Renamed security profiles to behaviors.

author: Andrew Arnott <andrewarnott@gmail.com> 2009-06-02 08:37:05 -0700
committer: Andrew Arnott <andrewarnott@gmail.com> 2009-06-02 16:59:53 -0700
commit: 530dbb02e89eadeb82ae088d2b7eaed743d70910 (patch)
tree: 53f029e6ee99240ac4ee96703322c37d5d1b71c1
parent: 66cb72fc2e8f41784f60526eb235186c8d830e6c (diff)
download: DotNetOpenAuth-530dbb02e89eadeb82ae088d2b7eaed743d70910.zip
DotNetOpenAuth-530dbb02e89eadeb82ae088d2b7eaed743d70910.tar.gz
DotNetOpenAuth-530dbb02e89eadeb82ae088d2b7eaed743d70910.tar.bz2
16 files changed, 107 insertions, 115 deletions
diff --git a/samples/OpenIdProviderMvc/Global.asax.cs b/samples/OpenIdProviderMvc/Global.asax.cs
index 0645c63..998d7f8 100644
--- a/samples/OpenIdProviderMvc/Global.asax.cs
+++ b/samples/OpenIdProviderMvc/Global.asax.cs
@@ -33,7 +33,7 @@
 
 		protected void Application_Start() {
 			RegisterRoutes(RouteTable.Routes);
-			DotNetOpenAuth.OpenId.SecurityProfiles.USGovernmentLevel1.PpidIdentifierProvider = new Code.AnonymousIdentifierProvider();
+			DotNetOpenAuth.OpenId.Behaviors.USGovernmentLevel1.PpidIdentifierProvider = new Code.AnonymousIdentifierProvider();
 		}
 	}
 }
 \ No newline at end of file
diff --git a/samples/OpenIdProviderMvc/Web.config b/samples/OpenIdProviderMvc/Web.config
index 1490413..7242c96 100644
--- a/samples/OpenIdProviderMvc/Web.config
+++ b/samples/OpenIdProviderMvc/Web.config
@@ -48,12 +48,12 @@
 		<openid>
 			<provider>
 				<security requireSsl="false" />
-				<securityProfiles>
-					<!-- Security profiles activate themselves automatically for individual matching requests. 
+				<behaviors>
+					<!-- Behaviors activate themselves automatically for individual matching requests. 
 					     The first one in this list to match an incoming request "owns" the request.  If no
 					     profile matches, the default behavior is assumed. -->
-					<add type="DotNetOpenAuth.OpenId.SecurityProfiles.USGovernmentLevel1, DotNetOpenAuth" />
-				</securityProfiles>
+					<add type="DotNetOpenAuth.OpenId.Behaviors.USGovernmentLevel1, DotNetOpenAuth" />
+				</behaviors>
 				<!-- Uncomment the following to activate the sample custom store.  -->
 				<!--<store type="RelyingPartyWebForms.CustomStore, RelyingPartyWebForms" />-->
 			</provider>
diff --git a/samples/OpenIdRelyingPartyWebForms/Web.config b/samples/OpenIdRelyingPartyWebForms/Web.config
index 228606d..c47c235 100644
--- a/samples/OpenIdRelyingPartyWebForms/Web.config
+++ b/samples/OpenIdRelyingPartyWebForms/Web.config
@@ -28,9 +28,9 @@
 		<openid>
 			<relyingParty>
 				<security requireSsl="false" />
-				<securityProfiles>
-					<!--<add type="DotNetOpenAuth.OpenId.SecurityProfiles.USGovernmentLevel1, DotNetOpenAuth" />-->
-				</securityProfiles>
+				<behaviors>
+					<!--<add type="DotNetOpenAuth.OpenId.Behaviors.USGovernmentLevel1, DotNetOpenAuth" />-->
+				</behaviors>
 				<!-- Uncomment the following to activate the sample custom store.  -->
 				<!--<store type="OpenIdRelyingPartyWebForms.CustomStore, OpenIdRelyingPartyWebForms" />-->
 			</relyingParty>
diff --git a/src/DotNetOpenAuth/Configuration/OpenIdProviderElement.cs b/src/DotNetOpenAuth/Configuration/OpenIdProviderElement.cs
index 7674536..b51ccfb 100644
--- a/src/DotNetOpenAuth/Configuration/OpenIdProviderElement.cs
+++ b/src/DotNetOpenAuth/Configuration/OpenIdProviderElement.cs
@@ -20,9 +20,9 @@ namespace DotNetOpenAuth.Configuration {
 		private const string SecuritySettingsConfigName = "security";
 
 		/// <summary>
-		/// Gets the name of the &lt;securityProfiles&gt; sub-element.
+		/// Gets the name of the &lt;behaviors&gt; sub-element.
 		/// </summary>
-		private const string SecurityProfilesElementName = "securityProfiles";
+		private const string BehaviorsElementName = "behaviors";
 
 		/// <summary>
 		/// The name of the custom store sub-element.
@@ -45,13 +45,13 @@ namespace DotNetOpenAuth.Configuration {
 		}
 
 		/// <summary>
-		/// Gets or sets the predefined security profiles to apply.
+		/// Gets or sets the special behaviors to apply.
 		/// </summary>
-		[ConfigurationProperty(SecurityProfilesElementName, IsDefaultCollection = false)]
-		[ConfigurationCollection(typeof(TypeConfigurationCollection<IProviderSecurityProfile>))]
-		public TypeConfigurationCollection<IProviderSecurityProfile> SecurityProfiles {
-			get { return (TypeConfigurationCollection<IProviderSecurityProfile>)this[SecurityProfilesElementName] ?? new TypeConfigurationCollection<IProviderSecurityProfile>(); }
-			set { this[SecurityProfilesElementName] = value; }
+		[ConfigurationProperty(BehaviorsElementName, IsDefaultCollection = false)]
+		[ConfigurationCollection(typeof(TypeConfigurationCollection<IProviderBehavior>))]
+		public TypeConfigurationCollection<IProviderBehavior> Behaviors {
+			get { return (TypeConfigurationCollection<IProviderBehavior>)this[BehaviorsElementName] ?? new TypeConfigurationCollection<IProviderBehavior>(); }
+			set { this[BehaviorsElementName] = value; }
 		}
 
