summaryrefslogtreecommitdiffstats
path: root/src/DotNetOpenAuth
Commit message (Collapse)AuthorAgeFilesLines
* Removes unified assembly, since it's fundamentally broken due to anonymous ↵Andrew Arnott2013-10-213-148/+0
| | | | type name collisions from the async methods that are now in the various assemblies.
* Fixes strong name signing of unified assembly.Andrew Arnott2013-10-211-2/+7
|
* Removes a few more references to the DNOA.AspNet projects.Andrew Arnott2013-06-161-4/+0
|
* Strong-name key is replaced with non-encrypted one.Andrew Arnott2013-06-151-3/+3
|
* Removed ClrVersion build property.Andrew Arnott2012-12-281-1/+1
|
* Removes all traces of MS Code Contracts.Andrew Arnott2012-12-262-27/+1
|
* Adjusted AssemblyInfo.cs to be unique for each assembly.Andrew Arnott2012-09-291-9/+1
| | | | This should fix nuget pdb package submission to symbolsource.org
* Fixed Win32 PE header of unified library.Andrew Arnott2012-06-103-6/+99
| | | | | | This fixes (unified) dotnetopenauth.dll so that its version, name and original filename attributes are correct instead of inheriting their values from Microsoft.Contracts.dll. Fixes #156
* Fixes embedded web resources in the unified assembly.Andrew Arnott2012-04-051-1/+11
| | | | | | The modified parameters passed to ILMerge causes the assembly WebResourceAttribute attributes to be included in the final assembly rather than omitted. Fixes #114
* Removed OAuth 2 from the unified DNOA assembly.Andrew Arnott2012-01-291-1/+1
|
* Fixed ILMerge build break in OpenIdOfflineProvider when building to CLR 4.Andrew Arnott2012-01-291-16/+0
|
* Fixed ILMerge after introduction of System.Xml.Linq dependency.Andrew Arnott2012-01-291-4/+16
|
* Removed unwanted binaries from samples directories in drop layout.Andrew Arnott2011-09-201-0/+2
|
* Fixed use of ILMerge so that it doesn't make all DNOA types internal.Andrew Arnott2011-09-201-7/+6
|
* Fixed build breaks after code contract reference assembly generation removal.Andrew Arnott2011-09-191-1/+3
|
* Fixed some build issues with drop.projAndrew Arnott2011-09-051-1/+2
| | | | Layouts can now be built.
* Fixed up signing and merging of the contracts assemblies.Andrew Arnott2011-09-021-5/+40
|
* Added a DotNetOpenAuth.proj that builds a unified assembly.Andrew Arnott2011-09-021-0/+43
|
* First pass at dividing DotNetOpenAuth features into separate assemblies.Andrew Arnott2011-07-01493-78618/+0
| | | | Nothing compiles at this point.
* Added a web browser control to facilitate OAuth 2 client authorization.Andrew Arnott2011-06-284-0/+378
|
* API simplification.Andrew Arnott2011-06-281-7/+22
|
* A bit of public API cleanup and code consolidation in ClientBase.Andrew Arnott2011-06-273-30/+51
|
* Added OAuth 2 class diagram.Andrew Arnott2011-06-272-0/+34
|
* Merge branch 'v3.4'Andrew Arnott2011-06-262-2/+29
|\ | | | | | | | | Conflicts: samples/OAuthClient/OAuthClient.csproj
| * Merge branch 'v3.4' into sample2leggedAndrew Arnott2011-06-0952-457/+993
| |\
| | * Made multipart POST parts allow changing of their ContentDisposition. This ↵Andrew Arnott2011-06-051-2/+2
| | | | | | | | | | | | is because file parts to Google are expected to be "form-data" instead of "file".
| * | Added 2-legged OAuth consumer sample.Andrew Arnott2011-04-051-0/+27
| | |
* | | OAuth 2 Authorization Server no longer accepts authorization code requests ↵Andrew Arnott2011-06-253-2/+16
| | | | | | | | | | | | from clients with empty secrets.
