diff options
Diffstat (limited to 'OpenSim/Server/Handlers/Authentication/OpenIdServerHandler.cs')
| -rw-r--r-- | OpenSim/Server/Handlers/Authentication/OpenIdServerHandler.cs | 11 |
1 files changed, 7 insertions, 4 deletions
diff --git a/OpenSim/Server/Handlers/Authentication/OpenIdServerHandler.cs b/OpenSim/Server/Handlers/Authentication/OpenIdServerHandler.cs index b201dc7..254b82f 100644 --- a/OpenSim/Server/Handlers/Authentication/OpenIdServerHandler.cs +++ b/OpenSim/Server/Handlers/Authentication/OpenIdServerHandler.cs | |||
| @@ -178,14 +178,14 @@ namespace OpenSim.Server.Handlers.Authentication | |||
| 178 | "; | 178 | "; |
| 179 | 179 | ||
| 180 | /// <summary>Page shown for an invalid OpenID identity</summary> | 180 | /// <summary>Page shown for an invalid OpenID identity</summary> |
| 181 | const string INVALID_OPENID_PAGE = | 181 | const string INVALID_OPENID_PAGE = |
| 182 | @"<html><head><title>Identity not found</title></head> | 182 | @"<html><head><title>Identity not found</title></head> |
| 183 | <body>Invalid OpenID identity</body></html>"; | 183 | <body>Invalid OpenID identity</body></html>"; |
| 184 | 184 | ||
| 185 | /// <summary>Page shown if the OpenID endpoint is requested directly</summary> | 185 | /// <summary>Page shown if the OpenID endpoint is requested directly</summary> |
| 186 | const string ENDPOINT_PAGE = | 186 | const string ENDPOINT_PAGE = |
| 187 | @"<html><head><title>OpenID Endpoint</title></head><body> | 187 | @"<html><head><title>OpenID Endpoint</title></head><body> |
| 188 | This is an OpenID server endpoint, not a human-readable resource. | 188 | This is an OpenID server endpoint, not a human-readable resource. |
| 189 | For more information, see <a href='http://openid.net/'>http://openid.net/</a>. | 189 | For more information, see <a href='http://openid.net/'>http://openid.net/</a>. |
| 190 | </body></html>"; | 190 | </body></html>"; |
| 191 | 191 | ||
| @@ -222,7 +222,10 @@ For more information, see <a href='http://openid.net/'>http://openid.net/</a>. | |||
| 222 | 222 | ||
| 223 | try | 223 | try |
| 224 | { | 224 | { |
| 225 | NameValueCollection postQuery = HttpUtility.ParseQueryString(new StreamReader(httpRequest.InputStream).ReadToEnd()); | 225 | string forPost; |
| 226 | using(StreamReader sr = new StreamReader(httpRequest.InputStream)) | ||
| 227 | forPost = sr.ReadToEnd(); | ||
| 228 | NameValueCollection postQuery = HttpUtility.ParseQueryString(forPost); | ||
| 226 | NameValueCollection getQuery = HttpUtility.ParseQueryString(httpRequest.Url.Query); | 229 | NameValueCollection getQuery = HttpUtility.ParseQueryString(httpRequest.Url.Query); |
| 227 | NameValueCollection openIdQuery = (postQuery.GetValues("openid.mode") != null ? postQuery : getQuery); | 230 | NameValueCollection openIdQuery = (postQuery.GetValues("openid.mode") != null ? postQuery : getQuery); |
| 228 | 231 | ||
| @@ -241,7 +244,7 @@ For more information, see <a href='http://openid.net/'>http://openid.net/</a>. | |||
| 241 | // Check for form POST data | 244 | // Check for form POST data |
| 242 | if (passwordValues != null && passwordValues.Length == 1) | 245 | if (passwordValues != null && passwordValues.Length == 1) |
| 243 | { | 246 | { |
| 244 | if (account != null && | 247 | if (account != null && |
| 245 | (m_authenticationService.Authenticate(account.PrincipalID,Util.Md5Hash(passwordValues[0]), 30) != string.Empty)) | 248 | (m_authenticationService.Authenticate(account.PrincipalID,Util.Md5Hash(passwordValues[0]), 30) != string.Empty)) |
| 246 | authRequest.IsAuthenticated = true; | 249 | authRequest.IsAuthenticated = true; |
| 247 | else | 250 | else |