diff options
Diffstat (limited to 'src')
81 files changed, 622 insertions, 417 deletions
diff --git a/src/DotNetOpenAuth.AspNet/Clients/OAuth/DotNetOpenAuthWebConsumer.cs b/src/DotNetOpenAuth.AspNet/Clients/OAuth/DotNetOpenAuthWebConsumer.cs index 2a67dab..a87a678 100644 --- a/src/DotNetOpenAuth.AspNet/Clients/OAuth/DotNetOpenAuthWebConsumer.cs +++ b/src/DotNetOpenAuth.AspNet/Clients/OAuth/DotNetOpenAuthWebConsumer.cs @@ -55,13 +55,12 @@ namespace DotNetOpenAuth.AspNet.Clients { /// <summary> /// The prepare authorized request. /// </summary> - /// <param name="profileEndpoint"> - /// The profile endpoint. - /// </param> - /// <param name="accessToken"> - /// The access token. - /// </param> - /// <returns>An HTTP request.</returns> + /// <param name="profileEndpoint">The profile endpoint.</param> + /// <param name="accessToken">The access token.</param> + /// <param name="cancellationToken">The cancellation token.</param> + /// <returns> + /// An HTTP request. + /// </returns> public Task<HttpRequestMessage> PrepareAuthorizedRequestAsync(MessageReceivingEndpoint profileEndpoint, string accessToken, CancellationToken cancellationToken = default(CancellationToken)) { return this.webConsumer.PrepareAuthorizedRequestAsync(profileEndpoint, accessToken, cancellationToken); } diff --git a/src/DotNetOpenAuth.AspNet/Clients/OAuth/IOAuthWebWorker.cs b/src/DotNetOpenAuth.AspNet/Clients/OAuth/IOAuthWebWorker.cs index 9651f52..91fca59 100644 --- a/src/DotNetOpenAuth.AspNet/Clients/OAuth/IOAuthWebWorker.cs +++ b/src/DotNetOpenAuth.AspNet/Clients/OAuth/IOAuthWebWorker.cs @@ -22,13 +22,12 @@ namespace DotNetOpenAuth.AspNet.Clients { /// <summary> /// The prepare authorized request. /// </summary> - /// <param name="profileEndpoint"> - /// The profile endpoint. - /// </param> - /// <param name="accessToken"> - /// The access token. - /// </param> - /// <returns>An HTTP request.</returns> + /// <param name="profileEndpoint">The profile endpoint.</param> + /// <param name="accessToken">The access token.</param> + /// <param name="cancellationToken">The cancellation token.</param> + /// <returns> + /// An HTTP request. + /// </returns> Task<HttpRequestMessage> PrepareAuthorizedRequestAsync(MessageReceivingEndpoint profileEndpoint, string accessToken, CancellationToken cancellationToken = default(CancellationToken)); /// <summary> @@ -40,9 +39,8 @@ namespace DotNetOpenAuth.AspNet.Clients { /// <summary> /// The request authentication. /// </summary> - /// <param name="callback"> - /// The callback. - /// </param> + /// <param name="callback">The callback.</param> + /// <param name="cancellationToken">The cancellation token.</param> Task<HttpResponseMessage> RequestAuthenticationAsync(Uri callback, CancellationToken cancellationToken = default(CancellationToken)); #endregion diff --git a/src/DotNetOpenAuth.AspNet/Clients/OAuth/LinkedInClient.cs b/src/DotNetOpenAuth.AspNet/Clients/OAuth/LinkedInClient.cs index 365b4c1..2445db5 100644 --- a/src/DotNetOpenAuth.AspNet/Clients/OAuth/LinkedInClient.cs +++ b/src/DotNetOpenAuth.AspNet/Clients/OAuth/LinkedInClient.cs @@ -100,7 +100,7 @@ namespace DotNetOpenAuth.AspNet.Clients { HttpRequestMessage request = await this.WebWorker.PrepareAuthorizedRequestAsync(profileEndpoint, accessToken, cancellationToken); try { - using(var httpClient = new HttpClient()) { + using (var httpClient = new HttpClient()) { using (HttpResponseMessage profileResponse = await httpClient.SendAsync(request, cancellationToken)) { using (Stream responseStream = await profileResponse.Content.ReadAsStreamAsync()) { XDocument document = LoadXDocumentFromStream(responseStream); diff --git a/src/DotNetOpenAuth.AspNet/Clients/OAuth/OAuthClient.cs b/src/DotNetOpenAuth.AspNet/Clients/OAuth/OAuthClient.cs index dd48bf6..fb6ba3d 100644 --- a/src/DotNetOpenAuth.AspNet/Clients/OAuth/OAuthClient.cs +++ b/src/DotNetOpenAuth.AspNet/Clients/OAuth/OAuthClient.cs @@ -105,12 +105,9 @@ namespace DotNetOpenAuth.AspNet.Clients { /// <summary> /// Attempts to authenticate users by forwarding them to an external website, and upon succcess or failure, redirect users back to the specified url. /// </summary> - /// <param name="context"> - /// The context. - /// </param> - /// <param name="returnUrl"> - /// The return url after users have completed authenticating against external website. - /// </param> + /// <param name="context">The context.</param> + /// <param name="returnUrl">The return url after users have completed authenticating against external website.</param> + /// <param name="cancellationToken">The cancellation token.</param> public virtual Task RequestAuthenticationAsync(HttpContextBase context, Uri returnUrl, CancellationToken cancellationToken = default(CancellationToken)) { Requires.NotNull(returnUrl, "returnUrl"); Requires.NotNull(context, "context"); @@ -122,11 +119,10 @@ namespace DotNetOpenAuth.AspNet.Clients { /// <summary> /// Check if authentication succeeded after user is redirected back from the service provider. /// </summary> - /// <param name="context"> - /// The context. - /// </param> + /// <param name="context">The context.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns> - /// An instance of <see cref="AuthenticationResult"/> containing authentication result. + /// An instance of <see cref="AuthenticationResult" /> containing authentication result. /// </returns> public virtual async Task<AuthenticationResult> VerifyAuthenticationAsync(HttpContextBase context, CancellationToken cancellationToken = default(CancellationToken)) { AuthorizedTokenResponse response = await this.WebWorker.ProcessUserAuthorizationAsync(cancellationToken); @@ -178,6 +174,7 @@ namespace DotNetOpenAuth.AspNet.Clients { /// <param name="response"> /// The response token returned from service provider /// </param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns> /// Authentication result /// </returns> diff --git a/src/DotNetOpenAuth.AspNet/Clients/OAuth/TwitterClient.cs b/src/DotNetOpenAuth.AspNet/Clients/OAuth/TwitterClient.cs index c2dcf95..3cfa36f 100644 --- a/src/DotNetOpenAuth.AspNet/Clients/OAuth/TwitterClient.cs +++ b/src/DotNetOpenAuth.AspNet/Clients/OAuth/TwitterClient.cs @@ -82,11 +82,10 @@ namespace DotNetOpenAuth.AspNet.Clients { /// <summary> /// Check if authentication succeeded after user is redirected back from the service provider. /// </summary> - /// <param name="response"> - /// The response token returned from service provider - /// </param> + /// <param name="response">The response token returned from service provider</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns> - /// Authentication result + /// Authentication result /// </returns> [SuppressMessage("Microsoft.Design", "CA1031:DoNotCatchGeneralExceptionTypes", Justification = "We don't care if the request for additional data fails.")] diff --git a/src/DotNetOpenAuth.AspNet/Clients/OAuth2/OAuth2Client.cs b/src/DotNetOpenAuth.AspNet/Clients/OAuth2/OAuth2Client.cs index 60f6a5e..317a46d 100644 --- a/src/DotNetOpenAuth.AspNet/Clients/OAuth2/OAuth2Client.cs +++ b/src/DotNetOpenAuth.AspNet/Clients/OAuth2/OAuth2Client.cs @@ -59,12 +59,9 @@ namespace DotNetOpenAuth.AspNet.Clients { /// <summary> /// Attempts to authenticate users by forwarding them to an external website, and upon succcess or failure, redirect users back to the specified url. /// </summary> - /// <param name="context"> - /// The context. - /// </param> - /// <param name="returnUrl"> - /// The return url after users have completed authenticating against external website. - /// </param> + /// <param name="context">The context.</param> + /// <param name="returnUrl">The return url after users have completed authenticating against external website.</param> + /// <param name="cancellationToken">The cancellation token.</param> public virtual async Task RequestAuthenticationAsync(HttpContextBase context, Uri returnUrl, CancellationToken cancellationToken = default(CancellationToken)) { Requires.NotNull(context, "context"); Requires.NotNull(returnUrl, "returnUrl"); @@ -76,12 +73,12 @@ namespace DotNetOpenAuth.AspNet.Clients { /// <summary> /// Check if authentication succeeded after user is redirected back from the service provider. /// </summary> - /// <param name="context"> - /// The context. - /// </param> + /// <param name="context">The context.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns> - /// An instance of <see cref="AuthenticationResult"/> containing authentication result. + /// An instance of <see cref="AuthenticationResult" /> containing authentication result. /// </returns> + /// <exception cref="System.InvalidOperationException"></exception> public Task<AuthenticationResult> VerifyAuthenticationAsync(HttpContextBase context, CancellationToken cancellationToken = default(CancellationToken)) { throw new InvalidOperationException(WebResources.OAuthRequireReturnUrl); } @@ -91,6 +88,7 @@ namespace DotNetOpenAuth.AspNet.Clients { /// </summary> /// <param name="context">The context.</param> /// <param name="returnPageUrl">The return URL which should match the value passed to RequestAuthentication() method.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns> /// An instance of <see cref="AuthenticationResult"/> containing authentication result. /// </returns> diff --git a/src/DotNetOpenAuth.AspNet/Clients/OpenID/OpenIDClient.cs b/src/DotNetOpenAuth.AspNet/Clients/OpenID/OpenIDClient.cs index 741b51b..0d6d6ca 100644 --- a/src/DotNetOpenAuth.AspNet/Clients/OpenID/OpenIDClient.cs +++ b/src/DotNetOpenAuth.AspNet/Clients/OpenID/OpenIDClient.cs @@ -87,6 +87,7 @@ namespace DotNetOpenAuth.AspNet.Clients { /// <param name="returnUrl"> /// The return url after users have completed authenticating against external website. /// </param> + /// <param name="cancellationToken">The cancellation token.</param> [SuppressMessage("Microsoft.Usage", "CA2234:PassSystemUriObjectsInsteadOfStrings", Justification = "We don't have a Uri object handy.")] public virtual async Task RequestAuthenticationAsync(HttpContextBase context, Uri returnUrl, CancellationToken cancellationToken = default(CancellationToken)) { @@ -104,12 +105,12 @@ namespace DotNetOpenAuth.AspNet.Clients { /// <summary> /// Check if authentication succeeded after user is redirected back from the service provider. /// </summary> - /// <param name="context"> - /// The context of the current request. - /// </param> + /// <param name="context">The context of the current request.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns> - /// An instance of <see cref="AuthenticationResult"/> containing authentication result. + /// An instance of <see cref="AuthenticationResult" /> containing authentication result. /// </returns> + /// <exception cref="System.InvalidOperationException"></exception> public virtual async Task<AuthenticationResult> VerifyAuthenticationAsync(HttpContextBase context, CancellationToken cancellationToken = default(CancellationToken)) { IAuthenticationResponse response = await RelyingParty.GetResponseAsync(context.Request, cancellationToken); if (response == null) { diff --git a/src/DotNetOpenAuth.AspNet/IAuthenticationClient.cs b/src/DotNetOpenAuth.AspNet/IAuthenticationClient.cs index bca32c6..b13f0d1 100644 --- a/src/DotNetOpenAuth.AspNet/IAuthenticationClient.cs +++ b/src/DotNetOpenAuth.AspNet/IAuthenticationClient.cs @@ -22,22 +22,19 @@ namespace DotNetOpenAuth.AspNet { /// <summary> /// Attempts to authenticate users by forwarding them to an external website, and upon succcess or failure, redirect users back to the specified url. /// </summary> - /// <param name="context"> - /// The context of the current request. - /// </param> - /// <param name="returnUrl"> - /// The return url after users have completed authenticating against external website. - /// </param> + /// <param name="context">The context of the current request.</param> + /// <param name="returnUrl">The return url after users have completed authenticating against external website.</param> + /// <param name="cancellationToken">The cancellation token.</param> + /// <returns>A task that completes with the async operation.</returns> Task RequestAuthenticationAsync(HttpContextBase context, Uri returnUrl, CancellationToken cancellationToken = default(CancellationToken)); /// <summary> /// Check if authentication succeeded after user is redirected back from the service provider. /// </summary> - /// <param name="context"> - /// The context of the current request. - /// </param> + /// <param name="context">The context of the current request.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns> - /// An instance of <see cref="AuthenticationResult"/> containing authentication result. + /// An instance of <see cref="AuthenticationResult" /> containing authentication result. /// </returns> Task<AuthenticationResult> VerifyAuthenticationAsync(HttpContextBase context, CancellationToken cancellationToken = default(CancellationToken)); } diff --git a/src/DotNetOpenAuth.Core/Configuration/TypeConfigurationCollection.cs b/src/DotNetOpenAuth.Core/Configuration/TypeConfigurationCollection.cs index 0eab939..fa146a2 100644 --- a/src/DotNetOpenAuth.Core/Configuration/TypeConfigurationCollection.cs +++ b/src/DotNetOpenAuth.Core/Configuration/TypeConfigurationCollection.cs @@ -41,7 +41,10 @@ namespace DotNetOpenAuth.Configuration { /// Creates instances of all the types listed in the collection. /// </summary> /// <param name="allowInternals">if set to <c>true</c> then internal types may be instantiated.</param> - /// <returns>A sequence of instances generated from types in this collection. May be empty, but never null.</returns> + /// <param name="hostFactories">The host factories.</param> + /// <returns> + /// A sequence of instances generated from types in this collection. May be empty, but never null. + /// </returns> internal IEnumerable<T> CreateInstances(bool allowInternals, IHostFactories hostFactories) { return from element in this.Cast<TypeConfigurationElement<T>>() where !element.IsEmpty diff --git a/src/DotNetOpenAuth.Core/Configuration/TypeConfigurationElement.cs b/src/DotNetOpenAuth.Core/Configuration/TypeConfigurationElement.cs index 8b3efe0..bcf199f 100644 --- a/src/DotNetOpenAuth.Core/Configuration/TypeConfigurationElement.cs +++ b/src/DotNetOpenAuth.Core/Configuration/TypeConfigurationElement.cs @@ -75,7 +75,10 @@ namespace DotNetOpenAuth.Configuration { /// Creates an instance of the type described in the .config file. /// </summary> /// <param name="defaultValue">The value to return if no type is given in the .config file.</param> - /// <returns>The newly instantiated type.</returns> + /// <param name="hostFactories">The host factories.</param> + /// <returns> + /// The newly instantiated type. + /// </returns> public T CreateInstance(T defaultValue, IHostFactories hostFactories) { return this.CreateInstance(defaultValue, false, hostFactories); } diff --git a/src/DotNetOpenAuth.Core/IRequireHostFactories.cs b/src/DotNetOpenAuth.Core/IRequireHostFactories.cs index b2d7af8..60fa970 100644 --- a/src/DotNetOpenAuth.Core/IRequireHostFactories.cs +++ b/src/DotNetOpenAuth.Core/IRequireHostFactories.cs @@ -5,7 +5,16 @@ //----------------------------------------------------------------------- namespace DotNetOpenAuth { + /// <summary> + /// An interface implemented by DotNetOpenAuth extensions that need to create host-specific instances of specific interfaces. + /// </summary> public interface IRequireHostFactories { + /// <summary> + /// Gets or sets the host factories used by this instance. + /// </summary> + /// <value> + /// The host factories. + /// </value> IHostFactories HostFactories { get; set; } } } diff --git a/src/DotNetOpenAuth.Core/Messaging/Bindings/StandardExpirationBindingElement.cs b/src/DotNetOpenAuth.Core/Messaging/Bindings/StandardExpirationBindingElement.cs index 3cb4500..c706e42 100644 --- a/src/DotNetOpenAuth.Core/Messaging/Bindings/StandardExpirationBindingElement.cs +++ b/src/DotNetOpenAuth.Core/Messaging/Bindings/StandardExpirationBindingElement.cs @@ -56,10 +56,15 @@ namespace DotNetOpenAuth.Messaging.Bindings { /// Sets the timestamp on an outgoing message. /// </summary> /// <param name="message">The outgoing message.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns> /// The protections (if any) that this binding element applied to the message. /// Null if this binding element did not even apply to this binding element. /// </returns> + /// <remarks> + /// Implementations that provide message protection must honor the + /// <see cref="MessagePartAttribute.RequiredProtection" /> properties where applicable. + /// </remarks> public Task<MessageProtections?> ProcessOutgoingMessageAsync(IProtocolMessage message, CancellationToken cancellationToken) { IExpiringProtocolMessage expiringMessage = message as IExpiringProtocolMessage; if (expiringMessage != null) { @@ -74,6 +79,7 @@ namespace DotNetOpenAuth.Messaging.Bindings { /// Reads the timestamp on a message and throws an exception if the message is too old. /// </summary> /// <param name="message">The incoming message.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns> /// The protections (if any) that this binding element applied to the message. /// Null if this binding element did not even apply to this binding element. diff --git a/src/DotNetOpenAuth.Core/Messaging/Bindings/StandardReplayProtectionBindingElement.cs b/src/DotNetOpenAuth.Core/Messaging/Bindings/StandardReplayProtectionBindingElement.cs index 2502742..6c062d6 100644 --- a/src/DotNetOpenAuth.Core/Messaging/Bindings/StandardReplayProtectionBindingElement.cs +++ b/src/DotNetOpenAuth.Core/Messaging/Bindings/StandardReplayProtectionBindingElement.cs @@ -101,6 +101,7 @@ namespace DotNetOpenAuth.Messaging.Bindings { /// Applies a nonce to the message. /// </summary> /// <param name="message">The message to apply replay protection to.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns> /// The protections (if any) that this binding element applied to the message. /// Null if this binding element did not even apply to this binding element. @@ -119,11 +120,16 @@ namespace DotNetOpenAuth.Messaging.Bindings { /// Verifies that the nonce in an incoming message has not been seen before. /// </summary> /// <param name="message">The incoming message.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns> /// The protections (if any) that this binding element applied to the message. /// Null if this binding element did not even apply to this binding element. /// </returns> /// <exception cref="ReplayedMessageException">Thrown when the nonce check revealed a replayed message.</exception> + /// <remarks> + /// Implementations that provide message protection must honor the + /// <see cref="MessagePartAttribute.RequiredProtection" /> properties where applicable. + /// </remarks> public Task<MessageProtections?> ProcessIncomingMessageAsync(IProtocolMessage message, CancellationToken cancellationToken) { IReplayProtectedProtocolMessage nonceMessage = message as IReplayProtectedProtocolMessage; if (nonceMessage != null && nonceMessage.Nonce != null) { diff --git a/src/DotNetOpenAuth.Core/Messaging/Channel.cs b/src/DotNetOpenAuth.Core/Messaging/Channel.cs index 5420e5f..0dc31b8 100644 --- a/src/DotNetOpenAuth.Core/Messaging/Channel.cs +++ b/src/DotNetOpenAuth.Core/Messaging/Channel.cs @@ -279,6 +279,7 @@ namespace DotNetOpenAuth.Messaging { /// or direct message response for transmission to a remote party. /// </summary> /// <param name="message">The one-way message to send</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns>The pending user agent redirect based message to be sent as an HttpResponse.</returns> public async Task<HttpResponseMessage> PrepareResponseAsync(IProtocolMessage message, CancellationToken cancellationToken = default(CancellationToken)) { Requires.NotNull(message, "message"); @@ -342,10 +343,12 @@ namespace DotNetOpenAuth.Messaging { /// Gets the protocol message embedded in the given HTTP request, if present. /// </summary> /// <typeparam name="TRequest">The expected type of the message to be received.</typeparam> + /// <param name="cancellationToken">The cancellation token.</param> /// <param name="httpRequest">The request to search for an embedded message.</param> - /// <param name="request">The deserialized message, if one is found. Null otherwise.</param> - /// <returns>True if the expected message was recognized and deserialized. False otherwise.</returns> - /// <exception cref="InvalidOperationException">Thrown when <see cref="HttpContext.Current"/> is null.</exception> + /// <returns> + /// True if the expected message was recognized and deserialized. False otherwise. + /// </returns> + /// <exception cref="InvalidOperationException">Thrown when <see cref="HttpContext.Current" /> is null.</exception> /// <exception cref="ProtocolException">Thrown when a request message of an unexpected type is received.</exception> public async Task<TRequest> TryReadFromRequestAsync<TRequest>(CancellationToken cancellationToken, HttpRequestBase httpRequest = null) where TRequest : class, IProtocolMessage { @@ -365,8 +368,11 @@ namespace DotNetOpenAuth.Messaging { /// Gets the protocol message embedded in the given HTTP request. /// </summary> /// <typeparam name="TRequest">The expected type of the message to be received.</typeparam> + /// <param name="cancellationToken">The cancellation token.</param> /// <param name="httpRequest">The request to search for an embedded message.</param> - /// <returns>The deserialized message. Never null.