diff options
281 files changed, 7183 insertions, 4455 deletions
@@ -23,3 +23,4 @@ PrecompiledWeb _ReSharper* *.vs10x *.docstates +UpgradeLog*.htm @@ -1,4 +1,4 @@ -<Project DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003" InitialTargets="TouchUpProjectsForDualFrameworks"> +<Project DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003"> <Import Project="EnlistmentInfo.props" /> <Import Project="$(MSBuildProjectDirectory)\tools\DotNetOpenAuth.automated.props"/> <Import Project="$(ProjectRoot)tools\Translation.targets"/> @@ -7,28 +7,31 @@ <!--Removed from NightlyProjects until it can be fixed up. samples\tools.proj;--> <NightlyProjects Include=" nuget\nuget.proj; - " /> - <NightlyProjects Include=" tools\drop.proj; "> - <BuildOnlyOnClr2>true</BuildOnlyOnClr2> + <Properties>TargetFrameworkVersion=v4.0</Properties> </NightlyProjects> - <NightlyProjects Include=" - samples\samples.proj; - doc\doc.proj; - "> + <NightlyProjects Include="samples\samples.proj"> + <Targets>DeployableArchive</Targets> + <Properties>TargetFrameworkVersion=v4.0</Properties> + </NightlyProjects> + <NightlyProjects Include="doc\doc.proj"> <Targets>DeployableArchive</Targets> - <BuildOnlyOnClr2>true</BuildOnlyOnClr2> + <Properties>TargetFrameworkVersion=v3.5</Properties> </NightlyProjects> <ProjectsToClean Include=" - $(SolutionPath); - projecttemplates\projecttemplates.proj; - vsi\vsi.proj; - vsix\vsix.proj; - samples\samples.proj; - doc\doc.proj; - "/> + $(SolutionPath); + projecttemplates\projecttemplates.proj; + vsi\vsi.proj; + vsix\vsix.proj; + samples\samples.proj; + "> + <Properties>TargetFrameworkVersion=v4.0</Properties> + </ProjectsToClean> + <ProjectsToClean Include="doc\doc.proj"> + <Properties>TargetFrameworkVersion=v3.5</Properties> + </ProjectsToClean> <DirectoriesToClean Include=" $(ProjectRoot)bin; @@ -47,32 +50,16 @@ <TestAssemblies Include="$(OutputPath)$(ProductName).Test.dll" Condition=" '$(ClrVersion)' == '2' " /> <TestAssemblies Include="$(OutputPath)$(ProductName).AspNet.Test.dll" Condition=" '$(ClrVersion)' == '4' " /> - <ProjectsToPublish Include=" - doc\doc.proj; - samples\samples.proj; - "> + <ProjectsToPublish Include="doc\doc.proj"> <Targets>Publish</Targets> + <Properties>TargetFrameworkVersion=v3.5</Properties> + </ProjectsToPublish> + <ProjectsToPublish Include="samples\samples.proj"> + <Targets>Publish</Targets> + <Properties>TargetFrameworkVersion=v4.0</Properties> </ProjectsToPublish> </ItemGroup> - <Target Name="TouchUpProjectsForDualFrameworks"> - <ItemGroup> - <!-- The point here is to duplicate all projects, once targeting each version of .NET that we support. --> - <NightlyProjects> - <Properties>TargetFrameworkVersion=v3.5</Properties> - </NightlyProjects> - <NightlyProjects Include="@(NightlyProjects)" Condition=" '%(NightlyProjects.BuildOnlyOnClr2)' != 'true' "> - <Properties>TargetFrameworkVersion=v4.0</Properties> - </NightlyProjects> - <ProjectsToClean> - <Properties>TargetFrameworkVersion=v3.5</Properties> - </ProjectsToClean> - <ProjectsToClean Include="@(ProjectsToClean)"> - <Properties>TargetFrameworkVersion=v4.0</Properties> - </ProjectsToClean> - </ItemGroup> - </Target> - <Target Name="BuildTests" DependsOnTargets="SkipVerification"> <MSBuild Projects="$(SolutionPath)" Targets="@(TestProjects)" BuildInParallel="$(BuildInParallel)" /> </Target> @@ -103,7 +90,10 @@ </Target> <Target Name="Publish"> - <MSBuild Projects="@(ProjectsToPublish)" Targets="%(ProjectsToPublish.Targets)" BuildInParallel="$(BuildInParallel)" /> + <MSBuild Projects="@(ProjectsToPublish)" + Targets="%(ProjectsToPublish.Targets)" + Properties="%(ProjectsToPublish.Properties)" + BuildInParallel="$(BuildInParallel)" /> </Target> <Import Project="$(ProjectRoot)tools\DotNetOpenAuth.automated.targets"/> diff --git a/nuget/DotNetOpenAuth.AspNet.nuspec b/nuget/DotNetOpenAuth.AspNet.nuspec index ef68ebb..e987039 100644 --- a/nuget/DotNetOpenAuth.AspNet.nuspec +++ b/nuget/DotNetOpenAuth.AspNet.nuspec @@ -25,6 +25,10 @@ <file src="$OutputPath40$$identity$.pdb" target="lib\net40-full\" /> <file src="$OutputPath40$$identity$.xml" target="lib\net40-full\" /> + <file src="$OutputPath45$signed\$identity$.dll" target="lib\net45-full\" /> + <file src="$OutputPath45$$identity$.pdb" target="lib\net45-full\" /> + <file src="$OutputPath45$$identity$.xml" target="lib\net45-full\" /> + <file src="..\src\$Identity$\**\*.cs" target="src" exclude="..\src\$Identity$\obj\**" /> <file src="$GeneratedAssemblyInfoSourceFile$" target="src" /> </files> diff --git a/nuget/DotNetOpenAuth.Core.UI.nuspec b/nuget/DotNetOpenAuth.Core.UI.nuspec index 8887baa..69fea80 100644 --- a/nuget/DotNetOpenAuth.Core.UI.nuspec +++ b/nuget/DotNetOpenAuth.Core.UI.nuspec @@ -20,12 +20,15 @@ <files> <file src="$OutputPath35$signed\$identity$.dll" target="lib\net35-full\" /> <file src="$OutputPath40$signed\$identity$.dll" target="lib\net40-full\" /> + <file src="$OutputPath45$signed\$identity$.dll" target="lib\net45-full\" /> <file src="$OutputPath35$$identity$.pdb" target="lib\net35-full\" /> <file src="$OutputPath40$$identity$.pdb" target="lib\net40-full\" /> + <file src="$OutputPath45$$identity$.pdb" target="lib\net45-full\" /> <file src="$OutputPath35$$identity$.xml" target="lib\net35-full\" /> <file src="$OutputPath40$$identity$.xml" target="lib\net40-full\" /> + <file src="$OutputPath45$$identity$.xml" target="lib\net45-full\" /> <file src="..\src\$Identity$\**\*.cs" target="src" exclude="..\src\$Identity$\obj\**" /> <file src="$GeneratedAssemblyInfoSourceFile$" target="src" /> diff --git a/nuget/DotNetOpenAuth.Core.nuspec b/nuget/DotNetOpenAuth.Core.nuspec index d8d0cc0..989f5bf 100644 --- a/nuget/DotNetOpenAuth.Core.nuspec +++ b/nuget/DotNetOpenAuth.Core.nuspec @@ -23,12 +23,15 @@ <files> <file src="$OutputPath35$signed\$identity$.dll" target="lib\net35-full\" /> <file src="$OutputPath40$signed\$identity$.dll" target="lib\net40-full\" /> + <file src="$OutputPath45$signed\$identity$.dll" target="lib\net45-full\" /> <file src="$OutputPath35$$identity$.pdb" target="lib\net35-full\" /> <file src="$OutputPath40$$identity$.pdb" target="lib\net40-full\" /> + <file src="$OutputPath45$$identity$.pdb" target="lib\net45-full\" /> <file src="$OutputPath35$$identity$.xml" target="lib\net35-full\" /> <file src="$OutputPath40$$identity$.xml" target="lib\net40-full\" /> + <file src="$OutputPath45$$identity$.xml" target="lib\net45-full\" /> <file src="content\Core\web.config.transform" target="content\web.config.transform" /> diff --git a/nuget/DotNetOpenAuth.InfoCard.UI.nuspec b/nuget/DotNetOpenAuth.InfoCard.UI.nuspec index 192761f..f638a9b 100644 --- a/nuget/DotNetOpenAuth.InfoCard.UI.nuspec +++ b/nuget/DotNetOpenAuth.InfoCard.UI.nuspec @@ -25,12 +25,15 @@ <files> <file src="$OutputPath35$signed\$identity$.dll" target="lib\net35-full\" /> <file src="$OutputPath40$signed\$identity$.dll" target="lib\net40-full\" /> + <file src="$OutputPath45$signed\$identity$.dll" target="lib\net45-full\" /> <file src="$OutputPath35$$identity$.pdb" target="lib\net35-full\" /> <file src="$OutputPath40$$identity$.pdb" target="lib\net40-full\" /> + <file src="$OutputPath45$$identity$.pdb" target="lib\net45-full\" /> <file src="$OutputPath35$$identity$.xml" target="lib\net35-full\" /> <file src="$OutputPath40$$identity$.xml" target="lib\net40-full\" /> + <file src="$OutputPath45$$identity$.xml" target="lib\net45-full\" /> <file src="..\src\$Identity$\**\*.cs" target="src" exclude="..\src\$Identity$\obj\**" /> <file src="$GeneratedAssemblyInfoSourceFile$" target="src" /> diff --git a/nuget/DotNetOpenAuth.InfoCard.nuspec b/nuget/DotNetOpenAuth.InfoCard.nuspec index ca8f5fc..9b3e532 100644 --- a/nuget/DotNetOpenAuth.InfoCard.nuspec +++ b/nuget/DotNetOpenAuth.InfoCard.nuspec @@ -23,12 +23,15 @@ <files> <file src="$OutputPath35$signed\$identity$.dll" target="lib\net35-full\" /> <file src="$OutputPath40$signed\$identity$.dll" target="lib\net40-full\" /> + <file src="$OutputPath45$signed\$identity$.dll" target="lib\net45-full\" /> <file src="$OutputPath35$$identity$.pdb" target="lib\net35-full\" /> <file src="$OutputPath40$$identity$.pdb" target="lib\net40-full\" /> + <file src="$OutputPath45$$identity$.pdb" target="lib\net45-full\" /> <file src="$OutputPath35$$identity$.xml" target="lib\net35-full\" /> <file src="$OutputPath40$$identity$.xml" target="lib\net40-full\" /> + <file src="$OutputPath45$$identity$.xml" target="lib\net45-full\" /> <file src="..\src\$Identity$\**\*.cs" target="src" exclude="..\src\$Identity$\obj\**" /> <file src="$GeneratedAssemblyInfoSourceFile$" target="src" /> diff --git a/nuget/DotNetOpenAuth.OAuth.Common.nuspec b/nuget/DotNetOpenAuth.OAuth.Common.nuspec index f34aa02..f3d8dbc 100644 --- a/nuget/DotNetOpenAuth.OAuth.Common.nuspec +++ b/nuget/DotNetOpenAuth.OAuth.Common.nuspec @@ -19,12 +19,15 @@ <files> <file src="$OutputPath35$signed\$identity$.dll" target="lib\net35-full\" /> <file src="$OutputPath40$signed\$identity$.dll" target="lib\net40-full\" /> + <file src="$OutputPath45$signed\$identity$.dll" target="lib\net45-full\" /> <file src="$OutputPath35$$identity$.pdb" target="lib\net35-full\" /> <file src="$OutputPath40$$identity$.pdb" target="lib\net40-full\" /> + <file src="$OutputPath45$$identity$.pdb" target="lib\net45-full\" /> <file src="$OutputPath35$$identity$.xml" target="lib\net35-full\" /> <file src="$OutputPath40$$identity$.xml" target="lib\net40-full\" /> + <file src="$OutputPath45$$identity$.xml" target="lib\net45-full\" /> <file src="..\src\$Identity$\**\*.cs" target="src" exclude="..\src\$Identity$\obj\**" /> <file src="$GeneratedAssemblyInfoSourceFile$" target="src" /> diff --git a/nuget/DotNetOpenAuth.OAuth.Consumer.nuspec b/nuget/DotNetOpenAuth.OAuth.Consumer.nuspec index 9c94bfd..c6db07c 100644 --- a/nuget/DotNetOpenAuth.OAuth.Consumer.nuspec +++ b/nuget/DotNetOpenAuth.OAuth.Consumer.nuspec @@ -22,12 +22,15 @@ <files> <file src="$OutputPath35$signed\$identity$.dll" target="lib\net35-full\" /> <file src="$OutputPath40$signed\$identity$.dll" target="lib\net40-full\" /> + <file src="$OutputPath45$signed\$identity$.dll" target="lib\net45-full\" /> <file src="$OutputPath35$$identity$.pdb" target="lib\net35-full\" /> <file src="$OutputPath40$$identity$.pdb" target="lib\net40-full\" /> + <file src="$OutputPath45$$identity$.pdb" target="lib\net45-full\" /> <file src="$OutputPath35$$identity$.xml" target="lib\net35-full\" /> <file src="$OutputPath40$$identity$.xml" target="lib\net40-full\" /> + <file src="$OutputPath45$$identity$.xml" target="lib\net45-full\" /> <file src="..\src\$Identity$\**\*.cs" target="src" exclude="..\src\$Identity$\obj\**" /> <file src="$GeneratedAssemblyInfoSourceFile$" target="src" /> diff --git a/nuget/DotNetOpenAuth.OAuth.ServiceProvider.nuspec b/nuget/DotNetOpenAuth.OAuth.ServiceProvider.nuspec index 05e9524..5abf338 100644 --- a/nuget/DotNetOpenAuth.OAuth.ServiceProvider.nuspec +++ b/nuget/DotNetOpenAuth.OAuth.ServiceProvider.nuspec @@ -23,12 +23,15 @@ <files> <file src="$OutputPath35$signed\$identity$.dll" target="lib\net35-full\" /> <file src="$OutputPath40$signed\$identity$.dll" target="lib\net40-full\" /> + <file src="$OutputPath45$signed\$identity$.dll" target="lib\net45-full\" /> <file src="$OutputPath35$$identity$.pdb" target="lib\net35-full\" /> <file src="$OutputPath40$$identity$.pdb" target="lib\net40-full\" /> + <file src="$OutputPath45$$identity$.pdb" target="lib\net45-full\" /> <file src="$OutputPath35$$identity$.xml" target="lib\net35-full\" /> <file src="$OutputPath40$$identity$.xml" target="lib\net40-full\" /> + <file src="$OutputPath45$$identity$.xml" target="lib\net45-full\" /> <file src="..\src\$Identity$\**\*.cs" target="src" exclude="..\src\$Identity$\obj\**" /> <file src="$GeneratedAssemblyInfoSourceFile$" target="src" /> diff --git a/nuget/DotNetOpenAuth.OAuth.nuspec b/nuget/DotNetOpenAuth.OAuth.nuspec index 7f8f4b4..e313129 100644 --- a/nuget/DotNetOpenAuth.OAuth.nuspec +++ b/nuget/DotNetOpenAuth.OAuth.nuspec @@ -19,12 +19,15 @@ <files> <file src="$OutputPath35$signed\$identity$.dll" target="lib\net35-full\" /> <file src="$OutputPath40$signed\$identity$.dll" target="lib\net40-full\" /> + <file src="$OutputPath45$signed\$identity$.dll" target="lib\net45-full\" /> <file src="$OutputPath35$$identity$.pdb" target="lib\net35-full\" /> <file src="$OutputPath40$$identity$.pdb" target="lib\net40-full\" /> + <file src="$OutputPath45$$identity$.pdb" target="lib\net45-full\" /> <file src="$OutputPath35$$identity$.xml" target="lib\net35-full\" /> <file src="$OutputPath40$$identity$.xml" target="lib\net40-full\" /> + <file src="$OutputPath45$$identity$.xml" target="lib\net45-full\" /> <file src="content\OAuth.Core\web.config.transform" target="content\web.config.transform" /> diff --git a/nuget/DotNetOpenAuth.OAuth2.AuthorizationServer.nuspec b/nuget/DotNetOpenAuth.OAuth2.AuthorizationServer.nuspec index 82b46d6..ac8fd50 100644 --- a/nuget/DotNetOpenAuth.OAuth2.AuthorizationServer.nuspec +++ b/nuget/DotNetOpenAuth.OAuth2.AuthorizationServer.nuspec @@ -16,18 +16,21 @@ all without disclosing their login credential with you to 3rd parties. </description> <dependencies> - <dependency id="DotNetOpenAuth.OAuth2.Core" version="[$oauth2version$]" /> + <dependency id="DotNetOpenAuth.OAuth2.ClientAuthorization" version="[$oauth2version$]" /> </dependencies> </metadata> <files> <file src="$OutputPath35$signed\$identity$.dll" target="lib\net35-full" /> <file src="$OutputPath40$signed\$identity$.dll" target="lib\net40-full" /> + <file src="$OutputPath45$signed\$identity$.dll" target="lib\net45-full" /> <file src="$OutputPath35$$identity$.pdb" target="lib\net35-full" /> <file src="$OutputPath40$$identity$.pdb" target="lib\net40-full" /> + <file src="$OutputPath45$$identity$.pdb" target="lib\net45-full" /> <file src="$OutputPath35$$identity$.xml" target="lib\net35-full" /> <file src="$OutputPath40$$identity$.xml" target="lib\net40-full" /> + <file src="$OutputPath45$$identity$.xml" target="lib\net45-full" /> <file src="..\src\$Identity$\**\*.cs" target="src" exclude="..\src\$Identity$\obj\**" /> <file src="$GeneratedAssemblyInfoSourceFile$" target="src" /> diff --git a/nuget/DotNetOpenAuth.OAuth2.Client.UI.nuspec b/nuget/DotNetOpenAuth.OAuth2.Client.UI.nuspec index fca4eaa..bb0551c 100644 --- a/nuget/DotNetOpenAuth.OAuth2.Client.UI.nuspec +++ b/nuget/DotNetOpenAuth.OAuth2.Client.UI.nuspec @@ -22,12 +22,15 @@ <files> <file src="$OutputPath35$signed\$identity$.dll" target="lib\net35-full" /> <file src="$OutputPath40$signed\$identity$.dll" target="lib\net40-full" /> + <file src="$OutputPath45$signed\$identity$.dll" target="lib\net45-full" /> <file src="$OutputPath35$$identity$.pdb" target="lib\net35-full" /> <file src="$OutputPath40$$identity$.pdb" target="lib\net40-full" /> + <file src="$OutputPath45$$identity$.pdb" target="lib\net45-full" /> <file src="$OutputPath35$$identity$.xml" target="lib\net35-full" /> <file src="$OutputPath40$$identity$.xml" target="lib\net40-full" /> + <file src="$OutputPath45$$identity$.xml" target="lib\net45-full" /> <file src="..\src\$Identity$\**\*.cs" target="src" exclude="..\src\$Identity$\obj\**" /> <file src="$GeneratedAssemblyInfoSourceFile$" target="src" /> diff --git a/nuget/DotNetOpenAuth.OAuth2.Client.nuspec b/nuget/DotNetOpenAuth.OAuth2.Client.nuspec index 20bb4cf..822ab09 100644 --- a/nuget/DotNetOpenAuth.OAuth2.Client.nuspec +++ b/nuget/DotNetOpenAuth.OAuth2.Client.nuspec @@ -16,18 +16,21 @@ data on 3rd party services rather than asking for their password. </description> <dependencies> - <dependency id="DotNetOpenAuth.OAuth2.Core" version="[$oauth2version$]" /> + <dependency id="DotNetOpenAuth.OAuth2.ClientAuthorization" version="[$oauth2version$]" /> </dependencies> </metadata> <files> <file src="$OutputPath35$signed\$identity$.dll" target="lib\net35-full" /> <file src="$OutputPath40$signed\$identity$.dll" target="lib\net40-full" /> + <file src="$OutputPath45$signed\$identity$.dll" target="lib\net45-full" /> <file src="$OutputPath35$$identity$.pdb" target="lib\net35-full" /> <file src="$OutputPath40$$identity$.pdb" target="lib\net40-full" /> + <file src="$OutputPath45$$identity$.pdb" target="lib\net45-full" /> <file src="$OutputPath35$$identity$.xml" target="lib\net35-full" /> <file src="$OutputPath40$$identity$.xml" target="lib\net40-full" /> + <file src="$OutputPath45$$identity$.xml" target="lib\net45-full" /> <file src="..\src\$Identity$\**\*.cs" target="src" exclude="..\src\$Identity$\obj\**" /> <file src="$GeneratedAssemblyInfoSourceFile$" target="src" /> diff --git a/nuget/DotNetOpenAuth.OAuth2.ClientAuthorization.nuspec b/nuget/DotNetOpenAuth.OAuth2.ClientAuthorization.nuspec new file mode 100644 index 0000000..0c72cd8 --- /dev/null +++ b/nuget/DotNetOpenAuth.OAuth2.ClientAuthorization.nuspec @@ -0,0 +1,33 @@ +<?xml version="1.0"?> +<package xmlns="http://schemas.microsoft.com/packaging/2010/07/nuspec.xsd"> + <metadata> + <id>DotNetOpenAuth.OAuth2.ClientAuthorization</id> + <version>$oauth2version$</version> + <title>DotNetOpenAuth OAuth 2.0 Client Authorization</title> + <authors>Andrew Arnott</authors> + <owners>Outercurve Foundation</owners> + <projectUrl>http://www.dotnetopenauth.net/</projectUrl> + <iconUrl>https://github.com/AArnott/dotnetopenid/raw/v3.4/doc/logo/dnoa-logo_32x32.png</iconUrl> + <licenseUrl>http://www.opensource.org/licenses/ms-pl.html</licenseUrl> + <requireLicenseAcceptance>false</requireLicenseAcceptance> + <description>Functionality common to both OAuth 2.0 Clients and Authorization Servers.</description> + <dependencies> + <dependency id="DotNetOpenAuth.OAuth2.Core" version="[$oauth2version$]" /> + </dependencies> + </metadata> + <files> + <file src="$OutputPath35$signed\DotNetOpenAuth.OAuth2.ClientAuthorization.dll" target="lib\net35-full" /> + <file src="$OutputPath40$signed\DotNetOpenAuth.OAuth2.ClientAuthorization.dll" target="lib\net40-full" /> + <file src="$OutputPath45$signed\DotNetOpenAuth.OAuth2.ClientAuthorization.dll" target="lib\net45-full" /> + + <file src="$OutputPath35$DotNetOpenAuth.OAuth2.ClientAuthorization.pdb" target="lib\net35-full" /> + <file src="$OutputPath40$DotNetOpenAuth.OAuth2.ClientAuthorization.pdb" target="lib\net40-full" /> + <file src="$OutputPath45$DotNetOpenAuth.OAuth2.ClientAuthorization.pdb" target="lib\net45-full" /> + + <file src="$OutputPath35$DotNetOpenAuth.OAuth2.ClientAuthorization.xml" target="lib\net35-full" /> + <file src="$OutputPath40$DotNetOpenAuth.OAuth2.ClientAuthorization.xml" target="lib\net40-full" /> + <file src="$OutputPath45$DotNetOpenAuth.OAuth2.ClientAuthorization.xml" target="lib\net45-full" /> + + <file src="..\src\DotNetOpenAuth.OAuth2.ClientAuthorization\**\*.cs" target="src" /> + </files> +</package>
\ No newline at end of file diff --git a/nuget/DotNetOpenAuth.OAuth2.ResourceServer.nuspec b/nuget/DotNetOpenAuth.OAuth2.ResourceServer.nuspec index 0de40e7..30fc363 100644 --- a/nuget/DotNetOpenAuth.OAuth2.ResourceServer.nuspec +++ b/nuget/DotNetOpenAuth.OAuth2.ResourceServer.nuspec @@ -24,12 +24,15 @@ <files> <file src="$OutputPath35$signed\$identity$.dll" target="lib\net35-full" /> <file src="$OutputPath40$signed\$identity$.dll" target="lib\net40-full" /> + <file src="$OutputPath45$signed\$identity$.dll" target="lib\net45-full" /> <file src="$OutputPath35$$identity$.pdb" target="lib\net35-full" /> <file src="$OutputPath40$$identity$.pdb" target="lib\net40-full" /> + <file src="$OutputPath45$$identity$.pdb" target="lib\net45-full" /> <file src="$OutputPath35$$identity$.xml" target="lib\net35-full" /> <file src="$OutputPath40$$identity$.xml" target="lib\net40-full" /> + <file src="$OutputPath45$$identity$.xml" target="lib\net45-full" /> <file src="..\src\$Identity$\**\*.cs" target="src" exclude="..\src\$Identity$\obj\**" /> <file src="$GeneratedAssemblyInfoSourceFile$" target="src" /> diff --git a/nuget/DotNetOpenAuth.OAuth2.nuspec b/nuget/DotNetOpenAuth.OAuth2.nuspec index 703d4a1..8ecf799 100644 --- a/nuget/DotNetOpenAuth.OAuth2.nuspec +++ b/nuget/DotNetOpenAuth.OAuth2.nuspec @@ -19,12 +19,15 @@ <files> <file src="$OutputPath35$signed\$identity$.dll" target="lib\net35-full" /> <file src="$OutputPath40$signed\$identity$.dll" target="lib\net40-full" /> + <file src="$OutputPath45$signed\$identity$.dll" target="lib\net45-full" /> <file src="$OutputPath35$$identity$.pdb" target="lib\net35-full" /> <file src="$OutputPath40$$identity$.pdb" target="lib\net40-full" /> + <file src="$OutputPath45$$identity$.pdb" target="lib\net45-full" /> <file src="$OutputPath35$$identity$.xml" target="lib\net35-full" /> <file src="$OutputPath40$$identity$.xml" target="lib\net40-full" /> + <file src="$OutputPath45$$identity$.xml" target="lib\net45-full" /> <file src="..\src\$Identity$\**\*.cs" target="src" exclude="..\src\$Identity$\obj\**" /> <file src="$GeneratedAssemblyInfoSourceFile$" target="src" /> diff --git a/nuget/DotNetOpenAuth.OpenId.Provider.UI.nuspec b/nuget/DotNetOpenAuth.OpenId.Provider.UI.nuspec index 777d6df..fa72410 100644 --- a/nuget/DotNetOpenAuth.OpenId.Provider.UI.nuspec +++ b/nuget/DotNetOpenAuth.OpenId.Provider.UI.nuspec @@ -25,12 +25,15 @@ <files> <file src="$OutputPath35$signed\$identity$.dll" target="lib\net35-full\" /> <file src="$OutputPath40$signed\$identity$.dll" target="lib\net40-full\" /> + <file src="$OutputPath45$signed\$identity$.dll" target="lib\net45-full\" /> <file src="$OutputPath35$$identity$.pdb" target="lib\net35-full\" /> <file src="$OutputPath40$$identity$.pdb" target="lib\net40-full\" /> + <file src="$OutputPath45$$identity$.pdb" target="lib\net45-full\" /> <file src="$OutputPath35$$identity$.xml" target="lib\net35-full\" /> <file src="$OutputPath40$$identity$.xml" target="lib\net40-full\" /> + <file src="$OutputPath45$$identity$.xml" target="lib\net45-full\" /> <file src="..\src\$Identity$\**\*.cs" target="src" exclude="..\src\$Identity$\obj\**" /> <file src="$GeneratedAssemblyInfoSourceFile$" target="src" /> diff --git a/nuget/DotNetOpenAuth.OpenId.Provider.nuspec b/nuget/DotNetOpenAuth.OpenId.Provider.nuspec index 0f092f7..ab93d46 100644 --- a/nuget/DotNetOpenAuth.OpenId.Provider.nuspec +++ b/nuget/DotNetOpenAuth.OpenId.Provider.nuspec @@ -24,12 +24,15 @@ <files> <file src="$OutputPath35$signed\$identity$.dll" target="lib\net35-full\" /> <file src="$OutputPath40$signed\$identity$.dll" target="lib\net40-full\" /> + <file src="$OutputPath45$signed\$identity$.dll" target="lib\net45-full\" /> <file src="$OutputPath35$$identity$.pdb" target="lib\net35-full\" /> <file src="$OutputPath40$$identity$.pdb" target="lib\net40-full\" /> + <file src="$OutputPath45$$identity$.pdb" target="lib\net45-full\" /> <file src="$OutputPath35$$identity$.xml" target="lib\net35-full\" /> <file src="$OutputPath40$$identity$.xml" target="lib\net40-full\" /> + <file src="$OutputPath45$$identity$.xml" target="lib\net45-full\" /> <file src="content\OpenId.Provider\web.config.transform" target="content\web.config.transform" /> diff --git a/nuget/DotNetOpenAuth.OpenId.RelyingParty.UI.nuspec b/nuget/DotNetOpenAuth.OpenId.RelyingParty.UI.nuspec index d24eb7e..4fd8d1b 100644 --- a/nuget/DotNetOpenAuth.OpenId.RelyingParty.UI.nuspec +++ b/nuget/DotNetOpenAuth.OpenId.RelyingParty.UI.nuspec @@ -23,12 +23,15 @@ <files> <file src="$OutputPath35$signed\$identity$.dll" target="lib\net35-full\" /> <file src="$OutputPath40$signed\$identity$.dll" target="lib\net40-full\" /> + <file src="$OutputPath45$signed\$identity$.dll" target="lib\net45-full\" /> <file src="$OutputPath35$$identity$.pdb" target="lib\net35-full\" /> <file src="$OutputPath40$$identity$.pdb" target="lib\net40-full\" /> + <file src="$OutputPath45$$identity$.pdb" target="lib\net45-full\" /> <file src="$OutputPath35$$identity$.xml" target="lib\net35-full\" /> <file src="$OutputPath40$$identity$.xml" target="lib\net40-full\" /> + <file src="$OutputPath45$$identity$.xml" target="lib\net45-full\" /> <file src="..\src\$Identity$\**\*.cs" target="src" exclude="..\src\$Identity$\obj\**" /> <file src="$GeneratedAssemblyInfoSourceFile$" target="src" /> diff --git a/nuget/DotNetOpenAuth.OpenId.RelyingParty.nuspec b/nuget/DotNetOpenAuth.OpenId.RelyingParty.nuspec index 043b537..cf64de4 100644 --- a/nuget/DotNetOpenAuth.OpenId.RelyingParty.nuspec +++ b/nuget/DotNetOpenAuth.OpenId.RelyingParty.nuspec @@ -22,12 +22,15 @@ <files> <file src="$OutputPath35$signed\$identity$.dll" target="lib\net35-full\" /> <file src="$OutputPath40$signed\$identity$.dll" target="lib\net40-full\" /> + <file src="$OutputPath45$signed\$identity$.dll" target="lib\net45-full\" /> <file src="$OutputPath35$$identity$.pdb" target="lib\net35-full\" /> <file src="$OutputPath40$$identity$.pdb" target="lib\net40-full\" /> + <file src="$OutputPath45$$identity$.pdb" target="lib\net45-full\" /> <file src="$OutputPath35$$identity$.xml" target="lib\net35-full\" /> <file src="$OutputPath40$$identity$.xml" target="lib\net40-full\" /> + <file src="$OutputPath45$$identity$.xml" target="lib\net45-full\" /> <file src="content\OpenId.RelyingParty\web.config.transform" target="content\web.config.transform" /> diff --git a/nuget/DotNetOpenAuth.OpenId.UI.nuspec b/nuget/DotNetOpenAuth.OpenId.UI.nuspec index bc39a76..75da54c 100644 --- a/nuget/DotNetOpenAuth.OpenId.UI.nuspec +++ b/nuget/DotNetOpenAuth.OpenId.UI.nuspec @@ -19,12 +19,15 @@ <files> <file src="$OutputPath35$signed\$identity$.dll" target="lib\net35-full\" /> <file src="$OutputPath40$signed\$identity$.dll" target="lib\net40-full\" /> + <file src="$OutputPath45$signed\$identity$.dll" target="lib\net45-full\" /> <file src="$OutputPath35$$identity$.pdb" target="lib\net35-full\" /> <file src="$OutputPath40$$identity$.pdb" target="lib\net40-full\" /> + <file src="$OutputPath45$$identity$.pdb" target="lib\net45-full\" /> <file src="$OutputPath35$$identity$.xml" target="lib\net35-full\" /> <file src="$OutputPath40$$identity$.xml" target="lib\net40-full\" /> + <file src="$OutputPath45$$identity$.xml" target="lib\net45-full\" /> <file src="..\src\$Identity$\**\*.cs" target="src" exclude="..\src\$Identity$\obj\**" /> <file src="$GeneratedAssemblyInfoSourceFile$" target="src" /> diff --git a/nuget/DotNetOpenAuth.OpenId.nuspec b/nuget/DotNetOpenAuth.OpenId.nuspec index 5956ae6..0b98364 100644 --- a/nuget/DotNetOpenAuth.OpenId.nuspec +++ b/nuget/DotNetOpenAuth.OpenId.nuspec @@ -23,24 +23,33 @@ <files> <file src="$OutputPath35$signed\$identity$.dll" target="lib\net35-full\" /> <file src="$OutputPath40$signed\$identity$.dll" target="lib\net40-full\" /> + <file src="$OutputPath45$signed\$identity$.dll" target="lib\net45-full\" /> <file src="$OutputPath35$$identity$.pdb" target="lib\net35-full\" /> <file src="$OutputPath40$$identity$.pdb" target="lib\net40-full\" /> + <file src="$OutputPath45$$identity$.pdb" target="lib\net45-full\" /> <file src="$OutputPath35$$identity$.xml" target="lib\net35-full\" /> <file src="$OutputPath40$$identity$.xml" target="lib\net40-full\" /> + <file src="$OutputPath45$$identity$.xml" target="lib\net45-full\" /> <file src="$OutputPath35$signed\Org.Mentalis.Security.Cryptography.dll" target="lib\net35-full\" /> <file src="$OutputPath40$signed\Org.Mentalis.Security.Cryptography.dll" target="lib\net40-full\" /> + <file src="$OutputPath45$signed\Org.Mentalis.Security.Cryptography.dll" target="lib\net45-full\" /> <file src="$OutputPath35$Org.Mentalis.Security.Cryptography.pdb" target="lib\net35-full\" /> <file src="$OutputPath40$Org.Mentalis.Security.Cryptography.pdb" target="lib\net40-full\" /> + <file src="$OutputPath45$Org.Mentalis.Security.Cryptography.pdb" target="lib\net45-full\" /> <file src="$OutputPath35$Org.Mentalis.Security.Cryptography.xml" target="lib\net35-full\" /> <file src="$OutputPath40$Org.Mentalis.Security.Cryptography.xml" target="lib\net40-full\" /> + <file src="$OutputPath45$Org.Mentalis.Security.Cryptography.xml" target="lib\net45-full\" /> <file src="$OutputPath35$signed\Mono.Math.dll" target="lib\net35-full\" /> <file src="$OutputPath40$signed\Mono.Math.dll" target="lib\net40-full\" /> + <file src="$OutputPath45$signed\Mono.Math.dll" target="lib\net45-full\" /> <file src="$OutputPath35$Mono.Math.pdb" target="lib\net35-full\" /> <file src="$OutputPath40$Mono.Math.pdb" target="lib\net40-full\" /> + <file src="$OutputPath45$Mono.Math.pdb" target="lib\net45-full\" /> <file src="$OutputPath35$Mono.Math.xml" target="lib\net35-full\" /> <file src="$OutputPath40$Mono.Math.xml" target="lib\net40-full\" /> + <file src="$OutputPath45$Mono.Math.xml" target="lib\net45-full\" /> <file src="content\OpenId.Core\web.config.transform" target="content\web.config.transform" /> diff --git a/nuget/DotNetOpenAuth.OpenIdInfoCard.UI.nuspec b/nuget/DotNetOpenAuth.OpenIdInfoCard.UI.nuspec index 9fd52c3..b0e7e75 100644 --- a/nuget/DotNetOpenAuth.OpenIdInfoCard.UI.nuspec +++ b/nuget/DotNetOpenAuth.OpenIdInfoCard.UI.nuspec @@ -24,12 +24,15 @@ <files> <file src="$OutputPath35$signed\$identity$.dll" target="lib\net35-full\" /> <file src="$OutputPath40$signed\$identity$.dll" target="lib\net40-full\" /> + <file src="$OutputPath45$signed\$identity$.dll" target="lib\net45-full\" /> <file src="$OutputPath35$$identity$.pdb" target="lib\net35-full\" /> <file src="$OutputPath40$$identity$.pdb" target="lib\net40-full\" /> + <file src="$OutputPath45$$identity$.pdb" target="lib\net45-full\" /> <file src="$OutputPath35$$identity$.xml" target="lib\net35-full\" /> <file src="$OutputPath40$$identity$.xml" target="lib\net40-full\" /> + <file src="$OutputPath45$$identity$.xml" target="lib\net45-full\" /> <file src="..\src\$Identity$\**\*.cs" target="src" exclude="..\src\$Identity$\obj\**" /> <file src="$GeneratedAssemblyInfoSourceFile$" target="src" /> diff --git a/nuget/DotNetOpenAuth.OpenIdOAuth.nuspec b/nuget/DotNetOpenAuth.OpenIdOAuth.nuspec index b37ad9a..1a9d978 100644 --- a/nuget/DotNetOpenAuth.OpenIdOAuth.nuspec +++ b/nuget/DotNetOpenAuth.OpenIdOAuth.nuspec @@ -24,12 +24,15 @@ <files> <file src="$OutputPath35$signed\$identity$.dll" target="lib\net35-full\" /> <file src="$OutputPath40$signed\$identity$.dll" target="lib\net40-full\" /> + <file src="$OutputPath45$signed\$identity$.dll" target="lib\net45-full\" /> <file src="$OutputPath35$$identity$.pdb" target="lib\net35-full\" /> <file src="$OutputPath40$$identity$.pdb" target="lib\net40-full\" /> + <file src="$OutputPath45$$identity$.pdb" target="lib\net45-full\" /> <file src="$OutputPath35$$identity$.xml" target="lib\net35-full\" /> <file src="$OutputPath40$$identity$.xml" target="lib\net40-full\" /> + <file src="$OutputPath45$$identity$.xml" target="lib\net45-full\" /> <file src="..\src\$Identity$\**\*.cs" target="src" exclude="..\src\$Identity$\obj\**" /> <file src="$GeneratedAssemblyInfoSourceFile$" target="src" /> diff --git a/nuget/DotNetOpenAuth.Ultimate.nuspec b/nuget/DotNetOpenAuth.Ultimate.nuspec index 61599fa..0dfbb3a 100644 --- a/nuget/DotNetOpenAuth.Ultimate.nuspec +++ b/nuget/DotNetOpenAuth.Ultimate.nuspec @@ -21,12 +21,15 @@ <files> <file src="$OutputPath35$unified\signed\DotNetOpenAuth.dll" target="lib\net35-full\" /> <file src="$OutputPath40$unified\signed\DotNetOpenAuth.dll" target="lib\net40-full\" /> + <file src="$OutputPath45$unified\signed\DotNetOpenAuth.dll" target="lib\net45-full\" /> <file src="$OutputPath35$unified\DotNetOpenAuth.pdb" target="lib\net35-full\" /> <file src="$OutputPath40$unified\DotNetOpenAuth.pdb" target="lib\net40-full\" /> + <file src="$OutputPath45$unified\DotNetOpenAuth.pdb" target="lib\net45-full\" /> <file src="$OutputPath35$unified\DotNetOpenAuth.xml" target="lib\net35-full\" /> <file src="$OutputPath40$unified\DotNetOpenAuth.xml" target="lib\net40-full\" /> + <file src="$OutputPath45$unified\DotNetOpenAuth.xml" target="lib\net45-full\" /> <file src="content\Ultimate\web.config.transform" target="content\web.config.transform" /> diff --git a/nuget/content/OAuth2.AuthorizationServer/web.config.transform b/nuget/content/OAuth2.AuthorizationServer/web.config.transform new file mode 100644 index 0000000..c53fb7c --- /dev/null +++ b/nuget/content/OAuth2.AuthorizationServer/web.config.transform @@ -0,0 +1,9 @@ +<configuration> + <configSections> + <sectionGroup name="dotNetOpenAuth" type="DotNetOpenAuth.Configuration.DotNetOpenAuthSection, DotNetOpenAuth.Core"> + <sectionGroup name="oauth2" type="DotNetOpenAuth.Configuration.OAuth2SectionGroup, DotNetOpenAuth.OAuth2"> + <section name="authorizationServer" type="DotNetOpenAuth.Configuration.OAuth2AuthorizationServerSection, DotNetOpenAuth.OAuth2.AuthorizationServer" requirePermission="false" allowLocation="true" /> + </sectionGroup> + </sectionGroup> + </configSections> +</configuration>
\ No newline at end of file diff --git a/nuget/content/OAuth2.Client/web.config.transform b/nuget/content/OAuth2.Client/web.config.transform new file mode 100644 index 0000000..b1f4429 --- /dev/null +++ b/nuget/content/OAuth2.Client/web.config.transform @@ -0,0 +1,9 @@ +<configuration> + <configSections> + <sectionGroup name="dotNetOpenAuth" type="DotNetOpenAuth.Configuration.DotNetOpenAuthSection, DotNetOpenAuth.Core"> + <sectionGroup name="oauth2" type="DotNetOpenAuth.Configuration.OAuth2SectionGroup, DotNetOpenAuth.OAuth2"> + <section name="client" type="DotNetOpenAuth.Configuration.OAuth2ClientSection, DotNetOpenAuth.OAuth2.Client" requirePermission="false" allowLocation="true" /> + </sectionGroup> + </sectionGroup> + </configSections> +</configuration>
\ No newline at end of file diff --git a/nuget/content/OAuth2.Core/web.config.transform b/nuget/content/OAuth2.Core/web.config.transform new file mode 100644 index 0000000..2c47af1 --- /dev/null +++ b/nuget/content/OAuth2.Core/web.config.transform @@ -0,0 +1,7 @@ +<configuration> + <configSections> + <sectionGroup name="dotNetOpenAuth" type="DotNetOpenAuth.Configuration.DotNetOpenAuthSection, DotNetOpenAuth.Core"> + <sectionGroup name="oauth2" type="DotNetOpenAuth.Configuration.OAuth2SectionGroup, DotNetOpenAuth.OAuth2" /> + </sectionGroup> + </configSections> +</configuration>
\ No newline at end of file diff --git a/nuget/content/OAuth2.ResourceServer/web.config.transform b/nuget/content/OAuth2.ResourceServer/web.config.transform new file mode 100644 index 0000000..a92ff7d --- /dev/null +++ b/nuget/content/OAuth2.ResourceServer/web.config.transform @@ -0,0 +1,9 @@ +<configuration> + <configSections> + <sectionGroup name="dotNetOpenAuth" type="DotNetOpenAuth.Configuration.DotNetOpenAuthSection, DotNetOpenAuth.Core"> + <sectionGroup name="oauth2" type="DotNetOpenAuth.Configuration.OAuth2SectionGroup, DotNetOpenAuth.OAuth2"> + <section name="resourceServer" type="DotNetOpenAuth.Configuration.OAuth2ResourceServerSection, DotNetOpenAuth.OAuth2.ResourceServer" requirePermission="false" allowLocation="true" /> + </sectionGroup> + </sectionGroup> + </configSections> +</configuration>
\ No newline at end of file diff --git a/nuget/nuget.proj b/nuget/nuget.proj index 9a2091e..4d79d1f 100644 --- a/nuget/nuget.proj +++ b/nuget/nuget.proj @@ -5,7 +5,7 @@ <Target Name="BuildIntermediates"> <ItemGroup> - <ProductTargets Include="BuildUnifiedProduct;ReSignDelaySignedAssemblies" Condition=" '$(SkipNugetDependenciesBuild)' != 'true' " /> + <ProductTargets Include="BuildUnifiedProduct;ResignShippingDelaySignedAssemblies" Condition=" '$(SkipNugetDependenciesBuild)' != 'true' " /> <ProductTargets Include="GetOutputPath" /> <AspNetTargets Include="Build;Sign" Condition=" '$(SkipNugetDependenciesBuild)' != 'true' " /> <AspNetTargets Include="GetOutputPath" /> @@ -28,11 +28,24 @@ <Output TaskParameter="TargetOutputs" ItemName="TargetOutputs40"/> </MSBuild> <MSBuild + Projects="$(ProjectRoot)src\DotNetOpenAuth\DotNetOpenAuth.proj" + Targets="@(ProductTargets)" + Properties="TargetFrameworkVersion=v4.5" + BuildInParallel="$(BuildInParallel)"> + <Output TaskParameter="TargetOutputs" ItemName="TargetOutputs45"/> + </MSBuild> + <MSBuild Projects="$(ProjectRoot)src\DotNetOpenAuth.AspNet\DotNetOpenAuth.AspNet.csproj" Targets="@(AspNetTargets)" Properties="TargetFrameworkVersion=v4.0" BuildInParallel="$(BuildInParallel)"> </MSBuild> + <MSBuild + Projects="$(ProjectRoot)src\DotNetOpenAuth.AspNet\DotNetOpenAuth.AspNet.csproj" + Targets="@(AspNetTargets)" + Properties="TargetFrameworkVersion=v4.5" + BuildInParallel="$(BuildInParallel)"> + </MSBuild> <ItemGroup> <ResignedAssembliesOutputs Include="@(TargetOutputs35)" Condition=" '%(MSBuildSourceTargetName)' == 'Sign' "> @@ -41,39 +54,54 @@ <ResignedAssembliesOutputs Include="@(TargetOutputs40)" Condition=" '%(MSBuildSourceTargetName)' == 'Sign' "> <TargetFramework>v4.0</TargetFramework> </ResignedAssembliesOutputs> + <ResignedAssembliesOutputs Include="@(TargetOutputs45)" Condition=" '%(MSBuildSourceTargetName)' == 'Sign' "> + <TargetFramework>v4.5</TargetFramework> + </ResignedAssembliesOutputs> </ItemGroup> <PropertyGroup> <OutputPath35 Condition=" '%(MSBuildSourceTargetName)' == 'GetOutputPath' ">@(TargetOutputs35)</OutputPath35> <OutputPath40 Condition=" '%(MSBuildSourceTargetName)' == 'GetOutputPath' ">@(TargetOutputs40)</OutputPath40> + <OutputPath45 Condition=" '%(MSBuildSourceTargetName)' == 'GetOutputPath' ">@(TargetOutputs45)</OutputPath45> </PropertyGroup> </Target> - <Target Name="Build" DependsOnTargets="BuildIntermediates"> + <Target Name="Build" DependsOnTargets="BuildIntermediates" Returns="@(NuGetPackages)"> <ItemGroup> <NuGetProperties Include="version=$(NuGetPackageVersion)" /> <NuGetProperties Include="oauth2version=$(OAuth2PackagesVersion)" /> <NuGetProperties Include="OutputPath35=$(OutputPath35)" /> <NuGetProperties Include="OutputPath40=$(OutputPath40)" /> + <NuGetProperties Include="OutputPath45=$(OutputPath45)" /> <NuGetProperties Include="IntermediatePath=$(IntermediatePath40)" /> - <NuGetPackages Include="*.nuspec" Exclude="DotNetOpenAuth.nuspec"> + <NuGetSpecifications Include="*.nuspec" Exclude="*oauth2*.nuspec;DotNetOpenAuth.nuspec"> <Symbols>true</Symbols> - </NuGetPackages> - <NuGetPackages Include="DotNetOpenAuth.nuspec" /> + <PackageVersion>$(NuGetPackageVersion)</PackageVersion> + </NuGetSpecifications> + <NuGetSpecifications Include="*oauth2*.nuspec" Exclude="DotNetOpenAuth.nuspec"> + <Symbols>true</Symbols> + <PackageVersion>$(OAuth2PackagesVersion)</PackageVersion> + </NuGetSpecifications> + <NuGetSpecifications Include="DotNetOpenAuth.nuspec"> + <PackageVersion>$(NuGetPackageVersion)</PackageVersion> + </NuGetSpecifications> + + <NuGetPackages Include="@(NuGetSpecifications->'$(DropsRoot)%(FileName).%(PackageVersion).nupkg')" /> </ItemGroup> <PropertyGroup> <_NuGetProperties>@(NuGetProperties)</_NuGetProperties> </PropertyGroup> <ItemGroup> - <NuGetPackages> + <NuGetSpecifications> <Properties>$(_NuGetProperties);Identity=%(FileName);GeneratedAssemblyInfoSourceFile=$(IntermediatePath40)%(FileName).Version.cs</Properties> - </NuGetPackages> + </NuGetSpecifications> </ItemGroup> + <NuGetPack - NuSpec="%(NuGetPackages.Identity)" + NuSpec="%(NuGetSpecifications.Identity)" OutputPackageDirectory="$(DropsRoot)" - Properties="%(NuGetPackages.Properties)" - Symbols="%(NuGetPackages.Symbols)" + Properties="%(NuGetSpecifications.Properties)" + Symbols="%(NuGetSpecifications.Symbols)" ToolPath="$(NuGetToolPath)" /> </Target> diff --git a/projecttemplates/MvcRelyingParty/MvcRelyingParty.csproj b/projecttemplates/MvcRelyingParty/MvcRelyingParty.csproj index 9dda061..4ef10f6 100644 --- a/projecttemplates/MvcRelyingParty/MvcRelyingParty.csproj +++ b/projecttemplates/MvcRelyingParty/MvcRelyingParty.csproj @@ -1,6 +1,16 @@ <?xml version="1.0" encoding="utf-8"?> <Project ToolsVersion="4.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003"> <Import Project="$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.props))\EnlistmentInfo.props" Condition=" '$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.props))' != '' " /> + <Import Project="$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props" Condition="Exists('$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props')" /> + <PropertyGroup> + <VisualStudioVersion Condition="'$(VisualStudioVersion)' == ''">10.0</VisualStudioVersion> + <VSToolsPath Condition="'$(VSToolsPath)' == ''">$(MSBuildExtensionsPath32)\Microsoft\VisualStudio\v$(VisualStudioVersion)</VSToolsPath> + <IISExpressSSLPort /> + <IISExpressAnonymousAuthentication /> + <IISExpressWindowsAuthentication /> + <IISExpressUseClassicPipelineMode /> + <TargetFrameworkProfile /> + </PropertyGroup> <PropertyGroup> <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration> <Platform Condition=" '$(Platform)' == '' ">AnyCPU</Platform> @@ -11,12 +21,8 @@ <AppDesignerFolder>Properties</AppDesignerFolder> <RootNamespace>MvcRelyingParty</RootNamespace> <AssemblyName>MvcRelyingParty</AssemblyName> - <TargetFrameworkVersion>v3.5</TargetFrameworkVersion> + <TargetFrameworkVersion>v4.0</TargetFrameworkVersion> <MvcBuildViews>false</MvcBuildViews> - <FileUpgradeFlags> - </FileUpgradeFlags> - <OldToolsVersion>4.0</OldToolsVersion> - <UpgradeBackupLocation /> <UseIISExpress>false</UseIISExpress> </PropertyGroup> <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' "> @@ -45,22 +51,17 @@ </Reference> <Reference Include="System" /> <Reference Include="System.Data" /> - <Reference Include="System.Core"> - <RequiredTargetFramework>3.5</RequiredTargetFramework> - </Reference> - <Reference Include="System.Data.DataSetExtensions"> - <RequiredTargetFramework>3.5</RequiredTargetFramework> - </Reference> + <Reference Include="System.Data.DataSetExtensions" /> <Reference Include="System.Data.Entity"> <RequiredTargetFramework>3.5</RequiredTargetFramework> </Reference> + <Reference Include="System.Web.ApplicationServices" /> + <Reference Include="System.Web.DynamicData" /> + <Reference Include="System.Web.Entity" /> + <Reference Include="System.Web.Extensions" /> <Reference Include="System.Web.Mvc" /> - <Reference Include="System.Xml.Linq"> - <RequiredTargetFramework>3.5</RequiredTargetFramework> - </Reference> <Reference Include="System.Drawing" /> <Reference Include="System.Web" /> - <Reference Include="System.Web.Extensions" /> <Reference Include="System.Web.Abstractions" /> <Reference Include="System.Web.Routing" /> <Reference Include="System.Xml" /> @@ -68,6 +69,7 @@ <Reference Include="System.Web.Services" /> <Reference Include="System.EnterpriseServices" /> <Reference Include="System.Web.Mobile" /> + <Reference Include="System.Xml.Linq" /> </ItemGroup> <ItemGroup> <Compile Include="Code\Extensions.cs" /> @@ -79,7 +81,6 @@ <Compile Include="Controllers\HomeController.cs" /> <Compile Include="Default.aspx.cs"> <DependentUpon>Default.aspx</DependentUpon> - <SubType>ASPXCodeBehind</SubType> </Compile> <Compile Include="Global.asax.cs"> <DependentUpon>Global.asax</DependentUpon> @@ -92,7 +93,6 @@ <Compile Include="Properties\AssemblyInfo.cs" /> <Compile Include="Setup.aspx.cs"> <DependentUpon>Setup.aspx</DependentUpon> - <SubType>ASPXCodeBehind</SubType> </Compile> <Compile Include="Setup.aspx.designer.cs"> <DependentUpon>Setup.aspx</DependentUpon> @@ -183,6 +183,10 @@ <Project>{99BB7543-EA16-43EE-A7BC-D7A25A3B22F6}</Project> <Name>DotNetOpenAuth.OAuth2.AuthorizationServer</Name> </ProjectReference> + <ProjectReference Include="..\..\src\DotNetOpenAuth.OAuth2.ClientAuthorization\DotNetOpenAuth.OAuth2.ClientAuthorization.csproj"> + <Project>{CCF3728A-B3D7-404A-9BC6-75197135F2D7}</Project> + <Name>DotNetOpenAuth.OAuth2.ClientAuthorization</Name> + </ProjectReference> <ProjectReference Include="..\..\src\DotNetOpenAuth.OAuth2.ResourceServer\DotNetOpenAuth.OAuth2.ResourceServer.csproj"> <Project>{A1A3150A-7B0E-4A34-8E35-045296CD3C76}</Project> <Name>DotNetOpenAuth.OAuth2.ResourceServer</Name> @@ -229,7 +233,8 @@ <Content Include="OAuthTokenEndpoint.ashx" /> </ItemGroup> <Import Project="$(MSBuildBinPath)\Microsoft.CSharp.targets" /> - <Import Project="$(MSBuildExtensionsPath32)\Microsoft\VisualStudio\v10.0\WebApplications\Microsoft.WebApplication.targets" /> + <Import Project="$(VSToolsPath)\WebApplications\Microsoft.WebApplication.targets" Condition="'$(VSToolsPath)' != ''" /> + <Import Project="$(MSBuildExtensionsPath32)\Microsoft\VisualStudio\v10.0\WebApplications\Microsoft.WebApplication.targets" Condition="false" /> <!-- To modify your build process, add your task inside one of the targets below and uncomment it. Other similar extension points exist, see Microsoft.Common.targets. <Target Name="BeforeBuild"> diff --git a/projecttemplates/MvcRelyingParty/Views/Web.config b/projecttemplates/MvcRelyingParty/Views/Web.config index b744fc8..6c19565 100644 --- a/projecttemplates/MvcRelyingParty/Views/Web.config +++ b/projecttemplates/MvcRelyingParty/Views/Web.config @@ -15,11 +15,11 @@ --> <pages validateRequest="false" - pageParserFilterType="System.Web.Mvc.ViewTypeParserFilter, System.Web.Mvc, Version=2.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" - pageBaseType="System.Web.Mvc.ViewPage, System.Web.Mvc, Version=2.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" - userControlBaseType="System.Web.Mvc.ViewUserControl, System.Web.Mvc, Version=2.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"> + pageParserFilterType="System.Web.Mvc.ViewTypeParserFilter, System.Web.Mvc, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" + pageBaseType="System.Web.Mvc.ViewPage, System.Web.Mvc, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" + userControlBaseType="System.Web.Mvc.ViewUserControl, System.Web.Mvc, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"> <controls> - <add assembly="System.Web.Mvc, Version=2.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" namespace="System.Web.Mvc" tagPrefix="mvc" /> + <add assembly="System.Web.Mvc, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" namespace="System.Web.Mvc" tagPrefix="mvc" /> </controls> </pages> </system.web> diff --git a/projecttemplates/MvcRelyingParty/Web.config b/projecttemplates/MvcRelyingParty/Web.config index b7a1d38..d59d8fb 100644 --- a/projecttemplates/MvcRelyingParty/Web.config +++ b/projecttemplates/MvcRelyingParty/Web.config @@ -9,7 +9,6 @@ --> <configuration> <configSections> - <section name="uri" type="System.Configuration.UriSection, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"/> <section name="log4net" type="log4net.Config.Log4NetConfigurationSectionHandler" requirePermission="false"/> <sectionGroup name="dotNetOpenAuth" type="DotNetOpenAuth.Configuration.DotNetOpenAuthSection, DotNetOpenAuth.Core"> <section name="openid" type="DotNetOpenAuth.Configuration.OpenIdElement, DotNetOpenAuth.OpenId" requirePermission="false" allowLocation="true" /> @@ -17,17 +16,6 @@ <section name="messaging" type="DotNetOpenAuth.Configuration.MessagingElement, DotNetOpenAuth.Core" requirePermission="false" allowLocation="true" /> <section name="reporting" type="DotNetOpenAuth.Configuration.ReportingElement, DotNetOpenAuth.Core" requirePermission="false" allowLocation="true" /> </sectionGroup> - <sectionGroup name="system.web.extensions" type="System.Web.Configuration.SystemWebExtensionsSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"> - <sectionGroup name="scripting" type="System.Web.Configuration.ScriptingSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"> - <section name="scriptResourceHandler" type="System.Web.Configuration.ScriptingScriptResourceHandlerSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication"/> - <sectionGroup name="webServices" type="System.Web.Configuration.ScriptingWebServicesSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"> - <section name="jsonSerialization" type="System.Web.Configuration.ScriptingJsonSerializationSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="Everywhere"/> - <section name="profileService" type="System.Web.Configuration.ScriptingProfileServiceSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication"/> - <section name="authenticationService" type="System.Web.Configuration.ScriptingAuthenticationServiceSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication"/> - <section name="roleService" type="System.Web.Configuration.ScriptingRoleServiceSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication"/> - </sectionGroup> - </sectionGroup> - </sectionGroup> </configSections> <!-- The uri section is necessary to turn on .NET 3.5 support for IDN (international domain names), which is necessary for OpenID urls with unicode characters in the domain/host name. @@ -157,18 +145,14 @@ affects performance, set this value to true only during development. --> - <compilation debug="true"> + <compilation debug="true" targetFramework="4.0"> <assemblies> - <add assembly="System.Core, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/> - <add assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add assembly="System.Web.Abstractions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add assembly="System.Web.Routing, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add assembly="System.Web.Mvc, Version=2.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add assembly="System.Data.DataSetExtensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/> - <add assembly="System.Data.Entity, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/> - <add assembly="System.Xml.Linq, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/> - <add assembly="System.Data.Linq, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/> + <add assembly="System.Web.Mvc, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> <remove assembly="DotNetOpenAuth.Contracts"/> + <add assembly="System.Web.Abstractions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> + <add assembly="System.Web.Routing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> + <add assembly="System.Data.Entity, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/> + <add assembly="System.Data.Linq, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/> </assemblies> </compilation> <!-- @@ -196,11 +180,7 @@ <error statusCode="404" redirect="FileNotFound.htm" /> </customErrors> --> - <pages> - <controls> - <add tagPrefix="asp" namespace="System.Web.UI" assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add tagPrefix="asp" namespace="System.Web.UI.WebControls" assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - </controls> + <pages controlRenderingCompatibilityVersion="3.5" clientIDMode="AutoID"> <namespaces> <add namespace="System.Web.Mvc"/> <add namespace="System.Web.Mvc.Ajax"/> @@ -211,32 +191,13 @@ </namespaces> </pages> <httpHandlers> - <remove verb="*" path="*.asmx"/> - <add verb="*" path="*.asmx" validate="false" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add verb="*" path="*_AppService.axd" validate="false" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add verb="GET,HEAD" path="ScriptResource.axd" type="System.Web.Handlers.ScriptResourceHandler, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" validate="false"/> - <add verb="*" path="*.mvc" validate="false" type="System.Web.Mvc.MvcHttpHandler, System.Web.Mvc, Version=2.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> + <add verb="*" path="*.mvc" validate="false" type="System.Web.Mvc.MvcHttpHandler, System.Web.Mvc, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> </httpHandlers> <httpModules> - <add name="ScriptModule" type="System.Web.Handlers.ScriptModule, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add name="UrlRoutingModule" type="System.Web.Routing.UrlRoutingModule, System.Web.Routing, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> <add name="OAuthAuthenticationModule" type="RelyingPartyLogic.OAuthAuthenticationModule, RelyingPartyLogic"/> <add name="Database" type="RelyingPartyLogic.Database, RelyingPartyLogic"/> </httpModules> </system.web> - <system.codedom> - <compilers> - <compiler language="c#;cs;csharp" extension=".cs" warningLevel="4" type="Microsoft.CSharp.CSharpCodeProvider, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"> - <providerOption name="CompilerVersion" value="v3.5"/> - <providerOption name="WarnAsError" value="false"/> - </compiler> - <compiler language="vb;vbs;visualbasic;vbscript" extension=".vb" warningLevel="4" type="Microsoft.VisualBasic.VBCodeProvider, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"> - <providerOption name="CompilerVersion" value="v3.5"/> - <providerOption name="OptionInfer" value="true"/> - <providerOption name="WarnAsError" value="false"/> - </compiler> - </compilers> - </system.codedom> <system.web.extensions/> <!-- The system.webServer section is required for running ASP.NET AJAX under Internet @@ -245,25 +206,13 @@ <system.webServer> <validation validateIntegratedModeConfiguration="false"/> <modules runAllManagedModulesForAllRequests="true"> - <remove name="ScriptModule"/> - <remove name="UrlRoutingModule"/> - <add name="ScriptModule" preCondition="managedHandler" type="System.Web.Handlers.ScriptModule, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add name="UrlRoutingModule" type="System.Web.Routing.UrlRoutingModule, System.Web.Routing, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> <add name="OAuthAuthenticationModule" type="RelyingPartyLogic.OAuthAuthenticationModule, RelyingPartyLogic"/> <add name="Database" type="RelyingPartyLogic.Database, RelyingPartyLogic"/> </modules> <handlers> - <remove name="WebServiceHandlerFactory-Integrated"/> - <remove name="ScriptHandlerFactory"/> - <remove name="ScriptHandlerFactoryAppServices"/> - <remove name="ScriptResource"/> <remove name="MvcHttpHandler"/> <remove name="UrlRoutingHandler"/> - <add name="ScriptHandlerFactory" verb="*" path="*.asmx" preCondition="integratedMode" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add name="ScriptHandlerFactoryAppServices" verb="*" path="*_AppService.axd" preCondition="integratedMode" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add name="ScriptResource" preCondition="integratedMode" verb="GET,HEAD" path="ScriptResource.axd" type="System.Web.Handlers.ScriptResourceHandler, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add name="MvcHttpHandler" preCondition="integratedMode" verb="*" path="*.mvc" type="System.Web.Mvc.MvcHttpHandler, System.Web.Mvc, Version=2.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add name="UrlRoutingHandler" preCondition="integratedMode" verb="*" path="UrlRouting.axd" type="System.Web.HttpForbiddenHandler, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"/> + <add name="MvcHttpHandler" preCondition="integratedMode" verb="*" path="*.mvc" type="System.Web.Mvc.MvcHttpHandler, System.Web.Mvc, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> </handlers> </system.webServer> <runtime> diff --git a/projecttemplates/RelyingPartyDatabase/.gitignore b/projecttemplates/RelyingPartyDatabase/.gitignore index 55b665f..43b64c4 100644 --- a/projecttemplates/RelyingPartyDatabase/.gitignore +++ b/projecttemplates/RelyingPartyDatabase/.gitignore @@ -1,3 +1,5 @@ sql/debug sql/release *.dbmdl +*.scmp +*.publish.xml diff --git a/projecttemplates/RelyingPartyDatabase/Permissions.sql b/projecttemplates/RelyingPartyDatabase/Permissions.sql new file mode 100644 index 0000000..5f28270 --- /dev/null +++ b/projecttemplates/RelyingPartyDatabase/Permissions.sql @@ -0,0 +1 @@ +
\ No newline at end of file diff --git a/projecttemplates/RelyingPartyDatabase/Properties/Database.sqlcmdvars b/projecttemplates/RelyingPartyDatabase/Properties/Database.sqlcmdvars index f2c472d..dbdd8c5 100644 --- a/projecttemplates/RelyingPartyDatabase/Properties/Database.sqlcmdvars +++ b/projecttemplates/RelyingPartyDatabase/Properties/Database.sqlcmdvars @@ -2,9 +2,5 @@ <SqlCommandVariables xmlns="urn:Microsoft.VisualStudio.Data.Schema.Package.SqlCmdVars"> <Version>1.0</Version> <Properties> - <Property> - <PropertyName>Path1</PropertyName> - <PropertyValue>WEBROOT</PropertyValue> - </Property> </Properties> </SqlCommandVariables>
\ No newline at end of file diff --git a/projecttemplates/RelyingPartyDatabase/RelyingPartyDatabase.dbproj b/projecttemplates/RelyingPartyDatabase/RelyingPartyDatabase.sqlproj index 66e1e72..0799235 100644 --- a/projecttemplates/RelyingPartyDatabase/RelyingPartyDatabase.dbproj +++ b/projecttemplates/RelyingPartyDatabase/RelyingPartyDatabase.sqlproj @@ -1,13 +1,16 @@ <?xml version="1.0" encoding="utf-8"?> <Project DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003" ToolsVersion="4.0"> <Import Project="$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.props))\EnlistmentInfo.props" Condition=" '$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.props))' != '' " /> + <Import Project="$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props" Condition="Exists('$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props')" /> + <PropertyGroup> + <VisualStudioVersion Condition="'$(VisualStudioVersion)' == ''">10.0</VisualStudioVersion> + </PropertyGroup> <PropertyGroup> <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration> - <Name>"DatabaseProject"</Name> + <Name>RelyingPartyDatabase</Name> <SchemaVersion>2.0</SchemaVersion> <ProjectVersion>4.0</ProjectVersion> - <ProjectGuid>{2b4261ac-25ac-4b8d-b459-1c42b6b1401d}</ProjectGuid> - <DSP>Microsoft.Data.Schema.Sql.Sql90DatabaseSchemaProvider</DSP> + <DSP>Microsoft.Data.Tools.Schema.Sql.Sql90DatabaseSchemaProvider</DSP> <AppDesignerFolder>Properties</AppDesignerFolder> <ShowWizard>True</ShowWizard> <OutputType>Database</OutputType> @@ -15,47 +18,76 @@ </RootPath> <IncludeSchemaNameInFileName>False</IncludeSchemaNameInFileName> <ModelCollation>1033,CI</ModelCollation> - <DefaultFileStructure>BySchema</DefaultFileStructure> - <DeployToDatabaseAddToServerExplorer>False</DeployToDatabaseAddToServerExplorer> - <DeployToScript>True</DeployToScript> - <CatalogPropertiesFile>Properties\Database.sqlsettings</CatalogPropertiesFile> - <ServerPropertiesFile> - </ServerPropertiesFile> + <DefaultFileStructure>BySchemaAndSchemaType</DefaultFileStructure> <RootNamespace>RelyingPartyDatabase</RootNamespace> <DefaultSchema>dbo</DefaultSchema> - <AllowServerObjects>False</AllowServerObjects> - <AllowDatabaseObjects>True</AllowDatabaseObjects> - <DeployScriptFileName>..\..\..\RelyingPartyLogic\CreateDatabase.sql</DeployScriptFileName> <PreviousProjectVersion>4.0</PreviousProjectVersion> + <ValidateCasingOnIdentifiers>False</ValidateCasingOnIdentifiers> + <Platform Condition=" '$(Platform)' == '' ">AnyCPU</Platform> + <ProjectGuid>{08a938b6-ebbd-4036-880e-ce7ba2d14510}</ProjectGuid> + <GenerateDatabaseFile>False</GenerateDatabaseFile> + <GenerateCreateScript>True</GenerateCreateScript> + <TargetFrameworkVersion>v4.0</TargetFrameworkVersion> + <SqlServerVerification>False</SqlServerVerification> + <TargetLanguage>CS</TargetLanguage> + <AllowSnapshotIsolation>False</AllowSnapshotIsolation> + <AnsiNullDefault>False</AnsiNullDefault> + <AnsiNulls>False</AnsiNulls> + <AnsiPadding>False</AnsiPadding> + <AnsiWarnings>False</AnsiWarnings> + <ArithAbort>False</ArithAbort> + <AutoClose>True</AutoClose> + <AutoCreateStatistics>True</AutoCreateStatistics> + <AutoShrink>False</AutoShrink> + <AutoUpdateStatistics>True</AutoUpdateStatistics> + <AutoUpdateStatisticsAsynchronously>False</AutoUpdateStatisticsAsynchronously> + <ChangeTrackingRetentionPeriod>2</ChangeTrackingRetentionPeriod> + <ChangeTrackingRetentionUnit>Days</ChangeTrackingRetentionUnit> + <CloseCursorOnCommitEnabled>False</CloseCursorOnCommitEnabled> + <CompatibilityMode>90</CompatibilityMode> + <ConcatNullYieldsNull>False</ConcatNullYieldsNull> + <DatabaseAccess>MULTI_USER</DatabaseAccess> + <DatabaseChaining>False</DatabaseChaining> + <DatabaseState>ONLINE</DatabaseState> + <DateCorrelationOptimizationOn>False</DateCorrelationOptimizationOn> + <DefaultCollation>SQL_Latin1_General_CP1_CI_AS</DefaultCollation> + <DefaultCursor>GLOBAL</DefaultCursor> + <DefaultFilegroup>PRIMARY</DefaultFilegroup> + <EnableFullTextSearch>True</EnableFullTextSearch> + <IsBrokerPriorityHonored>False</IsBrokerPriorityHonored> + <IsChangeTrackingAutoCleanupOn>True</IsChangeTrackingAutoCleanupOn> + <IsChangeTrackingOn>False</IsChangeTrackingOn> + <IsEncryptionOn>False</IsEncryptionOn> + <NumericRoundAbort>False</NumericRoundAbort> + <PageVerify>CHECKSUM</PageVerify> + <Parameterization>SIMPLE</Parameterization> + <QuotedIdentifier>False</QuotedIdentifier> + <ReadCommittedSnapshot>False</ReadCommittedSnapshot> + <Recovery>SIMPLE</Recovery> + <RecursiveTriggersEnabled>False</RecursiveTriggersEnabled> + <ServiceBrokerOption>DisableBroker</ServiceBrokerOption> + <SupplementalLoggingOn>False</SupplementalLoggingOn> + <TornPageDetection>False</TornPageDetection> + <Trustworthy>False</Trustworthy> + <UpdateOptions>READ_WRITE</UpdateOptions> + <VardecimalStorageFormatOn>True</VardecimalStorageFormatOn> </PropertyGroup> - <PropertyGroup Condition=" '$(Configuration)' == 'Release' "> + <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Release|AnyCPU' "> <OutputPath>.\sql\release\</OutputPath> <BuildScriptName>$(MSBuildProjectName).sql</BuildScriptName> - <TargetConnectionString> - </TargetConnectionString> <TargetDatabase>RelyingPartyDatabase</TargetDatabase> - <TreatWarningsAsErrors>False</TreatWarningsAsErrors> - <SuppressWarnings> - </SuppressWarnings> - <DeploymentConfigFile>Properties\Database.sqldeployment</DeploymentConfigFile> - <SqlCommandVariablesFile>Properties\Database.sqlcmdvars</SqlCommandVariablesFile> - <DeployToDatabase>False</DeployToDatabase> + <TreatTSqlWarningsAsErrors>False</TreatTSqlWarningsAsErrors> + <SuppressTSqlWarnings /> </PropertyGroup> - <PropertyGroup Condition=" '$(Configuration)' == 'Debug' "> + <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' "> <OutputPath>.\sql\debug\</OutputPath> <BuildScriptName>$(MSBuildProjectName).sql</BuildScriptName> - <TargetConnectionString> - </TargetConnectionString> <TargetDatabase>RelyingPartyDatabase</TargetDatabase> - <TreatWarningsAsErrors>False</TreatWarningsAsErrors> - <SuppressWarnings> - </SuppressWarnings> - <DeploymentConfigFile>Properties\Database.sqldeployment</DeploymentConfigFile> - <SqlCommandVariablesFile>Properties\Database.sqlcmdvars</SqlCommandVariablesFile> - <DeployToDatabase>False</DeployToDatabase> + <TreatTSqlWarningsAsErrors>False</TreatTSqlWarningsAsErrors> + <SuppressTSqlWarnings /> </PropertyGroup> <!--Import the settings--> - <Import Project="$(MSBuildExtensionsPath)\Microsoft\VisualStudio\v10.0\TeamData\Microsoft.Data.Schema.SqlTasks.targets" /> + <Import Project="$(MSBuildExtensionsPath)\Microsoft\VisualStudio\v$(VisualStudioVersion)\SSDT\Microsoft.Data.Tools.Schema.SqlTasks.targets" /> <ItemGroup> <Folder Include="Properties\" /> <Folder Include="Schema Objects\" /> @@ -121,24 +153,10 @@ <Folder Include="Schema Comparisons" /> </ItemGroup> <ItemGroup> - <PropertiesFile Include="Properties\Database.sqlsettings"> - </PropertiesFile> - <PropertiesFile Include="Properties\Database.sqldeployment"> - </PropertiesFile> - <PropertiesFile Include="Properties\Database.sqlcmdvars"> - </PropertiesFile> - <Build Include="Properties\Database.sqlpermissions"> - <ModelBuilderType>Permissions</ModelBuilderType> - </Build> + <Build Include="Permissions.sql" /> <Build Include="Schema Objects\Database Level Objects\Service Broker\Routes\AutoCreatedLocal.route.sql"> <SubType>Code</SubType> </Build> - <Build Include="Schema Objects\Database Level Objects\Storage\Files\Database.mdf.sqlfile.sql"> - <SubType>Code</SubType> - </Build> - <Build Include="Schema Objects\Database Level Objects\Storage\Files\Database_log.sqlfile.sql"> - <SubType>Code</SubType> - </Build> <Build Include="Schema Objects\Schemas\dbo\Programmability\Stored Procedures\AddUser.proc.sql"> <SubType>Code</SubType> <AnsiNulls>On</AnsiNulls> @@ -230,20 +248,14 @@ <AnsiNulls>On</AnsiNulls> <QuotedIdentifier>On</QuotedIdentifier> </Build> - <PreDeploy Include="Scripts\Pre-Deployment\Script.PreDeployment.sql"> - <SubType>Code</SubType> - </PreDeploy> - <PostDeploy Include="Scripts\Post-Deployment\Script.PostDeployment.sql"> - <SubType>Code</SubType> - </PostDeploy> </ItemGroup> <ItemGroup> <BuildContributorArgument Include="OutDir=$(OutDir)" /> </ItemGroup> <ItemGroup> - <NotInBuild Include="Schema Comparisons\SchemaComparison1.scmp"> + <None Include="Schema Comparisons\SchemaComparison1.scmp"> <SubType>NotInBuild</SubType> - </NotInBuild> + </None> </ItemGroup> <ItemGroup> <Build Include="Schema Objects\Schemas\dbo\Tables\Constraints\DF_IssuedToken_CreatedOn_1.defconst.sql"> @@ -286,5 +298,20 @@ <QuotedIdentifier>On</QuotedIdentifier> </Build> </ItemGroup> + <ItemGroup> + </ItemGroup> + <ItemGroup> + <None Include="Debug.publish.xml" /> + <None Include="Release.publish.xml" /> + </ItemGroup> + <ItemGroup> + <PreDeploy Include="Scripts\Pre-Deployment\Script.PreDeployment.sql" /> + </ItemGroup> + <ItemGroup> + <PostDeploy Include="Scripts\Post-Deployment\Script.PostDeployment.sql" /> + </ItemGroup> + <Target Name="GetDeployScriptPath" + DependsOnTargets="Build" + Outputs="$(MSBuildProjectDirectory)$(OutDir)$(MSBuildProjectName)_Create.sql" /> <Import Project="$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.targets))\EnlistmentInfo.targets" Condition=" '$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.targets))' != '' " /> -</Project> +</Project>
\ No newline at end of file diff --git a/projecttemplates/RelyingPartyDatabase/Schema Comparisons/SchemaComparison1.scmp b/projecttemplates/RelyingPartyDatabase/Schema Comparisons/SchemaComparison1.scmp index b3160a4..b80761f 100644 --- a/projecttemplates/RelyingPartyDatabase/Schema Comparisons/SchemaComparison1.scmp +++ b/projecttemplates/RelyingPartyDatabase/Schema Comparisons/SchemaComparison1.scmp @@ -1,6 +1,6 @@ <?xml version="1.0" encoding="utf-8"?> <SchemaComparison> - <Version>1</Version> + <Version>10</Version> <SourceModelProvider> <ConnectionBasedModelProvider> <ConnectionString>Data Source=.\sqlexpress;Initial Catalog=RelyingPartyDatabase;Integrated Security=True;Password=</ConnectionString> @@ -25,7 +25,7 @@ <ConfigurationOptionsElement> <PropertyElementName> <Name>PlanGenerationType</Name> - <Value>Sql90SchemaDeploymentOptions</Value> + <Value>SqlDeploymentOptions</Value> </PropertyElementName> <PropertyElementName> <Name>DoNotUseAlterAssemblyStatementsToUpdateCLRTypes</Name> @@ -308,21 +308,22 @@ <Value>True</Value> </PropertyElementName> <PropertyElementName> - <Name>Microsoft.Data.Schema.Sql.SchemaModel.ISqlPermissionStatement</Name> + <Name>Microsoft.Data.Tools.Schema.Sql.SchemaModel.SqlPermissionStatement</Name> <Value>ExcludedType</Value> </PropertyElementName> <PropertyElementName> - <Name>Microsoft.Data.Schema.Sql.SchemaModel.ISqlFilegroup</Name> + <Name>Microsoft.Data.Tools.Schema.Sql.SchemaModel.SqlFilegroup</Name> <Value>ExcludedType</Value> </PropertyElementName> <PropertyElementName> - <Name>Microsoft.Data.Schema.Sql.SchemaModel.ISqlFile</Name> + <Name>Microsoft.Data.Tools.Schema.Sql.SchemaModel.SqlFile</Name> <Value>ExcludedType</Value> </PropertyElementName> <PropertyElementName> - <Name>Microsoft.Data.Schema.Sql.SchemaModel.ISqlExtendedProperty</Name> + <Name>Microsoft.Data.Tools.Schema.Sql.SchemaModel.SqlExtendedProperty</Name> <Value>ExcludedType</Value> </PropertyElementName> </ConfigurationOptionsElement> </SchemaCompareSettingsService> + <SchemaCompareViewSettings /> </SchemaComparison>
\ No newline at end of file diff --git a/projecttemplates/RelyingPartyDatabase/Schema Comparisons/SchemaComparison1_20120225042555.scmp b/projecttemplates/RelyingPartyDatabase/Schema Comparisons/SchemaComparison1_20120225042555.scmp new file mode 100644 index 0000000..b3160a4 --- /dev/null +++ b/projecttemplates/RelyingPartyDatabase/Schema Comparisons/SchemaComparison1_20120225042555.scmp @@ -0,0 +1,328 @@ +<?xml version="1.0" encoding="utf-8"?> +<SchemaComparison> + <Version>1</Version> + <SourceModelProvider> + <ConnectionBasedModelProvider> + <ConnectionString>Data Source=.\sqlexpress;Initial Catalog=RelyingPartyDatabase;Integrated Security=True;Password=</ConnectionString> + <DatabaseName>RelyingPartyDatabase</DatabaseName> + <DspFamilyName>sql</DspFamilyName> + <Name>[THINKAGAIN\sqlexpress.RelyingPartyDatabase]</Name> + </ConnectionBasedModelProvider> + </SourceModelProvider> + <TargetModelProvider> + <ProjectBasedModelProvider> + <ProjectGuid>{2b4261ac-25ac-4b8d-b459-1c42b6b1401d}</ProjectGuid> + <Name>RelyingPartyDatabase</Name> + </ProjectBasedModelProvider> + </TargetModelProvider> + <SchemaCompareSettingsService> + <SchemaCompareSettingsService> + <PropertyElementName> + <Name>Version</Name> + <Value>1</Value> + </PropertyElementName> + </SchemaCompareSettingsService> + <ConfigurationOptionsElement> + <PropertyElementName> + <Name>PlanGenerationType</Name> + <Value>Sql90SchemaDeploymentOptions</Value> + </PropertyElementName> + <PropertyElementName> + <Name>DoNotUseAlterAssemblyStatementsToUpdateCLRTypes</Name> + <Value>False</Value> + </PropertyElementName> + <PropertyElementName> + <Name>DisableAndReenableDdlTriggers</Name> + <Value>False</Value> + </PropertyElementName> + <PropertyElementName> + <Name>IgnoreDdlTriggerOrder</Name> + <Value>False</Value> + </PropertyElementName> + <PropertyElementName> + <Name>IgnoreDdlTriggerState</Name> + <Value>False</Value> + </PropertyElementName> + <PropertyElementName> + <Name>IgnoreObjectPlacementOnPartitionScheme</Name> + <Value>False</Value> + </PropertyElementName> + <PropertyElementName> + <Name>IgnoreAuthorizer</Name> + <Value>False</Value> + </PropertyElementName> + <PropertyElementName> + <Name>IgnoreDefaultSchema</Name> + <Value>False</Value> + </PropertyElementName> + <PropertyElementName> + <Name>IgnoreRouteLifetime</Name> + <Value>True</Value> + </PropertyElementName> + <PropertyElementName> + <Name>OnlyCompareElementsInSource</Name> + <Value>False</Value> + </PropertyElementName> + <PropertyElementName> + <Name>IgnoreStatisticsSample</Name> + <Value>True</Value> + </PropertyElementName> + <PropertyElementName> + <Name>CommentOutSetVarDeclarations</Name> + <Value>False</Value> + </PropertyElementName> + <PropertyElementName> + <Name>GenerateDeployStateChecks</Name> + <Value>False</Value> + </PropertyElementName> + <PropertyElementName> + <Name>DeployDatabaseProperties</Name> + <Value>True</Value> + </PropertyElementName> + <PropertyElementName> + <Name>IgnoreComments</Name> + <Value>False</Value> + </PropertyElementName> + <PropertyElementName> + <Name>IgnoreWhitespace</Name> + <Value>True</Value> + </PropertyElementName> + <PropertyElementName> + <Name>IgnoreKeywordCasing</Name> + <Value>True</Value> + </PropertyElementName> + <PropertyElementName> + <Name>IgnoreSemicolonBetweenStatements</Name> + <Value>True</Value> + </PropertyElementName> + <PropertyElementName> + <Name>BlockIncrementalDeploymentIfDataLoss</Name> + <Value>False</Value> + </PropertyElementName> + <PropertyElementName> + <Name>PerformDatabaseBackup</Name> + <Value>False</Value> + </PropertyElementName> + <PropertyElementName> + <Name>SingleUserMode</Name> + <Value>False</Value> + </PropertyElementName> + <PropertyElementName> + <Name>IncludeTransactionalScripts</Name> + <Value>False</Value> + </PropertyElementName> + <PropertyElementName> + <Name>EnforceMinimalDependencies</Name> + <Value>True</Value> + </PropertyElementName> + <PropertyElementName> + <Name>DeploymentCollationPreference</Name> + <Value>UseSourceModelCollation</Value> + </PropertyElementName> + <PropertyElementName> + <Name>IgnorePartitionSchemes</Name> + <Value>False</Value> + </PropertyElementName> + <PropertyElementName> + <Name>IgnoreWithNocheckOnCheckConstraints</Name> + <Value>False</Value> + </PropertyElementName> + <PropertyElementName> + <Name>IgnoreWithNocheckOnForeignKeys</Name> + <Value>False</Value> + </PropertyElementName> + <PropertyElementName> + <Name>IgnoreIdentitySeed</Name> + <Value>False</Value> + </PropertyElementName> + <PropertyElementName> + <Name>IgnoreIncrement</Name> + <Value>False</Value> + </PropertyElementName> + <PropertyElementName> + <Name>IgnoreFillFactor</Name> + <Value>False</Value> + </PropertyElementName> + <PropertyElementName> + <Name>IgnoreIndexPadding</Name> + <Value>False</Value> + </PropertyElementName> + <PropertyElementName> + <Name>IgnoreColumnCollation</Name> + <Value>False</Value> + </PropertyElementName> + <PropertyElementName> + <Name>IgnoreLockHintsOnIndexes</Name> + <Value>False</Value> + </PropertyElementName> + <PropertyElementName> + <Name>IgnoreTableOptions</Name> + <Value>False</Value> + </PropertyElementName> + <PropertyElementName> + <Name>IgnoreIndexOptions</Name> + <Value>False</Value> + </PropertyElementName> + <PropertyElementName> + <Name>IgnoreDmlTriggerOrder</Name> + <Value>False</Value> + </PropertyElementName> + <PropertyElementName> + <Name>ScriptDatabaseCollation</Name> + <Value>True</Value> + </PropertyElementName> + <PropertyElementName> + <Name>IgnoreDmlTriggerState</Name> + <Value>False</Value> + </PropertyElementName> + <PropertyElementName> + <Name>IgnoreAnsiNulls</Name> + <Value>False</Value> + </PropertyElementName> + <PropertyElementName> + <Name>IgnoreQuotedIdentifiers</Name> + <Value>False</Value> + </PropertyElementName> + <PropertyElementName> + <Name>IgnoreUserSettingsObjects</Name> + <Value>False</Value> + </PropertyElementName> + <PropertyElementName> + <Name>AbortOnFirstError</Name> + <Value>True</Value> + </PropertyElementName> + <PropertyElementName> + <Name>IgnoreFilegroupPlacement</Name> + <Value>True</Value> + </PropertyElementName> + <PropertyElementName> + <Name>IgnoreFullTextCatalogFilePath</Name> + <Value>False</Value> + </PropertyElementName> + <PropertyElementName> + <Name>IgnoreFileAndLogFilePath</Name> + <Value>False</Value> + </PropertyElementName> + <PropertyElementName> + <Name>IgnoreLoginSids</Name> + <Value>True</Value> + </PropertyElementName> + <PropertyElementName> + <Name>IgnoreNotForReplication</Name> + <Value>False</Value> + </PropertyElementName> + <PropertyElementName> + <Name>IgnoreFileSize</Name> + <Value>True</Value> + </PropertyElementName> + <PropertyElementName> + <Name>OverrideSevenSetOptions</Name> + <Value>True</Value> + </PropertyElementName> + <PropertyElementName> + <Name>SetAnsiNulls</Name> + <Value>True</Value> + </PropertyElementName> + <PropertyElementName> + <Name>SetAnsiPadding</Name> + <Value>True</Value> + </PropertyElementName> + <PropertyElementName> + <Name>SetAnsiWarnings</Name> + <Value>True</Value> + </PropertyElementName> + <PropertyElementName> + <Name>SetArithAbort</Name> + <Value>True</Value> + </PropertyElementName> + <PropertyElementName> + <Name>SetConcatNullYieldsNull</Name> + <Value>True</Value> + </PropertyElementName> + <PropertyElementName> + <Name>SetQuotedIdentifier</Name> + <Value>True</Value> + </PropertyElementName> + <PropertyElementName> + <Name>SetNumericRoundAbort</Name> + <Value>False</Value> + </PropertyElementName> + <PropertyElementName> + <Name>UnmodifiableObjectWarnings</Name> + <Value>True</Value> + </PropertyElementName> + <PropertyElementName> + <Name>DropIndexesNotInSource</Name> + <Value>True</Value> + </PropertyElementName> + <PropertyElementName> + <Name>DropConstraintsNotInSource</Name> + <Value>True</Value> + </PropertyElementName> + <PropertyElementName> + <Name>CheckNewConstraints</Name> + <Value>True</Value> + </PropertyElementName> + <PropertyElementName> + <Name>IgnoreColumnOrder</Name> + <Value>False</Value> + </PropertyElementName> + <PropertyElementName> + <Name>IgnorePasswords</Name> + <Value>True</Value> + </PropertyElementName> + <PropertyElementName> + <Name>IgnoreBodyDependencies</Name> + <Value>True</Value> + </PropertyElementName> + <PropertyElementName> + <Name>SourceSqlCmdVariablesFile</Name> + <Value>C:\Users\andarno\git\dotnetopenid\projecttemplates\RelyingPartyDatabase\Properties\Database.sqlcmdvars</Value> + </PropertyElementName> + <PropertyElementName> + <Name>AlwaysCreateNewDatabase</Name> + <Value>False</Value> + </PropertyElementName> + <PropertyElementName> + <Name>GenerateDropsIfNotInProject</Name> + <Value>True</Value> + </PropertyElementName> + <PropertyElementName> + <Name>TargetDatabaseName</Name> + <Value>RelyingPartyDatabase</Value> + </PropertyElementName> + <PropertyElementName> + <Name>TargetConnectionString</Name> + <Value>Data Source=.\sqlexpress;Initial Catalog=RelyingPartyDatabase;Integrated Security=True;Pooling=False</Value> + </PropertyElementName> + <PropertyElementName> + <Name>VerifyDeployment</Name> + <Value>True</Value> + </PropertyElementName> + <PropertyElementName> + <Name>TreatVerificationErrorsAsWarnings</Name> + <Value>False</Value> + </PropertyElementName> + <PropertyElementName> + <Name>BuildtimeContributorsMustExist</Name> + <Value>True</Value> + </PropertyElementName> + <PropertyElementName> + <Name>Microsoft.Data.Schema.Sql.SchemaModel.ISqlPermissionStatement</Name> + <Value>ExcludedType</Value> + </PropertyElementName> + <PropertyElementName> + <Name>Microsoft.Data.Schema.Sql.SchemaModel.ISqlFilegroup</Name> + <Value>ExcludedType</Value> + </PropertyElementName> + <PropertyElementName> + <Name>Microsoft.Data.Schema.Sql.SchemaModel.ISqlFile</Name> + <Value>ExcludedType</Value> + </PropertyElementName> + <PropertyElementName> + <Name>Microsoft.Data.Schema.Sql.SchemaModel.ISqlExtendedProperty</Name> + <Value>ExcludedType</Value> + </PropertyElementName> + </ConfigurationOptionsElement> + </SchemaCompareSettingsService> +</SchemaComparison>
\ No newline at end of file diff --git a/projecttemplates/RelyingPartyDatabase/Schema Objects/Database Level Objects/Storage/Files/Database.mdf.sqlfile.sql b/projecttemplates/RelyingPartyDatabase/Schema Objects/Database Level Objects/Storage/Files/Database.mdf.sqlfile.sql deleted file mode 100644 index 0c2e5c8..0000000 --- a/projecttemplates/RelyingPartyDatabase/Schema Objects/Database Level Objects/Storage/Files/Database.mdf.sqlfile.sql +++ /dev/null @@ -1,3 +0,0 @@ -ALTER DATABASE [$(DatabaseName)] - ADD FILE (NAME = [$(Path1)$(DatabaseName).mdf], FILENAME = '$(Path1)$(DatabaseName).mdf', MAXSIZE = UNLIMITED, FILEGROWTH = 1024 KB) TO FILEGROUP [PRIMARY]; - diff --git a/projecttemplates/RelyingPartyDatabase/Schema Objects/Database Level Objects/Storage/Files/Database_log.sqlfile.sql b/projecttemplates/RelyingPartyDatabase/Schema Objects/Database Level Objects/Storage/Files/Database_log.sqlfile.sql deleted file mode 100644 index bcd70cd..0000000 --- a/projecttemplates/RelyingPartyDatabase/Schema Objects/Database Level Objects/Storage/Files/Database_log.sqlfile.sql +++ /dev/null @@ -1,3 +0,0 @@ -ALTER DATABASE [$(DatabaseName)] - ADD LOG FILE (NAME = [$(DatabaseName)_log], FILENAME = '$(Path1)$(DatabaseName)_log.LDF', MAXSIZE = 2097152 MB, FILEGROWTH = 10 %); - diff --git a/projecttemplates/RelyingPartyLogic/Model.Client.cs b/projecttemplates/RelyingPartyLogic/Model.Client.cs index a2d895e..2b06958 100644 --- a/projecttemplates/RelyingPartyLogic/Model.Client.cs +++ b/projecttemplates/RelyingPartyLogic/Model.Client.cs @@ -7,20 +7,13 @@ namespace RelyingPartyLogic { using System; using System.Collections.Generic; - + using DotNetOpenAuth.Messaging; using DotNetOpenAuth.OAuth2; public partial class Client : IClientDescription { #region IConsumerDescription Members /// <summary> - /// Gets the client secret. - /// </summary> - string IClientDescription.Secret { - get { return this.ClientSecret; } - } - - /// <summary> /// Gets the callback to use when an individual authorization request /// does not include an explicit callback URI. /// </summary> @@ -39,6 +32,26 @@ namespace RelyingPartyLogic { } /// <summary> + /// Gets a value indicating whether a non-empty secret is registered for this client. + /// </summary> + bool IClientDescription.HasNonEmptySecret { + get { return !string.IsNullOrEmpty(this.ClientSecret); } + } + + /// <summary> + /// Checks whether the specified client secret is correct. + /// </summary> + /// <param name="secret">The secret obtained from the client.</param> + /// <returns><c>true</c> if the secret matches the one in the authorization server's record for the client; <c>false</c> otherwise.</returns> + /// <remarks> + /// All string equality checks, whether checking secrets or their hashes, + /// should be done using <see cref="MessagingUtilities.EqualsConstantTime"/> to mitigate timing attacks. + /// </remarks> + bool IClientDescription.IsValidClientSecret(string secret) { + return MessagingUtilities.EqualsConstantTime(secret, this.ClientSecret); + } + + /// <summary> /// Determines whether a callback URI included in a client's authorization request /// is among those allowed callbacks for the registered client. /// </summary> diff --git a/projecttemplates/RelyingPartyLogic/Model.Designer.cs b/projecttemplates/RelyingPartyLogic/Model.Designer.cs index 8dddc2d..df854b4 100644 --- a/projecttemplates/RelyingPartyLogic/Model.Designer.cs +++ b/projecttemplates/RelyingPartyLogic/Model.Designer.cs @@ -1,251 +1,287 @@ //------------------------------------------------------------------------------ // <auto-generated> -// This code was generated by a tool. -// Runtime Version:4.0.30319.239 +// This code was generated from a template. // -// Changes to this file may cause incorrect behavior and will be lost if -// the code is regenerated. +// Manual changes to this file may cause unexpected behavior in your application. +// Manual changes to this file will be overwritten if the code is regenerated. // </auto-generated> //------------------------------------------------------------------------------ -[assembly: global::System.Data.Objects.DataClasses.EdmSchemaAttribute()] -[assembly: global::System.Data.Objects.DataClasses.EdmRelationshipAttribute("DatabaseModel", "UserRole", "Role", global::System.Data.Metadata.Edm.RelationshipMultiplicity.Many, typeof(RelyingPartyLogic.Role), "User", global::System.Data.Metadata.Edm.RelationshipMultiplicity.Many, typeof(RelyingPartyLogic.User))] -[assembly: global::System.Data.Objects.DataClasses.EdmRelationshipAttribute("DatabaseModel", "FK_AuthenticationToken_User", "User", global::System.Data.Metadata.Edm.RelationshipMultiplicity.One, typeof(RelyingPartyLogic.User), "AuthenticationToken", global::System.Data.Metadata.Edm.RelationshipMultiplicity.Many, typeof(RelyingPartyLogic.AuthenticationToken))] -[assembly: global::System.Data.Objects.DataClasses.EdmRelationshipAttribute("DatabaseModel", "FK_IssuedToken_Consumer", "Client", global::System.Data.Metadata.Edm.RelationshipMultiplicity.One, typeof(RelyingPartyLogic.Client), "ClientAuthorization", global::System.Data.Metadata.Edm.RelationshipMultiplicity.Many, typeof(RelyingPartyLogic.ClientAuthorization))] -[assembly: global::System.Data.Objects.DataClasses.EdmRelationshipAttribute("DatabaseModel", "FK_IssuedToken_User", "User", global::System.Data.Metadata.Edm.RelationshipMultiplicity.One, typeof(RelyingPartyLogic.User), "ClientAuthorization", global::System.Data.Metadata.Edm.RelationshipMultiplicity.Many, typeof(RelyingPartyLogic.ClientAuthorization))] +using System; +using System.ComponentModel; +using System.Data.EntityClient; +using System.Data.Objects; +using System.Data.Objects.DataClasses; +using System.Linq; +using System.Runtime.Serialization; +using System.Xml.Serialization; + +[assembly: EdmSchemaAttribute()] +#region EDM Relationship Metadata + +[assembly: EdmRelationshipAttribute("DatabaseModel", "UserRole", "Role", System.Data.Metadata.Edm.RelationshipMultiplicity.Many, typeof(RelyingPartyLogic.Role), "User", System.Data.Metadata.Edm.RelationshipMultiplicity.Many, typeof(RelyingPartyLogic.User))] +[assembly: EdmRelationshipAttribute("DatabaseModel", "FK_AuthenticationToken_User", "User", System.Data.Metadata.Edm.RelationshipMultiplicity.One, typeof(RelyingPartyLogic.User), "AuthenticationToken", System.Data.Metadata.Edm.RelationshipMultiplicity.Many, typeof(RelyingPartyLogic.AuthenticationToken))] +[assembly: EdmRelationshipAttribute("DatabaseModel", "FK_IssuedToken_Consumer", "Client", System.Data.Metadata.Edm.RelationshipMultiplicity.One, typeof(RelyingPartyLogic.Client), "ClientAuthorization", System.Data.Metadata.Edm.RelationshipMultiplicity.Many, typeof(RelyingPartyLogic.ClientAuthorization))] +[assembly: EdmRelationshipAttribute("DatabaseModel", "FK_IssuedToken_User", "User", System.Data.Metadata.Edm.RelationshipMultiplicity.One, typeof(RelyingPartyLogic.User), "ClientAuthorization", System.Data.Metadata.Edm.RelationshipMultiplicity.Many, typeof(RelyingPartyLogic.ClientAuthorization))] + +#endregion -// Original file name: -// Generation date: 2/19/2012 9:18:26 PM namespace RelyingPartyLogic { + #region Contexts /// <summary> - /// There are no comments for DatabaseEntities in the schema. + /// No Metadata Documentation available. /// </summary> - public partial class DatabaseEntities : global::System.Data.Objects.ObjectContext + public partial class DatabaseEntities : ObjectContext { + #region Constructors + /// <summary> /// Initializes a new DatabaseEntities object using the connection string found in the 'DatabaseEntities' section of the application configuration file. /// </summary> - public DatabaseEntities() : - base("name=DatabaseEntities", "DatabaseEntities") + public DatabaseEntities() : base("name=DatabaseEntities", "DatabaseEntities") { - this.OnContextCreated(); + OnContextCreated(); } + /// <summary> /// Initialize a new DatabaseEntities object. /// </summary> - public DatabaseEntities(string connectionString) : - base(connectionString, "DatabaseEntities") + public DatabaseEntities(string connectionString) : base(connectionString, "DatabaseEntities") { - this.OnContextCreated(); + OnContextCreated(); } + /// <summary> /// Initialize a new DatabaseEntities object. /// </summary> - public DatabaseEntities(global::System.Data.EntityClient.EntityConnection connection) : - base(connection, "DatabaseEntities") + public DatabaseEntities(EntityConnection connection) : base(connection, "DatabaseEntities") { - this.OnContextCreated(); + OnContextCreated(); } + + #endregion + + #region Partial Methods + partial void OnContextCreated(); + + #endregion + + #region ObjectSet Properties + /// <summary> - /// There are no comments for Roles in the schema. + /// No Metadata Documentation available. /// </summary> - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - public global::System.Data.Objects.ObjectQuery<Role> Roles + public ObjectSet<Role> Roles { get { - if ((this._Roles == null)) + if ((_Roles == null)) { - this._Roles = base.CreateQuery<Role>("[Roles]"); + _Roles = base.CreateObjectSet<Role>("Roles"); } - return this._Roles; + return _Roles; } } - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - private global::System.Data.Objects.ObjectQuery<Role> _Roles; + private ObjectSet<Role> _Roles; + /// <summary> - /// There are no comments for Users in the schema. + /// No Metadata Documentation available. /// </summary> - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - public global::System.Data.Objects.ObjectQuery<User> Users + public ObjectSet<User> Users { get { - if ((this._Users == null)) + if ((_Users == null)) { - this._Users = base.CreateQuery<User>("[Users]"); + _Users = base.CreateObjectSet<User>("Users"); } - return this._Users; + return _Users; } } - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - private global::System.Data.Objects.ObjectQuery<User> _Users; + private ObjectSet<User> _Users; + /// <summary> - /// There are no comments for AuthenticationTokens in the schema. + /// No Metadata Documentation available. /// </summary> - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - public global::System.Data.Objects.ObjectQuery<AuthenticationToken> AuthenticationTokens + public ObjectSet<AuthenticationToken> AuthenticationTokens { get { - if ((this._AuthenticationTokens == null)) + if ((_AuthenticationTokens == null)) { - this._AuthenticationTokens = base.CreateQuery<AuthenticationToken>("[AuthenticationTokens]"); + _AuthenticationTokens = base.CreateObjectSet<AuthenticationToken>("AuthenticationTokens"); } - return this._AuthenticationTokens; + return _AuthenticationTokens; } } - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - private global::System.Data.Objects.ObjectQuery<AuthenticationToken> _AuthenticationTokens; + private ObjectSet<AuthenticationToken> _AuthenticationTokens; + /// <summary> - /// There are no comments for Nonces in the schema. + /// No Metadata Documentation available. /// </summary> - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - public global::System.Data.Objects.ObjectQuery<Nonce> Nonces + public ObjectSet<Nonce> Nonces { get { - if ((this._Nonces == null)) + if ((_Nonces == null)) { - this._Nonces = base.CreateQuery<Nonce>("[Nonces]"); + _Nonces = base.CreateObjectSet<Nonce>("Nonces"); } - return this._Nonces; + return _Nonces; } } - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - private global::System.Data.Objects.ObjectQuery<Nonce> _Nonces; + private ObjectSet<Nonce> _Nonces; + /// <summary> - /// There are no comments for Clients in the schema. + /// No Metadata Documentation available. /// </summary> - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - public global::System.Data.Objects.ObjectQuery<Client> Clients + public ObjectSet<Client> Clients { get { - if ((this._Clients == null)) + if ((_Clients == null)) { - this._Clients = base.CreateQuery<Client>("[Clients]"); + _Clients = base.CreateObjectSet<Client>("Clients"); } - return this._Clients; + return _Clients; } } - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - private global::System.Data.Objects.ObjectQuery<Client> _Clients; + private ObjectSet<Client> _Clients; + /// <summary> - /// There are no comments for ClientAuthorizations in the schema. + /// No Metadata Documentation available. /// </summary> - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - public global::System.Data.Objects.ObjectQuery<ClientAuthorization> ClientAuthorizations + public ObjectSet<ClientAuthorization> ClientAuthorizations { get { - if ((this._ClientAuthorizations == null)) + if ((_ClientAuthorizations == null)) { - this._ClientAuthorizations = base.CreateQuery<ClientAuthorization>("[ClientAuthorizations]"); + _ClientAuthorizations = base.CreateObjectSet<ClientAuthorization>("ClientAuthorizations"); } - return this._ClientAuthorizations; + return _ClientAuthorizations; } } - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - private global::System.Data.Objects.ObjectQuery<ClientAuthorization> _ClientAuthorizations; + private ObjectSet<ClientAuthorization> _ClientAuthorizations; + /// <summary> - /// There are no comments for SymmetricCryptoKeys in the schema. + /// No Metadata Documentation available. /// </summary> - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - public global::System.Data.Objects.ObjectQuery<SymmetricCryptoKey> SymmetricCryptoKeys + public ObjectSet<SymmetricCryptoKey> SymmetricCryptoKeys { get { - if ((this._SymmetricCryptoKeys == null)) + if ((_SymmetricCryptoKeys == null)) { - this._SymmetricCryptoKeys = base.CreateQuery<SymmetricCryptoKey>("[SymmetricCryptoKeys]"); + _SymmetricCryptoKeys = base.CreateObjectSet<SymmetricCryptoKey>("SymmetricCryptoKeys"); } - return this._SymmetricCryptoKeys; + return _SymmetricCryptoKeys; } } - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - private global::System.Data.Objects.ObjectQuery<SymmetricCryptoKey> _SymmetricCryptoKeys; + private ObjectSet<SymmetricCryptoKey> _SymmetricCryptoKeys; + + #endregion + + #region AddTo Methods + /// <summary> - /// There are no comments for Roles in the schema. + /// Deprecated Method for adding a new object to the Roles EntitySet. Consider using the .Add method of the associated ObjectSet<T> property instead. /// </summary> - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] public void AddToRoles(Role role) { base.AddObject("Roles", role); } + /// <summary> - /// There are no comments for Users in the schema. + /// Deprecated Method for adding a new object to the Users EntitySet. Consider using the .Add method of the associated ObjectSet<T> property instead. /// </summary> - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] public void AddToUsers(User user) { base.AddObject("Users", user); } + /// <summary> - /// There are no comments for AuthenticationTokens in the schema. + /// Deprecated Method for adding a new object to the AuthenticationTokens EntitySet. Consider using the .Add method of the associated ObjectSet<T> property instead. /// </summary> - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] public void AddToAuthenticationTokens(AuthenticationToken authenticationToken) { base.AddObject("AuthenticationTokens", authenticationToken); } + /// <summary> - /// There are no comments for Nonces in the schema. + /// Deprecated Method for adding a new object to the Nonces EntitySet. Consider using the .Add method of the associated ObjectSet<T> property instead. /// </summary> - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] public void AddToNonces(Nonce nonce) { base.AddObject("Nonces", nonce); } + /// <summary> - /// There are no comments for Clients in the schema. + /// Deprecated Method for adding a new object to the Clients EntitySet. Consider using the .Add method of the associated ObjectSet<T> property instead. /// </summary> - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] public void AddToClients(Client client) { base.AddObject("Clients", client); } + /// <summary> - /// There are no comments for ClientAuthorizations in the schema. + /// Deprecated Method for adding a new object to the ClientAuthorizations EntitySet. Consider using the .Add method of the associated ObjectSet<T> property instead. /// </summary> - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] public void AddToClientAuthorizations(ClientAuthorization clientAuthorization) { base.AddObject("ClientAuthorizations", clientAuthorization); } + /// <summary> - /// There are no comments for SymmetricCryptoKeys in the schema. + /// Deprecated Method for adding a new object to the SymmetricCryptoKeys EntitySet. Consider using the .Add method of the associated ObjectSet<T> property instead. /// </summary> - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] public void AddToSymmetricCryptoKeys(SymmetricCryptoKey symmetricCryptoKey) { base.AddObject("SymmetricCryptoKeys", symmetricCryptoKey); } + + #endregion + + #region Function Imports + + /// <summary> + /// No Metadata Documentation available. + /// </summary> + public int ClearExpiredNonces() + { + return base.ExecuteFunction("ClearExpiredNonces"); + } + + #endregion + } + + #endregion + + #region Entities + /// <summary> - /// There are no comments for DatabaseModel.AuthenticationToken in the schema. + /// No Metadata Documentation available. /// </summary> - /// <KeyProperties> - /// AuthenticationTokenId - /// </KeyProperties> - [global::System.Data.Objects.DataClasses.EdmEntityTypeAttribute(NamespaceName="DatabaseModel", Name="AuthenticationToken")] - [global::System.Runtime.Serialization.DataContractAttribute(IsReference=true)] - [global::System.Serializable()] - public partial class AuthenticationToken : global::System.Data.Objects.DataClasses.EntityObject + [EdmEntityTypeAttribute(NamespaceName="DatabaseModel", Name="AuthenticationToken")] + [Serializable()] + [DataContractAttribute(IsReference=true)] + public partial class AuthenticationToken : EntityObject { + #region Factory Method + /// <summary> /// Create a new AuthenticationToken object. /// </summary> - /// <param name="claimedIdentifier">Initial value of ClaimedIdentifier.</param> - /// <param name="createdOnUtc">Initial value of CreatedOnUtc.</param> - /// <param name="lastUsedUtc">Initial value of LastUsedUtc.</param> - /// <param name="usageCount">Initial value of UsageCount.</param> - /// <param name="authenticationTokenId">Initial value of AuthenticationTokenId.</param> - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - public static AuthenticationToken CreateAuthenticationToken(string claimedIdentifier, global::System.DateTime createdOnUtc, global::System.DateTime lastUsedUtc, int usageCount, int authenticationTokenId) + /// <param name="claimedIdentifier">Initial value of the ClaimedIdentifier property.</param> + /// <param name="createdOnUtc">Initial value of the CreatedOnUtc property.</param> + /// <param name="lastUsedUtc">Initial value of the LastUsedUtc property.</param> + /// <param name="usageCount">Initial value of the UsageCount property.</param> + /// <param name="authenticationTokenId">Initial value of the AuthenticationTokenId property.</param> + public static AuthenticationToken CreateAuthenticationToken(global::System.String claimedIdentifier, global::System.DateTime createdOnUtc, global::System.DateTime lastUsedUtc, global::System.Int32 usageCount, global::System.Int32 authenticationTokenId) { AuthenticationToken authenticationToken = new AuthenticationToken(); authenticationToken.ClaimedIdentifier = claimedIdentifier; @@ -255,585 +291,644 @@ namespace RelyingPartyLogic authenticationToken.AuthenticationTokenId = authenticationTokenId; return authenticationToken; } + + #endregion + + #region Primitive Properties + /// <summary> - /// There are no comments for property ClaimedIdentifier in the schema. + /// No Metadata Documentation available. /// </summary> - [global::System.Data.Objects.DataClasses.EdmScalarPropertyAttribute(IsNullable=false)] - [global::System.Runtime.Serialization.DataMemberAttribute()] - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - public string ClaimedIdentifier + [EdmScalarPropertyAttribute(EntityKeyProperty=false, IsNullable=false)] + [DataMemberAttribute()] + public global::System.String ClaimedIdentifier { get { - return this._ClaimedIdentifier; + return _ClaimedIdentifier; } set { - this.OnClaimedIdentifierChanging(value); - this.ReportPropertyChanging("ClaimedIdentifier"); - this._ClaimedIdentifier = global::System.Data.Objects.DataClasses.StructuralObject.SetValidValue(value, false); - this.ReportPropertyChanged("ClaimedIdentifier"); - this.OnClaimedIdentifierChanged(); + OnClaimedIdentifierChanging(value); + ReportPropertyChanging("ClaimedIdentifier"); + _ClaimedIdentifier = StructuralObject.SetValidValue(value, false); + ReportPropertyChanged("ClaimedIdentifier"); + OnClaimedIdentifierChanged(); } } - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - private string _ClaimedIdentifier; - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - partial void OnClaimedIdentifierChanging(string value); - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] + private global::System.String _ClaimedIdentifier; + partial void OnClaimedIdentifierChanging(global::System.String value); partial void OnClaimedIdentifierChanged(); + /// <summary> - /// There are no comments for property FriendlyIdentifier in the schema. + /// No Metadata Documentation available. /// </summary> - [global::System.Data.Objects.DataClasses.EdmScalarPropertyAttribute()] - [global::System.Runtime.Serialization.DataMemberAttribute()] - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - public string FriendlyIdentifier + [EdmScalarPropertyAttribute(EntityKeyProperty=false, IsNullable=true)] + [DataMemberAttribute()] + public global::System.String FriendlyIdentifier { get { - return this._FriendlyIdentifier; + return _FriendlyIdentifier; } set { - this.OnFriendlyIdentifierChanging(value); - this.ReportPropertyChanging("FriendlyIdentifier"); - this._FriendlyIdentifier = global::System.Data.Objects.DataClasses.StructuralObject.SetValidValue(value, true); - this.ReportPropertyChanged("FriendlyIdentifier"); - this.OnFriendlyIdentifierChanged(); + OnFriendlyIdentifierChanging(value); + ReportPropertyChanging("FriendlyIdentifier"); + _FriendlyIdentifier = StructuralObject.SetValidValue(value, true); + ReportPropertyChanged("FriendlyIdentifier"); + OnFriendlyIdentifierChanged(); } } - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - private string _FriendlyIdentifier; - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - partial void OnFriendlyIdentifierChanging(string value); - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] + private global::System.String _FriendlyIdentifier; + partial void OnFriendlyIdentifierChanging(global::System.String value); partial void OnFriendlyIdentifierChanged(); + /// <summary> - /// There are no comments for property CreatedOnUtc in the schema. + /// No Metadata Documentation available. /// </summary> - [global::System.Data.Objects.DataClasses.EdmScalarPropertyAttribute(IsNullable=false)] - [global::System.Runtime.Serialization.DataMemberAttribute()] - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] + [EdmScalarPropertyAttribute(EntityKeyProperty=false, IsNullable=false)] + [DataMemberAttribute()] public global::System.DateTime CreatedOnUtc { get { - return this._CreatedOnUtc; + return _CreatedOnUtc; } private set { - this.OnCreatedOnUtcChanging(value); - this.ReportPropertyChanging("CreatedOnUtc"); - this._CreatedOnUtc = global::System.Data.Objects.DataClasses.StructuralObject.SetValidValue(value); - this.ReportPropertyChanged("CreatedOnUtc"); - this.OnCreatedOnUtcChanged(); + OnCreatedOnUtcChanging(value); + ReportPropertyChanging("CreatedOnUtc"); + _CreatedOnUtc = StructuralObject.SetValidValue(value); + ReportPropertyChanged("CreatedOnUtc"); + OnCreatedOnUtcChanged(); } } - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] private global::System.DateTime _CreatedOnUtc; - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] partial void OnCreatedOnUtcChanging(global::System.DateTime value); - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] partial void OnCreatedOnUtcChanged(); + /// <summary> - /// There are no comments for property LastUsedUtc in the schema. + /// No Metadata Documentation available. /// </summary> - [global::System.Data.Objects.DataClasses.EdmScalarPropertyAttribute(IsNullable=false)] - [global::System.Runtime.Serialization.DataMemberAttribute()] - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] + [EdmScalarPropertyAttribute(EntityKeyProperty=false, IsNullable=false)] + [DataMemberAttribute()] public global::System.DateTime LastUsedUtc { get { - return this._LastUsedUtc; + return _LastUsedUtc; } set { - this.OnLastUsedUtcChanging(value); - this.ReportPropertyChanging("LastUsedUtc"); - this._LastUsedUtc = global::System.Data.Objects.DataClasses.StructuralObject.SetValidValue(value); - this.ReportPropertyChanged("LastUsedUtc"); - this.OnLastUsedUtcChanged(); + OnLastUsedUtcChanging(value); + ReportPropertyChanging("LastUsedUtc"); + _LastUsedUtc = StructuralObject.SetValidValue(value); + ReportPropertyChanged("LastUsedUtc"); + OnLastUsedUtcChanged(); } } - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] private global::System.DateTime _LastUsedUtc; - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] partial void OnLastUsedUtcChanging(global::System.DateTime value); - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] partial void OnLastUsedUtcChanged(); + /// <summary> - /// There are no comments for property UsageCount in the schema. + /// No Metadata Documentation available. /// </summary> - [global::System.Data.Objects.DataClasses.EdmScalarPropertyAttribute(IsNullable=false)] - [global::System.Runtime.Serialization.DataMemberAttribute()] - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - public int UsageCount + [EdmScalarPropertyAttribute(EntityKeyProperty=false, IsNullable=false)] + [DataMemberAttribute()] + public global::System.Int32 UsageCount { get { - return this._UsageCount; + return _UsageCount; } set { - this.OnUsageCountChanging(value); - this.ReportPropertyChanging("UsageCount"); - this._UsageCount = global::System.Data.Objects.DataClasses.StructuralObject.SetValidValue(value); - this.ReportPropertyChanged("UsageCount"); - this.OnUsageCountChanged(); + OnUsageCountChanging(value); + ReportPropertyChanging("UsageCount"); + _UsageCount = StructuralObject.SetValidValue(value); + ReportPropertyChanged("UsageCount"); + OnUsageCountChanged(); } } - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - private int _UsageCount; - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - partial void OnUsageCountChanging(int value); - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] + private global::System.Int32 _UsageCount; + partial void OnUsageCountChanging(global::System.Int32 value); partial void OnUsageCountChanged(); + /// <summary> - /// There are no comments for property AuthenticationTokenId in the schema. + /// No Metadata Documentation available. /// </summary> - [global::System.Data.Objects.DataClasses.EdmScalarPropertyAttribute(EntityKeyProperty=true, IsNullable=false)] - [global::System.Runtime.Serialization.DataMemberAttribute()] - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - public int AuthenticationTokenId + [EdmScalarPropertyAttribute(EntityKeyProperty=true, IsNullable=false)] + [DataMemberAttribute()] + public global::System.Int32 AuthenticationTokenId { get { - return this._AuthenticationTokenId; + return _AuthenticationTokenId; } private set { - this.OnAuthenticationTokenIdChanging(value); - this.ReportPropertyChanging("AuthenticationTokenId"); - this._AuthenticationTokenId = global::System.Data.Objects.DataClasses.StructuralObject.SetValidValue(value); - this.ReportPropertyChanged("AuthenticationTokenId"); - this.OnAuthenticationTokenIdChanged(); + if (_AuthenticationTokenId != value) + { + OnAuthenticationTokenIdChanging(value); + ReportPropertyChanging("AuthenticationTokenId"); + _AuthenticationTokenId = StructuralObject.SetValidValue(value); + ReportPropertyChanged("AuthenticationTokenId"); + OnAuthenticationTokenIdChanged(); + } } } - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - private int _AuthenticationTokenId; - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - partial void OnAuthenticationTokenIdChanging(int value); - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] + private global::System.Int32 _AuthenticationTokenId; + partial void OnAuthenticationTokenIdChanging(global::System.Int32 value); partial void OnAuthenticationTokenIdChanged(); + + #endregion + + + #region Navigation Properties + /// <summary> - /// There are no comments for User in the schema. + /// No Metadata Documentation available. /// </summary> - [global::System.Data.Objects.DataClasses.EdmRelationshipNavigationPropertyAttribute("DatabaseModel", "FK_AuthenticationToken_User", "User")] - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - [global::System.Xml.Serialization.XmlIgnoreAttribute()] - [global::System.Xml.Serialization.SoapIgnoreAttribute()] - [global::System.Runtime.Serialization.DataMemberAttribute()] + [XmlIgnoreAttribute()] + [SoapIgnoreAttribute()] + [DataMemberAttribute()] + [EdmRelationshipNavigationPropertyAttribute("DatabaseModel", "FK_AuthenticationToken_User", "User")] public User User { get { - return ((global::System.Data.Objects.DataClasses.IEntityWithRelationships)(this)).RelationshipManager.GetRelatedReference<User>("DatabaseModel.FK_AuthenticationToken_User", "User").Value; + return ((IEntityWithRelationships)this).RelationshipManager.GetRelatedReference<User>("DatabaseModel.FK_AuthenticationToken_User", "User").Value; } set { - ((global::System.Data.Objects.DataClasses.IEntityWithRelationships)(this)).RelationshipManager.GetRelatedReference<User>("DatabaseModel.FK_AuthenticationToken_User", "User").Value = value; + ((IEntityWithRelationships)this).RelationshipManager.GetRelatedReference<User>("DatabaseModel.FK_AuthenticationToken_User", "User").Value = value; } } /// <summary> - /// There are no comments for User in the schema. + /// No Metadata Documentation available. /// </summary> - [global::System.ComponentModel.BrowsableAttribute(false)] - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - [global::System.Runtime.Serialization.DataMemberAttribute()] - public global::System.Data.Objects.DataClasses.EntityReference<User> UserReference + [BrowsableAttribute(false)] + [DataMemberAttribute()] + public EntityReference<User> UserReference { get { - return ((global::System.Data.Objects.DataClasses.IEntityWithRelationships)(this)).RelationshipManager.GetRelatedReference<User>("DatabaseModel.FK_AuthenticationToken_User", "User"); + return ((IEntityWithRelationships)this).RelationshipManager.GetRelatedReference<User>("DatabaseModel.FK_AuthenticationToken_User", "User"); } set { if ((value != null)) { - ((global::System.Data.Objects.DataClasses.IEntityWithRelationships)(this)).RelationshipManager.InitializeRelatedReference<User>("DatabaseModel.FK_AuthenticationToken_User", "User", value); + ((IEntityWithRelationships)this).RelationshipManager.InitializeRelatedReference<User>("DatabaseModel.FK_AuthenticationToken_User", "User", value); } } } + + #endregion + } + /// <summary> - /// There are no comments for DatabaseModel.Role in the schema. + /// No Metadata Documentation available. /// </summary> - /// <KeyProperties> - /// RoleId - /// </KeyProperties> - [global::System.Data.Objects.DataClasses.EdmEntityTypeAttribute(NamespaceName="DatabaseModel", Name="Role")] - [global::System.Runtime.Serialization.DataContractAttribute(IsReference=true)] - [global::System.Serializable()] - public partial class Role : global::System.Data.Objects.DataClasses.EntityObject + [EdmEntityTypeAttribute(NamespaceName="DatabaseModel", Name="Client")] + [Serializable()] + [DataContractAttribute(IsReference=true)] + public partial class Client : EntityObject { + #region Factory Method + /// <summary> - /// Create a new Role object. + /// Create a new Client object. /// </summary> - /// <param name="name">Initial value of Name.</param> - /// <param name="roleId">Initial value of RoleId.</param> - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - public static Role CreateRole(string name, int roleId) + /// <param name="clientId">Initial value of the ClientId property.</param> + /// <param name="clientIdentifier">Initial value of the ClientIdentifier property.</param> + /// <param name="name">Initial value of the Name property.</param> + /// <param name="clientType">Initial value of the ClientType property.</param> + public static Client CreateClient(global::System.Int32 clientId, global::System.String clientIdentifier, global::System.String name, global::System.Int32 clientType) { - Role role = new Role(); - role.Name = name; - role.RoleId = roleId; - return role; + Client client = new Client(); + client.ClientId = clientId; + client.ClientIdentifier = clientIdentifier; + client.Name = name; + client.ClientType = clientType; + return client; } + + #endregion + + #region Primitive Properties + /// <summary> - /// There are no comments for property Name in the schema. + /// No Metadata Documentation available. /// </summary> - [global::System.Data.Objects.DataClasses.EdmScalarPropertyAttribute(IsNullable=false)] - [global::System.Runtime.Serialization.DataMemberAttribute()] - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - public string Name + [EdmScalarPropertyAttribute(EntityKeyProperty=true, IsNullable=false)] + [DataMemberAttribute()] + public global::System.Int32 ClientId { get { - return this._Name; + return _ClientId; } set { - this.OnNameChanging(value); - this.ReportPropertyChanging("Name"); - this._Name = global::System.Data.Objects.DataClasses.StructuralObject.SetValidValue(value, false); - this.ReportPropertyChanged("Name"); - this.OnNameChanged(); + if (_ClientId != value) + { + OnClientIdChanging(value); + ReportPropertyChanging("ClientId"); + _ClientId = StructuralObject.SetValidValue(value); + ReportPropertyChanged("ClientId"); + OnClientIdChanged(); + } } } - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - private string _Name; - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - partial void OnNameChanging(string value); - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - partial void OnNameChanged(); + private global::System.Int32 _ClientId; + partial void OnClientIdChanging(global::System.Int32 value); + partial void OnClientIdChanged(); + /// <summary> - /// There are no comments for property RoleId in the schema. + /// No Metadata Documentation available. /// </summary> - [global::System.Data.Objects.DataClasses.EdmScalarPropertyAttribute(EntityKeyProperty=true, IsNullable=false)] - [global::System.Runtime.Serialization.DataMemberAttribute()] - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - public int RoleId + [EdmScalarPropertyAttribute(EntityKeyProperty=false, IsNullable=false)] + [DataMemberAttribute()] + public global::System.String ClientIdentifier { get { - return this._RoleId; + return _ClientIdentifier; } - private set + set { - this.OnRoleIdChanging(value); - this.ReportPropertyChanging("RoleId"); - this._RoleId = global::System.Data.Objects.DataClasses.StructuralObject.SetValidValue(value); - this.ReportPropertyChanged("RoleId"); - this.OnRoleIdChanged(); + OnClientIdentifierChanging(value); + ReportPropertyChanging("ClientIdentifier"); + _ClientIdentifier = StructuralObject.SetValidValue(value, false); + ReportPropertyChanged("ClientIdentifier"); + OnClientIdentifierChanged(); } } - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - private int _RoleId; - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - partial void OnRoleIdChanging(int value); - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - partial void OnRoleIdChanged(); + private global::System.String _ClientIdentifier; + partial void OnClientIdentifierChanging(global::System.String value); + partial void OnClientIdentifierChanged(); + /// <summary> - /// There are no comments for Users in the schema. + /// No Metadata Documentation available. /// </summary> - [global::System.Data.Objects.DataClasses.EdmRelationshipNavigationPropertyAttribute("DatabaseModel", "UserRole", "User")] - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - [global::System.Xml.Serialization.XmlIgnoreAttribute()] - [global::System.Xml.Serialization.SoapIgnoreAttribute()] - [global::System.Runtime.Serialization.DataMemberAttribute()] - public global::System.Data.Objects.DataClasses.EntityCollection<User> Users + [EdmScalarPropertyAttribute(EntityKeyProperty=false, IsNullable=true)] + [DataMemberAttribute()] + public global::System.String ClientSecret { get { - return ((global::System.Data.Objects.DataClasses.IEntityWithRelationships)(this)).RelationshipManager.GetRelatedCollection<User>("DatabaseModel.UserRole", "User"); + return _ClientSecret; } set { - if ((value != null)) - { - ((global::System.Data.Objects.DataClasses.IEntityWithRelationships)(this)).RelationshipManager.InitializeRelatedCollection<User>("DatabaseModel.UserRole", "User", value); - } + OnClientSecretChanging(value); + ReportPropertyChanging("ClientSecret"); + _ClientSecret = StructuralObject.SetValidValue(value, true); + ReportPropertyChanged("ClientSecret"); + OnClientSecretChanged(); } } - } - /// <summary> - /// There are no comments for DatabaseModel.User in the schema. - /// </summary> - /// <KeyProperties> - /// UserId - /// </KeyProperties> - [global::System.Data.Objects.DataClasses.EdmEntityTypeAttribute(NamespaceName="DatabaseModel", Name="User")] - [global::System.Runtime.Serialization.DataContractAttribute(IsReference=true)] - [global::System.Serializable()] - public partial class User : global::System.Data.Objects.DataClasses.EntityObject - { + private global::System.String _ClientSecret; + partial void OnClientSecretChanging(global::System.String value); + partial void OnClientSecretChanged(); + /// <summary> - /// Create a new User object. + /// No Metadata Documentation available. /// </summary> - /// <param name="emailAddressVerified">Initial value of EmailAddressVerified.