diff options
Diffstat (limited to 'src')
24 files changed, 80 insertions, 176 deletions
diff --git a/src/DotNetOpenAuth.Core/DotNetOpenAuth.Core.csproj b/src/DotNetOpenAuth.Core/DotNetOpenAuth.Core.csproj index 6148241..357b49a 100644 --- a/src/DotNetOpenAuth.Core/DotNetOpenAuth.Core.csproj +++ b/src/DotNetOpenAuth.Core/DotNetOpenAuth.Core.csproj @@ -29,8 +29,10 @@ <Compile Include="Messaging\Bindings\CryptoKeyCollisionException.cs" /> <Compile Include="Messaging\Bindings\HardCodedKeyCryptoKeyStore.cs" /> <Compile Include="Messaging\Bindings\ICryptoKeyStore.cs" /> + <Compile Include="Messaging\Bindings\ICryptoKeyAndNonceStore.cs" /> <Compile Include="Messaging\Bindings\MemoryCryptoKeyStore.cs" /> <Compile Include="Messaging\BinaryDataBagFormatter.cs" /> + <Compile Include="Messaging\Bindings\MemoryCryptoKeyAndNonceStore.cs" /> <Compile Include="Messaging\HttpResponseMessageWithOriginal.cs" /> <Compile Include="Messaging\MessageProtectionTasks.cs" /> <Compile Include="Messaging\MultipartContentMember.cs" /> @@ -71,7 +73,7 @@ <Compile Include="Messaging\TimestampEncoder.cs" /> <Compile Include="Messaging\IMessageWithBinaryData.cs" /> <Compile Include="Messaging\ChannelEventArgs.cs" /> - <Compile Include="Messaging\Bindings\NonceMemoryStore.cs" /> + <Compile Include="Messaging\Bindings\MemoryNonceStore.cs" /> <Compile Include="Messaging\Bindings\INonceStore.cs" /> <Compile Include="Messaging\Bindings\StandardReplayProtectionBindingElement.cs" /> <Compile Include="Messaging\MessagePartAttribute.cs" /> diff --git a/src/DotNetOpenAuth.OpenId/OpenId/IOpenIdApplicationStore.cs b/src/DotNetOpenAuth.Core/Messaging/Bindings/ICryptoKeyAndNonceStore.cs index b60f2b8..aa03504 100644 --- a/src/DotNetOpenAuth.OpenId/OpenId/IOpenIdApplicationStore.cs +++ b/src/DotNetOpenAuth.Core/Messaging/Bindings/ICryptoKeyAndNonceStore.cs @@ -1,16 +1,14 @@ //----------------------------------------------------------------------- -// <copyright file="IOpenIdApplicationStore.cs" company="Outercurve Foundation"> +// <copyright file="ICryptoKeyAndNonceStore.cs" company="Outercurve Foundation"> // Copyright (c) Outercurve Foundation. All rights reserved. // </copyright> //----------------------------------------------------------------------- -namespace DotNetOpenAuth.OpenId { - using DotNetOpenAuth.Messaging.Bindings; - +namespace DotNetOpenAuth.Messaging.Bindings { /// <summary> /// A hybrid of the store interfaces that an OpenID Provider must implement, and /// an OpenID Relying Party may implement to operate in stateful (smart) mode. /// </summary> - public interface IOpenIdApplicationStore : ICryptoKeyStore, INonceStore { + public interface ICryptoKeyAndNonceStore : ICryptoKeyStore, INonceStore { } } diff --git a/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/StandardProviderApplicationStore.cs b/src/DotNetOpenAuth.Core/Messaging/Bindings/MemoryCryptoKeyAndNonceStore.cs index 9bb94ea..1484ec7 100644 --- a/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/StandardProviderApplicationStore.cs +++ b/src/DotNetOpenAuth.Core/Messaging/Bindings/MemoryCryptoKeyAndNonceStore.cs @@ -1,10 +1,10 @@ //----------------------------------------------------------------------- -// <copyright file="StandardProviderApplicationStore.cs" company="Outercurve Foundation"> +// <copyright file="MemoryCryptoKeyAndNonceStore.cs" company="Outercurve Foundation"> // Copyright (c) Outercurve Foundation. All rights reserved. // </copyright> //----------------------------------------------------------------------- -namespace DotNetOpenAuth.OpenId.Provider { +namespace DotNetOpenAuth.Messaging.Bindings { using System; using System.Collections.Generic; using DotNetOpenAuth.Configuration; @@ -19,10 +19,10 @@ namespace DotNetOpenAuth.OpenId.Provider { /// out of the box on most single-server web sites. It is highly recommended /// that high traffic web sites consider using a database to store the information /// used by an OpenID Provider and write a custom implementation of the - /// <see cref="IOpenIdApplicationStore"/> interface to use instead of this + /// <see cref="ICryptoKeyAndNonceStore"/> interface to use instead of this /// class. /// </remarks> - public class StandardProviderApplicationStore : IOpenIdApplicationStore { + public class MemoryCryptoKeyAndNonceStore : ICryptoKeyAndNonceStore { /// <summary> /// The nonce store to use. /// </summary> @@ -34,10 +34,19 @@ namespace DotNetOpenAuth.OpenId.Provider { private readonly ICryptoKeyStore cryptoKeyStore; /// <summary> - /// Initializes a new instance of the <see cref="StandardProviderApplicationStore"/> class. + /// Initializes a new instance of the <see cref="MemoryCryptoKeyAndNonceStore" /> class + /// with a default max nonce lifetime of 5 minutes. /// </summary> - public StandardProviderApplicationStore() { - this.nonceStore = new NonceMemoryStore(OpenIdElement.Configuration.MaxAuthenticationTime); + public MemoryCryptoKeyAndNonceStore() + : this(TimeSpan.FromMinutes(5)) { + } + + /// <summary> + /// Initializes a new instance of the <see cref="MemoryCryptoKeyAndNonceStore"/> class. + /// </summary> + /// <param name="maximumMessageAge">The maximum time to live of a message that might carry a nonce.