diff options
| author | Andrew Arnott <andrewarnott@gmail.com> | 2011-07-01 16:49:44 -0700 |
|---|---|---|
| committer | Andrew Arnott <andrewarnott@gmail.com> | 2011-07-01 16:49:44 -0700 |
| commit | b6f7a18b949acb4346754ae47fb07424076a3cd0 (patch) | |
| tree | 4c23cb2b8174f3288cb0b787cff4c6ac432c6bef /src/DotNetOpenAuth.InfoCard | |
| parent | f16525005555b86151b7a1c741aa29550635108a (diff) | |
| download | DotNetOpenAuth-b6f7a18b949acb4346754ae47fb07424076a3cd0.zip DotNetOpenAuth-b6f7a18b949acb4346754ae47fb07424076a3cd0.tar.gz DotNetOpenAuth-b6f7a18b949acb4346754ae47fb07424076a3cd0.tar.bz2 | |
First pass at dividing DotNetOpenAuth features into separate assemblies.
Nothing compiles at this point.
Diffstat (limited to 'src/DotNetOpenAuth.InfoCard')
31 files changed, 3197 insertions, 0 deletions
diff --git a/src/DotNetOpenAuth.InfoCard/ComponentModel/IssuersSuggestions.cs b/src/DotNetOpenAuth.InfoCard/ComponentModel/IssuersSuggestions.cs new file mode 100644 index 0000000..dc41843 --- /dev/null +++ b/src/DotNetOpenAuth.InfoCard/ComponentModel/IssuersSuggestions.cs @@ -0,0 +1,32 @@ +//----------------------------------------------------------------------- +// <copyright file="IssuersSuggestions.cs" company="Andrew Arnott"> +// Copyright (c) Andrew Arnott. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- + +namespace DotNetOpenAuth.ComponentModel { + using System; + using System.Diagnostics.Contracts; + using DotNetOpenAuth.InfoCard; + + /// <summary> + /// A design-time helper to give a Uri property an auto-complete functionality + /// listing the URIs in the <see cref="WellKnownIssuers"/> class. + /// </summary> + public class IssuersSuggestions : SuggestedStringsConverter { + /// <summary> + /// Initializes a new instance of the <see cref="IssuersSuggestions"/> class. + /// </summary> + [Obsolete("This class is meant for design-time use within an IDE, and not meant to be used directly by runtime code.")] + public IssuersSuggestions() { + } + + /// <summary> + /// Gets the type to reflect over to extract the well known values. + /// </summary> + [Pure] + protected override Type WellKnownValuesType { + get { return typeof(WellKnownIssuers); } + } + } +} diff --git a/src/DotNetOpenAuth.InfoCard/DotNetOpenAuth.InfoCard.csproj b/src/DotNetOpenAuth.InfoCard/DotNetOpenAuth.InfoCard.csproj new file mode 100644 index 0000000..62ac34b --- /dev/null +++ b/src/DotNetOpenAuth.InfoCard/DotNetOpenAuth.InfoCard.csproj @@ -0,0 +1,362 @@ +<?xml version="1.0" encoding="utf-8"?> +<Project ToolsVersion="4.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003"> + <Import Project="$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.props))\EnlistmentInfo.props" Condition=" '$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.props))' != '' " /> + <PropertyGroup> + <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration> + <Platform Condition=" '$(Platform)' == '' ">AnyCPU</Platform> + <CodeContractsAssemblyMode>1</CodeContractsAssemblyMode> + </PropertyGroup> + <Import Project="$(ProjectRoot)tools\DotNetOpenAuth.props" /> + <PropertyGroup> + <ProductVersion>9.0.30729</ProductVersion> + <SchemaVersion>2.0</SchemaVersion> + <ProjectGuid>{408D10B8-34BA-4CBD-B7AA-FEB1907ABA4C}</ProjectGuid> + <OutputType>Library</OutputType> + <AppDesignerFolder>Properties</AppDesignerFolder> + <RootNamespace>DotNetOpenAuth</RootNamespace> + <AssemblyName>DotNetOpenAuth.InfoCard</AssemblyName> + <AssemblyName Condition=" '$(NoUIControls)' == 'true' ">DotNetOpenAuth.NoUI</AssemblyName> + <FileAlignment>512</FileAlignment> + <StandardCopyright> +Copyright (c) 2009, Andrew Arnott. All rights reserved. +Code licensed under the Ms-PL License: +http://opensource.org/licenses/ms-pl.html +</StandardCopyright> + <FileUpgradeFlags> + </FileUpgradeFlags> + <OldToolsVersion>3.5</OldToolsVersion> + <UpgradeBackupLocation /> + <IsWebBootstrapper>false</IsWebBootstrapper> + <TargetFrameworkProfile /> + <PublishUrl>publish\</PublishUrl> + <Install>true</Install> + <InstallFrom>Disk</InstallFrom> + <UpdateEnabled>false</UpdateEnabled> + <UpdateMode>Foreground</UpdateMode> + <UpdateInterval>7</UpdateInterval> + <UpdateIntervalUnits>Days</UpdateIntervalUnits> + <UpdatePeriodically>false</UpdatePeriodically> + <UpdateRequired>false</UpdateRequired> + <MapFileExtensions>true</MapFileExtensions> + <ApplicationRevision>0</ApplicationRevision> + <ApplicationVersion>1.0.0.%2a</ApplicationVersion> + <UseApplicationTrust>false</UseApplicationTrust> + <BootstrapperEnabled>true</BootstrapperEnabled> + <ApplicationIcon> + </ApplicationIcon> + <DocumentationFile>$(OutputPath)$(AssemblyName).xml</DocumentationFile> + </PropertyGroup> + <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' "> + <DebugSymbols>true</DebugSymbols> + <DebugType>full</DebugType> + <Optimize>false</Optimize> + <DefineConstants>DEBUG;TRACE</DefineConstants> + <ErrorReport>prompt</ErrorReport> + <WarningLevel>4</WarningLevel> + <AllowUnsafeBlocks>false</AllowUnsafeBlocks> + <RunCodeAnalysis>false</RunCodeAnalysis> + <CodeAnalysisRules> + </CodeAnalysisRules> + <CodeContractsEnableRuntimeChecking>True</CodeContractsEnableRuntimeChecking> + <CodeContractsCustomRewriterAssembly> + </CodeContractsCustomRewriterAssembly> + <CodeContractsCustomRewriterClass> + </CodeContractsCustomRewriterClass> + <CodeContractsRuntimeCheckingLevel>Full</CodeContractsRuntimeCheckingLevel> + <CodeContractsRunCodeAnalysis>False</CodeContractsRunCodeAnalysis> + <CodeContractsBuildReferenceAssembly>True</CodeContractsBuildReferenceAssembly> + <CodeContractsNonNullObligations>True</CodeContractsNonNullObligations> + <CodeContractsBoundsObligations>True</CodeContractsBoundsObligations> + <CodeContractsLibPaths> + </CodeContractsLibPaths> + <CodeContractsPlatformPath> + </CodeContractsPlatformPath> + <CodeContractsExtraAnalysisOptions> + </CodeContractsExtraAnalysisOptions> + <CodeContractsBaseLineFile> + </CodeContractsBaseLineFile> + <CodeContractsUseBaseLine>False</CodeContractsUseBaseLine> + <CodeContractsRunInBackground>True</CodeContractsRunInBackground> + <CodeContractsShowSquigglies>True</CodeContractsShowSquigglies> + <CodeContractsArithmeticObligations>False</CodeContractsArithmeticObligations> + <CodeContractsRuntimeOnlyPublicSurface>False</CodeContractsRuntimeOnlyPublicSurface> + <CodeContractsRuntimeThrowOnFailure>True</CodeContractsRuntimeThrowOnFailure> + <CodeContractsRuntimeCallSiteRequires>False</CodeContractsRuntimeCallSiteRequires> + <CodeContractsEmitXMLDocs>True</CodeContractsEmitXMLDocs> + <CodeContractsRedundantAssumptions>False</CodeContractsRedundantAssumptions> + <CodeContractsReferenceAssembly>Build</CodeContractsReferenceAssembly> + <CodeAnalysisRuleSet>Migrated rules for DotNetOpenAuth.ruleset</CodeAnalysisRuleSet> + <CodeContractsExtraRewriteOptions /> + </PropertyGroup> + <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Release|AnyCPU' "> + <DebugType>pdbonly</DebugType> + <Optimize>true</Optimize> + <DefineConstants>TRACE</DefineConstants> + <ErrorReport>prompt</ErrorReport> + <WarningLevel>4</WarningLevel> + <AllowUnsafeBlocks>false</AllowUnsafeBlocks> + <RunCodeAnalysis>true</RunCodeAnalysis> + <CodeAnalysisRules> + </CodeAnalysisRules> + <CodeContractsEnableRuntimeChecking>True</CodeContractsEnableRuntimeChecking> + <CodeContractsCustomRewriterAssembly> + </CodeContractsCustomRewriterAssembly> + <CodeContractsCustomRewriterClass> + </CodeContractsCustomRewriterClass> + <CodeContractsRuntimeCheckingLevel>ReleaseRequires</CodeContractsRuntimeCheckingLevel> + <CodeContractsRunCodeAnalysis>False</CodeContractsRunCodeAnalysis> + <CodeContractsBuildReferenceAssembly>True</CodeContractsBuildReferenceAssembly> + <CodeContractsNonNullObligations>False</CodeContractsNonNullObligations> + <CodeContractsBoundsObligations>False</CodeContractsBoundsObligations> + <CodeContractsLibPaths> + </CodeContractsLibPaths> + <CodeContractsPlatformPath> + </CodeContractsPlatformPath> + <CodeContractsExtraAnalysisOptions> + </CodeContractsExtraAnalysisOptions> + <CodeContractsBaseLineFile> + </CodeContractsBaseLineFile> + <CodeContractsUseBaseLine>False</CodeContractsUseBaseLine> + <CodeContractsRunInBackground>True</CodeContractsRunInBackground> + <CodeContractsShowSquigglies>False</CodeContractsShowSquigglies> + <CodeContractsArithmeticObligations>False</CodeContractsArithmeticObligations> + <CodeContractsRuntimeOnlyPublicSurface>False</CodeContractsRuntimeOnlyPublicSurface> + <CodeContractsRuntimeThrowOnFailure>True</CodeContractsRuntimeThrowOnFailure> + <CodeContractsRuntimeCallSiteRequires>False</CodeContractsRuntimeCallSiteRequires> + <CodeContractsEmitXMLDocs>True</CodeContractsEmitXMLDocs> + <CodeContractsRedundantAssumptions>False</CodeContractsRedundantAssumptions> + <CodeContractsReferenceAssembly>Build</CodeContractsReferenceAssembly> + <CodeAnalysisRuleSet>Migrated rules for DotNetOpenAuth.ruleset</CodeAnalysisRuleSet> + <CodeContractsExtraRewriteOptions /> + </PropertyGroup> + <PropertyGroup Condition="'$(Configuration)|$(Platform)' == 'ReleaseNoUI|AnyCPU'"> + <DefineConstants>TRACE;NoUIControls</DefineConstants> + <NoUIControls>true</NoUIControls> + <Optimize>true</Optimize> + <NoWarn>;1607</NoWarn> + <DebugType>pdbonly</DebugType> + <PlatformTarget>AnyCPU</PlatformTarget> + <ErrorReport>prompt</ErrorReport> + <CodeContractsEnableRuntimeChecking>True</CodeContractsEnableRuntimeChecking> + <CodeContractsCustomRewriterAssembly> + </CodeContractsCustomRewriterAssembly> + <CodeContractsCustomRewriterClass> + </CodeContractsCustomRewriterClass> + <CodeContractsRuntimeCheckingLevel>ReleaseRequires</CodeContractsRuntimeCheckingLevel> + <CodeContractsRunCodeAnalysis>False</CodeContractsRunCodeAnalysis> + <CodeContractsBuildReferenceAssembly>True</CodeContractsBuildReferenceAssembly> + <CodeContractsNonNullObligations>False</CodeContractsNonNullObligations> + <CodeContractsBoundsObligations>False</CodeContractsBoundsObligations> + <CodeContractsLibPaths> + </CodeContractsLibPaths> + <CodeContractsPlatformPath> + </CodeContractsPlatformPath> + <CodeContractsExtraAnalysisOptions> + </CodeContractsExtraAnalysisOptions> + <CodeContractsBaseLineFile> + </CodeContractsBaseLineFile> + <CodeContractsUseBaseLine>False</CodeContractsUseBaseLine> + <CodeContractsRunInBackground>True</CodeContractsRunInBackground> + <CodeContractsShowSquigglies>False</CodeContractsShowSquigglies> + <CodeContractsArithmeticObligations>False</CodeContractsArithmeticObligations> + <CodeContractsRuntimeOnlyPublicSurface>False</CodeContractsRuntimeOnlyPublicSurface> + <CodeContractsRuntimeThrowOnFailure>True</CodeContractsRuntimeThrowOnFailure> + <CodeContractsRuntimeCallSiteRequires>False</CodeContractsRuntimeCallSiteRequires> + <CodeContractsEmitXMLDocs>True</CodeContractsEmitXMLDocs> + <CodeContractsRedundantAssumptions>False</CodeContractsRedundantAssumptions> + <CodeContractsReferenceAssembly>Build</CodeContractsReferenceAssembly> + <CodeContractsExtraRewriteOptions /> + <CodeAnalysisRuleSet>Migrated rules for DotNetOpenAuth.ruleset</CodeAnalysisRuleSet> + </PropertyGroup> + <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'CodeAnalysis|AnyCPU' "> + <DebugSymbols>true</DebugSymbols> + <DefineConstants>$(DefineConstants);CONTRACTS_FULL;DEBUG;TRACE</DefineConstants> + <DebugType>full</DebugType> + <PlatformTarget>AnyCPU</PlatformTarget> + <CodeAnalysisRules> + </CodeAnalysisRules> + <CodeAnalysisUseTypeNameInSuppression>true</CodeAnalysisUseTypeNameInSuppression> + <CodeAnalysisModuleSuppressionsFile>GlobalSuppressions.cs</CodeAnalysisModuleSuppressionsFile> + <ErrorReport>prompt</ErrorReport> + <CodeContractsEnableRuntimeChecking>True</CodeContractsEnableRuntimeChecking> + <CodeContractsCustomRewriterAssembly> + </CodeContractsCustomRewriterAssembly> + <CodeContractsCustomRewriterClass> + </CodeContractsCustomRewriterClass> + <CodeContractsRuntimeCheckingLevel>Preconditions</CodeContractsRuntimeCheckingLevel> + <CodeContractsRunCodeAnalysis>True</CodeContractsRunCodeAnalysis> + <CodeContractsBuildReferenceAssembly>True</CodeContractsBuildReferenceAssembly> + <CodeContractsNonNullObligations>False</CodeContractsNonNullObligations> + <CodeContractsBoundsObligations>False</CodeContractsBoundsObligations> + <CodeContractsLibPaths> + </CodeContractsLibPaths> + <CodeContractsPlatformPath> + </CodeContractsPlatformPath> + <CodeContractsExtraAnalysisOptions> + </CodeContractsExtraAnalysisOptions> + <CodeContractsBaseLineFile> + </CodeContractsBaseLineFile> + <CodeContractsUseBaseLine>False</CodeContractsUseBaseLine> + <CodeContractsRunInBackground>True</CodeContractsRunInBackground> + <CodeContractsShowSquigglies>True</CodeContractsShowSquigglies> + <RunCodeAnalysis>true</RunCodeAnalysis> + <CodeContractsArithmeticObligations>False</CodeContractsArithmeticObligations> + <CodeContractsRuntimeOnlyPublicSurface>False</CodeContractsRuntimeOnlyPublicSurface> + <CodeContractsRuntimeThrowOnFailure>True</CodeContractsRuntimeThrowOnFailure> + <CodeContractsRuntimeCallSiteRequires>False</CodeContractsRuntimeCallSiteRequires> + <CodeContractsEmitXMLDocs>True</CodeContractsEmitXMLDocs> + <CodeContractsRedundantAssumptions>False</CodeContractsRedundantAssumptions> + <CodeContractsReferenceAssembly>Build</CodeContractsReferenceAssembly> + <CodeAnalysisRuleSet>Migrated rules for DotNetOpenAuth.ruleset</CodeAnalysisRuleSet> + <CodeContractsExtraRewriteOptions /> + </PropertyGroup> + <ItemGroup> + <Reference Include="log4net, Version=1.2.10.0, Culture=neutral, PublicKeyToken=1b44e1d426115821, processorArchitecture=MSIL"> + <SpecificVersion>False</SpecificVersion> + </Reference> + <Reference Include="PresentationFramework"> + <RequiredTargetFramework>3.0</RequiredTargetFramework> + </Reference> + <Reference Include="System" /> + <Reference Include="System.Security" /> + <Reference Include="System.configuration" /> + <Reference Include="System.Core"> + <RequiredTargetFramework>3.5</RequiredTargetFramework> + </Reference> + <Reference Include="System.Data" /> + <Reference Include="System.Drawing" /> + <Reference Include="System.IdentityModel"> + <RequiredTargetFramework>3.0</RequiredTargetFramework> + </Reference> + <Reference Include="System.IdentityModel.Selectors"> + <RequiredTargetFramework>3.0</RequiredTargetFramework> + </Reference> + <Reference Include="System.Runtime.Serialization"> + <RequiredTargetFramework>3.0</RequiredTargetFramework> + </Reference> + <Reference Include="System.ServiceModel"> + <RequiredTargetFramework>3.0</RequiredTargetFramework> + </Reference> + <Reference Include="System.ServiceModel.Web"> + <RequiredTargetFramework>3.5</RequiredTargetFramework> + </Reference> + <Reference Include="System.Web" /> + <Reference Include="System.Web.Abstractions"> + <RequiredTargetFramework>3.5</RequiredTargetFramework> + </Reference> + <Reference Include="System.Web.Extensions"> + <RequiredTargetFramework>3.5</RequiredTargetFramework> + </Reference> + <Reference Include="System.Web.Extensions.Design"> + <RequiredTargetFramework>3.5</RequiredTargetFramework> + </Reference> + <Reference Include="System.Web.Mobile" Condition=" '$(ClrVersion)' != '4' " /> + <Reference Include="System.Web.Routing"> + <RequiredTargetFramework>3.5</RequiredTargetFramework> + </Reference> + <Reference Include="System.Windows.Forms" /> + <Reference Include="System.Xaml" Condition=" '$(ClrVersion)' == '4' " /> + <Reference Include="System.XML" /> + <Reference Include="System.Xml.Linq"> + <RequiredTargetFramework>3.5</RequiredTargetFramework> + </Reference> + <Reference Include="WindowsBase"> + <RequiredTargetFramework>3.0</RequiredTargetFramework> + </Reference> + <Reference Include="System.ComponentModel.DataAnnotations"> + <RequiredTargetFramework>3.5</RequiredTargetFramework> + </Reference> + </ItemGroup> + <ItemGroup Condition=" '$(ClrVersion)' == '4' "> + <Reference Include="System.Web.Mvc, Version=2.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL" /> + </ItemGroup> + <ItemGroup Condition=" '$(ClrVersion)' != '4' "> + <!-- MVC 2 can run on CLR 2 (it doesn't require CLR 4) but since MVC 2 apps tend to use type forwarding, + it's a more broadly consumable idea to bind against MVC 1 for the library unless we're building on CLR 4, + which will definitely have MVC 2 available. --> + <Reference Include="System.Web.Mvc, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL" /> + </ItemGroup> + <ItemGroup> + <Compile Include="ComponentModel\IssuersSuggestions.cs" /> + <Compile Include="InfoCard\ClaimType.cs" /> + <Compile Include="InfoCard\InfoCardImage.cs" /> + <Compile Include="InfoCard\InfoCardStrings.Designer.cs"> + <AutoGen>True</AutoGen> + <DesignTime>True</DesignTime> + <DependentUpon>InfoCardStrings.resx</DependentUpon> + </Compile> + <Compile Include="InfoCard\Token\InformationCardException.cs" /> + <Compile Include="InfoCard\Token\Token.cs" /> + <Compile Include="InfoCard\Token\TokenUtility.cs" /> + <Compile Include="InfoCard\Token\TokenDecryptor.cs" /> + <Compile Include="InfoCard\WellKnownIssuers.cs" /> + <Compile Include="Properties\AssemblyInfo.cs" /> + </ItemGroup> + <ItemGroup Condition=" '$(NoUIControls)' != 'true' "> + <Compile Include="InfoCard\ReceivingTokenEventArgs.cs" /> + <Compile Include="InfoCard\TokenProcessingErrorEventArgs.cs" /> + <Compile Include="InfoCard\InfoCardSelector.cs" /> + <Compile Include="InfoCard\ReceivedTokenEventArgs.cs" /> + </ItemGroup> + <ItemGroup> + <EmbeddedResource Include="InfoCard\InfoCardStrings.resx"> + <Generator>ResXFileCodeGenerator</Generator> + <LastGenOutput>InfoCardStrings.Designer.cs</LastGenOutput> + </EmbeddedResource> + <EmbeddedResource Include="InfoCard\infocard_114x80.png" /> + <EmbeddedResource Include="InfoCard\infocard_14x10.png" /> + <EmbeddedResource Include="InfoCard\infocard_214x150.png" /> + <EmbeddedResource Include="InfoCard\infocard_23x16.png" /> + <EmbeddedResource Include="InfoCard\infocard_300x210.png" /> + <EmbeddedResource Include="InfoCard\infocard_34x24.png" /> + <EmbeddedResource Include="InfoCard\infocard_365x256.png" /> + <EmbeddedResource Include="InfoCard\infocard_41x29.png" /> + <EmbeddedResource Include="InfoCard\infocard_50x35.png" /> + <EmbeddedResource Include="InfoCard\infocard_60x42.png" /> + <EmbeddedResource Include="InfoCard\infocard_71x50.png" /> + <EmbeddedResource Include="InfoCard\infocard_81x57.png" /> + <EmbeddedResource Include="InfoCard\infocard_92x64.png" /> + <EmbeddedResource Include="InfoCard\SupportingScript.js"> + <Copyright>$(StandardCopyright)</Copyright> + </EmbeddedResource> + </ItemGroup> + <ItemGroup> + <EmbeddedResource Include="InfoCard\InfoCardStrings.sr.resx" /> + </ItemGroup> + <ItemGroup> + <BootstrapperPackage Include="Microsoft.Net.Client.3.5"> + <Visible>False</Visible> + <ProductName>.NET Framework 3.5 SP1 Client Profile</ProductName> + <Install>false</Install> + </BootstrapperPackage> + <BootstrapperPackage Include="Microsoft.Net.Framework.3.5.SP1"> + <Visible>False</Visible> + <ProductName>.NET Framework 3.5 SP1</ProductName> + <Install>true</Install> + </BootstrapperPackage> + <BootstrapperPackage Include="Microsoft.Windows.Installer.3.1"> + <Visible>False</Visible> + <ProductName>Windows Installer 3.1</ProductName> + <Install>true</Install> + </BootstrapperPackage> + </ItemGroup> + <ItemGroup> + <SignDependsOn Include="BuildUnifiedProduct" /> + <DelaySignedAssemblies Include="$(ILMergeOutputAssembly);