</returns> + /// <returns> + /// The deserialized message. Never null. + /// </returns> /// <exception cref="ProtocolException">Thrown if the expected message was not recognized in the response.</exception> [SuppressMessage("Microsoft.Design", "CA1004:GenericMethodsShouldProvideTypeParameter", Justification = "This returns and verifies the appropriate message type.")] public async Task<TRequest> ReadFromRequestAsync<TRequest>(CancellationToken cancellationToken, HttpRequestBase httpRequest = null) @@ -469,6 +475,7 @@ namespace DotNetOpenAuth.Messaging { /// Verifies the integrity and applicability of an incoming message. /// </summary> /// <param name="message">The message just received.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <exception cref="ProtocolException"> /// Thrown when the message is somehow invalid. /// This can be due to tampering, replay attack or expiration, among other things. @@ -646,6 +653,7 @@ namespace DotNetOpenAuth.Messaging { /// Submits a direct request message to some remote party and blocks waiting for an immediately reply. /// </summary> /// <param name="request">The request message.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns>The response message, or null if the response did not carry a message.</returns> /// <remarks> /// Typically a deriving channel will override <see cref="CreateHttpRequest"/> to customize this method's @@ -719,6 +727,7 @@ namespace DotNetOpenAuth.Messaging { /// Gets the protocol message that may be embedded in the given HTTP request. /// </summary> /// <param name="request">The request to search for an embedded message.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns>The deserialized message, if one is found. Null otherwise.</returns> protected virtual IDirectedProtocolMessage ReadFromRequestCore(HttpRequestBase request, CancellationToken cancellationToken) { Requires.NotNull(request, "request"); @@ -1124,6 +1133,7 @@ namespace DotNetOpenAuth.Messaging { /// Verifies the integrity and applicability of an incoming message. /// </summary> /// <param name="message">The message just received.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <exception cref="ProtocolException"> /// Thrown when the message is somehow invalid. /// This can be due to tampering, replay attack or expiration, among other things. diff --git a/src/DotNetOpenAuth.Core/Messaging/IChannelBindingElement.cs b/src/DotNetOpenAuth.Core/Messaging/IChannelBindingElement.cs index dc026a4..fe2cf3d 100644 --- a/src/DotNetOpenAuth.Core/Messaging/IChannelBindingElement.cs +++ b/src/DotNetOpenAuth.Core/Messaging/IChannelBindingElement.cs @@ -35,6 +35,7 @@ namespace DotNetOpenAuth.Messaging { /// Prepares a message for sending based on the rules of this channel binding element. /// </summary> /// <param name="message">The message to prepare for sending.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns> /// The protections (if any) that this binding element applied to the message. /// Null if this binding element did not even apply to this binding element. @@ -50,6 +51,7 @@ namespace DotNetOpenAuth.Messaging { /// validates an incoming message based on the rules of this channel binding element. /// </summary> /// <param name="message">The incoming message to process.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns> /// The protections (if any) that this binding element applied to the message. /// Null if this binding element did not even apply to this binding element. diff --git a/src/DotNetOpenAuth.Core/Messaging/MultipartContentMember.cs b/src/DotNetOpenAuth.Core/Messaging/MultipartContentMember.cs index 2aa33ae..cc9d806 100644 --- a/src/DotNetOpenAuth.Core/Messaging/MultipartContentMember.cs +++ b/src/DotNetOpenAuth.Core/Messaging/MultipartContentMember.cs @@ -1,4 +1,10 @@ -namespace DotNetOpenAuth.Messaging { +//----------------------------------------------------------------------- +// <copyright file="MultipartContentMember.cs" company="Andrew Arnott"> +// Copyright (c) Andrew Arnott. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- + +namespace DotNetOpenAuth.Messaging { using System; using System.Collections.Generic; using System.Linq; diff --git a/src/DotNetOpenAuth.Core/Messaging/StandardMessageFactoryChannel.cs b/src/DotNetOpenAuth.Core/Messaging/StandardMessageFactoryChannel.cs index e90ee44..413d0ad 100644 --- a/src/DotNetOpenAuth.Core/Messaging/StandardMessageFactoryChannel.cs +++ b/src/DotNetOpenAuth.Core/Messaging/StandardMessageFactoryChannel.cs @@ -27,14 +27,13 @@ namespace DotNetOpenAuth.Messaging { private readonly ICollection<Version> versions; /// <summary> - /// Initializes a new instance of the <see cref="StandardMessageFactoryChannel"/> class. + /// Initializes a new instance of the <see cref="StandardMessageFactoryChannel" /> class. /// </summary> /// <param name="messageTypes">The message types that might be encountered.</param> /// <param name="versions">All the possible message versions that might be encountered.</param> - /// <param name="bindingElements"> - /// The binding elements to use in sending and receiving messages. - /// The order they are provided is used for outgoing messgaes, and reversed for incoming messages. - /// </param> + /// <param name="hostFactories">The host factories.</param> + /// <param name="bindingElements">The binding elements to use in sending and receiving messages. + /// The order they are provided is used for outgoing messgaes, and reversed for incoming messages.</param> protected StandardMessageFactoryChannel(ICollection<Type> messageTypes, ICollection<Version> versions, IHostFactories hostFactories, IChannelBindingElement[] bindingElements = null) : base(new StandardMessageFactory(), bindingElements ?? new IChannelBindingElement[0], hostFactories) { Requires.NotNull(messageTypes, "messageTypes"); diff --git a/src/DotNetOpenAuth.Core/Reporting.cs b/src/DotNetOpenAuth.Core/Reporting.cs index e291851..20aeddc 100644 --- a/src/DotNetOpenAuth.Core/Reporting.cs +++ b/src/DotNetOpenAuth.Core/Reporting.cs @@ -328,7 +328,7 @@ namespace DotNetOpenAuth { lock (publishingConsiderationLock) { if (DateTime.Now - lastPublished > Configuration.MinimumReportingInterval) { lastPublished = DateTime.Now; - SendStatsAsync(); + var fireAndForget = SendStatsAsync(); } } } diff --git a/src/DotNetOpenAuth.Core/Util.cs b/src/DotNetOpenAuth.Core/Util.cs index a23b4d8..3463808 100644 --- a/src/DotNetOpenAuth.Core/Util.cs +++ b/src/DotNetOpenAuth.Core/Util.cs @@ -29,11 +29,6 @@ namespace DotNetOpenAuth { /// </summary> internal const string DefaultNamespace = "DotNetOpenAuth"; - /// <summary> - /// The web.config file-specified provider of web resource URLs. - /// </summary> - private static IEmbeddedResourceRetrieval embeddedResourceRetrieval = MessagingElement.Configuration.EmbeddedResourceRetrievalProvider.CreateInstance(null, false, null); - private static readonly Lazy<string> libraryVersionLazy = new Lazy<string>(delegate { var assembly = Assembly.GetExecutingAssembly(); string assemblyFullName = assembly.FullName; @@ -44,6 +39,11 @@ namespace DotNetOpenAuth { return string.Format(CultureInfo.InvariantCulture, "{0} ({1})", assemblyFullName, official ? "official" : "private"); }); + /// <summary> + /// The web.config file-specified provider of web resource URLs. + /// </summary> + private static IEmbeddedResourceRetrieval embeddedResourceRetrieval = MessagingElement.Configuration.EmbeddedResourceRetrievalProvider.CreateInstance(null, false, null); + private static readonly Lazy<ProductInfoHeaderValue> libraryVersionHeaderLazy = new Lazy<ProductInfoHeaderValue>(delegate { var assemblyName = Assembly.GetExecutingAssembly().GetName(); return new ProductInfoHeaderValue(assemblyName.Name, AssemblyFileVersion); diff --git a/src/DotNetOpenAuth.OAuth.Consumer/OAuth/ChannelElements/OAuthConsumerChannel.cs b/src/DotNetOpenAuth.OAuth.Consumer/OAuth/ChannelElements/OAuthConsumerChannel.cs index 3ed05f8..a10ff09 100644 --- a/src/DotNetOpenAuth.OAuth.Consumer/OAuth/ChannelElements/OAuthConsumerChannel.cs +++ b/src/DotNetOpenAuth.OAuth.Consumer/OAuth/ChannelElements/OAuthConsumerChannel.cs @@ -19,13 +19,14 @@ namespace DotNetOpenAuth.OAuth.ChannelElements { /// </summary> internal class OAuthConsumerChannel : OAuthChannel { /// <summary> - /// Initializes a new instance of the <see cref="OAuthConsumerChannel"/> class. + /// Initializes a new instance of the <see cref="OAuthConsumerChannel" /> class. /// </summary> /// <param name="signingBindingElement">The binding element to use for signing.</param> /// <param name="store">The web application store to use for nonces.</param> /// <param name="tokenManager">The token manager instance to use.</param> /// <param name="securitySettings">The security settings.</param> /// <param name="messageFactory">The message factory.</param> + /// <param name="hostFactories">The host factories.</param> [SuppressMessage("Microsoft.Globalization", "CA1303:Do not pass literals as localized parameters", MessageId = "System.Diagnostics.Contracts.__ContractsRuntime.Requires<System.ArgumentNullException>(System.Boolean,System.String,System.String)", Justification = "Code contracts"), SuppressMessage("Microsoft.Naming", "CA2204:Literals should be spelled correctly", MessageId = "securitySettings", Justification = "Code contracts")] internal OAuthConsumerChannel(ITamperProtectionChannelBindingElement signingBindingElement, INonceStore store, IConsumerTokenManager tokenManager, ConsumerSecuritySettings securitySettings, IMessageFactory messageFactory = null, IHostFactories hostFactories = null) : base( diff --git a/src/DotNetOpenAuth.OAuth.Consumer/OAuth/ConsumerBase.cs b/src/DotNetOpenAuth.OAuth.Consumer/OAuth/ConsumerBase.cs index b59b438..afb4c95 100644 --- a/src/DotNetOpenAuth.OAuth.Consumer/OAuth/ConsumerBase.cs +++ b/src/DotNetOpenAuth.OAuth.Consumer/OAuth/ConsumerBase.cs @@ -90,6 +90,7 @@ namespace DotNetOpenAuth.OAuth { /// Obtains an access token for a new account at the Service Provider via 2-legged OAuth. /// </summary> /// <param name="requestParameters">Any applicable parameters to include in the query string of the token request.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns>The access token.</returns> /// <remarks> /// The token secret is stored in the <see cref="TokenManager"/>. @@ -120,6 +121,7 @@ namespace DotNetOpenAuth.OAuth { /// </summary> /// <param name="endpoint">The URL and method on the Service Provider to send the request to.</param> /// <param name="accessToken">The access token that permits access to the protected resource.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns>The initialized WebRequest object.</returns> public Task<HttpRequestMessage> PrepareAuthorizedRequestAsync(MessageReceivingEndpoint endpoint, string accessToken, CancellationToken cancellationToken = default(CancellationToken)) { Requires.NotNull(endpoint, "endpoint"); @@ -135,6 +137,7 @@ namespace DotNetOpenAuth.OAuth { /// <param name="endpoint">The URL and method on the Service Provider to send the request to.</param> /// <param name="accessToken">The access token that permits access to the protected resource.</param> /// <param name="extraData">Extra parameters to include in the message. Must not be null, but may be empty.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns>The initialized WebRequest object.</returns> public Task<HttpRequestMessage> PrepareAuthorizedRequestAsync(MessageReceivingEndpoint endpoint, string accessToken, IDictionary<string, string> extraData, CancellationToken cancellationToken = default(CancellationToken)) { Requires.NotNull(endpoint, "endpoint"); @@ -155,6 +158,7 @@ namespace DotNetOpenAuth.OAuth { /// <param name="endpoint">The URL and method on the Service Provider to send the request to.</param> /// <param name="accessToken">The access token that permits access to the protected resource.</param> /// <param name="binaryData">Extra parameters to include in the message. Must not be null, but may be empty.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns>The initialized WebRequest object.</returns> public Task<HttpRequestMessage> PrepareAuthorizedRequestAsync(MessageReceivingEndpoint endpoint, string accessToken, IEnumerable<MultipartContentMember> binaryData, CancellationToken cancellationToken = default(CancellationToken)) { Requires.NotNull(endpoint, "endpoint"); @@ -171,6 +175,7 @@ namespace DotNetOpenAuth.OAuth { /// Prepares an HTTP request that has OAuth authorization already attached to it. /// </summary> /// <param name="message">The OAuth authorization message to attach to the HTTP request.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns> /// The HttpWebRequest that can be used to send the HTTP request to the remote service provider. /// </returns> @@ -230,6 +235,7 @@ namespace DotNetOpenAuth.OAuth { /// <param name="requestParameters">Extra parameters to add to the request token message. Optional.</param> /// <param name="redirectParameters">Extra parameters to add to the redirect to Service Provider message. Optional.</param> /// <param name="requestToken">The request token that must be exchanged for an access token after the user has provided authorization.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns>The pending user agent redirect based message to be sent as an HttpResponse.</returns> [SuppressMessage("Microsoft.Design", "CA1021:AvoidOutParameters", MessageId = "3#", Justification = "Two results")] protected internal async Task<UserAuthorizationRequest> PrepareRequestUserAuthorizationAsync(Uri callback, IDictionary<string, string> requestParameters, IDictionary<string, string> redirectParameters, CancellationToken cancellationToken = default(CancellationToken)) { @@ -265,6 +271,7 @@ namespace DotNetOpenAuth.OAuth { /// </summary> /// <param name="requestToken">The request token that the user has authorized.</param> /// <param name="verifier">The verifier code.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns> /// The access token assigned by the Service Provider. /// </returns> diff --git a/src/DotNetOpenAuth.OAuth.Consumer/OAuth/DesktopConsumer.cs b/src/DotNetOpenAuth.OAuth.Consumer/OAuth/DesktopConsumer.cs index cd16c7e..a1bfd2d 100644 --- a/src/DotNetOpenAuth.OAuth.Consumer/OAuth/DesktopConsumer.cs +++ b/src/DotNetOpenAuth.OAuth.Consumer/OAuth/DesktopConsumer.cs @@ -37,8 +37,10 @@ namespace DotNetOpenAuth.OAuth { /// </summary> /// <param name="requestParameters">Extra parameters to add to the request token message. Optional.</param> /// <param name="redirectParameters">Extra parameters to add to the redirect to Service Provider message. Optional.</param> - /// <param name="requestToken">The request token that must be exchanged for an access token after the user has provided authorization.</param> - /// <returns>The URL to open a browser window to allow the user to provide authorization and the request token.</returns> + /// <param name="cancellationToken">The cancellation token.</param> + /// <returns> + /// The URL to open a browser window to allow the user to provide authorization and the request token. + /// </returns> [SuppressMessage("Microsoft.Design", "CA1021:AvoidOutParameters", MessageId = "2#", Justification = "Two results")] public async Task<Tuple<Uri, string>> RequestUserAuthorizationAsync(IDictionary<string, string> requestParameters, IDictionary<string, string> redirectParameters, CancellationToken cancellationToken = default(CancellationToken)) { var message = await this.PrepareRequestUserAuthorizationAsync(null, requestParameters, redirectParameters, cancellationToken); @@ -50,6 +52,7 @@ namespace DotNetOpenAuth.OAuth { /// Exchanges a given request token for access token. /// </summary> /// <param name="requestToken">The request token that the user has authorized.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns>The access token assigned by the Service Provider.</returns> [Obsolete("Use the ProcessUserAuthorization method that takes a verifier parameter instead.")] public Task<AuthorizedTokenResponse> ProcessUserAuthorizationAsync(string requestToken, CancellationToken cancellationToken = default(CancellationToken)) { @@ -61,6 +64,7 @@ namespace DotNetOpenAuth.OAuth { /// </summary> /// <param name="requestToken">The request token that the user has authorized.</param> /// <param name="verifier">The verifier code typed in by the user. Must not be <c>Null</c> for OAuth 1.0a service providers and later.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns> /// The access token assigned by the Service Provider. /// </returns> diff --git a/src/DotNetOpenAuth.OAuth.Consumer/OAuth/WebConsumer.cs b/src/DotNetOpenAuth.OAuth.Consumer/OAuth/WebConsumer.cs index b395b5a..75a1217 100644 --- a/src/DotNetOpenAuth.OAuth.Consumer/OAuth/WebConsumer.cs +++ b/src/DotNetOpenAuth.OAuth.Consumer/OAuth/WebConsumer.cs @@ -37,6 +37,7 @@ namespace DotNetOpenAuth.OAuth { /// to provide that authorization. Upon successful authorization, the user is redirected /// back to the current page. /// </summary> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns>The pending user agent redirect based message to be sent as an HttpResponse.</returns> /// <remarks> /// Requires HttpContext.Current. @@ -56,6 +57,7 @@ namespace DotNetOpenAuth.OAuth { /// </param> /// <param name="requestParameters">Extra parameters to add to the request token message. Optional.</param> /// <param name="redirectParameters">Extra parameters to add to the redirect to Service Provider message. Optional.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns>The pending user agent redirect based message to be sent as an HttpResponse.</returns> public Task<UserAuthorizationRequest> PrepareRequestUserAuthorizationAsync(Uri callback, IDictionary<string, string> requestParameters, IDictionary<string, string> redirectParameters, CancellationToken cancellationToken = default(CancellationToken)) { return base.PrepareRequestUserAuthorizationAsync(callback, requestParameters, redirectParameters, cancellationToken); @@ -65,7 +67,10 @@ namespace DotNetOpenAuth.OAuth { /// Processes an incoming authorization-granted message from an SP and obtains an access token. /// </summary> /// <param name="request">The incoming HTTP request.</param> - /// <returns>The access token, or null if no incoming authorization message was recognized.</returns> + /// <param name="cancellationToken">The cancellation token.</param> + /// <returns> + /// The access token, or null if no incoming authorization message was recognized. + /// </returns> public async Task<AuthorizedTokenResponse> ProcessUserAuthorizationAsync(HttpRequestBase request = null, CancellationToken cancellationToken = default(CancellationToken)) { request = request ?? this.Channel.GetRequestFromContext(); diff --git a/src/DotNetOpenAuth.OAuth.ServiceProvider/OAuth/ChannelElements/OAuthServiceProviderChannel.cs b/src/DotNetOpenAuth.OAuth.ServiceProvider/OAuth/ChannelElements/OAuthServiceProviderChannel.cs index bc12739..cb9a91b 100644 --- a/src/DotNetOpenAuth.OAuth.ServiceProvider/OAuth/ChannelElements/OAuthServiceProviderChannel.cs +++ b/src/DotNetOpenAuth.OAuth.ServiceProvider/OAuth/ChannelElements/OAuthServiceProviderChannel.cs @@ -19,13 +19,14 @@ namespace DotNetOpenAuth.OAuth.ChannelElements { /// </summary> internal class OAuthServiceProviderChannel : OAuthChannel { /// <summary> - /// Initializes a new instance of the <see cref="OAuthServiceProviderChannel"/> class. + /// Initializes a new instance of the <see cref="OAuthServiceProviderChannel" /> class. /// </summary> /// <param name="signingBindingElement">The binding element to use for signing.</param> /// <param name="store">The web application store to use for nonces.</param> /// <param name="tokenManager">The token manager instance to use.</param> /// <param name="securitySettings">The security settings.</param> /// <param name="messageTypeProvider">The message type provider.</param> + /// <param name="hostFactories">The host factories.</param> [SuppressMessage("Microsoft.Globalization", "CA1303:Do not pass literals as localized parameters", MessageId = "System.Diagnostics.Contracts.__ContractsRuntime.Requires<System.ArgumentNullException>(System.Boolean,System.String,System.String)", Justification = "Code contracts"), SuppressMessage("Microsoft.Naming", "CA2204:Literals should be spelled correctly", MessageId = "securitySettings", Justification = "Code contracts")] internal OAuthServiceProviderChannel(ITamperProtectionChannelBindingElement signingBindingElement, INonceStore store, IServiceProviderTokenManager tokenManager, ServiceProviderSecuritySettings securitySettings, IMessageFactory messageTypeProvider = null, IHostFactories hostFactories = null) : base( diff --git a/src/DotNetOpenAuth.OAuth.ServiceProvider/OAuth/ChannelElements/TokenHandlingBindingElement.cs b/src/DotNetOpenAuth.OAuth.ServiceProvider/OAuth/ChannelElements/TokenHandlingBindingElement.cs index e8dcad6..008b932 100644 --- a/src/DotNetOpenAuth.OAuth.ServiceProvider/OAuth/ChannelElements/TokenHandlingBindingElement.cs +++ b/src/DotNetOpenAuth.OAuth.ServiceProvider/OAuth/ChannelElements/TokenHandlingBindingElement.cs @@ -70,6 +70,7 @@ namespace DotNetOpenAuth.OAuth.ChannelElements { /// Prepares a message for sending based on the rules of this channel binding element. /// </summary> /// <param name="message">The message to prepare for sending.