diff options
Diffstat (limited to 'src/DotNetOpenAuth.OpenId/OpenId')
20 files changed, 195 insertions, 119 deletions
diff --git a/src/DotNetOpenAuth.OpenId/OpenId/Association.cs b/src/DotNetOpenAuth.OpenId/OpenId/Association.cs index 700b24e..764f4fa 100644 --- a/src/DotNetOpenAuth.OpenId/OpenId/Association.cs +++ b/src/DotNetOpenAuth.OpenId/OpenId/Association.cs @@ -222,7 +222,7 @@ namespace DotNetOpenAuth.OpenId { if (a.Handle != this.Handle || a.Issued != this.Issued || - !MessagingUtilities.Equals(a.TotalLifeLength, this.TotalLifeLength, TimeSpan.FromSeconds(1))) { + !MessagingUtilities.Equals(a.TotalLifeLength, this.TotalLifeLength, TimeSpan.FromSeconds(2))) { return false; } diff --git a/src/DotNetOpenAuth.OpenId/OpenId/ChannelElements/ITamperResistantOpenIdMessage.cs b/src/DotNetOpenAuth.OpenId/OpenId/ChannelElements/ITamperResistantOpenIdMessage.cs index 379e5e7..fb8c445 100644 --- a/src/DotNetOpenAuth.OpenId/OpenId/ChannelElements/ITamperResistantOpenIdMessage.cs +++ b/src/DotNetOpenAuth.OpenId/OpenId/ChannelElements/ITamperResistantOpenIdMessage.cs @@ -7,6 +7,7 @@ namespace DotNetOpenAuth.OpenId.ChannelElements { using System; using System.Collections.Generic; + using System.Diagnostics.CodeAnalysis; using System.Linq; using System.Text; using DotNetOpenAuth.Messaging; @@ -39,6 +40,7 @@ namespace DotNetOpenAuth.OpenId.ChannelElements { /// and if present in the response, "claimed_id" and "identity". /// Additional keys MAY be signed as part of the message. See Generating Signatures. /// </remarks> + [SuppressMessage("Microsoft.StyleCop.CSharp.DocumentationRules", "SA1630:DocumentationTextMustContainWhitespace", Justification = "The samples are string literals.")] string SignedParameterOrder { get; set; } // TODO: make sure we have a unit test to verify that an incoming message with fewer signed fields than required will be rejected. } } diff --git a/src/DotNetOpenAuth.OpenId/OpenId/ChannelElements/OpenIdChannel.cs b/src/DotNetOpenAuth.OpenId/OpenId/ChannelElements/OpenIdChannel.cs index 357c02d..6b88b3f 100644 --- a/src/DotNetOpenAuth.OpenId/OpenId/ChannelElements/OpenIdChannel.cs +++ b/src/DotNetOpenAuth.OpenId/OpenId/ChannelElements/OpenIdChannel.cs @@ -181,7 +181,7 @@ namespace DotNetOpenAuth.OpenId.ChannelElements { byte[] keyValueEncoding = KeyValueFormEncoding.GetBytes(fields); OutgoingWebResponse preparedResponse = new OutgoingWebResponse(); - this.ApplyMessageTemplate(response, preparedResponse); + ApplyMessageTemplate(response, preparedResponse); preparedResponse.Headers.Add(HttpResponseHeader.ContentType, KeyValueFormContentType); preparedResponse.OriginalMessage = response; preparedResponse.ResponseStream = new MemoryStream(keyValueEncoding); diff --git a/src/DotNetOpenAuth.OpenId/OpenId/ChannelElements/SigningBindingElement.cs b/src/DotNetOpenAuth.OpenId/OpenId/ChannelElements/SigningBindingElement.cs index ebe20d2..363ff28 100644 --- a/src/DotNetOpenAuth.OpenId/OpenId/ChannelElements/SigningBindingElement.cs +++ b/src/DotNetOpenAuth.OpenId/OpenId/ChannelElements/SigningBindingElement.cs @@ -121,7 +121,7 @@ namespace DotNetOpenAuth.OpenId.ChannelElements { /// <returns>The calculated signature of the method.</returns> protected string GetSignature(ITamperResistantOpenIdMessage signedMessage, Association association) { Requires.NotNull(signedMessage, "signedMessage"); - Requires.True(!String.IsNullOrEmpty(signedMessage.SignedParameterOrder), "signedMessage"); + Requires.True(!string.IsNullOrEmpty(signedMessage.SignedParameterOrder), "signedMessage"); Requires.NotNull(association, "association"); // Prepare the parts to sign, taking care to replace an openid.mode value diff --git a/src/DotNetOpenAuth.OpenId/OpenId/DiffieHellmanUtilities.cs b/src/DotNetOpenAuth.OpenId/OpenId/DiffieHellmanUtilities.cs index 5c18275..e15bd6e 100644 --- a/src/DotNetOpenAuth.OpenId/OpenId/DiffieHellmanUtilities.cs +++ b/src/DotNetOpenAuth.OpenId/OpenId/DiffieHellmanUtilities.cs @@ -22,12 +22,7 @@ namespace DotNetOpenAuth.OpenId { /// <summary> /// An array of known Diffie Hellman sessions, sorted