diff options
| author | Andrew Arnott <andrewarnott@gmail.com> | 2009-06-26 07:08:46 -0700 |
|---|---|---|
| committer | Andrew Arnott <andrewarnott@gmail.com> | 2009-06-26 07:08:46 -0700 |
| commit | a4cb4b312fc43a62e3174d34539d18ddb7d2eb5a (patch) | |
| tree | f5785af8911c2fe072c23bd71f7c4518cdc7af18 /src | |
| parent | 1609c609e8918c97d5dd15e465a53f464f577756 (diff) | |
| download | DotNetOpenAuth-a4cb4b312fc43a62e3174d34539d18ddb7d2eb5a.zip DotNetOpenAuth-a4cb4b312fc43a62e3174d34539d18ddb7d2eb5a.tar.gz DotNetOpenAuth-a4cb4b312fc43a62e3174d34539d18ddb7d2eb5a.tar.bz2 | |
Some more transitioning from ErrorUtilities to Code Contracts.
Diffstat (limited to 'src')
67 files changed, 786 insertions, 199 deletions
diff --git a/src/DotNetOpenAuth/InfoCard/InfoCardSelector.cs b/src/DotNetOpenAuth/InfoCard/InfoCardSelector.cs index 351cca4..9deca06 100644 --- a/src/DotNetOpenAuth/InfoCard/InfoCardSelector.cs +++ b/src/DotNetOpenAuth/InfoCard/InfoCardSelector.cs @@ -627,7 +627,7 @@ namespace DotNetOpenAuth.InfoCard { /// <param name="optional">A space-delimited list of claim type URIs for claims that may optionally be included in a submitted Information Card.</param> [Pure] private void GetRequestedClaims(out string required, out string optional) { - Contract.Requires(this.ClaimsRequested != null); + Contract.Requires<InvalidOperationException>(this.ClaimsRequested != null); Contract.Ensures(Contract.ValueAtReturn<string>(out required) != null); Contract.Ensures(Contract.ValueAtReturn<string>(out optional) != null); @@ -653,7 +653,7 @@ namespace DotNetOpenAuth.InfoCard { /// or to downgrade gracefully if the user agent lacks an Information Card selector. /// </summary> private void RenderSupportingScript() { - Contract.Requires(this.infoCardSupportedPanel != null); + Contract.Requires<InvalidOperationException>(this.infoCardSupportedPanel != null); this.Page.ClientScript.RegisterClientScriptResource(typeof(InfoCardSelector), ScriptResourceName); diff --git a/src/DotNetOpenAuth/InfoCard/ReceivingTokenEventArgs.cs b/src/DotNetOpenAuth/InfoCard/ReceivingTokenEventArgs.cs index 0cc28c3..aaf734b 100644 --- a/src/DotNetOpenAuth/InfoCard/ReceivingTokenEventArgs.cs +++ b/src/DotNetOpenAuth/InfoCard/ReceivingTokenEventArgs.cs @@ -73,7 +73,7 @@ namespace DotNetOpenAuth.InfoCard { /// <param name="certificate">The certificate.</param> public void AddDecryptingToken(X509Certificate2 certificate) { Contract.Requires<ArgumentNullException>(certificate != null); - Contract.Requires(certificate.HasPrivateKey); + Contract.Requires<ArgumentException>(certificate.HasPrivateKey); this.AddDecryptingToken(new X509SecurityToken(certificate)); } diff --git a/src/DotNetOpenAuth/InfoCard/Token/Token.cs b/src/DotNetOpenAuth/InfoCard/Token/Token.cs index bae58c7..0eaf2f8 100644 --- a/src/DotNetOpenAuth/InfoCard/Token/Token.cs +++ b/src/DotNetOpenAuth/InfoCard/Token/Token.cs @@ -42,8 +42,8 @@ namespace DotNetOpenAuth.InfoCard { /// <param name="decryptor">The decryptor to use to decrypt the token, if necessary..</param> /// <exception cref="InformationCardException">Thrown for any problem decoding or decrypting the token.</exception> private Token(string tokenXml, Uri audience, TokenDecryptor decryptor) { - Contract.Requires(!String.IsNullOrEmpty(tokenXml)); - Contract.Requires(decryptor != null || !IsEncrypted(tokenXml)); + Contract.Requires<ArgumentException>(!String.IsNullOrEmpty(tokenXml)); + Contract.Requires<ArgumentException>(decryptor != null || !IsEncrypted(tokenXml)); Contract.Ensures(this.AuthorizationContext != null); byte[] decryptedBytes; @@ -107,7 +107,7 @@ namespace DotNetOpenAuth.InfoCard { /// </summary> public string SiteSpecificId { get { - Contract.Requires(this.Claims.ContainsKey(ClaimTypes.PPID) && !string.IsNullOrEmpty(this.Claims[ClaimTypes.PPID])); + Contract.Requires<InvalidOperationException>(this.Claims.ContainsKey(ClaimTypes.PPID) && !string.IsNullOrEmpty(this.Claims[ClaimTypes.PPID])); string ppidValue; ErrorUtilities.VerifyOperation(this.Claims.TryGetValue(ClaimTypes.PPID, out ppidValue) && ppidValue != null, InfoCardStrings.PpidClaimRequired); return TokenUtility.CalculateSiteSpecificID(ppidValue); @@ -133,7 +133,7 @@ namespace DotNetOpenAuth.InfoCard { /// <param name="tokenXml">The token XML.</param> /// <returns>The deserialized token.</returns> public static Token Read(string tokenXml) { - Contract.Requires(!String.IsNullOrEmpty(tokenXml)); + Contract.Requires<ArgumentException>(!String.IsNullOrEmpty(tokenXml)); return Read(tokenXml, (Uri)null); } @@ -144,7 +144,7 @@ namespace DotNetOpenAuth.InfoCard { /// <param name="audience">The URI that this token must have been crafted to be sent to. Use <c>null</c> to accept any intended audience.</param> /// <returns>The deserialized token.</returns> public static Token Read(string tokenXml, Uri audience) { - Contract.Requires(!String.IsNullOrEmpty(tokenXml)); + Contract.Requires<ArgumentException>(!String.IsNullOrEmpty(tokenXml)); return Read(tokenXml, audience, Enumerable.Empty<SecurityToken>()); } @@ -155,7 +155,7 @@ namespace DotNetOpenAuth.InfoCard { /// <param name="decryptionTokens">Any X.509 certificates that may be used to decrypt the token, if necessary.</param> /// <returns>The deserialized token.</returns> public static Token Read(string tokenXml, IEnumerable<SecurityToken> decryptionTokens) { - Contract.Requires(!String.IsNullOrEmpty(tokenXml)); + Contract.Requires<ArgumentException>(!String.IsNullOrEmpty(tokenXml)); Contract.Requires<ArgumentNullException>(decryptionTokens != null); return Read(tokenXml, null, decryptionTokens); } @@ -168,7 +168,7 @@ namespace DotNetOpenAuth.InfoCard { /// <param name="decryptionTokens">Any X.509 certificates that may be used to decrypt the token, if necessary.</param> /// <returns>The deserialized token.</returns> public static Token Read(string tokenXml, Uri audience, IEnumerable<SecurityToken> decryptionTokens) { - Contract.Requires(!String.IsNullOrEmpty(tokenXml)); + Contract.Requires<ArgumentException>(!String.IsNullOrEmpty(tokenXml)); Contract.Requires<ArgumentNullException>(decryptionTokens != null); Contract.Ensures(Contract.Result<Token>() != null); diff --git a/src/DotNetOpenAuth/Messaging/ChannelEventArgs.cs b/src/DotNetOpenAuth/Messaging/ChannelEventArgs.cs index 29310dc..1e71bf2 100644 --- a/src/DotNetOpenAuth/Messaging/ChannelEventArgs.cs +++ b/src/DotNetOpenAuth/Messaging/ChannelEventArgs.cs @@ -6,6 +6,7 @@ namespace DotNetOpenAuth.Messaging { using System; + using System.Diagnostics.Contracts; /// <summary> /// The data packet sent with Channel events. @@ -16,7 +17,7 @@ namespace DotNetOpenAuth.Messaging { /// </summary> /// <param name="message">The message behind the fired event..</param> internal ChannelEventArgs(IProtocolMessage message) { - ErrorUtilities.VerifyArgumentNotNull(message, "message"); + Contract.Requires<ArgumentNullException>(message != null); this.Message = message; } diff --git a/src/DotNetOpenAuth/Messaging/ErrorUtilities.cs b/src/DotNetOpenAuth/Messaging/ErrorUtilities.cs index b7b2c55..a7c1278 100644 --- a/src/DotNetOpenAuth/Messaging/ErrorUtilities.cs +++ b/src/DotNetOpenAuth/Messaging/ErrorUtilities.cs @@ -179,7 +179,7 @@ namespace DotNetOpenAuth.Messaging { /// <exception cref="HostErrorException">Thrown if <paramref name="condition"/> evaluates to <c>false</c>.</exception> [Pure] internal static void VerifyHost(bool condition, string errorMessage, params object[] args) { - Contract.Requires(args != null); + Contract.Requires<ArgumentNullException>(args != null); Contract.Ensures(condition); Contract.EnsuresOnThrow<ProtocolException>(!condition); Contract.Assume(errorMessage != null); diff --git a/src/DotNetOpenAuth/Messaging/IChannelBindingElement.cs b/src/DotNetOpenAuth/Messaging/IChannelBindingElement.cs index b2d3d68..db5dd24 100644 --- a/src/DotNetOpenAuth/Messaging/IChannelBindingElement.cs +++ b/src/DotNetOpenAuth/Messaging/IChannelBindingElement.cs @@ -107,8 +107,8 @@ namespace DotNetOpenAuth.Messaging { /// <see cref="MessagePartAttribute.RequiredProtection"/> properties where applicable. /// </remarks> MessageProtections? IChannelBindingElement.ProcessOutgoingMessage(IProtocolMessage message) { - Contract.Requires(((IChannelBindingElement)this).Channel != null); Contract.Requires<ArgumentNullException>(message != null); + Contract.Requires<InvalidOperationException>(((IChannelBindingElement)this).Channel != null); throw new NotImplementedException(); } @@ -130,8 +130,8 @@ namespace DotNetOpenAuth.Messaging { /// <see cref="MessagePartAttribute.RequiredProtection"/> properties where applicable. /// </remarks> MessageProtections? IChannelBindingElement.ProcessIncomingMessage(IProtocolMessage message) { - Contract.Requires(((IChannelBindingElement)this).Channel != null); Contract.Requires<ArgumentNullException>(message != null); + Contract.Requires<InvalidOperationException>(((IChannelBindingElement)this).Channel != null); throw new NotImplementedException(); } diff --git a/src/DotNetOpenAuth/Messaging/IncomingWebResponseContract.cs b/src/DotNetOpenAuth/Messaging/IncomingWebResponseContract.cs index 295c005..e9c1941 100644 --- a/src/DotNetOpenAuth/Messaging/IncomingWebResponseContract.cs +++ b/src/DotNetOpenAuth/Messaging/IncomingWebResponseContract.cs @@ -45,7 +45,7 @@ namespace DotNetOpenAuth.Messaging { /// be the self same instance. /// </remarks> internal override CachedDirectWebResponse GetSnapshot(int maximumBytesToCache) { - Contract.Requires(maximumBytesToCache >= 0); + Contract.Requires<ArgumentOutOfRangeException>(maximumBytesToCache >= 0); Contract.Requires<InvalidOperationException>(this.RequestUri != null); Contract.Ensures(Contract.Result<CachedDirectWebResponse>() != null); throw new NotImplementedException(); diff --git a/src/DotNetOpenAuth/Messaging/MessageSerializer.cs b/src/DotNetOpenAuth/Messaging/MessageSerializer.cs index 0f100c9..550df1a 100644 --- a/src/DotNetOpenAuth/Messaging/MessageSerializer.cs +++ b/src/DotNetOpenAuth/Messaging/MessageSerializer.cs @@ -34,7 +34,7 @@ namespace DotNetOpenAuth.Messaging { [ContractVerification(false)] // bugs/limitations in CC static analysis private MessageSerializer(Type messageType) { Contract.Requires<ArgumentNullException>(messageType != null); - Contract.Requires(typeof(IMessage).IsAssignableFrom(messageType)); + Contract.Requires<ArgumentException>(typeof(IMessage).IsAssignableFrom(messageType)); Contract.Ensures(this.messageType != null); ErrorUtilities.VerifyArgumentNamed( diff --git a/src/DotNetOpenAuth/Messaging/MessagingUtilities.cs b/src/DotNetOpenAuth/Messaging/MessagingUtilities.cs index 27cc97f..df67a21 100644 --- a/src/DotNetOpenAuth/Messaging/MessagingUtilities.cs +++ b/src/DotNetOpenAuth/Messaging/MessagingUtilities.cs @@ -205,8 +205,8 @@ namespace DotNetOpenAuth.Messaging { /// <param name="allowableCharacters">The allowable characters.</param> /// <returns>A random string.</returns> internal static string GetRandomString(int length, string allowableCharacters) { - Contract.Requires(length >= 0); - Contract.Requires(allowableCharacters != null && allowableCharacters.Length >= 2); + Contract.Requires<ArgumentOutOfRangeException>(length >= 0); + Contract.Requires<ArgumentException>(allowableCharacters != null && allowableCharacters.Length >= 2); char[] randomString = new char[length]; for (int i = 0; i < length; i++) { @@ -596,7 +596,7 @@ namespace DotNetOpenAuth.Messaging { /// <param name="messageDictionary">The message to copy the extra data into.</param> /// <param name="extraParameters">The extra data to copy into the message. May be null to do nothing.</param> internal static void AddExtraParameters(this MessageDictionary messageDictionary, IDictionary<string, string> extraParameters) { - ErrorUtilities.VerifyArgumentNotNull(messageDictionary, "messageAccessor"); + Contract.Requires<ArgumentNullException>(messageDictionary != null); if (extraParameters != null) { foreach (var pair in extraParameters) { diff --git a/src/DotNetOpenAuth/OAuth/ChannelElements/HmacSha1SigningBindingElement.cs b/src/DotNetOpenAuth/OAuth/ChannelElements/HmacSha1SigningBindingElement.cs index 42a38fe..53930bc 100644 --- a/src/DotNetOpenAuth/OAuth/ChannelElements/HmacSha1SigningBindingElement.cs +++ b/src/DotNetOpenAuth/OAuth/ChannelElements/HmacSha1SigningBindingElement.cs @@ -31,7 +31,6 @@ namespace DotNetOpenAuth.OAuth.ChannelElements { /// This method signs the message per OAuth 1.0 section 9.2. /// </remarks> protected override string GetSignature(ITamperResistantOAuthMessage message) { - ErrorUtilities.VerifyOperation(this.Channel != null, "Channel property has not been set."); string key = GetConsumerAndTokenSecretString(message); HashAlgorithm hasher = new HMACSHA1(Encoding.ASCII.GetBytes(key)); string baseString = ConstructSignatureBaseString(message, this.Channel.MessageDescriptions.GetAccessor(message)); diff --git a/src/DotNetOpenAuth/OAuth/ChannelElements/OAuthIdentity.cs b/src/DotNetOpenAuth/OAuth/ChannelElements/OAuthIdentity.cs index 0de2c15..f5b362c 100644 --- a/src/DotNetOpenAuth/OAuth/ChannelElements/OAuthIdentity.cs +++ b/src/DotNetOpenAuth/OAuth/ChannelElements/OAuthIdentity.cs @@ -22,8 +22,7 @@ namespace DotNetOpenAuth.OAuth.ChannelElements { /// </summary> /// <param name="username">The username.</param> internal OAuthIdentity(string username) { - Contract.Requires(!String.IsNullOrEmpty(username)); - ErrorUtilities.VerifyNonZeroLength(username, "username"); + Contract.Requires<ArgumentException>(!String.IsNullOrEmpty(username)); this.Name = username; } diff --git a/src/DotNetOpenAuth/OAuth/ChannelElements/OAuthPrincipal.cs b/src/DotNetOpenAuth/OAuth/ChannelElements/OAuthPrincipal.cs index 689c388..0dc57e6 100644 --- a/src/DotNetOpenAuth/OAuth/ChannelElements/OAuthPrincipal.cs +++ b/src/DotNetOpenAuth/OAuth/ChannelElements/OAuthPrincipal.cs @@ -29,7 +29,7 @@ namespace DotNetOpenAuth.OAuth.ChannelElements { /// <param name="token">The access token.</param> internal OAuthPrincipal(IServiceProviderAccessToken token) : this(token.Username, token.Roles) { - Contract.Requires(token != null); + Contract.Requires<ArgumentNullException>(token != null); this.AccessToken = token.Token; } diff --git a/src/DotNetOpenAuth/OAuth/ChannelElements/RsaSha1SigningBindingElement.cs b/src/DotNetOpenAuth/OAuth/ChannelElements/RsaSha1SigningBindingElement.cs index 4f8b5e5..f7b8370 100644 --- a/src/DotNetOpenAuth/OAuth/ChannelElements/RsaSha1SigningBindingElement.cs +++ b/src/DotNetOpenAuth/OAuth/ChannelElements/RsaSha1SigningBindingElement.cs @@ -33,8 +33,7 @@ namespace DotNetOpenAuth.OAuth.ChannelElements { /// <param name="signingCertificate">The certificate used to sign outgoing messages.</param> public RsaSha1SigningBindingElement(X509Certificate2 signingCertificate) : base(HashAlgorithmName) { - Contract.Requires(signingCertificate != null); - ErrorUtilities.VerifyArgumentNotNull(signingCertificate, "signingCertificate"); + Contract.Requires<ArgumentNullException>(signingCertificate != null); this.SigningCertificate = signingCertificate; } @@ -46,8 +45,7 @@ namespace DotNetOpenAuth.OAuth.ChannelElements { /// <param name="tokenManager">The token manager.