diff options
6 files changed, 8 insertions, 30 deletions
diff --git a/src/DotNetOpenAuth/OAuthWrap/ChannelElements/AccessToken.cs b/src/DotNetOpenAuth/OAuthWrap/ChannelElements/AccessToken.cs index e561beb..0fba167 100644 --- a/src/DotNetOpenAuth/OAuthWrap/ChannelElements/AccessToken.cs +++ b/src/DotNetOpenAuth/OAuthWrap/ChannelElements/AccessToken.cs @@ -17,7 +17,6 @@ namespace DotNetOpenAuth.OAuthWrap.ChannelElements { /// <summary> /// A short-lived token that accompanies HTTP requests to protected data to authorize the request. /// </summary> - [Serializable] internal class AccessToken : AuthorizationDataBag { /// <summary> /// Initializes a new instance of the <see cref="AccessToken"/> class. diff --git a/src/DotNetOpenAuth/OAuthWrap/ChannelElements/AuthorizationDataBag.cs b/src/DotNetOpenAuth/OAuthWrap/ChannelElements/AuthorizationDataBag.cs index a91537a..ef7e390 100644 --- a/src/DotNetOpenAuth/OAuthWrap/ChannelElements/AuthorizationDataBag.cs +++ b/src/DotNetOpenAuth/OAuthWrap/ChannelElements/AuthorizationDataBag.cs @@ -17,7 +17,6 @@ namespace DotNetOpenAuth.OAuthWrap.ChannelElements { /// <summary> /// A data bag that stores authorization data. /// </summary> - [Serializable] internal abstract class AuthorizationDataBag : DataBag, IAuthorizationDescription { /// <summary> /// Initializes a new instance of the <see cref="AuthorizationDataBag"/> class. diff --git a/src/DotNetOpenAuth/OAuthWrap/ChannelElements/DataBag.cs b/src/DotNetOpenAuth/OAuthWrap/ChannelElements/DataBag.cs index 2a2ae60..d9e4ab6 100644 --- a/src/DotNetOpenAuth/OAuthWrap/ChannelElements/DataBag.cs +++ b/src/DotNetOpenAuth/OAuthWrap/ChannelElements/DataBag.cs @@ -8,9 +8,7 @@ namespace DotNetOpenAuth.OAuthWrap.ChannelElements { using System; using System.Collections.Generic; using System.Diagnostics.Contracts; - using System.IO; using System.Linq; - using System.Runtime.Serialization.Formatters.Binary; using System.Security.Cryptography; using System.Security.Cryptography.X509Certificates; using System.Text; @@ -24,7 +22,6 @@ namespace DotNetOpenAuth.OAuthWrap.ChannelElements { /// A collection of message parts that will be serialized into a single string, /// to be set into a larger message. /// </summary> - [Serializable] internal abstract class DataBag : MessageBase { /// <summary> /// The message description cache to use for data bag types. @@ -39,61 +36,51 @@ namespace DotNetOpenAuth.OAuthWrap.ChannelElements { /// <summary> /// The symmetric secret used for signing/encryption of verification codes and refresh tokens. /// </summary> - [NonSerialized] private readonly byte[] symmetricSecret; /// <summary> /// The hashing algorithm to use while signing when using a symmetric secret. /// </summary> - [NonSerialized] private readonly HashAlgorithm symmetricHasher; /// <summary> /// The crypto to use for signing access tokens. /// </summary> - [NonSerialized] private readonly RSACryptoServiceProvider asymmetricSigning; /// <summary> /// The crypto to use for encrypting access tokens. /// </summary> - [NonSerialized] private readonly RSACryptoServiceProvider asymmetricEncrypting; /// <summary> /// The hashing algorithm to use for asymmetric signatures. /// </summary> - [NonSerialized] private readonly HashAlgorithm hasherForAsymmetricSigning; /// <summary> /// A value indicating whether the data in this instance will be protected against tampering. /// </summary> - [NonSerialized] private readonly bool signed; /// <summary> /// The nonce store to use to ensure that this instance is only decoded once. /// </summary> - [NonSerialized] private readonly INonceStore decodeOnceOnly; /// <summary> /// The maximum age of a token that can be decoded; useful only when <see cref="decodeOnceOnly"/> is <c>true</c>. /// </summary> - [NonSerialized] private readonly TimeSpan? maximumAge; /// <summary> /// A value indicating whether the data in this instance will be protected against eavesdropping. /// </summary> - [NonSerialized] private readonly bool encrypted; /// <summary> /// A