summaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/DotNetOpenAuth/Configuration/DotNetOpenAuth.xsd41
-rw-r--r--src/DotNetOpenAuth/Configuration/OAuthServiceProviderElement.cs15
-rw-r--r--src/DotNetOpenAuth/Messaging/Bindings/INonceStore.cs9
-rw-r--r--src/DotNetOpenAuth/OAuth/ServiceProvider.cs36
-rw-r--r--src/DotNetOpenAuth/OpenId/Association.cs16
-rw-r--r--src/DotNetOpenAuth/OpenId/Interop/OpenIdRelyingPartyShim.cs4
-rw-r--r--src/DotNetOpenAuth/OpenId/OpenIdStrings.Designer.cs9
-rw-r--r--src/DotNetOpenAuth/OpenId/OpenIdStrings.resx3
-rw-r--r--src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdRelyingParty.cs4
-rw-r--r--src/DotNetOpenAuth/Strings.Designer.cs11
-rw-r--r--src/DotNetOpenAuth/Strings.resx5
11 files changed, 122 insertions, 31 deletions
diff --git a/src/DotNetOpenAuth/Configuration/DotNetOpenAuth.xsd b/src/DotNetOpenAuth/Configuration/DotNetOpenAuth.xsd
index a214053..a637d1f 100644
--- a/src/DotNetOpenAuth/Configuration/DotNetOpenAuth.xsd
+++ b/src/DotNetOpenAuth/Configuration/DotNetOpenAuth.xsd
@@ -272,6 +272,47 @@
<xs:attribute name="maxAuthenticationTime" type="xs:string" />
</xs:complexType>
</xs:element>
+ <xs:element name="oauth">
+ <xs:complexType>
+ <xs:choice minOccurs="0" maxOccurs="unbounded">
+ <xs:element name="consumer">
+ <xs:complexType>
+ <xs:choice minOccurs="0" maxOccurs="unbounded">
+ <xs:element name="security">
+ <xs:complexType>
+
+ </xs:complexType>
+ </xs:element>
+ </xs:choice>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="serviceProvider">
+ <xs:complexType>
+ <xs:choice minOccurs="0" maxOccurs="unbounded">
+ <xs:element name="security">
+ <xs:complexType>
+ <xs:attribute name="minimumRequiredOAuthVersion" default="V10">
+ <xs:simpleType>
+ <xs:restriction base="xs:NMTOKEN">
+ <xs:enumeration value="V10" />
+ <xs:enumeration value="V10a" />
+ </xs:restriction>
+ </xs:simpleType>
+ </xs:attribute>
+ <xs:attribute name="maxAuthorizationTime" type="xs:string" default="0:05" />
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="store">
+ <xs:complexType>
+ <xs:attribute name="type" type="xs:string"/>
+ </xs:complexType>
+ </xs:element>
+ </xs:choice>
+ </xs:complexType>
+ </xs:element>
+ </xs:choice>
+ </xs:complexType>
+ </xs:element>
</xs:choice>
</xs:complexType>
</xs:element>
diff --git a/src/DotNetOpenAuth/Configuration/OAuthServiceProviderElement.cs b/src/DotNetOpenAuth/Configuration/OAuthServiceProviderElement.cs
index 5ff528d..8e910a0 100644
--- a/src/DotNetOpenAuth/Configuration/OAuthServiceProviderElement.cs
+++ b/src/DotNetOpenAuth/Configuration/OAuthServiceProviderElement.cs
@@ -6,12 +6,18 @@
namespace DotNetOpenAuth.Configuration {
using System.Configuration;
+ using DotNetOpenAuth.Messaging.Bindings;
/// <summary>
/// Represents the &lt;oauth/serviceProvider&gt; element in the host's .config file.
/// </summary>
internal class OAuthServiceProviderElement : ConfigurationElement {
/// <summary>
+ /// The name of the custom store sub-element.
+ /// </summary>
+ private const string StoreConfigName = "store";
+
+ /// <summary>
/// Gets the name of the security sub-element.
