diff options
| author | David Christiansen <coding@davedoes.net> | 2012-07-01 23:06:15 +0100 |
|---|---|---|
| committer | David Christiansen <coding@davedoes.net> | 2012-07-01 23:06:15 +0100 |
| commit | 26e66557540cd70188dce590544c05c7b6ad9f84 (patch) | |
| tree | 9d90ce0788b794a5689d9205ac18d09a6bd7d479 /src | |
| parent | 3286c37f3a967e7d142534df84604a66be9d176c (diff) | |
| download | DotNetOpenAuth.Samples-26e66557540cd70188dce590544c05c7b6ad9f84.zip DotNetOpenAuth.Samples-26e66557540cd70188dce590544c05c7b6ad9f84.tar.gz DotNetOpenAuth.Samples-26e66557540cd70188dce590544c05c7b6ad9f84.tar.bz2 | |
Upgrade to latest nuget package
Diffstat (limited to 'src')
72 files changed, 1165 insertions, 842 deletions
diff --git a/src/DotNetOpenAuth.ApplicationBlock/DotNetOpenAuth.ApplicationBlock.csproj b/src/DotNetOpenAuth.ApplicationBlock/DotNetOpenAuth.ApplicationBlock.csproj index b86c930..f2acb39 100644 --- a/src/DotNetOpenAuth.ApplicationBlock/DotNetOpenAuth.ApplicationBlock.csproj +++ b/src/DotNetOpenAuth.ApplicationBlock/DotNetOpenAuth.ApplicationBlock.csproj @@ -70,44 +70,71 @@ <DefineConstants>$(DefineConstants);SAMPLESONLY</DefineConstants>
</PropertyGroup>
<ItemGroup>
- <Reference Include="DotNetOpenAuth.Core">
- <HintPath>..\..\packages\DotNetOpenAuth.Core.4.0.0.12084\lib\net40-full\DotNetOpenAuth.Core.dll</HintPath>
+ <Reference Include="DotNetOpenAuth.Core, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\packages\DotNetOpenAuth.Core.4.1.0.12182\lib\net40-full\DotNetOpenAuth.Core.dll</HintPath>
</Reference>
- <Reference Include="DotNetOpenAuth.InfoCard">
- <HintPath>..\..\packages\DotNetOpenAuth.InfoCard.4.0.0.12084\lib\net40-full\DotNetOpenAuth.InfoCard.dll</HintPath>
+ <Reference Include="DotNetOpenAuth.Core.UI">
+ <HintPath>..\..\packages\DotNetOpenAuth.Core.UI.4.1.0.12182\lib\net40-full\DotNetOpenAuth.Core.UI.dll</HintPath>
</Reference>
- <Reference Include="DotNetOpenAuth.OAuth">
- <HintPath>..\..\packages\DotNetOpenAuth.OAuth.Core.4.0.0.12084\lib\net40-full\DotNetOpenAuth.OAuth.dll</HintPath>
+ <Reference Include="DotNetOpenAuth.InfoCard, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\packages\DotNetOpenAuth.InfoCard.4.1.0.12182\lib\net40-full\DotNetOpenAuth.InfoCard.dll</HintPath>
</Reference>
- <Reference Include="DotNetOpenAuth.OAuth.Common">
- <HintPath>..\..\packages\DotNetOpenAuth.OAuth.Common.4.0.0.12084\lib\net40-full\DotNetOpenAuth.OAuth.Common.dll</HintPath>
+ <Reference Include="DotNetOpenAuth.InfoCard.UI">
+ <HintPath>..\..\packages\DotNetOpenAuth.InfoCard.UI.4.1.0.12182\lib\net40-full\DotNetOpenAuth.InfoCard.UI.dll</HintPath>
</Reference>
- <Reference Include="DotNetOpenAuth.OAuth.Consumer">
- <HintPath>..\..\packages\DotNetOpenAuth.OAuth.Consumer.4.0.0.12084\lib\net40-full\DotNetOpenAuth.OAuth.Consumer.dll</HintPath>
+ <Reference Include="DotNetOpenAuth.OAuth, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\packages\DotNetOpenAuth.OAuth.Core.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OAuth.dll</HintPath>
</Reference>
- <Reference Include="DotNetOpenAuth.OAuth.ServiceProvider">
- <HintPath>..\..\packages\DotNetOpenAuth.OAuth.ServiceProvider.4.0.0.12084\lib\net40-full\DotNetOpenAuth.OAuth.ServiceProvider.dll</HintPath>
+ <Reference Include="DotNetOpenAuth.OAuth.Common, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\packages\DotNetOpenAuth.OAuth.Common.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OAuth.Common.dll</HintPath>
</Reference>
- <Reference Include="DotNetOpenAuth.OAuth2">
- <HintPath>..\..\packages\DotNetOpenAuth.OAuth2.Core.0.23.0-draft2\lib\net40-full\DotNetOpenAuth.OAuth2.dll</HintPath>
+ <Reference Include="DotNetOpenAuth.OAuth.Consumer, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\packages\DotNetOpenAuth.OAuth.Consumer.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OAuth.Consumer.dll</HintPath>
</Reference>
- <Reference Include="DotNetOpenAuth.OAuth2.Client">
- <HintPath>..\..\packages\DotNetOpenAuth.OAuth2.Client.0.23.0-draft2\lib\net40-full\DotNetOpenAuth.OAuth2.Client.dll</HintPath>
+ <Reference Include="DotNetOpenAuth.OAuth.ServiceProvider, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\packages\DotNetOpenAuth.OAuth.ServiceProvider.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OAuth.ServiceProvider.dll</HintPath>
</Reference>
- <Reference Include="DotNetOpenAuth.OAuth2.Client.UI">
- <HintPath>..\..\packages\DotNetOpenAuth.OAuth2.Client.UI.0.23.0-draft2\lib\net40-full\DotNetOpenAuth.OAuth2.Client.UI.dll</HintPath>
+ <Reference Include="DotNetOpenAuth.OAuth2, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\packages\DotNetOpenAuth.OAuth2.Core.0.25.0-draft1\lib\net40-full\DotNetOpenAuth.OAuth2.dll</HintPath>
</Reference>
- <Reference Include="DotNetOpenAuth.OpenId">
- <HintPath>..\..\packages\DotNetOpenAuth.OpenId.Core.4.0.0.12084\lib\net40-full\DotNetOpenAuth.OpenId.dll</HintPath>
+ <Reference Include="DotNetOpenAuth.OAuth2.AuthorizationServer">
+ <HintPath>..\..\packages\DotNetOpenAuth.OAuth2.AuthorizationServer.0.25.0-draft1\lib\net40-full\DotNetOpenAuth.OAuth2.AuthorizationServer.dll</HintPath>
</Reference>
- <Reference Include="DotNetOpenAuth.OpenId.Provider">
- <HintPath>..\..\packages\DotNetOpenAuth.OpenId.Provider.4.0.0.12084\lib\net40-full\DotNetOpenAuth.OpenId.Provider.dll</HintPath>
+ <Reference Include="DotNetOpenAuth.OAuth2.Client, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\packages\DotNetOpenAuth.OAuth2.Client.0.25.0-draft1\lib\net40-full\DotNetOpenAuth.OAuth2.Client.dll</HintPath>
</Reference>
- <Reference Include="DotNetOpenAuth.OpenId.RelyingParty">
- <HintPath>..\..\packages\DotNetOpenAuth.OpenId.RelyingParty.4.0.0.12084\lib\net40-full\DotNetOpenAuth.OpenId.RelyingParty.dll</HintPath>
+ <Reference Include="DotNetOpenAuth.OAuth2.Client.UI, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\packages\DotNetOpenAuth.OAuth2.Client.UI.0.25.0-draft1\lib\net40-full\DotNetOpenAuth.OAuth2.Client.UI.dll</HintPath>
</Reference>
- <Reference Include="DotNetOpenAuth.OpenIdOAuth">
- <HintPath>..\..\packages\DotNetOpenAuth.OpenIdOAuth.4.0.0.12084\lib\net40-full\DotNetOpenAuth.OpenIdOAuth.dll</HintPath>
+ <Reference Include="DotNetOpenAuth.OAuth2.ClientAuthorization, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\packages\DotNetOpenAuth.OAuth2.ClientAuthorization.0.25.0-draft1\lib\net40-full\DotNetOpenAuth.OAuth2.ClientAuthorization.dll</HintPath>
+ </Reference>
+ <Reference Include="DotNetOpenAuth.OAuth2.ResourceServer">
+ <HintPath>..\..\packages\DotNetOpenAuth.OAuth2.ResourceServer.0.25.0-draft1\lib\net40-full\DotNetOpenAuth.OAuth2.ResourceServer.dll</HintPath>
+ </Reference>
+ <Reference Include="DotNetOpenAuth.OpenId, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\packages\DotNetOpenAuth.OpenId.Core.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OpenId.dll</HintPath>
+ </Reference>
+ <Reference Include="DotNetOpenAuth.OpenId.Provider, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\packages\DotNetOpenAuth.OpenId.Provider.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OpenId.Provider.dll</HintPath>
+ </Reference>
+ <Reference Include="DotNetOpenAuth.OpenId.Provider.UI">
+ <HintPath>..\..\packages\DotNetOpenAuth.OpenId.Provider.UI.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OpenId.Provider.UI.dll</HintPath>
+ </Reference>
+ <Reference Include="DotNetOpenAuth.OpenId.RelyingParty, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\packages\DotNetOpenAuth.OpenId.RelyingParty.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OpenId.RelyingParty.dll</HintPath>
+ </Reference>
+ <Reference Include="DotNetOpenAuth.OpenId.RelyingParty.UI">
+ <HintPath>..\..\packages\DotNetOpenAuth.OpenId.RelyingParty.UI.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OpenId.RelyingParty.UI.dll</HintPath>
+ </Reference>
+ <Reference Include="DotNetOpenAuth.OpenId.UI">
+ <HintPath>..\..\packages\DotNetOpenAuth.OpenId.Core.UI.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OpenId.UI.dll</HintPath>
+ </Reference>
+ <Reference Include="DotNetOpenAuth.OpenIdInfoCard.UI">
+ <HintPath>..\..\packages\DotNetOpenAuth.OpenIdInfoCard.UI.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OpenIdInfoCard.UI.dll</HintPath>
+ </Reference>
+ <Reference Include="DotNetOpenAuth.OpenIdOAuth, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\packages\DotNetOpenAuth.OpenIdOAuth.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OpenIdOAuth.dll</HintPath>
</Reference>
<Reference Include="System" />
<Reference Include="System.configuration" />
diff --git a/src/DotNetOpenAuth.ApplicationBlock/Facebook/FacebookClient.cs b/src/DotNetOpenAuth.ApplicationBlock/Facebook/FacebookClient.cs index 4af1bbd..a24e5b3 100644 --- a/src/DotNetOpenAuth.ApplicationBlock/Facebook/FacebookClient.cs +++ b/src/DotNetOpenAuth.ApplicationBlock/Facebook/FacebookClient.cs @@ -23,7 +23,6 @@ namespace DotNetOpenAuth.ApplicationBlock { /// Initializes a new instance of the <see cref="FacebookClient"/> class. /// </summary> public FacebookClient() : base(FacebookDescription) { - this.AuthorizationTracker = new TokenManager(); } } } diff --git a/src/DotNetOpenAuth.ApplicationBlock/WindowsLiveClient.cs b/src/DotNetOpenAuth.ApplicationBlock/WindowsLiveClient.cs index be0a650..a2e1058 100644 --- a/src/DotNetOpenAuth.ApplicationBlock/WindowsLiveClient.cs +++ b/src/DotNetOpenAuth.ApplicationBlock/WindowsLiveClient.cs @@ -22,7 +22,6 @@ namespace DotNetOpenAuth.ApplicationBlock { /// </summary> public WindowsLiveClient() : base(WindowsLiveDescription) { - this.AuthorizationTracker = new TokenManager(); } /// <summary> diff --git a/src/DotNetOpenAuth.ApplicationBlock/packages.config b/src/DotNetOpenAuth.ApplicationBlock/packages.config index 4766339..26f3d44 100644 --- a/src/DotNetOpenAuth.ApplicationBlock/packages.config +++ b/src/DotNetOpenAuth.ApplicationBlock/packages.config @@ -1,20 +1,27 @@ <?xml version="1.0" encoding="utf-8"?>
<packages>
- <package id="CodeContracts.Unofficial" version="1.0.0.2" />
- <package id="DotNetOpenAuth.Core" version="4.0.0.12084" />
- <package id="DotNetOpenAuth.InfoCard" version="4.0.0.12084" />
- <package id="DotNetOpenAuth.OAuth.Common" version="4.0.0.12084" />
- <package id="DotNetOpenAuth.OAuth.Consumer" version="4.0.0.12084" />
- <package id="DotNetOpenAuth.OAuth.Core" version="4.0.0.12084" />
- <package id="DotNetOpenAuth.OAuth.ServiceProvider" version="4.0.0.12084" />
- <package id="DotNetOpenAuth.OAuth2.Client" version="0.23.0-draft" />
- <package id="DotNetOpenAuth.OAuth2.Client" version="0.23.0-draft2" />
- <package id="DotNetOpenAuth.OAuth2.Client.UI" version="0.23.0-draft" />
- <package id="DotNetOpenAuth.OAuth2.Client.UI" version="0.23.0-draft2" />
- <package id="DotNetOpenAuth.OAuth2.Core" version="0.23.0-draft" />
- <package id="DotNetOpenAuth.OAuth2.Core" version="0.23.0-draft2" />
- <package id="DotNetOpenAuth.OpenId.Core" version="4.0.0.12084" />
- <package id="DotNetOpenAuth.OpenId.Provider" version="4.0.0.12084" />
- <package id="DotNetOpenAuth.OpenId.RelyingParty" version="4.0.0.12084" />
- <package id="DotNetOpenAuth.OpenIdOAuth" version="4.0.0.12084" />
+ <package id="CodeContracts.Unofficial" version="1.0.0.2" targetFramework="net40" />
+ <package id="DotNetOpenAuth" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.Core" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.Core.UI" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.InfoCard" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.InfoCard.UI" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OAuth.Common" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OAuth.Consumer" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OAuth.Core" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OAuth.ServiceProvider" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OAuth2.AuthorizationServer" version="0.25.0-draft1" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OAuth2.Client" version="0.25.0-draft1" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OAuth2.Client.UI" version="0.25.0-draft1" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OAuth2.ClientAuthorization" version="0.25.0-draft1" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OAuth2.Core" version="0.25.0-draft1" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OAuth2.ResourceServer" version="0.25.0-draft1" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OpenId.Core" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OpenId.Core.UI" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OpenId.Provider" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OpenId.Provider.UI" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OpenId.RelyingParty" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OpenId.RelyingParty.UI" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OpenIdInfoCard.UI" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OpenIdOAuth" version="4.1.0.12182" targetFramework="net40" />
</packages>
\ No newline at end of file diff --git a/src/InfoCard/InfoCardRelyingParty/InfoCardRelyingParty.csproj b/src/InfoCard/InfoCardRelyingParty/InfoCardRelyingParty.csproj index 1fe764b..40c799b 100644 --- a/src/InfoCard/InfoCardRelyingParty/InfoCardRelyingParty.csproj +++ b/src/InfoCard/InfoCardRelyingParty/InfoCardRelyingParty.csproj @@ -35,7 +35,7 @@ <WarningLevel>4</WarningLevel> </PropertyGroup> <ItemGroup> - <Reference Include="log4net"> + <Reference Include="log4net, Version=1.2.11.0, Culture=neutral, PublicKeyToken=669e0ddf0bb1aa2a, processorArchitecture=MSIL"> <HintPath>..\..\..\packages\log4net.2.0.0\lib\net40-full\log4net.dll</HintPath> </Reference> <Reference Include="Microsoft.CSharp" /> @@ -114,14 +114,14 @@ </Compile> </ItemGroup> <ItemGroup> - <Content Include="packages.config" /> - </ItemGroup> - <ItemGroup> <Content Include="Site.Master" /> </ItemGroup> <ItemGroup> <Content Include="MembersOnly\Web.config" /> </ItemGroup> + <ItemGroup> + <Content Include="packages.config" /> + </ItemGroup> <Import Project="$(MSBuildBinPath)\Microsoft.CSharp.targets" /> <Import Project="$(MSBuildExtensionsPath32)\Microsoft\VisualStudio\v10.0\WebApplications\Microsoft.WebApplication.targets" /> <ProjectExtensions> diff --git a/src/InfoCard/InfoCardRelyingParty/packages.config b/src/InfoCard/InfoCardRelyingParty/packages.config index 4c5b8a4..ca950e3 100644 --- a/src/InfoCard/InfoCardRelyingParty/packages.config +++ b/src/InfoCard/InfoCardRelyingParty/packages.config @@ -1,4 +1,4 @@ <?xml version="1.0" encoding="utf-8"?> <packages> - <package id="log4net" version="2.0.0" /> + <package id="log4net" version="2.0.0" targetFramework="net40" /> </packages>
\ No newline at end of file diff --git a/src/OAuth/OAuthAuthorizationServer/Code/Client.cs b/src/OAuth/OAuthAuthorizationServer/Code/Client.cs index 0013f27..cf5ea59 100644 --- a/src/OAuth/OAuthAuthorizationServer/Code/Client.cs +++ b/src/OAuth/OAuthAuthorizationServer/Code/Client.cs @@ -1,7 +1,7 @@ namespace OAuthAuthorizationServer.Code { using System; using System.Collections.Generic; - + using DotNetOpenAuth.Messaging; using DotNetOpenAuth.OAuth2; /// <summary> @@ -11,13 +11,6 @@ #region IConsumerDescription Members /// <summary> - /// Gets the client secret. - /// </summary> - string IClientDescription.Secret { - get { return this.ClientSecret; } - } - - /// <summary> /// Gets the callback to use when an individual authorization request /// does not include an explicit callback URI. /// </summary> @@ -36,6 +29,13 @@ } /// <summary> + /// Gets a value indicating whether a non-empty secret is registered for this client. + /// </summary> + bool IClientDescription.HasNonEmptySecret { + get { return !string.IsNullOrEmpty(this.ClientSecret); } + } + + /// <summary> /// Determines whether a callback URI included in a client's authorization request /// is among those allowed callbacks for the registered client. /// </summary> @@ -59,6 +59,19 @@ return false; } + /// <summary> + /// Checks whether the specified client secret is correct. + /// </summary> + /// <param name="secret">The secret obtained from the client.</param> + /// <returns><c>true</c> if the secret matches the one in the authorization server's record for the client; <c>false</c> otherwise.</returns> + /// <remarks> + /// All string equality checks, whether checking secrets or their hashes, + /// should be done using <see cref="MessagingUtilities.EqualsConstantTime"/> to mitigate timing attacks. + /// </remarks> + bool IClientDescription.IsValidClientSecret(string secret) { + return MessagingUtilities.EqualsConstantTime(secret, this.ClientSecret); + } + #endregion } }
\ No newline at end of file diff --git a/src/OAuth/OAuthAuthorizationServer/Code/OAuth2AuthorizationServer.cs b/src/OAuth/OAuthAuthorizationServer/Code/OAuth2AuthorizationServer.cs index b837d4c..eb7f1f5 100644 --- a/src/OAuth/OAuthAuthorizationServer/Code/OAuth2AuthorizationServer.cs +++ b/src/OAuth/OAuthAuthorizationServer/Code/OAuth2AuthorizationServer.cs @@ -10,9 +10,7 @@ using DotNetOpenAuth.OAuth2.ChannelElements; using DotNetOpenAuth.OAuth2.Messages; - internal class OAuth2AuthorizationServer : IAuthorizationServer { - private static readonly RSACryptoServiceProvider AsymmetricTokenSigningPrivateKey = CreateRSA(); - + internal class OAuth2AuthorizationServer : IAuthorizationServerHost { #if SAMPLESONLY /// <summary> /// This is the FOR SAMPLE ONLY hard-coded public key of the complementary OAuthResourceServer sample. @@ -31,43 +29,39 @@ private static readonly RSAParameters ResourceServerEncryptionPublicKey; #endif - #region Implementation of IAuthorizationServer + #region Implementation of IAuthorizationServerHost public ICryptoKeyStore CryptoKeyStore { get { return MvcApplication.KeyNonceStore; } } - public INonceStore VerificationCodeNonceStore { + public INonceStore NonceStore { get { return MvcApplication.KeyNonceStore; } } - public RSACryptoServiceProvider AccessTokenSigningKey { - get { return AsymmetricTokenSigningPrivateKey; } - } + public AccessTokenResult CreateAccessToken(IAccessTokenRequest accessTokenRequestMessage) { + var accessToken = new AuthorizationServerAccessToken(); - public TimeSpan GetAccessTokenLifetime(IAccessTokenRequest accessTokenRequestMessage) { // Just for the sake of the sample, we use a short-lived token. This can be useful to mitigate the security risks // of access tokens that are used over standard HTTP. // But this is just the lifetime of the access token. The client can still renew it using their refresh token until // the authorization itself expires. - TimeSpan lifetime = TimeSpan.FromMinutes(2); + accessToken.Lifetime = TimeSpan.FromMinutes(2); // Also take into account the remaining life of the authorization and artificially shorten the access token's lifetime // to account for that if necessary. //// TODO: code here - return lifetime; - } - - public RSACryptoServiceProvider GetResourceServerEncryptionKey(IAccessTokenRequest accessTokenRequestMessage) { - var resourceServerEncryptionKey = new RSACryptoServiceProvider(); - // For this sample, we assume just one resource server. // If this authorization server needs to mint access tokens for more than one resource server, // we'd look at the request message passed to us and decide which public key to return. - resourceServerEncryptionKey.ImportParameters(ResourceServerEncryptionPublicKey); + accessToken.ResourceServerEncryptionKey = new RSACryptoServiceProvider(); + accessToken.ResourceServerEncryptionKey.ImportParameters(ResourceServerEncryptionPublicKey); + + accessToken.AccessTokenSigningKey = CreateRSA(); - return resourceServerEncryptionKey; + var result = new AccessTokenResult(accessToken); + return result; } public IClientDescription GetClient(string clientIdentifier) { @@ -84,11 +78,15 @@ return this.IsAuthorizationValid(authorization.Scope, authorization.ClientIdentifier, authorization.UtcIssued, authorization.User); } - public bool IsResourceOwnerCredentialValid(string userName, string password) { + public bool TryAuthorizeResourceOwnerCredentialGrant(string userName, string password, IAccessTokenRequest accessRequest, out string canonicalUserName) { // This web site delegates user authentication to OpenID Providers, and as such no users have local passwords with this server. throw new NotSupportedException(); } + public bool TryAuthorizeClientCredentialsGrant(IAccessTokenRequest accessRequest) { + throw new NotImplementedException(); + } + #endregion public bool CanBeAutoApproved(EndUserAuthorizationRequest authorizationRequest) { @@ -120,7 +118,7 @@ /// Creates the RSA key used by all the crypto service provider instances we create. /// </summary> /// <returns>RSA data that includes the private key.</returns> - private static RSAParameters CreateRSAKey() { + private static RSAParameters CreateAuthorizationServerSigningKey() { #if SAMPLESONLY // Since the sample authorization server and the sample resource server must work together, // we hard-code a FOR SAMPLE USE ONLY key pair. The matching public key information is hard-coded into the OAuthResourceServer sample. @@ -155,7 +153,7 @@ private static RSACryptoServiceProvider CreateRSA() { var rsa = new RSACryptoServiceProvider(); - rsa.ImportParameters(CreateRSAKey()); + rsa.ImportParameters(CreateAuthorizationServerSigningKey()); return rsa; } diff --git a/src/OAuth/OAuthAuthorizationServer/Controllers/HomeController.cs b/src/OAuth/OAuthAuthorizationServer/Controllers/HomeController.cs index d6dd144..685b4e7 100644 --- a/src/OAuth/OAuthAuthorizationServer/Controllers/HomeController.cs +++ b/src/OAuth/OAuthAuthorizationServer/Controllers/HomeController.cs @@ -40,7 +40,7 @@ dc.Clients.InsertOnSubmit(new Client { ClientIdentifier = "sampleImplicitConsumer", Name = "Some sample client used for implicit grants (no secret)", - Callback = "http://localhost:59721/", + Callback = "http://localhost:59722/", }); dc.SubmitChanges(); diff --git a/src/OAuth/OAuthAuthorizationServer/OAuthAuthorizationServer.csproj b/src/OAuth/OAuthAuthorizationServer/OAuthAuthorizationServer.csproj index f148eca..77446a7 100644 --- a/src/OAuth/OAuthAuthorizationServer/OAuthAuthorizationServer.csproj +++ b/src/OAuth/OAuthAuthorizationServer/OAuthAuthorizationServer.csproj @@ -1,23 +1,30 @@ <?xml version="1.0" encoding="utf-8"?>
<Project ToolsVersion="4.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
<Import Project="$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.props))\EnlistmentInfo.props" Condition=" '$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.props))' != '' " />
+ <Import Project="$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props" Condition="Exists('$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props')" />
+ <PropertyGroup>
+ <VisualStudioVersion Condition="'$(VisualStudioVersion)' == ''">10.0</VisualStudioVersion>
+ <VSToolsPath Condition="'$(VSToolsPath)' == ''">$(MSBuildExtensionsPath32)\Microsoft\VisualStudio\v$(VisualStudioVersion)</VSToolsPath>
+ <IISExpressSSLPort />
+ <IISExpressAnonymousAuthentication>disabled</IISExpressAnonymousAuthentication>
+ <IISExpressWindowsAuthentication>disabled</IISExpressWindowsAuthentication>
+ <IISExpressUseClassicPipelineMode>false</IISExpressUseClassicPipelineMode>
+ <SolutionDir Condition="$(SolutionDir) == '' Or $(SolutionDir) == '*Undefined*'">..\..\..\</SolutionDir>
+ <RestorePackages>true</RestorePackages>
+ </PropertyGroup>
<PropertyGroup>
<Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration>
<Platform Condition=" '$(Platform)' == '' ">AnyCPU</Platform>
- <ProductVersion>
- </ProductVersion>
<SchemaVersion>2.0</SchemaVersion>
<ProjectGuid>{C78E8235-1D46-43EB-A912-80B522C4E9AE}</ProjectGuid>
- <ProjectTypeGuids>{F85E285D-A4E0-4152-9332-AB1D724D3325};{349c5851-65df-11da-9384-00065b846f21};{fae04ec0-301f-11d3-bf4b-00c04f79efbc}</ProjectTypeGuids>
+ <ProjectTypeGuids>{E53F8FEA-EAE0-44A6-8774-FFD645390401};{349c5851-65df-11da-9384-00065b846f21};{fae04ec0-301f-11d3-bf4b-00c04f79efbc}</ProjectTypeGuids>
<OutputType>Library</OutputType>
<AppDesignerFolder>Properties</AppDesignerFolder>
<RootNamespace>OAuthAuthorizationServer</RootNamespace>
<AssemblyName>OAuthAuthorizationServer</AssemblyName>
<TargetFrameworkVersion>v4.0</TargetFrameworkVersion>
<MvcBuildViews>false</MvcBuildViews>
- <UseIISExpress>false</UseIISExpress>
- <SolutionDir Condition="$(SolutionDir) == '' Or $(SolutionDir) == '*Undefined*'">..\..\..\</SolutionDir>
- <RestorePackages>true</RestorePackages>
+ <UseIISExpress>true</UseIISExpress>
</PropertyGroup>
<PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' ">
<DebugSymbols>true</DebugSymbols>
@@ -38,19 +45,31 @@ </PropertyGroup>
<ItemGroup>
<Reference Include="DotNetOpenAuth.Core">
- <HintPath>..\..\..\packages\DotNetOpenAuth.Core.4.0.0.12084\lib\net40-full\DotNetOpenAuth.Core.dll</HintPath>
+ <HintPath>..\..\..\packages\DotNetOpenAuth.Core.4.1.0.12182\lib\net40-full\DotNetOpenAuth.Core.dll</HintPath>
+ </Reference>
+ <Reference Include="DotNetOpenAuth.Core.UI">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.Core.UI.4.1.0.12182\lib\net40-full\DotNetOpenAuth.Core.UI.dll</HintPath>
</Reference>
<Reference Include="DotNetOpenAuth.OAuth2">
- <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth2.Core.0.23.0-draft2\lib\net40-full\DotNetOpenAuth.OAuth2.dll</HintPath>
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth2.Core.0.25.0-draft1\lib\net40-full\DotNetOpenAuth.OAuth2.dll</HintPath>
</Reference>
<Reference Include="DotNetOpenAuth.OAuth2.AuthorizationServer">
- <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth2.AuthorizationServer.0.23.0-draft2\lib\net40-full\DotNetOpenAuth.OAuth2.AuthorizationServer.dll</HintPath>
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth2.AuthorizationServer.0.25.0-draft1\lib\net40-full\DotNetOpenAuth.OAuth2.AuthorizationServer.dll</HintPath>
+ </Reference>
+ <Reference Include="DotNetOpenAuth.OAuth2.ClientAuthorization">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth2.ClientAuthorization.0.25.0-draft1\lib\net40-full\DotNetOpenAuth.OAuth2.ClientAuthorization.dll</HintPath>
</Reference>
<Reference Include="DotNetOpenAuth.OpenId">
- <HintPath>..\..\..\packages\DotNetOpenAuth.OpenId.Core.4.0.0.12084\lib\net40-full\DotNetOpenAuth.OpenId.dll</HintPath>
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OpenId.Core.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OpenId.dll</HintPath>
</Reference>
<Reference Include="DotNetOpenAuth.OpenId.RelyingParty">
- <HintPath>..\..\..\packages\DotNetOpenAuth.OpenId.RelyingParty.4.0.0.12084\lib\net40-full\DotNetOpenAuth.OpenId.RelyingParty.dll</HintPath>
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OpenId.RelyingParty.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OpenId.RelyingParty.dll</HintPath>
+ </Reference>
+ <Reference Include="DotNetOpenAuth.OpenId.RelyingParty.UI">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OpenId.RelyingParty.UI.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OpenId.RelyingParty.UI.dll</HintPath>
+ </Reference>
+ <Reference Include="DotNetOpenAuth.OpenId.UI">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OpenId.Core.UI.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OpenId.UI.dll</HintPath>
</Reference>
<Reference Include="log4net">
<HintPath>..\..\..\packages\log4net.2.0.0\lib\net40-full\log4net.dll</HintPath>
@@ -72,7 +91,7 @@ <Reference Include="System.Data.DataSetExtensions">
<RequiredTargetFramework>3.5</RequiredTargetFramework>
</Reference>
- <Reference Include="System.Web.Mvc, Version=2.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL" />
+ <Reference Include="System.Web.Mvc, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL" />
<Reference Include="System.Xml.Linq">
<RequiredTargetFramework>3.5</RequiredTargetFramework>
</Reference>
@@ -112,7 +131,9 @@ <Content Include="Global.asax" />
<Content Include="Views\Home\CreateDatabase.aspx" />
<Content Include="Views\OAuth\Authorize.aspx" />
- <Content Include="Web.config" />
+ <Content Include="Web.config">
+ <SubType>Designer</SubType>
+ </Content>
<Content Include="Web.Debug.config">
<DependentUpon>Web.config</DependentUpon>
</Content>
@@ -160,10 +181,11 @@ <Service Include="{3259AA49-8AA1-44D3-9025-A0B520596A8C}" />
</ItemGroup>
<Import Project="$(MSBuildBinPath)\Microsoft.CSharp.targets" />
- <Import Project="$(MSBuildExtensionsPath32)\Microsoft\VisualStudio\v10.0\WebApplications\Microsoft.WebApplication.targets" />
- <!-- To modify your build process, add your task inside one of the targets below and uncomment it. - Other similar extension points exist, see Microsoft.Common.targets. - <Target Name="BeforeBuild"> + <Import Project="$(VSToolsPath)\WebApplications\Microsoft.WebApplication.targets" Condition="'$(VSToolsPath)' != ''" />
+ <Import Project="$(MSBuildExtensionsPath32)\Microsoft\VisualStudio\v10.0\WebApplications\Microsoft.WebApplication.targets" Condition="false" />
+ <!-- To modify your build process, add your task inside one of the targets below and uncomment it.
