OpenID RP and OP projects build now.

author: Andrew Arnott <andrewarnott@gmail.com> 2011-07-25 17:03:47 -0600
committer: Andrew Arnott <andrewarnott@gmail.com> 2011-07-25 17:03:47 -0600
commit: d416ff734cea0ed41c275e904a0a09834cc3f079 (patch)
tree: 8e0f04bcabc84f3ecc4f21617da3f5778c4ec789 /src
parent: 67689b08f76546b25d4c4bcc68e179d3b02890fc (diff)
download: DotNetOpenAuth-d416ff734cea0ed41c275e904a0a09834cc3f079.zip
DotNetOpenAuth-d416ff734cea0ed41c275e904a0a09834cc3f079.tar.gz
DotNetOpenAuth-d416ff734cea0ed41c275e904a0a09834cc3f079.tar.bz2
41 files changed, 285 insertions, 78 deletions
diff --git a/src/DotNetOpenAuth.OpenId.Provider/DotNetOpenAuth.OpenId.Provider.csproj b/src/DotNetOpenAuth.OpenId.Provider/DotNetOpenAuth.OpenId.Provider.csproj
index a888838..1bdad35 100644
--- a/src/DotNetOpenAuth.OpenId.Provider/DotNetOpenAuth.OpenId.Provider.csproj
+++ b/src/DotNetOpenAuth.OpenId.Provider/DotNetOpenAuth.OpenId.Provider.csproj
@@ -20,15 +20,13 @@
   <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Release|AnyCPU' ">
   </PropertyGroup>
   <ItemGroup>
-    <Compile Include="Configuration\OpenIdProviderElement.cs" />
-    <Compile Include="Configuration\OpenIdProviderSecuritySettingsElement.cs" />
     <Compile Include="OpenId\Behaviors\AXFetchAsSregTransform.cs" />
     <Compile Include="OpenId\Behaviors\GsaIcamProviderProfile.cs" />
     <Compile Include="OpenId\Behaviors\PpidGeneration.cs" />
     <Compile Include="OpenId\ChannelElements\OpenIdProviderChannel.cs" />
     <Compile Include="OpenId\ChannelElements\ProviderSigningBindingElement.cs" />
     <Compile Include="OpenId\Extensions\ExtensionsInteropProviderHelper.cs" />
-    <Compile Include="OpenId\HmacShaAsssociationProvider.cs" />
+    <Compile Include="OpenId\HmacShaAssociationProvider.cs" />
     <Compile Include="OpenId\Messages\AssociateDiffieHellmanProviderResponse.cs" />
     <Compile Include="OpenId\Messages\AssociateRequestProvider.cs" />
     <Compile Include="OpenId\Messages\AssociateSuccessfulResponseProvider.cs" />
@@ -51,34 +49,39 @@
     <Compile Include="OpenId\Provider\AutoResponsiveRequest.cs" />
     <Compile Include="OpenId\Provider\HostProcessedRequest.cs" />
     <Compile Include="OpenId\Provider\IAnonymousRequest.cs" />
-    <Compile Include="OpenId\Provider\IAuthenticationRequest.cs" />
     <Compile Include="OpenId\Provider\IDirectedIdentityIdentifierProvider.cs" />
-    <Compile Include="OpenId\Provider\IHostProcessedRequest.cs" />
     <Compile Include="OpenId\Provider\IErrorReporting.cs" />
-    <Compile Include="OpenId\Provider\IProviderBehavior.cs" />
-    <Compile Include="OpenId\Provider\IRequest.cs" />
     <Compile Include="OpenId\Provider\ProviderEndpoint.cs" />
-    <Compile Include="OpenId\Provider\RelyingPartyDiscoveryResult.cs" />
     <Compile Include="OpenId\Provider\Request.cs" />
     <Compile Include="OpenId\Provider\RequestContract.cs" />
     <Compile Include="OpenId\Provider\StandardProviderApplicationStore.cs" />
     <Compile Include="OpenId\Provider\OpenIdProvider.cs" />
-    <Compile Include="OpenId\Provider\ProviderSecuritySettings.cs" />
+    <Compile Include="Properties\AssemblyInfo.cs" />
   </ItemGroup>
   <ItemGroup>
     <ProjectReference Include="..\DotNetOpenAuth.Messaging\DotNetOpenAuth.Messaging.csproj">
       <Project>{60426312-6AE5-4835-8667-37EDEA670222}</Project>
       <Name>DotNetOpenAuth.Messaging</Name>
     </ProjectReference>
+    <ProjectReference Include="..\DotNetOpenAuth.OpenId.RelyingParty\DotNetOpenAuth.OpenId.RelyingParty.csproj">
+      <Project>{F458AB60-BA1C-43D9-8CEF-EC01B50BE87B}</Project>
+      <Name>DotNetOpenAuth.OpenId.RelyingParty</Name>
+    </ProjectReference>
     <ProjectReference Include="..\DotNetOpenAuth.OpenId\DotNetOpenAuth.OpenId.csproj">
       <Project>{3896A32A-E876-4C23-B9B8-78E17D134CD3}</Project>
       <Name>DotNetOpenAuth.OpenId</Name>
     </ProjectReference>
+    <ProjectReference Include="..\Org.Mentalis.Security.Cryptography\Org.Mentalis.Security.Cryptography.csproj">
+      <Project>{26DC877F-5987-48DD-9DDB-E62F2DE0E150}</Project>
+      <Name>Org.Mentalis.Security.Cryptography</Name>
+    </ProjectReference>
   </ItemGroup>
   <ItemGroup>
     <Reference Include="System" />
   </ItemGroup>
-  <ItemGroup />
+  <ItemGroup>
+    <Folder Include="Configuration\" />
+  </ItemGroup>
   <Import Project="$(MSBuildToolsPath)\Microsoft.CSharp.targets" />
   <Import Project="$(ProjectRoot)tools\DotNetOpenAuth.targets" />
   <Import Project="$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.targets))\EnlistmentInfo.targets" Condition=" '$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.targets))' != '' " />
diff --git a/src/DotNetOpenAuth.OpenId.Provider/OpenId/ChannelElements/ProviderSigningBindingElement.cs b/src/DotNetOpenAuth.OpenId.Provider/OpenId/ChannelElements/ProviderSigningBindingElement.cs
index 18a992c..7975253 100644
--- a/src/DotNetOpenAuth.OpenId.Provider/OpenId/ChannelElements/ProviderSigningBindingElement.cs
+++ b/src/DotNetOpenAuth.OpenId.Provider/OpenId/ChannelElements/ProviderSigningBindingElement.cs
@@ -14,6 +14,8 @@ namespace DotNetOpenAuth.OpenId.ChannelElements {
 	using DotNetOpenAuth.OpenId.Messages;
 	using DotNetOpenAuth.Messaging;
 	using DotNetOpenAuth.Messaging.Bindings;
+	using System.Web;
+	using DotNetOpenAuth.Messaging.Reflection;
 
 	internal class ProviderSigningBindingElement : SigningBindingElement {
 		/// <summary>
@@ -123,7 +125,7 @@ namespace DotNetOpenAuth.OpenId.ChannelElements {
 			// If no assoc_handle was given or it was invalid, the only thing 
 			// left to do is sign a message using a 'dumb' mode association.
 			Protocol protocol = Protocol.Default;
-			Association association = HmacShaAssociation.Create(protocol, protocol.Args.SignatureAlgorithm.HMAC_SHA256, AssociationRelyingPartyType.Dumb, this.opAssociations, this.opSecuritySettings);
+			Association association = HmacShaAssociationProvider.Create(protocol, protocol.Args.SignatureAlgorithm.HMAC_SHA256, AssociationRelyingPartyType.Dumb, this.opAssociations, this.opSecuritySettings);
 			return association;
 		}
 
diff --git a/src/DotNetOpenAuth.OpenId.Provider/OpenId/HmacShaAsssociationProvider.cs b/src/DotNetOpenAuth.OpenId.Provider/OpenId/HmacShaAssociationProvider.cs
index b2c9ef3..48b3840 100644
--- a/src/DotNetOpenAuth.OpenId.Provider/OpenId/HmacShaAsssociationProvider.cs
+++ b/src/DotNetOpenAuth.OpenId.Provider/OpenId/HmacShaAssociationProvider.cs
@@ -13,7 +13,7 @@ namespace DotNetOpenAuth.OpenId {
 	using DotNetOpenAuth.Messaging;
 	using DotNetOpenAuth.OpenId.Provider;
 
