diff options
Diffstat (limited to 'src/OAuth')
35 files changed, 566 insertions, 469 deletions
diff --git a/src/OAuth/OAuthAuthorizationServer/Code/Client.cs b/src/OAuth/OAuthAuthorizationServer/Code/Client.cs index 0013f27..cf5ea59 100644 --- a/src/OAuth/OAuthAuthorizationServer/Code/Client.cs +++ b/src/OAuth/OAuthAuthorizationServer/Code/Client.cs @@ -1,7 +1,7 @@ namespace OAuthAuthorizationServer.Code { using System; using System.Collections.Generic; - + using DotNetOpenAuth.Messaging; using DotNetOpenAuth.OAuth2; /// <summary> @@ -11,13 +11,6 @@ #region IConsumerDescription Members /// <summary> - /// Gets the client secret. - /// </summary> - string IClientDescription.Secret { - get { return this.ClientSecret; } - } - - /// <summary> /// Gets the callback to use when an individual authorization request /// does not include an explicit callback URI. /// </summary> @@ -36,6 +29,13 @@ } /// <summary> + /// Gets a value indicating whether a non-empty secret is registered for this client. + /// </summary> + bool IClientDescription.HasNonEmptySecret { + get { return !string.IsNullOrEmpty(this.ClientSecret); } + } + + /// <summary> /// Determines whether a callback URI included in a client's authorization request /// is among those allowed callbacks for the registered client. /// </summary> @@ -59,6 +59,19 @@ return false; } + /// <summary> + /// Checks whether the specified client secret is correct. + /// </summary> + /// <param name="secret">The secret obtained from the client.</param> + /// <returns><c>true</c> if the secret matches the one in the authorization server's record for the client; <c>false</c> otherwise.</returns> + /// <remarks> + /// All string equality checks, whether checking secrets or their hashes, + /// should be done using <see cref="MessagingUtilities.EqualsConstantTime"/> to mitigate timing attacks. + /// </remarks> + bool IClientDescription.IsValidClientSecret(string secret) { + return MessagingUtilities.EqualsConstantTime(secret, this.ClientSecret); + } + #endregion } }
\ No newline at end of file diff --git a/src/OAuth/OAuthAuthorizationServer/Code/OAuth2AuthorizationServer.cs b/src/OAuth/OAuthAuthorizationServer/Code/OAuth2AuthorizationServer.cs index b837d4c..eb7f1f5 100644 --- a/src/OAuth/OAuthAuthorizationServer/Code/OAuth2AuthorizationServer.cs +++ b/src/OAuth/OAuthAuthorizationServer/Code/OAuth2AuthorizationServer.cs @@ -10,9 +10,7 @@ using DotNetOpenAuth.OAuth2.ChannelElements; using DotNetOpenAuth.OAuth2.Messages; - internal class OAuth2AuthorizationServer : IAuthorizationServer { - private static readonly RSACryptoServiceProvider AsymmetricTokenSigningPrivateKey = CreateRSA(); - + internal class OAuth2AuthorizationServer : IAuthorizationServerHost { #if SAMPLESONLY /// <summary> /// This is the FOR SAMPLE ONLY hard-coded public key of the complementary OAuthResourceServer sample. @@ -31,43 +29,39 @@ private static readonly RSAParameters ResourceServerEncryptionPublicKey; #endif - #region Implementation of IAuthorizationServer + #region Implementation of IAuthorizationServerHost public ICryptoKeyStore CryptoKeyStore { get { return MvcApplication.KeyNonceStore; } } - public INonceStore VerificationCodeNonceStore { + public INonceStore NonceStore { get { return MvcApplication.KeyNonceStore; } } - public RSACryptoServiceProvider AccessTokenSigningKey { - get { return AsymmetricTokenSigningPrivateKey; } - } + public AccessTokenResult CreateAccessToken(IAccessTokenRequest accessTokenRequestMessage) { + var accessToken = new AuthorizationServerAccessToken(); - public TimeSpan GetAccessTokenLifetime(IAccessTokenRequest accessTokenRequestMessage) { // Just for the sake of the sample, we use a short-lived token. This can be useful to mitigate the security risks // of access tokens that are used over standard HTTP. // But this is just the lifetime of the access token. The client can still renew it using their refresh token until // the authorization itself expires. - TimeSpan lifetime = TimeSpan.FromMinutes(2); + accessToken.Lifetime = TimeSpan.FromMinutes(2); // Also take into account the remaining life of the authorization and artificially shorten the access token's lifetime // to account for that if necessary. //// TODO: code here - return lifetime; - } - - public RSACryptoServiceProvider GetResourceServerEncryptionKey(IAccessTokenRequest accessTokenRequestMessage) { - var resourceServerEncryptionKey = new RSACryptoServiceProvider(); - // For this sample, we assume just one resource server. // If this authorization server needs to mint access tokens for more than one resource server, // we'd look at the request message passed to us and decide which public key to return. - resourceServerEncryptionKey.ImportParameters(ResourceServerEncryptionPublicKey); + accessToken.ResourceServerEncryptionKey = new RSACryptoServiceProvider(); + accessToken.ResourceServerEncryptionKey.ImportParameters(ResourceServerEncryptionPublicKey); + + accessToken.AccessTokenSigningKey = CreateRSA(); - return resourceServerEncryptionKey; + var result = new AccessTokenResult(accessToken); + return result; } public IClientDescription GetClient(string clientIdentifier) { @@ -84,11 +78,15 @@ return this.IsAuthorizationValid(authorization.Scope, authorization.ClientIdentifier, authorization.UtcIssued, authorization.User); } - public bool IsResourceOwnerCredentialValid(string userName, string password) { + public bool TryAuthorizeResourceOwnerCredentialGrant(string userName, string password, IAccessTokenRequest accessRequest, out string canonicalUserName) { // This web site delegates user authentication to OpenID Providers, and as such no users have local passwords with this server. throw new NotSupportedException(); } + public bool TryAuthorizeClientCredentialsGrant(IAccessTokenRequest accessRequest) { + throw new NotImplementedException(); + } + #endregion public bool CanBeAutoApproved(EndUserAuthorizationRequest authorizationRequest) { @@ -120,7 +118,7 @@ /// Creates the RSA key used by all the crypto service provider instances we create. /// </summary> /// <returns>RSA data that includes the private key.</returns> - private static RSAParameters CreateRSAKey() { + private static RSAParameters CreateAuthorizationServerSigningKey() { #if SAMPLESONLY // Since the sample authorization server and the sample resource server must work together, // we hard-code a FOR SAMPLE USE ONLY key pair. The matching public key information is hard-coded into the OAuthResourceServer sample. @@ -155,7 +153,7 @@ private static RSACryptoServiceProvider CreateRSA() { var rsa = new RSACryptoServiceProvider(); - rsa.ImportParameters(CreateRSAKey()); + rsa.ImportParameters(CreateAuthorizationServerSigningKey()); return rsa; } diff --git a/src/OAuth/OAuthAuthorizationServer/Controllers/HomeController.cs b/src/OAuth/OAuthAuthorizationServer/Controllers/HomeController.cs index d6dd144..685b4e7 100644 --- a/src/OAuth/OAuthAuthorizationServer/Controllers/HomeController.cs +++ b/src/OAuth/OAuthAuthorizationServer/Controllers/HomeController.cs @@ -40,7 +40,7 @@ dc.Clients.InsertOnSubmit(new Client { ClientIdentifier = "sampleImplicitConsumer", Name = "Some sample client used for implicit grants (no secret)", - Callback = "http://localhost:59721/", + Callback = "http://localhost:59722/", }); dc.SubmitChanges(); diff --git a/src/OAuth/OAuthAuthorizationServer/OAuthAuthorizationServer.csproj b/src/OAuth/OAuthAuthorizationServer/OAuthAuthorizationServer.csproj index f148eca..77446a7 100644 --- a/src/OAuth/OAuthAuthorizationServer/OAuthAuthorizationServer.csproj +++ b/src/OAuth/OAuthAuthorizationServer/OAuthAuthorizationServer.csproj @@ -1,23 +1,30 @@ <?xml version="1.0" encoding="utf-8"?>
<Project ToolsVersion="4.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
<Import Project="$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.props))\EnlistmentInfo.props" Condition=" '$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.props))' != '' " />
+ <Import Project="$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props" Condition="Exists('$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props')" />
+ <PropertyGroup>
+ <VisualStudioVersion Condition="'$(VisualStudioVersion)' == ''">10.0</VisualStudioVersion>
+ <VSToolsPath Condition="'$(VSToolsPath)' == ''">$(MSBuildExtensionsPath32)\Microsoft\VisualStudio\v$(VisualStudioVersion)</VSToolsPath>
+ <IISExpressSSLPort />
+ <IISExpressAnonymousAuthentication>disabled</IISExpressAnonymousAuthentication>
+ <IISExpressWindowsAuthentication>disabled</IISExpressWindowsAuthentication>
+ <IISExpressUseClassicPipelineMode>false</IISExpressUseClassicPipelineMode>
+ <SolutionDir Condition="$(SolutionDir) == '' Or $(SolutionDir) == '*Undefined*'">..\..\..\</SolutionDir>
+ <RestorePackages>true</RestorePackages>
+ </PropertyGroup>
<PropertyGroup>
<Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration>
<Platform Condition=" '$(Platform)' == '' ">AnyCPU</Platform>
- <ProductVersion>
- </ProductVersion>
<SchemaVersion>2.0</SchemaVersion>
<ProjectGuid>{C78E8235-1D46-43EB-A912-80B522C4E9AE}</ProjectGuid>
- <ProjectTypeGuids>{F85E285D-A4E0-4152-9332-AB1D724D3325};{349c5851-65df-11da-9384-00065b846f21};{fae04ec0-301f-11d3-bf4b-00c04f79efbc}</ProjectTypeGuids>
+ <ProjectTypeGuids>{E53F8FEA-EAE0-44A6-8774-FFD645390401};{349c5851-65df-11da-9384-00065b846f21};{fae04ec0-301f-11d3-bf4b-00c04f79efbc}</ProjectTypeGuids>
<OutputType>Library</OutputType>
<AppDesignerFolder>Properties</AppDesignerFolder>
<RootNamespace>OAuthAuthorizationServer</RootNamespace>
<AssemblyName>OAuthAuthorizationServer</AssemblyName>
<TargetFrameworkVersion>v4.0</TargetFrameworkVersion>
<MvcBuildViews>false</MvcBuildViews>
- <UseIISExpress>false</UseIISExpress>
- <SolutionDir Condition="$(SolutionDir) == '' Or $(SolutionDir) == '*Undefined*'">..\..\..\</SolutionDir>
- <RestorePackages>true</RestorePackages>
+ <UseIISExpress>true</UseIISExpress>
</PropertyGroup>
<PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' ">
<DebugSymbols>true</DebugSymbols>
@@ -38,19 +45,31 @@ </PropertyGroup>
<ItemGroup>
<Reference Include="DotNetOpenAuth.Core">
- <HintPath>..\..\..\packages\DotNetOpenAuth.Core.4.0.0.12084\lib\net40-full\DotNetOpenAuth.Core.dll</HintPath>
+ <HintPath>..\..\..\packages\DotNetOpenAuth.Core.4.1.0.12182\lib\net40-full\DotNetOpenAuth.Core.dll</HintPath>
+ </Reference>
+ <Reference Include="DotNetOpenAuth.Core.UI">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.Core.UI.4.1.0.12182\lib\net40-full\DotNetOpenAuth.Core.UI.dll</HintPath>
</Reference>
<Reference Include="DotNetOpenAuth.OAuth2">
- <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth2.Core.0.23.0-draft2\lib\net40-full\DotNetOpenAuth.OAuth2.dll</HintPath>
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth2.Core.0.25.0-draft1\lib\net40-full\DotNetOpenAuth.OAuth2.dll</HintPath>
</Reference>
<Reference Include="DotNetOpenAuth.OAuth2.AuthorizationServer">
- <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth2.AuthorizationServer.0.23.0-draft2\lib\net40-full\DotNetOpenAuth.OAuth2.AuthorizationServer.dll</HintPath>
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth2.AuthorizationServer.0.25.0-draft1\lib\net40-full\DotNetOpenAuth.OAuth2.AuthorizationServer.dll</HintPath>
+ </Reference>
+ <Reference Include="DotNetOpenAuth.OAuth2.ClientAuthorization">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth2.ClientAuthorization.0.25.0-draft1\lib\net40-full\DotNetOpenAuth.OAuth2.ClientAuthorization.dll</HintPath>
</Reference>
<Reference Include="DotNetOpenAuth.OpenId">
- <HintPath>..\..\..\packages\DotNetOpenAuth.OpenId.Core.4.0.0.12084\lib\net40-full\DotNetOpenAuth.OpenId.dll</HintPath>
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OpenId.Core.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OpenId.dll</HintPath>
</Reference>
<Reference Include="DotNetOpenAuth.OpenId.RelyingParty">
- <HintPath>..\..\..\packages\DotNetOpenAuth.OpenId.RelyingParty.4.0.0.12084\lib\net40-full\DotNetOpenAuth.OpenId.RelyingParty.dll</HintPath>
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OpenId.RelyingParty.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OpenId.RelyingParty.dll</HintPath>
+ </Reference>
+ <Reference Include="DotNetOpenAuth.OpenId.RelyingParty.UI">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OpenId.RelyingParty.UI.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OpenId.RelyingParty.UI.dll</HintPath>
+ </Reference>
+ <Reference Include="DotNetOpenAuth.OpenId.UI">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OpenId.Core.UI.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OpenId.UI.dll</HintPath>
</Reference>
<Reference Include="log4net">
<HintPath>..\..\..\packages\log4net.2.0.0\lib\net40-full\log4net.dll</HintPath>
@@ -72,7 +91,7 @@ <Reference Include="System.Data.DataSetExtensions">
<RequiredTargetFramework>3.5</RequiredTargetFramework>
</Reference>
- <Reference Include="System.Web.Mvc, Version=2.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL" />
+ <Reference Include="System.Web.Mvc, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL" />
<Reference Include="System.Xml.Linq">
<RequiredTargetFramework>3.5</RequiredTargetFramework>
</Reference>
@@ -112,7 +131,9 @@ <Content Include="Global.asax" />
<Content Include="Views\Home\CreateDatabase.aspx" />
<Content Include="Views\OAuth\Authorize.aspx" />
- <Content Include="Web.config" />
+ <Content Include="Web.config">
+ <SubType>Designer</SubType>
+ </Content>
<Content Include="Web.Debug.config">
<DependentUpon>Web.config</DependentUpon>
</Content>
@@ -160,10 +181,11 @@ <Service Include="{3259AA49-8AA1-44D3-9025-A0B520596A8C}" />
</ItemGroup>
<Import Project="$(MSBuildBinPath)\Microsoft.CSharp.targets" />
- <Import Project="$(MSBuildExtensionsPath32)\Microsoft\VisualStudio\v10.0\WebApplications\Microsoft.WebApplication.targets" />
- <!-- To modify your build process, add your task inside one of the targets below and uncomment it. - Other similar extension points exist, see Microsoft.Common.targets. - <Target Name="BeforeBuild"> + <Import Project="$(VSToolsPath)\WebApplications\Microsoft.WebApplication.targets" Condition="'$(VSToolsPath)' != ''" />
+ <Import Project="$(MSBuildExtensionsPath32)\Microsoft\VisualStudio\v10.0\WebApplications\Microsoft.WebApplication.targets" Condition="false" />
+ <!-- To modify your build process, add your task inside one of the targets below and uncomment it.
