summaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/DotNetOpenAuth/Configuration/OpenIdProviderElement.cs16
-rw-r--r--src/DotNetOpenAuth/Configuration/OpenIdRelyingPartyElement.cs16
-rw-r--r--src/DotNetOpenAuth/DotNetOpenAuth.csproj14
-rw-r--r--src/DotNetOpenAuth/OpenId/Behaviors/BehaviorStrings.Designer.cs (renamed from src/DotNetOpenAuth/OpenId/SecurityProfiles/SecurityProfileStrings.Designer.cs)17
-rw-r--r--src/DotNetOpenAuth/OpenId/Behaviors/BehaviorStrings.resx (renamed from src/DotNetOpenAuth/OpenId/SecurityProfiles/SecurityProfileStrings.resx)3
-rw-r--r--src/DotNetOpenAuth/OpenId/Behaviors/USGovernmentLevel1.cs (renamed from src/DotNetOpenAuth/OpenId/SecurityProfiles/USGovernmentLevel1.cs)56
-rw-r--r--src/DotNetOpenAuth/OpenId/Provider/AuthenticationRequest.cs2
-rw-r--r--src/DotNetOpenAuth/OpenId/Provider/HostProcessedRequest.cs2
-rw-r--r--src/DotNetOpenAuth/OpenId/Provider/IProviderBehavior.cs (renamed from src/DotNetOpenAuth/OpenId/Provider/IProviderSecurityProfile.cs)12
-rw-r--r--src/DotNetOpenAuth/OpenId/Provider/OpenIdProvider.cs34
-rw-r--r--src/DotNetOpenAuth/OpenId/RelyingParty/AuthenticationRequest.cs4
-rw-r--r--src/DotNetOpenAuth/OpenId/RelyingParty/IRelyingPartyBehavior.cs (renamed from src/DotNetOpenAuth/OpenId/RelyingParty/IRelyingPartySecurityProfile.cs)4
-rw-r--r--src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdRelyingParty.cs26
13 files changed, 99 insertions, 107 deletions
diff --git a/src/DotNetOpenAuth/Configuration/OpenIdProviderElement.cs b/src/DotNetOpenAuth/Configuration/OpenIdProviderElement.cs
index 7674536..b51ccfb 100644
--- a/src/DotNetOpenAuth/Configuration/OpenIdProviderElement.cs
+++ b/src/DotNetOpenAuth/Configuration/OpenIdProviderElement.cs
@@ -20,9 +20,9 @@ namespace DotNetOpenAuth.Configuration {
private const string SecuritySettingsConfigName = "security";
/// <summary>
- /// Gets the name of the &lt;securityProfiles&gt; sub-element.
+ /// Gets the name of the &lt;behaviors&gt; sub-element.
/// </summary>
- private const string SecurityProfilesElementName = "securityProfiles";
+ private const string BehaviorsElementName = "behaviors";
/// <summary>
/// The name of the custom store sub-element.
@@ -45,13 +45,13 @@ namespace DotNetOpenAuth.Configuration {
}
/// <summary>
- /// Gets or sets the predefined security profiles to apply.
+ /// Gets or sets the special behaviors to apply.
/// </summary>
- [ConfigurationProperty(SecurityProfilesElementName, IsDefaultCollection = false)]
- [ConfigurationCollection(typeof(TypeConfigurationCollection<IProviderSecurityProfile>))]
- public TypeConfigurationCollection<IProviderSecurityProfile> SecurityProfiles {
- get { return (TypeConfigurationCollection<IProviderSecurityProfile>)this[SecurityProfilesElementName] ?? new TypeConfigurationCollection<IProviderSecurityProfile>(); }
- set { this[SecurityProfilesElementName] = value; }
+ [ConfigurationProperty(BehaviorsElementName, IsDefaultCollection = false)]
+ [ConfigurationCollection(typeof(TypeConfigurationCollection<IProviderBehavior>))]
+ public TypeConfigurationCollection<IProviderBehavior> Behaviors {
+ get { return (TypeConfigurationCollection<IProviderBehavior>)this[BehaviorsElementName] ?? new TypeConfigurationCollection<IProviderBehavior>(); }
+ set { this[BehaviorsElementName] = value; }
}
/// <summary>
diff --git a/src/DotNetOpenAuth/Configuration/OpenIdRelyingPartyElement.cs b/src/DotNetOpenAuth/Configuration/OpenIdRelyingPartyElement.cs
index 7c1162c..cdf4fd3 100644
--- a/src/DotNetOpenAuth/Configuration/OpenIdRelyingPartyElement.cs
+++ b/src/DotNetOpenAuth/Configuration/OpenIdRelyingPartyElement.cs
@@ -25,9 +25,9 @@ namespace DotNetOpenAuth.Configuration {
private const string SecuritySettingsConfigName = "security";
/// <summary>
- /// Gets the name of the &lt;securityProfiles&gt; sub-element.
+ /// Gets the name of the &lt;behaviors&gt; sub-element.
/// </summary>
- private const string SecurityProfilesElementName = "securityProfiles";
+ private const string BehaviorsElementName = "behaviors";
/// <summary>
/// Initializes a new instance of the <see cref="OpenIdRelyingPartyElement"/> class.
@@ -45,13 +45,13 @@ namespace DotNetOpenAuth.Configuration {
}
/// <summary>
- /// Gets or sets the predefined security profiles to apply.