+ Other similar extension points exist, see Microsoft.Common.targets.
+ <Target Name="BeforeBuild">
</Target> -->
<Target Name="AfterBuild" Condition="'$(MvcBuildViews)'=='true'">
<AspNetCompiler VirtualPath="temp" PhysicalPath="$(ProjectDir)" />
@@ -173,11 +195,10 @@ <FlavorProperties GUID="{349c5851-65df-11da-9384-00065b846f21}">
<WebProjectProperties>
<UseIIS>False</UseIIS>
- <AutoAssignPort>True</AutoAssignPort>
+ <AutoAssignPort>False</AutoAssignPort>
<DevelopmentServerPort>50172</DevelopmentServerPort>
<DevelopmentServerVPath>/</DevelopmentServerVPath>
- <IISUrl>
- </IISUrl>
+ <IISUrl>http://localhost:17947/</IISUrl>
<NTLMAuthentication>False</NTLMAuthentication>
<UseCustomServer>False</UseCustomServer>
<CustomServerUrl>
diff --git a/src/OAuth/OAuthAuthorizationServer/Views/Web.config b/src/OAuth/OAuthAuthorizationServer/Views/Web.config index aa7a38d..c30f2ad 100644 --- a/src/OAuth/OAuthAuthorizationServer/Views/Web.config +++ b/src/OAuth/OAuthAuthorizationServer/Views/Web.config @@ -15,11 +15,11 @@ --> <pages validateRequest="false" - pageParserFilterType="System.Web.Mvc.ViewTypeParserFilter, System.Web.Mvc, Version=2.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" - pageBaseType="System.Web.Mvc.ViewPage, System.Web.Mvc, Version=2.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" - userControlBaseType="System.Web.Mvc.ViewUserControl, System.Web.Mvc, Version=2.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"> + pageParserFilterType="System.Web.Mvc.ViewTypeParserFilter, System.Web.Mvc, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" + pageBaseType="System.Web.Mvc.ViewPage, System.Web.Mvc, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" + userControlBaseType="System.Web.Mvc.ViewUserControl, System.Web.Mvc, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"> <controls> - <add assembly="System.Web.Mvc, Version=2.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" namespace="System.Web.Mvc" tagPrefix="mvc" /> + <add assembly="System.Web.Mvc, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" namespace="System.Web.Mvc" tagPrefix="mvc" /> </controls> </pages> </system.web> diff --git a/src/OAuth/OAuthAuthorizationServer/Web.config b/src/OAuth/OAuthAuthorizationServer/Web.config index 1d6955f..d7ce2e3 100644 --- a/src/OAuth/OAuthAuthorizationServer/Web.config +++ b/src/OAuth/OAuthAuthorizationServer/Web.config @@ -5,35 +5,25 @@ -->
<configuration>
<configSections>
- <section name="uri" type="System.Configuration.UriSection, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
<section name="log4net" type="log4net.Config.Log4NetConfigurationSectionHandler" requirePermission="false" />
<sectionGroup name="dotNetOpenAuth" type="DotNetOpenAuth.Configuration.DotNetOpenAuthSection, DotNetOpenAuth.Core">
- <section name="openid" type="DotNetOpenAuth.Configuration.OpenIdElement, DotNetOpenAuth.OpenId" requirePermission="false" allowLocation="true" />
- <section name="oauth" type="DotNetOpenAuth.Configuration.OAuthElement, DotNetOpenAuth.OAuth" requirePermission="false" allowLocation="true" />
+ <sectionGroup name="oauth2" type="DotNetOpenAuth.Configuration.OAuth2SectionGroup, DotNetOpenAuth.OAuth2">
+ <section name="authorizationServer" type="DotNetOpenAuth.Configuration.OAuth2AuthorizationServerSection, DotNetOpenAuth.OAuth2.AuthorizationServer" requirePermission="false" allowLocation="true" />
+ </sectionGroup>
<section name="messaging" type="DotNetOpenAuth.Configuration.MessagingElement, DotNetOpenAuth.Core" requirePermission="false" allowLocation="true" />
<section name="reporting" type="DotNetOpenAuth.Configuration.ReportingElement, DotNetOpenAuth.Core" requirePermission="false" allowLocation="true" />
+ <section name="openid" type="DotNetOpenAuth.Configuration.OpenIdElement, DotNetOpenAuth.OpenId" requirePermission="false" allowLocation="true" />
</sectionGroup>
</configSections>
<!-- The uri section is necessary to turn on .NET 3.5 support for IDN (international domain names),
which is necessary for OpenID urls with unicode characters in the domain/host name.
It is also required to put the Uri class into RFC 3986 escaping mode, which OpenID and OAuth require. -->
- <uri>
- <idn enabled="All" />
- <iriParsing enabled="true" />
- </uri>
- <system.net>
- <defaultProxy enabled="true" />
- <settings>
- <!-- This setting causes .NET to check certificate revocation lists (CRL)
- before trusting HTTPS certificates. But this setting tends to not
- be allowed in shared hosting environments. -->
- <!--<servicePointManager checkCertificateRevocationList="true"/>-->
- </settings>
- </system.net>
<!-- this is an optional configuration section where aspects of dotnetopenauth can be customized -->
<dotNetOpenAuth>
<!-- Allow DotNetOpenAuth to publish usage statistics to library authors to improve the library. -->
- <reporting enabled="true" />
+ <oauth2>
+ <authorizationServer></authorizationServer>
+ </oauth2>
<!-- Relaxing SSL requirements is useful for simple samples, but NOT a good idea in production. -->
<messaging relaxSslRequirements="true">
<untrustedWebRequest>
@@ -43,6 +33,7 @@ </whitelistHosts>
</untrustedWebRequest>
</messaging>
+ <reporting enabled="true" />
<openid>
<relyingParty>
<security requireSsl="false">
@@ -72,14 +63,14 @@ </logger>
</log4net>
<connectionStrings>
- <add name="DatabaseConnectionString" connectionString="Data Source=.\SQLEXPRESS;AttachDbFilename=|DataDirectory|\Database2.mdf;Integrated Security=True;User Instance=True" providerName="System.Data.SqlClient" />
+ <add name="DatabaseConnectionString" connectionString="Data Source=.\SQLEXPRESS;AttachDbFilename=|DataDirectory|\Database4.mdf;Integrated Security=True;User Instance=True" providerName="System.Data.SqlClient" />
</connectionStrings>
<system.web>
<compilation debug="true" targetFramework="4.0">
<assemblies>
<add assembly="System.Web.Abstractions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
<add assembly="System.Web.Routing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
- <add assembly="System.Web.Mvc, Version=2.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
+ <add assembly="System.Web.Mvc, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
</assemblies>
</compilation>
<authentication mode="Forms">
@@ -99,12 +90,30 @@ <modules runAllManagedModulesForAllRequests="true" />
</system.webServer>
<runtime>
+ <!-- When targeting ASP.NET MVC 3, this assemblyBinding makes MVC 1 and 2 references relink
+ to MVC 3 so libraries such as DotNetOpenAuth that compile against MVC 1 will work with it. -->
<assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
<dependentAssembly>
<assemblyIdentity name="System.Web.Mvc" publicKeyToken="31bf3856ad364e35" />
- <bindingRedirect oldVersion="1.0.0.0" newVersion="2.0.0.0" />
+ <bindingRedirect oldVersion="1.0.0.0-3.0.0.0" newVersion="3.0.0.0" />
</dependentAssembly>
</assemblyBinding>
<legacyHMACWarning enabled="0" />
</runtime>
+ <system.net>
+ <defaultProxy enabled="true" />
+ <settings>
+ <!-- This setting causes .NET to check certificate revocation lists (CRL)
+ before trusting HTTPS certificates. But this setting tends to not
+ be allowed in shared hosting environments. -->
+ <!--<servicePointManager checkCertificateRevocationList="true"/>-->
+ </settings>
+ </system.net>
+ <uri>
+ <!-- The uri section is necessary to turn on .NET 3.5 support for IDN (international domain names),
+ which is necessary for OpenID urls with unicode characters in the domain/host name.
+ It is also required to put the Uri class into RFC 3986 escaping mode, which OpenID and OAuth require. -->
+ <idn enabled="All" />
+ <iriParsing enabled="true" />
+ </uri>
</configuration>
\ No newline at end of file diff --git a/src/OAuth/OAuthAuthorizationServer/packages.config b/src/OAuth/OAuthAuthorizationServer/packages.config index c5d87eb..dea78e4 100644 --- a/src/OAuth/OAuthAuthorizationServer/packages.config +++ b/src/OAuth/OAuthAuthorizationServer/packages.config @@ -1,12 +1,14 @@ <?xml version="1.0" encoding="utf-8"?>
<packages>
- <package id="CodeContracts.Unofficial" version="1.0.0.2" />
- <package id="DotNetOpenAuth.Core" version="4.0.0.12084" />
- <package id="DotNetOpenAuth.OAuth2.AuthorizationServer" version="0.23.0-draft" />
- <package id="DotNetOpenAuth.OAuth2.AuthorizationServer" version="0.23.0-draft2" />
- <package id="DotNetOpenAuth.OAuth2.Core" version="0.23.0-draft" />
- <package id="DotNetOpenAuth.OAuth2.Core" version="0.23.0-draft2" />
- <package id="DotNetOpenAuth.OpenId.Core" version="4.0.0.12084" />
- <package id="DotNetOpenAuth.OpenId.RelyingParty" version="4.0.0.12084" />
- <package id="log4net" version="2.0.0" />
+ <package id="CodeContracts.Unofficial" version="1.0.0.2" targetFramework="net40" />
+ <package id="DotNetOpenAuth.Core" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.Core.UI" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OAuth2.AuthorizationServer" version="0.25.0-draft1" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OAuth2.ClientAuthorization" version="0.25.0-draft1" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OAuth2.Core" version="0.25.0-draft1" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OpenId.Core" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OpenId.Core.UI" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OpenId.RelyingParty" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OpenId.RelyingParty.UI" version="4.1.0.12182" targetFramework="net40" />
+ <package id="log4net" version="2.0.0" targetFramework="net40" />
</packages>
\ No newline at end of file diff --git a/src/OAuth/OAuthClient/Facebook.aspx.cs b/src/OAuth/OAuthClient/Facebook.aspx.cs index 0f71712..4701d24 100644 --- a/src/OAuth/OAuthClient/Facebook.aspx.cs +++ b/src/OAuth/OAuthClient/Facebook.aspx.cs @@ -10,7 +10,7 @@ public partial class Facebook : System.Web.UI.Page { private static readonly FacebookClient client = new FacebookClient { ClientIdentifier = ConfigurationManager.AppSettings["facebookAppID"], - ClientSecret = ConfigurationManager.AppSettings["facebookAppSecret"], + ClientCredentialApplicator = ClientCredentialApplicator.PostParameter(ConfigurationManager.AppSettings["facebookAppSecret"]), }; protected void Page_Load(object sender, EventArgs e) { diff --git a/src/OAuth/OAuthClient/OAuthClient.csproj b/src/OAuth/OAuthClient/OAuthClient.csproj index 63d2070..48568b1 100644 --- a/src/OAuth/OAuthClient/OAuthClient.csproj +++ b/src/OAuth/OAuthClient/OAuthClient.csproj @@ -1,6 +1,18 @@ <?xml version="1.0" encoding="utf-8"?>
<Project ToolsVersion="4.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
<Import Project="$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.props))\EnlistmentInfo.props" Condition=" '$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.props))' != '' " />
+ <Import Project="$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props" Condition="Exists('$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props')" />
+ <PropertyGroup>
+ <VisualStudioVersion Condition="'$(VisualStudioVersion)' == ''">10.0</VisualStudioVersion>
+ <VSToolsPath Condition="'$(VSToolsPath)' == ''">$(MSBuildExtensionsPath32)\Microsoft\VisualStudio\v$(VisualStudioVersion)</VSToolsPath>
+ <OldToolsVersion>4.0</OldToolsVersion>
+ <IISExpressSSLPort />
+ <IISExpressAnonymousAuthentication />
+ <IISExpressWindowsAuthentication />
+ <IISExpressUseClassicPipelineMode />
+ <SolutionDir Condition="$(SolutionDir) == '' Or $(SolutionDir) == '*Undefined*'">..\..\..\</SolutionDir>
+ <RestorePackages>true</RestorePackages>
+ </PropertyGroup>
<PropertyGroup>
<Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration>
<Platform Condition=" '$(Platform)' == '' ">AnyCPU</Platform>
@@ -15,9 +27,7 @@ <AssemblyName>OAuthClient</AssemblyName>
<TargetFrameworkVersion>v4.0</TargetFrameworkVersion>
<TargetFrameworkProfile />
- <UseIISExpress>false</UseIISExpress>
- <SolutionDir Condition="$(SolutionDir) == '' Or $(SolutionDir) == '*Undefined*'">..\..\..\</SolutionDir>
- <RestorePackages>true</RestorePackages>
+ <UseIISExpress>true</UseIISExpress>
</PropertyGroup>
<PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' ">
<DebugSymbols>true</DebugSymbols>
@@ -40,35 +50,74 @@ <DefineConstants>$(DefineConstants);SAMPLESONLY</DefineConstants>
</PropertyGroup>
<ItemGroup>
- <Reference Include="DotNetOpenAuth.Core">
- <HintPath>..\..\..\packages\DotNetOpenAuth.Core.4.0.0.12084\lib\net40-full\DotNetOpenAuth.Core.dll</HintPath>
+ <Reference Include="DotNetOpenAuth.Core, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.Core.4.1.0.12182\lib\net40-full\DotNetOpenAuth.Core.dll</HintPath>
+ </Reference>
+ <Reference Include="DotNetOpenAuth.Core.UI, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.Core.UI.4.1.0.12182\lib\net40-full\DotNetOpenAuth.Core.UI.dll</HintPath>
+ </Reference>
+ <Reference Include="DotNetOpenAuth.InfoCard, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.InfoCard.4.1.0.12182\lib\net40-full\DotNetOpenAuth.InfoCard.dll</HintPath>
+ </Reference>
+ <Reference Include="DotNetOpenAuth.InfoCard.UI, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.InfoCard.UI.4.1.0.12182\lib\net40-full\DotNetOpenAuth.InfoCard.UI.dll</HintPath>
+ </Reference>
+ <Reference Include="DotNetOpenAuth.OAuth, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth.Core.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OAuth.dll</HintPath>
+ </Reference>
+ <Reference Include="DotNetOpenAuth.OAuth.Common, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth.Common.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OAuth.Common.dll</HintPath>
+ </Reference>
+ <Reference Include="DotNetOpenAuth.OAuth.Consumer, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth.Consumer.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OAuth.Consumer.dll</HintPath>
+ </Reference>
+ <Reference Include="DotNetOpenAuth.OAuth.ServiceProvider, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth.ServiceProvider.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OAuth.ServiceProvider.dll</HintPath>
+ </Reference>
+ <Reference Include="DotNetOpenAuth.OAuth2, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth2.Core.0.25.0-draft1\lib\net40-full\DotNetOpenAuth.OAuth2.dll</HintPath>
+ </Reference>
+ <Reference Include="DotNetOpenAuth.OAuth2.AuthorizationServer">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth2.AuthorizationServer.0.25.0-draft1\lib\net40-full\DotNetOpenAuth.OAuth2.AuthorizationServer.dll</HintPath>
+ </Reference>
+ <Reference Include="DotNetOpenAuth.OAuth2.Client, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth2.Client.0.25.0-draft1\lib\net40-full\DotNetOpenAuth.OAuth2.Client.dll</HintPath>
+ </Reference>
+ <Reference Include="DotNetOpenAuth.OAuth2.Client.UI, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth2.Client.UI.0.25.0-draft1\lib\net40-full\DotNetOpenAuth.OAuth2.Client.UI.dll</HintPath>
+ </Reference>
+ <Reference Include="DotNetOpenAuth.OAuth2.ClientAuthorization, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth2.ClientAuthorization.0.25.0-draft1\lib\net40-full\DotNetOpenAuth.OAuth2.ClientAuthorization.dll</HintPath>
+ </Reference>
+ <Reference Include="DotNetOpenAuth.OAuth2.ResourceServer">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth2.ResourceServer.0.25.0-draft1\lib\net40-full\DotNetOpenAuth.OAuth2.ResourceServer.dll</HintPath>
</Reference>
- <Reference Include="DotNetOpenAuth.OAuth">
- <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth.Core.4.0.0.12084\lib\net40-full\DotNetOpenAuth.OAuth.dll</HintPath>
+ <Reference Include="DotNetOpenAuth.OpenId, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OpenId.Core.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OpenId.dll</HintPath>
</Reference>
- <Reference Include="DotNetOpenAuth.OAuth.Common">
- <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth.Common.4.0.0.12084\lib\net40-full\DotNetOpenAuth.OAuth.Common.dll</HintPath>
+ <Reference Include="DotNetOpenAuth.OpenId.Provider, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OpenId.Provider.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OpenId.Provider.dll</HintPath>
</Reference>
- <Reference Include="DotNetOpenAuth.OAuth.Consumer">
- <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth.Consumer.4.0.0.12084\lib\net40-full\DotNetOpenAuth.OAuth.Consumer.dll</HintPath>
+ <Reference Include="DotNetOpenAuth.OpenId.Provider.UI, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OpenId.Provider.UI.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OpenId.Provider.UI.dll</HintPath>
</Reference>
- <Reference Include="DotNetOpenAuth.OAuth.ServiceProvider">
- <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth.ServiceProvider.4.0.0.12084\lib\net40-full\DotNetOpenAuth.OAuth.ServiceProvider.dll</HintPath>
+ <Reference Include="DotNetOpenAuth.OpenId.RelyingParty, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OpenId.RelyingParty.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OpenId.RelyingParty.dll</HintPath>
</Reference>
- <Reference Include="DotNetOpenAuth.OAuth2">
- <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth2.Core.0.23.0-draft2\lib\net40-full\DotNetOpenAuth.OAuth2.dll</HintPath>
+ <Reference Include="DotNetOpenAuth.OpenId.RelyingParty.UI, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OpenId.RelyingParty.UI.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OpenId.RelyingParty.UI.dll</HintPath>
</Reference>
- <Reference Include="DotNetOpenAuth.OAuth2.Client">
- <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth2.Client.0.23.0-draft2\lib\net40-full\DotNetOpenAuth.OAuth2.Client.dll</HintPath>
+ <Reference Include="DotNetOpenAuth.OpenId.UI, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OpenId.Core.UI.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OpenId.UI.dll</HintPath>
</Reference>
- <Reference Include="DotNetOpenAuth.OpenId, Version=4.0.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
- <HintPath>..\..\..\packages\DotNetOpenAuth.OpenId.Core.4.0.0.12084\lib\net40-full\DotNetOpenAuth.OpenId.dll</HintPath>
+ <Reference Include="DotNetOpenAuth.OpenIdInfoCard.UI, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OpenIdInfoCard.UI.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OpenIdInfoCard.UI.dll</HintPath>
</Reference>
- <Reference Include="DotNetOpenAuth.OpenIdOAuth, Version=4.0.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
- <HintPath>..\..\..\packages\DotNetOpenAuth.OpenIdOAuth.4.0.0.12084\lib\net40-full\DotNetOpenAuth.OpenIdOAuth.dll</HintPath>
+ <Reference Include="DotNetOpenAuth.OpenIdOAuth, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OpenIdOAuth.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OpenIdOAuth.dll</HintPath>
</Reference>
<Reference Include="log4net">
- <HintPath>..\..\..\packages\log4net.2.0.0\lib\net35-full\log4net.dll</HintPath>
+ <HintPath>..\..\..\packages\log4net.2.0.0\lib\net40-full\log4net.dll</HintPath>
</Reference>
<Reference Include="Microsoft.Contracts">
<HintPath>..\..\..\packages\CodeContracts.Unofficial.1.0.0.2\lib\net35-client\Microsoft.Contracts.dll</HintPath>
diff --git a/src/OAuth/OAuthClient/SampleWcf2.aspx.cs b/src/OAuth/OAuthClient/SampleWcf2.aspx.cs index 130932c..a94be96 100644 --- a/src/OAuth/OAuthClient/SampleWcf2.aspx.cs +++ b/src/OAuth/OAuthClient/SampleWcf2.aspx.cs @@ -87,6 +87,8 @@ this.nameLabel.Text = this.CallService(client => client.GetName()); } catch (SecurityAccessDeniedException) { this.nameLabel.Text = "Access denied!"; + } catch (MessageSecurityException) { + this.nameLabel.Text = "Access denied!"; } } @@ -96,6 +98,8 @@ this.ageLabel.Text = age.HasValue ? age.Value.ToString(CultureInfo.CurrentCulture) : "not available"; } catch (SecurityAccessDeniedException) { this.ageLabel.Text = "Access denied!"; + } catch (MessageSecurityException) { + this.ageLabel.Text = "Access denied!"; } } @@ -105,6 +109,8 @@ this.favoriteSitesLabel.Text = string.Join(", ", favoriteSites); } catch (SecurityAccessDeniedException) { this.favoriteSitesLabel.Text = "Access denied!"; + } catch (MessageSecurityException) { + this.favoriteSitesLabel.Text = "Access denied!"; } } diff --git a/src/OAuth/OAuthClient/SampleWcf2Javascript.js b/src/OAuth/OAuthClient/SampleWcf2Javascript.js index df72938..d894bb7 100644 --- a/src/OAuth/OAuthClient/SampleWcf2Javascript.js +++ b/src/OAuth/OAuthClient/SampleWcf2Javascript.js @@ -62,7 +62,7 @@ $(document).ready(function () { function serviceCall(operation, accessToken, label) { label.text('fetching...'); $.ajax({ - url: "http://localhost:65169" + encodeURI(operation), + url: "http://localhost:65170" + encodeURI(operation), headers: { "Authorization": "Bearer " + accessToken }, diff --git a/src/OAuth/OAuthClient/Service References/SampleResourceServer/DataApi.disco b/src/OAuth/OAuthClient/Service References/SampleResourceServer/DataApi.disco index f8d5e5b..b9abb7e 100644 --- a/src/OAuth/OAuthClient/Service References/SampleResourceServer/DataApi.disco +++ b/src/OAuth/OAuthClient/Service References/SampleResourceServer/DataApi.disco @@ -1,4 +1,4 @@ <?xml version="1.0" encoding="utf-8"?> <discovery xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="http://schemas.xmlsoap.org/disco/"> - <contractRef ref="http://localhost:65169/DataApi.svc?wsdl" docRef="http://localhost:65169/DataApi.svc" xmlns="http://schemas.xmlsoap.org/disco/scl/" /> + <contractRef ref="http://localhost:65170/DataApi.svc?wsdl" docRef="http://localhost:65170/DataApi.svc" xmlns="http://schemas.xmlsoap.org/disco/scl/" /> </discovery>
