/// <summary>
/// Analyzes an incoming request message payload to discover what kind of
/// message is embedded in it and returns the type, or null if no match is found.
/// </summary>
/// <param name="recipient">The intended or actual recipient of the request message.</param>
/// <param name="fields">The name/value pairs that make up the message payload.</param>
/// <returns>
/// A newly instantiated <see cref="IProtocolMessage"/>-derived object that this message can
/// deserialize to. Null if the request isn't recognized as a valid protocol message.
/// </returns>
public IDirectedProtocolMessage GetNewRequestMessage(MessageReceivingEndpoint recipient, IDictionary <string, string> fields)
{
RequestBase message = null;
// Discern the OpenID version of the message.
Protocol protocol = Protocol.V11;
string ns;
if (fields.TryGetValue(Protocol.V20.openid.ns, out ns))
{
ErrorUtilities.VerifyProtocol(string.Equals(ns, Protocol.OpenId2Namespace, StringComparison.Ordinal), MessagingStrings.UnexpectedMessagePartValue, Protocol.V20.openid.ns, ns);
protocol = Protocol.V20;
}
string mode;
if (fields.TryGetValue(protocol.openid.mode, out mode))
{
if (string.Equals(mode, protocol.Args.Mode.associate))
{
if (fields.ContainsKey(protocol.openid.dh_consumer_public))
{
message = new AssociateDiffieHellmanProviderRequest(protocol.Version, recipient.Location);
}
else
{
message = new AssociateUnencryptedProviderRequest(protocol.Version, recipient.Location);
}
}
else if (string.Equals(mode, protocol.Args.Mode.checkid_setup) ||
string.Equals(mode, protocol.Args.Mode.checkid_immediate))
{
AuthenticationRequestMode authMode = string.Equals(mode, protocol.Args.Mode.checkid_immediate) ? AuthenticationRequestMode.Immediate : AuthenticationRequestMode.Setup;
if (fields.ContainsKey(protocol.openid.identity))
{
message = new CheckIdRequest(protocol.Version, recipient.Location, authMode);
}
else
{
ErrorUtilities.VerifyProtocol(!fields.ContainsKey(protocol.openid.claimed_id), OpenIdStrings.IdentityAndClaimedIdentifierMustBeBothPresentOrAbsent);
message = new SignedResponseRequest(protocol.Version, recipient.Location, authMode);
}
}
else if (string.Equals(mode, protocol.Args.Mode.check_authentication))
{
message = new CheckAuthenticationRequest(protocol.Version, recipient.Location);
}
else
{
ErrorUtilities.ThrowProtocol(MessagingStrings.UnexpectedMessagePartValue, protocol.openid.mode, mode);
}
}
if (message != null)
{
message.SetAsIncoming();
}
return(message);
}
void parameterizedProgrammaticOPIdentifierTest(Identifier opIdentifier, ProtocolVersion version,
Identifier claimedUrl, AuthenticationRequestMode requestMode,
AuthenticationStatus expectedResult, bool provideStore) {
var rp = TestSupport.CreateRelyingParty(provideStore ? TestSupport.RelyingPartyStore : null, null, null);
var returnTo = TestSupport.GetFullUrl(TestSupport.ConsumerPage);
var realm = new Realm(TestSupport.GetFullUrl(TestSupport.ConsumerPage).AbsoluteUri);
var request = rp.CreateRequest(opIdentifier, realm, returnTo);
request.Mode = requestMode;
var rpResponse = TestSupport.CreateRelyingPartyResponseThroughProvider(request,
opReq => {
opReq.IsAuthenticated = expectedResult == AuthenticationStatus.Authenticated;
if (opReq.IsAuthenticated.Value) {
opReq.ClaimedIdentifier = claimedUrl;
}
});
Assert.AreEqual(expectedResult, rpResponse.Status);
if (rpResponse.Status == AuthenticationStatus.Authenticated) {
Assert.AreEqual(claimedUrl, rpResponse.ClaimedIdentifier);
} else if (rpResponse.Status == AuthenticationStatus.SetupRequired) {
Assert.IsNull(rpResponse.ClaimedIdentifier);
Assert.IsNull(rpResponse.FriendlyIdentifierForDisplay);
Assert.IsNull(rpResponse.Exception);
Assert.IsInstanceOfType(typeof(ISetupRequiredAuthenticationResponse), rpResponse);
Assert.AreEqual(opIdentifier.ToString(), ((ISetupRequiredAuthenticationResponse)rpResponse).ClaimedOrProviderIdentifier.ToString());
