DotNetOpenAuth.AspNet

Represents the result of OAuth or OpenID authentication.

Returns an instance which indicates failed authentication.

Initializes a new instance of the class.

if set to true [is successful].

Initializes a new instance of the class.

The exception.

Initializes a new instance of the class.

The exception. The provider name.

Initializes a new instance of the class.

if set to true [is successful]. The provider. The provider user id. Name of the user. The extra data.

Gets the error that may have occured during the authentication process

Gets the optional extra data that may be returned from the provider

Gets a value indicating whether the authentication step is successful.

true if authentication is successful; otherwise, false .

Gets the provider's name.

Gets the user id that is returned from the provider. It is unique only within the Provider's namespace.

Gets an (insecure, non-unique) alias for the user that the user should recognize as himself/herself.

This may take the form of an email address, a URL, or any other value that the user may recognize. This alias may come from the Provider or may be derived by the relying party if the Provider does not supply one. It is not guaranteed to be unique and certainly does not merit any trust in any suggested authenticity.

The dictionary extensions.

Adds the value from an XDocument with the specified element name if it's not empty.

The dictionary. The document. Name of the element.

Adds a key/value pair to the specified dictionary if the value is not null or empty.

The dictionary. The key. The value.

The WindowsLive client.

The WindowsLive brand is being replaced by Microsoft account brand. We keep this class for backward compatibility only.

The Microsoft account client.

Represents the base class for OAuth 2.0 clients

Represents a client which can authenticate users via an external website/provider.

Attempts to authenticate users by forwarding them to an external website, and upon succcess or failure, redirect users back to the specified url.

The context of the current request. The return url after users have completed authenticating against external website.

Check if authentication succeeded after user is redirected back from the service provider.

The context of the current request. An instance of containing authentication result.

Gets the name of the provider which provides authentication service.

The provider name.

Initializes a new instance of the class with the specified provider name.

Name of the provider.

Attempts to authenticate users by forwarding them to an external website, and upon succcess or failure, redirect users back to the specified url.

The context. The return url after users have completed authenticating against external website.

Check if authentication succeeded after user is redirected back from the service provider.

The context. An instance of containing authentication result.

Check if authentication succeeded after user is redirected back from the service provider.

The context. The return URL which should match the value passed to RequestAuthentication() method. An instance of containing authentication result.

Gets the full url pointing to the login page for this client. The url should include the specified return url so that when the login completes, user is redirected back to that url.

The return URL. An absolute URL.

Given the access token, gets the logged-in user's data. The returned dictionary must include two keys 'id', and 'username'.

The access token of the current user. A dictionary contains key-value pairs of user data

Queries the access token from the specified authorization code.

The return URL. The authorization code. The access token

Gets the name of the provider which provides authentication service.

The authorization endpoint.

The token endpoint.

The _app id.

The _app secret.

Initializes a new instance of the class.

The app id. The app secret.

Initializes a new instance of the class.

The provider name. The app id. The app secret.

Gets the full url pointing to the login page for this client. The url should include the specified return url so that when the login completes, user is redirected back to that url.

The return URL. An absolute URL.

Given the access token, gets the logged-in user's data. The returned dictionary must include two keys 'id', and 'username'.

The access token of the current user. A dictionary contains key-value pairs of user data

Queries the access token from the specified authorization code.

The return URL. The authorization code. The query access token.

Initializes a new instance of the class.

The app id. The app secret.

Stores OAuth tokens in the current request's cookie

A token manager for use by a web site in its role as a consumer of an individual ServiceProvider.

This interface is used by clients of the DotNetOpenAuth.AspNet classes.

Gets the token secret from the specified token.

The token. The token's secret

Stores the request token together with its secret.

The request token. The request token secret.

Replaces the request token with access token.

The request token. The access token. The access token secret.

Key used for token cookie

Primary request context.

Initializes a new instance of the class.

Initializes a new instance of the class.

The current request context.

Gets the token secret from the specified token.

The token. The token's secret

Replaces the request token with access token.

The request token. The access token. The access token secret.

Stores the request token together with its secret.

The request token. The request token secret.

Protect and url-encode the specified token secret.

The token to be used as a key. The token secret to be protected The encrypted and protected string.

Url-decode and unprotect the specified encrypted token string.

The token to be used as a key. The encrypted token to be decrypted The original token secret

Gets the effective HttpContext object to use.

Stores OAuth tokens in the current request's cookie.

This class is different from the in that it also stores the access token after the authentication has succeeded.

