//----------------------------------------------------------------------- // // Copyright (c) Outercurve Foundation. All rights reserved. // //----------------------------------------------------------------------- namespace DotNetOpenAuth.OpenId.Provider { using System; using System.Collections.Generic; using System.Diagnostics.Contracts; using System.Linq; using System.Text; using DotNetOpenAuth.Messaging; ///

/// Provides association serialization and deserialization. ///

/// /// Implementations may choose to store the association details in memory or a database table and simply return a /// short, randomly generated string that is the key to that data. Alternatively, an implementation may /// sign and encrypt the association details and then encode the results as a base64 string and return that value /// as the association handle, thereby avoiding any association persistence at the OpenID Provider. /// When taking the latter approach however, it is of course imperative that the association be encrypted /// to avoid disclosing the secret to anyone who sees the association handle, which itself isn't considered to /// be confidential. /// [ContractClass(typeof(IProviderAssociationStoreContract))] internal interface IProviderAssociationStore { ///

/// Stores an association and returns a handle for it. ///

/// The association secret. /// The UTC time that the association should expire. /// A value indicating whether this is a private association. /// /// The association handle that represents this association. /// string Serialize(byte[] secret, DateTime expiresUtc, bool privateAssociation); ///

/// Retrieves an association given an association handle. ///

/// The OpenID message that referenced this association handle. /// A value indicating whether a private association is expected. /// The association handle. /// /// An association instance, or null if the association has expired or the signature is incorrect (which may be because the OP's symmetric key has changed). /// /// Thrown if the association is not of the expected type. Association Deserialize(IProtocolMessage containingMessage, bool privateAssociation, string handle); } ///

/// Code contract for the interface. ///

[ContractClassFor(typeof(IProviderAssociationStore))] internal abstract class IProviderAssociationStoreContract : IProviderAssociationStore { ///

/// Stores an association and returns a handle for it. ///

/// The association secret. /// The expires UTC. /// A value indicating whether this is a private association. /// /// The association handle that represents this association. /// string IProviderAssociationStore.Serialize(byte[] secret, DateTime expiresUtc, bool privateAssociation) { Requires.NotNull(secret, "secret"); Requires.True(expiresUtc.Kind == DateTimeKind.Utc, "expiresUtc"); Contract.Ensures(!string.IsNullOrEmpty(Contract.Result())); throw new NotImplementedException(); } ///

/// Retrieves an association given an association handle. ///

/// The OpenID message that referenced this association handle. /// A value indicating whether a private association is expected. /// The association handle. /// /// An association instance, or null if the association has expired or the signature is incorrect (which may be because the OP's symmetric key has changed). /// /// Thrown if the association is not of the expected type. Association IProviderAssociationStore.Deserialize(IProtocolMessage containingMessage, bool privateAssociation, string handle) { Requires.NotNull(containingMessage, "containingMessage"); Requires.NotNullOrEmpty(handle, "handle"); throw new NotImplementedException(); } } }