summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
| * | | | | Fixed build after code contracts upgrade.Andrew Arnott2010-06-112-15/+18
| | | | | |
| * | | | | Added documentation for the config setting added in b16ab6be9av3.4.4.10162Andrew Arnott2010-06-111-0/+12
| | | | | |
| * | | | | Upgrading Code Contracts.Andrew Arnott2010-06-1080-4703/+6598
| |\ \ \ \ \
| | * | | | | Resolved some CC warnings.Andrew Arnott2010-06-102-13/+0
| | | | | | |
| | * | | | | Fixed some code contract warnings about contract classes needing to be abstract.Andrew Arnott2010-06-1010-16/+46
| | | | | | |
| | * | | | | Replaced call to deprecated method.Andrew Arnott2010-06-101-1/+1
| | | | | | |
| | * | | | | Resolved build breaks after upgrading Code Contracts.Andrew Arnott2010-06-105-28/+39
| | | | | | |
| | * | | | | Upgraded to Code Contracts 1.4.30601.2Andrew Arnott2010-06-1063-4645/+6512
| |/ / / / /
| * | | | | Added IRequest.ClearResponseExtensions() for OPsAndrew Arnott2010-06-104-1/+51
| | | | | | | | | | | | | | | | | | | | | | | | Resolves Trac #181
* | | | | | A bit of OAuth2 channel refactoring.Andrew Arnott2010-07-0915-197/+281
| | | | | |
* | | | | | Fixed typo.Andrew Arnott2010-07-061-1/+1
| | | | | |
* | | | | | Got the OAuthConsumerWpf sample working with Facebook OAuth 2.0 again.Andrew Arnott2010-07-066-25/+48
| | | | | |
* | | | | | Renamed WebServerClient.TokenManager to AuthorizationTracker.Andrew Arnott2010-07-052-6/+6
| | | | | |
* | | | | | Simplified OAuth 2 client sample.Andrew Arnott2010-07-052-14/+43
| | | | | |
* | | | | | Fixed focus issue with SP sample login page.Andrew Arnott2010-07-051-2/+6
| | | | | |
* | | | | | Simplified using the web server client a bit (no "token manager" needed any ↵Andrew Arnott2010-07-0510-52/+50
| | | | | | | | | | | | | | | | | | | | | | | | more).
* | | | | | Fixed tests.Andrew Arnott2010-07-041-5/+17
| | | | | |
* | | | | | The whole solution now builds again (draft 9).Andrew Arnott2010-07-041-157/+29
| | | | | |
* | | | | | OAuth 2.0 sample works, draft 9 style.Andrew Arnott2010-07-0416-46/+96
| | | | | |
* | | | | | Lots more work toward OAuth 2.0 draft 09 compliance.Andrew Arnott2010-07-0320-78/+216
| | | | | | | | | | | | | | | | | | | | | | | | Still doesn't compile.
* | | | | | Lots of crazy rework to fit the OAuth 2.0 draft 9.Andrew Arnott2010-07-0338-1350/+635
| | | | | | | | | | | | | | | | | | | | | | | | Doesn't currently build.
* | | | | | Fixed namespace in unit test project to match new namespace in core library.Andrew Arnott2010-06-274-11/+11
| | | | | |
* | | | | | Fixes OAuth 1.0(a) base signature string construction to omit the realm ↵Andrew Arnott2010-06-272-0/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | parameter when included in the HTTP Authorization header. Fixes Trac #207
* | | | | | Fixed the namespace of several tests.Andrew Arnott2010-06-279-8/+9
| | | | | |
* | | | | | Removed option for specifying a response format, as it was taken away from ↵Andrew Arnott2010-06-2512-269/+9
| | | | | | | | | | | | | | | | | | | | | | | | OAuth 2.0 in draft 7.
* | | | | | Concealed a public class.Andrew Arnott2010-06-251-1/+1
| | | | | |
* | | | | | Removed last tie between OAuth 2.0 and OAuth 1.0 in the code.Andrew Arnott2010-06-256-5/+41
| | | | | |
* | | | | | Renamed the OAuthWrap namespaces to be OAuth2.Andrew Arnott2010-06-2579-204/+194
| | | | | |
* | | | | | Merge branch 'compressedToken' into oauth2Andrew Arnott2010-06-2422-440/+486
|\ \ \ \ \ \
| * | | | | | Fixed build break in test project.Andrew Arnott2010-06-242-2/+6
| | | | | | |
| * | | | | | Abstracted out token serialization from the token class itself.Andrew Arnott2010-06-2420-429/+457
| | | | | | |
| * | | | | | None of the databag derived types need to customize encode/decode behavior ↵Andrew Arnott2010-06-242-6/+19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | any more.
| * | | | | | Removed all the binary serialization stuff that was a bad idea.Andrew Arnott2010-06-246-30/+8
| | | | | | |
| * | | | | | Using the BinaryFormatter now works at least for serialization.Andrew Arnott2010-06-242-4/+11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | This was a BAD idea. The size of the token went from 392 characters to ~2100.
