summaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
...
| * Fixes Twitter auth to not force re-login the user.Andrew Arnott2012-11-101-1/+1
| | | | | | | | Fixes #231
| * Fixes AsHttpResposneMessage() exception when response has no stream.Andrew Arnott2012-11-022-3/+15
| | | | | | | | Fixes #226
| * Incremented version.Andrew Arnott2012-10-291-2/+2
| |
| * Incremented version.Andrew Arnott2012-10-161-2/+2
| |
* | Adds a LinkedIn interop test.Andrew Arnott2012-11-221-0/+23
| | | | | | | | Part of investigation of issue #232
* | Adds log message when XrdsPublisher transfers to another page.Andrew Arnott2012-11-131-0/+1
| | | | | | | | Fixes #180
* | Adds ClientBase.AuthorizeRequest overloads that accept WebHeaderCollection.Andrew Arnott2012-11-112-3/+42
| | | | | | | | Fixes #119
* | Authorization servers can override the granted scopes for all grant types.Andrew Arnott2012-10-309-39/+177
| | | | | | | | | | | | This change adds the ability for authorization servers to override the granted scopes of client credential and resource owner password grant types. Fixes #225
* | Fixes build break due to StyleCop message.Andrew Arnott2012-10-291-1/+0
| |
* | Merge remote-tracking branch 'aarnott/master'Andrew Arnott2012-10-2916-31/+118
|\ \
| * | Fixed AccessTokenResult API to be clearerAndrew Arnott2012-07-227-7/+48
| | | | | | | | | | | | | | | | | | The AccessTokenResult constructor accepts an AccessToken, when it should only accept an AuthorizationServerAccessToken so it's clear what an auth server host must create so that it's serializable. This fixes that.
| * | Adds AuthorizationServer.DecodeRefreshTokenAndrew Arnott2012-07-209-24/+70
| | | | | | | | | | | | | | | | | | And a unit test. Fixes #182
* | | Promotes MessagingUtilities.GetPublicFacingUrl to public method.Andrew Arnott2012-10-291-57/+57
| | | | | | | | | | | | Fixes #198
* | | Merge branch 'v4.1'Andrew Arnott2012-10-1465-353/+764
|\ \ \ | | |/ | |/|
| * | Fixes TraceSwitch tracing to filter based on configuration.Andrew Arnott2012-10-101-30/+90
| | | | | | | | | | | | Fixes #214
| * | Added OutgoingWebResponse.AsHttpResponseMessage extension method.Andrew Arnott2012-10-092-1/+54
| | |
| * | Merge branch 'v4.0' into v4.1Andrew Arnott2012-10-071-4/+13
| |\ \
| | * | Whitespace fixes.Andrew Arnott2012-10-021-2/+2
| | | |
| | * | Fix some unit tests failing.Microsoft2012-10-021-4/+13
| | | |
| | * | Adjusted AssemblyInfo.cs to be unique for each assembly.Andrew Arnott2012-09-2929-246/+84
| | | | | | | | | | | | | | | | This should fix nuget pdb package submission to symbolsource.org
| * | | Incremented version.Andrew Arnott2012-09-291-2/+2
| | | |
| * | | Adjusted AssemblyInfo.cs to be unique for each assembly.Andrew Arnott2012-09-2929-255/+27
| | | | | | | | | | | | | | | | This should fix nuget pdb package submission to symbolsource.org
| * | | Merge branch 'v4.0' into v4.1Andrew Arnott2012-09-291-12/+3
| |\ \ \ | | |/ /
| | * | Fixes NullReferenceException in AspNet.OpenAuthSecurityManager.Andrew Arnott2012-09-291-12/+3
| | | | | | | | | | | | | | | | | | | | This was reported at: http://stackoverflow.com/questions/12235395/openauth-requestauthentication-throws-null-ref-in-vs2012-web-forms-template/12240150#12240150 It is due to fields being left uninitialized by the constructors yet assumed to be non-null by all or some public methods.
