public override void SetUp()
{
base.SetUp();
var request = new AssociateUnencryptedRequest(Protocol.V20.Version, new Uri("http://host"));
this.response = new DirectErrorResponse(request.Version, request);
}
/// <summary>
/// Creates an association request message that is appropriate for a given Provider.
/// </summary>
/// <param name="securityRequirements">The set of requirements the selected association type must comply to.</param>
/// <param name="provider">The provider to create an association with.</param>
/// <param name="associationType">Type of the association.</param>
/// <param name="sessionType">Type of the session.</param>
/// <returns>
/// The message to send to the Provider to request an association.
/// Null if no association could be created that meet the security requirements
/// and the provider OpenID version.
/// </returns>
internal static AssociateRequest Create(SecuritySettings securityRequirements, IProviderEndpoint provider, string associationType, string sessionType)
{
Requires.NotNull(securityRequirements, "securityRequirements");
Requires.NotNull(provider, "provider");
Requires.NotNullOrEmpty(associationType, "associationType");
Requires.NotNull(sessionType, "sessionType");
bool unencryptedAllowed = provider.Uri.IsTransportSecure();
if (unencryptedAllowed)
{
var associateRequest = new AssociateUnencryptedRequest(provider.Version, provider.Uri);
associateRequest.AssociationType = associationType;
return(associateRequest);
}
else
{
if (OpenIdUtilities.IsDiffieHellmanPresent)
{
var associateRequest = new AssociateDiffieHellmanRequest(provider.Version, provider.Uri);
associateRequest.AssociationType = associationType;
associateRequest.SessionType = sessionType;
associateRequest.InitializeRequest();
return(associateRequest);
}
else
{
return(null);
}
}
}
/// <summary>
/// Analyzes an incoming request message payload to discover what kind of
/// message is embedded in it and returns the type, or null if no match is found.
/// </summary>
/// <param name="recipient">The intended or actual recipient of the request message.</param>
/// <param name="fields">The name/value pairs that make up the message payload.</param>
/// <returns>
/// A newly instantiated <see cref="IProtocolMessage"/>-derived object that this message can
/// deserialize to. Null if the request isn't recognized as a valid protocol message.
/// </returns>
public IDirectedProtocolMessage GetNewRequestMessage(MessageReceivingEndpoint recipient, IDictionary<string, string> fields)
{
ErrorUtilities.VerifyArgumentNotNull(recipient, "recipient");
ErrorUtilities.VerifyArgumentNotNull(fields, "fields");
RequestBase message = null;
// Discern the OpenID version of the message.
Protocol protocol = Protocol.V11;
string ns;
if (fields.TryGetValue(Protocol.V20.openid.ns, out ns)) {
ErrorUtilities.VerifyProtocol(string.Equals(ns, Protocol.OpenId2Namespace, StringComparison.Ordinal), MessagingStrings.UnexpectedMessagePartValue, Protocol.V20.openid.ns, ns);
protocol = Protocol.V20;
}
string mode;
if (fields.TryGetValue(protocol.openid.mode, out mode)) {
if (string.Equals(mode, protocol.Args.Mode.associate)) {
if (fields.ContainsKey(protocol.openid.dh_consumer_public)) {
message = new AssociateDiffieHellmanRequest(protocol.Version, recipient.Location);
} else {
message = new AssociateUnencryptedRequest(protocol.Version, recipient.Location);
}
} else if (string.Equals(mode, protocol.Args.Mode.checkid_setup) ||
string.Equals(mode, protocol.Args.Mode.checkid_immediate)) {
AuthenticationRequestMode authMode = string.Equals(mode, protocol.Args.Mode.checkid_immediate) ? AuthenticationRequestMode.Immediate : AuthenticationRequestMode.Setup;
if (fields.ContainsKey(protocol.openid.identity)) {
message = new CheckIdRequest(protocol.Version, recipient.Location, authMode);
} else {
ErrorUtilities.VerifyProtocol(!fields.ContainsKey(protocol.openid.claimed_id), OpenIdStrings.IdentityAndClaimedIdentifierMustBeBothPresentOrAbsent);
message = new SignedResponseRequest(protocol.Version, recipient.Location, authMode);
}
} else if (string.Equals(mode, protocol.Args.Mode.cancel) ||
(string.Equals(mode, protocol.Args.Mode.setup_needed) && (protocol.Version.Major >= 2 || fields.ContainsKey(protocol.openid.user_setup_url)))) {
message = new NegativeAssertionResponse(protocol.Version, recipient.Location, mode);
} else if (string.Equals(mode, protocol.Args.Mode.id_res)) {
if (fields.ContainsKey(protocol.openid.identity)) {
message = new PositiveAssertionResponse(protocol.Version, recipient.Location);
} else {
ErrorUtilities.VerifyProtocol(!fields.ContainsKey(protocol.openid.claimed_id), OpenIdStrings.IdentityAndClaimedIdentifierMustBeBothPresentOrAbsent);
message = new IndirectSignedResponse(protocol.Version, recipient.Location);
}
} else if (string.Equals(mode, protocol.Args.Mode.check_authentication)) {
message = new CheckAuthenticationRequest(protocol.Version, recipient.Location);
} else if (string.Equals(mode, protocol.Args.Mode.error)) {
message = new IndirectErrorResponse(protocol.Version, recipient.Location);
} else {
ErrorUtilities.ThrowProtocol(MessagingStrings.UnexpectedMessagePartValue, protocol.openid.mode, mode);
}
}
if (message != null) {
message.SetAsIncoming();
}
return message;
}
/// <summary>
/// Creates an association request message that is appropriate for a given Provider.
