diff --git a/PROJ-ETS/PROJ-ETS/Scripts/modernizr-2.5.3.js b/PROJ-ETS/PROJ-ETS/Scripts/modernizr-2.6.2.js
similarity index 73%
rename from PROJ-ETS/PROJ-ETS/Scripts/modernizr-2.5.3.js
rename to PROJ-ETS/PROJ-ETS/Scripts/modernizr-2.6.2.js
index c1a6a9a..56a0022 100644
--- a/PROJ-ETS/PROJ-ETS/Scripts/modernizr-2.5.3.js
+++ b/PROJ-ETS/PROJ-ETS/Scripts/modernizr-2.6.2.js
@@ -1,5 +1,5 @@
/*!
- * Modernizr v2.5.3
+ * Modernizr v2.6.2
* www.modernizr.com
*
* Copyright (c) Faruk Ates, Paul Irish, Alex Sexton
@@ -24,12 +24,14 @@
window.Modernizr = (function( window, document, undefined ) {
- var version = '2.5.3',
+ var version = '2.6.2',
Modernizr = {},
-
+
+ /*>>cssclasses*/
// option for enabling the HTML classes to be added
enableClasses = true,
+ /*>>cssclasses*/
docElement = document.documentElement,
@@ -43,15 +45,21 @@ window.Modernizr = (function( window, document, undefined ) {
/**
* Create the input element for various Web Forms feature tests.
*/
- inputElem = document.createElement('input'),
+ inputElem /*>>inputelem*/ = document.createElement('input') /*>>inputelem*/ ,
+ /*>>smile*/
smile = ':)',
+ /*>>smile*/
toString = {}.toString,
+ // TODO :: make the prefixes more granular
+ /*>>prefixes*/
// List of property values to set for css tests. See ticket #21
prefixes = ' -webkit- -moz- -o- -ms- '.split(' '),
+ /*>>prefixes*/
+ /*>>domprefixes*/
// Following spec is to expose vendor-specific style properties as:
// elem.style.WebkitBorderRadius
// and the following would be incorrect:
@@ -67,8 +75,11 @@ window.Modernizr = (function( window, document, undefined ) {
cssomPrefixes = omPrefixes.split(' '),
domPrefixes = omPrefixes.toLowerCase().split(' '),
+ /*>>domprefixes*/
+ /*>>ns*/
ns = {'svg': 'http://www.w3.org/2000/svg'},
+ /*>>ns*/
tests = {},
inputs = {},
@@ -81,15 +92,16 @@ window.Modernizr = (function( window, document, undefined ) {
featureName, // used in testing loop
+ /*>>teststyles*/
// Inject element with style element and some CSS rules
injectElementWithStyles = function( rule, callback, nodes, testnames ) {
- var style, ret, node,
+ var style, ret, node, docOverflow,
div = document.createElement('div'),
// After page load injecting a fake body doesn't work so check if body exists
- body = document.body,
+ body = document.body,
// IE6 and 7 won't return offsetWidth or offsetHeight unless it's in the body element, so we fake it.
- fakeBody = body ? body : document.createElement('body');
+ fakeBody = body || document.createElement('body');
if ( parseInt(nodes, 10) ) {
// In order not to give false positives we create a node for each test
@@ -106,27 +118,37 @@ window.Modernizr = (function( window, document, undefined ) {
// with a 'scoped' element, in our case the soft-hyphen entity as it won't mess with our measurements.
// msdn.microsoft.com/en-us/library/ms533897%28VS.85%29.aspx
// Documents served as xml will throw if using so use xml friendly encoded version. See issue #277
- style = ['',''].join('');
+ style = ['',''].join('');
div.id = mod;
// IE6 will false positive on some tests due to the style element inside the test div somehow interfering offsetHeight, so insert it into body or fakebody.
// Opera will act all quirky when injecting elements in documentElement when page is served as xml, needs fakebody too. #270
- fakeBody.innerHTML += style;
+ (body ? div : fakeBody).innerHTML += style;
fakeBody.appendChild(div);
- if(!body){
+ if ( !body ) {
//avoid crashing IE8, if background image is used
- fakeBody.style.background = "";
+ fakeBody.style.background = '';
+ //Safari 5.13/5.1.4 OSX stops loading if ::-webkit-scrollbar is used and scrollbars are visible
+ fakeBody.style.overflow = 'hidden';
+ docOverflow = docElement.style.overflow;
+ docElement.style.overflow = 'hidden';
docElement.appendChild(fakeBody);
}
ret = callback(div, rule);
// If this is done after page load we don't want to remove the body so check if body exists
- !body ? fakeBody.parentNode.removeChild(fakeBody) : div.parentNode.removeChild(div);
+ if ( !body ) {
+ fakeBody.parentNode.removeChild(fakeBody);
+ docElement.style.overflow = docOverflow;
+ } else {
+ div.parentNode.removeChild(div);
+ }
return !!ret;
},
+ /*>>teststyles*/
-
+ /*>>mq*/
// adapted from matchMedia polyfill
// by Scott Jehl and Paul Irish
// gist.github.com/786768
@@ -148,12 +170,18 @@ window.Modernizr = (function( window, document, undefined ) {
return bool;
},
+ /*>>mq*/
- /**
- * isEventSupported determines if a given element supports the given event
- * function from yura.thinkweb2.com/isEventSupported/
- */
+ /*>>hasevent*/
+ //
+ // isEventSupported determines if a given element supports the given event
+ // kangax.github.com/iseventsupported/
+ //
+ // The following results are known incorrects:
+ // Modernizr.hasEvent("webkitTransitionEnd", elem) // false negative
+ // Modernizr.hasEvent("textInput") // in Webkit. github.com/Modernizr/Modernizr/issues/333
+ // ...
isEventSupported = (function() {
var TAGNAMES = {
@@ -191,43 +219,45 @@ window.Modernizr = (function( window, document, undefined ) {
return isSupported;
}
return isEventSupported;
- })();
+ })(),
+ /*>>hasevent*/
+
+ // TODO :: Add flag for hasownprop ? didn't last time
// hasOwnProperty shim by kangax needed for Safari 2.0 support
- var _hasOwnProperty = ({}).hasOwnProperty, hasOwnProperty;
+ _hasOwnProperty = ({}).hasOwnProperty, hasOwnProp;
+
if ( !is(_hasOwnProperty, 'undefined') && !is(_hasOwnProperty.call, 'undefined') ) {
- hasOwnProperty = function (object, property) {
+ hasOwnProp = function (object, property) {
return _hasOwnProperty.call(object, property);
};
}
else {
- hasOwnProperty = function (object, property) { /* yes, this can give false positives/negatives, but most of the time we don't care about those */
+ hasOwnProp = function (object, property) { /* yes, this can give false positives/negatives, but most of the time we don't care about those */
return ((property in object) && is(object.constructor.prototype[property], 'undefined'));
};
}
- // Taken from ES5-shim https://github.com/kriskowal/es5-shim/blob/master/es5-shim.js
- // ES-5 15.3.4.5
- // http://es5.github.com/#x15.3.4.5
+ // Adapted from ES5-shim https://github.com/kriskowal/es5-shim/blob/master/es5-shim.js
+ // es5.github.com/#x15.3.4.5
if (!Function.prototype.bind) {
-
Function.prototype.bind = function bind(that) {
-
+
var target = this;
-
+
if (typeof target != "function") {
throw new TypeError();
}
-
+
var args = slice.call(arguments, 1),
bound = function () {
if (this instanceof bound) {
-
+
var F = function(){};
F.prototype = target.prototype;
- var self = new F;
+ var self = new F();
var result = target.apply(
self,
@@ -239,7 +269,7 @@ window.Modernizr = (function( window, document, undefined ) {
return self;
} else {
-
+
return target.apply(
that,
args.concat(slice.call(arguments))
@@ -248,7 +278,7 @@ window.Modernizr = (function( window, document, undefined ) {
}
};
-
+
return bound;
};
}
@@ -281,20 +311,38 @@ window.Modernizr = (function( window, document, undefined ) {
return !!~('' + str).indexOf(substr);
}
- /**
- * testProps is a generic CSS / DOM property test; if a browser supports
- * a certain property, it won't return undefined for it.
- * A supported CSS property returns empty string when its not yet set.
- */
+ /*>>testprop*/
+
+ // testProps is a generic CSS / DOM property test.
+
+ // In testing support for a given CSS property, it's legit to test:
+ // `elem.style[styleName] !== undefined`
+ // If the property is supported it will return an empty string,
+ // if unsupported it will return undefined.
+
+ // We'll take advantage of this quick test and skip setting a style
+ // on our modernizr element, but instead just testing undefined vs
+ // empty string.
+
+ // Because the testing of the CSS property names (with "-", as
+ // opposed to the camelCase DOM properties) is non-portable and
+ // non-standard but works in WebKit and IE (but not Gecko or Opera),
+ // we explicitly reject properties with dashes so that authors
+ // developing in WebKit or IE first don't end up with
+ // browser-specific content by accident.
+
function testProps( props, prefixed ) {
for ( var i in props ) {
- if ( mStyle[ props[i] ] !== undefined ) {
- return prefixed == 'pfx' ? props[i] : true;
+ var prop = props[i];
+ if ( !contains(prop, "-") && mStyle[prop] !== undefined ) {
+ return prefixed == 'pfx' ? prop : true;
}
}
return false;
}
+ /*>>testprop*/
+ // TODO :: add testDOMProps
/**
* testDOMProps is a generic DOM property test; if a browser supports
* a certain property, it won't return undefined for it.
@@ -312,7 +360,7 @@ window.Modernizr = (function( window, document, undefined ) {
// default to autobind unless override
return item.bind(elem || obj);
}
-
+
// return the unbound function or obj or value
return item;
}
@@ -320,6 +368,7 @@ window.Modernizr = (function( window, document, undefined ) {
return false;
}
+ /*>>testallprops*/
/**
* testPropsAll tests a list of DOM properties we want to check against.
* We specify literally ALL possible (known and/or likely) properties on
@@ -328,7 +377,7 @@ window.Modernizr = (function( window, document, undefined ) {
*/
function testPropsAll( prop, prefixed, elem ) {
- var ucProp = prop.charAt(0).toUpperCase() + prop.substr(1),
+ var ucProp = prop.charAt(0).toUpperCase() + prop.slice(1),
props = (prop + ' ' + cssomPrefixes.join(ucProp + ' ') + ucProp).split(' ');
// did they call .prefixed('boxSizing') or are we just testing a prop?
@@ -341,54 +390,7 @@ window.Modernizr = (function( window, document, undefined ) {
return testDOMProps(props, prefixed, elem);
}
}
-
- /**
- * testBundle tests a list of CSS features that require element and style injection.
- * By bundling them together we can reduce the need to touch the DOM multiple times.
- */
- /*>>testBundle*/
- var testBundle = (function( styles, tests ) {
- var style = styles.join(''),
- len = tests.length;
-
- injectElementWithStyles(style, function( node, rule ) {
- var style = document.styleSheets[document.styleSheets.length - 1],
- // IE8 will bork if you create a custom build that excludes both fontface and generatedcontent tests.
- // So we check for cssRules and that there is a rule available
- // More here: github.com/Modernizr/Modernizr/issues/288 & github.com/Modernizr/Modernizr/issues/293
- cssText = style ? (style.cssRules && style.cssRules[0] ? style.cssRules[0].cssText : style.cssText || '') : '',
- children = node.childNodes, hash = {};
-
- while ( len-- ) {
- hash[children[len].id] = children[len];
- }
-
- /*>>touch*/ Modernizr['touch'] = ('ontouchstart' in window) || window.DocumentTouch && document instanceof DocumentTouch || (hash['touch'] && hash['touch'].offsetTop) === 9; /*>>touch*/
- /*>>csstransforms3d*/ Modernizr['csstransforms3d'] = (hash['csstransforms3d'] && hash['csstransforms3d'].offsetLeft) === 9 && hash['csstransforms3d'].offsetHeight === 3; /*>>csstransforms3d*/
- /*>>generatedcontent*/Modernizr['generatedcontent'] = (hash['generatedcontent'] && hash['generatedcontent'].offsetHeight) >= 1; /*>>generatedcontent*/
- /*>>fontface*/ Modernizr['fontface'] = /src/i.test(cssText) &&
- cssText.indexOf(rule.split(' ')[0]) === 0; /*>>fontface*/
- }, len, tests);
-
- })([
- // Pass in styles to be injected into document
- /*>>fontface*/ '@font-face {font-family:"font";src:url("https://")}' /*>>fontface*/
-
- /*>>touch*/ ,['@media (',prefixes.join('touch-enabled),('),mod,')',
- '{#touch{top:9px;position:absolute}}'].join('') /*>>touch*/
-
- /*>>csstransforms3d*/ ,['@media (',prefixes.join('transform-3d),('),mod,')',
- '{#csstransforms3d{left:9px;position:absolute;height:3px;}}'].join('')/*>>csstransforms3d*/
-
- /*>>generatedcontent*/,['#generatedcontent:after{content:"',smile,'";visibility:hidden}'].join('') /*>>generatedcontent*/
- ],
- [
- /*>>fontface*/ 'fontface' /*>>fontface*/
- /*>>touch*/ ,'touch' /*>>touch*/
- /*>>csstransforms3d*/ ,'csstransforms3d' /*>>csstransforms3d*/
- /*>>generatedcontent*/,'generatedcontent' /*>>generatedcontent*/
-
- ]);/*>>testBundle*/
+ /*>>testallprops*/
/**
@@ -400,13 +402,13 @@ window.Modernizr = (function( window, document, undefined ) {
// dev.w3.org/csswg/css3-flexbox
tests['flexbox'] = function() {
- return testPropsAll('flexOrder');
+ return testPropsAll('flexWrap');
};
// The *old* flexbox
// www.w3.org/TR/2009/WD-css3-flexbox-20090723/
- tests['flexbox-legacy'] = function() {
+ tests['flexboxlegacy'] = function() {
return testPropsAll('boxDirection');
};
@@ -423,19 +425,13 @@ window.Modernizr = (function( window, document, undefined ) {
return !!(Modernizr['canvas'] && is(document.createElement('canvas').getContext('2d').fillText, 'function'));
};
- // this test initiates a new webgl context.
- // webk.it/70117 is tracking a legit feature detect proposal
-
+ // webk.it/70117 is tracking a legit WebGL feature detect proposal
+
+ // We do a soft detect which may false positive in order to avoid
+ // an expensive context creation: bugzil.la/732441
+
tests['webgl'] = function() {
- try {
- var canvas = document.createElement('canvas'),
- ret;
- ret = !!(window.WebGLRenderingContext && (canvas.getContext('experimental-webgl') || canvas.getContext('webgl')));
- canvas = undefined;
- } catch (e){
- ret = false;
- }
- return ret;
+ return !!window.WebGLRenderingContext;
};
/*
@@ -453,32 +449,41 @@ window.Modernizr = (function( window, document, undefined ) {
*/
tests['touch'] = function() {
- return Modernizr['touch'];
+ var bool;
+
+ if(('ontouchstart' in window) || window.DocumentTouch && document instanceof DocumentTouch) {
+ bool = true;
+ } else {
+ injectElementWithStyles(['@media (',prefixes.join('touch-enabled),('),mod,')','{#modernizr{top:9px;position:absolute}}'].join(''), function( node ) {
+ bool = node.offsetTop === 9;
+ });
+ }
+
+ return bool;
};
- /**
- * geolocation tests for the new Geolocation API specification.
- * This test is a standards compliant-only test; for more complete
- * testing, including a Google Gears fallback, please see:
- * code.google.com/p/geo-location-javascript/
- * or view a fallback solution using google's geo API:
- * gist.github.com/366184
- */
+
+ // geolocation is often considered a trivial feature detect...
+ // Turns out, it's quite tricky to get right:
+ //
+ // Using !!navigator.geolocation does two things we don't want. It:
+ // 1. Leaks memory in IE9: github.com/Modernizr/Modernizr/issues/513
+ // 2. Disables page caching in WebKit: webk.it/43956
+ //
+ // Meanwhile, in Firefox < 8, an about:config setting could expose
+ // a false positive that would throw an exception: bugzil.la/688158
+
tests['geolocation'] = function() {
- return !!navigator.geolocation;
+ return 'geolocation' in navigator;
};
- // Per 1.6:
- // This used to be Modernizr.crosswindowmessaging but the longer
- // name has been deprecated in favor of a shorter and property-matching one.
- // The old API is still available in 1.6, but as of 2.0 will throw a warning,
- // and in the first release thereafter disappear entirely.
+
tests['postmessage'] = function() {
return !!window.postMessage;
};
- // Chrome incognito mode used to throw an exception when using openDatabase
+ // Chrome incognito mode used to throw an exception when using openDatabase
// It doesn't anymore.
tests['websqldatabase'] = function() {
return !!window.openDatabase;
@@ -489,7 +494,7 @@ window.Modernizr = (function( window, document, undefined ) {
// - Firefox shipped moz_indexedDB before FF4b9, but since then has been mozIndexedDB
// For speed, we don't test the legacy (and beta-only) indexedDB
tests['indexedDB'] = function() {
- return !!testPropsAll("indexedDB",window);
+ return !!testPropsAll("indexedDB", window);
};
// documentMode logic from YUI to filter out IE8 Compat Mode
@@ -512,15 +517,12 @@ window.Modernizr = (function( window, document, undefined ) {
return ('draggable' in div) || ('ondragstart' in div && 'ondrop' in div);
};
- // FIXME: Once FF10 is sunsetted, we can drop prefixed MozWebSocket
- // bugzil.la/695635
+ // FF3.6 was EOL'ed on 4/24/12, but the ESR version of FF10
+ // will be supported until FF19 (2/12/13), at which time, ESR becomes FF17.
+ // FF10 still uses prefixes, so check for it until then.
+ // for more ESR info, see: mozilla.org/en-US/firefox/organizations/faq/
tests['websockets'] = function() {
- for ( var i = -1, len = cssomPrefixes.length; ++i < len; ){
- if ( window[cssomPrefixes[i] + 'WebSocket'] ){
- return true;
- }
- }
- return 'WebSocket' in window;
+ return 'WebSocket' in window || 'MozWebSocket' in window;
};
@@ -552,19 +554,13 @@ window.Modernizr = (function( window, document, undefined ) {
// If the UA supports multiple backgrounds, there should be three occurrences
// of the string "url(" in the return value for elemStyle.background
- return /(url\s*\(.*?){3}/.test(mStyle.background);
+ return (/(url\s*\(.*?){3}/).test(mStyle.background);
};
- // In testing support for a given CSS property, it's legit to test:
- // `elem.style[styleName] !== undefined`
- // If the property is supported it will return an empty string,
- // if unsupported it will return undefined.
-
- // We'll take advantage of this quick test and skip setting a style
- // on our modernizr element, but instead just testing undefined vs
- // empty string.
+ // this will false positive in Opera Mini
+ // github.com/Modernizr/Modernizr/issues/396
tests['backgroundsize'] = function() {
return testPropsAll('backgroundSize');
@@ -603,11 +599,11 @@ window.Modernizr = (function( window, document, undefined ) {
// The non-literal . in this regex is intentional:
// German Chrome returns this value as 0,55
// github.com/Modernizr/Modernizr/issues/#issue/59/comment/516632
- return /^0.55$/.test(mStyle.opacity);
+ return (/^0.55$/).test(mStyle.opacity);
};
- // Note, Android < 4 will pass this test, but can only animate
+ // Note, Android < 4 will pass this test, but can only animate
// a single property at a time
// daneden.me/2011/12/putting-up-with-androids-bullshit/
tests['cssanimations'] = function() {
@@ -635,9 +631,9 @@ window.Modernizr = (function( window, document, undefined ) {
setCss(
// legacy webkit syntax (FIXME: remove when syntax not in use anymore)
- (str1 + '-webkit- '.split(' ').join(str2 + str1)
- // standard syntax // trailing 'background-image:'
- + prefixes.join(str3 + str1)).slice(0, -str1.length)
+ (str1 + '-webkit- '.split(' ').join(str2 + str1) +
+ // standard syntax // trailing 'background-image:'
+ prefixes.join(str3 + str1)).slice(0, -str1.length)
);
return contains(mStyle.backgroundImage, 'gradient');
@@ -665,8 +661,10 @@ window.Modernizr = (function( window, document, undefined ) {
if ( ret && 'webkitPerspective' in docElement.style ) {
// Webkit allows this media query to succeed only if the feature is enabled.
- // `@media (transform-3d),(-o-transform-3d),(-moz-transform-3d),(-ms-transform-3d),(-webkit-transform-3d),(modernizr){ ... }`
- ret = Modernizr['csstransforms3d'];
+ // `@media (transform-3d),(-webkit-transform-3d){ ... }`
+ injectElementWithStyles('@media (transform-3d),(-webkit-transform-3d){#modernizr{left:9px;position:absolute;height:3px;}}', function( node, rule ) {
+ ret = node.offsetLeft === 9 && node.offsetHeight === 3;
+ });
}
return ret;
};
@@ -681,15 +679,33 @@ window.Modernizr = (function( window, document, undefined ) {
// @font-face detection routine by Diego Perini
// javascript.nwbox.com/CSSSupport/
- // false positives in WebOS: github.com/Modernizr/Modernizr/issues/342
+ // false positives:
+ // WebOS github.com/Modernizr/Modernizr/issues/342
+ // WP7 github.com/Modernizr/Modernizr/issues/538
tests['fontface'] = function() {
- return Modernizr['fontface'];
+ var bool;
+
+ injectElementWithStyles('@font-face {font-family:"font";src:url("https://")}', function( node, rule ) {
+ var style = document.getElementById('smodernizr'),
+ sheet = style.sheet || style.styleSheet,
+ cssText = sheet ? (sheet.cssRules && sheet.cssRules[0] ? sheet.cssRules[0].cssText : sheet.cssText || '') : '';
+
+ bool = /src/i.test(cssText) && cssText.indexOf(rule.split(' ')[0]) === 0;
+ });
+
+ return bool;
};
/*>>fontface*/
// CSS generated content detection
tests['generatedcontent'] = function() {
- return Modernizr['generatedcontent'];
+ var bool;
+
+ injectElementWithStyles(['#',mod,'{font:0/0 a}#',mod,':after{content:"',smile,'";visibility:hidden;font:3px/1 a}'].join(''), function( node ) {
+ bool = node.offsetHeight >= 3;
+ });
+
+ return bool;
};
@@ -711,20 +727,21 @@ window.Modernizr = (function( window, document, undefined ) {
tests['video'] = function() {
var elem = document.createElement('video'),
bool = false;
-
+
// IE9 Running on Windows Server SKU can cause an exception to be thrown, bug #224
try {
if ( bool = !!elem.canPlayType ) {
bool = new Boolean(bool);
bool.ogg = elem.canPlayType('video/ogg; codecs="theora"') .replace(/^no$/,'');
+ // Without QuickTime, this value will be `undefined`. github.com/Modernizr/Modernizr/issues/546
bool.h264 = elem.canPlayType('video/mp4; codecs="avc1.42E01E"') .replace(/^no$/,'');
bool.webm = elem.canPlayType('video/webm; codecs="vp8, vorbis"').replace(/^no$/,'');
}
-
+
} catch(e) { }
-
+
return bool;
};
@@ -732,7 +749,7 @@ window.Modernizr = (function( window, document, undefined ) {
var elem = document.createElement('audio'),
bool = false;
- try {
+ try {
if ( bool = !!elem.canPlayType ) {
bool = new Boolean(bool);
bool.ogg = elem.canPlayType('audio/ogg; codecs="vorbis"').replace(/^no$/,'');
@@ -742,11 +759,11 @@ window.Modernizr = (function( window, document, undefined ) {
// developer.mozilla.org/En/Media_formats_supported_by_the_audio_and_video_elements
// bit.ly/iphoneoscodecs
bool.wav = elem.canPlayType('audio/wav; codecs="1"') .replace(/^no$/,'');
- bool.m4a = ( elem.canPlayType('audio/x-m4a;') ||
+ bool.m4a = ( elem.canPlayType('audio/x-m4a;') ||
elem.canPlayType('audio/aac;')) .replace(/^no$/,'');
}
} catch(e) { }
-
+
return bool;
};
@@ -757,7 +774,7 @@ window.Modernizr = (function( window, document, undefined ) {
// `('localStorage' in window) && ` test first because otherwise Firefox will
// throw bugzil.la/365772 if cookies are disabled
- // Also in iOS5 Private Browsing mode, attepting to use localStorage.setItem
+ // Also in iOS5 Private Browsing mode, attempting to use localStorage.setItem
// will throw the exception:
// QUOTA_EXCEEDED_ERRROR DOM Exception 22.
// Peculiarly, getItem and removeItem calls do not throw.
@@ -826,17 +843,19 @@ window.Modernizr = (function( window, document, undefined ) {
return !!document.createElementNS && /SVGClipPath/.test(toString.call(document.createElementNS(ns.svg, 'clipPath')));
};
+ /*>>webforms*/
// input features and input types go directly onto the ret object, bypassing the tests loop.
// Hold this guy to execute in a moment.
function webforms() {
+ /*>>input*/
// Run through HTML5's new input attributes to see if the UA understands any.
// We're using f which is the element created early on
// Mike Taylr has created a comprehensive resource for testing these attributes
// when applied to all input types:
// miketaylr.com/code/input-type-attr.html
// spec: www.whatwg.org/specs/web-apps/current-work/multipage/the-input-element.html#input-type-attr-summary
-
- // Only input placeholder is tested while textarea's placeholder is not.
+
+ // Only input placeholder is tested while textarea's placeholder is not.
// Currently Safari 4 and Opera 11 have support only for the input placeholder
// Both tests are available in feature-detects/forms-placeholder.js
Modernizr['input'] = (function( props ) {
@@ -850,7 +869,9 @@ window.Modernizr = (function( window, document, undefined ) {
}
return attrs;
})('autocomplete autofocus list placeholder max min multiple pattern required step'.split(' '));
+ /*>>input*/
+ /*>>inputtypes*/
// Run through HTML5's new input types to see if the UA understands any.
// This is put behind the tests runloop because it doesn't return a
// true/false like all the other tests; instead, it returns an object
@@ -887,7 +908,7 @@ window.Modernizr = (function( window, document, undefined ) {
docElement.removeChild(inputElem);
} else if ( /^(search|tel)$/.test(inputElemType) ){
- // Spec doesnt define any special parsing or detectable UI
+ // Spec doesn't define any special parsing or detectable UI
// behaviors so we pass these through as true
// Interestingly, opera fails the earlier test, so it doesn't
@@ -897,14 +918,6 @@ window.Modernizr = (function( window, document, undefined ) {
// Real url and email support comes with prebaked validation.
bool = inputElem.checkValidity && inputElem.checkValidity() === false;
- } else if ( /^color$/.test(inputElemType) ) {
- // chuck into DOM and force reflow for Opera bug in 11.00
- // github.com/Modernizr/Modernizr/issues#issue/159
- docElement.appendChild(inputElem);
- docElement.offsetWidth;
- bool = inputElem.value != smile;
- docElement.removeChild(inputElem);
-
} else {
// If the upgraded input compontent rejects the :) text, we got a winner
bool = inputElem.value != smile;
@@ -915,7 +928,9 @@ window.Modernizr = (function( window, document, undefined ) {
}
return inputs;
})('search tel url email datetime date month week time datetime-local number range color'.split(' '));
+ /*>>inputtypes*/
}
+ /*>>webforms*/
// End of test definitions
@@ -926,7 +941,7 @@ window.Modernizr = (function( window, document, undefined ) {
// Run through all tests and detect their support in the current UA.
// todo: hypothetically we could be doing an array of tests and use a basic loop here.
for ( var feature in tests ) {
- if ( hasOwnProperty(tests, feature) ) {
+ if ( hasOwnProp(tests, feature) ) {
// run the test, throw the return value into the Modernizr,
// then based on that boolean, define an appropriate className
// and push it into an array of classes we'll join later.
@@ -937,8 +952,10 @@ window.Modernizr = (function( window, document, undefined ) {
}
}
+ /*>>webforms*/
// input tests need to run.
Modernizr.input || webforms();
+ /*>>webforms*/
/**
@@ -952,7 +969,7 @@ window.Modernizr = (function( window, document, undefined ) {
Modernizr.addTest = function ( feature, test ) {
if ( typeof feature == 'object' ) {
for ( var key in feature ) {
- if ( hasOwnProperty( feature, key ) ) {
+ if ( hasOwnProp( feature, key ) ) {
Modernizr.addTest( key, feature[ key ] );
}
}
@@ -971,7 +988,9 @@ window.Modernizr = (function( window, document, undefined ) {
test = typeof test == 'function' ? test() : test;
- docElement.className += ' ' + (test ? '' : 'no-') + feature;
+ if (typeof enableClasses !== "undefined" && enableClasses) {
+ docElement.className += ' ' + (test ? '' : 'no-') + feature;
+ }
Modernizr[feature] = test;
}
@@ -984,49 +1003,60 @@ window.Modernizr = (function( window, document, undefined ) {
setCss('');
modElem = inputElem = null;
- //>>BEGIN IEPP
- // Enable HTML 5 elements for styling in IE & add HTML5 css
- /*! HTML5 Shiv v3.4 | @afarkas @jdalton @jon_neal @rem | MIT/GPL2 Licensed */
+ /*>>shiv*/
+ /*! HTML5 Shiv v3.6.1 | @afarkas @jdalton @jon_neal @rem | MIT/GPL2 Licensed */
;(function(window, document) {
-
+ /*jshint evil:true */
/** Preset options */
var options = window.html5 || {};
-
+
/** Used to skip problem elements */
- var reSkip = /^<|^(?:button|form|map|select|textarea)$/i;
-
+ var reSkip = /^<|^(?:button|map|select|textarea|object|iframe|option|optgroup)$/i;
+
+ /** Not all elements can be cloned in IE **/
+ var saveClones = /^(?:a|b|code|div|fieldset|h1|h2|h3|h4|h5|h6|i|label|li|ol|p|q|span|strong|style|table|tbody|td|th|tr|ul)$/i;
+
/** Detect whether the browser supports default html5 styles */
var supportsHtml5Styles;
-
+
+ /** Name of the expando, to work with multiple documents or to re-shiv one document */
+ var expando = '_html5shiv';
+
+ /** The id for the the documents expando */
+ var expanID = 0;
+
+ /** Cached data for each document */
+ var expandoData = {};
+
/** Detect whether the browser supports unknown elements */
var supportsUnknownElements;
-
+
(function() {
- var a = document.createElement('a');
-
- a.innerHTML = '';
-
- //if the hidden property is implemented we can assume, that the browser supports HTML5 Styles
- supportsHtml5Styles = ('hidden' in a);
- supportsUnknownElements = a.childNodes.length == 1 || (function() {
- // assign a false positive if unable to shiv
- try {
- (document.createElement)('a');
- } catch(e) {
- return true;
- }
- var frag = document.createDocumentFragment();
- return (
- typeof frag.cloneNode == 'undefined' ||
- typeof frag.createDocumentFragment == 'undefined' ||
- typeof frag.createElement == 'undefined'
- );
- }());
-
+ try {
+ var a = document.createElement('a');
+ a.innerHTML = '';
+ //if the hidden property is implemented we can assume, that the browser supports basic HTML5 Styles
+ supportsHtml5Styles = ('hidden' in a);
+
+ supportsUnknownElements = a.childNodes.length == 1 || (function() {
+ // assign a false positive if unable to shiv
+ (document.createElement)('a');
+ var frag = document.createDocumentFragment();
+ return (
+ typeof frag.cloneNode == 'undefined' ||
+ typeof frag.createDocumentFragment == 'undefined' ||
+ typeof frag.createElement == 'undefined'
+ );
+ }());
+ } catch(e) {
+ supportsHtml5Styles = true;
+ supportsUnknownElements = true;
+ }
+
}());
-
+
/*--------------------------------------------------------------------------*/
-
+
/**
* Creates a style sheet with the given CSS text and adds it to the document.
* @private
@@ -1037,11 +1067,11 @@ window.Modernizr = (function( window, document, undefined ) {
function addStyleSheet(ownerDocument, cssText) {
var p = ownerDocument.createElement('p'),
parent = ownerDocument.getElementsByTagName('head')[0] || ownerDocument.documentElement;
-
+
p.innerHTML = 'x';
return parent.insertBefore(p.lastChild, parent.firstChild);
}
-
+
/**
* Returns the value of `html5.elements` as an array.
* @private
@@ -1051,45 +1081,123 @@ window.Modernizr = (function( window, document, undefined ) {
var elements = html5.elements;
return typeof elements == 'string' ? elements.split(' ') : elements;
}
-
+
+ /**
+ * Returns the data associated to the given document
+ * @private
+ * @param {Document} ownerDocument The document.
+ * @returns {Object} An object of data.
+ */
+ function getExpandoData(ownerDocument) {
+ var data = expandoData[ownerDocument[expando]];
+ if (!data) {
+ data = {};
+ expanID++;
+ ownerDocument[expando] = expanID;
+ expandoData[expanID] = data;
+ }
+ return data;
+ }
+
+ /**
+ * returns a shived element for the given nodeName and document
+ * @memberOf html5
+ * @param {String} nodeName name of the element
+ * @param {Document} ownerDocument The context document.
+ * @returns {Object} The shived element.
+ */
+ function createElement(nodeName, ownerDocument, data){
+ if (!ownerDocument) {
+ ownerDocument = document;
+ }
+ if(supportsUnknownElements){
+ return ownerDocument.createElement(nodeName);
+ }
+ if (!data) {
+ data = getExpandoData(ownerDocument);
+ }
+ var node;
+
+ if (data.cache[nodeName]) {
+ node = data.cache[nodeName].cloneNode();
+ } else if (saveClones.test(nodeName)) {
+ node = (data.cache[nodeName] = data.createElem(nodeName)).cloneNode();
+ } else {
+ node = data.createElem(nodeName);
+ }
+
+ // Avoid adding some elements to fragments in IE < 9 because
+ // * Attributes like `name` or `type` cannot be set/changed once an element
+ // is inserted into a document/fragment
+ // * Link elements with `src` attributes that are inaccessible, as with
+ // a 403 response, will cause the tab/window to crash
+ // * Script elements appended to fragments will execute when their `src`
+ // or `text` property is set
+ return node.canHaveChildren && !reSkip.test(nodeName) ? data.frag.appendChild(node) : node;
+ }
+
+ /**
+ * returns a shived DocumentFragment for the given document
+ * @memberOf html5
+ * @param {Document} ownerDocument The context document.
+ * @returns {Object} The shived DocumentFragment.
+ */
+ function createDocumentFragment(ownerDocument, data){
+ if (!ownerDocument) {
+ ownerDocument = document;
+ }
+ if(supportsUnknownElements){
+ return ownerDocument.createDocumentFragment();
+ }
+ data = data || getExpandoData(ownerDocument);
+ var clone = data.frag.cloneNode(),
+ i = 0,
+ elems = getElements(),
+ l = elems.length;
+ for(;i>END IEPP
+ }(this, document));
+ /*>>shiv*/
// Assign private properties to the return object with prefix
Modernizr._version = version;
// expose these for the plugin API. Look in the source for how to join() them against your input
+ /*>>prefixes*/
Modernizr._prefixes = prefixes;
+ /*>>prefixes*/
+ /*>>domprefixes*/
Modernizr._domPrefixes = domPrefixes;
Modernizr._cssomPrefixes = cssomPrefixes;
-
+ /*>>domprefixes*/
+
+ /*>>mq*/
// Modernizr.mq tests a given media query, live against the current state of the window
// A few important notes:
// * If a browser does not support media queries at all (eg. oldIE) the mq() will always return false
// * A max-width or orientation query will be evaluated against the current state, which may change later.
- // * You must specify values. Eg. If you are testing support for the min-width media query use:
+ // * You must specify values. Eg. If you are testing support for the min-width media query use:
// Modernizr.mq('(min-width:0)')
// usage:
// Modernizr.mq('only screen and (max-width:768)')
- Modernizr.mq = testMediaQuery;
-
+ Modernizr.mq = testMediaQuery;
+ /*>>mq*/
+
+ /*>>hasevent*/
// Modernizr.hasEvent() detects support for a given event, with an optional element to test on
// Modernizr.hasEvent('gesturestart', elem)
- Modernizr.hasEvent = isEventSupported;
+ Modernizr.hasEvent = isEventSupported;
+ /*>>hasevent*/
+ /*>>testprop*/
// Modernizr.testProp() investigates whether a given style property is recognized
// Note that the property names must be provided in the camelCase variant.
// Modernizr.testProp('pointerEvents')
Modernizr.testProp = function(prop){
return testProps([prop]);
- };
+ };
+ /*>>testprop*/
+ /*>>testallprops*/
// Modernizr.testAllProps() investigates whether a given style property,
// or any of its vendor-prefixed variants, is recognized
// Note that the property names must be provided in the camelCase variant.
- // Modernizr.testAllProps('boxSizing')
- Modernizr.testAllProps = testPropsAll;
+ // Modernizr.testAllProps('boxSizing')
+ Modernizr.testAllProps = testPropsAll;
+ /*>>testallprops*/
-
+ /*>>teststyles*/
// Modernizr.testStyles() allows you to add custom styles to the document and test an element afterwards
// Modernizr.testStyles('#modernizr { position:absolute }', function(elem, rule){ ... })
- Modernizr.testStyles = injectElementWithStyles;
+ Modernizr.testStyles = injectElementWithStyles;
+ /*>>teststyles*/
+ /*>>prefixed*/
// Modernizr.prefixed() returns the prefixed or nonprefixed property name variant of your input
// Modernizr.prefixed('boxSizing') // 'MozBoxSizing'
-
+
// Properties must be passed as dom-style camelcase, rather than `box-sizing` hypentated style.
// Return values will also be the camelCase variant, if you need to translate that to hypenated style use:
//
// str.replace(/([A-Z])/g, function(str,m1){ return '-' + m1.toLowerCase(); }).replace(/^ms-/,'-ms-');
-
+
// If you're trying to ascertain which transition end event to bind to, you might do something like...
- //
+ //
// var transEndEventNames = {
// 'WebkitTransition' : 'webkitTransitionEnd',
// 'MozTransition' : 'transitionend',
// 'OTransition' : 'oTransitionEnd',
- // 'msTransition' : 'MsTransitionEnd',
+ // 'msTransition' : 'MSTransitionEnd',
// 'transition' : 'transitionend'
// },
// transEndEventName = transEndEventNames[ Modernizr.prefixed('transition') ];
-
+
Modernizr.prefixed = function(prop, obj, elem){
if(!obj) {
return testPropsAll(prop, 'pfx');
@@ -1251,14 +1377,16 @@ window.Modernizr = (function( window, document, undefined ) {
return testPropsAll(prop, obj, elem);
}
};
+ /*>>prefixed*/
-
+ /*>>cssclasses*/
// Remove "no-js" class from element, if it exists:
docElement.className = docElement.className.replace(/(^|\s)no-js(\s|$)/, '$1$2') +
-
+
// Add the new classes to the element.
(enableClasses ? ' js ' + classes.join(' ') : '');
+ /*>>cssclasses*/
return Modernizr;
diff --git a/PROJ-ETS/PROJ-ETS/bin/Antlr3.Runtime.dll b/PROJ-ETS/PROJ-ETS/bin/Antlr3.Runtime.dll
index 12b118c..9592285 100644
Binary files a/PROJ-ETS/PROJ-ETS/bin/Antlr3.Runtime.dll and b/PROJ-ETS/PROJ-ETS/bin/Antlr3.Runtime.dll differ
diff --git a/PROJ-ETS/PROJ-ETS/bin/AspNet.ScriptManager.jQuery.UI.Combined.dll b/PROJ-ETS/PROJ-ETS/bin/AspNet.ScriptManager.jQuery.UI.Combined.dll
index d8fd9a8..f72f410 100644
Binary files a/PROJ-ETS/PROJ-ETS/bin/AspNet.ScriptManager.jQuery.UI.Combined.dll and b/PROJ-ETS/PROJ-ETS/bin/AspNet.ScriptManager.jQuery.UI.Combined.dll differ
diff --git a/PROJ-ETS/PROJ-ETS/bin/AspNet.ScriptManager.jQuery.dll b/PROJ-ETS/PROJ-ETS/bin/AspNet.ScriptManager.jQuery.dll
index 62f42f0..baa9bc3 100644
Binary files a/PROJ-ETS/PROJ-ETS/bin/AspNet.ScriptManager.jQuery.dll and b/PROJ-ETS/PROJ-ETS/bin/AspNet.ScriptManager.jQuery.dll differ
diff --git a/PROJ-ETS/PROJ-ETS/bin/DotNetOpenAuth.AspNet.dll b/PROJ-ETS/PROJ-ETS/bin/DotNetOpenAuth.AspNet.dll
index 9869968..e8a7d14 100644
Binary files a/PROJ-ETS/PROJ-ETS/bin/DotNetOpenAuth.AspNet.dll and b/PROJ-ETS/PROJ-ETS/bin/DotNetOpenAuth.AspNet.dll differ
diff --git a/PROJ-ETS/PROJ-ETS/bin/DotNetOpenAuth.AspNet.xml b/PROJ-ETS/PROJ-ETS/bin/DotNetOpenAuth.AspNet.xml
index adbbbde..2b2c191 100644
--- a/PROJ-ETS/PROJ-ETS/bin/DotNetOpenAuth.AspNet.xml
+++ b/PROJ-ETS/PROJ-ETS/bin/DotNetOpenAuth.AspNet.xml
@@ -336,6 +336,11 @@
The query access token.
+
+
+ Gets the identifier for this client as it is registered with Microsoft.
+
+
Initializes a new instance of the class.
@@ -424,11 +429,64 @@
The request token.
The request token secret.
+
+
+ Protect and url-encode the specified token secret.
+
+ The token to be used as a key.
+ The token secret to be protected
+ The encrypted and protected string.
+
+
+
+ Url-decode and unprotect the specified encrypted token string.
+
+ The token to be used as a key.
+ The encrypted token to be decrypted
+ The original token secret
+
Gets the effective HttpContext object to use.
+
+
+ Stores OAuth tokens in the current request's cookie.
+
+
+ This class is different from the in that
+ it also stores the access token after the authentication has succeeded.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The current request context.
+
+
+
+ Gets the token secret from the specified token.
+
+ The token.
+
+ The token's secret
+
+
+
+
+ Replaces the request token with access token.
+
+ The request token.
+ The access token.
+ The access token secret.
+
Simple wrapper around IConsumerTokenManager
@@ -1557,14 +1615,6 @@
The _request context.
-
-
- Initializes a new instance of the class.
-
-
- The request context.
-
-
Initializes a new instance of the class.
diff --git a/PROJ-ETS/PROJ-ETS/bin/DotNetOpenAuth.Core.dll b/PROJ-ETS/PROJ-ETS/bin/DotNetOpenAuth.Core.dll
index 88389cb..ad7c635 100644
Binary files a/PROJ-ETS/PROJ-ETS/bin/DotNetOpenAuth.Core.dll and b/PROJ-ETS/PROJ-ETS/bin/DotNetOpenAuth.Core.dll differ
diff --git a/PROJ-ETS/PROJ-ETS/bin/DotNetOpenAuth.Core.xml b/PROJ-ETS/PROJ-ETS/bin/DotNetOpenAuth.Core.xml
index e357ce3..dd8ec49 100644
--- a/PROJ-ETS/PROJ-ETS/bin/DotNetOpenAuth.Core.xml
+++ b/PROJ-ETS/PROJ-ETS/bin/DotNetOpenAuth.Core.xml
@@ -30,6 +30,12 @@
The message.
+
+
+ Throws an internal error exception.
+
+ Nothing. This method always throws.
+
An internal error exception that should never be caught.
@@ -55,6 +61,49 @@
The parameter is null. The class name is null or is zero (0).
+
+
+ A message part encoder that translates between byte[] and base64web encoded strings.
+
+
+
+
+ An interface describing how various objects can be serialized and deserialized between their object and string forms.
+
+
+ Implementations of this interface must include a default constructor and must be thread-safe.
+
+
+
+
+ Encodes the specified value.
+
+ The value. Guaranteed to never be null.
+ The in string form, ready for message transport.
+
+
+
+ Decodes the specified value.
+
+ The string value carried by the transport. Guaranteed to never be null, although it may be empty.
+ The deserialized form of the given string.
+ Thrown when the string value given cannot be decoded into the required object type.
+
+
+
+ Encodes the specified value.
+
+ The value. Guaranteed to never be null.
+ The in string form, ready for message transport.
+
+
+
+ Decodes the specified value.
+
+ The string value carried by the transport. Guaranteed to never be null, although it may be empty.
+ The deserialized form of the given string.
+ Thrown when the string value given cannot be decoded into the required object type.
+
Provides RSA encryption of symmetric keys to protect them from a theft of
@@ -404,16 +453,14 @@
The message to serialize. Must not be null.
A non-null, non-empty value.
-
+
Deserializes a .
- The message that contains the serialized value. Must not be null.
+ The instance to deserialize into
The serialized form of the to deserialize. Must not be null or empty.
- The name of the parameter whose value is to be deserialized. Used for error message generation.
-
- The deserialized value. Never null.
-
+ The message that contains the serialized value. May be null if no carrying message is applicable.
+ The name of the parameter whose value is to be deserialized. Used for error message generation, but may be null.
@@ -515,16 +562,14 @@
The message to serialize. Must not be null.
A non-null, non-empty value.
-
+
Deserializes a , including decompression, decryption, signature and nonce validation where applicable.
- The message that contains the serialized value. Must not be null.
+ The instance to initialize with deserialized data.
The serialized form of the to deserialize. Must not be null or empty.
- The name of the parameter whose value is to be deserialized. Used for error message generation.
-
- The deserialized value. Never null.
-
+ The message that contains the serialized value. May be null if no carrying message is applicable.
+ The name of the parameter whose value is to be deserialized. Used for error message generation, but may be null.
@@ -875,6 +920,11 @@
The encoding to use when writing out POST entity strings.
+
+
+ A default set of XML dictionary reader quotas that are relatively safe from causing unbounded memory consumption.
+
+
The content-type used on HTTP POST requests where the POST entity is a
@@ -930,7 +980,10 @@
A class prepared to analyze incoming messages and indicate what concrete
message types can deserialize from it.
- The binding elements to use in sending and receiving messages.
+
+ The binding elements to use in sending and receiving messages.
+ The order they are provided is used for outgoing messgaes, and reversed for incoming messages.
+
@@ -1361,6 +1414,12 @@
The received message data.
+
+
+ Performs additional processing on an outgoing web request before it is sent to the remote server.
+
+ The request.
+
Customizes the binding element order for outgoing and incoming messages.
@@ -1518,6 +1577,39 @@
This method implements spec V1.0 section 5.3.
+
+
+ HMAC-SHA algorithm names that can be passed to the method.
+
+
+
+
+ The name of the HMAC-SHA1 algorithm.
+
+
+
+
+ The name of the HMAC-SHA256 algorithm.
+
+
+
+
+ The name of the HMAC-SHA384 algorithm.
+
+
+
+
+ The name of the HMAC-SHA512 algorithm.
+
+
+
+
+ Creates an HMAC-SHA algorithm with the specified name and key.
+
+ A name from the available choices in the static const members of this class.
+ The secret key used as the HMAC.
+ The HMAC algorithm instance.
+
Well known HTTP headers.
@@ -1528,11 +1620,104 @@
The Authorization header, which specifies the credentials that the client presents in order to authenticate itself to the server.
+
+
+ The WWW-Authenticate header, which is included in HTTP 401 Unauthorized responses to help the client know which authorization schemes are supported.
+
+
The Content-Type header, which specifies the MIME type of the accompanying body data.
+
+
+ An interface that allows direct request messages to capture the details of the HTTP request they arrived on.
+
+
+
+
+ The interface that classes must implement to be serialized/deserialized
+ as protocol or extension messages.
+
+
+
+
+ Checks the message state for conformity to the protocol specification
+ and throws an exception if the message is invalid.
+
+
+ Some messages have required fields, or combinations of fields that must relate to each other
+ in specialized ways. After deserializing a message, this method checks the state of the
+ message to see if it conforms to the protocol.
+ Note that this property should not check signatures or perform any state checks
+ outside this scope of this particular message.
+
+ Thrown if the message is invalid.
+
+
+
+ Gets the version of the protocol or extension this message is prepared to implement.
+
+
+ Implementations of this interface should ensure that this property never returns null.
+
+
+
+
+ Gets the extra, non-standard Protocol parameters included in the message.
+
+
+ Implementations of this interface should ensure that this property never returns null.
+
+
+
+
+ Gets the HTTP headers of the request.
+
+ May be an empty collection, but must not be null.
+
+
+
+ Contract class for the interface.
+
+
+
+
+ Checks the message state for conformity to the protocol specification
+ and throws an exception if the message is invalid.
+
+
+ Some messages have required fields, or combinations of fields that must relate to each other
+ in specialized ways. After deserializing a message, this method checks the state of the
+ message to see if it conforms to the protocol.
+ Note that this property should not check signatures or perform any state checks
+ outside this scope of this particular message.
+
+ Thrown if the message is invalid.
+
+
+
+ Gets the HTTP headers of the request.
+
+ May be an empty collection, but must not be null.
+
+
+
+ Gets the version of the protocol or extension this message is prepared to implement.
+
+
+ Implementations of this interface should ensure that this property never returns null.
+
+
+
+
+ Gets the extra, non-standard Protocol parameters included in the message.
+
+
+ Implementations of this interface should ensure that this property never returns null.
+
+
An interface that allows indirect response messages to specify
@@ -1805,42 +1990,6 @@
An interface that extension messages must implement.
-
-
- The interface that classes must implement to be serialized/deserialized
- as protocol or extension messages.
-
-
-
-
- Checks the message state for conformity to the protocol specification
- and throws an exception if the message is invalid.
-
-
- Some messages have required fields, or combinations of fields that must relate to each other
- in specialized ways. After deserializing a message, this method checks the state of the
- message to see if it conforms to the protocol.
- Note that this property should not check signatures or perform any state checks
- outside this scope of this particular message.
-
- Thrown if the message is invalid.
-
-
-
- Gets the version of the protocol or extension this message is prepared to implement.
-
-
- Implementations of this interface should ensure that this property never returns null.
-
-
-
-
- Gets the extra, non-standard Protocol parameters included in the message.
-
-
- Implementations of this interface should ensure that this property never returns null.
-
-
Contract class for the interface.
@@ -2406,7 +2555,7 @@
Throws a if some evaluates to false.
True to do nothing; false to throw the exception.
- The error message for the exception.
+ The error message for the exception.
The string formatting arguments, if any.
Thrown if evaluates to false.
@@ -2414,7 +2563,7 @@
Throws a .
- The message to set in the exception.
+ The message to set in the exception.
The formatting arguments of the message.
An InternalErrorException, which may be "thrown" by the caller in order
@@ -2899,28 +3048,94 @@
The context in which to set the response.
-
+
- An interface describing how various objects can be serialized and deserialized between their object and string forms.
+ An exception to represent errors in the local or remote implementation of the protocol
+ that includes the response message that should be returned to the HTTP client to comply
+ with the protocol specification.
-
- Implementations of this interface must include a default constructor and must be thread-safe.
-
-
+
- Encodes the specified value.
+ An exception to represent errors in the local or remote implementation of the protocol.
- The value. Guaranteed to never be null.
- The in string form, ready for message transport.
-
+
- Decodes the specified value.
+ Initializes a new instance of the class.
+
+
+
+
+ Initializes a new instance of the class.
+
+ A message describing the specific error the occurred or was detected.
+
+
+
+ Initializes a new instance of the class.
+
+ A message describing the specific error the occurred or was detected.
+ The inner exception to include.
+
+
+
+ Initializes a new instance of the class
+ such that it can be sent as a protocol message response to a remote caller.
+
+ The human-readable exception message.
+ The message that was the cause of the exception. May be null.
+ The inner exception to include.
+
+
+
+ Initializes a new instance of the class.
+
+ The
+ that holds the serialized object data about the exception being thrown.
+ The System.Runtime.Serialization.StreamingContext
+ that contains contextual information about the source or destination.
+
+
+
+ Gets the message that caused the exception.
+
+
+
+
+ The channel that produced the error response message, to be used in constructing the actual HTTP response.
+
+
+
+
+ Initializes a new instance of the class
+ such that it can be sent as a protocol message response to a remote caller.
+
+ The channel to use when encoding the response message.
+ The message to send back to the HTTP client.
+ The message that was the cause of the exception. May be null.
+ The inner exception.
+ The message for the exception.
+
+
+
+ Initializes a new instance of the class.
+
+ The
+ that holds the serialized object data about the exception being thrown.
+ The System.Runtime.Serialization.StreamingContext
+ that contains contextual information about the source or destination.
+
+
+
+ Creates the HTTP response to forward to the client to report the error.
+
+ The HTTP response.
+
+
+
+ Gets the protocol message to send back to the client to report the error.
- The string value carried by the transport. Guaranteed to never be null, although it may be empty.
- The deserialized form of the given string.
- Thrown when the string value given cannot be decoded into the required object type.
@@ -2951,6 +3166,19 @@
Thrown when the string value given cannot be decoded into the required object type.
+
+
+ An interface describing how various objects can be serialized and deserialized between their object and string forms.
+
+
+ Implementations of this interface must include a default constructor and must be thread-safe.
+
+
+
+
+ Gets the type of the encoded values produced by this encoder, as they would appear in their preferred form.
+
+
A message part encoder that has a special encoding for a null value.
@@ -3289,16 +3517,14 @@
The message to serialize. Must not be null.
A non-null, non-empty value.
-
+
Deserializes a .
- The message that contains the serialized value. Must not be nulll.
+ The instance to deserialize into
The serialized form of the to deserialize. Must not be null or empty.
+ The message that contains the serialized value. Must not be nulll.
Name of the message part whose value is to be deserialized. Used for exception messages.
-
- The deserialized value. Never null.
-
@@ -3364,7 +3590,10 @@
The message types that might be encountered.
All the possible message versions that might be encountered.
- The binding elements to apply to the channel.
+
+ The binding elements to use in sending and receiving messages.
+ The order they are provided is used for outgoing messgaes, and reversed for incoming messages.
+
@@ -4161,6 +4390,15 @@
a property is totally dropped from a newer version of the protocol.
+
+
+ Gets or sets a value indicating whether the value contained by this property contains
+ sensitive information that should generally not be logged.
+
+
+ true if this instance is security sensitive; otherwise, false.
+
+
Gets or sets the minimum version of the protocol this attribute applies to
@@ -4282,51 +4520,6 @@
replay attack.
-
-
- An exception to represent errors in the local or remote implementation of the protocol.
-
-
-
-
- Initializes a new instance of the class.
-
-
-
-
- Initializes a new instance of the class.
-
- A message describing the specific error the occurred or was detected.
-
-
-
- Initializes a new instance of the class.
-
- A message describing the specific error the occurred or was detected.
- The inner exception to include.
-
-
-
- Initializes a new instance of the class
- such that it can be sent as a protocol message response to a remote caller.
-
- The human-readable exception message.
- The message that was the cause of the exception. Must not be null.
-
-
-
- Initializes a new instance of the class.
-
- The
- that holds the serialized object data about the exception being thrown.
- The System.Runtime.Serialization.StreamingContext
- that contains contextual information about the source or destination.
-
-
-
- Gets the message that caused the exception.
-
-
Initializes a new instance of the class.
@@ -4468,6 +4661,11 @@
The server variables collection.
+
+
+ The backing field for the property.
+
+
Initializes a new instance of the class.
@@ -4475,7 +4673,7 @@
The request.
The request URI.
-
+
Initializes a new instance of the class.
@@ -4483,6 +4681,7 @@
The request URI.
The form variables.
The HTTP headers.
+ The cookies in the request.
@@ -4490,6 +4689,12 @@
Details on the incoming HTTP request.
+
+
+ Initializes a new instance of the class.
+
+ The request.
+
Initializes a new instance of the class.
@@ -4514,6 +4719,13 @@
The listener request.
An instance of .
+
+
+ Creates an instance that describes the specified HTTP request.
+
+ The HTTP request.
+ An instance of .
+
Creates an instance that describes the specified HTTP request.
@@ -4534,15 +4746,22 @@
The input stream.
An instance of .
-
+
Reads name=value pairs from the POSTed form entity when the HTTP headers indicate that that is the payload of the entity.
The HTTP method.
The headers.
- The input stream.
+ A function that returns the input stream.
The non-null collection of form variables.
+
+
+ Adds HTTP headers to a .
+
+ The collection to be modified with added entries.
+ The collection to read from.
+
Gets the HTTP method.
@@ -4578,6 +4797,12 @@
Gets the server variables.
+
+
+ Gets the collection of cookies that were sent by the client.
+
+ The client's cookies.
+
Code contract for the interface.
@@ -4661,7 +4886,7 @@
- Reads the data from a message instance and writes a XML/JSON encoding of it.
+ Reads the data from a message instance and writes an XML/JSON encoding of it.
The message to be serialized.
The writer to use for the serialized form.
@@ -4747,6 +4972,11 @@
Looks up a localized string similar to DataContractSerializer could not be initialized on message type {0} because the DataContractAttribute.Namespace property is not set..
+
+
+ Looks up a localized string similar to Decoding failed due to data corruption..
+
+
Looks up a localized string similar to An instance of type {0} was expected, but received unexpected derived type {1}..
@@ -5139,11 +5369,6 @@
The random number generator is thread-safe.
-
-
- A pseudo-random data generator (NOT cryptographically strong random data)
-
-
The default lifetime of a private secret.
@@ -5185,6 +5410,13 @@
The response to send to the user agent.
The instance to be returned by the Controller's action method.
+
+
+ Transforms an OutgoingWebResponse to a Web API-friendly HttpResponseMessage.
+
+ The response to send to the user agent.
+ The instance to be returned by the Web API method.
+
Gets the original request URL, as seen from the browser before any URL rewrites on the server if any.
@@ -5262,6 +5494,61 @@
The allowable margin of error.
true if the two TimeSpans are within of each other.
+
+
+ Compares to string values for ordinal equality in such a way that its execution time does not depend on how much of the value matches.
+
+ The first value.
+ The second value.
+ A value indicating whether the two strings share ordinal equality.
+
+ In signature equality checks, a difference in execution time based on how many initial characters match MAY
+ be used as an attack to figure out the expected signature. It is therefore important to make a signature
+ equality check's execution time independent of how many characters match the expected value.
+ See http://codahale.com/a-lesson-in-timing-attacks/ for more information.
+
+
+
+
+ Gets the public facing URL for the given incoming HTTP request.
+
+ The incoming request. Cannot be null.
+ The server variables to consider part of the request. Cannot be null.
+
+ The URI that the outside world used to create this request.
+
+
+ Although the value can be obtained from
+ , it's useful to be able to pass them
+ in so we can simulate injected values from our unit tests since the actual property
+ is a read-only kind of .
+
+
+
+
+ Gets the public facing URL for the given incoming HTTP request.
+
+ The incoming request. Cannot be null. Server variables are read from this request.
+ The URI that the outside world used to create this request.
+
+
+
+ Gets the URL to the root of a web site, which may include a virtual directory path.
+
+ An absolute URI.
+
+
+
+ Creates the XML reader settings to use for reading XML from untrusted sources.
+
+
+ The new instance of .
+
+
+ The default values set here are based on recommendations from
+ http://msdn.microsoft.com/en-us/magazine/ee335713.aspx
+
+
Clears any existing elements in a collection and fills the collection with a given set of values.
@@ -5286,6 +5573,15 @@
The request handler.
The parts to include in the POST entity.
+
+
+ Assembles the content of the HTTP Authorization or WWW-Authenticate header.
+
+ The fields to include.
+
+ A value prepared for an HTTP header.
+
+
Assembles the content of the HTTP Authorization or WWW-Authenticate header.
@@ -5305,18 +5601,17 @@
Encodes a symmetric key handle and the blob that is encrypted/signed with that key into a single string
- that can be decoded by .
+ that can be decoded by .
The cryptographic key handle.
The encrypted/signed blob.
The combined encoded value.
-
+
Extracts the key handle and encrypted blob from a string previously returned from .
- The containing message.
- The message part.
+ The message part. May be null if not applicable.
The value previously returned from .
The crypto key handle.
The encrypted/signed data.
@@ -5337,12 +5632,23 @@
- Gets a cryptographically strong random sequence of values.
+ Gets a cryptographically strong random string of base64 characters.
The length of the byte sequence to generate.
A base64 encoding of the generated random data,
whose length in characters will likely be greater than .
+
+
+ Gets a NON-cryptographically strong random string of base64 characters.
+
+ The length of the byte sequence to generate.
+ A value indicating whether web64 encoding is used to avoid the need to escape characters.
+
+ A base64 encoding of the generated random data,
+ whose length in characters will likely be greater than .
+
+
Gets a random string made up of a given set of allowable characters.
@@ -5438,18 +5744,20 @@
A key-value pair whose key is the secret's handle and whose value is the cryptographic key.
-
+
Compresses a given buffer.
The buffer to compress.
+ The compression algorithm to use.
The compressed data.
-
+
Decompresses a given buffer.
The buffer to decompress.
+ The compression algorithm used.
The decompressed data.
@@ -5466,20 +5774,6 @@
The base64-encoded string. May be web-safe encoded.
A data buffer.
-
-
- Compares to string values for ordinal equality in such a way that its execution time does not depend on how much of the value matches.
-
- The first value.
- The second value.
- A value indicating whether the two strings share ordinal equality.
-
- In signature equality checks, a difference in execution time based on how many initial characters match MAY
- be used as an attack to figure out the expected signature. It is therefore important to make a signature
- equality check's execution time independent of how many characters match the expected value.
- See http://codahale.com/a-lesson-in-timing-attacks/ for more information.
-
-
Adds a set of HTTP headers to an instance,
@@ -5656,7 +5950,7 @@
Gets the HTTP verb to use for a given enum value.
The HTTP method.
- An HTTP verb, such as GET, POST, PUT, or DELETE.
+ An HTTP verb, such as GET, POST, PUT, DELETE, PATCH, or OPTION.
@@ -5674,6 +5968,13 @@
The sequence.
A dictionary.
+
+
+ Enumerates all members of the collection as key=value pairs.
+
+ The collection to enumerate.
+ A sequence of pairs.
+
Converts a to an IDictionary<string, string>.
@@ -5752,11 +6053,16 @@
The binary writer.
The buffer.
-
+
Reads a buffer that is prefixed with its own length.
The binary reader positioned at the buffer length.
+
+ The maximum size of the buffer that should be permitted.
+ Although the stream will indicate the size of the buffer, this mitigates data corruption
+ or DoS attacks causing the web server to allocate too much memory for a small data packet.
+
The read buffer.
@@ -5768,6 +6074,32 @@
if set to true the values will NOT be escaped as if it were a pure string.
The Javascript JSON object as a string.
+
+
+ Serializes the given message as a JSON string.
+
+ The message to serialize.
+ The cached message descriptions to use for reflection.
+ A JSON string.
+
+
+
+ Serializes the given message as a JSON string.
+
+ The message to serialize.
+ The cached message descriptions to use for reflection.
+ The encoding to use. Defaults to
+ A JSON string.
+
+
+
+ Deserializes a JSON object into a message.
+
+ The buffer containing the JSON string.
+ The message to deserialize the object into.
+ The cache of message descriptions.
+ The encoding that the JSON bytes are in.
+
Prepares what SHOULD be simply a string value for safe injection into Javascript
@@ -5823,29 +6155,6 @@
true if this request's URL was rewritten; otherwise, false.
-
-
- Gets the public facing URL for the given incoming HTTP request.
-
- The request.
- The server variables to consider part of the request.
-
- The URI that the outside world used to create this request.
-
-
- Although the value can be obtained from
- , it's useful to be able to pass them
- in so we can simulate injected values from our unit tests since the actual property
- is a read-only kind of .
-
-
-
-
- Gets the public facing URL for the given incoming HTTP request.
-
- The request.
- The URI that the outside world used to create this request.
-
Gets the query or form data from the original request (before any URL rewriting has occurred.)
@@ -5862,6 +6171,46 @@
The symmetric key to use for encryption/decryption.
A symmetric algorithm.
+
+
+ Gets a random number generator for use on the current thread only.
+
+
+
+
+ The available compression algorithms.
+
+
+
+
+ The Deflate algorithm.
+
+
+
+
+ The GZip algorithm.
+
+
+
+
+ A thread-safe, non-crypto random number generator.
+
+
+
+
+ The initializer of all new instances.
+
+
+
+
+ A thread-local instance of
+
+
+
+
+ Gets a random number generator for use on the current thread only.
+
+
A class to convert a into an .
@@ -5976,6 +6325,11 @@
The encoder.
+
+
+ Gets the encoder.
+
+
A mapping between serialized key names and instances describing
@@ -6493,6 +6847,15 @@
Gets or sets a value indicating whether this part is defined as a constant field and can be read without a message instance.
+
+
+ Gets or sets a value indicating whether the value contained by this property contains
+ sensitive information that should generally not be logged.
+
+
+ true if this instance is security sensitive; otherwise, false.
+
+
Gets the static constant value for this message part without a message instance.
@@ -6503,6 +6866,11 @@
Gets the type of the declared member.
+
+
+ Gets the type of the encoded values produced by this encoder, as they would appear in their preferred form.
+
+
An exception thrown when messages cannot receive all the protections they require.
@@ -6636,6 +7004,12 @@
Use the method instead for web forms.
+
+
+ Submits this response to a WCF response context. Only available when no response body is included.
+
+ The response context to apply the response to.
+
Automatically sends the appropriate response to the user agent.
@@ -6709,6 +7083,11 @@
to a length limitation imposed by the HttpWebRequest or calling method.
+
+
+ Gets the cookies collection to add as headers to the HTTP response.
+
+
Gets or sets the body of the response as a string.
@@ -6768,6 +7147,16 @@
Added to the URLs in the query part (as defined by [RFC3986] (Berners-Lee, T., “Uniform Resource Identifiers (URI): Generic Syntax,” .) section 3).
+
+
+ Added to the URLs in the query part (as defined by [RFC3986] (Berners-Lee, T., “Uniform Resource Identifiers (URI): Generic Syntax,” .) section 3).
+
+
+
+
+ Added to the URLs in the query part (as defined by [RFC3986] (Berners-Lee, T., “Uniform Resource Identifiers (URI): Generic Syntax,” .) section 3).
+
+
The flags that control HTTP verbs.
@@ -6817,6 +7206,11 @@
Thrown when the string value given cannot be decoded into the required object type.
+
+
+ Gets the type of the encoded values produced by this encoder, as they would appear in their preferred form.
+
+
A paranoid HTTP get/post request engine. It helps to protect against attacks from remote
@@ -9617,6 +10011,7 @@
The value.
Name of the parameter.
+ The validated value.
@@ -9750,6 +10145,16 @@
Looks up a localized string similar to The argument has an unexpected value..
+
+
+ Looks up a localized string similar to The property {0} must be set before this operation is allowed..
+
+
+
+
+ Looks up a localized string similar to This object contains a response body, which is not supported..
+
+
Looks up a localized string similar to No current HttpContext was detected, so an {0} instance must be explicitly provided or specified in the .config file. Call the constructor overload that takes an {0}..
@@ -9866,6 +10271,11 @@
whether the build is an official or private one.
+
+
+ Gets the assembly file version of the executing assembly, otherwise falls back to the assembly version.
+
+
Manages an individual deferred ToString call.
diff --git a/PROJ-ETS/PROJ-ETS/bin/DotNetOpenAuth.OAuth.Consumer.dll b/PROJ-ETS/PROJ-ETS/bin/DotNetOpenAuth.OAuth.Consumer.dll
index b5a9a16..6f5bc0e 100644
Binary files a/PROJ-ETS/PROJ-ETS/bin/DotNetOpenAuth.OAuth.Consumer.dll and b/PROJ-ETS/PROJ-ETS/bin/DotNetOpenAuth.OAuth.Consumer.dll differ
diff --git a/PROJ-ETS/PROJ-ETS/bin/DotNetOpenAuth.OAuth.Consumer.xml b/PROJ-ETS/PROJ-ETS/bin/DotNetOpenAuth.OAuth.Consumer.xml
index 4ccee17..dfe61ca 100644
--- a/PROJ-ETS/PROJ-ETS/bin/DotNetOpenAuth.OAuth.Consumer.xml
+++ b/PROJ-ETS/PROJ-ETS/bin/DotNetOpenAuth.OAuth.Consumer.xml
@@ -166,6 +166,15 @@
The token secret is stored in the .
+
+
+ Creates an HTTP handler that automatically applies an OAuth 1 access token and signature to outbound HTTP requests.
+ The result of this method can be supplied to the constructor.
+
+ The access token to use to authorize each outbound HTTP message.
+ The inner HTTP handler to use. The default uses as the inner handler.
+ An instance.
+
Creates a web request prepared with OAuth authorization
@@ -337,6 +346,312 @@
The access token assigned by the Service Provider.
+
+
+ A delegating HTTP handler that signs outgoing HTTP requests
+ with an HMAC-SHA1 signature.
+
+
+
+
+ A base class for delegating s that sign
+ outgoing HTTP requests per the OAuth 1.0 "3.4 Signature" in RFC 5849.
+
+
+ This implements http://tools.ietf.org/html/rfc5849#section-3.4
+
+
+
+
+ These are the characters that may be chosen from when forming a random nonce.
+
+
+
+
+ The default nonce length.
+
+
+
+
+ The default parameters location.
+
+
+
+
+ The reference date and time for calculating time stamps.
+
+
+
+
+ An array containing simply the amperstand character.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The inner handler which is responsible for processing the HTTP response messages.
+
+
+
+ Applies OAuth authorization to the specified request.
+ This method is applied automatically to outbound requests that use this message handler instance.
+ However this method may be useful for obtaining the OAuth 1.0 signature without actually sending the request.
+
+ The request.
+
+
+
+ Sends an HTTP request to the inner handler to send to the server as an asynchronous operation.
+
+ The HTTP request message to send to the server.
+ A cancellation token to cancel operation.
+
+ Returns . The task object representing the asynchronous operation.
+
+
+
+
+ Calculates the signature for the specified buffer.
+
+ The payload to calculate the signature for.
+ The signature.
+
+
+
+ Gets the OAuth 1.0 signature to apply to the specified request.
+
+ The outbound HTTP request.
+ The oauth parameters.
+
+ The value for the "oauth_signature" parameter.
+
+
+
+
+ Gets the "ConsumerSecret&AccessTokenSecret" string, allowing either property to be empty or null.
+
+ The concatenated string.
+
+ This is useful in the PLAINTEXT and HMAC-SHA1 signature algorithms.
+
+
+
+
+ Escapes a value for transport in a URI, per RFC 3986.
+
+ The value to escape. Null and empty strings are OK.
+ The escaped value. Never null.
+
+
+
+ Returns the OAuth 1.0 timestamp for the current time.
+
+ The date time.
+ A string representation of the number of seconds since "the epoch".
+
+
+
+ Constructs the "Base String URI" as described in http://tools.ietf.org/html/rfc5849#section-3.4.1.2
+
+ The request URI.
+
+ The string to include in the signature base string.
+
+
+
+
+ Constructs the "Signature Base String" as described in http://tools.ietf.org/html/rfc5849#section-3.4.1
+
+ The HTTP request message.
+ The oauth parameters.
+
+ The signature base string.
+
+
+
+
+ Generates a string of random characters for use as a nonce.
+
+ The nonce string.
+
+
+
+ Gets the "oauth_" prefixed parameters that should be added to an outbound request.
+
+ A collection of name=value pairs.
+
+
+
+ Gets a normalized string of the query string parameters included in the request and the additional OAuth parameters.
+
+ The HTTP request.
+ The oauth parameters that will be added to the request.
+ The normalized string of parameters to included in the signature base string.
+
+
+
+ Gets or sets the location to add OAuth parameters to outbound HTTP requests.
+
+
+
+
+ Gets or sets the consumer key.
+
+
+ The consumer key.
+
+
+
+
+ Gets or sets the consumer secret.
+
+
+ The consumer secret.
+
+
+
+
+ Gets or sets the access token.
+
+
+ The access token.
+
+
+
+
+ Gets or sets the access token secret.
+
+
+ The access token secret.
+
+
+
+
+ Gets or sets the length of the nonce.
+
+
+ The length of the nonce.
+
+
+
+
+ Gets the signature method to include in the oauth_signature_method parameter.
+
+
+ The signature method.
+
+
+
+
+ The locations that oauth parameters may be added to HTTP requests.
+
+
+
+
+ The oauth parameters are added to the query string in the URL.
+
+
+
+
+ An HTTP Authorization header is added with the OAuth scheme.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The inner handler which is responsible for processing the HTTP response messages.
+
+
+
+ Calculates the signature for the specified buffer.
+
+ The payload to calculate the signature for.
+
+ The signature.
+
+
+
+
+ Gets the signature method to include in the oauth_signature_method parameter.
+
+
+ The signature method.
+
+
+
+
+ A delegating HTTP handler that signs outgoing HTTP requests
+ with the PLAINTEXT signature.
+
+
+
+
+ Calculates the signature for the specified buffer.
+
+ The payload to calculate the signature for.
+
+ The signature.
+
+ Always thrown.
+
+
+
+ Gets the OAuth 1.0 signature to apply to the specified request.
+
+ The outbound HTTP request.
+ The oauth parameters.
+
+ The value for the "oauth_signature" parameter.
+
+
+
+
+ Gets the signature method to include in the oauth_signature_method parameter.
+
+
+ The signature method.
+
+
+
+
+ A delegating HTTP handler that signs outgoing HTTP requests
+ with an RSA-SHA1 signature.
+
+
+
+
+ Calculates the signature for the specified buffer.
+
+ The payload to calculate the signature for.
+
+ The signature.
+
+
+
+
+ Gets or sets the certificate used to sign outgoing messages. Used only by Consumers.
+
+
+
+
+ Gets the signature method to include in the oauth_signature_method parameter.
+
+
+ The signature method.
+
+
A website or application that uses OAuth to access the Service Provider on behalf of the User.
diff --git a/PROJ-ETS/PROJ-ETS/bin/DotNetOpenAuth.OAuth.dll b/PROJ-ETS/PROJ-ETS/bin/DotNetOpenAuth.OAuth.dll
index ca2be23..437b6d4 100644
Binary files a/PROJ-ETS/PROJ-ETS/bin/DotNetOpenAuth.OAuth.dll and b/PROJ-ETS/PROJ-ETS/bin/DotNetOpenAuth.OAuth.dll differ
diff --git a/PROJ-ETS/PROJ-ETS/bin/DotNetOpenAuth.OpenId.RelyingParty.dll b/PROJ-ETS/PROJ-ETS/bin/DotNetOpenAuth.OpenId.RelyingParty.dll
index 1d7c6b6..54e221c 100644
Binary files a/PROJ-ETS/PROJ-ETS/bin/DotNetOpenAuth.OpenId.RelyingParty.dll and b/PROJ-ETS/PROJ-ETS/bin/DotNetOpenAuth.OpenId.RelyingParty.dll differ
diff --git a/PROJ-ETS/PROJ-ETS/bin/DotNetOpenAuth.OpenId.RelyingParty.xml b/PROJ-ETS/PROJ-ETS/bin/DotNetOpenAuth.OpenId.RelyingParty.xml
index 344dab9..50b4dde 100644
--- a/PROJ-ETS/PROJ-ETS/bin/DotNetOpenAuth.OpenId.RelyingParty.xml
+++ b/PROJ-ETS/PROJ-ETS/bin/DotNetOpenAuth.OpenId.RelyingParty.xml
@@ -600,6 +600,11 @@
The pattern within a host-meta file to look for to obtain the URI to the XRDS document.
+
+
+ A set of certificate thumbprints that have been verified.
+
+
Initializes a new instance of the class.
@@ -650,7 +655,7 @@
The host name on the certificate that should be used to verify the signature in the XRDS.
Thrown if the XRDS document has an invalid or a missing signature.
-
+
Verifies the cert chain.
@@ -675,6 +680,12 @@
Thrown if the XRDS document could not be obtained.
+
+
+ Verifies that a certificate chain is trusted.
+
+ The chain of certificates to verify.
+
Gets the XRDS HTTP response for a given identifier.
diff --git a/PROJ-ETS/PROJ-ETS/bin/DotNetOpenAuth.OpenId.dll b/PROJ-ETS/PROJ-ETS/bin/DotNetOpenAuth.OpenId.dll
index feb3850..9396ae8 100644
Binary files a/PROJ-ETS/PROJ-ETS/bin/DotNetOpenAuth.OpenId.dll and b/PROJ-ETS/PROJ-ETS/bin/DotNetOpenAuth.OpenId.dll differ
diff --git a/PROJ-ETS/PROJ-ETS/bin/DotNetOpenAuth.OpenId.xml b/PROJ-ETS/PROJ-ETS/bin/DotNetOpenAuth.OpenId.xml
index 885c310..aaa9f04 100644
--- a/PROJ-ETS/PROJ-ETS/bin/DotNetOpenAuth.OpenId.xml
+++ b/PROJ-ETS/PROJ-ETS/bin/DotNetOpenAuth.OpenId.xml
@@ -71,6 +71,29 @@
The default value is 14 days.
+
+
+ The configuration element that can adjust how hostmeta discovery works.
+
+
+
+
+ The property name for enableCertificateValidationCache.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Gets or sets a value indicating whether validated certificates should be cached and not validated again.
+
+
+ This helps to avoid unexplained 5-10 second delays in certificate validation for Google Apps for Domains that impact some servers.
+
+
Represents the <openid> element in the host's .config file.
@@ -336,6 +359,11 @@
The name of the <discoveryServices> sub-element.
+
+
+ The name of the <hostMetaDiscovery> sub-element.
+
+
The built-in set of identifier discovery services.
@@ -369,6 +397,11 @@
Gets or sets the type to use for storing application state.
+
+
+ Gets or sets the host meta discovery configuration element.
+
+
Gets or sets the services to use for discovering service endpoints for identifiers.
@@ -3648,10 +3681,10 @@
actively authenticated to the OP in a manner fitting the asserted policies.
- If the RP's request included the "openid.max_auth_age" parameter
- then the OP MUST include "openid.auth_time" in its response.
- If "openid.max_auth_age" was not requested, the OP MAY choose to include
- "openid.auth_time" in its response.
+ If the RP's request included the "openid.pape.max_auth_age" parameter
+ then the OP MUST include "openid.pape.auth_time" in its response.
+ If "openid.pape.max_auth_age" was not requested, the OP MAY choose to include
+ "openid.pape.auth_time" in its response.
@@ -3887,7 +3920,8 @@
- Initializes a new instance of the class.
+ Initializes a new instance of the class
+ using the most common, and spec prescribed type URI.
@@ -3897,6 +3931,8 @@
The type URI that must be used to identify this extension in the response message.
This value should be the same one the relying party used to send the extension request.
+ Commonly used type URIs supported by relying parties are defined in the
+ class.
@@ -4027,7 +4063,7 @@
- Gets or sets a combination o the language and country of the user.
+ Gets or sets a combination of the language and country of the user.
@@ -4048,6 +4084,30 @@
Additional type URIs that this extension is sometimes known by remote parties.
+
+
+ Commonly used type URIs to represent the Simple Registration extension.
+
+
+
+
+ The URI "http://openid.net/extensions/sreg/1.1".
+
+
+ This is the type URI prescribed by the Simple Registration 1.1 spec.
+ http://openid.net/specs/openid-simple-registration-extension-1_1-01.html#anchor3
+
+
+
+
+ The URI "http://openid.net/sreg/1.0"
+
+
+
+
+ The URI "http://openid.net/sreg/1.1"
+
+
Specifies what level of interest a relying party has in obtaining the value
@@ -8491,14 +8551,21 @@
Provides information about some HMAC-SHA hashing algorithm that OpenID supports.
+
+
+ Creates the using a given shared secret for the mac.
+
+ The HMAC secret.
+ The algorithm.
+
Gets or sets the function that takes a particular OpenID version and returns the value of the openid.assoc_type parameter in that protocol.
-
+
- Gets or sets a function that will create the using a given shared secret for the mac.
+ Gets or sets the name of the HMAC-SHA algorithm. (e.g. "HMAC-SHA256")
diff --git a/PROJ-ETS/PROJ-ETS/bin/Microsoft.AspNet.Membership.OpenAuth.dll b/PROJ-ETS/PROJ-ETS/bin/Microsoft.AspNet.Membership.OpenAuth.dll
index ae2cfe2..03faf55 100644
Binary files a/PROJ-ETS/PROJ-ETS/bin/Microsoft.AspNet.Membership.OpenAuth.dll and b/PROJ-ETS/PROJ-ETS/bin/Microsoft.AspNet.Membership.OpenAuth.dll differ
diff --git a/PROJ-ETS/PROJ-ETS/bin/System.Web.Providers.dll b/PROJ-ETS/PROJ-ETS/bin/System.Web.Providers.dll
index d741298..1b40f44 100644
Binary files a/PROJ-ETS/PROJ-ETS/bin/System.Web.Providers.dll and b/PROJ-ETS/PROJ-ETS/bin/System.Web.Providers.dll differ
diff --git a/PROJ-ETS/PROJ-ETS/bin/WebGrease.dll b/PROJ-ETS/PROJ-ETS/bin/WebGrease.dll
index f8f019c..c4bc0f8 100644
Binary files a/PROJ-ETS/PROJ-ETS/bin/WebGrease.dll and b/PROJ-ETS/PROJ-ETS/bin/WebGrease.dll differ
diff --git a/PROJ-ETS/packages/AspNet.ScriptManager.jQuery.2.0.0/AspNet.ScriptManager.jQuery.2.0.0.nupkg b/PROJ-ETS/packages/AspNet.ScriptManager.jQuery.2.0.0/AspNet.ScriptManager.jQuery.2.0.0.nupkg
new file mode 100644
index 0000000..b38f9de
Binary files /dev/null and b/PROJ-ETS/packages/AspNet.ScriptManager.jQuery.2.0.0/AspNet.ScriptManager.jQuery.2.0.0.nupkg differ
diff --git a/PROJ-ETS/packages/AspNet.ScriptManager.jQuery.2.0.0/AspNet.ScriptManager.jQuery.2.0.0.nuspec b/PROJ-ETS/packages/AspNet.ScriptManager.jQuery.2.0.0/AspNet.ScriptManager.jQuery.2.0.0.nuspec
new file mode 100644
index 0000000..a4c557a
--- /dev/null
+++ b/PROJ-ETS/packages/AspNet.ScriptManager.jQuery.2.0.0/AspNet.ScriptManager.jQuery.2.0.0.nuspec
@@ -0,0 +1,16 @@
+
+
+
+ AspNet.ScriptManager.jQuery
+ 2.0.0
+ AspNet.ScriptManager.jQuery
+ Damian Edwards
+ Damian Edwards
+ false
+ This package contains the AspNet.ScriptManager.jQuery assembly that will automatically register jQuery 2.0.0 with the ScriptManager as "jquery".
+ en-US
+
+
+
+
+
\ No newline at end of file
diff --git a/PROJ-ETS/packages/AspNet.ScriptManager.jQuery.2.0.0/lib/net40/AspNet.ScriptManager.jQuery.dll b/PROJ-ETS/packages/AspNet.ScriptManager.jQuery.2.0.0/lib/net40/AspNet.ScriptManager.jQuery.dll
new file mode 100644
index 0000000..46c54ff
Binary files /dev/null and b/PROJ-ETS/packages/AspNet.ScriptManager.jQuery.2.0.0/lib/net40/AspNet.ScriptManager.jQuery.dll differ
diff --git a/PROJ-ETS/packages/AspNet.ScriptManager.jQuery.2.0.0/lib/net45/AspNet.ScriptManager.jQuery.dll b/PROJ-ETS/packages/AspNet.ScriptManager.jQuery.2.0.0/lib/net45/AspNet.ScriptManager.jQuery.dll
new file mode 100644
index 0000000..baa9bc3
Binary files /dev/null and b/PROJ-ETS/packages/AspNet.ScriptManager.jQuery.2.0.0/lib/net45/AspNet.ScriptManager.jQuery.dll differ
diff --git a/PROJ-ETS/packages/AspNet.ScriptManager.jQuery.UI.Combined.1.10.2/AspNet.ScriptManager.jQuery.UI.Combined.1.10.2.nupkg b/PROJ-ETS/packages/AspNet.ScriptManager.jQuery.UI.Combined.1.10.2/AspNet.ScriptManager.jQuery.UI.Combined.1.10.2.nupkg
new file mode 100644
index 0000000..5e557c2
Binary files /dev/null and b/PROJ-ETS/packages/AspNet.ScriptManager.jQuery.UI.Combined.1.10.2/AspNet.ScriptManager.jQuery.UI.Combined.1.10.2.nupkg differ
diff --git a/PROJ-ETS/packages/AspNet.ScriptManager.jQuery.UI.Combined.1.10.2/AspNet.ScriptManager.jQuery.UI.Combined.1.10.2.nuspec b/PROJ-ETS/packages/AspNet.ScriptManager.jQuery.UI.Combined.1.10.2/AspNet.ScriptManager.jQuery.UI.Combined.1.10.2.nuspec
new file mode 100644
index 0000000..e46a7a5
--- /dev/null
+++ b/PROJ-ETS/packages/AspNet.ScriptManager.jQuery.UI.Combined.1.10.2/AspNet.ScriptManager.jQuery.UI.Combined.1.10.2.nuspec
@@ -0,0 +1,16 @@
+
+
+
+ AspNet.ScriptManager.jQuery.UI.Combined
+ 1.10.2
+ AspNet.ScriptManager.jQuery.UI.Combined
+ Damian Edwards
+ Damian Edwards
+ false
+ This package contains the AspNet.ScriptManager.jQuery.UI.Combined assembly that will automatically register jQuery.UI.Combined 1.10.2 with the ScriptManager as "jquery.ui.combined".
+ en-US
+
+
+
+
+
\ No newline at end of file
diff --git a/PROJ-ETS/packages/AspNet.ScriptManager.jQuery.UI.Combined.1.10.2/lib/net40/AspNet.ScriptManager.jQuery.UI.Combined.dll b/PROJ-ETS/packages/AspNet.ScriptManager.jQuery.UI.Combined.1.10.2/lib/net40/AspNet.ScriptManager.jQuery.UI.Combined.dll
new file mode 100644
index 0000000..6b31868
Binary files /dev/null and b/PROJ-ETS/packages/AspNet.ScriptManager.jQuery.UI.Combined.1.10.2/lib/net40/AspNet.ScriptManager.jQuery.UI.Combined.dll differ
diff --git a/PROJ-ETS/packages/AspNet.ScriptManager.jQuery.UI.Combined.1.10.2/lib/net45/AspNet.ScriptManager.jQuery.UI.Combined.dll b/PROJ-ETS/packages/AspNet.ScriptManager.jQuery.UI.Combined.1.10.2/lib/net45/AspNet.ScriptManager.jQuery.UI.Combined.dll
new file mode 100644
index 0000000..f72f410
Binary files /dev/null and b/PROJ-ETS/packages/AspNet.ScriptManager.jQuery.UI.Combined.1.10.2/lib/net45/AspNet.ScriptManager.jQuery.UI.Combined.dll differ
diff --git a/PROJ-ETS/packages/DotNetOpenAuth.AspNet.4.3.0.13117/DotNetOpenAuth.AspNet.4.3.0.13117.nupkg b/PROJ-ETS/packages/DotNetOpenAuth.AspNet.4.3.0.13117/DotNetOpenAuth.AspNet.4.3.0.13117.nupkg
new file mode 100644
index 0000000..f7c9985
Binary files /dev/null and b/PROJ-ETS/packages/DotNetOpenAuth.AspNet.4.3.0.13117/DotNetOpenAuth.AspNet.4.3.0.13117.nupkg differ
diff --git a/PROJ-ETS/packages/DotNetOpenAuth.AspNet.4.3.0.13117/DotNetOpenAuth.AspNet.4.3.0.13117.nuspec b/PROJ-ETS/packages/DotNetOpenAuth.AspNet.4.3.0.13117/DotNetOpenAuth.AspNet.4.3.0.13117.nuspec
new file mode 100644
index 0000000..63e8c51
--- /dev/null
+++ b/PROJ-ETS/packages/DotNetOpenAuth.AspNet.4.3.0.13117/DotNetOpenAuth.AspNet.4.3.0.13117.nuspec
@@ -0,0 +1,21 @@
+
+
+
+ DotNetOpenAuth.AspNet
+ 4.3.0.13117
+ DotNetOpenAuth extensions for ASP.NET (WebPages)
+ Microsoft
+ Microsoft
+ http://www.opensource.org/licenses/ms-pl.html
+ http://www.dotnetopenauth.net/
+ https://github.com/AArnott/dotnetopenid/raw/v3.4/doc/logo/dnoa-logo_32x32.png
+ false
+ Enables web site visitors to log into an ASP.NET web application via popular identity providers,
+ including Google, Yahoo!, Windows Live, Facebook, LinkedIn and Twitter.
+ Allow your web visitors to log into your web site using accounts they already have with popular services.