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns> /// The protections (if any) that this binding element applied to the message. /// Null if this binding element did not even apply to this binding element. @@ -111,6 +112,7 @@ namespace DotNetOpenAuth.OAuth.ChannelElements { /// validates an incoming message based on the rules of this channel binding element. /// </summary> /// <param name="message">The incoming message to process.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns> /// The protections (if any) that this binding element applied to the message. /// Null if this binding element did not even apply to this binding element. diff --git a/src/DotNetOpenAuth.OAuth.ServiceProvider/OAuth/ServiceProvider.cs b/src/DotNetOpenAuth.OAuth.ServiceProvider/OAuth/ServiceProvider.cs index 2a155e5..71621e1 100644 --- a/src/DotNetOpenAuth.OAuth.ServiceProvider/OAuth/ServiceProvider.cs +++ b/src/DotNetOpenAuth.OAuth.ServiceProvider/OAuth/ServiceProvider.cs @@ -105,31 +105,6 @@ namespace DotNetOpenAuth.OAuth { } /// <summary> - /// Gets the standard state storage mechanism that uses ASP.NET's - /// HttpApplication state dictionary to store associations and nonces. - /// </summary> - public static INonceStore GetHttpApplicationStore(HttpContextBase context = null) { - if (context == null) { - ErrorUtilities.VerifyOperation(HttpContext.Current != null, Strings.StoreRequiredWhenNoHttpContextAvailable, typeof(INonceStore).Name); - context = new HttpContextWrapper(HttpContext.Current); - } - - var store = (INonceStore)context.Application[ApplicationStoreKey]; - if (store == null) { - context.Application.Lock(); - try { - if ((store = (INonceStore)context.Application[ApplicationStoreKey]) == null) { - context.Application[ApplicationStoreKey] = store = new NonceMemoryStore(StandardExpirationBindingElement.MaximumMessageAge); - } - } finally { - context.Application.UnLock(); - } - } - - return store; - } - - /// <summary> /// Gets the description of this Service Provider. /// </summary> public ServiceProviderDescription ServiceDescription { get; private set; } @@ -173,6 +148,31 @@ namespace DotNetOpenAuth.OAuth { } /// <summary> + /// Gets the standard state storage mechanism that uses ASP.NET's + /// HttpApplication state dictionary to store associations and nonces. + /// </summary> + public static INonceStore GetHttpApplicationStore(HttpContextBase context = null) { + if (context == null) { + ErrorUtilities.VerifyOperation(HttpContext.Current != null, Strings.StoreRequiredWhenNoHttpContextAvailable, typeof(INonceStore).Name); + context = new HttpContextWrapper(HttpContext.Current); + } + + var store = (INonceStore)context.Application[ApplicationStoreKey]; + if (store == null) { + context.Application.Lock(); + try { + if ((store = (INonceStore)context.Application[ApplicationStoreKey]) == null) { + context.Application[ApplicationStoreKey] = store = new NonceMemoryStore(StandardExpirationBindingElement.MaximumMessageAge); + } + } finally { + context.Application.UnLock(); + } + } + + return store; + } + + /// <summary> /// Creates a cryptographically strong random verification code. /// </summary> /// <param name="format">The desired format of the verification code.</param> @@ -215,7 +215,10 @@ namespace DotNetOpenAuth.OAuth { /// Reads a request for an unauthorized token from the incoming HTTP request. /// </summary> /// <param name="request">The HTTP request to read from.</param> - /// <returns>The incoming request, or null if no OAuth message was attached.</returns> + /// <param name="cancellationToken">The cancellation token.</param> + /// <returns> + /// The incoming request, or null if no OAuth message was attached. + /// </returns> /// <exception cref="ProtocolException">Thrown if an unexpected OAuth message is attached to the incoming request.</exception> public async Task<UnauthorizedTokenRequest> ReadTokenRequestAsync(HttpRequestBase request = null, CancellationToken cancellationToken = default(CancellationToken)) { var message = await this.Channel.TryReadFromRequestAsync<UnauthorizedTokenRequest>(cancellationToken, request); @@ -247,9 +250,12 @@ namespace DotNetOpenAuth.OAuth { /// the user to authorize the Consumer's access of some protected resource(s). /// </summary> /// <param name="request">The HTTP request to read from.</param> - /// <returns>The incoming request, or null if no OAuth message was attached.</returns> + /// <param name="cancellationToken">The cancellation token.</param> + /// <returns> + /// The incoming request, or null if no OAuth message was attached. + /// </returns> /// <exception cref="ProtocolException">Thrown if an unexpected OAuth message is attached to the incoming request.</exception> - public Task<UserAuthorizationRequest> ReadAuthorizationRequestAsync(HttpRequestBase request, CancellationToken cancellationToken = default (CancellationToken)) { + public Task<UserAuthorizationRequest> ReadAuthorizationRequestAsync(HttpRequestBase request, CancellationToken cancellationToken = default(CancellationToken)) { return this.Channel.TryReadFromRequestAsync<UserAuthorizationRequest>(cancellationToken, request); } @@ -319,7 +325,10 @@ namespace DotNetOpenAuth.OAuth { /// Reads in a Consumer's request to exchange an authorized request token for an access token. /// </summary> /// <param name="request">The HTTP request to read from.</param> - /// <returns>The incoming request, or null if no OAuth message was attached.</returns> + /// <param name="cancellationToken">The cancellation token.</param> + /// <returns> + /// The incoming request, or null if no OAuth message was attached. + /// </returns> /// <exception cref="ProtocolException">Thrown if an unexpected OAuth message is attached to the incoming request.</exception> public Task<AuthorizedTokenRequest> ReadAccessTokenRequestAsync(HttpRequestBase request = null, CancellationToken cancellationToken = default(CancellationToken)) { return this.Channel.TryReadFromRequestAsync<AuthorizedTokenRequest>(cancellationToken, request); @@ -351,6 +360,7 @@ namespace DotNetOpenAuth.OAuth { /// </summary> /// <param name="request">HTTP details from an incoming WCF message.</param> /// <param name="requestUri">The URI of the WCF service endpoint.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns>The authorization message sent by the Consumer, or null if no authorization message is attached.</returns> /// <remarks> /// This method verifies that the access token and token secret are valid. @@ -366,6 +376,7 @@ namespace DotNetOpenAuth.OAuth { /// Gets the authorization (access token) for accessing some protected resource. /// </summary> /// <param name="request">The incoming HTTP request.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns>The authorization message sent by the Consumer, or null if no authorization message is attached.</returns> /// <remarks> /// This method verifies that the access token and token secret are valid. diff --git a/src/DotNetOpenAuth.OAuth/OAuth/ChannelElements/OAuthChannel.cs b/src/DotNetOpenAuth.OAuth/OAuth/ChannelElements/OAuthChannel.cs index 622d597..708c9c9 100644 --- a/src/DotNetOpenAuth.OAuth/OAuth/ChannelElements/OAuthChannel.cs +++ b/src/DotNetOpenAuth.OAuth/OAuth/ChannelElements/OAuthChannel.cs @@ -33,7 +33,7 @@ namespace DotNetOpenAuth.OAuth.ChannelElements { /// </summary> internal abstract class OAuthChannel : Channel { /// <summary> - /// Initializes a new instance of the <see cref="OAuthChannel"/> class. + /// Initializes a new instance of the <see cref="OAuthChannel" /> class. /// </summary> /// <param name="signingBindingElement">The binding element to use for signing.</param> /// <param name="tokenManager">The ITokenManager instance to use.</param> @@ -42,6 +42,7 @@ namespace DotNetOpenAuth.OAuth.ChannelElements { /// Except for mock testing, this should always be one of /// OAuthConsumerMessageFactory or OAuthServiceProviderMessageFactory.</param> /// <param name="bindingElements">The binding elements.</param> + /// <param name="hostFactories">The host factories.</param> [SuppressMessage("Microsoft.Globalization", "CA1303:Do not pass literals as localized parameters", MessageId = "System.Diagnostics.Contracts.__ContractsRuntime.Requires<System.ArgumentNullException>(System.Boolean,System.String,System.String)", Justification = "Code contracts"), SuppressMessage("Microsoft.Naming", "CA2204:Literals should be spelled correctly", MessageId = "securitySettings", Justification = "Code contracts")] protected OAuthChannel(ITamperProtectionChannelBindingElement signingBindingElement, ITokenManager tokenManager, SecuritySettings securitySettings, IMessageFactory messageTypeProvider, IChannelBindingElement[] bindingElements, IHostFactories hostFactories = null) : base(messageTypeProvider, bindingElements, hostFactories ?? new DefaultOAuthHostFactories()) { @@ -82,6 +83,7 @@ namespace DotNetOpenAuth.OAuth.ChannelElements { /// expect an OAuth message response to. /// </summary> /// <param name="request">The message to attach.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns>The initialized web request.</returns> internal async Task<HttpRequestMessage> InitializeRequestAsync(IDirectedProtocolMessage request, CancellationToken cancellationToken) { Requires.NotNull(request, "request"); @@ -114,6 +116,7 @@ namespace DotNetOpenAuth.OAuth.ChannelElements { /// a protocol request message. /// </summary> /// <param name="request">The HTTP request to search.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns>The deserialized message, if one is found. Null otherwise.</returns> protected override IDirectedProtocolMessage ReadFromRequestCore(HttpRequestBase request, CancellationToken cancellationToken) { // First search the Authorization header. diff --git a/src/DotNetOpenAuth.OAuth/OAuth/ChannelElements/OAuthHttpMethodBindingElement.cs b/src/DotNetOpenAuth.OAuth/OAuth/ChannelElements/OAuthHttpMethodBindingElement.cs index 75de10b..67192ee 100644 --- a/src/DotNetOpenAuth.OAuth/OAuth/ChannelElements/OAuthHttpMethodBindingElement.cs +++ b/src/DotNetOpenAuth.OAuth/OAuth/ChannelElements/OAuthHttpMethodBindingElement.cs @@ -35,6 +35,7 @@ namespace DotNetOpenAuth.OAuth.ChannelElements { /// Prepares a message for sending based on the rules of this channel binding element. /// </summary> /// <param name="message">The message to prepare for sending.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns> /// True if the <paramref name="message"/> applied to this binding element /// and the operation was successful. False otherwise. @@ -61,6 +62,7 @@ namespace DotNetOpenAuth.OAuth.ChannelElements { /// validates an incoming message based on the rules of this channel binding element. /// </summary> /// <param name="message">The incoming message to process.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns> /// True if the <paramref name="message"/> applied to this binding element /// and the operation was successful. False if the operation did not apply to this message. diff --git a/src/DotNetOpenAuth.OAuth/OAuth/ChannelElements/SigningBindingElementBase.cs b/src/DotNetOpenAuth.OAuth/OAuth/ChannelElements/SigningBindingElementBase.cs index 4316333..2db5027 100644 --- a/src/DotNetOpenAuth.OAuth/OAuth/ChannelElements/SigningBindingElementBase.cs +++ b/src/DotNetOpenAuth.OAuth/OAuth/ChannelElements/SigningBindingElementBase.cs @@ -81,6 +81,7 @@ namespace DotNetOpenAuth.OAuth.ChannelElements { /// Signs the outgoing message. /// </summary> /// <param name="message">The message to sign.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns> /// The protections (if any) that this binding element applied to the message. /// Null if this binding element did not even apply to this binding element. @@ -107,6 +108,7 @@ namespace DotNetOpenAuth.OAuth.ChannelElements { /// Verifies the signature on an incoming message. /// </summary> /// <param name="message">The message whose signature should be verified.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns> /// The protections (if any) that this binding element applied to the message. /// Null if this binding element did not even apply to this binding element. diff --git a/src/DotNetOpenAuth.OAuth/OAuth/ChannelElements/SigningBindingElementChain.cs b/src/DotNetOpenAuth.OAuth/OAuth/ChannelElements/SigningBindingElementChain.cs index 0b38a26..c37d239 100644 --- a/src/DotNetOpenAuth.OAuth/OAuth/ChannelElements/SigningBindingElementChain.cs +++ b/src/DotNetOpenAuth.OAuth/OAuth/ChannelElements/SigningBindingElementChain.cs @@ -88,6 +88,7 @@ namespace DotNetOpenAuth.OAuth.ChannelElements { /// Prepares a message for sending based on the rules of this channel binding element. /// </summary> /// <param name="message">The message to prepare for sending.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns> /// The protections (if any) that this binding element applied to the message. /// Null if this binding element did not even apply to this binding element. @@ -109,6 +110,7 @@ namespace DotNetOpenAuth.OAuth.ChannelElements { /// validates an incoming message based on the rules of this channel binding element. /// </summary> /// <param name="message">The incoming message to process.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns> /// The protections (if any) that this binding element applied to the message. /// Null if this binding element did not even apply to this binding element. diff --git a/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/AuthorizationServer.cs b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/AuthorizationServer.cs index edc821f..5b287cc 100644 --- a/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/AuthorizationServer.cs +++ b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/AuthorizationServer.cs @@ -86,10 +86,13 @@ namespace DotNetOpenAuth.OAuth2 { /// the user to authorize the Client's access of some protected resource(s). /// </summary> /// <param name="request">The HTTP request to read from.</param> - /// <returns>The incoming request, or null if no OAuth message was attached.</returns> + /// <param name="cancellationToken">The cancellation token.</param> + /// <returns> + /// The incoming request, or null if no OAuth message was attached. + /// </returns> /// <exception cref="ProtocolException">Thrown if an unexpected OAuth message is attached to the incoming request.</exception> [SuppressMessage("Microsoft.Naming", "CA2204:Literals should be spelled correctly", MessageId = "unauthorizedclient", Justification = "Protocol required.")] - public async Task<EndUserAuthorizationRequest> ReadAuthorizationRequestAsync(HttpRequestBase request = null, CancellationToken cancellationToken = default (CancellationToken)) { + public async Task<EndUserAuthorizationRequest> ReadAuthorizationRequestAsync(HttpRequestBase request = null, CancellationToken cancellationToken = default(CancellationToken)) { if (request == null) { request = this.Channel.GetRequestFromContext(); } @@ -119,7 +122,10 @@ namespace DotNetOpenAuth.OAuth2 { /// Handles an incoming request to the authorization server's token endpoint. /// </summary> /// <param name="request">The HTTP request.</param> - /// <returns>The HTTP response to send to the client.</returns> + /// <param name="cancellationToken">The cancellation token.</param> + /// <returns> + /// The HTTP response to send to the client. + /// </returns> public async Task<HttpResponseMessage> HandleTokenRequestAsync(HttpRequestBase request = null, CancellationToken cancellationToken = default(CancellationToken)) { if (request == null) { request = this.Channel.GetRequestFromContext(); diff --git a/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/AuthServerBindingElementBase.cs b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/AuthServerBindingElementBase.cs index d824663..001183a 100644 --- a/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/AuthServerBindingElementBase.cs +++ b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/AuthServerBindingElementBase.cs @@ -58,13 +58,14 @@ namespace DotNetOpenAuth.OAuth2.ChannelElements { /// Prepares a message for sending based on the rules of this channel binding element. /// </summary> /// <param name="message">The message to prepare for sending.</param> + /// <param name="cancellationToken"></param> /// <returns> /// The protections (if any) that this binding element applied to the message. /// Null if this binding element did not even apply to this binding element. /// </returns> /// <remarks> /// Implementations that provide message protection must honor the - /// <see cref="MessagePartAttribute.RequiredProtection"/> properties where applicable. + /// <see cref="MessagePartAttribute.RequiredProtection" /> properties where applicable. /// </remarks> public abstract Task<MessageProtections?> ProcessOutgoingMessageAsync(IProtocolMessage message, CancellationToken cancellationToken); @@ -73,6 +74,7 @@ namespace DotNetOpenAuth.OAuth2.ChannelElements { /// validates an incoming message based on the rules of this channel binding element. /// </summary> /// <param name="message">The incoming message to process.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns> /// The protections (if any) that this binding element applied to the message. /// Null if this binding element did not even apply to this binding element. diff --git a/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/MessageValidationBindingElement.cs b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/MessageValidationBindingElement.cs index ac2977b..6e78955 100644 --- a/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/MessageValidationBindingElement.cs +++ b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/MessageValidationBindingElement.cs @@ -54,6 +54,7 @@ namespace DotNetOpenAuth.OAuth2.ChannelElements { /// Prepares a message for sending based on the rules of this channel binding element. /// </summary> /// <param name="message">The message to prepare for sending.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns> /// The protections (if any) that this binding element applied to the message. /// Null if this binding element did not even apply to this binding element. @@ -78,17 +79,17 @@ namespace DotNetOpenAuth.OAuth2.ChannelElements { /// validates an incoming message based on the rules of this channel binding element. /// </summary> /// <param name="message">The incoming message to process.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns> /// The protections (if any) that this binding element applied to the message. /// Null if this binding element did not even apply to this binding element. /// </returns> - /// <exception cref="ProtocolException"> - /// Thrown when the binding element rules indicate that this message is invalid and should - /// NOT be processed. - /// </exception> + /// <exception cref="TokenEndpointProtocolException"></exception> + /// <exception cref="ProtocolException">Thrown when the binding element rules indicate that this message is invalid and should + /// NOT be processed.</exception> /// <remarks> /// Implementations that provide message protection must honor the - /// <see cref="MessagePartAttribute.RequiredProtection"/> properties where applicable. + /// <see cref="MessagePartAttribute.RequiredProtection" /> properties where applicable. /// </remarks> public override async Task<MessageProtections?> ProcessIncomingMessageAsync(IProtocolMessage message, CancellationToken cancellationToken) { bool applied = false; diff --git a/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/OAuth2AuthorizationServerChannel.cs b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/OAuth2AuthorizationServerChannel.cs index e8d609e..2a7f414 100644 --- a/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/OAuth2AuthorizationServerChannel.cs +++ b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/OAuth2AuthorizationServerChannel.cs @@ -92,6 +92,7 @@ namespace DotNetOpenAuth.OAuth2.ChannelElements { /// Gets the protocol message that may be embedded in the given HTTP request. /// </summary> /// <param name="request">The request to search for an embedded message.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns> /// The deserialized message, if one is found. Null otherwise. /// </returns> diff --git a/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/TokenCodeSerializationBindingElement.cs b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/TokenCodeSerializationBindingElement.cs index f24fa7f..756ef4f 100644 --- a/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/TokenCodeSerializationBindingElement.cs +++ b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/TokenCodeSerializationBindingElement.cs @@ -39,6 +39,7 @@ namespace DotNetOpenAuth.OAuth2.ChannelElements { /// Prepares a message for sending based on the rules of this channel binding element. /// </summary> /// <param name="message">The message to prepare for sending.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns> /// The protections (if any) that this binding element applied to the message. /// Null if this binding element did not even apply to this binding element. @@ -84,6 +85,7 @@ namespace DotNetOpenAuth.OAuth2.ChannelElements { /// validates an incoming message based on the rules of this channel binding element. /// </summary> /// <param name="message">The incoming message to process.