| * | | | | | Early efforts to store the tokens in a more binary form for compactness.Andrew Arnott2010-06-245-19/+35
|/ / / / / /
* | | | | | Fixed message type.Andrew Arnott2010-06-241-1/+1
| | | | | |
* | | | | | More work toward OAuth 2.0 DRAFT 8Andrew Arnott2010-06-1515-132/+119
| | | | | |
* | | | | | Work toward OAuth 2.0 draft 8.Andrew Arnott2010-06-1416-209/+150
| | | | | |
* | | | | | Fix build break post-merge.Andrew Arnott2010-06-081-1/+1
| | | | | |
* | | | | | Merge branch 'v3.4' into oauth2Andrew Arnott2010-06-0841-78/+290
|\ \ \ \ \ \ | |/ / / / / | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: src/DotNetOpenAuth/Configuration/MessagingElement.cs src/DotNetOpenAuth/Messaging/Reflection/MessagePart.cs
| * | | | | Merge branch 'v3.3' into v3.4Andrew Arnott2010-06-084-8/+9
| |\ \ \ \ \ | | |/ / / /
| | * | | | Merge branch 'v3.2' into v3.3Andrew Arnott2010-06-081-0/+1
| | |\ \ \ \ | | | |/ / /
| | | * | | Made UIRequest serializable, like all the other OpenID extension request ↵Andrew Arnott2010-06-081-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | messages.
| | * | | | Fixed typo in comments.Andrew Arnott2010-05-153-8/+8
| | | | | |
| * | | | | Oops... the last fix wasn't quite right.Andrew Arnott2010-06-081-4/+8
| | | | | |
| * | | | | The enter key no longer suppresses form submit on other forms on the page.Andrew Arnott2010-06-081-10/+10
| | | | | | | | | | | | | | | | | | | | | | | | Fixes Trac #200. Thanks for the bug report, Scott Hanselman.
| * | | | | OpenIdAjaxOptions now allows an MVC app to specify a form name instead of ↵Andrew Arnott2010-06-083-2/+19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | only a form index. Thanks Gísli K. Björnsson for the tip.
| * | | | | StyleCop fixes.Andrew Arnott2010-06-085-8/+7
| | | | | |
| * | | | | Merging in interoperability work for Blogger and other lesser OPs.Andrew Arnott2010-06-084-4/+35
| |\ \ \ \ \
| | * | | | | Put the strictness controls behind a switch so it doesn't require its own ↵Andrew Arnott2010-06-082-1/+26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | branch.
| | * | | | | Merged in v3.4.3.Andrew Arnott2010-04-1668-402/+1590
| | |\ \ \ \ \
| | * | | | | | Message parts with constant values are no longer strict about capitalization.Andrew Arnott2010-03-301-1/+1
| | | | | | | |
| | * | | | | | This allows RPs to allow poor OPs to include empty openid.invalidate_handle ↵Andrew Arnott2010-03-222-3/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | arguments. Blogger issues positive assertions to stateless RPs with empty openid.invalidate_handle parameters.
| * | | | | | | Added Silverlight build of Microsoft.Contracts.dll.Andrew Arnott2010-06-071-0/+0
| | | | | | | |
| * | | | | | | Added paging capability to GoogleConsumer sample in the ApplicationBlock.Andrew Arnott2010-06-053-4/+12
| | | | | | | |
| * | | | | | | Logging now better represents the original (unprocessed) message.Andrew Arnott2010-05-281-1/+1
| | | | | | | |
| * | | | | | | Fix FxCop message.Andrew Arnott2010-05-281-0/+15
| | | | | | | |
| * | | | | | | Fix for outgoing check_auth messages so they don't modify positive assertion ↵Andrew Arnott2010-05-2811-34/+166
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | messages causing invalid signatures. Fixes Trac #198
| * | | | | | | Stabilized reference paths and removed HintPaths.Andrew Arnott2010-05-2814-21/+25
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This is work for targeting .NET 4.0.