\ No newline at end of file diff --git a/src/OAuth/OAuthClient/Service References/SampleResourceServer/DataApi.wsdl b/src/OAuth/OAuthClient/Service References/SampleResourceServer/DataApi.wsdl index 702762a..2e4f627 100644 --- a/src/OAuth/OAuthClient/Service References/SampleResourceServer/DataApi.wsdl +++ b/src/OAuth/OAuthClient/Service References/SampleResourceServer/DataApi.wsdl @@ -222,9 +222,9 @@ </wsp:Policy> <wsdl:types> <xsd:schema targetNamespace="http://tempuri.org/Imports"> - <xsd:import schemaLocation="http://localhost:65169/DataApi.svc?xsd=xsd0" namespace="http://tempuri.org/" /> - <xsd:import schemaLocation="http://localhost:65169/DataApi.svc?xsd=xsd1" namespace="http://schemas.microsoft.com/2003/10/Serialization/" /> - <xsd:import schemaLocation="http://localhost:65169/DataApi.svc?xsd=xsd2" namespace="http://schemas.microsoft.com/2003/10/Serialization/Arrays" /> + <xsd:import schemaLocation="http://localhost:65170/DataApi.svc?xsd=xsd0" namespace="http://tempuri.org/" /> + <xsd:import schemaLocation="http://localhost:65170/DataApi.svc?xsd=xsd1" namespace="http://schemas.microsoft.com/2003/10/Serialization/" /> + <xsd:import schemaLocation="http://localhost:65170/DataApi.svc?xsd=xsd2" namespace="http://schemas.microsoft.com/2003/10/Serialization/Arrays" /> </xsd:schema> </wsdl:types> <wsdl:message name="IDataApi_GetAge_InputMessage"> @@ -298,9 +298,9 @@ </wsdl:binding> <wsdl:service name="DataApi"> <wsdl:port name="WSHttpBinding_IDataApi" binding="tns:WSHttpBinding_IDataApi"> - <soap12:address location="http://localhost:65169/DataApi.svc" /> + <soap12:address location="http://localhost:65170/DataApi.svc" /> <wsa10:EndpointReference> - <wsa10:Address>http://localhost:65169/DataApi.svc</wsa10:Address> + <wsa10:Address>http://localhost:65170/DataApi.svc</wsa10:Address> <Identity xmlns="http://schemas.xmlsoap.org/ws/2006/02/addressingidentity"> <Dns>localhost</Dns> </Identity> diff --git a/src/OAuth/OAuthClient/Service References/SampleResourceServer/DataApi.xsd b/src/OAuth/OAuthClient/Service References/SampleResourceServer/DataApi.xsd index 3109534..1702fde 100644 --- a/src/OAuth/OAuthClient/Service References/SampleResourceServer/DataApi.xsd +++ b/src/OAuth/OAuthClient/Service References/SampleResourceServer/DataApi.xsd @@ -1,6 +1,6 @@ <?xml version="1.0" encoding="utf-8"?> <xs:schema xmlns:tns="http://tempuri.org/" elementFormDefault="qualified" targetNamespace="http://tempuri.org/" xmlns:xs="http://www.w3.org/2001/XMLSchema"> - <xs:import schemaLocation="http://localhost:65169/DataApi.svc?xsd=xsd2" namespace="http://schemas.microsoft.com/2003/10/Serialization/Arrays" /> + <xs:import schemaLocation="http://localhost:65170/DataApi.svc?xsd=xsd2" namespace="http://schemas.microsoft.com/2003/10/Serialization/Arrays" /> <xs:element name="GetAge"> <xs:complexType> <xs:sequence /> diff --git a/src/OAuth/OAuthClient/Service References/SampleResourceServer/Reference.cs b/src/OAuth/OAuthClient/Service References/SampleResourceServer/Reference.cs index 02fc057..5e6deaf 100644 --- a/src/OAuth/OAuthClient/Service References/SampleResourceServer/Reference.cs +++ b/src/OAuth/OAuthClient/Service References/SampleResourceServer/Reference.cs @@ -1,7 +1,7 @@ //------------------------------------------------------------------------------ // <auto-generated> // This code was generated by a tool. -// Runtime Version:4.0.30319.17379 +// Runtime Version:4.0.30319.17614 // // Changes to this file may cause incorrect behavior and will be lost if // the code is regenerated. diff --git a/src/OAuth/OAuthClient/Service References/SampleResourceServer/Reference.svcmap b/src/OAuth/OAuthClient/Service References/SampleResourceServer/Reference.svcmap index 4463f99..4706963 100644 --- a/src/OAuth/OAuthClient/Service References/SampleResourceServer/Reference.svcmap +++ b/src/OAuth/OAuthClient/Service References/SampleResourceServer/Reference.svcmap @@ -18,14 +18,14 @@ <ServiceContractMappings /> </ClientOptions> <MetadataSources> - <MetadataSource Address="http://localhost:65169/DataApi.svc" Protocol="http" SourceId="1" /> + <MetadataSource Address="http://localhost:65170/DataApi.svc" Protocol="http" SourceId="1" /> </MetadataSources> <Metadata> - <MetadataFile FileName="DataApi.xsd" MetadataType="Schema" ID="82a34da8-d721-4c35-aaf9-fc5d08771cd2" SourceId="1" SourceUrl="http://localhost:65169/DataApi.svc?xsd=xsd0" /> - <MetadataFile FileName="DataApi.wsdl" MetadataType="Wsdl" ID="96350220-1df2-429e-8cb5-4fc33703bcc7" SourceId="1" SourceUrl="http://localhost:65169/DataApi.svc?wsdl" /> - <MetadataFile FileName="DataApi.disco" MetadataType="Disco" ID="c4f66dee-ac01-4476-afb0-34f7350c06ad" SourceId="1" SourceUrl="http://localhost:65169/DataApi.svc?disco" /> - <MetadataFile FileName="DataApi1.xsd" MetadataType="Schema" ID="7aaf262f-6342-421b-8f44-0e624be7a5fb" SourceId="1" SourceUrl="http://localhost:65169/DataApi.svc?xsd=xsd1" /> - <MetadataFile FileName="DataApi2.xsd" MetadataType="Schema" ID="67c1ea8d-12c4-4a0c-aa33-7226018cf16e" SourceId="1" SourceUrl="http://localhost:65169/DataApi.svc?xsd=xsd2" /> + <MetadataFile FileName="DataApi.xsd" MetadataType="Schema" ID="82a34da8-d721-4c35-aaf9-fc5d08771cd2" SourceId="1" SourceUrl="http://localhost:65170/DataApi.svc?xsd=xsd0" /> + <MetadataFile FileName="DataApi.wsdl" MetadataType="Wsdl" ID="96350220-1df2-429e-8cb5-4fc33703bcc7" SourceId="1" SourceUrl="http://localhost:65170/DataApi.svc?wsdl" /> + <MetadataFile FileName="DataApi.disco" MetadataType="Disco" ID="c4f66dee-ac01-4476-afb0-34f7350c06ad" SourceId="1" SourceUrl="http://localhost:65170/DataApi.svc?disco" /> + <MetadataFile FileName="DataApi1.xsd" MetadataType="Schema" ID="7aaf262f-6342-421b-8f44-0e624be7a5fb" SourceId="1" SourceUrl="http://localhost:65170/DataApi.svc?xsd=xsd1" /> + <MetadataFile FileName="DataApi2.xsd" MetadataType="Schema" ID="67c1ea8d-12c4-4a0c-aa33-7226018cf16e" SourceId="1" SourceUrl="http://localhost:65170/DataApi.svc?xsd=xsd2" /> </Metadata> <Extensions> <ExtensionFile FileName="configuration91.svcinfo" Name="configuration91.svcinfo" /> diff --git a/src/OAuth/OAuthClient/Service References/SampleResourceServer/configuration.svcinfo b/src/OAuth/OAuthClient/Service References/SampleResourceServer/configuration.svcinfo index c21c2f6..6771e14 100644 --- a/src/OAuth/OAuthClient/Service References/SampleResourceServer/configuration.svcinfo +++ b/src/OAuth/OAuthClient/Service References/SampleResourceServer/configuration.svcinfo @@ -5,6 +5,6 @@ <binding digest="System.ServiceModel.Configuration.WSHttpBindingElement, System.ServiceModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089:<?xml version="1.0" encoding="utf-16"?><Data hostNameComparisonMode="StrongWildcard" messageEncoding="Text" name="WSHttpBinding_IDataApi" textEncoding="utf-8" transactionFlow="false"><readerQuotas maxArrayLength="16384" maxBytesPerRead="4096" maxDepth="32" maxNameTableCharCount="16384" maxStringContentLength="8192" /><reliableSession enabled="false" inactivityTimeout="00:10:00" ordered="true" /><security mode="Message"><message algorithmSuite="Default" clientCredentialType="Windows" negotiateServiceCredential="true" /><transport clientCredentialType="Windows" proxyCredentialType="None" realm="" /></security></Data>" bindingType="wsHttpBinding" name="WSHttpBinding_IDataApi" /> </bindings> <endpoints> - <endpoint normalizedDigest="<?xml version="1.0" encoding="utf-16"?><Data address="http://localhost:65169/DataApi.svc" binding="wsHttpBinding" bindingConfiguration="WSHttpBinding_IDataApi" contract="SampleResourceServer.IDataApi" name="WSHttpBinding_IDataApi"><identity><dns value="localhost" /></identity></Data>" digest="<?xml version="1.0" encoding="utf-16"?><Data address="http://localhost:65169/DataApi.svc" binding="wsHttpBinding" bindingConfiguration="WSHttpBinding_IDataApi" contract="SampleResourceServer.IDataApi" name="WSHttpBinding_IDataApi"><identity><dns value="localhost" /></identity></Data>" contractName="SampleResourceServer.IDataApi" name="WSHttpBinding_IDataApi" /> + <endpoint normalizedDigest="<?xml version="1.0" encoding="utf-16"?><Data address="http://localhost:65170/DataApi.svc" binding="wsHttpBinding" bindingConfiguration="WSHttpBinding_IDataApi" contract="SampleResourceServer.IDataApi" name="WSHttpBinding_IDataApi"><identity><dns value="localhost" /></identity></Data>" digest="<?xml version="1.0" encoding="utf-16"?><Data address="http://localhost:65170/DataApi.svc" binding="wsHttpBinding" bindingConfiguration="WSHttpBinding_IDataApi" contract="SampleResourceServer.IDataApi" name="WSHttpBinding_IDataApi"><identity><dns value="localhost" /></identity></Data>" contractName="SampleResourceServer.IDataApi" name="WSHttpBinding_IDataApi" /> </endpoints> </configurationSnapshot>
\ No newline at end of file diff --git a/src/OAuth/OAuthClient/Service References/SampleResourceServer/configuration91.svcinfo b/src/OAuth/OAuthClient/Service References/SampleResourceServer/configuration91.svcinfo index 3dd0d1a..1192934 100644 --- a/src/OAuth/OAuthClient/Service References/SampleResourceServer/configuration91.svcinfo +++ b/src/OAuth/OAuthClient/Service References/SampleResourceServer/configuration91.svcinfo @@ -127,10 +127,10 @@ </bindingConfiguration> </bindingConfigurations> <endpoints> - <endpoint name="WSHttpBinding_IDataApi" contract="SampleResourceServer.IDataApi" bindingType="wsHttpBinding" address="http://localhost:65169/DataApi.svc" bindingConfiguration="WSHttpBinding_IDataApi"> + <endpoint name="WSHttpBinding_IDataApi" contract="SampleResourceServer.IDataApi" bindingType="wsHttpBinding" address="http://localhost:65170/DataApi.svc" bindingConfiguration="WSHttpBinding_IDataApi"> <properties> <property path="/address" isComplexType="false" isExplicitlyDefined="true" clrType="System.Uri, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"> - <serializedValue>http://localhost:65169/DataApi.svc</serializedValue> + <serializedValue>http://localhost:65170/DataApi.svc</serializedValue> </property> <property path="/behaviorConfiguration" isComplexType="false" isExplicitlyDefined="false" clrType="System.String, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"> <serializedValue /> diff --git a/src/OAuth/OAuthClient/Web.config b/src/OAuth/OAuthClient/Web.config index 0e5ed14..1e7b8a4 100644 --- a/src/OAuth/OAuthClient/Web.config +++ b/src/OAuth/OAuthClient/Web.config @@ -1,11 +1,10 @@ -<?xml version="1.0" encoding="utf-8"?>
+<?xml version="1.0"?>
<configuration>
<configSections>
- <section name="uri" type="System.Configuration.UriSection, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
<section name="log4net" type="log4net.Config.Log4NetConfigurationSectionHandler" requirePermission="false" />
<sectionGroup name="dotNetOpenAuth" type="DotNetOpenAuth.Configuration.DotNetOpenAuthSection, DotNetOpenAuth.Core">
- <section name="openid" type="DotNetOpenAuth.Configuration.OpenIdElement, DotNetOpenAuth.OpenId" requirePermission="false" allowLocation="true" />
- <section name="oauth" type="DotNetOpenAuth.Configuration.OAuthElement, DotNetOpenAuth.OAuth" requirePermission="false" allowLocation="true" />
+ <section name="openid" type="DotNetOpenAuth.Configuration.OpenIdElement, DotNetOpenAuth.OpenId" requirePermission="false" allowLocation="true" />
+ <section name="oauth" type="DotNetOpenAuth.Configuration.OAuthElement, DotNetOpenAuth.OAuth" requirePermission="false" allowLocation="true" />
<section name="messaging" type="DotNetOpenAuth.Configuration.MessagingElement, DotNetOpenAuth.Core" requirePermission="false" allowLocation="true" />
<section name="reporting" type="DotNetOpenAuth.Configuration.ReportingElement, DotNetOpenAuth.Core" requirePermission="false" allowLocation="true" />
</sectionGroup>
@@ -13,33 +12,28 @@ <!-- The uri section is necessary to turn on .NET 3.5 support for IDN (international domain names),
which is necessary for OpenID urls with unicode characters in the domain/host name.
It is also required to put the Uri class into RFC 3986 escaping mode, which OpenID and OAuth require. -->
- <uri>
- <idn enabled="All" />
- <iriParsing enabled="true" />
- </uri>
- <system.net>
- <defaultProxy enabled="true" />
- <settings>
- <!-- This setting causes .NET to check certificate revocation lists (CRL)
- before trusting HTTPS certificates. But this setting tends to not
- be allowed in shared hosting environments. -->
- <!--<servicePointManager checkCertificateRevocationList="true"/>-->
- </settings>
- </system.net>
+ <uri>
+ <idn enabled="All"/>
+ <iriParsing enabled="true"/>
+ </uri>
+
+ <system.net>
+ <defaultProxy enabled="true" />
+ <settings>
+ <!-- This setting causes .NET to check certificate revocation lists (CRL)
+ before trusting HTTPS certificates. But this setting tends to not
+ be allowed in shared hosting environments. -->
+ <!--<servicePointManager checkCertificateRevocationList="true"/>-->
+ </settings>
+ </system.net>
+
<!-- this is an optional configuration section where aspects of dotnetopenauth can be customized -->
<dotNetOpenAuth>
<!-- Allow DotNetOpenAuth to publish usage statistics to library authors to improve the library. -->
- <reporting enabled="true" />
+ <reporting enabled="true" />
+
<!-- Relaxing SSL requirements is useful for simple samples, but NOT a good idea in production. -->
- <messaging relaxSslRequirements="true">
- <untrustedWebRequest>
- <whitelistHosts>
- <!-- Uncomment to enable communication with localhost (should generally not activate in production!) -->
- <!--<add name="localhost" />-->
- </whitelistHosts>
- </untrustedWebRequest>
- </messaging>
- <openid />
+ <messaging relaxSslRequirements="true" />
</dotNetOpenAuth>
<appSettings>
<!-- Fill in your various consumer keys and secrets here to make the sample work. -->
@@ -97,9 +91,6 @@ The system.webServer section is required for running ASP.NET AJAX under Internet
Information Services 7.0. It is not necessary for previous version of IIS.
-->
- <runtime>
- <legacyHMACWarning enabled="0" />
- </runtime>
<log4net>
<appender name="TracePageAppender" type="OAuthClient.TracePageAppender, OAuthClient">
<layout type="log4net.Layout.PatternLayout">
@@ -131,11 +122,14 @@ </wsHttpBinding>
</bindings>
<client>
- <endpoint address="http://localhost:65169/DataApi.svc" binding="wsHttpBinding" bindingConfiguration="WSHttpBinding_IDataApi" contract="SampleResourceServer.IDataApi" name="WSHttpBinding_IDataApi">
+ <endpoint address="http://localhost:65170/DataApi.svc" binding="wsHttpBinding" bindingConfiguration="WSHttpBinding_IDataApi" contract="SampleResourceServer.IDataApi" name="WSHttpBinding_IDataApi">
<identity>
<dns value="localhost" />
</identity>
</endpoint>
</client>
</system.serviceModel>
+ <system.webServer>
+ <modules runAllManagedModulesForAllRequests="true" />
+ </system.webServer>
</configuration>
\ No newline at end of file diff --git a/src/OAuth/OAuthClient/WindowsLive.aspx b/src/OAuth/OAuthClient/WindowsLive.aspx index 5b8c8d4..ef51223 100644 --- a/src/OAuth/OAuthClient/WindowsLive.aspx +++ b/src/OAuth/OAuthClient/WindowsLive.aspx @@ -17,8 +17,8 @@ <pre>127.0.0.1 samples.dotnetopenauth.net</pre> <p> Then access this sample via this url: - <asp:HyperLink ID="publicLink" NavigateUrl="http://samples.dotnetopenauth.net:59721/WindowsLive.aspx" - runat="server">http://samples.dotnetopenauth.net:59721/WindowsLive.aspx</asp:HyperLink></p> + <asp:HyperLink ID="publicLink" NavigateUrl="http://samples.dotnetopenauth.net:59722/WindowsLive.aspx" + runat="server">http://samples.dotnetopenauth.net:59722/WindowsLive.aspx</asp:HyperLink></p> </asp:Panel> <div> Welcome, diff --git a/src/OAuth/OAuthClient/WindowsLive.aspx.cs b/src/OAuth/OAuthClient/WindowsLive.aspx.cs index b550e17..05101a7 100644 --- a/src/OAuth/OAuthClient/WindowsLive.aspx.cs +++ b/src/OAuth/OAuthClient/WindowsLive.aspx.cs @@ -14,7 +14,7 @@ public partial class WindowsLive : System.Web.UI.Page { private static readonly WindowsLiveClient client = new WindowsLiveClient { ClientIdentifier = ConfigurationManager.AppSettings["windowsLiveAppID"], - ClientSecret = ConfigurationManager.AppSettings["WindowsLiveAppSecret"], + ClientCredentialApplicator = ClientCredentialApplicator.PostParameter(ConfigurationManager.AppSettings["WindowsLiveAppSecret"]), }; protected void Page_Load(object sender, EventArgs e) { diff --git a/src/OAuth/OAuthClient/packages.config b/src/OAuth/OAuthClient/packages.config index 7704415..6754ed1 100644 --- a/src/OAuth/OAuthClient/packages.config +++ b/src/OAuth/OAuthClient/packages.config @@ -1,16 +1,28 @@ <?xml version="1.0" encoding="utf-8"?>
<packages>
- <package id="CodeContracts.Unofficial" version="1.0.0.2" />
- <package id="DotNetOpenAuth.Core" version="4.0.0.12084" />
- <package id="DotNetOpenAuth.OAuth.Common" version="4.0.0.12084" />
- <package id="DotNetOpenAuth.OAuth.Consumer" version="4.0.0.12084" />
- <package id="DotNetOpenAuth.OAuth.Core" version="4.0.0.12084" />
- <package id="DotNetOpenAuth.OAuth.ServiceProvider" version="4.0.0.12084" />
- <package id="DotNetOpenAuth.OAuth2.Client" version="0.23.0-draft" />
- <package id="DotNetOpenAuth.OAuth2.Client" version="0.23.0-draft2" />
- <package id="DotNetOpenAuth.OAuth2.Core" version="0.23.0-draft" />
- <package id="DotNetOpenAuth.OAuth2.Core" version="0.23.0-draft2" />
- <package id="DotNetOpenAuth.OpenId.Core" version="4.0.0.12084" />
- <package id="DotNetOpenAuth.OpenIdOAuth" version="4.0.0.12084" />
- <package id="log4net" version="2.0.0" />
+ <package id="CodeContracts.Unofficial" version="1.0.0.2" targetFramework="net40" />
+ <package id="DotNetOpenAuth" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.Core" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.Core.UI" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.InfoCard" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.InfoCard.UI" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OAuth.Common" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OAuth.Consumer" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OAuth.Core" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OAuth.ServiceProvider" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OAuth2.AuthorizationServer" version="0.25.0-draft1" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OAuth2.Client" version="0.25.0-draft1" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OAuth2.Client.UI" version="0.25.0-draft1" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OAuth2.ClientAuthorization" version="0.25.0-draft1" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OAuth2.Core" version="0.25.0-draft1" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OAuth2.ResourceServer" version="0.25.0-draft1" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OpenId.Core" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OpenId.Core.UI" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OpenId.Provider" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OpenId.Provider.UI" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OpenId.RelyingParty" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OpenId.RelyingParty.UI" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OpenIdInfoCard.UI" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OpenIdOAuth" version="4.1.0.12182" targetFramework="net40" />
+ <package id="log4net" version="2.0.0" targetFramework="net40" />
</packages>
\ No newline at end of file diff --git a/src/OAuth/OAuthConsumer/OAuthConsumer.csproj b/src/OAuth/OAuthConsumer/OAuthConsumer.csproj index 2e362f2..596d39a 100644 --- a/src/OAuth/OAuthConsumer/OAuthConsumer.csproj +++ b/src/OAuth/OAuthConsumer/OAuthConsumer.csproj @@ -1,6 +1,18 @@ <?xml version="1.0" encoding="utf-8"?>
<Project ToolsVersion="4.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
<Import Project="$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.props))\EnlistmentInfo.props" Condition=" '$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.props))' != '' " />
+ <Import Project="$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props" Condition="Exists('$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props')" />
+ <PropertyGroup>
+ <VisualStudioVersion Condition="'$(VisualStudioVersion)' == ''">10.0</VisualStudioVersion>
+ <VSToolsPath Condition="'$(VSToolsPath)' == ''">$(MSBuildExtensionsPath32)\Microsoft\VisualStudio\v$(VisualStudioVersion)</VSToolsPath>
+ <OldToolsVersion>4.0</OldToolsVersion>
+ <IISExpressSSLPort />
+ <IISExpressAnonymousAuthentication />
+ <IISExpressWindowsAuthentication />
+ <IISExpressUseClassicPipelineMode />
+ <SolutionDir Condition="$(SolutionDir) == '' Or $(SolutionDir) == '*Undefined*'">..\..\..\</SolutionDir>
+ <RestorePackages>true</RestorePackages>
+ </PropertyGroup>
<PropertyGroup>
<Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration>
<Platform Condition=" '$(Platform)' == '' ">AnyCPU</Platform>
@@ -16,8 +28,6 @@ <TargetFrameworkVersion>v4.0</TargetFrameworkVersion>
<TargetFrameworkProfile />
<UseIISExpress>false</UseIISExpress>
- <SolutionDir Condition="$(SolutionDir) == '' Or $(SolutionDir) == '*Undefined*'">..\..\..\</SolutionDir>
- <RestorePackages>true</RestorePackages>
</PropertyGroup>
<PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' ">
<DebugSymbols>true</DebugSymbols>
@@ -40,26 +50,35 @@ <DefineConstants>$(DefineConstants);SAMPLESONLY</DefineConstants>
</PropertyGroup>
<ItemGroup>
- <Reference Include="DotNetOpenAuth.Core, Version=4.0.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
- <HintPath>..\..\..\packages\DotNetOpenAuth.Core.4.0.0.12084\lib\net40-full\DotNetOpenAuth.Core.dll</HintPath>
+ <Reference Include="DotNetOpenAuth.Core, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.Core.4.1.0.12182\lib\net40-full\DotNetOpenAuth.Core.dll</HintPath>
+ </Reference>
+ <Reference Include="DotNetOpenAuth.OAuth, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth.Core.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OAuth.dll</HintPath>
+ </Reference>
+ <Reference Include="DotNetOpenAuth.OAuth.Common, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth.Common.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OAuth.Common.dll</HintPath>
</Reference>
- <Reference Include="DotNetOpenAuth.OAuth, Version=4.0.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
- <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth.Core.4.0.0.12084\lib\net40-full\DotNetOpenAuth.OAuth.dll</HintPath>
+ <Reference Include="DotNetOpenAuth.OAuth.Consumer, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth.Consumer.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OAuth.Consumer.dll</HintPath>
</Reference>
- <Reference Include="DotNetOpenAuth.OAuth.Common, Version=4.0.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
- <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth.Common.4.0.0.12084\lib\net40-full\DotNetOpenAuth.OAuth.Common.dll</HintPath>
+ <Reference Include="DotNetOpenAuth.OAuth.ServiceProvider, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth.ServiceProvider.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OAuth.ServiceProvider.dll</HintPath>
</Reference>
- <Reference Include="DotNetOpenAuth.OAuth.Consumer, Version=4.0.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
- <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth.Consumer.4.0.0.12084\lib\net40-full\DotNetOpenAuth.OAuth.Consumer.dll</HintPath>
+ <Reference Include="DotNetOpenAuth.OAuth2, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth2.Core.0.25.0-draft1\lib\net40-full\DotNetOpenAuth.OAuth2.dll</HintPath>
</Reference>
- <Reference Include="DotNetOpenAuth.OAuth.ServiceProvider, Version=4.0.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
- <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth.ServiceProvider.4.0.0.12084\lib\net40-full\DotNetOpenAuth.OAuth.ServiceProvider.dll</HintPath>
+ <Reference Include="DotNetOpenAuth.OAuth2.Client, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth2.Client.0.25.0-draft1\lib\net40-full\DotNetOpenAuth.OAuth2.Client.dll</HintPath>
</Reference>
- <Reference Include="DotNetOpenAuth.OpenId, Version=4.0.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
- <HintPath>..\..\..\packages\DotNetOpenAuth.OpenId.Core.4.0.0.12084\lib\net40-full\DotNetOpenAuth.OpenId.dll</HintPath>
+ <Reference Include="DotNetOpenAuth.OAuth2.ClientAuthorization, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth2.ClientAuthorization.0.25.0-draft1\lib\net40-full\DotNetOpenAuth.OAuth2.ClientAuthorization.dll</HintPath>
</Reference>
- <Reference Include="DotNetOpenAuth.OpenIdOAuth, Version=4.0.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
- <HintPath>..\..\..\packages\DotNetOpenAuth.OpenIdOAuth.4.0.0.12084\lib\net40-full\DotNetOpenAuth.OpenIdOAuth.dll</HintPath>
+ <Reference Include="DotNetOpenAuth.OpenId, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OpenId.Core.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OpenId.dll</HintPath>
+ </Reference>
+ <Reference Include="DotNetOpenAuth.OpenIdOAuth, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OpenIdOAuth.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OpenIdOAuth.dll</HintPath>
</Reference>
<Reference Include="log4net">
<HintPath>..\..\..\packages\log4net.2.0.0\lib\net40-full\log4net.dll</HintPath>
@@ -101,7 +120,9 @@ <Content Include="SignInWithTwitter.aspx" />
<Content Include="TracePage.aspx" />
<Content Include="Twitter.aspx" />
- <Content Include="Web.config" />
+ <Content Include="Web.config">
+ <SubType>Designer</SubType>
+ </Content>
<None Include="Service References\SampleServiceProvider\DataApi1.xsd">
<SubType>Designer</SubType>
</None>
@@ -195,7 +216,8 @@ <WCFMetadataStorage Include="Service References\SampleServiceProvider\" />
</ItemGroup>
<Import Project="$(MSBuildBinPath)\Microsoft.CSharp.targets" />
- <Import Project="$(MSBuildExtensionsPath32)\Microsoft\VisualStudio\v10.0\WebApplications\Microsoft.WebApplication.targets" />
+ <Import Project="$(VSToolsPath)\WebApplications\Microsoft.WebApplication.targets" Condition="'$(VSToolsPath)' != ''" />
+ <Import Project="$(MSBuildExtensionsPath32)\Microsoft\VisualStudio\v10.0\WebApplications\Microsoft.WebApplication.targets" Condition="false" />
<ProjectExtensions>
<VisualStudio>
<FlavorProperties GUID="{349c5851-65df-11da-9384-00065b846f21}">
diff --git a/src/OAuth/OAuthConsumer/Web.config b/src/OAuth/OAuthConsumer/Web.config index 3963433..09458df 100644 --- a/src/OAuth/OAuthConsumer/Web.config +++ b/src/OAuth/OAuthConsumer/Web.config @@ -3,16 +3,42 @@ <configSections>
<section name="log4net" type="log4net.Config.Log4NetConfigurationSectionHandler" requirePermission="false" />
<sectionGroup name="dotNetOpenAuth" type="DotNetOpenAuth.Configuration.DotNetOpenAuthSection, DotNetOpenAuth.Core">
+ <section name="oauth" type="DotNetOpenAuth.Configuration.OAuthElement, DotNetOpenAuth.OAuth" requirePermission="false" allowLocation="true" />
<section name="messaging" type="DotNetOpenAuth.Configuration.MessagingElement, DotNetOpenAuth.Core" requirePermission="false" allowLocation="true" />
<section name="reporting" type="DotNetOpenAuth.Configuration.ReportingElement, DotNetOpenAuth.Core" requirePermission="false" allowLocation="true" />
- <section name="oauth" type="DotNetOpenAuth.Configuration.OAuthElement, DotNetOpenAuth.OAuth" requirePermission="false" allowLocation="true" />
<section name="openid" type="DotNetOpenAuth.Configuration.OpenIdElement, DotNetOpenAuth.OpenId" requirePermission="false" allowLocation="true" />
</sectionGroup>
</configSections>
<!-- The uri section is necessary to turn on .NET 3.5 support for IDN (international domain names),
which is necessary for OpenID urls with unicode characters in the domain/host name.
