Permalink
Browse files

Add ServiceStack.Authentication.OpenId project and Google, Yahoo, MyO…

…penId and Custom OpenId providers.
  • Loading branch information...
mythz committed Oct 8, 2012
1 parent cf678b1 commit ea6c0256f8fc627e58c1465a577da1bdb960145b
Showing with 109,732 additions and 112 deletions.
  1. +1 −0 NuGet/NuGetPack.cmd
  2. +3 −0 build/build.bat
  3. +0 −30 lib/DotNetOpenAuth.LICENSE
  4. BIN lib/DotNetOpenAuth.dll
  5. +1 −0 release/copy.bat
  6. +13 −0 src/ServiceStack.Authentication.OpenId/GoogleOpenIdOAuthProvider.cs
  7. +13 −0 src/ServiceStack.Authentication.OpenId/MyOpenIdOAuthProvider.cs
  8. +70 −72 src/ServiceStack.Authentication.OpenId/OpenIdOAuthProvider.cs
  9. +13 −2 src/ServiceStack.Authentication.OpenId/ServiceStack.Authentication.OpenId.csproj
  10. +13 −0 src/ServiceStack.Authentication.OpenId/YahooOpenIdOAuthProvider.cs
  11. +4 −0 src/ServiceStack.Authentication.OpenId/packages.config
  12. +1 −1 src/ServiceStack.Common/Properties/AssemblyInfo.cs
  13. +1 −1 src/ServiceStack.Interfaces/Properties/AssemblyInfo.cs
  14. +1 −1 src/ServiceStack.Razor/Properties/AssemblyInfo.cs
  15. +6 −4 src/ServiceStack.ServiceInterface/Auth/UserAuth.cs
  16. +1 −0 src/ServiceStack.sln
  17. +1 −1 src/ServiceStack/Properties/AssemblyInfo.cs
  18. +74 −0 src/packages/DotNetOpenAuth.Ultimate.4.1.2.12274/content/web.config.transform
  19. BIN src/packages/DotNetOpenAuth.Ultimate.4.1.2.12274/lib/net35-full/DotNetOpenAuth.dll
  20. +36,717 −0 src/packages/DotNetOpenAuth.Ultimate.4.1.2.12274/lib/net35-full/DotNetOpenAuth.xml
  21. BIN src/packages/DotNetOpenAuth.Ultimate.4.1.2.12274/lib/net40-full/DotNetOpenAuth.dll
  22. +36,399 −0 src/packages/DotNetOpenAuth.Ultimate.4.1.2.12274/lib/net40-full/DotNetOpenAuth.xml
  23. BIN src/packages/DotNetOpenAuth.Ultimate.4.1.2.12274/lib/net45-full/DotNetOpenAuth.dll
  24. +36,399 −0 src/packages/DotNetOpenAuth.Ultimate.4.1.2.12274/lib/net45-full/DotNetOpenAuth.xml
  25. +1 −0 src/packages/repositories.config
View
@@ -7,6 +7,7 @@ nuget pack ServiceStack.Host.AspNet\servicestack.host.aspnet.nuspec
nuget pack ServiceStack.Host.Mvc\servicestack.host.mvc.nuspec
nuget pack ServiceStack.Client.Silverlight\servicestack.client.silverlight.nuspec
nuget pack ServiceStack.Host.Mvc\servicestack.host.mvc.nuspec
+nuget pack ServiceStack.Authentication.OpenId\servicestack.authentication.openid.nuspec
nuget pack ServiceStack.Plugins.ProtoBuf\servicestack.plugins.protobuf.nuspec
nuget pack ServiceStack.Plugins.MsgPack\servicestack.plugins.msgpack.nuspec
View
@@ -9,6 +9,7 @@ MD ..\NuGet\ServiceStack\lib\net35
REM MD ..\NuGet\ServiceStack\lib\net40
MD ..\NuGet\ServiceStack.Common\lib\net35
MD ..\NuGet\ServiceStack.Mvc\lib\net40
+MD ..\NuGet\ServiceStack.Authentication.OpenId\lib\net35
MD ..\NuGet\ServiceStack.Plugins.ProtoBuf\lib\net35
MD ..\NuGet\ServiceStack.Plugins.MsgPack\lib\net40
@@ -28,6 +29,8 @@ COPY ..\src\ServiceStack.ServiceInterface\bin\%BUILD%\ServiceStack.Interfaces.*
COPY ..\src\ServiceStack.FluentValidation.Mvc3\bin\%BUILD%\ServiceStack.FluentValidation.Mvc3.* ..\NuGet\ServiceStack.Mvc\lib\net40
COPY ..\src\ServiceStack.FluentValidation.Mvc3\bin\%BUILD%\ServiceStack.FluentValidation.Mvc3.* ..\NuGet\ServiceStack.Mvc\lib\net40
+COPY ..\src\ServiceStack.Authentication.OpenId\bin\%BUILD%\ServiceStack.Authentication.OpenId.* ..\NuGet\ServiceStack.Authentication.OpenId\lib\net35
+
COPY ..\src\ServiceStack.Plugins.ProtoBuf\bin\%BUILD%\ServiceStack.Plugins.ProtoBuf.* ..\NuGet\ServiceStack.Plugins.ProtoBuf\lib\net35
COPY ..\lib\MsgPack.dll ..\NuGet\ServiceStack.Plugins.MsgPack\lib\net40
View
@@ -1,30 +0,0 @@
-This software is a composite of source code contributed by several authors
-and binary dependencies that have their own copyright and license agreements.