/// </summary>
private const string SecuritySettingsConfigName = "security";
@@ -23,6 +29,15 @@ namespace DotNetOpenAuth.Configuration {
}
/// <summary>
+ /// Gets or sets the type to use for storing application state.
+ /// </summary>
+ [ConfigurationProperty(StoreConfigName)]
+ public TypeConfigurationElement<INonceStore> ApplicationStore {
+ get { return (TypeConfigurationElement<INonceStore>)this[StoreConfigName] ?? new TypeConfigurationElement<INonceStore>(); }
+ set { this[StoreConfigName] = value; }
+ }
+
+ /// <summary>
/// Gets or sets the security settings.
/// </summary>
[ConfigurationProperty(SecuritySettingsConfigName)]
diff --git a/src/DotNetOpenAuth/Messaging/Bindings/INonceStore.cs b/src/DotNetOpenAuth/Messaging/Bindings/INonceStore.cs
index fff251a..6b6e2e1 100644
--- a/src/DotNetOpenAuth/Messaging/Bindings/INonceStore.cs
+++ b/src/DotNetOpenAuth/Messaging/Bindings/INonceStore.cs
@@ -19,11 +19,12 @@ namespace DotNetOpenAuth.Messaging.Bindings {
/// The context SHOULD be treated as case-sensitive.
/// The value will never be <c>null</c> but may be the empty string.</param>
/// <param name="nonce">A series of random characters.</param>
- /// <param name="timestamp">The timestamp that together with the nonce string make it unique.
+ /// <param name="timestampUtc">The UTC timestamp that together with the nonce string make it unique
+ /// within the given <paramref name="context"/>.
/// The timestamp may also be used by the data store to clear out old nonces.</param>
/// <returns>
- /// True if the nonce+timestamp (combination) was not previously in the database.
- /// False if the nonce was stored previously with the same timestamp.
+ /// True if the context+nonce+timestamp (combination) was not previously in the database.
+ /// False if the nonce was stored previously with the same timestamp and context.
/// </returns>
/// <remarks>
/// The nonce must be stored for no less than the maximum time window a message may
@@ -33,6 +34,6 @@ namespace DotNetOpenAuth.Messaging.Bindings {
/// property, accessible via the <see cref="DotNetOpenAuth.Configuration.DotNetOpenAuthSection.Configuration"/>
/// property.
/// </remarks>
- bool StoreNonce(string context, string nonce, DateTime timestamp);
+ bool StoreNonce(string context, string nonce, DateTime timestampUtc);
}
}
diff --git a/src/DotNetOpenAuth/OAuth/ServiceProvider.cs b/src/DotNetOpenAuth/OAuth/ServiceProvider.cs
index fe65ed7..95eee32 100644
--- a/src/DotNetOpenAuth/OAuth/ServiceProvider.cs
+++ b/src/DotNetOpenAuth/OAuth/ServiceProvider.cs
@@ -7,6 +7,7 @@
namespace DotNetOpenAuth.OAuth {
using System;
using System.Collections.Generic;
+ using System.ComponentModel;
using System.Diagnostics.CodeAnalysis;
using System.Diagnostics.Contracts;
using System.Globalization;
@@ -36,6 +37,12 @@ namespace DotNetOpenAuth.OAuth {
/// </remarks>
public class ServiceProvider : IDisposable {
/// <summary>
+ /// The name of the key to use in the HttpApplication cache to store the
+ /// instance of <see cref="NonceMemoryStore"/> to use.
+ /// </summary>
+ private const string ApplicationStoreKey = "DotNetOpenAuth.OAuth.ServiceProvider.HttpApplicationStore";
+
+ /// <summary>
/// The length of the verifier code (in raw bytes before base64 encoding) to generate.