It is also required to put the Uri class into RFC 3986 escaping mode, which OpenID and OAuth require. -->
+ <uri>
+ <idn enabled="All" />
+ <iriParsing enabled="true" />
+ </uri>
+ <system.net>
+ <defaultProxy enabled="true" />
+ <settings>
+ <!-- This setting causes .NET to check certificate revocation lists (CRL)
+ before trusting HTTPS certificates. But this setting tends to not
+ be allowed in shared hosting environments. -->
+ <!--<servicePointManager checkCertificateRevocationList="true"/>-->
+ </settings>
+ </system.net>
<!-- this is an optional configuration section where aspects of dotnetopenauth can be customized -->
+ <dotNetOpenAuth>
+ <!-- Allow DotNetOpenAuth to publish usage statistics to library authors to improve the library. -->
+ <reporting enabled="true" />
+ <messaging>
+ <untrustedWebRequest>
+ <whitelistHosts>
+ <!-- Uncomment to enable communication with localhost (should generally not activate in production!) -->
+ <!--<add name="localhost" />-->
+ </whitelistHosts>
+ </untrustedWebRequest>
+ </messaging>
+ <openid></openid>
+ </dotNetOpenAuth>
<appSettings>
<!-- Fill in your various consumer keys and secrets here to make the sample work. -->
<!-- You must get these values by signing up with each individual service provider. -->
@@ -101,40 +127,11 @@ </endpoint>
</client>
</system.serviceModel>
- <system.net>
- <defaultProxy enabled="true" />
- <settings>
- <!-- This setting causes .NET to check certificate revocation lists (CRL)
- before trusting HTTPS certificates. But this setting tends to not
- be allowed in shared hosting environments. -->
- <!--<servicePointManager checkCertificateRevocationList="true"/>-->
- </settings>
- </system.net>
+ <system.webServer>
+ <modules runAllManagedModulesForAllRequests="true" />
+ </system.webServer>
<runtime>
<!-- This prevents the Windows Event Log from frequently logging that HMAC1 is being used (when the other party needs it). -->
<legacyHMACWarning enabled="0" />
</runtime>
- <dotNetOpenAuth>
- <messaging>
- <untrustedWebRequest>
- <whitelistHosts>
- <!-- Uncomment to enable communication with localhost (should generally not activate in production!) -->
- <!--<add name="localhost" />-->
- </whitelistHosts>
- </untrustedWebRequest>
- </messaging>
- <!-- Allow DotNetOpenAuth to publish usage statistics to library authors to improve the library. -->
- <reporting enabled="true" />
- <openid></openid>
- </dotNetOpenAuth>
- <uri>
- <!-- See an error due to this section? When targeting .NET 3.5, please add the following line to your <configSections> at the top of this file:
- <section name="uri" type="System.Configuration.UriSection, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
- -->
- <!-- The uri section is necessary to turn on .NET 3.5 support for IDN (international domain names),
- which is necessary for OpenID urls with unicode characters in the domain/host name.
- It is also required to put the Uri class into RFC 3986 escaping mode, which OpenID and OAuth require. -->
- <idn enabled="All" />
- <iriParsing enabled="true" />
- </uri>
</configuration>
\ No newline at end of file diff --git a/src/OAuth/OAuthConsumer/packages.config b/src/OAuth/OAuthConsumer/packages.config index 56ae497..704c1fe 100644 --- a/src/OAuth/OAuthConsumer/packages.config +++ b/src/OAuth/OAuthConsumer/packages.config @@ -1,12 +1,15 @@ <?xml version="1.0" encoding="utf-8"?>
<packages>
- <package id="CodeContracts.Unofficial" version="1.0.0.2" />
- <package id="DotNetOpenAuth.Core" version="4.0.0.12084" />
- <package id="DotNetOpenAuth.OAuth.Common" version="4.0.0.12084" />
- <package id="DotNetOpenAuth.OAuth.Consumer" version="4.0.0.12084" />
- <package id="DotNetOpenAuth.OAuth.Core" version="4.0.0.12084" />
- <package id="DotNetOpenAuth.OAuth.ServiceProvider" version="4.0.0.12084" />
- <package id="DotNetOpenAuth.OpenId.Core" version="4.0.0.12084" />
- <package id="DotNetOpenAuth.OpenIdOAuth" version="4.0.0.12084" />
- <package id="log4net" version="2.0.0" />
+ <package id="CodeContracts.Unofficial" version="1.0.0.2" targetFramework="net40" />
+ <package id="DotNetOpenAuth.Core" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OAuth.Common" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OAuth.Consumer" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OAuth.Core" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OAuth.ServiceProvider" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OAuth2.Client" version="0.25.0-draft1" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OAuth2.ClientAuthorization" version="0.25.0-draft1" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OAuth2.Core" version="0.25.0-draft1" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OpenId.Core" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OpenIdOAuth" version="4.1.0.12182" targetFramework="net40" />
+ <package id="log4net" version="2.0.0" targetFramework="net40" />
</packages>
\ No newline at end of file diff --git a/src/OAuth/OAuthConsumerWpf/App.config b/src/OAuth/OAuthConsumerWpf/App.config index 472f77a..36085ab 100644 --- a/src/OAuth/OAuthConsumerWpf/App.config +++ b/src/OAuth/OAuthConsumerWpf/App.config @@ -1,98 +1,106 @@ -<?xml version="1.0"?> +<?xml version="1.0" encoding="utf-8"?> <configuration> - <configSections> - <section name="uri" type="System.Configuration.UriSection, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"/> - <section name="log4net" type="log4net.Config.Log4NetConfigurationSectionHandler" requirePermission="false"/> - <sectionGroup name="dotNetOpenAuth" type="DotNetOpenAuth.Configuration.DotNetOpenAuthSection, DotNetOpenAuth.Core"> - <section name="openid" type="DotNetOpenAuth.Configuration.OpenIdElement, DotNetOpenAuth.OpenId" requirePermission="false" allowLocation="true"/> - <section name="oauth" type="DotNetOpenAuth.Configuration.OAuthElement, DotNetOpenAuth.OAuth" requirePermission="false" allowLocation="true"/> - <section name="messaging" type="DotNetOpenAuth.Configuration.MessagingElement, DotNetOpenAuth.Core" requirePermission="false" allowLocation="true"/> - <section name="reporting" type="DotNetOpenAuth.Configuration.ReportingElement, DotNetOpenAuth.Core" requirePermission="false" allowLocation="true"/> - </sectionGroup> - </configSections> - - <!-- The uri section is necessary to turn on .NET 3.5 support for IDN (international domain names), + <configSections> + <section name="uri" type="System.Configuration.UriSection, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" /> + <section name="log4net" type="log4net.Config.Log4NetConfigurationSectionHandler" requirePermission="false" /> + <sectionGroup name="dotNetOpenAuth" type="DotNetOpenAuth.Configuration.DotNetOpenAuthSection, DotNetOpenAuth.Core"> + <section name="openid" type="DotNetOpenAuth.Configuration.OpenIdElement, DotNetOpenAuth.OpenId" requirePermission="false" allowLocation="true" /> + <section name="oauth" type="DotNetOpenAuth.Configuration.OAuthElement, DotNetOpenAuth.OAuth" requirePermission="false" allowLocation="true" /> + <section name="messaging" type="DotNetOpenAuth.Configuration.MessagingElement, DotNetOpenAuth.Core" requirePermission="false" allowLocation="true" /> + <section name="reporting" type="DotNetOpenAuth.Configuration.ReportingElement, DotNetOpenAuth.Core" requirePermission="false" allowLocation="true" /> + </sectionGroup> + </configSections> + <!-- The uri section is necessary to turn on .NET 3.5 support for IDN (international domain names), which is necessary for OpenID urls with unicode characters in the domain/host name. It is also required to put the Uri class into RFC 3986 escaping mode, which OpenID and OAuth require. --> - <uri> - <idn enabled="All"/> - <iriParsing enabled="true"/> - </uri> - - <system.net> - <defaultProxy enabled="true"/> - <settings> - <!-- This setting causes .NET to check certificate revocation lists (CRL) + <uri> + <idn enabled="All" /> + <iriParsing enabled="true" /> + </uri> + <system.net> + <defaultProxy enabled="true" /> + <settings> + <!-- This setting causes .NET to check certificate revocation lists (CRL) before trusting HTTPS certificates. But this setting tends to not be allowed in shared hosting environments. --> - <!--<servicePointManager checkCertificateRevocationList="true"/>--> - </settings> - </system.net> - - <!-- this is an optional configuration section where aspects of dotnetopenauth can be customized --> - <dotNetOpenAuth> - <!-- Allow DotNetOpenAuth to publish usage statistics to library authors to improve the library. --> - <reporting enabled="true"/> - - <!-- Relaxing SSL requirements is useful for simple samples, but NOT a good idea in production. --> - <messaging relaxSslRequirements="true"/> - </dotNetOpenAuth> - - <appSettings> - <!-- Fill in your various consumer keys and secrets here to make the sample work. --> - <!-- You must get these values by signing up with each individual service provider. --> - <!-- Google sign-up: https://www.google.com/accounts/ManageDomains --> - <add key="googleConsumerKey" value="anonymous"/> - <!-- Google requires either a secret or an X.509 certificate. This sample will use + <!--<servicePointManager checkCertificateRevocationList="true"/>--> + </settings> + </system.net> + <!-- this is an optional configuration section where aspects of dotnetopenauth can be customized --> + <dotNetOpenAuth> + <!-- Allow DotNetOpenAuth to publish usage statistics to library authors to improve the library. --> + <reporting enabled="true" /> + <!-- Relaxing SSL requirements is useful for simple samples, but NOT a good idea in production. --> + <messaging relaxSslRequirements="true" /> + </dotNetOpenAuth> + <appSettings> + <!-- Fill in your various consumer keys and secrets here to make the sample work. --> + <!-- You must get these values by signing up with each individual service provider. --> + <!-- Google sign-up: https://www.google.com/accounts/ManageDomains --> + <add key="googleConsumerKey" value="anonymous" /> + <!-- Google requires either a secret or an X.509 certificate. This sample will use the certificate if it is specified, otherwise it will use the shared secret. --> - <add key="googleConsumerSecret" value="anonymous"/> - <add key="googleConsumerCertificateFile" value=""/> - <add key="googleConsumerCertificatePassword" value=""/> - </appSettings> - - <log4net> - <appender name="RollingFileAppender" type="log4net.Appender.RollingFileAppender"> - <file value="Testing.log"/> - <appendToFile value="true"/> - <rollingStyle value="Size"/> - <maxSizeRollBackups value="10"/> - <maximumFileSize value="1024KB"/> - <staticLogFileName value="true"/> - <layout type="log4net.Layout.PatternLayout"> - <conversionPattern value="%date [%thread] %-5level %logger - %message%newline"/> - </layout> - </appender> - <!-- Setup the root category, add the appenders and set the default level --> - <root> - <level value="INFO"/> - <appender-ref ref="RollingFileAppender"/> - </root> - <!-- Specify the level for some specific categories --> - <logger name="DotNetOpenAuth"> - <level value="ALL"/> - </logger> - </log4net> - <system.serviceModel> - <bindings> - <wsHttpBinding> - <binding name="WSHttpBinding_IDataApi" closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00" bypassProxyOnLocal="false" transactionFlow="false" hostNameComparisonMode="StrongWildcard" maxBufferPoolSize="524288" maxReceivedMessageSize="65536" messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true" allowCookies="false"> - <readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384" maxBytesPerRead="4096" maxNameTableCharCount="16384"/> - <reliableSession ordered="true" inactivityTimeout="00:10:00" enabled="false"/> - <security mode="Message"> - <transport clientCredentialType="Windows" proxyCredentialType="None" realm=""> - <extendedProtectionPolicy policyEnforcement="Never"/> - </transport> - <message clientCredentialType="Windows" negotiateServiceCredential="true" algorithmSuite="Default" establishSecurityContext="true"/> - </security> - </binding> - </wsHttpBinding> - </bindings> - <client> - <endpoint address="http://localhost:65169/DataApi.svc" binding="wsHttpBinding" bindingConfiguration="WSHttpBinding_IDataApi" contract="WcfSampleService.IDataApi" name="WSHttpBinding_IDataApi"> - <identity> - <dns value="localhost"/> - </identity> - </endpoint> - </client> - </system.serviceModel> -<startup><supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.0"/></startup></configuration> + <add key="googleConsumerSecret" value="anonymous" /> + <add key="googleConsumerCertificateFile" value="" /> + <add key="googleConsumerCertificatePassword" value="" /> + </appSettings> + <log4net> + <appender name="RollingFileAppender" type="log4net.Appender.RollingFileAppender"> + <file value="Testing.log" /> + <appendToFile value="true" /> + <rollingStyle value="Size" /> + <maxSizeRollBackups value="10" /> + <maximumFileSize value="1024KB" /> + <staticLogFileName value="true" /> + <layout type="log4net.Layout.PatternLayout"> + <conversionPattern value="%date [%thread] %-5level %logger - %message%newline" /> + </layout> + </appender> + <!-- Setup the root category, add the appenders and set the default level --> + <root> + <level value="INFO" /> + <appender-ref ref="RollingFileAppender" /> + </root> + <!-- Specify the level for some specific categories --> + <logger name="DotNetOpenAuth"> + <level value="ALL" /> + </logger> + </log4net> + <system.serviceModel> + <bindings> + <wsHttpBinding> + <binding name="WSHttpBinding_IDataApi" closeTimeout="00:01:00" + openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00" + bypassProxyOnLocal="false" transactionFlow="false" hostNameComparisonMode="StrongWildcard" + maxBufferPoolSize="524288" maxReceivedMessageSize="65536" + messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true" + allowCookies="false"> + <readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384" + maxBytesPerRead="4096" maxNameTableCharCount="16384" /> + <reliableSession ordered="true" inactivityTimeout="00:10:00" + enabled="false" /> + <security mode="Message"> + <transport clientCredentialType="Windows" proxyCredentialType="None" + realm=""> + <extendedProtectionPolicy policyEnforcement="Never" /> + </transport> + <message clientCredentialType="Windows" negotiateServiceCredential="true" + algorithmSuite="Default" establishSecurityContext="true" /> + </security> + </binding> + </wsHttpBinding> + </bindings> + <client> + <endpoint address="http://localhost:65169/DataApi.svc" + binding="wsHttpBinding" bindingConfiguration="WSHttpBinding_IDataApi" + contract="WcfSampleService.IDataApi" name="WSHttpBinding_IDataApi"> + <identity> + <dns value="localhost" /> + </identity> + </endpoint> + </client> + </system.serviceModel> + <startup> + <supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.0" /> + </startup> +</configuration>
\ No newline at end of file diff --git a/src/OAuth/OAuthConsumerWpf/Authorize2.xaml.cs b/src/OAuth/OAuthConsumerWpf/Authorize2.xaml.cs index 64a10e2..2787bb7 100644 --- a/src/OAuth/OAuthConsumerWpf/Authorize2.xaml.cs +++ b/src/OAuth/OAuthConsumerWpf/Authorize2.xaml.cs @@ -1,15 +1,13 @@ namespace DotNetOpenAuth.Samples.OAuthConsumerWpf { - using System.Windows; - using DotNetOpenAuth.OAuth2; + + using DotNetOpenAuth.OAuth2; /// <summary> /// Interaction logic for Authorize2.xaml /// </summary> public partial class Authorize2 : Window { internal Authorize2(UserAgentClient client) { - //System.Diagnostics.Contracts.Contract.Requires(client != null, "client"); - this.InitializeComponent(); this.clientAuthorizationView.Client = client; } diff --git a/src/OAuth/OAuthConsumerWpf/OAuthConsumerWpf.csproj b/src/OAuth/OAuthConsumerWpf/OAuthConsumerWpf.csproj index 98e4a82..c318fcb 100644 --- a/src/OAuth/OAuthConsumerWpf/OAuthConsumerWpf.csproj +++ b/src/OAuth/OAuthConsumerWpf/OAuthConsumerWpf.csproj @@ -70,25 +70,37 @@ </PropertyGroup>
<ItemGroup>
<Reference Include="DotNetOpenAuth.Core">
- <HintPath>..\..\..\packages\DotNetOpenAuth.Core.4.0.0.12084\lib\net40-full\DotNetOpenAuth.Core.dll</HintPath>
+ <HintPath>..\..\..\packages\DotNetOpenAuth.Core.4.1.0.12182\lib\net40-full\DotNetOpenAuth.Core.dll</HintPath>
</Reference>
<Reference Include="DotNetOpenAuth.OAuth">
- <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth.Core.4.0.0.12084\lib\net40-full\DotNetOpenAuth.OAuth.dll</HintPath>
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth.Core.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OAuth.dll</HintPath>
+ </Reference>
+ <Reference Include="DotNetOpenAuth.OAuth.Common">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth.Common.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OAuth.Common.dll</HintPath>
</Reference>
<Reference Include="DotNetOpenAuth.OAuth.Consumer">
- <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth.Consumer.4.0.0.12084\lib\net40-full\DotNetOpenAuth.OAuth.Consumer.dll</HintPath>
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth.Consumer.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OAuth.Consumer.dll</HintPath>
</Reference>
<Reference Include="DotNetOpenAuth.OAuth2">
- <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth2.Core.0.23.0-draft2\lib\net40-full\DotNetOpenAuth.OAuth2.dll</HintPath>
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth2.Core.0.25.0-draft1\lib\net40-full\DotNetOpenAuth.OAuth2.dll</HintPath>
+ </Reference>
+ <Reference Include="DotNetOpenAuth.OAuth2.AuthorizationServer">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth2.AuthorizationServer.0.25.0-draft1\lib\net40-full\DotNetOpenAuth.OAuth2.AuthorizationServer.dll</HintPath>
</Reference>
<Reference Include="DotNetOpenAuth.OAuth2.Client">
- <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth2.Client.0.23.0-draft2\lib\net40-full\DotNetOpenAuth.OAuth2.Client.dll</HintPath>
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth2.Client.0.25.0-draft1\lib\net40-full\DotNetOpenAuth.OAuth2.Client.dll</HintPath>
</Reference>
<Reference Include="DotNetOpenAuth.OAuth2.Client.UI">
- <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth2.Client.UI.0.23.0-draft2\lib\net40-full\DotNetOpenAuth.OAuth2.Client.UI.dll</HintPath>
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth2.Client.UI.0.25.0-draft1\lib\net40-full\DotNetOpenAuth.OAuth2.Client.UI.dll</HintPath>
+ </Reference>
+ <Reference Include="DotNetOpenAuth.OAuth2.ClientAuthorization">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth2.ClientAuthorization.0.25.0-draft1\lib\net40-full\DotNetOpenAuth.OAuth2.ClientAuthorization.dll</HintPath>
+ </Reference>
+ <Reference Include="DotNetOpenAuth.OAuth2.ResourceServer">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth2.ResourceServer.0.25.0-draft1\lib\net40-full\DotNetOpenAuth.OAuth2.ResourceServer.dll</HintPath>
</Reference>
<Reference Include="log4net">
- <HintPath>..\..\..\packages\log4net.2.0.0\lib\net35-full\log4net.dll</HintPath>
+ <HintPath>..\..\..\packages\log4net.2.0.0\lib\net40-full\log4net.dll</HintPath>
</Reference>
<Reference Include="Microsoft.Contracts">
<HintPath>..\..\..\packages\CodeContracts.Unofficial.1.0.0.2\lib\net35-client\Microsoft.Contracts.dll</HintPath>
diff --git a/src/OAuth/OAuthConsumerWpf/packages.config b/src/OAuth/OAuthConsumerWpf/packages.config index 23deca0..6c94766 100644 --- a/src/OAuth/OAuthConsumerWpf/packages.config +++ b/src/OAuth/OAuthConsumerWpf/packages.config @@ -1,14 +1,15 @@ <?xml version="1.0" encoding="utf-8"?>
<packages>
- <package id="CodeContracts.Unofficial" version="1.0.0.2" />
- <package id="DotNetOpenAuth.Core" version="4.0.0.12084" />
- <package id="DotNetOpenAuth.OAuth.Consumer" version="4.0.0.12084" />
- <package id="DotNetOpenAuth.OAuth.Core" version="4.0.0.12084" />
- <package id="DotNetOpenAuth.OAuth2.Client" version="0.23.0-draft" />
- <package id="DotNetOpenAuth.OAuth2.Client" version="0.23.0-draft2" />
- <package id="DotNetOpenAuth.OAuth2.Client.UI" version="0.23.0-draft" />
- <package id="DotNetOpenAuth.OAuth2.Client.UI" version="0.23.0-draft2" />
- <package id="DotNetOpenAuth.OAuth2.Core" version="0.23.0-draft" />
- <package id="DotNetOpenAuth.OAuth2.Core" version="0.23.0-draft2" />
- <package id="log4net" version="2.0.0" />
+ <package id="CodeContracts.Unofficial" version="1.0.0.2" targetFramework="net40" />
+ <package id="DotNetOpenAuth.Core" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OAuth.Common" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OAuth.Consumer" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OAuth.Core" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OAuth2.AuthorizationServer" version="0.25.0-draft1" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OAuth2.Client" version="0.25.0-draft1" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OAuth2.Client.UI" version="0.25.0-draft1" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OAuth2.ClientAuthorization" version="0.25.0-draft1" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OAuth2.Core" version="0.25.0-draft1" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OAuth2.ResourceServer" version="0.25.0-draft1" targetFramework="net40" />
+ <package id="log4net" version="2.0.0" targetFramework="net40" />
</packages>
\ No newline at end of file diff --git a/src/OAuth/OAuthResourceServer/Code/OAuthAuthorizationManager.cs b/src/OAuth/OAuthResourceServer/Code/OAuthAuthorizationManager.cs index 8d0c13d..62b1c59 100644 --- a/src/OAuth/OAuthResourceServer/Code/OAuthAuthorizationManager.cs +++ b/src/OAuth/OAuthResourceServer/Code/OAuthAuthorizationManager.cs @@ -7,7 +7,7 @@ using System.ServiceModel; using System.ServiceModel.Channels; using System.ServiceModel.Security; - + using System.ServiceModel.Web; using DotNetOpenAuth.Messaging; using DotNetOpenAuth.OAuth2; @@ -29,7 +29,7 @@ var requestUri = operationContext.RequestContext.RequestMessage.Properties.Via; try { - var principal = VerifyOAuth2(httpDetails, requestUri); + var principal = VerifyOAuth2(httpDetails, requestUri, operationContext.IncomingMessageHeaders.Action ?? operationContext.IncomingMessageHeaders.To.AbsolutePath); if (principal != null) { var policy = new OAuthPrincipalAuthorizationPolicy(principal); var policies = new List<IAuthorizationPolicy> { @@ -49,11 +49,16 @@ principal.Identity, }; - // Only allow this method call if the access token scope permits it. - return principal.IsInRole(operationContext.IncomingMessageHeaders.Action ?? operationContext.IncomingMessageHeaders.To.AbsolutePath); + return true; } else { return false; } + } catch (ProtocolFaultResponseException ex) { + Global.Logger.Error("Error processing OAuth messages.", ex); + + // Return the appropriate unauthorized response to the client. + var outgoingResponse = ex.CreateErrorResponse(); + outgoingResponse.Respond(WebOperationContext.Current.OutgoingResponse); } catch (ProtocolException ex) { Global.Logger.Error("Error processing OAuth messages.", ex); } @@ -61,18 +66,13 @@ return false; } - private static IPrincipal VerifyOAuth2(HttpRequestMessageProperty httpDetails, Uri requestUri) { + private static IPrincipal VerifyOAuth2(HttpRequestMessageProperty httpDetails, Uri requestUri, params string[] requiredScopes) { // for this sample where the auth server and resource server are the same site, // we use the same public/private key. using (var signing = Global.CreateAuthorizationServerSigningServiceProvider()) { using (var encrypting = Global.CreateResourceServerEncryptionServiceProvider()) { var resourceServer = new ResourceServer(new StandardAccessTokenAnalyzer(signing, encrypting)); - - IPrincipal result; - var error = resourceServer.VerifyAccess(HttpRequestInfo.Create(httpDetails, requestUri), out result); - - // TODO: return the prepared error code. - return error != null ? null : result; + return resourceServer.GetPrincipal(httpDetails, requestUri, requiredScopes); } } } diff --git a/src/OAuth/OAuthResourceServer/OAuthResourceServer.csproj b/src/OAuth/OAuthResourceServer/OAuthResourceServer.csproj index 9904726..80de421 100644 --- a/src/OAuth/OAuthResourceServer/OAuthResourceServer.csproj +++ b/src/OAuth/OAuthResourceServer/OAuthResourceServer.csproj @@ -1,6 +1,19 @@ <?xml version="1.0" encoding="utf-8"?>
<Project ToolsVersion="4.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
<Import Project="$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.props))\EnlistmentInfo.props" Condition=" '$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.props))' != '' " />
+ <Import Project="$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props" Condition="Exists('$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props')" />
+ <PropertyGroup>
+ <VisualStudioVersion Condition="'$(VisualStudioVersion)' == ''">10.0</VisualStudioVersion>
+ <VSToolsPath Condition="'$(VSToolsPath)' == ''">$(MSBuildExtensionsPath32)\Microsoft\VisualStudio\v$(VisualStudioVersion)</VSToolsPath>
+ <OldToolsVersion>4.0</OldToolsVersion>
+ <IISExpressSSLPort />
+ <IISExpressAnonymousAuthentication />
+ <IISExpressWindowsAuthentication />
+ <IISExpressUseClassicPipelineMode />
+ <TargetFrameworkProfile />
+ <SolutionDir Condition="$(SolutionDir) == '' Or $(SolutionDir) == '*Undefined*'">..\..\..\</SolutionDir>
+ <RestorePackages>true</RestorePackages>
+ </PropertyGroup>
<PropertyGroup>
<Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration>
<Platform Condition=" '$(Platform)' == '' ">AnyCPU</Platform>
@@ -14,10 +27,7 @@ <RootNamespace>OAuthResourceServer</RootNamespace>
<AssemblyName>OAuthResourceServer</AssemblyName>
<TargetFrameworkVersion>v4.0</TargetFrameworkVersion>
- <UseIISExpress>false</UseIISExpress>
- <SolutionDir Condition="$(SolutionDir) == '' Or $(SolutionDir) == '*Undefined*'">..\..\..\</SolutionDir>
- <RestorePackages>true</RestorePackages>
- <TargetFrameworkProfile />
+ <UseIISExpress>true</UseIISExpress>
</PropertyGroup>
<PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' ">
<DebugSymbols>true</DebugSymbols>
@@ -38,16 +48,16 @@ </PropertyGroup>
<ItemGroup>
<Reference Include="DotNetOpenAuth.Core">
- <HintPath>..\..\..\packages\DotNetOpenAuth.Core.4.0.0.12084\lib\net40-full\DotNetOpenAuth.Core.dll</HintPath>
+ <HintPath>..\..\..\packages\DotNetOpenAuth.Core.4.1.0.12182\lib\net40-full\DotNetOpenAuth.Core.dll</HintPath>
</Reference>
<Reference Include="DotNetOpenAuth.OAuth.Common">
- <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth.Common.4.0.0.12084\lib\net40-full\DotNetOpenAuth.OAuth.Common.dll</HintPath>
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth.Common.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OAuth.Common.dll</HintPath>
</Reference>
<Reference Include="DotNetOpenAuth.OAuth2">
- <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth2.Core.0.23.0-draft2\lib\net40-full\DotNetOpenAuth.OAuth2.dll</HintPath>
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth2.Core.0.25.0-draft1\lib\net40-full\DotNetOpenAuth.OAuth2.dll</HintPath>
</Reference>
<Reference Include="DotNetOpenAuth.OAuth2.ResourceServer">
- <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth2.ResourceServer.0.23.0-draft2\lib\net40-full\DotNetOpenAuth.OAuth2.ResourceServer.dll</HintPath>
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth2.ResourceServer.0.25.0-draft1\lib\net40-full\DotNetOpenAuth.OAuth2.ResourceServer.dll</HintPath>
</Reference>
<Reference Include="log4net">
<HintPath>..\..\..\packages\log4net.2.0.0\lib\net40-full\log4net.dll</HintPath>
@@ -124,17 +134,17 @@ <Content Include="packages.config" />
</ItemGroup>
<Import Project="$(MSBuildBinPath)\Microsoft.CSharp.targets" />
- <Import Project="$(MSBuildExtensionsPath32)\Microsoft\VisualStudio\v10.0\WebApplications\Microsoft.WebApplication.targets" />
+ <Import Project="$(VSToolsPath)\WebApplications\Microsoft.WebApplication.targets" Condition="'$(VSToolsPath)' != ''" />
+ <Import Project="$(MSBuildExtensionsPath32)\Microsoft\VisualStudio\v10.0\WebApplications\Microsoft.WebApplication.targets" Condition="false" />
<ProjectExtensions>
<VisualStudio>
<FlavorProperties GUID="{349c5851-65df-11da-9384-00065b846f21}">
<WebProjectProperties>
- <UseIIS>False</UseIIS>
+ <UseIIS>True</UseIIS>
<AutoAssignPort>False</AutoAssignPort>
- <DevelopmentServerPort>65169</DevelopmentServerPort>
+ <DevelopmentServerPort>65170</DevelopmentServerPort>
<DevelopmentServerVPath>/</DevelopmentServerVPath>
- <IISUrl>
- </IISUrl>
+ <IISUrl>http://localhost:65170/</IISUrl>
<NTLMAuthentication>False</NTLMAuthentication>
<UseCustomServer>False</UseCustomServer>
<CustomServerUrl>
@@ -144,12 +154,12 @@ </FlavorProperties>
</VisualStudio>
</ProjectExtensions>
- <!-- To modify your build process, add your task inside one of the targets below and uncomment it. - Other similar extension points exist, see Microsoft.Common.targets. - <Target Name="BeforeBuild"> - </Target> - <Target Name="AfterBuild"> - </Target> + <!-- To modify your build process, add your task inside one of the targets below and uncomment it.
