remove some whitespace
[raven/abandoned/asp.git] / Test.asp
1 <!DOCTYPE html>
2 <html>
3 <head>
4 <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
5 <!--#include file="Ucam_Webauth.vbs"-->
6 </head>
7 <%
8
9 Sub Main
10
11 ' Examine the 'UcamWebAuthTestingClient' cookie.
12 ' This cookie is used to store the index number of
13 ' the LAST test and the outcome of that test. This
14 ' cookie is only updated when an authentication
15 ' cycle is complete (which could be due to an
16 ' error) so we use the cookie to determine the
17 ' index of the CURRENT test.
18 '
19 ' NOTE: This cookie is completely separate
20 ' from the 'Authentication cookie' and is
21 ' purely used for testing.
22 '
23 ' The actual value of the cookie consists of
24 ' three elements delimited by '!':
25 '
26 ' 'index!status_code!status_message'
27
28 testing_client_cookie_name = "UcamWebAuthTestingClient"
29 testing_client_cookie_index = 1
30
31 If (Request.Cookies(testing_client_cookie_name) <> "") Then
32 testing_client_cookie_value = Request.Cookies(testing_client_cookie_name)
33 testing_client_cookie_array = Split(testing_client_cookie_value, "!")
34 testing_client_cookie_index = CInt(testing_client_cookie_array(0))
35 testing_client_cookie_index = testing_client_cookie_index + 1
36 End If
37
38 ' Create 'Scripting.Dictionary' object
39 ' to hold the arguments we will supply
40 ' to the 'Ucam_Webauth' object.
41
42 Set args = CreateObject("Scripting.Dictionary")
43
44 ' Add the different arguments to the 'args'
45 ' associative array as name/value pairs.
46 ' Both name and value must be strings
47 ' so integers must be added as "x", eg. "60".
48
49 ' 'auth_service' is the WLS authentication server.
50 ' The following line gives the the demo Raven testing server:
51
52 ' args.Add "auth_service", "https://demo.raven.cam.ac.uk/auth/authenticate.html"
53
54 ' We're testing with our Dummy Raven WLS server so use that:
55 args.Add "auth_service", "http://www2.careers.cam.ac.uk:11812"
56
57 ' 'hostname' must be a domain name and perhaps a
58 ' port but nothing more.
59
60 args.Add "hostname", "localhost:81"
61
62 ' 'log_file' is the location of the logfile
63 ' which must be read/writable by the webserver.
64
65 args.Add "log_file", "C:/wamp/www/raven/vbscriptlog.txt"
66
67 ' 'key_dir' is the directory holding the
68 ' public key certificate.
69
70 args.Add "key_dir", "C:/wamp/www/raven"
71
72 ' 'cookie_key' is the key used to generate
73 ' hash values of the authentication cookie.
74 ' Ideally it should be changed on a regular basis
75 ' but not during sessions.
76
77 args.Add "cookie_key", "Random string"
78
79 ' We add the current iteration of testing in
80 ' 'testing_client_cookie_index' as a parameter
81 ' to Ucam_Webauth which should then be
82 ' included as a parameter in the authentication
83 ' request to the WLS and the subsequent
84 ' authentication response back from the WLS.
85
86 args.Add "authrequest_params", CStr(testing_client_cookie_index)
87
88
89 ' Create new instance of 'Ucam_Webauth'
90 ' and supply arguments.
91 ' We do not need to include 'Request' and 'Response'
92 ' variables (as in C# version), in order to get/set
93 ' cookies and server variables and perform redirects
94 ' as these variables are globally accessible to ASP class.
95
96 Set oUcam_Webauth = New Ucam_Webauth
97 Call oUcam_Webauth(args)
98
99 ' For the purposes of testing, we provide
100 ' a 'Logout' link that removes the local
101 ' authentication cookie and then displays
102 ' a link to easily logout the Raven WLS.
103 ' So we check to see if this 'Action=Logout'
104 ' link has been called and logout/display
105 ' link accordingly.