 		/// <summary>
diff --git a/src/DotNetOpenAuth/Configuration/OpenIdRelyingPartyElement.cs b/src/DotNetOpenAuth/Configuration/OpenIdRelyingPartyElement.cs
index 7c1162c..cdf4fd3 100644
--- a/src/DotNetOpenAuth/Configuration/OpenIdRelyingPartyElement.cs
+++ b/src/DotNetOpenAuth/Configuration/OpenIdRelyingPartyElement.cs
@@ -25,9 +25,9 @@ namespace DotNetOpenAuth.Configuration {
 		private const string SecuritySettingsConfigName = "security";
 
 		/// <summary>
-		/// Gets the name of the &lt;securityProfiles&gt; sub-element.
+		/// Gets the name of the &lt;behaviors&gt; sub-element.
 		/// </summary>
-		private const string SecurityProfilesElementName = "securityProfiles";
+		private const string BehaviorsElementName = "behaviors";
 
 		/// <summary>
 		/// Initializes a new instance of the <see cref="OpenIdRelyingPartyElement"/> class.
@@ -45,13 +45,13 @@ namespace DotNetOpenAuth.Configuration {
 		}
 
 		/// <summary>
-		/// Gets or sets the predefined security profiles to apply.
+		/// Gets or sets the special behaviors to apply.
 		/// </summary>
-		[ConfigurationProperty(SecurityProfilesElementName, IsDefaultCollection = false)]
-		[ConfigurationCollection(typeof(TypeConfigurationCollection<IRelyingPartySecurityProfile>))]
-		public TypeConfigurationCollection<IRelyingPartySecurityProfile> SecurityProfiles {
-			get { return (TypeConfigurationCollection<IRelyingPartySecurityProfile>)this[SecurityProfilesElementName] ?? new TypeConfigurationCollection<IRelyingPartySecurityProfile>(); }
-			set { this[SecurityProfilesElementName] = value; }
+		[ConfigurationProperty(BehaviorsElementName, IsDefaultCollection = false)]
+		[ConfigurationCollection(typeof(TypeConfigurationCollection<IRelyingPartyBehavior>))]
+		public TypeConfigurationCollection<IRelyingPartyBehavior> Behaviors {
+			get { return (TypeConfigurationCollection<IRelyingPartyBehavior>)this[BehaviorsElementName] ?? new TypeConfigurationCollection<IRelyingPartyBehavior>(); }
+			set { this[BehaviorsElementName] = value; }
 		}
 
 		/// <summary>
diff --git a/src/DotNetOpenAuth/DotNetOpenAuth.csproj b/src/DotNetOpenAuth/DotNetOpenAuth.csproj
index 7af9539..a6f0467 100644
--- a/src/DotNetOpenAuth/DotNetOpenAuth.csproj
+++ b/src/DotNetOpenAuth/DotNetOpenAuth.csproj
@@ -395,7 +395,7 @@
     <Compile Include="OpenId\Provider\IdentityEndpointNormalizationEventArgs.cs" />
     <Compile Include="OpenId\Provider\IErrorReporting.cs" />
     <Compile Include="OpenId\Provider\IProviderApplicationStore.cs" />
-    <Compile Include="OpenId\Provider\IProviderSecurityProfile.cs" />
+    <Compile Include="OpenId\Provider\IProviderBehavior.cs" />
     <Compile Include="OpenId\Provider\IRequest.cs" />
     <Compile Include="OpenId\Provider\ProviderEndpoint.cs" />
     <Compile Include="OpenId\Provider\RelyingPartyDiscoveryResult.cs" />
@@ -433,7 +433,7 @@
     <Compile Include="OpenId\RelyingParty\AssociationPreference.cs" />
     <Compile Include="OpenId\RelyingParty\AuthenticationRequest.cs" />
     <Compile Include="OpenId\RelyingParty\AuthenticationRequestMode.cs" />
-    <Compile Include="OpenId\RelyingParty\IRelyingPartySecurityProfile.cs" />
+    <Compile Include="OpenId\RelyingParty\IRelyingPartyBehavior.cs" />
     <Compile Include="OpenId\RelyingParty\NegativeAuthenticationResponse.cs" />
     <Compile Include="OpenId\RelyingParty\OpenIdAjaxTextBox.cs" />
     <Compile Include="OpenId\RelyingParty\OpenIdEventArgs.cs" />
@@ -466,12 +466,12 @@
     <Compile Include="OpenId\RelyingParty\ServiceEndpoint.cs" />
     <Compile Include="OpenId\OpenIdXrdsHelper.cs" />
     <Compile Include="OpenId\RelyingParty\StandardRelyingPartyApplicationStore.cs" />
-    <Compile Include="OpenId\SecurityProfiles\SecurityProfileStrings.Designer.cs">
+    <Compile Include="OpenId\Behaviors\BehaviorStrings.Designer.cs">
       <AutoGen>True</AutoGen>
       <DesignTime>True</DesignTime>
-      <DependentUpon>SecurityProfileStrings.resx</DependentUpon>
+      <DependentUpon>BehaviorStrings.resx</DependentUpon>
     </Compile>
-    <Compile Include="OpenId\SecurityProfiles\USGovernmentLevel1.cs" />
+    <Compile Include="OpenId\Behaviors\USGovernmentLevel1.cs" />
     <Compile Include="OpenId\SecuritySettings.cs" />
     <Compile Include="Messaging\UntrustedWebRequestHandler.cs" />
     <Compile Include="OpenId\UriIdentifier.cs" />
@@ -566,9 +566,9 @@
     <EmbeddedResource Include="InfoCard\infocard_81x57.png" />
     <EmbeddedResource Include="InfoCard\infocard_92x64.png" />
     <EmbeddedResource Include="InfoCard\SupportingScript.js" />
-    <EmbeddedResource Include="OpenId\SecurityProfiles\SecurityProfileStrings.resx">
+    <EmbeddedResource Include="OpenId\Behaviors\BehaviorStrings.resx">
       <Generator>ResXFileCodeGenerator</Generator>
-      <LastGenOutput>SecurityProfileStrings.Designer.cs</LastGenOutput>
+      <LastGenOutput>BehaviorStrings.Designer.cs</LastGenOutput>
     </EmbeddedResource>
   </ItemGroup>
   <Import Project="$(MSBuildToolsPath)\Microsoft.CSharp.targets" />
diff --git a/src/DotNetOpenAuth/OpenId/SecurityProfiles/SecurityProfileStrings.Designer.cs b/src/DotNetOpenAuth/OpenId/Behaviors/BehaviorStrings.Designer.cs
index 8ff10c0..937ecaf 100644
--- a/src/DotNetOpenAuth/OpenId/SecurityProfiles/SecurityProfileStrings.Designer.cs
+++ b/src/DotNetOpenAuth/OpenId/Behaviors/BehaviorStrings.Designer.cs
@@ -8,7 +8,7 @@
 // </auto-generated>
 //------------------------------------------------------------------------------
 