</param> public RsaSha1SigningBindingElement(IServiceProviderTokenManager tokenManager) : base(HashAlgorithmName) { - Contract.Requires(tokenManager != null); - ErrorUtilities.VerifyArgumentNotNull(tokenManager, "tokenManager"); + Contract.Requires<ArgumentNullException>(tokenManager != null); this.tokenManager = tokenManager; } @@ -66,7 +64,6 @@ namespace DotNetOpenAuth.OAuth.ChannelElements { /// This method signs the message per OAuth 1.0 section 9.3. /// </remarks> protected override string GetSignature(ITamperResistantOAuthMessage message) { - ErrorUtilities.VerifyArgumentNotNull(message, "message"); ErrorUtilities.VerifyOperation(this.SigningCertificate != null, OAuthStrings.X509CertificateNotProvidedForSigning); string signatureBaseString = ConstructSignatureBaseString(message, this.Channel.MessageDescriptions.GetAccessor(message)); diff --git a/src/DotNetOpenAuth/OAuth/ChannelElements/SigningBindingElementBase.cs b/src/DotNetOpenAuth/OAuth/ChannelElements/SigningBindingElementBase.cs index 672769b..0fd9bf9 100644 --- a/src/DotNetOpenAuth/OAuth/ChannelElements/SigningBindingElementBase.cs +++ b/src/DotNetOpenAuth/OAuth/ChannelElements/SigningBindingElementBase.cs @@ -150,7 +150,7 @@ namespace DotNetOpenAuth.OAuth.ChannelElements { internal static string ConstructSignatureBaseString(ITamperResistantOAuthMessage message, MessageDictionary messageDictionary) { Contract.Requires<ArgumentNullException>(message != null); Contract.Requires<ArgumentNullException>(messageDictionary != null); - Contract.Requires(messageDictionary.Message == message); + Contract.Requires<ArgumentException>(messageDictionary.Message == message); if (String.IsNullOrEmpty(message.HttpMethod)) { throw new ArgumentException( diff --git a/src/DotNetOpenAuth/OAuth/ChannelElements/SigningBindingElementBaseContract.cs b/src/DotNetOpenAuth/OAuth/ChannelElements/SigningBindingElementBaseContract.cs index 7019b45..7b369c3 100644 --- a/src/DotNetOpenAuth/OAuth/ChannelElements/SigningBindingElementBaseContract.cs +++ b/src/DotNetOpenAuth/OAuth/ChannelElements/SigningBindingElementBaseContract.cs @@ -40,7 +40,8 @@ namespace DotNetOpenAuth.OAuth.ChannelElements { /// <param name="message">The message to sign.</param> /// <returns>The signature for the message.</returns> protected override string GetSignature(ITamperResistantOAuthMessage message) { - Contract.Requires(this.Channel != null); + Contract.Requires<ArgumentNullException>(message != null); + Contract.Requires<InvalidOperationException>(this.Channel != null); throw new NotImplementedException(); } } diff --git a/src/DotNetOpenAuth/OAuth/ChannelElements/TokenHandlingBindingElement.cs b/src/DotNetOpenAuth/OAuth/ChannelElements/TokenHandlingBindingElement.cs index ce7bb98..249e18f 100644 --- a/src/DotNetOpenAuth/OAuth/ChannelElements/TokenHandlingBindingElement.cs +++ b/src/DotNetOpenAuth/OAuth/ChannelElements/TokenHandlingBindingElement.cs @@ -29,8 +29,7 @@ namespace DotNetOpenAuth.OAuth.ChannelElements { /// </summary> /// <param name="tokenManager">The token manager.</param> internal TokenHandlingBindingElement(IServiceProviderTokenManager tokenManager) { - Contract.Requires(tokenManager != null); - ErrorUtilities.VerifyArgumentNotNull(tokenManager, "tokenManager"); + Contract.Requires<ArgumentNullException>(tokenManager != null); this.tokenManager = tokenManager; } @@ -68,8 +67,6 @@ namespace DotNetOpenAuth.OAuth.ChannelElements { /// <see cref="MessagePartAttribute.RequiredProtection"/> properties where applicable. /// </remarks> public MessageProtections? ProcessOutgoingMessage(IProtocolMessage message) { - ErrorUtilities.VerifyArgumentNotNull(message, "message"); - var userAuthResponse = message as UserAuthorizationResponse; if (userAuthResponse != null && userAuthResponse.Version >= Protocol.V10a.Version) { this.tokenManager.GetRequestToken(userAuthResponse.RequestToken).VerificationCode = userAuthResponse.VerificationCode; @@ -109,8 +106,6 @@ namespace DotNetOpenAuth.OAuth.ChannelElements { /// <see cref="MessagePartAttribute.RequiredProtection"/> properties where applicable. /// </remarks> public MessageProtections? ProcessIncomingMessage(IProtocolMessage message) { - ErrorUtilities.VerifyArgumentNotNull(message, "message"); - var authorizedTokenRequest = message as AuthorizedTokenRequest; if (authorizedTokenRequest != null) { if (authorizedTokenRequest.Version >= Protocol.V10a.Version) { @@ -142,7 +137,7 @@ namespace DotNetOpenAuth.OAuth.ChannelElements { /// </summary> /// <param name="message">The incoming message carrying the access token.</param> private void VerifyThrowTokenNotExpired(AccessProtectedResourceRequest message) { - ErrorUtilities.VerifyArgumentNotNull(message, "message"); + Contract.Requires<ArgumentNullException>(message != null); try { IServiceProviderAccessToken token = this.tokenManager.GetAccessToken(message.AccessToken); diff --git a/src/DotNetOpenAuth/OAuth/ChannelElements/UriOrOobEncoding.cs b/src/DotNetOpenAuth/OAuth/ChannelElements/UriOrOobEncoding.cs index 5aedc9d..287ef01 100644 --- a/src/DotNetOpenAuth/OAuth/ChannelElements/UriOrOobEncoding.cs +++ b/src/DotNetOpenAuth/OAuth/ChannelElements/UriOrOobEncoding.cs @@ -7,6 +7,7 @@ namespace DotNetOpenAuth.OAuth.ChannelElements { using System; using System.Collections.Generic; + using System.Diagnostics.Contracts; using System.Linq; using System.Text; using DotNetOpenAuth.Messaging; @@ -51,8 +52,6 @@ namespace DotNetOpenAuth.OAuth.ChannelElements { /// The <paramref name="value"/> in string form, ready for message transport. /// </returns> public string Encode(object value) { - ErrorUtilities.VerifyArgumentNotNull(value, "value"); - Uri uriValue = (Uri)value; return uriValue.AbsoluteUri; } diff --git a/src/DotNetOpenAuth/OAuth/ConsumerBase.cs b/src/DotNetOpenAuth/OAuth/ConsumerBase.cs index 6b9b628..9fe905a 100644 --- a/src/DotNetOpenAuth/OAuth/ConsumerBase.cs +++ b/src/DotNetOpenAuth/OAuth/ConsumerBase.cs @@ -225,7 +225,7 @@ namespace DotNetOpenAuth.OAuth { /// The access token assigned by the Service Provider. /// </returns> protected AuthorizedTokenResponse ProcessUserAuthorization(string requestToken, string verifier) { - Contract.Requires(!String.IsNullOrEmpty(requestToken)); + Contract.Requires<ArgumentException>(!String.IsNullOrEmpty(requestToken)); Contract.Ensures(Contract.Result<AuthorizedTokenResponse>() != null); var requestAccess = new AuthorizedTokenRequest(this.ServiceProvider.AccessTokenEndpoint, this.ServiceProvider.Version) { diff --git a/src/DotNetOpenAuth/OAuth/Messages/MessageBase.cs b/src/DotNetOpenAuth/OAuth/Messages/MessageBase.cs index 07c630d..be2c95d 100644 --- a/src/DotNetOpenAuth/OAuth/Messages/MessageBase.cs +++ b/src/DotNetOpenAuth/OAuth/Messages/MessageBase.cs @@ -64,8 +64,8 @@ namespace DotNetOpenAuth.OAuth.Messages { /// <param name="originatingRequest">The request that asked for this direct response.</param> /// <param name="version">The OAuth version.</param> protected MessageBase(MessageProtections protectionRequired, IDirectedProtocolMessage originatingRequest, Version version) { - ErrorUtilities.VerifyArgumentNotNull(originatingRequest, "originatingRequest"); - ErrorUtilities.VerifyArgumentNotNull(version, "version"); + Contract.Requires<ArgumentNullException>(originatingRequest != null); + Contract.Requires<ArgumentNullException>(version != null); this.protectionRequired = protectionRequired; this.transport = MessageTransport.Direct; @@ -81,8 +81,8 @@ namespace DotNetOpenAuth.OAuth.Messages { /// <param name="recipient">The URI that a directed message will be delivered to.</param> /// <param name="version">The OAuth version.</param> protected MessageBase(MessageProtections protectionRequired, MessageTransport transport, MessageReceivingEndpoint recipient, Version version) { - ErrorUtilities.VerifyArgumentNotNull(recipient, "recipient"); - ErrorUtilities.VerifyArgumentNotNull(version, "version"); + Contract.Requires<ArgumentNullException>(recipient != null); + Contract.Requires<ArgumentNullException>(version != null); this.protectionRequired = protectionRequired; this.transport = transport; diff --git a/src/DotNetOpenAuth/OAuth/Protocol.cs b/src/DotNetOpenAuth/OAuth/Protocol.cs index f535b10..3845e4e 100644 --- a/src/DotNetOpenAuth/OAuth/Protocol.cs +++ b/src/DotNetOpenAuth/OAuth/Protocol.cs @@ -8,6 +8,7 @@ namespace DotNetOpenAuth.OAuth { using System; using System.Collections.Generic; using System.Diagnostics; + using System.Diagnostics.Contracts; using System.Linq; using System.Text; using DotNetOpenAuth.Messaging; @@ -137,10 +138,9 @@ namespace DotNetOpenAuth.OAuth { /// <param name="version">The OAuth version to get.</param> /// <returns>A matching <see cref="Protocol"/> instance.</returns> internal static Protocol Lookup(Version version) { - ErrorUtilities.VerifyArgumentNotNull(version, "version"); - Protocol protocol = AllVersions.FirstOrDefault(p => p.Version == version); - ErrorUtilities.VerifyArgumentInRange(protocol != null, "version"); - return protocol; + Contract.Requires<ArgumentNullException>(version != null); + Contract.Requires<ArgumentOutOfRangeException>(AllVersions.Any(p => p.Version == version)); + return AllVersions.First(p => p.Version == version); } } } diff --git a/src/DotNetOpenAuth/OAuth/ServiceProvider.cs b/src/DotNetOpenAuth/OAuth/ServiceProvider.cs index df5cd4b..0495ea7 100644 --- a/src/DotNetOpenAuth/OAuth/ServiceProvider.cs +++ b/src/DotNetOpenAuth/OAuth/ServiceProvider.cs @@ -111,8 +111,7 @@ namespace DotNetOpenAuth.OAuth { } set { - Contract.Requires(value != null); - ErrorUtilities.VerifyArgumentNotNull(value, "value"); + Contract.Requires<ArgumentNullException>(value != null); this.channel = value; } } @@ -127,8 +126,7 @@ namespace DotNetOpenAuth.OAuth { /// length of the final string.</param> /// <returns>The verification code.</returns> public static string CreateVerificationCode(VerificationCodeFormat format, int length) { - Contract.Requires(length >= 0); - ErrorUtilities.VerifyArgumentInRange(length >= 0, "length"); + Contract.Requires<ArgumentOutOfRangeException>(length >= 0); switch (format) { case VerificationCodeFormat.IncludedInCallback: @@ -199,7 +197,7 @@ namespace DotNetOpenAuth.OAuth { /// <param name="request">The token request message the Consumer sent that the Service Provider is now responding to.</param> /// <returns>The response message to send using the <see cref="Channel"/>, after optionally adding extra data to it.</returns> public UnauthorizedTokenResponse PrepareUnauthorizedTokenMessage(UnauthorizedTokenRequest request) { - ErrorUtilities.VerifyArgumentNotNull(request, "request"); + Contract.Requires<ArgumentNullException>(request != null); string token = this.TokenGenerator.GenerateRequestToken(request.ConsumerKey); string secret = this.TokenGenerator.GenerateSecret(); @@ -249,7 +247,7 @@ namespace DotNetOpenAuth.OAuth { /// </remarks> public AuthorizationRequest ReadAuthorizationRequest(IHostProcessedRequest openIdRequest) { Contract.Requires<ArgumentNullException>(openIdRequest != null); - Contract.Requires(this.TokenManager is ICombinedOpenIdProviderTokenManager); + Contract.Requires<InvalidOperationException>(this.TokenManager is ICombinedOpenIdProviderTokenManager); var openidTokenManager = this.TokenManager as ICombinedOpenIdProviderTokenManager; ErrorUtilities.VerifyOperation(openidTokenManager != null, OAuthStrings.OpenIdOAuthExtensionRequiresSpecialTokenManagerInterface, typeof(IOpenIdOAuthTokenManager).FullName); @@ -278,8 +276,8 @@ namespace DotNetOpenAuth.OAuth { [SuppressMessage("Microsoft.Design", "CA1011:ConsiderPassingBaseTypesAsParameters", Justification = "We want to take IAuthenticationRequest because that's the only supported use case.")] public void AttachAuthorizationResponse(IAuthenticationRequest openIdAuthenticationRequest, string consumerKey, string scope) { Contract.Requires<ArgumentNullException>(openIdAuthenticationRequest != null); - Contract.Requires((consumerKey == null) == (scope == null)); - Contract.Requires(this.TokenManager is IOpenIdOAuthTokenManager); + Contract.Requires<ArgumentException>((consumerKey == null) == (scope == null)); + Contract.Requires<InvalidOperationException>(this.TokenManager is IOpenIdOAuthTokenManager); var openidTokenManager = this.TokenManager as IOpenIdOAuthTokenManager; ErrorUtilities.VerifyOperation(openidTokenManager != null, OAuthStrings.OpenIdOAuthExtensionRequiresSpecialTokenManagerInterface, typeof(IOpenIdOAuthTokenManager).FullName); @@ -311,7 +309,6 @@ namespace DotNetOpenAuth.OAuth { [SuppressMessage("Microsoft.Performance", "CA1822:MarkMembersAsStatic", Justification = "Consistent user experience with instance.")] public UserAuthorizationResponse PrepareAuthorizationResponse(UserAuthorizationRequest request) { Contract.Requires<ArgumentNullException>(request != null); - ErrorUtilities.VerifyArgumentNotNull(request, "request"); // It is very important for us to ignore the oauth_callback argument in the // UserAuthorizationRequest if the Consumer is a 1.0a consumer or else we @@ -392,8 +389,7 @@ namespace DotNetOpenAuth.OAuth { /// <param name="request">The Consumer's message requesting an access token.</param> /// <returns>The HTTP response to actually send to the Consumer.</returns> public AuthorizedTokenResponse PrepareAccessTokenMessage(AuthorizedTokenRequest request) { - Contract.Requires(request != null); - ErrorUtilities.VerifyArgumentNotNull(request, "request"); + Contract.Requires<ArgumentNullException>(request != null); ErrorUtilities.VerifyProtocol(this.TokenManager.IsRequestTokenAuthorized(request.RequestToken), OAuthStrings.AccessTokenNotAuthorized, request.RequestToken); @@ -472,8 +468,7 @@ namespace DotNetOpenAuth.OAuth { /// <param name="request">The request.</param> /// <returns>The <see cref="IPrincipal"/> instance that can be used for access control of resources.</returns> public OAuthPrincipal CreatePrincipal(AccessProtectedResourceRequest request) { - Contract.Requires(request != null); - ErrorUtilities.VerifyArgumentNotNull(request, "request"); + Contract.Requires<ArgumentNullException>(request != null); IServiceProviderAccessToken accessToken = this.TokenManager.GetAccessToken(request.AccessToken); return new OAuthPrincipal(accessToken); diff --git a/src/DotNetOpenAuth/OAuth/WebConsumer.cs b/src/DotNetOpenAuth/OAuth/WebConsumer.cs index 8566036..afe972f 100644 --- a/src/DotNetOpenAuth/OAuth/WebConsumer.cs +++ b/src/DotNetOpenAuth/OAuth/WebConsumer.cs @@ -80,7 +80,6 @@ namespace DotNetOpenAuth.OAuth { /// <param name="scope">The scope of access that is requested of the service provider.</param> public void AttachAuthorizationRequest(IAuthenticationRequest openIdAuthenticationRequest, string scope) { Contract.Requires<ArgumentNullException>(openIdAuthenticationRequest != null); - ErrorUtilities.VerifyArgumentNotNull(openIdAuthenticationRequest, "openIdAuthenticationRequest"); var authorizationRequest = new AuthorizationRequest { Consumer = this.ConsumerKey, @@ -103,7 +102,7 @@ namespace DotNetOpenAuth.OAuth { /// </remarks> public AuthorizedTokenResponse ProcessUserAuthorization(IAuthenticationResponse openIdAuthenticationResponse) { Contract.Requires<ArgumentNullException>(openIdAuthenticationResponse != null); - Contract.Requires(this.TokenManager is IOpenIdOAuthTokenManager); + Contract.Requires<InvalidOperationException>(this.TokenManager is IOpenIdOAuthTokenManager); var openidTokenManager = this.TokenManager as IOpenIdOAuthTokenManager; ErrorUtilities.VerifyOperation(openidTokenManager != null, OAuthStrings.OpenIdOAuthExtensionRequiresSpecialTokenManagerInterface, typeof(IOpenIdOAuthTokenManager).FullName); diff --git a/src/DotNetOpenAuth/OpenId/Associations.cs b/src/DotNetOpenAuth/OpenId/Associations.cs index 454e44b..4fd89c4 100644 --- a/src/DotNetOpenAuth/OpenId/Associations.cs +++ b/src/DotNetOpenAuth/OpenId/Associations.cs @@ -77,7 +77,7 @@ namespace DotNetOpenAuth.OpenId { /// <returns>The desired association, or null if none with the given handle could be found.</returns> [Pure] public Association Get(string handle) { - Contract.Requires(!string.IsNullOrEmpty(handle)); + Contract.Requires<ArgumentException>(!string.IsNullOrEmpty(handle)); lock (this.associations) { if (this.associations.Contains(handle)) { @@ -94,7 +94,7 @@ namespace DotNetOpenAuth.OpenId { /// <param name="handle">The handle to the required association.