Permalink
Browse files

Fixed bug in OpenID Provider MVC sample that allowed users to log in …

…as others.

Fixes #207
  • Loading branch information...
1 parent 2299e0d commit cdd3e95f4eac8076ffd78641bf4cf61d4422572a @AArnott AArnott committed Sep 27, 2012
Showing with 13 additions and 0 deletions.
  1. +13 −0 samples/OpenIdProviderMvc/Controllers/OpenIdController.cs
@@ -2,6 +2,7 @@ namespace OpenIdProviderMvc.Controllers {
using System;
using System.Collections.Generic;
using System.Linq;
+ using System.Net;
using System.Web;
using System.Web.Mvc;
using System.Web.Mvc.Ajax;
@@ -65,13 +66,25 @@ public class OpenIdController : Controller {
return response;
}
+ if (!ProviderEndpoint.PendingAuthenticationRequest.IsDirectedIdentity &&
+ !this.UserControlsIdentifier(ProviderEndpoint.PendingAuthenticationRequest)) {
+ return this.Redirect(this.Url.Action("LogOn", "Account", new { returnUrl = this.Request.Url }));
+ }
+
this.ViewData["Realm"] = ProviderEndpoint.PendingRequest.Realm;
return this.View();
}
[HttpPost, Authorize, ValidateAntiForgeryToken]
public ActionResult AskUserResponse(bool confirmed) {
+ if (!ProviderEndpoint.PendingAuthenticationRequest.IsDirectedIdentity &&
+ !this.UserControlsIdentifier(ProviderEndpoint.PendingAuthenticationRequest))
+ {
+ // The user shouldn't have gotten this far without controlling the identifier we'd send an assertion for.
+ return new HttpStatusCodeResult((int)HttpStatusCode.BadRequest);
+ }
+
if (ProviderEndpoint.PendingAnonymousRequest != null) {
ProviderEndpoint.PendingAnonymousRequest.IsApproved = confirmed;
} else if (ProviderEndpoint.PendingAuthenticationRequest != null) {

0 comments on commit cdd3e95

Please sign in to comment.