by decreasing hash size. /// </summary> - private static DHSha[] diffieHellmanSessionTypes = new List<DHSha> { - new DHSha(SHA512.Create(), protocol => protocol.Args.SessionType.DH_SHA512), - new DHSha(SHA384.Create(), protocol => protocol.Args.SessionType.DH_SHA384), - new DHSha(SHA256.Create(), protocol => protocol.Args.SessionType.DH_SHA256), - new DHSha(SHA1.Create(), protocol => protocol.Args.SessionType.DH_SHA1), - } .ToArray(); + private static DHSha[] diffieHellmanSessionTypes = CreateSessionTypes(); /// <summary> /// Finds the hashing algorithm to use given an openid.session_type value. @@ -41,7 +36,7 @@ namespace DotNetOpenAuth.OpenId { Requires.NotNull(sessionType, "sessionType"); // We COULD use just First instead of FirstOrDefault, but we want to throw ProtocolException instead of InvalidOperationException. - DHSha match = diffieHellmanSessionTypes.FirstOrDefault(dhsha => String.Equals(dhsha.GetName(protocol), sessionType, StringComparison.Ordinal)); + DHSha match = diffieHellmanSessionTypes.FirstOrDefault(dhsha => string.Equals(dhsha.GetName(protocol), sessionType, StringComparison.Ordinal)); ErrorUtilities.VerifyProtocol(match != null, OpenIdStrings.NoSessionTypeFound, sessionType, protocol.Version); return match.Algorithm; } @@ -119,6 +114,23 @@ namespace DotNetOpenAuth.OpenId { } /// <summary> + /// Returns the value used to initialize the static field storing DH session types. + /// </summary> + /// <returns>A non-null, non-empty array.</returns> + /// <remarks>> + /// This is a method rather than being inlined to the field initializer to try to avoid + /// the CLR bug that crops up sometimes if we initialize arrays using object initializer syntax. + /// </remarks> + private static DHSha[] CreateSessionTypes() { + return new[] { + new DHSha(SHA512.Create(), protocol => protocol.Args.SessionType.DH_SHA512), + new DHSha(SHA384.Create(), protocol => protocol.Args.SessionType.DH_SHA384), + new DHSha(SHA256.Create(), protocol => protocol.Args.SessionType.DH_SHA256), + new DHSha(SHA1.Create(), protocol => protocol.Args.SessionType.DH_SHA1), + }; + } + + /// <summary> /// Provides access to a Diffie-Hellman session algorithm and its name. /// </summary> private class DHSha { diff --git a/src/DotNetOpenAuth.OpenId/OpenId/Extensions/AttributeExchange/WellKnownAttributes.cs b/src/DotNetOpenAuth.OpenId/OpenId/Extensions/AttributeExchange/WellKnownAttributes.cs index c48b804..e96ef2e 100644 --- a/src/DotNetOpenAuth.OpenId/OpenId/Extensions/AttributeExchange/WellKnownAttributes.cs +++ b/src/DotNetOpenAuth.OpenId/OpenId/Extensions/AttributeExchange/WellKnownAttributes.cs @@ -15,6 +15,8 @@ namespace DotNetOpenAuth.OpenId.Extensions.AttributeExchange { /// You can use new ones directly without adding them to this class, and can even make /// up your own if you expect the other end to understand what you make up. /// </remarks> + [SuppressMessage("Microsoft.StyleCop.CSharp.DocumentationRules", "SA1630:DocumentationTextMustContainWhitespace", Justification = "The samples are string literals.")] + [SuppressMessage("Microsoft.StyleCop.CSharp.DocumentationRules", "SA1631:DocumentationMustMeetCharacterPercentage", Justification = "The samples are string literals.")] public static class WellKnownAttributes { /// <summary> /// Inherent attributes about a personality such as gender and bio. diff --git a/src/DotNetOpenAuth.OpenId/OpenId/Extensions/SimpleRegistration/Gender.cs b/src/DotNetOpenAuth.OpenId/OpenId/Extensions/SimpleRegistration/Gender.cs index 05cbfbb..c0b1c03 100644 --- a/src/DotNetOpenAuth.OpenId/OpenId/Extensions/SimpleRegistration/Gender.cs +++ b/src/DotNetOpenAuth.OpenId/OpenId/Extensions/SimpleRegistration/Gender.cs @@ -5,10 +5,6 @@ //----------------------------------------------------------------------- namespace DotNetOpenAuth.OpenId.Extensions.SimpleRegistration { - using System; - using DotNetOpenAuth.Messaging; - using DotNetOpenAuth.Messaging.Reflection; - /// <summary> /// Indicates the gender of a user. /// </summary> @@ -23,48 +19,4 @@ namespace DotNetOpenAuth.OpenId.Extensions.SimpleRegistration { /// </summary> Female, } - - /// <summary> - /// Encodes/decodes the Simple Registration Gender type to its string representation. - /// </summary> - internal class GenderEncoder : IMessagePartEncoder { - #region IMessagePartEncoder Members - - /// <summary> - /// Encodes the specified value. - /// </summary> - /// <param name="value">The value. Guaranteed to never be null.