+ Other similar extension points exist, see Microsoft.Common.targets.
+ <Target Name="BeforeBuild">
+ </Target>
+ <Target Name="AfterBuild">
+ </Target>
-->
<Import Project="$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.targets))\EnlistmentInfo.targets" Condition=" '$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.targets))' != '' " />
<Import Project="$(SolutionDir)\.nuget\nuget.targets" />
diff --git a/src/OAuth/OAuthResourceServer/Web.config b/src/OAuth/OAuthResourceServer/Web.config index 1ab8dfa..74b01eb 100644 --- a/src/OAuth/OAuthResourceServer/Web.config +++ b/src/OAuth/OAuthResourceServer/Web.config @@ -1,7 +1,6 @@ <?xml version="1.0" encoding="utf-8"?>
<configuration>
<configSections>
- <section name="uri" type="System.Configuration.UriSection, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
<section name="log4net" type="log4net.Config.Log4NetConfigurationSectionHandler" requirePermission="false" />
<sectionGroup name="dotNetOpenAuth" type="DotNetOpenAuth.Configuration.DotNetOpenAuthSection, DotNetOpenAuth.Core">
<section name="openid" type="DotNetOpenAuth.Configuration.OpenIdElement, DotNetOpenAuth.OpenId" requirePermission="false" allowLocation="true" />
@@ -21,8 +20,8 @@ <defaultProxy enabled="true" />
<settings>
<!-- This setting causes .NET to check certificate revocation lists (CRL)
- before trusting HTTPS certificates. But this setting tends to not
- be allowed in shared hosting environments. -->
+ before trusting HTTPS certificates. But this setting tends to not
+ be allowed in shared hosting environments. -->
<!--<servicePointManager checkCertificateRevocationList="true"/>-->
</settings>
</system.net>
@@ -106,10 +105,13 @@ </identity>
</endpoint>
<endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange" />
- <endpoint address="web" binding="webHttpBinding" contract="OAuthResourceServer.Code.IDataApi" behaviorConfiguration="DataApiWebBehavior" />
+ <endpoint address="web" binding="webHttpBinding" contract="OAuthResourceServer.Code.IDataApi" behaviorConfiguration="DataApiWebBehavior"></endpoint>
</service>
</services>
</system.serviceModel>
+ <system.webServer>
+ <modules runAllManagedModulesForAllRequests="true" />
+ </system.webServer>
<runtime>
<!-- This prevents the Windows Event Log from frequently logging that HMAC1 is being used (when the other party needs it). -->
<legacyHMACWarning enabled="0" />
diff --git a/src/OAuth/OAuthResourceServer/packages.config b/src/OAuth/OAuthResourceServer/packages.config index 0e5b33a..4e51419 100644 --- a/src/OAuth/OAuthResourceServer/packages.config +++ b/src/OAuth/OAuthResourceServer/packages.config @@ -1,11 +1,9 @@ <?xml version="1.0" encoding="utf-8"?>
<packages>
- <package id="CodeContracts.Unofficial" version="1.0.0.2" />
- <package id="DotNetOpenAuth.Core" version="4.0.0.12084" />
- <package id="DotNetOpenAuth.OAuth.Common" version="4.0.0.12084" />
- <package id="DotNetOpenAuth.OAuth2.Core" version="0.23.0-draft" />
- <package id="DotNetOpenAuth.OAuth2.Core" version="0.23.0-draft2" />
- <package id="DotNetOpenAuth.OAuth2.ResourceServer" version="0.23.0-draft" />
- <package id="DotNetOpenAuth.OAuth2.ResourceServer" version="0.23.0-draft2" />
- <package id="log4net" version="2.0.0" />
+ <package id="CodeContracts.Unofficial" version="1.0.0.2" targetFramework="net40" />
+ <package id="DotNetOpenAuth.Core" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OAuth.Common" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OAuth2.Core" version="0.25.0-draft1" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OAuth2.ResourceServer" version="0.25.0-draft1" targetFramework="net40" />
+ <package id="log4net" version="2.0.0" targetFramework="net40" />
</packages>
\ No newline at end of file diff --git a/src/OAuth/OAuthServiceProvider/OAuthServiceProvider.csproj b/src/OAuth/OAuthServiceProvider/OAuthServiceProvider.csproj index f8c1eb5..fd2a5bb 100644 --- a/src/OAuth/OAuthServiceProvider/OAuthServiceProvider.csproj +++ b/src/OAuth/OAuthServiceProvider/OAuthServiceProvider.csproj @@ -1,6 +1,17 @@ <?xml version="1.0" encoding="utf-8"?> <Project ToolsVersion="4.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003"> <Import Project="$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.props))\EnlistmentInfo.props" Condition=" '$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.props))' != '' " /> + <Import Project="$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props" Condition="Exists('$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props')" /> + <PropertyGroup> + <VisualStudioVersion Condition="'$(VisualStudioVersion)' == ''">10.0</VisualStudioVersion> + <VSToolsPath Condition="'$(VSToolsPath)' == ''">$(MSBuildExtensionsPath32)\Microsoft\VisualStudio\v$(VisualStudioVersion)</VSToolsPath> + <OldToolsVersion>4.0</OldToolsVersion> + <IISExpressSSLPort /> + <IISExpressAnonymousAuthentication /> + <IISExpressWindowsAuthentication /> + <IISExpressUseClassicPipelineMode /> + <TargetFrameworkProfile /> + </PropertyGroup> <PropertyGroup> <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration> <Platform Condition=" '$(Platform)' == '' ">AnyCPU</Platform> @@ -13,7 +24,7 @@ <AppDesignerFolder>Properties</AppDesignerFolder> <RootNamespace>OAuthServiceProvider</RootNamespace> <AssemblyName>OAuthServiceProvider</AssemblyName> - <TargetFrameworkVersion>v3.5</TargetFrameworkVersion> + <TargetFrameworkVersion>v4.0</TargetFrameworkVersion> <UseIISExpress>false</UseIISExpress> </PropertyGroup> <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' "> @@ -39,13 +50,14 @@ </Reference> <Reference Include="System" /> <Reference Include="System.Data" /> - <Reference Include="System.Core" /> <Reference Include="System.Data.DataSetExtensions" /> <Reference Include="System.Data.Linq" /> <Reference Include="System.IdentityModel" /> <Reference Include="System.ServiceModel" /> + <Reference Include="System.Web.ApplicationServices" /> + <Reference Include="System.Web.DynamicData" /> + <Reference Include="System.Web.Entity" /> <Reference Include="System.Web.Extensions" /> - <Reference Include="System.Xml.Linq" /> <Reference Include="System.Drawing" /> <Reference Include="System.Web" /> <Reference Include="System.Xml" /> @@ -53,6 +65,7 @@ <Reference Include="System.Web.Services" /> <Reference Include="System.EnterpriseServices" /> <Reference Include="System.Web.Mobile" /> + <Reference Include="System.Xml.Linq" /> </ItemGroup> <ItemGroup> <Content Include="DataApi.svc" /> @@ -101,19 +114,15 @@ </Compile> <Compile Include="Default.aspx.cs"> <DependentUpon>Default.aspx</DependentUpon> - <SubType>ASPXCodeBehind</SubType> </Compile> <Compile Include="Members\Authorize.aspx.cs"> <DependentUpon>Authorize.aspx</DependentUpon> - <SubType>ASPXCodeBehind</SubType> </Compile> <Compile Include="Members\AuthorizedConsumers.aspx.cs"> <DependentUpon>AuthorizedConsumers.aspx</DependentUpon> - <SubType>ASPXCodeBehind</SubType> </Compile> <Compile Include="TracePage.aspx.cs"> <DependentUpon>TracePage.aspx</DependentUpon> - <SubType>ASPXCodeBehind</SubType> </Compile> <Compile Include="TracePage.aspx.designer.cs"> <DependentUpon>TracePage.aspx</DependentUpon> @@ -175,7 +184,8 @@ </ProjectReference> </ItemGroup> <Import Project="$(MSBuildBinPath)\Microsoft.CSharp.targets" /> - <Import Project="$(MSBuildExtensionsPath32)\Microsoft\VisualStudio\v10.0\WebApplications\Microsoft.WebApplication.targets" /> + <Import Project="$(VSToolsPath)\WebApplications\Microsoft.WebApplication.targets" Condition="'$(VSToolsPath)' != ''" /> + <Import Project="$(MSBuildExtensionsPath32)\Microsoft\VisualStudio\v10.0\WebApplications\Microsoft.WebApplication.targets" Condition="false" /> <ProjectExtensions> <VisualStudio> <FlavorProperties GUID="{349c5851-65df-11da-9384-00065b846f21}"> diff --git a/src/OAuth/OAuthServiceProvider/Web.config b/src/OAuth/OAuthServiceProvider/Web.config index 60a4d86..e42b164 100644 --- a/src/OAuth/OAuthServiceProvider/Web.config +++ b/src/OAuth/OAuthServiceProvider/Web.config @@ -1,24 +1,12 @@ <?xml version="1.0"?> <configuration> <configSections> - <section name="uri" type="System.Configuration.UriSection, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"/> <section name="log4net" type="log4net.Config.Log4NetConfigurationSectionHandler" requirePermission="false"/> <sectionGroup name="dotNetOpenAuth" type="DotNetOpenAuth.Configuration.DotNetOpenAuthSection, DotNetOpenAuth.Core"> <section name="oauth" type="DotNetOpenAuth.Configuration.OAuthElement, DotNetOpenAuth.OAuth" requirePermission="false" allowLocation="true" /> <section name="messaging" type="DotNetOpenAuth.Configuration.MessagingElement, DotNetOpenAuth.Core" requirePermission="false" allowLocation="true" /> <section name="reporting" type="DotNetOpenAuth.Configuration.ReportingElement, DotNetOpenAuth.Core" requirePermission="false" allowLocation="true" /> </sectionGroup> - <sectionGroup name="system.web.extensions" type="System.Web.Configuration.SystemWebExtensionsSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"> - <sectionGroup name="scripting" type="System.Web.Configuration.ScriptingSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"> - <section name="scriptResourceHandler" type="System.Web.Configuration.ScriptingScriptResourceHandlerSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication"/> - <sectionGroup name="webServices" type="System.Web.Configuration.ScriptingWebServicesSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"> - <section name="jsonSerialization" type="System.Web.Configuration.ScriptingJsonSerializationSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="Everywhere"/> - <section name="profileService" type="System.Web.Configuration.ScriptingProfileServiceSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication"/> - <section name="authenticationService" type="System.Web.Configuration.ScriptingAuthenticationServiceSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication"/> - <section name="roleService" type="System.Web.Configuration.ScriptingRoleServiceSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication"/> - </sectionGroup> - </sectionGroup> - </sectionGroup> </configSections> <!-- The uri section is necessary to turn on .NET 3.5 support for IDN (international domain names), @@ -65,80 +53,21 @@ affects performance, set this value to true only during development. --> - <compilation debug="true"> + <compilation debug="true" targetFramework="4.0"> <assemblies> - <add assembly="System.Core, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/> - <add assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add assembly="System.Data.DataSetExtensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/> - <add assembly="System.Xml.Linq, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/> - <add assembly="System.Data.Linq, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/> <remove assembly="DotNetOpenAuth.Contracts"/> + <add assembly="System.Data.Linq, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/> </assemblies> </compilation> <authentication mode="Forms"> <forms name="oauthSP" /> </authentication> - <pages> - <controls> - <add tagPrefix="asp" namespace="System.Web.UI" assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add tagPrefix="asp" namespace="System.Web.UI.WebControls" assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - </controls> - </pages> - <httpHandlers> - <remove verb="*" path="*.asmx"/> - <add verb="*" path="*.asmx" validate="false" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add verb="*" path="*_AppService.axd" validate="false" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add verb="GET,HEAD" path="ScriptResource.axd" type="System.Web.Handlers.ScriptResourceHandler, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" validate="false"/> - </httpHandlers> - <httpModules> - <add name="ScriptModule" type="System.Web.Handlers.ScriptModule, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - </httpModules> + <pages controlRenderingCompatibilityVersion="3.5" clientIDMode="AutoID"/> </system.web> - <system.codedom> - <compilers> - <compiler language="c#;cs;csharp" extension=".cs" warningLevel="4" type="Microsoft.CSharp.CSharpCodeProvider, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"> - <providerOption name="CompilerVersion" value="v3.5"/> - <providerOption name="WarnAsError" value="false"/> - </compiler> - <compiler language="vb;vbs;visualbasic;vbscript" extension=".vb" warningLevel="4" type="Microsoft.VisualBasic.VBCodeProvider, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"> - <providerOption name="CompilerVersion" value="v3.5"/> - <providerOption name="OptionInfer" value="true"/> - <providerOption name="WarnAsError" value="false"/> - </compiler> - </compilers> - </system.codedom> <!-- The system.webServer section is required for running ASP.NET AJAX under Internet Information Services 7.0. It is not necessary for previous version of IIS. --> - <system.webServer> - <validation validateIntegratedModeConfiguration="false"/> - <modules> - <remove name="ScriptModule"/> - <add name="ScriptModule" preCondition="managedHandler" type="System.Web.Handlers.ScriptModule, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - </modules> - <handlers> - <remove name="WebServiceHandlerFactory-Integrated"/> - <remove name="ScriptHandlerFactory"/> - <remove name="ScriptHandlerFactoryAppServices"/> - <remove name="ScriptResource"/> - <add name="ScriptHandlerFactory" verb="*" path="*.asmx" preCondition="integratedMode" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add name="ScriptHandlerFactoryAppServices" verb="*" path="*_AppService.axd" preCondition="integratedMode" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add name="ScriptResource" preCondition="integratedMode" verb="GET,HEAD" path="ScriptResource.axd" type="System.Web.Handlers.ScriptResourceHandler, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - </handlers> - </system.webServer> - <runtime> - <assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1"> - <dependentAssembly> - <assemblyIdentity name="System.Web.Extensions" publicKeyToken="31bf3856ad364e35"/> - <bindingRedirect oldVersion="1.0.0.0-1.1.0.0" newVersion="3.5.0.0"/> - </dependentAssembly> - <dependentAssembly> - <assemblyIdentity name="System.Web.Extensions.Design" publicKeyToken="31bf3856ad364e35"/> - <bindingRedirect oldVersion="1.0.0.0-1.1.0.0" newVersion="3.5.0.0"/> - </dependentAssembly> - </assemblyBinding> - </runtime> <log4net> <appender name="TracePageAppender" type="OAuthServiceProvider.Code.TracePageAppender, OAuthServiceProvider"> <layout type="log4net.Layout.PatternLayout"> @@ -177,4 +106,7 @@ </service> </services> </system.serviceModel> + <system.webServer> + <modules runAllManagedModulesForAllRequests="true"/> + </system.webServer> </configuration> diff --git a/src/OpenID/OpenIdOfflineProvider/OpenIdOfflineProvider.csproj b/src/OpenID/OpenIdOfflineProvider/OpenIdOfflineProvider.csproj index ed946e2..193a570 100644 --- a/src/OpenID/OpenIdOfflineProvider/OpenIdOfflineProvider.csproj +++ b/src/OpenID/OpenIdOfflineProvider/OpenIdOfflineProvider.csproj @@ -92,16 +92,54 @@ </PropertyGroup>
<ItemGroup>
<Reference Include="DotNetOpenAuth.Core">
- <HintPath>..\..\..\packages\DotNetOpenAuth.Core.4.0.0.12084\lib\net40-full\DotNetOpenAuth.Core.dll</HintPath>
+ <HintPath>..\..\..\packages\DotNetOpenAuth.Core.4.1.0.12182\lib\net40-full\DotNetOpenAuth.Core.dll</HintPath>
+ </Reference>
+ <Reference Include="DotNetOpenAuth.Core.UI">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.Core.UI.4.1.0.12182\lib\net40-full\DotNetOpenAuth.Core.UI.dll</HintPath>
+ </Reference>
+ <Reference Include="DotNetOpenAuth.InfoCard">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.InfoCard.4.1.0.12182\lib\net40-full\DotNetOpenAuth.InfoCard.dll</HintPath>
+ </Reference>
+ <Reference Include="DotNetOpenAuth.InfoCard.UI">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.InfoCard.UI.4.1.0.12182\lib\net40-full\DotNetOpenAuth.InfoCard.UI.dll</HintPath>
+ </Reference>
+ <Reference Include="DotNetOpenAuth.OAuth">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth.Core.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OAuth.dll</HintPath>
+ </Reference>
+ <Reference Include="DotNetOpenAuth.OAuth.Common">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth.Common.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OAuth.Common.dll</HintPath>
+ </Reference>
+ <Reference Include="DotNetOpenAuth.OAuth.Consumer">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth.Consumer.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OAuth.Consumer.dll</HintPath>
+ </Reference>
+ <Reference Include="DotNetOpenAuth.OAuth.ServiceProvider">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth.ServiceProvider.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OAuth.ServiceProvider.dll</HintPath>
</Reference>
<Reference Include="DotNetOpenAuth.OpenId">
- <HintPath>..\..\..\packages\DotNetOpenAuth.OpenId.Core.4.0.0.12084\lib\net40-full\DotNetOpenAuth.OpenId.dll</HintPath>
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OpenId.Core.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OpenId.dll</HintPath>
</Reference>
<Reference Include="DotNetOpenAuth.OpenId.Provider">
- <HintPath>..\..\..\packages\DotNetOpenAuth.OpenId.Provider.4.0.0.12084\lib\net40-full\DotNetOpenAuth.OpenId.Provider.dll</HintPath>
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OpenId.Provider.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OpenId.Provider.dll</HintPath>
+ </Reference>
+ <Reference Include="DotNetOpenAuth.OpenId.Provider.UI">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OpenId.Provider.UI.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OpenId.Provider.UI.dll</HintPath>
+ </Reference>
+ <Reference Include="DotNetOpenAuth.OpenId.RelyingParty">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OpenId.RelyingParty.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OpenId.RelyingParty.dll</HintPath>
+ </Reference>
+ <Reference Include="DotNetOpenAuth.OpenId.RelyingParty.UI">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OpenId.RelyingParty.UI.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OpenId.RelyingParty.UI.dll</HintPath>
+ </Reference>
+ <Reference Include="DotNetOpenAuth.OpenId.UI">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OpenId.Core.UI.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OpenId.UI.dll</HintPath>
+ </Reference>
+ <Reference Include="DotNetOpenAuth.OpenIdInfoCard.UI">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OpenIdInfoCard.UI.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OpenIdInfoCard.UI.dll</HintPath>
+ </Reference>
+ <Reference Include="DotNetOpenAuth.OpenIdOAuth">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OpenIdOAuth.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OpenIdOAuth.dll</HintPath>
</Reference>
- <Reference Include="log4net, Version=1.2.10.0, Culture=neutral, PublicKeyToken=1b44e1d426115821, processorArchitecture=MSIL">
- <SpecificVersion>False</SpecificVersion>
+ <Reference Include="log4net">
<HintPath>..\..\..\packages\log4net.2.0.0\lib\net40-full\log4net.dll</HintPath>
</Reference>
<Reference Include="System" />
diff --git a/src/OpenID/OpenIdOfflineProvider/packages.config b/src/OpenID/OpenIdOfflineProvider/packages.config index 7081e60..d4ed20d 100644 --- a/src/OpenID/OpenIdOfflineProvider/packages.config +++ b/src/OpenID/OpenIdOfflineProvider/packages.config @@ -1,8 +1,22 @@ <?xml version="1.0" encoding="utf-8"?>
<packages>
- <package id="CodeContracts.Unofficial" version="1.0.0.2" />
- <package id="DotNetOpenAuth.Core" version="4.0.0.12084" />
- <package id="DotNetOpenAuth.OpenId.Core" version="4.0.0.12084" />
- <package id="DotNetOpenAuth.OpenId.Provider" version="4.0.0.12084" />
- <package id="log4net" version="2.0.0" />
+ <package id="CodeContracts.Unofficial" version="1.0.0.2" targetFramework="net40" />
+ <package id="DotNetOpenAuth" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.Core" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.Core.UI" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.InfoCard" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.InfoCard.UI" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OAuth.Common" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OAuth.Consumer" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OAuth.Core" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OAuth.ServiceProvider" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OpenId.Core" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OpenId.Core.UI" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OpenId.Provider" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OpenId.Provider.UI" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OpenId.RelyingParty" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OpenId.RelyingParty.UI" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OpenIdInfoCard.UI" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OpenIdOAuth" version="4.1.0.12182" targetFramework="net40" />
+ <package id="log4net" version="2.0.0" targetFramework="net40" />
</packages>
\ No newline at end of file diff --git a/src/OpenID/OpenIdProviderMvc/Code/FormsAuthenticationService.cs b/src/OpenID/OpenIdProviderMvc/Code/FormsAuthenticationService.cs index 22db860..1f5ea54 100644 --- a/src/OpenID/OpenIdProviderMvc/Code/FormsAuthenticationService.cs +++ b/src/OpenID/OpenIdProviderMvc/Code/FormsAuthenticationService.cs @@ -10,6 +10,18 @@ get { return HttpContext.Current.User.Identity.Name; } } + public DateTime? SignedInTimestampUtc { + get { + var cookie = HttpContext.Current.Request.Cookies[FormsAuthentication.FormsCookieName]; + if (cookie != null) { + var ticket = FormsAuthentication.Decrypt(cookie.Value); + return ticket.IssueDate.ToUniversalTime(); + } else { + return null; + } + } + } + public void SignIn(string userName, bool createPersistentCookie) { FormsAuthentication.SetAuthCookie(userName, createPersistentCookie); } diff --git a/src/OpenID/OpenIdProviderMvc/Code/IFormsAuthentication.cs b/src/OpenID/OpenIdProviderMvc/Code/IFormsAuthentication.cs index d4c8a01..09856e9 100644 --- a/src/OpenID/OpenIdProviderMvc/Code/IFormsAuthentication.cs +++ b/src/OpenID/OpenIdProviderMvc/Code/IFormsAuthentication.cs @@ -17,6 +17,8 @@ using System.Web.Security; public interface IFormsAuthentication { string SignedInUsername { get; } + DateTime? SignedInTimestampUtc { get; } + void SignIn(string userName, bool createPersistentCookie); void SignOut(); diff --git a/src/OpenID/OpenIdProviderMvc/Controllers/OpenIdController.cs b/src/OpenID/OpenIdProviderMvc/Controllers/OpenIdController.cs index 198c434..6d2cc32 100644 --- a/src/OpenID/OpenIdProviderMvc/Controllers/OpenIdController.cs +++ b/src/OpenID/OpenIdProviderMvc/Controllers/OpenIdController.cs @@ -17,6 +17,16 @@ namespace OpenIdProviderMvc.Controllers { public class OpenIdController : Controller { internal static OpenIdProvider OpenIdProvider = new OpenIdProvider(); + public OpenIdController() + : this(null) { + } + + public OpenIdController(IFormsAuthentication formsAuthentication) { + this.FormsAuth = formsAuthentication ?? new FormsAuthenticationService(); + } + + public IFormsAuthentication FormsAuth { get; private set; } + [ValidateInput(false)] public ActionResult Provider() { IRequest request = OpenIdProvider.GetRequest(); @@ -29,6 +39,29 @@ namespace OpenIdProviderMvc.Controllers { // This is apparently one that the host (the web site itself) has to respond to. ProviderEndpoint.PendingRequest = (IHostProcessedRequest)request; + // If PAPE requires that the user has logged in recently, we may be required to challenge the user to log in. + var papeRequest = ProviderEndpoint.PendingRequest.GetExtension<PolicyRequest>(); + if (papeRequest != null && papeRequest.MaximumAuthenticationAge.HasValue) { + TimeSpan timeSinceLogin = DateTime.UtcNow - this.FormsAuth.SignedInTimestampUtc.Value; + if (timeSinceLogin > papeRequest.MaximumAuthenticationAge.Value) { + // The RP wants the user to have logged in more recently than he has. + // We'll have to redirect the user to a login screen. + return this.RedirectToAction("LogOn", "Account", new { returnUrl = this.Url.Action("ProcessAuthRequest") }); + } + } + + return this.ProcessAuthRequest(); + } else { + // No OpenID request was recognized. This may be a user that stumbled on the OP Endpoint. + return this.View(); + } + } + + public ActionResult ProcessAuthRequest() { + if (ProviderEndpoint.PendingRequest == null) { + return this.RedirectToAction("Index", "Home"); + } + // Try responding immediately if possible. ActionResult response; if (this.AutoRespondIfPossible(out response)) { @@ -42,10 +75,6 @@ namespace OpenIdProviderMvc.Controllers { } return this.RedirectToAction("AskUser"); - } else { - // No OpenID request was recognized. This may be a user that stumbled on the OP Endpoint. - return this.View(); - } } /// <summary> @@ -133,6 +162,17 @@ namespace OpenIdProviderMvc.Controllers { pendingRequest.AddResponseExtension(claimsResponse); } + + // Look for PAPE requests. + var papeRequest = pendingRequest.GetExtension<PolicyRequest>(); + if (papeRequest != null) { + var papeResponse = new PolicyResponse(); + if (papeRequest.MaximumAuthenticationAge.HasValue) { + papeResponse.AuthenticationTimeUtc = this.FormsAuth.SignedInTimestampUtc; + } + + pendingRequest.AddResponseExtension(papeResponse); + } } return OpenIdProvider.PrepareResponse(pendingRequest).AsActionResult(); diff --git a/src/OpenID/OpenIdProviderMvc/OpenIdProviderMvc.csproj b/src/OpenID/OpenIdProviderMvc/OpenIdProviderMvc.csproj index db65a1c..1a2f03a 100644 --- a/src/OpenID/OpenIdProviderMvc/OpenIdProviderMvc.csproj +++ b/src/OpenID/OpenIdProviderMvc/OpenIdProviderMvc.csproj @@ -38,23 +38,56 @@ <CodeAnalysisRuleSet>AllRules.ruleset</CodeAnalysisRuleSet>