}
}
void parameterizedProgrammaticOPIdentifierTest(Identifier opIdentifier, ProtocolVersion version,
Identifier claimedUrl, AuthenticationRequestMode requestMode,
AuthenticationStatus expectedResult, bool provideStore)
{
var rp = TestSupport.CreateRelyingParty(provideStore ? TestSupport.RelyingPartyStore : null, null, null);
var returnTo = TestSupport.GetFullUrl(TestSupport.ConsumerPage);
var realm = new Realm(TestSupport.GetFullUrl(TestSupport.ConsumerPage).AbsoluteUri);
var request = rp.CreateRequest(opIdentifier, realm, returnTo);
request.Mode = requestMode;
var rpResponse = TestSupport.CreateRelyingPartyResponseThroughProvider(request,
opReq => {
opReq.IsAuthenticated = expectedResult == AuthenticationStatus.Authenticated;
if (opReq.IsAuthenticated.Value)
{
opReq.ClaimedIdentifier = claimedUrl;
}
});
Assert.AreEqual(expectedResult, rpResponse.Status);
if (rpResponse.Status == AuthenticationStatus.Authenticated)
{
Assert.AreEqual(claimedUrl, rpResponse.ClaimedIdentifier);
}
else if (rpResponse.Status == AuthenticationStatus.SetupRequired)
{
Assert.IsNull(rpResponse.ClaimedIdentifier);
Assert.IsNull(rpResponse.FriendlyIdentifierForDisplay);
Assert.IsNull(rpResponse.Exception);
Assert.IsInstanceOfType(typeof(ISetupRequiredAuthenticationResponse), rpResponse);
Assert.AreEqual(opIdentifier.ToString(), ((ISetupRequiredAuthenticationResponse)rpResponse).ClaimedOrProviderIdentifier.ToString());
}
}
void parameterizedOPIdentifierTest(TestSupport.Scenarios scenario,
AuthenticationRequestMode requestMode, AuthenticationStatus expectedResult) {
ProtocolVersion version = ProtocolVersion.V20; // only this version supports directed identity
UriIdentifier claimedIdentifier = TestSupport.GetDirectedIdentityUrl(TestSupport.Scenarios.ApproveOnSetup, version);
Identifier opIdentifier = TestSupport.GetMockOPIdentifier(TestSupport.Scenarios.ApproveOnSetup, claimedIdentifier);
parameterizedProgrammaticOPIdentifierTest(opIdentifier, version, claimedIdentifier, requestMode, expectedResult, true);
parameterizedProgrammaticOPIdentifierTest(opIdentifier, version, claimedIdentifier, requestMode, expectedResult, false);
}
void parameterizedTest(TestSupport.Scenarios scenario, ProtocolVersion version,
AuthenticationRequestMode requestMode, AuthenticationStatus expectedResult)
{
Identifier claimedId = TestSupport.GetMockIdentifier(scenario, version);
parameterizedProgrammaticTest(scenario, version, claimedId, requestMode, expectedResult, true);
parameterizedProgrammaticTest(scenario, version, claimedId, requestMode, expectedResult, false);
}
/// <summary>
/// Gets the value of the openid.mode parameter based on the protocol version and immediate flag.
/// </summary>
/// <param name="version">The OpenID version to use.</param>
/// <param name="mode">
/// <see cref="AuthenticationRequestMode.Immediate"/> for asynchronous javascript clients;
/// <see cref="AuthenticationRequestMode.Setup"/> to allow the Provider to interact with the user in order to complete authentication.
/// </param>
/// <returns>checkid_immediate or checkid_setup</returns>
private static string GetMode(Version version, AuthenticationRequestMode mode)
{
Contract.Requires <ArgumentNullException>(version != null);
Protocol protocol = Protocol.Lookup(version);
return(mode == AuthenticationRequestMode.Immediate ? protocol.Args.Mode.checkid_immediate : protocol.Args.Mode.checkid_setup);
}
/// <summary>
/// Gets the value of the openid.mode parameter based on the protocol version and immediate flag.
/// </summary>
/// <param name="version">The OpenID version to use.</param>
/// <param name="mode">
/// <see cref="AuthenticationRequestMode.Immediate"/> for asynchronous javascript clients;
/// <see cref="AuthenticationRequestMode.Setup"/> to allow the Provider to interact with the user in order to complete authentication.