</param> /// <returns>Whether an <see cref="Association"/> with the given handle was in the collection for removal.</returns> public bool Remove(string handle) { - Contract.Requires(!string.IsNullOrEmpty(handle)); + Contract.Requires<ArgumentException>(!string.IsNullOrEmpty(handle)); lock (this.associations) { return this.associations.Remove(handle); } diff --git a/src/DotNetOpenAuth/OpenId/Behaviors/PpidGeneration.cs b/src/DotNetOpenAuth/OpenId/Behaviors/PpidGeneration.cs index b9a3dfc..643d6df 100644 --- a/src/DotNetOpenAuth/OpenId/Behaviors/PpidGeneration.cs +++ b/src/DotNetOpenAuth/OpenId/Behaviors/PpidGeneration.cs @@ -6,6 +6,7 @@ namespace DotNetOpenAuth.OpenId.Behaviors { using System; + using System.Diagnostics.Contracts; using System.Linq; using DotNetOpenAuth.Messaging; using DotNetOpenAuth.OpenId.Extensions.ProviderAuthenticationPolicy; @@ -70,8 +71,6 @@ namespace DotNetOpenAuth.OpenId.Behaviors { /// from handling it; <c>false</c> to allow other behaviors to process this request. /// </returns> bool IProviderBehavior.OnOutgoingResponse(IAuthenticationRequest request) { - ErrorUtilities.VerifyArgumentNotNull(request, "request"); - // Nothing to do for negative assertions. if (!request.IsAuthenticated.Value) { return false; diff --git a/src/DotNetOpenAuth/OpenId/ChannelElements/ExtensionsBindingElement.cs b/src/DotNetOpenAuth/OpenId/ChannelElements/ExtensionsBindingElement.cs index 63f7809..f64ae38 100644 --- a/src/DotNetOpenAuth/OpenId/ChannelElements/ExtensionsBindingElement.cs +++ b/src/DotNetOpenAuth/OpenId/ChannelElements/ExtensionsBindingElement.cs @@ -38,8 +38,8 @@ namespace DotNetOpenAuth.OpenId.ChannelElements { /// <param name="extensionFactory">The extension factory.</param> /// <param name="securitySettings">The security settings.</param> internal ExtensionsBindingElement(IOpenIdExtensionFactory extensionFactory, SecuritySettings securitySettings) { - ErrorUtilities.VerifyArgumentNotNull(extensionFactory, "extensionFactory"); - ErrorUtilities.VerifyArgumentNotNull(securitySettings, "securitySettings"); + Contract.Requires<ArgumentNullException>(extensionFactory != null); + Contract.Requires<ArgumentNullException>(securitySettings != null); this.ExtensionFactory = extensionFactory; this.securitySettings = securitySettings; @@ -83,9 +83,6 @@ namespace DotNetOpenAuth.OpenId.ChannelElements { /// <see cref="MessagePartAttribute.RequiredProtection"/> properties where applicable. /// </remarks> public MessageProtections? ProcessOutgoingMessage(IProtocolMessage message) { - ErrorUtilities.VerifyArgumentNotNull(message, "message"); - ErrorUtilities.VerifyOperation(this.Channel != null, "Channel property has not been set."); - var extendableMessage = message as IProtocolMessageWithExtensions; if (extendableMessage != null) { Protocol protocol = Protocol.Lookup(message.Version); @@ -225,8 +222,7 @@ namespace DotNetOpenAuth.OpenId.ChannelElements { /// A dictionary of message parts, including only signed parts when appropriate. /// </returns> private IDictionary<string, string> GetExtensionsDictionary(IProtocolMessage message, bool ignoreUnsigned) { - Contract.Requires(this.Channel != null); - ErrorUtilities.VerifyOperation(this.Channel != null, "Channel property has not been set."); + Contract.Requires<InvalidOperationException>(this.Channel != null); IndirectSignedResponse signedResponse = message as IndirectSignedResponse; if (signedResponse != null && ignoreUnsigned) { diff --git a/src/DotNetOpenAuth/OpenId/ChannelElements/KeyValueFormEncoding.cs b/src/DotNetOpenAuth/OpenId/ChannelElements/KeyValueFormEncoding.cs index 03ba0f2..c363c11 100644 --- a/src/DotNetOpenAuth/OpenId/ChannelElements/KeyValueFormEncoding.cs +++ b/src/DotNetOpenAuth/OpenId/ChannelElements/KeyValueFormEncoding.cs @@ -8,6 +8,7 @@ namespace DotNetOpenAuth.OpenId.ChannelElements { using System; using System.Collections.Generic; using System.Diagnostics.CodeAnalysis; + using System.Diagnostics.Contracts; using System.Globalization; using System.IO; using System.Text; @@ -99,7 +100,7 @@ namespace DotNetOpenAuth.OpenId.ChannelElements { /// be used. /// </remarks> public static byte[] GetBytes(IEnumerable<KeyValuePair<string, string>> keysAndValues) { - ErrorUtilities.VerifyArgumentNotNull(keysAndValues, "keysAndValues"); + Contract.Requires<ArgumentNullException>(keysAndValues != null); MemoryStream ms = new MemoryStream(); using (StreamWriter sw = new StreamWriter(ms, textEncoding)) { diff --git a/src/DotNetOpenAuth/OpenId/ChannelElements/OpenIdChannel.cs b/src/DotNetOpenAuth/OpenId/ChannelElements/OpenIdChannel.cs index d4664cf..aff535c 100644 --- a/src/DotNetOpenAuth/OpenId/ChannelElements/OpenIdChannel.cs +++ b/src/DotNetOpenAuth/OpenId/ChannelElements/OpenIdChannel.cs @@ -254,8 +254,6 @@ namespace DotNetOpenAuth.OpenId.ChannelElements { /// This method implements spec V1.0 section 5.3. /// </remarks> protected override OutgoingWebResponse PrepareDirectResponse(IProtocolMessage response) { - ErrorUtilities.VerifyArgumentNotNull(response, "response"); - var messageAccessor = this.MessageDescriptions.GetAccessor(response); var fields = messageAccessor.Serialize(); byte[] keyValueEncoding = KeyValueFormEncoding.GetBytes(fields); diff --git a/src/DotNetOpenAuth/OpenId/ChannelElements/ReturnToNonceBindingElement.cs b/src/DotNetOpenAuth/OpenId/ChannelElements/ReturnToNonceBindingElement.cs index 514423c..330bccc 100644 --- a/src/DotNetOpenAuth/OpenId/ChannelElements/ReturnToNonceBindingElement.cs +++ b/src/DotNetOpenAuth/OpenId/ChannelElements/ReturnToNonceBindingElement.cs @@ -80,8 +80,6 @@ namespace DotNetOpenAuth.OpenId.ChannelElements { internal ReturnToNonceBindingElement(INonceStore nonceStore, RelyingPartySecuritySettings securitySettings) { Contract.Requires<ArgumentNullException>(nonceStore != null); Contract.Requires<ArgumentNullException>(securitySettings != null); - ErrorUtilities.VerifyArgumentNotNull(nonceStore, "nonceStore"); - ErrorUtilities.VerifyArgumentNotNull(securitySettings, "securitySettings"); this.nonceStore = nonceStore; this.securitySettings = securitySettings; diff --git a/src/DotNetOpenAuth/OpenId/ChannelElements/ReturnToSignatureBindingElement.cs b/src/DotNetOpenAuth/OpenId/ChannelElements/ReturnToSignatureBindingElement.cs index a760c0d..946ec78 100644 --- a/src/DotNetOpenAuth/OpenId/ChannelElements/ReturnToSignatureBindingElement.cs +++ b/src/DotNetOpenAuth/OpenId/ChannelElements/ReturnToSignatureBindingElement.cs @@ -8,6 +8,7 @@ namespace DotNetOpenAuth.OpenId.ChannelElements { using System; using System.Collections.Generic; using System.Collections.Specialized; + using System.Diagnostics.Contracts; using System.Security.Cryptography; using System.Web; using DotNetOpenAuth.Messaging; @@ -161,7 +162,7 @@ namespace DotNetOpenAuth.OpenId.ChannelElements { /// or other minor changes do not invalidate the signature. /// </remarks> private string GetReturnToSignature(Uri returnTo) { - ErrorUtilities.VerifyArgumentNotNull(returnTo, "returnTo"); + Contract.Requires<ArgumentNullException>(returnTo != null); // Assemble the dictionary to sign, taking care to remove the signature itself // in order to accurately reproduce the original signature (which of course didn't include diff --git a/src/DotNetOpenAuth/OpenId/ChannelElements/SigningBindingElement.cs b/src/DotNetOpenAuth/OpenId/ChannelElements/SigningBindingElement.cs index 2338572..3f4a998 100644 --- a/src/DotNetOpenAuth/OpenId/ChannelElements/SigningBindingElement.cs +++ b/src/DotNetOpenAuth/OpenId/ChannelElements/SigningBindingElement.cs @@ -285,9 +285,8 @@ namespace DotNetOpenAuth.OpenId.ChannelElements { /// the inclusion and order of message parts that will be signed. /// </returns> private string GetSignedParameterOrder(ITamperResistantOpenIdMessage signedMessage) { - Contract.Requires(this.Channel != null); + Contract.Requires<InvalidOperationException>(this.Channel != null); Contract.Requires<ArgumentNullException>(signedMessage != null); - ErrorUtilities.VerifyOperation(this.Channel != null, "Channel property has not been set."); Protocol protocol = Protocol.Lookup(signedMessage.Version); diff --git a/src/DotNetOpenAuth/OpenId/Extensions/ExtensionsInteropHelper.cs b/src/DotNetOpenAuth/OpenId/Extensions/ExtensionsInteropHelper.cs index 6522d2e..16283c0 100644 --- a/src/DotNetOpenAuth/OpenId/Extensions/ExtensionsInteropHelper.cs +++ b/src/DotNetOpenAuth/OpenId/Extensions/ExtensionsInteropHelper.cs @@ -40,8 +40,7 @@ namespace DotNetOpenAuth.OpenId.Extensions { /// otherwise quietly returns doing nothing.</para> /// </remarks> public static void SpreadSregToAX(this RelyingParty.IAuthenticationRequest request, AXAttributeFormats attributeFormats) { - Contract.Requires(request != null); - ErrorUtilities.VerifyArgumentNotNull(request, "request"); + Contract.Requires<ArgumentNullException>(request != null); var req = (RelyingParty.AuthenticationRequest)request; var sreg = req.AppliedExtensions.OfType<ClaimsRequest>().SingleOrDefault(); @@ -96,8 +95,7 @@ namespace DotNetOpenAuth.OpenId.Extensions { /// or just an empty <see cref="ClaimsResponse"/> if there was no data. /// Never <c>null</c>.</returns> public static ClaimsResponse UnifyExtensionsAsSreg(this RelyingParty.IAuthenticationResponse response, bool allowUnsigned) { - Contract.Requires(response != null); - ErrorUtilities.VerifyArgumentNotNull(response, "response"); + Contract.Requires<ArgumentNullException>(response != null); var resp = (RelyingParty.IAuthenticationResponse)response; var sreg = allowUnsigned ? resp.GetUntrustedExtension<ClaimsResponse>() : resp.GetExtension<ClaimsResponse>(); @@ -137,8 +135,7 @@ namespace DotNetOpenAuth.OpenId.Extensions { /// or a fabricated one based on the Attribute Exchange extension if found, /// or <c>null</c> if no attribute extension request is found.</returns> internal static ClaimsRequest UnifyExtensionsAsSreg(this Provider.IHostProcessedRequest request) { - Contract.Requires(request != null); - ErrorUtilities.VerifyArgumentNotNull(request, "request"); + Contract.Requires<ArgumentNullException>(request != null); var req = (Provider.AuthenticationRequest)request; var sreg = req.GetExtension<ClaimsRequest>(); @@ -255,8 +252,8 @@ namespace DotNetOpenAuth.OpenId.Extensions { /// <param name="typeUri">The type URI of the attribute in axschema.org format.</param> /// <returns>The demand level for the attribute.</returns> private static DemandLevel GetDemandLevelFor(FetchRequest ax, string typeUri) { - Contract.Requires(ax != null); - Contract.Requires(!String.IsNullOrEmpty(typeUri)); + Contract.Requires<ArgumentNullException>(ax != null); + Contract.Requires<ArgumentException>(!String.IsNullOrEmpty(typeUri)); foreach (AXAttributeFormats format in ForEachFormat(AXAttributeFormats.All)) { string typeUriInFormat = TransformAXFormat(typeUri, format); @@ -275,7 +272,7 @@ namespace DotNetOpenAuth.OpenId.Extensions { /// <param name="attributeFormat">The attribute formats the RP will try if this discovery fails.</param> /// <returns>The AX format(s) to use based on the Provider's advertised AX support.</returns> private static bool TryDetectOPAttributeFormat(RelyingParty.IAuthenticationRequest request, out AXAttributeFormats attributeFormat) { - Contract.Requires(request != null); + Contract.Requires<ArgumentNullException>(request != null); var provider = (RelyingParty.ServiceEndpoint)request.Provider; attributeFormat = DetectAXFormat(provider.ProviderDescription.Capabilities); return attributeFormat != AXAttributeFormats.None; @@ -287,7 +284,7 @@ namespace DotNetOpenAuth.OpenId.Extensions { /// <param name="typeURIs">The type URIs to scan for recognized formats.</param> /// <returns>The first AX type URI format recognized in the list.</returns> private static AXAttributeFormats DetectAXFormat(IEnumerable<string> typeURIs) { - Contract.Requires(typeURIs != null); + Contract.Requires<ArgumentNullException>(typeURIs != null); if (typeURIs.Any(uri => uri.StartsWith("http://axschema.org/", StringComparison.Ordinal))) { return AXAttributeFormats.AXSchemaOrg; @@ -311,7 +308,7 @@ namespace DotNetOpenAuth.OpenId.Extensions { /// <param name="targetFormat">The target format. Only one flag should be set.</param> /// <returns>The AX attribute type URI in the target format.</returns> private static string TransformAXFormat(string axSchemaOrgFormatTypeUri, AXAttributeFormats targetFormat) { - Contract.Requires(!String.IsNullOrEmpty(axSchemaOrgFormatTypeUri)); + Contract.Requires<ArgumentException>(!String.IsNullOrEmpty(axSchemaOrgFormatTypeUri)); switch (targetFormat) { case AXAttributeFormats.AXSchemaOrg: @@ -352,8 +349,8 @@ namespace DotNetOpenAuth.OpenId.Extensions { /// <param name="axSchemaOrgFormatAttribute">The attribute in axschema.org format.</param> /// <param name="demandLevel">The demand level.</param> private static void FetchAttribute(FetchRequest ax, AXAttributeFormats format, string axSchemaOrgFormatAttribute, DemandLevel demandLevel) { - Contract.Requires(ax != null); - Contract.Requires(!String.IsNullOrEmpty(axSchemaOrgFormatAttribute)); + Contract.Requires<ArgumentNullException>(ax != null); + Contract.Requires<ArgumentException>(!String.IsNullOrEmpty(axSchemaOrgFormatAttribute)); string typeUri = TransformAXFormat(axSchemaOrgFormatAttribute, format); if (!ax.Attributes.Contains(typeUri)) { diff --git a/src/DotNetOpenAuth/OpenId/Extensions/UI/UIUtilities.cs b/src/DotNetOpenAuth/OpenId/Extensions/UI/UIUtilities.cs index da6e089..af98348 100644 --- a/src/DotNetOpenAuth/OpenId/Extensions/UI/UIUtilities.cs +++ b/src/DotNetOpenAuth/OpenId/Extensions/UI/UIUtilities.cs @@ -36,7 +36,7 @@ namespace DotNetOpenAuth.OpenId.Extensions.UI { internal static string GetWindowPopupScript(OpenIdRelyingParty relyingParty, IAuthenticationRequest request, string windowName) { Contract.Requires<ArgumentNullException>(relyingParty != null); Contract.Requires<ArgumentNullException>(request != null); - Contract.Requires(!string.IsNullOrEmpty(windowName)); + Contract.Requires<ArgumentException>(!string.IsNullOrEmpty(windowName)); Uri popupUrl = request.RedirectingResponse.GetDirectUriRequest(relyingParty.Channel); diff --git a/src/DotNetOpenAuth/OpenId/HmacShaAssociation.cs b/src/DotNetOpenAuth/OpenId/HmacShaAssociation.cs index c1b8b27..f95536c 100644 --- a/src/DotNetOpenAuth/OpenId/HmacShaAssociation.cs +++ b/src/DotNetOpenAuth/OpenId/HmacShaAssociation.cs @@ -69,7 +69,7 @@ namespace DotNetOpenAuth.OpenId { private HmacShaAssociation(HmacSha typeIdentity, string handle, byte[] secret, TimeSpan totalLifeLength) : base(handle, secret, totalLifeLength, DateTime.UtcNow) { Contract.Requires<ArgumentNullException>(typeIdentity != null); - Contract.Requires(!String.IsNullOrEmpty(handle)); + Contract.Requires<ArgumentException>(!String.IsNullOrEmpty(handle)); Contract.Requires<ArgumentNullException>(secret != null); Contract.Requires<ArgumentOutOfRangeException>(totalLifeLength > TimeSpan.Zero); Contract.Ensures(this.TotalLifeLength == totalLifeLength); @@ -99,7 +99,7 @@ namespace DotNetOpenAuth.OpenId { /// <returns>The newly created association.</returns> public static HmacShaAssociation Create(Protocol protocol, string associationType, string handle, byte[] secret, TimeSpan totalLifeLength) { Contract.Requires<ArgumentNullException>(protocol != null); - Contract.Requires(!String.IsNullOrEmpty(associationType)); + Contract.Requires<ArgumentException>(!String.IsNullOrEmpty(associationType)); Contract.Requires<ArgumentNullException>(secret != null); Contract.Ensures(Contract.Result<HmacShaAssociation>() != null); @@ -116,7 +116,7 @@ namespace DotNetOpenAuth.OpenId { /// <param name="totalLifeLength">Total lifetime.</param> /// <returns>The newly created association.