diff options
20 files changed, 313 insertions, 107 deletions
diff --git a/src/DotNetOpenAuth.Test/App.config b/src/DotNetOpenAuth.Test/App.config new file mode 100644 index 0000000..68d05e5 --- /dev/null +++ b/src/DotNetOpenAuth.Test/App.config @@ -0,0 +1,42 @@ +<?xml version="1.0" encoding="utf-8" ?> +<configuration> + <configSections> + <section name="dotNetOpenAuth" type="DotNetOpenAuth.Configuration.DotNetOpenAuthSection, DotNetOpenAuth"/> + </configSections> + <dotNetOpenAuth> + <!-- The values here are carefully chosen to be somewhat weird so that tests can be + reasonably confident that if the values are the weird ones here that they did + indeed come from the config file and not from a programmatic default. --> + <messaging> + <untrustedWebRequest timeout="01:23:45" readWriteTimeout="01:23:56" maximumBytesToRead="500001" maximumRedirections="9"> + <whitelistHosts> + <add name="evilButTrusted"/> + </whitelistHosts> + <whitelistHostsRegex> + <add name=".+trusted.+"/> + </whitelistHostsRegex> + <blacklistHosts> + <add name="positivelyevil"/> + </blacklistHosts> + <blacklistHostsRegex> + <add name=".+veryevil.+"/> + </blacklistHostsRegex> + </untrustedWebRequest> + </messaging> + <openid maxAuthenticationTime="8:17"> + <relyingParty> + <!--<store type=""/>--> + <security minimumRequiredOpenIdVersion="V10" minimumHashBitLength="6" maximumHashBitLength="301" requireSsl="false"/> + </relyingParty> + <provider> + <!--<store type=""/>--> + <security protectDownlevelReplayAttacks="false" minimumHashBitLength="7" maximumHashBitLength="302"> + <associations> + <add type="HMAC-SHA1" lifetime="2.00:00:02" /> + <add type="HMAC-SHA256" lifetime="14.00:00:14" /> + </associations> + </security> + </provider> + </openid> + </dotNetOpenAuth> +</configuration>
\ No newline at end of file diff --git a/src/DotNetOpenAuth.Test/Configuration/SectionTests.cs b/src/DotNetOpenAuth.Test/Configuration/SectionTests.cs new file mode 100644 index 0000000..d2f6f04 --- /dev/null +++ b/src/DotNetOpenAuth.Test/Configuration/SectionTests.cs @@ -0,0 +1,62 @@ +//----------------------------------------------------------------------- +// <copyright file="SectionTests.cs" company="Andrew Arnott"> +// Copyright (c) Andrew Arnott. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- + +namespace DotNetOpenAuth.Test.Configuration { + using System; + using System.Linq; + using DotNetOpenAuth.Configuration; + using DotNetOpenAuth.OpenId; + using Microsoft.VisualStudio.TestTools.UnitTesting; + + [TestClass] + public class SectionTests { + [TestMethod] + public void UntrustedWebRequest() { + var uwr = DotNetOpenAuthSection.Configuration.Messaging.UntrustedWebRequest; + + Assert.AreEqual(TimeSpan.Parse("01:23:45"), uwr.Timeout); + Assert.AreEqual(TimeSpan.Parse("01:23:56"), uwr.ReadWriteTimeout); + Assert.AreEqual(500001, uwr.MaximumBytesToRead); + Assert.AreEqual(9, uwr.MaximumRedirections); + + // Verify whitelists and blacklists + Assert.AreEqual("positivelyevil", uwr.BlacklistHosts.KeysAsStrings.Single()); + Assert.AreEqual(".+veryevil.+", uwr.BlacklistHostsRegex.KeysAsStrings.Single()); + Assert.AreEqual("evilButTrusted", uwr.WhitelistHosts.KeysAsStrings.Single()); + Assert.AreEqual(".+trusted.+", uwr.WhitelistHostsRegex.KeysAsStrings.Single()); + } + + [TestMethod] + public void OpenIdMaxAuthenticationTime() { + Assert.AreEqual(TimeSpan.Parse("8:17"), DotNetOpenAuthSection.Configuration.OpenId.MaxAuthenticationTime); + } + + [TestMethod] + public void OpenIdRelyingParty() { + var rp = DotNetOpenAuthSection.Configuration.OpenId.RelyingParty; + Assert.IsNull(rp.ApplicationStore.CustomType); + + Assert.AreEqual(ProtocolVersion.V10, rp.SecuritySettings.MinimumRequiredOpenIdVersion); + Assert.AreEqual(6, rp.SecuritySettings.MinimumHashBitLength); + Assert.AreEqual(301, rp.SecuritySettings.MaximumHashBitLength); + Assert.IsFalse(rp.SecuritySettings.RequireSsl); + } + + [TestMethod] + public void OpenIdProvider() { + var op = DotNetOpenAuthSection.Configuration.OpenId.Provider; + Assert.IsNull(op.ApplicationStore.CustomType); + + Assert.IsFalse(op.SecuritySettings.ProtectDownlevelReplayAttacks); + Assert.AreEqual(7, op.SecuritySettings.MinimumHashBitLength); + Assert.AreEqual(302, op.SecuritySettings.MaximumHashBitLength); + + Assert.AreEqual(2, op.SecuritySettings.AssociationLifetimes.Count); + Assert.AreEqual(TimeSpan.Parse("2.00:00:02"), op.SecuritySettings.AssociationLifetimes.Single(a => a.AssociationType == "HMAC-SHA1").MaximumLifetime); + Assert.AreEqual(TimeSpan.Parse("14.00:00:14"), op.SecuritySettings.AssociationLifetimes.Single(a => a.AssociationType == "HMAC-SHA256").MaximumLifetime); + } + } +} diff --git a/src/DotNetOpenAuth.Test/DotNetOpenAuth.Test.csproj b/src/DotNetOpenAuth.Test/DotNetOpenAuth.Test.csproj index 75aec44..67324e6 100644 --- a/src/DotNetOpenAuth.Test/DotNetOpenAuth.Test.csproj +++ b/src/DotNetOpenAuth.Test/DotNetOpenAuth.Test.csproj @@ -59,6 +59,7 @@ </Reference> </ItemGroup> <ItemGroup> + <Compile Include="Configuration\SectionTests.cs" /> <Compile Include="CoordinatorBase.cs" /> <Compile Include="Hosting\AspNetHost.cs" /> <Compile Include="Hosting\HttpHost.cs" /> @@ -192,6 +193,9 @@ <ItemGroup> <EmbeddedResource Include="OpenId\dhpriv.txt" /> </ItemGroup> + <ItemGroup> + <None Include="App.config" /> + </ItemGroup> <Import Project="$(MSBuildBinPath)\Microsoft.CSharp.targets" /> <Import Project="..\..\tools\DotNetOpenAuth.Versioning.targets" /> </Project>
\ No newline at end of file diff --git a/src/DotNetOpenAuth.Test/Messaging/CollectionAssert.cs b/src/DotNetOpenAuth.Test/Messaging/CollectionAssert.cs index c3273e8..f9e569a 100644 --- a/src/DotNetOpenAuth.Test/Messaging/CollectionAssert.cs +++ b/src/DotNetOpenAuth.Test/Messaging/CollectionAssert.cs @@ -7,20 +7,36 @@ namespace DotNetOpenAuth.Test.Messaging { using System.Collections; using System.Collections.Generic; + using System.Linq; + using DotNetOpenAuth.Messaging; using Microsoft.VisualStudio.TestTools.UnitTesting; internal class CollectionAssert<T> { internal static void AreEquivalent(ICollection<T> expected, ICollection<T> actual) { + ErrorUtilities.VerifyArgumentNotNull(expected, "expected"); + ErrorUtilities.VerifyArgumentNotNull(actual, "actual"); + ICollection expectedNonGeneric = new List<T>(expected); ICollection actualNonGeneric = new List<T>(actual); CollectionAssert.AreEquivalent(expectedNonGeneric, actualNonGeneric); } internal static void AreEquivalentByEquality(ICollection<T> expected, ICollection<T> actual) { + ErrorUtilities.VerifyArgumentNotNull(expected, "expected"); + ErrorUtilities.VerifyArgumentNotNull(actual, "actual"); + Assert.AreEqual(expected.Count, actual.Count); foreach (T value in expected) { Assert.IsTrue(actual.Contains(value)); } } + + internal static void Contains(IEnumerable<T> sequence, T element) { + ErrorUtilities.VerifyArgumentNotNull(sequence, "sequence"); + + if (!sequence.Contains(element)) { + Assert.Fail("Sequence did not include expected element '{0}'.", element); + } + } } } diff --git a/src/DotNetOpenAuth.Test/OpenId/OpenIdTestBase.cs b/src/DotNetOpenAuth.Test/OpenId/OpenIdTestBase.cs index 9d15215..273b150 100644 --- a/src/DotNetOpenAuth.Test/OpenId/OpenIdTestBase.cs +++ b/src/DotNetOpenAuth.Test/OpenId/OpenIdTestBase.cs @@ -32,8 +32,8 @@ namespace DotNetOpenAuth.Test.OpenId { public override void SetUp() { base.SetUp(); - this.RelyingPartySecuritySettings = RelyingPartySection.Configuration.SecuritySettings.CreateSecuritySettings(); - this.ProviderSecuritySettings = ProviderSection.Configuration.SecuritySettings.CreateSecuritySettings(); + this.RelyingPartySecuritySettings = DotNetOpenAuthSection.Configuration.OpenId.RelyingParty.SecuritySettings.CreateSecuritySettings(); + this.ProviderSecuritySettings = DotNetOpenAuthSection.Configuration.OpenId.Provider.SecuritySettings.CreateSecuritySettings(); this.MockResponder = MockHttpRequest.CreateUntrustedMockHttpHandler(); this.RequestHandler = this.MockResponder.MockWebRequestHandler; diff --git a/src/DotNetOpenAuth/Configuration/AssociationTypeCollection.cs