</param> + public MemoryCryptoKeyAndNonceStore(TimeSpan maximumMessageAge) { + this.nonceStore = new MemoryNonceStore(maximumMessageAge); this.cryptoKeyStore = new MemoryCryptoKeyStore(); } diff --git a/src/DotNetOpenAuth.Core/Messaging/Bindings/NonceMemoryStore.cs b/src/DotNetOpenAuth.Core/Messaging/Bindings/MemoryNonceStore.cs index d069d66..f1d1d3e 100644 --- a/src/DotNetOpenAuth.Core/Messaging/Bindings/NonceMemoryStore.cs +++ b/src/DotNetOpenAuth.Core/Messaging/Bindings/MemoryNonceStore.cs @@ -1,5 +1,5 @@ //----------------------------------------------------------------------- -// <copyright file="NonceMemoryStore.cs" company="Outercurve Foundation"> +// <copyright file="MemoryNonceStore.cs" company="Outercurve Foundation"> // Copyright (c) Outercurve Foundation. All rights reserved. // </copyright> //----------------------------------------------------------------------- @@ -8,14 +8,12 @@ namespace DotNetOpenAuth.Messaging.Bindings { using System; using System.Collections.Generic; using System.Linq; - using System.Text; - using DotNetOpenAuth.Messaging.Bindings; /// <summary> /// An in-memory nonce store. Useful for single-server web applications. /// NOT for web farms. /// </summary> - internal class NonceMemoryStore : INonceStore { + internal class MemoryNonceStore : INonceStore { /// <summary> /// How frequently we should take time to clear out old nonces. /// </summary> @@ -45,17 +43,17 @@ namespace DotNetOpenAuth.Messaging.Bindings { private int nonceClearingCounter; /// <summary> - /// Initializes a new instance of the <see cref="NonceMemoryStore"/> class. + /// Initializes a new instance of the <see cref="MemoryNonceStore"/> class. /// </summary> - internal NonceMemoryStore() + internal MemoryNonceStore() : this(StandardExpirationBindingElement.MaximumMessageAge) { } /// <summary> - /// Initializes a new instance of the <see cref="NonceMemoryStore"/> class. + /// Initializes a new instance of the <see cref="MemoryNonceStore"/> class. /// </summary> /// <param name="maximumMessageAge">The maximum age a message can be before it is discarded.</param> - internal NonceMemoryStore(TimeSpan maximumMessageAge) { + internal MemoryNonceStore(TimeSpan maximumMessageAge) { this.maximumMessageAge = maximumMessageAge; } diff --git a/src/DotNetOpenAuth.OAuth.ServiceProvider/OAuth/ServiceProvider.cs b/src/DotNetOpenAuth.OAuth.ServiceProvider/OAuth/ServiceProvider.cs index b163d0d..b1deb74 100644 --- a/src/DotNetOpenAuth.OAuth.ServiceProvider/OAuth/ServiceProvider.cs +++ b/src/DotNetOpenAuth.OAuth.ServiceProvider/OAuth/ServiceProvider.cs @@ -37,7 +37,7 @@ namespace DotNetOpenAuth.OAuth { public class ServiceProvider : IDisposable { /// <summary> /// The name of the key to use in the HttpApplication cache to store the - /// instance of <see cref="NonceMemoryStore"/> to use. + /// instance of <see cref="MemoryNonceStore"/> to use. /// </summary> private const string ApplicationStoreKey = "DotNetOpenAuth.OAuth.ServiceProvider.HttpApplicationStore"; @@ -165,7 +165,7 @@ namespace DotNetOpenAuth.OAuth { context.Application.Lock(); try { if ((store = (INonceStore)context.Application[ApplicationStoreKey]) == null) { - context.Application[ApplicationStoreKey] = store = new NonceMemoryStore(StandardExpirationBindingElement.MaximumMessageAge); + context.Application[ApplicationStoreKey] = store = new MemoryNonceStore(StandardExpirationBindingElement.MaximumMessageAge); } } finally { context.Application.UnLock(); diff --git a/src/DotNetOpenAuth.OpenId.Provider/DotNetOpenAuth.OpenId.Provider.csproj b/src/DotNetOpenAuth.OpenId.Provider/DotNetOpenAuth.OpenId.Provider.csproj index 24baea8..80d0cdc 100644 --- a/src/DotNetOpenAuth.OpenId.Provider/DotNetOpenAuth.OpenId.Provider.csproj +++ b/src/DotNetOpenAuth.OpenId.Provider/DotNetOpenAuth.OpenId.Provider.csproj @@ -53,7 +53,6 @@ <Compile Include="OpenId\Provider\IDirectedIdentityIdentifierProvider.cs" /> <Compile Include="OpenId\Provider\IErrorReporting.cs" /> <Compile Include="OpenId\Provider\Request.cs" /> - <Compile Include="OpenId\Provider\StandardProviderApplicationStore.cs" /> <Compile Include="OpenId\Provider\OpenIdProvider.cs" /> <Compile Include="Properties\AssemblyInfo.cs" /> </ItemGroup> diff --git a/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/OpenIdProvider.cs