1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
|
//-----------------------------------------------------------------------
// <copyright file="MemoryCryptoKeyAndNonceStore.cs" company="Outercurve Foundation">
// Copyright (c) Outercurve Foundation. All rights reserved.
// </copyright>
//-----------------------------------------------------------------------
namespace DotNetOpenAuth.Messaging.Bindings {
using System;
using System.Collections.Generic;
using DotNetOpenAuth.Configuration;
using DotNetOpenAuth.Messaging.Bindings;
/// <summary>
/// An in-memory store for Providers, suitable for single server, single process
/// ASP.NET web sites.
/// </summary>
/// <remarks>
/// This class provides only a basic implementation that is likely to work
/// out of the box on most single-server web sites. It is highly recommended
/// that high traffic web sites consider using a database to store the information
/// used by an OpenID Provider and write a custom implementation of the
/// <see cref="ICryptoKeyAndNonceStore"/> interface to use instead of this
/// class.
/// </remarks>
public class MemoryCryptoKeyAndNonceStore : ICryptoKeyAndNonceStore {
/// <summary>
/// The nonce store to use.
/// </summary>
private readonly INonceStore nonceStore;
/// <summary>
/// The crypto key store where symmetric keys are persisted.
/// </summary>
private readonly ICryptoKeyStore cryptoKeyStore;
/// <summary>
/// Initializes a new instance of the <see cref="MemoryCryptoKeyAndNonceStore" /> class
/// with a default max nonce lifetime of 5 minutes.
/// </summary>
public MemoryCryptoKeyAndNonceStore()
: this(TimeSpan.FromMinutes(5)) {
}
/// <summary>
/// Initializes a new instance of the <see cref="MemoryCryptoKeyAndNonceStore"/> class.
/// </summary>
/// <param name="maximumMessageAge">The maximum time to live of a message that might carry a nonce.</param>
public MemoryCryptoKeyAndNonceStore(TimeSpan maximumMessageAge) {
this.nonceStore = new MemoryNonceStore(maximumMessageAge);
this.cryptoKeyStore = new MemoryCryptoKeyStore();
}
#region INonceStore Members
/// <summary>
/// Stores a given nonce and timestamp.
/// </summary>
/// <param name="context">The context, or namespace, within which the <paramref name="nonce"/> must be unique.</param>
/// <param name="nonce">A series of random characters.</param>
/// <param name="timestampUtc">The timestamp that together with the nonce string make it unique.
/// The timestamp may also be used by the data store to clear out old nonces.</param>
/// <returns>
/// True if the nonce+timestamp (combination) was not previously in the database.
/// False if the nonce was stored previously with the same timestamp.
/// </returns>
/// <remarks>
/// The nonce must be stored for no less than the maximum time window a message may
/// be processed within before being discarded as an expired message.
/// If the binding element is applicable to your channel, this expiration window
/// is retrieved or set using the
/// <see cref="StandardExpirationBindingElement.MaximumMessageAge"/> property.
/// </remarks>
public bool StoreNonce(string context, string nonce, DateTime timestampUtc) {
return this.nonceStore.StoreNonce(context, nonce, timestampUtc);
}
#endregion
#region ICryptoKeyStore
/// <summary>
/// Gets the key in a given bucket and handle.
/// </summary>
/// <param name="bucket">The bucket name. Case sensitive.</param>
/// <param name="handle">The key handle. Case sensitive.</param>
/// <returns>
/// The cryptographic key, or <c>null</c> if no matching key was found.
/// </returns>
public CryptoKey GetKey(string bucket, string handle) {
return this.cryptoKeyStore.GetKey(bucket, handle);
}
/// <summary>
/// Gets a sequence of existing keys within a given bucket.
/// </summary>
/// <param name="bucket">The bucket name. Case sensitive.</param>
/// <returns>
/// A sequence of handles and keys, ordered by descending <see cref="CryptoKey.ExpiresUtc"/>.
/// </returns>
public IEnumerable<KeyValuePair<string, CryptoKey>> GetKeys(string bucket) {
return this.cryptoKeyStore.GetKeys(bucket);
}
/// <summary>
/// Stores a cryptographic key.
/// </summary>
/// <param name="bucket">The name of the bucket to store the key in. Case sensitive.</param>
/// <param name="handle">The handle to the key, unique within the bucket. Case sensitive.</param>
/// <param name="key">The key to store.</param>
/// <exception cref="CryptoKeyCollisionException">Thrown in the event of a conflict with an existing key in the same bucket and with the same handle.</exception>
public void StoreKey(string bucket, string handle, CryptoKey key) {
this.cryptoKeyStore.StoreKey(bucket, handle, key);
}
/// <summary>
/// Removes the key.
/// </summary>
/// <param name="bucket">The bucket name. Case sensitive.</param>
/// <param name="handle">The key handle. Case sensitive.</param>
public void RemoveKey(string bucket, string handle) {
this.cryptoKeyStore.RemoveKey(bucket, handle);
}
#endregion
}
}
|