</param> - /// <param name="createdOnUtc">Initial value of CreatedOnUtc.</param> - /// <param name="userId">Initial value of UserId.</param> - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - public static User CreateUser(bool emailAddressVerified, global::System.DateTime createdOnUtc, int userId) + [EdmScalarPropertyAttribute(EntityKeyProperty=false, IsNullable=true)] + [DataMemberAttribute()] + public global::System.String CallbackAsString { - User user = new User(); - user.EmailAddressVerified = emailAddressVerified; - user.CreatedOnUtc = createdOnUtc; - user.UserId = userId; - return user; + get + { + return _CallbackAsString; + } + set + { + OnCallbackAsStringChanging(value); + ReportPropertyChanging("CallbackAsString"); + _CallbackAsString = StructuralObject.SetValidValue(value, true); + ReportPropertyChanged("CallbackAsString"); + OnCallbackAsStringChanged(); + } } + private global::System.String _CallbackAsString; + partial void OnCallbackAsStringChanging(global::System.String value); + partial void OnCallbackAsStringChanged(); + /// <summary> - /// There are no comments for property FirstName in the schema. + /// No Metadata Documentation available. /// </summary> - [global::System.Data.Objects.DataClasses.EdmScalarPropertyAttribute()] - [global::System.Runtime.Serialization.DataMemberAttribute()] - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - public string FirstName + [EdmScalarPropertyAttribute(EntityKeyProperty=false, IsNullable=false)] + [DataMemberAttribute()] + public global::System.String Name { get { - return this._FirstName; + return _Name; } set { - this.OnFirstNameChanging(value); - this.ReportPropertyChanging("FirstName"); - this._FirstName = global::System.Data.Objects.DataClasses.StructuralObject.SetValidValue(value, true); - this.ReportPropertyChanged("FirstName"); - this.OnFirstNameChanged(); + OnNameChanging(value); + ReportPropertyChanging("Name"); + _Name = StructuralObject.SetValidValue(value, false); + ReportPropertyChanged("Name"); + OnNameChanged(); } } - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - private string _FirstName; - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - partial void OnFirstNameChanging(string value); - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - partial void OnFirstNameChanged(); + private global::System.String _Name; + partial void OnNameChanging(global::System.String value); + partial void OnNameChanged(); + /// <summary> - /// There are no comments for property LastName in the schema. + /// No Metadata Documentation available. /// </summary> - [global::System.Data.Objects.DataClasses.EdmScalarPropertyAttribute()] - [global::System.Runtime.Serialization.DataMemberAttribute()] - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - public string LastName + [EdmScalarPropertyAttribute(EntityKeyProperty=false, IsNullable=false)] + [DataMemberAttribute()] + public global::System.Int32 ClientType { get { - return this._LastName; + return _ClientType; } set { - this.OnLastNameChanging(value); - this.ReportPropertyChanging("LastName"); - this._LastName = global::System.Data.Objects.DataClasses.StructuralObject.SetValidValue(value, true); - this.ReportPropertyChanged("LastName"); - this.OnLastNameChanged(); + OnClientTypeChanging(value); + ReportPropertyChanging("ClientType"); + _ClientType = StructuralObject.SetValidValue(value); + ReportPropertyChanged("ClientType"); + OnClientTypeChanged(); } } - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - private string _LastName; - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - partial void OnLastNameChanging(string value); - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - partial void OnLastNameChanged(); + private global::System.Int32 _ClientType; + partial void OnClientTypeChanging(global::System.Int32 value); + partial void OnClientTypeChanged(); + + #endregion + + + #region Navigation Properties + /// <summary> - /// The email address claimed to be controlled by the user. Whether it is actually owned by the user is indicated by the EmailAddressVerified property. + /// No Metadata Documentation available. /// </summary> - [global::System.Data.Objects.DataClasses.EdmScalarPropertyAttribute()] - [global::System.Runtime.Serialization.DataMemberAttribute()] - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - public string EmailAddress + [XmlIgnoreAttribute()] + [SoapIgnoreAttribute()] + [DataMemberAttribute()] + [EdmRelationshipNavigationPropertyAttribute("DatabaseModel", "FK_IssuedToken_Consumer", "ClientAuthorization")] + public EntityCollection<ClientAuthorization> ClientAuthorizations { get { - return this._EmailAddress; + return ((IEntityWithRelationships)this).RelationshipManager.GetRelatedCollection<ClientAuthorization>("DatabaseModel.FK_IssuedToken_Consumer", "ClientAuthorization"); } set { - this.OnEmailAddressChanging(value); - this.ReportPropertyChanging("EmailAddress"); - this._EmailAddress = global::System.Data.Objects.DataClasses.StructuralObject.SetValidValue(value, true); - this.ReportPropertyChanged("EmailAddress"); - this.OnEmailAddressChanged(); + if ((value != null)) + { + ((IEntityWithRelationships)this).RelationshipManager.InitializeRelatedCollection<ClientAuthorization>("DatabaseModel.FK_IssuedToken_Consumer", "ClientAuthorization", value); + } } } - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - private string _EmailAddress; - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - partial void OnEmailAddressChanging(string value); - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - partial void OnEmailAddressChanged(); + + #endregion + + } + + /// <summary> + /// No Metadata Documentation available. + /// </summary> + [EdmEntityTypeAttribute(NamespaceName="DatabaseModel", Name="ClientAuthorization")] + [Serializable()] + [DataContractAttribute(IsReference=true)] + public partial class ClientAuthorization : EntityObject + { + #region Factory Method + /// <summary> - /// A value indicating whether the email address has been verified as actually owned by this user. + /// Create a new ClientAuthorization object. + /// </summary> + /// <param name="authorizationId">Initial value of the AuthorizationId property.</param> + /// <param name="createdOnUtc">Initial value of the CreatedOnUtc property.</param> + public static ClientAuthorization CreateClientAuthorization(global::System.Int32 authorizationId, global::System.DateTime createdOnUtc) + { + ClientAuthorization clientAuthorization = new ClientAuthorization(); + clientAuthorization.AuthorizationId = authorizationId; + clientAuthorization.CreatedOnUtc = createdOnUtc; + return clientAuthorization; + } + + #endregion + + #region Primitive Properties + + /// <summary> + /// No Metadata Documentation available. /// </summary> - [global::System.Data.Objects.DataClasses.EdmScalarPropertyAttribute(IsNullable=false)] - [global::System.Runtime.Serialization.DataMemberAttribute()] - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - public bool EmailAddressVerified + [EdmScalarPropertyAttribute(EntityKeyProperty=true, IsNullable=false)] + [DataMemberAttribute()] + public global::System.Int32 AuthorizationId { get { - return this._EmailAddressVerified; + return _AuthorizationId; } set { - this.OnEmailAddressVerifiedChanging(value); - this.ReportPropertyChanging("EmailAddressVerified"); - this._EmailAddressVerified = global::System.Data.Objects.DataClasses.StructuralObject.SetValidValue(value); - this.ReportPropertyChanged("EmailAddressVerified"); - this.OnEmailAddressVerifiedChanged(); + if (_AuthorizationId != value) + { + OnAuthorizationIdChanging(value); + ReportPropertyChanging("AuthorizationId"); + _AuthorizationId = StructuralObject.SetValidValue(value); + ReportPropertyChanged("AuthorizationId"); + OnAuthorizationIdChanged(); + } } } - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - private bool _EmailAddressVerified; - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - partial void OnEmailAddressVerifiedChanging(bool value); - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - partial void OnEmailAddressVerifiedChanged(); + private global::System.Int32 _AuthorizationId; + partial void OnAuthorizationIdChanging(global::System.Int32 value); + partial void OnAuthorizationIdChanged(); + /// <summary> - /// There are no comments for property CreatedOnUtc in the schema. + /// No Metadata Documentation available. /// </summary> - [global::System.Data.Objects.DataClasses.EdmScalarPropertyAttribute(IsNullable=false)] - [global::System.Runtime.Serialization.DataMemberAttribute()] - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] + [EdmScalarPropertyAttribute(EntityKeyProperty=false, IsNullable=false)] + [DataMemberAttribute()] public global::System.DateTime CreatedOnUtc { get { - return this._CreatedOnUtc; + return _CreatedOnUtc; } - private set + set { - this.OnCreatedOnUtcChanging(value); - this.ReportPropertyChanging("CreatedOnUtc"); - this._CreatedOnUtc = global::System.Data.Objects.DataClasses.StructuralObject.SetValidValue(value); - this.ReportPropertyChanged("CreatedOnUtc"); - this.OnCreatedOnUtcChanged(); + OnCreatedOnUtcChanging(value); + ReportPropertyChanging("CreatedOnUtc"); + _CreatedOnUtc = StructuralObject.SetValidValue(value); + ReportPropertyChanged("CreatedOnUtc"); + OnCreatedOnUtcChanged(); } } - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] private global::System.DateTime _CreatedOnUtc; - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] partial void OnCreatedOnUtcChanging(global::System.DateTime value); - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] partial void OnCreatedOnUtcChanged(); + /// <summary> - /// There are no comments for property UserId in the schema. + /// No Metadata Documentation available. /// </summary> - [global::System.Data.Objects.DataClasses.EdmScalarPropertyAttribute(EntityKeyProperty=true, IsNullable=false)] - [global::System.Runtime.Serialization.DataMemberAttribute()] - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - public int UserId + [EdmScalarPropertyAttribute(EntityKeyProperty=false, IsNullable=true)] + [DataMemberAttribute()] + public Nullable<global::System.DateTime> ExpirationDateUtc { get { - return this._UserId; + return _ExpirationDateUtc; } - private set + set { - this.OnUserIdChanging(value); - this.ReportPropertyChanging("UserId"); - this._UserId = global::System.Data.Objects.DataClasses.StructuralObject.SetValidValue(value); - this.ReportPropertyChanged("UserId"); - this.OnUserIdChanged(); + OnExpirationDateUtcChanging(value); + ReportPropertyChanging("ExpirationDateUtc"); + _ExpirationDateUtc = StructuralObject.SetValidValue(value); + ReportPropertyChanged("ExpirationDateUtc"); + OnExpirationDateUtcChanged(); } } - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - private int _UserId; - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - partial void OnUserIdChanging(int value); - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - partial void OnUserIdChanged(); + private Nullable<global::System.DateTime> _ExpirationDateUtc; + partial void OnExpirationDateUtcChanging(Nullable<global::System.DateTime> value); + partial void OnExpirationDateUtcChanged(); + /// <summary> - /// There are no comments for Roles in the schema. + /// No Metadata Documentation available. /// </summary> - [global::System.Data.Objects.DataClasses.EdmRelationshipNavigationPropertyAttribute("DatabaseModel", "UserRole", "Role")] - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - [global::System.Xml.Serialization.XmlIgnoreAttribute()] - [global::System.Xml.Serialization.SoapIgnoreAttribute()] - [global::System.Runtime.Serialization.DataMemberAttribute()] - public global::System.Data.Objects.DataClasses.EntityCollection<Role> Roles + [EdmScalarPropertyAttribute(EntityKeyProperty=false, IsNullable=true)] + [DataMemberAttribute()] + public global::System.String Scope { get { - return ((global::System.Data.Objects.DataClasses.IEntityWithRelationships)(this)).RelationshipManager.GetRelatedCollection<Role>("DatabaseModel.UserRole", "Role"); + return _Scope; } set { - if ((value != null)) - { - ((global::System.Data.Objects.DataClasses.IEntityWithRelationships)(this)).RelationshipManager.InitializeRelatedCollection<Role>("DatabaseModel.UserRole", "Role", value); - } + OnScopeChanging(value); + ReportPropertyChanging("Scope"); + _Scope = StructuralObject.SetValidValue(value, true); + ReportPropertyChanged("Scope"); + OnScopeChanged(); + } + } + private global::System.String _Scope; + partial void OnScopeChanging(global::System.String value); + partial void OnScopeChanged(); + + #endregion + + + #region Navigation Properties + + /// <summary> + /// No Metadata Documentation available. + /// </summary> + [XmlIgnoreAttribute()] + [SoapIgnoreAttribute()] + [DataMemberAttribute()] + [EdmRelationshipNavigationPropertyAttribute("DatabaseModel", "FK_IssuedToken_Consumer", "Client")] + public Client Client + { + get + { + return ((IEntityWithRelationships)this).RelationshipManager.GetRelatedReference<Client>("DatabaseModel.FK_IssuedToken_Consumer", "Client").Value; + } + set + { + ((IEntityWithRelationships)this).RelationshipManager.GetRelatedReference<Client>("DatabaseModel.FK_IssuedToken_Consumer", "Client").Value = value; } } /// <summary> - /// There are no comments for AuthenticationTokens in the schema. + /// No Metadata Documentation available. /// </summary> - [global::System.Data.Objects.DataClasses.EdmRelationshipNavigationPropertyAttribute("DatabaseModel", "FK_AuthenticationToken_User", "AuthenticationToken")] - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - [global::System.Xml.Serialization.XmlIgnoreAttribute()] - [global::System.Xml.Serialization.SoapIgnoreAttribute()] - [global::System.Runtime.Serialization.DataMemberAttribute()] - public global::System.Data.Objects.DataClasses.EntityCollection<AuthenticationToken> AuthenticationTokens + [BrowsableAttribute(false)] + [DataMemberAttribute()] + public EntityReference<Client> ClientReference { get { - return ((global::System.Data.Objects.DataClasses.IEntityWithRelationships)(this)).RelationshipManager.GetRelatedCollection<AuthenticationToken>("DatabaseModel.FK_AuthenticationToken_User", "AuthenticationToken"); + return ((IEntityWithRelationships)this).RelationshipManager.GetRelatedReference<Client>("DatabaseModel.FK_IssuedToken_Consumer", "Client"); } set { if ((value != null)) { - ((global::System.Data.Objects.DataClasses.IEntityWithRelationships)(this)).RelationshipManager.InitializeRelatedCollection<AuthenticationToken>("DatabaseModel.FK_AuthenticationToken_User", "AuthenticationToken", value); + ((IEntityWithRelationships)this).RelationshipManager.InitializeRelatedReference<Client>("DatabaseModel.FK_IssuedToken_Consumer", "Client", value); } } } + /// <summary> - /// There are no comments for ClientAuthorizations in the schema. + /// No Metadata Documentation available. /// </summary> - [global::System.Data.Objects.DataClasses.EdmRelationshipNavigationPropertyAttribute("DatabaseModel", "FK_IssuedToken_User", "ClientAuthorization")] - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - [global::System.Xml.Serialization.XmlIgnoreAttribute()] - [global::System.Xml.Serialization.SoapIgnoreAttribute()] - [global::System.Runtime.Serialization.DataMemberAttribute()] - public global::System.Data.Objects.DataClasses.EntityCollection<ClientAuthorization> ClientAuthorizations + [XmlIgnoreAttribute()] + [SoapIgnoreAttribute()] + [DataMemberAttribute()] + [EdmRelationshipNavigationPropertyAttribute("DatabaseModel", "FK_IssuedToken_User", "User")] + public User User { get { - return ((global::System.Data.Objects.DataClasses.IEntityWithRelationships)(this)).RelationshipManager.GetRelatedCollection<ClientAuthorization>("DatabaseModel.FK_IssuedToken_User", "ClientAuthorization"); + return ((IEntityWithRelationships)this).RelationshipManager.GetRelatedReference<User>("DatabaseModel.FK_IssuedToken_User", "User").Value; + } + set + { + ((IEntityWithRelationships)this).RelationshipManager.GetRelatedReference<User>("DatabaseModel.FK_IssuedToken_User", "User").Value = value; + } + } + /// <summary> + /// No Metadata Documentation available. + /// </summary> + [BrowsableAttribute(false)] + [DataMemberAttribute()] + public EntityReference<User> UserReference + { + get + { + return ((IEntityWithRelationships)this).RelationshipManager.GetRelatedReference<User>("DatabaseModel.FK_IssuedToken_User", "User"); } set { if ((value != null)) { - ((global::System.Data.Objects.DataClasses.IEntityWithRelationships)(this)).RelationshipManager.InitializeRelatedCollection<ClientAuthorization>("DatabaseModel.FK_IssuedToken_User", "ClientAuthorization", value); + ((IEntityWithRelationships)this).RelationshipManager.InitializeRelatedReference<User>("DatabaseModel.FK_IssuedToken_User", "User", value); } } } + + #endregion + } + /// <summary> - /// There are no comments for DatabaseModel.Nonce in the schema. + /// No Metadata Documentation available. /// </summary> - /// <KeyProperties> - /// NonceId - /// </KeyProperties> - [global::System.Data.Objects.DataClasses.EdmEntityTypeAttribute(NamespaceName="DatabaseModel", Name="Nonce")] - [global::System.Runtime.Serialization.DataContractAttribute(IsReference=true)] - [global::System.Serializable()] - public partial class Nonce : global::System.Data.Objects.DataClasses.EntityObject + [EdmEntityTypeAttribute(NamespaceName="DatabaseModel", Name="Nonce")] + [Serializable()] + [DataContractAttribute(IsReference=true)] + public partial class Nonce : EntityObject { + #region Factory Method + /// <summary> /// Create a new Nonce object. /// </summary> - /// <param name="nonceId">Initial value of NonceId.</param> - /// <param name="context">Initial value of Context.</param> - /// <param name="code">Initial value of Code.</param> - /// <param name="issuedUtc">Initial value of IssuedUtc.</param> - /// <param name="expiresUtc">Initial value of ExpiresUtc.</param> - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - public static Nonce CreateNonce(int nonceId, string context, string code, global::System.DateTime issuedUtc, global::System.DateTime expiresUtc) + /// <param name="nonceId">Initial value of the NonceId property.</param> + /// <param name="context">Initial value of the Context property.</param> + /// <param name="code">Initial value of the Code property.</param> + /// <param name="issuedUtc">Initial value of the IssuedUtc property.</param> + /// <param name="expiresUtc">Initial value of the ExpiresUtc property.</param> + public static Nonce CreateNonce(global::System.Int32 nonceId, global::System.String context, global::System.String code, global::System.DateTime issuedUtc, global::System.DateTime expiresUtc) { Nonce nonce = new Nonce(); nonce.NonceId = nonceId; @@ -843,730 +938,661 @@ namespace RelyingPartyLogic nonce.ExpiresUtc = expiresUtc; return nonce; } + + #endregion + + #region Primitive Properties + /// <summary> - /// There are no comments for property NonceId in the schema. + /// No Metadata Documentation available. /// </summary> - [global::System.Data.Objects.DataClasses.EdmScalarPropertyAttribute(EntityKeyProperty=true, IsNullable=false)] - [global::System.Runtime.Serialization.DataMemberAttribute()] - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - public int NonceId + [EdmScalarPropertyAttribute(EntityKeyProperty=true, IsNullable=false)] + [DataMemberAttribute()] + public global::System.Int32 NonceId { get { - return this._NonceId; + return _NonceId; } set { - this.OnNonceIdChanging(value); - this.ReportPropertyChanging("NonceId"); - this._NonceId = global::System.Data.Objects.DataClasses.StructuralObject.SetValidValue(value); - this.ReportPropertyChanged("NonceId"); - this.OnNonceIdChanged(); + if (_NonceId != value) + { + OnNonceIdChanging(value); + ReportPropertyChanging("NonceId"); + _NonceId = StructuralObject.SetValidValue(value); + ReportPropertyChanged("NonceId"); + OnNonceIdChanged(); + } } } - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - private int _NonceId; - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - partial void OnNonceIdChanging(int value); - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] + private global::System.Int32 _NonceId; + partial void OnNonceIdChanging(global::System.Int32 value); partial void OnNonceIdChanged(); + /// <summary> /// Gets or sets the Provider Endpoint URL the nonce came from. /// </summary> - [global::System.Data.Objects.DataClasses.EdmScalarPropertyAttribute(IsNullable=false)] - [global::System.Runtime.Serialization.DataMemberAttribute()] - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - public string Context + [EdmScalarPropertyAttribute(EntityKeyProperty=false, IsNullable=false)] + [DataMemberAttribute()] + public global::System.String Context { get { - return this._Context; + return _Context; } set { - this.OnContextChanging(value); - this.ReportPropertyChanging("Context"); - this._Context = global::System.Data.Objects.DataClasses.StructuralObject.SetValidValue(value, false); - this.ReportPropertyChanged("Context"); - this.OnContextChanged(); + OnContextChanging(value); + ReportPropertyChanging("Context"); + _Context = StructuralObject.SetValidValue(value, false); + ReportPropertyChanged("Context"); + OnContextChanged(); } } - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - private string _Context; - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - partial void OnContextChanging(string value); - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] + private global::System.String _Context; + partial void OnContextChanging(global::System.String value); partial void OnContextChanged(); + /// <summary> - /// There are no comments for property Code in the schema. + /// No Metadata Documentation available. /// </summary> - [global::System.Data.Objects.DataClasses.EdmScalarPropertyAttribute(IsNullable=false)] - [global::System.Runtime.Serialization.DataMemberAttribute()] - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - public string Code + [EdmScalarPropertyAttribute(EntityKeyProperty=false, IsNullable=false)] + [DataMemberAttribute()] + public global::System.String Code { get { - return this._Code; + return _Code; } set { - this.OnCodeChanging(value); - this.ReportPropertyChanging("Code"); - this._Code = global::System.Data.Objects.DataClasses.StructuralObject.SetValidValue(value, false); - this.ReportPropertyChanged("Code"); - this.OnCodeChanged(); + OnCodeChanging(value); + ReportPropertyChanging("Code"); + _Code = StructuralObject.SetValidValue(value, false); + ReportPropertyChanged("Code"); + OnCodeChanged(); } } - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - private string _Code; - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - partial void OnCodeChanging(string value); - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] + private global::System.String _Code; + partial void OnCodeChanging(global::System.String value); partial void OnCodeChanged(); + /// <summary> - /// There are no comments for property IssuedUtc in the schema. + /// No Metadata Documentation available. /// </summary> - [global::System.Data.Objects.DataClasses.EdmScalarPropertyAttribute(IsNullable=false)] - [global::System.Runtime.Serialization.DataMemberAttribute()] - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] + [EdmScalarPropertyAttribute(EntityKeyProperty=false, IsNullable=false)] + [DataMemberAttribute()] public global::System.DateTime IssuedUtc { get { - return this._IssuedUtc; + return _IssuedUtc; } set { - this.OnIssuedUtcChanging(value); - this.ReportPropertyChanging("IssuedUtc"); - this._IssuedUtc = global::System.Data.Objects.DataClasses.StructuralObject.SetValidValue(value); - this.ReportPropertyChanged("IssuedUtc"); - this.OnIssuedUtcChanged(); + OnIssuedUtcChanging(value); + ReportPropertyChanging("IssuedUtc"); + _IssuedUtc = StructuralObject.SetValidValue(value); + ReportPropertyChanged("IssuedUtc"); + OnIssuedUtcChanged(); } } - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] private global::System.DateTime _IssuedUtc; - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] partial void OnIssuedUtcChanging(global::System.DateTime value); - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] partial void OnIssuedUtcChanged(); + /// <summary> - /// There are no comments for property ExpiresUtc in the schema. + /// No Metadata Documentation available. /// </summary> - [global::System.Data.Objects.DataClasses.EdmScalarPropertyAttribute(IsNullable=false)] - [global::System.Runtime.Serialization.DataMemberAttribute()] - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] + [EdmScalarPropertyAttribute(EntityKeyProperty=false, IsNullable=false)] + [DataMemberAttribute()] public global::System.DateTime ExpiresUtc { get { - return this._ExpiresUtc; + return _ExpiresUtc; } set { - this.OnExpiresUtcChanging(value); - this.ReportPropertyChanging("ExpiresUtc"); - this._ExpiresUtc = global::System.Data.Objects.DataClasses.StructuralObject.SetValidValue(value); - this.ReportPropertyChanged("ExpiresUtc"); - this.OnExpiresUtcChanged(); + OnExpiresUtcChanging(value); + ReportPropertyChanging("ExpiresUtc"); + _ExpiresUtc = StructuralObject.SetValidValue(value); + ReportPropertyChanged("ExpiresUtc"); + OnExpiresUtcChanged(); } } - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] private global::System.DateTime _ExpiresUtc; - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] partial void OnExpiresUtcChanging(global::System.DateTime value); - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] partial void OnExpiresUtcChanged(); + + #endregion + + } + /// <summary> - /// There are no comments for DatabaseModel.Client in the schema. + /// No Metadata Documentation available. /// </summary> - /// <KeyProperties> - /// ClientId - /// </KeyProperties> - [global::System.Data.Objects.DataClasses.EdmEntityTypeAttribute(NamespaceName="DatabaseModel", Name="Client")] - [global::System.Runtime.Serialization.DataContractAttribute(IsReference=true)] - [global::System.Serializable()] - public partial class Client : global::System.Data.Objects.DataClasses.EntityObject + [EdmEntityTypeAttribute(NamespaceName="DatabaseModel", Name="Role")] + [Serializable()] + [DataContractAttribute(IsReference=true)] + public partial class Role : EntityObject { + #region Factory Method + /// <summary> - /// Create a new Client object. - /// </summary> - /// <param name="clientId">Initial value of ClientId.</param> - /// <param name="clientIdentifier">Initial value of ClientIdentifier.</param> - /// <param name="name">Initial value of Name.</param> - /// <param name="clientType">Initial value of ClientType.</param> - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - public static Client CreateClient(int clientId, string clientIdentifier, string name, int clientType) - { - Client client = new Client(); - client.ClientId = clientId; - client.ClientIdentifier = clientIdentifier; - client.Name = name; - client.ClientType = clientType; - return client; - } - /// <summary> - /// There are no comments for property ClientId in the schema. + /// Create a new Role object. /// </summary> - [global::System.Data.Objects.DataClasses.EdmScalarPropertyAttribute(EntityKeyProperty=true, IsNullable=false)] - [global::System.Runtime.Serialization.DataMemberAttribute()] - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - public int ClientId + /// <param name="name">Initial value of the Name property.</param> + /// <param name="roleId">Initial value of the RoleId property.</param> + public static Role CreateRole(global::System.String name, global::System.Int32 roleId) { - get - { - return this._ClientId; - } - set - { - this.OnClientIdChanging(value); - this.ReportPropertyChanging("ClientId"); - this._ClientId = global::System.Data.Objects.DataClasses.StructuralObject.SetValidValue(value); - this.ReportPropertyChanged("ClientId"); - this.OnClientIdChanged(); - } + Role role = new Role(); + role.Name = name; + role.RoleId = roleId; + return role; } - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - private int _ClientId; - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - partial void OnClientIdChanging(int value); - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - partial void OnClientIdChanged(); + + #endregion + + #region Primitive Properties + /// <summary> - /// There are no comments for property ClientIdentifier in the schema. + /// No Metadata Documentation available. /// </summary> - [global::System.Data.Objects.DataClasses.EdmScalarPropertyAttribute(IsNullable=false)] - [global::System.Runtime.Serialization.DataMemberAttribute()] - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - public string ClientIdentifier + [EdmScalarPropertyAttribute(EntityKeyProperty=false, IsNullable=false)] + [DataMemberAttribute()] + public global::System.String Name { get { - return this._ClientIdentifier; + return _Name; } set { - this.OnClientIdentifierChanging(value); - this.ReportPropertyChanging("ClientIdentifier"); - this._ClientIdentifier = global::System.Data.Objects.DataClasses.StructuralObject.SetValidValue(value, false); - this.ReportPropertyChanged("ClientIdentifier"); - this.OnClientIdentifierChanged(); + OnNameChanging(value); + ReportPropertyChanging("Name"); + _Name = StructuralObject.SetValidValue(value, false); + ReportPropertyChanged("Name"); + OnNameChanged(); } } - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - private string _ClientIdentifier; - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - partial void OnClientIdentifierChanging(string value); - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - partial void OnClientIdentifierChanged(); + private global::System.String _Name; + partial void OnNameChanging(global::System.String value); + partial void OnNameChanged(); + /// <summary> - /// There are no comments for property ClientSecret in the schema. + /// No Metadata Documentation available. /// </summary> - [global::System.Data.Objects.DataClasses.EdmScalarPropertyAttribute()] - [global::System.Runtime.Serialization.DataMemberAttribute()] - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - public string ClientSecret + [EdmScalarPropertyAttribute(EntityKeyProperty=true, IsNullable=false)] + [DataMemberAttribute()] + public global::System.Int32 RoleId { get { - return this._ClientSecret; + return _RoleId; } - set + private set { - this.OnClientSecretChanging(value); - this.ReportPropertyChanging("ClientSecret"); - this._ClientSecret = global::System.Data.Objects.DataClasses.StructuralObject.SetValidValue(value, true); - this.ReportPropertyChanged("ClientSecret"); - this.OnClientSecretChanged(); + if (_RoleId != value) + { + OnRoleIdChanging(value); + ReportPropertyChanging("RoleId"); + _RoleId = StructuralObject.SetValidValue(value); + ReportPropertyChanged("RoleId"); + OnRoleIdChanged(); + } } } - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - private string _ClientSecret; - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - partial void OnClientSecretChanging(string value); - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - partial void OnClientSecretChanged(); + private global::System.Int32 _RoleId; + partial void OnRoleIdChanging(global::System.Int32 value); + partial void OnRoleIdChanged(); + + #endregion + + + #region Navigation Properties + /// <summary> - /// There are no comments for property CallbackAsString in the schema. + /// No Metadata Documentation available. /// </summary> - [global::System.Data.Objects.DataClasses.EdmScalarPropertyAttribute()] - [global::System.Runtime.Serialization.DataMemberAttribute()] - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - public string CallbackAsString + [XmlIgnoreAttribute()] + [SoapIgnoreAttribute()] + [DataMemberAttribute()] + [EdmRelationshipNavigationPropertyAttribute("DatabaseModel", "UserRole", "User")] + public EntityCollection<User> Users { get { - return this._CallbackAsString; + return ((IEntityWithRelationships)this).RelationshipManager.GetRelatedCollection<User>("DatabaseModel.UserRole", "User"); } set { - this.OnCallbackAsStringChanging(value); - this.ReportPropertyChanging("CallbackAsString"); - this._CallbackAsString = global::System.Data.Objects.DataClasses.StructuralObject.SetValidValue(value, true); - this.ReportPropertyChanged("CallbackAsString"); - this.OnCallbackAsStringChanged(); + if ((value != null)) + { + ((IEntityWithRelationships)this).RelationshipManager.InitializeRelatedCollection<User>("DatabaseModel.UserRole", "User", value); + } } } - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - private string _CallbackAsString; - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - partial void OnCallbackAsStringChanging(string value); - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - partial void OnCallbackAsStringChanged(); + + #endregion + + } + + /// <summary> + /// No Metadata Documentation available. + /// </summary> + [EdmEntityTypeAttribute(NamespaceName="DatabaseModel", Name="SymmetricCryptoKey")] + [Serializable()] + [DataContractAttribute(IsReference=true)] + public partial class SymmetricCryptoKey : EntityObject + { + #region Factory Method + /// <summary> - /// There are no comments for property Name in the schema. + /// Create a new SymmetricCryptoKey object. /// </summary> - [global::System.Data.Objects.DataClasses.EdmScalarPropertyAttribute(IsNullable=false)] - [global::System.Runtime.Serialization.DataMemberAttribute()] - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - public string Name + /// <param name="cryptoKeyId">Initial value of the CryptoKeyId property.</param> + /// <param name="bucket">Initial value of the Bucket property.</param> + /// <param name="handle">Initial value of the Handle property.</param> + /// <param name="expirationUtc">Initial value of the ExpirationUtc property.</param> + /// <param name="secret">Initial value of the Secret property.</param> + public static SymmetricCryptoKey CreateSymmetricCryptoKey(global::System.Int32 cryptoKeyId, global::System.String bucket, global::System.String handle, global::System.DateTime expirationUtc, global::System.Byte[] secret) { - get - { - return this._Name; - } - set - { - this.OnNameChanging(value); - this.ReportPropertyChanging("Name"); - this._Name = global::System.Data.Objects.DataClasses.StructuralObject.SetValidValue(value, false); - this.ReportPropertyChanged("Name"); - this.OnNameChanged(); - } + SymmetricCryptoKey symmetricCryptoKey = new SymmetricCryptoKey(); + symmetricCryptoKey.CryptoKeyId = cryptoKeyId; + symmetricCryptoKey.Bucket = bucket; + symmetricCryptoKey.Handle = handle; + symmetricCryptoKey.ExpirationUtc = expirationUtc; + symmetricCryptoKey.Secret = secret; + return symmetricCryptoKey; } - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - private string _Name; - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - partial void OnNameChanging(string value); - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - partial void OnNameChanged(); + + #endregion + + #region Primitive Properties + /// <summary> - /// There are no comments for property ClientType in the schema. + /// No Metadata Documentation available. /// </summary> - [global::System.Data.Objects.DataClasses.EdmScalarPropertyAttribute(IsNullable=false)] - [global::System.Runtime.Serialization.DataMemberAttribute()] - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - public int ClientType + [EdmScalarPropertyAttribute(EntityKeyProperty=true, IsNullable=false)] + [DataMemberAttribute()] + public global::System.Int32 CryptoKeyId { get { - return this._ClientType; + return _CryptoKeyId; } set { - this.OnClientTypeChanging(value); - this.ReportPropertyChanging("ClientType"); - this._ClientType = global::System.Data.Objects.DataClasses.StructuralObject.SetValidValue(value); - this.ReportPropertyChanged("ClientType"); - this.OnClientTypeChanged(); + if (_CryptoKeyId != value) + { + OnCryptoKeyIdChanging(value); + ReportPropertyChanging("CryptoKeyId"); + _CryptoKeyId = StructuralObject.SetValidValue(value); + ReportPropertyChanged("CryptoKeyId"); + OnCryptoKeyIdChanged(); + } } } - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - private int _ClientType; - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - partial void OnClientTypeChanging(int value); - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - partial void OnClientTypeChanged(); + private global::System.Int32 _CryptoKeyId; + partial void OnCryptoKeyIdChanging(global::System.Int32 value); + partial void OnCryptoKeyIdChanged(); + /// <summary> - /// There are no comments for ClientAuthorizations in the schema. + /// No Metadata Documentation available. /// </summary> - [global::System.Data.Objects.DataClasses.EdmRelationshipNavigationPropertyAttribute("DatabaseModel", "FK_IssuedToken_Consumer", "ClientAuthorization")] - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - [global::System.Xml.Serialization.XmlIgnoreAttribute()] - [global::System.Xml.Serialization.SoapIgnoreAttribute()] - [global::System.Runtime.Serialization.DataMemberAttribute()] - public global::System.Data.Objects.DataClasses.EntityCollection<ClientAuthorization> ClientAuthorizations + [EdmScalarPropertyAttribute(EntityKeyProperty=false, IsNullable=false)] + [DataMemberAttribute()] + public global::System.String Bucket { get { - return ((global::System.Data.Objects.DataClasses.IEntityWithRelationships)(this)).RelationshipManager.GetRelatedCollection<ClientAuthorization>("DatabaseModel.FK_IssuedToken_Consumer", "ClientAuthorization"); + return _Bucket; } set { - if ((value != null)) - { - ((global::System.Data.Objects.DataClasses.IEntityWithRelationships)(this)).RelationshipManager.InitializeRelatedCollection<ClientAuthorization>("DatabaseModel.FK_IssuedToken_Consumer", "ClientAuthorization", value); - } + OnBucketChanging(value); + ReportPropertyChanging("Bucket"); + _Bucket = StructuralObject.SetValidValue(value, false); + ReportPropertyChanged("Bucket"); + OnBucketChanged(); } } - } - /// <summary> - /// There are no comments for DatabaseModel.ClientAuthorization in the schema. - /// </summary> - /// <KeyProperties> - /// AuthorizationId - /// </KeyProperties> - [global::System.Data.Objects.DataClasses.EdmEntityTypeAttribute(NamespaceName="DatabaseModel", Name="ClientAuthorization")] - [global::System.Runtime.Serialization.DataContractAttribute(IsReference=true)] - [global::System.Serializable()] - public partial class ClientAuthorization : global::System.Data.Objects.DataClasses.EntityObject - { - /// <summary> - /// Create a new ClientAuthorization object. - /// </summary> - /// <param name="authorizationId">Initial value of AuthorizationId.</param> - /// <param name="createdOnUtc">Initial value of CreatedOnUtc.</param> - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - public static ClientAuthorization CreateClientAuthorization(int authorizationId, global::System.DateTime createdOnUtc) - { - ClientAuthorization clientAuthorization = new ClientAuthorization(); - clientAuthorization.AuthorizationId = authorizationId; - clientAuthorization.CreatedOnUtc = createdOnUtc; - return clientAuthorization; - } + private global::System.String _Bucket; + partial void OnBucketChanging(global::System.String value); + partial void OnBucketChanged(); + /// <summary> - /// There are no comments for property AuthorizationId in the schema. + /// No Metadata Documentation available. /// </summary> - [global::System.Data.Objects.DataClasses.EdmScalarPropertyAttribute(EntityKeyProperty=true, IsNullable=false)] - [global::System.Runtime.Serialization.DataMemberAttribute()] - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - public int AuthorizationId + [EdmScalarPropertyAttribute(EntityKeyProperty=false, IsNullable=false)] + [DataMemberAttribute()] + public global::System.String Handle { get { - return this._AuthorizationId; + return _Handle; } set { - this.OnAuthorizationIdChanging(value); - this.ReportPropertyChanging("AuthorizationId"); - this._AuthorizationId = global::System.Data.Objects.DataClasses.StructuralObject.SetValidValue(value); - this.ReportPropertyChanged("AuthorizationId"); - this.OnAuthorizationIdChanged(); + OnHandleChanging(value); + ReportPropertyChanging("Handle"); + _Handle = StructuralObject.SetValidValue(value, false); + ReportPropertyChanged("Handle"); + OnHandleChanged(); } } - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - private int _AuthorizationId; - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - partial void OnAuthorizationIdChanging(int value); - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - partial void OnAuthorizationIdChanged(); + private global::System.String _Handle; + partial void OnHandleChanging(global::System.String value); + partial void OnHandleChanged(); + /// <summary> - /// There are no comments for property CreatedOnUtc in the schema. + /// No Metadata Documentation available. /// </summary> - [global::System.Data.Objects.DataClasses.EdmScalarPropertyAttribute(IsNullable=false)] - [global::System.Runtime.Serialization.DataMemberAttribute()] - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - public global::System.DateTime CreatedOnUtc + [EdmScalarPropertyAttribute(EntityKeyProperty=false, IsNullable=false)] + [DataMemberAttribute()] + public global::System.DateTime ExpirationUtc { get { - return this._CreatedOnUtc; + return _ExpirationUtc; } set { - this.OnCreatedOnUtcChanging(value); - this.ReportPropertyChanging("CreatedOnUtc"); - this._CreatedOnUtc = global::System.Data.Objects.DataClasses.StructuralObject.SetValidValue(value); - this.ReportPropertyChanged("CreatedOnUtc"); - this.OnCreatedOnUtcChanged(); + OnExpirationUtcChanging(value); + ReportPropertyChanging("ExpirationUtc"); + _ExpirationUtc = StructuralObject.SetValidValue(value); + ReportPropertyChanged("ExpirationUtc"); + OnExpirationUtcChanged(); } } - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - private global::System.DateTime _CreatedOnUtc; - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - partial void OnCreatedOnUtcChanging(global::System.DateTime value); - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - partial void OnCreatedOnUtcChanged(); + private global::System.DateTime _ExpirationUtc; + partial void OnExpirationUtcChanging(global::System.DateTime value); + partial void OnExpirationUtcChanged(); + /// <summary> - /// There are no comments for property ExpirationDateUtc in the schema. + /// No Metadata Documentation available. /// </summary> - [global::System.Data.Objects.DataClasses.EdmScalarPropertyAttribute()] - [global::System.Runtime.Serialization.DataMemberAttribute()] - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - public global::System.Nullable<global::System.DateTime> ExpirationDateUtc + [EdmScalarPropertyAttribute(EntityKeyProperty=false, IsNullable=false)] + [DataMemberAttribute()] + public global::System.Byte[] Secret { get { - return this._ExpirationDateUtc; + return StructuralObject.GetValidValue(_Secret); } set { - this.OnExpirationDateUtcChanging(value); - this.ReportPropertyChanging("ExpirationDateUtc"); - this._ExpirationDateUtc = global::System.Data.Objects.DataClasses.StructuralObject.SetValidValue(value); - this.ReportPropertyChanged("ExpirationDateUtc"); - this.OnExpirationDateUtcChanged(); + OnSecretChanging(value); + ReportPropertyChanging("Secret"); + _Secret = StructuralObject.SetValidValue(value, false); + ReportPropertyChanged("Secret"); + OnSecretChanged(); } } - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - private global::System.Nullable<global::System.DateTime> _ExpirationDateUtc; - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - partial void OnExpirationDateUtcChanging(global::System.Nullable<global::System.DateTime> value); - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - partial void OnExpirationDateUtcChanged(); + private global::System.Byte[] _Secret; + partial void OnSecretChanging(global::System.Byte[] value); + partial void OnSecretChanged(); + + #endregion + + + } + + /// <summary> + /// No Metadata Documentation available. + /// </summary> + [EdmEntityTypeAttribute(NamespaceName="DatabaseModel", Name="User")] + [Serializable()] + [DataContractAttribute(IsReference=true)] + public partial class User : EntityObject + { + #region Factory Method + /// <summary> - /// There are no comments for property Scope in the schema. + /// Create a new User object. /// </summary> - [global::System.Data.Objects.DataClasses.EdmScalarPropertyAttribute()] - [global::System.Runtime.Serialization.DataMemberAttribute()] - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - public string Scope + /// <param name="emailAddressVerified">Initial value of the EmailAddressVerified property.</param> + /// <param name="createdOnUtc">Initial value of the CreatedOnUtc property.</param> + /// <param name="userId">Initial value of the UserId property.</param> + public static User CreateUser(global::System.Boolean emailAddressVerified, global::System.DateTime createdOnUtc, global::System.Int32 userId) { - get - { - return this._Scope; - } - set - { - this.OnScopeChanging(value); - this.ReportPropertyChanging("Scope"); - this._Scope = global::System.Data.Objects.DataClasses.StructuralObject.SetValidValue(value, true); - this.ReportPropertyChanged("Scope"); - this.OnScopeChanged(); - } + User user = new User(); + user.EmailAddressVerified = emailAddressVerified; + user.CreatedOnUtc = createdOnUtc; + user.UserId = userId; + return user; } - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - private string _Scope; - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - partial void OnScopeChanging(string value); - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - partial void OnScopeChanged(); + + #endregion + + #region Primitive Properties + /// <summary> - /// There are no comments for Client in the schema. + /// No Metadata Documentation available. /// </summary> - [global::System.Data.Objects.DataClasses.EdmRelationshipNavigationPropertyAttribute("DatabaseModel", "FK_IssuedToken_Consumer", "Client")] - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - [global::System.Xml.Serialization.XmlIgnoreAttribute()] - [global::System.Xml.Serialization.SoapIgnoreAttribute()] - [global::System.Runtime.Serialization.DataMemberAttribute()] - public Client Client + [EdmScalarPropertyAttribute(EntityKeyProperty=false, IsNullable=true)] + [DataMemberAttribute()] + public global::System.String FirstName { get { - return ((global::System.Data.Objects.DataClasses.IEntityWithRelationships)(this)).RelationshipManager.GetRelatedReference<Client>("DatabaseModel.FK_IssuedToken_Consumer", "Client").Value; + return _FirstName; } set { - ((global::System.Data.Objects.DataClasses.IEntityWithRelationships)(this)).RelationshipManager.GetRelatedReference<Client>("DatabaseModel.FK_IssuedToken_Consumer", "Client").Value = value; + OnFirstNameChanging(value); + ReportPropertyChanging("FirstName"); + _FirstName = StructuralObject.SetValidValue(value, true); + ReportPropertyChanged("FirstName"); + OnFirstNameChanged(); } } + private global::System.String _FirstName; + partial void OnFirstNameChanging(global::System.String value); + partial void OnFirstNameChanged(); + /// <summary> - /// There are no comments for Client in the schema. + /// No Metadata Documentation available. /// </summary> - [global::System.ComponentModel.BrowsableAttribute(false)] - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - [global::System.Runtime.Serialization.DataMemberAttribute()] - public global::System.Data.Objects.DataClasses.EntityReference<Client> ClientReference + [EdmScalarPropertyAttribute(EntityKeyProperty=false, IsNullable=true)] + [DataMemberAttribute()] + public global::System.String LastName { get { - return ((global::System.Data.Objects.DataClasses.IEntityWithRelationships)(this)).RelationshipManager.GetRelatedReference<Client>("DatabaseModel.FK_IssuedToken_Consumer", "Client"); + return _LastName; } set { - if ((value != null)) - { - ((global::System.Data.Objects.DataClasses.IEntityWithRelationships)(this)).RelationshipManager.InitializeRelatedReference<Client>("DatabaseModel.FK_IssuedToken_Consumer", "Client", value); - } + OnLastNameChanging(value); + ReportPropertyChanging("LastName"); + _LastName = StructuralObject.SetValidValue(value, true); + ReportPropertyChanged("LastName"); + OnLastNameChanged(); } } + private global::System.String _LastName; + partial void OnLastNameChanging(global::System.String value); + partial void OnLastNameChanged(); + /// <summary> - /// There are no comments for User in the schema. + /// The email address claimed to be controlled by the user. Whether it is actually owned by the user is indicated by the EmailAddressVerified property. /// </summary> - [global::System.Data.Objects.DataClasses.EdmRelationshipNavigationPropertyAttribute("DatabaseModel", "FK_IssuedToken_User", "User")] - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - [global::System.Xml.Serialization.XmlIgnoreAttribute()] - [global::System.Xml.Serialization.SoapIgnoreAttribute()] - [global::System.Runtime.Serialization.DataMemberAttribute()] - public User User + [EdmScalarPropertyAttribute(EntityKeyProperty=false, IsNullable=true)] + [DataMemberAttribute()] + public global::System.String EmailAddress { get { - return ((global::System.Data.Objects.DataClasses.IEntityWithRelationships)(this)).RelationshipManager.GetRelatedReference<User>("DatabaseModel.FK_IssuedToken_User", "User").Value; + return _EmailAddress; } set { - ((global::System.Data.Objects.DataClasses.IEntityWithRelationships)(this)).RelationshipManager.GetRelatedReference<User>("DatabaseModel.FK_IssuedToken_User", "User").Value = value; + OnEmailAddressChanging(value); + ReportPropertyChanging("EmailAddress"); + _EmailAddress = StructuralObject.SetValidValue(value, true); + ReportPropertyChanged("EmailAddress"); + OnEmailAddressChanged(); } } + private global::System.String _EmailAddress; + partial void OnEmailAddressChanging(global::System.String value); + partial void OnEmailAddressChanged(); + /// <summary> - /// There are no comments for User in the schema. + /// A value indicating whether the email address has been verified as actually owned by this user. /// </summary> - [global::System.ComponentModel.BrowsableAttribute(false)] - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - [global::System.Runtime.Serialization.DataMemberAttribute()] - public global::System.Data.Objects.DataClasses.EntityReference<User> UserReference + [EdmScalarPropertyAttribute(EntityKeyProperty=false, IsNullable=false)] + [DataMemberAttribute()] + public global::System.Boolean EmailAddressVerified { get { - return ((global::System.Data.Objects.DataClasses.IEntityWithRelationships)(this)).RelationshipManager.GetRelatedReference<User>("DatabaseModel.FK_IssuedToken_User", "User"); + return _EmailAddressVerified; } set { - if ((value != null)) - { - ((global::System.Data.Objects.DataClasses.IEntityWithRelationships)(this)).RelationshipManager.InitializeRelatedReference<User>("DatabaseModel.FK_IssuedToken_User", "User", value); - } + OnEmailAddressVerifiedChanging(value); + ReportPropertyChanging("EmailAddressVerified"); + _EmailAddressVerified = StructuralObject.SetValidValue(value); + ReportPropertyChanged("EmailAddressVerified"); + OnEmailAddressVerifiedChanged(); } } - } - /// <summary> - /// There are no comments for DatabaseModel.SymmetricCryptoKey in the schema. - /// </summary> - /// <KeyProperties> - /// CryptoKeyId - /// </KeyProperties> - [global::System.Data.Objects.DataClasses.EdmEntityTypeAttribute(NamespaceName="DatabaseModel", Name="SymmetricCryptoKey")] - [global::System.Runtime.Serialization.DataContractAttribute(IsReference=true)] - [global::System.Serializable()] - public partial class SymmetricCryptoKey : global::System.Data.Objects.DataClasses.EntityObject - { - /// <summary> - /// Create a new SymmetricCryptoKey object. - /// </summary> - /// <param name="cryptoKeyId">Initial value of CryptoKeyId.</param> - /// <param name="bucket">Initial value of Bucket.</param> - /// <param name="handle">Initial value of Handle.</param> - /// <param name="expirationUtc">Initial value of ExpirationUtc.</param> - /// <param name="secret">Initial value of Secret.</param> - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - public static SymmetricCryptoKey CreateSymmetricCryptoKey(int cryptoKeyId, string bucket, string handle, global::System.DateTime expirationUtc, byte[] secret) - { - SymmetricCryptoKey symmetricCryptoKey = new SymmetricCryptoKey(); - symmetricCryptoKey.CryptoKeyId = cryptoKeyId; - symmetricCryptoKey.Bucket = bucket; - symmetricCryptoKey.Handle = handle; - symmetricCryptoKey.ExpirationUtc = expirationUtc; - symmetricCryptoKey.Secret = secret; - return symmetricCryptoKey; - } + private global::System.Boolean _EmailAddressVerified; + partial void OnEmailAddressVerifiedChanging(global::System.Boolean value); + partial void OnEmailAddressVerifiedChanged(); + /// <summary> - /// There are no comments for property CryptoKeyId in the schema. + /// No Metadata Documentation available. /// </summary> - [global::System.Data.Objects.DataClasses.EdmScalarPropertyAttribute(EntityKeyProperty=true, IsNullable=false)] - [global::System.Runtime.Serialization.DataMemberAttribute()] - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - public int CryptoKeyId + [EdmScalarPropertyAttribute(EntityKeyProperty=false, IsNullable=false)] + [DataMemberAttribute()] + public global::System.DateTime CreatedOnUtc { get { - return this._CryptoKeyId; + return _CreatedOnUtc; } - set + private set { - this.OnCryptoKeyIdChanging(value); - this.ReportPropertyChanging("CryptoKeyId"); - this._CryptoKeyId = global::System.Data.Objects.DataClasses.StructuralObject.SetValidValue(value); - this.ReportPropertyChanged("CryptoKeyId"); - this.OnCryptoKeyIdChanged(); + OnCreatedOnUtcChanging(value); + ReportPropertyChanging("CreatedOnUtc"); + _CreatedOnUtc = StructuralObject.SetValidValue(value); + ReportPropertyChanged("CreatedOnUtc"); + OnCreatedOnUtcChanged(); } } - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - private int _CryptoKeyId; - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - partial void OnCryptoKeyIdChanging(int value); - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - partial void OnCryptoKeyIdChanged(); + private global::System.DateTime _CreatedOnUtc; + partial void OnCreatedOnUtcChanging(global::System.DateTime value); + partial void OnCreatedOnUtcChanged(); + /// <summary> - /// There are no comments for property Bucket in the schema. + /// No Metadata Documentation available. /// </summary> - [global::System.Data.Objects.DataClasses.EdmScalarPropertyAttribute(IsNullable=false)] - [global::System.Runtime.Serialization.DataMemberAttribute()] - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - public string Bucket + [EdmScalarPropertyAttribute(EntityKeyProperty=true, IsNullable=false)] + [DataMemberAttribute()] + public global::System.Int32 UserId { get { - return this._Bucket; + return _UserId; } - set + private set { - this.OnBucketChanging(value); - this.ReportPropertyChanging("Bucket"); - this._Bucket = global::System.Data.Objects.DataClasses.StructuralObject.SetValidValue(value, false); - this.ReportPropertyChanged("Bucket"); - this.OnBucketChanged(); + if (_UserId != value) + { + OnUserIdChanging(value); + ReportPropertyChanging("UserId"); + _UserId = StructuralObject.SetValidValue(value); + ReportPropertyChanged("UserId"); + OnUserIdChanged(); + } } } - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - private string _Bucket; - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - partial void OnBucketChanging(string value); - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - partial void OnBucketChanged(); + private global::System.Int32 _UserId; + partial void OnUserIdChanging(global::System.Int32 value); + partial void OnUserIdChanged(); + + #endregion + + + #region Navigation Properties + /// <summary> - /// There are no comments for property Handle in the schema. + /// No Metadata Documentation available. /// </summary> - [global::System.Data.Objects.DataClasses.EdmScalarPropertyAttribute(IsNullable=false)] - [global::System.Runtime.Serialization.DataMemberAttribute()] - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - public string Handle + [XmlIgnoreAttribute()] + [SoapIgnoreAttribute()] + [DataMemberAttribute()] + [EdmRelationshipNavigationPropertyAttribute("DatabaseModel", "UserRole", "Role")] + public EntityCollection<Role> Roles { get { - return this._Handle; + return ((IEntityWithRelationships)this).RelationshipManager.GetRelatedCollection<Role>("DatabaseModel.UserRole", "Role"); } set { - this.OnHandleChanging(value); - this.ReportPropertyChanging("Handle"); - this._Handle = global::System.Data.Objects.DataClasses.StructuralObject.SetValidValue(value, false); - this.ReportPropertyChanged("Handle"); - this.OnHandleChanged(); + if ((value != null)) + { + ((IEntityWithRelationships)this).RelationshipManager.InitializeRelatedCollection<Role>("DatabaseModel.UserRole", "Role", value); + } } } - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - private string _Handle; - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - partial void OnHandleChanging(string value); - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - partial void OnHandleChanged(); + /// <summary> - /// There are no comments for property ExpirationUtc in the schema. + /// No Metadata Documentation available. /// </summary> - [global::System.Data.Objects.DataClasses.EdmScalarPropertyAttribute(IsNullable=false)] - [global::System.Runtime.Serialization.DataMemberAttribute()] - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - public global::System.DateTime ExpirationUtc + [XmlIgnoreAttribute()] + [SoapIgnoreAttribute()] + [DataMemberAttribute()] + [EdmRelationshipNavigationPropertyAttribute("DatabaseModel", "FK_AuthenticationToken_User", "AuthenticationToken")] + public EntityCollection<AuthenticationToken> AuthenticationTokens { get { - return this._ExpirationUtc; + return ((IEntityWithRelationships)this).RelationshipManager.GetRelatedCollection<AuthenticationToken>("DatabaseModel.FK_AuthenticationToken_User", "AuthenticationToken"); } set { - this.OnExpirationUtcChanging(value); - this.ReportPropertyChanging("ExpirationUtc"); - this._ExpirationUtc = global::System.Data.Objects.DataClasses.StructuralObject.SetValidValue(value); - this.ReportPropertyChanged("ExpirationUtc"); - this.OnExpirationUtcChanged(); + if ((value != null)) + { + ((IEntityWithRelationships)this).RelationshipManager.InitializeRelatedCollection<AuthenticationToken>("DatabaseModel.FK_AuthenticationToken_User", "AuthenticationToken", value); + } } } - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - private global::System.DateTime _ExpirationUtc; - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - partial void OnExpirationUtcChanging(global::System.DateTime value); - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - partial void OnExpirationUtcChanged(); + /// <summary> - /// There are no comments for property Secret in the schema. + /// No Metadata Documentation available. /// </summary> - [global::System.Data.Objects.DataClasses.EdmScalarPropertyAttribute(IsNullable=false)] - [global::System.Runtime.Serialization.DataMemberAttribute()] - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - public byte[] Secret + [XmlIgnoreAttribute()] + [SoapIgnoreAttribute()] + [DataMemberAttribute()] + [EdmRelationshipNavigationPropertyAttribute("DatabaseModel", "FK_IssuedToken_User", "ClientAuthorization")] + public EntityCollection<ClientAuthorization> ClientAuthorizations { get { - return global::System.Data.Objects.DataClasses.StructuralObject.GetValidValue(this._Secret); + return ((IEntityWithRelationships)this).RelationshipManager.GetRelatedCollection<ClientAuthorization>("DatabaseModel.FK_IssuedToken_User", "ClientAuthorization"); } set { - this.OnSecretChanging(value); - this.ReportPropertyChanging("Secret"); - this._Secret = global::System.Data.Objects.DataClasses.StructuralObject.SetValidValue(value, false); - this.ReportPropertyChanged("Secret"); - this.OnSecretChanged(); + if ((value != null)) + { + ((IEntityWithRelationships)this).RelationshipManager.InitializeRelatedCollection<ClientAuthorization>("DatabaseModel.FK_IssuedToken_User", "ClientAuthorization", value); + } } } - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - private byte[] _Secret; - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - partial void OnSecretChanging(byte[] value); - [global::System.CodeDom.Compiler.GeneratedCode("System.Data.Entity.Design.EntityClassGenerator", "4.0.0.0")] - partial void OnSecretChanged(); + + #endregion + } + + #endregion + + } diff --git a/projecttemplates/RelyingPartyLogic/Model.edmx b/projecttemplates/RelyingPartyLogic/Model.edmx index 450b335..1845e1c 100644 --- a/projecttemplates/RelyingPartyLogic/Model.edmx +++ b/projecttemplates/RelyingPartyLogic/Model.edmx @@ -1,19 +1,19 @@ <?xml version="1.0" encoding="utf-8"?> -<edmx:Edmx Version="1.0" xmlns:edmx="http://schemas.microsoft.com/ado/2007/06/edmx"> +<edmx:Edmx Version="2.0" xmlns:edmx="http://schemas.microsoft.com/ado/2008/10/edmx"> <!-- EF Runtime content --> <edmx:Runtime> <!-- SSDL content --> <edmx:StorageModels> - <Schema Namespace="DatabaseModel.Store" Alias="Self" Provider="System.Data.SqlClient" ProviderManifestToken="2008" xmlns:store="http://schemas.microsoft.com/ado/2007/12/edm/EntityStoreSchemaGenerator" xmlns="http://schemas.microsoft.com/ado/2006/04/edm/ssdl"> + <Schema Namespace="DatabaseModel.Store" Alias="Self" Provider="System.Data.SqlClient" ProviderManifestToken="2008" xmlns="http://schemas.microsoft.com/ado/2009/02/edm/ssdl"> <EntityContainer Name="DatabaseModelStoreContainer"> - <EntitySet Name="AuthenticationToken" EntityType="DatabaseModel.Store.AuthenticationToken" store:Type="Tables" Schema="dbo" /> - <EntitySet Name="Client" EntityType="DatabaseModel.Store.Client" store:Type="Tables" Schema="dbo" /> - <EntitySet Name="ClientAuthorization" EntityType="DatabaseModel.Store.ClientAuthorization" store:Type="Tables" Schema="dbo" /> - <EntitySet Name="CryptoKey" EntityType="DatabaseModel.Store.CryptoKey" store:Type="Tables" Schema="dbo" /> - <EntitySet Name="Nonce" EntityType="DatabaseModel.Store.Nonce" store:Type="Tables" Schema="dbo" /> - <EntitySet Name="Role" EntityType="DatabaseModel.Store.Role" store:Type="Tables" Schema="dbo" /> - <EntitySet Name="User" EntityType="DatabaseModel.Store.User" store:Type="Tables" Schema="dbo" /> - <EntitySet Name="UserRole" EntityType="DatabaseModel.Store.UserRole" store:Type="Tables" Schema="dbo" /> + <EntitySet Name="AuthenticationToken" EntityType="DatabaseModel.Store.AuthenticationToken" store:Type="Tables" Schema="dbo" xmlns:store="http://schemas.microsoft.com/ado/2007/12/edm/EntityStoreSchemaGenerator" /> + <EntitySet Name="Client" EntityType="DatabaseModel.Store.Client" store:Type="Tables" Schema="dbo" xmlns:store="http://schemas.microsoft.com/ado/2007/12/edm/EntityStoreSchemaGenerator" /> + <EntitySet Name="ClientAuthorization" EntityType="DatabaseModel.Store.ClientAuthorization" store:Type="Tables" Schema="dbo" xmlns:store="http://schemas.microsoft.com/ado/2007/12/edm/EntityStoreSchemaGenerator" /> + <EntitySet Name="CryptoKey" EntityType="DatabaseModel.Store.CryptoKey" store:Type="Tables" Schema="dbo" xmlns:store="http://schemas.microsoft.com/ado/2007/12/edm/EntityStoreSchemaGenerator" /> + <EntitySet Name="Nonce" EntityType="DatabaseModel.Store.Nonce" store:Type="Tables" Schema="dbo" xmlns:store="http://schemas.microsoft.com/ado/2007/12/edm/EntityStoreSchemaGenerator" /> + <EntitySet Name="Role" EntityType="DatabaseModel.Store.Role" store:Type="Tables" Schema="dbo" xmlns:store="http://schemas.microsoft.com/ado/2007/12/edm/EntityStoreSchemaGenerator" /> + <EntitySet Name="User" EntityType="DatabaseModel.Store.User" store:Type="Tables" Schema="dbo" xmlns:store="http://schemas.microsoft.com/ado/2007/12/edm/EntityStoreSchemaGenerator" /> + <EntitySet Name="UserRole" EntityType="DatabaseModel.Store.UserRole" store:Type="Tables" Schema="dbo" xmlns:store="http://schemas.microsoft.com/ado/2007/12/edm/EntityStoreSchemaGenerator" /> <AssociationSet Name="FK_AuthenticationToken_User" Association="DatabaseModel.Store.FK_AuthenticationToken_User"> <End Role="User" EntitySet="User" /> <End Role="AuthenticationToken" EntitySet="AuthenticationToken" /> @@ -190,7 +190,7 @@ </Schema></edmx:StorageModels> <!-- CSDL content --> <edmx:ConceptualModels> - <Schema Namespace="DatabaseModel" Alias="Self" xmlns="http://schemas.microsoft.com/ado/2006/04/edm"> + <Schema Namespace="DatabaseModel" Alias="Self" xmlns="http://schemas.microsoft.com/ado/2008/09/edm"> <EntityContainer Name="DatabaseEntities"> <EntitySet Name="Roles" EntityType="DatabaseModel.Role" /> <EntitySet Name="Users" EntityType="DatabaseModel.User" /> @@ -309,7 +309,7 @@ </edmx:ConceptualModels> <!-- C-S mapping content --> <edmx:Mappings> - <Mapping Space="C-S" xmlns="urn:schemas-microsoft-com:windows:storage:mapping:CS"> + <Mapping Space="C-S" xmlns="http://schemas.microsoft.com/ado/2008/09/mapping/cs"> <EntityContainerMapping StorageEntityContainer="DatabaseModelStoreContainer" CdmEntityContainer="DatabaseEntities"> <EntitySetMapping Name="Roles"> <EntityTypeMapping TypeName="IsTypeOf(DatabaseModel.Role)"> @@ -417,12 +417,12 @@ <!-- EF Designer content (DO NOT EDIT MANUALLY BELOW HERE) --> <edmx:Designer> <edmx:Connection> - <DesignerInfoPropertySet xmlns="http://schemas.microsoft.com/ado/2007/06/edmx"> + <DesignerInfoPropertySet xmlns="http://schemas.microsoft.com/ado/2008/10/edmx"> <DesignerProperty Name="MetadataArtifactProcessing" Value="EmbedInOutputAssembly" /> </DesignerInfoPropertySet> </edmx:Connection> <edmx:Options> - <DesignerInfoPropertySet xmlns="http://schemas.microsoft.com/ado/2007/06/edmx"> + <DesignerInfoPropertySet xmlns="http://schemas.microsoft.com/ado/2008/10/edmx"> <DesignerProperty Name="ValidateOnBuild" Value="true" /> <DesignerProperty Name="EnablePluralization" Value="True" /> <DesignerProperty Name="IncludeForeignKeysInModel" Value="False" /> @@ -430,7 +430,7 @@ </edmx:Options> <!-- Diagram content (shape and connector positions) --> <edmx:Diagrams> - <Diagram Name="Model" ZoomLevel="101" xmlns="http://schemas.microsoft.com/ado/2007/06/edmx"> + <Diagram Name="Model" ZoomLevel="101" xmlns="http://schemas.microsoft.com/ado/2008/10/edmx"> <EntityTypeShape EntityType="DatabaseModel.AuthenticationToken" Width="1.875" PointX="5.25" PointY="0.75" Height="2.5571907552083339" IsExpanded="true" /> <EntityTypeShape EntityType="DatabaseModel.Role" Width="1.5" PointX="0.75" PointY="1.25" Height="1.59568359375" IsExpanded="true" /> <EntityTypeShape EntityType="DatabaseModel.User" Width="1.75" PointX="2.875" PointY="0.5" Height="3.1340950520833339" IsExpanded="true" /> @@ -446,11 +446,11 @@ <EntityTypeShape EntityType="DatabaseModel.Nonce" Width="1.5" PointX="9.625" PointY="0.75" Height="1.9802864583333326" /> <EntityTypeShape EntityType="DatabaseModel.Client" Width="1.625" PointX="5.25" PointY="3.75" Height="2.3648893229166665" /> <EntityTypeShape EntityType="DatabaseModel.ClientAuthorization" Width="1.75" PointX="2.875" PointY="3.75" Height="2.1725878906250031" /> - <AssociationConnector Association="DatabaseModel.FK_IssuedToken_Consumer" > + <AssociationConnector Association="DatabaseModel.FK_IssuedToken_Consumer"> <ConnectorPoint PointX="5.25" PointY="4.8362939453125016" /> <ConnectorPoint PointX="4.625" PointY="4.8362939453125016" /> </AssociationConnector> - <AssociationConnector Association="DatabaseModel.FK_IssuedToken_User" > + <AssociationConnector Association="DatabaseModel.FK_IssuedToken_User"> <ConnectorPoint PointX="3.75" PointY="3.2494921875" /> <ConnectorPoint PointX="3.75" PointY="3.75" /> </AssociationConnector> diff --git a/projecttemplates/RelyingPartyLogic/OAuthAuthenticationModule.cs b/projecttemplates/RelyingPartyLogic/OAuthAuthenticationModule.cs index 13e725d..0e2618c 100644 --- a/projecttemplates/RelyingPartyLogic/OAuthAuthenticationModule.cs +++ b/projecttemplates/RelyingPartyLogic/OAuthAuthenticationModule.cs @@ -53,10 +53,11 @@ namespace RelyingPartyLogic { var tokenAnalyzer = new SpecialAccessTokenAnalyzer(crypto, crypto); var resourceServer = new ResourceServer(tokenAnalyzer); - IPrincipal principal; - var errorMessage = resourceServer.VerifyAccess(new HttpRequestWrapper(this.application.Context.Request), out principal); - if (errorMessage == null) { + try { + IPrincipal principal = resourceServer.GetPrincipal(new HttpRequestWrapper(this.application.Context.Request)); this.application.Context.User = principal; + } catch (ProtocolFaultResponseException ex) { + ex.CreateErrorResponse().Send(); } } } diff --git a/projecttemplates/RelyingPartyLogic/OAuthAuthorizationManager.cs b/projecttemplates/RelyingPartyLogic/OAuthAuthorizationManager.cs index 1a3a0f0..6daf56e 100644 --- a/projecttemplates/RelyingPartyLogic/OAuthAuthorizationManager.cs +++ b/projecttemplates/RelyingPartyLogic/OAuthAuthorizationManager.cs @@ -14,6 +14,7 @@ namespace RelyingPartyLogic { using System.ServiceModel.Channels; using System.ServiceModel.Security; using DotNetOpenAuth; + using DotNetOpenAuth.Messaging; using DotNetOpenAuth.OAuth; using DotNetOpenAuth.OAuth2; @@ -37,33 +38,30 @@ namespace RelyingPartyLogic { var resourceServer = new ResourceServer(tokenAnalyzer); try { - IPrincipal principal; - var errorResponse = resourceServer.VerifyAccess(httpDetails, requestUri, out principal); - if (errorResponse == null) { - var policy = new OAuthPrincipalAuthorizationPolicy(principal); - var policies = new List<IAuthorizationPolicy> { + IPrincipal principal = resourceServer.GetPrincipal(httpDetails, requestUri, operationContext.IncomingMessageHeaders.Action); + var policy = new OAuthPrincipalAuthorizationPolicy(principal); + var policies = new List<IAuthorizationPolicy> { policy, }; - var securityContext = new ServiceSecurityContext(policies.AsReadOnly()); - if (operationContext.IncomingMessageProperties.Security != null) { - operationContext.IncomingMessageProperties.Security.ServiceSecurityContext = securityContext; - } else { - operationContext.IncomingMessageProperties.Security = new SecurityMessageProperty { - ServiceSecurityContext = securityContext, - }; - } + var securityContext = new ServiceSecurityContext(policies.AsReadOnly()); + if (operationContext.IncomingMessageProperties.Security != null) { + operationContext.IncomingMessageProperties.Security.ServiceSecurityContext = securityContext; + } else { + operationContext.IncomingMessageProperties.Security = new SecurityMessageProperty { + ServiceSecurityContext = securityContext, + }; + } - securityContext.AuthorizationContext.Properties["Identities"] = new List<IIdentity> { + securityContext.AuthorizationContext.Properties["Identities"] = new List<IIdentity> { principal.Identity, }; - // Only allow this method call if the access token scope permits it. - if (principal.IsInRole(operationContext.IncomingMessageHeaders.Action)) { - return true; - } - } - } catch (ProtocolException /*ex*/) { + return true; + } catch (ProtocolFaultResponseException ex) { + // Return the appropriate unauthorized response to the client. + ex.CreateErrorResponse().Send(); + } catch (DotNetOpenAuth.Messaging.ProtocolException/* ex*/) { ////Logger.Error("Error processing OAuth messages.", ex); } } diff --git a/projecttemplates/RelyingPartyLogic/OAuthAuthorizationServer.cs b/projecttemplates/RelyingPartyLogic/OAuthAuthorizationServer.cs index 8556c55..afc652b 100644 --- a/projecttemplates/RelyingPartyLogic/OAuthAuthorizationServer.cs +++ b/projecttemplates/RelyingPartyLogic/OAuthAuthorizationServer.cs @@ -20,7 +20,7 @@ namespace RelyingPartyLogic { /// <summary> /// Provides OAuth 2.0 authorization server information to DotNetOpenAuth. /// </summary> - public class OAuthAuthorizationServer : IAuthorizationServer { + public class OAuthAuthorizationServer : IAuthorizationServerHost { private static readonly RSACryptoServiceProvider SigningKey = new RSACryptoServiceProvider(); private readonly INonceStore nonceStore = new NonceDbStore(); @@ -32,7 +32,7 @@ namespace RelyingPartyLogic { this.CryptoKeyStore = new RelyingPartyApplicationDbStore(); } - #region IAuthorizationServer Members + #region IAuthorizationServerHost Members public ICryptoKeyStore CryptoKeyStore { get; private set; } @@ -40,7 +40,7 @@ namespace RelyingPartyLogic { /// Gets the authorization code nonce store to use to ensure that authorization codes can only be used once. /// </summary> /// <value>The authorization code nonce store.</value> - public INonceStore VerificationCodeNonceStore { + public INonceStore NonceStore { get { return this.nonceStore; } } @@ -56,37 +56,25 @@ namespace RelyingPartyLogic { } /// <summary> - /// Obtains the lifetime for a new access token. + /// Obtains parameters to go into the formulation of an access token. /// </summary> /// <param name="accessTokenRequestMessage">Details regarding the resources that the access token will grant access to, and the identity of the client /// that will receive that access. /// Based on this information the receiving resource server can be determined and the lifetime of the access /// token can be set based on the sensitivity of the resources.</param> /// <returns> - /// Receives the lifetime for this access token. Note that within this lifetime, authorization <i>may</i> not be revokable. - /// Short lifetimes are recommended (i.e. one hour), particularly when the client is not authenticated or - /// the resources to which access is being granted are sensitive. + /// A non-null parameters instance that DotNetOpenAuth will dispose after it has been used. /// </returns> - public TimeSpan GetAccessTokenLifetime(IAccessTokenRequest accessTokenRequestMessage) { - return TimeSpan.FromHours(1); - } - - /// <summary> - /// Obtains the encryption key for an access token being created. - /// </summary> - /// <param name="accessTokenRequestMessage">Details regarding the resources that the access token will grant access to, and the identity of the client - /// that will receive that access. - /// Based on this information the receiving resource server can be determined and the lifetime of the access - /// token can be set based on the sensitivity of the resources.</param> - /// <returns> - /// The crypto service provider with the asymmetric public key to use for encrypting access tokens for a specific resource server. - /// The caller is responsible to dispose of this value. - /// </returns> - public RSACryptoServiceProvider GetResourceServerEncryptionKey(IAccessTokenRequest accessTokenRequestMessage) { - // For this sample, we assume just one resource server. - // If this authorization server needs to mint access tokens for more than one resource server, - // we'd look at the request message passed to us and decide which public key to return. - return OAuthResourceServer.CreateRSA(); + public AccessTokenResult CreateAccessToken(IAccessTokenRequest accessTokenRequestMessage) { + var accessToken = new AuthorizationServerAccessToken() { + // For this sample, we assume just one resource server. + // If this authorization server needs to mint access tokens for more than one resource server, + // we'd look at the request message passed to us and decide which public key to return. + ResourceServerEncryptionKey = OAuthResourceServer.CreateRSA(), + }; + + var result = new AccessTokenResult(accessToken); + return result; } /// <summary> @@ -130,19 +118,50 @@ namespace RelyingPartyLogic { } /// <summary> - /// Determines whether a given set of resource owner credentials is valid based on the authorization server's user database. + /// Determines whether a given set of resource owner credentials is valid based on the authorization server's user database + /// and if so records an authorization entry such that subsequent calls to <see cref="IsAuthorizationValid"/> would + /// return <c>true</c>. /// </summary> /// <param name="userName">Username on the account.</param> /// <param name="password">The user's password.</param> + /// <param name="accessRequest"> + /// The access request the credentials came with. + /// This may be useful if the authorization server wishes to apply some policy based on the client that is making the request. + /// </param> + /// <param name="canonicalUserName"> + /// Receives the canonical username (normalized for the resource server) of the user, for valid credentials; + /// Or <c>null</c> if the return value is false. + /// </param> /// <returns> - /// <c>true</c> if the given credentials are valid; otherwise, <c>false</c>. + /// <c>true</c> if the given credentials are valid and the authorization granted; otherwise, <c>false</c>. /// </returns> - /// <exception cref="NotSupportedException">May be thrown if the authorization server does not support the resource owner password credential grant type.</exception> - public bool IsResourceOwnerCredentialValid(string userName, string password) { + /// <exception cref="NotSupportedException"> + /// May be thrown if the authorization server does not support the resource owner password credential grant type. + /// </exception> + public bool TryAuthorizeResourceOwnerCredentialGrant(string userName, string password, IAccessTokenRequest accessRequest, out string canonicalUserName) { // This web site delegates user authentication to OpenID Providers, and as such no users have local passwords with this server. throw new NotSupportedException(); } + /// <summary> + /// Determines whether an access token request given a client credential grant should be authorized + /// and if so records an authorization entry such that subsequent calls to <see cref="IsAuthorizationValid"/> would + /// return <c>true</c>. + /// </summary> + /// <param name="accessRequest"> + /// The access request the credentials came with. + /// This may be useful if the authorization server wishes to apply some policy based on the client that is making the request. + /// </param> + /// <returns> + /// <c>true</c> if the given credentials are valid and the authorization granted; otherwise, <c>false</c>. + /// </returns> + /// <exception cref="NotSupportedException"> + /// May be thrown if the authorization server does not support the client credential grant type. + /// </exception> + public bool TryAuthorizeClientCredentialsGrant(IAccessTokenRequest accessRequest) { + throw new NotImplementedException(); + } + #endregion public bool CanBeAutoApproved(EndUserAuthorizationRequest authorizationRequest) { diff --git a/projecttemplates/RelyingPartyLogic/RelyingPartyLogic.csproj b/projecttemplates/RelyingPartyLogic/RelyingPartyLogic.csproj index 58e684e..c8c9ab2 100644 --- a/projecttemplates/RelyingPartyLogic/RelyingPartyLogic.csproj +++ b/projecttemplates/RelyingPartyLogic/RelyingPartyLogic.csproj @@ -11,7 +11,7 @@ <AppDesignerFolder>Properties</AppDesignerFolder> <RootNamespace>RelyingPartyLogic</RootNamespace> <AssemblyName>RelyingPartyLogic</AssemblyName> - <TargetFrameworkVersion>v3.5</TargetFrameworkVersion> + <TargetFrameworkVersion>v4.0</TargetFrameworkVersion> <FileAlignment>512</FileAlignment> <FileUpgradeFlags> </FileUpgradeFlags> @@ -159,6 +159,14 @@ <Project>{99BB7543-EA16-43EE-A7BC-D7A25A3B22F6}</Project> <Name>DotNetOpenAuth.OAuth2.AuthorizationServer</Name> </ProjectReference> + <ProjectReference Include="..\..\src\DotNetOpenAuth.OAuth2.ClientAuthorization\DotNetOpenAuth.OAuth2.ClientAuthorization.csproj"> + <Project>{CCF3728A-B3D7-404A-9BC6-75197135F2D7}</Project> + <Name>DotNetOpenAuth.OAuth2.ClientAuthorization</Name> + </ProjectReference> + <ProjectReference Include="..\..\src\DotNetOpenAuth.OAuth2.Client\DotNetOpenAuth.OAuth2.Client.csproj"> + <Project>{CDEDD439-7F35-4E6E-8605-4E70BDC4CC99}</Project> + <Name>DotNetOpenAuth.OAuth2.Client</Name> + </ProjectReference> <ProjectReference Include="..\..\src\DotNetOpenAuth.OAuth2.ResourceServer\DotNetOpenAuth.OAuth2.ResourceServer.csproj"> <Project>{A1A3150A-7B0E-4A34-8E35-045296CD3C76}</Project> <Name>DotNetOpenAuth.OAuth2.ResourceServer</Name> @@ -187,10 +195,10 @@ <Project>{3896A32A-E876-4C23-B9B8-78E17D134CD3}</Project> <Name>DotNetOpenAuth.OpenId</Name> </ProjectReference> - <ProjectReference Include="..\RelyingPartyDatabase\RelyingPartyDatabase.dbproj"> + <ProjectReference Include="..\RelyingPartyDatabase\RelyingPartyDatabase.sqlproj"> <Name>RelyingPartyDatabase</Name> <!-- Deploy the latest SQL script first, so that this project can embed the latest version. --> - <Targets>Build;Deploy</Targets> + <Targets>GetDeployScriptPath</Targets> <ReferenceOutputAssembly>false</ReferenceOutputAssembly> </ProjectReference> </ItemGroup> @@ -214,6 +222,12 @@ <Install>true</Install> </BootstrapperPackage> </ItemGroup> + <Target Name="CopySqlDeployScript"> + <MSBuild Projects="..\RelyingPartyDatabase\RelyingPartyDatabase.sqlproj" Targets="GetDeployScriptPath"> + <Output TaskParameter="TargetOutputs" PropertyName="SqlDeployScriptPath"/> + </MSBuild> + <Copy SourceFiles="$(SqlDeployScriptPath)" DestinationFiles="CreateDatabase.sql" /> + </Target> <Import Project="$(MSBuildToolsPath)\Microsoft.CSharp.targets" /> <!-- To modify your build process, add your task inside one of the targets below and uncomment it. Other similar extension points exist, see Microsoft.Common.targets. @@ -222,5 +236,11 @@ <Target Name="AfterBuild"> </Target> --> - <Import Project="$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.targets))\EnlistmentInfo.targets" Condition=" '$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.targets))' != '' " /> + <PropertyGroup> + <PrepareResourceNamesDependsOn> + CopySqlDeployScript; + $(PrepareResourceNamesDependsOn) + </PrepareResourceNamesDependsOn> + </PropertyGroup> + <Import Project="$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.targets))\EnlistmentInfo.targets" Condition=" '$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.targets))' != '' " /> </Project>
\ No newline at end of file diff --git a/projecttemplates/RelyingPartyLogic/SpecialAccessTokenAnalyzer.cs b/projecttemplates/RelyingPartyLogic/SpecialAccessTokenAnalyzer.cs index 69788ab..e8b00b5 100644 --- a/projecttemplates/RelyingPartyLogic/SpecialAccessTokenAnalyzer.cs +++ b/projecttemplates/RelyingPartyLogic/SpecialAccessTokenAnalyzer.cs @@ -23,14 +23,13 @@ namespace RelyingPartyLogic { : base(authorizationServerPublicSigningKey, resourceServerPrivateEncryptionKey) { } - public override bool TryValidateAccessToken(DotNetOpenAuth.Messaging.IDirectedProtocolMessage message, string accessToken, out string user, out HashSet<string> scope) { - bool result = base.TryValidateAccessToken(message, accessToken, out user, out scope); - if (result) { - // Ensure that clients coming in this way always belong to the oauth_client role. - scope.Add("oauth_client"); - } + public override AccessToken DeserializeAccessToken(DotNetOpenAuth.Messaging.IDirectedProtocolMessage message, string accessToken) { + var token = base.DeserializeAccessToken(message, accessToken); - return result; + // Ensure that clients coming in this way always belong to the oauth_client role. + token.Scope.Add("oauth_client"); + + return token; } } } diff --git a/projecttemplates/RelyingPartyLogic/Utilities.cs b/projecttemplates/RelyingPartyLogic/Utilities.cs index d273881..440dbe7 100644 --- a/projecttemplates/RelyingPartyLogic/Utilities.cs +++ b/projecttemplates/RelyingPartyLogic/Utilities.cs @@ -73,7 +73,7 @@ GO" }; foreach (string remove in removeSnippets) { schemaSqlBuilder.Replace(remove, string.Empty); } - schemaSqlBuilder.Replace("$(Path1)", HttpContext.Current.Server.MapPath("~/App_Data/")); + schemaSqlBuilder.Replace("Path1_Placeholder", HttpContext.Current.Server.MapPath("~/App_Data/")); schemaSqlBuilder.Replace("WEBROOT", databasePath); schemaSqlBuilder.Replace("$(DatabaseName)", databaseName); diff --git a/projecttemplates/WebFormsRelyingParty/Web.config b/projecttemplates/WebFormsRelyingParty/Web.config index d60edc3..55179ae 100644 --- a/projecttemplates/WebFormsRelyingParty/Web.config +++ b/projecttemplates/WebFormsRelyingParty/Web.config @@ -9,7 +9,6 @@ --> <configuration> <configSections> - <section name="uri" type="System.Configuration.UriSection, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" /> <section name="log4net" type="log4net.Config.Log4NetConfigurationSectionHandler" requirePermission="false" /> <sectionGroup name="dotNetOpenAuth" type="DotNetOpenAuth.Configuration.DotNetOpenAuthSection, DotNetOpenAuth.Core"> <section name="openid" type="DotNetOpenAuth.Configuration.OpenIdElement, DotNetOpenAuth.OpenId" requirePermission="false" allowLocation="true" /> @@ -17,17 +16,6 @@ <section name="messaging" type="DotNetOpenAuth.Configuration.MessagingElement, DotNetOpenAuth.Core" requirePermission="false" allowLocation="true" /> <section name="reporting" type="DotNetOpenAuth.Configuration.ReportingElement, DotNetOpenAuth.Core" requirePermission="false" allowLocation="true" /> </sectionGroup> - <sectionGroup name="system.web.extensions" type="System.Web.Configuration.SystemWebExtensionsSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"> - <sectionGroup name="scripting" type="System.Web.Configuration.ScriptingSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"> - <section name="scriptResourceHandler" type="System.Web.Configuration.ScriptingScriptResourceHandlerSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication" /> - <sectionGroup name="webServices" type="System.Web.Configuration.ScriptingWebServicesSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"> - <section name="jsonSerialization" type="System.Web.Configuration.ScriptingJsonSerializationSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="Everywhere" /> - <section name="profileService" type="System.Web.Configuration.ScriptingProfileServiceSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication" /> - <section name="authenticationService" type="System.Web.Configuration.ScriptingAuthenticationServiceSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication" /> - <section name="roleService" type="System.Web.Configuration.ScriptingRoleServiceSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication" /> - </sectionGroup> - </sectionGroup> - </sectionGroup> </configSections> <!-- The uri section is necessary to turn on .NET 3.5 support for IDN (international domain names), @@ -161,15 +149,11 @@ affects performance, set this value to true only during development. --> - <compilation debug="true"> + <compilation debug="true" targetFramework="4.0"> <assemblies> - <add assembly="System.Core, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089" /> - <add assembly="System.Data.DataSetExtensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089" /> - <add assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" /> - <add assembly="System.Xml.Linq, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089" /> - <add assembly="System.Data.Entity, Version=3.5.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" /> - <add assembly="System.Web.Entity, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089" /> <remove assembly="DotNetOpenAuth.Contracts"/> + <add assembly="System.Data.Entity, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"/> + <add assembly="System.Web.Entity, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/> </assemblies> </compilation> <!-- @@ -186,22 +170,9 @@ during the execution of a request. Specifically, it enables developers to configure html error pages to be displayed in place of a error stack trace. - --> - <customErrors mode="RemoteOnly" /> - <pages> - <controls> - <add tagPrefix="asp" namespace="System.Web.UI" assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" /> - <add tagPrefix="asp" namespace="System.Web.UI.WebControls" assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" /> - </controls> - </pages> - <httpHandlers> - <remove verb="*" path="*.asmx" /> - <add verb="*" path="*.asmx" validate="false" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" /> - <add verb="*" path="*_AppService.axd" validate="false" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" /> - <add verb="GET,HEAD" path="ScriptResource.axd" type="System.Web.Handlers.ScriptResourceHandler, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" validate="false" /> - </httpHandlers> + --> + <customErrors mode="RemoteOnly"/> <httpModules> - <add name="ScriptModule" type="System.Web.Handlers.ScriptModule, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" /> <add name="OAuthAuthenticationModule" type="RelyingPartyLogic.OAuthAuthenticationModule, RelyingPartyLogic" /> <add name="Database" type="RelyingPartyLogic.Database, RelyingPartyLogic"/> </httpModules> @@ -210,49 +181,18 @@ <add name="Database" type="RelyingPartyLogic.DataRoleProvider, RelyingPartyLogic" /> </providers> </roleManager> + <pages controlRenderingCompatibilityVersion="3.5" clientIDMode="AutoID"/> </system.web> - <system.codedom> - <compilers> - <compiler language="c#;cs;csharp" extension=".cs" warningLevel="4" type="Microsoft.CSharp.CSharpCodeProvider, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"> - <providerOption name="CompilerVersion" value="v3.5" /> - <providerOption name="WarnAsError" value="false" /> - </compiler> - </compilers> - </system.codedom> <!-- The system.webServer section is required for running ASP.NET AJAX under Internet Information Services 7.0. It is not necessary for previous version of IIS. --> <system.webServer> - <validation validateIntegratedModeConfiguration="false" /> - <modules> - <remove name="ScriptModule" /> - <add name="ScriptModule" preCondition="managedHandler" type="System.Web.Handlers.ScriptModule, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" /> - <add name="OAuthAuthenticationModule" type="RelyingPartyLogic.OAuthAuthenticationModule, RelyingPartyLogic" /> + <modules runAllManagedModulesForAllRequests="true"> + <add name="OAuthAuthenticationModule" type="RelyingPartyLogic.OAuthAuthenticationModule, RelyingPartyLogic"/> <add name="Database" type="RelyingPartyLogic.Database, RelyingPartyLogic"/> </modules> - <handlers> - <remove name="WebServiceHandlerFactory-Integrated" /> - <remove name="ScriptHandlerFactory" /> - <remove name="ScriptHandlerFactoryAppServices" /> - <remove name="ScriptResource" /> - <add name="ScriptHandlerFactory" verb="*" path="*.asmx" preCondition="integratedMode" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" /> - <add name="ScriptHandlerFactoryAppServices" verb="*" path="*_AppService.axd" preCondition="integratedMode" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" /> - <add name="ScriptResource" preCondition="integratedMode" verb="GET,HEAD" path="ScriptResource.axd" type="System.Web.Handlers.ScriptResourceHandler, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" /> - </handlers> </system.webServer> - <runtime> - <assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1"> - <dependentAssembly> - <assemblyIdentity name="System.Web.Extensions" publicKeyToken="31bf3856ad364e35" /> - <bindingRedirect oldVersion="1.0.0.0-1.1.0.0" newVersion="3.5.0.0" /> - </dependentAssembly> - <dependentAssembly> - <assemblyIdentity name="System.Web.Extensions.Design" publicKeyToken="31bf3856ad364e35" /> - <bindingRedirect oldVersion="1.0.0.0-1.1.0.0" newVersion="3.5.0.0" /> - </dependentAssembly> - </assemblyBinding> - </runtime> <system.serviceModel> <behaviors> <serviceBehaviors> diff --git a/projecttemplates/WebFormsRelyingParty/WebFormsRelyingParty.csproj b/projecttemplates/WebFormsRelyingParty/WebFormsRelyingParty.csproj index 1f17837..92a0b5f 100644 --- a/projecttemplates/WebFormsRelyingParty/WebFormsRelyingParty.csproj +++ b/projecttemplates/WebFormsRelyingParty/WebFormsRelyingParty.csproj @@ -1,6 +1,15 @@ <?xml version="1.0" encoding="utf-8"?> <Project ToolsVersion="4.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003"> <Import Project="$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.props))\EnlistmentInfo.props" Condition=" '$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.props))' != '' " /> + <Import Project="$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props" Condition="Exists('$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props')" /> + <PropertyGroup> + <VisualStudioVersion Condition="'$(VisualStudioVersion)' == ''">10.0</VisualStudioVersion> + <VSToolsPath Condition="'$(VSToolsPath)' == ''">$(MSBuildExtensionsPath32)\Microsoft\VisualStudio\v$(VisualStudioVersion)</VSToolsPath> + <IISExpressSSLPort /> + <IISExpressAnonymousAuthentication /> + <IISExpressWindowsAuthentication /> + <IISExpressUseClassicPipelineMode /> + </PropertyGroup> <PropertyGroup> <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration> <Platform Condition=" '$(Platform)' == '' ">AnyCPU</Platform> @@ -12,11 +21,10 @@ <AppDesignerFolder>Properties</AppDesignerFolder> <RootNamespace>WebFormsRelyingParty</RootNamespace> <AssemblyName>WebFormsRelyingParty</AssemblyName> - <TargetFrameworkVersion>v3.5</TargetFrameworkVersion> + <TargetFrameworkVersion>v4.0</TargetFrameworkVersion> <FileUpgradeFlags> </FileUpgradeFlags> - <OldToolsVersion>3.5</OldToolsVersion> - <UpgradeBackupLocation /> + <OldToolsVersion>4.0</OldToolsVersion> <TargetFrameworkProfile /> <UseIISExpress>false</UseIISExpress> </PropertyGroup> @@ -64,15 +72,14 @@ <RequiredTargetFramework>3.0</RequiredTargetFramework> </Reference> <Reference Include="System.Web.Abstractions" /> + <Reference Include="System.Web.ApplicationServices" /> <Reference Include="System.Web.DynamicData" /> <Reference Include="System.Web.Entity"> <RequiredTargetFramework>3.5</RequiredTargetFramework> </Reference> - <Reference Include="System.Web.Extensions"> - <RequiredTargetFramework>3.5</RequiredTargetFramework> - </Reference> <Reference Include="System.Drawing" /> <Reference Include="System.Web" /> + <Reference Include="System.Web.Extensions" /> <Reference Include="System.Xml" /> <Reference Include="System.Configuration" /> <Reference Include="System.Web.Services" /> @@ -92,41 +99,35 @@ <Compile Include="Code\SiteUtilities.cs" /> <Compile Include="Members\OAuthAuthorize.aspx.cs"> <DependentUpon>OAuthAuthorize.aspx</DependentUpon> - <SubType>ASPXCodeBehind</SubType> </Compile> <Compile Include="Members\OAuthAuthorize.aspx.designer.cs"> <DependentUpon>OAuthAuthorize.aspx</DependentUpon> </Compile> <Compile Include="LoginFrame.aspx.cs"> <DependentUpon>LoginFrame.aspx</DependentUpon> - <SubType>ASPXCodeBehind</SubType> </Compile> <Compile Include="LoginFrame.aspx.designer.cs"> <DependentUpon>LoginFrame.aspx</DependentUpon> </Compile> <Compile Include="Members\AccountInfo.aspx.cs"> <DependentUpon>AccountInfo.aspx</DependentUpon> - <SubType>ASPXCodeBehind</SubType> </Compile> <Compile Include="Members\AccountInfo.aspx.designer.cs"> <DependentUpon>AccountInfo.aspx</DependentUpon> </Compile> <Compile Include="Admin\Admin.Master.cs"> <DependentUpon>Admin.Master</DependentUpon> - <SubType>ASPXCodeBehind</SubType> </Compile> <Compile Include="Admin\Admin.Master.designer.cs"> <DependentUpon>Admin.Master</DependentUpon> </Compile> <Compile Include="Admin\Default.aspx.cs"> <DependentUpon>Default.aspx</DependentUpon> - <SubType>ASPXCodeBehind</SubType> </Compile> <Compile Include="Admin\Default.aspx.designer.cs"> <DependentUpon>Default.aspx</DependentUpon> </Compile> <Compile Include="Default.aspx.cs"> - <SubType>ASPXCodeBehind</SubType> <DependentUpon>Default.aspx</DependentUpon> </Compile> <Compile Include="Default.aspx.designer.cs"> @@ -137,21 +138,18 @@ </Compile> <Compile Include="Login.aspx.cs"> <DependentUpon>Login.aspx</DependentUpon> - <SubType>ASPXCodeBehind</SubType> </Compile> <Compile Include="Login.aspx.designer.cs"> <DependentUpon>Login.aspx</DependentUpon> </Compile> <Compile Include="Logout.aspx.cs"> <DependentUpon>Logout.aspx</DependentUpon> - <SubType>ASPXCodeBehind</SubType> </Compile> <Compile Include="Logout.aspx.designer.cs"> <DependentUpon>Logout.aspx</DependentUpon> </Compile> <Compile Include="Members\Default.aspx.cs"> <DependentUpon>Default.aspx</DependentUpon> - <SubType>ASPXCodeBehind</SubType> </Compile> <Compile Include="Members\Default.aspx.designer.cs"> <DependentUpon>Default.aspx</DependentUpon> @@ -162,14 +160,12 @@ <Compile Include="Properties\AssemblyInfo.cs" /> <Compile Include="Setup.aspx.cs"> <DependentUpon>Setup.aspx</DependentUpon> - <SubType>ASPXCodeBehind</SubType> </Compile> <Compile Include="Setup.aspx.designer.cs"> <DependentUpon>Setup.aspx</DependentUpon> </Compile> <Compile Include="Site.Master.cs"> <DependentUpon>Site.Master</DependentUpon> - <SubType>ASPXCodeBehind</SubType> </Compile> <Compile Include="Site.Master.designer.cs"> <DependentUpon>Site.Master</DependentUpon> @@ -262,6 +258,10 @@ <Project>{99BB7543-EA16-43EE-A7BC-D7A25A3B22F6}</Project> <Name>DotNetOpenAuth.OAuth2.AuthorizationServer</Name> </ProjectReference> + <ProjectReference Include="..\..\src\DotNetOpenAuth.OAuth2.ClientAuthorization\DotNetOpenAuth.OAuth2.ClientAuthorization.csproj"> + <Project>{CCF3728A-B3D7-404A-9BC6-75197135F2D7}</Project> + <Name>DotNetOpenAuth.OAuth2.ClientAuthorization</Name> + </ProjectReference> <ProjectReference Include="..\..\src\DotNetOpenAuth.OAuth2\DotNetOpenAuth.OAuth2.csproj"> <Project>{56459A6C-6BA2-4BAC-A9C0-27E3BD961FA6}</Project> <Name>DotNetOpenAuth.OAuth2</Name> @@ -300,7 +300,8 @@ <Folder Include="bin\" /> </ItemGroup> <Import Project="$(MSBuildBinPath)\Microsoft.CSharp.targets" /> - <Import Project="$(MSBuildExtensionsPath32)\Microsoft\VisualStudio\v10.0\WebApplications\Microsoft.WebApplication.targets" /> + <Import Project="$(VSToolsPath)\WebApplications\Microsoft.WebApplication.targets" Condition="'$(VSToolsPath)' != ''" /> + <Import Project="$(MSBuildExtensionsPath32)\Microsoft\VisualStudio\v10.0\WebApplications\Microsoft.WebApplication.targets" Condition="false" /> <!-- To modify your build process, add your task inside one of the targets below and uncomment it. Other similar extension points exist, see Microsoft.Common.targets. <Target Name="BeforeBuild"> diff --git a/projecttemplates/projecttemplates.proj b/projecttemplates/projecttemplates.proj index c239293..6b8605b 100644 --- a/projecttemplates/projecttemplates.proj +++ b/projecttemplates/projecttemplates.proj @@ -8,7 +8,7 @@ <LayoutDependsOn> BuildUnifiedProduct; - ReSignDelaySignedAssemblies; + ResignShippingDelaySignedAssemblies; DeploySql; LayoutProjects; </LayoutDependsOn> @@ -24,7 +24,7 @@ <ItemGroup> <ProjectTemplates Include="**\*.*proj" Exclude="$(MSBuildThisFile)" /> - <ProjectReferencesToRemove Include="..\RelyingPartyDatabase\RelyingPartyDatabase.dbproj"/> + <ProjectReferencesToRemove Include="..\RelyingPartyDatabase\RelyingPartyDatabase.sqlproj"/> <AssemblyReferencesToReplaceWith Include="REMOVE" /> </ItemGroup> @@ -34,7 +34,7 @@ <Target Name="DeploySql"> <!-- This causes the SQL script that generates the database to be deployed to the RelyingPartyLogic class library. --> - <MSBuild Projects="RelyingPartyDatabase\RelyingPartyDatabase.dbproj" Targets="Build;Deploy" BuildInParallel="$(BuildInParallel)" /> + <MSBuild Projects="RelyingPartyDatabase\RelyingPartyDatabase.sqlproj" Targets="Build" BuildInParallel="$(BuildInParallel)" /> </Target> <Target Name="LayoutProjects"> @@ -56,7 +56,7 @@ <!-- Add external libraries and their symbols --> <ProjectTemplateLibraries Include="@(UnifiedSignedProductAssembly)" /> <ProjectTemplateLibraries Include="@(UnifiedSignedProductAssembly->'%(SymbolPath)')" /> - <ProjectTemplateLibraries Include="$(ILMergeOutputAssemblyDirectory)$(ProductName).xml" /> + <ProjectTemplateLibraries Include="@(UnifiedSignedProductAssembly->'%(XmlDocumentationFile)')" /> <!-- ... and log4net --> <ProjectTemplateLibraries Include="$(ProjectRoot)lib\log4net.dll" /> <ProjectTemplateLibraries Include="$(ProjectRoot)lib\log4net.xml" /> diff --git a/samples/DotNetOpenAuth.ApplicationBlock/DotNetOpenAuth.ApplicationBlock.csproj b/samples/DotNetOpenAuth.ApplicationBlock/DotNetOpenAuth.ApplicationBlock.csproj index 522a8ab..9b67f4d 100644 --- a/samples/DotNetOpenAuth.ApplicationBlock/DotNetOpenAuth.ApplicationBlock.csproj +++ b/samples/DotNetOpenAuth.ApplicationBlock/DotNetOpenAuth.ApplicationBlock.csproj @@ -11,7 +11,7 @@ <AppDesignerFolder>Properties</AppDesignerFolder> <RootNamespace>DotNetOpenAuth.ApplicationBlock</RootNamespace> <AssemblyName>DotNetOpenAuth.ApplicationBlock</AssemblyName> - <TargetFrameworkVersion>v3.5</TargetFrameworkVersion> + <TargetFrameworkVersion>v4.0</TargetFrameworkVersion> <FileAlignment>512</FileAlignment> <FileUpgradeFlags> </FileUpgradeFlags> @@ -98,7 +98,6 @@ <SubType>Code</SubType> </Compile> <Compile Include="Properties\AssemblyInfo.cs" /> - <Compile Include="TokenManager.cs" /> <Compile Include="TwitterConsumer.cs" /> <Compile Include="Util.cs" /> <Compile Include="WindowsLiveClient.cs" /> diff --git a/samples/DotNetOpenAuth.ApplicationBlock/Facebook/FacebookClient.cs b/samples/DotNetOpenAuth.ApplicationBlock/Facebook/FacebookClient.cs index 4af1bbd..a24e5b3 100644 --- a/samples/DotNetOpenAuth.ApplicationBlock/Facebook/FacebookClient.cs +++ b/samples/DotNetOpenAuth.ApplicationBlock/Facebook/FacebookClient.cs @@ -23,7 +23,6 @@ namespace DotNetOpenAuth.ApplicationBlock { /// Initializes a new instance of the <see cref="FacebookClient"/> class. /// </summary> public FacebookClient() : base(FacebookDescription) { - this.AuthorizationTracker = new TokenManager(); } } } diff --git a/samples/DotNetOpenAuth.ApplicationBlock/TokenManager.cs b/samples/DotNetOpenAuth.ApplicationBlock/TokenManager.cs deleted file mode 100644 index d1254af..0000000 --- a/samples/DotNetOpenAuth.ApplicationBlock/TokenManager.cs +++ /dev/null @@ -1,18 +0,0 @@ -//----------------------------------------------------------------------- -// <copyright file="TokenManager.cs" company="Outercurve Foundation"> -// Copyright (c) Outercurve Foundation. All rights reserved. -// </copyright> -//----------------------------------------------------------------------- - -namespace DotNetOpenAuth.ApplicationBlock { - using System; - using DotNetOpenAuth.OAuth2; - - public class TokenManager : IClientAuthorizationTracker { - public IAuthorizationState GetAuthorizationState(Uri callbackUrl, string clientState) { - return new AuthorizationState { - Callback = callbackUrl, - }; - } - } -} diff --git a/samples/DotNetOpenAuth.ApplicationBlock/WindowsLiveClient.cs b/samples/DotNetOpenAuth.ApplicationBlock/WindowsLiveClient.cs index be0a650..a2e1058 100644 --- a/samples/DotNetOpenAuth.ApplicationBlock/WindowsLiveClient.cs +++ b/samples/DotNetOpenAuth.ApplicationBlock/WindowsLiveClient.cs @@ -22,7 +22,6 @@ namespace DotNetOpenAuth.ApplicationBlock { /// </summary> public WindowsLiveClient() : base(WindowsLiveDescription) { - this.AuthorizationTracker = new TokenManager(); } /// <summary> diff --git a/samples/InfoCardRelyingParty/Bin/DotNetOpenAuth.dll.refresh_ b/samples/InfoCardRelyingParty/Bin/DotNetOpenAuth.dll.refresh_ Binary files differindex 946bd4b..7734f0e 100644 --- a/samples/InfoCardRelyingParty/Bin/DotNetOpenAuth.dll.refresh_ +++ b/samples/InfoCardRelyingParty/Bin/DotNetOpenAuth.dll.refresh_ diff --git a/samples/InfoCardRelyingParty/Bin/log4net.dll.refresh b/samples/InfoCardRelyingParty/Bin/log4net.dll.refresh_ Binary files differindex ede40da..ede40da 100644 --- a/samples/InfoCardRelyingParty/Bin/log4net.dll.refresh +++ b/samples/InfoCardRelyingParty/Bin/log4net.dll.refresh_ diff --git a/samples/InfoCardRelyingParty/web.config b/samples/InfoCardRelyingParty/web.config index 578ea26..e59cc26 100644 --- a/samples/InfoCardRelyingParty/web.config +++ b/samples/InfoCardRelyingParty/web.config @@ -8,17 +8,6 @@ <section name="messaging" type="DotNetOpenAuth.Configuration.MessagingElement, DotNetOpenAuth.Core" requirePermission="false" allowLocation="true" /> <section name="reporting" type="DotNetOpenAuth.Configuration.ReportingElement, DotNetOpenAuth.Core" requirePermission="false" allowLocation="true" /> </sectionGroup> - <sectionGroup name="system.web.extensions" type="System.Web.Configuration.SystemWebExtensionsSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"> - <sectionGroup name="scripting" type="System.Web.Configuration.ScriptingSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"> - <section name="scriptResourceHandler" type="System.Web.Configuration.ScriptingScriptResourceHandlerSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication"/> - <sectionGroup name="webServices" type="System.Web.Configuration.ScriptingWebServicesSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"> - <section name="jsonSerialization" type="System.Web.Configuration.ScriptingJsonSerializationSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="Everywhere"/> - <section name="profileService" type="System.Web.Configuration.ScriptingProfileServiceSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication"/> - <section name="authenticationService" type="System.Web.Configuration.ScriptingAuthenticationServiceSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication"/> - <section name="roleService" type="System.Web.Configuration.ScriptingRoleServiceSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication"/> - </sectionGroup> - </sectionGroup> - </sectionGroup> </configSections> <!-- this is an optional configuration section where aspects of dotnetopenauth can be customized --> @@ -64,16 +53,12 @@ where data loss can occur. Set explicit="true" to force declaration of all variables. --> - <compilation debug="true" strict="false" explicit="true"> + <compilation debug="true" strict="false" explicit="true" targetFramework="4.0"> <assemblies> - <add assembly="System.Core, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/> - <add assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add assembly="System.Data.DataSetExtensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/> - <add assembly="System.Xml.Linq, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/> <remove assembly="DotNetOpenAuth.Contracts"/> </assemblies> </compilation> - <pages> + <pages controlRenderingCompatibilityVersion="3.5" clientIDMode="AutoID"> <namespaces> <clear/> <add namespace="System"/> @@ -95,10 +80,6 @@ <add namespace="System.Web.UI.WebControls.WebParts"/> <add namespace="System.Web.UI.HtmlControls"/> </namespaces> - <controls> - <add tagPrefix="asp" namespace="System.Web.UI" assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add tagPrefix="asp" namespace="System.Web.UI.WebControls" assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - </controls> </pages> <!-- The <authentication> section enables configuration @@ -118,59 +99,14 @@ <error statusCode="404" redirect="FileNotFound.htm" /> </customErrors> --> - <httpHandlers> - <remove verb="*" path="*.asmx"/> - <add verb="*" path="*.asmx" validate="false" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add verb="*" path="*_AppService.axd" validate="false" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add verb="GET,HEAD" path="ScriptResource.axd" type="System.Web.Handlers.ScriptResourceHandler, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" validate="false"/> - </httpHandlers> - <httpModules> - <add name="ScriptModule" type="System.Web.Handlers.ScriptModule, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - </httpModules> + <!-- Force ASP.NET 4.0 to respect ValidateRequest="false" in the login page to avoid false reports from the SAML token. --> + <httpRuntime requestValidationMode="2.0" /> </system.web> - <system.codedom> - <compilers> - <compiler language="c#;cs;csharp" extension=".cs" warningLevel="4" type="Microsoft.CSharp.CSharpCodeProvider, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"> - <providerOption name="CompilerVersion" value="v3.5"/> - <providerOption name="WarnAsError" value="false"/> - </compiler> - <compiler language="vb;vbs;visualbasic;vbscript" extension=".vb" warningLevel="4" type="Microsoft.VisualBasic.VBCodeProvider, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"> - <providerOption name="CompilerVersion" value="v3.5"/> - <providerOption name="OptionInfer" value="true"/> - <providerOption name="WarnAsError" value="false"/> - </compiler> - </compilers> - </system.codedom> <!-- The system.webServer section is required for running ASP.NET AJAX under Internet Information Services 7.0. It is not necessary for previous version of IIS. --> <system.webServer> - <validation validateIntegratedModeConfiguration="false"/> - <modules> - <remove name="ScriptModule"/> - <add name="ScriptModule" preCondition="managedHandler" type="System.Web.Handlers.ScriptModule, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - </modules> - <handlers> - <remove name="WebServiceHandlerFactory-Integrated"/> - <remove name="ScriptHandlerFactory"/> - <remove name="ScriptHandlerFactoryAppServices"/> - <remove name="ScriptResource"/> - <add name="ScriptHandlerFactory" verb="*" path="*.asmx" preCondition="integratedMode" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add name="ScriptHandlerFactoryAppServices" verb="*" path="*_AppService.axd" preCondition="integratedMode" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add name="ScriptResource" preCondition="integratedMode" verb="GET,HEAD" path="ScriptResource.axd" type="System.Web.Handlers.ScriptResourceHandler, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - </handlers> + <modules runAllManagedModulesForAllRequests="true"/> </system.webServer> - <runtime> - <assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1"> - <dependentAssembly> - <assemblyIdentity name="System.Web.Extensions" publicKeyToken="31bf3856ad364e35"/> - <bindingRedirect oldVersion="1.0.0.0-1.1.0.0" newVersion="3.5.0.0"/> - </dependentAssembly> - <dependentAssembly> - <assemblyIdentity name="System.Web.Extensions.Design" publicKeyToken="31bf3856ad364e35"/> - <bindingRedirect oldVersion="1.0.0.0-1.1.0.0" newVersion="3.5.0.0"/> - </dependentAssembly> - </assemblyBinding> - </runtime> -</configuration> +</configuration>
\ No newline at end of file diff --git a/samples/OAuthAuthorizationServer/Code/Client.cs b/samples/OAuthAuthorizationServer/Code/Client.cs index 0013f27..cf5ea59 100644 --- a/samples/OAuthAuthorizationServer/Code/Client.cs +++ b/samples/OAuthAuthorizationServer/Code/Client.cs @@ -1,7 +1,7 @@ namespace OAuthAuthorizationServer.Code { using System; using System.Collections.Generic; - + using DotNetOpenAuth.Messaging; using DotNetOpenAuth.OAuth2; /// <summary> @@ -11,13 +11,6 @@ #region IConsumerDescription Members /// <summary> - /// Gets the client secret. - /// </summary> - string IClientDescription.Secret { - get { return this.ClientSecret; } - } - - /// <summary> /// Gets the callback to use when an individual authorization request /// does not include an explicit callback URI. /// </summary> @@ -36,6 +29,13 @@ } /// <summary> + /// Gets a value indicating whether a non-empty secret is registered for this client. + /// </summary> + bool IClientDescription.HasNonEmptySecret { + get { return !string.IsNullOrEmpty(this.ClientSecret); } + } + + /// <summary> /// Determines whether a callback URI included in a client's authorization request /// is among those allowed callbacks for the registered client. /// </summary> @@ -59,6 +59,19 @@ return false; } + /// <summary> + /// Checks whether the specified client secret is correct. + /// </summary> + /// <param name="secret">The secret obtained from the client.</param> + /// <returns><c>true</c> if the secret matches the one in the authorization server's record for the client; <c>false</c> otherwise.</returns> + /// <remarks> + /// All string equality checks, whether checking secrets or their hashes, + /// should be done using <see cref="MessagingUtilities.EqualsConstantTime"/> to mitigate timing attacks. + /// </remarks> + bool IClientDescription.IsValidClientSecret(string secret) { + return MessagingUtilities.EqualsConstantTime(secret, this.ClientSecret); + } + #endregion } }