b/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/OpenIdProvider.cs index 256b7a6..6ffd10b 100644 --- a/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/OpenIdProvider.cs +++ b/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/OpenIdProvider.cs @@ -31,7 +31,7 @@ namespace DotNetOpenAuth.OpenId.Provider { public sealed class OpenIdProvider : IDisposable, IOpenIdHost { /// <summary> /// The name of the key to use in the HttpApplication cache to store the - /// instance of <see cref="StandardProviderApplicationStore"/> to use. + /// instance of <see cref="MemoryCryptoKeyAndNonceStore"/> to use. /// </summary> private const string ApplicationStoreKey = "DotNetOpenAuth.OpenId.Provider.OpenIdProvider.ApplicationStore"; @@ -63,7 +63,7 @@ namespace DotNetOpenAuth.OpenId.Provider { /// </summary> /// <param name="applicationStore">The application store to use. Cannot be null.</param> /// <param name="hostFactories">The host factories.</param> - public OpenIdProvider(IOpenIdApplicationStore applicationStore, IHostFactories hostFactories = null) + public OpenIdProvider(ICryptoKeyAndNonceStore applicationStore, IHostFactories hostFactories = null) : this((INonceStore)applicationStore, (ICryptoKeyStore)applicationStore, hostFactories) { Requires.NotNull(applicationStore, "applicationStore"); } @@ -180,18 +180,18 @@ namespace DotNetOpenAuth.OpenId.Provider { /// </summary> /// <param name="context">The context.</param> /// <returns>The application store.</returns> - public static IOpenIdApplicationStore GetHttpApplicationStore(HttpContextBase context = null) { + public static ICryptoKeyAndNonceStore GetHttpApplicationStore(HttpContextBase context = null) { if (context == null) { - ErrorUtilities.VerifyOperation(HttpContext.Current != null, Strings.StoreRequiredWhenNoHttpContextAvailable, typeof(IOpenIdApplicationStore).Name); + ErrorUtilities.VerifyOperation(HttpContext.Current != null, Strings.StoreRequiredWhenNoHttpContextAvailable, typeof(ICryptoKeyAndNonceStore).Name); context = new HttpContextWrapper(HttpContext.Current); } - var store = (IOpenIdApplicationStore)context.Application[ApplicationStoreKey]; + var store = (ICryptoKeyAndNonceStore)context.Application[ApplicationStoreKey]; if (store == null) { context.Application.Lock(); try { - if ((store = (IOpenIdApplicationStore)context.Application[ApplicationStoreKey]) == null) { - context.Application[ApplicationStoreKey] = store = new StandardProviderApplicationStore(); + if ((store = (ICryptoKeyAndNonceStore)context.Application[ApplicationStoreKey]) == null) { + context.Application[ApplicationStoreKey] = store = new MemoryCryptoKeyAndNonceStore(); } } finally { context.Application.UnLock(); diff --git a/src/DotNetOpenAuth.OpenId.RelyingParty.UI/OpenId/RelyingParty/OpenIdAjaxRelyingParty.cs b/src/DotNetOpenAuth.OpenId.RelyingParty.UI/OpenId/RelyingParty/OpenIdAjaxRelyingParty.cs index c0c1ec2..0e7a585 100644 --- a/src/DotNetOpenAuth.OpenId.RelyingParty.UI/OpenId/RelyingParty/OpenIdAjaxRelyingParty.cs +++ b/src/DotNetOpenAuth.OpenId.RelyingParty.UI/OpenId/RelyingParty/OpenIdAjaxRelyingParty.cs @@ -21,6 +21,7 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { using System.Web.Script.Serialization; using DotNetOpenAuth.Configuration; using DotNetOpenAuth.Messaging; + using DotNetOpenAuth.Messaging.Bindings; using DotNetOpenAuth.OpenId.Extensions; using DotNetOpenAuth.OpenId.Extensions.UI; using Validation; @@ -40,7 +41,7 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { /// Initializes a new instance of the <see cref="OpenIdAjaxRelyingParty"/> class. /// </summary> /// <param name="applicationStore">The application store. If <c>null</c>, the relying party will always operate in "dumb mode".</param> - public OpenIdAjaxRelyingParty(IOpenIdApplicationStore applicationStore) + public OpenIdAjaxRelyingParty(ICryptoKeyAndNonceStore applicationStore) : base(applicationStore) { Reporting.RecordFeatureUse(this); } diff --git a/src/DotNetOpenAuth.OpenId.RelyingParty.UI/OpenId/RelyingParty/OpenIdRelyingPartyAjaxControlBase.cs b/src/DotNetOpenAuth.OpenId.RelyingParty.UI/OpenId/RelyingParty/OpenIdRelyingPartyAjaxControlBase.cs index d7a052d..f880ff7 100644 --- a/src/DotNetOpenAuth.OpenId.RelyingParty.UI/OpenId/RelyingParty/OpenIdRelyingPartyAjaxControlBase.cs +++ b/src/DotNetOpenAuth.OpenId.RelyingParty.UI/OpenId/RelyingParty/OpenIdRelyingPartyAjaxControlBase.cs @@ -22,6 +22,7 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { using System.Web.UI; using DotNetOpenAuth.Configuration; using DotNetOpenAuth.Messaging; + using DotNetOpenAuth.Messaging.Bindings; using DotNetOpenAuth.OpenId.Extensions; using Validation; @@ -303,7 +304,7 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { /// </summary> /// <param name="store">The store to pass to the relying party constructor.