-namespace DotNetOpenAuth.OpenId.SecurityProfiles {
+namespace DotNetOpenAuth.OpenId.Behaviors {
     using System;
     
     
@@ -22,14 +22,14 @@ namespace DotNetOpenAuth.OpenId.SecurityProfiles {
     [global::System.CodeDom.Compiler.GeneratedCodeAttribute("System.Resources.Tools.StronglyTypedResourceBuilder", "2.0.0.0")]
     [global::System.Diagnostics.DebuggerNonUserCodeAttribute()]
     [global::System.Runtime.CompilerServices.CompilerGeneratedAttribute()]
-    internal class SecurityProfileStrings {
+    internal class BehaviorStrings {
         
         private static global::System.Resources.ResourceManager resourceMan;
         
         private static global::System.Globalization.CultureInfo resourceCulture;
         
         [global::System.Diagnostics.CodeAnalysis.SuppressMessageAttribute("Microsoft.Performance", "CA1811:AvoidUncalledPrivateCode")]
-        internal SecurityProfileStrings() {
+        internal BehaviorStrings() {
         }
         
         /// <summary>
@@ -39,7 +39,7 @@ namespace DotNetOpenAuth.OpenId.SecurityProfiles {
         internal static global::System.Resources.ResourceManager ResourceManager {
             get {
                 if (object.ReferenceEquals(resourceMan, null)) {
-                    global::System.Resources.ResourceManager temp = new global::System.Resources.ResourceManager("DotNetOpenAuth.OpenId.SecurityProfiles.SecurityProfileStrings", typeof(SecurityProfileStrings).Assembly);
+                    global::System.Resources.ResourceManager temp = new global::System.Resources.ResourceManager("DotNetOpenAuth.OpenId.Behaviors.BehaviorStrings", typeof(BehaviorStrings).Assembly);
                     resourceMan = temp;
                 }
                 return resourceMan;
@@ -122,14 +122,5 @@ namespace DotNetOpenAuth.OpenId.SecurityProfiles {
                 return ResourceManager.GetString("RealmMustBeHttps", resourceCulture);
             }
         }
-        
-        /// <summary>
-        ///   Looks up a localized string similar to The security profile {0} mandates security settings that have been changed to disallowed values..
-        /// </summary>
-        internal static string SecuritySettingsNotCompliantWithProfile {
-            get {
-                return ResourceManager.GetString("SecuritySettingsNotCompliantWithProfile", resourceCulture);
-            }
-        }
     }
 }
diff --git a/src/DotNetOpenAuth/OpenId/SecurityProfiles/SecurityProfileStrings.resx b/src/DotNetOpenAuth/OpenId/Behaviors/BehaviorStrings.resx
index 04d53d4..a8bf2d6 100644
--- a/src/DotNetOpenAuth/OpenId/SecurityProfiles/SecurityProfileStrings.resx
+++ b/src/DotNetOpenAuth/OpenId/Behaviors/BehaviorStrings.resx
@@ -138,7 +138,4 @@
   <data name="RealmMustBeHttps" xml:space="preserve">
     <value>The Realm in an authentication request must be an HTTPS URL.</value>
   </data>
-  <data name="SecuritySettingsNotCompliantWithProfile" xml:space="preserve">
-    <value>The security profile {0} mandates security settings that have been changed to disallowed values.</value>
-  </data>
 </root>
 \ No newline at end of file
diff --git a/src/DotNetOpenAuth/OpenId/SecurityProfiles/USGovernmentLevel1.cs b/src/DotNetOpenAuth/OpenId/Behaviors/USGovernmentLevel1.cs
index 2e5dd18..9b160ac 100644
--- a/src/DotNetOpenAuth/OpenId/SecurityProfiles/USGovernmentLevel1.cs
+++ b/src/DotNetOpenAuth/OpenId/Behaviors/USGovernmentLevel1.cs
@@ -4,7 +4,7 @@
 // </copyright>
 //-----------------------------------------------------------------------
 
-namespace DotNetOpenAuth.OpenId.SecurityProfiles {
+namespace DotNetOpenAuth.OpenId.Behaviors {
 	using System;
 	using System.Diagnostics.Contracts;
 	using System.Linq;
@@ -23,7 +23,8 @@ namespace DotNetOpenAuth.OpenId.SecurityProfiles {
 	/// but Providers are only affected by the special behaviors of the profile when the RP specifically
 	/// indicates that they want to use this profile. </para>
 	/// </remarks>
-	public sealed class USGovernmentLevel1 : IRelyingPartySecurityProfile, IProviderSecurityProfile {
+	[Serializable]
+	public sealed class USGovernmentLevel1 : IRelyingPartyBehavior, IProviderBehavior {
 		/// <summary>
 		/// The maximum time a shared association can live.
 		/// </summary>
@@ -33,6 +34,9 @@ namespace DotNetOpenAuth.OpenId.SecurityProfiles {
 		/// Initializes a new instance of the <see cref="USGovernmentLevel1"/> class.
 		/// </summary>
 		public USGovernmentLevel1() {
+			if (DisableSslRequirement) {
+				Logger.OpenId.Warn("GSA level 1 behavior has its RequireSsl requirement disabled.");
+			}
 		}
 
