diff options
| author | Andrew Arnott <andrewarnott@gmail.com> | 2011-08-07 06:56:28 -0700 |
|---|---|---|
| committer | Andrew Arnott <andrewarnott@gmail.com> | 2011-08-07 06:56:28 -0700 |
| commit | e2a578bc77b81b1aa896edd6fa4ab2c7b8f2ceb8 (patch) | |
| tree | cefb480e0278a2b8ad0160fe11f3d72a61e13286 | |
| parent | 602235cb155d108e5f22627e1f4a07041ae3693e (diff) | |
| download | DotNetOpenAuth-e2a578bc77b81b1aa896edd6fa4ab2c7b8f2ceb8.zip DotNetOpenAuth-e2a578bc77b81b1aa896edd6fa4ab2c7b8f2ceb8.tar.gz DotNetOpenAuth-e2a578bc77b81b1aa896edd6fa4ab2c7b8f2ceb8.tar.bz2 | |
StyleCop work.
52 files changed, 482 insertions, 198 deletions
diff --git a/samples/OpenIdRelyingPartyMvc/OpenIdRelyingPartyMvc.csproj b/samples/OpenIdRelyingPartyMvc/OpenIdRelyingPartyMvc.csproj index 59101b0..39c29ff 100644 --- a/samples/OpenIdRelyingPartyMvc/OpenIdRelyingPartyMvc.csproj +++ b/samples/OpenIdRelyingPartyMvc/OpenIdRelyingPartyMvc.csproj @@ -117,7 +117,9 @@ <Content Include="Global.asax" /> <Content Include="Views\User\Index.aspx" /> <Content Include="Views\User\Login.aspx" /> - <Content Include="Web.config" /> + <Content Include="Web.config"> + <SubType>Designer</SubType> + </Content> <Content Include="Content\Site.css" /> <Content Include="Views\Home\Index.aspx" /> <Content Include="Views\Shared\Site.Master" /> diff --git a/samples/OpenIdRelyingPartyWebFormsVB/Global.asax.vb b/samples/OpenIdRelyingPartyWebFormsVB/Global.asax.vb index 60ab0cc..257e11a 100644 --- a/samples/OpenIdRelyingPartyWebFormsVB/Global.asax.vb +++ b/samples/OpenIdRelyingPartyWebFormsVB/Global.asax.vb @@ -5,7 +5,6 @@ Imports System.IO Imports System.Text Imports System.Web Imports DotNetOpenAuth.ApplicationBlock -Imports DotNetOpenAuth.OAuth Imports OpenIdRelyingPartyWebFormsVB Public Class Global_asax diff --git a/src/DotNetOpenAuth.InfoCard.UI/ComponentModel/UriConverter.cs b/src/DotNetOpenAuth.InfoCard.UI/ComponentModel/UriConverter.cs index 5e7c22b..5111846 100644 --- a/src/DotNetOpenAuth.InfoCard.UI/ComponentModel/UriConverter.cs +++ b/src/DotNetOpenAuth.InfoCard.UI/ComponentModel/UriConverter.cs @@ -108,7 +108,7 @@ namespace DotNetOpenAuth.ComponentModel { let value = (string)prop.GetValue(null, null) where value != null select new Uri(value); - return (fields.Concat(properties)).ToArray(); + return fields.Concat(properties).ToArray(); } else { return new Uri[0]; } diff --git a/src/DotNetOpenAuth.Messaging.UI/ComponentModel/SuggestedStringsConverter.cs b/src/DotNetOpenAuth.Messaging.UI/ComponentModel/SuggestedStringsConverter.cs index 864d001..4d4236c 100644 --- a/src/DotNetOpenAuth.Messaging.UI/ComponentModel/SuggestedStringsConverter.cs +++ b/src/DotNetOpenAuth.Messaging.UI/ComponentModel/SuggestedStringsConverter.cs @@ -43,7 +43,7 @@ namespace DotNetOpenAuth.ComponentModel { select field.GetValue(null); var properties = from prop in type.GetProperties(BindingFlags.Static | BindingFlags.Public) select prop.GetValue(null, null); - return (fields.Concat(properties)).ToArray(); + return fields.Concat(properties).ToArray(); } /// <summary> diff --git a/src/DotNetOpenAuth.Messaging/Configuration/DotNetOpenAuthSection.cs b/src/DotNetOpenAuth.Messaging/Configuration/DotNetOpenAuthSection.cs index 5e2a494..b4dfc15 100644 --- a/src/DotNetOpenAuth.Messaging/Configuration/DotNetOpenAuthSection.cs +++ b/src/DotNetOpenAuth.Messaging/Configuration/DotNetOpenAuthSection.cs @@ -45,17 +45,29 @@ namespace DotNetOpenAuth.Configuration { } } + /// <summary> + /// Gets the messaging configuration element. + /// </summary> public static MessagingElement Messaging { get { return MessagingElement.Configuration; } } - internal TypeConfigurationElement<IEmbeddedResourceRetrieval> EmbeddedResourceRetrievalProvider { - get { return /*(TypeConfigurationElement<IEmbeddedResourceRetrieval>)this[WebResourceUrlProviderName] ??*/ new TypeConfigurationElement<IEmbeddedResourceRetrieval>(); } - set { /*this[WebResourceUrlProviderName] = value;*/ } - } - + /// <summary> + /// Gets the reporting configuration element. + /// </summary> internal static ReportingElement Reporting { get { return ReportingElement.Configuration; } } + + /// <summary> + /// Gets or sets the embedded resource retrieval provider. + /// </summary> + /// <value> + /// The embedded resource retrieval provider. + /// </value> + internal TypeConfigurationElement<IEmbeddedResourceRetrieval> EmbeddedResourceRetrievalProvider { + get { return /*TODO: (TypeConfigurationElement<IEmbeddedResourceRetrieval>)this[WebResourceUrlProviderName] ??*/ new TypeConfigurationElement<IEmbeddedResourceRetrieval>(); } + set { /*this[WebResourceUrlProviderName] = value;*/ } + } } } diff --git a/src/DotNetOpenAuth.Messaging/Configuration/ReportingElement.cs b/src/DotNetOpenAuth.Messaging/Configuration/ReportingElement.cs index 3cd0af1..a8eb7d3 100644 --- a/src/DotNetOpenAuth.Messaging/Configuration/ReportingElement.cs +++ b/src/DotNetOpenAuth.Messaging/Configuration/ReportingElement.cs @@ -8,9 +8,9 @@ namespace DotNetOpenAuth.Configuration { using System; using System.Collections.Generic; using System.Configuration; + using System.Diagnostics.Contracts; using System.Linq; using System.Text; - using System.Diagnostics.Contracts; /// <summary> /// Represents the <reporting> element in the host's .config file. diff --git a/src/DotNetOpenAuth.Messaging/Configuration/UntrustedWebRequestElement.cs b/src/DotNetOpenAuth.Messaging/Configuration/UntrustedWebRequestElement.cs index 40a3d0c..f5a142a 100644 --- a/src/DotNetOpenAuth.Messaging/Configuration/UntrustedWebRequestElement.cs +++ b/src/DotNetOpenAuth.Messaging/Configuration/UntrustedWebRequestElement.cs @@ -72,7 +72,7 @@ namespace DotNetOpenAuth.Configuration { return (UntrustedWebRequestElement)ConfigurationManager.GetSection(WebResourceUrlProviderName) ?? new UntrustedWebRequestElement(); } } - + /// <summary> /// Gets or sets the read/write timeout after which an HTTP request will fail. /// </summary> diff --git a/src/DotNetOpenAuth.Messaging/Messaging/Reflection/MessagePart.cs b/src/DotNetOpenAuth.Messaging/Messaging/Reflection/MessagePart.cs index 80ceefd..83f489a 100644 --- a/src/DotNetOpenAuth.Messaging/Messaging/Reflection/MessagePart.cs +++ b/src/DotNetOpenAuth.Messaging/Messaging/Reflection/MessagePart.cs @@ -212,6 +212,28 @@ namespace DotNetOpenAuth.Messaging.Reflection { } /// <summary> + /// Adds a pair of type conversion functions to the static conversion map. + /// </summary> + /// <typeparam name="T">The custom type to convert to and from strings.</typeparam> + /// <param name="toString">The function to convert the custom type to a string.</param> + /// <param name="toOriginalString">The mapping function that converts some custom value to its original (non-normalized) string. May be null if the same as the <paramref name="toString"/> function.</param> + /// <param name="toValue">The function to convert a string to the custom type.</param> + [SuppressMessage("Microsoft.Globalization", "CA1303:Do not pass literals as localized parameters", MessageId = "System.Diagnostics.Contracts.__ContractsRuntime.Requires<System.ArgumentNullException>(System.Boolean,System.String,System.String)", Justification = "Code contracts"), SuppressMessage("Microsoft.Naming", "CA2204:Literals should be spelled correctly", MessageId = "toString", Justification = "Code contracts"), SuppressMessage("Microsoft.Naming", "CA2204:Literals should be spelled correctly", MessageId = "toValue", Justification = "Code contracts")] + internal static void Map<T>(Func<T, string> toString, Func<T, string> toOriginalString, Func<string, T> toValue) { + Contract.Requires<ArgumentNullException>(toString != null); + Contract.Requires<ArgumentNullException>(toValue != null); + + if (toOriginalString == null) { + toOriginalString = toString; + } + + Func<object, string> safeToString = obj => obj != null ? toString((T)obj) : null; + Func<object, string> safeToOriginalString = obj => obj != null ? toOriginalString((T)obj) : null; + Func<string, object> safeToT = str => str != null ? toValue(str) : default(T); + converters.Add(typeof(T), new ValueMapping(safeToString, safeToOriginalString, safeToT)); + } + + /// <summary> /// Sets the member of a given message to some given value. /// Used in deserialization. /// </summary> @@ -299,28 +321,6 @@ namespace DotNetOpenAuth.Messaging.Reflection { } /// <summary> - /// Adds a pair of type conversion functions to the static conversion map. - /// </summary> - /// <typeparam name="T">The custom type to convert to and from strings.</typeparam> - /// <param name="toString">The function to convert the custom type to a string.</param> - /// <param name="toOriginalString">The mapping function that converts some custom value to its original (non-normalized) string. May be null if the same as the <paramref name="toString"/> function.</param> - /// <param name="toValue">The function to convert a string to the custom type.</param> - [SuppressMessage("Microsoft.Globalization", "CA1303:Do not pass literals as localized parameters", MessageId = "System.Diagnostics.Contracts.__ContractsRuntime.Requires<System.ArgumentNullException>(System.Boolean,System.String,System.String)", Justification = "Code contracts"), SuppressMessage("Microsoft.Naming", "CA2204:Literals should be spelled correctly", MessageId = "toString", Justification = "Code contracts"), SuppressMessage("Microsoft.Naming", "CA2204:Literals should be spelled correctly", MessageId = "toValue", Justification = "Code contracts")] - internal static void Map<T>(Func<T, string> toString, Func<T, string> toOriginalString, Func<string, T> toValue) { - Contract.Requires<ArgumentNullException>(toString != null); - Contract.Requires<ArgumentNullException>(toValue != null); - - if (toOriginalString == null) { - toOriginalString = toString; - } - - Func<object, string> safeToString = obj => obj != null ? toString((T)obj) : null; - Func<object, string> safeToOriginalString = obj => obj != null ? toOriginalString((T)obj) : null; - Func<string, object> safeToT = str => str != null ? toValue(str) : default(T); - converters.Add(typeof(T), new ValueMapping(safeToString, safeToOriginalString, safeToT)); - } - - /// <summary> /// Checks whether a type is a nullable value type (i.e. int?) /// </summary> /// <param name="type">The type in question.