search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Shifted some of the maximum message age references.
[dotnetoauth.git] / src / DotNetOpenAuth / OpenId / Provider / OpenIdProvider.cs
bloba17b16de3bb909665c8fb1d56853ec96fc269ab5
1 //-----------------------------------------------------------------------
2 // <copyright file="OpenIdProvider.cs" company="Andrew Arnott">
3 // Copyright (c) Andrew Arnott. All rights reserved.
4 // </copyright>
5 //-----------------------------------------------------------------------
6
7 namespace DotNetOpenAuth.OpenId.Provider {
8 using System;
9 using System.ComponentModel;
10 using System.Web;
11 using DotNetOpenAuth.Configuration;
12 using DotNetOpenAuth.Messaging;
13 using DotNetOpenAuth.Messaging.Bindings;
14 using DotNetOpenAuth.OpenId.ChannelElements;
15 using DotNetOpenAuth.OpenId.Messages;
16
17 /// <summary>
18 /// Offers services for a web page that is acting as an OpenID identity server.
19 /// </summary>
20 public sealed class OpenIdProvider {
21 /// <summary>
22 /// The name of the key to use in the HttpApplication cache to store the
23 /// instance of <see cref="StandardProviderApplicationStore"/> to use.
24 /// </summary>
25 private const string ApplicationStoreKey = "DotNetOpenAuth.OpenId.Provider.OpenIdProvider.ApplicationStore";
26
27 /// <summary>
28 /// Backing field for the <see cref="SecuritySettings"/> property.
29 /// </summary>
30 private ProviderSecuritySettings securitySettings;
31
32 /// <summary>
33 /// Initializes a new instance of the <see cref="OpenIdProvider"/> class.
34 /// </summary>
35 public OpenIdProvider()
36 : this(DotNetOpenAuth.Configuration.ProviderSection.Configuration.ApplicationStore.CreateInstance(HttpApplicationStore)) {
37 }
38
39 /// <summary>
40 /// Initializes a new instance of the <see cref="OpenIdProvider"/> class.
41 /// </summary>
42 /// <param name="applicationStore">The application store to use. Cannot be null.</param>
43 public OpenIdProvider(IProviderApplicationStore applicationStore)
44 : this(applicationStore, applicationStore) {
45 }
46
47 /// <summary>
48 /// Initializes a new instance of the <see cref="OpenIdProvider"/> class.
49 /// </summary>
50 /// <param name="associationStore">The association store to use. Cannot be null.</param>
51 /// <param name="nonceStore">The nonce store to use. Cannot be null.</param>
52 private OpenIdProvider(IAssociationStore<AssociationRelyingPartyType> associationStore, INonceStore nonceStore) {
53 ErrorUtilities.VerifyArgumentNotNull(associationStore, "associationStore");
54 ErrorUtilities.VerifyArgumentNotNull(nonceStore, "nonceStore");
55
56 this.Channel = new OpenIdChannel(associationStore, nonceStore);
57 this.AssociationStore = associationStore;
58 this.SecuritySettings = ProviderSection.Configuration.SecuritySettings.CreateSecuritySettings();
59 }
60
61 /// <summary>
62 /// Gets the standard state storage mechanism that uses ASP.NET's
63 /// HttpApplication state dictionary to store associations and nonces.
64 /// </summary>
65 [EditorBrowsable(EditorBrowsableState.Advanced)]
66 public static IProviderApplicationStore HttpApplicationStore {
67 get {
68 HttpContext context = HttpContext.Current;
69 ErrorUtilities.VerifyOperation(context != null, OpenIdStrings.StoreRequiredWhenNoHttpContextAvailable, typeof(IProviderApplicationStore).Name);
70 var store = (IProviderApplicationStore)context.Application[ApplicationStoreKey];
71 if (store == null) {
72 context.Application.Lock();
73 try {
74 if ((store = (IProviderApplicationStore)context.Application[ApplicationStoreKey]) == null) {
75 context.Application[ApplicationStoreKey] = store = new StandardProviderApplicationStore();
76 }
77 } finally {
78 context.Application.UnLock();
79 }
80 }
81
82 return store;
83 }
84 }
85
86 /// <summary>
87 /// Gets the channel to use for sending/receiving messages.
