summaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
...
| | * | | | Merge branch 'v3.2' into v3.3Andrew Arnott2010-06-081-0/+1
| | |\ \ \ \ | | | |/ / /
| | | * | | Made UIRequest serializable, like all the other OpenID extension request ↵Andrew Arnott2010-06-081-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | messages.
| | * | | | Fixed typo in comments.Andrew Arnott2010-05-153-8/+8
| | | | | |
| * | | | | Oops... the last fix wasn't quite right.Andrew Arnott2010-06-081-4/+8
| | | | | |
| * | | | | The enter key no longer suppresses form submit on other forms on the page.Andrew Arnott2010-06-081-10/+10
| | | | | | | | | | | | | | | | | | | | | | | | Fixes Trac #200. Thanks for the bug report, Scott Hanselman.
| * | | | | OpenIdAjaxOptions now allows an MVC app to specify a form name instead of ↵Andrew Arnott2010-06-083-2/+19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | only a form index. Thanks Gísli K. Björnsson for the tip.
| * | | | | StyleCop fixes.Andrew Arnott2010-06-083-4/+3
| | | | | |
| * | | | | Merging in interoperability work for Blogger and other lesser OPs.Andrew Arnott2010-06-084-4/+35
| |\ \ \ \ \
| | * | | | | Put the strictness controls behind a switch so it doesn't require its own ↵Andrew Arnott2010-06-082-1/+26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | branch.
| | * | | | | Merged in v3.4.3.Andrew Arnott2010-04-1643-284/+1005
| | |\ \ \ \ \
| | * | | | | | Message parts with constant values are no longer strict about capitalization.Andrew Arnott2010-03-301-1/+1
| | | | | | | |
| | * | | | | | This allows RPs to allow poor OPs to include empty openid.invalidate_handle ↵Andrew Arnott2010-03-222-3/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | arguments. Blogger issues positive assertions to stateless RPs with empty openid.invalidate_handle parameters.
| * | | | | | | Logging now better represents the original (unprocessed) message.Andrew Arnott2010-05-281-1/+1
| | | | | | | |
| * | | | | | | Fix FxCop message.Andrew Arnott2010-05-281-0/+15
| | | | | | | |
| * | | | | | | Fix for outgoing check_auth messages so they don't modify positive assertion ↵Andrew Arnott2010-05-2811-34/+166
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | messages causing invalid signatures. Fixes Trac #198
| * | | | | | | Stabilized reference paths and removed HintPaths.Andrew Arnott2010-05-282-14/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This is work for targeting .NET 4.0.
* | | | | | | | Lots of StyleCop work, and one bug fix (can you find it? <g>)Andrew Arnott2010-06-0758-250/+1223
| | | | | | | |
* | | | | | | | Renamed WebApp facade classes to WebServer to match messages and flow name.Andrew Arnott2010-06-065-13/+13
| | | | | | | |
* | | | | | | | Renamed WebApp messages to WebServer to match OAuth 2.0 flow names.Andrew Arnott2010-06-0610-65/+65
| | | | | | | |
* | | | | | | | Renamed RichApp messages to Device messages to match OAuth 2.0 flow names.Andrew Arnott2010-06-066-27/+27
| | | | | | | |
* | | | | | | | Updated the Device flow so the messages match the latest spec.Andrew Arnott2010-06-0516-109/+75
| | | | | | | |
* | | | | | | | Updated the rest of the flows except for Device.Andrew Arnott2010-06-057-74/+41
| | | | | | | |
* | | | | | | | Updated Client Credentials and Username+Password flows for the latest spec.Andrew Arnott2010-06-053-17/+83
| | | | | | | |
* | | | | | | | Fixed handling of expired access tokens.Andrew Arnott2010-06-059-10/+32
| | | | | | | |
* | | | | | | | Renamed field to help avoid ambiguity later.Andrew Arnott2010-06-051-10/+10
| | | | | | | |
* | | | | | | | Reduced payload size of some tokens.Andrew Arnott2010-06-052-2/+2
| | | | | | | |
* | | | | | | | Improved security on the token type by including it in the signature.Andrew Arnott2010-06-051-13/+8
| | | | | | | |
* | | | | | | | User Agent flow client now works.Andrew Arnott2010-06-0516-57/+262
| | | | | | | |
* | | | | | | | JSON messages now work. :)Andrew Arnott2010-06-046-5/+177
| | | | | | | |
* | | | | | | | Auth server apps can now determine the lifetime of their own access tokens.Andrew Arnott2010-06-038-55/+52
| | | | | | | |
* | | | | | | | Refreshing access tokens now works.Andrew Arnott2010-06-036-21/+105
| | | | | | | |
* | | | | | | | OAuth 2.0 web flow now works, client, auth server, and resource server, in ↵Andrew Arnott2010-06-024-7/+10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | the sample! Yay.
