summaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/DotNetOpenAuth/ComponentModel/UriConverter.cs35
-rw-r--r--src/DotNetOpenAuth/InfoCard/InfoCardSelector.cs46
-rw-r--r--src/DotNetOpenAuth/InfoCard/Token/Token.cs4
3 files changed, 71 insertions, 14 deletions
diff --git a/src/DotNetOpenAuth/ComponentModel/UriConverter.cs b/src/DotNetOpenAuth/ComponentModel/UriConverter.cs
index 51fd15a..93e4809 100644
--- a/src/DotNetOpenAuth/ComponentModel/UriConverter.cs
+++ b/src/DotNetOpenAuth/ComponentModel/UriConverter.cs
@@ -17,7 +17,7 @@ namespace DotNetOpenAuth.ComponentModel {
/// A design-time helper to allow controls to have properties
/// of type <see cref="Uri"/>.
/// </summary>
- public abstract class UriConverter : ConverterBase<Uri> {
+ public class UriConverter : ConverterBase<Uri> {
/// <summary>
/// Initializes a new instance of the UriConverter class.
/// </summary>
@@ -27,7 +27,9 @@ namespace DotNetOpenAuth.ComponentModel {
/// <summary>
/// Gets the type to reflect over to extract the well known values.
/// </summary>
- protected abstract Type WellKnownValuesType { get; }
+ protected virtual Type WellKnownValuesType {
+ get { return null; }
+ }
/// <summary>
/// Returns whether the given value object is valid for this type and for the specified context.
@@ -38,11 +40,12 @@ namespace DotNetOpenAuth.ComponentModel {
/// true if the specified value is valid for this object; otherwise, false.
/// </returns>
public override bool IsValid(ITypeDescriptorContext context, object value) {
+ string stringValue;
if (value is Uri) {
return ((Uri)value).IsAbsoluteUri;
- } else if (value is string) {
+ } else if ((stringValue = value as string) != null) {
Uri result;
- return Uri.TryCreate((string)value, UriKind.Absolute, out result);
+ return stringValue.Length == 0 || Uri.TryCreate(stringValue, UriKind.Absolute, out result);
} else {
return false;
}
@@ -55,7 +58,7 @@ namespace DotNetOpenAuth.ComponentModel {
/// <returns>The strongly-typed object.</returns>
[Pure]
protected override Uri ConvertFrom(string value) {
- return new Uri(value);
+ return string.IsNullOrEmpty(value) ? null : new Uri(value);
}
/// <summary>
@@ -67,6 +70,10 @@ namespace DotNetOpenAuth.ComponentModel {
/// </returns>
[Pure]
protected override InstanceDescriptor CreateFrom(Uri value) {
+ if (value == null) {
+ return null;
+ }
+
MemberInfo uriCtor = typeof(Uri).GetConstructor(new Type[] { typeof(string) });
return new InstanceDescriptor(uriCtor, new object[] { value.AbsoluteUri });
}
@@ -78,6 +85,10 @@ namespace DotNetOpenAuth.ComponentModel {
/// <returns>The string representation of the object.</returns>
[Pure]
protected override string ConvertToString(Uri value) {
+ if (value == null) {
+ return null;
+ }
+
return value.AbsoluteUri;
}
@@ -87,11 +98,15 @@ namespace DotNetOpenAuth.ComponentModel {
/// <returns>An array of the standard claim types.</returns>
[Pure]
protected override ICollection GetStandardValuesForCache() {
- var fields = from field in this.WellKnownValuesType.GetFields(BindingFlags.Static | BindingFlags.Public)
- select new Uri((string)field.GetValue(null));
- var properties = from prop in this.WellKnownValuesType.GetProperties(BindingFlags.Static | BindingFlags.Public)
- select new Uri((string)prop.GetValue(null, null));
- return (fields.Concat(properties)).ToArray();
+ if (this.WellKnownValuesType != null) {
+ var fields = from field in this.WellKnownValuesType.GetFields(BindingFlags.Static | BindingFlags.Public)
+ select new Uri((string)field.GetValue(null));
+ var properties = from prop in this.WellKnownValuesType.GetProperties(BindingFlags.Static | BindingFlags.Public)
+ select new Uri((string)prop.GetValue(null, null));
+ return (fields.Concat(properties)).ToArray();
+ } else {
+ return new Uri[0];
+ }
}
}
}
diff --git a/src/DotNetOpenAuth/InfoCard/InfoCardSelector.cs b/src/DotNetOpenAuth/InfoCard/InfoCardSelector.cs
index 55789fe..e6e69df 100644
--- a/src/DotNetOpenAuth/InfoCard/InfoCardSelector.cs
+++ b/src/DotNetOpenAuth/InfoCard/InfoCardSelector.cs
@@ -12,6 +12,7 @@ namespace DotNetOpenAuth.InfoCard {
using System.Collections.ObjectModel;
using System.ComponentModel;
using System.Diagnostics.Contracts;
+ using System.Drawing.Design;
using System.Globalization;
using System.Linq;
using System.Web.UI;
@@ -126,6 +127,11 @@ namespace DotNetOpenAuth.InfoCard {
private const string PrivacyVersionViewStateKey = "PrivacyVersion";
/// <summary>
+ /// The viewstate key for storing the <see cref="Audience" /> property.