/// </summary>
/// <param name="securityRequirements">The set of requirements the selected association type must comply to.</param>
/// <param name="provider">The provider to create an association with.</param>
/// <param name="associationType">Type of the association.</param>
/// <param name="sessionType">Type of the session.</param>
/// <returns>
/// The message to send to the Provider to request an association.
/// Null if no association could be created that meet the security requirements
/// and the provider OpenID version.
/// </returns>
internal static AssociateRequest Create(SecuritySettings securityRequirements, IProviderEndpoint provider, string associationType, string sessionType) {
Requires.NotNull(securityRequirements, "securityRequirements");
Requires.NotNull(provider, "provider");
Requires.NotNullOrEmpty(associationType, "associationType");
Requires.NotNull(sessionType, "sessionType");
bool unencryptedAllowed = provider.Uri.IsTransportSecure();
if (unencryptedAllowed) {
var associateRequest = new AssociateUnencryptedRequest(provider.Version, provider.Uri);
associateRequest.AssociationType = associationType;
return associateRequest;
} else {
if (OpenIdUtilities.IsDiffieHellmanPresent) {
var associateRequest = new AssociateDiffieHellmanRequest(provider.Version, provider.Uri);
associateRequest.AssociationType = associationType;
associateRequest.SessionType = sessionType;
associateRequest.InitializeRequest();
return associateRequest;
} else {
return null;
}
}
}
/// <summary>
/// Creates an association request message that is appropriate for a given Provider.
/// </summary>
/// <param name="securityRequirements">The set of requirements the selected association type must comply to.</param>
/// <param name="provider">The provider to create an association with.</param>
/// <param name="associationType">Type of the association.</param>
/// <param name="sessionType">Type of the session.</param>
/// <returns>
/// The message to send to the Provider to request an association.
/// Null if no association could be created that meet the security requirements
/// and the provider OpenID version.
/// </returns>
internal static AssociateRequest Create(SecuritySettings securityRequirements, IProviderEndpoint provider, string associationType, string sessionType)
{
Contract.Requires <ArgumentNullException>(securityRequirements != null);
Contract.Requires <ArgumentNullException>(provider != null);
Contract.Requires <ArgumentException>(!String.IsNullOrEmpty(associationType));
Contract.Requires <ArgumentNullException>(sessionType != null);
bool unencryptedAllowed = provider.Uri.IsTransportSecure();
if (unencryptedAllowed)
{
var associateRequest = new AssociateUnencryptedRequest(provider.Version, provider.Uri);
associateRequest.AssociationType = associationType;
return(associateRequest);
}
else
{
var associateRequest = new AssociateDiffieHellmanRequest(provider.Version, provider.Uri);
associateRequest.AssociationType = associationType;
associateRequest.SessionType = sessionType;
associateRequest.InitializeRequest();
return(associateRequest);
}
}
/// <summary>
/// Creates an association request message that is appropriate for a given Provider.
/// </summary>
/// <param name="securityRequirements">The set of requirements the selected association type must comply to.</param>
/// <param name="provider">The provider to create an association with.</param>
/// <param name="associationType">Type of the association.</param>
/// <param name="sessionType">Type of the session.</param>
/// <returns>
/// The message to send to the Provider to request an association.
/// Null if no association could be created that meet the security requirements
/// and the provider OpenID version.
/// </returns>
internal static AssociateRequest Create(SecuritySettings securityRequirements, ProviderEndpointDescription provider, string associationType, string sessionType)
{
ErrorUtilities.VerifyArgumentNotNull(securityRequirements, "securityRequirements");
ErrorUtilities.VerifyArgumentNotNull(provider, "provider");
ErrorUtilities.VerifyNonZeroLength(associationType, "associationType");
ErrorUtilities.VerifyArgumentNotNull(sessionType, "sessionType");
bool unencryptedAllowed = provider.Endpoint.IsTransportSecure();
if (unencryptedAllowed)
{
var associateRequest = new AssociateUnencryptedRequest(provider.ProtocolVersion, provider.Endpoint);
associateRequest.AssociationType = associationType;
return(associateRequest);
}
else
{
var associateRequest = new AssociateDiffieHellmanRequest(provider.ProtocolVersion, provider.Endpoint);
associateRequest.AssociationType = associationType;
associateRequest.SessionType = sessionType;
associateRequest.InitializeRequest();
return(associateRequest);
}
}
/// <summary>
/// Creates an association request message that is appropriate for a given Provider.