+ Other similar extension points exist, see Microsoft.Common.targets.
+ <Target Name="BeforeBuild">
</Target> -->
<Target Name="AfterBuild" Condition="'$(MvcBuildViews)'=='true'">
<AspNetCompiler VirtualPath="temp" PhysicalPath="$(ProjectDir)" />
@@ -173,11 +195,10 @@ <FlavorProperties GUID="{349c5851-65df-11da-9384-00065b846f21}">
<WebProjectProperties>
<UseIIS>False</UseIIS>
- <AutoAssignPort>True</AutoAssignPort>
+ <AutoAssignPort>False</AutoAssignPort>
<DevelopmentServerPort>50172</DevelopmentServerPort>
<DevelopmentServerVPath>/</DevelopmentServerVPath>
- <IISUrl>
- </IISUrl>
+ <IISUrl>http://localhost:17947/</IISUrl>
<NTLMAuthentication>False</NTLMAuthentication>
<UseCustomServer>False</UseCustomServer>
<CustomServerUrl>
diff --git a/src/OAuth/OAuthAuthorizationServer/Views/Web.config b/src/OAuth/OAuthAuthorizationServer/Views/Web.config index aa7a38d..c30f2ad 100644 --- a/src/OAuth/OAuthAuthorizationServer/Views/Web.config +++ b/src/OAuth/OAuthAuthorizationServer/Views/Web.config @@ -15,11 +15,11 @@ --> <pages validateRequest="false" - pageParserFilterType="System.Web.Mvc.ViewTypeParserFilter, System.Web.Mvc, Version=2.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" - pageBaseType="System.Web.Mvc.ViewPage, System.Web.Mvc, Version=2.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" - userControlBaseType="System.Web.Mvc.ViewUserControl, System.Web.Mvc, Version=2.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"> + pageParserFilterType="System.Web.Mvc.ViewTypeParserFilter, System.Web.Mvc, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" + pageBaseType="System.Web.Mvc.ViewPage, System.Web.Mvc, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" + userControlBaseType="System.Web.Mvc.ViewUserControl, System.Web.Mvc, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"> <controls> - <add assembly="System.Web.Mvc, Version=2.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" namespace="System.Web.Mvc" tagPrefix="mvc" /> + <add assembly="System.Web.Mvc, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" namespace="System.Web.Mvc" tagPrefix="mvc" /> </controls> </pages> </system.web> diff --git a/src/OAuth/OAuthAuthorizationServer/Web.config b/src/OAuth/OAuthAuthorizationServer/Web.config index 1d6955f..d7ce2e3 100644 --- a/src/OAuth/OAuthAuthorizationServer/Web.config +++ b/src/OAuth/OAuthAuthorizationServer/Web.config @@ -5,35 +5,25 @@ -->
<configuration>
<configSections>
- <section name="uri" type="System.Configuration.UriSection, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
<section name="log4net" type="log4net.Config.Log4NetConfigurationSectionHandler" requirePermission="false" />
<sectionGroup name="dotNetOpenAuth" type="DotNetOpenAuth.Configuration.DotNetOpenAuthSection, DotNetOpenAuth.Core">
- <section name="openid" type="DotNetOpenAuth.Configuration.OpenIdElement, DotNetOpenAuth.OpenId" requirePermission="false" allowLocation="true" />
- <section name="oauth" type="DotNetOpenAuth.Configuration.OAuthElement, DotNetOpenAuth.OAuth" requirePermission="false" allowLocation="true" />
+ <sectionGroup name="oauth2" type="DotNetOpenAuth.Configuration.OAuth2SectionGroup, DotNetOpenAuth.OAuth2">
+ <section name="authorizationServer" type="DotNetOpenAuth.Configuration.OAuth2AuthorizationServerSection, DotNetOpenAuth.OAuth2.AuthorizationServer" requirePermission="false" allowLocation="true" />
+ </sectionGroup>
<section name="messaging" type="DotNetOpenAuth.Configuration.MessagingElement, DotNetOpenAuth.Core" requirePermission="false" allowLocation="true" />
<section name="reporting" type="DotNetOpenAuth.Configuration.ReportingElement, DotNetOpenAuth.Core" requirePermission="false" allowLocation="true" />
+ <section name="openid" type="DotNetOpenAuth.Configuration.OpenIdElement, DotNetOpenAuth.OpenId" requirePermission="false" allowLocation="true" />
</sectionGroup>
</configSections>
<!-- The uri section is necessary to turn on .NET 3.5 support for IDN (international domain names),
which is necessary for OpenID urls with unicode characters in the domain/host name.
It is also required to put the Uri class into RFC 3986 escaping mode, which OpenID and OAuth require. -->
- <uri>
- <idn enabled="All" />
- <iriParsing enabled="true" />
- </uri>
- <system.net>
- <defaultProxy enabled="true" />
- <settings>
- <!-- This setting causes .NET to check certificate revocation lists (CRL)
- before trusting HTTPS certificates. But this setting tends to not
- be allowed in shared hosting environments. -->
- <!--<servicePointManager checkCertificateRevocationList="true"/>-->
- </settings>
- </system.net>
<!-- this is an optional configuration section where aspects of dotnetopenauth can be customized -->
<dotNetOpenAuth>
<!-- Allow DotNetOpenAuth to publish usage statistics to library authors to improve the library. -->
- <reporting enabled="true" />
+ <oauth2>
+ <authorizationServer></authorizationServer>
+ </oauth2>
<!-- Relaxing SSL requirements is useful for simple samples, but NOT a good idea in production. -->
<messaging relaxSslRequirements="true">
<untrustedWebRequest>
@@ -43,6 +33,7 @@ </whitelistHosts>
</untrustedWebRequest>
</messaging>
+ <reporting enabled="true" />
<openid>
<relyingParty>
<security requireSsl="false">
@@ -72,14 +63,14 @@ </logger>
</log4net>
<connectionStrings>
- <add name="DatabaseConnectionString" connectionString="Data Source=.\SQLEXPRESS;AttachDbFilename=|DataDirectory|\Database2.mdf;Integrated Security=True;User Instance=True" providerName="System.Data.SqlClient" />
+ <add name="DatabaseConnectionString" connectionString="Data Source=.\SQLEXPRESS;AttachDbFilename=|DataDirectory|\Database4.mdf;Integrated Security=True;User Instance=True" providerName="System.Data.SqlClient" />
</connectionStrings>
<system.web>
<compilation debug="true" targetFramework="4.0">
<assemblies>
<add assembly="System.Web.Abstractions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
<add assembly="System.Web.Routing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
- <add assembly="System.Web.Mvc, Version=2.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
+ <add assembly="System.Web.Mvc, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
</assemblies>
</compilation>
<authentication mode="Forms">
@@ -99,12 +90,30 @@ <modules runAllManagedModulesForAllRequests="true" />
</system.webServer>
<runtime>
+ <!-- When targeting ASP.NET MVC 3, this assemblyBinding makes MVC 1 and 2 references relink
+ to MVC 3 so libraries such as DotNetOpenAuth that compile against MVC 1 will work with it. -->
<assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
<dependentAssembly>
<assemblyIdentity name="System.Web.Mvc" publicKeyToken="31bf3856ad364e35" />
- <bindingRedirect oldVersion="1.0.0.0" newVersion="2.0.0.0" />
+ <bindingRedirect oldVersion="1.0.0.0-3.0.0.0" newVersion="3.0.0.0" />
</dependentAssembly>
</assemblyBinding>
<legacyHMACWarning enabled="0" />
</runtime>
+ <system.net>
+ <defaultProxy enabled="true" />
+ <settings>
+ <!-- This setting causes .NET to check certificate revocation lists (CRL)
+ before trusting HTTPS certificates. But this setting tends to not
+ be allowed in shared hosting environments. -->
+ <!--<servicePointManager checkCertificateRevocationList="true"/>-->
+ </settings>
+ </system.net>
+ <uri>
+ <!-- The uri section is necessary to turn on .NET 3.5 support for IDN (international domain names),
+ which is necessary for OpenID urls with unicode characters in the domain/host name.
+ It is also required to put the Uri class into RFC 3986 escaping mode, which OpenID and OAuth require. -->
+ <idn enabled="All" />
+ <iriParsing enabled="true" />
+ </uri>
</configuration>
\ No newline at end of file diff --git a/src/OAuth/OAuthAuthorizationServer/packages.config b/src/OAuth/OAuthAuthorizationServer/packages.config index c5d87eb..dea78e4 100644 --- a/src/OAuth/OAuthAuthorizationServer/packages.config +++ b/src/OAuth/OAuthAuthorizationServer/packages.config @@ -1,12 +1,14 @@ <?xml version="1.0" encoding="utf-8"?>
<packages>
- <package id="CodeContracts.Unofficial" version="1.0.0.2" />
- <package id="DotNetOpenAuth.Core" version="4.0.0.12084" />
- <package id="DotNetOpenAuth.OAuth2.AuthorizationServer" version="0.23.0-draft" />
- <package id="DotNetOpenAuth.OAuth2.AuthorizationServer" version="0.23.0-draft2" />
- <package id="DotNetOpenAuth.OAuth2.Core" version="0.23.0-draft" />
- <package id="DotNetOpenAuth.OAuth2.Core" version="0.23.0-draft2" />
- <package id="DotNetOpenAuth.OpenId.Core" version="4.0.0.12084" />
- <package id="DotNetOpenAuth.OpenId.RelyingParty" version="4.0.0.12084" />
- <package id="log4net" version="2.0.0" />
+ <package id="CodeContracts.Unofficial" version="1.0.0.2" targetFramework="net40" />
+ <package id="DotNetOpenAuth.Core" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.Core.UI" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OAuth2.AuthorizationServer" version="0.25.0-draft1" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OAuth2.ClientAuthorization" version="0.25.0-draft1" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OAuth2.Core" version="0.25.0-draft1" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OpenId.Core" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OpenId.Core.UI" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OpenId.RelyingParty" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OpenId.RelyingParty.UI" version="4.1.0.12182" targetFramework="net40" />
+ <package id="log4net" version="2.0.0" targetFramework="net40" />
</packages>
\ No newline at end of file diff --git a/src/OAuth/OAuthClient/Facebook.aspx.cs b/src/OAuth/OAuthClient/Facebook.aspx.cs index 0f71712..4701d24 100644 --- a/src/OAuth/OAuthClient/Facebook.aspx.cs +++ b/src/OAuth/OAuthClient/Facebook.aspx.cs @@ -10,7 +10,7 @@ public partial class Facebook : System.Web.UI.Page { private static readonly FacebookClient client = new FacebookClient { ClientIdentifier = ConfigurationManager.AppSettings["facebookAppID"], - ClientSecret = ConfigurationManager.AppSettings["facebookAppSecret"], + ClientCredentialApplicator = ClientCredentialApplicator.PostParameter(ConfigurationManager.AppSettings["facebookAppSecret"]), }; protected void Page_Load(object sender, EventArgs e) { diff --git a/src/OAuth/OAuthClient/OAuthClient.csproj b/src/OAuth/OAuthClient/OAuthClient.csproj index 63d2070..48568b1 100644 --- a/src/OAuth/OAuthClient/OAuthClient.csproj +++ b/src/OAuth/OAuthClient/OAuthClient.csproj @@ -1,6 +1,18 @@ <?xml version="1.0" encoding="utf-8"?>
<Project ToolsVersion="4.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
<Import Project="$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.props))\EnlistmentInfo.props" Condition=" '$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.props))' != '' " />
+ <Import Project="$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props" Condition="Exists('$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props')" />
+ <PropertyGroup>
+ <VisualStudioVersion Condition="'$(VisualStudioVersion)' == ''">10.0</VisualStudioVersion>
+ <VSToolsPath Condition="'$(VSToolsPath)' == ''">$(MSBuildExtensionsPath32)\Microsoft\VisualStudio\v$(VisualStudioVersion)</VSToolsPath>
+ <OldToolsVersion>4.0</OldToolsVersion>
+ <IISExpressSSLPort />
+ <IISExpressAnonymousAuthentication />
+ <IISExpressWindowsAuthentication />
+ <IISExpressUseClassicPipelineMode />
+ <SolutionDir Condition="$(SolutionDir) == '' Or $(SolutionDir) == '*Undefined*'">..\..\..\</SolutionDir>
+ <RestorePackages>true</RestorePackages>
+ </PropertyGroup>
<PropertyGroup>
<Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration>
<Platform Condition=" '$(Platform)' == '' ">AnyCPU</Platform>
@@ -15,9 +27,7 @@ <AssemblyName>OAuthClient</AssemblyName>
<TargetFrameworkVersion>v4.0</TargetFrameworkVersion>