</returns> public static HmacShaAssociation Create(string handle, byte[] secret, TimeSpan totalLifeLength) { - Contract.Requires(!String.IsNullOrEmpty(handle)); + Contract.Requires<ArgumentException>(!String.IsNullOrEmpty(handle)); Contract.Requires<ArgumentNullException>(secret != null); Contract.Ensures(Contract.Result<HmacShaAssociation>() != null); @@ -152,7 +152,7 @@ namespace DotNetOpenAuth.OpenId { /// </remarks> internal static HmacShaAssociation Create(Protocol protocol, string associationType, AssociationRelyingPartyType associationUse, ProviderSecuritySettings securitySettings) { Contract.Requires<ArgumentNullException>(protocol != null); - Contract.Requires(!String.IsNullOrEmpty(associationType)); + Contract.Requires<ArgumentException>(!String.IsNullOrEmpty(associationType)); Contract.Requires<ArgumentNullException>(securitySettings != null); Contract.Ensures(Contract.Result<HmacShaAssociation>() != null); @@ -243,7 +243,7 @@ namespace DotNetOpenAuth.OpenId { /// </returns> internal static bool IsDHSessionCompatible(Protocol protocol, string associationType, string sessionType) { Contract.Requires<ArgumentNullException>(protocol != null); - Contract.Requires(!String.IsNullOrEmpty(associationType)); + Contract.Requires<ArgumentException>(!String.IsNullOrEmpty(associationType)); Contract.Requires<ArgumentNullException>(sessionType != null); // All association types can work when no DH session is used at all. diff --git a/src/DotNetOpenAuth/OpenId/Identifier.cs b/src/DotNetOpenAuth/OpenId/Identifier.cs index ee08f9f..c8aa8c0 100644 --- a/src/DotNetOpenAuth/OpenId/Identifier.cs +++ b/src/DotNetOpenAuth/OpenId/Identifier.cs @@ -51,7 +51,7 @@ namespace DotNetOpenAuth.OpenId { [SuppressMessage("Microsoft.Usage", "CA2225:OperatorOverloadsHaveNamedAlternates", Justification = "Our named alternate is Parse.")] [DebuggerStepThrough] public static implicit operator Identifier(string identifier) { - Contract.Requires(identifier == null || identifier.Length > 0); + Contract.Requires<ArgumentException>(identifier == null || identifier.Length > 0); if (identifier == null) { return null; } @@ -136,7 +136,7 @@ namespace DotNetOpenAuth.OpenId { /// </returns> [SuppressMessage("Microsoft.Usage", "CA2234:PassSystemUriObjectsInsteadOfStrings", Justification = "Some of these identifiers are not properly formatted to be Uris at this stage.")] public static bool IsValid(string identifier) { - Contract.Requires(!string.IsNullOrEmpty(identifier)); + Contract.Requires<ArgumentException>(!string.IsNullOrEmpty(identifier)); return XriIdentifier.IsValidXri(identifier) || UriIdentifier.IsValidUri(identifier); } diff --git a/src/DotNetOpenAuth/OpenId/Messages/AssociateSuccessfulResponse.cs b/src/DotNetOpenAuth/OpenId/Messages/AssociateSuccessfulResponse.cs index 0b6c9fc..137cd60 100644 --- a/src/DotNetOpenAuth/OpenId/Messages/AssociateSuccessfulResponse.cs +++ b/src/DotNetOpenAuth/OpenId/Messages/AssociateSuccessfulResponse.cs @@ -108,7 +108,7 @@ namespace DotNetOpenAuth.OpenId.Messages { /// quite different operations in either scenario.</para> /// </remarks> internal Association CreateAssociation(AssociateRequest request, ProviderSecuritySettings securitySettings) { - ErrorUtilities.VerifyArgumentNotNull(request, "request"); + Contract.Requires<ArgumentNullException>(request != null); ErrorUtilities.VerifyInternal(!this.associationCreated, "The association has already been created."); Association association; diff --git a/src/DotNetOpenAuth/OpenId/Messages/CheckAuthenticationRequest.cs b/src/DotNetOpenAuth/OpenId/Messages/CheckAuthenticationRequest.cs index 6579325..5306c54 100644 --- a/src/DotNetOpenAuth/OpenId/Messages/CheckAuthenticationRequest.cs +++ b/src/DotNetOpenAuth/OpenId/Messages/CheckAuthenticationRequest.cs @@ -42,7 +42,6 @@ namespace DotNetOpenAuth.OpenId.Messages { internal CheckAuthenticationRequest(IndirectSignedResponse message, Channel channel) : base(message.Version, message.ProviderEndpoint, GetProtocolConstant(message.Version, p => p.Args.Mode.check_authentication), MessageTransport.Direct) { Contract.Requires<ArgumentNullException>(channel != null); - ErrorUtilities.VerifyArgumentNotNull(channel, "channel"); // Copy all message parts from the id_res message into this one, // except for the openid.mode parameter. diff --git a/src/DotNetOpenAuth/OpenId/Messages/CheckAuthenticationResponse.cs b/src/DotNetOpenAuth/OpenId/Messages/CheckAuthenticationResponse.cs index c34d2b4..61825e8 100644 --- a/src/DotNetOpenAuth/OpenId/Messages/CheckAuthenticationResponse.cs +++ b/src/DotNetOpenAuth/OpenId/Messages/CheckAuthenticationResponse.cs @@ -7,6 +7,7 @@ namespace DotNetOpenAuth.OpenId.Messages { using System; using System.Collections.Generic; + using System.Diagnostics.Contracts; using System.Linq; using System.Text; using DotNetOpenAuth.Messaging; @@ -36,7 +37,7 @@ namespace DotNetOpenAuth.OpenId.Messages { /// <param name="provider">The OpenID Provider that is preparing to send this response.</param> internal CheckAuthenticationResponse(CheckAuthenticationRequest request, OpenIdProvider provider) : base(request.Version, request) { - ErrorUtilities.VerifyArgumentNotNull(provider, "provider"); + Contract.Requires<ArgumentNullException>(provider != null); // The channel's binding elements have already set the request's IsValid property // appropriately. We just copy it into the response message. diff --git a/src/DotNetOpenAuth/OpenId/Messages/DirectResponseBase.cs b/src/DotNetOpenAuth/OpenId/Messages/DirectResponseBase.cs index dd9c927..e7619bc 100644 --- a/src/DotNetOpenAuth/OpenId/Messages/DirectResponseBase.cs +++ b/src/DotNetOpenAuth/OpenId/Messages/DirectResponseBase.cs @@ -9,6 +9,7 @@ namespace DotNetOpenAuth.OpenId.Messages { using System.Collections.Generic; using System.Diagnostics; using System.Diagnostics.CodeAnalysis; + using System.Diagnostics.Contracts; using DotNetOpenAuth.Messaging; /// <summary> @@ -53,7 +54,7 @@ namespace DotNetOpenAuth.OpenId.Messages { /// <param name="responseVersion">The OpenID version of the response message.</param> /// <param name="originatingRequest">The originating request. May be null in case the request is unrecognizable and this is an error response.</param> protected DirectResponseBase(Version responseVersion, IDirectedProtocolMessage originatingRequest) { - ErrorUtilities.VerifyArgumentNotNull(responseVersion, "responseVersion"); + Contract.Requires<ArgumentNullException>(responseVersion != null); this.Version = responseVersion; this.originatingRequest = originatingRequest; diff --git a/src/DotNetOpenAuth/OpenId/Messages/IndirectResponseBase.cs b/src/DotNetOpenAuth/OpenId/Messages/IndirectResponseBase.cs index 1147790..d53b9d0 100644 --- a/src/DotNetOpenAuth/OpenId/Messages/IndirectResponseBase.cs +++ b/src/DotNetOpenAuth/OpenId/Messages/IndirectResponseBase.cs @@ -7,6 +7,7 @@ namespace DotNetOpenAuth.OpenId.Messages { using System; using System.Collections.Generic; + using System.Diagnostics.Contracts; using System.Linq; using System.Text; using DotNetOpenAuth.Messaging; @@ -23,7 +24,7 @@ namespace DotNetOpenAuth.OpenId.Messages { /// <param name="mode">The value of the openid.mode parameter.</param> protected IndirectResponseBase(SignedResponseRequest request, string mode) : base(GetVersion(request), GetReturnTo(request), mode, MessageTransport.Indirect) { - ErrorUtilities.VerifyArgumentNotNull(request, "request"); + Contract.Requires<ArgumentNullException>(request != null); this.OriginatingRequest = request; } @@ -56,7 +57,7 @@ namespace DotNetOpenAuth.OpenId.Messages { /// instead of a <see cref="NullReferenceException"/>. /// </remarks> internal static Version GetVersion(IProtocolMessage message) { - ErrorUtilities.VerifyArgumentNotNull(message, "message"); + Contract.Requires<ArgumentNullException>(message != null); return message.Version; } @@ -70,7 +71,7 @@ namespace DotNetOpenAuth.OpenId.Messages { /// instead of a <see cref="NullReferenceException"/>. /// </remarks> private static Uri GetReturnTo(SignedResponseRequest message) { - ErrorUtilities.VerifyArgumentNotNull(message, "message"); + Contract.Requires<ArgumentNullException>(message != null); ErrorUtilities.VerifyProtocol(message.ReturnTo != null, OpenIdStrings.ReturnToRequiredForResponse); return message.ReturnTo; } diff --git a/src/DotNetOpenAuth/OpenId/Messages/RequestBase.cs b/src/DotNetOpenAuth/OpenId/Messages/RequestBase.cs index 7189583..8a4a2a6 100644 --- a/src/DotNetOpenAuth/OpenId/Messages/RequestBase.cs +++ b/src/DotNetOpenAuth/OpenId/Messages/RequestBase.cs @@ -9,6 +9,7 @@ namespace DotNetOpenAuth.OpenId.Messages { using System.Collections.Generic; using System.Diagnostics; using System.Diagnostics.CodeAnalysis; + using System.Diagnostics.Contracts; using DotNetOpenAuth.Messaging; /// <summary> @@ -181,7 +182,7 @@ namespace DotNetOpenAuth.OpenId.Messages { /// instead of a <see cref="NullReferenceException"/>. /// </remarks> protected static string GetProtocolConstant(Version protocolVersion, Func<Protocol, string> mode) { - ErrorUtilities.VerifyArgumentNotNull(protocolVersion, "protocolVersion"); + Contract.Requires<ArgumentNullException>(protocolVersion != null); return mode(Protocol.Lookup(protocolVersion)); } } diff --git a/src/DotNetOpenAuth/OpenId/NoDiscoveryIdentifier.cs b/src/DotNetOpenAuth/OpenId/NoDiscoveryIdentifier.cs index eb8e606..3b65178 100644 --- a/src/DotNetOpenAuth/OpenId/NoDiscoveryIdentifier.cs +++ b/src/DotNetOpenAuth/OpenId/NoDiscoveryIdentifier.cs @@ -31,7 +31,6 @@ namespace DotNetOpenAuth.OpenId { internal NoDiscoveryIdentifier(Identifier wrappedIdentifier, bool claimSsl) : base(claimSsl) { Contract.Requires<ArgumentNullException>(wrappedIdentifier != null); - ErrorUtilities.VerifyArgumentNotNull(wrappedIdentifier, "wrappedIdentifier"); this.wrappedIdentifier = wrappedIdentifier; } diff --git a/src/DotNetOpenAuth/OpenId/Provider/AnonymousRequest.cs b/src/DotNetOpenAuth/OpenId/Provider/AnonymousRequest.cs index 430e1bc..d2efc19 100644 --- a/src/DotNetOpenAuth/OpenId/Provider/AnonymousRequest.cs +++ b/src/DotNetOpenAuth/OpenId/Provider/AnonymousRequest.cs @@ -29,7 +29,7 @@ namespace DotNetOpenAuth.OpenId.Provider { internal AnonymousRequest(OpenIdProvider provider, SignedResponseRequest request) : base(provider, request) { Contract.Requires<ArgumentNullException>(provider != null); - Contract.Requires(!(request is CheckIdRequest), "Instantiate " + typeof(AuthenticationRequest).Name + " to handle this kind of message."); + Contract.Requires<ArgumentException>(!(request is CheckIdRequest), "Instantiate " + typeof(AuthenticationRequest).Name + " to handle this kind of message."); this.positiveResponse = new IndirectSignedResponse(request); } diff --git a/src/DotNetOpenAuth/OpenId/Provider/AuthenticationRequest.cs b/src/DotNetOpenAuth/OpenId/Provider/AuthenticationRequest.cs index 2f5bab1..f4ddc97 100644 --- a/src/DotNetOpenAuth/OpenId/Provider/AuthenticationRequest.cs +++ b/src/DotNetOpenAuth/OpenId/Provider/AuthenticationRequest.cs @@ -191,9 +191,6 @@ namespace DotNetOpenAuth.OpenId.Provider { /// request before the <see cref="ClaimedIdentifier"/> property is set. /// </exception> public void SetClaimedIdentifierFragment(string fragment) { - ErrorUtilities.VerifyOperation(!(this.IsDirectedIdentity && this.ClaimedIdentifier == null), OpenIdStrings.ClaimedIdentifierMustBeSetFirst); - ErrorUtilities.VerifyOperation(!(this.ClaimedIdentifier is XriIdentifier), OpenIdStrings.FragmentNotAllowedOnXRIs); - UriBuilder builder = new UriBuilder(this.ClaimedIdentifier); builder.Fragment = fragment; this.positiveResponse.ClaimedIdentifier = builder.Uri; @@ -204,8 +201,7 @@ namespace DotNetOpenAuth.OpenId.Provider { /// </summary> /// <param name="identifier">The value to set to the <see cref="ClaimedIdentifier"/> and <see cref="LocalIdentifier"/> properties.</param> internal void ResetClaimedAndLocalIdentifiers(Identifier identifier) { - Contract.Requires(identifier != null); - ErrorUtilities.VerifyArgumentNotNull(identifier, "identifier"); + Contract.Requires<ArgumentNullException>(identifier != null); this.positiveResponse.ClaimedIdentifier = identifier; this.positiveResponse.LocalIdentifier = identifier; diff --git a/src/DotNetOpenAuth/OpenId/Provider/HostProcessedRequest.cs b/src/DotNetOpenAuth/OpenId/Provider/HostProcessedRequest.cs index bca7cc5..8c1fafc 100644 --- a/src/DotNetOpenAuth/OpenId/Provider/HostProcessedRequest.cs +++ b/src/DotNetOpenAuth/OpenId/Provider/HostProcessedRequest.cs @@ -105,7 +105,6 @@ namespace DotNetOpenAuth.OpenId.Provider { /// See OpenID Authentication 2.0 spec section 9.2.1. /// </remarks> public RelyingPartyDiscoveryResult IsReturnUrlDiscoverable(OpenIdProvider provider) { - ErrorUtilities.VerifyArgumentNotNull(provider, "provider"); if (!this.realmDiscoveryResult.HasValue) { this.realmDiscoveryResult = this.IsReturnUrlDiscoverableCore(provider); } @@ -120,7 +119,7 @@ namespace DotNetOpenAuth.OpenId.Provider { /// <param name="provider">The OpenIdProvider that is performing the RP discovery.</param> /// <returns>Result of realm discovery.</returns> private RelyingPartyDiscoveryResult IsReturnUrlDiscoverableCore(OpenIdProvider provider) { - Contract.Requires(provider != null); + Contract.Requires<ArgumentNullException>(provider != null); ErrorUtilities.VerifyInternal(this.Realm != null, "Realm should have been read or derived by now."); diff --git a/src/DotNetOpenAuth/OpenId/Provider/IAuthenticationRequest.cs b/src/DotNetOpenAuth/OpenId/Provider/IAuthenticationRequest.cs index bb837b5..3df7a64 100644 --- a/src/DotNetOpenAuth/OpenId/Provider/IAuthenticationRequest.cs +++ b/src/DotNetOpenAuth/OpenId/Provider/IAuthenticationRequest.cs @@ -7,6 +7,7 @@ namespace DotNetOpenAuth.OpenId.Provider { using System; using System.Collections.Generic; + using System.Diagnostics.Contracts; using System.Text; using DotNetOpenAuth.Messaging; @@ -15,6 +16,7 @@ namespace DotNetOpenAuth.OpenId.Provider { /// This interface provides the details of the request and allows setting /// the response. /// </summary> + [ContractClass(typeof(IAuthenticationRequestContract))] public interface IAuthenticationRequest : IHostProcessedRequest { /// <summary> /// Gets a value indicating whether the Provider should help the user @@ -93,4 +95,243 @@ namespace DotNetOpenAuth.OpenId.Provider { /// </exception> void SetClaimedIdentifierFragment(string fragment); } + + /// <summary> + /// Code contract class for the <see cref="IAuthenticationRequest"/> type. + /// </summary> + [ContractClassFor(typeof(IAuthenticationRequest))] + internal abstract class IAuthenticationRequestContract : IAuthenticationRequest { + /// <summary> + /// Initializes a new instance of the <see cref="IAuthenticationRequestContract"/> class. + /// </summary> + protected IAuthenticationRequestContract() { + } + + #region IAuthenticationRequest Properties + + /// <summary> + /// Gets a value indicating whether the Provider should help the user + /// select a Claimed Identifier to send back to the relying party. + /// </summary> + bool IAuthenticationRequest.IsDirectedIdentity { + get { throw new NotImplementedException(); } + } + + /// <summary> + /// Gets a value indicating whether the requesting Relying Party is using a delegated URL. + /// </summary> + /// <remarks> + /// When delegated identifiers are used, the <see cref="IAuthenticationRequest.ClaimedIdentifier"/> should not + /// be changed at the Provider during authentication. + /// Delegation is only detectable on requests originating from OpenID 2.0 relying parties. + /// A relying party implementing only OpenID 1.x may use delegation and this property will + /// return false anyway. + /// </remarks> + bool IAuthenticationRequest.IsDelegatedIdentifier { + get { throw new NotImplementedException(); } + } + + /// <summary> + /// Gets or sets the Local Identifier to this OpenID Provider of the user attempting + /// to authenticate. Check <see cref="IAuthenticationRequest.IsDirectedIdentity"/> to see if + /// this value is valid. + /// </summary> + /// <remarks> + /// This may or may not be the same as the Claimed Identifier that the user agent + /// originally supplied to the relying party. The Claimed Identifier + /// endpoint may be delegating authentication to this provider using + /// this provider's local id, which is what this property contains. + /// Use this identifier when looking up this user in the provider's user account + /// list. + /// </remarks> + Identifier IAuthenticationRequest.LocalIdentifier { + get { + throw new NotImplementedException(); + } + + set { + throw new NotImplementedException(); + } + } + + /// <summary> + /// Gets or sets the identifier that the user agent is claiming at the relying party site. + /// Check <see cref="IAuthenticationRequest.IsDirectedIdentity"/> to see if this value is valid. + /// </summary> + /// <remarks> + /// <para>This property can only be set if <see cref="IAuthenticationRequest.IsDelegatedIdentifier"/> is + /// false, to prevent breaking URL delegation.