Initializes a new instance of the class.

Initializes a new instance of the class.

The current request context.

Gets the token secret from the specified token.

The token. The token's secret

Replaces the request token with access token.

The request token. The access token. The access token secret.

Simple wrapper around IConsumerTokenManager

Store the token manager.

Initializes a new instance of the class.

The consumer key. The consumer secret. The OAuth token manager.

Gets the Token Secret given a request or access token.

The request or access token. The secret associated with the given token. Thrown if the secret cannot be found for the given token.

Stores a newly generated unauthorized request token, secret, and optional application-specific parameters for later recall.

The request message that resulted in the generation of a new unauthorized request token. The response message that includes the unauthorized request token. Thrown if the consumer key is not registered, or a required parameter was not found in the parameters collection.

Deletes a request token and its associated secret and stores a new access token and secret.

The Consumer that is exchanging its request token for an access token. The Consumer's request token that should be deleted/expired. The new access token that is being issued to the Consumer. The secret associated with the newly issued access token.

Classifies a token as a request token or an access token.

The token to classify. Request or Access token, or invalid if the token is not recognized.

Gets the consumer key.

The consumer key.

Gets the consumer secret.

The consumer secret.

The facebook client.

The authorization endpoint.

The token endpoint.

The _app id.

The _app secret.

Initializes a new instance of the class.

The app id. The app secret.

The get service login url.

The return url. An absolute URI.

The get user data.

The access token. A dictionary of profile data.

Obtains an access token given an authorization code and callback URL.

The return url. The authorization code. The access token.

Converts any % encoded values in the URL to uppercase.

The URL string to normalize The normalized url NormalizeHexEncoding("Login.aspx?ReturnUrl=%2fAccount%2fManage.aspx") returns "Login.aspx?ReturnUrl=%2FAccount%2FManage.aspx" There is an issue in Facebook whereby it will rejects the redirect_uri value if the url contains lowercase % encoded values.

Contains data of a Facebook user.

Technically, this class doesn't need to be public, but because we want to make it serializable in medium trust, it has to be public.

Gets or sets the birthday.

The birthday.

Gets or sets the email.

The email.

Gets or sets the gender.

The gender.

Gets or sets the id.

The id.

Gets or sets the link.

The link.

Gets or sets the name.

The name.

The json helper.

The deserialize.

The stream. The type of the value to deserialize. The deserialized value.

Captures the result of an access token request, including an optional refresh token.

Gets or sets the access token.

The access token.

Gets or sets the refresh token.

The refresh token.

Gets or sets the scope.

The scope.

Gets or sets the type of the token.

The type of the token.

Contains data of a Windows Live user.

Technically, this class doesn't need to be public, but because we want to make it serializable in medium trust, it has to be public.

Gets or sets the first name.

The first name.

Gets or sets the gender.

The gender.

Gets or sets the id.

The id.

Gets or sets the last name.

The last name.

Gets or sets the link.

The link.

Gets or sets the name.

The name.

The dot net open auth web consumer.

The io auth web worker.

The prepare authorized request.

The profile endpoint. The access token. An HTTP request.

The process user authorization.

The response message.

The request authentication.

The callback.

The _web consumer.

Initializes a new instance of the class.

The service description. The token manager.

The prepare authorized request.

The profile endpoint. The access token. An HTTP request.

The process user authorization.

The response message.

The request authentication.

The callback.

Performs application-defined tasks associated with freeing, releasing, or resetting unmanaged resources.

2

Releases unmanaged and - optionally - managed resources

true to release both managed and unmanaged resources; false to release only unmanaged resources.

An implementation of IOAuthTokenManager which stores keys in memory.

The _tokens and secrets.

Initializes a new instance of the class.

The consumer key. The consumer secret.

Deletes a request token and its associated secret and stores a new access token and secret.

The Consumer that is exchanging its request token for an access token. The Consumer's request token that should be deleted/expired. The new access token that is being issued to the Consumer. The secret associated with the newly issued access token. Any scope of granted privileges associated with the request token from the original call to should be carried over to the new Access Token. To associate a user account with the new access token, HttpContext.Current.User may be useful in an ASP.NET web application within the implementation of this method. Alternatively you may store the access token here without associating with a user account, and wait until or return the access token to associate the access token with a user account at that point.

Gets the Token Secret given a request or access token.

The request or access token. The secret associated with the given token. Thrown if the secret cannot be found for the given token.

Classifies a token as a request token or an access token.