 		/// <summary>
@@ -51,7 +55,7 @@ namespace DotNetOpenAuth.OpenId.SecurityProfiles {
 		/// </summary>
 		public static bool DisableSslRequirement { get; set; }
 
-		#region IRelyingPartySecurityProfile Members
+		#region IRelyingPartyBehavior Members
 
 		/// <summary>
 		/// Applies a well known set of security requirements.
@@ -62,7 +66,7 @@ namespace DotNetOpenAuth.OpenId.SecurityProfiles {
 		/// Profiles should only enhance security requirements to avoid being
 		/// incompatible with each other.
 		/// </remarks>
-		void IRelyingPartySecurityProfile.ApplySecuritySettings(RelyingPartySecuritySettings securitySettings) {
+		void IRelyingPartyBehavior.ApplySecuritySettings(RelyingPartySecuritySettings securitySettings) {
 			ErrorUtilities.VerifyArgumentNotNull(securitySettings, "securitySettings");
 
 			if (securitySettings.MaximumHashBitLength < 256) {
@@ -81,11 +85,11 @@ namespace DotNetOpenAuth.OpenId.SecurityProfiles {
 		/// Called when an authentication request is about to be sent.
 		/// </summary>
 		/// <param name="request">The request.</param>
-		void IRelyingPartySecurityProfile.OnOutgoingAuthenticationRequest(RelyingParty.IAuthenticationRequest request) {
+		void IRelyingPartyBehavior.OnOutgoingAuthenticationRequest(RelyingParty.IAuthenticationRequest request) {
 			ErrorUtilities.VerifyArgumentNotNull(request, "request");
 
 			RelyingParty.AuthenticationRequest requestInternal = (RelyingParty.AuthenticationRequest)request;
-			ErrorUtilities.VerifyProtocol(string.Equals(request.Realm.Scheme, Uri.UriSchemeHttps, StringComparison.Ordinal) || DisableSslRequirement, SecurityProfileStrings.RealmMustBeHttps);
+			ErrorUtilities.VerifyProtocol(string.Equals(request.Realm.Scheme, Uri.UriSchemeHttps, StringComparison.Ordinal) || DisableSslRequirement, BehaviorStrings.RealmMustBeHttps);
 
 			var pape = requestInternal.AppliedExtensions.OfType<PolicyRequest>().SingleOrDefault();
 			if (pape == null) {
@@ -108,7 +112,7 @@ namespace DotNetOpenAuth.OpenId.SecurityProfiles {
 				ErrorUtilities.VerifyProtocol(
 					(!requestInternal.AppliedExtensions.OfType<ClaimsRequest>().Any() &&
 					!requestInternal.AppliedExtensions.OfType<FetchRequest>().Any()),
-					SecurityProfileStrings.PiiIncludedWithNoPiiPolicy);
+					BehaviorStrings.PiiIncludedWithNoPiiPolicy);
 			}
 		}
 
@@ -116,7 +120,7 @@ namespace DotNetOpenAuth.OpenId.SecurityProfiles {
 		/// Called when an incoming positive assertion is received.
 		/// </summary>
 		/// <param name="assertion">The positive assertion.</param>
-		void IRelyingPartySecurityProfile.OnIncomingPositiveAssertion(IAuthenticationResponse assertion) {
+		void IRelyingPartyBehavior.OnIncomingPositiveAssertion(IAuthenticationResponse assertion) {
 			ErrorUtilities.VerifyArgumentNotNull(assertion, "assertion");
 
 			PolicyResponse pape = assertion.GetExtension<PolicyResponse>();
@@ -124,36 +128,36 @@ namespace DotNetOpenAuth.OpenId.SecurityProfiles {
 				pape != null &&
 				pape.ActualPolicies.Contains(AuthenticationPolicies.USGovernmentTrustLevel1) &&
 				pape.ActualPolicies.Contains(AuthenticationPolicies.PrivatePersonalIdentifier),
-				SecurityProfileStrings.PapeResponseOrRequiredPoliciesMissing);
+				BehaviorStrings.PapeResponseOrRequiredPoliciesMissing);
 
-			ErrorUtilities.VerifyProtocol(AllowPersonallyIdentifiableInformation || pape.ActualPolicies.Contains(AuthenticationPolicies.NoPersonallyIdentifiableInformation), SecurityProfileStrings.PapeResponseOrRequiredPoliciesMissing);
+			ErrorUtilities.VerifyProtocol(AllowPersonallyIdentifiableInformation || pape.ActualPolicies.Contains(AuthenticationPolicies.NoPersonallyIdentifiableInformation), BehaviorStrings.PapeResponseOrRequiredPoliciesMissing);
 
 			if (pape.ActualPolicies.Contains(AuthenticationPolicies.NoPersonallyIdentifiableInformation)) {
 				ErrorUtilities.VerifyProtocol(
 					assertion.GetExtension<ClaimsResponse>() == null &&
 					assertion.GetExtension<FetchResponse>() == null,
-					SecurityProfileStrings.PiiIncludedWithNoPiiPolicy);
+					BehaviorStrings.PiiIncludedWithNoPiiPolicy);
 			}
 		}
 