+
+
+
+
+
+
\ No newline at end of file
diff --git a/PROJ-ETS/packages/DotNetOpenAuth.AspNet.4.3.0.13117/lib/net40-full/DotNetOpenAuth.AspNet.dll b/PROJ-ETS/packages/DotNetOpenAuth.AspNet.4.3.0.13117/lib/net40-full/DotNetOpenAuth.AspNet.dll
new file mode 100644
index 0000000..90b1600
Binary files /dev/null and b/PROJ-ETS/packages/DotNetOpenAuth.AspNet.4.3.0.13117/lib/net40-full/DotNetOpenAuth.AspNet.dll differ
diff --git a/PROJ-ETS/packages/DotNetOpenAuth.AspNet.4.3.0.13117/lib/net40-full/DotNetOpenAuth.AspNet.xml b/PROJ-ETS/packages/DotNetOpenAuth.AspNet.4.3.0.13117/lib/net40-full/DotNetOpenAuth.AspNet.xml
new file mode 100644
index 0000000..2b2c191
--- /dev/null
+++ b/PROJ-ETS/packages/DotNetOpenAuth.AspNet.4.3.0.13117/lib/net40-full/DotNetOpenAuth.AspNet.xml
@@ -0,0 +1,1745 @@
+
+
+
+ DotNetOpenAuth.AspNet
+
+
+
+
+ Represents the result of OAuth or OpenID authentication.
+
+
+
+
+ Returns an instance which indicates failed authentication.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+ if set to true [is successful].
+
+
+
+
+ Initializes a new instance of the class.
+
+
+ The exception.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The exception.
+ The provider name.
+
+
+
+ Initializes a new instance of the class.
+
+
+ if set to true [is successful].
+
+
+ The provider.
+
+
+ The provider user id.
+
+
+ Name of the user.
+
+
+ The extra data.
+
+
+
+
+ Gets the error that may have occured during the authentication process
+
+
+
+
+ Gets the optional extra data that may be returned from the provider
+
+
+
+
+ Gets a value indicating whether the authentication step is successful.
+
+ true if authentication is successful; otherwise, false .
+
+
+
+ Gets the provider's name.
+
+
+
+
+ Gets the user id that is returned from the provider. It is unique only within the Provider's namespace.
+
+
+
+
+ Gets an (insecure, non-unique) alias for the user that the user should recognize as himself/herself.
+
+ This may take the form of an email address, a URL, or any other value that the user may recognize.
+
+ This alias may come from the Provider or may be derived by the relying party if the Provider does not supply one.
+ It is not guaranteed to be unique and certainly does not merit any trust in any suggested authenticity.
+
+
+
+
+ The dictionary extensions.
+
+
+
+
+ Adds the value from an XDocument with the specified element name if it's not empty.
+
+
+ The dictionary.
+
+
+ The document.
+
+
+ Name of the element.
+
+
+
+
+ Adds a key/value pair to the specified dictionary if the value is not null or empty.
+
+
+ The dictionary.
+
+
+ The key.
+
+
+ The value.
+
+
+
+
+ The WindowsLive client.
+
+
+ The WindowsLive brand is being replaced by Microsoft account brand.
+ We keep this class for backward compatibility only.
+
+
+
+
+ The Microsoft account client.
+
+
+
+
+ Represents the base class for OAuth 2.0 clients
+
+
+
+
+ Represents a client which can authenticate users via an external website/provider.
+
+
+
+
+ Attempts to authenticate users by forwarding them to an external website, and upon succcess or failure, redirect users back to the specified url.
+
+
+ The context of the current request.
+
+
+ The return url after users have completed authenticating against external website.
+
+
+
+
+ Check if authentication succeeded after user is redirected back from the service provider.
+
+
+ The context of the current request.
+
+
+ An instance of containing authentication result.
+
+
+
+
+ Gets the name of the provider which provides authentication service.
+
+
+
+
+ The provider name.
+
+
+
+
+ Initializes a new instance of the class with the specified provider name.
+
+
+ Name of the provider.
+
+
+
+
+ Attempts to authenticate users by forwarding them to an external website, and upon succcess or failure, redirect users back to the specified url.
+
+
+ The context.
+
+
+ The return url after users have completed authenticating against external website.
+
+
+
+
+ Check if authentication succeeded after user is redirected back from the service provider.
+
+
+ The context.
+
+
+ An instance of containing authentication result.
+
+
+
+
+ Check if authentication succeeded after user is redirected back from the service provider.
+
+ The context.
+ The return URL which should match the value passed to RequestAuthentication() method.
+
+ An instance of containing authentication result.
+
+
+
+
+ Gets the full url pointing to the login page for this client. The url should include the specified return url so that when the login completes, user is redirected back to that url.
+
+
+ The return URL.
+
+
+ An absolute URL.
+
+
+
+
+ Given the access token, gets the logged-in user's data. The returned dictionary must include two keys 'id', and 'username'.
+
+
+ The access token of the current user.
+
+
+ A dictionary contains key-value pairs of user data
+
+
+
+
+ Queries the access token from the specified authorization code.
+
+
+ The return URL.
+
+
+ The authorization code.
+
+
+ The access token
+
+
+
+
+ Gets the name of the provider which provides authentication service.
+
+
+
+
+ The authorization endpoint.
+
+
+
+
+ The token endpoint.
+
+
+
+
+ The _app id.
+
+
+
+
+ The _app secret.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+ The app id.
+
+
+ The app secret.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The provider name.
+ The app id.
+ The app secret.
+
+
+
+ Gets the full url pointing to the login page for this client. The url should include the specified return url so that when the login completes, user is redirected back to that url.
+
+ The return URL.
+
+ An absolute URL.
+
+
+
+
+ Given the access token, gets the logged-in user's data. The returned dictionary must include two keys 'id', and 'username'.
+
+
+ The access token of the current user.
+
+
+ A dictionary contains key-value pairs of user data
+
+
+
+
+ Queries the access token from the specified authorization code.
+
+
+ The return URL.
+
+
+ The authorization code.
+
+
+ The query access token.
+
+
+
+
+ Gets the identifier for this client as it is registered with Microsoft.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The app id.
+ The app secret.
+
+
+
+ Stores OAuth tokens in the current request's cookie
+
+
+
+
+ A token manager for use by a web site in its role as a consumer of
+ an individual ServiceProvider.
+
+
+ This interface is used by clients of the DotNetOpenAuth.AspNet classes.
+
+
+
+
+ Gets the token secret from the specified token.
+
+ The token.
+ The token's secret
+
+
+
+ Stores the request token together with its secret.
+
+ The request token.
+ The request token secret.
+
+
+
+ Replaces the request token with access token.
+
+ The request token.
+ The access token.
+ The access token secret.
+
+
+
+ Key used for token cookie
+
+
+
+
+ Primary request context.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The current request context.
+
+
+
+ Gets the token secret from the specified token.
+
+ The token.
+
+ The token's secret
+
+
+
+
+ Replaces the request token with access token.
+
+ The request token.
+ The access token.
+ The access token secret.
+
+
+
+ Stores the request token together with its secret.
+
+ The request token.
+ The request token secret.
+
+
+
+ Protect and url-encode the specified token secret.
+
+ The token to be used as a key.
+ The token secret to be protected
+ The encrypted and protected string.
+
+
+
+ Url-decode and unprotect the specified encrypted token string.
+
+ The token to be used as a key.
+ The encrypted token to be decrypted
+ The original token secret
+
+
+
+ Gets the effective HttpContext object to use.
+
+
+
+
+ Stores OAuth tokens in the current request's cookie.
+
+
+ This class is different from the in that
+ it also stores the access token after the authentication has succeeded.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The current request context.
+
+
+
+ Gets the token secret from the specified token.
+
+ The token.
+
+ The token's secret
+
+
+
+
+ Replaces the request token with access token.
+
+ The request token.
+ The access token.
+ The access token secret.
+
+
+
+ Simple wrapper around IConsumerTokenManager
+
+
+
+
+ Store the token manager.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The consumer key.
+ The consumer secret.
+ The OAuth token manager.
+
+
+
+ Gets the Token Secret given a request or access token.
+
+ The request or access token.
+
+ The secret associated with the given token.
+
+ Thrown if the secret cannot be found for the given token.
+
+
+
+ Stores a newly generated unauthorized request token, secret, and optional
+ application-specific parameters for later recall.
+
+ The request message that resulted in the generation of a new unauthorized request token.
+ The response message that includes the unauthorized request token.
+ Thrown if the consumer key is not registered, or a required parameter was not found in the parameters collection.
+
+
+
+ Deletes a request token and its associated secret and stores a new access token and secret.
+
+ The Consumer that is exchanging its request token for an access token.
+ The Consumer's request token that should be deleted/expired.
+ The new access token that is being issued to the Consumer.
+ The secret associated with the newly issued access token.
+
+
+
+ Classifies a token as a request token or an access token.
+
+ The token to classify.
+
+ Request or Access token, or invalid if the token is not recognized.
+
+
+
+
+ Gets the consumer key.
+
+
+ The consumer key.
+
+
+
+
+ Gets the consumer secret.
+
+
+ The consumer secret.
+
+
+
+
+ The facebook client.
+
+
+
+
+ The authorization endpoint.
+
+
+
+
+ The token endpoint.
+
+
+
+
+ The _app id.
+
+
+
+
+ The _app secret.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+ The app id.
+
+
+ The app secret.
+
+
+
+
+ The get service login url.
+
+
+ The return url.
+
+ An absolute URI.
+
+
+
+ The get user data.
+
+
+ The access token.
+
+ A dictionary of profile data.
+
+
+
+ Obtains an access token given an authorization code and callback URL.
+
+
+ The return url.
+
+
+ The authorization code.
+
+
+ The access token.
+
+
+
+
+ Converts any % encoded values in the URL to uppercase.
+
+ The URL string to normalize
+ The normalized url
+ NormalizeHexEncoding("Login.aspx?ReturnUrl=%2fAccount%2fManage.aspx") returns "Login.aspx?ReturnUrl=%2FAccount%2FManage.aspx"
+
+ There is an issue in Facebook whereby it will rejects the redirect_uri value if
+ the url contains lowercase % encoded values.
+
+
+
+
+ Contains data of a Facebook user.
+
+
+ Technically, this class doesn't need to be public, but because we want to make it serializable in medium trust, it has to be public.
+
+
+
+
+ Gets or sets the birthday.
+
+ The birthday.
+
+
+
+ Gets or sets the email.
+
+ The email.
+
+
+
+ Gets or sets the gender.
+
+ The gender.
+
+
+
+ Gets or sets the id.
+
+ The id.
+
+
+
+ Gets or sets the link.
+
+ The link.
+
+
+
+ Gets or sets the name.
+
+ The name.
+
+
+
+ The json helper.
+
+
+
+
+ The deserialize.
+
+
+ The stream.
+
+ The type of the value to deserialize.
+
+ The deserialized value.
+
+
+
+
+ Captures the result of an access token request, including an optional refresh token.
+
+
+
+
+ Gets or sets the access token.
+
+ The access token.
+
+
+
+ Gets or sets the refresh token.
+
+ The refresh token.
+
+
+
+ Gets or sets the scope.
+
+ The scope.
+
+
+
+ Gets or sets the type of the token.
+
+ The type of the token.
+
+
+
+ Contains data of a Windows Live user.
+
+
+ Technically, this class doesn't need to be public, but because we want to make it serializable in medium trust, it has to be public.
+
+
+
+
+ Gets or sets the first name.
+
+ The first name.
+
+
+
+ Gets or sets the gender.
+
+ The gender.
+
+
+
+ Gets or sets the id.
+
+ The id.
+
+
+
+ Gets or sets the last name.
+
+ The last name.
+
+
+
+ Gets or sets the link.
+
+ The link.
+
+
+
+ Gets or sets the name.
+
+ The name.
+
+
+
+ The dot net open auth web consumer.
+
+
+
+
+ The io auth web worker.
+
+
+
+
+ The prepare authorized request.
+
+
+ The profile endpoint.
+
+
+ The access token.
+
+ An HTTP request.
+
+
+
+ The process user authorization.
+
+ The response message.
+
+
+
+ The request authentication.
+
+
+ The callback.
+
+
+
+
+ The _web consumer.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+ The service description.
+
+
+ The token manager.
+
+
+
+
+ The prepare authorized request.
+
+
+ The profile endpoint.
+
+
+ The access token.
+
+ An HTTP request.
+
+
+
+ The process user authorization.
+
+ The response message.
+
+
+
+ The request authentication.
+
+
+ The callback.
+
+
+
+
+ Performs application-defined tasks associated with freeing, releasing, or resetting unmanaged resources.
+
+ 2
+
+
+
+ Releases unmanaged and - optionally - managed resources
+
+ true to release both managed and unmanaged resources; false to release only unmanaged resources.
+
+
+
+ An implementation of IOAuthTokenManager which stores keys in memory.
+
+
+
+
+ The _tokens and secrets.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+ The consumer key.
+
+
+ The consumer secret.
+
+
+
+
+ Deletes a request token and its associated secret and stores a new access token and secret.
+
+
+ The Consumer that is exchanging its request token for an access token.
+
+
+ The Consumer's request token that should be deleted/expired.
+
+
+ The new access token that is being issued to the Consumer.
+
+
+ The secret associated with the newly issued access token.
+
+
+
+ Any scope of granted privileges associated with the request token from the
+ original call to
+
+ should be carried over
+ to the new Access Token.
+
+
+ To associate a user account with the new access token,
+ HttpContext.Current.User
+ may be
+ useful in an ASP.NET web application within the implementation of this method.
+ Alternatively you may store the access token here without associating with a user account,
+ and wait until
+
+ or
+
+ return the access
+ token to associate the access token with a user account at that point.
+
+
+
+
+
+ Gets the Token Secret given a request or access token.
+
+
+ The request or access token.
+
+
+ The secret associated with the given token.
+
+
+ Thrown if the secret cannot be found for the given token.
+
+
+
+
+ Classifies a token as a request token or an access token.
+
+
+ The token to classify.
+
+
+ Request or Access token, or invalid if the token is not recognized.
+
+
+
+
+ Stores a newly generated unauthorized request token, secret, and optional application-specific parameters for later recall.
+
+
+ The request message that resulted in the generation of a new unauthorized request token.
+
+
+ The response message that includes the unauthorized request token.
+
+
+ Thrown if the consumer key is not registered, or a required parameter was not found in the parameters collection.
+
+
+ Request tokens stored by this method SHOULD NOT associate any user account with this token. It usually opens up security holes in your application to do so. Instead, you associate a user account with access tokens (not request tokens) in the method.
+
+
+
+
+ Gets the consumer key.
+
+
+
+
+ Gets the consumer secret.
+
+
+
+
+ Represents LinkedIn authentication client.
+
+
+
+
+ Represents base class for OAuth 1.0 clients
+
+
+
+
+ Initializes a new instance of the class.
+
+
+ Name of the provider.
+
+
+ The service description.
+
+
+ The consumer key.
+
+
+ The consumer secret.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+ Name of the provider.
+
+
+ The service Description.
+
+
+ The token Manager.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+ The provider name.
+
+
+ The web worker.
+
+
+
+
+ Attempts to authenticate users by forwarding them to an external website, and upon succcess or failure, redirect users back to the specified url.
+
+
+ The context.
+
+
+ The return url after users have completed authenticating against external website.
+
+
+
+
+ Check if authentication succeeded after user is redirected back from the service provider.
+
+
+ The context.
+
+
+ An instance of containing authentication result.
+
+
+
+
+ Helper method to load an XDocument from an input stream.
+
+ The input stream from which to load the document.
+ The XML document.
+
+
+
+ Check if authentication succeeded after user is redirected back from the service provider.
+
+
+ The response token returned from service provider
+
+
+ Authentication result
+
+
+
+
+ Gets the name of the provider which provides authentication service.
+
+
+
+
+ Gets the OAuthWebConsumer instance which handles constructing requests to the OAuth providers.
+
+
+
+
+ Describes the OAuth service provider endpoints for LinkedIn.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+ Tokens exchanged during the OAuth handshake are stored in cookies.
+
+
+ The LinkedIn app's consumer key.
+
+
+ The LinkedIn app's consumer secret.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The consumer key.
+ The consumer secret.
+ The token manager.
+
+
+
+ Check if authentication succeeded after user is redirected back from the service provider.
+
+
+ The response token returned from service provider
+
+
+ Authentication result.
+
+
+
+
+ Represents a Twitter client
+
+
+
+
+ The description of Twitter's OAuth protocol URIs for use with their "Sign in with Twitter" feature.
+
+
+
+
+ Initializes a new instance of the class with the specified consumer key and consumer secret.
+
+
+ Tokens exchanged during the OAuth handshake are stored in cookies.
+
+
+ The consumer key.
+
+
+ The consumer secret.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The consumer key.
+ The consumer secret.
+ The token manager.
+
+
+
+ Check if authentication succeeded after user is redirected back from the service provider.
+
+
+ The response token returned from service provider
+
+
+ Authentication result
+
+
+
+
+ Represents Google OpenID client.
+
+
+
+
+ Base classes for OpenID clients.
+
+
+
+
+ The openid relying party.
+
+
+ Pass null as applicationStore to specify dumb mode
+
+
+
+
+ The provider identifier.
+
+
+
+
+ The provider name.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+ Name of the provider.
+
+
+ The provider identifier, which is the usually the login url of the specified provider.
+
+
+
+
+ Attempts to authenticate users by forwarding them to an external website, and upon succcess or failure, redirect users back to the specified url.
+
+
+ The context of the current request.
+
+
+ The return url after users have completed authenticating against external website.
+
+
+
+
+ Check if authentication succeeded after user is redirected back from the service provider.
+
+
+ The context of the current request.
+
+
+ An instance of containing authentication result.
+
+
+
+
+ Gets the extra data obtained from the response message when authentication is successful.
+
+
+ The response message.
+
+ Always null.
+
+
+
+ Called just before the authentication request is sent to service provider.
+
+
+ The request.
+
+
+
+
+ Gets the name of the provider which provides authentication service.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Gets the extra data obtained from the response message when authentication is successful.
+
+
+ The response message.
+
+ A dictionary of profile data; or null if no data is available.
+
+
+
+ Called just before the authentication request is sent to service provider.
+
+
+ The request.
+
+
+
+
+ The yahoo open id client.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Gets the extra data obtained from the response message when authentication is successful.
+
+
+ The response message.
+
+ A dictionary of profile data; or null if no data is available.
+
+
+
+ Called just before the authentication request is sent to service provider.
+
+
+ The request.
+
+
+
+
+ Provides helpers that mimic the ASP.NET 4.5 MachineKey.Protect / Unprotect APIs,
+ even when running on ASP.NET 4.0. Consumers are expected to follow the same
+ conventions used by the MachineKey.Protect / Unprotect APIs (consult MSDN docs
+ for how these are meant to be used). Additionally, since this helper class
+ dynamically switches between the two based on whether the current application is
+ .NET 4.0 or 4.5, consumers should never persist output from the Protect method
+ since the implementation will change when upgrading 4.0 -> 4.5. This should be
+ used for transient data only.
+
+
+
+
+ MachineKey implementation depending on the target .NET framework version
+
+
+
+
+ Protects the specified user data.
+
+ The user data.
+ The purposes.
+ The encrypted data
+
+
+
+ Unprotects the specified protected data.
+
+ The protected data.
+ The purposes.
+ The unencrypted data
+
+
+
+ Gets the machine key implementation based on the runtime framework version.
+
+ The machine key implementation
+
+
+
+ ProtectUnprotect delegate.
+
+ The data.
+ The purposes.
+ Result of either Protect or Unprotect methods.
+
+
+
+ Abstract the MachineKey implementation in .NET 4.0 and 4.5
+
+
+
+
+ Protects the specified user data.
+
+ The user data.
+ The purposes.
+ The protected data.
+
+
+
+ Unprotects the specified protected data.
+
+ The protected data.
+ The purposes.
+ The unprotected data.
+
+
+
+ On ASP.NET 4.0, we perform some transforms which mimic the behaviors of MachineKey.Protect
+ and Unprotect.
+
+
+
+
+ This is the magic header that identifies a MachineKey40 payload.
+ It helps differentiate this from other encrypted payloads.
+
+
+
+ The SHA-256 factory to be used.
+
+
+
+
+ Protects the specified user data.
+
+ The user data.
+ The purposes.
+ The protected data
+
+
+
+ Unprotects the specified protected data.
+
+ The protected data.
+ The purposes.
+ The unprotected data
+
+
+
+ Convert bytes to hex string.
+
+ The input array.
+ Hex string
+
+
+
+ This method is specially written to take the same amount of time
+ regardless of where 'a' and 'b' differ. Please do not optimize it.
+ first array.
+ second array.
+ if equal, others
+
+
+
+ Computes a SHA256 hash over all of the input parameters.
+ Each parameter is UTF8 encoded and preceded by a 7-bit encoded
+ integer describing the encoded byte length of the string.
+ The parameters.
+ The output hash
+
+
+
+ Gets the SHA-256 factory.
+
+ SHA256 factory
+
+
+
+ Convert to hex character
+
+ The value to be converted.
+ Hex character
+
+
+
+ Convert hdex string to bytes.
+
+ Input hex string.
+ The bytes
+
+
+
+ Convert hex digit to byte.
+
+ The hex digit.
+ The byte
+
+
+
+ On ASP.NET 4.5, we can just delegate to MachineKey.Protect and MachineKey.Unprotect directly,
+ which contain optimized code paths.
+
+
+
+
+ Protect thunk
+
+
+
+
+ Unprotect thunk
+
+
+
+
+ Initializes a new instance of the class.
+
+ The protect thunk.
+ The unprotect thunk.
+
+
+
+ Protects the specified user data.
+
+ The user data.
+ The purposes.
+ The protected data
+
+
+
+ Unprotects the specified protected data.
+
+ The protected data.
+ The purposes.
+ The unprotected data
+
+
+
+ The uri helper.
+
+
+
+
+ The attach query string parameter.
+
+
+ The url.
+
+
+ The parameter name. This value should not be provided by an end user; the caller should
+ ensure that this value comes only from a literal string.
+
+
+ The parameter value.
+
+ An absolute URI.
+
+
+
+ Converts an app-relative url, e.g. ~/Content/Return.cshtml, to a full-blown url, e.g. http://mysite.com/Content/Return.cshtml
+
+
+ The return URL.
+
+
+ The context.
+
+ An absolute URI.
+
+
+
+ Common methods available on identity issuers.
+
+
+
+
+ Get a user name from an identity provider and their own assigned user ID.
+
+
+ The identity provider.
+
+
+ The issuer's ID for the user.
+
+
+ The username of the user.
+
+
+
+
+ Helper methods for setting and retrieving a custom forms authentication ticket for delegation protocols.
+
+
+
+
+ The open auth cookie token.
+
+
+
+
+ Checks whether the specified HTTP request comes from an authenticated user.
+
+
+ The context.
+
+ True if the reuest is authenticated; false otherwise.
+
+
+
+ Adds an authentication cookie to the user agent in the next HTTP response.
+
+
+ The context.
+
+
+ The user name.
+
+
+ A value indicating whether the cookie should persist across sessions.
+
+
+
+
+ Creates an HTTP authentication cookie.
+
+
+ The user name.
+
+
+ A value indicating whether the cookie should last across sessions.
+
+ An authentication cookie.
+
+
+
+ Manage authenticating with an external OAuth or OpenID provider
+
+
+
+
+ Purposes string used for protecting the anti-XSRF token.
+
+
+
+
+ The provider query string name.
+
+
+
+
+ The query string name for session id.
+
+
+
+
+ The cookie name for session id.
+
+
+
+
+ The _authentication provider.
+
+
+
+
+ The _data provider.
+
+
+
+
+ The _request context.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+ The request context.
+
+
+ The provider.
+
+
+ The data provider.
+
+
+
+
+ Gets the provider that is responding to an authentication request.
+
+
+ The HTTP request context.
+
+
+ The provider name, if one is available.
+
+
+
+
+ Checks if the specified provider user id represents a valid account. If it does, log user in.
+
+
+ The provider user id.
+
+
+ if set to true create persistent cookie.
+
+
+ true if the login is successful.
+
+
+
+
+ Requests the specified provider to start the authentication by directing users to an external website
+
+
+ The return url after user is authenticated.
+
+
+
+
+ Checks if user is successfully authenticated when user is redirected back to this user.
+
+ The return Url which must match exactly the Url passed into RequestAuthentication() earlier.
+
+ This returnUrl parameter only applies to OAuth2 providers. For other providers, it ignores the returnUrl parameter.
+
+
+ The result of the authentication.
+
+
+
+
+ Returns the username of the current logged-in user.
+
+ The HTTP request context.
+ The username, or String.Empty if anonymous.
+
+
+
+ Validates the request against XSRF attack.
+
+ The session id embedded in the query string.
+
+ true if the request is safe. Otherwise, false.
+
+
+
+
+ Gets a value indicating whether IsAuthenticatedWithOpenAuth.
+
+
+
+
+ A strongly-typed resource class, for looking up localized strings, etc.
+
+
+
+
+ Returns the cached ResourceManager instance used by this class.
+
+
+
+
+ Overrides the current thread's CurrentUICulture property for all
+ resource lookups using this strongly typed resource class.
+
+
+
+
+ Looks up a localized string similar to A setting in web.config requires a secure connection for this request but the current connection is not secured..
+
+
+
+
+ Looks up a localized string similar to Unable to encrypt the authentication ticket..
+
+
+
+
+ Looks up a localized string similar to The provided data could not be decrypted. If the current application is deployed in a web farm configuration, ensure that the 'decryptionKey' and 'validationKey' attributes are explicitly specified in the <machineKey> configuration section..
+
+
+
+
+ Looks up a localized string similar to An OAuth data provider has already been registered for this application..
+
+
+
+
+ Looks up a localized string similar to This operation is not supported on the current provider. Call the overload of VerifyAuthentication() which accepts a return url..
+
+
+
+
+ Looks up a localized string similar to Failed to obtain the authentication response from service provider..
+
+
+
+
diff --git a/PROJ-ETS/packages/DotNetOpenAuth.AspNet.4.3.0.13117/lib/net45-full/DotNetOpenAuth.AspNet.dll b/PROJ-ETS/packages/DotNetOpenAuth.AspNet.4.3.0.13117/lib/net45-full/DotNetOpenAuth.AspNet.dll
new file mode 100644
index 0000000..e8a7d14
Binary files /dev/null and b/PROJ-ETS/packages/DotNetOpenAuth.AspNet.4.3.0.13117/lib/net45-full/DotNetOpenAuth.AspNet.dll differ
diff --git a/PROJ-ETS/packages/DotNetOpenAuth.AspNet.4.3.0.13117/lib/net45-full/DotNetOpenAuth.AspNet.xml b/PROJ-ETS/packages/DotNetOpenAuth.AspNet.4.3.0.13117/lib/net45-full/DotNetOpenAuth.AspNet.xml
new file mode 100644
index 0000000..2b2c191
--- /dev/null
+++ b/PROJ-ETS/packages/DotNetOpenAuth.AspNet.4.3.0.13117/lib/net45-full/DotNetOpenAuth.AspNet.xml
@@ -0,0 +1,1745 @@
+
+
+
+ DotNetOpenAuth.AspNet
+
+
+
+
+ Represents the result of OAuth or OpenID authentication.
+
+
+
+
+ Returns an instance which indicates failed authentication.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+ if set to true [is successful].
+
+
+
+
+ Initializes a new instance of the class.
+
+
+ The exception.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The exception.
+ The provider name.
+
+
+
+ Initializes a new instance of the class.
+
+
+ if set to true [is successful].
+
+
+ The provider.
+
+
+ The provider user id.
+
+
+ Name of the user.
+
+
+ The extra data.
+
+
+
+
+ Gets the error that may have occured during the authentication process
+
+
+
+
+ Gets the optional extra data that may be returned from the provider
+
+
+
+
+ Gets a value indicating whether the authentication step is successful.
+
+ true if authentication is successful; otherwise, false .
+
+
+
+ Gets the provider's name.
+
+
+
+
+ Gets the user id that is returned from the provider. It is unique only within the Provider's namespace.
+
+
+
+
+ Gets an (insecure, non-unique) alias for the user that the user should recognize as himself/herself.
+
+ This may take the form of an email address, a URL, or any other value that the user may recognize.
+
+ This alias may come from the Provider or may be derived by the relying party if the Provider does not supply one.
+ It is not guaranteed to be unique and certainly does not merit any trust in any suggested authenticity.
+
+
+
+
+ The dictionary extensions.
+
+
+
+
+ Adds the value from an XDocument with the specified element name if it's not empty.
+
+
+ The dictionary.
+
+
+ The document.
+
+
+ Name of the element.
+
+
+
+
+ Adds a key/value pair to the specified dictionary if the value is not null or empty.
+
+
+ The dictionary.
+
+
+ The key.
+
+
+ The value.
+
+
+
+
+ The WindowsLive client.
+
+
+ The WindowsLive brand is being replaced by Microsoft account brand.
+ We keep this class for backward compatibility only.
+
+
+
+
+ The Microsoft account client.
+
+
+
+
+ Represents the base class for OAuth 2.0 clients
+
+
+
+
+ Represents a client which can authenticate users via an external website/provider.
+
+
+
+
+ Attempts to authenticate users by forwarding them to an external website, and upon succcess or failure, redirect users back to the specified url.
+
+
+ The context of the current request.
+
+
+ The return url after users have completed authenticating against external website.
+
+
+
+
+ Check if authentication succeeded after user is redirected back from the service provider.
+
+
+ The context of the current request.
+
+
+ An instance of containing authentication result.
+
+
+
+
+ Gets the name of the provider which provides authentication service.
+
+
+
+
+ The provider name.
+
+
+
+
+ Initializes a new instance of the class with the specified provider name.
+
+
+ Name of the provider.
+
+
+
+
+ Attempts to authenticate users by forwarding them to an external website, and upon succcess or failure, redirect users back to the specified url.
+
+
+ The context.
+
+
+ The return url after users have completed authenticating against external website.
+
+
+
+
+ Check if authentication succeeded after user is redirected back from the service provider.
+
+
+ The context.
+
+
+ An instance of containing authentication result.
+
+
+
+
+ Check if authentication succeeded after user is redirected back from the service provider.
+
+ The context.
+ The return URL which should match the value passed to RequestAuthentication() method.
+
+ An instance of containing authentication result.
+
+
+
+
+ Gets the full url pointing to the login page for this client. The url should include the specified return url so that when the login completes, user is redirected back to that url.
+
+
+ The return URL.
+
+
+ An absolute URL.
+
+
+
+
+ Given the access token, gets the logged-in user's data. The returned dictionary must include two keys 'id', and 'username'.
+
+
+ The access token of the current user.
+
+
+ A dictionary contains key-value pairs of user data
+
+
+
+
+ Queries the access token from the specified authorization code.
+
+
+ The return URL.
+
+
+ The authorization code.
+
+
+ The access token
+
+
+
+
+ Gets the name of the provider which provides authentication service.
+
+
+
+
+ The authorization endpoint.
+
+
+
+
+ The token endpoint.
+
+
+
+
+ The _app id.
+
+
+
+
+ The _app secret.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+ The app id.
+
+
+ The app secret.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The provider name.
+ The app id.
+ The app secret.
+
+
+
+ Gets the full url pointing to the login page for this client. The url should include the specified return url so that when the login completes, user is redirected back to that url.
+
+ The return URL.
+
+ An absolute URL.
+
+
+
+
+ Given the access token, gets the logged-in user's data. The returned dictionary must include two keys 'id', and 'username'.
+
+
+ The access token of the current user.
+
+
+ A dictionary contains key-value pairs of user data
+
+
+
+
+ Queries the access token from the specified authorization code.
+
+
+ The return URL.
+
+
+ The authorization code.
+
+
+ The query access token.
+
+
+
+
+ Gets the identifier for this client as it is registered with Microsoft.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The app id.
+ The app secret.
+
+
+
+ Stores OAuth tokens in the current request's cookie
+
+
+
+
+ A token manager for use by a web site in its role as a consumer of
+ an individual ServiceProvider.
+
+
+ This interface is used by clients of the DotNetOpenAuth.AspNet classes.
+
+
+
+
+ Gets the token secret from the specified token.
+
+ The token.
+ The token's secret
+
+
+
+ Stores the request token together with its secret.
+
+ The request token.
+ The request token secret.
+
+
+
+ Replaces the request token with access token.
+
+ The request token.
+ The access token.
+ The access token secret.
+
+
+
+ Key used for token cookie
+
+
+
+
+ Primary request context.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The current request context.
+
+
+
+ Gets the token secret from the specified token.
+
+ The token.
+
+ The token's secret
+
+
+
+
+ Replaces the request token with access token.
+
+ The request token.
+ The access token.
+ The access token secret.
+
+
+
+ Stores the request token together with its secret.
+
+ The request token.
+ The request token secret.
+
+
+
+ Protect and url-encode the specified token secret.
+
+ The token to be used as a key.
+ The token secret to be protected
+ The encrypted and protected string.
+
+
+
+ Url-decode and unprotect the specified encrypted token string.
+
+ The token to be used as a key.
+ The encrypted token to be decrypted
+ The original token secret
+
+
+
+ Gets the effective HttpContext object to use.
+
+
+
+
+ Stores OAuth tokens in the current request's cookie.
+
+
+ This class is different from the in that
+ it also stores the access token after the authentication has succeeded.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The current request context.
+
+
+
+ Gets the token secret from the specified token.
+
+ The token.
+
+ The token's secret
+
+
+
+
+ Replaces the request token with access token.
+
+ The request token.
+ The access token.
+ The access token secret.
+
+
+
+ Simple wrapper around IConsumerTokenManager
+
+
+
+
+ Store the token manager.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The consumer key.
+ The consumer secret.
+ The OAuth token manager.
+
+
+
+ Gets the Token Secret given a request or access token.
+
+ The request or access token.
+
+ The secret associated with the given token.
+
+ Thrown if the secret cannot be found for the given token.
+
+
+
+ Stores a newly generated unauthorized request token, secret, and optional
+ application-specific parameters for later recall.
+
+ The request message that resulted in the generation of a new unauthorized request token.
+ The response message that includes the unauthorized request token.
+ Thrown if the consumer key is not registered, or a required parameter was not found in the parameters collection.
+
+
+
+ Deletes a request token and its associated secret and stores a new access token and secret.
+
+ The Consumer that is exchanging its request token for an access token.
+ The Consumer's request token that should be deleted/expired.
+ The new access token that is being issued to the Consumer.
+ The secret associated with the newly issued access token.
+
+
+
+ Classifies a token as a request token or an access token.
+
+ The token to classify.
+
+ Request or Access token, or invalid if the token is not recognized.
+
+
+
+
+ Gets the consumer key.
+
+
+ The consumer key.
+
+
+
+
+ Gets the consumer secret.
+
+
+ The consumer secret.
+
+
+
+
+ The facebook client.
+
+
+
+
+ The authorization endpoint.
+
+
+
+
+ The token endpoint.
+
+
+
+
+ The _app id.
+
+
+
+
+ The _app secret.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+ The app id.
+
+
+ The app secret.
+
+
+
+
+ The get service login url.
+
+
+ The return url.
+
+ An absolute URI.
+
+
+
+ The get user data.
+
+
+ The access token.
+
+ A dictionary of profile data.
+
+
+
+ Obtains an access token given an authorization code and callback URL.
+
+
+ The return url.
+
+
+ The authorization code.
+
+
+ The access token.
+
+
+
+
+ Converts any % encoded values in the URL to uppercase.
+
+ The URL string to normalize
+ The normalized url
+ NormalizeHexEncoding("Login.aspx?ReturnUrl=%2fAccount%2fManage.aspx") returns "Login.aspx?ReturnUrl=%2FAccount%2FManage.aspx"
+
+ There is an issue in Facebook whereby it will rejects the redirect_uri value if
+ the url contains lowercase % encoded values.
+
+
+
+
+ Contains data of a Facebook user.
+
+
+ Technically, this class doesn't need to be public, but because we want to make it serializable in medium trust, it has to be public.
+
+
+
+
+ Gets or sets the birthday.
+
+ The birthday.
+
+
+
+ Gets or sets the email.
+
+ The email.
+
+
+
+ Gets or sets the gender.
+
+ The gender.
+
+
+
+ Gets or sets the id.
+
+ The id.
+
+
+
+ Gets or sets the link.
+
+ The link.
+
+
+
+ Gets or sets the name.
+
+ The name.
+
+
+
+ The json helper.
+
+
+
+
+ The deserialize.
+
+
+ The stream.
+
+ The type of the value to deserialize.
+
+ The deserialized value.
+
+
+
+
+ Captures the result of an access token request, including an optional refresh token.
+
+
+
+
+ Gets or sets the access token.
+
+ The access token.
+
+
+
+ Gets or sets the refresh token.
+
+ The refresh token.
+
+
+
+ Gets or sets the scope.
+
+ The scope.
+
+
+
+ Gets or sets the type of the token.
+
+ The type of the token.
+
+
+
+ Contains data of a Windows Live user.
+
+
+ Technically, this class doesn't need to be public, but because we want to make it serializable in medium trust, it has to be public.
+
+
+
+
+ Gets or sets the first name.
+
+ The first name.
+
+
+
+ Gets or sets the gender.
+
+ The gender.
+
+
+
+ Gets or sets the id.
+
+ The id.
+
+
+
+ Gets or sets the last name.
+
+ The last name.
+
+
+
+ Gets or sets the link.
+
+ The link.
+
+
+
+ Gets or sets the name.
+
+ The name.
+
+
+
+ The dot net open auth web consumer.
+
+
+
+
+ The io auth web worker.
+
+
+
+
+ The prepare authorized request.
+
+
+ The profile endpoint.
+
+
+ The access token.
+
+ An HTTP request.
+
+
+
+ The process user authorization.
+
+ The response message.
+
+
+
+ The request authentication.
+
+
+ The callback.
+
+
+
+
+ The _web consumer.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+ The service description.
+
+
+ The token manager.
+
+
+
+
+ The prepare authorized request.
+
+
+ The profile endpoint.
+
+
+ The access token.
+
+ An HTTP request.
+
+
+
+ The process user authorization.
+
+ The response message.
+
+
+
+ The request authentication.
+
+
+ The callback.
+
+
+
+
+ Performs application-defined tasks associated with freeing, releasing, or resetting unmanaged resources.
+
+ 2
+
+
+
+ Releases unmanaged and - optionally - managed resources
+
+ true to release both managed and unmanaged resources; false to release only unmanaged resources.
+
+
+
+ An implementation of IOAuthTokenManager which stores keys in memory.
+
+
+
+
+ The _tokens and secrets.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+ The consumer key.
+
+
+ The consumer secret.
+
+
+
+
+ Deletes a request token and its associated secret and stores a new access token and secret.
+
+
+ The Consumer that is exchanging its request token for an access token.
+
+
+ The Consumer's request token that should be deleted/expired.
+
+
+ The new access token that is being issued to the Consumer.
+
+
+ The secret associated with the newly issued access token.
+
+
+
+ Any scope of granted privileges associated with the request token from the
+ original call to
+
+ should be carried over
+ to the new Access Token.
+
+
+ To associate a user account with the new access token,
+ HttpContext.Current.User
+ may be
+ useful in an ASP.NET web application within the implementation of this method.
+ Alternatively you may store the access token here without associating with a user account,
+ and wait until
+
+ or
+
+ return the access
+ token to associate the access token with a user account at that point.
+
+
+
+
+
+ Gets the Token Secret given a request or access token.
+
+
+ The request or access token.
+
+
+ The secret associated with the given token.
+
+
+ Thrown if the secret cannot be found for the given token.
+
+
+
+
+ Classifies a token as a request token or an access token.
+
+
+ The token to classify.
+
+
+ Request or Access token, or invalid if the token is not recognized.
+
+
+
+
+ Stores a newly generated unauthorized request token, secret, and optional application-specific parameters for later recall.
+
+
+ The request message that resulted in the generation of a new unauthorized request token.
+
+
+ The response message that includes the unauthorized request token.
+
+
+ Thrown if the consumer key is not registered, or a required parameter was not found in the parameters collection.
+
+
+ Request tokens stored by this method SHOULD NOT associate any user account with this token. It usually opens up security holes in your application to do so. Instead, you associate a user account with access tokens (not request tokens) in the method.
+
+
+
+
+ Gets the consumer key.
+
+
+
+
+ Gets the consumer secret.
+
+
+
+
+ Represents LinkedIn authentication client.
+
+
+
+
+ Represents base class for OAuth 1.0 clients
+
+
+
+
+ Initializes a new instance of the class.
+
+
+ Name of the provider.
+
+
+ The service description.
+
+
+ The consumer key.
+
+
+ The consumer secret.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+ Name of the provider.
+
+
+ The service Description.
+
+
+ The token Manager.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+ The provider name.
+
+
+ The web worker.
+
+
+
+
+ Attempts to authenticate users by forwarding them to an external website, and upon succcess or failure, redirect users back to the specified url.
+
+
+ The context.
+
+
+ The return url after users have completed authenticating against external website.
+
+
+
+
+ Check if authentication succeeded after user is redirected back from the service provider.
+
+
+ The context.
+
+
+ An instance of containing authentication result.
+
+
+
+
+ Helper method to load an XDocument from an input stream.
+
+ The input stream from which to load the document.
+ The XML document.
+
+
+
+ Check if authentication succeeded after user is redirected back from the service provider.
+
+
+ The response token returned from service provider
+
+
+ Authentication result
+
+
+
+
+ Gets the name of the provider which provides authentication service.
+
+
+
+
+ Gets the OAuthWebConsumer instance which handles constructing requests to the OAuth providers.
+
+
+
+
+ Describes the OAuth service provider endpoints for LinkedIn.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+ Tokens exchanged during the OAuth handshake are stored in cookies.
+
+
+ The LinkedIn app's consumer key.
+
+
+ The LinkedIn app's consumer secret.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The consumer key.
+ The consumer secret.
+ The token manager.
+
+
+
+ Check if authentication succeeded after user is redirected back from the service provider.
+
+
+ The response token returned from service provider
+
+
+ Authentication result.
+
+
+
+
+ Represents a Twitter client
+
+
+
+
+ The description of Twitter's OAuth protocol URIs for use with their "Sign in with Twitter" feature.
+
+
+
+
+ Initializes a new instance of the class with the specified consumer key and consumer secret.
+
+
+ Tokens exchanged during the OAuth handshake are stored in cookies.
+
+
+ The consumer key.
+
+
+ The consumer secret.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The consumer key.
+ The consumer secret.
+ The token manager.
+
+
+
+ Check if authentication succeeded after user is redirected back from the service provider.
+
+
+ The response token returned from service provider
+
+
+ Authentication result
+
+
+
+
+ Represents Google OpenID client.
+
+
+
+
+ Base classes for OpenID clients.
+
+
+
+
+ The openid relying party.
+
+
+ Pass null as applicationStore to specify dumb mode
+
+
+
+
+ The provider identifier.
+
+
+
+
+ The provider name.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+ Name of the provider.
+
+
+ The provider identifier, which is the usually the login url of the specified provider.
+
+
+
+
+ Attempts to authenticate users by forwarding them to an external website, and upon succcess or failure, redirect users back to the specified url.
+
+
+ The context of the current request.
+
+
+ The return url after users have completed authenticating against external website.
+
+
+
+
+ Check if authentication succeeded after user is redirected back from the service provider.
+
+
+ The context of the current request.
+
+
+ An instance of containing authentication result.
+
+
+
+
+ Gets the extra data obtained from the response message when authentication is successful.
+
+
+ The response message.
+
+ Always null.
+
+
+
+ Called just before the authentication request is sent to service provider.
+
+
+ The request.
+
+
+
+
+ Gets the name of the provider which provides authentication service.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Gets the extra data obtained from the response message when authentication is successful.
+
+
+ The response message.
+
+ A dictionary of profile data; or null if no data is available.
+
+
+
+ Called just before the authentication request is sent to service provider.
+
+
+ The request.
+
+
+
+
+ The yahoo open id client.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Gets the extra data obtained from the response message when authentication is successful.
+
+
+ The response message.
+
+ A dictionary of profile data; or null if no data is available.
+
+
+
+ Called just before the authentication request is sent to service provider.
+
+
+ The request.
+
+
+
+
+ Provides helpers that mimic the ASP.NET 4.5 MachineKey.Protect / Unprotect APIs,
+ even when running on ASP.NET 4.0. Consumers are expected to follow the same
+ conventions used by the MachineKey.Protect / Unprotect APIs (consult MSDN docs
+ for how these are meant to be used). Additionally, since this helper class
+ dynamically switches between the two based on whether the current application is
+ .NET 4.0 or 4.5, consumers should never persist output from the Protect method
+ since the implementation will change when upgrading 4.0 -> 4.5. This should be
+ used for transient data only.
+
+
+
+
+ MachineKey implementation depending on the target .NET framework version
+
+
+
+
+ Protects the specified user data.
+
+ The user data.
+ The purposes.
+ The encrypted data
+
+
+
+ Unprotects the specified protected data.
+
+ The protected data.
+ The purposes.
+ The unencrypted data
+
+
+
+ Gets the machine key implementation based on the runtime framework version.
+
+ The machine key implementation
+
+
+
+ ProtectUnprotect delegate.
+
+ The data.
+ The purposes.
+ Result of either Protect or Unprotect methods.
+
+
+
+ Abstract the MachineKey implementation in .NET 4.0 and 4.5
+
+
+
+
+ Protects the specified user data.
+
+ The user data.
+ The purposes.
+ The protected data.
+
+
+
+ Unprotects the specified protected data.
+
+ The protected data.
+ The purposes.
+ The unprotected data.
+
+
+
+ On ASP.NET 4.0, we perform some transforms which mimic the behaviors of MachineKey.Protect
+ and Unprotect.
+
+
+
+
+ This is the magic header that identifies a MachineKey40 payload.
+ It helps differentiate this from other encrypted payloads.
+
+
+
+ The SHA-256 factory to be used.
+
+
+
+
+ Protects the specified user data.
+
+ The user data.
+ The purposes.
+ The protected data
+
+
+
+ Unprotects the specified protected data.
+
+ The protected data.
+ The purposes.
+ The unprotected data
+
+
+
+ Convert bytes to hex string.
+
+ The input array.
+ Hex string
+
+
+
+ This method is specially written to take the same amount of time
+ regardless of where 'a' and 'b' differ. Please do not optimize it.
+ first array.
+ second array.
+ if equal, others
+
+
+
+ Computes a SHA256 hash over all of the input parameters.
+ Each parameter is UTF8 encoded and preceded by a 7-bit encoded
+ integer describing the encoded byte length of the string.
+ The parameters.
+ The output hash
+
+
+
+ Gets the SHA-256 factory.
+
+ SHA256 factory
+
+
+
+ Convert to hex character
+
+ The value to be converted.
+ Hex character
+
+
+
+ Convert hdex string to bytes.
+
+ Input hex string.
+ The bytes
+
+
+
+ Convert hex digit to byte.
+
+ The hex digit.
+ The byte
+
+
+
+ On ASP.NET 4.5, we can just delegate to MachineKey.Protect and MachineKey.Unprotect directly,
+ which contain optimized code paths.
+
+
+
+
+ Protect thunk
+
+
+
+
+ Unprotect thunk
+
+
+
+
+ Initializes a new instance of the class.
+
+ The protect thunk.
+ The unprotect thunk.
+
+
+
+ Protects the specified user data.
+
+ The user data.
+ The purposes.
+ The protected data
+
+
+
+ Unprotects the specified protected data.
+
+ The protected data.
+ The purposes.
+ The unprotected data
+
+
+
+ The uri helper.
+
+
+
+
+ The attach query string parameter.
+
+
+ The url.
+
+
+ The parameter name. This value should not be provided by an end user; the caller should
+ ensure that this value comes only from a literal string.
+
+
+ The parameter value.
+
+ An absolute URI.
+
+
+
+ Converts an app-relative url, e.g. ~/Content/Return.cshtml, to a full-blown url, e.g. http://mysite.com/Content/Return.cshtml
+
+
+ The return URL.
+
+
+ The context.
+
+ An absolute URI.
+
+
+
+ Common methods available on identity issuers.
+
+
+
+
+ Get a user name from an identity provider and their own assigned user ID.
+
+
+ The identity provider.
+
+
+ The issuer's ID for the user.
+
+
+ The username of the user.
+
+
+
+
+ Helper methods for setting and retrieving a custom forms authentication ticket for delegation protocols.
+
+
+
+
+ The open auth cookie token.
+
+
+
+
+ Checks whether the specified HTTP request comes from an authenticated user.
+
+
+ The context.
+
+ True if the reuest is authenticated; false otherwise.
+
+
+
+ Adds an authentication cookie to the user agent in the next HTTP response.
+
+
+ The context.
+
+
+ The user name.
+
+
+ A value indicating whether the cookie should persist across sessions.
+
+
+
+
+ Creates an HTTP authentication cookie.
+
+
+ The user name.
+
+
+ A value indicating whether the cookie should last across sessions.
+
+ An authentication cookie.
+
+
+
+ Manage authenticating with an external OAuth or OpenID provider
+
+
+
+
+ Purposes string used for protecting the anti-XSRF token.
+
+
+
+
+ The provider query string name.
+
+
+
+
+ The query string name for session id.
+
+
+
+
+ The cookie name for session id.
+
+
+
+
+ The _authentication provider.
+
+
+
+
+ The _data provider.
+
+
+
+
+ The _request context.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+ The request context.
+
+
+ The provider.
+
+
+ The data provider.
+
+
+
+
+ Gets the provider that is responding to an authentication request.
+
+
+ The HTTP request context.
+
+
+ The provider name, if one is available.
+
+
+
+
+ Checks if the specified provider user id represents a valid account. If it does, log user in.
+
+
+ The provider user id.
+
+
+ if set to true create persistent cookie.
+
+
+ true if the login is successful.
+
+
+
+
+ Requests the specified provider to start the authentication by directing users to an external website
+
+
+ The return url after user is authenticated.
+
+
+
+
+ Checks if user is successfully authenticated when user is redirected back to this user.
+
+ The return Url which must match exactly the Url passed into RequestAuthentication() earlier.
+
+ This returnUrl parameter only applies to OAuth2 providers. For other providers, it ignores the returnUrl parameter.
+
+
+ The result of the authentication.
+
+
+
+
+ Returns the username of the current logged-in user.
+
+ The HTTP request context.
+ The username, or String.Empty if anonymous.
+
+
+
+ Validates the request against XSRF attack.
+
+ The session id embedded in the query string.
+
+ true if the request is safe. Otherwise, false.
+
+
+
+
+ Gets a value indicating whether IsAuthenticatedWithOpenAuth.
+
+
+
+
+ A strongly-typed resource class, for looking up localized strings, etc.
+
+
+
+
+ Returns the cached ResourceManager instance used by this class.
+
+
+
+
+ Overrides the current thread's CurrentUICulture property for all
+ resource lookups using this strongly typed resource class.
+
+
+
+
+ Looks up a localized string similar to A setting in web.config requires a secure connection for this request but the current connection is not secured..
+
+
+
+
+ Looks up a localized string similar to Unable to encrypt the authentication ticket..
+
+
+
+
+ Looks up a localized string similar to The provided data could not be decrypted. If the current application is deployed in a web farm configuration, ensure that the 'decryptionKey' and 'validationKey' attributes are explicitly specified in the <machineKey> configuration section..
+
+
+
+
+ Looks up a localized string similar to An OAuth data provider has already been registered for this application..
+
+
+
+
+ Looks up a localized string similar to This operation is not supported on the current provider. Call the overload of VerifyAuthentication() which accepts a return url..
+
+
+
+
+ Looks up a localized string similar to Failed to obtain the authentication response from service provider..
+
+
+
+
diff --git a/PROJ-ETS/packages/DotNetOpenAuth.Core.4.3.0.13117/DotNetOpenAuth.Core.4.3.0.13117.nupkg b/PROJ-ETS/packages/DotNetOpenAuth.Core.4.3.0.13117/DotNetOpenAuth.Core.4.3.0.13117.nupkg
new file mode 100644
index 0000000..e35a207
Binary files /dev/null and b/PROJ-ETS/packages/DotNetOpenAuth.Core.4.3.0.13117/DotNetOpenAuth.Core.4.3.0.13117.nupkg differ
diff --git a/PROJ-ETS/packages/DotNetOpenAuth.Core.4.3.0.13117/DotNetOpenAuth.Core.4.3.0.13117.nuspec b/PROJ-ETS/packages/DotNetOpenAuth.Core.4.3.0.13117/DotNetOpenAuth.Core.4.3.0.13117.nuspec
new file mode 100644
index 0000000..0fc6cf9
--- /dev/null
+++ b/PROJ-ETS/packages/DotNetOpenAuth.Core.4.3.0.13117/DotNetOpenAuth.Core.4.3.0.13117.nuspec
@@ -0,0 +1,28 @@
+
+
+
+ DotNetOpenAuth.Core
+ 4.3.0.13117
+ DotNetOpenAuth Core
+ Andrew Arnott
+ Andrew Arnott
+ http://www.opensource.org/licenses/ms-pl.html
+ http://www.dotnetopenauth.net/
+ https://github.com/AArnott/dotnetopenid/raw/v3.4/doc/logo/dnoa-logo_32x32.png
+ false
+ This package contains shared code for other NuGet packages, and contains no public API in and of itself.
+ Shared library implementing the messaging pipeline used by auxiliary DotNetOpenAuth libraries.
+ en-US
+
+
+
+
+
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/PROJ-ETS/packages/DotNetOpenAuth.Core.4.3.0.13117/content/web.config.transform b/PROJ-ETS/packages/DotNetOpenAuth.Core.4.3.0.13117/content/web.config.transform
new file mode 100644
index 0000000..57a4692
--- /dev/null
+++ b/PROJ-ETS/packages/DotNetOpenAuth.Core.4.3.0.13117/content/web.config.transform
@@ -0,0 +1,36 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/PROJ-ETS/packages/DotNetOpenAuth.Core.4.3.0.13117/lib/net35-full/DotNetOpenAuth.Core.dll b/PROJ-ETS/packages/DotNetOpenAuth.Core.4.3.0.13117/lib/net35-full/DotNetOpenAuth.Core.dll
new file mode 100644
index 0000000..97ddc0d
Binary files /dev/null and b/PROJ-ETS/packages/DotNetOpenAuth.Core.4.3.0.13117/lib/net35-full/DotNetOpenAuth.Core.dll differ
diff --git a/PROJ-ETS/packages/DotNetOpenAuth.Core.4.3.0.13117/lib/net35-full/DotNetOpenAuth.Core.xml b/PROJ-ETS/packages/DotNetOpenAuth.Core.4.3.0.13117/lib/net35-full/DotNetOpenAuth.Core.xml
new file mode 100644
index 0000000..18bf9a1
--- /dev/null
+++ b/PROJ-ETS/packages/DotNetOpenAuth.Core.4.3.0.13117/lib/net35-full/DotNetOpenAuth.Core.xml
@@ -0,0 +1,10296 @@
+
+
+
+ DotNetOpenAuth.Core
+
+
+
+
+ Internal state consistency checks that throw an internal error exception when they fail.
+
+
+
+
+ Validates some expression describing the acceptable condition evaluates to true.
+
+ The expression that must evaluate to true to avoid an internal error exception.
+ The message to include with the exception.
+
+
+
+ Validates some expression describing the acceptable condition evaluates to true.
+
+ The expression that must evaluate to true to avoid an internal error exception.
+ The unformatted message.
+ Formatting arguments.
+
+
+
+ Throws an internal error exception.
+
+ The message.
+
+
+
+ Throws an internal error exception.
+
+ Nothing. This method always throws.
+
+
+
+ An internal error exception that should never be caught.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The message.
+
+
+
+ Initializes a new instance of the class.
+
+ The that holds the serialized object data about the exception being thrown.
+ The that contains contextual information about the source or destination.
+ The parameter is null.
+ The class name is null or is zero (0).
+
+
+
+ A message part encoder that translates between byte[] and base64web encoded strings.
+
+
+
+
+ An interface describing how various objects can be serialized and deserialized between their object and string forms.
+
+
+ Implementations of this interface must include a default constructor and must be thread-safe.
+
+
+
+
+ Encodes the specified value.
+
+ The value. Guaranteed to never be null.
+ The in string form, ready for message transport.
+
+
+
+ Decodes the specified value.
+
+ The string value carried by the transport. Guaranteed to never be null, although it may be empty.
+ The deserialized form of the given string.
+ Thrown when the string value given cannot be decoded into the required object type.
+
+
+
+ Encodes the specified value.
+
+ The value. Guaranteed to never be null.
+ The in string form, ready for message transport.
+
+
+
+ Decodes the specified value.
+
+ The string value carried by the transport. Guaranteed to never be null, although it may be empty.
+ The deserialized form of the given string.
+ Thrown when the string value given cannot be decoded into the required object type.
+
+
+
+ Provides RSA encryption of symmetric keys to protect them from a theft of
+ the persistent store.
+
+
+
+
+ A persistent store for rotating symmetric cryptographic keys.
+
+
+ Implementations should persist it in such a way that the keys are shared across all servers
+ on a web farm, where applicable.
+ The store should consider protecting the persistent store against theft resulting in the loss
+ of the confidentiality of the keys. One possible mitigation is to asymmetrically encrypt
+ each key using a certificate installed in the server's certificate store.
+
+
+
+
+ Gets the key in a given bucket and handle.
+
+ The bucket name. Case sensitive.
+ The key handle. Case sensitive.
+ The cryptographic key, or null if no matching key was found.
+
+
+
+ Gets a sequence of existing keys within a given bucket.
+
+ The bucket name. Case sensitive.
+ A sequence of handles and keys, ordered by descending .
+
+
+
+ Stores a cryptographic key.
+
+ The name of the bucket to store the key in. Case sensitive.
+ The handle to the key, unique within the bucket. Case sensitive.
+ The key to store.
+ Thrown in the event of a conflict with an existing key in the same bucket and with the same handle.
+
+
+
+ Removes the key.
+
+ The bucket name. Case sensitive.
+ The key handle. Case sensitive.
+
+
+
+ The persistent store for asymmetrically encrypted symmetric keys.
+
+
+
+
+ The memory cache of decrypted keys.
+
+
+
+
+ The asymmetric algorithm to use encrypting/decrypting the symmetric keys.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The data store.
+ The asymmetric protection to apply to symmetric keys. Must include the private key.
+
+
+
+ Gets the key in a given bucket and handle.
+
+ The bucket name. Case sensitive.
+ The key handle. Case sensitive.
+
+ The cryptographic key, or null if no matching key was found.
+
+
+
+
+ Gets a sequence of existing keys within a given bucket.
+
+ The bucket name. Case sensitive.
+
+ A sequence of handles and keys, ordered by descending .
+
+
+
+
+ Stores a cryptographic key.
+
+ The name of the bucket to store the key in. Case sensitive.
+ The handle to the key, unique within the bucket. Case sensitive.
+ The key to store.
+
+
+
+ Removes the key.
+
+ The bucket name. Case sensitive.
+ The key handle. Case sensitive.
+
+
+
+ Decrypts the specified key.
+
+ The bucket.
+ The handle.
+ The encrypted key.
+
+ The decrypted key.
+
+
+
+
+ An encrypted key and its decrypted equivalent.
+
+
+
+
+ A cryptographic key and metadata concerning it.
+
+
+
+
+ Backing field for the property.
+
+
+
+
+ Backing field for the property.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The cryptographic key.
+ The expires UTC.
+
+
+
+ Determines whether the specified is equal to this instance.
+
+ The to compare with this instance.
+
+ true if the specified is equal to this instance; otherwise, false.
+
+
+ The parameter is null.
+
+
+
+
+ Returns a hash code for this instance.
+
+
+ A hash code for this instance, suitable for use in hashing algorithms and data structures like a hash table.
+
+
+
+
+ Gets the key.
+
+
+
+
+ Gets the expiration date of this key (UTC time).
+
+
+
+
+ Initializes a new instance of the class.
+
+ The encrypted key.
+ The decrypted key.
+
+
+
+ Invariant conditions.
+
+
+
+
+ Gets the encrypted key.
+
+
+
+
+ Thrown by a hosting application or web site when a cryptographic key is created with a
+ bucket and handle that conflicts with a previously stored and unexpired key.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The inner exception to include.
+
+
+
+ Initializes a new instance of the class.
+
+ The
+ that holds the serialized object data about the exception being thrown.
+ The System.Runtime.Serialization.StreamingContext
+ that contains contextual information about the source or destination.
+
+
+
+ Code contract for the interface.
+
+
+
+
+ Gets the key in a given bucket and handle.
+
+ The bucket name. Case sensitive.
+ The key handle. Case sensitive.
+
+ The cryptographic key, or null if no matching key was found.
+
+
+
+
+ Gets a sequence of existing keys within a given bucket.
+
+ The bucket name. Case sensitive.
+
+ A sequence of handles and keys, ordered by descending .
+
+
+
+
+ Stores a cryptographic key.
+
+ The name of the bucket to store the key in. Case sensitive.
+ The handle to the key, unique within the bucket. Case sensitive.
+ The key to store.
+ Thrown in the event of a conflict with an existing key in the same bucket and with the same handle.
+
+
+
+ Removes the key.
+
+ The bucket name. Case sensitive.
+ The key handle. Case sensitive.
+
+
+
+ A in-memory store of crypto keys.
+
+
+
+
+ How frequently to check for and remove expired secrets.
+
+
+
+
+ An in-memory cache of decrypted symmetric keys.
+
+
+ The key is the bucket name. The value is a dictionary whose key is the handle and whose value is the cached key.
+
+
+
+
+ The last time the cache had expired keys removed from it.
+
+
+
+
+ Gets the key in a given bucket and handle.
+
+ The bucket name. Case sensitive.
+ The key handle. Case sensitive.
+
+ The cryptographic key, or null if no matching key was found.
+
+
+
+
+ Gets a sequence of existing keys within a given bucket.
+
+ The bucket name. Case sensitive.
+
+ A sequence of handles and keys, ordered by descending .
+
+
+
+
+ Stores a cryptographic key.
+
+ The name of the bucket to store the key in. Case sensitive.
+ The handle to the key, unique within the bucket. Case sensitive.
+ The key to store.
+ Thrown in the event of a conflict with an existing key in the same bucket and with the same handle.
+
+
+
+ Removes the key.
+
+ The bucket name. Case sensitive.
+ The key handle. Case sensitive.
+
+
+
+ Cleans the expired keys from memory cache if the cleaning interval has passed.
+
+
+
+
+ Weeds out expired keys from the in-memory cache.
+
+
+
+
+ A compact binary serialization class.
+
+ The -derived type to serialize/deserialize.
+
+
+
+ A serializer for -derived types
+
+ The DataBag-derived type that is to be serialized/deserialized.
+
+
+
+ A serializer for -derived types
+
+ The DataBag-derived type that is to be serialized/deserialized.
+
+
+
+ Serializes the specified message.
+
+ The message to serialize. Must not be null.
+ A non-null, non-empty value.
+
+
+
+ Deserializes a .
+
+ The instance to deserialize into
+ The serialized form of the to deserialize. Must not be null or empty.
+ The message that contains the serialized value. May be null if no carrying message is applicable.
+ The name of the parameter whose value is to be deserialized. Used for error message generation, but may be null.
+
+
+
+ The length of the nonce to include in tokens that can be decoded once only.
+
+
+
+
+ The message description cache to use for data bag types.
+
+
+
+
+ The minimum allowable lifetime for the key used to encrypt/decrypt or sign this databag.
+
+
+
+
+ The symmetric key store with the secret used for signing/encryption of verification codes and refresh tokens.
+
+
+
+
+ The bucket for symmetric keys.
+
+
+
+
+ The crypto to use for signing access tokens.
+
+
+
+
+ The crypto to use for encrypting access tokens.
+
+
+
+
+ A value indicating whether the data in this instance will be protected against tampering.
+
+
+
+
+ The nonce store to use to ensure that this instance is only decoded once.
+
+
+
+
+ The maximum age of a token that can be decoded; useful only when is true.
+
+
+
+
+ A value indicating whether the data in this instance will be protected against eavesdropping.
+
+
+
+
+ A value indicating whether the data in this instance will be GZip'd.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The crypto service provider with the asymmetric key to use for signing or verifying the token.
+ The crypto service provider with the asymmetric key to use for encrypting or decrypting the token.
+ A value indicating whether the data in this instance will be GZip'd.
+ The maximum age of a token that can be decoded; useful only when is true.
+ The nonce store to use to ensure that this instance is only decoded once.
+
+
+
+ Initializes a new instance of the class.
+
+ The crypto key store used when signing or encrypting.
+ The bucket in which symmetric keys are stored for signing/encrypting data.
+ A value indicating whether the data in this instance will be protected against tampering.
+ A value indicating whether the data in this instance will be protected against eavesdropping.
+ A value indicating whether the data in this instance will be GZip'd.
+ The required minimum lifespan within which this token must be decodable and verifiable; useful only when and/or is true.
+ The maximum age of a token that can be decoded; useful only when is true.
+ The nonce store to use to ensure that this instance is only decoded once.
+
+
+
+ Initializes a new instance of the class.
+
+ A value indicating whether the data in this instance will be protected against tampering.
+ A value indicating whether the data in this instance will be protected against eavesdropping.
+ A value indicating whether the data in this instance will be GZip'd.
+ The maximum age of a token that can be decoded; useful only when is true.
+ The nonce store to use to ensure that this instance is only decoded once.
+
+
+
+ Serializes the specified message, including compression, encryption, signing, and nonce handling where applicable.
+
+ The message to serialize. Must not be null.
+ A non-null, non-empty value.
+
+
+
+ Deserializes a , including decompression, decryption, signature and nonce validation where applicable.
+
+ The instance to initialize with deserialized data.
+ The serialized form of the to deserialize. Must not be null or empty.
+ The message that contains the serialized value. May be null if no carrying message is applicable.
+ The name of the parameter whose value is to be deserialized. Used for error message generation, but may be null.
+
+
+
+ Serializes the instance to a buffer.
+
+ The message.
+ The buffer containing the serialized data.
+
+
+
+ Deserializes the instance from a buffer.
+
+ The message instance to initialize with data from the buffer.
+ The data buffer.
+
+
+
+ Determines whether the signature on this instance is valid.
+
+ The signed data.
+ The signature.
+ The symmetric secret handle. null when using an asymmetric algorithm.
+
+ true if the signature is valid; otherwise, false.
+
+
+
+
+ Calculates the signature for the data in this verification code.
+
+ The bytes to sign.
+ The symmetric secret handle. null when using an asymmetric algorithm.
+
+ The calculated signature.
+
+
+
+
+ Encrypts the specified value using either the symmetric or asymmetric encryption algorithm as appropriate.
+
+ The value.
+ Receives the symmetric secret handle. null when using an asymmetric algorithm.
+
+ The encrypted value.
+
+
+
+
+ Decrypts the specified value using either the symmetric or asymmetric encryption algorithm as appropriate.
+
+ The value.
+ The symmetric secret handle. null when using an asymmetric algorithm.
+
+ The decrypted value.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The crypto service provider with the asymmetric key to use for signing or verifying the token.
+ The crypto service provider with the asymmetric key to use for encrypting or decrypting the token.
+ A value indicating whether the data in this instance will be GZip'd.
+ The maximum age of a token that can be decoded; useful only when is true.
+ The nonce store to use to ensure that this instance is only decoded once.
+
+
+
+ Initializes a new instance of the class.
+
+ The crypto key store used when signing or encrypting.
+ The bucket in which symmetric keys are stored for signing/encrypting data.
+ A value indicating whether the data in this instance will be protected against tampering.
+ A value indicating whether the data in this instance will be protected against eavesdropping.
+ A value indicating whether the data in this instance will be GZip'd.
+ The minimum age.
+ The maximum age of a token that can be decoded; useful only when is true.
+ The nonce store to use to ensure that this instance is only decoded once.
+
+
+
+ Serializes the instance to a buffer.
+
+ The message.
+ The buffer containing the serialized data.
+
+
+
+ Deserializes the instance from a buffer.
+
+ The message instance to initialize with data from the buffer.
+ The data buffer.
+
+
+
+ Cached details on the response from a direct web request to a remote party.
+
+
+
+
+ Details on the incoming response from a direct web request to a remote party.
+
+
+
+
+ The encoding to use in reading a response that does not declare its own content encoding.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The original request URI.
+ The response to initialize from. The network stream is used by this class directly.
+
+
+
+ Initializes a new instance of the class.
+
+ The request URI.
+ The final URI to respond to the request.
+ The headers.
+ The status code.
+ Type of the content.
+ The content encoding.
+
+
+
+ Returns a that represents the current .
+
+
+ A that represents the current .
+
+
+
+
+ Performs application-defined tasks associated with freeing, releasing, or resetting unmanaged resources.
+
+
+
+
+ Creates a text reader for the response stream.
+
+ The text reader, initialized for the proper encoding.
+
+
+
+ Gets an offline snapshot version of this instance.
+
+ The maximum bytes from the response stream to cache.
+ A snapshot version of this instance.
+
+ If this instance is a creating a snapshot
+ will automatically close and dispose of the underlying response stream.
+ If this instance is a , the result will
+ be the self same instance.
+
+
+
+
+ Releases unmanaged and - optionally - managed resources
+
+ true to release both managed and unmanaged resources; false to release only unmanaged resources.
+
+
+
+ Gets the type of the content.
+
+
+
+
+ Gets the content encoding.
+
+
+
+
+ Gets the URI of the initial request.
+
+
+
+
+ Gets the URI that finally responded to the request.
+
+
+ This can be different from the in cases of
+ redirection during the request.
+
+
+
+
+ Gets the headers that must be included in the response to the user agent.
+
+
+ The headers in this collection are not meant to be a comprehensive list
+ of exactly what should be sent, but are meant to augment whatever headers
+ are generally included in a typical response.
+
+
+
+
+ Gets the HTTP status code to use in the HTTP response.
+
+
+
+
+ Gets the body of the HTTP response.
+
+
+
+
+ A seekable, repeatable response stream.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The request URI.
+ The response.
+ The maximum bytes to read.
+
+
+
+ Initializes a new instance of the class.
+
+ The request URI.
+ The final URI to respond to the request.
+ The headers.
+ The status code.
+ Type of the content.
+ The content encoding.
+ The response stream.
+
+
+
+ Creates a text reader for the response stream.
+
+ The text reader, initialized for the proper encoding.
+
+
+
+ Gets the body of the response as a string.
+
+ The entire body of the response.
+
+
+
+ Gets an offline snapshot version of this instance.
+
+ The maximum bytes from the response stream to cache.
+ A snapshot version of this instance.
+
+ If this instance is a creating a snapshot
+ will automatically close and dispose of the underlying response stream.
+ If this instance is a , the result will
+ be the self same instance.
+
+
+
+
+ Sets the response to some string, encoded as UTF-8.
+
+ The string to set the response to.
+
+
+
+ Caches the network stream and closes it if it is open.
+
+ The response whose stream is to be cloned.
+ The maximum bytes to cache.
+ The seekable Stream instance that contains a copy of what was returned in the HTTP response.
+
+
+
+ Gets a value indicating whether the cached response stream was
+ truncated to a maximum allowable length.
+
+
+
+
+ Gets the body of the HTTP response.
+
+
+
+
+ Gets or sets the cached response stream.
+
+
+
+
+ Code contract for the class.
+
+
+
+
+ Manages sending direct messages to a remote party and receiving responses.
+
+
+
+
+ The content-type used on HTTP POST requests where the POST entity is a
+ URL-encoded series of key=value pairs.
+
+
+
+
+ The content-type used for JSON serialized objects.
+
+
+
+
+ The "text/javascript" content-type that some servers return instead of the standard one.
+
+
+
+
+ The content-type for plain text.
+
+
+
+
+ The HTML that should be returned to the user agent as part of a 301 Redirect.
+
+ A string that should be used as the first argument to string.Format, where the {0} should be replaced with the URL to redirect to.
+
+
+
+ The template for indirect messages that require form POST to forward through the user agent.
+
+
+ We are intentionally using " instead of the html single quote ' below because
+ the HtmlEncode'd values that we inject will only escape the double quote, so
+ only the double-quote used around these values is safe.
+
+
+
+
+ The encoding to use when writing out POST entity strings.
+
+
+
+
+ A default set of XML dictionary reader quotas that are relatively safe from causing unbounded memory consumption.
+
+
+
+
+ The content-type used on HTTP POST requests where the POST entity is a
+ URL-encoded series of key=value pairs.
+ This includes the character encoding.
+
+
+
+
+ A list of binding elements in the order they must be applied to outgoing messages.
+
+
+
+
+ A list of binding elements in the order they must be applied to incoming messages.
+
+
+
+
+ The default cache of message descriptions to use unless they are customized.
+
+
+ This is a perf optimization, so that we don't reflect over every message type
+ every time a channel is constructed.
+
+
+
+
+ A cache of reflected message types that may be sent or received on this channel.
+
+
+
+
+ A tool that can figure out what kind of message is being received
+ so it can be deserialized.
+
+
+
+
+ Backing store for the property.
+
+
+
+
+ Backing field for the property.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+ A class prepared to analyze incoming messages and indicate what concrete
+ message types can deserialize from it.
+
+
+ The binding elements to use in sending and receiving messages.
+ The order they are provided is used for outgoing messgaes, and reversed for incoming messages.
+
+
+
+
+ Sends an indirect message (either a request or response)
+ or direct message response for transmission to a remote party
+ and ends execution on the current page or handler.
+
+ The one-way message to send
+ Thrown by ASP.NET in order to prevent additional data from the page being sent to the client and corrupting the response.
+
+ Requires an HttpContext.Current context.
+
+
+
+
+ Sends an indirect message (either a request or response)
+ or direct message response for transmission to a remote party
+ and skips most of the remaining ASP.NET request handling pipeline.
+ Not safe to call from ASP.NET web forms.
+
+ The one-way message to send
+
+ Requires an HttpContext.Current context.
+ This call is not safe to make from an ASP.NET web form (.aspx file or code-behind) because
+ ASP.NET will render HTML after the protocol message has been sent, which will corrupt the response.
+ Use the method instead for web forms.
+
+
+
+
+ Prepares an indirect message (either a request or response)
+ or direct message response for transmission to a remote party.
+
+ The one-way message to send
+ The pending user agent redirect based message to be sent as an HttpResponse.
+
+
+
+ Gets the protocol message embedded in the given HTTP request, if present.
+
+ The deserialized message, if one is found. Null otherwise.
+
+ Requires an HttpContext.Current context.
+
+ Thrown when is null.
+
+
+
+ Gets the protocol message embedded in the given HTTP request, if present.
+
+ The expected type of the message to be received.
+ The deserialized message, if one is found. Null otherwise.
+ True if the expected message was recognized and deserialized. False otherwise.
+
+ Requires an HttpContext.Current context.
+
+ Thrown when is null.
+ Thrown when a request message of an unexpected type is received.
+
+
+
+ Gets the protocol message embedded in the given HTTP request, if present.
+
+ The expected type of the message to be received.
+ The request to search for an embedded message.
+ The deserialized message, if one is found. Null otherwise.
+ True if the expected message was recognized and deserialized. False otherwise.
+ Thrown when is null.
+ Thrown when a request message of an unexpected type is received.
+
+
+
+ Gets the protocol message embedded in the current HTTP request.
+
+ The expected type of the message to be received.
+ The deserialized message. Never null.
+
+ Requires an HttpContext.Current context.
+
+ Thrown when is null.
+ Thrown if the expected message was not recognized in the response.
+
+
+
+ Gets the protocol message embedded in the given HTTP request.
+
+ The expected type of the message to be received.
+ The request to search for an embedded message.
+ The deserialized message. Never null.
+ Thrown if the expected message was not recognized in the response.
+
+
+
+ Gets the protocol message that may be embedded in the given HTTP request.
+
+ The request to search for an embedded message.
+ The deserialized message, if one is found. Null otherwise.
+
+
+
+ Sends a direct message to a remote party and waits for the response.
+
+ The expected type of the message to be received.
+ The message to send.
+ The remote party's response.
+
+ Thrown if no message is recognized in the response
+ or an unexpected type of message is received.
+
+
+
+
+ Sends a direct message to a remote party and waits for the response.
+
+ The message to send.
+ The remote party's response. Guaranteed to never be null.
+ Thrown if the response does not include a protocol message.
+
+
+
+ Performs application-defined tasks associated with freeing, releasing, or resetting unmanaged resources.
+
+
+
+
+ Verifies the integrity and applicability of an incoming message.
+
+ The message just received.
+
+ Thrown when the message is somehow invalid.
+ This can be due to tampering, replay attack or expiration, among other things.
+
+
+
+
+ Prepares an HTTP request that carries a given message.
+
+ The message to send.
+ The prepared to send the request.
+
+ This method must be overridden by a derived class, unless the method
+ is overridden and does not require this method.
+
+
+
+
+ Queues a message for sending in the response stream where the fields
+ are sent in the response stream in querystring style.
+
+ The message to send as a response.
+ The pending user agent redirect based message to be sent as an HttpResponse.
+
+ This method implements spec OAuth V1.0 section 5.3.
+
+
+
+
+ Gets the protocol message that may be in the given HTTP response.
+
+ The response that is anticipated to contain an protocol message.
+ The deserialized message parts, if found. Null otherwise.
+ Thrown when the response is not valid.
+
+
+
+ This method should NOT be called by derived types
+ except when sending ONE WAY request messages.
+
+
+ Prepares a message for transmit by applying signatures, nonces, etc.
+
+ The message to prepare for sending.
+
+
+
+ Gets the HTTP context for the current HTTP request.
+
+ An HttpContextBase instance.
+
+
+
+ Gets the current HTTP request being processed.
+
+ The HttpRequestInfo for the current request.
+
+ Requires an context.
+
+ Thrown if HttpContext.Current == null.
+
+
+
+ Checks whether a given HTTP method is expected to include an entity body in its request.
+
+ The HTTP method.
+ true if the HTTP method is supposed to have an entity; false otherwise.
+
+
+
+ Applies message prescribed HTTP response headers to an outgoing web response.
+
+ The message.
+ The HTTP response.
+
+
+
+ Releases unmanaged and - optionally - managed resources
+
+ true to release both managed and unmanaged resources; false to release only unmanaged resources.
+
+
+
+ Fires the event.
+
+ The message about to be encoded and sent.
+
+
+
+ Gets the direct response of a direct HTTP request.
+
+ The web request.
+ The response to the web request.
+ Thrown on network or protocol errors.
+
+
+
+ Submits a direct request message to some remote party and blocks waiting for an immediately reply.
+
+ The request message.
+ The response message, or null if the response did not carry a message.
+
+ Typically a deriving channel will override to customize this method's
+ behavior. However in non-HTTP frameworks, such as unit test mocks, it may be appropriate to override
+ this method to eliminate all use of an HTTP transport.
+
+
+
+
+ Called when receiving a direct response message, before deserialization begins.
+
+ The HTTP direct response.
+ The newly instantiated message, prior to deserialization.
+
+
+
+ Gets the protocol message that may be embedded in the given HTTP request.
+
+ The request to search for an embedded message.
+ The deserialized message, if one is found. Null otherwise.
+
+
+
+ Deserializes a dictionary of values into a message.
+
+ The dictionary of values that were read from an HTTP request or response.
+ Information about where the message was directed. Null for direct response messages.
+ The deserialized message, or null if no message could be recognized in the provided data.
+
+
+
+ Queues an indirect message for transmittal via the user agent.
+
+ The message to send.
+ The pending user agent redirect based message to be sent as an HttpResponse.
+
+
+
+ Encodes an HTTP response that will instruct the user agent to forward a message to
+ some remote third party using a 301 Redirect GET method.
+
+ The message to forward.
+ The pre-serialized fields from the message.
+ if set to true the redirect will contain the message payload in the #fragment portion of the URL rather than the ?querystring.
+ The encoded HTTP response.
+
+
+
+ Encodes an HTTP response that will instruct the user agent to forward a message to
+ some remote third party using a form POST method.
+
+ The message to forward.
+ The pre-serialized fields from the message.
+ The encoded HTTP response.
+
+
+
+ Gets the protocol message that may be in the given HTTP response.
+
+ The response that is anticipated to contain an protocol message.
+ The deserialized message parts, if found. Null otherwise.
+ Thrown when the response is not valid.
+
+
+
+ Prepares an HTTP request that carries a given message.
+
+ The message to send.
+ The prepared to send the request.
+
+ This method must be overridden by a derived class, unless the method
+ is overridden and does not require this method.
+
+
+
+
+ Queues a message for sending in the response stream where the fields
+ are sent in the response stream in querystring style.
+
+ The message to send as a response.
+ The pending user agent redirect based message to be sent as an HttpResponse.
+
+ This method implements spec OAuth V1.0 section 5.3.
+
+
+
+
+ Serializes the given message as a JSON string.
+
+ The message to serialize.
+ A JSON string.
+
+
+
+ Deserializes from flat data from a JSON object.
+
+ A JSON string.
+ The simple "key":"value" pairs from a JSON-encoded object.
+
+
+
+ Prepares a message for transmit by applying signatures, nonces, etc.
+
+ The message to prepare for sending.
+
+ This method should NOT be called by derived types
+ except when sending ONE WAY request messages.
+
+
+
+
+ Prepares to send a request to the Service Provider as the query string in a GET request.
+
+ The message to be transmitted to the ServiceProvider.
+ The web request ready to send.
+
+ This method is simply a standard HTTP Get request with the message parts serialized to the query string.
+ This method satisfies OAuth 1.0 section 5.2, item #3.
+
+
+
+
+ Prepares to send a request to the Service Provider as the query string in a HEAD request.
+
+ The message to be transmitted to the ServiceProvider.
+ The web request ready to send.
+
+ This method is simply a standard HTTP HEAD request with the message parts serialized to the query string.
+ This method satisfies OAuth 1.0 section 5.2, item #3.
+
+
+
+
+ Prepares to send a request to the Service Provider as the payload of a POST request.
+
+ The message to be transmitted to the ServiceProvider.
+ The web request ready to send.
+
+ This method is simply a standard HTTP POST request with the message parts serialized to the POST entity
+ with the application/x-www-form-urlencoded content type
+ This method satisfies OAuth 1.0 section 5.2, item #2 and OpenID 2.0 section 4.1.2.
+
+
+
+
+ Prepares to send a request to the Service Provider as the query string in a PUT request.
+
+ The message to be transmitted to the ServiceProvider.
+ The web request ready to send.
+
+ This method is simply a standard HTTP PUT request with the message parts serialized to the query string.
+
+
+
+
+ Prepares to send a request to the Service Provider as the query string in a DELETE request.
+
+ The message to be transmitted to the ServiceProvider.
+ The web request ready to send.
+
+ This method is simply a standard HTTP DELETE request with the message parts serialized to the query string.
+
+
+
+
+ Sends the given parameters in the entity stream of an HTTP request.
+
+ The HTTP request.
+ The parameters to send.
+
+ This method calls and closes
+ the request stream, but does not call .
+
+
+
+
+ Sends the given parameters in the entity stream of an HTTP request in multi-part format.
+
+ The HTTP request.
+ The parameters to send.
+
+ This method calls and closes
+ the request stream, but does not call .
+
+
+
+
+ Verifies the integrity and applicability of an incoming message.
+
+ The message just received.
+
+ Thrown when the message is somehow invalid.
+ This can be due to tampering, replay attack or expiration, among other things.
+
+
+
+
+ Allows preprocessing and validation of message data before an appropriate message type is
+ selected or deserialized.
+
+ The received message data.
+
+
+
+ Performs additional processing on an outgoing web request before it is sent to the remote server.
+
+ The request.
+
+
+
+ Customizes the binding element order for outgoing and incoming messages.
+
+ The outgoing order.
+ The incoming order.
+
+ No binding elements can be added or removed from the channel using this method.
+ Only a customized order is allowed.
+
+ Thrown if a binding element is new or missing in one of the ordered lists.
+
+
+
+ Ensures a consistent and secure set of binding elements and
+ sorts them as necessary for a valid sequence of operations.
+
+ The binding elements provided to the channel.
+ The properly ordered list of elements.
+ Thrown when the binding elements are incomplete or inconsistent with each other.
+
+
+
+ Puts binding elements in their correct outgoing message processing order.
+
+ The first protection type to compare.
+ The second protection type to compare.
+
+ -1 if should be applied to an outgoing message before .
+ 1 if should be applied to an outgoing message before .
+ 0 if it doesn't matter.
+
+
+
+
+ Verifies that all required message parts are initialized to values
+ prior to sending the message to a remote party.
+
+ The message to verify.
+
+ Thrown when any required message part does not have a value.
+
+
+
+
+ Determines whether a given ordered list of binding elements includes every
+ binding element in this channel exactly once.
+
+ The list of binding elements to test.
+
+ true if the given list is a valid description of a binding element ordering; otherwise, false.
+
+
+
+
+ An event fired whenever a message is about to be encoded and sent.
+
+
+
+
+ Gets or sets an instance to a that will be used when
+ submitting HTTP requests and waiting for responses.
+
+
+ This defaults to a straightforward implementation, but can be set
+ to a mock object for testing purposes.
+
+
+
+
+ Gets or sets the maximum allowable size for a 301 Redirect response before we send
+ a 200 OK response with a scripted form POST with the parameters instead
+ in order to ensure successfully sending a large payload to another server
+ that might have a maximum allowable size restriction on its GET request.
+
+ The default value is 2048.
+
+
+
+ Gets or sets the message descriptions.
+
+
+
+
+ Gets a tool that can figure out what kind of message is being received
+ so it can be deserialized.
+
+
+
+
+ Gets the binding elements used by this channel, in no particular guaranteed order.
+
+
+
+
+ Gets the binding elements used by this channel, in the order applied to outgoing messages.
+
+
+
+
+ Gets the binding elements used by this channel, in the order applied to incoming messages.
+
+
+
+
+ Gets or sets a value indicating whether this instance is disposed.
+
+
+ true if this instance is disposed; otherwise, false.
+
+
+
+
+ Gets or sets a tool that can figure out what kind of message is being received
+ so it can be deserialized.
+
+
+
+
+ Gets or sets the cache policy to use for direct message requests.
+
+ Default is .
+
+
+
+ Gets or sets the XML dictionary reader quotas.
+
+ The XML dictionary reader quotas.
+
+
+
+ Prevents a default instance of the ChannelContract class from being created.
+
+
+
+
+ Gets the protocol message that may be in the given HTTP response.
+
+ The response that is anticipated to contain an protocol message.
+
+ The deserialized message parts, if found. Null otherwise.
+
+ Thrown when the response is not valid.
+
+
+
+ Queues a message for sending in the response stream where the fields
+ are sent in the response stream in querystring style.
+
+ The message to send as a response.
+
+ The pending user agent redirect based message to be sent as an HttpResponse.
+
+
+ This method implements spec V1.0 section 5.3.
+
+
+
+
+ HMAC-SHA algorithm names that can be passed to the method.
+
+
+
+
+ The name of the HMAC-SHA1 algorithm.
+
+
+
+
+ The name of the HMAC-SHA256 algorithm.
+
+
+
+
+ The name of the HMAC-SHA384 algorithm.
+
+
+
+
+ The name of the HMAC-SHA512 algorithm.
+
+
+
+
+ Creates an HMAC-SHA algorithm with the specified name and key.
+
+ A name from the available choices in the static const members of this class.
+ The secret key used as the HMAC.
+ The HMAC algorithm instance.
+
+
+
+ Well known HTTP headers.
+
+
+
+
+ The Authorization header, which specifies the credentials that the client presents in order to authenticate itself to the server.
+
+
+
+
+ The WWW-Authenticate header, which is included in HTTP 401 Unauthorized responses to help the client know which authorization schemes are supported.
+
+
+
+
+ The Content-Type header, which specifies the MIME type of the accompanying body data.
+
+
+
+
+ An interface that allows direct request messages to capture the details of the HTTP request they arrived on.
+
+
+
+
+ The interface that classes must implement to be serialized/deserialized
+ as protocol or extension messages.
+
+
+
+
+ Checks the message state for conformity to the protocol specification
+ and throws an exception if the message is invalid.
+
+
+ Some messages have required fields, or combinations of fields that must relate to each other
+ in specialized ways. After deserializing a message, this method checks the state of the
+ message to see if it conforms to the protocol.
+ Note that this property should not check signatures or perform any state checks
+ outside this scope of this particular message.
+
+ Thrown if the message is invalid.
+
+
+
+ Gets the version of the protocol or extension this message is prepared to implement.
+
+
+ Implementations of this interface should ensure that this property never returns null.
+
+
+
+
+ Gets the extra, non-standard Protocol parameters included in the message.
+
+
+ Implementations of this interface should ensure that this property never returns null.
+
+
+
+
+ Gets the HTTP headers of the request.
+
+ May be an empty collection, but must not be null.
+
+
+
+ Contract class for the interface.
+
+
+
+
+ Checks the message state for conformity to the protocol specification
+ and throws an exception if the message is invalid.
+
+
+ Some messages have required fields, or combinations of fields that must relate to each other
+ in specialized ways. After deserializing a message, this method checks the state of the
+ message to see if it conforms to the protocol.
+ Note that this property should not check signatures or perform any state checks
+ outside this scope of this particular message.
+
+ Thrown if the message is invalid.
+
+
+
+ Gets the HTTP headers of the request.
+
+ May be an empty collection, but must not be null.
