diff options
Diffstat (limited to 'src')
9 files changed, 176 insertions, 76 deletions
diff --git a/src/DotNetOpenAuth/Messaging/HttpRequestInfo.cs b/src/DotNetOpenAuth/Messaging/HttpRequestInfo.cs index 2bd09ec..cfc122d 100644 --- a/src/DotNetOpenAuth/Messaging/HttpRequestInfo.cs +++ b/src/DotNetOpenAuth/Messaging/HttpRequestInfo.cs @@ -8,6 +8,7 @@ namespace DotNetOpenAuth.Messaging { using System; using System.Collections.Specialized; using System.Diagnostics; + using System.Diagnostics.CodeAnalysis; using System.Diagnostics.Contracts; using System.IO; using System.Net; @@ -34,6 +35,11 @@ namespace DotNetOpenAuth.Messaging { private NameValueCollection queryString; /// <summary> + /// Backing field for the <see cref="QueryStringBeforeRewriting"/> property. + /// </summary> + private NameValueCollection queryStringBeforeRewriting; + + /// <summary> /// Backing field for the <see cref="Message"/> property. /// </summary> private IDirectedProtocolMessage message; @@ -43,12 +49,12 @@ namespace DotNetOpenAuth.Messaging { /// </summary> /// <param name="request">The ASP.NET structure to copy from.</param> public HttpRequestInfo(HttpRequest request) { - if (request == null) { - throw new ArgumentNullException("request"); - } + Contract.Requires(request != null); + ErrorUtilities.VerifyArgumentNotNull(request, "request"); this.HttpMethod = request.HttpMethod; this.Url = request.Url; + this.RawUrl = request.RawUrl; this.Headers = GetHeaderCollection(request.Headers); this.InputStream = request.InputStream; @@ -65,15 +71,23 @@ namespace DotNetOpenAuth.Messaging { /// </summary> /// <param name="httpMethod">The HTTP method (i.e. GET or POST) of the incoming request.</param> /// <param name="requestUrl">The URL being requested.</param> + /// <param name="rawUrl">The raw URL that appears immediately following the HTTP verb in the request, + /// before any URL rewriting takes place.</param> /// <param name="headers">Headers in the HTTP request.</param> /// <param name="inputStream">The entity stream, if any. (POST requests typically have these). Use <c>null</c> for GET requests.</param> - public HttpRequestInfo(string httpMethod, Uri requestUrl, WebHeaderCollection headers, Stream inputStream) { + public HttpRequestInfo(string httpMethod, Uri requestUrl, string rawUrl, WebHeaderCollection headers, Stream inputStream) { + Contract.Requires(!string.IsNullOrEmpty(httpMethod)); + Contract.Requires(requestUrl != null); + Contract.Requires(rawUrl != null); + Contract.Requires(headers != null); ErrorUtilities.VerifyNonZeroLength(httpMethod, "httpMethod"); ErrorUtilities.VerifyArgumentNotNull(requestUrl, "requestUrl"); + ErrorUtilities.VerifyArgumentNotNull(rawUrl, "rawUrl"); ErrorUtilities.VerifyArgumentNotNull(headers, "headers"); this.HttpMethod = httpMethod; this.Url = requestUrl; + this.RawUrl = rawUrl; this.Headers = headers; this.InputStream = inputStream; } @@ -83,10 +97,12 @@ namespace DotNetOpenAuth.Messaging { /// </summary> /// <param name="listenerRequest">Details on the incoming HTTP request.</param> public HttpRequestInfo(HttpListenerRequest listenerRequest) { + Contract.Requires(listenerRequest != null); ErrorUtilities.VerifyArgumentNotNull(listenerRequest, "listenerRequest"); this.HttpMethod = listenerRequest.HttpMethod; this.Url = listenerRequest.Url; + this.RawUrl = listenerRequest.RawUrl; this.Headers = new WebHeaderCollection(); foreach (string key in listenerRequest.Headers) { this.Headers[key] = listenerRequest.Headers[key]; @@ -101,13 +117,15 @@ namespace DotNetOpenAuth.Messaging { /// <param name="request">The WCF incoming request structure to get the HTTP information from.</param> /// <param name="requestUri">The URI of the service endpoint.