diff options
| author | Andrew Arnott <andrewarnott@gmail.com> | 2008-09-27 09:32:32 -0700 |
|---|---|---|
| committer | Andrew <andrewarnott@gmail.com> | 2008-09-27 09:32:32 -0700 |
| commit | 452a3bcdbe2028923ba869803c95f7ebb3699610 (patch) | |
| tree | afaa5af30a219c5da8aa58c9bd63689d84f04d44 /src/DotNetOAuth/ChannelElements | |
| parent | faa8a59cf77470e092ce9c2fe99f9ed7432567b3 (diff) | |
| download | DotNetOpenAuth-452a3bcdbe2028923ba869803c95f7ebb3699610.zip DotNetOpenAuth-452a3bcdbe2028923ba869803c95f7ebb3699610.tar.gz DotNetOpenAuth-452a3bcdbe2028923ba869803c95f7ebb3699610.tar.bz2 | |
PlainText signing binding element no longer signs HTTP messages, but only HTTPS messages.
This breaks the scenario test.
Diffstat (limited to 'src/DotNetOAuth/ChannelElements')
| -rw-r--r-- | src/DotNetOAuth/ChannelElements/PlainTextSigningBindingElement.cs | 9 | ||||
| -rw-r--r-- | src/DotNetOAuth/ChannelElements/SigningBindingElementBase.cs | 11 |
2 files changed, 19 insertions, 1 deletions
diff --git a/src/DotNetOAuth/ChannelElements/PlainTextSigningBindingElement.cs b/src/DotNetOAuth/ChannelElements/PlainTextSigningBindingElement.cs index 86cbd4a..83c3e8b 100644 --- a/src/DotNetOAuth/ChannelElements/PlainTextSigningBindingElement.cs +++ b/src/DotNetOAuth/ChannelElements/PlainTextSigningBindingElement.cs @@ -47,5 +47,14 @@ namespace DotNetOAuth.ChannelElements { protected override string GetSignature(ITamperResistantOAuthMessage message) {
return Uri.EscapeDataString(GetConsumerAndTokenSecretString(message));
}
+
+ /// <summary>
+ /// Checks whether this binding element applies to this message.
+ /// </summary>
+ /// <param name="message">The message that needs to be signed.</param>
+ /// <returns>True if this binding element can be used to sign the message. False otherwise.</returns>
+ protected override bool IsMessageApplicable(ITamperResistantOAuthMessage message) {
+ return string.Equals(message.Recipient.Scheme, "https", StringComparison.OrdinalIgnoreCase);
+ }
}
}
diff --git a/src/DotNetOAuth/ChannelElements/SigningBindingElementBase.cs b/src/DotNetOAuth/ChannelElements/SigningBindingElementBase.cs index a1e5feb..ebcc8b2 100644 --- a/src/DotNetOAuth/ChannelElements/SigningBindingElementBase.cs +++ b/src/DotNetOAuth/ChannelElements/SigningBindingElementBase.cs @@ -61,7 +61,7 @@ namespace DotNetOAuth.ChannelElements { /// <returns>True if the message was signed. False otherwise.</returns>
public bool PrepareMessageForSending(IProtocolMessage message) {
var signedMessage = message as ITamperResistantOAuthMessage;
- if (signedMessage != null) {
+ if (signedMessage != null && this.IsMessageApplicable(signedMessage)) {
signedMessage.SignatureMethod = this.signatureMethod;
signedMessage.Signature = this.GetSignature(signedMessage);
return true;
@@ -170,6 +170,15 @@ namespace DotNetOAuth.ChannelElements { protected abstract string GetSignature(ITamperResistantOAuthMessage message);
/// <summary>
+ /// Checks whether this binding element applies to this message.
+ /// </summary>
+ /// <param name="message">The message that needs to be signed.</param>
+ /// <returns>True if this binding element can be used to sign the message. False otherwise.</returns>
+ protected virtual bool IsMessageApplicable(ITamperResistantOAuthMessage message) {
+ return true;
+ }
+
+ /// <summary>
/// Gets the ConsumerSecret&TokenSecret" string, allowing either property to be empty or null.
/// </summary>
/// <param name="message">The message to extract the secrets from.</param>
|