\ No newline at end of file diff --git a/samples/OAuthAuthorizationServer/Code/OAuth2AuthorizationServer.cs b/samples/OAuthAuthorizationServer/Code/OAuth2AuthorizationServer.cs index b837d4c..eb7f1f5 100644 --- a/samples/OAuthAuthorizationServer/Code/OAuth2AuthorizationServer.cs +++ b/samples/OAuthAuthorizationServer/Code/OAuth2AuthorizationServer.cs @@ -10,9 +10,7 @@ using DotNetOpenAuth.OAuth2.ChannelElements; using DotNetOpenAuth.OAuth2.Messages; - internal class OAuth2AuthorizationServer : IAuthorizationServer { - private static readonly RSACryptoServiceProvider AsymmetricTokenSigningPrivateKey = CreateRSA(); - + internal class OAuth2AuthorizationServer : IAuthorizationServerHost { #if SAMPLESONLY /// <summary> /// This is the FOR SAMPLE ONLY hard-coded public key of the complementary OAuthResourceServer sample. @@ -31,43 +29,39 @@ private static readonly RSAParameters ResourceServerEncryptionPublicKey; #endif - #region Implementation of IAuthorizationServer + #region Implementation of IAuthorizationServerHost public ICryptoKeyStore CryptoKeyStore { get { return MvcApplication.KeyNonceStore; } } - public INonceStore VerificationCodeNonceStore { + public INonceStore NonceStore { get { return MvcApplication.KeyNonceStore; } } - public RSACryptoServiceProvider AccessTokenSigningKey { - get { return AsymmetricTokenSigningPrivateKey; } - } + public AccessTokenResult CreateAccessToken(IAccessTokenRequest accessTokenRequestMessage) { + var accessToken = new AuthorizationServerAccessToken(); - public TimeSpan GetAccessTokenLifetime(IAccessTokenRequest accessTokenRequestMessage) { // Just for the sake of the sample, we use a short-lived token. This can be useful to mitigate the security risks // of access tokens that are used over standard HTTP. // But this is just the lifetime of the access token. The client can still renew it using their refresh token until // the authorization itself expires. - TimeSpan lifetime = TimeSpan.FromMinutes(2); + accessToken.Lifetime = TimeSpan.FromMinutes(2); // Also take into account the remaining life of the authorization and artificially shorten the access token's lifetime // to account for that if necessary. //// TODO: code here - return lifetime; - } - - public RSACryptoServiceProvider GetResourceServerEncryptionKey(IAccessTokenRequest accessTokenRequestMessage) { - var resourceServerEncryptionKey = new RSACryptoServiceProvider(); - // For this sample, we assume just one resource server. // If this authorization server needs to mint access tokens for more than one resource server, // we'd look at the request message passed to us and decide which public key to return. - resourceServerEncryptionKey.ImportParameters(ResourceServerEncryptionPublicKey); + accessToken.ResourceServerEncryptionKey = new RSACryptoServiceProvider(); + accessToken.ResourceServerEncryptionKey.ImportParameters(ResourceServerEncryptionPublicKey); + + accessToken.AccessTokenSigningKey = CreateRSA(); - return resourceServerEncryptionKey; + var result = new AccessTokenResult(accessToken); + return result; } public IClientDescription GetClient(string clientIdentifier) { @@ -84,11 +78,15 @@ return this.IsAuthorizationValid(authorization.Scope, authorization.ClientIdentifier, authorization.UtcIssued, authorization.User); } - public bool IsResourceOwnerCredentialValid(string userName, string password) { + public bool TryAuthorizeResourceOwnerCredentialGrant(string userName, string password, IAccessTokenRequest accessRequest, out string canonicalUserName) { // This web site delegates user authentication to OpenID Providers, and as such no users have local passwords with this server. throw new NotSupportedException(); } + public bool TryAuthorizeClientCredentialsGrant(IAccessTokenRequest accessRequest) { + throw new NotImplementedException(); + } + #endregion public bool CanBeAutoApproved(EndUserAuthorizationRequest authorizationRequest) { @@ -120,7 +118,7 @@ /// Creates the RSA key used by all the crypto service provider instances we create. /// </summary> /// <returns>RSA data that includes the private key.</returns> - private static RSAParameters CreateRSAKey() { + private static RSAParameters CreateAuthorizationServerSigningKey() { #if SAMPLESONLY // Since the sample authorization server and the sample resource server must work together, // we hard-code a FOR SAMPLE USE ONLY key pair. The matching public key information is hard-coded into the OAuthResourceServer sample. @@ -155,7 +153,7 @@ private static RSACryptoServiceProvider CreateRSA() { var rsa = new RSACryptoServiceProvider(); - rsa.ImportParameters(CreateRSAKey()); + rsa.ImportParameters(CreateAuthorizationServerSigningKey()); return rsa; } diff --git a/samples/OAuthAuthorizationServer/OAuthAuthorizationServer.csproj b/samples/OAuthAuthorizationServer/OAuthAuthorizationServer.csproj index 15c3f15..9f810bb 100644 --- a/samples/OAuthAuthorizationServer/OAuthAuthorizationServer.csproj +++ b/samples/OAuthAuthorizationServer/OAuthAuthorizationServer.csproj @@ -1,11 +1,18 @@ <?xml version="1.0" encoding="utf-8"?> <Project ToolsVersion="4.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003"> <Import Project="$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.props))\EnlistmentInfo.props" Condition=" '$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.props))' != '' " /> + <Import Project="$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props" Condition="Exists('$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props')" /> + <PropertyGroup> + <VisualStudioVersion Condition="'$(VisualStudioVersion)' == ''">10.0</VisualStudioVersion> + <VSToolsPath Condition="'$(VSToolsPath)' == ''">$(MSBuildExtensionsPath32)\Microsoft\VisualStudio\v$(VisualStudioVersion)</VSToolsPath> + <IISExpressSSLPort /> + <IISExpressAnonymousAuthentication>disabled</IISExpressAnonymousAuthentication> + <IISExpressWindowsAuthentication>disabled</IISExpressWindowsAuthentication> + <IISExpressUseClassicPipelineMode>false</IISExpressUseClassicPipelineMode> + </PropertyGroup> <PropertyGroup> <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration> <Platform Condition=" '$(Platform)' == '' ">AnyCPU</Platform> - <ProductVersion> - </ProductVersion> <SchemaVersion>2.0</SchemaVersion> <ProjectGuid>{C78E8235-1D46-43EB-A912-80B522C4E9AE}</ProjectGuid> <ProjectTypeGuids>{E53F8FEA-EAE0-44A6-8774-FFD645390401};{349c5851-65df-11da-9384-00065b846f21};{fae04ec0-301f-11d3-bf4b-00c04f79efbc}</ProjectTypeGuids> @@ -15,7 +22,7 @@ <AssemblyName>OAuthAuthorizationServer</AssemblyName> <TargetFrameworkVersion>v4.0</TargetFrameworkVersion> <MvcBuildViews>false</MvcBuildViews> - <UseIISExpress>false</UseIISExpress> + <UseIISExpress>true</UseIISExpress> </PropertyGroup> <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' "> <DebugSymbols>true</DebugSymbols> @@ -55,7 +62,7 @@ <Reference Include="System.Data.DataSetExtensions"> <RequiredTargetFramework>3.5</RequiredTargetFramework> </Reference> - <Reference Include="System.Web.Mvc, Version=2.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL" /> + <Reference Include="System.Web.Mvc, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL" /> <Reference Include="System.Xml.Linq"> <RequiredTargetFramework>3.5</RequiredTargetFramework> </Reference> @@ -95,7 +102,9 @@ <Content Include="Global.asax" /> <Content Include="Views\Home\CreateDatabase.aspx" /> <Content Include="Views\OAuth\Authorize.aspx" /> - <Content Include="Web.config" /> + <Content Include="Web.config"> + <SubType>Designer</SubType> + </Content> <Content Include="Web.Debug.config"> <DependentUpon>Web.config</DependentUpon> </Content> @@ -150,6 +159,10 @@ <Project>{99BB7543-EA16-43EE-A7BC-D7A25A3B22F6}</Project> <Name>DotNetOpenAuth.OAuth2.AuthorizationServer</Name> </ProjectReference> + <ProjectReference Include="..\..\src\DotNetOpenAuth.OAuth2.ClientAuthorization\DotNetOpenAuth.OAuth2.ClientAuthorization.csproj"> + <Project>{CCF3728A-B3D7-404A-9BC6-75197135F2D7}</Project> + <Name>DotNetOpenAuth.OAuth2.ClientAuthorization</Name> + </ProjectReference> <ProjectReference Include="..\..\src\DotNetOpenAuth.OAuth2\DotNetOpenAuth.OAuth2.csproj"> <Project>{56459A6C-6BA2-4BAC-A9C0-27E3BD961FA6}</Project> <Name>DotNetOpenAuth.OAuth2</Name> @@ -164,7 +177,8 @@ </ProjectReference> </ItemGroup> <Import Project="$(MSBuildBinPath)\Microsoft.CSharp.targets" /> - <Import Project="$(MSBuildExtensionsPath32)\Microsoft\VisualStudio\v10.0\WebApplications\Microsoft.WebApplication.targets" /> + <Import Project="$(VSToolsPath)\WebApplications\Microsoft.WebApplication.targets" Condition="'$(VSToolsPath)' != ''" /> + <Import Project="$(MSBuildExtensionsPath32)\Microsoft\VisualStudio\v10.0\WebApplications\Microsoft.WebApplication.targets" Condition="false" /> <!-- To modify your build process, add your task inside one of the targets below and uncomment it. Other similar extension points exist, see Microsoft.Common.targets. <Target Name="BeforeBuild"> @@ -177,11 +191,10 @@ <FlavorProperties GUID="{349c5851-65df-11da-9384-00065b846f21}"> <WebProjectProperties> <UseIIS>False</UseIIS> - <AutoAssignPort>True</AutoAssignPort> + <AutoAssignPort>False</AutoAssignPort> <DevelopmentServerPort>50172</DevelopmentServerPort> <DevelopmentServerVPath>/</DevelopmentServerVPath> - <IISUrl> - </IISUrl> + <IISUrl>http://localhost:17947/</IISUrl> <NTLMAuthentication>False</NTLMAuthentication> <UseCustomServer>False</UseCustomServer> <CustomServerUrl> diff --git a/samples/OAuthAuthorizationServer/Views/Web.config b/samples/OAuthAuthorizationServer/Views/Web.config index aa7a38d..c30f2ad 100644 --- a/samples/OAuthAuthorizationServer/Views/Web.config +++ b/samples/OAuthAuthorizationServer/Views/Web.config @@ -15,11 +15,11 @@ --> <pages validateRequest="false" - pageParserFilterType="System.Web.Mvc.ViewTypeParserFilter, System.Web.Mvc, Version=2.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" - pageBaseType="System.Web.Mvc.ViewPage, System.Web.Mvc, Version=2.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" - userControlBaseType="System.Web.Mvc.ViewUserControl, System.Web.Mvc, Version=2.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"> + pageParserFilterType="System.Web.Mvc.ViewTypeParserFilter, System.Web.Mvc, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" + pageBaseType="System.Web.Mvc.ViewPage, System.Web.Mvc, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" + userControlBaseType="System.Web.Mvc.ViewUserControl, System.Web.Mvc, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"> <controls> - <add assembly="System.Web.Mvc, Version=2.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" namespace="System.Web.Mvc" tagPrefix="mvc" /> + <add assembly="System.Web.Mvc, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" namespace="System.Web.Mvc" tagPrefix="mvc" /> </controls> </pages> </system.web> diff --git a/samples/OAuthAuthorizationServer/Web.config b/samples/OAuthAuthorizationServer/Web.config index 7ff2518..37157fd 100644 --- a/samples/OAuthAuthorizationServer/Web.config +++ b/samples/OAuthAuthorizationServer/Web.config @@ -7,11 +7,13 @@ <configuration> <configSections> - <section name="uri" type="System.Configuration.UriSection, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"/> <section name="log4net" type="log4net.Config.Log4NetConfigurationSectionHandler" requirePermission="false"/> <sectionGroup name="dotNetOpenAuth" type="DotNetOpenAuth.Configuration.DotNetOpenAuthSection, DotNetOpenAuth.Core"> <section name="openid" type="DotNetOpenAuth.Configuration.OpenIdElement, DotNetOpenAuth.OpenId" requirePermission="false" allowLocation="true" /> <section name="oauth" type="DotNetOpenAuth.Configuration.OAuthElement, DotNetOpenAuth.OAuth" requirePermission="false" allowLocation="true" /> + <sectionGroup name="oauth2" type="DotNetOpenAuth.Configuration.OAuth2SectionGroup, DotNetOpenAuth.OAuth2"> + <section name="authorizationServer" type="DotNetOpenAuth.Configuration.OAuth2AuthorizationServerSection, DotNetOpenAuth.OAuth2.AuthorizationServer" requirePermission="false" allowLocation="true" /> + </sectionGroup> <section name="messaging" type="DotNetOpenAuth.Configuration.MessagingElement, DotNetOpenAuth.Core" requirePermission="false" allowLocation="true" /> <section name="reporting" type="DotNetOpenAuth.Configuration.ReportingElement, DotNetOpenAuth.Core" requirePermission="false" allowLocation="true" /> </sectionGroup> @@ -39,6 +41,10 @@ <dotNetOpenAuth> <!-- Allow DotNetOpenAuth to publish usage statistics to library authors to improve the library. --> <reporting enabled="true" /> + <oauth2> + <authorizationServer> + </authorizationServer> + </oauth2> <!-- Relaxing SSL requirements is useful for simple samples, but NOT a good idea in production. --> <messaging relaxSslRequirements="true"> @@ -65,7 +71,7 @@ </log4net> <connectionStrings> - <add name="DatabaseConnectionString" connectionString="Data Source=.\SQLEXPRESS;AttachDbFilename=|DataDirectory|\Database2.mdf;Integrated Security=True;User Instance=True" + <add name="DatabaseConnectionString" connectionString="Data Source=.\SQLEXPRESS;AttachDbFilename=|DataDirectory|\Database4.mdf;Integrated Security=True;User Instance=True" providerName="System.Data.SqlClient" /> </connectionStrings> @@ -74,7 +80,7 @@ <assemblies> <add assembly="System.Web.Abstractions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" /> <add assembly="System.Web.Routing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" /> - <add assembly="System.Web.Mvc, Version=2.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" /> + <add assembly="System.Web.Mvc, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" /> </assemblies> </compilation> diff --git a/samples/OAuthClient/Facebook.aspx.cs b/samples/OAuthClient/Facebook.aspx.cs index 0f71712..4701d24 100644 --- a/samples/OAuthClient/Facebook.aspx.cs +++ b/samples/OAuthClient/Facebook.aspx.cs @@ -10,7 +10,7 @@ public partial class Facebook : System.Web.UI.Page { private static readonly FacebookClient client = new FacebookClient { ClientIdentifier = ConfigurationManager.AppSettings["facebookAppID"], - ClientSecret = ConfigurationManager.AppSettings["facebookAppSecret"], + ClientCredentialApplicator = ClientCredentialApplicator.PostParameter(ConfigurationManager.AppSettings["facebookAppSecret"]), }; protected void Page_Load(object sender, EventArgs e) { diff --git a/samples/OAuthClient/OAuthClient.csproj b/samples/OAuthClient/OAuthClient.csproj index cd9da61..036a913 100644 --- a/samples/OAuthClient/OAuthClient.csproj +++ b/samples/OAuthClient/OAuthClient.csproj @@ -1,6 +1,16 @@ <?xml version="1.0" encoding="utf-8"?> <Project ToolsVersion="4.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003"> <Import Project="$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.props))\EnlistmentInfo.props" Condition=" '$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.props))' != '' " /> + <Import Project="$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props" Condition="Exists('$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props')" /> + <PropertyGroup> + <VisualStudioVersion Condition="'$(VisualStudioVersion)' == ''">10.0</VisualStudioVersion> + <VSToolsPath Condition="'$(VSToolsPath)' == ''">$(MSBuildExtensionsPath32)\Microsoft\VisualStudio\v$(VisualStudioVersion)</VSToolsPath> + <OldToolsVersion>4.0</OldToolsVersion> + <IISExpressSSLPort /> + <IISExpressAnonymousAuthentication /> + <IISExpressWindowsAuthentication /> + <IISExpressUseClassicPipelineMode /> + </PropertyGroup> <PropertyGroup> <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration> <Platform Condition=" '$(Platform)' == '' ">AnyCPU</Platform> @@ -13,9 +23,9 @@ <AppDesignerFolder>Properties</AppDesignerFolder> <RootNamespace>OAuthClient</RootNamespace> <AssemblyName>OAuthClient</AssemblyName> - <TargetFrameworkVersion>v3.5</TargetFrameworkVersion> + <TargetFrameworkVersion>v4.0</TargetFrameworkVersion> <TargetFrameworkProfile /> - <UseIISExpress>false</UseIISExpress> + <UseIISExpress>true</UseIISExpress> </PropertyGroup> <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' "> <DebugSymbols>true</DebugSymbols> @@ -47,9 +57,10 @@ <Reference Include="System.Runtime.Serialization" /> <Reference Include="System.ServiceModel" /> <Reference Include="System.Web.Abstractions" /> - <Reference Include="System.Web.Extensions" /> <Reference Include="System.Drawing" /> <Reference Include="System.Web" /> + <Reference Include="System.Web.ApplicationServices" /> + <Reference Include="System.Web.Extensions" /> <Reference Include="System.Xml" /> <Reference Include="System.Configuration" /> <Reference Include="System.Web.Services" /> @@ -222,17 +233,17 @@ <WCFMetadataStorage Include="Service References\SampleResourceServer\" /> </ItemGroup> <Import Project="$(MSBuildBinPath)\Microsoft.CSharp.targets" /> - <Import Project="$(MSBuildExtensionsPath32)\Microsoft\VisualStudio\v10.0\WebApplications\Microsoft.WebApplication.targets" /> + <Import Project="$(VSToolsPath)\WebApplications\Microsoft.WebApplication.targets" Condition="'$(VSToolsPath)' != ''" /> + <Import Project="$(MSBuildExtensionsPath32)\Microsoft\VisualStudio\v10.0\WebApplications\Microsoft.WebApplication.targets" Condition="false" /> <ProjectExtensions> <VisualStudio> <FlavorProperties GUID="{349c5851-65df-11da-9384-00065b846f21}"> <WebProjectProperties> - <UseIIS>False</UseIIS> + <UseIIS>True</UseIIS> <AutoAssignPort>False</AutoAssignPort> <DevelopmentServerPort>59722</DevelopmentServerPort> <DevelopmentServerVPath>/</DevelopmentServerVPath> - <IISUrl> - </IISUrl> + <IISUrl>http://localhost:59722/</IISUrl> <NTLMAuthentication>False</NTLMAuthentication> <UseCustomServer>False</UseCustomServer> <CustomServerUrl> diff --git a/samples/OAuthClient/SampleWcf2.aspx.cs b/samples/OAuthClient/SampleWcf2.aspx.cs index f4d2dd5..06bbe9b 100644 --- a/samples/OAuthClient/SampleWcf2.aspx.cs +++ b/samples/OAuthClient/SampleWcf2.aspx.cs @@ -87,6 +87,8 @@ this.nameLabel.Text = this.CallService(client => client.GetName());
} catch (SecurityAccessDeniedException) {
this.nameLabel.Text = "Access denied!";
+ } catch (MessageSecurityException) {
+ this.nameLabel.Text = "Access denied!";
}
}
@@ -96,6 +98,8 @@ this.ageLabel.Text = age.HasValue ? age.Value.ToString(CultureInfo.CurrentCulture) : "not available";
} catch (SecurityAccessDeniedException) {
this.ageLabel.Text = "Access denied!";
+ } catch (MessageSecurityException) {
+ this.ageLabel.Text = "Access denied!";
}
}
@@ -105,6 +109,8 @@ this.favoriteSitesLabel.Text = string.Join(", ", favoriteSites);
} catch (SecurityAccessDeniedException) {
this.favoriteSitesLabel.Text = "Access denied!";
+ } catch (MessageSecurityException) {
+ this.favoriteSitesLabel.Text = "Access denied!";
}
}
diff --git a/samples/OAuthClient/Service References/SampleResourceServer/Reference.cs b/samples/OAuthClient/Service References/SampleResourceServer/Reference.cs index 10f4265..5e6deaf 100644 --- a/samples/OAuthClient/Service References/SampleResourceServer/Reference.cs +++ b/samples/OAuthClient/Service References/SampleResourceServer/Reference.cs @@ -1,7 +1,7 @@ //------------------------------------------------------------------------------ // <auto-generated> // This code was generated by a tool. -// Runtime Version:4.0.30319.1 +// Runtime Version:4.0.30319.17614 // // Changes to this file may cause incorrect behavior and will be lost if // the code is regenerated. diff --git a/samples/OAuthClient/Web.config b/samples/OAuthClient/Web.config index a5b9f06..b17ae43 100644 --- a/samples/OAuthClient/Web.config +++ b/samples/OAuthClient/Web.config @@ -1,7 +1,6 @@ <?xml version="1.0"?> <configuration> <configSections> - <section name="uri" type="System.Configuration.UriSection, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"/> <section name="log4net" type="log4net.Config.Log4NetConfigurationSectionHandler" requirePermission="false" /> <sectionGroup name="dotNetOpenAuth" type="DotNetOpenAuth.Configuration.DotNetOpenAuthSection, DotNetOpenAuth.Core"> <section name="openid" type="DotNetOpenAuth.Configuration.OpenIdElement, DotNetOpenAuth.OpenId" requirePermission="false" allowLocation="true" /> @@ -9,17 +8,6 @@ <section name="messaging" type="DotNetOpenAuth.Configuration.MessagingElement, DotNetOpenAuth.Core" requirePermission="false" allowLocation="true" /> <section name="reporting" type="DotNetOpenAuth.Configuration.ReportingElement, DotNetOpenAuth.Core" requirePermission="false" allowLocation="true" /> </sectionGroup> - <sectionGroup name="system.web.extensions" type="System.Web.Configuration.SystemWebExtensionsSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"> - <sectionGroup name="scripting" type="System.Web.Configuration.ScriptingSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"> - <section name="scriptResourceHandler" type="System.Web.Configuration.ScriptingScriptResourceHandlerSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication"/> - <sectionGroup name="webServices" type="System.Web.Configuration.ScriptingWebServicesSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"> - <section name="jsonSerialization" type="System.Web.Configuration.ScriptingJsonSerializationSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="Everywhere"/> - <section name="profileService" type="System.Web.Configuration.ScriptingProfileServiceSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication"/> - <section name="authenticationService" type="System.Web.Configuration.ScriptingAuthenticationServiceSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication"/> - <section name="roleService" type="System.Web.Configuration.ScriptingRoleServiceSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication"/> - </sectionGroup> - </sectionGroup> - </sectionGroup> </configSections> <!-- The uri section is necessary to turn on .NET 3.5 support for IDN (international domain names), @@ -77,12 +65,8 @@ affects performance, set this value to true only during development. --> - <compilation debug="true"> + <compilation debug="true" targetFramework="4.0"> <assemblies> - <add assembly="System.Core, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/> - <add assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add assembly="System.Data.DataSetExtensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/> - <add assembly="System.Xml.Linq, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/> <remove assembly="DotNetOpenAuth.Contracts"/> </assemblies> </compilation> @@ -104,67 +88,12 @@ <error statusCode="404" redirect="FileNotFound.htm" /> </customErrors> --> - <pages> - <controls> - <add tagPrefix="asp" namespace="System.Web.UI" assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add tagPrefix="asp" namespace="System.Web.UI.WebControls" assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - </controls> - </pages> - <httpHandlers> - <remove verb="*" path="*.asmx"/> - <add verb="*" path="*.asmx" validate="false" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add verb="*" path="*_AppService.axd" validate="false" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add verb="GET,HEAD" path="ScriptResource.axd" type="System.Web.Handlers.ScriptResourceHandler, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" validate="false"/> - </httpHandlers> - <httpModules> - <add name="ScriptModule" type="System.Web.Handlers.ScriptModule, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - </httpModules> + <pages controlRenderingCompatibilityVersion="3.5" clientIDMode="AutoID" /> </system.web> - <system.codedom> - <compilers> - <compiler language="c#;cs;csharp" extension=".cs" warningLevel="4" type="Microsoft.CSharp.CSharpCodeProvider, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"> - <providerOption name="CompilerVersion" value="v3.5"/> - <providerOption name="WarnAsError" value="false"/> - </compiler> - <compiler language="vb;vbs;visualbasic;vbscript" extension=".vb" warningLevel="4" type="Microsoft.VisualBasic.VBCodeProvider, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"> - <providerOption name="CompilerVersion" value="v3.5"/> - <providerOption name="OptionInfer" value="true"/> - <providerOption name="WarnAsError" value="false"/> - </compiler> - </compilers> - </system.codedom> <!-- The system.webServer section is required for running ASP.NET AJAX under Internet Information Services 7.0. It is not necessary for previous version of IIS. --> - <system.webServer> - <validation validateIntegratedModeConfiguration="false"/> - <modules> - <remove name="ScriptModule"/> - <add name="ScriptModule" preCondition="managedHandler" type="System.Web.Handlers.ScriptModule, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - </modules> - <handlers> - <remove name="WebServiceHandlerFactory-Integrated"/> - <remove name="ScriptHandlerFactory"/> - <remove name="ScriptHandlerFactoryAppServices"/> - <remove name="ScriptResource"/> - <add name="ScriptHandlerFactory" verb="*" path="*.asmx" preCondition="integratedMode" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add name="ScriptHandlerFactoryAppServices" verb="*" path="*_AppService.axd" preCondition="integratedMode" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add name="ScriptResource" preCondition="integratedMode" verb="GET,HEAD" path="ScriptResource.axd" type="System.Web.Handlers.ScriptResourceHandler, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - </handlers> - </system.webServer> - <runtime> - <assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1"> - <dependentAssembly> - <assemblyIdentity name="System.Web.Extensions" publicKeyToken="31bf3856ad364e35"/> - <bindingRedirect oldVersion="1.0.0.0-1.1.0.0" newVersion="3.5.0.0"/> - </dependentAssembly> - <dependentAssembly> - <assemblyIdentity name="System.Web.Extensions.Design" publicKeyToken="31bf3856ad364e35"/> - <bindingRedirect oldVersion="1.0.0.0-1.1.0.0" newVersion="3.5.0.0"/> - </dependentAssembly> - </assemblyBinding> - </runtime> <log4net> <appender name="TracePageAppender" type="OAuthClient.TracePageAppender, OAuthClient"> <layout type="log4net.Layout.PatternLayout"> @@ -182,35 +111,28 @@ <level value="ALL" /> </logger> </log4net> - <system.serviceModel> - <bindings> - <wsHttpBinding> - <binding name="WSHttpBinding_IDataApi" closeTimeout="00:01:00" - openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00" - bypassProxyOnLocal="false" transactionFlow="false" hostNameComparisonMode="StrongWildcard" - maxBufferPoolSize="524288" maxReceivedMessageSize="65536" messageEncoding="Text" - textEncoding="utf-8" useDefaultWebProxy="true" allowCookies="false"> - <readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384" - maxBytesPerRead="4096" maxNameTableCharCount="16384" /> - <reliableSession ordered="true" inactivityTimeout="00:10:00" - enabled="false" /> - <security mode="Message"> - <transport clientCredentialType="Windows" proxyCredentialType="None" - realm="" /> - <message clientCredentialType="Windows" negotiateServiceCredential="true" - algorithmSuite="Default" /> - </security> - </binding> - </wsHttpBinding> - </bindings> - <client> - <endpoint address="http://localhost:65170/DataApi.svc" binding="wsHttpBinding" - bindingConfiguration="WSHttpBinding_IDataApi" contract="SampleResourceServer.IDataApi" - name="WSHttpBinding_IDataApi"> - <identity> - <dns value="localhost" /> - </identity> - </endpoint> - </client> - </system.serviceModel> -</configuration> + <system.serviceModel> + <bindings> + <wsHttpBinding> + <binding name="WSHttpBinding_IDataApi" closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00" bypassProxyOnLocal="false" transactionFlow="false" hostNameComparisonMode="StrongWildcard" maxBufferPoolSize="524288" maxReceivedMessageSize="65536" messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true" allowCookies="false"> + <readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384" maxBytesPerRead="4096" maxNameTableCharCount="16384" /> + <reliableSession ordered="true" inactivityTimeout="00:10:00" enabled="false" /> + <security mode="Message"> + <transport clientCredentialType="Windows" proxyCredentialType="None" realm="" /> + <message clientCredentialType="Windows" negotiateServiceCredential="true" algorithmSuite="Default" /> + </security> + </binding> + </wsHttpBinding> + </bindings> + <client> + <endpoint address="http://localhost:65170/DataApi.svc" binding="wsHttpBinding" bindingConfiguration="WSHttpBinding_IDataApi" contract="SampleResourceServer.IDataApi" name="WSHttpBinding_IDataApi"> + <identity> + <dns value="localhost" /> + </identity> + </endpoint> + </client> + </system.serviceModel> + <system.webServer> + <modules runAllManagedModulesForAllRequests="true" /> + </system.webServer> +</configuration>
\ No newline at end of file diff --git a/samples/OAuthClient/WindowsLive.aspx.cs b/samples/OAuthClient/WindowsLive.aspx.cs index b550e17..05101a7 100644 --- a/samples/OAuthClient/WindowsLive.aspx.cs +++ b/samples/OAuthClient/WindowsLive.aspx.cs @@ -14,7 +14,7 @@ public partial class WindowsLive : System.Web.UI.Page { private static readonly WindowsLiveClient client = new WindowsLiveClient { ClientIdentifier = ConfigurationManager.AppSettings["windowsLiveAppID"], - ClientSecret = ConfigurationManager.AppSettings["WindowsLiveAppSecret"], + ClientCredentialApplicator = ClientCredentialApplicator.PostParameter(ConfigurationManager.AppSettings["WindowsLiveAppSecret"]), }; protected void Page_Load(object sender, EventArgs e) { diff --git a/samples/OAuthConsumer/OAuthConsumer.csproj b/samples/OAuthConsumer/OAuthConsumer.csproj index 3847043..585a731 100644 --- a/samples/OAuthConsumer/OAuthConsumer.csproj +++ b/samples/OAuthConsumer/OAuthConsumer.csproj @@ -1,6 +1,16 @@ <?xml version="1.0" encoding="utf-8"?> <Project ToolsVersion="4.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003"> <Import Project="$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.props))\EnlistmentInfo.props" Condition=" '$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.props))' != '' " /> + <Import Project="$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props" Condition="Exists('$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props')" /> + <PropertyGroup> + <VisualStudioVersion Condition="'$(VisualStudioVersion)' == ''">10.0</VisualStudioVersion> + <VSToolsPath Condition="'$(VSToolsPath)' == ''">$(MSBuildExtensionsPath32)\Microsoft\VisualStudio\v$(VisualStudioVersion)</VSToolsPath> + <OldToolsVersion>4.0</OldToolsVersion> + <IISExpressSSLPort /> + <IISExpressAnonymousAuthentication /> + <IISExpressWindowsAuthentication /> + <IISExpressUseClassicPipelineMode /> + </PropertyGroup> <PropertyGroup> <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration> <Platform Condition=" '$(Platform)' == '' ">AnyCPU</Platform> @@ -13,7 +23,7 @@ <AppDesignerFolder>Properties</AppDesignerFolder> <RootNamespace>OAuthConsumer</RootNamespace> <AssemblyName>OAuthConsumer</AssemblyName> - <TargetFrameworkVersion>v3.5</TargetFrameworkVersion> + <TargetFrameworkVersion>v4.0</TargetFrameworkVersion> <TargetFrameworkProfile /> <UseIISExpress>false</UseIISExpress> </PropertyGroup> @@ -46,9 +56,10 @@ <Reference Include="System.Data.DataSetExtensions" /> <Reference Include="System.Runtime.Serialization" /> <Reference Include="System.ServiceModel" /> - <Reference Include="System.Web.Extensions" /> <Reference Include="System.Drawing" /> <Reference Include="System.Web" /> + <Reference Include="System.Web.ApplicationServices" /> + <Reference Include="System.Web.Extensions" /> <Reference Include="System.Xml" /> <Reference Include="System.Configuration" /> <Reference Include="System.Web.Services" /> @@ -76,7 +87,9 @@ <Content Include="SignInWithTwitter.aspx" /> <Content Include="TracePage.aspx" /> <Content Include="Twitter.aspx" /> - <Content Include="Web.config" /> + <Content Include="Web.config"> + <SubType>Designer</SubType> + </Content> <None Include="Service References\SampleServiceProvider\DataApi1.xsd"> <SubType>Designer</SubType> </None> @@ -96,14 +109,12 @@ </Compile> <Compile Include="GoogleApps2Legged.aspx.cs"> <DependentUpon>GoogleApps2Legged.aspx</DependentUpon> - <SubType>ASPXCodeBehind</SubType> </Compile> <Compile Include="GoogleApps2Legged.aspx.designer.cs"> <DependentUpon>GoogleApps2Legged.aspx</DependentUpon> </Compile> <Compile Include="SampleWcf.aspx.cs"> <DependentUpon>SampleWcf.aspx</DependentUpon> - <SubType>ASPXCodeBehind</SubType> </Compile> <Compile Include="SampleWcf.aspx.designer.cs"> <DependentUpon>SampleWcf.aspx</DependentUpon> @@ -115,27 +126,23 @@ </Compile> <Compile Include="SignInWithTwitter.aspx.cs"> <DependentUpon>SignInWithTwitter.aspx</DependentUpon> - <SubType>ASPXCodeBehind</SubType> </Compile> <Compile Include="SignInWithTwitter.aspx.designer.cs"> <DependentUpon>SignInWithTwitter.aspx</DependentUpon> </Compile> <Compile Include="TracePage.aspx.cs"> <DependentUpon>TracePage.aspx</DependentUpon> - <SubType>ASPXCodeBehind</SubType> </Compile> <Compile Include="TracePage.aspx.designer.cs"> <DependentUpon>TracePage.aspx</DependentUpon> </Compile> <Compile Include="Twitter.aspx.cs"> <DependentUpon>Twitter.aspx</DependentUpon> - <SubType>ASPXCodeBehind</SubType> </Compile> <Compile Include="Code\Logging.cs" /> <Compile Include="Code\TracePageAppender.cs" /> <Compile Include="GoogleAddressBook.aspx.cs"> <DependentUpon>GoogleAddressBook.aspx</DependentUpon> - <SubType>ASPXCodeBehind</SubType> </Compile> <Compile Include="Properties\AssemblyInfo.cs" /> <Compile Include="Twitter.aspx.designer.cs"> @@ -143,7 +150,6 @@ </Compile> <Compile Include="Yammer.aspx.cs"> <DependentUpon>Yammer.aspx</DependentUpon> - <SubType>ASPXCodeBehind</SubType> </Compile> <Compile Include="Yammer.aspx.designer.cs"> <DependentUpon>Yammer.aspx</DependentUpon> @@ -193,7 +199,8 @@ <WCFMetadataStorage Include="Service References\SampleServiceProvider\" /> </ItemGroup> <Import Project="$(MSBuildBinPath)\Microsoft.CSharp.targets" /> - <Import Project="$(MSBuildExtensionsPath32)\Microsoft\VisualStudio\v10.0\WebApplications\Microsoft.WebApplication.targets" /> + <Import Project="$(VSToolsPath)\WebApplications\Microsoft.WebApplication.targets" Condition="'$(VSToolsPath)' != ''" /> + <Import Project="$(MSBuildExtensionsPath32)\Microsoft\VisualStudio\v10.0\WebApplications\Microsoft.WebApplication.targets" Condition="false" /> <ProjectExtensions> <VisualStudio> <FlavorProperties GUID="{349c5851-65df-11da-9384-00065b846f21}"> diff --git a/samples/OAuthConsumer/Service References/SampleServiceProvider/Reference.cs b/samples/OAuthConsumer/Service References/SampleServiceProvider/Reference.cs index a1d1eae..b7fe387 100644 --- a/samples/OAuthConsumer/Service References/SampleServiceProvider/Reference.cs +++ b/samples/OAuthConsumer/Service References/SampleServiceProvider/Reference.cs @@ -1,7 +1,7 @@ //------------------------------------------------------------------------------ // <auto-generated> // This code was generated by a tool. -// Runtime Version:4.0.30319.1 +// Runtime Version:4.0.30319.17614 // // Changes to this file may cause incorrect behavior and will be lost if // the code is regenerated. diff --git a/samples/OAuthConsumer/Web.config b/samples/OAuthConsumer/Web.config index cdff87a..3330335 100644 --- a/samples/OAuthConsumer/Web.config +++ b/samples/OAuthConsumer/Web.config @@ -1,24 +1,12 @@ <?xml version="1.0"?> <configuration> <configSections> - <section name="uri" type="System.Configuration.UriSection, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"/> <section name="log4net" type="log4net.Config.Log4NetConfigurationSectionHandler" requirePermission="false" /> <sectionGroup name="dotNetOpenAuth" type="DotNetOpenAuth.Configuration.DotNetOpenAuthSection, DotNetOpenAuth.Core"> <section name="oauth" type="DotNetOpenAuth.Configuration.OAuthElement, DotNetOpenAuth.OAuth" requirePermission="false" allowLocation="true" /> <section name="messaging" type="DotNetOpenAuth.Configuration.MessagingElement, DotNetOpenAuth.Core" requirePermission="false" allowLocation="true" /> <section name="reporting" type="DotNetOpenAuth.Configuration.ReportingElement, DotNetOpenAuth.Core" requirePermission="false" allowLocation="true" /> </sectionGroup> - <sectionGroup name="system.web.extensions" type="System.Web.Configuration.SystemWebExtensionsSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"> - <sectionGroup name="scripting" type="System.Web.Configuration.ScriptingSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"> - <section name="scriptResourceHandler" type="System.Web.Configuration.ScriptingScriptResourceHandlerSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication"/> - <sectionGroup name="webServices" type="System.Web.Configuration.ScriptingWebServicesSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"> - <section name="jsonSerialization" type="System.Web.Configuration.ScriptingJsonSerializationSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="Everywhere"/> - <section name="profileService" type="System.Web.Configuration.ScriptingProfileServiceSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication"/> - <section name="authenticationService" type="System.Web.Configuration.ScriptingAuthenticationServiceSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication"/> - <section name="roleService" type="System.Web.Configuration.ScriptingRoleServiceSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication"/> - </sectionGroup> - </sectionGroup> - </sectionGroup> </configSections> <!-- The uri section is necessary to turn on .NET 3.5 support for IDN (international domain names), @@ -67,12 +55,8 @@ affects performance, set this value to true only during development. --> - <compilation debug="true"> + <compilation debug="true" targetFramework="4.0"> <assemblies> - <add assembly="System.Core, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/> - <add assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add assembly="System.Data.DataSetExtensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/> - <add assembly="System.Xml.Linq, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/> <remove assembly="DotNetOpenAuth.Contracts"/> </assemblies> </compilation> @@ -94,67 +78,12 @@ <error statusCode="404" redirect="FileNotFound.htm" /> </customErrors> --> - <pages> - <controls> - <add tagPrefix="asp" namespace="System.Web.UI" assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add tagPrefix="asp" namespace="System.Web.UI.WebControls" assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - </controls> - </pages> - <httpHandlers> - <remove verb="*" path="*.asmx"/> - <add verb="*" path="*.asmx" validate="false" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add verb="*" path="*_AppService.axd" validate="false" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add verb="GET,HEAD" path="ScriptResource.axd" type="System.Web.Handlers.ScriptResourceHandler, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" validate="false"/> - </httpHandlers> - <httpModules> - <add name="ScriptModule" type="System.Web.Handlers.ScriptModule, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - </httpModules> + <pages controlRenderingCompatibilityVersion="3.5" clientIDMode="AutoID" /> </system.web> - <system.codedom> - <compilers> - <compiler language="c#;cs;csharp" extension=".cs" warningLevel="4" type="Microsoft.CSharp.CSharpCodeProvider, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"> - <providerOption name="CompilerVersion" value="v3.5"/> - <providerOption name="WarnAsError" value="false"/> - </compiler> - <compiler language="vb;vbs;visualbasic;vbscript" extension=".vb" warningLevel="4" type="Microsoft.VisualBasic.VBCodeProvider, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"> - <providerOption name="CompilerVersion" value="v3.5"/> - <providerOption name="OptionInfer" value="true"/> - <providerOption name="WarnAsError" value="false"/> - </compiler> - </compilers> - </system.codedom> <!-- The system.webServer section is required for running ASP.NET AJAX under Internet Information Services 7.0. It is not necessary for previous version of IIS. --> - <system.webServer> - <validation validateIntegratedModeConfiguration="false"/> - <modules> - <remove name="ScriptModule"/> - <add name="ScriptModule" preCondition="managedHandler" type="System.Web.Handlers.ScriptModule, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - </modules> - <handlers> - <remove name="WebServiceHandlerFactory-Integrated"/> - <remove name="ScriptHandlerFactory"/> - <remove name="ScriptHandlerFactoryAppServices"/> - <remove name="ScriptResource"/> - <add name="ScriptHandlerFactory" verb="*" path="*.asmx" preCondition="integratedMode" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add name="ScriptHandlerFactoryAppServices" verb="*" path="*_AppService.axd" preCondition="integratedMode" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add name="ScriptResource" preCondition="integratedMode" verb="GET,HEAD" path="ScriptResource.axd" type="System.Web.Handlers.ScriptResourceHandler, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - </handlers> - </system.webServer> - <runtime> - <assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1"> - <dependentAssembly> - <assemblyIdentity name="System.Web.Extensions" publicKeyToken="31bf3856ad364e35"/> - <bindingRedirect oldVersion="1.0.0.0-1.1.0.0" newVersion="3.5.0.0"/> - </dependentAssembly> - <dependentAssembly> - <assemblyIdentity name="System.Web.Extensions.Design" publicKeyToken="31bf3856ad364e35"/> - <bindingRedirect oldVersion="1.0.0.0-1.1.0.0" newVersion="3.5.0.0"/> - </dependentAssembly> - </assemblyBinding> - </runtime> <log4net> <appender name="TracePageAppender" type="OAuthConsumer.TracePageAppender, OAuthConsumer"> <layout type="log4net.Layout.PatternLayout"> @@ -172,35 +101,28 @@ <level value="ALL" /> </logger> </log4net> - <system.serviceModel> - <bindings> - <wsHttpBinding> - <binding name="WSHttpBinding_IDataApi" closeTimeout="00:01:00" - openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00" - bypassProxyOnLocal="false" transactionFlow="false" hostNameComparisonMode="StrongWildcard" - maxBufferPoolSize="524288" maxReceivedMessageSize="65536" messageEncoding="Text" - textEncoding="utf-8" useDefaultWebProxy="true" allowCookies="false"> - <readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384" - maxBytesPerRead="4096" maxNameTableCharCount="16384" /> - <reliableSession ordered="true" inactivityTimeout="00:10:00" - enabled="false" /> - <security mode="Message"> - <transport clientCredentialType="Windows" proxyCredentialType="None" - realm=""/> - <message clientCredentialType="Windows" negotiateServiceCredential="true" - algorithmSuite="Default" establishSecurityContext="true" /> - </security> - </binding> - </wsHttpBinding> - </bindings> - <client> - <endpoint address="http://localhost:65169/DataApi.svc" - binding="wsHttpBinding" bindingConfiguration="WSHttpBinding_IDataApi" - contract="SampleServiceProvider.IDataApi" name="WSHttpBinding_IDataApi"> - <identity> - <dns value="localhost" /> - </identity> - </endpoint> - </client> - </system.serviceModel> -</configuration> + <system.serviceModel> + <bindings> + <wsHttpBinding> + <binding name="WSHttpBinding_IDataApi" closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00" bypassProxyOnLocal="false" transactionFlow="false" hostNameComparisonMode="StrongWildcard" maxBufferPoolSize="524288" maxReceivedMessageSize="65536" messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true" allowCookies="false"> + <readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384" maxBytesPerRead="4096" maxNameTableCharCount="16384" /> + <reliableSession ordered="true" inactivityTimeout="00:10:00" enabled="false" /> + <security mode="Message"> + <transport clientCredentialType="Windows" proxyCredentialType="None" realm="" /> + <message clientCredentialType="Windows" negotiateServiceCredential="true" algorithmSuite="Default" establishSecurityContext="true" /> + </security> + </binding> + </wsHttpBinding> + </bindings> + <client> + <endpoint address="http://localhost:65169/DataApi.svc" binding="wsHttpBinding" bindingConfiguration="WSHttpBinding_IDataApi" contract="SampleServiceProvider.IDataApi" name="WSHttpBinding_IDataApi"> + <identity> + <dns value="localhost" /> + </identity> + </endpoint> + </client> + </system.serviceModel> + <system.webServer> + <modules runAllManagedModulesForAllRequests="true" /> + </system.webServer> +</configuration>
\ No newline at end of file diff --git a/samples/OAuthConsumerWpf/App.config b/samples/OAuthConsumerWpf/App.config index 64d2032..9348e82 100644 --- a/samples/OAuthConsumerWpf/App.config +++ b/samples/OAuthConsumerWpf/App.config @@ -106,4 +106,7 @@ </endpoint> </client> </system.serviceModel> -</configuration>
\ No newline at end of file + <startup> + <supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.0"/> + </startup> +</configuration> diff --git a/samples/OAuthConsumerWpf/OAuthConsumerWpf.csproj b/samples/OAuthConsumerWpf/OAuthConsumerWpf.csproj index f1c03db..1879d92 100644 --- a/samples/OAuthConsumerWpf/OAuthConsumerWpf.csproj +++ b/samples/OAuthConsumerWpf/OAuthConsumerWpf.csproj @@ -11,7 +11,7 @@ <AppDesignerFolder>Properties</AppDesignerFolder> <RootNamespace>DotNetOpenAuth.Samples.OAuthConsumerWpf</RootNamespace> <AssemblyName>OAuthConsumerWpf</AssemblyName> - <TargetFrameworkVersion>v3.5</TargetFrameworkVersion> + <TargetFrameworkVersion>v4.0</TargetFrameworkVersion> <FileAlignment>512</FileAlignment> <ProjectTypeGuids>{60dc8134-eba5-43b8-bcc9-bb4bc16c2548};{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}</ProjectTypeGuids> <WarningLevel>4</WarningLevel> @@ -71,10 +71,6 @@ <SpecificVersion>False</SpecificVersion> <HintPath>..\..\lib\log4net.dll</HintPath> </Reference> - <Reference Include="Microsoft.Contracts, Version=1.0.0.0, Culture=neutral, PublicKeyToken=736440c9b414ea16, processorArchitecture=MSIL" Condition=" '$(TargetFrameworkVersion)' == 'v3.5' "> - <SpecificVersion>False</SpecificVersion> - <HintPath>..\..\lib\Microsoft.Contracts.dll</HintPath> - </Reference> <Reference Include="System" /> <Reference Include="System.configuration" /> <Reference Include="System.Core"> @@ -175,7 +171,9 @@ <Generator>ResXFileCodeGenerator</Generator> <LastGenOutput>Resources.Designer.cs</LastGenOutput> </EmbeddedResource> - <None Include="App.config" /> + <None Include="App.config"> + <SubType>Designer</SubType> + </None> <None Include="Properties\Settings.settings"> <Generator>SettingsSingleFileGenerator</Generator> <LastGenOutput>Settings.Designer.cs</LastGenOutput> diff --git a/samples/OAuthResourceServer/Code/OAuthAuthorizationManager.cs b/samples/OAuthResourceServer/Code/OAuthAuthorizationManager.cs index 8d0c13d..31371db 100644 --- a/samples/OAuthResourceServer/Code/OAuthAuthorizationManager.cs +++ b/samples/OAuthResourceServer/Code/OAuthAuthorizationManager.cs @@ -7,10 +7,9 @@ using System.ServiceModel; using System.ServiceModel.Channels; using System.ServiceModel.Security; - + using System.ServiceModel.Web; using DotNetOpenAuth.Messaging; using DotNetOpenAuth.OAuth2; - using ProtocolException = System.ServiceModel.ProtocolException; /// <summary> @@ -29,7 +28,7 @@ var requestUri = operationContext.RequestContext.RequestMessage.Properties.Via; try { - var principal = VerifyOAuth2(httpDetails, requestUri); + var principal = VerifyOAuth2(httpDetails, requestUri, operationContext.IncomingMessageHeaders.Action ?? operationContext.IncomingMessageHeaders.To.AbsolutePath); if (principal != null) { var policy = new OAuthPrincipalAuthorizationPolicy(principal); var policies = new List<IAuthorizationPolicy> { @@ -49,11 +48,16 @@ principal.Identity, }; - // Only allow this method call if the access token scope permits it. - return principal.IsInRole(operationContext.IncomingMessageHeaders.Action ?? operationContext.IncomingMessageHeaders.To.AbsolutePath); + return true; } else { return false; } + } catch (ProtocolFaultResponseException ex) { + Global.Logger.Error("Error processing OAuth messages.", ex); + + // Return the appropriate unauthorized response to the client. + var outgoingResponse = ex.CreateErrorResponse(); + outgoingResponse.Respond(WebOperationContext.Current.OutgoingResponse); } catch (ProtocolException ex) { Global.Logger.Error("Error processing OAuth messages.", ex); } @@ -61,18 +65,13 @@ return false; } - private static IPrincipal VerifyOAuth2(HttpRequestMessageProperty httpDetails, Uri requestUri) { + private static IPrincipal VerifyOAuth2(HttpRequestMessageProperty httpDetails, Uri requestUri, params string[] requiredScopes) { // for this sample where the auth server and resource server are the same site, // we use the same public/private key. using (var signing = Global.CreateAuthorizationServerSigningServiceProvider()) { using (var encrypting = Global.CreateResourceServerEncryptionServiceProvider()) { var resourceServer = new ResourceServer(new StandardAccessTokenAnalyzer(signing, encrypting)); - - IPrincipal result; - var error = resourceServer.VerifyAccess(HttpRequestInfo.Create(httpDetails, requestUri), out result); - - // TODO: return the prepared error code. - return error != null ? null : result; + return resourceServer.GetPrincipal(httpDetails, requestUri, requiredScopes); } } } diff --git a/samples/OAuthResourceServer/OAuthResourceServer.csproj b/samples/OAuthResourceServer/OAuthResourceServer.csproj index d45d684..c4a8cc7 100644 --- a/samples/OAuthResourceServer/OAuthResourceServer.csproj +++ b/samples/OAuthResourceServer/OAuthResourceServer.csproj @@ -1,6 +1,17 @@ <?xml version="1.0" encoding="utf-8"?> <Project ToolsVersion="4.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003"> <Import Project="$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.props))\EnlistmentInfo.props" Condition=" '$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.props))' != '' " /> + <Import Project="$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props" Condition="Exists('$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props')" /> + <PropertyGroup> + <VisualStudioVersion Condition="'$(VisualStudioVersion)' == ''">10.0</VisualStudioVersion> + <VSToolsPath Condition="'$(VSToolsPath)' == ''">$(MSBuildExtensionsPath32)\Microsoft\VisualStudio\v$(VisualStudioVersion)</VSToolsPath> + <OldToolsVersion>4.0</OldToolsVersion> + <IISExpressSSLPort /> + <IISExpressAnonymousAuthentication /> + <IISExpressWindowsAuthentication /> + <IISExpressUseClassicPipelineMode /> + <TargetFrameworkProfile /> + </PropertyGroup> <PropertyGroup> <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration> <Platform Condition=" '$(Platform)' == '' ">AnyCPU</Platform> @@ -13,8 +24,8 @@ <AppDesignerFolder>Properties</AppDesignerFolder> <RootNamespace>OAuthResourceServer</RootNamespace> <AssemblyName>OAuthResourceServer</AssemblyName> - <TargetFrameworkVersion>v3.5</TargetFrameworkVersion> - <UseIISExpress>false</UseIISExpress> + <TargetFrameworkVersion>v4.0</TargetFrameworkVersion> + <UseIISExpress>true</UseIISExpress> </PropertyGroup> <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' "> <DebugSymbols>true</DebugSymbols> @@ -39,15 +50,16 @@ </Reference> <Reference Include="System" /> <Reference Include="System.Data" /> - <Reference Include="System.Core" /> <Reference Include="System.Data.DataSetExtensions" /> <Reference Include="System.Data.Linq" /> <Reference Include="System.IdentityModel" /> <Reference Include="System.ServiceModel" /> <Reference Include="System.ServiceModel.Web" /> <Reference Include="System.Web.Abstractions" /> + <Reference Include="System.Web.ApplicationServices" /> + <Reference Include="System.Web.DynamicData" /> + <Reference Include="System.Web.Entity" /> <Reference Include="System.Web.Extensions" /> - <Reference Include="System.Xml.Linq" /> <Reference Include="System.Drawing" /> <Reference Include="System.Web" /> <Reference Include="System.Xml" /> @@ -55,6 +67,7 @@ <Reference Include="System.Web.Services" /> <Reference Include="System.EnterpriseServices" /> <Reference Include="System.Web.Mobile" /> + <Reference Include="System.Xml.Linq" /> </ItemGroup> <ItemGroup> <Content Include="DataApi.svc" /> @@ -118,17 +131,17 @@ </ProjectReference> </ItemGroup> <Import Project="$(MSBuildBinPath)\Microsoft.CSharp.targets" /> - <Import Project="$(MSBuildExtensionsPath32)\Microsoft\VisualStudio\v10.0\WebApplications\Microsoft.WebApplication.targets" /> + <Import Project="$(VSToolsPath)\WebApplications\Microsoft.WebApplication.targets" Condition="'$(VSToolsPath)' != ''" /> + <Import Project="$(MSBuildExtensionsPath32)\Microsoft\VisualStudio\v10.0\WebApplications\Microsoft.WebApplication.targets" Condition="false" /> <ProjectExtensions> <VisualStudio> <FlavorProperties GUID="{349c5851-65df-11da-9384-00065b846f21}"> <WebProjectProperties> - <UseIIS>False</UseIIS> + <UseIIS>True</UseIIS> <AutoAssignPort>False</AutoAssignPort> <DevelopmentServerPort>65170</DevelopmentServerPort> <DevelopmentServerVPath>/</DevelopmentServerVPath> - <IISUrl> - </IISUrl> + <IISUrl>http://localhost:65170/</IISUrl> <NTLMAuthentication>False</NTLMAuthentication> <UseCustomServer>False</UseCustomServer> <CustomServerUrl> diff --git a/samples/OAuthResourceServer/Web.config b/samples/OAuthResourceServer/Web.config index 827fb07..978c20b 100644 --- a/samples/OAuthResourceServer/Web.config +++ b/samples/OAuthResourceServer/Web.config @@ -1,7 +1,6 @@ <?xml version="1.0"?> <configuration> <configSections> - <section name="uri" type="System.Configuration.UriSection, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"/> <section name="log4net" type="log4net.Config.Log4NetConfigurationSectionHandler" requirePermission="false"/> <sectionGroup name="dotNetOpenAuth" type="DotNetOpenAuth.Configuration.DotNetOpenAuthSection, DotNetOpenAuth.Core"> <section name="openid" type="DotNetOpenAuth.Configuration.OpenIdElement, DotNetOpenAuth.OpenId" requirePermission="false" allowLocation="true" /> @@ -9,17 +8,6 @@ <section name="messaging" type="DotNetOpenAuth.Configuration.MessagingElement, DotNetOpenAuth.Core" requirePermission="false" allowLocation="true" /> <section name="reporting" type="DotNetOpenAuth.Configuration.ReportingElement, DotNetOpenAuth.Core" requirePermission="false" allowLocation="true" /> </sectionGroup> - <sectionGroup name="system.web.extensions" type="System.Web.Configuration.SystemWebExtensionsSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"> - <sectionGroup name="scripting" type="System.Web.Configuration.ScriptingSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"> - <section name="scriptResourceHandler" type="System.Web.Configuration.ScriptingScriptResourceHandlerSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication"/> - <sectionGroup name="webServices" type="System.Web.Configuration.ScriptingWebServicesSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"> - <section name="jsonSerialization" type="System.Web.Configuration.ScriptingJsonSerializationSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="Everywhere"/> - <section name="profileService" type="System.Web.Configuration.ScriptingProfileServiceSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication"/> - <section name="authenticationService" type="System.Web.Configuration.ScriptingAuthenticationServiceSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication"/> - <section name="roleService" type="System.Web.Configuration.ScriptingRoleServiceSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication"/> - </sectionGroup> - </sectionGroup> - </sectionGroup> </configSections> <!-- The uri section is necessary to turn on .NET 3.5 support for IDN (international domain names), @@ -62,80 +50,21 @@ affects performance, set this value to true only during development. --> - <compilation debug="true"> + <compilation debug="true" targetFramework="4.0"> <assemblies> - <add assembly="System.Core, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/> - <add assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add assembly="System.Data.DataSetExtensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/> - <add assembly="System.Xml.Linq, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/> - <add assembly="System.Data.Linq, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/> <remove assembly="DotNetOpenAuth.Contracts"/> + <add assembly="System.Data.Linq, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089" /> </assemblies> </compilation> <authentication mode="Forms"> <forms name="oauthSP" /> </authentication> - <pages> - <controls> - <add tagPrefix="asp" namespace="System.Web.UI" assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add tagPrefix="asp" namespace="System.Web.UI.WebControls" assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - </controls> - </pages> - <httpHandlers> - <remove verb="*" path="*.asmx"/> - <add verb="*" path="*.asmx" validate="false" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add verb="*" path="*_AppService.axd" validate="false" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add verb="GET,HEAD" path="ScriptResource.axd" type="System.Web.Handlers.ScriptResourceHandler, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" validate="false"/> - </httpHandlers> - <httpModules> - <add name="ScriptModule" type="System.Web.Handlers.ScriptModule, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - </httpModules> + <pages controlRenderingCompatibilityVersion="3.5" clientIDMode="AutoID" /> </system.web> - <system.codedom> - <compilers> - <compiler language="c#;cs;csharp" extension=".cs" warningLevel="4" type="Microsoft.CSharp.CSharpCodeProvider, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"> - <providerOption name="CompilerVersion" value="v3.5"/> - <providerOption name="WarnAsError" value="false"/> - </compiler> - <compiler language="vb;vbs;visualbasic;vbscript" extension=".vb" warningLevel="4" type="Microsoft.VisualBasic.VBCodeProvider, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"> - <providerOption name="CompilerVersion" value="v3.5"/> - <providerOption name="OptionInfer" value="true"/> - <providerOption name="WarnAsError" value="false"/> - </compiler> - </compilers> - </system.codedom> <!-- The system.webServer section is required for running ASP.NET AJAX under Internet Information Services 7.0. It is not necessary for previous version of IIS. --> - <system.webServer> - <validation validateIntegratedModeConfiguration="false"/> - <modules> - <remove name="ScriptModule"/> - <add name="ScriptModule" preCondition="managedHandler" type="System.Web.Handlers.ScriptModule, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - </modules> - <handlers> - <remove name="WebServiceHandlerFactory-Integrated"/> - <remove name="ScriptHandlerFactory"/> - <remove name="ScriptHandlerFactoryAppServices"/> - <remove name="ScriptResource"/> - <add name="ScriptHandlerFactory" verb="*" path="*.asmx" preCondition="integratedMode" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add name="ScriptHandlerFactoryAppServices" verb="*" path="*_AppService.axd" preCondition="integratedMode" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add name="ScriptResource" preCondition="integratedMode" verb="GET,HEAD" path="ScriptResource.axd" type="System.Web.Handlers.ScriptResourceHandler, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - </handlers> - </system.webServer> - <runtime> - <assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1"> - <dependentAssembly> - <assemblyIdentity name="System.Web.Extensions" publicKeyToken="31bf3856ad364e35"/> - <bindingRedirect oldVersion="1.0.0.0-1.1.0.0" newVersion="3.5.0.0"/> - </dependentAssembly> - <dependentAssembly> - <assemblyIdentity name="System.Web.Extensions.Design" publicKeyToken="31bf3856ad364e35"/> - <bindingRedirect oldVersion="1.0.0.0-1.1.0.0" newVersion="3.5.0.0"/> - </dependentAssembly> - </assemblyBinding> - </runtime> <log4net> <appender name="TracePageAppender" type="OAuthResourceServer.Code.TracePageAppender, OAuthResourceServer"> <layout type="log4net.Layout.PatternLayout"> @@ -181,4 +110,7 @@ </service> </services> </system.serviceModel> -</configuration> + <system.webServer> + <modules runAllManagedModulesForAllRequests="true" /> + </system.webServer> +</configuration>
\ No newline at end of file diff --git a/samples/OAuthServiceProvider/Code/DataClasses.designer.cs b/samples/OAuthServiceProvider/Code/DataClasses.designer.cs index b7d291c..a2113f5 100644 --- a/samples/OAuthServiceProvider/Code/DataClasses.designer.cs +++ b/samples/OAuthServiceProvider/Code/DataClasses.designer.cs @@ -2,7 +2,7 @@ //------------------------------------------------------------------------------ // <auto-generated> // This code was generated by a tool. -// Runtime Version:4.0.30319.1 +// Runtime Version:4.0.30319.17614 // // Changes to this file may cause incorrect behavior and will be lost if // the code is regenerated. @@ -122,7 +122,7 @@ namespace OAuthServiceProvider.Code public partial class User : INotifyPropertyChanging, INotifyPropertyChanged { - private static PropertyChangingEventArgs emptyChangingEventArgs = new PropertyChangingEventArgs(string.Empty); + private static PropertyChangingEventArgs emptyChangingEventArgs = new PropertyChangingEventArgs(String.Empty); private int _UserId; @@ -336,7 +336,7 @@ namespace OAuthServiceProvider.Code public partial class FavoriteSite : INotifyPropertyChanging, INotifyPropertyChanged { - private static PropertyChangingEventArgs emptyChangingEventArgs = new PropertyChangingEventArgs(string.Empty); + private static PropertyChangingEventArgs emptyChangingEventArgs = new PropertyChangingEventArgs(String.Empty); private int _FavoriteSiteId; @@ -487,7 +487,7 @@ namespace OAuthServiceProvider.Code public partial class OAuthConsumer : INotifyPropertyChanging, INotifyPropertyChanged { - private static PropertyChangingEventArgs emptyChangingEventArgs = new PropertyChangingEventArgs(string.Empty); + private static PropertyChangingEventArgs emptyChangingEventArgs = new PropertyChangingEventArgs(String.Empty); private int _ConsumerId; @@ -607,7 +607,7 @@ namespace OAuthServiceProvider.Code } } - [global::System.Data.Linq.Mapping.ColumnAttribute(Storage="_VerificationCodeFormat")] + [global::System.Data.Linq.Mapping.ColumnAttribute(Storage="_VerificationCodeFormat", CanBeNull=false)] public DotNetOpenAuth.OAuth.VerificationCodeFormat VerificationCodeFormat { get @@ -697,7 +697,7 @@ namespace OAuthServiceProvider.Code public partial class OAuthToken : INotifyPropertyChanging, INotifyPropertyChanged { - private static PropertyChangingEventArgs emptyChangingEventArgs = new PropertyChangingEventArgs(string.Empty); + private static PropertyChangingEventArgs emptyChangingEventArgs = new PropertyChangingEventArgs(String.Empty); private int _TokenId; @@ -1081,7 +1081,7 @@ namespace OAuthServiceProvider.Code public partial class Nonce : INotifyPropertyChanging, INotifyPropertyChanged { - private static PropertyChangingEventArgs emptyChangingEventArgs = new PropertyChangingEventArgs(string.Empty); + private static PropertyChangingEventArgs emptyChangingEventArgs = new PropertyChangingEventArgs(String.Empty); private string _Context; diff --git a/samples/OAuthServiceProvider/OAuthServiceProvider.csproj b/samples/OAuthServiceProvider/OAuthServiceProvider.csproj index f8c1eb5..fd2a5bb 100644 --- a/samples/OAuthServiceProvider/OAuthServiceProvider.csproj +++ b/samples/OAuthServiceProvider/OAuthServiceProvider.csproj @@ -1,6 +1,17 @@ <?xml version="1.0" encoding="utf-8"?> <Project ToolsVersion="4.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003"> <Import Project="$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.props))\EnlistmentInfo.props" Condition=" '$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.props))' != '' " /> + <Import Project="$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props" Condition="Exists('$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props')" /> + <PropertyGroup> + <VisualStudioVersion Condition="'$(VisualStudioVersion)' == ''">10.0</VisualStudioVersion> + <VSToolsPath Condition="'$(VSToolsPath)' == ''">$(MSBuildExtensionsPath32)\Microsoft\VisualStudio\v$(VisualStudioVersion)</VSToolsPath> + <OldToolsVersion>4.0</OldToolsVersion> + <IISExpressSSLPort /> + <IISExpressAnonymousAuthentication /> + <IISExpressWindowsAuthentication /> + <IISExpressUseClassicPipelineMode /> + <TargetFrameworkProfile /> + </PropertyGroup> <PropertyGroup> <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration> <Platform Condition=" '$(Platform)' == '' ">AnyCPU</Platform> @@ -13,7 +24,7 @@ <AppDesignerFolder>Properties</AppDesignerFolder> <RootNamespace>OAuthServiceProvider</RootNamespace> <AssemblyName>OAuthServiceProvider</AssemblyName> - <TargetFrameworkVersion>v3.5</TargetFrameworkVersion> + <TargetFrameworkVersion>v4.0</TargetFrameworkVersion> <UseIISExpress>false</UseIISExpress> </PropertyGroup> <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' "> @@ -39,13 +50,14 @@ </Reference> <Reference Include="System" /> <Reference Include="System.Data" /> - <Reference Include="System.Core" /> <Reference Include="System.Data.DataSetExtensions" /> <Reference Include="System.Data.Linq" /> <Reference Include="System.IdentityModel" /> <Reference Include="System.ServiceModel" /> + <Reference Include="System.Web.ApplicationServices" /> + <Reference Include="System.Web.DynamicData" /> + <Reference Include="System.Web.Entity" /> <Reference Include="System.Web.Extensions" /> - <Reference Include="System.Xml.Linq" /> <Reference Include="System.Drawing" /> <Reference Include="System.Web" /> <Reference Include="System.Xml" /> @@ -53,6 +65,7 @@ <Reference Include="System.Web.Services" /> <Reference Include="System.EnterpriseServices" /> <Reference Include="System.Web.Mobile" /> + <Reference Include="System.Xml.Linq" /> </ItemGroup> <ItemGroup> <Content Include="DataApi.svc" /> @@ -101,19 +114,15 @@ </Compile> <Compile Include="Default.aspx.cs"> <DependentUpon>Default.aspx</DependentUpon> - <SubType>ASPXCodeBehind</SubType> </Compile> <Compile Include="Members\Authorize.aspx.cs"> <DependentUpon>Authorize.aspx</DependentUpon> - <SubType>ASPXCodeBehind</SubType> </Compile> <Compile Include="Members\AuthorizedConsumers.aspx.cs"> <DependentUpon>AuthorizedConsumers.aspx</DependentUpon> - <SubType>ASPXCodeBehind</SubType> </Compile> <Compile Include="TracePage.aspx.cs"> <DependentUpon>TracePage.aspx</DependentUpon> - <SubType>ASPXCodeBehind</SubType> </Compile> <Compile Include="TracePage.aspx.designer.cs"> <DependentUpon>TracePage.aspx</DependentUpon> @@ -175,7 +184,8 @@ </ProjectReference> </ItemGroup> <Import Project="$(MSBuildBinPath)\Microsoft.CSharp.targets" /> - <Import Project="$(MSBuildExtensionsPath32)\Microsoft\VisualStudio\v10.0\WebApplications\Microsoft.WebApplication.targets" /> + <Import Project="$(VSToolsPath)\WebApplications\Microsoft.WebApplication.targets" Condition="'$(VSToolsPath)' != ''" /> + <Import Project="$(MSBuildExtensionsPath32)\Microsoft\VisualStudio\v10.0\WebApplications\Microsoft.WebApplication.targets" Condition="false" /> <ProjectExtensions> <VisualStudio> <FlavorProperties GUID="{349c5851-65df-11da-9384-00065b846f21}"> diff --git a/samples/OAuthServiceProvider/Web.config b/samples/OAuthServiceProvider/Web.config index 60a4d86..21fe388 100644 --- a/samples/OAuthServiceProvider/Web.config +++ b/samples/OAuthServiceProvider/Web.config @@ -1,24 +1,12 @@ <?xml version="1.0"?> <configuration> <configSections> - <section name="uri" type="System.Configuration.UriSection, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"/> <section name="log4net" type="log4net.Config.Log4NetConfigurationSectionHandler" requirePermission="false"/> <sectionGroup name="dotNetOpenAuth" type="DotNetOpenAuth.Configuration.DotNetOpenAuthSection, DotNetOpenAuth.Core"> <section name="oauth" type="DotNetOpenAuth.Configuration.OAuthElement, DotNetOpenAuth.OAuth" requirePermission="false" allowLocation="true" /> <section name="messaging" type="DotNetOpenAuth.Configuration.MessagingElement, DotNetOpenAuth.Core" requirePermission="false" allowLocation="true" /> <section name="reporting" type="DotNetOpenAuth.Configuration.ReportingElement, DotNetOpenAuth.Core" requirePermission="false" allowLocation="true" /> </sectionGroup> - <sectionGroup name="system.web.extensions" type="System.Web.Configuration.SystemWebExtensionsSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"> - <sectionGroup name="scripting" type="System.Web.Configuration.ScriptingSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"> - <section name="scriptResourceHandler" type="System.Web.Configuration.ScriptingScriptResourceHandlerSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication"/> - <sectionGroup name="webServices" type="System.Web.Configuration.ScriptingWebServicesSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"> - <section name="jsonSerialization" type="System.Web.Configuration.ScriptingJsonSerializationSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="Everywhere"/> - <section name="profileService" type="System.Web.Configuration.ScriptingProfileServiceSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication"/> - <section name="authenticationService" type="System.Web.Configuration.ScriptingAuthenticationServiceSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication"/> - <section name="roleService" type="System.Web.Configuration.ScriptingRoleServiceSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication"/> - </sectionGroup> - </sectionGroup> - </sectionGroup> </configSections> <!-- The uri section is necessary to turn on .NET 3.5 support for IDN (international domain names), @@ -65,80 +53,21 @@ affects performance, set this value to true only during development. --> - <compilation debug="true"> + <compilation debug="true" targetFramework="4.0"> <assemblies> - <add assembly="System.Core, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/> - <add assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add assembly="System.Data.DataSetExtensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/> - <add assembly="System.Xml.Linq, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/> - <add assembly="System.Data.Linq, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/> <remove assembly="DotNetOpenAuth.Contracts"/> + <add assembly="System.Data.Linq, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/> </assemblies> </compilation> <authentication mode="Forms"> <forms name="oauthSP" /> </authentication> - <pages> - <controls> - <add tagPrefix="asp" namespace="System.Web.UI" assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add tagPrefix="asp" namespace="System.Web.UI.WebControls" assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - </controls> - </pages> - <httpHandlers> - <remove verb="*" path="*.asmx"/> - <add verb="*" path="*.asmx" validate="false" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add verb="*" path="*_AppService.axd" validate="false" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add verb="GET,HEAD" path="ScriptResource.axd" type="System.Web.Handlers.ScriptResourceHandler, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" validate="false"/> - </httpHandlers> - <httpModules> - <add name="ScriptModule" type="System.Web.Handlers.ScriptModule, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - </httpModules> + <pages controlRenderingCompatibilityVersion="3.5" clientIDMode="AutoID"/> </system.web> - <system.codedom> - <compilers> - <compiler language="c#;cs;csharp" extension=".cs" warningLevel="4" type="Microsoft.CSharp.CSharpCodeProvider, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"> - <providerOption name="CompilerVersion" value="v3.5"/> - <providerOption name="WarnAsError" value="false"/> - </compiler> - <compiler language="vb;vbs;visualbasic;vbscript" extension=".vb" warningLevel="4" type="Microsoft.VisualBasic.VBCodeProvider, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"> - <providerOption name="CompilerVersion" value="v3.5"/> - <providerOption name="OptionInfer" value="true"/> - <providerOption name="WarnAsError" value="false"/> - </compiler> - </compilers> - </system.codedom> <!-- The system.webServer section is required for running ASP.NET AJAX under Internet Information Services 7.0. It is not necessary for previous version of IIS. --> - <system.webServer> - <validation validateIntegratedModeConfiguration="false"/> - <modules> - <remove name="ScriptModule"/> - <add name="ScriptModule" preCondition="managedHandler" type="System.Web.Handlers.ScriptModule, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - </modules> - <handlers> - <remove name="WebServiceHandlerFactory-Integrated"/> - <remove name="ScriptHandlerFactory"/> - <remove name="ScriptHandlerFactoryAppServices"/> - <remove name="ScriptResource"/> - <add name="ScriptHandlerFactory" verb="*" path="*.asmx" preCondition="integratedMode" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add name="ScriptHandlerFactoryAppServices" verb="*" path="*_AppService.axd" preCondition="integratedMode" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add name="ScriptResource" preCondition="integratedMode" verb="GET,HEAD" path="ScriptResource.axd" type="System.Web.Handlers.ScriptResourceHandler, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - </handlers> - </system.webServer> - <runtime> - <assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1"> - <dependentAssembly> - <assemblyIdentity name="System.Web.Extensions" publicKeyToken="31bf3856ad364e35"/> - <bindingRedirect oldVersion="1.0.0.0-1.1.0.0" newVersion="3.5.0.0"/> - </dependentAssembly> - <dependentAssembly> - <assemblyIdentity name="System.Web.Extensions.Design" publicKeyToken="31bf3856ad364e35"/> - <bindingRedirect oldVersion="1.0.0.0-1.1.0.0" newVersion="3.5.0.0"/> - </dependentAssembly> - </assemblyBinding> - </runtime> <log4net> <appender name="TracePageAppender" type="OAuthServiceProvider.Code.TracePageAppender, OAuthServiceProvider"> <layout type="log4net.Layout.PatternLayout"> @@ -177,4 +106,7 @@ </service> </services> </system.serviceModel> -</configuration> + <system.webServer> + <modules runAllManagedModulesForAllRequests="true"/> + </system.webServer> +</configuration>
\ No newline at end of file diff --git a/samples/OpenIdOfflineProvider/OpenIdOfflineProvider.csproj b/samples/OpenIdOfflineProvider/OpenIdOfflineProvider.csproj index f13fd80..c489b0f 100644 --- a/samples/OpenIdOfflineProvider/OpenIdOfflineProvider.csproj +++ b/samples/OpenIdOfflineProvider/OpenIdOfflineProvider.csproj @@ -19,7 +19,7 @@ <ProjectTypeGuids>{60dc8134-eba5-43b8-bcc9-bb4bc16c2548};{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}</ProjectTypeGuids> <WarningLevel>4</WarningLevel> <UICulture>en-US</UICulture> - <TargetFrameworkVersion Condition=" '$(TargetFrameworkVersion)' == '' ">v3.5</TargetFrameworkVersion> + <TargetFrameworkVersion>v4.0</TargetFrameworkVersion> <OutputPath Condition=" '$(OutputPath)' == '' ">bin\$(TargetFrameworkVersion)\$(Configuration)\</OutputPath> <ApplicationIcon>openid.ico</ApplicationIcon> <FileUpgradeFlags> @@ -99,7 +99,6 @@ <RequiredTargetFramework>3.5</RequiredTargetFramework> </Reference> <Reference Include="System.Web" /> - <Reference Include="System.Web.Abstractions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL" Condition=" '$(TargetFrameworkVersion)' == 'v3.5' " /> <Reference Include="System.Xml.Linq"> <RequiredTargetFramework>3.5</RequiredTargetFramework> </Reference> @@ -213,15 +212,9 @@ <!-- These items should never be visible. In the project source tree, they're invisible because of an ItemDefinitionGroup in DotNetOpenAuth.props. But in the shipping samples that file is not included, so we must still set Visible=false explicitly.. --> <ItemGroup> - <SignDependsOn Include="BuildUnified"> - <Visible>false</Visible> - </SignDependsOn> - <DelaySignedAssemblies Include="$(ILMergeProjectOutputAssembly)"> + <DelaySignedAssemblies Include="$(TargetPath)"> <Visible>false</Visible> </DelaySignedAssemblies> - <ILMergeProjectInputAssemblies Include="$(TargetPath);
 $(ProjectRoot)lib\Microsoft.Contracts.dll; "> - <Visible>false</Visible> - </ILMergeProjectInputAssemblies> </ItemGroup> <ItemGroup> <ProjectReference Include="..\..\src\DotNetOpenAuth.Core\DotNetOpenAuth.Core.csproj"> @@ -237,19 +230,6 @@ <Name>DotNetOpenAuth.OpenId</Name> </ProjectReference> </ItemGroup> - <Target Name="BuildUnified" DependsOnTargets="Build" Inputs="@(ILMergeProjectInputAssemblies)" Outputs="$(ILMergeProjectOutputAssembly)"> - <MakeDir Directories="$(ILMergeOutputAssemblyDirectory)" /> - <ILMerge - ExcludeFile="$(ProjectRoot)ILMergeInternalizeExceptions.txt" - InputAssemblies="@(ILMergeProjectInputAssemblies)" - OutputFile="$(ILMergeProjectOutputAssembly)" - SearchDirectories="$(OutputPath);@(ILMergeSearchDirectories)" - ToolPath="$(ProjectRoot)tools\ILMerge" - KeyFile="$(PublicKeyFile)" - DelaySign="true" - TargetPlatformVersion="$(ClrVersion).0" - TargetPlatformDirectory="$(ILMergeTargetPlatformDirectory)" /> - </Target> <Import Project="$(ProjectRoot)tools\DotNetOpenAuth.targets" /> <Import Project="$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.targets))\EnlistmentInfo.targets" Condition=" '$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.targets))' != '' " /> -</Project> +</Project>
\ No newline at end of file diff --git a/samples/OpenIdProviderMvc/Code/FormsAuthenticationService.cs b/samples/OpenIdProviderMvc/Code/FormsAuthenticationService.cs index 22db860..1f5ea54 100644 --- a/samples/OpenIdProviderMvc/Code/FormsAuthenticationService.cs +++ b/samples/OpenIdProviderMvc/Code/FormsAuthenticationService.cs @@ -10,6 +10,18 @@ get { return HttpContext.Current.User.Identity.Name; } } + public DateTime? SignedInTimestampUtc { + get { + var cookie = HttpContext.Current.Request.Cookies[FormsAuthentication.FormsCookieName]; + if (cookie != null) { + var ticket = FormsAuthentication.Decrypt(cookie.Value); + return ticket.IssueDate.ToUniversalTime(); + } else { + return null; + } + } + } + public void SignIn(string userName, bool createPersistentCookie) { FormsAuthentication.SetAuthCookie(userName, createPersistentCookie); } diff --git a/samples/OpenIdProviderMvc/Code/IFormsAuthentication.cs b/samples/OpenIdProviderMvc/Code/IFormsAuthentication.cs index d4c8a01..09856e9 100644 --- a/samples/OpenIdProviderMvc/Code/IFormsAuthentication.cs +++ b/samples/OpenIdProviderMvc/Code/IFormsAuthentication.cs @@ -17,6 +17,8 @@ using System.Web.Security; public interface IFormsAuthentication { string SignedInUsername { get; } + DateTime? SignedInTimestampUtc { get; } + void SignIn(string userName, bool createPersistentCookie); void SignOut(); diff --git a/samples/OpenIdProviderMvc/Controllers/OpenIdController.cs b/samples/OpenIdProviderMvc/Controllers/OpenIdController.cs index 198c434..4782e94 100644 --- a/samples/OpenIdProviderMvc/Controllers/OpenIdController.cs +++ b/samples/OpenIdProviderMvc/Controllers/OpenIdController.cs @@ -17,6 +17,16 @@ namespace OpenIdProviderMvc.Controllers { public class OpenIdController : Controller { internal static OpenIdProvider OpenIdProvider = new OpenIdProvider(); + public OpenIdController() + : this(null) { + } + + public OpenIdController(IFormsAuthentication formsAuthentication) { + this.FormsAuth = formsAuthentication ?? new FormsAuthenticationService(); + } + + public IFormsAuthentication FormsAuth { get; private set; } + [ValidateInput(false)] public ActionResult Provider() { IRequest request = OpenIdProvider.GetRequest(); @@ -29,25 +39,44 @@ namespace OpenIdProviderMvc.Controllers { // This is apparently one that the host (the web site itself) has to respond to. ProviderEndpoint.PendingRequest = (IHostProcessedRequest)request; - // Try responding immediately if possible. - ActionResult response; - if (this.AutoRespondIfPossible(out response)) { - return response; - } - - // We can't respond immediately with a positive result. But if we still have to respond immediately... - if (ProviderEndpoint.PendingRequest.Immediate) { - // We can't stop to prompt the user -- we must just return a negative response. - return this.SendAssertion(); + // If PAPE requires that the user has logged in recently, we may be required to challenge the user to log in. + var papeRequest = ProviderEndpoint.PendingRequest.GetExtension<PolicyRequest>(); + if (papeRequest != null && papeRequest.MaximumAuthenticationAge.HasValue) { + TimeSpan timeSinceLogin = DateTime.UtcNow - this.FormsAuth.SignedInTimestampUtc.Value; + if (timeSinceLogin > papeRequest.MaximumAuthenticationAge.Value) { + // The RP wants the user to have logged in more recently than he has. + // We'll have to redirect the user to a login screen. + return this.RedirectToAction("LogOn", "Account", new { returnUrl = this.Url.Action("ProcessAuthRequest") }); + } } - return this.RedirectToAction("AskUser"); + return this.ProcessAuthRequest(); } else { // No OpenID request was recognized. This may be a user that stumbled on the OP Endpoint. return this.View(); } } + public ActionResult ProcessAuthRequest() { + if (ProviderEndpoint.PendingRequest == null) { + return this.RedirectToAction("Index", "Home"); + } + + // Try responding immediately if possible. + ActionResult response; + if (this.AutoRespondIfPossible(out response)) { + return response; + } + + // We can't respond immediately with a positive result. But if we still have to respond immediately... + if (ProviderEndpoint.PendingRequest.Immediate) { + // We can't stop to prompt the user -- we must just return a negative response. + return this.SendAssertion(); + } + + return this.RedirectToAction("AskUser"); + } + /// <summary> /// Displays a confirmation page. /// </summary> @@ -133,6 +162,17 @@ namespace OpenIdProviderMvc.Controllers { pendingRequest.AddResponseExtension(claimsResponse); } + + // Look for PAPE requests. + var papeRequest = pendingRequest.GetExtension<PolicyRequest>(); + if (papeRequest != null) { + var papeResponse = new PolicyResponse(); + if (papeRequest.MaximumAuthenticationAge.HasValue) { + papeResponse.AuthenticationTimeUtc = this.FormsAuth.SignedInTimestampUtc; + } + + pendingRequest.AddResponseExtension(papeResponse); + } } return OpenIdProvider.PrepareResponse(pendingRequest).AsActionResult(); diff --git a/samples/OpenIdProviderMvc/OpenIdProviderMvc.csproj b/samples/OpenIdProviderMvc/OpenIdProviderMvc.csproj index 4c2aba5..d6e71f0 100644 --- a/samples/OpenIdProviderMvc/OpenIdProviderMvc.csproj +++ b/samples/OpenIdProviderMvc/OpenIdProviderMvc.csproj @@ -1,6 +1,15 @@ <?xml version="1.0" encoding="utf-8"?> <Project ToolsVersion="4.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003"> <Import Project="$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.props))\EnlistmentInfo.props" Condition=" '$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.props))' != '' " /> + <Import Project="$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props" Condition="Exists('$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props')" /> + <PropertyGroup> + <VisualStudioVersion Condition="'$(VisualStudioVersion)' == ''">10.0</VisualStudioVersion> + <VSToolsPath Condition="'$(VSToolsPath)' == ''">$(MSBuildExtensionsPath32)\Microsoft\VisualStudio\v$(VisualStudioVersion)</VSToolsPath> + <IISExpressSSLPort /> + <IISExpressAnonymousAuthentication /> + <IISExpressWindowsAuthentication /> + <IISExpressUseClassicPipelineMode /> + </PropertyGroup> <PropertyGroup> <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration> <Platform Condition=" '$(Platform)' == '' ">AnyCPU</Platform> @@ -11,10 +20,10 @@ <AppDesignerFolder>Properties</AppDesignerFolder> <RootNamespace>OpenIdProviderMvc</RootNamespace> <AssemblyName>OpenIdProviderMvc</AssemblyName> - <TargetFrameworkVersion>v3.5</TargetFrameworkVersion> + <TargetFrameworkVersion>v4.0</TargetFrameworkVersion> <MvcBuildViews>false</MvcBuildViews> <TargetFrameworkProfile /> - <UseIISExpress>false</UseIISExpress> + <UseIISExpress>true</UseIISExpress> </PropertyGroup> <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' "> <DebugSymbols>true</DebugSymbols> @@ -37,7 +46,6 @@ </PropertyGroup> <ItemGroup> <Reference Include="System" /> - <Reference Include="System.Core" /> <Reference Include="System.Data" /> <Reference Include="System.Data.DataSetExtensions" /> <Reference Include="System.Drawing" /> @@ -46,11 +54,9 @@ <Reference Include="System.ComponentModel.DataAnnotations"> <RequiredTargetFramework>3.5</RequiredTargetFramework> </Reference> - <Reference Include="System.Web.Mvc" /> + <Reference Include="System.Web.Extensions" /> + <Reference Include="System.Web.Mvc, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL" /> <Reference Include="System.Web" /> - <Reference Include="System.Web.Extensions"> - <RequiredTargetFramework>3.5</RequiredTargetFramework> - </Reference> <Reference Include="System.Web.ApplicationServices" Condition=" '$(TargetFrameworkVersion)' != 'v3.5' "> <RequiredTargetFramework>v4.0</RequiredTargetFramework> </Reference> @@ -77,7 +83,6 @@ <Compile Include="Controllers\UserController.cs" /> <Compile Include="Default.aspx.cs"> <DependentUpon>Default.aspx</DependentUpon> - <SubType>ASPXCodeBehind</SubType> </Compile> <Compile Include="Global.asax.cs"> <DependentUpon>Global.asax</DependentUpon> @@ -138,7 +143,8 @@ </ProjectReference> </ItemGroup> <Import Project="$(MSBuildBinPath)\Microsoft.CSharp.targets" /> - <Import Project="$(MSBuildExtensionsPath32)\Microsoft\VisualStudio\v10.0\WebApplications\Microsoft.WebApplication.targets" /> + <Import Project="$(VSToolsPath)\WebApplications\Microsoft.WebApplication.targets" Condition="'$(VSToolsPath)' != ''" /> + <Import Project="$(MSBuildExtensionsPath32)\Microsoft\VisualStudio\v10.0\WebApplications\Microsoft.WebApplication.targets" Condition="false" /> <!-- To modify your build process, add your task inside one of the targets below and uncomment it. Other similar extension points exist, see Microsoft.Common.targets. <Target Name="BeforeBuild"> @@ -150,12 +156,11 @@ <VisualStudio> <FlavorProperties GUID="{349c5851-65df-11da-9384-00065b846f21}"> <WebProjectProperties> - <UseIIS>False</UseIIS> + <UseIIS>True</UseIIS> <AutoAssignPort>True</AutoAssignPort> <DevelopmentServerPort>4864</DevelopmentServerPort> <DevelopmentServerVPath>/</DevelopmentServerVPath> - <IISUrl> - </IISUrl> + <IISUrl>http://localhost:4864/</IISUrl> <NTLMAuthentication>False</NTLMAuthentication> <UseCustomServer>False</UseCustomServer> <CustomServerUrl> diff --git a/samples/OpenIdProviderMvc/Views/Web.config b/samples/OpenIdProviderMvc/Views/Web.config index df0103b..8bc9c19 100644 --- a/samples/OpenIdProviderMvc/Views/Web.config +++ b/samples/OpenIdProviderMvc/Views/Web.config @@ -12,9 +12,9 @@ To change this behavior apply the ValidateInputAttribute to a controller or action. --> - <pages validateRequest="false" pageParserFilterType="System.Web.Mvc.ViewTypeParserFilter, System.Web.Mvc, Version=2.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL" pageBaseType="System.Web.Mvc.ViewPage, System.Web.Mvc, Version=2.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL" userControlBaseType="System.Web.Mvc.ViewUserControl, System.Web.Mvc, Version=2.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL"> + <pages validateRequest="false" pageParserFilterType="System.Web.Mvc.ViewTypeParserFilter, System.Web.Mvc, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL" pageBaseType="System.Web.Mvc.ViewPage, System.Web.Mvc, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL" userControlBaseType="System.Web.Mvc.ViewUserControl, System.Web.Mvc, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL"> <controls> - <add assembly="System.Web.Mvc, Version=2.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL" namespace="System.Web.Mvc" tagPrefix="mvc" /> + <add assembly="System.Web.Mvc, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL" namespace="System.Web.Mvc" tagPrefix="mvc" /> </controls> </pages> </system.web> diff --git a/samples/OpenIdProviderMvc/Web.config b/samples/OpenIdProviderMvc/Web.config index 9c3aeac..fd8f45d 100644 --- a/samples/OpenIdProviderMvc/Web.config +++ b/samples/OpenIdProviderMvc/Web.config @@ -1,7 +1,6 @@ <?xml version="1.0"?> <configuration> <configSections> - <section name="uri" type="System.Configuration.UriSection, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"/> <section name="log4net" type="log4net.Config.Log4NetConfigurationSectionHandler" requirePermission="false"/> <sectionGroup name="dotNetOpenAuth" type="DotNetOpenAuth.Configuration.DotNetOpenAuthSection, DotNetOpenAuth.Core"> <section name="openid" type="DotNetOpenAuth.Configuration.OpenIdElement, DotNetOpenAuth.OpenId" requirePermission="false" allowLocation="true" /> @@ -9,17 +8,6 @@ <section name="messaging" type="DotNetOpenAuth.Configuration.MessagingElement, DotNetOpenAuth.Core" requirePermission="false" allowLocation="true" /> <section name="reporting" type="DotNetOpenAuth.Configuration.ReportingElement, DotNetOpenAuth.Core" requirePermission="false" allowLocation="true" /> </sectionGroup> - <sectionGroup name="system.web.extensions" type="System.Web.Configuration.SystemWebExtensionsSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"> - <sectionGroup name="scripting" type="System.Web.Configuration.ScriptingSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"> - <section name="scriptResourceHandler" type="System.Web.Configuration.ScriptingScriptResourceHandlerSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication"/> - <sectionGroup name="webServices" type="System.Web.Configuration.ScriptingWebServicesSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"> - <section name="jsonSerialization" type="System.Web.Configuration.ScriptingJsonSerializationSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="Everywhere"/> - <section name="profileService" type="System.Web.Configuration.ScriptingProfileServiceSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication"/> - <section name="authenticationService" type="System.Web.Configuration.ScriptingAuthenticationServiceSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication"/> - <section name="roleService" type="System.Web.Configuration.ScriptingRoleServiceSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication"/> - </sectionGroup> - </sectionGroup> - </sectionGroup> </configSections> <!-- The uri section is necessary to turn on .NET 3.5 support for IDN (international domain names), @@ -77,17 +65,13 @@ affects performance, set this value to true only during development. --> - <compilation debug="true"> + <compilation debug="true" targetFramework="4.0"> <assemblies> - <add assembly="System.Core, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/> - <add assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add assembly="System.Web.Abstractions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add assembly="System.Web.Routing, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add assembly="System.Web.Mvc, Version=2.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add assembly="System.Data.DataSetExtensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/> - <add assembly="System.Xml.Linq, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/> - <add assembly="System.Data.Linq, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/> + <add assembly="System.Web.Mvc, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> <remove assembly="DotNetOpenAuth.Contracts"/> + <add assembly="System.Web.Abstractions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> + <add assembly="System.Web.Routing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> + <add assembly="System.Data.Linq, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/> </assemblies> </compilation> <!-- @@ -130,11 +114,7 @@ <error statusCode="404" redirect="FileNotFound.htm" /> </customErrors> --> - <pages> - <controls> - <add tagPrefix="asp" namespace="System.Web.UI" assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add tagPrefix="asp" namespace="System.Web.UI.WebControls" assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - </controls> + <pages controlRenderingCompatibilityVersion="3.5" clientIDMode="AutoID"> <namespaces> <add namespace="System.Web.Mvc"/> <add namespace="System.Web.Mvc.Ajax"/> @@ -145,30 +125,9 @@ </namespaces> </pages> <httpHandlers> - <remove verb="*" path="*.asmx"/> - <add verb="*" path="*.asmx" validate="false" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add verb="*" path="*_AppService.axd" validate="false" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add verb="GET,HEAD" path="ScriptResource.axd" type="System.Web.Handlers.ScriptResourceHandler, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" validate="false"/> - <add verb="*" path="*.mvc" validate="false" type="System.Web.Mvc.MvcHttpHandler, System.Web.Mvc, Version=2.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> + <add verb="*" path="*.mvc" validate="false" type="System.Web.Mvc.MvcHttpHandler, System.Web.Mvc, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> </httpHandlers> - <httpModules> - <add name="ScriptModule" type="System.Web.Handlers.ScriptModule, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add name="UrlRoutingModule" type="System.Web.Routing.UrlRoutingModule, System.Web.Routing, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - </httpModules> </system.web> - <system.codedom> - <compilers> - <compiler language="c#;cs;csharp" extension=".cs" warningLevel="4" type="Microsoft.CSharp.CSharpCodeProvider, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"> - <providerOption name="CompilerVersion" value="v3.5"/> - <providerOption name="WarnAsError" value="false"/> - </compiler> - <compiler language="vb;vbs;visualbasic;vbscript" extension=".vb" warningLevel="4" type="Microsoft.VisualBasic.VBCodeProvider, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"> - <providerOption name="CompilerVersion" value="v3.5"/> - <providerOption name="OptionInfer" value="true"/> - <providerOption name="WarnAsError" value="false"/> - </compiler> - </compilers> - </system.codedom> <system.web.extensions/> <!-- The system.webServer section is required for running ASP.NET AJAX under Internet @@ -176,36 +135,21 @@ --> <system.webServer> <validation validateIntegratedModeConfiguration="false"/> - <modules runAllManagedModulesForAllRequests="true"> - <remove name="ScriptModule"/> - <remove name="UrlRoutingModule"/> - <add name="ScriptModule" preCondition="managedHandler" type="System.Web.Handlers.ScriptModule, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add name="UrlRoutingModule" type="System.Web.Routing.UrlRoutingModule, System.Web.Routing, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - </modules> + <modules runAllManagedModulesForAllRequests="true"/> <handlers> - <remove name="WebServiceHandlerFactory-Integrated"/> - <remove name="ScriptHandlerFactory"/> - <remove name="ScriptHandlerFactoryAppServices"/> - <remove name="ScriptResource"/> <remove name="MvcHttpHandler"/> <remove name="UrlRoutingHandler"/> - <add name="ScriptHandlerFactory" verb="*" path="*.asmx" preCondition="integratedMode" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add name="ScriptHandlerFactoryAppServices" verb="*" path="*_AppService.axd" preCondition="integratedMode" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add name="ScriptResource" preCondition="integratedMode" verb="GET,HEAD" path="ScriptResource.axd" type="System.Web.Handlers.ScriptResourceHandler, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add name="MvcHttpHandler" preCondition="integratedMode" verb="*" path="*.mvc" type="System.Web.Mvc.MvcHttpHandler, System.Web.Mvc, Version=2.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add name="UrlRoutingHandler" preCondition="integratedMode" verb="*" path="UrlRouting.axd" type="System.Web.HttpForbiddenHandler, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"/> + <add name="MvcHttpHandler" preCondition="integratedMode" verb="*" path="*.mvc" type="System.Web.Mvc.MvcHttpHandler, System.Web.Mvc, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> </handlers> </system.webServer> - <runtime> - <legacyHMACWarning enabled="0" /> - + <legacyHMACWarning enabled="0"/> <!-- When targeting ASP.NET MVC 3, this assemblyBinding makes MVC 1 and 2 references relink - to MVC 3 so libraries such as DotNetOpenAuth that compile against MVC 1 will work with it. --> + to MVC 3 so libraries such as DotNetOpenAuth that compile against MVC 1 will work with it. --> <assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1"> <dependentAssembly> - <assemblyIdentity name="System.Web.Mvc" publicKeyToken="31bf3856ad364e35" /> - <bindingRedirect oldVersion="1.0.0.0-3.0.0.0" newVersion="3.0.0.0" /> + <assemblyIdentity name="System.Web.Mvc" publicKeyToken="31bf3856ad364e35"/> + <bindingRedirect oldVersion="1.0.0.0-3.0.0.0" newVersion="3.0.0.0"/> </dependentAssembly> </assemblyBinding> </runtime> diff --git a/samples/OpenIdProviderWebForms/Code/CustomStoreDataSet.Designer.cs b/samples/OpenIdProviderWebForms/Code/CustomStoreDataSet.Designer.cs index 19ac88f..0561fc9 100644 --- a/samples/OpenIdProviderWebForms/Code/CustomStoreDataSet.Designer.cs +++ b/samples/OpenIdProviderWebForms/Code/CustomStoreDataSet.Designer.cs @@ -1,7 +1,7 @@ //------------------------------------------------------------------------------ // <auto-generated> // This code was generated by a tool. -// Runtime Version:4.0.30319.225 +// Runtime Version:4.0.30319.17614 // // Changes to this file may cause incorrect behavior and will be lost if // the code is regenerated. diff --git a/samples/OpenIdProviderWebForms/OpenIdProviderWebForms.csproj b/samples/OpenIdProviderWebForms/OpenIdProviderWebForms.csproj index 439d5fd..a4c9de9 100644 --- a/samples/OpenIdProviderWebForms/OpenIdProviderWebForms.csproj +++ b/samples/OpenIdProviderWebForms/OpenIdProviderWebForms.csproj @@ -1,6 +1,15 @@ <?xml version="1.0" encoding="utf-8"?> <Project ToolsVersion="4.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003"> <Import Project="$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.props))\EnlistmentInfo.props" Condition=" '$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.props))' != '' " /> + <Import Project="$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props" Condition="Exists('$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props')" /> + <PropertyGroup> + <VisualStudioVersion Condition="'$(VisualStudioVersion)' == ''">10.0</VisualStudioVersion> + <VSToolsPath Condition="'$(VSToolsPath)' == ''">$(MSBuildExtensionsPath32)\Microsoft\VisualStudio\v$(VisualStudioVersion)</VSToolsPath> + <IISExpressSSLPort /> + <IISExpressAnonymousAuthentication>disabled</IISExpressAnonymousAuthentication> + <IISExpressWindowsAuthentication>disabled</IISExpressWindowsAuthentication> + <IISExpressUseClassicPipelineMode>false</IISExpressUseClassicPipelineMode> + </PropertyGroup> <PropertyGroup> <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration> <Platform Condition=" '$(Platform)' == '' ">AnyCPU</Platform> @@ -12,13 +21,13 @@ <AppDesignerFolder>Properties</AppDesignerFolder> <RootNamespace>OpenIdProviderWebForms</RootNamespace> <AssemblyName>OpenIdProviderWebForms</AssemblyName> - <TargetFrameworkVersion>v3.5</TargetFrameworkVersion> + <TargetFrameworkVersion>v4.0</TargetFrameworkVersion> <FileUpgradeFlags> </FileUpgradeFlags> - <OldToolsVersion>3.5</OldToolsVersion> + <OldToolsVersion>4.0</OldToolsVersion> <UpgradeBackupLocation /> <TargetFrameworkProfile /> - <UseIISExpress>false</UseIISExpress> + <UseIISExpress>true</UseIISExpress> </PropertyGroup> <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' "> <DebugSymbols>true</DebugSymbols> @@ -56,11 +65,12 @@ <HintPath>..\..\lib\log4net.dll</HintPath> </Reference> <Reference Include="System" /> - <Reference Include="System.Core" /> <Reference Include="System.Data" /> <Reference Include="System.Data.DataSetExtensions" /> <Reference Include="System.Drawing" /> <Reference Include="System.Web" /> + <Reference Include="System.Web.DynamicData" /> + <Reference Include="System.Web.Entity" /> <Reference Include="System.Web.Extensions" /> <Reference Include="System.Web.Extensions.Design" /> <Reference Include="System.Xml" /> @@ -68,10 +78,10 @@ <Reference Include="System.Web.Services" /> <Reference Include="System.EnterpriseServices" /> <Reference Include="System.Web.Mobile" /> - <Reference Include="System.Xml.Linq" /> <Reference Include="System.Web.ApplicationServices" Condition=" '$(TargetFrameworkVersion)' != 'v3.5' "> <RequiredTargetFramework>v4.0</RequiredTargetFramework> </Reference> + <Reference Include="System.Xml.Linq" /> </ItemGroup> <ItemGroup> <Content Include="App_Data\Users.xml" /> @@ -83,7 +93,9 @@ <Content Include="server.aspx" /> <Content Include="user.aspx" /> <Content Include="Global.asax" /> - <Content Include="Web.config" /> + <Content Include="Web.config"> + <SubType>Designer</SubType> + </Content> <Content Include="user_xrds.aspx" /> </ItemGroup> <ItemGroup> @@ -106,14 +118,12 @@ <Compile Include="Code\Util.cs" /> <Compile Include="decide.aspx.cs"> <DependentUpon>decide.aspx</DependentUpon> - <SubType>ASPXCodeBehind</SubType> </Compile> <Compile Include="decide.aspx.designer.cs"> <DependentUpon>decide.aspx</DependentUpon> </Compile> <Compile Include="Default.aspx.cs"> <DependentUpon>Default.aspx</DependentUpon> - <SubType>ASPXCodeBehind</SubType> </Compile> <Compile Include="Default.aspx.designer.cs"> <DependentUpon>Default.aspx</DependentUpon> @@ -123,14 +133,12 @@ </Compile> <Compile Include="login.aspx.cs"> <DependentUpon>login.aspx</DependentUpon> - <SubType>ASPXCodeBehind</SubType> </Compile> <Compile Include="login.aspx.designer.cs"> <DependentUpon>login.aspx</DependentUpon> </Compile> <Compile Include="ProfileFields.ascx.cs"> <DependentUpon>ProfileFields.ascx</DependentUpon> - <SubType>ASPXCodeBehind</SubType> </Compile> <Compile Include="ProfileFields.ascx.designer.cs"> <DependentUpon>ProfileFields.ascx</DependentUpon> @@ -141,21 +149,18 @@ </Compile> <Compile Include="server.aspx.cs"> <DependentUpon>server.aspx</DependentUpon> - <SubType>ASPXCodeBehind</SubType> </Compile> <Compile Include="server.aspx.designer.cs"> <DependentUpon>server.aspx</DependentUpon> </Compile> <Compile Include="TracePage.aspx.cs"> <DependentUpon>TracePage.aspx</DependentUpon> - <SubType>ASPXCodeBehind</SubType> </Compile> <Compile Include="TracePage.aspx.designer.cs"> <DependentUpon>TracePage.aspx</DependentUpon> </Compile> <Compile Include="user.aspx.cs"> <DependentUpon>user.aspx</DependentUpon> - <SubType>ASPXCodeBehind</SubType> </Compile> <Compile Include="user.aspx.designer.cs"> <DependentUpon>user.aspx</DependentUpon> @@ -222,7 +227,8 @@ </ProjectReference> </ItemGroup> <Import Project="$(MSBuildBinPath)\Microsoft.CSharp.targets" /> - <Import Project="$(MSBuildExtensionsPath32)\Microsoft\VisualStudio\v10.0\WebApplications\Microsoft.WebApplication.targets" /> + <Import Project="$(VSToolsPath)\WebApplications\Microsoft.WebApplication.targets" Condition="'$(VSToolsPath)' != ''" /> + <Import Project="$(MSBuildExtensionsPath32)\Microsoft\VisualStudio\v10.0\WebApplications\Microsoft.WebApplication.targets" Condition="false" /> <!-- To modify your build process, add your task inside one of the targets below and uncomment it. Other similar extension points exist, see Microsoft.Common.targets. <Target Name="BeforeBuild"> @@ -234,12 +240,11 @@ <VisualStudio> <FlavorProperties GUID="{349c5851-65df-11da-9384-00065b846f21}"> <WebProjectProperties> - <UseIIS>False</UseIIS> + <UseIIS>True</UseIIS> <AutoAssignPort>False</AutoAssignPort> <DevelopmentServerPort>4860</DevelopmentServerPort> <DevelopmentServerVPath>/</DevelopmentServerVPath> - <IISUrl> - </IISUrl> + <IISUrl>http://localhost:4860/</IISUrl> <NTLMAuthentication>False</NTLMAuthentication> <UseCustomServer>False</UseCustomServer> <CustomServerUrl> diff --git a/samples/OpenIdProviderWebForms/Web.config b/samples/OpenIdProviderWebForms/Web.config index 0c56bfe..efed107 100644 --- a/samples/OpenIdProviderWebForms/Web.config +++ b/samples/OpenIdProviderWebForms/Web.config @@ -1,7 +1,6 @@ <?xml version="1.0"?> <configuration> <configSections> - <section name="uri" type="System.Configuration.UriSection, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"/> <section name="log4net" type="log4net.Config.Log4NetConfigurationSectionHandler" requirePermission="false"/> <sectionGroup name="dotNetOpenAuth" type="DotNetOpenAuth.Configuration.DotNetOpenAuthSection, DotNetOpenAuth.Core"> <section name="openid" type="DotNetOpenAuth.Configuration.OpenIdElement, DotNetOpenAuth.OpenId" requirePermission="false" allowLocation="true" /> @@ -9,17 +8,6 @@ <section name="messaging" type="DotNetOpenAuth.Configuration.MessagingElement, DotNetOpenAuth.Core" requirePermission="false" allowLocation="true" /> <section name="reporting" type="DotNetOpenAuth.Configuration.ReportingElement, DotNetOpenAuth.Core" requirePermission="false" allowLocation="true" /> </sectionGroup> - <sectionGroup name="system.web.extensions" type="System.Web.Configuration.SystemWebExtensionsSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"> - <sectionGroup name="scripting" type="System.Web.Configuration.ScriptingSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"> - <section name="scriptResourceHandler" type="System.Web.Configuration.ScriptingScriptResourceHandlerSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication"/> - <sectionGroup name="webServices" type="System.Web.Configuration.ScriptingWebServicesSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"> - <section name="jsonSerialization" type="System.Web.Configuration.ScriptingJsonSerializationSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="Everywhere"/> - <section name="profileService" type="System.Web.Configuration.ScriptingProfileServiceSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication"/> - <section name="authenticationService" type="System.Web.Configuration.ScriptingAuthenticationServiceSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication"/> - <section name="roleService" type="System.Web.Configuration.ScriptingRoleServiceSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication"/> - </sectionGroup> - </sectionGroup> - </sectionGroup> </configSections> <!-- The uri section is necessary to turn on .NET 3.5 support for IDN (international domain names), @@ -79,12 +67,8 @@ affects performance, set this value to true only during development. --> - <compilation debug="true"> + <compilation debug="true" targetFramework="4.0"> <assemblies> - <add assembly="System.Core, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/> - <add assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add assembly="System.Xml.Linq, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/> - <add assembly="System.Data.DataSetExtensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/> <remove assembly="DotNetOpenAuth.Contracts"/> </assemblies> </compilation> @@ -107,21 +91,7 @@ Low: doesn't work because WebPermission.Connect is denied. --> <trust level="Medium" originUrl=".*"/> - <pages> - <controls> - <add tagPrefix="asp" namespace="System.Web.UI" assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add tagPrefix="asp" namespace="System.Web.UI.WebControls" assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - </controls> - </pages> - <httpHandlers> - <remove verb="*" path="*.asmx"/> - <add verb="*" path="*.asmx" validate="false" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add verb="*" path="*_AppService.axd" validate="false" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add verb="GET,HEAD" path="ScriptResource.axd" validate="false" type="System.Web.Handlers.ScriptResourceHandler, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - </httpHandlers> - <httpModules> - <add name="ScriptModule" type="System.Web.Handlers.ScriptModule, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - </httpModules> + <pages controlRenderingCompatibilityVersion="3.5" clientIDMode="AutoID"/> </system.web> <location path="decide.aspx"> <system.web> @@ -156,49 +126,13 @@ </root> <!-- Specify the level for some specific categories --> <logger name="DotNetOpenAuth"> - <level value="INFO" /> + <level value="INFO"/> </logger> </log4net> - <system.codedom> - <compilers> - <compiler language="c#;cs;csharp" extension=".cs" type="Microsoft.CSharp.CSharpCodeProvider,System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" warningLevel="4"> - <providerOption name="CompilerVersion" value="v3.5"/> - <providerOption name="WarnAsError" value="false"/> - </compiler> - <compiler language="vb;vbs;visualbasic;vbscript" extension=".vb" type="Microsoft.VisualBasic.VBCodeProvider, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" warningLevel="4"> - <providerOption name="CompilerVersion" value="v3.5"/> - <providerOption name="OptionInfer" value="true"/> - <providerOption name="WarnAsError" value="false"/> - </compiler> - </compilers> - </system.codedom> - <system.webServer> - <validation validateIntegratedModeConfiguration="false"/> - <modules> - <remove name="ScriptModule"/> - <add name="ScriptModule" preCondition="managedHandler" type="System.Web.Handlers.ScriptModule, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - </modules> - <handlers> - <remove name="WebServiceHandlerFactory-Integrated"/> - <remove name="ScriptHandlerFactory"/> - <remove name="ScriptHandlerFactoryAppServices"/> - <remove name="ScriptResource"/> - <add name="ScriptHandlerFactory" verb="*" path="*.asmx" preCondition="integratedMode" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add name="ScriptHandlerFactoryAppServices" verb="*" path="*_AppService.axd" preCondition="integratedMode" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add name="ScriptResource" verb="GET,HEAD" path="ScriptResource.axd" preCondition="integratedMode" type="System.Web.Handlers.ScriptResourceHandler, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - </handlers> - </system.webServer> <runtime> - <legacyHMACWarning enabled="0" /> - <assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1"> - <dependentAssembly> - <assemblyIdentity name="System.Web.Extensions" publicKeyToken="31bf3856ad364e35"/> - <bindingRedirect oldVersion="1.0.0.0-1.1.0.0" newVersion="3.5.0.0"/> - </dependentAssembly> - <dependentAssembly> - <assemblyIdentity name="System.Web.Extensions.Design" publicKeyToken="31bf3856ad364e35"/> - <bindingRedirect oldVersion="1.0.0.0-1.1.0.0" newVersion="3.5.0.0"/> - </dependentAssembly> - </assemblyBinding> + <legacyHMACWarning enabled="0"/> </runtime> -</configuration> + <system.webServer> + <modules runAllManagedModulesForAllRequests="true"/> + </system.webServer> +</configuration>
\ No newline at end of file diff --git a/samples/OpenIdRelyingPartyClassicAsp/Web.config b/samples/OpenIdRelyingPartyClassicAsp/Web.config new file mode 100644 index 0000000..4af6ab2 --- /dev/null +++ b/samples/OpenIdRelyingPartyClassicAsp/Web.config @@ -0,0 +1,48 @@ +<?xml version="1.0"?> +<!-- + Note: As an alternative to hand editing this file you can use the + web admin tool to configure settings for your application. Use + the Website->Asp.Net Configuration option in Visual Studio. + A full list of settings and comments can be found in + machine.config.comments usually located in + \Windows\Microsoft.Net\Framework\vx.x\Config +--> +<configuration> + <appSettings/> + <connectionStrings/> + <system.web> + <!-- + Set compilation debug="true" to insert debugging + symbols into the compiled page. Because this + affects performance, set this value to true only + during development. + --> + <compilation debug="false" targetFramework="4.0"/> + <!-- + The <authentication> section enables configuration + of the security authentication mode used by + ASP.NET to identify an incoming user. + --> + <authentication mode="Windows"/> + <!-- + The <customErrors> section enables configuration + of what to do if/when an unhandled error occurs + during the execution of a request. Specifically, + it enables developers to configure html error pages + to be displayed in place of a error stack trace. + + <customErrors mode="RemoteOnly" defaultRedirect="GenericErrorPage.htm"> + <error statusCode="403" redirect="NoAccess.htm" /> + <error statusCode="404" redirect="FileNotFound.htm" /> + </customErrors> + --> + <pages controlRenderingCompatibilityVersion="3.5" clientIDMode="AutoID"/> + </system.web> + <!-- + The system.webServer section is required for running ASP.NET AJAX under Internet + Information Services 7.0. It is not necessary for previous version of IIS. + --> + <system.webServer> + <modules runAllManagedModulesForAllRequests="true"/> + </system.webServer> +</configuration>