* | | Updated to "Bearer Tokens draft 6" spec.Andrew Arnott2011-06-252-5/+1
| | |
* | | Simplified AuthorizationServer by moving some code into binding elements.Andrew Arnott2011-06-253-25/+34
| | |
* | | Non-impactful code tidying.Andrew Arnott2011-06-241-5/+3
| | |
* | | Fixed StyleCop messages.Andrew Arnott2011-06-239-38/+40
| | |
* | | Merging in support for and sample of implicit grants.Andrew Arnott2011-06-2318-54/+321
|\ \ \
| * | | Split up the PrepareAccessToken method.Andrew Arnott2011-06-223-47/+46
| | | |
| * | | Removed a couple of parameters from auth code success authorization ↵Andrew Arnott2011-06-213-17/+27
| | | | | | | | | | | | | | | | responses that only belonged in access token responses.
| * | | Shrank the time interval within which an authorization code may be exchanged ↵Andrew Arnott2011-06-211-1/+2
| | | | | | | | | | | | | | | | for an access or refresh token.
| * | | Merge branch 'master' into ImplicitGrantsAndrew Arnott2011-06-211-1/+1
| |\ \ \
| * | | | We have an implicit grant javascript client that can obtain an access token.Andrew Arnott2011-06-209-10/+106
| | | | | | | | | | | | | | | | | | | | It doesn't know how to use it yet though.
| * | | | Access token lifetimes are now controlled by the IAuthorizationServer ↵Andrew Arnott2011-06-165-29/+65
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | instance supplied by the host. It is consistent whether the access token is obtained via implicit grant or from a refresh token.
| * | | | Implicit grants are now sort of working on the authorization server side.unknown2011-06-1512-33/+158
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Still to do: * Ensure no auto-authorize of access tokens based on previous authorizations for the unauthenticated client. * Provide the authorization server with a way to indicate access token lifetime, and to veto the request based on the requested scopes being too dangerous for the less secure implicit grant type.
| * | | | Fixed a comment error and a hard-coded string.unknown2011-06-151-1/+2
| | | | |
* | | | | Added OutgoingWebResponse.Respond method to replace its Send method, and ↵Andrew Arnott2011-06-239-31/+121
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | avoid the ThreadAbortException that is no longer the recommended approach. Fixes #40
* | | | | Fixed a comment error and a hard-coded string.Andrew Arnott2011-06-231-1/+2
| |/ / / |/| | |
* | | | Edited ↵Marcus2011-06-211-1/+1
|/ / / | | | | | | | | | src/DotNetOpenAuth/OAuth2/ChannelElements/OAuth2ResourceServerChannel.cs via GitHub
* | | Last touch-ups to get DNOA up to draft 16 compliance (at least for the ↵Andrew Arnott2011-06-123-1/+3
| | | | | | | | | | | | | | | | | | success cases). Incidentally, Facebook doesn't currently support draft 16, so fb interop is broken.
* | | Brought bearer access token up to the draft 16 spec.Andrew Arnott2011-06-117-109/+89
| | |
* | | Renamed ITokenCarryingRequest to IAuthorizationCarryingRequest.Andrew Arnott2011-06-1111-130/+39
| | |
* | | StyleCop fix.Andrew Arnott2011-06-111-1/+1
| | |
* | | Moved access token request scope parameter into a derived class so that it ↵Andrew Arnott2011-06-1110-98/+154
| | | | | | | | | | | | | | | | | | does not apply to the authorization code access token request. Deleted the assertion access token request message which is no longer in the base spec.
* | | More work toward draft 16 compliance.Andrew Arnott2011-06-1013-144/+88
| | |
* | | Added OAuth 2.0 messages class diagram.Andrew Arnott2011-06-072-0/+267
| | |
* | | Fixed unit tests so there are no failures.Andrew Arnott2011-05-283-3/+14
| | |
* | | FxCop fixes.Andrew Arnott2011-05-2859-402/+551
| | |
* | | StyleCop fixes.Andrew Arnott2011-05-2713-19/+19
| | |
* | | Optimized RP's return_to nonce to not require URI-escaping and to bucket all ↵Andrew Arnott2011-05-271-3/+8
| | | | | | | | | | | | nonces in the same bin.