</param> - /// <returns> - /// The <paramref name="value"/> in string form, ready for message transport. - /// </returns> - public string Encode(object value) { - var gender = (Gender?)value; - if (gender.HasValue) { - switch (gender.Value) { - case Gender.Male: return Constants.Genders.Male; - case Gender.Female: return Constants.Genders.Female; - } - } - - return null; - } - - /// <summary> - /// Decodes the specified value. - /// </summary> - /// <param name="value">The string value carried by the transport. Guaranteed to never be null, although it may be empty.</param> - /// <returns> - /// The deserialized form of the given string. - /// </returns> - /// <exception cref="FormatException">Thrown when the string value given cannot be decoded into the required object type.</exception> - public object Decode(string value) { - switch (value) { - case Constants.Genders.Male: return SimpleRegistration.Gender.Male; - case Constants.Genders.Female: return SimpleRegistration.Gender.Female; - default: throw new FormatException(); - } - } - - #endregion - } }
\ No newline at end of file diff --git a/src/DotNetOpenAuth.OpenId/OpenId/Extensions/SimpleRegistration/GenderEncoder.cs b/src/DotNetOpenAuth.OpenId/OpenId/Extensions/SimpleRegistration/GenderEncoder.cs new file mode 100644 index 0000000..abc51c1 --- /dev/null +++ b/src/DotNetOpenAuth.OpenId/OpenId/Extensions/SimpleRegistration/GenderEncoder.cs @@ -0,0 +1,54 @@ +//----------------------------------------------------------------------- +// <copyright file="GenderEncoder.cs" company="Outercurve Foundation"> +// Copyright (c) Outercurve Foundation. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- + +namespace DotNetOpenAuth.OpenId.Extensions.SimpleRegistration { + using System; + using DotNetOpenAuth.Messaging.Reflection; + + /// <summary> + /// Encodes/decodes the Simple Registration Gender type to its string representation. + /// </summary> + internal class GenderEncoder : IMessagePartEncoder { + #region IMessagePartEncoder Members + + /// <summary> + /// Encodes the specified value. + /// </summary> + /// <param name="value">The value. Guaranteed to never be null.</param> + /// <returns> + /// The <paramref name="value"/> in string form, ready for message transport. + /// </returns> + public string Encode(object value) { + var gender = (Gender?)value; + if (gender.HasValue) { + switch (gender.Value) { + case Gender.Male: return Constants.Genders.Male; + case Gender.Female: return Constants.Genders.Female; + } + } + + return null; + } + + /// <summary> + /// Decodes the specified value. + /// </summary> + /// <param name="value">The string value carried by the transport. Guaranteed to never be null, although it may be empty.</param> + /// <returns> + /// The deserialized form of the given string. + /// </returns> + /// <exception cref="FormatException">Thrown when the string value given cannot be decoded into the required object type.</exception> + public object Decode(string value) { + switch (value) { + case Constants.Genders.Male: return SimpleRegistration.Gender.Male; + case Constants.Genders.Female: return SimpleRegistration.Gender.Female; + default: throw new FormatException(); + } + } + + #endregion + } +}