\ No newline at end of file diff --git a/samples/OpenIdRelyingPartyMvc/OpenIdRelyingPartyMvc.csproj b/samples/OpenIdRelyingPartyMvc/OpenIdRelyingPartyMvc.csproj index b1867ad..7e3c564 100644 --- a/samples/OpenIdRelyingPartyMvc/OpenIdRelyingPartyMvc.csproj +++ b/samples/OpenIdRelyingPartyMvc/OpenIdRelyingPartyMvc.csproj @@ -1,6 +1,15 @@ <?xml version="1.0" encoding="utf-8"?> <Project ToolsVersion="4.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003"> <Import Project="$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.props))\EnlistmentInfo.props" Condition=" '$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.props))' != '' " /> + <Import Project="$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props" Condition="Exists('$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props')" /> + <PropertyGroup> + <VisualStudioVersion Condition="'$(VisualStudioVersion)' == ''">10.0</VisualStudioVersion> + <VSToolsPath Condition="'$(VSToolsPath)' == ''">$(MSBuildExtensionsPath32)\Microsoft\VisualStudio\v$(VisualStudioVersion)</VSToolsPath> + <IISExpressSSLPort /> + <IISExpressAnonymousAuthentication /> + <IISExpressWindowsAuthentication /> + <IISExpressUseClassicPipelineMode /> + </PropertyGroup> <PropertyGroup> <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration> <Platform Condition=" '$(Platform)' == '' ">AnyCPU</Platform> @@ -11,10 +20,10 @@ <AppDesignerFolder>Properties</AppDesignerFolder> <RootNamespace>OpenIdRelyingPartyMvc</RootNamespace> <AssemblyName>OpenIdRelyingPartyMvc</AssemblyName> - <TargetFrameworkVersion>v3.5</TargetFrameworkVersion> + <TargetFrameworkVersion>v4.0</TargetFrameworkVersion> <MvcBuildViews>false</MvcBuildViews> <TargetFrameworkProfile /> - <UseIISExpress>false</UseIISExpress> + <UseIISExpress>true</UseIISExpress> </PropertyGroup> <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' "> <DebugSymbols>true</DebugSymbols> @@ -40,16 +49,15 @@ <Reference Include="System.Data" /> <Reference Include="System.Data.DataSetExtensions" /> <Reference Include="System.Drawing" /> + <Reference Include="System.Web.ApplicationServices" /> <Reference Include="System.Web.DynamicData" /> <Reference Include="System.Web.Entity" /> <Reference Include="System.ComponentModel.DataAnnotations"> <RequiredTargetFramework>3.5</RequiredTargetFramework> </Reference> - <Reference Include="System.Web.Mvc" /> + <Reference Include="System.Web.Extensions" /> + <Reference Include="System.Web.Mvc, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL" /> <Reference Include="System.Web" /> - <Reference Include="System.Web.Extensions"> - <RequiredTargetFramework>3.5</RequiredTargetFramework> - </Reference> <Reference Include="System.Web.Abstractions" /> <Reference Include="System.Web.Routing" /> <Reference Include="System.Xml" /> @@ -68,7 +76,6 @@ <Compile Include="Properties\AssemblyInfo.cs" /> <Compile Include="Views\Shared\Site.Master.cs"> <DependentUpon>Site.Master</DependentUpon> - <SubType>ASPXCodeBehind</SubType> </Compile> <Compile Include="Views\Shared\Site.Master.designer.cs"> <DependentUpon>Site.Master</DependentUpon> @@ -149,7 +156,8 @@ </ProjectReference> </ItemGroup> <Import Project="$(MSBuildBinPath)\Microsoft.CSharp.targets" /> - <Import Project="$(MSBuildExtensionsPath32)\Microsoft\VisualStudio\v10.0\WebApplications\Microsoft.WebApplication.targets" /> + <Import Project="$(VSToolsPath)\WebApplications\Microsoft.WebApplication.targets" Condition="'$(VSToolsPath)' != ''" /> + <Import Project="$(MSBuildExtensionsPath32)\Microsoft\VisualStudio\v10.0\WebApplications\Microsoft.WebApplication.targets" Condition="false" /> <!-- To modify your build process, add your task inside one of the targets below and uncomment it. Other similar extension points exist, see Microsoft.Common.targets. <Target Name="BeforeBuild"> @@ -161,12 +169,11 @@ <VisualStudio> <FlavorProperties GUID="{349c5851-65df-11da-9384-00065b846f21}"> <WebProjectProperties> - <UseIIS>False</UseIIS> + <UseIIS>True</UseIIS> <AutoAssignPort>True</AutoAssignPort> <DevelopmentServerPort>54347</DevelopmentServerPort> <DevelopmentServerVPath>/</DevelopmentServerVPath> - <IISUrl> - </IISUrl> + <IISUrl>http://localhost:54347/</IISUrl> <NTLMAuthentication>False</NTLMAuthentication> <UseCustomServer>False</UseCustomServer> <CustomServerUrl> diff --git a/samples/OpenIdRelyingPartyMvc/Web.config b/samples/OpenIdRelyingPartyMvc/Web.config index 1d714b4..67c1dd4 100644 --- a/samples/OpenIdRelyingPartyMvc/Web.config +++ b/samples/OpenIdRelyingPartyMvc/Web.config @@ -1,24 +1,12 @@ <?xml version="1.0"?> <configuration> <configSections> - <section name="uri" type="System.Configuration.UriSection, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" /> <sectionGroup name="dotNetOpenAuth" type="DotNetOpenAuth.Configuration.DotNetOpenAuthSection, DotNetOpenAuth.Core"> <section name="openid" type="DotNetOpenAuth.Configuration.OpenIdElement, DotNetOpenAuth.OpenId" requirePermission="false" allowLocation="true" /> <section name="oauth" type="DotNetOpenAuth.Configuration.OAuthElement, DotNetOpenAuth.OAuth" requirePermission="false" allowLocation="true" /> <section name="messaging" type="DotNetOpenAuth.Configuration.MessagingElement, DotNetOpenAuth.Core" requirePermission="false" allowLocation="true" /> <section name="reporting" type="DotNetOpenAuth.Configuration.ReportingElement, DotNetOpenAuth.Core" requirePermission="false" allowLocation="true" /> </sectionGroup> - <sectionGroup name="system.web.extensions" type="System.Web.Configuration.SystemWebExtensionsSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"> - <sectionGroup name="scripting" type="System.Web.Configuration.ScriptingSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"> - <section name="scriptResourceHandler" type="System.Web.Configuration.ScriptingScriptResourceHandlerSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication"/> - <sectionGroup name="webServices" type="System.Web.Configuration.ScriptingWebServicesSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"> - <section name="jsonSerialization" type="System.Web.Configuration.ScriptingJsonSerializationSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="Everywhere"/> - <section name="profileService" type="System.Web.Configuration.ScriptingProfileServiceSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication"/> - <section name="authenticationService" type="System.Web.Configuration.ScriptingAuthenticationServiceSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication"/> - <section name="roleService" type="System.Web.Configuration.ScriptingRoleServiceSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication"/> - </sectionGroup> - </sectionGroup> - </sectionGroup> </configSections> <!-- The uri section is necessary to turn on .NET 3.5 support for IDN (international domain names), @@ -77,17 +65,13 @@ affects performance, set this value to true only during development. --> - <compilation debug="true"> + <compilation debug="true" targetFramework="4.0"> <assemblies> - <add assembly="System.Core, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/> - <add assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add assembly="System.Web.Abstractions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add assembly="System.Web.Routing, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add assembly="System.Web.Mvc, Version=2.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add assembly="System.Data.DataSetExtensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/> - <add assembly="System.Xml.Linq, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/> - <add assembly="System.Data.Linq, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/> + <add assembly="System.Web.Mvc, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> <remove assembly="DotNetOpenAuth.Contracts"/> + <add assembly="System.Web.Abstractions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> + <add assembly="System.Web.Routing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> + <add assembly="System.Data.Linq, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/> </assemblies> </compilation> <!-- @@ -126,30 +110,9 @@ </namespaces> </pages> <httpHandlers> - <remove verb="*" path="*.asmx"/> - <add verb="*" path="*.asmx" validate="false" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add verb="*" path="*_AppService.axd" validate="false" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add verb="GET,HEAD" path="ScriptResource.axd" type="System.Web.Handlers.ScriptResourceHandler, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" validate="false"/> - <add verb="*" path="*.mvc" validate="false" type="System.Web.Mvc.MvcHttpHandler, System.Web.Mvc, Version=2.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> + <add verb="*" path="*.mvc" validate="false" type="System.Web.Mvc.MvcHttpHandler, System.Web.Mvc, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> </httpHandlers> - <httpModules> - <add name="ScriptModule" type="System.Web.Handlers.ScriptModule, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add name="UrlRoutingModule" type="System.Web.Routing.UrlRoutingModule, System.Web.Routing, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - </httpModules> </system.web> - <system.codedom> - <compilers> - <compiler language="c#;cs;csharp" extension=".cs" warningLevel="4" type="Microsoft.CSharp.CSharpCodeProvider, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"> - <providerOption name="CompilerVersion" value="v3.5"/> - <providerOption name="WarnAsError" value="false"/> - </compiler> - <compiler language="vb;vbs;visualbasic;vbscript" extension=".vb" warningLevel="4" type="Microsoft.VisualBasic.VBCodeProvider, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"> - <providerOption name="CompilerVersion" value="v3.5"/> - <providerOption name="OptionInfer" value="true"/> - <providerOption name="WarnAsError" value="false"/> - </compiler> - </compilers> - </system.codedom> <system.web.extensions/> <!-- The system.webServer section is required for running ASP.NET AJAX under Internet @@ -157,24 +120,11 @@ --> <system.webServer> <validation validateIntegratedModeConfiguration="false"/> - <modules runAllManagedModulesForAllRequests="true"> - <remove name="ScriptModule"/> - <remove name="UrlRoutingModule"/> - <add name="ScriptModule" preCondition="managedHandler" type="System.Web.Handlers.ScriptModule, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add name="UrlRoutingModule" type="System.Web.Routing.UrlRoutingModule, System.Web.Routing, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - </modules> + <modules runAllManagedModulesForAllRequests="true"/> <handlers> - <remove name="WebServiceHandlerFactory-Integrated"/> - <remove name="ScriptHandlerFactory"/> - <remove name="ScriptHandlerFactoryAppServices"/> - <remove name="ScriptResource"/> - <remove name="MvcHttpHandler" /> - <remove name="UrlRoutingHandler" /> - <add name="ScriptHandlerFactory" verb="*" path="*.asmx" preCondition="integratedMode" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add name="ScriptHandlerFactoryAppServices" verb="*" path="*_AppService.axd" preCondition="integratedMode" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add name="ScriptResource" preCondition="integratedMode" verb="GET,HEAD" path="ScriptResource.axd" type="System.Web.Handlers.ScriptResourceHandler, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add name="MvcHttpHandler" preCondition="integratedMode" verb="*" path="*.mvc" type="System.Web.Mvc.MvcHttpHandler, System.Web.Mvc, Version=2.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add name="UrlRoutingHandler" preCondition="integratedMode" verb="*" path="UrlRouting.axd" type="System.Web.HttpForbiddenHandler, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" /> + <remove name="MvcHttpHandler"/> + <remove name="UrlRoutingHandler"/> + <add name="MvcHttpHandler" preCondition="integratedMode" verb="*" path="*.mvc" type="System.Web.Mvc.MvcHttpHandler, System.Web.Mvc, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> </handlers> </system.webServer> diff --git a/samples/OpenIdRelyingPartyWebForms/Code/CustomStoreDataSet1.Designer.cs b/samples/OpenIdRelyingPartyWebForms/Code/CustomStoreDataSet1.Designer.cs index fa28b9c..3875aa5 100644 --- a/samples/OpenIdRelyingPartyWebForms/Code/CustomStoreDataSet1.Designer.cs +++ b/samples/OpenIdRelyingPartyWebForms/Code/CustomStoreDataSet1.Designer.cs @@ -1,7 +1,7 @@ //------------------------------------------------------------------------------ // <auto-generated> // This code was generated by a tool. -// Runtime Version:4.0.30319.225 +// Runtime Version:4.0.30319.17614 // // Changes to this file may cause incorrect behavior and will be lost if // the code is regenerated. diff --git a/samples/OpenIdRelyingPartyWebForms/MembersOnly/Default.aspx b/samples/OpenIdRelyingPartyWebForms/MembersOnly/Default.aspx index cbc13ee..59a4eed 100644 --- a/samples/OpenIdRelyingPartyWebForms/MembersOnly/Default.aspx +++ b/samples/OpenIdRelyingPartyWebForms/MembersOnly/Default.aspx @@ -18,6 +18,9 @@ <% } foreach (string policy in State.PapePolicies.ActualPolicies) { %> <li><%=HttpUtility.HtmlEncode(policy) %></li> + <% } + if (State.PapePolicies.AuthenticationTimeUtc.HasValue) { %> + <li>The provider authenticated the user at <%=State.PapePolicies.AuthenticationTimeUtc.Value.ToLocalTime() %> (local time)</li> <% } %> </ul> <% } %> diff --git a/samples/OpenIdRelyingPartyWebForms/OpenIdRelyingPartyWebForms.csproj b/samples/OpenIdRelyingPartyWebForms/OpenIdRelyingPartyWebForms.csproj index 01b4b09..e8fc030 100644 --- a/samples/OpenIdRelyingPartyWebForms/OpenIdRelyingPartyWebForms.csproj +++ b/samples/OpenIdRelyingPartyWebForms/OpenIdRelyingPartyWebForms.csproj @@ -1,6 +1,15 @@ <?xml version="1.0" encoding="utf-8"?> <Project ToolsVersion="4.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003"> <Import Project="$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.props))\EnlistmentInfo.props" Condition=" '$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.props))' != '' " /> + <Import Project="$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props" Condition="Exists('$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props')" /> + <PropertyGroup> + <VisualStudioVersion Condition="'$(VisualStudioVersion)' == ''">10.0</VisualStudioVersion> + <VSToolsPath Condition="'$(VSToolsPath)' == ''">$(MSBuildExtensionsPath32)\Microsoft\VisualStudio\v$(VisualStudioVersion)</VSToolsPath> + <IISExpressSSLPort /> + <IISExpressAnonymousAuthentication /> + <IISExpressWindowsAuthentication /> + <IISExpressUseClassicPipelineMode /> + </PropertyGroup> <PropertyGroup> <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration> <Platform Condition=" '$(Platform)' == '' ">AnyCPU</Platform> @@ -12,13 +21,13 @@ <AppDesignerFolder>Properties</AppDesignerFolder> <RootNamespace>OpenIdRelyingPartyWebForms</RootNamespace> <AssemblyName>OpenIdRelyingPartyWebForms</AssemblyName> - <TargetFrameworkVersion>v3.5</TargetFrameworkVersion> + <TargetFrameworkVersion>v4.0</TargetFrameworkVersion> <FileUpgradeFlags> </FileUpgradeFlags> - <OldToolsVersion>3.5</OldToolsVersion> + <OldToolsVersion>4.0</OldToolsVersion> <UpgradeBackupLocation /> <TargetFrameworkProfile /> - <UseIISExpress>false</UseIISExpress> + <UseIISExpress>true</UseIISExpress> </PropertyGroup> <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' "> <DebugSymbols>true</DebugSymbols> @@ -61,11 +70,12 @@ <Reference Include="System" /> <Reference Include="System.Data" /> <Reference Include="System.Data.DataSetExtensions" /> - <Reference Include="System.Web.Extensions"> - <RequiredTargetFramework>3.5</RequiredTargetFramework> - </Reference> <Reference Include="System.Drawing" /> <Reference Include="System.Web" /> + <Reference Include="System.Web.ApplicationServices" /> + <Reference Include="System.Web.DynamicData" /> + <Reference Include="System.Web.Entity" /> + <Reference Include="System.Web.Extensions" /> <Reference Include="System.Xml" /> <Reference Include="System.Configuration" /> <Reference Include="System.Web.Services" /> @@ -84,7 +94,9 @@ <Content Include="PrivacyPolicy.aspx" /> <Content Include="styles.css" /> <Content Include="TracePage.aspx" /> - <Content Include="Web.config" /> + <Content Include="Web.config"> + <SubType>Designer</SubType> + </Content> </ItemGroup> <ItemGroup> <Compile Include="..\DotNetOpenAuth.ApplicationBlock\InMemoryTokenManager.cs"> @@ -92,7 +104,6 @@ </Compile> <Compile Include="ajaxlogin.aspx.cs"> <DependentUpon>ajaxlogin.aspx</DependentUpon> - <SubType>ASPXCodeBehind</SubType> </Compile> <Compile Include="ajaxlogin.aspx.designer.cs"> <DependentUpon>ajaxlogin.aspx</DependentUpon> @@ -100,7 +111,6 @@ <Compile Include="Code\CustomStore.cs" /> <Compile Include="Code\CustomStoreDataSet.cs"> <DependentUpon>CustomStoreDataSet.xsd</DependentUpon> - <SubType>Component</SubType> </Compile> <Compile Include="Code\CustomStoreDataSet.Designer.cs"> <DependentUpon>CustomStoreDataSet.cs</DependentUpon> @@ -114,21 +124,18 @@ <Compile Include="Code\TracePageAppender.cs" /> <Compile Include="DetectGoogleSession.aspx.cs"> <DependentUpon>DetectGoogleSession.aspx</DependentUpon> - <SubType>ASPXCodeBehind</SubType> </Compile> <Compile Include="DetectGoogleSession.aspx.designer.cs"> <DependentUpon>DetectGoogleSession.aspx</DependentUpon> </Compile> <Compile Include="loginGoogleApps.aspx.cs"> <DependentUpon>loginGoogleApps.aspx</DependentUpon> - <SubType>ASPXCodeBehind</SubType> </Compile> <Compile Include="loginGoogleApps.aspx.designer.cs"> <DependentUpon>loginGoogleApps.aspx</DependentUpon> </Compile> <Compile Include="loginPlusOAuthSampleOP.aspx.cs"> <DependentUpon>loginPlusOAuthSampleOP.aspx</DependentUpon> - <SubType>ASPXCodeBehind</SubType> </Compile> <Compile Include="loginPlusOAuthSampleOP.aspx.designer.cs"> <DependentUpon>loginPlusOAuthSampleOP.aspx</DependentUpon> @@ -138,42 +145,36 @@ </Compile> <Compile Include="login.aspx.cs"> <DependentUpon>login.aspx</DependentUpon> - <SubType>ASPXCodeBehind</SubType> </Compile> <Compile Include="login.aspx.designer.cs"> <DependentUpon>login.aspx</DependentUpon> </Compile> <Compile Include="loginPlusOAuth.aspx.cs"> <DependentUpon>loginPlusOAuth.aspx</DependentUpon> - <SubType>ASPXCodeBehind</SubType> </Compile> <Compile Include="loginPlusOAuth.aspx.designer.cs"> <DependentUpon>loginPlusOAuth.aspx</DependentUpon> </Compile> <Compile Include="loginProgrammatic.aspx.cs"> <DependentUpon>loginProgrammatic.aspx</DependentUpon> - <SubType>ASPXCodeBehind</SubType> </Compile> <Compile Include="loginProgrammatic.aspx.designer.cs"> <DependentUpon>loginProgrammatic.aspx</DependentUpon> </Compile> <Compile Include="MembersOnly\DisplayGoogleContacts.aspx.cs"> <DependentUpon>DisplayGoogleContacts.aspx</DependentUpon> - <SubType>ASPXCodeBehind</SubType> </Compile> <Compile Include="MembersOnly\DisplayGoogleContacts.aspx.designer.cs"> <DependentUpon>DisplayGoogleContacts.aspx</DependentUpon> </Compile> <Compile Include="MembersOnly\ProfileFieldsDisplay.ascx.cs"> <DependentUpon>ProfileFieldsDisplay.ascx</DependentUpon> - <SubType>ASPXCodeBehind</SubType> </Compile> <Compile Include="MembersOnly\ProfileFieldsDisplay.ascx.designer.cs"> <DependentUpon>ProfileFieldsDisplay.ascx</DependentUpon> </Compile> <Compile Include="NoIdentityOpenId.aspx.cs"> <DependentUpon>NoIdentityOpenId.aspx</DependentUpon> - <SubType>ASPXCodeBehind</SubType> </Compile> <Compile Include="NoIdentityOpenId.aspx.designer.cs"> <DependentUpon>NoIdentityOpenId.aspx</DependentUpon> @@ -181,7 +182,6 @@ <Compile Include="Properties\AssemblyInfo.cs" /> <Compile Include="TracePage.aspx.cs"> <DependentUpon>TracePage.aspx</DependentUpon> - <SubType>ASPXCodeBehind</SubType> </Compile> <Compile Include="TracePage.aspx.designer.cs"> <DependentUpon>TracePage.aspx</DependentUpon> @@ -262,7 +262,8 @@ </ProjectReference> </ItemGroup> <Import Project="$(MSBuildBinPath)\Microsoft.CSharp.targets" /> - <Import Project="$(MSBuildExtensionsPath32)\Microsoft\VisualStudio\v10.0\WebApplications\Microsoft.WebApplication.targets" /> + <Import Project="$(VSToolsPath)\WebApplications\Microsoft.WebApplication.targets" Condition="'$(VSToolsPath)' != ''" /> + <Import Project="$(MSBuildExtensionsPath32)\Microsoft\VisualStudio\v10.0\WebApplications\Microsoft.WebApplication.targets" Condition="false" /> <!-- To modify your build process, add your task inside one of the targets below and uncomment it. Other similar extension points exist, see Microsoft.Common.targets. <Target Name="BeforeBuild"> @@ -274,12 +275,11 @@ <VisualStudio> <FlavorProperties GUID="{349c5851-65df-11da-9384-00065b846f21}"> <WebProjectProperties> - <UseIIS>False</UseIIS> + <UseIIS>True</UseIIS> <AutoAssignPort>True</AutoAssignPort> <DevelopmentServerPort>4856</DevelopmentServerPort> <DevelopmentServerVPath>/</DevelopmentServerVPath> - <IISUrl> - </IISUrl> + <IISUrl>http://localhost:4856/</IISUrl> <NTLMAuthentication>False</NTLMAuthentication> <UseCustomServer>False</UseCustomServer> <CustomServerUrl> diff --git a/samples/OpenIdRelyingPartyWebForms/Web.config b/samples/OpenIdRelyingPartyWebForms/Web.config index 3a667c2..479b285 100644 --- a/samples/OpenIdRelyingPartyWebForms/Web.config +++ b/samples/OpenIdRelyingPartyWebForms/Web.config @@ -1,7 +1,6 @@ <?xml version="1.0"?> <configuration> <configSections> - <section name="uri" type="System.Configuration.UriSection, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" /> <section name="log4net" type="log4net.Config.Log4NetConfigurationSectionHandler" requirePermission="false" /> <sectionGroup name="dotNetOpenAuth" type="DotNetOpenAuth.Configuration.DotNetOpenAuthSection, DotNetOpenAuth.Core"> <section name="openid" type="DotNetOpenAuth.Configuration.OpenIdElement, DotNetOpenAuth.OpenId" requirePermission="false" allowLocation="true" /> @@ -68,10 +67,9 @@ <add key="googleConsumerKey" value="demo.dotnetopenauth.net"/> <add key="googleConsumerSecret" value="5Yv1TfKm1551QrXZ9GpqepeD"/> </appSettings> - <system.web> <!--<sessionState cookieless="true" />--> - <compilation debug="true"> + <compilation debug="true" targetFramework="4.0"> <assemblies> <remove assembly="DotNetOpenAuth.Contracts"/> </assemblies> @@ -88,6 +86,7 @@ Low: doesn't work because WebPermission.Connect is denied. --> <trust level="Medium" originUrl=".*"/> + <pages controlRenderingCompatibilityVersion="3.5" clientIDMode="AutoID"/> </system.web> <!-- log4net is a 3rd party (free) logger library that DotNetOpenAuth will use if present but does not require. --> @@ -123,4 +122,7 @@ <runtime> <legacyHMACWarning enabled="0" /> </runtime> -</configuration> + <system.webServer> + <modules runAllManagedModulesForAllRequests="true" /> + </system.webServer> +</configuration>
\ No newline at end of file diff --git a/samples/OpenIdRelyingPartyWebForms/login.aspx b/samples/OpenIdRelyingPartyWebForms/login.aspx index 98eee7a..17a230a 100644 --- a/samples/OpenIdRelyingPartyWebForms/login.aspx +++ b/samples/OpenIdRelyingPartyWebForms/login.aspx @@ -20,6 +20,10 @@ <asp:ListItem Text="Request physical multi-factor authentication" Value="http://schemas.openid.net/pape/policies/2007/06/multi-factor-physical" /> <asp:ListItem Text="Request PPID identifier" Value="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier" /> </asp:CheckBoxList> + <p>Request that the Provider have authenticated the user in the last + <asp:TextBox runat="server" ID="maxAuthTimeBox" MaxLength="4" Columns="4" /> + seconds. + </p> <p>Try the PPID identifier functionality against the OpenIDProviderMvc sample.</p> </fieldset> <p><a href="loginGoogleApps.aspx">Log in using Google Apps for Domains</a>. </p> diff --git a/samples/OpenIdRelyingPartyWebForms/login.aspx.cs b/samples/OpenIdRelyingPartyWebForms/login.aspx.cs index 6721e9b..3b5466c 100644 --- a/samples/OpenIdRelyingPartyWebForms/login.aspx.cs +++ b/samples/OpenIdRelyingPartyWebForms/login.aspx.cs @@ -45,12 +45,18 @@ namespace OpenIdRelyingPartyWebForms { } // Add the PAPE extension if any policy was requested. + var pape = new PolicyRequest(); if (policies.Count > 0) { - var pape = new PolicyRequest(); foreach (string policy in policies) { pape.PreferredPolicies.Add(policy); } + } + + if (this.maxAuthTimeBox.Text.Length > 0) { + pape.MaximumAuthenticationAge = TimeSpan.FromSeconds(double.Parse(this.maxAuthTimeBox.Text)); + } + if (pape.PreferredPolicies.Count > 0 || pape.MaximumAuthenticationAge.HasValue) { request.AddExtension(pape); } } diff --git a/samples/OpenIdRelyingPartyWebForms/login.aspx.designer.cs b/samples/OpenIdRelyingPartyWebForms/login.aspx.designer.cs index 017d259..9ee9edc 100644 --- a/samples/OpenIdRelyingPartyWebForms/login.aspx.designer.cs +++ b/samples/OpenIdRelyingPartyWebForms/login.aspx.designer.cs @@ -40,6 +40,15 @@ namespace OpenIdRelyingPartyWebForms { protected global::System.Web.UI.WebControls.CheckBoxList papePolicies; /// <summary> + /// maxAuthTimeBox control. + /// </summary> + /// <remarks> + /// Auto-generated field. + /// To modify move field declaration from designer file to code-behind file. + /// </remarks> + protected global::System.Web.UI.WebControls.TextBox maxAuthTimeBox; + + /// <summary> /// yahooLoginButton control. /// </summary> /// <remarks> diff --git a/samples/OpenIdRelyingPartyWebFormsVB/My Project/Application.Designer.vb b/samples/OpenIdRelyingPartyWebFormsVB/My Project/Application.Designer.vb index cf58961..cbb8d1e 100644 --- a/samples/OpenIdRelyingPartyWebFormsVB/My Project/Application.Designer.vb +++ b/samples/OpenIdRelyingPartyWebFormsVB/My Project/Application.Designer.vb @@ -1,7 +1,7 @@ '------------------------------------------------------------------------------ ' <auto-generated> ' This code was generated by a tool. -' Runtime Version:4.0.30104.0 +' Runtime Version:4.0.30319.17614 ' ' Changes to this file may cause incorrect behavior and will be lost if ' the code is regenerated. diff --git a/samples/OpenIdRelyingPartyWebFormsVB/My Project/Resources.Designer.vb b/samples/OpenIdRelyingPartyWebFormsVB/My Project/Resources.Designer.vb index 276f520..e2a555b 100644 --- a/samples/OpenIdRelyingPartyWebFormsVB/My Project/Resources.Designer.vb +++ b/samples/OpenIdRelyingPartyWebFormsVB/My Project/Resources.Designer.vb @@ -1,7 +1,7 @@ '------------------------------------------------------------------------------ ' <auto-generated> ' This code was generated by a tool. -' Runtime Version:4.0.30104.0 +' Runtime Version:4.0.30319.17614 ' ' Changes to this file may cause incorrect behavior and will be lost if ' the code is regenerated. diff --git a/samples/OpenIdRelyingPartyWebFormsVB/My Project/Settings.Designer.vb b/samples/OpenIdRelyingPartyWebFormsVB/My Project/Settings.Designer.vb index dddcea9..1493ab0 100644 --- a/samples/OpenIdRelyingPartyWebFormsVB/My Project/Settings.Designer.vb +++ b/samples/OpenIdRelyingPartyWebFormsVB/My Project/Settings.Designer.vb @@ -1,7 +1,7 @@ '------------------------------------------------------------------------------ ' <auto-generated> ' This code was generated by a tool. -' Runtime Version:4.0.30104.0 +' Runtime Version:4.0.30319.17614 ' ' Changes to this file may cause incorrect behavior and will be lost if ' the code is regenerated. @@ -15,7 +15,7 @@ Option Explicit On Namespace My <Global.System.Runtime.CompilerServices.CompilerGeneratedAttribute(), _ - Global.System.CodeDom.Compiler.GeneratedCodeAttribute("Microsoft.VisualStudio.Editors.SettingsDesigner.SettingsSingleFileGenerator", "10.0.0.0"), _ + Global.System.CodeDom.Compiler.GeneratedCodeAttribute("Microsoft.VisualStudio.Editors.SettingsDesigner.SettingsSingleFileGenerator", "11.0.0.0"), _ Global.System.ComponentModel.EditorBrowsableAttribute(Global.System.ComponentModel.EditorBrowsableState.Advanced)> _ Partial Friend NotInheritable Class MySettings Inherits Global.System.Configuration.ApplicationSettingsBase diff --git a/samples/OpenIdRelyingPartyWebFormsVB/OpenIdRelyingPartyWebFormsVB.vbproj b/samples/OpenIdRelyingPartyWebFormsVB/OpenIdRelyingPartyWebFormsVB.vbproj index 742a19a..8a69f8d 100644 --- a/samples/OpenIdRelyingPartyWebFormsVB/OpenIdRelyingPartyWebFormsVB.vbproj +++ b/samples/OpenIdRelyingPartyWebFormsVB/OpenIdRelyingPartyWebFormsVB.vbproj @@ -1,6 +1,16 @@ <?xml version="1.0" encoding="utf-8"?> <Project ToolsVersion="4.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003"> <Import Project="$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.props))\EnlistmentInfo.props" Condition=" '$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.props))' != '' " /> + <Import Project="$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props" Condition="Exists('$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props')" /> + <PropertyGroup> + <VisualStudioVersion Condition="'$(VisualStudioVersion)' == ''">10.0</VisualStudioVersion> + <VSToolsPath Condition="'$(VSToolsPath)' == ''">$(MSBuildExtensionsPath32)\Microsoft\VisualStudio\v$(VisualStudioVersion)</VSToolsPath> + <TargetFrameworkProfile /> + <IISExpressSSLPort /> + <IISExpressAnonymousAuthentication>disabled</IISExpressAnonymousAuthentication> + <IISExpressWindowsAuthentication>disabled</IISExpressWindowsAuthentication> + <IISExpressUseClassicPipelineMode>false</IISExpressUseClassicPipelineMode> + </PropertyGroup> <PropertyGroup> <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration> <Platform Condition=" '$(Platform)' == '' ">AnyCPU</Platform> @@ -11,7 +21,7 @@ <OutputType>Library</OutputType> <RootNamespace>OpenIdRelyingPartyWebFormsVB</RootNamespace> <AssemblyName>OpenIdRelyingPartyWebFormsVB</AssemblyName> - <TargetFrameworkVersion>v3.5</TargetFrameworkVersion> + <TargetFrameworkVersion>v4.0</TargetFrameworkVersion> <MyType>Custom</MyType> <OptionExplicit>On</OptionExplicit> <OptionCompare>Binary</OptionCompare> @@ -19,9 +29,9 @@ <OptionInfer>On</OptionInfer> <FileUpgradeFlags> </FileUpgradeFlags> - <OldToolsVersion>3.5</OldToolsVersion> + <OldToolsVersion>4.0</OldToolsVersion> <UpgradeBackupLocation /> - <UseIISExpress>false</UseIISExpress> + <UseIISExpress>true</UseIISExpress> </PropertyGroup> <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' "> <DebugSymbols>true</DebugSymbols> @@ -52,25 +62,19 @@ </Reference> <Reference Include="System" /> <Reference Include="System.Data" /> + <Reference Include="System.Data.DataSetExtensions" /> <Reference Include="System.Drawing" /> - <Reference Include="System.Core"> - <RequiredTargetFramework>3.5</RequiredTargetFramework> - </Reference> - <Reference Include="System.Data.DataSetExtensions"> - <RequiredTargetFramework>3.5</RequiredTargetFramework> - </Reference> - <Reference Include="System.Web.Extensions"> - <RequiredTargetFramework>3.5</RequiredTargetFramework> - </Reference> - <Reference Include="System.Xml.Linq"> - <RequiredTargetFramework>3.5</RequiredTargetFramework> - </Reference> + <Reference Include="System.Web.ApplicationServices" /> + <Reference Include="System.Web.DynamicData" /> + <Reference Include="System.Web.Entity" /> + <Reference Include="System.Web.Extensions" /> <Reference Include="System.Web" /> <Reference Include="System.Xml" /> <Reference Include="System.Configuration" /> <Reference Include="System.Web.Services" /> <Reference Include="System.EnterpriseServices" /> <Reference Include="System.Web.Mobile" /> + <Reference Include="System.Xml.Linq" /> </ItemGroup> <ItemGroup> <Import Include="Microsoft.VisualBasic" /> @@ -99,7 +103,9 @@ <Content Include="Default.aspx" /> <Content Include="images\openid_login.png" /> <Content Include="Login.aspx" /> - <Content Include="Web.config" /> + <Content Include="Web.config"> + <SubType>Designer</SubType> + </Content> </ItemGroup> <ItemGroup> <Compile Include="Code\State.vb" /> @@ -218,7 +224,8 @@ <Folder Include="App_Data\" /> </ItemGroup> <Import Project="$(MSBuildBinPath)\Microsoft.VisualBasic.targets" /> - <Import Project="$(MSBuildExtensionsPath32)\Microsoft\VisualStudio\v10.0\WebApplications\Microsoft.WebApplication.targets" /> + <Import Project="$(VSToolsPath)\WebApplications\Microsoft.WebApplication.targets" Condition="'$(VSToolsPath)' != ''" /> + <Import Project="$(MSBuildExtensionsPath32)\Microsoft\VisualStudio\v10.0\WebApplications\Microsoft.WebApplication.targets" Condition="false" /> <!-- To modify your build process, add your task inside one of the targets below and uncomment it. Other similar extension points exist, see Microsoft.Common.targets. <Target Name="BeforeBuild"> @@ -230,12 +237,11 @@ <VisualStudio> <FlavorProperties GUID="{349c5851-65df-11da-9384-00065b846f21}"> <WebProjectProperties> - <UseIIS>False</UseIIS> + <UseIIS>True</UseIIS> <AutoAssignPort>True</AutoAssignPort> <DevelopmentServerPort>27433</DevelopmentServerPort> <DevelopmentServerVPath>/</DevelopmentServerVPath> - <IISUrl> - </IISUrl> + <IISUrl>http://localhost:27433/</IISUrl> <NTLMAuthentication>False</NTLMAuthentication> <UseCustomServer>False</UseCustomServer> <CustomServerUrl> diff --git a/samples/OpenIdRelyingPartyWebFormsVB/Web.config b/samples/OpenIdRelyingPartyWebFormsVB/Web.config index 9c65b28..b849324 100644 --- a/samples/OpenIdRelyingPartyWebFormsVB/Web.config +++ b/samples/OpenIdRelyingPartyWebFormsVB/Web.config @@ -1,7 +1,6 @@ <?xml version="1.0"?> <configuration> <configSections> - <section name="uri" type="System.Configuration.UriSection, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" /> <section name="log4net" type="log4net.Config.Log4NetConfigurationSectionHandler" requirePermission="false" /> <sectionGroup name="dotNetOpenAuth" type="DotNetOpenAuth.Configuration.DotNetOpenAuthSection, DotNetOpenAuth.Core"> <section name="openid" type="DotNetOpenAuth.Configuration.OpenIdElement, DotNetOpenAuth.OpenId" requirePermission="false" allowLocation="true" /> @@ -71,7 +70,7 @@ <system.web> <!--<sessionState cookieless="true" />--> - <compilation debug="true"> + <compilation debug="true" targetFramework="4.0"> <assemblies> <remove assembly="DotNetOpenAuth.Contracts"/> </assemblies> @@ -88,6 +87,7 @@ Low: doesn't work because WebPermission.Connect is denied. --> <trust level="Medium" originUrl=".*"/> + <pages controlRenderingCompatibilityVersion="3.5" clientIDMode="AutoID" /> </system.web> <!-- log4net is a 3rd party (free) logger library that DotNetOpenAuth will use if present but does not require. --> @@ -119,8 +119,10 @@ <level value="INFO" /> </logger> </log4net> - <runtime> <legacyHMACWarning enabled="0" /> </runtime> -</configuration> + <system.webServer> + <modules runAllManagedModulesForAllRequests="true" /> + </system.webServer> +</configuration>
\ No newline at end of file diff --git a/samples/OpenIdWebRingSsoProvider/OpenIdWebRingSsoProvider.csproj b/samples/OpenIdWebRingSsoProvider/OpenIdWebRingSsoProvider.csproj index 870a22c..c8836d0 100644 --- a/samples/OpenIdWebRingSsoProvider/OpenIdWebRingSsoProvider.csproj +++ b/samples/OpenIdWebRingSsoProvider/OpenIdWebRingSsoProvider.csproj @@ -1,6 +1,15 @@ <?xml version="1.0" encoding="utf-8"?> <Project ToolsVersion="4.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003"> <Import Project="$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.props))\EnlistmentInfo.props" Condition=" '$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.props))' != '' " /> + <Import Project="$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props" Condition="Exists('$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props')" /> + <PropertyGroup> + <VisualStudioVersion Condition="'$(VisualStudioVersion)' == ''">10.0</VisualStudioVersion> + <VSToolsPath Condition="'$(VSToolsPath)' == ''">$(MSBuildExtensionsPath32)\Microsoft\VisualStudio\v$(VisualStudioVersion)</VSToolsPath> + <IISExpressSSLPort /> + <IISExpressAnonymousAuthentication>disabled</IISExpressAnonymousAuthentication> + <IISExpressWindowsAuthentication>disabled</IISExpressWindowsAuthentication> + <IISExpressUseClassicPipelineMode>false</IISExpressUseClassicPipelineMode> + </PropertyGroup> <PropertyGroup> <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration> <Platform Condition=" '$(Platform)' == '' ">AnyCPU</Platform> @@ -12,13 +21,13 @@ <AppDesignerFolder>Properties</AppDesignerFolder> <RootNamespace>OpenIdWebRingSsoProvider</RootNamespace> <AssemblyName>OpenIdWebRingSsoProvider</AssemblyName> - <TargetFrameworkVersion>v3.5</TargetFrameworkVersion> + <TargetFrameworkVersion>v4.0</TargetFrameworkVersion> <FileUpgradeFlags> </FileUpgradeFlags> - <OldToolsVersion>3.5</OldToolsVersion> + <OldToolsVersion>4.0</OldToolsVersion> <UpgradeBackupLocation /> <TargetFrameworkProfile /> - <UseIISExpress>false</UseIISExpress> + <UseIISExpress>true</UseIISExpress> </PropertyGroup> <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' "> <DebugSymbols>true</DebugSymbols> @@ -45,20 +54,18 @@ <Reference Include="System.Data.DataSetExtensions" /> <Reference Include="System.Web.DynamicData" /> <Reference Include="System.Web.Entity" /> - <Reference Include="System.Web.Extensions"> - <RequiredTargetFramework>3.5</RequiredTargetFramework> - </Reference> <Reference Include="System.Drawing" /> <Reference Include="System.Web" /> + <Reference Include="System.Web.Extensions" /> <Reference Include="System.Xml" /> <Reference Include="System.Configuration" /> <Reference Include="System.Web.Services" /> <Reference Include="System.EnterpriseServices" /> <Reference Include="System.Web.Mobile" /> - <Reference Include="System.Xml.Linq" /> <Reference Include="System.Web.ApplicationServices" Condition=" '$(TargetFrameworkVersion)' != 'v3.5' "> <RequiredTargetFramework>v4.0</RequiredTargetFramework> </Reference> + <Reference Include="System.Xml.Linq" /> </ItemGroup> <ItemGroup> <Content Include="App_Data\Users.xml" /> @@ -74,7 +81,6 @@ <Compile Include="Code\ReadOnlyXmlMembershipProvider.cs" /> <Compile Include="Code\Util.cs" /> <Compile Include="Default.aspx.cs"> - <SubType>ASPXCodeBehind</SubType> <DependentUpon>Default.aspx</DependentUpon> </Compile> <Compile Include="Default.aspx.designer.cs"> @@ -82,7 +88,6 @@ </Compile> <Compile Include="Login.aspx.cs"> <DependentUpon>Login.aspx</DependentUpon> - <SubType>ASPXCodeBehind</SubType> </Compile> <Compile Include="Login.aspx.designer.cs"> <DependentUpon>Login.aspx</DependentUpon> @@ -90,14 +95,12 @@ <Compile Include="Properties\AssemblyInfo.cs" /> <Compile Include="Server.aspx.cs"> <DependentUpon>Server.aspx</DependentUpon> - <SubType>ASPXCodeBehind</SubType> </Compile> <Compile Include="Server.aspx.designer.cs"> <DependentUpon>Server.aspx</DependentUpon> </Compile> <Compile Include="user.aspx.cs"> <DependentUpon>user.aspx</DependentUpon> - <SubType>ASPXCodeBehind</SubType> </Compile> <Compile Include="user.aspx.designer.cs"> <DependentUpon>user.aspx</DependentUpon> @@ -130,7 +133,8 @@ </ProjectReference> </ItemGroup> <Import Project="$(MSBuildBinPath)\Microsoft.CSharp.targets" /> - <Import Project="$(MSBuildExtensionsPath32)\Microsoft\VisualStudio\v10.0\WebApplications\Microsoft.WebApplication.targets" /> + <Import Project="$(VSToolsPath)\WebApplications\Microsoft.WebApplication.targets" Condition="'$(VSToolsPath)' != ''" /> + <Import Project="$(MSBuildExtensionsPath32)\Microsoft\VisualStudio\v10.0\WebApplications\Microsoft.WebApplication.targets" Condition="false" /> <!-- To modify your build process, add your task inside one of the targets below and uncomment it. Other similar extension points exist, see Microsoft.Common.targets. <Target Name="BeforeBuild"> @@ -146,8 +150,7 @@ <AutoAssignPort>False</AutoAssignPort> <DevelopmentServerPort>39167</DevelopmentServerPort> <DevelopmentServerVPath>/</DevelopmentServerVPath> - <IISUrl> - </IISUrl> + <IISUrl>http://localhost:39167/</IISUrl> <NTLMAuthentication>False</NTLMAuthentication> <UseCustomServer>False</UseCustomServer> <CustomServerUrl> diff --git a/samples/OpenIdWebRingSsoProvider/Web.config b/samples/OpenIdWebRingSsoProvider/Web.config index 656ea44..3304e97 100644 --- a/samples/OpenIdWebRingSsoProvider/Web.config +++ b/samples/OpenIdWebRingSsoProvider/Web.config @@ -1,7 +1,6 @@ <?xml version="1.0"?> <configuration> <configSections> - <section name="uri" type="System.Configuration.UriSection, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"/> <section name="log4net" type="log4net.Config.Log4NetConfigurationSectionHandler" requirePermission="false"/> <sectionGroup name="dotNetOpenAuth" type="DotNetOpenAuth.Configuration.DotNetOpenAuthSection, DotNetOpenAuth.Core"> <section name="openid" type="DotNetOpenAuth.Configuration.OpenIdElement, DotNetOpenAuth.OpenId" requirePermission="false" allowLocation="true" /> @@ -9,17 +8,6 @@ <section name="messaging" type="DotNetOpenAuth.Configuration.MessagingElement, DotNetOpenAuth.Core" requirePermission="false" allowLocation="true" /> <section name="reporting" type="DotNetOpenAuth.Configuration.ReportingElement, DotNetOpenAuth.Core" requirePermission="false" allowLocation="true" /> </sectionGroup> - <sectionGroup name="system.web.extensions" type="System.Web.Configuration.SystemWebExtensionsSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"> - <sectionGroup name="scripting" type="System.Web.Configuration.ScriptingSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"> - <section name="scriptResourceHandler" type="System.Web.Configuration.ScriptingScriptResourceHandlerSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication"/> - <sectionGroup name="webServices" type="System.Web.Configuration.ScriptingWebServicesSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"> - <section name="jsonSerialization" type="System.Web.Configuration.ScriptingJsonSerializationSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="Everywhere" /> - <section name="profileService" type="System.Web.Configuration.ScriptingProfileServiceSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication" /> - <section name="authenticationService" type="System.Web.Configuration.ScriptingAuthenticationServiceSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication" /> - <section name="roleService" type="System.Web.Configuration.ScriptingRoleServiceSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication" /> - </sectionGroup> - </sectionGroup> - </sectionGroup> </configSections> <!-- The uri section is necessary to turn on .NET 3.5 support for IDN (international domain names), @@ -79,16 +67,10 @@ affects performance, set this value to true only during development. --> - <compilation debug="false"> - + <compilation debug="false" targetFramework="4.0"> <assemblies> - <add assembly="System.Core, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/> - <add assembly="System.Data.DataSetExtensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/> - <add assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add assembly="System.Xml.Linq, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/> <remove assembly="DotNetOpenAuth.Contracts"/> </assemblies> - </compilation> <!-- this sample-only provider uses the hard-coded list of users in the App_Data\Users.xml file --> <membership defaultProvider="AspNetReadOnlyXmlMembershipProvider"> @@ -119,70 +101,13 @@ <error statusCode="404" redirect="FileNotFound.htm" /> </customErrors> --> - - <pages> - <controls> - <add tagPrefix="asp" namespace="System.Web.UI" assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add tagPrefix="asp" namespace="System.Web.UI.WebControls" assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - </controls> - </pages> - - <httpHandlers> - <remove verb="*" path="*.asmx"/> - <add verb="*" path="*.asmx" validate="false" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add verb="*" path="*_AppService.axd" validate="false" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add verb="GET,HEAD" path="ScriptResource.axd" type="System.Web.Handlers.ScriptResourceHandler, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" validate="false"/> - </httpHandlers> - <httpModules> - <add name="ScriptModule" type="System.Web.Handlers.ScriptModule, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - </httpModules> - + <pages controlRenderingCompatibilityVersion="3.5" clientIDMode="AutoID"/> </system.web> - - <system.codedom> - <compilers> - <compiler language="c#;cs;csharp" extension=".cs" warningLevel="4" - type="Microsoft.CSharp.CSharpCodeProvider, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"> - <providerOption name="CompilerVersion" value="v3.5"/> - <providerOption name="WarnAsError" value="false"/> - </compiler> - </compilers> - </system.codedom> - <!-- The system.webServer section is required for running ASP.NET AJAX under Internet Information Services 7.0. It is not necessary for previous version of IIS. --> <system.webServer> - <validation validateIntegratedModeConfiguration="false"/> - <modules> - <remove name="ScriptModule" /> - <add name="ScriptModule" preCondition="managedHandler" type="System.Web.Handlers.ScriptModule, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - </modules> - <handlers> - <remove name="WebServiceHandlerFactory-Integrated"/> - <remove name="ScriptHandlerFactory" /> - <remove name="ScriptHandlerFactoryAppServices" /> - <remove name="ScriptResource" /> - <add name="ScriptHandlerFactory" verb="*" path="*.asmx" preCondition="integratedMode" - type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add name="ScriptHandlerFactoryAppServices" verb="*" path="*_AppService.axd" preCondition="integratedMode" - type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add name="ScriptResource" preCondition="integratedMode" verb="GET,HEAD" path="ScriptResource.axd" type="System.Web.Handlers.ScriptResourceHandler, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" /> - </handlers> + <modules runAllManagedModulesForAllRequests="true"/> </system.webServer> - - <runtime> - <assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1"> - <dependentAssembly> - <assemblyIdentity name="System.Web.Extensions" publicKeyToken="31bf3856ad364e35"/> - <bindingRedirect oldVersion="1.0.0.0-1.1.0.0" newVersion="3.5.0.0"/> - </dependentAssembly> - <dependentAssembly> - <assemblyIdentity name="System.Web.Extensions.Design" publicKeyToken="31bf3856ad364e35"/> - <bindingRedirect oldVersion="1.0.0.0-1.1.0.0" newVersion="3.5.0.0"/> - </dependentAssembly> - </assemblyBinding> - </runtime> - -</configuration> +</configuration>
\ No newline at end of file diff --git a/samples/OpenIdWebRingSsoRelyingParty/OpenIdWebRingSsoRelyingParty.csproj b/samples/OpenIdWebRingSsoRelyingParty/OpenIdWebRingSsoRelyingParty.csproj index a3b16f7..e478d99 100644 --- a/samples/OpenIdWebRingSsoRelyingParty/OpenIdWebRingSsoRelyingParty.csproj +++ b/samples/OpenIdWebRingSsoRelyingParty/OpenIdWebRingSsoRelyingParty.csproj @@ -1,6 +1,15 @@ <?xml version="1.0" encoding="utf-8"?> <Project ToolsVersion="4.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003"> <Import Project="$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.props))\EnlistmentInfo.props" Condition=" '$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.props))' != '' " /> + <Import Project="$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props" Condition="Exists('$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props')" /> + <PropertyGroup> + <VisualStudioVersion Condition="'$(VisualStudioVersion)' == ''">10.0</VisualStudioVersion> + <VSToolsPath Condition="'$(VSToolsPath)' == ''">$(MSBuildExtensionsPath32)\Microsoft\VisualStudio\v$(VisualStudioVersion)</VSToolsPath> + <IISExpressSSLPort /> + <IISExpressAnonymousAuthentication /> + <IISExpressWindowsAuthentication /> + <IISExpressUseClassicPipelineMode /> + </PropertyGroup> <PropertyGroup> <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration> <Platform Condition=" '$(Platform)' == '' ">AnyCPU</Platform> @@ -12,13 +21,13 @@ <AppDesignerFolder>Properties</AppDesignerFolder> <RootNamespace>OpenIdWebRingSsoRelyingParty</RootNamespace> <AssemblyName>OpenIdWebRingSsoRelyingParty</AssemblyName> - <TargetFrameworkVersion>v3.5</TargetFrameworkVersion> + <TargetFrameworkVersion>v4.0</TargetFrameworkVersion> <FileUpgradeFlags> </FileUpgradeFlags> - <OldToolsVersion>3.5</OldToolsVersion> + <OldToolsVersion>4.0</OldToolsVersion> <UpgradeBackupLocation /> <TargetFrameworkProfile /> - <UseIISExpress>false</UseIISExpress> + <UseIISExpress>true</UseIISExpress> </PropertyGroup> <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' "> <DebugSymbols>true</DebugSymbols> @@ -43,11 +52,12 @@ <Reference Include="System" /> <Reference Include="System.Data" /> <Reference Include="System.Data.DataSetExtensions" /> - <Reference Include="System.Web.Extensions"> - <RequiredTargetFramework>3.5</RequiredTargetFramework> - </Reference> <Reference Include="System.Drawing" /> <Reference Include="System.Web" /> + <Reference Include="System.Web.ApplicationServices" /> + <Reference Include="System.Web.DynamicData" /> + <Reference Include="System.Web.Entity" /> + <Reference Include="System.Web.Extensions" /> <Reference Include="System.Xml" /> <Reference Include="System.Configuration" /> <Reference Include="System.Web.Services" /> @@ -64,13 +74,11 @@ <ItemGroup> <Compile Include="Admin\Default.aspx.cs"> <DependentUpon>Default.aspx</DependentUpon> - <SubType>ASPXCodeBehind</SubType> </Compile> <Compile Include="Admin\Default.aspx.designer.cs"> <DependentUpon>Default.aspx</DependentUpon> </Compile> <Compile Include="Default.aspx.cs"> - <SubType>ASPXCodeBehind</SubType> <DependentUpon>Default.aspx</DependentUpon> </Compile> <Compile Include="Default.aspx.designer.cs"> @@ -78,7 +86,6 @@ </Compile> <Compile Include="Login.aspx.cs"> <DependentUpon>Login.aspx</DependentUpon> - <SubType>ASPXCodeBehind</SubType> </Compile> <Compile Include="Login.aspx.designer.cs"> <DependentUpon>Login.aspx</DependentUpon> @@ -112,7 +119,8 @@ </ProjectReference> </ItemGroup> <Import Project="$(MSBuildBinPath)\Microsoft.CSharp.targets" /> - <Import Project="$(MSBuildExtensionsPath32)\Microsoft\VisualStudio\v10.0\WebApplications\Microsoft.WebApplication.targets" /> + <Import Project="$(VSToolsPath)\WebApplications\Microsoft.WebApplication.targets" Condition="'$(VSToolsPath)' != ''" /> + <Import Project="$(MSBuildExtensionsPath32)\Microsoft\VisualStudio\v10.0\WebApplications\Microsoft.WebApplication.targets" Condition="false" /> <!-- To modify your build process, add your task inside one of the targets below and uncomment it. Other similar extension points exist, see Microsoft.Common.targets. <Target Name="BeforeBuild"> @@ -124,12 +132,11 @@ <VisualStudio> <FlavorProperties GUID="{349c5851-65df-11da-9384-00065b846f21}"> <WebProjectProperties> - <UseIIS>False</UseIIS> + <UseIIS>True</UseIIS> <AutoAssignPort>False</AutoAssignPort> <DevelopmentServerPort>39165</DevelopmentServerPort> <DevelopmentServerVPath>/</DevelopmentServerVPath> - <IISUrl> - </IISUrl> + <IISUrl>http://localhost:39165/</IISUrl> <NTLMAuthentication>False</NTLMAuthentication> <UseCustomServer>False</UseCustomServer> <CustomServerUrl> diff --git a/samples/OpenIdWebRingSsoRelyingParty/Web.config b/samples/OpenIdWebRingSsoRelyingParty/Web.config index 5c5965d..b64f037 100644 --- a/samples/OpenIdWebRingSsoRelyingParty/Web.config +++ b/samples/OpenIdWebRingSsoRelyingParty/Web.config @@ -2,7 +2,6 @@ <configuration> <configSections> - <section name="uri" type="System.Configuration.UriSection, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" /> <section name="log4net" type="log4net.Config.Log4NetConfigurationSectionHandler" requirePermission="false" /> <sectionGroup name="dotNetOpenAuth" type="DotNetOpenAuth.Configuration.DotNetOpenAuthSection, DotNetOpenAuth.Core"> <section name="openid" type="DotNetOpenAuth.Configuration.OpenIdElement, DotNetOpenAuth.OpenId" requirePermission="false" allowLocation="true" /> @@ -10,17 +9,6 @@ <section name="messaging" type="DotNetOpenAuth.Configuration.MessagingElement, DotNetOpenAuth.Core" requirePermission="false" allowLocation="true" /> <section name="reporting" type="DotNetOpenAuth.Configuration.ReportingElement, DotNetOpenAuth.Core" requirePermission="false" allowLocation="true" /> </sectionGroup> - <sectionGroup name="system.web.extensions" type="System.Web.Configuration.SystemWebExtensionsSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"> - <sectionGroup name="scripting" type="System.Web.Configuration.ScriptingSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"> - <section name="scriptResourceHandler" type="System.Web.Configuration.ScriptingScriptResourceHandlerSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication"/> - <sectionGroup name="webServices" type="System.Web.Configuration.ScriptingWebServicesSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"> - <section name="jsonSerialization" type="System.Web.Configuration.ScriptingJsonSerializationSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="Everywhere" /> - <section name="profileService" type="System.Web.Configuration.ScriptingProfileServiceSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication" /> - <section name="authenticationService" type="System.Web.Configuration.ScriptingAuthenticationServiceSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication" /> - <section name="roleService" type="System.Web.Configuration.ScriptingRoleServiceSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication" /> - </sectionGroup> - </sectionGroup> - </sectionGroup> </configSections> <!-- The uri section is necessary to turn on .NET 3.5 support for IDN (international domain names), @@ -86,13 +74,8 @@ affects performance, set this value to true only during development. --> - <compilation debug="false"> - + <compilation debug="false" targetFramework="4.0"> <assemblies> - <add assembly="System.Core, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/> - <add assembly="System.Data.DataSetExtensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/> - <add assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add assembly="System.Xml.Linq, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/> <remove assembly="DotNetOpenAuth.Contracts"/> </assemblies> @@ -120,73 +103,15 @@ <error statusCode="404" redirect="FileNotFound.htm" /> </customErrors> --> - - <pages> - <controls> - <add tagPrefix="asp" namespace="System.Web.UI" assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add tagPrefix="asp" namespace="System.Web.UI.WebControls" assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - </controls> - </pages> - - <httpHandlers> - <remove verb="*" path="*.asmx"/> - <add verb="*" path="*.asmx" validate="false" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add verb="*" path="*_AppService.axd" validate="false" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add verb="GET,HEAD" path="ScriptResource.axd" type="System.Web.Handlers.ScriptResourceHandler, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" validate="false"/> - </httpHandlers> <httpModules> - <add name="ScriptModule" type="System.Web.Handlers.ScriptModule, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> <add name="AuthTicketRoles" type="OpenIdWebRingSsoRelyingParty.AuthTicketRoles, OpenIdWebRingSsoRelyingParty"/> </httpModules> - + <pages controlRenderingCompatibilityVersion="3.5" clientIDMode="AutoID"/> </system.web> - - <system.codedom> - <compilers> - <compiler language="c#;cs;csharp" extension=".cs" warningLevel="4" - type="Microsoft.CSharp.CSharpCodeProvider, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"> - <providerOption name="CompilerVersion" value="v3.5"/> - <providerOption name="WarnAsError" value="false"/> - </compiler> - </compilers> - </system.codedom> - <!-- The system.webServer section is required for running ASP.NET AJAX under Internet Information Services 7.0. It is not necessary for previous version of IIS. --> - <system.webServer> - <validation validateIntegratedModeConfiguration="false"/> - <modules> - <remove name="ScriptModule" /> - <add name="ScriptModule" preCondition="managedHandler" type="System.Web.Handlers.ScriptModule, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - </modules> - <handlers> - <remove name="WebServiceHandlerFactory-Integrated"/> - <remove name="ScriptHandlerFactory" /> - <remove name="ScriptHandlerFactoryAppServices" /> - <remove name="ScriptResource" /> - <add name="ScriptHandlerFactory" verb="*" path="*.asmx" preCondition="integratedMode" - type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add name="ScriptHandlerFactoryAppServices" verb="*" path="*_AppService.axd" preCondition="integratedMode" - type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add name="ScriptResource" preCondition="integratedMode" verb="GET,HEAD" path="ScriptResource.axd" type="System.Web.Handlers.ScriptResourceHandler, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" /> - </handlers> - </system.webServer> - - <runtime> - <assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1"> - <dependentAssembly> - <assemblyIdentity name="System.Web.Extensions" publicKeyToken="31bf3856ad364e35"/> - <bindingRedirect oldVersion="1.0.0.0-1.1.0.0" newVersion="3.5.0.0"/> - </dependentAssembly> - <dependentAssembly> - <assemblyIdentity name="System.Web.Extensions.Design" publicKeyToken="31bf3856ad364e35"/> - <bindingRedirect oldVersion="1.0.0.0-1.1.0.0" newVersion="3.5.0.0"/> - </dependentAssembly> - </assemblyBinding> - </runtime> - <location path="xrds.aspx"> <system.web> <authorization> @@ -194,7 +119,6 @@ </authorization> </system.web> </location> - <location path="default.aspx"> <system.web> <authorization> @@ -202,4 +126,7 @@ </authorization> </system.web> </location> -</configuration> + <system.webServer> + <modules runAllManagedModulesForAllRequests="true"/> + </system.webServer> +</configuration>
\ No newline at end of file diff --git a/samples/tools.proj b/samples/tools.proj index d72e364..42a6a47 100644 --- a/samples/tools.proj +++ b/samples/tools.proj @@ -26,7 +26,6 @@ Exclude=" $(OutputPath)$(ProductName).dll; $(OutputPath)$(SignedSubPath)$(ProductName).dll; - $(ProjectRoot)lib\Microsoft.Contracts.dll; $(OutputPath)System.Web.Mvc.dll; " /> diff --git a/src/DotNetOpenAuth.Core/Assumes.cs b/src/DotNetOpenAuth.Core/Assumes.cs index f29f09f..151fa2f 100644 --- a/src/DotNetOpenAuth.Core/Assumes.cs +++ b/src/DotNetOpenAuth.Core/Assumes.cs @@ -58,6 +58,14 @@ namespace DotNetOpenAuth { } /// <summary> + /// Throws an internal error exception. + /// </summary> + /// <returns>Nothing. This method always throws.</returns> + internal static Exception NotReachable() { + throw new InternalErrorException(); + } + + /// <summary> /// An internal error exception that should never be caught. /// </summary> [SuppressMessage("Microsoft.Design", "CA1064:ExceptionsShouldBePublic", Justification = "This exception should never be caught.")] diff --git a/src/DotNetOpenAuth.Core/Configuration/DotNetOpenAuth.xsd b/src/DotNetOpenAuth.Core/Configuration/DotNetOpenAuth.xsd index d193776..74d4db4 100644 --- a/src/DotNetOpenAuth.Core/Configuration/DotNetOpenAuth.xsd +++ b/src/DotNetOpenAuth.Core/Configuration/DotNetOpenAuth.xsd @@ -479,12 +479,19 @@ <xs:choice minOccurs="0" maxOccurs="unbounded"> <xs:element name="add"> <xs:complexType> - <xs:attribute name="name" type="xs:string" use="required" /> + <xs:attribute name="type" type="xs:string" use="optional"> + <xs:annotation> + <xs:documentation> + The fully-qualified name of the type that implements the IIdentifierDiscoveryService interface. + </xs:documentation> + </xs:annotation> + </xs:attribute> + <xs:attribute name="xaml" type="xs:string" use="optional" /> </xs:complexType> </xs:element> <xs:element name="remove"> <xs:complexType> - <xs:attribute name="name" type="xs:string" use="required" /> + <xs:attribute name="type" type="xs:string" use="required" /> </xs:complexType> </xs:element> <xs:element name="clear"> @@ -898,6 +905,84 @@ </xs:choice> </xs:complexType> </xs:element> + <xs:element name="oauth2"> + <xs:annotation> + <xs:documentation> + Settings OAuth 2 clients, authorization servers and resource servers. + </xs:documentation> + </xs:annotation> + <xs:complexType> + <xs:choice minOccurs="0" maxOccurs="unbounded"> + <xs:element name="client"> + <xs:annotation> + <xs:documentation> + Settings applicable to OAuth 2 Clients. + </xs:documentation> + </xs:annotation> + <xs:complexType> + <xs:choice minOccurs="0" maxOccurs="unbounded"> + </xs:choice> + </xs:complexType> + </xs:element> + <xs:element name="authorizationServer"> + <xs:annotation> + <xs:documentation> + Settings applicable to OAuth 2 Authorization Servers. + </xs:documentation> + </xs:annotation> + <xs:complexType> + <xs:choice minOccurs="0" maxOccurs="unbounded"> + <xs:element name="clientAuthenticationModules"> + <xs:complexType> + <xs:choice minOccurs="0" maxOccurs="unbounded"> + <xs:element name="add"> + <xs:complexType> + <xs:attribute name="type" type="xs:string" use="optional"> + <xs:annotation> + <xs:documentation> + The fully-qualified name of the ClientAuthenticationModule-derived type. + </xs:documentation> + </xs:annotation> + </xs:attribute> + <xs:attribute name="xaml" type="xs:string" use="optional" /> + </xs:complexType> + </xs:element> + <xs:element name="remove"> + <xs:complexType> + <xs:attribute name="type" type="xs:string" use="required"> + <xs:annotation> + <xs:documentation> + The fully-qualified name of the ClientAuthenticationModule-derived type. + </xs:documentation> + </xs:annotation> + </xs:attribute> + </xs:complexType> + </xs:element> + <xs:element name="clear"> + <xs:complexType> + <!--tag is empty--> + </xs:complexType> + </xs:element> + </xs:choice> + </xs:complexType> + </xs:element> + </xs:choice> + </xs:complexType> + </xs:element> + <xs:element name="resourceServer"> + <xs:annotation> + <xs:documentation> + Settings applicable to OAuth 2 Resource Servers. + </xs:documentation> + </xs:annotation> + <xs:complexType> + <xs:choice minOccurs="0" maxOccurs="unbounded"> + </xs:choice> + </xs:complexType> + </xs:element> + </xs:choice> + </xs:complexType> + </xs:element> <xs:element name="reporting"> <xs:annotation> <xs:documentation> diff --git a/src/DotNetOpenAuth.Core/DotNetOpenAuth.Core.csproj b/src/DotNetOpenAuth.Core/DotNetOpenAuth.Core.csproj index 447a3c5..5e079a0 100644 --- a/src/DotNetOpenAuth.Core/DotNetOpenAuth.Core.csproj +++ b/src/DotNetOpenAuth.Core/DotNetOpenAuth.Core.csproj @@ -19,6 +19,7 @@ </PropertyGroup> <ItemGroup> <Compile Include="Assumes.cs" /> + <Compile Include="Messaging\Base64WebEncoder.cs" /> <Compile Include="Messaging\Bindings\AsymmetricCryptoKeyStoreWrapper.cs" /> <Compile Include="Messaging\Bindings\CryptoKey.cs" /> <Compile Include="Messaging\Bindings\CryptoKeyCollisionException.cs" /> @@ -29,6 +30,8 @@ <Compile Include="Messaging\ChannelContract.cs" /> <Compile Include="Messaging\DataBagFormatterBase.cs" /> <Compile Include="Messaging\HttpRequestHeaders.cs" /> + <Compile Include="Messaging\IHttpDirectRequest.cs" /> + <Compile Include="Messaging\IHttpDirectRequestContract.cs" /> <Compile Include="Messaging\IHttpIndirectResponse.cs" /> <Compile Include="Messaging\IMessageOriginalPayload.cs" /> <Compile Include="Messaging\DirectWebRequestOptions.cs" /> @@ -53,6 +56,7 @@ <Compile Include="Messaging\MultipartPostPart.cs" /> <Compile Include="Messaging\NetworkDirectWebResponse.cs" /> <Compile Include="Messaging\OutgoingWebResponseActionResult.cs" /> + <Compile Include="Messaging\ProtocolFaultResponseException.cs" /> <Compile Include="Messaging\Reflection\IMessagePartEncoder.cs" /> <Compile Include="Messaging\Reflection\IMessagePartNullEncoder.cs" /> <Compile Include="Messaging\Reflection\IMessagePartOriginalEncoder.cs" /> diff --git a/src/DotNetOpenAuth.Core/Messaging/Base64WebEncoder.cs b/src/DotNetOpenAuth.Core/Messaging/Base64WebEncoder.cs new file mode 100644 index 0000000..135e650 --- /dev/null +++ b/src/DotNetOpenAuth.Core/Messaging/Base64WebEncoder.cs @@ -0,0 +1,37 @@ +//----------------------------------------------------------------------- +// <copyright file="Base64WebEncoder.cs" company="Andrew Arnott"> +// Copyright (c) Andrew Arnott. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- + +namespace DotNetOpenAuth.Messaging { + using System; + using System.Collections.Generic; + using System.Linq; + using System.Text; + using DotNetOpenAuth.Messaging.Reflection; + + /// <summary> + /// A message part encoder that translates between <c>byte[]</c> and base64web encoded strings. + /// </summary> + internal class Base64WebEncoder : IMessagePartEncoder { + /// <summary> + /// Encodes the specified value. + /// </summary> + /// <param name="value">The value. Guaranteed to never be null.</param> + /// <returns>The <paramref name="value"/> in string form, ready for message transport.</returns> + public string Encode(object value) { + return MessagingUtilities.ConvertToBase64WebSafeString((byte[])value); + } + + /// <summary> + /// Decodes the specified value. + /// </summary> + /// <param name="value">The string value carried by the transport. Guaranteed to never be null, although it may be empty.</param> + /// <returns>The deserialized form of the given string.</returns> + /// <exception cref="FormatException">Thrown when the string value given cannot be decoded into the required object type.</exception> + public object Decode(string value) { + return MessagingUtilities.FromBase64WebSafeString(value); + } + } +} diff --git a/src/DotNetOpenAuth.Core/Messaging/Channel.cs b/src/DotNetOpenAuth.Core/Messaging/Channel.cs index c58702c..672a942 100644 --- a/src/DotNetOpenAuth.Core/Messaging/Channel.cs +++ b/src/DotNetOpenAuth.Core/Messaging/Channel.cs @@ -38,6 +38,16 @@ namespace DotNetOpenAuth.Messaging { internal static readonly Encoding PostEntityEncoding = new UTF8Encoding(false); /// <summary> + /// A default set of XML dictionary reader quotas that are relatively safe from causing unbounded memory consumption. + /// </summary> + internal static readonly XmlDictionaryReaderQuotas DefaultUntrustedXmlDictionaryReaderQuotas = new XmlDictionaryReaderQuotas { + MaxArrayLength = 1, + MaxDepth = 2, + MaxBytesPerRead = 8 * 1024, + MaxStringContentLength = 16 * 1024, + }; + + /// <summary> /// The content-type used on HTTP POST requests where the POST entity is a /// URL-encoded series of key=value pairs. /// </summary> @@ -143,18 +153,16 @@ namespace DotNetOpenAuth.Messaging { /// A class prepared to analyze incoming messages and indicate what concrete /// message types can deserialize from it. /// </param> - /// <param name="bindingElements">The binding elements to use in sending and receiving messages.</param> + /// <param name="bindingElements"> + /// The binding elements to use in sending and receiving messages. + /// The order they are provided is used for outgoing messgaes, and reversed for incoming messages. + /// </param> protected Channel(IMessageFactory messageTypeProvider, params IChannelBindingElement[] bindingElements) { Requires.NotNull(messageTypeProvider, "messageTypeProvider"); this.messageTypeProvider = messageTypeProvider; this.WebRequestHandler = new StandardWebRequestHandler(); - this.XmlDictionaryReaderQuotas = new XmlDictionaryReaderQuotas { - MaxArrayLength = 1, - MaxDepth = 2, - MaxBytesPerRead = 8 * 1024, - MaxStringContentLength = 16 * 1024, - }; + this.XmlDictionaryReaderQuotas = DefaultUntrustedXmlDictionaryReaderQuotas; this.outgoingBindingElements = new List<IChannelBindingElement>(ValidateAndPrepareBindingElements(bindingElements)); this.incomingBindingElements = new List<IChannelBindingElement>(this.outgoingBindingElements); @@ -475,6 +483,14 @@ namespace DotNetOpenAuth.Messaging { IDirectedProtocolMessage requestMessage = this.ReadFromRequestCore(httpRequest); if (requestMessage != null) { Logger.Channel.DebugFormat("Incoming request received: {0}", requestMessage.GetType().Name); + + var directRequest = requestMessage as IHttpDirectRequest; + if (directRequest != null) { + foreach (string header in httpRequest.Headers) { + directRequest.Headers[header] = httpRequest.Headers[header]; + } + } + this.ProcessIncomingMessage(requestMessage); } @@ -714,6 +730,13 @@ namespace DotNetOpenAuth.Messaging { Requires.True(request.Recipient != null, "request", MessagingStrings.DirectedMessageMissingRecipient); HttpWebRequest webRequest = this.CreateHttpRequest(request); + var directRequest = request as IHttpDirectRequest; + if (directRequest != null) { + foreach (string header in directRequest.Headers) { + webRequest.Headers[header] = directRequest.Headers[header]; + } + } + IDictionary<string, string> responseFields; IDirectResponseProtocolMessage responseMessage; @@ -973,17 +996,7 @@ namespace DotNetOpenAuth.Messaging { [SuppressMessage("Microsoft.Reliability", "CA2000:Dispose objects before losing scope", Justification = "No apparent problem. False positive?")] protected virtual string SerializeAsJson(IMessage message) { Requires.NotNull(message, "message"); - - MessageDictionary messageDictionary = this.MessageDescriptions.GetAccessor(message); - using (var memoryStream = new MemoryStream()) { - using (var jsonWriter = JsonReaderWriterFactory.CreateJsonWriter(memoryStream, Encoding.UTF8)) { - MessageSerializer.Serialize(messageDictionary, jsonWriter); - jsonWriter.Flush(); - } - - string json = Encoding.UTF8.GetString(memoryStream.ToArray()); - return json; - } + return MessagingUtilities.SerializeAsJson(message, this.MessageDescriptions); } /// <summary> @@ -1079,6 +1092,7 @@ namespace DotNetOpenAuth.Messaging { UriBuilder builder = new UriBuilder(requestMessage.Recipient); MessagingUtilities.AppendQueryArgs(builder, fields); HttpWebRequest httpRequest = (HttpWebRequest)WebRequest.Create(builder.Uri); + this.PrepareHttpWebRequest(httpRequest); return httpRequest; } @@ -1119,6 +1133,7 @@ namespace DotNetOpenAuth.Messaging { var fields = messageAccessor.Serialize(); var httpRequest = (HttpWebRequest)WebRequest.Create(requestMessage.Recipient); + this.PrepareHttpWebRequest(httpRequest); httpRequest.CachePolicy = this.CachePolicy; httpRequest.Method = "POST"; @@ -1296,6 +1311,14 @@ namespace DotNetOpenAuth.Messaging { } /// <summary> + /// Performs additional processing on an outgoing web request before it is sent to the remote server. + /// </summary> + /// <param name="request">The request.</param> + protected virtual void PrepareHttpWebRequest(HttpWebRequest request) { + Requires.NotNull(request, "request"); + } + + /// <summary> /// Customizes the binding element order for outgoing and incoming messages. /// </summary> /// <param name="outgoingOrder">The outgoing order.</param> diff --git a/src/DotNetOpenAuth.Core/Messaging/DataBag.cs b/src/DotNetOpenAuth.Core/Messaging/DataBag.cs index c9c3415..0800840 100644 --- a/src/DotNetOpenAuth.Core/Messaging/DataBag.cs +++ b/src/DotNetOpenAuth.Core/Messaging/DataBag.cs @@ -14,7 +14,7 @@ namespace DotNetOpenAuth.Messaging { /// A collection of message parts that will be serialized into a single string, /// to be set into a larger message. /// </summary> - internal abstract class DataBag : IMessage { + public abstract class DataBag : IMessage { /// <summary> /// The default version for DataBags. /// </summary> @@ -105,7 +105,7 @@ namespace DotNetOpenAuth.Messaging { /// </remarks> [SuppressMessage("Microsoft.Performance", "CA1811:AvoidUncalledPrivateCode", Justification = "Accessed by reflection")] [MessagePart("t", IsRequired = true, AllowEmpty = false)] - private Type BagType { + protected virtual Type BagType { get { return this.GetType(); } } diff --git a/src/DotNetOpenAuth.Core/Messaging/DataBagFormatterBase.cs b/src/DotNetOpenAuth.Core/Messaging/DataBagFormatterBase.cs index 9d4b93e..c9ceb81 100644 --- a/src/DotNetOpenAuth.Core/Messaging/DataBagFormatterBase.cs +++ b/src/DotNetOpenAuth.Core/Messaging/DataBagFormatterBase.cs @@ -22,7 +22,7 @@ namespace DotNetOpenAuth.Messaging { /// A serializer for <see cref="DataBag"/>-derived types /// </summary> /// <typeparam name="T">The DataBag-derived type that is to be serialized/deserialized.</typeparam> - internal abstract class DataBagFormatterBase<T> : IDataBagFormatter<T> where T : DataBag, new() { + internal abstract class DataBagFormatterBase<T> : IDataBagFormatter<T> where T : DataBag { /// <summary> /// The message description cache to use for data bag types. /// </summary> @@ -146,6 +146,8 @@ namespace DotNetOpenAuth.Messaging { /// <returns>A non-null, non-empty value.</returns> [SuppressMessage("Microsoft.Reliability", "CA2000:Dispose objects before losing scope", Justification = "No apparent problem. False positive?")] public string Serialize(T message) { + Requires.NotNull(message, "message"); + message.UtcCreationDate = DateTime.UtcNow; if (this.decodeOnceOnly != null) { @@ -190,14 +192,13 @@ namespace DotNetOpenAuth.Messaging { /// <summary> /// Deserializes a <see cref="DataBag"/>, including decompression, decryption, signature and nonce validation where applicable. /// </summary> + /// <param name="message">The instance to initialize with deserialized data.</param> /// <param name="containingMessage">The message that contains the <see cref="DataBag"/> serialized value. Must not be null.</param> /// <param name="value">The serialized form of the <see cref="DataBag"/> to deserialize. Must not be null or empty.</param> /// <param name="messagePartName">The name of the parameter whose value is to be deserialized. Used for error message generation.</param> - /// <returns> - /// The deserialized value. Never null. - /// </returns> [SuppressMessage("Microsoft.Reliability", "CA2000:Dispose objects before losing scope", Justification = "No apparent problem. False positive?")] - public T Deserialize(IProtocolMessage containingMessage, string value, string messagePartName) { + public void Deserialize(T message, IProtocolMessage containingMessage, string value, string messagePartName) { + Requires.NotNull(message, "message"); Requires.NotNull(containingMessage, "containingMessage"); Requires.NotNullOrEmpty(value, "value"); Requires.NotNullOrEmpty(messagePartName, "messagePartName"); @@ -209,7 +210,7 @@ namespace DotNetOpenAuth.Messaging { value = valueWithoutHandle; } - var message = new T { ContainingMessage = containingMessage }; + message.ContainingMessage = containingMessage; byte[] data = MessagingUtilities.FromBase64WebSafeString(value); byte[] signature = null; @@ -254,8 +255,6 @@ namespace DotNetOpenAuth.Messaging { } ((IMessage)message).EnsureValidMessage(); - - return message; } /// <summary> diff --git a/src/DotNetOpenAuth.Core/Messaging/ErrorUtilities.cs b/src/DotNetOpenAuth.Core/Messaging/ErrorUtilities.cs index f499d67..2237cc7 100644 --- a/src/DotNetOpenAuth.Core/Messaging/ErrorUtilities.cs +++ b/src/DotNetOpenAuth.Core/Messaging/ErrorUtilities.cs @@ -193,17 +193,17 @@ namespace DotNetOpenAuth.Messaging { /// Throws a <see cref="ProtocolException"/> if some <paramref name="condition"/> evaluates to false. /// </summary> /// <param name="condition">True to do nothing; false to throw the exception.</param> - /// <param name="message">The error message for the exception.</param> + /// <param name="unformattedMessage">The error message for the exception.</param> /// <param name="args">The string formatting arguments, if any.</param> /// <exception cref="ProtocolException">Thrown if <paramref name="condition"/> evaluates to <c>false</c>.</exception> [Pure] - internal static void VerifyProtocol(bool condition, string message, params object[] args) { + internal static void VerifyProtocol(bool condition, string unformattedMessage, params object[] args) { Requires.NotNull(args, "args"); Contract.Ensures(condition); Contract.EnsuresOnThrow<ProtocolException>(!condition); - Contract.Assume(message != null); + Contract.Assume(unformattedMessage != null); if (!condition) { - var exception = new ProtocolException(string.Format(CultureInfo.CurrentCulture, message, args)); + var exception = new ProtocolException(string.Format(CultureInfo.CurrentCulture, unformattedMessage, args)); if (Logger.Messaging.IsErrorEnabled) { Logger.Messaging.Error( string.Format( @@ -220,7 +220,7 @@ namespace DotNetOpenAuth.Messaging { /// <summary> /// Throws a <see cref="ProtocolException"/>. /// </summary> - /// <param name="message">The message to set in the exception.</param> + /// <param name="unformattedMessage">The message to set in the exception.</param> /// <param name="args">The formatting arguments of the message.</param> /// <returns> /// An InternalErrorException, which may be "thrown" by the caller in order @@ -229,10 +229,10 @@ namespace DotNetOpenAuth.Messaging { /// </returns> /// <exception cref="ProtocolException">Always thrown.</exception> [Pure] - internal static Exception ThrowProtocol(string message, params object[] args) { + internal static Exception ThrowProtocol(string unformattedMessage, params object[] args) { Requires.NotNull(args, "args"); - Contract.Assume(message != null); - VerifyProtocol(false, message, args); + Contract.Assume(unformattedMessage != null); + VerifyProtocol(false, unformattedMessage, args); // we never reach here, but this allows callers to "throw" this method. return new InternalErrorException(); diff --git a/src/DotNetOpenAuth.Core/Messaging/HttpRequestHeaders.cs b/src/DotNetOpenAuth.Core/Messaging/HttpRequestHeaders.cs index 9579a81..dad6bf6 100644 --- a/src/DotNetOpenAuth.Core/Messaging/HttpRequestHeaders.cs +++ b/src/DotNetOpenAuth.Core/Messaging/HttpRequestHeaders.cs @@ -20,6 +20,11 @@ namespace DotNetOpenAuth.Messaging { internal const string Authorization = "Authorization"; /// <summary> + /// The WWW-Authenticate header, which is included in HTTP 401 Unauthorized responses to help the client know which authorization schemes are supported. + /// </summary> + internal const string WwwAuthenticate = "WWW-Authenticate"; + + /// <summary> /// The Content-Type header, which specifies the MIME type of the accompanying body data. /// </summary> internal const string ContentType = "Content-Type"; diff --git a/src/DotNetOpenAuth.Core/Messaging/HttpRequestInfo.cs b/src/DotNetOpenAuth.Core/Messaging/HttpRequestInfo.cs index 0f60e04..f613dc5 100644 --- a/src/DotNetOpenAuth.Core/Messaging/HttpRequestInfo.cs +++ b/src/DotNetOpenAuth.Core/Messaging/HttpRequestInfo.cs @@ -90,7 +90,7 @@ namespace DotNetOpenAuth.Messaging { this.requestUri = requestUri; this.form = form ?? new NameValueCollection(); this.queryString = HttpUtility.ParseQueryString(requestUri.Query); - this.headers = headers ?? new NameValueCollection(); + this.headers = headers ?? new WebHeaderCollection(); this.serverVariables = new NameValueCollection(); } diff --git a/src/DotNetOpenAuth.Core/Messaging/IDataBagFormatter.cs b/src/DotNetOpenAuth.Core/Messaging/IDataBagFormatter.cs index 9086ee9..923773e 100644 --- a/src/DotNetOpenAuth.Core/Messaging/IDataBagFormatter.cs +++ b/src/DotNetOpenAuth.Core/Messaging/IDataBagFormatter.cs @@ -13,7 +13,7 @@ namespace DotNetOpenAuth.Messaging { /// </summary> /// <typeparam name="T">The DataBag-derived type that is to be serialized/deserialized.</typeparam> [ContractClass(typeof(IDataBagFormatterContract<>))] - internal interface IDataBagFormatter<T> where T : DataBag, new() { + internal interface IDataBagFormatter<in T> where T : DataBag { /// <summary> /// Serializes the specified message. /// </summary> @@ -24,13 +24,11 @@ namespace DotNetOpenAuth.Messaging { /// <summary> /// Deserializes a <see cref="DataBag"/>. /// </summary> + /// <param name="message">The instance to deserialize into</param> /// <param name="containingMessage">The message that contains the <see cref="DataBag"/> serialized value. Must not be null.</param> /// <param name="data">The serialized form of the <see cref="DataBag"/> to deserialize. Must not be null or empty.</param> /// <param name="messagePartName">The name of the parameter whose value is to be deserialized. Used for error message generation.</param> - /// <returns> - /// The deserialized value. Never null. - /// </returns> - T Deserialize(IProtocolMessage containingMessage, string data, string messagePartName); + void Deserialize(T message, IProtocolMessage containingMessage, string data, string messagePartName); } /// <summary> @@ -62,13 +60,12 @@ namespace DotNetOpenAuth.Messaging { /// <summary> /// Deserializes a <see cref="DataBag"/>. /// </summary> + /// <param name="message">The instance to deserialize into</param> /// <param name="containingMessage">The message that contains the <see cref="DataBag"/> serialized value. Must not be nulll.</param> /// <param name="data">The serialized form of the <see cref="DataBag"/> to deserialize. Must not be null or empty.</param> /// <param name="messagePartName">Name of the message part whose value is to be deserialized. Used for exception messages.</param> - /// <returns> - /// The deserialized value. Never null. - /// </returns> - T IDataBagFormatter<T>.Deserialize(IProtocolMessage containingMessage, string data, string messagePartName) { + void IDataBagFormatter<T>.Deserialize(T message, IProtocolMessage containingMessage, string data, string messagePartName) { + Requires.NotNull(message, "message"); Requires.NotNull(containingMessage, "containingMessage"); Requires.NotNullOrEmpty(data, "data"); Requires.NotNullOrEmpty(messagePartName, "messagePartName"); diff --git a/src/DotNetOpenAuth.Core/Messaging/IHttpDirectRequest.cs b/src/DotNetOpenAuth.Core/Messaging/IHttpDirectRequest.cs new file mode 100644 index 0000000..7153334 --- /dev/null +++ b/src/DotNetOpenAuth.Core/Messaging/IHttpDirectRequest.cs @@ -0,0 +1,22 @@ +//----------------------------------------------------------------------- +// <copyright file="IHttpDirectRequest.cs" company="Outercurve Foundation"> +// Copyright (c) Outercurve Foundation. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- + +namespace DotNetOpenAuth.Messaging { + using System.Diagnostics.Contracts; + using System.Net; + + /// <summary> + /// An interface that allows direct request messages to capture the details of the HTTP request they arrived on. + /// </summary> + [ContractClass(typeof(IHttpDirectRequestContract))] + public interface IHttpDirectRequest : IMessage { + /// <summary> + /// Gets the HTTP headers of the request. + /// </summary> + /// <value>May be an empty collection, but must not be <c>null</c>.</value> + WebHeaderCollection Headers { get; } + } +} diff --git a/src/DotNetOpenAuth.Core/Messaging/IHttpDirectRequestContract.cs b/src/DotNetOpenAuth.Core/Messaging/IHttpDirectRequestContract.cs new file mode 100644 index 0000000..cfde6cf --- /dev/null +++ b/src/DotNetOpenAuth.Core/Messaging/IHttpDirectRequestContract.cs @@ -0,0 +1,75 @@ +//----------------------------------------------------------------------- +// <copyright file="IHttpDirectRequestContract.cs" company="Outercurve Foundation"> +// Copyright (c) Outercurve Foundation. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- + +namespace DotNetOpenAuth.Messaging { + using System; + using System.Collections.Generic; + using System.Diagnostics.Contracts; + using System.Linq; + using System.Net; + using System.Text; + + /// <summary> + /// Contract class for the <see cref="IHttpDirectRequest"/> interface. + /// </summary> + [ContractClassFor(typeof(IHttpDirectRequest))] + public abstract class IHttpDirectRequestContract : IHttpDirectRequest { + #region IHttpDirectRequest Members + + /// <summary> + /// Gets the HTTP headers of the request. + /// </summary> + /// <value>May be an empty collection, but must not be <c>null</c>.</value> + WebHeaderCollection IHttpDirectRequest.Headers { + get { + Contract.Ensures(Contract.Result<WebHeaderCollection>() != null); + throw new NotImplementedException(); + } + } + + #endregion + + #region IMessage Members + + /// <summary> + /// Gets the version of the protocol or extension this message is prepared to implement. + /// </summary> + /// <remarks> + /// Implementations of this interface should ensure that this property never returns null. + /// </remarks> + Version IMessage.Version { + get { throw new NotImplementedException(); } + } + + /// <summary> + /// Gets the extra, non-standard Protocol parameters included in the message. + /// </summary> + /// <remarks> + /// Implementations of this interface should ensure that this property never returns null. + /// </remarks> + IDictionary<string, string> IMessage.ExtraData { + get { throw new NotImplementedException(); } + } + + /// <summary> + /// Checks the message state for conformity to the protocol specification + /// and throws an exception if the message is invalid. + /// </summary> + /// <remarks> + /// <para>Some messages have required fields, or combinations of fields that must relate to each other + /// in specialized ways. After deserializing a message, this method checks the state of the + /// message to see if it conforms to the protocol.</para> + /// <para>Note that this property should <i>not</i> check signatures or perform any state checks + /// outside this scope of this particular message.</para> + /// </remarks> + /// <exception cref="ProtocolException">Thrown if the message is invalid.</exception> + void IMessage.EnsureValidMessage() { + throw new NotImplementedException(); + } + + #endregion + } +} diff --git a/src/DotNetOpenAuth.Core/Messaging/MessageSerializer.cs b/src/DotNetOpenAuth.Core/Messaging/MessageSerializer.cs index bdca190..15df48a 100644 --- a/src/DotNetOpenAuth.Core/Messaging/MessageSerializer.cs +++ b/src/DotNetOpenAuth.Core/Messaging/MessageSerializer.cs @@ -74,7 +74,7 @@ namespace DotNetOpenAuth.Messaging { } /// <summary> - /// Reads the data from a message instance and writes a XML/JSON encoding of it. + /// Reads the data from a message instance and writes an XML/JSON encoding of it. /// </summary> /// <param name="messageDictionary">The message to be serialized.</param> /// <param name="writer">The writer to use for the serialized form.</param> diff --git a/src/DotNetOpenAuth.Core/Messaging/MessagingUtilities.cs b/src/DotNetOpenAuth.Core/Messaging/MessagingUtilities.cs index b26deeb..e821953 100644 --- a/src/DotNetOpenAuth.Core/Messaging/MessagingUtilities.cs +++ b/src/DotNetOpenAuth.Core/Messaging/MessagingUtilities.cs @@ -16,11 +16,13 @@ namespace DotNetOpenAuth.Messaging { using System.Linq; using System.Net; using System.Net.Mime; + using System.Runtime.Serialization.Json; using System.Security; using System.Security.Cryptography; using System.Text; using System.Web; using System.Web.Mvc; + using System.Xml; using DotNetOpenAuth.Messaging.Bindings; using DotNetOpenAuth.Messaging.Reflection; @@ -135,6 +137,21 @@ namespace DotNetOpenAuth.Messaging { }; /// <summary> + /// The available compression algorithms. + /// </summary> + internal enum CompressionMethod { + /// <summary> + /// The Deflate algorithm. + /// </summary> + Deflate, + + /// <summary> + /// The GZip algorithm. + /// </summary> + Gzip, + } + + /// <summary> /// Transforms an OutgoingWebResponse to an MVC-friendly ActionResult. /// </summary> /// <param name="response">The response to send to the user agent.</param> @@ -290,6 +307,56 @@ namespace DotNetOpenAuth.Messaging { } /// <summary> + /// Compares to string values for ordinal equality in such a way that its execution time does not depend on how much of the value matches. + /// </summary> + /// <param name="value1">The first value.</param> + /// <param name="value2">The second value.</param> + /// <returns>A value indicating whether the two strings share ordinal equality.</returns> + /// <remarks> + /// In signature equality checks, a difference in execution time based on how many initial characters match MAY + /// be used as an attack to figure out the expected signature. It is therefore important to make a signature + /// equality check's execution time independent of how many characters match the expected value. + /// See http://codahale.com/a-lesson-in-timing-attacks/ for more information. + /// </remarks> + public static bool EqualsConstantTime(string value1, string value2) { + // If exactly one value is null, they don't match. + if (value1 == null ^ value2 == null) { + return false; + } + + // If both values are null (since if one is at this point then they both are), it's a match. + if (value1 == null) { + return true; + } + + if (value1.Length != value2.Length) { + return false; + } + + // This looks like a pretty crazy way to compare values, but it provides a constant time equality check, + // and is more resistant to compiler optimizations than simply setting a boolean flag and returning the boolean after the loop. + int result = 0; + for (int i = 0; i < value1.Length; i++) { + result |= value1[i] ^ value2[i]; + } + + return result == 0; + } + + /// <summary> + /// Gets the URL to the root of a web site, which may include a virtual directory path. + /// </summary> + /// <returns>An absolute URI.</returns> + internal static Uri GetWebRoot() { + HttpRequestBase requestInfo = new HttpRequestWrapper(HttpContext.Current.Request); + UriBuilder realmUrl = new UriBuilder(requestInfo.GetPublicFacingUrl()); + realmUrl.Path = HttpContext.Current.Request.ApplicationPath; + realmUrl.Query = null; + realmUrl.Fragment = null; + return realmUrl.Uri; + } + + /// <summary> /// Clears any existing elements in a collection and fills the collection with a given set of values. /// </summary> /// <typeparam name="T">The type of value kept in the collection.</typeparam> @@ -756,6 +823,12 @@ namespace DotNetOpenAuth.Messaging { var cryptoKeyPair = cryptoKeyStore.GetKeys(bucket).FirstOrDefault(pair => pair.Value.Key.Length == keySize / 8); if (cryptoKeyPair.Value == null || cryptoKeyPair.Value.ExpiresUtc < DateTime.UtcNow + minimumRemainingLife) { // No key exists with enough remaining life for the required purpose. Create a new key. + if (cryptoKeyPair.Value == null) { + Logger.Messaging.InfoFormat("{0}.GetKeys returned no keys for bucket \"{1}\" with the required key length of {2} bits. A new key will be created", typeof(ICryptoKeyStore), bucket, keySize); + } else { + Logger.Messaging.InfoFormat("The first key returned by {0}.GetKeys for bucket \"{1}\" with the required key length of {2} bits was too near expiry to use. A new key will be created", typeof(ICryptoKeyStore), bucket, keySize); + } + ErrorUtilities.VerifyHost(minimumRemainingLife <= SymmetricSecretKeyLifespan, "Unable to create a new symmetric key with the required lifespan of {0} because it is beyond the limit of {1}.", minimumRemainingLife, SymmetricSecretKeyLifespan); byte[] secret = GetCryptoRandomData(keySize / 8); DateTime expires = DateTime.UtcNow + SymmetricSecretKeyLifespan; @@ -770,6 +843,7 @@ namespace DotNetOpenAuth.Messaging { cryptoKeyStore.StoreKey(bucket, handle, cryptoKey); } catch (CryptoKeyCollisionException) { ErrorUtilities.VerifyInternal(++failedAttempts < 3, "Unable to derive a unique handle to a private symmetric key."); + Logger.Messaging.Warn("A randomly generated crypto key handle collided with an existing handle. Another randomly generated handle will be attempted till the retry count is met."); goto tryAgain; } } @@ -781,19 +855,36 @@ namespace DotNetOpenAuth.Messaging { /// Compresses a given buffer. /// </summary> /// <param name="buffer">The buffer to compress.</param> + /// <param name="method">The compression algorithm to use.</param> /// <returns>The compressed data.</returns> [SuppressMessage("Microsoft.Usage", "CA2202:Do not dispose objects multiple times", Justification = "This Dispose is safe.")] [SuppressMessage("Microsoft.Reliability", "CA2000:Dispose objects before losing scope", Justification = "No apparent problem. False positive?")] - internal static byte[] Compress(byte[] buffer) { + internal static byte[] Compress(byte[] buffer, CompressionMethod method = CompressionMethod.Deflate) { Requires.NotNull(buffer, "buffer"); Contract.Ensures(Contract.Result<byte[]>() != null); using (var ms = new MemoryStream()) { - using (var compressingStream = new DeflateStream(ms, CompressionMode.Compress, true)) { + Stream compressingStream = null; + try { + switch (method) { + case CompressionMethod.Deflate: + compressingStream = new DeflateStream(ms, CompressionMode.Compress, true); + break; + case CompressionMethod.Gzip: + compressingStream = new GZipStream(ms, CompressionMode.Compress, true); + break; + default: + Requires.InRange(false, "method"); + break; + } + compressingStream.Write(buffer, 0, buffer.Length); + return ms.ToArray(); + } finally { + if (compressingStream != null) { + compressingStream.Dispose(); + } } - - return ms.ToArray(); } } @@ -801,17 +892,35 @@ namespace DotNetOpenAuth.Messaging { /// Decompresses a given buffer. /// </summary> /// <param name="buffer">The buffer to decompress.</param> + /// <param name="method">The compression algorithm used.</param> /// <returns>The decompressed data.</returns> [SuppressMessage("Microsoft.Reliability", "CA2000:Dispose objects before losing scope", Justification = "No apparent problem. False positive?")] [SuppressMessage("Microsoft.Usage", "CA2202:Do not dispose objects multiple times", Justification = "This Dispose is safe.")] - internal static byte[] Decompress(byte[] buffer) { + internal static byte[] Decompress(byte[] buffer, CompressionMethod method = CompressionMethod.Deflate) { Requires.NotNull(buffer, "buffer"); Contract.Ensures(Contract.Result<byte[]>() != null); using (var compressedDataStream = new MemoryStream(buffer)) { using (var decompressedDataStream = new MemoryStream()) { - using (var decompressingStream = new DeflateStream(compressedDataStream, CompressionMode.Decompress, true)) { + Stream decompressingStream = null; + try { + switch (method) { + case CompressionMethod.Deflate: + decompressingStream = new DeflateStream(compressedDataStream, CompressionMode.Decompress, true); + break; + case CompressionMethod.Gzip: + decompressingStream = new GZipStream(compressedDataStream, CompressionMode.Decompress, true); + break; + default: + Requires.InRange(false, "method"); + break; + } + decompressingStream.CopyTo(decompressedDataStream); + } finally { + if (decompressingStream != null) { + decompressingStream.Dispose(); + } } return decompressedDataStream.ToArray(); @@ -868,43 +977,6 @@ namespace DotNetOpenAuth.Messaging { } /// <summary> - /// Compares to string values for ordinal equality in such a way that its execution time does not depend on how much of the value matches. - /// </summary> - /// <param name="value1">The first value.</param> - /// <param name="value2">The second value.</param> - /// <returns>A value indicating whether the two strings share ordinal equality.</returns> - /// <remarks> - /// In signature equality checks, a difference in execution time based on how many initial characters match MAY - /// be used as an attack to figure out the expected signature. It is therefore important to make a signature - /// equality check's execution time independent of how many characters match the expected value. - /// See http://codahale.com/a-lesson-in-timing-attacks/ for more information. - /// </remarks> - internal static bool EqualsConstantTime(string value1, string value2) { - // If exactly one value is null, they don't match. - if (value1 == null ^ value2 == null) { - return false; - } - - // If both values are null (since if one is at this point then they both are), it's a match. - if (value1 == null) { - return true; - } - - if (value1.Length != value2.Length) { - return false; - } - - // This looks like a pretty crazy way to compare values, but it provides a constant time equality check, - // and is more resistant to compiler optimizations than simply setting a boolean flag and returning the boolean after the loop. - int result = 0; - for (int i = 0; i < value1.Length; i++) { - result |= value1[i] ^ value2[i]; - } - - return result == 0; - } - - /// <summary> /// Adds a set of HTTP headers to an <see cref="HttpResponse"/> instance, /// taking care to set some headers to the appropriate properties of /// <see cref="HttpResponse" /> @@ -1600,6 +1672,68 @@ namespace DotNetOpenAuth.Messaging { } /// <summary> + /// Serializes the given message as a JSON string. + /// </summary> + /// <param name="message">The message to serialize.</param> + /// <param name="messageDescriptions">The cached message descriptions to use for reflection.</param> + /// <returns>A JSON string.</returns> + [SuppressMessage("Microsoft.Usage", "CA2202:Do not dispose objects multiple times", Justification = "This Dispose is safe.")] + [SuppressMessage("Microsoft.Reliability", "CA2000:Dispose objects before losing scope", Justification = "No apparent problem. False positive?")] + internal static string SerializeAsJson(IMessage message, MessageDescriptionCollection messageDescriptions) { + Requires.NotNull(message, "message"); + Requires.NotNull(messageDescriptions, "messageDescriptions"); + + var encoding = Encoding.UTF8; + var bytes = SerializeAsJsonBytes(message, messageDescriptions, encoding); + string json = encoding.GetString(bytes); + return json; + } + + /// <summary> + /// Serializes the given message as a JSON string. + /// </summary> + /// <param name="message">The message to serialize.</param> + /// <param name="messageDescriptions">The cached message descriptions to use for reflection.</param> + /// <param name="encoding">The encoding to use. Defaults to <see cref="Encoding.UTF8"/></param> + /// <returns>A JSON string.</returns> + [SuppressMessage("Microsoft.Usage", "CA2202:Do not dispose objects multiple times", Justification = "This Dispose is safe.")] + [SuppressMessage("Microsoft.Reliability", "CA2000:Dispose objects before losing scope", Justification = "No apparent problem. False positive?")] + internal static byte[] SerializeAsJsonBytes(IMessage message, MessageDescriptionCollection messageDescriptions, Encoding encoding = null) { + Requires.NotNull(message, "message"); + Requires.NotNull(messageDescriptions, "messageDescriptions"); + + encoding = encoding ?? Encoding.UTF8; + MessageDictionary messageDictionary = messageDescriptions.GetAccessor(message); + using (var memoryStream = new MemoryStream()) { + using (var jsonWriter = JsonReaderWriterFactory.CreateJsonWriter(memoryStream, encoding)) { + MessageSerializer.Serialize(messageDictionary, jsonWriter); + jsonWriter.Flush(); + } + + return memoryStream.ToArray(); + } + } + + /// <summary> + /// Deserializes a JSON object into a message. + /// </summary> + /// <param name="jsonBytes">The buffer containing the JSON string.</param> + /// <param name="receivingMessage">The message to deserialize the object into.</param> + /// <param name="messageDescriptions">The cache of message descriptions.</param> + /// <param name="encoding">The encoding that the JSON bytes are in.</param> + internal static void DeserializeFromJson(byte[] jsonBytes, IMessage receivingMessage, MessageDescriptionCollection messageDescriptions, Encoding encoding = null) { + Requires.NotNull(jsonBytes, "jsonBytes"); + Requires.NotNull(receivingMessage, "receivingMessage"); + Requires.NotNull(messageDescriptions, "messageDescriptions"); + + encoding = encoding ?? Encoding.UTF8; + MessageDictionary messageDictionary = messageDescriptions.GetAccessor(receivingMessage); + using (var jsonReader = JsonReaderWriterFactory.CreateJsonReader(jsonBytes, 0, jsonBytes.Length, encoding, Channel.DefaultUntrustedXmlDictionaryReaderQuotas, null)) { + MessageSerializer.Deserialize(messageDictionary, jsonReader); + } + } + + /// <summary> /// Prepares what SHOULD be simply a string value for safe injection into Javascript /// by using appropriate character escaping. /// </summary> diff --git a/src/DotNetOpenAuth.Core/Messaging/OutgoingWebResponse.cs b/src/DotNetOpenAuth.Core/Messaging/OutgoingWebResponse.cs index 67eccce..9ef89e9 100644 --- a/src/DotNetOpenAuth.Core/Messaging/OutgoingWebResponse.cs +++ b/src/DotNetOpenAuth.Core/Messaging/OutgoingWebResponse.cs @@ -12,6 +12,7 @@ namespace DotNetOpenAuth.Messaging { using System.IO; using System.Net; using System.Net.Mime; + using System.ServiceModel.Web; using System.Text; using System.Threading; using System.Web; @@ -213,6 +214,23 @@ namespace DotNetOpenAuth.Messaging { } /// <summary> + /// Submits this response to a WCF response context. Only available when no response body is included. + /// </summary> + /// <param name="responseContext">The response context to apply the response to.</param> + public virtual void Respond(OutgoingWebResponseContext responseContext) { + Requires.NotNull(responseContext, "responseContext"); + if (this.ResponseStream != null) { + throw new NotSupportedException(Strings.ResponseBodyNotSupported); + } + + responseContext.StatusCode = this.Status; + responseContext.SuppressEntityBody = true; + foreach (string header in this.Headers) { + responseContext.Headers[header] = this.Headers[header]; + } + } + + /// <summary> /// Automatically sends the appropriate response to the user agent. /// </summary> /// <param name="response">The response to set to this message.</param> diff --git a/src/DotNetOpenAuth.Core/Messaging/OutgoingWebResponseActionResult.cs b/src/DotNetOpenAuth.Core/Messaging/OutgoingWebResponseActionResult.cs index a5fe782..7691cc4 100644 --- a/src/DotNetOpenAuth.Core/Messaging/OutgoingWebResponseActionResult.cs +++ b/src/DotNetOpenAuth.Core/Messaging/OutgoingWebResponseActionResult.cs @@ -35,6 +35,11 @@ namespace DotNetOpenAuth.Messaging { /// <param name="context">The context in which to set the response.</param> public override void ExecuteResult(ControllerContext context) { this.response.Respond(context.HttpContext); + + // MVC likes to muck with our response. For example, when returning contrived 401 Unauthorized responses + // MVC will rewrite our response and turn it into a redirect, which breaks OAuth 2 authorization server token endpoints. + // It turns out we can prevent this unwanted behavior by flushing the response before returning from this method. + context.HttpContext.Response.Flush(); } } } diff --git a/src/DotNetOpenAuth.Core/Messaging/ProtocolException.cs b/src/DotNetOpenAuth.Core/Messaging/ProtocolException.cs index e26d15e..982e1c0 100644 --- a/src/DotNetOpenAuth.Core/Messaging/ProtocolException.cs +++ b/src/DotNetOpenAuth.Core/Messaging/ProtocolException.cs @@ -42,10 +42,10 @@ namespace DotNetOpenAuth.Messaging { /// such that it can be sent as a protocol message response to a remote caller. /// </summary> /// <param name="message">The human-readable exception message.</param> - /// <param name="faultedMessage">The message that was the cause of the exception. Must not be null.</param> - protected internal ProtocolException(string message, IProtocolMessage faultedMessage) - : base(message) { - Requires.NotNull(faultedMessage, "faultedMessage"); + /// <param name="faultedMessage">The message that was the cause of the exception. May be null.</param> + /// <param name="innerException">The inner exception to include.</param> + protected internal ProtocolException(string message, IProtocolMessage faultedMessage, Exception innerException = null) + : base(message, innerException) { this.FaultedMessage = faultedMessage; } diff --git a/src/DotNetOpenAuth.Core/Messaging/ProtocolFaultResponseException.cs b/src/DotNetOpenAuth.Core/Messaging/ProtocolFaultResponseException.cs new file mode 100644 index 0000000..c2dc34e --- /dev/null +++ b/src/DotNetOpenAuth.Core/Messaging/ProtocolFaultResponseException.cs @@ -0,0 +1,69 @@ +//----------------------------------------------------------------------- +// <copyright file="ProtocolFaultResponseException.cs" company="Andrew Arnott"> +// Copyright (c) Andrew Arnott. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- + +namespace DotNetOpenAuth.Messaging { + using System; + using System.Collections.Generic; + using System.Linq; + using System.Text; + + /// <summary> + /// An exception to represent errors in the local or remote implementation of the protocol + /// that includes the response message that should be returned to the HTTP client to comply + /// with the protocol specification. + /// </summary> + public class ProtocolFaultResponseException : ProtocolException { + /// <summary> + /// The channel that produced the error response message, to be used in constructing the actual HTTP response. + /// </summary> + private readonly Channel channel; + + /// <summary> + /// Initializes a new instance of the <see cref="ProtocolFaultResponseException"/> class + /// such that it can be sent as a protocol message response to a remote caller. + /// </summary> + /// <param name="channel">The channel to use when encoding the response message.</param> + /// <param name="errorResponse">The message to send back to the HTTP client.</param> + /// <param name="faultedMessage">The message that was the cause of the exception. May be null.</param> + /// <param name="innerException">The inner exception.</param> + /// <param name="message">The message for the exception.</param> + protected internal ProtocolFaultResponseException(Channel channel, IDirectResponseProtocolMessage errorResponse, IProtocolMessage faultedMessage = null, Exception innerException = null, string message = null) + : base(message ?? (innerException != null ? innerException.Message : null), faultedMessage, innerException) { + Requires.NotNull(channel, "channel"); + Requires.NotNull(errorResponse, "errorResponse"); + this.channel = channel; + this.ErrorResponseMessage = errorResponse; + } + + /// <summary> + /// Initializes a new instance of the <see cref="ProtocolFaultResponseException"/> class. + /// </summary> + /// <param name="info">The <see cref="System.Runtime.Serialization.SerializationInfo"/> + /// that holds the serialized object data about the exception being thrown.</param> + /// <param name="context">The System.Runtime.Serialization.StreamingContext + /// that contains contextual information about the source or destination.</param> + protected ProtocolFaultResponseException( + System.Runtime.Serialization.SerializationInfo info, + System.Runtime.Serialization.StreamingContext context) + : base(info, context) { + throw new NotImplementedException(); + } + + /// <summary> + /// Gets the protocol message to send back to the client to report the error. + /// </summary> + public IDirectResponseProtocolMessage ErrorResponseMessage { get; private set; } + + /// <summary> + /// Creates the HTTP response to forward to the client to report the error. + /// </summary> + /// <returns>The HTTP response.</returns> + public OutgoingWebResponse CreateErrorResponse() { + var response = this.channel.PrepareResponse(this.ErrorResponseMessage); + return response; + } + } +} diff --git a/src/DotNetOpenAuth.Core/Messaging/StandardMessageFactoryChannel.cs b/src/DotNetOpenAuth.Core/Messaging/StandardMessageFactoryChannel.cs index 7a1d194..7ca5d45 100644 --- a/src/DotNetOpenAuth.Core/Messaging/StandardMessageFactoryChannel.cs +++ b/src/DotNetOpenAuth.Core/Messaging/StandardMessageFactoryChannel.cs @@ -31,7 +31,10 @@ namespace DotNetOpenAuth.Messaging { /// </summary> /// <param name="messageTypes">The message types that might be encountered.</param> /// <param name="versions">All the possible message versions that might be encountered.</param> - /// <param name="bindingElements">The binding elements to apply to the channel.</param> + /// <param name="bindingElements"> + /// The binding elements to use in sending and receiving messages. + /// The order they are provided is used for outgoing messgaes, and reversed for incoming messages. + /// </param> protected StandardMessageFactoryChannel(ICollection<Type> messageTypes, ICollection<Version> versions, params IChannelBindingElement[] bindingElements) : base(new StandardMessageFactory(), bindingElements) { Requires.NotNull(messageTypes, "messageTypes"); diff --git a/src/DotNetOpenAuth.Core/Messaging/UriStyleMessageFormatter.cs b/src/DotNetOpenAuth.Core/Messaging/UriStyleMessageFormatter.cs index 92b1928..242175e 100644 --- a/src/DotNetOpenAuth.Core/Messaging/UriStyleMessageFormatter.cs +++ b/src/DotNetOpenAuth.Core/Messaging/UriStyleMessageFormatter.cs @@ -20,7 +20,7 @@ namespace DotNetOpenAuth.Messaging { /// A serializer for <see cref="DataBag"/>-derived types /// </summary> /// <typeparam name="T">The DataBag-derived type that is to be serialized/deserialized.</typeparam> - internal class UriStyleMessageFormatter<T> : DataBagFormatterBase<T> where T : DataBag, new() { + internal class UriStyleMessageFormatter<T> : DataBagFormatterBase<T> where T : DataBag { /// <summary> /// Initializes a new instance of the <see cref="UriStyleMessageFormatter<T>"/> class. /// </summary> diff --git a/src/DotNetOpenAuth.Core/Properties/AssemblyInfo.cs b/src/DotNetOpenAuth.Core/Properties/AssemblyInfo.cs index e57b211..91d27f5 100644 --- a/src/DotNetOpenAuth.Core/Properties/AssemblyInfo.cs +++ b/src/DotNetOpenAuth.Core/Properties/AssemblyInfo.cs @@ -64,6 +64,7 @@ using System.Web.UI; [assembly: InternalsVisibleTo("DotNetOpenAuth.OpenIdOAuth, PublicKey=0024000004800000940000000602000000240000525341310004000001000100AD093C3765257C89A7010E853F2C7C741FF92FA8ACE06D7B8254702CAD5CF99104447F63AB05F8BB6F51CE0D81C8C93D2FCE8C20AAFF7042E721CBA16EAAE98778611DED11C0ABC8900DC5667F99B50A9DADEC24DBD8F2C91E3E8AD300EF64F1B4B9536CEB16FB440AF939F57624A9B486F867807C649AE4830EAB88C6C03998")] [assembly: InternalsVisibleTo("DotNetOpenAuth.OAuth2, PublicKey=0024000004800000940000000602000000240000525341310004000001000100AD093C3765257C89A7010E853F2C7C741FF92FA8ACE06D7B8254702CAD5CF99104447F63AB05F8BB6F51CE0D81C8C93D2FCE8C20AAFF7042E721CBA16EAAE98778611DED11C0ABC8900DC5667F99B50A9DADEC24DBD8F2C91E3E8AD300EF64F1B4B9536CEB16FB440AF939F57624A9B486F867807C649AE4830EAB88C6C03998")] [assembly: InternalsVisibleTo("DotNetOpenAuth.OAuth2.AuthorizationServer, PublicKey=0024000004800000940000000602000000240000525341310004000001000100AD093C3765257C89A7010E853F2C7C741FF92FA8ACE06D7B8254702CAD5CF99104447F63AB05F8BB6F51CE0D81C8C93D2FCE8C20AAFF7042E721CBA16EAAE98778611DED11C0ABC8900DC5667F99B50A9DADEC24DBD8F2C91E3E8AD300EF64F1B4B9536CEB16FB440AF939F57624A9B486F867807C649AE4830EAB88C6C03998")] +[assembly: InternalsVisibleTo("DotNetOpenAuth.OAuth2.ClientAuthorization, PublicKey=0024000004800000940000000602000000240000525341310004000001000100AD093C3765257C89A7010E853F2C7C741FF92FA8ACE06D7B8254702CAD5CF99104447F63AB05F8BB6F51CE0D81C8C93D2FCE8C20AAFF7042E721CBA16EAAE98778611DED11C0ABC8900DC5667F99B50A9DADEC24DBD8F2C91E3E8AD300EF64F1B4B9536CEB16FB440AF939F57624A9B486F867807C649AE4830EAB88C6C03998")] [assembly: InternalsVisibleTo("DotNetOpenAuth.OAuth2.ResourceServer, PublicKey=0024000004800000940000000602000000240000525341310004000001000100AD093C3765257C89A7010E853F2C7C741FF92FA8ACE06D7B8254702CAD5CF99104447F63AB05F8BB6F51CE0D81C8C93D2FCE8C20AAFF7042E721CBA16EAAE98778611DED11C0ABC8900DC5667F99B50A9DADEC24DBD8F2C91E3E8AD300EF64F1B4B9536CEB16FB440AF939F57624A9B486F867807C649AE4830EAB88C6C03998")] [assembly: InternalsVisibleTo("DotNetOpenAuth.OAuth2.Client, PublicKey=0024000004800000940000000602000000240000525341310004000001000100AD093C3765257C89A7010E853F2C7C741FF92FA8ACE06D7B8254702CAD5CF99104447F63AB05F8BB6F51CE0D81C8C93D2FCE8C20AAFF7042E721CBA16EAAE98778611DED11C0ABC8900DC5667F99B50A9DADEC24DBD8F2C91E3E8AD300EF64F1B4B9536CEB16FB440AF939F57624A9B486F867807C649AE4830EAB88C6C03998")] [assembly: InternalsVisibleTo("DotNetOpenAuth.OAuth2.Client.UI, PublicKey=0024000004800000940000000602000000240000525341310004000001000100AD093C3765257C89A7010E853F2C7C741FF92FA8ACE06D7B8254702CAD5CF99104447F63AB05F8BB6F51CE0D81C8C93D2FCE8C20AAFF7042E721CBA16EAAE98778611DED11C0ABC8900DC5667F99B50A9DADEC24DBD8F2C91E3E8AD300EF64F1B4B9536CEB16FB440AF939F57624A9B486F867807C649AE4830EAB88C6C03998")] @@ -88,6 +89,7 @@ using System.Web.UI; [assembly: InternalsVisibleTo("DotNetOpenAuth.OpenIdOAuth")] [assembly: InternalsVisibleTo("DotNetOpenAuth.OAuth2")] [assembly: InternalsVisibleTo("DotNetOpenAuth.OAuth2.AuthorizationServer")] +[assembly: InternalsVisibleTo("DotNetOpenAuth.OAuth2.ClientAuthorization")] [assembly: InternalsVisibleTo("DotNetOpenAuth.OAuth2.ResourceServer")] [assembly: InternalsVisibleTo("DotNetOpenAuth.OAuth2.Client")] [assembly: InternalsVisibleTo("DotNetOpenAuth.AspNet.Test")] diff --git a/src/DotNetOpenAuth.Core/Requires.cs b/src/DotNetOpenAuth.Core/Requires.cs index 7a196a3..7d4d5be 100644 --- a/src/DotNetOpenAuth.Core/Requires.cs +++ b/src/DotNetOpenAuth.Core/Requires.cs @@ -43,14 +43,17 @@ namespace DotNetOpenAuth { /// </summary> /// <param name="value">The value.</param> /// <param name="parameterName">Name of the parameter.</param> + /// <returns>The validated value.</returns> #if !CLR4 [ContractArgumentValidator] #endif [Pure, DebuggerStepThrough] - internal static void NotNullOrEmpty(string value, string parameterName) { + internal static string NotNullOrEmpty(string value, string parameterName) { NotNull(value, parameterName); True(value.Length > 0, parameterName, Strings.EmptyStringNotAllowed); + Contract.Ensures(Contract.Result<string>() == value); Contract.EndContractBlock(); + return value; } /// <summary> diff --git a/src/DotNetOpenAuth.Core/Strings.Designer.cs b/src/DotNetOpenAuth.Core/Strings.Designer.cs index 21411a1..b0e66d2 100644 --- a/src/DotNetOpenAuth.Core/Strings.Designer.cs +++ b/src/DotNetOpenAuth.Core/Strings.Designer.cs @@ -1,7 +1,7 @@ //------------------------------------------------------------------------------ // <auto-generated> // This code was generated by a tool. -// Runtime Version:4.0.30319.17291 +// Runtime Version:4.0.30319.17622 // // Changes to this file may cause incorrect behavior and will be lost if // the code is regenerated. @@ -106,6 +106,24 @@ namespace DotNetOpenAuth { } /// <summary> + /// Looks up a localized string similar to The property {0} must be set before this operation is allowed.. + /// </summary> + internal static string RequiredPropertyNotYetPreset { + get { + return ResourceManager.GetString("RequiredPropertyNotYetPreset", resourceCulture); + } + } + + /// <summary> + /// Looks up a localized string similar to This object contains a response body, which is not supported.. + /// </summary> + internal static string ResponseBodyNotSupported { + get { + return ResourceManager.GetString("ResponseBodyNotSupported", resourceCulture); + } + } + + /// <summary> /// Looks up a localized string similar to No current HttpContext was detected, so an {0} instance must be explicitly provided or specified in the .config file. Call the constructor overload that takes an {0}.. /// </summary> internal static string StoreRequiredWhenNoHttpContextAvailable { diff --git a/src/DotNetOpenAuth.Core/Strings.resx b/src/DotNetOpenAuth.Core/Strings.resx index 1c69ef7..f4d61d1 100644 --- a/src/DotNetOpenAuth.Core/Strings.resx +++ b/src/DotNetOpenAuth.Core/Strings.resx @@ -112,10 +112,10 @@ <value>2.0</value> </resheader> <resheader name="reader"> - <value>System.Resources.ResXResourceReader, System.Windows.Forms, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</value> + <value>System.Resources.ResXResourceReader, System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</value> </resheader> <resheader name="writer"> - <value>System.Resources.ResXResourceWriter, System.Windows.Forms, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</value> + <value>System.Resources.ResXResourceWriter, System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</value> </resheader> <data name="ConfigurationTypeMustBePublic" xml:space="preserve"> <value>The configuration-specified type {0} must be public, and is not.</value> @@ -135,4 +135,10 @@ <data name="InvalidArgument" xml:space="preserve"> <value>The argument has an unexpected value.</value> </data> + <data name="RequiredPropertyNotYetPreset" xml:space="preserve"> + <value>The property {0} must be set before this operation is allowed.</value> + </data> + <data name="ResponseBodyNotSupported" xml:space="preserve"> + <value>This object contains a response body, which is not supported.</value> + </data> </root>