</PropertyGroup>
<ItemGroup>
- <Reference Include="DotNetOpenAuth.Core">
- <HintPath>..\..\..\packages\DotNetOpenAuth.Core.4.0.0.12084\lib\net40-full\DotNetOpenAuth.Core.dll</HintPath>
+ <Reference Include="DotNetOpenAuth.Core, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.Core.4.1.0.12182\lib\net40-full\DotNetOpenAuth.Core.dll</HintPath>
</Reference>
- <Reference Include="DotNetOpenAuth.Core.UI">
- <HintPath>..\..\..\packages\DotNetOpenAuth.Core.UI.4.0.0.12084\lib\net40-full\DotNetOpenAuth.Core.UI.dll</HintPath>
+ <Reference Include="DotNetOpenAuth.Core.UI, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.Core.UI.4.1.0.12182\lib\net40-full\DotNetOpenAuth.Core.UI.dll</HintPath>
</Reference>
- <Reference Include="DotNetOpenAuth.OpenId">
- <HintPath>..\..\..\packages\DotNetOpenAuth.OpenId.Core.4.0.0.12084\lib\net40-full\DotNetOpenAuth.OpenId.dll</HintPath>
+ <Reference Include="DotNetOpenAuth.InfoCard, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.InfoCard.4.1.0.12182\lib\net40-full\DotNetOpenAuth.InfoCard.dll</HintPath>
</Reference>
- <Reference Include="DotNetOpenAuth.OpenId.Provider">
- <HintPath>..\..\..\packages\DotNetOpenAuth.OpenId.Provider.4.0.0.12084\lib\net40-full\DotNetOpenAuth.OpenId.Provider.dll</HintPath>
+ <Reference Include="DotNetOpenAuth.InfoCard.UI, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.InfoCard.UI.4.1.0.12182\lib\net40-full\DotNetOpenAuth.InfoCard.UI.dll</HintPath>
</Reference>
- <Reference Include="DotNetOpenAuth.OpenId.Provider.UI">
- <HintPath>..\..\..\packages\DotNetOpenAuth.OpenId.Provider.UI.4.0.0.12084\lib\net40-full\DotNetOpenAuth.OpenId.Provider.UI.dll</HintPath>
+ <Reference Include="DotNetOpenAuth.OAuth, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth.Core.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OAuth.dll</HintPath>
</Reference>
- <Reference Include="DotNetOpenAuth.OpenId.UI">
- <HintPath>..\..\..\packages\DotNetOpenAuth.OpenId.Core.UI.4.0.0.12084\lib\net40-full\DotNetOpenAuth.OpenId.UI.dll</HintPath>
+ <Reference Include="DotNetOpenAuth.OAuth.Common, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth.Common.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OAuth.Common.dll</HintPath>
+ </Reference>
+ <Reference Include="DotNetOpenAuth.OAuth.Consumer, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth.Consumer.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OAuth.Consumer.dll</HintPath>
+ </Reference>
+ <Reference Include="DotNetOpenAuth.OAuth.ServiceProvider, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth.ServiceProvider.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OAuth.ServiceProvider.dll</HintPath>
+ </Reference>
+ <Reference Include="DotNetOpenAuth.OpenId, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OpenId.Core.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OpenId.dll</HintPath>
+ </Reference>
+ <Reference Include="DotNetOpenAuth.OpenId.Provider, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OpenId.Provider.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OpenId.Provider.dll</HintPath>
+ </Reference>
+ <Reference Include="DotNetOpenAuth.OpenId.Provider.UI, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OpenId.Provider.UI.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OpenId.Provider.UI.dll</HintPath>
+ </Reference>
+ <Reference Include="DotNetOpenAuth.OpenId.RelyingParty, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OpenId.RelyingParty.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OpenId.RelyingParty.dll</HintPath>
+ </Reference>
+ <Reference Include="DotNetOpenAuth.OpenId.RelyingParty.UI, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OpenId.RelyingParty.UI.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OpenId.RelyingParty.UI.dll</HintPath>
+ </Reference>
+ <Reference Include="DotNetOpenAuth.OpenId.UI, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OpenId.Core.UI.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OpenId.UI.dll</HintPath>
+ </Reference>
+ <Reference Include="DotNetOpenAuth.OpenIdInfoCard.UI, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OpenIdInfoCard.UI.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OpenIdInfoCard.UI.dll</HintPath>
+ </Reference>
+ <Reference Include="DotNetOpenAuth.OpenIdOAuth, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OpenIdOAuth.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OpenIdOAuth.dll</HintPath>
+ </Reference>
+ <Reference Include="log4net">
+ <HintPath>..\..\..\packages\log4net.2.0.0\lib\net40-full\log4net.dll</HintPath>
</Reference>
<Reference Include="Microsoft.Contracts">
<HintPath>..\..\..\packages\CodeContracts.Unofficial.1.0.0.2\lib\net35-client\Microsoft.Contracts.dll</HintPath>
diff --git a/src/OpenID/OpenIdProviderMvc/Views/Web.config b/src/OpenID/OpenIdProviderMvc/Views/Web.config index df0103b..8bc9c19 100644 --- a/src/OpenID/OpenIdProviderMvc/Views/Web.config +++ b/src/OpenID/OpenIdProviderMvc/Views/Web.config @@ -12,9 +12,9 @@ To change this behavior apply the ValidateInputAttribute to a controller or action. --> - <pages validateRequest="false" pageParserFilterType="System.Web.Mvc.ViewTypeParserFilter, System.Web.Mvc, Version=2.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL" pageBaseType="System.Web.Mvc.ViewPage, System.Web.Mvc, Version=2.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL" userControlBaseType="System.Web.Mvc.ViewUserControl, System.Web.Mvc, Version=2.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL"> + <pages validateRequest="false" pageParserFilterType="System.Web.Mvc.ViewTypeParserFilter, System.Web.Mvc, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL" pageBaseType="System.Web.Mvc.ViewPage, System.Web.Mvc, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL" userControlBaseType="System.Web.Mvc.ViewUserControl, System.Web.Mvc, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL"> <controls> - <add assembly="System.Web.Mvc, Version=2.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL" namespace="System.Web.Mvc" tagPrefix="mvc" /> + <add assembly="System.Web.Mvc, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL" namespace="System.Web.Mvc" tagPrefix="mvc" /> </controls> </pages> </system.web> diff --git a/src/OpenID/OpenIdProviderMvc/Web.config b/src/OpenID/OpenIdProviderMvc/Web.config index 8c0056c..c5ab254 100644 --- a/src/OpenID/OpenIdProviderMvc/Web.config +++ b/src/OpenID/OpenIdProviderMvc/Web.config @@ -3,16 +3,28 @@ <configSections>
<section name="log4net" type="log4net.Config.Log4NetConfigurationSectionHandler" requirePermission="false" />
<sectionGroup name="dotNetOpenAuth" type="DotNetOpenAuth.Configuration.DotNetOpenAuthSection, DotNetOpenAuth.Core">
+ <section name="openid" type="DotNetOpenAuth.Configuration.OpenIdElement, DotNetOpenAuth.OpenId" requirePermission="false" allowLocation="true" />
<section name="oauth" type="DotNetOpenAuth.Configuration.OAuthElement, DotNetOpenAuth.OAuth" requirePermission="false" allowLocation="true" />
<section name="messaging" type="DotNetOpenAuth.Configuration.MessagingElement, DotNetOpenAuth.Core" requirePermission="false" allowLocation="true" />
<section name="reporting" type="DotNetOpenAuth.Configuration.ReportingElement, DotNetOpenAuth.Core" requirePermission="false" allowLocation="true" />
- <section name="openid" type="DotNetOpenAuth.Configuration.OpenIdElement, DotNetOpenAuth.OpenId" requirePermission="false" allowLocation="true" />
</sectionGroup>
- <section name="uri" type="System.Configuration.UriSection, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
</configSections>
<!-- The uri section is necessary to turn on .NET 3.5 support for IDN (international domain names),
which is necessary for OpenID urls with unicode characters in the domain/host name.
It is also required to put the Uri class into RFC 3986 escaping mode, which OpenID and OAuth require. -->
+ <uri>
+ <idn enabled="All" />
+ <iriParsing enabled="true" />
+ </uri>
+ <system.net>
+ <defaultProxy enabled="true" />
+ <settings>
+ <!-- This setting causes .NET to check certificate revocation lists (CRL)
+ before trusting HTTPS certificates. But this setting tends to not
+ be allowed in shared hosting environments. -->
+ <!--<servicePointManager checkCertificateRevocationList="true"/>-->
+ </settings>
+ </system.net>
<!-- this is an optional configuration section where aspects of dotnetopenauth can be customized -->
<dotNetOpenAuth>
<openid>
@@ -29,6 +41,19 @@ <!-- Uncomment the following to activate the sample custom store. -->
<!--<store type="RelyingPartyWebForms.CustomStore, RelyingPartyWebForms" />-->
</provider>
+ <relyingParty>
+ <security requireSsl="false">
+ <!-- Uncomment the trustedProviders tag if your relying party should only accept positive assertions from a closed set of OpenID Providers. -->
+ <!--<trustedProviders rejectAssertionsFromUntrustedProviders="true">
+ <add endpoint="https://www.google.com/accounts/o8/ud" />
+ </trustedProviders>-->
+ </security>
+ <behaviors>
+ <!-- The following OPTIONAL behavior allows RPs to use SREG only, but be compatible
+ with OPs that use Attribute Exchange (in various formats). -->
+ <add type="DotNetOpenAuth.OpenId.RelyingParty.Behaviors.AXFetchAsSregTransform, DotNetOpenAuth.OpenId.RelyingParty" />
+ </behaviors>
+ </relyingParty>
</openid>
<messaging>
<untrustedWebRequest>
@@ -51,7 +76,7 @@ -->
<compilation debug="true" targetFramework="4.0">
<assemblies>
- <add assembly="System.Web.Mvc, Version=2.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
+ <add assembly="System.Web.Mvc, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
<remove assembly="DotNetOpenAuth.Contracts" />
<add assembly="System.Web.Abstractions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
<add assembly="System.Web.Routing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
@@ -109,7 +134,7 @@ </namespaces>
</pages>
<httpHandlers>
- <add verb="*" path="*.mvc" validate="false" type="System.Web.Mvc.MvcHttpHandler, System.Web.Mvc, Version=2.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
+ <add verb="*" path="*.mvc" validate="false" type="System.Web.Mvc.MvcHttpHandler, System.Web.Mvc, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
</httpHandlers>
</system.web>
<system.web.extensions />
@@ -123,48 +148,18 @@ <handlers>
<remove name="MvcHttpHandler" />
<remove name="UrlRoutingHandler" />
- <add name="MvcHttpHandler" preCondition="integratedMode" verb="*" path="*.mvc" type="System.Web.Mvc.MvcHttpHandler, System.Web.Mvc, Version=2.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
+ <add name="MvcHttpHandler" preCondition="integratedMode" verb="*" path="*.mvc" type="System.Web.Mvc.MvcHttpHandler, System.Web.Mvc, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
</handlers>
</system.webServer>
<runtime>
- <!-- When targeting ASP.NET MVC 2, this assemblyBinding makes MVC 1 references relink
- to MVC 2 so libraries such as DotNetOpenAuth that compile against MVC 1 will work with it. -->
+ <legacyHMACWarning enabled="0" />
+ <!-- When targeting ASP.NET MVC 3, this assemblyBinding makes MVC 1 and 2 references relink
+ to MVC 3 so libraries such as DotNetOpenAuth that compile against MVC 1 will work with it. -->
<assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
<dependentAssembly>
- <assemblyIdentity name="DotNetOpenAuth.OpenId.RelyingParty" publicKeyToken="2780ccd10d57b246" culture="neutral" />
- <bindingRedirect oldVersion="0.0.0.0-4.0.0.0" newVersion="4.0.0.0" />
- </dependentAssembly>
- <dependentAssembly>
- <assemblyIdentity name="DotNetOpenAuth.OpenId" publicKeyToken="2780ccd10d57b246" culture="neutral" />
- <bindingRedirect oldVersion="0.0.0.0-4.0.0.12030" newVersion="4.0.0.12030" />
- </dependentAssembly>
- <dependentAssembly>
- <assemblyIdentity name="DotNetOpenAuth.Core" publicKeyToken="2780ccd10d57b246" culture="neutral" />
- <bindingRedirect oldVersion="0.0.0.0-4.0.0.12030" newVersion="4.0.0.12030" />
<assemblyIdentity name="System.Web.Mvc" publicKeyToken="31bf3856ad364e35" />
- <bindingRedirect oldVersion="1.0.0.0" newVersion="2.0.0.0" />
- </dependentAssembly>
- <dependentAssembly>
- <assemblyIdentity name="DotNetOpenAuth.Core.UI" publicKeyToken="2780ccd10d57b246" culture="neutral" />
- <bindingRedirect oldVersion="0.0.0.0-4.0.0.12030" newVersion="4.0.0.12030" />
+ <bindingRedirect oldVersion="1.0.0.0-3.0.0.0" newVersion="3.0.0.0" />
</dependentAssembly>
</assemblyBinding>
- <legacyHMACWarning enabled="0" />
</runtime>
- <system.net>
- <defaultProxy enabled="true" />
- <settings>
- <!-- This setting causes .NET to check certificate revocation lists (CRL)
- before trusting HTTPS certificates. But this setting tends to not
- be allowed in shared hosting environments. -->
- <!--<servicePointManager checkCertificateRevocationList="true"/>-->
- </settings>
- </system.net>
- <uri>
- <!-- The uri section is necessary to turn on .NET 3.5 support for IDN (international domain names),
- which is necessary for OpenID urls with unicode characters in the domain/host name.
- It is also required to put the Uri class into RFC 3986 escaping mode, which OpenID and OAuth require. -->
- <idn enabled="All" />
- <iriParsing enabled="true" />
- </uri>
</configuration>
\ No newline at end of file diff --git a/src/OpenID/OpenIdProviderMvc/packages.config b/src/OpenID/OpenIdProviderMvc/packages.config index cfe9741..d4ed20d 100644 --- a/src/OpenID/OpenIdProviderMvc/packages.config +++ b/src/OpenID/OpenIdProviderMvc/packages.config @@ -1,10 +1,22 @@ <?xml version="1.0" encoding="utf-8"?>
<packages>
- <package id="CodeContracts.Unofficial" version="1.0.0.2" />
- <package id="DotNetOpenAuth.Core" version="4.0.0.12084" />
- <package id="DotNetOpenAuth.Core.UI" version="4.0.0.12084" />
- <package id="DotNetOpenAuth.OpenId.Core" version="4.0.0.12084" />
- <package id="DotNetOpenAuth.OpenId.Core.UI" version="4.0.0.12084" />
- <package id="DotNetOpenAuth.OpenId.Provider" version="4.0.0.12084" />
- <package id="DotNetOpenAuth.OpenId.Provider.UI" version="4.0.0.12084" />
+ <package id="CodeContracts.Unofficial" version="1.0.0.2" targetFramework="net40" />
+ <package id="DotNetOpenAuth" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.Core" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.Core.UI" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.InfoCard" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.InfoCard.UI" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OAuth.Common" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OAuth.Consumer" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OAuth.Core" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OAuth.ServiceProvider" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OpenId.Core" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OpenId.Core.UI" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OpenId.Provider" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OpenId.Provider.UI" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OpenId.RelyingParty" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OpenId.RelyingParty.UI" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OpenIdInfoCard.UI" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OpenIdOAuth" version="4.1.0.12182" targetFramework="net40" />
+ <package id="log4net" version="2.0.0" targetFramework="net40" />
</packages>
\ No newline at end of file diff --git a/src/OpenID/OpenIdProviderWebForms/OpenIdProviderWebForms.csproj b/src/OpenID/OpenIdProviderWebForms/OpenIdProviderWebForms.csproj index d4e2b90..4a01678 100644 --- a/src/OpenID/OpenIdProviderWebForms/OpenIdProviderWebForms.csproj +++ b/src/OpenID/OpenIdProviderWebForms/OpenIdProviderWebForms.csproj @@ -53,38 +53,53 @@ <CodeAnalysisRuleSet>AllRules.ruleset</CodeAnalysisRuleSet>
</PropertyGroup>
<ItemGroup>
- <Reference Include="DotNetOpenAuth.Core, Version=4.0.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
- <HintPath>..\..\..\packages\DotNetOpenAuth.Core.4.0.0.12084\lib\net40-full\DotNetOpenAuth.Core.dll</HintPath>
+ <Reference Include="DotNetOpenAuth.Core, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.Core.4.1.0.12182\lib\net40-full\DotNetOpenAuth.Core.dll</HintPath>
</Reference>
- <Reference Include="DotNetOpenAuth.Core.UI, Version=4.0.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
- <HintPath>..\..\..\packages\DotNetOpenAuth.Core.UI.4.0.0.12084\lib\net40-full\DotNetOpenAuth.Core.UI.dll</HintPath>
+ <Reference Include="DotNetOpenAuth.Core.UI, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.Core.UI.4.1.0.12182\lib\net40-full\DotNetOpenAuth.Core.UI.dll</HintPath>
</Reference>
- <Reference Include="DotNetOpenAuth.OAuth, Version=4.0.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
- <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth.Core.4.0.0.12084\lib\net40-full\DotNetOpenAuth.OAuth.dll</HintPath>
+ <Reference Include="DotNetOpenAuth.InfoCard, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.InfoCard.4.1.0.12182\lib\net40-full\DotNetOpenAuth.InfoCard.dll</HintPath>
</Reference>
- <Reference Include="DotNetOpenAuth.OAuth.Common, Version=4.0.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
- <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth.Common.4.0.0.12084\lib\net40-full\DotNetOpenAuth.OAuth.Common.dll</HintPath>
+ <Reference Include="DotNetOpenAuth.InfoCard.UI, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.InfoCard.UI.4.1.0.12182\lib\net40-full\DotNetOpenAuth.InfoCard.UI.dll</HintPath>
</Reference>
- <Reference Include="DotNetOpenAuth.OAuth.Consumer, Version=4.0.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
- <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth.Consumer.4.0.0.12084\lib\net40-full\DotNetOpenAuth.OAuth.Consumer.dll</HintPath>
+ <Reference Include="DotNetOpenAuth.OAuth, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth.Core.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OAuth.dll</HintPath>
</Reference>
- <Reference Include="DotNetOpenAuth.OAuth.ServiceProvider, Version=4.0.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
- <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth.ServiceProvider.4.0.0.12084\lib\net40-full\DotNetOpenAuth.OAuth.ServiceProvider.dll</HintPath>
+ <Reference Include="DotNetOpenAuth.OAuth.Common, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth.Common.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OAuth.Common.dll</HintPath>
</Reference>
- <Reference Include="DotNetOpenAuth.OpenId, Version=4.0.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
- <HintPath>..\..\..\packages\DotNetOpenAuth.OpenId.Core.4.0.0.12084\lib\net40-full\DotNetOpenAuth.OpenId.dll</HintPath>
+ <Reference Include="DotNetOpenAuth.OAuth.Consumer, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth.Consumer.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OAuth.Consumer.dll</HintPath>
</Reference>
- <Reference Include="DotNetOpenAuth.OpenId.Provider, Version=4.0.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
- <HintPath>..\..\..\packages\DotNetOpenAuth.OpenId.Provider.4.0.0.12084\lib\net40-full\DotNetOpenAuth.OpenId.Provider.dll</HintPath>
+ <Reference Include="DotNetOpenAuth.OAuth.ServiceProvider, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth.ServiceProvider.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OAuth.ServiceProvider.dll</HintPath>
</Reference>
- <Reference Include="DotNetOpenAuth.OpenId.Provider.UI, Version=4.0.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
- <HintPath>..\..\..\packages\DotNetOpenAuth.OpenId.Provider.UI.4.0.0.12084\lib\net40-full\DotNetOpenAuth.OpenId.Provider.UI.dll</HintPath>
+ <Reference Include="DotNetOpenAuth.OpenId, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OpenId.Core.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OpenId.dll</HintPath>
</Reference>
- <Reference Include="DotNetOpenAuth.OpenId.UI, Version=4.0.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
- <HintPath>..\..\..\packages\DotNetOpenAuth.OpenId.Core.UI.4.0.0.12084\lib\net40-full\DotNetOpenAuth.OpenId.UI.dll</HintPath>
+ <Reference Include="DotNetOpenAuth.OpenId.Provider, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OpenId.Provider.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OpenId.Provider.dll</HintPath>
</Reference>
- <Reference Include="DotNetOpenAuth.OpenIdOAuth, Version=4.0.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
- <HintPath>..\..\..\packages\DotNetOpenAuth.OpenIdOAuth.4.0.0.12084\lib\net40-full\DotNetOpenAuth.OpenIdOAuth.dll</HintPath>
+ <Reference Include="DotNetOpenAuth.OpenId.Provider.UI, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OpenId.Provider.UI.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OpenId.Provider.UI.dll</HintPath>
+ </Reference>
+ <Reference Include="DotNetOpenAuth.OpenId.RelyingParty, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OpenId.RelyingParty.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OpenId.RelyingParty.dll</HintPath>
+ </Reference>
+ <Reference Include="DotNetOpenAuth.OpenId.RelyingParty.UI, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OpenId.RelyingParty.UI.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OpenId.RelyingParty.UI.dll</HintPath>
+ </Reference>
+ <Reference Include="DotNetOpenAuth.OpenId.UI, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OpenId.Core.UI.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OpenId.UI.dll</HintPath>
+ </Reference>
+ <Reference Include="DotNetOpenAuth.OpenIdInfoCard.UI, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OpenIdInfoCard.UI.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OpenIdInfoCard.UI.dll</HintPath>
+ </Reference>
+ <Reference Include="DotNetOpenAuth.OpenIdOAuth, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OpenIdOAuth.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OpenIdOAuth.dll</HintPath>
</Reference>
<Reference Include="log4net">
<HintPath>..\..\..\packages\log4net.2.0.0\lib\net40-full\log4net.dll</HintPath>
diff --git a/src/OpenID/OpenIdProviderWebForms/Web.config b/src/OpenID/OpenIdProviderWebForms/Web.config index 49058f0..0be2d51 100644 --- a/src/OpenID/OpenIdProviderWebForms/Web.config +++ b/src/OpenID/OpenIdProviderWebForms/Web.config @@ -4,14 +4,27 @@ <section name="log4net" type="log4net.Config.Log4NetConfigurationSectionHandler" requirePermission="false" />
<sectionGroup name="dotNetOpenAuth" type="DotNetOpenAuth.Configuration.DotNetOpenAuthSection, DotNetOpenAuth.Core">
<section name="openid" type="DotNetOpenAuth.Configuration.OpenIdElement, DotNetOpenAuth.OpenId" requirePermission="false" allowLocation="true" />
+ <section name="oauth" type="DotNetOpenAuth.Configuration.OAuthElement, DotNetOpenAuth.OAuth" requirePermission="false" allowLocation="true" />
<section name="messaging" type="DotNetOpenAuth.Configuration.MessagingElement, DotNetOpenAuth.Core" requirePermission="false" allowLocation="true" />
<section name="reporting" type="DotNetOpenAuth.Configuration.ReportingElement, DotNetOpenAuth.Core" requirePermission="false" allowLocation="true" />
- <section name="oauth" type="DotNetOpenAuth.Configuration.OAuthElement, DotNetOpenAuth.OAuth" requirePermission="false" allowLocation="true" />
</sectionGroup>
</configSections>
<!-- The uri section is necessary to turn on .NET 3.5 support for IDN (international domain names),
which is necessary for OpenID urls with unicode characters in the domain/host name.