The token to classify. Request or Access token, or invalid if the token is not recognized.

Stores a newly generated unauthorized request token, secret, and optional application-specific parameters for later recall.

The request message that resulted in the generation of a new unauthorized request token. The response message that includes the unauthorized request token. Thrown if the consumer key is not registered, or a required parameter was not found in the parameters collection. Request tokens stored by this method SHOULD NOT associate any user account with this token. It usually opens up security holes in your application to do so. Instead, you associate a user account with access tokens (not request tokens) in the method.

Gets the consumer key.

Gets the consumer secret.

Represents LinkedIn authentication client.

Represents base class for OAuth 1.0 clients

Initializes a new instance of the class.

Name of the provider. The service description. The consumer key. The consumer secret.

Initializes a new instance of the class.

Name of the provider. The service Description. The token Manager.

Initializes a new instance of the class.

The provider name. The web worker.

Attempts to authenticate users by forwarding them to an external website, and upon succcess or failure, redirect users back to the specified url.

The context. The return url after users have completed authenticating against external website.

Check if authentication succeeded after user is redirected back from the service provider.

The context. An instance of containing authentication result.

Helper method to load an XDocument from an input stream.

The input stream from which to load the document. The XML document.

Check if authentication succeeded after user is redirected back from the service provider.

The response token returned from service provider Authentication result

Gets the name of the provider which provides authentication service.

Gets the OAuthWebConsumer instance which handles constructing requests to the OAuth providers.

Describes the OAuth service provider endpoints for LinkedIn.

Initializes a new instance of the class.

Tokens exchanged during the OAuth handshake are stored in cookies. The LinkedIn app's consumer key. The LinkedIn app's consumer secret.

Initializes a new instance of the class.

The consumer key. The consumer secret. The token manager.

Check if authentication succeeded after user is redirected back from the service provider.

The response token returned from service provider Authentication result.

Represents a Twitter client

The description of Twitter's OAuth protocol URIs for use with their "Sign in with Twitter" feature.

Initializes a new instance of the class with the specified consumer key and consumer secret.

Tokens exchanged during the OAuth handshake are stored in cookies. The consumer key. The consumer secret.

Initializes a new instance of the class.

The consumer key. The consumer secret. The token manager.

Check if authentication succeeded after user is redirected back from the service provider.

The response token returned from service provider Authentication result

Represents Google OpenID client.

Base classes for OpenID clients.

The openid relying party.

Pass null as applicationStore to specify dumb mode

The provider identifier.

The provider name.

Initializes a new instance of the class.

Name of the provider. The provider identifier, which is the usually the login url of the specified provider.

Attempts to authenticate users by forwarding them to an external website, and upon succcess or failure, redirect users back to the specified url.

The context of the current request. The return url after users have completed authenticating against external website.

Check if authentication succeeded after user is redirected back from the service provider.

The context of the current request. An instance of containing authentication result.

Gets the extra data obtained from the response message when authentication is successful.

The response message. Always null.

Called just before the authentication request is sent to service provider.

The request.

Gets the name of the provider which provides authentication service.

Initializes a new instance of the class.

Gets the extra data obtained from the response message when authentication is successful.

The response message. A dictionary of profile data; or null if no data is available.

Called just before the authentication request is sent to service provider.

The request.

The yahoo open id client.

Initializes a new instance of the class.

Gets the extra data obtained from the response message when authentication is successful.

The response message. A dictionary of profile data; or null if no data is available.

Called just before the authentication request is sent to service provider.

The request.

Provides helpers that mimic the ASP.NET 4.5 MachineKey.Protect / Unprotect APIs, even when running on ASP.NET 4.0. Consumers are expected to follow the same conventions used by the MachineKey.Protect / Unprotect APIs (consult MSDN docs for how these are meant to be used). Additionally, since this helper class dynamically switches between the two based on whether the current application is .NET 4.0 or 4.5, consumers should never persist output from the Protect method since the implementation will change when upgrading 4.0 -> 4.5. This should be used for transient data only.

MachineKey implementation depending on the target .NET framework version

Protects the specified user data.

The user data. The purposes. The encrypted data

Unprotects the specified protected data.

The protected data. The purposes. The unencrypted data

Gets the machine key implementation based on the runtime framework version.

The machine key implementation

ProtectUnprotect delegate.

The data. The purposes. Result of either Protect or Unprotect methods.

Abstract the MachineKey implementation in .NET 4.0 and 4.5

Protects the specified user data.