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns> /// The protections (if any) that this binding element applied to the message. /// Null if this binding element did not even apply to this binding element. diff --git a/src/DotNetOpenAuth.OAuth2.Client/OAuth2/ChannelElements/OAuth2ClientChannel.cs b/src/DotNetOpenAuth.OAuth2.Client/OAuth2/ChannelElements/OAuth2ClientChannel.cs index fc1731d..676b248 100644 --- a/src/DotNetOpenAuth.OAuth2.Client/OAuth2/ChannelElements/OAuth2ClientChannel.cs +++ b/src/DotNetOpenAuth.OAuth2.Client/OAuth2/ChannelElements/OAuth2ClientChannel.cs @@ -108,6 +108,7 @@ namespace DotNetOpenAuth.OAuth2.ChannelElements { /// Gets the protocol message that may be embedded in the given HTTP request. /// </summary> /// <param name="request">The request to search for an embedded message.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns> /// The deserialized message, if one is found. Null otherwise. /// </returns> diff --git a/src/DotNetOpenAuth.OAuth2.Client/OAuth2/ClientBase.cs b/src/DotNetOpenAuth.OAuth2.Client/OAuth2/ClientBase.cs index 05bcb57..bf56586 100644 --- a/src/DotNetOpenAuth.OAuth2.Client/OAuth2/ClientBase.cs +++ b/src/DotNetOpenAuth.OAuth2.Client/OAuth2/ClientBase.cs @@ -117,6 +117,7 @@ namespace DotNetOpenAuth.OAuth2 { /// </summary> /// <param name="request">The request for protected resources from the service provider.</param> /// <param name="authorization">The authorization for this request previously obtained via OAuth.</param> + /// <param name="cancellationToken">The cancellation token.</param> public Task AuthorizeRequestAsync(HttpWebRequest request, IAuthorizationState authorization, CancellationToken cancellationToken) { Requires.NotNull(request, "request"); Requires.NotNull(authorization, "authorization"); @@ -130,6 +131,7 @@ namespace DotNetOpenAuth.OAuth2 { /// </summary> /// <param name="requestHeaders">The headers on the request for protected resources from the service provider.</param> /// <param name="authorization">The authorization for this request previously obtained via OAuth.</param> + /// <param name="cancellationToken">The cancellation token.</param> public async Task AuthorizeRequestAsync(WebHeaderCollection requestHeaders, IAuthorizationState authorization, CancellationToken cancellationToken) { Requires.NotNull(requestHeaders, "requestHeaders"); Requires.NotNull(authorization, "authorization"); @@ -175,6 +177,7 @@ namespace DotNetOpenAuth.OAuth2 { /// </summary> /// <param name="authorization">The authorization to update.</param> /// <param name="skipIfUsefulLifeExceeds">If given, the access token will <em>not</em> be refreshed if its remaining lifetime exceeds this value.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns>A value indicating whether the access token was actually renewed; <c>true</c> if it was renewed, or <c>false</c> if it still had useful life remaining.</returns> /// <remarks> /// This method may modify the value of the <see cref="IAuthorizationState.RefreshToken"/> property on @@ -212,6 +215,7 @@ namespace DotNetOpenAuth.OAuth2 { /// </summary> /// <param name="refreshToken">The refresh token.</param> /// <param name="scope">The scope subset desired in the access token.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns>A description of the obtained access token, and possibly a new refresh token.</returns> /// <remarks> /// If the return value includes a new refresh token, the old refresh token should be discarded and @@ -241,7 +245,10 @@ namespace DotNetOpenAuth.OAuth2 { /// <param name="userName">The resource owner's username, as it is known by the authorization server.</param> /// <param name="password">The resource owner's account password.</param> /// <param name="scopes">The desired scope of access.</param> - /// <returns>The result, containing the tokens if successful.</returns> + /// <param name="cancellationToken">The cancellation token.</param> + /// <returns> + /// The result, containing the tokens if successful. + /// </returns> public Task<IAuthorizationState> ExchangeUserCredentialForTokenAsync(string userName, string password, IEnumerable<string> scopes = null, CancellationToken cancellationToken = default(CancellationToken)) { Requires.NotNullOrEmpty(userName, "userName"); Requires.NotNull(password, "password"); @@ -258,7 +265,10 @@ namespace DotNetOpenAuth.OAuth2 { /// Obtains an access token for accessing client-controlled resources on the resource server. /// </summary> /// <param name="scopes">The desired scopes.</param> - /// <returns>The result of the authorization request.</returns> + /// <param name="cancellationToken">The cancellation token.</param> + /// <returns> + /// The result of the authorization request. + /// </returns> public Task<IAuthorizationState> GetClientAccessTokenAsync(IEnumerable<string> scopes = null, CancellationToken cancellationToken = default(CancellationToken)) { var request = new AccessTokenClientCredentialsRequest(this.AuthorizationServer.TokenEndpoint, this.AuthorizationServer.Version); return this.RequestAccessTokenAsync(request, scopes, cancellationToken); @@ -323,6 +333,7 @@ namespace DotNetOpenAuth.OAuth2 { /// </summary> /// <param name="authorizationState">The authorization state to update.</param> /// <param name="authorizationSuccess">The authorization success message obtained from the authorization server.</param> + /// <param name="cancellationToken">The cancellation token.</param> internal async Task UpdateAuthorizationWithResponseAsync(IAuthorizationState authorizationState, EndUserAuthorizationSuccessAuthCodeResponse authorizationSuccess, CancellationToken cancellationToken) { Requires.NotNull(authorizationState, "authorizationState"); Requires.NotNull(authorizationSuccess, "authorizationSuccess"); @@ -388,7 +399,10 @@ namespace DotNetOpenAuth.OAuth2 { /// </summary> /// <param name="request">The request message.</param> /// <param name="scopes">The scopes requested by the client.</param> - /// <returns>The result of the request.</returns> + /// <param name="cancellationToken">The cancellation token.</param> + /// <returns> + /// The result of the request. + /// </returns> private async Task<IAuthorizationState> RequestAccessTokenAsync(ScopedAccessTokenRequest request, IEnumerable<string> scopes, CancellationToken cancellationToken) { Requires.NotNull(request, "request"); diff --git a/src/DotNetOpenAuth.OAuth2.Client/OAuth2/UserAgentClient.cs b/src/DotNetOpenAuth.OAuth2.Client/OAuth2/UserAgentClient.cs index e87ecaa..ffd896e 100644 --- a/src/DotNetOpenAuth.OAuth2.Client/OAuth2/UserAgentClient.cs +++ b/src/DotNetOpenAuth.OAuth2.Client/OAuth2/UserAgentClient.cs @@ -78,6 +78,7 @@ namespace DotNetOpenAuth.OAuth2 { /// <param name="scope">The scope of authorized access requested.</param> /// <param name="state">The client state that should be returned with the authorization response.</param> /// <param name="returnTo">The URL that the authorization response should be sent to via a user-agent redirect.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns> /// A fully-qualified URL suitable to initiate the authorization flow. /// </returns> @@ -94,11 +95,10 @@ namespace DotNetOpenAuth.OAuth2 { /// this client to access protected data at some resource server. /// </summary> /// <param name="authorization">The authorization state that is tracking this particular request. Optional.</param> - /// <param name="implicitResponseType"> - /// <c>true</c> to request an access token in the fragment of the response's URL; - /// <c>false</c> to authenticate to the authorization server and acquire the access token (and possibly a refresh token) via a private channel. - /// </param> + /// <param name="implicitResponseType"><c>true</c> to request an access token in the fragment of the response's URL; + /// <c>false</c> to authenticate to the authorization server and acquire the access token (and possibly a refresh token) via a private channel.</param> /// <param name="state">The client state that should be returned with the authorization response.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns> /// A fully-qualified URL suitable to initiate the authorization flow. /// </returns> @@ -116,7 +116,10 @@ namespace DotNetOpenAuth.OAuth2 { /// </summary> /// <param name="actualRedirectUrl">The actual URL of the incoming HTTP request.</param> /// <param name="authorizationState">The authorization.</param> - /// <returns>The granted authorization, or <c>null</c> if the incoming HTTP request did not contain an authorization server response or authorization was rejected.</returns> + /// <param name="cancellationToken">The cancellation token.</param> + /// <returns> + /// The granted authorization, or <c>null</c> if the incoming HTTP request did not contain an authorization server response or authorization was rejected. + /// </returns> public async Task<IAuthorizationState> ProcessUserAuthorizationAsync(Uri actualRedirectUrl, IAuthorizationState authorizationState = null, CancellationToken cancellationToken = default(CancellationToken)) { Requires.NotNull(actualRedirectUrl, "actualRedirectUrl"); @@ -138,6 +141,7 @@ namespace DotNetOpenAuth.OAuth2 { /// </summary> /// <param name="authorizationState">The authorization.</param> /// <param name="response">The incoming authorization response message.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns> /// The granted authorization, or <c>null</c> if the incoming HTTP request did not contain an authorization server response or authorization was rejected. /// </returns> diff --git a/src/DotNetOpenAuth.OAuth2.Client/OAuth2/WebServerClient.cs b/src/DotNetOpenAuth.OAuth2.Client/OAuth2/WebServerClient.cs index dd7aff8..0476521 100644 --- a/src/DotNetOpenAuth.OAuth2.Client/OAuth2/WebServerClient.cs +++ b/src/DotNetOpenAuth.OAuth2.Client/OAuth2/WebServerClient.cs @@ -64,7 +64,10 @@ namespace DotNetOpenAuth.OAuth2 { /// </summary> /// <param name="scopes">The scope of authorized access requested.</param> /// <param name="returnTo">The URL the authorization server should redirect the browser (typically on this site) to when the authorization is completed. If null, the current request's URL will be used.</param> - /// <returns>The authorization request.</returns> + /// <param name="cancellationToken">The cancellation token.</param> + /// <returns> + /// The authorization request. + /// </returns> public Task<HttpResponseMessage> PrepareRequestUserAuthorizationAsync(IEnumerable<string> scopes = null, Uri returnTo = null, CancellationToken cancellationToken = default(CancellationToken)) { var authorizationState = new AuthorizationState(scopes) { Callback = returnTo, @@ -76,7 +79,10 @@ namespace DotNetOpenAuth.OAuth2 { /// Prepares a request for user authorization from an authorization server. /// </summary> /// <param name="authorization">The authorization state to associate with this particular request.</param> - /// <returns>The authorization request.</returns> + /// <param name="cancellationToken">The cancellation token.</param> + /// <returns> + /// The authorization request. + /// </returns> public async Task<HttpResponseMessage> PrepareRequestUserAuthorizationAsync(IAuthorizationState authorization, CancellationToken cancellationToken) { Requires.NotNull(authorization, "authorization"); RequiresEx.ValidState(authorization.Callback != null || (HttpContext.Current != null && HttpContext.Current.Request != null), MessagingStrings.HttpContextRequired); @@ -123,6 +129,7 @@ namespace DotNetOpenAuth.OAuth2 { /// Processes the authorization response from an authorization server, if available. /// </summary> /// <param name="request">The incoming HTTP request that may carry an authorization response.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns>The authorization state that contains the details of the authorization.</returns> public async Task<IAuthorizationState> ProcessUserAuthorizationAsync(HttpRequestBase request = null, CancellationToken cancellationToken = default(CancellationToken)) { RequiresEx.ValidState(!string.IsNullOrEmpty(this.ClientIdentifier), Strings.RequiredPropertyNotYetPreset, "ClientIdentifier"); diff --git a/src/DotNetOpenAuth.OAuth2.ClientAuthorization/OAuth2/ChannelElements/OAuth2ChannelBase.cs b/src/DotNetOpenAuth.OAuth2.ClientAuthorization/OAuth2/ChannelElements/OAuth2ChannelBase.cs index 43145dd..65de660 100644 --- a/src/DotNetOpenAuth.OAuth2.ClientAuthorization/OAuth2/ChannelElements/OAuth2ChannelBase.cs +++ b/src/DotNetOpenAuth.OAuth2.ClientAuthorization/OAuth2/ChannelElements/OAuth2ChannelBase.cs @@ -25,13 +25,12 @@ namespace DotNetOpenAuth.OAuth2.ChannelElements { private static readonly Version[] Versions = Protocol.AllVersions.Select(v => v.Version).ToArray(); /// <summary> - /// Initializes a new instance of the <see cref="OAuth2ChannelBase"/> class. + /// Initializes a new instance of the <see cref="OAuth2ChannelBase" /> class. /// </summary> /// <param name="messageTypes">The message types that are received by this channel.</param> - /// <param name="channelBindingElements"> - /// The binding elements to use in sending and receiving messages. - /// The order they are provided is used for outgoing messgaes, and reversed for incoming messages. - /// </param> + /// <param name="channelBindingElements">The binding elements to use in sending and receiving messages. + /// The order they are provided is used for outgoing messgaes, and reversed for incoming messages.</param> + /// <param name="hostFactories">The host factories.</param> internal OAuth2ChannelBase(Type[] messageTypes, IChannelBindingElement[] channelBindingElements = null, IHostFactories hostFactories = null) : base(Requires.NotNull(messageTypes, "messageTypes"), Versions, hostFactories ?? new OAuth.DefaultOAuthHostFactories(), channelBindingElements ?? new IChannelBindingElement[0]) { } diff --git a/src/DotNetOpenAuth.OAuth2.ResourceServer/OAuth2/ChannelElements/OAuth2ResourceServerChannel.cs b/src/DotNetOpenAuth.OAuth2.ResourceServer/OAuth2/ChannelElements/OAuth2ResourceServerChannel.cs index 97af431..363b8e0 100644 --- a/src/DotNetOpenAuth.OAuth2.ResourceServer/OAuth2/ChannelElements/OAuth2ResourceServerChannel.cs +++ b/src/DotNetOpenAuth.OAuth2.ResourceServer/OAuth2/ChannelElements/OAuth2ResourceServerChannel.cs @@ -39,8 +39,9 @@ namespace DotNetOpenAuth.OAuth2.ChannelElements { private static readonly Version[] Versions = Protocol.AllVersions.Select(v => v.Version).ToArray(); /// <summary> - /// Initializes a new instance of the <see cref="OAuth2ResourceServerChannel"/> class. + /// Initializes a new instance of the <see cref="OAuth2ResourceServerChannel" /> class. /// </summary> + /// <param name="hostFactories">The host factories.</param> protected internal OAuth2ResourceServerChannel(IHostFactories hostFactories = null) : base(MessageTypes, Versions, hostFactories ?? new OAuth.DefaultOAuthHostFactories()) { // TODO: add signing (authenticated request) binding element. @@ -50,6 +51,7 @@ namespace DotNetOpenAuth.OAuth2.ChannelElements { /// Gets the protocol message that may be embedded in the given HTTP request. /// </summary> /// <param name="request">The request to search for an embedded message.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns> /// The deserialized message, if one is found. Null otherwise. /// </returns> diff --git a/src/DotNetOpenAuth.OAuth2.ResourceServer/OAuth2/ResourceServer.cs b/src/DotNetOpenAuth.OAuth2.ResourceServer/OAuth2/ResourceServer.cs index ffeff59..7bc7c91 100644 --- a/src/DotNetOpenAuth.OAuth2.ResourceServer/OAuth2/ResourceServer.cs +++ b/src/DotNetOpenAuth.OAuth2.ResourceServer/OAuth2/ResourceServer.cs @@ -80,14 +80,13 @@ namespace DotNetOpenAuth.OAuth2 { /// Discovers what access the client should have considering the access token in the current request. /// </summary> /// <param name="httpRequestInfo">The HTTP request info.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <param name="requiredScopes">The set of scopes required to approve this request.</param> /// <returns> /// The access token describing the authorization the client has. Never <c>null</c>. /// </returns> - /// <exception cref="ProtocolFaultResponseException"> - /// Thrown when the client is not authorized. This exception should be caught and the - /// <see cref="ProtocolFaultResponseException.ErrorResponseMessage"/> message should be returned to the client. - /// </exception> + /// <exception cref="ProtocolFaultResponseException">Thrown when the client is not authorized. This exception should be caught and the + /// <see cref="ProtocolFaultResponseException.ErrorResponseMessage" /> message should be returned to the client.</exception> public virtual async Task<AccessToken> GetAccessTokenAsync(HttpRequestBase httpRequestInfo = null, CancellationToken cancellationToken = default(CancellationToken), params string[] requiredScopes) { Requires.NotNull(requiredScopes, "requiredScopes"); RequiresEx.ValidState(this.ScopeSatisfiedCheck != null, Strings.RequiredPropertyNotYetPreset); @@ -134,14 +133,13 @@ namespace DotNetOpenAuth.OAuth2 { /// Discovers what access the client should have considering the access token in the current request. /// </summary> /// <param name="request">The HTTP request message.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <param name="requiredScopes">The set of scopes required to approve this request.</param> /// <returns> /// The access token describing the authorization the client has. Never <c>null</c>. /// </returns> - /// <exception cref="ProtocolFaultResponseException"> - /// Thrown when the client is not authorized. This exception should be caught and the - /// <see cref="ProtocolFaultResponseException.ErrorResponseMessage"/> message should be returned to the client. - /// </exception> + /// <exception cref="ProtocolFaultResponseException">Thrown when the client is not authorized. This exception should be caught and the + /// <see cref="ProtocolFaultResponseException.ErrorResponseMessage" /> message should be returned to the client.</exception> public virtual Task<AccessToken> GetAccessTokenAsync(HttpRequestMessage request, CancellationToken cancellationToken = default(CancellationToken), params string[] requiredScopes) { Requires.NotNull(request, "request"); return this.GetAccessTokenAsync(new HttpRequestInfo(request), cancellationToken, requiredScopes); @@ -151,14 +149,13 @@ namespace DotNetOpenAuth.OAuth2 { /// Discovers what access the client should have considering the access token in the current request. /// </summary> /// <param name="httpRequestInfo">The HTTP request info.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <param name="requiredScopes">The set of scopes required to approve this request.</param> /// <returns> /// The principal that contains the user and roles that the access token is authorized for. Never <c>null</c>. /// </returns> - /// <exception cref="ProtocolFaultResponseException"> - /// Thrown when the client is not authorized. This exception should be caught and the - /// <see cref="ProtocolFaultResponseException.ErrorResponseMessage"/> message should be returned to the client. - /// </exception> + /// <exception cref="ProtocolFaultResponseException">Thrown when the client is not authorized. This exception should be caught and the + /// <see cref="ProtocolFaultResponseException.ErrorResponseMessage" /> message should be returned to the client.</exception> public virtual async Task<IPrincipal> GetPrincipalAsync(HttpRequestBase httpRequestInfo = null, CancellationToken cancellationToken = default(CancellationToken), params string[] requiredScopes) { AccessToken accessToken = await this.GetAccessTokenAsync(httpRequestInfo, cancellationToken, requiredScopes); @@ -181,14 +178,13 @@ namespace DotNetOpenAuth.OAuth2 { /// </summary> /// <param name="request">HTTP details from an incoming WCF message.</param> /// <param name="requestUri">The URI of the WCF service endpoint.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <param name="requiredScopes">The set of scopes required to approve this request.</param> /// <returns> /// The principal that contains the user and roles that the access token is authorized for. Never <c>null</c>. /// </returns> - /// <exception cref="ProtocolFaultResponseException"> - /// Thrown when the client is not authorized. This exception should be caught and the - /// <see cref="ProtocolFaultResponseException.ErrorResponseMessage"/> message should be returned to the client. - /// </exception> + /// <exception cref="ProtocolFaultResponseException">Thrown when the client is not authorized. This exception should be caught and the + /// <see cref="ProtocolFaultResponseException.ErrorResponseMessage" /> message should be returned to the client.</exception> public virtual Task<IPrincipal> GetPrincipalAsync(HttpRequestMessageProperty request, Uri requestUri, CancellationToken cancellationToken = default(CancellationToken), params string[] requiredScopes) { Requires.NotNull(request, "request"); Requires.NotNull(requestUri, "requestUri"); @@ -200,14 +196,13 @@ namespace DotNetOpenAuth.OAuth2 { /// Discovers what access the client should have considering the access token in the current request. /// </summary> /// <param name="request">HTTP details from an incoming HTTP request message.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <param name="requiredScopes">The set of scopes required to approve this request.</param> /// <returns> /// The principal that contains the user and roles that the access token is authorized for. Never <c>null</c>. /// </returns> - /// <exception cref="ProtocolFaultResponseException"> - /// Thrown when the client is not authorized. This exception should be caught and the - /// <see cref="ProtocolFaultResponseException.ErrorResponseMessage"/> message should be returned to the client. - /// </exception> + /// <exception cref="ProtocolFaultResponseException">Thrown when the client is not authorized. This exception should be caught and the + /// <see cref="ProtocolFaultResponseException.ErrorResponseMessage" /> message should be returned to the client.