It is also required to put the Uri class into RFC 3986 escaping mode, which OpenID and OAuth require. -->
+ <uri>
+ <idn enabled="All" />
+ <iriParsing enabled="true" />
+ </uri>
+ <system.net>
+ <defaultProxy enabled="true" />
+ <settings>
+ <!-- This setting causes .NET to check certificate revocation lists (CRL)
+ before trusting HTTPS certificates. But this setting tends to not
+ be allowed in shared hosting environments. -->
+ <!--<servicePointManager checkCertificateRevocationList="true"/>-->
+ </settings>
+ </system.net>
<!-- this is an optional configuration section where aspects of DotNetOpenAuth can be customized -->
<dotNetOpenAuth>
<openid>
@@ -26,6 +39,19 @@ <!-- Uncomment the following to activate the sample custom store. -->
<!--<store type="OpenIdProviderWebForms.Code.CustomStore, OpenIdProviderWebForms" />-->
</provider>
+ <relyingParty>
+ <security requireSsl="false">
+ <!-- Uncomment the trustedProviders tag if your relying party should only accept positive assertions from a closed set of OpenID Providers. -->
+ <!--<trustedProviders rejectAssertionsFromUntrustedProviders="true">
+ <add endpoint="https://www.google.com/accounts/o8/ud" />
+ </trustedProviders>-->
+ </security>
+ <behaviors>
+ <!-- The following OPTIONAL behavior allows RPs to use SREG only, but be compatible
+ with OPs that use Attribute Exchange (in various formats). -->
+ <add type="DotNetOpenAuth.OpenId.RelyingParty.Behaviors.AXFetchAsSregTransform, DotNetOpenAuth.OpenId.RelyingParty" />
+ </behaviors>
+ </relyingParty>
</openid>
<messaging>
<untrustedWebRequest>
@@ -111,27 +137,10 @@ <level value="INFO" />
</logger>
</log4net>
- <uri>
- <!-- See an error due to this section? When targeting .NET 3.5, please add the following line to your <configSections> at the top of this file:
- <section name="uri" type="System.Configuration.UriSection, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
- -->
- <!-- The uri section is necessary to turn on .NET 3.5 support for IDN (international domain names),
- which is necessary for OpenID urls with unicode characters in the domain/host name.
- It is also required to put the Uri class into RFC 3986 escaping mode, which OpenID and OAuth require. -->
- <idn enabled="All" />
- <iriParsing enabled="true" />
- </uri>
- <system.net>
- <defaultProxy enabled="true" />
- <settings>
- <!-- This setting causes .NET to check certificate revocation lists (CRL)
- before trusting HTTPS certificates. But this setting tends to not
- be allowed in shared hosting environments. -->
- <!--<servicePointManager checkCertificateRevocationList="true"/>-->
- </settings>
- </system.net>
<runtime>
- <!-- This prevents the Windows Event Log from frequently logging that HMAC1 is being used (when the other party needs it). -->
<legacyHMACWarning enabled="0" />
</runtime>
+ <system.webServer>
+ <modules runAllManagedModulesForAllRequests="true" />
+ </system.webServer>
</configuration>
\ No newline at end of file diff --git a/src/OpenID/OpenIdProviderWebForms/packages.config b/src/OpenID/OpenIdProviderWebForms/packages.config index f09d52e..d4ed20d 100644 --- a/src/OpenID/OpenIdProviderWebForms/packages.config +++ b/src/OpenID/OpenIdProviderWebForms/packages.config @@ -1,16 +1,22 @@ <?xml version="1.0" encoding="utf-8"?>
<packages>
- <package id="CodeContracts.Unofficial" version="1.0.0.2" />
- <package id="DotNetOpenAuth.Core" version="4.0.0.12084" />
- <package id="DotNetOpenAuth.Core.UI" version="4.0.0.12084" />
- <package id="DotNetOpenAuth.OAuth.Common" version="4.0.0.12084" />
- <package id="DotNetOpenAuth.OAuth.Consumer" version="4.0.0.12084" />
- <package id="DotNetOpenAuth.OAuth.Core" version="4.0.0.12084" />
- <package id="DotNetOpenAuth.OAuth.ServiceProvider" version="4.0.0.12084" />
- <package id="DotNetOpenAuth.OpenId.Core" version="4.0.0.12084" />
- <package id="DotNetOpenAuth.OpenId.Core.UI" version="4.0.0.12084" />
- <package id="DotNetOpenAuth.OpenId.Provider" version="4.0.0.12084" />
- <package id="DotNetOpenAuth.OpenId.Provider.UI" version="4.0.0.12084" />
- <package id="DotNetOpenAuth.OpenIdOAuth" version="4.0.0.12084" />
- <package id="log4net" version="2.0.0" />
+ <package id="CodeContracts.Unofficial" version="1.0.0.2" targetFramework="net40" />
+ <package id="DotNetOpenAuth" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.Core" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.Core.UI" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.InfoCard" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.InfoCard.UI" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OAuth.Common" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OAuth.Consumer" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OAuth.Core" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OAuth.ServiceProvider" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OpenId.Core" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OpenId.Core.UI" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OpenId.Provider" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OpenId.Provider.UI" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OpenId.RelyingParty" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OpenId.RelyingParty.UI" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OpenIdInfoCard.UI" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OpenIdOAuth" version="4.1.0.12182" targetFramework="net40" />
+ <package id="log4net" version="2.0.0" targetFramework="net40" />
</packages>
\ No newline at end of file diff --git a/src/OpenID/OpenIdRelyingPartyMvc/OpenIdRelyingPartyMvc.csproj b/src/OpenID/OpenIdRelyingPartyMvc/OpenIdRelyingPartyMvc.csproj index 8249a65..7c21b74 100644 --- a/src/OpenID/OpenIdRelyingPartyMvc/OpenIdRelyingPartyMvc.csproj +++ b/src/OpenID/OpenIdRelyingPartyMvc/OpenIdRelyingPartyMvc.csproj @@ -38,23 +38,23 @@ <CodeAnalysisRuleSet>AllRules.ruleset</CodeAnalysisRuleSet>
</PropertyGroup>
<ItemGroup>
- <Reference Include="DotNetOpenAuth.Core, Version=4.0.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
- <HintPath>..\..\..\packages\DotNetOpenAuth.Core.4.0.0.12084\lib\net40-full\DotNetOpenAuth.Core.dll</HintPath>
+ <Reference Include="DotNetOpenAuth.Core">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.Core.4.1.0.12182\lib\net40-full\DotNetOpenAuth.Core.dll</HintPath>
</Reference>
- <Reference Include="DotNetOpenAuth.Core.UI, Version=4.0.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
- <HintPath>..\..\..\packages\DotNetOpenAuth.Core.UI.4.0.0.12084\lib\net40-full\DotNetOpenAuth.Core.UI.dll</HintPath>
+ <Reference Include="DotNetOpenAuth.Core.UI">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.Core.UI.4.1.0.12182\lib\net40-full\DotNetOpenAuth.Core.UI.dll</HintPath>
</Reference>
- <Reference Include="DotNetOpenAuth.OpenId, Version=4.0.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
- <HintPath>..\..\..\packages\DotNetOpenAuth.OpenId.Core.4.0.0.12084\lib\net40-full\DotNetOpenAuth.OpenId.dll</HintPath>
+ <Reference Include="DotNetOpenAuth.OpenId">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OpenId.Core.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OpenId.dll</HintPath>
</Reference>
- <Reference Include="DotNetOpenAuth.OpenId.RelyingParty, Version=4.0.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
- <HintPath>..\..\..\packages\DotNetOpenAuth.OpenId.RelyingParty.4.0.0.12084\lib\net40-full\DotNetOpenAuth.OpenId.RelyingParty.dll</HintPath>
+ <Reference Include="DotNetOpenAuth.OpenId.RelyingParty">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OpenId.RelyingParty.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OpenId.RelyingParty.dll</HintPath>
</Reference>
- <Reference Include="DotNetOpenAuth.OpenId.RelyingParty.UI, Version=4.0.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
- <HintPath>..\..\..\packages\DotNetOpenAuth.OpenId.RelyingParty.UI.4.0.0.12084\lib\net40-full\DotNetOpenAuth.OpenId.RelyingParty.UI.dll</HintPath>
+ <Reference Include="DotNetOpenAuth.OpenId.RelyingParty.UI">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OpenId.RelyingParty.UI.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OpenId.RelyingParty.UI.dll</HintPath>
</Reference>
- <Reference Include="DotNetOpenAuth.OpenId.UI, Version=4.0.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
- <HintPath>..\..\..\packages\DotNetOpenAuth.OpenId.Core.UI.4.0.0.12084\lib\net40-full\DotNetOpenAuth.OpenId.UI.dll</HintPath>
+ <Reference Include="DotNetOpenAuth.OpenId.UI">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OpenId.Core.UI.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OpenId.UI.dll</HintPath>
</Reference>
<Reference Include="log4net">
<HintPath>..\..\..\packages\log4net.2.0.0\lib\net40-full\log4net.dll</HintPath>
diff --git a/src/OpenID/OpenIdRelyingPartyMvc/Web.config b/src/OpenID/OpenIdRelyingPartyMvc/Web.config index 123f3dd..bd74a19 100644 --- a/src/OpenID/OpenIdRelyingPartyMvc/Web.config +++ b/src/OpenID/OpenIdRelyingPartyMvc/Web.config @@ -2,7 +2,6 @@ <configuration>
<configSections>
<sectionGroup name="dotNetOpenAuth" type="DotNetOpenAuth.Configuration.DotNetOpenAuthSection, DotNetOpenAuth.Core">
- <section name="oauth" type="DotNetOpenAuth.Configuration.OAuthElement, DotNetOpenAuth.OAuth" requirePermission="false" allowLocation="true" />
<section name="messaging" type="DotNetOpenAuth.Configuration.MessagingElement, DotNetOpenAuth.Core" requirePermission="false" allowLocation="true" />
<section name="reporting" type="DotNetOpenAuth.Configuration.ReportingElement, DotNetOpenAuth.Core" requirePermission="false" allowLocation="true" />
<section name="openid" type="DotNetOpenAuth.Configuration.OpenIdElement, DotNetOpenAuth.OpenId" requirePermission="false" allowLocation="true" />
@@ -120,12 +119,9 @@ <legacyHMACWarning enabled="0" />
</runtime>
<uri>
- <!-- See an error due to this section? When targeting .NET 3.5, please add the following line to your <configSections> at the top of this file:
- <section name="uri" type="System.Configuration.UriSection, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
- -->
<!-- The uri section is necessary to turn on .NET 3.5 support for IDN (international domain names),
- which is necessary for OpenID urls with unicode characters in the domain/host name.
- It is also required to put the Uri class into RFC 3986 escaping mode, which OpenID and OAuth require. -->
+ which is necessary for OpenID urls with unicode characters in the domain/host name.
+ It is also required to put the Uri class into RFC 3986 escaping mode, which OpenID and OAuth require. -->
<idn enabled="All" />
<iriParsing enabled="true" />
</uri>
diff --git a/src/OpenID/OpenIdRelyingPartyMvc/packages.config b/src/OpenID/OpenIdRelyingPartyMvc/packages.config index cffb581..7819b1e 100644 --- a/src/OpenID/OpenIdRelyingPartyMvc/packages.config +++ b/src/OpenID/OpenIdRelyingPartyMvc/packages.config @@ -1,11 +1,11 @@ <?xml version="1.0" encoding="utf-8"?>
<packages>
- <package id="CodeContracts.Unofficial" version="1.0.0.2" />
- <package id="DotNetOpenAuth.Core" version="4.0.0.12084" />
- <package id="DotNetOpenAuth.Core.UI" version="4.0.0.12084" />
- <package id="DotNetOpenAuth.OpenId.Core" version="4.0.0.12084" />
- <package id="DotNetOpenAuth.OpenId.Core.UI" version="4.0.0.12084" />
- <package id="DotNetOpenAuth.OpenId.RelyingParty" version="4.0.0.12084" />
- <package id="DotNetOpenAuth.OpenId.RelyingParty.UI" version="4.0.0.12084" />
- <package id="log4net" version="2.0.0" />
+ <package id="CodeContracts.Unofficial" version="1.0.0.2" targetFramework="net40" />
+ <package id="DotNetOpenAuth.Core" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.Core.UI" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OpenId.Core" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OpenId.Core.UI" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OpenId.RelyingParty" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OpenId.RelyingParty.UI" version="4.1.0.12182" targetFramework="net40" />
+ <package id="log4net" version="2.0.0" targetFramework="net40" />
</packages>
\ No newline at end of file diff --git a/src/OpenID/OpenIdRelyingPartyWebForms/Code/CustomStore.cs b/src/OpenID/OpenIdRelyingPartyWebForms/Code/CustomStore.cs index f521c0e..1572c05 100644 --- a/src/OpenID/OpenIdRelyingPartyWebForms/Code/CustomStore.cs +++ b/src/OpenID/OpenIdRelyingPartyWebForms/Code/CustomStore.cs @@ -84,7 +84,7 @@ namespace OpenIdRelyingPartyWebForms.Code { public CryptoKey GetKey(string bucket, string handle) { var assocRow = dataSet.CryptoKey.FindByBucketHandle(bucket, handle); - return new CryptoKey(assocRow.Secret, assocRow.ExpiresUtc); + return assocRow == null ? null : new CryptoKey(assocRow.Secret, assocRow.ExpiresUtc); } public IEnumerable<KeyValuePair<string, CryptoKey>> GetKeys(string bucket) { diff --git a/src/OpenID/OpenIdRelyingPartyWebForms/MembersOnly/Default.aspx b/src/OpenID/OpenIdRelyingPartyWebForms/MembersOnly/Default.aspx index cbc13ee..59a4eed 100644 --- a/src/OpenID/OpenIdRelyingPartyWebForms/MembersOnly/Default.aspx +++ b/src/OpenID/OpenIdRelyingPartyWebForms/MembersOnly/Default.aspx @@ -18,6 +18,9 @@ <% } foreach (string policy in State.PapePolicies.ActualPolicies) { %> <li><%=HttpUtility.HtmlEncode(policy) %></li> + <% } + if (State.PapePolicies.AuthenticationTimeUtc.HasValue) { %> + <li>The provider authenticated the user at <%=State.PapePolicies.AuthenticationTimeUtc.Value.ToLocalTime() %> (local time)</li> <% } %> </ul> <% } %> diff --git a/src/OpenID/OpenIdRelyingPartyWebForms/Web.config b/src/OpenID/OpenIdRelyingPartyWebForms/Web.config index 3a667c2..cdd0754 100644 --- a/src/OpenID/OpenIdRelyingPartyWebForms/Web.config +++ b/src/OpenID/OpenIdRelyingPartyWebForms/Web.config @@ -1,7 +1,6 @@ <?xml version="1.0"?> <configuration> <configSections> - <section name="uri" type="System.Configuration.UriSection, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" /> <section name="log4net" type="log4net.Config.Log4NetConfigurationSectionHandler" requirePermission="false" /> <sectionGroup name="dotNetOpenAuth" type="DotNetOpenAuth.Configuration.DotNetOpenAuthSection, DotNetOpenAuth.Core"> <section name="openid" type="DotNetOpenAuth.Configuration.OpenIdElement, DotNetOpenAuth.OpenId" requirePermission="false" allowLocation="true" /> @@ -71,7 +70,7 @@ <system.web> <!--<sessionState cookieless="true" />--> - <compilation debug="true"> + <compilation debug="true" targetFramework="4.0"> <assemblies> <remove assembly="DotNetOpenAuth.Contracts"/> </assemblies> @@ -88,6 +87,7 @@ Low: doesn't work because WebPermission.Connect is denied. --> <trust level="Medium" originUrl=".*"/> + <pages controlRenderingCompatibilityVersion="3.5" clientIDMode="AutoID"/> </system.web> <!-- log4net is a 3rd party (free) logger library that DotNetOpenAuth will use if present but does not require. --> @@ -123,4 +123,7 @@ <runtime> <legacyHMACWarning enabled="0" /> </runtime> + <system.webServer> + <modules runAllManagedModulesForAllRequests="true" /> + </system.webServer> </configuration> diff --git a/src/OpenID/OpenIdRelyingPartyWebForms/login.aspx b/src/OpenID/OpenIdRelyingPartyWebForms/login.aspx index 98eee7a..17a230a 100644 --- a/src/OpenID/OpenIdRelyingPartyWebForms/login.aspx +++ b/src/OpenID/OpenIdRelyingPartyWebForms/login.aspx @@ -20,6 +20,10 @@ <asp:ListItem Text="Request physical multi-factor authentication" Value="http://schemas.openid.net/pape/policies/2007/06/multi-factor-physical" /> <asp:ListItem Text="Request PPID identifier" Value="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier" /> </asp:CheckBoxList> + <p>Request that the Provider have authenticated the user in the last + <asp:TextBox runat="server" ID="maxAuthTimeBox" MaxLength="4" Columns="4" /> + seconds. + </p> <p>Try the PPID identifier functionality against the OpenIDProviderMvc sample.</p> </fieldset> <p><a href="loginGoogleApps.aspx">Log in using Google Apps for Domains</a>. </p> diff --git a/src/OpenID/OpenIdRelyingPartyWebForms/login.aspx.cs b/src/OpenID/OpenIdRelyingPartyWebForms/login.aspx.cs index 6721e9b..3b5466c 100644 --- a/src/OpenID/OpenIdRelyingPartyWebForms/login.aspx.cs +++ b/src/OpenID/OpenIdRelyingPartyWebForms/login.aspx.cs @@ -45,12 +45,18 @@ namespace OpenIdRelyingPartyWebForms { } // Add the PAPE extension if any policy was requested. + var pape = new PolicyRequest(); if (policies.Count > 0) { - var pape = new PolicyRequest(); foreach (string policy in policies) { pape.PreferredPolicies.Add(policy); } + } + + if (this.maxAuthTimeBox.Text.Length > 0) { + pape.MaximumAuthenticationAge = TimeSpan.FromSeconds(double.Parse(this.maxAuthTimeBox.Text)); + } + if (pape.PreferredPolicies.Count > 0 || pape.MaximumAuthenticationAge.HasValue) { request.AddExtension(pape); } } diff --git a/src/OpenID/OpenIdRelyingPartyWebForms/login.aspx.designer.cs b/src/OpenID/OpenIdRelyingPartyWebForms/login.aspx.designer.cs index 017d259..9ee9edc 100644 --- a/src/OpenID/OpenIdRelyingPartyWebForms/login.aspx.designer.cs +++ b/src/OpenID/OpenIdRelyingPartyWebForms/login.aspx.designer.cs @@ -40,6 +40,15 @@ namespace OpenIdRelyingPartyWebForms { protected global::System.Web.UI.WebControls.CheckBoxList papePolicies; /// <summary> + /// maxAuthTimeBox control. + /// </summary> + /// <remarks> + /// Auto-generated field. + /// To modify move field declaration from designer file to code-behind file. + /// </remarks> + protected global::System.Web.UI.WebControls.TextBox maxAuthTimeBox; + + /// <summary> /// yahooLoginButton control. /// </summary> /// <remarks> diff --git a/src/OpenID/OpenIdRelyingPartyWebFormsVB/Global.asax.vb b/src/OpenID/OpenIdRelyingPartyWebFormsVB/Global.asax.vb index 257e11a..7622d2d 100644 --- a/src/OpenID/OpenIdRelyingPartyWebFormsVB/Global.asax.vb +++ b/src/OpenID/OpenIdRelyingPartyWebFormsVB/Global.asax.vb @@ -6,60 +6,61 @@ Imports System.Text Imports System.Web Imports DotNetOpenAuth.ApplicationBlock Imports OpenIdRelyingPartyWebFormsVB +Imports log4net Public Class Global_asax - Inherits HttpApplication + Inherits HttpApplication - Public Shared Logger As log4net.ILog = log4net.LogManager.GetLogger(GetType(Global_asax)) + Public Shared Logger As ILog = log4net.LogManager.GetLogger(GetType(Global_asax)) - Friend Shared LogMessages As StringBuilder = New StringBuilder + Friend Shared LogMessages As StringBuilder = New StringBuilder - Public Shared Function CollectionToString(ByVal collection As NameValueCollection) As String - Dim sw As StringWriter = New StringWriter - For Each key As String In collection.Keys - sw.WriteLine("{0} = '{1}'", key, collection(key)) - Next - Return sw.ToString - End Function + Public Shared Function CollectionToString(ByVal collection As NameValueCollection) As String + Dim sw As StringWriter = New StringWriter + For Each key As String In collection.Keys + sw.WriteLine("{0} = '{1}'", key, collection(key)) + Next + Return sw.ToString + End Function - Protected Sub Application_Start(ByVal sender As Object, ByVal e As EventArgs) - log4net.Config.XmlConfigurator.Configure() - Logger.Info("Sample starting...") - End Sub + Protected Sub Application_Start(ByVal sender As Object, ByVal e As EventArgs) + log4net.Config.XmlConfigurator.Configure() + Logger.Info("Sample starting...") + End Sub - Protected Sub Application_End(ByVal sender As Object, ByVal e As EventArgs) - Logger.Info("Sample shutting down...") - ' this would be automatic, but in partial trust scenarios it is not. - log4net.LogManager.Shutdown() - End Sub + Protected Sub Application_End(ByVal sender As Object, ByVal e As EventArgs) + Logger.Info("Sample shutting down...") + ' this would be automatic, but in partial trust scenarios it is not. + log4net.LogManager.Shutdown() + End Sub - Protected Sub Application_BeginRequest(ByVal sender As Object, ByVal e As EventArgs) - ' System.Diagnostics.Debugger.Launch(); - Logger.DebugFormat("Processing {0} on {1} ", Request.HttpMethod, stripQueryString(Request.Url)) - If (Request.QueryString.Count > 0) Then - Logger.DebugFormat("Querystring follows: " & vbLf & "{0}", CollectionToString(Request.QueryString)) - End If - If (Request.Form.Count > 0) Then - Logger.DebugFormat("Posted form follows: " & vbLf & "{0}", CollectionToString(Request.Form)) - End If - End Sub + Protected Sub Application_BeginRequest(ByVal sender As Object, ByVal e As EventArgs) + ' System.Diagnostics.Debugger.Launch(); + Logger.DebugFormat("Processing {0} on {1} ", Request.HttpMethod, stripQueryString(Request.Url)) + If (Request.QueryString.Count > 0) Then + Logger.DebugFormat("Querystring follows: " & vbLf & "{0}", CollectionToString(Request.QueryString)) + End If + If (Request.Form.Count > 0) Then + Logger.DebugFormat("Posted form follows: " & vbLf & "{0}", CollectionToString(Request.Form)) + End If + End Sub - Protected Sub Application_AuthenticateRequest(ByVal sender As Object, ByVal e As EventArgs) - Logger.DebugFormat("User {0} authenticated.", (Not (HttpContext.Current.User) Is Nothing)) - 'TODO: Warning!!!, inline IF is not supported ? - End Sub + Protected Sub Application_AuthenticateRequest(ByVal sender As Object, ByVal e As EventArgs) + Logger.DebugFormat("User {0} authenticated.", (Not (HttpContext.Current.User) Is Nothing)) + 'TODO: Warning!!!, inline IF is not supported ? + End Sub - Protected Sub Application_EndRequest(ByVal sender As Object, ByVal e As EventArgs) + Protected Sub Application_EndRequest(ByVal sender As Object, ByVal e As EventArgs) - End Sub + End Sub - Protected Sub Application_Error(ByVal sender As Object, ByVal e As EventArgs) - Logger.ErrorFormat("An unhandled exception was raised. Details follow: {0}", HttpContext.Current.Server.GetLastError) - End Sub + Protected Sub Application_Error(ByVal sender As Object, ByVal e As EventArgs) + Logger.ErrorFormat("An unhandled exception was raised. Details follow: {0}", HttpContext.Current.Server.GetLastError) + End Sub - Private Shared Function stripQueryString(ByVal uri As Uri) As String - Dim builder As UriBuilder = New UriBuilder(uri) - builder.Query = Nothing - Return builder.ToString - End Function + Private Shared Function stripQueryString(ByVal uri As Uri) As String + Dim builder As UriBuilder = New UriBuilder(uri) + builder.Query = Nothing + Return builder.ToString + End Function End Class