<TargetFrameworkProfile />
- <UseIISExpress>false</UseIISExpress>
- <SolutionDir Condition="$(SolutionDir) == '' Or $(SolutionDir) == '*Undefined*'">..\..\..\</SolutionDir>
- <RestorePackages>true</RestorePackages>
+ <UseIISExpress>true</UseIISExpress>
</PropertyGroup>
<PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' ">
<DebugSymbols>true</DebugSymbols>
@@ -40,35 +50,74 @@ <DefineConstants>$(DefineConstants);SAMPLESONLY</DefineConstants>
</PropertyGroup>
<ItemGroup>
- <Reference Include="DotNetOpenAuth.Core">
- <HintPath>..\..\..\packages\DotNetOpenAuth.Core.4.0.0.12084\lib\net40-full\DotNetOpenAuth.Core.dll</HintPath>
+ <Reference Include="DotNetOpenAuth.Core, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.Core.4.1.0.12182\lib\net40-full\DotNetOpenAuth.Core.dll</HintPath>
+ </Reference>
+ <Reference Include="DotNetOpenAuth.Core.UI, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.Core.UI.4.1.0.12182\lib\net40-full\DotNetOpenAuth.Core.UI.dll</HintPath>
+ </Reference>
+ <Reference Include="DotNetOpenAuth.InfoCard, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.InfoCard.4.1.0.12182\lib\net40-full\DotNetOpenAuth.InfoCard.dll</HintPath>
+ </Reference>
+ <Reference Include="DotNetOpenAuth.InfoCard.UI, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.InfoCard.UI.4.1.0.12182\lib\net40-full\DotNetOpenAuth.InfoCard.UI.dll</HintPath>
+ </Reference>
+ <Reference Include="DotNetOpenAuth.OAuth, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth.Core.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OAuth.dll</HintPath>
+ </Reference>
+ <Reference Include="DotNetOpenAuth.OAuth.Common, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth.Common.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OAuth.Common.dll</HintPath>
+ </Reference>
+ <Reference Include="DotNetOpenAuth.OAuth.Consumer, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth.Consumer.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OAuth.Consumer.dll</HintPath>
+ </Reference>
+ <Reference Include="DotNetOpenAuth.OAuth.ServiceProvider, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth.ServiceProvider.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OAuth.ServiceProvider.dll</HintPath>
+ </Reference>
+ <Reference Include="DotNetOpenAuth.OAuth2, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth2.Core.0.25.0-draft1\lib\net40-full\DotNetOpenAuth.OAuth2.dll</HintPath>
+ </Reference>
+ <Reference Include="DotNetOpenAuth.OAuth2.AuthorizationServer">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth2.AuthorizationServer.0.25.0-draft1\lib\net40-full\DotNetOpenAuth.OAuth2.AuthorizationServer.dll</HintPath>
+ </Reference>
+ <Reference Include="DotNetOpenAuth.OAuth2.Client, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth2.Client.0.25.0-draft1\lib\net40-full\DotNetOpenAuth.OAuth2.Client.dll</HintPath>
+ </Reference>
+ <Reference Include="DotNetOpenAuth.OAuth2.Client.UI, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth2.Client.UI.0.25.0-draft1\lib\net40-full\DotNetOpenAuth.OAuth2.Client.UI.dll</HintPath>
+ </Reference>
+ <Reference Include="DotNetOpenAuth.OAuth2.ClientAuthorization, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth2.ClientAuthorization.0.25.0-draft1\lib\net40-full\DotNetOpenAuth.OAuth2.ClientAuthorization.dll</HintPath>
+ </Reference>
+ <Reference Include="DotNetOpenAuth.OAuth2.ResourceServer">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth2.ResourceServer.0.25.0-draft1\lib\net40-full\DotNetOpenAuth.OAuth2.ResourceServer.dll</HintPath>
</Reference>
- <Reference Include="DotNetOpenAuth.OAuth">
- <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth.Core.4.0.0.12084\lib\net40-full\DotNetOpenAuth.OAuth.dll</HintPath>
+ <Reference Include="DotNetOpenAuth.OpenId, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OpenId.Core.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OpenId.dll</HintPath>
</Reference>
- <Reference Include="DotNetOpenAuth.OAuth.Common">
- <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth.Common.4.0.0.12084\lib\net40-full\DotNetOpenAuth.OAuth.Common.dll</HintPath>
+ <Reference Include="DotNetOpenAuth.OpenId.Provider, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OpenId.Provider.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OpenId.Provider.dll</HintPath>
</Reference>
- <Reference Include="DotNetOpenAuth.OAuth.Consumer">
- <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth.Consumer.4.0.0.12084\lib\net40-full\DotNetOpenAuth.OAuth.Consumer.dll</HintPath>
+ <Reference Include="DotNetOpenAuth.OpenId.Provider.UI, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OpenId.Provider.UI.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OpenId.Provider.UI.dll</HintPath>
</Reference>
- <Reference Include="DotNetOpenAuth.OAuth.ServiceProvider">
- <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth.ServiceProvider.4.0.0.12084\lib\net40-full\DotNetOpenAuth.OAuth.ServiceProvider.dll</HintPath>
+ <Reference Include="DotNetOpenAuth.OpenId.RelyingParty, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OpenId.RelyingParty.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OpenId.RelyingParty.dll</HintPath>
</Reference>
- <Reference Include="DotNetOpenAuth.OAuth2">
- <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth2.Core.0.23.0-draft2\lib\net40-full\DotNetOpenAuth.OAuth2.dll</HintPath>
+ <Reference Include="DotNetOpenAuth.OpenId.RelyingParty.UI, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OpenId.RelyingParty.UI.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OpenId.RelyingParty.UI.dll</HintPath>
</Reference>
- <Reference Include="DotNetOpenAuth.OAuth2.Client">
- <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth2.Client.0.23.0-draft2\lib\net40-full\DotNetOpenAuth.OAuth2.Client.dll</HintPath>
+ <Reference Include="DotNetOpenAuth.OpenId.UI, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OpenId.Core.UI.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OpenId.UI.dll</HintPath>
</Reference>
- <Reference Include="DotNetOpenAuth.OpenId, Version=4.0.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
- <HintPath>..\..\..\packages\DotNetOpenAuth.OpenId.Core.4.0.0.12084\lib\net40-full\DotNetOpenAuth.OpenId.dll</HintPath>
+ <Reference Include="DotNetOpenAuth.OpenIdInfoCard.UI, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OpenIdInfoCard.UI.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OpenIdInfoCard.UI.dll</HintPath>
</Reference>
- <Reference Include="DotNetOpenAuth.OpenIdOAuth, Version=4.0.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
- <HintPath>..\..\..\packages\DotNetOpenAuth.OpenIdOAuth.4.0.0.12084\lib\net40-full\DotNetOpenAuth.OpenIdOAuth.dll</HintPath>
+ <Reference Include="DotNetOpenAuth.OpenIdOAuth, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OpenIdOAuth.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OpenIdOAuth.dll</HintPath>
</Reference>
<Reference Include="log4net">
- <HintPath>..\..\..\packages\log4net.2.0.0\lib\net35-full\log4net.dll</HintPath>
+ <HintPath>..\..\..\packages\log4net.2.0.0\lib\net40-full\log4net.dll</HintPath>
</Reference>
<Reference Include="Microsoft.Contracts">
<HintPath>..\..\..\packages\CodeContracts.Unofficial.1.0.0.2\lib\net35-client\Microsoft.Contracts.dll</HintPath>
diff --git a/src/OAuth/OAuthClient/SampleWcf2.aspx.cs b/src/OAuth/OAuthClient/SampleWcf2.aspx.cs index 130932c..a94be96 100644 --- a/src/OAuth/OAuthClient/SampleWcf2.aspx.cs +++ b/src/OAuth/OAuthClient/SampleWcf2.aspx.cs @@ -87,6 +87,8 @@ this.nameLabel.Text = this.CallService(client => client.GetName()); } catch (SecurityAccessDeniedException) { this.nameLabel.Text = "Access denied!"; + } catch (MessageSecurityException) { + this.nameLabel.Text = "Access denied!"; } } @@ -96,6 +98,8 @@ this.ageLabel.Text = age.HasValue ? age.Value.ToString(CultureInfo.CurrentCulture) : "not available"; } catch (SecurityAccessDeniedException) { this.ageLabel.Text = "Access denied!"; + } catch (MessageSecurityException) { + this.ageLabel.Text = "Access denied!"; } } @@ -105,6 +109,8 @@ this.favoriteSitesLabel.Text = string.Join(", ", favoriteSites); } catch (SecurityAccessDeniedException) { this.favoriteSitesLabel.Text = "Access denied!"; + } catch (MessageSecurityException) { + this.favoriteSitesLabel.Text = "Access denied!"; } } diff --git a/src/OAuth/OAuthClient/SampleWcf2Javascript.js b/src/OAuth/OAuthClient/SampleWcf2Javascript.js index df72938..d894bb7 100644 --- a/src/OAuth/OAuthClient/SampleWcf2Javascript.js +++ b/src/OAuth/OAuthClient/SampleWcf2Javascript.js @@ -62,7 +62,7 @@ $(document).ready(function () { function serviceCall(operation, accessToken, label) { label.text('fetching...'); $.ajax({ - url: "http://localhost:65169" + encodeURI(operation), + url: "http://localhost:65170" + encodeURI(operation), headers: { "Authorization": "Bearer " + accessToken }, diff --git a/src/OAuth/OAuthClient/Service References/SampleResourceServer/DataApi.disco b/src/OAuth/OAuthClient/Service References/SampleResourceServer/DataApi.disco index f8d5e5b..b9abb7e 100644 --- a/src/OAuth/OAuthClient/Service References/SampleResourceServer/DataApi.disco +++ b/src/OAuth/OAuthClient/Service References/SampleResourceServer/DataApi.disco @@ -1,4 +1,4 @@ <?xml version="1.0" encoding="utf-8"?> <discovery xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="http://schemas.xmlsoap.org/disco/"> - <contractRef ref="http://localhost:65169/DataApi.svc?wsdl" docRef="http://localhost:65169/DataApi.svc" xmlns="http://schemas.xmlsoap.org/disco/scl/" /> + <contractRef ref="http://localhost:65170/DataApi.svc?wsdl" docRef="http://localhost:65170/DataApi.svc" xmlns="http://schemas.xmlsoap.org/disco/scl/" /> </discovery>
\ No newline at end of file diff --git a/src/OAuth/OAuthClient/Service References/SampleResourceServer/DataApi.wsdl b/src/OAuth/OAuthClient/Service References/SampleResourceServer/DataApi.wsdl index 702762a..2e4f627 100644 --- a/src/OAuth/OAuthClient/Service References/SampleResourceServer/DataApi.wsdl +++ b/src/OAuth/OAuthClient/Service References/SampleResourceServer/DataApi.wsdl @@ -222,9 +222,9 @@ </wsp:Policy> <wsdl:types> <xsd:schema targetNamespace="http://tempuri.org/Imports"> - <xsd:import schemaLocation="http://localhost:65169/DataApi.svc?xsd=xsd0" namespace="http://tempuri.org/" /> - <xsd:import schemaLocation="http://localhost:65169/DataApi.svc?xsd=xsd1" namespace="http://schemas.microsoft.com/2003/10/Serialization/" /> - <xsd:import schemaLocation="http://localhost:65169/DataApi.svc?xsd=xsd2" namespace="http://schemas.microsoft.com/2003/10/Serialization/Arrays" /> + <xsd:import schemaLocation="http://localhost:65170/DataApi.svc?xsd=xsd0" namespace="http://tempuri.org/" /> + <xsd:import schemaLocation="http://localhost:65170/DataApi.svc?xsd=xsd1" namespace="http://schemas.microsoft.com/2003/10/Serialization/" /> + <xsd:import schemaLocation="http://localhost:65170/DataApi.svc?xsd=xsd2" namespace="http://schemas.microsoft.com/2003/10/Serialization/Arrays" /> </xsd:schema> </wsdl:types> <wsdl:message name="IDataApi_GetAge_InputMessage"> @@ -298,9 +298,9 @@ </wsdl:binding> <wsdl:service name="DataApi"> <wsdl:port name="WSHttpBinding_IDataApi" binding="tns:WSHttpBinding_IDataApi"> - <soap12:address location="http://localhost:65169/DataApi.svc" /> + <soap12:address location="http://localhost:65170/DataApi.svc" /> <wsa10:EndpointReference> - <wsa10:Address>http://localhost:65169/DataApi.svc</wsa10:Address> + <wsa10:Address>http://localhost:65170/DataApi.svc</wsa10:Address> <Identity xmlns="http://schemas.xmlsoap.org/ws/2006/02/addressingidentity"> <Dns>localhost</Dns> </Identity> diff --git a/src/OAuth/OAuthClient/Service References/SampleResourceServer/DataApi.xsd b/src/OAuth/OAuthClient/Service References/SampleResourceServer/DataApi.xsd index 3109534..1702fde 100644 --- a/src/OAuth/OAuthClient/Service References/SampleResourceServer/DataApi.xsd +++ b/src/OAuth/OAuthClient/Service References/SampleResourceServer/DataApi.xsd @@ -1,6 +1,6 @@ <?xml version="1.0" encoding="utf-8"?