+ /// Gets or sets the special behaviors to apply.
/// </summary>
- [ConfigurationProperty(SecurityProfilesElementName, IsDefaultCollection = false)]
- [ConfigurationCollection(typeof(TypeConfigurationCollection<IRelyingPartySecurityProfile>))]
- public TypeConfigurationCollection<IRelyingPartySecurityProfile> SecurityProfiles {
- get { return (TypeConfigurationCollection<IRelyingPartySecurityProfile>)this[SecurityProfilesElementName] ?? new TypeConfigurationCollection<IRelyingPartySecurityProfile>(); }
- set { this[SecurityProfilesElementName] = value; }
+ [ConfigurationProperty(BehaviorsElementName, IsDefaultCollection = false)]
+ [ConfigurationCollection(typeof(TypeConfigurationCollection<IRelyingPartyBehavior>))]
+ public TypeConfigurationCollection<IRelyingPartyBehavior> Behaviors {
+ get { return (TypeConfigurationCollection<IRelyingPartyBehavior>)this[BehaviorsElementName] ?? new TypeConfigurationCollection<IRelyingPartyBehavior>(); }
+ set { this[BehaviorsElementName] = value; }
}
/// <summary>
diff --git a/src/DotNetOpenAuth/DotNetOpenAuth.csproj b/src/DotNetOpenAuth/DotNetOpenAuth.csproj
index 7af9539..a6f0467 100644
--- a/src/DotNetOpenAuth/DotNetOpenAuth.csproj
+++ b/src/DotNetOpenAuth/DotNetOpenAuth.csproj
@@ -395,7 +395,7 @@
<Compile Include="OpenId\Provider\IdentityEndpointNormalizationEventArgs.cs" />
<Compile Include="OpenId\Provider\IErrorReporting.cs" />
<Compile Include="OpenId\Provider\IProviderApplicationStore.cs" />
- <Compile Include="OpenId\Provider\IProviderSecurityProfile.cs" />
+ <Compile Include="OpenId\Provider\IProviderBehavior.cs" />
<Compile Include="OpenId\Provider\IRequest.cs" />
<Compile Include="OpenId\Provider\ProviderEndpoint.cs" />
<Compile Include="OpenId\Provider\RelyingPartyDiscoveryResult.cs" />
@@ -433,7 +433,7 @@
<Compile Include="OpenId\RelyingParty\AssociationPreference.cs" />
<Compile Include="OpenId\RelyingParty\AuthenticationRequest.cs" />
<Compile Include="OpenId\RelyingParty\AuthenticationRequestMode.cs" />
- <Compile Include="OpenId\RelyingParty\IRelyingPartySecurityProfile.cs" />
+ <Compile Include="OpenId\RelyingParty\IRelyingPartyBehavior.cs" />
<Compile Include="OpenId\RelyingParty\NegativeAuthenticationResponse.cs" />
<Compile Include="OpenId\RelyingParty\OpenIdAjaxTextBox.cs" />
<Compile Include="OpenId\RelyingParty\OpenIdEventArgs.cs" />
@@ -466,12 +466,12 @@
<Compile Include="OpenId\RelyingParty\ServiceEndpoint.cs" />
<Compile Include="OpenId\OpenIdXrdsHelper.cs" />
<Compile Include="OpenId\RelyingParty\StandardRelyingPartyApplicationStore.cs" />
- <Compile Include="OpenId\SecurityProfiles\SecurityProfileStrings.Designer.cs">
+ <Compile Include="OpenId\Behaviors\BehaviorStrings.Designer.cs">
<AutoGen>True</AutoGen>
<DesignTime>True</DesignTime>
- <DependentUpon>SecurityProfileStrings.resx</DependentUpon>
+ <DependentUpon>BehaviorStrings.resx</DependentUpon>
</Compile>
- <Compile Include="OpenId\SecurityProfiles\USGovernmentLevel1.cs" />
+ <Compile Include="OpenId\Behaviors\USGovernmentLevel1.cs" />
<Compile Include="OpenId\SecuritySettings.cs" />
<Compile Include="Messaging\UntrustedWebRequestHandler.cs" />
<Compile Include="OpenId\UriIdentifier.cs" />
@@ -566,9 +566,9 @@
<EmbeddedResource Include="InfoCard\infocard_81x57.png" />
<EmbeddedResource Include="InfoCard\infocard_92x64.png" />
<EmbeddedResource Include="InfoCard\SupportingScript.js" />
- <EmbeddedResource Include="OpenId\SecurityProfiles\SecurityProfileStrings.resx">
+ <EmbeddedResource Include="OpenId\Behaviors\BehaviorStrings.resx">
<Generator>ResXFileCodeGenerator</Generator>
- <LastGenOutput>SecurityProfileStrings.Designer.cs</LastGenOutput>
+ <LastGenOutput>BehaviorStrings.Designer.cs</LastGenOutput>
</EmbeddedResource>
</ItemGroup>
<Import Project="$(MSBuildToolsPath)\Microsoft.CSharp.targets" />
diff --git a/src/DotNetOpenAuth/OpenId/SecurityProfiles/SecurityProfileStrings.Designer.cs b/src/DotNetOpenAuth/OpenId/Behaviors/BehaviorStrings.Designer.cs
index 8ff10c0..937ecaf 100644
--- a/src/DotNetOpenAuth/OpenId/SecurityProfiles/SecurityProfileStrings.Designer.cs
+++ b/src/DotNetOpenAuth/OpenId/Behaviors/BehaviorStrings.Designer.cs
@@ -8,7 +8,7 @@
// </auto-generated>
//------------------------------------------------------------------------------
-namespace DotNetOpenAuth.OpenId.SecurityProfiles {
+namespace DotNetOpenAuth.OpenId.Behaviors {
