diff options
| author | Andrew Arnott <andrewarnott@gmail.com> | 2008-12-31 22:20:46 -0700 |
|---|---|---|
| committer | Andrew <andrewarnott@gmail.com> | 2009-01-03 07:47:44 -0800 |
| commit | cb7c4adeffac1e28bcdd6fce477e67fadfc0bba8 (patch) | |
| tree | d8e40e799cf5bd69bec89a05a99c93099a528c65 | |
| parent | 1f0d70697cc819de7c0b422a6b17301ac5e3c0e8 (diff) | |
| download | DotNetOpenAuth-cb7c4adeffac1e28bcdd6fce477e67fadfc0bba8.zip DotNetOpenAuth-cb7c4adeffac1e28bcdd6fce477e67fadfc0bba8.tar.gz DotNetOpenAuth-cb7c4adeffac1e28bcdd6fce477e67fadfc0bba8.tar.bz2 | |
Removed the RP's special web request handler that was redundant with the OpenIdChannel's.
| -rw-r--r-- | src/DotNetOpenAuth/OpenId/ChannelElements/OpenIdChannel.cs | 5 | ||||
| -rw-r--r-- | src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdRelyingParty.cs | 13 |
2 files changed, 11 insertions, 7 deletions
diff --git a/src/DotNetOpenAuth/OpenId/ChannelElements/OpenIdChannel.cs b/src/DotNetOpenAuth/OpenId/ChannelElements/OpenIdChannel.cs index 9d3d778..b71d644 100644 --- a/src/DotNetOpenAuth/OpenId/ChannelElements/OpenIdChannel.cs +++ b/src/DotNetOpenAuth/OpenId/ChannelElements/OpenIdChannel.cs @@ -103,6 +103,11 @@ namespace DotNetOpenAuth.OpenId.ChannelElements { } CustomizeBindingElementOrder(outgoingBindingElements, incomingBindingElements); + + // Change out the standard web request handler to reflect the standard + // OpenID pattern that outgoing web requests are to unknown and untrusted + // servers on the Internet. + this.WebRequestHandler = new UntrustedWebRequestHandler(); } /// <summary> diff --git a/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdRelyingParty.cs b/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdRelyingParty.cs index ed9a7ca..d377938 100644 --- a/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdRelyingParty.cs +++ b/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdRelyingParty.cs @@ -17,11 +17,6 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { /// </summary> public sealed class OpenIdRelyingParty { /// <summary> - /// The untrusted web request handler we use (and share) by default across all RP instances. - /// </summary> - private static IDirectSslWebRequestHandler defaultUntrustedWebRequestHandler = new UntrustedWebRequestHandler(); - - /// <summary> /// Backing field for the <see cref="SecuritySettings"/> property. /// </summary> private RelyingPartySecuritySettings securitySettings; @@ -42,7 +37,6 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { this.Channel = new OpenIdChannel(associationStore, nonceStore, secretStore); this.AssociationStore = associationStore; this.SecuritySettings = RelyingPartySection.Configuration.SecuritySettings.CreateSecuritySettings(); - this.WebRequestHandler = defaultUntrustedWebRequestHandler; } /// <summary> @@ -76,7 +70,12 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { /// Gets the web request handler to use for discovery and the part of /// authentication where direct messages are sent to an untrusted remote party. /// </summary> - internal IDirectSslWebRequestHandler WebRequestHandler { get; private set; } + internal IDirectSslWebRequestHandler WebRequestHandler { + // TODO: Since the OpenIdChannel.WebRequestHandler might be set to a non-SSL + // implementation, we should consider altering the consumers of this property + // to handle either case. + get { return this.Channel.WebRequestHandler as IDirectSslWebRequestHandler; } + } /// <summary> /// Gets an association between this Relying Party and a given Provider. |