 		#endregion
 
-		#region IProviderSecurityProfile Members
+		#region IProviderBehavior Members
 
 		/// <summary>
 		/// Called when a request is received by the Provider.
 		/// </summary>
 		/// <param name="request">The incoming request.</param>
 		/// <returns>
-		/// 	<c>true</c> if this security profile owns this request and wants to stop other security profiles
-		/// from handling it; <c>false</c> to allow other security profiles to process this request.
+		/// 	<c>true</c> if this behavior owns this request and wants to stop other behaviors
+		/// from handling it; <c>false</c> to allow other behaviors to process this request.
 		/// </returns>
 		/// <remarks>
 		/// Implementations may set a new value to <see cref="IRequest.SecuritySettings"/> but
 		/// should not change the properties on the instance of <see cref="ProviderSecuritySettings"/>
 		/// itself as that instance may be shared across many requests.
 		/// </remarks>
-		bool IProviderSecurityProfile.OnIncomingRequest(IRequest request) {
+		bool IProviderBehavior.OnIncomingRequest(IRequest request) {
 			ErrorUtilities.VerifyArgumentNotNull(request, "request");
 
 			var hostProcessedRequest = request as IHostProcessedRequest;
@@ -163,8 +167,8 @@ namespace DotNetOpenAuth.OpenId.SecurityProfiles {
 				if (papeRequest != null) {
 					if (papeRequest.PreferredPolicies.Contains(AuthenticationPolicies.USGovernmentTrustLevel1)) {
 						// Whenever we see this GSA policy requested, we MUST also see the PPID policy requested.
-						ErrorUtilities.VerifyProtocol(papeRequest.PreferredPolicies.Contains(AuthenticationPolicies.PrivatePersonalIdentifier), SecurityProfileStrings.PapeRequestMissingRequiredPolicies);
-						ErrorUtilities.VerifyProtocol(string.Equals(hostProcessedRequest.Realm.Scheme, Uri.UriSchemeHttps, StringComparison.Ordinal) || DisableSslRequirement, SecurityProfileStrings.RealmMustBeHttps);
+						ErrorUtilities.VerifyProtocol(papeRequest.PreferredPolicies.Contains(AuthenticationPolicies.PrivatePersonalIdentifier), BehaviorStrings.PapeRequestMissingRequiredPolicies);
+						ErrorUtilities.VerifyProtocol(string.Equals(hostProcessedRequest.Realm.Scheme, Uri.UriSchemeHttps, StringComparison.Ordinal) || DisableSslRequirement, BehaviorStrings.RealmMustBeHttps);
 
 						request.SecuritySettings = GetProviderSecuritySettings(request.SecuritySettings);
 						return true;
@@ -180,10 +184,10 @@ namespace DotNetOpenAuth.OpenId.SecurityProfiles {
 		/// </summary>
 		/// <param name="request">The request that is configured to generate the outgoing response.</param>
 		/// <returns>
-		/// 	<c>true</c> if this security profile owns this request and wants to stop other security profiles
-		/// from handling it; <c>false</c> to allow other security profiles to process this request.
+		/// 	<c>true</c> if this behavior owns this request and wants to stop other behaviors
+		/// from handling it; <c>false</c> to allow other behaviors to process this request.
 		/// </returns>
-		bool IProviderSecurityProfile.OnOutgoingResponse(Provider.IAuthenticationRequest request) {
+		bool IProviderBehavior.OnOutgoingResponse(Provider.IAuthenticationRequest request) {
 			ErrorUtilities.VerifyArgumentNotNull(request, "request");
 
 			bool result = false;
@@ -214,14 +218,14 @@ namespace DotNetOpenAuth.OpenId.SecurityProfiles {
 					// warn the user of a potential threat or just abort the authentication.
 					// We can't verify that the OP displayed anything to the user at this level, but we can
 					// at least verify that the OP performed the discovery on the realm and halt things if it didn't.
-					ErrorUtilities.VerifyHost(requestInternal.HasRealmDiscoveryBeenPerformed, SecurityProfileStrings.RealmDiscoveryNotPerformed);
+					ErrorUtilities.VerifyHost(requestInternal.HasRealmDiscoveryBeenPerformed, BehaviorStrings.RealmDiscoveryNotPerformed);
 				}
 
 				if (papeRequest.PreferredPolicies.Contains(AuthenticationPolicies.PrivatePersonalIdentifier)) {
 					ErrorUtilities.VerifyProtocol(request.ClaimedIdentifier == request.LocalIdentifier, OpenIdStrings.DelegatingIdentifiersNotAllowed);
 
 					// Mask the user's identity with a PPID.
-					ErrorUtilities.VerifyHost(PpidIdentifierProvider != null, SecurityProfileStrings.PpidProviderNotGiven);
+					ErrorUtilities.VerifyHost(PpidIdentifierProvider != null, BehaviorStrings.PpidProviderNotGiven);
 					Identifier ppidIdentifier = PpidIdentifierProvider.GetIdentifier(request.LocalIdentifier, request.Realm);
 					requestInternal.ResetClaimedAndLocalIdentifiers(ppidIdentifier);
 
@@ -235,7 +239,7 @@ namespace DotNetOpenAuth.OpenId.SecurityProfiles {
 					ErrorUtilities.VerifyProtocol(
 						!responseMessage.Extensions.OfType<ClaimsResponse>().Any() &&
 						!responseMessage.Extensions.OfType<FetchResponse>().Any(),
-						SecurityProfileStrings.PiiIncludedWithNoPiiPolicy);
+						BehaviorStrings.PiiIncludedWithNoPiiPolicy);
 
 					// If no PII is given in extensions, and the claimed_id is a PPID, then we can state we issue no PII.
 					if (papeResponse.ActualPolicies.Contains(AuthenticationPolicies.PrivatePersonalIdentifier)) {
@@ -252,7 +256,7 @@ namespace DotNetOpenAuth.OpenId.SecurityProfiles {
 		#endregion
 