-Every file is bound by the following copyright and license unless explicitly
-indicated otherwise in and/or for any individual file.
-
-
-Copyright (c) 2008-2009, Andrew Arnott
-All rights reserved.
-
-Microsoft Public License (Ms-PL)
-This license governs use of the accompanying software. If you use the software, you
-accept this license. If you do not accept the license, do not use the software.
-
-1. Definitions
-The terms "reproduce," "reproduction," "derivative works," and "distribution" have the
-same meaning here as under U.S. copyright law.
-A "contribution" is the original software, or any additions or changes to the software.
-A "contributor" is any person that distributes its contribution under this license.
-"Licensed patents" are a contributor's patent claims that read directly on its contribution.
-
-2. Grant of Rights
-(A) Copyright Grant- Subject to the terms of this license, including the license conditions and limitations in section 3, each contributor grants you a non-exclusive, worldwide, royalty-free copyright license to reproduce its contribution, prepare derivative works of its contribution, and distribute its contribution or any derivative works that you create.
-(B) Patent Grant- Subject to the terms of this license, including the license conditions and limitations in section 3, each contributor grants you a non-exclusive, worldwide, royalty-free license under its licensed patents to make, have made, use, sell, offer for sale, import, and/or otherwise dispose of its contribution in the software or derivative works of the contribution in the software.
-
-3. Conditions and Limitations
-(A) No Trademark License- This license does not grant you rights to use any contributors' name, logo, or trademarks.
-(B) If you bring a patent claim against any contributor over patents that you claim are infringed by the software, your patent license from such contributor to the software ends automatically.
-(C) If you distribute any portion of the software, you must retain all copyright, patent, trademark, and attribution notices that are present in the software.
-(D) If you distribute any portion of the software in source code form, you may do so only under this license by including a complete copy of this license with your distribution. If you distribute any portion of the software in compiled or object code form, you may only do so under a license that complies with this license.
-(E) The software is licensed "as-is." You bear the risk of using it. The contributors give no express warranties, guarantees or conditions. You may have additional consumer rights under your local laws which this license cannot change. To the extent permitted under your local laws, the contributors exclude the implied warranties of merchantability, fitness for a particular purpose and non-infringement.
View
Binary file not shown.
