1
//-----------------------------------------------------------------------
2 // <copyright file="ProviderSecuritySettings.cs" company="Andrew Arnott">
3 // Copyright (c) Andrew Arnott. All rights reserved.
5 //-----------------------------------------------------------------------
7 namespace DotNetOpenAuth
.OpenId
.Provider
{
9 using System
.Collections
.Generic
;
10 using DotNetOpenAuth
.Messaging
;
13 /// Security settings that are applicable to providers.
15 public sealed class ProviderSecuritySettings
: SecuritySettings
{
17 /// The subset of association types and their customized lifetimes.
19 private IDictionary
<string, TimeSpan
> associationLifetimes
= new Dictionary
<string, TimeSpan
>();
22 /// Initializes a new instance of the <see cref="ProviderSecuritySettings"/> class.
24 internal ProviderSecuritySettings()
29 /// Gets a subset of the available association types and their
30 /// customized maximum lifetimes.
32 public IDictionary
<string, TimeSpan
> AssociationLifetimes
{
33 get { return this.associationLifetimes; }
37 /// Gets or sets a value indicating whether OpenID 1.x relying parties that may not be
38 /// protecting their users from replay attacks are protected from
39 /// replay attacks by this provider.
40 /// *** This property is a placeholder for a feature that has not been written yet. ***
43 /// <para>Nonces for protection against replay attacks were not mandated
44 /// by OpenID 1.x, which leaves users open to replay attacks.</para>
45 /// <para>This feature works by preventing associations from being formed
46 /// with OpenID 1.x relying parties, thereby forcing them into
47 /// "dumb" mode and verifying every claim with this provider.
48 /// This gives the provider an opportunity to verify its own nonce
49 /// to protect against replay attacks.</para>
51 internal bool ProtectDownlevelReplayAttacks { get; set; }