> <xs:schema xmlns:tns="http://tempuri.org/" elementFormDefault="qualified" targetNamespace="http://tempuri.org/" xmlns:xs="http://www.w3.org/2001/XMLSchema"> - <xs:import schemaLocation="http://localhost:65169/DataApi.svc?xsd=xsd2" namespace="http://schemas.microsoft.com/2003/10/Serialization/Arrays" /> + <xs:import schemaLocation="http://localhost:65170/DataApi.svc?xsd=xsd2" namespace="http://schemas.microsoft.com/2003/10/Serialization/Arrays" /> <xs:element name="GetAge"> <xs:complexType> <xs:sequence /> diff --git a/src/OAuth/OAuthClient/Service References/SampleResourceServer/Reference.cs b/src/OAuth/OAuthClient/Service References/SampleResourceServer/Reference.cs index 02fc057..5e6deaf 100644 --- a/src/OAuth/OAuthClient/Service References/SampleResourceServer/Reference.cs +++ b/src/OAuth/OAuthClient/Service References/SampleResourceServer/Reference.cs @@ -1,7 +1,7 @@ //------------------------------------------------------------------------------ // <auto-generated> // This code was generated by a tool. -// Runtime Version:4.0.30319.17379 +// Runtime Version:4.0.30319.17614 // // Changes to this file may cause incorrect behavior and will be lost if // the code is regenerated. diff --git a/src/OAuth/OAuthClient/Service References/SampleResourceServer/Reference.svcmap b/src/OAuth/OAuthClient/Service References/SampleResourceServer/Reference.svcmap index 4463f99..4706963 100644 --- a/src/OAuth/OAuthClient/Service References/SampleResourceServer/Reference.svcmap +++ b/src/OAuth/OAuthClient/Service References/SampleResourceServer/Reference.svcmap @@ -18,14 +18,14 @@ <ServiceContractMappings /> </ClientOptions> <MetadataSources> - <MetadataSource Address="http://localhost:65169/DataApi.svc" Protocol="http" SourceId="1" /> + <MetadataSource Address="http://localhost:65170/DataApi.svc" Protocol="http" SourceId="1" /> </MetadataSources> <Metadata> - <MetadataFile FileName="DataApi.xsd" MetadataType="Schema" ID="82a34da8-d721-4c35-aaf9-fc5d08771cd2" SourceId="1" SourceUrl="http://localhost:65169/DataApi.svc?xsd=xsd0" /> - <MetadataFile FileName="DataApi.wsdl" MetadataType="Wsdl" ID="96350220-1df2-429e-8cb5-4fc33703bcc7" SourceId="1" SourceUrl="http://localhost:65169/DataApi.svc?wsdl" /> - <MetadataFile FileName="DataApi.disco" MetadataType="Disco" ID="c4f66dee-ac01-4476-afb0-34f7350c06ad" SourceId="1" SourceUrl="http://localhost:65169/DataApi.svc?disco" /> - <MetadataFile FileName="DataApi1.xsd" MetadataType="Schema" ID="7aaf262f-6342-421b-8f44-0e624be7a5fb" SourceId="1" SourceUrl="http://localhost:65169/DataApi.svc?xsd=xsd1" /> - <MetadataFile FileName="DataApi2.xsd" MetadataType="Schema" ID="67c1ea8d-12c4-4a0c-aa33-7226018cf16e" SourceId="1" SourceUrl="http://localhost:65169/DataApi.svc?xsd=xsd2" /> + <MetadataFile FileName="DataApi.xsd" MetadataType="Schema" ID="82a34da8-d721-4c35-aaf9-fc5d08771cd2" SourceId="1" SourceUrl="http://localhost:65170/DataApi.svc?xsd=xsd0" /> + <MetadataFile FileName="DataApi.wsdl" MetadataType="Wsdl" ID="96350220-1df2-429e-8cb5-4fc33703bcc7" SourceId="1" SourceUrl="http://localhost:65170/DataApi.svc?wsdl" /> + <MetadataFile FileName="DataApi.disco" MetadataType="Disco" ID="c4f66dee-ac01-4476-afb0-34f7350c06ad" SourceId="1" SourceUrl="http://localhost:65170/DataApi.svc?disco" /> + <MetadataFile FileName="DataApi1.xsd" MetadataType="Schema" ID="7aaf262f-6342-421b-8f44-0e624be7a5fb" SourceId="1" SourceUrl="http://localhost:65170/DataApi.svc?xsd=xsd1" /> + <MetadataFile FileName="DataApi2.xsd" MetadataType="Schema" ID="67c1ea8d-12c4-4a0c-aa33-7226018cf16e" SourceId="1" SourceUrl="http://localhost:65170/DataApi.svc?xsd=xsd2" /> </Metadata> <Extensions> <ExtensionFile FileName="configuration91.svcinfo" Name="configuration91.svcinfo" /> diff --git a/src/OAuth/OAuthClient/Service References/SampleResourceServer/configuration.svcinfo b/src/OAuth/OAuthClient/Service References/SampleResourceServer/configuration.svcinfo index c21c2f6..6771e14 100644 --- a/src/OAuth/OAuthClient/Service References/SampleResourceServer/configuration.svcinfo +++ b/src/OAuth/OAuthClient/Service References/SampleResourceServer/configuration.svcinfo @@ -5,6 +5,6 @@ <binding digest="System.ServiceModel.Configuration.WSHttpBindingElement, System.ServiceModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089:<?xml version="1.0" encoding="utf-16"?><Data hostNameComparisonMode="StrongWildcard" messageEncoding="Text" name="WSHttpBinding_IDataApi" textEncoding="utf-8" transactionFlow="false"><readerQuotas maxArrayLength="16384" maxBytesPerRead="4096" maxDepth="32" maxNameTableCharCount="16384" maxStringContentLength="8192" /><reliableSession enabled="false" inactivityTimeout="00:10:00" ordered="true" /><security mode="Message"><message algorithmSuite="Default" clientCredentialType="Windows" negotiateServiceCredential="true" /><transport clientCredentialType="Windows" proxyCredentialType="None" realm="" /></security></Data>" bindingType="wsHttpBinding" name="WSHttpBinding_IDataApi" /> </bindings> <endpoints> - <endpoint normalizedDigest="<?xml version="1.0" encoding="utf-16"?><Data address="http://localhost:65169/DataApi.svc" binding="wsHttpBinding" bindingConfiguration="WSHttpBinding_IDataApi" contract="SampleResourceServer.IDataApi" name="WSHttpBinding_IDataApi"><identity><dns value="localhost" /></identity></Data>" digest="<?xml version="1.0" encoding="utf-16"?><Data address="http://localhost:65169/DataApi.svc" binding="wsHttpBinding" bindingConfiguration="WSHttpBinding_IDataApi" contract="SampleResourceServer.IDataApi" name="WSHttpBinding_IDataApi"><identity><dns value="localhost" /></identity></Data>" contractName="SampleResourceServer.IDataApi" name="WSHttpBinding_IDataApi" /> + <endpoint normalizedDigest="<?xml version="1.0" encoding="utf-16"?><Data address="http://localhost:65170/DataApi.svc" binding="wsHttpBinding" bindingConfiguration="WSHttpBinding_IDataApi" contract="SampleResourceServer.IDataApi" name="WSHttpBinding_IDataApi"><identity><dns value="localhost" /></identity></Data>" digest="<?xml version="1.0" encoding="utf-16"?><Data address="http://localhost:65170/DataApi.svc" binding="wsHttpBinding" bindingConfiguration="WSHttpBinding_IDataApi" contract="SampleResourceServer.IDataApi" name="WSHttpBinding_IDataApi"><identity><dns value="localhost" /></identity></Data>" contractName="SampleResourceServer.IDataApi" name="WSHttpBinding_IDataApi" /> </endpoints> </configurationSnapshot>
\ No newline at end of file diff --git a/src/OAuth/OAuthClient/Service References/SampleResourceServer/configuration91.svcinfo b/src/OAuth/OAuthClient/Service References/SampleResourceServer/configuration91.svcinfo index 3dd0d1a..1192934 100644 --- a/src/OAuth/OAuthClient/Service References/SampleResourceServer/configuration91.svcinfo +++ b/src/OAuth/OAuthClient/Service References/SampleResourceServer/configuration91.svcinfo @@ -127,10 +127,10 @@ </bindingConfiguration> </bindingConfigurations> <endpoints> - <endpoint name="WSHttpBinding_IDataApi" contract="SampleResourceServer.IDataApi" bindingType="wsHttpBinding" address="http://localhost:65169/DataApi.svc" bindingConfiguration="WSHttpBinding_IDataApi"> + <endpoint name="WSHttpBinding_IDataApi" contract="SampleResourceServer.IDataApi" bindingType="wsHttpBinding" address="http://localhost:65170/DataApi.svc" bindingConfiguration="WSHttpBinding_IDataApi"> <properties> <property path="/address" isComplexType="false" isExplicitlyDefined="true" clrType="System.Uri, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"> - <serializedValue>http://localhost:65169/DataApi.svc</serializedValue> + <serializedValue>http://localhost:65170/DataApi.svc</serializedValue> </property> <property path="/behaviorConfiguration" isComplexType="false" isExplicitlyDefined="false" clrType="System.String, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"> <serializedValue /> diff --git a/src/OAuth/OAuthClient/Web.config b/src/OAuth/OAuthClient/Web.config index 0e5ed14..1e7b8a4 100644 --- a/src/OAuth/OAuthClient/Web.config +++ b/src/OAuth/OAuthClient/Web.config @@ -1,11 +1,10 @@ -<?xml version="1.0" encoding="utf-8"?>
+<?xml version="1.0"?>
<configuration>
<configSections>
- <section name="uri" type="System.Configuration.UriSection, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
<section name="log4net" type="log4net.Config.Log4NetConfigurationSectionHandler" requirePermission="false" />
<sectionGroup name="dotNetOpenAuth" type="DotNetOpenAuth.Configuration.DotNetOpenAuthSection, DotNetOpenAuth.Core">
- <section name="openid" type="DotNetOpenAuth.Configuration.OpenIdElement, DotNetOpenAuth.OpenId" requirePermission="false" allowLocation="true" />
- <section name="oauth" type="DotNetOpenAuth.Configuration.OAuthElement, DotNetOpenAuth.OAuth" requirePermission="false" allowLocation="true" />
+ <section name="openid" type="DotNetOpenAuth.Configuration.OpenIdElement, DotNetOpenAuth.OpenId" requirePermission="false" allowLocation="true" />
+ <section name="oauth" type="DotNetOpenAuth.Configuration.OAuthElement, DotNetOpenAuth.OAuth" requirePermission="false" allowLocation="true" />
<section name="messaging" type="DotNetOpenAuth.Configuration.MessagingElement, DotNetOpenAuth.Core" requirePermission="false" allowLocation="true" />
<section name="reporting" type="DotNetOpenAuth.Configuration.ReportingElement, DotNetOpenAuth.Core" requirePermission="false" allowLocation="true" />
</sectionGroup>
@@ -13,33 +12,28 @@ <!-- The uri section is necessary to turn on .NET 3.5 support for IDN (international domain names),
which is necessary for OpenID urls with unicode characters in the domain/host name.
It is also required to put the Uri class into RFC 3986 escaping mode, which OpenID and OAuth require. -->
- <uri>
- <idn enabled="All" />
- <iriParsing enabled="true" />
- </uri>
- <system.net>
- <defaultProxy enabled="true" />
- <settings>
- <!-- This setting causes .NET to check certificate revocation lists (CRL)
- before trusting HTTPS certificates. But this setting tends to not
- be allowed in shared hosting environments. -->
- <!--<servicePointManager checkCertificateRevocationList="true"/>-->
- </settings>
- </system.net>
+ <uri>
+ <idn enabled="All"/>
+ <iriParsing enabled="true"/>
+ </uri>
+
+ <system.net>
+ <defaultProxy enabled="true" />
+ <settings>
+ <!-- This setting causes .NET to check certificate revocation lists (CRL)
+ before trusting HTTPS certificates. But this setting tends to not
+ be allowed in shared hosting environments. -->
+ <!--<servicePointManager checkCertificateRevocationList="true"/>-->
+ </settings>
+ </system.net>
+
<!-- this is an optional configuration section where aspects of dotnetopenauth can be customized -->
<dotNetOpenAuth>
<!-- Allow DotNetOpenAuth to publish usage statistics to library authors to improve the library. -->
- <reporting enabled="true" />
+ <reporting enabled="true" />
+
<!-- Relaxing SSL requirements is useful for simple samples, but NOT a good idea in production. -->
- <messaging relaxSslRequirements="true">
- <untrustedWebRequest>
- <whitelistHosts>
- <!-- Uncomment to enable communication with localhost (should generally not activate in production!) -->
- <!--<add name="localhost" />-->
- </whitelistHosts>
- </untrustedWebRequest>
- </messaging>
- <openid />
+ <messaging relaxSslRequirements="true" />
</dotNetOpenAuth>
<appSettings>
<!-- Fill in your various consumer keys and secrets here to make the sample work. -->
@@ -97,9 +91,6 @@ The system.webServer section is required for running ASP.NET AJAX under Internet
Information Services 7.0. It is not necessary for previous version of IIS.