</param> diff --git a/src/DotNetOpenAuth.Messaging/Reporting.cs b/src/DotNetOpenAuth.Messaging/Reporting.cs index c528972..f197e81 100644 --- a/src/DotNetOpenAuth.Messaging/Reporting.cs +++ b/src/DotNetOpenAuth.Messaging/Reporting.cs @@ -142,6 +142,9 @@ namespace DotNetOpenAuth { } } + /// <summary> + /// Gets the observed features. + /// </summary> internal static PersistentHashSet ObservedFeatures { get { return observedFeatures; } } @@ -312,6 +315,20 @@ namespace DotNetOpenAuth { } /// <summary> + /// Called by every internal/public method on this class to give + /// periodic operations a chance to run. + /// </summary> + protected static void Touch() { + // Publish stats if it's time to do so. + lock (publishingConsiderationLock) { + if (DateTime.Now - lastPublished > Configuration.MinimumReportingInterval) { + lastPublished = DateTime.Now; + SendStatsAsync(); + } + } + } + + /// <summary> /// Initializes Reporting if it has not been initialized yet. /// </summary> [SuppressMessage("Microsoft.Design", "CA1031:DoNotCatchGeneralExceptionTypes", Justification = "This method must never throw.")] @@ -483,20 +500,6 @@ namespace DotNetOpenAuth { } /// <summary> - /// Called by every internal/public method on this class to give - /// periodic operations a chance to run. - /// </summary> - protected static void Touch() { - // Publish stats if it's time to do so. - lock (publishingConsiderationLock) { - if (DateTime.Now - lastPublished > Configuration.MinimumReportingInterval) { - lastPublished = DateTime.Now; - SendStatsAsync(); - } - } - } - - /// <summary> /// Sends the stats report asynchronously, and careful to not throw any unhandled exceptions. /// </summary> [SuppressMessage("Microsoft.Design", "CA1031:DoNotCatchGeneralExceptionTypes", Justification = "Unhandled exceptions MUST NOT be thrown from here.")] diff --git a/src/DotNetOpenAuth.OAuth.Consumer/OAuth/ChannelElements/OAuthConsumerChannel.cs b/src/DotNetOpenAuth.OAuth.Consumer/OAuth/ChannelElements/OAuthConsumerChannel.cs index 3032817..a220ab0 100644 --- a/src/DotNetOpenAuth.OAuth.Consumer/OAuth/ChannelElements/OAuthConsumerChannel.cs +++ b/src/DotNetOpenAuth.OAuth.Consumer/OAuth/ChannelElements/OAuthConsumerChannel.cs @@ -1,13 +1,22 @@ -namespace DotNetOpenAuth.OAuth.ChannelElements { +//----------------------------------------------------------------------- +// <copyright file="OAuthConsumerChannel.cs" company="Andrew Arnott"> +// Copyright (c) Andrew Arnott. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- + +namespace DotNetOpenAuth.OAuth.ChannelElements { using System; using System.Collections.Generic; - using System.Linq; - using System.Text; using System.Diagnostics.CodeAnalysis; using System.Diagnostics.Contracts; - using DotNetOpenAuth.Messaging.Bindings; + using System.Linq; + using System.Text; using DotNetOpenAuth.Messaging; + using DotNetOpenAuth.Messaging.Bindings; + /// <summary> + /// The messaging channel for OAuth 1.0(a) Consumers. + /// </summary> internal class OAuthConsumerChannel : OAuthChannel { /// <summary> /// Initializes a new instance of the <see cref="OAuthConsumerChannel"/> class. @@ -16,6 +25,7 @@ /// <param name="store">The web application store to use for nonces.</param> /// <param name="tokenManager">The token manager instance to use.</param> /// <param name="securitySettings">The security settings.</param> + /// <param name="messageFactory">The message factory.</param> [SuppressMessage("Microsoft.Globalization", "CA1303:Do not pass literals as localized parameters", MessageId = "System.Diagnostics.Contracts.__ContractsRuntime.Requires<System.ArgumentNullException>(System.Boolean,System.String,System.String)", Justification = "Code contracts"), SuppressMessage("Microsoft.Naming", "CA2204:Literals should be spelled correctly", MessageId = "securitySettings", Justification = "Code contracts")] internal OAuthConsumerChannel(ITamperProtectionChannelBindingElement signingBindingElement, INonceStore store, IConsumerTokenManager tokenManager, ConsumerSecuritySettings securitySettings, IMessageFactory messageFactory = null) : base( diff --git a/src/DotNetOpenAuth.OAuth.Consumer/OAuth/ChannelElements/RsaSha1ConsumerSigningBindingElement.cs b/src/DotNetOpenAuth.OAuth.Consumer/OAuth/ChannelElements/RsaSha1ConsumerSigningBindingElement.cs index ba451e5..7408789 100644 --- a/src/DotNetOpenAuth.OAuth.Consumer/OAuth/ChannelElements/RsaSha1ConsumerSigningBindingElement.cs +++ b/src/DotNetOpenAuth.OAuth.Consumer/OAuth/ChannelElements/RsaSha1ConsumerSigningBindingElement.cs @@ -1,5 +1,5 @@ //----------------------------------------------------------------------- -// <copyright file="RsaSha1SigningBindingElement.cs" company="Andrew Arnott"> +// <copyright file="RsaSha1ConsumerSigningBindingElement.cs" company="Andrew Arnott"> // Copyright (c) Andrew Arnott. All rights reserved. // </copyright> //----------------------------------------------------------------------- @@ -17,7 +17,7 @@ namespace DotNetOpenAuth.OAuth.ChannelElements { /// </summary> public class RsaSha1ConsumerSigningBindingElement : RsaSha1SigningBindingElement { /// <summary> - /// Initializes a new instance of the <see cref="RsaSha1SigningBindingElement"/> class. + /// Initializes a new instance of the <see cref="RsaSha1ConsumerSigningBindingElement"/> class. /// </summary> /// <param name="signingCertificate">The certificate used to sign outgoing messages.</param> public RsaSha1ConsumerSigningBindingElement(X509Certificate2 signingCertificate) { @@ -31,6 +31,13 @@ namespace DotNetOpenAuth.OAuth.ChannelElements { /// </summary> public X509Certificate2 SigningCertificate { get; set; } + /// <summary> + /// Determines whether the signature on some message is valid. + /// </summary> + /// <param name="message">The message to check the signature on.</param> + /// <returns> + /// <c>true</c> if the signature on the message is valid; otherwise, <c>false</c>. + /// </returns> protected override bool IsSignatureValid(ITamperResistantOAuthMessage message) { throw new NotImplementedException(); } @@ -54,6 +61,12 @@ namespace DotNetOpenAuth.OAuth.ChannelElements { return base64Signature; } + /// <summary> + /// Creates a new object that is a copy of the current instance. + /// </summary> + /// <returns> + /// A new object that is a copy of this instance. + /// </returns> protected override ITamperProtectionChannelBindingElement Clone() { return new RsaSha1ConsumerSigningBindingElement(this.SigningCertificate); } diff --git a/src/DotNetOpenAuth.OAuth.ServiceProvider/OAuth/ChannelElements/OAuthServiceProviderChannel.cs b/src/DotNetOpenAuth.OAuth.ServiceProvider/OAuth/ChannelElements/OAuthServiceProviderChannel.cs index 9b7eea5..25c0f54 100644 --- a/src/DotNetOpenAuth.OAuth.ServiceProvider/OAuth/ChannelElements/OAuthServiceProviderChannel.cs +++ b/src/DotNetOpenAuth.OAuth.ServiceProvider/OAuth/ChannelElements/OAuthServiceProviderChannel.cs @@ -14,6 +14,9 @@ namespace DotNetOpenAuth.OAuth.ChannelElements { using DotNetOpenAuth.Messaging; using DotNetOpenAuth.Messaging.Bindings; + /// <summary> + /// The messaging channel for OAuth 1.0(a) Service Providers. + /// </summary> internal class OAuthServiceProviderChannel : OAuthChannel { /// <summary> /// Initializes a new instance of the <see cref="OAuthServiceProviderChannel"/> class. @@ -22,6 +25,7 @@ namespace DotNetOpenAuth.OAuth.ChannelElements { /// <param name="store">The web application store to use for nonces.</param> /// <param name="tokenManager">The token manager instance to use.</param> /// <param name="securitySettings">The security settings.</param> + /// <param name="messageTypeProvider">The message type provider.</param> [SuppressMessage("Microsoft.Globalization", "CA1303:Do not pass literals as localized parameters", MessageId = "System.Diagnostics.Contracts.__ContractsRuntime.Requires<System.ArgumentNullException>(System.Boolean,System.String,System.String)", Justification = "Code contracts"), SuppressMessage("Microsoft.Naming", "CA2204:Literals should be spelled correctly", MessageId = "securitySettings", Justification = "Code contracts")] internal OAuthServiceProviderChannel(ITamperProtectionChannelBindingElement signingBindingElement, INonceStore store, IServiceProviderTokenManager tokenManager, ServiceProviderSecuritySettings securitySettings, IMessageFactory messageTypeProvider = null) : base( diff --git a/src/DotNetOpenAuth.OAuth.ServiceProvider/OAuth/ChannelElements/RsaSha1ServiceProviderSigningBindingElement.cs b/src/DotNetOpenAuth.OAuth.ServiceProvider/OAuth/ChannelElements/RsaSha1ServiceProviderSigningBindingElement.cs index c05ba84..bcd0322 100644 --- a/src/DotNetOpenAuth.OAuth.ServiceProvider/OAuth/ChannelElements/RsaSha1ServiceProviderSigningBindingElement.cs +++ b/src/DotNetOpenAuth.OAuth.ServiceProvider/OAuth/ChannelElements/RsaSha1ServiceProviderSigningBindingElement.cs @@ -1,5 +1,5 @@ //----------------------------------------------------------------------- -// <copyright file="RsaSha1SigningBindingElement.cs" company="Andrew Arnott"> +// <copyright file="RsaSha1ServiceProviderSigningBindingElement.cs" company="Andrew Arnott"> // Copyright (c) Andrew Arnott. All rights reserved. // </copyright> //----------------------------------------------------------------------- @@ -57,6 +57,13 @@ namespace DotNetOpenAuth.OAuth.ChannelElements { return valid; } + /// <summary> + /// Calculates a signature for a given message. + /// </summary> + /// <param name="message">The message to sign.</param> + /// <returns> + /// The signature for the message. + /// </returns> protected override string GetSignature(ITamperResistantOAuthMessage message) { throw new NotImplementedException(); } diff --git a/src/DotNetOpenAuth.OAuth/OAuth/ChannelElements/OAuthChannel.cs b/src/DotNetOpenAuth.OAuth/OAuth/ChannelElements/OAuthChannel.cs index b6ad28d..a535c07 100644 --- a/src/DotNetOpenAuth.OAuth/OAuth/ChannelElements/OAuthChannel.cs +++ b/src/DotNetOpenAuth.OAuth/OAuth/ChannelElements/OAuthChannel.cs @@ -36,6 +36,7 @@ namespace DotNetOpenAuth.OAuth.ChannelElements { /// <param name="messageTypeProvider">An injected message type provider instance. /// Except for mock testing, this should always be one of /// <see cref="OAuthConsumerMessageFactory"/> or <see cref="OAuthServiceProviderMessageFactory"/>.</param> + /// <param name="bindingElements">The binding elements.</param> [SuppressMessage("Microsoft.Globalization", "CA1303:Do not pass literals as localized parameters", MessageId = "System.Diagnostics.Contracts.