</para> + /// <para>This will not be the same as this provider's local identifier for the user + /// if the user has set up his/her own identity page that points to this + /// provider for authentication.</para> + /// <para>The provider may use this identifier for displaying to the user when + /// asking for the user's permission to authenticate to the relying party.</para> + /// </remarks> + /// <exception cref="InvalidOperationException">Thrown from the setter + /// if <see cref="IAuthenticationRequest.IsDelegatedIdentifier"/> is true.</exception> + Identifier IAuthenticationRequest.ClaimedIdentifier { + get { + throw new NotImplementedException(); + } + + set { + throw new NotImplementedException(); + } + } + + /// <summary> + /// Gets or sets a value indicating whether the provider has determined that the + /// <see cref="IAuthenticationRequest.ClaimedIdentifier"/> belongs to the currently logged in user + /// and wishes to share this information with the consumer. + /// </summary> + bool? IAuthenticationRequest.IsAuthenticated { + get { + throw new NotImplementedException(); + } + + set { + throw new NotImplementedException(); + } + } + + #endregion + + #region IHostProcessedRequest Properties + + /// <summary> + /// Gets the version of OpenID being used by the relying party that sent the request. + /// </summary> + ProtocolVersion IHostProcessedRequest.RelyingPartyVersion { + get { throw new NotImplementedException(); } + } + + /// <summary> + /// Gets the URL the consumer site claims to use as its 'base' address. + /// </summary> + Realm IHostProcessedRequest.Realm { + get { throw new NotImplementedException(); } + } + + /// <summary> + /// Gets a value indicating whether the consumer demands an immediate response. + /// If false, the consumer is willing to wait for the identity provider + /// to authenticate the user. + /// </summary> + bool IHostProcessedRequest.Immediate { + get { throw new NotImplementedException(); } + } + + #endregion + + #region IRequest Properties + + /// <summary> + /// Gets a value indicating whether the response is ready to be sent to the user agent. + /// </summary> + /// <remarks> + /// This property returns false if there are properties that must be set on this + /// request instance before the response can be sent. + /// </remarks> + bool IRequest.IsResponseReady { + get { throw new NotImplementedException(); } + } + + /// <summary> + /// Gets or sets the security settings that apply to this request. + /// </summary> + /// <value> + /// Defaults to the <see cref="OpenIdProvider.SecuritySettings"/> on the <see cref="OpenIdProvider"/>. + /// </value> + ProviderSecuritySettings IRequest.SecuritySettings { + get { + throw new NotImplementedException(); + } + + set { + throw new NotImplementedException(); + } + } + + #endregion + + #region IAuthenticationRequest Methods + + /// <summary> + /// Adds an optional fragment (#fragment) portion to the ClaimedIdentifier. + /// Useful for identifier recycling. + /// </summary> + /// <param name="fragment">Should not include the # prefix character as that will be added internally. + /// May be null or the empty string to clear a previously set fragment.</param> + /// <remarks> + /// <para>Unlike the <see cref="IAuthenticationRequest.ClaimedIdentifier"/> property, which can only be set if + /// using directed identity, this method can be called on any URI claimed identifier.</para> + /// <para>Because XRI claimed identifiers (the canonical IDs) are never recycled, + /// this method should<i>not</i> be called for XRIs.</para> + /// </remarks> + /// <exception cref="InvalidOperationException"> + /// Thrown when this method is called on an XRI, or on a directed identity + /// request before the <see cref="IAuthenticationRequest.ClaimedIdentifier"/> property is set. + /// </exception> + void IAuthenticationRequest.SetClaimedIdentifierFragment(string fragment) { + Contract.Requires<InvalidOperationException>(!(((IAuthenticationRequest)this).IsDirectedIdentity && ((IAuthenticationRequest)this).ClaimedIdentifier == null), OpenIdStrings.ClaimedIdentifierMustBeSetFirst); + Contract.Requires<InvalidOperationException>(!(((IAuthenticationRequest)this).ClaimedIdentifier is XriIdentifier), OpenIdStrings.FragmentNotAllowedOnXRIs); + + throw new NotImplementedException(); + } + + #endregion + + #region IHostProcessedRequest Methods + + /// <summary> + /// Attempts to perform relying party discovery of the return URL claimed by the Relying Party. + /// </summary> + /// <param name="provider">The OpenIdProvider that is performing the RP discovery.</param> + /// <returns> + /// The details of how successful the relying party discovery was. + /// </returns> + /// <remarks> + /// <para>Return URL verification is only attempted if this method is called.</para> + /// <para>See OpenID Authentication 2.0 spec section 9.2.1.</para> + /// </remarks> + RelyingPartyDiscoveryResult IHostProcessedRequest.IsReturnUrlDiscoverable(OpenIdProvider provider) { + throw new NotImplementedException(); + } + + #endregion + + #region IRequest Methods + + /// <summary> + /// Adds an extension to the response to send to the relying party. + /// </summary> + /// <param name="extension">The extension to add to the response message.</param> + void IRequest.AddResponseExtension(DotNetOpenAuth.OpenId.Messages.IOpenIdMessageExtension extension) { + throw new NotImplementedException(); + } + + /// <summary> + /// Gets an extension sent from the relying party. + /// </summary> + /// <typeparam name="T">The type of the extension.</typeparam> + /// <returns> + /// An instance of the extension initialized with values passed in with the request. + /// </returns> + T IRequest.GetExtension<T>() { + throw new NotImplementedException(); + } + + /// <summary> + /// Gets an extension sent from the relying party. + /// </summary> + /// <param name="extensionType">The type of the extension.</param> + /// <returns> + /// An instance of the extension initialized with values passed in with the request. + /// </returns> + DotNetOpenAuth.OpenId.Messages.IOpenIdMessageExtension IRequest.GetExtension(Type extensionType) { + throw new NotImplementedException(); + } + + #endregion + } } diff --git a/src/DotNetOpenAuth/OpenId/Provider/IDirectedIdentityIdentifierProvider.cs b/src/DotNetOpenAuth/OpenId/Provider/IDirectedIdentityIdentifierProvider.cs index 455f1bf..985bb54 100644 --- a/src/DotNetOpenAuth/OpenId/Provider/IDirectedIdentityIdentifierProvider.cs +++ b/src/DotNetOpenAuth/OpenId/Provider/IDirectedIdentityIdentifierProvider.cs @@ -37,6 +37,7 @@ namespace DotNetOpenAuth.OpenId.Provider { /// <returns> /// <c>true</c> if the given identifier is the valid, unique identifier for some uesr (and NOT a PPID); otherwise, <c>false</c>. /// </returns> + [Pure] bool IsUserLocalIdentifier(Identifier identifier); } @@ -58,9 +59,9 @@ namespace DotNetOpenAuth.OpenId.Provider { /// openid.claimed_id and openid.local_id parameters. Must not be null. /// </returns> Uri IDirectedIdentityIdentifierProvider.GetIdentifier(Identifier localIdentifier, Realm relyingPartyRealm) { - Contract.Requires(localIdentifier != null); - Contract.Requires(relyingPartyRealm != null); - + Contract.Requires<ArgumentNullException>(localIdentifier != null); + Contract.Requires<ArgumentNullException>(relyingPartyRealm != null); + Contract.Requires<ArgumentException>(((IDirectedIdentityIdentifierProvider)this).IsUserLocalIdentifier(localIdentifier), OpenIdStrings.ArgumentIsPpidIdentifier); throw new NotImplementedException(); } @@ -72,7 +73,7 @@ namespace DotNetOpenAuth.OpenId.Provider { /// <c>true</c> if the given identifier is the valid, unique identifier for some uesr (and NOT a PPID); otherwise, <c>false</c>. /// </returns> bool IDirectedIdentityIdentifierProvider.IsUserLocalIdentifier(Identifier identifier) { - Contract.Requires(identifier != null); + Contract.Requires<ArgumentNullException>(identifier != null); throw new NotImplementedException(); } diff --git a/src/DotNetOpenAuth/OpenId/Provider/IHostProcessedRequest.cs b/src/DotNetOpenAuth/OpenId/Provider/IHostProcessedRequest.cs index f605f31..c316167 100644 --- a/src/DotNetOpenAuth/OpenId/Provider/IHostProcessedRequest.cs +++ b/src/DotNetOpenAuth/OpenId/Provider/IHostProcessedRequest.cs @@ -155,7 +155,7 @@ namespace DotNetOpenAuth.OpenId.Provider { /// <para>See OpenID Authentication 2.0 spec section 9.2.1.</para> /// </remarks> RelyingPartyDiscoveryResult IHostProcessedRequest.IsReturnUrlDiscoverable(OpenIdProvider provider) { - Contract.Requires(provider != null); + Contract.Requires<ArgumentNullException>(provider != null); throw new System.NotImplementedException(); } diff --git a/src/DotNetOpenAuth/OpenId/Provider/IProviderBehavior.cs b/src/DotNetOpenAuth/OpenId/Provider/IProviderBehavior.cs index 48d40d4..ade0d8e 100644 --- a/src/DotNetOpenAuth/OpenId/Provider/IProviderBehavior.cs +++ b/src/DotNetOpenAuth/OpenId/Provider/IProviderBehavior.cs @@ -5,6 +5,8 @@ //----------------------------------------------------------------------- namespace DotNetOpenAuth.OpenId.Provider { + using System; + using System.Diagnostics.Contracts; using DotNetOpenAuth.OpenId.ChannelElements; /// <summary> @@ -14,6 +16,7 @@ namespace DotNetOpenAuth.OpenId.Provider { /// BEFORE MARKING THIS INTERFACE PUBLIC: it's very important that we shift the methods to be channel-level /// rather than facade class level and for the OpenIdChannel to be the one to invoke these methods. /// </remarks> + [ContractClass(typeof(IProviderBehaviorContract))] internal interface IProviderBehavior { /// <summary> /// Applies a well known set of security requirements to a default set of security settings. @@ -51,4 +54,65 @@ namespace DotNetOpenAuth.OpenId.Provider { /// </returns> bool OnOutgoingResponse(IAuthenticationRequest request); } + + /// <summary> + /// Code contract for the <see cref="IProviderBehavior"/> type. + /// </summary> + [ContractClassFor(typeof(IProviderBehavior))] + internal abstract class IProviderBehaviorContract : IProviderBehavior { + /// <summary> + /// Initializes a new instance of the <see cref="IProviderBehaviorContract"/> class. + /// </summary> + protected IProviderBehaviorContract() { + } + + #region IProviderBehavior Members + + /// <summary> + /// Applies a well known set of security requirements to a default set of security settings. + /// </summary> + /// <param name="securitySettings">The security settings to enhance with the requirements of this profile.</param> + /// <remarks> + /// Care should be taken to never decrease security when applying a profile. + /// Profiles should only enhance security requirements to avoid being + /// incompatible with each other. + /// </remarks> + void IProviderBehavior.ApplySecuritySettings(ProviderSecuritySettings securitySettings) { + Contract.Requires<ArgumentNullException>(securitySettings != null); + throw new System.NotImplementedException(); + } + + /// <summary> + /// Called when a request is received by the Provider. + /// </summary> + /// <param name="request">The incoming request.</param> + /// <returns> + /// <c>true</c> if this behavior owns this request and wants to stop other behaviors + /// from handling it; <c>false</c> to allow other behaviors to process this request. + /// </returns> + /// <remarks> + /// Implementations may set a new value to <see cref="IRequest.SecuritySettings"/> but + /// should not change the properties on the instance of <see cref="ProviderSecuritySettings"/> + /// itself as that instance may be shared across many requests. + /// </remarks> + bool IProviderBehavior.OnIncomingRequest(IRequest request) { + Contract.Requires<ArgumentNullException>(request != null); + throw new System.NotImplementedException(); + } + + /// <summary> + /// Called when the Provider is preparing to send a response to an authentication request. + /// </summary> + /// <param name="request">The request that is configured to generate the outgoing response.</param> + /// <returns> + /// <c>true</c> if this behavior owns this request and wants to stop other behaviors + /// from handling it; <c>false</c> to allow other behaviors to process this request. + /// </returns> + bool IProviderBehavior.OnOutgoingResponse(IAuthenticationRequest request) { + Contract.Requires<ArgumentNullException>(request != null); + throw new System.NotImplementedException(); + } + + #endregion + } } diff --git a/src/DotNetOpenAuth/OpenId/Provider/OpenIdProvider.cs b/src/DotNetOpenAuth/OpenId/Provider/OpenIdProvider.cs index 0fe7e5a..b114ac8 100644 --- a/src/DotNetOpenAuth/OpenId/Provider/OpenIdProvider.cs +++ b/src/DotNetOpenAuth/OpenId/Provider/OpenIdProvider.cs @@ -75,8 +75,6 @@ namespace DotNetOpenAuth.OpenId.Provider { Contract.Ensures(this.AssociationStore == associationStore); Contract.Ensures(this.SecuritySettings != null); Contract.Ensures(this.Channel != null); - ErrorUtilities.VerifyArgumentNotNull(associationStore, "associationStore"); - ErrorUtilities.VerifyArgumentNotNull(nonceStore, "nonceStore"); this.AssociationStore = associationStore; this.SecuritySettings = DotNetOpenAuthSection.Configuration.OpenId.Provider.SecuritySettings.CreateSecuritySettings(); @@ -201,7 +199,6 @@ namespace DotNetOpenAuth.OpenId.Provider { /// but deviates from the protocol specification irrecoverably.</exception> public IRequest GetRequest(HttpRequestInfo httpRequestInfo) { Contract.Requires<ArgumentNullException>(httpRequestInfo != null); - ErrorUtilities.VerifyArgumentNotNull(httpRequestInfo, "httpRequestInfo"); IDirectedProtocolMessage incomingMessage = null; try { @@ -298,7 +295,7 @@ namespace DotNetOpenAuth.OpenId.Provider { [SuppressMessage("Microsoft.Performance", "CA1800:DoNotCastUnnecessarily", Justification = "Code Contract requires that we cast early.")] public OutgoingWebResponse PrepareResponse(IRequest request) { Contract.Requires<ArgumentNullException>(request != null); - Contract.Requires(((Request)request).IsResponseReady); + Contract.Requires<ArgumentException>(((Request)request).IsResponseReady); this.ApplyBehaviorsToResponse(request); Request requestInternal = (Request)request; @@ -451,8 +448,6 @@ namespace DotNetOpenAuth.OpenId.Provider { private IRequest GetErrorResponse(ProtocolException ex, HttpRequestInfo httpRequestInfo, IDirectedProtocolMessage incomingMessage) { Contract.Requires<ArgumentNullException>(ex != null); Contract.Requires<ArgumentNullException>(httpRequestInfo != null); - ErrorUtilities.VerifyArgumentNotNull(ex, "ex"); - ErrorUtilities.VerifyArgumentNotNull(httpRequestInfo, "httpRequestInfo"); Logger.OpenId.Error("An exception was generated while processing an incoming OpenID request.", ex); IErrorMessage errorMessage; diff --git a/src/DotNetOpenAuth/OpenId/Provider/PrivatePersonalIdentifierProviderBase.cs b/src/DotNetOpenAuth/OpenId/Provider/PrivatePersonalIdentifierProviderBase.cs index 64d2908..b65609d 100644 --- a/src/DotNetOpenAuth/OpenId/Provider/PrivatePersonalIdentifierProviderBase.cs +++ b/src/DotNetOpenAuth/OpenId/Provider/PrivatePersonalIdentifierProviderBase.cs @@ -35,7 +35,7 @@ namespace DotNetOpenAuth.OpenId.Provider { /// </summary> /// <param name="baseIdentifier">The base URI on which to append the anonymous part.