-	internal class HmacShaAsssociationProvider : HmacShaAssociation {
+	internal static class HmacShaAssociationProvider {
 		/// <summary>
 		/// The default lifetime of a shared association when no lifetime is given
 		/// for a specific association type.
@@ -42,7 +42,7 @@ namespace DotNetOpenAuth.OpenId {
 			Contract.Requires<ArgumentNullException>(securitySettings != null);
 			Contract.Ensures(Contract.Result<HmacShaAssociation>() != null);
 
-			int secretLength = GetSecretLength(protocol, associationType);
+			int secretLength = HmacShaAssociation.GetSecretLength(protocol, associationType);
 
 			// Generate the secret that will be used for signing
 			byte[] secret = MessagingUtilities.GetCryptoRandomData(secretLength);
@@ -53,7 +53,7 @@ namespace DotNetOpenAuth.OpenId {
 					lifetime = DefaultMaximumLifetime;
 				}
 			} else {
-				lifetime = DumbSecretLifetime;
+				lifetime = HmacShaAssociation.DumbSecretLifetime;
 			}
 
 			string handle = associationStore.Serialize(secret, DateTime.UtcNow + lifetime, associationUse == AssociationRelyingPartyType.Dumb);
@@ -61,7 +61,7 @@ namespace DotNetOpenAuth.OpenId {
 			Contract.Assert(protocol != null); // All the way up to the method call, the condition holds, yet we get a Requires failure next
 			Contract.Assert(secret != null);
 			Contract.Assert(!String.IsNullOrEmpty(associationType));
-			var result = Create(protocol, associationType, handle, secret, lifetime);
+			var result = HmacShaAssociation.Create(protocol, associationType, handle, secret, lifetime);
 			return result;
 		}
 	}
diff --git a/src/DotNetOpenAuth.OpenId.Provider/OpenId/Messages/AssociateDiffieHellmanProviderResponse.cs b/src/DotNetOpenAuth.OpenId.Provider/OpenId/Messages/AssociateDiffieHellmanProviderResponse.cs
index 80743f7..cdb5166 100644
--- a/src/DotNetOpenAuth.OpenId.Provider/OpenId/Messages/AssociateDiffieHellmanProviderResponse.cs
+++ b/src/DotNetOpenAuth.OpenId.Provider/OpenId/Messages/AssociateDiffieHellmanProviderResponse.cs
@@ -30,18 +30,6 @@ namespace DotNetOpenAuth.OpenId.Messages {
 		}
 
 		/// <summary>
-		/// Creates the association at relying party side after the association response has been received.
-		/// </summary>
-		/// <param name="request">The original association request that was already sent and responded to.</param>
-		/// <returns>The newly created association.</returns>
-		/// <remarks>
-		/// The resulting association is <i>not</i> added to the association store and must be done by the caller.
-		/// </remarks>
-		protected override Association CreateAssociationAtRelyingParty(AssociateRequest request) {
-			throw new NotImplementedException();
-		}
-
-		/// <summary>
 		/// Creates the association at the provider side after the association request has been received.
 		/// </summary>
 		/// <param name="request">The association request.</param>
@@ -54,14 +42,14 @@ namespace DotNetOpenAuth.OpenId.Messages {
 		/// The response message is updated to include the details of the created association by this method,
 		/// but the resulting association is <i>not</i> added to the association store and must be done by the caller.
 		/// </remarks>
-		protected override Association CreateAssociationAtProvider(AssociateRequest request, IProviderAssociationStore associationStore, ProviderSecuritySettings securitySettings) {
+		protected Association CreateAssociationAtProvider(AssociateRequest request, IProviderAssociationStore associationStore, ProviderSecuritySettings securitySettings) {
 			var diffieHellmanRequest = request as AssociateDiffieHellmanRequest;
 			ErrorUtilities.VerifyInternal(diffieHellmanRequest != null, "Expected a DH request type.");
 
 			this.SessionType = this.SessionType ?? request.SessionType;
 
 			// Go ahead and create the association first, complete with its secret that we're about to share.
-			Association association = HmacShaAssociation.Create(this.Protocol, this.AssociationType, AssociationRelyingPartyType.Smart, associationStore, securitySettings);
+			Association association = HmacShaAssociationProvider.Create(this.Protocol, this.AssociationType, AssociationRelyingPartyType.Smart, associationStore, securitySettings);
 
 			// We now need to securely communicate the secret to the relying party using Diffie-Hellman.
 			// We do this by performing a DH algorithm on the secret and setting a couple of properties
diff --git a/src/DotNetOpenAuth.OpenId.Provider/OpenId/Messages/AssociateRequestProvider.cs b/src/DotNetOpenAuth.OpenId.Provider/OpenId/Messages/AssociateRequestProvider.cs
index a4449f8..e2ca117 100644
--- a/src/DotNetOpenAuth.OpenId.Provider/OpenId/Messages/AssociateRequestProvider.cs
+++ b/src/DotNetOpenAuth.OpenId.Provider/OpenId/Messages/AssociateRequestProvider.cs
@@ -9,6 +9,15 @@
 
 	internal abstract class AssociateRequestProvider : AssociateRequest {
 		/// <summary>
+		/// Initializes a new instance of the <see cref="AssociateRequestProvider"/> class.
+		/// </summary>
+		/// <param name="version">The OpenID version this message must comply with.</param>
+		/// <param name="providerEndpoint">The OpenID Provider endpoint.</param>
+		internal AssociateRequestProvider(Version version, Uri providerEndpoint)
+			: base(version, providerEndpoint) {
+		}
+
+		/// <summary>
 		/// Creates a Provider's response to an incoming association request.
 		/// </summary>
 		/// <param name="associationStore">The association store.</param>
@@ -32,9 +41,9 @@
 				response = this.CreateResponseCore();
 
 				// Create and store the association if this is a successful response.
-				var successResponse = response as AssociateSuccessfulResponse;
+				var successResponse = response as AssociateSuccessfulResponseProvider;
 				if (successResponse != null) {
-					successResponse.CreateAssociation(this, associationStore, securitySettings);
+					successResponse.CreateAssociationAtProvider(this, associationStore, securitySettings);
 				}
 			} else {
 				response = this.CreateUnsuccessfulResponse(securitySettings);
@@ -92,6 +101,5 @@
 
 			return unsuccessfulResponse;
 		}
-
 	}
 }
diff --git a/src/DotNetOpenAuth.OpenId.Provider/OpenId/Messages/AssociateSuccessfulResponseProvider.cs b/src/DotNetOpenAuth.OpenId.Provider/OpenId/Messages/AssociateSuccessfulResponseProvider.cs
index 3a71bba..36ce544 100644
--- a/src/DotNetOpenAuth.OpenId.Provider/OpenId/Messages/AssociateSuccessfulResponseProvider.cs
+++ b/src/DotNetOpenAuth.OpenId.Provider/OpenId/Messages/AssociateSuccessfulResponseProvider.cs
@@ -1,12 +1,23 @@
 namespace DotNetOpenAuth.OpenId.Messages {
 	using System;
 	using System.Collections.Generic;
+	using System.Diagnostics.Contracts;
 	using System.Linq;
 	using System.Text;
 	using DotNetOpenAuth.OpenId.Provider;
 
