summaryrefslogtreecommitdiffstats
path: root/src/DotNetOpenAuth
diff options
context:
space:
mode:
Diffstat (limited to 'src/DotNetOpenAuth')
-rw-r--r--src/DotNetOpenAuth/Messaging/Channel.cs6
-rw-r--r--src/DotNetOpenAuth/Messaging/HttpRequestInfo.cs40
-rw-r--r--src/DotNetOpenAuth/Messaging/MessagingUtilities.cs2
-rw-r--r--src/DotNetOpenAuth/OAuth/ChannelElements/OAuthChannel.cs2
-rw-r--r--src/DotNetOpenAuth/OpenId/Interop/OpenIdRelyingPartyShim.cs2
-rw-r--r--src/DotNetOpenAuth/OpenId/Provider/OpenIdProvider.cs2
-rw-r--r--src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdAjaxTextBox.cs2
7 files changed, 27 insertions, 29 deletions
diff --git a/src/DotNetOpenAuth/Messaging/Channel.cs b/src/DotNetOpenAuth/Messaging/Channel.cs
index dd6c02c..d039f9b 100644
--- a/src/DotNetOpenAuth/Messaging/Channel.cs
+++ b/src/DotNetOpenAuth/Messaging/Channel.cs
@@ -559,13 +559,13 @@ namespace DotNetOpenAuth.Messaging {
Contract.Requires(request != null);
ErrorUtilities.VerifyArgumentNotNull(request, "request");
- Logger.Channel.DebugFormat("Incoming HTTP request: {0}", request.Url.AbsoluteUri);
+ Logger.Channel.DebugFormat("Incoming HTTP request: {0} {1}", request.HttpMethod, request.UrlBeforeRewriting.AbsoluteUri);
// Search Form data first, and if nothing is there search the QueryString
- Contract.Assume(request.Form != null && request.QueryString != null);
+ Contract.Assume(request.Form != null && request.QueryStringBeforeRewriting != null);
var fields = request.Form.ToDictionary();
if (fields.Count == 0 && request.HttpMethod != "POST") { // OpenID 2.0 section 4.1.2
- fields = request.QueryString.ToDictionary();
+ fields = request.QueryStringBeforeRewriting.ToDictionary();
}
return (IDirectedProtocolMessage)this.Receive(fields, request.GetRecipient());
diff --git a/src/DotNetOpenAuth/Messaging/HttpRequestInfo.cs b/src/DotNetOpenAuth/Messaging/HttpRequestInfo.cs
index ecd6d44..5908779 100644
--- a/src/DotNetOpenAuth/Messaging/HttpRequestInfo.cs
+++ b/src/DotNetOpenAuth/Messaging/HttpRequestInfo.cs
@@ -54,7 +54,8 @@ namespace DotNetOpenAuth.Messaging {
ErrorUtilities.VerifyArgumentNotNull(request, "request");
this.HttpMethod = request.HttpMethod;
- this.Url = GetPublicFacingUrl(request);
+ this.Url = request.Url;
+ this.UrlBeforeRewriting = GetPublicFacingUrl(request);
this.RawUrl = request.RawUrl;
this.Headers = GetHeaderCollection(request.Headers);
this.InputStream = request.InputStream;
@@ -88,6 +89,7 @@ namespace DotNetOpenAuth.Messaging {
this.HttpMethod = httpMethod;
this.Url = requestUrl;
+ this.UrlBeforeRewriting = requestUrl;
this.RawUrl = rawUrl;
this.Headers = headers;
this.InputStream = inputStream;
@@ -103,6 +105,7 @@ namespace DotNetOpenAuth.Messaging {
this.HttpMethod = listenerRequest.HttpMethod;
this.Url = listenerRequest.Url;
+ this.UrlBeforeRewriting = listenerRequest.Url;
this.RawUrl = listenerRequest.RawUrl;
this.Headers = new WebHeaderCollection();
foreach (string key in listenerRequest.Headers) {
@@ -126,6 +129,7 @@ namespace DotNetOpenAuth.Messaging {
this.HttpMethod = request.Method;
this.Headers = request.Headers;
this.Url = requestUri;
+ this.UrlBeforeRewriting = requestUri;
this.RawUrl = MakeUpRawUrlFromUrl(requestUri);
}
@@ -147,6 +151,7 @@ namespace DotNetOpenAuth.Messaging {
this.HttpMethod = request.Method;
this.Url = request.RequestUri;
+ this.UrlBeforeRewriting = request.RequestUri;
this.RawUrl = MakeUpRawUrlFromUrl(request.RequestUri);
this.Headers = GetHeaderCollection(request.Headers);
this.InputStream = null;
@@ -191,27 +196,13 @@ namespace DotNetOpenAuth.Messaging {
internal string RawUrl { get; set; }
/// <summary>
- /// Gets the full URL of a request before rewriting.