__ContractsRuntime.Requires<System.ArgumentNullException>(System.Boolean,System.String,System.String)", Justification = "Code contracts"), SuppressMessage("Microsoft.Naming", "CA2204:Literals should be spelled correctly", MessageId = "securitySettings", Justification = "Code contracts")] protected OAuthChannel(ITamperProtectionChannelBindingElement signingBindingElement, INonceStore store, ITokenManager tokenManager, SecuritySettings securitySettings, IMessageFactory messageTypeProvider, IChannelBindingElement[] bindingElements) : base(messageTypeProvider, bindingElements) { @@ -85,6 +86,29 @@ namespace DotNetOpenAuth.OAuth.ChannelElements { } /// <summary> + /// Initializes the binding elements for the OAuth channel. + /// </summary> + /// <param name="signingBindingElement">The signing binding element.</param> + /// <param name="store">The nonce store.</param> + /// <param name="tokenManager">The token manager.</param> + /// <param name="securitySettings">The security settings.</param> + /// <returns> + /// An array of binding elements used to initialize the channel. + /// </returns> + protected static List<IChannelBindingElement> InitializeBindingElements(ITamperProtectionChannelBindingElement signingBindingElement, INonceStore store, ITokenManager tokenManager, SecuritySettings securitySettings) { + Contract.Requires(securitySettings != null); + + var bindingElements = new List<IChannelBindingElement> { + new OAuthHttpMethodBindingElement(), + signingBindingElement, + new StandardExpirationBindingElement(), + new StandardReplayProtectionBindingElement(store), + }; + + return bindingElements; + } + + /// <summary> /// Searches an incoming HTTP request for data that could be used to assemble /// a protocol request message. /// </summary> @@ -213,27 +237,11 @@ namespace DotNetOpenAuth.OAuth.ChannelElements { } /// <summary> - /// Initializes the binding elements for the OAuth channel. + /// Gets the consumer secret for a given consumer key. /// </summary> - /// <param name="signingBindingElement">The signing binding element.</param> - /// <param name="store">The nonce store.</param> - /// <param name="tokenManager">The token manager.</param> - /// <param name="securitySettings">The security settings.</param> - /// <returns> - /// An array of binding elements used to initialize the channel. - /// </returns> - protected static List<IChannelBindingElement> InitializeBindingElements(ITamperProtectionChannelBindingElement signingBindingElement, INonceStore store, ITokenManager tokenManager, SecuritySettings securitySettings) { - Contract.Requires(securitySettings != null); - - var bindingElements = new List<IChannelBindingElement> { - new OAuthHttpMethodBindingElement(), - signingBindingElement, - new StandardExpirationBindingElement(), - new StandardReplayProtectionBindingElement(store), - }; - - return bindingElements; - } + /// <param name="consumerKey">The consumer key.</param> + /// <returns>A consumer secret.</returns> + protected abstract string GetConsumerSecret(string consumerKey); /// <summary> /// Uri-escapes the names and values in a dictionary per OAuth 1.0 section 5.1. @@ -344,7 +352,5 @@ namespace DotNetOpenAuth.OAuth.ChannelElements { throw new ProtocolException(OAuthStrings.ConsumerOrTokenSecretNotFound, ex); } } - - protected abstract string GetConsumerSecret(string consumerKey); } } diff --git a/src/DotNetOpenAuth.OAuth/OAuthReporting.cs b/src/DotNetOpenAuth.OAuth/OAuthReporting.cs index 062f9dc..c6f8841 100644 --- a/src/DotNetOpenAuth.OAuth/OAuthReporting.cs +++ b/src/DotNetOpenAuth.OAuth/OAuthReporting.cs @@ -14,6 +14,9 @@ namespace DotNetOpenAuth { using DotNetOpenAuth.OAuth; using DotNetOpenAuth.OAuth.ChannelElements; + /// <summary> + /// Utility methods specific to OAuth feature reporting. + /// </summary> internal class OAuthReporting : Reporting { /// <summary> /// Records the feature and dependency use. diff --git a/src/DotNetOpenAuth.OpenId.Provider/OpenId/Behaviors/GsaIcamProviderProfile.cs b/src/DotNetOpenAuth.OpenId.Provider/OpenId/Behaviors/GsaIcamProviderProfile.cs index 020de09..5f4d23c 100644 --- a/src/DotNetOpenAuth.OpenId.Provider/OpenId/Behaviors/GsaIcamProviderProfile.cs +++ b/src/DotNetOpenAuth.OpenId.Provider/OpenId/Behaviors/GsaIcamProviderProfile.cs @@ -1,5 +1,5 @@ //----------------------------------------------------------------------- -// <copyright file="GsaIcamProfile.cs" company="Andrew Arnott"> +// <copyright file="GsaIcamProviderProfile.cs" company="Andrew Arnott"> // Copyright (c) Andrew Arnott. All rights reserved. // </copyright> //----------------------------------------------------------------------- @@ -35,7 +35,7 @@ namespace DotNetOpenAuth.OpenId.Behaviors { private static readonly TimeSpan MaximumAssociationLifetime = TimeSpan.FromSeconds(86400); /// <summary> - /// Initializes a new instance of the <see cref="GsaIcamProfile"/> class. + /// Initializes a new instance of the <see cref="GsaIcamProviderProfile"/> class. /// </summary> public GsaIcamProviderProfile() { if (DisableSslRequirement) { diff --git a/src/DotNetOpenAuth.OpenId.Provider/OpenId/ChannelElements/OpenIdProviderChannel.cs b/src/DotNetOpenAuth.OpenId.Provider/OpenId/ChannelElements/OpenIdProviderChannel.cs index 88df1a7..2b88913 100644 --- a/src/DotNetOpenAuth.OpenId.Provider/OpenId/ChannelElements/OpenIdProviderChannel.cs +++ b/src/DotNetOpenAuth.OpenId.Provider/OpenId/ChannelElements/OpenIdProviderChannel.cs @@ -7,14 +7,17 @@ namespace DotNetOpenAuth.OpenId.ChannelElements { using System; using System.Collections.Generic; + using System.Diagnostics.Contracts; using System.Linq; using System.Text; - using DotNetOpenAuth.OpenId.Provider; - using DotNetOpenAuth.Messaging.Bindings; - using System.Diagnostics.Contracts; using DotNetOpenAuth.Messaging; + using DotNetOpenAuth.Messaging.Bindings; using DotNetOpenAuth.OpenId.Extensions; + using DotNetOpenAuth.OpenId.Provider; + /// <summary> + /// The messaging channel for OpenID Providers. + /// </summary> internal class OpenIdProviderChannel : OpenIdChannel { /// <summary> /// Initializes a new instance of the <see cref="OpenIdProviderChannel"/> class. @@ -27,7 +30,7 @@ namespace DotNetOpenAuth.OpenId.ChannelElements { Contract.Requires<ArgumentNullException>(cryptoKeyStore != null); Contract.Requires<ArgumentNullException>(securitySettings != null); } - + /// <summary> /// Initializes a new instance of the <see cref="OpenIdProviderChannel"/> class. /// </summary> @@ -37,7 +40,7 @@ namespace DotNetOpenAuth.OpenId.ChannelElements { /// <param name="securitySettings">The security settings.</param> private OpenIdProviderChannel(IProviderAssociationStore cryptoKeyStore, INonceStore nonceStore, IMessageFactory messageTypeProvider, ProviderSecuritySettings securitySettings) : base(messageTypeProvider, InitializeBindingElements(cryptoKeyStore, nonceStore, securitySettings)) { - Contract.Requires<ArgumentNullException>(cryptoKeyStore != null); + Contract.Requires<ArgumentNullException>(cryptoKeyStore != null); Contract.Requires<ArgumentNullException>(messageTypeProvider != null); Contract.Requires<ArgumentNullException>(securitySettings != null); } diff --git a/src/DotNetOpenAuth.OpenId.Provider/OpenId/ChannelElements/ProviderSigningBindingElement.cs b/src/DotNetOpenAuth.OpenId.Provider/OpenId/ChannelElements/ProviderSigningBindingElement.cs index 7975253..da9a64c 100644 --- a/src/DotNetOpenAuth.OpenId.Provider/OpenId/ChannelElements/ProviderSigningBindingElement.cs +++ b/src/DotNetOpenAuth.OpenId.Provider/OpenId/ChannelElements/ProviderSigningBindingElement.cs @@ -7,16 +7,19 @@ namespace DotNetOpenAuth.OpenId.ChannelElements { using System; using System.Collections.Generic; + using System.Diagnostics.Contracts; using System.Linq; using System.Text; - using DotNetOpenAuth.OpenId.Provider; - using System.Diagnostics.Contracts; - using DotNetOpenAuth.OpenId.Messages; + using System.Web; using DotNetOpenAuth.Messaging; using DotNetOpenAuth.Messaging.Bindings; - using System.Web; using DotNetOpenAuth.Messaging.Reflection; + using DotNetOpenAuth.OpenId.Messages; + using DotNetOpenAuth.OpenId.Provider; + /// <summary> + /// The signing binding element for OpenID Providers. + /// </summary> internal class ProviderSigningBindingElement : SigningBindingElement { /// <summary> /// The association store used by Providers to look up the secrets needed for signing. @@ -30,7 +33,7 @@ namespace DotNetOpenAuth.OpenId.ChannelElements { private readonly ProviderSecuritySettings opSecuritySettings; /// <summary> - /// Initializes a new instance of the SigningBindingElement class for use by a Provider. + /// Initializes a new instance of the <see cref="ProviderSigningBindingElement"/> class. /// </summary> /// <param name="associationStore">The association store used to look up the secrets needed for signing.</param> /// <param name="securitySettings">The security settings.</param> @@ -49,6 +52,14 @@ namespace DotNetOpenAuth.OpenId.ChannelElements { get { return true; } } + /// <summary> + /// Prepares a message for sending based on the rules of this channel binding element. + /// </summary> + /// <param name="message">The message to prepare for sending.</param> + /// <returns> + /// The protections (if any) that this binding element applied to the message. + /// Null if this binding element did not even apply to this binding element. + /// </returns> public override MessageProtections? ProcessOutgoingMessage(IProtocolMessage message) { var result = base.ProcessOutgoingMessage(message); if (result != null) { @@ -68,6 +79,13 @@ namespace DotNetOpenAuth.OpenId.ChannelElements { return null; } + /// <summary> + /// Gets the association to use to sign or verify a message. + /// </summary> + /// <param name="signedMessage">The message to sign or verify.</param> + /// <returns> + /// The association to use to sign or verify the message. + /// </returns> protected override Association GetAssociation(ITamperResistantOpenIdMessage signedMessage) { Contract.Requires<ArgumentNullException>(signedMessage != null); @@ -95,6 +113,13 @@ namespace DotNetOpenAuth.OpenId.ChannelElements { } } + /// <summary> + /// Gets a specific association referenced in a given message's association handle. + /// </summary> + /// <param name="signedMessage">The signed message whose association handle should be used to lookup the association to return.