/// </summary>
private const int VerifierCodeLength = 5;
@@ -61,7 +68,7 @@ namespace DotNetOpenAuth.OAuth {
/// <param name="tokenManager">The host's method of storing and recalling tokens and secrets.</param>
/// <param name="messageTypeProvider">An object that can figure out what type of message is being received for deserialization.</param>
public ServiceProvider(ServiceProviderDescription serviceDescription, IServiceProviderTokenManager tokenManager, OAuthServiceProviderMessageFactory messageTypeProvider)
- : this(serviceDescription, tokenManager, new NonceMemoryStore(StandardExpirationBindingElement.DefaultMaximumMessageAge), messageTypeProvider) {
+ : this(serviceDescription, tokenManager, DotNetOpenAuthSection.Configuration.OAuth.ServiceProvider.ApplicationStore.CreateInstance(HttpApplicationStore), messageTypeProvider) {
}
/// <summary>
@@ -95,6 +102,33 @@ namespace DotNetOpenAuth.OAuth {
}
/// <summary>
+ /// Gets the standard state storage mechanism that uses ASP.NET's
+ /// HttpApplication state dictionary to store associations and nonces.
+ /// </summary>
+ [EditorBrowsable(EditorBrowsableState.Advanced)]
+ public static INonceStore HttpApplicationStore {
+ get {
+ Contract.Ensures(Contract.Result<INonceStore>() != null);
+
+ HttpContext context = HttpContext.Current;
+ ErrorUtilities.VerifyOperation(context != null, Strings.StoreRequiredWhenNoHttpContextAvailable, typeof(INonceStore).Name);
+ var store = (INonceStore)context.Application[ApplicationStoreKey];
+ if (store == null) {
+ context.Application.Lock();
+ try {
+ if ((store = (INonceStore)context.Application[ApplicationStoreKey]) == null) {
+ context.Application[ApplicationStoreKey] = store = new NonceMemoryStore(StandardExpirationBindingElement.DefaultMaximumMessageAge);
+ }
+ } finally {
+ context.Application.UnLock();
+ }
+ }
+
+ return store;
+ }
+ }
+
+ /// <summary>
/// Gets the description of this Service Provider.
/// </summary>
public ServiceProviderDescription ServiceDescription { get; private set; }
diff --git a/src/DotNetOpenAuth/OpenId/Association.cs b/src/DotNetOpenAuth/OpenId/Association.cs
index ce129bb..5aeaaee 100644
--- a/src/DotNetOpenAuth/OpenId/Association.cs
+++ b/src/DotNetOpenAuth/OpenId/Association.cs
@@ -30,7 +30,7 @@ namespace DotNetOpenAuth.OpenId {
/// <param name="handle">The handle.</param>
/// <param name="secret">The secret.</param>
/// <param name="totalLifeLength">How long the association will be useful.</param>
- /// <param name="issued">When this association was originally issued by the Provider.</param>
+ /// <param name="issued">The UTC time of when this association was originally issued by the Provider.</param>
protected Association(string handle, byte[] secret, TimeSpan totalLifeLength, DateTime issued) {
ErrorUtilities.VerifyNonZeroLength(handle, "handle");
ErrorUtilities.VerifyArgumentNotNull(secret, "secret");
@@ -47,7 +47,7 @@ namespace DotNetOpenAuth.OpenId {
public string Handle { get; private set; }
/// <summary>
- /// Gets the time when this <see cref="Association"/> will expire.
+ /// Gets the UTC time when this <see cref="Association"/> will expire.
/// </summary>
public DateTime Expires {
get { return this.Issued + this.TotalLifeLength; }
@@ -76,7 +76,7 @@ namespace DotNetOpenAuth.OpenId {
}
/// <summary>
- /// Gets or sets the time that this <see cref="Association"/> was first created.
+ /// Gets or sets the UTC time that this <see cref="Association"/> was first created.
/// </summary>
internal DateTime Issued { get; set; }
@@ -130,8 +130,8 @@ namespace DotNetOpenAuth.OpenId {
/// <param name="handle">
/// The <see cref="Handle"/> property of the previous <see cref="Association"/> instance.
/// </param>
- /// <param name="expires">
- /// The value of the <see cref="Expires"/> property of the previous <see cref="Association"/> instance.
+ /// <param name="expiresUtc">
+ /// The UTC value of the <see cref="Expires"/> property of the previous <see cref="Association"/> instance.