using System;
@@ -22,14 +22,14 @@ namespace DotNetOpenAuth.OpenId.SecurityProfiles {
[global::System.CodeDom.Compiler.GeneratedCodeAttribute("System.Resources.Tools.StronglyTypedResourceBuilder", "2.0.0.0")]
[global::System.Diagnostics.DebuggerNonUserCodeAttribute()]
[global::System.Runtime.CompilerServices.CompilerGeneratedAttribute()]
- internal class SecurityProfileStrings {
+ internal class BehaviorStrings {
private static global::System.Resources.ResourceManager resourceMan;
private static global::System.Globalization.CultureInfo resourceCulture;
[global::System.Diagnostics.CodeAnalysis.SuppressMessageAttribute("Microsoft.Performance", "CA1811:AvoidUncalledPrivateCode")]
- internal SecurityProfileStrings() {
+ internal BehaviorStrings() {
}
/// <summary>
@@ -39,7 +39,7 @@ namespace DotNetOpenAuth.OpenId.SecurityProfiles {
internal static global::System.Resources.ResourceManager ResourceManager {
get {
if (object.ReferenceEquals(resourceMan, null)) {
- global::System.Resources.ResourceManager temp = new global::System.Resources.ResourceManager("DotNetOpenAuth.OpenId.SecurityProfiles.SecurityProfileStrings", typeof(SecurityProfileStrings).Assembly);
+ global::System.Resources.ResourceManager temp = new global::System.Resources.ResourceManager("DotNetOpenAuth.OpenId.Behaviors.BehaviorStrings", typeof(BehaviorStrings).Assembly);
resourceMan = temp;
}
return resourceMan;
@@ -122,14 +122,5 @@ namespace DotNetOpenAuth.OpenId.SecurityProfiles {
return ResourceManager.GetString("RealmMustBeHttps", resourceCulture);
}
}
-
- /// <summary>
- /// Looks up a localized string similar to The security profile {0} mandates security settings that have been changed to disallowed values..
- /// </summary>
- internal static string SecuritySettingsNotCompliantWithProfile {
- get {
- return ResourceManager.GetString("SecuritySettingsNotCompliantWithProfile", resourceCulture);
- }
- }
}
}
diff --git a/src/DotNetOpenAuth/OpenId/SecurityProfiles/SecurityProfileStrings.resx b/src/DotNetOpenAuth/OpenId/Behaviors/BehaviorStrings.resx
index 04d53d4..a8bf2d6 100644
--- a/src/DotNetOpenAuth/OpenId/SecurityProfiles/SecurityProfileStrings.resx
+++ b/src/DotNetOpenAuth/OpenId/Behaviors/BehaviorStrings.resx
@@ -138,7 +138,4 @@
<data name="RealmMustBeHttps" xml:space="preserve">
<value>The Realm in an authentication request must be an HTTPS URL.</value>
</data>
- <data name="SecuritySettingsNotCompliantWithProfile" xml:space="preserve">
- <value>The security profile {0} mandates security settings that have been changed to disallowed values.</value>
- </data>
</root> \ No newline at end of file
diff --git a/src/DotNetOpenAuth/OpenId/SecurityProfiles/USGovernmentLevel1.cs b/src/DotNetOpenAuth/OpenId/Behaviors/USGovernmentLevel1.cs
index 2e5dd18..9b160ac 100644
--- a/src/DotNetOpenAuth/OpenId/SecurityProfiles/USGovernmentLevel1.cs
+++ b/src/DotNetOpenAuth/OpenId/Behaviors/USGovernmentLevel1.cs
@@ -4,7 +4,7 @@
// </copyright>
//-----------------------------------------------------------------------
-namespace DotNetOpenAuth.OpenId.SecurityProfiles {
+namespace DotNetOpenAuth.OpenId.Behaviors {
using System;
using System.Diagnostics.Contracts;
using System.Linq;
@@ -23,7 +23,8 @@ namespace DotNetOpenAuth.OpenId.SecurityProfiles {
/// but Providers are only affected by the special behaviors of the profile when the RP specifically
/// indicates that they want to use this profile. </para>
/// </remarks>
- public sealed class USGovernmentLevel1 : IRelyingPartySecurityProfile, IProviderSecurityProfile {
+ [Serializable]
+ public sealed class USGovernmentLevel1 : IRelyingPartyBehavior, IProviderBehavior {
/// <summary>
/// The maximum time a shared association can live.
/// </summary>
@@ -33,6 +34,9 @@ namespace DotNetOpenAuth.OpenId.SecurityProfiles {
/// Initializes a new instance of the <see cref="USGovernmentLevel1"/> class.
/// </summary>
public USGovernmentLevel1() {
+ if (DisableSslRequirement) {
+ Logger.OpenId.Warn("GSA level 1 behavior has its RequireSsl requirement disabled.");
+ }
}
/// <summary>
@@ -51,7 +55,7 @@ namespace DotNetOpenAuth.OpenId.SecurityProfiles {
/// </summary>
public static bool DisableSslRequirement { get; set; }
- #region IRelyingPartySecurityProfile Members
+ #region IRelyingPartyBehavior Members
/// <summary>
/// Applies a well known set of security requirements.