</param> public PrivatePersonalIdentifierProviderBase(Uri baseIdentifier) { - Contract.Requires(baseIdentifier != null); + Contract.Requires<ArgumentNullException>(baseIdentifier != null); ErrorUtilities.VerifyArgumentNotNull(baseIdentifier, "baseIdentifier"); this.Hasher = HashAlgorithm.Create(HashAlgorithmName); @@ -101,8 +101,7 @@ namespace DotNetOpenAuth.OpenId.Provider { } set { - Contract.Requires(value > 0); - ErrorUtilities.VerifyArgumentInRange(value > 0, "value"); + Contract.Requires<ArgumentOutOfRangeException>(value > 0); this.newSaltLength = value; } } @@ -120,10 +119,6 @@ namespace DotNetOpenAuth.OpenId.Provider { /// openid.claimed_id and openid.local_id parameters. Must not be null. /// </returns> public Uri GetIdentifier(Identifier localIdentifier, Realm relyingPartyRealm) { - ErrorUtilities.VerifyArgumentNotNull(localIdentifier, "localIdentifier"); - ErrorUtilities.VerifyArgumentNotNull(relyingPartyRealm, "relyingPartyRealm"); - ErrorUtilities.VerifyArgumentNamed(this.IsUserLocalIdentifier(localIdentifier), "localIdentifier", OpenIdStrings.ArgumentIsPpidIdentifier); - byte[] salt = this.GetHashSaltForLocalIdentifier(localIdentifier); string valueToHash = localIdentifier + "#"; switch (this.PairwiseUnique) { @@ -184,8 +179,7 @@ namespace DotNetOpenAuth.OpenId.Provider { /// <param name="uriHash">The unique part of the Identifier to append to the common first part.</param> /// <returns>The full PPID Identifier.</returns> protected virtual Uri AppendIdentifiers(string uriHash) { - Contract.Requires(!String.IsNullOrEmpty(uriHash)); - ErrorUtilities.VerifyNonZeroLength(uriHash, "uriHash"); + Contract.Requires<ArgumentException>(!String.IsNullOrEmpty(uriHash)); if (string.IsNullOrEmpty(this.BaseIdentifier.Query)) { // The uriHash will appear on the path itself. diff --git a/src/DotNetOpenAuth/OpenId/Provider/Request.cs b/src/DotNetOpenAuth/OpenId/Provider/Request.cs index d2c0398..ab08593 100644 --- a/src/DotNetOpenAuth/OpenId/Provider/Request.cs +++ b/src/DotNetOpenAuth/OpenId/Provider/Request.cs @@ -55,8 +55,7 @@ namespace DotNetOpenAuth.OpenId.Provider { /// <param name="securitySettings">The security settings from the channel.</param> protected Request(IDirectedProtocolMessage request, ProviderSecuritySettings securitySettings) { Contract.Requires<ArgumentNullException>(request != null); - Contract.Requires(securitySettings != null); - ErrorUtilities.VerifyArgumentNotNull(securitySettings, "securitySettings"); + Contract.Requires<ArgumentNullException>(securitySettings != null); this.request = request; this.SecuritySettings = securitySettings; @@ -71,8 +70,7 @@ namespace DotNetOpenAuth.OpenId.Provider { /// <param name="securitySettings">The security settings.</param> protected Request(Version version, ProviderSecuritySettings securitySettings) { Contract.Requires<ArgumentNullException>(version != null); - Contract.Requires(securitySettings != null); - ErrorUtilities.VerifyArgumentNotNull(securitySettings, "securitySettings"); + Contract.Requires<ArgumentNullException>(securitySettings != null); this.protocolVersion = version; this.SecuritySettings = securitySettings; @@ -101,7 +99,7 @@ namespace DotNetOpenAuth.OpenId.Provider { /// <exception cref="InvalidOperationException">Thrown if <see cref="IsResponseReady"/> is <c>false</c>.</exception> internal IProtocolMessage Response { get { - Contract.Requires(this.IsResponseReady); + Contract.Requires<InvalidOperationException>(this.IsResponseReady); Contract.Ensures(Contract.Result<IProtocolMessage>() != null); ErrorUtilities.VerifyOperation(this.IsResponseReady, OpenIdStrings.ResponseNotReady); diff --git a/src/DotNetOpenAuth/OpenId/Provider/RequestContract.cs b/src/DotNetOpenAuth/OpenId/Provider/RequestContract.cs index b94b37d..dee140e 100644 --- a/src/DotNetOpenAuth/OpenId/Provider/RequestContract.cs +++ b/src/DotNetOpenAuth/OpenId/Provider/RequestContract.cs @@ -39,7 +39,7 @@ namespace DotNetOpenAuth.OpenId.Provider { /// </summary> protected override IProtocolMessage ResponseMessage { get { - Contract.Requires(this.IsResponseReady); + Contract.Requires<InvalidOperationException>(this.IsResponseReady); Contract.Ensures(Contract.Result<IProtocolMessage>() != null); throw new NotImplementedException(); } diff --git a/src/DotNetOpenAuth/OpenId/RelyingParty/AuthenticationResponseSnapshot.cs b/src/DotNetOpenAuth/OpenId/RelyingParty/AuthenticationResponseSnapshot.cs index 3fd7d20..a1b50d2 100644 --- a/src/DotNetOpenAuth/OpenId/RelyingParty/AuthenticationResponseSnapshot.cs +++ b/src/DotNetOpenAuth/OpenId/RelyingParty/AuthenticationResponseSnapshot.cs @@ -7,6 +7,7 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { using System; using System.Collections.Generic; + using System.Diagnostics.Contracts; using System.Text; using System.Web; using DotNetOpenAuth.Messaging; @@ -27,7 +28,7 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { /// </summary> /// <param name="copyFrom">The authentication response to copy from.</param> internal AuthenticationResponseSnapshot(IAuthenticationResponse copyFrom) { - ErrorUtilities.VerifyArgumentNotNull(copyFrom, "copyFrom"); + Contract.Requires<ArgumentNullException>(copyFrom != null); this.ClaimedIdentifier = copyFrom.ClaimedIdentifier; this.FriendlyIdentifierForDisplay = copyFrom.FriendlyIdentifierForDisplay; @@ -243,8 +244,6 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { /// <para>Note that these values are NOT protected against tampering in transit.</para> /// </remarks> public string GetCallbackArgument(string key) { - ErrorUtilities.VerifyArgumentNotNull(key, "key"); - string value; this.callbackArguments.TryGetValue(key, out value); return value; diff --git a/src/DotNetOpenAuth/OpenId/RelyingParty/FailedAuthenticationResponse.cs b/src/DotNetOpenAuth/OpenId/RelyingParty/FailedAuthenticationResponse.cs index d94af14..39bff28 100644 --- a/src/DotNetOpenAuth/OpenId/RelyingParty/FailedAuthenticationResponse.cs +++ b/src/DotNetOpenAuth/OpenId/RelyingParty/FailedAuthenticationResponse.cs @@ -8,6 +8,7 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { using System; using System.Collections.Generic; using System.Diagnostics; + using System.Diagnostics.Contracts; using System.Globalization; using System.Text; using System.Web; @@ -27,7 +28,7 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { /// </summary> /// <param name="exception">The exception that resulted in the failed authentication.</param> internal FailedAuthenticationResponse(Exception exception) { - ErrorUtilities.VerifyArgumentNotNull(exception, "exception"); + Contract.Requires<ArgumentNullException>(exception != null); this.Exception = exception; } diff --git a/src/DotNetOpenAuth/OpenId/RelyingParty/IAuthenticationResponse.cs b/src/DotNetOpenAuth/OpenId/RelyingParty/IAuthenticationResponse.cs index cc94de0..edffe9f 100644 --- a/src/DotNetOpenAuth/OpenId/RelyingParty/IAuthenticationResponse.cs +++ b/src/DotNetOpenAuth/OpenId/RelyingParty/IAuthenticationResponse.cs @@ -8,6 +8,8 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { using System; using System.Collections.Generic; using System.Diagnostics.CodeAnalysis; + using System.Diagnostics.Contracts; + using System.Globalization; using System.Text; using System.Web; using DotNetOpenAuth.OpenId.Extensions; @@ -24,6 +26,7 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { /// assertions. This interface does not offer a way to discern between /// solicited and unsolicited assertions as they should be treated equally. /// </remarks> + [ContractClass(typeof(IAuthenticationResponseContract))] public interface IAuthenticationResponse { /// <summary> /// Gets the Identifier that the end user claims to own. For use with user database storage and lookup. @@ -218,4 +221,241 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { /// </remarks> IOpenIdMessageExtension GetUntrustedExtension(Type extensionType); } + + /// <summary> + /// Code contract for the <see cref="IAuthenticationResponse"/> type. + /// </summary> + [ContractClassFor(typeof(IAuthenticationResponse))] + internal abstract class IAuthenticationResponseContract : IAuthenticationResponse { + /// <summary> + /// Initializes a new instance of the <see cref="IAuthenticationResponseContract"/> class. + /// </summary> + protected IAuthenticationResponseContract() { + } + + #region IAuthenticationResponse Members + + /// <summary> + /// Gets the Identifier that the end user claims to own. For use with user database storage and lookup. + /// May be null for some failed authentications (i.e. failed directed identity authentications). + /// </summary> + /// <value></value> + /// <remarks> + /// <para> + /// This is the secure identifier that should be used for database storage and lookup. + /// It is not always friendly (i.e. =Arnott becomes =!9B72.7DD1.50A9.5CCD), but it protects + /// user identities against spoofing and other attacks. + /// </para> + /// <para> + /// For user-friendly identifiers to display, use the + /// <see cref="IAuthenticationResponse.FriendlyIdentifierForDisplay"/> property. + /// </para> + /// </remarks> + Identifier IAuthenticationResponse.ClaimedIdentifier { + get { throw new NotImplementedException(); } + } + + /// <summary> + /// Gets a user-friendly OpenID Identifier for display purposes ONLY. + /// </summary> + /// <value></value> + /// <remarks> + /// <para> + /// This <i>should</i> be put through <see cref="HttpUtility.HtmlEncode(string)"/> before + /// sending to a browser to secure against javascript injection attacks. + /// </para> + /// <para> + /// This property retains some aspects of the user-supplied identifier that get lost + /// in the <see cref="IAuthenticationResponse.ClaimedIdentifier"/>. For example, XRIs used as user-supplied + /// identifiers (i.e. =Arnott) become unfriendly unique strings (i.e. =!9B72.7DD1.50A9.5CCD). + /// For display purposes, such as text on a web page that says "You're logged in as ...", + /// this property serves to provide the =Arnott string, or whatever else is the most friendly + /// string close to what the user originally typed in. + /// </para> + /// <para> + /// If the user-supplied identifier is a URI, this property will be the URI after all + /// redirects, and with the protocol and fragment trimmed off. + /// If the user-supplied identifier is an XRI, this property will be the original XRI. + /// If the user-supplied identifier is an OpenID Provider identifier (i.e. yahoo.com), + /// this property will be the Claimed Identifier, with the protocol stripped if it is a URI. + /// </para> + /// <para> + /// It is <b>very</b> important that this property <i>never</i> be used for database storage + /// or lookup to avoid identity spoofing and other security risks. For database storage + /// and lookup please use the <see cref="IAuthenticationResponse.ClaimedIdentifier"/> property. + /// </para> + /// </remarks> + string IAuthenticationResponse.FriendlyIdentifierForDisplay { + get { throw new NotImplementedException(); } + } + + /// <summary> + /// Gets the detailed success or failure status of the authentication attempt. + /// </summary> + /// <value></value> + AuthenticationStatus IAuthenticationResponse.Status { + get { throw new NotImplementedException(); } + } + + /// <summary> + /// Gets information about the OpenId Provider, as advertised by the + /// OpenID discovery documents found at the <see cref="IAuthenticationResponse.ClaimedIdentifier"/> + /// location, if available. + /// </summary> + /// <value> + /// The Provider endpoint that issued the positive assertion; + /// or <c>null</c> if information about the Provider is unavailable. + /// </value> + IProviderEndpoint IAuthenticationResponse.Provider { + get { throw new NotImplementedException(); } + } + + /// <summary> + /// Gets the details regarding a failed authentication attempt, if available. + /// This will be set if and only if <see cref="IAuthenticationResponse.Status"/> is <see cref="AuthenticationStatus.Failed"/>. + /// </summary> + /// <value></value> + Exception IAuthenticationResponse.Exception { + get { throw new NotImplementedException(); } + } + + /// <summary> + /// Gets a callback argument's value that was previously added using + /// <see cref="IAuthenticationRequest.AddCallbackArguments(string, string)"/>. + /// </summary> + /// <param name="key">The name of the parameter whose value is sought.</param> + /// <returns> + /// The value of the argument, or null if the named parameter could not be found. + /// </returns> + /// <remarks> + /// <para>This may return any argument on the querystring that came with the authentication response, + /// which may include parameters not explicitly added using + /// <see cref="IAuthenticationRequest.AddCallbackArguments(string, string)"/>.</para> + /// <para>Note that these values are NOT protected against tampering in transit.</para> + /// </remarks> + string IAuthenticationResponse.GetCallbackArgument(string key) { + Contract.Requires<ArgumentException>(!String.IsNullOrEmpty(key)); + throw new NotImplementedException(); + } + + /// <summary> + /// Gets all the callback arguments that were previously added using + /// <see cref="IAuthenticationRequest.AddCallbackArguments(string, string)"/> or as a natural part + /// of the return_to URL. + /// </summary> + /// <returns>A name-value dictionary. Never null.</returns> + /// <remarks> + /// <para>This MAY return any argument on the querystring that came with the authentication response, + /// which may include parameters not explicitly added using + /// <see cref="IAuthenticationRequest.AddCallbackArguments(string, string)"/>.</para> + /// <para>Note that these values are NOT protected against tampering in transit.</para> + /// </remarks> + IDictionary<string, string> IAuthenticationResponse.GetCallbackArguments() { + throw new NotImplementedException(); + } + + /// <summary> + /// Tries to get an OpenID extension that may be present in the response. + /// </summary> + /// <typeparam name="T">The type of extension to look for in the response message.</typeparam> + /// <returns> + /// The extension, if it is found. Null otherwise. + /// </returns> + /// <remarks> + /// <para>Extensions are returned only if the Provider signed them. + /// Relying parties that do not care if the values were modified in + /// transit should use the <see cref="IAuthenticationResponse.GetUntrustedExtension<T>"/> method + /// in order to allow the Provider to not sign the extension. </para> + /// <para>Unsigned extensions are completely unreliable and should be + /// used only to prefill user forms since the user or any other third + /// party may have tampered with the data carried by the extension.</para> + /// <para>Signed extensions are only reliable if the relying party + /// trusts the OpenID Provider that signed them. Signing does not mean + /// the relying party can trust the values -- it only means that the values + /// have not been tampered with since the Provider sent the message.</para> + /// </remarks> + T IAuthenticationResponse.GetExtension<T>() { + throw new NotImplementedException(); + } + + /// <summary> + /// Tries to get an OpenID extension that may be present in the response. + /// </summary> + /// <param name="extensionType">Type of the extension to look for in the response.