</param> public HttpRequestInfo(HttpRequestMessageProperty request, Uri requestUri) { - if (request == null) { - throw new ArgumentNullException("request"); - } + Contract.Requires(request != null); + Contract.Requires(requestUri != null); + ErrorUtilities.VerifyArgumentNotNull(request, "request"); + ErrorUtilities.VerifyArgumentNotNull(requestUri, "requestUri"); this.HttpMethod = request.Method; this.Headers = request.Headers; this.Url = requestUri; + this.RawUrl = MakeUpRawUrlFromUrl(requestUri); } /// <summary> @@ -123,8 +141,12 @@ namespace DotNetOpenAuth.Messaging { /// </summary> /// <param name="request">The HttpWebRequest (that was never used) to copy from.</param> internal HttpRequestInfo(WebRequest request) { + Contract.Requires(request != null); + ErrorUtilities.VerifyArgumentNotNull(request, "request"); + this.HttpMethod = request.Method; this.Url = request.RequestUri; + this.RawUrl = MakeUpRawUrlFromUrl(request.RequestUri); this.Headers = GetHeaderCollection(request.Headers); this.InputStream = null; } @@ -157,11 +179,36 @@ namespace DotNetOpenAuth.Messaging { internal string HttpMethod { get; set; } /// <summary> - /// Gets or sets the entire URL of the request. + /// Gets or sets the entire URL of the request, after any URL rewriting. /// </summary> internal Uri Url { get; set; } /// <summary> + /// Gets or sets the raw URL that appears immediately following the HTTP verb in the request, + /// before any URL rewriting takes place. + /// </summary> + internal string RawUrl { get; set; } + + /// <summary> + /// Gets the full URL of a request before rewriting. + /// </summary> + internal Uri UrlBeforeRewriting { + get { + Contract.Requires(this.Url != null); + Contract.Requires(this.RawUrl != null); + + // We use Request.Url for the full path to the server, and modify it + // with Request.RawUrl to capture both the cookieless session "directory" if it exists + // and the original path in case URL rewriting is going on. We don't want to be + // fooled by URL rewriting because we're comparing the actual URL with what's in + // the return_to parameter in some cases. + // Response.ApplyAppPathModifier(builder.Path) would have worked for the cookieless + // session, but not the URL rewriting problem. + return new Uri(this.Url, this.RawUrl); + } + } + + /// <summary> /// Gets the query part of the URL (The ? and everything after it). /// </summary> internal string Query { @@ -215,6 +262,65 @@ namespace DotNetOpenAuth.Messaging { } /// <summary> + /// Gets the query data from the original request (before any URL rewriting has occurred.) + /// </summary> + /// <returns>A <see cref="NameValueCollection"/> containing all the parameters in the query string.</returns> + internal NameValueCollection QueryStringBeforeRewriting { + get { + if (this.queryStringBeforeRewriting == null) { + // This request URL may have been rewritten by the host site. + // For openid protocol purposes, we really need to look at + // the original query parameters before any rewriting took place. + if (!this.IsUrlRewritten) { + // No rewriting has taken place. + this.queryStringBeforeRewriting = this.QueryString; + } else { + // Rewriting detected! Recover the original request URI. + this.queryStringBeforeRewriting = HttpUtility.ParseQueryString(this.UrlBeforeRewriting.Query); + } + } + + return this.queryStringBeforeRewriting; + } + } + + /// <summary> + /// Gets a value indicating whether the request's URL was rewritten by ASP.NET + /// or some other module. + /// </summary> + /// <value> + /// <c>true</c> if this request's URL was rewritten; otherwise, <c>false</c>. + /// </value> + internal bool IsUrlRewritten { + get { return this.Url.PathAndQuery != this.RawUrl; } + } + + /// <summary> + /// Gets the query or form data from the original request (before any URL rewriting has occurred.) + /// </summary> + /// <returns>A set of name=value pairs.</returns> + [SuppressMessage("Microsoft.Design", "CA1024:UsePropertiesWhereAppropriate", Justification = "Expensive call")] + internal NameValueCollection GetQueryOrFormFromContext() { + NameValueCollection query; + if (this.HttpMethod == "GET") { + query = this.QueryStringBeforeRewriting; + } else { + query = this.Form; + } + return query; + } + + /// <summary> + /// Makes up a reasonable guess at the raw URL from the possibly rewritten URL. + /// </summary> + /// <param name="url">A full URL.