\ No newline at end of file diff --git a/src/DotNetOpenAuth.OpenId/OpenId/HmacShaAssociation.cs b/src/DotNetOpenAuth.OpenId/OpenId/HmacShaAssociation.cs index 7c3ea3d..5e3553d 100644 --- a/src/DotNetOpenAuth.OpenId/OpenId/HmacShaAssociation.cs +++ b/src/DotNetOpenAuth.OpenId/OpenId/HmacShaAssociation.cs @@ -24,28 +24,7 @@ namespace DotNetOpenAuth.OpenId { /// <summary> /// A list of HMAC-SHA algorithms in order of decreasing bit lengths. /// </summary> - private static HmacSha[] hmacShaAssociationTypes = new List<HmacSha> { - new HmacSha { - CreateHasher = secretKey => new HMACSHA512(secretKey), - GetAssociationType = protocol => protocol.Args.SignatureAlgorithm.HMAC_SHA512, - BaseHashAlgorithm = SHA512.Create(), - }, - new HmacSha { - CreateHasher = secretKey => new HMACSHA384(secretKey), - GetAssociationType = protocol => protocol.Args.SignatureAlgorithm.HMAC_SHA384, - BaseHashAlgorithm = SHA384.Create(), - }, - new HmacSha { - CreateHasher = secretKey => new HMACSHA256(secretKey), - GetAssociationType = protocol => protocol.Args.SignatureAlgorithm.HMAC_SHA256, - BaseHashAlgorithm = SHA256.Create(), - }, - new HmacSha { - CreateHasher = secretKey => new HMACSHA1(secretKey), - GetAssociationType = protocol => protocol.Args.SignatureAlgorithm.HMAC_SHA1, - BaseHashAlgorithm = SHA1.Create(), - }, - } .ToArray(); + private static HmacSha[] hmacShaAssociationTypes = CreateAssociationTypes(); /// <summary> /// The specific variety of HMAC-SHA this association is based on (whether it be HMAC-SHA1, HMAC-SHA256, etc.) @@ -95,7 +74,7 @@ namespace DotNetOpenAuth.OpenId { Requires.NotNullOrEmpty(associationType, "associationType"); Requires.NotNull(secret, "secret"); Contract.Ensures(Contract.Result<HmacShaAssociation>() != null); - HmacSha match = hmacShaAssociationTypes.FirstOrDefault(sha => String.Equals(sha.GetAssociationType(protocol), associationType, StringComparison.Ordinal)); + HmacSha match = hmacShaAssociationTypes.FirstOrDefault(sha => string.Equals(sha.GetAssociationType(protocol), associationType, StringComparison.Ordinal)); ErrorUtilities.VerifyProtocol(match != null, OpenIdStrings.NoAssociationTypeFoundByName, associationType); return new HmacShaAssociation(match, handle, secret, totalLifeLength); } @@ -125,7 +104,7 @@ namespace DotNetOpenAuth.OpenId { /// <returns>The length (in bytes) of the association secret.</returns> /// <exception cref="ProtocolException">Thrown if no association can be found by the given name.</exception> public static int GetSecretLength(Protocol protocol, string associationType) { - HmacSha match = hmacShaAssociationTypes.FirstOrDefault(shaType => String.Equals(shaType.GetAssociationType(protocol), associationType, StringComparison.Ordinal)); + HmacSha match = hmacShaAssociationTypes.FirstOrDefault(shaType => string.Equals(shaType.GetAssociationType(protocol), associationType, StringComparison.Ordinal)); ErrorUtilities.VerifyProtocol(match != null, OpenIdStrings.NoAssociationTypeFoundByName, associationType); return match.SecretLength; } @@ -161,11 +140,13 @@ namespace DotNetOpenAuth.OpenId { hashSizeInBits < securityRequirements.MinimumHashBitLength) { continue; } -#if !ExcludeDiffieHellman - sessionType = DiffieHellmanUtilities.GetNameForSize(protocol, hashSizeInBits); -#else - sessionType = requireMatchingDHSessionType ? null : protocol.Args.SessionType.NoEncryption; -#endif + + if (OpenIdUtilities.IsDiffieHellmanPresent) { + sessionType = DiffieHellmanUtilities.GetNameForSize(protocol, hashSizeInBits); + } else { + sessionType = requireMatchingDHSessionType ? null : protocol.Args.SessionType.NoEncryption; + } + if (requireMatchingDHSessionType && sessionType == null) { continue; } @@ -199,14 +180,14 @@ namespace DotNetOpenAuth.OpenId { return true; } -#if !ExcludeDiffieHellman - // When there _is_ a DH session, it must match in hash length with the association type. - int associationSecretLengthInBytes = GetSecretLength(protocol, associationType); - int sessionHashLengthInBytes = DiffieHellmanUtilities.Lookup(protocol, sessionType).HashSize / 8; - return associationSecretLengthInBytes == sessionHashLengthInBytes; -#else - return false; -#endif + if (OpenIdUtilities.IsDiffieHellmanPresent) { + // When there _is_ a DH session, it must match in hash length with the association type. + int associationSecretLengthInBytes = GetSecretLength(protocol, associationType); + int sessionHashLengthInBytes = DiffieHellmanUtilities.Lookup(protocol, sessionType).HashSize / 8; + return associationSecretLengthInBytes == sessionHashLengthInBytes; + } else { + return false; + } } /// <summary> @@ -235,6 +216,39 @@ namespace DotNetOpenAuth.OpenId { } /// <summary> + /// Returns the value used to initialize the static field storing association types. + /// </summary> + /// <returns>A non-null, non-empty array.