@@ -62,7 +66,7 @@ namespace DotNetOpenAuth.OpenId.SecurityProfiles {
/// Profiles should only enhance security requirements to avoid being
/// incompatible with each other.
/// </remarks>
- void IRelyingPartySecurityProfile.ApplySecuritySettings(RelyingPartySecuritySettings securitySettings) {
+ void IRelyingPartyBehavior.ApplySecuritySettings(RelyingPartySecuritySettings securitySettings) {
ErrorUtilities.VerifyArgumentNotNull(securitySettings, "securitySettings");
if (securitySettings.MaximumHashBitLength < 256) {
@@ -81,11 +85,11 @@ namespace DotNetOpenAuth.OpenId.SecurityProfiles {
/// Called when an authentication request is about to be sent.
/// </summary>
/// <param name="request">The request.</param>
- void IRelyingPartySecurityProfile.OnOutgoingAuthenticationRequest(RelyingParty.IAuthenticationRequest request) {
+ void IRelyingPartyBehavior.OnOutgoingAuthenticationRequest(RelyingParty.IAuthenticationRequest request) {
ErrorUtilities.VerifyArgumentNotNull(request, "request");
RelyingParty.AuthenticationRequest requestInternal = (RelyingParty.AuthenticationRequest)request;
- ErrorUtilities.VerifyProtocol(string.Equals(request.Realm.Scheme, Uri.UriSchemeHttps, StringComparison.Ordinal) || DisableSslRequirement, SecurityProfileStrings.RealmMustBeHttps);
+ ErrorUtilities.VerifyProtocol(string.Equals(request.Realm.Scheme, Uri.UriSchemeHttps, StringComparison.Ordinal) || DisableSslRequirement, BehaviorStrings.RealmMustBeHttps);
var pape = requestInternal.AppliedExtensions.OfType<PolicyRequest>().SingleOrDefault();
if (pape == null) {
@@ -108,7 +112,7 @@ namespace DotNetOpenAuth.OpenId.SecurityProfiles {
ErrorUtilities.VerifyProtocol(
(!requestInternal.AppliedExtensions.OfType<ClaimsRequest>().Any() &&
!requestInternal.AppliedExtensions.OfType<FetchRequest>().Any()),
- SecurityProfileStrings.PiiIncludedWithNoPiiPolicy);
+ BehaviorStrings.PiiIncludedWithNoPiiPolicy);
}
}
@@ -116,7 +120,7 @@ namespace DotNetOpenAuth.OpenId.SecurityProfiles {
/// Called when an incoming positive assertion is received.
/// </summary>
/// <param name="assertion">The positive assertion.</param>
- void IRelyingPartySecurityProfile.OnIncomingPositiveAssertion(IAuthenticationResponse assertion) {
+ void IRelyingPartyBehavior.OnIncomingPositiveAssertion(IAuthenticationResponse assertion) {
ErrorUtilities.VerifyArgumentNotNull(assertion, "assertion");
PolicyResponse pape = assertion.GetExtension<PolicyResponse>();
@@ -124,36 +128,36 @@ namespace DotNetOpenAuth.OpenId.SecurityProfiles {
pape != null &&
pape.ActualPolicies.Contains(AuthenticationPolicies.USGovernmentTrustLevel1) &&
pape.ActualPolicies.Contains(AuthenticationPolicies.PrivatePersonalIdentifier),
- SecurityProfileStrings.PapeResponseOrRequiredPoliciesMissing);
+ BehaviorStrings.PapeResponseOrRequiredPoliciesMissing);
- ErrorUtilities.VerifyProtocol(AllowPersonallyIdentifiableInformation || pape.ActualPolicies.Contains(AuthenticationPolicies.NoPersonallyIdentifiableInformation), SecurityProfileStrings.PapeResponseOrRequiredPoliciesMissing);
+ ErrorUtilities.VerifyProtocol(AllowPersonallyIdentifiableInformation || pape.ActualPolicies.Contains(AuthenticationPolicies.NoPersonallyIdentifiableInformation), BehaviorStrings.PapeResponseOrRequiredPoliciesMissing);
if (pape.ActualPolicies.Contains(AuthenticationPolicies.NoPersonallyIdentifiableInformation)) {
ErrorUtilities.VerifyProtocol(
assertion.GetExtension<ClaimsResponse>() == null &&
assertion.GetExtension<FetchResponse>() == null,
- SecurityProfileStrings.PiiIncludedWithNoPiiPolicy);
+ BehaviorStrings.PiiIncludedWithNoPiiPolicy);
}
}
#endregion
- #region IProviderSecurityProfile Members
+ #region IProviderBehavior Members
/// <summary>
/// Called when a request is received by the Provider.
/// </summary>
/// <param name="request">The incoming request.</param>
/// <returns>
- /// <c>true</c> if this security profile owns this request and wants to stop other security profiles
- /// from handling it; <c>false</c> to allow other security profiles to process this request.
+ /// <c>true</c> if this behavior owns this request and wants to stop other behaviors
+ /// from handling it; <c>false</c> to allow other behaviors to process this request.
