From 03b5a855fdbf3d939437ee38f8b3644c044f57b3 Mon Sep 17 00:00:00 2001
From: Andrew Arnott <andrewarnott@gmail.com>
Date: Wed, 14 Jan 2009 07:52:23 -0800
Subject: [PATCH] Added default constructors to OpenIdRelyingParty and
 OpenIdProvider.

Also wired up the "store" configuration attributes for both OP and RP.
---
 .../Configuration/ProviderSection.cs               |  8 ++--
 .../Configuration/RelyingPartySection.cs           |  9 ++---
 .../Configuration/TypeConfigurationElement.cs      | 12 +++++-
 .../Messaging/UntrustedWebRequestHandler.cs        |  2 +-
 .../OpenId/OpenIdStrings.Designer.cs               |  9 +++++
 src/DotNetOpenAuth/OpenId/OpenIdStrings.resx       |  3 ++
 .../OpenId/Provider/OpenIdProvider.cs              | 44 ++++++++++++++++++++--
 .../OpenId/RelyingParty/OpenIdRelyingParty.cs      | 38 +++++++++++++++++++
 src/DotNetOpenAuth/Strings.Designer.cs             | 11 +++++-
 src/DotNetOpenAuth/Strings.resx                    |  3 ++
 10 files changed, 122 insertions(+), 17 deletions(-)

diff --git a/src/DotNetOpenAuth/Configuration/ProviderSection.cs b/src/DotNetOpenAuth/Configuration/ProviderSection.cs
index 95b3de7..4b385ea 100644
--- a/src/DotNetOpenAuth/Configuration/ProviderSection.cs
+++ b/src/DotNetOpenAuth/Configuration/ProviderSection.cs
@@ -6,7 +6,7 @@
 
 namespace DotNetOpenAuth.Configuration {
 	using System.Configuration;
-	using IProviderAssociationStore = DotNetOpenAuth.OpenId.IAssociationStore<DotNetOpenAuth.OpenId.AssociationRelyingPartyType>;
+	using DotNetOpenAuth.OpenId.Provider;
 
 	/// <summary>
 	/// The section in the .config file that allows customization of OpenID Provider behaviors.
@@ -38,11 +38,11 @@ namespace DotNetOpenAuth.Configuration {
 		}
 
 		/// <summary>
-		/// Gets or sets the association store type.
+		/// Gets or sets the type to use for storing application state.
 		/// </summary>
 		[ConfigurationProperty(StoreConfigName)]
-		public TypeConfigurationElement<IProviderAssociationStore> AssociationStore {
-			get { return (TypeConfigurationElement<IProviderAssociationStore>)this[StoreConfigName] ?? new TypeConfigurationElement<IProviderAssociationStore>(); }
+		public TypeConfigurationElement<IProviderApplicationStore> ApplicationStore {
+			get { return (TypeConfigurationElement<IProviderApplicationStore>)this[StoreConfigName] ?? new TypeConfigurationElement<IProviderApplicationStore>(); }
 			set { this[StoreConfigName] = value; }
 		}
 
diff --git a/src/DotNetOpenAuth/Configuration/RelyingPartySection.cs b/src/DotNetOpenAuth/Configuration/RelyingPartySection.cs
index d30fb08..b5dfad4 100644
--- a/src/DotNetOpenAuth/Configuration/RelyingPartySection.cs
+++ b/src/DotNetOpenAuth/Configuration/RelyingPartySection.cs
@@ -5,11 +5,8 @@
 //-----------------------------------------------------------------------
 
 namespace DotNetOpenAuth.Configuration {
-	using System;
 	using System.Configuration;
-	using DotNetOpenAuth.OpenId;
 	using DotNetOpenAuth.OpenId.RelyingParty;
-	using IRelyingPartyAssociationStore = DotNetOpenAuth.OpenId.IAssociationStore<System.Uri>;
 
 	/// <summary>
 	/// The section in the .config file that allows customization of OpenID Relying Party behaviors.
@@ -41,11 +38,11 @@ namespace DotNetOpenAuth.Configuration {
 		}
 