\ No newline at end of file diff --git a/src/DotNetOpenAuth.InfoCard/InfoCard/Token/TokenUtility.cs b/src/DotNetOpenAuth.InfoCard/InfoCard/Token/TokenUtility.cs index c424916..e50cafd 100644 --- a/src/DotNetOpenAuth.InfoCard/InfoCard/Token/TokenUtility.cs +++ b/src/DotNetOpenAuth.InfoCard/InfoCard/Token/TokenUtility.cs @@ -97,6 +97,10 @@ namespace DotNetOpenAuth.InfoCard { }), MaximumClockSkew); + if (audience != null) { + samlAuthenticator.AllowedAudienceUris.Add(audience.AbsoluteUri); + } + return AuthorizationContext.CreateDefaultAuthorizationContext(samlAuthenticator.ValidateToken(token)); } diff --git a/src/DotNetOpenAuth.OAuth/OAuth/ChannelElements/OAuthChannel.cs b/src/DotNetOpenAuth.OAuth/OAuth/ChannelElements/OAuthChannel.cs index b04c67e..db131a9 100644 --- a/src/DotNetOpenAuth.OAuth/OAuth/ChannelElements/OAuthChannel.cs +++ b/src/DotNetOpenAuth.OAuth/OAuth/ChannelElements/OAuthChannel.cs @@ -297,6 +297,7 @@ namespace DotNetOpenAuth.OAuth.ChannelElements { MessagingUtilities.AppendQueryArgs(recipientBuilder, requestMessage.ExtraData); } httpRequest = (HttpWebRequest)WebRequest.Create(recipientBuilder.Uri); + this.PrepareHttpWebRequest(httpRequest); httpRequest.Method = GetHttpMethod(requestMessage); httpRequest.Headers.Add(HttpRequestHeader.Authorization, MessagingUtilities.AssembleAuthorizationHeader(Protocol.AuthorizationHeaderScheme, fields)); diff --git a/src/DotNetOpenAuth.OAuth2.AuthorizationServer/Configuration/OAuth2AuthorizationServerSection.cs b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/Configuration/OAuth2AuthorizationServerSection.cs new file mode 100644 index 0000000..6511a11 --- /dev/null +++ b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/Configuration/OAuth2AuthorizationServerSection.cs @@ -0,0 +1,70 @@ +//----------------------------------------------------------------------- +// <copyright file="OAuth2AuthorizationServerSection.cs" company="Outercurve Foundation"> +// Copyright (c) Outercurve Foundation. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- + +namespace DotNetOpenAuth.Configuration { + using System; + using System.Configuration; + using System.Diagnostics.Contracts; + using DotNetOpenAuth.Messaging.Bindings; + using DotNetOpenAuth.OAuth2.ChannelElements; + + /// <summary> + /// Represents the <oauth2/authorizationServer> section in the host's .config file. + /// </summary> + internal class OAuth2AuthorizationServerSection : ConfigurationSection { + /// <summary> + /// The name of the oauth2/authorizationServer section. + /// </summary> + private const string SectionName = OAuth2SectionGroup.SectionName + "/authorizationServer"; + + /// <summary> + /// The name of the <clientAuthenticationModules> sub-element. + /// </summary> + private const string ClientAuthenticationModulesElementName = "clientAuthenticationModules"; + + /// <summary> + /// The built-in set of client authentication modules. + /// </summary> + private static readonly TypeConfigurationCollection<ClientAuthenticationModule> defaultClientAuthenticationModules = + new TypeConfigurationCollection<ClientAuthenticationModule>(new Type[] { typeof(ClientCredentialHttpBasicReader), typeof(ClientCredentialMessagePartReader) }); + + /// <summary> + /// Initializes a new instance of the <see cref="OAuth2AuthorizationServerSection"/> class. + /// </summary> + internal OAuth2AuthorizationServerSection() { + } + + /// <summary> + /// Gets the configuration section from the .config file. + /// </summary> + internal static OAuth2AuthorizationServerSection Configuration { + get { + Contract.Ensures(Contract.Result<OAuth2AuthorizationServerSection>() != null); + return (OAuth2AuthorizationServerSection)ConfigurationManager.GetSection(SectionName) ?? new OAuth2AuthorizationServerSection(); + } + } + + /// <summary> + /// Gets or sets the services to use for discovering service endpoints for identifiers. + /// </summary> + /// <remarks> + /// If no discovery services are defined in the (web) application's .config file, + /// the default set of discovery services built into the library are used. + /// </remarks> + [ConfigurationProperty(ClientAuthenticationModulesElementName, IsDefaultCollection = false)] + [ConfigurationCollection(typeof(TypeConfigurationCollection<ClientAuthenticationModule>))] + internal TypeConfigurationCollection<ClientAuthenticationModule> ClientAuthenticationModules { + get { + var configResult = (TypeConfigurationCollection<ClientAuthenticationModule>)this[ClientAuthenticationModulesElementName]; + return configResult != null && configResult.Count > 0 ? configResult : defaultClientAuthenticationModules; + } + + set { + this[ClientAuthenticationModulesElementName] = value; + } + } + } +} diff --git a/src/DotNetOpenAuth.OAuth2.AuthorizationServer/DotNetOpenAuth.OAuth2.AuthorizationServer.csproj b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/DotNetOpenAuth.OAuth2.AuthorizationServer.csproj index f6b1a50..34d59ee 100644 --- a/src/DotNetOpenAuth.OAuth2.AuthorizationServer/DotNetOpenAuth.OAuth2.AuthorizationServer.csproj +++ b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/DotNetOpenAuth.OAuth2.AuthorizationServer.csproj @@ -18,7 +18,33 @@ <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Release|AnyCPU' "> </PropertyGroup> <ItemGroup> + <Compile Include="Configuration\OAuth2AuthorizationServerSection.cs" /> <Compile Include="OAuth2\AuthorizationServer.cs" /> + <Compile Include="OAuth2\AuthorizationServerAccessToken.cs" /> + <Compile Include="OAuth2\AuthServerStrings.Designer.cs"> + <AutoGen>True</AutoGen> + <DesignTime>True</DesignTime> + <DependentUpon>AuthServerStrings.resx</DependentUpon> + </Compile> + <Compile Include="OAuth2\AuthServerUtilities.cs" /> + <Compile Include="OAuth2\ChannelElements\AggregatingClientCredentialReader.cs" /> + <Compile Include="OAuth2\ChannelElements\ClientCredentialHttpBasicReader.cs" /> + <Compile Include="OAuth2\ChannelElements\ClientCredentialMessagePartReader.cs" /> + <Compile Include="OAuth2\ChannelElements\TokenCodeSerializationBindingElement.cs" /> + <Compile Include="OAuth2\ChannelElements\AuthorizationCode.cs" /> + <Compile Include="OAuth2\ChannelElements\MessageValidationBindingElement.cs" /> + <Compile Include="OAuth2\ChannelElements\AuthServerBindingElementBase.cs" /> + <Compile Include="OAuth2\ChannelElements\IOAuth2ChannelWithAuthorizationServer.cs" /> + <Compile Include="OAuth2\ChannelElements\OAuth2AuthorizationServerChannel.cs" /> + <Compile Include="OAuth2\ChannelElements\RefreshToken.cs" /> + <Compile Include="OAuth2\ChannelElements\ClientAuthenticationModule.cs" /> + <Compile Include="OAuth2\ClientDescription.cs" /> + <Compile Include="OAuth2\IAuthorizationServerHost.cs" /> + <Compile Include="OAuth2\Messages\AccessTokenAuthorizationCodeRequestAS.cs" /> + <Compile Include="OAuth2\Messages\AccessTokenRefreshRequestAS.cs" /> + <Compile Include="OAuth2\Messages\EndUserAuthorizationSuccessAuthCodeResponseAS.cs" /> + <Compile Include="OAuth2\Messages\IAuthorizationCodeCarryingRequest.cs" /> + <Compile Include="OAuth2\Messages\IRefreshTokenCarryingRequest.cs" /> <Compile Include="Properties\AssemblyInfo.cs" /> </ItemGroup> <ItemGroup> @@ -26,11 +52,21 @@ <Project>{60426312-6AE5-4835-8667-37EDEA670222}</Project> <Name>DotNetOpenAuth.Core</Name> </ProjectReference> + <ProjectReference Include="..\DotNetOpenAuth.OAuth2.ClientAuthorization\DotNetOpenAuth.OAuth2.ClientAuthorization.csproj"> + <Project>{CCF3728A-B3D7-404A-9BC6-75197135F2D7}</Project> + <Name>DotNetOpenAuth.OAuth2.ClientAuthorization</Name> + </ProjectReference> <ProjectReference Include="..\DotNetOpenAuth.OAuth2\DotNetOpenAuth.OAuth2.csproj"> <Project>{56459A6C-6BA2-4BAC-A9C0-27E3BD961FA6}</Project> <Name>DotNetOpenAuth.OAuth2</Name> </ProjectReference> </ItemGroup> + <ItemGroup> + <EmbeddedResource Include="OAuth2\AuthServerStrings.resx"> + <Generator>ResXFileCodeGenerator</Generator> + <LastGenOutput>AuthServerStrings.Designer.cs</LastGenOutput> + </EmbeddedResource> + </ItemGroup> <Import Project="$(MSBuildToolsPath)\Microsoft.CSharp.targets" /> <Import Project="$(ProjectRoot)tools\DotNetOpenAuth.targets" /> <Import Project="$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.targets))\EnlistmentInfo.targets" Condition=" '$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.targets))' != '' " /> diff --git a/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/AuthServerStrings.Designer.cs b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/AuthServerStrings.Designer.cs new file mode 100644 index 0000000..4b4f830 --- /dev/null +++ b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/AuthServerStrings.Designer.cs @@ -0,0 +1,117 @@ +//------------------------------------------------------------------------------ +// <auto-generated> +// This code was generated by a tool. +// Runtime Version:4.0.30319.17614 +// +// Changes to this file may cause incorrect behavior and will be lost if +// the code is regenerated. +// </auto-generated> +//------------------------------------------------------------------------------ + +namespace DotNetOpenAuth.OAuth2 { + using System; + + + /// <summary> + /// A strongly-typed resource class, for looking up localized strings, etc. + /// </summary> + // This class was auto-generated by the StronglyTypedResourceBuilder + // class via a tool like ResGen or Visual Studio. + // To add or remove a member, edit your .ResX file then rerun ResGen + // with the /str option, or rebuild your VS project. + [global::System.CodeDom.Compiler.GeneratedCodeAttribute("System.Resources.Tools.StronglyTypedResourceBuilder", "4.0.0.0")] + [global::System.Diagnostics.DebuggerNonUserCodeAttribute()] + [global::System.Runtime.CompilerServices.CompilerGeneratedAttribute()] + internal class AuthServerStrings { + + private static global::System.Resources.ResourceManager resourceMan; + + private static global::System.Globalization.CultureInfo resourceCulture; + + [global::System.Diagnostics.CodeAnalysis.SuppressMessageAttribute("Microsoft.Performance", "CA1811:AvoidUncalledPrivateCode")] + internal AuthServerStrings() { + } + + /// <summary> + /// Returns the cached ResourceManager instance used by this class. + /// </summary> + [global::System.ComponentModel.EditorBrowsableAttribute(global::System.ComponentModel.EditorBrowsableState.Advanced)] + internal static global::System.Resources.ResourceManager ResourceManager { + get { + if (object.ReferenceEquals(resourceMan, null)) { + global::System.Resources.ResourceManager temp = new global::System.Resources.ResourceManager("DotNetOpenAuth.OAuth2.AuthServerStrings", typeof(AuthServerStrings).Assembly); + resourceMan = temp; + } + return resourceMan; + } + } + + /// <summary> + /// Overrides the current thread's CurrentUICulture property for all + /// resource lookups using this strongly typed resource class. + /// </summary> + [global::System.ComponentModel.EditorBrowsableAttribute(global::System.ComponentModel.EditorBrowsableState.Advanced)] + internal static global::System.Globalization.CultureInfo Culture { + get { + return resourceCulture; + } + set { + resourceCulture = value; + } + } + + /// <summary> + /// Looks up a localized string similar to The requested access scope exceeds the grant scope.. + /// </summary> + internal static string AccessScopeExceedsGrantScope { + get { + return ResourceManager.GetString("AccessScopeExceedsGrantScope", resourceCulture); + } + } + + /// <summary> + /// Looks up a localized string similar to The callback URL ({0}) is not allowed for this client.. + /// </summary> + internal static string ClientCallbackDisallowed { + get { + return ResourceManager.GetString("ClientCallbackDisallowed", resourceCulture); + } + } + + /// <summary> + /// Looks up a localized string similar to Failure looking up secret for client or token.. + /// </summary> + internal static string ClientOrTokenSecretNotFound { + get { + return ResourceManager.GetString("ClientOrTokenSecretNotFound", resourceCulture); + } + } + + /// <summary> + /// Looks up a localized string similar to The client secret was incorrect.. + /// </summary> + internal static string ClientSecretMismatch { + get { + return ResourceManager.GetString("ClientSecretMismatch", resourceCulture); + } + } + + /// <summary> + /// Looks up a localized string similar to Invalid resource owner password credential.. + /// </summary> + internal static string InvalidResourceOwnerPasswordCredential { + get { + return ResourceManager.GetString("InvalidResourceOwnerPasswordCredential", resourceCulture); + } + } + + /// <summary> + /// Looks up a localized string similar to No callback URI was available for this request.. + /// </summary> + internal static string NoCallback { + get { + return ResourceManager.GetString("NoCallback", resourceCulture); + } + } + } +} diff --git a/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/AuthServerStrings.resx b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/AuthServerStrings.resx new file mode 100644 index 0000000..29d841a --- /dev/null +++ b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/AuthServerStrings.resx @@ -0,0 +1,138 @@ +<?xml version="1.0" encoding="utf-8"?> +<root> + <!-- + Microsoft ResX Schema + + Version 2.0 + + The primary goals of this format is to allow a simple XML format + that is mostly human readable. The generation and parsing of the + various data types are done through the TypeConverter classes + associated with the data types. + + Example: + + ... ado.net/XML headers & schema ... + <resheader name="resmimetype">text/microsoft-resx</resheader> + <resheader name="version">2.0</resheader> + <resheader name="reader">System.Resources.ResXResourceReader, System.Windows.Forms, ...</resheader> + <resheader name="writer">System.Resources.ResXResourceWriter, System.Windows.Forms, ...</resheader> + <data name="Name1"><value>this is my long string</value><comment>this is a comment</comment></data> + <data name="Color1" type="System.Drawing.Color, System.Drawing">Blue</data> + <data name="Bitmap1" mimetype="application/x-microsoft.net.object.binary.base64"> + <value>[base64 mime encoded serialized .NET Framework object]</value> + </data> + <data name="Icon1" type="System.Drawing.Icon, System.Drawing" mimetype="application/x-microsoft.net.object.bytearray.base64"> + <value>[base64 mime encoded string representing a byte array form of the .NET Framework object]</value> + <comment>This is a comment</comment> + </data> + + There are any number of "resheader" rows that contain simple + name/value pairs. + + Each data row contains a name, and value. The row also contains a + type or mimetype. Type corresponds to a .NET class that support + text/value conversion through the TypeConverter architecture. + Classes that don't support this are serialized and stored with the + mimetype set. + + The mimetype is used for serialized objects, and tells the + ResXResourceReader how to depersist the object. This is currently not + extensible. For a given mimetype the value must be set accordingly: + + Note - application/x-microsoft.net.object.binary.base64 is the format + that the ResXResourceWriter will generate, however the reader can + read any of the formats listed below. + + mimetype: application/x-microsoft.net.object.binary.base64 + value : The object must be serialized with + : System.Runtime.Serialization.Formatters.Binary.BinaryFormatter + : and then encoded with base64 encoding. + + mimetype: application/x-microsoft.net.object.soap.base64 + value : The object must be serialized with + : System.Runtime.Serialization.Formatters.Soap.SoapFormatter + : and then encoded with base64 encoding. + + mimetype: application/x-microsoft.net.object.bytearray.base64 + value : The object must be serialized into a byte array + : using a System.ComponentModel.TypeConverter + : and then encoded with base64 encoding. + --> + <xsd:schema id="root" xmlns="" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:msdata="urn:schemas-microsoft-com:xml-msdata"> + <xsd:import namespace="http://www.w3.org/XML/1998/namespace" /> + <xsd:element name="root" msdata:IsDataSet="true"> + <xsd:complexType> + <xsd:choice maxOccurs="unbounded"> + <xsd:element name="metadata"> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="value" type="xsd:string" minOccurs="0" /> + </xsd:sequence> + <xsd:attribute name="name" use="required" type="xsd:string" /> + <xsd:attribute name="type" type="xsd:string" /> + <xsd:attribute name="mimetype" type="xsd:string" /> + <xsd:attribute ref="xml:space" /> + </xsd:complexType> + </xsd:element> + <xsd:element name="assembly"> + <xsd:complexType> + <xsd:attribute name="alias" type="xsd:string" /> + <xsd:attribute name="name" type="xsd:string" /> + </xsd:complexType> + </xsd:element> + <xsd:element name="data"> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="value" type="xsd:string" minOccurs="0" msdata:Ordinal="1" /> + <xsd:element name="comment" type="xsd:string" minOccurs="0" msdata:Ordinal="2" /> + </xsd:sequence> + <xsd:attribute name="name" type="xsd:string" use="required" msdata:Ordinal="1" /> + <xsd:attribute name="type" type="xsd:string" msdata:Ordinal="3" /> + <xsd:attribute name="mimetype" type="xsd:string" msdata:Ordinal="4" /> + <xsd:attribute ref="xml:space" /> + </xsd:complexType> + </xsd:element> + <xsd:element name="resheader"> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="value" type="xsd:string" minOccurs="0" msdata:Ordinal="1" /> + </xsd:sequence> + <xsd:attribute name="name" type="xsd:string" use="required" /> + </xsd:complexType> + </xsd:element> + </xsd:choice> + </xsd:complexType> + </xsd:element> + </xsd:schema> + <resheader name="resmimetype"> + <value>text/microsoft-resx</value> + </resheader> + <resheader name="version"> + <value>2.0</value> + </resheader> + <resheader name="reader"> + <value>System.Resources.ResXResourceReader, System.Windows.Forms, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</value> + </resheader> + <resheader name="writer"> + <value>System.Resources.ResXResourceWriter, System.Windows.Forms, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</value> + </resheader> + <data name="AccessScopeExceedsGrantScope" xml:space="preserve"> + <value>The requested access scope exceeds the grant scope.</value> + </data> + <data name="ClientCallbackDisallowed" xml:space="preserve"> + <value>The callback URL ({0}) is not allowed for this client.</value> + </data> + <data name="ClientOrTokenSecretNotFound" xml:space="preserve"> + <value>Failure looking up secret for client or token.</value> + </data> + <data name="ClientSecretMismatch" xml:space="preserve"> + <value>The client secret was incorrect.</value> + </data> + <data name="InvalidResourceOwnerPasswordCredential" xml:space="preserve"> + <value>Invalid resource owner password credential.</value> + </data> + <data name="NoCallback" xml:space="preserve"> + <value>No callback URI was available for this request.</value> + </data> +</root>
\ No newline at end of file diff --git a/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/AuthServerUtilities.cs b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/AuthServerUtilities.cs new file mode 100644 index 0000000..b8a1071 --- /dev/null +++ b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/AuthServerUtilities.cs @@ -0,0 +1,65 @@ +//----------------------------------------------------------------------- +// <copyright file="AuthServerUtilities.cs" company="Outercurve Foundation"> +// Copyright (c) Outercurve Foundation. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- + +namespace DotNetOpenAuth.OAuth2 { + using System; + using System.Collections.Generic; + using System.Diagnostics.Contracts; + using System.Globalization; + using System.Linq; + using System.Text; + using DotNetOpenAuth.Messaging; + using DotNetOpenAuth.OAuth2.ChannelElements; + using DotNetOpenAuth.OAuth2.Messages; + + /// <summary> + /// Utility methods for authorization servers. + /// </summary> + internal static class AuthServerUtilities { + /// <summary> + /// Gets information about the client with a given identifier. + /// </summary> + /// <param name="authorizationServer">The authorization server.</param> + /// <param name="clientIdentifier">The client identifier.</param> + /// <returns>The client information. Never null.</returns> + internal static IClientDescription GetClientOrThrow(this IAuthorizationServerHost authorizationServer, string clientIdentifier) { + Requires.NotNullOrEmpty(clientIdentifier, "clientIdentifier"); + Contract.Ensures(Contract.Result<IClientDescription>() != null); + + try { + var result = authorizationServer.GetClient(clientIdentifier); + ErrorUtilities.VerifyHost(result != null, OAuthStrings.ResultShouldNotBeNull, authorizationServer.GetType().FullName, "GetClient(string)"); + return result; + } catch (KeyNotFoundException ex) { + throw ErrorUtilities.Wrap(ex, AuthServerStrings.ClientOrTokenSecretNotFound); + } catch (ArgumentException ex) { + throw ErrorUtilities.Wrap(ex, AuthServerStrings.ClientOrTokenSecretNotFound); + } + } + + /// <summary> + /// Verifies a condition is true or throws an exception describing the problem. + /// </summary> + /// <param name="condition">The condition that evaluates to true to avoid an exception.</param> + /// <param name="requestMessage">The request message.</param> + /// <param name="error">A single error code from <see cref="Protocol.AccessTokenRequestErrorCodes"/>.</param> + /// <param name="authenticationModule">The authentication module from which to glean the WWW-Authenticate header when applicable.</param> + /// <param name="unformattedDescription">A human-readable UTF-8 encoded text providing additional information, used to assist the client developer in understanding the error that occurred.</param> + /// <param name="args">The formatting arguments to generate the actual description.</param> + internal static void TokenEndpointVerify(bool condition, AccessTokenRequestBase requestMessage, string error, ClientAuthenticationModule authenticationModule = null, string unformattedDescription = null, params object[] args) { + if (!condition) { + string description = unformattedDescription != null ? string.Format(CultureInfo.CurrentCulture, unformattedDescription, args) : null; + + string wwwAuthenticateHeader = null; + if (authenticationModule != null) { + wwwAuthenticateHeader = authenticationModule.AuthenticateHeader; + } + + throw new TokenEndpointProtocolException(requestMessage, error, description, authenticateHeader: wwwAuthenticateHeader); + } + } + } +} diff --git a/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/AuthorizationServer.cs b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/AuthorizationServer.cs index f555248..6a96c2d 100644 --- a/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/AuthorizationServer.cs +++ b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/AuthorizationServer.cs @@ -13,7 +13,7 @@ namespace DotNetOpenAuth.OAuth2 { using System.Security.Cryptography; using System.Text; using System.Web; - + using DotNetOpenAuth.Configuration; using DotNetOpenAuth.Messaging; using DotNetOpenAuth.OAuth2.ChannelElements; using DotNetOpenAuth.OAuth2.Messages; @@ -23,12 +23,30 @@ namespace DotNetOpenAuth.OAuth2 { /// </summary> public class AuthorizationServer { /// <summary> + /// A reusable instance of the scope satisfied checker. + /// </summary> + private static readonly IScopeSatisfiedCheck DefaultScopeSatisfiedCheck = new StandardScopeSatisfiedCheck(); + + /// <summary> + /// The list of modules that verify client authentication data. + /// </summary> + private readonly List<ClientAuthenticationModule> clientAuthenticationModules = new List<ClientAuthenticationModule>(); + + /// <summary> + /// The lone aggregate client authentication module that uses the <see cref="clientAuthenticationModules"/> and applies aggregating policy. + /// </summary> + private readonly ClientAuthenticationModule aggregatingClientAuthenticationModule; + + /// <summary> /// Initializes a new instance of the <see cref="AuthorizationServer"/> class. /// </summary> /// <param name="authorizationServer">The authorization server.</param> - public AuthorizationServer(IAuthorizationServer authorizationServer) { + public AuthorizationServer(IAuthorizationServerHost authorizationServer) { Requires.NotNull(authorizationServer, "authorizationServer"); - this.Channel = new OAuth2AuthorizationServerChannel(authorizationServer); + this.aggregatingClientAuthenticationModule = new AggregatingClientCredentialReader(this.clientAuthenticationModules); + this.Channel = new OAuth2AuthorizationServerChannel(authorizationServer, this.aggregatingClientAuthenticationModule); + this.clientAuthenticationModules.AddRange(OAuth2AuthorizationServerSection.Configuration.ClientAuthenticationModules.CreateInstances(true)); + this.ScopeSatisfiedCheck = DefaultScopeSatisfiedCheck; } /// <summary> @@ -41,11 +59,26 @@ namespace DotNetOpenAuth.OAuth2 { /// Gets the authorization server. /// </summary> /// <value>The authorization server.</value> - public IAuthorizationServer AuthorizationServerServices { + public IAuthorizationServerHost AuthorizationServerServices { get { return ((IOAuth2ChannelWithAuthorizationServer)this.Channel).AuthorizationServer; } } /// <summary> + /// Gets the extension modules that can read client authentication data from incoming messages. + /// </summary> + public IList<ClientAuthenticationModule> ClientAuthenticationModules { + get { return this.clientAuthenticationModules; } + } + + /// <summary> + /// Gets or sets the service that checks whether a granted set of scopes satisfies a required set of scopes. + /// </summary> + public IScopeSatisfiedCheck ScopeSatisfiedCheck { + get { return ((IOAuth2ChannelWithAuthorizationServer)this.Channel).ScopeSatisfiedCheck; } + set { ((IOAuth2ChannelWithAuthorizationServer)this.Channel).ScopeSatisfiedCheck = value; } + } + + /// <summary> /// Reads in a client's request for the Authorization Server to obtain permission from /// the user to authorize the Client's access of some protected resource(s). /// </summary> @@ -63,7 +96,7 @@ namespace DotNetOpenAuth.OAuth2 { if (message.ResponseType == EndUserAuthorizationResponseType.AuthorizationCode) { // Clients with no secrets can only request implicit grant types. var client = this.AuthorizationServerServices.GetClientOrThrow(message.ClientIdentifier); - ErrorUtilities.VerifyProtocol(!string.IsNullOrEmpty(client.Secret), Protocol.unauthorized_client); + ErrorUtilities.VerifyProtocol(client.HasNonEmptySecret, Protocol.EndUserAuthorizationRequestErrorCodes.UnauthorizedClient); } } @@ -110,17 +143,30 @@ namespace DotNetOpenAuth.OAuth2 { IProtocolMessage responseMessage; try { if (this.Channel.TryReadFromRequest(request, out requestMessage)) { - // TODO: refreshToken should be set appropriately based on authorization server policy. - responseMessage = this.PrepareAccessTokenResponse(requestMessage); + var accessTokenResult = this.AuthorizationServerServices.CreateAccessToken(requestMessage); + ErrorUtilities.VerifyHost(accessTokenResult != null, "IAuthorizationServerHost.CreateAccessToken must not return null."); + + IAccessTokenRequestInternal accessRequestInternal = requestMessage; + accessRequestInternal.AccessTokenResult = accessTokenResult; + + var successResponseMessage = this.PrepareAccessTokenResponse(requestMessage, accessTokenResult.AllowRefreshToken); + successResponseMessage.Lifetime = accessTokenResult.AccessToken.Lifetime; + + var authCarryingRequest = requestMessage as IAuthorizationCarryingRequest; + if (authCarryingRequest != null) { + accessTokenResult.AccessToken.ApplyAuthorization(authCarryingRequest.AuthorizationDescription); + IAccessTokenIssuingResponse accessTokenIssuingResponse = successResponseMessage; + accessTokenIssuingResponse.AuthorizationDescription = accessTokenResult.AccessToken; + } + + responseMessage = successResponseMessage; } else { - responseMessage = new AccessTokenFailedResponse() { - Error = Protocol.AccessTokenRequestErrorCodes.InvalidRequest, - }; + responseMessage = new AccessTokenFailedResponse() { Error = Protocol.AccessTokenRequestErrorCodes.InvalidRequest }; } + } catch (TokenEndpointProtocolException ex) { + responseMessage = ex.GetResponse(); } catch (ProtocolException) { - responseMessage = new AccessTokenFailedResponse() { - Error = Protocol.AccessTokenRequestErrorCodes.InvalidRequest, - }; + responseMessage = new AccessTokenFailedResponse() { Error = Protocol.AccessTokenRequestErrorCodes.InvalidRequest }; } return this.Channel.PrepareResponse(responseMessage); @@ -165,12 +211,30 @@ namespace DotNetOpenAuth.OAuth2 { EndUserAuthorizationSuccessResponseBase response; switch (authorizationRequest.ResponseType) { case EndUserAuthorizationResponseType.AccessToken: - var accessTokenResponse = new EndUserAuthorizationSuccessAccessTokenResponse(callback, authorizationRequest); - accessTokenResponse.Lifetime = this.AuthorizationServerServices.GetAccessTokenLifetime((EndUserAuthorizationImplicitRequest)authorizationRequest); - response = accessTokenResponse; + IAccessTokenRequestInternal accessRequestInternal = (EndUserAuthorizationImplicitRequest)authorizationRequest; + var accessTokenResult = this.AuthorizationServerServices.CreateAccessToken(accessRequestInternal); + ErrorUtilities.VerifyHost(accessTokenResult != null, "IAuthorizationServerHost.CreateAccessToken must not return null."); + + accessRequestInternal.AccessTokenResult = accessTokenResult; + + var implicitGrantResponse = new EndUserAuthorizationSuccessAccessTokenResponse(callback, authorizationRequest); + implicitGrantResponse.Lifetime = accessTokenResult.AccessToken.Lifetime; + accessTokenResult.AccessToken.ApplyAuthorization(implicitGrantResponse.Scope, userName, implicitGrantResponse.Lifetime); + + IAccessTokenCarryingRequest tokenCarryingResponse = implicitGrantResponse; + tokenCarryingResponse.AuthorizationDescription = accessTokenResult.AccessToken; + + response = implicitGrantResponse; break; case EndUserAuthorizationResponseType.AuthorizationCode: - response = new EndUserAuthorizationSuccessAuthCodeResponse(callback, authorizationRequest); + var authCodeResponse = new EndUserAuthorizationSuccessAuthCodeResponseAS(callback, authorizationRequest); + IAuthorizationCodeCarryingRequest codeCarryingResponse = authCodeResponse; + codeCarryingResponse.AuthorizationDescription = new AuthorizationCode( + authorizationRequest.ClientIdentifier, + authorizationRequest.Callback, + authCodeResponse.Scope, + userName); + response = authCodeResponse; break; default: throw ErrorUtilities.ThrowInternal("Unexpected response type."); @@ -208,7 +272,7 @@ namespace DotNetOpenAuth.OAuth2 { // Since the request didn't include a callback URL, look up the callback from // the client's preregistration with this authorization server. Uri defaultCallback = client.DefaultCallback; - ErrorUtilities.VerifyProtocol(defaultCallback != null, OAuthStrings.NoCallback); + ErrorUtilities.VerifyProtocol(defaultCallback != null, AuthServerStrings.NoCallback); return defaultCallback; } @@ -216,24 +280,24 @@ namespace DotNetOpenAuth.OAuth2 { /// Prepares the response to an access token request. /// </summary> /// <param name="request">The request for an access token.</param> - /// <param name="includeRefreshToken">If set to <c>true</c>, the response will include a long-lived refresh token.</param> + /// <param name="allowRefreshToken">If set to <c>true</c>, the response will include a long-lived refresh token.</param> /// <returns>The response message to send to the client.</returns> - private IDirectResponseProtocolMessage PrepareAccessTokenResponse(AccessTokenRequestBase request, bool includeRefreshToken = true) { + private AccessTokenSuccessResponse PrepareAccessTokenResponse(AccessTokenRequestBase request, bool allowRefreshToken = true) { Requires.NotNull(request, "request"); - if (includeRefreshToken) { + if (allowRefreshToken) { if (request is AccessTokenClientCredentialsRequest) { // Per OAuth 2.0 section 4.4.3 (draft 23), refresh tokens should never be included // in a response to an access token request that used the client credential grant type. Logger.OAuth.Debug("Suppressing refresh token in access token response because the grant type used by the client disallows it."); - includeRefreshToken = false; + allowRefreshToken = false; } } var tokenRequest = (IAuthorizationCarryingRequest)request; + var accessTokenRequest = (IAccessTokenRequestInternal)request; var response = new AccessTokenSuccessResponse(request) { - Lifetime = this.AuthorizationServerServices.GetAccessTokenLifetime(request), - HasRefreshToken = includeRefreshToken, + HasRefreshToken = allowRefreshToken, }; response.Scope.ResetContents(tokenRequest.AuthorizationDescription.Scope); return response; diff --git a/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/AuthorizationServerAccessToken.cs b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/AuthorizationServerAccessToken.cs new file mode 100644 index 0000000..c577a0a --- /dev/null +++ b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/AuthorizationServerAccessToken.cs @@ -0,0 +1,52 @@ +//----------------------------------------------------------------------- +// <copyright file="AuthorizationServerAccessToken.cs" company="Andrew Arnott"> +// Copyright (c) Andrew Arnott. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- + +namespace DotNetOpenAuth.OAuth2 { + using System; + using System.Collections.Generic; + using System.Diagnostics.Contracts; + using System.Linq; + using System.Security.Cryptography; + using System.Text; + using DotNetOpenAuth.Messaging; + using DotNetOpenAuth.OAuth2.ChannelElements; + + /// <summary> + /// An access token minted by the authorization server that can be serialized for transmission to the client. + /// </summary> + public class AuthorizationServerAccessToken : AccessToken { + /// <summary> + /// Initializes a new instance of the <see cref="AuthorizationServerAccessToken"/> class. + /// </summary> + public AuthorizationServerAccessToken() { + } + + /// <summary> + /// Gets or sets the crypto service provider with the asymmetric private key to use for signing access tokens. + /// </summary> + /// <returns>A crypto service provider instance that contains the private key.</returns> + /// <value>Must not be null, and must contain the private key.</value> + /// <remarks> + /// The public key in the private/public key pair will be used by the resource + /// servers to validate that the access token is minted by a trusted authorization server. + /// </remarks> + public RSACryptoServiceProvider AccessTokenSigningKey { get; set; } + + /// <summary> + /// Gets or sets the key to encrypt the access token. + /// </summary> + public RSACryptoServiceProvider ResourceServerEncryptionKey { get; set; } + + /// <summary> + /// Serializes this instance to a simple string for transmission to the client. + /// </summary> + /// <returns>A non-empty string.</returns> + protected internal override string Serialize() { + var formatter = CreateFormatter(this.AccessTokenSigningKey, this.ResourceServerEncryptionKey); + return formatter.Serialize(this); + } + } +} diff --git a/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/AggregatingClientCredentialReader.cs b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/AggregatingClientCredentialReader.cs new file mode 100644 index 0000000..ace95b3 --- /dev/null +++ b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/AggregatingClientCredentialReader.cs @@ -0,0 +1,91 @@ +//----------------------------------------------------------------------- +// <copyright file="AggregatingClientCredentialReader.cs" company="Andrew Arnott"> +// Copyright (c) Andrew Arnott. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- + +namespace DotNetOpenAuth.OAuth2.ChannelElements { + using System; + using System.Collections.Generic; + using System.Globalization; + using System.Linq; + using System.Text; + using System.Web; + using DotNetOpenAuth.Messaging; + using DotNetOpenAuth.OAuth2.Messages; + + /// <summary> + /// Applies OAuth 2 spec policy for supporting multiple methods of client authentication. + /// </summary> + internal class AggregatingClientCredentialReader : ClientAuthenticationModule { + /// <summary> + /// The set of authenticators to apply to an incoming request. + /// </summary> + private readonly IEnumerable<ClientAuthenticationModule> authenticators; + + /// <summary> + /// Initializes a new instance of the <see cref="AggregatingClientCredentialReader"/> class. + /// </summary> + /// <param name="authenticators">The set of authentication modules to apply.</param> + internal AggregatingClientCredentialReader(IEnumerable<ClientAuthenticationModule> authenticators) { + Requires.NotNull(authenticators, "readers"); + this.authenticators = authenticators; + } + + /// <summary> + /// Gets this module's contribution to an HTTP 401 WWW-Authenticate header so the client knows what kind of authentication this module supports. + /// </summary> + public override string AuthenticateHeader { + get { + var builder = new StringBuilder(); + foreach (var authenticator in this.authenticators) { + string scheme = authenticator.AuthenticateHeader; + if (scheme != null) { + if (builder.Length > 0) { + builder.Append(", "); + } + + builder.Append(scheme); + } + } + + return builder.Length > 0 ? builder.ToString() : null; + } + } + + /// <summary> + /// Attempts to extract client identification/authentication information from a message. + /// </summary> + /// <param name="authorizationServerHost">The authorization server host.</param> + /// <param name="requestMessage">The incoming message.</param> + /// <param name="clientIdentifier">Receives the client identifier, if one was found.</param> + /// <returns>The level of the extracted client information.</returns> + public override ClientAuthenticationResult TryAuthenticateClient(IAuthorizationServerHost authorizationServerHost, AuthenticatedClientRequestBase requestMessage, out string clientIdentifier) { + Requires.NotNull(authorizationServerHost, "authorizationServerHost"); + Requires.NotNull(requestMessage, "requestMessage"); + + ClientAuthenticationModule authenticator = null; + ClientAuthenticationResult result = ClientAuthenticationResult.NoAuthenticationRecognized; + clientIdentifier = null; + + foreach (var candidateAuthenticator in this.authenticators) { + string candidateClientIdentifier; + var resultCandidate = candidateAuthenticator.TryAuthenticateClient(authorizationServerHost, requestMessage, out candidateClientIdentifier); + + ErrorUtilities.VerifyProtocol( + result == ClientAuthenticationResult.NoAuthenticationRecognized || resultCandidate == ClientAuthenticationResult.NoAuthenticationRecognized, + "Message rejected because multiple forms of client authentication ({0} and {1}) were detected, which is forbidden by the OAuth 2 Protocol Framework specification.", + authenticator, + candidateAuthenticator); + + if (resultCandidate != ClientAuthenticationResult.NoAuthenticationRecognized) { + authenticator = candidateAuthenticator; + result = resultCandidate; + clientIdentifier = candidateClientIdentifier; + } + } + + return result; + } + } +} diff --git a/src/DotNetOpenAuth.OAuth2/OAuth2/ChannelElements/AuthServerBindingElementBase.cs b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/AuthServerBindingElementBase.cs index 49f820d..9d3a52c 100644 --- a/src/DotNetOpenAuth.OAuth2/OAuth2/ChannelElements/AuthServerBindingElementBase.cs +++ b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/AuthServerBindingElementBase.cs @@ -38,10 +38,17 @@ namespace DotNetOpenAuth.OAuth2.ChannelElements { public abstract MessageProtections Protection { get; } /// <summary> + /// Gets the channel to which this binding element belongs. + /// </summary> + internal IOAuth2ChannelWithAuthorizationServer AuthServerChannel { + get { return (IOAuth2ChannelWithAuthorizationServer)this.Channel; } + } + + /// <summary> /// Gets the authorization server hosting this channel. /// </summary> /// <value>The authorization server.</value> - protected IAuthorizationServer AuthorizationServer { + protected IAuthorizationServerHost AuthorizationServer { get { return ((IOAuth2ChannelWithAuthorizationServer)this.Channel).AuthorizationServer; } } diff --git a/src/DotNetOpenAuth.OAuth2/OAuth2/ChannelElements/AuthorizationCode.cs b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/AuthorizationCode.cs index 111c007..853a629 100644 --- a/src/DotNetOpenAuth.OAuth2/OAuth2/ChannelElements/AuthorizationCode.cs +++ b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/AuthorizationCode.cs @@ -47,6 +47,14 @@ namespace DotNetOpenAuth.OAuth2.ChannelElements { } /// <summary> + /// Gets the maximum message age from the standard expiration binding element. + /// </summary> + /// <value>This interval need not account for clock skew because it is only compared within a single authorization server or farm of servers.</value> + internal static TimeSpan MaximumMessageAge { + get { return Configuration.DotNetOpenAuthSection.Messaging.MaximumMessageLifetimeNoSkew; } + } + + /// <summary> /// Gets or sets the hash of the callback URL. /// </summary> [MessagePart("cb")] @@ -57,7 +65,7 @@ namespace DotNetOpenAuth.OAuth2.ChannelElements { /// </summary> /// <param name="authorizationServer">The authorization server that will be serializing/deserializing this authorization code. Must not be null.</param> /// <returns>A DataBag formatter.</returns> - internal static IDataBagFormatter<AuthorizationCode> CreateFormatter(IAuthorizationServer authorizationServer) { + internal static IDataBagFormatter<AuthorizationCode> CreateFormatter(IAuthorizationServerHost authorizationServer) { Requires.NotNull(authorizationServer, "authorizationServer"); Contract.Ensures(Contract.Result<IDataBagFormatter<AuthorizationCode>>() != null); @@ -70,8 +78,8 @@ namespace DotNetOpenAuth.OAuth2.ChannelElements { signed: true, encrypted: true, compressed: false, - maximumAge: AuthorizationCodeBindingElement.MaximumMessageAge, - decodeOnceOnly: authorizationServer.VerificationCodeNonceStore); + maximumAge: MaximumMessageAge, + decodeOnceOnly: authorizationServer.NonceStore); } /// <summary> @@ -86,7 +94,7 @@ namespace DotNetOpenAuth.OAuth2.ChannelElements { [SuppressMessage("Microsoft.Naming", "CA2204:Literals should be spelled correctly", MessageId = "redirecturimismatch", Justification = "Protocol requirement")] [SuppressMessage("Microsoft.Globalization", "CA1303:Do not pass literals as localized parameters", MessageId = "DotNetOpenAuth.Messaging.ErrorUtilities.VerifyProtocol(System.Boolean,System.String,System.Object[])", Justification = "Protocol requirement")] internal void VerifyCallback(Uri callback) { - ErrorUtilities.VerifyProtocol(MessagingUtilities.AreEquivalent(this.CallbackHash, CalculateCallbackHash(callback)), Protocol.redirect_uri_mismatch); + ErrorUtilities.VerifyProtocol(MessagingUtilities.AreEquivalentConstantTime(this.CallbackHash, CalculateCallbackHash(callback)), Protocol.redirect_uri_mismatch); } /// <summary> diff --git a/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/ClientAuthenticationModule.cs b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/ClientAuthenticationModule.cs new file mode 100644 index 0000000..027929a --- /dev/null +++ b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/ClientAuthenticationModule.cs @@ -0,0 +1,74 @@ +//----------------------------------------------------------------------- +// <copyright file="ClientAuthenticationModule.cs" company="Andrew Arnott"> +// Copyright (c) Andrew Arnott. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- + +namespace DotNetOpenAuth.OAuth2.ChannelElements { + using System; + using System.Collections.Generic; + using System.Linq; + using System.Text; + using System.Threading; + using System.Web; + using DotNetOpenAuth.Messaging; + using DotNetOpenAuth.OAuth2.Messages; + + /// <summary> + /// A base class for extensions that can read incoming messages and extract the client identifier and + /// possibly authentication information (like a shared secret, signed nonce, etc.) + /// </summary> + public abstract class ClientAuthenticationModule { + /// <summary> + /// Initializes a new instance of the <see cref="ClientAuthenticationModule"/> class. + /// </summary> + protected ClientAuthenticationModule() { + } + + /// <summary> + /// Gets this module's contribution to an HTTP 401 WWW-Authenticate header so the client knows what kind of authentication this module supports. + /// </summary> + public virtual string AuthenticateHeader { + get { return null; } + } + + /// <summary> + /// Attempts to extract client identification/authentication information from a message. + /// </summary> + /// <param name="authorizationServerHost">The authorization server host.</param> + /// <param name="requestMessage">The incoming message.</param> + /// <param name="clientIdentifier">Receives the client identifier, if one was found.</param> + /// <returns>The level of the extracted client information.</returns> + public abstract ClientAuthenticationResult TryAuthenticateClient(IAuthorizationServerHost authorizationServerHost, AuthenticatedClientRequestBase requestMessage, out string clientIdentifier); + + /// <summary> + /// Validates a client identifier and shared secret against the authoriation server's database. + /// </summary> + /// <param name="authorizationServerHost">The authorization server host; cannot be <c>null</c>.</param> + /// <param name="clientIdentifier">The alleged client identifier.</param> + /// <param name="clientSecret">The alleged client secret to be verified.</param> + /// <returns>An indication as to the outcome of the validation.</returns> + protected static ClientAuthenticationResult TryAuthenticateClientBySecret(IAuthorizationServerHost authorizationServerHost, string clientIdentifier, string clientSecret) { + Requires.NotNull(authorizationServerHost, "authorizationServerHost"); + + if (!string.IsNullOrEmpty(clientIdentifier)) { + var client = authorizationServerHost.GetClient(clientIdentifier); + if (client != null) { + if (!string.IsNullOrEmpty(clientSecret)) { + if (client.IsValidClientSecret(clientSecret)) { + return ClientAuthenticationResult.ClientAuthenticated; + } else { // invalid client secret + return ClientAuthenticationResult.ClientAuthenticationRejected; + } + } else { // no client secret provided + return ClientAuthenticationResult.ClientIdNotAuthenticated; + } + } else { // The client identifier is not recognized. + return ClientAuthenticationResult.ClientAuthenticationRejected; + } + } else { // no client id provided. + return ClientAuthenticationResult.NoAuthenticationRecognized; + } + } + } +} diff --git a/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/ClientCredentialHttpBasicReader.cs b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/ClientCredentialHttpBasicReader.cs new file mode 100644 index 0000000..655d38f --- /dev/null +++ b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/ClientCredentialHttpBasicReader.cs @@ -0,0 +1,48 @@ +//----------------------------------------------------------------------- +// <copyright file="ClientCredentialHttpBasicReader.cs" company="Andrew Arnott"> +// Copyright (c) Andrew Arnott. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- + +namespace DotNetOpenAuth.OAuth2.ChannelElements { + using System; + using System.Collections.Generic; + using System.Linq; + using System.Text; + using System.Web; + using DotNetOpenAuth.Messaging; + using DotNetOpenAuth.OAuth2.Messages; + + /// <summary> + /// Reads client authentication information from the HTTP Authorization header via Basic authentication. + /// </summary> + public class ClientCredentialHttpBasicReader : ClientAuthenticationModule { + /// <summary> + /// Gets this module's contribution to an HTTP 401 WWW-Authenticate header so the client knows what kind of authentication this module supports. + /// </summary> + public override string AuthenticateHeader { + get { return "Basic"; } + } + + /// <summary> + /// Attempts to extract client identification/authentication information from a message. + /// </summary> + /// <param name="authorizationServerHost">The authorization server host.</param> + /// <param name="requestMessage">The incoming message.</param> + /// <param name="clientIdentifier">Receives the client identifier, if one was found.</param> + /// <returns>The level of the extracted client information.</returns> + public override ClientAuthenticationResult TryAuthenticateClient(IAuthorizationServerHost authorizationServerHost, AuthenticatedClientRequestBase requestMessage, out string clientIdentifier) { + Requires.NotNull(authorizationServerHost, "authorizationServerHost"); + Requires.NotNull(requestMessage, "requestMessage"); + + var credential = OAuthUtilities.ParseHttpBasicAuth(requestMessage.Headers); + if (credential != null) { + clientIdentifier = credential.UserName; + return TryAuthenticateClientBySecret(authorizationServerHost, credential.UserName, credential.Password); + } + + clientIdentifier = null; + return ClientAuthenticationResult.NoAuthenticationRecognized; + } + } +} diff --git a/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/ClientCredentialMessagePartReader.cs b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/ClientCredentialMessagePartReader.cs new file mode 100644 index 0000000..2afd06e --- /dev/null +++ b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/ClientCredentialMessagePartReader.cs @@ -0,0 +1,34 @@ +//----------------------------------------------------------------------- +// <copyright file="ClientCredentialMessagePartReader.cs" company="Andrew Arnott"> +// Copyright (c) Andrew Arnott. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- + +namespace DotNetOpenAuth.OAuth2.ChannelElements { + using System; + using System.Collections.Generic; + using System.Linq; + using System.Text; + using System.Web; + using DotNetOpenAuth.OAuth2.Messages; + + /// <summary> + /// Reads client authentication information from the message payload itself (POST entity as a URI-encoded parameter). + /// </summary> + public class ClientCredentialMessagePartReader : ClientAuthenticationModule { + /// <summary> + /// Attempts to extract client identification/authentication information from a message. + /// </summary> + /// <param name="authorizationServerHost">The authorization server host.</param> + /// <param name="requestMessage">The incoming message.</param> + /// <param name="clientIdentifier">Receives the client identifier, if one was found.</param> + /// <returns>The level of the extracted client information.</returns> + public override ClientAuthenticationResult TryAuthenticateClient(IAuthorizationServerHost authorizationServerHost, AuthenticatedClientRequestBase requestMessage, out string clientIdentifier) { + Requires.NotNull(authorizationServerHost, "authorizationServerHost"); + Requires.NotNull(requestMessage, "requestMessage"); + + clientIdentifier = requestMessage.ClientIdentifier; + return TryAuthenticateClientBySecret(authorizationServerHost, requestMessage.ClientIdentifier, requestMessage.ClientSecret); + } + } +} diff --git a/src/DotNetOpenAuth.OAuth2/OAuth2/ChannelElements/IOAuth2ChannelWithAuthorizationServer.cs b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/IOAuth2ChannelWithAuthorizationServer.cs index 5fc73ce..5247062 100644 --- a/src/DotNetOpenAuth.OAuth2/OAuth2/ChannelElements/IOAuth2ChannelWithAuthorizationServer.cs +++ b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/IOAuth2ChannelWithAuthorizationServer.cs @@ -14,6 +14,11 @@ namespace DotNetOpenAuth.OAuth2.ChannelElements { /// Gets the authorization server. /// </summary> /// <value>The authorization server.</value> - IAuthorizationServer AuthorizationServer { get; } + IAuthorizationServerHost AuthorizationServer { get; } + + /// <summary> + /// Gets or sets the service that checks whether a granted set of scopes satisfies a required set of scopes. + /// </summary> + IScopeSatisfiedCheck ScopeSatisfiedCheck { get; set; } } } diff --git a/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/MessageValidationBindingElement.cs b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/MessageValidationBindingElement.cs new file mode 100644 index 0000000..80b843a --- /dev/null +++ b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/MessageValidationBindingElement.cs @@ -0,0 +1,202 @@ +//----------------------------------------------------------------------- +// <copyright file="MessageValidationBindingElement.cs" company="Outercurve Foundation"> +// Copyright (c) Outercurve Foundation. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- + +namespace DotNetOpenAuth.OAuth2.ChannelElements { + using System; + using System.Collections.Generic; + using System.Diagnostics.Contracts; + using System.Globalization; + using System.Linq; + using System.Text; + using DotNetOpenAuth.OAuth2.Messages; + using Messaging; + + /// <summary> + /// A guard for all messages to or from an Authorization Server to ensure that they are well formed, + /// have valid secrets, callback URIs, etc. + /// </summary> + /// <remarks> + /// This binding element also ensures that the code/token coming in is issued to + /// the same client that is sending the code/token and that the authorization has + /// not been revoked and that an access token has not expired. + /// </remarks> + internal class MessageValidationBindingElement : AuthServerBindingElementBase { + /// <summary> + /// The aggregating client authentication module. + /// </summary> + private readonly ClientAuthenticationModule clientAuthenticationModule; + + /// <summary> + /// Initializes a new instance of the <see cref="MessageValidationBindingElement"/> class. + /// </summary> + /// <param name="clientAuthenticationModule">The aggregating client authentication module.</param> + internal MessageValidationBindingElement(ClientAuthenticationModule clientAuthenticationModule) { + Requires.NotNull(clientAuthenticationModule, "clientAuthenticationModule"); + this.clientAuthenticationModule = clientAuthenticationModule; + } + + /// <summary> + /// Gets the protection commonly offered (if any) by this binding element. + /// </summary> + /// <remarks> + /// This value is used to assist in sorting binding elements in the channel stack. + /// </remarks> + public override MessageProtections Protection { + get { return MessageProtections.None; } + } + + /// <summary> + /// Prepares a message for sending based on the rules of this channel binding element. + /// </summary> + /// <param name="message">The message to prepare for sending.</param> + /// <returns> + /// The protections (if any) that this binding element applied to the message. + /// Null if this binding element did not even apply to this binding element. + /// </returns> + /// <remarks> + /// Implementations that provide message protection must honor the + /// <see cref="MessagePartAttribute.RequiredProtection"/> properties where applicable. + /// </remarks> + public override MessageProtections? ProcessOutgoingMessage(IProtocolMessage message) { + var accessTokenResponse = message as AccessTokenSuccessResponse; + if (accessTokenResponse != null) { + var directResponseMessage = (IDirectResponseProtocolMessage)accessTokenResponse; + var accessTokenRequest = (AccessTokenRequestBase)directResponseMessage.OriginatingRequest; + ErrorUtilities.VerifyProtocol(accessTokenRequest.GrantType != GrantType.ClientCredentials || accessTokenResponse.RefreshToken == null, OAuthStrings.NoGrantNoRefreshToken); + } + + return null; + } + + /// <summary> + /// Performs any transformation on an incoming message that may be necessary and/or + /// validates an incoming message based on the rules of this channel binding element. + /// </summary> + /// <param name="message">The incoming message to process.</param> + /// <returns> + /// The protections (if any) that this binding element applied to the message. + /// Null if this binding element did not even apply to this binding element. + /// </returns> + /// <exception cref="ProtocolException"> + /// Thrown when the binding element rules indicate that this message is invalid and should + /// NOT be processed. + /// </exception> + /// <remarks> + /// Implementations that provide message protection must honor the + /// <see cref="MessagePartAttribute.RequiredProtection"/> properties where applicable. + /// </remarks> + public override MessageProtections? ProcessIncomingMessage(IProtocolMessage message) { + bool applied = false; + + // Check that the client secret is correct for client authenticated messages. + var clientCredentialOnly = message as AccessTokenClientCredentialsRequest; + var authenticatedClientRequest = message as AuthenticatedClientRequestBase; + var accessTokenRequest = authenticatedClientRequest as AccessTokenRequestBase; // currently the only type of message. + var resourceOwnerPasswordCarrier = message as AccessTokenResourceOwnerPasswordCredentialsRequest; + if (authenticatedClientRequest != null) { + string clientIdentifier; + var result = this.clientAuthenticationModule.TryAuthenticateClient(this.AuthServerChannel.AuthorizationServer, authenticatedClientRequest, out clientIdentifier); + switch (result) { + case ClientAuthenticationResult.ClientAuthenticated: + break; + case ClientAuthenticationResult.NoAuthenticationRecognized: + case ClientAuthenticationResult.ClientIdNotAuthenticated: + // The only grant type that allows no client credentials is the resource owner credentials grant. + AuthServerUtilities.TokenEndpointVerify(resourceOwnerPasswordCarrier != null, accessTokenRequest, Protocol.AccessTokenRequestErrorCodes.InvalidClient, this.clientAuthenticationModule, AuthServerStrings.ClientSecretMismatch); + break; + default: + AuthServerUtilities.TokenEndpointVerify(false, accessTokenRequest, Protocol.AccessTokenRequestErrorCodes.InvalidClient, this.clientAuthenticationModule, AuthServerStrings.ClientSecretMismatch); + break; + } + + authenticatedClientRequest.ClientIdentifier = result == ClientAuthenticationResult.NoAuthenticationRecognized ? null : clientIdentifier; + accessTokenRequest.ClientAuthenticated = result == ClientAuthenticationResult.ClientAuthenticated; + applied = true; + } + + // Check that any resource owner password credential is correct. + if (resourceOwnerPasswordCarrier != null) { + try { + string canonicalUserName; + if (this.AuthorizationServer.TryAuthorizeResourceOwnerCredentialGrant(resourceOwnerPasswordCarrier.UserName, resourceOwnerPasswordCarrier.Password, resourceOwnerPasswordCarrier, out canonicalUserName)) { + ErrorUtilities.VerifyHost(!string.IsNullOrEmpty(canonicalUserName), "IsResourceOwnerCredentialValid did not initialize out parameter."); + resourceOwnerPasswordCarrier.CredentialsValidated = true; + resourceOwnerPasswordCarrier.UserName = canonicalUserName; + } else { + Logger.OAuth.ErrorFormat( + "Resource owner password credential for user \"{0}\" rejected by authorization server host.", + resourceOwnerPasswordCarrier.UserName); + throw new TokenEndpointProtocolException(accessTokenRequest, Protocol.AccessTokenRequestErrorCodes.InvalidGrant, AuthServerStrings.InvalidResourceOwnerPasswordCredential); + } + } catch (NotSupportedException) { + throw new TokenEndpointProtocolException(accessTokenRequest, Protocol.AccessTokenRequestErrorCodes.UnsupportedGrantType); + } catch (NotImplementedException) { + throw new TokenEndpointProtocolException(accessTokenRequest, Protocol.AccessTokenRequestErrorCodes.UnsupportedGrantType); + } + + applied = true; + } else if (clientCredentialOnly != null) { + try { + if (!this.AuthorizationServer.TryAuthorizeClientCredentialsGrant(clientCredentialOnly)) { + Logger.OAuth.ErrorFormat( + "Client credentials grant access request for client \"{0}\" rejected by authorization server host.", + clientCredentialOnly.ClientIdentifier); + throw new TokenEndpointProtocolException(accessTokenRequest, Protocol.AccessTokenRequestErrorCodes.UnauthorizedClient); + } + } catch (NotSupportedException) { + throw new TokenEndpointProtocolException(accessTokenRequest, Protocol.AccessTokenRequestErrorCodes.UnsupportedGrantType); + } catch (NotImplementedException) { + throw new TokenEndpointProtocolException(accessTokenRequest, Protocol.AccessTokenRequestErrorCodes.UnsupportedGrantType); + } + } else { + // Check that authorization requests come with an acceptable callback URI. + var authorizationRequest = message as EndUserAuthorizationRequest; + if (authorizationRequest != null) { + var client = this.AuthorizationServer.GetClientOrThrow(authorizationRequest.ClientIdentifier); + ErrorUtilities.VerifyProtocol(authorizationRequest.Callback == null || client.IsCallbackAllowed(authorizationRequest.Callback), AuthServerStrings.ClientCallbackDisallowed, authorizationRequest.Callback); + ErrorUtilities.VerifyProtocol(authorizationRequest.Callback != null || client.DefaultCallback != null, AuthServerStrings.NoCallback); + applied = true; + } + + // Check that the callback URI in a direct message from the client matches the one in the indirect message received earlier. + var request = message as AccessTokenAuthorizationCodeRequestAS; + if (request != null) { + IAuthorizationCodeCarryingRequest tokenRequest = request; + tokenRequest.AuthorizationDescription.VerifyCallback(request.Callback); + applied = true; + } + + var authCarrier = message as IAuthorizationCarryingRequest; + if (authCarrier != null) { + var accessRequest = authCarrier as AccessTokenRequestBase; + if (accessRequest != null) { + // Make sure the client sending us this token is the client we issued the token to. + AuthServerUtilities.TokenEndpointVerify(string.Equals(accessRequest.ClientIdentifier, authCarrier.AuthorizationDescription.ClientIdentifier, StringComparison.Ordinal), accessTokenRequest, Protocol.AccessTokenRequestErrorCodes.InvalidClient); + + var scopedAccessRequest = accessRequest as ScopedAccessTokenRequest; + if (scopedAccessRequest != null) { + // Make sure the scope the client is requesting does not exceed the scope in the grant. + if (!this.AuthServerChannel.ScopeSatisfiedCheck.IsScopeSatisfied(requiredScope: scopedAccessRequest.Scope, grantedScope: authCarrier.AuthorizationDescription.Scope)) { + Logger.OAuth.ErrorFormat("The requested access scope (\"{0}\") exceeds the grant scope (\"{1}\").", scopedAccessRequest.Scope, authCarrier.AuthorizationDescription.Scope); + throw new TokenEndpointProtocolException(accessTokenRequest, Protocol.AccessTokenRequestErrorCodes.InvalidScope, AuthServerStrings.AccessScopeExceedsGrantScope); + } + } + } + + // Make sure the authorization this token represents hasn't already been revoked. + if (!this.AuthorizationServer.IsAuthorizationValid(authCarrier.AuthorizationDescription)) { + Logger.OAuth.Error("Rejecting access token request because the IAuthorizationServerHost.IsAuthorizationValid method returned false."); + throw new TokenEndpointProtocolException(accessTokenRequest, Protocol.AccessTokenRequestErrorCodes.InvalidGrant); + } + + applied = true; + } + } + + return applied ? (MessageProtections?)MessageProtections.None : null; + } + } +} diff --git a/src/DotNetOpenAuth.OAuth2/OAuth2/ChannelElements/OAuth2AuthorizationServerChannel.cs b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/OAuth2AuthorizationServerChannel.cs index 6717717..7ca4538 100644 --- a/src/DotNetOpenAuth.OAuth2/OAuth2/ChannelElements/OAuth2AuthorizationServerChannel.cs +++ b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/OAuth2AuthorizationServerChannel.cs @@ -11,17 +11,33 @@ namespace DotNetOpenAuth.OAuth2.ChannelElements { using System.Net.Mime; using System.Web; using DotNetOpenAuth.Messaging; + using DotNetOpenAuth.OAuth2.AuthServer.Messages; + using DotNetOpenAuth.OAuth2.Messages; /// <summary> /// The channel for the OAuth protocol. /// </summary> internal class OAuth2AuthorizationServerChannel : OAuth2ChannelBase, IOAuth2ChannelWithAuthorizationServer { /// <summary> + /// The messages receivable by this channel. + /// </summary> + private static readonly Type[] MessageTypes = new Type[] { + typeof(AccessTokenRefreshRequestAS), + typeof(AccessTokenAuthorizationCodeRequestAS), + typeof(AccessTokenResourceOwnerPasswordCredentialsRequest), + typeof(AccessTokenClientCredentialsRequest), + typeof(EndUserAuthorizationRequest), + typeof(EndUserAuthorizationImplicitRequest), + typeof(EndUserAuthorizationFailedResponse), + }; + + /// <summary> /// Initializes a new instance of the <see cref="OAuth2AuthorizationServerChannel"/> class. /// </summary> /// <param name="authorizationServer">The authorization server.</param> - protected internal OAuth2AuthorizationServerChannel(IAuthorizationServer authorizationServer) - : base(InitializeBindingElements(authorizationServer)) { + /// <param name="clientAuthenticationModule">The aggregating client authentication module.</param> + protected internal OAuth2AuthorizationServerChannel(IAuthorizationServerHost authorizationServer, ClientAuthenticationModule clientAuthenticationModule) + : base(MessageTypes, InitializeBindingElements(authorizationServer, clientAuthenticationModule)) { Requires.NotNull(authorizationServer, "authorizationServer"); this.AuthorizationServer = authorizationServer; } @@ -30,7 +46,12 @@ namespace DotNetOpenAuth.OAuth2.ChannelElements { /// Gets the authorization server. /// </summary> /// <value>The authorization server.</value> - public IAuthorizationServer AuthorizationServer { get; private set; } + public IAuthorizationServerHost AuthorizationServer { get; private set; } + + /// <summary> + /// Gets or sets the service that checks whether a granted set of scopes satisfies a required set of scopes. + /// </summary> + public IScopeSatisfiedCheck ScopeSatisfiedCheck { get; set; } /// <summary> /// Gets the protocol message that may be in the given HTTP response. @@ -91,17 +112,19 @@ namespace DotNetOpenAuth.OAuth2.ChannelElements { /// Initializes the binding elements for the OAuth channel. /// </summary> /// <param name="authorizationServer">The authorization server.</param> + /// <param name="clientAuthenticationModule">The aggregating client authentication module.</param> /// <returns> /// An array of binding elements used to initialize the channel. /// </returns> - private static IChannelBindingElement[] InitializeBindingElements(IAuthorizationServer authorizationServer) { + private static IChannelBindingElement[] InitializeBindingElements(IAuthorizationServerHost authorizationServer, ClientAuthenticationModule clientAuthenticationModule) { Requires.NotNull(authorizationServer, "authorizationServer"); + Requires.NotNull(clientAuthenticationModule, "clientAuthenticationModule"); + var bindingElements = new List<IChannelBindingElement>(); - bindingElements.Add(new AuthServerAllFlowsBindingElement()); - bindingElements.Add(new AuthorizationCodeBindingElement()); - bindingElements.Add(new AccessTokenBindingElement()); - bindingElements.Add(new AccessRequestBindingElement()); + // The order they are provided is used for outgoing messgaes, and reversed for incoming messages. + bindingElements.Add(new MessageValidationBindingElement(clientAuthenticationModule)); + bindingElements.Add(new TokenCodeSerializationBindingElement()); return bindingElements.ToArray(); } diff --git a/src/DotNetOpenAuth.OAuth2/OAuth2/ChannelElements/RefreshToken.cs b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/RefreshToken.cs index 993583c..993583c 100644 --- a/src/DotNetOpenAuth.OAuth2/OAuth2/ChannelElements/RefreshToken.cs +++ b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/RefreshToken.cs diff --git a/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/TokenCodeSerializationBindingElement.cs b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/TokenCodeSerializationBindingElement.cs new file mode 100644 index 0000000..494a10b --- /dev/null +++ b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/TokenCodeSerializationBindingElement.cs @@ -0,0 +1,121 @@ +//----------------------------------------------------------------------- +// <copyright file="TokenCodeSerializationBindingElement.cs" company="Outercurve Foundation"> +// Copyright (c) Outercurve Foundation. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- + +namespace DotNetOpenAuth.OAuth2.ChannelElements { + using System; + using System.Collections.Generic; + using System.Diagnostics.CodeAnalysis; + using System.Globalization; + using System.Linq; + using System.Security.Cryptography; + using System.Text; + using DotNetOpenAuth.Messaging; + using DotNetOpenAuth.Messaging.Bindings; + using DotNetOpenAuth.OAuth2.AuthServer.ChannelElements; + using DotNetOpenAuth.OAuth2.Messages; + + /// <summary> + /// Serializes and deserializes authorization codes, refresh tokens and access tokens + /// on incoming and outgoing messages. + /// </summary> + internal class TokenCodeSerializationBindingElement : AuthServerBindingElementBase { + /// <summary> + /// Gets the protection commonly offered (if any) by this binding element. + /// </summary> + /// <value></value> + /// <remarks> + /// This value is used to assist in sorting binding elements in the channel stack. + /// </remarks> + public override MessageProtections Protection { + get { return MessageProtections.None; } + } + + /// <summary> + /// Prepares a message for sending based on the rules of this channel binding element. + /// </summary> + /// <param name="message">The message to prepare for sending.</param> + /// <returns> + /// The protections (if any) that this binding element applied to the message. + /// Null if this binding element did not even apply to this binding element. + /// </returns> + /// <remarks> + /// Implementations that provide message protection must honor the + /// <see cref="MessagePartAttribute.RequiredProtection"/> properties where applicable. + /// </remarks> + public override MessageProtections? ProcessOutgoingMessage(IProtocolMessage message) { + var directResponse = message as IDirectResponseProtocolMessage; + var request = directResponse != null ? directResponse.OriginatingRequest as IAccessTokenRequestInternal : null; + + // Serialize the authorization code, if there is one. + var authCodeCarrier = message as IAuthorizationCodeCarryingRequest; + if (authCodeCarrier != null) { + var codeFormatter = AuthorizationCode.CreateFormatter(this.AuthorizationServer); + var code = authCodeCarrier.AuthorizationDescription; + authCodeCarrier.Code = codeFormatter.Serialize(code); + return MessageProtections.None; + } + + // Serialize the refresh token, if applicable. + var refreshTokenResponse = message as AccessTokenSuccessResponse; + if (refreshTokenResponse != null && refreshTokenResponse.HasRefreshToken) { + var refreshTokenCarrier = (IAuthorizationCarryingRequest)message; + var refreshToken = new RefreshToken(refreshTokenCarrier.AuthorizationDescription); + var refreshTokenFormatter = RefreshToken.CreateFormatter(this.AuthorizationServer.CryptoKeyStore); + refreshTokenResponse.RefreshToken = refreshTokenFormatter.Serialize(refreshToken); + } + + // Serialize the access token, if applicable. + var accessTokenResponse = message as IAccessTokenIssuingResponse; + if (accessTokenResponse != null && accessTokenResponse.AuthorizationDescription != null) { + ErrorUtilities.VerifyInternal(request != null, "We should always have a direct request message for this case."); + accessTokenResponse.AccessToken = accessTokenResponse.AuthorizationDescription.Serialize(); + } + + return null; + } + + /// <summary> + /// Performs any transformation on an incoming message that may be necessary and/or + /// validates an incoming message based on the rules of this channel binding element. + /// </summary> + /// <param name="message">The incoming message to process.</param> + /// <returns> + /// The protections (if any) that this binding element applied to the message. + /// Null if this binding element did not even apply to this binding element. + /// </returns> + /// <exception cref="ProtocolException"> + /// Thrown when the binding element rules indicate that this message is invalid and should + /// NOT be processed. + /// </exception> + /// <remarks> + /// Implementations that provide message protection must honor the + /// <see cref="MessagePartAttribute.RequiredProtection"/> properties where applicable. + /// </remarks> + [SuppressMessage("Microsoft.Naming", "CA2204:Literals should be spelled correctly", MessageId = "unauthorizedclient", Justification = "Protocol requirement")] + [SuppressMessage("Microsoft.Naming", "CA2204:Literals should be spelled correctly", MessageId = "incorrectclientcredentials", Justification = "Protocol requirement")] + [SuppressMessage("Microsoft.Naming", "CA2204:Literals should be spelled correctly", MessageId = "authorizationexpired", Justification = "Protocol requirement")] + [SuppressMessage("Microsoft.Globalization", "CA1303:Do not pass literals as localized parameters", MessageId = "DotNetOpenAuth.Messaging.ErrorUtilities.VerifyProtocol(System.Boolean,System.String,System.Object[])", Justification = "Protocol requirement")] + public override MessageProtections? ProcessIncomingMessage(IProtocolMessage message) { + var authCodeCarrier = message as IAuthorizationCodeCarryingRequest; + if (authCodeCarrier != null) { + var authorizationCodeFormatter = AuthorizationCode.CreateFormatter(this.AuthorizationServer); + var authorizationCode = new AuthorizationCode(); + authorizationCodeFormatter.Deserialize(authorizationCode, message, authCodeCarrier.Code, Protocol.code); + authCodeCarrier.AuthorizationDescription = authorizationCode; + } + + var refreshTokenCarrier = message as IRefreshTokenCarryingRequest; + if (refreshTokenCarrier != null) { + var refreshTokenFormatter = RefreshToken.CreateFormatter(this.AuthorizationServer.CryptoKeyStore); + var refreshToken = new RefreshToken(); + refreshTokenFormatter.Deserialize(refreshToken, message, refreshTokenCarrier.RefreshToken, Protocol.refresh_token); + refreshTokenCarrier.AuthorizationDescription = refreshToken; + } + + return null; + } + } +} diff --git a/src/DotNetOpenAuth.OAuth2/OAuth2/ClientDescription.cs b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ClientDescription.cs index 76c3ea6..3384183 100644 --- a/src/DotNetOpenAuth.OAuth2/OAuth2/ClientDescription.cs +++ b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ClientDescription.cs @@ -9,15 +9,16 @@ namespace DotNetOpenAuth.OAuth2 { using System.Collections.Generic; using System.Linq; using System.Text; + using DotNetOpenAuth.Messaging; /// <summary> /// A default implementation of the <see cref="IClientDescription"/> interface. /// </summary> public class ClientDescription : IClientDescription { /// <summary> - /// A delegate that determines whether the callback is allowed. + /// The client's secret, if any. /// </summary> - private readonly Func<Uri, bool> isCallbackAllowed; + private readonly string secret; /// <summary> /// Initializes a new instance of the <see cref="ClientDescription"/> class. @@ -25,18 +26,13 @@ namespace DotNetOpenAuth.OAuth2 { /// <param name="secret">The secret.</param> /// <param name="defaultCallback">The default callback.</param> /// <param name="clientType">Type of the client.</param> - /// <param name="isCallbackAllowed">A delegate that determines whether the callback is allowed.</param> - public ClientDescription(string secret, Uri defaultCallback, ClientType clientType, Func<Uri, bool> isCallbackAllowed = null) { - this.Secret = secret; + public ClientDescription(string secret, Uri defaultCallback, ClientType clientType) { + this.secret = secret; this.DefaultCallback = defaultCallback; this.ClientType = clientType; - this.isCallbackAllowed = isCallbackAllowed; } - /// <summary> - /// Gets the client secret. - /// </summary> - public string Secret { get; private set; } + #region IClientDescription Members /// <summary> /// Gets the callback to use when an individual authorization request @@ -53,19 +49,42 @@ namespace DotNetOpenAuth.OAuth2 { public ClientType ClientType { get; private set; } /// <summary> + /// Gets a value indicating whether a non-empty secret is registered for this client. + /// </summary> + public virtual bool HasNonEmptySecret { + get { return !string.IsNullOrEmpty(this.secret); } + } + + /// <summary> /// Determines whether a callback URI included in a client's authorization request /// is among those allowed callbacks for the registered client. /// </summary> - /// <param name="callback">The absolute URI the client has requested the authorization result be received at.</param> + /// <param name="callback">The absolute URI the client has requested the authorization result be received at. Never null.</param> /// <returns> /// <c>true</c> if the callback URL is allowable for this client; otherwise, <c>false</c>. /// </returns> - public bool IsCallbackAllowed(Uri callback) { - if (this.isCallbackAllowed != null) { - return this.isCallbackAllowed(callback); - } - + /// <remarks> + /// This method may be overridden to allow for several callbacks to match. + /// </remarks> + public virtual bool IsCallbackAllowed(Uri callback) { return EqualityComparer<Uri>.Default.Equals(this.DefaultCallback, callback); } + + /// <summary> + /// Checks whether the specified client secret is correct. + /// </summary> + /// <param name="secret">The secret obtained from the client.</param> + /// <returns><c>true</c> if the secret matches the one in the authorization server's record for the client; <c>false</c> otherwise.</returns> + /// <remarks> + /// All string equality checks, whether checking secrets or their hashes, + /// should be done using <see cref="MessagingUtilities.EqualsConstantTime"/> to mitigate timing attacks. + /// </remarks> + public virtual bool IsValidClientSecret(string secret) { + Requires.NotNullOrEmpty(secret, "secret"); + + return MessagingUtilities.EqualsConstantTime(secret, this.secret); + } + + #endregion } } diff --git a/src/DotNetOpenAuth.OAuth2/OAuth2/IAuthorizationServer.cs b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/IAuthorizationServerHost.cs index a0a2ad9..b75cb29 100644 --- a/src/DotNetOpenAuth.OAuth2/OAuth2/IAuthorizationServer.cs +++ b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/IAuthorizationServerHost.cs @@ -1,5 +1,5 @@ //----------------------------------------------------------------------- -// <copyright file="IAuthorizationServer.cs" company="Outercurve Foundation"> +// <copyright file="IAuthorizationServerHost.cs" company="Outercurve Foundation"> // Copyright (c) Outercurve Foundation. All rights reserved. // </copyright> //----------------------------------------------------------------------- @@ -19,8 +19,8 @@ namespace DotNetOpenAuth.OAuth2 { /// <summary> /// Provides host-specific authorization server services needed by this library. /// </summary> - [ContractClass(typeof(IAuthorizationServerContract))] - public interface IAuthorizationServer { + [ContractClass(typeof(IAuthorizationServerHostContract))] + public interface IAuthorizationServerHost { /// <summary> /// Gets the store for storing crypto keys used to symmetrically encrypt and sign authorization codes and refresh tokens. /// </summary> @@ -35,52 +35,18 @@ namespace DotNetOpenAuth.OAuth2 { /// Gets the authorization code nonce store to use to ensure that authorization codes can only be used once. /// </summary> /// <value>The authorization code nonce store.</value> - INonceStore VerificationCodeNonceStore { get; } + INonceStore NonceStore { get; } /// <summary> - /// Gets the crypto service provider with the asymmetric private key to use for signing access tokens. + /// Acquires the access token and related parameters that go into the formulation of the token endpoint's response to a client. /// </summary> - /// <returns>A crypto service provider instance that contains the private key.</returns> - /// <value>Must not be null, and must contain the private key.</value> - /// <remarks> - /// The public key in the private/public key pair will be used by the resource - /// servers to validate that the access token is minted by a trusted authorization server. - /// </remarks> - RSACryptoServiceProvider AccessTokenSigningKey { get; } - - /// <summary> - /// Obtains the lifetime for a new access token. - /// </summary> - /// <param name="accessTokenRequestMessage"> - /// Details regarding the resources that the access token will grant access to, and the identity of the client - /// that will receive that access. - /// Based on this information the receiving resource server can be determined and the lifetime of the access - /// token can be set based on the sensitivity of the resources. - /// </param> - /// <returns> - /// Receives the lifetime for this access token. Note that within this lifetime, authorization <i>may</i> not be revokable. - /// Short lifetimes are recommended (i.e. one hour), particularly when the client is not authenticated or - /// the resources to which access is being granted are sensitive. - /// </returns> - TimeSpan GetAccessTokenLifetime(IAccessTokenRequest accessTokenRequestMessage); - - /// <summary> - /// Obtains the encryption key for an access token being created. - /// </summary> - /// <param name="accessTokenRequestMessage"> - /// Details regarding the resources that the access token will grant access to, and the identity of the client + /// <param name="accessTokenRequestMessage">Details regarding the resources that the access token will grant access to, and the identity of the client /// that will receive that access. /// Based on this information the receiving resource server can be determined and the lifetime of the access /// token can be set based on the sensitivity of the resources. /// </param> - /// <returns> - /// The crypto service provider with the asymmetric public key to use for encrypting access tokens for a specific resource server. - /// The caller is responsible to dispose of this value. - /// </returns> - /// <remarks> - /// The caller is responsible to dispose of the returned value. - /// </remarks> - RSACryptoServiceProvider GetResourceServerEncryptionKey(IAccessTokenRequest accessTokenRequestMessage); + /// <returns>A non-null parameters instance that DotNetOpenAuth will dispose after it has been used.</returns> + AccessTokenResult CreateAccessToken(IAccessTokenRequest accessTokenRequestMessage); /// <summary> /// Gets the client with a given identifier. @@ -115,32 +81,61 @@ namespace DotNetOpenAuth.OAuth2 { bool IsAuthorizationValid(IAuthorizationDescription authorization); /// <summary> - /// Determines whether a given set of resource owner credentials is valid based on the authorization server's user database. + /// Determines whether a given set of resource owner credentials is valid based on the authorization server's user database + /// and if so records an authorization entry such that subsequent calls to <see cref="IsAuthorizationValid"/> would + /// return <c>true</c>. /// </summary> /// <param name="userName">Username on the account.</param> /// <param name="password">The user's password.</param> + /// <param name="accessRequest"> + /// The access request the credentials came with. + /// This may be useful if the authorization server wishes to apply some policy based on the client that is making the request. + /// </param> + /// <param name="canonicalUserName"> + /// Receives the canonical username (normalized for the resource server) of the user, for valid credentials; + /// Or <c>null</c> if the return value is false. + /// </param> + /// <returns> + /// <c>true</c> if the given credentials are valid and the authorization granted; otherwise, <c>false</c>. + /// </returns> + /// <exception cref="NotSupportedException"> + /// May be thrown if the authorization server does not support the resource owner password credential grant type. + /// </exception> + bool TryAuthorizeResourceOwnerCredentialGrant(string userName, string password, IAccessTokenRequest accessRequest, out string canonicalUserName); + + /// <summary> + /// Determines whether an access token request given a client credential grant should be authorized + /// and if so records an authorization entry such that subsequent calls to <see cref="IsAuthorizationValid"/> would + /// return <c>true</c>. + /// </summary> + /// <param name="accessRequest"> + /// The access request the credentials came with. + /// This may be useful if the authorization server wishes to apply some policy based on the client that is making the request. + /// </param> /// <returns> - /// <c>true</c> if the given credentials are valid; otherwise, <c>false</c>. + /// <c>true</c> if the given credentials are valid and the authorization granted; otherwise, <c>false</c>. /// </returns> - /// <exception cref="NotSupportedException">May be thrown if the authorization server does not support the resource owner password credential grant type.</exception> - bool IsResourceOwnerCredentialValid(string userName, string password); + /// <exception cref="NotSupportedException"> + /// May be thrown if the authorization server does not support the client credential grant type. + /// </exception> + bool TryAuthorizeClientCredentialsGrant(IAccessTokenRequest accessRequest); } /// <summary> - /// Code Contract for the <see cref="IAuthorizationServer"/> interface. + /// Code Contract for the <see cref="IAuthorizationServerHost"/> interface. /// </summary> - [ContractClassFor(typeof(IAuthorizationServer))] - internal abstract class IAuthorizationServerContract : IAuthorizationServer { + [ContractClassFor(typeof(IAuthorizationServerHost))] + internal abstract class IAuthorizationServerHostContract : IAuthorizationServerHost { /// <summary> - /// Prevents a default instance of the <see cref="IAuthorizationServerContract"/> class from being created. + /// Prevents a default instance of the <see cref="IAuthorizationServerHostContract"/> class from being created. /// </summary> - private IAuthorizationServerContract() { + private IAuthorizationServerHostContract() { } /// <summary> /// Gets the store for storeing crypto keys used to symmetrically encrypt and sign authorization codes and refresh tokens. /// </summary> - ICryptoKeyStore IAuthorizationServer.CryptoKeyStore { + ICryptoKeyStore IAuthorizationServerHost.CryptoKeyStore { get { Contract.Ensures(Contract.Result<ICryptoKeyStore>() != null); throw new NotImplementedException(); @@ -151,7 +146,7 @@ namespace DotNetOpenAuth.OAuth2 { /// Gets the authorization code nonce store to use to ensure that authorization codes can only be used once. /// </summary> /// <value>The authorization code nonce store.</value> - INonceStore IAuthorizationServer.VerificationCodeNonceStore { + INonceStore IAuthorizationServerHost.NonceStore { get { Contract.Ensures(Contract.Result<INonceStore>() != null); throw new NotImplementedException(); @@ -159,61 +154,12 @@ namespace DotNetOpenAuth.OAuth2 { } /// <summary> - /// Gets the crypto service provider with the asymmetric private key to use for signing access tokens. - /// </summary> - /// <value> - /// Must not be null, and must contain the private key. - /// </value> - /// <returns>A crypto service provider instance that contains the private key.</returns> - RSACryptoServiceProvider IAuthorizationServer.AccessTokenSigningKey { - get { - Contract.Ensures(Contract.Result<RSACryptoServiceProvider>() != null); - Contract.Ensures(!Contract.Result<RSACryptoServiceProvider>().PublicOnly); - throw new NotImplementedException(); - } - } - - /// <summary> - /// Obtains the lifetime for a new access token. - /// </summary> - /// <param name="accessTokenRequestMessage">Details regarding the resources that the access token will grant access to, and the identity of the client - /// that will receive that access. - /// Based on this information the receiving resource server can be determined and the lifetime of the access - /// token can be set based on the sensitivity of the resources.</param> - /// <returns> - /// Receives the lifetime for this access token. Note that within this lifetime, authorization <i>may</i> not be revokable. - /// Short lifetimes are recommended (i.e. one hour), particularly when the client is not authenticated or - /// the resources to which access is being granted are sensitive. - /// </returns> - TimeSpan IAuthorizationServer.GetAccessTokenLifetime(IAccessTokenRequest accessTokenRequestMessage) { - Requires.NotNull(accessTokenRequestMessage, "accessTokenRequestMessage"); - throw new NotImplementedException(); - } - - /// <summary> - /// Obtains the encryption key for an access token being created. - /// </summary> - /// <param name="accessTokenRequestMessage">Details regarding the resources that the access token will grant access to, and the identity of the client - /// that will receive that access. - /// Based on this information the receiving resource server can be determined and the lifetime of the access - /// token can be set based on the sensitivity of the resources.</param> - /// <returns> - /// The crypto service provider with the asymmetric public key to use for encrypting access tokens for a specific resource server. - /// The caller is responsible to dispose of this value. - /// </returns> - RSACryptoServiceProvider IAuthorizationServer.GetResourceServerEncryptionKey(IAccessTokenRequest accessTokenRequestMessage) { - Requires.NotNull(accessTokenRequestMessage, "accessTokenRequestMessage"); - Contract.Ensures(Contract.Result<RSACryptoServiceProvider>() != null); - throw new NotImplementedException(); - } - - /// <summary> /// Gets the client with a given identifier. /// </summary> /// <param name="clientIdentifier">The client identifier.</param> /// <returns>The client registration. Never null.</returns> /// <exception cref="ArgumentException">Thrown when no client with the given identifier is registered with this authorization server.</exception> - IClientDescription IAuthorizationServer.GetClient(string clientIdentifier) { + IClientDescription IAuthorizationServerHost.GetClient(string clientIdentifier) { Requires.NotNullOrEmpty(clientIdentifier, "clientIdentifier"); Contract.Ensures(Contract.Result<IClientDescription>() != null); throw new NotImplementedException(); @@ -241,23 +187,72 @@ namespace DotNetOpenAuth.OAuth2 { /// security in the event the user was revoking access in order to sever authorization on a stolen /// account or piece of hardware in which the tokens were stored. </para> /// </remarks> - bool IAuthorizationServer.IsAuthorizationValid(IAuthorizationDescription authorization) { + bool IAuthorizationServerHost.IsAuthorizationValid(IAuthorizationDescription authorization) { Requires.NotNull(authorization, "authorization"); throw new NotImplementedException(); } /// <summary> - /// Determines whether a given set of resource owner credentials is valid based on the authorization server's user database. + /// Determines whether a given set of resource owner credentials is valid based on the authorization server's user database + /// and if so records an authorization entry such that subsequent calls to <see cref="IAuthorizationServerHost.IsAuthorizationValid"/> would + /// return <c>true</c>. /// </summary> /// <param name="userName">Username on the account.</param> /// <param name="password">The user's password.</param> + /// <param name="accessRequest"> + /// The access request the credentials came with. + /// This may be useful if the authorization server wishes to apply some policy based on the client that is making the request. + /// </param> + /// <param name="canonicalUserName"> + /// Receives the canonical username (normalized for the resource server) of the user, for valid credentials; + /// Or <c>null</c> if the return value is false. + /// </param> /// <returns> - /// <c>true</c> if the given credentials are valid; otherwise, <c>false</c>. + /// <c>true</c> if the given credentials are valid and the authorization granted; otherwise, <c>false</c>. /// </returns> - /// <exception cref="NotSupportedException">May be thrown if the authorization server does not support the resource owner password credential grant type.</exception> - bool IAuthorizationServer.IsResourceOwnerCredentialValid(string userName, string password) { + /// <exception cref="NotSupportedException"> + /// May be thrown if the authorization server does not support the resource owner password credential grant type. + /// </exception> + bool IAuthorizationServerHost.TryAuthorizeResourceOwnerCredentialGrant(string userName, string password, IAccessTokenRequest accessRequest, out string canonicalUserName) { Contract.Requires(!string.IsNullOrEmpty(userName)); Contract.Requires(password != null); + Contract.Requires(accessRequest != null); + Contract.Ensures(!Contract.Result<bool>() || !string.IsNullOrEmpty(Contract.ValueAtReturn<string>(out canonicalUserName))); + throw new NotImplementedException(); + } + + /// <summary> + /// Determines whether an access token request given a client credential grant should be authorized + /// and if so records an authorization entry such that subsequent calls to <see cref="IAuthorizationServerHost.IsAuthorizationValid"/> would + /// return <c>true</c>. + /// </summary> + /// <param name="accessRequest"> + /// The access request the credentials came with. + /// This may be useful if the authorization server wishes to apply some policy based on the client that is making the request. + /// </param> + /// <returns> + /// <c>true</c> if the given credentials are valid and the authorization granted; otherwise, <c>false</c>. + /// </returns> + /// <exception cref="NotSupportedException"> + /// May be thrown if the authorization server does not support the client credential grant type. + /// </exception> + bool IAuthorizationServerHost.TryAuthorizeClientCredentialsGrant(IAccessTokenRequest accessRequest) { + throw new NotImplementedException(); + } + + /// <summary> + /// Obtains parameters to go into the formulation of an access token. + /// </summary> + /// <param name="accessTokenRequestMessage">Details regarding the resources that the access token will grant access to, and the identity of the client + /// that will receive that access. + /// Based on this information the receiving resource server can be determined and the lifetime of the access + /// token can be set based on the sensitivity of the resources.</param> + /// <returns> + /// A non-null parameters instance that DotNetOpenAuth will dispose after it has been used. + /// </returns> + AccessTokenResult IAuthorizationServerHost.CreateAccessToken(IAccessTokenRequest accessTokenRequestMessage) { + Contract.Requires(accessTokenRequestMessage != null); + Contract.Ensures(Contract.Result<AccessTokenResult>() != null); throw new NotImplementedException(); } } diff --git a/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/Messages/AccessTokenAuthorizationCodeRequestAS.cs b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/Messages/AccessTokenAuthorizationCodeRequestAS.cs new file mode 100644 index 0000000..ca14d0e --- /dev/null +++ b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/Messages/AccessTokenAuthorizationCodeRequestAS.cs @@ -0,0 +1,53 @@ +//----------------------------------------------------------------------- +// <copyright file="AccessTokenAuthorizationCodeRequestAS.cs" company="Andrew Arnott"> +// Copyright (c) Andrew Arnott. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- + +namespace DotNetOpenAuth.OAuth2.Messages { + using System; + using System.Collections.Generic; + using System.Linq; + using System.Text; + using DotNetOpenAuth.OAuth2.ChannelElements; + + /// <summary> + /// A request from a Client to an Authorization Server to exchange an authorization code for an access token, + /// and (at the authorization server's option) a refresh token. + /// </summary> + internal class AccessTokenAuthorizationCodeRequestAS : AccessTokenAuthorizationCodeRequest, IAuthorizationCodeCarryingRequest { + /// <summary> + /// Initializes a new instance of the <see cref="AccessTokenAuthorizationCodeRequestAS"/> class. + /// </summary> + /// <param name="tokenEndpoint">The Authorization Server's access token endpoint URL.</param> + /// <param name="version">The version.</param> + internal AccessTokenAuthorizationCodeRequestAS(Uri tokenEndpoint, Version version) + : base(tokenEndpoint, version) { + } + + #region IAuthorizationCodeCarryingRequest Members + + /// <summary> + /// Gets or sets the verification code or refresh/access token. + /// </summary> + /// <value>The code or token.</value> + string IAuthorizationCodeCarryingRequest.Code { + get { return this.AuthorizationCode; } + set { this.AuthorizationCode = value; } + } + + /// <summary> + /// Gets or sets the authorization that the token describes. + /// </summary> + AuthorizationCode IAuthorizationCodeCarryingRequest.AuthorizationDescription { get; set; } + + /// <summary> + /// Gets the authorization that the code describes. + /// </summary> + IAuthorizationDescription IAuthorizationCarryingRequest.AuthorizationDescription { + get { return ((IAuthorizationCodeCarryingRequest)this).AuthorizationDescription; } + } + + #endregion + } +} diff --git a/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/Messages/AccessTokenRefreshRequestAS.cs b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/Messages/AccessTokenRefreshRequestAS.cs new file mode 100644 index 0000000..d9ca4c8 --- /dev/null +++ b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/Messages/AccessTokenRefreshRequestAS.cs @@ -0,0 +1,55 @@ +//----------------------------------------------------------------------- +// <copyright file="AccessTokenRefreshRequestAS.cs" company="Andrew Arnott"> +// Copyright (c) Andrew Arnott. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- + +namespace DotNetOpenAuth.OAuth2.AuthServer.Messages { + using System; + using System.Collections.Generic; + using System.Linq; + using System.Text; + using DotNetOpenAuth.OAuth2.AuthServer.ChannelElements; + using DotNetOpenAuth.OAuth2.ChannelElements; + using DotNetOpenAuth.OAuth2.Messages; + + /// <summary> + /// A request from the client to the token endpoint for a new access token + /// in exchange for a refresh token that the client has previously obtained. + /// </summary> + internal class AccessTokenRefreshRequestAS : AccessTokenRefreshRequest, IRefreshTokenCarryingRequest { + /// <summary> + /// Initializes a new instance of the <see cref="AccessTokenRefreshRequestAS"/> class. + /// </summary> + /// <param name="tokenEndpoint">The token endpoint.</param> + /// <param name="version">The version.</param> + internal AccessTokenRefreshRequestAS(Uri tokenEndpoint, Version version) + : base(tokenEndpoint, version) { + } + + #region IRefreshTokenCarryingRequest members + + /// <summary> + /// Gets or sets the verification code or refresh/access token. + /// </summary> + /// <value>The code or token.</value> + string IRefreshTokenCarryingRequest.RefreshToken { + get { return this.RefreshToken; } + set { this.RefreshToken = value; } + } + + /// <summary> + /// Gets or sets the authorization that the token describes. + /// </summary> + RefreshToken IRefreshTokenCarryingRequest.AuthorizationDescription { get; set; } + + /// <summary> + /// Gets the authorization that the token describes. + /// </summary> + IAuthorizationDescription IAuthorizationCarryingRequest.AuthorizationDescription { + get { return ((IRefreshTokenCarryingRequest)this).AuthorizationDescription; } + } + + #endregion + } +} diff --git a/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/Messages/EndUserAuthorizationSuccessAuthCodeResponseAS.cs b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/Messages/EndUserAuthorizationSuccessAuthCodeResponseAS.cs new file mode 100644 index 0000000..25f5dc8 --- /dev/null +++ b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/Messages/EndUserAuthorizationSuccessAuthCodeResponseAS.cs @@ -0,0 +1,67 @@ +//----------------------------------------------------------------------- +// <copyright file="EndUserAuthorizationSuccessAuthCodeResponseAS.cs" company="Andrew Arnott"> +// Copyright (c) Andrew Arnott. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- + +namespace DotNetOpenAuth.OAuth2.Messages { + using System; + using System.Collections.Generic; + using System.Linq; + using System.Text; + using DotNetOpenAuth.OAuth2.ChannelElements; + + /// <summary> + /// The message sent by the Authorization Server to the Client via the user agent + /// to indicate that user authorization was granted, carrying an authorization code and possibly an access token, + /// and to return the user to the Client where they started their experience. + /// </summary> + internal class EndUserAuthorizationSuccessAuthCodeResponseAS : EndUserAuthorizationSuccessAuthCodeResponse, IAuthorizationCodeCarryingRequest { + /// <summary> + /// Initializes a new instance of the <see cref="EndUserAuthorizationSuccessAuthCodeResponseAS"/> class. + /// </summary> + /// <param name="clientCallback">The URL to redirect to so the client receives the message. This may not be built into the request message if the client pre-registered the URL with the authorization server.</param> + /// <param name="version">The protocol version.</param> + internal EndUserAuthorizationSuccessAuthCodeResponseAS(Uri clientCallback, Version version) + : base(clientCallback, version) { + Requires.NotNull(version, "version"); + Requires.NotNull(clientCallback, "clientCallback"); + } + + /// <summary> + /// Initializes a new instance of the <see cref="EndUserAuthorizationSuccessAuthCodeResponseAS"/> class. + /// </summary> + /// <param name="clientCallback">The URL to redirect to so the client receives the message. This may not be built into the request message if the client pre-registered the URL with the authorization server.</param> + /// <param name="request">The authorization request from the user agent on behalf of the client.</param> + internal EndUserAuthorizationSuccessAuthCodeResponseAS(Uri clientCallback, EndUserAuthorizationRequest request) + : base(clientCallback, request) { + Requires.NotNull(clientCallback, "clientCallback"); + Requires.NotNull(request, "request"); + ((IMessageWithClientState)this).ClientState = request.ClientState; + } + + #region IAuthorizationCodeCarryingRequest Members + + /// <summary> + /// Gets or sets the authorization code. + /// </summary> + string IAuthorizationCodeCarryingRequest.Code { + get { return this.AuthorizationCode; } + set { this.AuthorizationCode = value; } + } + + /// <summary> + /// Gets or sets the authorization that the token describes. + /// </summary> + AuthorizationCode IAuthorizationCodeCarryingRequest.AuthorizationDescription { get; set; } + + /// <summary> + /// Gets the authorization that the code describes. + /// </summary> + IAuthorizationDescription IAuthorizationCarryingRequest.AuthorizationDescription { + get { return ((IAuthorizationCodeCarryingRequest)this).AuthorizationDescription; } + } + + #endregion + } +} diff --git a/src/DotNetOpenAuth.OAuth2/OAuth2/ChannelElements/IAuthorizationCodeCarryingRequest.cs b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/Messages/IAuthorizationCodeCarryingRequest.cs index 045cb80..045cb80 100644 --- a/src/DotNetOpenAuth.OAuth2/OAuth2/ChannelElements/IAuthorizationCodeCarryingRequest.cs +++ b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/Messages/IAuthorizationCodeCarryingRequest.cs diff --git a/src/DotNetOpenAuth.OAuth2/OAuth2/ChannelElements/IRefreshTokenCarryingRequest.cs b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/Messages/IRefreshTokenCarryingRequest.cs index ce27538..9e6fc3c 100644 --- a/src/DotNetOpenAuth.OAuth2/OAuth2/ChannelElements/IRefreshTokenCarryingRequest.cs +++ b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/Messages/IRefreshTokenCarryingRequest.cs @@ -4,7 +4,9 @@ // </copyright> //----------------------------------------------------------------------- -namespace DotNetOpenAuth.OAuth2.ChannelElements { +namespace DotNetOpenAuth.OAuth2.AuthServer.ChannelElements { + using DotNetOpenAuth.OAuth2.ChannelElements; + /// <summary> /// A message that carries a refresh token between client and authorization server. /// </summary> diff --git a/src/DotNetOpenAuth.OAuth2.Client/Configuration/OAuth2ClientSection.cs b/src/DotNetOpenAuth.OAuth2.Client/Configuration/OAuth2ClientSection.cs new file mode 100644 index 0000000..1ee5aa5 --- /dev/null +++ b/src/DotNetOpenAuth.OAuth2.Client/Configuration/OAuth2ClientSection.cs @@ -0,0 +1,36 @@ +//----------------------------------------------------------------------- +// <copyright file="OAuth2ClientSection.cs" company="Outercurve Foundation"> +// Copyright (c) Outercurve Foundation. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- + +namespace DotNetOpenAuth.Configuration { + using System.Configuration; + using System.Diagnostics.Contracts; + + /// <summary> + /// Represents the <oauth2/client> section in the host's .config file. + /// </summary> + internal class OAuth2ClientSection : ConfigurationSection { + /// <summary> + /// The name of the oauth2/client section. + /// </summary> + private const string SectionName = OAuth2SectionGroup.SectionName + "/client"; + + /// <summary> + /// Initializes a new instance of the <see cref="OAuth2ClientSection"/> class. + /// </summary> + internal OAuth2ClientSection() { + } + + /// <summary> + /// Gets the configuration section from the .config file. + /// </summary> + internal static OAuth2ClientSection Configuration { + get { + Contract.Ensures(Contract.Result<OAuth2ClientSection>() != null); + return (OAuth2ClientSection)ConfigurationManager.GetSection(SectionName) ?? new OAuth2ClientSection(); + } + } + } +} diff --git a/src/DotNetOpenAuth.OAuth2.Client/DotNetOpenAuth.OAuth2.Client.csproj b/src/DotNetOpenAuth.OAuth2.Client/DotNetOpenAuth.OAuth2.Client.csproj index 3625e54..e72ee1a 100644 --- a/src/DotNetOpenAuth.OAuth2.Client/DotNetOpenAuth.OAuth2.Client.csproj +++ b/src/DotNetOpenAuth.OAuth2.Client/DotNetOpenAuth.OAuth2.Client.csproj @@ -18,6 +18,18 @@ <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Release|AnyCPU' "> </PropertyGroup> <ItemGroup> + <Compile Include="Configuration\OAuth2ClientSection.cs" /> + <Compile Include="OAuth2\AuthorizationServerDescription.cs" /> + <Compile Include="OAuth2\AuthorizationState.cs" /> + <Compile Include="OAuth2\ChannelElements\IOAuth2ChannelWithClient.cs" /> + <Compile Include="OAuth2\ChannelElements\OAuth2ClientChannel.cs" /> + <Compile Include="OAuth2\ClientCredentialApplicator.cs" /> + <Compile Include="OAuth2\IAuthorizationState.cs" /> + <Compile Include="OAuth2\IClientAuthorizationTracker.cs" /> + <Compile Include="OAuth2\Messages\AccessTokenAuthorizationCodeRequestC.cs" /> + <Compile Include="OAuth2\Messages\AccessTokenRefreshRequestC.cs" /> + <Compile Include="OAuth2\Messages\EndUserAuthorizationImplicitRequestC.cs" /> + <Compile Include="OAuth2\Messages\EndUserAuthorizationRequestC.cs" /> <Compile Include="OAuth2\ClientStrings.Designer.cs"> <AutoGen>True</AutoGen> <DesignTime>True</DesignTime> @@ -33,6 +45,10 @@ <Project>{60426312-6AE5-4835-8667-37EDEA670222}</Project> <Name>DotNetOpenAuth.Core</Name> </ProjectReference> + <ProjectReference Include="..\DotNetOpenAuth.OAuth2.ClientAuthorization\DotNetOpenAuth.OAuth2.ClientAuthorization.csproj"> + <Project>{CCF3728A-B3D7-404A-9BC6-75197135F2D7}</Project> + <Name>DotNetOpenAuth.OAuth2.ClientAuthorization</Name> + </ProjectReference> <ProjectReference Include="..\DotNetOpenAuth.OAuth2\DotNetOpenAuth.OAuth2.csproj"> <Project>{56459A6C-6BA2-4BAC-A9C0-27E3BD961FA6}</Project> <Name>DotNetOpenAuth.OAuth2</Name> diff --git a/src/DotNetOpenAuth.OAuth2/OAuth2/AuthorizationServerDescription.cs b/src/DotNetOpenAuth.OAuth2.Client/OAuth2/AuthorizationServerDescription.cs index 38a9ff9..38a9ff9 100644 --- a/src/DotNetOpenAuth.OAuth2/OAuth2/AuthorizationServerDescription.cs +++ b/src/DotNetOpenAuth.OAuth2.Client/OAuth2/AuthorizationServerDescription.cs diff --git a/src/DotNetOpenAuth.OAuth2/OAuth2/AuthorizationState.cs b/src/DotNetOpenAuth.OAuth2.Client/OAuth2/AuthorizationState.cs index 4117b3c..4117b3c 100644 --- a/src/DotNetOpenAuth.OAuth2/OAuth2/AuthorizationState.cs +++ b/src/DotNetOpenAuth.OAuth2.Client/OAuth2/AuthorizationState.cs diff --git a/src/DotNetOpenAuth.OAuth2.Client/OAuth2/ChannelElements/IOAuth2ChannelWithClient.cs b/src/DotNetOpenAuth.OAuth2.Client/OAuth2/ChannelElements/IOAuth2ChannelWithClient.cs new file mode 100644 index 0000000..c802be6 --- /dev/null +++ b/src/DotNetOpenAuth.OAuth2.Client/OAuth2/ChannelElements/IOAuth2ChannelWithClient.cs @@ -0,0 +1,27 @@ +//----------------------------------------------------------------------- +// <copyright file="IOAuth2ChannelWithClient.cs" company="Andrew Arnott"> +// Copyright (c) Andrew Arnott. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- + +namespace DotNetOpenAuth.OAuth2.ChannelElements { + using System; + using System.Collections.Generic; + using System.Linq; + using System.Text; + + /// <summary> + /// An interface that defines the OAuth2 client specific channel additions. + /// </summary> + internal interface IOAuth2ChannelWithClient { + /// <summary> + /// Gets or sets the identifier by which this client is known to the Authorization Server. + /// </summary> + string ClientIdentifier { get; set; } + + /// <summary> + /// Gets or sets the client credentials applicator extension to use. + /// </summary> + ClientCredentialApplicator ClientCredentialApplicator { get; set; } + } +} diff --git a/src/DotNetOpenAuth.OAuth2/OAuth2/ChannelElements/OAuth2ClientChannel.cs b/src/DotNetOpenAuth.OAuth2.Client/OAuth2/ChannelElements/OAuth2ClientChannel.cs index c9981d3..8ad2ed9 100644 --- a/src/DotNetOpenAuth.OAuth2/OAuth2/ChannelElements/OAuth2ClientChannel.cs +++ b/src/DotNetOpenAuth.OAuth2.Client/OAuth2/ChannelElements/OAuth2ClientChannel.cs @@ -13,18 +13,43 @@ namespace DotNetOpenAuth.OAuth2.ChannelElements { using System.Web; using DotNetOpenAuth.Messaging; + using DotNetOpenAuth.OAuth2.Messages; /// <summary> /// The messaging channel used by OAuth 2.0 Clients. /// </summary> - internal class OAuth2ClientChannel : OAuth2ChannelBase { + internal class OAuth2ClientChannel : OAuth2ChannelBase, IOAuth2ChannelWithClient { + /// <summary> + /// The messages receivable by this channel. + /// </summary> + private static readonly Type[] MessageTypes = new Type[] { + typeof(AccessTokenSuccessResponse), + typeof(AccessTokenFailedResponse), + typeof(EndUserAuthorizationSuccessAuthCodeResponse), + typeof(EndUserAuthorizationSuccessAccessTokenResponse), + typeof(EndUserAuthorizationFailedResponse), + typeof(UnauthorizedResponse), + }; + /// <summary> /// Initializes a new instance of the <see cref="OAuth2ClientChannel"/> class. /// </summary> - internal OAuth2ClientChannel() { + internal OAuth2ClientChannel() + : base(MessageTypes) { } /// <summary> + /// Gets or sets the identifier by which this client is known to the Authorization Server. + /// </summary> + public string ClientIdentifier { get; set; } + + /// <summary> + /// Gets or sets the tool to use to apply client credentials to authenticated requests to the Authorization Server. + /// </summary> + /// <value>May be <c>null</c> if this client has no client secret.</value> + public ClientCredentialApplicator ClientCredentialApplicator { get; set; } + + /// <summary> /// Prepares an HTTP request that carries a given message. /// </summary> /// <param name="request">The message to send.</param> @@ -65,7 +90,7 @@ namespace DotNetOpenAuth.OAuth2.ChannelElements { } else if (response.ContentType.MediaType == HttpFormUrlEncoded || response.ContentType.MediaType == PlainTextEncoded) { return HttpUtility.ParseQueryString(body).ToDictionary(); } else { - throw ErrorUtilities.ThrowProtocol(OAuthStrings.UnexpectedResponseContentType, response.ContentType.MediaType); + throw ErrorUtilities.ThrowProtocol(ClientStrings.UnexpectedResponseContentType, response.ContentType.MediaType); } } @@ -118,5 +143,17 @@ namespace DotNetOpenAuth.OAuth2.ChannelElements { // Clients don't ever send direct responses. throw new NotImplementedException(); } + + /// <summary> + /// Performs additional processing on an outgoing web request before it is sent to the remote server. + /// </summary> + /// <param name="request">The request.