| * | | Added missing xml doc comment line.Andrew Arnott2012-09-291-0/+1
| | | |
| * | | Merge branch 'v4.0' into v4.1Andrew Arnott2012-09-297-9/+39
| |\ \ \ | | |/ /
| | * | Mitigates the XML DTD DoS attack from expanding entities.Andrew Arnott2012-09-296-9/+37
| | | | | | | | | | | | | | | | Fixes #209
| | * | Fix for unhandled exception in some partial trust environments (mono?).Andrew Arnott2012-09-201-0/+4
| | | |
| | * | Incremented version.Andrew Arnott2012-06-301-2/+2
| | | |
| | * | Updated version to v4.0.4Andrew Arnott2012-06-271-2/+2
| | | |
| * | | Added NuGet package dependency and fixed build breaks in samples.Andrew Arnott2012-09-271-0/+11
| | | |
| * | | Adds overloads of ResourceServer for HttpRequestMessage.Andrew Arnott2012-09-272-5/+90
| | | | | | | | | | | | | | | | | | | | | | | | | | | | The GetPrincipal and GetAccessToken now better support resource servers that are written in ASP.NET WebAPI. Fixes #206
| * | | Adds ClientBase.CreateAuthorizingHandlerAndrew Arnott2012-09-266-0/+213
| | | | | | | | | | | | | | | | | | | | | | | | This method creates an HttpMessageHandler that automatically applies the OAuth 2 access token (bearer) to all outbound HTTP requests. Fixes #205
| * | | Merge branch 'SlowGoogleServerWorkaround' into v4.1Andrew Arnott2012-09-175-17/+128
| |\ \ \
| | * | | Added ability to cache Google certificates.Andrew Arnott2011-02-095-16/+126
| | | | | | | | | | | | | | | | | | | | Something of a workaround for slow certificate handling on some servers.
| * | | | Fix error message.Andrew Arnott2012-08-231-1/+1
| | | | |
| * | | | Fixes a bug in posting to HTML forms in Firefox with the InfoCard selector.Andrew Arnott2012-08-231-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | If the idselector control on a page with an other control that raises a postback, then the selector is opening when using firefox with "openinfocard identity selector" addon. To fix this problem, you have to move the object tag with the identity object outside the form tag in the page. Thanks to Philipp Jenni <philipp.jenni@gmx.ch> who contributed this fix.
| * | | | Fixed a couple build warnings.Andrew Arnott2012-07-222-2/+2
| | | | |
| * | | | Fix NetworkCredentialApplicator verify checkAndrew Arnott2012-07-221-2/+6
| | | | | | | | | | | | | | | | | | | | Fixes #183
| * | | | Fixed build break for .NET 3.5 targeting.Andrew Arnott2012-07-191-0/+2
| | | | |
| * | | | More StyleCop fixesAndrew Arnott2012-07-181-7/+9
| | | | |
| * | | | Fixed StyleCop issueAndrew Arnott2012-07-181-1/+1
| | | | |
| * | | | Replaces explicit crypto algorithm use with factories.Andrew Arnott2012-07-189-14/+80
| | | | | | | | | | | | | | | | | | | | Fixes #47 which requires that FIPS compliance be an option.
| * | | | Fixed ClientAuthorization .nuspec file to include the missing source file ↵Andrew Arnott2012-06-301-2/+3
| | | | | | | | | | | | | | | | | | | | from the symbols .nupkg
| * | | | Incrementing version number.Andrew Arnott2012-06-301-2/+2
| | | | |
| * | | | Branched off v4.1 stabilization branch.Andrew Arnott2012-06-301-1/+1
| | | | |
* | | | | Style fix.Andrew Arnott2012-10-021-3/+3
| | | | |
* | | | | Update src/DotNetOpenAuth.AspNet/Clients/OAuth2/FacebookClient.csJason Kulatunga2012-09-271-1/+4
| | | | | | | | | | | | | | | Retrive the facebook user's email as well as the rest of their default user data. 
* | | | | Fixing one more place it was missed, also changing to OPTIONSMatt Hawley2012-08-104-12/+14
| | | | |
* | | | | Adding PATCH and OPTION http verbsMatt Hawley2012-08-103-6/+30
| |_|_|/ |/| | |
* | | | Updated version.txtAndrew Arnott2012-06-301-2/+2
|/ / /
* | | Merge branch 'v4.0'Andrew Arnott2012-06-202-3/+21
|\ \ \ | | |/ | |/|
| * | Merge remote-tracking branch 'origin/v4.0' into v4.0Andrew Arnott2012-06-204-7/+100
| |\ \
| * | | Logging banner now includes the precise build version.Andrew Arnott2012-06-202-17/+21
| | | | | | | | | | | | | | | | Fixes #161
| * | | DNOA user agent string now includes the build number again.Andrew Arnott2012-06-201-1/+15
| | | | | | | | | | | | | | | | Fixes #160.