+
+
+
+ Gets the version of the protocol or extension this message is prepared to implement.
+
+
+ Implementations of this interface should ensure that this property never returns null.
+
+
+
+
+ Gets the extra, non-standard Protocol parameters included in the message.
+
+
+ Implementations of this interface should ensure that this property never returns null.
+
+
+
+
+ An interface that allows indirect response messages to specify
+ HTTP transport specific properties.
+
+
+
+
+ Gets a value indicating whether the payload for the message should be included
+ in the redirect fragment instead of the query string or POST entity.
+
+
+
+
+ An interface that appears on messages that need to retain a description of
+ what their literal payload was when they were deserialized.
+
+
+
+
+ Gets or sets the original message parts, before any normalization or default values were assigned.
+
+
+
+
+ Code contract for the interface.
+
+
+
+
+ Gets or sets the original message parts, before any normalization or default values were assigned.
+
+
+
+
+ A set of flags that can control the behavior of an individual web request.
+
+
+
+
+ Indicates that default behavior is required.
+
+
+
+
+ Indicates that any response from the remote server, even those
+ with HTTP status codes that indicate errors, should not result
+ in a thrown exception.
+
+
+ Even with this flag set, should
+ be thrown when an HTTP protocol error occurs (i.e. timeouts).
+
+
+
+
+ Indicates that the HTTP request must be completed entirely
+ using SSL (including any redirects).
+
+
+
+
+ Extension methods for types.
+
+
+
+
+ Caches the results of enumerating over a given object so that subsequence enumerations
+ don't require interacting with the object a second time.
+
+ The type of element found in the enumeration.
+ The enumerable object.
+
+ Either a new enumerable object that caches enumerated results, or the original,
+ object if no caching is necessary to avoid additional CPU work.
+
+
+ This is designed for use on the results of generator methods (the ones with yield return in them)
+ so that only those elements in the sequence that are needed are ever generated, while not requiring
+ regeneration of elements that are enumerated over multiple times.
+ This can be a huge performance gain if enumerating multiple times over an expensive generator method.
+ Some enumerable types such as collections, lists, and already-cached generators do not require
+ any (additional) caching, and this method will simply return those objects rather than caching them
+ to avoid double-caching.
+
+
+
+
+ A wrapper for types and returns a caching
+ from its method.
+
+ The type of element in the sequence.
+
+
+
+ The results from enumeration of the live object that have been collected thus far.
+
+
+
+
+ The original generator method or other enumerable object whose contents should only be enumerated once.
+
+
+
+
+ The enumerator we're using over the generator method's results.
+
+
+
+
+ The sync object our caching enumerators use when adding a new live generator method result to the cache.
+
+
+ Although individual enumerators are not thread-safe, this should be
+ thread safe so that multiple enumerators can be created from it and used from different threads.
+
+
+
+
+ Initializes a new instance of the EnumerableCache class.
+
+ The generator.
+
+
+
+ Returns an enumerator that iterates through the collection.
+
+
+ A that can be used to iterate through the collection.
+
+
+
+
+ Returns an enumerator that iterates through a collection.
+
+
+ An object that can be used to iterate through the collection.
+
+
+
+
+ An enumerator that uses cached enumeration results whenever they are available,
+ and caches whatever results it has to pull from the original object.
+
+
+
+
+ The parent enumeration wrapper class that stores the cached results.
+
+
+
+
+ The position of this enumerator in the cached list.
+
+
+
+
+ Initializes a new instance of the EnumeratorCache class.
+
+ The parent cached enumerable whose GetEnumerator method is calling this constructor.
+
+
+
+ Performs application-defined tasks associated with freeing, releasing, or resetting unmanaged resources.
+
+
+
+
+ Advances the enumerator to the next element of the collection.
+
+
+ true if the enumerator was successfully advanced to the next element; false if the enumerator has passed the end of the collection.
+
+
+ The collection was modified after the enumerator was created.
+
+
+
+
+ Sets the enumerator to its initial position, which is before the first element in the collection.
+
+
+ The collection was modified after the enumerator was created.
+
+
+
+
+ Releases unmanaged and - optionally - managed resources
+
+ true to release both managed and unmanaged resources; false to release only unmanaged resources.
+
+
+
+ Gets the element in the collection at the current position of the enumerator.
+
+
+ The element in the collection at the current position of the enumerator.
+
+
+
+
+ Gets the element in the collection at the current position of the enumerator.
+
+
+ The element in the collection at the current position of the enumerator.
+
+
+
+
+ An exception to call out a configuration or runtime failure on the part of the
+ (web) application that is hosting this library.
+
+
+ This exception is used rather than for those errors
+ that should never be caught because they indicate a major error in the app itself
+ or its configuration.
+ It is an internal exception to assist in making it uncatchable.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The message.
+
+
+
+ Initializes a new instance of the class.
+
+ The message.
+ The inner exception.
+
+
+
+ Initializes a new instance of the class.
+
+ The that holds the serialized object data about the exception being thrown.
+ The that contains contextual information about the source or destination.
+
+ The parameter is null.
+
+
+ The class name is null or is zero (0).
+
+
+
+
+ An interface that allows direct response messages to specify
+ HTTP transport specific properties.
+
+
+
+
+ Gets the HTTP status code that the direct response should be sent with.
+
+
+
+
+ Gets the HTTP headers to add to the response.
+
+ May be an empty collection, but must not be null.
+
+
+
+ An interface that extension messages must implement.
+
+
+
+
+ Contract class for the interface.
+
+
+
+
+ Gets the HTTP status code that the direct response should be sent with.
+
+
+
+
+
+ Gets the HTTP headers to add to the response.
+
+ May be an empty collection, but must not be null.
+
+
+
+ Code contract for the interface.
+
+
+
+
+ Prevents a default instance of the class from being created.
+
+
+
+
+ Checks the message state for conformity to the protocol specification
+ and throws an exception if the message is invalid.
+
+
+ Some messages have required fields, or combinations of fields that must relate to each other
+ in specialized ways. After deserializing a message, this method checks the state of the
+ message to see if it conforms to the protocol.
+ Note that this property should not check signatures or perform any state checks
+ outside this scope of this particular message.
+
+ Thrown if the message is invalid.
+
+
+
+ Gets the version of the protocol or extension this message is prepared to implement.
+
+
+
+
+ Gets the extra, non-standard Protocol parameters included in the message.
+
+
+
+ Implementations of this interface should ensure that this property never returns null.
+
+
+
+
+ Undirected messages that serve as direct responses to direct requests.
+
+
+
+
+ The interface that classes must implement to be serialized/deserialized
+ as protocol messages.
+
+
+
+
+ Gets the level of protection this message requires.
+
+
+
+
+ Gets a value indicating whether this is a direct or indirect message.
+
+
+
+
+ Gets the originating request message that caused this response to be formed.
+
+
+
+
+ An empty dictionary. Useful for avoiding memory allocations in creating new dictionaries to represent empty ones.
+
+ The type of the key.
+ The type of the value.
+
+
+
+ The singleton instance of the empty dictionary.
+
+
+
+
+ Prevents a default instance of the EmptyDictionary class from being created.
+
+
+
+
+ Adds an element with the provided key and value to the .
+
+ The object to use as the key of the element to add.
+ The object to use as the value of the element to add.
+
+ is null.
+
+
+ An element with the same key already exists in the .
+
+
+ The is read-only.
+
+
+
+
+ Determines whether the contains an element with the specified key.
+
+ The key to locate in the .
+
+ true if the contains an element with the key; otherwise, false.
+
+
+ is null.
+
+
+
+
+ Removes the element with the specified key from the .
+
+ The key of the element to remove.
+
+ true if the element is successfully removed; otherwise, false. This method also returns false if was not found in the original .
+
+
+ is null.
+
+
+ The is read-only.
+
+
+
+
+ Gets the value associated with the specified key.
+
+ The key whose value to get.
+ When this method returns, the value associated with the specified key, if the key is found; otherwise, the default value for the type of the parameter. This parameter is passed uninitialized.
+
+ true if the object that implements contains an element with the specified key; otherwise, false.
+
+
+ is null.
+
+
+
+
+ Adds an item to the .
+
+ The object to add to the .
+
+ The is read-only.
+
+
+
+
+ Removes all items from the .
+
+
+ The is read-only.
+
+
+
+
+ Determines whether the contains a specific value.
+
+ The object to locate in the .
+
+ true if is found in the ; otherwise, false.
+
+
+
+
+ Copies the elements of the to an , starting at a particular index.
+
+ The one-dimensional that is the destination of the elements copied from . The must have zero-based indexing.
+ The zero-based index in at which copying begins.
+
+ is null.
+
+
+ is less than 0.
+
+
+ is multidimensional.
+ -or-
+ is equal to or greater than the length of .
+ -or-
+ The number of elements in the source is greater than the available space from to the end of the destination .
+ -or-
+ Type cannot be cast automatically to the type of the destination .
+
+
+
+
+ Removes the first occurrence of a specific object from the .
+
+ The object to remove from the .
+
+ true if was successfully removed from the ; otherwise, false. This method also returns false if is not found in the original .
+
+
+ The is read-only.
+
+
+
+
+ Returns an enumerator that iterates through the collection.
+
+
+ A that can be used to iterate through the collection.
+
+
+
+
+ Returns an enumerator that iterates through a collection.
+
+
+ An object that can be used to iterate through the collection.
+
+
+
+
+ Gets an containing the values in the .
+
+
+
+ An containing the values in the object that implements .
+
+
+
+
+ Gets the number of elements contained in the .
+
+
+
+ The number of elements contained in the .
+
+
+
+
+ Gets a value indicating whether the is read-only.
+
+
+ true if the is read-only; otherwise, false.
+
+
+
+
+ Gets an containing the keys of the .
+
+
+
+ An containing the keys of the object that implements .
+
+
+
+
+ Gets or sets the value with the specified key.
+
+ The key being read or written.
+ Nothing. It always throws.
+
+
+
+ An enumerator that always generates zero elements.
+
+
+
+
+ The singleton instance of this empty enumerator.
+
+
+
+
+ Prevents a default instance of the class from being created.
+
+
+
+
+ Advances the enumerator to the next element of the collection.
+
+
+ true if the enumerator was successfully advanced to the next element; false if the enumerator has passed the end of the collection.
+
+
+ The collection was modified after the enumerator was created.
+
+
+
+
+ Sets the enumerator to its initial position, which is before the first element in the collection.
+
+
+ The collection was modified after the enumerator was created.
+
+
+
+
+ Gets the current element in the collection.
+
+
+
+ The current element in the collection.
+
+
+ The enumerator is positioned before the first element of the collection or after the last element.
+
+
+
+
+ An empty, read-only list.
+
+ The type the list claims to include.
+
+
+
+ The singleton instance of the empty list.
+
+
+
+
+ Prevents a default instance of the EmptyList class from being created.
+
+
+
+
+ Determines the index of a specific item in the .
+
+ The object to locate in the .
+
+ The index of if found in the list; otherwise, -1.
+
+
+
+
+ Inserts an item to the at the specified index.
+
+ The zero-based index at which should be inserted.
+ The object to insert into the .
+
+ is not a valid index in the .
+
+
+ The is read-only.
+
+
+
+
+ Removes the item at the specified index.
+
+ The zero-based index of the item to remove.
+
+ is not a valid index in the .
+
+
+ The is read-only.
+
+
+
+
+ Adds an item to the .
+
+ The object to add to the .
+
+ The is read-only.
+
+
+
+
+ Removes all items from the .
+
+
+ The is read-only.
+
+
+
+
+ Determines whether the contains a specific value.
+
+ The object to locate in the .
+
+ true if is found in the ; otherwise, false.
+
+
+
+
+ Copies the elements of the to an , starting at a particular index.
+
+ The one-dimensional that is the destination of the elements copied from . The must have zero-based indexing.
+ The zero-based index in at which copying begins.
+
+ is null.
+
+
+ is less than 0.
+
+
+ is multidimensional.
+ -or-
+ is equal to or greater than the length of .
+ -or-
+ The number of elements in the source is greater than the available space from to the end of the destination .
+ -or-
+ Type cannot be cast automatically to the type of the destination .
+
+
+
+
+ Removes the first occurrence of a specific object from the .
+
+ The object to remove from the .
+
+ true if was successfully removed from the ; otherwise, false. This method also returns false if is not found in the original .
+
+
+ The is read-only.
+
+
+
+
+ Returns an enumerator that iterates through the collection.
+
+
+ A that can be used to iterate through the collection.
+
+
+
+
+ Returns an enumerator that iterates through a collection.
+
+
+ An object that can be used to iterate through the collection.
+
+
+
+
+ Gets the number of elements contained in the .
+
+
+
+ The number of elements contained in the .
+
+
+
+
+ Gets a value indicating whether the is read-only.
+
+
+ true if the is read-only; otherwise, false.
+
+
+
+
+ Gets or sets the at the specified index.
+
+ The index of the element in the list to change.
+ Nothing. It always throws.
+
+
+
+ A collection of error checking and reporting methods.
+
+
+
+
+ Wraps an exception in a new .
+
+ The inner exception to wrap.
+ The error message for the outer exception.
+ The string formatting arguments, if any.
+ The newly constructed (unthrown) exception.
+
+
+
+ Throws an internal error exception.
+
+ The error message.
+ Nothing. But included here so callers can "throw" this method for C# safety.
+ Always thrown.
+
+
+
+ Checks a condition and throws an internal error exception if it evaluates to false.
+
+ The condition to check.
+ The message to include in the exception, if created.
+ Thrown if evaluates to false.
+
+
+
+ Checks a condition and throws an internal error exception if it evaluates to false.
+
+ The condition to check.
+ The message to include in the exception, if created.
+ The formatting arguments.
+ Thrown if evaluates to false.
+
+
+
+ Checks a condition and throws an if it evaluates to false.
+
+ The condition to check.
+ The message to include in the exception, if created.
+ Thrown if evaluates to false.
+
+
+
+ Checks a condition and throws a if it evaluates to false.
+
+ The condition to check.
+ The message to include in the exception, if created.
+ Thrown if evaluates to false.
+
+
+
+ Checks a condition and throws a if it evaluates to false.
+
+ The condition to check.
+ The message to include in the exception, if created.
+ The string formatting arguments for .
+ Thrown if evaluates to false.
+
+
+
+ Checks a condition and throws an if it evaluates to false.
+
+ The condition to check.
+ The message to include in the exception, if created.
+ The formatting arguments.
+ Thrown if evaluates to false.
+
+
+
+ Throws a if some evaluates to false.
+
+ True to do nothing; false to throw the exception.
+ The error message for the exception.
+ The string formatting arguments, if any.
+ Thrown if evaluates to false.
+
+
+
+ Throws a if some evaluates to false.
+
+ True to do nothing; false to throw the exception.
+ The message being processed that would be responsible for the exception if thrown.
+ The error message for the exception.
+ The string formatting arguments, if any.
+ Thrown if evaluates to false.
+
+
+
+ Throws a if some evaluates to false.
+
+ True to do nothing; false to throw the exception.
+ The error message for the exception.
+ The string formatting arguments, if any.
+ Thrown if evaluates to false.
+
+
+
+ Throws a .
+
+ The message to set in the exception.
+ The formatting arguments of the message.
+
+ An InternalErrorException, which may be "thrown" by the caller in order
+ to satisfy C# rules to show that code will never be reached, but no value
+ actually is ever returned because this method guarantees to throw.
+
+ Always thrown.
+
+
+
+ Throws a .
+
+ The message for the exception.
+ The string formatting arguments for .
+ Nothing. It's just here so the caller can throw this method for C# compilation check.
+
+
+
+ Throws a if some condition is false.
+
+ The expression to evaluate. A value of false will cause the exception to be thrown.
+ The message for the exception.
+ The string formatting arguments for .
+ Thrown when is false.
+
+
+
+ Verifies something about the argument supplied to a method.
+
+ The condition that must evaluate to true to avoid an exception.
+ The message to use in the exception if the condition is false.
+ The string formatting arguments, if any.
+ Thrown if evaluates to false.
+
+
+
+ Throws an .
+
+ Name of the parameter.
+ The message to use in the exception if the condition is false.
+ The string formatting arguments, if any.
+ Never returns anything. It always throws.
+
+
+
+ Verifies something about the argument supplied to a method.
+
+ The condition that must evaluate to true to avoid an exception.
+ Name of the parameter.
+ The message to use in the exception if the condition is false.
+ The string formatting arguments, if any.
+ Thrown if evaluates to false.
+
+
+
+ Verifies that some given value is not null.
+
+ The value to check.
+ Name of the parameter, which will be used in the , if thrown.
+ Thrown if is null.
+
+
+
+ Verifies that some string is not null and has non-zero length.
+
+ The value to check.
+ Name of the parameter, which will be used in the , if thrown.
+ Thrown if is null.
+ Thrown if has zero length.
+
+
+
+ Verifies that != null.
+
+ Thrown if == null
+
+
+
+ Obtains a value from the dictionary if possible, or throws a if it's missing.
+
+ The type of key in the dictionary.
+ The type of value in the dictionary.
+ The dictionary.
+ The key to use to look up the value.
+ The message to claim is invalid if the key cannot be found.
+ The value for the given key.
+
+
+
+ An interface that messages wishing to perform custom serialization/deserialization
+ may implement to be notified of events.
+
+
+
+
+ Called when the message is about to be transmitted,
+ before it passes through the channel binding elements.
+
+
+
+
+ Called when the message has been received,
+ after it passes through the channel binding elements.
+
+
+
+
+ Code contract for the class.
+
+
+
+
+ Creates a text reader for the response stream.
+
+
+ The text reader, initialized for the proper encoding.
+
+
+
+
+ Gets an offline snapshot version of this instance.
+
+ The maximum bytes from the response stream to cache.
+ A snapshot version of this instance.
+
+ If this instance is a creating a snapshot
+ will automatically close and dispose of the underlying response stream.
+ If this instance is a , the result will
+ be the self same instance.
+
+
+
+
+ Gets the body of the HTTP response.
+
+
+
+
+
+ A protocol message that supports adding extensions to the payload for transmission.
+
+
+
+
+ Gets the list of extensions that are included with this message.
+
+
+ Implementations of this interface should ensure that this property never returns null.
+
+
+
+
+ Code contract for the interface.
+
+
+
+
+ Prevents a default instance of the class from being created.
+
+
+
+
+ Checks the message state for conformity to the protocol specification
+ and throws an exception if the message is invalid.
+
+
+ Some messages have required fields, or combinations of fields that must relate to each other
+ in specialized ways. After deserializing a message, this method checks the state of the
+ message to see if it conforms to the protocol.
+ Note that this property should not check signatures or perform any state checks
+ outside this scope of this particular message.
+
+ Thrown if the message is invalid.
+
+
+
+ Gets the list of extensions that are included with this message.
+
+
+ Implementations of this interface should ensure that this property never returns null.
+
+
+
+
+ Gets the level of protection this message requires.
+
+
+
+
+ Gets a value indicating whether this is a direct or indirect message.
+
+
+
+
+ Gets the version of the protocol or extension this message is prepared to implement.
+
+
+ Implementations of this interface should ensure that this property never returns null.
+
+
+
+
+ Gets the extra, non-standard Protocol parameters included in the message.
+
+
+ Implementations of this interface should ensure that this property never returns null.
+
+
+
+
+ An internal exception to throw if an internal error within the library requires
+ an abort of the operation.
+
+
+ This exception is internal to prevent clients of the library from catching what is
+ really an unexpected, potentially unrecoverable exception.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The message.
+
+
+
+ Initializes a new instance of the class.
+
+ The message.
+ The inner exception.
+
+
+
+ Initializes a new instance of the class.
+
+ The that holds the serialized object data about the exception being thrown.
+ The that contains contextual information about the source or destination.
+
+ The parameter is null.
+
+
+ The class name is null or is zero (0).
+
+
+
+
+ An interface implemented by -derived types that support binary serialization.
+
+
+
+
+ Serializes the instance to the specified stream.
+
+ The stream.
+
+
+
+ Initializes the fields on this instance from the specified stream.
+
+ The stream.
+
+
+
+ Code Contract for the interface.
+
+
+
+
+ Serializes the instance to the specified stream.
+
+ The stream.
+
+
+
+ Initializes the fields on this instance from the specified stream.
+
+ The stream.
+
+
+
+ A KeyedCollection whose item -> key transform is provided via a delegate
+ to its constructor, and null items are disallowed.
+
+ The type of the key.
+ The type of the item.
+
+
+
+ The delegate that returns a key for the given item.
+
+
+
+
+ Initializes a new instance of the KeyedCollectionDelegate class.
+
+ The delegate that gets the key for a given item.
+
+
+
+ When implemented in a derived class, extracts the key from the specified element.
+
+ The element from which to extract the key.
+ The key for the specified element.
+
+
+
+ Represents a single part in a HTTP multipart POST request.
+
+
+
+
+ The "Content-Disposition" string.
+
+
+
+
+ The two-character \r\n newline character sequence to use.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The content disposition of the part.
+
+
+
+ Creates a part that represents a simple form field.
+
+ The name of the form field.
+ The value.
+ The constructed part.
+
+
+
+ Creates a part that represents a file attachment.
+
+ The name of the form field.
+ The path to the file to send.
+ Type of the content in HTTP Content-Type format.
+ The constructed part.
+
+
+
+ Creates a part that represents a file attachment.
+
+ The name of the form field.
+ Name of the file as the server should see it.
+ Type of the content in HTTP Content-Type format.
+ The content of the file.
+ The constructed part.
+
+
+
+ Performs application-defined tasks associated with freeing, releasing, or resetting unmanaged resources.
+
+
+
+
+ Serializes the part to a stream.
+
+ The stream writer.
+
+
+
+ Releases unmanaged and - optionally - managed resources
+
+ true to release both managed and unmanaged resources; false to release only unmanaged resources.
+
+
+
+ Gets or sets the content disposition.
+
+ The content disposition.
+
+
+
+ Gets the key=value attributes that appear on the same line as the Content-Disposition.
+
+ The content attributes.
+
+
+
+ Gets the headers that appear on subsequent lines after the Content-Disposition.
+
+
+
+
+ Gets or sets the content of the part.
+
+
+
+
+ Gets the length of this entire part.
+
+ Useful for calculating the ContentLength HTTP header to send before actually serializing the content.
+
+
+
+ A live network HTTP response
+
+
+
+
+ The network response object, used to initialize this instance, that still needs
+ to be closed if applicable.
+
+
+
+
+ The incoming network response stream.
+
+
+
+
+ A value indicating whether a stream reader has already been
+ created on this instance.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The request URI.
+ The response.
+
+
+
+ Creates a text reader for the response stream.
+
+ The text reader, initialized for the proper encoding.
+
+
+
+ Gets an offline snapshot version of this instance.
+
+ The maximum bytes from the response stream to cache.
+ A snapshot version of this instance.
+
+ If this instance is a creating a snapshot
+ will automatically close and dispose of the underlying response stream.
+ If this instance is a , the result will
+ be the self same instance.
+
+
+
+
+ Releases unmanaged and - optionally - managed resources
+
+ true to release both managed and unmanaged resources; false to release only unmanaged resources.
+
+
+
+ Gets the body of the HTTP response.
+
+
+
+
+ An ASP.NET MVC structure to represent the response to send
+ to the user agent when the controller has finished its work.
+
+
+
+
+ The outgoing web response to send when the ActionResult is executed.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The response.
+
+
+
+ Enables processing of the result of an action method by a custom type that inherits from .
+
+ The context in which to set the response.
+
+
+
+ An exception to represent errors in the local or remote implementation of the protocol
+ that includes the response message that should be returned to the HTTP client to comply
+ with the protocol specification.
+
+
+
+
+ An exception to represent errors in the local or remote implementation of the protocol.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Initializes a new instance of the class.
+
+ A message describing the specific error the occurred or was detected.
+
+
+
+ Initializes a new instance of the class.
+
+ A message describing the specific error the occurred or was detected.
+ The inner exception to include.
+
+
+
+ Initializes a new instance of the class
+ such that it can be sent as a protocol message response to a remote caller.
+
+ The human-readable exception message.
+ The message that was the cause of the exception. May be null.
+ The inner exception to include.
+
+
+
+ Initializes a new instance of the class.
+
+ The
+ that holds the serialized object data about the exception being thrown.
+ The System.Runtime.Serialization.StreamingContext
+ that contains contextual information about the source or destination.
+
+
+
+ Gets the message that caused the exception.
+
+
+
+
+ The channel that produced the error response message, to be used in constructing the actual HTTP response.
+
+
+
+
+ Initializes a new instance of the class
+ such that it can be sent as a protocol message response to a remote caller.
+
+ The channel to use when encoding the response message.
+ The message to send back to the HTTP client.
+ The message that was the cause of the exception. May be null.
+ The inner exception.
+ The message for the exception.
+
+
+
+ Initializes a new instance of the class.
+
+ The
+ that holds the serialized object data about the exception being thrown.
+ The System.Runtime.Serialization.StreamingContext
+ that contains contextual information about the source or destination.
+
+
+
+ Creates the HTTP response to forward to the client to report the error.
+
+ The HTTP response.
+
+
+
+ Gets the protocol message to send back to the client to report the error.
+
+
+
+
+ Code contract for the type.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Encodes the specified value.
+
+ The value. Guaranteed to never be null.
+
+ The in string form, ready for message transport.
+
+
+
+
+ Decodes the specified value.
+
+ The string value carried by the transport. Guaranteed to never be null, although it may be empty.
+
+ The deserialized form of the given string.
+
+ Thrown when the string value given cannot be decoded into the required object type.
+
+
+
+ An interface describing how various objects can be serialized and deserialized between their object and string forms.
+
+
+ Implementations of this interface must include a default constructor and must be thread-safe.
+
+
+
+
+ Gets the type of the encoded values produced by this encoder, as they would appear in their preferred form.
+
+
+
+
+ A message part encoder that has a special encoding for a null value.
+
+
+
+
+ Gets the string representation to include in a serialized message
+ when the message part has a null value.
+
+
+
+
+ An interface describing how various objects can be serialized and deserialized between their object and string forms.
+
+
+ Implementations of this interface must include a default constructor and must be thread-safe.
+
+
+
+
+ Encodes the specified value as the original value that was formerly decoded.
+
+ The value. Guaranteed to never be null.
+ The in string form, ready for message transport.
+
+
+
+ A cache of instances.
+
+
+
+
+ A dictionary of reflected message types and the generated reflection information.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Returns an enumerator that iterates through a collection.
+
+
+ An object that can be used to iterate through the collection.
+
+
+
+
+ Returns an enumerator that iterates through a collection.
+
+
+ An object that can be used to iterate through the collection.
+
+
+
+
+ Gets a instance prepared for the
+ given message type.
+
+ A type that implements .
+ The protocol version of the message.
+ A instance.
+
+
+
+ Gets a instance prepared for the
+ given message type.
+
+ The message for which a should be obtained.
+
+ A instance.
+
+
+
+
+ Gets the dictionary that provides read/write access to a message.
+
+ The message.
+ The dictionary.
+
+
+
+ Gets the dictionary that provides read/write access to a message.
+
+ The message.
+ A value indicating whether this message dictionary will retrieve original values instead of normalized ones.
+ The dictionary.
+
+
+
+ A struct used as the key to bundle message type and version.
+
+
+
+
+ Backing store for the property.
+
+
+
+
+ Backing store for the property.
+
+
+
+
+ Initializes a new instance of the struct.
+
+ Type of the message.
+ The message version.
+
+
+
+ Implements the operator ==.
+
+ The first object to compare.
+ The second object to compare.
+ The result of the operator.
+
+
+
+ Implements the operator !=.
+
+ The first object to compare.
+ The second object to compare.
+ The result of the operator.
+
+
+
+ Indicates whether this instance and a specified object are equal.
+
+ Another object to compare to.
+
+ true if and this instance are the same type and represent the same value; otherwise, false.
+
+
+
+
+ Returns the hash code for this instance.
+
+
+ A 32-bit signed integer that is the hash code for this instance.
+
+
+
+
+ Gets the message type.
+
+
+
+
+ Gets the message version.
+
+
+
+
+ Allows a custom class or struct to be serializable between itself and a string representation.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The implementing type to use for serializing this type.
+
+
+
+ Gets the default encoder to use for the declaring class.
+
+
+
+
+ A message factory that automatically selects the message type based on the incoming data.
+
+
+
+
+ A tool to analyze an incoming message to figure out what concrete class
+ is designed to deserialize it and instantiates that class.
+
+
+
+
+ Analyzes an incoming request message payload to discover what kind of
+ message is embedded in it and returns the type, or null if no match is found.
+
+ The intended or actual recipient of the request message.
+ The name/value pairs that make up the message payload.
+
+ A newly instantiated -derived object that this message can
+ deserialize to. Null if the request isn't recognized as a valid protocol message.
+
+
+
+
+ Analyzes an incoming request message payload to discover what kind of
+ message is embedded in it and returns the type, or null if no match is found.
+
+
+ The message that was sent as a request that resulted in the response.
+
+ The name/value pairs that make up the message payload.
+
+ A newly instantiated -derived object that this message can
+ deserialize to. Null if the request isn't recognized as a valid protocol message.
+
+
+
+
+ The request message types and their constructors to use for instantiating the messages.
+
+
+
+
+ The response message types and their constructors to use for instantiating the messages.
+
+
+ The value is a dictionary, whose key is the type of the constructor's lone parameter.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Adds message types to the set that this factory can create.
+
+ The message types that this factory may instantiate.
+
+
+
+ Analyzes an incoming request message payload to discover what kind of
+ message is embedded in it and returns the type, or null if no match is found.
+
+ The intended or actual recipient of the request message.
+ The name/value pairs that make up the message payload.
+
+ A newly instantiated -derived object that this message can
+ deserialize to. Null if the request isn't recognized as a valid protocol message.
+
+
+
+
+ Analyzes an incoming request message payload to discover what kind of
+ message is embedded in it and returns the type, or null if no match is found.
+
+ The message that was sent as a request that resulted in the response.
+ The name/value pairs that make up the message payload.
+
+ A newly instantiated -derived object that this message can
+ deserialize to. Null if the request isn't recognized as a valid protocol message.
+
+
+
+
+ Gets the message type that best fits the given incoming request data.
+
+ The recipient of the incoming data. Typically not used, but included just in case.
+ The data of the incoming message.
+
+ The message type that matches the incoming data; or null if no match.
+
+ May be thrown if the incoming data is ambiguous.
+
+
+
+ Gets the message type that best fits the given incoming direct response data.
+
+ The request message that prompted the response data.
+ The data of the incoming message.
+
+ The message type that matches the incoming data; or null if no match.
+
+ May be thrown if the incoming data is ambiguous.
+
+
+
+ Instantiates the given request message type.
+
+ The message description.
+ The recipient.
+ The instantiated message. Never null.
+
+
+
+ Instantiates the given request message type.
+
+ The message description.
+ The request that resulted in this response.
+ The instantiated message. Never null.
+
+
+
+ Gets the hierarchical distance between a type and a type it derives from or implements.
+
+ The base type or interface.
+ The concrete class that implements the .
+ The distance between the two types. 0 if the types are equivalent, 1 if the type immediately derives from or implements the base type, or progressively higher integers.
+
+
+
+ Counts how many strings are in the intersection of two collections.
+
+ The first collection.
+ The second collection.
+ The string comparison method to use.
+ A non-negative integer no greater than the count of elements in the smallest collection.
+
+
+
+ Finds constructors for response messages that take a given request message type.
+
+ The message description.
+ Type of the request message.
+ A sequence of matching constructors.
+
+
+
+ Contract class for the IDataBagFormatter interface.
+
+ The type of DataBag to serialize.
+
+
+
+ Prevents a default instance of the class from being created.
+
+
+
+
+ Serializes the specified message.
+
+ The message to serialize. Must not be null.
+ A non-null, non-empty value.
+
+
+
+ Deserializes a .
+
+ The instance to deserialize into
+ The serialized form of the to deserialize. Must not be null or empty.
+ The message that contains the serialized value. Must not be nulll.
+ Name of the message part whose value is to be deserialized. Used for exception messages.
+
+
+
+ A serializer for -derived types
+
+ The DataBag-derived type that is to be serialized/deserialized.
+
+
+
+ Initializes a new instance of the class.
+
+ The crypto service provider with the asymmetric key to use for signing or verifying the token.
+ The crypto service provider with the asymmetric key to use for encrypting or decrypting the token.
+ A value indicating whether the data in this instance will be GZip'd.
+ The maximum age of a token that can be decoded; useful only when is true.
+ The nonce store to use to ensure that this instance is only decoded once.
+
+
+
+ Initializes a new instance of the class.
+
+ The crypto key store used when signing or encrypting.
+ The bucket in which symmetric keys are stored for signing/encrypting data.
+ A value indicating whether the data in this instance will be protected against tampering.
+ A value indicating whether the data in this instance will be protected against eavesdropping.
+ A value indicating whether the data in this instance will be GZip'd.
+ The minimum age.
+ The maximum age of a token that can be decoded; useful only when is true.
+ The nonce store to use to ensure that this instance is only decoded once.
+
+
+
+ Serializes the instance to a buffer.
+
+ The message.
+ The buffer containing the serialized data.
+
+
+
+ Deserializes the instance from a buffer.
+
+ The message instance to initialize with data from the buffer.
+ The data buffer.
+
+
+
+ A channel that uses the standard message factory.
+
+
+
+
+ The message types receivable by this channel.
+
+
+
+
+ The protocol versions supported by this channel.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The message types that might be encountered.
+ All the possible message versions that might be encountered.
+
+ The binding elements to use in sending and receiving messages.
+ The order they are provided is used for outgoing messgaes, and reversed for incoming messages.
+
+
+
+
+ Generates all the message descriptions for a given set of message types and versions.
+
+ The message types.
+ The message versions.
+ The cache to use when obtaining the message descriptions.
+ The generated/retrieved message descriptions.
+
+
+
+ Gets or sets a tool that can figure out what kind of message is being received
+ so it can be deserialized.
+
+
+
+
+ Gets or sets the message descriptions.
+
+
+
+
+ Gets or sets a tool that can figure out what kind of message is being received
+ so it can be deserialized.
+
+
+
+
+ A collection of message parts that will be serialized into a single string,
+ to be set into a larger message.
+
+
+
+
+ The default version for DataBags.
+
+
+
+
+ The backing field for the property.
+
+
+
+
+ A dictionary to contain extra message data.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The DataBag version.
+
+
+
+ Checks the message state for conformity to the protocol specification
+ and throws an exception if the message is invalid.
+
+
+ Some messages have required fields, or combinations of fields that must relate to each other
+ in specialized ways. After deserializing a message, this method checks the state of the
+ message to see if it conforms to the protocol.
+ Note that this property should not check signatures or perform any state checks
+ outside this scope of this particular message.
+
+ Thrown if the message is invalid.
+
+
+
+ Checks the message state for conformity to the protocol specification
+ and throws an exception if the message is invalid.
+
+
+ Some messages have required fields, or combinations of fields that must relate to each other
+ in specialized ways. After deserializing a message, this method checks the state of the
+ message to see if it conforms to the protocol.
+ Note that this property should not check signatures or perform any state checks
+ outside this scope of this particular message.
+
+ Thrown if the message is invalid.
+
+
+
+ Gets the version of the protocol or extension this message is prepared to implement.
+
+
+ Implementations of this interface should ensure that this property never returns null.
+
+
+
+
+ Gets the extra, non-standard Protocol parameters included in the message.
+
+
+
+ Implementations of this interface should ensure that this property never returns null.
+
+
+
+
+ Gets or sets the nonce.
+
+ The nonce.
+
+
+
+ Gets or sets the UTC creation date of this token.
+
+ The UTC creation date.
+
+
+
+ Gets or sets the signature.
+
+ The signature.
+
+
+
+ Gets or sets the message that delivered this DataBag instance to this host.
+
+
+
+
+ Gets the type of this instance.
+
+ The type of the bag.
+
+ This ensures that one token cannot be misused as another kind of token.
+
+
+
+
+ Translates between a and the number of seconds between it and 1/1/1970 12 AM
+
+
+
+
+ The reference date and time for calculating time stamps.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Encodes the specified value.
+
+ The value. Guaranteed to never be null.
+
+ The in string form, ready for message transport.
+
+
+
+
+ Decodes the specified value.
+
+ The string value carried by the transport. Guaranteed to never be null, although it may be empty.
+
+ The deserialized form of the given string.
+
+ Thrown when the string value given cannot be decoded into the required object type.
+
+
+
+ The interface that classes must implement to be serialized/deserialized
+ as protocol or extension messages that uses POST multi-part data for binary content.
+
+
+
+
+ Implemented by messages that have explicit recipients
+ (direct requests and all indirect messages).
+
+
+
+
+ Gets the preferred method of transport for the message.
+
+
+ For indirect messages this will likely be GET+POST, which both can be simulated in the user agent:
+ the GET with a simple 301 Redirect, and the POST with an HTML form in the response with javascript
+ to automate submission.
+
+
+
+
+ Gets the URL of the intended receiver of this message.
+
+
+
+
+ Gets the parts of the message that carry binary data.
+
+ A list of parts. Never null.
+
+
+
+ Gets a value indicating whether this message should be sent as multi-part POST.
+
+
+
+
+ The contract class for the interface.
+
+
+
+
+ Prevents a default instance of the class from being created.
+
+
+
+
+ Checks the message state for conformity to the protocol specification
+ and throws an exception if the message is invalid.
+
+
+ Some messages have required fields, or combinations of fields that must relate to each other
+ in specialized ways. After deserializing a message, this method checks the state of the
+ message to see if it conforms to the protocol.
+ Note that this property should not check signatures or perform any state checks
+ outside this scope of this particular message.
+
+ Thrown if the message is invalid.
+
+
+
+ Gets the parts of the message that carry binary data.
+
+ A list of parts. Never null.
+
+
+
+ Gets a value indicating whether this message should be sent as multi-part POST.
+
+
+
+
+ Gets the version of the protocol or extension this message is prepared to implement.
+
+
+
+ Implementations of this interface should ensure that this property never returns null.
+
+
+
+
+ Gets the extra, non-standard Protocol parameters included in the message.
+
+
+
+ Implementations of this interface should ensure that this property never returns null.
+
+
+
+
+ Gets the preferred method of transport for the message.
+
+
+ For indirect messages this will likely be GET+POST, which both can be simulated in the user agent:
+ the GET with a simple 301 Redirect, and the POST with an HTML form in the response with javascript
+ to automate submission.
+
+
+
+
+ Gets the URL of the intended receiver of this message.
+
+
+
+
+ Gets the level of protection this message requires.
+
+
+
+
+ Gets a value indicating whether this is a direct or indirect message.
+
+
+
+
+ The data packet sent with Channel events.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The message behind the fired event..
+
+
+
+ Gets the message that caused the event to fire.
+
+
+
+
+ An in-memory nonce store. Useful for single-server web applications.
+ NOT for web farms.
+
+
+
+
+ Describes the contract a nonce store must fulfill.
+
+
+
+
+ Stores a given nonce and timestamp.
+
+ The context, or namespace, within which the
+ must be unique.
+ The context SHOULD be treated as case-sensitive.
+ The value will never be null but may be the empty string.
+ A series of random characters.
+ The UTC timestamp that together with the nonce string make it unique
+ within the given .
+ The timestamp may also be used by the data store to clear out old nonces.
+
+ True if the context+nonce+timestamp (combination) was not previously in the database.
+ False if the nonce was stored previously with the same timestamp and context.
+
+
+ The nonce must be stored for no less than the maximum time window a message may
+ be processed within before being discarded as an expired message.
+ This maximum message age can be looked up via the
+
+ property, accessible via the
+ property.
+
+
+
+
+ How frequently we should take time to clear out old nonces.
+
+
+
+
+ The maximum age a message can be before it is discarded.
+
+
+ This is useful for knowing how long used nonces must be retained.
+
+
+
+
+ A list of the consumed nonces.
+
+
+
+
+ A lock object used around accesses to the field.
+
+
+
+
+ Where we're currently at in our periodic nonce cleaning cycle.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The maximum age a message can be before it is discarded.
+
+
+
+ Stores a given nonce and timestamp.
+
+ The context, or namespace, within which the must be unique.
+ A series of random characters.
+ The timestamp that together with the nonce string make it unique.
+ The timestamp may also be used by the data store to clear out old nonces.
+
+ True if the nonce+timestamp (combination) was not previously in the database.
+ False if the nonce was stored previously with the same timestamp.
+
+
+ The nonce must be stored for no less than the maximum time window a message may
+ be processed within before being discarded as an expired message.
+ If the binding element is applicable to your channel, this expiration window
+ is retrieved or set using the
+ property.
+
+
+
+
+ Clears consumed nonces from the cache that are so old they would be
+ rejected if replayed because it is expired.
+
+
+
+
+ A contract for handling.
+
+
+ Implementations of this interface must be thread safe.
+
+
+
+
+ Determines whether this instance can support the specified options.
+
+ The set of options that might be given in a subsequent web request.
+
+ true if this instance can support the specified options; otherwise, false.
+
+
+
+
+ Prepares an that contains an POST entity for sending the entity.
+
+ The that should contain the entity.
+
+ The stream the caller should write out the entity data to.
+
+ Thrown for any network error.
+
+ The caller should have set the
+ and any other appropriate properties before calling this method.
+ Callers must close and dispose of the request stream when they are done
+ writing to it to avoid taking up the connection too long and causing long waits on
+ subsequent requests.
+ Implementations should catch and wrap it in a
+ to abstract away the transport and provide
+ a single exception type for hosts to catch.
+
+
+
+
+ Prepares an that contains an POST entity for sending the entity.
+
+ The that should contain the entity.
+ The options to apply to this web request.
+
+ The stream the caller should write out the entity data to.
+
+ Thrown for any network error.
+
+ The caller should have set the
+ and any other appropriate properties before calling this method.
+ Callers must close and dispose of the request stream when they are done
+ writing to it to avoid taking up the connection too long and causing long waits on
+ subsequent requests.
+ Implementations should catch and wrap it in a
+ to abstract away the transport and provide
+ a single exception type for hosts to catch.
+
+
+
+
+ Processes an and converts the
+ to a instance.
+
+ The to handle.
+ An instance of describing the response.
+ Thrown for any network error.
+
+ Implementations should catch and wrap it in a
+ to abstract away the transport and provide
+ a single exception type for hosts to catch. The
+ value, if set, should be Closed before throwing.
+
+
+
+
+ Processes an and converts the
+ to a instance.
+
+ The to handle.
+ The options to apply to this web request.
+ An instance of describing the response.
+ Thrown for any network error.
+
+ Implementations should catch and wrap it in a
+ to abstract away the transport and provide
+ a single exception type for hosts to catch. The
+ value, if set, should be Closed before throwing.
+
+
+
+
+ Code contract for the type.
+
+
+
+
+ Determines whether this instance can support the specified options.
+
+ The set of options that might be given in a subsequent web request.
+
+ true if this instance can support the specified options; otherwise, false.
+
+
+
+
+ Prepares an that contains an POST entity for sending the entity.
+
+ The that should contain the entity.
+
+ The stream the caller should write out the entity data to.
+
+ Thrown for any network error.
+
+ The caller should have set the
+ and any other appropriate properties before calling this method.
+ Callers must close and dispose of the request stream when they are done
+ writing to it to avoid taking up the connection too long and causing long waits on
+ subsequent requests.
+ Implementations should catch and wrap it in a
+ to abstract away the transport and provide
+ a single exception type for hosts to catch.
+
+
+
+
+ Prepares an that contains an POST entity for sending the entity.
+
+ The that should contain the entity.
+ The options to apply to this web request.
+
+ The stream the caller should write out the entity data to.
+
+ Thrown for any network error.
+
+ The caller should have set the
+ and any other appropriate properties before calling this method.
+ Callers must close and dispose of the request stream when they are done
+ writing to it to avoid taking up the connection too long and causing long waits on
+ subsequent requests.
+ Implementations should catch and wrap it in a
+ to abstract away the transport and provide
+ a single exception type for hosts to catch.
+
+
+
+
+ Processes an and converts the
+ to a instance.
+
+ The to handle.
+
+ An instance of describing the response.
+
+ Thrown for any network error.
+
+ Implementations should catch and wrap it in a
+ to abstract away the transport and provide
+ a single exception type for hosts to catch. The
+ value, if set, should be Closed before throwing.
+
+
+
+
+ Processes an and converts the
+ to a instance.
+
+ The to handle.
+ The options to apply to this web request.
+
+ An instance of describing the response.
+
+ Thrown for any network error.
+
+ Implementations should catch and wrap it in a
+ to abstract away the transport and provide
+ a single exception type for hosts to catch. The
+ value, if set, should be Closed before throwing.
+
+
+
+
+ A binding element that checks/verifies a nonce message part.
+
+
+
+
+ An interface that must be implemented by message transforms/validators in order
+ to be included in the channel stack.
+
+
+
+
+ Prepares a message for sending based on the rules of this channel binding element.
+
+ The message to prepare for sending.
+
+ The protections (if any) that this binding element applied to the message.
+ Null if this binding element did not even apply to this binding element.
+
+
+ Implementations that provide message protection must honor the
+ properties where applicable.
+
+
+
+
+ Performs any transformation on an incoming message that may be necessary and/or
+ validates an incoming message based on the rules of this channel binding element.
+
+ The incoming message to process.
+
+ The protections (if any) that this binding element applied to the message.
+ Null if this binding element did not even apply to this binding element.
+
+
+ Thrown when the binding element rules indicate that this message is invalid and should
+ NOT be processed.
+
+
+ Implementations that provide message protection must honor the
+ properties where applicable.
+
+
+
+
+ Gets or sets the channel that this binding element belongs to.
+
+
+ This property is set by the channel when it is first constructed.
+
+
+
+
+ Gets the protection commonly offered (if any) by this binding element.
+
+
+ This value is used to assist in sorting binding elements in the channel stack.
+
+
+
+
+ These are the characters that may be chosen from when forming a random nonce.
+
+
+
+
+ The persistent store for nonces received.
+
+
+
+
+ The length of generated nonces.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The store where nonces will be persisted and checked.
+
+
+
+ Initializes a new instance of the class.
+
+ The store where nonces will be persisted and checked.
+ A value indicating whether zero-length nonces will be allowed.
+
+
+
+ Applies a nonce to the message.
+
+ The message to apply replay protection to.
+
+ The protections (if any) that this binding element applied to the message.
+ Null if this binding element did not even apply to this binding element.
+
+
+
+
+ Verifies that the nonce in an incoming message has not been seen before.
+
+ The incoming message.
+
+ The protections (if any) that this binding element applied to the message.
+ Null if this binding element did not even apply to this binding element.
+
+ Thrown when the nonce check revealed a replayed message.
+
+
+
+ Generates a string of random characters for use as a nonce.
+
+ The nonce string.
+
+
+
+ Gets the protection that this binding element provides messages.
+
+
+
+
+ Gets or sets the channel that this binding element belongs to.
+
+
+
+
+ Gets or sets the strength of the nonce, which is measured by the number of
+ nonces that could theoretically be generated.
+
+
+ The strength of the nonce is equal to the number of characters that might appear
+ in the nonce to the power of the length of the nonce.
+
+
+
+
+ Gets or sets a value indicating whether empty nonces are allowed.
+
+ Default is false.
+
+
+
+ Applied to fields and properties that form a key/value in a protocol message.
+
+
+
+
+ The overridden name to use as the serialized name for the property.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+ A special name to give the value of this member in the serialized message.
+ When null or empty, the name of the member will be used in the serialized message.
+
+
+
+
+ Gets the name of the serialized form of this member in the message.
+
+
+
+
+ Gets or sets the level of protection required by this member in the serialized message.
+
+
+ Message part protection must be provided and verified by the channel binding element(s)
+ that provide security.
+
+
+
+
+ Gets or sets a value indicating whether this member is a required part of the serialized message.
+
+
+
+
+ Gets or sets a value indicating whether the string value is allowed to be empty in the serialized message.
+
+ Default is true.
+
+
+
+ Gets or sets an IMessagePartEncoder custom encoder to use
+ to translate the applied member to and from a string.
+
+
+
+
+ Gets or sets the minimum version of the protocol this attribute applies to
+ and overrides any attributes with lower values for this property.
+
+ Defaults to 0.0.
+
+
+
+ Gets or sets the maximum version of the protocol this attribute applies to.
+
+ Defaults to int.MaxValue for the major version number.
+
+ Specifying on another attribute on the same member
+ automatically turns this attribute off. This property should only be set when
+ a property is totally dropped from a newer version of the protocol.
+
+
+
+
+ Gets or sets a value indicating whether the value contained by this property contains
+ sensitive information that should generally not be logged.
+
+
+ true if this instance is security sensitive; otherwise, false.
+
+
+
+
+ Gets or sets the minimum version of the protocol this attribute applies to
+ and overrides any attributes with lower values for this property.
+
+ Defaults to 0.0.
+
+
+
+ Gets or sets the maximum version of the protocol this attribute applies to.
+
+ Defaults to int.MaxValue for the major version number.
+
+ Specifying on another attribute on the same member
+ automatically turns this attribute off. This property should only be set when
+ a property is totally dropped from a newer version of the protocol.
+
+
+
+
+ Categorizes the various types of channel binding elements so they can be properly ordered.
+
+
+ The order of these enum values is significant.
+ Each successive value requires the protection offered by all the previous values
+ in order to be reliable. For example, message expiration is meaningless without
+ tamper protection to prevent a user from changing the timestamp on a message.
+
+
+
+
+ No protection.
+
+
+
+
+ A binding element that signs a message before sending and validates its signature upon receiving.
+
+
+
+
+ A binding element that enforces a maximum message age between sending and processing on the receiving side.
+
+
+
+
+ A binding element that prepares messages for replay detection and detects replayed messages on the receiving side.
+
+
+
+
+ All forms of protection together.
+
+
+
+
+ Code Contract for the interface.
+
+
+
+
+ Prevents a default instance of the class from being created.
+
+
+
+
+ Prepares a message for sending based on the rules of this channel binding element.
+
+ The message to prepare for sending.
+
+ The protections (if any) that this binding element applied to the message.
+ Null if this binding element did not even apply to this binding element.
+
+
+ Implementations that provide message protection must honor the
+ properties where applicable.
+
+
+
+
+ Performs any transformation on an incoming message that may be necessary and/or
+ validates an incoming message based on the rules of this channel binding element.
+
+ The incoming message to process.
+
+ The protections (if any) that this binding element applied to the message.
+ Null if this binding element did not even apply to this binding element.
+
+
+ Thrown when the binding element rules indicate that this message is invalid and should
+ NOT be processed.
+
+
+ Implementations that provide message protection must honor the
+ properties where applicable.
+
+
+
+
+ Gets or sets the channel that this binding element belongs to.
+
+
+
+ This property is set by the channel when it is first constructed.
+
+
+
+
+ Gets the protection commonly offered (if any) by this binding element.
+
+
+
+ This value is used to assist in sorting binding elements in the channel stack.
+
+
+
+
+ An exception thrown when a message is received for the second time, signalling a possible
+ replay attack.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The replayed message.
+
+
+
+ Initializes a new instance of the class.
+
+ The
+ that holds the serialized object data about the exception being thrown.
+ The System.Runtime.Serialization.StreamingContext
+ that contains contextual information about the source or destination.
+
+
+
+ An exception thrown when a message is received that exceeds the maximum message age limit.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The date the message expired.
+ The expired message.
+
+
+
+ Initializes a new instance of the class.
+
+ The
+ that holds the serialized object data about the exception being thrown.
+ The System.Runtime.Serialization.StreamingContext
+ that contains contextual information about the source or destination.
+
+
+
+ An exception thrown when a signed message does not pass signature validation.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The message with the invalid signature.
+
+
+
+ Initializes a new instance of the class.
+
+ The
+ that holds the serialized object data about the exception being thrown.
+ The System.Runtime.Serialization.StreamingContext
+ that contains contextual information about the source or destination.
+
+
+
+ The contract a message that has an allowable time window for processing must implement.
+
+
+ All replay-protected messages must also be set to expire so the nonces do not have
+ to be stored indefinitely.
+
+
+
+
+ The contract a message that has an allowable time window for processing must implement.
+
+
+ All expiring messages must also be signed to prevent tampering with the creation date.
+
+
+
+
+ Gets or sets the UTC date/time the message was originally sent onto the network.
+
+
+ The property setter should ensure a UTC date/time,
+ and throw an exception if this is not possible.
+
+
+ Thrown when a DateTime that cannot be converted to UTC is set.
+
+
+
+
+ Gets the context within which the nonce must be unique.
+
+
+ The value of this property must be a value assigned by the nonce consumer
+ to represent the entity that generated the nonce. The value must never be
+ null but may be the empty string.
+ This value is treated as case-sensitive.
+
+
+
+
+ Gets or sets the nonce that will protect the message from replay attacks.
+
+
+
+
+ A property store of details of an incoming HTTP request.
+
+
+ This serves a very similar purpose to , except that
+ ASP.NET does not let us fully initialize that class, so we have to write one
+ of our one.
+
+
+
+
+ The HTTP verb in the request.
+
+
+
+
+ The full request URL.
+
+
+
+
+ The HTTP headers.
+
+
+
+
+ The variables defined in the query part of the URL.
+
+
+
+
+ The POSTed form variables.
+
+
+
+
+ The server variables collection.
+
+
+
+
+ The backing field for the property.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The request.
+ The request URI.
+
+
+
+ Initializes a new instance of the class.
+
+ The HTTP method.
+ The request URI.
+ The form variables.
+ The HTTP headers.
+ The cookies in the request.
+
+
+
+ Initializes a new instance of the class.
+
+ Details on the incoming HTTP request.
+
+
+
+ Initializes a new instance of the class.
+
+ The HTTP method.
+ The request URI.
+ The headers.
+ The input stream.
+
+
+
+ Creates an instance that describes the specified HTTP request.
+
+ The request.
+ The request URI.
+ An instance of .
+
+
+
+ Creates an instance that describes the specified HTTP request.
+
+ The listener request.
+ An instance of .
+
+
+
+ Creates an instance that describes the specified HTTP request.
+
+ The HTTP method.
+ The request URI.
+ The form variables.
+ The HTTP headers.
+ An instance of .
+
+
+
+ Creates an instance that describes the specified HTTP request.
+
+ The HTTP method.
+ The request URI.
+ The headers.
+ The input stream.
+ An instance of .
+
+
+
+ Reads name=value pairs from the POSTed form entity when the HTTP headers indicate that that is the payload of the entity.
+
+ The HTTP method.
+ The headers.
+ A function that returns the input stream.
+ The non-null collection of form variables.
+
+
+
+ Gets the HTTP method.
+
+
+
+
+ Gets the headers.
+
+
+
+
+ Gets the URL.
+
+
+
+
+ Gets the raw URL.
+
+
+
+
+ Gets the form.
+
+
+
+
+ Gets the query string.
+
+
+
+
+ Gets the server variables.
+
+
+
+
+ Gets the collection of cookies that were sent by the client.
+
+ The client's cookies.
+
+
+
+ Code contract for the interface.
+
+
+
+
+ Prevents a default instance of the class from being created.
+
+
+
+
+ Analyzes an incoming request message payload to discover what kind of
+ message is embedded in it and returns the type, or null if no match is found.
+
+ The intended or actual recipient of the request message.
+ The name/value pairs that make up the message payload.
+
+ A newly instantiated -derived object that this message can
+ deserialize to. Null if the request isn't recognized as a valid protocol message.
+
+
+
+
+ Analyzes an incoming request message payload to discover what kind of
+ message is embedded in it and returns the type, or null if no match is found.
+
+ The message that was sent as a request that resulted in the response.
+ The name/value pairs that make up the message payload.
+
+ A newly instantiated -derived object that this message can
+ deserialize to. Null if the request isn't recognized as a valid protocol message.
+
+
+
+
+ The contract a message that is signed must implement.
+
+
+ This type might have appeared in the DotNetOpenAuth.Messaging.Bindings namespace since
+ it is only used by types in that namespace, but all those types are internal and this
+ is the only one that was public.
+
+
+
+
+ Gets or sets the message signature.
+
+
+
+
+ Serializes/deserializes OAuth messages for/from transit.
+
+
+
+
+ The specific -derived type
+ that will be serialized and deserialized using this class.
+
+
+
+
+ Initializes a new instance of the MessageSerializer class.
+
+ The specific -derived type
+ that will be serialized and deserialized using this class.
+
+
+
+ Creates or reuses a message serializer for a given message type.
+
+ The type of message that will be serialized/deserialized.
+ A message serializer for the given message type.
+
+
+
+ Reads JSON as a flat dictionary into a message.
+
+ The message dictionary to fill with the JSON-deserialized data.
+ The JSON reader.
+
+
+
+ Reads the data from a message instance and writes an XML/JSON encoding of it.
+
+ The message to be serialized.
+ The writer to use for the serialized form.
+
+ Use
+ to create the instance capable of emitting JSON.
+
+
+
+
+ Reads XML/JSON into a message dictionary.
+
+ The message to deserialize into.
+ The XML/JSON to read into the message.
+ Thrown when protocol rules are broken by the incoming message.
+
+ Use
+ to create the instance capable of reading JSON.
+
+
+
+
+ Reads the data from a message instance and returns a series of name=value pairs for the fields that must be included in the message.
+
+ The message to be serialized.
+ The dictionary of values to send for the message.
+
+
+
+ Reads name=value pairs into a message.
+
+ The name=value pairs that were read in from the transport.
+ The message to deserialize into.
+ Thrown when protocol rules are broken by the incoming message.
+
+
+
+ Determines whether the specified type is numeric.
+
+ The type to test.
+
+ true if the specified type is numeric; otherwise, false.
+
+
+
+
+ A strongly-typed resource class, for looking up localized strings, etc.
+
+
+
+
+ Returns the cached ResourceManager instance used by this class.
+
+
+
+
+ Overrides the current thread's CurrentUICulture property for all
+ resource lookups using this strongly typed resource class.
+
+
+
+
+ Looks up a localized string similar to Argument's {0}.{1} property is required but is empty or null..
+
+
+
+
+ Looks up a localized string similar to Unable to send all message data because some of it requires multi-part POST, but IMessageWithBinaryData.SendAsMultipart was false..
+
+
+
+
+ Looks up a localized string similar to HttpContext.Current is null. There must be an ASP.NET request in process for this operation to succeed..
+
+
+
+
+ Looks up a localized string similar to DataContractSerializer could not be initialized on message type {0}. Is it missing a [DataContract] attribute?.
+
+
+
+
+ Looks up a localized string similar to DataContractSerializer could not be initialized on message type {0} because the DataContractAttribute.Namespace property is not set..
+
+
+
+
+ Looks up a localized string similar to Decoding failed due to data corruption..
+
+
+
+
+ Looks up a localized string similar to An instance of type {0} was expected, but received unexpected derived type {1}..
+
+
+
+
+ Looks up a localized string similar to The directed message's Recipient property must not be null..
+
+
+
+
+ Looks up a localized string similar to The given set of options is not supported by this web request handler..
+
+
+
+
+ Looks up a localized string similar to Unable to instantiate the message part encoder/decoder type {0}..
+
+
+
+
+ Looks up a localized string similar to Error while deserializing message {0}..
+
+
+
+
+ Looks up a localized string similar to Error occurred while sending a direct message or getting the response..
+
+
+
+
+ Looks up a localized string similar to This exception was not constructed with a root request message that caused it..
+
+
+
+
+ Looks up a localized string similar to This exception must be instantiated with a recipient that will receive the error message, or a direct request message instance that this exception will respond to..
+
+
+
+
+ Looks up a localized string similar to Expected {0} message but received no recognizable message..
+
+
+
+
+ Looks up a localized string similar to The message part {0} was expected in the {1} message but was not found..
+
+
+
+
+ Looks up a localized string similar to The message expired at {0} and it is now {1}..
+
+
+
+
+ Looks up a localized string similar to Failed to add extra parameter '{0}' with value '{1}'..
+
+
+
+
+ Looks up a localized string similar to At least one of GET or POST flags must be present..
+
+
+
+
+ Looks up a localized string similar to This method requires a current HttpContext. Alternatively, use an overload of this method that allows you to pass in information without an HttpContext..
+
+
+
+
+ Looks up a localized string similar to Messages that indicate indirect transport must implement the {0} interface..
+
+
+
+
+ Looks up a localized string similar to Insecure web request for '{0}' aborted due to security requirements demanding HTTPS..
+
+
+
+
+ Looks up a localized string similar to The {0} message required protections {{{1}}} but the channel could only apply {{{2}}}..
+
+
+
+
+ Looks up a localized string similar to The customized binding element ordering is invalid..
+
+
+
+
+ Looks up a localized string similar to Some part(s) of the message have invalid values: {0}.
+
+
+
+
+ Looks up a localized string similar to The incoming message had an invalid or missing nonce..
+
+
+
+
+ Looks up a localized string similar to An item with the same key has already been added..
+
+
+
+
+ Looks up a localized string similar to Message too large for a HTTP GET, and HTTP POST is not allowed for this message type..
+
+
+
+
+ Looks up a localized string similar to The {0} message does not support extensions..
+
+
+
+
+ Looks up a localized string similar to The value for {0}.{1} on member {1} was expected to derive from {2} but was {3}..
+
+
+
+
+ Looks up a localized string similar to Error while reading message '{0}' parameter '{1}' with value '{2}'..
+
+
+
+
+ Looks up a localized string similar to Message parameter '{0}' with value '{1}' failed to base64 decode..
+
+
+
+
+ Looks up a localized string similar to Error while preparing message '{0}' parameter '{1}' for sending..
+
+
+
+
+ Looks up a localized string similar to This message has a timestamp of {0}, which is beyond the allowable clock skew for in the future..
+
+
+
+
+ Looks up a localized string similar to Missing decryption key for bucket "{0}" handle "{1}".
+
+
+
+
+ Looks up a localized string similar to A non-empty string was expected..
+
+
+
+
+ Looks up a localized string similar to A message response is already queued for sending in the response stream..
+
+
+
+
+ Looks up a localized string similar to This message has already been processed. This could indicate a replay attack in progress..
+
+
+
+
+ Looks up a localized string similar to This channel does not support replay protection..
+
+
+
+
+ Looks up a localized string similar to The following message parts had constant value requirements that were unsatisfied: {0}.
+
+
+
+
+ Looks up a localized string similar to The following required non-empty parameters were empty in the {0} message: {1}.
+
+
+
+
+ Looks up a localized string similar to The following required parameters were missing from the {0} message: {1}.
+
+
+
+
+ Looks up a localized string similar to The binding element offering the {0} protection requires other protection that is not provided..
+
+
+
+
+ Looks up a localized string similar to The list is empty..
+
+
+
+
+ Looks up a localized string similar to The list contains a null element..
+
+
+
+
+ Looks up a localized string similar to An HttpContext.Current.Session object is required..
+
+
+
+
+ Looks up a localized string similar to Message signature was incorrect..
+
+
+
+
+ Looks up a localized string similar to This channel does not support signing messages. To support signing messages, a derived Channel type must override the Sign and IsSignatureValid methods..
+
+
+
+
+ Looks up a localized string similar to This message factory does not support message type(s): {0}.
+
+
+
+
+ Looks up a localized string similar to The stream must have a known length..
+
+
+
+
+ Looks up a localized string similar to The stream's CanRead property returned false..
+
+
+
+
+ Looks up a localized string similar to The stream's CanWrite property returned false..
+
+
+
+
+ Looks up a localized string similar to Expected at most 1 binding element to apply the {0} protection, but more than one applied..
+
+
+
+
+ Looks up a localized string similar to The maximum allowable number of redirects were exceeded while requesting '{0}'..
+
+
+
+
+ Looks up a localized string similar to Unexpected buffer length..
+
+
+
+
+ Looks up a localized string similar to The array must not be empty..
+
+
+
+
+ Looks up a localized string similar to The empty string is not allowed..
+
+
+
+
+ Looks up a localized string similar to Expected direct response to use HTTP status code {0} but was {1} instead..
+
+
+
+
+ Looks up a localized string similar to Message parameter '{0}' had unexpected value '{1}'..
+
+
+
+
+ Looks up a localized string similar to Expected message {0} parameter '{1}' to have value '{2}' but had '{3}' instead..
+
+
+
+
+ Looks up a localized string similar to Expected message {0} but received {1} instead..
+
+
+
+
+ Looks up a localized string similar to Unexpected message type received..
+
+
+
+
+ Looks up a localized string similar to A null key was included and is not allowed..
+
+
+
+
+ Looks up a localized string similar to A null or empty key was included and is not allowed..
+
+
+
+
+ Looks up a localized string similar to A null value was included for key '{0}' and is not allowed..
+
+
+
+
+ Looks up a localized string similar to The type {0} or a derived type was expected, but {1} was given..
+
+
+
+
+ Looks up a localized string similar to {0} property has unrecognized value {1}..
+
+
+
+
+ Looks up a localized string similar to The URL '{0}' is rated unsafe and cannot be requested this way..
+
+
+
+
+ Looks up a localized string similar to This blob is not a recognized encryption format..
+
+
+
+
+ Looks up a localized string similar to The HTTP verb '{0}' is unrecognized and unsupported..
+
+
+
+
+ Looks up a localized string similar to '{0}' messages cannot be received with HTTP verb '{1}'..
+
+
+
+
+ Looks up a localized string similar to Redirects on POST requests that are to untrusted servers is not supported..
+
+
+
+
+ Looks up a localized string similar to Web request to '{0}' failed..
+
+
+
+
+ A grab-bag of utility methods useful for the channel stack of the protocol.
+
+
+
+
+ The uppercase alphabet.
+
+
+
+
+ The lowercase alphabet.
+
+
+
+
+ The set of base 10 digits.
+
+
+
+
+ The set of digits and alphabetic letters (upper and lowercase).
+
+
+
+
+ All the characters that are allowed for use as a base64 encoding character.
+
+
+
+
+ All the characters that are allowed for use as a base64 encoding character
+ in the "web safe" context.
+
+
+
+
+ The set of digits, and alphabetic letters (upper and lowercase) that are clearly
+ visually distinguishable.
+
+
+
+
+ The length of private symmetric secret handles.
+
+
+ This value needn't be high, as we only expect to have a small handful of unexpired secrets at a time,
+ and handle recycling is permissible.
+
+
+
+
+ The cryptographically strong random data generator used for creating secrets.
+
+ The random number generator is thread-safe.
+
+
+
+ The default lifetime of a private secret.
+
+
+
+
+ A character array containing just the = character.
+
+
+
+
+ A character array containing just the , character.
+
+
+
+
+ A character array containing just the " character.
+
+
+
+
+ The set of characters that are unreserved in RFC 2396 but are NOT unreserved in RFC 3986.
+
+
+
+
+ A set of escaping mappings that help secure a string from javscript execution.
+
+
+ The characters to escape here are inspired by
+ http://code.google.com/p/doctype/wiki/ArticleXSSInJavaScript
+
+
+
+
+ Transforms an OutgoingWebResponse to an MVC-friendly ActionResult.
+
+ The response to send to the user agent.
+ The instance to be returned by the Controller's action method.
+
+
+
+ Gets the original request URL, as seen from the browser before any URL rewrites on the server if any.
+ Cookieless session directory (if applicable) is also included.
+
+ The URL in the user agent's Location bar.
+
+
+
+ Strips any and all URI query parameters that start with some prefix.
+
+ The URI that may have a query with parameters to remove.
+ The prefix for parameters to remove. A period is NOT automatically appended.
+ Either a new Uri with the parameters removed if there were any to remove, or the same Uri instance if no parameters needed to be removed.
+
+
+
+ Sends a multipart HTTP POST request (useful for posting files).
+
+ The HTTP request.
+ The request handler.
+ The parts to include in the POST entity.
+ The HTTP response.
+
+
+
+ Assembles a message comprised of the message on a given exception and all inner exceptions.
+
+ The exception.
+ The assembled message.
+
+
+
+ Flattens the specified sequence of sequences.
+
+ The type of element contained in the sequence.
+ The sequence of sequences to flatten.
+ A sequence of the contained items.
+
+
+
+ Cuts off precision beyond a second on a DateTime value.
+
+ The value.
+ A DateTime with a 0 millisecond component.
+
+
+
+ Adds a name-value pair to the end of a given URL
+ as part of the querystring piece. Prefixes a ? or & before
+ first element as necessary.
+
+ The UriBuilder to add arguments to.
+ The name of the parameter to add.
+ The value of the argument.
+
+ If the parameters to add match names of parameters that already are defined
+ in the query string, the existing ones are not replaced.
+
+
+
+
+ Adds a set of values to a collection.
+
+ The type of value kept in the collection.
+ The collection to add to.
+ The values to add to the collection.
+
+
+
+ Tests whether two timespans are within reasonable approximation of each other.
+
+ One TimeSpan.
+ The other TimeSpan.
+ The allowable margin of error.
+ true if the two TimeSpans are within of each other.
+
+
+
+ Compares to string values for ordinal equality in such a way that its execution time does not depend on how much of the value matches.
+
+ The first value.
+ The second value.
+ A value indicating whether the two strings share ordinal equality.
+
+ In signature equality checks, a difference in execution time based on how many initial characters match MAY
+ be used as an attack to figure out the expected signature. It is therefore important to make a signature
+ equality check's execution time independent of how many characters match the expected value.
+ See http://codahale.com/a-lesson-in-timing-attacks/ for more information.
+
+
+
+
+ Gets the public facing URL for the given incoming HTTP request.
+
+ The incoming request. Cannot be null.
+ The server variables to consider part of the request. Cannot be null.
+
+ The URI that the outside world used to create this request.
+
+
+ Although the value can be obtained from
+ , it's useful to be able to pass them
+ in so we can simulate injected values from our unit tests since the actual property
+ is a read-only kind of .
+
+
+
+
+ Gets the public facing URL for the given incoming HTTP request.
+
+ The incoming request. Cannot be null. Server variables are read from this request.
+ The URI that the outside world used to create this request.
+
+
+
+ Gets the URL to the root of a web site, which may include a virtual directory path.
+
+ An absolute URI.
+
+
+
+ Creates the XML reader settings to use for reading XML from untrusted sources.
+
+
+ The new instance of .
+
+
+ The default values set here are based on recommendations from
+ http://msdn.microsoft.com/en-us/magazine/ee335713.aspx
+
+
+
+
+ Clears any existing elements in a collection and fills the collection with a given set of values.
+
+ The type of value kept in the collection.
+ The collection to modify.
+ The new values to fill the collection.
+
+
+
+ Strips any and all URI query parameters that serve as parts of a message.
+
+ The URI that may contain query parameters to remove.
+ The message description whose parts should be removed from the URL.
+ A cleaned URL.
+
+
+
+ Sends a multipart HTTP POST request (useful for posting files) but doesn't call GetResponse on it.
+
+ The HTTP request.
+ The request handler.
+ The parts to include in the POST entity.
+
+
+
+ Assembles the content of the HTTP Authorization or WWW-Authenticate header.
+
+ The fields to include.
+
+ A value prepared for an HTTP header.
+
+
+
+
+ Assembles the content of the HTTP Authorization or WWW-Authenticate header.
+
+ The scheme.
+ The fields to include.
+ A value prepared for an HTTP header.
+
+
+
+ Parses the authorization header.
+
+ The scheme. Must not be null or empty.
+ The authorization header. May be null or empty.
+ A sequence of key=value pairs discovered in the header. Never null, but may be empty.
+
+
+
+ Encodes a symmetric key handle and the blob that is encrypted/signed with that key into a single string
+ that can be decoded by .
+
+ The cryptographic key handle.
+ The encrypted/signed blob.
+ The combined encoded value.
+
+
+
+ Extracts the key handle and encrypted blob from a string previously returned from .
+
+ The message part. May be null if not applicable.
+ The value previously returned from .
+ The crypto key handle.
+ The encrypted/signed data.
+
+
+
+ Gets a buffer of random data (not cryptographically strong).
+
+ The length of the sequence to generate.
+ The generated values, which may contain zeros.
+
+
+
+ Gets a cryptographically strong random sequence of values.
+
+ The length of the sequence to generate.
+ The generated values, which may contain zeros.
+
+
+
+ Gets a cryptographically strong random string of base64 characters.
+
+ The length of the byte sequence to generate.
+ A base64 encoding of the generated random data,
+ whose length in characters will likely be greater than .
+
+
+
+ Gets a NON-cryptographically strong random string of base64 characters.
+
+ The length of the byte sequence to generate.
+ A value indicating whether web64 encoding is used to avoid the need to escape characters.
+
+ A base64 encoding of the generated random data,
+ whose length in characters will likely be greater than .
+
+
+
+
+ Gets a random string made up of a given set of allowable characters.
+
+ The length of the desired random string.
+ The allowable characters.
+ A random string.
+
+
+
+ Computes the hash of a string.
+
+ The hash algorithm to use.
+ The value to hash.
+ The encoding to use when converting the string to a byte array.
+ A base64 encoded string.
+
+
+
+ Computes the hash of a sequence of key=value pairs.
+
+ The hash algorithm to use.
+ The data to hash.
+ The encoding to use when converting the string to a byte array.
+ A base64 encoded string.
+
+
+
+ Computes the hash of a sequence of key=value pairs.
+
+ The hash algorithm to use.
+ The data to hash.
+ The encoding to use when converting the string to a byte array.
+ A base64 encoded string.
+
+
+
+ Encrypts a byte buffer.
+
+ The buffer to encrypt.
+ The symmetric secret to use to encrypt the buffer. Allowed values are 128, 192, or 256 bytes in length.
+ The encrypted buffer
+
+
+
+ Decrypts a byte buffer.
+
+ The buffer to decrypt.
+ The symmetric secret to use to decrypt the buffer. Allowed values are 128, 192, and 256.
+ The encrypted buffer
+
+
+
+ Encrypts a string.
+
+ The text to encrypt.
+ The symmetric secret to use to encrypt the buffer. Allowed values are 128, 192, and 256.
+ The encrypted buffer
+
+
+
+ Decrypts a string previously encrypted with .
+
+ The text to decrypt.
+ The symmetric secret to use to decrypt the buffer. Allowed values are 128, 192, and 256.
+ The encrypted buffer
+
+
+
+ Performs asymmetric encryption of a given buffer.
+
+ The asymmetric encryption provider to use for encryption.
+ The buffer to encrypt.
+ The encrypted data.
+
+
+
+ Performs asymmetric decryption of a given buffer.
+
+ The asymmetric encryption provider to use for decryption.
+ The buffer to decrypt.
+ The decrypted data.
+
+
+
+ Gets a key from a given bucket with the longest remaining life, or creates a new one if necessary.
+
+ The crypto key store.
+ The bucket where the key should be found or stored.
+ The minimum remaining life required on the returned key.
+ The required size of the key, in bits.
+
+ A key-value pair whose key is the secret's handle and whose value is the cryptographic key.
+
+
+
+
+ Compresses a given buffer.
+
+ The buffer to compress.
+ The compression algorithm to use.
+ The compressed data.
+
+
+
+ Decompresses a given buffer.
+
+ The buffer to decompress.
+ The compression algorithm used.
+ The decompressed data.
+
+
+
+ Converts to data buffer to a base64-encoded string, using web safe characters and with the padding removed.
+
+ The data buffer.
+ A web-safe base64-encoded string without padding.
+
+
+
+ Decodes a (web-safe) base64-string back to its binary buffer form.
+
+ The base64-encoded string. May be web-safe encoded.
+ A data buffer.
+
+
+
+ Adds a set of HTTP headers to an instance,
+ taking care to set some headers to the appropriate properties of
+
+
+ The headers to add.
+ The instance to set the appropriate values to.
+
+
+
+ Adds a set of HTTP headers to an instance,
+ taking care to set some headers to the appropriate properties of
+
+
+ The headers to add.
+ The instance to set the appropriate values to.
+
+
+
+ Copies the contents of one stream to another.
+
+ The stream to copy from, at the position where copying should begin.
+ The stream to copy to, at the position where bytes should be written.
+ The total number of bytes copied.
+
+ Copying begins at the streams' current positions.
+ The positions are NOT reset after copying is complete.
+
+
+
+
+ Copies the contents of one stream to another.
+
+ The stream to copy from, at the position where copying should begin.
+ The stream to copy to, at the position where bytes should be written.
+ The maximum bytes to copy.
+ The total number of bytes copied.
+
+ Copying begins at the streams' current positions.
+ The positions are NOT reset after copying is complete.
+
+
+
+
+ Creates a snapshot of some stream so it is seekable, and the original can be closed.
+
+ The stream to copy bytes from.
+ A seekable stream with the same contents as the original.
+
+
+
+ Clones an in order to send it again.
+
+ The request to clone.
+ The newly created instance.
+
+
+
+ Clones an in order to send it again.
+
+ The request to clone.
+ The new recipient of the request.
+ The newly created instance.
+
+
+
+ Tests whether two arrays are equal in contents and ordering.
+
+ The type of elements in the arrays.
+ The first array in the comparison. May be null.
+ The second array in the comparison. May be null.
+ True if the arrays equal; false otherwise.
+
+
+
+ Tests whether two arrays are equal in contents and ordering,
+ guaranteeing roughly equivalent execution time regardless of where a signature mismatch may exist.
+
+ The first array in the comparison. May not be null.
+ The second array in the comparison. May not be null.
+ True if the arrays equal; false otherwise.
+
+ Guaranteeing equal execution time is useful in mitigating against timing attacks on a signature
+ or other secret.
+
+
+
+
+ Tests two sequences for same contents and ordering.
+
+ The type of elements in the arrays.
+ The first sequence in the comparison. May not be null.
+ The second sequence in the comparison. May not be null.
+ True if the arrays equal; false otherwise.
+
+
+
+ Tests two unordered collections for same contents.
+
+ The type of elements in the collections.
+ The first collection in the comparison. May not be null.
+ The second collection in the comparison. May not be null.
+ True if the collections have the same contents; false otherwise.
+
+
+
+ Tests whether two dictionaries are equal in length and contents.
+
+ The type of keys in the dictionaries.
+ The type of values in the dictionaries.
+ The first dictionary in the comparison. May not be null.
+ The second dictionary in the comparison. May not be null.
+ True if the arrays equal; false otherwise.
+
+
+
+ Concatenates a list of name-value pairs as key=value&key=value,
+ taking care to properly encode each key and value for URL
+ transmission according to RFC 3986. No ? is prefixed to the string.
+
+ The dictionary of key/values to read from.
+ The formulated querystring style string.
+
+
+
+ Adds a set of name-value pairs to the end of a given URL
+ as part of the querystring piece. Prefixes a ? or & before
+ first element as necessary.
+
+ The UriBuilder to add arguments to.
+
+ The arguments to add to the query.
+ If null, is not changed.
+
+
+ If the parameters to add match names of parameters that already are defined
+ in the query string, the existing ones are not replaced.
+
+
+
+
+ Adds a set of name-value pairs to the end of a given URL
+ as part of the fragment piece. Prefixes a # or & before
+ first element as necessary.
+
+ The UriBuilder to add arguments to.
+
+ The arguments to add to the query.
+ If null, is not changed.
+
+
+ If the parameters to add match names of parameters that already are defined
+ in the fragment, the existing ones are not replaced.
+
+
+
+
+ Adds parameters to a query string, replacing parameters that
+ match ones that already exist in the query string.
+
+ The UriBuilder to add arguments to.
+
+ The arguments to add to the query.
+ If null, is not changed.
+
+
+
+
+ Extracts the recipient from an HttpRequestInfo.
+
+ The request to get recipient information from.
+ The recipient.
+ Thrown if the HTTP request is something we can't handle.
+
+
+
+ Gets the enum value for a given HTTP verb.
+
+ The HTTP verb.
+ A enum value that is within the .
+ Thrown if the HTTP request is something we can't handle.
+
+
+
+ Gets the HTTP verb to use for a given enum value.
+
+ The HTTP method.
+ An HTTP verb, such as GET, POST, PUT, DELETE, PATCH, or OPTION.
+
+
+
+ Copies some extra parameters into a message.
+
+ The message to copy the extra data into.
+ The extra data to copy into the message. May be null to do nothing.
+
+
+
+ Collects a sequence of key=value pairs into a dictionary.
+
+ The type of the key.
+ The type of the value.
+ The sequence.
+ A dictionary.
+
+
+
+ Enumerates all members of the collection as key=value pairs.
+
+ The collection to enumerate.
+ A sequence of pairs.
+
+
+
+ Converts a to an IDictionary<string, string>.
+
+ The NameValueCollection to convert. May be null.
+ The generated dictionary, or null if is null.
+
+ If a null key is encountered, its value is ignored since
+ Dictionary<string, string> does not allow null keys.
+
+
+
+
+ Converts a to an IDictionary<string, string>.
+
+ The NameValueCollection to convert. May be null.
+
+ A value indicating whether a null key in the should be silently skipped since it is not a valid key in a Dictionary.
+ Use true to throw an exception if a null key is encountered.
+ Use false to silently continue converting the valid keys.
+
+ The generated dictionary, or null if is null.
+ Thrown if is true and a null key is encountered.
+
+
+
+ Converts a dictionary to a
+
+ The existing dictionary.
+ The new collection.
+
+
+
+ Sorts the elements of a sequence in ascending order by using a specified comparer.
+
+ The type of the elements of source.
+ The type of the key returned by keySelector.
+ A sequence of values to order.
+ A function to extract a key from an element.
+ A comparison function to compare keys.
+ An System.Linq.IOrderedEnumerable<TElement> whose elements are sorted according to a key.
+
+
+
+ Determines whether the specified message is a request (indirect message or direct request).
+
+ The message in question.
+
+ true if the specified message is a request; otherwise, false.
+
+
+ Although an may implement the
+ interface, it may only be doing that for its derived classes. These objects are only requests
+ if their property is non-null.
+
+
+
+
+ Determines whether the specified message is a direct response.
+
+ The message in question.
+
+ true if the specified message is a direct response; otherwise, false.
+
+
+ Although an may implement the
+ interface, it may only be doing
+ that for its derived classes. These objects are only requests if their
+ property is non-null.
+
+
+
+
+ Writes a buffer, prefixed with its own length.
+
+ The binary writer.
+ The buffer.
+
+
+
+ Reads a buffer that is prefixed with its own length.
+
+ The binary reader positioned at the buffer length.
+
+ The maximum size of the buffer that should be permitted.
+ Although the stream will indicate the size of the buffer, this mitigates data corruption
+ or DoS attacks causing the web server to allocate too much memory for a small data packet.
+
+ The read buffer.
+
+
+
+ Constructs a Javascript expression that will create an object
+ on the user agent when assigned to a variable.
+
+ The untrusted names and untrusted values to inject into the JSON object.
+ if set to true the values will NOT be escaped as if it were a pure string.
+ The Javascript JSON object as a string.
+
+
+
+ Serializes the given message as a JSON string.
+
+ The message to serialize.
+ The cached message descriptions to use for reflection.
+ A JSON string.
+
+
+
+ Serializes the given message as a JSON string.
+
+ The message to serialize.
+ The cached message descriptions to use for reflection.
+ The encoding to use. Defaults to
+ A JSON string.
+
+
+
+ Deserializes a JSON object into a message.
+
+ The buffer containing the JSON string.
+ The message to deserialize the object into.
+ The cache of message descriptions.
+ The encoding that the JSON bytes are in.
+
+
+
+ Prepares what SHOULD be simply a string value for safe injection into Javascript
+ by using appropriate character escaping.
+
+ The untrusted string value to be escaped to protected against XSS attacks. May be null.
+ The escaped string, surrounded by single-quotes.
+
+
+
+ Escapes a string according to the URI data string rules given in RFC 3986.
+
+ The value to escape.
+ The escaped value.
+
+ The method is supposed to take on
+ RFC 3986 behavior if certain elements are present in a .config file. Even if this
+ actually worked (which in my experiments it doesn't), we can't rely on every
+ host actually having this configuration element present.
+
+
+
+
+ Ensures that UTC times are converted to local times. Unspecified kinds are unchanged.
+
+ The date-time to convert.
+ The date-time in local time.
+
+
+
+ Ensures that local times are converted to UTC times. Unspecified kinds are unchanged.
+
+ The date-time to convert.
+ The date-time in UTC time.
+
+
+
+ Gets the query data from the original request (before any URL rewriting has occurred.)
+
+ The request.
+
+ A containing all the parameters in the query string.
+
+
+
+
+ Gets a value indicating whether the request's URL was rewritten by ASP.NET
+ or some other module.
+
+ The request.
+ A value indicating whether there is evidence that the URL of the request has been changed to some internal server (farm) representation.
+
+ true if this request's URL was rewritten; otherwise, false.
+
+
+
+
+ Gets the query or form data from the original request (before any URL rewriting has occurred.)
+
+ The request.
+
+ A set of name=value pairs.
+
+
+
+
+ Creates a symmetric algorithm for use in encryption/decryption.
+
+ The symmetric key to use for encryption/decryption.
+ A symmetric algorithm.
+
+
+
+ Gets a random number generator for use on the current thread only.
+
+
+
+
+ The available compression algorithms.
+
+
+
+
+ The Deflate algorithm.
+
+
+
+
+ The GZip algorithm.
+
+
+
+
+ A thread-safe, non-crypto random number generator.
+
+
+
+
+ The initializer of all new instances.
+
+
+
+
+ A thread-local instance of
+
+
+
+
+ Gets a random number generator for use on the current thread only.
+
+
+
+
+ A class to convert a into an .
+
+ The type of objects being compared.
+
+
+
+ The comparison method to use.
+
+
+
+
+ Initializes a new instance of the ComparisonHelper class.
+
+ The comparison method to use.
+
+
+
+ Compares two instances of .
+
+ The first object to compare.
+ The second object to compare.
+ Any of -1, 0, or 1 according to standard comparison rules.
+
+
+
+ A message expiration enforcing binding element that supports messages
+ implementing the interface.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Sets the timestamp on an outgoing message.
+
+ The outgoing message.
+
+ The protections (if any) that this binding element applied to the message.
+ Null if this binding element did not even apply to this binding element.
+
+
+
+
+ Reads the timestamp on a message and throws an exception if the message is too old.
+
+ The incoming message.
+
+ The protections (if any) that this binding element applied to the message.
+ Null if this binding element did not even apply to this binding element.
+
+ Thrown if the given message has already expired.
+
+ Thrown when the binding element rules indicate that this message is invalid and should
+ NOT be processed.
+
+
+
+
+ Gets the protection offered by this binding element.
+
+
+
+
+
+ Gets or sets the channel that this binding element belongs to.
+
+
+
+
+ Gets the maximum age a message implementing the
+ interface can be before
+ being discarded as too old.
+
+
+
+
+ A pair of conversion functions to map some type to a string and back again.
+
+
+
+
+ The mapping function that converts some custom type to a string.
+
+
+
+
+ The mapping function that converts some custom type to the original string
+ (possibly non-normalized) that represents it.
+
+
+
+
+ The mapping function that converts a string to some custom type.
+
+
+
+
+ Initializes a new instance of the struct.
+
+ The mapping function that converts some custom value to a string.
+ The mapping function that converts some custom value to its original (non-normalized) string. May be null if the same as the function.
+ The mapping function that converts a string to some custom value.
+
+
+
+ Initializes a new instance of the struct.
+
+ The encoder.
+
+
+
+ Gets the encoder.
+
+
+
+
+ A mapping between serialized key names and instances describing
+ those key/values pairs.
+
+
+
+
+ A mapping between the serialized key names and their
+ describing instances.
+
+
+
+
+ Initializes a new instance of the class.
+
+ Type of the message.
+ The message version.
+
+
+
+ Returns a that represents this instance.
+
+
+ A that represents this instance.
+
+
+
+
+ Gets a dictionary that provides read/write access to a message.
+
+ The message the dictionary should provide access to.
+ The dictionary accessor to the message
+
+
+
+ Gets a dictionary that provides read/write access to a message.
+
+ The message the dictionary should provide access to.
+ A value indicating whether this message dictionary will retrieve original values instead of normalized ones.
+ The dictionary accessor to the message
+
+
+
+ Ensures the message parts pass basic validation.
+
+ The key/value pairs of the serialized message.
+
+
+
+ Tests whether all the required message parts pass basic validation for the given data.
+
+ The key/value pairs of the serialized message.
+ A value indicating whether the provided data fits the message's basic requirements.
+
+
+
+ Verifies that a given set of keys include all the required parameters
+ for this message type or throws an exception.
+
+ The names of all parameters included in a message.
+ if set to true an exception is thrown on failure with details.
+ A value indicating whether the provided data fits the message's basic requirements.
+
+ Thrown when required parts of a message are not in
+ if is true.
+
+
+
+
+ Ensures the protocol message parts that must not be empty are in fact not empty.
+
+ A dictionary of key/value pairs that make up the serialized message.
+ if set to true an exception is thrown on failure with details.
+ A value indicating whether the provided data fits the message's basic requirements.
+
+ Thrown when required parts of a message are not in
+ if is true.
+
+
+
+
+ Checks that a bunch of message part values meet the constant value requirements of this message description.
+
+ The part values.
+ if set to true, this method will throw on failure.
+ A value indicating whether all the requirements are met.
+
+
+
+ Reflects over some -implementing type
+ and prepares to serialize/deserialize instances of that type.
+
+
+
+
+ Gets the mapping between the serialized key names and their describing
+ instances.
+
+
+
+
+ Gets the message version this instance was generated from.