</param> + /// <returns> + /// The referenced association; or <c>null</c> if such an association cannot be found. + /// </returns> protected override Association GetSpecificAssociation(ITamperResistantOpenIdMessage signedMessage) { Association association = null; @@ -129,6 +154,15 @@ namespace DotNetOpenAuth.OpenId.ChannelElements { return association; } + /// <summary> + /// Verifies the signature by unrecognized handle. + /// </summary> + /// <param name="message">The message.</param> + /// <param name="signedMessage">The signed message.</param> + /// <param name="protectionsApplied">The protections applied.</param> + /// <returns> + /// The applied protections. + /// </returns> protected override MessageProtections VerifySignatureByUnrecognizedHandle(IProtocolMessage message, ITamperResistantOpenIdMessage signedMessage, MessageProtections protectionsApplied) { // If we're on the Provider, then the RP sent us a check_auth with a signature // we don't have an association for. (It may have expired, or it may be a faulty RP). @@ -192,9 +226,9 @@ namespace DotNetOpenAuth.OpenId.ChannelElements { MessageDescription description = this.Channel.MessageDescriptions.Get(signedMessage); var signedParts = from part in description.Mapping.Values - where (part.RequiredProtection & System.Net.Security.ProtectionLevel.Sign) != 0 - && part.GetValue(signedMessage) != null - select part.Name; + where (part.RequiredProtection & System.Net.Security.ProtectionLevel.Sign) != 0 + && part.GetValue(signedMessage) != null + select part.Name; string prefix = Protocol.V20.openid.Prefix; ErrorUtilities.VerifyInternal(signedParts.All(name => name.StartsWith(prefix, StringComparison.Ordinal)), "All signed message parts must start with 'openid.'."); diff --git a/src/DotNetOpenAuth.OpenId.Provider/OpenId/Extensions/ExtensionsInteropProviderHelper.cs b/src/DotNetOpenAuth.OpenId.Provider/OpenId/Extensions/ExtensionsInteropProviderHelper.cs index 2f8ac2f..c70bdd4 100644 --- a/src/DotNetOpenAuth.OpenId.Provider/OpenId/Extensions/ExtensionsInteropProviderHelper.cs +++ b/src/DotNetOpenAuth.OpenId.Provider/OpenId/Extensions/ExtensionsInteropProviderHelper.cs @@ -116,7 +116,7 @@ namespace DotNetOpenAuth.OpenId.Extensions { AddAXAttributeValue(axResponse, WellKnownAttributes.Preferences.TimeZone, format, sregResponse.TimeZone); AddAXAttributeValue(axResponse, WellKnownAttributes.Preferences.Language, format, sregResponse.Language); if (sregResponse.Gender.HasValue) { - AddAXAttributeValue(axResponse, WellKnownAttributes.Person.Gender, format, ExtensionsInteropHelper.genderEncoder.Encode(sregResponse.Gender)); + AddAXAttributeValue(axResponse, WellKnownAttributes.Person.Gender, format, ExtensionsInteropHelper.GenderEncoder.Encode(sregResponse.Gender)); } } } diff --git a/src/DotNetOpenAuth.OpenId.Provider/OpenId/HmacShaAssociationProvider.cs b/src/DotNetOpenAuth.OpenId.Provider/OpenId/HmacShaAssociationProvider.cs index 48b3840..7aff483 100644 --- a/src/DotNetOpenAuth.OpenId.Provider/OpenId/HmacShaAssociationProvider.cs +++ b/src/DotNetOpenAuth.OpenId.Provider/OpenId/HmacShaAssociationProvider.cs @@ -1,5 +1,5 @@ //----------------------------------------------------------------------- -// <copyright file="HmacShaAsssociationProvider.cs" company="Andrew Arnott"> +// <copyright file="HmacShaAssociationProvider.cs" company="Andrew Arnott"> // Copyright (c) Andrew Arnott. All rights reserved. // </copyright> //----------------------------------------------------------------------- @@ -7,12 +7,15 @@ namespace DotNetOpenAuth.OpenId { using System; using System.Collections.Generic; + using System.Diagnostics.Contracts; using System.Linq; using System.Text; - using System.Diagnostics.Contracts; using DotNetOpenAuth.Messaging; using DotNetOpenAuth.OpenId.Provider; + /// <summary> + /// OpenID Provider utility methods for HMAC-SHA* associations. + /// </summary> internal static class HmacShaAssociationProvider { /// <summary> /// The default lifetime of a shared association when no lifetime is given diff --git a/src/DotNetOpenAuth.OpenId.Provider/OpenId/Messages/AssociateDiffieHellmanProviderResponse.cs b/src/DotNetOpenAuth.OpenId.Provider/OpenId/Messages/AssociateDiffieHellmanProviderResponse.cs index cdb5166..2e0a4e1 100644 --- a/src/DotNetOpenAuth.OpenId.Provider/OpenId/Messages/AssociateDiffieHellmanProviderResponse.cs +++ b/src/DotNetOpenAuth.OpenId.Provider/OpenId/Messages/AssociateDiffieHellmanProviderResponse.cs @@ -1,5 +1,5 @@ //----------------------------------------------------------------------- -// <copyright file="AssociateDiffieHellmanResponse.cs" company="Andrew Arnott"> +// <copyright file="AssociateDiffieHellmanProviderResponse.cs" company="Andrew Arnott"> // Copyright (c) Andrew Arnott. All rights reserved. // </copyright> //----------------------------------------------------------------------- diff --git a/src/DotNetOpenAuth.OpenId.Provider/OpenId/Messages/AssociateRequestProvider.cs b/src/DotNetOpenAuth.OpenId.Provider/OpenId/Messages/AssociateRequestProvider.cs index 958bb9b..6abae34 100644 --- a/src/DotNetOpenAuth.OpenId.Provider/OpenId/Messages/AssociateRequestProvider.cs +++ b/src/DotNetOpenAuth.OpenId.Provider/OpenId/Messages/AssociateRequestProvider.cs @@ -7,12 +7,15 @@ namespace DotNetOpenAuth.OpenId.Messages { using System; using System.Collections.Generic; + using System.Diagnostics.Contracts; using System.Linq; using System.Text; using DotNetOpenAuth.Messaging; - using System.Diagnostics.Contracts; using DotNetOpenAuth.OpenId.Provider; + /// <summary> + /// The openid.mode=associate message as it is received at the OpenID Provider. + /// </summary> internal abstract class AssociateRequestProvider : AssociateRequest { /// <summary> /// Initializes a new instance of the <see cref="AssociateRequestProvider"/> class. diff --git a/src/DotNetOpenAuth.OpenId.Provider/OpenId/Messages/AssociateSuccessfulResponseProvider.cs b/src/DotNetOpenAuth.OpenId.Provider/OpenId/Messages/AssociateSuccessfulResponseProvider.cs index c9ad135..fa0091d 100644 --- a/src/DotNetOpenAuth.OpenId.Provider/OpenId/Messages/AssociateSuccessfulResponseProvider.cs +++ b/src/DotNetOpenAuth.OpenId.Provider/OpenId/Messages/AssociateSuccessfulResponseProvider.cs @@ -12,6 +12,9 @@ namespace DotNetOpenAuth.OpenId.Messages { using System.Text; using DotNetOpenAuth.OpenId.Provider; + /// <summary> + /// An outgoing successful association response from the OpenID Provider. + /// </summary> [ContractClass(typeof(AssociateSuccessfulResponseProviderContract))] internal abstract class AssociateSuccessfulResponseProvider : AssociateSuccessfulResponse { /// <summary> diff --git a/src/DotNetOpenAuth.OpenId.Provider/OpenId/Messages/AssociateSuccessfulResponseProviderContract.cs b/src/DotNetOpenAuth.OpenId.Provider/OpenId/Messages/AssociateSuccessfulResponseProviderContract.cs index 9403980..a6d067e 100644 --- a/src/DotNetOpenAuth.OpenId.Provider/OpenId/Messages/AssociateSuccessfulResponseProviderContract.cs +++ b/src/DotNetOpenAuth.OpenId.Provider/OpenId/Messages/AssociateSuccessfulResponseProviderContract.cs @@ -1,15 +1,24 @@ -namespace DotNetOpenAuth.OpenId.Messages { +//----------------------------------------------------------------------- +// <copyright file="AssociateSuccessfulResponseProviderContract.cs" company="Andrew Arnott"> +// Copyright (c) Andrew Arnott. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- + +namespace DotNetOpenAuth.OpenId.Messages { using System; using System.Collections.Generic; + using System.Diagnostics.Contracts; using System.Linq; using System.Text; - using System.Diagnostics.Contracts; using DotNetOpenAuth.OpenId.Provider; + /// <summary> + /// Code contract for the <see cref="AssociateSuccessfulResponseProvider"/> class. + /// </summary> [ContractClassFor(typeof(AssociateSuccessfulResponseProvider))] internal abstract class AssociateSuccessfulResponseProviderContract : AssociateSuccessfulResponseProvider { /// <summary> - /// Prevents a default instance of the <see cref="AssociateSuccessfulResponseProviderContract"/> class from being created. + /// Initializes a new instance of the <see cref="AssociateSuccessfulResponseProviderContract"/> class. /// </summary> /// <param name="version">The version.</param> /// <param name="request">The request.</param> @@ -17,6 +26,15 @@ : base(version, request) { } + /// <summary> + /// Called to create the Association based on a request previously given by the Relying Party. + /// </summary> + /// <param name="request">The prior request for an association.</param> + /// <param name="associationStore">The Provider's association store.</param> + /// <param name="securitySettings">The security settings of the Provider.</param> + /// <returns> + /// The created association. + /// </returns> protected internal override Association CreateAssociationAtProvider(AssociateRequest request, IProviderAssociationStore associationStore, ProviderSecuritySettings securitySettings) { Contract.Requires<ArgumentNullException>(request != null); Contract.Requires<ArgumentNullException>(associationStore != null); diff --git a/src/DotNetOpenAuth.OpenId.Provider/OpenId/Messages/AssociateUnencryptedResponseProvider.cs b/src/DotNetOpenAuth.OpenId.Provider/OpenId/Messages/AssociateUnencryptedResponseProvider.cs index ad7c3ae..120d2c4 100644 --- a/src/DotNetOpenAuth.OpenId.Provider/OpenId/Messages/AssociateUnencryptedResponseProvider.cs +++ b/src/DotNetOpenAuth.OpenId.Provider/OpenId/Messages/AssociateUnencryptedResponseProvider.cs @@ -11,6 +11,9 @@ namespace DotNetOpenAuth.OpenId.Messages { using System.Text; using DotNetOpenAuth.OpenId.Provider; + /// <summary> + /// An unencrypted association response as it is sent by the Provider. + /// </summary> internal class AssociateUnencryptedResponseProvider : AssociateUnencryptedResponse { /// <summary> /// Initializes a new instance of the <see cref="AssociateUnencryptedResponseProvider"/> class. diff --git a/src/DotNetOpenAuth.OpenId.Provider/OpenId/Messages/CheckAuthenticationResponseProvider.cs b/src/DotNetOpenAuth.OpenId.Provider/OpenId/Messages/CheckAuthenticationResponseProvider.cs index 62434bf..8f9a240 100644 --- a/src/DotNetOpenAuth.OpenId.Provider/OpenId/Messages/CheckAuthenticationResponseProvider.cs +++ b/src/DotNetOpenAuth.OpenId.Provider/OpenId/Messages/CheckAuthenticationResponseProvider.cs @@ -13,10 +13,12 @@ namespace DotNetOpenAuth.OpenId.Messages { using DotNetOpenAuth.OpenId.ChannelElements; using DotNetOpenAuth.OpenId.Provider; + /// <summary> + /// The check_auth response message, as it is seen by the OpenID Provider. + /// </summary> internal class CheckAuthenticationResponseProvider : CheckAuthenticationResponse { /// <summary> - /// Initializes a new instance of the <see cref="CheckAuthenticationResponse"/> class - /// for use by the Provider. + /// Initializes a new instance of the <see cref="CheckAuthenticationResponseProvider"/> class. /// </summary> /// <param name="request">The request that this message is responding to.