 		/// <summary>
-		/// Gets or sets the association store type.
+		/// Gets or sets the type to use for storing application state.
 		/// </summary>
 		[ConfigurationProperty(StoreConfigName)]
-		public TypeConfigurationElement<IRelyingPartyAssociationStore> AssociationStore {
-			get { return (TypeConfigurationElement<IRelyingPartyAssociationStore>)this[StoreConfigName] ?? new TypeConfigurationElement<IRelyingPartyAssociationStore>(); }
+		public TypeConfigurationElement<IRelyingPartyApplicationStore> ApplicationStore {
+			get { return (TypeConfigurationElement<IRelyingPartyApplicationStore>)this[StoreConfigName] ?? new TypeConfigurationElement<IRelyingPartyApplicationStore>(); }
 			set { this[StoreConfigName] = value; }
 		}
 
diff --git a/src/DotNetOpenAuth/Configuration/TypeConfigurationElement.cs b/src/DotNetOpenAuth/Configuration/TypeConfigurationElement.cs
index a315060..5375046 100644
--- a/src/DotNetOpenAuth/Configuration/TypeConfigurationElement.cs
+++ b/src/DotNetOpenAuth/Configuration/TypeConfigurationElement.cs
@@ -7,6 +7,8 @@
 namespace DotNetOpenAuth.Configuration {
 	using System;
 	using System.Configuration;
+	using System.Reflection;
+	using DotNetOpenAuth.Messaging;
 
 	/// <summary>
 	/// Represents an element in a .config file that allows the user to provide a @type attribute specifying
@@ -49,7 +51,15 @@ namespace DotNetOpenAuth.Configuration {
 		/// <param name="defaultValue">The value to return if no type is given in the .config file.</param>
 		/// <returns>The newly instantiated type.</returns>
 		public T CreateInstance(T defaultValue) {
-			return this.CustomType != null ? (T)Activator.CreateInstance(this.CustomType) : defaultValue;
+			if (this.CustomType != null) {
+				// Although .NET will usually prevent our instantiating non-public types,
+				// it will allow our instantiation of internal types within this same assembly.
+				// But we don't want the host site to be able to do this, so we check ourselves.
+				ErrorUtilities.VerifyArgument((this.CustomType.Attributes & TypeAttributes.Public) != 0, Strings.ConfigurationTypeMustBePublic, this.CustomType.FullName);
+				return (T)Activator.CreateInstance(this.CustomType);
+			} else {
+				return defaultValue;
+			}
 		}
 	}
 }
diff --git a/src/DotNetOpenAuth/Messaging/UntrustedWebRequestHandler.cs b/src/DotNetOpenAuth/Messaging/UntrustedWebRequestHandler.cs
index ead3f40..bc2b34a 100644
--- a/src/DotNetOpenAuth/Messaging/UntrustedWebRequestHandler.cs
+++ b/src/DotNetOpenAuth/Messaging/UntrustedWebRequestHandler.cs
@@ -175,7 +175,7 @@ namespace DotNetOpenAuth.Messaging {
 		/// <summary>
 		/// Gets the configuration for this class that is specified in the host's .config file.
 		/// </summary>
-		private static DotNetOpenAuth.Configuration.UntrustedWebRequestSection Configuration {
+		private static UntrustedWebRequestSection Configuration {
 			get { return UntrustedWebRequestSection.Configuration; }
 		}
 
diff --git a/src/DotNetOpenAuth/OpenId/OpenIdStrings.Designer.cs b/src/DotNetOpenAuth/OpenId/OpenIdStrings.Designer.cs
index 832d39e..b4b8dfd 100644
--- a/src/DotNetOpenAuth/OpenId/OpenIdStrings.Designer.cs
+++ b/src/DotNetOpenAuth/OpenId/OpenIdStrings.Designer.cs
@@ -398,6 +398,15 @@ namespace DotNetOpenAuth.OpenId {
         }
         
         /// <summary>
+        ///   Looks up a localized string similar to No current HttpContext was detected, so an {0} instance must be explicitly provided or specified in the .config file.  Call the constructor overload that takes an {0}..
+        /// </summary>
+        internal static string StoreRequiredWhenNoHttpContextAvailable {
+            get {
+                return ResourceManager.GetString("StoreRequiredWhenNoHttpContextAvailable", resourceCulture);
+            }
+        }
+        
+        /// <summary>
         ///   Looks up a localized string similar to The type must implement {0}..
         /// </summary>
         internal static string TypeMustImplementX {
diff --git a/src/DotNetOpenAuth/OpenId/OpenIdStrings.resx b/src/DotNetOpenAuth/OpenId/OpenIdStrings.resx
index 51085b7..e90274e 100644
--- a/src/DotNetOpenAuth/OpenId/OpenIdStrings.resx
+++ b/src/DotNetOpenAuth/OpenId/OpenIdStrings.resx
@@ -244,4 +244,7 @@ Discovered endpoint info:
   <data name="XriResolutionFailed" xml:space="preserve">
     <value>XRI resolution failed.</value>
   </data>
+  <data name="StoreRequiredWhenNoHttpContextAvailable" xml:space="preserve">
+    <value>No current HttpContext was detected, so an {0} instance must be explicitly provided or specified in the .config file.  Call the constructor overload that takes an {0}.</value>
+  </data>
 </root>
\ No newline at end of file
diff --git a/src/DotNetOpenAuth/OpenId/Provider/OpenIdProvider.cs b/src/DotNetOpenAuth/OpenId/Provider/OpenIdProvider.cs
index cea2c9e..cecc0a9 100644
--- a/src/DotNetOpenAuth/OpenId/Provider/OpenIdProvider.cs
+++ b/src/DotNetOpenAuth/OpenId/Provider/OpenIdProvider.cs
@@ -6,6 +6,7 @@
 