</param> + /// <returns> + /// The extension, if it is found. Null otherwise. + /// </returns> + /// <remarks> + /// <para>Extensions are returned only if the Provider signed them. + /// Relying parties that do not care if the values were modified in + /// transit should use the <see cref="IAuthenticationResponse.GetUntrustedExtension"/> method + /// in order to allow the Provider to not sign the extension. </para> + /// <para>Unsigned extensions are completely unreliable and should be + /// used only to prefill user forms since the user or any other third + /// party may have tampered with the data carried by the extension.</para> + /// <para>Signed extensions are only reliable if the relying party + /// trusts the OpenID Provider that signed them. Signing does not mean + /// the relying party can trust the values -- it only means that the values + /// have not been tampered with since the Provider sent the message.</para> + /// </remarks> + IOpenIdMessageExtension IAuthenticationResponse.GetExtension(Type extensionType) { + Contract.Requires<ArgumentNullException>(extensionType != null); + Contract.Requires<ArgumentException>(typeof(IOpenIdMessageExtension).IsAssignableFrom(extensionType), string.Format(CultureInfo.CurrentCulture, OpenIdStrings.TypeMustImplementX, typeof(IOpenIdMessageExtension).FullName)); + throw new NotImplementedException(); + } + + /// <summary> + /// Tries to get an OpenID extension that may be present in the response, without + /// requiring it to be signed by the Provider. + /// </summary> + /// <typeparam name="T">The type of extension to look for in the response message.</typeparam> + /// <returns> + /// The extension, if it is found. Null otherwise. + /// </returns> + /// <remarks> + /// <para>Extensions are returned whether they are signed or not. + /// Use the <see cref="IAuthenticationResponse.GetExtension<T>"/> method to retrieve + /// extension responses only if they are signed by the Provider to + /// protect against tampering. </para> + /// <para>Unsigned extensions are completely unreliable and should be + /// used only to prefill user forms since the user or any other third + /// party may have tampered with the data carried by the extension.</para> + /// <para>Signed extensions are only reliable if the relying party + /// trusts the OpenID Provider that signed them. Signing does not mean + /// the relying party can trust the values -- it only means that the values + /// have not been tampered with since the Provider sent the message.</para> + /// </remarks> + T IAuthenticationResponse.GetUntrustedExtension<T>() { + throw new NotImplementedException(); + } + + /// <summary> + /// Tries to get an OpenID extension that may be present in the response, without + /// requiring it to be signed by the Provider. + /// </summary> + /// <param name="extensionType">Type of the extension to look for in the response.</param> + /// <returns> + /// The extension, if it is found. Null otherwise. + /// </returns> + /// <remarks> + /// <para>Extensions are returned whether they are signed or not. + /// Use the <see cref="IAuthenticationResponse.GetExtension"/> method to retrieve + /// extension responses only if they are signed by the Provider to + /// protect against tampering. </para> + /// <para>Unsigned extensions are completely unreliable and should be + /// used only to prefill user forms since the user or any other third + /// party may have tampered with the data carried by the extension.</para> + /// <para>Signed extensions are only reliable if the relying party + /// trusts the OpenID Provider that signed them. Signing does not mean + /// the relying party can trust the values -- it only means that the values + /// have not been tampered with since the Provider sent the message.</para> + /// </remarks> + IOpenIdMessageExtension IAuthenticationResponse.GetUntrustedExtension(Type extensionType) { + Contract.Requires<ArgumentNullException>(extensionType != null); + Contract.Requires<ArgumentException>(typeof(IOpenIdMessageExtension).IsAssignableFrom(extensionType), string.Format(CultureInfo.CurrentCulture, OpenIdStrings.TypeMustImplementX, typeof(IOpenIdMessageExtension).FullName)); + throw new NotImplementedException(); + } + + #endregion + } } diff --git a/src/DotNetOpenAuth/OpenId/RelyingParty/IProviderEndpoint.cs b/src/DotNetOpenAuth/OpenId/RelyingParty/IProviderEndpoint.cs index ed9d65a..b1ac3f6 100644 --- a/src/DotNetOpenAuth/OpenId/RelyingParty/IProviderEndpoint.cs +++ b/src/DotNetOpenAuth/OpenId/RelyingParty/IProviderEndpoint.cs @@ -7,6 +7,8 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { using System; using System.Diagnostics.CodeAnalysis; + using System.Diagnostics.Contracts; + using System.Globalization; using DotNetOpenAuth.Messaging; using DotNetOpenAuth.OpenId.Messages; @@ -18,6 +20,7 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { /// Because information provided by this interface is suppplied by a /// user's individually published documents, it may be incomplete or inaccurate. /// </remarks> + ////[ContractClass(typeof(IProviderEndpointContract))] public interface IProviderEndpoint { /// <summary> /// Gets the detected version of OpenID implemented by the Provider. @@ -58,4 +61,68 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { /// </remarks> bool IsExtensionSupported(Type extensionType); } + + // For some odd reason, having this next class causes our test project to fail to build with this error: + // C:\Program Files\MSBuild\Microsoft\VisualStudio\v9.0\TeamTest\Microsoft.TeamTest.targets(14,5): error : Method 'DotNetOpenAuth.OpenId.RelyingParty.IProviderEndpoint.IsExtensionSupported' does not have a method body. + /////// <summary> + /////// Code contract for the <see cref="IProviderEndpoint"/> type. + /////// </summary> + ////[ContractClassFor(typeof(IProviderEndpoint))] + ////internal abstract class IProviderEndpointContract : IProviderEndpoint { + //// #region IProviderEndpoint Members + + //// /// <summary> + //// /// Gets the detected version of OpenID implemented by the Provider. + //// /// </summary> + //// Version IProviderEndpoint.Version { + //// get { throw new NotImplementedException(); } + //// } + + //// /// <summary> + //// /// Gets the URL that the OpenID Provider receives authentication requests at. + //// /// </summary> + //// Uri IProviderEndpoint.Uri { + //// get { throw new NotImplementedException(); } + //// } + + //// /// <summary> + //// /// Checks whether the OpenId Identifier claims support for a given extension. + //// /// </summary> + //// /// <typeparam name="T">The extension whose support is being queried.</typeparam> + //// /// <returns> + //// /// True if support for the extension is advertised. False otherwise. + //// /// </returns> + //// /// <remarks> + //// /// Note that a true or false return value is no guarantee of a Provider's + //// /// support for or lack of support for an extension. The return value is + //// /// determined by how the authenticating user filled out his/her XRDS document only. + //// /// The only way to be sure of support for a given extension is to include + //// /// the extension in the request and see if a response comes back for that extension. + //// /// </remarks> + //// bool IProviderEndpoint.IsExtensionSupported<T>() { + //// throw new NotImplementedException(); + //// } + + //// /// <summary> + //// /// Checks whether the OpenId Identifier claims support for a given extension. + //// /// </summary> + //// /// <param name="extensionType">The extension whose support is being queried.</param> + //// /// <returns> + //// /// True if support for the extension is advertised. False otherwise. + //// /// </returns> + //// /// <remarks> + //// /// Note that a true or false return value is no guarantee of a Provider's + //// /// support for or lack of support for an extension. The return value is + //// /// determined by how the authenticating user filled out his/her XRDS document only. + //// /// The only way to be sure of support for a given extension is to include + //// /// the extension in the request and see if a response comes back for that extension. + //// /// </remarks> + //// bool IProviderEndpoint.IsExtensionSupported(Type extensionType) { + //// Contract.Requires<ArgumentNullException>(extensionType != null); + //// Contract.Requires<ArgumentException>(typeof(IOpenIdMessageExtension).IsAssignableFrom(extensionType), string.Format(CultureInfo.CurrentCulture, OpenIdStrings.TypeMustImplementX, typeof(IOpenIdMessageExtension).FullName)); + //// throw new NotImplementedException(); + //// } + + //// #endregion + ////} } diff --git a/src/DotNetOpenAuth/OpenId/RelyingParty/ISetupRequiredAuthenticationResponse.cs b/src/DotNetOpenAuth/OpenId/RelyingParty/ISetupRequiredAuthenticationResponse.cs index e4f220f..cfbccef 100644 --- a/src/DotNetOpenAuth/OpenId/RelyingParty/ISetupRequiredAuthenticationResponse.cs +++ b/src/DotNetOpenAuth/OpenId/RelyingParty/ISetupRequiredAuthenticationResponse.cs @@ -5,11 +5,15 @@ //----------------------------------------------------------------------- namespace DotNetOpenAuth.OpenId.RelyingParty { + using System; + using System.Diagnostics.Contracts; + /// <summary> /// An interface to expose useful properties and functionality for handling /// authentication responses that are returned from Immediate authentication /// requests that require a subsequent request to be made in non-immediate mode. /// </summary> + [ContractClass(typeof(ISetupRequiredAuthenticationResponseContract))] public interface ISetupRequiredAuthenticationResponse { /// <summary> /// Gets the <see cref="Identifier"/> to pass to <see cref="OpenIdRelyingParty.CreateRequest(Identifier)"/> @@ -17,4 +21,31 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { /// </summary> Identifier UserSuppliedIdentifier { get; } } + + /// <summary> + /// Code contract class for the <see cref="ISetupRequiredAuthenticationResponse"/> type. + /// </summary> + [ContractClassFor(typeof(ISetupRequiredAuthenticationResponse))] + internal abstract class ISetupRequiredAuthenticationResponseContract : ISetupRequiredAuthenticationResponse { + /// <summary> + /// Initializes a new instance of the <see cref="ISetupRequiredAuthenticationResponseContract"/> class. + /// </summary> + protected ISetupRequiredAuthenticationResponseContract() { + } + + #region ISetupRequiredAuthenticationResponse Members + + /// <summary> + /// Gets the <see cref="Identifier"/> to pass to <see cref="OpenIdRelyingParty.CreateRequest(Identifier)"/> + /// in a subsequent authentication attempt. + /// </summary> + Identifier ISetupRequiredAuthenticationResponse.UserSuppliedIdentifier { + get { + Contract.Requires<InvalidOperationException>(((IAuthenticationResponse)this).Status == AuthenticationStatus.SetupRequired, OpenIdStrings.OperationOnlyValidForSetupRequiredState); + throw new System.NotImplementedException(); + } + } + + #endregion + } } diff --git a/src/DotNetOpenAuth/OpenId/RelyingParty/NegativeAuthenticationResponse.cs b/src/DotNetOpenAuth/OpenId/RelyingParty/NegativeAuthenticationResponse.cs index e66ac28..6adc6d7 100644 --- a/src/DotNetOpenAuth/OpenId/RelyingParty/NegativeAuthenticationResponse.cs +++ b/src/DotNetOpenAuth/OpenId/RelyingParty/NegativeAuthenticationResponse.cs @@ -7,6 +7,7 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { using System; using System.Collections.Generic; + using System.Diagnostics.Contracts; using System.Web; using DotNetOpenAuth.Messaging; using DotNetOpenAuth.OpenId.Messages; @@ -27,7 +28,7 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { /// </summary> /// <param name="response">The negative assertion response received by the Relying Party.</param> internal NegativeAuthenticationResponse(NegativeAssertionResponse response) { - ErrorUtilities.VerifyArgumentNotNull(response, "response"); + Contract.Requires<ArgumentNullException>(response != null); this.response = response; } @@ -128,8 +129,6 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { /// <value></value> public Identifier UserSuppliedIdentifier { get { - ErrorUtilities.VerifyOperation(this.Status == AuthenticationStatus.SetupRequired, OpenIdStrings.OperationOnlyValidForSetupRequiredState); - string userSuppliedIdentifier; this.response.ExtraData.TryGetValue(AuthenticationRequest.UserSuppliedIdentifierParameterName, out userSuppliedIdentifier); return userSuppliedIdentifier; diff --git a/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdAjaxTextBox.cs b/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdAjaxTextBox.cs index 5d7a785..bb06163 100644 --- a/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdAjaxTextBox.cs +++ b/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdAjaxTextBox.cs @@ -862,7 +862,7 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { /// </remarks> [SuppressMessage("Microsoft.Design", "CA1004:GenericMethodsShouldProvideTypeParameter", Justification = "By design")] public void RegisterClientScriptExtension<T>(string propertyName) where T : IClientScriptExtensionResponse { - Contract.Requires(!String.IsNullOrEmpty(propertyName)); + Contract.Requires<ArgumentException>(!String.IsNullOrEmpty(propertyName)); ErrorUtilities.VerifyArgumentNamed(!this.clientScriptExtensions.ContainsValue(propertyName), "propertyName", OpenIdStrings.ClientScriptExtensionPropertyNameCollision, propertyName); foreach (var ext in this.clientScriptExtensions.Keys) { ErrorUtilities.VerifyArgument(ext != typeof(T), OpenIdStrings.ClientScriptExtensionTypeCollision, typeof(T).FullName); diff --git a/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdMobileTextBox.cs b/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdMobileTextBox.cs index a917e24..55160e1 100644 --- a/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdMobileTextBox.cs +++ b/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdMobileTextBox.cs @@ -11,6 +11,7 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { using System.ComponentModel; using System.Diagnostics; using System.Diagnostics.CodeAnalysis; + using System.Diagnostics.Contracts; using System.Globalization; using System.Text.RegularExpressions; using System.Web.Security; @@ -581,8 +582,8 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { /// </remarks> [SuppressMessage("Microsoft.Usage", "CA2234:PassSystemUriObjectsInsteadOfStrings", Justification = "Uri(Uri, string) accepts second arguments that Uri(Uri, new Uri(string)) does not that we must support.")] public IAuthenticationRequest CreateRequest() { - ErrorUtilities.VerifyOperation(this.Request == null, OpenIdStrings.CreateRequestAlreadyCalled); - ErrorUtilities.VerifyOperation(!string.IsNullOrEmpty(this.Text), OpenIdStrings.OpenIdTextBoxEmpty); + Contract.Requires<InvalidOperationException>(this.Request == null, OpenIdStrings.CreateRequestAlreadyCalled); + Contract.Requires<InvalidOperationException>(!string.IsNullOrEmpty(this.Text), OpenIdStrings.OpenIdTextBoxEmpty); try { // Resolve the trust root, and swap out the scheme and port if necessary to match the @@ -667,7 +668,7 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { /// </summary> /// <param name="response">The response.</param> protected virtual void OnLoggedIn(IAuthenticationResponse response) { - ErrorUtilities.VerifyArgumentNotNull(response, "response"); + Contract.Requires<ArgumentNullException>(response != null); ErrorUtilities.VerifyInternal(response.Status == AuthenticationStatus.Authenticated, "Firing OnLoggedIn event without an authenticated response."); var loggedIn = this.LoggedIn; @@ -686,7 +687,7 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { /// </summary> /// <param name="response">The response.