</param> /// <param name="provider">The OpenID Provider that is preparing to send this response.</param> diff --git a/src/DotNetOpenAuth.OpenId.Provider/OpenId/OpenIdProviderUtilities.cs b/src/DotNetOpenAuth.OpenId.Provider/OpenId/OpenIdProviderUtilities.cs index 247f734..73e404c 100644 --- a/src/DotNetOpenAuth.OpenId.Provider/OpenId/OpenIdProviderUtilities.cs +++ b/src/DotNetOpenAuth.OpenId.Provider/OpenId/OpenIdProviderUtilities.cs @@ -7,18 +7,22 @@ namespace DotNetOpenAuth.OpenId { using System; using System.Collections.Generic; + using System.Diagnostics.Contracts; using System.Linq; using System.Text; - using DotNetOpenAuth.OpenId.Provider; using DotNetOpenAuth.Messaging; - using System.Diagnostics.Contracts; using DotNetOpenAuth.OpenId.Messages; + using DotNetOpenAuth.OpenId.Provider; + /// <summary> + /// Utility methods for OpenID Providers. + /// </summary> internal static class OpenIdProviderUtilities { /// <summary> /// Called to create the Association based on a request previously given by the Relying Party. /// </summary> /// <param name="request">The prior request for an association.</param> + /// <param name="response">The response.</param> /// <param name="associationStore">The Provider's association store.</param> /// <param name="securitySettings">The security settings for the Provider. Should be <c>null</c> for Relying Parties.</param> /// <returns> @@ -33,7 +37,7 @@ namespace DotNetOpenAuth.OpenId { Contract.Requires<ArgumentNullException>(request != null); Contract.Requires<ArgumentNullException>(response != null, "response"); Contract.Requires<ArgumentNullException>(securitySettings != null, "securitySettings"); - + // We need to initialize some common properties based on the created association. var association = response.CreateAssociationAtProvider(request, associationStore, securitySettings); response.ExpiresIn = association.SecondsTillExpiration; diff --git a/src/DotNetOpenAuth.OpenId.RelyingParty.UI/OpenId/RelyingParty/OpenIdLogin.cs b/src/DotNetOpenAuth.OpenId.RelyingParty.UI/OpenId/RelyingParty/OpenIdLogin.cs index eccdacf..c58de9d 100644 --- a/src/DotNetOpenAuth.OpenId.RelyingParty.UI/OpenId/RelyingParty/OpenIdLogin.cs +++ b/src/DotNetOpenAuth.OpenId.RelyingParty.UI/OpenId/RelyingParty/OpenIdLogin.cs @@ -622,7 +622,7 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { [Category("Behavior")] [Description("The unique hash string that ends your idselector.com account.")] public string IdSelectorIdentifier { - get { return (string)(ViewState[IdSelectorIdentifierViewStateKey]); } + get { return (string)ViewState[IdSelectorIdentifierViewStateKey]; } set { ViewState[IdSelectorIdentifierViewStateKey] = value; } } diff --git a/src/DotNetOpenAuth.OpenId.RelyingParty.UI/OpenId/RelyingParty/OpenIdRelyingPartyControlBase.cs b/src/DotNetOpenAuth.OpenId.RelyingParty.UI/OpenId/RelyingParty/OpenIdRelyingPartyControlBase.cs index 16ea839..eb0eacd 100644 --- a/src/DotNetOpenAuth.OpenId.RelyingParty.UI/OpenId/RelyingParty/OpenIdRelyingPartyControlBase.cs +++ b/src/DotNetOpenAuth.OpenId.RelyingParty.UI/OpenId/RelyingParty/OpenIdRelyingPartyControlBase.cs @@ -983,7 +983,7 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { // Apply the control's association preference to this auth request, but only if // it is less demanding (greater ordinal value) than the existing one. // That way, we protect against retrying an association that was already attempted. - var authReq = ((AuthenticationRequest)req); + var authReq = (AuthenticationRequest)req; if (authReq.AssociationPreference < this.AssociationPreference) { authReq.AssociationPreference = this.AssociationPreference; } diff --git a/src/DotNetOpenAuth.OpenId.RelyingParty/DotNetOpenAuth.OpenId.RelyingParty.csproj b/src/DotNetOpenAuth.OpenId.RelyingParty/DotNetOpenAuth.OpenId.RelyingParty.csproj index 63ef2f6..1a86b9e 100644 --- a/src/DotNetOpenAuth.OpenId.RelyingParty/DotNetOpenAuth.OpenId.RelyingParty.csproj +++ b/src/DotNetOpenAuth.OpenId.RelyingParty/DotNetOpenAuth.OpenId.RelyingParty.csproj @@ -33,9 +33,9 @@ <Compile Include="OpenId\Interop\AuthenticationResponseShim.cs" /> <Compile Include="OpenId\Interop\ClaimsResponseShim.cs" /> <Compile Include="OpenId\Interop\OpenIdRelyingPartyShim.cs" /> - <Compile Include="OpenId\Messages\AssociateDiffieHellmanResponse.cs" /> + <Compile Include="OpenId\Messages\AssociateDiffieHellmanRelyingPartyResponse.cs" /> <Compile Include="OpenId\Messages\AssociateRequestRelyingParty.cs" /> - <Compile Include="OpenId\Messages\AssociateSuccessfulResponseContract.cs" /> + <Compile Include="OpenId\Messages\AssociateSuccessfulResponseRelyingPartyContract.cs" /> <Compile Include="OpenId\Messages\AssociateSuccessfulResponseRelyingParty.cs" /> <Compile Include="OpenId\Messages\AssociateUnencryptedResponseRelyingParty.cs" /> <Compile Include="OpenId\RelyingParty\CryptoKeyStoreAsRelyingPartyAssociationStore.cs" /> diff --git a/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/ChannelElements/ExtensionsBindingElementRelyingParty.cs b/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/ChannelElements/ExtensionsBindingElementRelyingParty.cs index bac06e5..20fc886 100644 --- a/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/ChannelElements/ExtensionsBindingElementRelyingParty.cs +++ b/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/ChannelElements/ExtensionsBindingElementRelyingParty.cs @@ -7,11 +7,15 @@ namespace DotNetOpenAuth.OpenId.ChannelElements { using System; using System.Collections.Generic; + using System.Diagnostics.Contracts; using System.Linq; using System.Text; - using System.Diagnostics.Contracts; using DotNetOpenAuth.OpenId.RelyingParty; + /// <summary> + /// The OpenID binding element responsible for reading/writing OpenID extensions + /// at the Relying Party. + /// </summary> internal class ExtensionsBindingElementRelyingParty : ExtensionsBindingElement { /// <summary> /// The security settings that apply to this relying party, if it is a relying party. @@ -19,7 +23,7 @@ namespace DotNetOpenAuth.OpenId.ChannelElements { private readonly RelyingPartySecuritySettings relyingPartySecuritySettings; /// <summary> - /// Initializes a new instance of the <see cref="ExtensionsBindingElement"/> class. + /// Initializes a new instance of the <see cref="ExtensionsBindingElementRelyingParty"/> class. /// </summary> /// <param name="extensionFactory">The extension factory.</param> /// <param name="securitySettings">The security settings.</param> diff --git a/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/ChannelElements/OpenIdRelyingPartyChannel.cs b/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/ChannelElements/OpenIdRelyingPartyChannel.cs index 130c558..cfd2e8b 100644 --- a/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/ChannelElements/OpenIdRelyingPartyChannel.cs +++ b/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/ChannelElements/OpenIdRelyingPartyChannel.cs @@ -15,6 +15,9 @@ namespace DotNetOpenAuth.OpenId.ChannelElements { using DotNetOpenAuth.OpenId.Extensions; using DotNetOpenAuth.OpenId.RelyingParty; + /// <summary> + /// The messaging channel for OpenID relying parties. + /// </summary> internal class OpenIdRelyingPartyChannel : OpenIdChannel { /// <summary> /// Initializes a new instance of the <see cref="OpenIdRelyingPartyChannel"/> class. diff --git a/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/ChannelElements/RelyingPartySigningBindingElement.cs b/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/ChannelElements/RelyingPartySigningBindingElement.cs index 591c8f1..4a3f5ee 100644 --- a/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/ChannelElements/RelyingPartySigningBindingElement.cs +++ b/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/ChannelElements/RelyingPartySigningBindingElement.cs @@ -15,6 +15,9 @@ namespace DotNetOpenAuth.OpenId.ChannelElements { using DotNetOpenAuth.OpenId.Messages; using DotNetOpenAuth.OpenId.RelyingParty; + /// <summary> + /// The signing binding element for OpenID Relying Parties. + /// </summary> internal class RelyingPartySigningBindingElement : SigningBindingElement { /// <summary> /// The association store used by Relying Parties to look up the secrets needed for signing. @@ -22,13 +25,20 @@ namespace DotNetOpenAuth.OpenId.ChannelElements { private readonly IRelyingPartyAssociationStore rpAssociations; /// <summary> - /// Initializes a new instance of the SigningBindingElement class for use by a Relying Party. + /// Initializes a new instance of the <see cref="RelyingPartySigningBindingElement"/> class. /// </summary> /// <param name="associationStore">The association store used to look up the secrets needed for signing. May be null for dumb Relying Parties.</param> internal RelyingPartySigningBindingElement(IRelyingPartyAssociationStore associationStore) { this.rpAssociations = associationStore; } + /// <summary> + /// Gets a specific association referenced in a given message's association handle. + /// </summary> + /// <param name="signedMessage">The signed message whose association handle should be used to lookup the association to return.</param> + /// <returns> + /// The referenced association; or <c>null</c> if such an association cannot be found. + /// </returns> protected override Association GetSpecificAssociation(ITamperResistantOpenIdMessage signedMessage) { Association association = null; @@ -43,6 +53,13 @@ namespace DotNetOpenAuth.OpenId.ChannelElements { return association; } + /// <summary> + /// Gets the association to use to sign or verify a message. + /// </summary> + /// <param name="signedMessage">The message to sign or verify.