+ /// Gets or sets the full public URL used by the remote client to initiate this request,
+ /// before any URL rewriting and before any changes made by web farm load distributors.
/// </summary>
- internal Uri UrlBeforeRewriting {
- get {
- if (this.Url == null || this.RawUrl == null) {
- return null;
- }
-
- // We use Request.Url for the full path to the server, and modify it
- // with Request.RawUrl to capture both the cookieless session "directory" if it exists
- // and the original path in case URL rewriting is going on. We don't want to be
- // fooled by URL rewriting because we're comparing the actual URL with what's in
- // the return_to parameter in some cases.
- // Response.ApplyAppPathModifier(builder.Path) would have worked for the cookieless
- // session, but not the URL rewriting problem.
- return new Uri(this.Url, this.RawUrl);
- }
- }
+ internal Uri UrlBeforeRewriting { get; set; }
/// <summary>
- /// Gets the query part of the URL (The ? and everything after it).
+ /// Gets the query part of the URL (The ? and everything after it), after URL rewriting.
/// </summary>
internal string Query {
get { return this.Url != null ? this.Url.Query : null; }
@@ -298,7 +289,7 @@ namespace DotNetOpenAuth.Messaging {
/// <c>true</c> if this request's URL was rewritten; otherwise, <c>false</c>.
/// </value>
internal bool IsUrlRewritten {
- get { return this.Url.PathAndQuery != this.RawUrl; }
+ get { return this.Url != this.UrlBeforeRewriting; }
}
/// <summary>
@@ -345,7 +336,14 @@ namespace DotNetOpenAuth.Messaging {
return publicRequestUri.Uri;
} else {
// Failover to the method that works for non-web farm enviroments.
- return request.Url;
+ // We use Request.Url for the full path to the server, and modify it
+ // with Request.RawUrl to capture both the cookieless session "directory" if it exists
+ // and the original path in case URL rewriting is going on. We don't want to be
+ // fooled by URL rewriting because we're comparing the actual URL with what's in
+ // the return_to parameter in some cases.
+ // Response.ApplyAppPathModifier(builder.Path) would have worked for the cookieless
+ // session, but not the URL rewriting problem.
+ return new Uri(request.Url, request.RawUrl);
}
}
diff --git a/src/DotNetOpenAuth/Messaging/MessagingUtilities.cs b/src/DotNetOpenAuth/Messaging/MessagingUtilities.cs
index b06502e..22a7933 100644
--- a/src/DotNetOpenAuth/Messaging/MessagingUtilities.cs
+++ b/src/DotNetOpenAuth/Messaging/MessagingUtilities.cs
@@ -549,7 +549,7 @@ namespace DotNetOpenAuth.Messaging {
/// <param name="request">The request to get recipient information from.</param>
/// <returns>The recipient.</returns>
internal static MessageReceivingEndpoint GetRecipient(this HttpRequestInfo request) {
- return new MessageReceivingEndpoint(request.Url, request.HttpMethod == "GET" ? HttpDeliveryMethods.GetRequest : HttpDeliveryMethods.PostRequest);
+ return new MessageReceivingEndpoint(request.UrlBeforeRewriting, request.HttpMethod == "GET" ? HttpDeliveryMethods.GetRequest : HttpDeliveryMethods.PostRequest);
}
/// <summary>
diff --git a/src/DotNetOpenAuth/OAuth/ChannelElements/OAuthChannel.cs b/src/DotNetOpenAuth/OAuth/ChannelElements/OAuthChannel.cs
index dcd4494..3243e47 100644
--- a/src/DotNetOpenAuth/OAuth/ChannelElements/OAuthChannel.cs
+++ b/src/DotNetOpenAuth/OAuth/ChannelElements/OAuthChannel.cs
@@ -157,7 +157,7 @@ namespace DotNetOpenAuth.OAuth.ChannelElements {
// Add receiving HTTP transport information required for signature generation.