value indicating whether the data in this instance will be GZip'd. /// </summary> - [NonSerialized] private readonly bool compressed; /// <summary> @@ -209,10 +196,10 @@ namespace DotNetOpenAuth.OAuthWrap.ChannelElements { this.Signature = this.CalculateSignature(); } - var memoryStream = new MemoryStream(); - var formatter = new BinaryFormatter(); - formatter.Serialize(memoryStream, this); - byte[] encoded = memoryStream.ToArray(); + var fields = MessageSerializer.Get(this.GetType()).Serialize(MessageDescriptions.GetAccessor(this)); + string value = MessagingUtilities.CreateQueryString(fields); + + byte[] encoded = Encoding.UTF8.GetBytes(value); if (this.compressed) { encoded = MessagingUtilities.Compress(encoded); @@ -244,12 +231,12 @@ namespace DotNetOpenAuth.OAuthWrap.ChannelElements { encoded = MessagingUtilities.Decompress(encoded); } - var dataStream = new MemoryStream(encoded); + value = Encoding.UTF8.GetString(encoded); // Deserialize into this newly created instance. - var formatter = new BinaryFormatter(); - var bag = (DataBag) formatter.Deserialize(dataStream); - // TODO: deserialize into THIS instance + var serializer = MessageSerializer.Get(this.GetType()); + var fields = MessageDescriptions.GetAccessor(this); + serializer.Deserialize(HttpUtility.ParseQueryString(value).ToDictionary(), fields); if (this.signed) { // Verify that the verification code was issued by this authorization server. diff --git a/src/DotNetOpenAuth/OAuthWrap/ChannelElements/RefreshToken.cs b/src/DotNetOpenAuth/OAuthWrap/ChannelElements/RefreshToken.cs index cd124d6..e95c5cc 100644 --- a/src/DotNetOpenAuth/OAuthWrap/ChannelElements/RefreshToken.cs +++ b/src/DotNetOpenAuth/OAuthWrap/ChannelElements/RefreshToken.cs @@ -16,7 +16,6 @@ namespace DotNetOpenAuth.OAuthWrap.ChannelElements { /// The refresh token issued to a client by an authorization server that allows the client /// to periodically obtain new short-lived access tokens. /// </summary> - [Serializable] internal class RefreshToken : AuthorizationDataBag { /// <summary> /// Initializes a new instance of the <see cref="RefreshToken"/> class. diff --git a/src/DotNetOpenAuth/OAuthWrap/ChannelElements/VerificationCode.cs b/src/DotNetOpenAuth/OAuthWrap/ChannelElements/VerificationCode.cs index fc2a97c..24fe3a6 100644 --- a/src/DotNetOpenAuth/OAuthWrap/ChannelElements/VerificationCode.cs +++ b/src/DotNetOpenAuth/OAuthWrap/ChannelElements/VerificationCode.cs @@ -16,12 +16,10 @@ namespace DotNetOpenAuth.OAuthWrap.ChannelElements { /// Represents the verification code created when a user approves authorization that /// allows the client to request an access/refresh token. /// </summary> - [Serializable] internal class VerificationCode : AuthorizationDataBag { /// <summary> /// The hash algorithm used on the callback URI. /// </summary> - [NonSerialized] private readonly HashAlgorithm hasher = new SHA256Managed(); /// <summary> diff --git a/src/DotNetOpenAuth/OAuthWrap/Messages/MessageBase.cs b/src/DotNetOpenAuth/OAuthWrap/Messages/MessageBase.cs index c9b5902..1a8094e 100644 --- a/src/DotNetOpenAuth/OAuthWrap/Messages/MessageBase.cs +++ b/src/DotNetOpenAuth/OAuthWrap/Messages/MessageBase.cs @@ -13,7 +13,6 @@ namespace DotNetOpenAuth.OAuthWrap.Messages { /// <summary> /// A common message base class for OAuth WRAP messages. /// </summary> - [Serializable] public class MessageBase : IDirectedProtocolMessage, IDirectResponseProtocolMessage { /// <summary> /// A dictionary to contain extra message data. @@ -23,19 +22,16 @@ namespace DotNetOpenAuth.OAuthWrap.Messages { /// <summary> /// The originating request. /// </summary> - [NonSerialized] private IDirectedProtocolMessage originatingRequest; /// <summary> /// The backing field for the <see cref="IMessage.Version"/> property. /// </summary> - [NonSerialized] private Version version; /// <summary> /// A value indicating whether this message is a direct or indirect message. /// </summary> - [NonSerialized] private MessageTransport messageTransport; /// <summary> |