src/DotNetOpenAuth/Configuration/ProviderSecuritySettingsElement.cs

   1 //-----------------------------------------------------------------------
   2 // <copyright file="ProviderSecuritySettingsElement.cs" company="Andrew Arnott">
   3 //     Copyright (c) Andrew Arnott. All rights reserved.
   4 // </copyright>
   5 //-----------------------------------------------------------------------
   6
   7 namespace DotNetOpenAuth.Configuration {
   8         using System.Configuration;
   9         using DotNetOpenAuth.OpenId;
  10         using DotNetOpenAuth.OpenId.Provider;
  11
  12         /// <summary>
  13         /// Represents the .config file element that allows for setting the security policies of the Provider.
  14         /// </summary>
  15         internal class ProviderSecuritySettingsElement : ConfigurationElement {
  16                 /// <summary>
  17                 /// Gets the name of the @protectDownlevelReplayAttacks attribute.
  18                 /// </summary>
  19                 private const string ProtectDownlevelReplayAttacksConfigName = "protectDownlevelReplayAttacks";
  20
  21                 /// <summary>
  22                 /// Gets the name of the @minimumHashBitLength attribute.
  23                 /// </summary>
  24                 private const string MinimumHashBitLengthConfigName = "minimumHashBitLength";
  25
  26                 /// <summary>
  27                 /// Gets the name of the @maximumHashBitLength attribute.
  28                 /// </summary>
  29                 private const string MaximumHashBitLengthConfigName = "maximumHashBitLength";
  30
  31                 /// <summary>
  32                 /// The name of the associations collection sub-element.
  33                 /// </summary>
  34                 private const string AssociationsConfigName = "associations";
  35
  36                 /// <summary>
  37                 /// Initializes a new instance of the <see cref="ProviderSecuritySettingsElement"/> class.
  38                 /// </summary>
  39                 public ProviderSecuritySettingsElement() {
  40                 }
  41
  42                 /// <summary>
  43                 /// Gets or sets the minimum length of the hash that protects the protocol from hijackers.
  44                 /// </summary>
  45                 [ConfigurationProperty(MinimumHashBitLengthConfigName, DefaultValue = SecuritySettings.MinimumHashBitLengthDefault)]
  46                 public int MinimumHashBitLength {
  47                         get { return (int)this[MinimumHashBitLengthConfigName]; }
  48                         set { this[MinimumHashBitLengthConfigName] = value; }
  49                 }
  50
  51                 /// <summary>
  52                 /// Gets or sets the maximum length of the hash that protects the protocol from hijackers.
  53                 /// </summary>
  54                 [ConfigurationProperty(MaximumHashBitLengthConfigName, DefaultValue = SecuritySettings.MaximumHashBitLengthRPDefault)]
  55                 public int MaximumHashBitLength {
  56                         get { return (int)this[MaximumHashBitLengthConfigName]; }
  57                         set { this[MaximumHashBitLengthConfigName] = value; }
  58                 }
  59
  60                 /// <summary>
  61                 /// Gets or sets a value indicating whether the Provider should take special care to protect OpenID 1.x relying parties
  62                 /// against replay attacks.
  63                 /// </summary>
  64                 [ConfigurationProperty(ProtectDownlevelReplayAttacksConfigName, DefaultValue = false)]
  65                 public bool ProtectDownlevelReplayAttacks {
  66                         get { return (bool)this[ProtectDownlevelReplayAttacksConfigName]; }
  67                         set { this[ProtectDownlevelReplayAttacksConfigName] = value; }
  68                 }
  69
  70                 /// <summary>
  71                 /// Gets or sets the configured lifetimes of the various association types.
  72                 /// </summary>
  73                 [ConfigurationProperty(AssociationsConfigName, IsDefaultCollection = false)]
  74                 [ConfigurationCollection(typeof(AssociationTypeCollection))]
  75                 public AssociationTypeCollection AssociationLifetimes {
  76                         get { return (AssociationTypeCollection)this[AssociationsConfigName] ?? new AssociationTypeCollection(); }
  77                         set { this[AssociationsConfigName] = value; }
  78                 }
  79
  80                 /// <summary>
  81                 /// Initializes a programmatically manipulatable bag of these security settings with the settings from the config file.
  82                 /// </summary>
  83                 /// <returns>The newly created security settings object.</returns>
  84                 public ProviderSecuritySettings CreateSecuritySettings() {
  85                         ProviderSecuritySettings settings = new ProviderSecuritySettings();
  86                         settings.MinimumHashBitLength = this.MinimumHashBitLength;
  87                         settings.MaximumHashBitLength = this.MaximumHashBitLength;
  88                         settings.ProtectDownlevelReplayAttacks = this.ProtectDownlevelReplayAttacks;
  89                         foreach (AssociationTypeElement element in this.AssociationLifetimes) {
  90                                 settings.AssociationLifetimes.Add(element.AssociationType, element.MaximumLifetime);
  91                         }
  92                         return settings;
  93                 }
  94         }
  95 }