 $(OutputPath)CodeContracts\$(ProductName).Contracts.dll;
 " /> + </ItemGroup> + <PropertyGroup> + <!-- Don't sign the non-unified version of the assembly. --> + <SuppressTargetPathDelaySignedAssembly>true</SuppressTargetPathDelaySignedAssembly> + </PropertyGroup> + <Target Name="BuildUnifiedProduct" DependsOnTargets="Build" Inputs="@(ILMergeInputAssemblies)" Outputs="$(ILMergeOutputAssembly)"> + <PropertyGroup> + <!-- The ILMerge task doesn't properly quote the path. --> + <ILMergeTargetPlatformDirectory Condition=" '$(ClrVersion)' == '4' ">"$(MSBuildProgramFiles32)\Reference Assemblies\Microsoft\Framework\.NETFramework\v4.0"</ILMergeTargetPlatformDirectory> + </PropertyGroup> + <MakeDir Directories="$(ILMergeOutputAssemblyDirectory)" /> + <ILMerge ExcludeFile="$(ProjectRoot)ILMergeInternalizeExceptions.txt" InputAssemblies="@(ILMergeInputAssemblies)" OutputFile="$(ILMergeOutputAssembly)" KeyFile="$(PublicKeyFile)" DelaySign="true" ToolPath="$(ProjectRoot)tools\ILMerge" TargetPlatformVersion="$(ClrVersion).0" TargetPlatformDirectory="$(ILMergeTargetPlatformDirectory)" /> + </Target> + <Import Project="$(MSBuildToolsPath)\Microsoft.CSharp.targets" /> + <Import Project="$(ProjectRoot)tools\DotNetOpenAuth.targets" /> + <Import Project="$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.targets))\EnlistmentInfo.targets" Condition=" '$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.targets))' != '' " /> +</Project>
\ No newline at end of file diff --git a/src/DotNetOpenAuth.InfoCard/InfoCard/ClaimType.cs b/src/DotNetOpenAuth.InfoCard/InfoCard/ClaimType.cs new file mode 100644 index 0000000..9d3056a --- /dev/null +++ b/src/DotNetOpenAuth.InfoCard/InfoCard/ClaimType.cs @@ -0,0 +1,55 @@ +//----------------------------------------------------------------------- +// <copyright file="ClaimType.cs" company="Andrew Arnott"> +// Copyright (c) Andrew Arnott. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- + +namespace DotNetOpenAuth.InfoCard { + using System; + using System.ComponentModel; + using System.Diagnostics.Contracts; + using System.IdentityModel.Claims; + using System.Web.UI; + + /// <summary> + /// Description of a claim that is requested or required in a submitted Information Card. + /// </summary> + [PersistChildren(false)] + [Serializable] + [ContractVerification(true)] + public class ClaimType { + /// <summary> + /// Initializes a new instance of the <see cref="ClaimType"/> class. + /// </summary> + public ClaimType() { + } + + /// <summary> + /// Gets or sets the URI of a requested claim. + /// </summary> + /// <remarks> + /// For a list of well-known claim type URIs, see the <see cref="ClaimTypes"/> class. + /// </remarks> + [TypeConverter(typeof(ComponentModel.ClaimTypeSuggestions))] + public string Name { get; set; } + + /// <summary> + /// Gets or sets a value indicating whether this claim is optional. + /// </summary> + /// <value> + /// <c>true</c> if this instance is optional; otherwise, <c>false</c>. + /// </value> + [DefaultValue(false)] + public bool IsOptional { get; set; } + + /// <summary> + /// Returns a <see cref="T:System.String"/> that represents the current <see cref="T:System.Object"/>. + /// </summary> + /// <returns> + /// A <see cref="T:System.String"/> that represents the current <see cref="T:System.Object"/>. + /// </returns> + public override string ToString() { + return this.Name ?? "<no name>"; + } + } +} diff --git a/src/DotNetOpenAuth.InfoCard/InfoCard/InfoCardImage.cs b/src/DotNetOpenAuth.InfoCard/InfoCard/InfoCardImage.cs new file mode 100644 index 0000000..247f461 --- /dev/null +++ b/src/DotNetOpenAuth.InfoCard/InfoCard/InfoCardImage.cs @@ -0,0 +1,138 @@ +//----------------------------------------------------------------------- +// <copyright file="InfoCardImage.cs" company="Dominick Baier, Andrew Arnott"> +// Copyright (c) Dominick Baier, Andrew Arnott. All rights reserved. +// </copyright> +// <license>New BSD License</license> +//----------------------------------------------------------------------- + +// embedded images +[assembly: System.Web.UI.WebResource(DotNetOpenAuth.Util.DefaultNamespace + ".InfoCard.infocard_114x80.png", "image/png")] +[assembly: System.Web.UI.WebResource(DotNetOpenAuth.Util.DefaultNamespace + ".InfoCard.infocard_14x10.png", "image/png")] +[assembly: System.Web.UI.WebResource(DotNetOpenAuth.Util.DefaultNamespace + ".InfoCard.infocard_214x150.png", "image/png")] +[assembly: System.Web.UI.WebResource(DotNetOpenAuth.Util.DefaultNamespace + ".InfoCard.infocard_23x16.png", "image/png")] +[assembly: System.Web.UI.WebResource(DotNetOpenAuth.Util.DefaultNamespace + ".InfoCard.infocard_300x210.png", "image/png")] +[assembly: System.Web.UI.WebResource(DotNetOpenAuth.Util.DefaultNamespace + ".InfoCard.infocard_34x24.png", "image/png")] +[assembly: System.Web.UI.WebResource(DotNetOpenAuth.Util.DefaultNamespace + ".InfoCard.infocard_365x256.png", "image/png")] +[assembly: System.Web.UI.WebResource(DotNetOpenAuth.Util.DefaultNamespace + ".InfoCard.infocard_41x29.png", "image/png")] +[assembly: System.Web.UI.WebResource(DotNetOpenAuth.Util.DefaultNamespace + ".InfoCard.infocard_50x35.png", "image/png")] +[assembly: System.Web.UI.WebResource(DotNetOpenAuth.Util.DefaultNamespace + ".InfoCard.infocard_60x42.png", "image/png")] +[assembly: System.Web.UI.WebResource(DotNetOpenAuth.Util.DefaultNamespace + ".InfoCard.infocard_71x50.png", "image/png")] +[assembly: System.Web.UI.WebResource(DotNetOpenAuth.Util.DefaultNamespace + ".InfoCard.infocard_81x57.png", "image/png")] +[assembly: System.Web.UI.WebResource(DotNetOpenAuth.Util.DefaultNamespace + ".InfoCard.infocard_92x64.png", "image/png")] + +namespace DotNetOpenAuth.InfoCard { + using System; + using System.Diagnostics.CodeAnalysis; + using System.Diagnostics.Contracts; + using System.Globalization; + + /// <summary> + /// A set of sizes for which standard InfoCard icons are available. + /// </summary> + public enum InfoCardImageSize { + /// <summary> + /// A standard InfoCard icon with size 14x10 + /// </summary> + [SuppressMessage("Microsoft.Naming", "CA1709:IdentifiersShouldBeCasedCorrectly", MessageId = "x", Justification = "By design")] + Size14x10, + + /// <summary> + /// A standard InfoCard icon with size 23x16 + /// </summary> + [SuppressMessage("Microsoft.Naming", "CA1709:IdentifiersShouldBeCasedCorrectly", MessageId = "x", Justification = "By design")] + Size23x16, + + /// <summary> + /// A standard InfoCard icon with size 34x24 + /// </summary> + [SuppressMessage("Microsoft.Naming", "CA1709:IdentifiersShouldBeCasedCorrectly", MessageId = "x", Justification = "By design")] + Size34x24, + + /// <summary> + /// A standard InfoCard icon with size 41x29 + /// </summary> + [SuppressMessage("Microsoft.Naming", "CA1709:IdentifiersShouldBeCasedCorrectly", MessageId = "x", Justification = "By design")] + Size41x29, + + /// <summary> + /// A standard InfoCard icon with size 50x35 + /// </summary> + [SuppressMessage("Microsoft.Naming", "CA1709:IdentifiersShouldBeCasedCorrectly", MessageId = "x", Justification = "By design")] + Size50x35, + + /// <summary> + /// A standard InfoCard icon with size 60x42 + /// </summary> + [SuppressMessage("Microsoft.Naming", "CA1709:IdentifiersShouldBeCasedCorrectly", MessageId = "x", Justification = "By design")] + Size60x42, + + /// <summary> + /// A standard InfoCard icon with size 71x50 + /// </summary> + [SuppressMessage("Microsoft.Naming", "CA1709:IdentifiersShouldBeCasedCorrectly", MessageId = "x", Justification = "By design")] + Size71x50, + + /// <summary> + /// A standard InfoCard icon with size 92x64 + /// </summary> + [SuppressMessage("Microsoft.Naming", "CA1709:IdentifiersShouldBeCasedCorrectly", MessageId = "x", Justification = "By design")] + Size92x64, + + /// <summary> + /// A standard InfoCard icon with size 114x80 + /// </summary> + [SuppressMessage("Microsoft.Naming", "CA1709:IdentifiersShouldBeCasedCorrectly", MessageId = "x", Justification = "By design")] + Size114x80, + + /// <summary> + /// A standard InfoCard icon with size 164x108 + /// </summary> + [SuppressMessage("Microsoft.Naming", "CA1709:IdentifiersShouldBeCasedCorrectly", MessageId = "x", Justification = "By design")] + Size164x108, + + /// <summary> + /// A standard InfoCard icon with size 214x50 + /// </summary> + [SuppressMessage("Microsoft.Naming", "CA1709:IdentifiersShouldBeCasedCorrectly", MessageId = "x", Justification = "By design")] + Size214x50, + + /// <summary> + /// A standard InfoCard icon with size 300x210 + /// </summary> + [SuppressMessage("Microsoft.Naming", "CA1709:IdentifiersShouldBeCasedCorrectly", MessageId = "x", Justification = "By design")] + Size300x210, + + /// <summary> + /// A standard InfoCard icon with size 365x256 + /// </summary> + [SuppressMessage("Microsoft.Naming", "CA1709:IdentifiersShouldBeCasedCorrectly", MessageId = "x", Justification = "By design")] + Size365x256, + } + + /// <summary> + /// Assists in selecting the InfoCard image to display in the user agent. + /// </summary> + internal static class InfoCardImage { + /// <summary> + /// The default size of the InfoCard icon to use. + /// </summary> + internal const InfoCardImageSize DefaultImageSize = InfoCardImageSize.Size114x80; + + /// <summary> + /// The format to use when generating the image manifest resource stream name. + /// </summary> + private const string UrlFormatString = Util.DefaultNamespace + ".InfoCard.infocard_{0}.png"; + + /// <summary> + /// Gets the name of the image manifest resource stream for an InfoCard image of the given size. + /// </summary> + /// <param name="size">The size of the desired InfoCard image.</param> + /// <returns>The manifest resource stream name.</returns> + internal static string GetImageManifestResourceStreamName(InfoCardImageSize size) { + string imageSize = size.ToString(); + Contract.Assume(imageSize.Length >= 6); + imageSize = imageSize.Substring(4); + return String.Format(CultureInfo.InvariantCulture, UrlFormatString, imageSize); + } + } +} diff --git a/src/DotNetOpenAuth.InfoCard/InfoCard/InfoCardSelector.cs b/src/DotNetOpenAuth.InfoCard/InfoCard/InfoCardSelector.cs new file mode 100644 index 0000000..ae45229 --- /dev/null +++ b/src/DotNetOpenAuth.InfoCard/InfoCard/InfoCardSelector.cs @@ -0,0 +1,772 @@ +//----------------------------------------------------------------------- +// <copyright file="InfoCardSelector.cs" company="Andrew Arnott"> +// Copyright (c) Andrew Arnott. All rights reserved. +// Certain elements are Copyright (c) 2007 Dominick Baier. +// </copyright> +//----------------------------------------------------------------------- + +[assembly: System.Web.UI.WebResource(DotNetOpenAuth.InfoCard.InfoCardSelector.ScriptResourceName, "text/javascript")] + +namespace DotNetOpenAuth.InfoCard { + using System; + using System.Collections.ObjectModel; + using System.ComponentModel; + using System.Diagnostics.CodeAnalysis; + using System.Diagnostics.Contracts; + using System.Drawing.Design; + using System.Globalization; + using System.Linq; + using System.Text; + using System.Text.RegularExpressions; + using System.Web; + using System.Web.UI; + using System.Web.UI.HtmlControls; + using System.Web.UI.WebControls; + using System.Xml; + using DotNetOpenAuth.Messaging; + + /// <summary> + /// The style to use for NOT displaying a hidden region. + /// </summary> + public enum RenderMode { + /// <summary> + /// A hidden region should be invisible while still occupying space in the page layout. + /// </summary> + Static, + + /// <summary> + /// A hidden region should collapse so that it does not occupy space in the page layout. + /// </summary> + Dynamic + } + + /// <summary> + /// An Information Card selector ASP.NET control. + /// </summary> + [ParseChildren(true, "ClaimsRequested")] + [PersistChildren(false)] + [DefaultEvent("ReceivedToken")] + [ToolboxData("<{0}:InfoCardSelector runat=\"server\"><ClaimsRequested><{0}:ClaimType Name=\"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier\" /></ClaimsRequested><UnsupportedTemplate><p>Your browser does not support Information Cards.</p></UnsupportedTemplate></{0}:InfoCardSelector>")] + [ContractVerification(true)] + public class InfoCardSelector : CompositeControl, IPostBackEventHandler { + /// <summary> + /// The resource name for getting at the SupportingScript.js embedded manifest stream. + /// </summary> + internal const string ScriptResourceName = "DotNetOpenAuth.InfoCard.SupportingScript.js"; + + #region Property constants + + /// <summary> + /// Default value for the <see cref="RenderMode"/> property. + /// </summary> + private const RenderMode RenderModeDefault = RenderMode.Dynamic; + + /// <summary> + /// Default value for the <see cref="AutoPostBack"/> property. + /// </summary> + private const bool AutoPostBackDefault = true; + + /// <summary> + /// Default value for the <see cref="AutoPopup"/> property. + /// </summary> + private const bool AutoPopupDefault = false; + + /// <summary> + /// Default value for the <see cref="PrivacyUrl"/> property. + /// </summary> + private const string PrivacyUrlDefault = ""; + + /// <summary> + /// Default value for the <see cref="PrivacyVersion"/> property. + /// </summary> + private const string PrivacyVersionDefault = ""; + + /// <summary> + /// Default value for the <see cref="InfoCardImage"/> property. + /// </summary> + private const InfoCardImageSize InfoCardImageDefault = InfoCardImage.DefaultImageSize; + + /// <summary> + /// Default value for the <see cref="IssuerPolicy"/> property. + /// </summary> + private const string IssuerPolicyDefault = ""; + + /// <summary> + /// Default value for the <see cref="Issuer"/> property. + /// </summary> + private const string IssuerDefault = WellKnownIssuers.SelfIssued; + + /// <summary> + /// The default value for the <see cref="TokenType"/> property. + /// </summary> + private const string TokenTypeDefault = "urn:oasis:names:tc:SAML:1.0:assertion"; + + /// <summary> + /// The viewstate key for storing the <see cref="Issuer" /> property. + /// </summary> + private const string IssuerViewStateKey = "Issuer"; + + /// <summary> + /// The viewstate key for storing the <see cref="IssuerPolicy" /> property. + /// </summary> + private const string IssuerPolicyViewStateKey = "IssuerPolicy"; + + /// <summary> + /// The viewstate key for storing the <see cref="AutoPopup" /> property. + /// </summary> + private const string AutoPopupViewStateKey = "AutoPopup"; + + /// <summary> + /// The viewstate key for storing the <see cref="ClaimsRequested" /> property. + /// </summary> + private const string ClaimsRequestedViewStateKey = "ClaimsRequested"; + + /// <summary> + /// The viewstate key for storing the <see cref="TokenType" /> property. + /// </summary> + private