Fixed bug where invalid extension payloads would end up throwing an unhandled ArgumentException.

The new design is to log the error and drop the extension while letting the rest of the message through. Fixes Trac #115.
author: Andrew Arnott <andrewarnott@gmail.com> 2009-08-25 19:52:55 -0700
committer: Andrew Arnott <andrewarnott@gmail.com> 2009-08-25 21:33:03 -0700
commit: e160b0d695a51a7dcba7e82e0059bc0dcb04701e (patch)
tree: 5cc0a36f0fd4de2027a67aaaf664db895f338e40 /src
parent: c004ac7c6be9936322071b2a48f95e0d967406b4 (diff)
download: DotNetOpenAuth-e160b0d695a51a7dcba7e82e0059bc0dcb04701e.zip
DotNetOpenAuth-e160b0d695a51a7dcba7e82e0059bc0dcb04701e.tar.gz
DotNetOpenAuth-e160b0d695a51a7dcba7e82e0059bc0dcb04701e.tar.bz2
4 files changed, 30 insertions, 11 deletions
diff --git a/src/DotNetOpenAuth/Messaging/Reflection/MessagePart.cs b/src/DotNetOpenAuth/Messaging/Reflection/MessagePart.cs
index 0732bb2..a8f04ec 100644
--- a/src/DotNetOpenAuth/Messaging/Reflection/MessagePart.cs
+++ b/src/DotNetOpenAuth/Messaging/Reflection/MessagePart.cs
@@ -188,7 +188,7 @@ namespace DotNetOpenAuth.Messaging.Reflection {
 						this.field.SetValue(message, this.ToValue(value));
 					}
 				}
-			} catch (FormatException ex) {
+			} catch (Exception ex) {
 				throw ErrorUtilities.Wrap(ex, MessagingStrings.MessagePartReadFailure, message.GetType(), this.Name, value);
 			}
 		}
diff --git a/src/DotNetOpenAuth/OpenId/ChannelElements/ExtensionsBindingElement.cs b/src/DotNetOpenAuth/OpenId/ChannelElements/ExtensionsBindingElement.cs
index d9c244f..a352c76 100644
--- a/src/DotNetOpenAuth/OpenId/ChannelElements/ExtensionsBindingElement.cs
+++ b/src/DotNetOpenAuth/OpenId/ChannelElements/ExtensionsBindingElement.cs
@@ -182,18 +182,25 @@ namespace DotNetOpenAuth.OpenId.ChannelElements {
 				// Initialize this particular extension.
 				IOpenIdMessageExtension extension = this.ExtensionFactory.Create(typeUri, extensionData, message, isAtProvider);
 				if (extension != null) {
-					MessageDictionary extensionDictionary = this.Channel.MessageDescriptions.GetAccessor(extension);
-					foreach (var pair in extensionData) {
-						extensionDictionary[pair.Key] = pair.Value;
-					}
+					try {
+						MessageDictionary extensionDictionary = this.Channel.MessageDescriptions.GetAccessor(extension);
+						foreach (var pair in extensionData) {
+							extensionDictionary[pair.Key] = pair.Value;
+						}
 
-					// Give extensions that require custom serialization a chance to do their work.
-					var customSerializingExtension = extension as IMessageWithEvents;
-					if (customSerializingExtension != null) {
-						customSerializingExtension.OnReceiving();
+						// Give extensions that require custom serialization a chance to do their work.
+						var customSerializingExtension = extension as IMessageWithEvents;
+						if (customSerializingExtension != null) {
+							customSerializingExtension.OnReceiving();
+						}
+					} catch (ProtocolException ex) {
+						Logger.OpenId.ErrorFormat(OpenIdStrings.BadExtension, extension.GetType(), ex);
+						extension = null;
 					}
 
-					yield return extension;
+					if (extension != null) {
+						yield return extension;
+					}
 				} else {
 					Logger.OpenId.WarnFormat("Extension with type URI '{0}' ignored because it is not a recognized extension.", typeUri);
 				}
diff --git a/src/DotNetOpenAuth/OpenId/OpenIdStrings.Designer.cs b/src/DotNetOpenAuth/OpenId/OpenIdStrings.Designer.cs
index fb6e997..6468a16 100644
--- a/src/DotNetOpenAuth/OpenId/OpenIdStrings.Designer.cs
+++ b/src/DotNetOpenAuth/OpenId/OpenIdStrings.Designer.cs
@@ -133,6 +133,15 @@ namespace DotNetOpenAuth.OpenId {
         }
         
         /// <summary>
+        ///   Looks up a localized string similar to The {0} extension failed to deserialize and will be skipped.  {1}.
+        /// </summary>
+        internal static string BadExtension {
+            get {
+                return ResourceManager.GetString("BadExtension", resourceCulture);
+            }
+        }
+        
+        /// <summary>
         ///   Looks up a localized string similar to Callback arguments are only supported when a {0} is provided to the {1}..
         /// </summary>
         internal static string CallbackArgumentsRequireSecretStore {
diff --git a/src/DotNetOpenAuth/OpenId/OpenIdStrings.resx b/src/DotNetOpenAuth/OpenId/OpenIdStrings.resx
index 20d3b67..56412c3 100644
--- a/src/DotNetOpenAuth/OpenId/OpenIdStrings.resx
+++ b/src/DotNetOpenAuth/OpenId/OpenIdStrings.resx
@@ -304,4 +304,7 @@ Discovered endpoint info:
   <data name="RequireSslNotSatisfiedByAssertedClaimedId" xml:space="preserve">
     <value>Sorry.  This site only accepts OpenIDs that are HTTPS-secured, but {0} is not a secure Identifier.</value>
   </data>
-</root>
+  <data name="BadExtension" xml:space="preserve">
+    <value>The {0} extension failed to deserialize and will be skipped.  {1}</value>
+  </data>
+</root>
+\ No newline at end of file
author	Andrew Arnott <andrewarnott@gmail.com>	2009-08-25 19:52:55 -0700
committer	Andrew Arnott <andrewarnott@gmail.com>	2009-08-25 21:33:03 -0700
commit	e160b0d695a51a7dcba7e82e0059bc0dcb04701e (patch)
tree	5cc0a36f0fd4de2027a67aaaf664db895f338e40 /src
parent	c004ac7c6be9936322071b2a48f95e0d967406b4 (diff)
download	DotNetOpenAuth-e160b0d695a51a7dcba7e82e0059bc0dcb04701e.zip DotNetOpenAuth-e160b0d695a51a7dcba7e82e0059bc0dcb04701e.tar.gz DotNetOpenAuth-e160b0d695a51a7dcba7e82e0059bc0dcb04701e.tar.bz2