Removed the allowSubPath and allowAdditionalQueryParameters settings from the trusted Providers configuration since we don't yet have an implementation to support it, nor users asking for it.

5 files changed, 5 insertions, 73 deletions

diff --git a/src/DotNetOpenAuth/Configuration/DotNetOpenAuth.xsd b/src/DotNetOpenAuth/Configuration/DotNetOpenAuth.xsd
index 3774490..9786068 100644
--- a/src/DotNetOpenAuth/Configuration/DotNetOpenAuth.xsd
+++ b/src/DotNetOpenAuth/Configuration/DotNetOpenAuth.xsd
@@ -256,20 +256,6 @@
 																				</xs:documentation>
 																			</xs:annotation>
 																		</xs:attribute>
-																		<xs:attribute name="allowSubPath" type="xs:boolean" default="false">
-																			<xs:annotation>
-																				<xs:documentation>
-																					A value indicating whether the OP Endpoint given here is a base path, and sub-paths concatenated to it are equally trusted.
-																				</xs:documentation>
-																			</xs:annotation>
-																		</xs:attribute>
-																		<xs:attribute name="allowAdditionalQueryParameters" type="xs:boolean" default="false">
-																			<xs:annotation>
-																				<xs:documentation>
-																					A value indicating whether the OP Endpoint given here is equally trusted if query string parameters are added to it.
-																				</xs:documentation>
-																			</xs:annotation>
-																		</xs:attribute>
 																	</xs:complexType>
 																</xs:element>
 																<xs:element name="remove">
diff --git a/src/DotNetOpenAuth/Configuration/OpenIdRelyingPartySecuritySettingsElement.cs b/src/DotNetOpenAuth/Configuration/OpenIdRelyingPartySecuritySettingsElement.cs
index e138acd..4347e2c 100644
--- a/src/DotNetOpenAuth/Configuration/OpenIdRelyingPartySecuritySettingsElement.cs
+++ b/src/DotNetOpenAuth/Configuration/OpenIdRelyingPartySecuritySettingsElement.cs
@@ -273,8 +273,7 @@ namespace DotNetOpenAuth.Configuration {
 
 			settings.RejectAssertionsFromUntrustedProviders = this.TrustedProviders.RejectAssertionsFromUntrustedProviders;
 			foreach (TrustedProviderEndpointConfigurationElement opEndpoint in this.TrustedProviders) {
-				var endpointSetting = new RelyingPartySecuritySettings.TrustedProviderEndpointSettings(opEndpoint.AllowSubPath, opEndpoint.AllowAdditionalQueryParameters);
-				settings.TrustedProviderEndpoints.Add(opEndpoint.ProviderEndpoint, endpointSetting);
+				settings.TrustedProviderEndpoints.Add(opEndpoint.ProviderEndpoint);
 			}
 
 			return settings;
diff --git a/src/DotNetOpenAuth/Configuration/TrustedProviderEndpointConfigurationElement.cs b/src/DotNetOpenAuth/Configuration/TrustedProviderEndpointConfigurationElement.cs
index 106b8b7..dc49d8c 100644
--- a/src/DotNetOpenAuth/Configuration/TrustedProviderEndpointConfigurationElement.cs
+++ b/src/DotNetOpenAuth/Configuration/TrustedProviderEndpointConfigurationElement.cs
@@ -18,16 +18,6 @@ namespace DotNetOpenAuth.Configuration {
 		private const string ProviderEndpointConfigName = "endpoint";
 