const string TokenTypeViewStateKey = "TokenType"; + + /// <summary> + /// The viewstate key for storing the <see cref="PrivacyUrl" /> property. + /// </summary> + private const string PrivacyUrlViewStateKey = "PrivacyUrl"; + + /// <summary> + /// The viewstate key for storing the <see cref="PrivacyVersion" /> property. + /// </summary> + private const string PrivacyVersionViewStateKey = "PrivacyVersion"; + + /// <summary> + /// The viewstate key for storing the <see cref="Audience" /> property. + /// </summary> + private const string AudienceViewStateKey = "Audience"; + + /// <summary> + /// The viewstate key for storing the <see cref="AutoPostBack" /> property. + /// </summary> + private const string AutoPostBackViewStateKey = "AutoPostBack"; + + /// <summary> + /// The viewstate key for storing the <see cref="ImageSize" /> property. + /// </summary> + private const string ImageSizeViewStateKey = "ImageSize"; + + /// <summary> + /// The viewstate key for storing the <see cref="RenderMode" /> property. + /// </summary> + private const string RenderModeViewStateKey = "RenderMode"; + + #endregion + + #region Categories + + /// <summary> + /// The "Behavior" property category. + /// </summary> + private const string BehaviorCategory = "Behavior"; + + /// <summary> + /// The "Appearance" property category. + /// </summary> + private const string AppearanceCategory = "Appearance"; + + /// <summary> + /// The "InfoCard" property category. + /// </summary> + private const string InfoCardCategory = "InfoCard"; + + #endregion + + /// <summary> + /// The panel containing the controls to display if InfoCard is supported in the user agent. + /// </summary> + private Panel infoCardSupportedPanel; + + /// <summary> + /// The panel containing the controls to display if InfoCard is NOT supported in the user agent. + /// </summary> + private Panel infoCardNotSupportedPanel; + + /// <summary> + /// Recalls whether the <see cref="Audience"/> property has been set yet, + /// so its default can be set as soon as possible without overwriting + /// an intentional value. + /// </summary> + private bool audienceSet; + + /// <summary> + /// Initializes a new instance of the <see cref="InfoCardSelector"/> class. + /// </summary> + public InfoCardSelector() { + this.ToolTip = InfoCardStrings.SelectorClickPrompt; + Reporting.RecordFeatureUse(this); + } + + /// <summary> + /// Occurs when an InfoCard has been submitted but not decoded yet. + /// </summary> + [Category(InfoCardCategory)] + public event EventHandler<ReceivingTokenEventArgs> ReceivingToken; + + /// <summary> + /// Occurs when an InfoCard has been submitted and decoded. + /// </summary> + [Category(InfoCardCategory)] + public event EventHandler<ReceivedTokenEventArgs> ReceivedToken; + + /// <summary> + /// Occurs when an InfoCard token is submitted but an error occurs in processing. + /// </summary> + [Category(InfoCardCategory)] + public event EventHandler<TokenProcessingErrorEventArgs> TokenProcessingError; + + #region Properties + + /// <summary> + /// Gets the set of claims that are requested from the Information Card. + /// </summary> + [Description("Specifies the required and optional claims.")] + [PersistenceMode(PersistenceMode.InnerProperty), Category(InfoCardCategory)] + public Collection<ClaimType> ClaimsRequested { + get { + Contract.Ensures(Contract.Result<Collection<ClaimType>>() != null); + if (this.ViewState[ClaimsRequestedViewStateKey] == null) { + var claims = new Collection<ClaimType>(); + this.ViewState[ClaimsRequestedViewStateKey] = claims; + return claims; + } else { + return (Collection<ClaimType>)this.ViewState[ClaimsRequestedViewStateKey]; + } + } + } + + /// <summary> + /// Gets or sets the issuer URI. + /// </summary> + [Description("When receiving managed cards, this is the only Issuer whose cards will be accepted.")] + [Category(InfoCardCategory), DefaultValue(IssuerDefault)] + [TypeConverter(typeof(ComponentModel.IssuersSuggestions))] + public string Issuer { + get { return (string)this.ViewState[IssuerViewStateKey] ?? IssuerDefault; } + set { this.ViewState[IssuerViewStateKey] = value; } + } + + /// <summary> + /// Gets or sets the issuer policy URI. + /// </summary> + [Description("Specifies the URI of the issuer MEX endpoint")] + [Category(InfoCardCategory), DefaultValue(IssuerPolicyDefault)] + public string IssuerPolicy { + get { return (string)this.ViewState[IssuerPolicyViewStateKey] ?? IssuerPolicyDefault; } + set { this.ViewState[IssuerPolicyViewStateKey] = value; } + } + + /// <summary> + /// Gets or sets the URL to this site's privacy policy. + /// </summary> + [Description("The URL to this site's privacy policy.")] + [Category(InfoCardCategory), DefaultValue(PrivacyUrlDefault)] + [SuppressMessage("Microsoft.Usage", "CA1806:DoNotIgnoreMethodResults", MessageId = "System.Uri", Justification = "We construct a Uri to validate the format of the string.")] + [SuppressMessage("Microsoft.Usage", "CA2234:PassSystemUriObjectsInsteadOfStrings", Justification = "That overload is NOT the same.")] + [SuppressMessage("Microsoft.Design", "CA1056:UriPropertiesShouldNotBeStrings", Justification = "This can take ~/ paths.")] + public string PrivacyUrl { + get { + return (string)this.ViewState[PrivacyUrlViewStateKey] ?? PrivacyUrlDefault; + } + + set { + ErrorUtilities.VerifyOperation(string.IsNullOrEmpty(value) || this.Page == null || this.DesignMode || (HttpContext.Current != null && HttpContext.Current.Request != null), MessagingStrings.HttpContextRequired); + if (!string.IsNullOrEmpty(value)) { + if (this.Page != null && !this.DesignMode) { + // Validate new value by trying to construct a Uri based on it. + new Uri(new HttpRequestInfo(HttpContext.Current.Request).UrlBeforeRewriting, this.Page.ResolveUrl(value)); // throws an exception on failure. + } else { + // We can't fully test it, but it should start with either ~/ or a protocol. + if (Regex.IsMatch(value, @"^https?://")) { + new Uri(value); // make sure it's fully-qualified, but ignore wildcards + } else if (value.StartsWith("~/", StringComparison.Ordinal)) { + // this is valid too + } else { + throw new UriFormatException(); + } + } + } + + this.ViewState[PrivacyUrlViewStateKey] = value; + } + } + + /// <summary> + /// Gets or sets the version of the privacy policy file. + /// </summary> + [Description("Specifies the version of the privacy policy file")] + [Category(InfoCardCategory), DefaultValue(PrivacyVersionDefault)] + public string PrivacyVersion { + get { return (string)this.ViewState[PrivacyVersionViewStateKey] ?? PrivacyVersionDefault; } + set { this.ViewState[PrivacyVersionViewStateKey] = value; } + } + + /// <summary> + /// Gets or sets the URI that must be found for the SAML token's intended audience + /// in order for the token to be processed. + /// </summary> + /// <value>Typically the URI of the page hosting the control, or <c>null</c> to disable audience verification.</value> + /// <remarks> + /// Disabling audience verification introduces a security risk + /// because tokens can be redirected to allow access to unintended resources. + /// </remarks> + [Description("Specifies the URI that must be found for the SAML token's intended audience.")] + [Bindable(true), Category(InfoCardCategory)] + [TypeConverter(typeof(ComponentModel.UriConverter))] + [UrlProperty, Editor("System.Web.UI.Design.UrlEditor, System.Design, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a", typeof(UITypeEditor))] + public Uri Audience { + get { + return (Uri)this.ViewState[AudienceViewStateKey]; + } + + set { + this.ViewState[AudienceViewStateKey] = value; + this.audienceSet = true; + } + } + + /// <summary> + /// Gets or sets a value indicating whether a postback will automatically + /// be invoked when the user selects an Information Card. + /// </summary> + [Description("Specifies if the pages automatically posts back after the user has selected a card")] + [Category(BehaviorCategory), DefaultValue(AutoPostBackDefault)] + public bool AutoPostBack { + get { return (bool)(this.ViewState[AutoPostBackViewStateKey] ?? AutoPostBackDefault); } + set { this.ViewState[AutoPostBackViewStateKey] = value; } + } + + /// <summary> + /// Gets or sets the size of the standard InfoCard image to display. + /// </summary> + /// <value>The default size is 114x80.</value> + [Description("The size of the InfoCard image to use. Defaults to 114x80.")] + [DefaultValue(InfoCardImageDefault), Category(AppearanceCategory)] + public InfoCardImageSize ImageSize { + get { return (InfoCardImageSize)(this.ViewState[ImageSizeViewStateKey] ?? InfoCardImageDefault); } + set { this.ViewState[ImageSizeViewStateKey] = value; } + } + + /// <summary> + /// Gets or sets the template to display when the user agent lacks + /// an Information Card selector. + /// </summary> + [Browsable(false), DefaultValue("")] + [PersistenceMode(PersistenceMode.InnerProperty), TemplateContainer(typeof(InfoCardSelector))] + public virtual ITemplate UnsupportedTemplate { get; set; } + + /// <summary> + /// Gets or sets a value indicating whether a hidden region (either + /// the unsupported or supported InfoCard HTML) + /// collapses or merely becomes invisible when it is not to be displayed. + /// </summary> + [Description("Whether the hidden region collapses or merely becomes invisible.")] + [Category(AppearanceCategory), DefaultValue(RenderModeDefault)] + public RenderMode RenderMode { + get { return (RenderMode)(this.ViewState[RenderModeViewStateKey] ?? RenderModeDefault); } + set { this.ViewState[RenderModeViewStateKey] = value; } + } + + /// <summary> + /// Gets or sets a value indicating whether the identity selector will be triggered at page load. + /// </summary> + [Description("Controls whether the InfoCard selector automatically appears when the page is loaded.")] + [Category(BehaviorCategory), DefaultValue(AutoPopupDefault)] + public bool AutoPopup { + get { return (bool)(this.ViewState[AutoPopupViewStateKey] ?? AutoPopupDefault); } + set { this.ViewState[AutoPopupViewStateKey] = value; } + } + + #endregion + + /// <summary> + /// Gets the name of the hidden field that is used to transport the token back to the server. + /// </summary> + private string HiddenFieldName { + get { return this.ClientID + "_tokenxml"; } + } + + /// <summary> + /// Gets the id of the OBJECT tag that creates the InfoCard Selector. + /// </summary> + private string SelectorObjectId { + get { return this.ClientID + "_cs"; } + } + + /// <summary> + /// Gets the XML token, which will be encrypted if it was received over SSL. + /// </summary> + private string TokenXml { + get { return this.Page.Request.Form[this.HiddenFieldName]; } + } + + /// <summary> + /// Gets or sets the type of token the page is prepared to receive. + /// </summary> + [Description("Specifies the token type. Defaults to SAML 1.0")] + [DefaultValue(TokenTypeDefault), Category(InfoCardCategory)] + private string TokenType { + get { return (string)this.ViewState[TokenTypeViewStateKey] ?? TokenTypeDefault; } + set { this.ViewState[TokenTypeViewStateKey] = value; } + } + + /// <summary> + /// When implemented by a class, enables a server control to process an event raised when a form is posted to the server. + /// </summary> + /// <param name="eventArgument">A <see cref="T:System.String"/> that represents an optional event argument to be passed to the event handler.</param> + void IPostBackEventHandler.RaisePostBackEvent(string eventArgument) { + this.RaisePostBackEvent(eventArgument); + } + + /// <summary> + /// When implemented by a class, enables a server control to process an event raised when a form is posted to the server. + /// </summary> + /// <param name="eventArgument">A <see cref="T:System.String"/> that represents an optional event argument to be passed to the event handler.</param> + [SuppressMessage("Microsoft.Design", "CA1030:UseEventsWhereAppropriate", Justification = "Predefined signature.")] + protected virtual void RaisePostBackEvent(string eventArgument) { + if (!string.IsNullOrEmpty(this.TokenXml)) { + try { + ReceivingTokenEventArgs receivingArgs = this.OnReceivingToken(this.TokenXml); + + if (!receivingArgs.Cancel) { + try { + Token token = Token.Read(this.TokenXml, this.Audience, receivingArgs.DecryptingTokens); + this.OnReceivedToken(token); + } catch (InformationCardException ex) { + this.OnTokenProcessingError(this.TokenXml, ex); + } + } + } catch (XmlException ex) { + this.OnTokenProcessingError(this.TokenXml, ex); + } + } + } + + /// <summary> + /// Fires the <see cref="ReceivingToken"/> event. + /// </summary> + /// <param name="tokenXml">The token XML, prior to any processing.</param> + /// <returns>The event arguments sent to the event handlers.</returns> + [SuppressMessage("Microsoft.Naming", "CA1704:IdentifiersShouldBeSpelledCorrectly", MessageId = "decryptor", Justification = "By design")] + protected virtual ReceivingTokenEventArgs OnReceivingToken(string tokenXml) { + Contract.Requires<ArgumentNullException>(tokenXml != null); + + var args = new ReceivingTokenEventArgs(tokenXml); + var receivingToken = this.ReceivingToken; + if (receivingToken != null) { + receivingToken(this, args); + } + + return args; + } + + /// <summary> + /// Fires the <see cref="ReceivedToken"/> event. + /// </summary> + /// <param name="token">The token, if it was decrypted.</param> + protected virtual void OnReceivedToken(Token token) { + Contract.Requires<ArgumentNullException>(token != null); + + var receivedInfoCard = this.ReceivedToken; + if (receivedInfoCard != null) { + receivedInfoCard(this, new ReceivedTokenEventArgs(token)); + } + } + + /// <summary> + /// Fires the <see cref="TokenProcessingError"/> event. + /// </summary> + /// <param name="unprocessedToken">The unprocessed token.</param> + /// <param name="ex">The exception generated while processing the token.</param> + protected virtual void OnTokenProcessingError(string unprocessedToken, Exception ex) { + Contract.Requires<ArgumentNullException>(unprocessedToken != null); + Contract.Requires<ArgumentNullException>(ex != null); + + var tokenProcessingError = this.TokenProcessingError; + if (tokenProcessingError != null) { + TokenProcessingErrorEventArgs args = new TokenProcessingErrorEventArgs(unprocessedToken, ex); + tokenProcessingError(this, args); + } + } + + /// <summary> + /// Raises the <see cref="E:System.Web.UI.Control.Init"/> event. + /// </summary> + /// <param name="e">An <see cref="T:System.EventArgs"/> object that contains the event data.</param> + protected override void OnInit(EventArgs e) { + // Give a default for the Audience property that allows for + // the aspx page to have preset it, and ViewState + // to initialize it (even to null) after this. + if (!this.audienceSet && !this.DesignMode) { + this.Audience = this.Page.Request.Url; + } + + base.OnInit(e); + this.Page.LoadComplete += delegate { this.EnsureChildControls(); }; + } + + /// <summary> + /// Called by the ASP.NET page framework to notify server controls that use composition-based implementation to create any child controls they contain in preparation for posting back or rendering. + /// </summary> + protected override void CreateChildControls() { + base.CreateChildControls(); + + this.Page.ClientScript.RegisterHiddenField(this.HiddenFieldName, ""); + + this.Controls.Add(this.infoCardSupportedPanel = this.CreateInfoCardSupportedPanel()); + this.Controls.Add(this.infoCardNotSupportedPanel = this.CreateInfoCardUnsupportedPanel()); + + this.RenderSupportingScript(); + } + + /// <summary> + /// Raises the <see cref="E:System.Web.UI.Control.PreRender"/> event. + /// </summary> + /// <param name="e">An <see cref="T:System.EventArgs"/> object that contains the event data.</param> + protected override void OnPreRender(EventArgs e) { + base.OnPreRender(e); + + if (!this.DesignMode) { + // The Cardspace selector will display an ugly error to the user if + // the privacy URL is present but the privacy version is not. + ErrorUtilities.VerifyOperation(string.IsNullOrEmpty(this.PrivacyUrl) || !string.IsNullOrEmpty(this.PrivacyVersion), InfoCardStrings.PrivacyVersionRequiredWithPrivacyUrl); + } + + this.RegisterInfoCardSelectorObjectScript(); + } + + /// <summary> + /// Creates a control that renders to <Param Name="{0}" Value="{1}" /> + /// </summary> + /// <param name="name">The parameter name.</param> + /// <param name="value">The parameter value.</param> + /// <returns>The control that renders to the Param tag.