* | | | | | | | Lots of StyleCop work, and one bug fix (can you find it? <g>)Andrew Arnott2010-06-0769-318/+1288
| | | | | | | |
* | | | | | | | Renamed WebApp facade classes to WebServer to match messages and flow name.Andrew Arnott2010-06-068-17/+17
| | | | | | | |
* | | | | | | | Renamed WebApp messages to WebServer to match OAuth 2.0 flow names.Andrew Arnott2010-06-0611-67/+67
| | | | | | | |
* | | | | | | | Renamed RichApp messages to Device messages to match OAuth 2.0 flow names.Andrew Arnott2010-06-066-27/+27
| | | | | | | |
* | | | | | | | Updated the Device flow so the messages match the latest spec.Andrew Arnott2010-06-0516-109/+75
| | | | | | | |
* | | | | | | | Updated the rest of the flows except for Device.Andrew Arnott2010-06-057-74/+41
| | | | | | | |
* | | | | | | | Updated Client Credentials and Username+Password flows for the latest spec.Andrew Arnott2010-06-053-17/+83
| | | | | | | |
* | | | | | | | Fixed handling of expired access tokens.Andrew Arnott2010-06-059-10/+32
| | | | | | | |
* | | | | | | | Renamed field to help avoid ambiguity later.Andrew Arnott2010-06-051-10/+10
| | | | | | | |
* | | | | | | | Reduced payload size of some tokens.Andrew Arnott2010-06-052-2/+2
| | | | | | | |
* | | | | | | | Improved security on the token type by including it in the signature.Andrew Arnott2010-06-051-13/+8
| | | | | | | |
* | | | | | | | User Agent flow client now works.Andrew Arnott2010-06-0521-72/+389
| | | | | | | |
* | | | | | | | JSON messages now work. :)Andrew Arnott2010-06-046-5/+177
| | | | | | | |
* | | | | | | | Auth server apps can now determine the lifetime of their own access tokens.Andrew Arnott2010-06-038-55/+52
| | | | | | | |
* | | | | | | | Refreshing access tokens now works.Andrew Arnott2010-06-037-27/+114
| | | | | | | |
* | | | | | | | OAuth 2.0 web flow now works, client, auth server, and resource server, in ↵Andrew Arnott2010-06-0211-30/+180
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | the sample! Yay.
* | | | | | | | Added missing escaping to OAuth 2.0 token.Andrew Arnott2010-06-021-1/+1
| | | | | | | |
* | | | | | | | Fixed whitespace.Andrew Arnott2010-06-021-2/+2
| | | | | | | |
* | | | | | | | Access tokens are now asymmetrically encrypted for resource server ↵Andrew Arnott2010-06-0213-50/+201
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | consumption and signed from the auth server. Refresh tokens and verification codes are signed and encrypted using a private auth server symmetric secret.
* | | | | | | | Whitespace adjustments.Andrew Arnott2010-06-011-25/+14
| | | | | | | |
* | | | | | | | Added capability to use asymmetric signing for the access token so that ↵Andrew Arnott2010-06-019-17/+74
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | resource servers don't have the ability to mint access tokens. But resource servers can still mint verification codes and refresh tokens since they are signed using the shared secret, so that needs to be fixed.
* | | | | | | | Replaced channel dependency on DataBag class with just the secret and its ↵Andrew Arnott2010-06-018-49/+58
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | own message description collection.
* | | | | | | | Turned off token compression, since at least at this point it only makes the ↵Andrew Arnott2010-06-013-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | token GROW in size.
* | | | | | | | Access tokens now record their own lifetimes.Andrew Arnott2010-06-015-17/+26
| | | | | | | |
* | | | | | | | Refresh tokens are now optionally created instead of always (at the channel ↵Andrew Arnott2010-06-011-4/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | level, anyway).
* | | | | | | | Refresh and access tokens are actually issued now. Yay.Andrew Arnott2010-06-014-6/+60
| | | | | | | |
* | | | | | | | Fixed NullReferenceException.Andrew Arnott2010-06-011-1/+2
| | | | | | | |
* | | | | | | | Lots of refactoring as we gather the token handling into centralized code.Andrew Arnott2010-05-3114-72/+202
| | | | | | | |
* | | | | | | | Refactored the various tokens to share more code.Andrew Arnott2010-05-3110-19/+149
| | | | | | | |
* | | | | | | | Work toward a signed refresh token.Andrew Arnott2010-05-3111-127/+306
| | | | | | | |
* | | | | | | | Increase HTTP request timeouts when debugger is attached even for trusted ↵Andrew Arnott2010-05-311-0/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | requests.
* | | | | | | | The access token is now obtainable now. Woot.Andrew Arnott2010-05-315-0/+14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Now to make the access token worth something... :)
* | | | | | | | Updated text in README.Bin.html to better reflect VS2010 scenarios.Andrew Arnott2010-05-311-2/+1
| | | | | | | |
* | | | | | | | Added relaxSslRequirements configuration option.Andrew Arnott2010-05-313-0/+31
| | | | | | | |
* | | | | | | | Fixed some more bugs. We almost have the access token at the client.Andrew Arnott2010-05-3111-28/+124
| | | | | | | |
* | | | | | | | Fixed some bugs.Andrew Arnott2010-05-314-4/+4
| | | | | | | |
* | | | | | | | Added authorizing user to the verification code.Andrew Arnott2010-05-313-10/+20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The username is encrypted to avoid disclosing data to the client or a third party.
* | | | | | | | Added symmetric key encryption/decryption utility methods.Andrew Arnott2010-05-313-4/+111
| | | | | | | |
* | | | | | | | More work toward a working authorization server.Andrew Arnott2010-05-3129-247/+603
| | | | | | | |
* | | | | | | | Fixed StandardMessageFactory message ordering a bit more.Andrew Arnott2010-05-302-3/+20
| | | | | | | |
* | | | | | | | Fixed build break.Andrew Arnott2010-05-301-1/+8
| | | | | | | |
generated by cgit v1.1 at 2025-05-29 18:15:49 +0000