/// </param>
/// <param name="privateData">
/// The byte array returned by a call to <see cref="SerializePrivateData"/> on the previous
@@ -142,15 +142,15 @@ namespace DotNetOpenAuth.OpenId {
/// from a custom association store's
/// <see cref="IAssociationStore&lt;TKey&gt;.GetAssociation(TKey, SecuritySettings)"/> method.
/// </returns>
- public static Association Deserialize(string handle, DateTime expires, byte[] privateData) {
+ public static Association Deserialize(string handle, DateTime expiresUtc, byte[] privateData) {
if (string.IsNullOrEmpty(handle)) {
throw new ArgumentNullException("handle");
}
if (privateData == null) {
throw new ArgumentNullException("privateData");
}
- expires = expires.ToUniversalTimeSafe();
- TimeSpan remainingLifeLength = expires - DateTime.UtcNow;
+ expiresUtc = expiresUtc.ToUniversalTimeSafe();
+ TimeSpan remainingLifeLength = expiresUtc - DateTime.UtcNow;
byte[] secret = privateData; // the whole of privateData is the secret key for now.
// We figure out what derived type to instantiate based on the length of the secret.
try {
diff --git a/src/DotNetOpenAuth/OpenId/Interop/OpenIdRelyingPartyShim.cs b/src/DotNetOpenAuth/OpenId/Interop/OpenIdRelyingPartyShim.cs
index 41c4e21..86e80ba 100644
--- a/src/DotNetOpenAuth/OpenId/Interop/OpenIdRelyingPartyShim.cs
+++ b/src/DotNetOpenAuth/OpenId/Interop/OpenIdRelyingPartyShim.cs
@@ -16,8 +16,8 @@ namespace DotNetOpenAuth.OpenId.Interop {
using DotNetOpenAuth.OpenId.RelyingParty;
/// <summary>
- /// The COM interface describing the DotNetOpenId functionality available to
- /// COM client relying parties.
+ /// The COM interface describing the DotNetOpenAuth functionality available to
+ /// COM client OpenID relying parties.
/// </summary>
[Guid("56BD3DB0-EE0D-4191-ADFC-1F3705CD2636")]
[InterfaceType(ComInterfaceType.InterfaceIsDual)]
diff --git a/src/DotNetOpenAuth/OpenId/OpenIdStrings.Designer.cs b/src/DotNetOpenAuth/OpenId/OpenIdStrings.Designer.cs
index d03ced5..cca41a0 100644
--- a/src/DotNetOpenAuth/OpenId/OpenIdStrings.Designer.cs
+++ b/src/DotNetOpenAuth/OpenId/OpenIdStrings.Designer.cs
@@ -614,15 +614,6 @@ namespace DotNetOpenAuth.OpenId {
}
/// <summary>
- /// Looks up a localized string similar to No current HttpContext was detected, so an {0} instance must be explicitly provided or specified in the .config file. Call the constructor overload that takes an {0}..
- /// </summary>
- internal static string StoreRequiredWhenNoHttpContextAvailable {
- get {
- return ResourceManager.GetString("StoreRequiredWhenNoHttpContextAvailable", resourceCulture);
- }
- }
-
- /// <summary>
/// Looks up a localized string similar to The type must implement {0}..
/// </summary>
internal static string TypeMustImplementX {
diff --git a/src/DotNetOpenAuth/OpenId/OpenIdStrings.resx b/src/DotNetOpenAuth/OpenId/OpenIdStrings.resx
index dd17fb8..f47e512 100644
--- a/src/DotNetOpenAuth/OpenId/OpenIdStrings.resx
+++ b/src/DotNetOpenAuth/OpenId/OpenIdStrings.resx
@@ -244,9 +244,6 @@ Discovered endpoint info:
<data name="XriResolutionFailed" xml:space="preserve">
<value>XRI resolution failed.</value>
</data>
- <data name="StoreRequiredWhenNoHttpContextAvailable" xml:space="preserve">
- <value>No current HttpContext was detected, so an {0} instance must be explicitly provided or specified in the .config file. Call the constructor overload that takes an {0}.</value>
- </data>
<data name="AttributeAlreadyAdded" xml:space="preserve">
<value>An attribute with type URI '{0}' has already been added.</value>
</data>
diff --git a/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdRelyingParty.cs b/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdRelyingParty.cs
index 68dd4e9..1fe6521 100644
--- a/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdRelyingParty.cs
+++ b/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdRelyingParty.cs
@@ -41,7 +41,7 @@ namespace DotNetOpenAuth.OpenId.RelyingParty {
/// The name of the key to use in the HttpApplication cache to store the
/// instance of <see cref="StandardRelyingPartyApplicationStore"/> to use.