106
107 If (Request.ServerVariables("QUERY_STRING") = "Action=Logout") Then
108 oUcam_Webauth.ResetState()
109 Response.Write("Logged out of Raven (local)<br/>")
110 Response.Write("<a href='https://raven.cam.ac.uk/auth/logout.html'>Logout Raven (remote)</a><br/>" & _
111 "<a href='Default.asp'>Access Raven authenticated page</a>")
112 Exit Sub
113 End If
114
115 ' When you first access this page
116 ' the 'Authenticate' function will be called.
117 ' This will typically be called three times
118 ' in total to successfully authenticate the
119 ' user. In the first two iterations of
120 ' 'Authenticate', it will return
121 ' 'AUTHENTICATE_INCOMPLETE' while it
122 ' redirects the user's browser first to
123 ' the Raven WLS and then back to this page.
124 ' On the third iteration of 'Authenticate', it
125 ' will return 'AUTHENTICATE_COMPLETE_AUTHENTICATED'
126 ' or 'AUTHENTICATE_COMPLETE_NOT_AUTHENTICATED'
127 ' if the authentication process has fully
128 ' completed without error.
129
130 Select Case oUcam_Webauth.Authenticate()
131
132 Case oUcam_Webauth.AUTHENTICATE_INCOMPLETE
133
134 ' 'Authenticate' still redirecting pages
135 ' so don't do anything else.
136
137 Exit Sub
138
139 Case oUcam_Webauth.AUTHENTICATE_COMPLETE_AUTHENTICATED
140
141 ' Success so display the 'principal', ie. the user id.
142
143 Response.Write("SUCCESS. You are " & oUcam_Webauth.principal() & "<br/>")
144
145 ' Also display the 'ptags' parameter indicating
146 ' whether the user is 'current' or not.
147
148 Response.Write("Ptags = " & oUcam_Webauth.ptags() & "<br/>")
149
150 ' Display any 'GET variables' to check they
151 ' have carried through from the original
152 ' page request.
153
154 For Each item In Request.QueryString()
155 Response.Write item & "=" & Request.QueryString()(item) & "<br/>"
156 Next
157
158 ' Display a 'Logout' link to make it easy to
159 ' test authentication repeatedly.
160
161 Response.Write("<a href='Default.asp?Action=Logout'>Logout Raven (local)</a>")
162
163 Case Else
164
165 ' Either there was an error or a failed
166 ' authentication so print out the result either way.
167
168 Response.Write("FAIL - " & oUcam_Webauth.status() & ": " & oUcam_Webauth.msg())
169
170 ' Also log the error for debugging purposes.
171
172 oUcam_Webauth.write_log("FAIL - " & oUcam_Webauth.status() & ": " & oUcam_Webauth.msg())
173
174 End Select
175
176 ' We use a 'UcamWebAuthTestingClient' cookie
177 ' to store the return 'status' of the most recent
178 ' authentication attempt. The Dummy WLS server
179 ' looks at the value of this cookie, compares
180 ' it with its most recent attempt to generate a
181 ' particular status and logs the results.
182 ' Ideally the status/error the Dummy WLS server
183 ' tried to generate should match the status/error
184 ' recorded here.
185 '
186 ' NOTE: The Dummy WLS server only performs the
187 ' comparison of 'actual' and 'expected' when
188 ' it receives a subsequent authentication request.
189 ' ie. when testing is terminated, the final
190 ' authentication attempt comparison may be lost.
191
192 ' Store number of testing iteration, return status and status msg.
193 ' To make it a session cookie, we don't specify 'Expires'.
194
195 Response.Cookies("UcamWebAuthTestingClient") = CStr(testing_client_cookie_index) & "!" & oUcam_Webauth.status() & "!" & oUcam_Webauth.msg()
196
197 ' We intend to perform another authentication attempt
198 ' so reset the state of Ucam_Webauth, ie. remove
199 ' the authentication cookie.
200
201 oUcam_Webauth.ResetState()
202
203
204 End Sub
205
206 Call Main
207
208 %>
209
210 <script language="javascript">
211
212 // Set a brief timeout before reloading this page again
213 // and triggering off another authentication attempt cycle.
214
215 window.setTimeout(function () { window.location.href = "http://localhost:81/Test.asp?Test1=Value1&Test2=Value2&Test3=Value3+Value4"; }, 10);
216
217 </script>
218
219 </html>