var signedMessage = message as ITamperResistantOAuthMessage;
if (signedMessage != null) {
- signedMessage.Recipient = request.Url;
+ signedMessage.Recipient = request.UrlBeforeRewriting;
signedMessage.HttpMethod = request.HttpMethod;
}
diff --git a/src/DotNetOpenAuth/OpenId/Interop/OpenIdRelyingPartyShim.cs b/src/DotNetOpenAuth/OpenId/Interop/OpenIdRelyingPartyShim.cs
index 2b205d8..d44809f 100644
--- a/src/DotNetOpenAuth/OpenId/Interop/OpenIdRelyingPartyShim.cs
+++ b/src/DotNetOpenAuth/OpenId/Interop/OpenIdRelyingPartyShim.cs
@@ -156,7 +156,7 @@ namespace DotNetOpenAuth.OpenId.Interop {
/// <returns>The Provider's response to a previous authentication request, or null if no response is present.</returns>
public AuthenticationResponseShim ProcessAuthentication(string url, string form) {
OpenIdRelyingParty rp = new OpenIdRelyingParty(null);
- HttpRequestInfo requestInfo = new HttpRequestInfo { Url = new Uri(url) };
+ HttpRequestInfo requestInfo = new HttpRequestInfo { UrlBeforeRewriting = new Uri(url) };
if (!string.IsNullOrEmpty(form)) {
requestInfo.HttpMethod = "POST";
requestInfo.InputStream = new MemoryStream(Encoding.Unicode.GetBytes(form));
diff --git a/src/DotNetOpenAuth/OpenId/Provider/OpenIdProvider.cs b/src/DotNetOpenAuth/OpenId/Provider/OpenIdProvider.cs
index 58b6887..fa40d9f 100644
--- a/src/DotNetOpenAuth/OpenId/Provider/OpenIdProvider.cs
+++ b/src/DotNetOpenAuth/OpenId/Provider/OpenIdProvider.cs
@@ -209,7 +209,7 @@ namespace DotNetOpenAuth.OpenId.Provider {
// If the incoming request does not resemble an OpenID message at all,
// it's probably a user who just navigated to this URL, and we should
// just return null so the host can display a message to the user.
- if (httpRequestInfo.HttpMethod == "GET" && !httpRequestInfo.Url.QueryStringContainPrefixedParameters(Protocol.Default.openid.Prefix)) {
+ if (httpRequestInfo.HttpMethod == "GET" && !httpRequestInfo.UrlBeforeRewriting.QueryStringContainPrefixedParameters(Protocol.Default.openid.Prefix)) {
return null;
}
diff --git a/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdAjaxTextBox.cs b/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdAjaxTextBox.cs
index 3da4e1b..34cde25 100644
--- a/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdAjaxTextBox.cs
+++ b/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdAjaxTextBox.cs
@@ -363,7 +363,7 @@ namespace DotNetOpenAuth.OpenId.RelyingParty {
Uri authUri = new Uri(formAuthData);
HttpRequestInfo clientResponseInfo = new HttpRequestInfo {
- Url = authUri,
+ UrlBeforeRewriting = authUri,
};
this.authenticationResponse = this.RelyingParty.GetResponse(clientResponseInfo);
generated by cgit v1.1 at 2025-06-03 04:24:36 +0000