/// </returns>
/// <remarks>
/// Implementations may set a new value to <see cref="IRequest.SecuritySettings"/> but
/// should not change the properties on the instance of <see cref="ProviderSecuritySettings"/>
/// itself as that instance may be shared across many requests.
/// </remarks>
- bool IProviderSecurityProfile.OnIncomingRequest(IRequest request) {
+ bool IProviderBehavior.OnIncomingRequest(IRequest request) {
ErrorUtilities.VerifyArgumentNotNull(request, "request");
var hostProcessedRequest = request as IHostProcessedRequest;
@@ -163,8 +167,8 @@ namespace DotNetOpenAuth.OpenId.SecurityProfiles {
if (papeRequest != null) {
if (papeRequest.PreferredPolicies.Contains(AuthenticationPolicies.USGovernmentTrustLevel1)) {
// Whenever we see this GSA policy requested, we MUST also see the PPID policy requested.
- ErrorUtilities.VerifyProtocol(papeRequest.PreferredPolicies.Contains(AuthenticationPolicies.PrivatePersonalIdentifier), SecurityProfileStrings.PapeRequestMissingRequiredPolicies);
- ErrorUtilities.VerifyProtocol(string.Equals(hostProcessedRequest.Realm.Scheme, Uri.UriSchemeHttps, StringComparison.Ordinal) || DisableSslRequirement, SecurityProfileStrings.RealmMustBeHttps);
+ ErrorUtilities.VerifyProtocol(papeRequest.PreferredPolicies.Contains(AuthenticationPolicies.PrivatePersonalIdentifier), BehaviorStrings.PapeRequestMissingRequiredPolicies);
+ ErrorUtilities.VerifyProtocol(string.Equals(hostProcessedRequest.Realm.Scheme, Uri.UriSchemeHttps, StringComparison.Ordinal) || DisableSslRequirement, BehaviorStrings.RealmMustBeHttps);
request.SecuritySettings = GetProviderSecuritySettings(request.SecuritySettings);
return true;
@@ -180,10 +184,10 @@ namespace DotNetOpenAuth.OpenId.SecurityProfiles {
/// </summary>
/// <param name="request">The request that is configured to generate the outgoing response.</param>
/// <returns>
- /// <c>true</c> if this security profile owns this request and wants to stop other security profiles
- /// from handling it; <c>false</c> to allow other security profiles to process this request.
+ /// <c>true</c> if this behavior owns this request and wants to stop other behaviors
+ /// from handling it; <c>false</c> to allow other behaviors to process this request.
/// </returns>
- bool IProviderSecurityProfile.OnOutgoingResponse(Provider.IAuthenticationRequest request) {
+ bool IProviderBehavior.OnOutgoingResponse(Provider.IAuthenticationRequest request) {
ErrorUtilities.VerifyArgumentNotNull(request, "request");
bool result = false;
@@ -214,14 +218,14 @@ namespace DotNetOpenAuth.OpenId.SecurityProfiles {
// warn the user of a potential threat or just abort the authentication.
// We can't verify that the OP displayed anything to the user at this level, but we can
// at least verify that the OP performed the discovery on the realm and halt things if it didn't.
- ErrorUtilities.VerifyHost(requestInternal.HasRealmDiscoveryBeenPerformed, SecurityProfileStrings.RealmDiscoveryNotPerformed);
+ ErrorUtilities.VerifyHost(requestInternal.HasRealmDiscoveryBeenPerformed, BehaviorStrings.RealmDiscoveryNotPerformed);
}
if (papeRequest.PreferredPolicies.Contains(AuthenticationPolicies.PrivatePersonalIdentifier)) {
ErrorUtilities.VerifyProtocol(request.ClaimedIdentifier == request.LocalIdentifier, OpenIdStrings.DelegatingIdentifiersNotAllowed);
// Mask the user's identity with a PPID.
- ErrorUtilities.VerifyHost(PpidIdentifierProvider != null, SecurityProfileStrings.PpidProviderNotGiven);
+ ErrorUtilities.VerifyHost(PpidIdentifierProvider != null, BehaviorStrings.PpidProviderNotGiven);
Identifier ppidIdentifier = PpidIdentifierProvider.GetIdentifier(request.LocalIdentifier, request.Realm);
requestInternal.ResetClaimedAndLocalIdentifiers(ppidIdentifier);
@@ -235,7 +239,7 @@ namespace DotNetOpenAuth.OpenId.SecurityProfiles {
ErrorUtilities.VerifyProtocol(
!responseMessage.Extensions.OfType<ClaimsResponse>().Any() &&
!responseMessage.Extensions.OfType<FetchResponse>().Any(),
- SecurityProfileStrings.PiiIncludedWithNoPiiPolicy);
+ BehaviorStrings.PiiIncludedWithNoPiiPolicy);
// If no PII is given in extensions, and the claimed_id is a PPID, then we can state we issue no PII.
if (papeResponse.ActualPolicies.Contains(AuthenticationPolicies.PrivatePersonalIdentifier)) {
@@ -252,7 +256,7 @@ namespace DotNetOpenAuth.OpenId.SecurityProfiles {
#endregion
/// <summary>
- /// Adapts the default security settings to the requirements of this security profile.
+ /// Adapts the default security settings to the requirements of this behavior.