</param> + /// <returns>A raw URL that might have come in on the HTTP verb.</returns> + private static string MakeUpRawUrlFromUrl(Uri url) { + Contract.Requires(url != null); + return url.AbsolutePath + url.Query + url.Fragment; + } + + /// <summary> /// Converts a NameValueCollection to a WebHeaderCollection. /// </summary> /// <param name="pairs">The collection a HTTP headers.</param> diff --git a/src/DotNetOpenAuth/Messaging/MessagingUtilities.cs b/src/DotNetOpenAuth/Messaging/MessagingUtilities.cs index 99a9e26..852d79d 100644 --- a/src/DotNetOpenAuth/Messaging/MessagingUtilities.cs +++ b/src/DotNetOpenAuth/Messaging/MessagingUtilities.cs @@ -87,45 +87,6 @@ namespace DotNetOpenAuth.Messaging { } /// <summary> - /// Gets the query data from the original request (before any URL rewriting has occurred.) - /// </summary> - /// <returns>A <see cref="NameValueCollection"/> containing all the parameters in the query string.</returns> - [SuppressMessage("Microsoft.Design", "CA1024:UsePropertiesWhereAppropriate", Justification = "Expensive call")] - public static NameValueCollection GetQueryFromContext() { - ErrorUtilities.VerifyHttpContext(); - - HttpRequest request = HttpContext.Current.Request; - - // This request URL may have been rewritten by the host site. - // For openid protocol purposes, we really need to look at - // the original query parameters before any rewriting took place. - if (request.Url.PathAndQuery == request.RawUrl) { - // No rewriting has taken place. - return request.QueryString; - } else { - // Rewriting detected! Recover the original request URI. - return HttpUtility.ParseQueryString(GetRequestUrlFromContext().Query); - } - } - - /// <summary> - /// Gets the query or form data from the original request (before any URL rewriting has occurred.) - /// </summary> - /// <returns>A set of name=value pairs.</returns> - [SuppressMessage("Microsoft.Design", "CA1024:UsePropertiesWhereAppropriate", Justification = "Expensive call")] - public static NameValueCollection GetQueryOrFormFromContext() { - ErrorUtilities.VerifyHttpContext(); - HttpRequest request = HttpContext.Current.Request; - NameValueCollection query; - if (request.RequestType == "GET") { - query = GetQueryFromContext(); - } else { - query = request.Form; - } - return query; - } - - /// <summary> /// Strips any and all URI query parameters that start with some prefix. /// </summary> /// <param name="uri">The URI that may have a query with parameters to remove.</param> diff --git a/src/DotNetOpenAuth/OAuth/WebConsumer.cs b/src/DotNetOpenAuth/OAuth/WebConsumer.cs index ee4a31d..569dd57 100644 --- a/src/DotNetOpenAuth/OAuth/WebConsumer.cs +++ b/src/DotNetOpenAuth/OAuth/WebConsumer.cs @@ -39,7 +39,7 @@ namespace DotNetOpenAuth.OAuth { /// Requires HttpContext.Current. /// </remarks> public UserAuthorizationRequest PrepareRequestUserAuthorization() { - Uri callback = MessagingUtilities.GetRequestUrlFromContext().StripQueryArgumentsWithPrefix(Protocol.Default.ParameterPrefix); + Uri callback = this.Channel.GetRequestFromContext().UrlBeforeRewriting.StripQueryArgumentsWithPrefix(Protocol.Default.ParameterPrefix); return this.PrepareRequestUserAuthorization(callback, null, null); } diff --git a/src/DotNetOpenAuth/OpenId/OpenIdUtilities.cs b/src/DotNetOpenAuth/OpenId/OpenIdUtilities.cs index 51368b1..4271eab 100644 --- a/src/DotNetOpenAuth/OpenId/OpenIdUtilities.cs +++ b/src/DotNetOpenAuth/OpenId/OpenIdUtilities.cs @@ -8,6 +8,7 @@ namespace DotNetOpenAuth.OpenId { using System; using System.Collections.Generic; using System.Diagnostics.CodeAnalysis; + using System.Diagnostics.Contracts; using System.Linq; using System.Text; using System.Text.RegularExpressions; @@ -90,10 +91,14 @@ namespace DotNetOpenAuth.OpenId { /// </summary> /// <param name="page">The hosting page that has the realm value to resolve.</param> /// <param name="realm">The realm, which may begin with "*." or "~/".