summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--src/DotNetOpenAuth/OpenId/ChannelElements/OpenIdChannel.cs5
-rw-r--r--src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdRelyingParty.cs13
2 files changed, 11 insertions, 7 deletions
diff --git a/src/DotNetOpenAuth/OpenId/ChannelElements/OpenIdChannel.cs b/src/DotNetOpenAuth/OpenId/ChannelElements/OpenIdChannel.cs
index 9d3d778..b71d644 100644
--- a/src/DotNetOpenAuth/OpenId/ChannelElements/OpenIdChannel.cs
+++ b/src/DotNetOpenAuth/OpenId/ChannelElements/OpenIdChannel.cs
@@ -103,6 +103,11 @@ namespace DotNetOpenAuth.OpenId.ChannelElements {
}
CustomizeBindingElementOrder(outgoingBindingElements, incomingBindingElements);
+
+ // Change out the standard web request handler to reflect the standard
+ // OpenID pattern that outgoing web requests are to unknown and untrusted
+ // servers on the Internet.
+ this.WebRequestHandler = new UntrustedWebRequestHandler();
}
/// <summary>
diff --git a/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdRelyingParty.cs b/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdRelyingParty.cs
index ed9a7ca..d377938 100644
--- a/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdRelyingParty.cs
+++ b/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdRelyingParty.cs
@@ -17,11 +17,6 @@ namespace DotNetOpenAuth.OpenId.RelyingParty {
/// </summary>
public sealed class OpenIdRelyingParty {
/// <summary>
- /// The untrusted web request handler we use (and share) by default across all RP instances.
- /// </summary>
- private static IDirectSslWebRequestHandler defaultUntrustedWebRequestHandler = new UntrustedWebRequestHandler();
-
- /// <summary>
/// Backing field for the <see cref="SecuritySettings"/> property.
/// </summary>
private RelyingPartySecuritySettings securitySettings;
@@ -42,7 +37,6 @@ namespace DotNetOpenAuth.OpenId.RelyingParty {
this.Channel = new OpenIdChannel(associationStore, nonceStore, secretStore);
this.AssociationStore = associationStore;
this.SecuritySettings = RelyingPartySection.Configuration.SecuritySettings.CreateSecuritySettings();
- this.WebRequestHandler = defaultUntrustedWebRequestHandler;
}
/// <summary>
@@ -76,7 +70,12 @@ namespace DotNetOpenAuth.OpenId.RelyingParty {
/// Gets the web request handler to use for discovery and the part of
/// authentication where direct messages are sent to an untrusted remote party.
/// </summary>
- internal IDirectSslWebRequestHandler WebRequestHandler { get; private set; }
+ internal IDirectSslWebRequestHandler WebRequestHandler {
+ // TODO: Since the OpenIdChannel.WebRequestHandler might be set to a non-SSL
+ // implementation, we should consider altering the consumers of this property
+ // to handle either case.
+ get { return this.Channel.WebRequestHandler as IDirectSslWebRequestHandler; }
+ }
/// <summary>
/// Gets an association between this Relying Party and a given Provider.
generated by cgit v1.1 at 2025-05-19 05:36:18 +0000