diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/DotNetOpenAuth/ComponentModel/UriConverter.cs | 35 | ||||
| -rw-r--r-- | src/DotNetOpenAuth/InfoCard/InfoCardSelector.cs | 46 | ||||
| -rw-r--r-- | src/DotNetOpenAuth/InfoCard/Token/Token.cs | 4 |
3 files changed, 71 insertions, 14 deletions
diff --git a/src/DotNetOpenAuth/ComponentModel/UriConverter.cs b/src/DotNetOpenAuth/ComponentModel/UriConverter.cs index 51fd15a..93e4809 100644 --- a/src/DotNetOpenAuth/ComponentModel/UriConverter.cs +++ b/src/DotNetOpenAuth/ComponentModel/UriConverter.cs @@ -17,7 +17,7 @@ namespace DotNetOpenAuth.ComponentModel { /// A design-time helper to allow controls to have properties /// of type <see cref="Uri"/>. /// </summary> - public abstract class UriConverter : ConverterBase<Uri> { + public class UriConverter : ConverterBase<Uri> { /// <summary> /// Initializes a new instance of the UriConverter class. /// </summary> @@ -27,7 +27,9 @@ namespace DotNetOpenAuth.ComponentModel { /// <summary> /// Gets the type to reflect over to extract the well known values. /// </summary> - protected abstract Type WellKnownValuesType { get; } + protected virtual Type WellKnownValuesType { + get { return null; } + } /// <summary> /// Returns whether the given value object is valid for this type and for the specified context. @@ -38,11 +40,12 @@ namespace DotNetOpenAuth.ComponentModel { /// true if the specified value is valid for this object; otherwise, false. /// </returns> public override bool IsValid(ITypeDescriptorContext context, object value) { + string stringValue; if (value is Uri) { return ((Uri)value).IsAbsoluteUri; - } else if (value is string) { + } else if ((stringValue = value as string) != null) { Uri result; - return Uri.TryCreate((string)value, UriKind.Absolute, out result); + return stringValue.Length == 0 || Uri.TryCreate(stringValue, UriKind.Absolute, out result); } else { return false; } @@ -55,7 +58,7 @@ namespace DotNetOpenAuth.ComponentModel { /// <returns>The strongly-typed object.</returns> [Pure] protected override Uri ConvertFrom(string value) { - return new Uri(value); + return string.IsNullOrEmpty(value) ? null : new Uri(value); } /// <summary> @@ -67,6 +70,10 @@ namespace DotNetOpenAuth.ComponentModel { /// </returns> [Pure] protected override InstanceDescriptor CreateFrom(Uri value) { + if (value == null) { + return null; + } + MemberInfo uriCtor = typeof(Uri).GetConstructor(new Type[] { typeof(string) }); return new InstanceDescriptor(uriCtor, new object[] { value.AbsoluteUri }); } @@ -78,6 +85,10 @@ namespace DotNetOpenAuth.ComponentModel { /// <returns>The string representation of the object.</returns> [Pure] protected override string ConvertToString(Uri value) { + if (value == null) { + return null; + } + return value.AbsoluteUri; } @@ -87,11 +98,15 @@ namespace DotNetOpenAuth.ComponentModel { /// <returns>An array of the standard claim types.</returns> [Pure] protected override ICollection GetStandardValuesForCache() { - var fields = from field in this.WellKnownValuesType.GetFields(BindingFlags.Static | BindingFlags.Public) - select new Uri((string)field.GetValue(null)); - var properties = from prop in this.WellKnownValuesType.GetProperties(BindingFlags.Static | BindingFlags.Public) - select new Uri((string)prop.GetValue(null, null)); - return (fields.Concat(properties)).ToArray(); + if (this.WellKnownValuesType != null) { + var fields = from field in this.WellKnownValuesType.GetFields(BindingFlags.Static | BindingFlags.Public) + select new Uri((string)field.GetValue(null)); + var properties = from prop in this.WellKnownValuesType.GetProperties(BindingFlags.Static | BindingFlags.Public) + select new Uri((string)prop.GetValue(null, null)); + return (fields.Concat(properties)).ToArray(); + } else { + return new Uri[0]; + } } } } diff --git a/src/DotNetOpenAuth/InfoCard/InfoCardSelector.cs b/src/DotNetOpenAuth/InfoCard/InfoCardSelector.cs index 55789fe..e6e69df 100644 --- a/src/DotNetOpenAuth/InfoCard/InfoCardSelector.cs +++ b/src/DotNetOpenAuth/InfoCard/InfoCardSelector.cs @@ -12,6 +12,7 @@ namespace DotNetOpenAuth.InfoCard { using System.Collections.ObjectModel; using System.ComponentModel; using System.Diagnostics.Contracts; + using System.Drawing.Design; using System.Globalization; using