/// </param>
/// <returns>checkid_immediate or checkid_setup</returns>
private static string GetMode(Version version, AuthenticationRequestMode mode)
{
Requires.NotNull(version, "version");
Protocol protocol = Protocol.Lookup(version);
return(mode == AuthenticationRequestMode.Immediate ? protocol.Args.Mode.checkid_immediate : protocol.Args.Mode.checkid_setup);
}
void parameterizedOPIdentifierTest(TestSupport.Scenarios scenario,
AuthenticationRequestMode requestMode, AuthenticationStatus expectedResult)
{
ProtocolVersion version = ProtocolVersion.V20; // only this version supports directed identity
UriIdentifier claimedIdentifier = TestSupport.GetDirectedIdentityUrl(TestSupport.Scenarios.ApproveOnSetup, version);
Identifier opIdentifier = TestSupport.GetMockOPIdentifier(TestSupport.Scenarios.ApproveOnSetup, claimedIdentifier);
parameterizedProgrammaticOPIdentifierTest(opIdentifier, version, claimedIdentifier, requestMode, expectedResult, true);
parameterizedProgrammaticOPIdentifierTest(opIdentifier, version, claimedIdentifier, requestMode, expectedResult, false);
}
void parameterizedProgrammaticTest(TestSupport.Scenarios scenario, ProtocolVersion version,
Identifier claimedUrl, AuthenticationRequestMode requestMode,
AuthenticationStatus expectedResult, bool provideStore) {
var request = TestSupport.CreateRelyingPartyRequest(!provideStore, scenario, version);
request.Mode = requestMode;
var rpResponse = TestSupport.CreateRelyingPartyResponseThroughProvider(request,
opReq => opReq.IsAuthenticated = expectedResult == AuthenticationStatus.Authenticated);
Assert.AreEqual(expectedResult, rpResponse.Status);
Assert.AreEqual(claimedUrl, rpResponse.ClaimedIdentifier);
}
void parameterizedProgrammaticTest(TestSupport.Scenarios scenario, ProtocolVersion version,
Identifier claimedUrl, AuthenticationRequestMode requestMode,
AuthenticationStatus expectedResult, bool provideStore)
{
var request = TestSupport.CreateRelyingPartyRequest(!provideStore, scenario, version);
request.Mode = requestMode;
var rpResponse = TestSupport.CreateRelyingPartyResponseThroughProvider(request,
opReq => opReq.IsAuthenticated = expectedResult == AuthenticationStatus.Authenticated);
Assert.AreEqual(expectedResult, rpResponse.Status);
Assert.AreEqual(claimedUrl, rpResponse.ClaimedIdentifier);
}
public void ExtensionOnlyChannelLevel()
{
Protocol protocol = Protocol.V20;
AuthenticationRequestMode mode = AuthenticationRequestMode.Setup;
var coordinator = new OpenIdCoordinator(
rp => {
var request = new SignedResponseRequest(protocol.Version, OPUri, mode);
rp.Channel.Respond(request);
},
op => {
var request = op.Channel.ReadFromRequest <SignedResponseRequest>();
Assert.IsNotInstanceOf <CheckIdRequest>(request);
});
coordinator.Run();
}
/// <summary>
/// Analyzes an incoming request message payload to discover what kind of
/// message is embedded in it and returns the type, or null if no match is found.
/// </summary>
/// <param name="recipient">The intended or actual recipient of the request message.</param>
/// <param name="fields">The name/value pairs that make up the message payload.</param>
/// <returns>
/// A newly instantiated <see cref="IProtocolMessage"/>-derived object that this message can
/// deserialize to. Null if the request isn't recognized as a valid protocol message.
/// </returns>
public IDirectedProtocolMessage GetNewRequestMessage(MessageReceivingEndpoint recipient, IDictionary <string, string> fields)
{
ErrorUtilities.VerifyArgumentNotNull(recipient, "recipient");
ErrorUtilities.VerifyArgumentNotNull(fields, "fields");
RequestBase message = null;
// Discern the OpenID version of the message.