</param> + /// <returns> + /// The association to use to sign or verify the message. + /// </returns> protected override Association GetAssociation(ITamperResistantOpenIdMessage signedMessage) { // We're on a Relying Party verifying a signature. IDirectedProtocolMessage directedMessage = (IDirectedProtocolMessage)signedMessage; @@ -53,6 +70,15 @@ namespace DotNetOpenAuth.OpenId.ChannelElements { } } + /// <summary> + /// Verifies the signature by unrecognized handle. + /// </summary> + /// <param name="message">The message.</param> + /// <param name="signedMessage">The signed message.</param> + /// <param name="protectionsApplied">The protections applied.</param> + /// <returns> + /// The applied protections. + /// </returns> protected override MessageProtections VerifySignatureByUnrecognizedHandle(IProtocolMessage message, ITamperResistantOpenIdMessage signedMessage, MessageProtections protectionsApplied) { // We did not recognize the association the provider used to sign the message. // Ask the provider to check the signature then. diff --git a/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/Extensions/ExtensionsInteropRelyingPartyHelper.cs b/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/Extensions/ExtensionsInteropRelyingPartyHelper.cs index b2c9d1e..87eca8c 100644 --- a/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/Extensions/ExtensionsInteropRelyingPartyHelper.cs +++ b/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/Extensions/ExtensionsInteropRelyingPartyHelper.cs @@ -116,7 +116,7 @@ namespace DotNetOpenAuth.OpenId.Extensions { sreg.TimeZone = fetchResponse.GetAttributeValue(WellKnownAttributes.Preferences.TimeZone, formats); string gender = fetchResponse.GetAttributeValue(WellKnownAttributes.Person.Gender, formats); if (gender != null) { - sreg.Gender = (Gender)ExtensionsInteropHelper.genderEncoder.Decode(gender); + sreg.Gender = (Gender)ExtensionsInteropHelper.GenderEncoder.Decode(gender); } } diff --git a/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/Messages/AssociateDiffieHellmanResponse.cs b/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/Messages/AssociateDiffieHellmanRelyingPartyResponse.cs index cb44c7c..cb44c7c 100644 --- a/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/Messages/AssociateDiffieHellmanResponse.cs +++ b/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/Messages/AssociateDiffieHellmanRelyingPartyResponse.cs diff --git a/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/Messages/AssociateRequestRelyingParty.cs b/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/Messages/AssociateRequestRelyingParty.cs index 44e9219..04b39e1 100644 --- a/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/Messages/AssociateRequestRelyingParty.cs +++ b/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/Messages/AssociateRequestRelyingParty.cs @@ -1,4 +1,10 @@ -namespace DotNetOpenAuth.OpenId.Messages { +//----------------------------------------------------------------------- +// <copyright file="AssociateRequestRelyingParty.cs" company="Andrew Arnott"> +// Copyright (c) Andrew Arnott. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- + +namespace DotNetOpenAuth.OpenId.Messages { using System; using System.Collections.Generic; using System.Diagnostics.Contracts; @@ -6,6 +12,9 @@ using System.Text; using DotNetOpenAuth.OpenId.RelyingParty; + /// <summary> + /// Utility methods for requesting associations from the relying party. + /// </summary> internal static class AssociateRequestRelyingParty { /// <summary> /// Creates an association request message that is appropriate for a given Provider. diff --git a/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/Messages/AssociateSuccessfulResponseRelyingParty.cs b/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/Messages/AssociateSuccessfulResponseRelyingParty.cs index 4ac2100..717fa27 100644 --- a/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/Messages/AssociateSuccessfulResponseRelyingParty.cs +++ b/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/Messages/AssociateSuccessfulResponseRelyingParty.cs @@ -1,10 +1,19 @@ -namespace DotNetOpenAuth.OpenId.Messages { +//----------------------------------------------------------------------- +// <copyright file="AssociateSuccessfulResponseRelyingParty.cs" company="Andrew Arnott"> +// Copyright (c) Andrew Arnott. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- + +namespace DotNetOpenAuth.OpenId.Messages { using System; using System.Collections.Generic; + using System.Diagnostics.Contracts; using System.Linq; using System.Text; - using System.Diagnostics.Contracts; + /// <summary> + /// A successful association response as it is received by the relying party. + /// </summary> [ContractClass(typeof(AssociateSuccessfulResponseRelyingPartyContract))] internal abstract class AssociateSuccessfulResponseRelyingParty : AssociateSuccessfulResponse { /// <summary> diff --git a/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/Messages/AssociateSuccessfulResponseContract.cs b/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/Messages/AssociateSuccessfulResponseRelyingPartyContract.cs index b482bcb..4a9a8f4 100644 --- a/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/Messages/AssociateSuccessfulResponseContract.cs +++ b/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/Messages/AssociateSuccessfulResponseRelyingPartyContract.cs @@ -1,4 +1,10 @@ -namespace DotNetOpenAuth { +//----------------------------------------------------------------------- +// <copyright file="AssociateSuccessfulResponseRelyingPartyContract.cs" company="Andrew Arnott"> +// Copyright (c) Andrew Arnott. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- + +namespace DotNetOpenAuth { using System; using System.Collections.Generic; using System.Diagnostics.Contracts; @@ -7,6 +13,9 @@ using DotNetOpenAuth.OpenId; using DotNetOpenAuth.OpenId.Messages; + /// <summary> + /// Code contract for the <see cref="AssociateSuccessfulResponseRelyingParty"/> class. + /// </summary> [ContractClassFor(typeof(AssociateSuccessfulResponseRelyingParty))] internal abstract class AssociateSuccessfulResponseRelyingPartyContract : AssociateSuccessfulResponseRelyingParty { /// <summary> @@ -18,6 +27,13 @@ : base(version, request) { } + /// <summary> + /// Called to create the Association based on a request previously given by the Relying Party. + /// </summary> + /// <param name="request">The prior request for an association.</param> + /// <returns> + /// The created association. + /// </returns> protected internal override Association CreateAssociationAtRelyingParty(AssociateRequest request) { Contract.Requires<ArgumentNullException>(request != null); throw new NotImplementedException(); diff --git a/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/Messages/AssociateUnencryptedResponseRelyingParty.cs b/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/Messages/AssociateUnencryptedResponseRelyingParty.cs index dad47be..d2561d4 100644 --- a/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/Messages/AssociateUnencryptedResponseRelyingParty.cs +++ b/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/Messages/AssociateUnencryptedResponseRelyingParty.cs @@ -10,6 +10,9 @@ namespace DotNetOpenAuth.OpenId.Messages { using System.Linq; using System.Text; + /// <summary> + /// A response to an unencrypted assocation request, as it is received by the relying party. + /// </summary> internal class AssociateUnencryptedResponseRelyingParty : AssociateUnencryptedResponse { /// <summary> /// Initializes a new instance of the <see cref="AssociateUnencryptedResponseRelyingParty"/> class. diff --git a/src/DotNetOpenAuth.OpenId/Configuration/OpenIdElement.cs b/src/DotNetOpenAuth.OpenId/Configuration/OpenIdElement.cs index e4e210f..af038f2 100644 --- a/src/DotNetOpenAuth.OpenId/Configuration/OpenIdElement.cs +++ b/src/DotNetOpenAuth.OpenId/Configuration/OpenIdElement.cs @@ -6,11 +6,11 @@ namespace DotNetOpenAuth.Configuration { using System; + using System.Collections.Generic; using System.Configuration; using System.Diagnostics.Contracts; using DotNetOpenAuth.OpenId.ChannelElements; using DotNetOpenAuth.OpenId.Messages; - using System.Collections.Generic; /// <summary> /// Represents the <openid> element in the host's .config file. diff --git a/src/DotNetOpenAuth.OpenId/DotNetOpenAuth.OpenId.csproj b/src/DotNetOpenAuth.OpenId/DotNetOpenAuth.OpenId.csproj index 74befb7..62fc620 100644 --- a/src/DotNetOpenAuth.OpenId/DotNetOpenAuth.OpenId.csproj +++ b/src/DotNetOpenAuth.OpenId/DotNetOpenAuth.OpenId.csproj @@ -39,6 +39,7 @@ </Compile> <Compile Include="OpenId\Behaviors\GsaIcamProfile.cs" /> <Compile Include="OpenId\ChannelElements\BackwardCompatibilityBindingElement.cs" /> + <Compile Include="OpenId\ChannelElements\SigningBindingElementContract.cs" /> <Compile Include="OpenId\ChannelElements\ExtensionsBindingElement.cs" /> <Compile Include="OpenId\ChannelElements\IOpenIdExtensionFactory.cs" /> <Compile Include="OpenId\ChannelElements\ITamperResistantOpenIdMessage.cs" /> diff --git a/src/DotNetOpenAuth.OpenId/OpenId/Association.cs b/src/DotNetOpenAuth.OpenId/OpenId/Association.cs index dfcc5c4..6e7850a 100644 --- a/src/DotNetOpenAuth.OpenId/OpenId/Association.cs +++ b/src/DotNetOpenAuth.OpenId/OpenId/Association.cs @@ -89,6 +89,16 @@ namespace DotNetOpenAuth.OpenId { internal DateTime Issued { get; set; } /// <summary> + /// Gets the duration a secret key used for signing dumb client requests will be good for. + /// </summary> + protected internal static TimeSpan DumbSecretLifetime { + get { + Contract.Ensures(Contract.Result<TimeSpan>() > TimeSpan.Zero); + return OpenIdElement.Configuration.MaxAuthenticationTime; + } + } + + /// <summary> /// Gets the number of seconds until this <see cref="Association"/> expires. /// Never negative (counter runs to zero). /// </summary> @@ -107,16 +117,6 @@ namespace DotNetOpenAuth.OpenId { protected internal byte[] SecretKey { get; private set; } /// <summary> - /// Gets the duration a secret key used for signing dumb client requests will be good for. - /// </summary> - protected internal static TimeSpan DumbSecretLifetime { - get { - Contract.Ensures(Contract.Result<TimeSpan>() > TimeSpan.Zero); - return OpenIdElement.Configuration.MaxAuthenticationTime; - } - } - - /// <summary> /// Gets the lifetime the OpenID provider