</param> + /// <param name="requestContext">The request context.</param> /// <returns>The fully-qualified realm.</returns> [SuppressMessage("Microsoft.Usage", "CA1806:DoNotIgnoreMethodResults", MessageId = "DotNetOpenAuth.OpenId.Realm", Justification = "Using ctor for validation.")] - internal static UriBuilder GetResolvedRealm(Page page, string realm) { + internal static UriBuilder GetResolvedRealm(Page page, string realm, HttpRequestInfo requestContext) { + Contract.Requires(page != null); + Contract.Requires(requestContext != null); ErrorUtilities.VerifyArgumentNotNull(page, "page"); + ErrorUtilities.VerifyArgumentNotNull(requestContext, "requestContext"); // Allow for *. realm notation, as well as ASP.NET ~/ shortcuts. @@ -110,7 +115,7 @@ namespace DotNetOpenAuth.OpenId { string realmNoWildcard = Regex.Replace(realm, @"^(\w+://)\*\.", matchDelegate); UriBuilder fullyQualifiedRealm = new UriBuilder( - new Uri(MessagingUtilities.GetRequestUrlFromContext(), page.ResolveUrl(realmNoWildcard))); + new Uri(requestContext.UrlBeforeRewriting, page.ResolveUrl(realmNoWildcard))); if (foundWildcard) { fullyQualifiedRealm.Host = "*." + fullyQualifiedRealm.Host; diff --git a/src/DotNetOpenAuth/OpenId/Provider/IdentityEndpoint.cs b/src/DotNetOpenAuth/OpenId/Provider/IdentityEndpoint.cs index c194f3c..3a18b70 100644 --- a/src/DotNetOpenAuth/OpenId/Provider/IdentityEndpoint.cs +++ b/src/DotNetOpenAuth/OpenId/Provider/IdentityEndpoint.cs @@ -191,11 +191,12 @@ namespace DotNetOpenAuth.OpenId.Provider { /// <param name="writer">The <see cref="T:System.Web.UI.HtmlTextWriter"/> object that receives the server control content.</param> [SuppressMessage("Microsoft.Usage", "CA2234:PassSystemUriObjectsInsteadOfStrings", Justification = "Uri(Uri, string) accepts second arguments that Uri(Uri, new Uri(string)) does not that we must support.")] protected override void Render(HtmlTextWriter writer) { + Uri requestUrlBeforeRewrites = MessagingUtilities.GetRequestUrlFromContext(); base.Render(writer); if (!string.IsNullOrEmpty(this.ProviderEndpointUrl)) { writer.WriteBeginTag("link"); writer.WriteAttribute("rel", this.Protocol.HtmlDiscoveryProviderKey); - writer.WriteAttribute("href", new Uri(MessagingUtilities.GetRequestUrlFromContext(), this.Page.ResolveUrl(this.ProviderEndpointUrl)).AbsoluteUri); + writer.WriteAttribute("href", new Uri(requestUrlBeforeRewrites, this.Page.ResolveUrl(this.ProviderEndpointUrl)).AbsoluteUri); writer.Write(">"); writer.WriteEndTag("link"); writer.WriteLine(); @@ -203,7 +204,7 @@ namespace DotNetOpenAuth.OpenId.Provider { if (!string.IsNullOrEmpty(this.ProviderLocalIdentifier)) { writer.WriteBeginTag("link"); writer.WriteAttribute("rel", Protocol.HtmlDiscoveryLocalIdKey); - writer.WriteAttribute("href", new Uri(MessagingUtilities.GetRequestUrlFromContext(), this.Page.ResolveUrl(this.ProviderLocalIdentifier)).AbsoluteUri); + writer.WriteAttribute("href", new Uri(requestUrlBeforeRewrites, this.Page.ResolveUrl(this.ProviderLocalIdentifier)).AbsoluteUri); writer.Write(">"); writer.WriteEndTag("link"); writer.WriteLine(); diff --git a/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdAjaxTextBox.cs b/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdAjaxTextBox.cs index 0f4258a..f479552 100644 --- a/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdAjaxTextBox.cs +++ b/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdAjaxTextBox.cs @@ -594,7 +594,7 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { set { if (Page != null && !DesignMode) { // Validate new value by trying to construct a Realm object based on it. - new Realm(OpenIdUtilities.GetResolvedRealm(Page, value)); // throws an exception on failure. + new Realm(OpenIdUtilities.GetResolvedRealm(this.Page, value, this.RelyingParty.Channel.GetRequestFromContext())); // throws an exception on failure. } else { // We can't fully test it, but it should start with either ~/ or a protocol. if (Regex.IsMatch(value, @"^https?://")) { @@ -628,7 +628,7 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { set { if (Page != null && !DesignMode) { // Validate new value by trying to construct a Uri based on it. - new Uri(MessagingUtilities.GetRequestUrlFromContext(), Page.ResolveUrl(value)); // throws an exception on failure. + new Uri(this.RelyingParty.Channel.GetRequestFromContext().UrlBeforeRewriting, Page.ResolveUrl(value)); // throws an exception on failure. } else { // We can't fully test it, but it should start with either ~/ or a protocol. if (Regex.IsMatch(value, @"^https?://")) { @@ -966,7 +966,7 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { this.OnLoggedIn(this.AuthenticationResponse); } } else { - NameValueCollection query = MessagingUtilities.GetQueryOrFormFromContext(); + NameValueCollection query = this.RelyingParty.Channel.GetRequestFromContext().GetQueryOrFormFromContext(); string userSuppliedIdentifier = query["dotnetopenid.userSuppliedIdentifier"]; if (!string.IsNullOrEmpty(userSuppliedIdentifier) && query["dotnetopenid.phase"] == "2") { this.ReportAuthenticationResult(); @@ -1236,12 +1236,12 @@ if (!openidbox.dnoi_internal.onSubmit()) {{ return false; }} // Approximate the returnTo (either based on the customize property or the page URL) // so we can use it to help with Realm resolution. - Uri returnToApproximation = this.ReturnToUrl != null ? new Uri(MessagingUtilities.GetRequestUrlFromContext(), this.ReturnToUrl) : this.Page.Request.Url; + Uri returnToApproximation = this.ReturnToUrl != null ? new Uri(this.RelyingParty.Channel.GetRequestFromContext().UrlBeforeRewriting, this.ReturnToUrl) : this.Page.Request.Url; // Resolve the trust root, and swap out the scheme and port if necessary to match the // return_to URL, since this match is required by OpenId, and the consumer app // may be using HTTP at some times and HTTPS at others. - UriBuilder realm = OpenIdUtilities.GetResolvedRealm(this.Page, this.RealmUrl); + UriBuilder realm = OpenIdUtilities.GetResolvedRealm(this.Page, this.RealmUrl, this.RelyingParty.Channel.GetRequestFromContext()); realm.Scheme = returnToApproximation.Scheme; realm.Port = returnToApproximation.Port; diff --git a/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdMobileTextBox.cs b/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdMobileTextBox.cs index 2e31838..a917e24 100644 --- a/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdMobileTextBox.cs +++ b/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdMobileTextBox.cs @@ -235,6 +235,11 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { private const string UsePersistentCookieCallbackKey = "OpenIdTextBox_UsePersistentCookie"; /// <summary> + /// Backing field for the <see cref="RelyingParty"/> property. + /// </summary> + private OpenIdRelyingParty relyingParty; + + /// <summary> /// Initializes a new instance of the <see cref="OpenIdMobileTextBox"/> class. /// </summary> public OpenIdMobileTextBox() { @@ -287,7 +292,7 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { set { if (Page != null && !DesignMode) { // Validate new value by trying to construct a Realm object based on it. - new Realm(OpenIdUtilities.GetResolvedRealm(Page, value)); // throws an exception on failure. + new Realm(OpenIdUtilities.GetResolvedRealm(this.Page, value, this.RelyingParty.Channel.GetRequestFromContext())); // throws an exception on failure. } else { // We can't fully test it, but it should start with either ~/ or a protocol. if (Regex.IsMatch(value, @"^https?://")) { @@ -318,7 +323,7 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { set { if (Page != null && !DesignMode) { // Validate new value by trying to construct a Uri based on it. - new Uri(MessagingUtilities.GetRequestUrlFromContext(), Page.ResolveUrl(value)); // throws an exception on failure. + new Uri(this.RelyingParty.Channel.GetRequestFromContext().UrlBeforeRewriting, this.Page.ResolveUrl(value)); // throws an exception on failure. } else { // We can't fully test it, but it should start with either ~/ or a protocol. if (Regex.IsMatch(value, @"^https?://")) { @@ -522,6 +527,30 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { #endregion /// <summary> + /// Gets or sets the <see cref="OpenIdRelyingParty"/> instance to use. + /// </summary> + /// <value>The default value is an <see cref="OpenIdRelyingParty"/> instance initialized according to the web.config file.