//-----------------------------------------------------------------------
//
// Copyright (c) Outercurve Foundation. All rights reserved.
//
//-----------------------------------------------------------------------
namespace DotNetOpenAuth.OpenId.Provider {
using System;
using System.Collections.Generic;
using System.Diagnostics.Contracts;
using System.Text;
using DotNetOpenAuth.Messaging;
///
/// Instances of this interface represent incoming authentication requests.
/// This interface provides the details of the request and allows setting
/// the response.
///
[ContractClass(typeof(IAuthenticationRequestContract))]
public interface IAuthenticationRequest : IHostProcessedRequest {
///
/// Gets a value indicating whether the Provider should help the user
/// select a Claimed Identifier to send back to the relying party.
///
bool IsDirectedIdentity { get; }
///
/// Gets a value indicating whether the requesting Relying Party is using a delegated URL.
///
///
/// When delegated identifiers are used, the should not
/// be changed at the Provider during authentication.
/// Delegation is only detectable on requests originating from OpenID 2.0 relying parties.
/// A relying party implementing only OpenID 1.x may use delegation and this property will
/// return false anyway.
///
bool IsDelegatedIdentifier { get; }
///
/// Gets or sets the Local Identifier to this OpenID Provider of the user attempting
/// to authenticate. Check to see if
/// this value is valid.
///
///
/// This may or may not be the same as the Claimed Identifier that the user agent
/// originally supplied to the relying party. The Claimed Identifier
/// endpoint may be delegating authentication to this provider using
/// this provider's local id, which is what this property contains.
/// Use this identifier when looking up this user in the provider's user account
/// list.
///
Identifier LocalIdentifier { get; set; }
///
/// Gets or sets the identifier that the user agent is claiming at the relying party site.
/// Check to see if this value is valid.
///
///
/// This property can only be set if is
/// false, to prevent breaking URL delegation.
/// This will not be the same as this provider's local identifier for the user
/// if the user has set up his/her own identity page that points to this
/// provider for authentication.
/// The provider may use this identifier for displaying to the user when
/// asking for the user's permission to authenticate to the relying party.
///
/// Thrown from the setter
/// if is true.
Identifier ClaimedIdentifier { get; set; }
///
/// Gets or sets a value indicating whether the provider has determined that the
/// belongs to the currently logged in user
/// and wishes to share this information with the consumer.
///
bool? IsAuthenticated { get; set; }
///
/// Adds an optional fragment (#fragment) portion to the ClaimedIdentifier.
/// Useful for identifier recycling.
///
///
/// Should not include the # prefix character as that will be added internally.
/// May be null or the empty string to clear a previously set fragment.
///
///
/// Unlike the property, which can only be set if
/// using directed identity, this method can be called on any URI claimed identifier.
/// Because XRI claimed identifiers (the canonical IDs) are never recycled,
/// this method shouldnot be called for XRIs.
///
///
/// Thrown when this method is called on an XRI, or on a directed identity
/// request before the property is set.
///
void SetClaimedIdentifierFragment(string fragment);
}
///
/// Code contract class for the type.
///
[ContractClassFor(typeof(IAuthenticationRequest))]
internal abstract class IAuthenticationRequestContract : IAuthenticationRequest {
///
/// Initializes a new instance of the class.
///
protected IAuthenticationRequestContract() {
}
#region IAuthenticationRequest Properties
///
/// Gets a value indicating whether the Provider should help the user
/// select a Claimed Identifier to send back to the relying party.
///
bool IAuthenticationRequest.IsDirectedIdentity {
get { throw new NotImplementedException(); }
}
///
/// Gets a value indicating whether the requesting Relying Party is using a delegated URL.
///
///
/// When delegated identifiers are used, the should not
/// be changed at the Provider during authentication.
/// Delegation is only detectable on requests originating from OpenID 2.0 relying parties.
/// A relying party implementing only OpenID 1.x may use delegation and this property will
/// return false anyway.
///
bool IAuthenticationRequest.IsDelegatedIdentifier {
get { throw new NotImplementedException(); }
}
///
/// Gets or sets the Local Identifier to this OpenID Provider of the user attempting
/// to authenticate. Check to see if
/// this value is valid.
///
///
/// This may or may not be the same as the Claimed Identifier that the user agent
/// originally supplied to the relying party. The Claimed Identifier
/// endpoint may be delegating authentication to this provider using
/// this provider's local id, which is what this property contains.
/// Use this identifier when looking up this user in the provider's user account
/// list.
///
Identifier IAuthenticationRequest.LocalIdentifier {
get {
throw new NotImplementedException();
}
set {
throw new NotImplementedException();
}
}
///
/// Gets or sets the identifier that the user agent is claiming at the relying party site.
/// Check to see if this value is valid.
///
///
/// This property can only be set if is
/// false, to prevent breaking URL delegation.
/// This will not be the same as this provider's local identifier for the user
/// if the user has set up his/her own identity page that points to this
/// provider for authentication.
/// The provider may use this identifier for displaying to the user when
/// asking for the user's permission to authenticate to the relying party.
///
/// Thrown from the setter
/// if is true.