+
+
+
+
+ Gets the type of message this instance was generated from.
+
+ The type of the described message.
+
+
+
+ Gets the constructors available on the message type.
+
+
+
+
+ Wraps an instance in a dictionary that
+ provides access to both well-defined message properties and "extra"
+ name/value pairs that have no properties associated with them.
+
+
+
+
+ The instance manipulated by this dictionary.
+
+
+
+
+ The instance that describes the message type.
+
+
+
+
+ Whether original string values should be retrieved instead of normalized ones.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The message instance whose values will be manipulated by this dictionary.
+ The message description.
+ A value indicating whether this message dictionary will retrieve original values instead of normalized ones.
+
+
+
+ Adds a named value to the message.
+
+ The serialized form of the name whose value is being set.
+ The serialized form of the value.
+
+ Thrown if already has a set value in this message.
+
+
+ Thrown if is null.
+
+
+
+
+ Checks whether some named parameter has a value set in the message.
+
+ The serialized form of the message part's name.
+ True if the parameter by the given name has a set value. False otherwise.
+
+
+
+ Removes a name and value from the message given its name.
+
+ The serialized form of the name to remove.
+ True if a message part by the given name was found and removed. False otherwise.
+
+
+
+ Gets some named value if the key has a value.
+
+ The name (in serialized form) of the value being sought.
+ The variable where the value will be set.
+ True if the key was found and was set. False otherwise.
+
+
+
+ Sets a named value in the message.
+
+ The name-value pair to add. The name is the serialized form of the key.
+
+
+
+ Removes all values in the message.
+
+
+
+
+ Removes all items from the .
+
+
+ The is read-only.
+
+
+ This method cannot be implemented because keys are not guaranteed to be removed
+ since some are inherent to the type of message that this dictionary provides
+ access to.
+
+
+
+
+ Checks whether a named value has been set on the message.
+
+ The name/value pair.
+ True if the key exists and has the given value. False otherwise.
+
+
+
+ Copies all the serializable data from the message to a key/value array.
+
+ The array to copy to.
+ The index in the to begin copying to.
+
+
+
+ Removes a named value from the message if it exists.
+
+ The serialized form of the name and value to remove.
+ True if the name/value was found and removed. False otherwise.
+
+
+
+ Gets an enumerator that generates KeyValuePair<string, string> instances
+ for all the key/value pairs that are set in the message.
+
+ The enumerator that can generate the name/value pairs.
+
+
+
+ Gets an enumerator that generates KeyValuePair<string, string> instances
+ for all the key/value pairs that are set in the message.
+
+ The enumerator that can generate the name/value pairs.
+
+
+
+ Saves the data in a message to a standard dictionary.
+
+ The generated dictionary.
+
+
+
+ Loads data from a dictionary into the message.
+
+ The data to load into the message.
+
+
+
+ Gets the message this dictionary provides access to.
+
+
+
+
+ Gets the description of the type of message this dictionary provides access to.
+
+
+
+
+ Gets the number of explicitly set values in the message.
+
+
+
+
+ Gets a value indicating whether this message is read only.
+
+
+
+
+ Gets all the keys that have values associated with them.
+
+
+
+
+ Gets the set of official message part names that have non-null values associated with them.
+
+
+
+
+ Gets the keys that are in the message but not declared as official OAuth properties.
+
+
+
+
+ Gets all the values.
+
+
+
+
+ Gets the serializer for the message this dictionary provides access to.
+
+
+
+
+ Gets or sets a value for some named value.
+
+ The serialized form of a name for the value to read or write.
+ The named value.
+
+ If the key matches a declared property or field on the message type,
+ that type member is set. Otherwise the key/value is stored in a
+ dictionary for extra (weakly typed) strings.
+
+ Thrown when setting a value that is not allowed for a given .
+
+
+
+ Describes an individual member of a message and assists in its serialization.
+
+
+
+
+ A map of converters that help serialize custom objects to string values and back again.
+
+
+
+
+ A map of instantiated custom encoders used to encode/decode message parts.
+
+
+
+
+ The string-object conversion routines to use for this individual message part.
+
+
+
+
+ The property that this message part is associated with, if aplicable.
+
+
+
+
+ The field that this message part is associated with, if aplicable.
+
+
+
+
+ The type of the message part. (Not the type of the message itself).
+
+
+
+
+ The default (uninitialized) value of the member inherent in its type.
+
+
+
+
+ Initializes static members of the class.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+ A property or field of an implementing type
+ that has a attached to it.
+
+
+ The attribute discovered on that describes the
+ serialization requirements of the message part.
+
+
+
+
+ Sets the member of a given message to some given value.
+ Used in deserialization.
+
+ The message instance containing the member whose value should be set.
+ The string representation of the value to set.
+
+
+
+ Gets the normalized form of a value of a member of a given message.
+ Used in serialization.
+
+ The message instance to read the value from.
+ The string representation of the member's value.
+
+
+
+ Gets the value of a member of a given message.
+ Used in serialization.
+
+ The message instance to read the value from.
+ A value indicating whether the original value should be retrieved (as opposed to a normalized form of it).
+ The string representation of the member's value.
+
+
+
+ Gets whether the value has been set to something other than its CLR type default value.
+
+ The message instance to check the value on.
+ True if the value is not the CLR default value.
+
+
+
+ Adds a pair of type conversion functions to the static conversion map.
+
+ The custom type to convert to and from strings.
+ The function to convert the custom type to a string.
+ The mapping function that converts some custom value to its original (non-normalized) string. May be null if the same as the function.
+ The function to convert a string to the custom type.
+
+
+
+ Creates a that resorts to and
+ for the conversion.
+
+ The type to create the mapping for.
+ The value mapping.
+
+
+
+ Creates the default encoder for a given type.
+
+ The type to create a for.
+ A struct.
+
+
+
+ Figures out the CLR default value for a given type.
+
+ The type whose default value is being sought.
+ Either null, or some default value like 0 or 0.0.
+
+
+
+ Checks whether a type is a nullable value type (i.e. int?)
+
+ The type in question.
+ True if this is a nullable value type.
+
+
+
+ Retrieves a previously instantiated encoder of a given type, or creates a new one and stores it for later retrieval as well.
+
+ The message part encoder type.
+ An instance of the desired encoder.
+
+
+
+ Gets the value of the message part, without converting it to/from a string.
+
+ The message instance to read from.
+ The value of the member.
+
+
+
+ Sets the value of a message part directly with a given value.
+
+ The message instance to read from.
+ The value to set on the this part.
+
+
+
+ Converts a string representation of the member's value to the appropriate type.
+
+ The string representation of the member's value.
+
+ An instance of the appropriate type for setting the member.
+
+
+
+
+ Converts the member's value to its string representation.
+
+ The value of the member.
+ A value indicating whether a string matching the originally decoded string should be returned (as opposed to a normalized string).
+
+ The string representation of the member's value.
+
+
+
+
+ Validates that the message part and its attribute have agreeable settings.
+
+
+ Thrown when a non-nullable value type is set as optional.
+
+
+
+
+ Gets or sets the name to use when serializing or deserializing this parameter in a message.
+
+
+
+
+ Gets or sets whether this message part must be signed.
+
+
+
+
+ Gets or sets a value indicating whether this message part is required for the
+ containing message to be valid.
+
+
+
+
+ Gets or sets a value indicating whether the string value is allowed to be empty in the serialized message.
+
+
+
+
+ Gets or sets a value indicating whether the field or property must remain its default value.
+
+
+
+
+ Gets or sets a value indicating whether this part is defined as a constant field and can be read without a message instance.
+
+
+
+
+ Gets or sets a value indicating whether the value contained by this property contains
+ sensitive information that should generally not be logged.
+
+
+ true if this instance is security sensitive; otherwise, false.
+
+
+
+
+ Gets the static constant value for this message part without a message instance.
+
+
+
+
+ Gets the type of the declared member.
+
+
+
+
+ Gets the type of the encoded values produced by this encoder, as they would appear in their preferred form.
+
+
+
+
+ An exception thrown when messages cannot receive all the protections they require.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The message whose protection requirements could not be met.
+ The protection requirements that were fulfilled.
+
+
+
+ Initializes a new instance of the class.
+
+ The
+ that holds the serialized object data about the exception being thrown.
+ The System.Runtime.Serialization.StreamingContext
+ that contains contextual information about the source or destination.
+
+
+
+ A protocol message (request or response) that passes from this
+ to a remote party via the user agent using a redirect or form
+ POST submission, OR a direct message response.
+
+
+ An instance of this type describes the HTTP response that must be sent
+ in response to the current HTTP request.
+ It is important that this response make up the entire HTTP response.
+ A hosting ASPX page should not be allowed to render its normal HTML output
+ after this response is sent. The normal rendered output of an ASPX page
+ can be canceled by calling after this message
+ is sent on the response stream.
+
+
+
+
+ The encoder to use for serializing the response body.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Initializes a new instance of the class
+ based on the contents of an .
+
+ The to clone.
+ The maximum bytes to read from the response stream.
+
+
+
+ Creates a text reader for the response stream.
+
+ The text reader, initialized for the proper encoding.
+
+
+
+ Automatically sends the appropriate response to the user agent
+ and ends execution on the current page or handler.
+
+ Typically thrown by ASP.NET in order to prevent additional data from the page being sent to the client and corrupting the response.
+
+ Requires a current HttpContext.
+
+
+
+
+ Automatically sends the appropriate response to the user agent
+ and ends execution on the current page or handler.
+
+ The context of the HTTP request whose response should be set.
+ Typically this is .
+ Typically thrown by ASP.NET in order to prevent additional data from the page being sent to the client and corrupting the response.
+
+
+
+ Automatically sends the appropriate response to the user agent
+ and ends execution on the current page or handler.
+
+ The context of the HTTP request whose response should be set.
+ Typically this is .
+ Typically thrown by ASP.NET in order to prevent additional data from the page being sent to the client and corrupting the response.
+
+
+
+ Automatically sends the appropriate response to the user agent
+ and signals ASP.NET to short-circuit the page execution pipeline
+ now that the response has been completed.
+ Not safe to call from ASP.NET web forms.
+
+
+ Requires a current HttpContext.
+ This call is not safe to make from an ASP.NET web form (.aspx file or code-behind) because
+ ASP.NET will render HTML after the protocol message has been sent, which will corrupt the response.
+ Use the method instead for web forms.
+
+
+
+
+ Automatically sends the appropriate response to the user agent
+ and signals ASP.NET to short-circuit the page execution pipeline
+ now that the response has been completed.
+ Not safe to call from ASP.NET web forms.
+
+ The context of the HTTP request whose response should be set.
+ Typically this is .
+
+ This call is not safe to make from an ASP.NET web form (.aspx file or code-behind) because
+ ASP.NET will render HTML after the protocol message has been sent, which will corrupt the response.
+ Use the method instead for web forms.
+
+
+
+
+ Automatically sends the appropriate response to the user agent
+ and signals ASP.NET to short-circuit the page execution pipeline
+ now that the response has been completed.
+ Not safe to call from ASP.NET web forms.
+
+ The context of the HTTP request whose response should be set.
+ Typically this is .
+
+ This call is not safe to make from an ASP.NET web form (.aspx file or code-behind) because
+ ASP.NET will render HTML after the protocol message has been sent, which will corrupt the response.
+ Use the method instead for web forms.
+
+
+
+
+ Submits this response to a WCF response context. Only available when no response body is included.
+
+ The response context to apply the response to.
+
+
+
+ Automatically sends the appropriate response to the user agent.
+
+ The response to set to this message.
+
+
+
+ Gets the URI that, when requested with an HTTP GET request,
+ would transmit the message that normally would be transmitted via a user agent redirect.
+
+ The channel to use for encoding.
+
+ The URL that would transmit the original message. This URL may exceed the normal 2K limit,
+ and should therefore be broken up manually and POSTed as form fields when it exceeds this length.
+
+
+ This is useful for desktop applications that will spawn a user agent to transmit the message
+ rather than cause a redirect.
+
+
+
+
+ Sets the response to some string, encoded as UTF-8.
+
+ The string to set the response to.
+ Type of the content. May be null.
+
+
+
+ Automatically sends the appropriate response to the user agent
+ and signals ASP.NET to short-circuit the page execution pipeline
+ now that the response has been completed.
+
+ The context of the HTTP request whose response should be set.
+ Typically this is .
+ If set to false, this method calls
+ rather than
+ to avoid a .
+
+
+
+ Automatically sends the appropriate response to the user agent
+ and signals ASP.NET to short-circuit the page execution pipeline
+ now that the response has been completed.
+
+ The context of the HTTP request whose response should be set.
+ Typically this is .
+ If set to false, this method calls
+ rather than
+ to avoid a .
+
+
+
+ Gets the headers that must be included in the response to the user agent.
+
+
+ The headers in this collection are not meant to be a comprehensive list
+ of exactly what should be sent, but are meant to augment whatever headers
+ are generally included in a typical response.
+
+
+
+
+ Gets the body of the HTTP response.
+
+
+
+
+ Gets a value indicating whether the response stream is incomplete due
+ to a length limitation imposed by the HttpWebRequest or calling method.
+
+
+
+
+ Gets the cookies collection to add as headers to the HTTP response.
+
+
+
+
+ Gets or sets the body of the response as a string.
+
+
+
+
+ Gets the HTTP status code to use in the HTTP response.
+
+
+
+
+ Gets or sets a reference to the actual protocol message that
+ is being sent via the user agent.
+
+
+
+
+ The methods available for the local party to send messages to a remote party.
+
+
+ See OAuth 1.0 spec section 5.2.
+
+
+
+
+ No HTTP methods are allowed.
+
+
+
+
+ In the HTTP Authorization header as defined in OAuth HTTP Authorization Scheme (OAuth HTTP Authorization Scheme).
+
+
+
+
+ As the HTTP POST request body with a content-type of application/x-www-form-urlencoded.
+
+
+
+
+ Added to the URLs in the query part (as defined by [RFC3986] (Berners-Lee, T., “Uniform Resource Identifiers (URI): Generic Syntax,” .) section 3).
+
+
+
+
+ Added to the URLs in the query part (as defined by [RFC3986] (Berners-Lee, T., “Uniform Resource Identifiers (URI): Generic Syntax,” .) section 3).
+
+
+
+
+ Added to the URLs in the query part (as defined by [RFC3986] (Berners-Lee, T., “Uniform Resource Identifiers (URI): Generic Syntax,” .) section 3).
+
+
+
+
+ Added to the URLs in the query part (as defined by [RFC3986] (Berners-Lee, T., “Uniform Resource Identifiers (URI): Generic Syntax,” .) section 3).
+
+
+
+
+ Added to the URLs in the query part (as defined by [RFC3986] (Berners-Lee, T., “Uniform Resource Identifiers (URI): Generic Syntax,” .) section 3).
+
+
+
+
+ Added to the URLs in the query part (as defined by [RFC3986] (Berners-Lee, T., “Uniform Resource Identifiers (URI): Generic Syntax,” .) section 3).
+
+
+
+
+ The flags that control HTTP verbs.
+
+
+
+
+ The type of transport mechanism used for a message: either direct or indirect.
+
+
+
+
+ A message that is sent directly from the Consumer to the Service Provider, or vice versa.
+
+
+
+
+ A message that is sent from one party to another via a redirect in the user agent.
+
+
+
+
+ Encodes and decodes the as an integer of total seconds.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Encodes the specified value.
+
+ The value. Guaranteed to never be null.
+
+ The in string form, ready for message transport.
+
+
+
+
+ Decodes the specified value.
+
+ The string value carried by the transport. Guaranteed to never be null, although it may be empty.
+
+ The deserialized form of the given string.
+
+ Thrown when the string value given cannot be decoded into the required object type.
+
+
+
+ Gets the type of the encoded values produced by this encoder, as they would appear in their preferred form.
+
+
+
+
+ A paranoid HTTP get/post request engine. It helps to protect against attacks from remote
+ server leaving dangling connections, sending too much data, causing requests against
+ internal servers, etc.
+
+
+ Protections include:
+ * Conservative maximum time to receive the complete response.
+ * Only HTTP and HTTPS schemes are permitted.
+ * Internal IP address ranges are not permitted: 127.*.*.*, 1::*
+ * Internal host names are not permitted (periods must be found in the host name)
+ If a particular host would be permitted but is in the blacklist, it is not allowed.
+ If a particular host would not be permitted but is in the whitelist, it is allowed.
+
+
+
+
+ The set of URI schemes allowed in untrusted web requests.
+
+
+
+
+ The collection of blacklisted hosts.
+
+
+
+
+ The collection of regular expressions used to identify additional blacklisted hosts.
+
+
+
+
+ The collection of whitelisted hosts.
+
+
+
+
+ The collection of regular expressions used to identify additional whitelisted hosts.
+
+
+
+
+ The maximum redirections to follow in the course of a single request.
+
+
+
+
+ The maximum number of bytes to read from the response of an untrusted server.
+
+
+
+
+ The handler that will actually send the HTTP request and collect
+ the response once the untrusted server gates have been satisfied.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The chained web request handler.
+
+
+
+ Determines whether this instance can support the specified options.
+
+ The set of options that might be given in a subsequent web request.
+
+ true if this instance can support the specified options; otherwise, false.
+
+
+
+
+ Prepares an that contains an POST entity for sending the entity.
+
+ The that should contain the entity.
+ The options to apply to this web request.
+
+ The writer the caller should write out the entity data to.
+
+ Thrown for any network error.
+
+ The caller should have set the
+ and any other appropriate properties before calling this method.
+ Implementations should catch and wrap it in a
+ to abstract away the transport and provide
+ a single exception type for hosts to catch.
+
+
+
+
+ Processes an and converts the
+ to a instance.
+
+ The to handle.
+ The options to apply to this web request.
+
+ An instance of describing the response.
+
+ Thrown for any network error.
+
+ Implementations should catch and wrap it in a
+ to abstract away the transport and provide
+ a single exception type for hosts to catch. The
+ value, if set, should be Closed before throwing.
+
+
+
+
+ Prepares an that contains an POST entity for sending the entity.
+
+ The that should contain the entity.
+
+ The writer the caller should write out the entity data to.
+
+
+
+
+ Processes an and converts the
+ to a instance.
+
+ The to handle.
+
+ An instance of describing the response.
+
+ Thrown for any network error.
+
+ Implementations should catch and wrap it in a
+ to abstract away the transport and provide
+ a single exception type for hosts to catch. The
+ value, if set, should be Closed before throwing.
+
+
+
+
+ Determines whether an IP address is the IPv6 equivalent of "localhost/127.0.0.1".
+
+ The ip address to check.
+
+ true if this is a loopback IP address; false otherwise.
+
+
+
+
+ Determines whether the given host name is in a host list or host name regex list.
+
+ The host name.
+ The list of host names.
+ The list of regex patterns of host names.
+
+ true if the specified host falls within at least one of the given lists; otherwise, false.
+
+
+
+
+ Determines whether a given host is whitelisted.
+
+ The host name to test.
+
+ true if the host is whitelisted; otherwise, false.
+
+
+
+
+ Determines whether a given host is blacklisted.
+
+ The host name to test.
+
+ true if the host is blacklisted; otherwise, false.
+
+
+
+
+ Verify that the request qualifies under our security policies
+
+ The request URI.
+ If set to true, only web requests that can be made entirely over SSL will succeed.
+ Thrown when the URI is disallowed for security reasons.
+
+
+
+ Determines whether a URI is allowed based on scheme and host name.
+ No requireSSL check is done here
+
+ The URI to test for whether it should be allowed.
+
+ true if [is URI allowable] [the specified URI]; otherwise, false.
+
+
+
+
+ Prepares the request by setting timeout and redirect policies.
+
+ The request to prepare.
+ true if this is a POST request whose headers have not yet been sent out; false otherwise.
+
+
+
+ Gets or sets the default maximum bytes to read in any given HTTP request.
+
+ Default is 1MB. Cannot be less than 2KB.
+
+
+
+ Gets or sets the total number of redirections to allow on any one request.
+ Default is 10.
+
+
+
+
+ Gets or sets the time allowed to wait for single read or write operation to complete.
+ Default is 500 milliseconds.
+
+
+
+
+ Gets or sets the time allowed for an entire HTTP request.
+ Default is 5 seconds.
+
+
+
+
+ Gets a collection of host name literals that should be allowed even if they don't
+ pass standard security checks.
+
+
+
+
+ Gets a collection of host name regular expressions that indicate hosts that should
+ be allowed even though they don't pass standard security checks.
+
+
+
+
+ Gets a collection of host name literals that should be rejected even if they
+ pass standard security checks.
+
+
+
+
+ Gets a collection of host name regular expressions that indicate hosts that should
+ be rejected even if they pass standard security checks.
+
+
+
+
+ Gets the configuration for this class that is specified in the host's .config file.
+
+
+
+
+ The default handler for transmitting instances
+ and returning the responses.
+
+
+
+
+ The set of options this web request handler supports.
+
+
+
+
+ The value to use for the User-Agent HTTP header.
+
+
+
+
+ Determines whether this instance can support the specified options.
+
+ The set of options that might be given in a subsequent web request.
+
+ true if this instance can support the specified options; otherwise, false.
+
+
+
+
+ Prepares an that contains an POST entity for sending the entity.
+
+ The that should contain the entity.
+
+ The writer the caller should write out the entity data to.
+
+ Thrown for any network error.
+
+ The caller should have set the
+ and any other appropriate properties before calling this method.
+ Implementations should catch and wrap it in a
+ to abstract away the transport and provide
+ a single exception type for hosts to catch.
+
+
+
+
+ Prepares an that contains an POST entity for sending the entity.
+
+ The that should contain the entity.
+ The options to apply to this web request.
+
+ The writer the caller should write out the entity data to.
+
+ Thrown for any network error.
+
+ The caller should have set the
+ and any other appropriate properties before calling this method.
+ Implementations should catch and wrap it in a
+ to abstract away the transport and provide
+ a single exception type for hosts to catch.
+
+
+
+
+ Processes an and converts the
+ to a instance.
+
+ The to handle.
+
+ An instance of describing the response.
+
+ Thrown for any network error.
+
+ Implementations should catch and wrap it in a
+ to abstract away the transport and provide
+ a single exception type for hosts to catch. The
+ value, if set, should be Closed before throwing.
+
+
+
+
+ Processes an and converts the
+ to a instance.
+
+ The to handle.
+ The options to apply to this web request.
+
+ An instance of describing the response.
+
+ Thrown for any network error.
+
+ Implementations should catch and wrap it in a
+ to abstract away the transport and provide
+ a single exception type for hosts to catch. The
+ value, if set, should be Closed before throwing.
+
+
+
+
+ Determines whether an exception was thrown because of the remote HTTP server returning HTTP 417 Expectation Failed.
+
+ The caught exception.
+
+ true if the failure was originally caused by a 417 Exceptation Failed error; otherwise, false.
+
+
+
+
+ Initiates a POST request and prepares for sending data.
+
+ The HTTP request with information about the remote party to contact.
+
+ The stream where the POST entity can be written.
+
+
+
+
+ Prepares an HTTP request.
+
+ The request.
+ true if this is a POST request whose headers have not yet been sent out; false otherwise.
+
+
+
+ An immutable description of a URL that receives messages.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The URL of this endpoint.
+ The HTTP method(s) allowed.
+
+
+
+ Initializes a new instance of the class.
+
+ The URL of this endpoint.
+ The HTTP method(s) allowed.
+
+
+
+ Gets the URL of this endpoint.
+
+
+
+
+ Gets the HTTP method(s) allowed.
+
+
+
+
+ Represents the section in the host's .config file that configures
+ this library's settings.
+
+
+
+
+ The name of the section under which this library's settings must be found.
+
+
+
+
+ The name of the <openid> sub-element.
+
+
+
+
+ The name of the <oauth> sub-element.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Gets a named section in this section group, or null if no such section is defined.
+
+ The name of the section to obtain.
+ The desired section, or null if it could not be obtained.
+
+
+
+ Gets the messaging configuration element.
+
+
+
+
+ Gets the reporting configuration element.
+
+
+
+
+ Represents the <messaging> element in the host's .config file.
+
+
+
+
+ The name of the <webResourceUrlProvider> sub-element.
+
+
+
+
+ The name of the <untrustedWebRequest> sub-element.
+
+
+
+
+ The name of the attribute that stores the association's maximum lifetime.
+
+
+
+
+ The name of the attribute that stores the maximum allowable clock skew.
+
+
+
+
+ The name of the attribute that indicates whether to disable SSL requirements across the library.
+
+
+
+
+ The name of the attribute that controls whether messaging rules are strictly followed.
+
+
+
+
+ The default value for the property.
+
+
+ 2KB, recommended by OpenID group
+
+
+
+
+ The name of the attribute that controls the maximum length of a URL before it is converted
+ to a POST payload.
+
+
+
+
+ Gets the name of the @privateSecretMaximumAge attribute.
+
+
+
+
+ The name of the <messaging> sub-element.
+
+
+
+
+ Gets the configuration section from the .config file.
+
+
+
+
+ Gets the actual maximum message lifetime that a program should allow.
+
+ The sum of the and
+ property values.
+
+
+
+ Gets or sets the maximum lifetime of a private symmetric secret,
+ that may be used for signing or encryption.
+
+ The default value is 28 days (twice the age of the longest association).
+
+
+
+ Gets or sets the time between a message's creation and its receipt
+ before it is considered expired.
+
+
+ The default value value is 3 minutes.
+
+
+ Smaller timespans mean lower tolerance for delays in message delivery.
+ Larger timespans mean more nonces must be stored to provide replay protection.
+ The maximum age a message implementing the
+ interface can be before
+ being discarded as too old.
+ This time limit should NOT take into account expected
+ time skew for servers across the Internet. Time skew is added to
+ this value and is controlled by the property.
+
+
+
+
+ Gets or sets the maximum clock skew.
+
+ The default value is 10 minutes.
+
+ Smaller timespans mean lower tolerance for
+ time variance due to server clocks not being synchronized.
+ Larger timespans mean greater chance for replay attacks and
+ larger nonce caches.
+ For example, if a server could conceivably have its
+ clock d = 5 minutes off UTC time, then any two servers could have
+ their clocks disagree by as much as 2*d = 10 minutes.
+
+
+
+
+ Gets or sets a value indicating whether SSL requirements within the library are disabled/relaxed.
+ Use for TESTING ONLY.
+
+
+
+
+ Gets or sets a value indicating whether messaging rules are strictly
+ adhered to.
+
+ true by default.
+
+ Strict will require that remote parties adhere strictly to the specifications,
+ even when a loose interpretation would not compromise security.
+ true is a good default because it shakes out interoperability bugs in remote services
+ so they can be identified and corrected. But some web sites want things to Just Work
+ more than they want to file bugs against others, so false is the setting for them.
+
+
+
+
+ Gets or sets the configuration for the class.
+
+ The untrusted web request.
+
+
+
+ Gets or sets the maximum allowable size for a 301 Redirect response before we send
+ a 200 OK response with a scripted form POST with the parameters instead
+ in order to ensure successfully sending a large payload to another server
+ that might have a maximum allowable size restriction on its GET request.
+
+ The default value is 2048.
+
+
+
+ Gets or sets the embedded resource retrieval provider.
+
+
+ The embedded resource retrieval provider.
+
+
+
+
+ Represents the <reporting> element in the host's .config file.
+
+
+
+
+ The name of the @enabled attribute.
+
+
+
+
+ The name of the @minimumReportingInterval attribute.
+
+
+
+
+ The name of the @minimumFlushInterval attribute.
+
+
+
+
+ The name of the @includeFeatureUsage attribute.
+
+
+
+
+ The name of the @includeEventStatistics attribute.
+
+
+
+
+ The name of the @includeLocalRequestUris attribute.
+
+
+
+
+ The name of the @includeCultures attribute.
+
+
+
+
+ The name of the <reporting> sub-element.
+
+
+
+
+ The default value for the @minimumFlushInterval attribute.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Gets the configuration section from the .config file.
+
+
+
+
+ Gets or sets a value indicating whether this reporting is enabled.
+
+ true if enabled; otherwise, false.
+
+
+
+ Gets or sets the maximum frequency that reports will be published.
+
+
+
+
+ Gets or sets the maximum frequency the set can be flushed to disk.
+
+
+
+
+ Gets or sets a value indicating whether to include a list of library features used in the report.
+
+ true to include a report of features used; otherwise, false.
+
+
+
+ Gets or sets a value indicating whether to include statistics of certain events such as
+ authentication success and failure counting, and can include remote endpoint URIs.
+
+
+ true to include event counters in the report; otherwise, false.
+
+
+
+
+ Gets or sets a value indicating whether to include a few URLs to pages on the hosting
+ web site that host DotNetOpenAuth components.
+
+
+
+
+ Gets or sets a value indicating whether to include the cultures requested by the user agent
+ on pages that host DotNetOpenAuth components.
+
+
+
+
+ A configuration collection of trusted OP Endpoints.
+
+
+
+
+ The name of the "rejectAssertionsFromUntrustedProviders" element.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The elements to initialize the collection with.
+
+
+
+ When overridden in a derived class, creates a new .
+
+
+ A new .
+
+
+
+
+ Gets the element key for a specified configuration element when overridden in a derived class.
+
+ The to return the key for.
+
+ An that acts as the key for the specified .
+
+
+
+
+ Gets or sets a value indicating whether any login attempt coming from an OpenID Provider Endpoint that is not on this
+ whitelist of trusted OP Endpoints will be rejected. If the trusted providers list is empty and this value
+ is true, all assertions are rejected.
+
+
+
+
+ A configuration element that records a trusted Provider Endpoint.
+
+
+
+
+ The name of the attribute that stores the value.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Gets or sets the OpenID Provider Endpoint (aka "OP Endpoint") that this relying party trusts.
+
+
+
+
+ A collection of .
+
+ The type that all types specified in the elements must derive from.
+
+
+
+ Initializes a new instance of the TypeConfigurationCollection class.
+
+
+
+
+ Initializes a new instance of the TypeConfigurationCollection class.
+
+ The elements that should be added to the collection initially.
+
+
+
+ Creates instances of all the types listed in the collection.
+
+ if set to true then internal types may be instantiated.
+ A sequence of instances generated from types in this collection. May be empty, but never null.
+
+
+
+ When overridden in a derived class, creates a new .
+
+
+ A new .
+
+
+
+
+ Gets the element key for a specified configuration element when overridden in a derived class.
+
+ The to return the key for.
+
+ An that acts as the key for the specified .
+
+
+
+
+ Represents an element in a .config file that allows the user to provide a @type attribute specifying
+ the full type that provides some service used by this library.
+
+ A constraint on the type the user may provide.
+
+
+
+ The name of the attribute whose value is the full name of the type the user is specifying.
+
+
+
+
+ The name of the attribute whose value is the path to the XAML file to deserialize to obtain the type.
+
+
+
+
+ Initializes a new instance of the TypeConfigurationElement class.
+
+
+
+
+ Creates an instance of the type described in the .config file.
+
+ The value to return if no type is given in the .config file.
+ The newly instantiated type.
+
+
+
+ Creates an instance of the type described in the .config file.
+
+ The value to return if no type is given in the .config file.
+ if set to true then internal types may be instantiated.
+ The newly instantiated type.
+
+
+
+ Creates the instance from xaml.
+
+ The stream of xaml to deserialize.
+ The deserialized object.
+
+ This exists as its own method to prevent the CLR's JIT compiler from failing
+ to compile the CreateInstance method just because the PresentationFramework.dll
+ may be missing (which it is on some shared web hosts). This way, if the
+ XamlSource attribute is never used, the PresentationFramework.dll never need
+ be present.
+
+
+
+
+ Gets or sets the full name of the type.
+
+ The full name of the type, such as: "ConsumerPortal.Code.CustomStore, ConsumerPortal".
+
+
+
+ Gets or sets the path to the XAML file to deserialize to obtain the instance.
+
+
+
+
+ Gets the type described in the .config file.
+
+
+
+
+ Gets a value indicating whether this type has no meaningful type to instantiate.
+
+
+
+
+ Represents the section of a .config file where security policies regarding web requests
+ to user-provided, untrusted servers is controlled.
+
+
+
+
+ Gets the name of the @timeout attribute.
+
+
+
+
+ Gets the name of the @readWriteTimeout attribute.
+
+
+
+
+ Gets the name of the @maximumBytesToRead attribute.
+
+
+
+
+ Gets the name of the @maximumRedirections attribute.
+
+
+
+
+ Gets the name of the @whitelistHosts attribute.
+
+
+
+
+ Gets the name of the @whitelistHostsRegex attribute.
+
+
+
+
+ Gets the name of the @blacklistHosts attribute.
+
+
+
+
+ Gets the name of the @blacklistHostsRegex attribute.
+
+
+
+
+ Gets or sets the read/write timeout after which an HTTP request will fail.
+
+
+
+
+ Gets or sets the timeout after which an HTTP request will fail.
+
+
+
+
+ Gets or sets the maximum bytes to read from an untrusted web server.
+
+
+
+
+ Gets or sets the maximum redirections that will be followed before an HTTP request fails.
+
+
+
+
+ Gets or sets the collection of hosts on the whitelist.
+
+
+
+
+ Gets or sets the collection of hosts on the blacklist.
+
+
+
+
+ Gets or sets the collection of regular expressions that describe hosts on the whitelist.
+
+
+
+
+ Gets or sets the collection of regular expressions that describe hosts on the blacklist.
+
+
+
+
+ Represents a collection of child elements that describe host names either as literal host names or regex patterns.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Creates a new child host name element.
+
+
+ A new .
+
+
+
+
+ Gets the element key for a specified configuration element.
+
+ The to return the key for.
+
+ An that acts as the key for the specified .
+
+
+
+
+ Gets all the members of the collection assuming they are all literal host names.
+
+
+
+
+ Gets all the members of the collection assuming they are all host names regex patterns.
+
+
+
+
+ Represents the name of a single host or a regex pattern for host names.
+
+
+
+
+ Gets the name of the @name attribute.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The default value of the property.
+
+
+
+ Gets or sets the name of the host on the white or black list.
+
+
+
+
+ An interface that provides URLs from which embedded resources can be obtained.
+
+
+
+
+ Gets the URL from which the given manifest resource may be downloaded by the user agent.
+
+ Some type in the assembly containing the desired resource.
+ Manifest name of the desired resource.
+ An absolute URL.
+
+
+
+ A general logger for the entire DotNetOpenAuth library.
+
+
+ Because this logger is intended for use with non-localized strings, the
+ overloads that take have been removed, and
+ is used implicitly.
+
+
+
+
+ The instance that is to be used
+ by this static Logger for the duration of the appdomain.
+
+
+
+
+ Backing field for the property.
+
+
+
+
+ Backing field for the property.
+
+
+
+
+ Backing field for the property.
+
+
+
+
+ Backing field for the property.
+
+
+
+
+ Backing field for the property.
+
+
+
+
+ Backing field for the property.
+
+
+
+
+ Backing field for the property.
+
+
+
+
+ Backing field for the property.
+
+
+
+
+ Backing field for the property.
+
+
+
+
+ Backing field for the property.
+
+
+
+
+ Creates an additional logger on demand for a subsection of the application.
+
+ A name that will be included in the log file.
+ The instance created with the given name.
+
+
+
+ Creates the main logger for the library, and emits an INFO message
+ that is the name and version of the library.
+
+ A name that will be included in the log file.
+ The instance created with the given name.
+
+
+
+ Creates an additional logger on demand for a subsection of the application.
+
+ A type whose full name that will be included in the log file.
+ The instance created with the given type name.
+
+
+
+ Discovers the presence of Log4net.dll and other logging mechanisms
+ and returns the best available logger.
+
+ The name of the log to initialize.
+ The instance of the logger to use.
+
+
+
+ Gets the logger for general library logging.
+
+
+
+
+ Gets the logger for service discovery and selection events.
+
+
+
+
+ Gets the logger for Messaging events.
+
+
+
+
+ Gets the logger for Channel events.
+
+
+
+
+ Gets the logger for binding elements and binding-element related events on the channel.
+
+
+
+
+ Gets the logger specifically used for logging verbose text on everything about the signing process.
+
+
+
+
+ Gets the logger for HTTP-level events.
+
+
+
+
+ Gets the logger for events logged by ASP.NET controls.
+
+
+
+
+ Gets the logger for high-level OpenID events.
+
+
+
+
+ Gets the logger for high-level OAuth events.
+
+
+
+
+ Gets the logger for high-level InfoCard events.
+
+
+
+
+ The ILog interface is use by application to log messages into
+ the log4net framework.
+
+
+
+ Use the to obtain logger instances
+ that implement this interface. The
+ static method is used to get logger instances.
+
+
+ This class contains methods for logging at different levels and also
+ has properties for determining if those logging levels are
+ enabled in the current configuration.
+
+
+ This interface can be implemented in different ways. This documentation
+ specifies reasonable behavior that a caller can expect from the actual
+ implementation, however different implementations reserve the right to
+ do things differently.
+
+
+ Simple example of logging messages
+
+ ILog log = LogManager.GetLogger("application-log");
+
+ log.Info("Application Start");
+ log.Debug("This is a debug message");
+
+ if (log.IsDebugEnabled)
+ {
+ log.Debug("This is another debug message");
+ }
+
+
+
+
+ Nicko Cadell
+ Gert Driesen
+
+
+ Log a message object with the level.
+
+ Log a message object with the level.
+
+ The message object to log.
+
+
+ This method first checks if this logger is DEBUG
+ enabled by comparing the level of this logger with the
+ level. If this logger is
+ DEBUG enabled, then it converts the message object
+ (passed as parameter) to a string by invoking the appropriate
+ . It then
+ proceeds to call all the registered appenders in this logger
+ and also higher in the hierarchy depending on the value of
+ the additivity flag.
+
+ WARNING Note that passing an
+ to this method will print the name of the
+ but no stack trace. To print a stack trace use the
+ form instead.
+
+
+
+
+
+
+
+ Log a message object with the level including
+ the stack trace of the passed
+ as a parameter.
+
+ The message object to log.
+ The exception to log, including its stack trace.
+
+
+ See the form for more detailed information.
+
+
+
+
+
+
+ Log a formatted string with the level.
+
+ Logs a formatted message string with the level.
+
+ A String containing zero or more format items
+ An Object array containing zero or more objects to format
+
+
+ The message is formatted using the string.Format method. See
+ for details of the syntax of the format string and the behavior
+ of the formatting.
+
+
+ This method does not take an object to include in the
+ log event. To pass an use one of the
+ methods instead.
+
+
+
+
+
+
+
+ Logs a formatted message string with the level.
+
+ A String containing zero or more format items
+ An Object to format
+
+
+ The message is formatted using the string.Format method. See
+ for details of the syntax of the format string and the behavior
+ of the formatting.
+
+
+ This method does not take an object to include in the
+ log event. To pass an use one of the
+ methods instead.
+
+
+
+
+
+
+
+ Logs a formatted message string with the level.
+
+ A String containing zero or more format items
+ An Object to format
+ An Object to format
+
+
+ The message is formatted using the string.Format method. See
+ for details of the syntax of the format string and the behavior
+ of the formatting.
+
+
+ This method does not take an object to include in the
+ log event. To pass an use one of the
+ methods instead.
+
+
+
+
+
+
+
+ Logs a formatted message string with the level.
+
+ A String containing zero or more format items
+ An Object to format
+ An Object to format
+ An Object to format
+
+
+ The message is formatted using the string.Format method. See
+ for details of the syntax of the format string and the behavior
+ of the formatting.
+
+
+ This method does not take an object to include in the
+ log event. To pass an use one of the
+ methods instead.
+
+
+
+
+
+
+ Log a message object with the level.
+
+ Logs a message object with the level.
+
+
+
+ This method first checks if this logger is INFO
+ enabled by comparing the level of this logger with the
+ level. If this logger is
+ INFO enabled, then it converts the message object
+ (passed as parameter) to a string by invoking the appropriate
+ . It then
+ proceeds to call all the registered appenders in this logger
+ and also higher in the hierarchy depending on the value of the
+ additivity flag.
+
+ WARNING Note that passing an
+ to this method will print the name of the
+ but no stack trace. To print a stack trace use the
+ form instead.
+
+
+ The message object to log.
+
+
+
+
+
+ Logs a message object with the INFO level including
+ the stack trace of the passed
+ as a parameter.
+
+ The message object to log.
+ The exception to log, including its stack trace.
+
+
+ See the form for more detailed information.
+
+
+
+
+
+
+ Log a formatted message string with the level.
+
+ Logs a formatted message string with the level.
+
+ A String containing zero or more format items
+ An Object array containing zero or more objects to format
+
+
+ The message is formatted using the string.Format method. See
+ for details of the syntax of the format string and the behavior
+ of the formatting.
+
+
+ This method does not take an object to include in the
+ log event. To pass an use one of the
+ methods instead.
+
+
+
+
+
+
+
+ Logs a formatted message string with the level.
+
+ A String containing zero or more format items
+ An Object to format
+
+
+ The message is formatted using the string.Format method. See
+ for details of the syntax of the format string and the behavior
+ of the formatting.
+
+
+ This method does not take an object to include in the
+ log event. To pass an use one of the
+ methods instead.
+
+
+
+
+
+
+
+ Logs a formatted message string with the level.
+
+ A String containing zero or more format items
+ An Object to format
+ An Object to format
+
+
+ The message is formatted using the string.Format method. See
+ for details of the syntax of the format string and the behavior
+ of the formatting.
+
+
+ This method does not take an object to include in the
+ log event. To pass an use one of the
+ methods instead.
+
+
+
+
+
+
+
+ Logs a formatted message string with the level.
+
+ A String containing zero or more format items
+ An Object to format
+ An Object to format
+ An Object to format
+
+
+ The message is formatted using the string.Format method. See
+ for details of the syntax of the format string and the behavior
+ of the formatting.
+
+
+ This method does not take an object to include in the
+ log event. To pass an use one of the
+ methods instead.
+
+
+
+
+
+
+ Log a message object with the level.
+
+ Log a message object with the level.
+
+
+
+ This method first checks if this logger is WARN
+ enabled by comparing the level of this logger with the
+ level. If this logger is
+ WARN enabled, then it converts the message object
+ (passed as parameter) to a string by invoking the appropriate
+ . It then
+ proceeds to call all the registered appenders in this logger
+ and also higher in the hierarchy depending on the value of the
+ additivity flag.
+
+ WARNING Note that passing an
+ to this method will print the name of the
+ but no stack trace. To print a stack trace use the
+ form instead.
+
+
+ The message object to log.
+
+
+
+
+
+ Log a message object with the level including
+ the stack trace of the passed
+ as a parameter.
+
+ The message object to log.
+ The exception to log, including its stack trace.
+
+
+ See the form for more detailed information.
+
+
+
+
+
+
+ Log a formatted message string with the level.
+
+ Logs a formatted message string with the level.
+
+ A String containing zero or more format items
+ An Object array containing zero or more objects to format
+
+
+ The message is formatted using the string.Format method. See
+ for details of the syntax of the format string and the behavior
+ of the formatting.
+
+
+ This method does not take an object to include in the
+ log event. To pass an use one of the
+ methods instead.
+
+
+
+
+
+
+
+ Logs a formatted message string with the level.
+
+ A String containing zero or more format items
+ An Object to format
+
+
+ The message is formatted using the string.Format method. See
+ for details of the syntax of the format string and the behavior
+ of the formatting.
+
+
+ This method does not take an object to include in the
+ log event. To pass an use one of the
+ methods instead.
+
+
+
+
+
+
+
+ Logs a formatted message string with the level.
+
+ A String containing zero or more format items
+ An Object to format
+ An Object to format
+
+
+ The message is formatted using the string.Format method. See
+ for details of the syntax of the format string and the behavior
+ of the formatting.
+
+
+ This method does not take an object to include in the
+ log event. To pass an use one of the
+ methods instead.
+
+
+
+
+
+
+
+ Logs a formatted message string with the level.
+
+ A String containing zero or more format items
+ An Object to format
+ An Object to format
+ An Object to format
+
+
+ The message is formatted using the string.Format method. See
+ for details of the syntax of the format string and the behavior
+ of the formatting.
+
+
+ This method does not take an object to include in the
+ log event. To pass an use one of the
+ methods instead.
+
+
+
+
+
+
+ Log a message object with the level.
+
+ Logs a message object with the level.
+
+ The message object to log.
+
+
+ This method first checks if this logger is ERROR
+ enabled by comparing the level of this logger with the
+ level. If this logger is
+ ERROR enabled, then it converts the message object
+ (passed as parameter) to a string by invoking the appropriate
+ . It then
+ proceeds to call all the registered appenders in this logger
+ and also higher in the hierarchy depending on the value of the
+ additivity flag.
+
+ WARNING Note that passing an
+ to this method will print the name of the
+ but no stack trace. To print a stack trace use the
+ form instead.
+
+
+
+
+
+
+
+ Log a message object with the level including
+ the stack trace of the passed
+ as a parameter.
+
+ The message object to log.
+ The exception to log, including its stack trace.
+
+
+ See the form for more detailed information.
+
+
+
+
+
+
+ Log a formatted message string with the level.
+
+ Logs a formatted message string with the level.
+
+ A String containing zero or more format items
+ An Object array containing zero or more objects to format
+
+
+ The message is formatted using the string.Format method. See
+ for details of the syntax of the format string and the behavior
+ of the formatting.
+
+
+ This method does not take an object to include in the
+ log event. To pass an use one of the
+ methods instead.
+
+
+
+
+
+
+
+ Logs a formatted message string with the level.
+
+ A String containing zero or more format items
+ An Object to format
+
+
+ The message is formatted using the string.Format method. See
+ for details of the syntax of the format string and the behavior
+ of the formatting.
+
+
+ This method does not take an object to include in the
+ log event. To pass an use one of the
+ methods instead.
+
+
+
+
+
+
+
+ Logs a formatted message string with the level.
+
+ A String containing zero or more format items
+ An Object to format
+ An Object to format
+
+
+ The message is formatted using the string.Format method. See
+ for details of the syntax of the format string and the behavior
+ of the formatting.
+
+
+ This method does not take an object to include in the
+ log event. To pass an use one of the
+ methods instead.
+
+
+
+
+
+
+
+ Logs a formatted message string with the level.
+
+ A String containing zero or more format items
+ An Object to format
+ An Object to format
+ An Object to format
+
+
+ The message is formatted using the string.Format method. See
+ for details of the syntax of the format string and the behavior
+ of the formatting.
+
+
+ This method does not take an object to include in the
+ log event. To pass an use one of the
+ methods instead.
+
+
+
+
+
+
+ Log a message object with the level.
+
+ Log a message object with the level.
+
+
+
+ This method first checks if this logger is FATAL
+ enabled by comparing the level of this logger with the
+ level. If this logger is
+ FATAL enabled, then it converts the message object
+ (passed as parameter) to a string by invoking the appropriate
+ . It then
+ proceeds to call all the registered appenders in this logger
+ and also higher in the hierarchy depending on the value of the
+ additivity flag.
+
+ WARNING Note that passing an
+ to this method will print the name of the
+ but no stack trace. To print a stack trace use the
+ form instead.
+
+
+ The message object to log.
+
+
+
+
+
+ Log a message object with the level including
+ the stack trace of the passed
+ as a parameter.
+
+ The message object to log.
+ The exception to log, including its stack trace.
+
+
+ See the form for more detailed information.
+
+
+
+
+
+
+ Log a formatted message string with the level.
+
+ Logs a formatted message string with the level.
+
+ A String containing zero or more format items
+ An Object array containing zero or more objects to format
+
+
+ The message is formatted using the string.Format method. See
+ for details of the syntax of the format string and the behavior
+ of the formatting.
+
+
+ This method does not take an object to include in the
+ log event. To pass an use one of the
+ methods instead.
+
+
+
+
+
+
+
+ Logs a formatted message string with the level.
+
+ A String containing zero or more format items
+ An Object to format
+
+
+ The message is formatted using the string.Format method. See
+ for details of the syntax of the format string and the behavior
+ of the formatting.
+
+
+ This method does not take an object to include in the
+ log event. To pass an use one of the
+ methods instead.
+
+
+
+
+
+
+
+ Logs a formatted message string with the level.
+
+ A String containing zero or more format items
+ An Object to format
+ An Object to format
+
+
+ The message is formatted using the string.Format method. See
+ for details of the syntax of the format string and the behavior
+ of the formatting.
+
+
+ This method does not take an object to include in the
+ log event. To pass an use one of the
+ methods instead.
+
+
+
+
+
+
+
+ Logs a formatted message string with the level.
+
+ A String containing zero or more format items
+ An Object to format
+ An Object to format
+ An Object to format
+
+
+ The message is formatted using the string.Format method. See
+ for details of the syntax of the format string and the behavior
+ of the formatting.
+
+
+ This method does not take an object to include in the
+ log event. To pass an use one of the
+ methods instead.
+
+
+
+
+
+
+
+ Checks if this logger is enabled for the level.
+
+
+ true if this logger is enabled for events, false otherwise.
+
+
+
+ This function is intended to lessen the computational cost of
+ disabled log debug statements.
+
+ For some ILog interface log, when you write:
+
+ log.Debug("This is entry number: " + i );
+
+
+ You incur the cost constructing the message, string construction and concatenation in
+ this case, regardless of whether the message is logged or not.
+
+
+ If you are worried about speed (who isn't), then you should write:
+
+
+ if (log.IsDebugEnabled)
+ {
+ log.Debug("This is entry number: " + i );
+ }
+
+
+ This way you will not incur the cost of parameter
+ construction if debugging is disabled for log. On
+ the other hand, if the log is debug enabled, you
+ will incur the cost of evaluating whether the logger is debug
+ enabled twice. Once in and once in
+ the . This is an insignificant overhead
+ since evaluating a logger takes about 1% of the time it
+ takes to actually log. This is the preferred style of logging.
+
+ Alternatively if your logger is available statically then the is debug
+ enabled state can be stored in a static variable like this:
+
+
+ private static readonly bool isDebugEnabled = log.IsDebugEnabled;
+
+
+ Then when you come to log you can write:
+
+
+ if (isDebugEnabled)
+ {
+ log.Debug("This is entry number: " + i );
+ }
+
+
+ This way the debug enabled state is only queried once
+ when the class is loaded. Using a private static readonly
+ variable is the most efficient because it is a run time constant
+ and can be heavily optimized by the JIT compiler.
+
+
+ Of course if you use a static readonly variable to
+ hold the enabled state of the logger then you cannot
+ change the enabled state at runtime to vary the logging
+ that is produced. You have to decide if you need absolute
+ speed or runtime flexibility.
+
+
+
+
+
+
+ Checks if this logger is enabled for the level.
+
+
+ true if this logger is enabled for events, false otherwise.
+
+
+ For more information see .
+
+
+
+
+
+
+ Checks if this logger is enabled for the level.
+
+
+ true if this logger is enabled for events, false otherwise.
+
+
+ For more information see .
+
+
+
+
+
+
+ Checks if this logger is enabled for the level.
+
+
+ true if this logger is enabled for events, false otherwise.
+
+
+ For more information see .
+
+
+
+
+
+
+ Checks if this logger is enabled for the level.
+
+
+ true if this logger is enabled for events, false otherwise.
+
+
+ For more information see .
+
+
+
+
+
+
+ Returns a new log4net logger if it exists, or returns null if the assembly cannot be found.
+
+ The created instance.
+
+
+
+ Creates the log4net.LogManager. Call ONLY after log4net.dll is known to be present.
+
+ The created instance.
+
+
+
+ Returns a new logger that does nothing when invoked.
+
+ The created instance.
+
+
+
+ See .
+
+
+
+
+ See .
+
+
+
+
+ See .
+
+
+
+
+ See .
+
+
+
+
+ See .
+
+
+
+
+ See .
+
+
+
+
+ See .
+
+
+
+
+ See .
+
+
+
+
+ See .
+
+
+
+
+ See .
+
+
+
+
+ See .
+
+
+
+
+ See .
+
+
+
+
+ See .
+
+
+
+
+ See .
+
+
+
+
+ See .
+
+
+
+
+ See .
+
+
+
+
+ See .
+
+
+
+
+ See .
+
+
+
+
+ See .
+
+
+
+
+ See .
+
+
+
+
+ See .
+
+
+
+
+ See .
+
+
+
+
+ See .
+
+
+
+
+ See .
+
+
+
+
+ See .
+
+
+
+
+ See .
+
+
+
+
+ See .
+
+
+
+
+ See .
+
+
+
+
+ See .
+
+
+
+
+ See .
+
+
+
+
+ Returns a new logger that uses the class
+ if sufficient CAS permissions are granted to use it, otherwise returns false.
+
+ The created instance.
+
+
+
+ See .
+
+
+
+
+ See .
+
+
+
+
+ See .
+
+
+
+
+ See .
+
+
+
+
+ See .
+
+
+
+
+ Represents a read-only dictionary.
+
+ The type of the key.
+ The type of the value.
+
+
+
+ Contains base dictionary.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The base dictionary.
+
+
+
+ Adds an element with the provided key and value to the .
+
+ The object to use as the key of the element to add.
+ The object to use as the value of the element to add.
+ is null.
+
+
+ An element with the same key already exists in the .
+
+
+ The is read-only.
+
+
+
+
+ Determines whether the contains an element with the specified key.
+
+ The key to locate in the .
+
+ true if the contains an element with the key; otherwise, false.
+
+ is null.
+
+
+
+
+ Removes the element with the specified key from the .
+
+ The key of the element to remove.
+
+ true if the element is successfully removed; otherwise, false. This method also returns false if was not found in the original .
+
+ is null.
+
+
+ The is read-only.
+
+
+
+
+ Gets the value associated with the specified key.
+
+ The key whose value to get.
+ When this method returns, the value associated with the specified key, if the key is found; otherwise, the default value for the type of the parameter. This parameter is passed uninitialized.
+
+ true if the object that implements contains an element with the specified key; otherwise, false.
+
+ is null.
+
+
+
+
+ Adds an item to the .
+
+ The object to add to the .
+
+ The is read-only.
+
+
+
+
+ Removes all items from the .
+
+
+ The is read-only.
+
+
+
+
+ Determines whether the contains a specific value.
+
+ The object to locate in the .
+
+ true if is found in the ; otherwise, false.
+
+
+
+
+ Copies to.
+
+ The array.
+ Index of the array.
+
+
+
+ Removes the first occurrence of a specific object from the .
+
+ The object to remove from the .
+
+ true if was successfully removed from the ; otherwise, false. This method also returns false if is not found in the original .
+
+
+ The is read-only.
+
+
+
+
+ Returns an enumerator that iterates through the collection.
+
+
+ A that can be used to iterate through the collection.
+
+
+
+
+ Returns an enumerator that iterates through a collection.
+
+
+ An object that can be used to iterate through the collection.
+
+
+
+
+ Gets an containing the keys of the .
+
+
+ An containing the keys of the object that implements .
+
+
+
+
+ Gets an containing the values in the .
+
+
+ An containing the values in the object that implements .
+
+
+
+
+ Gets the number of elements contained in the .
+
+
+ The number of elements contained in the .
+
+
+
+
+ Gets a value indicating whether the is read-only.
+
+ true if the is read-only; otherwise, false.
+
+
+
+
+ Gets or sets the element with the specified key.
+
+ The key being read or written.
+
+ The element with the specified key.
+
+ is null.
+
+
+ The property is retrieved and is not found.
+
+
+ The property is set and the is read-only.
+
+
+
+
+ The statistical reporting mechanism used so this library's project authors
+ know what versions and features are in use.
+
+
+
+
+ A UTF8 encoder that doesn't emit the preamble. Used for mid-stream writers.
+
+
+
+
+ A value indicating whether reporting is desirable or not. Must be logical-AND'd with !.
+
+
+
+
+ A value indicating whether reporting experienced an error and cannot be enabled.
+
+
+
+
+ A value indicating whether the reporting class has been initialized or not.
+
+
+
+
+ The object to lock during initialization.
+
+
+
+
+ The isolated storage to use for collecting data in between published reports.
+
+
+
+
+ The GUID that shows up at the top of all reports from this user/machine/domain.
+
+
+
+
+ The recipient of collected reports.
+
+
+
+
+ The outgoing HTTP request handler to use for publishing reports.
+
+
+
+
+ A few HTTP request hosts and paths we've seen.
+
+
+
+
+ Cultures that have come in via HTTP requests.
+
+
+
+
+ Features that have been used.
+
+
+
+
+ A collection of all the observations to include in the report.
+
+
+
+
+ The named events that we have counters for.
+
+
+
+
+ The lock acquired while considering whether to publish a report.
+
+
+
+
+ The time that we last published reports.
+
+
+
+
+ Initializes static members of the class.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Records an event occurrence.
+
+ Name of the event.
+ The category within the event. Null and empty strings are allowed, but considered the same.
+
+
+
+ Records an event occurence.
+
+ The object whose type name is the event name to record.
+ The category within the event. Null and empty strings are allowed, but considered the same.
+
+
+
+ Records the use of a feature by name.
+
+ The feature.
+
+
+
+ Records the use of a feature by object type.
+
+ The object whose type is the feature to set as used.
+
+
+
+ Records the use of a feature by object type.
+
+ The object whose type is the feature to set as used.
+ Some dependency used by .
+
+
+
+ Records the use of a feature by object type.
+
+ The object whose type is the feature to set as used.
+ Some dependency used by .
+ Some dependency used by .
+
+
+
+ Records statistics collected from incoming requests.
+
+ The request.
+
+
+
+ Called by every internal/public method on this class to give
+ periodic operations a chance to run.
+
+
+
+
+ Initializes Reporting if it has not been initialized yet.
+
+
+
+
+ Assembles a report for submission.
+
+ A stream that contains the report.
+
+
+
+ Sends the usage reports to the library authors.
+
+ A value indicating whether submitting the report was successful.
+
+
+
+ Interprets the reporting response as a log message if possible.
+
+ The line from the HTTP response to interpret as a log message.
+
+
+
+ Sends the stats report asynchronously, and careful to not throw any unhandled exceptions.
+
+
+
+
+ Gets the isolated storage to use for reporting.
+
+ An isolated storage location appropriate for our host.
+
+
+
+ Gets a unique, pseudonymous identifier for this particular web site or application.
+
+ A GUID that will serve as the identifier.
+
+ The identifier is made persistent by storing the identifier in isolated storage.
+ If an existing identifier is not found, a new one is created, persisted, and returned.
+
+
+
+
+ Sanitizes the name of the file so it only includes valid filename characters.
+
+ The filename to sanitize.
+ The filename, with any and all invalid filename characters replaced with the hyphen (-) character.
+
+
+
+ Gets or sets a value indicating whether this reporting is enabled.
+
+ true if enabled; otherwise, false.
+
+ Setting this property to truemay have no effect
+ if reporting has already experienced a failure of some kind.
+
+
+
+
+ Gets the observed features.
+
+
+
+
+ Gets the configuration to use for reporting.
+
+
+
+
+ A set of values that persist the set to disk.
+
+
+
+
+ The isolated persistent storage.
+
+
+
+
+ The persistent reader.
+
+
+
+
+ The persistent writer.
+
+
+
+
+ The total set of elements.
+
+
+
+
+ The maximum number of elements to track before not storing new elements.
+
+
+
+
+ The set of new elements added to the since the last flush.
+
+
+
+
+ The time the last flush occurred.
+
+
+
+
+ A flag indicating whether the set has changed since it was last flushed.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The storage location.
+ Name of the file.
+ The maximum number of elements to track.
+
+
+
+ Performs application-defined tasks associated with freeing, releasing, or resetting unmanaged resources.
+
+
+
+
+ Adds a value to the set.
+
+ The value.
+
+
+
+ Flushes any newly added values to disk.
+
+
+
+
+ Releases unmanaged and - optionally - managed resources
+
+ true to release both managed and unmanaged resources; false to release only unmanaged resources.
+
+
+
+ Gets a value indicating whether the hashset has reached capacity and is not storing more elements.
+
+ true if this instance is full; otherwise, false.
+
+
+
+ Gets the name of the file.
+
+ The name of the file.
+
+
+
+ A feature usage counter.
+
+
+
+
+ The separator to use between category names and their individual counters.
+
+
+
+
+ The isolated persistent storage.
+
+
+
+
+ The persistent reader.
+
+
+
+
+ The persistent writer.
+
+
+
+
+ The time the last flush occurred.
+
+
+
+
+ The in-memory copy of the counter.
+
+
+
+
+ A flag indicating whether the set has changed since it was last flushed.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The storage location.
+ Name of the file.
+
+
+
+ Performs application-defined tasks associated with freeing, releasing, or resetting unmanaged resources.
+
+
+
+
+ Increments the counter.
+
+ The category within the event. Null and empty strings are allowed, but considered the same.
+
+
+
+ Flushes any newly added values to disk.
+
+
+
+
+ Resets all counters.
+
+
+
+
+ Releases unmanaged and - optionally - managed resources
+
+ true to release both managed and unmanaged resources; false to release only unmanaged resources.
+
+
+
+ Gets the name of the file.
+
+ The name of the file.
+
+
+
+ Argument validation checks that throw some kind of ArgumentException when they fail (unless otherwise noted).
+
+
+
+
+ Validates that a given parameter is not null.
+
+ The type of the parameter
+ The value.
+ Name of the parameter.
+ The tested value, guaranteed to not be null.
+
+
+
+ Validates that a parameter is not null or empty.
+
+ The value.
+ Name of the parameter.
+ The validated value.
+
+
+
+ Validates that an array is not null or empty.
+
+ The type of the elements in the sequence.
+ The value.
+ Name of the parameter.
+
+
+
+ Validates that an argument is either null or is a sequence with no null elements.
+
+ The type of elements in the sequence.
+ The sequence.
+ Name of the parameter.
+
+
+
+ Validates some expression describing the acceptable range for an argument evaluates to true.
+
+ The expression that must evaluate to true to avoid an .
+ Name of the parameter.
+ The message to include with the exception.
+
+
+
+ Validates some expression describing the acceptable condition for an argument evaluates to true.
+
+ The expression that must evaluate to true to avoid an .
+ Name of the parameter.
+ The message to include with the exception.
+
+
+
+ Validates some expression describing the acceptable condition for an argument evaluates to true.
+
+ The expression that must evaluate to true to avoid an .
+ Name of the parameter.
+ The unformatted message.
+ Formatting arguments.
+
+
+
+ Validates some expression describing the acceptable condition for an argument evaluates to true.
+
+ The expression that must evaluate to true to avoid an .
+
+
+
+ Validates some expression describing the acceptable condition for an argument evaluates to true.
+
+ The expression that must evaluate to true to avoid an .
+ The message to include with the exception.
+
+
+
+ Validates some expression describing the acceptable condition for an argument evaluates to true.
+
+ The expression that must evaluate to true to avoid an .
+ The unformatted message.
+ Formatting arguments.
+
+
+
+ Validates that some argument describes a type that is or derives from a required type.
+
+ The type that the argument must be or derive from.
+ The type given in the argument.
+ Name of the parameter.
+
+
+
+ Validates some expression describing the acceptable condition for an argument evaluates to true.
+
+ The expression that must evaluate to true to avoid an .
+ The message.
+
+
+
+ Throws an if a condition does not evaluate to true.
+
+ The expression that must evaluate to true to avoid an .
+ The message.
+
+
+
+ Throws an
+
+ Name of the parameter.
+ The message.
+
+
+
+ A strongly-typed resource class, for looking up localized strings, etc.
+
+
+
+
+ Returns the cached ResourceManager instance used by this class.
+
+
+
+
+ Overrides the current thread's CurrentUICulture property for all
+ resource lookups using this strongly typed resource class.
+
+
+
+
+ Looks up a localized string similar to The configuration-specified type {0} must be public, and is not..
+
+
+
+
+ Looks up a localized string similar to The configuration XAML reference to {0} requires a current HttpContext to resolve..
+
+
+
+
+ Looks up a localized string similar to The current IHttpHandler is not one of types: {0}. An embedded resource URL provider must be set in your .config file..
+
+
+
+
+ Looks up a localized string similar to The empty string is not allowed..
+
+
+
+
+ Looks up a localized string similar to The argument has an unexpected value..
+
+
+
+
+ Looks up a localized string similar to The property {0} must be set before this operation is allowed..
+
+
+
+
+ Looks up a localized string similar to This object contains a response body, which is not supported..
+
+
+
+
+ Looks up a localized string similar to No current HttpContext was detected, so an {0} instance must be explicitly provided or specified in the .config file. Call the constructor overload that takes an {0}..
+
+
+
+
+ Utility methods for working with URIs.
+
+
+
+
+ Tests a URI for the presence of an OAuth payload.
+
+ The URI to test.
+ The prefix.
+
+ True if the URI contains an OAuth message.
+
+
+
+
+ Determines whether some is using HTTPS.
+
+ The Uri being tested for security.
+
+ true if the URI represents an encrypted request; otherwise, false.
+
+
+
+
+ Equivalent to UriBuilder.ToString() but omits port # if it may be implied.
+ Equivalent to UriBuilder.Uri.ToString(), but doesn't throw an exception if the Host has a wildcard.
+
+ The UriBuilder to render as a string.
+ The string version of the Uri.
+
+
+
+ Validates that a URL will be resolvable at runtime.
+
+ The page hosting the control that receives this URL as a property.
+ If set to true the page is in design-time mode rather than runtime mode.
+ The URI to check.
+ Thrown if the given URL is not a valid, resolvable URI.
+
+
+
+ A grab-bag utility class.
+
+
+
+
+ The base namespace for this library from which all other namespaces derive.
+
+
+
+
+ The web.config file-specified provider of web resource URLs.
+
+
+
+
+ Tests for equality between two objects. Safely handles the case where one or both are null.
+
+ The type of objects been checked for equality.
+ The first object.
+ The second object.
+ true if the two objects are equal; false otherwise.
+
+
+
+ Prepares a dictionary for printing as a string.
+
+ The type of the key.
+ The type of the value.
+ The dictionary or sequence of name-value pairs.
+ An object whose ToString method will perform the actual work of generating the string.
+
+ The work isn't done until (and if) the
+ method is actually called, which makes it great
+ for logging complex objects without being in a conditional block.
+
+
+
+
+ Offers deferred ToString processing for a list of elements, that are assumed
+ to generate just a single-line string.
+
+ The type of elements contained in the list.
+ The list of elements.
+ An object whose ToString method will perform the actual work of generating the string.
+
+
+
+ Offers deferred ToString processing for a list of elements.
+
+ The type of elements contained in the list.
+ The list of elements.
+ if set to true, special formatting will be applied to the output to make it clear where one element ends and the next begins.
+ An object whose ToString method will perform the actual work of generating the string.
+
+
+
+ Gets the web resource URL from a Page or object.
+
+ Some type in resource assembly.
+ Name of the manifest resource.
+ An absolute URL
+
+
+
+ Gets a human-readable description of the library name and version, including
+ whether the build is an official or private one.
+
+
+
+
+ Gets the assembly file version of the executing assembly, otherwise falls back to the assembly version.
+
+
+
+
+ Manages an individual deferred ToString call.
+
+ The type of object to be serialized as a string.
+
+
+
+ The object that will be serialized if called upon.
+
+
+
+
+ The method used to serialize to string form.
+
+
+
+
+ Initializes a new instance of the DelayedToString class.
+
+ The object that may be serialized to string form.
+ The method that will serialize the object if called upon.
+
+
+
+ Returns a that represents the current .
+
+
+ A that represents the current .
+
+
+
+
diff --git a/PROJ-ETS/packages/DotNetOpenAuth.Core.4.3.0.13117/lib/net40-full/DotNetOpenAuth.Core.dll b/PROJ-ETS/packages/DotNetOpenAuth.Core.4.3.0.13117/lib/net40-full/DotNetOpenAuth.Core.dll
new file mode 100644
index 0000000..d4bca57
Binary files /dev/null and b/PROJ-ETS/packages/DotNetOpenAuth.Core.4.3.0.13117/lib/net40-full/DotNetOpenAuth.Core.dll differ
diff --git a/PROJ-ETS/packages/DotNetOpenAuth.Core.4.3.0.13117/lib/net40-full/DotNetOpenAuth.Core.xml b/PROJ-ETS/packages/DotNetOpenAuth.Core.4.3.0.13117/lib/net40-full/DotNetOpenAuth.Core.xml
new file mode 100644
index 0000000..dd8ec49
--- /dev/null
+++ b/PROJ-ETS/packages/DotNetOpenAuth.Core.4.3.0.13117/lib/net40-full/DotNetOpenAuth.Core.xml
@@ -0,0 +1,10311 @@
+
+
+
+ DotNetOpenAuth.Core
+
+
+
+
+ Internal state consistency checks that throw an internal error exception when they fail.
+
+
+
+
+ Validates some expression describing the acceptable condition evaluates to true.
+
+ The expression that must evaluate to true to avoid an internal error exception.
+ The message to include with the exception.
+
+
+
+ Validates some expression describing the acceptable condition evaluates to true.
+
+ The expression that must evaluate to true to avoid an internal error exception.
+ The unformatted message.
+ Formatting arguments.
+
+
+
+ Throws an internal error exception.
+
+ The message.
+
+
+
+ Throws an internal error exception.
+
+ Nothing. This method always throws.
+
+
+
+ An internal error exception that should never be caught.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The message.
+
+
+
+ Initializes a new instance of the class.
+
+ The that holds the serialized object data about the exception being thrown.
+ The that contains contextual information about the source or destination.
+ The parameter is null.
+ The class name is null or is zero (0).
+
+
+
+ A message part encoder that translates between byte[] and base64web encoded strings.
+
+
+
+
+ An interface describing how various objects can be serialized and deserialized between their object and string forms.
+
+
+ Implementations of this interface must include a default constructor and must be thread-safe.
+
+
+
+
+ Encodes the specified value.
+
+ The value. Guaranteed to never be null.
+ The in string form, ready for message transport.
+
+
+
+ Decodes the specified value.
+
+ The string value carried by the transport. Guaranteed to never be null, although it may be empty.
+ The deserialized form of the given string.
+ Thrown when the string value given cannot be decoded into the required object type.
+
+
+
+ Encodes the specified value.
+
+ The value. Guaranteed to never be null.
+ The in string form, ready for message transport.
+
+
+
+ Decodes the specified value.
+
+ The string value carried by the transport. Guaranteed to never be null, although it may be empty.
+ The deserialized form of the given string.
+ Thrown when the string value given cannot be decoded into the required object type.
+
+
+
+ Provides RSA encryption of symmetric keys to protect them from a theft of
+ the persistent store.
+
+
+
+
+ A persistent store for rotating symmetric cryptographic keys.
+
+
+ Implementations should persist it in such a way that the keys are shared across all servers
+ on a web farm, where applicable.
+ The store should consider protecting the persistent store against theft resulting in the loss
+ of the confidentiality of the keys. One possible mitigation is to asymmetrically encrypt
+ each key using a certificate installed in the server's certificate store.
+
+
+
+
+ Gets the key in a given bucket and handle.
+
+ The bucket name. Case sensitive.
+ The key handle. Case sensitive.
+ The cryptographic key, or null if no matching key was found.
+
+
+
+ Gets a sequence of existing keys within a given bucket.
+
+ The bucket name. Case sensitive.
+ A sequence of handles and keys, ordered by descending .
+
+
+
+ Stores a cryptographic key.
+
+ The name of the bucket to store the key in. Case sensitive.
+ The handle to the key, unique within the bucket. Case sensitive.
+ The key to store.
+ Thrown in the event of a conflict with an existing key in the same bucket and with the same handle.
+
+
+
+ Removes the key.
+
+ The bucket name. Case sensitive.
+ The key handle. Case sensitive.
+
+
+
+ The persistent store for asymmetrically encrypted symmetric keys.
+
+
+
+
+ The memory cache of decrypted keys.
+
+
+
+
+ The asymmetric algorithm to use encrypting/decrypting the symmetric keys.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The data store.
+ The asymmetric protection to apply to symmetric keys. Must include the private key.
+
+
+
+ Gets the key in a given bucket and handle.
+
+ The bucket name. Case sensitive.
+ The key handle. Case sensitive.
+
+ The cryptographic key, or null if no matching key was found.
+
+
+
+
+ Gets a sequence of existing keys within a given bucket.
+
+ The bucket name. Case sensitive.
+
+ A sequence of handles and keys, ordered by descending .
+
+
+
+
+ Stores a cryptographic key.
+
+ The name of the bucket to store the key in. Case sensitive.
+ The handle to the key, unique within the bucket. Case sensitive.
+ The key to store.
+
+
+
+ Removes the key.
+
+ The bucket name. Case sensitive.
+ The key handle. Case sensitive.
+
+
+
+ Decrypts the specified key.
+
+ The bucket.
+ The handle.
+ The encrypted key.
+
+ The decrypted key.
+
+
+
+
+ An encrypted key and its decrypted equivalent.
+
+
+
+
+ A cryptographic key and metadata concerning it.
+
+
+
+
+ Backing field for the property.
+
+
+
+
+ Backing field for the property.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The cryptographic key.
+ The expires UTC.
+
+
+
+ Determines whether the specified is equal to this instance.
+
+ The to compare with this instance.
+
+ true if the specified is equal to this instance; otherwise, false.
+
+
+ The parameter is null.
+
+
+
+
+ Returns a hash code for this instance.
+
+
+ A hash code for this instance, suitable for use in hashing algorithms and data structures like a hash table.
+
+
+
+
+ Gets the key.
+
+
+
+
+ Gets the expiration date of this key (UTC time).
+
+
+
+
+ Initializes a new instance of the class.
+
+ The encrypted key.
+ The decrypted key.
+
+
+
+ Invariant conditions.
+
+
+
+
+ Gets the encrypted key.
+
+
+
+
+ Thrown by a hosting application or web site when a cryptographic key is created with a
+ bucket and handle that conflicts with a previously stored and unexpired key.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The inner exception to include.
+
+
+
+ Initializes a new instance of the class.
+
+ The
+ that holds the serialized object data about the exception being thrown.
+ The System.Runtime.Serialization.StreamingContext
+ that contains contextual information about the source or destination.
+
+
+
+ Code contract for the interface.
+
+
+
+
+ Gets the key in a given bucket and handle.
+
+ The bucket name. Case sensitive.
+ The key handle. Case sensitive.
+
+ The cryptographic key, or null if no matching key was found.
+
+
+
+
+ Gets a sequence of existing keys within a given bucket.
+
+ The bucket name. Case sensitive.
+
+ A sequence of handles and keys, ordered by descending .
+
+
+
+
+ Stores a cryptographic key.
+
+ The name of the bucket to store the key in. Case sensitive.
+ The handle to the key, unique within the bucket. Case sensitive.
+ The key to store.
+ Thrown in the event of a conflict with an existing key in the same bucket and with the same handle.
+
+
+
+ Removes the key.
+
+ The bucket name. Case sensitive.
+ The key handle. Case sensitive.
+
+
+
+ A in-memory store of crypto keys.
+
+
+
+
+ How frequently to check for and remove expired secrets.
+
+
+
+
+ An in-memory cache of decrypted symmetric keys.
+
+
+ The key is the bucket name. The value is a dictionary whose key is the handle and whose value is the cached key.
+
+
+
+
+ The last time the cache had expired keys removed from it.
+
+
+
+
+ Gets the key in a given bucket and handle.
+
+ The bucket name. Case sensitive.
+ The key handle. Case sensitive.
+
+ The cryptographic key, or null if no matching key was found.
+
+
+
+
+ Gets a sequence of existing keys within a given bucket.
+
+ The bucket name. Case sensitive.
+
+ A sequence of handles and keys, ordered by descending .
+
+
+
+
+ Stores a cryptographic key.
+
+ The name of the bucket to store the key in. Case sensitive.
+ The handle to the key, unique within the bucket. Case sensitive.
+ The key to store.
+ Thrown in the event of a conflict with an existing key in the same bucket and with the same handle.
+
+
+
+ Removes the key.
+
+ The bucket name. Case sensitive.
+ The key handle. Case sensitive.
+
+
+
+ Cleans the expired keys from memory cache if the cleaning interval has passed.
+
+
+
+
+ Weeds out expired keys from the in-memory cache.
+
+
+
+
+ A compact binary serialization class.
+
+ The -derived type to serialize/deserialize.
+
+
+
+ A serializer for -derived types
+
+ The DataBag-derived type that is to be serialized/deserialized.
+
+
+
+ A serializer for -derived types
+
+ The DataBag-derived type that is to be serialized/deserialized.
+
+
+
+ Serializes the specified message.
+
+ The message to serialize. Must not be null.
+ A non-null, non-empty value.
+
+
+
+ Deserializes a .
+
+ The instance to deserialize into
+ The serialized form of the to deserialize. Must not be null or empty.
+ The message that contains the serialized value. May be null if no carrying message is applicable.
+ The name of the parameter whose value is to be deserialized. Used for error message generation, but may be null.
+
+
+
+ The length of the nonce to include in tokens that can be decoded once only.
+
+
+
+
+ The message description cache to use for data bag types.
+
+
+
+
+ The minimum allowable lifetime for the key used to encrypt/decrypt or sign this databag.
+
+
+
+
+ The symmetric key store with the secret used for signing/encryption of verification codes and refresh tokens.
+
+
+
+
+ The bucket for symmetric keys.
+
+
+
+
+ The crypto to use for signing access tokens.
+
+
+
+
+ The crypto to use for encrypting access tokens.
+
+
+
+
+ A value indicating whether the data in this instance will be protected against tampering.
+
+
+
+
+ The nonce store to use to ensure that this instance is only decoded once.
+
+
+
+
+ The maximum age of a token that can be decoded; useful only when is true.
+
+
+
+
+ A value indicating whether the data in this instance will be protected against eavesdropping.
+
+
+
+
+ A value indicating whether the data in this instance will be GZip'd.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The crypto service provider with the asymmetric key to use for signing or verifying the token.
+ The crypto service provider with the asymmetric key to use for encrypting or decrypting the token.
+ A value indicating whether the data in this instance will be GZip'd.
+ The maximum age of a token that can be decoded; useful only when is true.
+ The nonce store to use to ensure that this instance is only decoded once.
+
+
+
+ Initializes a new instance of the class.
+
+ The crypto key store used when signing or encrypting.
+ The bucket in which symmetric keys are stored for signing/encrypting data.
+ A value indicating whether the data in this instance will be protected against tampering.
+ A value indicating whether the data in this instance will be protected against eavesdropping.
+ A value indicating whether the data in this instance will be GZip'd.
+ The required minimum lifespan within which this token must be decodable and verifiable; useful only when and/or is true.
+ The maximum age of a token that can be decoded; useful only when is true.
+ The nonce store to use to ensure that this instance is only decoded once.
+
+
+
+ Initializes a new instance of the class.
+
+ A value indicating whether the data in this instance will be protected against tampering.
+ A value indicating whether the data in this instance will be protected against eavesdropping.
+ A value indicating whether the data in this instance will be GZip'd.
+ The maximum age of a token that can be decoded; useful only when is true.
+ The nonce store to use to ensure that this instance is only decoded once.
+
+
+
+ Serializes the specified message, including compression, encryption, signing, and nonce handling where applicable.
+
+ The message to serialize. Must not be null.
+ A non-null, non-empty value.
+
+
+
+ Deserializes a , including decompression, decryption, signature and nonce validation where applicable.
+
+ The instance to initialize with deserialized data.
+ The serialized form of the to deserialize. Must not be null or empty.
+ The message that contains the serialized value. May be null if no carrying message is applicable.
+ The name of the parameter whose value is to be deserialized. Used for error message generation, but may be null.
+
+
+
+ Serializes the instance to a buffer.
+
+ The message.
+ The buffer containing the serialized data.
+
+
+
+ Deserializes the instance from a buffer.
+
+ The message instance to initialize with data from the buffer.
+ The data buffer.
+
+
+
+ Determines whether the signature on this instance is valid.
+
+ The signed data.
+ The signature.
+ The symmetric secret handle. null when using an asymmetric algorithm.
+
+ true if the signature is valid; otherwise, false.
+
+
+
+
+ Calculates the signature for the data in this verification code.
+
+ The bytes to sign.
+ The symmetric secret handle. null when using an asymmetric algorithm.
+
+ The calculated signature.
+
+
+
+
+ Encrypts the specified value using either the symmetric or asymmetric encryption algorithm as appropriate.
+
+ The value.
+ Receives the symmetric secret handle. null when using an asymmetric algorithm.
+
+ The encrypted value.
+
+
+
+
+ Decrypts the specified value using either the symmetric or asymmetric encryption algorithm as appropriate.
+
+ The value.
+ The symmetric secret handle. null when using an asymmetric algorithm.
+
+ The decrypted value.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The crypto service provider with the asymmetric key to use for signing or verifying the token.
+ The crypto service provider with the asymmetric key to use for encrypting or decrypting the token.
+ A value indicating whether the data in this instance will be GZip'd.
+ The maximum age of a token that can be decoded; useful only when is true.
+ The nonce store to use to ensure that this instance is only decoded once.
+
+
+
+ Initializes a new instance of the class.
+
+ The crypto key store used when signing or encrypting.
+ The bucket in which symmetric keys are stored for signing/encrypting data.
+ A value indicating whether the data in this instance will be protected against tampering.
+ A value indicating whether the data in this instance will be protected against eavesdropping.
+ A value indicating whether the data in this instance will be GZip'd.
+ The minimum age.
+ The maximum age of a token that can be decoded; useful only when is true.
+ The nonce store to use to ensure that this instance is only decoded once.
+
+
+
+ Serializes the instance to a buffer.
+
+ The message.
+ The buffer containing the serialized data.
+
+
+
+ Deserializes the instance from a buffer.
+
+ The message instance to initialize with data from the buffer.
+ The data buffer.
+
+
+
+ Cached details on the response from a direct web request to a remote party.
+
+
+
+
+ Details on the incoming response from a direct web request to a remote party.
+
+
+
+
+ The encoding to use in reading a response that does not declare its own content encoding.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The original request URI.
+ The response to initialize from. The network stream is used by this class directly.
+
+
+
+ Initializes a new instance of the class.
+
+ The request URI.
+ The final URI to respond to the request.
+ The headers.
+ The status code.
+ Type of the content.
+ The content encoding.
+
+
+
+ Returns a that represents the current .
+
+
+ A that represents the current .
+
+
+
+
+ Performs application-defined tasks associated with freeing, releasing, or resetting unmanaged resources.
+
+
+
+
+ Creates a text reader for the response stream.
+
+ The text reader, initialized for the proper encoding.
+
+
+
+ Gets an offline snapshot version of this instance.
+
+ The maximum bytes from the response stream to cache.
+ A snapshot version of this instance.
+
+ If this instance is a creating a snapshot
+ will automatically close and dispose of the underlying response stream.
+ If this instance is a , the result will
+ be the self same instance.
+
+
+
+
+ Releases unmanaged and - optionally - managed resources
+
+ true to release both managed and unmanaged resources; false to release only unmanaged resources.
+
+
+
+ Gets the type of the content.
+
+
+
+
+ Gets the content encoding.
+
+
+
+
+ Gets the URI of the initial request.
+
+
+
+
+ Gets the URI that finally responded to the request.
+
+
+ This can be different from the in cases of
+ redirection during the request.
+
+
+
+
+ Gets the headers that must be included in the response to the user agent.
+
+
+ The headers in this collection are not meant to be a comprehensive list
+ of exactly what should be sent, but are meant to augment whatever headers
+ are generally included in a typical response.
+
+
+
+
+ Gets the HTTP status code to use in the HTTP response.
+
+
+
+
+ Gets the body of the HTTP response.
+
+
+
+
+ A seekable, repeatable response stream.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The request URI.
+ The response.
+ The maximum bytes to read.
+
+
+
+ Initializes a new instance of the class.
+
+ The request URI.
+ The final URI to respond to the request.
+ The headers.
+ The status code.
+ Type of the content.
+ The content encoding.
+ The response stream.
+
+
+
+ Creates a text reader for the response stream.
+
+ The text reader, initialized for the proper encoding.
+
+
+
+ Gets the body of the response as a string.
+
+ The entire body of the response.
+
+
+
+ Gets an offline snapshot version of this instance.
+
+ The maximum bytes from the response stream to cache.
+ A snapshot version of this instance.
+
+ If this instance is a creating a snapshot
+ will automatically close and dispose of the underlying response stream.
+ If this instance is a , the result will
+ be the self same instance.
+
+
+
+
+ Sets the response to some string, encoded as UTF-8.
+
+ The string to set the response to.
+
+
+
+ Caches the network stream and closes it if it is open.
+
+ The response whose stream is to be cloned.
+ The maximum bytes to cache.
+ The seekable Stream instance that contains a copy of what was returned in the HTTP response.
+
+
+
+ Gets a value indicating whether the cached response stream was
+ truncated to a maximum allowable length.
+
+
+
+
+ Gets the body of the HTTP response.
+
+
+
+
+ Gets or sets the cached response stream.
+
+
+
+
+ Code contract for the class.
+
+
+
+
+ Manages sending direct messages to a remote party and receiving responses.
+
+
+
+
+ The content-type used on HTTP POST requests where the POST entity is a
+ URL-encoded series of key=value pairs.
+
+
+
+
+ The content-type used for JSON serialized objects.
+
+
+
+
+ The "text/javascript" content-type that some servers return instead of the standard one.
+
+
+
+
+ The content-type for plain text.
+
+
+
+
+ The HTML that should be returned to the user agent as part of a 301 Redirect.
+
+ A string that should be used as the first argument to string.Format, where the {0} should be replaced with the URL to redirect to.
+
+
+
+ The template for indirect messages that require form POST to forward through the user agent.
+
+
+ We are intentionally using " instead of the html single quote ' below because
+ the HtmlEncode'd values that we inject will only escape the double quote, so
+ only the double-quote used around these values is safe.
+
+
+
+
+ The encoding to use when writing out POST entity strings.
+
+
+
+
+ A default set of XML dictionary reader quotas that are relatively safe from causing unbounded memory consumption.
+
+
+
+
+ The content-type used on HTTP POST requests where the POST entity is a
+ URL-encoded series of key=value pairs.
+ This includes the character encoding.
+
+
+
+
+ A list of binding elements in the order they must be applied to outgoing messages.
+
+
+
+
+ A list of binding elements in the order they must be applied to incoming messages.
+
+
+
+
+ The default cache of message descriptions to use unless they are customized.
+
+
+ This is a perf optimization, so that we don't reflect over every message type
+ every time a channel is constructed.
+
+
+
+
+ A cache of reflected message types that may be sent or received on this channel.
+
+
+
+
+ A tool that can figure out what kind of message is being received
+ so it can be deserialized.
+
+
+
+
+ Backing store for the property.
+
+
+
+
+ Backing field for the property.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+ A class prepared to analyze incoming messages and indicate what concrete
+ message types can deserialize from it.
+
+
+ The binding elements to use in sending and receiving messages.
+ The order they are provided is used for outgoing messgaes, and reversed for incoming messages.
+
+
+
+
+ Sends an indirect message (either a request or response)
+ or direct message response for transmission to a remote party
+ and ends execution on the current page or handler.
+
+ The one-way message to send
+ Thrown by ASP.NET in order to prevent additional data from the page being sent to the client and corrupting the response.
+
+ Requires an HttpContext.Current context.
+
+
+
+
+ Sends an indirect message (either a request or response)
+ or direct message response for transmission to a remote party
+ and skips most of the remaining ASP.NET request handling pipeline.
+ Not safe to call from ASP.NET web forms.
+
+ The one-way message to send
+
+ Requires an HttpContext.Current context.
+ This call is not safe to make from an ASP.NET web form (.aspx file or code-behind) because
+ ASP.NET will render HTML after the protocol message has been sent, which will corrupt the response.
+ Use the method instead for web forms.
+
+
+
+
+ Prepares an indirect message (either a request or response)
+ or direct message response for transmission to a remote party.
+
+ The one-way message to send
+ The pending user agent redirect based message to be sent as an HttpResponse.
+
+
+
+ Gets the protocol message embedded in the given HTTP request, if present.
+
+ The deserialized message, if one is found. Null otherwise.
+
+ Requires an HttpContext.Current context.
+
+ Thrown when is null.
+
+
+
+ Gets the protocol message embedded in the given HTTP request, if present.
+
+ The expected type of the message to be received.
+ The deserialized message, if one is found. Null otherwise.
+ True if the expected message was recognized and deserialized. False otherwise.
+
+ Requires an HttpContext.Current context.
+
+ Thrown when is null.
+ Thrown when a request message of an unexpected type is received.
+
+
+
+ Gets the protocol message embedded in the given HTTP request, if present.
+
+ The expected type of the message to be received.
+ The request to search for an embedded message.
+ The deserialized message, if one is found. Null otherwise.
+ True if the expected message was recognized and deserialized. False otherwise.
+ Thrown when is null.
+ Thrown when a request message of an unexpected type is received.
+
+
+
+ Gets the protocol message embedded in the current HTTP request.
+
+ The expected type of the message to be received.
+ The deserialized message. Never null.
+
+ Requires an HttpContext.Current context.
+
+ Thrown when is null.
+ Thrown if the expected message was not recognized in the response.
+
+
+
+ Gets the protocol message embedded in the given HTTP request.
+
+ The expected type of the message to be received.
+ The request to search for an embedded message.
+ The deserialized message. Never null.
+ Thrown if the expected message was not recognized in the response.
+
+
+
+ Gets the protocol message that may be embedded in the given HTTP request.