/// </summary>
/// <param name="originalSecuritySettings">The original security settings.</param>
/// <returns>A new security settings instance that should be used for all qualifying incoming requests.</returns>
@@ -277,8 +281,8 @@ namespace DotNetOpenAuth.OpenId.SecurityProfiles {
/// <param name="maximumLifetime">The maximum lifetime.</param>
/// <param name="securitySettings">The security settings to adjust.</param>
private static void SetMaximumAssociationLifetimeToNotExceed(string associationType, TimeSpan maximumLifetime, ProviderSecuritySettings securitySettings) {
- Contract.RequiresAlways(!String.IsNullOrEmpty(associationType));
- Contract.RequiresAlways(maximumLifetime.TotalSeconds > 0);
+ Contract.Requires(!String.IsNullOrEmpty(associationType));
+ Contract.Requires(maximumLifetime.TotalSeconds > 0);
if (!securitySettings.AssociationLifetimes.ContainsKey(associationType) ||
securitySettings.AssociationLifetimes[associationType] > maximumLifetime) {
securitySettings.AssociationLifetimes[associationType] = maximumLifetime;
diff --git a/src/DotNetOpenAuth/OpenId/Provider/AuthenticationRequest.cs b/src/DotNetOpenAuth/OpenId/Provider/AuthenticationRequest.cs
index a2db09f..56e73da 100644
--- a/src/DotNetOpenAuth/OpenId/Provider/AuthenticationRequest.cs
+++ b/src/DotNetOpenAuth/OpenId/Provider/AuthenticationRequest.cs
@@ -205,7 +205,7 @@ namespace DotNetOpenAuth.OpenId.Provider {
/// </summary>
/// <param name="identifier">The value to set to the <see cref="ClaimedIdentifier"/> and <see cref="LocalIdentifier"/> properties.</param>
internal void ResetClaimedAndLocalIdentifiers(Identifier identifier) {
- Contract.RequiresAlways(identifier != null);
+ Contract.Requires(identifier != null);
ErrorUtilities.VerifyArgumentNotNull(identifier, "identifier");
this.positiveResponse.ClaimedIdentifier = identifier;
diff --git a/src/DotNetOpenAuth/OpenId/Provider/HostProcessedRequest.cs b/src/DotNetOpenAuth/OpenId/Provider/HostProcessedRequest.cs
index e772b77..4bb7d28 100644
--- a/src/DotNetOpenAuth/OpenId/Provider/HostProcessedRequest.cs
+++ b/src/DotNetOpenAuth/OpenId/Provider/HostProcessedRequest.cs
@@ -105,7 +105,7 @@ namespace DotNetOpenAuth.OpenId.Provider {
/// See OpenID Authentication 2.0 spec section 9.2.1.
/// </remarks>
public RelyingPartyDiscoveryResult IsReturnUrlDiscoverable(OpenIdProvider provider) {
- Contract.RequiresAlways(provider != null);
+ Contract.Requires(provider != null);
ErrorUtilities.VerifyArgumentNotNull(provider, "provider");
if (!this.realmDiscoveryResult.HasValue) {
diff --git a/src/DotNetOpenAuth/OpenId/Provider/IProviderSecurityProfile.cs b/src/DotNetOpenAuth/OpenId/Provider/IProviderBehavior.cs
index 19217be..7159c02 100644
--- a/src/DotNetOpenAuth/OpenId/Provider/IProviderSecurityProfile.cs
+++ b/src/DotNetOpenAuth/OpenId/Provider/IProviderBehavior.cs
@@ -1,5 +1,5 @@
//-----------------------------------------------------------------------
-// <copyright file="IProviderSecurityProfile.cs" company="Andrew Arnott">
+// <copyright file="IProviderBehavior.cs" company="Andrew Arnott">
// Copyright (c) Andrew Arnott. All rights reserved.
// </copyright>
//-----------------------------------------------------------------------
@@ -14,14 +14,14 @@ namespace DotNetOpenAuth.OpenId.Provider {
/// BEFORE MARKING THIS INTERFACE PUBLIC: it's very important that we shift the methods to be channel-level
/// rather than facade class level and for the OpenIdChannel to be the one to invoke these methods.
/// </remarks>
- internal interface IProviderSecurityProfile {
+ internal interface IProviderBehavior {
/// <summary>
/// Called when a request is received by the Provider.
/// </summary>
/// <param name="request">The incoming request.</param>
/// <returns>
- /// <c>true</c> if this security profile owns this request and wants to stop other security profiles
- /// from handling it; <c>false</c> to allow other security profiles to process this request.
+ /// <c>true</c> if this behavior owns this request and wants to stop other behaviors
+ /// from handling it; <c>false</c> to allow other behaviors to process this request.
/// </returns>
/// <remarks>
/// Implementations may set a new value to <see cref="IRequest.SecuritySettings"/> but
@@ -35,8 +35,8 @@ namespace DotNetOpenAuth.OpenId.Provider {
/// </summary>
/// <param name="request">The request that is configured to generate the outgoing response.</param>
/// <returns>
- /// <c>true</c> if this security profile owns this request and wants to stop other security profiles
- /// from handling it; <c>false</c> to allow other security profiles to process this request.
+ /// <c>true</c> if this behavior owns this request and wants to stop other behaviors
+ /// from handling it; <c>false</c> to allow other behaviors to process this request.