</param> + protected override void PrepareHttpWebRequest(HttpWebRequest request) { + base.PrepareHttpWebRequest(request); + + if (this.ClientCredentialApplicator != null) { + this.ClientCredentialApplicator.ApplyClientCredential(this.ClientIdentifier, request); + } + } } } diff --git a/src/DotNetOpenAuth.OAuth2.Client/OAuth2/ClientBase.cs b/src/DotNetOpenAuth.OAuth2.Client/OAuth2/ClientBase.cs index eda6bc1..5f377ae 100644 --- a/src/DotNetOpenAuth.OAuth2.Client/OAuth2/ClientBase.cs +++ b/src/DotNetOpenAuth.OAuth2.Client/OAuth2/ClientBase.cs @@ -26,13 +26,16 @@ namespace DotNetOpenAuth.OAuth2 { /// </summary> /// <param name="authorizationServer">The token issuer.</param> /// <param name="clientIdentifier">The client identifier.</param> - /// <param name="clientSecret">The client secret.</param> - protected ClientBase(AuthorizationServerDescription authorizationServer, string clientIdentifier = null, string clientSecret = null) { + /// <param name="clientCredentialApplicator"> + /// The tool to use to apply client credentials to authenticated requests to the Authorization Server. + /// May be <c>null</c> for clients with no secret or other means of authentication. + /// </param> + protected ClientBase(AuthorizationServerDescription authorizationServer, string clientIdentifier = null, ClientCredentialApplicator clientCredentialApplicator = null) { Requires.NotNull(authorizationServer, "authorizationServer"); this.AuthorizationServer = authorizationServer; this.Channel = new OAuth2ClientChannel(); this.ClientIdentifier = clientIdentifier; - this.ClientSecret = clientSecret; + this.ClientCredentialApplicator = clientCredentialApplicator; } /// <summary> @@ -50,12 +53,26 @@ namespace DotNetOpenAuth.OAuth2 { /// <summary> /// Gets or sets the identifier by which this client is known to the Authorization Server. /// </summary> - public string ClientIdentifier { get; set; } + public string ClientIdentifier { + get { return this.OAuthChannel.ClientIdentifier; } + set { this.OAuthChannel.ClientIdentifier = value; } + } + + /// <summary> + /// Gets or sets the tool to use to apply client credentials to authenticated requests to the Authorization Server. + /// </summary> + /// <value>May be <c>null</c> if this client has no client secret.</value> + public ClientCredentialApplicator ClientCredentialApplicator { + get { return this.OAuthChannel.ClientCredentialApplicator; } + set { this.OAuthChannel.ClientCredentialApplicator = value; } + } /// <summary> - /// Gets or sets the client secret shared with the Authorization Server. + /// Gets the OAuth client channel. /// </summary> - public string ClientSecret { get; set; } + internal IOAuth2ChannelWithClient OAuthChannel { + get { return (IOAuth2ChannelWithClient)this.Channel; } + } /// <summary> /// Adds the necessary HTTP Authorization header to an HTTP request for protected resources @@ -116,12 +133,13 @@ namespace DotNetOpenAuth.OAuth2 { } } - var request = new AccessTokenRefreshRequest(this.AuthorizationServer) { + var request = new AccessTokenRefreshRequestC(this.AuthorizationServer) { ClientIdentifier = this.ClientIdentifier, - ClientSecret = this.ClientSecret, RefreshToken = authorization.RefreshToken, }; + this.ApplyClientCredential(request); + var response = this.Channel.Request<AccessTokenSuccessResponse>(request); UpdateAuthorizationWithResponse(authorization, response); return true; @@ -143,12 +161,13 @@ namespace DotNetOpenAuth.OAuth2 { Requires.NotNull(scope, "scope"); Contract.Ensures(Contract.Result<IAuthorizationState>() != null); - var request = new AccessTokenRefreshRequest(this.AuthorizationServer) { + var request = new AccessTokenRefreshRequestC(this.AuthorizationServer) { ClientIdentifier = this.ClientIdentifier, - ClientSecret = this.ClientSecret, RefreshToken = refreshToken, }; + this.ApplyClientCredential(request); + var response = this.Channel.Request<AccessTokenSuccessResponse>(request); var authorization = new AuthorizationState(); UpdateAuthorizationWithResponse(authorization, response); @@ -248,12 +267,12 @@ namespace DotNetOpenAuth.OAuth2 { Requires.NotNull(authorizationState, "authorizationState"); Requires.NotNull(authorizationSuccess, "authorizationSuccess"); - var accessTokenRequest = new AccessTokenAuthorizationCodeRequest(this.AuthorizationServer) { + var accessTokenRequest = new AccessTokenAuthorizationCodeRequestC(this.AuthorizationServer) { ClientIdentifier = this.ClientIdentifier, - ClientSecret = this.ClientSecret, Callback = authorizationState.Callback, AuthorizationCode = authorizationSuccess.AuthorizationCode, }; + this.ApplyClientCredential(accessTokenRequest); IProtocolMessage accessTokenResponse = this.Channel.Request(accessTokenRequest); var accessTokenSuccess = accessTokenResponse as AccessTokenSuccessResponse; var failedAccessTokenResponse = accessTokenResponse as AccessTokenFailedResponse; @@ -262,7 +281,28 @@ namespace DotNetOpenAuth.OAuth2 { } else { authorizationState.Delete(); string error = failedAccessTokenResponse != null ? failedAccessTokenResponse.Error : "(unknown)"; - ErrorUtilities.ThrowProtocol(OAuthStrings.CannotObtainAccessTokenWithReason, error); + ErrorUtilities.ThrowProtocol(ClientStrings.CannotObtainAccessTokenWithReason, error); + } + } + + /// <summary> + /// Applies the default client authentication mechanism given a client secret. + /// </summary> + /// <param name="secret">The client secret. May be <c>null</c></param> + /// <returns>The client credential applicator.</returns> + protected static ClientCredentialApplicator DefaultSecretApplicator(string secret) { + return secret == null ? ClientCredentialApplicator.NoSecret() : ClientCredentialApplicator.NetworkCredential(secret); + } + + /// <summary> + /// Applies any applicable client credential to an authenticated outbound request to the authorization server. + /// </summary> + /// <param name="request">The request to apply authentication information to.</param> + protected void ApplyClientCredential(AuthenticatedClientRequestBase request) { + Requires.NotNull(request, "request"); + + if (this.ClientCredentialApplicator != null) { + this.ClientCredentialApplicator.ApplyClientCredential(this.ClientIdentifier, request); } } @@ -295,7 +335,7 @@ namespace DotNetOpenAuth.OAuth2 { var authorizationState = new AuthorizationState(scopes); request.ClientIdentifier = this.ClientIdentifier; - request.ClientSecret = this.ClientSecret; + this.ApplyClientCredential(request); request.Scope.UnionWith(authorizationState.Scope); var response = this.Channel.Request(request); diff --git a/src/DotNetOpenAuth.OAuth2.Client/OAuth2/ClientCredentialApplicator.cs b/src/DotNetOpenAuth.OAuth2.Client/OAuth2/ClientCredentialApplicator.cs new file mode 100644 index 0000000..415c893 --- /dev/null +++ b/src/DotNetOpenAuth.OAuth2.Client/OAuth2/ClientCredentialApplicator.cs @@ -0,0 +1,169 @@ +//----------------------------------------------------------------------- +// <copyright file="ClientCredentialApplicator.cs" company="Andrew Arnott"> +// Copyright (c) Andrew Arnott. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- + +namespace DotNetOpenAuth.OAuth2 { + using System; + using System.Collections.Generic; + using System.Linq; + using System.Net; + using System.Text; + using DotNetOpenAuth.Messaging; + using DotNetOpenAuth.OAuth2.Messages; + + /// <summary> + /// A base class for extensions that apply client authentication to messages for the authorization server in specific ways. + /// </summary> + public abstract class ClientCredentialApplicator { + /// <summary> + /// Initializes a new instance of the <see cref="ClientCredentialApplicator"/> class. + /// </summary> + protected ClientCredentialApplicator() { + } + + /// <summary> + /// Transmits the secret the client shares with the authorization server as a parameter in the POST entity payload. + /// </summary> + /// <param name="clientSecret">The secret the client shares with the authorization server.</param> + /// <returns>The credential applicator to provide to the <see cref="ClientBase"/> instance.</returns> + public static ClientCredentialApplicator PostParameter(string clientSecret) { + Requires.NotNullOrEmpty(clientSecret, "clientSecret"); + return new PostParameterApplicator(clientSecret); + } + + /// <summary> + /// Transmits the client identifier and secret in the HTTP Authorization header via HTTP Basic authentication. + /// </summary> + /// <param name="credential">The client id and secret.</param> + /// <returns>The credential applicator to provide to the <see cref="ClientBase"/> instance.</returns> + public static ClientCredentialApplicator NetworkCredential(NetworkCredential credential) { + Requires.NotNull(credential, "credential"); + return new NetworkCredentialApplicator(credential); + } + + /// <summary> + /// Transmits the client identifier and secret in the HTTP Authorization header via HTTP Basic authentication. + /// </summary> + /// <param name="clientSecret">The secret the client shares with the authorization server.</param> + /// <returns>The credential applicator to provide to the <see cref="ClientBase"/> instance.</returns> + public static ClientCredentialApplicator NetworkCredential(string clientSecret) { + Requires.NotNullOrEmpty(clientSecret, "clientSecret"); + return new NetworkCredentialApplicator(clientSecret); + } + + /// <summary> + /// Never transmits a secret. Useful for anonymous clients or clients unable to keep a secret. + /// </summary> + /// <returns>The credential applicator to provide to the <see cref="ClientBase"/> instance.</returns> + public static ClientCredentialApplicator NoSecret() { + return null; + } + + /// <summary> + /// Applies the client identifier and (when applicable) the client authentication to an outbound message. + /// </summary> + /// <param name="clientIdentifier">The identifier by which the authorization server should recognize this client.</param> + /// <param name="request">The outbound message to apply authentication information to.</param> + public virtual void ApplyClientCredential(string clientIdentifier, AuthenticatedClientRequestBase request) { + } + + /// <summary> + /// Applies the client identifier and (when applicable) the client authentication to an outbound message. + /// </summary> + /// <param name="clientIdentifier">The identifier by which the authorization server should recognize this client.</param> + /// <param name="request">The outbound message to apply authentication information to.</param> + public virtual void ApplyClientCredential(string clientIdentifier, HttpWebRequest request) { + } + + /// <summary> + /// Authenticates the client via HTTP Basic. + /// </summary> + private class NetworkCredentialApplicator : ClientCredentialApplicator { + /// <summary> + /// The client identifier and secret. + /// </summary> + private readonly NetworkCredential credential; + + /// <summary> + /// The client secret. + /// </summary> + private readonly string clientSecret; + + /// <summary> + /// Initializes a new instance of the <see cref="NetworkCredentialApplicator"/> class. + /// </summary> + /// <param name="clientSecret">The client secret.</param> + internal NetworkCredentialApplicator(string clientSecret) { + Requires.NotNullOrEmpty(clientSecret, "clientSecret"); + this.clientSecret = clientSecret; + } + + /// <summary> + /// Initializes a new instance of the <see cref="NetworkCredentialApplicator"/> class. + /// </summary> + /// <param name="credential">The client credential.</param> + internal NetworkCredentialApplicator(NetworkCredential credential) { + Requires.NotNull(credential, "credential"); + this.credential = credential; + } + + /// <summary> + /// Applies the client identifier and (when applicable) the client authentication to an outbound message. + /// </summary> + /// <param name="clientIdentifier">The identifier by which the authorization server should recognize this client.</param> + /// <param name="request">The outbound message to apply authentication information to.</param> + public override void ApplyClientCredential(string clientIdentifier, AuthenticatedClientRequestBase request) { + // When using network credentials, the client authentication is not done as standard message parts. + request.ClientIdentifier = null; + request.ClientSecret = null; + } + + /// <summary> + /// Applies the client identifier and (when applicable) the client authentication to an outbound message. + /// </summary> + /// <param name="clientIdentifier">The identifier by which the authorization server should recognize this client.</param> + /// <param name="request">The outbound message to apply authentication information to.</param> + public override void ApplyClientCredential(string clientIdentifier, HttpWebRequest request) { + if (clientIdentifier != null) { + if (this.credential != null && this.credential.UserName == clientIdentifier) { + ErrorUtilities.VerifyHost(false, "Client identifiers \"{0}\" and \"{1}\" do not match.", this.credential.UserName, clientIdentifier); + } + + request.Credentials = this.credential ?? new NetworkCredential(clientIdentifier, this.clientSecret); + } + } + } + + /// <summary> + /// Authenticates the client via a client_secret parameter in the message. + /// </summary> + private class PostParameterApplicator : ClientCredentialApplicator { + /// <summary> + /// The client secret. + /// </summary> + private readonly string secret; + + /// <summary> + /// Initializes a new instance of the <see cref="PostParameterApplicator"/> class. + /// </summary> + /// <param name="clientSecret">The client secret.</param> + internal PostParameterApplicator(string clientSecret) { + Requires.NotNullOrEmpty(clientSecret, "clientSecret"); + this.secret = clientSecret; + } + + /// <summary> + /// Applies the client identifier and (when applicable) the client authentication to an outbound message. + /// </summary> + /// <param name="clientIdentifier">The identifier by which the authorization server should recognize this client.</param> + /// <param name="request">The outbound message to apply authentication information to.</param> + public override void ApplyClientCredential(string clientIdentifier, AuthenticatedClientRequestBase request) { + if (clientIdentifier != null) { + request.ClientSecret = this.secret; + } + } + } + } +} diff --git a/src/DotNetOpenAuth.OAuth2.Client/OAuth2/ClientStrings.Designer.cs b/src/DotNetOpenAuth.OAuth2.Client/OAuth2/ClientStrings.Designer.cs index 9564704..87acfdf 100644 --- a/src/DotNetOpenAuth.OAuth2.Client/OAuth2/ClientStrings.Designer.cs +++ b/src/DotNetOpenAuth.OAuth2.Client/OAuth2/ClientStrings.Designer.cs @@ -1,7 +1,7 @@ //------------------------------------------------------------------------------ // <auto-generated> // This code was generated by a tool. -// Runtime Version:4.0.30319.17614 +// Runtime Version:4.0.30319.17622 // // Changes to this file may cause incorrect behavior and will be lost if // the code is regenerated. @@ -88,11 +88,20 @@ namespace DotNetOpenAuth.OAuth2 { } /// <summary> - /// Looks up a localized string similar to The property {0} must be set before this operation is allowed.. + /// Looks up a localized string similar to Failed to obtain access token. Authorization Server reports reason: {0}. /// </summary> - internal static string RequiredPropertyNotYetPreset { + internal static string CannotObtainAccessTokenWithReason { get { - return ResourceManager.GetString("RequiredPropertyNotYetPreset", resourceCulture); + return ResourceManager.GetString("CannotObtainAccessTokenWithReason", resourceCulture); + } + } + + /// <summary> + /// Looks up a localized string similar to Unexpected response Content-Type {0}. + /// </summary> + internal static string UnexpectedResponseContentType { + get { + return ResourceManager.GetString("UnexpectedResponseContentType", resourceCulture); } } } diff --git a/src/DotNetOpenAuth.OAuth2.Client/OAuth2/ClientStrings.resx b/src/DotNetOpenAuth.OAuth2.Client/OAuth2/ClientStrings.resx index 0a41e42..5facbc4 100644 --- a/src/DotNetOpenAuth.OAuth2.Client/OAuth2/ClientStrings.resx +++ b/src/DotNetOpenAuth.OAuth2.Client/OAuth2/ClientStrings.resx @@ -112,10 +112,10 @@ <value>2.0</value> </resheader> <resheader name="reader"> - <value>System.Resources.ResXResourceReader, System.Windows.Forms, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</value> + <value>System.Resources.ResXResourceReader, System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</value> </resheader> <resheader name="writer"> - <value>System.Resources.ResXResourceWriter, System.Windows.Forms, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</value> + <value>System.Resources.ResXResourceWriter, System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</value> </resheader> <data name="AccessTokenRefreshFailed" xml:space="preserve"> <value>Access token has expired and cannot be automatically refreshed.</value> @@ -127,7 +127,10 @@ <value>Unexpected OAuth authorization response received with callback and client state that does not match an expected value.</value> <comment>The error message generated when detecting a mismatch between the state sent to the authorization server originally and what we got back with successful authorization, or that the user sessions were not identical between the two requests, suggesting XSRF or other attack on the user (victim).</comment> </data> - <data name="RequiredPropertyNotYetPreset" xml:space="preserve"> - <value>The property {0} must be set before this operation is allowed.</value> + <data name="CannotObtainAccessTokenWithReason" xml:space="preserve"> + <value>Failed to obtain access token. Authorization Server reports reason: {0}</value> + </data> + <data name="UnexpectedResponseContentType" xml:space="preserve"> + <value>Unexpected response Content-Type {0}</value> </data> </root>
\ No newline at end of file diff --git a/src/DotNetOpenAuth.OAuth2/OAuth2/IAuthorizationState.cs b/src/DotNetOpenAuth.OAuth2.Client/OAuth2/IAuthorizationState.cs index f38df9a..f38df9a 100644 --- a/src/DotNetOpenAuth.OAuth2/OAuth2/IAuthorizationState.cs +++ b/src/DotNetOpenAuth.OAuth2.Client/OAuth2/IAuthorizationState.cs diff --git a/src/DotNetOpenAuth.OAuth2/OAuth2/IClientAuthorizationTracker.cs b/src/DotNetOpenAuth.OAuth2.Client/OAuth2/IClientAuthorizationTracker.cs index 73b7a44..73b7a44 100644 --- a/src/DotNetOpenAuth.OAuth2/OAuth2/IClientAuthorizationTracker.cs +++ b/src/DotNetOpenAuth.OAuth2.Client/OAuth2/IClientAuthorizationTracker.cs diff --git a/src/DotNetOpenAuth.OAuth2.Client/OAuth2/Messages/AccessTokenAuthorizationCodeRequestC.cs b/src/DotNetOpenAuth.OAuth2.Client/OAuth2/Messages/AccessTokenAuthorizationCodeRequestC.cs new file mode 100644 index 0000000..ebfb2e8 --- /dev/null +++ b/src/DotNetOpenAuth.OAuth2.Client/OAuth2/Messages/AccessTokenAuthorizationCodeRequestC.cs @@ -0,0 +1,27 @@ +//----------------------------------------------------------------------- +// <copyright file="AccessTokenAuthorizationCodeRequestC.cs" company="Andrew Arnott"> +// Copyright (c) Andrew Arnott. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- + +namespace DotNetOpenAuth.OAuth2.Messages { + using System; + using System.Collections.Generic; + using System.Linq; + using System.Text; + + /// <summary> + /// A request from a Client to an Authorization Server to exchange an authorization code for an access token, + /// and (at the authorization server's option) a refresh token. + /// </summary> + internal class AccessTokenAuthorizationCodeRequestC : AccessTokenAuthorizationCodeRequest { + /// <summary> + /// Initializes a new instance of the <see cref="AccessTokenAuthorizationCodeRequestC"/> class. + /// </summary> + /// <param name="authorizationServer">The authorization server.</param> + internal AccessTokenAuthorizationCodeRequestC(AuthorizationServerDescription authorizationServer) + : base(authorizationServer.TokenEndpoint, authorizationServer.Version) { + Requires.NotNull(authorizationServer, "authorizationServer"); + } + } +} diff --git a/src/DotNetOpenAuth.OAuth2.Client/OAuth2/Messages/AccessTokenRefreshRequestC.cs b/src/DotNetOpenAuth.OAuth2.Client/OAuth2/Messages/AccessTokenRefreshRequestC.cs new file mode 100644 index 0000000..25da3dc --- /dev/null +++ b/src/DotNetOpenAuth.OAuth2.Client/OAuth2/Messages/AccessTokenRefreshRequestC.cs @@ -0,0 +1,26 @@ +//----------------------------------------------------------------------- +// <copyright file="AccessTokenRefreshRequestC.cs" company="Andrew Arnott"> +// Copyright (c) Andrew Arnott. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- + +namespace DotNetOpenAuth.OAuth2.Messages { + using System; + using System.Collections.Generic; + using System.Linq; + using System.Text; + + /// <summary> + /// A request from the client to the token endpoint for a new access token + /// in exchange for a refresh token that the client has previously obtained. + /// </summary> + internal class AccessTokenRefreshRequestC : AccessTokenRefreshRequest { + /// <summary> + /// Initializes a new instance of the <see cref="AccessTokenRefreshRequestC"/> class. + /// </summary> + /// <param name="authorizationServer">The authorization server.</param> + internal AccessTokenRefreshRequestC(AuthorizationServerDescription authorizationServer) + : base(authorizationServer.TokenEndpoint, authorizationServer.Version) { + } + } +} diff --git a/src/DotNetOpenAuth.OAuth2.Client/OAuth2/Messages/EndUserAuthorizationImplicitRequestC.cs b/src/DotNetOpenAuth.OAuth2.Client/OAuth2/Messages/EndUserAuthorizationImplicitRequestC.cs new file mode 100644 index 0000000..78bf48e --- /dev/null +++ b/src/DotNetOpenAuth.OAuth2.Client/OAuth2/Messages/EndUserAuthorizationImplicitRequestC.cs @@ -0,0 +1,28 @@ +//----------------------------------------------------------------------- +// <copyright file="EndUserAuthorizationImplicitRequestC.cs" company="Andrew Arnott"> +// Copyright (c) Andrew Arnott. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- + +namespace DotNetOpenAuth.OAuth2.Messages { + using System; + using System.Collections.Generic; + using System.Linq; + using System.Text; + + /// <summary> + /// A message sent by a web application Client to the AuthorizationServer + /// via the user agent to obtain authorization from the user and prepare + /// to issue an access token to the client if permission is granted. + /// </summary> + [Serializable] + internal class EndUserAuthorizationImplicitRequestC : EndUserAuthorizationImplicitRequest { + /// <summary> + /// Initializes a new instance of the <see cref="EndUserAuthorizationImplicitRequestC"/> class. + /// </summary> + /// <param name="authorizationServer">The authorization server.</param> + internal EndUserAuthorizationImplicitRequestC(AuthorizationServerDescription authorizationServer) + : base(authorizationServer.AuthorizationEndpoint, authorizationServer.Version) { + } + } +} diff --git a/src/DotNetOpenAuth.OAuth2.Client/OAuth2/Messages/EndUserAuthorizationRequestC.cs b/src/DotNetOpenAuth.OAuth2.Client/OAuth2/Messages/EndUserAuthorizationRequestC.cs new file mode 100644 index 0000000..7c06897 --- /dev/null +++ b/src/DotNetOpenAuth.OAuth2.Client/OAuth2/Messages/EndUserAuthorizationRequestC.cs @@ -0,0 +1,31 @@ +//----------------------------------------------------------------------- +// <copyright file="EndUserAuthorizationRequestC.cs" company="Andrew Arnott"> +// Copyright (c) Andrew Arnott. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- + +namespace DotNetOpenAuth.OAuth2.Messages { + using System; + using System.Collections.Generic; + using System.Linq; + using System.Text; + + /// <summary> + /// A message sent by a web application Client to the AuthorizationServer + /// via the user agent to obtain authorization from the user and prepare + /// to issue an access token to the client if permission is granted. + /// </summary> + [Serializable] + internal class EndUserAuthorizationRequestC : EndUserAuthorizationRequest { + /// <summary> + /// Initializes a new instance of the <see cref="EndUserAuthorizationRequestC"/> class. + /// </summary> + /// <param name="authorizationServer">The authorization server.</param> + internal EndUserAuthorizationRequestC(AuthorizationServerDescription authorizationServer) + : base(authorizationServer.AuthorizationEndpoint, authorizationServer.Version) { + Requires.NotNull(authorizationServer, "authorizationServer"); + Requires.True(authorizationServer.Version != null, "authorizationServer"); + Requires.True(authorizationServer.AuthorizationEndpoint != null, "authorizationServer"); + } + } +} diff --git a/src/DotNetOpenAuth.OAuth2.Client/OAuth2/UserAgentClient.cs b/src/DotNetOpenAuth.OAuth2.Client/OAuth2/UserAgentClient.cs index c29d167..edde2a9 100644 --- a/src/DotNetOpenAuth.OAuth2.Client/OAuth2/UserAgentClient.cs +++ b/src/DotNetOpenAuth.OAuth2.Client/OAuth2/UserAgentClient.cs @@ -27,7 +27,7 @@ namespace DotNetOpenAuth.OAuth2 { /// <param name="clientIdentifier">The client identifier.</param> /// <param name="clientSecret">The client secret.</param> public UserAgentClient(AuthorizationServerDescription authorizationServer, string clientIdentifier = null, string clientSecret = null) - : base(authorizationServer, clientIdentifier, clientSecret) { + : this(authorizationServer, clientIdentifier, DefaultSecretApplicator(clientSecret)) { } /// <summary> @@ -38,12 +38,39 @@ namespace DotNetOpenAuth.OAuth2 { /// <param name="clientIdentifier">The client identifier.</param> /// <param name="clientSecret">The client secret.</param> public UserAgentClient(Uri authorizationEndpoint, Uri tokenEndpoint, string clientIdentifier = null, string clientSecret = null) - : this(new AuthorizationServerDescription { AuthorizationEndpoint = authorizationEndpoint, TokenEndpoint = tokenEndpoint }, clientIdentifier, clientSecret) { + : this(authorizationEndpoint, tokenEndpoint, clientIdentifier, DefaultSecretApplicator(clientSecret)) { + } + + /// <summary> + /// Initializes a new instance of the <see cref="UserAgentClient"/> class. + /// </summary> + /// <param name="authorizationEndpoint">The authorization endpoint.</param> + /// <param name="tokenEndpoint">The token endpoint.</param> + /// <param name="clientIdentifier">The client identifier.</param> + /// <param name="clientCredentialApplicator"> + /// The tool to use to apply client credentials to authenticated requests to the Authorization Server. + /// May be <c>null</c> for clients with no secret or other means of authentication. + /// </param> + public UserAgentClient(Uri authorizationEndpoint, Uri tokenEndpoint, string clientIdentifier, ClientCredentialApplicator clientCredentialApplicator) + : this(new AuthorizationServerDescription { AuthorizationEndpoint = authorizationEndpoint, TokenEndpoint = tokenEndpoint }, clientIdentifier, clientCredentialApplicator) { Requires.NotNull(authorizationEndpoint, "authorizationEndpoint"); Requires.NotNull(tokenEndpoint, "tokenEndpoint"); } /// <summary> + /// Initializes a new instance of the <see cref="UserAgentClient"/> class. + /// </summary> + /// <param name="authorizationServer">The token issuer.</param> + /// <param name="clientIdentifier">The client identifier.</param> + /// <param name="clientCredentialApplicator"> + /// The tool to use to apply client credentials to authenticated requests to the Authorization Server. + /// May be <c>null</c> for clients with no secret or other means of authentication. + /// </param> + public UserAgentClient(AuthorizationServerDescription authorizationServer, string clientIdentifier, ClientCredentialApplicator clientCredentialApplicator) + : base(authorizationServer, clientIdentifier, clientCredentialApplicator) { + } + + /// <summary> /// Generates a URL that the user's browser can be directed to in order to authorize /// this client to access protected data at some resource server. /// </summary> @@ -151,7 +178,7 @@ namespace DotNetOpenAuth.OAuth2 { authorization.Callback = new Uri("http://localhost/"); } - var request = implicitResponseType ? new EndUserAuthorizationImplicitRequest(this.AuthorizationServer) : new EndUserAuthorizationRequest(this.AuthorizationServer); + var request = implicitResponseType ? (EndUserAuthorizationRequest)new EndUserAuthorizationImplicitRequestC(this.AuthorizationServer) : new EndUserAuthorizationRequestC(this.AuthorizationServer); request.ClientIdentifier = this.ClientIdentifier; request.Callback = authorization.Callback; request.ClientState = state; diff --git a/src/DotNetOpenAuth.OAuth2.Client/OAuth2/WebServerClient.cs b/src/DotNetOpenAuth.OAuth2.Client/OAuth2/WebServerClient.cs index 0429dcb..939d1df 100644 --- a/src/DotNetOpenAuth.OAuth2.Client/OAuth2/WebServerClient.cs +++ b/src/DotNetOpenAuth.OAuth2.Client/OAuth2/WebServerClient.cs @@ -26,7 +26,20 @@ namespace DotNetOpenAuth.OAuth2 { /// <param name="clientIdentifier">The client identifier.</param> /// <param name="clientSecret">The client secret.</param> public WebServerClient(AuthorizationServerDescription authorizationServer, string clientIdentifier = null, string clientSecret = null) - : base(authorizationServer, clientIdentifier, clientSecret) { + : this(authorizationServer, clientIdentifier, DefaultSecretApplicator(clientSecret)) { + } + + /// <summary> + /// Initializes a new instance of the <see cref="WebServerClient"/> class. + /// </summary> + /// <param name="authorizationServer">The authorization server.</param> + /// <param name="clientIdentifier">The client identifier.</param> + /// <param name="clientCredentialApplicator"> + /// The tool to use to apply client credentials to authenticated requests to the Authorization Server. + /// May be <c>null</c> for clients with no secret or other means of authentication. + /// </param> + public WebServerClient(AuthorizationServerDescription authorizationServer, string clientIdentifier, ClientCredentialApplicator clientCredentialApplicator) + : base(authorizationServer, clientIdentifier, clientCredentialApplicator) { } /// <summary> @@ -68,7 +81,7 @@ namespace DotNetOpenAuth.OAuth2 { public OutgoingWebResponse PrepareRequestUserAuthorization(IAuthorizationState authorization) { Requires.NotNull(authorization, "authorization"); Requires.ValidState(authorization.Callback != null || (HttpContext.Current != null && HttpContext.Current.Request != null), MessagingStrings.HttpContextRequired); - Requires.ValidState(!string.IsNullOrEmpty(this.ClientIdentifier), ClientStrings.RequiredPropertyNotYetPreset, "ClientIdentifier"); + Requires.ValidState(!string.IsNullOrEmpty(this.ClientIdentifier), Strings.RequiredPropertyNotYetPreset, "ClientIdentifier"); Contract.Ensures(Contract.Result<OutgoingWebResponse>() != null); if (authorization.Callback == null) { @@ -78,7 +91,7 @@ namespace DotNetOpenAuth.OAuth2 { authorization.SaveChanges(); } - var request = new EndUserAuthorizationRequest(this.AuthorizationServer) { + var request = new EndUserAuthorizationRequestC(this.AuthorizationServer) { ClientIdentifier = this.ClientIdentifier, Callback = authorization.Callback, }; @@ -105,8 +118,8 @@ namespace DotNetOpenAuth.OAuth2 { /// <param name="request">The incoming HTTP request that may carry an authorization response.</param> /// <returns>The authorization state that contains the details of the authorization.</returns> public IAuthorizationState ProcessUserAuthorization(HttpRequestBase request = null) { - Requires.ValidState(!string.IsNullOrEmpty(this.ClientIdentifier), ClientStrings.RequiredPropertyNotYetPreset, "ClientIdentifier"); - Requires.ValidState(!string.IsNullOrEmpty(this.ClientSecret), ClientStrings.RequiredPropertyNotYetPreset, "ClientSecret"); + Requires.ValidState(!string.IsNullOrEmpty(this.ClientIdentifier), Strings.RequiredPropertyNotYetPreset, "ClientIdentifier"); + Requires.ValidState(this.ClientCredentialApplicator != null, Strings.RequiredPropertyNotYetPreset, "ClientCredentialApplicator"); if (request == null) { request = this.Channel.GetRequestFromContext(); diff --git a/src/DotNetOpenAuth.OAuth2.ClientAuthorization/DotNetOpenAuth.OAuth2.ClientAuthorization.csproj b/src/DotNetOpenAuth.OAuth2.ClientAuthorization/DotNetOpenAuth.OAuth2.ClientAuthorization.csproj new file mode 100644 index 0000000..2a08dbf --- /dev/null +++ b/src/DotNetOpenAuth.OAuth2.ClientAuthorization/DotNetOpenAuth.OAuth2.ClientAuthorization.csproj @@ -0,0 +1,78 @@ +<?xml version="1.0" encoding="utf-8"?> +<Project ToolsVersion="4.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003"> + <Import Project="$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.props))\EnlistmentInfo.props" Condition=" '$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.props))' != '' " /> + <PropertyGroup> + <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration> + <Platform Condition=" '$(Platform)' == '' ">AnyCPU</Platform> + </PropertyGroup> + <Import Project="$(ProjectRoot)tools\DotNetOpenAuth.props" /> + <PropertyGroup> + <SchemaVersion>2.0</SchemaVersion> + <ProjectGuid>{CCF3728A-B3D7-404A-9BC6-75197135F2D7}</ProjectGuid> + <AppDesignerFolder>Properties</AppDesignerFolder> + <AssemblyName>DotNetOpenAuth.OAuth2.ClientAuthorization</AssemblyName> + </PropertyGroup> + <Import Project="$(ProjectRoot)tools\DotNetOpenAuth.Product.props" /> + <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' "> + </PropertyGroup> + <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Release|AnyCPU' "> + </PropertyGroup> + <ItemGroup> + <Compile Include="OAuth2\ChannelElements\EndUserAuthorizationResponseTypeEncoder.cs" /> + <Compile Include="OAuth2\ChannelElements\GrantTypeEncoder.cs" /> + <Compile Include="OAuth2\ChannelElements\OAuth2ChannelBase.cs" /> + <Compile Include="OAuth2\ClientAuthorizationStrings.Designer.cs"> + <AutoGen>True</AutoGen> + <DesignTime>True</DesignTime> + <DependentUpon>ClientAuthorizationStrings.resx</DependentUpon> + </Compile> + <Compile Include="OAuth2\ClientType.cs" /> + <Compile Include="OAuth2\IClientDescription.cs" /> + <Compile Include="OAuth2\Messages\AccessTokenAuthorizationCodeRequest.cs" /> + <Compile Include="OAuth2\Messages\AccessTokenClientCredentialsRequest.cs" /> + <Compile Include="OAuth2\Messages\AccessTokenFailedResponse.cs" /> + <Compile Include="OAuth2\Messages\AccessTokenRefreshRequest.cs" /> + <Compile Include="OAuth2\Messages\AccessTokenRequestBase.cs" /> + <Compile Include="OAuth2\Messages\AccessTokenResourceOwnerPasswordCredentialsRequest.cs" /> + <Compile Include="OAuth2\Messages\AccessTokenResult.cs" /> + <Compile Include="OAuth2\Messages\AccessTokenSuccessResponse.cs" /> + <Compile Include="OAuth2\Messages\AuthenticatedClientRequestBase.cs" /> + <Compile Include="OAuth2\Messages\EndUserAuthorizationFailedResponse.cs" /> + <Compile Include="OAuth2\Messages\EndUserAuthorizationImplicitRequest.cs" /> + <Compile Include="OAuth2\Messages\EndUserAuthorizationRequest.cs" /> + <Compile Include="OAuth2\Messages\EndUserAuthorizationResponseType.cs" /> + <Compile Include="OAuth2\Messages\EndUserAuthorizationSuccessAccessTokenResponse.cs" /> + <Compile Include="OAuth2\Messages\EndUserAuthorizationSuccessAuthCodeResponse.cs" /> + <Compile Include="OAuth2\Messages\EndUserAuthorizationSuccessResponseBase.cs" /> + <Compile Include="OAuth2\Messages\GrantType.cs" /> + <Compile Include="OAuth2\Messages\IAccessTokenIssuingResponse.cs" /> + <Compile Include="OAuth2\Messages\IAccessTokenRequest.cs" /> + <Compile Include="OAuth2\Messages\IAccessTokenRequestInternal.cs" /> + <Compile Include="OAuth2\Messages\IMessageWithClientState.cs" /> + <Compile Include="OAuth2\Messages\ScopedAccessTokenRequest.cs" /> + <Compile Include="OAuth2\TokenEndpointProtocolException.cs" /> + <Compile Include="Properties\AssemblyInfo.cs" /> + </ItemGroup> + <ItemGroup> + <ProjectReference Include="..\DotNetOpenAuth.Core\DotNetOpenAuth.Core.csproj"> + <Project>{60426312-6AE5-4835-8667-37EDEA670222}</Project> + <Name>DotNetOpenAuth.Core</Name> + </ProjectReference> + <ProjectReference Include="..\DotNetOpenAuth.OAuth2\DotNetOpenAuth.OAuth2.csproj"> + <Project>{56459A6C-6BA2-4BAC-A9C0-27E3BD961FA6}</Project> + <Name>DotNetOpenAuth.OAuth2</Name> + </ProjectReference> + </ItemGroup> + <ItemGroup> + <EmbeddedResource Include="OAuth2\ClientAuthorizationStrings.resx"> + <Generator>ResXFileCodeGenerator</Generator> + <LastGenOutput>ClientAuthorizationStrings.Designer.cs</LastGenOutput> + </EmbeddedResource> + </ItemGroup> + <ItemGroup> + <None Include="OAuth2\Messages\Access Token Request Messages.cd" /> + </ItemGroup> + <Import Project="$(MSBuildToolsPath)\Microsoft.CSharp.targets" /> + <Import Project="$(ProjectRoot)tools\DotNetOpenAuth.targets" /> + <Import Project="$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.targets))\EnlistmentInfo.targets" Condition=" '$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.targets))' != '' " /> +</Project>
\ No newline at end of file diff --git a/src/DotNetOpenAuth.OAuth2/OAuth2/ChannelElements/EndUserAuthorizationResponseTypeEncoder.cs b/src/DotNetOpenAuth.OAuth2.ClientAuthorization/OAuth2/ChannelElements/EndUserAuthorizationResponseTypeEncoder.cs index 2fba721..2fba721 100644 --- a/src/DotNetOpenAuth.OAuth2/OAuth2/ChannelElements/EndUserAuthorizationResponseTypeEncoder.cs +++ b/src/DotNetOpenAuth.OAuth2.ClientAuthorization/OAuth2/ChannelElements/EndUserAuthorizationResponseTypeEncoder.cs diff --git a/src/DotNetOpenAuth.OAuth2/OAuth2/ChannelElements/GrantTypeEncoder.cs b/src/DotNetOpenAuth.OAuth2.ClientAuthorization/OAuth2/ChannelElements/GrantTypeEncoder.cs index e0e8329..e0e8329 100644 --- a/src/DotNetOpenAuth.OAuth2/OAuth2/ChannelElements/GrantTypeEncoder.cs +++ b/src/DotNetOpenAuth.OAuth2.ClientAuthorization/OAuth2/ChannelElements/GrantTypeEncoder.cs diff --git a/src/DotNetOpenAuth.OAuth2/OAuth2/ChannelElements/OAuth2ChannelBase.cs b/src/DotNetOpenAuth.OAuth2.ClientAuthorization/OAuth2/ChannelElements/OAuth2ChannelBase.cs index 51ac58a..f2f674e 100644 --- a/src/DotNetOpenAuth.OAuth2/OAuth2/ChannelElements/OAuth2ChannelBase.cs +++ b/src/DotNetOpenAuth.OAuth2.ClientAuthorization/OAuth2/ChannelElements/OAuth2ChannelBase.cs @@ -18,24 +18,6 @@ namespace DotNetOpenAuth.OAuth2.ChannelElements { /// </summary> internal abstract class OAuth2ChannelBase : StandardMessageFactoryChannel { /// <summary> - /// The messages receivable by this channel. - /// </summary> - private static readonly Type[] MessageTypes = new Type[] { - typeof(AccessTokenRefreshRequest), - typeof(AccessTokenAuthorizationCodeRequest), - typeof(AccessTokenResourceOwnerPasswordCredentialsRequest), - typeof(AccessTokenClientCredentialsRequest), - typeof(AccessTokenSuccessResponse), - typeof(AccessTokenFailedResponse), - typeof(EndUserAuthorizationRequest), - typeof(EndUserAuthorizationImplicitRequest), - typeof(EndUserAuthorizationSuccessAuthCodeResponse), - typeof(EndUserAuthorizationSuccessAccessTokenResponse), - typeof(EndUserAuthorizationFailedResponse), - typeof(UnauthorizedResponse), - }; - - /// <summary> /// The protocol versions supported by this channel. /// </summary> private static readonly Version[] Versions = Protocol.AllVersions.Select(v => v.Version).ToArray(); @@ -43,9 +25,13 @@ namespace DotNetOpenAuth.OAuth2.ChannelElements { /// <summary> /// Initializes a new instance of the <see cref="OAuth2ChannelBase"/> class. /// </summary> - /// <param name="channelBindingElements">The channel binding elements.</param> - internal OAuth2ChannelBase(params IChannelBindingElement[] channelBindingElements) - : base(MessageTypes, Versions, channelBindingElements) { + /// <param name="messageTypes">The message types that are received by this channel.</param> + /// <param name="channelBindingElements"> + /// The binding elements to use in sending and receiving messages. + /// The order they are provided is used for outgoing messgaes, and reversed for incoming messages. + /// </param> + internal OAuth2ChannelBase(Type[] messageTypes, params IChannelBindingElement[] channelBindingElements) + : base(Requires.NotNull(messageTypes, "messageTypes"), Versions, channelBindingElements) { } /// <summary> diff --git a/src/DotNetOpenAuth.OAuth2.ClientAuthorization/OAuth2/ClientAuthorizationStrings.Designer.cs b/src/DotNetOpenAuth.OAuth2.ClientAuthorization/OAuth2/ClientAuthorizationStrings.Designer.cs new file mode 100644 index 0000000..e7e1b6b --- /dev/null +++ b/src/DotNetOpenAuth.OAuth2.ClientAuthorization/OAuth2/ClientAuthorizationStrings.Designer.cs @@ -0,0 +1,81 @@ +//------------------------------------------------------------------------------ +// <auto-generated> +// This code was generated by a tool. +// Runtime Version:4.0.30319.17614 +// +// Changes to this file may cause incorrect behavior and will be lost if +// the code is regenerated. +// </auto-generated> +//------------------------------------------------------------------------------ + +namespace DotNetOpenAuth.OAuth2 { + using System; + + + /// <summary> + /// A strongly-typed resource class, for looking up localized strings, etc. + /// </summary> + // This class was auto-generated by the StronglyTypedResourceBuilder + // class via a tool like ResGen or Visual Studio. + // To add or remove a member, edit your .ResX file then rerun ResGen + // with the /str option, or rebuild your VS project. + [global::System.CodeDom.Compiler.GeneratedCodeAttribute("System.Resources.Tools.StronglyTypedResourceBuilder", "4.0.0.0")] + [global::System.Diagnostics.DebuggerNonUserCodeAttribute()] + [global::System.Runtime.CompilerServices.CompilerGeneratedAttribute()] + internal class ClientAuthorizationStrings { + + private static global::System.Resources.ResourceManager resourceMan; + + private static global::System.Globalization.CultureInfo resourceCulture; + + [global::System.Diagnostics.CodeAnalysis.SuppressMessageAttribute("Microsoft.Performance", "CA1811:AvoidUncalledPrivateCode")] + internal ClientAuthorizationStrings() { + } + + /// <summary> + /// Returns the cached ResourceManager instance used by this class. + /// </summary> + [global::System.ComponentModel.EditorBrowsableAttribute(global::System.ComponentModel.EditorBrowsableState.Advanced)] + internal static global::System.Resources.ResourceManager ResourceManager { + get { + if (object.ReferenceEquals(resourceMan, null)) { + global::System.Resources.ResourceManager temp = new global::System.Resources.ResourceManager("DotNetOpenAuth.OAuth2.ClientAuthorizationStrings", typeof(ClientAuthorizationStrings).Assembly); + resourceMan = temp; + } + return resourceMan; + } + } + + /// <summary> + /// Overrides the current thread's CurrentUICulture property for all + /// resource lookups using this strongly typed resource class. + /// </summary> + [global::System.ComponentModel.EditorBrowsableAttribute(global::System.ComponentModel.EditorBrowsableState.Advanced)] + internal static global::System.Globalization.CultureInfo Culture { + get { + return resourceCulture; + } + set { + resourceCulture = value; + } + } + + /// <summary> + /// Looks up a localized string similar to The request message type {0} should not be responded to with a refresh token.. + /// </summary> + internal static string RefreshTokenInappropriateForRequestType { + get { + return ResourceManager.GetString("RefreshTokenInappropriateForRequestType", resourceCulture); + } + } + + /// <summary> + /// Looks up a localized string similar to The Authorization Server's token endpoint generated error {0}: '{1}'. + /// </summary> + internal static string TokenEndpointErrorFormat { + get { + return ResourceManager.GetString("TokenEndpointErrorFormat", resourceCulture); + } + } + } +} diff --git a/src/DotNetOpenAuth.OAuth2.ClientAuthorization/OAuth2/ClientAuthorizationStrings.resx b/src/DotNetOpenAuth.OAuth2.ClientAuthorization/OAuth2/ClientAuthorizationStrings.resx new file mode 100644 index 0000000..da2dd73 --- /dev/null +++ b/src/DotNetOpenAuth.OAuth2.ClientAuthorization/OAuth2/ClientAuthorizationStrings.resx @@ -0,0 +1,126 @@ +<?xml version="1.0" encoding="utf-8"?> +<root> + <!-- + Microsoft ResX Schema + + Version 2.0 + + The primary goals of this format is to allow a simple XML format + that is mostly human readable. The generation and parsing of the + various data types are done through the TypeConverter classes + associated with the data types. + + Example: + + ... ado.net/XML headers & schema ... + <resheader name="resmimetype">text/microsoft-resx</resheader> + <resheader name="version">2.0</resheader> + <resheader name="reader">System.Resources.ResXResourceReader, System.Windows.Forms, ...</resheader> + <resheader name="writer">System.Resources.ResXResourceWriter, System.Windows.Forms, ...</resheader> + <data name="Name1"><value>this is my long string</value><comment>this is a comment</comment></data> + <data name="Color1" type="System.Drawing.Color, System.Drawing">Blue</data> + <data name="Bitmap1" mimetype="application/x-microsoft.net.object.binary.base64"> + <value>[base64 mime encoded serialized .NET Framework object]</value> + </data> + <data name="Icon1" type="System.Drawing.Icon, System.Drawing" mimetype="application/x-microsoft.net.object.bytearray.base64"> + <value>[base64 mime encoded string representing a byte array form of the .NET Framework object]</value> + <comment>This is a comment</comment> + </data> + + There are any number of "resheader" rows that contain simple + name/value pairs. + + Each data row contains a name, and value. The row also contains a + type or mimetype. Type corresponds to a .NET class that support + text/value conversion through the TypeConverter architecture. + Classes that don't support this are serialized and stored with the + mimetype set. + + The mimetype is used for serialized objects, and tells the + ResXResourceReader how to depersist the object. This is currently not + extensible. For a given mimetype the value must be set accordingly: + + Note - application/x-microsoft.net.object.binary.base64 is the format + that the ResXResourceWriter will generate, however the reader can + read any of the formats listed below. + + mimetype: application/x-microsoft.net.object.binary.base64 + value : The object must be serialized with + : System.Runtime.Serialization.Formatters.Binary.BinaryFormatter + : and then encoded with base64 encoding. + + mimetype: application/x-microsoft.net.object.soap.base64 + value : The object must be serialized with + : System.Runtime.Serialization.Formatters.Soap.SoapFormatter + : and then encoded with base64 encoding. + + mimetype: application/x-microsoft.net.object.bytearray.base64 + value : The object must be serialized into a byte array + : using a System.ComponentModel.TypeConverter + : and then encoded with base64 encoding. + --> + <xsd:schema id="root" xmlns="" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:msdata="urn:schemas-microsoft-com:xml-msdata"> + <xsd:import namespace="http://www.w3.org/XML/1998/namespace" /> + <xsd:element name="root" msdata:IsDataSet="true"> + <xsd:complexType> + <xsd:choice maxOccurs="unbounded"> + <xsd:element name="metadata"> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="value" type="xsd:string" minOccurs="0" /> + </xsd:sequence> + <xsd:attribute name="name" use="required" type="xsd:string" /> + <xsd:attribute name="type" type="xsd:string" /> + <xsd:attribute name="mimetype" type="xsd:string" /> + <xsd:attribute ref="xml:space" /> + </xsd:complexType> + </xsd:element> + <xsd:element name="assembly"> + <xsd:complexType> + <xsd:attribute name="alias" type="xsd:string" /> + <xsd:attribute name="name" type="xsd:string" /> + </xsd:complexType> + </xsd:element> + <xsd:element name="data"> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="value" type="xsd:string" minOccurs="0" msdata:Ordinal="1" /> + <xsd:element name="comment" type="xsd:string" minOccurs="0" msdata:Ordinal="2" /> + </xsd:sequence> + <xsd:attribute name="name" type="xsd:string" use="required" msdata:Ordinal="1" /> + <xsd:attribute name="type" type="xsd:string" msdata:Ordinal="3" /> + <xsd:attribute name="mimetype" type="xsd:string" msdata:Ordinal="4" /> + <xsd:attribute ref="xml:space" /> + </xsd:complexType> + </xsd:element> + <xsd:element name="resheader"> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="value" type="xsd:string" minOccurs="0" msdata:Ordinal="1" /> + </xsd:sequence> + <xsd:attribute name="name" type="xsd:string" use="required" /> + </xsd:complexType> + </xsd:element> + </xsd:choice> + </xsd:complexType> + </xsd:element> + </xsd:schema> + <resheader name="resmimetype"> + <value>text/microsoft-resx</value> + </resheader> + <resheader name="version"> + <value>2.0</value> + </resheader> + <resheader name="reader"> + <value>System.Resources.ResXResourceReader, System.Windows.Forms, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</value> + </resheader> + <resheader name="writer"> + <value>System.Resources.ResXResourceWriter, System.Windows.Forms, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</value> + </resheader> + <data name="RefreshTokenInappropriateForRequestType" xml:space="preserve"> + <value>The request message type {0} should not be responded to with a refresh token.</value> + </data> + <data name="TokenEndpointErrorFormat" xml:space="preserve"> + <value>The Authorization Server's token endpoint generated error {0}: '{1}'</value> + </data> +</root>
\ No newline at end of file diff --git a/src/DotNetOpenAuth.OAuth2/OAuth2/ClientType.cs b/src/DotNetOpenAuth.OAuth2.ClientAuthorization/OAuth2/ClientType.cs index 9e8ed2a..9e8ed2a 100644 --- a/src/DotNetOpenAuth.OAuth2/OAuth2/ClientType.cs +++ b/src/DotNetOpenAuth.OAuth2.ClientAuthorization/OAuth2/ClientType.cs diff --git a/src/DotNetOpenAuth.OAuth2/OAuth2/IClientDescription.cs b/src/DotNetOpenAuth.OAuth2.ClientAuthorization/OAuth2/IClientDescription.cs index d30151b..b4bc689 100644 --- a/src/DotNetOpenAuth.OAuth2/OAuth2/IClientDescription.cs +++ b/src/DotNetOpenAuth.OAuth2.ClientAuthorization/OAuth2/IClientDescription.cs @@ -8,6 +8,7 @@ namespace DotNetOpenAuth.OAuth2 { using System; using System.Collections.Generic; using System.Diagnostics.Contracts; + using DotNetOpenAuth.Messaging; /// <summary> /// A description of a client from an Authorization Server's point of view. @@ -15,11 +16,6 @@ namespace DotNetOpenAuth.OAuth2 { [ContractClass(typeof(IClientDescriptionContract))] public interface IClientDescription { /// <summary> - /// Gets the client secret. - /// </summary> - string Secret { get; } - - /// <summary> /// Gets the callback to use when an individual authorization request /// does not include an explicit callback URI. /// </summary> @@ -32,10 +28,15 @@ namespace DotNetOpenAuth.OAuth2 { ClientType ClientType { get; } /// <summary> + /// Gets a value indicating whether a non-empty secret is registered for this client. + /// </summary> + bool HasNonEmptySecret { get; } + + /// <summary> /// Determines whether a callback URI included in a client's authorization request /// is among those allowed callbacks for the registered client. /// </summary> - /// <param name="callback">The absolute URI the client has requested the authorization result be received at.</param> + /// <param name="callback">The absolute URI the client has requested the authorization result be received at. Never null.</param> /// <returns> /// <c>true</c> if the callback URL is allowable for this client; otherwise, <c>false</c>. /// </returns> @@ -56,6 +57,17 @@ namespace DotNetOpenAuth.OAuth2 { /// </para> /// </remarks> bool IsCallbackAllowed(Uri callback); + + /// <summary> + /// Checks whether the specified client secret is correct. + /// </summary> + /// <param name="secret">The secret obtained from the client.</param> + /// <returns><c>true</c> if the secret matches the one in the authorization server's record for the client; <c>false</c> otherwise.</returns> + /// <remarks> + /// All string equality checks, whether checking secrets or their hashes, + /// should be done using <see cref="MessagingUtilities.EqualsConstantTime"/> to mitigate timing attacks. + /// </remarks> + bool IsValidClientSecret(string secret); } /// <summary> @@ -66,14 +78,6 @@ namespace DotNetOpenAuth.OAuth2 { #region IClientDescription Members /// <summary> - /// Gets the client secret. - /// </summary> - /// <value></value> - string IClientDescription.Secret { - get { throw new NotImplementedException(); } - } - - /// <summary> /// Gets the type of the client. /// </summary> ClientType IClientDescription.ClientType { @@ -95,6 +99,13 @@ namespace DotNetOpenAuth.OAuth2 { } /// <summary> + /// Gets a value indicating whether a non-empty secret is registered for this client. + /// </summary> + bool IClientDescription.HasNonEmptySecret { + get { throw new NotImplementedException(); } + } + + /// <summary> /// Determines whether a callback URI included in a client's authorization request /// is among those allowed callbacks for the registered client. /// </summary> @@ -108,6 +119,20 @@ namespace DotNetOpenAuth.OAuth2 { throw new NotImplementedException(); } + /// <summary> + /// Checks whether the specified client secret is correct. + /// </summary> + /// <param name="secret">The secret obtained from the client.</param> + /// <returns><c>true</c> if the secret matches the one in the authorization server's record for the client; <c>false</c> otherwise.</returns> + /// <remarks> + /// All string equality checks, whether checking secrets or their hashes, + /// should be done using <see cref="MessagingUtilities.EqualsConstantTime"/> to mitigate timing attacks. + /// </remarks> + bool IClientDescription.IsValidClientSecret(string secret) { + Requires.NotNullOrEmpty(secret, "secret"); + throw new NotImplementedException(); + } + #endregion } } diff --git a/src/DotNetOpenAuth.OAuth2.ClientAuthorization/OAuth2/Messages/Access Token Request Messages.cd b/src/DotNetOpenAuth.OAuth2.ClientAuthorization/OAuth2/Messages/Access Token Request Messages.cd new file mode 100644 index 0000000..5ec8629 --- /dev/null +++ b/src/DotNetOpenAuth.OAuth2.ClientAuthorization/OAuth2/Messages/Access Token Request Messages.cd @@ -0,0 +1,49 @@ +<?xml version="1.0" encoding="utf-8"?> +<ClassDiagram MajorVersion="1" MinorVersion="1"> + <Class Name="DotNetOpenAuth.OAuth2.Messages.AccessTokenRequestBase" Collapsed="true"> + <Position X="3.75" Y="0.5" Width="2" /> + <TypeIdentifier> + <HashCode>AAAAAAAAQAAAAgAAAAAKAAAQAAAAAAAAAAAAAAAACAA=</HashCode> + <FileName>OAuth2\Messages\AccessTokenRequestBase.cs</FileName> + </TypeIdentifier> + <Lollipop Position="0.2" /> + </Class> + <Class Name="DotNetOpenAuth.OAuth2.Messages.ScopedAccessTokenRequest"> + <Position X="3" Y="2" Width="2" /> + <TypeIdentifier> + <HashCode>AAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAACAA=</HashCode> + <FileName>OAuth2\Messages\ScopedAccessTokenRequest.cs</FileName> + </TypeIdentifier> + </Class> + <Class Name="DotNetOpenAuth.OAuth2.Messages.AccessTokenResourceOwnerPasswordCredentialsRequest" Collapsed="true"> + <Position X="0.5" Y="4.75" Width="4" /> + <TypeIdentifier> + <HashCode>AAAAAAAAAAAAAAAAgAAAIAAQAAAAAAECAQAAAAAABIA=</HashCode> + <FileName>OAuth2\Messages\AccessTokenResourceOwnerPasswordCredentialsRequest.cs</FileName> + </TypeIdentifier> + <Lollipop Position="0.2" /> + </Class> + <Class Name="DotNetOpenAuth.OAuth2.Messages.AccessTokenRefreshRequest" Collapsed="true"> + <Position X="5" Y="5" Width="2.25" /> + <TypeIdentifier> + <HashCode>AAAAAAAAQAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAA=</HashCode> + <FileName>OAuth2\Messages\AccessTokenRefreshRequest.cs</FileName> + </TypeIdentifier> + </Class> + <Class Name="DotNetOpenAuth.OAuth2.Messages.AccessTokenClientCredentialsRequest" Collapsed="true"> + <Position X="7.5" Y="5" Width="2.75" /> + <TypeIdentifier> + <HashCode>AAAAAAAAAAAAAAAAgAAAIAAQAAAAAAEAAAAAAAAABAA=</HashCode> + <FileName>OAuth2\Messages\AccessTokenClientCredentialsRequest.cs</FileName> + </TypeIdentifier> + <Lollipop Position="0.2" /> + </Class> + <Class Name="DotNetOpenAuth.OAuth2.Messages.AccessTokenAuthorizationCodeRequest" Collapsed="true"> + <Position X="5.75" Y="2" Width="3" /> + <TypeIdentifier> + <HashCode>ACAAAAAAAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAASAA=</HashCode> + <FileName>OAuth2\Messages\AccessTokenAuthorizationCodeRequest.cs</FileName> + </TypeIdentifier> + </Class> + <Font Name="Segoe UI" Size="9" /> +</ClassDiagram>
\ No newline at end of file diff --git a/src/DotNetOpenAuth.OAuth2/OAuth2/Messages/AccessTokenAuthorizationCodeRequest.cs b/src/DotNetOpenAuth.OAuth2.ClientAuthorization/OAuth2/Messages/AccessTokenAuthorizationCodeRequest.cs index 1f244f9..b8c9ede 100644 --- a/src/DotNetOpenAuth.OAuth2/OAuth2/Messages/AccessTokenAuthorizationCodeRequest.cs +++ b/src/DotNetOpenAuth.OAuth2.ClientAuthorization/OAuth2/Messages/AccessTokenAuthorizationCodeRequest.cs @@ -18,51 +18,17 @@ namespace DotNetOpenAuth.OAuth2.Messages { /// A request from a Client to an Authorization Server to exchange an authorization code for an access token, /// and (at the authorization server's option) a refresh token. /// </summary> - internal class AccessTokenAuthorizationCodeRequest : AccessTokenRequestBase, IAuthorizationCodeCarryingRequest { + internal class AccessTokenAuthorizationCodeRequest : AccessTokenRequestBase { /// <summary> /// Initializes a new instance of the <see cref="AccessTokenAuthorizationCodeRequest"/> class. /// </summary> /// <param name="tokenEndpoint">The Authorization Server's access token endpoint URL.</param> /// <param name="version">The version.</param> - internal AccessTokenAuthorizationCodeRequest(Uri tokenEndpoint, Version version) + protected AccessTokenAuthorizationCodeRequest(Uri tokenEndpoint, Version version) : base(tokenEndpoint, version) { } /// <summary> - /// Initializes a new instance of the <see cref="AccessTokenAuthorizationCodeRequest"/> class. - /// </summary> - /// <param name="authorizationServer">The authorization server.</param> - internal AccessTokenAuthorizationCodeRequest(AuthorizationServerDescription authorizationServer) - : this(authorizationServer.TokenEndpoint, authorizationServer.Version) { - Requires.NotNull(authorizationServer, "authorizationServer"); - } - - #region IAuthorizationCodeCarryingRequest Members - - /// <summary> - /// Gets or sets the verification code or refresh/access token. - /// </summary> - /// <value>The code or token.</value> - string IAuthorizationCodeCarryingRequest.Code { - get { return this.AuthorizationCode; } - set { this.AuthorizationCode = value; } - } - - /// <summary> - /// Gets or sets the authorization that the token describes. - /// </summary> - AuthorizationCode IAuthorizationCodeCarryingRequest.AuthorizationDescription { get; set; } - - /// <summary> - /// Gets the authorization that the code describes. - /// </summary> - IAuthorizationDescription IAuthorizationCarryingRequest.AuthorizationDescription { - get { return ((IAuthorizationCodeCarryingRequest)this).AuthorizationDescription; } - } - - #endregion - - /// <summary> /// Gets the type of the grant. /// </summary> /// <value>The type of the grant.</value> diff --git a/src/DotNetOpenAuth.OAuth2/OAuth2/Messages/AccessTokenClientCredentialsRequest.cs b/src/DotNetOpenAuth.OAuth2.ClientAuthorization/OAuth2/Messages/AccessTokenClientCredentialsRequest.cs index 48419eb..0eb9e7f 100644 --- a/src/DotNetOpenAuth.OAuth2/OAuth2/Messages/AccessTokenClientCredentialsRequest.cs +++ b/src/DotNetOpenAuth.OAuth2.ClientAuthorization/OAuth2/Messages/AccessTokenClientCredentialsRequest.cs @@ -36,7 +36,7 @@ namespace DotNetOpenAuth.OAuth2.Messages { /// Gets the authorization that the code or token describes. /// </summary> IAuthorizationDescription IAuthorizationCarryingRequest.AuthorizationDescription { - get { return this.CredentialsValidated ? this : null; } + get { return this.ClientAuthenticated ? this : null; } } #endregion @@ -74,10 +74,5 @@ namespace DotNetOpenAuth.OAuth2.Messages { internal override GrantType GrantType { get { return Messages.GrantType.ClientCredentials; } } - - /// <summary> - /// Gets or sets a value indicating whether the resource owner's credentials have been validated at the authorization server. - /// </summary> - internal bool CredentialsValidated { get; set; } } } diff --git a/src/DotNetOpenAuth.OAuth2/OAuth2/Messages/AccessTokenFailedResponse.cs b/src/DotNetOpenAuth.OAuth2.ClientAuthorization/OAuth2/Messages/AccessTokenFailedResponse.cs index 8c4b1c3..4aaf928 100644 --- a/src/DotNetOpenAuth.OAuth2/OAuth2/Messages/AccessTokenFailedResponse.cs +++ b/src/DotNetOpenAuth.OAuth2.ClientAuthorization/OAuth2/Messages/AccessTokenFailedResponse.cs @@ -25,6 +25,11 @@ namespace DotNetOpenAuth.OAuth2.Messages { private readonly bool invalidClientCredentialsInAuthorizationHeader; /// <summary> + /// The headers to include in the response. + /// </summary> + private readonly WebHeaderCollection headers = new WebHeaderCollection(); + + /// <summary> /// Initializes a new instance of the <see cref="AccessTokenFailedResponse"/> class. /// </summary> /// <param name="request">The faulty request.</param> @@ -63,8 +68,8 @@ namespace DotNetOpenAuth.OAuth2.Messages { /// Gets the HTTP headers to add to the response. /// </summary> /// <value>May be an empty collection, but must not be <c>null</c>.</value> - WebHeaderCollection IHttpDirectResponse.Headers { - get { return new WebHeaderCollection(); } + public WebHeaderCollection Headers { + get { return this.headers; } } #endregion diff --git a/src/DotNetOpenAuth.OAuth2/OAuth2/Messages/AccessTokenRefreshRequest.cs b/src/DotNetOpenAuth.OAuth2.ClientAuthorization/OAuth2/Messages/AccessTokenRefreshRequest.cs index 2c3ab25..685f697 100644 --- a/src/DotNetOpenAuth.OAuth2/OAuth2/Messages/AccessTokenRefreshRequest.cs +++ b/src/DotNetOpenAuth.OAuth2.ClientAuthorization/OAuth2/Messages/AccessTokenRefreshRequest.cs @@ -14,50 +14,17 @@ namespace DotNetOpenAuth.OAuth2.Messages { /// A request from the client to the token endpoint for a new access token /// in exchange for a refresh token that the client has previously obtained. /// </summary> - internal class AccessTokenRefreshRequest : ScopedAccessTokenRequest, IRefreshTokenCarryingRequest { + internal class AccessTokenRefreshRequest : ScopedAccessTokenRequest { /// <summary> /// Initializes a new instance of the <see cref="AccessTokenRefreshRequest"/> class. /// </summary> /// <param name="tokenEndpoint">The token endpoint.</param> /// <param name="version">The version.</param> - internal AccessTokenRefreshRequest(Uri tokenEndpoint, Version version) + protected AccessTokenRefreshRequest(Uri tokenEndpoint, Version version) : base(tokenEndpoint, version) { } /// <summary> - /// Initializes a new instance of the <see cref="AccessTokenRefreshRequest"/> class. - /// </summary> - /// <param name="authorizationServer">The authorization server.</param> - internal AccessTokenRefreshRequest(AuthorizationServerDescription authorizationServer) - : this(authorizationServer.TokenEndpoint, authorizationServer.Version) { - } - - #region IRefreshTokenCarryingRequest members - - /// <summary> - /// Gets or sets the verification code or refresh/access token. - /// </summary> - /// <value>The code or token.</value> - string IRefreshTokenCarryingRequest.RefreshToken { - get { return this.RefreshToken; } - set { this.RefreshToken = value; } - } - - /// <summary> - /// Gets or sets the authorization that the token describes. - /// </summary> - RefreshToken IRefreshTokenCarryingRequest.AuthorizationDescription { get; set; } - - /// <summary> - /// Gets the authorization that the token describes. - /// </summary> - IAuthorizationDescription IAuthorizationCarryingRequest.AuthorizationDescription { - get { return ((IRefreshTokenCarryingRequest)this).AuthorizationDescription; } - } - - #endregion - - /// <summary> /// Gets or sets the refresh token. /// </summary> /// <value>The refresh token.</value> diff --git a/src/DotNetOpenAuth.OAuth2/OAuth2/Messages/AccessTokenRequestBase.cs b/src/DotNetOpenAuth.OAuth2.ClientAuthorization/OAuth2/Messages/AccessTokenRequestBase.cs index 7e41fcd..e6bbc34 100644 --- a/src/DotNetOpenAuth.OAuth2/OAuth2/Messages/AccessTokenRequestBase.cs +++ b/src/DotNetOpenAuth.OAuth2.ClientAuthorization/OAuth2/Messages/AccessTokenRequestBase.cs @@ -16,7 +16,7 @@ namespace DotNetOpenAuth.OAuth2.Messages { /// <summary> /// A message sent from the client to the authorization server to exchange a previously obtained grant for an access token. /// </summary> - public abstract class AccessTokenRequestBase : AuthenticatedClientRequestBase, IAccessTokenRequest { + public abstract class AccessTokenRequestBase : AuthenticatedClientRequestBase, IAccessTokenRequestInternal { /// <summary> /// Initializes a new instance of the <see cref="AccessTokenRequestBase"/> class. /// </summary> @@ -40,9 +40,12 @@ namespace DotNetOpenAuth.OAuth2.Messages { /// <value> /// Always true, because of our base class. /// </value> - bool IAccessTokenRequest.ClientAuthenticated { - get { return true; } - } + public bool ClientAuthenticated { get; internal set; } + + /// <summary> + /// Gets or sets the result of calling the authorization server host's access token creation method. + /// </summary> + AccessTokenResult IAccessTokenRequestInternal.AccessTokenResult { get; set; } /// <summary> /// Gets the type of the grant. diff --git a/src/DotNetOpenAuth.OAuth2/OAuth2/Messages/AccessTokenResourceOwnerPasswordCredentialsRequest.cs b/src/DotNetOpenAuth.OAuth2.ClientAuthorization/OAuth2/Messages/AccessTokenResourceOwnerPasswordCredentialsRequest.cs index 52e65be..52e65be 100644 --- a/src/DotNetOpenAuth.OAuth2/OAuth2/Messages/AccessTokenResourceOwnerPasswordCredentialsRequest.cs +++ b/src/DotNetOpenAuth.OAuth2.ClientAuthorization/OAuth2/Messages/AccessTokenResourceOwnerPasswordCredentialsRequest.cs diff --git a/src/DotNetOpenAuth.OAuth2.ClientAuthorization/OAuth2/Messages/AccessTokenResult.cs b/src/DotNetOpenAuth.OAuth2.ClientAuthorization/OAuth2/Messages/AccessTokenResult.cs new file mode 100644 index 0000000..11e486b --- /dev/null +++ b/src/DotNetOpenAuth.OAuth2.ClientAuthorization/OAuth2/Messages/AccessTokenResult.cs @@ -0,0 +1,43 @@ +//----------------------------------------------------------------------- +// <copyright file="AccessTokenResult.cs" company="Andrew Arnott"> +// Copyright (c) Andrew Arnott. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- + +namespace DotNetOpenAuth.OAuth2 { + using System; + using System.Collections.Generic; + using System.Linq; + using System.Security.Cryptography; + using System.Text; + + /// <summary> + /// Describes the parameters to be fed into creating a response to an access token request. + /// </summary> + public class AccessTokenResult { + /// <summary> + /// Initializes a new instance of the <see cref="AccessTokenResult"/> class. + /// </summary> + /// <param name="accessToken">The access token to include in this result.</param> + public AccessTokenResult(AccessToken accessToken) { + Requires.NotNull(accessToken, "accessToken"); + this.AllowRefreshToken = true; + this.AccessToken = accessToken; + } + + /// <summary> + /// Gets or sets a value indicating whether to provide the client with a refresh token, when applicable. + /// </summary> + /// <value>The default value is <c>true</c>.</value> + /// <remarks>> + /// The refresh token will never be provided when this value is false. + /// The refresh token <em>may</em> be provided when this value is true. + /// </remarks> + public bool AllowRefreshToken { get; set; } + + /// <summary> + /// Gets the access token. + /// </summary> + public AccessToken AccessToken { get; private set; } + } +} diff --git a/src/DotNetOpenAuth.OAuth2/OAuth2/Messages/AccessTokenSuccessResponse.cs b/src/DotNetOpenAuth.OAuth2.ClientAuthorization/OAuth2/Messages/AccessTokenSuccessResponse.cs index 6d278c4..1de39a6 100644 --- a/src/DotNetOpenAuth.OAuth2/OAuth2/Messages/AccessTokenSuccessResponse.cs +++ b/src/DotNetOpenAuth.OAuth2.ClientAuthorization/OAuth2/Messages/AccessTokenSuccessResponse.cs @@ -18,7 +18,7 @@ namespace DotNetOpenAuth.OAuth2.Messages { /// <remarks> /// This message type is shared by the Web App, Rich App, and Username/Password profiles. /// </remarks> - internal class AccessTokenSuccessResponse : MessageBase, IHttpDirectResponse { + internal class AccessTokenSuccessResponse : MessageBase, IHttpDirectResponse, IAccessTokenIssuingResponse { /// <summary> /// Initializes a new instance of the <see cref="AccessTokenSuccessResponse"/> class. /// </summary> @@ -92,6 +92,50 @@ namespace DotNetOpenAuth.OAuth2.Messages { [MessagePart(Protocol.scope, IsRequired = false, Encoder = typeof(ScopeEncoder))] public HashSet<string> Scope { get; private set; } + #region IAccessTokenIssuingResponse Members + + /// <summary> + /// Gets or sets the lifetime of the access token. + /// </summary> + /// <value> + /// The lifetime. + /// </value> + TimeSpan? IAccessTokenIssuingResponse.Lifetime { + get { return this.Lifetime; } + set { this.Lifetime = value; } + } + + #endregion + + #region IAuthorizationCarryingRequest + + /// <summary> + /// Gets the authorization that the token describes. + /// </summary> + IAuthorizationDescription IAuthorizationCarryingRequest.AuthorizationDescription { + get { return ((IAccessTokenCarryingRequest)this).AuthorizationDescription; } + } + + #endregion + + #region IAccessTokenCarryingRequest Members + + /// <summary> + /// Gets or sets the authorization that the token describes. + /// </summary> + /// <value></value> + AccessToken IAccessTokenCarryingRequest.AuthorizationDescription { get; set; } + + /// <summary> + /// Gets or sets the access token. + /// </summary> + string IAccessTokenCarryingRequest.AccessToken { + get { return this.AccessToken; } + set { this.AccessToken = value; } + } + + #endregion + /// <summary> /// Gets or sets a value indicating whether a refresh token is or should be included in the response. /// </summary> @@ -107,7 +151,7 @@ namespace DotNetOpenAuth.OAuth2.Messages { // Per OAuth 2.0 section 4.4.3 (draft 23), refresh tokens should never be included // in a response to an access token request that used the client credential grant type. - ErrorUtilities.VerifyProtocol(!this.HasRefreshToken || !(this.OriginatingRequest is AccessTokenClientCredentialsRequest), OAuthStrings.RefreshTokenInappropriateForRequestType, this.OriginatingRequest.GetType().Name); + ErrorUtilities.VerifyProtocol(!this.HasRefreshToken || !(this.OriginatingRequest is AccessTokenClientCredentialsRequest), ClientAuthorizationStrings.RefreshTokenInappropriateForRequestType, this.OriginatingRequest.GetType().Name); } } } diff --git a/src/DotNetOpenAuth.OAuth2/OAuth2/Messages/AuthenticatedClientRequestBase.cs b/src/DotNetOpenAuth.OAuth2.ClientAuthorization/OAuth2/Messages/AuthenticatedClientRequestBase.cs index bc4d0ca..4631d83 100644 --- a/src/DotNetOpenAuth.OAuth2/OAuth2/Messages/AuthenticatedClientRequestBase.cs +++ b/src/DotNetOpenAuth.OAuth2.ClientAuthorization/OAuth2/Messages/AuthenticatedClientRequestBase.cs @@ -6,13 +6,18 @@ namespace DotNetOpenAuth.OAuth2.Messages { using System; - + using System.Net; using DotNetOpenAuth.Messaging; /// <summary> /// A direct message from the client to the authorization server that includes the client's credentials. /// </summary> - public abstract class AuthenticatedClientRequestBase : MessageBase { + public abstract class AuthenticatedClientRequestBase : MessageBase, IHttpDirectRequest { + /// <summary> + /// The backing for the <see cref="Headers"/> property. + /// </summary> + private readonly WebHeaderCollection headers = new WebHeaderCollection(); + /// <summary> /// Initializes a new instance of the <see cref="AuthenticatedClientRequestBase"/> class. /// </summary> @@ -26,7 +31,10 @@ namespace DotNetOpenAuth.OAuth2.Messages { /// Gets the client identifier previously obtained from the Authorization Server. /// </summary> /// <value>The client identifier.</value> - [MessagePart(Protocol.client_id, IsRequired = true)] + /// <remarks> + /// Not required, because the client id may be communicate through alternate means like HTTP Basic authentication (the OAuth 2 spec allows a lot of freedom here). + /// </remarks> + [MessagePart(Protocol.client_id, IsRequired = false)] public string ClientIdentifier { get; internal set; } /// <summary> @@ -38,5 +46,13 @@ namespace DotNetOpenAuth.OAuth2.Messages { /// </remarks> [MessagePart(Protocol.client_secret, IsRequired = false)] public string ClientSecret { get; internal set; } + + /// <summary> + /// Gets the HTTP headers of the request. + /// </summary> + /// <value>May be an empty collection, but must not be <c>null</c>.</value> + public WebHeaderCollection Headers { + get { return this.headers; } + } } }
\ No newline at end of file diff --git a/src/DotNetOpenAuth.OAuth2/OAuth2/Messages/EndUserAuthorizationFailedResponse.cs b/src/DotNetOpenAuth.OAuth2.ClientAuthorization/OAuth2/Messages/EndUserAuthorizationFailedResponse.cs index 7cc8e82..7cc8e82 100644 --- a/src/DotNetOpenAuth.OAuth2/OAuth2/Messages/EndUserAuthorizationFailedResponse.cs +++ b/src/DotNetOpenAuth.OAuth2.ClientAuthorization/OAuth2/Messages/EndUserAuthorizationFailedResponse.cs diff --git a/src/DotNetOpenAuth.OAuth2/OAuth2/Messages/EndUserAuthorizationImplicitRequest.cs b/src/DotNetOpenAuth.OAuth2.ClientAuthorization/OAuth2/Messages/EndUserAuthorizationImplicitRequest.cs index f5a5d67..4b662cd 100644 --- a/src/DotNetOpenAuth.OAuth2/OAuth2/Messages/EndUserAuthorizationImplicitRequest.cs +++ b/src/DotNetOpenAuth.OAuth2.ClientAuthorization/OAuth2/Messages/EndUserAuthorizationImplicitRequest.cs @@ -18,7 +18,7 @@ namespace DotNetOpenAuth.OAuth2.Messages { /// to issue an access token to the client if permission is granted. /// </summary> [Serializable] - public class EndUserAuthorizationImplicitRequest : EndUserAuthorizationRequest, IAccessTokenRequest { + public class EndUserAuthorizationImplicitRequest : EndUserAuthorizationRequest, IAccessTokenRequestInternal { /// <summary> /// Gets or sets the grant type that the client expects of the authorization server. /// </summary> @@ -31,19 +31,11 @@ namespace DotNetOpenAuth.OAuth2.Messages { /// </summary> /// <param name="authorizationEndpoint">The Authorization Server's user authorization URL to direct the user to.</param> /// <param name="version">The protocol version.</param> - internal EndUserAuthorizationImplicitRequest(Uri authorizationEndpoint, Version version) + protected EndUserAuthorizationImplicitRequest(Uri authorizationEndpoint, Version version) : base(authorizationEndpoint, version) { } /// <summary> - /// Initializes a new instance of the <see cref="EndUserAuthorizationImplicitRequest"/> class. - /// </summary> - /// <param name="authorizationServer">The authorization server.</param> - internal EndUserAuthorizationImplicitRequest(AuthorizationServerDescription authorizationServer) - : this(authorizationServer.AuthorizationEndpoint, authorizationServer.Version) { - } - - /// <summary> /// Gets the grant type that the client expects of the authorization server. /// </summary> public override EndUserAuthorizationResponseType ResponseType { @@ -51,6 +43,11 @@ namespace DotNetOpenAuth.OAuth2.Messages { } /// <summary> + /// Gets or sets the result of calling the authorization server host's access token creation method. + /// </summary> + AccessTokenResult IAccessTokenRequestInternal.AccessTokenResult { get; set; } + + /// <summary> /// Gets a value indicating whether the client requesting the access token has authenticated itself. /// </summary> /// <value> diff --git a/src/DotNetOpenAuth.OAuth2/OAuth2/Messages/EndUserAuthorizationRequest.cs b/src/DotNetOpenAuth.OAuth2.ClientAuthorization/OAuth2/Messages/EndUserAuthorizationRequest.cs index 45fa049..f229cf9 100644 --- a/src/DotNetOpenAuth.OAuth2/OAuth2/Messages/EndUserAuthorizationRequest.cs +++ b/src/DotNetOpenAuth.OAuth2.ClientAuthorization/OAuth2/Messages/EndUserAuthorizationRequest.cs @@ -32,7 +32,7 @@ namespace DotNetOpenAuth.OAuth2.Messages { /// </summary> /// <param name="authorizationEndpoint">The Authorization Server's user authorization URL to direct the user to.</param> /// <param name="version">The protocol version.</param> - internal EndUserAuthorizationRequest(Uri authorizationEndpoint, Version version) + protected EndUserAuthorizationRequest(Uri authorizationEndpoint, Version version) : base(version, MessageTransport.Indirect, authorizationEndpoint) { Requires.NotNull(authorizationEndpoint, "authorizationEndpoint"); Requires.NotNull(version, "version"); @@ -41,17 +41,6 @@ namespace DotNetOpenAuth.OAuth2.Messages { } /// <summary> - /// Initializes a new instance of the <see cref="EndUserAuthorizationRequest"/> class. - /// </summary> - /// <param name="authorizationServer">The authorization server.</param> - internal EndUserAuthorizationRequest(AuthorizationServerDescription authorizationServer) - : this(authorizationServer.AuthorizationEndpoint, authorizationServer.Version) { - Requires.NotNull(authorizationServer, "authorizationServer"); - Requires.True(authorizationServer.Version != null, "authorizationServer"); - Requires.True(authorizationServer.AuthorizationEndpoint != null, "authorizationServer"); - } - - /// <summary> /// Gets the grant type that the client expects of the authorization server. /// </summary> public virtual EndUserAuthorizationResponseType ResponseType { diff --git a/src/DotNetOpenAuth.OAuth2/OAuth2/Messages/EndUserAuthorizationResponseType.cs b/src/DotNetOpenAuth.OAuth2.ClientAuthorization/OAuth2/Messages/EndUserAuthorizationResponseType.cs index 75ece0f..75ece0f 100644 --- a/src/DotNetOpenAuth.OAuth2/OAuth2/Messages/EndUserAuthorizationResponseType.cs +++ b/src/DotNetOpenAuth.OAuth2.ClientAuthorization/OAuth2/Messages/EndUserAuthorizationResponseType.cs diff --git a/src/DotNetOpenAuth.OAuth2/OAuth2/Messages/EndUserAuthorizationSuccessAccessTokenResponse.cs b/src/DotNetOpenAuth.OAuth2.ClientAuthorization/OAuth2/Messages/EndUserAuthorizationSuccessAccessTokenResponse.cs index 5c03e7a..7a79e46 100644 --- a/src/DotNetOpenAuth.OAuth2/OAuth2/Messages/EndUserAuthorizationSuccessAccessTokenResponse.cs +++ b/src/DotNetOpenAuth.OAuth2.ClientAuthorization/OAuth2/Messages/EndUserAuthorizationSuccessAccessTokenResponse.cs @@ -19,7 +19,7 @@ namespace DotNetOpenAuth.OAuth2.Messages { /// to indicate that user authorization was granted, carrying only an access token, /// and to return the user to the Client where they started their experience. /// </summary> - internal class EndUserAuthorizationSuccessAccessTokenResponse : EndUserAuthorizationSuccessResponseBase, IAccessTokenCarryingRequest, IHttpIndirectResponse { + internal class EndUserAuthorizationSuccessAccessTokenResponse : EndUserAuthorizationSuccessResponseBase, IAccessTokenIssuingResponse, IHttpIndirectResponse { /// <summary> /// Initializes a new instance of the <see cref="EndUserAuthorizationSuccessAccessTokenResponse"/> class. /// </summary> @@ -75,6 +75,17 @@ namespace DotNetOpenAuth.OAuth2.Messages { #endregion /// <summary> + /// Gets or sets the lifetime of the access token. + /// </summary> + /// <value> + /// The lifetime. + /// </value> + TimeSpan? IAccessTokenIssuingResponse.Lifetime { + get { return this.Lifetime; } + set { this.Lifetime = value; } + } + + /// <summary> /// Gets or sets the token type. /// </summary> /// <value>Usually "bearer".</value> diff --git a/src/DotNetOpenAuth.OAuth2/OAuth2/Messages/EndUserAuthorizationSuccessAuthCodeResponse.cs b/src/DotNetOpenAuth.OAuth2.ClientAuthorization/OAuth2/Messages/EndUserAuthorizationSuccessAuthCodeResponse.cs index dcacc14..9d6b015 100644 --- a/src/DotNetOpenAuth.OAuth2/OAuth2/Messages/EndUserAuthorizationSuccessAuthCodeResponse.cs +++ b/src/DotNetOpenAuth.OAuth2.ClientAuthorization/OAuth2/Messages/EndUserAuthorizationSuccessAuthCodeResponse.cs @@ -16,7 +16,7 @@ namespace DotNetOpenAuth.OAuth2.Messages { /// to indicate that user authorization was granted, carrying an authorization code and possibly an access token, /// and to return the user to the Client where they started their experience. /// </summary> - internal class EndUserAuthorizationSuccessAuthCodeResponse : EndUserAuthorizationSuccessResponseBase, IAuthorizationCodeCarryingRequest { + internal class EndUserAuthorizationSuccessAuthCodeResponse : EndUserAuthorizationSuccessResponseBase { /// <summary> /// Initializes a new instance of the <see cref="EndUserAuthorizationSuccessAuthCodeResponse"/> class. /// </summary> @@ -40,30 +40,6 @@ namespace DotNetOpenAuth.OAuth2.Messages { ((IMessageWithClientState)this).ClientState = request.ClientState; } - #region IAuthorizationCodeCarryingRequest Members - - /// <summary> - /// Gets or sets the authorization code. - /// </summary> - string IAuthorizationCodeCarryingRequest.Code { - get { return this.AuthorizationCode; } - set { this.AuthorizationCode = value; } - } - - /// <summary> - /// Gets or sets the authorization that the token describes. - /// </summary> - AuthorizationCode IAuthorizationCodeCarryingRequest.AuthorizationDescription { get; set; } - - /// <summary> - /// Gets the authorization that the code describes. - /// </summary> - IAuthorizationDescription IAuthorizationCarryingRequest.AuthorizationDescription { - get { return ((IAuthorizationCodeCarryingRequest)this).AuthorizationDescription; } - } - - #endregion - /// <summary> /// Gets or sets the authorization code. /// </summary> diff --git a/src/DotNetOpenAuth.OAuth2/OAuth2/Messages/EndUserAuthorizationSuccessResponseBase.cs b/src/DotNetOpenAuth.OAuth2.ClientAuthorization/OAuth2/Messages/EndUserAuthorizationSuccessResponseBase.cs index ef0010e..ef0010e 100644 --- a/src/DotNetOpenAuth.OAuth2/OAuth2/Messages/EndUserAuthorizationSuccessResponseBase.cs +++ b/src/DotNetOpenAuth.OAuth2.ClientAuthorization/OAuth2/Messages/EndUserAuthorizationSuccessResponseBase.cs diff --git a/src/DotNetOpenAuth.OAuth2/OAuth2/Messages/GrantType.cs b/src/DotNetOpenAuth.OAuth2.ClientAuthorization/OAuth2/Messages/GrantType.cs index a26d405..a26d405 100644 --- a/src/DotNetOpenAuth.OAuth2/OAuth2/Messages/GrantType.cs +++ b/src/DotNetOpenAuth.OAuth2.ClientAuthorization/OAuth2/Messages/GrantType.cs diff --git a/src/DotNetOpenAuth.OAuth2.ClientAuthorization/OAuth2/Messages/IAccessTokenIssuingResponse.cs b/src/DotNetOpenAuth.OAuth2.ClientAuthorization/OAuth2/Messages/IAccessTokenIssuingResponse.cs new file mode 100644 index 0000000..1a54aca --- /dev/null +++ b/src/DotNetOpenAuth.OAuth2.ClientAuthorization/OAuth2/Messages/IAccessTokenIssuingResponse.cs @@ -0,0 +1,24 @@ +//----------------------------------------------------------------------- +// <copyright file="IAccessTokenIssuingResponse.cs" company="Andrew Arnott"> +// Copyright (c) Andrew Arnott. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- + +namespace DotNetOpenAuth.OAuth2.Messages { + using System; + using System.Collections.Generic; + using System.Linq; + using System.Text; + using DotNetOpenAuth.OAuth2.ChannelElements; + + /// <summary> + /// A message sent from the Authorization Server to the client carrying an access token. + /// </summary> + internal interface IAccessTokenIssuingResponse : IAccessTokenCarryingRequest { + /// <summary> + /// Gets or sets the lifetime of the access token. + /// </summary> + /// <value>The lifetime.</value> + TimeSpan? Lifetime { get; set; } + } +} diff --git a/src/DotNetOpenAuth.OAuth2/OAuth2/Messages/IAccessTokenRequest.cs b/src/DotNetOpenAuth.OAuth2.ClientAuthorization/OAuth2/Messages/IAccessTokenRequest.cs index 65378f9..65378f9 100644 --- a/src/DotNetOpenAuth.OAuth2/OAuth2/Messages/IAccessTokenRequest.cs +++ b/src/DotNetOpenAuth.OAuth2.ClientAuthorization/OAuth2/Messages/IAccessTokenRequest.cs diff --git a/src/DotNetOpenAuth.OAuth2.ClientAuthorization/OAuth2/Messages/IAccessTokenRequestInternal.cs b/src/DotNetOpenAuth.OAuth2.ClientAuthorization/OAuth2/Messages/IAccessTokenRequestInternal.cs new file mode 100644 index 0000000..44af074 --- /dev/null +++ b/src/DotNetOpenAuth.OAuth2.ClientAuthorization/OAuth2/Messages/IAccessTokenRequestInternal.cs @@ -0,0 +1,22 @@ +//----------------------------------------------------------------------- +// <copyright file="IAccessTokenRequestInternal.cs" company="Andrew Arnott"> +// Copyright (c) Andrew Arnott. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- + +namespace DotNetOpenAuth.OAuth2.Messages { + using System; + using System.Collections.Generic; + using System.Linq; + using System.Text; + + /// <summary> + /// Implemented by all message types whose response may contain an access token. + /// </summary> + public interface IAccessTokenRequestInternal : IAccessTokenRequest { + /// <summary> + /// Gets or sets the result of calling the authorization server host's access token creation method. + /// </summary> + AccessTokenResult AccessTokenResult { get; set; } + } +} diff --git a/src/DotNetOpenAuth.OAuth2/OAuth2/Messages/IMessageWithClientState.cs b/src/DotNetOpenAuth.OAuth2.ClientAuthorization/OAuth2/Messages/IMessageWithClientState.cs index 71476f2..71476f2 100644 --- a/src/DotNetOpenAuth.OAuth2/OAuth2/Messages/IMessageWithClientState.cs +++ b/src/DotNetOpenAuth.OAuth2.ClientAuthorization/OAuth2/Messages/IMessageWithClientState.cs diff --git a/src/DotNetOpenAuth.OAuth2/OAuth2/Messages/ScopedAccessTokenRequest.cs b/src/DotNetOpenAuth.OAuth2.ClientAuthorization/OAuth2/Messages/ScopedAccessTokenRequest.cs index 0ea6efb..0ea6efb 100644 --- a/src/DotNetOpenAuth.OAuth2/OAuth2/Messages/ScopedAccessTokenRequest.cs +++ b/src/DotNetOpenAuth.OAuth2.ClientAuthorization/OAuth2/Messages/ScopedAccessTokenRequest.cs diff --git a/src/DotNetOpenAuth.OAuth2.ClientAuthorization/OAuth2/TokenEndpointProtocolException.cs b/src/DotNetOpenAuth.OAuth2.ClientAuthorization/OAuth2/TokenEndpointProtocolException.cs new file mode 100644 index 0000000..e86c27e --- /dev/null +++ b/src/DotNetOpenAuth.OAuth2.ClientAuthorization/OAuth2/TokenEndpointProtocolException.cs @@ -0,0 +1,93 @@ +//----------------------------------------------------------------------- +// <copyright file="TokenEndpointProtocolException.cs" company="Andrew Arnott"> +// Copyright (c) Andrew Arnott. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- + +namespace DotNetOpenAuth.OAuth2 { + using System; + using System.Collections.Generic; + using System.Globalization; + using System.Linq; + using System.Text; + + using DotNetOpenAuth.Messaging; + using DotNetOpenAuth.OAuth2.Messages; + + /// <summary> + /// Describes an error generated by an Authorization Server's token endpoint. + /// </summary> + public class TokenEndpointProtocolException : ProtocolException { + /// <summary> + /// The message being processed that caused this exception to be thrown. + /// </summary> + private readonly AccessTokenRequestBase requestMessage; + + /// <summary> + /// The WWW-Authenticate header to add to the response message. + /// </summary> + private readonly string authenticateHeader; + + /// <summary> + /// Initializes a new instance of the <see cref="TokenEndpointProtocolException"/> class. + /// </summary> + /// <param name="requestMessage">The message whose processing resulted in this error.</param> + /// <param name="error">A single error code from <see cref="Protocol.AccessTokenRequestErrorCodes"/>.</param> + /// <param name="description">A human-readable UTF-8 encoded text providing additional information, used to assist the client developer in understanding the error that occurred.</param> + /// <param name="moreInformation">A URI identifying a human-readable web page with information about the error, used to provide the client developer with additional information about the error.</param> + /// <param name="authenticateHeader">The WWW-Authenticate header to add to the response.</param> + public TokenEndpointProtocolException(AccessTokenRequestBase requestMessage, string error, string description = null, Uri moreInformation = null, string authenticateHeader = null) + : base(string.Format(CultureInfo.CurrentCulture, ClientAuthorizationStrings.TokenEndpointErrorFormat, error, description)) { + Requires.NotNull(requestMessage, "requestMessage"); + Requires.NotNullOrEmpty(error, "error"); + + this.requestMessage = requestMessage; + this.Error = error; + this.Description = description; + this.MoreInformation = moreInformation; + this.authenticateHeader = authenticateHeader; + } + + /// <summary> + /// Initializes a new instance of the <see cref="TokenEndpointProtocolException"/> class. + /// </summary> + /// <param name="innerException">The inner exception.</param> + public TokenEndpointProtocolException(Exception innerException) + : base(Protocol.AccessTokenRequestErrorCodes.InvalidRequest, innerException) { + this.Error = Protocol.AccessTokenRequestErrorCodes.InvalidRequest; + } + + /// <summary> + /// Gets a single error code from <see cref="Protocol.AccessTokenRequestErrorCodes"/>. + /// </summary> + public string Error { get; private set; } + + /// <summary> + /// Gets a human-readable UTF-8 encoded text providing additional information, used to assist the client developer in understanding the error that occurred. + /// </summary> + public string Description { get; private set; } + + /// <summary> + /// Gets a URI identifying a human-readable web page with information about the error, used to provide the client developer with additional information about the error. + /// </summary> + public Uri MoreInformation { get; private set; } + + /// <summary> + /// Gets the response message to send to the client. + /// </summary> + /// <returns>A message.</returns> + public IDirectResponseProtocolMessage GetResponse() { + var response = this.requestMessage != null + ? new AccessTokenFailedResponse(this.requestMessage, this.authenticateHeader != null) + : new AccessTokenFailedResponse(); + response.Error = this.Error; + response.ErrorDescription = this.Description; + response.ErrorUri = this.MoreInformation; + if (this.authenticateHeader != null) { + response.Headers.Add(HttpRequestHeaders.WwwAuthenticate, this.authenticateHeader); + } + + return response; + } + } +} diff --git a/src/DotNetOpenAuth.OAuth2.ClientAuthorization/Properties/AssemblyInfo.cs b/src/DotNetOpenAuth.OAuth2.ClientAuthorization/Properties/AssemblyInfo.cs new file mode 100644 index 0000000..d536886 --- /dev/null +++ b/src/DotNetOpenAuth.OAuth2.ClientAuthorization/Properties/AssemblyInfo.cs @@ -0,0 +1,58 @@ +//----------------------------------------------------------------------- +// <copyright file="AssemblyInfo.cs" company="Outercurve Foundation"> +// Copyright (c) Outercurve Foundation. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- + +// We DON'T put an AssemblyVersionAttribute in here because it is generated in the build. + +using System; +using System.Diagnostics.Contracts; +using System.Net; +using System.Reflection; +using System.Resources; +using System.Runtime.CompilerServices; +using System.Runtime.InteropServices; +using System.Security; +using System.Security.Permissions; +using System.Web.UI; + +// General Information about an assembly is controlled through the following +// set of attributes. Change these attribute values to modify the information +// associated with an assembly. +[assembly: AssemblyTitle("DotNetOpenAuth OAuth 2.0")] +[assembly: AssemblyDescription("")] +[assembly: AssemblyConfiguration("")] +[assembly: AssemblyCompany("")] +[assembly: AssemblyProduct("DotNetOpenAuth")] +[assembly: AssemblyCopyright("Copyright © 2011 Outercurve Foundation")] +[assembly: AssemblyTrademark("")] +[assembly: AssemblyCulture("")] +[assembly: NeutralResourcesLanguage("en-US")] +[assembly: CLSCompliant(true)] + +// Setting ComVisible to false makes the types in this assembly not visible +// to COM components. If you need to access a type in this assembly from +// COM, set the ComVisible attribute to true on that type. +[assembly: ComVisible(false)] + +// The following GUID is for the ID of the typelib if this project is exposed to COM +[assembly: Guid("7d73990c-47c0-4256-9f20-a893add9e289")] + +[assembly: ContractVerification(true)] + +#if StrongNameSigned +// See comment at top of this file. We need this so that strong-naming doesn't +// keep this assembly from being useful to shared host (medium trust) web sites. +[assembly: AllowPartiallyTrustedCallers] + +[assembly: InternalsVisibleTo("DotNetOpenAuth.OAuth2.Client, PublicKey=0024000004800000940000000602000000240000525341310004000001000100AD093C3765257C89A7010E853F2C7C741FF92FA8ACE06D7B8254702CAD5CF99104447F63AB05F8BB6F51CE0D81C8C93D2FCE8C20AAFF7042E721CBA16EAAE98778611DED11C0ABC8900DC5667F99B50A9DADEC24DBD8F2C91E3E8AD300EF64F1B4B9536CEB16FB440AF939F57624A9B486F867807C649AE4830EAB88C6C03998")] +[assembly: InternalsVisibleTo("DotNetOpenAuth.OAuth2.AuthorizationServer, PublicKey=0024000004800000940000000602000000240000525341310004000001000100AD093C3765257C89A7010E853F2C7C741FF92FA8ACE06D7B8254702CAD5CF99104447F63AB05F8BB6F51CE0D81C8C93D2FCE8C20AAFF7042E721CBA16EAAE98778611DED11C0ABC8900DC5667F99B50A9DADEC24DBD8F2C91E3E8AD300EF64F1B4B9536CEB16FB440AF939F57624A9B486F867807C649AE4830EAB88C6C03998")] +[assembly: InternalsVisibleTo("DotNetOpenAuth.Test, PublicKey=0024000004800000940000000602000000240000525341310004000001000100AD093C3765257C89A7010E853F2C7C741FF92FA8ACE06D7B8254702CAD5CF99104447F63AB05F8BB6F51CE0D81C8C93D2FCE8C20AAFF7042E721CBA16EAAE98778611DED11C0ABC8900DC5667F99B50A9DADEC24DBD8F2C91E3E8AD300EF64F1B4B9536CEB16FB440AF939F57624A9B486F867807C649AE4830EAB88C6C03998")] +[assembly: InternalsVisibleTo("DynamicProxyGenAssembly2, PublicKey=0024000004800000940000000602000000240000525341310004000001000100c547cac37abd99c8db225ef2f6c8a3602f3b3606cc9891605d02baa56104f4cfc0734aa39b93bf7852f7d9266654753cc297e7d2edfe0bac1cdcf9f717241550e0a7b191195b7667bb4f64bcb8e2121380fd1d9d46ad2d92d2d15605093924cceaf74c4861eff62abf69b9291ed0a340e113be11e6a7d3113e92484cf7045cc7")] +#else +[assembly: InternalsVisibleTo("DotNetOpenAuth.OAuth2.Client")] +[assembly: InternalsVisibleTo("DotNetOpenAuth.OAuth2.AuthorizationServer")] +[assembly: InternalsVisibleTo("DotNetOpenAuth.Test")] +[assembly: InternalsVisibleTo("DynamicProxyGenAssembly2")] +#endif diff --git a/src/DotNetOpenAuth.OAuth2.ResourceServer/Configuration/OAuth2ResourceServerSection.cs b/src/DotNetOpenAuth.OAuth2.ResourceServer/Configuration/OAuth2ResourceServerSection.cs new file mode 100644 index 0000000..3e37018 --- /dev/null +++ b/src/DotNetOpenAuth.OAuth2.ResourceServer/Configuration/OAuth2ResourceServerSection.cs @@ -0,0 +1,36 @@ +//----------------------------------------------------------------------- +// <copyright file="OAuth2ResourceServerSection.cs" company="Outercurve Foundation"> +// Copyright (c) Outercurve Foundation. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- + +namespace DotNetOpenAuth.Configuration { + using System.Configuration; + using System.Diagnostics.Contracts; + + /// <summary> + /// Represents the <oauth2/resourceServer> section in the host's .config file. + /// </summary> + internal class OAuth2ResourceServerSection : ConfigurationElement { + /// <summary> + /// The name of the oauth2/client section. + /// </summary> + private const string SectionName = OAuth2SectionGroup.SectionName + "/resourceServer"; + + /// <summary> + /// Initializes a new instance of the <see cref="OAuth2ResourceServerSection"/> class. + /// </summary> + internal OAuth2ResourceServerSection() { + } + + /// <summary> + /// Gets the configuration section from the .config file. + /// </summary> + internal static OAuth2ResourceServerSection Configuration { + get { + Contract.Ensures(Contract.Result<OAuth2ResourceServerSection>() != null); + return (OAuth2ResourceServerSection)ConfigurationManager.GetSection(SectionName) ?? new OAuth2ResourceServerSection(); + } + } + } +} diff --git a/src/DotNetOpenAuth.OAuth2.ResourceServer/DotNetOpenAuth.OAuth2.ResourceServer.csproj b/src/DotNetOpenAuth.OAuth2.ResourceServer/DotNetOpenAuth.OAuth2.ResourceServer.csproj index 63806b8..eb54fee 100644 --- a/src/DotNetOpenAuth.OAuth2.ResourceServer/DotNetOpenAuth.OAuth2.ResourceServer.csproj +++ b/src/DotNetOpenAuth.OAuth2.ResourceServer/DotNetOpenAuth.OAuth2.ResourceServer.csproj @@ -18,12 +18,16 @@ <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Release|AnyCPU' "> </PropertyGroup> <ItemGroup> + <Compile Include="Configuration\OAuth2ResourceServerSection.cs" /> + <Compile Include="OAuth2\ChannelElements\OAuth2ResourceServerChannel.cs" /> + <Compile Include="OAuth2\IAccessTokenAnalyzer.cs" /> <Compile Include="OAuth2\ResourceServerStrings.Designer.cs"> <AutoGen>True</AutoGen> <DesignTime>True</DesignTime> <DependentUpon>ResourceServerStrings.resx</DependentUpon> </Compile> <Compile Include="OAuth2\ResourceServer.cs" /> + <Compile Include="OAuth2\StandardAccessTokenAnalyzer.cs" /> <Compile Include="Properties\AssemblyInfo.cs" /> </ItemGroup> <ItemGroup> diff --git a/src/DotNetOpenAuth.OAuth2/OAuth2/ChannelElements/OAuth2ResourceServerChannel.cs b/src/DotNetOpenAuth.OAuth2.ResourceServer/OAuth2/ChannelElements/OAuth2ResourceServerChannel.cs index 947c044..e9d596a 100644 --- a/src/DotNetOpenAuth.OAuth2/OAuth2/ChannelElements/OAuth2ResourceServerChannel.cs +++ b/src/DotNetOpenAuth.OAuth2.ResourceServer/OAuth2/ChannelElements/OAuth2ResourceServerChannel.cs @@ -52,8 +52,8 @@ namespace DotNetOpenAuth.OAuth2.ChannelElements { var fields = new Dictionary<string, string>(); string accessToken; if ((accessToken = SearchForBearerAccessTokenInRequest(request)) != null) { - fields["token_type"] = Protocol.AccessTokenTypes.Bearer; - fields["access_token"] = accessToken; + fields[Protocol.token_type] = Protocol.AccessTokenTypes.Bearer; + fields[Protocol.access_token] = accessToken; } if (fields.Count > 0) { @@ -101,7 +101,7 @@ namespace DotNetOpenAuth.OAuth2.ChannelElements { protected override OutgoingWebResponse PrepareDirectResponse(IProtocolMessage response) { var webResponse = new OutgoingWebResponse(); - // The only direct response from a resource server is a 401 Unauthorized error. + // The only direct response from a resource server is some authorization error (400, 401, 403). var unauthorizedResponse = response as UnauthorizedResponse; ErrorUtilities.VerifyInternal(unauthorizedResponse != null, "Only unauthorized responses are expected."); @@ -113,7 +113,7 @@ namespace DotNetOpenAuth.OAuth2.ChannelElements { // Now serialize all the message parts into the WWW-Authenticate header. var fields = this.MessageDescriptions.GetAccessor(response); - webResponse.Headers[HttpResponseHeader.WwwAuthenticate] = MessagingUtilities.AssembleAuthorizationHeader(Protocol.BearerHttpAuthorizationScheme, fields); + webResponse.Headers[HttpResponseHeader.WwwAuthenticate] = MessagingUtilities.AssembleAuthorizationHeader(unauthorizedResponse.Scheme, fields); return webResponse; } diff --git a/src/DotNetOpenAuth.OAuth2/OAuth2/IAccessTokenAnalyzer.cs b/src/DotNetOpenAuth.OAuth2.ResourceServer/OAuth2/IAccessTokenAnalyzer.cs index 5aa1bb6..5c5a526 100644 --- a/src/DotNetOpenAuth.OAuth2/OAuth2/IAccessTokenAnalyzer.cs +++ b/src/DotNetOpenAuth.OAuth2.ResourceServer/OAuth2/IAccessTokenAnalyzer.cs @@ -23,13 +23,10 @@ namespace DotNetOpenAuth.OAuth2 { /// Reads an access token to find out what data it authorizes access to. /// </summary> /// <param name="message">The message carrying the access token.</param> - /// <param name="accessToken">The access token.</param> - /// <param name="user">The user whose data is accessible with this access token.</param> - /// <param name="scope">The scope of access authorized by this access token.</param> - /// <returns>A value indicating whether this access token is valid.</returns> - [SuppressMessage("Microsoft.Design", "CA1021:AvoidOutParameters", MessageId = "1#", Justification = "Try pattern")] - [SuppressMessage("Microsoft.Design", "CA1021:AvoidOutParameters", MessageId = "2#", Justification = "Try pattern")] - bool TryValidateAccessToken(IDirectedProtocolMessage message, string accessToken, out string user, out HashSet<string> scope); + /// <param name="accessToken">The access token's serialized representation.</param> + /// <returns>The deserialized, validated token.</returns> + /// <exception cref="ProtocolException">Thrown if the access token is expired, invalid, or from an untrusted authorization server.</exception> + AccessToken DeserializeAccessToken(IDirectedProtocolMessage message, string accessToken); } /// <summary> @@ -47,17 +44,13 @@ namespace DotNetOpenAuth.OAuth2 { /// Reads an access token to find out what data it authorizes access to. /// </summary> /// <param name="message">The message carrying the access token.</param> - /// <param name="accessToken">The access token.</param> - /// <param name="user">The user whose data is accessible with this access token.</param> - /// <param name="scope">The scope of access authorized by this access token.</param> - /// <returns> - /// A value indicating whether this access token is valid. - /// </returns> - bool IAccessTokenAnalyzer.TryValidateAccessToken(IDirectedProtocolMessage message, string accessToken, out string user, out HashSet<string> scope) { + /// <param name="accessToken">The access token's serialized representation.</param> + /// <returns>The deserialized, validated token.</returns> + /// <exception cref="ProtocolException">Thrown if the access token is expired, invalid, or from an untrusted authorization server.</exception> + AccessToken IAccessTokenAnalyzer.DeserializeAccessToken(IDirectedProtocolMessage message, string accessToken) { Requires.NotNull(message, "message"); Requires.NotNullOrEmpty(accessToken, "accessToken"); - Contract.Ensures(Contract.Result<bool>() == (Contract.ValueAtReturn<string>(out user) != null)); - + Contract.Ensures(Contract.Result<AccessToken>() != null); throw new NotImplementedException(); } } diff --git a/src/DotNetOpenAuth.OAuth2.ResourceServer/OAuth2/ResourceServer.cs b/src/DotNetOpenAuth.OAuth2.ResourceServer/OAuth2/ResourceServer.cs index 2830ab8..cd0fb55 100644 --- a/src/DotNetOpenAuth.OAuth2.ResourceServer/OAuth2/ResourceServer.cs +++ b/src/DotNetOpenAuth.OAuth2.ResourceServer/OAuth2/ResourceServer.cs @@ -26,6 +26,11 @@ namespace DotNetOpenAuth.OAuth2 { /// </summary> public class ResourceServer { /// <summary> + /// A reusable instance of the scope satisfied checker. + /// </summary> + private static readonly IScopeSatisfiedCheck DefaultScopeSatisfiedCheck = new StandardScopeSatisfiedCheck(); + + /// <summary> /// Initializes a new instance of the <see cref="ResourceServer"/> class. /// </summary> /// <param name="accessTokenAnalyzer">The access token analyzer.</param> @@ -34,6 +39,9 @@ namespace DotNetOpenAuth.OAuth2 { this.AccessTokenAnalyzer = accessTokenAnalyzer; this.Channel = new OAuth2ResourceServerChannel(); + this.ResourceOwnerPrincipalPrefix = string.Empty; + this.ClientPrincipalPrefix = "client:"; + this.ScopeSatisfiedCheck = DefaultScopeSatisfiedCheck; } /// <summary> @@ -43,59 +51,78 @@ namespace DotNetOpenAuth.OAuth2 { public IAccessTokenAnalyzer AccessTokenAnalyzer { get; private set; } /// <summary> - /// Gets the channel. + /// Gets or sets the service that checks whether a granted set of scopes satisfies a required set of scopes. /// </summary> - /// <value>The channel.</value> - internal OAuth2ResourceServerChannel Channel { get; private set; } + public IScopeSatisfiedCheck ScopeSatisfiedCheck { get; set; } /// <summary> - /// Discovers what access the client should have considering the access token in the current request. + /// Gets or sets the prefix to apply to a resource owner's username when used as the username in an <see cref="IPrincipal"/>. /// </summary> - /// <param name="userName">The name on the account the client has access to.</param> - /// <param name="scope">The set of operations the client is authorized for.</param> - /// <returns>An error to return to the client if access is not authorized; <c>null</c> if access is granted.</returns> - [SuppressMessage("Microsoft.Design", "CA1021:AvoidOutParameters", MessageId = "0#", Justification = "Try pattern")] - [SuppressMessage("Microsoft.Design", "CA1021:AvoidOutParameters", MessageId = "1#", Justification = "Try pattern")] - public OutgoingWebResponse VerifyAccess(out string userName, out HashSet<string> scope) { - return this.VerifyAccess(this.Channel.GetRequestFromContext(), out userName, out scope); - } + /// <value>The default value is the empty string.</value> + public string ResourceOwnerPrincipalPrefix { get; set; } + + /// <summary> + /// Gets or sets the prefix to apply to a client identifier when used as the username in an <see cref="IPrincipal"/>. + /// </summary> + /// <value>The default value is "client:"</value> + public string ClientPrincipalPrefix { get; set; } + + /// <summary> + /// Gets the channel. + /// </summary> + /// <value>The channel.</value> + internal OAuth2ResourceServerChannel Channel { get; private set; } /// <summary> /// Discovers what access the client should have considering the access token in the current request. /// </summary> /// <param name="httpRequestInfo">The HTTP request info.</param> - /// <param name="userName">The name on the account the client has access to.</param> - /// <param name="scope">The set of operations the client is authorized for.</param> + /// <param name="requiredScopes">The set of scopes required to approve this request.</param> /// <returns> - /// An error to return to the client if access is not authorized; <c>null</c> if access is granted. + /// The access token describing the authorization the client has. Never <c>null</c>. /// </returns> - [SuppressMessage("Microsoft.Design", "CA1021:AvoidOutParameters", MessageId = "1#", Justification = "Try pattern")] - [SuppressMessage("Microsoft.Design", "CA1021:AvoidOutParameters", MessageId = "2#", Justification = "Try pattern")] - public virtual OutgoingWebResponse VerifyAccess(HttpRequestBase httpRequestInfo, out string userName, out HashSet<string> scope) { - Requires.NotNull(httpRequestInfo, "httpRequestInfo"); + /// <exception cref="ProtocolFaultResponseException"> + /// Thrown when the client is not authorized. This exception should be caught and the + /// <see cref="ProtocolFaultResponseException.ErrorResponseMessage"/> message should be returned to the client. + /// </exception> + public virtual AccessToken GetAccessToken(HttpRequestBase httpRequestInfo = null, params string[] requiredScopes) { + Requires.NotNull(requiredScopes, "requiredScopes"); + Requires.ValidState(this.ScopeSatisfiedCheck != null, Strings.RequiredPropertyNotYetPreset); + if (httpRequestInfo == null) { + httpRequestInfo = this.Channel.GetRequestFromContext(); + } + AccessToken accessToken; AccessProtectedResourceRequest request = null; try { if (this.Channel.TryReadFromRequest<AccessProtectedResourceRequest>(httpRequestInfo, out request)) { - if (this.AccessTokenAnalyzer.TryValidateAccessToken(request, request.AccessToken, out userName, out scope)) { - // No errors to return. - return null; + accessToken = this.AccessTokenAnalyzer.DeserializeAccessToken(request, request.AccessToken); + ErrorUtilities.VerifyHost(accessToken != null, "IAccessTokenAnalyzer.DeserializeAccessToken returned a null reslut."); + if (string.IsNullOrEmpty(accessToken.User) && string.IsNullOrEmpty(accessToken.ClientIdentifier)) { + Logger.OAuth.Error("Access token rejected because both the username and client id properties were null or empty."); + ErrorUtilities.ThrowProtocol(ResourceServerStrings.InvalidAccessToken); } - throw ErrorUtilities.ThrowProtocol(ResourceServerStrings.InvalidAccessToken); - } else { - var response = new UnauthorizedResponse(new ProtocolException(ResourceServerStrings.MissingAccessToken)); + var requiredScopesSet = OAuthUtilities.ParseScopeSet(requiredScopes); + if (!this.ScopeSatisfiedCheck.IsScopeSatisfied(requiredScope: requiredScopesSet, grantedScope: accessToken.Scope)) { + var response = UnauthorizedResponse.InsufficientScope(request, requiredScopesSet); + throw new ProtocolFaultResponseException(this.Channel, response); + } - userName = null; - scope = null; - return this.Channel.PrepareResponse(response); + return accessToken; + } else { + var ex = new ProtocolException(ResourceServerStrings.MissingAccessToken); + var response = UnauthorizedResponse.InvalidRequest(ex); + throw new ProtocolFaultResponseException(this.Channel, response, innerException: ex); } } catch (ProtocolException ex) { - var response = request != null ? new UnauthorizedResponse(request, ex) : new UnauthorizedResponse(ex); + if (ex is ProtocolFaultResponseException) { + // This doesn't need to be wrapped again. + throw; + } - userName = null; - scope = null; - return this.Channel.PrepareResponse(response); + var response = request != null ? UnauthorizedResponse.InvalidToken(request, ex) : UnauthorizedResponse.InvalidRequest(ex); + throw new ProtocolFaultResponseException(this.Channel, response, innerException: ex); } } @@ -103,17 +130,29 @@ namespace DotNetOpenAuth.OAuth2 { /// Discovers what access the client should have considering the access token in the current request. /// </summary> /// <param name="httpRequestInfo">The HTTP request info.</param> - /// <param name="principal">The principal that contains the user and roles that the access token is authorized for.</param> + /// <param name="requiredScopes">The set of scopes required to approve this request.</param> /// <returns> - /// An error to return to the client if access is not authorized; <c>null</c> if access is granted. + /// The principal that contains the user and roles that the access token is authorized for. Never <c>null</c>. /// </returns> - [SuppressMessage("Microsoft.Design", "CA1021:AvoidOutParameters", MessageId = "1#", Justification = "Try pattern")] - public virtual OutgoingWebResponse VerifyAccess(HttpRequestBase httpRequestInfo, out IPrincipal principal) { - string username; - HashSet<string> scope; - var result = this.VerifyAccess(httpRequestInfo, out username, out scope); - principal = result == null ? new OAuthPrincipal(username, scope != null ? scope.ToArray() : new string[0]) : null; - return result; + /// <exception cref="ProtocolFaultResponseException"> + /// Thrown when the client is not authorized. This exception should be caught and the + /// <see cref="ProtocolFaultResponseException.ErrorResponseMessage"/> message should be returned to the client. + /// </exception> + public virtual IPrincipal GetPrincipal(HttpRequestBase httpRequestInfo = null, params string[] requiredScopes) { + AccessToken accessToken = this.GetAccessToken(httpRequestInfo, requiredScopes); + + // Mitigates attacks on this approach of differentiating clients from resource owners + // by checking that a username doesn't look suspiciously engineered to appear like the other type. + ErrorUtilities.VerifyProtocol(accessToken.User == null || string.IsNullOrEmpty(this.ClientPrincipalPrefix) || !accessToken.User.StartsWith(this.ClientPrincipalPrefix, StringComparison.OrdinalIgnoreCase), ResourceServerStrings.ResourceOwnerNameLooksLikeClientIdentifier); + ErrorUtilities.VerifyProtocol(accessToken.ClientIdentifier == null || string.IsNullOrEmpty(this.ResourceOwnerPrincipalPrefix) || !accessToken.ClientIdentifier.StartsWith(this.ResourceOwnerPrincipalPrefix, StringComparison.OrdinalIgnoreCase), ResourceServerStrings.ClientIdentifierLooksLikeResourceOwnerName); + + string principalUserName = !string.IsNullOrEmpty(accessToken.User) + ? this.ResourceOwnerPrincipalPrefix + accessToken.User + : this.ClientPrincipalPrefix + accessToken.ClientIdentifier; + string[] principalScope = accessToken.Scope != null ? accessToken.Scope.ToArray() : new string[0]; + var principal = new OAuthPrincipal(principalUserName, principalScope); + + return principal; } /// <summary> @@ -121,17 +160,19 @@ namespace DotNetOpenAuth.OAuth2 { /// </summary> /// <param name="request">HTTP details from an incoming WCF message.</param> /// <param name="requestUri">The URI of the WCF service endpoint.</param> - /// <param name="principal">The principal that contains the user and roles that the access token is authorized for.</param> + /// <param name="requiredScopes">The set of scopes required to approve this request.</param> /// <returns> - /// An error to return to the client if access is not authorized; <c>null</c> if access is granted. + /// The principal that contains the user and roles that the access token is authorized for. Never <c>null</c>. /// </returns> - [SuppressMessage("Microsoft.Design", "CA1021:AvoidOutParameters", MessageId = "1#", Justification = "Try pattern")] - [SuppressMessage("Microsoft.Design", "CA1021:AvoidOutParameters", MessageId = "2#", Justification = "Try pattern")] - public virtual OutgoingWebResponse VerifyAccess(HttpRequestMessageProperty request, Uri requestUri, out IPrincipal principal) { + /// <exception cref="ProtocolFaultResponseException"> + /// Thrown when the client is not authorized. This exception should be caught and the + /// <see cref="ProtocolFaultResponseException.ErrorResponseMessage"/> message should be returned to the client. + /// </exception> + public virtual IPrincipal GetPrincipal(HttpRequestMessageProperty request, Uri requestUri, params string[] requiredScopes) { Requires.NotNull(request, "request"); Requires.NotNull(requestUri, "requestUri"); - return this.VerifyAccess(new HttpRequestInfo(request, requestUri), out principal); + return this.GetPrincipal(new HttpRequestInfo(request, requestUri), requiredScopes); } } } diff --git a/src/DotNetOpenAuth.OAuth2.ResourceServer/OAuth2/ResourceServerStrings.Designer.cs b/src/DotNetOpenAuth.OAuth2.ResourceServer/OAuth2/ResourceServerStrings.Designer.cs index 606b072..f97b41b 100644 --- a/src/DotNetOpenAuth.OAuth2.ResourceServer/OAuth2/ResourceServerStrings.Designer.cs +++ b/src/DotNetOpenAuth.OAuth2.ResourceServer/OAuth2/ResourceServerStrings.Designer.cs @@ -61,6 +61,15 @@ namespace DotNetOpenAuth.OAuth2 { } /// <summary> + /// Looks up a localized string similar to Client Identifier starts with a resource owner prefix. Authorization aborted.. + /// </summary> + internal static string ClientIdentifierLooksLikeResourceOwnerName { + get { + return ResourceManager.GetString("ClientIdentifierLooksLikeResourceOwnerName", resourceCulture); + } + } + + /// <summary> /// Looks up a localized string similar to Invalid access token.. /// </summary> internal static string InvalidAccessToken { @@ -77,5 +86,14 @@ namespace DotNetOpenAuth.OAuth2 { return ResourceManager.GetString("MissingAccessToken", resourceCulture); } } + + /// <summary> + /// Looks up a localized string similar to Resource owner username starts with a client prefix. Authorization aborted.. + /// </summary> + internal static string ResourceOwnerNameLooksLikeClientIdentifier { + get { + return ResourceManager.GetString("ResourceOwnerNameLooksLikeClientIdentifier", resourceCulture); + } + } } } diff --git a/src/DotNetOpenAuth.OAuth2.ResourceServer/OAuth2/ResourceServerStrings.resx b/src/DotNetOpenAuth.OAuth2.ResourceServer/OAuth2/ResourceServerStrings.resx index 175a386..46943c4 100644 --- a/src/DotNetOpenAuth.OAuth2.ResourceServer/OAuth2/ResourceServerStrings.resx +++ b/src/DotNetOpenAuth.OAuth2.ResourceServer/OAuth2/ResourceServerStrings.resx @@ -117,10 +117,16 @@ <resheader name="writer"> <value>System.Resources.ResXResourceWriter, System.Windows.Forms, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</value> </resheader> + <data name="ClientIdentifierLooksLikeResourceOwnerName" xml:space="preserve"> + <value>Client Identifier starts with a resource owner prefix. Authorization aborted.</value> + </data> <data name="InvalidAccessToken" xml:space="preserve"> <value>Invalid access token.</value> </data> <data name="MissingAccessToken" xml:space="preserve"> <value>Missing access token.</value> </data> + <data name="ResourceOwnerNameLooksLikeClientIdentifier" xml:space="preserve"> + <value>Resource owner username starts with a client prefix. Authorization aborted.</value> + </data> </root>