/// </summary>
- private const string ApplicationStoreKey = "DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty.ApplicationStore";
+ private const string ApplicationStoreKey = "DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty.HttpApplicationStore";
/// <summary>
/// Backing store for the <see cref="Behaviors"/> property.
@@ -129,7 +129,7 @@ namespace DotNetOpenAuth.OpenId.RelyingParty {
Contract.Ensures(Contract.Result<IRelyingPartyApplicationStore>() != null);
HttpContext context = HttpContext.Current;
- ErrorUtilities.VerifyOperation(context != null, OpenIdStrings.StoreRequiredWhenNoHttpContextAvailable, typeof(IRelyingPartyApplicationStore).Name);
+ ErrorUtilities.VerifyOperation(context != null, Strings.StoreRequiredWhenNoHttpContextAvailable, typeof(IRelyingPartyApplicationStore).Name);
var store = (IRelyingPartyApplicationStore)context.Application[ApplicationStoreKey];
if (store == null) {
context.Application.Lock();
diff --git a/src/DotNetOpenAuth/Strings.Designer.cs b/src/DotNetOpenAuth/Strings.Designer.cs
index 43fec22..38c89f7 100644
--- a/src/DotNetOpenAuth/Strings.Designer.cs
+++ b/src/DotNetOpenAuth/Strings.Designer.cs
@@ -1,7 +1,7 @@
//------------------------------------------------------------------------------
// <auto-generated>
// This code was generated by a tool.
-// Runtime Version:2.0.50727.4918
+// Runtime Version:2.0.50727.4927
//
// Changes to this file may cause incorrect behavior and will be lost if
// the code is regenerated.
@@ -70,6 +70,15 @@ namespace DotNetOpenAuth {
}
/// <summary>
+ /// Looks up a localized string similar to No current HttpContext was detected, so an {0} instance must be explicitly provided or specified in the .config file. Call the constructor overload that takes an {0}..
+ /// </summary>
+ internal static string StoreRequiredWhenNoHttpContextAvailable {
+ get {
+ return ResourceManager.GetString("StoreRequiredWhenNoHttpContextAvailable", resourceCulture);
+ }
+ }
+
+ /// <summary>
/// Looks up a localized string similar to The configuration XAML reference to {0} requires a current HttpContext to resolve..
/// </summary>
internal static string ConfigurationXamlReferenceRequiresHttpContext {
diff --git a/src/DotNetOpenAuth/Strings.resx b/src/DotNetOpenAuth/Strings.resx
index bbfa162..a7f080d 100644
--- a/src/DotNetOpenAuth/Strings.resx
+++ b/src/DotNetOpenAuth/Strings.resx
@@ -120,7 +120,10 @@
<data name="ConfigurationTypeMustBePublic" xml:space="preserve">
<value>The configuration-specified type {0} must be public, and is not.</value>
</data>
+ <data name="StoreRequiredWhenNoHttpContextAvailable" xml:space="preserve">
+ <value>No current HttpContext was detected, so an {0} instance must be explicitly provided or specified in the .config file. Call the constructor overload that takes an {0}.</value>
+ </data>
<data name="ConfigurationXamlReferenceRequiresHttpContext" xml:space="preserve">
<value>The configuration XAML reference to {0} requires a current HttpContext to resolve.</value>
</data>
-</root> \ No newline at end of file
+</root>
generated by cgit v1.1 at 2025-05-20 20:36:25 +0000