* | | | Fixed PAPE comment.Andrew Arnott2012-06-121-1/+1
| | | |
* | | | Merge branch 'v4.0'Andrew Arnott2012-06-1011-27/+196
|\ \ \ \ | | |/ / | |/| | | | | | | | | | Conflicts: projecttemplates/projecttemplates.proj
| * | | Updated .gitignore file.Andrew Arnott2012-06-101-1/+1
| | | |
| * | | Fixed Win32 PE header of unified library.Andrew Arnott2012-06-103-6/+99
| |/ / | | | | | | | | | | | | | | | This fixes (unified) dotnetopenauth.dll so that its version, name and original filename attributes are correct instead of inheriting their values from Microsoft.Contracts.dll. Fixes #156
| * | Code review cleanup for DotNetOpenAuth.AspNet:Microsoft2012-05-317-20/+96
| | | | | | | | | | | | | | | | | | | | | - Clients should use HTTPS instead of HTTP whenever possible. - MachineKeyUtil reliability tweaks. - Improved anti-XSRF protection when running under subdomains. - Other miscellaneous minor cleanup.
* | | Fixed xml doc commentAndrew Arnott2012-06-061-3/+3
| | |
* | | Merge remote-tracking branch 'origin/v4.0'Andrew Arnott2012-05-2917-212/+834
|\ \ \ | |/ /
| * | Fix TypeLoadException for log4net under monoAndrew Arnott2012-05-291-0/+2
| | | | | | | | | | | | Fixes #151
| * | Fix bug in OAuth2 clients which is caused by the Xsrf fix earlier.Microsoft2012-05-151-11/+13
| | |
| * | Set xsrf cookie to HttpOnly. Verify that value passed into query string is a ↵Microsoft2012-05-151-5/+11
| | | | | | | | | | | | valid guid.
| * | Make changes to fix Style cop issues.Microsoft2012-05-141-2/+10
| | |
| * | Add protection against XSRF attacks.Microsoft2012-05-141-2/+53
| | |
| * | Make change so that the VerifyAuthentication overload with no returnUrl ↵Microsoft2012-05-141-29/+18
| | | | | | | | | | | | parameter will use the current request as the return url.
| * | Update a resource string for error message. Move the DefaultNamespace ↵Microsoft2012-05-113-4/+6
| | | | | | | | | | | | element below the Import statement to override the value from imported targets.
| * | Make the MachineKeyUtil class internal.Microsoft2012-05-082-1/+5
| | |
| * | Add the WindowsLiveClient class back and make it inherit from ↵Microsoft2012-05-073-4/+43
| | | | | | | | | | | | MicrosoftClient. Also marks it as obsolete.
| * | Rename WindowsLive to Microsoft account.Microsoft2012-05-043-10/+10
| | |
| * | Use cookie to store OAuth token and set it as default mechanism. Fix an ↵Microsoft2012-05-0313-42/+557
| | | | | | | | | | | | issue in Facebook account with encoded return url. Update Twitter urls. Catch exception in VerifyAuthentication and return as Failed.
| * | Append the provider value to the return url in VerifyAuthenticationMicrosoft2012-05-011-0/+4
| | |
* | | Fixed build warnings due to XML commentsAndrew Arnott2012-05-291-2/+2
| | |
* | | Fixed failing ClientCredentialGrant unit testAndrew Arnott2012-05-291-0/+3
| | |
* | | Special handling for client credential grant typeAndrew Arnott2012-05-292-4/+59
| | | | | | | | | | | | | | | | | | | | | | | | Access token requests that carry client credential grants are now specially handled and signal to the authorization server that an authorization record should be created. More work toward #138
* | | Resource owner password grant method renameAndrew Arnott2012-05-293-41/+45
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Renamed IAuthorizationServerHost.IsResourceOwnerCredentialValid to TryAuthorizeResourceOwnerCredentialGrant so that authorization servers are prepared to approve refresh tokens that may be issued as a result of a resource owner password grant. This also removes some of the "validation" that wasn't really doing anything useful for resource owner password grant types. Toward an eventual fix for #138
* | | Added class diagram.Andrew Arnott2012-05-282-0/+52
| | |
* | | Merge branch 'v4.0'Andrew Arnott2012-05-0111-26/+255