+
+ The request to search for an embedded message.
+ The deserialized message, if one is found. Null otherwise.
+
+
+
+ Sends a direct message to a remote party and waits for the response.
+
+ The expected type of the message to be received.
+ The message to send.
+ The remote party's response.
+
+ Thrown if no message is recognized in the response
+ or an unexpected type of message is received.
+
+
+
+
+ Sends a direct message to a remote party and waits for the response.
+
+ The message to send.
+ The remote party's response. Guaranteed to never be null.
+ Thrown if the response does not include a protocol message.
+
+
+
+ Performs application-defined tasks associated with freeing, releasing, or resetting unmanaged resources.
+
+
+
+
+ Verifies the integrity and applicability of an incoming message.
+
+ The message just received.
+
+ Thrown when the message is somehow invalid.
+ This can be due to tampering, replay attack or expiration, among other things.
+
+
+
+
+ Prepares an HTTP request that carries a given message.
+
+ The message to send.
+ The prepared to send the request.
+
+ This method must be overridden by a derived class, unless the method
+ is overridden and does not require this method.
+
+
+
+
+ Queues a message for sending in the response stream where the fields
+ are sent in the response stream in querystring style.
+
+ The message to send as a response.
+ The pending user agent redirect based message to be sent as an HttpResponse.
+
+ This method implements spec OAuth V1.0 section 5.3.
+
+
+
+
+ Gets the protocol message that may be in the given HTTP response.
+
+ The response that is anticipated to contain an protocol message.
+ The deserialized message parts, if found. Null otherwise.
+ Thrown when the response is not valid.
+
+
+
+ This method should NOT be called by derived types
+ except when sending ONE WAY request messages.
+
+
+ Prepares a message for transmit by applying signatures, nonces, etc.
+
+ The message to prepare for sending.
+
+
+
+ Gets the HTTP context for the current HTTP request.
+
+ An HttpContextBase instance.
+
+
+
+ Gets the current HTTP request being processed.
+
+ The HttpRequestInfo for the current request.
+
+ Requires an context.
+
+ Thrown if HttpContext.Current == null.
+
+
+
+ Checks whether a given HTTP method is expected to include an entity body in its request.
+
+ The HTTP method.
+ true if the HTTP method is supposed to have an entity; false otherwise.
+
+
+
+ Applies message prescribed HTTP response headers to an outgoing web response.
+
+ The message.
+ The HTTP response.
+
+
+
+ Releases unmanaged and - optionally - managed resources
+
+ true to release both managed and unmanaged resources; false to release only unmanaged resources.
+
+
+
+ Fires the event.
+
+ The message about to be encoded and sent.
+
+
+
+ Gets the direct response of a direct HTTP request.
+
+ The web request.
+ The response to the web request.
+ Thrown on network or protocol errors.
+
+
+
+ Submits a direct request message to some remote party and blocks waiting for an immediately reply.
+
+ The request message.
+ The response message, or null if the response did not carry a message.
+
+ Typically a deriving channel will override to customize this method's
+ behavior. However in non-HTTP frameworks, such as unit test mocks, it may be appropriate to override
+ this method to eliminate all use of an HTTP transport.
+
+
+
+
+ Called when receiving a direct response message, before deserialization begins.
+
+ The HTTP direct response.
+ The newly instantiated message, prior to deserialization.
+
+
+
+ Gets the protocol message that may be embedded in the given HTTP request.
+
+ The request to search for an embedded message.
+ The deserialized message, if one is found. Null otherwise.
+
+
+
+ Deserializes a dictionary of values into a message.
+
+ The dictionary of values that were read from an HTTP request or response.
+ Information about where the message was directed. Null for direct response messages.
+ The deserialized message, or null if no message could be recognized in the provided data.
+
+
+
+ Queues an indirect message for transmittal via the user agent.
+
+ The message to send.
+ The pending user agent redirect based message to be sent as an HttpResponse.
+
+
+
+ Encodes an HTTP response that will instruct the user agent to forward a message to
+ some remote third party using a 301 Redirect GET method.
+
+ The message to forward.
+ The pre-serialized fields from the message.
+ if set to true the redirect will contain the message payload in the #fragment portion of the URL rather than the ?querystring.
+ The encoded HTTP response.
+
+
+
+ Encodes an HTTP response that will instruct the user agent to forward a message to
+ some remote third party using a form POST method.
+
+ The message to forward.
+ The pre-serialized fields from the message.
+ The encoded HTTP response.
+
+
+
+ Gets the protocol message that may be in the given HTTP response.
+
+ The response that is anticipated to contain an protocol message.
+ The deserialized message parts, if found. Null otherwise.
+ Thrown when the response is not valid.
+
+
+
+ Prepares an HTTP request that carries a given message.
+
+ The message to send.
+ The prepared to send the request.
+
+ This method must be overridden by a derived class, unless the method
+ is overridden and does not require this method.
+
+
+
+
+ Queues a message for sending in the response stream where the fields
+ are sent in the response stream in querystring style.
+
+ The message to send as a response.
+ The pending user agent redirect based message to be sent as an HttpResponse.
+
+ This method implements spec OAuth V1.0 section 5.3.
+
+
+
+
+ Serializes the given message as a JSON string.
+
+ The message to serialize.
+ A JSON string.
+
+
+
+ Deserializes from flat data from a JSON object.
+
+ A JSON string.
+ The simple "key":"value" pairs from a JSON-encoded object.
+
+
+
+ Prepares a message for transmit by applying signatures, nonces, etc.
+
+ The message to prepare for sending.
+
+ This method should NOT be called by derived types
+ except when sending ONE WAY request messages.
+
+
+
+
+ Prepares to send a request to the Service Provider as the query string in a GET request.
+
+ The message to be transmitted to the ServiceProvider.
+ The web request ready to send.
+
+ This method is simply a standard HTTP Get request with the message parts serialized to the query string.
+ This method satisfies OAuth 1.0 section 5.2, item #3.
+
+
+
+
+ Prepares to send a request to the Service Provider as the query string in a HEAD request.
+
+ The message to be transmitted to the ServiceProvider.
+ The web request ready to send.
+
+ This method is simply a standard HTTP HEAD request with the message parts serialized to the query string.
+ This method satisfies OAuth 1.0 section 5.2, item #3.
+
+
+
+
+ Prepares to send a request to the Service Provider as the payload of a POST request.
+
+ The message to be transmitted to the ServiceProvider.
+ The web request ready to send.
+
+ This method is simply a standard HTTP POST request with the message parts serialized to the POST entity
+ with the application/x-www-form-urlencoded content type
+ This method satisfies OAuth 1.0 section 5.2, item #2 and OpenID 2.0 section 4.1.2.
+
+
+
+
+ Prepares to send a request to the Service Provider as the query string in a PUT request.
+
+ The message to be transmitted to the ServiceProvider.
+ The web request ready to send.
+
+ This method is simply a standard HTTP PUT request with the message parts serialized to the query string.
+
+
+
+
+ Prepares to send a request to the Service Provider as the query string in a DELETE request.
+
+ The message to be transmitted to the ServiceProvider.
+ The web request ready to send.
+
+ This method is simply a standard HTTP DELETE request with the message parts serialized to the query string.
+
+
+
+
+ Sends the given parameters in the entity stream of an HTTP request.
+
+ The HTTP request.
+ The parameters to send.
+
+ This method calls and closes
+ the request stream, but does not call .
+
+
+
+
+ Sends the given parameters in the entity stream of an HTTP request in multi-part format.
+
+ The HTTP request.
+ The parameters to send.
+
+ This method calls and closes
+ the request stream, but does not call .
+
+
+
+
+ Verifies the integrity and applicability of an incoming message.
+
+ The message just received.
+
+ Thrown when the message is somehow invalid.
+ This can be due to tampering, replay attack or expiration, among other things.
+
+
+
+
+ Allows preprocessing and validation of message data before an appropriate message type is
+ selected or deserialized.
+
+ The received message data.
+
+
+
+ Performs additional processing on an outgoing web request before it is sent to the remote server.
+
+ The request.
+
+
+
+ Customizes the binding element order for outgoing and incoming messages.
+
+ The outgoing order.
+ The incoming order.
+
+ No binding elements can be added or removed from the channel using this method.
+ Only a customized order is allowed.
+
+ Thrown if a binding element is new or missing in one of the ordered lists.
+
+
+
+ Ensures a consistent and secure set of binding elements and
+ sorts them as necessary for a valid sequence of operations.
+
+ The binding elements provided to the channel.
+ The properly ordered list of elements.
+ Thrown when the binding elements are incomplete or inconsistent with each other.
+
+
+
+ Puts binding elements in their correct outgoing message processing order.
+
+ The first protection type to compare.
+ The second protection type to compare.
+
+ -1 if should be applied to an outgoing message before .
+ 1 if should be applied to an outgoing message before .
+ 0 if it doesn't matter.
+
+
+
+
+ Verifies that all required message parts are initialized to values
+ prior to sending the message to a remote party.
+
+ The message to verify.
+
+ Thrown when any required message part does not have a value.
+
+
+
+
+ Determines whether a given ordered list of binding elements includes every
+ binding element in this channel exactly once.
+
+ The list of binding elements to test.
+
+ true if the given list is a valid description of a binding element ordering; otherwise, false.
+
+
+
+
+ An event fired whenever a message is about to be encoded and sent.
+
+
+
+
+ Gets or sets an instance to a that will be used when
+ submitting HTTP requests and waiting for responses.
+
+
+ This defaults to a straightforward implementation, but can be set
+ to a mock object for testing purposes.
+
+
+
+
+ Gets or sets the maximum allowable size for a 301 Redirect response before we send
+ a 200 OK response with a scripted form POST with the parameters instead
+ in order to ensure successfully sending a large payload to another server
+ that might have a maximum allowable size restriction on its GET request.
+
+ The default value is 2048.
+
+
+
+ Gets or sets the message descriptions.
+
+
+
+
+ Gets a tool that can figure out what kind of message is being received
+ so it can be deserialized.
+
+
+
+
+ Gets the binding elements used by this channel, in no particular guaranteed order.
+
+
+
+
+ Gets the binding elements used by this channel, in the order applied to outgoing messages.
+
+
+
+
+ Gets the binding elements used by this channel, in the order applied to incoming messages.
+
+
+
+
+ Gets or sets a value indicating whether this instance is disposed.
+
+
+ true if this instance is disposed; otherwise, false.
+
+
+
+
+ Gets or sets a tool that can figure out what kind of message is being received
+ so it can be deserialized.
+
+
+
+
+ Gets or sets the cache policy to use for direct message requests.
+
+ Default is .
+
+
+
+ Gets or sets the XML dictionary reader quotas.
+
+ The XML dictionary reader quotas.
+
+
+
+ Prevents a default instance of the ChannelContract class from being created.
+
+
+
+
+ Gets the protocol message that may be in the given HTTP response.
+
+ The response that is anticipated to contain an protocol message.
+
+ The deserialized message parts, if found. Null otherwise.
+
+ Thrown when the response is not valid.
+
+
+
+ Queues a message for sending in the response stream where the fields
+ are sent in the response stream in querystring style.
+
+ The message to send as a response.
+
+ The pending user agent redirect based message to be sent as an HttpResponse.
+
+
+ This method implements spec V1.0 section 5.3.
+
+
+
+
+ HMAC-SHA algorithm names that can be passed to the method.
+
+
+
+
+ The name of the HMAC-SHA1 algorithm.
+
+
+
+
+ The name of the HMAC-SHA256 algorithm.
+
+
+
+
+ The name of the HMAC-SHA384 algorithm.
+
+
+
+
+ The name of the HMAC-SHA512 algorithm.
+
+
+
+
+ Creates an HMAC-SHA algorithm with the specified name and key.
+
+ A name from the available choices in the static const members of this class.
+ The secret key used as the HMAC.
+ The HMAC algorithm instance.
+
+
+
+ Well known HTTP headers.
+
+
+
+
+ The Authorization header, which specifies the credentials that the client presents in order to authenticate itself to the server.
+
+
+
+
+ The WWW-Authenticate header, which is included in HTTP 401 Unauthorized responses to help the client know which authorization schemes are supported.
+
+
+
+
+ The Content-Type header, which specifies the MIME type of the accompanying body data.
+
+
+
+
+ An interface that allows direct request messages to capture the details of the HTTP request they arrived on.
+
+
+
+
+ The interface that classes must implement to be serialized/deserialized
+ as protocol or extension messages.
+
+
+
+
+ Checks the message state for conformity to the protocol specification
+ and throws an exception if the message is invalid.
+
+
+ Some messages have required fields, or combinations of fields that must relate to each other
+ in specialized ways. After deserializing a message, this method checks the state of the
+ message to see if it conforms to the protocol.
+ Note that this property should not check signatures or perform any state checks
+ outside this scope of this particular message.
+
+ Thrown if the message is invalid.
+
+
+
+ Gets the version of the protocol or extension this message is prepared to implement.
+
+
+ Implementations of this interface should ensure that this property never returns null.
+
+
+
+
+ Gets the extra, non-standard Protocol parameters included in the message.
+
+
+ Implementations of this interface should ensure that this property never returns null.
+
+
+
+
+ Gets the HTTP headers of the request.
+
+ May be an empty collection, but must not be null.
+
+
+
+ Contract class for the interface.
+
+
+
+
+ Checks the message state for conformity to the protocol specification
+ and throws an exception if the message is invalid.
+
+
+ Some messages have required fields, or combinations of fields that must relate to each other
+ in specialized ways. After deserializing a message, this method checks the state of the
+ message to see if it conforms to the protocol.
+ Note that this property should not check signatures or perform any state checks
+ outside this scope of this particular message.
+
+ Thrown if the message is invalid.
+
+
+
+ Gets the HTTP headers of the request.
+
+ May be an empty collection, but must not be null.
+
+
+
+ Gets the version of the protocol or extension this message is prepared to implement.
+
+
+ Implementations of this interface should ensure that this property never returns null.
+
+
+
+
+ Gets the extra, non-standard Protocol parameters included in the message.
+
+
+ Implementations of this interface should ensure that this property never returns null.
+
+
+
+
+ An interface that allows indirect response messages to specify
+ HTTP transport specific properties.
+
+
+
+
+ Gets a value indicating whether the payload for the message should be included
+ in the redirect fragment instead of the query string or POST entity.
+
+
+
+
+ An interface that appears on messages that need to retain a description of
+ what their literal payload was when they were deserialized.
+
+
+
+
+ Gets or sets the original message parts, before any normalization or default values were assigned.
+
+
+
+
+ Code contract for the interface.
+
+
+
+
+ Gets or sets the original message parts, before any normalization or default values were assigned.
+
+
+
+
+ A set of flags that can control the behavior of an individual web request.
+
+
+
+
+ Indicates that default behavior is required.
+
+
+
+
+ Indicates that any response from the remote server, even those
+ with HTTP status codes that indicate errors, should not result
+ in a thrown exception.
+
+
+ Even with this flag set, should
+ be thrown when an HTTP protocol error occurs (i.e. timeouts).
+
+
+
+
+ Indicates that the HTTP request must be completed entirely
+ using SSL (including any redirects).
+
+
+
+
+ Extension methods for types.
+
+
+
+
+ Caches the results of enumerating over a given object so that subsequence enumerations
+ don't require interacting with the object a second time.
+
+ The type of element found in the enumeration.
+ The enumerable object.
+
+ Either a new enumerable object that caches enumerated results, or the original,
+ object if no caching is necessary to avoid additional CPU work.
+
+
+ This is designed for use on the results of generator methods (the ones with yield return in them)
+ so that only those elements in the sequence that are needed are ever generated, while not requiring
+ regeneration of elements that are enumerated over multiple times.
+ This can be a huge performance gain if enumerating multiple times over an expensive generator method.
+ Some enumerable types such as collections, lists, and already-cached generators do not require
+ any (additional) caching, and this method will simply return those objects rather than caching them
+ to avoid double-caching.
+
+
+
+
+ A wrapper for types and returns a caching
+ from its method.
+
+ The type of element in the sequence.
+
+
+
+ The results from enumeration of the live object that have been collected thus far.
+
+
+
+
+ The original generator method or other enumerable object whose contents should only be enumerated once.
+
+
+
+
+ The enumerator we're using over the generator method's results.
+
+
+
+
+ The sync object our caching enumerators use when adding a new live generator method result to the cache.
+
+
+ Although individual enumerators are not thread-safe, this should be
+ thread safe so that multiple enumerators can be created from it and used from different threads.
+
+
+
+
+ Initializes a new instance of the EnumerableCache class.
+
+ The generator.
+
+
+
+ Returns an enumerator that iterates through the collection.
+
+
+ A that can be used to iterate through the collection.
+
+
+
+
+ Returns an enumerator that iterates through a collection.
+
+
+ An object that can be used to iterate through the collection.
+
+
+
+
+ An enumerator that uses cached enumeration results whenever they are available,
+ and caches whatever results it has to pull from the original object.
+
+
+
+
+ The parent enumeration wrapper class that stores the cached results.
+
+
+
+
+ The position of this enumerator in the cached list.
+
+
+
+
+ Initializes a new instance of the EnumeratorCache class.
+
+ The parent cached enumerable whose GetEnumerator method is calling this constructor.
+
+
+
+ Performs application-defined tasks associated with freeing, releasing, or resetting unmanaged resources.
+
+
+
+
+ Advances the enumerator to the next element of the collection.
+
+
+ true if the enumerator was successfully advanced to the next element; false if the enumerator has passed the end of the collection.
+
+
+ The collection was modified after the enumerator was created.
+
+
+
+
+ Sets the enumerator to its initial position, which is before the first element in the collection.
+
+
+ The collection was modified after the enumerator was created.
+
+
+
+
+ Releases unmanaged and - optionally - managed resources
+
+ true to release both managed and unmanaged resources; false to release only unmanaged resources.
+
+
+
+ Gets the element in the collection at the current position of the enumerator.
+
+
+ The element in the collection at the current position of the enumerator.
+
+
+
+
+ Gets the element in the collection at the current position of the enumerator.
+
+
+ The element in the collection at the current position of the enumerator.
+
+
+
+
+ An exception to call out a configuration or runtime failure on the part of the
+ (web) application that is hosting this library.
+
+
+ This exception is used rather than for those errors
+ that should never be caught because they indicate a major error in the app itself
+ or its configuration.
+ It is an internal exception to assist in making it uncatchable.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The message.
+
+
+
+ Initializes a new instance of the class.
+
+ The message.
+ The inner exception.
+
+
+
+ Initializes a new instance of the class.
+
+ The that holds the serialized object data about the exception being thrown.
+ The that contains contextual information about the source or destination.
+
+ The parameter is null.
+
+
+ The class name is null or is zero (0).
+
+
+
+
+ An interface that allows direct response messages to specify
+ HTTP transport specific properties.
+
+
+
+
+ Gets the HTTP status code that the direct response should be sent with.
+
+
+
+
+ Gets the HTTP headers to add to the response.
+
+ May be an empty collection, but must not be null.
+
+
+
+ An interface that extension messages must implement.
+
+
+
+
+ Contract class for the interface.
+
+
+
+
+ Gets the HTTP status code that the direct response should be sent with.
+
+
+
+
+
+ Gets the HTTP headers to add to the response.
+
+ May be an empty collection, but must not be null.
+
+
+
+ Code contract for the interface.
+
+
+
+
+ Prevents a default instance of the class from being created.
+
+
+
+
+ Checks the message state for conformity to the protocol specification
+ and throws an exception if the message is invalid.
+
+
+ Some messages have required fields, or combinations of fields that must relate to each other
+ in specialized ways. After deserializing a message, this method checks the state of the
+ message to see if it conforms to the protocol.
+ Note that this property should not check signatures or perform any state checks
+ outside this scope of this particular message.
+
+ Thrown if the message is invalid.
+
+
+
+ Gets the version of the protocol or extension this message is prepared to implement.
+
+
+
+
+ Gets the extra, non-standard Protocol parameters included in the message.
+
+
+
+ Implementations of this interface should ensure that this property never returns null.
+
+
+
+
+ Undirected messages that serve as direct responses to direct requests.
+
+
+
+
+ The interface that classes must implement to be serialized/deserialized
+ as protocol messages.
+
+
+
+
+ Gets the level of protection this message requires.
+
+
+
+
+ Gets a value indicating whether this is a direct or indirect message.
+
+
+
+
+ Gets the originating request message that caused this response to be formed.
+
+
+
+
+ An empty dictionary. Useful for avoiding memory allocations in creating new dictionaries to represent empty ones.
+
+ The type of the key.
+ The type of the value.
+
+
+
+ The singleton instance of the empty dictionary.
+
+
+
+
+ Prevents a default instance of the EmptyDictionary class from being created.
+
+
+
+
+ Adds an element with the provided key and value to the .
+
+ The object to use as the key of the element to add.
+ The object to use as the value of the element to add.
+
+ is null.
+
+
+ An element with the same key already exists in the .
+
+
+ The is read-only.
+
+
+
+
+ Determines whether the contains an element with the specified key.
+
+ The key to locate in the .
+
+ true if the contains an element with the key; otherwise, false.
+
+
+ is null.
+
+
+
+
+ Removes the element with the specified key from the .
+
+ The key of the element to remove.
+
+ true if the element is successfully removed; otherwise, false. This method also returns false if was not found in the original .
+
+
+ is null.
+
+
+ The is read-only.
+
+
+
+
+ Gets the value associated with the specified key.
+
+ The key whose value to get.
+ When this method returns, the value associated with the specified key, if the key is found; otherwise, the default value for the type of the parameter. This parameter is passed uninitialized.
+
+ true if the object that implements contains an element with the specified key; otherwise, false.
+
+
+ is null.
+
+
+
+
+ Adds an item to the .
+
+ The object to add to the .
+
+ The is read-only.
+
+
+
+
+ Removes all items from the .
+
+
+ The is read-only.
+
+
+
+
+ Determines whether the contains a specific value.
+
+ The object to locate in the .
+
+ true if is found in the ; otherwise, false.
+
+
+
+
+ Copies the elements of the to an , starting at a particular index.
+
+ The one-dimensional that is the destination of the elements copied from . The must have zero-based indexing.
+ The zero-based index in at which copying begins.
+
+ is null.
+
+
+ is less than 0.
+
+
+ is multidimensional.
+ -or-
+ is equal to or greater than the length of .
+ -or-
+ The number of elements in the source is greater than the available space from to the end of the destination .
+ -or-
+ Type cannot be cast automatically to the type of the destination .
+
+
+
+
+ Removes the first occurrence of a specific object from the .
+
+ The object to remove from the .
+
+ true if was successfully removed from the ; otherwise, false. This method also returns false if is not found in the original .
+
+
+ The is read-only.
+
+
+
+
+ Returns an enumerator that iterates through the collection.
+
+
+ A that can be used to iterate through the collection.
+
+
+
+
+ Returns an enumerator that iterates through a collection.
+
+
+ An object that can be used to iterate through the collection.
+
+
+
+
+ Gets an containing the values in the .
+
+
+
+ An containing the values in the object that implements .
+
+
+
+
+ Gets the number of elements contained in the .
+
+
+
+ The number of elements contained in the .
+
+
+
+
+ Gets a value indicating whether the is read-only.
+
+
+ true if the is read-only; otherwise, false.
+
+
+
+
+ Gets an containing the keys of the .
+
+
+
+ An containing the keys of the object that implements .
+
+
+
+
+ Gets or sets the value with the specified key.
+
+ The key being read or written.
+ Nothing. It always throws.
+
+
+
+ An enumerator that always generates zero elements.
+
+
+
+
+ The singleton instance of this empty enumerator.
+
+
+
+
+ Prevents a default instance of the class from being created.
+
+
+
+
+ Advances the enumerator to the next element of the collection.
+
+
+ true if the enumerator was successfully advanced to the next element; false if the enumerator has passed the end of the collection.
+
+
+ The collection was modified after the enumerator was created.
+
+
+
+
+ Sets the enumerator to its initial position, which is before the first element in the collection.
+
+
+ The collection was modified after the enumerator was created.
+
+
+
+
+ Gets the current element in the collection.
+
+
+
+ The current element in the collection.
+
+
+ The enumerator is positioned before the first element of the collection or after the last element.
+
+
+
+
+ An empty, read-only list.
+
+ The type the list claims to include.
+
+
+
+ The singleton instance of the empty list.
+
+
+
+
+ Prevents a default instance of the EmptyList class from being created.
+
+
+
+
+ Determines the index of a specific item in the .
+
+ The object to locate in the .
+
+ The index of if found in the list; otherwise, -1.
+
+
+
+
+ Inserts an item to the at the specified index.
+
+ The zero-based index at which should be inserted.
+ The object to insert into the .
+
+ is not a valid index in the .
+
+
+ The is read-only.
+
+
+
+
+ Removes the item at the specified index.
+
+ The zero-based index of the item to remove.
+
+ is not a valid index in the .
+
+
+ The is read-only.
+
+
+
+
+ Adds an item to the .
+
+ The object to add to the .
+
+ The is read-only.
+
+
+
+
+ Removes all items from the .
+
+
+ The is read-only.
+
+
+
+
+ Determines whether the contains a specific value.
+
+ The object to locate in the .
+
+ true if is found in the ; otherwise, false.
+
+
+
+
+ Copies the elements of the to an , starting at a particular index.
+
+ The one-dimensional that is the destination of the elements copied from . The must have zero-based indexing.
+ The zero-based index in at which copying begins.
+
+ is null.
+
+
+ is less than 0.
+
+
+ is multidimensional.
+ -or-
+ is equal to or greater than the length of .
+ -or-
+ The number of elements in the source is greater than the available space from to the end of the destination .
+ -or-
+ Type cannot be cast automatically to the type of the destination .
+
+
+
+
+ Removes the first occurrence of a specific object from the .
+
+ The object to remove from the .
+
+ true if was successfully removed from the ; otherwise, false. This method also returns false if is not found in the original .
+
+
+ The is read-only.
+
+
+
+
+ Returns an enumerator that iterates through the collection.
+
+
+ A that can be used to iterate through the collection.
+
+
+
+
+ Returns an enumerator that iterates through a collection.
+
+
+ An object that can be used to iterate through the collection.
+
+
+
+
+ Gets the number of elements contained in the .
+
+
+
+ The number of elements contained in the .
+
+
+
+
+ Gets a value indicating whether the is read-only.
+
+
+ true if the is read-only; otherwise, false.
+
+
+
+
+ Gets or sets the at the specified index.
+
+ The index of the element in the list to change.
+ Nothing. It always throws.
+
+
+
+ A collection of error checking and reporting methods.
+
+
+
+
+ Wraps an exception in a new .
+
+ The inner exception to wrap.
+ The error message for the outer exception.
+ The string formatting arguments, if any.
+ The newly constructed (unthrown) exception.
+
+
+
+ Throws an internal error exception.
+
+ The error message.
+ Nothing. But included here so callers can "throw" this method for C# safety.
+ Always thrown.
+
+
+
+ Checks a condition and throws an internal error exception if it evaluates to false.
+
+ The condition to check.
+ The message to include in the exception, if created.
+ Thrown if evaluates to false.
+
+
+
+ Checks a condition and throws an internal error exception if it evaluates to false.
+
+ The condition to check.
+ The message to include in the exception, if created.
+ The formatting arguments.
+ Thrown if evaluates to false.
+
+
+
+ Checks a condition and throws an if it evaluates to false.
+
+ The condition to check.
+ The message to include in the exception, if created.
+ Thrown if evaluates to false.
+
+
+
+ Checks a condition and throws a if it evaluates to false.
+
+ The condition to check.
+ The message to include in the exception, if created.
+ Thrown if evaluates to false.
+
+
+
+ Checks a condition and throws a if it evaluates to false.
+
+ The condition to check.
+ The message to include in the exception, if created.
+ The string formatting arguments for .
+ Thrown if evaluates to false.
+
+
+
+ Checks a condition and throws an if it evaluates to false.
+
+ The condition to check.
+ The message to include in the exception, if created.
+ The formatting arguments.
+ Thrown if evaluates to false.
+
+
+
+ Throws a if some evaluates to false.
+
+ True to do nothing; false to throw the exception.
+ The error message for the exception.
+ The string formatting arguments, if any.
+ Thrown if evaluates to false.
+
+
+
+ Throws a if some evaluates to false.
+
+ True to do nothing; false to throw the exception.
+ The message being processed that would be responsible for the exception if thrown.
+ The error message for the exception.
+ The string formatting arguments, if any.
+ Thrown if evaluates to false.
+
+
+
+ Throws a if some evaluates to false.
+
+ True to do nothing; false to throw the exception.
+ The error message for the exception.
+ The string formatting arguments, if any.
+ Thrown if evaluates to false.
+
+
+
+ Throws a .
+
+ The message to set in the exception.
+ The formatting arguments of the message.
+
+ An InternalErrorException, which may be "thrown" by the caller in order
+ to satisfy C# rules to show that code will never be reached, but no value
+ actually is ever returned because this method guarantees to throw.
+
+ Always thrown.
+
+
+
+ Throws a .
+
+ The message for the exception.
+ The string formatting arguments for .
+ Nothing. It's just here so the caller can throw this method for C# compilation check.
+
+
+
+ Throws a if some condition is false.
+
+ The expression to evaluate. A value of false will cause the exception to be thrown.
+ The message for the exception.
+ The string formatting arguments for .
+ Thrown when is false.
+
+
+
+ Verifies something about the argument supplied to a method.
+
+ The condition that must evaluate to true to avoid an exception.
+ The message to use in the exception if the condition is false.
+ The string formatting arguments, if any.
+ Thrown if evaluates to false.
+
+
+
+ Throws an .
+
+ Name of the parameter.
+ The message to use in the exception if the condition is false.
+ The string formatting arguments, if any.
+ Never returns anything. It always throws.
+
+
+
+ Verifies something about the argument supplied to a method.
+
+ The condition that must evaluate to true to avoid an exception.
+ Name of the parameter.
+ The message to use in the exception if the condition is false.
+ The string formatting arguments, if any.
+ Thrown if evaluates to false.
+
+
+
+ Verifies that some given value is not null.
+
+ The value to check.
+ Name of the parameter, which will be used in the , if thrown.
+ Thrown if is null.
+
+
+
+ Verifies that some string is not null and has non-zero length.
+
+ The value to check.
+ Name of the parameter, which will be used in the , if thrown.
+ Thrown if is null.
+ Thrown if has zero length.
+
+
+
+ Verifies that != null.
+
+ Thrown if == null
+
+
+
+ Obtains a value from the dictionary if possible, or throws a if it's missing.
+
+ The type of key in the dictionary.
+ The type of value in the dictionary.
+ The dictionary.
+ The key to use to look up the value.
+ The message to claim is invalid if the key cannot be found.
+ The value for the given key.
+
+
+
+ An interface that messages wishing to perform custom serialization/deserialization
+ may implement to be notified of events.
+
+
+
+
+ Called when the message is about to be transmitted,
+ before it passes through the channel binding elements.
+
+
+
+
+ Called when the message has been received,
+ after it passes through the channel binding elements.
+
+
+
+
+ Code contract for the class.
+
+
+
+
+ Creates a text reader for the response stream.
+
+
+ The text reader, initialized for the proper encoding.
+
+
+
+
+ Gets an offline snapshot version of this instance.
+
+ The maximum bytes from the response stream to cache.
+ A snapshot version of this instance.
+
+ If this instance is a creating a snapshot
+ will automatically close and dispose of the underlying response stream.
+ If this instance is a , the result will
+ be the self same instance.
+
+
+
+
+ Gets the body of the HTTP response.
+
+
+
+
+
+ A protocol message that supports adding extensions to the payload for transmission.
+
+
+
+
+ Gets the list of extensions that are included with this message.
+
+
+ Implementations of this interface should ensure that this property never returns null.
+
+
+
+
+ Code contract for the interface.
+
+
+
+
+ Prevents a default instance of the class from being created.
+
+
+
+
+ Checks the message state for conformity to the protocol specification
+ and throws an exception if the message is invalid.
+
+
+ Some messages have required fields, or combinations of fields that must relate to each other
+ in specialized ways. After deserializing a message, this method checks the state of the
+ message to see if it conforms to the protocol.
+ Note that this property should not check signatures or perform any state checks
+ outside this scope of this particular message.
+
+ Thrown if the message is invalid.
+
+
+
+ Gets the list of extensions that are included with this message.
+
+
+ Implementations of this interface should ensure that this property never returns null.
+
+
+
+
+ Gets the level of protection this message requires.
+
+
+
+
+ Gets a value indicating whether this is a direct or indirect message.
+
+
+
+
+ Gets the version of the protocol or extension this message is prepared to implement.
+
+
+ Implementations of this interface should ensure that this property never returns null.
+
+
+
+
+ Gets the extra, non-standard Protocol parameters included in the message.
+
+
+ Implementations of this interface should ensure that this property never returns null.
+
+
+
+
+ An internal exception to throw if an internal error within the library requires
+ an abort of the operation.
+
+
+ This exception is internal to prevent clients of the library from catching what is
+ really an unexpected, potentially unrecoverable exception.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The message.
+
+
+
+ Initializes a new instance of the class.
+
+ The message.
+ The inner exception.
+
+
+
+ Initializes a new instance of the class.
+
+ The that holds the serialized object data about the exception being thrown.
+ The that contains contextual information about the source or destination.
+
+ The parameter is null.
+
+
+ The class name is null or is zero (0).
+
+
+
+
+ An interface implemented by -derived types that support binary serialization.
+
+
+
+
+ Serializes the instance to the specified stream.
+
+ The stream.
+
+
+
+ Initializes the fields on this instance from the specified stream.
+
+ The stream.
+
+
+
+ Code Contract for the interface.
+
+
+
+
+ Serializes the instance to the specified stream.
+
+ The stream.
+
+
+
+ Initializes the fields on this instance from the specified stream.
+
+ The stream.
+
+
+
+ A KeyedCollection whose item -> key transform is provided via a delegate
+ to its constructor, and null items are disallowed.
+
+ The type of the key.
+ The type of the item.
+
+
+
+ The delegate that returns a key for the given item.
+
+
+
+
+ Initializes a new instance of the KeyedCollectionDelegate class.
+
+ The delegate that gets the key for a given item.
+
+
+
+ When implemented in a derived class, extracts the key from the specified element.
+
+ The element from which to extract the key.
+ The key for the specified element.
+
+
+
+ Represents a single part in a HTTP multipart POST request.
+
+
+
+
+ The "Content-Disposition" string.
+
+
+
+
+ The two-character \r\n newline character sequence to use.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The content disposition of the part.
+
+
+
+ Creates a part that represents a simple form field.
+
+ The name of the form field.
+ The value.
+ The constructed part.
+
+
+
+ Creates a part that represents a file attachment.
+
+ The name of the form field.
+ The path to the file to send.
+ Type of the content in HTTP Content-Type format.
+ The constructed part.
+
+
+
+ Creates a part that represents a file attachment.
+
+ The name of the form field.
+ Name of the file as the server should see it.
+ Type of the content in HTTP Content-Type format.
+ The content of the file.
+ The constructed part.
+
+
+
+ Performs application-defined tasks associated with freeing, releasing, or resetting unmanaged resources.
+
+
+
+
+ Serializes the part to a stream.
+
+ The stream writer.
+
+
+
+ Releases unmanaged and - optionally - managed resources
+
+ true to release both managed and unmanaged resources; false to release only unmanaged resources.
+
+
+
+ Gets or sets the content disposition.
+
+ The content disposition.
+
+
+
+ Gets the key=value attributes that appear on the same line as the Content-Disposition.
+
+ The content attributes.
+
+
+
+ Gets the headers that appear on subsequent lines after the Content-Disposition.
+
+
+
+
+ Gets or sets the content of the part.
+
+
+
+
+ Gets the length of this entire part.
+
+ Useful for calculating the ContentLength HTTP header to send before actually serializing the content.
+
+
+
+ A live network HTTP response
+
+
+
+
+ The network response object, used to initialize this instance, that still needs
+ to be closed if applicable.
+
+
+
+
+ The incoming network response stream.
+
+
+
+
+ A value indicating whether a stream reader has already been
+ created on this instance.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The request URI.
+ The response.
+
+
+
+ Creates a text reader for the response stream.
+
+ The text reader, initialized for the proper encoding.
+
+
+
+ Gets an offline snapshot version of this instance.
+
+ The maximum bytes from the response stream to cache.
+ A snapshot version of this instance.
+
+ If this instance is a creating a snapshot
+ will automatically close and dispose of the underlying response stream.
+ If this instance is a , the result will
+ be the self same instance.
+
+
+
+
+ Releases unmanaged and - optionally - managed resources
+
+ true to release both managed and unmanaged resources; false to release only unmanaged resources.
+
+
+
+ Gets the body of the HTTP response.
+
+
+
+
+ An ASP.NET MVC structure to represent the response to send
+ to the user agent when the controller has finished its work.
+
+
+
+
+ The outgoing web response to send when the ActionResult is executed.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The response.
+
+
+
+ Enables processing of the result of an action method by a custom type that inherits from .
+
+ The context in which to set the response.
+
+
+
+ An exception to represent errors in the local or remote implementation of the protocol
+ that includes the response message that should be returned to the HTTP client to comply
+ with the protocol specification.
+
+
+
+
+ An exception to represent errors in the local or remote implementation of the protocol.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Initializes a new instance of the class.
+
+ A message describing the specific error the occurred or was detected.
+
+
+
+ Initializes a new instance of the class.
+
+ A message describing the specific error the occurred or was detected.
+ The inner exception to include.
+
+
+
+ Initializes a new instance of the class
+ such that it can be sent as a protocol message response to a remote caller.
+
+ The human-readable exception message.
+ The message that was the cause of the exception. May be null.
+ The inner exception to include.
+
+
+
+ Initializes a new instance of the class.
+
+ The
+ that holds the serialized object data about the exception being thrown.
+ The System.Runtime.Serialization.StreamingContext
+ that contains contextual information about the source or destination.
+
+
+
+ Gets the message that caused the exception.
+
+
+
+
+ The channel that produced the error response message, to be used in constructing the actual HTTP response.
+
+
+
+
+ Initializes a new instance of the class
+ such that it can be sent as a protocol message response to a remote caller.
+
+ The channel to use when encoding the response message.
+ The message to send back to the HTTP client.
+ The message that was the cause of the exception. May be null.
+ The inner exception.
+ The message for the exception.
+
+
+
+ Initializes a new instance of the class.
+
+ The
+ that holds the serialized object data about the exception being thrown.
+ The System.Runtime.Serialization.StreamingContext
+ that contains contextual information about the source or destination.
+
+
+
+ Creates the HTTP response to forward to the client to report the error.
+
+ The HTTP response.
+
+
+
+ Gets the protocol message to send back to the client to report the error.
+
+
+
+
+ Code contract for the type.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Encodes the specified value.
+
+ The value. Guaranteed to never be null.
+
+ The in string form, ready for message transport.
+
+
+
+
+ Decodes the specified value.
+
+ The string value carried by the transport. Guaranteed to never be null, although it may be empty.
+
+ The deserialized form of the given string.
+
+ Thrown when the string value given cannot be decoded into the required object type.
+
+
+
+ An interface describing how various objects can be serialized and deserialized between their object and string forms.
+
+
+ Implementations of this interface must include a default constructor and must be thread-safe.
+
+
+
+
+ Gets the type of the encoded values produced by this encoder, as they would appear in their preferred form.
+
+
+
+
+ A message part encoder that has a special encoding for a null value.
+
+
+
+
+ Gets the string representation to include in a serialized message
+ when the message part has a null value.
+
+
+
+
+ An interface describing how various objects can be serialized and deserialized between their object and string forms.
+
+
+ Implementations of this interface must include a default constructor and must be thread-safe.
+
+
+
+
+ Encodes the specified value as the original value that was formerly decoded.
+
+ The value. Guaranteed to never be null.
+ The in string form, ready for message transport.
+
+
+
+ A cache of instances.
+
+
+
+
+ A dictionary of reflected message types and the generated reflection information.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Returns an enumerator that iterates through a collection.
+
+
+ An object that can be used to iterate through the collection.
+
+
+
+
+ Returns an enumerator that iterates through a collection.
+
+
+ An object that can be used to iterate through the collection.
+
+
+
+
+ Gets a instance prepared for the
+ given message type.
+
+ A type that implements .
+ The protocol version of the message.
+ A instance.
+
+
+
+ Gets a instance prepared for the
+ given message type.
+
+ The message for which a should be obtained.
+
+ A instance.
+
+
+
+
+ Gets the dictionary that provides read/write access to a message.
+
+ The message.
+ The dictionary.
+
+
+
+ Gets the dictionary that provides read/write access to a message.
+
+ The message.
+ A value indicating whether this message dictionary will retrieve original values instead of normalized ones.
+ The dictionary.
+
+
+
+ A struct used as the key to bundle message type and version.
+
+
+
+
+ Backing store for the property.
+
+
+
+
+ Backing store for the property.
+
+
+
+
+ Initializes a new instance of the struct.
+
+ Type of the message.
+ The message version.
+
+
+
+ Implements the operator ==.
+
+ The first object to compare.
+ The second object to compare.
+ The result of the operator.
+
+
+
+ Implements the operator !=.
+
+ The first object to compare.
+ The second object to compare.
+ The result of the operator.
+
+
+
+ Indicates whether this instance and a specified object are equal.
+
+ Another object to compare to.
+
+ true if and this instance are the same type and represent the same value; otherwise, false.
+
+
+
+
+ Returns the hash code for this instance.
+
+
+ A 32-bit signed integer that is the hash code for this instance.
+
+
+
+
+ Gets the message type.
+
+
+
+
+ Gets the message version.
+
+
+
+
+ Allows a custom class or struct to be serializable between itself and a string representation.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The implementing type to use for serializing this type.
+
+
+
+ Gets the default encoder to use for the declaring class.
+
+
+
+
+ A message factory that automatically selects the message type based on the incoming data.
+
+
+
+
+ A tool to analyze an incoming message to figure out what concrete class
+ is designed to deserialize it and instantiates that class.
+
+
+
+
+ Analyzes an incoming request message payload to discover what kind of
+ message is embedded in it and returns the type, or null if no match is found.
+
+ The intended or actual recipient of the request message.
+ The name/value pairs that make up the message payload.
+
+ A newly instantiated -derived object that this message can
+ deserialize to. Null if the request isn't recognized as a valid protocol message.
+
+
+
+
+ Analyzes an incoming request message payload to discover what kind of
+ message is embedded in it and returns the type, or null if no match is found.
+
+
+ The message that was sent as a request that resulted in the response.
+
+ The name/value pairs that make up the message payload.
+
+ A newly instantiated -derived object that this message can
+ deserialize to. Null if the request isn't recognized as a valid protocol message.
+
+
+
+
+ The request message types and their constructors to use for instantiating the messages.
+
+
+
+
+ The response message types and their constructors to use for instantiating the messages.
+
+
+ The value is a dictionary, whose key is the type of the constructor's lone parameter.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Adds message types to the set that this factory can create.
+
+ The message types that this factory may instantiate.
+
+
+
+ Analyzes an incoming request message payload to discover what kind of
+ message is embedded in it and returns the type, or null if no match is found.
+
+ The intended or actual recipient of the request message.
+ The name/value pairs that make up the message payload.
+
+ A newly instantiated -derived object that this message can
+ deserialize to. Null if the request isn't recognized as a valid protocol message.
+
+
+
+
+ Analyzes an incoming request message payload to discover what kind of
+ message is embedded in it and returns the type, or null if no match is found.
+
+ The message that was sent as a request that resulted in the response.
+ The name/value pairs that make up the message payload.
+
+ A newly instantiated -derived object that this message can
+ deserialize to. Null if the request isn't recognized as a valid protocol message.
+
+
+
+
+ Gets the message type that best fits the given incoming request data.
+
+ The recipient of the incoming data. Typically not used, but included just in case.
+ The data of the incoming message.
+
+ The message type that matches the incoming data; or null if no match.
+
+ May be thrown if the incoming data is ambiguous.
+
+
+
+ Gets the message type that best fits the given incoming direct response data.
+
+ The request message that prompted the response data.
+ The data of the incoming message.
+
+ The message type that matches the incoming data; or null if no match.
+
+ May be thrown if the incoming data is ambiguous.
+
+
+
+ Instantiates the given request message type.
+
+ The message description.
+ The recipient.
+ The instantiated message. Never null.
+
+
+
+ Instantiates the given request message type.
+
+ The message description.
+ The request that resulted in this response.
+ The instantiated message. Never null.
+
+
+
+ Gets the hierarchical distance between a type and a type it derives from or implements.
+
+ The base type or interface.
+ The concrete class that implements the .
+ The distance between the two types. 0 if the types are equivalent, 1 if the type immediately derives from or implements the base type, or progressively higher integers.
+
+
+
+ Counts how many strings are in the intersection of two collections.
+
+ The first collection.
+ The second collection.
+ The string comparison method to use.
+ A non-negative integer no greater than the count of elements in the smallest collection.
+
+
+
+ Finds constructors for response messages that take a given request message type.
+
+ The message description.
+ Type of the request message.
+ A sequence of matching constructors.
+
+
+
+ Contract class for the IDataBagFormatter interface.
+
+ The type of DataBag to serialize.
+
+
+
+ Prevents a default instance of the class from being created.
+
+
+
+
+ Serializes the specified message.
+
+ The message to serialize. Must not be null.
+ A non-null, non-empty value.
+
+
+
+ Deserializes a .
+
+ The instance to deserialize into
+ The serialized form of the to deserialize. Must not be null or empty.
+ The message that contains the serialized value. Must not be nulll.
+ Name of the message part whose value is to be deserialized. Used for exception messages.
+
+
+
+ A serializer for -derived types
+
+ The DataBag-derived type that is to be serialized/deserialized.
+
+
+
+ Initializes a new instance of the class.
+
+ The crypto service provider with the asymmetric key to use for signing or verifying the token.
+ The crypto service provider with the asymmetric key to use for encrypting or decrypting the token.
+ A value indicating whether the data in this instance will be GZip'd.
+ The maximum age of a token that can be decoded; useful only when is true.
+ The nonce store to use to ensure that this instance is only decoded once.
+
+
+
+ Initializes a new instance of the class.
+
+ The crypto key store used when signing or encrypting.
+ The bucket in which symmetric keys are stored for signing/encrypting data.
+ A value indicating whether the data in this instance will be protected against tampering.
+ A value indicating whether the data in this instance will be protected against eavesdropping.
+ A value indicating whether the data in this instance will be GZip'd.
+ The minimum age.
+ The maximum age of a token that can be decoded; useful only when is true.
+ The nonce store to use to ensure that this instance is only decoded once.
+
+
+
+ Serializes the instance to a buffer.
+
+ The message.
+ The buffer containing the serialized data.
+
+
+
+ Deserializes the instance from a buffer.
+
+ The message instance to initialize with data from the buffer.
+ The data buffer.
+
+
+
+ A channel that uses the standard message factory.
+
+
+
+
+ The message types receivable by this channel.
+
+
+
+
+ The protocol versions supported by this channel.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The message types that might be encountered.
+ All the possible message versions that might be encountered.
+
+ The binding elements to use in sending and receiving messages.
+ The order they are provided is used for outgoing messgaes, and reversed for incoming messages.
+
+
+
+
+ Generates all the message descriptions for a given set of message types and versions.
+
+ The message types.
+ The message versions.
+ The cache to use when obtaining the message descriptions.
+ The generated/retrieved message descriptions.
+
+
+
+ Gets or sets a tool that can figure out what kind of message is being received
+ so it can be deserialized.
+
+
+
+
+ Gets or sets the message descriptions.
+
+
+
+
+ Gets or sets a tool that can figure out what kind of message is being received
+ so it can be deserialized.
+
+
+
+
+ A collection of message parts that will be serialized into a single string,
+ to be set into a larger message.
+
+
+
+
+ The default version for DataBags.
+
+
+
+
+ The backing field for the property.
+
+
+
+
+ A dictionary to contain extra message data.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The DataBag version.
+
+
+
+ Checks the message state for conformity to the protocol specification
+ and throws an exception if the message is invalid.
+
+
+ Some messages have required fields, or combinations of fields that must relate to each other
+ in specialized ways. After deserializing a message, this method checks the state of the
+ message to see if it conforms to the protocol.
+ Note that this property should not check signatures or perform any state checks
+ outside this scope of this particular message.
+
+ Thrown if the message is invalid.
+
+
+
+ Checks the message state for conformity to the protocol specification
+ and throws an exception if the message is invalid.
+
+
+ Some messages have required fields, or combinations of fields that must relate to each other
+ in specialized ways. After deserializing a message, this method checks the state of the
+ message to see if it conforms to the protocol.
+ Note that this property should not check signatures or perform any state checks
+ outside this scope of this particular message.
+
+ Thrown if the message is invalid.
+
+
+
+ Gets the version of the protocol or extension this message is prepared to implement.
+
+
+ Implementations of this interface should ensure that this property never returns null.
+
+
+
+
+ Gets the extra, non-standard Protocol parameters included in the message.
+
+
+
+ Implementations of this interface should ensure that this property never returns null.
+
+
+
+
+ Gets or sets the nonce.
+
+ The nonce.
+
+
+
+ Gets or sets the UTC creation date of this token.
+
+ The UTC creation date.
+
+
+
+ Gets or sets the signature.
+
+ The signature.
+
+
+
+ Gets or sets the message that delivered this DataBag instance to this host.
+
+
+
+
+ Gets the type of this instance.
+
+ The type of the bag.
+
+ This ensures that one token cannot be misused as another kind of token.
+
+
+
+
+ Translates between a and the number of seconds between it and 1/1/1970 12 AM
+
+
+
+
+ The reference date and time for calculating time stamps.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Encodes the specified value.
+
+ The value. Guaranteed to never be null.
+
+ The in string form, ready for message transport.
+
+
+
+
+ Decodes the specified value.
+
+ The string value carried by the transport. Guaranteed to never be null, although it may be empty.
+
+ The deserialized form of the given string.
+
+ Thrown when the string value given cannot be decoded into the required object type.
+
+
+
+ The interface that classes must implement to be serialized/deserialized
+ as protocol or extension messages that uses POST multi-part data for binary content.
+
+
+
+
+ Implemented by messages that have explicit recipients
+ (direct requests and all indirect messages).
+
+
+
+
+ Gets the preferred method of transport for the message.
+
+
+ For indirect messages this will likely be GET+POST, which both can be simulated in the user agent:
+ the GET with a simple 301 Redirect, and the POST with an HTML form in the response with javascript
+ to automate submission.
+
+
+
+
+ Gets the URL of the intended receiver of this message.
+
+
+
+
+ Gets the parts of the message that carry binary data.
+
+ A list of parts. Never null.
+
+
+
+ Gets a value indicating whether this message should be sent as multi-part POST.
+
+
+
+
+ The contract class for the interface.
+
+
+
+
+ Prevents a default instance of the class from being created.
+
+
+
+
+ Checks the message state for conformity to the protocol specification
+ and throws an exception if the message is invalid.
+
+
+ Some messages have required fields, or combinations of fields that must relate to each other
+ in specialized ways. After deserializing a message, this method checks the state of the
+ message to see if it conforms to the protocol.
+ Note that this property should not check signatures or perform any state checks
+ outside this scope of this particular message.
+
+ Thrown if the message is invalid.
+
+
+
+ Gets the parts of the message that carry binary data.
+
+ A list of parts. Never null.
+
+
+
+ Gets a value indicating whether this message should be sent as multi-part POST.
+
+
+
+
+ Gets the version of the protocol or extension this message is prepared to implement.
+
+
+
+ Implementations of this interface should ensure that this property never returns null.
+
+
+
+
+ Gets the extra, non-standard Protocol parameters included in the message.
+
+
+
+ Implementations of this interface should ensure that this property never returns null.
+
+
+
+
+ Gets the preferred method of transport for the message.
+
+
+ For indirect messages this will likely be GET+POST, which both can be simulated in the user agent:
+ the GET with a simple 301 Redirect, and the POST with an HTML form in the response with javascript
+ to automate submission.
+
+
+
+
+ Gets the URL of the intended receiver of this message.
+
+
+
+
+ Gets the level of protection this message requires.
+
+
+
+
+ Gets a value indicating whether this is a direct or indirect message.
+
+
+
+
+ The data packet sent with Channel events.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The message behind the fired event..
+
+
+
+ Gets the message that caused the event to fire.
+
+
+
+
+ An in-memory nonce store. Useful for single-server web applications.
+ NOT for web farms.
+
+
+
+
+ Describes the contract a nonce store must fulfill.
+
+
+
+
+ Stores a given nonce and timestamp.
+
+ The context, or namespace, within which the
+ must be unique.
+ The context SHOULD be treated as case-sensitive.
+ The value will never be null but may be the empty string.
+ A series of random characters.
+ The UTC timestamp that together with the nonce string make it unique
+ within the given .
+ The timestamp may also be used by the data store to clear out old nonces.
+
+ True if the context+nonce+timestamp (combination) was not previously in the database.
+ False if the nonce was stored previously with the same timestamp and context.
+
+
+ The nonce must be stored for no less than the maximum time window a message may
+ be processed within before being discarded as an expired message.
+ This maximum message age can be looked up via the
+
+ property, accessible via the
+ property.
+
+
+
+
+ How frequently we should take time to clear out old nonces.
+
+
+
+
+ The maximum age a message can be before it is discarded.
+
+
+ This is useful for knowing how long used nonces must be retained.
+
+
+
+
+ A list of the consumed nonces.
+
+
+
+
+ A lock object used around accesses to the field.
+
+
+
+
+ Where we're currently at in our periodic nonce cleaning cycle.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The maximum age a message can be before it is discarded.
+
+
+
+ Stores a given nonce and timestamp.
+
+ The context, or namespace, within which the must be unique.
+ A series of random characters.
+ The timestamp that together with the nonce string make it unique.
+ The timestamp may also be used by the data store to clear out old nonces.
+
+ True if the nonce+timestamp (combination) was not previously in the database.
+ False if the nonce was stored previously with the same timestamp.
+
+
+ The nonce must be stored for no less than the maximum time window a message may
+ be processed within before being discarded as an expired message.
+ If the binding element is applicable to your channel, this expiration window
+ is retrieved or set using the
+ property.
+
+
+
+
+ Clears consumed nonces from the cache that are so old they would be
+ rejected if replayed because it is expired.
+
+
+
+
+ A contract for handling.
+
+
+ Implementations of this interface must be thread safe.
+
+
+
+
+ Determines whether this instance can support the specified options.
+
+ The set of options that might be given in a subsequent web request.
+
+ true if this instance can support the specified options; otherwise, false.
+
+
+
+
+ Prepares an that contains an POST entity for sending the entity.
+
+ The that should contain the entity.
+
+ The stream the caller should write out the entity data to.
+
+ Thrown for any network error.
+
+ The caller should have set the
+ and any other appropriate properties before calling this method.
+ Callers must close and dispose of the request stream when they are done
+ writing to it to avoid taking up the connection too long and causing long waits on
+ subsequent requests.
+ Implementations should catch and wrap it in a
+ to abstract away the transport and provide
+ a single exception type for hosts to catch.
+
+
+
+
+ Prepares an that contains an POST entity for sending the entity.
+
+ The that should contain the entity.
+ The options to apply to this web request.
+
+ The stream the caller should write out the entity data to.
+
+ Thrown for any network error.
+
+ The caller should have set the
+ and any other appropriate properties before calling this method.
+ Callers must close and dispose of the request stream when they are done
+ writing to it to avoid taking up the connection too long and causing long waits on
+ subsequent requests.
+ Implementations should catch and wrap it in a
+ to abstract away the transport and provide
+ a single exception type for hosts to catch.
+
+
+
+
+ Processes an and converts the
+ to a instance.
+
+ The to handle.
+ An instance of describing the response.
+ Thrown for any network error.
+
+ Implementations should catch and wrap it in a
+ to abstract away the transport and provide
+ a single exception type for hosts to catch. The
+ value, if set, should be Closed before throwing.
+
+
+
+
+ Processes an and converts the
+ to a instance.
+
+ The to handle.
+ The options to apply to this web request.
+ An instance of describing the response.
+ Thrown for any network error.
+
+ Implementations should catch and wrap it in a
+ to abstract away the transport and provide
+ a single exception type for hosts to catch. The
+ value, if set, should be Closed before throwing.
+
+
+
+
+ Code contract for the type.
+
+
+
+
+ Determines whether this instance can support the specified options.
+
+ The set of options that might be given in a subsequent web request.
+
+ true if this instance can support the specified options; otherwise, false.
+
+
+
+
+ Prepares an that contains an POST entity for sending the entity.
+
+ The that should contain the entity.
+
+ The stream the caller should write out the entity data to.
+
+ Thrown for any network error.
+
+ The caller should have set the
+ and any other appropriate properties before calling this method.
+ Callers must close and dispose of the request stream when they are done
+ writing to it to avoid taking up the connection too long and causing long waits on
+ subsequent requests.
+ Implementations should catch and wrap it in a
+ to abstract away the transport and provide
+ a single exception type for hosts to catch.
+
+
+
+
+ Prepares an that contains an POST entity for sending the entity.
+
+ The that should contain the entity.
+ The options to apply to this web request.
+
+ The stream the caller should write out the entity data to.
+
+ Thrown for any network error.
+
+ The caller should have set the
+ and any other appropriate properties before calling this method.
+ Callers must close and dispose of the request stream when they are done
+ writing to it to avoid taking up the connection too long and causing long waits on
+ subsequent requests.
+ Implementations should catch and wrap it in a
+ to abstract away the transport and provide
+ a single exception type for hosts to catch.
+
+
+
+
+ Processes an and converts the
+ to a instance.
+
+ The to handle.
+
+ An instance of describing the response.
+
+ Thrown for any network error.
+
+ Implementations should catch and wrap it in a
+ to abstract away the transport and provide
+ a single exception type for hosts to catch. The
+ value, if set, should be Closed before throwing.
+
+
+
+
+ Processes an and converts the
+ to a instance.
+
+ The to handle.
+ The options to apply to this web request.
+
+ An instance of describing the response.
+
+ Thrown for any network error.
+
+ Implementations should catch and wrap it in a
+ to abstract away the transport and provide
+ a single exception type for hosts to catch. The
+ value, if set, should be Closed before throwing.
+
+
+
+
+ A binding element that checks/verifies a nonce message part.
+
+
+
+
+ An interface that must be implemented by message transforms/validators in order
+ to be included in the channel stack.
+
+
+
+
+ Prepares a message for sending based on the rules of this channel binding element.
+
+ The message to prepare for sending.
+
+ The protections (if any) that this binding element applied to the message.
+ Null if this binding element did not even apply to this binding element.
+
+
+ Implementations that provide message protection must honor the
+ properties where applicable.
+
+
+
+
+ Performs any transformation on an incoming message that may be necessary and/or
+ validates an incoming message based on the rules of this channel binding element.
+
+ The incoming message to process.
+
+ The protections (if any) that this binding element applied to the message.
+ Null if this binding element did not even apply to this binding element.
+
+
+ Thrown when the binding element rules indicate that this message is invalid and should
+ NOT be processed.
+
+
+ Implementations that provide message protection must honor the
+ properties where applicable.
+
+
+
+
+ Gets or sets the channel that this binding element belongs to.
+
+
+ This property is set by the channel when it is first constructed.
+
+
+
+
+ Gets the protection commonly offered (if any) by this binding element.
+
+
+ This value is used to assist in sorting binding elements in the channel stack.
+
+
+
+
+ These are the characters that may be chosen from when forming a random nonce.
+
+
+
+
+ The persistent store for nonces received.
+
+
+
+
+ The length of generated nonces.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The store where nonces will be persisted and checked.
+
+
+
+ Initializes a new instance of the class.
+
+ The store where nonces will be persisted and checked.
+ A value indicating whether zero-length nonces will be allowed.
+
+
+
+ Applies a nonce to the message.
+
+ The message to apply replay protection to.
+
+ The protections (if any) that this binding element applied to the message.
+ Null if this binding element did not even apply to this binding element.
+
+
+
+
+ Verifies that the nonce in an incoming message has not been seen before.
+
+ The incoming message.
+
+ The protections (if any) that this binding element applied to the message.
+ Null if this binding element did not even apply to this binding element.
+
+ Thrown when the nonce check revealed a replayed message.
+
+
+
+ Generates a string of random characters for use as a nonce.
+
+ The nonce string.
+
+
+
+ Gets the protection that this binding element provides messages.
+
+
+
+
+ Gets or sets the channel that this binding element belongs to.
+
+
+
+
+ Gets or sets the strength of the nonce, which is measured by the number of
+ nonces that could theoretically be generated.
+
+
+ The strength of the nonce is equal to the number of characters that might appear
+ in the nonce to the power of the length of the nonce.
+
+
+
+
+ Gets or sets a value indicating whether empty nonces are allowed.
+
+ Default is false.
+
+
+
+ Applied to fields and properties that form a key/value in a protocol message.
+
+
+
+
+ The overridden name to use as the serialized name for the property.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+ A special name to give the value of this member in the serialized message.
+ When null or empty, the name of the member will be used in the serialized message.
+
+
+
+
+ Gets the name of the serialized form of this member in the message.
+
+
+
+
+ Gets or sets the level of protection required by this member in the serialized message.
+
+
+ Message part protection must be provided and verified by the channel binding element(s)
+ that provide security.
+
+
+
+
+ Gets or sets a value indicating whether this member is a required part of the serialized message.
+
+
+
+
+ Gets or sets a value indicating whether the string value is allowed to be empty in the serialized message.
+
+ Default is true.
+
+
+
+ Gets or sets an IMessagePartEncoder custom encoder to use
+ to translate the applied member to and from a string.
+
+
+
+
+ Gets or sets the minimum version of the protocol this attribute applies to
+ and overrides any attributes with lower values for this property.
+
+ Defaults to 0.0.
+
+
+
+ Gets or sets the maximum version of the protocol this attribute applies to.
+
+ Defaults to int.MaxValue for the major version number.
+
+ Specifying on another attribute on the same member
+ automatically turns this attribute off. This property should only be set when
+ a property is totally dropped from a newer version of the protocol.
+
+
+
+
+ Gets or sets a value indicating whether the value contained by this property contains
+ sensitive information that should generally not be logged.
+
+
+ true if this instance is security sensitive; otherwise, false.
+
+
+
+
+ Gets or sets the minimum version of the protocol this attribute applies to
+ and overrides any attributes with lower values for this property.
+
+ Defaults to 0.0.
+
+
+
+ Gets or sets the maximum version of the protocol this attribute applies to.
+
+ Defaults to int.MaxValue for the major version number.
+
+ Specifying on another attribute on the same member
+ automatically turns this attribute off. This property should only be set when
+ a property is totally dropped from a newer version of the protocol.
+
+
+
+
+ Categorizes the various types of channel binding elements so they can be properly ordered.
+
+
+ The order of these enum values is significant.
+ Each successive value requires the protection offered by all the previous values
+ in order to be reliable. For example, message expiration is meaningless without
+ tamper protection to prevent a user from changing the timestamp on a message.
+
+
+
+
+ No protection.
+
+
+
+
+ A binding element that signs a message before sending and validates its signature upon receiving.
+
+
+
+
+ A binding element that enforces a maximum message age between sending and processing on the receiving side.
+
+
+
+
+ A binding element that prepares messages for replay detection and detects replayed messages on the receiving side.
+
+
+
+
+ All forms of protection together.
+
+
+
+
+ Code Contract for the interface.
+
+
+
+
+ Prevents a default instance of the class from being created.
+
+
+
+
+ Prepares a message for sending based on the rules of this channel binding element.
+
+ The message to prepare for sending.
+
+ The protections (if any) that this binding element applied to the message.
+ Null if this binding element did not even apply to this binding element.
+
+
+ Implementations that provide message protection must honor the
+ properties where applicable.
+
+
+
+
+ Performs any transformation on an incoming message that may be necessary and/or
+ validates an incoming message based on the rules of this channel binding element.
+
+ The incoming message to process.
+
+ The protections (if any) that this binding element applied to the message.
+ Null if this binding element did not even apply to this binding element.
+
+
+ Thrown when the binding element rules indicate that this message is invalid and should
+ NOT be processed.
+
+
+ Implementations that provide message protection must honor the
+ properties where applicable.
+
+
+
+
+ Gets or sets the channel that this binding element belongs to.
+
+
+
+ This property is set by the channel when it is first constructed.
+
+
+
+
+ Gets the protection commonly offered (if any) by this binding element.
+
+
+
+ This value is used to assist in sorting binding elements in the channel stack.
+
+
+
+
+ An exception thrown when a message is received for the second time, signalling a possible
+ replay attack.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The replayed message.
+
+
+
+ Initializes a new instance of the class.
+
+ The
+ that holds the serialized object data about the exception being thrown.
+ The System.Runtime.Serialization.StreamingContext
+ that contains contextual information about the source or destination.
+
+
+
+ An exception thrown when a message is received that exceeds the maximum message age limit.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The date the message expired.
+ The expired message.
+
+
+
+ Initializes a new instance of the class.
+
+ The
+ that holds the serialized object data about the exception being thrown.
+ The System.Runtime.Serialization.StreamingContext
+ that contains contextual information about the source or destination.
+
+
+
+ An exception thrown when a signed message does not pass signature validation.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The message with the invalid signature.
+
+
+
+ Initializes a new instance of the class.
+
+ The
+ that holds the serialized object data about the exception being thrown.
+ The System.Runtime.Serialization.StreamingContext
+ that contains contextual information about the source or destination.
+
+
+
+ The contract a message that has an allowable time window for processing must implement.
+
+
+ All replay-protected messages must also be set to expire so the nonces do not have
+ to be stored indefinitely.
+
+
+
+
+ The contract a message that has an allowable time window for processing must implement.
+
+
+ All expiring messages must also be signed to prevent tampering with the creation date.
+
+
+
+
+ Gets or sets the UTC date/time the message was originally sent onto the network.
+
+
+ The property setter should ensure a UTC date/time,
+ and throw an exception if this is not possible.
+
+
+ Thrown when a DateTime that cannot be converted to UTC is set.
+
+
+
+
+ Gets the context within which the nonce must be unique.
+
+
+ The value of this property must be a value assigned by the nonce consumer
+ to represent the entity that generated the nonce. The value must never be
+ null but may be the empty string.
+ This value is treated as case-sensitive.
+
+
+
+
+ Gets or sets the nonce that will protect the message from replay attacks.
+
+
+
+
+ A property store of details of an incoming HTTP request.
+
+
+ This serves a very similar purpose to , except that
+ ASP.NET does not let us fully initialize that class, so we have to write one
+ of our one.
+
+
+
+
+ The HTTP verb in the request.
+
+
+
+
+ The full request URL.
+
+
+
+
+ The HTTP headers.
+
+
+
+
+ The variables defined in the query part of the URL.
+
+
+
+
+ The POSTed form variables.
+
+
+
+
+ The server variables collection.
+
+
+
+
+ The backing field for the property.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The request.
+ The request URI.
+
+
+
+ Initializes a new instance of the class.
+
+ The HTTP method.
+ The request URI.
+ The form variables.
+ The HTTP headers.
+ The cookies in the request.
+
+
+
+ Initializes a new instance of the class.
+
+ Details on the incoming HTTP request.
+
+
+
+ Initializes a new instance of the class.
+
+ The request.
+
+
+
+ Initializes a new instance of the class.
+
+ The HTTP method.
+ The request URI.
+ The headers.
+ The input stream.
+
+
+
+ Creates an instance that describes the specified HTTP request.
+
+ The request.
+ The request URI.
+ An instance of .
+
+
+
+ Creates an instance that describes the specified HTTP request.
+
+ The listener request.
+ An instance of .
+
+
+
+ Creates an instance that describes the specified HTTP request.
+
+ The HTTP request.
+ An instance of .
+
+
+
+ Creates an instance that describes the specified HTTP request.
+
+ The HTTP method.
+ The request URI.
+ The form variables.
+ The HTTP headers.
+ An instance of .
+
+
+
+ Creates an instance that describes the specified HTTP request.
+
+ The HTTP method.
+ The request URI.
+ The headers.
+ The input stream.
+ An instance of .
+
+
+
+ Reads name=value pairs from the POSTed form entity when the HTTP headers indicate that that is the payload of the entity.
+
+ The HTTP method.
+ The headers.
+ A function that returns the input stream.
+ The non-null collection of form variables.
+
+
+
+ Adds HTTP headers to a .
+
+ The collection to be modified with added entries.
+ The collection to read from.
+
+
+
+ Gets the HTTP method.
+
+
+
+
+ Gets the headers.
+
+
+
+
+ Gets the URL.
+
+
+
+
+ Gets the raw URL.
+
+
+
+
+ Gets the form.
+
+
+
+
+ Gets the query string.
+
+
+
+
+ Gets the server variables.
+
+
+
+
+ Gets the collection of cookies that were sent by the client.
+
+ The client's cookies.
+
+
+
+ Code contract for the interface.
+
+
+
+
+ Prevents a default instance of the class from being created.
+
+
+
+
+ Analyzes an incoming request message payload to discover what kind of
+ message is embedded in it and returns the type, or null if no match is found.
+
+ The intended or actual recipient of the request message.
+ The name/value pairs that make up the message payload.
+
+ A newly instantiated -derived object that this message can
+ deserialize to. Null if the request isn't recognized as a valid protocol message.
+
+
+
+
+ Analyzes an incoming request message payload to discover what kind of
+ message is embedded in it and returns the type, or null if no match is found.
+
+ The message that was sent as a request that resulted in the response.
+ The name/value pairs that make up the message payload.
+
+ A newly instantiated -derived object that this message can
+ deserialize to. Null if the request isn't recognized as a valid protocol message.
+
+
+
+
+ The contract a message that is signed must implement.
+
+
+ This type might have appeared in the DotNetOpenAuth.Messaging.Bindings namespace since
+ it is only used by types in that namespace, but all those types are internal and this
+ is the only one that was public.
+
+
+
+
+ Gets or sets the message signature.
+
+
+
+
+ Serializes/deserializes OAuth messages for/from transit.
+
+
+
+
+ The specific -derived type
+ that will be serialized and deserialized using this class.
+
+
+
+
+ Initializes a new instance of the MessageSerializer class.
+
+ The specific -derived type
+ that will be serialized and deserialized using this class.
+
+
+
+ Creates or reuses a message serializer for a given message type.
+
+ The type of message that will be serialized/deserialized.
+ A message serializer for the given message type.
+
+
+
+ Reads JSON as a flat dictionary into a message.
+
+ The message dictionary to fill with the JSON-deserialized data.
+ The JSON reader.
+
+
+
+ Reads the data from a message instance and writes an XML/JSON encoding of it.
+
+ The message to be serialized.
+ The writer to use for the serialized form.
+
+ Use
+ to create the instance capable of emitting JSON.
+
+
+
+
+ Reads XML/JSON into a message dictionary.
+
+ The message to deserialize into.
+ The XML/JSON to read into the message.
+ Thrown when protocol rules are broken by the incoming message.
+
+ Use
+ to create the instance capable of reading JSON.
+
+
+
+
+ Reads the data from a message instance and returns a series of name=value pairs for the fields that must be included in the message.
+
+ The message to be serialized.
+ The dictionary of values to send for the message.
+
+
+
+ Reads name=value pairs into a message.
+
+ The name=value pairs that were read in from the transport.
+ The message to deserialize into.
+ Thrown when protocol rules are broken by the incoming message.
+
+
+
+ Determines whether the specified type is numeric.
+
+ The type to test.
+
+ true if the specified type is numeric; otherwise, false.
+
+
+
+
+ A strongly-typed resource class, for looking up localized strings, etc.
+
+
+
+
+ Returns the cached ResourceManager instance used by this class.
+
+
+
+
+ Overrides the current thread's CurrentUICulture property for all
+ resource lookups using this strongly typed resource class.
+
+
+
+
+ Looks up a localized string similar to Argument's {0}.{1} property is required but is empty or null..
+
+
+
+
+ Looks up a localized string similar to Unable to send all message data because some of it requires multi-part POST, but IMessageWithBinaryData.SendAsMultipart was false..
+
+
+
+
+ Looks up a localized string similar to HttpContext.Current is null. There must be an ASP.NET request in process for this operation to succeed..
+
+
+
+
+ Looks up a localized string similar to DataContractSerializer could not be initialized on message type {0}. Is it missing a [DataContract] attribute?.
+
+
+
+
+ Looks up a localized string similar to DataContractSerializer could not be initialized on message type {0} because the DataContractAttribute.Namespace property is not set..
+
+
+
+
+ Looks up a localized string similar to Decoding failed due to data corruption..
+
+
+
+
+ Looks up a localized string similar to An instance of type {0} was expected, but received unexpected derived type {1}..
+
+
+
+
+ Looks up a localized string similar to The directed message's Recipient property must not be null..
+
+
+
+
+ Looks up a localized string similar to The given set of options is not supported by this web request handler..
+
+
+
+
+ Looks up a localized string similar to Unable to instantiate the message part encoder/decoder type {0}..
+
+
+
+
+ Looks up a localized string similar to Error while deserializing message {0}..
+
+
+
+
+ Looks up a localized string similar to Error occurred while sending a direct message or getting the response..
+
+
+
+
+ Looks up a localized string similar to This exception was not constructed with a root request message that caused it..
+
+
+
+
+ Looks up a localized string similar to This exception must be instantiated with a recipient that will receive the error message, or a direct request message instance that this exception will respond to..
+
+
+
+
+ Looks up a localized string similar to Expected {0} message but received no recognizable message..
+
+
+
+
+ Looks up a localized string similar to The message part {0} was expected in the {1} message but was not found..
+
+
+
+
+ Looks up a localized string similar to The message expired at {0} and it is now {1}..
+
+
+
+
+ Looks up a localized string similar to Failed to add extra parameter '{0}' with value '{1}'..
+
+
+
+
+ Looks up a localized string similar to At least one of GET or POST flags must be present..
+
+
+
+
+ Looks up a localized string similar to This method requires a current HttpContext. Alternatively, use an overload of this method that allows you to pass in information without an HttpContext..
+
+
+
+
+ Looks up a localized string similar to Messages that indicate indirect transport must implement the {0} interface..
+
+
+
+
+ Looks up a localized string similar to Insecure web request for '{0}' aborted due to security requirements demanding HTTPS..
+
+
+
+
+ Looks up a localized string similar to The {0} message required protections {{{1}}} but the channel could only apply {{{2}}}..
+
+
+
+
+ Looks up a localized string similar to The customized binding element ordering is invalid..
+
+
+
+
+ Looks up a localized string similar to Some part(s) of the message have invalid values: {0}.
+
+
+
+
+ Looks up a localized string similar to The incoming message had an invalid or missing nonce..
+
+
+
+
+ Looks up a localized string similar to An item with the same key has already been added..
+
+
+
+
+ Looks up a localized string similar to Message too large for a HTTP GET, and HTTP POST is not allowed for this message type..
+
+
+
+
+ Looks up a localized string similar to The {0} message does not support extensions..
+
+
+
+
+ Looks up a localized string similar to The value for {0}.{1} on member {1} was expected to derive from {2} but was {3}..
+
+
+
+
+ Looks up a localized string similar to Error while reading message '{0}' parameter '{1}' with value '{2}'..
+
+
+
+
+ Looks up a localized string similar to Message parameter '{0}' with value '{1}' failed to base64 decode..
+
+
+
+
+ Looks up a localized string similar to Error while preparing message '{0}' parameter '{1}' for sending..
+
+
+
+
+ Looks up a localized string similar to This message has a timestamp of {0}, which is beyond the allowable clock skew for in the future..
+
+
+
+
+ Looks up a localized string similar to Missing decryption key for bucket "{0}" handle "{1}".
+
+
+
+
+ Looks up a localized string similar to A non-empty string was expected..
+
+
+
+
+ Looks up a localized string similar to A message response is already queued for sending in the response stream..
+
+
+
+
+ Looks up a localized string similar to This message has already been processed. This could indicate a replay attack in progress..
+
+
+
+
+ Looks up a localized string similar to This channel does not support replay protection..
+
+
+
+
+ Looks up a localized string similar to The following message parts had constant value requirements that were unsatisfied: {0}.
+
+
+
+
+ Looks up a localized string similar to The following required non-empty parameters were empty in the {0} message: {1}.
+
+
+
+
+ Looks up a localized string similar to The following required parameters were missing from the {0} message: {1}.
+
+
+
+
+ Looks up a localized string similar to The binding element offering the {0} protection requires other protection that is not provided..
+
+
+
+
+ Looks up a localized string similar to The list is empty..
+
+
+
+
+ Looks up a localized string similar to The list contains a null element..
+
+
+
+
+ Looks up a localized string similar to An HttpContext.Current.Session object is required..
+
+
+
+
+ Looks up a localized string similar to Message signature was incorrect..
+
+
+
+
+ Looks up a localized string similar to This channel does not support signing messages. To support signing messages, a derived Channel type must override the Sign and IsSignatureValid methods..
+
+
+
+
+ Looks up a localized string similar to This message factory does not support message type(s): {0}.
+
+
+
+
+ Looks up a localized string similar to The stream must have a known length..
+
+
+
+
+ Looks up a localized string similar to The stream's CanRead property returned false..
+
+
+
+
+ Looks up a localized string similar to The stream's CanWrite property returned false..
+
+
+
+
+ Looks up a localized string similar to Expected at most 1 binding element to apply the {0} protection, but more than one applied..
+
+
+
+
+ Looks up a localized string similar to The maximum allowable number of redirects were exceeded while requesting '{0}'..
+
+
+
+
+ Looks up a localized string similar to Unexpected buffer length..
+
+
+
+
+ Looks up a localized string similar to The array must not be empty..
+
+
+
+
+ Looks up a localized string similar to The empty string is not allowed..
+
+
+
+
+ Looks up a localized string similar to Expected direct response to use HTTP status code {0} but was {1} instead..
+
+
+
+
+ Looks up a localized string similar to Message parameter '{0}' had unexpected value '{1}'..
+
+
+
+
+ Looks up a localized string similar to Expected message {0} parameter '{1}' to have value '{2}' but had '{3}' instead..
+
+
+
+
+ Looks up a localized string similar to Expected message {0} but received {1} instead..
+
+
+
+
+ Looks up a localized string similar to Unexpected message type received..
+
+
+
+
+ Looks up a localized string similar to A null key was included and is not allowed..
+
+
+
+
+ Looks up a localized string similar to A null or empty key was included and is not allowed..
+
+
+
+
+ Looks up a localized string similar to A null value was included for key '{0}' and is not allowed..
+
+
+
+
+ Looks up a localized string similar to The type {0} or a derived type was expected, but {1} was given..
+
+
+
+
+ Looks up a localized string similar to {0} property has unrecognized value {1}..
+
+
+
+
+ Looks up a localized string similar to The URL '{0}' is rated unsafe and cannot be requested this way..
+
+
+
+
+ Looks up a localized string similar to This blob is not a recognized encryption format..
+
+
+
+
+ Looks up a localized string similar to The HTTP verb '{0}' is unrecognized and unsupported..
+
+
+
+
+ Looks up a localized string similar to '{0}' messages cannot be received with HTTP verb '{1}'..
+
+
+
+
+ Looks up a localized string similar to Redirects on POST requests that are to untrusted servers is not supported..
+
+
+
+
+ Looks up a localized string similar to Web request to '{0}' failed..
+
+
+
+
+ A grab-bag of utility methods useful for the channel stack of the protocol.
+
+
+
+
+ The uppercase alphabet.
+
+
+
+
+ The lowercase alphabet.
+
+
+
+
+ The set of base 10 digits.
+
+
+
+
+ The set of digits and alphabetic letters (upper and lowercase).
+
+
+
+
+ All the characters that are allowed for use as a base64 encoding character.
+
+
+
+
+ All the characters that are allowed for use as a base64 encoding character
+ in the "web safe" context.
+
+
+
+
+ The set of digits, and alphabetic letters (upper and lowercase) that are clearly
+ visually distinguishable.
+
+
+
+
+ The length of private symmetric secret handles.
+
+
+ This value needn't be high, as we only expect to have a small handful of unexpired secrets at a time,
+ and handle recycling is permissible.
+
+
+
+
+ The cryptographically strong random data generator used for creating secrets.
+
+ The random number generator is thread-safe.
+
+
+
+ The default lifetime of a private secret.
+
+
+
+
+ A character array containing just the = character.
+
+
+
+
+ A character array containing just the , character.
+
+
+
+
+ A character array containing just the " character.
+
+
+
+
+ The set of characters that are unreserved in RFC 2396 but are NOT unreserved in RFC 3986.
+
+
+
+
+ A set of escaping mappings that help secure a string from javscript execution.
+
+
+ The characters to escape here are inspired by
+ http://code.google.com/p/doctype/wiki/ArticleXSSInJavaScript
+
+
+
+
+ Transforms an OutgoingWebResponse to an MVC-friendly ActionResult.
+
+ The response to send to the user agent.
+ The instance to be returned by the Controller's action method.
+
+
+
+ Transforms an OutgoingWebResponse to a Web API-friendly HttpResponseMessage.
+
+ The response to send to the user agent.
+ The instance to be returned by the Web API method.
+
+
+
+ Gets the original request URL, as seen from the browser before any URL rewrites on the server if any.
+ Cookieless session directory (if applicable) is also included.
+
+ The URL in the user agent's Location bar.
+
+
+
+ Strips any and all URI query parameters that start with some prefix.
+
+ The URI that may have a query with parameters to remove.
+ The prefix for parameters to remove. A period is NOT automatically appended.
+ Either a new Uri with the parameters removed if there were any to remove, or the same Uri instance if no parameters needed to be removed.
+
+
+
+ Sends a multipart HTTP POST request (useful for posting files).
+
+ The HTTP request.
+ The request handler.
+ The parts to include in the POST entity.
+ The HTTP response.
+
+
+
+ Assembles a message comprised of the message on a given exception and all inner exceptions.
+
+ The exception.
+ The assembled message.
+
+
+
+ Flattens the specified sequence of sequences.
+
+ The type of element contained in the sequence.
+ The sequence of sequences to flatten.
+ A sequence of the contained items.
+
+
+
+ Cuts off precision beyond a second on a DateTime value.
+
+ The value.
+ A DateTime with a 0 millisecond component.
+
+
+
+ Adds a name-value pair to the end of a given URL
+ as part of the querystring piece. Prefixes a ? or & before
+ first element as necessary.
+
+ The UriBuilder to add arguments to.
+ The name of the parameter to add.
+ The value of the argument.
+
+ If the parameters to add match names of parameters that already are defined
+ in the query string, the existing ones are not replaced.
+
+
+
+
+ Adds a set of values to a collection.
+
+ The type of value kept in the collection.
+ The collection to add to.
+ The values to add to the collection.
+
+
+
+ Tests whether two timespans are within reasonable approximation of each other.
+
+ One TimeSpan.
+ The other TimeSpan.
+ The allowable margin of error.
+ true if the two TimeSpans are within of each other.
+
+
+
+ Compares to string values for ordinal equality in such a way that its execution time does not depend on how much of the value matches.
+
+ The first value.
+ The second value.
+ A value indicating whether the two strings share ordinal equality.
+
+ In signature equality checks, a difference in execution time based on how many initial characters match MAY
+ be used as an attack to figure out the expected signature. It is therefore important to make a signature
+ equality check's execution time independent of how many characters match the expected value.
+ See http://codahale.com/a-lesson-in-timing-attacks/ for more information.
+
+
+
+
+ Gets the public facing URL for the given incoming HTTP request.
+
+ The incoming request. Cannot be null.
+ The server variables to consider part of the request. Cannot be null.
+
+ The URI that the outside world used to create this request.
+
+
+ Although the value can be obtained from
+ , it's useful to be able to pass them
+ in so we can simulate injected values from our unit tests since the actual property
+ is a read-only kind of .
+
+
+
+
+ Gets the public facing URL for the given incoming HTTP request.
+
+ The incoming request. Cannot be null. Server variables are read from this request.
+ The URI that the outside world used to create this request.
+
+
+
+ Gets the URL to the root of a web site, which may include a virtual directory path.
+
+ An absolute URI.
+
+
+
+ Creates the XML reader settings to use for reading XML from untrusted sources.
+
+
+ The new instance of .
+
+
+ The default values set here are based on recommendations from
+ http://msdn.microsoft.com/en-us/magazine/ee335713.aspx
+
+
+
+
+ Clears any existing elements in a collection and fills the collection with a given set of values.
+
+ The type of value kept in the collection.
+ The collection to modify.
+ The new values to fill the collection.
+
+
+
+ Strips any and all URI query parameters that serve as parts of a message.
+
+ The URI that may contain query parameters to remove.
+ The message description whose parts should be removed from the URL.
+ A cleaned URL.
+
+
+
+ Sends a multipart HTTP POST request (useful for posting files) but doesn't call GetResponse on it.
+
+ The HTTP request.
+ The request handler.
+ The parts to include in the POST entity.
+
+
+
+ Assembles the content of the HTTP Authorization or WWW-Authenticate header.
+
+ The fields to include.
+
+ A value prepared for an HTTP header.
+
+
+
+
+ Assembles the content of the HTTP Authorization or WWW-Authenticate header.
+
+ The scheme.
+ The fields to include.
+ A value prepared for an HTTP header.
+
+
+
+ Parses the authorization header.
+
+ The scheme. Must not be null or empty.
+ The authorization header. May be null or empty.
+ A sequence of key=value pairs discovered in the header. Never null, but may be empty.
+
+
+
+ Encodes a symmetric key handle and the blob that is encrypted/signed with that key into a single string
+ that can be decoded by .
+
+ The cryptographic key handle.
+ The encrypted/signed blob.
+ The combined encoded value.
+
+
+
+ Extracts the key handle and encrypted blob from a string previously returned from .
+
+ The message part. May be null if not applicable.
+ The value previously returned from .
+ The crypto key handle.
+ The encrypted/signed data.
+
+
+
+ Gets a buffer of random data (not cryptographically strong).
+
+ The length of the sequence to generate.
+ The generated values, which may contain zeros.
+
+
+
+ Gets a cryptographically strong random sequence of values.
+
+ The length of the sequence to generate.
+ The generated values, which may contain zeros.
+
+
+
+ Gets a cryptographically strong random string of base64 characters.
+
+ The length of the byte sequence to generate.
+ A base64 encoding of the generated random data,
+ whose length in characters will likely be greater than .
+
+
+
+ Gets a NON-cryptographically strong random string of base64 characters.
+
+ The length of the byte sequence to generate.
+ A value indicating whether web64 encoding is used to avoid the need to escape characters.
+
+ A base64 encoding of the generated random data,
+ whose length in characters will likely be greater than .
+
+
+
+
+ Gets a random string made up of a given set of allowable characters.
+
+ The length of the desired random string.
+ The allowable characters.
+ A random string.
+
+
+
+ Computes the hash of a string.
+
+ The hash algorithm to use.
+ The value to hash.
+ The encoding to use when converting the string to a byte array.
+ A base64 encoded string.
+
+
+
+ Computes the hash of a sequence of key=value pairs.
+
+ The hash algorithm to use.
+ The data to hash.
+ The encoding to use when converting the string to a byte array.
+ A base64 encoded string.
+
+
+
+ Computes the hash of a sequence of key=value pairs.
+
+ The hash algorithm to use.
+ The data to hash.
+ The encoding to use when converting the string to a byte array.
+ A base64 encoded string.
+
+
+
+ Encrypts a byte buffer.
+
+ The buffer to encrypt.
+ The symmetric secret to use to encrypt the buffer. Allowed values are 128, 192, or 256 bytes in length.
+ The encrypted buffer
+
+
+
+ Decrypts a byte buffer.
+
+ The buffer to decrypt.
+ The symmetric secret to use to decrypt the buffer. Allowed values are 128, 192, and 256.
+ The encrypted buffer
+
+
+
+ Encrypts a string.
+
+ The text to encrypt.
+ The symmetric secret to use to encrypt the buffer. Allowed values are 128, 192, and 256.
+ The encrypted buffer
+
+
+
+ Decrypts a string previously encrypted with .
+
+ The text to decrypt.
+ The symmetric secret to use to decrypt the buffer. Allowed values are 128, 192, and 256.
+ The encrypted buffer
+
+
+
+ Performs asymmetric encryption of a given buffer.
+
+ The asymmetric encryption provider to use for encryption.
+ The buffer to encrypt.
+ The encrypted data.
+
+
+
+ Performs asymmetric decryption of a given buffer.
+
+ The asymmetric encryption provider to use for decryption.
+ The buffer to decrypt.
+ The decrypted data.
+
+
+
+ Gets a key from a given bucket with the longest remaining life, or creates a new one if necessary.
+
+ The crypto key store.
+ The bucket where the key should be found or stored.
+ The minimum remaining life required on the returned key.
+ The required size of the key, in bits.
+
+ A key-value pair whose key is the secret's handle and whose value is the cryptographic key.
+
+
+
+
+ Compresses a given buffer.
+
+ The buffer to compress.
+ The compression algorithm to use.
+ The compressed data.
+
+
+
+ Decompresses a given buffer.
+
+ The buffer to decompress.
+ The compression algorithm used.
+ The decompressed data.
+
+
+
+ Converts to data buffer to a base64-encoded string, using web safe characters and with the padding removed.
+
+ The data buffer.