-->
- <runtime>
- <legacyHMACWarning enabled="0" />
- </runtime>
<log4net>
<appender name="TracePageAppender" type="OAuthClient.TracePageAppender, OAuthClient">
<layout type="log4net.Layout.PatternLayout">
@@ -131,11 +122,14 @@ </wsHttpBinding>
</bindings>
<client>
- <endpoint address="http://localhost:65169/DataApi.svc" binding="wsHttpBinding" bindingConfiguration="WSHttpBinding_IDataApi" contract="SampleResourceServer.IDataApi" name="WSHttpBinding_IDataApi">
+ <endpoint address="http://localhost:65170/DataApi.svc" binding="wsHttpBinding" bindingConfiguration="WSHttpBinding_IDataApi" contract="SampleResourceServer.IDataApi" name="WSHttpBinding_IDataApi">
<identity>
<dns value="localhost" />
</identity>
</endpoint>
</client>
</system.serviceModel>
+ <system.webServer>
+ <modules runAllManagedModulesForAllRequests="true" />
+ </system.webServer>
</configuration>
\ No newline at end of file diff --git a/src/OAuth/OAuthClient/WindowsLive.aspx b/src/OAuth/OAuthClient/WindowsLive.aspx index 5b8c8d4..ef51223 100644 --- a/src/OAuth/OAuthClient/WindowsLive.aspx +++ b/src/OAuth/OAuthClient/WindowsLive.aspx @@ -17,8 +17,8 @@ <pre>127.0.0.1 samples.dotnetopenauth.net</pre> <p> Then access this sample via this url: - <asp:HyperLink ID="publicLink" NavigateUrl="http://samples.dotnetopenauth.net:59721/WindowsLive.aspx" - runat="server">http://samples.dotnetopenauth.net:59721/WindowsLive.aspx</asp:HyperLink></p> + <asp:HyperLink ID="publicLink" NavigateUrl="http://samples.dotnetopenauth.net:59722/WindowsLive.aspx" + runat="server">http://samples.dotnetopenauth.net:59722/WindowsLive.aspx</asp:HyperLink></p> </asp:Panel> <div> Welcome, diff --git a/src/OAuth/OAuthClient/WindowsLive.aspx.cs b/src/OAuth/OAuthClient/WindowsLive.aspx.cs index b550e17..05101a7 100644 --- a/src/OAuth/OAuthClient/WindowsLive.aspx.cs +++ b/src/OAuth/OAuthClient/WindowsLive.aspx.cs @@ -14,7 +14,7 @@ public partial class WindowsLive : System.Web.UI.Page { private static readonly WindowsLiveClient client = new WindowsLiveClient { ClientIdentifier = ConfigurationManager.AppSettings["windowsLiveAppID"], - ClientSecret = ConfigurationManager.AppSettings["WindowsLiveAppSecret"], + ClientCredentialApplicator = ClientCredentialApplicator.PostParameter(ConfigurationManager.AppSettings["WindowsLiveAppSecret"]), }; protected void Page_Load(object sender, EventArgs e) { diff --git a/src/OAuth/OAuthClient/packages.config b/src/OAuth/OAuthClient/packages.config index 7704415..6754ed1 100644 --- a/src/OAuth/OAuthClient/packages.config +++ b/src/OAuth/OAuthClient/packages.config @@ -1,16 +1,28 @@ <?xml version="1.0" encoding="utf-8"?>
<packages>
- <package id="CodeContracts.Unofficial" version="1.0.0.2" />
- <package id="DotNetOpenAuth.Core" version="4.0.0.12084" />
- <package id="DotNetOpenAuth.OAuth.Common" version="4.0.0.12084" />
- <package id="DotNetOpenAuth.OAuth.Consumer" version="4.0.0.12084" />
- <package id="DotNetOpenAuth.OAuth.Core" version="4.0.0.12084" />
- <package id="DotNetOpenAuth.OAuth.ServiceProvider" version="4.0.0.12084" />
- <package id="DotNetOpenAuth.OAuth2.Client" version="0.23.0-draft" />
- <package id="DotNetOpenAuth.OAuth2.Client" version="0.23.0-draft2" />
- <package id="DotNetOpenAuth.OAuth2.Core" version="0.23.0-draft" />
- <package id="DotNetOpenAuth.OAuth2.Core" version="0.23.0-draft2" />
- <package id="DotNetOpenAuth.OpenId.Core" version="4.0.0.12084" />
- <package id="DotNetOpenAuth.OpenIdOAuth" version="4.0.0.12084" />
- <package id="log4net" version="2.0.0" />
+ <package id="CodeContracts.Unofficial" version="1.0.0.2" targetFramework="net40" />
+ <package id="DotNetOpenAuth" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.Core" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.Core.UI" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.InfoCard" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.InfoCard.UI" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OAuth.Common" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OAuth.Consumer" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OAuth.Core" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OAuth.ServiceProvider" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OAuth2.AuthorizationServer" version="0.25.0-draft1" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OAuth2.Client" version="0.25.0-draft1" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OAuth2.Client.UI" version="0.25.0-draft1" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OAuth2.ClientAuthorization" version="0.25.0-draft1" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OAuth2.Core" version="0.25.0-draft1" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OAuth2.ResourceServer" version="0.25.0-draft1" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OpenId.Core" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OpenId.Core.UI" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OpenId.Provider" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OpenId.Provider.UI" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OpenId.RelyingParty" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OpenId.RelyingParty.UI" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OpenIdInfoCard.UI" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OpenIdOAuth" version="4.1.0.12182" targetFramework="net40" />
+ <package id="log4net" version="2.0.0" targetFramework="net40" />
</packages>
\ No newline at end of file diff --git a/src/OAuth/OAuthConsumer/OAuthConsumer.csproj b/src/OAuth/OAuthConsumer/OAuthConsumer.csproj index 2e362f2..596d39a 100644 --- a/src/OAuth/OAuthConsumer/OAuthConsumer.csproj +++ b/src/OAuth/OAuthConsumer/OAuthConsumer.csproj @@ -1,6 +1,18 @@ <?xml version="1.0" encoding="utf-8"?>
<Project ToolsVersion="4.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
<Import Project="$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.props))\EnlistmentInfo.props" Condition=" '$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.props))' != '' " />
+ <Import Project="$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props" Condition="Exists('$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props')" />
+ <PropertyGroup>
+ <VisualStudioVersion Condition="'$(VisualStudioVersion)' == ''">10.0</VisualStudioVersion>
+ <VSToolsPath Condition="'$(VSToolsPath)' == ''">$(MSBuildExtensionsPath32)\Microsoft\VisualStudio\v$(VisualStudioVersion)</VSToolsPath>
+ <OldToolsVersion>4.0</OldToolsVersion>
+ <IISExpressSSLPort />
+ <IISExpressAnonymousAuthentication />
+ <IISExpressWindowsAuthentication />
+ <IISExpressUseClassicPipelineMode />
+ <SolutionDir Condition="$(SolutionDir) == '' Or $(SolutionDir) == '*Undefined*'">..\..\..\</SolutionDir>
+ <RestorePackages>true</RestorePackages>
+ </PropertyGroup>
<PropertyGroup>
<Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration>
<Platform Condition=" '$(Platform)' == '' ">AnyCPU</Platform>
@@ -16,8 +28,6 @@ <TargetFrameworkVersion>v4.0</TargetFrameworkVersion>
<TargetFrameworkProfile />
<UseIISExpress>false</UseIISExpress>
- <SolutionDir Condition="$(SolutionDir) == '' Or $(SolutionDir) == '*Undefined*'">..\..\..\</SolutionDir>
- <RestorePackages>true</RestorePackages>
</PropertyGroup>
<PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' ">
<DebugSymbols>true</DebugSymbols>
@@ -40,26 +50,35 @@ <DefineConstants>$(DefineConstants);SAMPLESONLY</DefineConstants>
</PropertyGroup>
<ItemGroup>
- <Reference Include="DotNetOpenAuth.Core, Version=4.0.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
- <HintPath>..\..\..\packages\DotNetOpenAuth.Core.4.0.0.12084\lib\net40-full\DotNetOpenAuth.Core.dll</HintPath>
+ <Reference Include="DotNetOpenAuth.Core, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.Core.4.1.0.12182\lib\net40-full\DotNetOpenAuth.Core.dll</HintPath>
+ </Reference>
+ <Reference Include="DotNetOpenAuth.OAuth, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth.Core.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OAuth.dll</HintPath>
+ </Reference>
+ <Reference Include="DotNetOpenAuth.OAuth.Common, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth.Common.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OAuth.Common.dll</HintPath>
</Reference>
- <Reference Include="DotNetOpenAuth.OAuth, Version=4.0.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
- <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth.Core.4.0.0.12084\lib\net40-full\DotNetOpenAuth.OAuth.dll</HintPath>
+ <Reference Include="DotNetOpenAuth.OAuth.Consumer, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth.Consumer.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OAuth.Consumer.dll</HintPath>
</Reference>
- <Reference Include="DotNetOpenAuth.OAuth.Common, Version=4.0.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
- <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth.Common.4.0.0.12084\lib\net40-full\DotNetOpenAuth.OAuth.Common.dll</HintPath>
+ <Reference Include="DotNetOpenAuth.OAuth.ServiceProvider, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth.ServiceProvider.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OAuth.ServiceProvider.dll</HintPath>
</Reference>
- <Reference Include="DotNetOpenAuth.OAuth.Consumer, Version=4.0.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
- <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth.Consumer.4.0.0.12084\lib\net40-full\DotNetOpenAuth.OAuth.Consumer.dll</HintPath>
+ <Reference Include="DotNetOpenAuth.OAuth2, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth2.Core.0.25.0-draft1\lib\net40-full\DotNetOpenAuth.OAuth2.dll</HintPath>
</Reference>
- <Reference Include="DotNetOpenAuth.OAuth.ServiceProvider, Version=4.0.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
- <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth.ServiceProvider.4.0.0.12084\lib\net40-full\DotNetOpenAuth.OAuth.ServiceProvider.dll</HintPath>
+ <Reference Include="DotNetOpenAuth.OAuth2.Client, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth2.Client.0.25.0-draft1\lib\net40-full\DotNetOpenAuth.OAuth2.Client.dll</HintPath>
</Reference>
- <Reference Include="DotNetOpenAuth.OpenId, Version=4.0.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
- <HintPath>..\..\..\packages\DotNetOpenAuth.OpenId.Core.4.0.0.12084\lib\net40-full\DotNetOpenAuth.OpenId.dll</HintPath>
+ <Reference Include="DotNetOpenAuth.OAuth2.ClientAuthorization, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth2.ClientAuthorization.0.25.0-draft1\lib\net40-full\DotNetOpenAuth.OAuth2.ClientAuthorization.dll</HintPath>
</Reference>
- <Reference Include="DotNetOpenAuth.OpenIdOAuth, Version=4.0.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
- <HintPath>..\..\..\packages\DotNetOpenAuth.OpenIdOAuth.4.0.0.12084\lib\net40-full\DotNetOpenAuth.OpenIdOAuth.dll</HintPath>
+ <Reference Include="DotNetOpenAuth.OpenId, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OpenId.Core.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OpenId.dll</HintPath>
+ </Reference>
+ <Reference Include="DotNetOpenAuth.OpenIdOAuth, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OpenIdOAuth.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OpenIdOAuth.dll</HintPath>
</Reference>
<Reference Include="log4net">
<HintPath>..\..\..\packages\log4net.2.0.0\lib\net40-full\log4net.dll</HintPath>
@@ -101,7 +120,9 @@ <Content Include="SignInWithTwitter.aspx" />
<Content Include="TracePage.aspx" />
<Content Include="Twitter.aspx" />
- <Content Include="Web.config" />
+ <Content Include="Web.config">
+ <SubType>Designer</SubType>
+ </Content>
<None Include="Service References\SampleServiceProvider\DataApi1.xsd">
<SubType>Designer</SubType>
</None>
@@ -195,7 +216,8 @@ <WCFMetadataStorage Include="Service References\SampleServiceProvider\" />
</ItemGroup>
<Import Project="$(MSBuildBinPath)\Microsoft.CSharp.targets" />
- <Import Project="$(MSBuildExtensionsPath32)\Microsoft\VisualStudio\v10.0\WebApplications\Microsoft.WebApplication.targets" />
+ <Import Project="$(VSToolsPath)\WebApplications\Microsoft.WebApplication.targets" Condition="'$(VSToolsPath)' != ''" />
+ <Import Project="$(MSBuildExtensionsPath32)\Microsoft\VisualStudio\v10.0\WebApplications\Microsoft.WebApplication.targets" Condition="false" />
<ProjectExtensions>
<VisualStudio>
<FlavorProperties GUID="{349c5851-65df-11da-9384-00065b846f21}">
diff --git a/src/OAuth/OAuthConsumer/Web.config b/src/OAuth/OAuthConsumer/Web.config index 3963433..09458df 100644 --- a/src/OAuth/OAuthConsumer/Web.config +++ b/src/OAuth/OAuthConsumer/Web.config @@ -3,16 +3,42 @@ <configSections>
<section name="log4net" type="log4net.Config.Log4NetConfigurationSectionHandler" requirePermission="false" />
<sectionGroup name="dotNetOpenAuth" type="DotNetOpenAuth.Configuration.DotNetOpenAuthSection, DotNetOpenAuth.Core">
+ <section name="oauth" type="DotNetOpenAuth.Configuration.OAuthElement, DotNetOpenAuth.OAuth" requirePermission="false" allowLocation="true" />
<section name="messaging" type="DotNetOpenAuth.Configuration.MessagingElement, DotNetOpenAuth.Core" requirePermission="false" allowLocation="true" />
<section name="reporting" type="DotNetOpenAuth.Configuration.ReportingElement, DotNetOpenAuth.Core" requirePermission="false" allowLocation="true" />
- <section name="oauth" type="DotNetOpenAuth.Configuration.OAuthElement, DotNetOpenAuth.OAuth" requirePermission="false" allowLocation="true" />
<section name="openid" type="DotNetOpenAuth.Configuration.OpenIdElement, DotNetOpenAuth.OpenId" requirePermission="false" allowLocation="true" />
</sectionGroup>
</configSections>
<!-- The uri section is necessary to turn on .NET 3.5 support for IDN (international domain names),
which is necessary for OpenID urls with unicode characters in the domain/host name.
It is also required to put the Uri class into RFC 3986 escaping mode, which OpenID and OAuth require. -->
+ <uri>
+ <idn enabled="All" />
+ <iriParsing enabled="true" />
+ </uri>
+ <system.net>
+ <defaultProxy enabled="true" />
+ <settings>
+ <!-- This setting causes .NET to check certificate revocation lists (CRL)
+ before trusting HTTPS certificates. But this setting tends to not
+ be allowed in shared hosting environments. -->
+ <!--<servicePointManager checkCertificateRevocationList="true"/>-->
+ </settings>
+ </system.net>
<!-- this is an optional configuration section where aspects of dotnetopenauth can be customized -->
+ <dotNetOpenAuth>
+ <!-- Allow DotNetOpenAuth to publish usage statistics to library authors to improve the library. -->
+ <reporting enabled="true" />
+ <messaging>
+ <untrustedWebRequest>
+ <whitelistHosts>
+ <!-- Uncomment to enable communication with localhost (should generally not activate in production!) -->
+ <!--<add name="localhost" />-->
+ </whitelistHosts>
+ </untrustedWebRequest>
+ </messaging>
+ <openid></openid>
+ </dotNetOpenAuth>
<appSettings>
<!-- Fill in your various consumer keys and secrets here to make the sample work. -->
<!-- You must get these values by signing up with each individual service provider. -->
@@ -101,40 +127,11 @@ </endpoint>
</client>
</system.serviceModel>
- <system.net>
- <defaultProxy enabled="true" />
- <settings>
- <!-- This setting causes .NET to check certificate revocation lists (CRL)
- before trusting HTTPS certificates. But this setting tends to not
- be allowed in shared hosting environments. -->
- <!--<servicePointManager checkCertificateRevocationList="true"/>-->
- </settings>
- </system.net>
+ <system.webServer>
+ <modules runAllManagedModulesForAllRequests="true" />
+ </system.webServer>
<runtime>
<!-- This prevents the Windows Event Log from frequently logging that HMAC1 is being used (when the other party needs it). -->
<legacyHMACWarning enabled="0" />
</runtime>
- <dotNetOpenAuth>
- <messaging>
- <untrustedWebRequest>
- <whitelistHosts>
- <!-- Uncomment to enable communication with localhost (should generally not activate in production!) -->
- <!--<add name="localhost" />-->
- </whitelistHosts>
- </untrustedWebRequest>
- </messaging>
- <!-- Allow DotNetOpenAuth to publish usage statistics to library authors to improve the library. -->
- <reporting enabled="true" />
- <openid></openid>
- </dotNetOpenAuth>
- <uri>
- <!-- See an error due to this section? When targeting .NET 3.5, please add the following line to your <configSections> at the top of this file:
- <section name="uri" type="System.Configuration.UriSection, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
- -->
- <!-- The uri section is necessary to turn on .NET 3.5 support for IDN (international domain names),
- which is necessary for OpenID urls with unicode characters in the domain/host name.
