public RequestHandlerWithLastResponse(UntrustedWebRequestHandler webRequestHandler)
{
if (webRequestHandler == null)
{
throw new ArgumentNullException("webRequestHandler");
}
_webRequestHandler = webRequestHandler;
}
internal static MockHttpRequest CreateUntrustedMockHttpHandler() {
TestWebRequestHandler testHandler = new TestWebRequestHandler();
UntrustedWebRequestHandler untrustedHandler = new UntrustedWebRequestHandler(testHandler);
if (!untrustedHandler.WhitelistHosts.Contains("localhost")) {
untrustedHandler.WhitelistHosts.Add("localhost");
}
untrustedHandler.WhitelistHosts.Add(OpenIdTestBase.OPUri.Host);
MockHttpRequest mock = new MockHttpRequest(untrustedHandler);
testHandler.Callback = mock.GetMockResponse;
return mock;
}
internal static MockHttpRequest CreateUntrustedMockHttpHandler()
{
TestWebRequestHandler testHandler = new TestWebRequestHandler();
UntrustedWebRequestHandler untrustedHandler = new UntrustedWebRequestHandler(testHandler);
if (!untrustedHandler.WhitelistHosts.Contains("localhost"))
{
untrustedHandler.WhitelistHosts.Add("localhost");
}
untrustedHandler.WhitelistHosts.Add(OpenIdTestBase.OPUri.Host);
MockHttpRequest mock = new MockHttpRequest(untrustedHandler);
testHandler.Callback = mock.GetMockResponse;
return(mock);
}
public HttpMessageHandler CreateHttpMessageHandler()
{
var forwardingMessageHandler = new ForwardingMessageHandler(this.Handlers, this);
var cookieDelegatingHandler = new CookieDelegatingHandler(forwardingMessageHandler, this.CookieContainer);
if (this.InstallUntrustedWebReqestHandler)
{
var untrustedHandler = new UntrustedWebRequestHandler(cookieDelegatingHandler);
untrustedHandler.AllowAutoRedirect = this.AllowAutoRedirects;
return(untrustedHandler);
}
else if (this.AllowAutoRedirects)
{
return(new AutoRedirectHandler(cookieDelegatingHandler));
}
else
{
return(cookieDelegatingHandler);
}
}
/// <summary>
/// Creates a new association with a given Provider.
/// </summary>
/// <param name="provider">The provider to create an association with.</param>
/// <param name="associateRequest">The associate request. May be <c>null</c>, which will always result in a <c>null</c> return value..</param>
/// <param name="retriesRemaining">The number of times to try the associate request again if the Provider suggests it.</param>
/// <param name="cancellationToken">The cancellation token.</param>
/// <returns>
/// The newly created association, or null if no association can be created with
/// the given Provider given the current security settings.
/// </returns>
/// <exception cref="ProtocolException">Create if an error occurs while creating the new association.</exception>
private async Task <Association> CreateNewAssociationAsync(IProviderEndpoint provider, AssociateRequest associateRequest, int retriesRemaining, CancellationToken cancellationToken)
{
Requires.NotNull(provider, "provider");
if (associateRequest == null || retriesRemaining < 0)
{
// this can happen if security requirements and protocol conflict
// to where there are no association types to choose from.
return(null);
}
Exception exception = null;
try {
var associateResponse = await this.channel.RequestAsync(associateRequest, cancellationToken);
var associateSuccessfulResponse = associateResponse as IAssociateSuccessfulResponseRelyingParty;
var associateUnsuccessfulResponse = associateResponse as AssociateUnsuccessfulResponse;
if (associateSuccessfulResponse != null)
{
Association association = associateSuccessfulResponse.CreateAssociationAtRelyingParty(associateRequest);
this.associationStore.StoreAssociation(provider.Uri, association);
return(association);
}
else if (associateUnsuccessfulResponse != null)
{
if (string.IsNullOrEmpty(associateUnsuccessfulResponse.AssociationType))
{
Logger.OpenId.Debug("Provider rejected an association request and gave no suggestion as to an alternative association type. Giving up.");
return(null);
}
if (!this.securitySettings.IsAssociationInPermittedRange(Protocol.Lookup(provider.Version), associateUnsuccessfulResponse.AssociationType))
{
Logger.OpenId.DebugFormat("Provider rejected an association request and suggested '{0}' as an association to try, which this Relying Party does not support. Giving up.", associateUnsuccessfulResponse.AssociationType);
return(null);
}
if (retriesRemaining <= 0)
{
Logger.OpenId.Debug("Unable to agree on an association type with the Provider in the allowed number of retries. Giving up.");
return(null);
}
// Make sure the Provider isn't suggesting an incompatible pair of association/session types.
Protocol protocol = Protocol.Lookup(provider.Version);
ErrorUtilities.VerifyProtocol(
HmacShaAssociation.IsDHSessionCompatible(protocol, associateUnsuccessfulResponse.AssociationType, associateUnsuccessfulResponse.SessionType),
OpenIdStrings.IncompatibleAssociationAndSessionTypes,
associateUnsuccessfulResponse.AssociationType,
associateUnsuccessfulResponse.SessionType);
associateRequest = AssociateRequestRelyingParty.Create(this.securitySettings, provider, associateUnsuccessfulResponse.AssociationType, associateUnsuccessfulResponse.SessionType);
return(await this.CreateNewAssociationAsync(provider, associateRequest, retriesRemaining - 1, cancellationToken));
}
else
{
throw new ProtocolException(MessagingStrings.UnexpectedMessageReceivedOfMany);
}
} catch (ProtocolException ex) {
exception = ex;
}
Assumes.NotNull(exception);
// If the association failed because the remote server can't handle Expect: 100 Continue headers,
// then our web request handler should have already accomodated for future calls. Go ahead and
// immediately make one of those future calls now to try to get the association to succeed.
if (UntrustedWebRequestHandler.IsExceptionFrom417ExpectationFailed(exception))
{
return(await this.CreateNewAssociationAsync(provider, associateRequest, retriesRemaining - 1, cancellationToken));
}
// Since having associations with OPs is not totally critical, we'll log and eat
// the exception so that auth may continue in dumb mode.
Logger.OpenId.ErrorFormat("An error occurred while trying to create an association with {0}. {1}", provider.Uri, exception);
return(null);
}