</returns> + private static string CreateParamJs(string name, string value) { + Contract.Ensures(Contract.Result<string>() != null); + string scriptFormat = @" objp = document.createElement('param'); + objp.name = {0}; + objp.value = {1}; + obj.appendChild(objp); +"; + return string.Format( + CultureInfo.InvariantCulture, + scriptFormat, + MessagingUtilities.GetSafeJavascriptValue(name), + MessagingUtilities.GetSafeJavascriptValue(value)); + } + + /// <summary> + /// Creates the panel whose contents are displayed to the user + /// on a user agent that has an Information Card selector. + /// </summary> + /// <returns>The Panel control</returns> + [Pure] + private Panel CreateInfoCardSupportedPanel() { + Contract.Ensures(Contract.Result<Panel>() != null); + + Panel supportedPanel = new Panel(); + + try { + if (!this.DesignMode) { + // At the user agent, assume InfoCard is not supported until + // the JavaScript discovers otherwise and reveals this panel. + supportedPanel.Style[HtmlTextWriterStyle.Display] = "none"; + } + + supportedPanel.Controls.Add(this.CreateInfoCardImage()); + + // trigger the selector at page load? + if (this.AutoPopup && !this.Page.IsPostBack) { + this.Page.ClientScript.RegisterStartupScript( + typeof(InfoCardSelector), + "selector_load_trigger", + this.GetInfoCardSelectorActivationScript(true), + true); + } + return supportedPanel; + } catch { + supportedPanel.Dispose(); + throw; + } + } + + /// <summary> + /// Gets the InfoCard selector activation script. + /// </summary> + /// <param name="alwaysPostback">Whether a postback should always immediately follow the selector, even if <see cref="AutoPostBack"/> is <c>false</c>.</param> + /// <returns>The javascript to inject into the surrounding context.</returns> + private string GetInfoCardSelectorActivationScript(bool alwaysPostback) { + // generate call do __doPostback + PostBackOptions options = new PostBackOptions(this); + string postback = string.Empty; + if (alwaysPostback || this.AutoPostBack) { + postback = this.Page.ClientScript.GetPostBackEventReference(options) + ";"; + } + + // generate the onclick script for the image + string invokeScript = string.Format( + CultureInfo.InvariantCulture, + @"if (document.infoCard.activate('{0}', '{1}')) {{ {2} }}", + this.SelectorObjectId, + this.HiddenFieldName, + postback); + + return invokeScript; + } + + /// <summary> + /// Creates the panel whose contents are displayed to the user + /// on a user agent that does not have an Information Card selector. + /// </summary> + /// <returns>The Panel control.</returns> + [Pure] + private Panel CreateInfoCardUnsupportedPanel() { + Contract.Ensures(Contract.Result<Panel>() != null); + + Panel unsupportedPanel = new Panel(); + try { + if (this.UnsupportedTemplate != null) { + this.UnsupportedTemplate.InstantiateIn(unsupportedPanel); + } + return unsupportedPanel; + } catch { + unsupportedPanel.Dispose(); + throw; + } + } + + /// <summary> + /// Adds the javascript that adds the info card selector <object> HTML tag to the page. + /// </summary> + [Pure] + private void RegisterInfoCardSelectorObjectScript() { + string scriptFormat = @"{{ + var obj = document.createElement('object'); + obj.type = 'application/x-informationcard'; + obj.id = {0}; + obj.style.display = 'none'; +"; + StringBuilder script = new StringBuilder(); + script.AppendFormat( + CultureInfo.InvariantCulture, + scriptFormat, + MessagingUtilities.GetSafeJavascriptValue(this.ClientID + "_cs")); + + if (!string.IsNullOrEmpty(this.Issuer)) { + script.AppendLine(CreateParamJs("issuer", this.Issuer)); + } + + if (!string.IsNullOrEmpty(this.IssuerPolicy)) { + script.AppendLine(CreateParamJs("issuerPolicy", this.IssuerPolicy)); + } + + if (!string.IsNullOrEmpty(this.TokenType)) { + script.AppendLine(CreateParamJs("tokenType", this.TokenType)); + } + + string requiredClaims, optionalClaims; + this.GetRequestedClaims(out requiredClaims, out optionalClaims); + ErrorUtilities.VerifyArgument(!string.IsNullOrEmpty(requiredClaims) || !string.IsNullOrEmpty(optionalClaims), InfoCardStrings.EmptyClaimListNotAllowed); + if (!string.IsNullOrEmpty(requiredClaims)) { + script.AppendLine(CreateParamJs("requiredClaims", requiredClaims)); + } + if (!string.IsNullOrEmpty(optionalClaims)) { + script.AppendLine(CreateParamJs("optionalClaims", optionalClaims)); + } + + if (!string.IsNullOrEmpty(this.PrivacyUrl)) { + string privacyUrl = this.DesignMode ? this.PrivacyUrl : new Uri(Page.Request.Url, Page.ResolveUrl(this.PrivacyUrl)).AbsoluteUri; + script.AppendLine(CreateParamJs("privacyUrl", privacyUrl)); + } + + if (!string.IsNullOrEmpty(this.PrivacyVersion)) { + script.AppendLine(CreateParamJs("privacyVersion", this.PrivacyVersion)); + } + + script.AppendLine(@"if (document.infoCard.isSupported()) { document.write(obj.outerHTML); } +}"); + + this.Page.ClientScript.RegisterClientScriptBlock(typeof(InfoCardSelector), this.ClientID + "tag", script.ToString(), true); + } + + /// <summary> + /// Creates the info card clickable image. + /// </summary> + /// <returns>An Image object.</returns> + [Pure] + private Image CreateInfoCardImage() { + // add clickable image + Image image = new Image(); + try { + image.ImageUrl = this.Page.ClientScript.GetWebResourceUrl(typeof(InfoCardSelector), InfoCardImage.GetImageManifestResourceStreamName(this.ImageSize)); + image.AlternateText = InfoCardStrings.SelectorClickPrompt; + image.ToolTip = this.ToolTip; + image.Style[HtmlTextWriterStyle.Cursor] = "hand"; + + image.Attributes["onclick"] = this.GetInfoCardSelectorActivationScript(false); + return image; + } catch { + image.Dispose(); + throw; + } + } + + /// <summary> + /// Compiles lists of requested/required claims that should accompany + /// any submitted Information Card. + /// </summary> + /// <param name="required">A space-delimited list of claim type URIs for claims that must be included in a submitted Information Card.</param> + /// <param name="optional">A space-delimited list of claim type URIs for claims that may optionally be included in a submitted Information Card.</param> + [Pure] + private void GetRequestedClaims(out string required, out string optional) { + Contract.Requires<InvalidOperationException>(this.ClaimsRequested != null); + Contract.Ensures(Contract.ValueAtReturn<string>(out required) != null); + Contract.Ensures(Contract.ValueAtReturn<string>(out optional) != null); + + var nonEmptyClaimTypes = this.ClaimsRequested.Where(c => c.Name != null); + + var optionalClaims = from claim in nonEmptyClaimTypes + where claim.IsOptional + select claim.Name; + var requiredClaims = from claim in nonEmptyClaimTypes + where !claim.IsOptional + select claim.Name; + + string[] requiredClaimsArray = requiredClaims.ToArray(); + string[] optionalClaimsArray = optionalClaims.ToArray(); + required = string.Join(" ", requiredClaimsArray); + optional = string.Join(" ", optionalClaimsArray); + Contract.Assume(required != null); + Contract.Assume(optional != null); + } + + /// <summary> + /// Adds Javascript snippets to the page to help the Information Card selector do its work, + /// or to downgrade gracefully if the user agent lacks an Information Card selector. + /// </summary> + private void RenderSupportingScript() { + Contract.Requires<InvalidOperationException>(this.infoCardSupportedPanel != null); + + this.Page.ClientScript.RegisterClientScriptResource(typeof(InfoCardSelector), ScriptResourceName); + + if (this.RenderMode == RenderMode.Static) { + this.Page.ClientScript.RegisterStartupScript( + typeof(InfoCardSelector), + "SelectorSupportingScript_" + this.ClientID, + string.Format(CultureInfo.InvariantCulture, "document.infoCard.checkStatic('{0}', '{1}');", this.infoCardSupportedPanel.ClientID, this.infoCardNotSupportedPanel.ClientID), + true); + } else if (RenderMode == RenderMode.Dynamic) { + this.Page.ClientScript.RegisterStartupScript( + typeof(InfoCardSelector), + "SelectorSupportingScript_" + this.ClientID, + string.Format(CultureInfo.InvariantCulture, "document.infoCard.checkDynamic('{0}', '{1}');", this.infoCardSupportedPanel.ClientID, this.infoCardNotSupportedPanel.ClientID), + true); + } + } + } +} diff --git a/src/DotNetOpenAuth.InfoCard/InfoCard/InfoCardStrings.Designer.cs b/src/DotNetOpenAuth.InfoCard/InfoCard/InfoCardStrings.Designer.cs new file mode 100644 index 0000000..a6d3dcf --- /dev/null +++ b/src/DotNetOpenAuth.InfoCard/InfoCard/InfoCardStrings.Designer.cs @@ -0,0 +1,117 @@ +//------------------------------------------------------------------------------ +// <auto-generated> +// This code was generated by a tool. +// Runtime Version:4.0.30104.0 +// +// Changes to this file may cause incorrect behavior and will be lost if +// the code is regenerated. +// </auto-generated> +//------------------------------------------------------------------------------ + +namespace DotNetOpenAuth.InfoCard { + using System; + + + /// <summary> + /// A strongly-typed resource class, for looking up localized strings, etc. + /// </summary> + // This class was auto-generated by the StronglyTypedResourceBuilder + // class via a tool like ResGen or Visual Studio. + // To add or remove a member, edit your .ResX file then rerun ResGen + // with the /str option, or rebuild your VS project. + [global::System.CodeDom.Compiler.GeneratedCodeAttribute("System.Resources.Tools.StronglyTypedResourceBuilder", "4.0.0.0")] + [global::System.Diagnostics.DebuggerNonUserCodeAttribute()] + [global::System.Runtime.CompilerServices.CompilerGeneratedAttribute()] + internal class InfoCardStrings { + + private static global::System.Resources.ResourceManager resourceMan; + + private static global::System.Globalization.CultureInfo resourceCulture; + + [global::System.Diagnostics.CodeAnalysis.SuppressMessageAttribute("Microsoft.Performance", "CA1811:AvoidUncalledPrivateCode")] + internal InfoCardStrings() { + } + + /// <summary> + /// Returns the cached ResourceManager instance used by this class. + /// </summary> + [global::System.ComponentModel.EditorBrowsableAttribute(global::System.ComponentModel.EditorBrowsableState.Advanced)] + internal static global::System.Resources.ResourceManager ResourceManager { + get { + if (object.ReferenceEquals(resourceMan, null)) { + global::System.Resources.ResourceManager temp = new global::System.Resources.ResourceManager("DotNetOpenAuth.InfoCard.InfoCardStrings", typeof(InfoCardStrings).Assembly); + resourceMan = temp; + } + return resourceMan; + } + } + + /// <summary> + /// Overrides the current thread's CurrentUICulture property for all + /// resource lookups using this strongly typed resource class. + /// </summary> + [global::System.ComponentModel.EditorBrowsableAttribute(global::System.ComponentModel.EditorBrowsableState.Advanced)] + internal static global::System.Globalization.CultureInfo Culture { + get { + return resourceCulture; + } + set { + resourceCulture = value; + } + } + + /// <summary> + /// Looks up a localized string similar to The token is invalid: The audience restrictions does not match the Relying Party.. + /// </summary> + internal static string AudienceMismatch { + get { + return ResourceManager.GetString("AudienceMismatch", resourceCulture); + } + } + + /// <summary> + /// Looks up a localized string similar to The list of claims requested for inclusion in the InfoCard must be non-empty.. + /// </summary> + internal static string EmptyClaimListNotAllowed { + get { + return ResourceManager.GetString("EmptyClaimListNotAllowed", resourceCulture); + } + } + + /// <summary> + /// Looks up a localized string similar to Failed to find the encryptionAlgorithm.. + /// </summary> + internal static string EncryptionAlgorithmNotFound { + get { + return ResourceManager.GetString("EncryptionAlgorithmNotFound", resourceCulture); + } + } + + /// <summary> + /// Looks up a localized string similar to This operation requires the PPID claim to be included in the InfoCard token.. + /// </summary> + internal static string PpidClaimRequired { + get { + return ResourceManager.GetString("PpidClaimRequired", resourceCulture); + } + } + + /// <summary> + /// Looks up a localized string similar to The PrivacyVersion property must be set whenever the PrivacyUrl property is set.. + /// </summary> + internal static string PrivacyVersionRequiredWithPrivacyUrl { + get { + return ResourceManager.GetString("PrivacyVersionRequiredWithPrivacyUrl", resourceCulture); + } + } + + /// <summary> + /// Looks up a localized string similar to Click here to select your Information Card.. + /// </summary> + internal static string SelectorClickPrompt { + get { + return ResourceManager.GetString("SelectorClickPrompt", resourceCulture); + } + } + } +} diff --git a/src/DotNetOpenAuth.InfoCard/InfoCard/InfoCardStrings.resx b/src/DotNetOpenAuth.InfoCard/InfoCard/InfoCardStrings.resx new file mode 100644 index 0000000..956b321 --- /dev/null +++ b/src/DotNetOpenAuth.InfoCard/InfoCard/InfoCardStrings.resx @@ -0,0 +1,138 @@ +<?xml version="1.0" encoding="utf-8"?> +<root> + <!-- + Microsoft ResX Schema + + Version 2.0 + + The primary goals of this format is to allow a simple XML format + that is mostly human readable. The generation and parsing of the + various data types are done through the TypeConverter classes + associated with the data types. + + Example: + + ... ado.net/XML headers & schema ... + <resheader name="resmimetype">text/microsoft-resx</resheader> + <resheader name="version">2.0</resheader> + <resheader name="reader">System.Resources.ResXResourceReader, System.Windows.Forms, ...</resheader> + <resheader name="writer">System.Resources.ResXResourceWriter, System.Windows.Forms, ...</resheader> + <data name="Name1"><value>this is my long string</value><comment>this is a comment</comment></data> + <data name="Color1" type="System.Drawing.Color, System.Drawing">Blue</data> + <data name="Bitmap1" mimetype="application/x-microsoft.net.object.binary.base64"> + <value>[base64 mime encoded serialized .NET Framework object]</value> + </data> + <data name="Icon1" type="System.Drawing.Icon, System.Drawing" mimetype="application/x-microsoft.net.object.bytearray.base64"> + <value>[base64 mime encoded string representing a byte array form of the .NET Framework object]</value> + <comment>This is a comment</comment> + </data> + + There are any number of "resheader" rows that contain simple + name/value pairs. + + Each data row contains a name, and value. The row also contains a + type or mimetype. Type corresponds to a .NET class that support + text/value conversion through the TypeConverter architecture. + Classes that don't support this are serialized and stored with the + mimetype set. + + The mimetype is used for serialized objects, and tells the + ResXResourceReader how to depersist the object. This is currently not + extensible. For a given mimetype the value must be set accordingly: + + Note - application/x-microsoft.net.object.binary.base64 is the format + that the ResXResourceWriter will generate, however the reader can + read any of the formats listed below. + + mimetype: application/x-microsoft.net.object.binary.base64 + value : The object must be serialized with + : System.Runtime.Serialization.Formatters.Binary.BinaryFormatter + : and then encoded with base64 encoding. + + mimetype: application/x-microsoft.net.object.soap.base64 + value : The object must be serialized with + : System.Runtime.Serialization.Formatters.Soap.SoapFormatter + : and then encoded with base64 encoding. + + mimetype: application/x-microsoft.net.object.bytearray.base64 + value : The object must be serialized into a byte array + : using a System.ComponentModel.TypeConverter + : and then encoded with base64 encoding. + --> + <xsd:schema id="root" xmlns="" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:msdata="urn:schemas-microsoft-com:xml-msdata"> + <xsd:import namespace="http://www.w3.org/XML/1998/namespace" /> + <xsd:element name="root" msdata:IsDataSet="true"> + <xsd:complexType> + <xsd:choice maxOccurs="unbounded"> + <xsd:element name="metadata"> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="value" type="xsd:string" minOccurs="0" /> + </xsd:sequence> + <xsd:attribute name="name" use="required" type="xsd:string" /> + <xsd:attribute name="type" type="xsd:string" /> + <xsd:attribute name="mimetype" type="xsd:string" /> + <xsd:attribute ref="xml:space" /> + </xsd:complexType> + </xsd:element> + <xsd:element name="assembly"> + <xsd:complexType> + <xsd:attribute name="alias" type="xsd:string" /> + <xsd:attribute name="name" type="xsd:string" /> + </xsd:complexType> + </xsd:element> + <xsd:element name="data"> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="value" type="xsd:string" minOccurs="0" msdata:Ordinal="1" /> + <xsd:element name="comment" type="xsd:string" minOccurs="0" msdata:Ordinal="2" /> + </xsd:sequence> + <xsd:attribute name="name" type="xsd:string" use="required" msdata:Ordinal="1" /> + <xsd:attribute name="type" type="xsd:string" msdata:Ordinal="3" /> + <xsd:attribute name="mimetype" type="xsd:string" msdata:Ordinal="4" /> + <xsd:attribute ref="xml:space" /> + </xsd:complexType> + </xsd:element> + <xsd:element name="resheader"> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="value" type="xsd:string" minOccurs="0" msdata:Ordinal="1" /> + </xsd:sequence> + <xsd:attribute name="name" type="xsd:string" use="required" /> + </xsd:complexType> + </xsd:element> + </xsd:choice> + </xsd:complexType> + </xsd:element> + </xsd:schema> + <resheader name="resmimetype"> + <value>text/microsoft-resx</value> + </resheader> + <resheader name="version"> + <value>2.0</value> + </resheader> + <resheader name="reader"> + <value>System.Resources.ResXResourceReader, System.Windows.Forms, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</value> + </resheader> + <resheader name="writer"> + <value>System.Resources.ResXResourceWriter, System.Windows.Forms, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</value> + </resheader> + <data name="AudienceMismatch" xml:space="preserve"> + <value>The token is invalid: The audience restrictions does not match the Relying Party.</value> + </data> + <data name="EmptyClaimListNotAllowed" xml:space="preserve"> + <value>The list of claims requested for inclusion in the InfoCard must be non-empty.</value> + </data> + <data name="EncryptionAlgorithmNotFound" xml:space="preserve"> + <value>Failed to find the encryptionAlgorithm.</value> + </data> + <data name="PpidClaimRequired" xml:space="preserve"> + <value>This operation requires the PPID claim to be included in the InfoCard token.</value> + </data> + <data name="PrivacyVersionRequiredWithPrivacyUrl" xml:space="preserve"> + <value>The PrivacyVersion property must be set whenever the PrivacyUrl property is set.</value> + </data> + <data name="SelectorClickPrompt" xml:space="preserve"> + <value>Click here to select your Information Card.</value> + </data> +</root>