</exception> public Task<IPrincipal> GetPrincipalAsync(HttpRequestMessage request, CancellationToken cancellationToken = default(CancellationToken), params string[] requiredScopes) { Requires.NotNull(request, "request"); return this.GetPrincipalAsync(new HttpRequestInfo(request), cancellationToken, requiredScopes); diff --git a/src/DotNetOpenAuth.OpenId.Provider/OpenId/ChannelElements/ProviderSigningBindingElement.cs b/src/DotNetOpenAuth.OpenId.Provider/OpenId/ChannelElements/ProviderSigningBindingElement.cs index 520f41a..26d9133 100644 --- a/src/DotNetOpenAuth.OpenId.Provider/OpenId/ChannelElements/ProviderSigningBindingElement.cs +++ b/src/DotNetOpenAuth.OpenId.Provider/OpenId/ChannelElements/ProviderSigningBindingElement.cs @@ -58,6 +58,7 @@ namespace DotNetOpenAuth.OpenId.ChannelElements { /// Prepares a message for sending based on the rules of this channel binding element. /// </summary> /// <param name="message">The message to prepare for sending.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns> /// The protections (if any) that this binding element applied to the message. /// Null if this binding element did not even apply to this binding element. @@ -160,6 +161,7 @@ namespace DotNetOpenAuth.OpenId.ChannelElements { /// <param name="message">The message.</param> /// <param name="signedMessage">The signed message.</param> /// <param name="protectionsApplied">The protections applied.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns> /// The applied protections. /// </returns> diff --git a/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/AuthenticationRequest.cs b/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/AuthenticationRequest.cs index a13cba1..80d8aeb 100644 --- a/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/AuthenticationRequest.cs +++ b/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/AuthenticationRequest.cs @@ -176,17 +176,6 @@ namespace DotNetOpenAuth.OpenId.Provider { get { return (CheckIdRequest)base.RequestMessage; } } - /// <summary> - /// Gets the response message, once <see cref="IsResponseReady"/> is <c>true</c>. - /// </summary> - protected override async Task<IProtocolMessage> GetResponseMessageAsync(CancellationToken cancellationToken) { - if (this.IsAuthenticated.HasValue) { - return this.IsAuthenticated.Value ? (IProtocolMessage)this.positiveResponse : (await this.GetNegativeResponseAsync()); - } else { - return null; - } - } - #region IAuthenticationRequest Methods /// <summary> @@ -211,6 +200,8 @@ namespace DotNetOpenAuth.OpenId.Provider { this.positiveResponse.ClaimedIdentifier = builder.Uri; } + #endregion + /// <summary> /// Sets the Claimed and Local identifiers even after they have been initially set. /// </summary> @@ -222,6 +213,15 @@ namespace DotNetOpenAuth.OpenId.Provider { this.positiveResponse.LocalIdentifier = identifier; } - #endregion + /// <summary> + /// Gets the response message, once <see cref="IsResponseReady"/> is <c>true</c>. + /// </summary> + protected override async Task<IProtocolMessage> GetResponseMessageAsync(CancellationToken cancellationToken) { + if (this.IsAuthenticated.HasValue) { + return this.IsAuthenticated.Value ? (IProtocolMessage)this.positiveResponse : (await this.GetNegativeResponseAsync()); + } else { + return null; + } + } } } diff --git a/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/Behaviors/AXFetchAsSregTransform.cs b/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/Behaviors/AXFetchAsSregTransform.cs index 721777f..17c9a1a 100644 --- a/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/Behaviors/AXFetchAsSregTransform.cs +++ b/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/Behaviors/AXFetchAsSregTransform.cs @@ -53,13 +53,14 @@ namespace DotNetOpenAuth.OpenId.Provider.Behaviors { /// Called when a request is received by the Provider. /// </summary> /// <param name="request">The incoming request.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns> - /// <c>true</c> if this behavior owns this request and wants to stop other behaviors + /// <c>true</c> if this behavior owns this request and wants to stop other behaviors /// from handling it; <c>false</c> to allow other behaviors to process this request. /// </returns> /// <remarks> - /// Implementations may set a new value to <see cref="IRequest.SecuritySettings"/> but - /// should not change the properties on the instance of <see cref="ProviderSecuritySettings"/> + /// Implementations may set a new value to <see cref="IRequest.SecuritySettings" /> but + /// should not change the properties on the instance of <see cref="ProviderSecuritySettings" /> /// itself as that instance may be shared across many requests. /// </remarks> Task<bool> IProviderBehavior.OnIncomingRequestAsync(IRequest request, CancellationToken cancellationToken) { @@ -75,8 +76,9 @@ namespace DotNetOpenAuth.OpenId.Provider.Behaviors { /// Called when the Provider is preparing to send a response to an authentication request. /// </summary> /// <param name="request">The request that is configured to generate the outgoing response.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns> - /// <c>true</c> if this behavior owns this request and wants to stop other behaviors + /// <c>true</c> if this behavior owns this request and wants to stop other behaviors /// from handling it; <c>false</c> to allow other behaviors to process this request. /// </returns> async Task<bool> IProviderBehavior.OnOutgoingResponseAsync(Provider.IAuthenticationRequest request, CancellationToken cancellationToken) { diff --git a/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/Behaviors/GsaIcamProfile.cs b/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/Behaviors/GsaIcamProfile.cs index ab0cf53..0aa4642 100644 --- a/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/Behaviors/GsaIcamProfile.cs +++ b/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/Behaviors/GsaIcamProfile.cs @@ -71,6 +71,7 @@ namespace DotNetOpenAuth.OpenId.Provider.Behaviors { /// Called when a request is received by the Provider. /// </summary> /// <param name="request">The incoming request.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns> /// <c>true</c> if this behavior owns this request and wants to stop other behaviors /// from handling it; <c>false</c> to allow other behaviors to process this request. @@ -105,6 +106,7 @@ namespace DotNetOpenAuth.OpenId.Provider.Behaviors { /// Called when the Provider is preparing to send a response to an authentication request. /// </summary> /// <param name="request">The request that is configured to generate the outgoing response.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns> /// <c>true</c> if this behavior owns this request and wants to stop other behaviors /// from handling it; <c>false</c> to allow other behaviors to process this request. diff --git a/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/Behaviors/PpidGeneration.cs b/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/Behaviors/PpidGeneration.cs index b6588a9..5acd4c9 100644 --- a/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/Behaviors/PpidGeneration.cs +++ b/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/Behaviors/PpidGeneration.cs @@ -54,6 +54,7 @@ namespace DotNetOpenAuth.OpenId.Provider.Behaviors { /// Called when a request is received by the Provider. /// </summary> /// <param name="request">The incoming request.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns> /// <c>true</c> if this behavior owns this request and wants to stop other behaviors /// from handling it; <c>false</c> to allow other behaviors to process this request. @@ -71,6 +72,7 @@ namespace DotNetOpenAuth.OpenId.Provider.Behaviors { /// Called when the Provider is preparing to send a response to an authentication request. /// </summary> /// <param name="request">The request that is configured to generate the outgoing response.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns> /// <c>true</c> if this behavior owns this request and wants to stop other behaviors /// from handling it; <c>false</c> to allow other behaviors to process this request. diff --git a/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/Extensions/ExtensionsInteropHelper.cs b/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/Extensions/ExtensionsInteropHelper.cs index 26225b3..a275647 100644 --- a/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/Extensions/ExtensionsInteropHelper.cs +++ b/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/Extensions/ExtensionsInteropHelper.cs @@ -76,6 +76,7 @@ namespace DotNetOpenAuth.OpenId.Provider.Extensions { /// attribute request extension came in. /// </summary> /// <param name="request">The authentication request with the response extensions already added.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <remarks> /// If the original attribute request came in as AX, the Simple Registration extension is converted /// to an AX response and then the Simple Registration extension is removed from the response. diff --git a/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/Extensions/UI/UIRequestTools.cs b/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/Extensions/UI/UIRequestTools.cs index 09d0b21..c531ddd 100644 --- a/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/Extensions/UI/UIRequestTools.cs +++ b/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/Extensions/UI/UIRequestTools.cs @@ -37,8 +37,8 @@ namespace DotNetOpenAuth.OpenId.Provider.Extensions.UI { /// Gets the URL of the RP icon for the OP to display. /// </summary> /// <param name="realm">The realm of the RP where the authentication request originated.</param> - /// <param name="webRequestHandler">The web request handler to use for discovery. - /// Usually available via <see cref="Channel.WebRequestHandler">OpenIdProvider.Channel.WebRequestHandler</see>.</param> + /// <param name="hostFactories">The host factories.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns> /// A sequence of the RP's icons it has available for the Provider to display, in decreasing preferred order. /// </returns> diff --git a/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/HostProcessedRequest.cs b/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/HostProcessedRequest.cs index 85d111e..07807d2 100644 --- a/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/HostProcessedRequest.cs +++ b/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/HostProcessedRequest.cs @@ -101,6 +101,7 @@ namespace DotNetOpenAuth.OpenId.Provider { /// succeeded. /// </summary> /// <param name="hostFactories">The host factories.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns> /// Result of realm discovery. /// </returns> @@ -123,6 +124,7 @@ namespace DotNetOpenAuth.OpenId.Provider { /// succeeded. /// </summary> /// <param name="hostFactories">The host factories.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns> /// Result of realm discovery. /// </returns> diff --git a/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/OpenIdProvider.cs b/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/OpenIdProvider.cs index 3b62482..0495299 100644 --- a/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/OpenIdProvider.cs +++ b/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/OpenIdProvider.cs @@ -91,31 +91,6 @@ namespace DotNetOpenAuth.OpenId.Provider { } /// <summary> - /// Gets the standard state storage mechanism that uses ASP.NET's - /// HttpApplication state dictionary to store associations and nonces. - /// </summary> - public static IOpenIdApplicationStore GetHttpApplicationStore(HttpContextBase context = null) { - if (context == null) { - ErrorUtilities.VerifyOperation(HttpContext.Current != null, Strings.StoreRequiredWhenNoHttpContextAvailable, typeof(IOpenIdApplicationStore).Name); - context = new HttpContextWrapper(HttpContext.Current); - } - - var store = (IOpenIdApplicationStore)context.Application[ApplicationStoreKey]; - if (store == null) { - context.Application.Lock(); - try { - if ((store = (IOpenIdApplicationStore)context.Application[ApplicationStoreKey]) == null) { - context.Application[ApplicationStoreKey] = store = new StandardProviderApplicationStore(); - } - } finally { - context.Application.UnLock(); - } - } - - return store; - } - - /// <summary> /// Gets the channel to use for sending/receiving messages. /// </summary> public Channel Channel { get; internal set; } @@ -198,6 +173,31 @@ namespace DotNetOpenAuth.OpenId.Provider { } /// <summary> + /// Gets the standard state storage mechanism that uses ASP.NET's + /// HttpApplication state dictionary to store associations and nonces. + /// </summary> + public static IOpenIdApplicationStore GetHttpApplicationStore(HttpContextBase context = null) { + if (context == null) { + ErrorUtilities.VerifyOperation(HttpContext.Current != null, Strings.StoreRequiredWhenNoHttpContextAvailable, typeof(IOpenIdApplicationStore).Name); + context = new HttpContextWrapper(HttpContext.Current); + } + + var store = (IOpenIdApplicationStore)context.Application[ApplicationStoreKey]; + if (store == null) { + context.Application.Lock(); + try { + if ((store = (IOpenIdApplicationStore)context.Application[ApplicationStoreKey]) == null) { + context.Application[ApplicationStoreKey] = store = new StandardProviderApplicationStore(); + } + } finally { + context.Application.UnLock(); + } + } + + return store; + } + + /// <summary> /// Gets the incoming OpenID request if there is one, or null if none was detected. /// </summary> /// <returns>The request that the hosting Provider should possibly process and then transmit the response for.</returns> @@ -217,17 +217,18 @@ namespace DotNetOpenAuth.OpenId.Provider { /// Gets the incoming OpenID request if there is one, or null if none was detected. /// </summary> /// <param name="httpRequestInfo">The incoming HTTP request to extract the message from.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns> /// The request that the hosting Provider should process and then transmit the response for. /// Null if no valid OpenID request was detected in the given HTTP request. /// </returns> + /// <exception cref="ProtocolException">Thrown if the incoming message is recognized + /// but deviates from the protocol specification irrecoverably.</exception> /// <remarks> /// Requests may be infrastructural to OpenID and allow auto-responses, or they may /// be authentication requests where the Provider site has to make decisions based /// on its own user database and policies. /// </remarks> - /// <exception cref="ProtocolException">Thrown if the incoming message is recognized - /// but deviates from the protocol specification irrecoverably.</exception> public async Task<IRequest> GetRequestAsync(HttpRequestBase httpRequestInfo, CancellationToken cancellationToken) { Requires.NotNull(httpRequestInfo, "httpRequestInfo"); IDirectedProtocolMessage incomingMessage = null; @@ -299,8 +300,11 @@ namespace DotNetOpenAuth.OpenId.Provider { /// Gets the response to a received request. /// </summary> /// <param name="request">The request.</param> - /// <returns>The response that should be sent to the client.</returns> - /// <exception cref="InvalidOperationException">Thrown if <see cref="IRequest.IsResponseReady"/> is <c>false</c>.</exception> + /// <param name="cancellationToken">The cancellation token.</param> + /// <returns> + /// The response that should be sent to the client. + /// </returns> + /// <exception cref="InvalidOperationException">Thrown if <see cref="IRequest.IsResponseReady" /> is <c>false</c>.</exception> [SuppressMessage("Microsoft.Performance", "CA1800:DoNotCastUnnecessarily", Justification = "Code Contract requires that we cast early.")] public async Task<HttpResponseMessage> PrepareResponseAsync(IRequest request, CancellationToken cancellationToken) { Requires.NotNull(request, "request"); @@ -325,10 +329,11 @@ namespace DotNetOpenAuth.OpenId.Provider { /// XRDS document that advertises its OpenID RP endpoint.</param> /// <param name="claimedIdentifier">The Identifier you are asserting your member controls.</param> /// <param name="localIdentifier">The Identifier you know your user by internally. This will typically - /// be the same as <paramref name="claimedIdentifier"/>.</param> + /// be the same as <paramref name="claimedIdentifier" />.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <param name="extensions">The extensions.</param> /// <returns> - /// A <see cref="OutgoingWebResponse"/> object describing the HTTP response to send + /// A <see cref="OutgoingWebResponse" /> object describing the HTTP response to send /// the user agent to allow the redirect with assertion to happen. /// </returns> public async Task<HttpResponseMessage> PrepareUnsolicitedAssertionAsync(Uri providerEndpoint, Realm relyingPartyRealm, Identifier claimedIdentifier, Identifier localIdentifier, CancellationToken cancellationToken = default(CancellationToken), params IExtensionMessage[] extensions) { @@ -415,6 +420,8 @@ namespace DotNetOpenAuth.OpenId.Provider { /// Applies all behaviors to the response message. /// </summary> /// <param name="request">The request.</param> + /// <param name="cancellationToken">The cancellation token.</param> + /// <returns></returns> private async Task ApplyBehaviorsToResponseAsync(IRequest request, CancellationToken cancellationToken) { var authRequest = request as IAuthenticationRequest; if (authRequest != null) { diff --git a/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/Request.cs b/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/Request.cs index 93f8107..cc44338 100644 --- a/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/Request.cs +++ b/src/DotNetOpenAuth.OpenId.Provider/OpenId/Provider/Request.cs @@ -16,7 +16,7 @@ using DotNetOpenAuth.OpenId.Messages; using Validation; /// <summary> - /// Implements the <see cref="IRequest"/> interface for all incoming + /// Implements the <see cref="IRequest" /> interface for all incoming /// request messages to an OpenID Provider. /// </summary> [Serializable] @@ -93,32 +93,6 @@ using Validation; /// <value>Defaults to the <see cref="OpenIdProvider.SecuritySettings"/> on the <see cref="OpenIdProvider"/>.</value> public ProviderSecuritySettings SecuritySettings { get; set; } - /// <summary> - /// Gets the response to send to the user agent. - /// </summary> - /// <exception cref="InvalidOperationException">Thrown if <see cref="IsResponseReady"/> is <c>false</c>.</exception> - internal async Task<IProtocolMessage> GetResponseAsync(CancellationToken cancellationToken) { - RequiresEx.ValidState(this.IsResponseReady, OpenIdStrings.ResponseNotReady); - - if (this.responseExtensions.Count > 0) { - var responseMessage = await this.GetResponseMessageAsync(cancellationToken); - var extensibleResponse = responseMessage as IProtocolMessageWithExtensions; - ErrorUtilities.VerifyOperation(extensibleResponse != null, MessagingStrings.MessageNotExtensible, responseMessage.GetType().Name); - foreach (var extension in this.responseExtensions) { - // It's possible that a prior call to this property - // has already added some/all of the extensions to the message. - // We don't have to worry about deleting old ones because - // this class provides no facility for removing extensions - // that are previously added. - if (!extensibleResponse.Extensions.Contains(extension)) { - extensibleResponse.Extensions.Add(extension); - } - } - } - - return await this.GetResponseMessageAsync(cancellationToken); - } - #endregion /// <summary> @@ -201,8 +175,37 @@ using Validation; #endregion /// <summary> + /// Gets the response to send to the user agent. + /// </summary> + /// <param name="cancellationToken">The cancellation token.</param> + /// <returns>The response.</returns> + /// <exception cref="InvalidOperationException">Thrown if <see cref="IsResponseReady" /> is <c>false</c>.</exception> + internal async Task<IProtocolMessage> GetResponseAsync(CancellationToken cancellationToken) { + RequiresEx.ValidState(this.IsResponseReady, OpenIdStrings.ResponseNotReady); + + if (this.responseExtensions.Count > 0) { + var responseMessage = await this.GetResponseMessageAsync(cancellationToken); + var extensibleResponse = responseMessage as IProtocolMessageWithExtensions; + ErrorUtilities.VerifyOperation(extensibleResponse != null, MessagingStrings.MessageNotExtensible, responseMessage.GetType().Name); + foreach (var extension in this.responseExtensions) { + // It's possible that a prior call to this property + // has already added some/all of the extensions to the message. + // We don't have to worry about deleting old ones because + // this class provides no facility for removing extensions + // that are previously added. + if (!extensibleResponse.Extensions.Contains(extension)) { + extensibleResponse.Extensions.Add(extension); + } + } + } + + return await this.GetResponseMessageAsync(cancellationToken); + } + + /// <summary> /// Gets the response message, once <see cref="IsResponseReady"/> is <c>true</c>. /// </summary> + /// <param name="cancellationToken">The cancellation token.