Protocol protocol = Protocol.V11;
string ns;
if (fields.TryGetValue(Protocol.V20.openid.ns, out ns))
{
ErrorUtilities.VerifyProtocol(string.Equals(ns, Protocol.OpenId2Namespace, StringComparison.Ordinal), MessagingStrings.UnexpectedMessagePartValue, Protocol.V20.openid.ns, ns);
protocol = Protocol.V20;
}
string mode;
if (fields.TryGetValue(protocol.openid.mode, out mode))
{
if (string.Equals(mode, protocol.Args.Mode.associate))
{
if (fields.ContainsKey(protocol.openid.dh_consumer_public))
{
message = new AssociateDiffieHellmanRequest(protocol.Version, recipient.Location);
}
else
{
message = new AssociateUnencryptedRequest(protocol.Version, recipient.Location);
}
}
else if (string.Equals(mode, protocol.Args.Mode.checkid_setup) ||
string.Equals(mode, protocol.Args.Mode.checkid_immediate))
{
AuthenticationRequestMode authMode = string.Equals(mode, protocol.Args.Mode.checkid_immediate) ? AuthenticationRequestMode.Immediate : AuthenticationRequestMode.Setup;
if (fields.ContainsKey(protocol.openid.identity))
{
message = new CheckIdRequest(protocol.Version, recipient.Location, authMode);
}
else
{
message = new SignedResponseRequest(protocol.Version, recipient.Location, authMode);
}
}
else if (string.Equals(mode, protocol.Args.Mode.cancel) ||
(string.Equals(mode, protocol.Args.Mode.setup_needed) && (protocol.Version.Major >= 2 || fields.ContainsKey(protocol.openid.user_setup_url))))
{
message = new NegativeAssertionResponse(protocol.Version, recipient.Location, mode);
}
else if (string.Equals(mode, protocol.Args.Mode.id_res))
{
if (fields.ContainsKey(protocol.openid.identity))
{
message = new PositiveAssertionResponse(protocol.Version, recipient.Location);
}
else
{
message = new IndirectSignedResponse(protocol.Version, recipient.Location);
}
}
else if (string.Equals(mode, protocol.Args.Mode.check_authentication))
{
message = new CheckAuthenticationRequest(protocol.Version, recipient.Location);
}
else if (string.Equals(mode, protocol.Args.Mode.error))
{
message = new IndirectErrorResponse(protocol.Version, recipient.Location);
}
else
{
ErrorUtilities.ThrowProtocol(MessagingStrings.UnexpectedMessagePartValue, protocol.openid.mode, mode);
}
}
if (message != null)
{
message.SetAsIncoming();
}
return(message);
}
/// <summary>
/// Initializes a new instance of the <see cref="SignedResponseRequest"/> class.
/// </summary>
/// <param name="version">The OpenID version to use.</param>
/// <param name="providerEndpoint">The Provider endpoint that receives this message.</param>
/// <param name="mode">
/// <see cref="AuthenticationRequestMode.Immediate"/> for asynchronous javascript clients;
/// <see cref="AuthenticationRequestMode.Setup"/> to allow the Provider to interact with the user in order to complete authentication.
/// </param>
internal SignedResponseRequest(Version version, Uri providerEndpoint, AuthenticationRequestMode mode) :
base(version, providerEndpoint, GetMode(version, mode), DotNetOpenAuth.Messaging.MessageTransport.Indirect) {
}
/// <summary>
/// Gets the value of the openid.mode parameter based on the protocol version and immediate flag.
/// </summary>
/// <param name="version">The OpenID version to use.</param>
/// <param name="mode">
/// <see cref="AuthenticationRequestMode.Immediate"/> for asynchronous javascript clients;
/// <see cref="AuthenticationRequestMode.Setup"/> to allow the Provider to interact with the user in order to complete authentication.
/// </param>
/// <returns>checkid_immediate or checkid_setup</returns>
private static string GetMode(Version version, AuthenticationRequestMode mode) {
Requires.NotNull(version, "version");
Protocol protocol = Protocol.Lookup(version);
return mode == AuthenticationRequestMode.Immediate ? protocol.Args.Mode.checkid_immediate : protocol.Args.Mode.checkid_setup;
}
/// <summary>
/// Initializes a new instance of the <see cref="SignedResponseRequest"/> class.
/// </summary>
/// <param name="version">The OpenID version to use.</param>
/// <param name="providerEndpoint">The Provider endpoint that receives this message.</param>
/// <param name="mode">
/// <see cref="AuthenticationRequestMode.Immediate"/> for asynchronous javascript clients;
/// <see cref="AuthenticationRequestMode.Setup"/> to allow the Provider to interact with the user in order to complete authentication.
/// </param>
internal SignedResponseRequest(Version version, Uri providerEndpoint, AuthenticationRequestMode mode) :
base(version, providerEndpoint, GetMode(version, mode), DotNetOpenAuth.Messaging.MessageTransport.Indirect)
{
}
/// <summary>
/// Initializes a new instance of the <see cref="CheckIdRequest"/> class.