\ No newline at end of file diff --git a/src/DotNetOpenAuth.InfoCard/InfoCard/InfoCardStrings.sr.resx b/src/DotNetOpenAuth.InfoCard/InfoCard/InfoCardStrings.sr.resx new file mode 100644 index 0000000..9df0429 --- /dev/null +++ b/src/DotNetOpenAuth.InfoCard/InfoCard/InfoCardStrings.sr.resx @@ -0,0 +1,135 @@ +<?xml version="1.0" encoding="utf-8"?> +<root> + <!-- + Microsoft ResX Schema + + Version 2.0 + + The primary goals of this format is to allow a simple XML format + that is mostly human readable. The generation and parsing of the + various data types are done through the TypeConverter classes + associated with the data types. + + Example: + + ... ado.net/XML headers & schema ... + <resheader name="resmimetype">text/microsoft-resx</resheader> + <resheader name="version">2.0</resheader> + <resheader name="reader">System.Resources.ResXResourceReader, System.Windows.Forms, ...</resheader> + <resheader name="writer">System.Resources.ResXResourceWriter, System.Windows.Forms, ...</resheader> + <data name="Name1"><value>this is my long string</value><comment>this is a comment</comment></data> + <data name="Color1" type="System.Drawing.Color, System.Drawing">Blue</data> + <data name="Bitmap1" mimetype="application/x-microsoft.net.object.binary.base64"> + <value>[base64 mime encoded serialized .NET Framework object]</value> + </data> + <data name="Icon1" type="System.Drawing.Icon, System.Drawing" mimetype="application/x-microsoft.net.object.bytearray.base64"> + <value>[base64 mime encoded string representing a byte array form of the .NET Framework object]</value> + <comment>This is a comment</comment> + </data> + + There are any number of "resheader" rows that contain simple + name/value pairs. + + Each data row contains a name, and value. The row also contains a + type or mimetype. Type corresponds to a .NET class that support + text/value conversion through the TypeConverter architecture. + Classes that don't support this are serialized and stored with the + mimetype set. + + The mimetype is used for serialized objects, and tells the + ResXResourceReader how to depersist the object. This is currently not + extensible. For a given mimetype the value must be set accordingly: + + Note - application/x-microsoft.net.object.binary.base64 is the format + that the ResXResourceWriter will generate, however the reader can + read any of the formats listed below. + + mimetype: application/x-microsoft.net.object.binary.base64 + value : The object must be serialized with + : System.Runtime.Serialization.Formatters.Binary.BinaryFormatter + : and then encoded with base64 encoding. + + mimetype: application/x-microsoft.net.object.soap.base64 + value : The object must be serialized with + : System.Runtime.Serialization.Formatters.Soap.SoapFormatter + : and then encoded with base64 encoding. + + mimetype: application/x-microsoft.net.object.bytearray.base64 + value : The object must be serialized into a byte array + : using a System.ComponentModel.TypeConverter + : and then encoded with base64 encoding. + --> + <xsd:schema id="root" xmlns="" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:msdata="urn:schemas-microsoft-com:xml-msdata"> + <xsd:import namespace="http://www.w3.org/XML/1998/namespace" /> + <xsd:element name="root" msdata:IsDataSet="true"> + <xsd:complexType> + <xsd:choice maxOccurs="unbounded"> + <xsd:element name="metadata"> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="value" type="xsd:string" minOccurs="0" /> + </xsd:sequence> + <xsd:attribute name="name" use="required" type="xsd:string" /> + <xsd:attribute name="type" type="xsd:string" /> + <xsd:attribute name="mimetype" type="xsd:string" /> + <xsd:attribute ref="xml:space" /> + </xsd:complexType> + </xsd:element> + <xsd:element name="assembly"> + <xsd:complexType> + <xsd:attribute name="alias" type="xsd:string" /> + <xsd:attribute name="name" type="xsd:string" /> + </xsd:complexType> + </xsd:element> + <xsd:element name="data"> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="value" type="xsd:string" minOccurs="0" msdata:Ordinal="1" /> + <xsd:element name="comment" type="xsd:string" minOccurs="0" msdata:Ordinal="2" /> + </xsd:sequence> + <xsd:attribute name="name" type="xsd:string" use="required" msdata:Ordinal="1" /> + <xsd:attribute name="type" type="xsd:string" msdata:Ordinal="3" /> + <xsd:attribute name="mimetype" type="xsd:string" msdata:Ordinal="4" /> + <xsd:attribute ref="xml:space" /> + </xsd:complexType> + </xsd:element> + <xsd:element name="resheader"> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="value" type="xsd:string" minOccurs="0" msdata:Ordinal="1" /> + </xsd:sequence> + <xsd:attribute name="name" type="xsd:string" use="required" /> + </xsd:complexType> + </xsd:element> + </xsd:choice> + </xsd:complexType> + </xsd:element> + </xsd:schema> + <resheader name="resmimetype"> + <value>text/microsoft-resx</value> + </resheader> + <resheader name="version"> + <value>2.0</value> + </resheader> + <resheader name="reader"> + <value>System.Resources.ResXResourceReader, System.Windows.Forms, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</value> + </resheader> + <resheader name="writer"> + <value>System.Resources.ResXResourceWriter, System.Windows.Forms, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</value> + </resheader> + <data name="AudienceMismatch" xml:space="preserve"> + <value>Token je neispravan: restrikcije u prijemu se ne slažu sa Relying Party.</value> + </data> + <data name="EmptyClaimListNotAllowed" xml:space="preserve"> + <value>Tražena lista zahteva za uključivanje u InfoCard ne sme biti prazna.</value> + </data> + <data name="EncryptionAlgorithmNotFound" xml:space="preserve"> + <value>encryptionAlgorithm nije pronađen.</value> + </data> + <data name="PpidClaimRequired" xml:space="preserve"> + <value>Ova operacija zahteva da PPID zahtev bude uključen u InfoCard token.</value> + </data> + <data name="SelectorClickPrompt" xml:space="preserve"> + <value>Kliknite ovde da odaberete vaš Information Card.</value> + </data> +</root>
\ No newline at end of file diff --git a/src/DotNetOpenAuth.InfoCard/InfoCard/ReceivedTokenEventArgs.cs b/src/DotNetOpenAuth.InfoCard/InfoCard/ReceivedTokenEventArgs.cs new file mode 100644 index 0000000..f325ff9 --- /dev/null +++ b/src/DotNetOpenAuth.InfoCard/InfoCard/ReceivedTokenEventArgs.cs @@ -0,0 +1,42 @@ +//----------------------------------------------------------------------- +// <copyright file="ReceivedTokenEventArgs.cs" company="Andrew Arnott"> +// Copyright (c) Andrew Arnott. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- + +namespace DotNetOpenAuth.InfoCard { + using System; + using System.Diagnostics.CodeAnalysis; + using System.Diagnostics.Contracts; + using System.Xml.XPath; + + /// <summary> + /// Arguments for the <see cref="InfoCardSelector.ReceivedToken"/> event. + /// </summary> + public class ReceivedTokenEventArgs : EventArgs { + /// <summary> + /// Initializes a new instance of the <see cref="ReceivedTokenEventArgs"/> class. + /// </summary> + /// <param name="token">The token.</param> + internal ReceivedTokenEventArgs(Token token) { + this.Token = token; + } + + /// <summary> + /// Gets the processed token. + /// </summary> + public Token Token { get; private set; } + +#if CONTRACTS_FULL + /// <summary> + /// Verifies conditions that should be true for any valid state of this object. + /// </summary> + [SuppressMessage("Microsoft.Performance", "CA1822:MarkMembersAsStatic", Justification = "Called by code contracts.")] + [SuppressMessage("Microsoft.Performance", "CA1811:AvoidUncalledPrivateCode", Justification = "Called by code contracts.")] + [ContractInvariantMethod] + private void ObjectInvariant() { + Contract.Invariant(this.Token != null); + } +#endif + } +} diff --git a/src/DotNetOpenAuth.InfoCard/InfoCard/ReceivingTokenEventArgs.cs b/src/DotNetOpenAuth.InfoCard/InfoCard/ReceivingTokenEventArgs.cs new file mode 100644 index 0000000..3dd892a --- /dev/null +++ b/src/DotNetOpenAuth.InfoCard/InfoCard/ReceivingTokenEventArgs.cs @@ -0,0 +1,100 @@ +//----------------------------------------------------------------------- +// <copyright file="ReceivingTokenEventArgs.cs" company="Andrew Arnott"> +// Copyright (c) Andrew Arnott. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- + +namespace DotNetOpenAuth.InfoCard { + using System; + using System.Collections.Generic; + using System.Diagnostics.CodeAnalysis; + using System.Diagnostics.Contracts; + using System.IdentityModel.Tokens; + using System.Security.Cryptography.X509Certificates; + + /// <summary> + /// Arguments for the <see cref="InfoCardSelector.ReceivingToken"/> event. + /// </summary> + public class ReceivingTokenEventArgs : EventArgs { + /// <summary> + /// Initializes a new instance of the <see cref="ReceivingTokenEventArgs"/> class. + /// </summary> + /// <param name="tokenXml">The raw token XML, prior to any decryption.</param> + internal ReceivingTokenEventArgs(string tokenXml) { + Contract.Requires<ArgumentNullException>(tokenXml != null); + + this.TokenXml = tokenXml; + this.IsEncrypted = Token.IsEncrypted(this.TokenXml); + this.DecryptingTokens = new List<SecurityToken>(); + } + + /// <summary> + /// Gets a value indicating whether the token is encrypted. + /// </summary> + /// <value> + /// <c>true</c> if the token is encrypted; otherwise, <c>false</c>. + /// </value> + public bool IsEncrypted { get; private set; } + + /// <summary> + /// Gets the raw token XML, prior to any decryption. + /// </summary> + public string TokenXml { get; private set; } + + /// <summary> + /// Gets or sets a value indicating whether processing + /// this token should be canceled. + /// </summary> + /// <value><c>true</c> if cancel; otherwise, <c>false</c>.</value> + /// <remarks> + /// If set the <c>true</c>, the <see cref="InfoCardSelector.ReceivedToken"/> + /// event will never be fired. + /// </remarks> + public bool Cancel { get; set; } + + /// <summary> + /// Gets a list where security tokens such as X.509 certificates may be + /// added to be used for token decryption. + /// </summary> + internal IList<SecurityToken> DecryptingTokens { get; private set; } + + /// <summary> + /// Adds a security token that may be used to decrypt the incoming token. + /// </summary> + /// <param name="securityToken">The security token.</param> + public void AddDecryptingToken(SecurityToken securityToken) { + Contract.Requires<ArgumentNullException>(securityToken != null); + this.DecryptingTokens.Add(securityToken); + } + + /// <summary> + /// Adds an X.509 certificate with a private key that may be used to decrypt the incoming token. + /// </summary> + /// <param name="certificate">The certificate.</param> + [SuppressMessage("Microsoft.Reliability", "CA2000:Dispose objects before losing scope", Justification = "False positive")] + public void AddDecryptingToken(X509Certificate2 certificate) { + Contract.Requires<ArgumentNullException>(certificate != null); + Contract.Requires<ArgumentException>(certificate.HasPrivateKey); + var cert = new X509SecurityToken(certificate); + try { + this.AddDecryptingToken(cert); + } catch { + cert.Dispose(); + throw; + } + } + +#if CONTRACTS_FULL + /// <summary> + /// Verifies conditions that should be true for any valid state of this object. + /// </summary> + [SuppressMessage("Microsoft.Performance", "CA1822:MarkMembersAsStatic", Justification = "Called by code contracts.")] + [SuppressMessage("Microsoft.Performance", "CA1811:AvoidUncalledPrivateCode", Justification = "Called by code contracts.")] + [ContractInvariantMethod] + private void ObjectInvariant() { + Contract.Invariant(this.TokenXml != null); + Contract.Invariant(this.DecryptingTokens != null); + } +#endif + } +} diff --git a/src/DotNetOpenAuth.InfoCard/InfoCard/SupportingScript.js b/src/DotNetOpenAuth.InfoCard/InfoCard/SupportingScript.js new file mode 100644 index 0000000..a883cd7 --- /dev/null +++ b/src/DotNetOpenAuth.InfoCard/InfoCard/SupportingScript.js @@ -0,0 +1,126 @@ +/*jslint white: true, onevar: true, browser: true, undef: true, nomen: true, plusplus: true, bitwise: true, regexp: true, strict: true, newcap: true, immed: true */ +"use strict"; +document.infoCard = { + isSupported: function () { + /// <summary> + /// Determines if information cards are supported by the + /// browser. + /// </summary> + /// <returns> + /// true-if the browser supports information cards. + ///</returns> + var IEVer, embed, x, event; + + IEVer = -1; + if (navigator.appName === 'Microsoft Internet Explorer') { + if (new RegExp("MSIE ([0-9]{1,}[\\.0-9]{0,})").exec(navigator.userAgent) !== null) { + IEVer = parseFloat(RegExp.$1); + } + } + + // Look for IE 7+. + if (IEVer >= 7) { + embed = document.createElement("object"); + embed.type = "application/x-informationcard"; + return embed.issuerPolicy !== undefined && embed.isInstalled; + } + + // not IE (any version) + if (IEVer < 0 && navigator.mimeTypes && navigator.mimeTypes.length) { + // check to see if there is a mimeType handler. + x = navigator.mimeTypes['application/x-informationcard']; + if (x && x.enabledPlugin) { + return true; + } + + // check for the IdentitySelector event handler is there. + if (document.addEventListener) { + event = document.createEvent("Events"); + event.initEvent("IdentitySelectorAvailable", true, true); + top.dispatchEvent(event); + + if (top.IdentitySelectorAvailable === true) { + return true; + } + } + } + + return false; + }, + + activate: function (selectorId, hiddenFieldName) { + var selector, hiddenField; + selector = document.getElementById(selectorId); + hiddenField = document.getElementsByName(hiddenFieldName)[0]; + try { + hiddenField.value = selector.value; + } catch (e) { + // Selector was canceled + return false; + } + if (hiddenField.value == 'undefined') { // really the string, not === undefined + // We're dealing with a bad FireFox selector plugin. + // Just add the control to the form by setting its name property and submit to activate. + selector.name = hiddenFieldName; + hiddenField.parentNode.removeChild(hiddenField); + return true; + } + return true; + }, + + hideStatic: function (divName) { + var div = document.getElementById(divName); + if (div) { + div.style.visibility = 'hidden'; + } + }, + + showStatic: function (divName) { + var div = document.getElementById(divName); + if (div) { + div.style.visibility = 'visible'; + } + }, + + hideDynamic: function (divName) { + var div = document.getElementById(divName); + if (div) { + div.style.display = 'none'; + } + }, + + showDynamic: function (divName) { + var div = document.getElementById(divName); + if (div) { + div.style.display = ''; + } + }, + + checkDynamic: function (controlDiv, unsupportedDiv) { + if (this.isSupported()) { + this.showDynamic(controlDiv); + if (unsupportedDiv) { + this.hideDynamic(unsupportedDiv); + } + } else { + this.hideDynamic(controlDiv); + if (unsupportedDiv) { + this.showDynamic(unsupportedDiv); + } + } + }, + + checkStatic: function (controlDiv, unsupportedDiv) { + if (this.isSupported()) { + this.showStatic(controlDiv); + if (unsupportedDiv) { + this.hideStatic(unsupportedDiv); + } + } else { + this.hideStatic(controlDiv); + if (unsupportedDiv) { + this.showDynamic(unsupportedDiv); + } + } + } +}; diff --git a/src/DotNetOpenAuth.InfoCard/InfoCard/Token/InformationCardException.cs b/src/DotNetOpenAuth.InfoCard/InfoCard/Token/InformationCardException.cs new file mode 100644 index 0000000..ff08be8 --- /dev/null +++ b/src/DotNetOpenAuth.InfoCard/InfoCard/Token/InformationCardException.cs @@ -0,0 +1,62 @@ +//----------------------------------------------------------------------- +// <copyright file="InformationCardException.cs" company="Andrew Arnott"> +// Copyright (c) Andrew Arnott. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- + +namespace DotNetOpenAuth.InfoCard { + using System; + using System.Runtime.Serialization; + using DotNetOpenAuth.Messaging; + + /// <summary> + /// An exception class for Information Cards. + /// </summary> + [Serializable] + public class InformationCardException : ProtocolException { + /// <summary> + /// Initializes a new instance of the <see cref="InformationCardException"/> class. + /// </summary> + public InformationCardException() { + } + + /// <summary> + /// Initializes a new instance of the <see cref="InformationCardException"/> class with a specified + /// error message. + /// </summary> + /// <param name="message">The error message.</param> + public InformationCardException(string message) + : base(message) { + } + + /// <summary> + /// Initializes a new instance of the <see cref="InformationCardException"/> class + /// with a specified error message and a reference to the inner exception that is + /// the cause of this exception. + /// </summary> + /// <param name="message">The error message that explains the reason for the exception.</param> + /// <param name="innerException"> + /// The exception that is the cause of the current exception, or a null reference + /// (Nothing in Visual Basic) if no inner exception is specified. + /// </param> + public InformationCardException(string message, Exception innerException) + : base(message, innerException) { + } + + /// <summary> + /// Initializes a new instance of the <see cref="InformationCardException"/> class + /// with serialized data. + /// </summary> + /// <param name="info">The <see cref="T:System.Runtime.Serialization.SerializationInfo"/> that holds the serialized object data about the exception being thrown.</param> + /// <param name="context">The <see cref="T:System.Runtime.Serialization.StreamingContext"/> that contains contextual information about the source or destination.</param> + /// <exception cref="T:System.ArgumentNullException"> + /// The <paramref name="info"/> parameter is null. + /// </exception> + /// <exception cref="T:System.Runtime.Serialization.SerializationException"> + /// The class name is null or <see cref="P:System.Exception.HResult"/> is zero (0). + /// </exception> + protected InformationCardException(SerializationInfo info, StreamingContext context) + : base(info, context) { + } + } +}