 		/// <summary>
-		/// Adapts the default security settings to the requirements of this security profile.
+		/// Adapts the default security settings to the requirements of this behavior.
 		/// </summary>
 		/// <param name="originalSecuritySettings">The original security settings.</param>
 		/// <returns>A new security settings instance that should be used for all qualifying incoming requests.</returns>
@@ -277,8 +281,8 @@ namespace DotNetOpenAuth.OpenId.SecurityProfiles {
 		/// <param name="maximumLifetime">The maximum lifetime.</param>
 		/// <param name="securitySettings">The security settings to adjust.</param>
 		private static void SetMaximumAssociationLifetimeToNotExceed(string associationType, TimeSpan maximumLifetime, ProviderSecuritySettings securitySettings) {
-			Contract.RequiresAlways(!String.IsNullOrEmpty(associationType));
-			Contract.RequiresAlways(maximumLifetime.TotalSeconds > 0);
+			Contract.Requires(!String.IsNullOrEmpty(associationType));
+			Contract.Requires(maximumLifetime.TotalSeconds > 0);
 			if (!securitySettings.AssociationLifetimes.ContainsKey(associationType) ||
 				securitySettings.AssociationLifetimes[associationType] > maximumLifetime) {
 				securitySettings.AssociationLifetimes[associationType] = maximumLifetime;
diff --git a/src/DotNetOpenAuth/OpenId/Provider/AuthenticationRequest.cs b/src/DotNetOpenAuth/OpenId/Provider/AuthenticationRequest.cs
index a2db09f..56e73da 100644
--- a/src/DotNetOpenAuth/OpenId/Provider/AuthenticationRequest.cs
+++ b/src/DotNetOpenAuth/OpenId/Provider/AuthenticationRequest.cs
@@ -205,7 +205,7 @@ namespace DotNetOpenAuth.OpenId.Provider {
 		/// </summary>
 		/// <param name="identifier">The value to set to the <see cref="ClaimedIdentifier"/> and <see cref="LocalIdentifier"/> properties.</param>
 		internal void ResetClaimedAndLocalIdentifiers(Identifier identifier) {
-			Contract.RequiresAlways(identifier != null);
+			Contract.Requires(identifier != null);
 			ErrorUtilities.VerifyArgumentNotNull(identifier, "identifier");
 
 			this.positiveResponse.ClaimedIdentifier = identifier;
diff --git a/src/DotNetOpenAuth/OpenId/Provider/HostProcessedRequest.cs b/src/DotNetOpenAuth/OpenId/Provider/HostProcessedRequest.cs
index e772b77..4bb7d28 100644
--- a/src/DotNetOpenAuth/OpenId/Provider/HostProcessedRequest.cs
+++ b/src/DotNetOpenAuth/OpenId/Provider/HostProcessedRequest.cs
@@ -105,7 +105,7 @@ namespace DotNetOpenAuth.OpenId.Provider {
 		/// See OpenID Authentication 2.0 spec section 9.2.1.
 		/// </remarks>
 		public RelyingPartyDiscoveryResult IsReturnUrlDiscoverable(OpenIdProvider provider) {
-			Contract.RequiresAlways(provider != null);
+			Contract.Requires(provider != null);
 			ErrorUtilities.VerifyArgumentNotNull(provider, "provider");
 
 			if (!this.realmDiscoveryResult.HasValue) {
diff --git a/src/DotNetOpenAuth/OpenId/Provider/IProviderSecurityProfile.cs b/src/DotNetOpenAuth/OpenId/Provider/IProviderBehavior.cs
index 19217be..7159c02 100644
--- a/src/DotNetOpenAuth/OpenId/Provider/IProviderSecurityProfile.cs
+++ b/src/DotNetOpenAuth/OpenId/Provider/IProviderBehavior.cs
@@ -1,5 +1,5 @@
 //-----------------------------------------------------------------------
-// <copyright file="IProviderSecurityProfile.cs" company="Andrew Arnott">
+// <copyright file="IProviderBehavior.cs" company="Andrew Arnott">
 //     Copyright (c) Andrew Arnott. All rights reserved.
 // </copyright>
 //-----------------------------------------------------------------------
@@ -14,14 +14,14 @@ namespace DotNetOpenAuth.OpenId.Provider {
 	/// BEFORE MARKING THIS INTERFACE PUBLIC: it's very important that we shift the methods to be channel-level
 	/// rather than facade class level and for the OpenIdChannel to be the one to invoke these methods.
 	/// </remarks>
-	internal interface IProviderSecurityProfile {
+	internal interface IProviderBehavior {
 		/// <summary>
 		/// Called when a request is received by the Provider.
 		/// </summary>
 		/// <param name="request">The incoming request.</param>
 		/// <returns>
-		/// <c>true</c> if this security profile owns this request and wants to stop other security profiles
-		/// from handling it; <c>false</c> to allow other security profiles to process this request.
+		/// <c>true</c> if this behavior owns this request and wants to stop other behaviors
+		/// from handling it; <c>false</c> to allow other behaviors to process this request.
 		/// </returns>
 		/// <remarks>
 		/// Implementations may set a new value to <see cref="IRequest.SecuritySettings"/> but
@@ -35,8 +35,8 @@ namespace DotNetOpenAuth.OpenId.Provider {
 		/// </summary>
 		/// <param name="request">The request that is configured to generate the outgoing response.</param>
 		/// <returns>
-		/// <c>true</c> if this security profile owns this request and wants to stop other security profiles
-		/// from handling it; <c>false</c> to allow other security profiles to process this request.
+		/// <c>true</c> if this behavior owns this request and wants to stop other behaviors
+		/// from handling it; <c>false</c> to allow other behaviors to process this request.
 		/// </returns>
 		bool OnOutgoingResponse(IAuthenticationRequest request);
 	}
diff --git a/src/DotNetOpenAuth/OpenId/Provider/OpenIdProvider.cs b/src/DotNetOpenAuth/OpenId/Provider/OpenIdProvider.cs
index 2e769f3..58b6887 100644
--- a/src/DotNetOpenAuth/OpenId/Provider/OpenIdProvider.cs
+++ b/src/DotNetOpenAuth/OpenId/Provider/OpenIdProvider.cs
@@ -32,9 +32,9 @@ namespace DotNetOpenAuth.OpenId.Provider {
 		private const string ApplicationStoreKey = "DotNetOpenAuth.OpenId.Provider.OpenIdProvider.ApplicationStore";
 