View
@@ -5,6 +5,7 @@ COPY ..\NuGet\ServiceStack\lib\net35\* latest\ServiceStack
COPY ..\NuGet\ServiceStack\lib\net40\* latest\ServiceStack
COPY ..\NuGet\ServiceStack.Common\lib\net35\* latest\ServiceStack
COPY ..\NuGet\ServiceStack.Mvc\lib\net40\* latest\ServiceStack
+COPY ..\NuGet\ServiceStack.Authentication.OpenId\lib\net35\* latest\ServiceStack
COPY ..\NuGet\ServiceStack.Plugins.ProtoBuf\lib\net35\* latest\ServiceStack
COPY ..\NuGet\ServiceStack.Plugins.MsgPack\lib\net40\* latest\ServiceStack
@@ -0,0 +1,13 @@
+using ServiceStack.Configuration;
+
+namespace ServiceStack.Authentication.OpenId
+{
+ public class GoogleOpenIdOAuthProvider : OpenIdOAuthProvider
+ {
+ public const string Name = "GoogleOpenId";
+ public static string Realm = "https://www.google.com/accounts/o8/id";
+
+ public GoogleOpenIdOAuthProvider(IResourceManager appSettings)
+ : base(appSettings, Name, Realm) { }
+ }
+}
@@ -0,0 +1,13 @@
+using ServiceStack.Configuration;
+
+namespace ServiceStack.Authentication.OpenId
+{
+ public class MyOpenIdOAuthProvider : OpenIdOAuthProvider
+ {
+ public const string Name = "MyOpenId";
+ public static string Realm = "http://www.myopenid.com";
+
+ public MyOpenIdOAuthProvider(IResourceManager appSettings)
+ : base(appSettings, Name, Realm) { }
+ }
+}
@@ -1,14 +1,12 @@
using System;
using System.Collections.Generic;
-using System.Net;
using DotNetOpenAuth.Messaging;
using DotNetOpenAuth.OpenId.Extensions.AttributeExchange;
using DotNetOpenAuth.OpenId.Extensions.SimpleRegistration;
using DotNetOpenAuth.OpenId.RelyingParty;
using ServiceStack.Common;
using ServiceStack.Common.Web;
using ServiceStack.Configuration;
-using ServiceStack.Logging;
using ServiceStack.ServiceClient.Web;
using ServiceStack.ServiceHost;
using ServiceStack.ServiceInterface;
@@ -17,43 +15,36 @@
namespace ServiceStack.Authentication.OpenId
{
- public class GoogleOpenIdOAuthProvider : OpenIdOAuthProvider
- {
- public const string Name = "GoogleOpenId";
- public static string Realm = "https://www.google.com/accounts/o8/id";
-
- public GoogleOpenIdOAuthProvider(IResourceManager appSettings)
- : base(appSettings, Realm, Name, null) {}
- }
-
public class OpenIdOAuthProvider : OAuthProvider
{
- private static ILog Log = LogManager.GetLogger(typeof(OpenIdOAuthProvider));
+ public const string DefaultName = "OpenId";
- public static readonly ClaimsRequest DefaultClaimsRequest = new ClaimsRequest {
- Country = DemandLevel.Request,
- Email = DemandLevel.Request,
- Gender = DemandLevel.Require,
- PostalCode = DemandLevel.Require,
- TimeZone = DemandLevel.Require,
- };
+ public OpenIdOAuthProvider(IResourceManager appSettings, string name = DefaultName, string realm = null)
+ : base(appSettings, realm, name) { }
- private ClaimsRequest ClaimsRequest;
-
- public OpenIdOAuthProvider(IResourceManager appSettings, string realm, string name, ClaimsRequest claimsRequest)
- : base(appSettings, realm, name)
+ public virtual ClaimsRequest CreateClaimsRequest(IHttpRequest httpReq)
{
- this.ClaimsRequest = claimsRequest ?? DefaultClaimsRequest;
+ return new ClaimsRequest {
+ Country = DemandLevel.Request,
+ Email = DemandLevel.Request,
+ Gender = DemandLevel.Require,
+ PostalCode = DemandLevel.Require,
+ TimeZone = DemandLevel.Require,
+ };
}
public override object Authenticate(IServiceBase authService, IAuthSession session, Auth request)
{
var tokens = Init(authService, ref session, request);
- var httpMethod = authService.RequestContext.Get<IHttpRequest>().HttpMethod;
+ var httpReq = authService.RequestContext.Get<IHttpRequest>();
+ var httpMethod = httpReq.HttpMethod;
if (httpMethod == HttpMethod.Post)
{
- var openIdUrl = base.AuthRealm;
+ var openIdUrl = httpReq.GetParam("OpenIdUrl") ?? base.AuthRealm;
+ if (openIdUrl.IsNullOrEmpty())
+ throw new ArgumentNullException("'OpenIdUrl' is required a required field");
+
try
{
using (var openid = new OpenIdRelyingParty())
@@ -64,14 +55,14 @@ public override object Authenticate(IServiceBase authService, IAuthSession sessi
// This is where you would add any OpenID extensions you wanted
// to include in the authentication request.
- openIdRequest.AddExtension(ClaimsRequest);
+ openIdRequest.AddExtension(CreateClaimsRequest(httpReq));
// Send your visitor to their Provider for authentication.
