StyleCop work

[dotnetoauth.git] / src / DotNetOpenAuth / OpenId / RelyingParty / NegativeAuthenticationResponse.cs

//-----------------------------------------------------------------------
// <copyright file="NegativeAuthenticationResponse.cs" company="Andrew Arnott">
//     Copyright (c) Andrew Arnott. All rights reserved.
// </copyright>
//-----------------------------------------------------------------------

namespace DotNetOpenAuth.OpenId.RelyingParty {
        using System;
        using System.Collections.Generic;
        using DotNetOpenAuth.Messaging;
        using DotNetOpenAuth.OpenId.Messages;

        /// <summary>
        /// Wraps a negative assertion response in an <see cref="IAuthenticationResponse"/> instance
        /// for public consumption by the host web site.
        /// </summary>
        internal class NegativeAuthenticationResponse : IAuthenticationResponse, ISetupRequiredAuthenticationResponse {
                /// <summary>
                /// The negative assertion message that was received by the RP that was used
                /// to create this instance.
                /// </summary>
                private readonly NegativeAssertionResponse response;

                /// <summary>
                /// Initializes a new instance of the <see cref="NegativeAuthenticationResponse"/> class.
                /// </summary>
                /// <param name="response">The negative assertion response received by the Relying Party.</param>
                internal NegativeAuthenticationResponse(NegativeAssertionResponse response) {
                        ErrorUtilities.VerifyArgumentNotNull(response, "response");
                        this.response = response;
                }

                #region IAuthenticationResponse Properties

                /// <summary>
                /// Gets the Identifier that the end user claims to own.  For use with user database storage and lookup.
                /// May be null for some failed authentications (i.e. failed directed identity authentications).
                /// </summary>
                /// <value></value>
                /// <remarks>
                ///     <para>
                /// This is the secure identifier that should be used for database storage and lookup.
                /// It is not always friendly (i.e. =Arnott becomes =!9B72.7DD1.50A9.5CCD), but it protects
                /// user identities against spoofing and other attacks.
                /// </para>
                ///     <para>
                /// For user-friendly identifiers to display, use the
                /// <see cref="FriendlyIdentifierForDisplay"/> property.
                /// </para>
                /// </remarks>
                public Identifier ClaimedIdentifier {
                        get { return null; }
                }

                /// <summary>
                /// Gets a user-friendly OpenID Identifier for display purposes ONLY.
                /// </summary>
                /// <value></value>
                /// <remarks>
                ///     <para>
                /// This <i>should</i> be put through <see cref="HttpUtility.HtmlEncode(string)"/> before
                /// sending to a browser to secure against javascript injection attacks.
                /// </para>
                ///     <para>
                /// This property retains some aspects of the user-supplied identifier that get lost
                /// in the <see cref="ClaimedIdentifier"/>.  For example, XRIs used as user-supplied
                /// identifiers (i.e. =Arnott) become unfriendly unique strings (i.e. =!9B72.7DD1.50A9.5CCD).
                /// For display purposes, such as text on a web page that says "You're logged in as ...",
                /// this property serves to provide the =Arnott string, or whatever else is the most friendly
                /// string close to what the user originally typed in.
                /// </para>
                ///     <para>
                /// If the user-supplied identifier is a URI, this property will be the URI after all
                /// redirects, and with the protocol and fragment trimmed off.
                /// If the user-supplied identifier is an XRI, this property will be the original XRI.
                /// If the user-supplied identifier is an OpenID Provider identifier (i.e. yahoo.com),
                /// this property will be the Claimed Identifier, with the protocol stripped if it is a URI.
                /// </para>
                ///     <para>
                /// It is <b>very</b> important that this property <i>never</i> be used for database storage
                /// or lookup to avoid identity spoofing and other security risks.  For database storage
                /// and lookup please use the <see cref="ClaimedIdentifier"/> property.
                /// </para>
                /// </remarks>
                public string FriendlyIdentifierForDisplay {
                        get { return null; }
                }

                /// <summary>
                /// Gets the detailed success or failure status of the authentication attempt.
                /// </summary>
                /// <value></value>
                public AuthenticationStatus Status {
                        get { return this.response.Immediate ? AuthenticationStatus.SetupRequired : AuthenticationStatus.Canceled; }
                }

                /// <summary>
                /// Gets the details regarding a failed authentication attempt, if available.
                /// This will be set if and only if <see cref="Status"/> is <see cref="AuthenticationStatus.Failed"/>.
                /// </summary>
                /// <value></value>
                public Exception Exception {
                        get { return null; }
                }

                #endregion

                #region ISetupRequiredAuthenticationResponse Members

                /// <summary>
                /// Gets the <see cref="Identifier"/> to pass to <see cref="OpenIdRelyingParty.CreateRequest(Identifier)"/>
                /// in a subsequent authentication attempt.
                /// </summary>
                /// <value></value>
                public Identifier UserSuppliedIdentifier {
                        get {
                                if (this.Status != AuthenticationStatus.SetupRequired) {
                                        throw new InvalidOperationException(OpenIdStrings.OperationOnlyValidForSetupRequiredState);
                                }

                                string userSuppliedIdentifier;
                                this.response.ExtraData.TryGetValue(AuthenticationRequest.UserSuppliedIdentifierParameterName, out userSuppliedIdentifier);
                                return userSuppliedIdentifier;
                        }
                }

                #endregion

                #region IAuthenticationResponse Methods

                /// <summary>
                /// Gets a callback argument's value that was previously added using
                /// <see cref="IAuthenticationRequest.AddCallbackArguments(string, string)"/>.
                /// </summary>
                /// <param name="key">The name of the parameter whose value is sought.</param>
                /// <returns>
                /// The value of the argument, or null if the named parameter could not be found.
                /// </returns>
                /// <remarks>
                ///     <para>This may return any argument on the querystring that came with the authentication response,
                /// which may include parameters not explicitly added using
                /// <see cref="IAuthenticationRequest.AddCallbackArguments(string, string)"/>.</para>
                ///     <para>Note that these values are NOT protected against tampering in transit.</para>
                /// </remarks>
                public string GetCallbackArgument(string key) {
                        return null;
                }

                /// <summary>
                /// Gets all the callback arguments that were previously added using
                /// <see cref="IAuthenticationRequest.AddCallbackArguments(string, string)"/> or as a natural part
                /// of the return_to URL.
                /// </summary>
                /// <returns>A name-value dictionary.  Never null.</returns>
                /// <remarks>
                ///     <para>This MAY return any argument on the querystring that came with the authentication response,
                /// which may include parameters not explicitly added using
                /// <see cref="IAuthenticationRequest.AddCallbackArguments(string, string)"/>.</para>
                ///     <para>Note that these values are NOT protected against tampering in transit.</para>
                /// </remarks>
                public IDictionary<string, string> GetCallbackArguments() {
                        return EmptyDictionary<string, string>.Instance;
                }

                /// <summary>
                /// Tries to get an OpenID extension that may be present in the response.
                /// </summary>
                /// <typeparam name="T">The type of extension to look for in the response message.</typeparam>
                /// <returns>
                /// The extension, if it is found.  Null otherwise.
                /// </returns>
                public T GetExtension<T>() where T : IOpenIdMessageExtension, new() {
                        return default(T);
                }

                /// <summary>
                /// Tries to get an OpenID extension that may be present in the response.
                /// </summary>
                /// <param name="extensionType">Type of the extension to look for in the response.</param>
                /// <returns>
                /// The extension, if it is found.  Null otherwise.
                /// </returns>
                public IOpenIdMessageExtension GetExtension(Type extensionType) {
                        return null;
                }

                #endregion
        }
}