+ /// </summary>
+ private const string AudienceViewStateKey = "Audience";
+
+ /// <summary>
/// The viewstate key for storing the <see cref="AutoPostBack" /> property.
/// </summary>
private const string AutoPostBackViewStateKey = "AutoPostBack";
@@ -177,6 +183,13 @@ namespace DotNetOpenAuth.InfoCard {
private Panel infoCardNotSupportedPanel;
/// <summary>
+ /// Recalls whether the <see cref="Audience"/> property has been set yet,
+ /// so its default can be set as soon as possible without overwriting
+ /// an intentional value.
+ /// </summary>
+ private bool audienceSet;
+
+ /// <summary>
/// Occurs when an InfoCard has been submitted but not decoded yet.
/// </summary>
[Category(InfoCardCategory)]
@@ -256,6 +269,30 @@ namespace DotNetOpenAuth.InfoCard {
}
/// <summary>
+ /// Gets or sets the URI that must be found for the SAML token's intended audience
+ /// in order for the token to be processed.
+ /// </summary>
+ /// <value>Typically the URI of the page hosting the control, or <c>null</c> to disable audience verification.</value>
+ /// <remarks>
+ /// Disabling audience verification introduces a security risk
+ /// because tokens can be redirected to allow access to unintended resources.
+ /// </remarks>
+ [Description("Specifies the URI that must be found for the SAML token's intended audience.")]
+ [Bindable(true), Category(InfoCardCategory)]
+ [TypeConverter(typeof(ComponentModel.UriConverter))]
+ [UrlProperty, Editor("System.Web.UI.Design.UrlEditor, System.Design, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a", typeof(UITypeEditor))]
+ public Uri Audience {
+ get {
+ return (Uri)this.ViewState[AudienceViewStateKey];
+ }
+
+ set {
+ this.ViewState[AudienceViewStateKey] = value;
+ this.audienceSet = true;
+ }
+ }
+
+ /// <summary>
/// Gets or sets a value indicating whether a postback will automatically
/// be invoked when the user selects an Information Card.
/// </summary>
@@ -345,7 +382,7 @@ namespace DotNetOpenAuth.InfoCard {
if (!receivingArgs.Cancel) {
try {
- Token token = new Token(this.TokenXml, this.Page.Request.Url, decryptor);
+ Token token = new Token(this.TokenXml, this.Audience, decryptor);
this.OnReceivedToken(token);
} catch (InformationCardException ex) {
this.OnTokenProcessingError(this.TokenXml, ex);
@@ -409,6 +446,13 @@ namespace DotNetOpenAuth.InfoCard {
/// </summary>
/// <param name="e">An <see cref="T:System.EventArgs"/> object that contains the event data.</param>
protected override void OnInit(EventArgs e) {
+ // Give a default for the Audience property that allows for
+ // the aspx page to have preset it, and ViewState
+ // to initialize it (even to null) after this.
+ if (!this.audienceSet) {
+ this.Audience = this.Page.Request.Url;
+ }
+
base.OnInit(e);
this.Page.LoadComplete += delegate { this.EnsureChildControls(); };
}
diff --git a/src/DotNetOpenAuth/InfoCard/Token/Token.cs b/src/DotNetOpenAuth/InfoCard/Token/Token.cs
index a7dd0e8..dc8c09a 100644
--- a/src/DotNetOpenAuth/InfoCard/Token/Token.cs
+++ b/src/DotNetOpenAuth/InfoCard/Token/Token.cs
@@ -37,15 +37,13 @@ namespace DotNetOpenAuth.InfoCard {
/// Initializes a new instance of the <see cref="Token"/> class.
/// </summary>
/// <param name="tokenXml">Xml token, which may be encrypted.</param>
- /// <param name="audience">The audience.</param>
+ /// <param name="audience">The audience. May be <c>null</c> to avoid audience checking.</param>
/// <param name="decryptor">The decryptor to use to decrypt the token, if necessary..</param>
/// <exception cref="InformationCardException">Thrown for any problem decoding or decrypting the token.</exception>
internal Token(string tokenXml, Uri audience, TokenDecryptor decryptor) {
Contract.Requires(tokenXml != null && tokenXml.Length > 0);
- Contract.Requires(audience != null);
Contract.Requires(decryptor != null || !IsEncrypted(tokenXml));
ErrorUtilities.VerifyNonZeroLength(tokenXml, "tokenXml");
- ErrorUtilities.VerifyArgumentNotNull(audience, "audience");
byte[] decryptedBytes;
string decryptedString;