diff options
| author | Andrew Arnott <andrewarnott@gmail.com> | 2009-03-09 15:02:14 -0700 |
|---|---|---|
| committer | Andrew Arnott <andrewarnott@gmail.com> | 2009-03-09 15:40:14 -0700 |
| commit | 7fe6ee93ec72ada51960cf685a398cb20a54dc05 (patch) | |
| tree | e1052adbacd300ce92dd87d325770fd30729fc35 | |
| parent | 5e19bb6e463e31a8f0dd591fcb3e8b60a929666c (diff) | |
| download | DotNetOpenAuth-7fe6ee93ec72ada51960cf685a398cb20a54dc05.zip DotNetOpenAuth-7fe6ee93ec72ada51960cf685a398cb20a54dc05.tar.gz DotNetOpenAuth-7fe6ee93ec72ada51960cf685a398cb20a54dc05.tar.bz2 | |
Removed assoc_handle and response_nonce from the list of parameters that must be signed for OpenID 1.x messages.
| -rw-r--r-- | src/DotNetOpenAuth/OpenId/ChannelElements/SigningBindingElement.cs | 1 | ||||
| -rw-r--r-- | src/DotNetOpenAuth/OpenId/Messages/IndirectSignedResponse.cs | 5 |
2 files changed, 4 insertions, 2 deletions
diff --git a/src/DotNetOpenAuth/OpenId/ChannelElements/SigningBindingElement.cs b/src/DotNetOpenAuth/OpenId/ChannelElements/SigningBindingElement.cs index ddf64bf..fcb862e 100644 --- a/src/DotNetOpenAuth/OpenId/ChannelElements/SigningBindingElement.cs +++ b/src/DotNetOpenAuth/OpenId/ChannelElements/SigningBindingElement.cs @@ -196,6 +196,7 @@ namespace DotNetOpenAuth.OpenId.ChannelElements { Protocol protocol = Protocol.Lookup(signedMessage.Version); var partsRequiringProtection = from part in MessageDescription.Get(signedMessage.GetType(), signedMessage.Version).Mapping.Values where part.RequiredProtection != ProtectionLevel.None + where part.IsRequired || part.IsNondefaultValueSet(signedMessage) select part.Name; ErrorUtilities.VerifyInternal(partsRequiringProtection.All(name => name.StartsWith(protocol.openid.Prefix, StringComparison.Ordinal)), "Signing only works when the parameters start with the 'openid.' prefix."); string[] signedParts = signedMessage.SignedParameterOrder.Split(','); diff --git a/src/DotNetOpenAuth/OpenId/Messages/IndirectSignedResponse.cs b/src/DotNetOpenAuth/OpenId/Messages/IndirectSignedResponse.cs index cfa2267..679018b 100644 --- a/src/DotNetOpenAuth/OpenId/Messages/IndirectSignedResponse.cs +++ b/src/DotNetOpenAuth/OpenId/Messages/IndirectSignedResponse.cs @@ -159,7 +159,8 @@ namespace DotNetOpenAuth.OpenId.Messages { /// Gets or sets the association handle used to sign the message. /// </summary> /// <value>The handle for the association that was used to sign this assertion. </value> - [MessagePart("openid.assoc_handle", IsRequired = true, AllowEmpty = false, RequiredProtection = ProtectionLevel.Sign)] + [MessagePart("openid.assoc_handle", IsRequired = true, AllowEmpty = false, RequiredProtection = ProtectionLevel.Sign, MinVersion = "2.0")] + [MessagePart("openid.assoc_handle", IsRequired = true, AllowEmpty = false, RequiredProtection = ProtectionLevel.None, MaxVersion = "1.1")] string ITamperResistantOpenIdMessage.AssociationHandle { get; set; } /// <summary> @@ -251,7 +252,7 @@ namespace DotNetOpenAuth.OpenId.Messages { /// <example>2005-05-15T17:11:51ZUNIQUE</example> [SuppressMessage("Microsoft.Performance", "CA1811:AvoidUncalledPrivateCode", Justification = "Called by messaging framework via reflection.")] [MessagePart("openid.response_nonce", IsRequired = true, AllowEmpty = false, RequiredProtection = ProtectionLevel.Sign, MinVersion = "2.0")] - [MessagePart("openid.response_nonce", IsRequired = false, AllowEmpty = false, RequiredProtection = ProtectionLevel.Sign, MaxVersion = "1.1")] + [MessagePart("openid.response_nonce", IsRequired = false, AllowEmpty = false, RequiredProtection = ProtectionLevel.None, MaxVersion = "1.1")] private string ResponseNonce { get { string uniqueFragment = ((IReplayProtectedProtocolMessage)this).Nonce; |