</param> protected abstract Task<IProtocolMessage> GetResponseMessageAsync(CancellationToken cancellationToken); } } diff --git a/src/DotNetOpenAuth.OpenId.RelyingParty.UI/OpenId/RelyingParty/OpenIdAjaxRelyingParty.cs b/src/DotNetOpenAuth.OpenId.RelyingParty.UI/OpenId/RelyingParty/OpenIdAjaxRelyingParty.cs index b6cab0e..a08c323 100644 --- a/src/DotNetOpenAuth.OpenId.RelyingParty.UI/OpenId/RelyingParty/OpenIdAjaxRelyingParty.cs +++ b/src/DotNetOpenAuth.OpenId.RelyingParty.UI/OpenId/RelyingParty/OpenIdAjaxRelyingParty.cs @@ -54,16 +54,17 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { /// your realm would typically be https://www.example.com/.</param> /// <param name="returnToUrl">The URL of the login page, or the page prepared to receive authentication /// responses from the OpenID Provider.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns> /// A sequence of authentication requests, any of which constitutes a valid identity assertion on the Claimed Identifier. /// Never null, but may be empty. /// </returns> /// <remarks> - /// <para>Any individual generated request can satisfy the authentication. + /// <para>Any individual generated request can satisfy the authentication. /// The generated requests are sorted in preferred order. /// Each request is generated as it is enumerated to. Associations are created only as - /// <see cref="IAuthenticationRequest.RedirectingResponse"/> is called.</para> - /// <para>No exception is thrown if no OpenID endpoints were discovered. + /// <see cref="IAuthenticationRequest.RedirectingResponse" /> is called.</para> + /// <para>No exception is thrown if no OpenID endpoints were discovered. /// An empty enumerable is returned instead.</para> /// </remarks> public override async Task<IEnumerable<IAuthenticationRequest>> CreateRequestsAsync(Identifier userSuppliedIdentifier, Realm realm, Uri returnToUrl, CancellationToken cancellationToken) { @@ -127,6 +128,7 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { /// Serializes discovery results on some <i>single</i> identifier on behalf of Javascript running on the browser. /// </summary> /// <param name="requests">The discovery results from just <i>one</i> identifier to serialize as a JSON response.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns> /// The JSON result to return to the user agent. /// </returns> @@ -164,6 +166,7 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { /// an AJAX-aware OpenID control. /// </summary> /// <param name="requests">The discovery results to serialize as a JSON response.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns> /// The JSON result to return to the user agent. /// </returns> @@ -181,6 +184,7 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { /// Converts a sequence of authentication requests to a JSON object for seeding an AJAX-enabled login page. /// </summary> /// <param name="requests">The discovery results from just <i>one</i> identifier to serialize as a JSON response.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns>A JSON object, not yet serialized.</returns> internal async Task<object> AsJsonDiscoveryResultAsync(IEnumerable<IAuthenticationRequest> requests, CancellationToken cancellationToken) { Requires.NotNull(requests, "requests"); @@ -218,6 +222,7 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { /// an AJAX-aware OpenID control. /// </summary> /// <param name="requests">The discovery results to serialize as a JSON response.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns> /// A JSON object, not yet serialized to a string. /// </returns> diff --git a/src/DotNetOpenAuth.OpenId.RelyingParty.UI/OpenId/RelyingParty/OpenIdRelyingPartyAjaxControlBase.cs b/src/DotNetOpenAuth.OpenId.RelyingParty.UI/OpenId/RelyingParty/OpenIdRelyingPartyAjaxControlBase.cs index 2a14ae3..56b354e 100644 --- a/src/DotNetOpenAuth.OpenId.RelyingParty.UI/OpenId/RelyingParty/OpenIdRelyingPartyAjaxControlBase.cs +++ b/src/DotNetOpenAuth.OpenId.RelyingParty.UI/OpenId/RelyingParty/OpenIdRelyingPartyAjaxControlBase.cs @@ -170,8 +170,31 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { } /// <summary> + /// Gets the relying party as its AJAX type. + /// </summary> + protected OpenIdAjaxRelyingParty AjaxRelyingParty { + get { return (OpenIdAjaxRelyingParty)this.RelyingParty; } + } + + /// <summary> + /// Gets the name of the open id auth data form key (for the value as stored at the user agent as a FORM field). + /// </summary> + /// <value>Usually a concatenation of the control's name and <c>"_openidAuthData"</c>.</value> + protected abstract string OpenIdAuthDataFormKey { get; } + + /// <summary> + /// Gets or sets a value indicating whether an authentication in the page's view state + /// has already been processed and appropriate events fired. + /// </summary> + private bool AuthenticationProcessedAlready { + get { return (bool)(ViewState[AuthenticationProcessedAlreadyViewStateKey] ?? false); } + set { ViewState[AuthenticationProcessedAlreadyViewStateKey] = value; } + } + + /// <summary> /// Gets the completed authentication response. /// </summary> + /// <param name="cancellationToken">The cancellation token.</param> public async Task<IAuthenticationResponse> GetAuthenticationResponseAsync(CancellationToken cancellationToken) { if (this.authenticationResponse == null) { // We will either validate a new response and return a live AuthenticationResponse @@ -205,28 +228,6 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { } /// <summary> - /// Gets the relying party as its AJAX type. - /// </summary> - protected OpenIdAjaxRelyingParty AjaxRelyingParty { - get { return (OpenIdAjaxRelyingParty)this.RelyingParty; } - } - - /// <summary> - /// Gets the name of the open id auth data form key (for the value as stored at the user agent as a FORM field). - /// </summary> - /// <value>Usually a concatenation of the control's name and <c>"_openidAuthData"</c>.</value> - protected abstract string OpenIdAuthDataFormKey { get; } - - /// <summary> - /// Gets or sets a value indicating whether an authentication in the page's view state - /// has already been processed and appropriate events fired. - /// </summary> - private bool AuthenticationProcessedAlready { - get { return (bool)(ViewState[AuthenticationProcessedAlreadyViewStateKey] ?? false); } - set { ViewState[AuthenticationProcessedAlreadyViewStateKey] = value; } - } - - /// <summary> /// Allows an OpenID extension to read data out of an unverified positive authentication assertion /// and send it down to the client browser so that Javascript running on the page can perform /// some preprocessing on the extension data. @@ -310,6 +311,8 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { /// user agent for javascript as soon as the page loads. /// </summary> /// <param name="identifier">The identifier.</param> + /// <param name="cancellationToken">The cancellation token.</param> + /// <returns></returns> protected Task PreloadDiscoveryAsync(Identifier identifier, CancellationToken cancellationToken) { return this.PreloadDiscoveryAsync(new[] { identifier }, cancellationToken); } @@ -319,6 +322,8 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { /// user agent for javascript as soon as the page loads. /// </summary> /// <param name="identifiers">The identifiers to perform discovery on.</param> + /// <param name="cancellationToken">The cancellation token.</param> + /// <returns></returns> protected async Task PreloadDiscoveryAsync(IEnumerable<Identifier> identifiers, CancellationToken cancellationToken) { var requests = await Task.WhenAll(identifiers.Select(id => this.CreateRequestsAsync(id, cancellationToken))); string script = await this.AjaxRelyingParty.AsAjaxPreloadedDiscoveryResultAsync(requests.SelectMany(r => r), cancellationToken); @@ -420,6 +425,7 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { /// <summary> /// Notifies the user agent via an AJAX response of a completed authentication attempt. /// </summary> + /// <param name="cancellationToken">The cancellation token.</param> protected override async Task ScriptClosingPopupOrIFrameAsync(CancellationToken cancellationToken) { Action<AuthenticationStatus> callback = status => { if (status == AuthenticationStatus.Authenticated) { diff --git a/src/DotNetOpenAuth.OpenId.RelyingParty.UI/OpenId/RelyingParty/OpenIdRelyingPartyControlBase.cs b/src/DotNetOpenAuth.OpenId.RelyingParty.UI/OpenId/RelyingParty/OpenIdRelyingPartyControlBase.cs index ecdfa1f..f527cee 100644 --- a/src/DotNetOpenAuth.OpenId.RelyingParty.UI/OpenId/RelyingParty/OpenIdRelyingPartyControlBase.cs +++ b/src/DotNetOpenAuth.OpenId.RelyingParty.UI/OpenId/RelyingParty/OpenIdRelyingPartyControlBase.cs @@ -513,6 +513,8 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { /// Immediately redirects to the OpenID Provider to verify the Identifier /// provided in the text box. /// </summary> + /// <param name="cancellationToken">The cancellation token.</param> + /// <returns></returns> public async Task LogOnAsync(CancellationToken cancellationToken) { IAuthenticationRequest request = (await this.CreateRequestsAsync(cancellationToken)).FirstOrDefault(); ErrorUtilities.VerifyProtocol(request != null, OpenIdStrings.OpenIdEndpointNotFound); @@ -524,6 +526,10 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { /// provided in the text box. /// </summary> /// <param name="request">The request.</param> + /// <param name="cancellationToken">The cancellation token.</param> + /// <returns> + /// A task that completes with the asynchronous operation. + /// </returns> public async Task LogOnAsync(IAuthenticationRequest request, CancellationToken cancellationToken) { Requires.NotNull(request, "request"); @@ -560,9 +566,10 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { /// Creates the authentication requests for a given user-supplied Identifier. /// </summary> /// <param name="identifier">The identifier to create a request for.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns> /// A sequence of authentication requests, any one of which may be - /// used to determine the user's control of the <see cref="IAuthenticationRequest.ClaimedIdentifier"/>. + /// used to determine the user's control of the <see cref="IAuthenticationRequest.ClaimedIdentifier" />. /// </returns> protected internal virtual Task<IEnumerable<IAuthenticationRequest>> CreateRequestsAsync(Identifier identifier, CancellationToken cancellationToken) { Requires.NotNull(identifier, "identifier"); @@ -853,11 +860,11 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { } /// <summary> - /// Adds attributes to an HTML <A> tag that will be written by the caller using - /// <see cref="HtmlTextWriter.RenderBeginTag(HtmlTextWriterTag)"/> after this method. + /// Adds attributes to an HTML <A> tag that will be written by the caller using + /// <see cref="HtmlTextWriter.RenderBeginTag(HtmlTextWriterTag)" /> after this method. /// </summary> /// <param name="writer">The HTML writer.</param> - /// <param name="request">The outgoing authentication request.</param> + /// <param name="response">The response.</param> /// <param name="windowStatus">The text to try to display in the status bar on mouse hover.</param> protected void RenderOpenIdMessageTransmissionAsAnchorAttributes(HtmlTextWriter writer, HttpResponseMessage response, string windowStatus) { Requires.NotNull(writer, "writer"); @@ -916,9 +923,10 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { /// Creates the authentication requests for a given user-supplied Identifier. /// </summary> /// <param name="identifier">The identifier to create a request for.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns> /// A sequence of authentication requests, any one of which may be - /// used to determine the user's control of the <see cref="IAuthenticationRequest.ClaimedIdentifier"/>. + /// used to determine the user's control of the <see cref="IAuthenticationRequest.ClaimedIdentifier" />. /// </returns> private async Task<IEnumerable<IAuthenticationRequest>> CreateRequestsCoreAsync(Identifier identifier, CancellationToken cancellationToken) { ErrorUtilities.VerifyArgumentNotNull(identifier, "identifier"); // NO CODE CONTRACTS! (yield return used here) @@ -1015,8 +1023,10 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { /// <summary> /// Gets the javascript to executee to redirect or POST an OpenID message to a remote party. /// </summary> - /// <param name="request">The authentication request to send.</param> - /// <returns>The javascript that should execute.</returns> + /// <param name="requestRedirectingResponse">The request redirecting response.</param> + /// <returns> + /// The javascript that should execute. + /// </returns> private string CreateGetOrPostAHrefValue(HttpResponseMessage requestRedirectingResponse) { Requires.NotNull(requestRedirectingResponse, "requestRedirectingResponse"); @@ -1028,6 +1038,10 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { /// Wires the return page to immediately display a popup window with the Provider in it. /// </summary> /// <param name="request">The request.</param> + /// <param name="cancellationToken">The cancellation token.</param> + /// <returns> + /// A task that completes with the asynchronous operation. + /// </returns> private async Task ScriptPopupWindowAsync(IAuthenticationRequest request, CancellationToken cancellationToken) { Requires.NotNull(request, "request"); RequiresEx.ValidState(this.RelyingParty != null); diff --git a/src/DotNetOpenAuth.OpenId.RelyingParty.UI/OpenId/RelyingParty/OpenIdTextBox.cs b/src/DotNetOpenAuth.OpenId.RelyingParty.UI/OpenId/RelyingParty/OpenIdTextBox.cs index 9a5daf8..d566afa 100644 --- a/src/DotNetOpenAuth.OpenId.RelyingParty.UI/OpenId/RelyingParty/OpenIdTextBox.cs +++ b/src/DotNetOpenAuth.OpenId.RelyingParty.UI/OpenId/RelyingParty/OpenIdTextBox.cs @@ -548,9 +548,10 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { /// Creates the authentication requests for a given user-supplied Identifier. /// </summary> /// <param name="identifier">The identifier to create a request for.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns> /// A sequence of authentication requests, any one of which may be - /// used to determine the user's control of the <see cref="IAuthenticationRequest.ClaimedIdentifier"/>. + /// used to determine the user's control of the <see cref="IAuthenticationRequest.ClaimedIdentifier" />. /// </returns> protected internal override async Task<IEnumerable<IAuthenticationRequest>> CreateRequestsAsync(Identifier identifier, CancellationToken cancellationToken) { ErrorUtilities.VerifyArgumentNotNull(identifier, "identifier"); diff --git a/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/ChannelElements/RelyingPartySecurityOptions.cs b/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/ChannelElements/RelyingPartySecurityOptions.cs index 01aa16e..90910b7 100644 --- a/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/ChannelElements/RelyingPartySecurityOptions.cs +++ b/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/ChannelElements/RelyingPartySecurityOptions.cs @@ -57,6 +57,7 @@ namespace DotNetOpenAuth.OpenId.ChannelElements { /// Prepares a message for sending based on the rules of this channel binding element. /// </summary> /// <param name="message">The message to prepare for sending.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns> /// The protections (if any) that this binding element applied to the message. /// Null if this binding element did not even apply to this binding element. @@ -74,6 +75,7 @@ namespace DotNetOpenAuth.OpenId.ChannelElements { /// validates an incoming message based on the rules of this channel binding element. /// </summary> /// <param name="message">The incoming message to process.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns> /// The protections (if any) that this binding element applied to the message. /// Null if this binding element did not even apply to this binding element. diff --git a/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/ChannelElements/RelyingPartySigningBindingElement.cs b/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/ChannelElements/RelyingPartySigningBindingElement.cs index 6a6dee2..625a7e4 100644 --- a/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/ChannelElements/RelyingPartySigningBindingElement.cs +++ b/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/ChannelElements/RelyingPartySigningBindingElement.cs @@ -77,6 +77,7 @@ namespace DotNetOpenAuth.OpenId.ChannelElements { /// <param name="message">The message.</param> /// <param name="signedMessage">The signed message.</param> /// <param name="protectionsApplied">The protections applied.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns> /// The applied protections. /// </returns> diff --git a/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/ChannelElements/ReturnToNonceBindingElement.cs b/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/ChannelElements/ReturnToNonceBindingElement.cs index d71a086..1948215 100644 --- a/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/ChannelElements/ReturnToNonceBindingElement.cs +++ b/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/ChannelElements/ReturnToNonceBindingElement.cs @@ -135,6 +135,7 @@ namespace DotNetOpenAuth.OpenId.ChannelElements { /// Prepares a message for sending based on the rules of this channel binding element. /// </summary> /// <param name="message">The message to prepare for sending.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns> /// The protections (if any) that this binding element applied to the message. /// Null if this binding element did not even apply to this binding element. @@ -161,6 +162,7 @@ namespace DotNetOpenAuth.OpenId.ChannelElements { /// validates an incoming message based on the rules of this channel binding element. /// </summary> /// <param name="message">The incoming message to process.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns> /// The protections (if any) that this binding element applied to the message. /// Null if this binding element did not even apply to this binding element. diff --git a/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/HostMetaDiscoveryService.cs b/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/HostMetaDiscoveryService.cs index 910272e..fb4006c 100644 --- a/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/HostMetaDiscoveryService.cs +++ b/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/HostMetaDiscoveryService.cs @@ -71,6 +71,12 @@ namespace DotNetOpenAuth.OpenId { this.TrustedHostMetaProxies = new List<HostMetaProxy>(); } + /// <summary> + /// Gets or sets the host factories used by this instance. + /// </summary> + /// <value> + /// The host factories. + /// </value> public IHostFactories HostFactories { get; set; } /// <summary> @@ -108,8 +114,7 @@ namespace DotNetOpenAuth.OpenId { /// Performs discovery on the specified identifier. /// </summary> /// <param name="identifier">The identifier to perform discovery on.</param> - /// <param name="requestHandler">The means to place outgoing HTTP requests.</param> - /// <param name="abortDiscoveryChain">if set to <c>true</c>, no further discovery services will be called for this identifier.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns> /// A sequence of service endpoints yielded by discovery. Must not be null, but may be empty. /// </returns> @@ -182,43 +187,6 @@ namespace DotNetOpenAuth.OpenId { } /// <summary> - /// Gets the services for an identifier that are described by an external XRDS document. - /// </summary> - /// <param name="xrds">The XRD elements to search for described-by services.</param> - /// <param name="identifier">The identifier under discovery.</param> - /// <param name="requestHandler">The request handler.</param> - /// <returns>The discovered services.</returns> - private async Task<IEnumerable<IdentifierDiscoveryResult>> GetExternalServicesAsync(IEnumerable<XrdElement> xrds, UriIdentifier identifier, CancellationToken cancellationToken) { - Requires.NotNull(xrds, "xrds"); - Requires.NotNull(identifier, "identifier"); - - var results = new List<IdentifierDiscoveryResult>(); - foreach (var serviceElement in GetDescribedByServices(xrds)) { - var templateNode = serviceElement.Node.SelectSingleNode("google:URITemplate", serviceElement.XmlNamespaceResolver); - var nextAuthorityNode = serviceElement.Node.SelectSingleNode("google:NextAuthority", serviceElement.XmlNamespaceResolver); - if (templateNode != null) { - Uri externalLocation = new Uri(templateNode.Value.Trim().Replace("{%uri}", Uri.EscapeDataString(identifier.Uri.AbsoluteUri))); - string nextAuthority = nextAuthorityNode != null ? nextAuthorityNode.Value.Trim() : identifier.Uri.Host; - try { - using (var externalXrdsResponse = await this.GetXrdsResponseAsync(identifier, externalLocation, cancellationToken)) { - var readerSettings = MessagingUtilities.CreateUntrustedXmlReaderSettings(); - var responseStream = await externalXrdsResponse.Content.ReadAsStreamAsync(); - XrdsDocument externalXrds = new XrdsDocument(XmlReader.Create(responseStream, readerSettings)); - await ValidateXmlDSigAsync(externalXrds, identifier, externalXrdsResponse, nextAuthority); - results.AddRange(GetXrdElements(externalXrds, identifier).CreateServiceEndpoints(identifier, identifier)); - } - } catch (ProtocolException ex) { - Logger.Yadis.WarnFormat("HTTP GET error while retrieving described-by XRDS document {0}: {1}", externalLocation.AbsoluteUri, ex); - } catch (XmlException ex) { - Logger.Yadis.ErrorFormat("Error while parsing described-by XRDS document {0}: {1}", externalLocation.AbsoluteUri, ex); - } - } - } - - return results; - } - - /// <summary> /// Validates the XML digital signature on an XRDS document. /// </summary> /// <param name="document">The XRDS document whose signature should be validated.