/// </summary>
/// <param name="version">The OpenID version to use.</param>
/// <param name="providerEndpoint">The Provider endpoint that receives this message.</param>
/// <param name="mode">
/// <see cref="AuthenticationRequestMode.Immediate"/> for asynchronous javascript clients;
/// <see cref="AuthenticationRequestMode.Setup"/> to allow the Provider to interact with the user in order to complete authentication.
/// </param>
internal CheckIdRequest(Version version, Uri providerEndpoint, AuthenticationRequestMode mode) :
base(version, providerEndpoint, mode)
{
}
void parameterizedWebClientTest(Identifier identityUrl,
AuthenticationRequestMode requestMode, AuthenticationStatus expectedResult)
{
Uri redirectToProviderUrl;
HttpWebRequest rpRequest = (HttpWebRequest)WebRequest.Create(TestSupport.GetFullUrl(TestSupport.ConsumerPage));
NameValueCollection query = new NameValueCollection();
using (HttpWebResponse response = (HttpWebResponse)rpRequest.GetResponse()) {
using (StreamReader sr = new StreamReader(response.GetResponseStream())) {
Regex regex = new Regex(@"\<input\b.*\bname=""(\w+)"".*\bvalue=""([^""]+)""", RegexOptions.IgnoreCase);
while (!sr.EndOfStream)
{
string line = sr.ReadLine();
Match m = regex.Match(line);
if (m.Success)
{
query[m.Groups[1].Value] = m.Groups[2].Value;
}
}
}
}
query["OpenIdTextBox1$wrappedTextBox"] = identityUrl;
rpRequest = (HttpWebRequest)WebRequest.Create(TestSupport.GetFullUrl(TestSupport.ConsumerPage));
rpRequest.Method = "POST";
rpRequest.AllowAutoRedirect = false;
string queryString = UriUtil.CreateQueryString(query);
rpRequest.ContentLength = queryString.Length;
rpRequest.ContentType = "application/x-www-form-urlencoded";
using (StreamWriter sw = new StreamWriter(rpRequest.GetRequestStream())) {
sw.Write(queryString);
}
using (HttpWebResponse response = (HttpWebResponse)rpRequest.GetResponse()) {
using (StreamReader sr = new StreamReader(response.GetResponseStream())) {
string doc = sr.ReadToEnd();
Debug.WriteLine(doc);
}
redirectToProviderUrl = new Uri(response.Headers[HttpResponseHeader.Location]);
}
HttpWebRequest providerRequest = (HttpWebRequest)WebRequest.Create(redirectToProviderUrl);
providerRequest.AllowAutoRedirect = false;
Uri redirectUrl;
try {
using (HttpWebResponse providerResponse = (HttpWebResponse)providerRequest.GetResponse()) {
Assert.AreEqual(HttpStatusCode.Redirect, providerResponse.StatusCode);
redirectUrl = new Uri(providerResponse.Headers[HttpResponseHeader.Location]);
}
} catch (WebException ex) {
TestSupport.Logger.Error("WebException", ex);
if (ex.Response != null)
{
using (StreamReader sr = new StreamReader(ex.Response.GetResponseStream())) {
TestSupport.Logger.ErrorFormat("Response stream follows: {0}", sr.ReadToEnd());
}
}
throw;
}
rpRequest = (HttpWebRequest)WebRequest.Create(redirectUrl);
rpRequest.AllowAutoRedirect = false;
using (HttpWebResponse response = (HttpWebResponse)rpRequest.GetResponse()) {
Assert.AreEqual(HttpStatusCode.Redirect, response.StatusCode); // redirect on login
}
// Try replay attack
if (expectedResult == AuthenticationStatus.Authenticated)
{
// This simulates a network sniffing user who caught the
// authenticating query en route to either the user agent or
// the consumer, and tries the same query to the consumer in an
// attempt to spoof the identity of the authenticating user.