|\ \ \ | |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: nuget/DotNetOpenAuth.AspNet.nuspec nuget/DotNetOpenAuth.Core.UI.nuspec nuget/DotNetOpenAuth.Core.nuspec nuget/DotNetOpenAuth.InfoCard.UI.nuspec nuget/DotNetOpenAuth.InfoCard.nuspec nuget/DotNetOpenAuth.OAuth.Common.nuspec nuget/DotNetOpenAuth.OAuth.Consumer.nuspec nuget/DotNetOpenAuth.OAuth.ServiceProvider.nuspec nuget/DotNetOpenAuth.OAuth.nuspec nuget/DotNetOpenAuth.OAuth2.AuthorizationServer.nuspec nuget/DotNetOpenAuth.OAuth2.Client.UI.nuspec nuget/DotNetOpenAuth.OAuth2.Client.nuspec nuget/DotNetOpenAuth.OAuth2.ResourceServer.nuspec nuget/DotNetOpenAuth.OAuth2.nuspec nuget/DotNetOpenAuth.OpenId.Provider.UI.nuspec nuget/DotNetOpenAuth.OpenId.Provider.nuspec nuget/DotNetOpenAuth.OpenId.RelyingParty.UI.nuspec nuget/DotNetOpenAuth.OpenId.RelyingParty.nuspec nuget/DotNetOpenAuth.OpenId.UI.nuspec nuget/DotNetOpenAuth.OpenId.nuspec nuget/DotNetOpenAuth.OpenIdInfoCard.UI.nuspec nuget/DotNetOpenAuth.OpenIdOAuth.nuspec nuget/nuget.proj src/version.txt
| * | Configure OpenId clients to use dumb mode. Add an overload of ↵Microsoft2012-04-302-6/+49
| | | | | | | | | | | | VerifyAuthentication to OpenAuthSecurityManager to accept a return url.
| * | Incremented version to 4.0.3.Andrew Arnott2012-04-281-2/+2
| | |
| * | Make changes to OAuth and OpenID to allow web-farm scenario.Microsoft2012-04-277-7/+184
| | |
| * | Fixes thread-safety in MessageDescriptionCollection class.Andrew Arnott2012-04-271-5/+17
| | | | | | | | | | | | Fixes #130
| * | Fixes OpenIdRelyingParty so it truly operates in stateless mode when null is ↵Andrew Arnott2012-04-271-8/+5
| | | | | | | | | | | | | | | | | | passed into the constructor. Fixes #129
* | | Moved some JSON serialization logic to MessagingUtilities and added a unit test.Andrew Arnott2012-04-287-18/+124
| | |
* | | The convenient compression/decompression API now offers both gzip and deflate.Andrew Arnott2012-04-281-6/+58
| | | | | | | | | | | | Towards #127: "support for JWT access tokens"
* | | Added a base64web encoder for byte[] typed message parts.Andrew Arnott2012-04-282-0/+38
| | |
* | | Authorization Server hosts now instantiate their own AccessTokens rather ↵Andrew Arnott2012-04-2519-218/+201
| | | | | | | | | | | | | | | | | | | | | than just parameters. AccessTokens are now serialized via a virtual method on that instance. Fixes #38, I think.
* | | Moved IAuthorizationServerHost interface into the auth server project.Andrew Arnott2012-04-243-1/+1
| | |
* | | Fixed C# warnings.Andrew Arnott2012-04-231-3/+3
| | |
* | | Fixed build breaks when targeting .NET 3.5.Andrew Arnott2012-04-234-7/+7
| | |
* | | Anonymous clients can now exchange resource owner credentials for refresh ↵Andrew Arnott2012-04-225-24/+44
| | | | | | | | | | | | | | | | | | | | | | | | and access tokens. (authenticated clients already could). Fixes #100
* | | Removed old FxCop suppression attributes.Andrew Arnott2012-04-222-5/+0
| | |
* | | Fixed Stylecop messages.Andrew Arnott2012-04-221-0/+1
| | |
* | | Fixes access denial errors from OAuth 2 resource servers so they include the ↵Andrew Arnott2012-04-2224-136/+435
| | | | | | | | | | | | | | | | | | required parameters in their WWW-Authenticate headers. Fixes #124
* | | Replaces ResourceServer.VerifyAccess with a better pattern for error handling.Andrew Arnott2012-04-214-53/+124
| | | | | | | | | | | | Fixes #122
* | | Merge branch 'v4.0'Andrew Arnott2012-04-213-1/+5
|\ \ \ | |/ /
| * | Removed unimplemented Exception.GetObjectData override methods.Andrew Arnott2012-04-212-0/+4
| | | | | | | | | | | | | | | | | | They weren't implemented anyway, and seem to be causing trouble with certain CLR 4 hosters (like Rackspace). Fixes #121
| * | Fix for VerificationException that occurs on some machines.Andrew Arnott2012-04-101-1/+1
| | | | | | | | | | | | Fixes #112
generated by cgit v1.1 at 2025-06-06 01:06:14 +0000