本文整理汇总了C#中IAuthenticationRequest.GetExtension方法的典型用法代码示例。如果您正苦于以下问题:C# IAuthenticationRequest.GetExtension方法的具体用法?C# IAuthenticationRequest.GetExtension怎么用?C# IAuthenticationRequest.GetExtension使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类IAuthenticationRequest的用法示例。
在下文中一共展示了IAuthenticationRequest.GetExtension方法的4个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的C#代码示例。
示例1: ProcessAuthenticationChallenge
internal static void ProcessAuthenticationChallenge(IAuthenticationRequest idrequest) {
// Verify that RP discovery is successful.
if (idrequest.IsReturnUrlDiscoverable(ProviderEndpoint.Provider) != RelyingPartyDiscoveryResult.Success) {
idrequest.IsAuthenticated = false;
return;
}
// Verify that the RP is on the whitelist. Realms are case sensitive.
string[] whitelist = ConfigurationManager.AppSettings["whitelistedRealms"].Split(';');
if (Array.IndexOf(whitelist, idrequest.Realm.ToString()) < 0) {
idrequest.IsAuthenticated = false;
return;
}
if (idrequest.IsDirectedIdentity) {
if (HttpContext.Current.User.Identity.IsAuthenticated) {
idrequest.LocalIdentifier = Util.BuildIdentityUrl();
idrequest.IsAuthenticated = true;
} else {
idrequest.IsAuthenticated = false;
}
} else {
string userOwningOpenIdUrl = Util.ExtractUserName(idrequest.LocalIdentifier);
// NOTE: in a production provider site, you may want to only
// respond affirmatively if the user has already authorized this consumer
// to know the answer.
idrequest.IsAuthenticated = userOwningOpenIdUrl == HttpContext.Current.User.Identity.Name;
}
if (idrequest.IsAuthenticated.Value) {
// add extension responses here.
var fetchRequest = idrequest.GetExtension<FetchRequest>();
if (fetchRequest != null) {
var fetchResponse = new FetchResponse();
if (fetchRequest.Attributes.Contains(RolesAttribute)) {
// Inform the RP what roles this user should fill
// These roles would normally come out of the user database.
fetchResponse.Attributes.Add(RolesAttribute, "Member", "Admin");
}
idrequest.AddResponseExtension(fetchResponse);
}
}
}示例2: PolicyResponse
/// <summary>
/// Called when the Provider is preparing to send a response to an authentication request.
/// </summary>
/// <param name="request">The request that is configured to generate the outgoing response.</param>
/// <returns>
/// <c>true</c> if this behavior owns this request and wants to stop other behaviors
/// from handling it; <c>false</c> to allow other behaviors to process this request.
/// </returns>
bool IProviderBehavior.OnOutgoingResponse(IAuthenticationRequest request) {
// Nothing to do for negative assertions.
if (!request.IsAuthenticated.Value) {
return false;
}
var requestInternal = (Provider.AuthenticationRequest)request;
var responseMessage = (IProtocolMessageWithExtensions)requestInternal.Response;
// Only apply our special policies if the RP requested it.
var papeRequest = request.GetExtension<PolicyRequest>();
if (papeRequest != null) {
if (papeRequest.PreferredPolicies.Contains(AuthenticationPolicies.PrivatePersonalIdentifier)) {
ErrorUtilities.VerifyProtocol(request.ClaimedIdentifier == request.LocalIdentifier, OpenIdStrings.DelegatingIdentifiersNotAllowed);
if (PpidIdentifierProvider == null) {
Logger.OpenId.Error(BehaviorStrings.PpidProviderNotGiven);
return false;
}
// Mask the user's identity with a PPID.
if (PpidIdentifierProvider.IsUserLocalIdentifier(request.LocalIdentifier)) {
Identifier ppidIdentifier = PpidIdentifierProvider.GetIdentifier(request.LocalIdentifier, request.Realm);
requestInternal.ResetClaimedAndLocalIdentifiers(ppidIdentifier);
}
// Indicate that the RP is receiving a PPID claimed_id
var papeResponse = responseMessage.Extensions.OfType<PolicyResponse>().SingleOrDefault();
if (papeResponse == null) {
request.AddResponseExtension(papeResponse = new PolicyResponse());
}
if (!papeResponse.ActualPolicies.Contains(AuthenticationPolicies.PrivatePersonalIdentifier)) {
papeResponse.ActualPolicies.Add(AuthenticationPolicies.PrivatePersonalIdentifier);
}
Reporting.RecordEventOccurrence(this, string.Empty);
}
}
return false;
}示例3: SendAssertion
/// <summary>
/// Actually send a response to the given request if possible.
///
/// May also result in some prompting for permissions, unless noPrompt is set.
