summaryrefslogtreecommitdiffstats
path: root/src/DotNetOpenAuth.Core
Commit message (Collapse)AuthorAgeFilesLines
* Work toward support JWT access tokens.origin/jwtAndrew Arnott2012-04-281-7/+39
|
* Moved some JSON serialization logic to MessagingUtilities and added a unit test.Andrew Arnott2012-04-284-18/+83
|
* The convenient compression/decompression API now offers both gzip and deflate.Andrew Arnott2012-04-281-6/+58
| | | | Towards #127: "support for JWT access tokens"
* Added a base64web encoder for byte[] typed message parts.Andrew Arnott2012-04-282-0/+38
|
* Authorization Server hosts now instantiate their own AccessTokens rather ↵Andrew Arnott2012-04-254-19/+13
| | | | | | | than just parameters. AccessTokens are now serialized via a virtual method on that instance. Fixes #38, I think.
* Fixed Stylecop messages.Andrew Arnott2012-04-221-0/+1
|
* Fixes access denial errors from OAuth 2 resource servers so they include the ↵Andrew Arnott2012-04-224-17/+49
| | | | | | required parameters in their WWW-Authenticate headers. Fixes #124
* Replaces ResourceServer.VerifyAccess with a better pattern for error handling.Andrew Arnott2012-04-213-4/+83
| | | | Fixes #122
* Merge branch 'v4.0'Andrew Arnott2012-04-213-1/+5
|\
| * Removed unimplemented Exception.GetObjectData override methods.Andrew Arnott2012-04-212-0/+4
| | | | | | | | | | | | They weren't implemented anyway, and seem to be causing trouble with certain CLR 4 hosters (like Rackspace). Fixes #121
| * Fix for VerificationException that occurs on some machines.Andrew Arnott2012-04-101-1/+1
| | | | | | | | Fixes #112
* | Fixed HTTP Basic authentication for OAuth 2 clients so that it actually ↵Andrew Arnott2012-04-193-0/+20
| | | | | | | | works in the sample.
* | Fixed up the configuration story for OAuth 2.Andrew Arnott2012-04-181-4/+24
| |
* | StyleCop cleanup, and reversal of some code changes that were no longer ↵Andrew Arnott2012-04-182-0/+25
| | | | | | | | necessary.
* | We have HTTP Basic client authentication working now in OAuth 2.Andrew Arnott2012-04-188-10/+167
| |
* | Added a bit more logging.Andrew Arnott2012-04-161-0/+1
| |
* | Added logging for why crypto keys are created.Andrew Arnott2012-04-161-0/+6
| |
* | Merge branch 'v4.0'Andrew Arnott2012-04-053-35/+97
|\ \ | |/ | | | | | | | | | | Conflicts: src/DotNetOpenAuth.OAuth2.Client/DotNetOpenAuth.OAuth2.Client.csproj src/DotNetOpenAuth.OAuth2.ResourceServer/DotNetOpenAuth.OAuth2.ResourceServer.csproj src/DotNetOpenAuth.OAuth2.ResourceServer/OAuth2/ResourceServer.cs
| * Fixes InvalidCastExceptions for Identifier and Realm conversionsAndrew Arnott2012-04-053-35/+97
| | | | | | | | | | | | | | | | that can result from receiving a message before the static constructors for those types have executed. This corrects the regression introduced in v4.0.0. Fixes #109
* | Moved code to calculate a web root into DNOA.Core.Andrew Arnott2012-04-021-0/+13
| |
* | AccessToken is now a public class.Andrew Arnott2012-04-011-1/+1
| | | | | | | | | | | | | | | | | | | | | | Resource Servers can now handle access tokens that are issued for a client's data (not a 3rd party resource owner's). Client Identifiers are no longer included in access tokens for unauthenticated clients. More work needed on IAccessTokenAnalyzer and the access token formatter. We need to generalize the serialization itself so folks can use JWT, etc. We also still need access token to have a host-defined map of claims. Fixes #104 Fixes #102
* | Allows the authorization server to store merely the hashes of client secrets.Andrew Arnott2012-04-011-37/+37
| | | | | | | | Fixes #92
* | Added binding element comments.Andrew Arnott2012-03-302-2/+8
| |
* | Merge branch 'master' into oauth2refactorAndrew Arnott2012-03-241-0/+1
|\ \ | |/ | | | | | | Conflicts: src/DotNetOpenAuth.sln
| * Fix for NullReferenceException in the OAuth 1.0 demo due to HttpRequestInfo ↵Andrew Arnott2012-03-221-0/+1
| | | | | | | | | | | | not initializing one of its fields. Fixes #97
* | Redistributed OAuth2 code into their more specific assemblies.Andrew Arnott2012-03-162-0/+4
|/
* Fixed StyleCop warnings.Andrew Arnott2012-03-141-1/+4
|
* Access token endpoint now can respond with appropriate errors.Andrew Arnott2012-03-141-1/+1
|
* Fixed error message generated in exception thrown for bad access token requests.Andrew Arnott2012-03-142-8/+19
|
* Fixed StyleCop settings files by removing the deprecated "Microsoft." prefixes.Andrew Arnott2012-03-111-3/+3
|
* FxCop fixes and suppressions.Andrew Arnott2012-03-101-16/+17
|
* Applied all the StyleCop fixes necessary by the StyleCop 4.7 upgrade.Andrew Arnott2012-03-1014-55/+58
|
* OAuth 2 clients now use the state parameter to mitigate XSRF attacks.Andrew Arnott2012-03-081-0/+9
| | | | Fixes #84
* Fixed StyleCop messages.Andrew Arnott2012-03-054-12/+120
|
* HttpRequestInfo ctors are now internal, and publicly we have staticAndrew Arnott2012-03-051-4/+20
| | | | factory methods that return HttpRequestBase instances.