permits this <see cref="Association"/>. /// </summary> [MessagePart("ttl")] diff --git a/src/DotNetOpenAuth.OpenId/OpenId/ChannelElements/ExtensionsBindingElement.cs b/src/DotNetOpenAuth.OpenId/OpenId/ChannelElements/ExtensionsBindingElement.cs index e7582c2..ace8d69 100644 --- a/src/DotNetOpenAuth.OpenId/OpenId/ChannelElements/ExtensionsBindingElement.cs +++ b/src/DotNetOpenAuth.OpenId/OpenId/ChannelElements/ExtensionsBindingElement.cs @@ -21,6 +21,9 @@ namespace DotNetOpenAuth.OpenId.ChannelElements { /// their carrying OpenID messages. /// </summary> internal class ExtensionsBindingElement : IChannelBindingElement { + /// <summary> + /// False if unsigned extensions should be dropped. Must always be true on Providers, since RPs never sign extensions. + /// </summary> private readonly bool receiveUnsignedExtensions; /// <summary> diff --git a/src/DotNetOpenAuth.OpenId/OpenId/ChannelElements/ReturnToSignatureBindingElement.cs b/src/DotNetOpenAuth.OpenId/OpenId/ChannelElements/ReturnToSignatureBindingElement.cs index d47ba8b..bc7b2a1 100644 --- a/src/DotNetOpenAuth.OpenId/OpenId/ChannelElements/ReturnToSignatureBindingElement.cs +++ b/src/DotNetOpenAuth.OpenId/OpenId/ChannelElements/ReturnToSignatureBindingElement.cs @@ -15,7 +15,7 @@ namespace DotNetOpenAuth.OpenId.ChannelElements { using DotNetOpenAuth.Messaging; using DotNetOpenAuth.Messaging.Bindings; using DotNetOpenAuth.OpenId.Messages; - + /// <summary> /// This binding element signs a Relying Party's openid.return_to parameter /// so that upon return, it can verify that it hasn't been tampered with. diff --git a/src/DotNetOpenAuth.OpenId/OpenId/ChannelElements/SigningBindingElement.cs b/src/DotNetOpenAuth.OpenId/OpenId/ChannelElements/SigningBindingElement.cs index 527b180..f186adc 100644 --- a/src/DotNetOpenAuth.OpenId/OpenId/ChannelElements/SigningBindingElement.cs +++ b/src/DotNetOpenAuth.OpenId/OpenId/ChannelElements/SigningBindingElement.cs @@ -102,31 +102,16 @@ namespace DotNetOpenAuth.OpenId.ChannelElements { return null; } - protected abstract MessageProtections VerifySignatureByUnrecognizedHandle(IProtocolMessage message, ITamperResistantOpenIdMessage signedMessage, MessageProtections protectionsApplied); - - #endregion - /// <summary> - /// Ensures that all message parameters that must be signed are in fact included - /// in the signature. + /// Verifies the signature by unrecognized handle. /// </summary> + /// <param name="message">The message.</param> /// <param name="signedMessage">The signed message.</param> - private void EnsureParametersRequiringSignatureAreSigned(ITamperResistantOpenIdMessage signedMessage) { - // Verify that the signed parameter order includes the mandated fields. - // We do this in such a way that derived classes that add mandated fields automatically - // get included in the list of checked parameters. - Protocol protocol = Protocol.Lookup(signedMessage.Version); - var partsRequiringProtection = from part in this.Channel.MessageDescriptions.Get(signedMessage).Mapping.Values - where part.RequiredProtection != ProtectionLevel.None - where part.IsRequired || part.IsNondefaultValueSet(signedMessage) - select part.Name; - ErrorUtilities.VerifyInternal(partsRequiringProtection.All(name => name.StartsWith(protocol.openid.Prefix, StringComparison.Ordinal)), "Signing only works when the parameters start with the 'openid.' prefix."); - string[] signedParts = signedMessage.SignedParameterOrder.Split(','); - var unsignedParts = from partName in partsRequiringProtection - where !signedParts.Contains(partName.Substring(protocol.openid.Prefix.Length)) - select partName; - ErrorUtilities.VerifyProtocol(!unsignedParts.Any(), OpenIdStrings.SignatureDoesNotIncludeMandatoryParts, string.Join(", ", unsignedParts.ToArray())); - } + /// <param name="protectionsApplied">The protections applied.</param> + /// <returns>The applied protections.</returns> + protected abstract MessageProtections VerifySignatureByUnrecognizedHandle(IProtocolMessage message, ITamperResistantOpenIdMessage signedMessage, MessageProtections protectionsApplied); + + #endregion /// <summary> /// Calculates the signature for a given message. @@ -188,22 +173,27 @@ namespace DotNetOpenAuth.OpenId.ChannelElements { protected virtual Association GetDumbAssociationForSigning() { throw new NotImplementedException(); } - } - [ContractClassFor(typeof(SigningBindingElement))] - internal abstract class SigningBindingElementContract : SigningBindingElement { - protected override MessageProtections VerifySignatureByUnrecognizedHandle(IProtocolMessage message, ITamperResistantOpenIdMessage signedMessage, MessageProtections protectionsApplied) { - throw new NotImplementedException(); - } - - protected override Association GetAssociation(ITamperResistantOpenIdMessage signedMessage) { - Contract.Requires<ArgumentNullException>(signedMessage != null); - throw new NotImplementedException(); - } - - protected override Association GetSpecificAssociation(ITamperResistantOpenIdMessage signedMessage) { - Contract.Requires<ArgumentNullException>(signedMessage != null); - throw new NotImplementedException(); + /// <summary> + /// Ensures that all message parameters that must be signed are in fact included + /// in the signature. + /// </summary> + /// <param name="signedMessage">The signed message.</param> + private void EnsureParametersRequiringSignatureAreSigned(ITamperResistantOpenIdMessage signedMessage) { + // Verify that the signed parameter order includes the mandated fields. + // We do this in such a way that derived classes that add mandated fields automatically + // get included in the list of checked parameters. + Protocol protocol = Protocol.Lookup(signedMessage.Version); + var partsRequiringProtection = from part in this.Channel.MessageDescriptions.Get(signedMessage).Mapping.Values + where part.RequiredProtection != ProtectionLevel.None + where part.IsRequired || part.IsNondefaultValueSet(signedMessage) + select part.Name; + ErrorUtilities.VerifyInternal(partsRequiringProtection.All(name => name.StartsWith(protocol.openid.Prefix, StringComparison.Ordinal)), "Signing only works when the parameters start with the 'openid.' prefix."); + string[] signedParts = signedMessage.SignedParameterOrder.Split(','); + var unsignedParts = from partName in partsRequiringProtection + where !signedParts.Contains(partName.Substring(protocol.openid.Prefix.Length)) + select partName; + ErrorUtilities.VerifyProtocol(!unsignedParts.Any(), OpenIdStrings.SignatureDoesNotIncludeMandatoryParts, string.Join(", ", unsignedParts.ToArray())); } } } diff --git a/src/DotNetOpenAuth.OpenId/OpenId/ChannelElements/SigningBindingElementContract.cs b/src/DotNetOpenAuth.OpenId/OpenId/ChannelElements/SigningBindingElementContract.cs new file mode 100644 index 0000000..c46cd12 --- /dev/null +++ b/src/DotNetOpenAuth.OpenId/OpenId/ChannelElements/SigningBindingElementContract.cs @@ -0,0 +1,64 @@ +//----------------------------------------------------------------------- +// <copyright file="SigningBindingElementContract.cs" company="Andrew Arnott"> +// Copyright (c) Andrew Arnott. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- + +namespace DotNetOpenAuth.OpenId.ChannelElements { + using System; + using System.Collections.Generic; + using System.Diagnostics; + using System.Diagnostics.Contracts; + using System.Globalization; + using System.Linq; + using System.Net.Security; + using System.Web; + using DotNetOpenAuth.Loggers; + using DotNetOpenAuth.Messaging; + using DotNetOpenAuth.Messaging.Bindings; + using DotNetOpenAuth.Messaging.Reflection; + using DotNetOpenAuth.OpenId.Messages; + + /// <summary> + /// Code contract for the <see cref="SigningBindingElement"/> class. + /// </summary> + [ContractClassFor(typeof(SigningBindingElement))] + internal abstract class SigningBindingElementContract : SigningBindingElement { + /// <summary> + /// Verifies the signature by unrecognized handle. + /// </summary> + /// <param name="message">The message.</param> + /// <param name="signedMessage">The signed message.</param> + /// <param name="protectionsApplied">The protections applied.</param> + /// <returns> + /// The applied protections. + /// </returns> + protected override MessageProtections VerifySignatureByUnrecognizedHandle(IProtocolMessage message, ITamperResistantOpenIdMessage signedMessage, MessageProtections protectionsApplied) { + throw new NotImplementedException(); + } + + /// <summary> + /// Gets the association to use to sign or verify a message. + /// </summary> + /// <param name="signedMessage">The message to sign or verify.</param> + /// <returns> + /// The association to use to sign or verify the message. + /// </returns> + protected override Association GetAssociation(ITamperResistantOpenIdMessage signedMessage) { + Contract.Requires<ArgumentNullException>(signedMessage != null); + throw new NotImplementedException(); + } + + /// <summary> + /// Gets a specific association referenced in a given message's association handle. + /// </summary> + /// <param name="signedMessage">The signed message whose association handle should be used to lookup the association to return.