</param> @@ -291,11 +259,50 @@ namespace DotNetOpenAuth.OpenId { } /// <summary> + /// Gets the services for an identifier that are described by an external XRDS document. + /// </summary> + /// <param name="xrds">The XRD elements to search for described-by services.</param> + /// <param name="identifier">The identifier under discovery.</param> + /// <param name="cancellationToken">The cancellation token.</param> + /// <returns> + /// The discovered services. + /// </returns> + private async Task<IEnumerable<IdentifierDiscoveryResult>> GetExternalServicesAsync(IEnumerable<XrdElement> xrds, UriIdentifier identifier, CancellationToken cancellationToken) { + Requires.NotNull(xrds, "xrds"); + Requires.NotNull(identifier, "identifier"); + + var results = new List<IdentifierDiscoveryResult>(); + foreach (var serviceElement in GetDescribedByServices(xrds)) { + var templateNode = serviceElement.Node.SelectSingleNode("google:URITemplate", serviceElement.XmlNamespaceResolver); + var nextAuthorityNode = serviceElement.Node.SelectSingleNode("google:NextAuthority", serviceElement.XmlNamespaceResolver); + if (templateNode != null) { + Uri externalLocation = new Uri(templateNode.Value.Trim().Replace("{%uri}", Uri.EscapeDataString(identifier.Uri.AbsoluteUri))); + string nextAuthority = nextAuthorityNode != null ? nextAuthorityNode.Value.Trim() : identifier.Uri.Host; + try { + using (var externalXrdsResponse = await this.GetXrdsResponseAsync(identifier, externalLocation, cancellationToken)) { + var readerSettings = MessagingUtilities.CreateUntrustedXmlReaderSettings(); + var responseStream = await externalXrdsResponse.Content.ReadAsStreamAsync(); + XrdsDocument externalXrds = new XrdsDocument(XmlReader.Create(responseStream, readerSettings)); + await ValidateXmlDSigAsync(externalXrds, identifier, externalXrdsResponse, nextAuthority); + results.AddRange(GetXrdElements(externalXrds, identifier).CreateServiceEndpoints(identifier, identifier)); + } + } catch (ProtocolException ex) { + Logger.Yadis.WarnFormat("HTTP GET error while retrieving described-by XRDS document {0}: {1}", externalLocation.AbsoluteUri, ex); + } catch (XmlException ex) { + Logger.Yadis.ErrorFormat("Error while parsing described-by XRDS document {0}: {1}", externalLocation.AbsoluteUri, ex); + } + } + } + + return results; + } + + /// <summary> /// Gets the XRDS HTTP response for a given identifier. /// </summary> /// <param name="identifier">The identifier.</param> - /// <param name="requestHandler">The request handler.</param> /// <param name="xrdsLocation">The location of the XRDS document to retrieve.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns> /// A HTTP response carrying an XRDS document. /// </returns> @@ -369,9 +376,10 @@ namespace DotNetOpenAuth.OpenId { /// Gets the XRDS HTTP response for a given identifier. /// </summary> /// <param name="identifier">The identifier.</param> - /// <param name="requestHandler">The request handler.</param> - /// <param name="signingHost">The host name on the certificate that should be used to verify the signature in the XRDS.</param> - /// <returns>A HTTP response carrying an XRDS document, or <c>null</c> if one could not be obtained.</returns> + /// <param name="cancellationToken">The cancellation token.</param> + /// <returns> + /// A HTTP response carrying an XRDS document, or <c>null</c> if one could not be obtained. + /// </returns> /// <exception cref="ProtocolException">Thrown if the XRDS document could not be obtained.</exception> private async Task<ResultWithSigningHost<HttpResponseMessage>> GetXrdsResponseAsync(UriIdentifier identifier, CancellationToken cancellationToken) { Requires.NotNull(identifier, "identifier"); @@ -389,9 +397,10 @@ namespace DotNetOpenAuth.OpenId { /// Gets the location of the XRDS document that describes a given identifier. /// </summary> /// <param name="identifier">The identifier under discovery.</param> - /// <param name="requestHandler">The request handler.</param> - /// <param name="signingHost">The host name on the certificate that should be used to verify the signature in the XRDS.</param> - /// <returns>An absolute URI, or <c>null</c> if one could not be determined.</returns> + /// <param name="cancellationToken">The cancellation token.</param> + /// <returns> + /// An absolute URI, or <c>null</c> if one could not be determined. + /// </returns> private async Task<ResultWithSigningHost<Uri>> GetXrdsLocationAsync(UriIdentifier identifier, CancellationToken cancellationToken) { Requires.NotNull(identifier, "identifier"); @@ -419,8 +428,7 @@ namespace DotNetOpenAuth.OpenId { /// Gets the host-meta for a given identifier. /// </summary> /// <param name="identifier">The identifier.</param> - /// <param name="requestHandler">The request handler.</param> - /// <param name="signingHost">The host name on the certificate that should be used to verify the signature in the XRDS.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns> /// The host-meta response, or <c>null</c> if no host-meta document could be obtained. /// </returns> @@ -471,6 +479,23 @@ namespace DotNetOpenAuth.OpenId { return result; } + private struct ResultWithSigningHost<T> : IDisposable { + internal ResultWithSigningHost(T result, string signingHost) + : this() { + this.Result = result; + this.SigningHost = signingHost; + } + + public T Result { get; private set; } + + public string SigningHost { get; private set; } + + public void Dispose() { + var disposable = this.Result as IDisposable; + disposable.DisposeIfNotNull(); + } + } + /// <summary> /// A description of a web server that hosts host-meta documents. /// </summary> @@ -554,22 +579,5 @@ namespace DotNetOpenAuth.OpenId { return this.ProxyFormat.GetHashCode(); } } - - private struct ResultWithSigningHost<T> : IDisposable { - internal ResultWithSigningHost(T result, string signingHost) - : this() { - this.Result = result; - this.SigningHost = signingHost; - } - - public T Result { get; private set; } - - public string SigningHost { get; private set; } - - public void Dispose() { - var disposable = this.Result as IDisposable; - disposable.DisposeIfNotNull(); - } - } } } diff --git a/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/RelyingParty/AssociationManager.cs b/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/RelyingParty/AssociationManager.cs index 14566e1..367c146 100644 --- a/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/RelyingParty/AssociationManager.cs +++ b/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/RelyingParty/AssociationManager.cs @@ -132,6 +132,7 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { /// a new association of one does not already exist. /// </summary> /// <param name="provider">The provider to get an association for.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns>The existing or new association; <c>null</c> if none existed and one could not be created.</returns> internal async Task<Association> GetOrCreateAssociationAsync(IProviderEndpoint provider, CancellationToken cancellationToken) { return this.GetExistingAssociation(provider) ?? await this.CreateNewAssociationAsync(provider, cancellationToken); @@ -141,6 +142,7 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { /// Creates a new association with a given Provider. /// </summary> /// <param name="provider">The provider to create an association with.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns> /// The newly created association, or null if no association can be created with /// the given Provider given the current security settings. @@ -148,7 +150,7 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { /// <remarks> /// A new association is created and returned even if one already exists in the /// association store. - /// Any new association is automatically added to the <see cref="associationStore"/>. + /// Any new association is automatically added to the <see cref="associationStore" />. /// </remarks> private async Task<Association> CreateNewAssociationAsync(IProviderEndpoint provider, CancellationToken cancellationToken) { Requires.NotNull(provider, "provider"); @@ -180,10 +182,12 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { /// <param name="provider">The provider to create an association with.</param> /// <param name="associateRequest">The associate request. May be <c>null</c>, which will always result in a <c>null</c> return value..</param> /// <param name="retriesRemaining">The number of times to try the associate request again if the Provider suggests it.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns> /// The newly created association, or null if no association can be created with /// the given Provider given the current security settings. /// </returns> + /// <exception cref="ProtocolException"></exception> private async Task<Association> CreateNewAssociationAsync(IProviderEndpoint provider, AssociateRequest associateRequest, int retriesRemaining, CancellationToken cancellationToken) { Requires.NotNull(provider, "provider"); diff --git a/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/RelyingParty/AuthenticationRequest.cs b/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/RelyingParty/AuthenticationRequest.cs index 0fb5b4a..a26b49e 100644 --- a/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/RelyingParty/AuthenticationRequest.cs +++ b/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/RelyingParty/AuthenticationRequest.cs @@ -93,20 +93,6 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { public AuthenticationRequestMode Mode { get; set; } /// <summary> - /// Gets the HTTP response the relying party should send to the user agent - /// to redirect it to the OpenID Provider to start the OpenID authentication process. - /// </summary> - /// <value></value> - public async Task<HttpResponseMessage> GetRedirectingResponseAsync(CancellationToken cancellationToken) { - foreach (var behavior in this.RelyingParty.Behaviors) { - behavior.OnOutgoingAuthenticationRequest(this); - } - - var request = await this.CreateRequestMessageAsync(cancellationToken); - return await this.RelyingParty.Channel.PrepareResponseAsync(request, cancellationToken); - } - - /// <summary> /// Gets the URL that the user agent will return to after authentication /// completes or fails at the Provider. /// </summary> @@ -199,6 +185,20 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { #region IAuthenticationRequest methods /// <summary> + /// Gets the HTTP response the relying party should send to the user agent + /// to redirect it to the OpenID Provider to start the OpenID authentication process. + /// </summary> + /// <param name="cancellationToken">The cancellation token.</param> + public async Task<HttpResponseMessage> GetRedirectingResponseAsync(CancellationToken cancellationToken) { + foreach (var behavior in this.RelyingParty.Behaviors) { + behavior.OnOutgoingAuthenticationRequest(this); + } + + var request = await this.CreateRequestMessageAsync(cancellationToken); + return await this.RelyingParty.Channel.PrepareResponseAsync(request, cancellationToken); + } + + /// <summary> /// Makes a dictionary of key/value pairs available when the authentication is completed. /// </summary> /// <param name="arguments">The arguments to add to the request's return_to URI.</param> @@ -305,6 +305,7 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { /// <param name="realm">The realm.</param> /// <param name="returnToUrl">The return_to base URL.</param> /// <param name="createNewAssociationsAsNeeded">if set to <c>true</c>, associations that do not exist between this Relying Party and the asserting Providers are created before the authentication request is created.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns> /// A sequence of authentication requests, any of which constitutes a valid identity assertion on the Claimed Identifier. /// Never null, but may be empty. @@ -391,13 +392,16 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { /// Creates the request message to send to the Provider, /// based on the properties in this instance. /// </summary> - /// <returns>The message to send to the Provider.</returns> + /// <param name="cancellationToken">The cancellation token.</param> + /// <returns> + /// The message to send to the Provider. + /// </returns> internal Task<SignedResponseRequest> CreateRequestMessageTestHookAsync(CancellationToken cancellationToken) { return this.CreateRequestMessageAsync(cancellationToken); } /// <summary> - /// Performs deferred request generation for the <see cref="Create"/> method. + /// Performs deferred request generation for the <see cref="Create" /> method. /// </summary> /// <param name="userSuppliedIdentifier">The user supplied identifier.</param> /// <param name="relyingParty">The relying party.</param> @@ -405,6 +409,7 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { /// <param name="returnToUrl">The return_to base URL.</param> /// <param name="serviceEndpoints">The discovered service endpoints on the Claimed Identifier.</param> /// <param name="createNewAssociationsAsNeeded">if set to <c>true</c>, associations that do not exist between this Relying Party and the asserting Providers are created before the authentication request is created.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns> /// A sequence of authentication requests, any of which constitutes a valid identity assertion on the Claimed Identifier. /// Never null, but may be empty. diff --git a/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/RelyingParty/Extensions/UIUtilities.cs b/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/RelyingParty/Extensions/UIUtilities.cs index 80bfe65..4e138ee 100644 --- a/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/RelyingParty/Extensions/UIUtilities.cs +++ b/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/RelyingParty/Extensions/UIUtilities.cs @@ -24,7 +24,10 @@ using Validation; /// <param name="relyingParty">The relying party.</param> /// <param name="request">The authentication request to place in the window.</param> /// <param name="windowName">The name to assign to the popup window.</param> - /// <returns>A string starting with 'window.open' and forming just that one method call.</returns> + /// <param name="cancellationToken">The cancellation token.</param> + /// <returns> + /// A string starting with 'window.open' and forming just that one method call. + /// </returns> internal static async Task<string> GetWindowPopupScriptAsync(OpenIdRelyingParty relyingParty, IAuthenticationRequest request, string windowName, CancellationToken cancellationToken) { Requires.NotNull(relyingParty, "relyingParty"); Requires.NotNull(request, "request"); diff --git a/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/RelyingParty/OpenIdRelyingParty.cs b/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/RelyingParty/OpenIdRelyingParty.cs index a129334..b190ce3 100644 --- a/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/RelyingParty/OpenIdRelyingParty.cs +++ b/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/RelyingParty/OpenIdRelyingParty.cs @@ -157,31 +157,6 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { } /// <summary> - /// Gets the standard state storage mechanism that uses ASP.NET's - /// HttpApplication state dictionary to store associations and nonces. - /// </summary> - public static IOpenIdApplicationStore GetHttpApplicationStore(HttpContextBase context = null) { - if (context == null) { - ErrorUtilities.VerifyOperation(HttpContext.Current != null, Strings.StoreRequiredWhenNoHttpContextAvailable, typeof(IOpenIdApplicationStore).Name); - context = new HttpContextWrapper(HttpContext.Current); - } - - var store = (IOpenIdApplicationStore)context.Application[ApplicationStoreKey]; - if (store == null) { - context.Application.Lock(); - try { - if ((store = (IOpenIdApplicationStore)context.Application[ApplicationStoreKey]) == null) { - context.Application[ApplicationStoreKey] = store = new StandardRelyingPartyApplicationStore(); - } - } finally { - context.Application.UnLock(); - } - } - - return store; - } - - /// <summary> /// Gets or sets the channel to use for sending/receiving messages. /// </summary> public Channel Channel { @@ -314,6 +289,33 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { } /// <summary> + /// Gets the standard state storage mechanism that uses ASP.NET's + /// HttpApplication state dictionary to store associations and nonces. + /// </summary> + /// <param name="context">The context.</param> + /// <returns>The application store.</returns> + public static IOpenIdApplicationStore GetHttpApplicationStore(HttpContextBase context = null) { + if (context == null) { + ErrorUtilities.VerifyOperation(HttpContext.Current != null, Strings.StoreRequiredWhenNoHttpContextAvailable, typeof(IOpenIdApplicationStore).Name); + context = new HttpContextWrapper(HttpContext.Current); + } + + var store = (IOpenIdApplicationStore)context.Application[ApplicationStoreKey]; + if (store == null) { + context.Application.Lock(); + try { + if ((store = (IOpenIdApplicationStore)context.Application[ApplicationStoreKey]) == null) { + context.Application[ApplicationStoreKey] = store = new StandardRelyingPartyApplicationStore(); + } + } finally { + context.Application.UnLock(); + } + } + + return store; + } + + /// <summary> /// Creates an authentication request to verify that a user controls /// some given Identifier. /// </summary> @@ -520,7 +522,10 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { /// Gets an authentication response from a Provider. /// </summary> /// <param name="httpRequestInfo">The HTTP request that may be carrying an authentication response from the Provider.</param> - /// <returns>The processed authentication response if there is any; <c>null</c> otherwise.</returns> + /// <param name="cancellationToken">The cancellation token.</param> + /// <returns> + /// The processed authentication response if there is any; <c>null</c> otherwise. + /// </returns> public async Task<IAuthenticationResponse> GetResponseAsync(HttpRequestBase httpRequestInfo, CancellationToken cancellationToken) { Requires.NotNull(httpRequestInfo, "httpRequestInfo"); try { @@ -574,7 +579,10 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { /// Processes the response received in a popup window or iframe to an AJAX-directed OpenID authentication. /// </summary> /// <param name="request">The incoming HTTP request that is expected to carry an OpenID authentication response.</param> - /// <returns>The HTTP response to send to this HTTP request.</returns> + /// <param name="cancellationToken">The cancellation token.</param> + /// <returns> + /// The HTTP response to send to this HTTP request. + /// </returns> public Task<HttpResponseMessage> ProcessResponseFromPopupAsync(HttpRequestBase request, CancellationToken cancellationToken) { Requires.NotNull(request, "request"); @@ -657,6 +665,7 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { /// </summary> /// <param name="request">The incoming HTTP request that is expected to carry an OpenID authentication response.</param> /// <param name="callback">The callback fired after the response status has been determined but before the Javascript response is formulated.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns> /// The HTTP response to send to this HTTP request. /// </returns> @@ -716,7 +725,10 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { /// Performs discovery on the specified identifier. /// </summary> /// <param name="identifier">The identifier to discover services for.</param> - /// <returns>A non-null sequence of services discovered for the identifier.</returns> + /// <param name="cancellationToken">The cancellation token.</param> + /// <returns> + /// A non-null sequence of services discovered for the identifier. + /// </returns> internal Task<IEnumerable<IdentifierDiscoveryResult>> DiscoverAsync(Identifier identifier, CancellationToken cancellationToken) { return this.discoveryServices.DiscoverAsync(identifier, cancellationToken); } diff --git a/src/DotNetOpenAuth.OpenId/DefaultOpenIdHostFactories.cs b/src/DotNetOpenAuth.OpenId/DefaultOpenIdHostFactories.cs index ac81107..d52342c 100644 --- a/src/DotNetOpenAuth.OpenId/DefaultOpenIdHostFactories.cs +++ b/src/DotNetOpenAuth.OpenId/DefaultOpenIdHostFactories.cs @@ -1,5 +1,5 @@ //----------------------------------------------------------------------- -// <copyright file="DefaultHostFactories.cs" company="Andrew Arnott"> +// <copyright file="DefaultOpenIdHostFactories.cs" company="Andrew Arnott"> // Copyright (c) Andrew Arnott. All rights reserved. // </copyright> //----------------------------------------------------------------------- diff --git a/src/DotNetOpenAuth.OpenId/OpenId/ChannelElements/BackwardCompatibilityBindingElement.cs b/src/DotNetOpenAuth.OpenId/OpenId/ChannelElements/BackwardCompatibilityBindingElement.cs index c448e2f..3fe3fe2 100644 --- a/src/DotNetOpenAuth.OpenId/OpenId/ChannelElements/BackwardCompatibilityBindingElement.cs +++ b/src/DotNetOpenAuth.OpenId/OpenId/ChannelElements/BackwardCompatibilityBindingElement.cs @@ -58,6 +58,7 @@ namespace DotNetOpenAuth.OpenId.ChannelElements { /// Prepares a message for sending based on the rules of this channel binding element. /// </summary> /// <param name="message">The message to prepare for sending.