* | | OAuth 2 client is more forgiving of incorrect Content-Type headers coming in ↵Andrew Arnott2011-05-272-1/+7
| | | | | | | | | | | | direct responses.
* | | Allowed for cycling of symmetric cryptographic keys by replacing the ↵Andrew Arnott2011-05-2718-110/+251
| | | | | | | | | | | | | | | | | | effectively constant byte[] secret with a new ICryptoKeyStore throughout the OAuth 2 and OpenID stacks. And StyleCop fixes.
* | | Added the necessary copyright notice on the Diffie-Hellman algorithm ↵Andrew Arnott2011-05-224-1/+34
| | | | | | | | | | | | implementation.
* | | Moved the private secret age setting to a more global location.Andrew Arnott2011-05-214-25/+25
| | |
* | | Moved ICryptoKeyStore and related types to the Messaging.Bindings namespace.Andrew Arnott2011-05-2111-11/+23
| | |
* | | Fixed association lifetime handling for encoded handles.Andrew Arnott2011-05-212-2/+2
| | |
* | | StyleCop fixes.Andrew Arnott2011-05-208-18/+102
| | |
* | | Consolidated the IProviderApplicationStore and IRelyingPartyApplicationStore ↵Andrew Arnott2011-05-2014-66/+42
| | | | | | | | | | | | interfaces since they were equivalent.
* | | Providers and Relying Parties both implement a unified pair of ↵Andrew Arnott2011-05-2012-62/+245
| | | | | | | | | | | | | | | | | | ICryptoKeyStore and INonceStore. OPs can configure to use encoded association handles or database-backed ones based on a simple web.config switch.
* | | Updated samples and project template custom stores to use ICryptoKeyStore ↵Andrew Arnott2011-05-152-1/+5
| | | | | | | | | | | | for RPs.
* | | OpenID RPs switched over to the ICryptoKeyStore backing store.Andrew Arnott2011-05-1313-417/+371
| | |
* | | Added wrapper that allows storing of associations in an ICryptoKeyStore.Andrew Arnott2011-05-123-1/+93
| | |
* | | Added ICryptoKeyStore to try to abstract away association stores as well as ↵Andrew Arnott2011-05-125-9/+448
| | | | | | | | | | | | other secrets that OpenID RPs, OPs, and OAuth must keep.
* | | Removed redundant code and increased key length for OAuth 2.0 authorization ↵Andrew Arnott2011-05-101-11/+1
| | | | | | | | | | | | server sample.
* | | Increased symmetric key length from 128 bits to 256 bits that protect ↵Andrew Arnott2011-05-101-1/+1
| | | | | | | | | | | | association secrets.
* | | Changed references to DistinguishingFactor to be ProviderEndpoint.Andrew Arnott2011-05-103-17/+17
| | |
* | | Brought custom association store sample for Providers up to date.Andrew Arnott2011-05-094-6/+21
| | |
* | | Added implementation guidance to the IProviderAssociationStore interface.Andrew Arnott2011-05-081-0/+9
| | |
* | | Created an IProviderAssociationStore interface so that encoding the ↵Andrew Arnott2011-05-0826-132/+262
| | | | | | | | | | | | association into the handle is just one option.
* | | StyleCop fixes and functional touch-ups.Andrew Arnott2011-05-0821-124/+273
| | |
* | | Added a binary DataBag serializer mechanism that cuts the association handle ↵Andrew Arnott2011-05-086-21/+153
| | | | | | | | | | | | size down from 300+ characters to 141 characters.
* | | Refactored UriStyleMessageFormatter into a class hierarchy that will make it ↵Andrew Arnott2011-05-084-256/+315
| | | | | | | | | | | | easy to serialize DataBag instances differently.