rpRequest = (HttpWebRequest)WebRequest.Create(redirectUrl);
rpRequest.AllowAutoRedirect = false;
using (HttpWebResponse response = (HttpWebResponse)rpRequest.GetResponse()) {
Assert.AreEqual(HttpStatusCode.OK, response.StatusCode); // error message
}
}
}
void parameterizedWebClientTest(Identifier identityUrl,
AuthenticationRequestMode requestMode, AuthenticationStatus expectedResult)
{
Uri redirectToProviderUrl;
HttpWebRequest rpRequest = (HttpWebRequest)WebRequest.Create(TestSupport.GetFullUrl(TestSupport.ConsumerPage));
NameValueCollection query = new NameValueCollection();
using (HttpWebResponse response = (HttpWebResponse)rpRequest.GetResponse()) {
using (StreamReader sr = new StreamReader(response.GetResponseStream())) {
Regex regex = new Regex(@"\<input\b.*\bname=""(\w+)"".*\bvalue=""([^""]+)""", RegexOptions.IgnoreCase);
while (!sr.EndOfStream) {
string line = sr.ReadLine();
Match m = regex.Match(line);
if (m.Success) {
query[m.Groups[1].Value] = m.Groups[2].Value;
}
}
}
}
query["OpenIdTextBox1$wrappedTextBox"] = identityUrl;
rpRequest = (HttpWebRequest)WebRequest.Create(TestSupport.GetFullUrl(TestSupport.ConsumerPage));
rpRequest.Method = "POST";
rpRequest.AllowAutoRedirect = false;
string queryString = UriUtil.CreateQueryString(query);
rpRequest.ContentLength = queryString.Length;
rpRequest.ContentType = "application/x-www-form-urlencoded";
using (StreamWriter sw = new StreamWriter(rpRequest.GetRequestStream())) {
sw.Write(queryString);
}
using (HttpWebResponse response = (HttpWebResponse)rpRequest.GetResponse()) {
using (StreamReader sr = new StreamReader(response.GetResponseStream())) {
string doc = sr.ReadToEnd();
Debug.WriteLine(doc);
}
redirectToProviderUrl = new Uri(response.Headers[HttpResponseHeader.Location]);
}
HttpWebRequest providerRequest = (HttpWebRequest)WebRequest.Create(redirectToProviderUrl);
providerRequest.AllowAutoRedirect = false;
Uri redirectUrl;
try {
using (HttpWebResponse providerResponse = (HttpWebResponse)providerRequest.GetResponse()) {
Assert.AreEqual(HttpStatusCode.Redirect, providerResponse.StatusCode);
redirectUrl = new Uri(providerResponse.Headers[HttpResponseHeader.Location]);
}
} catch (WebException ex) {
TestSupport.Logger.Error("WebException", ex);
if (ex.Response != null) {
using (StreamReader sr = new StreamReader(ex.Response.GetResponseStream())) {
TestSupport.Logger.ErrorFormat("Response stream follows: {0}", sr.ReadToEnd());
}
}
throw;
}
rpRequest = (HttpWebRequest)WebRequest.Create(redirectUrl);
rpRequest.AllowAutoRedirect = false;
using (HttpWebResponse response = (HttpWebResponse)rpRequest.GetResponse()) {
Assert.AreEqual(HttpStatusCode.Redirect, response.StatusCode); // redirect on login
}
// Try replay attack
if (expectedResult == AuthenticationStatus.Authenticated) {
// This simulates a network sniffing user who caught the
// authenticating query en route to either the user agent or
// the consumer, and tries the same query to the consumer in an
// attempt to spoof the identity of the authenticating user.
rpRequest = (HttpWebRequest)WebRequest.Create(redirectUrl);
rpRequest.AllowAutoRedirect = false;
using (HttpWebResponse response = (HttpWebResponse)rpRequest.GetResponse()) {
Assert.AreEqual(HttpStatusCode.OK, response.StatusCode); // error message
}
}
}
/// <summary>
/// Initializes a new instance of the <see cref="CheckIdRequest"/> class.
/// </summary>
/// <param name="version">The OpenID version to use.</param>
/// <param name="providerEndpoint">The Provider endpoint that receives this message.</param>
/// <param name="mode">
/// <see cref="AuthenticationRequestMode.Immediate"/> for asynchronous javascript clients;
/// <see cref="AuthenticationRequestMode.Setup"/> to allow the Provider to interact with the user in order to complete authentication.
/// </param>
internal CheckIdRequest(Version version, Uri providerEndpoint, AuthenticationRequestMode mode) :
base(version, providerEndpoint, mode) {
}
void parameterizedTest(TestSupport.Scenarios scenario, ProtocolVersion version,
AuthenticationRequestMode requestMode, AuthenticationStatus expectedResult) {
Identifier claimedId = TestSupport.GetMockIdentifier(scenario, version);
parameterizedProgrammaticTest(scenario, version, claimedId, requestMode, expectedResult, true);
parameterizedProgrammaticTest(scenario, version, claimedId, requestMode, expectedResult, false);
}