+	[ContractClass(typeof(AssociateSuccessfulResponseProviderContract))]
 	internal abstract class AssociateSuccessfulResponseProvider : AssociateSuccessfulResponse {
 		/// <summary>
+		/// Initializes a new instance of the <see cref="AssociateSuccessfulResponseProvider"/> class.
+		/// </summary>
+		/// <param name="version">The version.</param>
+		/// <param name="request">The request.</param>
+		internal AssociateSuccessfulResponseProvider(Version version, AssociateRequest request) :
+			base(version, request) {
+		}
+
+		/// <summary>
 		/// Called to create the Association based on a request previously given by the Relying Party.
 		/// </summary>
 		/// <param name="request">The prior request for an association.</param>
@@ -22,6 +33,6 @@
 		///   <para>The response message is updated to include the details of the created association by this method,
 		/// but the resulting association is <i>not</i> added to the association store and must be done by the caller.</para>
 		/// </remarks>
-		protected abstract Association CreateAssociationAtProvider(AssociateRequest request, IProviderAssociationStore associationStore, ProviderSecuritySettings securitySettings);
+		protected internal abstract Association CreateAssociationAtProvider(AssociateRequest request, IProviderAssociationStore associationStore, ProviderSecuritySettings securitySettings);
 	}
 }
diff --git a/src/DotNetOpenAuth.OpenId.Provider/OpenId/Messages/AssociateSuccessfulResponseProviderContract.cs b/src/DotNetOpenAuth.OpenId.Provider/OpenId/Messages/AssociateSuccessfulResponseProviderContract.cs
index 9824316..9403980 100644
--- a/src/DotNetOpenAuth.OpenId.Provider/OpenId/Messages/AssociateSuccessfulResponseProviderContract.cs
+++ b/src/DotNetOpenAuth.OpenId.Provider/OpenId/Messages/AssociateSuccessfulResponseProviderContract.cs
@@ -8,7 +8,16 @@
 
 	[ContractClassFor(typeof(AssociateSuccessfulResponseProvider))]
 	internal abstract class AssociateSuccessfulResponseProviderContract : AssociateSuccessfulResponseProvider {
-		protected override Association CreateAssociationAtProvider(AssociateRequest request, IProviderAssociationStore associationStore, ProviderSecuritySettings securitySettings) {
+		/// <summary>
+		/// Prevents a default instance of the <see cref="AssociateSuccessfulResponseProviderContract"/> class from being created.
+		/// </summary>
+		/// <param name="version">The version.</param>
+		/// <param name="request">The request.</param>
+		private AssociateSuccessfulResponseProviderContract(Version version, AssociateRequest request)
+			: base(version, request) {
+		}
+
+		protected internal override Association CreateAssociationAtProvider(AssociateRequest request, IProviderAssociationStore associationStore, ProviderSecuritySettings securitySettings) {
 			Contract.Requires<ArgumentNullException>(request != null);
 			Contract.Requires<ArgumentNullException>(associationStore != null);
 			Contract.Requires<ArgumentNullException>(securitySettings != null);
diff --git a/src/DotNetOpenAuth.OpenId.Provider/OpenId/Messages/AssociateUnencryptedResponseProvider.cs b/src/DotNetOpenAuth.OpenId.Provider/OpenId/Messages/AssociateUnencryptedResponseProvider.cs
index c390a5e..ad7c3ae 100644
--- a/src/DotNetOpenAuth.OpenId.Provider/OpenId/Messages/AssociateUnencryptedResponseProvider.cs
+++ b/src/DotNetOpenAuth.OpenId.Provider/OpenId/Messages/AssociateUnencryptedResponseProvider.cs
@@ -13,6 +13,15 @@ namespace DotNetOpenAuth.OpenId.Messages {
 
 	internal class AssociateUnencryptedResponseProvider : AssociateUnencryptedResponse {
 		/// <summary>
+		/// Initializes a new instance of the <see cref="AssociateUnencryptedResponseProvider"/> class.
+		/// </summary>
+		/// <param name="version">The version.</param>
+		/// <param name="request">The request.</param>
+		internal AssociateUnencryptedResponseProvider(Version version, AssociateUnencryptedRequest request)
+			: base(version, request) {
+		}
+
+		/// <summary>
 		/// Called to create the Association based on a request previously given by the Relying Party.
 		/// </summary>
 		/// <param name="request">The prior request for an association.</param>
@@ -30,11 +39,10 @@ namespace DotNetOpenAuth.OpenId.Messages {
 		///   <para>The response message is updated to include the details of the created association by this method,
 		/// but the resulting association is <i>not</i> added to the association store and must be done by the caller.</para>
 		/// </remarks>
-		protected override Association CreateAssociationAtProvider(AssociateRequest request, IProviderAssociationStore associationStore, ProviderSecuritySettings securitySettings) {
-			Association association = HmacShaAssociation.Create(Protocol, this.AssociationType, AssociationRelyingPartyType.Smart, associationStore, securitySettings);
+		protected Association CreateAssociationAtProvider(AssociateRequest request, IProviderAssociationStore associationStore, ProviderSecuritySettings securitySettings) {
+			Association association = HmacShaAssociationProvider.Create(Protocol, this.AssociationType, AssociationRelyingPartyType.Smart, associationStore, securitySettings);
 			this.MacKey = association.SecretKey;
 			return association;
 		}
-
 	}
 }
diff --git a/src/DotNetOpenAuth.OpenId.Provider/OpenId/Messages/CheckAuthenticationResponseProvider.cs b/src/DotNetOpenAuth.OpenId.Provider/OpenId/Messages/CheckAuthenticationResponseProvider.cs
index 3853693..8f00394 100644
--- a/src/DotNetOpenAuth.OpenId.Provider/OpenId/Messages/CheckAuthenticationResponseProvider.cs
+++ b/src/DotNetOpenAuth.OpenId.Provider/OpenId/Messages/CheckAuthenticationResponseProvider.cs
@@ -2,6 +2,9 @@
 using System.Collections.Generic;
 using System.Linq;
 using System.Text;
+using DotNetOpenAuth.OpenId.Provider;
+using System.Diagnostics.Contracts;
+using DotNetOpenAuth.OpenId.ChannelElements;
 
 namespace DotNetOpenAuth.OpenId.Messages {
 	class CheckAuthenticationResponseProvider : CheckAuthenticationResponse {
diff --git a/src/DotNetOpenAuth.OpenId.Provider/OpenId/OpenIdProviderUtilities.cs b/src/DotNetOpenAuth.OpenId.Provider/OpenId/OpenIdProviderUtilities.cs
index 680759b..247f734 100644
--- a/src/DotNetOpenAuth.OpenId.Provider/OpenId/OpenIdProviderUtilities.cs
+++ b/src/DotNetOpenAuth.OpenId.Provider/OpenId/OpenIdProviderUtilities.cs
@@ -29,20 +29,19 @@ namespace DotNetOpenAuth.OpenId {
 		/// This method is called by both the Provider and the Relying Party, but actually performs
 		/// quite different operations in either scenario.
 		/// </remarks>
-		internal static Association CreateAssociation(AssociateRequest request, AssociateSuccessfulResponse response, IProviderAssociationStore associationStore, ProviderSecuritySettings securitySettings) {
+		internal static Association CreateAssociation(AssociateRequest request, AssociateSuccessfulResponseProvider response, IProviderAssociationStore associationStore, ProviderSecuritySettings securitySettings) {
 			Contract.Requires<ArgumentNullException>(request != null);
 			Contract.Requires<ArgumentNullException>(response != null, "response");
 			Contract.Requires<ArgumentNullException>(securitySettings != null, "securitySettings");
 				
 			// We need to initialize some common properties based on the created association.
-			var association = CreateAssociationAtProvider(request, associationStore, securitySettings);
+			var association = response.CreateAssociationAtProvider(request, associationStore, securitySettings);
 			response.ExpiresIn = association.SecondsTillExpiration;
 			response.AssociationHandle = association.Handle;
 
 			return association;
 		}
 
-
 		/// <summary>
 		/// Determines whether the association with the specified handle is (still) valid.
 		/// </summary>
diff --git a/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/HostProcessedRequest.cs b/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/HostProcessedRequest.cs
index ec0c58a..2fdcebb 100644
--- a/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/HostProcessedRequest.cs
+++ b/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/HostProcessedRequest.cs
@@ -105,17 +105,19 @@ namespace DotNetOpenAuth.OpenId.Provider {
 		/// Gets a value indicating whether verification of the return URL claimed by the Relying Party
 		/// succeeded.
 		/// </summary>
-		/// <param name="provider">The OpenIdProvider that is performing the RP discovery.</param>
-		/// <returns>Result of realm discovery.</returns>
+		/// <param name="requestHandler">The request handler.</param>
+		/// <returns>
+		/// Result of realm discovery.
+		/// </returns>
 		/// <remarks>
 		/// Return URL verification is only attempted if this property is queried.
 		/// The result of the verification is cached per request so calling this
 		/// property getter multiple times in one request is not a performance hit.
 		/// See OpenID Authentication 2.0 spec section 9.2.1.
 		/// </remarks>
-		public RelyingPartyDiscoveryResult IsReturnUrlDiscoverable(OpenIdProvider provider) {
+		public RelyingPartyDiscoveryResult IsReturnUrlDiscoverable(IDirectWebRequestHandler requestHandler) {
 			if (!this.realmDiscoveryResult.HasValue) {
-				this.realmDiscoveryResult = this.IsReturnUrlDiscoverableCore(provider);
+				this.realmDiscoveryResult = this.IsReturnUrlDiscoverableCore(requestHandler);
 			}
 