- var openIdResponse = openIdRequest.RedirectingResponse;
+ var openIdResponse = openIdRequest.RedirectingResponse;
var contentType = openIdResponse.Headers[HttpHeaders.ContentType];
var httpResult = new HttpResult(openIdResponse.ResponseStream, contentType) {
StatusCode = openIdResponse.Status,
- StatusDescription = "Moved Temporarily",
+ StatusDescription = "Moved Temporarily",
};
foreach (string header in openIdResponse.Headers)
{
@@ -86,46 +77,49 @@ public override object Authenticate(IServiceBase authService, IAuthSession sessi
return authService.Redirect(session.ReferrerUrl.AddHashParam("f", "Unknown"));
}
}
- else if (httpMethod == HttpMethod.Get)
+
+ if (httpMethod == HttpMethod.Get)
{
- var openid = new OpenIdRelyingParty();
- var response = openid.GetResponse();
- if (response != null)
+ using (var openid = new OpenIdRelyingParty())
{
- switch (response.Status)
+ var response = openid.GetResponse();
+ if (response != null)
{
- case AuthenticationStatus.Authenticated:
- // This is where you would look for any OpenID extension responses included
- // in the authentication assertion.
- var claimsResponse = response.GetExtension<ClaimsResponse>();
- var authInfo = claimsResponse.ToDictionary();
-
- authInfo["user_id"] = response.ClaimedIdentifier; //a url
-
- // Store off the "friendly" username to display -- NOT for username lookup
- authInfo["openid_ref"] = response.FriendlyIdentifierForDisplay;
-
- var provided = GetAttributeEx(response);
- foreach (var entry in provided)
- {
- authInfo[entry.Key] = entry.Value;
- }
-
- // Use FormsAuthentication to tell ASP.NET that the user is now logged in,
- // with the OpenID Claimed Identifier as their username.
-
- session.IsAuthenticated = true;
- authService.SaveSession(session, SessionExpiry);
- OnAuthenticated(authService, session, tokens, authInfo);
-
- //Haz access!
- return authService.Redirect(session.ReferrerUrl.AddHashParam("s", "1"));
-
- case AuthenticationStatus.Canceled:
- return authService.Redirect(session.ReferrerUrl.AddHashParam("f", "ProviderCancelled"));
-
- case AuthenticationStatus.Failed:
- return authService.Redirect(session.ReferrerUrl.AddHashParam("f", "Unknown"));
+ switch (response.Status)
+ {
+ case AuthenticationStatus.Authenticated:
+ // This is where you would look for any OpenID extension responses included
+ // in the authentication assertion.
+ var claimsResponse = response.GetExtension<ClaimsResponse>();
+ var authInfo = claimsResponse.ToDictionary();
+
+ authInfo["user_id"] = response.ClaimedIdentifier; //a url
+
+ // Store off the "friendly" username to display -- NOT for username lookup
+ authInfo["openid_ref"] = response.FriendlyIdentifierForDisplay;
+
+ var provided = GetAttributeEx(response);
+ foreach (var entry in provided)
+ {
+ authInfo[entry.Key] = entry.Value;
+ }
+
+ // Use FormsAuthentication to tell ASP.NET that the user is now logged in,
+ // with the OpenID Claimed Identifier as their username.
+
+ session.IsAuthenticated = true;
+ authService.SaveSession(session, SessionExpiry);
+ OnAuthenticated(authService, session, tokens, authInfo);
+
+ //Haz access!