/// </returns>
bool OnOutgoingResponse(IAuthenticationRequest request);
}
diff --git a/src/DotNetOpenAuth/OpenId/Provider/OpenIdProvider.cs b/src/DotNetOpenAuth/OpenId/Provider/OpenIdProvider.cs
index 2e769f3..58b6887 100644
--- a/src/DotNetOpenAuth/OpenId/Provider/OpenIdProvider.cs
+++ b/src/DotNetOpenAuth/OpenId/Provider/OpenIdProvider.cs
@@ -32,9 +32,9 @@ namespace DotNetOpenAuth.OpenId.Provider {
private const string ApplicationStoreKey = "DotNetOpenAuth.OpenId.Provider.OpenIdProvider.ApplicationStore";
/// <summary>
- /// Backing store for the <see cref="SecurityProfiles"/> property.
+ /// Backing store for the <see cref="Behaviors"/> property.
/// </summary>
- private readonly Collection<IProviderSecurityProfile> securityProfiles = new Collection<IProviderSecurityProfile>();
+ private readonly Collection<IProviderBehavior> behaviors = new Collection<IProviderBehavior>();
/// <summary>
/// Backing field for the <see cref="SecuritySettings"/> property.
@@ -79,8 +79,8 @@ namespace DotNetOpenAuth.OpenId.Provider {
this.AssociationStore = associationStore;
this.SecuritySettings = DotNetOpenAuthSection.Configuration.OpenId.Provider.SecuritySettings.CreateSecuritySettings();
- foreach (var securityProfile in DotNetOpenAuthSection.Configuration.OpenId.Provider.SecurityProfiles.CreateInstances(false)) {
- this.securityProfiles.Add(securityProfile);
+ foreach (var behavior in DotNetOpenAuthSection.Configuration.OpenId.Provider.Behaviors.CreateInstances(false)) {
+ this.behaviors.Add(behavior);
}
this.Channel = new OpenIdChannel(this.AssociationStore, nonceStore, this.SecuritySettings);
@@ -148,10 +148,10 @@ namespace DotNetOpenAuth.OpenId.Provider {
public IErrorReporting ErrorReporting { get; set; }
/// <summary>
- /// Gets a list of custom security profiles to apply to OpenID actions.
+ /// Gets a list of custom behaviors to apply to OpenID actions.
/// </summary>
- internal ICollection<IProviderSecurityProfile> SecurityProfiles {
- get { return this.securityProfiles; }
+ internal ICollection<IProviderBehavior> Behaviors {
+ get { return this.behaviors; }
}
/// <summary>
@@ -245,9 +245,9 @@ namespace DotNetOpenAuth.OpenId.Provider {
}
if (result != null) {
- foreach (var profile in this.SecurityProfiles) {
- if (profile.OnIncomingRequest(result)) {
- // This security profile matched this request.
+ foreach (var behavior in this.Behaviors) {
+ if (behavior.OnIncomingRequest(result)) {
+ // This behavior matched this request.
break;
}
}
@@ -284,7 +284,7 @@ namespace DotNetOpenAuth.OpenId.Provider {
Contract.Requires(((Request)request).IsResponseReady);
ErrorUtilities.VerifyArgumentNotNull(request, "request");
- this.ApplySecurityProfilesToResponse(request);
+ this.ApplyBehaviorsToResponse(request);
Request requestInternal = (Request)request;
this.Channel.Send(requestInternal.Response);
}
@@ -301,7 +301,7 @@ namespace DotNetOpenAuth.OpenId.Provider {
Contract.Requires(((Request)request).IsResponseReady);
ErrorUtilities.VerifyArgumentNotNull(request, "request");
- this.ApplySecurityProfilesToResponse(request);
+ this.ApplyBehaviorsToResponse(request);
Request requestInternal = (Request)request;
return this.Channel.PrepareResponse(requestInternal.Response);
}
@@ -429,15 +429,15 @@ namespace DotNetOpenAuth.OpenId.Provider {
#endregion
/// <summary>
- /// Applies all security profiles to the response message.
+ /// Applies all behaviors to the response message.
/// </summary>
/// <param name="request">The request.</param>
- private void ApplySecurityProfilesToResponse(IRequest request) {
+ private void ApplyBehaviorsToResponse(IRequest request) {
var authRequest = request as IAuthenticationRequest;
if (authRequest != null) {
- foreach (var profile in this.SecurityProfiles) {
- if (profile.OnOutgoingResponse(authRequest)) {
- // This security profile matched this request.
+ foreach (var behavior in this.Behaviors) {
+ if (behavior.OnOutgoingResponse(authRequest)) {
+ // This behavior matched this request.
break;
}
}
diff --git a/src/DotNetOpenAuth/OpenId/RelyingParty/AuthenticationRequest.cs b/src/DotNetOpenAuth/OpenId/RelyingParty/AuthenticationRequest.cs
index 83decb8..19db0fa 100644
--- a/src/DotNetOpenAuth/OpenId/RelyingParty/AuthenticationRequest.cs
+++ b/src/DotNetOpenAuth/OpenId/RelyingParty/AuthenticationRequest.cs
@@ -90,8 +90,8 @@ namespace DotNetOpenAuth.OpenId.RelyingParty {
/// <value></value>
public OutgoingWebResponse RedirectingResponse {
get {
- foreach (var profile in this.RelyingParty.SecurityProfiles) {
- profile.OnOutgoingAuthenticationRequest(this);
+ foreach (var behavior in this.RelyingParty.Behaviors) {
+ behavior.OnOutgoingAuthenticationRequest(this);
}
return this.RelyingParty.Channel.PrepareResponse(this.CreateRequestMessage());
diff --git a/src/DotNetOpenAuth/OpenId/RelyingParty/IRelyingPartySecurityProfile.cs b/src/DotNetOpenAuth/OpenId/RelyingParty/IRelyingPartyBehavior.cs
index 8d3848d..e7c38db 100644
--- a/src/DotNetOpenAuth/OpenId/RelyingParty/IRelyingPartySecurityProfile.cs
+++ b/src/DotNetOpenAuth/OpenId/RelyingParty/IRelyingPartyBehavior.cs
@@ -1,5 +1,5 @@
//-----------------------------------------------------------------------
-// <copyright file="IRelyingPartySecurityProfile.cs" company="Andrew Arnott">
+// <copyright file="IRelyingPartyBehavior.cs" company="Andrew Arnott">
// Copyright (c) Andrew Arnott. All rights reserved.