\ No newline at end of file diff --git a/src/OpenID/OpenIdRelyingPartyWebFormsVB/OpenIdRelyingPartyWebFormsVB.vbproj b/src/OpenID/OpenIdRelyingPartyWebFormsVB/OpenIdRelyingPartyWebFormsVB.vbproj index de7d05c..dfc0818 100644 --- a/src/OpenID/OpenIdRelyingPartyWebFormsVB/OpenIdRelyingPartyWebFormsVB.vbproj +++ b/src/OpenID/OpenIdRelyingPartyWebFormsVB/OpenIdRelyingPartyWebFormsVB.vbproj @@ -49,23 +49,23 @@ <CodeAnalysisRuleSet>AllRules.ruleset</CodeAnalysisRuleSet> </PropertyGroup> <ItemGroup> - <Reference Include="DotNetOpenAuth.Core"> - <HintPath>..\..\..\packages\DotNetOpenAuth.Core.4.0.0-RC1\lib\net40-full\DotNetOpenAuth.Core.dll</HintPath> + <Reference Include="DotNetOpenAuth.Core, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL"> + <HintPath>..\..\..\packages\DotNetOpenAuth.Core.4.1.0.12182\lib\net40-full\DotNetOpenAuth.Core.dll</HintPath> </Reference> <Reference Include="DotNetOpenAuth.Core.UI"> - <HintPath>..\..\..\packages\DotNetOpenAuth.Core.UI.4.0.0-RC1\lib\net40-full\DotNetOpenAuth.Core.UI.dll</HintPath> + <HintPath>..\..\..\packages\DotNetOpenAuth.Core.UI.4.1.0.12182\lib\net40-full\DotNetOpenAuth.Core.UI.dll</HintPath> </Reference> - <Reference Include="DotNetOpenAuth.OpenId"> - <HintPath>..\..\..\packages\DotNetOpenAuth.OpenId.Core.4.0.0-RC1\lib\net40-full\DotNetOpenAuth.OpenId.dll</HintPath> + <Reference Include="DotNetOpenAuth.OpenId, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL"> + <HintPath>..\..\..\packages\DotNetOpenAuth.OpenId.Core.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OpenId.dll</HintPath> </Reference> - <Reference Include="DotNetOpenAuth.OpenId.RelyingParty"> - <HintPath>..\..\..\packages\DotNetOpenAuth.OpenId.RelyingParty.4.0.0-RC1\lib\net40-full\DotNetOpenAuth.OpenId.RelyingParty.dll</HintPath> + <Reference Include="DotNetOpenAuth.OpenId.RelyingParty, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL"> + <HintPath>..\..\..\packages\DotNetOpenAuth.OpenId.RelyingParty.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OpenId.RelyingParty.dll</HintPath> </Reference> <Reference Include="DotNetOpenAuth.OpenId.RelyingParty.UI"> - <HintPath>..\..\..\packages\DotNetOpenAuth.OpenId.RelyingParty.UI.4.0.0-RC1\lib\net40-full\DotNetOpenAuth.OpenId.RelyingParty.UI.dll</HintPath> + <HintPath>..\..\..\packages\DotNetOpenAuth.OpenId.RelyingParty.UI.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OpenId.RelyingParty.UI.dll</HintPath> </Reference> <Reference Include="DotNetOpenAuth.OpenId.UI"> - <HintPath>..\..\..\packages\DotNetOpenAuth.OpenId.Core.UI.4.0.0-RC1\lib\net40-full\DotNetOpenAuth.OpenId.UI.dll</HintPath> + <HintPath>..\..\..\packages\DotNetOpenAuth.OpenId.Core.UI.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OpenId.UI.dll</HintPath> </Reference> <Reference Include="log4net"> <HintPath>..\..\..\packages\log4net.2.0.0\lib\net40-full\log4net.dll</HintPath> diff --git a/src/OpenID/OpenIdRelyingPartyWebFormsVB/Web.config b/src/OpenID/OpenIdRelyingPartyWebFormsVB/Web.config index 98bc562..cb23a00 100644 --- a/src/OpenID/OpenIdRelyingPartyWebFormsVB/Web.config +++ b/src/OpenID/OpenIdRelyingPartyWebFormsVB/Web.config @@ -1,10 +1,9 @@ -<?xml version="1.0" encoding="utf-8"?> +<?xml version="1.0"?> <configuration> <configSections> - <section name="uri" type="System.Configuration.UriSection, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" /> <section name="log4net" type="log4net.Config.Log4NetConfigurationSectionHandler" requirePermission="false" /> <sectionGroup name="dotNetOpenAuth" type="DotNetOpenAuth.Configuration.DotNetOpenAuthSection, DotNetOpenAuth.Core"> - <section name="openid" type="DotNetOpenAuth.Configuration.OpenIdElement, DotNetOpenAuth.OpenId" requirePermission="false" allowLocation="true" /> + <section name="openid" type="DotNetOpenAuth.Configuration.OpenIdElement, DotNetOpenAuth.OpenId" requirePermission="false" allowLocation="true" /> <section name="oauth" type="DotNetOpenAuth.Configuration.OAuthElement, DotNetOpenAuth.OAuth" requirePermission="false" allowLocation="true" /> <section name="messaging" type="DotNetOpenAuth.Configuration.MessagingElement, DotNetOpenAuth.Core" requirePermission="false" allowLocation="true" /> <section name="reporting" type="DotNetOpenAuth.Configuration.ReportingElement, DotNetOpenAuth.Core" requirePermission="false" allowLocation="true" /> @@ -13,19 +12,21 @@ <!-- The uri section is necessary to turn on .NET 3.5 support for IDN (international domain names), which is necessary for OpenID urls with unicode characters in the domain/host name. It is also required to put the Uri class into RFC 3986 escaping mode, which OpenID and OAuth require. --> - <uri> - <idn enabled="All" /> - <iriParsing enabled="true" /> - </uri> - <system.net> - <defaultProxy enabled="true" /> - <settings> - <!-- This setting causes .NET to check certificate revocation lists (CRL) - before trusting HTTPS certificates. But this setting tends to not - be allowed in shared hosting environments. --> - <!--<servicePointManager checkCertificateRevocationList="true"/>--> - </settings> - </system.net> + <uri> + <idn enabled="All"/> + <iriParsing enabled="true"/> + </uri> + + <system.net> + <defaultProxy enabled="true" /> + <settings> + <!-- This setting causes .NET to check certificate revocation lists (CRL) + before trusting HTTPS certificates. But this setting tends to not + be allowed in shared hosting environments. --> + <!--<servicePointManager checkCertificateRevocationList="true"/>--> + </settings> + </system.net> + <!-- this is an optional configuration section where aspects of dotnetopenauth can be customized --> <dotNetOpenAuth> <openid> @@ -33,29 +34,29 @@ <security requireSsl="false"> <!-- Uncomment the trustedProviders tag if your relying party should only accept positive assertions from a closed set of OpenID Providers. --> <!--<trustedProviders rejectAssertionsFromUntrustedProviders="true"> - <add endpoint="https://www.google.com/accounts/o8/ud" /> - </trustedProviders>--> + <add endpoint="https://www.google.com/accounts/o8/ud" /> + </trustedProviders>--> </security> <behaviors> <!-- The following OPTIONAL behavior allows RPs to use SREG only, but be compatible - with OPs that use Attribute Exchange (in various formats). --> + with OPs that use Attribute Exchange (in various formats). --> <add type="DotNetOpenAuth.OpenId.RelyingParty.Behaviors.AXFetchAsSregTransform, DotNetOpenAuth.OpenId.RelyingParty" /> - <!--<add type="DotNetOpenAuth.OpenId.RelyingParty.Behaviors.GsaIcamProfile, DotNetOpenAuth.OpenId.RelyingParty" />--> + <!--<add type="DotNetOpenAuth.OpenId.RelyingParty.Behaviors.GsaIcamProfile, DotNetOpenAuth.OpenId.RelyingParty" />--> </behaviors> - <!-- Uncomment the following to activate the sample custom store. --> - <!--<store type="OpenIdRelyingPartyWebFormsVB.CustomStore, OpenIdRelyingPartyWebFormsVB" />--> + <!-- Uncomment the following to activate the sample custom store. --> + <!--<store type="OpenIdRelyingPartyWebFormsVB.CustomStore, OpenIdRelyingPartyWebFormsVB" />--> </relyingParty> </openid> - <messaging> - <untrustedWebRequest> - <whitelistHosts> - <!-- since this is a sample, and will often be used with localhost --> - <add name="localhost" /> - </whitelistHosts> - </untrustedWebRequest> - </messaging> - <!-- Allow DotNetOpenAuth to publish usage statistics to library authors to improve the library. --> - <reporting enabled="true" /> + <messaging> + <untrustedWebRequest> + <whitelistHosts> + <!-- since this is a sample, and will often be used with localhost --> + <add name="localhost" /> + </whitelistHosts> + </untrustedWebRequest> + </messaging> + <!-- Allow DotNetOpenAuth to publish usage statistics to library authors to improve the library. --> + <reporting enabled="true" /> </dotNetOpenAuth> <appSettings> <!-- Fill in your various consumer keys and secrets here to make the sample work. --> @@ -73,8 +74,7 @@ </compilation> <customErrors mode="RemoteOnly" /> <authentication mode="Forms"> - <forms name="OpenIdRelyingPartyVBSession" /> - <!-- named cookie prevents conflicts with other samples --> + <forms name="OpenIdRelyingPartyVBSession"/> <!-- named cookie prevents conflicts with other samples --> </authentication> <trace enabled="false" writeToDiagnosticsTrace="true" /> <!-- Trust level discussion: @@ -117,11 +117,8 @@ </log4net> <runtime> <legacyHMACWarning enabled="0" /> - <assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1"> - <dependentAssembly> - <assemblyIdentity name="System.Web.Mvc" publicKeyToken="31bf3856ad364e35" /> - <bindingRedirect oldVersion="1.0.0.0" newVersion="2.0.0.0" /> - </dependentAssembly> - </assemblyBinding> </runtime> + <system.webServer> + <modules runAllManagedModulesForAllRequests="true" /> + </system.webServer> </configuration>
\ No newline at end of file diff --git a/src/OpenID/OpenIdRelyingPartyWebFormsVB/packages.config b/src/OpenID/OpenIdRelyingPartyWebFormsVB/packages.config index e4866e8..736a50a 100644 --- a/src/OpenID/OpenIdRelyingPartyWebFormsVB/packages.config +++ b/src/OpenID/OpenIdRelyingPartyWebFormsVB/packages.config @@ -1,11 +1,11 @@ <?xml version="1.0" encoding="utf-8"?> <packages> - <package id="CodeContracts.Unofficial" version="1.0.0.2" /> - <package id="DotNetOpenAuth.Core" version="4.0.0-RC1" /> - <package id="DotNetOpenAuth.Core.UI" version="4.0.0-RC1" /> - <package id="DotNetOpenAuth.OpenId.Core" version="4.0.0-RC1" /> - <package id="DotNetOpenAuth.OpenId.Core.UI" version="4.0.0-RC1" /> - <package id="DotNetOpenAuth.OpenId.RelyingParty" version="4.0.0-RC1" /> - <package id="DotNetOpenAuth.OpenId.RelyingParty.UI" version="4.0.0-RC1" /> - <package id="log4net" version="2.0.0" /> + <package id="CodeContracts.Unofficial" version="1.0.0.2" targetFramework="net40" /> + <package id="DotNetOpenAuth.Core" version="4.1.0.12182" targetFramework="net40" /> + <package id="DotNetOpenAuth.Core.UI" version="4.1.0.12182" targetFramework="net40" /> + <package id="DotNetOpenAuth.OpenId.Core" version="4.1.0.12182" targetFramework="net40" /> + <package id="DotNetOpenAuth.OpenId.Core.UI" version="4.1.0.12182" targetFramework="net40" /> + <package id="DotNetOpenAuth.OpenId.RelyingParty" version="4.1.0.12182" targetFramework="net40" /> + <package id="DotNetOpenAuth.OpenId.RelyingParty.UI" version="4.1.0.12182" targetFramework="net40" /> + <package id="log4net" version="2.0.0" targetFramework="net40" /> </packages>
\ No newline at end of file diff --git a/src/OpenID/OpenIdWebRingSsoProvider/OpenIdWebRingSsoProvider.csproj b/src/OpenID/OpenIdWebRingSsoProvider/OpenIdWebRingSsoProvider.csproj index 2f1460d..80cd64e 100644 --- a/src/OpenID/OpenIdWebRingSsoProvider/OpenIdWebRingSsoProvider.csproj +++ b/src/OpenID/OpenIdWebRingSsoProvider/OpenIdWebRingSsoProvider.csproj @@ -42,23 +42,23 @@ <CodeAnalysisRuleSet>AllRules.ruleset</CodeAnalysisRuleSet>
</PropertyGroup>
<ItemGroup>
- <Reference Include="DotNetOpenAuth.Core, Version=4.0.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
- <HintPath>..\..\..\packages\DotNetOpenAuth.Core.4.0.0.12084\lib\net40-full\DotNetOpenAuth.Core.dll</HintPath>
+ <Reference Include="DotNetOpenAuth.Core">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.Core.4.1.0.12182\lib\net40-full\DotNetOpenAuth.Core.dll</HintPath>
</Reference>
- <Reference Include="DotNetOpenAuth.Core.UI, Version=4.0.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
- <HintPath>..\..\..\packages\DotNetOpenAuth.Core.UI.4.0.0.12084\lib\net40-full\DotNetOpenAuth.Core.UI.dll</HintPath>
+ <Reference Include="DotNetOpenAuth.Core.UI">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.Core.UI.4.1.0.12182\lib\net40-full\DotNetOpenAuth.Core.UI.dll</HintPath>
</Reference>
- <Reference Include="DotNetOpenAuth.OpenId, Version=4.0.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
- <HintPath>..\..\..\packages\DotNetOpenAuth.OpenId.Core.4.0.0.12084\lib\net40-full\DotNetOpenAuth.OpenId.dll</HintPath>
+ <Reference Include="DotNetOpenAuth.OpenId">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OpenId.Core.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OpenId.dll</HintPath>
</Reference>
- <Reference Include="DotNetOpenAuth.OpenId.Provider, Version=4.0.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
- <HintPath>..\..\..\packages\DotNetOpenAuth.OpenId.Provider.4.0.0.12084\lib\net40-full\DotNetOpenAuth.OpenId.Provider.dll</HintPath>
+ <Reference Include="DotNetOpenAuth.OpenId.Provider">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OpenId.Provider.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OpenId.Provider.dll</HintPath>
</Reference>
- <Reference Include="DotNetOpenAuth.OpenId.Provider.UI, Version=4.0.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
- <HintPath>..\..\..\packages\DotNetOpenAuth.OpenId.Provider.UI.4.0.0.12084\lib\net40-full\DotNetOpenAuth.OpenId.Provider.UI.dll</HintPath>
+ <Reference Include="DotNetOpenAuth.OpenId.Provider.UI">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OpenId.Provider.UI.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OpenId.Provider.UI.dll</HintPath>
</Reference>
- <Reference Include="DotNetOpenAuth.OpenId.UI, Version=4.0.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
- <HintPath>..\..\..\packages\DotNetOpenAuth.OpenId.Core.UI.4.0.0.12084\lib\net40-full\DotNetOpenAuth.OpenId.UI.dll</HintPath>
+ <Reference Include="DotNetOpenAuth.OpenId.UI">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OpenId.Core.UI.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OpenId.UI.dll</HintPath>
</Reference>
<Reference Include="System" />
<Reference Include="System.Data" />
diff --git a/src/OpenID/OpenIdWebRingSsoProvider/Web.config b/src/OpenID/OpenIdWebRingSsoProvider/Web.config index 1c16c9a..227faa7 100644 --- a/src/OpenID/OpenIdWebRingSsoProvider/Web.config +++ b/src/OpenID/OpenIdWebRingSsoProvider/Web.config @@ -1,7 +1,6 @@ <?xml version="1.0" encoding="utf-8"?>
<configuration>
<configSections>
- <section name="uri" type="System.Configuration.UriSection, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
<section name="log4net" type="log4net.Config.Log4NetConfigurationSectionHandler" requirePermission="false" />
<sectionGroup name="dotNetOpenAuth" type="DotNetOpenAuth.Configuration.DotNetOpenAuthSection, DotNetOpenAuth.Core">
<section name="openid" type="DotNetOpenAuth.Configuration.OpenIdElement, DotNetOpenAuth.OpenId" requirePermission="false" allowLocation="true" />
@@ -21,8 +20,8 @@ <defaultProxy enabled="true" />
<settings>
<!-- This setting causes .NET to check certificate revocation lists (CRL)
- before trusting HTTPS certificates. But this setting tends to not
- be allowed in shared hosting environments. -->
+ before trusting HTTPS certificates. But this setting tends to not
+ be allowed in shared hosting environments. -->
<!--<servicePointManager checkCertificateRevocationList="true"/>-->
</settings>
</system.net>
@@ -82,7 +81,7 @@ -->
<authentication mode="Windows" />
<!--<authentication mode="Forms">
- -->
+ -->
<!-- named cookie prevents conflicts with other samples -->
<!--
<forms name="OpenIDWebRingSsoProvider"/>
@@ -105,14 +104,11 @@ The system.webServer section is required for running ASP.NET AJAX under Internet
Information Services 7.0. It is not necessary for previous version of IIS.
-->
+ <system.webServer>
+ <modules runAllManagedModulesForAllRequests="true" />
+ </system.webServer>
<runtime>
<!-- This prevents the Windows Event Log from frequently logging that HMAC1 is being used (when the other party needs it). -->
<legacyHMACWarning enabled="0" />
- <assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
- <dependentAssembly>
- <assemblyIdentity name="System.Web.Mvc" publicKeyToken="31bf3856ad364e35" />
- <bindingRedirect oldVersion="1.0.0.0" newVersion="2.0.0.0" />
- </dependentAssembly>
- </assemblyBinding>
</runtime>
</configuration>
\ No newline at end of file diff --git a/src/OpenID/OpenIdWebRingSsoProvider/packages.config b/src/OpenID/OpenIdWebRingSsoProvider/packages.config index cfe9741..f40554e 100644 --- a/src/OpenID/OpenIdWebRingSsoProvider/packages.config +++ b/src/OpenID/OpenIdWebRingSsoProvider/packages.config @@ -1,10 +1,10 @@ <?xml version="1.0" encoding="utf-8"?>
<packages>
- <package id="CodeContracts.Unofficial" version="1.0.0.2" />
- <package id="DotNetOpenAuth.Core" version="4.0.0.12084" />
- <package id="DotNetOpenAuth.Core.UI" version="4.0.0.12084" />
- <package id="DotNetOpenAuth.OpenId.Core" version="4.0.0.12084" />
- <package id="DotNetOpenAuth.OpenId.Core.UI" version="4.0.0.12084" />
- <package id="DotNetOpenAuth.OpenId.Provider" version="4.0.0.12084" />
- <package id="DotNetOpenAuth.OpenId.Provider.UI" version="4.0.0.12084" />
+ <package id="CodeContracts.Unofficial" version="1.0.0.2" targetFramework="net40" />
+ <package id="DotNetOpenAuth.Core" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.Core.UI" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OpenId.Core" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OpenId.Core.UI" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OpenId.Provider" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OpenId.Provider.UI" version="4.1.0.12182" targetFramework="net40" />
</packages>
\ No newline at end of file diff --git a/src/OpenID/OpenIdWebRingSsoRelyingParty/OpenIdWebRingSsoRelyingParty.csproj b/src/OpenID/OpenIdWebRingSsoRelyingParty/OpenIdWebRingSsoRelyingParty.csproj index 0fcbf1b..4c2442e 100644 --- a/src/OpenID/OpenIdWebRingSsoRelyingParty/OpenIdWebRingSsoRelyingParty.csproj +++ b/src/OpenID/OpenIdWebRingSsoRelyingParty/OpenIdWebRingSsoRelyingParty.csproj @@ -42,23 +42,23 @@ <CodeAnalysisRuleSet>AllRules.ruleset</CodeAnalysisRuleSet>
</PropertyGroup>
<ItemGroup>
- <Reference Include="DotNetOpenAuth.Core, Version=4.0.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
- <HintPath>..\..\..\packages\DotNetOpenAuth.Core.4.0.0.12084\lib\net40-full\DotNetOpenAuth.Core.dll</HintPath>
+ <Reference Include="DotNetOpenAuth.Core">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.Core.4.1.0.12182\lib\net40-full\DotNetOpenAuth.Core.dll</HintPath>
</Reference>
- <Reference Include="DotNetOpenAuth.Core.UI, Version=4.0.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
- <HintPath>..\..\..\packages\DotNetOpenAuth.Core.UI.4.0.0.12084\lib\net40-full\DotNetOpenAuth.Core.UI.dll</HintPath>
+ <Reference Include="DotNetOpenAuth.Core.UI">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.Core.UI.4.1.0.12182\lib\net40-full\DotNetOpenAuth.Core.UI.dll</HintPath>
</Reference>
- <Reference Include="DotNetOpenAuth.OpenId, Version=4.0.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
- <HintPath>..\..\..\packages\DotNetOpenAuth.OpenId.Core.4.0.0.12084\lib\net40-full\DotNetOpenAuth.OpenId.dll</HintPath>
+ <Reference Include="DotNetOpenAuth.OpenId">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OpenId.Core.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OpenId.dll</HintPath>
</Reference>
- <Reference Include="DotNetOpenAuth.OpenId.RelyingParty, Version=4.0.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
- <HintPath>..\..\..\packages\DotNetOpenAuth.OpenId.RelyingParty.4.0.0.12084\lib\net40-full\DotNetOpenAuth.OpenId.RelyingParty.dll</HintPath>
+ <Reference Include="DotNetOpenAuth.OpenId.RelyingParty">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OpenId.RelyingParty.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OpenId.RelyingParty.dll</HintPath>
</Reference>
- <Reference Include="DotNetOpenAuth.OpenId.RelyingParty.UI, Version=4.0.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
- <HintPath>..\..\..\packages\DotNetOpenAuth.OpenId.RelyingParty.UI.4.0.0.12084\lib\net40-full\DotNetOpenAuth.OpenId.RelyingParty.UI.dll</HintPath>
+ <Reference Include="DotNetOpenAuth.OpenId.RelyingParty.UI">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OpenId.RelyingParty.UI.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OpenId.RelyingParty.UI.dll</HintPath>
</Reference>
- <Reference Include="DotNetOpenAuth.OpenId.UI, Version=4.0.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
- <HintPath>..\..\..\packages\DotNetOpenAuth.OpenId.Core.UI.4.0.0.12084\lib\net40-full\DotNetOpenAuth.OpenId.UI.dll</HintPath>
+ <Reference Include="DotNetOpenAuth.OpenId.UI">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OpenId.Core.UI.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OpenId.UI.dll</HintPath>
</Reference>
<Reference Include="System" />
<Reference Include="System.Data" />
diff --git a/src/OpenID/OpenIdWebRingSsoRelyingParty/Web.config b/src/OpenID/OpenIdWebRingSsoRelyingParty/Web.config index 1fd2d6c..3316415 100644 --- a/src/OpenID/OpenIdWebRingSsoRelyingParty/Web.config +++ b/src/OpenID/OpenIdWebRingSsoRelyingParty/Web.config @@ -14,16 +14,6 @@ It is also required to put the Uri class into RFC 3986 escaping mode, which OpenID and OAuth require. -->
<!-- this is an optional configuration section where aspects of dotnetopenauth can be customized -->
<dotNetOpenAuth>
- <messaging>
- <untrustedWebRequest>
- <whitelistHosts>
- <!-- since this is a sample, and will often be used with localhost -->
- <add name="localhost" />
- </whitelistHosts>
- </untrustedWebRequest>
- </messaging>
- <!-- Allow DotNetOpenAuth to publish usage statistics to library authors to improve the library. -->
- <reporting enabled="true" />
<openid>
<relyingParty>
<security requireSsl="false">
@@ -36,9 +26,22 @@ <!-- The following OPTIONAL behavior allows RPs to use SREG only, but be compatible
with OPs that use Attribute Exchange (in various formats). -->
<add type="DotNetOpenAuth.OpenId.RelyingParty.Behaviors.AXFetchAsSregTransform, DotNetOpenAuth.OpenId.RelyingParty" />
+ <!--<add type="DotNetOpenAuth.OpenId.RelyingParty.Behaviors.GsaIcamProfile, DotNetOpenAuth.OpenId.RelyingParty" />-->
</behaviors>
+ <!-- Uncomment the following to activate the sample custom store. -->
+ <!--<store type="OpenIdRelyingPartyWebForms.CustomStore, OpenIdRelyingPartyWebForms" />-->
</relyingParty>
</openid>
+ <messaging>
+ <untrustedWebRequest>
+ <whitelistHosts>
+ <!-- since this is a sample, and will often be used with localhost -->
+ <add name="localhost" />
+ </whitelistHosts>
+ </untrustedWebRequest>
+ </messaging>
+ <!-- Allow DotNetOpenAuth to publish usage statistics to library authors to improve the library. -->
+ <reporting enabled="true" />
</dotNetOpenAuth>
<appSettings>
<add key="SsoProviderOPIdentifier" value="http://localhost:39167/" />
@@ -103,6 +106,9 @@ </authorization>
</system.web>
</location>
+ <system.webServer>
+ <modules runAllManagedModulesForAllRequests="true" />
+ </system.webServer>
<system.net>
<defaultProxy enabled="true" />
<settings>
@@ -117,12 +123,9 @@ <legacyHMACWarning enabled="0" />
</runtime>
<uri>
- <!-- See an error due to this section? When targeting .NET 3.5, please add the following line to your <configSections> at the top of this file:
- <section name="uri" type="System.Configuration.UriSection, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
- -->
<!-- The uri section is necessary to turn on .NET 3.5 support for IDN (international domain names),
- which is necessary for OpenID urls with unicode characters in the domain/host name.
- It is also required to put the Uri class into RFC 3986 escaping mode, which OpenID and OAuth require. -->
+ which is necessary for OpenID urls with unicode characters in the domain/host name.
+ It is also required to put the Uri class into RFC 3986 escaping mode, which OpenID and OAuth require. -->
<idn enabled="All" />
<iriParsing enabled="true" />
</uri>
diff --git a/src/OpenID/OpenIdWebRingSsoRelyingParty/packages.config b/src/OpenID/OpenIdWebRingSsoRelyingParty/packages.config index 7528b62..eb04872 100644 --- a/src/OpenID/OpenIdWebRingSsoRelyingParty/packages.config +++ b/src/OpenID/OpenIdWebRingSsoRelyingParty/packages.config @@ -1,10 +1,10 @@ <?xml version="1.0" encoding="utf-8"?>
<packages>
- <package id="CodeContracts.Unofficial" version="1.0.0.2" />
- <package id="DotNetOpenAuth.Core" version="4.0.0.12084" />
- <package id="DotNetOpenAuth.Core.UI" version="4.0.0.12084" />
- <package id="DotNetOpenAuth.OpenId.Core" version="4.0.0.12084" />
- <package id="DotNetOpenAuth.OpenId.Core.UI" version="4.0.0.12084" />
- <package id="DotNetOpenAuth.OpenId.RelyingParty" version="4.0.0.12084" />
- <package id="DotNetOpenAuth.OpenId.RelyingParty.UI" version="4.0.0.12084" />
+ <package id="CodeContracts.Unofficial" version="1.0.0.2" targetFramework="net40" />
+ <package id="DotNetOpenAuth.Core" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.Core.UI" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OpenId.Core" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OpenId.Core.UI" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OpenId.RelyingParty" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OpenId.RelyingParty.UI" version="4.1.0.12182" targetFramework="net40" />
</packages>
\ No newline at end of file |