</value> + /// <remarks> + /// A performance optimization would be to store off the + /// instance as a static member in your web site and set it + /// to this property in your <see cref="Control.Load">Page.Load</see> + /// event since instantiating these instances can be expensive on + /// heavily trafficked web pages. + /// </remarks> + public OpenIdRelyingParty RelyingParty { + get { + if (this.relyingParty == null) { + this.relyingParty = this.CreateRelyingParty(); + } + return this.relyingParty; + } + + set { + this.relyingParty = value; + } + } + + /// <summary> /// Gets or sets the OpenID authentication request that is about to be sent. /// </summary> protected IAuthenticationRequest Request { get; set; } @@ -556,12 +585,10 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { ErrorUtilities.VerifyOperation(!string.IsNullOrEmpty(this.Text), OpenIdStrings.OpenIdTextBoxEmpty); try { - var consumer = this.CreateRelyingParty(); - // Resolve the trust root, and swap out the scheme and port if necessary to match the // return_to URL, since this match is required by OpenId, and the consumer app // may be using HTTP at some times and HTTPS at others. - UriBuilder realm = OpenIdUtilities.GetResolvedRealm(this.Page, this.RealmUrl); + UriBuilder realm = OpenIdUtilities.GetResolvedRealm(this.Page, this.RealmUrl, this.RelyingParty.Channel.GetRequestFromContext()); realm.Scheme = Page.Request.Url.Scheme; realm.Port = Page.Request.Url.Port; @@ -572,10 +599,10 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { if (Identifier.TryParse(this.Text, out userSuppliedIdentifier)) { Realm typedRealm = new Realm(realm); if (string.IsNullOrEmpty(this.ReturnToUrl)) { - this.Request = consumer.CreateRequest(userSuppliedIdentifier, typedRealm); + this.Request = this.RelyingParty.CreateRequest(userSuppliedIdentifier, typedRealm); } else { - Uri returnTo = new Uri(MessagingUtilities.GetRequestUrlFromContext(), this.ReturnToUrl); - this.Request = consumer.CreateRequest(userSuppliedIdentifier, typedRealm, returnTo); + Uri returnTo = new Uri(this.RelyingParty.Channel.GetRequestFromContext().UrlBeforeRewriting, this.ReturnToUrl); + this.Request = this.RelyingParty.CreateRequest(userSuppliedIdentifier, typedRealm, returnTo); } this.Request.Mode = this.ImmediateMode ? AuthenticationRequestMode.Immediate : AuthenticationRequestMode.Setup; if (this.EnableRequestProfile) { @@ -606,8 +633,7 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { return; } - var rp = this.CreateRelyingParty(); - var response = rp.GetResponse(); + var response = this.RelyingParty.GetResponse(); if (response != null) { string persistentString = response.GetCallbackArgument(UsePersistentCookieCallbackKey); bool persistentBool; @@ -719,7 +745,7 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { Language = this.RequestLanguage, TimeZone = this.RequestTimeZone, PolicyUrl = string.IsNullOrEmpty(this.PolicyUrl) ? - null : new Uri(MessagingUtilities.GetRequestUrlFromContext(), this.Page.ResolveUrl(this.PolicyUrl)), + null : new Uri(this.RelyingParty.Channel.GetRequestFromContext().UrlBeforeRewriting, this.Page.ResolveUrl(this.PolicyUrl)), }); } diff --git a/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdRelyingParty.cs b/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdRelyingParty.cs index 9afa9ff..167a7fe 100644 --- a/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdRelyingParty.cs +++ b/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdRelyingParty.cs @@ -459,12 +459,12 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { ErrorUtilities.VerifyHttpContext(); // Build the return_to URL - UriBuilder returnTo = new UriBuilder(MessagingUtilities.GetRequestUrlFromContext()); + UriBuilder