Identifier IAuthenticationRequest.ClaimedIdentifier {
get {
throw new NotImplementedException();
}
set {
IAuthenticationRequest req = this;
Requires.ValidState(!req.IsDelegatedIdentifier, OpenIdStrings.ClaimedIdentifierCannotBeSetOnDelegatedAuthentication);
Requires.ValidState(!req.IsDirectedIdentity || !(req.LocalIdentifier != null && req.LocalIdentifier != value), OpenIdStrings.IdentifierSelectRequiresMatchingIdentifiers);
}
}
///
/// Gets or sets a value indicating whether the provider has determined that the
/// belongs to the currently logged in user
/// and wishes to share this information with the consumer.
///
bool? IAuthenticationRequest.IsAuthenticated {
get {
throw new NotImplementedException();
}
set {
throw new NotImplementedException();
}
}
#endregion
#region IHostProcessedRequest Properties
///
/// Gets the version of OpenID being used by the relying party that sent the request.
///
ProtocolVersion IHostProcessedRequest.RelyingPartyVersion {
get { throw new NotImplementedException(); }
}
///
/// Gets the URL the consumer site claims to use as its 'base' address.
///
Realm IHostProcessedRequest.Realm {
get { throw new NotImplementedException(); }
}
///
/// Gets a value indicating whether the consumer demands an immediate response.
/// If false, the consumer is willing to wait for the identity provider
/// to authenticate the user.
///
bool IHostProcessedRequest.Immediate {
get { throw new NotImplementedException(); }
}
///
/// Gets or sets the provider endpoint claimed in the positive assertion.
///
///
/// The default value is the URL that the request came in on from the relying party.
/// This value MUST match the value for the OP Endpoint in the discovery results for the
/// claimed identifier being asserted in a positive response.
///
Uri IHostProcessedRequest.ProviderEndpoint {
get {
throw new NotImplementedException();
}
set {
throw new NotImplementedException();
}
}
#endregion
#region IRequest Properties
///
/// Gets a value indicating whether the response is ready to be sent to the user agent.
///
///
/// This property returns false if there are properties that must be set on this
/// request instance before the response can be sent.
///
bool IRequest.IsResponseReady {
get { throw new NotImplementedException(); }
}
///
/// Gets or sets the security settings that apply to this request.
///
///
/// Defaults to the OpenIdProvider.SecuritySettings on the OpenIdProvider.
///
ProviderSecuritySettings IRequest.SecuritySettings {
get {
throw new NotImplementedException();
}
set {
throw new NotImplementedException();
}
}
#endregion
#region IAuthenticationRequest Methods
///
/// Adds an optional fragment (#fragment) portion to the ClaimedIdentifier.
/// Useful for identifier recycling.
///
/// Should not include the # prefix character as that will be added internally.
/// May be null or the empty string to clear a previously set fragment.
///
/// Unlike the property, which can only be set if
/// using directed identity, this method can be called on any URI claimed identifier.
/// Because XRI claimed identifiers (the canonical IDs) are never recycled,
/// this method shouldnot be called for XRIs.
///
///
/// Thrown when this method is called on an XRI, or on a directed identity
/// request before the property is set.
///
void IAuthenticationRequest.SetClaimedIdentifierFragment(string fragment) {
Requires.ValidState(!(((IAuthenticationRequest)this).IsDirectedIdentity && ((IAuthenticationRequest)this).ClaimedIdentifier == null), OpenIdStrings.ClaimedIdentifierMustBeSetFirst);
Requires.ValidState(!(((IAuthenticationRequest)this).ClaimedIdentifier is XriIdentifier), OpenIdStrings.FragmentNotAllowedOnXRIs);
throw new NotImplementedException();
}
#endregion
#region IHostProcessedRequest Methods
///
/// Attempts to perform relying party discovery of the return URL claimed by the Relying Party.
///
/// The web request handler to use for the RP discovery request.
///
/// The details of how successful the relying party discovery was.
///
///
/// Return URL verification is only attempted if this method is called.
/// See OpenID Authentication 2.0 spec section 9.2.1.
///
RelyingPartyDiscoveryResult IHostProcessedRequest.IsReturnUrlDiscoverable(IDirectWebRequestHandler webRequestHandler) {
throw new NotImplementedException();
}
#endregion
#region IRequest Methods
///
/// Adds an extension to the response to send to the relying party.
///
/// The extension to add to the response message.
void IRequest.AddResponseExtension(DotNetOpenAuth.OpenId.Messages.IOpenIdMessageExtension extension) {
throw new NotImplementedException();
}
///
/// Removes any response extensions previously added using .
///
///
/// This should be called before sending a negative response back to the relying party
/// if extensions were already added, since negative responses cannot carry extensions.
///
void IRequest.ClearResponseExtensions() {
}
///
/// Gets an extension sent from the relying party.
///
/// The type of the extension.
///
/// An instance of the extension initialized with values passed in with the request.
///
T IRequest.GetExtension() {
throw new NotImplementedException();
}
///
/// Gets an extension sent from the relying party.
///
/// The type of the extension.
///
/// An instance of the extension initialized with values passed in with the request.
///
DotNetOpenAuth.OpenId.Messages.IOpenIdMessageExtension IRequest.GetExtension(Type extensionType) {
throw new NotImplementedException();
}
#endregion
}
}