</param> /// <returns>The instantiated relying party.</returns> - protected override OpenIdRelyingParty CreateRelyingParty(IOpenIdApplicationStore store) { + protected override OpenIdRelyingParty CreateRelyingParty(ICryptoKeyAndNonceStore store) { return new OpenIdAjaxRelyingParty(store); } diff --git a/src/DotNetOpenAuth.OpenId.RelyingParty.UI/OpenId/RelyingParty/OpenIdRelyingPartyControlBase.cs b/src/DotNetOpenAuth.OpenId.RelyingParty.UI/OpenId/RelyingParty/OpenIdRelyingPartyControlBase.cs index 77a5b44..e7a9238 100644 --- a/src/DotNetOpenAuth.OpenId.RelyingParty.UI/OpenId/RelyingParty/OpenIdRelyingPartyControlBase.cs +++ b/src/DotNetOpenAuth.OpenId.RelyingParty.UI/OpenId/RelyingParty/OpenIdRelyingPartyControlBase.cs @@ -26,6 +26,7 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { using DotNetOpenAuth.ComponentModel; using DotNetOpenAuth.Configuration; using DotNetOpenAuth.Messaging; + using DotNetOpenAuth.Messaging.Bindings; using DotNetOpenAuth.OpenId.Extensions; using DotNetOpenAuth.OpenId.Extensions.UI; using DotNetOpenAuth.OpenId.Messages; @@ -817,7 +818,7 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { /// </summary> /// <returns>The instantiated relying party.</returns> protected OpenIdRelyingParty CreateRelyingParty() { - IOpenIdApplicationStore store = this.Stateless ? null : OpenIdElement.Configuration.RelyingParty.ApplicationStore.CreateInstance(OpenIdRelyingParty.GetHttpApplicationStore(new HttpContextWrapper(this.Context)), null); + ICryptoKeyAndNonceStore store = this.Stateless ? null : OpenIdElement.Configuration.RelyingParty.ApplicationStore.CreateInstance(OpenIdRelyingParty.GetHttpApplicationStore(new HttpContextWrapper(this.Context)), null); return this.CreateRelyingParty(store); } @@ -826,7 +827,7 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { /// </summary> /// <param name="store">The store to pass to the relying party constructor.</param> /// <returns>The instantiated relying party.</returns> - protected virtual OpenIdRelyingParty CreateRelyingParty(IOpenIdApplicationStore store) { + protected virtual OpenIdRelyingParty CreateRelyingParty(ICryptoKeyAndNonceStore store) { return new OpenIdRelyingParty(store); } diff --git a/src/DotNetOpenAuth.OpenId.RelyingParty/DotNetOpenAuth.OpenId.RelyingParty.csproj b/src/DotNetOpenAuth.OpenId.RelyingParty/DotNetOpenAuth.OpenId.RelyingParty.csproj index 8177049..a6943b0 100644 --- a/src/DotNetOpenAuth.OpenId.RelyingParty/DotNetOpenAuth.OpenId.RelyingParty.csproj +++ b/src/DotNetOpenAuth.OpenId.RelyingParty/DotNetOpenAuth.OpenId.RelyingParty.csproj @@ -55,7 +55,6 @@ <Compile Include="OpenId\RelyingParty\OpenIdRelyingParty.cs" /> <Compile Include="OpenId\RelyingParty\PositiveAuthenticationResponseSnapshot.cs" /> <Compile Include="OpenId\RelyingParty\SimpleXrdsProviderEndpoint.cs" /> - <Compile Include="OpenId\RelyingParty\StandardRelyingPartyApplicationStore.cs" /> <Compile Include="OpenId\RelyingParty\WellKnownProviders.cs" /> <Compile Include="Properties\AssemblyInfo.cs" /> </ItemGroup> diff --git a/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/RelyingParty/OpenIdRelyingParty.cs b/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/RelyingParty/OpenIdRelyingParty.cs index 67e87f7..3a811db 100644 --- a/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/RelyingParty/OpenIdRelyingParty.cs +++ b/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/RelyingParty/OpenIdRelyingParty.cs @@ -47,7 +47,7 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { public class OpenIdRelyingParty : IDisposable, IOpenIdHost { /// <summary> /// The name of the key to use in the HttpApplication cache to store the - /// instance of <see cref="StandardRelyingPartyApplicationStore"/> to use. + /// instance of <see cref="MemoryCryptoKeyAndNonceStore"/> to use. /// </summary> private const string ApplicationStoreKey = "DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty.HttpApplicationStore"; @@ -105,7 +105,7 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { /// </summary> /// <param name="applicationStore">The application store. If <c>null</c>, the relying party will always operate in "stateless/dumb mode".</param> /// <param name="hostFactories">The host factories.</param> - public OpenIdRelyingParty(IOpenIdApplicationStore applicationStore, IHostFactories hostFactories = null) + public OpenIdRelyingParty(ICryptoKeyAndNonceStore applicationStore, IHostFactories hostFactories = null) : this(applicationStore, applicationStore, hostFactories) { } @@ -297,18 +297,18 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { /// </summary> /// <param name="context">The context.</param> /// <returns>The application store.