- It is also required to put the Uri class into RFC 3986 escaping mode, which OpenID and OAuth require. -->
- <idn enabled="All" />
- <iriParsing enabled="true" />
- </uri>
</configuration>
\ No newline at end of file diff --git a/src/OAuth/OAuthConsumer/packages.config b/src/OAuth/OAuthConsumer/packages.config index 56ae497..704c1fe 100644 --- a/src/OAuth/OAuthConsumer/packages.config +++ b/src/OAuth/OAuthConsumer/packages.config @@ -1,12 +1,15 @@ <?xml version="1.0" encoding="utf-8"?>
<packages>
- <package id="CodeContracts.Unofficial" version="1.0.0.2" />
- <package id="DotNetOpenAuth.Core" version="4.0.0.12084" />
- <package id="DotNetOpenAuth.OAuth.Common" version="4.0.0.12084" />
- <package id="DotNetOpenAuth.OAuth.Consumer" version="4.0.0.12084" />
- <package id="DotNetOpenAuth.OAuth.Core" version="4.0.0.12084" />
- <package id="DotNetOpenAuth.OAuth.ServiceProvider" version="4.0.0.12084" />
- <package id="DotNetOpenAuth.OpenId.Core" version="4.0.0.12084" />
- <package id="DotNetOpenAuth.OpenIdOAuth" version="4.0.0.12084" />
- <package id="log4net" version="2.0.0" />
+ <package id="CodeContracts.Unofficial" version="1.0.0.2" targetFramework="net40" />
+ <package id="DotNetOpenAuth.Core" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OAuth.Common" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OAuth.Consumer" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OAuth.Core" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OAuth.ServiceProvider" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OAuth2.Client" version="0.25.0-draft1" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OAuth2.ClientAuthorization" version="0.25.0-draft1" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OAuth2.Core" version="0.25.0-draft1" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OpenId.Core" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OpenIdOAuth" version="4.1.0.12182" targetFramework="net40" />
+ <package id="log4net" version="2.0.0" targetFramework="net40" />
</packages>
\ No newline at end of file diff --git a/src/OAuth/OAuthConsumerWpf/App.config b/src/OAuth/OAuthConsumerWpf/App.config index 472f77a..36085ab 100644 --- a/src/OAuth/OAuthConsumerWpf/App.config +++ b/src/OAuth/OAuthConsumerWpf/App.config @@ -1,98 +1,106 @@ -<?xml version="1.0"?> +<?xml version="1.0" encoding="utf-8"?> <configuration> - <configSections> - <section name="uri" type="System.Configuration.UriSection, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"/> - <section name="log4net" type="log4net.Config.Log4NetConfigurationSectionHandler" requirePermission="false"/> - <sectionGroup name="dotNetOpenAuth" type="DotNetOpenAuth.Configuration.DotNetOpenAuthSection, DotNetOpenAuth.Core"> - <section name="openid" type="DotNetOpenAuth.Configuration.OpenIdElement, DotNetOpenAuth.OpenId" requirePermission="false" allowLocation="true"/> - <section name="oauth" type="DotNetOpenAuth.Configuration.OAuthElement, DotNetOpenAuth.OAuth" requirePermission="false" allowLocation="true"/> - <section name="messaging" type="DotNetOpenAuth.Configuration.MessagingElement, DotNetOpenAuth.Core" requirePermission="false" allowLocation="true"/> - <section name="reporting" type="DotNetOpenAuth.Configuration.ReportingElement, DotNetOpenAuth.Core" requirePermission="false" allowLocation="true"/> - </sectionGroup> - </configSections> - - <!-- The uri section is necessary to turn on .NET 3.5 support for IDN (international domain names), + <configSections> + <section name="uri" type="System.Configuration.UriSection, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" /> + <section name="log4net" type="log4net.Config.Log4NetConfigurationSectionHandler" requirePermission="false" /> + <sectionGroup name="dotNetOpenAuth" type="DotNetOpenAuth.Configuration.DotNetOpenAuthSection, DotNetOpenAuth.Core"> + <section name="openid" type="DotNetOpenAuth.Configuration.OpenIdElement, DotNetOpenAuth.OpenId" requirePermission="false" allowLocation="true" /> + <section name="oauth" type="DotNetOpenAuth.Configuration.OAuthElement, DotNetOpenAuth.OAuth" requirePermission="false" allowLocation="true" /> + <section name="messaging" type="DotNetOpenAuth.Configuration.MessagingElement, DotNetOpenAuth.Core" requirePermission="false" allowLocation="true" /> + <section name="reporting" type="DotNetOpenAuth.Configuration.ReportingElement, DotNetOpenAuth.Core" requirePermission="false" allowLocation="true" /> + </sectionGroup> + </configSections> + <!-- The uri section is necessary to turn on .NET 3.5 support for IDN (international domain names), which is necessary for OpenID urls with unicode characters in the domain/host name. It is also required to put the Uri class into RFC 3986 escaping mode, which OpenID and OAuth require. --> - <uri> - <idn enabled="All"/> - <iriParsing enabled="true"/> - </uri> - - <system.net> - <defaultProxy enabled="true"/> - <settings> - <!-- This setting causes .NET to check certificate revocation lists (CRL) + <uri> + <idn enabled="All" /> + <iriParsing enabled="true" /> + </uri> + <system.net> + <defaultProxy enabled="true" /> + <settings> + <!-- This setting causes .NET to check certificate revocation lists (CRL) before trusting HTTPS certificates. But this setting tends to not be allowed in shared hosting environments. --> - <!--<servicePointManager checkCertificateRevocationList="true"/>--> - </settings> - </system.net> - - <!-- this is an optional configuration section where aspects of dotnetopenauth can be customized --> - <dotNetOpenAuth> - <!-- Allow DotNetOpenAuth to publish usage statistics to library authors to improve the library. --> - <reporting enabled="true"/> - - <!-- Relaxing SSL requirements is useful for simple samples, but NOT a good idea in production. --> - <messaging relaxSslRequirements="true"/> - </dotNetOpenAuth> - - <appSettings> - <!-- Fill in your various consumer keys and secrets here to make the sample work. --> - <!-- You must get these values by signing up with each individual service provider. --> - <!-- Google sign-up: https://www.google.com/accounts/ManageDomains --> - <add key="googleConsumerKey" value="anonymous"/> - <!-- Google requires either a secret or an X.509 certificate. This sample will use + <!--<servicePointManager checkCertificateRevocationList="true"/>--> + </settings> + </system.net> + <!-- this is an optional configuration section where aspects of dotnetopenauth can be customized --> + <dotNetOpenAuth> + <!-- Allow DotNetOpenAuth to publish usage statistics to library authors to improve the library. --> + <reporting enabled="true" /> + <!-- Relaxing SSL requirements is useful for simple samples, but NOT a good idea in production. --> + <messaging relaxSslRequirements="true" /> + </dotNetOpenAuth> + <appSettings> + <!-- Fill in your various consumer keys and secrets here to make the sample work. --> + <!-- You must get these values by signing up with each individual service provider. --> + <!-- Google sign-up: https://www.google.com/accounts/ManageDomains --> + <add key="googleConsumerKey" value="anonymous" /> + <!-- Google requires either a secret or an X.509 certificate. This sample will use the certificate if it is specified, otherwise it will use the shared secret. --> - <add key="googleConsumerSecret" value="anonymous"/> - <add key="googleConsumerCertificateFile" value=""/> - <add key="googleConsumerCertificatePassword" value=""/> - </appSettings> - - <log4net> - <appender name="RollingFileAppender" type="log4net.Appender.RollingFileAppender"> - <file value="Testing.log"/> - <appendToFile value="true"/> - <rollingStyle value="Size"/> - <maxSizeRollBackups value="10"/> - <maximumFileSize value="1024KB"/> - <staticLogFileName value="true"/> - <layout type="log4net.Layout.PatternLayout"> - <conversionPattern value="%date [%thread] %-5level %logger - %message%newline"/> - </layout> - </appender> - <!-- Setup the root category, add the appenders and set the default level --> - <root> - <level value="INFO"/> - <appender-ref ref="RollingFileAppender"/> - </root> - <!-- Specify the level for some specific categories --> - <logger name="DotNetOpenAuth"> - <level value="ALL"/> - </logger> - </log4net> - <system.serviceModel> - <bindings> - <wsHttpBinding> - <binding name="WSHttpBinding_IDataApi" closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00" bypassProxyOnLocal="false" transactionFlow="false" hostNameComparisonMode="StrongWildcard" maxBufferPoolSize="524288" maxReceivedMessageSize="65536" messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true" allowCookies="false"> - <readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384" maxBytesPerRead="4096" maxNameTableCharCount="16384"/> - <reliableSession ordered="true" inactivityTimeout="00:10:00" enabled="false"/> - <security mode="Message"> - <transport clientCredentialType="Windows" proxyCredentialType="None" realm=""> - <extendedProtectionPolicy policyEnforcement="Never"/> - </transport> - <message clientCredentialType="Windows" negotiateServiceCredential="true" algorithmSuite="Default" establishSecurityContext="true"/> - </security> - </binding> - </wsHttpBinding> - </bindings> - <client> - <endpoint address="http://localhost:65169/DataApi.svc" binding="wsHttpBinding" bindingConfiguration="WSHttpBinding_IDataApi" contract="WcfSampleService.IDataApi" name="WSHttpBinding_IDataApi"> - <identity> - <dns value="localhost"/> - </identity> - </endpoint> - </client> - </system.serviceModel> -<startup><supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.0"/></startup></configuration> + <add key="googleConsumerSecret" value="anonymous" /> + <add key="googleConsumerCertificateFile" value="" /> + <add key="googleConsumerCertificatePassword" value="" /> + </appSettings> + <log4net> + <appender name="RollingFileAppender" type="log4net.Appender.RollingFileAppender"> + <file value="Testing.log" /> + <appendToFile value="true" /> + <rollingStyle value="Size" /> + <maxSizeRollBackups value="10" /> + <maximumFileSize value="1024KB" /> + <staticLogFileName value="true" /> + <layout type="log4net.Layout.PatternLayout"> + <conversionPattern value="%date [%thread] %-5level %logger - %message%newline" /> + </layout> + </appender> + <!-- Setup the root category, add the appenders and set the default level --> + <root> + <level value="INFO" /> + <appender-ref ref="RollingFileAppender" /> + </root> + <!-- Specify the level for some specific categories --> + <logger name="DotNetOpenAuth"> + <level value="ALL" /> + </logger> + </log4net> + <system.serviceModel> + <bindings> + <wsHttpBinding> + <binding name="WSHttpBinding_IDataApi" closeTimeout="00:01:00" + openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00" + bypassProxyOnLocal="false" transactionFlow="false" hostNameComparisonMode="StrongWildcard" + maxBufferPoolSize="524288" maxReceivedMessageSize="65536" + messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true" + allowCookies="false"> + <readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384" + maxBytesPerRead="4096" maxNameTableCharCount="16384" /> + <reliableSession ordered="true" inactivityTimeout="00:10:00" + enabled="false" /> + <security mode="Message"> + <transport clientCredentialType="Windows" proxyCredentialType="None" + realm=""> + <extendedProtectionPolicy policyEnforcement="Never" /> + </transport> + <message clientCredentialType="Windows" negotiateServiceCredential="true" + algorithmSuite="Default" establishSecurityContext="true" /> + </security> + </binding> + </wsHttpBinding> + </bindings> + <client> + <endpoint address="http://localhost:65169/DataApi.svc" + binding="wsHttpBinding" bindingConfiguration="WSHttpBinding_IDataApi" + contract="WcfSampleService.IDataApi" name="WSHttpBinding_IDataApi"> + <identity> + <dns value="localhost" /> + </identity> + </endpoint> + </client> + </system.serviceModel> + <startup> + <supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.0" /> + </startup> +</configuration>
\ No newline at end of file diff --git a/src/OAuth/OAuthConsumerWpf/Authorize2.xaml.cs b/src/OAuth/OAuthConsumerWpf/Authorize2.xaml.cs index 64a10e2..2787bb7 100644 --- a/src/OAuth/OAuthConsumerWpf/Authorize2.xaml.cs +++ b/src/OAuth/OAuthConsumerWpf/Authorize2.xaml.cs @@ -1,15 +1,13 @@ namespace DotNetOpenAuth.Samples.OAuthConsumerWpf { - using System.Windows; - using DotNetOpenAuth.OAuth2; + + using DotNetOpenAuth.OAuth2; /// <summary> /// Interaction logic for Authorize2.xaml /// </summary> public partial class Authorize2 : Window { internal Authorize2(UserAgentClient client) { - //System.Diagnostics.Contracts.Contract.Requires(client != null, "client"); - this.InitializeComponent(); this.clientAuthorizationView.Client = client; } diff --git a/src/OAuth/OAuthConsumerWpf/OAuthConsumerWpf.csproj b/src/OAuth/OAuthConsumerWpf/OAuthConsumerWpf.csproj index 98e4a82..c318fcb 100644 --- a/src/OAuth/OAuthConsumerWpf/OAuthConsumerWpf.csproj +++ b/src/OAuth/OAuthConsumerWpf/OAuthConsumerWpf.csproj @@ -70,25 +70,37 @@ </PropertyGroup>
<ItemGroup>
<Reference Include="DotNetOpenAuth.Core">