\ No newline at end of file diff --git a/src/DotNetOpenAuth.InfoCard/InfoCard/Token/Token.cs b/src/DotNetOpenAuth.InfoCard/InfoCard/Token/Token.cs new file mode 100644 index 0000000..3b6f573 --- /dev/null +++ b/src/DotNetOpenAuth.InfoCard/InfoCard/Token/Token.cs @@ -0,0 +1,269 @@ +//----------------------------------------------------------------------- +// <copyright file="Token.cs" company="Andrew Arnott, Microsoft Corporation"> +// Copyright (c) Andrew Arnott, Microsoft Corporation. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- + +namespace DotNetOpenAuth.InfoCard { + using System; + using System.Collections.Generic; + using System.Diagnostics.CodeAnalysis; + using System.Diagnostics.Contracts; + using System.IdentityModel.Claims; + using System.IdentityModel.Policy; + using System.IdentityModel.Tokens; + using System.IO; + using System.Linq; + using System.Text; + using System.Xml; + using System.Xml.XPath; + using DotNetOpenAuth.Messaging; + + /// <summary> + /// The decrypted token that was submitted as an Information Card. + /// </summary> + [ContractVerification(true)] + public class Token { + /// <summary> + /// Backing field for the <see cref="Claims"/> property. + /// </summary> + private IDictionary<string, string> claims; + + /// <summary> + /// Backing field for the <see cref="UniqueId"/> property. + /// </summary> + private string uniqueId; + + /// <summary> + /// Initializes a new instance of the <see cref="Token"/> class. + /// </summary> + /// <param name="tokenXml">Xml token, which may be encrypted.</param> + /// <param name="audience">The audience. May be <c>null</c> to avoid audience checking.</param> + /// <param name="decryptor">The decryptor to use to decrypt the token, if necessary..</param> + /// <exception cref="InformationCardException">Thrown for any problem decoding or decrypting the token.</exception> + [SuppressMessage("Microsoft.Usage", "CA2202:Do not dispose objects multiple times", Justification = "Not a problem for this type."), SuppressMessage("Microsoft.Reliability", "CA2000:Dispose objects before losing scope", Justification = "False positive")] + private Token(string tokenXml, Uri audience, TokenDecryptor decryptor) { + Contract.Requires<ArgumentException>(!String.IsNullOrEmpty(tokenXml)); + Contract.Requires<ArgumentException>(decryptor != null || !IsEncrypted(tokenXml)); + Contract.Ensures(this.AuthorizationContext != null); + + byte[] decryptedBytes; + string decryptedString; + + using (StringReader xmlReader = new StringReader(tokenXml)) { + using (XmlReader tokenReader = XmlReader.Create(xmlReader)) { + Contract.Assume(tokenReader != null); // BCL contract should say XmlReader.Create result != null + if (IsEncrypted(tokenReader)) { + Logger.InfoCard.DebugFormat("Incoming SAML token, before decryption: {0}", tokenXml); + decryptedBytes = decryptor.DecryptToken(tokenReader); + decryptedString = Encoding.UTF8.GetString(decryptedBytes); + Contract.Assume(decryptedString != null); // BCL contracts should be enhanced here + } else { + decryptedBytes = Encoding.UTF8.GetBytes(tokenXml); + decryptedString = tokenXml; + } + } + } + + var stringReader = new StringReader(decryptedString); + try { + this.Xml = new XPathDocument(stringReader).CreateNavigator(); + } catch { + stringReader.Dispose(); + throw; + } + + Logger.InfoCard.DebugFormat("Incoming SAML token, after any decryption: {0}", this.Xml.InnerXml); + this.AuthorizationContext = TokenUtility.AuthenticateToken(this.Xml.ReadSubtree(), audience); + } + + /// <summary> + /// Gets the AuthorizationContext behind this token. + /// </summary> + public AuthorizationContext AuthorizationContext { get; private set; } + + /// <summary> + /// Gets the the decrypted token XML. + /// </summary> + public XPathNavigator Xml { get; private set; } + + /// <summary> + /// Gets the UniqueID of this token, usable as a stable username that the user + /// has already verified belongs to him/her. + /// </summary> + /// <remarks> + /// By default, this uses the PPID and the Issuer's Public Key and hashes them + /// together to generate a UniqueID. + /// </remarks> + public string UniqueId { + get { + if (string.IsNullOrEmpty(this.uniqueId)) { + this.uniqueId = TokenUtility.GetUniqueName(this.AuthorizationContext); + } + + return this.uniqueId; + } + } + + /// <summary> + /// Gets the hash of the card issuer's public key. + /// </summary> + public string IssuerPubKeyHash { + get { return TokenUtility.GetIssuerPubKeyHash(this.AuthorizationContext); } + } + + /// <summary> + /// Gets the Site Specific ID that the user sees in the Identity Selector. + /// </summary> + public string SiteSpecificId { + get { + Contract.Requires<InvalidOperationException>(this.Claims.ContainsKey(ClaimTypes.PPID) && !string.IsNullOrEmpty(this.Claims[ClaimTypes.PPID])); + string ppidValue; + ErrorUtilities.VerifyOperation(this.Claims.TryGetValue(ClaimTypes.PPID, out ppidValue) && ppidValue != null, InfoCardStrings.PpidClaimRequired); + return TokenUtility.CalculateSiteSpecificID(ppidValue); + } + } + + /// <summary> + /// Gets the claims in all the claimsets as a dictionary of strings. + /// </summary> + public IDictionary<string, string> Claims { + get { + if (this.claims == null) { + this.claims = this.GetFlattenedClaims(); + } + + return this.claims; + } + } + + /// <summary> + /// Deserializes an XML document into a token. + /// </summary> + /// <param name="tokenXml">The token XML.</param> + /// <returns>The deserialized token.</returns> + public static Token Read(string tokenXml) { + Contract.Requires<ArgumentException>(!String.IsNullOrEmpty(tokenXml)); + return Read(tokenXml, (Uri)null); + } + + /// <summary> + /// Deserializes an XML document into a token. + /// </summary> + /// <param name="tokenXml">The token XML.</param> + /// <param name="audience">The URI that this token must have been crafted to be sent to. Use <c>null</c> to accept any intended audience.</param> + /// <returns>The deserialized token.</returns> + public static Token Read(string tokenXml, Uri audience) { + Contract.Requires<ArgumentException>(!String.IsNullOrEmpty(tokenXml)); + return Read(tokenXml, audience, Enumerable.Empty<SecurityToken>()); + } + + /// <summary> + /// Deserializes an XML document into a token. + /// </summary> + /// <param name="tokenXml">The token XML.</param> + /// <param name="decryptionTokens">Any X.509 certificates that may be used to decrypt the token, if necessary.</param> + /// <returns>The deserialized token.</returns> + public static Token Read(string tokenXml, IEnumerable<SecurityToken> decryptionTokens) { + Contract.Requires<ArgumentException>(!String.IsNullOrEmpty(tokenXml)); + Contract.Requires<ArgumentNullException>(decryptionTokens != null); + return Read(tokenXml, null, decryptionTokens); + } + + /// <summary> + /// Deserializes an XML document into a token. + /// </summary> + /// <param name="tokenXml">The token XML.</param> + /// <param name="audience">The URI that this token must have been crafted to be sent to. Use <c>null</c> to accept any intended audience.</param> + /// <param name="decryptionTokens">Any X.509 certificates that may be used to decrypt the token, if necessary.</param> + /// <returns>The deserialized token.</returns> + public static Token Read(string tokenXml, Uri audience, IEnumerable<SecurityToken> decryptionTokens) { + Contract.Requires<ArgumentException>(!String.IsNullOrEmpty(tokenXml)); + Contract.Requires<ArgumentNullException>(decryptionTokens != null); + Contract.Ensures(Contract.Result<Token>() != null); + + TokenDecryptor decryptor = null; + + if (IsEncrypted(tokenXml)) { + decryptor = new TokenDecryptor(); + decryptor.Tokens.AddRange(decryptionTokens); + } + + return new Token(tokenXml, audience, decryptor); + } + + /// <summary> + /// Determines whether the specified token XML is encrypted. + /// </summary> + /// <param name="tokenXml">The token XML.</param> + /// <returns> + /// <c>true</c> if the specified token XML is encrypted; otherwise, <c>false</c>. + /// </returns> + [SuppressMessage("Microsoft.Reliability", "CA2000:Dispose objects before losing scope", Justification = "False positive"), Pure] + internal static bool IsEncrypted(string tokenXml) { + Contract.Requires<ArgumentNullException>(tokenXml != null); + + var stringReader = new StringReader(tokenXml); + XmlReader tokenReader; + try { + tokenReader = XmlReader.Create(stringReader); + } catch { + stringReader.Dispose(); + throw; + } + + try { + Contract.Assume(tokenReader != null); // CC missing for XmlReader.Create + return IsEncrypted(tokenReader); + } catch { + IDisposable disposableReader = tokenReader; + disposableReader.Dispose(); + throw; + } + } + + /// <summary> + /// Determines whether the specified token XML is encrypted. + /// </summary> + /// <param name="tokenXmlReader">The token XML.</param> + /// <returns> + /// <c>true</c> if the specified token XML is encrypted; otherwise, <c>false</c>. + /// </returns> + private static bool IsEncrypted(XmlReader tokenXmlReader) { + Contract.Requires<ArgumentNullException>(tokenXmlReader != null); + return tokenXmlReader.IsStartElement(TokenDecryptor.XmlEncryptionStrings.EncryptedData, TokenDecryptor.XmlEncryptionStrings.Namespace); + } + +#if CONTRACTS_FULL + /// <summary> + /// Verifies conditions that should be true for any valid state of this object. + /// </summary> + [SuppressMessage("Microsoft.Performance", "CA1822:MarkMembersAsStatic", Justification = "Called by code contracts.")] + [SuppressMessage("Microsoft.Performance", "CA1811:AvoidUncalledPrivateCode", Justification = "Called by code contracts.")] + [ContractInvariantMethod] + private void ObjectInvariant() { + Contract.Invariant(this.AuthorizationContext != null); + } +#endif + + /// <summary> + /// Flattens the claims into a dictionary + /// </summary> + /// <returns>A dictionary of claim type URIs and claim values.</returns> + [SuppressMessage("Microsoft.Design", "CA1024:UsePropertiesWhereAppropriate", Justification = "Expensive call.")] + [Pure] + private IDictionary<string, string> GetFlattenedClaims() { + var flattenedClaims = new Dictionary<string, string>(); + + foreach (ClaimSet set in this.AuthorizationContext.ClaimSets) { + foreach (Claim claim in set) { + if (claim.Right == Rights.PossessProperty) { + flattenedClaims.Add(claim.ClaimType, TokenUtility.GetResourceValue(claim)); + } + } + } + + return flattenedClaims; + } + } +} diff --git a/src/DotNetOpenAuth.InfoCard/InfoCard/Token/TokenDecryptor.cs b/src/DotNetOpenAuth.InfoCard/InfoCard/Token/TokenDecryptor.cs new file mode 100644 index 0000000..9424480 --- /dev/null +++ b/src/DotNetOpenAuth.InfoCard/InfoCard/Token/TokenDecryptor.cs @@ -0,0 +1,210 @@ +//----------------------------------------------------------------------- +// <copyright file="TokenDecryptor.cs" company="Microsoft Corporation"> +// Copyright (c) Microsoft Corporation. All rights reserved. +// </copyright> +// <license> +// Microsoft Public License (Ms-PL). +// See http://www.microsoft.com/opensource/licenses.mspx#Ms-PL +// </license> +// <author>This file was subsequently modified by Andrew Arnott.</author> +//----------------------------------------------------------------------- + +namespace DotNetOpenAuth.InfoCard { + using System; + using System.Collections.Generic; + using System.Diagnostics.CodeAnalysis; + using System.Diagnostics.Contracts; + using System.IdentityModel.Selectors; + using System.IdentityModel.Tokens; + using System.Linq; + using System.Security.Cryptography; + using System.Security.Cryptography.X509Certificates; + using System.ServiceModel.Security; + using System.Xml; + using DotNetOpenAuth.Messaging; + + /// <summary> + /// A utility class for decrypting InfoCard tokens. + /// </summary> + [SuppressMessage("Microsoft.Naming", "CA1704:IdentifiersShouldBeSpelledCorrectly", MessageId = "Decryptor", Justification = "By design")] + internal class TokenDecryptor { + /// <summary> + /// Backing field for the <see cref="Tokens"/> property. + /// </summary> + private List<SecurityToken> tokens; + + /// <summary> + /// Initializes a new instance of the <see cref="TokenDecryptor"/> class. + /// </summary> + internal TokenDecryptor() { + this.tokens = new List<SecurityToken>(); + StoreName storeName = StoreName.My; + StoreLocation storeLocation = StoreLocation.LocalMachine; + this.AddDecryptionCertificates(storeName, storeLocation); + } + + /// <summary> + /// Gets a list of possible decryption certificates, from the store/location set + /// </summary> + /// <remarks> + /// Defaults to localmachine:my (same place SSL certs are) + /// </remarks> + internal List<SecurityToken> Tokens { + get { return this.tokens; } + } + + /// <summary> + /// Adds a certificate to the list of certificates to decrypt with. + /// </summary> + /// <param name="certificate">The x509 cert to use for decryption</param> + internal void AddDecryptionCertificate(X509Certificate2 certificate) { + this.Tokens.Add(new X509SecurityToken(certificate)); + } + + /// <summary> + /// Adds a certificate to the list of certificates to decrypt with. + /// </summary> + /// <param name="storeName">store name of the certificate</param> + /// <param name="storeLocation">store location</param> + /// <param name="thumbprint">thumbprint of the cert to use</param> + internal void AddDecryptionCertificate(StoreName storeName, StoreLocation storeLocation, string thumbprint) { + this.AddDecryptionCertificates( + storeName, + storeLocation, + store => store.Find(X509FindType.FindByThumbprint, thumbprint, true)); + } + + /// <summary> + /// Adds a store of certificates to the list of certificates to decrypt with. + /// </summary> + /// <param name="storeName">store name of the certificates</param> + /// <param name="storeLocation">store location</param> + internal void AddDecryptionCertificates(StoreName storeName, StoreLocation storeLocation) { + this.AddDecryptionCertificates(storeName, storeLocation, store => store); + } + + /// <summary> + /// Decrpyts a security token from an XML EncryptedData + /// </summary> + /// <param name="reader">The encrypted token XML reader.