search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
TEMP
[dotnetoauth.git] / src / DotNetOpenAuth / OpenId / Provider / OpenIdProvider.cs
blob866aca6bca59b31b89ad838046f5f6bdf085e1ad
1 //-----------------------------------------------------------------------
2 // <copyright file="OpenIdProvider.cs" company="Andrew Arnott">
3 // Copyright (c) Andrew Arnott. All rights reserved.
4 // </copyright>
5 //-----------------------------------------------------------------------
6
7 namespace DotNetOpenAuth.OpenId.Provider {
8 using System;
9 using DotNetOpenAuth.Configuration;
10 using DotNetOpenAuth.Messaging;
11 using DotNetOpenAuth.Messaging.Bindings;
12 using DotNetOpenAuth.OpenId.ChannelElements;
13 using DotNetOpenAuth.OpenId.Messages;
14
15 /// <summary>
16 /// Offers services for a web page that is acting as an OpenID identity server.
17 /// </summary>
18 public sealed class OpenIdProvider {
19 /// <summary>
20 /// Backing field for the <see cref="SecuritySettings"/> property.
21 /// </summary>
22 private ProviderSecuritySettings securitySettings;
23
24 /// <summary>
25 /// Initializes a new instance of the <see cref="OpenIdProvider"/> class.
26 /// </summary>
27 /// <param name="associationStore">The association store to use. Cannot be null.</param>
28 /// <param name="nonceStore">The nonce store to use. Cannot be null.</param>
29 public OpenIdProvider(IAssociationStore<AssociationRelyingPartyType> associationStore, INonceStore nonceStore) {
30 ErrorUtilities.VerifyArgumentNotNull(associationStore, "associationStore");
31 ErrorUtilities.VerifyArgumentNotNull(nonceStore, "nonceStore");
32
33 this.Channel = new OpenIdChannel(associationStore, nonceStore);
34 this.AssociationStore = associationStore;
35 this.SecuritySettings = ProviderSection.Configuration.SecuritySettings.CreateSecuritySettings();
36 }
37
38 /// <summary>
39 /// Gets the channel to use for sending/receiving messages.
40 /// </summary>
41 public Channel Channel { get; internal set; }
42
43 /// <summary>
44 /// Gets the security settings used by this Provider.
45 /// </summary>
46 public ProviderSecuritySettings SecuritySettings {
47 get {
48 return this.securitySettings;
49 }
50
51 internal set {
52 if (value == null) {
53 throw new ArgumentNullException("value");
54 }
55
56 this.securitySettings = value;
57 }
58 }
59
60 /// <summary>
61 /// Gets the association store.
62 /// </summary>
63 internal IAssociationStore<AssociationRelyingPartyType> AssociationStore { get; private set; }
64
65 /// <summary>
66 /// Gets the web request handler to use for discovery and the part of
67 /// authentication where direct messages are sent to an untrusted remote party.
68 /// </summary>
69 internal IDirectSslWebRequestHandler WebRequestHandler {
70 // TODO: Since the OpenIdChannel.WebRequestHandler might be set to a non-SSL
71 // implementation, we should consider altering the consumers of this property
72 // to handle either case.
73 get { return this.Channel.WebRequestHandler as IDirectSslWebRequestHandler; }
74 }
75
76 /// <summary>
77 /// Gets the incoming OpenID request if there is one, or null if none was detected.
78 /// </summary>
79 /// <returns>The request that the hosting Provider should possibly process and then transmit the response for.</returns>
80 /// <remarks>
81 /// Requests may be infrastructural to OpenID and allow auto-responses, or they may
82 /// be authentication requests where the Provider site has to make decisions based
83 /// on its own user database and policies.
84 /// </remarks>
85 public IRequest GetRequest() {
86 return this.GetRequest(this.Channel.GetRequestFromContext());
87 }
88
89 /// <summary>
90 /// Gets the incoming OpenID request if there is one, or null if none was detected.
91 /// </summary>
92 /// <param name="httpRequestInfo">The incoming HTTP request to extract the message from.</param>
93 /// <returns>The request that the hosting Provider should possibly process and then transmit the response for.</returns>
94 /// <remarks>
95 /// Requests may be infrastructural to OpenID and allow auto-responses, or they may
96 /// be authentication requests where the Provider site has to make decisions based
97 /// on its own user database and policies.
98 /// </remarks>
99 public IRequest GetRequest(HttpRequestInfo httpRequestInfo) {
100 IDirectedProtocolMessage incomingMessage = this.Channel.ReadFromRequest(httpRequestInfo);
101 if (incomingMessage == null) {
102 return null;
103 }
104
105 var checkIdMessage = incomingMessage as CheckIdRequest;
106 if (checkIdMessage != null) {
107 return new AuthenticationRequest(this, checkIdMessage);
108 }
109
110 var checkAuthMessage = incomingMessage as CheckAuthenticationRequest;
111 if (checkAuthMessage != null) {
112 return new AutoResponsiveRequest(this, incomingMessage, new CheckAuthenticationResponse(checkAuthMessage));
113 }
114
115 var associateMessage = incomingMessage as AssociateRequest;
116 if (associateMessage != null) {
117 return new AutoResponsiveRequest(this, incomingMessage, associateMessage.CreateResponse(this.AssociationStore));
118 }
119
120 throw ErrorUtilities.ThrowProtocol(MessagingStrings.UnexpectedMessageReceivedOfMany);
121 }
122 }
123 }
OAuth running on .NET