 namespace DotNetOpenAuth.OpenId.Provider {
 	using System;
+	using System.ComponentModel;
 	using System.Web;
 	using DotNetOpenAuth.Configuration;
 	using DotNetOpenAuth.Messaging;
@@ -18,6 +19,12 @@ namespace DotNetOpenAuth.OpenId.Provider {
 	/// </summary>
 	public sealed class OpenIdProvider {
 		/// <summary>
+		/// The name of the key to use in the HttpApplication cache to store the
+		/// instance of <see cref="StandardProviderApplicationStore"/> to use.
+		/// </summary>
+		private const string ApplicationStoreKey = "DotNetOpenAuth.OpenId.Provider.OpenIdProvider.ApplicationStore";
+
+		/// <summary>
 		/// Backing field for the <see cref="SecuritySettings"/> property.
 		/// </summary>
 		private ProviderSecuritySettings securitySettings;
@@ -25,6 +32,13 @@ namespace DotNetOpenAuth.OpenId.Provider {
 		/// <summary>
 		/// Initializes a new instance of the <see cref="OpenIdProvider"/> class.
 		/// </summary>
+		public OpenIdProvider()
+			: this(DotNetOpenAuth.Configuration.ProviderSection.Configuration.ApplicationStore.CreateInstance(HttpApplicationStore)) {
+		}
+
+		/// <summary>
+		/// Initializes a new instance of the <see cref="OpenIdProvider"/> class.
+		/// </summary>
 		/// <param name="applicationStore">The application store to use.  Cannot be null.</param>
 		public OpenIdProvider(IProviderApplicationStore applicationStore)
 			: this(applicationStore, applicationStore) {
@@ -45,6 +59,31 @@ namespace DotNetOpenAuth.OpenId.Provider {
 		}
 
 		/// <summary>
+		/// Gets the standard state storage mechanism that uses ASP.NET's
+		/// HttpApplication state dictionary to store associations and nonces.
+		/// </summary>
+		[EditorBrowsable(EditorBrowsableState.Advanced)]
+		public static IProviderApplicationStore HttpApplicationStore {
+			get {
+				HttpContext context = HttpContext.Current;
+				ErrorUtilities.VerifyOperation(context != null, OpenIdStrings.StoreRequiredWhenNoHttpContextAvailable, typeof(IProviderApplicationStore).Name);
+				var store = (IProviderApplicationStore)context.Application[ApplicationStoreKey];
+				if (store == null) {
+					context.Application.Lock();
+					try {
+						if ((store = (IProviderApplicationStore)context.Application[ApplicationStoreKey]) == null) {
+							context.Application[ApplicationStoreKey] = store = new StandardProviderApplicationStore(Configuration.MaximumUserAgentAuthenticationTime);
+						}
+					} finally {
+						context.Application.UnLock();
+					}
+				}
+
+				return store;
+			}
+		}
+
+		/// <summary>
 		/// Gets the channel to use for sending/receiving messages.
 		/// </summary>
 		public Channel Channel { get; internal set; }
@@ -58,10 +97,7 @@ namespace DotNetOpenAuth.OpenId.Provider {
 			}
 