\ No newline at end of file diff --git a/src/DotNetOpenAuth.OAuth2/OAuth2/StandardAccessTokenAnalyzer.cs b/src/DotNetOpenAuth.OAuth2.ResourceServer/OAuth2/StandardAccessTokenAnalyzer.cs index 636f490..54d86ff 100644 --- a/src/DotNetOpenAuth.OAuth2/OAuth2/StandardAccessTokenAnalyzer.cs +++ b/src/DotNetOpenAuth.OAuth2.ResourceServer/OAuth2/StandardAccessTokenAnalyzer.cs @@ -45,22 +45,14 @@ namespace DotNetOpenAuth.OAuth2 { /// Reads an access token to find out what data it authorizes access to. /// </summary> /// <param name="message">The message carrying the access token.</param> - /// <param name="accessToken">The access token.</param> - /// <param name="user">The user whose data is accessible with this access token.</param> - /// <param name="scope">The scope of access authorized by this access token.</param> - /// <returns> - /// A value indicating whether this access token is valid. - /// </returns> - /// <remarks> - /// This method also responsible to throw a <see cref="ProtocolException"/> or return - /// <c>false</c> when the access token is expired, invalid, or from an untrusted authorization server. - /// </remarks> - public virtual bool TryValidateAccessToken(IDirectedProtocolMessage message, string accessToken, out string user, out HashSet<string> scope) { + /// <param name="accessToken">The access token's serialized representation.</param> + /// <returns>The deserialized, validated token.</returns> + /// <exception cref="ProtocolException">Thrown if the access token is expired, invalid, or from an untrusted authorization server.</exception> + public virtual AccessToken DeserializeAccessToken(IDirectedProtocolMessage message, string accessToken) { var accessTokenFormatter = AccessToken.CreateFormatter(this.AuthorizationServerPublicSigningKey, this.ResourceServerPrivateEncryptionKey); - var token = accessTokenFormatter.Deserialize(message, accessToken, Protocol.access_token); - user = token.User; - scope = new HashSet<string>(token.Scope, OAuthUtilities.ScopeStringComparer); - return true; + var token = new AccessToken(); + accessTokenFormatter.Deserialize(token, message, accessToken, Protocol.access_token); + return token; } } } diff --git a/src/DotNetOpenAuth.OAuth2/Configuration/OAuth2SectionGroup.cs b/src/DotNetOpenAuth.OAuth2/Configuration/OAuth2SectionGroup.cs new file mode 100644 index 0000000..112e756 --- /dev/null +++ b/src/DotNetOpenAuth.OAuth2/Configuration/OAuth2SectionGroup.cs @@ -0,0 +1,26 @@ +//----------------------------------------------------------------------- +// <copyright file="OAuth2SectionGroup.cs" company="Outercurve Foundation"> +// Copyright (c) Outercurve Foundation. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- + +namespace DotNetOpenAuth.Configuration { + using System.Configuration; + using System.Diagnostics.Contracts; + + /// <summary> + /// Represents the <oauth> element in the host's .config file. + /// </summary> + internal class OAuth2SectionGroup : ConfigurationSectionGroup { + /// <summary> + /// The name of the oauth section. + /// </summary> + internal const string SectionName = DotNetOpenAuthSection.SectionName + "/oauth2"; + + /// <summary> + /// Initializes a new instance of the <see cref="OAuth2SectionGroup"/> class. + /// </summary> + internal OAuth2SectionGroup() { + } + } +} diff --git a/src/DotNetOpenAuth.OAuth2/DotNetOpenAuth.OAuth2.csproj b/src/DotNetOpenAuth.OAuth2/DotNetOpenAuth.OAuth2.csproj index 438a21d..696d8a9 100644 --- a/src/DotNetOpenAuth.OAuth2/DotNetOpenAuth.OAuth2.csproj +++ b/src/DotNetOpenAuth.OAuth2/DotNetOpenAuth.OAuth2.csproj @@ -18,72 +18,30 @@ <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Release|AnyCPU' "> </PropertyGroup> <ItemGroup> + <Compile Include="Configuration\OAuth2SectionGroup.cs" /> <Compile Include="GlobalSuppressions.cs" /> - <Compile Include="OAuth2\AuthorizationState.cs" /> - <Compile Include="OAuth2\ChannelElements\AccessRequestBindingElement.cs" /> - <Compile Include="OAuth2\ChannelElements\AccessToken.cs" /> - <Compile Include="OAuth2\ChannelElements\AccessTokenBindingElement.cs" /> + <Compile Include="OAuth2\AccessToken.cs" /> <Compile Include="OAuth2\ChannelElements\AuthorizationDataBag.cs" /> - <Compile Include="OAuth2\ChannelElements\AuthServerBindingElementBase.cs" /> - <Compile Include="OAuth2\ChannelElements\GrantTypeEncoder.cs" /> - <Compile Include="OAuth2\ChannelElements\EndUserAuthorizationResponseTypeEncoder.cs" /> + <Compile Include="OAuth2\ChannelElements\ClientAuthenticationResult.cs" /> <Compile Include="OAuth2\ChannelElements\IAccessTokenCarryingRequest.cs" /> - <Compile Include="OAuth2\ChannelElements\IAuthorizationCodeCarryingRequest.cs" /> - <Compile Include="OAuth2\ChannelElements\IOAuth2ChannelWithAuthorizationServer.cs" /> - <Compile Include="OAuth2\ChannelElements\IRefreshTokenCarryingRequest.cs" /> - <Compile Include="OAuth2\ChannelElements\OAuth2ChannelBase.cs" /> - <Compile Include="OAuth2\ChannelElements\OAuth2ClientChannel.cs" /> + <Compile Include="OAuth2\IScopeSatisfiedCheck.cs" /> <Compile Include="OAuth2\ChannelElements\ScopeEncoder.cs" /> <Compile Include="OAuth2\ChannelElements\IAuthorizationDescription.cs" /> <Compile Include="OAuth2\ChannelElements\IAuthorizationCarryingRequest.cs" /> - <Compile Include="OAuth2\ChannelElements\OAuth2ResourceServerChannel.cs" /> - <Compile Include="OAuth2\ChannelElements\RefreshToken.cs" /> - <Compile Include="OAuth2\ChannelElements\AuthorizationCode.cs" /> - <Compile Include="OAuth2\ChannelElements\AuthorizationCodeBindingElement.cs" /> - <Compile Include="OAuth2\ChannelElements\AuthServerAllFlowsBindingElement.cs" /> - <Compile Include="OAuth2\ClientDescription.cs" /> - <Compile Include="OAuth2\ClientType.cs" /> - <Compile Include="OAuth2\IAccessTokenAnalyzer.cs" /> - <Compile Include="OAuth2\IAuthorizationServer.cs" /> - <Compile Include="OAuth2\IAuthorizationState.cs" /> - <Compile Include="OAuth2\IClientAuthorizationTracker.cs" /> - <Compile Include="OAuth2\IClientDescription.cs" /> <Compile Include="OAuth2\Messages\AccessProtectedResourceRequest.cs" /> - <Compile Include="OAuth2\Messages\AccessTokenAuthorizationCodeRequest.cs" /> - <Compile Include="OAuth2\Messages\AccessTokenResourceOwnerPasswordCredentialsRequest.cs" /> - <Compile Include="OAuth2\Messages\AccessTokenRequestBase.cs" /> - <Compile Include="OAuth2\Messages\AccessTokenClientCredentialsRequest.cs" /> - <Compile Include="OAuth2\Messages\AuthenticatedClientRequestBase.cs" /> - <Compile Include="OAuth2\Messages\EndUserAuthorizationImplicitRequest.cs" /> - <Compile Include="OAuth2\Messages\EndUserAuthorizationSuccessAccessTokenResponse.cs" /> - <Compile Include="OAuth2\Messages\EndUserAuthorizationFailedResponse.cs" /> - <Compile Include="OAuth2\Messages\EndUserAuthorizationSuccessAuthCodeResponse.cs" /> - <Compile Include="OAuth2\Messages\GrantType.cs" /> - <Compile Include="OAuth2\Messages\AccessTokenRefreshRequest.cs" /> - <Compile Include="OAuth2\Messages\EndUserAuthorizationResponseType.cs" /> - <Compile Include="OAuth2\Messages\IAccessTokenRequest.cs" /> - <Compile Include="OAuth2\Messages\IMessageWithClientState.cs" /> - <Compile Include="OAuth2\Messages\ScopedAccessTokenRequest.cs" /> <Compile Include="OAuth2\Messages\UnauthorizedResponse.cs" /> - <Compile Include="OAuth2\Messages\AccessTokenFailedResponse.cs" /> - <Compile Include="OAuth2\Messages\AccessTokenSuccessResponse.cs" /> - <Compile Include="OAuth2\Messages\EndUserAuthorizationSuccessResponseBase.cs" /> - <Compile Include="OAuth2\StandardAccessTokenAnalyzer.cs" /> <Compile Include="OAuth2\OAuthUtilities.cs" /> + <Compile Include="OAuth2\StandardScopeSatisfiedCheck.cs" /> <Compile Include="Properties\AssemblyInfo.cs" /> - <Compile Include="OAuth2\ChannelElements\OAuth2AuthorizationServerChannel.cs" /> <Compile Include="OAuth2\Messages\MessageBase.cs" /> - <Compile Include="OAuth2\Messages\EndUserAuthorizationRequest.cs" /> <Compile Include="OAuth2\Protocol.cs" /> <Compile Include="OAuth2\OAuthStrings.Designer.cs"> <AutoGen>True</AutoGen> <DesignTime>True</DesignTime> <DependentUpon>OAuthStrings.resx</DependentUpon> </Compile> - <Compile Include="OAuth2\AuthorizationServerDescription.cs" /> </ItemGroup> <ItemGroup> - <None Include="OAuth2\Messages\OAuth 2 Messages.cd" /> <None Include="OAuth2\OAuth 2 client facades.cd" /> </ItemGroup> <ItemGroup> diff --git a/src/DotNetOpenAuth.OAuth2/OAuth2/ChannelElements/AccessToken.cs b/src/DotNetOpenAuth.OAuth2/OAuth2/AccessToken.cs index 84b17cc..5890d93 100644 --- a/src/DotNetOpenAuth.OAuth2/OAuth2/ChannelElements/AccessToken.cs +++ b/src/DotNetOpenAuth.OAuth2/OAuth2/AccessToken.cs @@ -4,18 +4,19 @@ // </copyright> //----------------------------------------------------------------------- -namespace DotNetOpenAuth.OAuth2.ChannelElements { +namespace DotNetOpenAuth.OAuth2 { using System; using System.Collections.Generic; using System.Diagnostics.Contracts; using System.Security.Cryptography; using DotNetOpenAuth.Messaging; using DotNetOpenAuth.Messaging.Bindings; + using DotNetOpenAuth.OAuth2.ChannelElements; /// <summary> /// A short-lived token that accompanies HTTP requests to protected data to authorize the request. /// </summary> - internal class AccessToken : AuthorizationDataBag { + public class AccessToken : AuthorizationDataBag { /// <summary> /// Initializes a new instance of the <see cref="AccessToken"/> class. /// </summary> @@ -23,31 +24,65 @@ namespace DotNetOpenAuth.OAuth2.ChannelElements { } /// <summary> - /// Initializes a new instance of the <see cref="AccessToken"/> class. + /// Gets or sets the lifetime of the access token. + /// </summary> + /// <value>The lifetime.</value> + [MessagePart(Encoder = typeof(TimespanSecondsEncoder))] + public TimeSpan? Lifetime { get; set; } + + /// <summary> + /// Gets the type of this instance. /// </summary> - /// <param name="authorization">The authorization to be described by the access token.</param> - /// <param name="lifetime">The lifetime of the access token.</param> - internal AccessToken(IAuthorizationDescription authorization, TimeSpan? lifetime) { + /// <value>The type of the bag.</value> + /// <remarks> + /// This ensures that one token cannot be misused as another kind of token. + /// </remarks> + protected override Type BagType { + get { + // different roles (authorization server vs. Client) may derive from AccessToken, but they are all interoperable. + return typeof(AccessToken); + } + } + + /// <summary> + /// Creates a formatter capable of serializing/deserializing an access token. + /// </summary> + /// <param name="signingKey">The crypto service provider with the authorization server's private key used to asymmetrically sign the access token.</param> + /// <param name="encryptingKey">The crypto service provider with the resource server's public key used to encrypt the access token.</param> + /// <returns>An access token serializer.</returns> + internal static IDataBagFormatter<AccessToken> CreateFormatter(RSACryptoServiceProvider signingKey, RSACryptoServiceProvider encryptingKey) { + Contract.Requires(signingKey != null || !signingKey.PublicOnly); + Contract.Requires(encryptingKey != null); + Contract.Ensures(Contract.Result<IDataBagFormatter<AccessToken>>() != null); + + return new UriStyleMessageFormatter<AccessToken>(signingKey, encryptingKey); + } + + /// <summary> + /// Initializes this instance of the <see cref="AccessToken"/> class. + /// </summary> + /// <param name="authorization">The authorization to apply to this access token.</param> + internal void ApplyAuthorization(IAuthorizationDescription authorization) { Requires.NotNull(authorization, "authorization"); this.ClientIdentifier = authorization.ClientIdentifier; this.UtcCreationDate = authorization.UtcIssued; this.User = authorization.User; this.Scope.ResetContents(authorization.Scope); - this.Lifetime = lifetime; } /// <summary> - /// Initializes a new instance of the <see cref="AccessToken"/> class. + /// Initializes this instance of the <see cref="AccessToken"/> class. /// </summary> - /// <param name="clientIdentifier">The client identifier.</param> /// <param name="scopes">The scopes.</param> /// <param name="username">The username of the account that authorized this token.</param> /// <param name="lifetime">The lifetime for this access token.</param> - internal AccessToken(string clientIdentifier, IEnumerable<string> scopes, string username, TimeSpan? lifetime) { - Requires.NotNullOrEmpty(clientIdentifier, "clientIdentifier"); - - this.ClientIdentifier = clientIdentifier; + /// <remarks> + /// The <see cref="AuthorizationDataBag.ClientIdentifier"/> is left <c>null</c> in this case because this constructor + /// is invoked in the case where the client is <em>not</em> authenticated, and therefore no + /// trust in the client_id is appropriate. + /// </remarks> + internal void ApplyAuthorization(IEnumerable<string> scopes, string username, TimeSpan? lifetime) { this.Scope.ResetContents(scopes); this.User = username; this.Lifetime = lifetime; @@ -55,24 +90,12 @@ namespace DotNetOpenAuth.OAuth2.ChannelElements { } /// <summary> - /// Gets or sets the lifetime of the access token. - /// </summary> - /// <value>The lifetime.</value> - [MessagePart(Encoder = typeof(TimespanSecondsEncoder))] - internal TimeSpan? Lifetime { get; set; } - - /// <summary> - /// Creates a formatter capable of serializing/deserializing an access token. + /// Serializes this instance to a simple string for transmission to the client. /// </summary> - /// <param name="signingKey">The crypto service provider with the authorization server's private key used to asymmetrically sign the access token.</param> - /// <param name="encryptingKey">The crypto service provider with the resource server's public key used to encrypt the access token.</param> - /// <returns>An access token serializer.</returns> - internal static IDataBagFormatter<AccessToken> CreateFormatter(RSACryptoServiceProvider signingKey, RSACryptoServiceProvider encryptingKey) { - Contract.Requires(signingKey != null || !signingKey.PublicOnly); - Contract.Requires(encryptingKey != null); - Contract.Ensures(Contract.Result<IDataBagFormatter<AccessToken>>() != null); - - return new UriStyleMessageFormatter<AccessToken>(signingKey, encryptingKey); + /// <returns>A non-empty string.</returns> + protected internal virtual string Serialize() { + Contract.Ensures(!string.IsNullOrEmpty(Contract.Result<string>())); + throw new NotSupportedException(); } /// <summary> diff --git a/src/DotNetOpenAuth.OAuth2/OAuth2/ChannelElements/AccessRequestBindingElement.cs b/src/DotNetOpenAuth.OAuth2/OAuth2/ChannelElements/AccessRequestBindingElement.cs deleted file mode 100644 index 7a68060..0000000 --- a/src/DotNetOpenAuth.OAuth2/OAuth2/ChannelElements/AccessRequestBindingElement.cs +++ /dev/null @@ -1,183 +0,0 @@ -//----------------------------------------------------------------------- -// <copyright file="AccessRequestBindingElement.cs" company="Outercurve Foundation"> -// Copyright (c) Outercurve Foundation. All rights reserved. -// </copyright> -//----------------------------------------------------------------------- - -namespace DotNetOpenAuth.OAuth2.ChannelElements { - using System; - using System.Collections.Generic; - using System.Diagnostics.CodeAnalysis; - using System.Globalization; - using System.Linq; - using System.Security.Cryptography; - using System.Text; - using DotNetOpenAuth.Messaging; - using DotNetOpenAuth.Messaging.Bindings; - using DotNetOpenAuth.OAuth2.Messages; - - /// <summary> - /// Decodes verification codes, refresh tokens and access tokens on incoming messages. - /// </summary> - /// <remarks> - /// This binding element also ensures that the code/token coming in is issued to - /// the same client that is sending the code/token and that the authorization has - /// not been revoked and that an access token has not expired. - /// </remarks> - internal class AccessRequestBindingElement : AuthServerBindingElementBase { - /// <summary> - /// Initializes a new instance of the <see cref="AccessRequestBindingElement"/> class. - /// </summary> - internal AccessRequestBindingElement() { - } - - /// <summary> - /// Gets the protection commonly offered (if any) by this binding element. - /// </summary> - /// <value></value> - /// <remarks> - /// This value is used to assist in sorting binding elements in the channel stack. - /// </remarks> - public override MessageProtections Protection { - get { return MessageProtections.None; } - } - - /// <summary> - /// Prepares a message for sending based on the rules of this channel binding element. - /// </summary> - /// <param name="message">The message to prepare for sending.</param> - /// <returns> - /// The protections (if any) that this binding element applied to the message. - /// Null if this binding element did not even apply to this binding element. - /// </returns> - /// <remarks> - /// Implementations that provide message protection must honor the - /// <see cref="MessagePartAttribute.RequiredProtection"/> properties where applicable. - /// </remarks> - public override MessageProtections? ProcessOutgoingMessage(IProtocolMessage message) { - var authCodeCarrier = message as IAuthorizationCodeCarryingRequest; - if (authCodeCarrier != null) { - var codeFormatter = AuthorizationCode.CreateFormatter(this.AuthorizationServer); - var code = authCodeCarrier.AuthorizationDescription; - authCodeCarrier.Code = codeFormatter.Serialize(code); - return MessageProtections.None; - } - - var accessTokenCarrier = message as IAccessTokenCarryingRequest; - if (accessTokenCarrier != null) { - var responseWithOriginatingRequest = (IDirectResponseProtocolMessage)message; - var request = (IAccessTokenRequest)responseWithOriginatingRequest.OriginatingRequest; - - using (var resourceServerKey = this.AuthorizationServer.GetResourceServerEncryptionKey(request)) { - var tokenFormatter = AccessToken.CreateFormatter(this.AuthorizationServer.AccessTokenSigningKey, resourceServerKey); - var token = accessTokenCarrier.AuthorizationDescription; - accessTokenCarrier.AccessToken = tokenFormatter.Serialize(token); - } - - return MessageProtections.None; - } - - var accessTokenResponse = message as AccessTokenSuccessResponse; - if (accessTokenResponse != null) { - var directResponseMessage = (IDirectResponseProtocolMessage)accessTokenResponse; - var accessTokenRequest = (AccessTokenRequestBase)directResponseMessage.OriginatingRequest; - ErrorUtilities.VerifyProtocol(accessTokenRequest.GrantType != GrantType.ClientCredentials || accessTokenResponse.RefreshToken == null, OAuthStrings.NoGrantNoRefreshToken); - } - - return null; - } - - /// <summary> - /// Performs any transformation on an incoming message that may be necessary and/or - /// validates an incoming message based on the rules of this channel binding element. - /// </summary> - /// <param name="message">The incoming message to process.</param> - /// <returns> - /// The protections (if any) that this binding element applied to the message. - /// Null if this binding element did not even apply to this binding element. - /// </returns> - /// <exception cref="ProtocolException"> - /// Thrown when the binding element rules indicate that this message is invalid and should - /// NOT be processed. - /// </exception> - /// <remarks> - /// Implementations that provide message protection must honor the - /// <see cref="MessagePartAttribute.RequiredProtection"/> properties where applicable. - /// </remarks> - [SuppressMessage("Microsoft.Naming", "CA2204:Literals should be spelled correctly", MessageId = "unauthorizedclient", Justification = "Protocol requirement")] - [SuppressMessage("Microsoft.Naming", "CA2204:Literals should be spelled correctly", MessageId = "incorrectclientcredentials", Justification = "Protocol requirement")] - [SuppressMessage("Microsoft.Naming", "CA2204:Literals should be spelled correctly", MessageId = "authorizationexpired", Justification = "Protocol requirement")] - [SuppressMessage("Microsoft.Globalization", "CA1303:Do not pass literals as localized parameters", MessageId = "DotNetOpenAuth.Messaging.ErrorUtilities.VerifyProtocol(System.Boolean,System.String,System.Object[])", Justification = "Protocol requirement")] - public override MessageProtections? ProcessIncomingMessage(IProtocolMessage message) { - var tokenRequest = message as IAuthorizationCarryingRequest; - if (tokenRequest != null) { - try { - var authCodeCarrier = message as IAuthorizationCodeCarryingRequest; - var refreshTokenCarrier = message as IRefreshTokenCarryingRequest; - var resourceOwnerPasswordCarrier = message as AccessTokenResourceOwnerPasswordCredentialsRequest; - var clientCredentialOnly = message as AccessTokenClientCredentialsRequest; - if (authCodeCarrier != null) { - var authorizationCodeFormatter = AuthorizationCode.CreateFormatter(this.AuthorizationServer); - var authorizationCode = authorizationCodeFormatter.Deserialize(message, authCodeCarrier.Code, Protocol.code); - authCodeCarrier.AuthorizationDescription = authorizationCode; - } else if (refreshTokenCarrier != null) { - var refreshTokenFormatter = RefreshToken.CreateFormatter(this.AuthorizationServer.CryptoKeyStore); - var refreshToken = refreshTokenFormatter.Deserialize(message, refreshTokenCarrier.RefreshToken, Protocol.refresh_token); - refreshTokenCarrier.AuthorizationDescription = refreshToken; - } else if (resourceOwnerPasswordCarrier != null) { - try { - if (this.AuthorizationServer.IsResourceOwnerCredentialValid(resourceOwnerPasswordCarrier.UserName, resourceOwnerPasswordCarrier.Password)) { - resourceOwnerPasswordCarrier.CredentialsValidated = true; - } else { - Logger.OAuth.WarnFormat( - "Resource owner password credential for user \"{0}\" rejected by authorization server host.", - resourceOwnerPasswordCarrier.UserName); - - // TODO: fix this to report the appropriate error code for a bad credential. - throw new ProtocolException(); - } - } catch (NotSupportedException) { - // TODO: fix this to return the appropriate error code for not supporting resource owner password credentials - throw new ProtocolException(); - } catch (NotImplementedException) { - // TODO: fix this to return the appropriate error code for not supporting resource owner password credentials - throw new ProtocolException(); - } - } else if (clientCredentialOnly != null) { - // this method will throw later if the credentials are false. - clientCredentialOnly.CredentialsValidated = true; - } else { - throw ErrorUtilities.ThrowInternal("Unexpected message type: " + tokenRequest.GetType()); - } - } catch (ExpiredMessageException ex) { - throw ErrorUtilities.Wrap(ex, Protocol.authorization_expired); - } - - var accessRequest = tokenRequest as AccessTokenRequestBase; - if (accessRequest != null) { - // Make sure the client sending us this token is the client we issued the token to. - ErrorUtilities.VerifyProtocol(string.Equals(accessRequest.ClientIdentifier, tokenRequest.AuthorizationDescription.ClientIdentifier, StringComparison.Ordinal), Protocol.incorrect_client_credentials); - - // Check that the client secret is correct. - var client = this.AuthorizationServer.GetClientOrThrow(accessRequest.ClientIdentifier); - string secret = client.Secret; - ErrorUtilities.VerifyProtocol(!string.IsNullOrEmpty(secret), Protocol.unauthorized_client); // an empty secret is not allowed for client authenticated calls. - ErrorUtilities.VerifyProtocol(MessagingUtilities.EqualsConstantTime(secret, accessRequest.ClientSecret), Protocol.incorrect_client_credentials); - - var scopedAccessRequest = accessRequest as ScopedAccessTokenRequest; - if (scopedAccessRequest != null) { - // Make sure the scope the client is requesting does not exceed the scope in the grant. - ErrorUtilities.VerifyProtocol(scopedAccessRequest.Scope.IsSubsetOf(tokenRequest.AuthorizationDescription.Scope), OAuthStrings.AccessScopeExceedsGrantScope, scopedAccessRequest.Scope, tokenRequest.AuthorizationDescription.Scope); - } - } - - // Make sure the authorization this token represents hasn't already been revoked. - ErrorUtilities.VerifyProtocol(this.AuthorizationServer.IsAuthorizationValid(tokenRequest.AuthorizationDescription), Protocol.authorization_expired); - - return MessageProtections.None; - } - - return null; - } - } -} diff --git a/src/DotNetOpenAuth.OAuth2/OAuth2/ChannelElements/AccessTokenBindingElement.cs b/src/DotNetOpenAuth.OAuth2/OAuth2/ChannelElements/AccessTokenBindingElement.cs deleted file mode 100644 index 4c63f29..0000000 --- a/src/DotNetOpenAuth.OAuth2/OAuth2/ChannelElements/AccessTokenBindingElement.cs +++ /dev/null @@ -1,93 +0,0 @@ -//----------------------------------------------------------------------- -// <copyright file="AccessTokenBindingElement.cs" company="Outercurve Foundation"> -// Copyright (c) Outercurve Foundation. All rights reserved. -// </copyright> -//----------------------------------------------------------------------- - -namespace DotNetOpenAuth.OAuth2.ChannelElements { - using System; - using System.Collections.Generic; - using System.Linq; - using System.Security.Cryptography; - using System.Text; - using DotNetOpenAuth.Messaging; - using DotNetOpenAuth.OAuth2.Messages; - - /// <summary> - /// Serializes access tokens inside an outgoing message. - /// </summary> - internal class AccessTokenBindingElement : AuthServerBindingElementBase { - /// <summary> - /// Initializes a new instance of the <see cref="AccessTokenBindingElement"/> class. - /// </summary> - internal AccessTokenBindingElement() { - } - - /// <summary> - /// Gets the protection commonly offered (if any) by this binding element. - /// </summary> - /// <value>Always <c>MessageProtections.None</c></value> - /// <remarks> - /// This value is used to assist in sorting binding elements in the channel stack. - /// </remarks> - public override MessageProtections Protection { - get { return MessageProtections.None; } - } - - /// <summary> - /// Prepares a message for sending based on the rules of this channel binding element. - /// </summary> - /// <param name="message">The message to prepare for sending.</param> - /// <returns> - /// The protections (if any) that this binding element applied to the message. - /// Null if this binding element did not even apply to this binding element. - /// </returns> - public override MessageProtections? ProcessOutgoingMessage(IProtocolMessage message) { - var directResponse = message as IDirectResponseProtocolMessage; - IAccessTokenRequest request = directResponse != null ? directResponse.OriginatingRequest as IAccessTokenRequest : null; - - var implicitGrantResponse = message as EndUserAuthorizationSuccessAccessTokenResponse; - if (implicitGrantResponse != null) { - IAccessTokenCarryingRequest tokenCarryingResponse = implicitGrantResponse; - tokenCarryingResponse.AuthorizationDescription = new AccessToken(request.ClientIdentifier, implicitGrantResponse.Scope, implicitGrantResponse.AuthorizingUsername, implicitGrantResponse.Lifetime); - - return MessageProtections.None; - } - - var accessTokenResponse = message as AccessTokenSuccessResponse; - if (accessTokenResponse != null) { - var authCarryingRequest = (IAuthorizationCarryingRequest)request; - var accessToken = new AccessToken(authCarryingRequest.AuthorizationDescription, accessTokenResponse.Lifetime); - using (var resourceServerEncryptionKey = this.AuthorizationServer.GetResourceServerEncryptionKey(request)) { - var accessTokenFormatter = AccessToken.CreateFormatter(this.AuthorizationServer.AccessTokenSigningKey, resourceServerEncryptionKey); - accessTokenResponse.AccessToken = accessTokenFormatter.Serialize(accessToken); - } - - if (accessTokenResponse.HasRefreshToken) { - var refreshToken = new RefreshToken(authCarryingRequest.AuthorizationDescription); - var refreshTokenFormatter = RefreshToken.CreateFormatter(this.AuthorizationServer.CryptoKeyStore); - accessTokenResponse.RefreshToken = refreshTokenFormatter.Serialize(refreshToken); - } - } - - return null; - } - - /// <summary> - /// Performs any transformation on an incoming message that may be necessary and/or - /// validates an incoming message based on the rules of this channel binding element. - /// </summary> - /// <param name="message">The incoming message to process.</param> - /// <returns> - /// The protections (if any) that this binding element applied to the message. - /// Null if this binding element did not even apply to this binding element. - /// </returns> - /// <exception cref="ProtocolException"> - /// Thrown when the binding element rules indicate that this message is invalid and should - /// NOT be processed. - /// </exception> - public override MessageProtections? ProcessIncomingMessage(IProtocolMessage message) { - return null; - } - } -} diff --git a/src/DotNetOpenAuth.OAuth2/OAuth2/ChannelElements/AuthServerAllFlowsBindingElement.cs b/src/DotNetOpenAuth.OAuth2/OAuth2/ChannelElements/AuthServerAllFlowsBindingElement.cs deleted file mode 100644 index 24ac020..0000000 --- a/src/DotNetOpenAuth.OAuth2/OAuth2/ChannelElements/AuthServerAllFlowsBindingElement.cs +++ /dev/null @@ -1,83 +0,0 @@ -//----------------------------------------------------------------------- -// <copyright file="AuthServerAllFlowsBindingElement.cs" company="Outercurve Foundation"> -// Copyright (c) Outercurve Foundation. All rights reserved. -// </copyright> -//----------------------------------------------------------------------- - -namespace DotNetOpenAuth.OAuth2.ChannelElements { - using System; - using System.Collections.Generic; - using System.Diagnostics.Contracts; - using System.Linq; - using System.Text; - using DotNetOpenAuth.OAuth2.Messages; - using Messaging; - - /// <summary> - /// A binding element that should be applied for authorization server channels regardless of which flows - /// are supported. - /// </summary> - internal class AuthServerAllFlowsBindingElement : AuthServerBindingElementBase { - /// <summary> - /// Initializes a new instance of the <see cref="AuthServerAllFlowsBindingElement"/> class. - /// </summary> - internal AuthServerAllFlowsBindingElement() { - } - - /// <summary> - /// Gets the protection commonly offered (if any) by this binding element. - /// </summary> - /// <remarks> - /// This value is used to assist in sorting binding elements in the channel stack. - /// </remarks> - public override MessageProtections Protection { - get { return MessageProtections.None; } - } - - /// <summary> - /// Prepares a message for sending based on the rules of this channel binding element. - /// </summary> - /// <param name="message">The message to prepare for sending.</param> - /// <returns> - /// The protections (if any) that this binding element applied to the message. - /// Null if this binding element did not even apply to this binding element. - /// </returns> - /// <remarks> - /// Implementations that provide message protection must honor the - /// <see cref="MessagePartAttribute.RequiredProtection"/> properties where applicable. - /// </remarks> - public override MessageProtections? ProcessOutgoingMessage(IProtocolMessage message) { - return null; - } - - /// <summary> - /// Performs any transformation on an incoming message that may be necessary and/or - /// validates an incoming message based on the rules of this channel binding element. - /// </summary> - /// <param name="message">The incoming message to process.</param> - /// <returns> - /// The protections (if any) that this binding element applied to the message. - /// Null if this binding element did not even apply to this binding element. - /// </returns> - /// <exception cref="ProtocolException"> - /// Thrown when the binding element rules indicate that this message is invalid and should - /// NOT be processed. - /// </exception> - /// <remarks> - /// Implementations that provide message protection must honor the - /// <see cref="MessagePartAttribute.RequiredProtection"/> properties where applicable. - /// </remarks> - public override MessageProtections? ProcessIncomingMessage(IProtocolMessage message) { - var authorizationRequest = message as EndUserAuthorizationRequest; - if (authorizationRequest != null) { - var client = this.AuthorizationServer.GetClientOrThrow(authorizationRequest.ClientIdentifier); - ErrorUtilities.VerifyProtocol(authorizationRequest.Callback == null || client.IsCallbackAllowed(authorizationRequest.Callback), OAuthStrings.ClientCallbackDisallowed, authorizationRequest.Callback); - ErrorUtilities.VerifyProtocol(authorizationRequest.Callback != null || client.DefaultCallback != null, OAuthStrings.NoCallback); - - return MessageProtections.None; - } - - return null; - } - } -} diff --git a/src/DotNetOpenAuth.OAuth2/OAuth2/ChannelElements/AuthorizationCodeBindingElement.cs b/src/DotNetOpenAuth.OAuth2/OAuth2/ChannelElements/AuthorizationCodeBindingElement.cs deleted file mode 100644 index d602cae..0000000 --- a/src/DotNetOpenAuth.OAuth2/OAuth2/ChannelElements/AuthorizationCodeBindingElement.cs +++ /dev/null @@ -1,101 +0,0 @@ -//----------------------------------------------------------------------- -// <copyright file="AuthorizationCodeBindingElement.cs" company="Outercurve Foundation"> -// Copyright (c) Outercurve Foundation. All rights reserved. -// </copyright> -//----------------------------------------------------------------------- - -namespace DotNetOpenAuth.OAuth2.ChannelElements { - using System; - using System.Collections.Generic; - using System.Linq; - using System.Text; - using Messages; - using Messaging; - using Messaging.Bindings; - - /// <summary> - /// A binding element for OAuth 2.0 authorization servers that create/verify - /// issued authorization codes as part of obtaining access/refresh tokens. - /// </summary> - internal class AuthorizationCodeBindingElement : AuthServerBindingElementBase { - /// <summary> - /// Initializes a new instance of the <see cref="AuthorizationCodeBindingElement"/> class. - /// </summary> - internal AuthorizationCodeBindingElement() { - } - - /// <summary> - /// Gets the protection commonly offered (if any) by this binding element. - /// </summary> - /// <value>Always <c>MessageProtections.None</c></value> - /// <remarks> - /// This value is used to assist in sorting binding elements in the channel stack. - /// </remarks> - public override MessageProtections Protection { - get { return MessageProtections.None; } - } - - /// <summary> - /// Gets the maximum message age from the standard expiration binding element. - /// </summary> - /// <value>This interval need not account for clock skew because it is only compared within a single authorization server or farm of servers.</value> - internal static TimeSpan MaximumMessageAge { - get { return Configuration.DotNetOpenAuthSection.Messaging.MaximumMessageLifetimeNoSkew; } - } - - /// <summary> - /// Prepares a message for sending based on the rules of this channel binding element. - /// </summary> - /// <param name="message">The message to prepare for sending.</param> - /// <returns> - /// The protections (if any) that this binding element applied to the message. - /// Null if this binding element did not even apply to this binding element. - /// </returns> - /// <remarks> - /// Implementations that provide message protection must honor the - /// <see cref="MessagePartAttribute.RequiredProtection"/> properties where applicable. - /// </remarks> - public override MessageProtections? ProcessOutgoingMessage(IProtocolMessage message) { - var response = message as EndUserAuthorizationSuccessAuthCodeResponse; - if (response != null) { - var directResponse = (IDirectResponseProtocolMessage)response; - var request = (EndUserAuthorizationRequest)directResponse.OriginatingRequest; - IAuthorizationCodeCarryingRequest tokenCarryingResponse = response; - tokenCarryingResponse.AuthorizationDescription = new AuthorizationCode(request.ClientIdentifier, request.Callback, response.Scope, response.AuthorizingUsername); - - return MessageProtections.None; - } - - return null; - } - - /// <summary> - /// Performs any transformation on an incoming message that may be necessary and/or - /// validates an incoming message based on the rules of this channel binding element. - /// </summary> - /// <param name="message">The incoming message to process.</param> - /// <returns> - /// The protections (if any) that this binding element applied to the message. - /// Null if this binding element did not even apply to this binding element. - /// </returns> - /// <exception cref="ProtocolException"> - /// Thrown when the binding element rules indicate that this message is invalid and should - /// NOT be processed. - /// </exception> - /// <remarks> - /// Implementations that provide message protection must honor the - /// <see cref="MessagePartAttribute.RequiredProtection"/> properties where applicable. - /// </remarks> - public override MessageProtections? ProcessIncomingMessage(IProtocolMessage message) { - var request = message as AccessTokenAuthorizationCodeRequest; - if (request != null) { - IAuthorizationCarryingRequest tokenRequest = request; - ((AuthorizationCode)tokenRequest.AuthorizationDescription).VerifyCallback(request.Callback); - - return MessageProtections.None; - } - - return null; - } - } -} diff --git a/src/DotNetOpenAuth.OAuth2/OAuth2/ChannelElements/AuthorizationDataBag.cs b/src/DotNetOpenAuth.OAuth2/OAuth2/ChannelElements/AuthorizationDataBag.cs index cee38db..c073008 100644 --- a/src/DotNetOpenAuth.OAuth2/OAuth2/ChannelElements/AuthorizationDataBag.cs +++ b/src/DotNetOpenAuth.OAuth2/OAuth2/ChannelElements/AuthorizationDataBag.cs @@ -13,7 +13,7 @@ namespace DotNetOpenAuth.OAuth2.ChannelElements { /// <summary> /// A data bag that stores authorization data. /// </summary> - internal abstract class AuthorizationDataBag : DataBag, IAuthorizationDescription { + public abstract class AuthorizationDataBag : DataBag, IAuthorizationDescription { /// <summary> /// Initializes a new instance of the <see cref="AuthorizationDataBag"/> class. /// </summary> @@ -24,7 +24,6 @@ namespace DotNetOpenAuth.OAuth2.ChannelElements { /// <summary> /// Gets or sets the identifier of the client authorized to access protected data. /// </summary> - /// <value></value> [MessagePart] public string ClientIdentifier { get; set; } diff --git a/src/DotNetOpenAuth.OAuth2/OAuth2/ChannelElements/ClientAuthenticationResult.cs b/src/DotNetOpenAuth.OAuth2/OAuth2/ChannelElements/ClientAuthenticationResult.cs new file mode 100644 index 0000000..b0f86a9 --- /dev/null +++ b/src/DotNetOpenAuth.OAuth2/OAuth2/ChannelElements/ClientAuthenticationResult.cs @@ -0,0 +1,32 @@ +//----------------------------------------------------------------------- +// <copyright file="ClientAuthenticationResult.cs" company="Andrew Arnott"> +// Copyright (c) Andrew Arnott. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- + +namespace DotNetOpenAuth.OAuth2.ChannelElements { + /// <summary> + /// Describes the various levels at which client information may be extracted from an inbound message. + /// </summary> + public enum ClientAuthenticationResult { + /// <summary> + /// No client identification or authentication was discovered. + /// </summary> + NoAuthenticationRecognized, + + /// <summary> + /// The client identified itself, but did not attempt to authenticate itself. + /// </summary> + ClientIdNotAuthenticated, + + /// <summary> + /// The client authenticated itself (provided compelling evidence that it was who it claims to be). + /// </summary> + ClientAuthenticated, + + /// <summary> + /// The client failed in an attempt to authenticate itself, claimed to be an unrecognized client, or otherwise messed up. + /// </summary> + ClientAuthenticationRejected, + } +} diff --git a/src/DotNetOpenAuth.OAuth2/OAuth2/IScopeSatisfiedCheck.cs b/src/DotNetOpenAuth.OAuth2/OAuth2/IScopeSatisfiedCheck.cs new file mode 100644 index 0000000..b1e2372 --- /dev/null +++ b/src/DotNetOpenAuth.OAuth2/OAuth2/IScopeSatisfiedCheck.cs @@ -0,0 +1,37 @@ +//----------------------------------------------------------------------- +// <copyright file="IScopeSatisfiedCheck.cs" company="Andrew Arnott"> +// Copyright (c) Andrew Arnott. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- + +namespace DotNetOpenAuth.OAuth2 { + using System.Collections.Generic; + + /// <summary> + /// An extensibility point that allows authorization servers and resource servers to customize how scopes may be considered + /// supersets of each other. + /// </summary> + /// <remarks> + /// Implementations must be thread-safe. + /// </remarks> + public interface IScopeSatisfiedCheck { + /// <summary> + /// Checks whether the granted scope is a superset of the required scope. + /// </summary> + /// <param name="requiredScope">The set of strings that the resource server demands in an access token's scope in order to complete some operation.</param> + /// <param name="grantedScope">The set of strings that define the scope within an access token that the client is authorized to.</param> + /// <returns><c>true</c> if <paramref name="grantedScope"/> is a superset of <paramref name="requiredScope"/> to allow the request to proceed; <c>false</c> otherwise.</returns> + /// <remarks> + /// The default reasonable implementation of this is: + /// <code> + /// return <paramref name="grantedScope"/>.IsSupersetOf(<paramref name="requiredScope"/>); + /// </code> + /// <para>In some advanced cases it may not be so simple. One case is that there may be a string that aggregates the capabilities of several others + /// in order to simplify common scenarios. For example, the scope "ReadAll" may represent the same authorization as "ReadProfile", "ReadEmail", and + /// "ReadFriends". + /// </para> + /// <para>Great care should be taken in implementing this method as this is a critical security module for the authorization and resource servers.</para> + /// </remarks> + bool IsScopeSatisfied(HashSet<string> requiredScope, HashSet<string> grantedScope); + } +} diff --git a/src/DotNetOpenAuth.OAuth2/OAuth2/Messages/OAuth 2 Messages.cd b/src/DotNetOpenAuth.OAuth2/OAuth2/Messages/OAuth 2 Messages.cd deleted file mode 100644 index 05e3ad9..0000000 --- a/src/DotNetOpenAuth.OAuth2/OAuth2/Messages/OAuth 2 Messages.cd +++ /dev/null @@ -1,164 +0,0 @@ -<?xml version="1.0" encoding="utf-8"?> -<ClassDiagram MajorVersion="1" MinorVersion="1"> - <Class Name="DotNetOpenAuth.OAuth2.Messages.MessageBase" Collapsed="true"> - <Position X="0.5" Y="0.5" Width="1.5" /> - <TypeIdentifier> - <HashCode>IAAMACQAQAAAgAkAAAAIAAYACgAAIAAAIACAACAAAIA=</HashCode> - <FileName>OAuth2\Messages\MessageBase.cs</FileName> - </TypeIdentifier> - <Lollipop Position="0.2" /> - </Class> - <Class Name="DotNetOpenAuth.OAuth2.Messages.AccessTokenAuthorizationCodeRequest" Collapsed="true"> - <Position X="8.5" Y="6.75" Width="3" /> - <TypeIdentifier> - <HashCode>ACAAEAAAAAAAAAAAAAAAAAAQAAAAAAAAAAAgAAAATAA=</HashCode> - <FileName>OAuth2\Messages\AccessTokenAuthorizationCodeRequest.cs</FileName> - </TypeIdentifier> - <Lollipop Position="0.2" /> - </Class> - <Class Name="DotNetOpenAuth.OAuth2.Messages.AccessTokenClientCredentialsRequest" Collapsed="true"> - <Position X="8.5" Y="8.75" Width="2.75" /> - <TypeIdentifier> - <HashCode>AAAAAAAAAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAA=</HashCode> - <FileName>OAuth2\Messages\AccessTokenClientCredentialsRequest.cs</FileName> - </TypeIdentifier> - </Class> - <Class Name="DotNetOpenAuth.OAuth2.Messages.AccessTokenFailedResponse" Collapsed="true"> - <Position X="3.25" Y="8.5" Width="2.25" /> - <TypeIdentifier> - <HashCode>AAAAAIAAAAAAAQAAAABAAAQAAAAAAAEQAAAAAAAAAAA=</HashCode> - <FileName>OAuth2\Messages\AccessTokenFailedResponse.cs</FileName> - </TypeIdentifier> - <Lollipop Position="0.2" /> - </Class> - <Class Name="DotNetOpenAuth.OAuth2.Messages.AccessTokenRefreshRequest" Collapsed="true"> - <Position X="8.5" Y="9.75" Width="2.25" /> - <TypeIdentifier> - <HashCode>AAAAEAAAQAAAAAAAAAAAAAAQAAAAAAAAAAAgAAAABAA=</HashCode> - <FileName>OAuth2\Messages\AccessTokenRefreshRequest.cs</FileName> - </TypeIdentifier> - <Lollipop Position="0.2" /> - </Class> - <Class Name="DotNetOpenAuth.OAuth2.Messages.AccessTokenRequestBase" Collapsed="true"> - <Position X="5.75" Y="5.75" Width="2" /> - <TypeIdentifier> - <HashCode>AAAAAAAAQABAAAAAAAAAAAAQAAAAAAAAAAAAAAAACAA=</HashCode> - <FileName>OAuth2\Messages\AccessTokenRequestBase.cs</FileName> - </TypeIdentifier> - <Lollipop Position="0.2" /> - </Class> - <Class Name="DotNetOpenAuth.OAuth2.Messages.AccessTokenResourceOwnerPasswordCredentialsRequest" Collapsed="true"> - <Position X="8.5" Y="10.5" Width="4" /> - <TypeIdentifier> - <HashCode>AAAAAAAAAAAAAAAAAAAAAAAQAAAAAAACAQAAAAAAAAA=</HashCode> - <FileName>OAuth2\Messages\AccessTokenResourceOwnerPasswordCredentialsRequest.cs</FileName> - </TypeIdentifier> - </Class> - <Class Name="DotNetOpenAuth.OAuth2.Messages.AccessTokenSuccessResponse" Collapsed="true"> - <Position X="3.25" Y="7.5" Width="2.25" /> - <TypeIdentifier> - <HashCode>AAAAAAAAQAAAACAAAAAAAAQAEAAAAAAQAEAAAAAAAgA=</HashCode> - <FileName>OAuth2\Messages\AccessTokenSuccessResponse.cs</FileName> - </TypeIdentifier> - <Lollipop Position="0.2" /> - </Class> - <Class Name="DotNetOpenAuth.OAuth2.Messages.AuthenticatedClientRequestBase" Collapsed="true"> - <Position X="3.25" Y="5.25" Width="2.25" /> - <TypeIdentifier> - <HashCode>AAAAAAAAAAAAAAAAAAAAAAAAAAwAAAAAAAAAAAAAAAA=</HashCode> - <FileName>OAuth2\Messages\AuthenticatedClientRequestBase.cs</FileName> - </TypeIdentifier> - </Class> - <Class Name="DotNetOpenAuth.OAuth2.Messages.EndUserAuthorizationFailedResponse" Collapsed="true"> - <Position X="3.25" Y="4.5" Width="2.75" /> - <TypeIdentifier> - <HashCode>AAAAAIAAAAAAAQAAAAAAAAgAAAAAAAEAAAAAAAAAAAA=</HashCode> - <FileName>OAuth2\Messages\EndUserAuthorizationFailedResponse.cs</FileName> - </TypeIdentifier> - <Lollipop Position="0.2" /> - </Class> - <Class Name="DotNetOpenAuth.OAuth2.Messages.EndUserAuthorizationRequest" Collapsed="true"> - <Position X="3.25" Y="0.5" Width="2.25" /> - <TypeIdentifier> - <HashCode>AAAAAAAAQABAACAAAAAAAACAAAQAAAQAAAAAAAAAQAA=</HashCode> - <FileName>OAuth2\Messages\EndUserAuthorizationRequest.cs</FileName> - </TypeIdentifier> - <Lollipop Position="0.2" /> - </Class> - <Class Name="DotNetOpenAuth.OAuth2.Messages.EndUserAuthorizationSuccessAccessTokenResponse" Collapsed="true"> - <Position X="6.25" Y="3.75" Width="3.75" /> - <TypeIdentifier> - <HashCode>AAAAEAAAAAAAAAAAAAAAAAACEAAAAAAAAAAgAAAABgA=</HashCode> - <FileName>OAuth2\Messages\EndUserAuthorizationSuccessAccessTokenResponse.cs</FileName> - </TypeIdentifier> - <Lollipop Position="0.2" /> - </Class> - <Class Name="DotNetOpenAuth.OAuth2.Messages.EndUserAuthorizationSuccessAuthCodeResponse" Collapsed="true"> - <Position X="6.25" Y="2.5" Width="3.5" /> - <TypeIdentifier> - <HashCode>ACAAEAAAAAAAAAAAAAAAAAAAEAAAAAAAAAAgAAAABAA=</HashCode> - <FileName>OAuth2\Messages\EndUserAuthorizationSuccessAuthCodeResponse.cs</FileName> - </TypeIdentifier> - <Lollipop Position="0.2" /> - </Class> - <Class Name="DotNetOpenAuth.OAuth2.Messages.EndUserAuthorizationSuccessResponseBase" Collapsed="true"> - <Position X="3.25" Y="1.5" Width="2.75" /> - <TypeIdentifier> - <HashCode>AAACAAAAAAAAACAAAAAAAAgAAAAAAAAAAEAAAAAAAAA=</HashCode> - <FileName>OAuth2\Messages\EndUserAuthorizationSuccessResponseBase.cs</FileName> - </TypeIdentifier> - <Lollipop Position="0.2" /> - </Class> - <Class Name="DotNetOpenAuth.OAuth2.Messages.AccessProtectedResourceRequest" Collapsed="true"> - <Position X="3.25" Y="9.75" Width="2.5" /> - <TypeIdentifier> - <HashCode>AAAAEAAAAAAAAAAAAAAAAAAAEAAAAAAAAAAgAAAABgA=</HashCode> - <FileName>OAuth2\Messages\AccessProtectedResourceRequest.cs</FileName> - </TypeIdentifier> - <Lollipop Position="0.2" /> - </Class> - <Class Name="DotNetOpenAuth.OAuth2.Messages.UnauthorizedResponse" Collapsed="true"> - <Position X="3.25" Y="10.75" Width="2" /> - <TypeIdentifier> - <HashCode>AUABAAAAAAAAACAAAAAAAAQIAAAAAAAQAAAAAAAAABA=</HashCode> - <FileName>OAuth2\Messages\UnauthorizedResponse.cs</FileName> - </TypeIdentifier> - <Lollipop Position="0.2" /> - </Class> - <Class Name="DotNetOpenAuth.OAuth2.Messages.ScopedAccessTokenRequest" Collapsed="true"> - <Position X="6.75" Y="7.75" Width="2.25" /> - <TypeIdentifier> - <HashCode>AAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAACAA=</HashCode> - <FileName>OAuth2\Messages\ScopedAccessTokenRequest.cs</FileName> - </TypeIdentifier> - </Class> - <Interface Name="DotNetOpenAuth.OAuth2.Messages.IMessageWithClientState"> - <Position X="11.5" Y="0.5" Width="2" /> - <TypeIdentifier> - <HashCode>AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAAAAAAAAA=</HashCode> - <FileName>OAuth2\Messages\IMessageWithClientState.cs</FileName> - </TypeIdentifier> - </Interface> - <Interface Name="DotNetOpenAuth.OAuth2.ChannelElements.IAuthorizationCarryingRequest"> - <Position X="11.75" Y="2" Width="2.5" /> - <TypeIdentifier> - <HashCode>AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAEAAAAA=</HashCode> - <FileName>OAuth2\ChannelElements\IAuthorizationCarryingRequest.cs</FileName> - </TypeIdentifier> - </Interface> - <Enum Name="DotNetOpenAuth.OAuth2.Messages.EndUserAuthorizationResponseType"> - <Position X="8" Y="0.5" Width="3" /> - <TypeIdentifier> - <HashCode>ACAAAAAAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAA=</HashCode> - <FileName>OAuth2\Messages\EndUserAuthorizationResponseType.cs</FileName> - </TypeIdentifier> - </Enum> - <Enum Name="DotNetOpenAuth.OAuth2.Messages.GrantType"> - <Position X="6.25" Y="0.5" Width="1.5" /> - <TypeIdentifier> - <HashCode>ACAAAAAAQAAAAAQAAgAAAAAAAAAAAAACAAAAAAAAAAA=</HashCode> - <FileName>OAuth2\Messages\GrantType.cs</FileName> - </TypeIdentifier> - </Enum> - <Font Name="Segoe UI" Size="9" /> -</ClassDiagram>
\ No newline at end of file diff --git a/src/DotNetOpenAuth.OAuth2/OAuth2/Messages/UnauthorizedResponse.cs b/src/DotNetOpenAuth.OAuth2/OAuth2/Messages/UnauthorizedResponse.cs index 3f4bb5b..e4a8a48 100644 --- a/src/DotNetOpenAuth.OAuth2/OAuth2/Messages/UnauthorizedResponse.cs +++ b/src/DotNetOpenAuth.OAuth2/OAuth2/Messages/UnauthorizedResponse.cs @@ -6,110 +6,204 @@ namespace DotNetOpenAuth.OAuth2.Messages { using System; + using System.Collections.Generic; using System.Diagnostics.Contracts; + using System.Globalization; using System.Net; using System.Text; using DotNetOpenAuth.Messaging; + using DotNetOpenAuth.OAuth2.ChannelElements; /// <summary> - /// A direct response that is simply a 401 Unauthorized with an - /// WWW-Authenticate: OAuth header. + /// A direct response sent in response to a rejected Bearer access token. /// </summary> - internal class UnauthorizedResponse : MessageBase, IHttpDirectResponse { + /// <remarks> + /// This satisfies the spec in: http://self-issued.info/docs/draft-ietf-oauth-v2-bearer.html#authn-header + /// </remarks> + public class UnauthorizedResponse : MessageBase, IHttpDirectResponse { /// <summary> - /// Initializes a new instance of the <see cref="UnauthorizedResponse"/> class. + /// The headers in the response message. /// </summary> - /// <param name="exception">The exception.</param> - /// <param name="version">The protocol version.</param> - internal UnauthorizedResponse(ProtocolException exception, Version version = null) - : base(version ?? Protocol.Default.Version) { - Requires.NotNull(exception, "exception"); - this.ErrorMessage = exception.Message; - } + private readonly WebHeaderCollection headers = new WebHeaderCollection(); /// <summary> /// Initializes a new instance of the <see cref="UnauthorizedResponse"/> class. /// </summary> - /// <param name="request">The request.</param> - internal UnauthorizedResponse(IDirectedProtocolMessage request) - : base(request) { - this.Realm = "Service"; + /// <param name="version">The protocol version.</param> + protected UnauthorizedResponse(Version version = null) + : base(version ?? Protocol.Default.Version) { } /// <summary> /// Initializes a new instance of the <see cref="UnauthorizedResponse"/> class. /// </summary> /// <param name="request">The request.</param> - /// <param name="exception">The exception.</param> - internal UnauthorizedResponse(IDirectedProtocolMessage request, ProtocolException exception) - : this(request) { - Requires.NotNull(exception, "exception"); - this.ErrorMessage = exception.Message; + protected UnauthorizedResponse(IDirectedProtocolMessage request) + : base(request) { } #region IHttpDirectResponse Members /// <summary> - /// Gets the HTTP status code that the direct response should be sent with. + /// Gets or sets the HTTP status code that the direct response should be sent with. /// </summary> - HttpStatusCode IHttpDirectResponse.HttpStatusCode { - get { return HttpStatusCode.Unauthorized; } - } + public HttpStatusCode HttpStatusCode { get; set; } /// <summary> /// Gets the HTTP headers to add to the response. /// </summary> /// <value>May be an empty collection, but must not be <c>null</c>.</value> - WebHeaderCollection IHttpDirectResponse.Headers { - get { - return new WebHeaderCollection() { - { HttpResponseHeader.WwwAuthenticate, Protocol.BearerHttpAuthorizationScheme }, - }; - } + public WebHeaderCollection Headers { + get { return this.headers; } } #endregion /// <summary> - /// Gets or sets the error message. + /// Gets or sets the well known error code. /// </summary> - /// <value>The error message.</value> - [MessagePart("error")] - internal string ErrorMessage { get; set; } + /// <value>One of the values from <see cref="Protocol.BearerTokenErrorCodes"/>.</value> + [MessagePart(Protocol.BearerTokenUnauthorizedResponseParameters.ErrorCode)] + public string ErrorCode { get; set; } + + /// <summary> + /// Gets or sets a human-readable explanation for developers that is not meant to be displayed to end users. + /// </summary> + [MessagePart(Protocol.BearerTokenUnauthorizedResponseParameters.ErrorDescription)] + public string ErrorDescription { get; set; } + + /// <summary> + /// Gets or sets an absolute URI identifying a human-readable web page explaining the error. + /// </summary> + [MessagePart(Protocol.BearerTokenUnauthorizedResponseParameters.ErrorUri)] + public Uri ErrorUri { get; set; } /// <summary> /// Gets or sets the realm. /// </summary> /// <value>The realm.</value> - [MessagePart("realm")] - internal string Realm { get; set; } + [MessagePart(Protocol.BearerTokenUnauthorizedResponseParameters.Realm)] + public string Realm { get; set; } /// <summary> /// Gets or sets the scope. /// </summary> /// <value>The scope.</value> - [MessagePart("scope")] - internal string Scope { get; set; } + [MessagePart(Protocol.BearerTokenUnauthorizedResponseParameters.Scope, Encoder = typeof(ScopeEncoder))] + public HashSet<string> Scope { get; set; } + + /// <summary> + /// Gets the scheme to use in the WWW-Authenticate header. + /// </summary> + internal virtual string Scheme { + get { return Protocol.BearerHttpAuthorizationScheme; } + } + + /// <summary> + /// Initializes a new instance of the <see cref="UnauthorizedResponse"/> class + /// to inform the client that the request was invalid. + /// </summary> + /// <param name="exception">The exception.</param> + /// <param name="version">The version of OAuth 2 that is in use.</param> + /// <returns>The error message.</returns> + internal static UnauthorizedResponse InvalidRequest(ProtocolException exception, Version version = null) { + Requires.NotNull(exception, "exception"); + var message = new UnauthorizedResponse(version) { + ErrorCode = Protocol.BearerTokenErrorCodes.InvalidRequest, + ErrorDescription = exception.Message, + HttpStatusCode = System.Net.HttpStatusCode.BadRequest, + }; + + return message; + } + + /// <summary> + /// Initializes a new instance of the <see cref="UnauthorizedResponse"/> class + /// to inform the client that the bearer token included in the request was rejected. + /// </summary> + /// <param name="request">The request.</param> + /// <param name="exception">The exception.</param> + /// <returns>The error message.</returns> + internal static UnauthorizedResponse InvalidToken(IDirectedProtocolMessage request, ProtocolException exception) { + Requires.NotNull(request, "request"); + Requires.NotNull(exception, "exception"); + var message = new UnauthorizedResponse(request) { + ErrorCode = Protocol.BearerTokenErrorCodes.InvalidToken, + ErrorDescription = exception.Message, + HttpStatusCode = System.Net.HttpStatusCode.Unauthorized, + }; + + return message; + } /// <summary> - /// Gets or sets the algorithms. + /// Initializes a new instance of the <see cref="UnauthorizedResponse"/> class + /// to inform the client of the required set of scopes required to perform this operation. /// </summary> - /// <value>The algorithms.</value> - [MessagePart("algorithms")] - internal string Algorithms { get; set; } + /// <param name="request">The request.</param> + /// <param name="requiredScopes">The set of scopes required to perform this operation.</param> + /// <returns>The error message.</returns> + internal static UnauthorizedResponse InsufficientScope(IDirectedProtocolMessage request, HashSet<string> requiredScopes) { + Requires.NotNull(request, "request"); + Requires.NotNull(requiredScopes, "requiredScopes"); + var message = new UnauthorizedResponse(request) { + HttpStatusCode = System.Net.HttpStatusCode.Forbidden, + ErrorCode = Protocol.BearerTokenErrorCodes.InsufficientScope, + Scope = requiredScopes, + }; + return message; + } /// <summary> - /// Gets or sets the user endpoint. + /// Ensures the message is valid. /// </summary> - /// <value>The user endpoint.</value> - [MessagePart("user-uri")] - internal Uri UserEndpoint { get; set; } + protected override void EnsureValidMessage() { + base.EnsureValidMessage(); + + // Make sure the characters used in the supplied parameters satisfy requirements. + VerifyErrorCodeOrDescription(this.ErrorCode, Protocol.BearerTokenUnauthorizedResponseParameters.ErrorCode); + VerifyErrorCodeOrDescription(this.ErrorDescription, Protocol.BearerTokenUnauthorizedResponseParameters.ErrorDescription); + VerifyErrorUri(this.ErrorUri); + + // Ensure that at least one parameter is specified, as required in the spec. + ErrorUtilities.VerifyProtocol( + this.ErrorCode != null || this.ErrorDescription != null || this.ErrorUri != null || this.Realm != null || this.Scope != null, + OAuthStrings.BearerTokenUnauthorizedAtLeastOneParameterRequired); + } /// <summary> - /// Gets or sets the token endpoint. + /// Ensures the error or error_description parameters contain only allowed characters. /// </summary> - /// <value>The token endpoint.</value> - [MessagePart("token-uri")] - internal Uri TokenEndpoint { get; set; } + /// <param name="value">The argument.</param> + /// <param name="parameterName">The name of the parameter being validated. Used when errors are reported.</param> + private static void VerifyErrorCodeOrDescription(string value, string parameterName) { + if (value != null) { + for (int i = 0; i < value.Length; i++) { + // The allowed set of characters comes from http://self-issued.info/docs/draft-ietf-oauth-v2-bearer.html#authn-header + char ch = value[i]; + if (!((ch >= '\x20' && ch <= '\x21') || (ch >= '\x23' && ch <= '\x5B') || (ch >= '\x5D' && ch <= '\x7E'))) { + ErrorUtilities.ThrowProtocol(OAuthStrings.ParameterContainsIllegalCharacters, parameterName, ch); + } + } + } + } + + /// <summary> + /// Ensures the error_uri parameter contains only allowed characters and is an absolute URI. + /// </summary> + /// <param name="valueUri">The absolute URI.</param> + private static void VerifyErrorUri(Uri valueUri) { + if (valueUri != null) { + ErrorUtilities.VerifyProtocol(valueUri.IsAbsoluteUri, OAuthStrings.AbsoluteUriRequired); + string value = valueUri.AbsoluteUri; + for (int i = 0; i < value.Length; i++) { + // The allowed set of characters comes from http://self-issued.info/docs/draft-ietf-oauth-v2-bearer.html#authn-header + char ch = value[i]; + if (!(ch == '\x21' || (ch >= '\x23' && ch <= '\x5B') || (ch >= '\x5D' && ch <= '\x7E'))) { + ErrorUtilities.ThrowProtocol(OAuthStrings.ParameterContainsIllegalCharacters, Protocol.BearerTokenUnauthorizedResponseParameters.ErrorUri, ch); + } + } + } + } } } diff --git a/src/DotNetOpenAuth.OAuth2/OAuth2/OAuthStrings.Designer.cs b/src/DotNetOpenAuth.OAuth2/OAuth2/OAuthStrings.Designer.cs index 6ce3b53..b440c1f 100644 --- a/src/DotNetOpenAuth.OAuth2/OAuth2/OAuthStrings.Designer.cs +++ b/src/DotNetOpenAuth.OAuth2/OAuth2/OAuthStrings.Designer.cs @@ -1,7 +1,7 @@ //------------------------------------------------------------------------------ // <auto-generated> // This code was generated by a tool. -// Runtime Version:4.0.30319.239 +// Runtime Version:4.0.30319.17622 // // Changes to this file may cause incorrect behavior and will be lost if // the code is regenerated. @@ -70,15 +70,6 @@ namespace DotNetOpenAuth.OAuth2 { } /// <summary> - /// Looks up a localized string similar to The requested access scope ("{0}") exceeds the grant scope ("{1}").. - /// </summary> - internal static string AccessScopeExceedsGrantScope { - get { - return ResourceManager.GetString("AccessScopeExceedsGrantScope", resourceCulture); - } - } - - /// <summary> /// Looks up a localized string similar to The access token contains characters that must not appear in the HTTP Authorization header.. /// </summary> internal static string AccessTokenInvalidForHttpAuthorizationHeader { @@ -88,29 +79,11 @@ namespace DotNetOpenAuth.OAuth2 { } /// <summary> - /// Looks up a localized string similar to Failed to obtain access token. Authorization Server reports reason: {0}. - /// </summary> - internal static string CannotObtainAccessTokenWithReason { - get { - return ResourceManager.GetString("CannotObtainAccessTokenWithReason", resourceCulture); - } - } - - /// <summary> - /// Looks up a localized string similar to The callback URL ({0}) is not allowed for this client.. - /// </summary> - internal static string ClientCallbackDisallowed { - get { - return ResourceManager.GetString("ClientCallbackDisallowed", resourceCulture); - } - } - - /// <summary> - /// Looks up a localized string similar to Failure looking up secret for client or token.. + /// Looks up a localized string similar to At least one parameter is required for the Bearer scheme in its WWW-Authenticate header.. /// </summary> - internal static string ClientOrTokenSecretNotFound { + internal static string BearerTokenUnauthorizedAtLeastOneParameterRequired { get { - return ResourceManager.GetString("ClientOrTokenSecretNotFound", resourceCulture); + return ResourceManager.GetString("BearerTokenUnauthorizedAtLeastOneParameterRequired", resourceCulture); } } @@ -124,15 +97,6 @@ namespace DotNetOpenAuth.OAuth2 { } /// <summary> - /// Looks up a localized string similar to Failed to obtain access token due to invalid Client Identifier or Client Secret.. - /// </summary> - internal static string InvalidClientCredentials { - get { - return ResourceManager.GetString("InvalidClientCredentials", resourceCulture); - } - } - - /// <summary> /// Looks up a localized string similar to The scope token "{0}" contains illegal characters or is empty.. /// </summary> internal static string InvalidScopeToken { @@ -142,15 +106,6 @@ namespace DotNetOpenAuth.OAuth2 { } /// <summary> - /// Looks up a localized string similar to No callback URI was available for this request.. - /// </summary> - internal static string NoCallback { - get { - return ResourceManager.GetString("NoCallback", resourceCulture); - } - } - - /// <summary> /// Looks up a localized string similar to Refresh tokens should not be granted without the request including an access grant.. /// </summary> internal static string NoGrantNoRefreshToken { @@ -160,11 +115,11 @@ namespace DotNetOpenAuth.OAuth2 { } /// <summary> - /// Looks up a localized string similar to The request message type {0} should not be responded to with a refresh token.. + /// Looks up a localized string similar to The '{0}' parameter contains the illegal character '{1}'.. /// </summary> - internal static string RefreshTokenInappropriateForRequestType { + internal static string ParameterContainsIllegalCharacters { get { - return ResourceManager.GetString("RefreshTokenInappropriateForRequestType", resourceCulture); + return ResourceManager.GetString("ParameterContainsIllegalCharacters", resourceCulture); } } @@ -185,14 +140,5 @@ namespace DotNetOpenAuth.OAuth2 { return ResourceManager.GetString("ScopesMayNotContainSpaces", resourceCulture); } } - - /// <summary> - /// Looks up a localized string similar to Unexpected response Content-Type {0}. - /// </summary> - internal static string UnexpectedResponseContentType { - get { - return ResourceManager.GetString("UnexpectedResponseContentType", resourceCulture); - } - } } } diff --git a/src/DotNetOpenAuth.OAuth2/OAuth2/OAuthStrings.resx b/src/DotNetOpenAuth.OAuth2/OAuth2/OAuthStrings.resx index af1a955..4298af6 100644 --- a/src/DotNetOpenAuth.OAuth2/OAuth2/OAuthStrings.resx +++ b/src/DotNetOpenAuth.OAuth2/OAuth2/OAuthStrings.resx @@ -112,46 +112,31 @@ <value>2.0</value> </resheader> <resheader name="reader"> - <value>System.Resources.ResXResourceReader, System.Windows.Forms, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</value> + <value>System.Resources.ResXResourceReader, System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</value> </resheader> <resheader name="writer"> - <value>System.Resources.ResXResourceWriter, System.Windows.Forms, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</value> + <value>System.Resources.ResXResourceWriter, System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</value> </resheader> <data name="AbsoluteUriRequired" xml:space="preserve"> <value>The value for message part "{0}" must be an absolute URI.</value> </data> - <data name="AccessScopeExceedsGrantScope" xml:space="preserve"> - <value>The requested access scope ("{0}") exceeds the grant scope ("{1}").</value> - </data> <data name="AccessTokenInvalidForHttpAuthorizationHeader" xml:space="preserve"> <value>The access token contains characters that must not appear in the HTTP Authorization header.</value> </data> - <data name="CannotObtainAccessTokenWithReason" xml:space="preserve"> - <value>Failed to obtain access token. Authorization Server reports reason: {0}</value> - </data> - <data name="ClientCallbackDisallowed" xml:space="preserve"> - <value>The callback URL ({0}) is not allowed for this client.</value> - </data> - <data name="ClientOrTokenSecretNotFound" xml:space="preserve"> - <value>Failure looking up secret for client or token.</value> + <data name="BearerTokenUnauthorizedAtLeastOneParameterRequired" xml:space="preserve"> + <value>At least one parameter is required for the Bearer scheme in its WWW-Authenticate header.</value> </data> <data name="HttpsRequired" xml:space="preserve"> <value>This message can only be sent over HTTPS.</value> </data> - <data name="InvalidClientCredentials" xml:space="preserve"> - <value>Failed to obtain access token due to invalid Client Identifier or Client Secret.</value> - </data> <data name="InvalidScopeToken" xml:space="preserve"> <value>The scope token "{0}" contains illegal characters or is empty.</value> </data> - <data name="NoCallback" xml:space="preserve"> - <value>No callback URI was available for this request.</value> - </data> <data name="NoGrantNoRefreshToken" xml:space="preserve"> <value>Refresh tokens should not be granted without the request including an access grant.</value> </data> - <data name="RefreshTokenInappropriateForRequestType" xml:space="preserve"> - <value>The request message type {0} should not be responded to with a refresh token.</value> + <data name="ParameterContainsIllegalCharacters" xml:space="preserve"> + <value>The '{0}' parameter contains the illegal character '{1}'.</value> </data> <data name="ResultShouldNotBeNull" xml:space="preserve"> <value>The return value of {0}.{1} should never be null.</value> @@ -159,7 +144,4 @@ <data name="ScopesMayNotContainSpaces" xml:space="preserve"> <value>Individual scopes may not contain spaces.</value> </data> - <data name="UnexpectedResponseContentType" xml:space="preserve"> - <value>Unexpected response Content-Type {0}</value> - </data> </root>
\ No newline at end of file diff --git a/src/DotNetOpenAuth.OAuth2/OAuth2/OAuthUtilities.cs b/src/DotNetOpenAuth.OAuth2/OAuth2/OAuthUtilities.cs index dd7909b..5a4a0d3 100644 --- a/src/DotNetOpenAuth.OAuth2/OAuth2/OAuthUtilities.cs +++ b/src/DotNetOpenAuth.OAuth2/OAuth2/OAuthUtilities.cs @@ -24,9 +24,24 @@ namespace DotNetOpenAuth.OAuth2 { public static readonly StringComparer ScopeStringComparer = StringComparer.Ordinal; /// <summary> + /// The string "Basic ". + /// </summary> + private const string HttpBasicAuthScheme = "Basic "; + + /// <summary> /// The delimiter between scope elements. /// </summary> - private static char[] scopeDelimiter = new char[] { ' ' }; + private static readonly char[] scopeDelimiter = new char[] { ' ' }; + + /// <summary> + /// A colon, in a 1-length character array. + /// </summary> + private static readonly char[] ColonSeparator = new char[] { ':' }; + + /// <summary> + /// The encoding to use when preparing credentials for transit in HTTP Basic base64 encoding form. + /// </summary> + private static readonly Encoding HttpBasicEncoding = Encoding.UTF8; /// <summary> /// The characters that may appear in an access token that is included in an HTTP Authorization header. @@ -35,32 +50,9 @@ namespace DotNetOpenAuth.OAuth2 { /// This is defined in OAuth 2.0 DRAFT 10, section 5.1.1. (http://tools.ietf.org/id/draft-ietf-oauth-v2-10.html#authz-header) /// </remarks> private static string accessTokenAuthorizationHeaderAllowedCharacters = MessagingUtilities.UppercaseLetters + - MessagingUtilities.LowercaseLetters + - MessagingUtilities.Digits + - @"!#$%&'()*+-./:<=>?@[]^_`{|}~\,;"; - - /// <summary> - /// Determines whether one given scope is a subset of another scope. - /// </summary> - /// <param name="requestedScope">The requested scope, which may be a subset of <paramref name="grantedScope"/>.</param> - /// <param name="grantedScope">The granted scope, the suspected superset.</param> - /// <returns> - /// <c>true</c> if all the elements that appear in <paramref name="requestedScope"/> also appear in <paramref name="grantedScope"/>; - /// <c>false</c> otherwise. - /// </returns> - public static bool IsScopeSubset(string requestedScope, string grantedScope) { - if (string.IsNullOrEmpty(requestedScope)) { - return true; - } - - if (string.IsNullOrEmpty(grantedScope)) { - return false; - } - - var requestedScopes = new HashSet<string>(requestedScope.Split(scopeDelimiter, StringSplitOptions.RemoveEmptyEntries)); - var grantedScopes = new HashSet<string>(grantedScope.Split(scopeDelimiter, StringSplitOptions.RemoveEmptyEntries)); - return requestedScopes.IsSubsetOf(grantedScopes); - } + MessagingUtilities.LowercaseLetters + + MessagingUtilities.Digits + + @"!#$%&'()*+-./:<=>?@[]^_`{|}~\,;"; /// <summary> /// Identifies individual scope elements @@ -89,6 +81,26 @@ namespace DotNetOpenAuth.OAuth2 { } /// <summary> + /// Parses a space-delimited list of scopes into a set. + /// </summary> + /// <param name="scopes">The space-delimited string.</param> + /// <returns>A set.</returns> + internal static HashSet<string> ParseScopeSet(string scopes) { + Requires.NotNull(scopes, "scopes"); + return ParseScopeSet(scopes.Split(scopeDelimiter, StringSplitOptions.RemoveEmptyEntries)); + } + + /// <summary> + /// Creates a set out of an array of strings. + /// </summary> + /// <param name="scopes">The array of strings.</param> + /// <returns>A set.</returns> + internal static HashSet<string> ParseScopeSet(string[] scopes) { + Requires.NotNull(scopes, "scopes"); + return new HashSet<string>(scopes, StringComparer.Ordinal); + } + + /// <summary> /// Verifies that a sequence of scope tokens are all valid. /// </summary> /// <param name="scopes">The scopes.</param> @@ -131,24 +143,43 @@ namespace DotNetOpenAuth.OAuth2 { } /// <summary> - /// Gets information about the client with a given identifier. + /// Applies the HTTP Authorization header for HTTP Basic authentication. + /// </summary> + /// <param name="headers">The headers collection to set the authorization header to.</param> + /// <param name="userName">The username. Cannot be empty.</param> + /// <param name="password">The password. Cannot be null.</param> + internal static void ApplyHttpBasicAuth(WebHeaderCollection headers, string userName, string password) { + Requires.NotNull(headers, "headers"); + Requires.NotNullOrEmpty(userName, "userName"); + Requires.NotNull(password, "password"); + + string concat = userName + ":" + password; + byte[] bits = HttpBasicEncoding.GetBytes(concat); + string base64 = Convert.ToBase64String(bits); + string header = HttpBasicAuthScheme + base64; + headers[HttpRequestHeader.Authorization] = header; + } + + /// <summary> + /// Extracts the username and password from an HTTP Basic authorized web header. /// </summary> - /// <param name="authorizationServer">The authorization server.</param> - /// <param name="clientIdentifier">The client identifier.</param> - /// <returns>The client information. Never null.</returns> - internal static IClientDescription GetClientOrThrow(this IAuthorizationServer authorizationServer, string clientIdentifier) { - Requires.NotNullOrEmpty(clientIdentifier, "clientIdentifier"); - Contract.Ensures(Contract.Result<IClientDescription>() != null); - - try { - var result = authorizationServer.GetClient(clientIdentifier); - ErrorUtilities.VerifyHost(result != null, OAuthStrings.ResultShouldNotBeNull, authorizationServer.GetType().FullName, "GetClient(string)"); - return result; - } catch (KeyNotFoundException ex) { - throw ErrorUtilities.Wrap(ex, OAuthStrings.ClientOrTokenSecretNotFound); - } catch (ArgumentException ex) { - throw ErrorUtilities.Wrap(ex, OAuthStrings.ClientOrTokenSecretNotFound); + /// <param name="headers">The incoming web headers.</param> + /// <returns>The network credentials; or <c>null</c> if none could be discovered in the request.</returns> + internal static NetworkCredential ParseHttpBasicAuth(WebHeaderCollection headers) { + Requires.NotNull(headers, "headers"); + + string authorizationHeader = headers[HttpRequestHeaders.Authorization]; + if (authorizationHeader != null && authorizationHeader.StartsWith(HttpBasicAuthScheme, StringComparison.Ordinal)) { + string base64 = authorizationHeader.Substring(HttpBasicAuthScheme.Length); + byte[] bits = Convert.FromBase64String(base64); + string usernameColonPassword = HttpBasicEncoding.GetString(bits); + string[] usernameAndPassword = usernameColonPassword.Split(ColonSeparator, 2); + if (usernameAndPassword.Length == 2) { + return new NetworkCredential(usernameAndPassword[0], usernameAndPassword[1]); + } } + + return null; } } } diff --git a/src/DotNetOpenAuth.OAuth2/OAuth2/Protocol.cs b/src/DotNetOpenAuth.OAuth2/OAuth2/Protocol.cs index 19fe845..d780a81 100644 --- a/src/DotNetOpenAuth.OAuth2/OAuth2/Protocol.cs +++ b/src/DotNetOpenAuth.OAuth2/OAuth2/Protocol.cs @@ -45,11 +45,6 @@ namespace DotNetOpenAuth.OAuth2 { internal const string BearerTokenEncodedUrlParameterName = "access_token"; /// <summary> - /// The "type" string. - /// </summary> - internal const string type = "type"; - - /// <summary> /// The "state" string. /// </summary> internal const string state = "state"; @@ -60,26 +55,6 @@ namespace DotNetOpenAuth.OAuth2 { internal const string redirect_uri_mismatch = "redirect_uri_mismatch"; /// <summary> - /// The "bad_verification_code" string. - /// </summary> - internal const string bad_verification_code = "bad_verification_code"; - - /// <summary> - /// The "incorrect_client_credentials" string. - /// </summary> - internal const string incorrect_client_credentials = "incorrect_client_credentials"; - - /// <summary> - /// The "unauthorized_client" string. - /// </summary> - internal const string unauthorized_client = "unauthorized_client"; - - /// <summary> - /// The "authorization_expired" string. - /// </summary> - internal const string authorization_expired = "authorization_expired"; - - /// <summary> /// The "redirect_uri" string. /// </summary> internal const string redirect_uri = "redirect_uri"; @@ -95,11 +70,6 @@ namespace DotNetOpenAuth.OAuth2 { internal const string scope = "scope"; /// <summary> - /// The "immediate" string. - /// </summary> - internal const string immediate = "immediate"; - - /// <summary> /// The "client_secret" string. /// </summary> internal const string client_secret = "client_secret"; @@ -110,21 +80,6 @@ namespace DotNetOpenAuth.OAuth2 { internal const string code = "code"; /// <summary> - /// The "user_code" string. - /// </summary> - internal const string user_code = "user_code"; - - /// <summary> - /// The "verification_uri" string. - /// </summary> - internal const string verification_uri = "verification_uri"; - - /// <summary> - /// The "interval" string. - /// </summary> - internal const string interval = "interval"; - - /// <summary> /// The "error" string. /// </summary> internal const string error = "error"; @@ -135,11 +90,6 @@ namespace DotNetOpenAuth.OAuth2 { internal const string access_token = "access_token"; /// <summary> - /// The "access_token_secret" string. - /// </summary> - internal const string access_token_secret = "access_token_secret"; - - /// <summary> /// The "token_type" string. /// </summary> internal const string token_type = "token_type"; @@ -155,11 +105,6 @@ namespace DotNetOpenAuth.OAuth2 { internal const string expires_in = "expires_in"; /// <summary> - /// The "expired_delegation_code" string. - /// </summary> - internal const string expired_delegation_code = "expired_delegation_code"; - - /// <summary> /// The "username" string. /// </summary> internal const string username = "username"; @@ -170,26 +115,6 @@ namespace DotNetOpenAuth.OAuth2 { internal const string password = "password"; /// <summary> - /// The "format" string. - /// </summary> - internal const string format = "format"; - - /// <summary> - /// The "assertion" string. - /// </summary> - internal const string assertion = "assertion"; - - /// <summary> - /// The "assertion_type" string. - /// </summary> - internal const string assertion_type = "assertion_type"; - - /// <summary> - /// The "user_denied" string. - /// </summary> - internal const string user_denied = "user_denied"; - - /// <summary> /// Gets the <see cref="Protocol"/> instance with values initialized for V1.0 of the protocol. /// </summary> internal static readonly Protocol V20 = new Protocol { @@ -286,27 +211,38 @@ namespace DotNetOpenAuth.OAuth2 { internal static class AccessTokenRequestErrorCodes { /// <summary> - /// The request is missing a required parameter, includes an unknown parameter or parameter value, repeats a parameter, includes multiple credentials, utilizes more than one mechanism for authenticating the client, or is otherwise malformed. + /// The request is missing a required parameter, includes an unknown parameter or parameter value, repeats a parameter, + /// includes multiple credentials, utilizes more than one mechanism for authenticating the client, or is otherwise malformed. /// </summary> internal const string InvalidRequest = "invalid_request"; /// <summary> - /// The client is not authorized to use the access grant type provided. + /// Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). + /// The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. + /// If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with + /// an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme + /// used by the client. /// </summary> - internal const string UnauthorizedClient = "unauthorized_client"; + internal const string InvalidClient = "invalid_client"; /// <summary> - /// The resource owner or authorization server denied the request. + /// The provided authorization grant (e.g. authorization code, resource owner credentials) or refresh token is invalid, expired, + /// revoked, does not match the redirection URI used in the authorization request, or was issued to another client. /// </summary> - internal const string AccessDenied = "access_denied"; + internal const string InvalidGrant = "invalid_grant"; /// <summary> - /// The authorization server does not support obtaining an access token using this method. + /// The authenticated client is not authorized to use this authorization grant type. /// </summary> - internal const string UnsupportedGrantType = "unsupported_response_type"; + internal const string UnauthorizedClient = "unauthorized_client"; /// <summary> - /// The requested scope is invalid, unknown, malformed, or exceeds the previously granted scope. + /// The authorization grant type is not supported by the authorization server. + /// </summary> + internal const string UnsupportedGrantType = "unsupported_grant_type"; + + /// <summary> + /// The requested scope is invalid, unknown, malformed, or exceeds the scope granted by the resource owner. /// </summary> internal const string InvalidScope = "invalid_scope"; } @@ -361,5 +297,39 @@ namespace DotNetOpenAuth.OAuth2 { /// </summary> internal const string Bearer = "bearer"; } + + internal static class BearerTokenUnauthorizedResponseParameters { + internal const string Realm = "realm"; + internal const string ErrorCode = "error"; + internal const string ErrorDescription = "error_description"; + internal const string ErrorUri = "error_uri"; + internal const string Scope = "scope"; + } + + /// <summary> + /// The error codes prescribed in http://self-issued.info/docs/draft-ietf-oauth-v2-bearer.html#resource-error-codes + /// </summary> + internal static class BearerTokenErrorCodes { + /// <summary> + /// The request is missing a required parameter, includes an unsupported parameter or parameter value, + /// repeats the same parameter, uses more than one method for including an access token, or is otherwise + /// malformed. The resource server SHOULD respond with the HTTP 400 (Bad Request) status code. + /// </summary> + internal const string InvalidRequest = "invalid_request"; + + /// <summary> + /// The access token provided is expired, revoked, malformed, or invalid for other reasons. + /// The resource SHOULD respond with the HTTP 401 (Unauthorized) status code. The client MAY request + /// a new access token and retry the protected resource request. + /// </summary> + internal const string InvalidToken = "invalid_token"; + + /// <summary> + /// The request requires higher privileges than provided by the access token. The resource server + /// SHOULD respond with the HTTP 403 (Forbidden) status code and MAY include the scope attribute + /// with the scope necessary to access the protected resource. + /// </summary> + internal const string InsufficientScope = "insufficient_scope"; + } } } diff --git a/src/DotNetOpenAuth.OAuth2/OAuth2/StandardScopeSatisfiedCheck.cs b/src/DotNetOpenAuth.OAuth2/OAuth2/StandardScopeSatisfiedCheck.cs new file mode 100644 index 0000000..684e4a8 --- /dev/null +++ b/src/DotNetOpenAuth.OAuth2/OAuth2/StandardScopeSatisfiedCheck.cs @@ -0,0 +1,37 @@ +//----------------------------------------------------------------------- +// <copyright file="StandardScopeSatisfiedCheck.cs" company="Andrew Arnott"> +// Copyright (c) Andrew Arnott. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- + +namespace DotNetOpenAuth.OAuth2 { + using System.Collections.Generic; + + /// <summary> + /// The default scope superset checker, which assumes that no scopes overlap. + /// </summary> + internal class StandardScopeSatisfiedCheck : IScopeSatisfiedCheck { + /// <summary> + /// Checks whether the granted scope is a superset of the required scope. + /// </summary> + /// <param name="requiredScope">The set of strings that the resource server demands in an access token's scope in order to complete some operation.</param> + /// <param name="grantedScope">The set of strings that define the scope within an access token that the client is authorized to.</param> + /// <returns><c>true</c> if <paramref name="grantedScope"/> is a superset of <paramref name="requiredScope"/> to allow the request to proceed; <c>false</c> otherwise.</returns> + /// <remarks> + /// The default reasonable implementation of this is: + /// <code> + /// return <paramref name="grantedScope"/>.IsSupersetOf(<paramref name="requiredScope"/>); + /// </code> + /// <para>In some advanced cases it may not be so simple. One case is that there may be a string that aggregates the capabilities of several others + /// in order to simplify common scenarios. For example, the scope "ReadAll" may represent the same authorization as "ReadProfile", "ReadEmail", and + /// "ReadFriends". + /// </para> + /// <para>Great care should be taken in implementing this method as this is a critical security module for the authorization and resource servers.</para> + /// </remarks> + public bool IsScopeSatisfied(HashSet<string> requiredScope, HashSet<string> grantedScope) { + Requires.NotNull(requiredScope, "requiredScope"); + Requires.NotNull(grantedScope, "grantedScope"); + return grantedScope.IsSupersetOf(requiredScope); + } + } +} diff --git a/src/DotNetOpenAuth.OAuth2/Properties/AssemblyInfo.cs b/src/DotNetOpenAuth.OAuth2/Properties/AssemblyInfo.cs index 14fb526..26b1318 100644 --- a/src/DotNetOpenAuth.OAuth2/Properties/AssemblyInfo.cs +++ b/src/DotNetOpenAuth.OAuth2/Properties/AssemblyInfo.cs @@ -50,11 +50,13 @@ using System.Web.UI; [assembly: InternalsVisibleTo("DotNetOpenAuth.OAuth2.AuthorizationServer, PublicKey=0024000004800000940000000602000000240000525341310004000001000100AD093C3765257C89A7010E853F2C7C741FF92FA8ACE06D7B8254702CAD5CF99104447F63AB05F8BB6F51CE0D81C8C93D2FCE8C20AAFF7042E721CBA16EAAE98778611DED11C0ABC8900DC5667F99B50A9DADEC24DBD8F2C91E3E8AD300EF64F1B4B9536CEB16FB440AF939F57624A9B486F867807C649AE4830EAB88C6C03998")] [assembly: InternalsVisibleTo("DotNetOpenAuth.OAuth2.ResourceServer, PublicKey=0024000004800000940000000602000000240000525341310004000001000100AD093C3765257C89A7010E853F2C7C741FF92FA8ACE06D7B8254702CAD5CF99104447F63AB05F8BB6F51CE0D81C8C93D2FCE8C20AAFF7042E721CBA16EAAE98778611DED11C0ABC8900DC5667F99B50A9DADEC24DBD8F2C91E3E8AD300EF64F1B4B9536CEB16FB440AF939F57624A9B486F867807C649AE4830EAB88C6C03998")] [assembly: InternalsVisibleTo("DotNetOpenAuth.OAuth2.Client, PublicKey=0024000004800000940000000602000000240000525341310004000001000100AD093C3765257C89A7010E853F2C7C741FF92FA8ACE06D7B8254702CAD5CF99104447F63AB05F8BB6F51CE0D81C8C93D2FCE8C20AAFF7042E721CBA16EAAE98778611DED11C0ABC8900DC5667F99B50A9DADEC24DBD8F2C91E3E8AD300EF64F1B4B9536CEB16FB440AF939F57624A9B486F867807C649AE4830EAB88C6C03998")] +[assembly: InternalsVisibleTo("DotNetOpenAuth.OAuth2.ClientAuthorization, PublicKey=0024000004800000940000000602000000240000525341310004000001000100AD093C3765257C89A7010E853F2C7C741FF92FA8ACE06D7B8254702CAD5CF99104447F63AB05F8BB6F51CE0D81C8C93D2FCE8C20AAFF7042E721CBA16EAAE98778611DED11C0ABC8900DC5667F99B50A9DADEC24DBD8F2C91E3E8AD300EF64F1B4B9536CEB16FB440AF939F57624A9B486F867807C649AE4830EAB88C6C03998")] [assembly: InternalsVisibleTo("DynamicProxyGenAssembly2, PublicKey=0024000004800000940000000602000000240000525341310004000001000100c547cac37abd99c8db225ef2f6c8a3602f3b3606cc9891605d02baa56104f4cfc0734aa39b93bf7852f7d9266654753cc297e7d2edfe0bac1cdcf9f717241550e0a7b191195b7667bb4f64bcb8e2121380fd1d9d46ad2d92d2d15605093924cceaf74c4861eff62abf69b9291ed0a340e113be11e6a7d3113e92484cf7045cc7")] #else [assembly: InternalsVisibleTo("DotNetOpenAuth.Test")] [assembly: InternalsVisibleTo("DotNetOpenAuth.OAuth2.AuthorizationServer")] [assembly: InternalsVisibleTo("DotNetOpenAuth.OAuth2.ResourceServer")] [assembly: InternalsVisibleTo("DotNetOpenAuth.OAuth2.Client")] +[assembly: InternalsVisibleTo("DotNetOpenAuth.OAuth2.ClientAuthorization")] [assembly: InternalsVisibleTo("DynamicProxyGenAssembly2")] #endif diff --git a/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/Extensions/ExtensionsInteropHelper.cs b/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/Extensions/ExtensionsInteropHelper.cs index 6ffb326..946d354 100644 --- a/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/Extensions/ExtensionsInteropHelper.cs +++ b/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/Extensions/ExtensionsInteropHelper.cs @@ -52,7 +52,7 @@ namespace DotNetOpenAuth.OpenId.Provider.Extensions { var ax = req.GetExtension<FetchRequest>(); if (ax != null) { - sreg = new ClaimsRequest(DotNetOpenAuth.OpenId.Extensions.SimpleRegistration.Constants.sreg_ns); + sreg = new ClaimsRequest(DotNetOpenAuth.OpenId.Extensions.SimpleRegistration.Constants.TypeUris.Standard); sreg.Synthesized = true; ((IProtocolMessageWithExtensions)req.RequestMessage).Extensions.Add(sreg); sreg.BirthDate = GetDemandLevelFor(ax, WellKnownAttributes.BirthDate.WholeBirthDate); diff --git a/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/ProviderAssociationHandleEncoder.cs b/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/ProviderAssociationHandleEncoder.cs index 594803d..5c39c5e 100644 --- a/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/ProviderAssociationHandleEncoder.cs +++ b/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/ProviderAssociationHandleEncoder.cs @@ -68,9 +68,9 @@ namespace DotNetOpenAuth.OpenId.Provider { /// <exception cref="ProtocolException">Thrown if the association is not of the expected type.</exception> public Association Deserialize(IProtocolMessage containingMessage, bool privateAssociation, string handle) { var formatter = AssociationDataBag.CreateFormatter(this.cryptoKeyStore, AssociationHandleEncodingSecretBucket); - AssociationDataBag bag; + AssociationDataBag bag = new AssociationDataBag(); try { - bag = formatter.Deserialize(containingMessage, handle, Protocol.Default.openid.assoc_handle); + formatter.Deserialize(bag, containingMessage, handle, Protocol.Default.openid.assoc_handle); } catch (ProtocolException ex) { Logger.OpenId.Error("Rejecting an association because deserialization of the encoded handle failed.", ex); return null; diff --git a/src/DotNetOpenAuth.OpenId/Configuration/OpenIdRelyingPartyElement.cs b/src/DotNetOpenAuth.OpenId/Configuration/OpenIdRelyingPartyElement.cs index 749659e..7d8c050 100644 --- a/src/DotNetOpenAuth.OpenId/Configuration/OpenIdRelyingPartyElement.cs +++ b/src/DotNetOpenAuth.OpenId/Configuration/OpenIdRelyingPartyElement.cs @@ -49,7 +49,8 @@ namespace DotNetOpenAuth.Configuration { /// <summary> /// The built-in set of identifier discovery services. /// </summary> - private static readonly TypeConfigurationCollection<IIdentifierDiscoveryService> defaultDiscoveryServices = new TypeConfigurationCollection<IIdentifierDiscoveryService>(new Type[] { typeof(UriDiscoveryService), typeof(XriDiscoveryProxyService) }); + private static readonly TypeConfigurationCollection<IIdentifierDiscoveryService> defaultDiscoveryServices = + new TypeConfigurationCollection<IIdentifierDiscoveryService>(new Type[] { typeof(UriDiscoveryService), typeof(XriDiscoveryProxyService) }); /// <summary> /// Initializes a new instance of the <see cref="OpenIdRelyingPartyElement"/> class. diff --git a/src/DotNetOpenAuth.OpenId/OpenId/Extensions/ExtensionArgumentsManager.cs b/src/DotNetOpenAuth.OpenId/OpenId/Extensions/ExtensionArgumentsManager.cs index 5cd4904..1d795da 100644 --- a/src/DotNetOpenAuth.OpenId/OpenId/Extensions/ExtensionArgumentsManager.cs +++ b/src/DotNetOpenAuth.OpenId/OpenId/Extensions/ExtensionArgumentsManager.cs @@ -21,7 +21,7 @@ namespace DotNetOpenAuth.OpenId.Extensions { /// match to namespaces for backward compatibility with other OpenID libraries. /// </summary> private static readonly Dictionary<string, string> typeUriToAliasAffinity = new Dictionary<string, string> { - { Extensions.SimpleRegistration.Constants.sreg_ns, Extensions.SimpleRegistration.Constants.sreg_compatibility_alias }, + { Extensions.SimpleRegistration.Constants.TypeUris.Standard, Extensions.SimpleRegistration.Constants.sreg_compatibility_alias }, { Extensions.ProviderAuthenticationPolicy.Constants.TypeUri, Extensions.ProviderAuthenticationPolicy.Constants.CompatibilityAlias }, }; diff --git a/src/DotNetOpenAuth.OpenId/OpenId/Extensions/ProviderAuthenticationPolicy/PolicyResponse.cs b/src/DotNetOpenAuth.OpenId/OpenId/Extensions/ProviderAuthenticationPolicy/PolicyResponse.cs index 373134d..880a25e 100644 --- a/src/DotNetOpenAuth.OpenId/OpenId/Extensions/ProviderAuthenticationPolicy/PolicyResponse.cs +++ b/src/DotNetOpenAuth.OpenId/OpenId/Extensions/ProviderAuthenticationPolicy/PolicyResponse.cs @@ -71,10 +71,10 @@ namespace DotNetOpenAuth.OpenId.Extensions.ProviderAuthenticationPolicy { /// actively authenticated to the OP in a manner fitting the asserted policies. /// </summary> /// <remarks> - /// If the RP's request included the "openid.max_auth_age" parameter - /// then the OP MUST include "openid.auth_time" in its response. - /// If "openid.max_auth_age" was not requested, the OP MAY choose to include - /// "openid.auth_time" in its response. + /// If the RP's request included the "openid.pape.max_auth_age" parameter + /// then the OP MUST include "openid.pape.auth_time" in its response. + /// If "openid.pape.max_auth_age" was not requested, the OP MAY choose to include + /// "openid.pape.auth_time" in its response. /// </remarks> [MessagePart("auth_time", Encoder = typeof(DateTimeEncoder))] public DateTime? AuthenticationTimeUtc { diff --git a/src/DotNetOpenAuth.OpenId/OpenId/Extensions/SimpleRegistration/ClaimsRequest.cs b/src/DotNetOpenAuth.OpenId/OpenId/Extensions/SimpleRegistration/ClaimsRequest.cs index 9d418ee..ab08cbb 100644 --- a/src/DotNetOpenAuth.OpenId/OpenId/Extensions/SimpleRegistration/ClaimsRequest.cs +++ b/src/DotNetOpenAuth.OpenId/OpenId/Extensions/SimpleRegistration/ClaimsRequest.cs @@ -24,7 +24,7 @@ namespace DotNetOpenAuth.OpenId.Extensions.SimpleRegistration { /// The factory method that may be used in deserialization of this message. /// </summary> internal static readonly StandardOpenIdExtensionFactory.CreateDelegate Factory = (typeUri, data, baseMessage, isProviderRole) => { - if (typeUri == Constants.sreg_ns && isProviderRole) { + if (typeUri == Constants.TypeUris.Standard && isProviderRole) { return new ClaimsRequest(typeUri); } @@ -41,7 +41,7 @@ namespace DotNetOpenAuth.OpenId.Extensions.SimpleRegistration { /// Initializes a new instance of the <see cref="ClaimsRequest"/> class. /// </summary> public ClaimsRequest() - : base(new Version(1, 0), Constants.sreg_ns, Constants.AdditionalTypeUris) { + : base(new Version(1, 0), Constants.TypeUris.Standard, Constants.AdditionalTypeUris) { } /// <summary> diff --git a/src/DotNetOpenAuth.OpenId/OpenId/Extensions/SimpleRegistration/ClaimsResponse.cs b/src/DotNetOpenAuth.OpenId/OpenId/Extensions/SimpleRegistration/ClaimsResponse.cs index 999fe8d..af60596 100644 --- a/src/DotNetOpenAuth.OpenId/OpenId/Extensions/SimpleRegistration/ClaimsResponse.cs +++ b/src/DotNetOpenAuth.OpenId/OpenId/Extensions/SimpleRegistration/ClaimsResponse.cs @@ -27,7 +27,7 @@ namespace DotNetOpenAuth.OpenId.Extensions.SimpleRegistration { /// The factory method that may be used in deserialization of this message. /// </summary> internal static readonly StandardOpenIdExtensionFactory.CreateDelegate Factory = (typeUri, data, baseMessage, isProviderRole) => { - if ((typeUri == Constants.sreg_ns || Array.IndexOf(Constants.AdditionalTypeUris, typeUri) >= 0) && !isProviderRole) { + if ((typeUri == Constants.TypeUris.Standard || Array.IndexOf(Constants.AdditionalTypeUris, typeUri) >= 0) && !isProviderRole) { return new ClaimsResponse(typeUri); } @@ -55,10 +55,11 @@ namespace DotNetOpenAuth.OpenId.Extensions.SimpleRegistration { private CultureInfo culture; /// <summary> - /// Initializes a new instance of the <see cref="ClaimsResponse"/> class. + /// Initializes a new instance of the <see cref="ClaimsResponse"/> class + /// using the most common, and spec prescribed type URI. /// </summary> - internal ClaimsResponse() - : this(Constants.sreg_ns) { + public ClaimsResponse() + : this(Constants.TypeUris.Standard) { } /// <summary> @@ -67,8 +68,10 @@ namespace DotNetOpenAuth.OpenId.Extensions.SimpleRegistration { /// <param name="typeUriToUse"> /// The type URI that must be used to identify this extension in the response message. /// This value should be the same one the relying party used to send the extension request. + /// Commonly used type URIs supported by relying parties are defined in the + /// <see cref="Constants.TypeUris"/> class. /// </param> - internal ClaimsResponse(string typeUriToUse) + public ClaimsResponse(string typeUriToUse = Constants.TypeUris.Standard) : base(new Version(1, 0), typeUriToUse, Constants.AdditionalTypeUris) { Requires.NotNullOrEmpty(typeUriToUse, "typeUriToUse"); } diff --git a/src/DotNetOpenAuth.OpenId/OpenId/Extensions/SimpleRegistration/Constants.cs b/src/DotNetOpenAuth.OpenId/OpenId/Extensions/SimpleRegistration/Constants.cs index 8325b0c..30cd748 100644 --- a/src/DotNetOpenAuth.OpenId/OpenId/Extensions/SimpleRegistration/Constants.cs +++ b/src/DotNetOpenAuth.OpenId/OpenId/Extensions/SimpleRegistration/Constants.cs @@ -13,10 +13,31 @@ namespace DotNetOpenAuth.OpenId.Extensions.SimpleRegistration { /// <summary> /// Simple Registration constants /// </summary> - internal static class Constants { - internal const string sreg_ns = "http://openid.net/extensions/sreg/1.1"; - internal const string sreg_ns10 = "http://openid.net/sreg/1.0"; - internal const string sreg_ns11other = "http://openid.net/sreg/1.1"; + public static class Constants { + /// <summary> + /// Commonly used type URIs to represent the Simple Registration extension. + /// </summary> + public static class TypeUris { + /// <summary> + /// The URI "http://openid.net/extensions/sreg/1.1". + /// </summary> + /// <remarks> + /// This is the type URI prescribed by the Simple Registration 1.1 spec. + /// http://openid.net/specs/openid-simple-registration-extension-1_1-01.html#anchor3 + /// </remarks> + public const string Standard = "http://openid.net/extensions/sreg/1.1"; + + /// <summary> + /// The URI "http://openid.net/sreg/1.0" + /// </summary> + public const string Variant10 = "http://openid.net/sreg/1.0"; + + /// <summary> + /// The URI "http://openid.net/sreg/1.1" + /// </summary> + public const string Variant11 = "http://openid.net/sreg/1.1"; + } + internal const string sreg_compatibility_alias = "sreg"; internal const string policy_url = "policy_url"; internal const string optional = "optional"; @@ -39,8 +60,8 @@ namespace DotNetOpenAuth.OpenId.Extensions.SimpleRegistration { /// Additional type URIs that this extension is sometimes known by remote parties. /// </summary> internal static readonly string[] AdditionalTypeUris = new string[] { - Constants.sreg_ns10, - Constants.sreg_ns11other, + Constants.TypeUris.Variant10, + Constants.TypeUris.Variant11, }; } } diff --git a/src/DotNetOpenAuth.OpenId/OpenId/Realm.cs b/src/DotNetOpenAuth.OpenId/OpenId/Realm.cs index 28e4df0..8f1baed 100644 --- a/src/DotNetOpenAuth.OpenId/OpenId/Realm.cs +++ b/src/DotNetOpenAuth.OpenId/OpenId/Realm.cs @@ -116,11 +116,7 @@ namespace DotNetOpenAuth.OpenId { Requires.ValidState(HttpContext.Current != null && HttpContext.Current.Request != null, MessagingStrings.HttpContextRequired); Contract.Ensures(Contract.Result<Realm>() != null); - HttpRequestBase requestInfo = new HttpRequestWrapper(HttpContext.Current.Request); - UriBuilder realmUrl = new UriBuilder(requestInfo.GetPublicFacingUrl()); - realmUrl.Path = HttpContext.Current.Request.ApplicationPath; - realmUrl.Query = null; - realmUrl.Fragment = null; + var realmUrl = new UriBuilder(MessagingUtilities.GetWebRoot()); // For RP discovery, the realm url MUST NOT redirect. To prevent this for // virtual directory hosted apps, we need to make sure that the realm path ends diff --git a/src/DotNetOpenAuth.Test/DotNetOpenAuth.Test.csproj b/src/DotNetOpenAuth.Test/DotNetOpenAuth.Test.csproj index 00c1bb4..84bdf7d 100644 --- a/src/DotNetOpenAuth.Test/DotNetOpenAuth.Test.csproj +++ b/src/DotNetOpenAuth.Test/DotNetOpenAuth.Test.csproj @@ -219,6 +219,7 @@ <Compile Include="Mocks\CoordinatingChannel.cs" /> <Compile Include="Mocks\CoordinatingHttpRequestInfo.cs" /> <Compile Include="Mocks\CoordinatingOAuth2AuthServerChannel.cs" /> + <Compile Include="Mocks\CoordinatingOAuth2ClientChannel.cs" /> <Compile Include="Mocks\CoordinatingOutgoingWebResponse.cs" /> <Compile Include="Mocks\CoordinatingOAuthConsumerChannel.cs" /> <Compile Include="Mocks\IBaseMessageExplicitMembers.cs" /> @@ -233,6 +234,7 @@ <Compile Include="Mocks\TestBaseMessage.cs" /> <Compile Include="Mocks\TestDerivedMessage.cs" /> <Compile Include="Mocks\TestDirectResponseMessageWithHttpStatus.cs" /> + <Compile Include="Mocks\TestMessageWithDate.cs" /> <Compile Include="Mocks\TestReplayProtectedMessage.cs" /> <Compile Include="Mocks\TestDirectedMessage.cs" /> <Compile Include="Mocks\TestBadChannel.cs" /> @@ -437,6 +439,10 @@ <Project>{ADC2CC8C-541E-4F86-ACB1-DD504A36FA4B}</Project> <Name>DotNetOpenAuth.OAuth2.Client.UI</Name> </ProjectReference> + <ProjectReference Include="..\DotNetOpenAuth.OAuth2.ClientAuthorization\DotNetOpenAuth.OAuth2.ClientAuthorization.csproj"> + <Project>{CCF3728A-B3D7-404A-9BC6-75197135F2D7}</Project> + <Name>DotNetOpenAuth.OAuth2.ClientAuthorization</Name> + </ProjectReference> <ProjectReference Include="..\DotNetOpenAuth.OAuth2.Client\DotNetOpenAuth.OAuth2.Client.csproj"> <Project>{CDEDD439-7F35-4E6E-8605-4E70BDC4CC99}</Project> <Name>DotNetOpenAuth.OAuth2.Client</Name> diff --git a/src/DotNetOpenAuth.Test/Messaging/MessagingUtilitiesTests.cs b/src/DotNetOpenAuth.Test/Messaging/MessagingUtilitiesTests.cs index a767d53..5c3870c 100644 --- a/src/DotNetOpenAuth.Test/Messaging/MessagingUtilitiesTests.cs +++ b/src/DotNetOpenAuth.Test/Messaging/MessagingUtilitiesTests.cs @@ -11,6 +11,7 @@ namespace DotNetOpenAuth.Test.Messaging { using System.Diagnostics; using System.IO; using System.Net; + using System.Text; using System.Text.RegularExpressions; using System.Web; using DotNetOpenAuth.Messaging; @@ -229,6 +230,27 @@ namespace DotNetOpenAuth.Test.Messaging { Assert.AreEqual(PlainText, roundTripped); } + [Test] + public void SerializeAsJsonTest() { + var message = new TestMessageWithDate() { + Age = 18, + Timestamp = DateTime.Parse("4/28/2012"), + Name = "Andrew", + }; + string json = MessagingUtilities.SerializeAsJson(message, this.MessageDescriptions); + Assert.That(json, Is.EqualTo("{\"ts\":\"2012-04-28T00:00:00Z\",\"age\":18,\"Name\":\"Andrew\"}")); + } + + [Test] + public void DeserializeFromJson() { + var message = new TestMessageWithDate(); + string json = "{\"ts\":\"2012-04-28T00:00:00Z\",\"age\":18,\"Name\":\"Andrew\"}"; + MessagingUtilities.DeserializeFromJson(Encoding.UTF8.GetBytes(json), message, this.MessageDescriptions); + Assert.That(message.Age, Is.EqualTo(18)); + Assert.That(message.Timestamp, Is.EqualTo(DateTime.Parse("4/28/2012"))); + Assert.That(message.Name, Is.EqualTo("Andrew")); + } + /// <summary> /// Verifies that the time-independent string equality check works accurately. /// </summary> diff --git a/src/DotNetOpenAuth.Test/Messaging/ProtocolExceptionTests.cs b/src/DotNetOpenAuth.Test/Messaging/ProtocolExceptionTests.cs index 4d107c8..c519680 100644 --- a/src/DotNetOpenAuth.Test/Messaging/ProtocolExceptionTests.cs +++ b/src/DotNetOpenAuth.Test/Messaging/ProtocolExceptionTests.cs @@ -37,7 +37,7 @@ namespace DotNetOpenAuth.Test.Messaging { Assert.AreSame(message, ex.FaultedMessage); } - [Test, ExpectedException(typeof(ArgumentNullException))] + [Test] public void CtorWithNullProtocolMessage() { new ProtocolException("message", (IProtocolMessage)null); } diff --git a/src/DotNetOpenAuth.Test/Mocks/CoordinatingChannel.cs b/src/DotNetOpenAuth.Test/Mocks/CoordinatingChannel.cs index d7205d6..2e09943 100644 --- a/src/DotNetOpenAuth.Test/Mocks/CoordinatingChannel.cs +++ b/src/DotNetOpenAuth.Test/Mocks/CoordinatingChannel.cs @@ -9,10 +9,10 @@ namespace DotNetOpenAuth.Test.Mocks { using System.Collections.Generic; using System.Diagnostics.Contracts; using System.Linq; + using System.Net; using System.Text; using System.Threading; using System.Web; - using DotNetOpenAuth.Messaging; using DotNetOpenAuth.Messaging.Reflection; using DotNetOpenAuth.Test.OpenId; @@ -65,9 +65,17 @@ namespace DotNetOpenAuth.Test.Mocks { /// </summary> private IDictionary<string, string> incomingMessage; + /// <summary> + /// The recipient URL of the <see cref="incomingMessage"/>, where applicable. + /// </summary> private MessageReceivingEndpoint incomingMessageRecipient; /// <summary> + /// The headers of the <see cref="incomingMessage"/>, where applicable. + /// </summary> + private WebHeaderCollection incomingMessageHttpHeaders; + + /// <summary> /// A delegate that gets a chance to peak at and fiddle with all /// incoming messages. /// </summary> @@ -145,17 +153,27 @@ namespace DotNetOpenAuth.Test.Mocks { this.incomingMessage = this.MessageDescriptions.GetAccessor(message).Serialize(); var directedMessage = message as IDirectedProtocolMessage; this.incomingMessageRecipient = (directedMessage != null && directedMessage.Recipient != null) ? new MessageReceivingEndpoint(directedMessage.Recipient, directedMessage.HttpMethods) : null; + var httpMessage = message as IHttpDirectRequest; + this.incomingMessageHttpHeaders = (httpMessage != null) ? httpMessage.Headers.Clone() : null; this.incomingMessageSignal.Set(); } protected internal override HttpRequestBase GetRequestFromContext() { MessageReceivingEndpoint recipient; - var messageData = this.AwaitIncomingMessage(out recipient); + WebHeaderCollection headers; + var messageData = this.AwaitIncomingMessage(out recipient, out headers); + CoordinatingHttpRequestInfo result; if (messageData != null) { - return new CoordinatingHttpRequestInfo(this, this.MessageFactory, messageData, recipient); + result = new CoordinatingHttpRequestInfo(this, this.MessageFactory, messageData, recipient); } else { - return new CoordinatingHttpRequestInfo(recipient); + result = new CoordinatingHttpRequestInfo(recipient); + } + + if (headers != null) { + headers.ApplyTo(result.Headers); } + + return result; } protected override IProtocolMessage RequestCore(IDirectedProtocolMessage request) { @@ -166,7 +184,8 @@ namespace DotNetOpenAuth.Test.Mocks { // Now wait for a response... MessageReceivingEndpoint recipient; - IDictionary<string, string> responseData = this.AwaitIncomingMessage(out recipient); + WebHeaderCollection headers; + IDictionary<string, string> responseData = this.AwaitIncomingMessage(out recipient, out headers); ErrorUtilities.VerifyInternal(recipient == null, "The recipient is expected to be null for direct responses."); // And deserialize it. @@ -177,6 +196,10 @@ namespace DotNetOpenAuth.Test.Mocks { var responseAccessor = this.MessageDescriptions.GetAccessor(responseMessage); responseAccessor.Deserialize(responseData); + var responseMessageHttpRequest = responseMessage as IHttpDirectRequest; + if (headers != null && responseMessageHttpRequest != null) { + headers.ApplyTo(responseMessageHttpRequest.Headers); + } this.ProcessMessageFilter(responseMessage, false); return responseMessage; @@ -258,7 +281,7 @@ namespace DotNetOpenAuth.Test.Mocks { return channel.MessageFactoryTestHook; } - private IDictionary<string, string> AwaitIncomingMessage(out MessageReceivingEndpoint recipient) { + private IDictionary<string, string> AwaitIncomingMessage(out MessageReceivingEndpoint recipient, out WebHeaderCollection headers) { // Special care should be taken so that we don't indefinitely // wait for a message that may never come due to a bug in the product // or the test. @@ -284,8 +307,10 @@ namespace DotNetOpenAuth.Test.Mocks { this.waitingForMessage = false; var response = this.incomingMessage; recipient = this.incomingMessageRecipient; + headers = this.incomingMessageHttpHeaders; this.incomingMessage = null; this.incomingMessageRecipient = null; + this.incomingMessageHttpHeaders = null; // Briefly signal to another thread that might be waiting for our inbox to be empty this.messageReceivedSignal.Set(); diff --git a/src/DotNetOpenAuth.Test/Mocks/CoordinatingHttpRequestInfo.cs b/src/DotNetOpenAuth.Test/Mocks/CoordinatingHttpRequestInfo.cs index 9f139f3..a1f5cf5 100644 --- a/src/DotNetOpenAuth.Test/Mocks/CoordinatingHttpRequestInfo.cs +++ b/src/DotNetOpenAuth.Test/Mocks/CoordinatingHttpRequestInfo.cs @@ -6,9 +6,10 @@ namespace DotNetOpenAuth.Test.Mocks { using System; - using System.Collections.Generic; - using System.Diagnostics.Contracts; - using DotNetOpenAuth.Messaging; +using System.Collections.Generic; +using System.Diagnostics.Contracts; +using System.Net; +using DotNetOpenAuth.Messaging; internal class CoordinatingHttpRequestInfo : HttpRequestInfo { private readonly Channel channel; diff --git a/src/DotNetOpenAuth.Test/Mocks/CoordinatingOAuth2AuthServerChannel.cs b/src/DotNetOpenAuth.Test/Mocks/CoordinatingOAuth2AuthServerChannel.cs index 2b087fd..463b149 100644 --- a/src/DotNetOpenAuth.Test/Mocks/CoordinatingOAuth2AuthServerChannel.cs +++ b/src/DotNetOpenAuth.Test/Mocks/CoordinatingOAuth2AuthServerChannel.cs @@ -21,8 +21,13 @@ namespace DotNetOpenAuth.Test.Mocks { this.wrappedChannel = (OAuth2AuthorizationServerChannel)wrappedChannel; } - public IAuthorizationServer AuthorizationServer { + public IAuthorizationServerHost AuthorizationServer { get { return this.wrappedChannel.AuthorizationServer; } } + + public IScopeSatisfiedCheck ScopeSatisfiedCheck { + get { return this.wrappedChannel.ScopeSatisfiedCheck; } + set { this.wrappedChannel.ScopeSatisfiedCheck = value; } + } } } diff --git a/src/DotNetOpenAuth.Test/Mocks/CoordinatingOAuth2ClientChannel.cs b/src/DotNetOpenAuth.Test/Mocks/CoordinatingOAuth2ClientChannel.cs new file mode 100644 index 0000000..52f381d --- /dev/null +++ b/src/DotNetOpenAuth.Test/Mocks/CoordinatingOAuth2ClientChannel.cs @@ -0,0 +1,33 @@ +//----------------------------------------------------------------------- +// <copyright file="CoordinatingOAuth2ClientChannel.cs" company="Andrew Arnott"> +// Copyright (c) Andrew Arnott. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- + +namespace DotNetOpenAuth.Test.Mocks { + using System; + using System.Collections.Generic; + using System.Linq; + using System.Text; + using DotNetOpenAuth.Messaging; + using DotNetOpenAuth.OAuth2.ChannelElements; + + internal class CoordinatingOAuth2ClientChannel : CoordinatingChannel, IOAuth2ChannelWithClient { + private OAuth2ClientChannel wrappedChannel; + + internal CoordinatingOAuth2ClientChannel(Channel wrappedChannel, Action<IProtocolMessage> incomingMessageFilter, Action<IProtocolMessage> outgoingMessageFilter) + : base(wrappedChannel, incomingMessageFilter, outgoingMessageFilter) { + this.wrappedChannel = (OAuth2ClientChannel)wrappedChannel; + } + + public string ClientIdentifier { + get { return this.wrappedChannel.ClientIdentifier; } + set { this.wrappedChannel.ClientIdentifier = value; } + } + + public DotNetOpenAuth.OAuth2.ClientCredentialApplicator ClientCredentialApplicator { + get { return this.wrappedChannel.ClientCredentialApplicator; } + set { this.wrappedChannel.ClientCredentialApplicator = value; } + } + } +}