</returns> + /// <remarks>> + /// This is a method rather than being inlined to the field initializer to try to avoid + /// the CLR bug that crops up sometimes if we initialize arrays using object initializer syntax. + /// </remarks> + private static HmacSha[] CreateAssociationTypes() { + return new[] { + new HmacSha { + CreateHasher = secretKey => new HMACSHA512(secretKey), + GetAssociationType = protocol => protocol.Args.SignatureAlgorithm.HMAC_SHA512, + BaseHashAlgorithm = SHA512.Create(), + }, + new HmacSha { + CreateHasher = secretKey => new HMACSHA384(secretKey), + GetAssociationType = protocol => protocol.Args.SignatureAlgorithm.HMAC_SHA384, + BaseHashAlgorithm = SHA384.Create(), + }, + new HmacSha { + CreateHasher = secretKey => new HMACSHA256(secretKey), + GetAssociationType = protocol => protocol.Args.SignatureAlgorithm.HMAC_SHA256, + BaseHashAlgorithm = SHA256.Create(), + }, + new HmacSha { + CreateHasher = secretKey => new HMACSHA1(secretKey), + GetAssociationType = protocol => protocol.Args.SignatureAlgorithm.HMAC_SHA1, + BaseHashAlgorithm = SHA1.Create(), + }, + }; + } + + /// <summary> /// Provides information about some HMAC-SHA hashing algorithm that OpenID supports. /// </summary> private class HmacSha { diff --git a/src/DotNetOpenAuth.OpenId/OpenId/IdentifierDiscoveryResult.cs b/src/DotNetOpenAuth.OpenId/OpenId/IdentifierDiscoveryResult.cs index 137ab28..ab69bf6 100644 --- a/src/DotNetOpenAuth.OpenId/OpenId/IdentifierDiscoveryResult.cs +++ b/src/DotNetOpenAuth.OpenId/OpenId/IdentifierDiscoveryResult.cs @@ -110,7 +110,7 @@ namespace DotNetOpenAuth.OpenId { XriIdentifier xri = this.ClaimedIdentifier as XriIdentifier; UriIdentifier uri = this.ClaimedIdentifier as UriIdentifier; if (xri != null) { - if (this.UserSuppliedIdentifier == null || String.Equals(this.UserSuppliedIdentifier, this.ClaimedIdentifier, StringComparison.OrdinalIgnoreCase)) { + if (this.UserSuppliedIdentifier == null || string.Equals(this.UserSuppliedIdentifier, this.ClaimedIdentifier, StringComparison.OrdinalIgnoreCase)) { this.friendlyIdentifierForDisplay = this.ClaimedIdentifier; } else { this.friendlyIdentifierForDisplay = this.UserSuppliedIdentifier; diff --git a/src/DotNetOpenAuth.OpenId/OpenId/Messages/AssociateDiffieHellmanRequest.cs b/src/DotNetOpenAuth.OpenId/OpenId/Messages/AssociateDiffieHellmanRequest.cs index ebe9f34..ed96ce7 100644 --- a/src/DotNetOpenAuth.OpenId/OpenId/Messages/AssociateDiffieHellmanRequest.cs +++ b/src/DotNetOpenAuth.OpenId/OpenId/Messages/AssociateDiffieHellmanRequest.cs @@ -12,9 +12,7 @@ namespace DotNetOpenAuth.OpenId.Messages { using System.Text; using DotNetOpenAuth.Messaging; using DotNetOpenAuth.Messaging.Reflection; -#if !ExcludeDiffieHellman using Org.Mentalis.Security.Cryptography; -#endif /// <summary> /// An OpenID direct request from Relying Party to Provider to initiate an association that uses Diffie-Hellman encryption. @@ -78,7 +76,6 @@ namespace DotNetOpenAuth.OpenId.Messages { [MessagePart("openid.dh_consumer_public", IsRequired = true, AllowEmpty = false)] internal byte[] DiffieHellmanConsumerPublic { get; set; } -#if !ExcludeDiffieHellman /// <summary> /// Gets the Diffie-Hellman algorithm. /// </summary> @@ -86,13 +83,11 @@ namespace DotNetOpenAuth.OpenId.Messages { /// This property is initialized with a call to <see cref="InitializeRequest"/>. /// </remarks> internal DiffieHellman Algorithm { get; private set; } -#endif /// <summary> /// Called by the Relying Party to initialize the Diffie-Hellman algorithm and consumer public key properties. /// </summary> internal void InitializeRequest() { -#if !ExcludeDiffieHellman if (this.DiffieHellmanModulus == null || this.DiffieHellmanGen == null) { throw new