diff options
author | Andrew Arnott <andrewarnott@gmail.com> | 2009-12-15 22:17:20 -0800 |
---|---|---|
committer | Andrew Arnott <andrewarnott@gmail.com> | 2009-12-15 22:17:20 -0800 |
commit | e12782c1a6727390b2107ff2e39d4ac6173d86fc (patch) | |
tree | 3be0ccda0a9425927263f5b6b9616ef8ba11ac08 /samples/RelyingPartyCustomStore/CustomStore.cs | |
parent | 078b1f350eb40ceee7423c25b1d833dd1f242da4 (diff) | |
parent | a545f7be2693596fa14540c359e43150a6a7cf88 (diff) | |
download | DotNetOpenAuth-origin/mono.zip DotNetOpenAuth-origin/mono.tar.gz DotNetOpenAuth-origin/mono.tar.bz2 |
Merge branch 'v2.5' into monoorigin/mono
Conflicts:
src/DotNetOpenId/Properties/AssemblyInfo.cs
src/DotNetOpenId/RelyingParty/AuthenticationResponse.cs
Diffstat (limited to 'samples/RelyingPartyCustomStore/CustomStore.cs')
-rw-r--r-- | samples/RelyingPartyCustomStore/CustomStore.cs | 120 |
1 files changed, 0 insertions, 120 deletions
diff --git a/samples/RelyingPartyCustomStore/CustomStore.cs b/samples/RelyingPartyCustomStore/CustomStore.cs deleted file mode 100644 index b0e3700..0000000 --- a/samples/RelyingPartyCustomStore/CustomStore.cs +++ /dev/null @@ -1,120 +0,0 @@ -using System;
-using System.Data;
-using System.Globalization;
-using System.Security.Cryptography;
-using DotNetOpenId;
-using DotNetOpenId.RelyingParty;
-
-namespace RelyingPartyCustomStore {
- /// <summary>
- /// This custom store serializes all elements to demonstrate peristent and/or shared storage.
- /// This is common in a web farm, for example.
- /// </summary>
- /// <remarks>
- /// This doesn't actually serialize anything to a persistent store, so restarting the web server
- /// will still clear everything this store is supposed to remember.
- /// But we "persist" all associations and nonces into a DataTable to demonstrate
- /// that using a database is possible.
- /// </remarks>
- public class CustomStore : IRelyingPartyApplicationStore {
- public static CustomStore Instance = new CustomStore();
- public CustomStoreDataSet dataSet = new CustomStoreDataSet();
-
- #region IAssociationStore<Uri> Members
-
- public void StoreAssociation(Uri distinguishingFactor, Association assoc) {
- var assocRow = dataSet.Association.NewAssociationRow();
- assocRow.DistinguishingFactor = distinguishingFactor.AbsoluteUri;
- assocRow.Handle = assoc.Handle;
- assocRow.Expires = assoc.Expires.ToLocalTime();
- assocRow.PrivateData = assoc.SerializePrivateData();
- dataSet.Association.AddAssociationRow(assocRow);
- }
-
- public Association GetAssociation(Uri distinguishingFactor) {
- // properly escape the URL to prevent injection attacks.
- string value = distinguishingFactor.AbsoluteUri.Replace("'", "''");
- string filter = string.Format(CultureInfo.InvariantCulture, "{0} = '{1}'",
- dataSet.Association.DistinguishingFactorColumn.ColumnName, value);
- string sort = dataSet.Association.ExpiresColumn.ColumnName + " DESC";
- DataView view = new DataView(dataSet.Association, filter, sort, DataViewRowState.CurrentRows);
- if (view.Count == 0) return null;
- var row = (CustomStoreDataSet.AssociationRow)view[0].Row;
- return Association.Deserialize(row.Handle, row.Expires.ToUniversalTime(), row.PrivateData);
- }
-
- public Association GetAssociation(Uri distinguishingFactor, string handle) {
- var assocRow = dataSet.Association.FindByDistinguishingFactorHandle(distinguishingFactor.AbsoluteUri, handle);
- return Association.Deserialize(assocRow.Handle, assocRow.Expires, assocRow.PrivateData);
- }
-
- public bool RemoveAssociation(Uri distinguishingFactor, string handle) {
- var row = dataSet.Association.FindByDistinguishingFactorHandle(distinguishingFactor.AbsoluteUri, handle);
- if (row != null) {
- dataSet.Association.RemoveAssociationRow(row);
- return true;
- } else {
- return false;
- }
- }
-
- public void ClearExpiredAssociations() {
- removeExpiredRows(dataSet.Association, dataSet.Association.ExpiresColumn.ColumnName);
- }
-
- #endregion
-
- #region INonceStore Members
-
- byte[] secretSigningKey;
- public byte[] SecretSigningKey {
- get {
- if (secretSigningKey == null) {
- lock (this) {
- if (secretSigningKey == null) {
- // initialize in a local variable before setting in field for thread safety.
- byte[] auth_key = new byte[64];
- new RNGCryptoServiceProvider().GetBytes(auth_key);
- this.secretSigningKey = auth_key;
- }
- }
- }
- return secretSigningKey;
- }
- }
-
- public bool TryStoreNonce(Nonce nonce) {
- // IMPORTANT: If actually persisting to a database that can be reached from
- // different servers/instances of this class at once, it is vitally important
- // to protect against race condition attacks by one or more of these:
- // 1) setting a UNIQUE constraint on the nonce CODE in the SQL table
- // 2) Using a transaction with repeatable reads to guarantee that a check
- // that verified a nonce did not exist will prevent that nonce from being
- // added by another process while this process is adding it.
- // And then you'll want to catch the exception that the SQL database can throw
- // at you in the result of a race condition somewhere in your web site UI code
- // and display some message to have the user try to log in again, and possibly
- // warn them about a replay attack.
- lock (this) {
- if (dataSet.Nonce.FindByCode(nonce.Code) != null) return false;
- dataSet.Nonce.AddNonceRow(nonce.Code, nonce.ExpirationDate.ToLocalTime());
- return true;
- }
- }
-
- public void ClearExpiredNonces() {
- removeExpiredRows(dataSet.Nonce, dataSet.Nonce.ExpiresColumn.ColumnName);
- }
-
- #endregion
-
- void removeExpiredRows(DataTable table, string expiredColumnName) {
- string filter = string.Format(CultureInfo.InvariantCulture, "{0} < #{1}#",
- expiredColumnName, DateTime.Now);
- DataView view = new DataView(table, filter, null, DataViewRowState.CurrentRows);
- for (int i = view.Count - 1; i >= 0; i--)
- view.Delete(i);
- }
-
- }
-}
|