/// </summary>
protected ActionResult SendAssertion(IAuthenticationRequest authReq, bool noPrompt = false)
{
if (authReq == null)
{
throw new InvalidOperationException("There's no pending authentication request!");
}
if (authReq.IsDirectedIdentity)
{
authReq.LocalIdentifier = Current.LoggedInUser.GetClaimedIdentifier();
}
if (!authReq.IsDelegatedIdentifier)
{
authReq.ClaimedIdentifier = authReq.LocalIdentifier;
}
authReq.IsAuthenticated = this.UserControlsIdentifier(authReq);
if (authReq.IsAuthenticated.Value)
{
authReq.LocalIdentifier = Current.LoggedInUser.GetClaimedIdentifier();
// Respond to SREG extension requests.
var claimsReq = authReq.GetExtension<ClaimsRequest>();
if (claimsReq != null)
{
var claimsResp = claimsReq.CreateResponse();
if (claimsReq.Email != DemandLevel.NoRequest)
{
claimsResp.Email = Current.LoggedInUser.Email;
}
if (claimsReq.FullName != DemandLevel.NoRequest)
{
var realName = Current.LoggedInUser.RealName;
if (realName.HasValue())
claimsResp.FullName = realName;
}
authReq.AddResponseExtension(claimsResp);
}
// Response to AX extension requests
var fetchReq = authReq.GetExtension<FetchRequest>();
if (fetchReq != null)
{
var fetchResp = new FetchResponse();
if (fetchReq.Attributes.Contains(WellKnownAttributes.Contact.Email))
{
fetchResp.Attributes.Add(WellKnownAttributes.Contact.Email, Current.LoggedInUser.Email);
}
if (fetchReq.Attributes.Contains(WellKnownAttributes.Name.FullName))
{
var realName = Current.LoggedInUser.RealName;
if (realName.HasValue())
fetchResp.Attributes.Add(WellKnownAttributes.Name.FullName, realName);
}
authReq.AddResponseExtension(fetchResp);
}
var writeableUser = Current.WriteDB.Users.Single(u => u.Id == Current.LoggedInUser.Id);
writeableUser.AuthenticatedTo(Current.Now, authReq.Realm.Host);
}
var req = OpenIdProvider.PrepareResponse(authReq).AsActionResult();
return req;
}示例4: ProcessAuthenticationChallengeAsync
internal static async Task ProcessAuthenticationChallengeAsync(IAuthenticationRequest idrequest, CancellationToken cancellationToken) {
// Verify that RP discovery is successful.
var providerEndpoint = new ProviderEndpoint();
if (await idrequest.IsReturnUrlDiscoverableAsync(providerEndpoint.Provider.Channel.HostFactories, cancellationToken) != RelyingPartyDiscoveryResult.Success) {
idrequest.IsAuthenticated = false;
return;
}
// Verify that the RP is on the whitelist. Realms are case sensitive.
string[] whitelist = ConfigurationManager.AppSettings["whitelistedRealms"].Split(';');
if (Array.IndexOf(whitelist, idrequest.Realm.ToString()) < 0) {
idrequest.IsAuthenticated = false;
return;
}
if (idrequest.IsDirectedIdentity) {
if (HttpContext.Current.User.Identity.IsAuthenticated) {
idrequest.LocalIdentifier = Util.BuildIdentityUrl();
idrequest.IsAuthenticated = true;
} else {
// If the RP demands an immediate answer, or if we're using implicit authentication
// and therefore have nothing further to ask the user, just reject the authentication.
if (idrequest.Immediate || ImplicitAuth) {
idrequest.IsAuthenticated = false;
} else {
// Send the user to a page to actually log into the OP.
if (!HttpContext.Current.Request.Path.EndsWith("Login.aspx", StringComparison.OrdinalIgnoreCase)) {
HttpContext.Current.Response.Redirect("~/Login.aspx");
}
}
}
} else {
string userOwningOpenIdUrl = Util.ExtractUserName(idrequest.LocalIdentifier);
// NOTE: in a production provider site, you may want to only
// respond affirmatively if the user has already authorized this consumer
// to know the answer.
idrequest.IsAuthenticated = userOwningOpenIdUrl == HttpContext.Current.User.Identity.Name;
if (!idrequest.IsAuthenticated.Value && !ImplicitAuth && !idrequest.Immediate) {
// Send the user to a page to actually log into the OP.
if (!HttpContext.Current.Request.Path.EndsWith("Login.aspx", StringComparison.OrdinalIgnoreCase)) {
HttpContext.Current.Response.Redirect("~/Login.aspx");
}
}
}
if (idrequest.IsAuthenticated.Value) {
// add extension responses here.
var fetchRequest = idrequest.GetExtension<FetchRequest>();
if (fetchRequest != null) {
var fetchResponse = new FetchResponse();
if (fetchRequest.Attributes.Contains(RolesAttribute)) {
// Inform the RP what roles this user should fill
// These roles would normally come out of the user database
// or Windows security groups.
fetchResponse.Attributes.Add(RolesAttribute, "Member", "Admin");
}
idrequest.AddResponseExtension(fetchResponse);
}
}
}