InvalidOperationException(string.Format(CultureInfo.CurrentCulture, OpenIdStrings.DiffieHellmanRequiredPropertiesNotSet, string.Join(", ", new string[] { "DiffieHellmanModulus", "DiffieHellmanGen" }))); } @@ -100,9 +95,6 @@ namespace DotNetOpenAuth.OpenId.Messages { this.Algorithm = new DiffieHellmanManaged(this.DiffieHellmanModulus ?? DefaultMod, this.DiffieHellmanGen ?? DefaultGen, DefaultX); byte[] consumerPublicKeyExchange = this.Algorithm.CreateKeyExchange(); this.DiffieHellmanConsumerPublic = DiffieHellmanUtilities.EnsurePositive(consumerPublicKeyExchange); -#else - throw new NotSupportedException(); -#endif } } } diff --git a/src/DotNetOpenAuth.OpenId/OpenId/Messages/IOpenIdMessageExtension.cs b/src/DotNetOpenAuth.OpenId/OpenId/Messages/IOpenIdMessageExtension.cs index b1321f1..dabb752 100644 --- a/src/DotNetOpenAuth.OpenId/OpenId/Messages/IOpenIdMessageExtension.cs +++ b/src/DotNetOpenAuth.OpenId/OpenId/Messages/IOpenIdMessageExtension.cs @@ -72,7 +72,7 @@ namespace DotNetOpenAuth.OpenId.Messages { /// </summary> string IOpenIdMessageExtension.TypeUri { get { - Contract.Ensures(!String.IsNullOrEmpty(Contract.Result<string>())); + Contract.Ensures(!string.IsNullOrEmpty(Contract.Result<string>())); throw new NotImplementedException(); } } diff --git a/src/DotNetOpenAuth.OpenId/OpenId/Messages/IndirectSignedResponse.cs b/src/DotNetOpenAuth.OpenId/OpenId/Messages/IndirectSignedResponse.cs index 46c5d35..8bceb68 100644 --- a/src/DotNetOpenAuth.OpenId/OpenId/Messages/IndirectSignedResponse.cs +++ b/src/DotNetOpenAuth.OpenId/OpenId/Messages/IndirectSignedResponse.cs @@ -26,6 +26,8 @@ namespace DotNetOpenAuth.OpenId.Messages { /// </summary> [DebuggerDisplay("OpenID {Version} {Mode} (no id assertion)")] [Serializable] + [SuppressMessage("Microsoft.StyleCop.CSharp.DocumentationRules", "SA1630:DocumentationTextMustContainWhitespace", Justification = "The samples are string literals.")] + [SuppressMessage("Microsoft.StyleCop.CSharp.DocumentationRules", "SA1631:DocumentationMustMeetCharacterPercentage", Justification = "The samples are string literals.")] internal class IndirectSignedResponse : IndirectResponseBase, ITamperResistantOpenIdMessage { /// <summary> /// The allowed date/time formats for the response_nonce parameter. diff --git a/src/DotNetOpenAuth.OpenId/OpenId/Messages/NegativeAssertionResponse.cs b/src/DotNetOpenAuth.OpenId/OpenId/Messages/NegativeAssertionResponse.cs index c6cd967..43fd6f5 100644 --- a/src/DotNetOpenAuth.OpenId/OpenId/Messages/NegativeAssertionResponse.cs +++ b/src/DotNetOpenAuth.OpenId/OpenId/Messages/NegativeAssertionResponse.cs @@ -72,9 +72,9 @@ namespace DotNetOpenAuth.OpenId.Messages { if (this.OriginatingRequest != null) { return this.OriginatingRequest.Immediate; } else { - if (String.Equals(this.Mode, Protocol.Args.Mode.setup_needed, StringComparison.Ordinal)) { + if (string.Equals(this.Mode, Protocol.Args.Mode.setup_needed, StringComparison.Ordinal)) { return true; - } else if (String.Equals(this.Mode, Protocol.Args.Mode.cancel, StringComparison.Ordinal)) { + } else if (string.Equals(this.Mode, Protocol.Args.Mode.cancel, StringComparison.Ordinal)) { return false; } else { throw ErrorUtilities.ThrowProtocol(MessagingStrings.UnexpectedMessagePartValue, Protocol.openid.mode, this.Mode); @@ -99,7 +99,7 @@ namespace DotNetOpenAuth.OpenId.Messages { base.EnsureValidMessage(); // Since there are a couple of negative assertion modes, ensure that the mode given is one of the allowed ones. - ErrorUtilities.VerifyProtocol(String.Equals(this.Mode, Protocol.Args.Mode.setup_needed, StringComparison.Ordinal) || String.Equals(this.Mode, Protocol.Args.Mode.cancel, StringComparison.Ordinal), MessagingStrings.UnexpectedMessagePartValue, Protocol.openid.mode, this.Mode); + ErrorUtilities.VerifyProtocol(string.Equals(this.Mode, Protocol.Args.Mode.setup_needed, StringComparison.Ordinal) || string.Equals(this.Mode, Protocol.Args.Mode.cancel, StringComparison.Ordinal), MessagingStrings.UnexpectedMessagePartValue, Protocol.openid.mode, this.Mode); if (this.Immediate && Protocol.Version.Major < 2) { ErrorUtilities.VerifyProtocol(this.UserSetupUrl != null, OpenIdStrings.UserSetupUrlRequiredInImmediateNegativeResponse); diff --git a/src/DotNetOpenAuth.OpenId/OpenId/Messages/SignedResponseRequest.cs b/src/DotNetOpenAuth.OpenId/OpenId/Messages/SignedResponseRequest.cs index c300e04..a2ebb64 100644 --- a/src/DotNetOpenAuth.OpenId/OpenId/Messages/SignedResponseRequest.cs +++ b/src/DotNetOpenAuth.OpenId/OpenId/Messages/SignedResponseRequest.cs @@ -58,7 +58,7 @@ namespace DotNetOpenAuth.OpenId.Messages { /// </summary> /// <value><c>true</c> if using OpenID immediate mode; otherwise, <c>false</c>.