* | | | | | | | Added missing escaping to OAuth 2.0 token.Andrew Arnott2010-06-021-1/+1
| | | | | | | |
* | | | | | | | Access tokens are now asymmetrically encrypted for resource server ↵Andrew Arnott2010-06-0212-49/+200
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | consumption and signed from the auth server. Refresh tokens and verification codes are signed and encrypted using a private auth server symmetric secret.
* | | | | | | | Whitespace adjustments.Andrew Arnott2010-06-011-25/+14
| | | | | | | |
* | | | | | | | Added capability to use asymmetric signing for the access token so that ↵Andrew Arnott2010-06-018-15/+64
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | resource servers don't have the ability to mint access tokens. But resource servers can still mint verification codes and refresh tokens since they are signed using the shared secret, so that needs to be fixed.
* | | | | | | | Replaced channel dependency on DataBag class with just the secret and its ↵Andrew Arnott2010-06-018-49/+58
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | own message description collection.
* | | | | | | | Turned off token compression, since at least at this point it only makes the ↵Andrew Arnott2010-06-013-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | token GROW in size.
* | | | | | | | Access tokens now record their own lifetimes.Andrew Arnott2010-06-015-17/+26
| | | | | | | |
* | | | | | | | Refresh tokens are now optionally created instead of always (at the channel ↵Andrew Arnott2010-06-011-4/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | level, anyway).
* | | | | | | | Refresh and access tokens are actually issued now. Yay.Andrew Arnott2010-06-014-6/+60
| | | | | | | |
* | | | | | | | Fixed NullReferenceException.Andrew Arnott2010-06-011-1/+2
| | | | | | | |
* | | | | | | | Lots of refactoring as we gather the token handling into centralized code.Andrew Arnott2010-05-3113-72/+196
| | | | | | | |
* | | | | | | | Refactored the various tokens to share more code.Andrew Arnott2010-05-3110-19/+149
| | | | | | | |
* | | | | | | | Work toward a signed refresh token.Andrew Arnott2010-05-3111-127/+306
| | | | | | | |
* | | | | | | | Increase HTTP request timeouts when debugger is attached even for trusted ↵Andrew Arnott2010-05-311-0/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | requests.
* | | | | | | | The access token is now obtainable now. Woot.Andrew Arnott2010-05-313-0/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Now to make the access token worth something... :)
* | | | | | | | Added relaxSslRequirements configuration option.Andrew Arnott2010-05-313-0/+31
| | | | | | | |
* | | | | | | | Fixed some more bugs. We almost have the access token at the client.Andrew Arnott2010-05-317-19/+53
| | | | | | | |
* | | | | | | | Fixed some bugs.Andrew Arnott2010-05-313-3/+3
| | | | | | | |
* | | | | | | | Added authorizing user to the verification code.Andrew Arnott2010-05-311-4/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The username is encrypted to avoid disclosing data to the client or a third party.