 		/// <summary>
-		/// Backing store for the <see cref="SecurityProfiles"/> property.
+		/// Backing store for the <see cref="Behaviors"/> property.
 		/// </summary>
-		private readonly Collection<IProviderSecurityProfile> securityProfiles = new Collection<IProviderSecurityProfile>();
+		private readonly Collection<IProviderBehavior> behaviors = new Collection<IProviderBehavior>();
 
 		/// <summary>
 		/// Backing field for the <see cref="SecuritySettings"/> property.
@@ -79,8 +79,8 @@ namespace DotNetOpenAuth.OpenId.Provider {
 
 			this.AssociationStore = associationStore;
 			this.SecuritySettings = DotNetOpenAuthSection.Configuration.OpenId.Provider.SecuritySettings.CreateSecuritySettings();
-			foreach (var securityProfile in DotNetOpenAuthSection.Configuration.OpenId.Provider.SecurityProfiles.CreateInstances(false)) {
-				this.securityProfiles.Add(securityProfile);
+			foreach (var behavior in DotNetOpenAuthSection.Configuration.OpenId.Provider.Behaviors.CreateInstances(false)) {
+				this.behaviors.Add(behavior);
 			}
 
 			this.Channel = new OpenIdChannel(this.AssociationStore, nonceStore, this.SecuritySettings);
@@ -148,10 +148,10 @@ namespace DotNetOpenAuth.OpenId.Provider {
 		public IErrorReporting ErrorReporting { get; set; }
 
 		/// <summary>
-		/// Gets a list of custom security profiles to apply to OpenID actions.
+		/// Gets a list of custom behaviors to apply to OpenID actions.
 		/// </summary>
-		internal ICollection<IProviderSecurityProfile> SecurityProfiles {
-			get { return this.securityProfiles; }
+		internal ICollection<IProviderBehavior> Behaviors {
+			get { return this.behaviors; }
 		}
 
 		/// <summary>
@@ -245,9 +245,9 @@ namespace DotNetOpenAuth.OpenId.Provider {
 				}
 
 				if (result != null) {
-					foreach (var profile in this.SecurityProfiles) {
-						if (profile.OnIncomingRequest(result)) {
-							// This security profile matched this request.
+					foreach (var behavior in this.Behaviors) {
+						if (behavior.OnIncomingRequest(result)) {
+							// This behavior matched this request.
 							break;
 						}
 					}
@@ -284,7 +284,7 @@ namespace DotNetOpenAuth.OpenId.Provider {
 			Contract.Requires(((Request)request).IsResponseReady);
 			ErrorUtilities.VerifyArgumentNotNull(request, "request");
 
-			this.ApplySecurityProfilesToResponse(request);
+			this.ApplyBehaviorsToResponse(request);
 			Request requestInternal = (Request)request;
 			this.Channel.Send(requestInternal.Response);
 		}
@@ -301,7 +301,7 @@ namespace DotNetOpenAuth.OpenId.Provider {
 			Contract.Requires(((Request)request).IsResponseReady);
 			ErrorUtilities.VerifyArgumentNotNull(request, "request");
 
-			this.ApplySecurityProfilesToResponse(request);
+			this.ApplyBehaviorsToResponse(request);
 			Request requestInternal = (Request)request;
 			return this.Channel.PrepareResponse(requestInternal.Response);
 		}
@@ -429,15 +429,15 @@ namespace DotNetOpenAuth.OpenId.Provider {
 		#endregion
 
 		/// <summary>
-		/// Applies all security profiles to the response message.
+		/// Applies all behaviors to the response message.
 		/// </summary>
 		/// <param name="request">The request.</param>
-		private void ApplySecurityProfilesToResponse(IRequest request) {
+		private void ApplyBehaviorsToResponse(IRequest request) {
 			var authRequest = request as IAuthenticationRequest;
 			if (authRequest != null) {
-				foreach (var profile in this.SecurityProfiles) {
-					if (profile.OnOutgoingResponse(authRequest)) {
-						// This security profile matched this request.
+				foreach (var behavior in this.Behaviors) {
+					if (behavior.OnOutgoingResponse(authRequest)) {
+						// This behavior matched this request.
 						break;
 					}
 				}
diff --git a/src/DotNetOpenAuth/OpenId/RelyingParty/AuthenticationRequest.cs b/src/DotNetOpenAuth/OpenId/RelyingParty/AuthenticationRequest.cs
index 83decb8..19db0fa 100644
--- a/src/DotNetOpenAuth/OpenId/RelyingParty/AuthenticationRequest.cs
+++ b/src/DotNetOpenAuth/OpenId/RelyingParty/AuthenticationRequest.cs
@@ -90,8 +90,8 @@ namespace DotNetOpenAuth.OpenId.RelyingParty {
 		/// <value></value>
 		public OutgoingWebResponse RedirectingResponse {
 			get {
-				foreach (var profile in this.RelyingParty.SecurityProfiles) {
-					profile.OnOutgoingAuthenticationRequest(this);
+				foreach (var behavior in this.RelyingParty.Behaviors) {
+					behavior.OnOutgoingAuthenticationRequest(this);
 				}
 