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns> /// The protections (if any) that this binding element applied to the message. /// Null if this binding element did not even apply to this binding element. @@ -87,6 +88,7 @@ namespace DotNetOpenAuth.OpenId.ChannelElements { /// validates an incoming message based on the rules of this channel binding element. /// </summary> /// <param name="message">The incoming message to process.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns> /// The protections (if any) that this binding element applied to the message. /// Null if this binding element did not even apply to this binding element. diff --git a/src/DotNetOpenAuth.OpenId/OpenId/ChannelElements/ExtensionsBindingElement.cs b/src/DotNetOpenAuth.OpenId/OpenId/ChannelElements/ExtensionsBindingElement.cs index 2a5946a..5d6a51e 100644 --- a/src/DotNetOpenAuth.OpenId/OpenId/ChannelElements/ExtensionsBindingElement.cs +++ b/src/DotNetOpenAuth.OpenId/OpenId/ChannelElements/ExtensionsBindingElement.cs @@ -75,6 +75,7 @@ namespace DotNetOpenAuth.OpenId.ChannelElements { /// Prepares a message for sending based on the rules of this channel binding element. /// </summary> /// <param name="message">The message to prepare for sending.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns> /// The protections (if any) that this binding element applied to the message. /// Null if this binding element did not even apply to this binding element. @@ -138,6 +139,7 @@ namespace DotNetOpenAuth.OpenId.ChannelElements { /// validates an incoming message based on the rules of this channel binding element. /// </summary> /// <param name="message">The incoming message to process.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns> /// The protections (if any) that this binding element applied to the message. /// Null if this binding element did not even apply to this binding element. diff --git a/src/DotNetOpenAuth.OpenId/OpenId/ChannelElements/OpenIdChannel.cs b/src/DotNetOpenAuth.OpenId/OpenId/ChannelElements/OpenIdChannel.cs index 221994a..0c93478 100644 --- a/src/DotNetOpenAuth.OpenId/OpenId/ChannelElements/OpenIdChannel.cs +++ b/src/DotNetOpenAuth.OpenId/OpenId/ChannelElements/OpenIdChannel.cs @@ -47,11 +47,12 @@ namespace DotNetOpenAuth.OpenId.ChannelElements { private KeyValueFormEncoding keyValueForm = new KeyValueFormEncoding(); /// <summary> - /// Initializes a new instance of the <see cref="OpenIdChannel"/> class. + /// Initializes a new instance of the <see cref="OpenIdChannel" /> class. /// </summary> /// <param name="messageTypeProvider">A class prepared to analyze incoming messages and indicate what concrete /// message types can deserialize from it.</param> /// <param name="bindingElements">The binding elements to use in sending and receiving messages.</param> + /// <param name="hostFactories">The host factories.</param> protected OpenIdChannel(IMessageFactory messageTypeProvider, IChannelBindingElement[] bindingElements, IHostFactories hostFactories = null) : base(messageTypeProvider, bindingElements, hostFactories ?? new DefaultOpenIdHostFactories()) { Requires.NotNull(messageTypeProvider, "messageTypeProvider"); @@ -81,10 +82,9 @@ namespace DotNetOpenAuth.OpenId.ChannelElements { /// Verifies the integrity and applicability of an incoming message. /// </summary> /// <param name="message">The message just received.</param> - /// <exception cref="ProtocolException"> - /// Thrown when the message is somehow invalid, except for check_authentication messages. - /// This can be due to tampering, replay attack or expiration, among other things. - /// </exception> + /// <param name="cancellationToken">The cancellation token.</param> + /// <exception cref="ProtocolException">Thrown when the message is somehow invalid, except for check_authentication messages. + /// This can be due to tampering, replay attack or expiration, among other things.</exception> protected override async Task ProcessIncomingMessageAsync(IProtocolMessage message, CancellationToken cancellationToken) { var checkAuthRequest = message as CheckAuthenticationRequest; if (checkAuthRequest != null) { diff --git a/src/DotNetOpenAuth.OpenId/OpenId/ChannelElements/ReturnToSignatureBindingElement.cs b/src/DotNetOpenAuth.OpenId/OpenId/ChannelElements/ReturnToSignatureBindingElement.cs index c55704d..5ea5136 100644 --- a/src/DotNetOpenAuth.OpenId/OpenId/ChannelElements/ReturnToSignatureBindingElement.cs +++ b/src/DotNetOpenAuth.OpenId/OpenId/ChannelElements/ReturnToSignatureBindingElement.cs @@ -37,7 +37,7 @@ namespace DotNetOpenAuth.OpenId.ChannelElements { private static readonly Task<MessageProtections?> NoneTask = Task.FromResult<MessageProtections?>(MessageProtections.None); - + /// <summary> /// The name of the callback parameter we'll tack onto the return_to value /// to store our signature on the return_to parameter. @@ -97,6 +97,7 @@ namespace DotNetOpenAuth.OpenId.ChannelElements { /// Prepares a message for sending based on the rules of this channel binding element. /// </summary> /// <param name="message">The message to prepare for sending.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns> /// The protections (if any) that this binding element applied to the message. /// Null if this binding element did not even apply to this binding element. @@ -125,6 +126,7 @@ namespace DotNetOpenAuth.OpenId.ChannelElements { /// validates an incoming message based on the rules of this channel binding element. /// </summary> /// <param name="message">The incoming message to process.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns> /// The protections (if any) that this binding element applied to the message. /// Null if this binding element did not even apply to this binding element. diff --git a/src/DotNetOpenAuth.OpenId/OpenId/ChannelElements/SigningBindingElement.cs b/src/DotNetOpenAuth.OpenId/OpenId/ChannelElements/SigningBindingElement.cs index 83d45a1..769b2e2 100644 --- a/src/DotNetOpenAuth.OpenId/OpenId/ChannelElements/SigningBindingElement.cs +++ b/src/DotNetOpenAuth.OpenId/OpenId/ChannelElements/SigningBindingElement.cs @@ -57,6 +57,7 @@ namespace DotNetOpenAuth.OpenId.ChannelElements { /// Prepares a message for sending based on the rules of this channel binding element. /// </summary> /// <param name="message">The message to prepare for sending.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns> /// The protections (if any) that this binding element applied to the message. /// Null if this binding element did not even apply to this binding element. @@ -70,6 +71,7 @@ namespace DotNetOpenAuth.OpenId.ChannelElements { /// validates an incoming message based on the rules of this channel binding element. /// </summary> /// <param name="message">The incoming message to process.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns> /// The protections (if any) that this binding element applied to the message. /// Null if this binding element did not even apply to this binding element. @@ -111,6 +113,7 @@ namespace DotNetOpenAuth.OpenId.ChannelElements { /// <param name="message">The message.</param> /// <param name="signedMessage">The signed message.</param> /// <param name="protectionsApplied">The protections applied.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns>The applied protections.</returns> protected abstract Task<MessageProtections> VerifySignatureByUnrecognizedHandleAsync(IProtocolMessage message, ITamperResistantOpenIdMessage signedMessage, MessageProtections protectionsApplied, CancellationToken cancellationToken); diff --git a/src/DotNetOpenAuth.OpenId/OpenId/ChannelElements/SkipSecurityBindingElement.cs b/src/DotNetOpenAuth.OpenId/OpenId/ChannelElements/SkipSecurityBindingElement.cs index 900a422..e55b7e2 100644 --- a/src/DotNetOpenAuth.OpenId/OpenId/ChannelElements/SkipSecurityBindingElement.cs +++ b/src/DotNetOpenAuth.OpenId/OpenId/ChannelElements/SkipSecurityBindingElement.cs @@ -46,6 +46,7 @@ namespace DotNetOpenAuth.OpenId.ChannelElements { /// Prepares a message for sending based on the rules of this channel binding element. /// </summary> /// <param name="message">The message to prepare for sending.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns> /// The protections (if any) that this binding element applied to the message. /// Null if this binding element did not even apply to this binding element. @@ -64,6 +65,7 @@ namespace DotNetOpenAuth.OpenId.ChannelElements { /// validates an incoming message based on the rules of this channel binding element. /// </summary> /// <param name="message">The incoming message to process.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns> /// The protections (if any) that this binding element applied to the message. /// Null if this binding element did not even apply to this binding element. diff --git a/src/DotNetOpenAuth.OpenId/OpenId/IIdentifierDiscoveryService.cs b/src/DotNetOpenAuth.OpenId/OpenId/IIdentifierDiscoveryService.cs index 4d1450e..1055d15 100644 --- a/src/DotNetOpenAuth.OpenId/OpenId/IIdentifierDiscoveryService.cs +++ b/src/DotNetOpenAuth.OpenId/OpenId/IIdentifierDiscoveryService.cs @@ -27,7 +27,7 @@ namespace DotNetOpenAuth.OpenId { /// Performs discovery on the specified identifier. /// </summary> /// <param name="identifier">The identifier to perform discovery on.</param> - /// <param name="abortDiscoveryChain">if set to <c>true</c>, no further discovery services will be called for this identifier.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns> /// A sequence of service endpoints yielded by discovery. Must not be null, but may be empty. /// </returns> diff --git a/src/DotNetOpenAuth.OpenId/OpenId/IdentifierDiscoveryServices.cs b/src/DotNetOpenAuth.OpenId/OpenId/IdentifierDiscoveryServices.cs index 2803c22..a515033 100644 --- a/src/DotNetOpenAuth.OpenId/OpenId/IdentifierDiscoveryServices.cs +++ b/src/DotNetOpenAuth.OpenId/OpenId/IdentifierDiscoveryServices.cs @@ -50,6 +50,7 @@ namespace DotNetOpenAuth.OpenId { /// Performs discovery on the specified identifier. /// </summary> /// <param name="identifier">The identifier to discover services for.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns>A non-null sequence of services discovered for the identifier.</returns> public async Task<IEnumerable<IdentifierDiscoveryResult>> DiscoverAsync(Identifier identifier, CancellationToken cancellationToken) { Requires.NotNull(identifier, "identifier"); diff --git a/src/DotNetOpenAuth.OpenId/OpenId/Messages/NegativeAssertionResponse.cs b/src/DotNetOpenAuth.OpenId/OpenId/Messages/NegativeAssertionResponse.cs index 1bb52b9..ccb6a27 100644 --- a/src/DotNetOpenAuth.OpenId/OpenId/Messages/NegativeAssertionResponse.cs +++ b/src/DotNetOpenAuth.OpenId/OpenId/Messages/NegativeAssertionResponse.cs @@ -39,24 +39,6 @@ namespace DotNetOpenAuth.OpenId.Messages { } /// <summary> - /// Initializes a new instance of the <see cref="NegativeAssertionResponse"/> class. - /// </summary> - /// <param name="request">The request that the relying party sent.</param> - /// <param name="channel">The channel to use to simulate construction of the user_setup_url, if applicable. May be null, but the user_setup_url will not be constructed.</param> - internal static async Task<NegativeAssertionResponse> CreateAsync(SignedResponseRequest request, CancellationToken cancellationToken, Channel channel = null) { - var result = new NegativeAssertionResponse(request); - - // If appropriate, and when we're provided with a channel to do it, - // go ahead and construct the user_setup_url - if (result.Version.Major < 2 && request.Immediate && channel != null) { - // All requests are CheckIdRequests in OpenID 1.x, so this cast should be safe. - result.UserSetupUrl = await ConstructUserSetupUrlAsync((CheckIdRequest)request, channel, cancellationToken); - } - - return result; - } - - /// <summary> /// Gets or sets the URL the relying party can use to upgrade their authentication /// request from an immediate to a setup message. /// </summary> @@ -112,11 +94,31 @@ namespace DotNetOpenAuth.OpenId.Messages { } /// <summary> + /// Initializes a new instance of the <see cref="NegativeAssertionResponse" /> class. + /// </summary> + /// <param name="request">The request that the relying party sent.</param> + /// <param name="cancellationToken">The cancellation token.</param> + /// <param name="channel">The channel to use to simulate construction of the user_setup_url, if applicable. May be null, but the user_setup_url will not be constructed.</param> + internal static async Task<NegativeAssertionResponse> CreateAsync(SignedResponseRequest request, CancellationToken cancellationToken, Channel channel = null) { + var result = new NegativeAssertionResponse(request); + + // If appropriate, and when we're provided with a channel to do it, + // go ahead and construct the user_setup_url + if (result.Version.Major < 2 && request.Immediate && channel != null) { + // All requests are CheckIdRequests in OpenID 1.x, so this cast should be safe. + result.UserSetupUrl = await ConstructUserSetupUrlAsync((CheckIdRequest)request, channel, cancellationToken); + } + + return result; + } + + /// <summary> /// Constructs the value for the user_setup_url parameter to be sent back /// in negative assertions in response to OpenID 1.x RP's checkid_immediate requests. /// </summary> /// <param name="immediateRequest">The immediate request.</param> /// <param name="channel">The channel to use to simulate construction of the message.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns>The value to use for the user_setup_url parameter.</returns> private static async Task<Uri> ConstructUserSetupUrlAsync(CheckIdRequest immediateRequest, Channel channel, CancellationToken cancellationToken) { Requires.NotNull(immediateRequest, "immediateRequest"); diff --git a/src/DotNetOpenAuth.OpenId/OpenId/OpenIdUtilities.cs b/src/DotNetOpenAuth.OpenId/OpenId/OpenIdUtilities.cs index 7b65a88..dcea83a 100644 --- a/src/DotNetOpenAuth.OpenId/OpenId/OpenIdUtilities.cs +++ b/src/DotNetOpenAuth.OpenId/OpenId/OpenIdUtilities.cs @@ -227,7 +227,6 @@ namespace DotNetOpenAuth.OpenId { } while (true); - return hostFactories.CreateHttpClient(rootHandler); } diff --git a/src/DotNetOpenAuth.OpenId/OpenId/Provider/IHostProcessedRequest.cs b/src/DotNetOpenAuth.OpenId/OpenId/Provider/IHostProcessedRequest.cs index 0e40f0f..0615144 100644 --- a/src/DotNetOpenAuth.OpenId/OpenId/Provider/IHostProcessedRequest.cs +++ b/src/DotNetOpenAuth.OpenId/OpenId/Provider/IHostProcessedRequest.cs @@ -48,7 +48,8 @@ namespace DotNetOpenAuth.OpenId.Provider { /// <summary> /// Attempts to perform relying party discovery of the return URL claimed by the Relying Party. /// </summary> - /// <param name="webRequestHandler">The web request handler.</param> + /// <param name="hostFactories">The host factories.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns> /// The details of how successful the relying party discovery was. /// </returns> diff --git a/src/DotNetOpenAuth.OpenId/OpenId/Provider/IProviderBehavior.cs b/src/DotNetOpenAuth.OpenId/OpenId/Provider/IProviderBehavior.cs index 1f3fab1..d7ec647 100644 --- a/src/DotNetOpenAuth.OpenId/OpenId/Provider/IProviderBehavior.cs +++ b/src/DotNetOpenAuth.OpenId/OpenId/Provider/IProviderBehavior.cs @@ -30,6 +30,7 @@ namespace DotNetOpenAuth.OpenId.Provider { /// Called when a request is received by the Provider. /// </summary> /// <param name="request">The incoming request.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns> /// <c>true</c> if this behavior owns this request and wants to stop other behaviors /// from handling it; <c>false</c> to allow other behaviors to process this request. @@ -45,6 +46,7 @@ namespace DotNetOpenAuth.OpenId.Provider { /// Called when the Provider is preparing to send a response to an authentication request. /// </summary> /// <param name="request">The request that is configured to generate the outgoing response.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns> /// <c>true</c> if this behavior owns this request and wants to stop other behaviors /// from handling it; <c>false</c> to allow other behaviors to process this request. diff --git a/src/DotNetOpenAuth.OpenId/OpenId/Realm.cs b/src/DotNetOpenAuth.OpenId/OpenId/Realm.cs index eaf8088..8628160 100644 --- a/src/DotNetOpenAuth.OpenId/OpenId/Realm.cs +++ b/src/DotNetOpenAuth.OpenId/OpenId/Realm.cs @@ -438,10 +438,12 @@ namespace DotNetOpenAuth.OpenId { /// <summary> /// Searches for an XRDS document at the realm URL. /// </summary> - /// <param name="requestHandler">The mechanism to use for sending HTTP requests.</param> + /// <param name="hostFactories">The host factories.</param> /// <param name="allowRedirects">Whether redirects may be followed when discovering the Realm. + /// <param name="cancellationToken">The cancellation token.</param> /// This may be true when creating an unsolicited assertion, but must be /// false when performing return URL verification per 2.0 spec section 9.2.1.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns> /// The XRDS document if found; or <c>null</c> if no service document was discovered. /// </returns> diff --git a/src/DotNetOpenAuth.OpenId/Yadis/DiscoveryResult.cs b/src/DotNetOpenAuth.OpenId/Yadis/DiscoveryResult.cs index 64f7b66..c993acd 100644 --- a/src/DotNetOpenAuth.OpenId/Yadis/DiscoveryResult.cs +++ b/src/DotNetOpenAuth.OpenId/Yadis/DiscoveryResult.cs @@ -28,11 +28,8 @@ namespace DotNetOpenAuth.Yadis { private HttpResponseMessage htmlFallback; /// <summary> - /// Initializes a new instance of the <see cref="DiscoveryResult"/> class. + /// Initializes a new instance of the <see cref="DiscoveryResult" /> class. /// </summary> - /// <param name="requestUri">The user-supplied identifier.</param> - /// <param name="initialResponse">The initial response.</param> - /// <param name="finalResponse">The final response.</param> private DiscoveryResult() { } @@ -73,9 +70,7 @@ namespace DotNetOpenAuth.Yadis { /// </summary> public bool IsXrds { get; private set; } - internal static async Task<DiscoveryResult> CreateAsync( - Uri requestUri, HttpResponseMessage initialResponse, HttpResponseMessage finalResponse) { - + internal static async Task<DiscoveryResult> CreateAsync(Uri requestUri, HttpResponseMessage initialResponse, HttpResponseMessage finalResponse) { var result = new DiscoveryResult(); result.RequestUri = requestUri; result.NormalizedUri = initialResponse.RequestMessage.RequestUri; diff --git a/src/DotNetOpenAuth.OpenId/Yadis/Yadis.cs b/src/DotNetOpenAuth.OpenId/Yadis/Yadis.cs index f0d5402..ea14b30 100644 --- a/src/DotNetOpenAuth.OpenId/Yadis/Yadis.cs +++ b/src/DotNetOpenAuth.OpenId/Yadis/Yadis.cs @@ -6,7 +6,9 @@ namespace DotNetOpenAuth.Yadis { using System; + using System.Collections.Generic; using System.IO; + using System.Linq; using System.Net; using System.Net.Cache; using System.Net.Http; @@ -21,9 +23,6 @@ namespace DotNetOpenAuth.Yadis { using DotNetOpenAuth.Xrds; using Validation; - using System.Linq; - using System.Collections.Generic; - /// <summary> /// YADIS discovery manager. /// </summary> @@ -51,13 +50,14 @@ namespace DotNetOpenAuth.Yadis { /// <summary> /// Performs YADIS discovery on some identifier. /// </summary> - /// <param name="requestHandler">The mechanism to use for sending HTTP requests.</param> + /// <param name="hostFactories">The host factories.</param> /// <param name="uri">The URI to perform discovery on.</param> /// <param name="requireSsl">Whether discovery should fail if any step of it is not encrypted.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns> /// The result of discovery on the given URL. /// Null may be returned if an error occurs, - /// or if <paramref name="requireSsl"/> is true but part of discovery + /// or if <paramref name="requireSsl" /> is true but part of discovery /// is not protected by SSL. /// </returns> public static async Task<DiscoveryResult> DiscoverAsync(IHostFactories hostFactories, UriIdentifier uri, bool requireSsl, CancellationToken cancellationToken) { diff --git a/src/DotNetOpenAuth.OpenIdOAuth/OAuth/WebConsumerOpenIdRelyingParty.cs b/src/DotNetOpenAuth.OpenIdOAuth/OAuth/WebConsumerOpenIdRelyingParty.cs index 97ee9ab..a19d505 100644 --- a/src/DotNetOpenAuth.OpenIdOAuth/OAuth/WebConsumerOpenIdRelyingParty.cs +++ b/src/DotNetOpenAuth.OpenIdOAuth/OAuth/WebConsumerOpenIdRelyingParty.cs @@ -56,12 +56,13 @@ namespace DotNetOpenAuth.OAuth { /// Processes an incoming authorization-granted message from an SP and obtains an access token. /// </summary> /// <param name="openIdAuthenticationResponse">The OpenID authentication response that may be carrying an authorized request token.</param> + /// <param name="cancellationToken">The cancellation token.</param> /// <returns> /// The access token, or null if OAuth authorization was denied by the user or service provider. /// </returns> /// <remarks> - /// The access token, if granted, is automatically stored in the <see cref="ConsumerBase.TokenManager"/>. - /// The token manager instance must implement <see cref="IOpenIdOAuthTokenManager"/>. + /// The access token, if granted, is automatically stored in the <see cref="ConsumerBase.TokenManager" />. + /// The token manager instance must implement <see cref="IOpenIdOAuthTokenManager" />. /// </remarks> public async Task<AuthorizedTokenResponse> ProcessUserAuthorizationAsync(IAuthenticationResponse openIdAuthenticationResponse, CancellationToken cancellationToken = default(CancellationToken)) { Requires.NotNull(openIdAuthenticationResponse, "openIdAuthenticationResponse"); |