The user data. The purposes. The protected data.

Unprotects the specified protected data.

The protected data. The purposes. The unprotected data.

On ASP.NET 4.0, we perform some transforms which mimic the behaviors of MachineKey.Protect and Unprotect.

This is the magic header that identifies a MachineKey40 payload. It helps differentiate this from other encrypted payloads.

The SHA-256 factory to be used.

Protects the specified user data.

The user data. The purposes. The protected data

Unprotects the specified protected data.

The protected data. The purposes. The unprotected data

Convert bytes to hex string.

The input array. Hex string

This method is specially written to take the same amount of time regardless of where 'a' and 'b' differ. Please do not optimize it.

first array. second array. if equal, others

Computes a SHA256 hash over all of the input parameters. Each parameter is UTF8 encoded and preceded by a 7-bit encoded

integer describing the encoded byte length of the string. The parameters. The output hash

Gets the SHA-256 factory.

SHA256 factory

Convert to hex character

The value to be converted. Hex character

Convert hdex string to bytes.

Input hex string. The bytes

Convert hex digit to byte.

The hex digit. The byte

On ASP.NET 4.5, we can just delegate to MachineKey.Protect and MachineKey.Unprotect directly, which contain optimized code paths.

Protect thunk

Unprotect thunk

Initializes a new instance of the class.

The protect thunk. The unprotect thunk.

Protects the specified user data.

The user data. The purposes. The protected data

Unprotects the specified protected data.

The protected data. The purposes. The unprotected data

The uri helper.

The attach query string parameter.

The url. The parameter name. This value should not be provided by an end user; the caller should ensure that this value comes only from a literal string. The parameter value. An absolute URI.

Converts an app-relative url, e.g. ~/Content/Return.cshtml, to a full-blown url, e.g. http://mysite.com/Content/Return.cshtml

The return URL. The context. An absolute URI.

Common methods available on identity issuers.

Get a user name from an identity provider and their own assigned user ID.

The identity provider. The issuer's ID for the user. The username of the user.

Helper methods for setting and retrieving a custom forms authentication ticket for delegation protocols.

The open auth cookie token.

Checks whether the specified HTTP request comes from an authenticated user.

The context. True if the reuest is authenticated; false otherwise.

Adds an authentication cookie to the user agent in the next HTTP response.

The context. The user name. A value indicating whether the cookie should persist across sessions.

Creates an HTTP authentication cookie.

The user name. A value indicating whether the cookie should last across sessions. An authentication cookie.

Manage authenticating with an external OAuth or OpenID provider

Purposes string used for protecting the anti-XSRF token.

The provider query string name.

The query string name for session id.

The cookie name for session id.

The _authentication provider.

The _data provider.

The _request context.

Initializes a new instance of the class.

The request context. The provider. The data provider.

Gets the provider that is responding to an authentication request.

The HTTP request context. The provider name, if one is available.

Checks if the specified provider user id represents a valid account. If it does, log user in.

The provider user id. if set to true create persistent cookie. true if the login is successful.

Requests the specified provider to start the authentication by directing users to an external website

The return url after user is authenticated.

Checks if user is successfully authenticated when user is redirected back to this user.

The return Url which must match exactly the Url passed into RequestAuthentication() earlier. This returnUrl parameter only applies to OAuth2 providers. For other providers, it ignores the returnUrl parameter. The result of the authentication.

Returns the username of the current logged-in user.

The HTTP request context. The username, or String.Empty if anonymous.

Validates the request against XSRF attack.

The session id embedded in the query string. true if the request is safe. Otherwise, false.

Gets a value indicating whether IsAuthenticatedWithOpenAuth.

A strongly-typed resource class, for looking up localized strings, etc.

Returns the cached ResourceManager instance used by this class.

Overrides the current thread's CurrentUICulture property for all resource lookups using this strongly typed resource class.

Looks up a localized string similar to A setting in web.config requires a secure connection for this request but the current connection is not secured..

Looks up a localized string similar to Unable to encrypt the authentication ticket..

Looks up a localized string similar to The provided data could not be decrypted. If the current application is deployed in a web farm configuration, ensure that the 'decryptionKey' and 'validationKey' attributes are explicitly specified in the <machineKey> configuration section..

Looks up a localized string similar to An OAuth data provider has already been registered for this application..

Looks up a localized string similar to This operation is not supported on the current provider. Call the overload of VerifyAuthentication() which accepts a return url..

Looks up a localized string similar to Failed to obtain the authentication response from service provider..