 			return this.realmDiscoveryResult.Value;
@@ -125,10 +127,12 @@ namespace DotNetOpenAuth.OpenId.Provider {
 		/// Gets a value indicating whether verification of the return URL claimed by the Relying Party
 		/// succeeded.
 		/// </summary>
-		/// <param name="provider">The OpenIdProvider that is performing the RP discovery.</param>
-		/// <returns>Result of realm discovery.</returns>
-		private RelyingPartyDiscoveryResult IsReturnUrlDiscoverableCore(OpenIdProvider provider) {
-			Contract.Requires<ArgumentNullException>(provider != null);
+		/// <param name="requestHandler">The request handler.</param>
+		/// <returns>
+		/// Result of realm discovery.
+		/// </returns>
+		private RelyingPartyDiscoveryResult IsReturnUrlDiscoverableCore(IDirectWebRequestHandler requestHandler) {
+			Contract.Requires<ArgumentNullException>(requestHandler != null);
 
 			ErrorUtilities.VerifyInternal(this.Realm != null, "Realm should have been read or derived by now.");
 
@@ -138,7 +142,7 @@ namespace DotNetOpenAuth.OpenId.Provider {
 					return RelyingPartyDiscoveryResult.NoServiceDocument;
 				}
 
-				var returnToEndpoints = this.Realm.DiscoverReturnToEndpoints(provider.Channel.WebRequestHandler, false);
+				var returnToEndpoints = this.Realm.DiscoverReturnToEndpoints(requestHandler, false);
 				if (returnToEndpoints == null) {
 					return RelyingPartyDiscoveryResult.NoServiceDocument;
 				}
diff --git a/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/OpenIdProvider.cs b/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/OpenIdProvider.cs
index ea19202..6f06024 100644
--- a/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/OpenIdProvider.cs
+++ b/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/OpenIdProvider.cs
@@ -88,7 +88,7 @@ namespace DotNetOpenAuth.OpenId.Provider {
 			}
 
 			this.AssociationStore = new SwitchingAssociationStore(cryptoKeyStore, this.SecuritySettings);
-			this.Channel = new OpenIdChannel(this.AssociationStore, nonceStore, this.SecuritySettings);
+			this.Channel = new OpenIdProviderChannel(this.AssociationStore, nonceStore, this.SecuritySettings);
 			this.CryptoKeyStore = cryptoKeyStore;
 
 			Reporting.RecordFeatureAndDependencyUse(this, nonceStore);
@@ -281,12 +281,12 @@ namespace DotNetOpenAuth.OpenId.Provider {
 				if (result == null) {
 					var checkAuthMessage = incomingMessage as CheckAuthenticationRequest;
 					if (checkAuthMessage != null) {
-						result = new AutoResponsiveRequest(incomingMessage, new CheckAuthenticationResponse(checkAuthMessage, this), this.SecuritySettings);
+						result = new AutoResponsiveRequest(incomingMessage, new CheckAuthenticationResponseProvider(checkAuthMessage, this), this.SecuritySettings);
 					}
 				}
 
 				if (result == null) {
-					var associateMessage = incomingMessage as AssociateRequest;
+					var associateMessage = incomingMessage as AssociateRequestProvider;
 					if (associateMessage != null) {
 						result = new AutoResponsiveRequest(incomingMessage, associateMessage.CreateResponse(this.AssociationStore, this.SecuritySettings), this.SecuritySettings);
 					}
diff --git a/src/DotNetOpenAuth.OpenId.Provider/Properties/AssemblyInfo.cs b/src/DotNetOpenAuth.OpenId.Provider/Properties/AssemblyInfo.cs
new file mode 100644
index 0000000..e5cab0f
--- /dev/null
+++ b/src/DotNetOpenAuth.OpenId.Provider/Properties/AssemblyInfo.cs
@@ -0,0 +1,54 @@
+//-----------------------------------------------------------------------
+// <copyright file="AssemblyInfo.cs" company="Andrew Arnott">
+//     Copyright (c) Andrew Arnott. All rights reserved.
+// </copyright>
+//-----------------------------------------------------------------------
+
+// We DON'T put an AssemblyVersionAttribute in here because it is generated in the build.
+
+using System;
+using System.Diagnostics.Contracts;
+using System.Net;
+using System.Reflection;
+using System.Resources;
+using System.Runtime.CompilerServices;
+using System.Runtime.InteropServices;
+using System.Security;
+using System.Security.Permissions;
+using System.Web.UI;
+
+[assembly: TagPrefix("DotNetOpenAuth.OpenId.Provider", "op")]
+
+// General Information about an assembly is controlled through the following 
+// set of attributes. Change these attribute values to modify the information
+// associated with an assembly.
+[assembly: AssemblyTitle("DotNetOpenAuth OpenID")]
+[assembly: AssemblyDescription("")]
+[assembly: AssemblyConfiguration("")]
+[assembly: AssemblyCompany("")]
+[assembly: AssemblyProduct("DotNetOpenAuth")]
+[assembly: AssemblyCopyright("Copyright ©  2008")]
+[assembly: AssemblyTrademark("")]
+[assembly: AssemblyCulture("")]
+[assembly: NeutralResourcesLanguage("en-US")]
+[assembly: CLSCompliant(true)]
+
+// Setting ComVisible to false makes the types in this assembly not visible 
+// to COM components.  If you need to access a type in this assembly from 
+// COM, set the ComVisible attribute to true on that type.
+[assembly: ComVisible(false)]
+
+// The following GUID is for the ID of the typelib if this project is exposed to COM
+[assembly: Guid("7d73990c-47c0-4256-9f20-a893add9e289")]
+
+[assembly: ContractVerification(true)]
+
+#if StrongNameSigned
+// See comment at top of this file.  We need this so that strong-naming doesn't
+// keep this assembly from being useful to shared host (medium trust) web sites.
+[assembly: AllowPartiallyTrustedCallers]
+
+[assembly: InternalsVisibleTo("DotNetOpenAuth.Test, PublicKey=0024000004800000940000000602000000240000525341310004000001000100AD093C3765257C89A7010E853F2C7C741FF92FA8ACE06D7B8254702CAD5CF99104447F63AB05F8BB6F51CE0D81C8C93D2FCE8C20AAFF7042E721CBA16EAAE98778611DED11C0ABC8900DC5667F99B50A9DADEC24DBD8F2C91E3E8AD300EF64F1B4B9536CEB16FB440AF939F57624A9B486F867807C649AE4830EAB88C6C03998")]
+#else
+[assembly: InternalsVisibleTo("DotNetOpenAuth.Test")]
+#endif
diff --git a/src/DotNetOpenAuth.OpenId.RelyingParty/DotNetOpenAuth.OpenId.RelyingParty.csproj b/src/DotNetOpenAuth.OpenId.RelyingParty/DotNetOpenAuth.OpenId.RelyingParty.csproj
index aa6423f..c9158ba 100644
--- a/src/DotNetOpenAuth.OpenId.RelyingParty/DotNetOpenAuth.OpenId.RelyingParty.csproj
+++ b/src/DotNetOpenAuth.OpenId.RelyingParty/DotNetOpenAuth.OpenId.RelyingParty.csproj
@@ -21,8 +21,6 @@
   </PropertyGroup>
   <ItemGroup>
     <Compile Include="ComponentModel\IdentifierConverter.cs" />
-    <Compile Include="Configuration\OpenIdRelyingPartyElement.cs" />
-    <Compile Include="Configuration\OpenIdRelyingPartySecuritySettingsElement.cs" />
     <Compile Include="OpenId\Behaviors\AXFetchAsSregTransform.cs" />
     <Compile Include="OpenId\Behaviors\GsaIcamRelyingPartyProfile.cs" />
     <Compile Include="OpenId\ChannelElements\ExtensionsBindingElementRelyingParty.cs" />
@@ -43,7 +41,6 @@
     <Compile Include="OpenId\Messages\AssociateUnencryptedResponseRelyingParty.cs" />
     <Compile Include="OpenId\Mvc\OpenIdAjaxOptions.cs" />
     <Compile Include="OpenId\Mvc\OpenIdHelper.cs" />
-    <Compile Include="OpenId\OpenIdXrdsHelper.cs" />
     <Compile Include="OpenId\RelyingParty\CryptoKeyStoreAsRelyingPartyAssociationStore.cs" />
     <Compile Include="OpenId\RelyingParty\IRelyingPartyAssociationStore.cs" />
     <Compile Include="OpenId\RelyingParty\Associations.cs" />
@@ -51,8 +48,6 @@
     <Compile Include="OpenId\RelyingParty\AssociationPreference.cs" />
     <Compile Include="OpenId\RelyingParty\AuthenticationRequest.cs" />
     <Compile Include="OpenId\RelyingParty\DuplicateRequestedHostsComparer.cs" />
-    <Compile Include="OpenId\RelyingParty\IRelyingPartyBehavior.cs" />
-    <Compile Include="OpenId\RelyingParty\IAuthenticationRequestContract.cs" />
     <Compile Include="OpenId\RelyingParty\NegativeAuthenticationResponse.cs" />
     <Compile Include="OpenId\RelyingParty\OpenIdAjaxRelyingParty.cs" />
     <Compile Include="OpenId\RelyingParty\OpenIdAjaxTextBox.cs" />
@@ -67,14 +62,10 @@
     <Compile Include="OpenId\RelyingParty\PopupBehavior.cs" />
     <Compile Include="OpenId\RelyingParty\PositiveAnonymousResponse.cs" />
     <Compile Include="OpenId\RelyingParty\PositiveAuthenticationResponse.cs" />
-    <Compile Include="OpenId\RelyingParty\AuthenticationStatus.cs" />
     <Compile Include="OpenId\RelyingParty\FailedAuthenticationResponse.cs" />
-    <Compile Include="OpenId\RelyingParty\IAuthenticationRequest.cs" />
-    <Compile Include="OpenId\RelyingParty\IAuthenticationResponse.cs" />
     <Compile Include="OpenId\RelyingParty\ISetupRequiredAuthenticationResponse.cs" />
     <Compile Include="OpenId\RelyingParty\OpenIdRelyingParty.cs" />
     <Compile Include="OpenId\RelyingParty\PositiveAuthenticationResponseSnapshot.cs" />
-    <Compile Include="OpenId\RelyingParty\RelyingPartySecuritySettings.cs" />
     <Compile Include="OpenId\RelyingParty\SelectorButton.cs" />
     <Compile Include="OpenId\RelyingParty\SelectorButtonContract.cs" />
     <Compile Include="OpenId\RelyingParty\SelectorOpenIdButton.cs" />
@@ -82,8 +73,7 @@
     <Compile Include="OpenId\RelyingParty\SimpleXrdsProviderEndpoint.cs" />
     <Compile Include="OpenId\RelyingParty\StandardRelyingPartyApplicationStore.cs" />
     <Compile Include="OpenId\RelyingParty\WellKnownProviders.cs" />
-    <Compile Include="OpenId\UriDiscoveryService.cs" />
-    <Compile Include="OpenId\XriDiscoveryProxyService.cs" />
+    <Compile Include="Properties\AssemblyInfo.cs" />
   </ItemGroup>
   <ItemGroup>
     <Content Include="OpenId\RelyingParty\login_failure.png" />
@@ -119,6 +109,9 @@
   <ItemGroup>
     <Reference Include="System" />
   </ItemGroup>
+  <ItemGroup>
+    <Folder Include="Configuration\" />
+  </ItemGroup>
   <Import Project="$(MSBuildToolsPath)\Microsoft.CSharp.targets" />
   <Import Project="$(ProjectRoot)tools\DotNetOpenAuth.targets" />
   <Import Project="$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.targets))\EnlistmentInfo.targets" Condition=" '$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.targets))' != '' " />
diff --git a/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/ChannelElements/RelyingPartySigningBindingElement.cs b/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/ChannelElements/RelyingPartySigningBindingElement.cs
index 1d86152..fe8bd87 100644
--- a/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/ChannelElements/RelyingPartySigningBindingElement.cs
+++ b/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/ChannelElements/RelyingPartySigningBindingElement.cs
@@ -44,8 +44,6 @@ namespace DotNetOpenAuth.OpenId.ChannelElements {
 		}
 