</returns> - public static IOpenIdApplicationStore GetHttpApplicationStore(HttpContextBase context = null) { + public static ICryptoKeyAndNonceStore GetHttpApplicationStore(HttpContextBase context = null) { if (context == null) { - ErrorUtilities.VerifyOperation(HttpContext.Current != null, Strings.StoreRequiredWhenNoHttpContextAvailable, typeof(IOpenIdApplicationStore).Name); + ErrorUtilities.VerifyOperation(HttpContext.Current != null, Strings.StoreRequiredWhenNoHttpContextAvailable, typeof(ICryptoKeyAndNonceStore).Name); context = new HttpContextWrapper(HttpContext.Current); } - var store = (IOpenIdApplicationStore)context.Application[ApplicationStoreKey]; + var store = (ICryptoKeyAndNonceStore)context.Application[ApplicationStoreKey]; if (store == null) { context.Application.Lock(); try { - if ((store = (IOpenIdApplicationStore)context.Application[ApplicationStoreKey]) == null) { - context.Application[ApplicationStoreKey] = store = new StandardRelyingPartyApplicationStore(); + if ((store = (ICryptoKeyAndNonceStore)context.Application[ApplicationStoreKey]) == null) { + context.Application[ApplicationStoreKey] = store = new MemoryCryptoKeyAndNonceStore(); } } finally { context.Application.UnLock(); diff --git a/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/RelyingParty/StandardRelyingPartyApplicationStore.cs b/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/RelyingParty/StandardRelyingPartyApplicationStore.cs deleted file mode 100644 index c3722b2..0000000 --- a/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/RelyingParty/StandardRelyingPartyApplicationStore.cs +++ /dev/null @@ -1,110 +0,0 @@ -//----------------------------------------------------------------------- -// <copyright file="StandardRelyingPartyApplicationStore.cs" company="Outercurve Foundation"> -// Copyright (c) Outercurve Foundation. All rights reserved. -// </copyright> -//----------------------------------------------------------------------- - -namespace DotNetOpenAuth.OpenId.RelyingParty { - using System; - using System.Collections.Generic; - using DotNetOpenAuth.Configuration; - using DotNetOpenAuth.Messaging.Bindings; - using DotNetOpenAuth.OpenId.ChannelElements; - - /// <summary> - /// An in-memory store for Relying Parties, suitable for single server, single process - /// ASP.NET web sites. - /// </summary> - public class StandardRelyingPartyApplicationStore : IOpenIdApplicationStore { - /// <summary> - /// The nonce store to use. - /// </summary> - private readonly INonceStore nonceStore; - - /// <summary> - /// The association store to use. - /// </summary> - private readonly ICryptoKeyStore keyStore; - - /// <summary> - /// Initializes a new instance of the <see cref="StandardRelyingPartyApplicationStore"/> class. - /// </summary> - public StandardRelyingPartyApplicationStore() { - this.nonceStore = new NonceMemoryStore(OpenIdElement.Configuration.MaxAuthenticationTime); - this.keyStore = new MemoryCryptoKeyStore(); - } - - #region ICryptoKeyStore Members - - /// <summary> - /// Gets the key in a given bucket and handle. - /// </summary> - /// <param name="bucket">The bucket name. Case sensitive.</param> - /// <param name="handle">The key handle. Case sensitive.</param> - /// <returns> - /// The cryptographic key, or <c>null</c> if no matching key was found. - /// </returns> - public CryptoKey GetKey(string bucket, string handle) { - return this.keyStore.GetKey(bucket, handle); - } - - /// <summary> - /// Gets a sequence of existing keys within a given bucket. - /// </summary> - /// <param name="bucket">The bucket name. Case sensitive.</param> - /// <returns> - /// A sequence of handles and keys, ordered by descending <see cref="CryptoKey.ExpiresUtc"/>. - /// </returns> - public IEnumerable<KeyValuePair<string, CryptoKey>> GetKeys(string bucket) { - return this.keyStore.GetKeys(bucket); - } - - /// <summary> - /// Stores a cryptographic key. - /// </summary> - /// <param name="bucket">The name of the bucket to store the key in. Case sensitive.</param> - /// <param name="handle">The handle to the key, unique within the bucket. Case sensitive.</param> - /// <param name="key">The key to store.</param> - /// <exception cref="CryptoKeyCollisionException">Thrown in the event of a conflict with an existing key in the same bucket and with the same handle.</exception> - public void StoreKey(string bucket, string handle, CryptoKey key) { - this.keyStore.StoreKey(bucket, handle, key); - } - - /// <summary> - /// Removes the key. - /// </summary> - /// <param name="bucket">The bucket name. Case sensitive.</param> - /// <param name="handle">The key handle. Case sensitive.