Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Fixed bug in OpenID Provider MVC sample that allowed users to log in …

…as others.

Fixes #207
  • Loading branch information...
commit cdd3e95f4eac8076ffd78641bf4cf61d4422572a 1 parent 2299e0d
@AArnott AArnott authored
Showing with 13 additions and 0 deletions.
  1. +13 −0 samples/OpenIdProviderMvc/Controllers/OpenIdController.cs
View
13 samples/OpenIdProviderMvc/Controllers/OpenIdController.cs
@@ -2,6 +2,7 @@ namespace OpenIdProviderMvc.Controllers {
using System;
using System.Collections.Generic;
using System.Linq;
+ using System.Net;
using System.Web;
using System.Web.Mvc;
using System.Web.Mvc.Ajax;
@@ -65,6 +66,11 @@ public class OpenIdController : Controller {
return response;
}
+ if (!ProviderEndpoint.PendingAuthenticationRequest.IsDirectedIdentity &&
+ !this.UserControlsIdentifier(ProviderEndpoint.PendingAuthenticationRequest)) {
+ return this.Redirect(this.Url.Action("LogOn", "Account", new { returnUrl = this.Request.Url }));
+ }
+
this.ViewData["Realm"] = ProviderEndpoint.PendingRequest.Realm;
return this.View();
@@ -72,6 +78,13 @@ public class OpenIdController : Controller {
[HttpPost, Authorize, ValidateAntiForgeryToken]
public ActionResult AskUserResponse(bool confirmed) {
+ if (!ProviderEndpoint.PendingAuthenticationRequest.IsDirectedIdentity &&
+ !this.UserControlsIdentifier(ProviderEndpoint.PendingAuthenticationRequest))
+ {
+ // The user shouldn't have gotten this far without controlling the identifier we'd send an assertion for.
+ return new HttpStatusCodeResult((int)HttpStatusCode.BadRequest);
+ }
+
if (ProviderEndpoint.PendingAnonymousRequest != null) {
ProviderEndpoint.PendingAnonymousRequest.IsApproved = confirmed;
} else if (ProviderEndpoint.PendingAuthenticationRequest != null) {
Please sign in to comment.
Something went wrong with that request. Please try again.