 		protected override Association GetAssociation(ITamperResistantOpenIdMessage signedMessage) {
-			Contract.Requires<ArgumentNullException>(signedMessage != null);
-
 			// We're on a Relying Party verifying a signature.
 			IDirectedProtocolMessage directedMessage = (IDirectedProtocolMessage)signedMessage;
 			if (this.rpAssociations != null) {
diff --git a/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/Messages/AssociateSuccessfulResponseRelyingParty.cs b/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/Messages/AssociateSuccessfulResponseRelyingParty.cs
index 3718a68..4ac2100 100644
--- a/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/Messages/AssociateSuccessfulResponseRelyingParty.cs
+++ b/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/Messages/AssociateSuccessfulResponseRelyingParty.cs
@@ -3,7 +3,9 @@
 	using System.Collections.Generic;
 	using System.Linq;
 	using System.Text;
+	using System.Diagnostics.Contracts;
 
+	[ContractClass(typeof(AssociateSuccessfulResponseRelyingPartyContract))]
 	internal abstract class AssociateSuccessfulResponseRelyingParty : AssociateSuccessfulResponse {
 		/// <summary>
 		/// Initializes a new instance of the <see cref="AssociateSuccessfulResponseRelyingParty"/> class.
diff --git a/src/DotNetOpenAuth.OpenId.RelyingParty/Properties/AssemblyInfo.cs b/src/DotNetOpenAuth.OpenId.RelyingParty/Properties/AssemblyInfo.cs
new file mode 100644
index 0000000..2961dc2
--- /dev/null
+++ b/src/DotNetOpenAuth.OpenId.RelyingParty/Properties/AssemblyInfo.cs
@@ -0,0 +1,56 @@
+//-----------------------------------------------------------------------
+// <copyright file="AssemblyInfo.cs" company="Andrew Arnott">
+//     Copyright (c) Andrew Arnott. All rights reserved.
+// </copyright>
+//-----------------------------------------------------------------------
+
+// We DON'T put an AssemblyVersionAttribute in here because it is generated in the build.
+
+using System;
+using System.Diagnostics.Contracts;
+using System.Net;
+using System.Reflection;
+using System.Resources;
+using System.Runtime.CompilerServices;
+using System.Runtime.InteropServices;
+using System.Security;
+using System.Security.Permissions;
+using System.Web.UI;
+
+[assembly: TagPrefix("DotNetOpenAuth.OpenId.RelyingParty", "rp")]
+
+// General Information about an assembly is controlled through the following 
+// set of attributes. Change these attribute values to modify the information
+// associated with an assembly.
+[assembly: AssemblyTitle("DotNetOpenAuth OpenID")]
+[assembly: AssemblyDescription("")]
+[assembly: AssemblyConfiguration("")]
+[assembly: AssemblyCompany("")]
+[assembly: AssemblyProduct("DotNetOpenAuth")]
+[assembly: AssemblyCopyright("Copyright ©  2008")]
+[assembly: AssemblyTrademark("")]
+[assembly: AssemblyCulture("")]
+[assembly: NeutralResourcesLanguage("en-US")]
+[assembly: CLSCompliant(true)]
+
+// Setting ComVisible to false makes the types in this assembly not visible 
+// to COM components.  If you need to access a type in this assembly from 
+// COM, set the ComVisible attribute to true on that type.
+[assembly: ComVisible(false)]
+
+// The following GUID is for the ID of the typelib if this project is exposed to COM
+[assembly: Guid("7d73990c-47c0-4256-9f20-a893add9e289")]
+
+[assembly: ContractVerification(true)]
+
+#if StrongNameSigned
+// See comment at top of this file.  We need this so that strong-naming doesn't
+// keep this assembly from being useful to shared host (medium trust) web sites.
+[assembly: AllowPartiallyTrustedCallers]
+
+[assembly: InternalsVisibleTo("DotNetOpenAuth.Test, PublicKey=0024000004800000940000000602000000240000525341310004000001000100AD093C3765257C89A7010E853F2C7C741FF92FA8ACE06D7B8254702CAD5CF99104447F63AB05F8BB6F51CE0D81C8C93D2FCE8C20AAFF7042E721CBA16EAAE98778611DED11C0ABC8900DC5667F99B50A9DADEC24DBD8F2C91E3E8AD300EF64F1B4B9536CEB16FB440AF939F57624A9B486F867807C649AE4830EAB88C6C03998")]
+[assembly: InternalsVisibleTo("DotNetOpenAuth.OpenId.Provider, PublicKey=0024000004800000940000000602000000240000525341310004000001000100AD093C3765257C89A7010E853F2C7C741FF92FA8ACE06D7B8254702CAD5CF99104447F63AB05F8BB6F51CE0D81C8C93D2FCE8C20AAFF7042E721CBA16EAAE98778611DED11C0ABC8900DC5667F99B50A9DADEC24DBD8F2C91E3E8AD300EF64F1B4B9536CEB16FB440AF939F57624A9B486F867807C649AE4830EAB88C6C03998")]
+#else
+[assembly: InternalsVisibleTo("DotNetOpenAuth.Test")]
+[assembly: InternalsVisibleTo("DotNetOpenAuth.OpenId.Provider")]
+#endif
diff --git a/src/DotNetOpenAuth.OpenId/Configuration/OpenIdElement.cs b/src/DotNetOpenAuth.OpenId/Configuration/OpenIdElement.cs
index e45e56e..c6b17a8 100644
--- a/src/DotNetOpenAuth.OpenId/Configuration/OpenIdElement.cs
+++ b/src/DotNetOpenAuth.OpenId/Configuration/OpenIdElement.cs
@@ -23,6 +23,16 @@ namespace DotNetOpenAuth.Configuration {
 		private const string SectionName = DotNetOpenAuthSection.SectionName + "/openid";
 