b/src/DotNetOpenAuth/Configuration/AssociationTypeCollection.cs index 454168c..c75ceb6 100644 --- a/src/DotNetOpenAuth/Configuration/AssociationTypeCollection.cs +++ b/src/DotNetOpenAuth/Configuration/AssociationTypeCollection.cs @@ -5,11 +5,8 @@ //----------------------------------------------------------------------- namespace DotNetOpenAuth.Configuration { - using System; using System.Collections.Generic; using System.Configuration; - using System.Linq; - using System.Text; /// <summary> /// Describes a collection of association type sub-elements in a .config file. @@ -30,7 +27,9 @@ namespace DotNetOpenAuth.Configuration { /// A <see cref="T:System.Collections.Generic.IEnumerator`1"/> that can be used to iterate through the collection. /// </returns> public new IEnumerator<AssociationTypeElement> GetEnumerator() { - return this.Cast<AssociationTypeElement>().GetEnumerator(); + for (int i = 0; i < Count; i++) { + yield return (AssociationTypeElement)BaseGet(i); + } } #endregion diff --git a/src/DotNetOpenAuth/Configuration/DotNetOpenAuthSection.cs b/src/DotNetOpenAuth/Configuration/DotNetOpenAuthSection.cs new file mode 100644 index 0000000..68b663c --- /dev/null +++ b/src/DotNetOpenAuth/Configuration/DotNetOpenAuthSection.cs @@ -0,0 +1,62 @@ +//----------------------------------------------------------------------- +// <copyright file="DotNetOpenAuthSection.cs" company="Andrew Arnott"> +// Copyright (c) Andrew Arnott. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- + +namespace DotNetOpenAuth.Configuration { + using System.Configuration; + + /// <summary> + /// Represents the section in the host's .config file that configures + /// this library's settings. + /// </summary> + internal class DotNetOpenAuthSection : ConfigurationSection { + /// <summary> + /// The name of the section under which this library's settings must be found. + /// </summary> + private const string SectionName = "dotNetOpenAuth"; + + /// <summary> + /// The name of the <messaging> sub-element. + /// </summary> + private const string MessagingElementName = "messaging"; + + /// <summary> + /// The name of the <openid> sub-element. + /// </summary> + private const string OpenIdElementName = "openid"; + + /// <summary> + /// Initializes a new instance of the <see cref="DotNetOpenAuthSection"/> class. + /// </summary> + internal DotNetOpenAuthSection() { + SectionInformation.AllowLocation = false; + } + + /// <summary> + /// Gets the configuration section from the .config file. + /// </summary> + internal static DotNetOpenAuthSection Configuration { + get { return (DotNetOpenAuthSection)ConfigurationManager.GetSection(SectionName); } + } + + /// <summary> + /// Gets or sets the configuration for the messaging framework. + /// </summary> + [ConfigurationProperty(MessagingElementName)] + internal MessagingElement Messaging { + get { return (MessagingElement)this[MessagingElementName] ?? new MessagingElement(); } + set { this[MessagingElementName] = value; } + } + + /// <summary> + /// Gets or sets the configuration for OpenID. + /// </summary> + [ConfigurationProperty(OpenIdElementName)] + internal OpenIdElement OpenId { + get { return (OpenIdElement)this[OpenIdElementName] ?? new OpenIdElement(); } + set { this[OpenIdElementName] = value; } + } + } +} diff --git a/src/DotNetOpenAuth/Configuration/MessagingElement.cs b/src/DotNetOpenAuth/Configuration/MessagingElement.cs new file mode 100644 index 0000000..43aadfc --- /dev/null +++ b/src/DotNetOpenAuth/Configuration/MessagingElement.cs @@ -0,0 +1,30 @@ +//----------------------------------------------------------------------- +// <copyright file="MessagingElement.cs" company="Andrew Arnott"> +// Copyright (c) Andrew Arnott. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- + +namespace DotNetOpenAuth.Configuration { + using System.Configuration; + using DotNetOpenAuth.Messaging; + + /// <summary> + /// Represents the <messaging> element in the host's .config file. + /// </summary> + internal class MessagingElement : ConfigurationElement { + /// <summary> + /// The name of the <untrustedWebRequest> sub-element. + /// </summary> + private const string UntrustedWebRequestElementName = "untrustedWebRequest"; + + /// <summary> + /// Gets or sets the configuration for the <see cref="UntrustedWebRequestHandler"/> class. + /// </summary> + /// <value>The untrusted web request.</value> + [ConfigurationProperty(UntrustedWebRequestElementName)] + internal UntrustedWebRequestElement UntrustedWebRequest { + get { return (UntrustedWebRequestElement)this[UntrustedWebRequestElementName] ?? new UntrustedWebRequestElement(); } + set { this[UntrustedWebRequestElementName] = value; } + } + } +} diff --git a/src/DotNetOpenAuth/Configuration/OpenIdElement.cs b/src/DotNetOpenAuth/Configuration/OpenIdElement.cs new file mode 100644 index 0000000..bdc6ca3 --- /dev/null +++ b/src/DotNetOpenAuth/Configuration/OpenIdElement.cs @@ -0,0 +1,63 @@ +//----------------------------------------------------------------------- +// <copyright file="OpenIdElement.cs" company="Andrew Arnott"> +// Copyright (c) Andrew Arnott. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- + +namespace DotNetOpenAuth.Configuration { + using System; + using System.Configuration; + + /// <summary> + /// Represents the <openid> element in the host's .config file. + /// </summary> + internal class OpenIdElement : ConfigurationElement { + /// <summary> + /// Gets the name of the <relyingParty> sub-element. + /// </summary> + private const string RelyingPartyElementName = "relyingParty"; + + /// <summary> + /// Gets the name of the <provider> sub-element. + /// </summary> + private const string ProviderElementName = "provider"; + + /// <summary> + /// Gets the name of the @maxAuthenticationTime attribute. + /// </summary> + private const string MaxAuthenticationTimePropertyName = "maxAuthenticationTime"; + + /// <summary> + /// Gets or sets the maximum time a user can take to complete authentication. + /// </summary> + /// <remarks> + /// This time limit allows the library to decide how long to cache certain values + /// necessary to complete authentication. The lower the time, the less demand on + /// the server. But too short a time can frustrate the user. + /// </remarks> + [ConfigurationProperty(MaxAuthenticationTimePropertyName, DefaultValue = "5:00")] + [PositiveTimeSpanValidator] + internal TimeSpan MaxAuthenticationTime { + get { return (TimeSpan)this[MaxAuthenticationTimePropertyName]; } + set { this[MaxAuthenticationTimePropertyName] = value; } + } + + /// <summary> + /// Gets or sets the configuration specific for Relying Parties. + /// </summary> + [ConfigurationProperty(RelyingPartyElementName)] + internal OpenIdRelyingPartyElement RelyingParty { + get { return (OpenIdRelyingPartyElement)this[RelyingPartyElementName] ?? new OpenIdRelyingPartyElement(); } + set { this[RelyingPartyElementName] = value; } + } + + /// <summary> + /// Gets or sets the configuration specific for Providers. + /// </summary> + [ConfigurationProperty(ProviderElementName)] + internal OpenIdProviderElement Provider { + get { return (OpenIdProviderElement)this[ProviderElementName] ?? new OpenIdProviderElement(); } + set { this[ProviderElementName] = value; } + } + } +} diff --git a/src/DotNetOpenAuth/Configuration/ProviderSection.cs b/src/DotNetOpenAuth/Configuration/OpenIdProviderElement.cs index 12b88ac..5b51907 100644 --- a/src/DotNetOpenAuth/Configuration/ProviderSection.cs +++ b/src/DotNetOpenAuth/Configuration/OpenIdProviderElement.cs @@ -1,5 +1,5 @@ //----------------------------------------------------------------------- -// <copyright file="ProviderSection.cs" company="Andrew Arnott"> +// <copyright file="OpenIdProviderElement.cs" company="Andrew Arnott"> // Copyright (c) Andrew Arnott. All rights reserved. // </copyright> //----------------------------------------------------------------------- @@ -11,12 +11,7 @@ namespace DotNetOpenAuth.Configuration { /// <summary> /// The section in the .config file that allows