\ No newline at end of file diff --git a/src/DotNetOpenAuth.Test/Mocks/TestMessageWithDate.cs b/src/DotNetOpenAuth.Test/Mocks/TestMessageWithDate.cs new file mode 100644 index 0000000..b0b89a0 --- /dev/null +++ b/src/DotNetOpenAuth.Test/Mocks/TestMessageWithDate.cs @@ -0,0 +1,18 @@ +//----------------------------------------------------------------------- +// <copyright file="TestMessageWithDate.cs" company="Andrew Arnott"> +// Copyright (c) Andrew Arnott. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- + +namespace DotNetOpenAuth.Test.Mocks { + using System; + using System.Collections.Generic; + using System.Linq; + using System.Text; + using DotNetOpenAuth.Messaging; + + internal class TestMessageWithDate : TestBaseMessage { + [MessagePart("ts", IsRequired = true)] + internal DateTime Timestamp { get; set; } + } +} diff --git a/src/DotNetOpenAuth.Test/OAuth2/AuthorizationServerTests.cs b/src/DotNetOpenAuth.Test/OAuth2/AuthorizationServerTests.cs index f3d8feb..3791e28 100644 --- a/src/DotNetOpenAuth.Test/OAuth2/AuthorizationServerTests.cs +++ b/src/DotNetOpenAuth.Test/OAuth2/AuthorizationServerTests.cs @@ -28,7 +28,7 @@ namespace DotNetOpenAuth.Test.OAuth2 { AuthorizationServerMock, new UserAgentClient(AuthorizationServerDescription), client => { - var request = new AccessTokenAuthorizationCodeRequest(AuthorizationServerDescription) + var request = new AccessTokenAuthorizationCodeRequestC(AuthorizationServerDescription) { ClientIdentifier = ClientId, ClientSecret = ClientSecret, AuthorizationCode = "foo" }; var response = client.Channel.Request<AccessTokenFailedResponse>(request); diff --git a/src/DotNetOpenAuth.Test/OAuth2/MessageFactoryTests.cs b/src/DotNetOpenAuth.Test/OAuth2/MessageFactoryTests.cs index bec85e2..52b5371 100644 --- a/src/DotNetOpenAuth.Test/OAuth2/MessageFactoryTests.cs +++ b/src/DotNetOpenAuth.Test/OAuth2/MessageFactoryTests.cs @@ -17,18 +17,22 @@ namespace DotNetOpenAuth.Test.OAuth2 { using NUnit.Framework; /// <summary> - /// Verifies that the WRAP message types are recognized. + /// Verifies that the OAuth 2 message types are recognized. /// </summary> public class MessageFactoryTests : OAuth2TestBase { private readonly MessageReceivingEndpoint recipient = new MessageReceivingEndpoint("http://who", HttpDeliveryMethods.PostRequest); - private OAuth2AuthorizationServerChannel channel; - private IMessageFactory messageFactory; + private IMessageFactory authServerMessageFactory; + + private IMessageFactory clientMessageFactory; public override void SetUp() { base.SetUp(); - this.channel = new OAuth2AuthorizationServerChannel(new Mock<IAuthorizationServer>().Object); - this.messageFactory = this.channel.MessageFactoryTestHook; + var authServerChannel = new OAuth2AuthorizationServerChannel(new Mock<IAuthorizationServerHost>().Object, new Mock<ClientAuthenticationModule>().Object); + this.authServerMessageFactory = authServerChannel.MessageFactoryTestHook; + + var clientChannel = new OAuth2ClientChannel(); + this.clientMessageFactory = clientChannel.MessageFactoryTestHook; } #region End user authorization messages @@ -40,7 +44,7 @@ namespace DotNetOpenAuth.Test.OAuth2 { { Protocol.client_id, "abc" }, { Protocol.redirect_uri, "abc" }, }; - IDirectedProtocolMessage request = this.messageFactory.GetNewRequestMessage(this.recipient, fields); + IDirectedProtocolMessage request = this.authServerMessageFactory.GetNewRequestMessage(this.recipient, fields); Assert.That(request, Is.InstanceOf(typeof(EndUserAuthorizationRequest))); } @@ -51,7 +55,7 @@ namespace DotNetOpenAuth.Test.OAuth2 { { Protocol.client_id, "abc" }, { Protocol.redirect_uri, "abc" }, }; - IDirectedProtocolMessage request = this.messageFactory.GetNewRequestMessage(this.recipient, fields); + IDirectedProtocolMessage request = this.authServerMessageFactory.GetNewRequestMessage(this.recipient, fields); Assert.That(request, Is.InstanceOf(typeof(EndUserAuthorizationImplicitRequest))); } @@ -60,7 +64,7 @@ namespace DotNetOpenAuth.Test.OAuth2 { var fields = new Dictionary<string, string> { { Protocol.code, "abc" }, }; - IDirectedProtocolMessage request = this.messageFactory.GetNewRequestMessage(this.recipient, fields); + IDirectedProtocolMessage request = this.clientMessageFactory.GetNewRequestMessage(this.recipient, fields); Assert.That(request, Is.InstanceOf(typeof(EndUserAuthorizationSuccessResponseBase))); } @@ -70,7 +74,7 @@ namespace DotNetOpenAuth.Test.OAuth2 { { Protocol.access_token, "abc" }, { Protocol.token_type, "bearer" }, }; - IDirectedProtocolMessage request = this.messageFactory.GetNewRequestMessage(this.recipient, fields); + IDirectedProtocolMessage request = this.clientMessageFactory.GetNewRequestMessage(this.recipient, fields); Assert.That(request, Is.InstanceOf(typeof(EndUserAuthorizationSuccessResponseBase))); } @@ -79,7 +83,7 @@ namespace DotNetOpenAuth.Test.OAuth2 { var fields = new Dictionary<string, string> { { Protocol.error, "access-denied" }, }; - IDirectedProtocolMessage request = this.messageFactory.GetNewRequestMessage(this.recipient, fields); + IDirectedProtocolMessage request = this.clientMessageFactory.GetNewRequestMessage(this.recipient, fields); Assert.That(request, Is.InstanceOf(typeof(EndUserAuthorizationFailedResponse))); } @@ -94,7 +98,7 @@ namespace DotNetOpenAuth.Test.OAuth2 { { Protocol.refresh_token, "abc" }, { Protocol.grant_type, "refresh-token" }, }; - IDirectedProtocolMessage request = this.messageFactory.GetNewRequestMessage(this.recipient, fields); + IDirectedProtocolMessage request = this.authServerMessageFactory.GetNewRequestMessage(this.recipient, fields); Assert.That(request, Is.InstanceOf(typeof(AccessTokenRefreshRequest))); } @@ -106,7 +110,7 @@ namespace DotNetOpenAuth.Test.OAuth2 { { Protocol.grant_type, "authorization-code" }, { Protocol.redirect_uri, "http://someUri" }, }; - IDirectedProtocolMessage request = this.messageFactory.GetNewRequestMessage(this.recipient, fields); + IDirectedProtocolMessage request = this.authServerMessageFactory.GetNewRequestMessage(this.recipient, fields); Assert.That(request, Is.InstanceOf(typeof(AccessTokenAuthorizationCodeRequest))); } @@ -119,7 +123,7 @@ namespace DotNetOpenAuth.Test.OAuth2 { { Protocol.username, "abc" }, { Protocol.password, "abc" }, }; - IDirectedProtocolMessage request = this.messageFactory.GetNewRequestMessage(this.recipient, fields); + IDirectedProtocolMessage request = this.authServerMessageFactory.GetNewRequestMessage(this.recipient, fields); Assert.That(request, Is.InstanceOf(typeof(AccessTokenResourceOwnerPasswordCredentialsRequest))); } @@ -130,7 +134,7 @@ namespace DotNetOpenAuth.Test.OAuth2 { { Protocol.client_secret, "abc" }, { Protocol.grant_type, "none" }, }; - IDirectedProtocolMessage request = this.messageFactory.GetNewRequestMessage(this.recipient, fields); + IDirectedProtocolMessage request = this.authServerMessageFactory.GetNewRequestMessage(this.recipient, fields); Assert.That(request, Is.InstanceOf(typeof(AccessTokenClientCredentialsRequest))); } diff --git a/src/DotNetOpenAuth.Test/OAuth2/OAuth2Coordinator.cs b/src/DotNetOpenAuth.Test/OAuth2/OAuth2Coordinator.cs index 993cad5..6494585 100644 --- a/src/DotNetOpenAuth.Test/OAuth2/OAuth2Coordinator.cs +++ b/src/DotNetOpenAuth.Test/OAuth2/OAuth2Coordinator.cs @@ -8,6 +8,7 @@ namespace DotNetOpenAuth.Test.OAuth2 { using System; using System.Collections.Generic; using System.Linq; + using System.Net; using System.Text; using DotNetOpenAuth.OAuth2; using DotNetOpenAuth.Test.Mocks; @@ -15,12 +16,12 @@ namespace DotNetOpenAuth.Test.OAuth2 { internal class OAuth2Coordinator<TClient> : CoordinatorBase<TClient, AuthorizationServer> where TClient : ClientBase { private readonly AuthorizationServerDescription serverDescription; - private readonly IAuthorizationServer authServerHost; + private readonly IAuthorizationServerHost authServerHost; private readonly TClient client; internal OAuth2Coordinator( AuthorizationServerDescription serverDescription, - IAuthorizationServer authServerHost, + IAuthorizationServerHost authServerHost, TClient client, Action<TClient> clientAction, Action<AuthorizationServer> authServerAction) @@ -34,13 +35,13 @@ namespace DotNetOpenAuth.Test.OAuth2 { this.client = client; this.client.ClientIdentifier = OAuth2TestBase.ClientId; - this.client.ClientSecret = OAuth2TestBase.ClientSecret; + this.client.ClientCredentialApplicator = ClientCredentialApplicator.PostParameter(OAuth2TestBase.ClientSecret); } internal override void Run() { var authServer = new AuthorizationServer(this.authServerHost); - var rpCoordinatingChannel = new CoordinatingChannel(this.client.Channel, this.IncomingMessageFilter, this.OutgoingMessageFilter); + var rpCoordinatingChannel = new CoordinatingOAuth2ClientChannel(this.client.Channel, this.IncomingMessageFilter, this.OutgoingMessageFilter); var opCoordinatingChannel = new CoordinatingOAuth2AuthServerChannel(authServer.Channel, this.IncomingMessageFilter, this.OutgoingMessageFilter); rpCoordinatingChannel.RemoteChannel = opCoordinatingChannel; opCoordinatingChannel.RemoteChannel = rpCoordinatingChannel; diff --git a/src/DotNetOpenAuth.Test/OAuth2/OAuth2TestBase.cs b/src/DotNetOpenAuth.Test/OAuth2/OAuth2TestBase.cs index 87d91f7..f43a349 100644 --- a/src/DotNetOpenAuth.Test/OAuth2/OAuth2TestBase.cs +++ b/src/DotNetOpenAuth.Test/OAuth2/OAuth2TestBase.cs @@ -13,6 +13,7 @@ namespace DotNetOpenAuth.Test.OAuth2 { using DotNetOpenAuth.Messaging.Bindings; using DotNetOpenAuth.OAuth2; using DotNetOpenAuth.OAuth2.ChannelElements; + using DotNetOpenAuth.OAuth2.Messages; using Moq; public class OAuth2TestBase : TestBase { @@ -38,10 +39,10 @@ namespace DotNetOpenAuth.Test.OAuth2 { ClientCallback, ClientType.Confidential); - protected static readonly IAuthorizationServer AuthorizationServerMock = CreateAuthorizationServerMock().Object; + protected static readonly IAuthorizationServerHost AuthorizationServerMock = CreateAuthorizationServerMock().Object; - protected static Mock<IAuthorizationServer> CreateAuthorizationServerMock() { - var authHostMock = new Mock<IAuthorizationServer>(); + protected static Mock<IAuthorizationServerHost> CreateAuthorizationServerMock() { + var authHostMock = new Mock<IAuthorizationServerHost>(); var cryptoStore = new MemoryCryptoKeyStore(); authHostMock.Setup(m => m.GetClient(ClientId)).Returns(ClientDescription); authHostMock.SetupGet(m => m.CryptoKeyStore).Returns(cryptoStore); @@ -52,7 +53,9 @@ namespace DotNetOpenAuth.Test.OAuth2 { d => d.ClientIdentifier == ClientId && d.User == ResourceOwnerUsername && MessagingUtilities.AreEquivalent(d.Scope, TestScopes)))).Returns(true); - authHostMock.Setup(m => m.IsResourceOwnerCredentialValid(ResourceOwnerUsername, ResourceOwnerPassword)).Returns(true); + string canonicalUserName = ResourceOwnerUsername; + authHostMock.Setup(m => m.TryAuthorizeResourceOwnerCredentialGrant(ResourceOwnerUsername, ResourceOwnerPassword, It.IsAny<IAccessTokenRequest>(), out canonicalUserName)).Returns(true); + authHostMock.Setup(m => m.CreateAccessToken(It.IsAny<IAccessTokenRequest>())).Returns(new AccessTokenResult(new AuthorizationServerAccessToken())); return authHostMock; } } diff --git a/src/DotNetOpenAuth.Test/OAuth2/UserAgentClientAuthorizeTests.cs b/src/DotNetOpenAuth.Test/OAuth2/UserAgentClientAuthorizeTests.cs index 97c0f56..ae03b0c 100644 --- a/src/DotNetOpenAuth.Test/OAuth2/UserAgentClientAuthorizeTests.cs +++ b/src/DotNetOpenAuth.Test/OAuth2/UserAgentClientAuthorizeTests.cs @@ -73,7 +73,7 @@ namespace DotNetOpenAuth.Test.OAuth2 { server.ApproveAuthorizationRequest(request, ResourceOwnerUsername); }); - coordinatorClient.ClientSecret = null; // implicit grant clients don't need a secret. + coordinatorClient.ClientCredentialApplicator = null; // implicit grant clients don't need a secret. coordinator.Run(); } } diff --git a/src/DotNetOpenAuth.Test/OAuth2/WebServerClientAuthorizeTests.cs b/src/DotNetOpenAuth.Test/OAuth2/WebServerClientAuthorizeTests.cs index fe0abd2..f5d9b8c 100644 --- a/src/DotNetOpenAuth.Test/OAuth2/WebServerClientAuthorizeTests.cs +++ b/src/DotNetOpenAuth.Test/OAuth2/WebServerClientAuthorizeTests.cs @@ -8,6 +8,7 @@ namespace DotNetOpenAuth.Test.OAuth2 { using System; using System.Collections.Generic; using System.Linq; + using System.Net; using System.Text; using DotNetOpenAuth.Messaging; using DotNetOpenAuth.OAuth2; @@ -42,13 +43,28 @@ namespace DotNetOpenAuth.Test.OAuth2 { coordinator.Run(); } - [Test] - public void ResourceOwnerPasswordCredentialGrant() { + [Theory] + public void ResourceOwnerPasswordCredentialGrant(bool anonymousClient) { + var authHostMock = CreateAuthorizationServerMock(); + if (anonymousClient) { + authHostMock.Setup( + m => + m.IsAuthorizationValid( + It.Is<IAuthorizationDescription>( + d => + d.ClientIdentifier == null && d.User == ResourceOwnerUsername && + MessagingUtilities.AreEquivalent(d.Scope, TestScopes)))).Returns(true); + } + var coordinator = new OAuth2Coordinator<WebServerClient>( AuthorizationServerDescription, - AuthorizationServerMock, + authHostMock.Object, new WebServerClient(AuthorizationServerDescription), client => { + if (anonymousClient) { + client.ClientIdentifier = null; + } + var authState = client.ExchangeUserCredentialForToken(ResourceOwnerUsername, ResourceOwnerPassword, TestScopes); Assert.That(authState.AccessToken, Is.Not.Null.And.Not.Empty); Assert.That(authState.RefreshToken, Is.Not.Null.And.Not.Empty); @@ -65,6 +81,9 @@ namespace DotNetOpenAuth.Test.OAuth2 { authServer.Setup( a => a.IsAuthorizationValid(It.Is<IAuthorizationDescription>(d => d.User == null && d.ClientIdentifier == ClientId && MessagingUtilities.AreEquivalent(d.Scope, TestScopes)))) .Returns(true); + authServer.Setup( + a => a.TryAuthorizeClientCredentialsGrant(It.Is<IAccessTokenRequest>(d => d.ClientIdentifier == ClientId && MessagingUtilities.AreEquivalent(d.Scope, TestScopes)))) + .Returns(true); var coordinator = new OAuth2Coordinator<WebServerClient>( AuthorizationServerDescription, authServer.Object, diff --git a/src/DotNetOpenAuth.Test/OpenId/Extensions/ExtensionsInteropHelperOPTests.cs b/src/DotNetOpenAuth.Test/OpenId/Extensions/ExtensionsInteropHelperOPTests.cs index 9592605..e9ff7a4 100644 --- a/src/DotNetOpenAuth.Test/OpenId/Extensions/ExtensionsInteropHelperOPTests.cs +++ b/src/DotNetOpenAuth.Test/OpenId/Extensions/ExtensionsInteropHelperOPTests.cs @@ -63,7 +63,7 @@ namespace DotNetOpenAuth.Test.OpenId.Extensions { /// </summary> [Test] public void UnifyExtensionsAsSregWithSreg() { - var sregInjected = new ClaimsRequest(DotNetOpenAuth.OpenId.Extensions.SimpleRegistration.Constants.sreg_ns) { + var sregInjected = new ClaimsRequest(DotNetOpenAuth.OpenId.Extensions.SimpleRegistration.Constants.TypeUris.Standard) { Nickname = DemandLevel.Request, }; this.extensions.Add(sregInjected); @@ -100,7 +100,7 @@ namespace DotNetOpenAuth.Test.OpenId.Extensions { /// </summary> [Test] public void UnifyExtensionsAsSregWithBothSregAndAX() { - var sregInjected = new ClaimsRequest(DotNetOpenAuth.OpenId.Extensions.SimpleRegistration.Constants.sreg_ns) { + var sregInjected = new ClaimsRequest(DotNetOpenAuth.OpenId.Extensions.SimpleRegistration.Constants.TypeUris.Standard) { Nickname = DemandLevel.Request, }; this.extensions.Add(sregInjected); diff --git a/src/DotNetOpenAuth.Test/OpenId/Extensions/ExtensionsInteropHelperRPRequestTests.cs b/src/DotNetOpenAuth.Test/OpenId/Extensions/ExtensionsInteropHelperRPRequestTests.cs index b5bcd7b..05ba3ad 100644 --- a/src/DotNetOpenAuth.Test/OpenId/Extensions/ExtensionsInteropHelperRPRequestTests.cs +++ b/src/DotNetOpenAuth.Test/OpenId/Extensions/ExtensionsInteropHelperRPRequestTests.cs @@ -88,7 +88,7 @@ namespace DotNetOpenAuth.Test.OpenId.Extensions { [Test] public void SpreadSregToAxNoOpIfOPSupportsSreg() { this.authReq.AddExtension(this.sreg); - this.InjectAdvertisedTypeUri(DotNetOpenAuth.OpenId.Extensions.SimpleRegistration.Constants.sreg_ns); + this.InjectAdvertisedTypeUri(DotNetOpenAuth.OpenId.Extensions.SimpleRegistration.Constants.TypeUris.Standard); ExtensionsInteropHelper.SpreadSregToAX(this.authReq, AXAttributeFormats.All); Assert.IsFalse(this.authReq.AppliedExtensions.OfType<FetchRequest>().Any()); } diff --git a/src/DotNetOpenAuth.Test/OpenId/Extensions/SimpleRegistration/ClaimsResponseTests.cs b/src/DotNetOpenAuth.Test/OpenId/Extensions/SimpleRegistration/ClaimsResponseTests.cs index 35bfc78..f898511 100644 --- a/src/DotNetOpenAuth.Test/OpenId/Extensions/SimpleRegistration/ClaimsResponseTests.cs +++ b/src/DotNetOpenAuth.Test/OpenId/Extensions/SimpleRegistration/ClaimsResponseTests.cs @@ -19,7 +19,7 @@ namespace DotNetOpenAuth.Test.OpenId.Extensions { public class ClaimsResponseTests { [Test] public void EmptyMailAddress() { - ClaimsResponse response = new ClaimsResponse(Constants.sreg_ns); + ClaimsResponse response = new ClaimsResponse(Constants.TypeUris.Standard); response.Email = string.Empty; Assert.IsNull(response.MailAddress); } @@ -133,17 +133,17 @@ namespace DotNetOpenAuth.Test.OpenId.Extensions { [Test] public void ResponseAlternateTypeUriTests() { - var request = new ClaimsRequest(Constants.sreg_ns10); + var request = new ClaimsRequest(Constants.TypeUris.Variant10); request.Email = DemandLevel.Require; - var response = new ClaimsResponse(Constants.sreg_ns10); + var response = new ClaimsResponse(Constants.TypeUris.Variant10); response.Email = "a@b.com"; ExtensionTestUtilities.Roundtrip(Protocol.Default, new[] { request }, new[] { response }); } private ClaimsResponse GetFilledData() { - return new ClaimsResponse(Constants.sreg_ns) { + return new ClaimsResponse(Constants.TypeUris.Standard) { BirthDate = new DateTime(2005, 2, 3), Culture = new System.Globalization.CultureInfo("en-US"), Email = "a@b.com", diff --git a/src/DotNetOpenAuth.Test/OpenId/Provider/AnonymousRequestTests.cs b/src/DotNetOpenAuth.Test/OpenId/Provider/AnonymousRequestTests.cs index 9b39522..7310eb3 100644 --- a/src/DotNetOpenAuth.Test/OpenId/Provider/AnonymousRequestTests.cs +++ b/src/DotNetOpenAuth.Test/OpenId/Provider/AnonymousRequestTests.cs @@ -5,6 +5,9 @@ //----------------------------------------------------------------------- namespace DotNetOpenAuth.Test.OpenId.Provider { + using System.IO; + using System.Runtime.Serialization; + using System.Runtime.Serialization.Formatters.Binary; using DotNetOpenAuth.OpenId; using DotNetOpenAuth.OpenId.Messages; using DotNetOpenAuth.OpenId.Provider; @@ -33,5 +36,25 @@ namespace DotNetOpenAuth.Test.OpenId.Provider { Assert.IsInstanceOf<IndirectSignedResponse>(anonReq.Response); Assert.IsNotInstanceOf<PositiveAssertionResponse>(anonReq.Response); } + + /// <summary> + /// Verifies that the AuthenticationRequest method is serializable. + /// </summary> + [Test] + public void Serializable() { + var op = CreateProvider(); + Protocol protocol = Protocol.V20; + var req = new SignedResponseRequest(protocol.Version, OPUri, AuthenticationRequestMode.Setup); + req.ReturnTo = RPUri; + var anonReq = new AnonymousRequest(op, req); + + MemoryStream ms = new MemoryStream(); + IFormatter formatter = new BinaryFormatter(); + formatter.Serialize(ms, anonReq); + + ms.Position = 0; + var req2 = (AnonymousRequest)formatter.Deserialize(ms); + Assert.That(req2, Is.Not.Null); + } } } diff --git a/src/DotNetOpenAuth.Test/OpenId/Provider/AuthenticationRequestTest.cs b/src/DotNetOpenAuth.Test/OpenId/Provider/AuthenticationRequestTest.cs index 8cc7116..baf5377 100644 --- a/src/DotNetOpenAuth.Test/OpenId/Provider/AuthenticationRequestTest.cs +++ b/src/DotNetOpenAuth.Test/OpenId/Provider/AuthenticationRequestTest.cs @@ -6,6 +6,9 @@ namespace DotNetOpenAuth.Test.OpenId.Provider { using System; + using System.IO; + using System.Runtime.Serialization; + using System.Runtime.Serialization.Formatters.Binary; using DotNetOpenAuth.Messaging; using DotNetOpenAuth.OpenId; using DotNetOpenAuth.OpenId.Messages; @@ -45,5 +48,26 @@ namespace DotNetOpenAuth.Test.OpenId.Provider { Assert.AreEqual(immediateRequest.LocalIdentifier, setupRequestMessage.LocalIdentifier); Assert.AreEqual(immediateRequest.Version, setupRequestMessage.Version); } + + /// <summary> + /// Verifies that the AuthenticationRequest method is serializable. + /// </summary> + [Test] + public void Serializable() { + OpenIdProvider provider = this.CreateProvider(); + CheckIdRequest immediateRequest = new CheckIdRequest(Protocol.Default.Version, OPUri, DotNetOpenAuth.OpenId.AuthenticationRequestMode.Immediate); + immediateRequest.Realm = RPRealmUri; + immediateRequest.ReturnTo = RPUri; + immediateRequest.LocalIdentifier = "http://somebody"; + AuthenticationRequest request = new AuthenticationRequest(provider, immediateRequest); + + MemoryStream ms = new MemoryStream(); + IFormatter formatter = new BinaryFormatter(); + formatter.Serialize(ms, request); + + ms.Position = 0; + var req2 = (AuthenticationRequest)formatter.Deserialize(ms); + Assert.That(req2, Is.Not.Null); + } } } diff --git a/src/DotNetOpenAuth.Test/OpenId/RelyingParty/IdentifierDiscoveryResultTests.cs b/src/DotNetOpenAuth.Test/OpenId/RelyingParty/IdentifierDiscoveryResultTests.cs index 08e5a46..657b942 100644 --- a/src/DotNetOpenAuth.Test/OpenId/RelyingParty/IdentifierDiscoveryResultTests.cs +++ b/src/DotNetOpenAuth.Test/OpenId/RelyingParty/IdentifierDiscoveryResultTests.cs @@ -188,7 +188,7 @@ namespace DotNetOpenAuth.Test.OpenId.RelyingParty { se = IdentifierDiscoveryResult.CreateForProviderIdentifier( OPUri, - new ProviderEndpointDescription(OPUri, new[] { Protocol.V20.ClaimedIdentifierServiceTypeURI, "http://someextension", Constants.sreg_ns }), + new ProviderEndpointDescription(OPUri, new[] { Protocol.V20.ClaimedIdentifierServiceTypeURI, "http://someextension", Constants.TypeUris.Standard }), null, null); Assert.IsTrue(se.IsExtensionSupported<ClaimsRequest>()); diff --git a/src/DotNetOpenAuth.Test/TestUtilities.cs b/src/DotNetOpenAuth.Test/TestUtilities.cs index cf9b5a3..a526f7f 100644 --- a/src/DotNetOpenAuth.Test/TestUtilities.cs +++ b/src/DotNetOpenAuth.Test/TestUtilities.cs @@ -7,16 +7,35 @@ namespace DotNetOpenAuth.Test { using System; using System.Collections.Generic; + using System.Collections.Specialized; using System.Linq; + using System.Net; using log4net; /// <summary> /// An assortment of methods useful for testing. /// </summary> - internal class TestUtilities { + internal static class TestUtilities { /// <summary> /// The logger that tests should use. /// </summary> internal static readonly ILog TestLogger = LogManager.GetLogger("DotNetOpenAuth.Test"); + + internal static void ApplyTo(this NameValueCollection source, NameValueCollection target) { + Requires.NotNull(source, "source"); + Requires.NotNull(target, "target"); + + foreach (string header in source) { + target[header] = source[header]; + } + } + + internal static T Clone<T>(this T source) where T : NameValueCollection, new() { + Requires.NotNull(source, "source"); + + var result = new T(); + ApplyTo(source, result); + return result; + } } } diff --git a/src/DotNetOpenAuth.TestWeb/Web.config b/src/DotNetOpenAuth.TestWeb/Web.config index ad45e93..5d3174c 100644 --- a/src/DotNetOpenAuth.TestWeb/Web.config +++ b/src/DotNetOpenAuth.TestWeb/Web.config @@ -8,49 +8,23 @@ \Windows\Microsoft.Net\Framework\v2.x\Config --> <configuration> - - - <configSections> - <sectionGroup name="system.web.extensions" type="System.Web.Configuration.SystemWebExtensionsSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"> - <sectionGroup name="scripting" type="System.Web.Configuration.ScriptingSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"> - <section name="scriptResourceHandler" type="System.Web.Configuration.ScriptingScriptResourceHandlerSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication"/> - <sectionGroup name="webServices" type="System.Web.Configuration.ScriptingWebServicesSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"> - <section name="jsonSerialization" type="System.Web.Configuration.ScriptingJsonSerializationSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="Everywhere" /> - <section name="profileService" type="System.Web.Configuration.ScriptingProfileServiceSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication" /> - <section name="authenticationService" type="System.Web.Configuration.ScriptingAuthenticationServiceSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication" /> - <section name="roleService" type="System.Web.Configuration.ScriptingRoleServiceSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication" /> - </sectionGroup> - </sectionGroup> - </sectionGroup> - </configSections> - - - <appSettings/> - <connectionStrings/> - <system.web> - <!-- + <appSettings/> + <connectionStrings/> + <system.web> + <!-- Set compilation debug="true" to insert debugging symbols into the compiled page. Because this affects performance, set this value to true only during development. --> - <compilation debug="true"> - - <assemblies> - <add assembly="System.Core, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/> - <add assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add assembly="System.Data.DataSetExtensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/> - <add assembly="System.Xml.Linq, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/> - </assemblies> - - </compilation> - <!-- + <compilation debug="true" targetFramework="4.0"/> + <!-- The <authentication> section enables configuration of the security authentication mode used by ASP.NET to identify an incoming user. --> - <authentication mode="Forms" /> - <!-- + <authentication mode="Forms"/> + <!-- The <customErrors> section enables configuration of what to do if/when an unhandled error occurs during the execution of a request. Specifically, @@ -62,78 +36,13 @@ <error statusCode="404" redirect="FileNotFound.htm" /> </customErrors> --> - - - <pages> - <controls> - <add tagPrefix="asp" namespace="System.Web.UI" assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add tagPrefix="asp" namespace="System.Web.UI.WebControls" assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - </controls> - </pages> - - <httpHandlers> - <remove verb="*" path="*.asmx"/> - <add verb="*" path="*.asmx" validate="false" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add verb="*" path="*_AppService.axd" validate="false" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add verb="GET,HEAD" path="ScriptResource.axd" type="System.Web.Handlers.ScriptResourceHandler, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" validate="false"/> - </httpHandlers> - <httpModules> - <add name="ScriptModule" type="System.Web.Handlers.ScriptModule, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - </httpModules> - - - </system.web> - - <system.codedom> - <compilers> - <compiler language="c#;cs;csharp" extension=".cs" warningLevel="4" - type="Microsoft.CSharp.CSharpCodeProvider, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"> - <providerOption name="CompilerVersion" value="v3.5"/> - <providerOption name="WarnAsError" value="false"/> - </compiler> - <compiler language="vb;vbs;visualbasic;vbscript" extension=".vb" warningLevel="4" - type="Microsoft.VisualBasic.VBCodeProvider, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"> - <providerOption name="CompilerVersion" value="v3.5"/> - <providerOption name="OptionInfer" value="true"/> - <providerOption name="WarnAsError" value="false"/> - </compiler> - </compilers> - </system.codedom> - - <!-- + <pages controlRenderingCompatibilityVersion="3.5" clientIDMode="AutoID"/> + </system.web> + <!-- The system.webServer section is required for running ASP.NET AJAX under Internet Information Services 7.0. It is not necessary for previous version of IIS. --> - <system.webServer> - <validation validateIntegratedModeConfiguration="false"/> - <modules> - <remove name="ScriptModule" /> - <add name="ScriptModule" preCondition="managedHandler" type="System.Web.Handlers.ScriptModule, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - </modules> - <handlers> - <remove name="WebServiceHandlerFactory-Integrated"/> - <remove name="ScriptHandlerFactory" /> - <remove name="ScriptHandlerFactoryAppServices" /> - <remove name="ScriptResource" /> - <add name="ScriptHandlerFactory" verb="*" path="*.asmx" preCondition="integratedMode" - type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add name="ScriptHandlerFactoryAppServices" verb="*" path="*_AppService.axd" preCondition="integratedMode" - type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> - <add name="ScriptResource" preCondition="integratedMode" verb="GET,HEAD" path="ScriptResource.axd" type="System.Web.Handlers.ScriptResourceHandler, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" /> - </handlers> - </system.webServer> - - <runtime> - <assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1"> - <dependentAssembly> - <assemblyIdentity name="System.Web.Extensions" publicKeyToken="31bf3856ad364e35"/> - <bindingRedirect oldVersion="1.0.0.0-1.1.0.0" newVersion="3.5.0.0"/> - </dependentAssembly> - <dependentAssembly> - <assemblyIdentity name="System.Web.Extensions.Design" publicKeyToken="31bf3856ad364e35"/> - <bindingRedirect oldVersion="1.0.0.0-1.1.0.0" newVersion="3.5.0.0"/> - </dependentAssembly> - </assemblyBinding> - </runtime> - -</configuration> + <system.webServer> + <modules runAllManagedModulesForAllRequests="true"/> + </system.webServer> +</configuration>
\ No newline at end of file diff --git a/src/DotNetOpenAuth.sln b/src/DotNetOpenAuth.sln index e0f4ebf..f4d0a29 100644 --- a/src/DotNetOpenAuth.sln +++ b/src/DotNetOpenAuth.sln @@ -1,25 +1,25 @@  -Microsoft Visual Studio Solution File, Format Version 11.00 -# Visual Studio 2010 +Microsoft Visual Studio Solution File, Format Version 12.00 +# Visual Studio 11 Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Solution Items", "Solution Items", "{20B5E173-C3C4-49F8-BD25-E69044075B4D}" ProjectSection(SolutionItems) = preProject - ..\build.proj = ..\build.proj - ..\projecttemplates\DotNetOpenAuth Starter Kits.vscontent = ..\projecttemplates\DotNetOpenAuth Starter Kits.vscontent ..\LICENSE.txt = ..\LICENSE.txt + ..\build.proj = ..\build.proj ..\doc\README.Bin.html = ..\doc\README.Bin.html ..\doc\README.html = ..\doc\README.html + ..\projecttemplates\DotNetOpenAuth Starter Kits.vscontent = ..\projecttemplates\DotNetOpenAuth Starter Kits.vscontent ..\samples\README.html = ..\samples\README.html EndProjectSection EndProject Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Specs", "Specs", "{CD57219F-24F4-4136-8741-6063D0D7A031}" ProjectSection(SolutionItems) = preProject - ..\doc\specs\draft-ietf-oauth-v2-23.txt = ..\doc\specs\draft-ietf-oauth-v2-23.txt - ..\doc\specs\draft-ietf-oauth-v2-bearer.htm = ..\doc\specs\draft-ietf-oauth-v2-bearer.htm - ..\doc\specs\draft-jones-json-web-token.htm = ..\doc\specs\draft-jones-json-web-token.htm ..\doc\specs\ICAM_OpenID20Profile.pdf = ..\doc\specs\ICAM_OpenID20Profile.pdf ..\doc\specs\OAuth Core 1.0.htm = ..\doc\specs\OAuth Core 1.0.htm ..\doc\specs\OAuth Core 1.0a (Draft 3).htm = ..\doc\specs\OAuth Core 1.0a (Draft 3).htm ..\doc\specs\OpenID OAuth Extension.htm = ..\doc\specs\OpenID OAuth Extension.htm + ..\doc\specs\draft-ietf-oauth-v2-23.txt = ..\doc\specs\draft-ietf-oauth-v2-23.txt + ..\doc\specs\draft-ietf-oauth-v2-bearer.htm = ..\doc\specs\draft-ietf-oauth-v2-bearer.htm + ..\doc\specs\draft-jones-json-web-token.htm = ..\doc\specs\draft-jones-json-web-token.htm ..\doc\specs\openid-attribute-exchange-1_0.html = ..\doc\specs\openid-attribute-exchange-1_0.html ..\doc\specs\openid-authentication-1_1.html = ..\doc\specs\openid-authentication-1_1.html ..\doc\specs\openid-authentication-2_0.html = ..\doc\specs\openid-authentication-2_0.html @@ -40,31 +40,45 @@ Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Tools", "Tools", "{E9ED920D EndProject Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Project Templates", "Project Templates", "{B9EB8729-4B54-4453-B089-FE6761BA3057}" EndProject +Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Product", "Product", "{8D4236F7-C49B-49D3-BA71-6B86C9514BDE}" +EndProject +Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "OpenID", "OpenID", "{C7EF1823-3AA7-477E-8476-28929F5C05D2}" +EndProject +Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "OAuth", "OAuth", "{9AF74F53-10F5-49A2-B747-87B97CD559D3}" +EndProject +Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "InfoCard", "InfoCard", "{529B4262-6B5A-4EF9-BD3B-1D29A2597B67}" +EndProject +Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "OAuth2", "OAuth2", "{238B6BA8-AD99-43C9-B8E2-D2BCE6CE04DC}" +EndProject +Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Combinations", "Combinations", "{57A7DD35-666C-4FA3-9A1B-38961E50CA27}" +EndProject +Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "OAuth1", "OAuth1", "{2DA24D4F-6918-43CF-973C-BC9D818F8E90}" +EndProject Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "DotNetOpenAuth.Test", "DotNetOpenAuth.Test\DotNetOpenAuth.Test.csproj", "{4376ECC9-C346-4A99-B13C-FA93C0FBD2C9}" EndProject Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "DotNetOpenAuth.ApplicationBlock", "..\samples\DotNetOpenAuth.ApplicationBlock\DotNetOpenAuth.ApplicationBlock.csproj", "{AA78D112-D889-414B-A7D4-467B34C7B663}" EndProject Project("{E24C65DC-7377-472B-9ABA-BC803B73C61A}") = "DotNetOpenAuth.TestWeb", "DotNetOpenAuth.TestWeb\", "{47A84EF7-68C3-4D47-926A-9CCEA6518531}" ProjectSection(WebsiteProperties) = preProject - TargetFrameworkMoniker = ".NETFramework,Version%3Dv3.5" - ProjectReferences = "{4376ECC9-C346-4A99-B13C-FA93C0FBD2C9}|DotNetOpenAuth.Test.dll;{408D10B8-34BA-4CBD-B7AA-FEB1907ABA4C}|DotNetOpenAuth.InfoCard.dll;{60426312-6AE5-4835-8667-37EDEA670222}|DotNetOpenAuth.Core.dll;{A288FCC8-6FCF-46DA-A45E-5F9281556361}|DotNetOpenAuth.OAuth.dll;{3896A32A-E876-4C23-B9B8-78E17D134CD3}|DotNetOpenAuth.OpenId.dll;{56459A6C-6BA2-4BAC-A9C0-27E3BD961FA6}|DotNetOpenAuth.OAuth2.dll;{26DC877F-5987-48DD-9DDB-E62F2DE0E150}|Org.Mentalis.Security.Cryptography.dll;{F4CD3C04-6037-4946-B7A5-34BFC96A75D2}|Mono.Math.dll;{173E7B8D-E751-46E2-A133-F72297C0D2F4}|DotNetOpenAuth.Core.UI.dll;{E040EB58-B4D2-457B-A023-AE6EF3BD34DE}|DotNetOpenAuth.InfoCard.UI.dll;{B202E40D-4663-4A2B-ACDA-865F88FF7CAA}|DotNetOpenAuth.OAuth.Consumer.dll;{FED1923A-6D70-49B5-A37A-FB744FEC1C86}|DotNetOpenAuth.OAuth.ServiceProvider.dll;{99BB7543-EA16-43EE-A7BC-D7A25A3B22F6}|DotNetOpenAuth.OAuth2.AuthorizationServer.dll;{CDEDD439-7F35-4E6E-8605-4E70BDC4CC99}|DotNetOpenAuth.OAuth2.Client.dll;{ADC2CC8C-541E-4F86-ACB1-DD504A36FA4B}|DotNetOpenAuth.OAuth2.Client.UI.dll;{A1A3150A-7B0E-4A34-8E35-045296CD3C76}|DotNetOpenAuth.OAuth2.ResourceServer.dll;{F8284738-3B5D-4733-A511-38C23F4A763F}|DotNetOpenAuth.OpenId.Provider.dll;{F458AB60-BA1C-43D9-8CEF-EC01B50BE87B}|DotNetOpenAuth.OpenId.RelyingParty.dll;{9D0F8866-2131-4C2A-BC0E-16FEA5B50828}|DotNetOpenAuth.OpenId.Provider.UI.dll;{75E13AAE-7D51-4421-ABFD-3F3DC91F576E}|DotNetOpenAuth.OpenId.UI.dll;{1ED8D424-F8AB-4050-ACEB-F27F4F909484}|DotNetOpenAuth.OpenId.RelyingParty.UI.dll;{115217C5-22CD-415C-A292-0DD0238CDD89}|DotNetOpenAuth.OAuth.Common.dll;" - Debug.AspNetCompiler.VirtualPath = "/DotNetOpenAuth.TestWeb" + Debug.AspNetCompiler.Debug = "True" + Debug.AspNetCompiler.FixedNames = "false" + Debug.AspNetCompiler.ForceOverwrite = "true" Debug.AspNetCompiler.PhysicalPath = "DotNetOpenAuth.TestWeb\" Debug.AspNetCompiler.TargetPath = "PrecompiledWeb\DotNetOpenAuth.TestWeb\" Debug.AspNetCompiler.Updateable = "false" - Debug.AspNetCompiler.ForceOverwrite = "true" - Debug.AspNetCompiler.FixedNames = "false" - Debug.AspNetCompiler.Debug = "True" - Release.AspNetCompiler.VirtualPath = "/DotNetOpenAuth.TestWeb" + Debug.AspNetCompiler.VirtualPath = "/DotNetOpenAuth.TestWeb" + DefaultWebSiteLanguage = "Visual C#" + ProjectReferences = "{f8284738-3b5d-4733-a511-38c23f4a763f}|DotNetOpenAuth.OpenId.Provider.dll;{60426312-6AE5-4835-8667-37EDEA670222}|DotNetOpenAuth.Core.dll;{3896A32A-E876-4C23-B9B8-78E17D134CD3}|DotNetOpenAuth.OpenId.dll;{26DC877F-5987-48DD-9DDB-E62F2DE0E150}|Org.Mentalis.Security.Cryptography.dll;{F4CD3C04-6037-4946-B7A5-34BFC96A75D2}|Mono.Math.dll;" + Release.AspNetCompiler.Debug = "False" + Release.AspNetCompiler.FixedNames = "false" + Release.AspNetCompiler.ForceOverwrite = "true" Release.AspNetCompiler.PhysicalPath = "DotNetOpenAuth.TestWeb\" Release.AspNetCompiler.TargetPath = "PrecompiledWeb\DotNetOpenAuth.TestWeb\" Release.AspNetCompiler.Updateable = "false" - Release.AspNetCompiler.ForceOverwrite = "true" - Release.AspNetCompiler.FixedNames = "false" - Release.AspNetCompiler.Debug = "False" - VWDPort = "5073" - DefaultWebSiteLanguage = "Visual C#" + Release.AspNetCompiler.VirtualPath = "/DotNetOpenAuth.TestWeb" StartServerOnDebug = "false" + TargetFrameworkMoniker = ".NETFramework,Version%3Dv4.0" + VWDPort = "5073" EndProjectSection EndProject Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "OpenIdProviderWebForms", "..\samples\OpenIdProviderWebForms\OpenIdProviderWebForms.csproj", "{2A59DE0A-B76A-4B42-9A33-04D34548353D}" @@ -73,22 +87,24 @@ Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "OpenIdProviderMvc", "..\sam EndProject Project("{E24C65DC-7377-472B-9ABA-BC803B73C61A}") = "InfoCardRelyingParty", "..\samples\InfoCardRelyingParty\", "{6EB90284-BD15-461C-BBF2-131CF55F7C8B}" ProjectSection(WebsiteProperties) = preProject - TargetFrameworkMoniker = ".NETFramework,Version%3Dv3.5" - ProjectReferences = "{408D10B8-34BA-4CBD-B7AA-FEB1907ABA4C}|DotNetOpenAuth.InfoCard.dll;{60426312-6AE5-4835-8667-37EDEA670222}|DotNetOpenAuth.Core.dll;{173E7B8D-E751-46E2-A133-F72297C0D2F4}|DotNetOpenAuth.Core.UI.dll;{26DC877F-5987-48DD-9DDB-E62F2DE0E150}|Org.Mentalis.Security.Cryptography.dll;{F4CD3C04-6037-4946-B7A5-34BFC96A75D2}|Mono.Math.dll;{E040EB58-B4D2-457B-A023-AE6EF3BD34DE}|DotNetOpenAuth.InfoCard.UI.dll;" - Debug.AspNetCompiler.VirtualPath = "/InfoCardRelyingParty" + Debug.AspNetCompiler.Debug = "True" + Debug.AspNetCompiler.FixedNames = "false" + Debug.AspNetCompiler.ForceOverwrite = "true" Debug.AspNetCompiler.PhysicalPath = "..\samples\InfoCardRelyingParty\" Debug.AspNetCompiler.TargetPath = "PrecompiledWeb\InfoCardRelyingParty\" Debug.AspNetCompiler.Updateable = "true" - Debug.AspNetCompiler.ForceOverwrite = "true" - Debug.AspNetCompiler.FixedNames = "false" - Debug.AspNetCompiler.Debug = "True" - Release.AspNetCompiler.VirtualPath = "/InfoCardRelyingParty" + Debug.AspNetCompiler.VirtualPath = "/InfoCardRelyingParty" + DefaultWebSiteLanguage = "Visual Basic" + ProjectReferences = "{60426312-6ae5-4835-8667-37edea670222}|DotNetOpenAuth.Core.dll;{173e7b8d-e751-46e2-a133-f72297c0d2f4}|DotNetOpenAuth.Core.UI.dll;{408d10b8-34ba-4cbd-b7aa-feb1907aba4c}|DotNetOpenAuth.InfoCard.dll;{e040eb58-b4d2-457b-a023-ae6ef3bd34de}|DotNetOpenAuth.InfoCard.UI.dll;" + Release.AspNetCompiler.Debug = "False" + Release.AspNetCompiler.FixedNames = "false" + Release.AspNetCompiler.ForceOverwrite = "true" Release.AspNetCompiler.PhysicalPath = "..\samples\InfoCardRelyingParty\" Release.AspNetCompiler.TargetPath = "PrecompiledWeb\InfoCardRelyingParty\" Release.AspNetCompiler.Updateable = "true" - Release.AspNetCompiler.ForceOverwrite = "true" - Release.AspNetCompiler.FixedNames = "false" - Release.AspNetCompiler.Debug = "False" + Release.AspNetCompiler.VirtualPath = "/InfoCardRelyingParty" + StartServerOnDebug = "false" + TargetFrameworkMoniker = ".NETFramework,Version%3Dv4.0" VWDPort = "59719" EndProjectSection EndProject @@ -98,21 +114,22 @@ Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "OpenIdRelyingPartyWebForms" EndProject Project("{E24C65DC-7377-472B-9ABA-BC803B73C61A}") = "OpenIdRelyingPartyClassicAsp", "..\samples\OpenIdRelyingPartyClassicAsp\", "{BBACD972-014D-478F-9B07-56B9E1D4CC73}" ProjectSection(WebsiteProperties) = preProject - TargetFrameworkMoniker = ".NETFramework,Version%3Dv3.5" - Debug.AspNetCompiler.VirtualPath = "/OpenIdRelyingPartyClassicAsp" + Debug.AspNetCompiler.Debug = "True" + Debug.AspNetCompiler.FixedNames = "false" + Debug.AspNetCompiler.ForceOverwrite = "true" Debug.AspNetCompiler.PhysicalPath = "..\samples\OpenIdRelyingPartyClassicAsp\" Debug.AspNetCompiler.TargetPath = "PrecompiledWeb\OpenIdRelyingPartyClassicAsp\" Debug.AspNetCompiler.Updateable = "true" - Debug.AspNetCompiler.ForceOverwrite = "true" - Debug.AspNetCompiler.FixedNames = "false" - Debug.AspNetCompiler.Debug = "True" - Release.AspNetCompiler.VirtualPath = "/OpenIdRelyingPartyClassicAsp" + Debug.AspNetCompiler.VirtualPath = "/OpenIdRelyingPartyClassicAsp" + Release.AspNetCompiler.Debug = "False" + Release.AspNetCompiler.FixedNames = "false" + Release.AspNetCompiler.ForceOverwrite = "true" Release.AspNetCompiler.PhysicalPath = "..\samples\OpenIdRelyingPartyClassicAsp\" Release.AspNetCompiler.TargetPath = "PrecompiledWeb\OpenIdRelyingPartyClassicAsp\" Release.AspNetCompiler.Updateable = "true" - Release.AspNetCompiler.ForceOverwrite = "true" - Release.AspNetCompiler.FixedNames = "false" - Release.AspNetCompiler.Debug = "False" + Release.AspNetCompiler.VirtualPath = "/OpenIdRelyingPartyClassicAsp" + StartServerOnDebug = "false" + TargetFrameworkMoniker = ".NETFramework,Version%3Dv4.0" VWDPort = "10318" EndProjectSection EndProject @@ -124,10 +141,10 @@ Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "WebFormsRelyingParty", "..\ EndProject Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "RelyingPartyLogic", "..\projecttemplates\RelyingPartyLogic\RelyingPartyLogic.csproj", "{17932639-1F50-48AF-B0A5-E2BF832F82CC}" ProjectSection(ProjectDependencies) = postProject - {2B4261AC-25AC-4B8D-B459-1C42B6B1401D} = {2B4261AC-25AC-4B8D-B459-1C42B6B1401D} + {08A938B6-EBBD-4036-880E-CE7BA2D14510} = {08A938B6-EBBD-4036-880E-CE7BA2D14510} EndProjectSection EndProject -Project("{C8D11400-126E-41CD-887F-60BD40844F9E}") = "RelyingPartyDatabase", "..\projecttemplates\RelyingPartyDatabase\RelyingPartyDatabase.dbproj", "{2B4261AC-25AC-4B8D-B459-1C42B6B1401D}" +Project("{00D1A9C2-B5F0-4AF3-8072-F6C62B433612}") = "RelyingPartyDatabase", "..\projecttemplates\RelyingPartyDatabase\RelyingPartyDatabase.sqlproj", "{08A938B6-EBBD-4036-880E-CE7BA2D14510}" EndProject Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "MvcRelyingParty", "..\projecttemplates\MvcRelyingParty\MvcRelyingParty.csproj", "{152B7BAB-E884-4A59-8067-440971A682B3}" EndProject @@ -172,18 +189,8 @@ Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "DotNetOpenAuth.OpenId.UI", EndProject Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "DotNetOpenAuth.Core.UI", "DotNetOpenAuth.Core.UI\DotNetOpenAuth.Core.UI.csproj", "{173E7B8D-E751-46E2-A133-F72297C0D2F4}" EndProject -Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Product", "Product", "{8D4236F7-C49B-49D3-BA71-6B86C9514BDE}" -EndProject -Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "OpenID", "OpenID", "{C7EF1823-3AA7-477E-8476-28929F5C05D2}" -EndProject -Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "OAuth", "OAuth", "{9AF74F53-10F5-49A2-B747-87B97CD559D3}" -EndProject -Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "InfoCard", "InfoCard", "{529B4262-6B5A-4EF9-BD3B-1D29A2597B67}" -EndProject Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "DotNetOpenAuth.InfoCard.UI", "DotNetOpenAuth.InfoCard.UI\DotNetOpenAuth.InfoCard.UI.csproj", "{E040EB58-B4D2-457B-A023-AE6EF3BD34DE}" EndProject -Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "OAuth2", "OAuth2", "{238B6BA8-AD99-43C9-B8E2-D2BCE6CE04DC}" -EndProject Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "DotNetOpenAuth.OAuth.Consumer", "DotNetOpenAuth.OAuth.Consumer\DotNetOpenAuth.OAuth.Consumer.csproj", "{B202E40D-4663-4A2B-ACDA-865F88FF7CAA}" EndProject Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "DotNetOpenAuth.OAuth.ServiceProvider", "DotNetOpenAuth.OAuth.ServiceProvider\DotNetOpenAuth.OAuth.ServiceProvider.csproj", "{FED1923A-6D70-49B5-A37A-FB744FEC1C86}" @@ -196,12 +203,8 @@ Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "DotNetOpenAuth.OAuth2.Resou EndProject Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "DotNetOpenAuth.OAuth2.Client.UI", "DotNetOpenAuth.OAuth2.Client.UI\DotNetOpenAuth.OAuth2.Client.UI.csproj", "{ADC2CC8C-541E-4F86-ACB1-DD504A36FA4B}" EndProject -Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Combinations", "Combinations", "{57A7DD35-666C-4FA3-9A1B-38961E50CA27}" -EndProject Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "DotNetOpenAuth.OpenIdInfoCard.UI", "DotNetOpenAuth.OpenIdInfoCard.UI\DotNetOpenAuth.OpenIdInfoCard.UI.csproj", "{3A8347E8-59A5-4092-8842-95C75D7D2F36}" EndProject -Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "OAuth1", "OAuth1", "{2DA24D4F-6918-43CF-973C-BC9D818F8E90}" -EndProject Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "OAuthConsumer", "..\samples\OAuthConsumer\OAuthConsumer.csproj", "{2BF1FFD1-607E-40D0-8AB5-EDA677EF932D}" EndProject Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "OAuthServiceProvider", "..\samples\OAuthServiceProvider\OAuthServiceProvider.csproj", "{CAA2408C-6918-4902-A512-58BCD62216C3}" @@ -214,6 +217,8 @@ Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "DotNetOpenAuth.AspNet.Test" EndProject Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "DotNetOpenAuth.OAuth.Common", "DotNetOpenAuth.OAuth.Common\DotNetOpenAuth.OAuth.Common.csproj", "{115217C5-22CD-415C-A292-0DD0238CDD89}" EndProject +Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "DotNetOpenAuth.OAuth2.ClientAuthorization", "DotNetOpenAuth.OAuth2.ClientAuthorization\DotNetOpenAuth.OAuth2.ClientAuthorization.csproj", "{CCF3728A-B3D7-404A-9BC6-75197135F2D7}" +EndProject Global GlobalSection(SolutionConfigurationPlatforms) = preSolution CodeAnalysis|Any CPU = CodeAnalysis|Any CPU @@ -221,356 +226,343 @@ Global Release|Any CPU = Release|Any CPU EndGlobalSection GlobalSection(ProjectConfigurationPlatforms) = postSolution - {4376ECC9-C346-4A99-B13C-FA93C0FBD2C9}.CodeAnalysis|Any CPU.ActiveCfg = CodeAnalysis|Any CPU - {4376ECC9-C346-4A99-B13C-FA93C0FBD2C9}.CodeAnalysis|Any CPU.Build.0 = CodeAnalysis|Any CPU - {4376ECC9-C346-4A99-B13C-FA93C0FBD2C9}.Debug|Any CPU.ActiveCfg = Debug|Any CPU - {4376ECC9-C346-4A99-B13C-FA93C0FBD2C9}.Debug|Any CPU.Build.0 = Debug|Any CPU - {4376ECC9-C346-4A99-B13C-FA93C0FBD2C9}.Release|Any CPU.ActiveCfg = Release|Any CPU - {4376ECC9-C346-4A99-B13C-FA93C0FBD2C9}.Release|Any CPU.Build.0 = Release|Any CPU - {AA78D112-D889-414B-A7D4-467B34C7B663}.CodeAnalysis|Any CPU.ActiveCfg = CodeAnalysis|Any CPU - {AA78D112-D889-414B-A7D4-467B34C7B663}.CodeAnalysis|Any CPU.Build.0 = CodeAnalysis|Any CPU - {AA78D112-D889-414B-A7D4-467B34C7B663}.Debug|Any CPU.ActiveCfg = Debug|Any CPU - {AA78D112-D889-414B-A7D4-467B34C7B663}.Debug|Any CPU.Build.0 = Debug|Any CPU - {AA78D112-D889-414B-A7D4-467B34C7B663}.Release|Any CPU.ActiveCfg = Release|Any CPU - {AA78D112-D889-414B-A7D4-467B34C7B663}.Release|Any CPU.Build.0 = Release|Any CPU - {47A84EF7-68C3-4D47-926A-9CCEA6518531}.CodeAnalysis|Any CPU.ActiveCfg = Debug|Any CPU - {47A84EF7-68C3-4D47-926A-9CCEA6518531}.CodeAnalysis|Any CPU.Build.0 = Debug|Any CPU - {47A84EF7-68C3-4D47-926A-9CCEA6518531}.Debug|Any CPU.ActiveCfg = Debug|Any CPU - {47A84EF7-68C3-4D47-926A-9CCEA6518531}.Debug|Any CPU.Build.0 = Debug|Any CPU - {47A84EF7-68C3-4D47-926A-9CCEA6518531}.Release|Any CPU.ActiveCfg = Debug|Any CPU - {47A84EF7-68C3-4D47-926A-9CCEA6518531}.Release|Any CPU.Build.0 = Debug|Any CPU - {2A59DE0A-B76A-4B42-9A33-04D34548353D}.CodeAnalysis|Any CPU.ActiveCfg = CodeAnalysis|Any CPU - {2A59DE0A-B76A-4B42-9A33-04D34548353D}.CodeAnalysis|Any CPU.Build.0 = CodeAnalysis|Any CPU - {2A59DE0A-B76A-4B42-9A33-04D34548353D}.Debug|Any CPU.ActiveCfg = Debug|Any CPU - {2A59DE0A-B76A-4B42-9A33-04D34548353D}.Debug|Any CPU.Build.0 = Debug|Any CPU - {2A59DE0A-B76A-4B42-9A33-04D34548353D}.Release|Any CPU.ActiveCfg = Release|Any CPU - {2A59DE0A-B76A-4B42-9A33-04D34548353D}.Release|Any CPU.Build.0 = Release|Any CPU - {AEA29D4D-396F-47F6-BC81-B58D4B855245}.CodeAnalysis|Any CPU.ActiveCfg = Release|Any CPU - {AEA29D4D-396F-47F6-BC81-B58D4B855245}.CodeAnalysis|Any CPU.Build.0 = Release|Any CPU - {AEA29D4D-396F-47F6-BC81-B58D4B855245}.Debug|Any CPU.ActiveCfg = Debug|Any CPU - {AEA29D4D-396F-47F6-BC81-B58D4B855245}.Debug|Any CPU.Build.0 = Debug|Any CPU - {AEA29D4D-396F-47F6-BC81-B58D4B855245}.Release|Any CPU.ActiveCfg = Release|Any CPU - {AEA29D4D-396F-47F6-BC81-B58D4B855245}.Release|Any CPU.Build.0 = Release|Any CPU - {6EB90284-BD15-461C-BBF2-131CF55F7C8B}.CodeAnalysis|Any CPU.ActiveCfg = Debug|Any CPU - {6EB90284-BD15-461C-BBF2-131CF55F7C8B}.CodeAnalysis|Any CPU.Build.0 = Debug|Any CPU - {6EB90284-BD15-461C-BBF2-131CF55F7C8B}.Debug|Any CPU.ActiveCfg = Debug|Any CPU - {6EB90284-BD15-461C-BBF2-131CF55F7C8B}.Debug|Any CPU.Build.0 = Debug|Any CPU - {6EB90284-BD15-461C-BBF2-131CF55F7C8B}.Release|Any CPU.ActiveCfg = Debug|Any CPU - {6EB90284-BD15-461C-BBF2-131CF55F7C8B}.Release|Any CPU.Build.0 = Debug|Any CPU - {07B193F1-68AD-4E9C-98AF-BEFB5E9403CB}.CodeAnalysis|Any CPU.ActiveCfg = Release|Any CPU - {07B193F1-68AD-4E9C-98AF-BEFB5E9403CB}.CodeAnalysis|Any CPU.Build.0 = Release|Any CPU + {07B193F1-68AD-4E9C-98AF-BEFB5E9403CB}.CodeAnalysis|Any CPU.ActiveCfg = Debug|Any CPU {07B193F1-68AD-4E9C-98AF-BEFB5E9403CB}.Debug|Any CPU.ActiveCfg = Debug|Any CPU {07B193F1-68AD-4E9C-98AF-BEFB5E9403CB}.Debug|Any CPU.Build.0 = Debug|Any CPU {07B193F1-68AD-4E9C-98AF-BEFB5E9403CB}.Release|Any CPU.ActiveCfg = Release|Any CPU {07B193F1-68AD-4E9C-98AF-BEFB5E9403CB}.Release|Any CPU.Build.0 = Release|Any CPU + {08A938B6-EBBD-4036-880E-CE7BA2D14510}.CodeAnalysis|Any CPU.ActiveCfg = Debug|Any CPU + {08A938B6-EBBD-4036-880E-CE7BA2D14510}.Debug|Any CPU.ActiveCfg = Debug|Any CPU + {08A938B6-EBBD-4036-880E-CE7BA2D14510}.Debug|Any CPU.Build.0 = Debug|Any CPU + {08A938B6-EBBD-4036-880E-CE7BA2D14510}.Debug|Any CPU.Deploy.0 = Debug|Any CPU + {08A938B6-EBBD-4036-880E-CE7BA2D14510}.Release|Any CPU.ActiveCfg = Release|Any CPU + {08A938B6-EBBD-4036-880E-CE7BA2D14510}.Release|Any CPU.Build.0 = Release|Any CPU + {08A938B6-EBBD-4036-880E-CE7BA2D14510}.Release|Any CPU.Deploy.0 = Release|Any CPU + {0B4EB2A8-283D-48FB-BCD0-85B8DFFE05E4}.CodeAnalysis|Any CPU.ActiveCfg = Debug|Any CPU + {0B4EB2A8-283D-48FB-BCD0-85B8DFFE05E4}.Debug|Any CPU.ActiveCfg = Debug|Any CPU + {0B4EB2A8-283D-48FB-BCD0-85B8DFFE05E4}.Debug|Any CPU.Build.0 = Debug|Any CPU + {0B4EB2A8-283D-48FB-BCD0-85B8DFFE05E4}.Release|Any CPU.ActiveCfg = Release|Any CPU + {0B4EB2A8-283D-48FB-BCD0-85B8DFFE05E4}.Release|Any CPU.Build.0 = Release|Any CPU + {115217C5-22CD-415C-A292-0DD0238CDD89}.CodeAnalysis|Any CPU.ActiveCfg = CodeAnalysis|Any CPU + {115217C5-22CD-415C-A292-0DD0238CDD89}.CodeAnalysis|Any CPU.Build.0 = CodeAnalysis|Any CPU + {115217C5-22CD-415C-A292-0DD0238CDD89}.Debug|Any CPU.ActiveCfg = Debug|Any CPU + {115217C5-22CD-415C-A292-0DD0238CDD89}.Debug|Any CPU.Build.0 = Debug|Any CPU + {115217C5-22CD-415C-A292-0DD0238CDD89}.Release|Any CPU.ActiveCfg = Release|Any CPU + {115217C5-22CD-415C-A292-0DD0238CDD89}.Release|Any CPU.Build.0 = Release|Any CPU + {152B7BAB-E884-4A59-8067-440971A682B3}.CodeAnalysis|Any CPU.ActiveCfg = Debug|Any CPU + {152B7BAB-E884-4A59-8067-440971A682B3}.Debug|Any CPU.ActiveCfg = Debug|Any CPU + {152B7BAB-E884-4A59-8067-440971A682B3}.Debug|Any CPU.Build.0 = Debug|Any CPU + {152B7BAB-E884-4A59-8067-440971A682B3}.Release|Any CPU.ActiveCfg = Release|Any CPU + {152B7BAB-E884-4A59-8067-440971A682B3}.Release|Any CPU.Build.0 = Release|Any CPU + {173E7B8D-E751-46E2-A133-F72297C0D2F4}.CodeAnalysis|Any CPU.ActiveCfg = CodeAnalysis|Any CPU + {173E7B8D-E751-46E2-A133-F72297C0D2F4}.CodeAnalysis|Any CPU.Build.0 = CodeAnalysis|Any CPU + {173E7B8D-E751-46E2-A133-F72297C0D2F4}.Debug|Any CPU.ActiveCfg = Debug|Any CPU + {173E7B8D-E751-46E2-A133-F72297C0D2F4}.Debug|Any CPU.Build.0 = Debug|Any CPU + {173E7B8D-E751-46E2-A133-F72297C0D2F4}.Release|Any CPU.ActiveCfg = Release|Any CPU + {173E7B8D-E751-46E2-A133-F72297C0D2F4}.Release|Any CPU.Build.0 = Release|Any CPU + {17932639-1F50-48AF-B0A5-E2BF832F82CC}.CodeAnalysis|Any CPU.ActiveCfg = Debug|Any CPU + {17932639-1F50-48AF-B0A5-E2BF832F82CC}.Debug|Any CPU.ActiveCfg = Debug|Any CPU + {17932639-1F50-48AF-B0A5-E2BF832F82CC}.Debug|Any CPU.Build.0 = Debug|Any CPU + {17932639-1F50-48AF-B0A5-E2BF832F82CC}.Release|Any CPU.ActiveCfg = Release|Any CPU + {17932639-1F50-48AF-B0A5-E2BF832F82CC}.Release|Any CPU.Build.0 = Release|Any CPU {1E8AEA89-BF69-47A1-B290-E8B0FE588700}.CodeAnalysis|Any CPU.ActiveCfg = CodeAnalysis|Any CPU {1E8AEA89-BF69-47A1-B290-E8B0FE588700}.CodeAnalysis|Any CPU.Build.0 = CodeAnalysis|Any CPU {1E8AEA89-BF69-47A1-B290-E8B0FE588700}.Debug|Any CPU.ActiveCfg = Debug|Any CPU {1E8AEA89-BF69-47A1-B290-E8B0FE588700}.Debug|Any CPU.Build.0 = Debug|Any CPU {1E8AEA89-BF69-47A1-B290-E8B0FE588700}.Release|Any CPU.ActiveCfg = Release|Any CPU {1E8AEA89-BF69-47A1-B290-E8B0FE588700}.Release|Any CPU.Build.0 = Release|Any CPU - {BBACD972-014D-478F-9B07-56B9E1D4CC73}.CodeAnalysis|Any CPU.ActiveCfg = Debug|Any CPU - {BBACD972-014D-478F-9B07-56B9E1D4CC73}.CodeAnalysis|Any CPU.Build.0 = Debug|Any CPU - {BBACD972-014D-478F-9B07-56B9E1D4CC73}.Debug|Any CPU.ActiveCfg = Debug|Any CPU - {BBACD972-014D-478F-9B07-56B9E1D4CC73}.Debug|Any CPU.Build.0 = Debug|Any CPU - {BBACD972-014D-478F-9B07-56B9E1D4CC73}.Release|Any CPU.ActiveCfg = Debug|Any CPU - {BBACD972-014D-478F-9B07-56B9E1D4CC73}.Release|Any CPU.Build.0 = Debug|Any CPU - {6EC36418-DBC5-4AD1-A402-413604AA7A08}.CodeAnalysis|Any CPU.ActiveCfg = CodeAnalysis|Any CPU - {6EC36418-DBC5-4AD1-A402-413604AA7A08}.CodeAnalysis|Any CPU.Build.0 = CodeAnalysis|Any CPU - {6EC36418-DBC5-4AD1-A402-413604AA7A08}.Debug|Any CPU.ActiveCfg = Debug|Any CPU - {6EC36418-DBC5-4AD1-A402-413604AA7A08}.Debug|Any CPU.Build.0 = Debug|Any CPU - {6EC36418-DBC5-4AD1-A402-413604AA7A08}.Release|Any CPU.ActiveCfg = Release|Any CPU - {6EC36418-DBC5-4AD1-A402-413604AA7A08}.Release|Any CPU.Build.0 = Release|Any CPU - {5C65603B-235F-47E6-B536-06385C60DE7F}.CodeAnalysis|Any CPU.ActiveCfg = Release|Any CPU - {5C65603B-235F-47E6-B536-06385C60DE7F}.CodeAnalysis|Any CPU.Build.0 = Release|Any CPU - {5C65603B-235F-47E6-B536-06385C60DE7F}.Debug|Any CPU.ActiveCfg = Debug|Any CPU - {5C65603B-235F-47E6-B536-06385C60DE7F}.Debug|Any CPU.Build.0 = Debug|Any CPU - {5C65603B-235F-47E6-B536-06385C60DE7F}.Release|Any CPU.ActiveCfg = Release|Any CPU - {5C65603B-235F-47E6-B536-06385C60DE7F}.Release|Any CPU.Build.0 = Release|Any CPU - {A78F8FC6-7B03-4230-BE41-761E400D6810}.CodeAnalysis|Any CPU.ActiveCfg = Release|Any CPU - {A78F8FC6-7B03-4230-BE41-761E400D6810}.CodeAnalysis|Any CPU.Build.0 = Release|Any CPU - {A78F8FC6-7B03-4230-BE41-761E400D6810}.Debug|Any CPU.ActiveCfg = Debug|Any CPU - {A78F8FC6-7B03-4230-BE41-761E400D6810}.Debug|Any CPU.Build.0 = Debug|Any CPU - {A78F8FC6-7B03-4230-BE41-761E400D6810}.Release|Any CPU.ActiveCfg = Release|Any CPU - {A78F8FC6-7B03-4230-BE41-761E400D6810}.Release|Any CPU.Build.0 = Release|Any CPU - {17932639-1F50-48AF-B0A5-E2BF832F82CC}.CodeAnalysis|Any CPU.ActiveCfg = Release|Any CPU - {17932639-1F50-48AF-B0A5-E2BF832F82CC}.CodeAnalysis|Any CPU.Build.0 = Release|Any CPU - {17932639-1F50-48AF-B0A5-E2BF832F82CC}.Debug|Any CPU.ActiveCfg = Debug|Any CPU - {17932639-1F50-48AF-B0A5-E2BF832F82CC}.Debug|Any CPU.Build.0 = Debug|Any CPU - {17932639-1F50-48AF-B0A5-E2BF832F82CC}.Release|Any CPU.ActiveCfg = Release|Any CPU - {17932639-1F50-48AF-B0A5-E2BF832F82CC}.Release|Any CPU.Build.0 = Release|Any CPU - {2B4261AC-25AC-4B8D-B459-1C42B6B1401D}.CodeAnalysis|Any CPU.ActiveCfg = Debug|Any CPU - {2B4261AC-25AC-4B8D-B459-1C42B6B1401D}.CodeAnalysis|Any CPU.Build.0 = Debug|Any CPU - {2B4261AC-25AC-4B8D-B459-1C42B6B1401D}.CodeAnalysis|Any CPU.Deploy.0 = Debug|Any CPU - {2B4261AC-25AC-4B8D-B459-1C42B6B1401D}.Debug|Any CPU.ActiveCfg = Debug|Any CPU - {2B4261AC-25AC-4B8D-B459-1C42B6B1401D}.Debug|Any CPU.Build.0 = Debug|Any CPU - {2B4261AC-25AC-4B8D-B459-1C42B6B1401D}.Debug|Any CPU.Deploy.0 = Debug|Any CPU - {2B4261AC-25AC-4B8D-B459-1C42B6B1401D}.Release|Any CPU.ActiveCfg = Release|Any CPU - {2B4261AC-25AC-4B8D-B459-1C42B6B1401D}.Release|Any CPU.Build.0 = Release|Any CPU - {2B4261AC-25AC-4B8D-B459-1C42B6B1401D}.Release|Any CPU.Deploy.0 = Release|Any CPU - {152B7BAB-E884-4A59-8067-440971A682B3}.CodeAnalysis|Any CPU.ActiveCfg = Release|Any CPU - {152B7BAB-E884-4A59-8067-440971A682B3}.CodeAnalysis|Any CPU.Build.0 = Release|Any CPU - {152B7BAB-E884-4A59-8067-440971A682B3}.Debug|Any CPU.ActiveCfg = Debug|Any CPU - {152B7BAB-E884-4A59-8067-440971A682B3}.Debug|Any CPU.Build.0 = Debug|Any CPU - {152B7BAB-E884-4A59-8067-440971A682B3}.Release|Any CPU.ActiveCfg = Release|Any CPU - {152B7BAB-E884-4A59-8067-440971A682B3}.Release|Any CPU.Build.0 = Release|Any CPU - {B64A1E7E-6A15-4B91-AF13-7D48F7DA5942}.CodeAnalysis|Any CPU.ActiveCfg = Release|Any CPU - {B64A1E7E-6A15-4B91-AF13-7D48F7DA5942}.CodeAnalysis|Any CPU.Build.0 = Release|Any CPU - {B64A1E7E-6A15-4B91-AF13-7D48F7DA5942}.Debug|Any CPU.ActiveCfg = Debug|Any CPU - {B64A1E7E-6A15-4B91-AF13-7D48F7DA5942}.Debug|Any CPU.Build.0 = Debug|Any CPU - {B64A1E7E-6A15-4B91-AF13-7D48F7DA5942}.Release|Any CPU.ActiveCfg = Release|Any CPU - {B64A1E7E-6A15-4B91-AF13-7D48F7DA5942}.Release|Any CPU.Build.0 = Release|Any CPU - {0B4EB2A8-283D-48FB-BCD0-85B8DFFE05E4}.CodeAnalysis|Any CPU.ActiveCfg = Release|Any CPU - {0B4EB2A8-283D-48FB-BCD0-85B8DFFE05E4}.CodeAnalysis|Any CPU.Build.0 = Release|Any CPU - {0B4EB2A8-283D-48FB-BCD0-85B8DFFE05E4}.Debug|Any CPU.ActiveCfg = Debug|Any CPU - {0B4EB2A8-283D-48FB-BCD0-85B8DFFE05E4}.Debug|Any CPU.Build.0 = Debug|Any CPU - {0B4EB2A8-283D-48FB-BCD0-85B8DFFE05E4}.Release|Any CPU.ActiveCfg = Release|Any CPU - {0B4EB2A8-283D-48FB-BCD0-85B8DFFE05E4}.Release|Any CPU.Build.0 = Release|Any CPU - {F289B925-4307-4BEC-B411-885CE70E3379}.CodeAnalysis|Any CPU.ActiveCfg = Release|Any CPU - {F289B925-4307-4BEC-B411-885CE70E3379}.CodeAnalysis|Any CPU.Build.0 = Release|Any CPU - {F289B925-4307-4BEC-B411-885CE70E3379}.Debug|Any CPU.ActiveCfg = Debug|Any CPU - {F289B925-4307-4BEC-B411-885CE70E3379}.Debug|Any CPU.Build.0 = Debug|Any CPU - {F289B925-4307-4BEC-B411-885CE70E3379}.Release|Any CPU.ActiveCfg = Release|Any CPU - {F289B925-4307-4BEC-B411-885CE70E3379}.Release|Any CPU.Build.0 = Release|Any CPU - {9529606E-AF76-4387-BFB7-3D10A5B399AA}.CodeAnalysis|Any CPU.ActiveCfg = Release|Any CPU - {9529606E-AF76-4387-BFB7-3D10A5B399AA}.CodeAnalysis|Any CPU.Build.0 = Release|Any CPU - {9529606E-AF76-4387-BFB7-3D10A5B399AA}.Debug|Any CPU.ActiveCfg = Debug|Any CPU - {9529606E-AF76-4387-BFB7-3D10A5B399AA}.Debug|Any CPU.Build.0 = Debug|Any CPU - {9529606E-AF76-4387-BFB7-3D10A5B399AA}.Release|Any CPU.ActiveCfg = Release|Any CPU - {9529606E-AF76-4387-BFB7-3D10A5B399AA}.Release|Any CPU.Build.0 = Release|Any CPU - {E135F455-0669-49F8-9207-07FCA8C8FC79}.CodeAnalysis|Any CPU.ActiveCfg = Release|Any CPU - {E135F455-0669-49F8-9207-07FCA8C8FC79}.CodeAnalysis|Any CPU.Build.0 = Release|Any CPU - {E135F455-0669-49F8-9207-07FCA8C8FC79}.Debug|Any CPU.ActiveCfg = Debug|Any CPU - {E135F455-0669-49F8-9207-07FCA8C8FC79}.Debug|Any CPU.Build.0 = Debug|Any CPU - {E135F455-0669-49F8-9207-07FCA8C8FC79}.Release|Any CPU.ActiveCfg = Release|Any CPU - {E135F455-0669-49F8-9207-07FCA8C8FC79}.Release|Any CPU.Build.0 = Release|Any CPU - {C78E8235-1D46-43EB-A912-80B522C4E9AE}.CodeAnalysis|Any CPU.ActiveCfg = Release|Any CPU - {C78E8235-1D46-43EB-A912-80B522C4E9AE}.CodeAnalysis|Any CPU.Build.0 = Release|Any CPU - {C78E8235-1D46-43EB-A912-80B522C4E9AE}.Debug|Any CPU.ActiveCfg = Debug|Any CPU - {C78E8235-1D46-43EB-A912-80B522C4E9AE}.Debug|Any CPU.Build.0 = Debug|Any CPU - {C78E8235-1D46-43EB-A912-80B522C4E9AE}.Release|Any CPU.ActiveCfg = Release|Any CPU - {C78E8235-1D46-43EB-A912-80B522C4E9AE}.Release|Any CPU.Build.0 = Release|Any CPU - {60426312-6AE5-4835-8667-37EDEA670222}.CodeAnalysis|Any CPU.ActiveCfg = CodeAnalysis|Any CPU - {60426312-6AE5-4835-8667-37EDEA670222}.CodeAnalysis|Any CPU.Build.0 = CodeAnalysis|Any CPU - {60426312-6AE5-4835-8667-37EDEA670222}.Debug|Any CPU.ActiveCfg = Debug|Any CPU - {60426312-6AE5-4835-8667-37EDEA670222}.Debug|Any CPU.Build.0 = Debug|Any CPU - {60426312-6AE5-4835-8667-37EDEA670222}.Release|Any CPU.ActiveCfg = Release|Any CPU - {60426312-6AE5-4835-8667-37EDEA670222}.Release|Any CPU.Build.0 = Release|Any CPU - {3896A32A-E876-4C23-B9B8-78E17D134CD3}.CodeAnalysis|Any CPU.ActiveCfg = Debug|Any CPU - {3896A32A-E876-4C23-B9B8-78E17D134CD3}.CodeAnalysis|Any CPU.Build.0 = Debug|Any CPU + {1ED8D424-F8AB-4050-ACEB-F27F4F909484}.CodeAnalysis|Any CPU.ActiveCfg = CodeAnalysis|Any CPU + {1ED8D424-F8AB-4050-ACEB-F27F4F909484}.CodeAnalysis|Any CPU.Build.0 = CodeAnalysis|Any CPU + {1ED8D424-F8AB-4050-ACEB-F27F4F909484}.Debug|Any CPU.ActiveCfg = Debug|Any CPU + {1ED8D424-F8AB-4050-ACEB-F27F4F909484}.Debug|Any CPU.Build.0 = Debug|Any CPU + {1ED8D424-F8AB-4050-ACEB-F27F4F909484}.Release|Any CPU.ActiveCfg = Release|Any CPU + {1ED8D424-F8AB-4050-ACEB-F27F4F909484}.Release|Any CPU.Build.0 = Release|Any CPU + {26DC877F-5987-48DD-9DDB-E62F2DE0E150}.CodeAnalysis|Any CPU.ActiveCfg = CodeAnalysis|Any CPU + {26DC877F-5987-48DD-9DDB-E62F2DE0E150}.CodeAnalysis|Any CPU.Build.0 = CodeAnalysis|Any CPU + {26DC877F-5987-48DD-9DDB-E62F2DE0E150}.Debug|Any CPU.ActiveCfg = Debug|Any CPU + {26DC877F-5987-48DD-9DDB-E62F2DE0E150}.Debug|Any CPU.Build.0 = Debug|Any CPU + {26DC877F-5987-48DD-9DDB-E62F2DE0E150}.Release|Any CPU.ActiveCfg = Release|Any CPU + {26DC877F-5987-48DD-9DDB-E62F2DE0E150}.Release|Any CPU.Build.0 = Release|Any CPU + {2A59DE0A-B76A-4B42-9A33-04D34548353D}.CodeAnalysis|Any CPU.ActiveCfg = CodeAnalysis|Any CPU + {2A59DE0A-B76A-4B42-9A33-04D34548353D}.CodeAnalysis|Any CPU.Build.0 = CodeAnalysis|Any CPU + {2A59DE0A-B76A-4B42-9A33-04D34548353D}.Debug|Any CPU.ActiveCfg = Debug|Any CPU + {2A59DE0A-B76A-4B42-9A33-04D34548353D}.Debug|Any CPU.Build.0 = Debug|Any CPU + {2A59DE0A-B76A-4B42-9A33-04D34548353D}.Release|Any CPU.ActiveCfg = Release|Any CPU + {2A59DE0A-B76A-4B42-9A33-04D34548353D}.Release|Any CPU.Build.0 = Release|Any CPU + {2BF1FFD1-607E-40D0-8AB5-EDA677EF932D}.CodeAnalysis|Any CPU.ActiveCfg = Debug|Any CPU + {2BF1FFD1-607E-40D0-8AB5-EDA677EF932D}.Debug|Any CPU.ActiveCfg = Debug|Any CPU + {2BF1FFD1-607E-40D0-8AB5-EDA677EF932D}.Debug|Any CPU.Build.0 = Debug|Any CPU + {2BF1FFD1-607E-40D0-8AB5-EDA677EF932D}.Release|Any CPU.ActiveCfg = Release|Any CPU + {2BF1FFD1-607E-40D0-8AB5-EDA677EF932D}.Release|Any CPU.Build.0 = Release|Any CPU + {3896A32A-E876-4C23-B9B8-78E17D134CD3}.CodeAnalysis|Any CPU.ActiveCfg = CodeAnalysis|Any CPU + {3896A32A-E876-4C23-B9B8-78E17D134CD3}.CodeAnalysis|Any CPU.Build.0 = CodeAnalysis|Any CPU {3896A32A-E876-4C23-B9B8-78E17D134CD3}.Debug|Any CPU.ActiveCfg = Debug|Any CPU {3896A32A-E876-4C23-B9B8-78E17D134CD3}.Debug|Any CPU.Build.0 = Debug|Any CPU {3896A32A-E876-4C23-B9B8-78E17D134CD3}.Release|Any CPU.ActiveCfg = Release|Any CPU {3896A32A-E876-4C23-B9B8-78E17D134CD3}.Release|Any CPU.Build.0 = Release|Any CPU - {A288FCC8-6FCF-46DA-A45E-5F9281556361}.CodeAnalysis|Any CPU.ActiveCfg = CodeAnalysis|Any CPU - {A288FCC8-6FCF-46DA-A45E-5F9281556361}.CodeAnalysis|Any CPU.Build.0 = CodeAnalysis|Any CPU - {A288FCC8-6FCF-46DA-A45E-5F9281556361}.Debug|Any CPU.ActiveCfg = Debug|Any CPU - {A288FCC8-6FCF-46DA-A45E-5F9281556361}.Debug|Any CPU.Build.0 = Debug|Any CPU - {A288FCC8-6FCF-46DA-A45E-5F9281556361}.Release|Any CPU.ActiveCfg = Release|Any CPU - {A288FCC8-6FCF-46DA-A45E-5F9281556361}.Release|Any CPU.Build.0 = Release|Any CPU + {3A8347E8-59A5-4092-8842-95C75D7D2F36}.CodeAnalysis|Any CPU.ActiveCfg = CodeAnalysis|Any CPU + {3A8347E8-59A5-4092-8842-95C75D7D2F36}.CodeAnalysis|Any CPU.Build.0 = CodeAnalysis|Any CPU + {3A8347E8-59A5-4092-8842-95C75D7D2F36}.Debug|Any CPU.ActiveCfg = Debug|Any CPU + {3A8347E8-59A5-4092-8842-95C75D7D2F36}.Debug|Any CPU.Build.0 = Debug|Any CPU + {3A8347E8-59A5-4092-8842-95C75D7D2F36}.Release|Any CPU.ActiveCfg = Release|Any CPU + {3A8347E8-59A5-4092-8842-95C75D7D2F36}.Release|Any CPU.Build.0 = Release|Any CPU {408D10B8-34BA-4CBD-B7AA-FEB1907ABA4C}.CodeAnalysis|Any CPU.ActiveCfg = CodeAnalysis|Any CPU {408D10B8-34BA-4CBD-B7AA-FEB1907ABA4C}.CodeAnalysis|Any CPU.Build.0 = CodeAnalysis|Any CPU {408D10B8-34BA-4CBD-B7AA-FEB1907ABA4C}.Debug|Any CPU.ActiveCfg = Debug|Any CPU {408D10B8-34BA-4CBD-B7AA-FEB1907ABA4C}.Debug|Any CPU.Build.0 = Debug|Any CPU {408D10B8-34BA-4CBD-B7AA-FEB1907ABA4C}.Release|Any CPU.ActiveCfg = Release|Any CPU {408D10B8-34BA-4CBD-B7AA-FEB1907ABA4C}.Release|Any CPU.Build.0 = Release|Any CPU + {4376ECC9-C346-4A99-B13C-FA93C0FBD2C9}.CodeAnalysis|Any CPU.ActiveCfg = CodeAnalysis|Any CPU + {4376ECC9-C346-4A99-B13C-FA93C0FBD2C9}.CodeAnalysis|Any CPU.Build.0 = CodeAnalysis|Any CPU + {4376ECC9-C346-4A99-B13C-FA93C0FBD2C9}.Debug|Any CPU.ActiveCfg = Debug|Any CPU + {4376ECC9-C346-4A99-B13C-FA93C0FBD2C9}.Debug|Any CPU.Build.0 = Debug|Any CPU + {4376ECC9-C346-4A99-B13C-FA93C0FBD2C9}.Release|Any CPU.ActiveCfg = Release|Any CPU + {4376ECC9-C346-4A99-B13C-FA93C0FBD2C9}.Release|Any CPU.Build.0 = Release|Any CPU + {47A84EF7-68C3-4D47-926A-9CCEA6518531}.CodeAnalysis|Any CPU.ActiveCfg = Debug|Any CPU + {47A84EF7-68C3-4D47-926A-9CCEA6518531}.Debug|Any CPU.ActiveCfg = Debug|Any CPU + {47A84EF7-68C3-4D47-926A-9CCEA6518531}.Debug|Any CPU.Build.0 = Debug|Any CPU + {47A84EF7-68C3-4D47-926A-9CCEA6518531}.Release|Any CPU.ActiveCfg = Debug|Any CPU + {47A84EF7-68C3-4D47-926A-9CCEA6518531}.Release|Any CPU.Build.0 = Debug|Any CPU + {4BFAA336-5DF3-4F27-82D3-06D13240E8AB}.CodeAnalysis|Any CPU.ActiveCfg = CodeAnalysis|Any CPU + {4BFAA336-5DF3-4F27-82D3-06D13240E8AB}.CodeAnalysis|Any CPU.Build.0 = CodeAnalysis|Any CPU + {4BFAA336-5DF3-4F27-82D3-06D13240E8AB}.Debug|Any CPU.ActiveCfg = Debug|Any CPU + {4BFAA336-5DF3-4F27-82D3-06D13240E8AB}.Debug|Any CPU.Build.0 = Debug|Any CPU + {4BFAA336-5DF3-4F27-82D3-06D13240E8AB}.Release|Any CPU.ActiveCfg = Release|Any CPU + {4BFAA336-5DF3-4F27-82D3-06D13240E8AB}.Release|Any CPU.Build.0 = Release|Any CPU + {51835086-9611-4C53-819B-F2D5C9320873}.CodeAnalysis|Any CPU.ActiveCfg = CodeAnalysis|Any CPU + {51835086-9611-4C53-819B-F2D5C9320873}.CodeAnalysis|Any CPU.Build.0 = CodeAnalysis|Any CPU + {51835086-9611-4C53-819B-F2D5C9320873}.Debug|Any CPU.ActiveCfg = Debug|Any CPU + {51835086-9611-4C53-819B-F2D5C9320873}.Debug|Any CPU.Build.0 = Debug|Any CPU + {51835086-9611-4C53-819B-F2D5C9320873}.Release|Any CPU.ActiveCfg = Release|Any CPU + {51835086-9611-4C53-819B-F2D5C9320873}.Release|Any CPU.Build.0 = Release|Any CPU {56459A6C-6BA2-4BAC-A9C0-27E3BD961FA6}.CodeAnalysis|Any CPU.ActiveCfg = CodeAnalysis|Any CPU {56459A6C-6BA2-4BAC-A9C0-27E3BD961FA6}.CodeAnalysis|Any CPU.Build.0 = CodeAnalysis|Any CPU {56459A6C-6BA2-4BAC-A9C0-27E3BD961FA6}.Debug|Any CPU.ActiveCfg = Debug|Any CPU {56459A6C-6BA2-4BAC-A9C0-27E3BD961FA6}.Debug|Any CPU.Build.0 = Debug|Any CPU {56459A6C-6BA2-4BAC-A9C0-27E3BD961FA6}.Release|Any CPU.ActiveCfg = Release|Any CPU {56459A6C-6BA2-4BAC-A9C0-27E3BD961FA6}.Release|Any CPU.Build.0 = Release|Any CPU - {F8284738-3B5D-4733-A511-38C23F4A763F}.CodeAnalysis|Any CPU.ActiveCfg = Debug|Any CPU - {F8284738-3B5D-4733-A511-38C23F4A763F}.CodeAnalysis|Any CPU.Build.0 = Debug|Any CPU - {F8284738-3B5D-4733-A511-38C23F4A763F}.Debug|Any CPU.ActiveCfg = Debug|Any CPU - {F8284738-3B5D-4733-A511-38C23F4A763F}.Debug|Any CPU.Build.0 = Debug|Any CPU - {F8284738-3B5D-4733-A511-38C23F4A763F}.Release|Any CPU.ActiveCfg = Release|Any CPU - {F8284738-3B5D-4733-A511-38C23F4A763F}.Release|Any CPU.Build.0 = Release|Any CPU - {F458AB60-BA1C-43D9-8CEF-EC01B50BE87B}.CodeAnalysis|Any CPU.ActiveCfg = Debug|Any CPU - {F458AB60-BA1C-43D9-8CEF-EC01B50BE87B}.CodeAnalysis|Any CPU.Build.0 = Debug|Any CPU - {F458AB60-BA1C-43D9-8CEF-EC01B50BE87B}.Debug|Any CPU.ActiveCfg = Debug|Any CPU - {F458AB60-BA1C-43D9-8CEF-EC01B50BE87B}.Debug|Any CPU.Build.0 = Debug|Any CPU - {F458AB60-BA1C-43D9-8CEF-EC01B50BE87B}.Release|Any CPU.ActiveCfg = Release|Any CPU - {F458AB60-BA1C-43D9-8CEF-EC01B50BE87B}.Release|Any CPU.Build.0 = Release|Any CPU - {F4CD3C04-6037-4946-B7A5-34BFC96A75D2}.CodeAnalysis|Any CPU.ActiveCfg = CodeAnalysis|Any CPU - {F4CD3C04-6037-4946-B7A5-34BFC96A75D2}.CodeAnalysis|Any CPU.Build.0 = CodeAnalysis|Any CPU - {F4CD3C04-6037-4946-B7A5-34BFC96A75D2}.Debug|Any CPU.ActiveCfg = Debug|Any CPU - {F4CD3C04-6037-4946-B7A5-34BFC96A75D2}.Debug|Any CPU.Build.0 = Debug|Any CPU - {F4CD3C04-6037-4946-B7A5-34BFC96A75D2}.Release|Any CPU.ActiveCfg = Release|Any CPU - {F4CD3C04-6037-4946-B7A5-34BFC96A75D2}.Release|Any CPU.Build.0 = Release|Any CPU - {26DC877F-5987-48DD-9DDB-E62F2DE0E150}.CodeAnalysis|Any CPU.ActiveCfg = CodeAnalysis|Any CPU - {26DC877F-5987-48DD-9DDB-E62F2DE0E150}.CodeAnalysis|Any CPU.Build.0 = CodeAnalysis|Any CPU - {26DC877F-5987-48DD-9DDB-E62F2DE0E150}.Debug|Any CPU.ActiveCfg = Debug|Any CPU - {26DC877F-5987-48DD-9DDB-E62F2DE0E150}.Debug|Any CPU.Build.0 = Debug|Any CPU - {26DC877F-5987-48DD-9DDB-E62F2DE0E150}.Release|Any CPU.ActiveCfg = Release|Any CPU - {26DC877F-5987-48DD-9DDB-E62F2DE0E150}.Release|Any CPU.Build.0 = Release|Any CPU - {1ED8D424-F8AB-4050-ACEB-F27F4F909484}.CodeAnalysis|Any CPU.ActiveCfg = CodeAnalysis|Any CPU - {1ED8D424-F8AB-4050-ACEB-F27F4F909484}.CodeAnalysis|Any CPU.Build.0 = CodeAnalysis|Any CPU - {1ED8D424-F8AB-4050-ACEB-F27F4F909484}.Debug|Any CPU.ActiveCfg = Debug|Any CPU - {1ED8D424-F8AB-4050-ACEB-F27F4F909484}.Debug|Any CPU.Build.0 = Debug|Any CPU - {1ED8D424-F8AB-4050-ACEB-F27F4F909484}.Release|Any CPU.ActiveCfg = Release|Any CPU - {1ED8D424-F8AB-4050-ACEB-F27F4F909484}.Release|Any CPU.Build.0 = Release|Any CPU - {9D0F8866-2131-4C2A-BC0E-16FEA5B50828}.CodeAnalysis|Any CPU.ActiveCfg = CodeAnalysis|Any CPU - {9D0F8866-2131-4C2A-BC0E-16FEA5B50828}.CodeAnalysis|Any CPU.Build.0 = CodeAnalysis|Any CPU - {9D0F8866-2131-4C2A-BC0E-16FEA5B50828}.Debug|Any CPU.ActiveCfg = Debug|Any CPU - {9D0F8866-2131-4C2A-BC0E-16FEA5B50828}.Debug|Any CPU.Build.0 = Debug|Any CPU - {9D0F8866-2131-4C2A-BC0E-16FEA5B50828}.Release|Any CPU.ActiveCfg = Release|Any CPU - {9D0F8866-2131-4C2A-BC0E-16FEA5B50828}.Release|Any CPU.Build.0 = Release|Any CPU + {5C65603B-235F-47E6-B536-06385C60DE7F}.CodeAnalysis|Any CPU.ActiveCfg = Debug|Any CPU + {5C65603B-235F-47E6-B536-06385C60DE7F}.Debug|Any CPU.ActiveCfg = Debug|Any CPU + {5C65603B-235F-47E6-B536-06385C60DE7F}.Debug|Any CPU.Build.0 = Debug|Any CPU + {5C65603B-235F-47E6-B536-06385C60DE7F}.Release|Any CPU.ActiveCfg = Release|Any CPU + {5C65603B-235F-47E6-B536-06385C60DE7F}.Release|Any CPU.Build.0 = Release|Any CPU + {60426312-6AE5-4835-8667-37EDEA670222}.CodeAnalysis|Any CPU.ActiveCfg = CodeAnalysis|Any CPU + {60426312-6AE5-4835-8667-37EDEA670222}.CodeAnalysis|Any CPU.Build.0 = CodeAnalysis|Any CPU + {60426312-6AE5-4835-8667-37EDEA670222}.Debug|Any CPU.ActiveCfg = Debug|Any CPU + {60426312-6AE5-4835-8667-37EDEA670222}.Debug|Any CPU.Build.0 = Debug|Any CPU + {60426312-6AE5-4835-8667-37EDEA670222}.Release|Any CPU.ActiveCfg = Release|Any CPU + {60426312-6AE5-4835-8667-37EDEA670222}.Release|Any CPU.Build.0 = Release|Any CPU + {6EB90284-BD15-461C-BBF2-131CF55F7C8B}.CodeAnalysis|Any CPU.ActiveCfg = Debug|Any CPU + {6EB90284-BD15-461C-BBF2-131CF55F7C8B}.Debug|Any CPU.ActiveCfg = Debug|Any CPU + {6EB90284-BD15-461C-BBF2-131CF55F7C8B}.Debug|Any CPU.Build.0 = Debug|Any CPU + {6EB90284-BD15-461C-BBF2-131CF55F7C8B}.Release|Any CPU.ActiveCfg = Debug|Any CPU + {6EB90284-BD15-461C-BBF2-131CF55F7C8B}.Release|Any CPU.Build.0 = Debug|Any CPU + {6EC36418-DBC5-4AD1-A402-413604AA7A08}.CodeAnalysis|Any CPU.ActiveCfg = CodeAnalysis|Any CPU + {6EC36418-DBC5-4AD1-A402-413604AA7A08}.CodeAnalysis|Any CPU.Build.0 = CodeAnalysis|Any CPU + {6EC36418-DBC5-4AD1-A402-413604AA7A08}.Debug|Any CPU.ActiveCfg = Debug|Any CPU + {6EC36418-DBC5-4AD1-A402-413604AA7A08}.Debug|Any CPU.Build.0 = Debug|Any CPU + {6EC36418-DBC5-4AD1-A402-413604AA7A08}.Release|Any CPU.ActiveCfg = Release|Any CPU + {6EC36418-DBC5-4AD1-A402-413604AA7A08}.Release|Any CPU.Build.0 = Release|Any CPU {75E13AAE-7D51-4421-ABFD-3F3DC91F576E}.CodeAnalysis|Any CPU.ActiveCfg = CodeAnalysis|Any CPU {75E13AAE-7D51-4421-ABFD-3F3DC91F576E}.CodeAnalysis|Any CPU.Build.0 = CodeAnalysis|Any CPU {75E13AAE-7D51-4421-ABFD-3F3DC91F576E}.Debug|Any CPU.ActiveCfg = Debug|Any CPU {75E13AAE-7D51-4421-ABFD-3F3DC91F576E}.Debug|Any CPU.Build.0 = Debug|Any CPU {75E13AAE-7D51-4421-ABFD-3F3DC91F576E}.Release|Any CPU.ActiveCfg = Release|Any CPU {75E13AAE-7D51-4421-ABFD-3F3DC91F576E}.Release|Any CPU.Build.0 = Release|Any CPU - {173E7B8D-E751-46E2-A133-F72297C0D2F4}.CodeAnalysis|Any CPU.ActiveCfg = CodeAnalysis|Any CPU - {173E7B8D-E751-46E2-A133-F72297C0D2F4}.CodeAnalysis|Any CPU.Build.0 = CodeAnalysis|Any CPU - {173E7B8D-E751-46E2-A133-F72297C0D2F4}.Debug|Any CPU.ActiveCfg = Debug|Any CPU - {173E7B8D-E751-46E2-A133-F72297C0D2F4}.Debug|Any CPU.Build.0 = Debug|Any CPU - {173E7B8D-E751-46E2-A133-F72297C0D2F4}.Release|Any CPU.ActiveCfg = Release|Any CPU - {173E7B8D-E751-46E2-A133-F72297C0D2F4}.Release|Any CPU.Build.0 = Release|Any CPU - {E040EB58-B4D2-457B-A023-AE6EF3BD34DE}.CodeAnalysis|Any CPU.ActiveCfg = CodeAnalysis|Any CPU - {E040EB58-B4D2-457B-A023-AE6EF3BD34DE}.CodeAnalysis|Any CPU.Build.0 = CodeAnalysis|Any CPU - {E040EB58-B4D2-457B-A023-AE6EF3BD34DE}.Debug|Any CPU.ActiveCfg = Debug|Any CPU - {E040EB58-B4D2-457B-A023-AE6EF3BD34DE}.Debug|Any CPU.Build.0 = Debug|Any CPU - {E040EB58-B4D2-457B-A023-AE6EF3BD34DE}.Release|Any CPU.ActiveCfg = Release|Any CPU - {E040EB58-B4D2-457B-A023-AE6EF3BD34DE}.Release|Any CPU.Build.0 = Release|Any CPU - {B202E40D-4663-4A2B-ACDA-865F88FF7CAA}.CodeAnalysis|Any CPU.ActiveCfg = CodeAnalysis|Any CPU - {B202E40D-4663-4A2B-ACDA-865F88FF7CAA}.CodeAnalysis|Any CPU.Build.0 = CodeAnalysis|Any CPU - {B202E40D-4663-4A2B-ACDA-865F88FF7CAA}.Debug|Any CPU.ActiveCfg = Debug|Any CPU - {B202E40D-4663-4A2B-ACDA-865F88FF7CAA}.Debug|Any CPU.Build.0 = Debug|Any CPU - {B202E40D-4663-4A2B-ACDA-865F88FF7CAA}.Release|Any CPU.ActiveCfg = Release|Any CPU - {B202E40D-4663-4A2B-ACDA-865F88FF7CAA}.Release|Any CPU.Build.0 = Release|Any CPU - {FED1923A-6D70-49B5-A37A-FB744FEC1C86}.CodeAnalysis|Any CPU.ActiveCfg = CodeAnalysis|Any CPU - {FED1923A-6D70-49B5-A37A-FB744FEC1C86}.CodeAnalysis|Any CPU.Build.0 = CodeAnalysis|Any CPU - {FED1923A-6D70-49B5-A37A-FB744FEC1C86}.Debug|Any CPU.ActiveCfg = Debug|Any CPU - {FED1923A-6D70-49B5-A37A-FB744FEC1C86}.Debug|Any CPU.Build.0 = Debug|Any CPU - {FED1923A-6D70-49B5-A37A-FB744FEC1C86}.Release|Any CPU.ActiveCfg = Release|Any CPU - {FED1923A-6D70-49B5-A37A-FB744FEC1C86}.Release|Any CPU.Build.0 = Release|Any CPU + {9529606E-AF76-4387-BFB7-3D10A5B399AA}.CodeAnalysis|Any CPU.ActiveCfg = Debug|Any CPU + {9529606E-AF76-4387-BFB7-3D10A5B399AA}.Debug|Any CPU.ActiveCfg = Debug|Any CPU + {9529606E-AF76-4387-BFB7-3D10A5B399AA}.Debug|Any CPU.Build.0 = Debug|Any CPU + {9529606E-AF76-4387-BFB7-3D10A5B399AA}.Release|Any CPU.ActiveCfg = Release|Any CPU + {9529606E-AF76-4387-BFB7-3D10A5B399AA}.Release|Any CPU.Build.0 = Release|Any CPU {99BB7543-EA16-43EE-A7BC-D7A25A3B22F6}.CodeAnalysis|Any CPU.ActiveCfg = CodeAnalysis|Any CPU {99BB7543-EA16-43EE-A7BC-D7A25A3B22F6}.CodeAnalysis|Any CPU.Build.0 = CodeAnalysis|Any CPU {99BB7543-EA16-43EE-A7BC-D7A25A3B22F6}.Debug|Any CPU.ActiveCfg = Debug|Any CPU {99BB7543-EA16-43EE-A7BC-D7A25A3B22F6}.Debug|Any CPU.Build.0 = Debug|Any CPU {99BB7543-EA16-43EE-A7BC-D7A25A3B22F6}.Release|Any CPU.ActiveCfg = Release|Any CPU {99BB7543-EA16-43EE-A7BC-D7A25A3B22F6}.Release|Any CPU.Build.0 = Release|Any CPU - {CDEDD439-7F35-4E6E-8605-4E70BDC4CC99}.CodeAnalysis|Any CPU.ActiveCfg = CodeAnalysis|Any CPU - {CDEDD439-7F35-4E6E-8605-4E70BDC4CC99}.CodeAnalysis|Any CPU.Build.0 = CodeAnalysis|Any CPU - {CDEDD439-7F35-4E6E-8605-4E70BDC4CC99}.Debug|Any CPU.ActiveCfg = Debug|Any CPU - {CDEDD439-7F35-4E6E-8605-4E70BDC4CC99}.Debug|Any CPU.Build.0 = Debug|Any CPU - {CDEDD439-7F35-4E6E-8605-4E70BDC4CC99}.Release|Any CPU.ActiveCfg = Release|Any CPU - {CDEDD439-7F35-4E6E-8605-4E70BDC4CC99}.Release|Any CPU.Build.0 = Release|Any CPU + {9D0F8866-2131-4C2A-BC0E-16FEA5B50828}.CodeAnalysis|Any CPU.ActiveCfg = CodeAnalysis|Any CPU + {9D0F8866-2131-4C2A-BC0E-16FEA5B50828}.CodeAnalysis|Any CPU.Build.0 = CodeAnalysis|Any CPU + {9D0F8866-2131-4C2A-BC0E-16FEA5B50828}.Debug|Any CPU.ActiveCfg = Debug|Any CPU + {9D0F8866-2131-4C2A-BC0E-16FEA5B50828}.Debug|Any CPU.Build.0 = Debug|Any CPU + {9D0F8866-2131-4C2A-BC0E-16FEA5B50828}.Release|Any CPU.ActiveCfg = Release|Any CPU + {9D0F8866-2131-4C2A-BC0E-16FEA5B50828}.Release|Any CPU.Build.0 = Release|Any CPU {A1A3150A-7B0E-4A34-8E35-045296CD3C76}.CodeAnalysis|Any CPU.ActiveCfg = CodeAnalysis|Any CPU {A1A3150A-7B0E-4A34-8E35-045296CD3C76}.CodeAnalysis|Any CPU.Build.0 = CodeAnalysis|Any CPU {A1A3150A-7B0E-4A34-8E35-045296CD3C76}.Debug|Any CPU.ActiveCfg = Debug|Any CPU {A1A3150A-7B0E-4A34-8E35-045296CD3C76}.Debug|Any CPU.Build.0 = Debug|Any CPU {A1A3150A-7B0E-4A34-8E35-045296CD3C76}.Release|Any CPU.ActiveCfg = Release|Any CPU {A1A3150A-7B0E-4A34-8E35-045296CD3C76}.Release|Any CPU.Build.0 = Release|Any CPU + {A288FCC8-6FCF-46DA-A45E-5F9281556361}.CodeAnalysis|Any CPU.ActiveCfg = CodeAnalysis|Any CPU + {A288FCC8-6FCF-46DA-A45E-5F9281556361}.CodeAnalysis|Any CPU.Build.0 = CodeAnalysis|Any CPU + {A288FCC8-6FCF-46DA-A45E-5F9281556361}.Debug|Any CPU.ActiveCfg = Debug|Any CPU + {A288FCC8-6FCF-46DA-A45E-5F9281556361}.Debug|Any CPU.Build.0 = Debug|Any CPU + {A288FCC8-6FCF-46DA-A45E-5F9281556361}.Release|Any CPU.ActiveCfg = Release|Any CPU + {A288FCC8-6FCF-46DA-A45E-5F9281556361}.Release|Any CPU.Build.0 = Release|Any CPU + {A78F8FC6-7B03-4230-BE41-761E400D6810}.CodeAnalysis|Any CPU.ActiveCfg = Debug|Any CPU + {A78F8FC6-7B03-4230-BE41-761E400D6810}.Debug|Any CPU.ActiveCfg = Debug|Any CPU + {A78F8FC6-7B03-4230-BE41-761E400D6810}.Debug|Any CPU.Build.0 = Debug|Any CPU + {A78F8FC6-7B03-4230-BE41-761E400D6810}.Release|Any CPU.ActiveCfg = Release|Any CPU + {A78F8FC6-7B03-4230-BE41-761E400D6810}.Release|Any CPU.Build.0 = Release|Any CPU + {AA78D112-D889-414B-A7D4-467B34C7B663}.CodeAnalysis|Any CPU.ActiveCfg = CodeAnalysis|Any CPU + {AA78D112-D889-414B-A7D4-467B34C7B663}.CodeAnalysis|Any CPU.Build.0 = CodeAnalysis|Any CPU + {AA78D112-D889-414B-A7D4-467B34C7B663}.Debug|Any CPU.ActiveCfg = Debug|Any CPU + {AA78D112-D889-414B-A7D4-467B34C7B663}.Debug|Any CPU.Build.0 = Debug|Any CPU + {AA78D112-D889-414B-A7D4-467B34C7B663}.Release|Any CPU.ActiveCfg = Release|Any CPU + {AA78D112-D889-414B-A7D4-467B34C7B663}.Release|Any CPU.Build.0 = Release|Any CPU {ADC2CC8C-541E-4F86-ACB1-DD504A36FA4B}.CodeAnalysis|Any CPU.ActiveCfg = CodeAnalysis|Any CPU {ADC2CC8C-541E-4F86-ACB1-DD504A36FA4B}.CodeAnalysis|Any CPU.Build.0 = CodeAnalysis|Any CPU {ADC2CC8C-541E-4F86-ACB1-DD504A36FA4B}.Debug|Any CPU.ActiveCfg = Debug|Any CPU {ADC2CC8C-541E-4F86-ACB1-DD504A36FA4B}.Debug|Any CPU.Build.0 = Debug|Any CPU {ADC2CC8C-541E-4F86-ACB1-DD504A36FA4B}.Release|Any CPU.ActiveCfg = Release|Any CPU {ADC2CC8C-541E-4F86-ACB1-DD504A36FA4B}.Release|Any CPU.Build.0 = Release|Any CPU - {3A8347E8-59A5-4092-8842-95C75D7D2F36}.CodeAnalysis|Any CPU.ActiveCfg = CodeAnalysis|Any CPU - {3A8347E8-59A5-4092-8842-95C75D7D2F36}.CodeAnalysis|Any CPU.Build.0 = CodeAnalysis|Any CPU - {3A8347E8-59A5-4092-8842-95C75D7D2F36}.Debug|Any CPU.ActiveCfg = Debug|Any CPU - {3A8347E8-59A5-4092-8842-95C75D7D2F36}.Debug|Any CPU.Build.0 = Debug|Any CPU - {3A8347E8-59A5-4092-8842-95C75D7D2F36}.Release|Any CPU.ActiveCfg = Release|Any CPU - {3A8347E8-59A5-4092-8842-95C75D7D2F36}.Release|Any CPU.Build.0 = Release|Any CPU - {2BF1FFD1-607E-40D0-8AB5-EDA677EF932D}.CodeAnalysis|Any CPU.ActiveCfg = Debug|Any CPU - {2BF1FFD1-607E-40D0-8AB5-EDA677EF932D}.CodeAnalysis|Any CPU.Build.0 = Debug|Any CPU - {2BF1FFD1-607E-40D0-8AB5-EDA677EF932D}.Debug|Any CPU.ActiveCfg = Debug|Any CPU - {2BF1FFD1-607E-40D0-8AB5-EDA677EF932D}.Debug|Any CPU.Build.0 = Debug|Any CPU - {2BF1FFD1-607E-40D0-8AB5-EDA677EF932D}.Release|Any CPU.ActiveCfg = Release|Any CPU - {2BF1FFD1-607E-40D0-8AB5-EDA677EF932D}.Release|Any CPU.Build.0 = Release|Any CPU - {CAA2408C-6918-4902-A512-58BCD62216C3}.CodeAnalysis|Any CPU.ActiveCfg = Debug|Any CPU - {CAA2408C-6918-4902-A512-58BCD62216C3}.CodeAnalysis|Any CPU.Build.0 = Debug|Any CPU - {CAA2408C-6918-4902-A512-58BCD62216C3}.Debug|Any CPU.ActiveCfg = Debug|Any CPU - {CAA2408C-6918-4902-A512-58BCD62216C3}.Debug|Any CPU.Build.0 = Debug|Any CPU - {CAA2408C-6918-4902-A512-58BCD62216C3}.Release|Any CPU.ActiveCfg = Release|Any CPU - {CAA2408C-6918-4902-A512-58BCD62216C3}.Release|Any CPU.Build.0 = Release|Any CPU - {4BFAA336-5DF3-4F27-82D3-06D13240E8AB}.CodeAnalysis|Any CPU.ActiveCfg = CodeAnalysis|Any CPU - {4BFAA336-5DF3-4F27-82D3-06D13240E8AB}.CodeAnalysis|Any CPU.Build.0 = CodeAnalysis|Any CPU - {4BFAA336-5DF3-4F27-82D3-06D13240E8AB}.Debug|Any CPU.ActiveCfg = Debug|Any CPU - {4BFAA336-5DF3-4F27-82D3-06D13240E8AB}.Debug|Any CPU.Build.0 = Debug|Any CPU - {4BFAA336-5DF3-4F27-82D3-06D13240E8AB}.Release|Any CPU.ActiveCfg = Release|Any CPU - {4BFAA336-5DF3-4F27-82D3-06D13240E8AB}.Release|Any CPU.Build.0 = Release|Any CPU - {51835086-9611-4C53-819B-F2D5C9320873}.CodeAnalysis|Any CPU.ActiveCfg = CodeAnalysis|Any CPU - {51835086-9611-4C53-819B-F2D5C9320873}.CodeAnalysis|Any CPU.Build.0 = CodeAnalysis|Any CPU - {51835086-9611-4C53-819B-F2D5C9320873}.Debug|Any CPU.ActiveCfg = Debug|Any CPU - {51835086-9611-4C53-819B-F2D5C9320873}.Debug|Any CPU.Build.0 = Debug|Any CPU - {51835086-9611-4C53-819B-F2D5C9320873}.Release|Any CPU.ActiveCfg = Release|Any CPU - {51835086-9611-4C53-819B-F2D5C9320873}.Release|Any CPU.Build.0 = Release|Any CPU + {AEA29D4D-396F-47F6-BC81-B58D4B855245}.CodeAnalysis|Any CPU.ActiveCfg = Debug|Any CPU + {AEA29D4D-396F-47F6-BC81-B58D4B855245}.Debug|Any CPU.ActiveCfg = Debug|Any CPU + {AEA29D4D-396F-47F6-BC81-B58D4B855245}.Debug|Any CPU.Build.0 = Debug|Any CPU + {AEA29D4D-396F-47F6-BC81-B58D4B855245}.Release|Any CPU.ActiveCfg = Release|Any CPU + {AEA29D4D-396F-47F6-BC81-B58D4B855245}.Release|Any CPU.Build.0 = Release|Any CPU + {B202E40D-4663-4A2B-ACDA-865F88FF7CAA}.CodeAnalysis|Any CPU.ActiveCfg = CodeAnalysis|Any CPU + {B202E40D-4663-4A2B-ACDA-865F88FF7CAA}.CodeAnalysis|Any CPU.Build.0 = CodeAnalysis|Any CPU + {B202E40D-4663-4A2B-ACDA-865F88FF7CAA}.Debug|Any CPU.ActiveCfg = Debug|Any CPU + {B202E40D-4663-4A2B-ACDA-865F88FF7CAA}.Debug|Any CPU.Build.0 = Debug|Any CPU + {B202E40D-4663-4A2B-ACDA-865F88FF7CAA}.Release|Any CPU.ActiveCfg = Release|Any CPU + {B202E40D-4663-4A2B-ACDA-865F88FF7CAA}.Release|Any CPU.Build.0 = Release|Any CPU + {B64A1E7E-6A15-4B91-AF13-7D48F7DA5942}.CodeAnalysis|Any CPU.ActiveCfg = Debug|Any CPU + {B64A1E7E-6A15-4B91-AF13-7D48F7DA5942}.Debug|Any CPU.ActiveCfg = Debug|Any CPU + {B64A1E7E-6A15-4B91-AF13-7D48F7DA5942}.Debug|Any CPU.Build.0 = Debug|Any CPU + {B64A1E7E-6A15-4B91-AF13-7D48F7DA5942}.Release|Any CPU.ActiveCfg = Release|Any CPU + {B64A1E7E-6A15-4B91-AF13-7D48F7DA5942}.Release|Any CPU.Build.0 = Release|Any CPU + {BBACD972-014D-478F-9B07-56B9E1D4CC73}.CodeAnalysis|Any CPU.ActiveCfg = Debug|Any CPU + {BBACD972-014D-478F-9B07-56B9E1D4CC73}.Debug|Any CPU.ActiveCfg = Debug|Any CPU + {BBACD972-014D-478F-9B07-56B9E1D4CC73}.Debug|Any CPU.Build.0 = Debug|Any CPU + {BBACD972-014D-478F-9B07-56B9E1D4CC73}.Release|Any CPU.ActiveCfg = Debug|Any CPU + {BBACD972-014D-478F-9B07-56B9E1D4CC73}.Release|Any CPU.Build.0 = Debug|Any CPU {C23B217B-4D35-4A72-A1F7-FAEB4F39CB91}.CodeAnalysis|Any CPU.ActiveCfg = Debug|Any CPU - {C23B217B-4D35-4A72-A1F7-FAEB4F39CB91}.CodeAnalysis|Any CPU.Build.0 = Debug|Any CPU {C23B217B-4D35-4A72-A1F7-FAEB4F39CB91}.Debug|Any CPU.ActiveCfg = Debug|Any CPU {C23B217B-4D35-4A72-A1F7-FAEB4F39CB91}.Debug|Any CPU.Build.0 = Debug|Any CPU {C23B217B-4D35-4A72-A1F7-FAEB4F39CB91}.Release|Any CPU.ActiveCfg = Release|Any CPU {C23B217B-4D35-4A72-A1F7-FAEB4F39CB91}.Release|Any CPU.Build.0 = Release|Any CPU - {115217C5-22CD-415C-A292-0DD0238CDD89}.CodeAnalysis|Any CPU.ActiveCfg = CodeAnalysis|Any CPU - {115217C5-22CD-415C-A292-0DD0238CDD89}.CodeAnalysis|Any CPU.Build.0 = CodeAnalysis|Any CPU - {115217C5-22CD-415C-A292-0DD0238CDD89}.Debug|Any CPU.ActiveCfg = Debug|Any CPU - {115217C5-22CD-415C-A292-0DD0238CDD89}.Debug|Any CPU.Build.0 = Debug|Any CPU - {115217C5-22CD-415C-A292-0DD0238CDD89}.Release|Any CPU.ActiveCfg = Release|Any CPU - {115217C5-22CD-415C-A292-0DD0238CDD89}.Release|Any CPU.Build.0 = Release|Any CPU + {C78E8235-1D46-43EB-A912-80B522C4E9AE}.CodeAnalysis|Any CPU.ActiveCfg = Debug|Any CPU + {C78E8235-1D46-43EB-A912-80B522C4E9AE}.Debug|Any CPU.ActiveCfg = Debug|Any CPU + {C78E8235-1D46-43EB-A912-80B522C4E9AE}.Debug|Any CPU.Build.0 = Debug|Any CPU + {C78E8235-1D46-43EB-A912-80B522C4E9AE}.Release|Any CPU.ActiveCfg = Release|Any CPU + {C78E8235-1D46-43EB-A912-80B522C4E9AE}.Release|Any CPU.Build.0 = Release|Any CPU + {CAA2408C-6918-4902-A512-58BCD62216C3}.CodeAnalysis|Any CPU.ActiveCfg = Debug|Any CPU + {CAA2408C-6918-4902-A512-58BCD62216C3}.Debug|Any CPU.ActiveCfg = Debug|Any CPU + {CAA2408C-6918-4902-A512-58BCD62216C3}.Debug|Any CPU.Build.0 = Debug|Any CPU + {CAA2408C-6918-4902-A512-58BCD62216C3}.Release|Any CPU.ActiveCfg = Release|Any CPU + {CAA2408C-6918-4902-A512-58BCD62216C3}.Release|Any CPU.Build.0 = Release|Any CPU + {CCF3728A-B3D7-404A-9BC6-75197135F2D7}.CodeAnalysis|Any CPU.ActiveCfg = CodeAnalysis|Any CPU + {CCF3728A-B3D7-404A-9BC6-75197135F2D7}.CodeAnalysis|Any CPU.Build.0 = CodeAnalysis|Any CPU + {CCF3728A-B3D7-404A-9BC6-75197135F2D7}.Debug|Any CPU.ActiveCfg = Debug|Any CPU + {CCF3728A-B3D7-404A-9BC6-75197135F2D7}.Debug|Any CPU.Build.0 = Debug|Any CPU + {CCF3728A-B3D7-404A-9BC6-75197135F2D7}.Release|Any CPU.ActiveCfg = Release|Any CPU + {CCF3728A-B3D7-404A-9BC6-75197135F2D7}.Release|Any CPU.Build.0 = Release|Any CPU + {CDEDD439-7F35-4E6E-8605-4E70BDC4CC99}.CodeAnalysis|Any CPU.ActiveCfg = CodeAnalysis|Any CPU + {CDEDD439-7F35-4E6E-8605-4E70BDC4CC99}.CodeAnalysis|Any CPU.Build.0 = CodeAnalysis|Any CPU + {CDEDD439-7F35-4E6E-8605-4E70BDC4CC99}.Debug|Any CPU.ActiveCfg = Debug|Any CPU + {CDEDD439-7F35-4E6E-8605-4E70BDC4CC99}.Debug|Any CPU.Build.0 = Debug|Any CPU + {CDEDD439-7F35-4E6E-8605-4E70BDC4CC99}.Release|Any CPU.ActiveCfg = Release|Any CPU + {CDEDD439-7F35-4E6E-8605-4E70BDC4CC99}.Release|Any CPU.Build.0 = Release|Any CPU + {E040EB58-B4D2-457B-A023-AE6EF3BD34DE}.CodeAnalysis|Any CPU.ActiveCfg = CodeAnalysis|Any CPU + {E040EB58-B4D2-457B-A023-AE6EF3BD34DE}.CodeAnalysis|Any CPU.Build.0 = CodeAnalysis|Any CPU + {E040EB58-B4D2-457B-A023-AE6EF3BD34DE}.Debug|Any CPU.ActiveCfg = Debug|Any CPU + {E040EB58-B4D2-457B-A023-AE6EF3BD34DE}.Debug|Any CPU.Build.0 = Debug|Any CPU + {E040EB58-B4D2-457B-A023-AE6EF3BD34DE}.Release|Any CPU.ActiveCfg = Release|Any CPU + {E040EB58-B4D2-457B-A023-AE6EF3BD34DE}.Release|Any CPU.Build.0 = Release|Any CPU + {E135F455-0669-49F8-9207-07FCA8C8FC79}.CodeAnalysis|Any CPU.ActiveCfg = Debug|Any CPU + {E135F455-0669-49F8-9207-07FCA8C8FC79}.Debug|Any CPU.ActiveCfg = Debug|Any CPU + {E135F455-0669-49F8-9207-07FCA8C8FC79}.Debug|Any CPU.Build.0 = Debug|Any CPU + {E135F455-0669-49F8-9207-07FCA8C8FC79}.Release|Any CPU.ActiveCfg = Release|Any CPU + {E135F455-0669-49F8-9207-07FCA8C8FC79}.Release|Any CPU.Build.0 = Release|Any CPU + {F289B925-4307-4BEC-B411-885CE70E3379}.CodeAnalysis|Any CPU.ActiveCfg = Debug|Any CPU + {F289B925-4307-4BEC-B411-885CE70E3379}.Debug|Any CPU.ActiveCfg = Debug|Any CPU + {F289B925-4307-4BEC-B411-885CE70E3379}.Debug|Any CPU.Build.0 = Debug|Any CPU + {F289B925-4307-4BEC-B411-885CE70E3379}.Release|Any CPU.ActiveCfg = Release|Any CPU + {F289B925-4307-4BEC-B411-885CE70E3379}.Release|Any CPU.Build.0 = Release|Any CPU + {F458AB60-BA1C-43D9-8CEF-EC01B50BE87B}.CodeAnalysis|Any CPU.ActiveCfg = CodeAnalysis|Any CPU + {F458AB60-BA1C-43D9-8CEF-EC01B50BE87B}.CodeAnalysis|Any CPU.Build.0 = CodeAnalysis|Any CPU + {F458AB60-BA1C-43D9-8CEF-EC01B50BE87B}.Debug|Any CPU.ActiveCfg = Debug|Any CPU + {F458AB60-BA1C-43D9-8CEF-EC01B50BE87B}.Debug|Any CPU.Build.0 = Debug|Any CPU + {F458AB60-BA1C-43D9-8CEF-EC01B50BE87B}.Release|Any CPU.ActiveCfg = Release|Any CPU + {F458AB60-BA1C-43D9-8CEF-EC01B50BE87B}.Release|Any CPU.Build.0 = Release|Any CPU + {F4CD3C04-6037-4946-B7A5-34BFC96A75D2}.CodeAnalysis|Any CPU.ActiveCfg = CodeAnalysis|Any CPU + {F4CD3C04-6037-4946-B7A5-34BFC96A75D2}.CodeAnalysis|Any CPU.Build.0 = CodeAnalysis|Any CPU + {F4CD3C04-6037-4946-B7A5-34BFC96A75D2}.Debug|Any CPU.ActiveCfg = Debug|Any CPU + {F4CD3C04-6037-4946-B7A5-34BFC96A75D2}.Debug|Any CPU.Build.0 = Debug|Any CPU + {F4CD3C04-6037-4946-B7A5-34BFC96A75D2}.Release|Any CPU.ActiveCfg = Release|Any CPU + {F4CD3C04-6037-4946-B7A5-34BFC96A75D2}.Release|Any CPU.Build.0 = Release|Any CPU + {F8284738-3B5D-4733-A511-38C23F4A763F}.CodeAnalysis|Any CPU.ActiveCfg = CodeAnalysis|Any CPU + {F8284738-3B5D-4733-A511-38C23F4A763F}.CodeAnalysis|Any CPU.Build.0 = CodeAnalysis|Any CPU + {F8284738-3B5D-4733-A511-38C23F4A763F}.Debug|Any CPU.ActiveCfg = Debug|Any CPU + {F8284738-3B5D-4733-A511-38C23F4A763F}.Debug|Any CPU.Build.0 = Debug|Any CPU + {F8284738-3B5D-4733-A511-38C23F4A763F}.Release|Any CPU.ActiveCfg = Release|Any CPU + {F8284738-3B5D-4733-A511-38C23F4A763F}.Release|Any CPU.Build.0 = Release|Any CPU + {FED1923A-6D70-49B5-A37A-FB744FEC1C86}.CodeAnalysis|Any CPU.ActiveCfg = CodeAnalysis|Any CPU + {FED1923A-6D70-49B5-A37A-FB744FEC1C86}.CodeAnalysis|Any CPU.Build.0 = CodeAnalysis|Any CPU + {FED1923A-6D70-49B5-A37A-FB744FEC1C86}.Debug|Any CPU.ActiveCfg = Debug|Any CPU + {FED1923A-6D70-49B5-A37A-FB744FEC1C86}.Debug|Any CPU.Build.0 = Debug|Any CPU + {FED1923A-6D70-49B5-A37A-FB744FEC1C86}.Release|Any CPU.ActiveCfg = Release|Any CPU + {FED1923A-6D70-49B5-A37A-FB744FEC1C86}.Release|Any CPU.Build.0 = Release|Any CPU EndGlobalSection GlobalSection(SolutionProperties) = preSolution HideSolutionNode = FALSE EndGlobalSection GlobalSection(NestedProjects) = preSolution - {CD57219F-24F4-4136-8741-6063D0D7A031} = {20B5E173-C3C4-49F8-BD25-E69044075B4D} {034D5B5B-7D00-4A9D-8AFE-4A476E0575B1} = {B4C6F647-C046-4B54-BE12-7701C4119EE7} - {1E2CBAA5-60A3-4AED-912E-541F5753CDC6} = {B4C6F647-C046-4B54-BE12-7701C4119EE7} - {8A5CEDB9-7F8A-4BE2-A1B9-97130F453277} = {B4C6F647-C046-4B54-BE12-7701C4119EE7} - {AA78D112-D889-414B-A7D4-467B34C7B663} = {B4C6F647-C046-4B54-BE12-7701C4119EE7} - {2DA24D4F-6918-43CF-973C-BC9D818F8E90} = {B4C6F647-C046-4B54-BE12-7701C4119EE7} - {2A59DE0A-B76A-4B42-9A33-04D34548353D} = {034D5B5B-7D00-4A9D-8AFE-4A476E0575B1} - {AEA29D4D-396F-47F6-BC81-B58D4B855245} = {034D5B5B-7D00-4A9D-8AFE-4A476E0575B1} {07B193F1-68AD-4E9C-98AF-BEFB5E9403CB} = {034D5B5B-7D00-4A9D-8AFE-4A476E0575B1} - {1E8AEA89-BF69-47A1-B290-E8B0FE588700} = {034D5B5B-7D00-4A9D-8AFE-4A476E0575B1} - {BBACD972-014D-478F-9B07-56B9E1D4CC73} = {034D5B5B-7D00-4A9D-8AFE-4A476E0575B1} - {B64A1E7E-6A15-4B91-AF13-7D48F7DA5942} = {034D5B5B-7D00-4A9D-8AFE-4A476E0575B1} + {08A938B6-EBBD-4036-880E-CE7BA2D14510} = {B9EB8729-4B54-4453-B089-FE6761BA3057} {0B4EB2A8-283D-48FB-BCD0-85B8DFFE05E4} = {034D5B5B-7D00-4A9D-8AFE-4A476E0575B1} - {F289B925-4307-4BEC-B411-885CE70E3379} = {034D5B5B-7D00-4A9D-8AFE-4A476E0575B1} - {6EC36418-DBC5-4AD1-A402-413604AA7A08} = {1E2CBAA5-60A3-4AED-912E-541F5753CDC6} - {9529606E-AF76-4387-BFB7-3D10A5B399AA} = {1E2CBAA5-60A3-4AED-912E-541F5753CDC6} - {E135F455-0669-49F8-9207-07FCA8C8FC79} = {1E2CBAA5-60A3-4AED-912E-541F5753CDC6} - {C78E8235-1D46-43EB-A912-80B522C4E9AE} = {1E2CBAA5-60A3-4AED-912E-541F5753CDC6} - {6EB90284-BD15-461C-BBF2-131CF55F7C8B} = {8A5CEDB9-7F8A-4BE2-A1B9-97130F453277} - {5C65603B-235F-47E6-B536-06385C60DE7F} = {E9ED920D-1F83-48C0-9A4B-09CCE505FE6D} - {A78F8FC6-7B03-4230-BE41-761E400D6810} = {B9EB8729-4B54-4453-B089-FE6761BA3057} - {17932639-1F50-48AF-B0A5-E2BF832F82CC} = {B9EB8729-4B54-4453-B089-FE6761BA3057} - {2B4261AC-25AC-4B8D-B459-1C42B6B1401D} = {B9EB8729-4B54-4453-B089-FE6761BA3057} + {115217C5-22CD-415C-A292-0DD0238CDD89} = {8D4236F7-C49B-49D3-BA71-6B86C9514BDE} {152B7BAB-E884-4A59-8067-440971A682B3} = {B9EB8729-4B54-4453-B089-FE6761BA3057} - {C7EF1823-3AA7-477E-8476-28929F5C05D2} = {8D4236F7-C49B-49D3-BA71-6B86C9514BDE} - {9AF74F53-10F5-49A2-B747-87B97CD559D3} = {8D4236F7-C49B-49D3-BA71-6B86C9514BDE} - {529B4262-6B5A-4EF9-BD3B-1D29A2597B67} = {8D4236F7-C49B-49D3-BA71-6B86C9514BDE} - {238B6BA8-AD99-43C9-B8E2-D2BCE6CE04DC} = {8D4236F7-C49B-49D3-BA71-6B86C9514BDE} {173E7B8D-E751-46E2-A133-F72297C0D2F4} = {8D4236F7-C49B-49D3-BA71-6B86C9514BDE} - {60426312-6AE5-4835-8667-37EDEA670222} = {8D4236F7-C49B-49D3-BA71-6B86C9514BDE} - {57A7DD35-666C-4FA3-9A1B-38961E50CA27} = {8D4236F7-C49B-49D3-BA71-6B86C9514BDE} - {51835086-9611-4C53-819B-F2D5C9320873} = {8D4236F7-C49B-49D3-BA71-6B86C9514BDE} - {115217C5-22CD-415C-A292-0DD0238CDD89} = {8D4236F7-C49B-49D3-BA71-6B86C9514BDE} - {F8284738-3B5D-4733-A511-38C23F4A763F} = {C7EF1823-3AA7-477E-8476-28929F5C05D2} - {F458AB60-BA1C-43D9-8CEF-EC01B50BE87B} = {C7EF1823-3AA7-477E-8476-28929F5C05D2} - {F4CD3C04-6037-4946-B7A5-34BFC96A75D2} = {C7EF1823-3AA7-477E-8476-28929F5C05D2} - {26DC877F-5987-48DD-9DDB-E62F2DE0E150} = {C7EF1823-3AA7-477E-8476-28929F5C05D2} + {17932639-1F50-48AF-B0A5-E2BF832F82CC} = {B9EB8729-4B54-4453-B089-FE6761BA3057} + {1E2CBAA5-60A3-4AED-912E-541F5753CDC6} = {B4C6F647-C046-4B54-BE12-7701C4119EE7} + {1E8AEA89-BF69-47A1-B290-E8B0FE588700} = {034D5B5B-7D00-4A9D-8AFE-4A476E0575B1} {1ED8D424-F8AB-4050-ACEB-F27F4F909484} = {C7EF1823-3AA7-477E-8476-28929F5C05D2} - {9D0F8866-2131-4C2A-BC0E-16FEA5B50828} = {C7EF1823-3AA7-477E-8476-28929F5C05D2} - {75E13AAE-7D51-4421-ABFD-3F3DC91F576E} = {C7EF1823-3AA7-477E-8476-28929F5C05D2} + {238B6BA8-AD99-43C9-B8E2-D2BCE6CE04DC} = {8D4236F7-C49B-49D3-BA71-6B86C9514BDE} + {26DC877F-5987-48DD-9DDB-E62F2DE0E150} = {C7EF1823-3AA7-477E-8476-28929F5C05D2} + {2A59DE0A-B76A-4B42-9A33-04D34548353D} = {034D5B5B-7D00-4A9D-8AFE-4A476E0575B1} + {2BF1FFD1-607E-40D0-8AB5-EDA677EF932D} = {2DA24D4F-6918-43CF-973C-BC9D818F8E90} + {2DA24D4F-6918-43CF-973C-BC9D818F8E90} = {B4C6F647-C046-4B54-BE12-7701C4119EE7} {3896A32A-E876-4C23-B9B8-78E17D134CD3} = {C7EF1823-3AA7-477E-8476-28929F5C05D2} - {A288FCC8-6FCF-46DA-A45E-5F9281556361} = {9AF74F53-10F5-49A2-B747-87B97CD559D3} - {B202E40D-4663-4A2B-ACDA-865F88FF7CAA} = {9AF74F53-10F5-49A2-B747-87B97CD559D3} - {FED1923A-6D70-49B5-A37A-FB744FEC1C86} = {9AF74F53-10F5-49A2-B747-87B97CD559D3} + {3A8347E8-59A5-4092-8842-95C75D7D2F36} = {57A7DD35-666C-4FA3-9A1B-38961E50CA27} {408D10B8-34BA-4CBD-B7AA-FEB1907ABA4C} = {529B4262-6B5A-4EF9-BD3B-1D29A2597B67} - {E040EB58-B4D2-457B-A023-AE6EF3BD34DE} = {529B4262-6B5A-4EF9-BD3B-1D29A2597B67} + {4BFAA336-5DF3-4F27-82D3-06D13240E8AB} = {57A7DD35-666C-4FA3-9A1B-38961E50CA27} + {51835086-9611-4C53-819B-F2D5C9320873} = {8D4236F7-C49B-49D3-BA71-6B86C9514BDE} + {529B4262-6B5A-4EF9-BD3B-1D29A2597B67} = {8D4236F7-C49B-49D3-BA71-6B86C9514BDE} {56459A6C-6BA2-4BAC-A9C0-27E3BD961FA6} = {238B6BA8-AD99-43C9-B8E2-D2BCE6CE04DC} + {57A7DD35-666C-4FA3-9A1B-38961E50CA27} = {8D4236F7-C49B-49D3-BA71-6B86C9514BDE} + {5C65603B-235F-47E6-B536-06385C60DE7F} = {E9ED920D-1F83-48C0-9A4B-09CCE505FE6D} + {60426312-6AE5-4835-8667-37EDEA670222} = {8D4236F7-C49B-49D3-BA71-6B86C9514BDE} + {6EB90284-BD15-461C-BBF2-131CF55F7C8B} = {8A5CEDB9-7F8A-4BE2-A1B9-97130F453277} + {6EC36418-DBC5-4AD1-A402-413604AA7A08} = {1E2CBAA5-60A3-4AED-912E-541F5753CDC6} + {75E13AAE-7D51-4421-ABFD-3F3DC91F576E} = {C7EF1823-3AA7-477E-8476-28929F5C05D2} + {8A5CEDB9-7F8A-4BE2-A1B9-97130F453277} = {B4C6F647-C046-4B54-BE12-7701C4119EE7} + {9529606E-AF76-4387-BFB7-3D10A5B399AA} = {1E2CBAA5-60A3-4AED-912E-541F5753CDC6} {99BB7543-EA16-43EE-A7BC-D7A25A3B22F6} = {238B6BA8-AD99-43C9-B8E2-D2BCE6CE04DC} - {CDEDD439-7F35-4E6E-8605-4E70BDC4CC99} = {238B6BA8-AD99-43C9-B8E2-D2BCE6CE04DC} + {9AF74F53-10F5-49A2-B747-87B97CD559D3} = {8D4236F7-C49B-49D3-BA71-6B86C9514BDE} + {9D0F8866-2131-4C2A-BC0E-16FEA5B50828} = {C7EF1823-3AA7-477E-8476-28929F5C05D2} {A1A3150A-7B0E-4A34-8E35-045296CD3C76} = {238B6BA8-AD99-43C9-B8E2-D2BCE6CE04DC} + {A288FCC8-6FCF-46DA-A45E-5F9281556361} = {9AF74F53-10F5-49A2-B747-87B97CD559D3} + {A78F8FC6-7B03-4230-BE41-761E400D6810} = {B9EB8729-4B54-4453-B089-FE6761BA3057} + {AA78D112-D889-414B-A7D4-467B34C7B663} = {B4C6F647-C046-4B54-BE12-7701C4119EE7} {ADC2CC8C-541E-4F86-ACB1-DD504A36FA4B} = {238B6BA8-AD99-43C9-B8E2-D2BCE6CE04DC} - {3A8347E8-59A5-4092-8842-95C75D7D2F36} = {57A7DD35-666C-4FA3-9A1B-38961E50CA27} - {4BFAA336-5DF3-4F27-82D3-06D13240E8AB} = {57A7DD35-666C-4FA3-9A1B-38961E50CA27} - {2BF1FFD1-607E-40D0-8AB5-EDA677EF932D} = {2DA24D4F-6918-43CF-973C-BC9D818F8E90} + {AEA29D4D-396F-47F6-BC81-B58D4B855245} = {034D5B5B-7D00-4A9D-8AFE-4A476E0575B1} + {B202E40D-4663-4A2B-ACDA-865F88FF7CAA} = {9AF74F53-10F5-49A2-B747-87B97CD559D3} + {B64A1E7E-6A15-4B91-AF13-7D48F7DA5942} = {034D5B5B-7D00-4A9D-8AFE-4A476E0575B1} + {BBACD972-014D-478F-9B07-56B9E1D4CC73} = {034D5B5B-7D00-4A9D-8AFE-4A476E0575B1} + {C78E8235-1D46-43EB-A912-80B522C4E9AE} = {1E2CBAA5-60A3-4AED-912E-541F5753CDC6} + {C7EF1823-3AA7-477E-8476-28929F5C05D2} = {8D4236F7-C49B-49D3-BA71-6B86C9514BDE} {CAA2408C-6918-4902-A512-58BCD62216C3} = {2DA24D4F-6918-43CF-973C-BC9D818F8E90} + {CCF3728A-B3D7-404A-9BC6-75197135F2D7} = {238B6BA8-AD99-43C9-B8E2-D2BCE6CE04DC} + {CD57219F-24F4-4136-8741-6063D0D7A031} = {20B5E173-C3C4-49F8-BD25-E69044075B4D} + {CDEDD439-7F35-4E6E-8605-4E70BDC4CC99} = {238B6BA8-AD99-43C9-B8E2-D2BCE6CE04DC} + {E040EB58-B4D2-457B-A023-AE6EF3BD34DE} = {529B4262-6B5A-4EF9-BD3B-1D29A2597B67} + {E135F455-0669-49F8-9207-07FCA8C8FC79} = {1E2CBAA5-60A3-4AED-912E-541F5753CDC6} + {F289B925-4307-4BEC-B411-885CE70E3379} = {034D5B5B-7D00-4A9D-8AFE-4A476E0575B1} + {F458AB60-BA1C-43D9-8CEF-EC01B50BE87B} = {C7EF1823-3AA7-477E-8476-28929F5C05D2} + {F4CD3C04-6037-4946-B7A5-34BFC96A75D2} = {C7EF1823-3AA7-477E-8476-28929F5C05D2} + {F8284738-3B5D-4733-A511-38C23F4A763F} = {C7EF1823-3AA7-477E-8476-28929F5C05D2} + {FED1923A-6D70-49B5-A37A-FB744FEC1C86} = {9AF74F53-10F5-49A2-B747-87B97CD559D3} EndGlobalSection EndGlobal diff --git a/src/version.txt b/src/version.txt index 0a076a9..9852b74 100644 --- a/src/version.txt +++ b/src/version.txt @@ -1,3 +1,3 @@ -4.0.3 - -0.23.0-draft5 +4.1.0 +-beta +0.25.0-draft1 diff --git a/tools/DotNetOpenAuth.automated.props b/tools/DotNetOpenAuth.automated.props index a2dbe06..e73fa8c 100644 --- a/tools/DotNetOpenAuth.automated.props +++ b/tools/DotNetOpenAuth.automated.props @@ -10,5 +10,6 @@ even if we're not distributing the built bits (as is the case for project templates). --> <Validation Condition=" '$(Validation)' == '' ">Full</Validation> <NUnitToolPath Condition=" '$(NUnitToolPath)' == '' ">$(ProjectRoot)tools\NUnit\bin</NUnitToolPath> + <TargetFrameworkVersion Condition=" '$(TargetFrameworkVersion)' == '' ">v4.0</TargetFrameworkVersion> </PropertyGroup> </Project> diff --git a/tools/DotNetOpenAuth.props b/tools/DotNetOpenAuth.props index a2a5011..b61d74a 100644 --- a/tools/DotNetOpenAuth.props +++ b/tools/DotNetOpenAuth.props @@ -3,10 +3,13 @@ <PropertyGroup> <ProductName>DotNetOpenAuth</ProductName> <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration> - <TargetFrameworkVersion Condition=" '$(TargetFrameworkVersion)' == '' ">v3.5</TargetFrameworkVersion> + <TargetFrameworkVersion Condition=" '$(TargetFrameworkVersion)' == '' ">v4.0</TargetFrameworkVersion> <DisableFastUpToDateCheck>false</DisableFastUpToDateCheck> <DropsRoot>$(ProjectRoot)drops\$(TargetFrameworkVersion)\$(Configuration)\</DropsRoot> <OutputPath>$(ProjectRoot)bin\$(TargetFrameworkVersion)\$(Configuration)\</OutputPath> + <OutputPath35>$(ProjectRoot)bin\v3.5\$(Configuration)\</OutputPath35> + <OutputPath40>$(ProjectRoot)bin\v4.0\$(Configuration)\</OutputPath40> + <OutputPath45>$(ProjectRoot)bin\v4.5\$(Configuration)\</OutputPath45> <DocOutputPath>$(ProjectRoot)doc\</DocOutputPath> <IntermediatePath>$(ProjectRoot)obj\$(TargetFrameworkVersion)\$(Configuration)\</IntermediatePath> <IntermediatePath40>$(ProjectRoot)obj\v4.0\$(Configuration)\</IntermediatePath40> @@ -29,6 +32,9 @@ <SignedSubPath>signed\</SignedSubPath> <ILMergeOutputAssemblyDirectory>$(OutputPath)unified\</ILMergeOutputAssemblyDirectory> + <ILMergeOutputAssembly35Directory>$(OutputPath35)unified\</ILMergeOutputAssembly35Directory> + <ILMergeOutputAssembly40Directory>$(OutputPath40)unified\</ILMergeOutputAssembly40Directory> + <ILMergeOutputAssembly45Directory>$(OutputPath45)unified\</ILMergeOutputAssembly45Directory> <ILMergeOutputAssembly>$(ILMergeOutputAssemblyDirectory)$(ProductName).dll</ILMergeOutputAssembly> <ILMergeOutputXmlDocs>$(ILMergeOutputAssemblyDirectory)$(ProductName).xml</ILMergeOutputXmlDocs> <ILMergeOutputContractAssemblyDirectory>$(ILMergeOutputAssemblyDirectory)CodeContracts\</ILMergeOutputContractAssemblyDirectory> @@ -77,6 +83,7 @@ " /> <ProductProjectNames Include=" DotNetOpenAuth.OAuth2; + DotNetOpenAuth.OAuth2.ClientAuthorization; DotNetOpenAuth.OAuth2.AuthorizationServer; DotNetOpenAuth.OAuth2.Client; DotNetOpenAuth.OAuth2.Client.UI; @@ -85,9 +92,19 @@ <MergeIntoUnifiedAssembly Condition=" '$(IncludeOAuth2)' == 'false' ">false</MergeIntoUnifiedAssembly> </ProductProjectNames> <ProductProjects Include="@(ProductProjectNames->'$(ProjectRoot)src\%(Identity)\%(Identity).csproj')"/> + <DelaySignedProjects Include=" + @(ProductProjects); + $(ProjectRoot)src\dotnetopenauth\dotnetopenauth.proj; + " /> + <DelaySignedProjects Include="$(ProjectRoot)src\dotnetopenauth.test\dotnetopenauth.test.csproj"> + <Nonshipping>true</Nonshipping> + </DelaySignedProjects> + <DelaySignedProjects Include="$(ProjectRoot)samples\openidofflineprovider\openidofflineprovider.csproj"> + <TargetFrameworkVersion>v4.0</TargetFrameworkVersion> + </DelaySignedProjects> <ProjectReferencesToRemove Include="@(ProductProjectNames->'..\..\src\%(Identity)\%(Identity).csproj')" /> - <AssemblyReferencesToReplaceWith Include="@(ProjectReferencesToRemove->'..\..\Bin\$(ProductName).dll')" /> + <AssemblyReferencesToReplaceWith Include="@(ProjectReferencesToRemove->'..\..\Bin-net4.0\$(ProductName).dll')" /> <SignDependsOn Include="Build" Condition=" '$(SuppressBuildTarget)' != 'true' " /> <ILMergeInputAssemblies Condition=" '$(ClrVersion)' == '2' " diff --git a/tools/DotNetOpenAuth.targets b/tools/DotNetOpenAuth.targets index d27fbdc..4317fb9 100644 --- a/tools/DotNetOpenAuth.targets +++ b/tools/DotNetOpenAuth.targets @@ -18,6 +18,7 @@ <CodeContractsInstallDir>$(ProjectRoot)tools\Contracts\</CodeContractsInstallDir> <DefineConstants Condition=" '$(SignAssembly)' == 'true' ">$(DefineConstants);StrongNameSigned</DefineConstants> <DefineConstants Condition=" '$(ClrVersion)' == '4' ">$(DefineConstants);CLR4</DefineConstants> + <DefineConstants Condition=" '$(TargetFrameworkVersion)' == 'v4.5' ">$(DefineConstants);NetFx45</DefineConstants> <AssemblySearchPaths>$(ProjectRoot)lib;$(AssemblySearchPaths)</AssemblySearchPaths> <AssemblySearchPaths Condition="Exists('$(ProjectRoot)lib\net-$(TargetFrameworkVersion)')">$(ProjectRoot)lib\net-$(TargetFrameworkVersion);$(AssemblySearchPaths)</AssemblySearchPaths> </PropertyGroup> @@ -97,6 +98,7 @@ <SignedAssemblyTargets Include="@(AssembliesToSign->'%(RootDir)%(Directory)$(SignedSubPath)%(FileName)%(Extension)')"> <UnsignedAssemblyPath>%(AssembliesToSign.Identity)</UnsignedAssemblyPath> <SymbolPath Condition="Exists('%(RootDir)%(Directory)%(FileName).pdb')">%(RootDir)%(Directory)%(FileName).pdb</SymbolPath> + <XmlDocumentationFile Condition="Exists('%(RootDir)%(Directory)%(FileName).xml')">%(RootDir)%(Directory)%(FileName).xml</XmlDocumentationFile> </SignedAssemblyTargets> </ItemGroup> @@ -109,15 +111,15 @@ </Target> <Target Name="ResignDelaySignedAssemblies" Outputs="@(ResignedAssembliesOutputs)"> - <ItemGroup> - <DelaySignedProjects Include=" - @(ProductProjects); - $(ProjectRoot)src\dotnetopenauth\dotnetopenauth.proj; - $(ProjectRoot)src\dotnetopenauth.test\dotnetopenauth.test.csproj; - $(ProjectRoot)samples\openidofflineprovider\openidofflineprovider.csproj; - " /> - </ItemGroup> - <MSBuild Projects="@(DelaySignedProjects)" Targets="Sign" BuildInParallel="$(BuildInParallel)"> + <MSBuild Projects="@(DelaySignedProjects)" Targets="Sign" BuildInParallel="$(BuildInParallel)" + Condition=" '%(DelaySignedProjects.TargetFrameworkVersion)' == '' or '%(DelaySignedProjects.TargetFrameworkVersion)' == '$(TargetFrameworkVersion)' "> + <Output TaskParameter="TargetOutputs" ItemName="ResignedAssembliesOutputs"/> + </MSBuild> + </Target> + + <Target Name="ResignShippingDelaySignedAssemblies" Outputs="@(ResignedAssembliesOutputs)"> + <MSBuild Projects="@(DelaySignedProjects)" Targets="Sign" BuildInParallel="$(BuildInParallel)" + Condition=" '%(DelaySignedProjects.Nonshipping)' != 'true' and ('%(DelaySignedProjects.TargetFrameworkVersion)' == '' or '%(DelaySignedProjects.TargetFrameworkVersion)' == '$(TargetFrameworkVersion)') "> <Output TaskParameter="TargetOutputs" ItemName="ResignedAssembliesOutputs"/> </MSBuild> </Target> diff --git a/tools/drop.proj b/tools/drop.proj index 6b00229..13b8f68 100644 --- a/tools/drop.proj +++ b/tools/drop.proj @@ -3,20 +3,61 @@ <Import Project="$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.props))\EnlistmentInfo.props" Condition=" '$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.props))' != '' " /> <Import Project="$(MSBuildProjectDirectory)\DotNetOpenAuth.automated.props"/> - <Target Name="Layout" DependsOnTargets="BuildUnifiedProduct;ReSignDelaySignedAssemblies"> + <Target Name="LayoutDependencies"> + <MSBuild Projects="$(ProjectRoot)src\$(ProductName)\$(ProductName).proj" + Properties="TargetFrameworkVersion=v3.5" + Targets="BuildUnifiedProduct" + BuildInParallel="$(BuildInParallel)" /> + <MSBuild Projects="$(ProjectRoot)src\$(ProductName)\$(ProductName).proj" + Properties="TargetFrameworkVersion=v4.0" + Targets="BuildUnifiedProduct" + BuildInParallel="$(BuildInParallel)" /> + <MSBuild Projects="$(ProjectRoot)src\$(ProductName)\$(ProductName).proj" + Properties="TargetFrameworkVersion=v4.5" + Targets="BuildUnifiedProduct" + BuildInParallel="$(BuildInParallel)" /> + <MSBuild Projects="@(DelaySignedProjects)" + Properties="TargetFrameworkVersion=v3.5" + Targets="Sign" + BuildInParallel="$(BuildInParallel)" + Condition=" '%(DelaySignedProjects.Nonshipping)' != 'true' and '%(DelaySignedProjects.TargetFrameworkVersion)' != 'v4.0' " /> + <MSBuild Projects="@(DelaySignedProjects)" + Properties="TargetFrameworkVersion=v4.0" + Targets="Sign" + BuildInParallel="$(BuildInParallel)" + Condition=" '%(DelaySignedProjects.Nonshipping)' != 'true' " /> + <MSBuild Projects="@(DelaySignedProjects)" + Properties="TargetFrameworkVersion=v4.5" + Targets="Sign" + BuildInParallel="$(BuildInParallel)" + Condition=" '%(DelaySignedProjects.Nonshipping)' != 'true' " /> + </Target> + + <Target Name="Layout" DependsOnTargets="LayoutDependencies"> <!-- Note that we use an MSBuild task for these dependencies rather than individual DependsOnTargets entries so that these builds can be executed in parallel. --> - <MSBuild BuildInParallel="$(BuildInParallel)" - Projects=" - $(ProjectRoot)samples\samples.proj; - $(ProjectRoot)vsi\vsi.proj; - $(ProjectRoot)vsix\vsix.proj; - $(ProjectRoot)doc\doc.proj; - "> + <ItemGroup> + <ProjectsToBuild Include=" + $(ProjectRoot)vsix\vsix.proj; + $(ProjectRoot)samples\samples.proj; + "> + <Properties>TargetFrameworkVersion=v4.0</Properties> + </ProjectsToBuild> + + <!-- Sandcastle doesn't seem to be able to handle .NET 4.0 dependencies right now. --> + <ProjectsToBuild Include="$(ProjectRoot)doc\doc.proj"> + <Properties>TargetFrameworkVersion=v3.5</Properties> + </ProjectsToBuild> + </ItemGroup> + <MSBuild Projects="@(ProjectsToBuild)" + Properties="%(ProjectsToBuild.Properties)" + BuildInParallel="$(BuildInParallel)"> <Output TaskParameter="TargetOutputs" ItemName="DropLayoutDependencies"/> </MSBuild> <PropertyGroup> - <DropBinDirectory>$(DropDirectory)Bin\</DropBinDirectory> + <DropBin35Directory>$(DropDirectory)Bin-net3.5\</DropBin35Directory> + <DropBin40Directory>$(DropDirectory)Bin-net4.0\</DropBin40Directory> + <DropBin45Directory>$(DropDirectory)Bin-net4.5\</DropBin45Directory> <DropLibDirectory>$(DropDirectory)Lib\</DropLibDirectory> <DropProjectTemplatesDirectory>$(DropDirectory)Project Templates\</DropProjectTemplatesDirectory> <DropSamplesDirectory>$(DropDirectory)Samples\</DropSamplesDirectory> @@ -30,7 +71,9 @@ <ProjectTemplatesVsi Include="@(DropLayoutDependencies)" Condition=" '%(DropLayoutDependencies.MSBuildSourceProjectFile)' == '$(ProjectRoot)vsi\vsi.proj' " /> <DropDirectories Include=" $(DropDirectory); - $(DropBinDirectory); + $(DropBin35Directory); + $(DropBin40Directory); + $(DropBin45Directory); $(DropLibDirectory); $(DropProjectTemplatesDirectory); $(DropSamplesDirectory); @@ -44,11 +87,27 @@ $(ProjectRoot)CONTRIB.txt; " Exclude="$(ProjectRoot)Doc\README.*.html;" /> - <DropBinSourceFiles Include=" - $(ILMergeOutputAssemblyDirectory)$(SignedSubPath)$(ProductName).dll; - $(ILMergeOutputAssemblyDirectory)$(ProductName).pdb; - $(ILMergeOutputAssemblyDirectory)$(ProductName).xml; - $(OutputPath)CodeContracts\$(SignedSubPath)$(ProductName).Contracts.???; + <DropBin35SourceFiles Include=" + $(ILMergeOutputAssembly35Directory)$(SignedSubPath)$(ProductName).dll; + $(ILMergeOutputAssembly35Directory)$(ProductName).pdb; + $(ILMergeOutputAssembly35Directory)$(ProductName).xml; + $(OutputPath35)CodeContracts\$(SignedSubPath)$(ProductName).Contracts.???; + $(ProjectRoot)Doc\README.Bin.html; + $(ProjectRoot)src\$(ProductName).Core\Configuration\$(ProductName).xsd; + " /> + <DropBin40SourceFiles Include=" + $(ILMergeOutputAssembly40Directory)$(SignedSubPath)$(ProductName).dll; + $(ILMergeOutputAssembly40Directory)$(ProductName).pdb; + $(ILMergeOutputAssembly40Directory)$(ProductName).xml; + $(OutputPath40)CodeContracts\$(SignedSubPath)$(ProductName).Contracts.???; + $(ProjectRoot)Doc\README.Bin.html; + $(ProjectRoot)src\$(ProductName).Core\Configuration\$(ProductName).xsd; + " /> + <DropBin45SourceFiles Include=" + $(ILMergeOutputAssembly45Directory)$(SignedSubPath)$(ProductName).dll; + $(ILMergeOutputAssembly45Directory)$(ProductName).pdb; + $(ILMergeOutputAssembly45Directory)$(ProductName).xml; + $(OutputPath45)CodeContracts\$(SignedSubPath)$(ProductName).Contracts.???; $(ProjectRoot)Doc\README.Bin.html; $(ProjectRoot)src\$(ProductName).Core\Configuration\$(ProductName).xsd; " /> @@ -92,7 +151,9 @@ <DropSpecsSourceFiles Include="$(ProjectRoot)Doc\specs\*.htm*" /> <DropFiles Include="@(DropSourceFiles->'$(DropDirectory)%(RecursiveDir)%(FileName)%(Extension)')"/> - <DropBinFiles Include="@(DropBinSourceFiles->'$(DropBinDirectory)%(RecursiveDir)%(FileName)%(Extension)')"/> + <DropBin35Files Include="@(DropBin35SourceFiles->'$(DropBin35Directory)%(RecursiveDir)%(FileName)%(Extension)')"/> + <DropBin40Files Include="@(DropBin40SourceFiles->'$(DropBin40Directory)%(RecursiveDir)%(FileName)%(Extension)')"/> + <DropBin45Files Include="@(DropBin45SourceFiles->'$(DropBin45Directory)%(RecursiveDir)%(FileName)%(Extension)')"/> <DropSatelliteFiles Include="@(DropSatelliteSourceFiles->'$(DropBinDirectory)%(CultureDir)%(FileName)%(Extension)')" /> <DropLibFiles Include="@(DropLibSourceFiles->'$(DropLibDirectory)%(RecursiveDir)%(FileName)%(Extension)')"/> <DropProjectTemplatesFiles Include="@(DropProjectTemplatesSourceFiles->'$(DropProjectTemplatesDirectory)%(FileName)%(Extension)')" /> @@ -104,7 +165,9 @@ <AllDropSources Include=" @(DropSourceFiles); - @(DropBinSourceFiles); + @(DropBin35SourceFiles); + @(DropBin40SourceFiles); + @(DropBin45SourceFiles); @(DropSatelliteSourceFiles); @(DropLibSourceFiles); @(DropProjectTemplatesSourceFiles); @@ -117,7 +180,9 @@ <AllDropTargets Include=" @(DropFiles); - @(DropBinFiles); + @(DropBin35Files); + @(DropBin40Files); + @(DropBin45Files); @(DropSatelliteFiles); @(DropLibFiles); @(DropProjectTemplatesFiles); @@ -152,8 +217,7 @@ <SampleSolutionTargets Include="$(DropSamplesDirectory)**\*.sln" /> </ItemGroup> <FixupShippingToolSamples Projects="@(DropSamplesToolsProjects)" - RemoveImportsStartingWith="%24(ProjectRoot)tools\" - AddReferences="Microsoft.Contracts"/> + RemoveImportsStartingWith="%24(ProjectRoot)tools\" /> <ChangeProjectReferenceToAssemblyReference Projects="@(SampleProjectTargets)" ProjectReferences="@(ProjectReferencesToRemove)" References="@(AssemblyReferencesToReplaceWith)" /> <RegexFileReplace diff --git a/tools/sandcastle.targets b/tools/sandcastle.targets index c7860b7..526ea46 100644 --- a/tools/sandcastle.targets +++ b/tools/sandcastle.targets @@ -39,6 +39,9 @@ <AssemblyFolders Include="$(ProgramFiles)\Reference Assemblies\Microsoft\Framework\v3.0\*.dll" Condition="$(NetfxVer)>2.0"/> <AssemblyFolders Include="$(WINDIR)\Microsoft.NET\Framework\v3.5\**\*.dll" Condition="$(NetfxVer)>3.0"/> <AssemblyFolders Include="$(ProgramFiles)\Reference Assemblies\Microsoft\Framework\v3.5\*.dll" Condition="$(NetfxVer)>3.0"/> + <AssemblyFolders Include="$(WINDIR)\Microsoft.NET\Framework\v4.0.30319\**\*.dll" Condition="$(NetfxVer)>3.5"/> + <AssemblyFolders Include="$(MSBuildProgramFiles32)\Reference Assemblies\Microsoft\Framework\.NETCore\v4.0\*.dll" Condition="$(NetfxVer)>3.5"/> + <AssemblyFolders Include="$(MSBuildProgramFiles32)\Reference Assemblies\Microsoft\Framework\.NETFramework\v4.0\*.dll" Condition="$(NetfxVer)>3.5"/> </ItemGroup> <Target Name="CleanDocumentation"> diff --git a/vsix/extension.vsixmanifest b/vsix/extension.vsixmanifest index d006c2e..fca91df 100644 --- a/vsix/extension.vsixmanifest +++ b/vsix/extension.vsixmanifest @@ -17,12 +17,16 @@ <Edition>Premium</Edition> <Edition>Ultimate</Edition> </VisualStudio> + <VisualStudio Version="11.0"> + <Edition>Pro</Edition> + <Edition>Premium</Edition> + <Edition>Ultimate</Edition> + </VisualStudio> </SupportedProducts> <SupportedFrameworkRuntimeEdition MinVersion="3.5" MaxVersion="4.5" /> </Identifier> <References /> <Content> <ProjectTemplate>PT</ProjectTemplate> - <!--<VsPackage>DotNetOpenAuthSDK.pkgdef</VsPackage>--> </Content> </Vsix> |