 		/// <summary>
+		/// The name of the &lt;relyingParty&gt; sub-element.
+		/// </summary>
+		private const string RelyingPartyElementName = "relyingParty";
+
+		/// <summary>
+		/// The name of the &lt;provider&gt; sub-element.
+		/// </summary>
+		private const string ProviderElementName = "provider";
+
+		/// <summary>
 		/// The name of the &lt;extensions&gt; sub-element.
 		/// </summary>
 		private const string ExtensionFactoriesElementName = "extensionFactories";
@@ -103,6 +113,24 @@ namespace DotNetOpenAuth.Configuration {
 		}
 
 		/// <summary>
+		/// Gets or sets the configuration specific for Relying Parties.
+		/// </summary>
+		[ConfigurationProperty(RelyingPartyElementName)]
+		internal OpenIdRelyingPartyElement RelyingParty {
+			get { return (OpenIdRelyingPartyElement)indexer[RelyingPartyElementName] ?? new OpenIdRelyingPartyElement(); }
+			set { indexer[RelyingPartyElementName] = value; }
+		}
+
+		/// <summary>
+		/// Gets or sets the configuration specific for Providers.
+		/// </summary>
+		[ConfigurationProperty(ProviderElementName)]
+		internal OpenIdProviderElement Provider {
+			get { return (OpenIdProviderElement)indexer[ProviderElementName] ?? new OpenIdProviderElement(); }
+			set { indexer[ProviderElementName] = value; }
+		}
+
+		/// <summary>
 		/// Gets or sets the registered OpenID extension factories.
 		/// </summary>
 		[ConfigurationProperty(ExtensionFactoriesElementName, IsDefaultCollection = false)]
diff --git a/src/DotNetOpenAuth.OpenId.Provider/Configuration/OpenIdProviderElement.cs b/src/DotNetOpenAuth.OpenId/Configuration/OpenIdProviderElement.cs
index 6f5a043..6f5a043 100644
--- a/src/DotNetOpenAuth.OpenId.Provider/Configuration/OpenIdProviderElement.cs
+++ b/src/DotNetOpenAuth.OpenId/Configuration/OpenIdProviderElement.cs
diff --git a/src/DotNetOpenAuth.OpenId.Provider/Configuration/OpenIdProviderSecuritySettingsElement.cs b/src/DotNetOpenAuth.OpenId/Configuration/OpenIdProviderSecuritySettingsElement.cs
index 0d8e8b4..0d8e8b4 100644
--- a/src/DotNetOpenAuth.OpenId.Provider/Configuration/OpenIdProviderSecuritySettingsElement.cs
+++ b/src/DotNetOpenAuth.OpenId/Configuration/OpenIdProviderSecuritySettingsElement.cs
diff --git a/src/DotNetOpenAuth.OpenId.RelyingParty/Configuration/OpenIdRelyingPartyElement.cs b/src/DotNetOpenAuth.OpenId/Configuration/OpenIdRelyingPartyElement.cs
index c80141a..c80141a 100644
--- a/src/DotNetOpenAuth.OpenId.RelyingParty/Configuration/OpenIdRelyingPartyElement.cs
+++ b/src/DotNetOpenAuth.OpenId/Configuration/OpenIdRelyingPartyElement.cs
diff --git a/src/DotNetOpenAuth.OpenId.RelyingParty/Configuration/OpenIdRelyingPartySecuritySettingsElement.cs b/src/DotNetOpenAuth.OpenId/Configuration/OpenIdRelyingPartySecuritySettingsElement.cs
index 225b1e7..225b1e7 100644
--- a/src/DotNetOpenAuth.OpenId.RelyingParty/Configuration/OpenIdRelyingPartySecuritySettingsElement.cs
+++ b/src/DotNetOpenAuth.OpenId/Configuration/OpenIdRelyingPartySecuritySettingsElement.cs
diff --git a/src/DotNetOpenAuth.OpenId/DotNetOpenAuth.OpenId.csproj b/src/DotNetOpenAuth.OpenId/DotNetOpenAuth.OpenId.csproj
index c7c5e77..2fe16c8 100644
--- a/src/DotNetOpenAuth.OpenId/DotNetOpenAuth.OpenId.csproj
+++ b/src/DotNetOpenAuth.OpenId/DotNetOpenAuth.OpenId.csproj
@@ -23,7 +23,12 @@
     <Compile Include="Configuration\AssociationTypeCollection.cs" />
     <Compile Include="Configuration\AssociationTypeElement.cs" />
     <Compile Include="Configuration\OpenIdElement.cs" />
+    <Compile Include="Configuration\OpenIdProviderElement.cs" />
+    <Compile Include="Configuration\OpenIdProviderSecuritySettingsElement.cs" />
+    <Compile Include="Configuration\OpenIdRelyingPartyElement.cs" />
+    <Compile Include="Configuration\OpenIdRelyingPartySecuritySettingsElement.cs" />
     <Compile Include="Configuration\XriResolverElement.cs" />
+    <Compile Include="OpenIdXrdsHelper.cs" />
     <Compile Include="OpenId\Association.cs" />
     <Compile Include="OpenId\AuthenticationRequestMode.cs" />
     <Compile Include="OpenId\Behaviors\AXFetchAsSregTransform.cs" />
@@ -86,6 +91,17 @@
     <Compile Include="OpenId\IdentifierDiscoveryResult.cs" />
     <Compile Include="OpenId\IIdentifierDiscoveryService.cs" />
     <Compile Include="OpenId\IProviderEndpoint.cs" />
+    <Compile Include="OpenId\Provider\IAuthenticationRequest.cs" />
+    <Compile Include="OpenId\Provider\IHostProcessedRequest.cs" />
+    <Compile Include="OpenId\Provider\IProviderBehavior.cs" />
+    <Compile Include="OpenId\Provider\IRequest.cs" />
+    <Compile Include="OpenId\Provider\ProviderSecuritySettings.cs" />
+    <Compile Include="OpenId\Provider\RelyingPartyDiscoveryResult.cs" />
+    <Compile Include="OpenId\RelyingParty\AuthenticationStatus.cs" />
+    <Compile Include="OpenId\RelyingParty\IAuthenticationRequest.cs" />
+    <Compile Include="OpenId\RelyingParty\IAuthenticationRequestContract.cs" />
+    <Compile Include="OpenId\RelyingParty\IAuthenticationResponse.cs" />
+    <Compile Include="OpenId\RelyingParty\IRelyingPartyBehavior.cs" />
     <Compile Include="OpenId\Messages\CheckAuthenticationRequest.cs" />
     <Compile Include="OpenId\Messages\CheckAuthenticationResponse.cs" />
     <Compile Include="OpenId\Messages\CheckIdRequest.cs" />
@@ -123,6 +139,9 @@
     </Compile>
     <Compile Include="OpenId\Protocol.cs" />
     <Compile Include="OpenId\IOpenIdApplicationStore.cs" />
+    <Compile Include="OpenId\RelyingParty\RelyingPartySecuritySettings.cs" />
+    <Compile Include="OpenId\UriDiscoveryService.cs" />
+    <Compile Include="OpenId\XriDiscoveryProxyService.cs" />
     <Compile Include="OpenId\SecuritySettings.cs" />
     <Compile Include="OpenId\UriIdentifier.cs" />
     <Compile Include="OpenId\XriIdentifier.cs" />
diff --git a/src/DotNetOpenAuth.OpenId/OpenId/Association.cs b/src/DotNetOpenAuth.OpenId/OpenId/Association.cs
index 0143838..dfcc5c4 100644
--- a/src/DotNetOpenAuth.OpenId/OpenId/Association.cs
+++ b/src/DotNetOpenAuth.OpenId/OpenId/Association.cs
@@ -109,7 +109,7 @@ namespace DotNetOpenAuth.OpenId {
 		/// <summary>
 		/// Gets the duration a secret key used for signing dumb client requests will be good for.
 		/// </summary>
-		protected static TimeSpan DumbSecretLifetime {
+		protected internal static TimeSpan DumbSecretLifetime {
 			get {
 				Contract.Ensures(Contract.Result<TimeSpan>() > TimeSpan.Zero);
 				return OpenIdElement.Configuration.MaxAuthenticationTime;
diff --git a/src/DotNetOpenAuth.OpenId/OpenId/ChannelElements/SigningBindingElement.cs b/src/DotNetOpenAuth.OpenId/OpenId/ChannelElements/SigningBindingElement.cs
index 0041da4..527b180 100644
--- a/src/DotNetOpenAuth.OpenId/OpenId/ChannelElements/SigningBindingElement.cs
+++ b/src/DotNetOpenAuth.OpenId/OpenId/ChannelElements/SigningBindingElement.cs
@@ -22,6 +22,7 @@ namespace DotNetOpenAuth.OpenId.ChannelElements {
 	/// <summary>
 	/// Signs and verifies authentication assertions.
 	/// </summary>
+	[ContractClass(typeof(SigningBindingElementContract))]
 	internal abstract class SigningBindingElement : IChannelBindingElement {
 		#region IChannelBindingElement Properties
 