* | | OpenID Provider association stores replaced with self-describing association ↵Andrew Arnott2011-05-0729-426/+443
| | | | | | | | | | | | handles.
* | | Moved UriStyleMessageFormatter into Messaging namespace.Andrew Arnott2011-05-072-4/+4
| | |
* | | StyleCop fix.Andrew Arnott2011-05-071-17/+22
| | |
* | | Moved DataBag into the Messaging namespace to prepare for use by OpenID ↵Andrew Arnott2011-05-075-69/+151
| | | | | | | | | | | | associations.
* | | Merge branch 'v3.4' into oauth2Andrew Arnott2011-05-0648-414/+948
|\ \ \ | | |/ | |/| | | | | | | | | | | | | | | | | | | Conflicts: samples/OAuthServiceProvider/Code/Global.cs src/DotNetOpenAuth/Configuration/DotNetOpenAuth.xsd src/DotNetOpenAuth/DotNetOpenAuth.csproj src/DotNetOpenAuth/Messaging/Channel.cs src/version.txt
| * | Removed the explicit namespaces from all the SuppressMessageAttribute ↵Andrew Arnott2011-04-3021-89/+98
| | | | | | | | | | | | references.
| * | Suppressed a new FxCop message.Andrew Arnott2011-04-301-0/+1
| | |
| * | Makes the maximum URL length adjustable to accomodate browsers and firewalls.Andrew Arnott2011-04-303-9/+62
| | | | | | | | | | | | Closes #29
| * | FxCop fixes and suppressions.Andrew Arnott2011-04-2938-329/+528
| | | | | | | | | | | | The "CodeAnalysis" configuration now runs clean.
| * | Fixed StyleCop issues.Andrew Arnott2011-04-272-1/+2
| | |
| * | Removed the allowSubPath and allowAdditionalQueryParameters settings from ↵Andrew Arnott2011-04-235-73/+5
| | | | | | | | | | | | the trusted Providers configuration since we don't yet have an implementation to support it, nor users asking for it.
| * | Hooked up trusted provider check during OpenID identifier discovery and ↵Andrew Arnott2011-04-234-20/+46
| | | | | | | | | | | | positive assertion processing at the RP.
| * | Added TrustedProviders setting in OpenID security settings.Andrew Arnott2011-04-196-4/+254
| | | | | | | | | | | | It doesn't actually alter runtime behavior yet.
| * | Added ILMerge to toolset to remove it as an external dependency on a build ↵Andrew Arnott2011-04-151-0/+1
| | | | | | | | | | | | machine.
| * | Corrected copy-paste error.Andrew Arnott2011-04-151-1/+1
| | |
| * | Fixes OAuth 1.0 signatures on Service Providers for messages that omit the ↵Andrew Arnott2011-04-156-1/+63
| | | | | | | | | | | | | | | | | | optional oauth_version parameter. Closes #28
* | | Fixed up some error response codes to match draft 15.Andrew Arnott2011-04-111-26/+11
| | |
* | | Applied requirement that the authorization endpoint be HTTPS, per the spec.Andrew Arnott2011-04-083-18/+5
| | |
* | | Made the OAuth 2.0 callback validation more flexible to the host.Andrew Arnott2011-04-086-37/+68
| | |
* | | OAuth 2.0 callback URLs must be absolute URIs.Andrew Arnott2011-04-083-1/+24
| | |
* | | Removed all the AllowEmpty attribute parameters in OAuth 2.0 messages ↵Andrew Arnott2011-04-0814-33/+33
| | | | | | | | | | | | because the spec says empty parameters should be dropped and therefore are irrelevant.
* | | Forces OAuth 2.0 to consider empty parameters to be absent, per the spec ↵Andrew Arnott2011-04-082-0/+28
| | | | | | | | | | | | requirement.
* | | Fixed static field initialization.Andrew Arnott2011-04-072-26/+28
| | |
generated by cgit v1.1 at 2025-05-13 01:45:40 +0000