+ A web-safe base64-encoded string without padding.
+
+
+
+ Decodes a (web-safe) base64-string back to its binary buffer form.
+
+ The base64-encoded string. May be web-safe encoded.
+ A data buffer.
+
+
+
+ Adds a set of HTTP headers to an instance,
+ taking care to set some headers to the appropriate properties of
+
+
+ The headers to add.
+ The instance to set the appropriate values to.
+
+
+
+ Adds a set of HTTP headers to an instance,
+ taking care to set some headers to the appropriate properties of
+
+
+ The headers to add.
+ The instance to set the appropriate values to.
+
+
+
+ Copies the contents of one stream to another.
+
+ The stream to copy from, at the position where copying should begin.
+ The stream to copy to, at the position where bytes should be written.
+ The maximum bytes to copy.
+ The total number of bytes copied.
+
+ Copying begins at the streams' current positions.
+ The positions are NOT reset after copying is complete.
+
+
+
+
+ Creates a snapshot of some stream so it is seekable, and the original can be closed.
+
+ The stream to copy bytes from.
+ A seekable stream with the same contents as the original.
+
+
+
+ Clones an in order to send it again.
+
+ The request to clone.
+ The newly created instance.
+
+
+
+ Clones an in order to send it again.
+
+ The request to clone.
+ The new recipient of the request.
+ The newly created instance.
+
+
+
+ Tests whether two arrays are equal in contents and ordering.
+
+ The type of elements in the arrays.
+ The first array in the comparison. May be null.
+ The second array in the comparison. May be null.
+ True if the arrays equal; false otherwise.
+
+
+
+ Tests whether two arrays are equal in contents and ordering,
+ guaranteeing roughly equivalent execution time regardless of where a signature mismatch may exist.
+
+ The first array in the comparison. May not be null.
+ The second array in the comparison. May not be null.
+ True if the arrays equal; false otherwise.
+
+ Guaranteeing equal execution time is useful in mitigating against timing attacks on a signature
+ or other secret.
+
+
+
+
+ Tests two sequences for same contents and ordering.
+
+ The type of elements in the arrays.
+ The first sequence in the comparison. May not be null.
+ The second sequence in the comparison. May not be null.
+ True if the arrays equal; false otherwise.
+
+
+
+ Tests two unordered collections for same contents.
+
+ The type of elements in the collections.
+ The first collection in the comparison. May not be null.
+ The second collection in the comparison. May not be null.
+ True if the collections have the same contents; false otherwise.
+
+
+
+ Tests whether two dictionaries are equal in length and contents.
+
+ The type of keys in the dictionaries.
+ The type of values in the dictionaries.
+ The first dictionary in the comparison. May not be null.
+ The second dictionary in the comparison. May not be null.
+ True if the arrays equal; false otherwise.
+
+
+
+ Concatenates a list of name-value pairs as key=value&key=value,
+ taking care to properly encode each key and value for URL
+ transmission according to RFC 3986. No ? is prefixed to the string.
+
+ The dictionary of key/values to read from.
+ The formulated querystring style string.
+
+
+
+ Adds a set of name-value pairs to the end of a given URL
+ as part of the querystring piece. Prefixes a ? or & before
+ first element as necessary.
+
+ The UriBuilder to add arguments to.
+
+ The arguments to add to the query.
+ If null, is not changed.
+
+
+ If the parameters to add match names of parameters that already are defined
+ in the query string, the existing ones are not replaced.
+
+
+
+
+ Adds a set of name-value pairs to the end of a given URL
+ as part of the fragment piece. Prefixes a # or & before
+ first element as necessary.
+
+ The UriBuilder to add arguments to.
+
+ The arguments to add to the query.
+ If null, is not changed.
+
+
+ If the parameters to add match names of parameters that already are defined
+ in the fragment, the existing ones are not replaced.
+
+
+
+
+ Adds parameters to a query string, replacing parameters that
+ match ones that already exist in the query string.
+
+ The UriBuilder to add arguments to.
+
+ The arguments to add to the query.
+ If null, is not changed.
+
+
+
+
+ Extracts the recipient from an HttpRequestInfo.
+
+ The request to get recipient information from.
+ The recipient.
+ Thrown if the HTTP request is something we can't handle.
+
+
+
+ Gets the enum value for a given HTTP verb.
+
+ The HTTP verb.
+ A enum value that is within the .
+ Thrown if the HTTP request is something we can't handle.
+
+
+
+ Gets the HTTP verb to use for a given enum value.
+
+ The HTTP method.
+ An HTTP verb, such as GET, POST, PUT, DELETE, PATCH, or OPTION.
+
+
+
+ Copies some extra parameters into a message.
+
+ The message to copy the extra data into.
+ The extra data to copy into the message. May be null to do nothing.
+
+
+
+ Collects a sequence of key=value pairs into a dictionary.
+
+ The type of the key.
+ The type of the value.
+ The sequence.
+ A dictionary.
+
+
+
+ Enumerates all members of the collection as key=value pairs.
+
+ The collection to enumerate.
+ A sequence of pairs.
+
+
+
+ Converts a to an IDictionary<string, string>.
+
+ The NameValueCollection to convert. May be null.
+ The generated dictionary, or null if is null.
+
+ If a null key is encountered, its value is ignored since
+ Dictionary<string, string> does not allow null keys.
+
+
+
+
+ Converts a to an IDictionary<string, string>.
+
+ The NameValueCollection to convert. May be null.
+
+ A value indicating whether a null key in the should be silently skipped since it is not a valid key in a Dictionary.
+ Use true to throw an exception if a null key is encountered.
+ Use false to silently continue converting the valid keys.
+
+ The generated dictionary, or null if is null.
+ Thrown if is true and a null key is encountered.
+
+
+
+ Converts a dictionary to a
+
+ The existing dictionary.
+ The new collection.
+
+
+
+ Sorts the elements of a sequence in ascending order by using a specified comparer.
+
+ The type of the elements of source.
+ The type of the key returned by keySelector.
+ A sequence of values to order.
+ A function to extract a key from an element.
+ A comparison function to compare keys.
+ An System.Linq.IOrderedEnumerable<TElement> whose elements are sorted according to a key.
+
+
+
+ Determines whether the specified message is a request (indirect message or direct request).
+
+ The message in question.
+
+ true if the specified message is a request; otherwise, false.
+
+
+ Although an may implement the
+ interface, it may only be doing that for its derived classes. These objects are only requests
+ if their property is non-null.
+
+
+
+
+ Determines whether the specified message is a direct response.
+
+ The message in question.
+
+ true if the specified message is a direct response; otherwise, false.
+
+
+ Although an may implement the
+ interface, it may only be doing
+ that for its derived classes. These objects are only requests if their
+ property is non-null.
+
+
+
+
+ Writes a buffer, prefixed with its own length.
+
+ The binary writer.
+ The buffer.
+
+
+
+ Reads a buffer that is prefixed with its own length.
+
+ The binary reader positioned at the buffer length.
+
+ The maximum size of the buffer that should be permitted.
+ Although the stream will indicate the size of the buffer, this mitigates data corruption
+ or DoS attacks causing the web server to allocate too much memory for a small data packet.
+
+ The read buffer.
+
+
+
+ Constructs a Javascript expression that will create an object
+ on the user agent when assigned to a variable.
+
+ The untrusted names and untrusted values to inject into the JSON object.
+ if set to true the values will NOT be escaped as if it were a pure string.
+ The Javascript JSON object as a string.
+
+
+
+ Serializes the given message as a JSON string.
+
+ The message to serialize.
+ The cached message descriptions to use for reflection.
+ A JSON string.
+
+
+
+ Serializes the given message as a JSON string.
+
+ The message to serialize.
+ The cached message descriptions to use for reflection.
+ The encoding to use. Defaults to
+ A JSON string.
+
+
+
+ Deserializes a JSON object into a message.
+
+ The buffer containing the JSON string.
+ The message to deserialize the object into.
+ The cache of message descriptions.
+ The encoding that the JSON bytes are in.
+
+
+
+ Prepares what SHOULD be simply a string value for safe injection into Javascript
+ by using appropriate character escaping.
+
+ The untrusted string value to be escaped to protected against XSS attacks. May be null.
+ The escaped string, surrounded by single-quotes.
+
+
+
+ Escapes a string according to the URI data string rules given in RFC 3986.
+
+ The value to escape.
+ The escaped value.
+
+ The method is supposed to take on
+ RFC 3986 behavior if certain elements are present in a .config file. Even if this
+ actually worked (which in my experiments it doesn't), we can't rely on every
+ host actually having this configuration element present.
+
+
+
+
+ Ensures that UTC times are converted to local times. Unspecified kinds are unchanged.
+
+ The date-time to convert.
+ The date-time in local time.
+
+
+
+ Ensures that local times are converted to UTC times. Unspecified kinds are unchanged.
+
+ The date-time to convert.
+ The date-time in UTC time.
+
+
+
+ Gets the query data from the original request (before any URL rewriting has occurred.)
+
+ The request.
+
+ A containing all the parameters in the query string.
+
+
+
+
+ Gets a value indicating whether the request's URL was rewritten by ASP.NET
+ or some other module.
+
+ The request.
+ A value indicating whether there is evidence that the URL of the request has been changed to some internal server (farm) representation.
+
+ true if this request's URL was rewritten; otherwise, false.
+
+
+
+
+ Gets the query or form data from the original request (before any URL rewriting has occurred.)
+
+ The request.
+
+ A set of name=value pairs.
+
+
+
+
+ Creates a symmetric algorithm for use in encryption/decryption.
+
+ The symmetric key to use for encryption/decryption.
+ A symmetric algorithm.
+
+
+
+ Gets a random number generator for use on the current thread only.
+
+
+
+
+ The available compression algorithms.
+
+
+
+
+ The Deflate algorithm.
+
+
+
+
+ The GZip algorithm.
+
+
+
+
+ A thread-safe, non-crypto random number generator.
+
+
+
+
+ The initializer of all new instances.
+
+
+
+
+ A thread-local instance of
+
+
+
+
+ Gets a random number generator for use on the current thread only.
+
+
+
+
+ A class to convert a into an .
+
+ The type of objects being compared.
+
+
+
+ The comparison method to use.
+
+
+
+
+ Initializes a new instance of the ComparisonHelper class.
+
+ The comparison method to use.
+
+
+
+ Compares two instances of .
+
+ The first object to compare.
+ The second object to compare.
+ Any of -1, 0, or 1 according to standard comparison rules.
+
+
+
+ A message expiration enforcing binding element that supports messages
+ implementing the interface.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Sets the timestamp on an outgoing message.
+
+ The outgoing message.
+
+ The protections (if any) that this binding element applied to the message.
+ Null if this binding element did not even apply to this binding element.
+
+
+
+
+ Reads the timestamp on a message and throws an exception if the message is too old.
+
+ The incoming message.
+
+ The protections (if any) that this binding element applied to the message.
+ Null if this binding element did not even apply to this binding element.
+
+ Thrown if the given message has already expired.
+
+ Thrown when the binding element rules indicate that this message is invalid and should
+ NOT be processed.
+
+
+
+
+ Gets the protection offered by this binding element.
+
+
+
+
+
+ Gets or sets the channel that this binding element belongs to.
+
+
+
+
+ Gets the maximum age a message implementing the
+ interface can be before
+ being discarded as too old.
+
+
+
+
+ A pair of conversion functions to map some type to a string and back again.
+
+
+
+
+ The mapping function that converts some custom type to a string.
+
+
+
+
+ The mapping function that converts some custom type to the original string
+ (possibly non-normalized) that represents it.
+
+
+
+
+ The mapping function that converts a string to some custom type.
+
+
+
+
+ Initializes a new instance of the struct.
+
+ The mapping function that converts some custom value to a string.
+ The mapping function that converts some custom value to its original (non-normalized) string. May be null if the same as the function.
+ The mapping function that converts a string to some custom value.
+
+
+
+ Initializes a new instance of the struct.
+
+ The encoder.
+
+
+
+ Gets the encoder.
+
+
+
+
+ A mapping between serialized key names and instances describing
+ those key/values pairs.
+
+
+
+
+ A mapping between the serialized key names and their
+ describing instances.
+
+
+
+
+ Initializes a new instance of the class.
+
+ Type of the message.
+ The message version.
+
+
+
+ Returns a that represents this instance.
+
+
+ A that represents this instance.
+
+
+
+
+ Gets a dictionary that provides read/write access to a message.
+
+ The message the dictionary should provide access to.
+ The dictionary accessor to the message
+
+
+
+ Gets a dictionary that provides read/write access to a message.
+
+ The message the dictionary should provide access to.
+ A value indicating whether this message dictionary will retrieve original values instead of normalized ones.
+ The dictionary accessor to the message
+
+
+
+ Ensures the message parts pass basic validation.
+
+ The key/value pairs of the serialized message.
+
+
+
+ Tests whether all the required message parts pass basic validation for the given data.
+
+ The key/value pairs of the serialized message.
+ A value indicating whether the provided data fits the message's basic requirements.
+
+
+
+ Verifies that a given set of keys include all the required parameters
+ for this message type or throws an exception.
+
+ The names of all parameters included in a message.
+ if set to true an exception is thrown on failure with details.
+ A value indicating whether the provided data fits the message's basic requirements.
+
+ Thrown when required parts of a message are not in
+ if is true.
+
+
+
+
+ Ensures the protocol message parts that must not be empty are in fact not empty.
+
+ A dictionary of key/value pairs that make up the serialized message.
+ if set to true an exception is thrown on failure with details.
+ A value indicating whether the provided data fits the message's basic requirements.
+
+ Thrown when required parts of a message are not in
+ if is true.
+
+
+
+
+ Checks that a bunch of message part values meet the constant value requirements of this message description.
+
+ The part values.
+ if set to true, this method will throw on failure.
+ A value indicating whether all the requirements are met.
+
+
+
+ Reflects over some -implementing type
+ and prepares to serialize/deserialize instances of that type.
+
+
+
+
+ Gets the mapping between the serialized key names and their describing
+ instances.
+
+
+
+
+ Gets the message version this instance was generated from.
+
+
+
+
+ Gets the type of message this instance was generated from.
+
+ The type of the described message.
+
+
+
+ Gets the constructors available on the message type.
+
+
+
+
+ Wraps an instance in a dictionary that
+ provides access to both well-defined message properties and "extra"
+ name/value pairs that have no properties associated with them.
+
+
+
+
+ The instance manipulated by this dictionary.
+
+
+
+
+ The instance that describes the message type.
+
+
+
+
+ Whether original string values should be retrieved instead of normalized ones.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The message instance whose values will be manipulated by this dictionary.
+ The message description.
+ A value indicating whether this message dictionary will retrieve original values instead of normalized ones.
+
+
+
+ Adds a named value to the message.
+
+ The serialized form of the name whose value is being set.
+ The serialized form of the value.
+
+ Thrown if already has a set value in this message.
+
+
+ Thrown if is null.
+
+
+
+
+ Checks whether some named parameter has a value set in the message.
+
+ The serialized form of the message part's name.
+ True if the parameter by the given name has a set value. False otherwise.
+
+
+
+ Removes a name and value from the message given its name.
+
+ The serialized form of the name to remove.
+ True if a message part by the given name was found and removed. False otherwise.
+
+
+
+ Gets some named value if the key has a value.
+
+ The name (in serialized form) of the value being sought.
+ The variable where the value will be set.
+ True if the key was found and was set. False otherwise.
+
+
+
+ Sets a named value in the message.
+
+ The name-value pair to add. The name is the serialized form of the key.
+
+
+
+ Removes all values in the message.
+
+
+
+
+ Removes all items from the .
+
+
+ The is read-only.
+
+
+ This method cannot be implemented because keys are not guaranteed to be removed
+ since some are inherent to the type of message that this dictionary provides
+ access to.
+
+
+
+
+ Checks whether a named value has been set on the message.
+
+ The name/value pair.
+ True if the key exists and has the given value. False otherwise.
+
+
+
+ Copies all the serializable data from the message to a key/value array.
+
+ The array to copy to.
+ The index in the to begin copying to.
+
+
+
+ Removes a named value from the message if it exists.
+
+ The serialized form of the name and value to remove.
+ True if the name/value was found and removed. False otherwise.
+
+
+
+ Gets an enumerator that generates KeyValuePair<string, string> instances
+ for all the key/value pairs that are set in the message.
+
+ The enumerator that can generate the name/value pairs.
+
+
+
+ Gets an enumerator that generates KeyValuePair<string, string> instances
+ for all the key/value pairs that are set in the message.
+
+ The enumerator that can generate the name/value pairs.
+
+
+
+ Saves the data in a message to a standard dictionary.
+
+ The generated dictionary.
+
+
+
+ Loads data from a dictionary into the message.
+
+ The data to load into the message.
+
+
+
+ Gets the message this dictionary provides access to.
+
+
+
+
+ Gets the description of the type of message this dictionary provides access to.
+
+
+
+
+ Gets the number of explicitly set values in the message.
+
+
+
+
+ Gets a value indicating whether this message is read only.
+
+
+
+
+ Gets all the keys that have values associated with them.
+
+
+
+
+ Gets the set of official message part names that have non-null values associated with them.
+
+
+
+
+ Gets the keys that are in the message but not declared as official OAuth properties.
+
+
+
+
+ Gets all the values.
+
+
+
+
+ Gets the serializer for the message this dictionary provides access to.
+
+
+
+
+ Gets or sets a value for some named value.
+
+ The serialized form of a name for the value to read or write.
+ The named value.
+
+ If the key matches a declared property or field on the message type,
+ that type member is set. Otherwise the key/value is stored in a
+ dictionary for extra (weakly typed) strings.
+
+ Thrown when setting a value that is not allowed for a given .
+
+
+
+ Describes an individual member of a message and assists in its serialization.
+
+
+
+
+ A map of converters that help serialize custom objects to string values and back again.
+
+
+
+
+ A map of instantiated custom encoders used to encode/decode message parts.
+
+
+
+
+ The string-object conversion routines to use for this individual message part.
+
+
+
+
+ The property that this message part is associated with, if aplicable.
+
+
+
+
+ The field that this message part is associated with, if aplicable.
+
+
+
+
+ The type of the message part. (Not the type of the message itself).
+
+
+
+
+ The default (uninitialized) value of the member inherent in its type.
+
+
+
+
+ Initializes static members of the class.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+ A property or field of an implementing type
+ that has a attached to it.
+
+
+ The attribute discovered on that describes the
+ serialization requirements of the message part.
+
+
+
+
+ Sets the member of a given message to some given value.
+ Used in deserialization.
+
+ The message instance containing the member whose value should be set.
+ The string representation of the value to set.
+
+
+
+ Gets the normalized form of a value of a member of a given message.
+ Used in serialization.
+
+ The message instance to read the value from.
+ The string representation of the member's value.
+
+
+
+ Gets the value of a member of a given message.
+ Used in serialization.
+
+ The message instance to read the value from.
+ A value indicating whether the original value should be retrieved (as opposed to a normalized form of it).
+ The string representation of the member's value.
+
+
+
+ Gets whether the value has been set to something other than its CLR type default value.
+
+ The message instance to check the value on.
+ True if the value is not the CLR default value.
+
+
+
+ Adds a pair of type conversion functions to the static conversion map.
+
+ The custom type to convert to and from strings.
+ The function to convert the custom type to a string.
+ The mapping function that converts some custom value to its original (non-normalized) string. May be null if the same as the function.
+ The function to convert a string to the custom type.
+
+
+
+ Creates a that resorts to and
+ for the conversion.
+
+ The type to create the mapping for.
+ The value mapping.
+
+
+
+ Creates the default encoder for a given type.
+
+ The type to create a for.
+ A struct.
+
+
+
+ Figures out the CLR default value for a given type.
+
+ The type whose default value is being sought.
+ Either null, or some default value like 0 or 0.0.
+
+
+
+ Checks whether a type is a nullable value type (i.e. int?)
+
+ The type in question.
+ True if this is a nullable value type.
+
+
+
+ Retrieves a previously instantiated encoder of a given type, or creates a new one and stores it for later retrieval as well.
+
+ The message part encoder type.
+ An instance of the desired encoder.
+
+
+
+ Gets the value of the message part, without converting it to/from a string.
+
+ The message instance to read from.
+ The value of the member.
+
+
+
+ Sets the value of a message part directly with a given value.
+
+ The message instance to read from.
+ The value to set on the this part.
+
+
+
+ Converts a string representation of the member's value to the appropriate type.
+
+ The string representation of the member's value.
+
+ An instance of the appropriate type for setting the member.
+
+
+
+
+ Converts the member's value to its string representation.
+
+ The value of the member.
+ A value indicating whether a string matching the originally decoded string should be returned (as opposed to a normalized string).
+
+ The string representation of the member's value.
+
+
+
+
+ Validates that the message part and its attribute have agreeable settings.
+
+
+ Thrown when a non-nullable value type is set as optional.
+
+
+
+
+ Gets or sets the name to use when serializing or deserializing this parameter in a message.
+
+
+
+
+ Gets or sets whether this message part must be signed.
+
+
+
+
+ Gets or sets a value indicating whether this message part is required for the
+ containing message to be valid.
+
+
+
+
+ Gets or sets a value indicating whether the string value is allowed to be empty in the serialized message.
+
+
+
+
+ Gets or sets a value indicating whether the field or property must remain its default value.
+
+
+
+
+ Gets or sets a value indicating whether this part is defined as a constant field and can be read without a message instance.
+
+
+
+
+ Gets or sets a value indicating whether the value contained by this property contains
+ sensitive information that should generally not be logged.
+
+
+ true if this instance is security sensitive; otherwise, false.
+
+
+
+
+ Gets the static constant value for this message part without a message instance.
+
+
+
+
+ Gets the type of the declared member.
+
+
+
+
+ Gets the type of the encoded values produced by this encoder, as they would appear in their preferred form.
+
+
+
+
+ An exception thrown when messages cannot receive all the protections they require.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The message whose protection requirements could not be met.
+ The protection requirements that were fulfilled.
+
+
+
+ Initializes a new instance of the class.
+
+ The
+ that holds the serialized object data about the exception being thrown.
+ The System.Runtime.Serialization.StreamingContext
+ that contains contextual information about the source or destination.
+
+
+
+ A protocol message (request or response) that passes from this
+ to a remote party via the user agent using a redirect or form
+ POST submission, OR a direct message response.
+
+
+ An instance of this type describes the HTTP response that must be sent
+ in response to the current HTTP request.
+ It is important that this response make up the entire HTTP response.
+ A hosting ASPX page should not be allowed to render its normal HTML output
+ after this response is sent. The normal rendered output of an ASPX page
+ can be canceled by calling after this message
+ is sent on the response stream.
+
+
+
+
+ The encoder to use for serializing the response body.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Initializes a new instance of the class
+ based on the contents of an .
+
+ The to clone.
+ The maximum bytes to read from the response stream.
+
+
+
+ Creates a text reader for the response stream.
+
+ The text reader, initialized for the proper encoding.
+
+
+
+ Automatically sends the appropriate response to the user agent
+ and ends execution on the current page or handler.
+
+ Typically thrown by ASP.NET in order to prevent additional data from the page being sent to the client and corrupting the response.
+
+ Requires a current HttpContext.
+
+
+
+
+ Automatically sends the appropriate response to the user agent
+ and ends execution on the current page or handler.
+
+ The context of the HTTP request whose response should be set.
+ Typically this is .
+ Typically thrown by ASP.NET in order to prevent additional data from the page being sent to the client and corrupting the response.
+
+
+
+ Automatically sends the appropriate response to the user agent
+ and ends execution on the current page or handler.
+
+ The context of the HTTP request whose response should be set.
+ Typically this is .
+ Typically thrown by ASP.NET in order to prevent additional data from the page being sent to the client and corrupting the response.
+
+
+
+ Automatically sends the appropriate response to the user agent
+ and signals ASP.NET to short-circuit the page execution pipeline
+ now that the response has been completed.
+ Not safe to call from ASP.NET web forms.
+
+
+ Requires a current HttpContext.
+ This call is not safe to make from an ASP.NET web form (.aspx file or code-behind) because
+ ASP.NET will render HTML after the protocol message has been sent, which will corrupt the response.
+ Use the method instead for web forms.
+
+
+
+
+ Automatically sends the appropriate response to the user agent
+ and signals ASP.NET to short-circuit the page execution pipeline
+ now that the response has been completed.
+ Not safe to call from ASP.NET web forms.
+
+ The context of the HTTP request whose response should be set.
+ Typically this is .
+
+ This call is not safe to make from an ASP.NET web form (.aspx file or code-behind) because
+ ASP.NET will render HTML after the protocol message has been sent, which will corrupt the response.
+ Use the method instead for web forms.
+
+
+
+
+ Automatically sends the appropriate response to the user agent
+ and signals ASP.NET to short-circuit the page execution pipeline
+ now that the response has been completed.
+ Not safe to call from ASP.NET web forms.
+
+ The context of the HTTP request whose response should be set.
+ Typically this is .
+
+ This call is not safe to make from an ASP.NET web form (.aspx file or code-behind) because
+ ASP.NET will render HTML after the protocol message has been sent, which will corrupt the response.
+ Use the method instead for web forms.
+
+
+
+
+ Submits this response to a WCF response context. Only available when no response body is included.
+
+ The response context to apply the response to.
+
+
+
+ Automatically sends the appropriate response to the user agent.
+
+ The response to set to this message.
+
+
+
+ Gets the URI that, when requested with an HTTP GET request,
+ would transmit the message that normally would be transmitted via a user agent redirect.
+
+ The channel to use for encoding.
+
+ The URL that would transmit the original message. This URL may exceed the normal 2K limit,
+ and should therefore be broken up manually and POSTed as form fields when it exceeds this length.
+
+
+ This is useful for desktop applications that will spawn a user agent to transmit the message
+ rather than cause a redirect.
+
+
+
+
+ Sets the response to some string, encoded as UTF-8.
+
+ The string to set the response to.
+ Type of the content. May be null.
+
+
+
+ Automatically sends the appropriate response to the user agent
+ and signals ASP.NET to short-circuit the page execution pipeline
+ now that the response has been completed.
+
+ The context of the HTTP request whose response should be set.
+ Typically this is .
+ If set to false, this method calls
+ rather than
+ to avoid a .
+
+
+
+ Automatically sends the appropriate response to the user agent
+ and signals ASP.NET to short-circuit the page execution pipeline
+ now that the response has been completed.
+
+ The context of the HTTP request whose response should be set.
+ Typically this is .
+ If set to false, this method calls
+ rather than
+ to avoid a .
+
+
+
+ Gets the headers that must be included in the response to the user agent.
+
+
+ The headers in this collection are not meant to be a comprehensive list
+ of exactly what should be sent, but are meant to augment whatever headers
+ are generally included in a typical response.
+
+
+
+
+ Gets the body of the HTTP response.
+
+
+
+
+ Gets a value indicating whether the response stream is incomplete due
+ to a length limitation imposed by the HttpWebRequest or calling method.
+
+
+
+
+ Gets the cookies collection to add as headers to the HTTP response.
+
+
+
+
+ Gets or sets the body of the response as a string.
+
+
+
+
+ Gets the HTTP status code to use in the HTTP response.
+
+
+
+
+ Gets or sets a reference to the actual protocol message that
+ is being sent via the user agent.
+
+
+
+
+ The methods available for the local party to send messages to a remote party.
+
+
+ See OAuth 1.0 spec section 5.2.
+
+
+
+
+ No HTTP methods are allowed.
+
+
+
+
+ In the HTTP Authorization header as defined in OAuth HTTP Authorization Scheme (OAuth HTTP Authorization Scheme).
+
+
+
+
+ As the HTTP POST request body with a content-type of application/x-www-form-urlencoded.
+
+
+
+
+ Added to the URLs in the query part (as defined by [RFC3986] (Berners-Lee, T., “Uniform Resource Identifiers (URI): Generic Syntax,” .) section 3).
+
+
+
+
+ Added to the URLs in the query part (as defined by [RFC3986] (Berners-Lee, T., “Uniform Resource Identifiers (URI): Generic Syntax,” .) section 3).
+
+
+
+
+ Added to the URLs in the query part (as defined by [RFC3986] (Berners-Lee, T., “Uniform Resource Identifiers (URI): Generic Syntax,” .) section 3).
+
+
+
+
+ Added to the URLs in the query part (as defined by [RFC3986] (Berners-Lee, T., “Uniform Resource Identifiers (URI): Generic Syntax,” .) section 3).
+
+
+
+
+ Added to the URLs in the query part (as defined by [RFC3986] (Berners-Lee, T., “Uniform Resource Identifiers (URI): Generic Syntax,” .) section 3).
+
+
+
+
+ Added to the URLs in the query part (as defined by [RFC3986] (Berners-Lee, T., “Uniform Resource Identifiers (URI): Generic Syntax,” .) section 3).
+
+
+
+
+ The flags that control HTTP verbs.
+
+
+
+
+ The type of transport mechanism used for a message: either direct or indirect.
+
+
+
+
+ A message that is sent directly from the Consumer to the Service Provider, or vice versa.
+
+
+
+
+ A message that is sent from one party to another via a redirect in the user agent.
+
+
+
+
+ Encodes and decodes the as an integer of total seconds.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Encodes the specified value.
+
+ The value. Guaranteed to never be null.
+
+ The in string form, ready for message transport.
+
+
+
+
+ Decodes the specified value.
+
+ The string value carried by the transport. Guaranteed to never be null, although it may be empty.
+
+ The deserialized form of the given string.
+
+ Thrown when the string value given cannot be decoded into the required object type.
+
+
+
+ Gets the type of the encoded values produced by this encoder, as they would appear in their preferred form.
+
+
+
+
+ A paranoid HTTP get/post request engine. It helps to protect against attacks from remote
+ server leaving dangling connections, sending too much data, causing requests against
+ internal servers, etc.
+
+
+ Protections include:
+ * Conservative maximum time to receive the complete response.
+ * Only HTTP and HTTPS schemes are permitted.
+ * Internal IP address ranges are not permitted: 127.*.*.*, 1::*
+ * Internal host names are not permitted (periods must be found in the host name)
+ If a particular host would be permitted but is in the blacklist, it is not allowed.
+ If a particular host would not be permitted but is in the whitelist, it is allowed.
+
+
+
+
+ The set of URI schemes allowed in untrusted web requests.
+
+
+
+
+ The collection of blacklisted hosts.
+
+
+
+
+ The collection of regular expressions used to identify additional blacklisted hosts.
+
+
+
+
+ The collection of whitelisted hosts.
+
+
+
+
+ The collection of regular expressions used to identify additional whitelisted hosts.
+
+
+
+
+ The maximum redirections to follow in the course of a single request.
+
+
+
+
+ The maximum number of bytes to read from the response of an untrusted server.
+
+
+
+
+ The handler that will actually send the HTTP request and collect
+ the response once the untrusted server gates have been satisfied.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The chained web request handler.
+
+
+
+ Determines whether this instance can support the specified options.
+
+ The set of options that might be given in a subsequent web request.
+
+ true if this instance can support the specified options; otherwise, false.
+
+
+
+
+ Prepares an that contains an POST entity for sending the entity.
+
+ The that should contain the entity.
+ The options to apply to this web request.
+
+ The writer the caller should write out the entity data to.
+
+ Thrown for any network error.
+
+ The caller should have set the
+ and any other appropriate properties before calling this method.
+ Implementations should catch and wrap it in a
+ to abstract away the transport and provide
+ a single exception type for hosts to catch.
+
+
+
+
+ Processes an and converts the
+ to a instance.
+
+ The to handle.
+ The options to apply to this web request.
+
+ An instance of describing the response.
+
+ Thrown for any network error.
+
+ Implementations should catch and wrap it in a
+ to abstract away the transport and provide
+ a single exception type for hosts to catch. The
+ value, if set, should be Closed before throwing.
+
+
+
+
+ Prepares an that contains an POST entity for sending the entity.
+
+ The that should contain the entity.
+
+ The writer the caller should write out the entity data to.
+
+
+
+
+ Processes an and converts the
+ to a instance.
+
+ The to handle.
+
+ An instance of describing the response.
+
+ Thrown for any network error.
+
+ Implementations should catch and wrap it in a
+ to abstract away the transport and provide
+ a single exception type for hosts to catch. The
+ value, if set, should be Closed before throwing.
+
+
+
+
+ Determines whether an IP address is the IPv6 equivalent of "localhost/127.0.0.1".
+
+ The ip address to check.
+
+ true if this is a loopback IP address; false otherwise.
+
+
+
+
+ Determines whether the given host name is in a host list or host name regex list.
+
+ The host name.
+ The list of host names.
+ The list of regex patterns of host names.
+
+ true if the specified host falls within at least one of the given lists; otherwise, false.
+
+
+
+
+ Determines whether a given host is whitelisted.
+
+ The host name to test.
+
+ true if the host is whitelisted; otherwise, false.
+
+
+
+
+ Determines whether a given host is blacklisted.
+
+ The host name to test.
+
+ true if the host is blacklisted; otherwise, false.
+
+
+
+
+ Verify that the request qualifies under our security policies
+
+ The request URI.
+ If set to true, only web requests that can be made entirely over SSL will succeed.
+ Thrown when the URI is disallowed for security reasons.
+
+
+
+ Determines whether a URI is allowed based on scheme and host name.
+ No requireSSL check is done here
+
+ The URI to test for whether it should be allowed.
+
+ true if [is URI allowable] [the specified URI]; otherwise, false.
+
+
+
+
+ Prepares the request by setting timeout and redirect policies.
+
+ The request to prepare.
+ true if this is a POST request whose headers have not yet been sent out; false otherwise.
+
+
+
+ Gets or sets the default maximum bytes to read in any given HTTP request.
+
+ Default is 1MB. Cannot be less than 2KB.
+
+
+
+ Gets or sets the total number of redirections to allow on any one request.
+ Default is 10.
+
+
+
+
+ Gets or sets the time allowed to wait for single read or write operation to complete.
+ Default is 500 milliseconds.
+
+
+
+
+ Gets or sets the time allowed for an entire HTTP request.
+ Default is 5 seconds.
+
+
+
+
+ Gets a collection of host name literals that should be allowed even if they don't
+ pass standard security checks.
+
+
+
+
+ Gets a collection of host name regular expressions that indicate hosts that should
+ be allowed even though they don't pass standard security checks.
+
+
+
+
+ Gets a collection of host name literals that should be rejected even if they
+ pass standard security checks.
+
+
+
+
+ Gets a collection of host name regular expressions that indicate hosts that should
+ be rejected even if they pass standard security checks.
+
+
+
+
+ Gets the configuration for this class that is specified in the host's .config file.
+
+
+
+
+ The default handler for transmitting instances
+ and returning the responses.
+
+
+
+
+ The set of options this web request handler supports.
+
+
+
+
+ The value to use for the User-Agent HTTP header.
+
+
+
+
+ Determines whether this instance can support the specified options.
+
+ The set of options that might be given in a subsequent web request.
+
+ true if this instance can support the specified options; otherwise, false.
+
+
+
+
+ Prepares an that contains an POST entity for sending the entity.
+
+ The that should contain the entity.
+
+ The writer the caller should write out the entity data to.
+
+ Thrown for any network error.
+
+ The caller should have set the
+ and any other appropriate properties before calling this method.
+ Implementations should catch and wrap it in a
+ to abstract away the transport and provide
+ a single exception type for hosts to catch.
+
+
+
+
+ Prepares an that contains an POST entity for sending the entity.
+
+ The that should contain the entity.
+ The options to apply to this web request.
+
+ The writer the caller should write out the entity data to.
+
+ Thrown for any network error.
+
+ The caller should have set the
+ and any other appropriate properties before calling this method.
+ Implementations should catch and wrap it in a
+ to abstract away the transport and provide
+ a single exception type for hosts to catch.
+
+
+
+
+ Processes an and converts the
+ to a instance.
+
+ The to handle.
+
+ An instance of describing the response.
+
+ Thrown for any network error.
+
+ Implementations should catch and wrap it in a
+ to abstract away the transport and provide
+ a single exception type for hosts to catch. The
+ value, if set, should be Closed before throwing.
+
+
+
+
+ Processes an and converts the
+ to a instance.
+
+ The to handle.
+ The options to apply to this web request.
+
+ An instance of describing the response.
+
+ Thrown for any network error.
+
+ Implementations should catch and wrap it in a
+ to abstract away the transport and provide
+ a single exception type for hosts to catch. The
+ value, if set, should be Closed before throwing.
+
+
+
+
+ Determines whether an exception was thrown because of the remote HTTP server returning HTTP 417 Expectation Failed.
+
+ The caught exception.
+
+ true if the failure was originally caused by a 417 Exceptation Failed error; otherwise, false.
+
+
+
+
+ Initiates a POST request and prepares for sending data.
+
+ The HTTP request with information about the remote party to contact.
+
+ The stream where the POST entity can be written.
+
+
+
+
+ Prepares an HTTP request.
+
+ The request.
+ true if this is a POST request whose headers have not yet been sent out; false otherwise.
+
+
+
+ An immutable description of a URL that receives messages.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The URL of this endpoint.
+ The HTTP method(s) allowed.
+
+
+
+ Initializes a new instance of the class.
+
+ The URL of this endpoint.
+ The HTTP method(s) allowed.
+
+
+
+ Gets the URL of this endpoint.
+
+
+
+
+ Gets the HTTP method(s) allowed.
+
+
+
+
+ Represents the section in the host's .config file that configures
+ this library's settings.
+
+
+
+
+ The name of the section under which this library's settings must be found.
+
+
+
+
+ The name of the <openid> sub-element.
+
+
+
+
+ The name of the <oauth> sub-element.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Gets a named section in this section group, or null if no such section is defined.
+
+ The name of the section to obtain.
+ The desired section, or null if it could not be obtained.
+
+
+
+ Gets the messaging configuration element.
+
+
+
+
+ Gets the reporting configuration element.
+
+
+
+
+ Represents the <messaging> element in the host's .config file.
+
+
+
+
+ The name of the <webResourceUrlProvider> sub-element.
+
+
+
+
+ The name of the <untrustedWebRequest> sub-element.
+
+
+
+
+ The name of the attribute that stores the association's maximum lifetime.
+
+
+
+
+ The name of the attribute that stores the maximum allowable clock skew.
+
+
+
+
+ The name of the attribute that indicates whether to disable SSL requirements across the library.
+
+
+
+
+ The name of the attribute that controls whether messaging rules are strictly followed.
+
+
+
+
+ The default value for the property.
+
+
+ 2KB, recommended by OpenID group
+
+
+
+
+ The name of the attribute that controls the maximum length of a URL before it is converted
+ to a POST payload.
+
+
+
+
+ Gets the name of the @privateSecretMaximumAge attribute.
+
+
+
+
+ The name of the <messaging> sub-element.
+
+
+
+
+ Gets the configuration section from the .config file.
+
+
+
+
+ Gets the actual maximum message lifetime that a program should allow.
+
+ The sum of the and
+ property values.
+
+
+
+ Gets or sets the maximum lifetime of a private symmetric secret,
+ that may be used for signing or encryption.
+
+ The default value is 28 days (twice the age of the longest association).
+
+
+
+ Gets or sets the time between a message's creation and its receipt
+ before it is considered expired.
+
+
+ The default value value is 3 minutes.
+
+
+ Smaller timespans mean lower tolerance for delays in message delivery.
+ Larger timespans mean more nonces must be stored to provide replay protection.
+ The maximum age a message implementing the
+ interface can be before
+ being discarded as too old.
+ This time limit should NOT take into account expected
+ time skew for servers across the Internet. Time skew is added to
+ this value and is controlled by the property.
+
+
+
+
+ Gets or sets the maximum clock skew.
+
+ The default value is 10 minutes.
+
+ Smaller timespans mean lower tolerance for
+ time variance due to server clocks not being synchronized.
+ Larger timespans mean greater chance for replay attacks and
+ larger nonce caches.
+ For example, if a server could conceivably have its
+ clock d = 5 minutes off UTC time, then any two servers could have
+ their clocks disagree by as much as 2*d = 10 minutes.
+
+
+
+
+ Gets or sets a value indicating whether SSL requirements within the library are disabled/relaxed.
+ Use for TESTING ONLY.
+
+
+
+
+ Gets or sets a value indicating whether messaging rules are strictly
+ adhered to.
+
+ true by default.
+
+ Strict will require that remote parties adhere strictly to the specifications,
+ even when a loose interpretation would not compromise security.
+ true is a good default because it shakes out interoperability bugs in remote services
+ so they can be identified and corrected. But some web sites want things to Just Work
+ more than they want to file bugs against others, so false is the setting for them.
+
+
+
+
+ Gets or sets the configuration for the class.
+
+ The untrusted web request.
+
+
+
+ Gets or sets the maximum allowable size for a 301 Redirect response before we send
+ a 200 OK response with a scripted form POST with the parameters instead
+ in order to ensure successfully sending a large payload to another server
+ that might have a maximum allowable size restriction on its GET request.
+
+ The default value is 2048.
+
+
+
+ Gets or sets the embedded resource retrieval provider.
+
+
+ The embedded resource retrieval provider.
+
+
+
+
+ Represents the <reporting> element in the host's .config file.
+
+
+
+
+ The name of the @enabled attribute.
+
+
+
+
+ The name of the @minimumReportingInterval attribute.
+
+
+
+
+ The name of the @minimumFlushInterval attribute.
+
+
+
+
+ The name of the @includeFeatureUsage attribute.
+
+
+
+
+ The name of the @includeEventStatistics attribute.
+
+
+
+
+ The name of the @includeLocalRequestUris attribute.
+
+
+
+
+ The name of the @includeCultures attribute.
+
+
+
+
+ The name of the <reporting> sub-element.
+
+
+
+
+ The default value for the @minimumFlushInterval attribute.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Gets the configuration section from the .config file.
+
+
+
+
+ Gets or sets a value indicating whether this reporting is enabled.
+
+ true if enabled; otherwise, false.
+
+
+
+ Gets or sets the maximum frequency that reports will be published.
+
+
+
+
+ Gets or sets the maximum frequency the set can be flushed to disk.
+
+
+
+
+ Gets or sets a value indicating whether to include a list of library features used in the report.
+
+ true to include a report of features used; otherwise, false.
+
+
+
+ Gets or sets a value indicating whether to include statistics of certain events such as
+ authentication success and failure counting, and can include remote endpoint URIs.
+
+
+ true to include event counters in the report; otherwise, false.
+
+
+
+
+ Gets or sets a value indicating whether to include a few URLs to pages on the hosting
+ web site that host DotNetOpenAuth components.
+
+
+
+
+ Gets or sets a value indicating whether to include the cultures requested by the user agent
+ on pages that host DotNetOpenAuth components.
+
+
+
+
+ A configuration collection of trusted OP Endpoints.
+
+
+
+
+ The name of the "rejectAssertionsFromUntrustedProviders" element.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The elements to initialize the collection with.
+
+
+
+ When overridden in a derived class, creates a new .
+
+
+ A new .
+
+
+
+
+ Gets the element key for a specified configuration element when overridden in a derived class.
+
+ The to return the key for.
+
+ An that acts as the key for the specified .
+
+
+
+
+ Gets or sets a value indicating whether any login attempt coming from an OpenID Provider Endpoint that is not on this
+ whitelist of trusted OP Endpoints will be rejected. If the trusted providers list is empty and this value
+ is true, all assertions are rejected.
+
+
+
+
+ A configuration element that records a trusted Provider Endpoint.
+
+
+
+
+ The name of the attribute that stores the value.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Gets or sets the OpenID Provider Endpoint (aka "OP Endpoint") that this relying party trusts.
+
+
+
+
+ A collection of .
+
+ The type that all types specified in the elements must derive from.
+
+
+
+ Initializes a new instance of the TypeConfigurationCollection class.
+
+
+
+
+ Initializes a new instance of the TypeConfigurationCollection class.
+
+ The elements that should be added to the collection initially.
+
+
+
+ Creates instances of all the types listed in the collection.
+
+ if set to true then internal types may be instantiated.
+ A sequence of instances generated from types in this collection. May be empty, but never null.
+
+
+
+ When overridden in a derived class, creates a new .
+
+
+ A new .
+
+
+
+
+ Gets the element key for a specified configuration element when overridden in a derived class.
+
+ The to return the key for.
+
+ An that acts as the key for the specified .
+
+
+
+
+ Represents an element in a .config file that allows the user to provide a @type attribute specifying
+ the full type that provides some service used by this library.
+
+ A constraint on the type the user may provide.
+
+
+
+ The name of the attribute whose value is the full name of the type the user is specifying.
+
+
+
+
+ The name of the attribute whose value is the path to the XAML file to deserialize to obtain the type.
+
+
+
+
+ Initializes a new instance of the TypeConfigurationElement class.
+
+
+
+
+ Creates an instance of the type described in the .config file.
+
+ The value to return if no type is given in the .config file.
+ The newly instantiated type.
+
+
+
+ Creates an instance of the type described in the .config file.
+
+ The value to return if no type is given in the .config file.
+ if set to true then internal types may be instantiated.
+ The newly instantiated type.
+
+
+
+ Creates the instance from xaml.
+
+ The stream of xaml to deserialize.
+ The deserialized object.
+
+ This exists as its own method to prevent the CLR's JIT compiler from failing
+ to compile the CreateInstance method just because the PresentationFramework.dll
+ may be missing (which it is on some shared web hosts). This way, if the
+ XamlSource attribute is never used, the PresentationFramework.dll never need
+ be present.
+
+
+
+
+ Gets or sets the full name of the type.
+
+ The full name of the type, such as: "ConsumerPortal.Code.CustomStore, ConsumerPortal".
+
+
+
+ Gets or sets the path to the XAML file to deserialize to obtain the instance.
+
+
+
+
+ Gets the type described in the .config file.
+
+
+
+
+ Gets a value indicating whether this type has no meaningful type to instantiate.
+
+
+
+
+ Represents the section of a .config file where security policies regarding web requests
+ to user-provided, untrusted servers is controlled.
+
+
+
+
+ Gets the name of the @timeout attribute.
+
+
+
+
+ Gets the name of the @readWriteTimeout attribute.
+
+
+
+
+ Gets the name of the @maximumBytesToRead attribute.
+
+
+
+
+ Gets the name of the @maximumRedirections attribute.
+
+
+
+
+ Gets the name of the @whitelistHosts attribute.
+
+
+
+
+ Gets the name of the @whitelistHostsRegex attribute.
+
+
+
+
+ Gets the name of the @blacklistHosts attribute.
+
+
+
+
+ Gets the name of the @blacklistHostsRegex attribute.
+
+
+
+
+ Gets or sets the read/write timeout after which an HTTP request will fail.
+
+
+
+
+ Gets or sets the timeout after which an HTTP request will fail.
+
+
+
+
+ Gets or sets the maximum bytes to read from an untrusted web server.
+
+
+
+
+ Gets or sets the maximum redirections that will be followed before an HTTP request fails.
+
+
+
+
+ Gets or sets the collection of hosts on the whitelist.
+
+
+
+
+ Gets or sets the collection of hosts on the blacklist.
+
+
+
+
+ Gets or sets the collection of regular expressions that describe hosts on the whitelist.
+
+
+
+
+ Gets or sets the collection of regular expressions that describe hosts on the blacklist.
+
+
+
+
+ Represents a collection of child elements that describe host names either as literal host names or regex patterns.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Creates a new child host name element.
+
+
+ A new .
+
+
+
+
+ Gets the element key for a specified configuration element.
+
+ The to return the key for.
+
+ An that acts as the key for the specified .
+
+
+
+
+ Gets all the members of the collection assuming they are all literal host names.
+
+
+
+
+ Gets all the members of the collection assuming they are all host names regex patterns.
+
+
+
+
+ Represents the name of a single host or a regex pattern for host names.
+
+
+
+
+ Gets the name of the @name attribute.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The default value of the property.
+
+
+
+ Gets or sets the name of the host on the white or black list.
+
+
+
+
+ An interface that provides URLs from which embedded resources can be obtained.
+
+
+
+
+ Gets the URL from which the given manifest resource may be downloaded by the user agent.
+
+ Some type in the assembly containing the desired resource.
+ Manifest name of the desired resource.
+ An absolute URL.
+
+
+
+ A general logger for the entire DotNetOpenAuth library.
+
+
+ Because this logger is intended for use with non-localized strings, the
+ overloads that take have been removed, and
+ is used implicitly.
+
+
+
+
+ The instance that is to be used
+ by this static Logger for the duration of the appdomain.
+
+
+
+
+ Backing field for the property.
+
+
+
+
+ Backing field for the property.
+
+
+
+
+ Backing field for the property.
+
+
+
+
+ Backing field for the property.
+
+
+
+
+ Backing field for the property.
+
+
+
+
+ Backing field for the property.
+
+
+
+
+ Backing field for the property.
+
+
+
+
+ Backing field for the property.
+
+
+
+
+ Backing field for the property.
+
+
+
+
+ Backing field for the property.
+
+
+
+
+ Creates an additional logger on demand for a subsection of the application.
+
+ A name that will be included in the log file.
+ The instance created with the given name.
+
+
+
+ Creates the main logger for the library, and emits an INFO message
+ that is the name and version of the library.
+
+ A name that will be included in the log file.
+ The instance created with the given name.
+
+
+
+ Creates an additional logger on demand for a subsection of the application.
+
+ A type whose full name that will be included in the log file.
+ The instance created with the given type name.
+
+
+
+ Discovers the presence of Log4net.dll and other logging mechanisms
+ and returns the best available logger.
+
+ The name of the log to initialize.
+ The instance of the logger to use.
+
+
+
+ Gets the logger for general library logging.
+
+
+
+
+ Gets the logger for service discovery and selection events.
+
+
+
+
+ Gets the logger for Messaging events.
+
+
+
+
+ Gets the logger for Channel events.
+
+
+
+
+ Gets the logger for binding elements and binding-element related events on the channel.
+
+
+
+
+ Gets the logger specifically used for logging verbose text on everything about the signing process.
+
+
+
+
+ Gets the logger for HTTP-level events.
+
+
+
+
+ Gets the logger for events logged by ASP.NET controls.
+
+
+
+
+ Gets the logger for high-level OpenID events.
+
+
+
+
+ Gets the logger for high-level OAuth events.
+
+
+
+
+ Gets the logger for high-level InfoCard events.
+
+
+
+
+ The ILog interface is use by application to log messages into
+ the log4net framework.
+
+
+
+ Use the to obtain logger instances
+ that implement this interface. The
+ static method is used to get logger instances.
+
+
+ This class contains methods for logging at different levels and also
+ has properties for determining if those logging levels are
+ enabled in the current configuration.
+
+
+ This interface can be implemented in different ways. This documentation
+ specifies reasonable behavior that a caller can expect from the actual
+ implementation, however different implementations reserve the right to
+ do things differently.
+
+
+ Simple example of logging messages
+
+ ILog log = LogManager.GetLogger("application-log");
+
+ log.Info("Application Start");
+ log.Debug("This is a debug message");
+
+ if (log.IsDebugEnabled)
+ {
+ log.Debug("This is another debug message");
+ }
+
+
+
+
+ Nicko Cadell
+ Gert Driesen
+
+
+ Log a message object with the level.
+
+ Log a message object with the level.
+
+ The message object to log.
+
+
+ This method first checks if this logger is DEBUG
+ enabled by comparing the level of this logger with the
+ level. If this logger is
+ DEBUG enabled, then it converts the message object
+ (passed as parameter) to a string by invoking the appropriate
+ . It then
+ proceeds to call all the registered appenders in this logger
+ and also higher in the hierarchy depending on the value of
+ the additivity flag.
+
+ WARNING Note that passing an
+ to this method will print the name of the
+ but no stack trace. To print a stack trace use the
+ form instead.
+
+
+
+
+
+
+
+ Log a message object with the level including
+ the stack trace of the passed
+ as a parameter.
+
+ The message object to log.
+ The exception to log, including its stack trace.
+
+
+ See the form for more detailed information.
+
+
+
+
+
+
+ Log a formatted string with the level.
+
+ Logs a formatted message string with the level.
+
+ A String containing zero or more format items
+ An Object array containing zero or more objects to format
+
+
+ The message is formatted using the string.Format method. See
+ for details of the syntax of the format string and the behavior
+ of the formatting.
+
+
+ This method does not take an object to include in the
+ log event. To pass an use one of the
+ methods instead.
+
+
+
+
+
+
+
+ Logs a formatted message string with the level.
+
+ A String containing zero or more format items
+ An Object to format
+
+
+ The message is formatted using the string.Format method. See
+ for details of the syntax of the format string and the behavior
+ of the formatting.
+
+
+ This method does not take an object to include in the
+ log event. To pass an use one of the
+ methods instead.
+
+
+
+
+
+
+
+ Logs a formatted message string with the level.
+
+ A String containing zero or more format items
+ An Object to format
+ An Object to format
+
+
+ The message is formatted using the string.Format method. See
+ for details of the syntax of the format string and the behavior
+ of the formatting.
+
+
+ This method does not take an object to include in the
+ log event. To pass an use one of the
+ methods instead.
+
+
+
+
+
+
+
+ Logs a formatted message string with the level.
+
+ A String containing zero or more format items
+ An Object to format
+ An Object to format
+ An Object to format
+
+
+ The message is formatted using the string.Format method. See
+ for details of the syntax of the format string and the behavior
+ of the formatting.
+
+
+ This method does not take an object to include in the
+ log event. To pass an use one of the
+ methods instead.
+
+
+
+
+
+
+ Log a message object with the level.
+
+ Logs a message object with the level.
+
+
+
+ This method first checks if this logger is INFO
+ enabled by comparing the level of this logger with the
+ level. If this logger is
+ INFO enabled, then it converts the message object
+ (passed as parameter) to a string by invoking the appropriate
+ . It then
+ proceeds to call all the registered appenders in this logger
+ and also higher in the hierarchy depending on the value of the
+ additivity flag.
+
+ WARNING Note that passing an
+ to this method will print the name of the
+ but no stack trace. To print a stack trace use the
+ form instead.
+
+
+ The message object to log.
+
+
+
+
+
+ Logs a message object with the INFO level including
+ the stack trace of the passed
+ as a parameter.
+
+ The message object to log.
+ The exception to log, including its stack trace.
+
+
+ See the form for more detailed information.
+
+
+
+
+
+
+ Log a formatted message string with the level.
+
+ Logs a formatted message string with the level.
+
+ A String containing zero or more format items
+ An Object array containing zero or more objects to format
+
+
+ The message is formatted using the string.Format method. See
+ for details of the syntax of the format string and the behavior
+ of the formatting.
+
+
+ This method does not take an object to include in the
+ log event. To pass an use one of the
+ methods instead.
+
+
+
+
+
+
+
+ Logs a formatted message string with the level.
+
+ A String containing zero or more format items
+ An Object to format
+
+
+ The message is formatted using the string.Format method. See
+ for details of the syntax of the format string and the behavior
+ of the formatting.
+
+
+ This method does not take an object to include in the
+ log event. To pass an use one of the
+ methods instead.
+
+
+
+
+
+
+
+ Logs a formatted message string with the level.
+
+ A String containing zero or more format items
+ An Object to format
+ An Object to format
+
+
+ The message is formatted using the string.Format method. See
+ for details of the syntax of the format string and the behavior
+ of the formatting.
+
+
+ This method does not take an object to include in the
+ log event. To pass an use one of the
+ methods instead.
+
+
+
+
+
+
+
+ Logs a formatted message string with the level.
+
+ A String containing zero or more format items
+ An Object to format
+ An Object to format
+ An Object to format
+
+
+ The message is formatted using the string.Format method. See
+ for details of the syntax of the format string and the behavior
+ of the formatting.
+
+
+ This method does not take an object to include in the
+ log event. To pass an use one of the
+ methods instead.
+
+
+
+
+
+
+ Log a message object with the level.
+
+ Log a message object with the level.
+
+
+
+ This method first checks if this logger is WARN
+ enabled by comparing the level of this logger with the
+ level. If this logger is
+ WARN enabled, then it converts the message object
+ (passed as parameter) to a string by invoking the appropriate
+ . It then
+ proceeds to call all the registered appenders in this logger
+ and also higher in the hierarchy depending on the value of the
+ additivity flag.
+
+ WARNING Note that passing an
+ to this method will print the name of the
+ but no stack trace. To print a stack trace use the
+ form instead.
+
+
+ The message object to log.
+
+
+
+
+
+ Log a message object with the level including
+ the stack trace of the passed
+ as a parameter.
+
+ The message object to log.
+ The exception to log, including its stack trace.
+
+
+ See the form for more detailed information.
+
+
+
+
+
+
+ Log a formatted message string with the level.
+
+ Logs a formatted message string with the level.
+
+ A String containing zero or more format items
+ An Object array containing zero or more objects to format
+
+
+ The message is formatted using the string.Format method. See
+ for details of the syntax of the format string and the behavior
+ of the formatting.
+
+
+ This method does not take an object to include in the
+ log event. To pass an use one of the
+ methods instead.
+
+
+
+
+
+
+
+ Logs a formatted message string with the level.
+
+ A String containing zero or more format items
+ An Object to format
+
+
+ The message is formatted using the string.Format method. See
+ for details of the syntax of the format string and the behavior
+ of the formatting.
+
+
+ This method does not take an object to include in the
+ log event. To pass an use one of the
+ methods instead.
+
+
+
+
+
+
+
+ Logs a formatted message string with the level.
+
+ A String containing zero or more format items
+ An Object to format
+ An Object to format
+
+
+ The message is formatted using the string.Format method. See
+ for details of the syntax of the format string and the behavior
+ of the formatting.
+
+
+ This method does not take an object to include in the
+ log event. To pass an use one of the
+ methods instead.
+
+
+
+
+
+
+
+ Logs a formatted message string with the level.
+
+ A String containing zero or more format items
+ An Object to format
+ An Object to format
+ An Object to format
+
+
+ The message is formatted using the string.Format method. See
+ for details of the syntax of the format string and the behavior
+ of the formatting.
+
+
+ This method does not take an object to include in the
+ log event. To pass an use one of the
+ methods instead.
+
+
+
+
+
+
+ Log a message object with the level.
+
+ Logs a message object with the level.
+
+ The message object to log.
+
+
+ This method first checks if this logger is ERROR
+ enabled by comparing the level of this logger with the
+ level. If this logger is
+ ERROR enabled, then it converts the message object
+ (passed as parameter) to a string by invoking the appropriate
+ . It then
+ proceeds to call all the registered appenders in this logger
+ and also higher in the hierarchy depending on the value of the
+ additivity flag.
+
+ WARNING Note that passing an
+ to this method will print the name of the
+ but no stack trace. To print a stack trace use the
+ form instead.
+
+
+
+
+
+
+
+ Log a message object with the level including
+ the stack trace of the passed
+ as a parameter.
+
+ The message object to log.
+ The exception to log, including its stack trace.
+
+
+ See the form for more detailed information.
+
+
+
+
+
+
+ Log a formatted message string with the level.
+
+ Logs a formatted message string with the level.
+
+ A String containing zero or more format items
+ An Object array containing zero or more objects to format
+
+
+ The message is formatted using the string.Format method. See
+ for details of the syntax of the format string and the behavior
+ of the formatting.
+
+
+ This method does not take an object to include in the
+ log event. To pass an use one of the
+ methods instead.
+
+
+
+
+
+
+
+ Logs a formatted message string with the level.
+
+ A String containing zero or more format items
+ An Object to format
+
+
+ The message is formatted using the string.Format method. See
+ for details of the syntax of the format string and the behavior
+ of the formatting.
+
+
+ This method does not take an object to include in the
+ log event. To pass an use one of the
+ methods instead.
+
+
+
+
+
+
+
+ Logs a formatted message string with the level.
+
+ A String containing zero or more format items
+ An Object to format
+ An Object to format
+
+
+ The message is formatted using the string.Format method. See
+ for details of the syntax of the format string and the behavior
+ of the formatting.
+
+
+ This method does not take an object to include in the
+ log event. To pass an use one of the
+ methods instead.
+
+
+
+
+
+
+
+ Logs a formatted message string with the level.
+
+ A String containing zero or more format items
+ An Object to format
+ An Object to format
+ An Object to format
+
+
+ The message is formatted using the string.Format method. See
+ for details of the syntax of the format string and the behavior
+ of the formatting.
+
+
+ This method does not take an object to include in the
+ log event. To pass an use one of the
+ methods instead.
+
+
+
+
+
+
+ Log a message object with the level.
+
+ Log a message object with the level.
+
+
+
+ This method first checks if this logger is FATAL
+ enabled by comparing the level of this logger with the
+ level. If this logger is
+ FATAL enabled, then it converts the message object
+ (passed as parameter) to a string by invoking the appropriate
+ . It then
+ proceeds to call all the registered appenders in this logger
+ and also higher in the hierarchy depending on the value of the
+ additivity flag.
+
+ WARNING Note that passing an
+ to this method will print the name of the
+ but no stack trace. To print a stack trace use the
+ form instead.
+
+
+ The message object to log.
+
+
+
+
+
+ Log a message object with the level including
+ the stack trace of the passed
+ as a parameter.
+
+ The message object to log.
+ The exception to log, including its stack trace.
+
+
+ See the form for more detailed information.
+
+
+
+
+
+
+ Log a formatted message string with the level.
+
+ Logs a formatted message string with the level.
+
+ A String containing zero or more format items
+ An Object array containing zero or more objects to format
+
+
+ The message is formatted using the string.Format method. See
+ for details of the syntax of the format string and the behavior
+ of the formatting.
+
+
+ This method does not take an object to include in the
+ log event. To pass an use one of the
+ methods instead.
+
+
+
+
+
+
+
+ Logs a formatted message string with the level.
+
+ A String containing zero or more format items
+ An Object to format
+
+
+ The message is formatted using the string.Format method. See
+ for details of the syntax of the format string and the behavior
+ of the formatting.
+
+
+ This method does not take an object to include in the
+ log event. To pass an use one of the
+ methods instead.
+
+
+
+
+
+
+
+ Logs a formatted message string with the level.
+
+ A String containing zero or more format items
+ An Object to format
+ An Object to format
+
+
+ The message is formatted using the string.Format method. See
+ for details of the syntax of the format string and the behavior
+ of the formatting.
+
+
+ This method does not take an object to include in the
+ log event. To pass an use one of the
+ methods instead.
+
+
+
+
+
+
+
+ Logs a formatted message string with the level.
+
+ A String containing zero or more format items
+ An Object to format
+ An Object to format
+ An Object to format
+
+
+ The message is formatted using the string.Format method. See
+ for details of the syntax of the format string and the behavior
+ of the formatting.
+
+
+ This method does not take an object to include in the
+ log event. To pass an use one of the
+ methods instead.
+
+
+
+
+
+
+
+ Checks if this logger is enabled for the level.
+
+
+ true if this logger is enabled for events, false otherwise.
+
+
+
+ This function is intended to lessen the computational cost of
+ disabled log debug statements.
+
+ For some ILog interface log, when you write:
+
+ log.Debug("This is entry number: " + i );
+
+
+ You incur the cost constructing the message, string construction and concatenation in
+ this case, regardless of whether the message is logged or not.
+
+
+ If you are worried about speed (who isn't), then you should write:
+
+
+ if (log.IsDebugEnabled)
+ {
+ log.Debug("This is entry number: " + i );
+ }
+
+
+ This way you will not incur the cost of parameter
+ construction if debugging is disabled for log. On
+ the other hand, if the log is debug enabled, you
+ will incur the cost of evaluating whether the logger is debug
+ enabled twice. Once in and once in
+ the . This is an insignificant overhead
+ since evaluating a logger takes about 1% of the time it
+ takes to actually log. This is the preferred style of logging.
+
+ Alternatively if your logger is available statically then the is debug
+ enabled state can be stored in a static variable like this:
+
+
+ private static readonly bool isDebugEnabled = log.IsDebugEnabled;
+
+
+ Then when you come to log you can write:
+
+
+ if (isDebugEnabled)
+ {
+ log.Debug("This is entry number: " + i );
+ }
+
+
+ This way the debug enabled state is only queried once
+ when the class is loaded. Using a private static readonly
+ variable is the most efficient because it is a run time constant
+ and can be heavily optimized by the JIT compiler.
+
+
+ Of course if you use a static readonly variable to
+ hold the enabled state of the logger then you cannot
+ change the enabled state at runtime to vary the logging
+ that is produced. You have to decide if you need absolute
+ speed or runtime flexibility.
+
+
+
+
+
+
+ Checks if this logger is enabled for the level.
+
+
+ true if this logger is enabled for events, false otherwise.
+
+
+ For more information see .
+
+
+
+
+
+
+ Checks if this logger is enabled for the level.
+
+
+ true if this logger is enabled for events, false otherwise.
+
+
+ For more information see .
+
+
+
+
+
+
+ Checks if this logger is enabled for the level.
+
+
+ true if this logger is enabled for events, false otherwise.
+
+
+ For more information see .
+
+
+
+
+
+
+ Checks if this logger is enabled for the level.
+
+
+ true if this logger is enabled for events, false otherwise.
+
+
+ For more information see .
+
+
+
+
+
+
+ Returns a new log4net logger if it exists, or returns null if the assembly cannot be found.
+
+ The created instance.
+
+
+
+ Creates the log4net.LogManager. Call ONLY after log4net.dll is known to be present.
+
+ The created instance.
+
+
+
+ Returns a new logger that does nothing when invoked.
+
+ The created instance.
+
+
+
+ See .
+
+
+
+
+ See .
+
+
+
+
+ See .
+
+
+
+
+ See .
+
+
+
+
+ See .
+
+
+
+
+ See .
+
+
+
+
+ See .
+
+
+
+
+ See .
+
+
+
+
+ See .
+
+
+
+
+ See .
+
+
+
+
+ See .
+
+
+
+
+ See .
+
+
+
+
+ See .
+
+
+
+
+ See .
+
+
+
+
+ See .
+
+
+
+
+ See .
+
+
+
+
+ See .
+
+
+
+
+ See .
+
+
+
+
+ See .
+
+
+
+
+ See .
+
+
+
+
+ See .
+
+
+
+
+ See .
+
+
+
+
+ See .
+
+
+
+
+ See .
+
+
+
+
+ See .
+
+
+
+
+ See .
+
+
+
+
+ See .
+
+
+
+
+ See .
+
+
+
+
+ See .
+
+
+
+
+ See .
+
+
+
+
+ Returns a new logger that uses the class
+ if sufficient CAS permissions are granted to use it, otherwise returns false.
+
+ The created instance.
+
+
+
+ See .
+
+
+
+
+ See .
+
+
+
+
+ See .
+
+
+
+
+ See .
+
+
+
+
+ See .
+
+
+
+
+ Represents a read-only dictionary.
+
+ The type of the key.
+ The type of the value.
+
+
+
+ Contains base dictionary.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The base dictionary.
+
+
+
+ Adds an element with the provided key and value to the .
+
+ The object to use as the key of the element to add.
+ The object to use as the value of the element to add.
+ is null.
+
+
+ An element with the same key already exists in the .
+
+
+ The is read-only.
+
+
+
+
+ Determines whether the contains an element with the specified key.
+
+ The key to locate in the .
+
+ true if the contains an element with the key; otherwise, false.
+
+ is null.
+
+
+
+
+ Removes the element with the specified key from the .
+
+ The key of the element to remove.
+
+ true if the element is successfully removed; otherwise, false. This method also returns false if was not found in the original .
+
+ is null.
+
+
+ The is read-only.
+
+
+
+
+ Gets the value associated with the specified key.
+
+ The key whose value to get.
+ When this method returns, the value associated with the specified key, if the key is found; otherwise, the default value for the type of the parameter. This parameter is passed uninitialized.
+
+ true if the object that implements contains an element with the specified key; otherwise, false.
+
+ is null.
+
+
+
+
+ Adds an item to the .
+
+ The object to add to the .
+
+ The is read-only.
+
+
+
+
+ Removes all items from the .
+
+
+ The is read-only.
+
+
+
+
+ Determines whether the contains a specific value.
+
+ The object to locate in the .
+
+ true if is found in the ; otherwise, false.
+
+
+
+
+ Copies to.
+
+ The array.
+ Index of the array.
+
+
+
+ Removes the first occurrence of a specific object from the .
+
+ The object to remove from the .
+
+ true if was successfully removed from the ; otherwise, false. This method also returns false if is not found in the original .
+
+
+ The is read-only.
+
+
+
+
+ Returns an enumerator that iterates through the collection.
+
+
+ A that can be used to iterate through the collection.
+
+
+
+
+ Returns an enumerator that iterates through a collection.
+
+
+ An object that can be used to iterate through the collection.
+
+
+
+
+ Gets an containing the keys of the .
+
+
+ An containing the keys of the object that implements .
+
+
+
+
+ Gets an containing the values in the .
+
+
+ An containing the values in the object that implements .
+
+
+
+
+ Gets the number of elements contained in the .
+
+
+ The number of elements contained in the .
+
+
+
+
+ Gets a value indicating whether the is read-only.
+
+ true if the is read-only; otherwise, false.
+
+
+
+
+ Gets or sets the element with the specified key.
+
+ The key being read or written.
+
+ The element with the specified key.
+
+ is null.
+
+
+ The property is retrieved and is not found.
+
+
+ The property is set and the is read-only.
+
+
+
+
+ The statistical reporting mechanism used so this library's project authors
+ know what versions and features are in use.
+
+
+
+
+ A UTF8 encoder that doesn't emit the preamble. Used for mid-stream writers.
+
+
+
+
+ A value indicating whether reporting is desirable or not. Must be logical-AND'd with !.
+
+
+
+
+ A value indicating whether reporting experienced an error and cannot be enabled.
+
+
+
+
+ A value indicating whether the reporting class has been initialized or not.
+
+
+
+
+ The object to lock during initialization.
+
+
+
+
+ The isolated storage to use for collecting data in between published reports.
+
+
+
+
+ The GUID that shows up at the top of all reports from this user/machine/domain.
+
+
+
+
+ The recipient of collected reports.
+
+
+
+
+ The outgoing HTTP request handler to use for publishing reports.
+
+
+
+
+ A few HTTP request hosts and paths we've seen.
+
+
+
+
+ Cultures that have come in via HTTP requests.
+
+
+
+
+ Features that have been used.
+
+
+
+
+ A collection of all the observations to include in the report.
+
+
+
+
+ The named events that we have counters for.
+
+
+
+
+ The lock acquired while considering whether to publish a report.
+
+
+
+
+ The time that we last published reports.
+
+
+
+
+ Initializes static members of the class.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Records an event occurrence.
+
+ Name of the event.
+ The category within the event. Null and empty strings are allowed, but considered the same.
+
+
+
+ Records an event occurence.
+
+ The object whose type name is the event name to record.
+ The category within the event. Null and empty strings are allowed, but considered the same.
+
+
+
+ Records the use of a feature by name.
+
+ The feature.
+
+
+
+ Records the use of a feature by object type.
+
+ The object whose type is the feature to set as used.
+
+
+
+ Records the use of a feature by object type.
+
+ The object whose type is the feature to set as used.
+ Some dependency used by .
+
+
+
+ Records the use of a feature by object type.
+
+ The object whose type is the feature to set as used.
+ Some dependency used by .
+ Some dependency used by .
+
+
+
+ Records statistics collected from incoming requests.
+
+ The request.
+
+
+
+ Called by every internal/public method on this class to give
+ periodic operations a chance to run.
+
+
+
+
+ Initializes Reporting if it has not been initialized yet.
+
+
+
+
+ Assembles a report for submission.
+
+ A stream that contains the report.
+
+
+
+ Sends the usage reports to the library authors.
+
+ A value indicating whether submitting the report was successful.
+
+
+
+ Interprets the reporting response as a log message if possible.
+
+ The line from the HTTP response to interpret as a log message.
+
+
+
+ Sends the stats report asynchronously, and careful to not throw any unhandled exceptions.
+
+
+
+
+ Gets the isolated storage to use for reporting.
+
+ An isolated storage location appropriate for our host.
+
+
+
+ Gets a unique, pseudonymous identifier for this particular web site or application.
+
+ A GUID that will serve as the identifier.
+
+ The identifier is made persistent by storing the identifier in isolated storage.
+ If an existing identifier is not found, a new one is created, persisted, and returned.
+
+
+
+
+ Sanitizes the name of the file so it only includes valid filename characters.
+
+ The filename to sanitize.
+ The filename, with any and all invalid filename characters replaced with the hyphen (-) character.
+
+
+
+ Gets or sets a value indicating whether this reporting is enabled.
+
+ true if enabled; otherwise, false.
+
+ Setting this property to truemay have no effect
+ if reporting has already experienced a failure of some kind.
+
+
+
+
+ Gets the observed features.
+
+
+
+
+ Gets the configuration to use for reporting.
+
+
+
+
+ A set of values that persist the set to disk.
+
+
+
+
+ The isolated persistent storage.
+
+
+
+
+ The persistent reader.
+
+
+
+
+ The persistent writer.
+
+
+
+
+ The total set of elements.
+
+
+
+
+ The maximum number of elements to track before not storing new elements.
+
+
+
+
+ The set of new elements added to the since the last flush.
+
+
+
+
+ The time the last flush occurred.
+
+
+
+
+ A flag indicating whether the set has changed since it was last flushed.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The storage location.
+ Name of the file.
+ The maximum number of elements to track.
+
+
+
+ Performs application-defined tasks associated with freeing, releasing, or resetting unmanaged resources.
+
+
+
+
+ Adds a value to the set.
+
+ The value.
+
+
+
+ Flushes any newly added values to disk.
+
+
+
+
+ Releases unmanaged and - optionally - managed resources
+
+ true to release both managed and unmanaged resources; false to release only unmanaged resources.
+
+
+
+ Gets a value indicating whether the hashset has reached capacity and is not storing more elements.
+
+ true if this instance is full; otherwise, false.
+
+
+
+ Gets the name of the file.
+
+ The name of the file.
+
+
+
+ A feature usage counter.
+
+
+
+
+ The separator to use between category names and their individual counters.
+
+
+
+
+ The isolated persistent storage.
+
+
+
+
+ The persistent reader.
+
+
+
+
+ The persistent writer.
+
+
+
+
+ The time the last flush occurred.
+
+
+
+
+ The in-memory copy of the counter.
+
+
+
+
+ A flag indicating whether the set has changed since it was last flushed.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The storage location.
+ Name of the file.
+
+
+
+ Performs application-defined tasks associated with freeing, releasing, or resetting unmanaged resources.
+
+
+
+
+ Increments the counter.
+
+ The category within the event. Null and empty strings are allowed, but considered the same.
+
+
+
+ Flushes any newly added values to disk.
+
+
+
+
+ Resets all counters.
+
+
+
+
+ Releases unmanaged and - optionally - managed resources
+
+ true to release both managed and unmanaged resources; false to release only unmanaged resources.
+
+
+
+ Gets the name of the file.
+
+ The name of the file.
+
+
+
+ Argument validation checks that throw some kind of ArgumentException when they fail (unless otherwise noted).
+
+
+
+
+ Validates that a given parameter is not null.
+
+ The type of the parameter
+ The value.
+ Name of the parameter.
+ The tested value, guaranteed to not be null.
+
+
+
+ Validates that a parameter is not null or empty.
+
+ The value.
+ Name of the parameter.
+ The validated value.
+
+
+
+ Validates that an array is not null or empty.
+
+ The type of the elements in the sequence.
+ The value.
+ Name of the parameter.
+
+
+
+ Validates that an argument is either null or is a sequence with no null elements.
+
+ The type of elements in the sequence.
+ The sequence.
+ Name of the parameter.
+
+
+
+ Validates some expression describing the acceptable range for an argument evaluates to true.
+
+ The expression that must evaluate to true to avoid an .
+ Name of the parameter.
+ The message to include with the exception.
+
+
+
+ Validates some expression describing the acceptable condition for an argument evaluates to true.
+
+ The expression that must evaluate to true to avoid an .
+ Name of the parameter.
+ The message to include with the exception.
+
+
+
+ Validates some expression describing the acceptable condition for an argument evaluates to true.
+
+ The expression that must evaluate to true to avoid an .
+ Name of the parameter.
+ The unformatted message.
+ Formatting arguments.
+
+
+
+ Validates some expression describing the acceptable condition for an argument evaluates to true.
+
+ The expression that must evaluate to true to avoid an .
+
+
+
+ Validates some expression describing the acceptable condition for an argument evaluates to true.
+
+ The expression that must evaluate to true to avoid an .
+ The message to include with the exception.
+
+
+
+ Validates some expression describing the acceptable condition for an argument evaluates to true.
+
+ The expression that must evaluate to true to avoid an .
+ The unformatted message.
+ Formatting arguments.
+
+
+
+ Validates that some argument describes a type that is or derives from a required type.
+
+ The type that the argument must be or derive from.
+ The type given in the argument.
+ Name of the parameter.
+
+
+
+ Validates some expression describing the acceptable condition for an argument evaluates to true.
+
+ The expression that must evaluate to true to avoid an .
+ The message.
+
+
+
+ Throws an if a condition does not evaluate to true.
+
+ The expression that must evaluate to true to avoid an .
+ The message.
+
+
+
+ Throws an
+
+ Name of the parameter.
+ The message.
+
+
+
+ A strongly-typed resource class, for looking up localized strings, etc.
+
+
+
+
+ Returns the cached ResourceManager instance used by this class.
+
+
+
+
+ Overrides the current thread's CurrentUICulture property for all
+ resource lookups using this strongly typed resource class.
+
+
+
+
+ Looks up a localized string similar to The configuration-specified type {0} must be public, and is not..
+
+
+
+
+ Looks up a localized string similar to The configuration XAML reference to {0} requires a current HttpContext to resolve..
+
+
+
+
+ Looks up a localized string similar to The current IHttpHandler is not one of types: {0}. An embedded resource URL provider must be set in your .config file..
+
+
+
+
+ Looks up a localized string similar to The empty string is not allowed..
+
+
+
+
+ Looks up a localized string similar to The argument has an unexpected value..
+
+
+
+
+ Looks up a localized string similar to The property {0} must be set before this operation is allowed..
+
+
+
+
+ Looks up a localized string similar to This object contains a response body, which is not supported..
+
+
+
+
+ Looks up a localized string similar to No current HttpContext was detected, so an {0} instance must be explicitly provided or specified in the .config file. Call the constructor overload that takes an {0}..
+
+
+
+
+ Utility methods for working with URIs.
+
+
+
+
+ Tests a URI for the presence of an OAuth payload.
+
+ The URI to test.
+ The prefix.
+
+ True if the URI contains an OAuth message.
+
+
+
+
+ Determines whether some is using HTTPS.
+
+ The Uri being tested for security.
+
+ true if the URI represents an encrypted request; otherwise, false.
+
+
+
+
+ Equivalent to UriBuilder.ToString() but omits port # if it may be implied.
+ Equivalent to UriBuilder.Uri.ToString(), but doesn't throw an exception if the Host has a wildcard.
+
+ The UriBuilder to render as a string.
+ The string version of the Uri.
+
+
+
+ Validates that a URL will be resolvable at runtime.
+
+ The page hosting the control that receives this URL as a property.
+ If set to true the page is in design-time mode rather than runtime mode.
+ The URI to check.
+ Thrown if the given URL is not a valid, resolvable URI.
+
+
+
+ A grab-bag utility class.
+
+
+
+
+ The base namespace for this library from which all other namespaces derive.
+
+
+
+
+ The web.config file-specified provider of web resource URLs.
+
+
+
+
+ Tests for equality between two objects. Safely handles the case where one or both are null.
+
+ The type of objects been checked for equality.
+ The first object.
+ The second object.
+ true if the two objects are equal; false otherwise.
+
+
+
+ Prepares a dictionary for printing as a string.
+
+ The type of the key.
+ The type of the value.
+ The dictionary or sequence of name-value pairs.
+ An object whose ToString method will perform the actual work of generating the string.
+
+ The work isn't done until (and if) the
+ method is actually called, which makes it great
+ for logging complex objects without being in a conditional block.
+
+
+
+
+ Offers deferred ToString processing for a list of elements, that are assumed
+ to generate just a single-line string.
+
+ The type of elements contained in the list.
+ The list of elements.
+ An object whose ToString method will perform the actual work of generating the string.
+
+
+
+ Offers deferred ToString processing for a list of elements.
+
+ The type of elements contained in the list.
+ The list of elements.
+ if set to true, special formatting will be applied to the output to make it clear where one element ends and the next begins.
+ An object whose ToString method will perform the actual work of generating the string.
+
+
+
+ Gets the web resource URL from a Page or object.
+
+ Some type in resource assembly.
+ Name of the manifest resource.
+ An absolute URL
+
+
+
+ Gets a human-readable description of the library name and version, including
+ whether the build is an official or private one.
+
+
+
+
+ Gets the assembly file version of the executing assembly, otherwise falls back to the assembly version.
+
+
+
+
+ Manages an individual deferred ToString call.
+
+ The type of object to be serialized as a string.
+
+
+
+ The object that will be serialized if called upon.
+
+
+
+
+ The method used to serialize to string form.
+
+
+
+
+ Initializes a new instance of the DelayedToString class.
+
+ The object that may be serialized to string form.
+ The method that will serialize the object if called upon.
+
+
+
+ Returns a that represents the current .
+
+
+ A that represents the current .
+
+
+
+
diff --git a/PROJ-ETS/packages/DotNetOpenAuth.Core.4.3.0.13117/lib/net45-full/DotNetOpenAuth.Core.dll b/PROJ-ETS/packages/DotNetOpenAuth.Core.4.3.0.13117/lib/net45-full/DotNetOpenAuth.Core.dll
new file mode 100644
index 0000000..ad7c635
Binary files /dev/null and b/PROJ-ETS/packages/DotNetOpenAuth.Core.4.3.0.13117/lib/net45-full/DotNetOpenAuth.Core.dll differ
diff --git a/PROJ-ETS/packages/DotNetOpenAuth.Core.4.3.0.13117/lib/net45-full/DotNetOpenAuth.Core.xml b/PROJ-ETS/packages/DotNetOpenAuth.Core.4.3.0.13117/lib/net45-full/DotNetOpenAuth.Core.xml
new file mode 100644
index 0000000..dd8ec49
--- /dev/null
+++ b/PROJ-ETS/packages/DotNetOpenAuth.Core.4.3.0.13117/lib/net45-full/DotNetOpenAuth.Core.xml
@@ -0,0 +1,10311 @@
+
+
+
+ DotNetOpenAuth.Core
+
+
+
+
+ Internal state consistency checks that throw an internal error exception when they fail.
+
+
+
+
+ Validates some expression describing the acceptable condition evaluates to true.
+
+ The expression that must evaluate to true to avoid an internal error exception.
+ The message to include with the exception.
+
+
+
+ Validates some expression describing the acceptable condition evaluates to true.
+
+ The expression that must evaluate to true to avoid an internal error exception.
+ The unformatted message.
+ Formatting arguments.
+
+
+
+ Throws an internal error exception.
+
+ The message.
+
+
+
+ Throws an internal error exception.
+
+ Nothing. This method always throws.
+
+
+
+ An internal error exception that should never be caught.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The message.
+
+
+
+ Initializes a new instance of the class.
+
+ The that holds the serialized object data about the exception being thrown.
+ The that contains contextual information about the source or destination.
+ The parameter is null.
+ The class name is null or is zero (0).
+
+
+
+ A message part encoder that translates between byte[] and base64web encoded strings.
+
+
+
+
+ An interface describing how various objects can be serialized and deserialized between their object and string forms.
+
+
+ Implementations of this interface must include a default constructor and must be thread-safe.
+
+
+
+
+ Encodes the specified value.
+
+ The value. Guaranteed to never be null.
+ The in string form, ready for message transport.
+
+
+
+ Decodes the specified value.
+
+ The string value carried by the transport. Guaranteed to never be null, although it may be empty.
+ The deserialized form of the given string.
+ Thrown when the string value given cannot be decoded into the required object type.
+
+
+
+ Encodes the specified value.
+
+ The value. Guaranteed to never be null.
+ The in string form, ready for message transport.
+
+
+
+ Decodes the specified value.
+
+ The string value carried by the transport. Guaranteed to never be null, although it may be empty.
+ The deserialized form of the given string.
+ Thrown when the string value given cannot be decoded into the required object type.
+
+
+
+ Provides RSA encryption of symmetric keys to protect them from a theft of
+ the persistent store.
+
+
+
+
+ A persistent store for rotating symmetric cryptographic keys.
+
+
+ Implementations should persist it in such a way that the keys are shared across all servers
+ on a web farm, where applicable.
+ The store should consider protecting the persistent store against theft resulting in the loss
+ of the confidentiality of the keys. One possible mitigation is to asymmetrically encrypt
+ each key using a certificate installed in the server's certificate store.
+
+
+
+
+ Gets the key in a given bucket and handle.
+
+ The bucket name. Case sensitive.
+ The key handle. Case sensitive.
+ The cryptographic key, or null if no matching key was found.
+
+
+
+ Gets a sequence of existing keys within a given bucket.
+
+ The bucket name. Case sensitive.
+ A sequence of handles and keys, ordered by descending .
+
+
+
+ Stores a cryptographic key.
+
+ The name of the bucket to store the key in. Case sensitive.
+ The handle to the key, unique within the bucket. Case sensitive.
+ The key to store.
+ Thrown in the event of a conflict with an existing key in the same bucket and with the same handle.
+
+
+
+ Removes the key.
+
+ The bucket name. Case sensitive.
+ The key handle. Case sensitive.
+
+
+
+ The persistent store for asymmetrically encrypted symmetric keys.
+
+
+
+
+ The memory cache of decrypted keys.
+
+
+
+
+ The asymmetric algorithm to use encrypting/decrypting the symmetric keys.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The data store.
+ The asymmetric protection to apply to symmetric keys. Must include the private key.
+
+
+
+ Gets the key in a given bucket and handle.
+
+ The bucket name. Case sensitive.
+ The key handle. Case sensitive.
+
+ The cryptographic key, or null if no matching key was found.
+
+
+
+
+ Gets a sequence of existing keys within a given bucket.
+
+ The bucket name. Case sensitive.
+
+ A sequence of handles and keys, ordered by descending .
+
+
+
+
+ Stores a cryptographic key.
+
+ The name of the bucket to store the key in. Case sensitive.
+ The handle to the key, unique within the bucket. Case sensitive.
+ The key to store.
+
+
+
+ Removes the key.
+
+ The bucket name. Case sensitive.
+ The key handle. Case sensitive.
+
+
+
+ Decrypts the specified key.
+
+ The bucket.
+ The handle.
+ The encrypted key.
+
+ The decrypted key.
+
+
+
+
+ An encrypted key and its decrypted equivalent.
+
+
+
+
+ A cryptographic key and metadata concerning it.
+
+
+
+
+ Backing field for the property.
+
+
+
+
+ Backing field for the property.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The cryptographic key.
+ The expires UTC.
+
+
+
+ Determines whether the specified is equal to this instance.
+
+ The to compare with this instance.
+
+ true if the specified is equal to this instance; otherwise, false.
+
+
+ The parameter is null.
+
+
+
+
+ Returns a hash code for this instance.
+
+
+ A hash code for this instance, suitable for use in hashing algorithms and data structures like a hash table.
+
+
+
+
+ Gets the key.
+
+
+
+
+ Gets the expiration date of this key (UTC time).
+
+
+
+
+ Initializes a new instance of the class.
+
+ The encrypted key.
+ The decrypted key.
+
+
+
+ Invariant conditions.
+
+
+
+
+ Gets the encrypted key.
+
+
+
+
+ Thrown by a hosting application or web site when a cryptographic key is created with a
+ bucket and handle that conflicts with a previously stored and unexpired key.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The inner exception to include.
+
+
+
+ Initializes a new instance of the class.
+
+ The
+ that holds the serialized object data about the exception being thrown.
+ The System.Runtime.Serialization.StreamingContext
+ that contains contextual information about the source or destination.
+
+
+
+ Code contract for the interface.
+
+
+
+
+ Gets the key in a given bucket and handle.
+
+ The bucket name. Case sensitive.
+ The key handle. Case sensitive.
+
+ The cryptographic key, or null if no matching key was found.
+
+
+
+
+ Gets a sequence of existing keys within a given bucket.
+
+ The bucket name. Case sensitive.
+
+ A sequence of handles and keys, ordered by descending .
+
+
+
+
+ Stores a cryptographic key.
+
+ The name of the bucket to store the key in. Case sensitive.
+ The handle to the key, unique within the bucket. Case sensitive.
+ The key to store.
+ Thrown in the event of a conflict with an existing key in the same bucket and with the same handle.
+
+
+
+ Removes the key.
+
+ The bucket name. Case sensitive.
+ The key handle. Case sensitive.
+
+
+
+ A in-memory store of crypto keys.
+
+
+
+
+ How frequently to check for and remove expired secrets.
+
+
+
+
+ An in-memory cache of decrypted symmetric keys.
+
+
+ The key is the bucket name. The value is a dictionary whose key is the handle and whose value is the cached key.
+
+
+
+
+ The last time the cache had expired keys removed from it.
+
+
+
+
+ Gets the key in a given bucket and handle.
+
+ The bucket name. Case sensitive.
+ The key handle. Case sensitive.
+
+ The cryptographic key, or null if no matching key was found.
+
+
+
+
+ Gets a sequence of existing keys within a given bucket.
+
+ The bucket name. Case sensitive.
+
+ A sequence of handles and keys, ordered by descending .