 				return this.RelyingParty.Channel.PrepareResponse(this.CreateRequestMessage());
diff --git a/src/DotNetOpenAuth/OpenId/RelyingParty/IRelyingPartySecurityProfile.cs b/src/DotNetOpenAuth/OpenId/RelyingParty/IRelyingPartyBehavior.cs
index 8d3848d..e7c38db 100644
--- a/src/DotNetOpenAuth/OpenId/RelyingParty/IRelyingPartySecurityProfile.cs
+++ b/src/DotNetOpenAuth/OpenId/RelyingParty/IRelyingPartyBehavior.cs
@@ -1,5 +1,5 @@
 //-----------------------------------------------------------------------
-// <copyright file="IRelyingPartySecurityProfile.cs" company="Andrew Arnott">
+// <copyright file="IRelyingPartyBehavior.cs" company="Andrew Arnott">
 //     Copyright (c) Andrew Arnott. All rights reserved.
 // </copyright>
 //-----------------------------------------------------------------------
@@ -12,7 +12,7 @@ namespace DotNetOpenAuth.OpenId.RelyingParty {
 	/// BEFORE MARKING THIS INTERFACE PUBLIC: it's very important that we shift the methods to be channel-level
 	/// rather than facade class level and for the OpenIdChannel to be the one to invoke these methods.
 	/// </remarks>
-	internal interface IRelyingPartySecurityProfile {
+	internal interface IRelyingPartyBehavior {
 		/// <summary>
 		/// Applies a well known set of security requirements to a default set of security settings.
 		/// </summary>
diff --git a/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdRelyingParty.cs b/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdRelyingParty.cs
index 932e647..6d72fea 100644
--- a/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdRelyingParty.cs
+++ b/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdRelyingParty.cs
@@ -44,9 +44,9 @@ namespace DotNetOpenAuth.OpenId.RelyingParty {
 		private const string ApplicationStoreKey = "DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty.ApplicationStore";
 
 		/// <summary>
-		/// Backing store for the <see cref="SecurityProfiles"/> property.
+		/// Backing store for the <see cref="Behaviors"/> property.
 		/// </summary>
-		private readonly ObservableCollection<IRelyingPartySecurityProfile> securityProfiles = new ObservableCollection<IRelyingPartySecurityProfile>();
+		private readonly ObservableCollection<IRelyingPartyBehavior> behaviors = new ObservableCollection<IRelyingPartyBehavior>();
 
 		/// <summary>
 		/// Backing field for the <see cref="SecuritySettings"/> property.
@@ -91,9 +91,9 @@ namespace DotNetOpenAuth.OpenId.RelyingParty {
 			ErrorUtilities.VerifyArgument(associationStore == null || nonceStore != null, OpenIdStrings.AssociationStoreRequiresNonceStore);
 
 			this.securitySettings = DotNetOpenAuthSection.Configuration.OpenId.RelyingParty.SecuritySettings.CreateSecuritySettings();
-			this.securityProfiles.CollectionChanged += this.OnSecurityProfilesChanged;
-			foreach (var securityProfile in DotNetOpenAuthSection.Configuration.OpenId.RelyingParty.SecurityProfiles.CreateInstances(false)) {
-				this.securityProfiles.Add(securityProfile);
+			this.behaviors.CollectionChanged += this.OnBehaviorsChanged;
+			foreach (var behavior in DotNetOpenAuthSection.Configuration.OpenId.RelyingParty.Behaviors.CreateInstances(false)) {
+				this.behaviors.Add(behavior);
 			}
 
 			// Without a nonce store, we must rely on the Provider to protect against
@@ -220,10 +220,10 @@ namespace DotNetOpenAuth.OpenId.RelyingParty {
 		}
 
 		/// <summary>
-		/// Gets a list of custom security profiles to apply to OpenID actions.
+		/// Gets a list of custom behaviors to apply to OpenID actions.
 		/// </summary>
-		internal ICollection<IRelyingPartySecurityProfile> SecurityProfiles {
-			get { return this.securityProfiles; }
+		internal ICollection<IRelyingPartyBehavior> Behaviors {
+			get { return this.behaviors; }
 		}
 
 		/// <summary>
@@ -492,8 +492,8 @@ namespace DotNetOpenAuth.OpenId.RelyingParty {
 				IndirectSignedResponse positiveExtensionOnly;
 				if ((positiveAssertion = message as PositiveAssertionResponse) != null) {
 					var response = new PositiveAuthenticationResponse(positiveAssertion, this);
-					foreach (var profile in this.SecurityProfiles) {
-						profile.OnIncomingPositiveAssertion(response);
+					foreach (var behavior in this.Behaviors) {
+						behavior.OnIncomingPositiveAssertion(response);
 					}
 
 					return response;
@@ -579,12 +579,12 @@ namespace DotNetOpenAuth.OpenId.RelyingParty {
 		}
 
 		/// <summary>
-		/// Called by derived classes when security profiles are added or removed.
+		/// Called by derived classes when behaviors are added or removed.
 		/// </summary>
 		/// <param name="sender">The collection being modified.</param>
 		/// <param name="e">The <see cref="System.Collections.Specialized.NotifyCollectionChangedEventArgs"/> instance containing the event data.</param>
-		private void OnSecurityProfilesChanged(object sender, NotifyCollectionChangedEventArgs e) {
-			foreach (IRelyingPartySecurityProfile profile in e.NewItems) {
+		private void OnBehaviorsChanged(object sender, NotifyCollectionChangedEventArgs e) {
+			foreach (IRelyingPartyBehavior profile in e.NewItems) {
 				profile.ApplySecuritySettings(this.SecuritySettings);
 			}
 		}
author	Andrew Arnott <andrewarnott@gmail.com>	2009-06-02 08:37:05 -0700
committer	Andrew Arnott <andrewarnott@gmail.com>	2009-06-02 16:59:53 -0700
commit	530dbb02e89eadeb82ae088d2b7eaed743d70910 (patch)
tree	53f029e6ee99240ac4ee96703322c37d5d1b71c1
parent	66cb72fc2e8f41784f60526eb235186c8d830e6c (diff)
download	DotNetOpenAuth-530dbb02e89eadeb82ae088d2b7eaed743d70910.zip DotNetOpenAuth-530dbb02e89eadeb82ae088d2b7eaed743d70910.tar.gz DotNetOpenAuth-530dbb02e89eadeb82ae088d2b7eaed743d70910.tar.bz2