</param> protected virtual void OnFailed(IAuthenticationResponse response) { - ErrorUtilities.VerifyArgumentNotNull(response, "response"); + Contract.Requires<ArgumentNullException>(response != null); ErrorUtilities.VerifyInternal(response.Status == AuthenticationStatus.Failed, "Firing Failed event for the wrong response type."); var failed = this.Failed; @@ -700,7 +701,7 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { /// </summary> /// <param name="response">The response.</param> protected virtual void OnCanceled(IAuthenticationResponse response) { - ErrorUtilities.VerifyArgumentNotNull(response, "response"); + Contract.Requires<ArgumentNullException>(response != null); ErrorUtilities.VerifyInternal(response.Status == AuthenticationStatus.Canceled, "Firing Canceled event for the wrong response type."); var canceled = this.Canceled; @@ -714,7 +715,7 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { /// </summary> /// <param name="response">The response.</param> protected virtual void OnSetupRequired(IAuthenticationResponse response) { - ErrorUtilities.VerifyArgumentNotNull(response, "response"); + Contract.Requires<ArgumentNullException>(response != null); ErrorUtilities.VerifyInternal(response.Status == AuthenticationStatus.SetupRequired, "Firing SetupRequired event for the wrong response type."); // Why are we firing Failed when we're OnSetupRequired? Backward compatibility. @@ -732,7 +733,7 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { /// </summary> /// <param name="request">The authentication request to add the extensions to.</param> private void AddProfileArgs(IAuthenticationRequest request) { - ErrorUtilities.VerifyArgumentNotNull(request, "request"); + Contract.Requires<ArgumentNullException>(request != null); request.AddExtension(new ClaimsRequest() { Nickname = this.RequestNickname, diff --git a/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdRelyingParty.cs b/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdRelyingParty.cs index 28b6c34..84b60bb 100644 --- a/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdRelyingParty.cs +++ b/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdRelyingParty.cs @@ -87,7 +87,7 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { // If we are a smart-mode RP (supporting associations), then we MUST also be // capable of storing nonces to prevent replay attacks. // If we're a dumb-mode RP, then 2.0 OPs are responsible for preventing replays. - Contract.Requires(associationStore == null || nonceStore != null); + Contract.Requires<ArgumentException>(associationStore == null || nonceStore != null); ErrorUtilities.VerifyArgument(associationStore == null || nonceStore != null, OpenIdStrings.AssociationStoreRequiresNonceStore); this.securitySettings = DotNetOpenAuthSection.Configuration.OpenId.RelyingParty.SecuritySettings.CreateSecuritySettings(); @@ -369,8 +369,6 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { Contract.Requires<ArgumentNullException>(realm != null); Contract.Requires<ArgumentNullException>(returnToUrl != null); Contract.Ensures(Contract.Result<IEnumerable<IAuthenticationRequest>>() != null); - ErrorUtilities.VerifyArgumentNotNull(realm, "realm"); - ErrorUtilities.VerifyArgumentNotNull(returnToUrl, "returnToUrl"); return AuthenticationRequest.Create(userSuppliedIdentifier, this, realm, returnToUrl, true).Cast<IAuthenticationRequest>(); } diff --git a/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdRelyingPartyAjaxControlBase.cs b/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdRelyingPartyAjaxControlBase.cs index fc58eef..3f46e53 100644 --- a/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdRelyingPartyAjaxControlBase.cs +++ b/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdRelyingPartyAjaxControlBase.cs @@ -92,9 +92,9 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { /// </summary> /// <param name="eventArgument">The identifier to perform discovery on.</param> void ICallbackEventHandler.RaiseCallbackEvent(string eventArgument) { + ErrorUtilities.VerifyNonZeroLength(eventArgument, "eventArgument"); string userSuppliedIdentifier = eventArgument; - ErrorUtilities.VerifyNonZeroLength(userSuppliedIdentifier, "userSuppliedIdentifier"); Logger.OpenId.InfoFormat("AJAX discovery on {0} requested.", userSuppliedIdentifier); // We prepare a JSON object with this interface: @@ -182,7 +182,7 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { /// used to determine the user's control of the <see cref="IAuthenticationRequest.ClaimedIdentifier"/>. /// </returns> private IEnumerable<IAuthenticationRequest> CreateRequestsCore(IEnumerable<IAuthenticationRequest> requests) { - Contract.Requires(requests != null); + Contract.Requires<ArgumentNullException>(requests != null); // Configure each generated request. int reqIndex = 0; diff --git a/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdRelyingPartyControlBase.cs b/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdRelyingPartyControlBase.cs index 0b83412..37d5881 100644 --- a/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdRelyingPartyControlBase.cs +++ b/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdRelyingPartyControlBase.cs @@ -502,10 +502,8 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { /// </summary> /// <param name="response">The response.</param> protected virtual void OnLoggedIn(IAuthenticationResponse response) { - Contract.Requires(response != null); - Contract.Requires(response.Status == AuthenticationStatus.Authenticated); - ErrorUtilities.VerifyArgumentNotNull(response, "response"); - ErrorUtilities.VerifyInternal(response.Status == AuthenticationStatus.Authenticated, "Firing OnLoggedIn event without an authenticated response."); + Contract.Requires<ArgumentNullException>(response != null); + Contract.Requires<ArgumentException>(response.Status == AuthenticationStatus.Authenticated); var loggedIn = this.LoggedIn; OpenIdEventArgs args = new OpenIdEventArgs(response); @@ -526,8 +524,7 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { /// Returns whether the login should proceed. False if some event handler canceled the request. /// </returns> protected virtual bool OnLoggingIn(IAuthenticationRequest request) { - Contract.Requires(request != null); - ErrorUtilities.VerifyArgumentNotNull(request, "request"); + Contract.Requires<ArgumentNullException>(request != null); EventHandler<OpenIdEventArgs> loggingIn = this.LoggingIn; @@ -544,10 +541,8 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { /// </summary> /// <param name="response">The response.</param> protected virtual void OnCanceled(IAuthenticationResponse response) { - Contract.Requires(response != null); - Contract.Requires(response.Status == AuthenticationStatus.Canceled); - ErrorUtilities.VerifyArgumentNotNull(response, "response"); - ErrorUtilities.VerifyInternal(response.Status == AuthenticationStatus.Canceled, "Firing Canceled event for the wrong response type."); + Contract.Requires<ArgumentNullException>(response != null); + Contract.Requires<ArgumentException>(response.Status == AuthenticationStatus.Canceled); var canceled = this.Canceled; if (canceled != null) { @@ -560,10 +555,8 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { /// </summary> /// <param name="response">The response.</param> protected virtual void OnFailed(IAuthenticationResponse response) { - Contract.Requires(response != null); - Contract.Requires(response.Status == AuthenticationStatus.Failed); - ErrorUtilities.VerifyArgumentNotNull(response, "response"); - ErrorUtilities.VerifyInternal(response.Status == AuthenticationStatus.Failed, "Firing Failed event for the wrong response type."); + Contract.Requires<ArgumentNullException>(response != null); + Contract.Requires<ArgumentException>(response.Status == AuthenticationStatus.Failed); var failed = this.Failed; if (failed != null) { @@ -596,8 +589,7 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { /// <c>true</c> if a popup should be used; <c>false</c> otherwise. /// </returns> protected virtual bool IsPopupAppropriate(IAuthenticationRequest request) { - Contract.Requires(request != null); - ErrorUtilities.VerifyArgumentNotNull(request, "request"); + Contract.Requires<ArgumentNullException>(request != null); switch (this.Popup) { case PopupBehavior.Never: @@ -619,10 +611,8 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { /// <param name="request">The outgoing authentication request.</param> /// <param name="windowStatus">The text to try to display in the status bar on mouse hover.</param> protected void RenderOpenIdMessageTransmissionAsAnchorAttributes(HtmlTextWriter writer, IAuthenticationRequest request, string windowStatus) { - Contract.Requires(writer != null); - Contract.Requires(request != null); - ErrorUtilities.VerifyArgumentNotNull(writer, "writer"); - ErrorUtilities.VerifyArgumentNotNull(request, "request"); + Contract.Requires<ArgumentNullException>(writer != null); + Contract.Requires<ArgumentNullException>(request != null); // We render a standard HREF attribute for non-javascript browsers. writer.AddAttribute(HtmlTextWriterAttribute.Href, request.RedirectingResponse.GetDirectUriRequest(this.RelyingParty.Channel).AbsoluteUri); @@ -643,7 +633,7 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { /// <param name="request">The authentication request to send.</param> /// <returns>The javascript that should execute.</returns> private string CreateGetOrPostAHrefValue(IAuthenticationRequest request) { - Contract.Requires(request != null); + Contract.Requires<ArgumentNullException>(request != null); ErrorUtilities.VerifyArgumentNotNull(request, "request"); Uri directUri = request.RedirectingResponse.GetDirectUriRequest(this.RelyingParty.Channel); @@ -655,8 +645,8 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { /// </summary> /// <param name="request">The request.</param> private void ScriptPopupWindow(IAuthenticationRequest request) { - Contract.Requires(request != null); - Contract.Requires(this.RelyingParty != null); + Contract.Requires<ArgumentNullException>(request != null); + Contract.Requires<InvalidOperationException>(this.RelyingParty != null); StringBuilder startupScript = new StringBuilder(); diff --git a/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdTextBox.cs b/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdTextBox.cs index 878e2b7..5fe8646 100644 --- a/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdTextBox.cs +++ b/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdTextBox.cs @@ -907,8 +907,8 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { /// </remarks> [SuppressMessage("Microsoft.Usage", "CA2234:PassSystemUriObjectsInsteadOfStrings", Justification = "Uri(Uri, string) accepts second arguments that Uri(Uri, new Uri(string)) does not that we must support.")] public IAuthenticationRequest CreateRequest() { - ErrorUtilities.VerifyOperation(this.Request == null, OpenIdStrings.CreateRequestAlreadyCalled); - ErrorUtilities.VerifyOperation(!string.IsNullOrEmpty(this.Text), OpenIdStrings.OpenIdTextBoxEmpty); + Contract.Requires<InvalidOperationException>(this.Request == null, OpenIdStrings.CreateRequestAlreadyCalled); + Contract.Requires<InvalidOperationException>(!string.IsNullOrEmpty(this.Text), OpenIdStrings.OpenIdTextBoxEmpty); try { // Approximate the returnTo (either based on the customize property or the page URL) @@ -1217,7 +1217,7 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { /// </summary> /// <returns><c>true</c> if a popup should be used; <c>false</c> otherwise.</returns> private bool IsPopupAppropriate() { - Contract.Requires(this.Request != null); + Contract.Requires<InvalidOperationException>(this.Request != null); return this.Popup == PopupBehavior.Always || this.Request.Provider.IsExtensionSupported<UIRequest>(); } @@ -1226,8 +1226,8 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { /// Wires the return page to immediately display a popup window with the Provider in it. /// </summary> private void ScriptPopupWindow() { - Contract.Requires(this.Request != null); - Contract.Requires(this.RelyingParty != null); + Contract.Requires<InvalidOperationException>(this.Request != null); + Contract.Requires<InvalidOperationException>(this.RelyingParty != null); this.Request.AddCallbackArguments(UIPopupCallbackKey, "1"); diff --git a/src/DotNetOpenAuth/OpenId/RelyingParty/PositiveAnonymousResponse.cs b/src/DotNetOpenAuth/OpenId/RelyingParty/PositiveAnonymousResponse.cs index 1b8c94d..9333c72 100644 --- a/src/DotNetOpenAuth/OpenId/RelyingParty/PositiveAnonymousResponse.cs +++ b/src/DotNetOpenAuth/OpenId/RelyingParty/PositiveAnonymousResponse.cs @@ -34,7 +34,6 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { /// <param name="response">The response message.</param> protected internal PositiveAnonymousResponse(IndirectSignedResponse response) { Contract.Requires<ArgumentNullException>(response != null); - ErrorUtilities.VerifyArgumentNotNull(response, "response"); this.response = response; if (response.ProviderEndpoint != null && response.Version != null) { @@ -235,7 +234,6 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { /// have not been tampered with since the Provider sent the message.</para> /// </remarks> public IOpenIdMessageExtension GetExtension(Type extensionType) { - ErrorUtilities.VerifyArgumentNotNull(extensionType, "extensionType"); return this.response.SignedExtensions.OfType<IOpenIdMessageExtension>().Where(ext => extensionType.IsInstanceOfType(ext)).FirstOrDefault(); } @@ -285,7 +283,6 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { /// have not been tampered with since the Provider sent the message.</para> /// </remarks> public IOpenIdMessageExtension GetUntrustedExtension(Type extensionType) { - ErrorUtilities.VerifyArgumentNotNull(extensionType, "extensionType"); return this.response.Extensions.OfType<IOpenIdMessageExtension>().Where(ext => extensionType.IsInstanceOfType(ext)).FirstOrDefault(); } diff --git a/src/DotNetOpenAuth/OpenId/RelyingParty/PositiveAuthenticationResponse.cs b/src/DotNetOpenAuth/OpenId/RelyingParty/PositiveAuthenticationResponse.cs index 06e4d67..bd75d16 100644 --- a/src/DotNetOpenAuth/OpenId/RelyingParty/PositiveAuthenticationResponse.cs +++ b/src/DotNetOpenAuth/OpenId/RelyingParty/PositiveAuthenticationResponse.cs @@ -38,7 +38,6 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { internal PositiveAuthenticationResponse(PositiveAssertionResponse response, OpenIdRelyingParty relyingParty) : base(response) { Contract.Requires<ArgumentNullException>(relyingParty != null); - ErrorUtilities.VerifyArgumentNotNull(relyingParty, "relyingParty"); this.endpoint = ServiceEndpoint.CreateForClaimedIdentifier( this.Response.ClaimedIdentifier, diff --git a/src/DotNetOpenAuth/OpenId/SecuritySettings.cs b/src/DotNetOpenAuth/OpenId/SecuritySettings.cs index d4df697..26f6d2a 100644 --- a/src/DotNetOpenAuth/OpenId/SecuritySettings.cs +++ b/src/DotNetOpenAuth/OpenId/SecuritySettings.cs @@ -8,6 +8,7 @@ namespace DotNetOpenAuth.OpenId { using System; using System.Collections.Generic; using System.Collections.Specialized; + using System.Diagnostics.Contracts; using DotNetOpenAuth.Messaging; /// <summary> @@ -87,7 +88,7 @@ namespace DotNetOpenAuth.OpenId { /// <c>true</c> if the association is permitted given the security requirements; otherwise, <c>false</c>. /// </returns> internal bool IsAssociationInPermittedRange(Association association) { - ErrorUtilities.VerifyArgumentNotNull(association, "association"); + Contract.Requires<ArgumentNullException>(association != null); return association.HashBitLength >= this.MinimumHashBitLength && association.HashBitLength <= this.MaximumHashBitLength; } } |