 			internal set {
-				if (value == null) {
-					throw new ArgumentNullException("value");
-				}
-
+				ErrorUtilities.VerifyArgumentNotNull(value, "value");
 				this.securitySettings = value;
 			}
 		}
diff --git a/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdRelyingParty.cs b/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdRelyingParty.cs
index 48d51a8..469518a 100644
--- a/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdRelyingParty.cs
+++ b/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdRelyingParty.cs
@@ -33,6 +33,12 @@ namespace DotNetOpenAuth.OpenId.RelyingParty {
 	/// </summary>
 	public sealed class OpenIdRelyingParty {
 		/// <summary>
+		/// The name of the key to use in the HttpApplication cache to store the
+		/// instance of <see cref="StandardRelyingPartyApplicationStore"/> to use.
+		/// </summary>
+		private const string ApplicationStoreKey = "DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty.ApplicationStore";
+
+		/// <summary>
 		/// Backing field for the <see cref="SecuritySettings"/> property.
 		/// </summary>
 		private RelyingPartySecuritySettings securitySettings;
@@ -45,6 +51,13 @@ namespace DotNetOpenAuth.OpenId.RelyingParty {
 		/// <summary>
 		/// Initializes a new instance of the <see cref="OpenIdRelyingParty"/> class.
 		/// </summary>
+		public OpenIdRelyingParty()
+			: this(DotNetOpenAuth.Configuration.RelyingPartySection.Configuration.ApplicationStore.CreateInstance(HttpApplicationStore)) {
+		}
+
+		/// <summary>
+		/// Initializes a new instance of the <see cref="OpenIdRelyingParty"/> class.
+		/// </summary>
 		/// <param name="applicationStore">The application store.  If null, the relying party will always operate in "dumb mode".</param>
 		public OpenIdRelyingParty(IRelyingPartyApplicationStore applicationStore)
 			: this(applicationStore, applicationStore, applicationStore) {
@@ -128,6 +141,31 @@ namespace DotNetOpenAuth.OpenId.RelyingParty {
 		}
 
 		/// <summary>
+		/// Gets the standard state storage mechanism that uses ASP.NET's
+		/// HttpApplication state dictionary to store associations and nonces.
+		/// </summary>
+		[EditorBrowsable(EditorBrowsableState.Advanced)]
+		public static IRelyingPartyApplicationStore HttpApplicationStore {
+			get {
+				HttpContext context = HttpContext.Current;
+				ErrorUtilities.VerifyOperation(context != null, OpenIdStrings.StoreRequiredWhenNoHttpContextAvailable, typeof(IRelyingPartyApplicationStore).Name);
+				var store = (IRelyingPartyApplicationStore)context.Application[ApplicationStoreKey];
+				if (store == null) {
+					context.Application.Lock();
+					try {
+						if ((store = (IRelyingPartyApplicationStore)context.Application[ApplicationStoreKey]) == null) {
+							context.Application[ApplicationStoreKey] = store = new StandardRelyingPartyApplicationStore(Configuration.MaximumUserAgentAuthenticationTime);
+						}
+					} finally {
+						context.Application.UnLock();
+					}
+				}
+
+				return store;
+			}
+		}
+
+		/// <summary>
 		/// Gets the channel to use for sending/receiving messages.
 		/// </summary>
 		public Channel Channel { get; internal set; }
diff --git a/src/DotNetOpenAuth/Strings.Designer.cs b/src/DotNetOpenAuth/Strings.Designer.cs
index 9ef42bc..eea4675 100644
--- a/src/DotNetOpenAuth/Strings.Designer.cs
+++ b/src/DotNetOpenAuth/Strings.Designer.cs
@@ -1,7 +1,7 @@
 //------------------------------------------------------------------------------
 // <auto-generated>
 //     This code was generated by a tool.
-//     Runtime Version:2.0.50727.3053
+//     Runtime Version:2.0.50727.3521
 //
 //     Changes to this file may cause incorrect behavior and will be lost if
 //     the code is regenerated.
@@ -59,5 +59,14 @@ namespace DotNetOpenAuth {
                 resourceCulture = value;
             }
         }
+        
+        /// <summary>
+        ///   Looks up a localized string similar to The configuration-specified type {0} must be public, and is not..
+        /// </summary>
+        internal static string ConfigurationTypeMustBePublic {
+            get {
+                return ResourceManager.GetString("ConfigurationTypeMustBePublic", resourceCulture);
+            }
+        }
     }
 }
diff --git a/src/DotNetOpenAuth/Strings.resx b/src/DotNetOpenAuth/Strings.resx
index 7080a7d..c42347b 100644
--- a/src/DotNetOpenAuth/Strings.resx
+++ b/src/DotNetOpenAuth/Strings.resx
@@ -117,4 +117,7 @@
   <resheader name="writer">
     <value>System.Resources.ResXResourceWriter, System.Windows.Forms, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</value>
   </resheader>
+  <data name="ConfigurationTypeMustBePublic" xml:space="preserve">
+    <value>The configuration-specified type {0} must be public, and is not.</value>
+  </data>
 </root>
\ No newline at end of file
-- 
2.11.4.GIT