blob: 840fe3a93910a307c25d762a92071de69693756d (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
|
//-----------------------------------------------------------------------
// <copyright file="IProviderBehavior.cs" company="Outercurve Foundation">
// Copyright (c) Outercurve Foundation. All rights reserved.
// </copyright>
//-----------------------------------------------------------------------
namespace DotNetOpenAuth.OpenId.Provider {
using System;
using System.Diagnostics.Contracts;
using DotNetOpenAuth.OpenId.ChannelElements;
/// <summary>
/// Applies a custom security policy to certain OpenID security settings and behaviors.
/// </summary>
[ContractClass(typeof(IProviderBehaviorContract))]
public interface IProviderBehavior {
/// <summary>
/// Applies a well known set of security requirements to a default set of security settings.
/// </summary>
/// <param name="securitySettings">The security settings to enhance with the requirements of this profile.</param>
/// <remarks>
/// Care should be taken to never decrease security when applying a profile.
/// Profiles should only enhance security requirements to avoid being
/// incompatible with each other.
/// </remarks>
void ApplySecuritySettings(ProviderSecuritySettings securitySettings);
/// <summary>
/// Called when a request is received by the Provider.
/// </summary>
/// <param name="request">The incoming request.</param>
/// <returns>
/// <c>true</c> if this behavior owns this request and wants to stop other behaviors
/// from handling it; <c>false</c> to allow other behaviors to process this request.
/// </returns>
/// <remarks>
/// Implementations may set a new value to <see cref="IRequest.SecuritySettings"/> but
/// should not change the properties on the instance of <see cref="ProviderSecuritySettings"/>
/// itself as that instance may be shared across many requests.
/// </remarks>
bool OnIncomingRequest(IRequest request);
/// <summary>
/// Called when the Provider is preparing to send a response to an authentication request.
/// </summary>
/// <param name="request">The request that is configured to generate the outgoing response.</param>
/// <returns>
/// <c>true</c> if this behavior owns this request and wants to stop other behaviors
/// from handling it; <c>false</c> to allow other behaviors to process this request.
/// </returns>
bool OnOutgoingResponse(IAuthenticationRequest request);
}
/// <summary>
/// Code contract for the <see cref="IProviderBehavior"/> type.
/// </summary>
[ContractClassFor(typeof(IProviderBehavior))]
internal abstract class IProviderBehaviorContract : IProviderBehavior {
/// <summary>
/// Initializes a new instance of the <see cref="IProviderBehaviorContract"/> class.
/// </summary>
protected IProviderBehaviorContract() {
}
#region IProviderBehavior Members
/// <summary>
/// Applies a well known set of security requirements to a default set of security settings.
/// </summary>
/// <param name="securitySettings">The security settings to enhance with the requirements of this profile.</param>
/// <remarks>
/// Care should be taken to never decrease security when applying a profile.
/// Profiles should only enhance security requirements to avoid being
/// incompatible with each other.
/// </remarks>
void IProviderBehavior.ApplySecuritySettings(ProviderSecuritySettings securitySettings) {
Requires.NotNull(securitySettings, "securitySettings");
throw new System.NotImplementedException();
}
/// <summary>
/// Called when a request is received by the Provider.
/// </summary>
/// <param name="request">The incoming request.</param>
/// <returns>
/// <c>true</c> if this behavior owns this request and wants to stop other behaviors
/// from handling it; <c>false</c> to allow other behaviors to process this request.
/// </returns>
/// <remarks>
/// Implementations may set a new value to <see cref="IRequest.SecuritySettings"/> but
/// should not change the properties on the instance of <see cref="ProviderSecuritySettings"/>
/// itself as that instance may be shared across many requests.
/// </remarks>
bool IProviderBehavior.OnIncomingRequest(IRequest request) {
Requires.NotNull(request, "request");
throw new System.NotImplementedException();
}
/// <summary>
/// Called when the Provider is preparing to send a response to an authentication request.
/// </summary>
/// <param name="request">The request that is configured to generate the outgoing response.</param>
/// <returns>
/// <c>true</c> if this behavior owns this request and wants to stop other behaviors
/// from handling it; <c>false</c> to allow other behaviors to process this request.
/// </returns>
bool IProviderBehavior.OnOutgoingResponse(IAuthenticationRequest request) {
Requires.NotNull(request, "request");
throw new System.NotImplementedException();
}
#endregion
}
}
|