88 /// </summary>
89 public Channel Channel { get; internal set; }
90
91 /// <summary>
92 /// Gets the security settings used by this Provider.
93 /// </summary>
94 public ProviderSecuritySettings SecuritySettings {
95 get {
96 return this.securitySettings;
97 }
98
99 internal set {
100 ErrorUtilities.VerifyArgumentNotNull(value, "value");
101 this.securitySettings = value;
102 }
103 }
104
105 /// <summary>
106 /// Gets the association store.
107 /// </summary>
108 internal IAssociationStore<AssociationRelyingPartyType> AssociationStore { get; private set; }
109
110 /// <summary>
111 /// Gets the web request handler to use for discovery and the part of
112 /// authentication where direct messages are sent to an untrusted remote party.
113 /// </summary>
114 internal IDirectWebRequestHandler WebRequestHandler {
115 get { return this.Channel.WebRequestHandler; }
116 }
117
118 /// <summary>
119 /// Gets the incoming OpenID request if there is one, or null if none was detected.
120 /// </summary>
121 /// <returns>The request that the hosting Provider should possibly process and then transmit the response for.</returns>
122 /// <remarks>
123 /// <para>Requests may be infrastructural to OpenID and allow auto-responses, or they may
124 /// be authentication requests where the Provider site has to make decisions based
125 /// on its own user database and policies.</para>
126 /// <para>Requires an <see cref="HttpContext.Current">HttpContext.Current</see> context.</para>
127 /// </remarks>
128 /// <exception cref="InvalidOperationException">Thrown if <see cref="HttpContext.Current">HttpContext.Current</see> == <c>null</c>.</exception>
129 /// <exception cref="ProtocolException">Thrown if the incoming message is recognized but deviates from the protocol specification irrecoverably.</exception>
130 public IRequest GetRequest() {
131 return this.GetRequest(this.Channel.GetRequestFromContext());
132 }
133
134 /// <summary>
135 /// Gets the incoming OpenID request if there is one, or null if none was detected.
136 /// </summary>
137 /// <param name="httpRequestInfo">The incoming HTTP request to extract the message from.</param>
138 /// <returns>
139 /// The request that the hosting Provider should process and then transmit the response for.
140 /// Null if no valid OpenID request was detected in the given HTTP request.
141 /// </returns>
142 /// <remarks>
143 /// Requests may be infrastructural to OpenID and allow auto-responses, or they may
144 /// be authentication requests where the Provider site has to make decisions based
145 /// on its own user database and policies.
146 /// </remarks>
147 /// <exception cref="ProtocolException">Thrown if the incoming message is recognized but deviates from the protocol specification irrecoverably.</exception>
148 public IRequest GetRequest(HttpRequestInfo httpRequestInfo) {
149 ErrorUtilities.VerifyArgumentNotNull(httpRequestInfo, "httpRequestInfo");
150
151 IDirectedProtocolMessage incomingMessage = this.Channel.ReadFromRequest(httpRequestInfo);
152 if (incomingMessage == null) {
153 return null;
154 }
155
156 var checkIdMessage = incomingMessage as CheckIdRequest;
157 if (checkIdMessage != null) {
158 return new AuthenticationRequest(this, checkIdMessage);
159 }
160
161 var checkAuthMessage = incomingMessage as CheckAuthenticationRequest;
162 if (checkAuthMessage != null) {
163 return new AutoResponsiveRequest(this, incomingMessage, new CheckAuthenticationResponse(checkAuthMessage, this));
164 }
165
166 var associateMessage = incomingMessage as AssociateRequest;
167 if (associateMessage != null) {
168 return new AutoResponsiveRequest(this, incomingMessage, associateMessage.CreateResponse(this.AssociationStore));
169 }
170
171 throw ErrorUtilities.ThrowProtocol(MessagingStrings.UnexpectedMessageReceivedOfMany);
172 }
173 }
174 }
OAuth running on .NET