customization of OpenID Provider behaviors. /// </summary> - internal class ProviderSection : ConfigurationSection { - /// <summary> - /// The path to the section in a .config file where these settings can be given. - /// </summary> - private const string SectionName = "dotNetOpenAuth/openid/provider"; - + internal class OpenIdProviderElement : ConfigurationElement { /// <summary> /// The name of the security sub-element. /// </summary> @@ -28,9 +23,9 @@ namespace DotNetOpenAuth.Configuration { private const string StoreConfigName = "store"; /// <summary> - /// Initializes a new instance of the <see cref="ProviderSection"/> class. + /// Initializes a new instance of the <see cref="OpenIdProviderElement"/> class. /// </summary> - public ProviderSection() { + public OpenIdProviderElement() { } /// <summary> @@ -50,12 +45,5 @@ namespace DotNetOpenAuth.Configuration { get { return (TypeConfigurationElement<IProviderApplicationStore>)this[StoreConfigName] ?? new TypeConfigurationElement<IProviderApplicationStore>(); } set { this[StoreConfigName] = value; } } - - /// <summary> - /// Gets the configuration element from the .config file. - /// </summary> - internal static ProviderSection Configuration { - get { return (ProviderSection)ConfigurationManager.GetSection(SectionName) ?? new ProviderSection(); } - } } } diff --git a/src/DotNetOpenAuth/Configuration/RelyingPartySection.cs b/src/DotNetOpenAuth/Configuration/OpenIdRelyingPartyElement.cs index 69b2af4..cb20c19 100644 --- a/src/DotNetOpenAuth/Configuration/RelyingPartySection.cs +++ b/src/DotNetOpenAuth/Configuration/OpenIdRelyingPartyElement.cs @@ -1,5 +1,5 @@ //----------------------------------------------------------------------- -// <copyright file="RelyingPartySection.cs" company="Andrew Arnott"> +// <copyright file="OpenIdRelyingPartyElement.cs" company="Andrew Arnott"> // Copyright (c) Andrew Arnott. All rights reserved. // </copyright> //----------------------------------------------------------------------- @@ -11,12 +11,7 @@ namespace DotNetOpenAuth.Configuration { /// <summary> /// The section in the .config file that allows customization of OpenID Relying Party behaviors. /// </summary> - internal class RelyingPartySection : ConfigurationSection { - /// <summary> - /// The path to the section in a .config file where these settings can be given. - /// </summary> - private const string SectionName = "dotNetOpenAuth/openid/relyingParty"; - + internal class OpenIdRelyingPartyElement : ConfigurationElement { /// <summary> /// The name of the custom store sub-element. /// </summary> @@ -28,9 +23,9 @@ namespace DotNetOpenAuth.Configuration { private const string SecuritySettingsConfigName = "security"; /// <summary> - /// Initializes a new instance of the <see cref="RelyingPartySection"/> class. + /// Initializes a new instance of the <see cref="OpenIdRelyingPartyElement"/> class. /// </summary> - public RelyingPartySection() { + public OpenIdRelyingPartyElement() { } /// <summary> @@ -50,12 +45,5 @@ namespace DotNetOpenAuth.Configuration { get { return (TypeConfigurationElement<IRelyingPartyApplicationStore>)this[StoreConfigName] ?? new TypeConfigurationElement<IRelyingPartyApplicationStore>(); } set { this[StoreConfigName] = value; } } - - /// <summary> - /// Gets the configuration element from the .config file. - /// </summary> - internal static RelyingPartySection Configuration { - get { return (RelyingPartySection)ConfigurationManager.GetSection(SectionName) ?? new RelyingPartySection(); } - } } } diff --git a/src/DotNetOpenAuth/Configuration/UntrustedWebRequestSection.cs b/src/DotNetOpenAuth/Configuration/UntrustedWebRequestElement.cs index f819f11..461b8a8 100644 --- a/src/DotNetOpenAuth/Configuration/UntrustedWebRequestSection.cs +++ b/src/DotNetOpenAuth/Configuration/UntrustedWebRequestElement.cs @@ -1,5 +1,5 @@ //----------------------------------------------------------------------- -// <copyright file="UntrustedWebRequestSection.cs" company="Andrew Arnott"> +// <copyright