "museum", "coop", "aero", "ac", "ad", "ae",
 			"af", "ag", "ai", "al", "am", "an", "ao", "aq", "ar", "as", "at", "au", "aw", "az", "ba", "bb", "bd", "be", "bf", "bg", "bh", "bi", "bj",