// </copyright>
//-----------------------------------------------------------------------
@@ -12,7 +12,7 @@ namespace DotNetOpenAuth.OpenId.RelyingParty {
/// BEFORE MARKING THIS INTERFACE PUBLIC: it's very important that we shift the methods to be channel-level
/// rather than facade class level and for the OpenIdChannel to be the one to invoke these methods.
/// </remarks>
- internal interface IRelyingPartySecurityProfile {
+ internal interface IRelyingPartyBehavior {
/// <summary>
/// Applies a well known set of security requirements to a default set of security settings.
/// </summary>
diff --git a/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdRelyingParty.cs b/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdRelyingParty.cs
index 932e647..6d72fea 100644
--- a/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdRelyingParty.cs
+++ b/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdRelyingParty.cs
@@ -44,9 +44,9 @@ namespace DotNetOpenAuth.OpenId.RelyingParty {
private const string ApplicationStoreKey = "DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty.ApplicationStore";
/// <summary>
- /// Backing store for the <see cref="SecurityProfiles"/> property.
+ /// Backing store for the <see cref="Behaviors"/> property.
/// </summary>
- private readonly ObservableCollection<IRelyingPartySecurityProfile> securityProfiles = new ObservableCollection<IRelyingPartySecurityProfile>();
+ private readonly ObservableCollection<IRelyingPartyBehavior> behaviors = new ObservableCollection<IRelyingPartyBehavior>();
/// <summary>
/// Backing field for the <see cref="SecuritySettings"/> property.
@@ -91,9 +91,9 @@ namespace DotNetOpenAuth.OpenId.RelyingParty {
ErrorUtilities.VerifyArgument(associationStore == null || nonceStore != null, OpenIdStrings.AssociationStoreRequiresNonceStore);
this.securitySettings = DotNetOpenAuthSection.Configuration.OpenId.RelyingParty.SecuritySettings.CreateSecuritySettings();
- this.securityProfiles.CollectionChanged += this.OnSecurityProfilesChanged;
- foreach (var securityProfile in DotNetOpenAuthSection.Configuration.OpenId.RelyingParty.SecurityProfiles.CreateInstances(false)) {
- this.securityProfiles.Add(securityProfile);
+ this.behaviors.CollectionChanged += this.OnBehaviorsChanged;
+ foreach (var behavior in DotNetOpenAuthSection.Configuration.OpenId.RelyingParty.Behaviors.CreateInstances(false)) {
+ this.behaviors.Add(behavior);
}
// Without a nonce store, we must rely on the Provider to protect against
@@ -220,10 +220,10 @@ namespace DotNetOpenAuth.OpenId.RelyingParty {
}
/// <summary>
- /// Gets a list of custom security profiles to apply to OpenID actions.
+ /// Gets a list of custom behaviors to apply to OpenID actions.
/// </summary>
- internal ICollection<IRelyingPartySecurityProfile> SecurityProfiles {
- get { return this.securityProfiles; }
+ internal ICollection<IRelyingPartyBehavior> Behaviors {
+ get { return this.behaviors; }
}
/// <summary>
@@ -492,8 +492,8 @@ namespace DotNetOpenAuth.OpenId.RelyingParty {
IndirectSignedResponse positiveExtensionOnly;
if ((positiveAssertion = message as PositiveAssertionResponse) != null) {
var response = new PositiveAuthenticationResponse(positiveAssertion, this);
- foreach (var profile in this.SecurityProfiles) {
- profile.OnIncomingPositiveAssertion(response);
+ foreach (var behavior in this.Behaviors) {
+ behavior.OnIncomingPositiveAssertion(response);
}
return response;
@@ -579,12 +579,12 @@ namespace DotNetOpenAuth.OpenId.RelyingParty {
}
/// <summary>
- /// Called by derived classes when security profiles are added or removed.
+ /// Called by derived classes when behaviors are added or removed.
/// </summary>
/// <param name="sender">The collection being modified.</param>
/// <param name="e">The <see cref="System.Collections.Specialized.NotifyCollectionChangedEventArgs"/> instance containing the event data.</param>
- private void OnSecurityProfilesChanged(object sender, NotifyCollectionChangedEventArgs e) {
- foreach (IRelyingPartySecurityProfile profile in e.NewItems) {
+ private void OnBehaviorsChanged(object sender, NotifyCollectionChangedEventArgs e) {
+ foreach (IRelyingPartyBehavior profile in e.NewItems) {
profile.ApplySecuritySettings(this.SecuritySettings);
}
}