+
+
+
+
+ Stores a cryptographic key.
+
+ The name of the bucket to store the key in. Case sensitive.
+ The handle to the key, unique within the bucket. Case sensitive.
+ The key to store.
+ Thrown in the event of a conflict with an existing key in the same bucket and with the same handle.
+
+
+
+ Removes the key.
+
+ The bucket name. Case sensitive.
+ The key handle. Case sensitive.
+
+
+
+ Cleans the expired keys from memory cache if the cleaning interval has passed.
+
+
+
+
+ Weeds out expired keys from the in-memory cache.
+
+
+
+
+ A compact binary serialization class.
+
+ The -derived type to serialize/deserialize.
+
+
+
+ A serializer for -derived types
+
+ The DataBag-derived type that is to be serialized/deserialized.
+
+
+
+ A serializer for -derived types
+
+ The DataBag-derived type that is to be serialized/deserialized.
+
+
+
+ Serializes the specified message.
+
+ The message to serialize. Must not be null.
+ A non-null, non-empty value.
+
+
+
+ Deserializes a .
+
+ The instance to deserialize into
+ The serialized form of the to deserialize. Must not be null or empty.
+ The message that contains the serialized value. May be null if no carrying message is applicable.
+ The name of the parameter whose value is to be deserialized. Used for error message generation, but may be null.
+
+
+
+ The length of the nonce to include in tokens that can be decoded once only.
+
+
+
+
+ The message description cache to use for data bag types.
+
+
+
+
+ The minimum allowable lifetime for the key used to encrypt/decrypt or sign this databag.
+
+
+
+
+ The symmetric key store with the secret used for signing/encryption of verification codes and refresh tokens.
+
+
+
+
+ The bucket for symmetric keys.
+
+
+
+
+ The crypto to use for signing access tokens.
+
+
+
+
+ The crypto to use for encrypting access tokens.
+
+
+
+
+ A value indicating whether the data in this instance will be protected against tampering.
+
+
+
+
+ The nonce store to use to ensure that this instance is only decoded once.
+
+
+
+
+ The maximum age of a token that can be decoded; useful only when is true.
+
+
+
+
+ A value indicating whether the data in this instance will be protected against eavesdropping.
+
+
+
+
+ A value indicating whether the data in this instance will be GZip'd.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The crypto service provider with the asymmetric key to use for signing or verifying the token.
+ The crypto service provider with the asymmetric key to use for encrypting or decrypting the token.
+ A value indicating whether the data in this instance will be GZip'd.
+ The maximum age of a token that can be decoded; useful only when is true.
+ The nonce store to use to ensure that this instance is only decoded once.
+
+
+
+ Initializes a new instance of the class.
+
+ The crypto key store used when signing or encrypting.
+ The bucket in which symmetric keys are stored for signing/encrypting data.
+ A value indicating whether the data in this instance will be protected against tampering.
+ A value indicating whether the data in this instance will be protected against eavesdropping.
+ A value indicating whether the data in this instance will be GZip'd.
+ The required minimum lifespan within which this token must be decodable and verifiable; useful only when and/or is true.
+ The maximum age of a token that can be decoded; useful only when is true.
+ The nonce store to use to ensure that this instance is only decoded once.
+
+
+
+ Initializes a new instance of the class.
+
+ A value indicating whether the data in this instance will be protected against tampering.
+ A value indicating whether the data in this instance will be protected against eavesdropping.
+ A value indicating whether the data in this instance will be GZip'd.
+ The maximum age of a token that can be decoded; useful only when is true.
+ The nonce store to use to ensure that this instance is only decoded once.
+
+
+
+ Serializes the specified message, including compression, encryption, signing, and nonce handling where applicable.
+
+ The message to serialize. Must not be null.
+ A non-null, non-empty value.
+
+
+
+ Deserializes a , including decompression, decryption, signature and nonce validation where applicable.
+
+ The instance to initialize with deserialized data.
+ The serialized form of the to deserialize. Must not be null or empty.
+ The message that contains the serialized value. May be null if no carrying message is applicable.
+ The name of the parameter whose value is to be deserialized. Used for error message generation, but may be null.
+
+
+
+ Serializes the instance to a buffer.
+
+ The message.
+ The buffer containing the serialized data.
+
+
+
+ Deserializes the instance from a buffer.
+
+ The message instance to initialize with data from the buffer.
+ The data buffer.
+
+
+
+ Determines whether the signature on this instance is valid.
+
+ The signed data.
+ The signature.
+ The symmetric secret handle. null when using an asymmetric algorithm.
+
+ true if the signature is valid; otherwise, false.
+
+
+
+
+ Calculates the signature for the data in this verification code.
+
+ The bytes to sign.
+ The symmetric secret handle. null when using an asymmetric algorithm.
+
+ The calculated signature.
+
+
+
+
+ Encrypts the specified value using either the symmetric or asymmetric encryption algorithm as appropriate.
+
+ The value.
+ Receives the symmetric secret handle. null when using an asymmetric algorithm.
+
+ The encrypted value.
+
+
+
+
+ Decrypts the specified value using either the symmetric or asymmetric encryption algorithm as appropriate.
+
+ The value.
+ The symmetric secret handle. null when using an asymmetric algorithm.
+
+ The decrypted value.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The crypto service provider with the asymmetric key to use for signing or verifying the token.
+ The crypto service provider with the asymmetric key to use for encrypting or decrypting the token.
+ A value indicating whether the data in this instance will be GZip'd.
+ The maximum age of a token that can be decoded; useful only when is true.
+ The nonce store to use to ensure that this instance is only decoded once.
+
+
+
+ Initializes a new instance of the class.
+
+ The crypto key store used when signing or encrypting.
+ The bucket in which symmetric keys are stored for signing/encrypting data.
+ A value indicating whether the data in this instance will be protected against tampering.
+ A value indicating whether the data in this instance will be protected against eavesdropping.
+ A value indicating whether the data in this instance will be GZip'd.
+ The minimum age.
+ The maximum age of a token that can be decoded; useful only when is true.
+ The nonce store to use to ensure that this instance is only decoded once.
+
+
+
+ Serializes the instance to a buffer.
+
+ The message.
+ The buffer containing the serialized data.
+
+
+
+ Deserializes the instance from a buffer.
+
+ The message instance to initialize with data from the buffer.
+ The data buffer.
+
+
+
+ Cached details on the response from a direct web request to a remote party.
+
+
+
+
+ Details on the incoming response from a direct web request to a remote party.
+
+
+
+
+ The encoding to use in reading a response that does not declare its own content encoding.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The original request URI.
+ The response to initialize from. The network stream is used by this class directly.
+
+
+
+ Initializes a new instance of the class.
+
+ The request URI.
+ The final URI to respond to the request.
+ The headers.
+ The status code.
+ Type of the content.
+ The content encoding.
+
+
+
+ Returns a that represents the current .
+
+
+ A that represents the current .
+
+
+
+
+ Performs application-defined tasks associated with freeing, releasing, or resetting unmanaged resources.
+
+
+
+
+ Creates a text reader for the response stream.
+
+ The text reader, initialized for the proper encoding.
+
+
+
+ Gets an offline snapshot version of this instance.
+
+ The maximum bytes from the response stream to cache.
+ A snapshot version of this instance.
+
+ If this instance is a creating a snapshot
+ will automatically close and dispose of the underlying response stream.
+ If this instance is a , the result will
+ be the self same instance.
+
+
+
+
+ Releases unmanaged and - optionally - managed resources
+
+ true to release both managed and unmanaged resources; false to release only unmanaged resources.
+
+
+
+ Gets the type of the content.
+
+
+
+
+ Gets the content encoding.
+
+
+
+
+ Gets the URI of the initial request.
+
+
+
+
+ Gets the URI that finally responded to the request.
+
+
+ This can be different from the in cases of
+ redirection during the request.
+
+
+
+
+ Gets the headers that must be included in the response to the user agent.
+
+
+ The headers in this collection are not meant to be a comprehensive list
+ of exactly what should be sent, but are meant to augment whatever headers
+ are generally included in a typical response.
+
+
+
+
+ Gets the HTTP status code to use in the HTTP response.
+
+
+
+
+ Gets the body of the HTTP response.
+
+
+
+
+ A seekable, repeatable response stream.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The request URI.
+ The response.
+ The maximum bytes to read.
+
+
+
+ Initializes a new instance of the class.
+
+ The request URI.
+ The final URI to respond to the request.
+ The headers.
+ The status code.
+ Type of the content.
+ The content encoding.
+ The response stream.
+
+
+
+ Creates a text reader for the response stream.
+
+ The text reader, initialized for the proper encoding.
+
+
+
+ Gets the body of the response as a string.
+
+ The entire body of the response.
+
+
+
+ Gets an offline snapshot version of this instance.
+
+ The maximum bytes from the response stream to cache.
+ A snapshot version of this instance.
+
+ If this instance is a creating a snapshot
+ will automatically close and dispose of the underlying response stream.
+ If this instance is a , the result will
+ be the self same instance.
+
+
+
+
+ Sets the response to some string, encoded as UTF-8.
+
+ The string to set the response to.
+
+
+
+ Caches the network stream and closes it if it is open.
+
+ The response whose stream is to be cloned.
+ The maximum bytes to cache.
+ The seekable Stream instance that contains a copy of what was returned in the HTTP response.
+
+
+
+ Gets a value indicating whether the cached response stream was
+ truncated to a maximum allowable length.
+
+
+
+
+ Gets the body of the HTTP response.
+
+
+
+
+ Gets or sets the cached response stream.
+
+
+
+
+ Code contract for the class.
+
+
+
+
+ Manages sending direct messages to a remote party and receiving responses.
+
+
+
+
+ The content-type used on HTTP POST requests where the POST entity is a
+ URL-encoded series of key=value pairs.
+
+
+
+
+ The content-type used for JSON serialized objects.
+
+
+
+
+ The "text/javascript" content-type that some servers return instead of the standard one.
+
+
+
+
+ The content-type for plain text.
+
+
+
+
+ The HTML that should be returned to the user agent as part of a 301 Redirect.
+
+ A string that should be used as the first argument to string.Format, where the {0} should be replaced with the URL to redirect to.
+
+
+
+ The template for indirect messages that require form POST to forward through the user agent.
+
+
+ We are intentionally using " instead of the html single quote ' below because
+ the HtmlEncode'd values that we inject will only escape the double quote, so
+ only the double-quote used around these values is safe.
+
+
+
+
+ The encoding to use when writing out POST entity strings.
+
+
+
+
+ A default set of XML dictionary reader quotas that are relatively safe from causing unbounded memory consumption.
+
+
+
+
+ The content-type used on HTTP POST requests where the POST entity is a
+ URL-encoded series of key=value pairs.
+ This includes the character encoding.
+
+
+
+
+ A list of binding elements in the order they must be applied to outgoing messages.
+
+
+
+
+ A list of binding elements in the order they must be applied to incoming messages.
+
+
+
+
+ The default cache of message descriptions to use unless they are customized.
+
+
+ This is a perf optimization, so that we don't reflect over every message type
+ every time a channel is constructed.
+
+
+
+
+ A cache of reflected message types that may be sent or received on this channel.
+
+
+
+
+ A tool that can figure out what kind of message is being received
+ so it can be deserialized.
+
+
+
+
+ Backing store for the property.
+
+
+
+
+ Backing field for the property.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+ A class prepared to analyze incoming messages and indicate what concrete
+ message types can deserialize from it.
+
+
+ The binding elements to use in sending and receiving messages.
+ The order they are provided is used for outgoing messgaes, and reversed for incoming messages.
+
+
+
+
+ Sends an indirect message (either a request or response)
+ or direct message response for transmission to a remote party
+ and ends execution on the current page or handler.
+
+ The one-way message to send
+ Thrown by ASP.NET in order to prevent additional data from the page being sent to the client and corrupting the response.
+
+ Requires an HttpContext.Current context.
+
+
+
+
+ Sends an indirect message (either a request or response)
+ or direct message response for transmission to a remote party
+ and skips most of the remaining ASP.NET request handling pipeline.
+ Not safe to call from ASP.NET web forms.
+
+ The one-way message to send
+
+ Requires an HttpContext.Current context.
+ This call is not safe to make from an ASP.NET web form (.aspx file or code-behind) because
+ ASP.NET will render HTML after the protocol message has been sent, which will corrupt the response.
+ Use the method instead for web forms.
+
+
+
+
+ Prepares an indirect message (either a request or response)
+ or direct message response for transmission to a remote party.
+
+ The one-way message to send
+ The pending user agent redirect based message to be sent as an HttpResponse.
+
+
+
+ Gets the protocol message embedded in the given HTTP request, if present.
+
+ The deserialized message, if one is found. Null otherwise.
+
+ Requires an HttpContext.Current context.
+
+ Thrown when is null.
+
+
+
+ Gets the protocol message embedded in the given HTTP request, if present.
+
+ The expected type of the message to be received.
+ The deserialized message, if one is found. Null otherwise.
+ True if the expected message was recognized and deserialized. False otherwise.
+
+ Requires an HttpContext.Current context.
+
+ Thrown when is null.
+ Thrown when a request message of an unexpected type is received.
+
+
+
+ Gets the protocol message embedded in the given HTTP request, if present.
+
+ The expected type of the message to be received.
+ The request to search for an embedded message.
+ The deserialized message, if one is found. Null otherwise.
+ True if the expected message was recognized and deserialized. False otherwise.
+ Thrown when is null.
+ Thrown when a request message of an unexpected type is received.
+
+
+
+ Gets the protocol message embedded in the current HTTP request.
+
+ The expected type of the message to be received.
+ The deserialized message. Never null.
+
+ Requires an HttpContext.Current context.
+
+ Thrown when is null.
+ Thrown if the expected message was not recognized in the response.
+
+
+
+ Gets the protocol message embedded in the given HTTP request.
+
+ The expected type of the message to be received.
+ The request to search for an embedded message.
+ The deserialized message. Never null.
+ Thrown if the expected message was not recognized in the response.
+
+
+
+ Gets the protocol message that may be embedded in the given HTTP request.
+
+ The request to search for an embedded message.
+ The deserialized message, if one is found. Null otherwise.
+
+
+
+ Sends a direct message to a remote party and waits for the response.
+
+ The expected type of the message to be received.
+ The message to send.
+ The remote party's response.
+
+ Thrown if no message is recognized in the response
+ or an unexpected type of message is received.
+
+
+
+
+ Sends a direct message to a remote party and waits for the response.
+
+ The message to send.
+ The remote party's response. Guaranteed to never be null.
+ Thrown if the response does not include a protocol message.
+
+
+
+ Performs application-defined tasks associated with freeing, releasing, or resetting unmanaged resources.
+
+
+
+
+ Verifies the integrity and applicability of an incoming message.
+
+ The message just received.
+
+ Thrown when the message is somehow invalid.
+ This can be due to tampering, replay attack or expiration, among other things.
+
+
+
+
+ Prepares an HTTP request that carries a given message.
+
+ The message to send.
+ The prepared to send the request.
+
+ This method must be overridden by a derived class, unless the method
+ is overridden and does not require this method.
+
+
+
+
+ Queues a message for sending in the response stream where the fields
+ are sent in the response stream in querystring style.
+
+ The message to send as a response.
+ The pending user agent redirect based message to be sent as an HttpResponse.
+
+ This method implements spec OAuth V1.0 section 5.3.
+
+
+
+
+ Gets the protocol message that may be in the given HTTP response.
+
+ The response that is anticipated to contain an protocol message.
+ The deserialized message parts, if found. Null otherwise.
+ Thrown when the response is not valid.
+
+
+
+ This method should NOT be called by derived types
+ except when sending ONE WAY request messages.
+
+
+ Prepares a message for transmit by applying signatures, nonces, etc.
+
+ The message to prepare for sending.
+
+
+
+ Gets the HTTP context for the current HTTP request.
+
+ An HttpContextBase instance.
+
+
+
+ Gets the current HTTP request being processed.
+
+ The HttpRequestInfo for the current request.
+
+ Requires an context.
+
+ Thrown if HttpContext.Current == null.
+
+
+
+ Checks whether a given HTTP method is expected to include an entity body in its request.
+
+ The HTTP method.
+ true if the HTTP method is supposed to have an entity; false otherwise.
+
+
+
+ Applies message prescribed HTTP response headers to an outgoing web response.
+
+ The message.
+ The HTTP response.
+
+
+
+ Releases unmanaged and - optionally - managed resources
+
+ true to release both managed and unmanaged resources; false to release only unmanaged resources.
+
+
+
+ Fires the event.
+
+ The message about to be encoded and sent.
+
+
+
+ Gets the direct response of a direct HTTP request.
+
+ The web request.
+ The response to the web request.
+ Thrown on network or protocol errors.
+
+
+
+ Submits a direct request message to some remote party and blocks waiting for an immediately reply.
+
+ The request message.
+ The response message, or null if the response did not carry a message.
+
+ Typically a deriving channel will override to customize this method's
+ behavior. However in non-HTTP frameworks, such as unit test mocks, it may be appropriate to override
+ this method to eliminate all use of an HTTP transport.
+
+
+
+
+ Called when receiving a direct response message, before deserialization begins.
+
+ The HTTP direct response.
+ The newly instantiated message, prior to deserialization.
+
+
+
+ Gets the protocol message that may be embedded in the given HTTP request.
+
+ The request to search for an embedded message.
+ The deserialized message, if one is found. Null otherwise.
+
+
+
+ Deserializes a dictionary of values into a message.
+
+ The dictionary of values that were read from an HTTP request or response.
+ Information about where the message was directed. Null for direct response messages.
+ The deserialized message, or null if no message could be recognized in the provided data.
+
+
+
+ Queues an indirect message for transmittal via the user agent.
+
+ The message to send.
+ The pending user agent redirect based message to be sent as an HttpResponse.
+
+
+
+ Encodes an HTTP response that will instruct the user agent to forward a message to
+ some remote third party using a 301 Redirect GET method.
+
+ The message to forward.
+ The pre-serialized fields from the message.
+ if set to true the redirect will contain the message payload in the #fragment portion of the URL rather than the ?querystring.
+ The encoded HTTP response.
+
+
+
+ Encodes an HTTP response that will instruct the user agent to forward a message to
+ some remote third party using a form POST method.
+
+ The message to forward.
+ The pre-serialized fields from the message.
+ The encoded HTTP response.
+
+
+
+ Gets the protocol message that may be in the given HTTP response.
+
+ The response that is anticipated to contain an protocol message.
+ The deserialized message parts, if found. Null otherwise.
+ Thrown when the response is not valid.
+
+
+
+ Prepares an HTTP request that carries a given message.
+
+ The message to send.
+ The prepared to send the request.
+
+ This method must be overridden by a derived class, unless the method
+ is overridden and does not require this method.
+
+
+
+
+ Queues a message for sending in the response stream where the fields
+ are sent in the response stream in querystring style.
+
+ The message to send as a response.
+ The pending user agent redirect based message to be sent as an HttpResponse.
+
+ This method implements spec OAuth V1.0 section 5.3.
+
+
+
+
+ Serializes the given message as a JSON string.
+
+ The message to serialize.
+ A JSON string.
+
+
+
+ Deserializes from flat data from a JSON object.
+
+ A JSON string.
+ The simple "key":"value" pairs from a JSON-encoded object.
+
+
+
+ Prepares a message for transmit by applying signatures, nonces, etc.
+
+ The message to prepare for sending.
+
+ This method should NOT be called by derived types
+ except when sending ONE WAY request messages.
+
+
+
+
+ Prepares to send a request to the Service Provider as the query string in a GET request.
+
+ The message to be transmitted to the ServiceProvider.
+ The web request ready to send.
+
+ This method is simply a standard HTTP Get request with the message parts serialized to the query string.
+ This method satisfies OAuth 1.0 section 5.2, item #3.
+
+
+
+
+ Prepares to send a request to the Service Provider as the query string in a HEAD request.
+
+ The message to be transmitted to the ServiceProvider.
+ The web request ready to send.
+
+ This method is simply a standard HTTP HEAD request with the message parts serialized to the query string.
+ This method satisfies OAuth 1.0 section 5.2, item #3.
+
+
+
+
+ Prepares to send a request to the Service Provider as the payload of a POST request.
+
+ The message to be transmitted to the ServiceProvider.
+ The web request ready to send.
+
+ This method is simply a standard HTTP POST request with the message parts serialized to the POST entity
+ with the application/x-www-form-urlencoded content type
+ This method satisfies OAuth 1.0 section 5.2, item #2 and OpenID 2.0 section 4.1.2.
+
+
+
+
+ Prepares to send a request to the Service Provider as the query string in a PUT request.
+
+ The message to be transmitted to the ServiceProvider.
+ The web request ready to send.
+
+ This method is simply a standard HTTP PUT request with the message parts serialized to the query string.
+
+
+
+
+ Prepares to send a request to the Service Provider as the query string in a DELETE request.
+
+ The message to be transmitted to the ServiceProvider.
+ The web request ready to send.
+
+ This method is simply a standard HTTP DELETE request with the message parts serialized to the query string.
+
+
+
+
+ Sends the given parameters in the entity stream of an HTTP request.
+
+ The HTTP request.
+ The parameters to send.
+
+ This method calls and closes
+ the request stream, but does not call .
+
+
+
+
+ Sends the given parameters in the entity stream of an HTTP request in multi-part format.
+
+ The HTTP request.
+ The parameters to send.
+
+ This method calls and closes
+ the request stream, but does not call .
+
+
+
+
+ Verifies the integrity and applicability of an incoming message.
+
+ The message just received.
+
+ Thrown when the message is somehow invalid.
+ This can be due to tampering, replay attack or expiration, among other things.
+
+
+
+
+ Allows preprocessing and validation of message data before an appropriate message type is
+ selected or deserialized.
+
+ The received message data.
+
+
+
+ Performs additional processing on an outgoing web request before it is sent to the remote server.
+
+ The request.
+
+
+
+ Customizes the binding element order for outgoing and incoming messages.
+
+ The outgoing order.
+ The incoming order.
+
+ No binding elements can be added or removed from the channel using this method.
+ Only a customized order is allowed.
+
+ Thrown if a binding element is new or missing in one of the ordered lists.
+
+
+
+ Ensures a consistent and secure set of binding elements and
+ sorts them as necessary for a valid sequence of operations.
+
+ The binding elements provided to the channel.
+ The properly ordered list of elements.
+ Thrown when the binding elements are incomplete or inconsistent with each other.
+
+
+
+ Puts binding elements in their correct outgoing message processing order.
+
+ The first protection type to compare.
+ The second protection type to compare.
+
+ -1 if should be applied to an outgoing message before .
+ 1 if should be applied to an outgoing message before .
+ 0 if it doesn't matter.
+
+
+
+
+ Verifies that all required message parts are initialized to values
+ prior to sending the message to a remote party.
+
+ The message to verify.
+
+ Thrown when any required message part does not have a value.
+
+
+
+
+ Determines whether a given ordered list of binding elements includes every
+ binding element in this channel exactly once.
+
+ The list of binding elements to test.
+
+ true if the given list is a valid description of a binding element ordering; otherwise, false.
+
+
+
+
+ An event fired whenever a message is about to be encoded and sent.
+
+
+
+
+ Gets or sets an instance to a that will be used when
+ submitting HTTP requests and waiting for responses.
+
+
+ This defaults to a straightforward implementation, but can be set
+ to a mock object for testing purposes.
+
+
+
+
+ Gets or sets the maximum allowable size for a 301 Redirect response before we send
+ a 200 OK response with a scripted form POST with the parameters instead
+ in order to ensure successfully sending a large payload to another server
+ that might have a maximum allowable size restriction on its GET request.
+
+ The default value is 2048.
+
+
+
+ Gets or sets the message descriptions.
+
+
+
+
+ Gets a tool that can figure out what kind of message is being received
+ so it can be deserialized.
+
+
+
+
+ Gets the binding elements used by this channel, in no particular guaranteed order.
+
+
+
+
+ Gets the binding elements used by this channel, in the order applied to outgoing messages.
+
+
+
+
+ Gets the binding elements used by this channel, in the order applied to incoming messages.
+
+
+
+
+ Gets or sets a value indicating whether this instance is disposed.
+
+
+ true if this instance is disposed; otherwise, false.
+
+
+
+
+ Gets or sets a tool that can figure out what kind of message is being received
+ so it can be deserialized.
+
+
+
+
+ Gets or sets the cache policy to use for direct message requests.
+
+ Default is .
+
+
+
+ Gets or sets the XML dictionary reader quotas.
+
+ The XML dictionary reader quotas.
+
+
+
+ Prevents a default instance of the ChannelContract class from being created.
+
+
+
+
+ Gets the protocol message that may be in the given HTTP response.
+
+ The response that is anticipated to contain an protocol message.
+
+ The deserialized message parts, if found. Null otherwise.
+
+ Thrown when the response is not valid.
+
+
+
+ Queues a message for sending in the response stream where the fields
+ are sent in the response stream in querystring style.
+
+ The message to send as a response.
+
+ The pending user agent redirect based message to be sent as an HttpResponse.
+
+
+ This method implements spec V1.0 section 5.3.
+
+
+
+
+ HMAC-SHA algorithm names that can be passed to the method.
+
+
+
+
+ The name of the HMAC-SHA1 algorithm.
+
+
+
+
+ The name of the HMAC-SHA256 algorithm.
+
+
+
+
+ The name of the HMAC-SHA384 algorithm.
+
+
+
+
+ The name of the HMAC-SHA512 algorithm.
+
+
+
+
+ Creates an HMAC-SHA algorithm with the specified name and key.
+
+ A name from the available choices in the static const members of this class.
+ The secret key used as the HMAC.
+ The HMAC algorithm instance.
+
+
+
+ Well known HTTP headers.
+
+
+
+
+ The Authorization header, which specifies the credentials that the client presents in order to authenticate itself to the server.
+
+
+
+
+ The WWW-Authenticate header, which is included in HTTP 401 Unauthorized responses to help the client know which authorization schemes are supported.
+
+
+
+
+ The Content-Type header, which specifies the MIME type of the accompanying body data.
+
+
+
+
+ An interface that allows direct request messages to capture the details of the HTTP request they arrived on.
+
+
+
+
+ The interface that classes must implement to be serialized/deserialized
+ as protocol or extension messages.
+
+
+
+
+ Checks the message state for conformity to the protocol specification
+ and throws an exception if the message is invalid.
+
+
+ Some messages have required fields, or combinations of fields that must relate to each other
+ in specialized ways. After deserializing a message, this method checks the state of the
+ message to see if it conforms to the protocol.
+ Note that this property should not check signatures or perform any state checks
+ outside this scope of this particular message.
+
+ Thrown if the message is invalid.
+
+
+
+ Gets the version of the protocol or extension this message is prepared to implement.
+
+
+ Implementations of this interface should ensure that this property never returns null.
+
+
+
+
+ Gets the extra, non-standard Protocol parameters included in the message.
+
+
+ Implementations of this interface should ensure that this property never returns null.
+
+
+
+
+ Gets the HTTP headers of the request.
+
+ May be an empty collection, but must not be null.
+
+
+
+ Contract class for the interface.
+
+
+
+
+ Checks the message state for conformity to the protocol specification
+ and throws an exception if the message is invalid.
+
+
+ Some messages have required fields, or combinations of fields that must relate to each other
+ in specialized ways. After deserializing a message, this method checks the state of the
+ message to see if it conforms to the protocol.
+ Note that this property should not check signatures or perform any state checks
+ outside this scope of this particular message.
+
+ Thrown if the message is invalid.
+
+
+
+ Gets the HTTP headers of the request.
+
+ May be an empty collection, but must not be null.
+
+
+
+ Gets the version of the protocol or extension this message is prepared to implement.
+
+
+ Implementations of this interface should ensure that this property never returns null.
+
+
+
+
+ Gets the extra, non-standard Protocol parameters included in the message.
+
+
+ Implementations of this interface should ensure that this property never returns null.
+
+
+
+
+ An interface that allows indirect response messages to specify
+ HTTP transport specific properties.
+
+
+
+
+ Gets a value indicating whether the payload for the message should be included
+ in the redirect fragment instead of the query string or POST entity.
+
+
+
+
+ An interface that appears on messages that need to retain a description of
+ what their literal payload was when they were deserialized.
+
+
+
+
+ Gets or sets the original message parts, before any normalization or default values were assigned.
+
+
+
+
+ Code contract for the interface.
+
+
+
+
+ Gets or sets the original message parts, before any normalization or default values were assigned.
+
+
+
+
+ A set of flags that can control the behavior of an individual web request.
+
+
+
+
+ Indicates that default behavior is required.
+
+
+
+
+ Indicates that any response from the remote server, even those
+ with HTTP status codes that indicate errors, should not result
+ in a thrown exception.
+
+
+ Even with this flag set, should
+ be thrown when an HTTP protocol error occurs (i.e. timeouts).
+
+
+
+
+ Indicates that the HTTP request must be completed entirely
+ using SSL (including any redirects).
+
+
+
+
+ Extension methods for types.
+
+
+
+
+ Caches the results of enumerating over a given object so that subsequence enumerations
+ don't require interacting with the object a second time.
+
+ The type of element found in the enumeration.
+ The enumerable object.
+
+ Either a new enumerable object that caches enumerated results, or the original,
+ object if no caching is necessary to avoid additional CPU work.
+
+
+ This is designed for use on the results of generator methods (the ones with yield return in them)
+ so that only those elements in the sequence that are needed are ever generated, while not requiring
+ regeneration of elements that are enumerated over multiple times.
+ This can be a huge performance gain if enumerating multiple times over an expensive generator method.
+ Some enumerable types such as collections, lists, and already-cached generators do not require
+ any (additional) caching, and this method will simply return those objects rather than caching them
+ to avoid double-caching.
+
+
+
+
+ A wrapper for types and returns a caching
+ from its method.
+
+ The type of element in the sequence.
+
+
+
+ The results from enumeration of the live object that have been collected thus far.
+
+
+
+
+ The original generator method or other enumerable object whose contents should only be enumerated once.
+
+
+
+
+ The enumerator we're using over the generator method's results.
+
+
+
+
+ The sync object our caching enumerators use when adding a new live generator method result to the cache.
+
+
+ Although individual enumerators are not thread-safe, this should be
+ thread safe so that multiple enumerators can be created from it and used from different threads.
+
+
+
+
+ Initializes a new instance of the EnumerableCache class.
+
+ The generator.
+
+
+
+ Returns an enumerator that iterates through the collection.
+
+
+ A that can be used to iterate through the collection.
+
+
+
+
+ Returns an enumerator that iterates through a collection.
+
+
+ An object that can be used to iterate through the collection.
+
+
+
+
+ An enumerator that uses cached enumeration results whenever they are available,
+ and caches whatever results it has to pull from the original object.
+
+
+
+
+ The parent enumeration wrapper class that stores the cached results.
+
+
+
+
+ The position of this enumerator in the cached list.
+
+
+
+
+ Initializes a new instance of the EnumeratorCache class.
+
+ The parent cached enumerable whose GetEnumerator method is calling this constructor.
+
+
+
+ Performs application-defined tasks associated with freeing, releasing, or resetting unmanaged resources.
+
+
+
+
+ Advances the enumerator to the next element of the collection.
+
+
+ true if the enumerator was successfully advanced to the next element; false if the enumerator has passed the end of the collection.
+
+
+ The collection was modified after the enumerator was created.
+
+
+
+
+ Sets the enumerator to its initial position, which is before the first element in the collection.
+
+
+ The collection was modified after the enumerator was created.
+
+
+
+
+ Releases unmanaged and - optionally - managed resources
+
+ true to release both managed and unmanaged resources; false to release only unmanaged resources.
+
+
+
+ Gets the element in the collection at the current position of the enumerator.
+
+
+ The element in the collection at the current position of the enumerator.
+
+
+
+
+ Gets the element in the collection at the current position of the enumerator.
+
+
+ The element in the collection at the current position of the enumerator.
+
+
+
+
+ An exception to call out a configuration or runtime failure on the part of the
+ (web) application that is hosting this library.
+
+
+ This exception is used rather than for those errors
+ that should never be caught because they indicate a major error in the app itself
+ or its configuration.
+ It is an internal exception to assist in making it uncatchable.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The message.
+
+
+
+ Initializes a new instance of the class.
+
+ The message.
+ The inner exception.
+
+
+
+ Initializes a new instance of the class.
+
+ The that holds the serialized object data about the exception being thrown.
+ The that contains contextual information about the source or destination.
+
+ The parameter is null.
+
+
+ The class name is null or is zero (0).
+
+
+
+
+ An interface that allows direct response messages to specify
+ HTTP transport specific properties.
+
+
+
+
+ Gets the HTTP status code that the direct response should be sent with.
+
+
+
+
+ Gets the HTTP headers to add to the response.
+
+ May be an empty collection, but must not be null.
+
+
+
+ An interface that extension messages must implement.
+
+
+
+
+ Contract class for the interface.
+
+
+
+
+ Gets the HTTP status code that the direct response should be sent with.
+
+
+
+
+
+ Gets the HTTP headers to add to the response.
+
+ May be an empty collection, but must not be null.
+
+
+
+ Code contract for the interface.
+
+
+
+
+ Prevents a default instance of the class from being created.
+
+
+
+
+ Checks the message state for conformity to the protocol specification
+ and throws an exception if the message is invalid.
+
+
+ Some messages have required fields, or combinations of fields that must relate to each other
+ in specialized ways. After deserializing a message, this method checks the state of the
+ message to see if it conforms to the protocol.
+ Note that this property should not check signatures or perform any state checks
+ outside this scope of this particular message.
+
+ Thrown if the message is invalid.
+
+
+
+ Gets the version of the protocol or extension this message is prepared to implement.
+
+
+
+
+ Gets the extra, non-standard Protocol parameters included in the message.
+
+
+
+ Implementations of this interface should ensure that this property never returns null.
+
+
+
+
+ Undirected messages that serve as direct responses to direct requests.
+
+
+
+
+ The interface that classes must implement to be serialized/deserialized
+ as protocol messages.
+
+
+
+
+ Gets the level of protection this message requires.
+
+
+
+
+ Gets a value indicating whether this is a direct or indirect message.
+
+
+
+
+ Gets the originating request message that caused this response to be formed.
+
+
+
+
+ An empty dictionary. Useful for avoiding memory allocations in creating new dictionaries to represent empty ones.
+
+ The type of the key.
+ The type of the value.
+
+
+
+ The singleton instance of the empty dictionary.
+
+
+
+
+ Prevents a default instance of the EmptyDictionary class from being created.
+
+
+
+
+ Adds an element with the provided key and value to the .
+
+ The object to use as the key of the element to add.
+ The object to use as the value of the element to add.
+
+ is null.
+
+
+ An element with the same key already exists in the .
+
+
+ The is read-only.
+
+
+
+
+ Determines whether the contains an element with the specified key.
+
+ The key to locate in the .
+
+ true if the contains an element with the key; otherwise, false.
+
+
+ is null.
+
+
+
+
+ Removes the element with the specified key from the .
+
+ The key of the element to remove.
+
+ true if the element is successfully removed; otherwise, false. This method also returns false if was not found in the original .
+
+
+ is null.
+
+
+ The is read-only.
+
+
+
+
+ Gets the value associated with the specified key.
+
+ The key whose value to get.
+ When this method returns, the value associated with the specified key, if the key is found; otherwise, the default value for the type of the parameter. This parameter is passed uninitialized.
+
+ true if the object that implements contains an element with the specified key; otherwise, false.
+
+
+ is null.
+
+
+
+
+ Adds an item to the .
+
+ The object to add to the .
+
+ The is read-only.
+
+
+
+
+ Removes all items from the .
+
+
+ The is read-only.
+
+
+
+
+ Determines whether the contains a specific value.
+
+ The object to locate in the .
+
+ true if is found in the ; otherwise, false.
+
+
+
+
+ Copies the elements of the to an , starting at a particular index.
+
+ The one-dimensional that is the destination of the elements copied from . The must have zero-based indexing.
+ The zero-based index in at which copying begins.
+
+ is null.
+
+
+ is less than 0.
+
+
+ is multidimensional.
+ -or-
+ is equal to or greater than the length of .
+ -or-
+ The number of elements in the source is greater than the available space from to the end of the destination .
+ -or-
+ Type cannot be cast automatically to the type of the destination .
+
+
+
+
+ Removes the first occurrence of a specific object from the .
+
+ The object to remove from the .
+
+ true if was successfully removed from the ; otherwise, false. This method also returns false if is not found in the original .
+
+
+ The is read-only.
+
+
+
+
+ Returns an enumerator that iterates through the collection.
+
+
+ A that can be used to iterate through the collection.
+
+
+
+
+ Returns an enumerator that iterates through a collection.
+
+
+ An object that can be used to iterate through the collection.
+
+
+
+
+ Gets an containing the values in the .
+
+
+
+ An containing the values in the object that implements .
+
+
+
+
+ Gets the number of elements contained in the .
+
+
+
+ The number of elements contained in the .
+
+
+
+
+ Gets a value indicating whether the is read-only.
+
+
+ true if the is read-only; otherwise, false.
+
+
+
+
+ Gets an containing the keys of the .
+
+
+
+ An containing the keys of the object that implements .
+
+
+
+
+ Gets or sets the value with the specified key.
+
+ The key being read or written.
+ Nothing. It always throws.
+
+
+
+ An enumerator that always generates zero elements.
+
+
+
+
+ The singleton instance of this empty enumerator.
+
+
+
+
+ Prevents a default instance of the class from being created.
+
+
+
+
+ Advances the enumerator to the next element of the collection.
+
+
+ true if the enumerator was successfully advanced to the next element; false if the enumerator has passed the end of the collection.
+
+
+ The collection was modified after the enumerator was created.
+
+
+
+
+ Sets the enumerator to its initial position, which is before the first element in the collection.
+
+
+ The collection was modified after the enumerator was created.
+
+
+
+
+ Gets the current element in the collection.
+
+
+
+ The current element in the collection.
+
+
+ The enumerator is positioned before the first element of the collection or after the last element.
+
+
+
+
+ An empty, read-only list.
+
+ The type the list claims to include.
+
+
+
+ The singleton instance of the empty list.
+
+
+
+
+ Prevents a default instance of the EmptyList class from being created.
+
+
+
+
+ Determines the index of a specific item in the .
+
+ The object to locate in the .
+
+ The index of if found in the list; otherwise, -1.
+
+
+
+
+ Inserts an item to the at the specified index.
+
+ The zero-based index at which should be inserted.
+ The object to insert into the .
+
+ is not a valid index in the .
+
+
+ The is read-only.
+
+
+
+
+ Removes the item at the specified index.
+
+ The zero-based index of the item to remove.
+
+ is not a valid index in the .
+
+
+ The is read-only.
+
+
+
+
+ Adds an item to the .
+
+ The object to add to the .
+
+ The is read-only.
+
+
+
+
+ Removes all items from the .
+
+
+ The is read-only.
+
+
+
+
+ Determines whether the contains a specific value.
+
+ The object to locate in the .
+
+ true if is found in the ; otherwise, false.
+
+
+
+
+ Copies the elements of the to an , starting at a particular index.
+
+ The one-dimensional that is the destination of the elements copied from . The must have zero-based indexing.
+ The zero-based index in at which copying begins.
+
+ is null.
+
+
+ is less than 0.
+
+
+ is multidimensional.
+ -or-
+ is equal to or greater than the length of .
+ -or-
+ The number of elements in the source is greater than the available space from to the end of the destination .
+ -or-
+ Type cannot be cast automatically to the type of the destination .
+
+
+
+
+ Removes the first occurrence of a specific object from the .
+
+ The object to remove from the .
+
+ true if was successfully removed from the ; otherwise, false. This method also returns false if is not found in the original .
+
+
+ The is read-only.
+
+
+
+
+ Returns an enumerator that iterates through the collection.
+
+
+ A that can be used to iterate through the collection.
+
+
+
+
+ Returns an enumerator that iterates through a collection.
+
+
+ An object that can be used to iterate through the collection.
+
+
+
+
+ Gets the number of elements contained in the .
+
+
+
+ The number of elements contained in the .
+
+
+
+
+ Gets a value indicating whether the is read-only.
+
+
+ true if the is read-only; otherwise, false.
+
+
+
+
+ Gets or sets the at the specified index.
+
+ The index of the element in the list to change.
+ Nothing. It always throws.
+
+
+
+ A collection of error checking and reporting methods.
+
+
+
+
+ Wraps an exception in a new .
+
+ The inner exception to wrap.
+ The error message for the outer exception.
+ The string formatting arguments, if any.
+ The newly constructed (unthrown) exception.
+
+
+
+ Throws an internal error exception.
+
+ The error message.
+ Nothing. But included here so callers can "throw" this method for C# safety.
+ Always thrown.
+
+
+
+ Checks a condition and throws an internal error exception if it evaluates to false.
+
+ The condition to check.
+ The message to include in the exception, if created.
+ Thrown if evaluates to false.
+
+
+
+ Checks a condition and throws an internal error exception if it evaluates to false.
+
+ The condition to check.
+ The message to include in the exception, if created.
+ The formatting arguments.
+ Thrown if evaluates to false.
+
+
+
+ Checks a condition and throws an if it evaluates to false.
+
+ The condition to check.
+ The message to include in the exception, if created.
+ Thrown if evaluates to false.
+
+
+
+ Checks a condition and throws a if it evaluates to false.
+
+ The condition to check.
+ The message to include in the exception, if created.
+ Thrown if evaluates to false.
+
+
+
+ Checks a condition and throws a if it evaluates to false.
+
+ The condition to check.
+ The message to include in the exception, if created.
+ The string formatting arguments for .
+ Thrown if evaluates to false.
+
+
+
+ Checks a condition and throws an if it evaluates to false.
+
+ The condition to check.
+ The message to include in the exception, if created.
+ The formatting arguments.
+ Thrown if evaluates to false.
+
+
+
+ Throws a if some evaluates to false.
+
+ True to do nothing; false to throw the exception.
+ The error message for the exception.
+ The string formatting arguments, if any.
+ Thrown if evaluates to false.
+
+
+
+ Throws a if some evaluates to false.
+
+ True to do nothing; false to throw the exception.
+ The message being processed that would be responsible for the exception if thrown.
+ The error message for the exception.
+ The string formatting arguments, if any.
+ Thrown if evaluates to false.
+
+
+
+ Throws a if some evaluates to false.
+
+ True to do nothing; false to throw the exception.
+ The error message for the exception.
+ The string formatting arguments, if any.
+ Thrown if evaluates to false.
+
+
+
+ Throws a .
+
+ The message to set in the exception.
+ The formatting arguments of the message.
+
+ An InternalErrorException, which may be "thrown" by the caller in order
+ to satisfy C# rules to show that code will never be reached, but no value
+ actually is ever returned because this method guarantees to throw.
+
+ Always thrown.
+
+
+
+ Throws a .
+
+ The message for the exception.
+ The string formatting arguments for .
+ Nothing. It's just here so the caller can throw this method for C# compilation check.
+
+
+
+ Throws a if some condition is false.
+
+ The expression to evaluate. A value of false will cause the exception to be thrown.
+ The message for the exception.
+ The string formatting arguments for .
+ Thrown when is false.
+
+
+
+ Verifies something about the argument supplied to a method.
+
+ The condition that must evaluate to true to avoid an exception.
+ The message to use in the exception if the condition is false.
+ The string formatting arguments, if any.
+ Thrown if evaluates to false.
+
+
+
+ Throws an .
+
+ Name of the parameter.
+ The message to use in the exception if the condition is false.
+ The string formatting arguments, if any.
+ Never returns anything. It always throws.
+
+
+
+ Verifies something about the argument supplied to a method.
+
+ The condition that must evaluate to true to avoid an exception.
+ Name of the parameter.
+ The message to use in the exception if the condition is false.
+ The string formatting arguments, if any.
+ Thrown if evaluates to false.
+
+
+
+ Verifies that some given value is not null.
+
+ The value to check.
+ Name of the parameter, which will be used in the , if thrown.
+ Thrown if is null.
+
+
+
+ Verifies that some string is not null and has non-zero length.
+
+ The value to check.
+ Name of the parameter, which will be used in the , if thrown.
+ Thrown if is null.
+ Thrown if has zero length.
+
+
+
+ Verifies that != null.
+
+ Thrown if == null
+
+
+
+ Obtains a value from the dictionary if possible, or throws a if it's missing.
+
+ The type of key in the dictionary.
+ The type of value in the dictionary.
+ The dictionary.
+ The key to use to look up the value.
+ The message to claim is invalid if the key cannot be found.
+ The value for the given key.
+
+
+
+ An interface that messages wishing to perform custom serialization/deserialization
+ may implement to be notified of events.
+
+
+
+
+ Called when the message is about to be transmitted,
+ before it passes through the channel binding elements.
+
+
+
+
+ Called when the message has been received,
+ after it passes through the channel binding elements.
+
+
+
+
+ Code contract for the class.
+
+
+
+
+ Creates a text reader for the response stream.
+
+
+ The text reader, initialized for the proper encoding.
+
+
+
+
+ Gets an offline snapshot version of this instance.
+
+ The maximum bytes from the response stream to cache.
+ A snapshot version of this instance.
+
+ If this instance is a creating a snapshot
+ will automatically close and dispose of the underlying response stream.
+ If this instance is a , the result will
+ be the self same instance.
+
+
+
+
+ Gets the body of the HTTP response.
+
+
+
+
+
+ A protocol message that supports adding extensions to the payload for transmission.
+
+
+
+
+ Gets the list of extensions that are included with this message.
+
+
+ Implementations of this interface should ensure that this property never returns null.
+
+
+
+
+ Code contract for the interface.
+
+
+
+
+ Prevents a default instance of the class from being created.
+
+
+
+
+ Checks the message state for conformity to the protocol specification
+ and throws an exception if the message is invalid.
+
+
+ Some messages have required fields, or combinations of fields that must relate to each other
+ in specialized ways. After deserializing a message, this method checks the state of the
+ message to see if it conforms to the protocol.
+ Note that this property should not check signatures or perform any state checks
+ outside this scope of this particular message.
+
+ Thrown if the message is invalid.
+
+
+
+ Gets the list of extensions that are included with this message.
+
+
+ Implementations of this interface should ensure that this property never returns null.
+
+
+
+
+ Gets the level of protection this message requires.
+
+
+
+
+ Gets a value indicating whether this is a direct or indirect message.
+
+
+
+
+ Gets the version of the protocol or extension this message is prepared to implement.
+
+
+ Implementations of this interface should ensure that this property never returns null.
+
+
+
+
+ Gets the extra, non-standard Protocol parameters included in the message.
+
+
+ Implementations of this interface should ensure that this property never returns null.
+
+
+
+
+ An internal exception to throw if an internal error within the library requires
+ an abort of the operation.
+
+
+ This exception is internal to prevent clients of the library from catching what is
+ really an unexpected, potentially unrecoverable exception.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The message.
+
+
+
+ Initializes a new instance of the class.
+
+ The message.
+ The inner exception.
+
+
+
+ Initializes a new instance of the class.
+
+ The that holds the serialized object data about the exception being thrown.
+ The that contains contextual information about the source or destination.
+
+ The parameter is null.
+
+
+ The class name is null or is zero (0).
+
+
+
+
+ An interface implemented by -derived types that support binary serialization.
+
+
+
+
+ Serializes the instance to the specified stream.
+
+ The stream.
+
+
+
+ Initializes the fields on this instance from the specified stream.
+
+ The stream.
+
+
+
+ Code Contract for the interface.
+
+
+
+
+ Serializes the instance to the specified stream.
+
+ The stream.
+
+
+
+ Initializes the fields on this instance from the specified stream.
+
+ The stream.
+
+
+
+ A KeyedCollection whose item -> key transform is provided via a delegate
+ to its constructor, and null items are disallowed.
+
+ The type of the key.
+ The type of the item.
+
+
+
+ The delegate that returns a key for the given item.
+
+
+
+
+ Initializes a new instance of the KeyedCollectionDelegate class.
+
+ The delegate that gets the key for a given item.
+
+
+
+ When implemented in a derived class, extracts the key from the specified element.
+
+ The element from which to extract the key.
+ The key for the specified element.
+
+
+
+ Represents a single part in a HTTP multipart POST request.
+
+
+
+
+ The "Content-Disposition" string.
+
+
+
+
+ The two-character \r\n newline character sequence to use.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The content disposition of the part.
+
+
+
+ Creates a part that represents a simple form field.
+
+ The name of the form field.
+ The value.
+ The constructed part.
+
+
+
+ Creates a part that represents a file attachment.
+
+ The name of the form field.
+ The path to the file to send.
+ Type of the content in HTTP Content-Type format.
+ The constructed part.
+
+
+
+ Creates a part that represents a file attachment.
+
+ The name of the form field.
+ Name of the file as the server should see it.
+ Type of the content in HTTP Content-Type format.
+ The content of the file.
+ The constructed part.
+
+
+
+ Performs application-defined tasks associated with freeing, releasing, or resetting unmanaged resources.
+
+
+
+
+ Serializes the part to a stream.
+
+ The stream writer.
+
+
+
+ Releases unmanaged and - optionally - managed resources
+
+ true to release both managed and unmanaged resources; false to release only unmanaged resources.
+
+
+
+ Gets or sets the content disposition.
+
+ The content disposition.
+
+
+
+ Gets the key=value attributes that appear on the same line as the Content-Disposition.
+
+ The content attributes.
+
+
+
+ Gets the headers that appear on subsequent lines after the Content-Disposition.
+
+
+
+
+ Gets or sets the content of the part.
+
+
+
+
+ Gets the length of this entire part.
+
+ Useful for calculating the ContentLength HTTP header to send before actually serializing the content.
+
+
+
+ A live network HTTP response
+
+
+
+
+ The network response object, used to initialize this instance, that still needs
+ to be closed if applicable.
+
+
+
+
+ The incoming network response stream.
+
+
+
+
+ A value indicating whether a stream reader has already been
+ created on this instance.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The request URI.
+ The response.
+
+
+
+ Creates a text reader for the response stream.
+
+ The text reader, initialized for the proper encoding.
+
+
+
+ Gets an offline snapshot version of this instance.
+
+ The maximum bytes from the response stream to cache.
+ A snapshot version of this instance.
+
+ If this instance is a creating a snapshot
+ will automatically close and dispose of the underlying response stream.
+ If this instance is a , the result will
+ be the self same instance.
+
+
+
+
+ Releases unmanaged and - optionally - managed resources
+
+ true to release both managed and unmanaged resources; false to release only unmanaged resources.
+
+
+
+ Gets the body of the HTTP response.
+
+
+
+
+ An ASP.NET MVC structure to represent the response to send
+ to the user agent when the controller has finished its work.
+
+
+
+
+ The outgoing web response to send when the ActionResult is executed.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The response.
+
+
+
+ Enables processing of the result of an action method by a custom type that inherits from .
+
+ The context in which to set the response.
+
+
+
+ An exception to represent errors in the local or remote implementation of the protocol
+ that includes the response message that should be returned to the HTTP client to comply
+ with the protocol specification.
+
+
+
+
+ An exception to represent errors in the local or remote implementation of the protocol.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Initializes a new instance of the class.
+
+ A message describing the specific error the occurred or was detected.
+
+
+
+ Initializes a new instance of the class.
+
+ A message describing the specific error the occurred or was detected.
+ The inner exception to include.
+
+
+
+ Initializes a new instance of the class
+ such that it can be sent as a protocol message response to a remote caller.
+
+ The human-readable exception message.
+ The message that was the cause of the exception. May be null.
+ The inner exception to include.
+
+
+
+ Initializes a new instance of the class.
+
+ The
+ that holds the serialized object data about the exception being thrown.
+ The System.Runtime.Serialization.StreamingContext
+ that contains contextual information about the source or destination.
+
+
+
+ Gets the message that caused the exception.
+
+
+
+
+ The channel that produced the error response message, to be used in constructing the actual HTTP response.
+
+
+
+
+ Initializes a new instance of the class
+ such that it can be sent as a protocol message response to a remote caller.
+
+ The channel to use when encoding the response message.
+ The message to send back to the HTTP client.
+ The message that was the cause of the exception. May be null.
+ The inner exception.
+ The message for the exception.
+
+
+
+ Initializes a new instance of the class.
+
+ The
+ that holds the serialized object data about the exception being thrown.
+ The System.Runtime.Serialization.StreamingContext
+ that contains contextual information about the source or destination.
+
+
+
+ Creates the HTTP response to forward to the client to report the error.
+
+ The HTTP response.
+
+
+
+ Gets the protocol message to send back to the client to report the error.
+
+
+
+
+ Code contract for the type.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Encodes the specified value.
+
+ The value. Guaranteed to never be null.
+
+ The in string form, ready for message transport.
+
+
+
+
+ Decodes the specified value.
+
+ The string value carried by the transport. Guaranteed to never be null, although it may be empty.
+
+ The deserialized form of the given string.
+
+ Thrown when the string value given cannot be decoded into the required object type.
+
+
+
+ An interface describing how various objects can be serialized and deserialized between their object and string forms.
+
+
+ Implementations of this interface must include a default constructor and must be thread-safe.
+
+
+
+
+ Gets the type of the encoded values produced by this encoder, as they would appear in their preferred form.
+
+
+
+
+ A message part encoder that has a special encoding for a null value.
+
+
+
+
+ Gets the string representation to include in a serialized message
+ when the message part has a null value.
+
+
+
+
+ An interface describing how various objects can be serialized and deserialized between their object and string forms.
+
+
+ Implementations of this interface must include a default constructor and must be thread-safe.
+
+
+
+
+ Encodes the specified value as the original value that was formerly decoded.
+
+ The value. Guaranteed to never be null.
+ The in string form, ready for message transport.
+
+
+
+ A cache of instances.
+
+
+
+
+ A dictionary of reflected message types and the generated reflection information.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Returns an enumerator that iterates through a collection.
+
+
+ An object that can be used to iterate through the collection.
+
+
+
+
+ Returns an enumerator that iterates through a collection.
+
+
+ An object that can be used to iterate through the collection.
+
+
+
+
+ Gets a instance prepared for the
+ given message type.
+
+ A type that implements .
+ The protocol version of the message.
+ A instance.
+
+
+
+ Gets a instance prepared for the
+ given message type.
+
+ The message for which a should be obtained.
+
+ A instance.
+
+
+
+
+ Gets the dictionary that provides read/write access to a message.
+
+ The message.
+ The dictionary.
+
+
+
+ Gets the dictionary that provides read/write access to a message.
+
+ The message.
+ A value indicating whether this message dictionary will retrieve original values instead of normalized ones.
+ The dictionary.
+
+
+
+ A struct used as the key to bundle message type and version.
+
+
+
+
+ Backing store for the property.
+
+
+
+
+ Backing store for the property.
+
+
+
+
+ Initializes a new instance of the struct.
+
+ Type of the message.
+ The message version.
+
+
+
+ Implements the operator ==.
+
+ The first object to compare.
+ The second object to compare.
+ The result of the operator.
+
+
+
+ Implements the operator !=.
+
+ The first object to compare.
+ The second object to compare.
+ The result of the operator.
+
+
+
+ Indicates whether this instance and a specified object are equal.
+
+ Another object to compare to.
+
+ true if and this instance are the same type and represent the same value; otherwise, false.
+
+
+
+
+ Returns the hash code for this instance.
+
+
+ A 32-bit signed integer that is the hash code for this instance.
+
+
+
+
+ Gets the message type.
+
+
+
+
+ Gets the message version.
+
+
+
+
+ Allows a custom class or struct to be serializable between itself and a string representation.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The implementing type to use for serializing this type.
+
+
+
+ Gets the default encoder to use for the declaring class.
+
+
+
+
+ A message factory that automatically selects the message type based on the incoming data.
+
+
+
+
+ A tool to analyze an incoming message to figure out what concrete class
+ is designed to deserialize it and instantiates that class.
+
+
+
+
+ Analyzes an incoming request message payload to discover what kind of
+ message is embedded in it and returns the type, or null if no match is found.
+
+ The intended or actual recipient of the request message.
+ The name/value pairs that make up the message payload.
+
+ A newly instantiated -derived object that this message can
+ deserialize to. Null if the request isn't recognized as a valid protocol message.
+
+
+
+
+ Analyzes an incoming request message payload to discover what kind of
+ message is embedded in it and returns the type, or null if no match is found.
+
+
+ The message that was sent as a request that resulted in the response.
+
+ The name/value pairs that make up the message payload.
+
+ A newly instantiated -derived object that this message can
+ deserialize to. Null if the request isn't recognized as a valid protocol message.
+
+
+
+
+ The request message types and their constructors to use for instantiating the messages.
+
+
+
+
+ The response message types and their constructors to use for instantiating the messages.
+
+
+ The value is a dictionary, whose key is the type of the constructor's lone parameter.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Adds message types to the set that this factory can create.
+
+ The message types that this factory may instantiate.
+
+
+
+ Analyzes an incoming request message payload to discover what kind of
+ message is embedded in it and returns the type, or null if no match is found.
+
+ The intended or actual recipient of the request message.
+ The name/value pairs that make up the message payload.
+
+ A newly instantiated -derived object that this message can
+ deserialize to. Null if the request isn't recognized as a valid protocol message.
+
+
+
+
+ Analyzes an incoming request message payload to discover what kind of
+ message is embedded in it and returns the type, or null if no match is found.
+
+ The message that was sent as a request that resulted in the response.
+ The name/value pairs that make up the message payload.
+
+ A newly instantiated -derived object that this message can
+ deserialize to. Null if the request isn't recognized as a valid protocol message.
+
+
+
+
+ Gets the message type that best fits the given incoming request data.
+
+ The recipient of the incoming data. Typically not used, but included just in case.
+ The data of the incoming message.
+
+ The message type that matches the incoming data; or null if no match.
+
+ May be thrown if the incoming data is ambiguous.
+
+
+
+ Gets the message type that best fits the given incoming direct response data.
+
+ The request message that prompted the response data.
+ The data of the incoming message.
+
+ The message type that matches the incoming data; or null if no match.
+
+ May be thrown if the incoming data is ambiguous.
+
+
+
+ Instantiates the given request message type.
+
+ The message description.
+ The recipient.
+ The instantiated message. Never null.
+
+
+
+ Instantiates the given request message type.
+
+ The message description.
+ The request that resulted in this response.
+ The instantiated message. Never null.
+
+
+
+ Gets the hierarchical distance between a type and a type it derives from or implements.
+
+ The base type or interface.
+ The concrete class that implements the .
+ The distance between the two types. 0 if the types are equivalent, 1 if the type immediately derives from or implements the base type, or progressively higher integers.
+
+
+
+ Counts how many strings are in the intersection of two collections.
+
+ The first collection.
+ The second collection.
+ The string comparison method to use.
+ A non-negative integer no greater than the count of elements in the smallest collection.
+
+
+
+ Finds constructors for response messages that take a given request message type.
+
+ The message description.
+ Type of the request message.
+ A sequence of matching constructors.
+
+
+
+ Contract class for the IDataBagFormatter interface.
+
+ The type of DataBag to serialize.
+
+
+
+ Prevents a default instance of the class from being created.
+
+
+
+
+ Serializes the specified message.
+
+ The message to serialize. Must not be null.
+ A non-null, non-empty value.
+
+
+
+ Deserializes a .
+
+ The instance to deserialize into
+ The serialized form of the to deserialize. Must not be null or empty.
+ The message that contains the serialized value. Must not be nulll.
+ Name of the message part whose value is to be deserialized. Used for exception messages.
+
+
+
+ A serializer for -derived types
+
+ The DataBag-derived type that is to be serialized/deserialized.
+
+
+
+ Initializes a new instance of the class.
+
+ The crypto service provider with the asymmetric key to use for signing or verifying the token.
+ The crypto service provider with the asymmetric key to use for encrypting or decrypting the token.
+ A value indicating whether the data in this instance will be GZip'd.
+ The maximum age of a token that can be decoded; useful only when is true.
+ The nonce store to use to ensure that this instance is only decoded once.
+
+
+
+ Initializes a new instance of the class.
+
+ The crypto key store used when signing or encrypting.
+ The bucket in which symmetric keys are stored for signing/encrypting data.
+ A value indicating whether the data in this instance will be protected against tampering.
+ A value indicating whether the data in this instance will be protected against eavesdropping.
+ A value indicating whether the data in this instance will be GZip'd.
+ The minimum age.
+ The maximum age of a token that can be decoded; useful only when is true.
+ The nonce store to use to ensure that this instance is only decoded once.
+
+
+
+ Serializes the instance to a buffer.
+
+ The message.
+ The buffer containing the serialized data.
+
+
+
+ Deserializes the instance from a buffer.
+
+ The message instance to initialize with data from the buffer.
+ The data buffer.
+
+
+
+ A channel that uses the standard message factory.
+
+
+
+
+ The message types receivable by this channel.
+
+
+
+
+ The protocol versions supported by this channel.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The message types that might be encountered.
+ All the possible message versions that might be encountered.
+
+ The binding elements to use in sending and receiving messages.
+ The order they are provided is used for outgoing messgaes, and reversed for incoming messages.
+
+
+
+
+ Generates all the message descriptions for a given set of message types and versions.
+
+ The message types.
+ The message versions.
+ The cache to use when obtaining the message descriptions.
+ The generated/retrieved message descriptions.
+
+
+
+ Gets or sets a tool that can figure out what kind of message is being received
+ so it can be deserialized.
+
+
+
+
+ Gets or sets the message descriptions.
+
+
+
+
+ Gets or sets a tool that can figure out what kind of message is being received
+ so it can be deserialized.
+
+
+
+
+ A collection of message parts that will be serialized into a single string,
+ to be set into a larger message.
+
+
+
+
+ The default version for DataBags.
+
+
+
+
+ The backing field for the property.
+
+
+
+
+ A dictionary to contain extra message data.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The DataBag version.
+
+
+
+ Checks the message state for conformity to the protocol specification
+ and throws an exception if the message is invalid.
+
+
+ Some messages have required fields, or combinations of fields that must relate to each other
+ in specialized ways. After deserializing a message, this method checks the state of the
+ message to see if it conforms to the protocol.
+ Note that this property should not check signatures or perform any state checks
+ outside this scope of this particular message.
+
+ Thrown if the message is invalid.
+
+
+
+ Checks the message state for conformity to the protocol specification
+ and throws an exception if the message is invalid.
+
+
+ Some messages have required fields, or combinations of fields that must relate to each other
+ in specialized ways. After deserializing a message, this method checks the state of the
+ message to see if it conforms to the protocol.
+ Note that this property should not check signatures or perform any state checks
+ outside this scope of this particular message.
+
+ Thrown if the message is invalid.
+
+
+
+ Gets the version of the protocol or extension this message is prepared to implement.
+
+
+ Implementations of this interface should ensure that this property never returns null.
+
+
+
+
+ Gets the extra, non-standard Protocol parameters included in the message.
+
+
+
+ Implementations of this interface should ensure that this property never returns null.
+
+
+
+
+ Gets or sets the nonce.
+
+ The nonce.
+
+
+
+ Gets or sets the UTC creation date of this token.
+
+ The UTC creation date.
+
+
+
+ Gets or sets the signature.
+
+ The signature.
+
+
+
+ Gets or sets the message that delivered this DataBag instance to this host.
+
+
+
+
+ Gets the type of this instance.
+
+ The type of the bag.
+
+ This ensures that one token cannot be misused as another kind of token.
+
+
+
+
+ Translates between a and the number of seconds between it and 1/1/1970 12 AM
+
+
+
+
+ The reference date and time for calculating time stamps.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Encodes the specified value.
+
+ The value. Guaranteed to never be null.
+
+ The in string form, ready for message transport.
+
+
+
+
+ Decodes the specified value.
+
+ The string value carried by the transport. Guaranteed to never be null, although it may be empty.
+
+ The deserialized form of the given string.
+
+ Thrown when the string value given cannot be decoded into the required object type.
+
+
+
+ The interface that classes must implement to be serialized/deserialized
+ as protocol or extension messages that uses POST multi-part data for binary content.
+
+
+
+
+ Implemented by messages that have explicit recipients
+ (direct requests and all indirect messages).
+
+
+
+
+ Gets the preferred method of transport for the message.
+
+
+ For indirect messages this will likely be GET+POST, which both can be simulated in the user agent:
+ the GET with a simple 301 Redirect, and the POST with an HTML form in the response with javascript
+ to automate submission.
+
+
+
+
+ Gets the URL of the intended receiver of this message.
+
+
+
+
+ Gets the parts of the message that carry binary data.
+
+ A list of parts. Never null.
+
+
+
+ Gets a value indicating whether this message should be sent as multi-part POST.
+
+
+
+
+ The contract class for the interface.
+
+
+
+
+ Prevents a default instance of the class from being created.
+
+
+
+
+ Checks the message state for conformity to the protocol specification
+ and throws an exception if the message is invalid.
+
+
+ Some messages have required fields, or combinations of fields that must relate to each other
+ in specialized ways. After deserializing a message, this method checks the state of the
+ message to see if it conforms to the protocol.
+ Note that this property should not check signatures or perform any state checks
+ outside this scope of this particular message.
+
+ Thrown if the message is invalid.
+
+
+
+ Gets the parts of the message that carry binary data.
+
+ A list of parts. Never null.
+
+
+
+ Gets a value indicating whether this message should be sent as multi-part POST.
+
+
+
+
+ Gets the version of the protocol or extension this message is prepared to implement.
+
+
+
+ Implementations of this interface should ensure that this property never returns null.
+
+
+
+
+ Gets the extra, non-standard Protocol parameters included in the message.
+
+
+
+ Implementations of this interface should ensure that this property never returns null.
+
+
+
+
+ Gets the preferred method of transport for the message.
+
+
+ For indirect messages this will likely be GET+POST, which both can be simulated in the user agent:
+ the GET with a simple 301 Redirect, and the POST with an HTML form in the response with javascript
+ to automate submission.
+
+
+
+
+ Gets the URL of the intended receiver of this message.
+
+
+
+
+ Gets the level of protection this message requires.
+
+
+
+
+ Gets a value indicating whether this is a direct or indirect message.
+
+
+
+
+ The data packet sent with Channel events.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The message behind the fired event..
+
+
+
+ Gets the message that caused the event to fire.
+
+
+
+
+ An in-memory nonce store. Useful for single-server web applications.
+ NOT for web farms.
+
+
+
+
+ Describes the contract a nonce store must fulfill.
+
+
+
+
+ Stores a given nonce and timestamp.
+
+ The context, or namespace, within which the
+ must be unique.
+ The context SHOULD be treated as case-sensitive.
+ The value will never be null but may be the empty string.
+ A series of random characters.
+ The UTC timestamp that together with the nonce string make it unique
+ within the given .
+ The timestamp may also be used by the data store to clear out old nonces.
+
+ True if the context+nonce+timestamp (combination) was not previously in the database.
+ False if the nonce was stored previously with the same timestamp and context.
+
+
+ The nonce must be stored for no less than the maximum time window a message may
+ be processed within before being discarded as an expired message.
+ This maximum message age can be looked up via the
+
+ property, accessible via the
+ property.
+
+
+
+
+ How frequently we should take time to clear out old nonces.
+
+
+
+
+ The maximum age a message can be before it is discarded.
+
+
+ This is useful for knowing how long used nonces must be retained.
+
+
+
+
+ A list of the consumed nonces.
+
+
+
+
+ A lock object used around accesses to the field.
+
+
+
+
+ Where we're currently at in our periodic nonce cleaning cycle.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The maximum age a message can be before it is discarded.
+
+
+
+ Stores a given nonce and timestamp.
+
+ The context, or namespace, within which the must be unique.
+ A series of random characters.
+ The timestamp that together with the nonce string make it unique.
+ The timestamp may also be used by the data store to clear out old nonces.
+
+ True if the nonce+timestamp (combination) was not previously in the database.
+ False if the nonce was stored previously with the same timestamp.
+
+
+ The nonce must be stored for no less than the maximum time window a message may
+ be processed within before being discarded as an expired message.
+ If the binding element is applicable to your channel, this expiration window
+ is retrieved or set using the
+ property.
+
+
+
+
+ Clears consumed nonces from the cache that are so old they would be
+ rejected if replayed because it is expired.
+
+
+
+
+ A contract for handling.
+
+
+ Implementations of this interface must be thread safe.
+
+
+
+
+ Determines whether this instance can support the specified options.
+
+ The set of options that might be given in a subsequent web request.
+
+ true if this instance can support the specified options; otherwise, false.
+
+
+
+
+ Prepares an that contains an POST entity for sending the entity.
+
+ The that should contain the entity.
+
+ The stream the caller should write out the entity data to.
+
+ Thrown for any network error.
+
+ The caller should have set the
+ and any other appropriate properties before calling this method.
+ Callers must close and dispose of the request stream when they are done
+ writing to it to avoid taking up the connection too long and causing long waits on
+ subsequent requests.
+ Implementations should catch and wrap it in a
+ to abstract away the transport and provide
+ a single exception type for hosts to catch.
+
+
+
+
+ Prepares an that contains an POST entity for sending the entity.
+
+ The that should contain the entity.
+ The options to apply to this web request.
+
+ The stream the caller should write out the entity data to.
+
+ Thrown for any network error.
+
+ The caller should have set the
+ and any other appropriate properties before calling this method.
+ Callers must close and dispose of the request stream when they are done
+ writing to it to avoid taking up the connection too long and causing long waits on
+ subsequent requests.
+ Implementations should catch and wrap it in a
+ to abstract away the transport and provide
+ a single exception type for hosts to catch.
+
+
+
+
+ Processes an and converts the
+ to a instance.
+
+ The to handle.
+ An instance of describing the response.
+ Thrown for any network error.
+
+ Implementations should catch and wrap it in a
+ to abstract away the transport and provide
+ a single exception type for hosts to catch. The
+ value, if set, should be Closed before throwing.
+
+
+
+
+ Processes an and converts the
+ to a instance.
+
+ The to handle.
+ The options to apply to this web request.
+ An instance of describing the response.
+ Thrown for any network error.
+
+ Implementations should catch and wrap it in a
+ to abstract away the transport and provide
+ a single exception type for hosts to catch. The
+ value, if set, should be Closed before throwing.
+
+
+
+
+ Code contract for the type.
+
+
+
+
+ Determines whether this instance can support the specified options.
+
+ The set of options that might be given in a subsequent web request.
+
+ true if this instance can support the specified options; otherwise, false.
+
+
+
+
+ Prepares an that contains an POST entity for sending the entity.
+
+ The that should contain the entity.
+
+ The stream the caller should write out the entity data to.
+
+ Thrown for any network error.
+
+ The caller should have set the
+ and any other appropriate properties before calling this method.
+ Callers must close and dispose of the request stream when they are done
+ writing to it to avoid taking up the connection too long and causing long waits on
+ subsequent requests.
+ Implementations should catch and wrap it in a
+ to abstract away the transport and provide
+ a single exception type for hosts to catch.
+
+
+
+
+ Prepares an that contains an POST entity for sending the entity.
+
+ The that should contain the entity.
+ The options to apply to this web request.
+
+ The stream the caller should write out the entity data to.
+
+ Thrown for any network error.
+
+ The caller should have set the
+ and any other appropriate properties before calling this method.
+ Callers must close and dispose of the request stream when they are done
+ writing to it to avoid taking up the connection too long and causing long waits on
+ subsequent requests.
+ Implementations should catch and wrap it in a
+ to abstract away the transport and provide
+ a single exception type for hosts to catch.
+
+
+
+
+ Processes an and converts the
+ to a instance.
+
+ The to handle.
+
+ An instance of describing the response.
+
+ Thrown for any network error.
+
+ Implementations should catch and wrap it in a
+ to abstract away the transport and provide
+ a single exception type for hosts to catch. The
+ value, if set, should be Closed before throwing.
+
+
+
+
+ Processes an and converts the
+ to a instance.
+
+ The to handle.
+ The options to apply to this web request.
+
+ An instance of describing the response.
+
+ Thrown for any network error.
+
+ Implementations should catch and wrap it in a
+ to abstract away the transport and provide
+ a single exception type for hosts to catch. The
+ value, if set, should be Closed before throwing.
+
+
+
+
+ A binding element that checks/verifies a nonce message part.
+
+
+
+
+ An interface that must be implemented by message transforms/validators in order
+ to be included in the channel stack.
+
+
+
+
+ Prepares a message for sending based on the rules of this channel binding element.
+
+ The message to prepare for sending.
+
+ The protections (if any) that this binding element applied to the message.
+ Null if this binding element did not even apply to this binding element.
+
+
+ Implementations that provide message protection must honor the
+ properties where applicable.
+
+
+
+
+ Performs any transformation on an incoming message that may be necessary and/or
+ validates an incoming message based on the rules of this channel binding element.
+
+ The incoming message to process.
+
+ The protections (if any) that this binding element applied to the message.
+ Null if this binding element did not even apply to this binding element.
+
+
+ Thrown when the binding element rules indicate that this message is invalid and should
+ NOT be processed.
+
+
+ Implementations that provide message protection must honor the
+ properties where applicable.
+
+
+
+
+ Gets or sets the channel that this binding element belongs to.
+
+
+ This property is set by the channel when it is first constructed.
+
+
+
+
+ Gets the protection commonly offered (if any) by this binding element.
+
+
+ This value is used to assist in sorting binding elements in the channel stack.
+
+
+
+
+ These are the characters that may be chosen from when forming a random nonce.
+
+
+
+
+ The persistent store for nonces received.
+
+
+
+
+ The length of generated nonces.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The store where nonces will be persisted and checked.
+
+
+
+ Initializes a new instance of the class.
+
+ The store where nonces will be persisted and checked.
+ A value indicating whether zero-length nonces will be allowed.
+
+
+
+ Applies a nonce to the message.
+
+ The message to apply replay protection to.
+
+ The protections (if any) that this binding element applied to the message.
+ Null if this binding element did not even apply to this binding element.
+
+
+
+
+ Verifies that the nonce in an incoming message has not been seen before.
+
+ The incoming message.
+
+ The protections (if any) that this binding element applied to the message.
+ Null if this binding element did not even apply to this binding element.
+
+ Thrown when the nonce check revealed a replayed message.
+
+
+
+ Generates a string of random characters for use as a nonce.
+
+ The nonce string.
+
+
+
+ Gets the protection that this binding element provides messages.
+
+
+
+
+ Gets or sets the channel that this binding element belongs to.
+
+
+
+
+ Gets or sets the strength of the nonce, which is measured by the number of
+ nonces that could theoretically be generated.
+
+
+ The strength of the nonce is equal to the number of characters that might appear
+ in the nonce to the power of the length of the nonce.
+
+
+
+
+ Gets or sets a value indicating whether empty nonces are allowed.
+
+ Default is false.
+
+
+
+ Applied to fields and properties that form a key/value in a protocol message.
+
+
+
+
+ The overridden name to use as the serialized name for the property.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+ A special name to give the value of this member in the serialized message.
+ When null or empty, the name of the member will be used in the serialized message.
+
+
+
+
+ Gets the name of the serialized form of this member in the message.
+
+
+
+
+ Gets or sets the level of protection required by this member in the serialized message.
+
+
+ Message part protection must be provided and verified by the channel binding element(s)
+ that provide security.
+
+
+
+
+ Gets or sets a value indicating whether this member is a required part of the serialized message.
+
+
+
+
+ Gets or sets a value indicating whether the string value is allowed to be empty in the serialized message.
+
+ Default is true.
+
+
+
+ Gets or sets an IMessagePartEncoder custom encoder to use
+ to translate the applied member to and from a string.
+
+
+
+
+ Gets or sets the minimum version of the protocol this attribute applies to
+ and overrides any attributes with lower values for this property.
+
+ Defaults to 0.0.
+
+
+
+ Gets or sets the maximum version of the protocol this attribute applies to.
+
+ Defaults to int.MaxValue for the major version number.
+
+ Specifying on another attribute on the same member
+ automatically turns this attribute off. This property should only be set when
+ a property is totally dropped from a newer version of the protocol.
+
+
+
+
+ Gets or sets a value indicating whether the value contained by this property contains
+ sensitive information that should generally not be logged.
+
+
+ true if this instance is security sensitive; otherwise, false.
+
+
+
+
+ Gets or sets the minimum version of the protocol this attribute applies to
+ and overrides any attributes with lower values for this property.
+
+ Defaults to 0.0.
+
+
+
+ Gets or sets the maximum version of the protocol this attribute applies to.
+
+ Defaults to int.MaxValue for the major version number.
+
+ Specifying on another attribute on the same member
+ automatically turns this attribute off. This property should only be set when
+ a property is totally dropped from a newer version of the protocol.
+
+
+
+
+ Categorizes the various types of channel binding elements so they can be properly ordered.
+
+
+ The order of these enum values is significant.
+ Each successive value requires the protection offered by all the previous values
+ in order to be reliable. For example, message expiration is meaningless without
+ tamper protection to prevent a user from changing the timestamp on a message.
+
+
+
+
+ No protection.
+
+
+
+
+ A binding element that signs a message before sending and validates its signature upon receiving.
+
+
+
+
+ A binding element that enforces a maximum message age between sending and processing on the receiving side.
+
+
+
+
+ A binding element that prepares messages for replay detection and detects replayed messages on the receiving side.
+
+
+
+
+ All forms of protection together.
+
+
+
+
+ Code Contract for the interface.
+
+
+
+
+ Prevents a default instance of the class from being created.
+
+
+
+
+ Prepares a message for sending based on the rules of this channel binding element.
+
+ The message to prepare for sending.
+
+ The protections (if any) that this binding element applied to the message.
+ Null if this binding element did not even apply to this binding element.
+
+
+ Implementations that provide message protection must honor the
+ properties where applicable.
+
+
+
+
+ Performs any transformation on an incoming message that may be necessary and/or
+ validates an incoming message based on the rules of this channel binding element.
+
+ The incoming message to process.
+
+ The protections (if any) that this binding element applied to the message.
+ Null if this binding element did not even apply to this binding element.
+
+
+ Thrown when the binding element rules indicate that this message is invalid and should
+ NOT be processed.
+
+
+ Implementations that provide message protection must honor the
+ properties where applicable.
+
+
+
+
+ Gets or sets the channel that this binding element belongs to.
+
+
+
+ This property is set by the channel when it is first constructed.
+
+
+
+
+ Gets the protection commonly offered (if any) by this binding element.
+
+
+
+ This value is used to assist in sorting binding elements in the channel stack.
+
+
+
+
+ An exception thrown when a message is received for the second time, signalling a possible
+ replay attack.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The replayed message.
+
+
+
+ Initializes a new instance of the class.
+
+ The
+ that holds the serialized object data about the exception being thrown.
+ The System.Runtime.Serialization.StreamingContext
+ that contains contextual information about the source or destination.
+
+
+
+ An exception thrown when a message is received that exceeds the maximum message age limit.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The date the message expired.
+ The expired message.
+
+
+
+ Initializes a new instance of the class.
+
+ The
+ that holds the serialized object data about the exception being thrown.
+ The System.Runtime.Serialization.StreamingContext
+ that contains contextual information about the source or destination.
+
+
+
+ An exception thrown when a signed message does not pass signature validation.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The message with the invalid signature.
+
+
+
+ Initializes a new instance of the class.
+
+ The
+ that holds the serialized object data about the exception being thrown.
+ The System.Runtime.Serialization.StreamingContext
+ that contains contextual information about the source or destination.
+
+
+
+ The contract a message that has an allowable time window for processing must implement.
+
+
+ All replay-protected messages must also be set to expire so the nonces do not have
+ to be stored indefinitely.
+
+
+
+
+ The contract a message that has an allowable time window for processing must implement.
+
+
+ All expiring messages must also be signed to prevent tampering with the creation date.
+
+
+
+
+ Gets or sets the UTC date/time the message was originally sent onto the network.
+
+
+ The property setter should ensure a UTC date/time,
+ and throw an exception if this is not possible.
+
+
+ Thrown when a DateTime that cannot be converted to UTC is set.
+
+
+
+
+ Gets the context within which the nonce must be unique.
+
+
+ The value of this property must be a value assigned by the nonce consumer
+ to represent the entity that generated the nonce. The value must never be
+ null but may be the empty string.
+ This value is treated as case-sensitive.
+
+
+
+
+ Gets or sets the nonce that will protect the message from replay attacks.
+
+
+
+
+ A property store of details of an incoming HTTP request.
+
+
+ This serves a very similar purpose to , except that
+ ASP.NET does not let us fully initialize that class, so we have to write one
+ of our one.
+
+
+
+
+ The HTTP verb in the request.
+
+
+
+
+ The full request URL.
+
+
+
+
+ The HTTP headers.
+
+
+
+
+ The variables defined in the query part of the URL.
+
+
+
+
+ The POSTed form variables.
+
+
+
+
+ The server variables collection.
+
+
+
+
+ The backing field for the property.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The request.
+ The request URI.
+
+
+
+ Initializes a new instance of the class.
+
+ The HTTP method.
+ The request URI.
+ The form variables.
+ The HTTP headers.
+ The cookies in the request.
+
+
+
+ Initializes a new instance of the class.
+
+ Details on the incoming HTTP request.
+
+
+
+ Initializes a new instance of the class.
+
+ The request.
+
+
+
+ Initializes a new instance of the class.
+
+ The HTTP method.
+ The request URI.
+ The headers.
+ The input stream.
+
+
+
+ Creates an instance that describes the specified HTTP request.
+
+ The request.
+ The request URI.
+ An instance of .
+
+
+
+ Creates an instance that describes the specified HTTP request.
+
+ The listener request.
+ An instance of .
+
+
+
+ Creates an instance that describes the specified HTTP request.
+
+ The HTTP request.
+ An instance of .
+
+
+
+ Creates an instance that describes the specified HTTP request.
+
+ The HTTP method.
+ The request URI.
+ The form variables.
+ The HTTP headers.
+ An instance of .
+
+
+
+ Creates an instance that describes the specified HTTP request.
+
+ The HTTP method.
+ The request URI.
+ The headers.
+ The input stream.
+ An instance of .
+
+
+
+ Reads name=value pairs from the POSTed form entity when the HTTP headers indicate that that is the payload of the entity.
+
+ The HTTP method.
+ The headers.
+ A function that returns the input stream.
+ The non-null collection of form variables.
+
+
+
+ Adds HTTP headers to a .
+
+ The collection to be modified with added entries.
+ The collection to read from.
+
+
+
+ Gets the HTTP method.
+
+
+
+
+ Gets the headers.
+
+
+
+
+ Gets the URL.
+
+
+
+
+ Gets the raw URL.
+
+
+
+
+ Gets the form.
+
+
+
+
+ Gets the query string.
+
+
+
+
+ Gets the server variables.
+
+
+
+
+ Gets the collection of cookies that were sent by the client.
+
+ The client's cookies.
+
+
+
+ Code contract for the interface.
+
+
+
+
+ Prevents a default instance of the class from being created.
+
+
+
+
+ Analyzes an incoming request message payload to discover what kind of
+ message is embedded in it and returns the type, or null if no match is found.
+
+ The intended or actual recipient of the request message.
+ The name/value pairs that make up the message payload.
+
+ A newly instantiated -derived object that this message can
+ deserialize to. Null if the request isn't recognized as a valid protocol message.
+
+
+
+
+ Analyzes an incoming request message payload to discover what kind of
+ message is embedded in it and returns the type, or null if no match is found.
+
+ The message that was sent as a request that resulted in the response.
+ The name/value pairs that make up the message payload.
+
+ A newly instantiated -derived object that this message can
+ deserialize to. Null if the request isn't recognized as a valid protocol message.
+
+
+
+
+ The contract a message that is signed must implement.
+
+
+ This type might have appeared in the DotNetOpenAuth.Messaging.Bindings namespace since
+ it is only used by types in that namespace, but all those types are internal and this
+ is the only one that was public.
+
+
+
+
+ Gets or sets the message signature.
+
+
+
+
+ Serializes/deserializes OAuth messages for/from transit.
+
+
+
+
+ The specific -derived type
+ that will be serialized and deserialized using this class.
+
+
+
+
+ Initializes a new instance of the MessageSerializer class.
+
+ The specific -derived type
+ that will be serialized and deserialized using this class.
+
+
+
+ Creates or reuses a message serializer for a given message type.
+
+ The type of message that will be serialized/deserialized.
+ A message serializer for the given message type.
+
+
+
+ Reads JSON as a flat dictionary into a message.
+
+ The message dictionary to fill with the JSON-deserialized data.
+ The JSON reader.
+
+
+
+ Reads the data from a message instance and writes an XML/JSON encoding of it.
+
+ The message to be serialized.
+ The writer to use for the serialized form.
+
+ Use
+ to create the instance capable of emitting JSON.
+
+
+
+
+ Reads XML/JSON into a message dictionary.
+
+ The message to deserialize into.
+ The XML/JSON to read into the message.
+ Thrown when protocol rules are broken by the incoming message.
+
+ Use
+ to create the instance capable of reading JSON.
+
+
+
+
+ Reads the data from a message instance and returns a series of name=value pairs for the fields that must be included in the message.
+
+ The message to be serialized.
+ The dictionary of values to send for the message.
+
+
+
+ Reads name=value pairs into a message.
+
+ The name=value pairs that were read in from the transport.
+ The message to deserialize into.
+ Thrown when protocol rules are broken by the incoming message.
+
+
+
+ Determines whether the specified type is numeric.
+
+ The type to test.
+
+ true if the specified type is numeric; otherwise, false.
+
+
+
+
+ A strongly-typed resource class, for looking up localized strings, etc.
+
+
+
+
+ Returns the cached ResourceManager instance used by this class.
+
+
+
+
+ Overrides the current thread's CurrentUICulture property for all
+ resource lookups using this strongly typed resource class.
+
+
+
+
+ Looks up a localized string similar to Argument's {0}.{1} property is required but is empty or null..
+
+
+
+
+ Looks up a localized string similar to Unable to send all message data because some of it requires multi-part POST, but IMessageWithBinaryData.SendAsMultipart was false..
+
+
+
+
+ Looks up a localized string similar to HttpContext.Current is null. There must be an ASP.NET request in process for this operation to succeed..
+
+
+
+
+ Looks up a localized string similar to DataContractSerializer could not be initialized on message type {0}. Is it missing a [DataContract] attribute?.
+
+
+
+
+ Looks up a localized string similar to DataContractSerializer could not be initialized on message type {0} because the DataContractAttribute.Namespace property is not set..
+
+
+
+
+ Looks up a localized string similar to Decoding failed due to data corruption..
+
+
+
+
+ Looks up a localized string similar to An instance of type {0} was expected, but received unexpected derived type {1}..
+
+
+
+
+ Looks up a localized string similar to The directed message's Recipient property must not be null..
+
+
+
+
+ Looks up a localized string similar to The given set of options is not supported by this web request handler..
+
+
+
+
+ Looks up a localized string similar to Unable to instantiate the message part encoder/decoder type {0}..
+
+
+
+
+ Looks up a localized string similar to Error while deserializing message {0}..
+
+
+
+
+ Looks up a localized string similar to Error occurred while sending a direct message or getting the response..
+
+
+
+
+ Looks up a localized string similar to This exception was not constructed with a root request message that caused it..
+
+
+
+
+ Looks up a localized string similar to This exception must be instantiated with a recipient that will receive the error message, or a direct request message instance that this exception will respond to..
+
+
+
+
+ Looks up a localized string similar to Expected {0} message but received no recognizable message..
+
+
+
+
+ Looks up a localized string similar to The message part {0} was expected in the {1} message but was not found..
+
+
+
+
+ Looks up a localized string similar to The message expired at {0} and it is now {1}..
+
+
+
+
+ Looks up a localized string similar to Failed to add extra parameter '{0}' with value '{1}'..
+
+
+
+
+ Looks up a localized string similar to At least one of GET or POST flags must be present..
+
+
+
+
+ Looks up a localized string similar to This method requires a current HttpContext. Alternatively, use an overload of this method that allows you to pass in information without an HttpContext..
+
+
+
+
+ Looks up a localized string similar to Messages that indicate indirect transport must implement the {0} interface..
+
+
+
+
+ Looks up a localized string similar to Insecure web request for '{0}' aborted due to security requirements demanding HTTPS..
+
+
+
+
+ Looks up a localized string similar to The {0} message required protections {{{1}}} but the channel could only apply {{{2}}}..
+
+
+
+
+ Looks up a localized string similar to The customized binding element ordering is invalid..
+
+
+
+
+ Looks up a localized string similar to Some part(s) of the message have invalid values: {0}.
+
+
+
+
+ Looks up a localized string similar to The incoming message had an invalid or missing nonce..
+
+
+
+
+ Looks up a localized string similar to An item with the same key has already been added..
+
+
+
+
+ Looks up a localized string similar to Message too large for a HTTP GET, and HTTP POST is not allowed for this message type..
+
+
+
+
+ Looks up a localized string similar to The {0} message does not support extensions..
+
+
+
+
+ Looks up a localized string similar to The value for {0}.{1} on member {1} was expected to derive from {2} but was {3}..
+
+
+
+
+ Looks up a localized string similar to Error while reading message '{0}' parameter '{1}' with value '{2}'..
+
+
+
+
+ Looks up a localized string similar to Message parameter '{0}' with value '{1}' failed to base64 decode..
+
+
+
+
+ Looks up a localized string similar to Error while preparing message '{0}' parameter '{1}' for sending..