- <HintPath>..\..\..\packages\DotNetOpenAuth.Core.4.0.0.12084\lib\net40-full\DotNetOpenAuth.Core.dll</HintPath>
+ <HintPath>..\..\..\packages\DotNetOpenAuth.Core.4.1.0.12182\lib\net40-full\DotNetOpenAuth.Core.dll</HintPath>
</Reference>
<Reference Include="DotNetOpenAuth.OAuth">
- <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth.Core.4.0.0.12084\lib\net40-full\DotNetOpenAuth.OAuth.dll</HintPath>
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth.Core.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OAuth.dll</HintPath>
+ </Reference>
+ <Reference Include="DotNetOpenAuth.OAuth.Common">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth.Common.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OAuth.Common.dll</HintPath>
</Reference>
<Reference Include="DotNetOpenAuth.OAuth.Consumer">
- <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth.Consumer.4.0.0.12084\lib\net40-full\DotNetOpenAuth.OAuth.Consumer.dll</HintPath>
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth.Consumer.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OAuth.Consumer.dll</HintPath>
</Reference>
<Reference Include="DotNetOpenAuth.OAuth2">
- <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth2.Core.0.23.0-draft2\lib\net40-full\DotNetOpenAuth.OAuth2.dll</HintPath>
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth2.Core.0.25.0-draft1\lib\net40-full\DotNetOpenAuth.OAuth2.dll</HintPath>
+ </Reference>
+ <Reference Include="DotNetOpenAuth.OAuth2.AuthorizationServer">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth2.AuthorizationServer.0.25.0-draft1\lib\net40-full\DotNetOpenAuth.OAuth2.AuthorizationServer.dll</HintPath>
</Reference>
<Reference Include="DotNetOpenAuth.OAuth2.Client">
- <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth2.Client.0.23.0-draft2\lib\net40-full\DotNetOpenAuth.OAuth2.Client.dll</HintPath>
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth2.Client.0.25.0-draft1\lib\net40-full\DotNetOpenAuth.OAuth2.Client.dll</HintPath>
</Reference>
<Reference Include="DotNetOpenAuth.OAuth2.Client.UI">
- <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth2.Client.UI.0.23.0-draft2\lib\net40-full\DotNetOpenAuth.OAuth2.Client.UI.dll</HintPath>
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth2.Client.UI.0.25.0-draft1\lib\net40-full\DotNetOpenAuth.OAuth2.Client.UI.dll</HintPath>
+ </Reference>
+ <Reference Include="DotNetOpenAuth.OAuth2.ClientAuthorization">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth2.ClientAuthorization.0.25.0-draft1\lib\net40-full\DotNetOpenAuth.OAuth2.ClientAuthorization.dll</HintPath>
+ </Reference>
+ <Reference Include="DotNetOpenAuth.OAuth2.ResourceServer">
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth2.ResourceServer.0.25.0-draft1\lib\net40-full\DotNetOpenAuth.OAuth2.ResourceServer.dll</HintPath>
</Reference>
<Reference Include="log4net">
- <HintPath>..\..\..\packages\log4net.2.0.0\lib\net35-full\log4net.dll</HintPath>
+ <HintPath>..\..\..\packages\log4net.2.0.0\lib\net40-full\log4net.dll</HintPath>
</Reference>
<Reference Include="Microsoft.Contracts">
<HintPath>..\..\..\packages\CodeContracts.Unofficial.1.0.0.2\lib\net35-client\Microsoft.Contracts.dll</HintPath>
diff --git a/src/OAuth/OAuthConsumerWpf/packages.config b/src/OAuth/OAuthConsumerWpf/packages.config index 23deca0..6c94766 100644 --- a/src/OAuth/OAuthConsumerWpf/packages.config +++ b/src/OAuth/OAuthConsumerWpf/packages.config @@ -1,14 +1,15 @@ <?xml version="1.0" encoding="utf-8"?>
<packages>
- <package id="CodeContracts.Unofficial" version="1.0.0.2" />
- <package id="DotNetOpenAuth.Core" version="4.0.0.12084" />
- <package id="DotNetOpenAuth.OAuth.Consumer" version="4.0.0.12084" />
- <package id="DotNetOpenAuth.OAuth.Core" version="4.0.0.12084" />
- <package id="DotNetOpenAuth.OAuth2.Client" version="0.23.0-draft" />
- <package id="DotNetOpenAuth.OAuth2.Client" version="0.23.0-draft2" />
- <package id="DotNetOpenAuth.OAuth2.Client.UI" version="0.23.0-draft" />
- <package id="DotNetOpenAuth.OAuth2.Client.UI" version="0.23.0-draft2" />
- <package id="DotNetOpenAuth.OAuth2.Core" version="0.23.0-draft" />
- <package id="DotNetOpenAuth.OAuth2.Core" version="0.23.0-draft2" />
- <package id="log4net" version="2.0.0" />
+ <package id="CodeContracts.Unofficial" version="1.0.0.2" targetFramework="net40" />
+ <package id="DotNetOpenAuth.Core" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OAuth.Common" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OAuth.Consumer" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OAuth.Core" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OAuth2.AuthorizationServer" version="0.25.0-draft1" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OAuth2.Client" version="0.25.0-draft1" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OAuth2.Client.UI" version="0.25.0-draft1" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OAuth2.ClientAuthorization" version="0.25.0-draft1" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OAuth2.Core" version="0.25.0-draft1" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OAuth2.ResourceServer" version="0.25.0-draft1" targetFramework="net40" />
+ <package id="log4net" version="2.0.0" targetFramework="net40" />
</packages>
\ No newline at end of file diff --git a/src/OAuth/OAuthResourceServer/Code/OAuthAuthorizationManager.cs b/src/OAuth/OAuthResourceServer/Code/OAuthAuthorizationManager.cs index 8d0c13d..62b1c59 100644 --- a/src/OAuth/OAuthResourceServer/Code/OAuthAuthorizationManager.cs +++ b/src/OAuth/OAuthResourceServer/Code/OAuthAuthorizationManager.cs @@ -7,7 +7,7 @@ using System.ServiceModel; using System.ServiceModel.Channels; using System.ServiceModel.Security; - + using System.ServiceModel.Web; using DotNetOpenAuth.Messaging; using DotNetOpenAuth.OAuth2; @@ -29,7 +29,7 @@ var requestUri = operationContext.RequestContext.RequestMessage.Properties.Via; try { - var principal = VerifyOAuth2(httpDetails, requestUri); + var principal = VerifyOAuth2(httpDetails, requestUri, operationContext.IncomingMessageHeaders.Action ?? operationContext.IncomingMessageHeaders.To.AbsolutePath); if (principal != null) { var policy = new OAuthPrincipalAuthorizationPolicy(principal); var policies = new List<IAuthorizationPolicy> { @@ -49,11 +49,16 @@ principal.Identity, }; - // Only allow this method call if the access token scope permits it. - return principal.IsInRole(operationContext.IncomingMessageHeaders.Action ?? operationContext.IncomingMessageHeaders.To.AbsolutePath); + return true; } else { return false; } + } catch (ProtocolFaultResponseException ex) { + Global.Logger.Error("Error processing OAuth messages.", ex); + + // Return the appropriate unauthorized response to the client. + var outgoingResponse = ex.CreateErrorResponse(); + outgoingResponse.Respond(WebOperationContext.Current.OutgoingResponse); } catch (ProtocolException ex) { Global.Logger.Error("Error processing OAuth messages.", ex); } @@ -61,18 +66,13 @@ return false; } - private static IPrincipal VerifyOAuth2(HttpRequestMessageProperty httpDetails, Uri requestUri) { + private static IPrincipal VerifyOAuth2(HttpRequestMessageProperty httpDetails, Uri requestUri, params string[] requiredScopes) { // for this sample where the auth server and resource server are the same site, // we use the same public/private key. using (var signing = Global.CreateAuthorizationServerSigningServiceProvider()) { using (var encrypting = Global.CreateResourceServerEncryptionServiceProvider()) { var resourceServer = new ResourceServer(new StandardAccessTokenAnalyzer(signing, encrypting)); - - IPrincipal result; - var error = resourceServer.VerifyAccess(HttpRequestInfo.Create(httpDetails, requestUri), out result); - - // TODO: return the prepared error code. - return error != null ? null : result; + return resourceServer.GetPrincipal(httpDetails, requestUri, requiredScopes); } } } diff --git a/src/OAuth/OAuthResourceServer/OAuthResourceServer.csproj b/src/OAuth/OAuthResourceServer/OAuthResourceServer.csproj index 9904726..80de421 100644 --- a/src/OAuth/OAuthResourceServer/OAuthResourceServer.csproj +++ b/src/OAuth/OAuthResourceServer/OAuthResourceServer.csproj @@ -1,6 +1,19 @@ <?xml version="1.0" encoding="utf-8"?>
<Project ToolsVersion="4.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
<Import Project="$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.props))\EnlistmentInfo.props" Condition=" '$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.props))' != '' " />
+ <Import Project="$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props" Condition="Exists('$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props')" />
+ <PropertyGroup>
+ <VisualStudioVersion Condition="'$(VisualStudioVersion)' == ''">10.0</VisualStudioVersion>
+ <VSToolsPath Condition="'$(VSToolsPath)' == ''">$(MSBuildExtensionsPath32)\Microsoft\VisualStudio\v$(VisualStudioVersion)</VSToolsPath>
+ <OldToolsVersion>4.0</OldToolsVersion>
+ <IISExpressSSLPort />
+ <IISExpressAnonymousAuthentication />
+ <IISExpressWindowsAuthentication />
+ <IISExpressUseClassicPipelineMode />
+ <TargetFrameworkProfile />
+ <SolutionDir Condition="$(SolutionDir) == '' Or $(SolutionDir) == '*Undefined*'">..\..\..\</SolutionDir>
+ <RestorePackages>true</RestorePackages>
+ </PropertyGroup>
<PropertyGroup>
<Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration>
<Platform Condition=" '$(Platform)' == '' ">AnyCPU</Platform>
@@ -14,10 +27,7 @@ <RootNamespace>OAuthResourceServer</RootNamespace>
<AssemblyName>OAuthResourceServer</AssemblyName>
<TargetFrameworkVersion>v4.0</TargetFrameworkVersion>
- <UseIISExpress>false</UseIISExpress>
- <SolutionDir Condition="$(SolutionDir) == '' Or $(SolutionDir) == '*Undefined*'">..\..\..\</SolutionDir>
- <RestorePackages>true</RestorePackages>
- <TargetFrameworkProfile />
+ <UseIISExpress>true</UseIISExpress>
</PropertyGroup>
<PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' ">
<DebugSymbols>true</DebugSymbols>
@@ -38,16 +48,16 @@ </PropertyGroup>
<ItemGroup>
<Reference Include="DotNetOpenAuth.Core">
- <HintPath>..\..\..\packages\DotNetOpenAuth.Core.4.0.0.12084\lib\net40-full\DotNetOpenAuth.Core.dll</HintPath>
+ <HintPath>..\..\..\packages\DotNetOpenAuth.Core.4.1.0.12182\lib\net40-full\DotNetOpenAuth.Core.dll</HintPath>
</Reference>
<Reference Include="DotNetOpenAuth.OAuth.Common">
- <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth.Common.4.0.0.12084\lib\net40-full\DotNetOpenAuth.OAuth.Common.dll</HintPath>
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth.Common.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OAuth.Common.dll</HintPath>
</Reference>
<Reference Include="DotNetOpenAuth.OAuth2">
- <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth2.Core.0.23.0-draft2\lib\net40-full\DotNetOpenAuth.OAuth2.dll</HintPath>
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth2.Core.0.25.0-draft1\lib\net40-full\DotNetOpenAuth.OAuth2.dll</HintPath>
</Reference>
<Reference Include="DotNetOpenAuth.OAuth2.ResourceServer">
- <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth2.ResourceServer.0.23.0-draft2\lib\net40-full\DotNetOpenAuth.OAuth2.ResourceServer.dll</HintPath>
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth2.ResourceServer.0.25.0-draft1\lib\net40-full\DotNetOpenAuth.OAuth2.ResourceServer.dll</HintPath>
</Reference>
<Reference Include="log4net">
<HintPath>..\..\..\packages\log4net.2.0.0\lib\net40-full\log4net.dll</HintPath>
@@ -124,17 +134,17 @@ <Content Include="packages.config" />
</ItemGroup>
<Import Project="$(MSBuildBinPath)\Microsoft.CSharp.targets" />
- <Import Project="$(MSBuildExtensionsPath32)\Microsoft\VisualStudio\v10.0\WebApplications\Microsoft.WebApplication.targets" />
+ <Import Project="$(VSToolsPath)\WebApplications\Microsoft.WebApplication.targets" Condition="'$(VSToolsPath)' != ''" />
+ <Import Project="$(MSBuildExtensionsPath32)\Microsoft\VisualStudio\v10.0\WebApplications\Microsoft.WebApplication.targets" Condition="false" />
<ProjectExtensions>
<VisualStudio>
<FlavorProperties GUID="{349c5851-65df-11da-9384-00065b846f21}">
<WebProjectProperties>
- <UseIIS>False</UseIIS>
+ <UseIIS>True</UseIIS>
<AutoAssignPort>False</AutoAssignPort>
- <DevelopmentServerPort>65169</DevelopmentServerPort>
+ <DevelopmentServerPort>65170</DevelopmentServerPort>
<DevelopmentServerVPath>/</DevelopmentServerVPath>
- <IISUrl>
- </IISUrl>
+ <IISUrl>http://localhost:65170/</IISUrl>
<NTLMAuthentication>False</NTLMAuthentication>
<UseCustomServer>False</UseCustomServer>
<CustomServerUrl>
@@ -144,12 +154,12 @@ </FlavorProperties>
</VisualStudio>
</ProjectExtensions>
- <!-- To modify your build process, add your task inside one of the targets below and uncomment it. - Other similar extension points exist, see Microsoft.Common.targets. - <Target Name="BeforeBuild"> - </Target> - <Target Name="AfterBuild"> - </Target> + <!-- To modify your build process, add your task inside one of the targets below and uncomment it.
+ Other similar extension points exist, see Microsoft.Common.targets.