System.Linq; using System.Web.UI; @@ -126,6 +127,11 @@ namespace DotNetOpenAuth.InfoCard { private const string PrivacyVersionViewStateKey = "PrivacyVersion"; /// <summary> + /// The viewstate key for storing the <see cref="Audience" /> property. + /// </summary> + private const string AudienceViewStateKey = "Audience"; + + /// <summary> /// The viewstate key for storing the <see cref="AutoPostBack" /> property. /// </summary> private const string AutoPostBackViewStateKey = "AutoPostBack"; @@ -177,6 +183,13 @@ namespace DotNetOpenAuth.InfoCard { private Panel infoCardNotSupportedPanel; /// <summary> + /// Recalls whether the <see cref="Audience"/> property has been set yet, + /// so its default can be set as soon as possible without overwriting + /// an intentional value. + /// </summary> + private bool audienceSet; + + /// <summary> /// Occurs when an InfoCard has been submitted but not decoded yet. /// </summary> [Category(InfoCardCategory)] @@ -256,6 +269,30 @@ namespace DotNetOpenAuth.InfoCard { } /// <summary> + /// Gets or sets the URI that must be found for the SAML token's intended audience + /// in order for the token to be processed. + /// </summary> + /// <value>Typically the URI of the page hosting the control, or <c>null</c> to disable audience verification.</value> + /// <remarks> + /// Disabling audience verification introduces a security risk + /// because tokens can be redirected to allow access to unintended resources. + /// </remarks> + [Description("Specifies the URI that must be found for the SAML token's intended audience.")] + [Bindable(true), Category(InfoCardCategory)] + [TypeConverter(typeof(ComponentModel.UriConverter))] + [UrlProperty, Editor("System.Web.UI.Design.UrlEditor, System.Design, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a", typeof(UITypeEditor))] + public Uri Audience { + get { + return (Uri)this.ViewState[AudienceViewStateKey]; + } + + set { + this.ViewState[AudienceViewStateKey] = value; + this.audienceSet = true; + } + } + + /// <summary> /// Gets or sets a value indicating whether a postback will automatically /// be invoked when the user selects an Information Card. /// </summary> @@ -345,7 +382,7 @@ namespace DotNetOpenAuth.InfoCard { if (!receivingArgs.Cancel) { try { - Token token = new Token(this.TokenXml, this.Page.Request.Url, decryptor); + Token token = new Token(this.TokenXml, this.Audience, decryptor); this.OnReceivedToken(token); } catch (InformationCardException ex) { this.OnTokenProcessingError(this.TokenXml, ex); @@ -409,6 +446,13 @@ namespace DotNetOpenAuth.InfoCard { /// </summary> /// <param name="e">An <see cref="T:System.EventArgs"/> object that contains the event data.</param> protected override void OnInit(EventArgs e) { + // Give a default for the Audience property that allows for + // the aspx page to have preset it, and ViewState + // to initialize it (even to null) after this. + if (!this.audienceSet) { + this.Audience = this.Page.Request.Url; + } + base.OnInit(e); this.Page.LoadComplete += delegate { this.EnsureChildControls(); }; } diff --git a/src/DotNetOpenAuth/InfoCard/Token/Token.cs b/src/DotNetOpenAuth/InfoCard/Token/Token.cs index a7dd0e8..dc8c09a 100644 --- a/src/DotNetOpenAuth/InfoCard/Token/Token.cs +++ b/src/DotNetOpenAuth/InfoCard/Token/Token.cs @@ -37,15 +37,13 @@ namespace DotNetOpenAuth.InfoCard { /// Initializes a new instance of the <see cref="Token"/> class. /// </summary> /// <param name="tokenXml">Xml token, which may be encrypted.</param> - /// <param name="audience">The audience.</param> + /// <param name="audience">The audience. May be <c>null</c> to avoid audience checking.</param> /// <param name="decryptor">The decryptor to use to decrypt the token, if necessary..</param> /// <exception cref="InformationCardException">Thrown for any problem decoding or decrypting the token.</exception> internal Token(string tokenXml, Uri audience, TokenDecryptor decryptor) { Contract.Requires(tokenXml != null && tokenXml.Length > 0); - Contract.Requires(audience != null); Contract.Requires(decryptor != null || !IsEncrypted(tokenXml)); ErrorUtilities.VerifyNonZeroLength(tokenXml, "tokenXml"); - ErrorUtilities.VerifyArgumentNotNull(audience, "audience"); byte[] decryptedBytes; string decryptedString; |