* | | | | | | | Added symmetric key encryption/decryption utility methods.Andrew Arnott2010-05-313-4/+111
| | | | | | | |
* | | | | | | | More work toward a working authorization server.Andrew Arnott2010-05-3120-57/+300
| | | | | | | |
* | | | | | | | Fixed StandardMessageFactory message ordering a bit more.Andrew Arnott2010-05-302-3/+20
| | | | | | | |
* | | | | | | | Fixed some build breaks.Andrew Arnott2010-05-305-26/+29
| | | | | | | |
* | | | | | | | Tons of work toward meaningfully creating and processing verification codes ↵Andrew Arnott2010-05-2918-22/+592
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | and preparing to issue access tokens.
* | | | | | | | Added starter for generating an access token in the web server flow.Andrew Arnott2010-05-291-15/+44
| | | | | | | |
* | | | | | | | Work toward an OAuth 2.0 Web Server flow auth server.Andrew Arnott2010-05-297-31/+89
| | | | | | | |
* | | | | | | | Moved authorization header creation and parsing into the MessagingUtilities ↵Andrew Arnott2010-05-295-90/+164
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | class to avoid redundant code.
* | | | | | | | Little code cleanup.Andrew Arnott2010-05-293-3/+3
| | | | | | | |
* | | | | | | | Refactored OAuth 2.0 channels to be separate for authorization servers and ↵Andrew Arnott2010-05-2913-81/+512
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | resource servers.
* | | | | | | | Merge branch 'v3.4' into oauthWRAPAndrew Arnott2010-05-174-7/+48
|\ \ \ \ \ \ \ \ | |/ / / / / / /
| * | | | | | | We no longer emit a warning when dropping null keys with null or empty values.Andrew Arnott2010-05-081-1/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes Trac #194
| * | | | | | | StyleCop fixes.Andrew Arnott2010-05-081-2/+1
| | | | | | | |
| * | | | | | | Fix for UIRequest.Icon deserialization exception due to nullable struct types.Andrew Arnott2010-05-083-6/+44
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes Trac #195
* | | | | | | | Work toward an auth server side of the web server flow in OAuth 2.0Andrew Arnott2010-05-177-1/+414
| | | | | | | |
* | | | | | | | Fixed build breaks in test project.Andrew Arnott2010-05-141-38/+2
| | | | | | | |
* | | | | | | | Fixed some bugs.Andrew Arnott2010-05-134-4/+5
| | | | | | | |
* | | | | | | | StyleCop fixes.Andrew Arnott2010-05-139-91/+106
| | | | | | | |
* | | | | | | | Facebook OAuth 2.0 client now works.Andrew Arnott2010-05-135-12/+56
| | | | | | | |
* | | | | | | | Getting closer to a WebServer client flow.Andrew Arnott2010-05-075-14/+90
| | | | | | | |
* | | | | | | | A bunch more work to bring the rest of the messages in rough compliance of ↵Andrew Arnott2010-05-0718-171/+260
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | the latest spec.
* | | | | | | | Fixed a few small bugs.Andrew Arnott2010-05-063-2/+3
| | | | | | | |
* | | | | | | | Merge branch 'v3.4' into oauthWRAPAndrew Arnott2010-05-0676-887/+2496
|\ \ \ \ \ \ \ \ | |/ / / / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: samples/OAuthConsumer/Web.config src/DotNetOpenAuth/DotNetOpenAuth.csproj src/DotNetOpenAuth/Messaging/MessagingStrings.Designer.cs src/DotNetOpenAuth/Messaging/MessagingStrings.resx src/version.txt
| * | | | | | | Merge branch 'v3.3' into v3.4Andrew Arnott2010-05-062-10/+10
| |\ \ \ \ \ \ \ | | | |_|/ / / / | | |/| | | | |
| | * | | | | | Merge branch 'v3.2' into v3.3Andrew Arnott2010-05-062-10/+10
| | |\ \ \ \ \ \ | | | | |_|/ / / | | | |/| | | |
| | | * | | | | Fixed another bug in AXFetchAsSregTransform that prevented OPs from being ↵Andrew Arnott2010-05-062-10/+10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | able to respond to AX-carrying auth requests.