+ return authService.Redirect(session.ReferrerUrl.AddHashParam("s", "1"));
+
+ case AuthenticationStatus.Canceled:
+ return authService.Redirect(session.ReferrerUrl.AddHashParam("f", "ProviderCancelled"));
+
+ case AuthenticationStatus.Failed:
+ return authService.Redirect(session.ReferrerUrl.AddHashParam("f", "Unknown"));
+ }
}
}
}
@@ -141,12 +135,16 @@ protected override void LoadUserAuthInfo(AuthUserSession userSession, IOAuthToke
if (authInfo.ContainsKey("name"))
tokens.DisplayName = authInfo.GetValueOrDefault("name");
-
- if (authInfo.ContainsKey("Email"))
- tokens.Email = authInfo.GetValueOrDefault("Email");
if (authInfo.ContainsKey("FullName"))
+ {
tokens.FullName = authInfo.GetValueOrDefault("FullName");
+ if (tokens.DisplayName.IsNullOrEmpty())
+ tokens.DisplayName = tokens.FullName;
+ }
+
+ if (authInfo.ContainsKey("Email"))
+ tokens.Email = authInfo.GetValueOrDefault("Email");
if (authInfo.ContainsKey("BirthDate"))
tokens.BirthDate = authInfo.GetValueOrDefault("BirthDate").FromJsv<DateTime?>();
@@ -174,7 +172,7 @@ protected override void LoadUserAuthInfo(AuthUserSession userSession, IOAuthToke
if (authInfo.ContainsKey("TimeZone"))
tokens.TimeZone = authInfo.GetValueOrDefault("TimeZone");
-
+
LoadUserOAuthProvider(userSession, tokens);
}
@@ -207,7 +205,7 @@ private void AddAttributeExchangeExtensions(IAuthenticationRequest auth)
auth.AddExtension(fetch);
}
-
+
/// <summary>
/// Extracts an Attribute Exchange response, if one exists
/// </summary>
@@ -255,7 +253,7 @@ private void AddAttributeExchangeExtensions(IAuthenticationRequest auth)
public static class OpenIdExtensions
{
- public static Dictionary<string,string> ToDictionary(this ClaimsResponse response)
+ public static Dictionary<string, string> ToDictionary(this ClaimsResponse response)
{
var map = new Dictionary<string, string>();
if (response == null) return map;
@@ -31,8 +31,9 @@
<WarningLevel>4</WarningLevel>
</PropertyGroup>
<ItemGroup>
- <Reference Include="DotNetOpenAuth">
- <HintPath>..\..\lib\DotNetOpenAuth.dll</HintPath>
+ <Reference Include="DotNetOpenAuth, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <SpecificVersion>False</SpecificVersion>
+ <HintPath>..\packages\DotNetOpenAuth.Ultimate.4.1.2.12274\lib\net35-full\DotNetOpenAuth.dll</HintPath>
</Reference>
<Reference Include="ServiceStack.Text">
<HintPath>..\..\lib\ServiceStack.Text.dll</HintPath>
@@ -45,8 +46,14 @@
<Reference Include="System.Xml" />
</ItemGroup>
<ItemGroup>
+ <Compile Include="GoogleOpenIdOAuthProvider.cs" />
+ <Compile Include="MyOpenIdOAuthProvider.cs" />
<Compile Include="OpenIdOAuthProvider.cs" />
<Compile Include="Properties\AssemblyInfo.cs" />
+ <Compile Include="YahooOpenIdOAuthProvider.cs" />
+ </ItemGroup>
+ <ItemGroup>
+ <None Include="packages.config" />
</ItemGroup>
<ItemGroup>
<ProjectReference Include="..\ServiceStack.Common\ServiceStack.Common.csproj">
@@ -61,6 +68,10 @@
<Project>{5A315F92-80D2-4C60-A5A4-22E027AC7E7E}</Project>
<Name>ServiceStack.ServiceInterface</Name>
</ProjectReference>
+ <ProjectReference Include="..\ServiceStack\ServiceStack.csproj">
+ <Project>{680A1709-25EB-4D52-A87F-EE03FFD94BAA}</Project>
+ <Name>ServiceStack</Name>
+ </ProjectReference>
</ItemGroup>
<Import Project="$(MSBuildToolsPath)\Microsoft.CSharp.targets" />
<!-- To modify your build process, add your task inside one of the targets below and uncomment it.
@@ -0,0 +1,13 @@
+using ServiceStack.Configuration;
+
+namespace ServiceStack.Authentication.OpenId
+{
+ public class YahooOpenIdOAuthProvider : OpenIdOAuthProvider
+ {
+ public const string Name = "YahooOpenId";
+ public static string Realm = "https://me.yahoo.com";
+
+ public YahooOpenIdOAuthProvider(IResourceManager appSettings)
+ : base(appSettings, Name, Realm) { }
+ }
+}
@@ -0,0 +1,4 @@
+<?xml version="1.0" encoding="utf-8"?>
+<packages>
+ <package id="DotNetOpenAuth.Ultimate" version="4.1.2.12274" />
+</packages>
@@ -33,7 +33,7 @@
// You can specify all the values or you can default the Build and Revision Numbers
// by using the '*' as shown below:
// [assembly: AssemblyVersion("1.0.*")]
-[assembly: AssemblyVersion("3.9.21.0")]
+[assembly: AssemblyVersion("3.9.24.0")]
// CCB Custom
[assembly: ContractNamespace("http://schemas.servicestack.net/types",
Oops, something went wrong.

0 comments on commit ea6c025

Please sign in to comment.