/// </summary>
/// <param name="securityRequirements">The set of requirements the selected association type must comply to.</param>
/// <param name="provider">The provider to create an association with.</param>
/// <param name="associationType">Type of the association.</param>
/// <param name="sessionType">Type of the session.</param>
/// <returns>
/// The message to send to the Provider to request an association.
/// Null if no association could be created that meet the security requirements
/// and the provider OpenID version.
/// </returns>
internal static AssociateRequest Create(SecuritySettings securityRequirements, IProviderEndpoint provider, string associationType, string sessionType) {
Contract.Requires<ArgumentNullException>(securityRequirements != null);
Contract.Requires<ArgumentNullException>(provider != null);
Contract.Requires<ArgumentException>(!String.IsNullOrEmpty(associationType));
Contract.Requires<ArgumentNullException>(sessionType != null);
bool unencryptedAllowed = provider.Uri.IsTransportSecure();
if (unencryptedAllowed) {
var associateRequest = new AssociateUnencryptedRequest(provider.Version, provider.Uri);
associateRequest.AssociationType = associationType;
return associateRequest;
} else {
var associateRequest = new AssociateDiffieHellmanRequest(provider.Version, provider.Uri);
associateRequest.AssociationType = associationType;
associateRequest.SessionType = sessionType;
associateRequest.InitializeRequest();
return associateRequest;
}
}
/// <summary>
/// Initializes a new instance of the <see cref="AssociateUnencryptedResponse"/> class.
/// </summary>
/// <param name="responseVersion">The OpenID version of the response message.</param>
/// <param name="originatingRequest">The originating request.</param>
internal AssociateUnencryptedResponse(Version responseVersion, AssociateUnencryptedRequest originatingRequest)
: base(responseVersion, originatingRequest)
{
SessionType = Protocol.Args.SessionType.NoEncryption;
}
/// <summary>
/// Initializes a new instance of the <see cref="AssociateUnencryptedResponse"/> class.
/// </summary>
/// <param name="responseVersion">The OpenID version of the response message.</param>
/// <param name="originatingRequest">The originating request.</param>
internal AssociateUnencryptedResponse(Version responseVersion, AssociateUnencryptedRequest originatingRequest)
: base(responseVersion, originatingRequest) {
SessionType = Protocol.Args.SessionType.NoEncryption;
}
/// <summary>
/// Initializes a new instance of the <see cref="AssociateUnencryptedResponseProvider"/> class.
/// </summary>
/// <param name="version">The version.</param>
/// <param name="request">The request.</param>
internal AssociateUnencryptedResponseProvider(Version version, AssociateUnencryptedRequest request)
: base(version, request) {
}
/// <summary>
/// Creates an association request message that is appropriate for a given Provider.
/// </summary>
/// <param name="securityRequirements">The set of requirements the selected association type must comply to.</param>
/// <param name="provider">The provider to create an association with.</param>
/// <param name="associationType">Type of the association.</param>
/// <param name="sessionType">Type of the session.</param>
/// <returns>
/// The message to send to the Provider to request an association.
/// Null if no association could be created that meet the security requirements
/// and the provider OpenID version.
/// </returns>
internal static AssociateRequest Create(SecuritySettings securityRequirements, ProviderEndpointDescription provider, string associationType, string sessionType)
{
ErrorUtilities.VerifyArgumentNotNull(securityRequirements, "securityRequirements");
ErrorUtilities.VerifyArgumentNotNull(provider, "provider");
ErrorUtilities.VerifyNonZeroLength(associationType, "associationType");
ErrorUtilities.VerifyArgumentNotNull(sessionType, "sessionType");
bool unencryptedAllowed = provider.Endpoint.IsTransportSecure();
if (unencryptedAllowed) {
var associateRequest = new AssociateUnencryptedRequest(provider.ProtocolVersion, provider.Endpoint);
associateRequest.AssociationType = associationType;
return associateRequest;
} else {
var associateRequest = new AssociateDiffieHellmanRequest(provider.ProtocolVersion, provider.Endpoint);
associateRequest.AssociationType = associationType;
associateRequest.SessionType = sessionType;
associateRequest.InitializeRequest();
return associateRequest;
}
}
/// <summary>
/// Initializes a new instance of the <see cref="AssociateUnencryptedResponseRelyingParty"/> class.
/// </summary>
/// <param name="version">The version.</param>
/// <param name="request">The request.</param>
internal AssociateUnencryptedResponseRelyingParty(Version version, AssociateUnencryptedRequest request)
: base(version, request) {
}
/// <summary>
/// Initializes a new instance of the <see cref="AssociateUnencryptedResponseRelyingParty"/> class.
/// </summary>
/// <param name="version">The version.</param>
/// <param name="request">The request.</param>
internal AssociateUnencryptedResponseRelyingParty(Version version, AssociateUnencryptedRequest request)
: base(version, request)
{
}
/// <summary>
/// Initializes a new instance of the <see cref="AssociateUnencryptedResponseProvider"/> class.
/// </summary>
/// <param name="version">The version.</param>
/// <param name="request">The request.</param>
internal AssociateUnencryptedResponseProvider(Version version, AssociateUnencryptedRequest request)
: base(version, request)
{
}