| * | | | | | | Merge branch 'v3.3' into v3.4Andrew Arnott2010-05-052-8/+4
| |\ \ \ \ \ \ \ | | |/ / / / / /
| | * | | | | | Merge branch 'v3.2' into v3.3Andrew Arnott2010-05-052-8/+4
| | |\ \ \ \ \ \ | | | |/ / / / /
| | | * | | | | Fixed AXFetchAsSregTransform bug that threw an exception at the OP when an ↵Andrew Arnott2010-05-052-7/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | incoming extension contained just an AX extension. Fixes bug reported at http://stackoverflow.com/questions/2724512/dotnetopenauth-openid-provider-sequence-contains-more-than-one-element/2764800
| | | * | | | | Fixed OP bug in the AXFetchAsSregTransform that would cause an ↵Andrew Arnott2010-05-051-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | InvalidCastException on anonymous requests.
| * | | | | | | Merge branch 'v3.3' into v3.4Andrew Arnott2010-04-307-61/+52
| |\ \ \ \ \ \ \ | | |/ / / / / / | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: src/DotNetOpenAuth/OpenId/RelyingParty/AssociationManager.cs
| | * | | | | | Merge branch 'v3.2' into v3.3Andrew Arnott2010-04-307-61/+52
| | |\ \ \ \ \ \ | | | |/ / / / / | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: src/DotNetOpenAuth/OpenId/IAssociationStore.cs
| | | * | | | | Merge branch 'v3.1' into v3.2Andrew Arnott2010-04-307-61/+52
| | | |\ \ \ \ \ | | | | | |_|/ / | | | | |/| | |
| | | | * | | | Merge branch 'v3.0' into v3.1Andrew Arnott2010-04-307-61/+52
| | | | |\ \ \ \ | | | | | | |_|/ | | | | | |/| |
| | | | | * | | Moved the VerificationException catch lower in the stack so it catches more ↵Andrew Arnott2010-04-301-11/+13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | problems.
| | | | | * | | Corrected comments.Andrew Arnott2010-04-272-2/+5
| | | | | | | |
| | | | | * | | Removed the unused ClearExpiredAssociations method.Andrew Arnott2010-03-254-48/+34
| | | | | | | |
| * | | | | | | Converted the OAuth consumer and SP sample web site projects to web ↵Andrew Arnott2010-04-181-63/+21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | application projects.
| * | | | | | | Incremented to version v3.4.4.Andrew Arnott2010-04-131-1/+1
| | |_|_|_|_|/ | |/| | | | |
| * | | | | | Fixed an occasional unhandled exception.v3.4.3.10103Andrew Arnott2010-04-131-4/+9
| | | | | | |
| * | | | | | Added logging around certificate verification to try to find perf problem.Andrew Arnott2010-04-111-0/+3
| | | | | | |
| * | | | | | Marked Flatten as obsolete.Andrew Arnott2010-04-112-2/+5
| | | | | | |
| * | | | | | Fixed runtime exception caused by recent URI normalization work of the ↵Andrew Arnott2010-04-091-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Identifier class.
| * | | | | | Fixed build break that resulted from recent Code Contracts upgrade.Andrew Arnott2010-04-021-1/+1
| | | | | | |
| * | | | | | Fixed Google Hostmeta discovery module to dispose of open HTTP streams, and ↵Andrew Arnott2010-04-022-49/+57
| | | | | | | | | | | | | | | | | | | | | | | | | | | | to limit the length of their result.
| * | | | | | StyleCop and FxCop fixes.Andrew Arnott2010-04-0125-182/+296
| | | | | | |
| * | | | | | Fixed signature verification bugs where claimed_id's have trailing dots in ↵Andrew Arnott2010-03-3014-40/+599
| |\ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | path segments, or capital scheme or host names. Merge branch 'dotbug' into v3.4
| | * | | | | | Added more fragment tests.Andrew Arnott2010-03-301-1/+9
| | | | | | | |
| | * | | | | | Fixed equality checks for the problematic URIs, and added a regression test ↵Andrew Arnott2010-03-302-14/+53
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | for it. Also added reporting of full vs. partial trust hosting.
generated by cgit v1.1 at 2025-05-26 04:03:08 +0000