summaryrefslogtreecommitdiffstats
path: root/src/DotNetOpenId/Provider/ProviderSecuritySettings.cs
diff options
context:
space:
mode:
authorAndrew Arnott <andrewarnott@gmail.com>2009-12-15 22:17:20 -0800
committerAndrew Arnott <andrewarnott@gmail.com>2009-12-15 22:17:20 -0800
commite12782c1a6727390b2107ff2e39d4ac6173d86fc (patch)
tree3be0ccda0a9425927263f5b6b9616ef8ba11ac08 /src/DotNetOpenId/Provider/ProviderSecuritySettings.cs
parent078b1f350eb40ceee7423c25b1d833dd1f242da4 (diff)
parenta545f7be2693596fa14540c359e43150a6a7cf88 (diff)
downloadDotNetOpenAuth-origin/mono.zip
DotNetOpenAuth-origin/mono.tar.gz
DotNetOpenAuth-origin/mono.tar.bz2
Merge branch 'v2.5' into monoorigin/mono
Conflicts: src/DotNetOpenId/Properties/AssemblyInfo.cs src/DotNetOpenId/RelyingParty/AuthenticationResponse.cs
Diffstat (limited to 'src/DotNetOpenId/Provider/ProviderSecuritySettings.cs')
-rw-r--r--src/DotNetOpenId/Provider/ProviderSecuritySettings.cs26
1 files changed, 26 insertions, 0 deletions
diff --git a/src/DotNetOpenId/Provider/ProviderSecuritySettings.cs b/src/DotNetOpenId/Provider/ProviderSecuritySettings.cs
new file mode 100644
index 0000000..88c1e07
--- /dev/null
+++ b/src/DotNetOpenId/Provider/ProviderSecuritySettings.cs
@@ -0,0 +1,26 @@
+using System;
+using System.Collections.Generic;
+using System.Text;
+
+namespace DotNetOpenId.Provider {
+ sealed class ProviderSecuritySettings : SecuritySettings {
+ internal ProviderSecuritySettings() : base(true) { }
+
+ // This property is a placeholder for a feature that has not been written yet.
+ /// <summary>
+ /// Gets/sets whether OpenID 1.x relying parties that may not be
+ /// protecting their users from replay attacks are protected from
+ /// replay attacks by this provider.
+ /// </summary>
+ /// <remarks>
+ /// <para>Nonces for protection against replay attacks were not mandated
+ /// by OpenID 1.x, which leaves users open to replay attacks.</para>
+ /// <para>This feature works by preventing associations from being formed
+ /// with OpenID 1.x relying parties, thereby forcing them into
+ /// "dumb" mode and verifying every claim with this provider.
+ /// This gives the provider an opportunity to verify its own nonce
+ /// to protect against replay attacks.</para>
+ /// </remarks>
+ internal bool ProtectDownlevelReplayAttacks { get; set; }
+ }
+}
generated by cgit v1.1 at 2025-06-08 01:27:26 +0000