</param> + /// <returns> + /// The referenced association; or <c>null</c> if such an association cannot be found. + /// </returns> + protected override Association GetSpecificAssociation(ITamperResistantOpenIdMessage signedMessage) { + Contract.Requires<ArgumentNullException>(signedMessage != null); + throw new NotImplementedException(); + } + } +} diff --git a/src/DotNetOpenAuth.OpenId/OpenId/Extensions/ExtensionsInteropHelper.cs b/src/DotNetOpenAuth.OpenId/OpenId/Extensions/ExtensionsInteropHelper.cs index bd8117d..13da4f3 100644 --- a/src/DotNetOpenAuth.OpenId/OpenId/Extensions/ExtensionsInteropHelper.cs +++ b/src/DotNetOpenAuth.OpenId/OpenId/Extensions/ExtensionsInteropHelper.cs @@ -23,7 +23,14 @@ namespace DotNetOpenAuth.OpenId.Extensions { /// <summary> /// The gender decoder to translate AX genders to Sreg. /// </summary> - internal static GenderEncoder genderEncoder = new GenderEncoder(); + private static GenderEncoder genderEncoder = new GenderEncoder(); + + /// <summary> + /// Gets the gender decoder to translate AX genders to Sreg. + /// </summary> + internal static GenderEncoder GenderEncoder { + get { return genderEncoder; } + } /// <summary> /// Splits the AX attribute format flags into individual values for processing. diff --git a/src/DotNetOpenAuth.OpenId/OpenId/Extensions/IClientScriptExtensionResponse.cs b/src/DotNetOpenAuth.OpenId/OpenId/Extensions/IClientScriptExtensionResponse.cs index 38c1360..b44f797 100644 --- a/src/DotNetOpenAuth.OpenId/OpenId/Extensions/IClientScriptExtensionResponse.cs +++ b/src/DotNetOpenAuth.OpenId/OpenId/Extensions/IClientScriptExtensionResponse.cs @@ -8,7 +8,7 @@ namespace DotNetOpenAuth.OpenId.Extensions { using System.Collections.Generic; using DotNetOpenAuth.Messaging; using DotNetOpenAuth.OpenId.Messages; - + /// <summary> /// An interface that OpenID extensions can implement to allow authentication response /// messages with included extensions to be processed by Javascript on the user agent. diff --git a/src/DotNetOpenAuth.OpenId/OpenId/OpenIdXrdsHelper.cs b/src/DotNetOpenAuth.OpenId/OpenId/OpenIdXrdsHelper.cs index 41a4adf..9f1e0d7 100644 --- a/src/DotNetOpenAuth.OpenId/OpenId/OpenIdXrdsHelper.cs +++ b/src/DotNetOpenAuth.OpenId/OpenId/OpenIdXrdsHelper.cs @@ -12,6 +12,9 @@ namespace DotNetOpenAuth.OpenId { using System.Text; using DotNetOpenAuth.Xrds; + /// <summary> + /// Utility methods for working with XRDS documents. + /// </summary> internal static class OpenIdXrdsHelper { /// <summary> /// Finds the Relying Party return_to receiving endpoints. diff --git a/src/DotNetOpenAuth.OpenId/OpenId/Realm.cs b/src/DotNetOpenAuth.OpenId/OpenId/Realm.cs index a2d6b07..c00653b 100644 --- a/src/DotNetOpenAuth.OpenId/OpenId/Realm.cs +++ b/src/DotNetOpenAuth.OpenId/OpenId/Realm.cs @@ -16,9 +16,9 @@ namespace DotNetOpenAuth.OpenId { using System.Web; using System.Xml; using DotNetOpenAuth.Messaging; + using DotNetOpenAuth.Messaging.Reflection; using DotNetOpenAuth.Xrds; using DotNetOpenAuth.Yadis; - using DotNetOpenAuth.Messaging.Reflection; /// <summary> /// A trust root to validate requests and match return URLs against. diff --git a/src/DotNetOpenAuth.Test/Mocks/CoordinatingOAuthConsumerChannel.cs b/src/DotNetOpenAuth.Test/Mocks/CoordinatingOAuthConsumerChannel.cs index 5b9c3b0..2fc5348 100644 --- a/src/DotNetOpenAuth.Test/Mocks/CoordinatingOAuthConsumerChannel.cs +++ b/src/DotNetOpenAuth.Test/Mocks/CoordinatingOAuthConsumerChannel.cs @@ -1,5 +1,5 @@ //----------------------------------------------------------------------- -// <copyright file="CoordinatingOAuthChannel.cs" company="Andrew Arnott"> +// <copyright file="CoordinatingOAuthConsumerChannel.cs" company="Andrew Arnott"> // Copyright (c) Andrew Arnott. All rights reserved. // </copyright> //----------------------------------------------------------------------- @@ -17,12 +17,12 @@ namespace DotNetOpenAuth.Test.Mocks { /// A special channel used in test simulations to pass messages directly between two parties. /// </summary> internal class CoordinatingOAuthConsumerChannel : OAuthConsumerChannel { - internal EventWaitHandle incomingMessageSignal = new AutoResetEvent(false); - internal IProtocolMessage incomingMessage; - internal OutgoingWebResponse incomingRawResponse; + private EventWaitHandle incomingMessageSignal = new AutoResetEvent(false); + private IProtocolMessage incomingMessage; + private OutgoingWebResponse incomingRawResponse; /// <summary> - /// Initializes a new instance of the <see cref="CoordinatingOAuthChannel"/> class for Consumers. + /// Initializes a new instance of the <see cref="CoordinatingOAuthConsumerChannel"/> class. /// </summary> /// <param name="signingBindingElement">The signing element for the Consumer to use. Null for the Service Provider.</param> /// <param name="tokenManager">The token manager to use.</param> @@ -35,6 +35,14 @@ namespace DotNetOpenAuth.Test.Mocks { securitySettings) { } + internal EventWaitHandle IncomingMessageSignal { + get { return this.incomingMessageSignal; } + } + + internal IProtocolMessage IncomingMessage { get; set; } + + internal OutgoingWebResponse IncomingRawResponse { get; set; } + /// <summary> /// Gets or sets the coordinating channel used by the other party. /// </summary> @@ -46,8 +54,8 @@ namespace DotNetOpenAuth.Test.Mocks { HttpRequestInfo requestInfo = this.SpoofHttpMethod(request); TestBase.TestLogger.InfoFormat("Sending protected resource request: {0}", requestInfo.Message); // Drop the outgoing message in the other channel's in-slot and let them know it's there. - this.RemoteChannel.incomingMessage = requestInfo.Message; - this.RemoteChannel.incomingMessageSignal.Set(); + this.RemoteChannel.IncomingMessage = requestInfo.Message; + this.RemoteChannel.IncomingMessageSignal.Set(); return this.AwaitIncomingRawResponse(); } @@ -59,15 +67,15 @@ namespace DotNetOpenAuth.Test.Mocks { protected override IProtocolMessage RequestCore(IDirectedProtocolMessage request) { HttpRequestInfo requestInfo = this.SpoofHttpMethod(request); // Drop the outgoing message in the other channel's in-slot and let them know it's there. - this.RemoteChannel.incomingMessage = requestInfo.Message; - this.RemoteChannel.incomingMessageSignal.Set(); + this.RemoteChannel.IncomingMessage = requestInfo.Message; + this.RemoteChannel.IncomingMessageSignal.Set(); // Now wait for a response... return this.AwaitIncomingMessage(); } protected override OutgoingWebResponse PrepareDirectResponse(IProtocolMessage response) { - this.RemoteChannel.incomingMessage = CloneSerializedParts(response, null); - this.RemoteChannel.incomingMessageSignal.Set(); + this.RemoteChannel.IncomingMessage = CloneSerializedParts(response, null); + this.RemoteChannel.IncomingMessageSignal.Set(); return new OutgoingWebResponse(); // not used, but returning null is not allowed } diff --git a/src/DotNetOpenAuth.Test/Mocks/CoordinatingOAuthServiceProviderChannel.cs b/src/DotNetOpenAuth.Test/Mocks/CoordinatingOAuthServiceProviderChannel.cs index 9bdbc04..6b9e134 100644 --- a/src/DotNetOpenAuth.Test/Mocks/CoordinatingOAuthServiceProviderChannel.cs +++ b/src/DotNetOpenAuth.Test/Mocks/CoordinatingOAuthServiceProviderChannel.cs @@ -1,5 +1,5 @@ //----------------------------------------------------------------------- -// <copyright file="CoordinatingOAuthChannel.cs" company="Andrew Arnott"> +// <copyright file="CoordinatingOAuthServiceProviderChannel.cs" company="Andrew Arnott"> // Copyright (c) Andrew Arnott. All rights reserved. // </copyright> //----------------------------------------------------------------------- @@ -17,12 +17,10 @@ namespace DotNetOpenAuth.Test.Mocks { /// A special channel used in test simulations to pass messages directly between two parties. /// </summary> internal class CoordinatingOAuthServiceProviderChannel : OAuthServiceProviderChannel { - internal EventWaitHandle incomingMessageSignal = new AutoResetEvent(false); - internal IProtocolMessage incomingMessage; - internal OutgoingWebResponse incomingRawResponse; + private EventWaitHandle incomingMessageSignal = new AutoResetEvent(false); /// <summary> - /// Initializes a new instance of the <see cref="CoordinatingOAuthChannel"/> class for Service Providers. + /// Initializes a new instance of the <see cref="CoordinatingOAuthServiceProviderChannel"/> class. /// </summary> /// <param name="signingBindingElement">The signing element for the Consumer to use. Null for the Service Provider.</param> /// <param name="tokenManager">The token manager to use.</param> @@ -36,6 +34,14 @@ namespace DotNetOpenAuth.Test.Mocks { new OAuthServiceProviderMessageFactory(tokenManager)) { } + internal EventWaitHandle IncomingMessageSignal { + get { return this.incomingMessageSignal; } + } + + internal IProtocolMessage IncomingMessage { get; set; } + + internal OutgoingWebResponse IncomingRawResponse { get; set; } + /// <summary> /// Gets or sets the coordinating channel used by the other party. /// </summary> @@ -47,14 +53,14 @@ namespace DotNetOpenAuth.Test.Mocks { HttpRequestInfo requestInfo = this.SpoofHttpMethod(request); TestBase.TestLogger.InfoFormat("Sending protected resource request: {0}", requestInfo.Message); // Drop the outgoing message in the other channel's in-slot and let them know it's there. - this.RemoteChannel.incomingMessage = requestInfo.Message; - this.RemoteChannel.incomingMessageSignal.Set(); + this.RemoteChannel.IncomingMessage = requestInfo.Message; + this.RemoteChannel.IncomingMessageSignal.Set(); return this.AwaitIncomingRawResponse(); } internal void SendDirectRawResponse(OutgoingWebResponse response) { - this.RemoteChannel.incomingRawResponse = response; - this.RemoteChannel.incomingMessageSignal.Set(); + this.RemoteChannel.IncomingRawResponse = response; + this.RemoteChannel.IncomingMessageSignal.Set(); } protected internal override HttpRequestInfo GetRequestFromContext() { @@ -65,15 +71,15 @@ namespace DotNetOpenAuth.Test.Mocks { protected override IProtocolMessage RequestCore(IDirectedProtocolMessage request) { HttpRequestInfo requestInfo = this.SpoofHttpMethod(request); // Drop the outgoing message in the other channel's in-slot and let them know it's there. - this.RemoteChannel.incomingMessage = requestInfo.Message; - this.RemoteChannel.incomingMessageSignal.Set(); + this.RemoteChannel.IncomingMessage = requestInfo.Message; + this.RemoteChannel.IncomingMessageSignal.Set(); // Now wait for a response... return this.AwaitIncomingMessage(); } protected override OutgoingWebResponse PrepareDirectResponse(IProtocolMessage response) { - this.RemoteChannel.incomingMessage = CloneSerializedParts(response, null); - this.RemoteChannel.incomingMessageSignal.Set(); + this.RemoteChannel.IncomingMessage = CloneSerializedParts(response, null); + this.RemoteChannel.IncomingMessageSignal.Set(); return new OutgoingWebResponse(); // not used, but returning null is not allowed } @@ -108,16 +114,16 @@ namespace DotNetOpenAuth.Test.Mocks { } private IProtocolMessage AwaitIncomingMessage() { - this.incomingMessageSignal.WaitOne(); - IProtocolMessage response = this.incomingMessage; - this.incomingMessage = null; + this.IncomingMessageSignal.WaitOne(); + IProtocolMessage response = this.IncomingMessage; + this.IncomingMessage = null; return response; } private OutgoingWebResponse AwaitIncomingRawResponse() { - this.incomingMessageSignal.WaitOne(); - OutgoingWebResponse response = this.incomingRawResponse; - this.incomingRawResponse = null; + this.IncomingMessageSignal.WaitOne(); + OutgoingWebResponse response = this.IncomingRawResponse; + this.IncomingRawResponse = null; return response; } |