file="UntrustedWebRequestElement.cs" company="Andrew Arnott"> // Copyright (c) Andrew Arnott. All rights reserved. // </copyright> //----------------------------------------------------------------------- @@ -12,12 +12,7 @@ namespace DotNetOpenAuth.Configuration { /// Represents the section of a .config file where security policies regarding web requests /// to user-provided, untrusted servers is controlled. /// </summary> - internal class UntrustedWebRequestSection : ConfigurationSection { - /// <summary> - /// The path to the section in a .config file where these settings can be given. - /// </summary> - private const string SectionName = "dotNetOpenAuth/messaging/untrustedWebRequest"; - + internal class UntrustedWebRequestElement : ConfigurationElement { #region Attribute names /// <summary> @@ -63,13 +58,6 @@ namespace DotNetOpenAuth.Configuration { #endregion /// <summary> - /// Initializes a new instance of the <see cref="UntrustedWebRequestSection"/> class. - /// </summary> - public UntrustedWebRequestSection() { - SectionInformation.AllowLocation = false; - } - - /// <summary> /// Gets or sets the read/write timeout after which an HTTP request will fail. /// </summary> [ConfigurationProperty(ReadWriteTimeoutConfigName, DefaultValue = "00:00:00.800")] @@ -148,12 +136,5 @@ namespace DotNetOpenAuth.Configuration { get { return (HostNameOrRegexCollection)this[BlacklistHostsRegexConfigName] ?? new HostNameOrRegexCollection(); } set { this[BlacklistHostsRegexConfigName] = value; } } - - /// <summary> - /// Gets the configuration element from the .config file. - /// </summary> - internal static UntrustedWebRequestSection Configuration { - get { return (UntrustedWebRequestSection)ConfigurationManager.GetSection(SectionName) ?? new UntrustedWebRequestSection(); } - } } } diff --git a/src/DotNetOpenAuth/DotNetOpenAuth.csproj b/src/DotNetOpenAuth/DotNetOpenAuth.csproj index fcb9226..43a527e 100644 --- a/src/DotNetOpenAuth/DotNetOpenAuth.csproj +++ b/src/DotNetOpenAuth/DotNetOpenAuth.csproj @@ -66,12 +66,15 @@ <ItemGroup> <Compile Include="Configuration\AssociationTypeCollection.cs" /> <Compile Include="Configuration\AssociationTypeElement.cs" /> - <Compile Include="Configuration\ProviderSection.cs" /> + <Compile Include="Configuration\DotNetOpenAuthSection.cs" /> + <Compile Include="Configuration\MessagingElement.cs" /> + <Compile Include="Configuration\OpenIdElement.cs" /> + <Compile Include="Configuration\OpenIdProviderElement.cs" /> <Compile Include="Configuration\ProviderSecuritySettingsElement.cs" /> - <Compile Include="Configuration\RelyingPartySection.cs" /> + <Compile Include="Configuration\OpenIdRelyingPartyElement.cs" /> <Compile Include="Configuration\RelyingPartySecuritySettingsElement.cs" /> <Compile Include="Configuration\TypeConfigurationElement.cs" /> - <Compile Include="Configuration\UntrustedWebRequestSection.cs" /> + <Compile Include="Configuration\UntrustedWebRequestElement.cs" /> <Compile Include="Configuration\HostNameOrRegexCollection.cs" /> <Compile Include="Configuration\HostNameElement.cs" /> <Compile Include="Messaging\CachedDirectWebResponse.cs" /> @@ -179,7 +182,6 @@ <Compile Include="OpenId\ChannelElements\OpenIdChannel.cs" /> <Compile Include="OpenId\ChannelElements\OpenIdMessageFactory.cs" /> <Compile Include="OpenId\ChannelElements\ReturnToSignatureBindingElement.cs" /> - <Compile Include="OpenId\Configuration.cs" /> <Compile Include="OpenId\Extensions\AliasManager.cs" /> <Compile Include="OpenId\Extensions\ExtensionBase.cs" /> <Compile Include="OpenId\Extensions\ExtensionArgumentsManager.cs" /> diff --git a/src/DotNetOpenAuth/Messaging/UntrustedWebRequestHandler.cs b/src/DotNetOpenAuth/Messaging/UntrustedWebRequestHandler.cs index bc2b34a..f2a72a3 100644 --- a/src/DotNetOpenAuth/Messaging/UntrustedWebRequestHandler.cs +++ b/src/DotNetOpenAuth/Messaging/UntrustedWebRequestHandler.cs @@ -175,8 +175,8 @@ namespace DotNetOpenAuth.Messaging { /// <summary> /// Gets the configuration for this class that is specified in the host's .config file. /// </summary> - private static UntrustedWebRequestSection Configuration { - get { return UntrustedWebRequestSection.Configuration; } + private static UntrustedWebRequestElement Configuration { + get { return DotNetOpenAuthSection.Configuration.Messaging.UntrustedWebRequest; } } #region IDirectSslWebRequestHandler Members diff --git a/src/DotNetOpenAuth/OpenId/Association.cs b/src/DotNetOpenAuth/OpenId/Association.cs index 29183da..de25c88 100644 --- a/src/DotNetOpenAuth/OpenId/Association.cs +++ b/src/DotNetOpenAuth/OpenId/Association.cs @@ -16,6 +16,7 @@ namespace DotNetOpenAuth.OpenId { using DotNetOpenAuth.Messaging; using DotNetOpenAuth.OpenId.ChannelElements; using DotNetOpenAuth.OpenId.Messages; + using DotNetOpenAuth.Configuration; /// <summary> /// Stores a secret used in signing and verifying messages. @@ -96,7 +97,7 @@ namespace DotNetOpenAuth.OpenId { /// Gets the duration a secret key used for signing dumb client requests will be good for. /// </summary> protected static TimeSpan DumbSecretLifetime { - get { return Configuration.MaximumUserAgentAuthenticationTime; } + get { return DotNetOpenAuthSection.Configuration.OpenId.MaxAuthenticationTime; } } /// <summary> @@ -111,7 +112,7 @@ namespace DotNetOpenAuth.OpenId { /// Associations that are not likely to last the duration of a user login are not worth using at all. /// </remarks> private static TimeSpan MinimumUsefulAssociationLifetime { - get { return Configuration.MaximumUserAgentAuthenticationTime; } + get { return DotNetOpenAuthSection.Configuration.OpenId.MaxAuthenticationTime; } } /// <summary> diff --git a/src/DotNetOpenAuth/OpenId/Configuration.cs b/src/DotNetOpenAuth/OpenId/Configuration.cs deleted file mode 100644 index b3cbb35..0000000 --- a/src/DotNetOpenAuth/OpenId/Configuration.cs +++ /dev/null @@ -1,34 +0,0 @@ -//----------------------------------------------------------------------- -// <copyright file="Configuration.cs" company="Andrew Arnott"> -// Copyright (c) Andrew Arnott. All rights reserved. -// </copyright> -//----------------------------------------------------------------------- - -namespace DotNetOpenAuth.OpenId { - using System; - using System.Collections.Generic; - using System.Linq; - using System.Text; - - /// <summary> - /// A set of adjustable properties that control various aspects of OpenID behavior. - /// </summary> - internal static class Configuration { - /// <summary> - /// Initializes static members of the <see cref="Configuration"/> class. - /// </summary> - static Configuration() { - MaximumUserAgentAuthenticationTime = TimeSpan.FromMinutes(5); - } - - /// <summary> - /// Gets the maximum time a user can be allowed to take to complete authentication. - /// </summary> - /// <remarks> - /// This is used to calculate the length of time that nonces are stored. - /// This is internal until we can decide whether to leave this static, or make - /// it an instance member, or put it inside the IConsumerApplicationStore interface. - /// </remarks> - internal static TimeSpan MaximumUserAgentAuthenticationTime { get; private set; } - } -} diff --git a/src/DotNetOpenAuth/OpenId/Provider/OpenIdProvider.cs b/src/DotNetOpenAuth/OpenId/Provider/OpenIdProvider.cs index 694d986..2ebf6d2 100644 --- a/src/DotNetOpenAuth/OpenId/Provider/OpenIdProvider.cs +++ b/src/DotNetOpenAuth/OpenId/Provider/OpenIdProvider.cs @@ -33,7 +33,7 @@ namespace DotNetOpenAuth.OpenId.Provider { /// Initializes a new instance of the <see cref="OpenIdProvider"/> class. /// </summary> public OpenIdProvider() - : this(DotNetOpenAuth.Configuration.ProviderSection.Configuration.ApplicationStore.CreateInstance(HttpApplicationStore)) { + : this(DotNetOpenAuthSection.Configuration.OpenId.Provider.ApplicationStore.CreateInstance(HttpApplicationStore)) { } /// <summary> @@ -54,7 +54,7 @@ namespace DotNetOpenAuth.OpenId.Provider { ErrorUtilities.VerifyArgumentNotNull(nonceStore, "nonceStore"); this.AssociationStore = associationStore; - this.SecuritySettings = ProviderSection.Configuration.SecuritySettings.CreateSecuritySettings(); + this.SecuritySettings = DotNetOpenAuthSection.Configuration.OpenId.Provider.SecuritySettings.CreateSecuritySettings(); this.Channel = new OpenIdChannel(this.AssociationStore, nonceStore, this.SecuritySettings); } diff --git a/src/DotNetOpenAuth/OpenId/Provider/StandardProviderApplicationStore.cs b/src/DotNetOpenAuth/OpenId/Provider/StandardProviderApplicationStore.cs index ac3eaeb..1763782 100644 --- a/src/DotNetOpenAuth/OpenId/Provider/StandardProviderApplicationStore.cs +++ b/src/DotNetOpenAuth/OpenId/Provider/StandardProviderApplicationStore.cs @@ -10,6 +10,7 @@ namespace DotNetOpenAuth.OpenId.Provider { using System.Linq; using System.Text; using DotNetOpenAuth.Messaging.Bindings; + using DotNetOpenAuth.Configuration; /// <summary> /// An in-memory store for Providers, suitable for single server, single process @@ -38,7 +39,7 @@ namespace DotNetOpenAuth.OpenId.Provider { /// Initializes a new instance of the <see cref="StandardProviderApplicationStore"/> class. /// </summary> public StandardProviderApplicationStore() { - this.nonceStore = new NonceMemoryStore(Configuration.MaximumUserAgentAuthenticationTime); + this.nonceStore = new NonceMemoryStore(DotNetOpenAuthSection.Configuration.OpenId.MaxAuthenticationTime); this.associationStore = new AssociationMemoryStore<AssociationRelyingPartyType>(); } diff --git a/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdRelyingParty.cs b/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdRelyingParty.cs index 351090f..0c29301 100644 --- a/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdRelyingParty.cs +++ b/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdRelyingParty.cs @@ -52,7 +52,7 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { /// Initializes a new instance of the <see cref="OpenIdRelyingParty"/> class. /// </summary> public OpenIdRelyingParty() - : this(DotNetOpenAuth.Configuration.RelyingPartySection.Configuration.ApplicationStore.CreateInstance(HttpApplicationStore)) { + : this(DotNetOpenAuthSection.Configuration.OpenId.RelyingParty.ApplicationStore.CreateInstance(HttpApplicationStore)) { } /// <summary> @@ -76,7 +76,7 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { ErrorUtilities.VerifyArgument(associationStore == null || nonceStore != null, OpenIdStrings.AssociationStoreRequiresNonceStore); this.AssociationStore = associationStore; - this.SecuritySettings = RelyingPartySection.Configuration.SecuritySettings.CreateSecuritySettings(); + this.SecuritySettings = DotNetOpenAuthSection.Configuration.OpenId.RelyingParty.SecuritySettings.CreateSecuritySettings(); // Without a nonce store, we must rely on the Provider to protect against // replay attacks. But only 2.0+ Providers can be expected to provide diff --git a/src/DotNetOpenAuth/OpenId/RelyingParty/StandardRelyingPartyApplicationStore.cs b/src/DotNetOpenAuth/OpenId/RelyingParty/StandardRelyingPartyApplicationStore.cs index 542b5e1..682568c 100644 --- a/src/DotNetOpenAuth/OpenId/RelyingParty/StandardRelyingPartyApplicationStore.cs +++ b/src/DotNetOpenAuth/OpenId/RelyingParty/StandardRelyingPartyApplicationStore.cs @@ -11,6 +11,7 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { using System.Text; using DotNetOpenAuth.Messaging.Bindings; using DotNetOpenAuth.OpenId.ChannelElements; + using DotNetOpenAuth.Configuration; /// <summary> /// An in-memory store for Relying Parties, suitable for single server, single process @@ -36,7 +37,7 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { /// Initializes a new instance of the <see cref="StandardRelyingPartyApplicationStore"/> class. /// </summary> internal StandardRelyingPartyApplicationStore() { - this.nonceStore = new NonceMemoryStore(Configuration.MaximumUserAgentAuthenticationTime); + this.nonceStore = new NonceMemoryStore(DotNetOpenAuthSection.Configuration.OpenId.MaxAuthenticationTime); this.associationStore = new AssociationMemoryStore<Uri>(); this.privateSecretStore = new PrivateSecretMemoryStore(); } |