@@ -188,4 +189,21 @@ namespace DotNetOpenAuth.OpenId.ChannelElements {
 			throw new NotImplementedException();
 		}
 	}
+
+	[ContractClassFor(typeof(SigningBindingElement))]
+	internal abstract class SigningBindingElementContract : SigningBindingElement {
+		protected override MessageProtections VerifySignatureByUnrecognizedHandle(IProtocolMessage message, ITamperResistantOpenIdMessage signedMessage, MessageProtections protectionsApplied) {
+			throw new NotImplementedException();
+		}
+
+		protected override Association GetAssociation(ITamperResistantOpenIdMessage signedMessage) {
+			Contract.Requires<ArgumentNullException>(signedMessage != null);
+			throw new NotImplementedException();
+		}
+
+		protected override Association GetSpecificAssociation(ITamperResistantOpenIdMessage signedMessage) {
+			Contract.Requires<ArgumentNullException>(signedMessage != null);
+			throw new NotImplementedException();
+		}
+	}
 }
diff --git a/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/IAuthenticationRequest.cs b/src/DotNetOpenAuth.OpenId/OpenId/Provider/IAuthenticationRequest.cs
index f59d436..40ccf45 100644
--- a/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/IAuthenticationRequest.cs
+++ b/src/DotNetOpenAuth.OpenId/OpenId/Provider/IAuthenticationRequest.cs
@@ -306,7 +306,7 @@ namespace DotNetOpenAuth.OpenId.Provider {
 		/// <summary>
 		/// Attempts to perform relying party discovery of the return URL claimed by the Relying Party.
 		/// </summary>
-		/// <param name="provider">The OpenIdProvider that is performing the RP discovery.</param>
+		/// <param name="webRequestHandler">The web request handler to use for the RP discovery request.</param>
 		/// <returns>
 		/// The details of how successful the relying party discovery was.
 		/// </returns>
@@ -314,7 +314,7 @@ namespace DotNetOpenAuth.OpenId.Provider {
 		/// 	<para>Return URL verification is only attempted if this method is called.</para>
 		/// 	<para>See OpenID Authentication 2.0 spec section 9.2.1.</para>
 		/// </remarks>
-		RelyingPartyDiscoveryResult IHostProcessedRequest.IsReturnUrlDiscoverable(OpenIdProvider provider) {
+		RelyingPartyDiscoveryResult IHostProcessedRequest.IsReturnUrlDiscoverable(IDirectWebRequestHandler webRequestHandler) {
 			throw new NotImplementedException();
 		}
 
diff --git a/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/IHostProcessedRequest.cs b/src/DotNetOpenAuth.OpenId/OpenId/Provider/IHostProcessedRequest.cs
index 1c38d4b..0006e9c 100644
--- a/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/IHostProcessedRequest.cs
+++ b/src/DotNetOpenAuth.OpenId/OpenId/Provider/IHostProcessedRequest.cs
@@ -46,15 +46,15 @@ namespace DotNetOpenAuth.OpenId.Provider {
 		/// <summary>
 		/// Attempts to perform relying party discovery of the return URL claimed by the Relying Party.
 		/// </summary>
-		/// <param name="provider">The OpenIdProvider that is performing the RP discovery.</param>
+		/// <param name="webRequestHandler">The web request handler.</param>
 		/// <returns>
-		/// 	The details of how successful the relying party discovery was.
+		/// The details of how successful the relying party discovery was.
 		/// </returns>
 		/// <remarks>
-		/// 	<para>Return URL verification is only attempted if this method is called.</para>
-		/// 	<para>See OpenID Authentication 2.0 spec section 9.2.1.</para>
+		///   <para>Return URL verification is only attempted if this method is called.</para>
+		///   <para>See OpenID Authentication 2.0 spec section 9.2.1.</para>
 		/// </remarks>
-		RelyingPartyDiscoveryResult IsReturnUrlDiscoverable(OpenIdProvider provider);
+		RelyingPartyDiscoveryResult IsReturnUrlDiscoverable(IDirectWebRequestHandler webRequestHandler);
 	}
 
 	/// <summary>
@@ -184,16 +184,16 @@ namespace DotNetOpenAuth.OpenId.Provider {
 		/// <summary>
 		/// Attempts to perform relying party discovery of the return URL claimed by the Relying Party.
 		/// </summary>
-		/// <param name="provider">The OpenIdProvider that is performing the RP discovery.</param>
+		/// <param name="webRequestHandler">The web request handler.</param>
 		/// <returns>
 		/// The details of how successful the relying party discovery was.
 		/// </returns>
 		/// <remarks>
-		/// 	<para>Return URL verification is only attempted if this method is called.</para>
-		/// 	<para>See OpenID Authentication 2.0 spec section 9.2.1.</para>
+		///   <para>Return URL verification is only attempted if this method is called.</para>
+		///   <para>See OpenID Authentication 2.0 spec section 9.2.1.</para>
 		/// </remarks>
-		RelyingPartyDiscoveryResult IHostProcessedRequest.IsReturnUrlDiscoverable(OpenIdProvider provider) {
-			Contract.Requires<ArgumentNullException>(provider != null);
+		RelyingPartyDiscoveryResult IHostProcessedRequest.IsReturnUrlDiscoverable(IDirectWebRequestHandler webRequestHandler) {
+			Contract.Requires<ArgumentNullException>(webRequestHandler != null);
 			throw new System.NotImplementedException();
 		}
 