returnTo = new UriBuilder(this.Channel.GetRequestFromContext().UrlBeforeRewriting); // Trim off any parameters with an "openid." prefix, and a few known others // to avoid carrying state from a prior login attempt. returnTo.Query = string.Empty; - NameValueCollection queryParams = MessagingUtilities.GetQueryFromContext(); + NameValueCollection queryParams = this.Channel.GetRequestFromContext().QueryStringBeforeRewriting; var returnToParams = new Dictionary<string, string>(queryParams.Count); foreach (string key in queryParams) { if (!IsOpenIdSupportingParameter(key)) { @@ -502,7 +502,7 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { ErrorUtilities.VerifyHttpContext(); // Build the realm URL - UriBuilder realmUrl = new UriBuilder(MessagingUtilities.GetRequestUrlFromContext()); + UriBuilder realmUrl = new UriBuilder(this.Channel.GetRequestFromContext().UrlBeforeRewriting); realmUrl.Path = HttpContext.Current.Request.ApplicationPath; realmUrl.Query = null; realmUrl.Fragment = null; diff --git a/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdTextBox.cs b/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdTextBox.cs index 4d4ccf4..a895649 100644 --- a/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdTextBox.cs +++ b/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdTextBox.cs @@ -389,7 +389,7 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { set { if (Page != null && !DesignMode) { // Validate new value by trying to construct a Realm object based on it. - new Realm(OpenIdUtilities.GetResolvedRealm(Page, value)); // throws an exception on failure. + new Realm(OpenIdUtilities.GetResolvedRealm(this.Page, value, this.RelyingParty.Channel.GetRequestFromContext())); // throws an exception on failure. } else { // We can't fully test it, but it should start with either ~/ or a protocol. if (Regex.IsMatch(value, @"^https?://")) { @@ -421,7 +421,7 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { set { if (this.Page != null && !this.DesignMode) { // Validate new value by trying to construct a Uri based on it. - new Uri(MessagingUtilities.GetRequestUrlFromContext(), this.Page.ResolveUrl(value)); // throws an exception on failure. + new Uri(this.RelyingParty.Channel.GetRequestFromContext().UrlBeforeRewriting, this.Page.ResolveUrl(value)); // throws an exception on failure. } else { // We can't fully test it, but it should start with either ~/ or a protocol. if (Regex.IsMatch(value, @"^https?://")) { @@ -910,12 +910,13 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { try { // Approximate the returnTo (either based on the customize property or the page URL) // so we can use it to help with Realm resolution. - Uri returnToApproximation = this.ReturnToUrl != null ? new Uri(MessagingUtilities.GetRequestUrlFromContext(), this.ReturnToUrl) : this.Page.Request.Url; + var requestContext = this.RelyingParty.Channel.GetRequestFromContext(); + Uri returnToApproximation = this.ReturnToUrl != null ? new Uri(requestContext.UrlBeforeRewriting, this.ReturnToUrl) : this.Page.Request.Url; // Resolve the trust root, and swap out the scheme and port if necessary to match the // return_to URL, since this match is required by OpenId, and the consumer app // may be using HTTP at some times and HTTPS at others. - UriBuilder realm = OpenIdUtilities.GetResolvedRealm(this.Page, this.RealmUrl); + UriBuilder realm = OpenIdUtilities.GetResolvedRealm(this.Page, this.RealmUrl, this.RelyingParty.Channel.GetRequestFromContext()); realm.Scheme = returnToApproximation.Scheme; realm.Port = returnToApproximation.Port; @@ -1159,7 +1160,7 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { Language = this.RequestLanguage, TimeZone = this.RequestTimeZone, PolicyUrl = string.IsNullOrEmpty(this.PolicyUrl) ? - null : new Uri(MessagingUtilities.GetRequestUrlFromContext(), this.Page.ResolveUrl(this.PolicyUrl)), + null : new Uri(this.RelyingParty.Channel.GetRequestFromContext().UrlBeforeRewriting, this.Page.ResolveUrl(this.PolicyUrl)), }); } |