</param> - public void RemoveKey(string bucket, string handle) { - this.keyStore.RemoveKey(bucket, handle); - } - - #endregion - - #region INonceStore Members - - /// <summary> - /// Stores a given nonce and timestamp. - /// </summary> - /// <param name="context">The context, or namespace, within which the <paramref name="nonce"/> must be unique.</param> - /// <param name="nonce">A series of random characters.</param> - /// <param name="timestampUtc">The timestamp that together with the nonce string make it unique. - /// The timestamp may also be used by the data store to clear out old nonces.</param> - /// <returns> - /// True if the nonce+timestamp (combination) was not previously in the database. - /// False if the nonce was stored previously with the same timestamp. - /// </returns> - /// <remarks> - /// The nonce must be stored for no less than the maximum time window a message may - /// be processed within before being discarded as an expired message. - /// If the binding element is applicable to your channel, this expiration window - /// is retrieved or set using the - /// <see cref="StandardExpirationBindingElement.MaximumMessageAge"/> property. - /// </remarks> - public bool StoreNonce(string context, string nonce, DateTime timestampUtc) { - return this.nonceStore.StoreNonce(context, nonce, timestampUtc); - } - - #endregion - } -} diff --git a/src/DotNetOpenAuth.OpenId/Configuration/OpenIdProviderElement.cs b/src/DotNetOpenAuth.OpenId/Configuration/OpenIdProviderElement.cs index dfa5a86..11c6e90 100644 --- a/src/DotNetOpenAuth.OpenId/Configuration/OpenIdProviderElement.cs +++ b/src/DotNetOpenAuth.OpenId/Configuration/OpenIdProviderElement.cs @@ -6,6 +6,8 @@ namespace DotNetOpenAuth.Configuration { using System.Configuration; + + using DotNetOpenAuth.Messaging.Bindings; using DotNetOpenAuth.OpenId; using DotNetOpenAuth.OpenId.Provider; @@ -62,8 +64,8 @@ namespace DotNetOpenAuth.Configuration { /// Gets or sets the type to use for storing application state. /// </summary> [ConfigurationProperty(StoreConfigName)] - public TypeConfigurationElement<IOpenIdApplicationStore> ApplicationStore { - get { return (TypeConfigurationElement<IOpenIdApplicationStore>)this[StoreConfigName] ?? new TypeConfigurationElement<IOpenIdApplicationStore>(); } + public TypeConfigurationElement<ICryptoKeyAndNonceStore> ApplicationStore { + get { return (TypeConfigurationElement<ICryptoKeyAndNonceStore>)this[StoreConfigName] ?? new TypeConfigurationElement<ICryptoKeyAndNonceStore>(); } set { this[StoreConfigName] = value; } } } diff --git a/src/DotNetOpenAuth.OpenId/Configuration/OpenIdRelyingPartyElement.cs b/src/DotNetOpenAuth.OpenId/Configuration/OpenIdRelyingPartyElement.cs index 681ba38..4cfafda 100644 --- a/src/DotNetOpenAuth.OpenId/Configuration/OpenIdRelyingPartyElement.cs +++ b/src/DotNetOpenAuth.OpenId/Configuration/OpenIdRelyingPartyElement.cs @@ -7,6 +7,8 @@ namespace DotNetOpenAuth.Configuration { using System; using System.Configuration; + + using DotNetOpenAuth.Messaging.Bindings; using DotNetOpenAuth.OpenId; using DotNetOpenAuth.OpenId.RelyingParty; @@ -96,8 +98,8 @@ namespace DotNetOpenAuth.Configuration { /// Gets or sets the type to use for storing application state. /// </summary> [ConfigurationProperty(StoreConfigName)] - public TypeConfigurationElement<IOpenIdApplicationStore> ApplicationStore { - get { return (TypeConfigurationElement<IOpenIdApplicationStore>)this[StoreConfigName] ?? new TypeConfigurationElement<IOpenIdApplicationStore>(); } + public TypeConfigurationElement<ICryptoKeyAndNonceStore> ApplicationStore { + get { return (TypeConfigurationElement<ICryptoKeyAndNonceStore>)this[StoreConfigName] ?? new TypeConfigurationElement<ICryptoKeyAndNonceStore>(); } set { this[StoreConfigName] = value; } } diff --git a/src/DotNetOpenAuth.OpenId/DotNetOpenAuth.OpenId.csproj b/src/DotNetOpenAuth.OpenId/DotNetOpenAuth.OpenId.csproj index ab4b6a7..cbf9a07 100644 --- a/src/DotNetOpenAuth.OpenId/DotNetOpenAuth.OpenId.csproj +++ b/src/DotNetOpenAuth.OpenId/DotNetOpenAuth.OpenId.csproj @@ -140,7 +140,6 @@ <AutoGen>True</AutoGen> </Compile> <Compile Include="OpenId\Protocol.cs" /> - <Compile Include="OpenId\IOpenIdApplicationStore.cs" /> <Compile Include="OpenId\RelyingParty\RelyingPartySecuritySettings.cs" /> <Compile Include="OpenId\UntrustedWebRequestHandler.cs" /> <Compile Include="OpenId\UriDiscoveryService.cs" /> diff --git a/src/DotNetOpenAuth.Test/Messaging/Bindings/StandardReplayProtectionBindingElementTests.cs b/src/DotNetOpenAuth.Test/Messaging/Bindings/StandardReplayProtectionBindingElementTests.cs index 04c63ef..4b02089 100644 --- a/src/DotNetOpenAuth.Test/Messaging/Bindings/StandardReplayProtectionBindingElementTests.cs +++ b/src/DotNetOpenAuth.Test/Messaging/Bindings/StandardReplayProtectionBindingElementTests.cs @@ -31,7 +31,7 @@ namespace DotNetOpenAuth.Test.Messaging.Bindings { base.SetUp(); this.protocol = Protocol.Default; - this.nonceStore = new NonceMemoryStore(TimeSpan.FromHours(3)); + this.nonceStore = new MemoryNonceStore(TimeSpan.FromHours(3)); this.nonceElement = new StandardReplayProtectionBindingElement(this.nonceStore); this.nonceElement.Channel = new Mocks.TestChannel(); this.message = new TestReplayProtectedMessage(); diff --git a/src/DotNetOpenAuth.Test/OAuth/ChannelElements/OAuthChannelTests.cs b/src/DotNetOpenAuth.Test/OAuth/ChannelElements/OAuthChannelTests.cs index fdf652c..629ca46 100644 --- a/src/DotNetOpenAuth.Test/OAuth/ChannelElements/OAuthChannelTests.cs +++ b/src/DotNetOpenAuth.Test/OAuth/ChannelElements/OAuthChannelTests.cs @@ -36,7 +36,7 @@ namespace DotNetOpenAuth.Test.OAuth.ChannelElements { base.SetUp(); this.signingElement = new RsaSha1ServiceProviderSigningBindingElement(new InMemoryTokenManager()); - this.nonceStore = new NonceMemoryStore(StandardExpirationBindingElement.MaximumMessageAge); + this.nonceStore = new MemoryNonceStore(StandardExpirationBindingElement.MaximumMessageAge); this.channel = new OAuthServiceProviderChannel(this.signingElement, this.nonceStore, new InMemoryTokenManager(), this.serviceProviderSecuritySettings, new TestMessageFactory(), this.HostFactories); } diff --git a/src/DotNetOpenAuth.Test/OpenId/AssociationHandshakeTests.cs b/src/DotNetOpenAuth.Test/OpenId/AssociationHandshakeTests.cs index 6e3d7dc..227d6ca 100644 --- a/src/DotNetOpenAuth.Test/OpenId/AssociationHandshakeTests.cs +++ b/src/DotNetOpenAuth.Test/OpenId/AssociationHandshakeTests.cs @@ -9,6 +9,7 @@ namespace DotNetOpenAuth.Test.OpenId { using System.Threading; using System.Threading.Tasks; using DotNetOpenAuth.Messaging; + using DotNetOpenAuth.Messaging.Bindings; using DotNetOpenAuth.OpenId; using DotNetOpenAuth.OpenId.Messages; using DotNetOpenAuth.OpenId.Provider; @@ -327,8 +328,8 @@ namespace DotNetOpenAuth.Test.OpenId { Association rpAssociation = null, opAssociation; AssociateSuccessfulResponse associateSuccessfulResponse = null; AssociateUnsuccessfulResponse associateUnsuccessfulResponse = null; - var relyingParty = new OpenIdRelyingParty(new StandardRelyingPartyApplicationStore(), this.HostFactories); - var provider = new OpenIdProvider(new StandardProviderApplicationStore(), this.HostFactories) { + var relyingParty = new OpenIdRelyingParty(new MemoryCryptoKeyAndNonceStore(), this.HostFactories); + var provider = new OpenIdProvider(new MemoryCryptoKeyAndNonceStore(), this.HostFactories) { SecuritySettings = this.ProviderSecuritySettings }; Handle(opDescription.Uri).By( diff --git a/src/DotNetOpenAuth.Test/OpenId/AuthenticationTests.cs b/src/DotNetOpenAuth.Test/OpenId/AuthenticationTests.cs index 1bc65e5..871eb78 100644 --- a/src/DotNetOpenAuth.Test/OpenId/AuthenticationTests.cs +++ b/src/DotNetOpenAuth.Test/OpenId/AuthenticationTests.cs @@ -66,10 +66,10 @@ namespace DotNetOpenAuth.Test.OpenId { [Test] public async Task UnsolicitedAssertion() { - var opStore = new StandardProviderApplicationStore(); + var opStore = new MemoryCryptoKeyAndNonceStore(); Handle(RPUri).By( async req => { - var rp = new OpenIdRelyingParty(new StandardRelyingPartyApplicationStore(), this.HostFactories); + var rp = new OpenIdRelyingParty(new MemoryCryptoKeyAndNonceStore(), this.HostFactories); IAuthenticationResponse response = await rp.GetResponseAsync(req); Assert.That(response, Is.Not.Null); Assert.AreEqual(AuthenticationStatus.Authenticated, response.Status); @@ -97,10 +97,10 @@ namespace DotNetOpenAuth.Test.OpenId { [Test] public async Task UnsolicitedAssertionRejected() { - var opStore = new StandardProviderApplicationStore(); + var opStore = new MemoryCryptoKeyAndNonceStore(); Handle(RPUri).By( async req => { - var rp = new OpenIdRelyingParty(new StandardRelyingPartyApplicationStore(), this.HostFactories); + var rp = new OpenIdRelyingParty(new MemoryCryptoKeyAndNonceStore(), this.HostFactories); rp.SecuritySettings.RejectUnsolicitedAssertions = true; IAuthenticationResponse response = await rp.GetResponseAsync(req); Assert.That(response, Is.Not.Null); @@ -132,7 +132,7 @@ namespace DotNetOpenAuth.Test.OpenId { /// </summary> [Test] public async Task UnsolicitedDelegatingIdentifierRejection() { - var opStore = new StandardProviderApplicationStore(); + var opStore = new MemoryCryptoKeyAndNonceStore(); Handle(RPUri).By( async req => { var rp = this.CreateRelyingParty(); diff --git a/src/DotNetOpenAuth.Test/OpenId/ChannelElements/ExtensionsBindingElementTests.cs b/src/DotNetOpenAuth.Test/OpenId/ChannelElements/ExtensionsBindingElementTests.cs index ca0e4b4..ac8eed2 100644 --- a/src/DotNetOpenAuth.Test/OpenId/ChannelElements/ExtensionsBindingElementTests.cs +++ b/src/DotNetOpenAuth.Test/OpenId/ChannelElements/ExtensionsBindingElementTests.cs @@ -14,6 +14,7 @@ namespace DotNetOpenAuth.Test.OpenId.ChannelElements { using System.Threading.Tasks; using DotNetOpenAuth.Messaging; + using DotNetOpenAuth.Messaging.Bindings; using DotNetOpenAuth.OpenId; using DotNetOpenAuth.OpenId.ChannelElements; using DotNetOpenAuth.OpenId.Extensions; @@ -121,12 +122,12 @@ namespace DotNetOpenAuth.Test.OpenId.ChannelElements { [Test] public async Task ExtensionsAreIdentifiedAsSignedOrUnsigned() { Protocol protocol = Protocol.Default; - var opStore = new StandardProviderApplicationStore(); + var opStore = new MemoryCryptoKeyAndNonceStore(); int rpStep = 0; Handle(RPUri).By( async req => { - var rp = new OpenIdRelyingParty(new StandardRelyingPartyApplicationStore(), this.HostFactories); + var rp = new OpenIdRelyingParty(new MemoryCryptoKeyAndNonceStore(), this.HostFactories); RegisterMockExtension(rp.Channel); switch (++rpStep) { diff --git a/src/DotNetOpenAuth.Test/OpenId/ChannelElements/OpenIdChannelTests.cs b/src/DotNetOpenAuth.Test/OpenId/ChannelElements/OpenIdChannelTests.cs index c9cd52c..a9d469a 100644 --- a/src/DotNetOpenAuth.Test/OpenId/ChannelElements/OpenIdChannelTests.cs +++ b/src/DotNetOpenAuth.Test/OpenId/ChannelElements/OpenIdChannelTests.cs @@ -30,7 +30,7 @@ namespace DotNetOpenAuth.Test.OpenId.ChannelElements { [SetUp] public void Setup() { - this.channel = new OpenIdRelyingPartyChannel(new MemoryCryptoKeyStore(), new NonceMemoryStore(maximumMessageAge), new RelyingPartySecuritySettings(), this.HostFactories); + this.channel = new OpenIdRelyingPartyChannel(new MemoryCryptoKeyStore(), new MemoryNonceStore(maximumMessageAge), new RelyingPartySecuritySettings(), this.HostFactories); } [Test] diff --git a/src/DotNetOpenAuth.Test/OpenId/OpenIdTestBase.cs b/src/DotNetOpenAuth.Test/OpenId/OpenIdTestBase.cs index 4dd7f3a..cddf187 100644 --- a/src/DotNetOpenAuth.Test/OpenId/OpenIdTestBase.cs +++ b/src/DotNetOpenAuth.Test/OpenId/OpenIdTestBase.cs @@ -151,7 +151,7 @@ namespace DotNetOpenAuth.Test.OpenId { internal void RegisterAutoProvider() { this.Handle(OPUri).By( async (req, ct) => { - var provider = new OpenIdProvider(new StandardProviderApplicationStore(), this.HostFactories); + var provider = new OpenIdProvider(new MemoryCryptoKeyAndNonceStore(), this.HostFactories); return await this.AutoProviderActionAsync(provider, req, ct); }); } @@ -322,7 +322,7 @@ namespace DotNetOpenAuth.Test.OpenId { /// <param name="stateless">if set to <c>true</c> a stateless RP is created.</param> /// <returns>The new instance.</returns> protected OpenIdRelyingParty CreateRelyingParty(bool stateless) { - var rp = new OpenIdRelyingParty(stateless ? null : new StandardRelyingPartyApplicationStore(), this.HostFactories); + var rp = new OpenIdRelyingParty(stateless ? null : new MemoryCryptoKeyAndNonceStore(), this.HostFactories); return rp; } @@ -331,7 +331,7 @@ namespace DotNetOpenAuth.Test.OpenId { /// </summary> /// <returns>The new instance.</returns> protected OpenIdProvider CreateProvider() { - var op = new OpenIdProvider(new StandardProviderApplicationStore(), this.HostFactories); + var op = new OpenIdProvider(new MemoryCryptoKeyAndNonceStore(), this.HostFactories); return op; } } diff --git a/src/DotNetOpenAuth.Test/OpenId/RelyingParty/OpenIdRelyingPartyTests.cs b/src/DotNetOpenAuth.Test/OpenId/RelyingParty/OpenIdRelyingPartyTests.cs index 2d9413d..78dd30f 100644 --- a/src/DotNetOpenAuth.Test/OpenId/RelyingParty/OpenIdRelyingPartyTests.cs +++ b/src/DotNetOpenAuth.Test/OpenId/RelyingParty/OpenIdRelyingPartyTests.cs @@ -12,6 +12,7 @@ namespace DotNetOpenAuth.Test.OpenId.RelyingParty { using System.Web; using DotNetOpenAuth.Messaging; + using DotNetOpenAuth.Messaging.Bindings; using DotNetOpenAuth.OpenId; using DotNetOpenAuth.OpenId.Extensions; using DotNetOpenAuth.OpenId.Messages; @@ -40,7 +41,7 @@ namespace DotNetOpenAuth.Test.OpenId.RelyingParty { [Test, ExpectedException(typeof(ArgumentNullException))] public void SecuritySettingsSetNull() { - var rp = new OpenIdRelyingParty(new StandardRelyingPartyApplicationStore()); + var rp = new OpenIdRelyingParty(new MemoryCryptoKeyAndNonceStore()); rp.SecuritySettings = null; } @@ -109,10 +110,10 @@ namespace DotNetOpenAuth.Test.OpenId.RelyingParty { /// </summary> [Test] public async Task AssertionWithEndpointFilter() { - var opStore = new StandardProviderApplicationStore(); + var opStore = new MemoryCryptoKeyAndNonceStore(); Handle(RPUri).By( async req => { - var rp = new OpenIdRelyingParty(new StandardRelyingPartyApplicationStore(), this.HostFactories); + var rp = new OpenIdRelyingParty(new MemoryCryptoKeyAndNonceStore(), this.HostFactories); // Rig it to always deny the incoming OP rp.EndpointFilter = op => false; |