+ <Target Name="BeforeBuild">
+ </Target>
+ <Target Name="AfterBuild">
+ </Target>
-->
<Import Project="$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.targets))\EnlistmentInfo.targets" Condition=" '$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.targets))' != '' " />
<Import Project="$(SolutionDir)\.nuget\nuget.targets" />
diff --git a/src/OAuth/OAuthResourceServer/Web.config b/src/OAuth/OAuthResourceServer/Web.config index 1ab8dfa..74b01eb 100644 --- a/src/OAuth/OAuthResourceServer/Web.config +++ b/src/OAuth/OAuthResourceServer/Web.config @@ -1,7 +1,6 @@ <?xml version="1.0" encoding="utf-8"?>
<configuration>
<configSections>
- <section name="uri" type="System.Configuration.UriSection, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
<section name="log4net" type="log4net.Config.Log4NetConfigurationSectionHandler" requirePermission="false" />
<sectionGroup name="dotNetOpenAuth" type="DotNetOpenAuth.Configuration.DotNetOpenAuthSection, DotNetOpenAuth.Core">
<section name="openid" type="DotNetOpenAuth.Configuration.OpenIdElement, DotNetOpenAuth.OpenId" requirePermission="false" allowLocation="true" />
@@ -21,8 +20,8 @@ <defaultProxy enabled="true" />
<settings>
<!-- This setting causes .NET to check certificate revocation lists (CRL)
- before trusting HTTPS certificates. But this setting tends to not
- be allowed in shared hosting environments. -->
+ before trusting HTTPS certificates. But this setting tends to not
+ be allowed in shared hosting environments. -->
<!--<servicePointManager checkCertificateRevocationList="true"/>-->
</settings>
</system.net>
@@ -106,10 +105,13 @@ </identity>
</endpoint>
<endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange" />
- <endpoint address="web" binding="webHttpBinding" contract="OAuthResourceServer.Code.IDataApi" behaviorConfiguration="DataApiWebBehavior" />
+ <endpoint address="web" binding="webHttpBinding" contract="OAuthResourceServer.Code.IDataApi" behaviorConfiguration="DataApiWebBehavior"></endpoint>
</service>
</services>
</system.serviceModel>
+ <system.webServer>
+ <modules runAllManagedModulesForAllRequests="true" />
+ </system.webServer>
<runtime>
<!-- This prevents the Windows Event Log from frequently logging that HMAC1 is being used (when the other party needs it). -->
<legacyHMACWarning enabled="0" />
diff --git a/src/OAuth/OAuthResourceServer/packages.config b/src/OAuth/OAuthResourceServer/packages.config index 0e5b33a..4e51419 100644 --- a/src/OAuth/OAuthResourceServer/packages.config +++ b/src/OAuth/OAuthResourceServer/packages.config @@ -1,11 +1,9 @@ <?xml version="1.0" encoding="utf-8"?>
<packages>
- <package id="CodeContracts.Unofficial" version="1.0.0.2" />
- <package id="DotNetOpenAuth.Core" version="4.0.0.12084" />
- <package id="DotNetOpenAuth.OAuth.Common" version="4.0.0.12084" />
- <package id="DotNetOpenAuth.OAuth2.Core" version="0.23.0-draft" />
- <package id="DotNetOpenAuth.OAuth2.Core" version="0.23.0-draft2" />
- <package id="DotNetOpenAuth.OAuth2.ResourceServer" version="0.23.0-draft" />
- <package id="DotNetOpenAuth.OAuth2.ResourceServer" version="0.23.0-draft2" />
- <package id="log4net" version="2.0.0" />
+ <package id="CodeContracts.Unofficial" version="1.0.0.2" targetFramework="net40" />
+ <package id="DotNetOpenAuth.Core" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OAuth.Common" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OAuth2.Core" version="0.25.0-draft1" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OAuth2.ResourceServer" version="0.25.0-draft1" targetFramework="net40" />
+ <package id="log4net" version="2.0.0" targetFramework="net40" />
</packages>
\ No newline at end of file diff --git a/src/OAuth/OAuthServiceProvider/OAuthServiceProvider.csproj b/src/OAuth/OAuthServiceProvider/OAuthServiceProvider.csproj index f8c1eb5..fd2a5bb 100644 --- a/src/OAuth/OAuthServiceProvider/OAuthServiceProvider.csproj +++ b/src/OAuth/OAuthServiceProvider/OAuthServiceProvider.csproj @@ -1,6 +1,17 @@ <?xml version="1.0" encoding="utf-8"?> <Project ToolsVersion="4.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003"> <Import Project="$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.props))\EnlistmentInfo.props" Condition=" '$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.props))' != '' " /> + <Import Project="$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props" Condition="Exists('$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props')" /> + <PropertyGroup> + <VisualStudioVersion Condition="'$(VisualStudioVersion)' == ''">10.0</VisualStudioVersion> + <VSToolsPath Condition="'$(VSToolsPath)' == ''">$(MSBuildExtensionsPath32)\Microsoft\VisualStudio\v$(VisualStudioVersion)</VSToolsPath> + <OldToolsVersion>4.0</OldToolsVersion> + <IISExpressSSLPort /> + <IISExpressAnonymousAuthentication /> + <IISExpressWindowsAuthentication /> + <IISExpressUseClassicPipelineMode /> + <TargetFrameworkProfile /> + </PropertyGroup> <PropertyGroup> <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration> <Platform Condition=" '$(Platform)' == '' ">AnyCPU</Platform> @@ -13,7 +24,7 @@ <AppDesignerFolder>Properties</AppDesignerFolder> <RootNamespace>OAuthServiceProvider</RootNamespace> <AssemblyName>OAuthServiceProvider</AssemblyName> - <TargetFrameworkVersion>v3.5</TargetFrameworkVersion> + <TargetFrameworkVersion>v4.0</TargetFrameworkVersion> <UseIISExpress>false</UseIISExpress> </PropertyGroup> <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' "> @@ -39,13 +50,14 @@ </Reference> <Reference Include="System" /> <Reference Include="System.Data" /> - <Reference Include="System.Core" /> <Reference Include="System.Data.DataSetExtensions" /> <Reference Include="System.Data.Linq" /> <Reference Include="System.IdentityModel" /> <Reference Include="System.ServiceModel" /> + <Reference Include="System.Web.ApplicationServices" /> + <Reference Include="System.Web.DynamicData" /> + <Reference Include="System.Web.Entity" /> <Reference Include="System.Web.Extensions" /> - <Reference Include="System.Xml.Linq" /> <Reference Include="System.Drawing" /> <Reference Include="System.Web" /> <Reference Include="System.Xml" /> @@ -53,6 +65,7 @@ <Reference Include="System.Web.Services" /> <Reference Include="System.EnterpriseServices" /> <Reference Include="System.Web.Mobile" /> + <Reference Include="System.Xml.Linq" /> </ItemGroup> <ItemGroup> <Content Include="DataApi.svc" /> @@ -101,19 +114,15 @@ </Compile> <Compile Include="Default.aspx.cs"> <DependentUpon>Default.aspx</DependentUpon> - <SubType>ASPXCodeBehind</SubType> </Compile> <Compile Include="Members\Authorize.aspx.cs"> <DependentUpon>Authorize.aspx</DependentUpon> - <SubType>ASPXCodeBehind</SubType> </Compile> <Compile Include="Members\AuthorizedConsumers.aspx.cs"> <DependentUpon>AuthorizedConsumers.aspx</DependentUpon> - <SubType>ASPXCodeBehind</SubType> </Compile> <Compile Include="TracePage.aspx.cs"> <DependentUpon>TracePage.aspx</DependentUpon> - <SubType>ASPXCodeBehind</SubType> </Compile> <Compile Include="TracePage.aspx.designer.cs"> <DependentUpon>TracePage.aspx</DependentUpon> @@ -175,7 +184,8 @@ </ProjectReference> </ItemGroup> <Import Project="$(MSBuildBinPath)\Microsoft.CSharp.targets" /> - <Import Project="$(MSBuildExtensionsPath32)\Microsoft\VisualStudio\v10.0\WebApplications\Microsoft.WebApplication.targets" /> + <Import Project="$(VSToolsPath)\WebApplications\Microsoft.WebApplication.targets" Condition="'$(VSToolsPath)' != ''" /> + <Import Project="$(MSBuildExtensionsPath32)\Microsoft\VisualStudio\v10.0\WebApplications\Microsoft.WebApplication.targets" Condition="false" /> <ProjectExtensions> <VisualStudio> <FlavorProperties GUID="{349c5851-65df-11da-9384-00065b846f21}"> diff --git a/src/OAuth/OAuthServiceProvider/Web.config b/src/OAuth/OAuthServiceProvider/Web.config index 60a4d86..e42b164 100644 --- a/src/OAuth/OAuthServiceProvider/Web.config +++ b/src/OAuth/OAuthServiceProvider/Web.config @@ -1,24 +1,12 @@ <?xml version="1.0"?> <configuration> <configSections> - <section name="uri" type="System.Configuration.UriSection, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"/> <section name="log4net" type="log4net.Config.Log4NetConfigurationSectionHandler" requirePermission="false"/> <sectionGroup name="dotNetOpenAuth" type="DotNetOpenAuth.Configuration.DotNetOpenAuthSection, DotNetOpenAuth.Core"> <section name="oauth" type="DotNetOpenAuth.Configuration.OAuthElement, DotNetOpenAuth.OAuth" requirePermission="false" allowLocation="true" /> <section name="messaging" type="DotNetOpenAuth.Configuration.MessagingElement, DotNetOpenAuth.Core" requirePermission="false" allowLocation="true" /> <section name="reporting" type="DotNetOpenAuth.Configuration.ReportingElement, DotNetOpenAuth.Core" requirePermission="false" allowLocation="true" /> </sectionGroup> - <sectionGroup name="system.web.extensions" type="System.Web.Configuration.SystemWebExtensionsSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"> - <sectionGroup name="scripting" type="System.Web.Configuration.ScriptingSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"> - <section name="scriptResourceHandler" type="System.Web.Configuration.ScriptingScriptResourceHandlerSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication"/> - <sectionGroup name="webServices" type="System.Web.Configuration.ScriptingWebServicesSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"> - <section name="jsonSerialization" type="System.Web.Configuration.ScriptingJsonSerializationSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="Everywhere"/> - <section name="profileService" type="System.Web.Configuration.ScriptingProfileServiceSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication"/> - <section name="authenticationService" type="System.Web.Configuration.ScriptingAuthenticationServiceSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication"/> - <section name="roleService" type="System.Web.Configuration.ScriptingRoleServiceSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication"/> - </sectionGroup> - </sectionGroup> - </sectionGroup> </configSections> <!-- The uri section is necessary to turn on .NET 3.5 support for IDN (international domain names), @@ -65,80 +53,21 @@ affects performance, set this value to true only during development. --> - <compilation debug="true"> + <compilation debug="true" targetFramework="4.0"> <assemblies> - <add assembly="System.Core, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/> - <add assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add assembly="System.Data.DataSetExtensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/> - <add assembly="System.Xml.Linq, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/> - <add assembly="System.Data.Linq, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/> <remove assembly="DotNetOpenAuth.Contracts"/> + <add assembly="System.Data.Linq, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/> </assemblies> </compilation> <authentication mode="Forms"> <forms name="oauthSP" /> </authentication> - <pages> - <controls> - <add tagPrefix="asp" namespace="System.Web.UI" assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add tagPrefix="asp" namespace="System.Web.UI.WebControls" assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - </controls> - </pages> - <httpHandlers> - <remove verb="*" path="*.asmx"/> - <add verb="*" path="*.asmx" validate="false" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add verb="*" path="*_AppService.axd" validate="false" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add verb="GET,HEAD" path="ScriptResource.axd" type="System.Web.Handlers.ScriptResourceHandler, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" validate="false"/> - </httpHandlers> - <httpModules> - <add name="ScriptModule" type="System.Web.Handlers.ScriptModule, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - </httpModules> + <pages controlRenderingCompatibilityVersion="3.5" clientIDMode="AutoID"/> </system.web> - <system.codedom> - <compilers> - <compiler language="c#;cs;csharp" extension=".cs" warningLevel="4" type="Microsoft.CSharp.CSharpCodeProvider, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"> - <providerOption name="CompilerVersion" value="v3.5"/> - <providerOption name="WarnAsError" value="false"/> - </compiler> - <compiler language="vb;vbs;visualbasic;vbscript" extension=".vb" warningLevel="4" type="Microsoft.VisualBasic.VBCodeProvider, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"> - <providerOption name="CompilerVersion" value="v3.5"/> - <providerOption name="OptionInfer" value="true"/> - <providerOption name="WarnAsError" value="false"/> - </compiler> - </compilers> - </system.codedom> <!-- The system.webServer section is required for running ASP.NET AJAX under Internet Information Services 7.0. It is not necessary for previous version of IIS. --> - <system.webServer> - <validation validateIntegratedModeConfiguration="false"/> - <modules> - <remove name="ScriptModule"/> - <add name="ScriptModule" preCondition="managedHandler" type="System.Web.Handlers.ScriptModule, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - </modules> - <handlers> - <remove name="WebServiceHandlerFactory-Integrated"/> - <remove name="ScriptHandlerFactory"/> - <remove name="ScriptHandlerFactoryAppServices"/> - <remove name="ScriptResource"/> - <add name="ScriptHandlerFactory" verb="*" path="*.asmx" preCondition="integratedMode" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add name="ScriptHandlerFactoryAppServices" verb="*" path="*_AppService.axd" preCondition="integratedMode" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add name="ScriptResource" preCondition="integratedMode" verb="GET,HEAD" path="ScriptResource.axd" type="System.Web.Handlers.ScriptResourceHandler, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - </handlers> - </system.webServer> - <runtime> - <assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1"> - <dependentAssembly> - <assemblyIdentity name="System.Web.Extensions" publicKeyToken="31bf3856ad364e35"/> - <bindingRedirect oldVersion="1.0.0.0-1.1.0.0" newVersion="3.5.0.0"/> - </dependentAssembly> - <dependentAssembly> - <assemblyIdentity name="System.Web.Extensions.Design" publicKeyToken="31bf3856ad364e35"/> - <bindingRedirect oldVersion="1.0.0.0-1.1.0.0" newVersion="3.5.0.0"/> - </dependentAssembly> - </assemblyBinding> - </runtime> <log4net> <appender name="TracePageAppender" type="OAuthServiceProvider.Code.TracePageAppender, OAuthServiceProvider"> <layout type="log4net.Layout.PatternLayout"> @@ -177,4 +106,7 @@ </service> </services> </system.serviceModel> + <system.webServer> + <modules runAllManagedModulesForAllRequests="true"/> + </system.webServer> </configuration> |