</param> + /// <returns>A byte array of the contents of the encrypted token</returns> + internal byte[] DecryptToken(XmlReader reader) { + Contract.Requires<ArgumentNullException>(reader != null); + Contract.Ensures(Contract.Result<byte[]>() != null); + + byte[] securityTokenData; + string encryptionAlgorithm; + SecurityKeyIdentifier keyIdentifier; + bool isEmptyElement; + + ErrorUtilities.VerifyInternal(reader.IsStartElement(XmlEncryptionStrings.EncryptedData, XmlEncryptionStrings.Namespace), "Expected encrypted token starting XML element was not found."); + reader.Read(); // get started + + // if it's not an encryption method, something is dreadfully wrong. + ErrorUtilities.VerifyInfoCard(reader.IsStartElement(XmlEncryptionStrings.EncryptionMethod, XmlEncryptionStrings.Namespace), InfoCardStrings.EncryptionAlgorithmNotFound); + + // Looks good, let's grab the alg. + isEmptyElement = reader.IsEmptyElement; + encryptionAlgorithm = reader.GetAttribute(XmlEncryptionStrings.Algorithm); + reader.Read(); + + if (!isEmptyElement) { + while (reader.IsStartElement()) { + reader.Skip(); + } + reader.ReadEndElement(); + } + + // get the key identifier + keyIdentifier = WSSecurityTokenSerializer.DefaultInstance.ReadKeyIdentifier(reader); + + // resolve the symmetric key + SymmetricSecurityKey decryptingKey = (SymmetricSecurityKey)SecurityTokenResolver.CreateDefaultSecurityTokenResolver(this.tokens.AsReadOnly(), false).ResolveSecurityKey(keyIdentifier[0]); + SymmetricAlgorithm algorithm = decryptingKey.GetSymmetricAlgorithm(encryptionAlgorithm); + + // dig for the security token data itself. + reader.ReadStartElement(XmlEncryptionStrings.CipherData, XmlEncryptionStrings.Namespace); + reader.ReadStartElement(XmlEncryptionStrings.CipherValue, XmlEncryptionStrings.Namespace); + securityTokenData = Convert.FromBase64String(reader.ReadString()); + reader.ReadEndElement(); // CipherValue + reader.ReadEndElement(); // CipherData + reader.ReadEndElement(); // EncryptedData + + // decrypto-magic! + int blockSizeBytes = algorithm.BlockSize / 8; + byte[] iv = new byte[blockSizeBytes]; + Buffer.BlockCopy(securityTokenData, 0, iv, 0, iv.Length); + algorithm.Padding = PaddingMode.ISO10126; + algorithm.Mode = CipherMode.CBC; + ICryptoTransform decrTransform = algorithm.CreateDecryptor(algorithm.Key, iv); + byte[] plainText = decrTransform.TransformFinalBlock(securityTokenData, iv.Length, securityTokenData.Length - iv.Length); + decrTransform.Dispose(); + + return plainText; + } + +#if CONTRACTS_FULL + /// <summary> + /// Verifies conditions that should be true for any valid state of this object. + /// </summary> + [SuppressMessage("Microsoft.Performance", "CA1822:MarkMembersAsStatic", Justification = "Called by code contracts.")] + [SuppressMessage("Microsoft.Performance", "CA1811:AvoidUncalledPrivateCode", Justification = "Called by code contracts.")] + [ContractInvariantMethod] + private void ObjectInvariant() { + Contract.Invariant(this.Tokens != null); + } +#endif + + /// <summary> + /// Adds a store of certificates to the list of certificates to decrypt with. + /// </summary> + /// <param name="storeName">store name of the certificates</param> + /// <param name="storeLocation">store location</param> + /// <param name="filter">A filter to on the certificates to add.</param> + private void AddDecryptionCertificates(StoreName storeName, StoreLocation storeLocation, Func<X509Certificate2Collection, X509Certificate2Collection> filter) { + X509Store store = new X509Store(storeName, storeLocation); + store.Open(OpenFlags.ReadOnly); + + this.tokens.AddRange((from cert in filter(store.Certificates).Cast<X509Certificate2>() + where cert.HasPrivateKey + select new X509SecurityToken(cert)).Cast<SecurityToken>()); + + store.Close(); + } + + /// <summary> + /// A set of strings used in parsing the XML token. + /// </summary> + internal static class XmlEncryptionStrings { + /// <summary> + /// The "http://www.w3.org/2001/04/xmlenc#" value. + /// </summary> + internal const string Namespace = "http://www.w3.org/2001/04/xmlenc#"; + + /// <summary> + /// The "EncryptionMethod" value. + /// </summary> + internal const string EncryptionMethod = "EncryptionMethod"; + + /// <summary> + /// The "CipherValue" value. + /// </summary> + internal const string CipherValue = "CipherValue"; + + /// <summary> + /// The "Algorithm" value. + /// </summary> + internal const string Algorithm = "Algorithm"; + + /// <summary> + /// The "EncryptedData" value. + /// </summary> + internal const string EncryptedData = "EncryptedData"; + + /// <summary> + /// The "CipherData" value. + /// </summary> + internal const string CipherData = "CipherData"; + } + } +}
\ No newline at end of file diff --git a/src/DotNetOpenAuth.InfoCard/InfoCard/Token/TokenUtility.cs b/src/DotNetOpenAuth.InfoCard/InfoCard/Token/TokenUtility.cs new file mode 100644 index 0000000..4ac871a --- /dev/null +++ b/src/DotNetOpenAuth.InfoCard/InfoCard/Token/TokenUtility.cs @@ -0,0 +1,297 @@ +//----------------------------------------------------------------------- +// <copyright file="TokenUtility.cs" company="Microsoft Corporation"> +// Copyright (c) Microsoft Corporation. All rights reserved. +// </copyright> +// <license> +// Microsoft Public License (Ms-PL). +// See http://www.microsoft.com/opensource/licenses.mspx#Ms-PL +// </license> +//----------------------------------------------------------------------- + +namespace DotNetOpenAuth.InfoCard { + using System; + using System.Collections.Generic; + using System.Configuration; + using System.Diagnostics.Contracts; + using System.IdentityModel.Claims; + using System.IdentityModel.Policy; + using System.IdentityModel.Selectors; + using System.IdentityModel.Tokens; + using System.IO; + using System.Linq; + using System.Net.Mail; + using System.Security.Cryptography; + using System.Security.Principal; + using System.ServiceModel.Security; + using System.Text; + using System.Xml; + using DotNetOpenAuth.Messaging; + + /// <summary> + /// Tools for reading InfoCard tokens. + /// </summary> + internal static class TokenUtility { + /// <summary> + /// Gets the maximum amount the token can be out of sync with time. + /// </summary> + internal static TimeSpan MaximumClockSkew { + get { return DotNetOpenAuth.Configuration.DotNetOpenAuthSection.Configuration.Messaging.MaximumClockSkew; } + } + + /// <summary> + /// Token Authentication. Translates the decrypted data into a AuthContext. + /// </summary> + /// <param name="reader">The token XML reader.</param> + /// <param name="audience">The audience that the token must be scoped for. + /// Use <c>null</c> to indicate any audience is acceptable.</param> + /// <returns> + /// The authorization context carried by the token. + /// </returns> + internal static AuthorizationContext AuthenticateToken(XmlReader reader, Uri audience) { + Contract.Ensures(Contract.Result<AuthorizationContext>() != null); + + // Extensibility Point: + // in order to accept different token types, you would need to add additional + // code to create an authenticationcontext from the security token. + // This code only supports SamlSecurityToken objects. + SamlSecurityToken token = WSSecurityTokenSerializer.DefaultInstance.ReadToken(reader, null) as SamlSecurityToken; + + if (null == token) { + throw new InformationCardException("Unable to read security token"); + } + + ////if (null != token.SecurityKeys && token.SecurityKeys.Count > 0) + //// throw new InformationCardException("Token Security Keys Exist"); + + if (audience == null) { + Logger.InfoCard.Warn("SAML token Audience checking will be skipped."); + } else { + if (token.Assertion.Conditions != null && + token.Assertion.Conditions.Conditions != null) { + foreach (SamlCondition condition in token.Assertion.Conditions.Conditions) { + SamlAudienceRestrictionCondition audienceCondition = condition as SamlAudienceRestrictionCondition; + + if (audienceCondition != null) { + Logger.InfoCard.DebugFormat("SAML token audience(s): {0}", audienceCondition.Audiences.ToStringDeferred()); + bool match = audienceCondition.Audiences.Contains(audience); + + if (!match && Logger.InfoCard.IsErrorEnabled) { + Logger.InfoCard.ErrorFormat("Expected SAML token audience of {0} but found {1}.", audience.AbsoluteUri, audienceCondition.Audiences.Select(aud => aud.AbsoluteUri).ToStringDeferred()); + } + + // The token is invalid if any condition is not valid. + // An audience restriction condition is valid if any audience + // matches the Relying Party. + ErrorUtilities.VerifyInfoCard(match, InfoCardStrings.AudienceMismatch); + } + } + } + } + var samlAuthenticator = new SamlSecurityTokenAuthenticator( + new List<SecurityTokenAuthenticator>( + new SecurityTokenAuthenticator[] { + new RsaSecurityTokenAuthenticator(), + new X509SecurityTokenAuthenticator(), + }), + MaximumClockSkew); + + return AuthorizationContext.CreateDefaultAuthorizationContext(samlAuthenticator.ValidateToken(token)); + } + + /// <summary> + /// Translates claims to strings + /// </summary> + /// <param name="claim">Claim to translate to a string</param> + /// <returns>The string representation of a claim's value.</returns> + internal static string GetResourceValue(Claim claim) { + string strClaim = claim.Resource as string; + if (!string.IsNullOrEmpty(strClaim)) { + return strClaim; + } + + IdentityReference reference = claim.Resource as IdentityReference; + if (null != reference) { + return reference.Value; + } + + ICspAsymmetricAlgorithm rsa = claim.Resource as ICspAsymmetricAlgorithm; + if (null != rsa) { + using (SHA256 sha = new SHA256Managed()) { + return Convert.ToBase64String(sha.ComputeHash(rsa.ExportCspBlob(false))); + } + } + + MailAddress mail = claim.Resource as MailAddress; + if (null != mail) { + return mail.ToString(); + } + + byte[] bufferValue = claim.Resource as byte[]; + if (null != bufferValue) { + return Convert.ToBase64String(bufferValue); + } + + return claim.Resource.ToString(); + } + + /// <summary> + /// Generates a UniqueID based off the Issuer's key + /// </summary> + /// <param name="authzContext">the Authorization Context</param> + /// <returns>the hash of the internal key of the issuer</returns> + internal static string GetIssuerPubKeyHash(AuthorizationContext authzContext) { + foreach (ClaimSet cs in authzContext.ClaimSets) { + Claim currentIssuerClaim = GetUniqueRsaClaim(cs.Issuer); + + if (currentIssuerClaim != null) { + RSA rsa = currentIssuerClaim.Resource as RSA; + if (null == rsa) { + return null; + } + + return ComputeCombinedId(rsa, ""); + } + } + + return null; + } + + /// <summary> + /// Generates a UniqueID based off the Issuer's key and the PPID. + /// </summary> + /// <param name="authzContext">The Authorization Context</param> + /// <returns>A unique ID for this user at this web site.</returns> + internal static string GetUniqueName(AuthorizationContext authzContext) { + Contract.Requires<ArgumentNullException>(authzContext != null); + + Claim uniqueIssuerClaim = null; + Claim uniqueUserClaim = null; + + foreach (ClaimSet cs in authzContext.ClaimSets) { + Claim currentIssuerClaim = GetUniqueRsaClaim(cs.Issuer); + + foreach (Claim c in cs.FindClaims(ClaimTypes.PPID, Rights.PossessProperty)) { + if (null == currentIssuerClaim) { + // Found a claim in a ClaimSet with no RSA issuer. + return null; + } + + if (null == uniqueUserClaim) { + uniqueUserClaim = c; + uniqueIssuerClaim = currentIssuerClaim; + } else if (!uniqueIssuerClaim.Equals(currentIssuerClaim)) { + // Found two of the desired claims with different + // issuers. No unique name. + return null; + } else if (!uniqueUserClaim.Equals(c)) { + // Found two of the desired claims with different + // values. No unique name. + return null; + } + } + } + + // No claim of the desired type was found + if (null == uniqueUserClaim) { + return null; + } + + // Unexpected resource type + string claimValue = uniqueUserClaim.Resource as string; + if (null == claimValue) { + return null; + } + + // Unexpected resource type for RSA + RSA rsa = uniqueIssuerClaim.Resource as RSA; + if (null == rsa) { + return null; + } + + return ComputeCombinedId(rsa, claimValue); + } + + /// <summary> + /// Generates the Site Specific ID to match the one in the Identity Selector. + /// </summary> + /// <value>The ID displayed by the Identity Selector.</value> + /// <param name="ppid">The personal private identifier.</param> + /// <returns>A string containing the XXX-XXXX-XXX cosmetic value.</returns> + internal static string CalculateSiteSpecificID(string ppid) { + Contract.Requires<ArgumentNullException>(ppid != null); + Contract.Ensures(!string.IsNullOrEmpty(Contract.Result<string>())); + + int callSignChars = 10; + char[] charMap = "QL23456789ABCDEFGHJKMNPRSTUVWXYZ".ToCharArray(); + int charMapLength = charMap.Length; + + byte[] raw = Convert.FromBase64String(ppid); + using (HashAlgorithm hasher = SHA1.Create()) { + raw = hasher.ComputeHash(raw); + } + + StringBuilder callSign = new StringBuilder(); + + for (int i = 0; i < callSignChars; i++) { + // after char 3 and char 7, place a dash + if (i == 3 || i == 7) { + callSign.Append('-'); + } + callSign.Append(charMap[raw[i] % charMapLength]); + } + return callSign.ToString(); + } + + /// <summary> + /// Gets the Unique RSA Claim from the SAML token. + /// </summary> + /// <param name="cs">the claimset which contains the claim</param> + /// <returns>a RSA claim</returns> + private static Claim GetUniqueRsaClaim(ClaimSet cs) { + Contract.Requires<ArgumentNullException>(cs != null); + + Claim rsa = null; + + foreach (Claim c in cs.FindClaims(ClaimTypes.Rsa, Rights.PossessProperty)) { + if (null == rsa) { + rsa = c; + } else if (!rsa.Equals(c)) { + // Found two non-equal RSA claims + return null; + } + } + return rsa; + } + + /// <summary> + /// Does the actual calculation of a combined ID from a value and an RSA key. + /// </summary> + /// <param name="issuerKey">The key of the issuer of the token</param> + /// <param name="claimValue">the claim value to hash with.</param> + /// <returns>A base64 representation of the combined ID.</returns> + private static string ComputeCombinedId(RSA issuerKey, string claimValue) { + Contract.Requires<ArgumentNullException>(issuerKey != null); + Contract.Requires<ArgumentNullException>(claimValue != null); + Contract.Ensures(Contract.Result<string>() != null); + + int nameLength = Encoding.UTF8.GetByteCount(claimValue); + RSAParameters rsaParams = issuerKey.ExportParameters(false); + byte[] shaInput; + byte[] shaOutput; + + int i = 0; + shaInput = new byte[rsaParams.Modulus.Length + rsaParams.Exponent.Length + nameLength]; + rsaParams.Modulus.CopyTo(shaInput, i); + i += rsaParams.Modulus.Length; + rsaParams.Exponent.CopyTo(shaInput, i); + i += rsaParams.Exponent.Length; + i += Encoding.UTF8.GetBytes(claimValue, 0, claimValue.Length, shaInput, i); + + using (SHA256 sha = SHA256.Create()) { + shaOutput = sha.ComputeHash(shaInput); + } + + return Convert.ToBase64String(shaOutput); + } + } +} diff --git a/src/DotNetOpenAuth.InfoCard/InfoCard/TokenProcessingErrorEventArgs.cs b/src/DotNetOpenAuth.InfoCard/InfoCard/TokenProcessingErrorEventArgs.cs new file mode 100644 index 0000000..0f17b63 --- /dev/null +++ b/src/DotNetOpenAuth.InfoCard/InfoCard/TokenProcessingErrorEventArgs.cs @@ -0,0 +1,50 @@ +//----------------------------------------------------------------------- +// <copyright file="TokenProcessingErrorEventArgs.cs" company="Andrew Arnott"> +// Copyright (c) Andrew Arnott. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- +namespace DotNetOpenAuth.InfoCard { + using System; + using System.Diagnostics.CodeAnalysis; + using System.Diagnostics.Contracts; + + /// <summary> + /// Arguments for the <see cref="InfoCardSelector.TokenProcessingError"/> event. + /// </summary> + public class TokenProcessingErrorEventArgs : EventArgs { + /// <summary> + /// Initializes a new instance of the <see cref="TokenProcessingErrorEventArgs"/> class. + /// </summary> + /// <param name="tokenXml">The token XML.</param> + /// <param name="exception">The exception.</param> + internal TokenProcessingErrorEventArgs(string tokenXml, Exception exception) { + Contract.Requires<ArgumentNullException>(tokenXml != null); + Contract.Requires<ArgumentNullException>(exception != null); + this.TokenXml = tokenXml; + this.Exception = exception; + } + + /// <summary> + /// Gets the raw token XML. + /// </summary> + public string TokenXml { get; private set; } + + /// <summary> + /// Gets the exception that was generated while processing the token. + /// </summary> + public Exception Exception { get; private set; } + +#if CONTRACTS_FULL + /// <summary> + /// Verifies conditions that should be true for any valid state of this object. + /// </summary> + [SuppressMessage("Microsoft.Performance", "CA1822:MarkMembersAsStatic", Justification = "Called by code contracts.")] + [SuppressMessage("Microsoft.Performance", "CA1811:AvoidUncalledPrivateCode", Justification = "Called by code contracts.")] + [ContractInvariantMethod] + private void ObjectInvariant() { + Contract.Invariant(this.TokenXml != null); + Contract.Invariant(this.Exception != null); + } +#endif + } +} diff --git a/src/DotNetOpenAuth.InfoCard/InfoCard/WellKnownClaimTypes.cs b/src/DotNetOpenAuth.InfoCard/InfoCard/WellKnownClaimTypes.cs new file mode 100644 index 0000000..94ebae8 --- /dev/null +++ b/src/DotNetOpenAuth.InfoCard/InfoCard/WellKnownClaimTypes.cs @@ -0,0 +1,269 @@ +//----------------------------------------------------------------------- +// <copyright file="WellKnownClaimTypes.cs" company="Andrew Arnott"> +// Copyright (c) Andrew Arnott. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- + +namespace DotNetOpenAuth.InfoCard { + using System.Diagnostics.CodeAnalysis; + + /// <summary> + /// Well known claims that may be included in an Information Card. + /// </summary> + public class WellKnownClaimTypes { + /// <summary> + /// The "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/anonymous" claim. + /// </summary> + public const string Anonymous = "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/anonymous"; + + /// <summary> + /// The "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/authentication" claim. + /// </summary> + public const string Authentication = "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/authentication"; + + /// <summary> + /// The "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/authorizationdecision" claim. + /// </summary> + public const string AuthorizationDecision = "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/authorizationdecision"; + + /// <summary> + /// The date of birth of a subject in a form allowed by the xs:date data type. + /// </summary> + /// <value>http://schemas.xmlsoap.org/ws/2005/05/identity/claims/dateofbirth</value> + public const string DateOfBirth = "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/dateofbirth"; + + /// <summary> + /// The "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/denyonlysid" claim. + /// </summary> + public const string DenyOnlySid = "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/denyonlysid"; + + /// <summary> + /// The "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/dns" claim. + /// </summary> + public const string Dns = "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/dns"; + + /// <summary> + /// The "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/hash" claim. + /// </summary> + public const string Hash = "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/hash"; + + /// <summary> + /// The "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier" claim. + /// </summary> + public const string NameIdentifier = "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier"; + + /// <summary> + /// A private personal identifier (PPID) that identifies the subject to a relying party. + /// </summary> + /// <value>http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier</value> + /// <remarks> + /// The word private is used in the sense that the subject identifier is + /// specific to a given relying party and hence private to that relying party. + /// A subject's PPID at one relying party cannot be correlated with the subject's + /// PPID at another relying party. + /// </remarks> + [SuppressMessage("Microsoft.Naming", "CA1704:IdentifiersShouldBeSpelledCorrectly", MessageId = "Ppid", Justification = "By design")] + public const string Ppid = "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier"; + + /// <summary> + /// The "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/rsa" claim. + /// </summary> + [SuppressMessage("Microsoft.Naming", "CA1704:IdentifiersShouldBeSpelledCorrectly", MessageId = "Rsa", Justification = "By design")] + public const string Rsa = "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/rsa"; + + /// <summary> + /// The "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/sid" claim. + /// </summary> + public const string Sid = "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/sid"; + + /// <summary> + /// The "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/spn" claim. + /// </summary> + [SuppressMessage("Microsoft.Naming", "CA1704:IdentifiersShouldBeSpelledCorrectly", MessageId = "Spn", Justification = "By design")] + public const string Spn = "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/spn"; + + /// <summary> + /// The "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/system" claim. + /// </summary> + public const string System = "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/system"; + + /// <summary> + /// The "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/thumbprint" claim. + /// </summary> + public const string Thumbprint = "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/thumbprint"; + + /// <summary> + /// The "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn" claim. + /// </summary> + [SuppressMessage("Microsoft.Naming", "CA1704:IdentifiersShouldBeSpelledCorrectly", MessageId = "Upn", Justification = "By design")] + public const string Upn = "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn"; + + /// <summary> + /// The "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/uri" claim. + /// </summary> + public const string Uri = "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/uri"; + + /// <summary> + /// The "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/x500distinguishedname" claim. + /// </summary> + public const string X500DistinguishedName = "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/x500distinguishedname"; + + /// <summary> + /// Prevents a default instance of the <see cref="WellKnownClaimTypes"/> class from being created. + /// </summary> + private WellKnownClaimTypes() { + } + + /// <summary> + /// Inherent attributes about a personality such as gender and bio. + /// </summary> + [SuppressMessage("Microsoft.Design", "CA1034:NestedTypesShouldNotBeVisible", Justification = "Required for desired autocompletion.")] + public static class Person { + /// <summary> + /// Gender of a subject. + /// </summary> + /// <value>http://schemas.xmlsoap.org/ws/2005/05/identity/claims/gender</value> + /// <remarks> + /// The value of the claim can have any of these exact string values + /// 0 (unspecified) or + /// 1 (Male) or + /// 2 (Female). Using these values allows them to be language neutral. + /// </remarks> + public const string Gender = "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/gender"; + } + + /// <summary> + /// Various ways to contact a person. + /// </summary> + [SuppressMessage("Microsoft.Design", "CA1034:NestedTypesShouldNotBeVisible", Justification = "Required for desired autocompletion.")] + public static class Contact { + /// <summary> + /// Preferred address for the To: field of email to be sent to the subject. + /// </summary> + /// <value>http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress</value> + /// <remarks> + /// (mail in inetOrgPerson) Usually of the form @. According to inetOrgPerson using RFC 1274: This attribute type specifies an electronic mailbox attribute following the syntax specified in RFC 822. + /// </remarks> + public const string Email = "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress"; + + /// <summary> + /// Various types of phone numbers. + /// </summary> + [SuppressMessage("Microsoft.Design", "CA1034:NestedTypesShouldNotBeVisible", Justification = "Required for desired autocompletion.")] + public static class Phone { + /// <summary> + /// Primary or home telephone number of a subject. + /// </summary> + /// <value>http://schemas.xmlsoap.org/ws/2005/05/identity/claims/homephone</value> + /// <remarks> + /// According to inetOrgPerson using RFC 1274: + /// This attribute type specifies + /// a home telephone number associated with a person. Attribute values + /// should follow the agreed format for international telephone numbers, + /// e.g. +44 71 123 4567. + /// </remarks> + public const string HomePhone = "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/homephone"; + + /// <summary> + /// Mobile telephone number of a subject. + /// </summary> + /// <value>http://schemas.xmlsoap.org/ws/2005/05/identity/claims/mobilephone</value> + /// <remarks> + /// (mobile in inetOrgPerson) According to inetOrgPerson using RFC 1274: This attribute type specifies a mobile telephone number associated with a person. Attribute values should follow the agreed format for international telephone numbers, e.g. +44 71 123 4567. + /// </remarks> + public const string MobilePhone = "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/mobilephone"; + + /// <summary> + /// The "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/otherphone" claim. + /// </summary> + public const string OtherPhone = "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/otherphone"; + } + + /// <summary> + /// The many fields that make up an address. + /// </summary> + [SuppressMessage("Microsoft.Design", "CA1034:NestedTypesShouldNotBeVisible", Justification = "Required for desired autocompletion.")] + public static class Address { + /// <summary> + /// Street address component of a subject's address information. + /// According to RFC 2256: + /// This attribute contains the physical address of the object to which + /// the entry corresponds, such as an address for package delivery. + /// Its content is arbitrary, but typically given as a PO Box number or + /// apartment/house number followed by a street name, e.g. 303 Mulberry St. + /// (street in RFC 2256) + /// </summary> + /// <value>http://schemas.xmlsoap.org/ws/2005/05/identity/claims/streetaddress</value> + public const string StreetAddress = "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/streetaddress"; + + /// <summary> + /// Locality component of a subject's address information. + /// </summary> + /// <value>http://schemas.xmlsoap.org/ws/2005/05/identity/claims/locality</value> + /// <remarks> + /// According to RFC 2256: This attribute contains the name of a locality, such as a city, county or other geographic region. e.g. Redmond. + /// </remarks> + public const string City = "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/locality"; + + /// <summary> + /// Abbreviation for state or province name of a subject's address information. + /// </summary> + /// <value>http://schemas.xmlsoap.org/ws/2005/05/identity/claims/stateorprovince</value> + /// <remarks> + /// According to RFC 2256: This attribute contains the full name of a state or province. The values should be coordinated on a national level and if well-known shortcuts exist - like the two-letter state abbreviations in the US these abbreviations are preferred over longer full names. e.g. WA. + /// </remarks> + public const string StateOrProvince = "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/stateorprovince"; + + /// <summary> + /// The "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/postalcode" claim. + /// </summary> + public const string PostalCode = "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/postalcode"; + + /// <summary> + /// Country of a subject. + /// </summary> + /// <value>http://schemas.xmlsoap.org/ws/2005/05/identity/claims/country</value> + /// <remarks> + /// (c in RFC 2256) According to RFC 2256: This attribute contains a two-letter ISO 3166 country code. + /// </remarks> + public const string Country = "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/country"; + } + + /// <summary> + /// The names a person goes by. + /// </summary> + [SuppressMessage("Microsoft.Design", "CA1034:NestedTypesShouldNotBeVisible", Justification = "Required for desired autocompletion.")] + public static class Name { + /// <summary> + /// Preferred name or first name of a subject. According to RFC 2256: This attribute is used to hold the part of a persons name which is not their surname nor middle name. + /// </summary> + /// <value>http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname</value> + /// <remarks> + /// (givenName in RFC 2256) + /// </remarks> + public const string GivenName = "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname"; + + /// <summary> + /// Surname or family name of a subject. + /// </summary> + /// <value>http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname</value> + /// <remarks> + /// According to RFC 2256: This is the X.500 surname attribute which contains the family name of a person. + /// </remarks> + public const string Surname = "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname"; + } + + /// <summary> + /// Various web addresses connected with this personality. + /// </summary> + [SuppressMessage("Microsoft.Naming", "CA1724:TypeNamesShouldNotMatchNamespaces", Justification = "By design"), SuppressMessage("Microsoft.Design", "CA1034:NestedTypesShouldNotBeVisible", Justification = "Required for desired autocompletion.")] + public static class Web { + /// <summary> + /// The Web page of a subject expressed as a URL. + /// </summary> + /// <value>http://schemas.xmlsoap.org/ws/2005/05/identity/claims/webpage</value> + public const string Homepage = "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/webpage"; + } + } + } +}
\ No newline at end of file diff --git a/src/DotNetOpenAuth.InfoCard/InfoCard/WellKnownIssuers.cs b/src/DotNetOpenAuth.InfoCard/InfoCard/WellKnownIssuers.cs new file mode 100644 index 0000000..8c63287 --- /dev/null +++ b/src/DotNetOpenAuth.InfoCard/InfoCard/WellKnownIssuers.cs @@ -0,0 +1,23 @@ +//----------------------------------------------------------------------- +// <copyright file="WellKnownIssuers.cs" company="Andrew Arnott"> +// Copyright (c) Andrew Arnott. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- + +namespace DotNetOpenAuth.InfoCard { + /// <summary> + /// Common InfoCard issuers. + /// </summary> + public sealed class WellKnownIssuers { + /// <summary> + /// The Issuer URI to use for self-issued cards. + /// </summary> + public const string SelfIssued = "http://schemas.xmlsoap.org/ws/2005/05/identity/issuer/self"; + + /// <summary> + /// Prevents a default instance of the <see cref="WellKnownIssuers"/> class from being created. + /// </summary> + private WellKnownIssuers() { + } + } +} diff --git a/src/DotNetOpenAuth.InfoCard/InfoCard/infocard_114x80.png b/src/DotNetOpenAuth.InfoCard/InfoCard/infocard_114x80.png Binary files differnew file mode 100644 index 0000000..6dba25f --- /dev/null +++ b/src/DotNetOpenAuth.InfoCard/InfoCard/infocard_114x80.png diff --git a/src/DotNetOpenAuth.InfoCard/InfoCard/infocard_14x10.png b/src/DotNetOpenAuth.InfoCard/InfoCard/infocard_14x10.png Binary files differnew file mode 100644 index 0000000..d63575d --- /dev/null +++ b/src/DotNetOpenAuth.InfoCard/InfoCard/infocard_14x10.png diff --git a/src/DotNetOpenAuth.InfoCard/InfoCard/infocard_214x150.png b/src/DotNetOpenAuth.InfoCard/InfoCard/infocard_214x150.png Binary files differnew file mode 100644 index 0000000..71ebc7e --- /dev/null +++ b/src/DotNetOpenAuth.InfoCard/InfoCard/infocard_214x150.png diff --git a/src/DotNetOpenAuth.InfoCard/InfoCard/infocard_23x16.png b/src/DotNetOpenAuth.InfoCard/InfoCard/infocard_23x16.png Binary files differnew file mode 100644 index 0000000..9dbea9f --- /dev/null +++ b/src/DotNetOpenAuth.InfoCard/InfoCard/infocard_23x16.png diff --git a/src/DotNetOpenAuth.InfoCard/InfoCard/infocard_300x210.png b/src/DotNetOpenAuth.InfoCard/InfoCard/infocard_300x210.png Binary files differnew file mode 100644 index 0000000..e805b9d --- /dev/null +++ b/src/DotNetOpenAuth.InfoCard/InfoCard/infocard_300x210.png diff --git a/src/DotNetOpenAuth.InfoCard/InfoCard/infocard_34x24.png b/src/DotNetOpenAuth.InfoCard/InfoCard/infocard_34x24.png Binary files differnew file mode 100644 index 0000000..b863f64 --- /dev/null +++ b/src/DotNetOpenAuth.InfoCard/InfoCard/infocard_34x24.png diff --git a/src/DotNetOpenAuth.InfoCard/InfoCard/infocard_365x256.png b/src/DotNetOpenAuth.InfoCard/InfoCard/infocard_365x256.png Binary files differnew file mode 100644 index 0000000..30092c5 --- /dev/null +++ b/src/DotNetOpenAuth.InfoCard/InfoCard/infocard_365x256.png diff --git a/src/DotNetOpenAuth.InfoCard/InfoCard/infocard_41x29.png b/src/DotNetOpenAuth.InfoCard/InfoCard/infocard_41x29.png Binary files differnew file mode 100644 index 0000000..d3c71ae --- /dev/null +++ b/src/DotNetOpenAuth.InfoCard/InfoCard/infocard_41x29.png diff --git a/src/DotNetOpenAuth.InfoCard/InfoCard/infocard_50x35.png b/src/DotNetOpenAuth.InfoCard/InfoCard/infocard_50x35.png Binary files differnew file mode 100644 index 0000000..62ff78b --- /dev/null +++ b/src/DotNetOpenAuth.InfoCard/InfoCard/infocard_50x35.png diff --git a/src/DotNetOpenAuth.InfoCard/InfoCard/infocard_60x42.png b/src/DotNetOpenAuth.InfoCard/InfoCard/infocard_60x42.png Binary files differnew file mode 100644 index 0000000..8e920c5 --- /dev/null +++ b/src/DotNetOpenAuth.InfoCard/InfoCard/infocard_60x42.png diff --git a/src/DotNetOpenAuth.InfoCard/InfoCard/infocard_71x50.png b/src/DotNetOpenAuth.InfoCard/InfoCard/infocard_71x50.png Binary files differnew file mode 100644 index 0000000..9e8f7fb --- /dev/null +++ b/src/DotNetOpenAuth.InfoCard/InfoCard/infocard_71x50.png diff --git a/src/DotNetOpenAuth.InfoCard/InfoCard/infocard_81x57.png b/src/DotNetOpenAuth.InfoCard/InfoCard/infocard_81x57.png Binary files differnew file mode 100644 index 0000000..48d62b2 --- /dev/null +++ b/src/DotNetOpenAuth.InfoCard/InfoCard/infocard_81x57.png diff --git a/src/DotNetOpenAuth.InfoCard/InfoCard/infocard_92x64.png b/src/DotNetOpenAuth.InfoCard/InfoCard/infocard_92x64.png Binary files differnew file mode 100644 index 0000000..388e497 --- /dev/null +++ b/src/DotNetOpenAuth.InfoCard/InfoCard/infocard_92x64.png |