</value> internal bool Immediate { - get { return String.Equals(this.Mode, Protocol.Args.Mode.checkid_immediate, StringComparison.Ordinal); } + get { return string.Equals(this.Mode, Protocol.Args.Mode.checkid_immediate, StringComparison.Ordinal); } } /// <summary> diff --git a/src/DotNetOpenAuth.OpenId/OpenId/OpenIdUtilities.cs b/src/DotNetOpenAuth.OpenId/OpenId/OpenIdUtilities.cs index 1b848f9..a5202de 100644 --- a/src/DotNetOpenAuth.OpenId/OpenId/OpenIdUtilities.cs +++ b/src/DotNetOpenAuth.OpenId/OpenId/OpenIdUtilities.cs @@ -10,14 +10,15 @@ namespace DotNetOpenAuth.OpenId { using System.Diagnostics.CodeAnalysis; using System.Diagnostics.Contracts; using System.Globalization; + using System.IO; using System.Linq; - using System.Text; using System.Text.RegularExpressions; + using System.Web; using System.Web.UI; using DotNetOpenAuth.Messaging; using DotNetOpenAuth.OpenId.ChannelElements; using DotNetOpenAuth.OpenId.Extensions; - using DotNetOpenAuth.OpenId.Messages; + using Org.Mentalis.Security.Cryptography; /// <summary> /// A set of utilities especially useful to OpenID. @@ -29,11 +30,46 @@ namespace DotNetOpenAuth.OpenId { internal const string CustomParameterPrefix = "dnoa."; /// <summary> + /// A static variable that carries the results of a check for the presence of + /// assemblies that are required for the Diffie-Hellman algorithm. + /// </summary> + private static bool? diffieHellmanPresent; + + /// <summary> + /// Gets a value indicating whether Diffie Hellman is available in this installation. + /// </summary> + /// <value> + /// <c>true</c> if Diffie-Hellman functionality is present; otherwise, <c>false</c>. + /// </value> + internal static bool IsDiffieHellmanPresent { + get { + if (!diffieHellmanPresent.HasValue) { + try { + LoadDiffieHellmanTypes(); + diffieHellmanPresent = true; + } catch (FileNotFoundException) { + diffieHellmanPresent = false; + } catch (TypeLoadException) { + diffieHellmanPresent = false; + } + + if (diffieHellmanPresent.Value) { + Logger.OpenId.Info("Diffie-Hellman supporting assemblies found and loaded."); + } else { + Logger.OpenId.Warn("Diffie-Hellman supporting assemblies failed to load. Only associations with HTTPS OpenID Providers will be supported."); + } + } + + return diffieHellmanPresent.Value; + } + } + + /// <summary> /// Creates a random association handle. /// </summary> /// <returns>The association handle.</returns> public static string GenerateRandomAssociationHandle() { - Contract.Ensures(!String.IsNullOrEmpty(Contract.Result<string>())); + Contract.Ensures(!string.IsNullOrEmpty(Contract.Result<string>())); // Generate the handle. It must be unique, and preferably unpredictable, // so we use a time element and a random data element to generate it. @@ -115,7 +151,7 @@ namespace DotNetOpenAuth.OpenId { /// <param name="requestContext">The request context.</param> /// <returns>The fully-qualified realm.