 		/// <summary>
-		/// The name of the attribute that stores the <see cref="AllowSubPath"/> value.
-		/// </summary>
-		private const string AllowSubPathConfigName = "allowSubPath";
-
-		/// <summary>
-		/// The name of the attribute that stores the <see cref="AllowAdditionalQueryParameters"/> value.
-		/// </summary>
-		private const string AllowAdditionalQueryParametersConfigName = "allowAdditionalQueryParameters";
-
-		/// <summary>
 		/// Initializes a new instance of the <see cref="TrustedProviderEndpointConfigurationElement"/> class.
 		/// </summary>
 		public TrustedProviderEndpointConfigurationElement() {
@@ -41,23 +31,5 @@ namespace DotNetOpenAuth.Configuration {
 			get { return (Uri)this[ProviderEndpointConfigName]; }
 			set { this[ProviderEndpointConfigName] = value; }
 		}
-
-		/// <summary>
-		/// Gets or sets a value indicating whether the OP Endpoint given here is a base path, and sub-paths concatenated to it are equally trusted.
-		/// </summary>
-		[ConfigurationProperty(AllowSubPathConfigName, DefaultValue = false)]
-		public bool AllowSubPath {
-			get { return (bool)this[AllowSubPathConfigName]; }
-			set { this[AllowSubPathConfigName] = value; }
-		}
-
-		/// <summary>
-		/// Gets or sets a value indicating whether the OP Endpoint given here is equally trusted if query string parameters are added to it.
-		/// </summary>
-		[ConfigurationProperty(AllowAdditionalQueryParametersConfigName, DefaultValue = false)]
-		public bool AllowAdditionalQueryParameters {
-			get { return (bool)this[AllowAdditionalQueryParametersConfigName]; }
-			set { this[AllowAdditionalQueryParametersConfigName] = value; }
-		}
 	}
 }
diff --git a/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdRelyingParty.cs b/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdRelyingParty.cs
index b9c67bd..5cffe03 100644
--- a/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdRelyingParty.cs
+++ b/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdRelyingParty.cs
@@ -765,7 +765,7 @@ namespace DotNetOpenAuth.OpenId.RelyingParty {
 		/// <returns><c>true</c> if the OP Endpoint is allowed; <c>false</c> otherwise.</returns>
 		protected internal bool FilterEndpoint(IProviderEndpoint endpoint) {
 			if (this.SecuritySettings.RejectAssertionsFromUntrustedProviders) {
-				if (!this.SecuritySettings.TrustedProviderEndpoints.ContainsKey(endpoint.Uri)) {
+				if (!this.SecuritySettings.TrustedProviderEndpoints.Contains(endpoint.Uri)) {
 					Logger.OpenId.InfoFormat("Filtering out OP endpoint {0} because it is not on the exclusive trusted provider whitelist.", endpoint.Uri.AbsoluteUri);
 					return false;
 				}
diff --git a/src/DotNetOpenAuth/OpenId/RelyingParty/RelyingPartySecuritySettings.cs b/src/DotNetOpenAuth/OpenId/RelyingParty/RelyingPartySecuritySettings.cs
index 3031134..fc6d4c7 100644
--- a/src/DotNetOpenAuth/OpenId/RelyingParty/RelyingPartySecuritySettings.cs
+++ b/src/DotNetOpenAuth/OpenId/RelyingParty/RelyingPartySecuritySettings.cs
@@ -30,7 +30,7 @@ namespace DotNetOpenAuth.OpenId.RelyingParty {
 			this.PrivateSecretMaximumAge = TimeSpan.FromDays(7);
 			this.ProtectDownlevelReplayAttacks = ProtectDownlevelReplayAttacksDefault;
 			this.AllowApproximateIdentifierDiscovery = true;
-			this.TrustedProviderEndpoints = new Dictionary<Uri, TrustedProviderEndpointSettings>();
+			this.TrustedProviderEndpoints = new HashSet<Uri>();
 		}
 
 		/// <summary>
@@ -146,9 +146,9 @@ namespace DotNetOpenAuth.OpenId.RelyingParty {
 		public bool AllowApproximateIdentifierDiscovery { get; set; }
 
 		/// <summary>
-		/// Gets the set of trusted OpenID Provider Endpoint URIs and settings that describe them.
+		/// Gets the set of trusted OpenID Provider Endpoint URIs.
 		/// </summary>
-		public IDictionary<Uri, TrustedProviderEndpointSettings> TrustedProviderEndpoints { get; private set; }
+		public HashSet<Uri> TrustedProviderEndpoints { get; private set; }
 
 		/// <summary>
 		/// Gets or sets a value indicating whether any login attempt coming from an OpenID Provider Endpoint that is not on this
@@ -183,30 +183,5 @@ namespace DotNetOpenAuth.OpenId.RelyingParty {
 				.Where(se => !this.RejectDelegatingIdentifiers || se.ClaimedIdentifier == se.ProviderLocalIdentifier)
 				.Where(se => !this.RequireDirectedIdentity || se.ClaimedIdentifier == se.Protocol.ClaimedIdentifierForOPIdentifier);
 		}
-
-		/// <summary>
-		/// A trusted OpenID Provider endpoint and flags regarding how it is trusted.
-		/// </summary>
-		public class TrustedProviderEndpointSettings {
-			/// <summary>
-			/// Initializes a new instance of the <see cref="TrustedProviderEndpointSettings"/> class.
-			/// </summary>
-			/// <param name="allowSubPath">A value indicating whether the OP Endpoint given here is a base path, and sub-paths concatenated to it are equally trusted.</param>
-			/// <param name="allowAdditionalQueryParameters">A value indicating whether the OP Endpoint given here is equally trusted if query string parameters are added to it.</param>
-			public TrustedProviderEndpointSettings(bool allowSubPath = false, bool allowAdditionalQueryParameters = false) {
-				this.AllowSubPath = allowSubPath;
-				this.AllowAdditionalQueryParameters = allowAdditionalQueryParameters;
-			}
-
-			/// <summary>
-			/// Gets or sets a value indicating whether the OP Endpoint given here is a base path, and sub-paths concatenated to it are equally trusted.
-			/// </summary>
-			public bool AllowSubPath { get; set; }
-
-			/// <summary>
-			/// Gets or sets a value indicating whether the OP Endpoint given here is equally trusted if query string parameters are added to it.
-			/// </summary>
-			public bool AllowAdditionalQueryParameters { get; set; }
-		}
 	}
 }