* Replaced API requirements for HttpRequestInfo with HttpRequestBase (new in ↵Andrew Arnott2012-03-057-389/+220
| | | | | | .NET 3.5 SP1). This makes us more friendly to MVC as well as mock-based unit testing.
* Fixed some bad or missing URL escaping.Andrew Arnott2012-03-011-1/+1
|
* Merge branch 'master' into webpagesAndrew Arnott2012-03-01102-300/+312
|\ | | | | | | | | Conflicts: src/DotNetOpenAuth.sln
| * Removed requirement for callback parameter, per the spec.Andrew Arnott2012-02-191-4/+10
| |
| * Fixed up the various protocol channels to correctly apply HTTP headers ↵Andrew Arnott2012-02-191-0/+16
| | | | | | | | prescribed by the messages.
| * Brings back HTTP Authorization header whitespace trimming.Andrew Arnott2012-02-151-1/+1
| | | | | | | | | | | | Fixes issue where DNOA 4.0 regressed from v3.4 in not trimming spaces around HTTP Authorization header tokens. Thanks to Guilherme Reis for reporting the bug.
| * Fixed FxCop messages in DNOA.Core #68Andrew Arnott2012-02-0914-98/+78
| |
| * Removed log4net reference from all bug DNOA.Core assembly.Andrew Arnott2012-02-081-0/+5
| |
| * Added DotNetOpenAuth.OAuth.Common to contain dependencies shared between ↵Andrew Arnott2012-02-081-0/+2
| | | | | | | | | | | | OAuth 1 and OAuth 2. Related to and closes #71
| * Removed OAuth1's dependency on OpenID assemblies.Andrew Arnott2012-02-081-0/+2
| | | | | | | | Related to #71
| * Updated all copyright notices to reflect copyright assignment to Outercurve.Andrew Arnott2012-02-0597-195/+195
| | | | | | | | Fixes #66
| * Fixed build break.Andrew Arnott2012-01-291-1/+1
| |
| * Merge branch 'v3.4'Andrew Arnott2012-01-291-2/+3
| | | | | | | | | | | | | | | | | | Conflicts: nuget/nuget.proj samples/OpenIdOfflineProvider/OpenIdOfflineProvider.csproj src/DotNetOpenAuth/DotNetOpenAuth.csproj src/DotNetOpenAuth/Messaging/Reflection/MessageDescription.cs tools/DotNetOpenAuth.props
* | Fixed name of DNOA.Web.Test project.Andrew Arnott2012-03-011-2/+2
| |
* | Fixed ReadOnlyDictionary.cs location.Andrew Arnott2012-03-011-0/+224
| |
* | Make changes per discussion. Remove the DNOA.WebPages project. Rename ↵Microsoft2012-03-013-5/+32
| | | | | | | | DNOA.Web to DNOA.AspNet.
* | Add DotNetOpenAuth.Web and DotNetOpenAut.WebPages projects. Add commands to ↵Microsoft2012-03-011-0/+1
|/ | | | build nuget packages for DNOA.
* OpenID messages that are missing signed parameters now throws ↵Andrew Arnott2012-01-293-2/+34
| | | | | | ProtocolException instead of KeyNotFoundException. Fixes #45
* Added Moq's internal proxy generator to InternalsVisibleTo so that mocks can ↵Andrew Arnott2012-01-291-0/+2
| | | | be created on internal types.
* Fixed more DotNetOpenAuth.Messaging -> DNOA.Core rename issues.Andrew Arnott2012-01-291-1/+1
|
* Added more support for HttpContextBase, HttpResponseBase, etc.Andrew Arnott2012-01-292-3/+47
|
* Renamed assembly DotNetOpenAuth.Messaging(.UI) to DotNetOpenAuth.Core(.UI)Andrew Arnott2012-01-12118-0/+20412