</returns> [SuppressMessage("Microsoft.Usage", "CA1806:DoNotIgnoreMethodResults", MessageId = "DotNetOpenAuth.OpenId.Realm", Justification = "Using ctor for validation.")] - internal static UriBuilder GetResolvedRealm(Page page, string realm, HttpRequestInfo requestContext) { + internal static UriBuilder GetResolvedRealm(Page page, string realm, HttpRequestBase requestContext) { Requires.NotNull(page, "page"); Requires.NotNull(requestContext, "requestContext"); @@ -134,7 +170,7 @@ namespace DotNetOpenAuth.OpenId { string realmNoWildcard = Regex.Replace(realm, @"^(\w+://)\*\.", matchDelegate); UriBuilder fullyQualifiedRealm = new UriBuilder( - new Uri(requestContext.UrlBeforeRewriting, page.ResolveUrl(realmNoWildcard))); + new Uri(requestContext.GetPublicFacingUrl(), page.ResolveUrl(realmNoWildcard))); if (foundWildcard) { fullyQualifiedRealm.Host = "*." + fullyQualifiedRealm.Host; @@ -168,5 +204,15 @@ namespace DotNetOpenAuth.OpenId { ErrorUtilities.VerifyOperation(aggregator != null, OpenIdStrings.UnsupportedChannelConfiguration); return aggregator.Factories; } + + /// <summary> + /// Loads the Diffie-Hellman assemblies. + /// </summary> + /// <exception cref="FileNotFoundException">Thrown if the DH assemblies are missing.</exception> + private static void LoadDiffieHellmanTypes() { + // This seeming no-op instruction is enough for the CLR to throw a FileNotFoundException + // If the assemblies are missing. + new DiffieHellmanManaged(); + } } } diff --git a/src/DotNetOpenAuth.OpenId/OpenId/Realm.cs b/src/DotNetOpenAuth.OpenId/OpenId/Realm.cs index 5c2ff8b..d682542 100644 --- a/src/DotNetOpenAuth.OpenId/OpenId/Realm.cs +++ b/src/DotNetOpenAuth.OpenId/OpenId/Realm.cs @@ -126,8 +126,8 @@ namespace DotNetOpenAuth.OpenId { Requires.ValidState(HttpContext.Current != null && HttpContext.Current.Request != null, MessagingStrings.HttpContextRequired); Contract.Ensures(Contract.Result<Realm>() != null); - HttpRequestInfo requestInfo = new HttpRequestInfo(HttpContext.Current.Request); - UriBuilder realmUrl = new UriBuilder(requestInfo.UrlBeforeRewriting); + HttpRequestBase requestInfo = new HttpRequestWrapper(HttpContext.Current.Request); + UriBuilder realmUrl = new UriBuilder(requestInfo.GetPublicFacingUrl()); realmUrl.Path = HttpContext.Current.Request.ApplicationPath; realmUrl.Query = null; realmUrl.Fragment = null; diff --git a/src/DotNetOpenAuth.OpenId/OpenId/RelyingParty/IAuthenticationRequestContract.cs b/src/DotNetOpenAuth.OpenId/OpenId/RelyingParty/IAuthenticationRequestContract.cs index fa16c41..4ddc6ae 100644 --- a/src/DotNetOpenAuth.OpenId/OpenId/RelyingParty/IAuthenticationRequestContract.cs +++ b/src/DotNetOpenAuth.OpenId/OpenId/RelyingParty/IAuthenticationRequestContract.cs @@ -74,7 +74,7 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { void IAuthenticationRequest.AddCallbackArguments(IDictionary<string, string> arguments) { Requires.NotNull(arguments, "arguments"); - Requires.True(arguments.Keys.All(k => !String.IsNullOrEmpty(k)), "arguments"); + Requires.True(arguments.Keys.All(k => !string.IsNullOrEmpty(k)), "arguments"); Requires.True(arguments.Values.All(v => v != null), "arguments"); throw new NotImplementedException(); } diff --git a/src/DotNetOpenAuth.OpenId/OpenId/RelyingPartyDescription.cs b/src/DotNetOpenAuth.OpenId/OpenId/RelyingPartyEndpointDescription.cs index a671090..f0d3b6a 100644 --- a/src/DotNetOpenAuth.OpenId/OpenId/RelyingPartyDescription.cs +++ b/src/DotNetOpenAuth.OpenId/OpenId/RelyingPartyEndpointDescription.cs @@ -1,5 +1,5 @@ //----------------------------------------------------------------------- -// <copyright file="RelyingPartyDescription.cs" company="Outercurve Foundation"> +// <copyright file="RelyingPartyEndpointDescription.cs" company="Outercurve Foundation"> // Copyright (c) Outercurve Foundation. All rights reserved. // </copyright> //----------------------------------------------------------------------- diff --git a/src/DotNetOpenAuth.OpenId/OpenId/UriIdentifier.cs b/src/DotNetOpenAuth.OpenId/OpenId/UriIdentifier.cs index 307ba90..2048b0f 100644 --- a/src/DotNetOpenAuth.OpenId/OpenId/UriIdentifier.cs +++ b/src/DotNetOpenAuth.OpenId/OpenId/UriIdentifier.cs @@ -349,7 +349,7 @@ namespace DotNetOpenAuth.OpenId { // If this identifier already uses SSL for initial discovery, return one // that guarantees it will be used throughout the discovery process. - if (String.Equals(Uri.Scheme, Uri.UriSchemeHttps, StringComparison.OrdinalIgnoreCase)) { + if (string.Equals(Uri.Scheme, Uri.UriSchemeHttps, StringComparison.OrdinalIgnoreCase)) { secureIdentifier = new UriIdentifier(this.Uri, true); return true; } |