diff --git a/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/IProviderBehavior.cs b/src/DotNetOpenAuth.OpenId/OpenId/Provider/IProviderBehavior.cs
index 01b4ac8..01b4ac8 100644
--- a/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/IProviderBehavior.cs
+++ b/src/DotNetOpenAuth.OpenId/OpenId/Provider/IProviderBehavior.cs
diff --git a/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/IRequest.cs b/src/DotNetOpenAuth.OpenId/OpenId/Provider/IRequest.cs
index c231fa3..c231fa3 100644
--- a/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/IRequest.cs
+++ b/src/DotNetOpenAuth.OpenId/OpenId/Provider/IRequest.cs
diff --git a/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/ProviderSecuritySettings.cs b/src/DotNetOpenAuth.OpenId/OpenId/Provider/ProviderSecuritySettings.cs
index 130e6dd..130e6dd 100644
--- a/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/ProviderSecuritySettings.cs
+++ b/src/DotNetOpenAuth.OpenId/OpenId/Provider/ProviderSecuritySettings.cs
diff --git a/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/RelyingPartyDiscoveryResult.cs b/src/DotNetOpenAuth.OpenId/OpenId/Provider/RelyingPartyDiscoveryResult.cs
index 4eca6d6..4eca6d6 100644
--- a/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/RelyingPartyDiscoveryResult.cs
+++ b/src/DotNetOpenAuth.OpenId/OpenId/Provider/RelyingPartyDiscoveryResult.cs
diff --git a/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/RelyingParty/AuthenticationStatus.cs b/src/DotNetOpenAuth.OpenId/OpenId/RelyingParty/AuthenticationStatus.cs
index d9e5d0a..d9e5d0a 100644
--- a/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/RelyingParty/AuthenticationStatus.cs
+++ b/src/DotNetOpenAuth.OpenId/OpenId/RelyingParty/AuthenticationStatus.cs
diff --git a/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/RelyingParty/IAuthenticationRequest.cs b/src/DotNetOpenAuth.OpenId/OpenId/RelyingParty/IAuthenticationRequest.cs
index 65db0bd..65db0bd 100644
--- a/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/RelyingParty/IAuthenticationRequest.cs
+++ b/src/DotNetOpenAuth.OpenId/OpenId/RelyingParty/IAuthenticationRequest.cs
diff --git a/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/RelyingParty/IAuthenticationRequestContract.cs b/src/DotNetOpenAuth.OpenId/OpenId/RelyingParty/IAuthenticationRequestContract.cs
index cd36cc7..cd36cc7 100644
--- a/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/RelyingParty/IAuthenticationRequestContract.cs
+++ b/src/DotNetOpenAuth.OpenId/OpenId/RelyingParty/IAuthenticationRequestContract.cs
diff --git a/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/RelyingParty/IAuthenticationResponse.cs b/src/DotNetOpenAuth.OpenId/OpenId/RelyingParty/IAuthenticationResponse.cs
index a24220f..a24220f 100644
--- a/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/RelyingParty/IAuthenticationResponse.cs
+++ b/src/DotNetOpenAuth.OpenId/OpenId/RelyingParty/IAuthenticationResponse.cs
diff --git a/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/RelyingParty/IRelyingPartyBehavior.cs b/src/DotNetOpenAuth.OpenId/OpenId/RelyingParty/IRelyingPartyBehavior.cs
index 1bfa0db..1bfa0db 100644
--- a/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/RelyingParty/IRelyingPartyBehavior.cs
+++ b/src/DotNetOpenAuth.OpenId/OpenId/RelyingParty/IRelyingPartyBehavior.cs
diff --git a/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/RelyingParty/RelyingPartySecuritySettings.cs b/src/DotNetOpenAuth.OpenId/OpenId/RelyingParty/RelyingPartySecuritySettings.cs
index fc6d4c7..fc6d4c7 100644
--- a/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/RelyingParty/RelyingPartySecuritySettings.cs
+++ b/src/DotNetOpenAuth.OpenId/OpenId/RelyingParty/RelyingPartySecuritySettings.cs
diff --git a/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/UriDiscoveryService.cs b/src/DotNetOpenAuth.OpenId/OpenId/UriDiscoveryService.cs
index 7d17fd9..7d17fd9 100644
--- a/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/UriDiscoveryService.cs
+++ b/src/DotNetOpenAuth.OpenId/OpenId/UriDiscoveryService.cs
diff --git a/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/XriDiscoveryProxyService.cs b/src/DotNetOpenAuth.OpenId/OpenId/XriDiscoveryProxyService.cs
index d80c59e..d80c59e 100644
--- a/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/XriDiscoveryProxyService.cs
+++ b/src/DotNetOpenAuth.OpenId/OpenId/XriDiscoveryProxyService.cs
diff --git a/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/OpenIdXrdsHelper.cs b/src/DotNetOpenAuth.OpenId/OpenIdXrdsHelper.cs
index 6b2fb54..6b2fb54 100644
--- a/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/OpenIdXrdsHelper.cs
+++ b/src/DotNetOpenAuth.OpenId/OpenIdXrdsHelper.cs
diff --git a/src/Org.Mentalis.Security.Cryptography/Properties/AssemblyInfo.cs b/src/Org.Mentalis.Security.Cryptography/Properties/AssemblyInfo.cs
index 064d991..552073d 100644
--- a/src/Org.Mentalis.Security.Cryptography/Properties/AssemblyInfo.cs
+++ b/src/Org.Mentalis.Security.Cryptography/Properties/AssemblyInfo.cs
@@ -47,6 +47,10 @@ using System.Web.UI;
 [assembly: AllowPartiallyTrustedCallers]
 
 [assembly: InternalsVisibleTo("DotNetOpenAuth.OpenId, PublicKey=0024000004800000940000000602000000240000525341310004000001000100AD093C3765257C89A7010E853F2C7C741FF92FA8ACE06D7B8254702CAD5CF99104447F63AB05F8BB6F51CE0D81C8C93D2FCE8C20AAFF7042E721CBA16EAAE98778611DED11C0ABC8900DC5667F99B50A9DADEC24DBD8F2C91E3E8AD300EF64F1B4B9536CEB16FB440AF939F57624A9B486F867807C649AE4830EAB88C6C03998")]
+[assembly: InternalsVisibleTo("DotNetOpenAuth.OpenId.Provider, PublicKey=0024000004800000940000000602000000240000525341310004000001000100AD093C3765257C89A7010E853F2C7C741FF92FA8ACE06D7B8254702CAD5CF99104447F63AB05F8BB6F51CE0D81C8C93D2FCE8C20AAFF7042E721CBA16EAAE98778611DED11C0ABC8900DC5667F99B50A9DADEC24DBD8F2C91E3E8AD300EF64F1B4B9536CEB16FB440AF939F57624A9B486F867807C649AE4830EAB88C6C03998")]
+[assembly: InternalsVisibleTo("DotNetOpenAuth.OpenId.RelyingParty, PublicKey=0024000004800000940000000602000000240000525341310004000001000100AD093C3765257C89A7010E853F2C7C741FF92FA8ACE06D7B8254702CAD5CF99104447F63AB05F8BB6F51CE0D81C8C93D2FCE8C20AAFF7042E721CBA16EAAE98778611DED11C0ABC8900DC5667F99B50A9DADEC24DBD8F2C91E3E8AD300EF64F1B4B9536CEB16FB440AF939F57624A9B486F867807C649AE4830EAB88C6C03998")]
 #else
 [assembly: InternalsVisibleTo("DotNetOpenAuth.OpenId")]
+[assembly: InternalsVisibleTo("DotNetOpenAuth.OpenId.Provider")]
+[assembly: InternalsVisibleTo("DotNetOpenAuth.OpenId.RelyingParty")]
 #endif
author	Andrew Arnott <andrewarnott@gmail.com>	2011-07-25 17:03:47 -0600
committer	Andrew Arnott <andrewarnott@gmail.com>	2011-07-25 17:03:47 -0600
commit	d416ff734cea0ed41c275e904a0a09834cc3f079 (patch)
tree	8e0f04bcabc84f3ecc4f21617da3f5778c4ec789 /src
parent	67689b08f76546b25d4c4bcc68e179d3b02890fc (diff)
download	DotNetOpenAuth-d416ff734cea0ed41c275e904a0a09834cc3f079.zip DotNetOpenAuth-d416ff734cea0ed41c275e904a0a09834cc3f079.tar.gz DotNetOpenAuth-d416ff734cea0ed41c275e904a0a09834cc3f079.tar.bz2