+
+
+
+
+ Looks up a localized string similar to This message has a timestamp of {0}, which is beyond the allowable clock skew for in the future..
+
+
+
+
+ Looks up a localized string similar to Missing decryption key for bucket "{0}" handle "{1}".
+
+
+
+
+ Looks up a localized string similar to A non-empty string was expected..
+
+
+
+
+ Looks up a localized string similar to A message response is already queued for sending in the response stream..
+
+
+
+
+ Looks up a localized string similar to This message has already been processed. This could indicate a replay attack in progress..
+
+
+
+
+ Looks up a localized string similar to This channel does not support replay protection..
+
+
+
+
+ Looks up a localized string similar to The following message parts had constant value requirements that were unsatisfied: {0}.
+
+
+
+
+ Looks up a localized string similar to The following required non-empty parameters were empty in the {0} message: {1}.
+
+
+
+
+ Looks up a localized string similar to The following required parameters were missing from the {0} message: {1}.
+
+
+
+
+ Looks up a localized string similar to The binding element offering the {0} protection requires other protection that is not provided..
+
+
+
+
+ Looks up a localized string similar to The list is empty..
+
+
+
+
+ Looks up a localized string similar to The list contains a null element..
+
+
+
+
+ Looks up a localized string similar to An HttpContext.Current.Session object is required..
+
+
+
+
+ Looks up a localized string similar to Message signature was incorrect..
+
+
+
+
+ Looks up a localized string similar to This channel does not support signing messages. To support signing messages, a derived Channel type must override the Sign and IsSignatureValid methods..
+
+
+
+
+ Looks up a localized string similar to This message factory does not support message type(s): {0}.
+
+
+
+
+ Looks up a localized string similar to The stream must have a known length..
+
+
+
+
+ Looks up a localized string similar to The stream's CanRead property returned false..
+
+
+
+
+ Looks up a localized string similar to The stream's CanWrite property returned false..
+
+
+
+
+ Looks up a localized string similar to Expected at most 1 binding element to apply the {0} protection, but more than one applied..
+
+
+
+
+ Looks up a localized string similar to The maximum allowable number of redirects were exceeded while requesting '{0}'..
+
+
+
+
+ Looks up a localized string similar to Unexpected buffer length..
+
+
+
+
+ Looks up a localized string similar to The array must not be empty..
+
+
+
+
+ Looks up a localized string similar to The empty string is not allowed..
+
+
+
+
+ Looks up a localized string similar to Expected direct response to use HTTP status code {0} but was {1} instead..
+
+
+
+
+ Looks up a localized string similar to Message parameter '{0}' had unexpected value '{1}'..
+
+
+
+
+ Looks up a localized string similar to Expected message {0} parameter '{1}' to have value '{2}' but had '{3}' instead..
+
+
+
+
+ Looks up a localized string similar to Expected message {0} but received {1} instead..
+
+
+
+
+ Looks up a localized string similar to Unexpected message type received..
+
+
+
+
+ Looks up a localized string similar to A null key was included and is not allowed..
+
+
+
+
+ Looks up a localized string similar to A null or empty key was included and is not allowed..
+
+
+
+
+ Looks up a localized string similar to A null value was included for key '{0}' and is not allowed..
+
+
+
+
+ Looks up a localized string similar to The type {0} or a derived type was expected, but {1} was given..
+
+
+
+
+ Looks up a localized string similar to {0} property has unrecognized value {1}..
+
+
+
+
+ Looks up a localized string similar to The URL '{0}' is rated unsafe and cannot be requested this way..
+
+
+
+
+ Looks up a localized string similar to This blob is not a recognized encryption format..
+
+
+
+
+ Looks up a localized string similar to The HTTP verb '{0}' is unrecognized and unsupported..
+
+
+
+
+ Looks up a localized string similar to '{0}' messages cannot be received with HTTP verb '{1}'..
+
+
+
+
+ Looks up a localized string similar to Redirects on POST requests that are to untrusted servers is not supported..
+
+
+
+
+ Looks up a localized string similar to Web request to '{0}' failed..
+
+
+
+
+ A grab-bag of utility methods useful for the channel stack of the protocol.
+
+
+
+
+ The uppercase alphabet.
+
+
+
+
+ The lowercase alphabet.
+
+
+
+
+ The set of base 10 digits.
+
+
+
+
+ The set of digits and alphabetic letters (upper and lowercase).
+
+
+
+
+ All the characters that are allowed for use as a base64 encoding character.
+
+
+
+
+ All the characters that are allowed for use as a base64 encoding character
+ in the "web safe" context.
+
+
+
+
+ The set of digits, and alphabetic letters (upper and lowercase) that are clearly
+ visually distinguishable.
+
+
+
+
+ The length of private symmetric secret handles.
+
+
+ This value needn't be high, as we only expect to have a small handful of unexpired secrets at a time,
+ and handle recycling is permissible.
+
+
+
+
+ The cryptographically strong random data generator used for creating secrets.
+
+ The random number generator is thread-safe.
+
+
+
+ The default lifetime of a private secret.
+
+
+
+
+ A character array containing just the = character.
+
+
+
+
+ A character array containing just the , character.
+
+
+
+
+ A character array containing just the " character.
+
+
+
+
+ The set of characters that are unreserved in RFC 2396 but are NOT unreserved in RFC 3986.
+
+
+
+
+ A set of escaping mappings that help secure a string from javscript execution.
+
+
+ The characters to escape here are inspired by
+ http://code.google.com/p/doctype/wiki/ArticleXSSInJavaScript
+
+
+
+
+ Transforms an OutgoingWebResponse to an MVC-friendly ActionResult.
+
+ The response to send to the user agent.
+ The instance to be returned by the Controller's action method.
+
+
+
+ Transforms an OutgoingWebResponse to a Web API-friendly HttpResponseMessage.
+
+ The response to send to the user agent.
+ The instance to be returned by the Web API method.
+
+
+
+ Gets the original request URL, as seen from the browser before any URL rewrites on the server if any.
+ Cookieless session directory (if applicable) is also included.
+
+ The URL in the user agent's Location bar.
+
+
+
+ Strips any and all URI query parameters that start with some prefix.
+
+ The URI that may have a query with parameters to remove.
+ The prefix for parameters to remove. A period is NOT automatically appended.
+ Either a new Uri with the parameters removed if there were any to remove, or the same Uri instance if no parameters needed to be removed.
+
+
+
+ Sends a multipart HTTP POST request (useful for posting files).
+
+ The HTTP request.
+ The request handler.
+ The parts to include in the POST entity.
+ The HTTP response.
+
+
+
+ Assembles a message comprised of the message on a given exception and all inner exceptions.
+
+ The exception.
+ The assembled message.
+
+
+
+ Flattens the specified sequence of sequences.
+
+ The type of element contained in the sequence.
+ The sequence of sequences to flatten.
+ A sequence of the contained items.
+
+
+
+ Cuts off precision beyond a second on a DateTime value.
+
+ The value.
+ A DateTime with a 0 millisecond component.
+
+
+
+ Adds a name-value pair to the end of a given URL
+ as part of the querystring piece. Prefixes a ? or & before
+ first element as necessary.
+
+ The UriBuilder to add arguments to.
+ The name of the parameter to add.
+ The value of the argument.
+
+ If the parameters to add match names of parameters that already are defined
+ in the query string, the existing ones are not replaced.
+
+
+
+
+ Adds a set of values to a collection.
+
+ The type of value kept in the collection.
+ The collection to add to.
+ The values to add to the collection.
+
+
+
+ Tests whether two timespans are within reasonable approximation of each other.
+
+ One TimeSpan.
+ The other TimeSpan.
+ The allowable margin of error.
+ true if the two TimeSpans are within of each other.
+
+
+
+ Compares to string values for ordinal equality in such a way that its execution time does not depend on how much of the value matches.
+
+ The first value.
+ The second value.
+ A value indicating whether the two strings share ordinal equality.
+
+ In signature equality checks, a difference in execution time based on how many initial characters match MAY
+ be used as an attack to figure out the expected signature. It is therefore important to make a signature
+ equality check's execution time independent of how many characters match the expected value.
+ See http://codahale.com/a-lesson-in-timing-attacks/ for more information.
+
+
+
+
+ Gets the public facing URL for the given incoming HTTP request.
+
+ The incoming request. Cannot be null.
+ The server variables to consider part of the request. Cannot be null.
+
+ The URI that the outside world used to create this request.
+
+
+ Although the value can be obtained from
+ , it's useful to be able to pass them
+ in so we can simulate injected values from our unit tests since the actual property
+ is a read-only kind of .
+
+
+
+
+ Gets the public facing URL for the given incoming HTTP request.
+
+ The incoming request. Cannot be null. Server variables are read from this request.
+ The URI that the outside world used to create this request.
+
+
+
+ Gets the URL to the root of a web site, which may include a virtual directory path.
+
+ An absolute URI.
+
+
+
+ Creates the XML reader settings to use for reading XML from untrusted sources.
+
+
+ The new instance of .
+
+
+ The default values set here are based on recommendations from
+ http://msdn.microsoft.com/en-us/magazine/ee335713.aspx
+
+
+
+
+ Clears any existing elements in a collection and fills the collection with a given set of values.
+
+ The type of value kept in the collection.
+ The collection to modify.
+ The new values to fill the collection.
+
+
+
+ Strips any and all URI query parameters that serve as parts of a message.
+
+ The URI that may contain query parameters to remove.
+ The message description whose parts should be removed from the URL.
+ A cleaned URL.
+
+
+
+ Sends a multipart HTTP POST request (useful for posting files) but doesn't call GetResponse on it.
+
+ The HTTP request.
+ The request handler.
+ The parts to include in the POST entity.
+
+
+
+ Assembles the content of the HTTP Authorization or WWW-Authenticate header.
+
+ The fields to include.
+
+ A value prepared for an HTTP header.
+
+
+
+
+ Assembles the content of the HTTP Authorization or WWW-Authenticate header.
+
+ The scheme.
+ The fields to include.
+ A value prepared for an HTTP header.
+
+
+
+ Parses the authorization header.
+
+ The scheme. Must not be null or empty.
+ The authorization header. May be null or empty.
+ A sequence of key=value pairs discovered in the header. Never null, but may be empty.
+
+
+
+ Encodes a symmetric key handle and the blob that is encrypted/signed with that key into a single string
+ that can be decoded by .
+
+ The cryptographic key handle.
+ The encrypted/signed blob.
+ The combined encoded value.
+
+
+
+ Extracts the key handle and encrypted blob from a string previously returned from .
+
+ The message part. May be null if not applicable.
+ The value previously returned from .
+ The crypto key handle.
+ The encrypted/signed data.
+
+
+
+ Gets a buffer of random data (not cryptographically strong).
+
+ The length of the sequence to generate.
+ The generated values, which may contain zeros.
+
+
+
+ Gets a cryptographically strong random sequence of values.
+
+ The length of the sequence to generate.
+ The generated values, which may contain zeros.
+
+
+
+ Gets a cryptographically strong random string of base64 characters.
+
+ The length of the byte sequence to generate.
+ A base64 encoding of the generated random data,
+ whose length in characters will likely be greater than .
+
+
+
+ Gets a NON-cryptographically strong random string of base64 characters.
+
+ The length of the byte sequence to generate.
+ A value indicating whether web64 encoding is used to avoid the need to escape characters.
+
+ A base64 encoding of the generated random data,
+ whose length in characters will likely be greater than .
+
+
+
+
+ Gets a random string made up of a given set of allowable characters.
+
+ The length of the desired random string.
+ The allowable characters.
+ A random string.
+
+
+
+ Computes the hash of a string.
+
+ The hash algorithm to use.
+ The value to hash.
+ The encoding to use when converting the string to a byte array.
+ A base64 encoded string.
+
+
+
+ Computes the hash of a sequence of key=value pairs.
+
+ The hash algorithm to use.
+ The data to hash.
+ The encoding to use when converting the string to a byte array.
+ A base64 encoded string.
+
+
+
+ Computes the hash of a sequence of key=value pairs.
+
+ The hash algorithm to use.
+ The data to hash.
+ The encoding to use when converting the string to a byte array.
+ A base64 encoded string.
+
+
+
+ Encrypts a byte buffer.
+
+ The buffer to encrypt.
+ The symmetric secret to use to encrypt the buffer. Allowed values are 128, 192, or 256 bytes in length.
+ The encrypted buffer
+
+
+
+ Decrypts a byte buffer.
+
+ The buffer to decrypt.
+ The symmetric secret to use to decrypt the buffer. Allowed values are 128, 192, and 256.
+ The encrypted buffer
+
+
+
+ Encrypts a string.
+
+ The text to encrypt.
+ The symmetric secret to use to encrypt the buffer. Allowed values are 128, 192, and 256.
+ The encrypted buffer
+
+
+
+ Decrypts a string previously encrypted with .
+
+ The text to decrypt.
+ The symmetric secret to use to decrypt the buffer. Allowed values are 128, 192, and 256.
+ The encrypted buffer
+
+
+
+ Performs asymmetric encryption of a given buffer.
+
+ The asymmetric encryption provider to use for encryption.
+ The buffer to encrypt.
+ The encrypted data.
+
+
+
+ Performs asymmetric decryption of a given buffer.
+
+ The asymmetric encryption provider to use for decryption.
+ The buffer to decrypt.
+ The decrypted data.
+
+
+
+ Gets a key from a given bucket with the longest remaining life, or creates a new one if necessary.
+
+ The crypto key store.
+ The bucket where the key should be found or stored.
+ The minimum remaining life required on the returned key.
+ The required size of the key, in bits.
+
+ A key-value pair whose key is the secret's handle and whose value is the cryptographic key.
+
+
+
+
+ Compresses a given buffer.
+
+ The buffer to compress.
+ The compression algorithm to use.
+ The compressed data.
+
+
+
+ Decompresses a given buffer.
+
+ The buffer to decompress.
+ The compression algorithm used.
+ The decompressed data.
+
+
+
+ Converts to data buffer to a base64-encoded string, using web safe characters and with the padding removed.
+
+ The data buffer.
+ A web-safe base64-encoded string without padding.
+
+
+
+ Decodes a (web-safe) base64-string back to its binary buffer form.
+
+ The base64-encoded string. May be web-safe encoded.
+ A data buffer.
+
+
+
+ Adds a set of HTTP headers to an instance,
+ taking care to set some headers to the appropriate properties of
+
+
+ The headers to add.
+ The instance to set the appropriate values to.
+
+
+
+ Adds a set of HTTP headers to an instance,
+ taking care to set some headers to the appropriate properties of
+
+
+ The headers to add.
+ The instance to set the appropriate values to.
+
+
+
+ Copies the contents of one stream to another.
+
+ The stream to copy from, at the position where copying should begin.
+ The stream to copy to, at the position where bytes should be written.
+ The maximum bytes to copy.
+ The total number of bytes copied.
+
+ Copying begins at the streams' current positions.
+ The positions are NOT reset after copying is complete.
+
+
+
+
+ Creates a snapshot of some stream so it is seekable, and the original can be closed.
+
+ The stream to copy bytes from.
+ A seekable stream with the same contents as the original.
+
+
+
+ Clones an in order to send it again.
+
+ The request to clone.
+ The newly created instance.
+
+
+
+ Clones an in order to send it again.
+
+ The request to clone.
+ The new recipient of the request.
+ The newly created instance.
+
+
+
+ Tests whether two arrays are equal in contents and ordering.
+
+ The type of elements in the arrays.
+ The first array in the comparison. May be null.
+ The second array in the comparison. May be null.
+ True if the arrays equal; false otherwise.
+
+
+
+ Tests whether two arrays are equal in contents and ordering,
+ guaranteeing roughly equivalent execution time regardless of where a signature mismatch may exist.
+
+ The first array in the comparison. May not be null.
+ The second array in the comparison. May not be null.
+ True if the arrays equal; false otherwise.
+
+ Guaranteeing equal execution time is useful in mitigating against timing attacks on a signature
+ or other secret.
+
+
+
+
+ Tests two sequences for same contents and ordering.
+
+ The type of elements in the arrays.
+ The first sequence in the comparison. May not be null.
+ The second sequence in the comparison. May not be null.
+ True if the arrays equal; false otherwise.
+
+
+
+ Tests two unordered collections for same contents.
+
+ The type of elements in the collections.
+ The first collection in the comparison. May not be null.
+ The second collection in the comparison. May not be null.
+ True if the collections have the same contents; false otherwise.
+
+
+
+ Tests whether two dictionaries are equal in length and contents.
+
+ The type of keys in the dictionaries.
+ The type of values in the dictionaries.
+ The first dictionary in the comparison. May not be null.
+ The second dictionary in the comparison. May not be null.
+ True if the arrays equal; false otherwise.
+
+
+
+ Concatenates a list of name-value pairs as key=value&key=value,
+ taking care to properly encode each key and value for URL
+ transmission according to RFC 3986. No ? is prefixed to the string.
+
+ The dictionary of key/values to read from.
+ The formulated querystring style string.
+
+
+
+ Adds a set of name-value pairs to the end of a given URL
+ as part of the querystring piece. Prefixes a ? or & before
+ first element as necessary.
+
+ The UriBuilder to add arguments to.
+
+ The arguments to add to the query.
+ If null, is not changed.
+
+
+ If the parameters to add match names of parameters that already are defined
+ in the query string, the existing ones are not replaced.
+
+
+
+
+ Adds a set of name-value pairs to the end of a given URL
+ as part of the fragment piece. Prefixes a # or & before
+ first element as necessary.
+
+ The UriBuilder to add arguments to.
+
+ The arguments to add to the query.
+ If null, is not changed.
+
+
+ If the parameters to add match names of parameters that already are defined
+ in the fragment, the existing ones are not replaced.
+
+
+
+
+ Adds parameters to a query string, replacing parameters that
+ match ones that already exist in the query string.
+
+ The UriBuilder to add arguments to.
+
+ The arguments to add to the query.
+ If null, is not changed.
+
+
+
+
+ Extracts the recipient from an HttpRequestInfo.
+
+ The request to get recipient information from.
+ The recipient.
+ Thrown if the HTTP request is something we can't handle.
+
+
+
+ Gets the enum value for a given HTTP verb.
+
+ The HTTP verb.
+ A enum value that is within the .
+ Thrown if the HTTP request is something we can't handle.
+
+
+
+ Gets the HTTP verb to use for a given enum value.
+
+ The HTTP method.
+ An HTTP verb, such as GET, POST, PUT, DELETE, PATCH, or OPTION.
+
+
+
+ Copies some extra parameters into a message.
+
+ The message to copy the extra data into.
+ The extra data to copy into the message. May be null to do nothing.
+
+
+
+ Collects a sequence of key=value pairs into a dictionary.
+
+ The type of the key.
+ The type of the value.
+ The sequence.
+ A dictionary.
+
+
+
+ Enumerates all members of the collection as key=value pairs.
+
+ The collection to enumerate.
+ A sequence of pairs.
+
+
+
+ Converts a to an IDictionary<string, string>.
+
+ The NameValueCollection to convert. May be null.
+ The generated dictionary, or null if is null.
+
+ If a null key is encountered, its value is ignored since
+ Dictionary<string, string> does not allow null keys.
+
+
+
+
+ Converts a to an IDictionary<string, string>.
+
+ The NameValueCollection to convert. May be null.
+
+ A value indicating whether a null key in the should be silently skipped since it is not a valid key in a Dictionary.
+ Use true to throw an exception if a null key is encountered.
+ Use false to silently continue converting the valid keys.
+
+ The generated dictionary, or null if is null.
+ Thrown if is true and a null key is encountered.
+
+
+
+ Converts a dictionary to a
+
+ The existing dictionary.
+ The new collection.
+
+
+
+ Sorts the elements of a sequence in ascending order by using a specified comparer.
+
+ The type of the elements of source.
+ The type of the key returned by keySelector.
+ A sequence of values to order.
+ A function to extract a key from an element.
+ A comparison function to compare keys.
+ An System.Linq.IOrderedEnumerable<TElement> whose elements are sorted according to a key.
+
+
+
+ Determines whether the specified message is a request (indirect message or direct request).
+
+ The message in question.
+
+ true if the specified message is a request; otherwise, false.
+
+
+ Although an may implement the
+ interface, it may only be doing that for its derived classes. These objects are only requests
+ if their property is non-null.
+
+
+
+
+ Determines whether the specified message is a direct response.
+
+ The message in question.
+
+ true if the specified message is a direct response; otherwise, false.
+
+
+ Although an may implement the
+ interface, it may only be doing
+ that for its derived classes. These objects are only requests if their
+ property is non-null.
+
+
+
+
+ Writes a buffer, prefixed with its own length.
+
+ The binary writer.
+ The buffer.
+
+
+
+ Reads a buffer that is prefixed with its own length.
+
+ The binary reader positioned at the buffer length.
+
+ The maximum size of the buffer that should be permitted.
+ Although the stream will indicate the size of the buffer, this mitigates data corruption
+ or DoS attacks causing the web server to allocate too much memory for a small data packet.
+
+ The read buffer.
+
+
+
+ Constructs a Javascript expression that will create an object
+ on the user agent when assigned to a variable.
+
+ The untrusted names and untrusted values to inject into the JSON object.
+ if set to true the values will NOT be escaped as if it were a pure string.
+ The Javascript JSON object as a string.
+
+
+
+ Serializes the given message as a JSON string.
+
+ The message to serialize.
+ The cached message descriptions to use for reflection.
+ A JSON string.
+
+
+
+ Serializes the given message as a JSON string.
+
+ The message to serialize.
+ The cached message descriptions to use for reflection.
+ The encoding to use. Defaults to
+ A JSON string.
+
+
+
+ Deserializes a JSON object into a message.
+
+ The buffer containing the JSON string.
+ The message to deserialize the object into.
+ The cache of message descriptions.
+ The encoding that the JSON bytes are in.
+
+
+
+ Prepares what SHOULD be simply a string value for safe injection into Javascript
+ by using appropriate character escaping.
+
+ The untrusted string value to be escaped to protected against XSS attacks. May be null.
+ The escaped string, surrounded by single-quotes.
+
+
+
+ Escapes a string according to the URI data string rules given in RFC 3986.
+
+ The value to escape.
+ The escaped value.
+
+ The method is supposed to take on
+ RFC 3986 behavior if certain elements are present in a .config file. Even if this
+ actually worked (which in my experiments it doesn't), we can't rely on every
+ host actually having this configuration element present.
+
+
+
+
+ Ensures that UTC times are converted to local times. Unspecified kinds are unchanged.
+
+ The date-time to convert.
+ The date-time in local time.
+
+
+
+ Ensures that local times are converted to UTC times. Unspecified kinds are unchanged.
+
+ The date-time to convert.
+ The date-time in UTC time.
+
+
+
+ Gets the query data from the original request (before any URL rewriting has occurred.)
+
+ The request.
+
+ A containing all the parameters in the query string.
+
+
+
+
+ Gets a value indicating whether the request's URL was rewritten by ASP.NET
+ or some other module.
+
+ The request.
+ A value indicating whether there is evidence that the URL of the request has been changed to some internal server (farm) representation.
+
+ true if this request's URL was rewritten; otherwise, false.
+
+
+
+
+ Gets the query or form data from the original request (before any URL rewriting has occurred.)
+
+ The request.
+
+ A set of name=value pairs.
+
+
+
+
+ Creates a symmetric algorithm for use in encryption/decryption.
+
+ The symmetric key to use for encryption/decryption.
+ A symmetric algorithm.
+
+
+
+ Gets a random number generator for use on the current thread only.
+
+
+
+
+ The available compression algorithms.
+
+
+
+
+ The Deflate algorithm.
+
+
+
+
+ The GZip algorithm.
+
+
+
+
+ A thread-safe, non-crypto random number generator.
+
+
+
+
+ The initializer of all new instances.
+
+
+
+
+ A thread-local instance of
+
+
+
+
+ Gets a random number generator for use on the current thread only.
+
+
+
+
+ A class to convert a into an .
+
+ The type of objects being compared.
+
+
+
+ The comparison method to use.
+
+
+
+
+ Initializes a new instance of the ComparisonHelper class.
+
+ The comparison method to use.
+
+
+
+ Compares two instances of .
+
+ The first object to compare.
+ The second object to compare.
+ Any of -1, 0, or 1 according to standard comparison rules.
+
+
+
+ A message expiration enforcing binding element that supports messages
+ implementing the interface.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Sets the timestamp on an outgoing message.
+
+ The outgoing message.
+
+ The protections (if any) that this binding element applied to the message.
+ Null if this binding element did not even apply to this binding element.
+
+
+
+
+ Reads the timestamp on a message and throws an exception if the message is too old.
+
+ The incoming message.
+
+ The protections (if any) that this binding element applied to the message.
+ Null if this binding element did not even apply to this binding element.
+
+ Thrown if the given message has already expired.
+
+ Thrown when the binding element rules indicate that this message is invalid and should
+ NOT be processed.
+
+
+
+
+ Gets the protection offered by this binding element.
+
+
+
+
+
+ Gets or sets the channel that this binding element belongs to.
+
+
+
+
+ Gets the maximum age a message implementing the
+ interface can be before
+ being discarded as too old.
+
+
+
+
+ A pair of conversion functions to map some type to a string and back again.
+
+
+
+
+ The mapping function that converts some custom type to a string.
+
+
+
+
+ The mapping function that converts some custom type to the original string
+ (possibly non-normalized) that represents it.
+
+
+
+
+ The mapping function that converts a string to some custom type.
+
+
+
+
+ Initializes a new instance of the struct.
+
+ The mapping function that converts some custom value to a string.
+ The mapping function that converts some custom value to its original (non-normalized) string. May be null if the same as the function.
+ The mapping function that converts a string to some custom value.
+
+
+
+ Initializes a new instance of the struct.
+
+ The encoder.
+
+
+
+ Gets the encoder.
+
+
+
+
+ A mapping between serialized key names and instances describing
+ those key/values pairs.
+
+
+
+
+ A mapping between the serialized key names and their
+ describing instances.
+
+
+
+
+ Initializes a new instance of the class.
+
+ Type of the message.
+ The message version.
+
+
+
+ Returns a that represents this instance.
+
+
+ A that represents this instance.
+
+
+
+
+ Gets a dictionary that provides read/write access to a message.
+
+ The message the dictionary should provide access to.
+ The dictionary accessor to the message
+
+
+
+ Gets a dictionary that provides read/write access to a message.
+
+ The message the dictionary should provide access to.
+ A value indicating whether this message dictionary will retrieve original values instead of normalized ones.
+ The dictionary accessor to the message
+
+
+
+ Ensures the message parts pass basic validation.
+
+ The key/value pairs of the serialized message.
+
+
+
+ Tests whether all the required message parts pass basic validation for the given data.
+
+ The key/value pairs of the serialized message.
+ A value indicating whether the provided data fits the message's basic requirements.
+
+
+
+ Verifies that a given set of keys include all the required parameters
+ for this message type or throws an exception.
+
+ The names of all parameters included in a message.
+ if set to true an exception is thrown on failure with details.
+ A value indicating whether the provided data fits the message's basic requirements.
+
+ Thrown when required parts of a message are not in
+ if is true.
+
+
+
+
+ Ensures the protocol message parts that must not be empty are in fact not empty.
+
+ A dictionary of key/value pairs that make up the serialized message.
+ if set to true an exception is thrown on failure with details.
+ A value indicating whether the provided data fits the message's basic requirements.
+
+ Thrown when required parts of a message are not in
+ if is true.
+
+
+
+
+ Checks that a bunch of message part values meet the constant value requirements of this message description.
+
+ The part values.
+ if set to true, this method will throw on failure.
+ A value indicating whether all the requirements are met.
+
+
+
+ Reflects over some -implementing type
+ and prepares to serialize/deserialize instances of that type.
+
+
+
+
+ Gets the mapping between the serialized key names and their describing
+ instances.
+
+
+
+
+ Gets the message version this instance was generated from.
+
+
+
+
+ Gets the type of message this instance was generated from.
+
+ The type of the described message.
+
+
+
+ Gets the constructors available on the message type.
+
+
+
+
+ Wraps an instance in a dictionary that
+ provides access to both well-defined message properties and "extra"
+ name/value pairs that have no properties associated with them.
+
+
+
+
+ The instance manipulated by this dictionary.
+
+
+
+
+ The instance that describes the message type.
+
+
+
+
+ Whether original string values should be retrieved instead of normalized ones.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The message instance whose values will be manipulated by this dictionary.
+ The message description.
+ A value indicating whether this message dictionary will retrieve original values instead of normalized ones.
+
+
+
+ Adds a named value to the message.
+
+ The serialized form of the name whose value is being set.
+ The serialized form of the value.
+
+ Thrown if already has a set value in this message.
+
+
+ Thrown if is null.
+
+
+
+
+ Checks whether some named parameter has a value set in the message.
+
+ The serialized form of the message part's name.
+ True if the parameter by the given name has a set value. False otherwise.
+
+
+
+ Removes a name and value from the message given its name.
+
+ The serialized form of the name to remove.
+ True if a message part by the given name was found and removed. False otherwise.
+
+
+
+ Gets some named value if the key has a value.
+
+ The name (in serialized form) of the value being sought.
+ The variable where the value will be set.
+ True if the key was found and was set. False otherwise.
+
+
+
+ Sets a named value in the message.
+
+ The name-value pair to add. The name is the serialized form of the key.
+
+
+
+ Removes all values in the message.
+
+
+
+
+ Removes all items from the .
+
+
+ The is read-only.
+
+
+ This method cannot be implemented because keys are not guaranteed to be removed
+ since some are inherent to the type of message that this dictionary provides
+ access to.
+
+
+
+
+ Checks whether a named value has been set on the message.
+
+ The name/value pair.
+ True if the key exists and has the given value. False otherwise.
+
+
+
+ Copies all the serializable data from the message to a key/value array.
+
+ The array to copy to.
+ The index in the to begin copying to.
+
+
+
+ Removes a named value from the message if it exists.
+
+ The serialized form of the name and value to remove.
+ True if the name/value was found and removed. False otherwise.
+
+
+
+ Gets an enumerator that generates KeyValuePair<string, string> instances
+ for all the key/value pairs that are set in the message.
+
+ The enumerator that can generate the name/value pairs.
+
+
+
+ Gets an enumerator that generates KeyValuePair<string, string> instances
+ for all the key/value pairs that are set in the message.
+
+ The enumerator that can generate the name/value pairs.
+
+
+
+ Saves the data in a message to a standard dictionary.
+
+ The generated dictionary.
+
+
+
+ Loads data from a dictionary into the message.
+
+ The data to load into the message.
+
+
+
+ Gets the message this dictionary provides access to.
+
+
+
+
+ Gets the description of the type of message this dictionary provides access to.
+
+
+
+
+ Gets the number of explicitly set values in the message.
+
+
+
+
+ Gets a value indicating whether this message is read only.
+
+
+
+
+ Gets all the keys that have values associated with them.
+
+
+
+
+ Gets the set of official message part names that have non-null values associated with them.
+
+
+
+
+ Gets the keys that are in the message but not declared as official OAuth properties.
+
+
+
+
+ Gets all the values.
+
+
+
+
+ Gets the serializer for the message this dictionary provides access to.
+
+
+
+
+ Gets or sets a value for some named value.
+
+ The serialized form of a name for the value to read or write.
+ The named value.
+
+ If the key matches a declared property or field on the message type,
+ that type member is set. Otherwise the key/value is stored in a
+ dictionary for extra (weakly typed) strings.
+
+ Thrown when setting a value that is not allowed for a given .
+
+
+
+ Describes an individual member of a message and assists in its serialization.
+
+
+
+
+ A map of converters that help serialize custom objects to string values and back again.
+
+
+
+
+ A map of instantiated custom encoders used to encode/decode message parts.
+
+
+
+
+ The string-object conversion routines to use for this individual message part.
+
+
+
+
+ The property that this message part is associated with, if aplicable.
+
+
+
+
+ The field that this message part is associated with, if aplicable.
+
+
+
+
+ The type of the message part. (Not the type of the message itself).
+
+
+
+
+ The default (uninitialized) value of the member inherent in its type.
+
+
+
+
+ Initializes static members of the class.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+ A property or field of an implementing type
+ that has a attached to it.
+
+
+ The attribute discovered on that describes the
+ serialization requirements of the message part.
+
+
+
+
+ Sets the member of a given message to some given value.
+ Used in deserialization.
+
+ The message instance containing the member whose value should be set.
+ The string representation of the value to set.
+
+
+
+ Gets the normalized form of a value of a member of a given message.
+ Used in serialization.
+
+ The message instance to read the value from.
+ The string representation of the member's value.
+
+
+
+ Gets the value of a member of a given message.
+ Used in serialization.
+
+ The message instance to read the value from.
+ A value indicating whether the original value should be retrieved (as opposed to a normalized form of it).
+ The string representation of the member's value.
+
+
+
+ Gets whether the value has been set to something other than its CLR type default value.
+
+ The message instance to check the value on.
+ True if the value is not the CLR default value.
+
+
+
+ Adds a pair of type conversion functions to the static conversion map.
+
+ The custom type to convert to and from strings.
+ The function to convert the custom type to a string.
+ The mapping function that converts some custom value to its original (non-normalized) string. May be null if the same as the function.
+ The function to convert a string to the custom type.
+
+
+
+ Creates a that resorts to and
+ for the conversion.
+
+ The type to create the mapping for.
+ The value mapping.
+
+
+
+ Creates the default encoder for a given type.
+
+ The type to create a for.
+ A struct.
+
+
+
+ Figures out the CLR default value for a given type.
+
+ The type whose default value is being sought.
+ Either null, or some default value like 0 or 0.0.
+
+
+
+ Checks whether a type is a nullable value type (i.e. int?)
+
+ The type in question.
+ True if this is a nullable value type.
+
+
+
+ Retrieves a previously instantiated encoder of a given type, or creates a new one and stores it for later retrieval as well.
+
+ The message part encoder type.
+ An instance of the desired encoder.
+
+
+
+ Gets the value of the message part, without converting it to/from a string.
+
+ The message instance to read from.
+ The value of the member.
+
+
+
+ Sets the value of a message part directly with a given value.
+
+ The message instance to read from.
+ The value to set on the this part.
+
+
+
+ Converts a string representation of the member's value to the appropriate type.
+
+ The string representation of the member's value.
+
+ An instance of the appropriate type for setting the member.
+
+
+
+
+ Converts the member's value to its string representation.
+
+ The value of the member.
+ A value indicating whether a string matching the originally decoded string should be returned (as opposed to a normalized string).
+
+ The string representation of the member's value.
+
+
+
+
+ Validates that the message part and its attribute have agreeable settings.
+
+
+ Thrown when a non-nullable value type is set as optional.
+
+
+
+
+ Gets or sets the name to use when serializing or deserializing this parameter in a message.
+
+
+
+
+ Gets or sets whether this message part must be signed.
+
+
+
+
+ Gets or sets a value indicating whether this message part is required for the
+ containing message to be valid.
+
+
+
+
+ Gets or sets a value indicating whether the string value is allowed to be empty in the serialized message.
+
+
+
+
+ Gets or sets a value indicating whether the field or property must remain its default value.
+
+
+
+
+ Gets or sets a value indicating whether this part is defined as a constant field and can be read without a message instance.
+
+
+
+
+ Gets or sets a value indicating whether the value contained by this property contains
+ sensitive information that should generally not be logged.
+
+
+ true if this instance is security sensitive; otherwise, false.
+
+
+
+
+ Gets the static constant value for this message part without a message instance.
+
+
+
+
+ Gets the type of the declared member.
+
+
+
+
+ Gets the type of the encoded values produced by this encoder, as they would appear in their preferred form.
+
+
+
+
+ An exception thrown when messages cannot receive all the protections they require.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The message whose protection requirements could not be met.
+ The protection requirements that were fulfilled.
+
+
+
+ Initializes a new instance of the class.
+
+ The
+ that holds the serialized object data about the exception being thrown.
+ The System.Runtime.Serialization.StreamingContext
+ that contains contextual information about the source or destination.
+
+
+
+ A protocol message (request or response) that passes from this
+ to a remote party via the user agent using a redirect or form
+ POST submission, OR a direct message response.
+
+
+ An instance of this type describes the HTTP response that must be sent
+ in response to the current HTTP request.
+ It is important that this response make up the entire HTTP response.
+ A hosting ASPX page should not be allowed to render its normal HTML output
+ after this response is sent. The normal rendered output of an ASPX page
+ can be canceled by calling after this message
+ is sent on the response stream.
+
+
+
+
+ The encoder to use for serializing the response body.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Initializes a new instance of the class
+ based on the contents of an .
+
+ The to clone.
+ The maximum bytes to read from the response stream.
+
+
+
+ Creates a text reader for the response stream.
+
+ The text reader, initialized for the proper encoding.
+
+
+
+ Automatically sends the appropriate response to the user agent
+ and ends execution on the current page or handler.
+
+ Typically thrown by ASP.NET in order to prevent additional data from the page being sent to the client and corrupting the response.
+
+ Requires a current HttpContext.
+
+
+
+
+ Automatically sends the appropriate response to the user agent
+ and ends execution on the current page or handler.
+
+ The context of the HTTP request whose response should be set.
+ Typically this is .
+ Typically thrown by ASP.NET in order to prevent additional data from the page being sent to the client and corrupting the response.
+
+
+
+ Automatically sends the appropriate response to the user agent
+ and ends execution on the current page or handler.
+
+ The context of the HTTP request whose response should be set.
+ Typically this is .
+ Typically thrown by ASP.NET in order to prevent additional data from the page being sent to the client and corrupting the response.
+
+
+
+ Automatically sends the appropriate response to the user agent
+ and signals ASP.NET to short-circuit the page execution pipeline
+ now that the response has been completed.
+ Not safe to call from ASP.NET web forms.
+
+
+ Requires a current HttpContext.
+ This call is not safe to make from an ASP.NET web form (.aspx file or code-behind) because
+ ASP.NET will render HTML after the protocol message has been sent, which will corrupt the response.
+ Use the method instead for web forms.
+
+
+
+
+ Automatically sends the appropriate response to the user agent
+ and signals ASP.NET to short-circuit the page execution pipeline
+ now that the response has been completed.
+ Not safe to call from ASP.NET web forms.
+
+ The context of the HTTP request whose response should be set.
+ Typically this is .
+
+ This call is not safe to make from an ASP.NET web form (.aspx file or code-behind) because
+ ASP.NET will render HTML after the protocol message has been sent, which will corrupt the response.
+ Use the method instead for web forms.
+
+
+
+
+ Automatically sends the appropriate response to the user agent
+ and signals ASP.NET to short-circuit the page execution pipeline
+ now that the response has been completed.
+ Not safe to call from ASP.NET web forms.
+
+ The context of the HTTP request whose response should be set.
+ Typically this is .
+
+ This call is not safe to make from an ASP.NET web form (.aspx file or code-behind) because
+ ASP.NET will render HTML after the protocol message has been sent, which will corrupt the response.
+ Use the method instead for web forms.
+
+
+
+
+ Submits this response to a WCF response context. Only available when no response body is included.
+
+ The response context to apply the response to.
+
+
+
+ Automatically sends the appropriate response to the user agent.
+
+ The response to set to this message.
+
+
+
+ Gets the URI that, when requested with an HTTP GET request,
+ would transmit the message that normally would be transmitted via a user agent redirect.
+
+ The channel to use for encoding.
+
+ The URL that would transmit the original message. This URL may exceed the normal 2K limit,
+ and should therefore be broken up manually and POSTed as form fields when it exceeds this length.
+
+
+ This is useful for desktop applications that will spawn a user agent to transmit the message
+ rather than cause a redirect.
+
+
+
+
+ Sets the response to some string, encoded as UTF-8.
+
+ The string to set the response to.
+ Type of the content. May be null.
+
+
+
+ Automatically sends the appropriate response to the user agent
+ and signals ASP.NET to short-circuit the page execution pipeline
+ now that the response has been completed.
+
+ The context of the HTTP request whose response should be set.
+ Typically this is .
+ If set to false, this method calls
+ rather than
+ to avoid a .
+
+
+
+ Automatically sends the appropriate response to the user agent
+ and signals ASP.NET to short-circuit the page execution pipeline
+ now that the response has been completed.
+
+ The context of the HTTP request whose response should be set.
+ Typically this is .
+ If set to false, this method calls
+ rather than
+ to avoid a .
+
+
+
+ Gets the headers that must be included in the response to the user agent.
+
+
+ The headers in this collection are not meant to be a comprehensive list
+ of exactly what should be sent, but are meant to augment whatever headers
+ are generally included in a typical response.
+
+
+
+
+ Gets the body of the HTTP response.
+
+
+
+
+ Gets a value indicating whether the response stream is incomplete due
+ to a length limitation imposed by the HttpWebRequest or calling method.
+
+
+
+
+ Gets the cookies collection to add as headers to the HTTP response.
+
+
+
+
+ Gets or sets the body of the response as a string.
+
+
+
+
+ Gets the HTTP status code to use in the HTTP response.
+
+
+
+
+ Gets or sets a reference to the actual protocol message that
+ is being sent via the user agent.
+
+
+
+
+ The methods available for the local party to send messages to a remote party.
+
+
+ See OAuth 1.0 spec section 5.2.
+
+
+
+
+ No HTTP methods are allowed.
+
+
+
+
+ In the HTTP Authorization header as defined in OAuth HTTP Authorization Scheme (OAuth HTTP Authorization Scheme).
+
+
+
+
+ As the HTTP POST request body with a content-type of application/x-www-form-urlencoded.
+
+
+
+
+ Added to the URLs in the query part (as defined by [RFC3986] (Berners-Lee, T., “Uniform Resource Identifiers (URI): Generic Syntax,” .) section 3).
+
+
+
+
+ Added to the URLs in the query part (as defined by [RFC3986] (Berners-Lee, T., “Uniform Resource Identifiers (URI): Generic Syntax,” .) section 3).
+
+
+
+
+ Added to the URLs in the query part (as defined by [RFC3986] (Berners-Lee, T., “Uniform Resource Identifiers (URI): Generic Syntax,” .) section 3).
+
+
+
+
+ Added to the URLs in the query part (as defined by [RFC3986] (Berners-Lee, T., “Uniform Resource Identifiers (URI): Generic Syntax,” .) section 3).
+
+
+
+
+ Added to the URLs in the query part (as defined by [RFC3986] (Berners-Lee, T., “Uniform Resource Identifiers (URI): Generic Syntax,” .) section 3).
+
+
+
+
+ Added to the URLs in the query part (as defined by [RFC3986] (Berners-Lee, T., “Uniform Resource Identifiers (URI): Generic Syntax,” .) section 3).
+
+
+
+
+ The flags that control HTTP verbs.
+
+
+
+
+ The type of transport mechanism used for a message: either direct or indirect.
+
+
+
+
+ A message that is sent directly from the Consumer to the Service Provider, or vice versa.
+
+
+
+
+ A message that is sent from one party to another via a redirect in the user agent.
+
+
+
+
+ Encodes and decodes the as an integer of total seconds.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Encodes the specified value.
+
+ The value. Guaranteed to never be null.
+
+ The in string form, ready for message transport.
+
+
+
+
+ Decodes the specified value.
+
+ The string value carried by the transport. Guaranteed to never be null, although it may be empty.
+
+ The deserialized form of the given string.
+
+ Thrown when the string value given cannot be decoded into the required object type.
+
+
+
+ Gets the type of the encoded values produced by this encoder, as they would appear in their preferred form.
+
+
+
+
+ A paranoid HTTP get/post request engine. It helps to protect against attacks from remote
+ server leaving dangling connections, sending too much data, causing requests against
+ internal servers, etc.
+
+
+ Protections include:
+ * Conservative maximum time to receive the complete response.
+ * Only HTTP and HTTPS schemes are permitted.
+ * Internal IP address ranges are not permitted: 127.*.*.*, 1::*
+ * Internal host names are not permitted (periods must be found in the host name)
+ If a particular host would be permitted but is in the blacklist, it is not allowed.
+ If a particular host would not be permitted but is in the whitelist, it is allowed.
+
+
+
+
+ The set of URI schemes allowed in untrusted web requests.
+
+
+
+
+ The collection of blacklisted hosts.
+
+
+
+
+ The collection of regular expressions used to identify additional blacklisted hosts.
+
+
+
+
+ The collection of whitelisted hosts.
+
+
+
+
+ The collection of regular expressions used to identify additional whitelisted hosts.
+
+
+
+
+ The maximum redirections to follow in the course of a single request.
+
+
+
+
+ The maximum number of bytes to read from the response of an untrusted server.
+
+
+
+
+ The handler that will actually send the HTTP request and collect
+ the response once the untrusted server gates have been satisfied.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The chained web request handler.
+
+
+
+ Determines whether this instance can support the specified options.
+
+ The set of options that might be given in a subsequent web request.
+
+ true if this instance can support the specified options; otherwise, false.
+
+
+
+
+ Prepares an that contains an POST entity for sending the entity.
+
+ The that should contain the entity.
+ The options to apply to this web request.
+
+ The writer the caller should write out the entity data to.
+
+ Thrown for any network error.
+
+ The caller should have set the
+ and any other appropriate properties before calling this method.
+ Implementations should catch and wrap it in a
+ to abstract away the transport and provide
+ a single exception type for hosts to catch.
+
+
+
+
+ Processes an and converts the
+ to a instance.
+
+ The to handle.
+ The options to apply to this web request.
+
+ An instance of describing the response.
+
+ Thrown for any network error.
+
+ Implementations should catch and wrap it in a
+ to abstract away the transport and provide
+ a single exception type for hosts to catch. The
+ value, if set, should be Closed before throwing.
+
+
+
+
+ Prepares an that contains an POST entity for sending the entity.
+
+ The that should contain the entity.
+
+ The writer the caller should write out the entity data to.
+
+
+
+
+ Processes an and converts the
+ to a instance.
+
+ The to handle.
+
+ An instance of describing the response.
+
+ Thrown for any network error.
+
+ Implementations should catch and wrap it in a
+ to abstract away the transport and provide
+ a single exception type for hosts to catch. The
+ value, if set, should be Closed before throwing.
+
+
+
+
+ Determines whether an IP address is the IPv6 equivalent of "localhost/127.0.0.1".
+
+ The ip address to check.
+
+ true if this is a loopback IP address; false otherwise.
+
+
+
+
+ Determines whether the given host name is in a host list or host name regex list.
+
+ The host name.
+ The list of host names.
+ The list of regex patterns of host names.
+
+ true if the specified host falls within at least one of the given lists; otherwise, false.
+
+
+
+
+ Determines whether a given host is whitelisted.
+
+ The host name to test.
+
+ true if the host is whitelisted; otherwise, false.
+
+
+
+
+ Determines whether a given host is blacklisted.
+
+ The host name to test.
+
+ true if the host is blacklisted; otherwise, false.
+
+
+
+
+ Verify that the request qualifies under our security policies
+
+ The request URI.
+ If set to true, only web requests that can be made entirely over SSL will succeed.
+ Thrown when the URI is disallowed for security reasons.
+
+
+
+ Determines whether a URI is allowed based on scheme and host name.
+ No requireSSL check is done here
+
+ The URI to test for whether it should be allowed.
+
+ true if [is URI allowable] [the specified URI]; otherwise, false.
+
+
+
+
+ Prepares the request by setting timeout and redirect policies.
+
+ The request to prepare.
+ true if this is a POST request whose headers have not yet been sent out; false otherwise.
+
+
+
+ Gets or sets the default maximum bytes to read in any given HTTP request.
+
+ Default is 1MB. Cannot be less than 2KB.
+
+
+
+ Gets or sets the total number of redirections to allow on any one request.
+ Default is 10.
+
+
+
+
+ Gets or sets the time allowed to wait for single read or write operation to complete.
+ Default is 500 milliseconds.
+
+
+
+
+ Gets or sets the time allowed for an entire HTTP request.
+ Default is 5 seconds.
+
+
+
+
+ Gets a collection of host name literals that should be allowed even if they don't
+ pass standard security checks.
+
+
+
+
+ Gets a collection of host name regular expressions that indicate hosts that should
+ be allowed even though they don't pass standard security checks.
+
+
+
+
+ Gets a collection of host name literals that should be rejected even if they
+ pass standard security checks.
+
+
+
+
+ Gets a collection of host name regular expressions that indicate hosts that should
+ be rejected even if they pass standard security checks.
+
+
+
+
+ Gets the configuration for this class that is specified in the host's .config file.
+
+
+
+
+ The default handler for transmitting instances
+ and returning the responses.
+
+
+
+
+ The set of options this web request handler supports.
+
+
+
+
+ The value to use for the User-Agent HTTP header.
+
+
+
+
+ Determines whether this instance can support the specified options.
+
+ The set of options that might be given in a subsequent web request.
+
+ true if this instance can support the specified options; otherwise, false.
+
+
+
+
+ Prepares an that contains an POST entity for sending the entity.
+
+ The that should contain the entity.
+
+ The writer the caller should write out the entity data to.
+
+ Thrown for any network error.
+
+ The caller should have set the
+ and any other appropriate properties before calling this method.
+ Implementations should catch and wrap it in a
+ to abstract away the transport and provide
+ a single exception type for hosts to catch.
+
+
+
+
+ Prepares an that contains an POST entity for sending the entity.
+
+ The that should contain the entity.
+ The options to apply to this web request.
+
+ The writer the caller should write out the entity data to.
+
+ Thrown for any network error.
+
+ The caller should have set the
+ and any other appropriate properties before calling this method.
+ Implementations should catch and wrap it in a
+ to abstract away the transport and provide
+ a single exception type for hosts to catch.
+
+
+
+
+ Processes an and converts the
+ to a instance.
+
+ The to handle.
+
+ An instance of describing the response.
+
+ Thrown for any network error.
+
+ Implementations should catch and wrap it in a
+ to abstract away the transport and provide
+ a single exception type for hosts to catch. The
+ value, if set, should be Closed before throwing.
+
+
+
+
+ Processes an and converts the
+ to a instance.
+
+ The to handle.
+ The options to apply to this web request.
+
+ An instance of describing the response.
+
+ Thrown for any network error.
+
+ Implementations should catch and wrap it in a
+ to abstract away the transport and provide
+ a single exception type for hosts to catch. The
+ value, if set, should be Closed before throwing.
+
+
+
+
+ Determines whether an exception was thrown because of the remote HTTP server returning HTTP 417 Expectation Failed.
+
+ The caught exception.
+
+ true if the failure was originally caused by a 417 Exceptation Failed error; otherwise, false.
+
+
+
+
+ Initiates a POST request and prepares for sending data.
+
+ The HTTP request with information about the remote party to contact.
+
+ The stream where the POST entity can be written.
+
+
+
+
+ Prepares an HTTP request.
+
+ The request.
+ true if this is a POST request whose headers have not yet been sent out; false otherwise.
+
+
+
+ An immutable description of a URL that receives messages.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The URL of this endpoint.
+ The HTTP method(s) allowed.
+
+
+
+ Initializes a new instance of the class.
+
+ The URL of this endpoint.
+ The HTTP method(s) allowed.
+
+
+
+ Gets the URL of this endpoint.
+
+
+
+
+ Gets the HTTP method(s) allowed.
+
+
+
+
+ Represents the section in the host's .config file that configures
+ this library's settings.
+
+
+
+
+ The name of the section under which this library's settings must be found.
+
+
+
+
+ The name of the <openid> sub-element.
+
+
+
+
+ The name of the <oauth> sub-element.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Gets a named section in this section group, or null if no such section is defined.
+
+ The name of the section to obtain.
+ The desired section, or null if it could not be obtained.
+
+
+
+ Gets the messaging configuration element.
+
+
+
+
+ Gets the reporting configuration element.
+
+
+
+
+ Represents the <messaging> element in the host's .config file.
+
+
+
+
+ The name of the <webResourceUrlProvider> sub-element.
+
+
+
+
+ The name of the <untrustedWebRequest> sub-element.
+
+
+
+
+ The name of the attribute that stores the association's maximum lifetime.
+
+
+
+
+ The name of the attribute that stores the maximum allowable clock skew.
+
+
+
+
+ The name of the attribute that indicates whether to disable SSL requirements across the library.
+
+
+
+
+ The name of the attribute that controls whether messaging rules are strictly followed.
+
+
+
+
+ The default value for the property.
+
+
+ 2KB, recommended by OpenID group
+
+
+
+
+ The name of the attribute that controls the maximum length of a URL before it is converted
+ to a POST payload.
+
+
+
+
+ Gets the name of the @privateSecretMaximumAge attribute.
+
+
+
+
+ The name of the <messaging> sub-element.
+
+
+
+
+ Gets the configuration section from the .config file.
+
+
+
+
+ Gets the actual maximum message lifetime that a program should allow.
+
+ The sum of the and
+ property values.
+
+
+
+ Gets or sets the maximum lifetime of a private symmetric secret,
+ that may be used for signing or encryption.
+
+ The default value is 28 days (twice the age of the longest association).
+
+
+
+ Gets or sets the time between a message's creation and its receipt
+ before it is considered expired.
+
+
+ The default value value is 3 minutes.
+
+
+ Smaller timespans mean lower tolerance for delays in message delivery.
+ Larger timespans mean more nonces must be stored to provide replay protection.
+ The maximum age a message implementing the
+ interface can be before
+ being discarded as too old.
+ This time limit should NOT take into account expected
+ time skew for servers across the Internet. Time skew is added to
+ this value and is controlled by the property.
+
+
+
+
+ Gets or sets the maximum clock skew.
+
+ The default value is 10 minutes.
+
+ Smaller timespans mean lower tolerance for
+ time variance due to server clocks not being synchronized.
+ Larger timespans mean greater chance for replay attacks and
+ larger nonce caches.
+ For example, if a server could conceivably have its
+ clock d = 5 minutes off UTC time, then any two servers could have
+ their clocks disagree by as much as 2*d = 10 minutes.
+
+
+
+
+ Gets or sets a value indicating whether SSL requirements within the library are disabled/relaxed.
+ Use for TESTING ONLY.
+
+
+
+
+ Gets or sets a value indicating whether messaging rules are strictly
+ adhered to.
+
+ true by default.
+
+ Strict will require that remote parties adhere strictly to the specifications,
+ even when a loose interpretation would not compromise security.
+ true is a good default because it shakes out interoperability bugs in remote services
+ so they can be identified and corrected. But some web sites want things to Just Work
+ more than they want to file bugs against others, so false is the setting for them.
+
+
+
+
+ Gets or sets the configuration for the class.
+
+ The untrusted web request.
+
+
+
+ Gets or sets the maximum allowable size for a 301 Redirect response before we send
+ a 200 OK response with a scripted form POST with the parameters instead
+ in order to ensure successfully sending a large payload to another server
+ that might have a maximum allowable size restriction on its GET request.
+
+ The default value is 2048.
+
+
+
+ Gets or sets the embedded resource retrieval provider.
+
+
+ The embedded resource retrieval provider.
+
+
+
+
+ Represents the <reporting> element in the host's .config file.
+
+
+
+
+ The name of the @enabled attribute.
+
+
+
+
+ The name of the @minimumReportingInterval attribute.
+
+
+
+
+ The name of the @minimumFlushInterval attribute.
+
+
+
+
+ The name of the @includeFeatureUsage attribute.
+
+
+
+
+ The name of the @includeEventStatistics attribute.
+
+
+
+
+ The name of the @includeLocalRequestUris attribute.
+
+
+
+
+ The name of the @includeCultures attribute.
+
+
+
+
+ The name of the <reporting> sub-element.
+
+
+
+
+ The default value for the @minimumFlushInterval attribute.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Gets the configuration section from the .config file.
+
+
+
+
+ Gets or sets a value indicating whether this reporting is enabled.
+
+ true if enabled; otherwise, false.
+
+
+
+ Gets or sets the maximum frequency that reports will be published.
+
+
+
+
+ Gets or sets the maximum frequency the set can be flushed to disk.
+
+
+
+
+ Gets or sets a value indicating whether to include a list of library features used in the report.
+
+ true to include a report of features used; otherwise, false.
+
+
+
+ Gets or sets a value indicating whether to include statistics of certain events such as
+ authentication success and failure counting, and can include remote endpoint URIs.
+
+
+ true to include event counters in the report; otherwise, false.
+
+
+
+
+ Gets or sets a value indicating whether to include a few URLs to pages on the hosting
+ web site that host DotNetOpenAuth components.
+
+
+
+
+ Gets or sets a value indicating whether to include the cultures requested by the user agent
+ on pages that host DotNetOpenAuth components.
+
+
+
+
+ A configuration collection of trusted OP Endpoints.
+
+
+
+
+ The name of the "rejectAssertionsFromUntrustedProviders" element.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The elements to initialize the collection with.
+
+
+
+ When overridden in a derived class, creates a new .
+
+
+ A new .
+
+
+
+
+ Gets the element key for a specified configuration element when overridden in a derived class.
+
+ The to return the key for.
+
+ An that acts as the key for the specified .
+
+
+
+
+ Gets or sets a value indicating whether any login attempt coming from an OpenID Provider Endpoint that is not on this
+ whitelist of trusted OP Endpoints will be rejected. If the trusted providers list is empty and this value
+ is true, all assertions are rejected.
+
+
+
+
+ A configuration element that records a trusted Provider Endpoint.
+
+
+
+
+ The name of the attribute that stores the value.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Gets or sets the OpenID Provider Endpoint (aka "OP Endpoint") that this relying party trusts.
+
+
+
+
+ A collection of .
+
+ The type that all types specified in the elements must derive from.
+
+
+
+ Initializes a new instance of the TypeConfigurationCollection class.
+
+
+
+
+ Initializes a new instance of the TypeConfigurationCollection class.
+
+ The elements that should be added to the collection initially.
+
+
+
+ Creates instances of all the types listed in the collection.
+
+ if set to true then internal types may be instantiated.
+ A sequence of instances generated from types in this collection. May be empty, but never null.
+
+
+
+ When overridden in a derived class, creates a new .
+
+
+ A new .
+
+
+
+
+ Gets the element key for a specified configuration element when overridden in a derived class.
+
+ The to return the key for.
+
+ An that acts as the key for the specified .
+
+
+
+
+ Represents an element in a .config file that allows the user to provide a @type attribute specifying
+ the full type that provides some service used by this library.
+
+ A constraint on the type the user may provide.
+
+
+
+ The name of the attribute whose value is the full name of the type the user is specifying.
+
+
+
+
+ The name of the attribute whose value is the path to the XAML file to deserialize to obtain the type.
+
+
+
+
+ Initializes a new instance of the TypeConfigurationElement class.
+
+
+
+
+ Creates an instance of the type described in the .config file.
+
+ The value to return if no type is given in the .config file.
+ The newly instantiated type.
+
+
+
+ Creates an instance of the type described in the .config file.
+
+ The value to return if no type is given in the .config file.
+ if set to true then internal types may be instantiated.
+ The newly instantiated type.
+
+
+
+ Creates the instance from xaml.
+
+ The stream of xaml to deserialize.
+ The deserialized object.
+
+ This exists as its own method to prevent the CLR's JIT compiler from failing
+ to compile the CreateInstance method just because the PresentationFramework.dll
+ may be missing (which it is on some shared web hosts). This way, if the
+ XamlSource attribute is never used, the PresentationFramework.dll never need
+ be present.
+
+
+
+
+ Gets or sets the full name of the type.
+
+ The full name of the type, such as: "ConsumerPortal.Code.CustomStore, ConsumerPortal".
+
+
+
+ Gets or sets the path to the XAML file to deserialize to obtain the instance.
+
+
+
+
+ Gets the type described in the .config file.
+
+
+
+
+ Gets a value indicating whether this type has no meaningful type to instantiate.
+
+
+
+
+ Represents the section of a .config file where security policies regarding web requests
+ to user-provided, untrusted servers is controlled.
+
+
+
+
+ Gets the name of the @timeout attribute.
+
+
+
+
+ Gets the name of the @readWriteTimeout attribute.
+
+
+
+
+ Gets the name of the @maximumBytesToRead attribute.
+
+
+
+
+ Gets the name of the @maximumRedirections attribute.
+
+
+
+
+ Gets the name of the @whitelistHosts attribute.
+
+
+
+
+ Gets the name of the @whitelistHostsRegex attribute.
+
+
+
+
+ Gets the name of the @blacklistHosts attribute.
+
+
+
+
+ Gets the name of the @blacklistHostsRegex attribute.
+
+
+
+
+ Gets or sets the read/write timeout after which an HTTP request will fail.
+
+
+
+
+ Gets or sets the timeout after which an HTTP request will fail.
+
+
+
+
+ Gets or sets the maximum bytes to read from an untrusted web server.
+
+
+
+
+ Gets or sets the maximum redirections that will be followed before an HTTP request fails.
+
+
+
+
+ Gets or sets the collection of hosts on the whitelist.
+
+
+
+
+ Gets or sets the collection of hosts on the blacklist.
+
+
+
+
+ Gets or sets the collection of regular expressions that describe hosts on the whitelist.
+
+
+
+
+ Gets or sets the collection of regular expressions that describe hosts on the blacklist.
+
+
+
+
+ Represents a collection of child elements that describe host names either as literal host names or regex patterns.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Creates a new child host name element.
+
+
+ A new .
+
+
+
+
+ Gets the element key for a specified configuration element.
+
+ The to return the key for.
+
+ An that acts as the key for the specified .
+
+
+
+
+ Gets all the members of the collection assuming they are all literal host names.
+
+
+
+
+ Gets all the members of the collection assuming they are all host names regex patterns.
+
+
+
+
+ Represents the name of a single host or a regex pattern for host names.
+
+
+
+
+ Gets the name of the @name attribute.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The default value of the property.
+
+
+
+ Gets or sets the name of the host on the white or black list.
+
+
+
+
+ An interface that provides URLs from which embedded resources can be obtained.
+
+
+
+
+ Gets the URL from which the given manifest resource may be downloaded by the user agent.
+
+ Some type in the assembly containing the desired resource.
+ Manifest name of the desired resource.
+ An absolute URL.
+
+
+
+ A general logger for the entire DotNetOpenAuth library.
+
+
+ Because this logger is intended for use with non-localized strings, the
+ overloads that take have been removed, and
+ is used implicitly.
+
+
+
+
+ The instance that is to be used
+ by this static Logger for the duration of the appdomain.
+
+
+
+
+ Backing field for the property.
+
+
+
+
+ Backing field for the property.
+
+
+
+
+ Backing field for the property.
+
+
+
+
+ Backing field for the property.
+
+
+
+
+ Backing field for the property.
+
+
+
+
+ Backing field for the property.
+
+
+
+
+ Backing field for the property.
+
+
+
+
+ Backing field for the property.
+
+
+
+
+ Backing field for the property.
+
+
+
+
+ Backing field for the property.
+
+
+
+
+ Creates an additional logger on demand for a subsection of the application.
+
+ A name that will be included in the log file.
+ The instance created with the given name.
+
+
+
+ Creates the main logger for the library, and emits an INFO message
+ that is the name and version of the library.
+
+ A name that will be included in the log file.
+ The instance created with the given name.
+
+
+
+ Creates an additional logger on demand for a subsection of the application.
+
+ A type whose full name that will be included in the log file.
+ The instance created with the given type name.
+
+
+
+ Discovers the presence of Log4net.dll and other logging mechanisms
+ and returns the best available logger.
+
+ The name of the log to initialize.
+ The instance of the logger to use.
+
+
+
+ Gets the logger for general library logging.
+
+
+
+
+ Gets the logger for service discovery and selection events.
+
+
+
+
+ Gets the logger for Messaging events.
+
+
+
+
+ Gets the logger for Channel events.
+
+
+
+
+ Gets the logger for binding elements and binding-element related events on the channel.
+
+
+
+
+ Gets the logger specifically used for logging verbose text on everything about the signing process.
+
+
+
+
+ Gets the logger for HTTP-level events.
+
+
+
+
+ Gets the logger for events logged by ASP.NET controls.
+
+
+
+
+ Gets the logger for high-level OpenID events.
+
+
+
+
+ Gets the logger for high-level OAuth events.
+
+
+
+
+ Gets the logger for high-level InfoCard events.
+
+
+
+
+ The ILog interface is use by application to log messages into
+ the log4net framework.
+
+
+
+ Use the to obtain logger instances
+ that implement this interface. The
+ static method is used to get logger instances.
+
+
+ This class contains methods for logging at different levels and also
+ has properties for determining if those logging levels are
+ enabled in the current configuration.
+
+
+ This interface can be implemented in different ways. This documentation
+ specifies reasonable behavior that a caller can expect from the actual
+ implementation, however different implementations reserve the right to
+ do things differently.
+
+
+ Simple example of logging messages
+
+ ILog log = LogManager.GetLogger("application-log");
+
+ log.Info("Application Start");
+ log.Debug("This is a debug message");
+
+ if (log.IsDebugEnabled)
+ {
+ log.Debug("This is another debug message");
+ }
+
+
+
+
+ Nicko Cadell
+ Gert Driesen
+
+
+ Log a message object with the level.
+
+ Log a message object with the level.
+
+ The message object to log.
+
+
+ This method first checks if this logger is DEBUG
+ enabled by comparing the level of this logger with the
+ level. If this logger is
+ DEBUG enabled, then it converts the message object
+ (passed as parameter) to a string by invoking the appropriate
+ . It then
+ proceeds to call all the registered appenders in this logger
+ and also higher in the hierarchy depending on the value of
+ the additivity flag.
+
+ WARNING Note that passing an
+ to this method will print the name of the
+ but no stack trace. To print a stack trace use the
+ form instead.
+
+
+
+
+
+
+
+ Log a message object with the level including
+ the stack trace of the passed
+ as a parameter.
+
+ The message object to log.
+ The exception to log, including its stack trace.
+
+
+ See the form for more detailed information.
+
+
+
+
+
+
+ Log a formatted string with the level.
+
+ Logs a formatted message string with the level.
+
+ A String containing zero or more format items
+ An Object array containing zero or more objects to format
+
+
+ The message is formatted using the string.Format method. See
+ for details of the syntax of the format string and the behavior
+ of the formatting.
+
+
+ This method does not take an object to include in the
+ log event. To pass an use one of the
+ methods instead.
+
+
+
+
+
+
+
+ Logs a formatted message string with the level.
+
+ A String containing zero or more format items
+ An Object to format
+
+
+ The message is formatted using the string.Format method. See
+ for details of the syntax of the format string and the behavior
+ of the formatting.
+
+
+ This method does not take an object to include in the
+ log event. To pass an use one of the
+ methods instead.
+
+
+
+
+
+
+
+ Logs a formatted message string with the level.
+
+ A String containing zero or more format items
+ An Object to format
+ An Object to format
+
+
+ The message is formatted using the string.Format method. See
+ for details of the syntax of the format string and the behavior
+ of the formatting.
+
+
+ This method does not take an object to include in the
+ log event. To pass an use one of the
+ methods instead.
+
+
+
+
+
+
+
+ Logs a formatted message string with the level.
+
+ A String containing zero or more format items
+ An Object to format
+ An Object to format
+ An Object to format
+
+
+ The message is formatted using the string.Format method. See
+ for details of the syntax of the format string and the behavior
+ of the formatting.
+
+
+ This method does not take an object to include in the
+ log event. To pass an use one of the
+ methods instead.
+
+
+
+
+
+
+ Log a message object with the level.
+
+ Logs a message object with the level.
+
+
+
+ This method first checks if this logger is INFO
+ enabled by comparing the level of this logger with the
+ level. If this logger is
+ INFO enabled, then it converts the message object
+ (passed as parameter) to a string by invoking the appropriate
+ . It then
+ proceeds to call all the registered appenders in this logger
+ and also higher in the hierarchy depending on the value of the
+ additivity flag.
+
+ WARNING Note that passing an
+ to this method will print the name of the
+ but no stack trace. To print a stack trace use the
+ form instead.
+
+
+ The message object to log.
+
+
+
+
+
+ Logs a message object with the INFO level including
+ the stack trace of the passed
+ as a parameter.
+
+ The message object to log.
+ The exception to log, including its stack trace.
+
+
+ See the form for more detailed information.
+
+
+
+
+
+
+ Log a formatted message string with the level.
+
+ Logs a formatted message string with the level.
+
+ A String containing zero or more format items
+ An Object array containing zero or more objects to format
+
+
+ The message is formatted using the string.Format method. See
+ for details of the syntax of the format string and the behavior
+ of the formatting.
+
+
+ This method does not take an object to include in the
+ log event. To pass an use one of the
+ methods instead.
+
+
+
+
+
+
+
+ Logs a formatted message string with the level.
+
+ A String containing zero or more format items
+ An Object to format
+
+
+ The message is formatted using the string.Format method. See
+ for details of the syntax of the format string and the behavior
+ of the formatting.
+
+
+ This method does not take an object to include in the
+ log event. To pass an use one of the
+ methods instead.
+
+
+
+
+
+
+
+ Logs a formatted message string with the level.
+
+ A String containing zero or more format items
+ An Object to format
+ An Object to format
+
+
+ The message is formatted using the string.Format method. See
+ for details of the syntax of the format string and the behavior
+ of the formatting.
+
+
+ This method does not take an object to include in the
+ log event. To pass an use one of the
+ methods instead.
+
+
+
+
+
+
+
+ Logs a formatted message string with the level.
+
+ A String containing zero or more format items
+ An Object to format
+ An Object to format
+ An Object to format
+
+
+ The message is formatted using the string.Format method. See
+ for details of the syntax of the format string and the behavior
+ of the formatting.
+
+
+ This method does not take an object to include in the
+ log event. To pass an use one of the
+ methods instead.
+
+
+
+
+
+
+ Log a message object with the level.
+
+ Log a message object with the level.
+
+
+
+ This method first checks if this logger is WARN
+ enabled by comparing the level of this logger with the
+ level. If this logger is
+ WARN enabled, then it converts the message object
+ (passed as parameter) to a string by invoking the appropriate
+ . It then
+ proceeds to call all the registered appenders in this logger
+ and also higher in the hierarchy depending on the value of the
+ additivity flag.
+
+ WARNING Note that passing an
+ to this method will print the name of the
+ but no stack trace. To print a stack trace use the
+ form instead.
+
+
+ The message object to log.
+
+
+
+
+
+ Log a message object with the level including
+ the stack trace of the passed
+ as a parameter.
+
+ The message object to log.
+ The exception to log, including its stack trace.
+
+
+ See the form for more detailed information.
+
+
+
+
+
+
+ Log a formatted message string with the level.
+
+ Logs a formatted message string with the level.
+
+ A String containing zero or more format items
+ An Object array containing zero or more objects to format
+
+
+ The message is formatted using the string.Format method. See
+ for details of the syntax of the format string and the behavior
+ of the formatting.
+
+
+ This method does not take an object to include in the
+ log event. To pass an use one of the
+ methods instead.
+
+
+
+
+
+
+
+ Logs a formatted message string with the level.
+
+ A String containing zero or more format items
+ An Object to format
+
+
+ The message is formatted using the string.Format method. See
+ for details of the syntax of the format string and the behavior
+ of the formatting.
+
+
+ This method does not take an object to include in the
+ log event. To pass an use one of the
+ methods instead.
+
+
+
+
+
+
+
+ Logs a formatted message string with the level.
+
+ A String containing zero or more format items
+ An Object to format
+ An Object to format
+
+
+ The message is formatted using the string.Format method. See
+ for details of the syntax of the format string and the behavior
+ of the formatting.
+
+
+ This method does not take an object to include in the
+ log event. To pass an use one of the
+ methods instead.
+
+
+
+
+
+
+
+ Logs a formatted message string with the level.
+
+ A String containing zero or more format items
+ An Object to format
+ An Object to format
+ An Object to format
+
+
+ The message is formatted using the string.Format method. See
+ for details of the syntax of the format string and the behavior
+ of the formatting.
+
+
+ This method does not take an object to include in the
+ log event. To pass an use one of the
+ methods instead.
+
+
+
+
+
+
+ Log a message object with the level.
+
+ Logs a message object with the level.
+
+ The message object to log.
+
+
+ This method first checks if this logger is ERROR
+ enabled by comparing the level of this logger with the
+ level. If this logger is
+ ERROR enabled, then it converts the message object
+ (passed as parameter) to a string by invoking the appropriate
+ . It then
+ proceeds to call all the registered appenders in this logger
+ and also higher in the hierarchy depending on the value of the
+ additivity flag.
+
+ WARNING Note that passing an
+ to this method will print the name of the
+ but no stack trace. To print a stack trace use the
+ form instead.
+
+
+
+
+
+
+
+ Log a message object with the level including
+ the stack trace of the passed
+ as a parameter.
+
+ The message object to log.
+ The exception to log, including its stack trace.
+
+
+ See the form for more detailed information.
+
+
+
+
+
+
+ Log a formatted message string with the level.
+
+ Logs a formatted message string with the level.
+
+ A String containing zero or more format items
+ An Object array containing zero or more objects to format
+
+
+ The message is formatted using the string.Format method. See
+ for details of the syntax of the format string and the behavior
+ of the formatting.
+
+
+ This method does not take an object to include in the
+ log event. To pass an use one of the
+ methods instead.
+
+
+
+
+
+
+
+ Logs a formatted message string with the level.
+
+ A String containing zero or more format items
+ An Object to format
+
+
+ The message is formatted using the string.Format method. See
+ for details of the syntax of the format string and the behavior
+ of the formatting.
+
+
+ This method does not take an object to include in the
+ log event. To pass an use one of the
+ methods instead.
+
+
+
+
+
+
+
+ Logs a formatted message string with the level.
+
+ A String containing zero or more format items
+ An Object to format
+ An Object to format
+
+
+ The message is formatted using the string.Format method. See
+ for details of the syntax of the format string and the behavior
+ of the formatting.
+
+
+ This method does not take an object to include in the
+ log event. To pass an use one of the
+ methods instead.
+
+
+
+
+
+
+
+ Logs a formatted message string with the level.
+
+ A String containing zero or more format items
+ An Object to format
+ An Object to format
+ An Object to format
+
+
+ The message is formatted using the string.Format method. See
+ for details of the syntax of the format string and the behavior
+ of the formatting.
+
+
+ This method does not take an object to include in the
+ log event. To pass an use one of the
+ methods instead.
+
+
+
+
+
+
+ Log a message object with the level.
+
+ Log a message object with the level.
+
+
+
+ This method first checks if this logger is FATAL
+ enabled by comparing the level of this logger with the
+ level. If this logger is
+ FATAL enabled, then it converts the message object
+ (passed as parameter) to a string by invoking the appropriate
+ . It then
+ proceeds to call all the registered appenders in this logger
+ and also higher in the hierarchy depending on the value of the
+ additivity flag.
+
+ WARNING Note that passing an
+ to this method will print the name of the
+ but no stack trace. To print a stack trace use the
+ form instead.
+
+
+ The message object to log.
+
+
+
+
+
+ Log a message object with the level including
+ the stack trace of the passed
+ as a parameter.
+
+ The message object to log.
+ The exception to log, including its stack trace.
+
+
+ See the form for more detailed information.
+
+
+
+
+
+
+ Log a formatted message string with the level.
+
+ Logs a formatted message string with the level.
+
+ A String containing zero or more format items
+ An Object array containing zero or more objects to format
+
+
+ The message is formatted using the string.Format method. See
+ for details of the syntax of the format string and the behavior
+ of the formatting.
+
+
+ This method does not take an object to include in the
+ log event. To pass an use one of the
+ methods instead.
+
+
+
+
+
+
+
+ Logs a formatted message string with the level.
+
+ A String containing zero or more format items
+ An Object to format
+
+
+ The message is formatted using the string.Format method. See
+ for details of the syntax of the format string and the behavior
+ of the formatting.
+
+
+ This method does not take an object to include in the
+ log event. To pass an use one of the
+ methods instead.
+
+
+
+
+
+
+
+ Logs a formatted message string with the level.
+
+ A String containing zero or more format items
+ An Object to format
+ An Object to format
+
+
+ The message is formatted using the string.Format method. See
+ for details of the syntax of the format string and the behavior
+ of the formatting.
+
+
+ This method does not take an object to include in the
+ log event. To pass an use one of the
+ methods instead.
+
+
+
+
+
+
+
+ Logs a formatted message string with the level.
+
+ A String containing zero or more format items
+ An Object to format
+ An Object to format
+ An Object to format
+
+
+ The message is formatted using the string.Format method. See
+ for details of the syntax of the format string and the behavior
+ of the formatting.
+
+
+ This method does not take an object to include in the
+ log event. To pass an use one of the
+ methods instead.
+
+
+
+
+
+
+
+ Checks if this logger is enabled for the level.
+
+
+ true if this logger is enabled for events, false otherwise.
+
+
+
+ This function is intended to lessen the computational cost of
+ disabled log debug statements.
+
+ For some ILog interface log, when you write:
+
+ log.Debug("This is entry number: " + i );
+
+
+ You incur the cost constructing the message, string construction and concatenation in
+ this case, regardless of whether the message is logged or not.
+
+
+ If you are worried about speed (who isn't), then you should write:
+
+
+ if (log.IsDebugEnabled)
+ {
+ log.Debug("This is entry number: " + i );
+ }
+
+
+ This way you will not incur the cost of parameter
+ construction if debugging is disabled for log. On
+ the other hand, if the log is debug enabled, you
+ will incur the cost of evaluating whether the logger is debug
+ enabled twice. Once in and once in
+ the . This is an insignificant overhead
+ since evaluating a logger takes about 1% of the time it
+ takes to actually log. This is the preferred style of logging.
+
+ Alternatively if your logger is available statically then the is debug
+ enabled state can be stored in a static variable like this:
+
+
+ private static readonly bool isDebugEnabled = log.IsDebugEnabled;
+
+
+ Then when you come to log you can write:
+
+
+ if (isDebugEnabled)
+ {
+ log.Debug("This is entry number: " + i );
+ }
+
+
+ This way the debug enabled state is only queried once
+ when the class is loaded. Using a private static readonly
+ variable is the most efficient because it is a run time constant
+ and can be heavily optimized by the JIT compiler.
+
+
+ Of course if you use a static readonly variable to
+ hold the enabled state of the logger then you cannot
+ change the enabled state at runtime to vary the logging
+ that is produced. You have to decide if you need absolute
+ speed or runtime flexibility.
+
+
+
+
+
+
+ Checks if this logger is enabled for the level.
+
+
+ true if this logger is enabled for events, false otherwise.
+
+
+ For more information see .
+
+
+
+
+
+
+ Checks if this logger is enabled for the level.
+
+
+ true if this logger is enabled for events, false otherwise.
+
+
+ For more information see .
+
+
+
+
+
+
+ Checks if this logger is enabled for the level.
+
+
+ true if this logger is enabled for events, false otherwise.
+
+
+ For more information see .
+
+
+
+
+
+
+ Checks if this logger is enabled for the level.
+
+
+ true if this logger is enabled for events, false otherwise.
+
+
+ For more information see .
+
+
+
+
+
+
+ Returns a new log4net logger if it exists, or returns null if the assembly cannot be found.
+
+ The created instance.
+
+
+
+ Creates the log4net.LogManager. Call ONLY after log4net.dll is known to be present.
+
+ The created instance.
+
+
+
+ Returns a new logger that does nothing when invoked.
+
+ The created instance.
+
+
+
+ See .
+
+
+
+
+ See .
+
+
+
+
+ See .
+
+
+
+
+ See .
+
+
+
+
+ See .
+
+
+
+
+ See .
+
+
+
+
+ See .
+
+
+
+
+ See .
+
+
+
+
+ See .
+
+
+
+
+ See .
+
+
+
+
+ See .
+
+
+
+
+ See .
+
+
+
+
+ See .
+
+
+
+
+ See .
+
+
+
+
+ See .
+
+
+
+
+ See .
+
+
+
+
+ See .
+
+
+
+
+ See .
+
+
+
+
+ See .
+
+
+
+
+ See .
+
+
+
+
+ See .
+
+
+
+
+ See .
+
+
+
+
+ See .
+
+
+
+
+ See .
+
+
+
+
+ See .
+
+
+
+
+ See .
+
+
+
+
+ See .
+
+
+
+
+ See .
+
+
+
+
+ See .
+
+
+
+
+ See .
+
+
+
+
+ Returns a new logger that uses the class
+ if sufficient CAS permissions are granted to use it, otherwise returns false.
+
+ The created instance.
+
+
+
+ See .
+
+
+
+
+ See .
+
+
+
+
+ See .
+
+
+
+
+ See .
+
+
+
+
+ See .
+
+
+
+
+ Represents a read-only dictionary.
+
+ The type of the key.
+ The type of the value.
+
+
+
+ Contains base dictionary.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The base dictionary.
+
+
+
+ Adds an element with the provided key and value to the .
+
+ The object to use as the key of the element to add.
+ The object to use as the value of the element to add.
+ is null.
+
+
+ An element with the same key already exists in the .
+
+
+ The is read-only.
+
+
+
+
+ Determines whether the contains an element with the specified key.
+
+ The key to locate in the .
+
+ true if the contains an element with the key; otherwise, false.
+
+ is null.
+
+
+
+
+ Removes the element with the specified key from the .
+
+ The key of the element to remove.
+
+ true if the element is successfully removed; otherwise, false. This method also returns false if was not found in the original .
+
+ is null.
+
+
+ The is read-only.
+
+
+
+
+ Gets the value associated with the specified key.
+
+ The key whose value to get.
+ When this method returns, the value associated with the specified key, if the key is found; otherwise, the default value for the type of the parameter. This parameter is passed uninitialized.
+
+ true if the object that implements contains an element with the specified key; otherwise, false.
+
+ is null.
+
+
+
+
+ Adds an item to the .
+
+ The object to add to the .
+
+ The is read-only.
+
+
+
+
+ Removes all items from the .
+
+
+ The is read-only.
+
+
+
+
+ Determines whether the contains a specific value.
+
+ The object to locate in the .
+
+ true if is found in the ; otherwise, false.
+
+
+
+
+ Copies to.
+
+ The array.
+ Index of the array.
+
+
+
+ Removes the first occurrence of a specific object from the .
+
+ The object to remove from the .
+
+ true if was successfully removed from the ; otherwise, false. This method also returns false if is not found in the original .
+
+
+ The is read-only.
+
+
+
+
+ Returns an enumerator that iterates through the collection.
+
+
+ A that can be used to iterate through the collection.
+
+
+
+
+ Returns an enumerator that iterates through a collection.
+
+
+ An object that can be used to iterate through the collection.
+
+
+
+
+ Gets an containing the keys of the .
+
+
+ An containing the keys of the object that implements .
+
+
+
+
+ Gets an containing the values in the .
+
+
+ An containing the values in the object that implements .
+
+
+
+
+ Gets the number of elements contained in the .
+
+
+ The number of elements contained in the .
+
+
+
+
+ Gets a value indicating whether the is read-only.
+
+ true if the is read-only; otherwise, false.
+
+
+
+
+ Gets or sets the element with the specified key.
+
+ The key being read or written.
+
+ The element with the specified key.
+
+ is null.
+
+
+ The property is retrieved and is not found.
+
+
+ The property is set and the is read-only.
+
+
+
+
+ The statistical reporting mechanism used so this library's project authors
+ know what versions and features are in use.
+
+
+
+
+ A UTF8 encoder that doesn't emit the preamble. Used for mid-stream writers.
+
+
+
+
+ A value indicating whether reporting is desirable or not. Must be logical-AND'd with !.
+
+
+
+
+ A value indicating whether reporting experienced an error and cannot be enabled.
+
+
+
+
+ A value indicating whether the reporting class has been initialized or not.
+
+
+
+
+ The object to lock during initialization.
+
+
+
+
+ The isolated storage to use for collecting data in between published reports.
+
+
+
+
+ The GUID that shows up at the top of all reports from this user/machine/domain.
+
+
+
+
+ The recipient of collected reports.
+
+
+
+
+ The outgoing HTTP request handler to use for publishing reports.
+
+
+
+
+ A few HTTP request hosts and paths we've seen.
+
+
+
+
+ Cultures that have come in via HTTP requests.
+
+
+
+
+ Features that have been used.
+
+
+
+
+ A collection of all the observations to include in the report.
+
+
+
+
+ The named events that we have counters for.
+
+
+
+
+ The lock acquired while considering whether to publish a report.
+
+
+
+
+ The time that we last published reports.
+
+
+
+
+ Initializes static members of the class.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Records an event occurrence.
+
+ Name of the event.
+ The category within the event. Null and empty strings are allowed, but considered the same.
+
+
+
+ Records an event occurence.
+
+ The object whose type name is the event name to record.
+ The category within the event. Null and empty strings are allowed, but considered the same.
+
+
+
+ Records the use of a feature by name.
+
+ The feature.
+
+
+
+ Records the use of a feature by object type.
+
+ The object whose type is the feature to set as used.
+
+
+
+ Records the use of a feature by object type.
+
+ The object whose type is the feature to set as used.
+ Some dependency used by .
+
+
+
+ Records the use of a feature by object type.
+
+ The object whose type is the feature to set as used.
+ Some dependency used by .
+ Some dependency used by .
+
+
+
+ Records statistics collected from incoming requests.
+
+ The request.
+
+
+
+ Called by every internal/public method on this class to give
+ periodic operations a chance to run.
+
+
+
+
+ Initializes Reporting if it has not been initialized yet.
+
+
+
+
+ Assembles a report for submission.
+
+ A stream that contains the report.
+
+
+
+ Sends the usage reports to the library authors.
+
+ A value indicating whether submitting the report was successful.
+
+
+
+ Interprets the reporting response as a log message if possible.
+
+ The line from the HTTP response to interpret as a log message.
+
+
+
+ Sends the stats report asynchronously, and careful to not throw any unhandled exceptions.
+
+
+
+
+ Gets the isolated storage to use for reporting.
+
+ An isolated storage location appropriate for our host.
+
+
+
+ Gets a unique, pseudonymous identifier for this particular web site or application.
+
+ A GUID that will serve as the identifier.
+
+ The identifier is made persistent by storing the identifier in isolated storage.
+ If an existing identifier is not found, a new one is created, persisted, and returned.
+
+
+
+
+ Sanitizes the name of the file so it only includes valid filename characters.
+
+ The filename to sanitize.
+ The filename, with any and all invalid filename characters replaced with the hyphen (-) character.
+
+
+
+ Gets or sets a value indicating whether this reporting is enabled.
+
+ true if enabled; otherwise, false.
+
+ Setting this property to truemay have no effect
+ if reporting has already experienced a failure of some kind.
+
+
+
+
+ Gets the observed features.
+
+
+
+
+ Gets the configuration to use for reporting.
+
+
+
+
+ A set of values that persist the set to disk.
+
+
+
+
+ The isolated persistent storage.
+
+
+
+
+ The persistent reader.
+
+
+
+
+ The persistent writer.
+
+
+
+
+ The total set of elements.
+
+
+
+
+ The maximum number of elements to track before not storing new elements.
+
+
+
+
+ The set of new elements added to the since the last flush.
+
+
+
+
+ The time the last flush occurred.
+
+
+
+
+ A flag indicating whether the set has changed since it was last flushed.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The storage location.
+ Name of the file.
+ The maximum number of elements to track.
+
+
+
+ Performs application-defined tasks associated with freeing, releasing, or resetting unmanaged resources.
+
+
+
+
+ Adds a value to the set.
+
+ The value.
+
+
+
+ Flushes any newly added values to disk.
+
+
+
+
+ Releases unmanaged and - optionally - managed resources
+
+ true to release both managed and unmanaged resources; false to release only unmanaged resources.
+
+
+
+ Gets a value indicating whether the hashset has reached capacity and is not storing more elements.
+
+ true if this instance is full; otherwise, false.
+
+
+
+ Gets the name of the file.
+
+ The name of the file.
+
+
+
+ A feature usage counter.
+
+
+
+
+ The separator to use between category names and their individual counters.
+
+
+
+
+ The isolated persistent storage.
+
+
+
+
+ The persistent reader.
+
+
+
+
+ The persistent writer.
+
+
+
+
+ The time the last flush occurred.
+
+
+
+
+ The in-memory copy of the counter.
+
+
+
+
+ A flag indicating whether the set has changed since it was last flushed.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The storage location.
+ Name of the file.
+
+
+
+ Performs application-defined tasks associated with freeing, releasing, or resetting unmanaged resources.
+
+
+
+
+ Increments the counter.
+
+ The category within the event. Null and empty strings are allowed, but considered the same.
+
+
+
+ Flushes any newly added values to disk.
+
+
+
+
+ Resets all counters.
+
+
+
+
+ Releases unmanaged and - optionally - managed resources
+
+ true to release both managed and unmanaged resources; false to release only unmanaged resources.
+
+
+
+ Gets the name of the file.
+
+ The name of the file.
+
+
+
+ Argument validation checks that throw some kind of ArgumentException when they fail (unless otherwise noted).
+
+
+
+
+ Validates that a given parameter is not null.
+
+ The type of the parameter
+ The value.
+ Name of the parameter.
+ The tested value, guaranteed to not be null.
+
+
+
+ Validates that a parameter is not null or empty.
+
+ The value.
+ Name of the parameter.
+ The validated value.
+
+
+
+ Validates that an array is not null or empty.
+
+ The type of the elements in the sequence.
+ The value.
+ Name of the parameter.
+
+
+
+ Validates that an argument is either null or is a sequence with no null elements.
+
+ The type of elements in the sequence.
+ The sequence.
+ Name of the parameter.
+
+
+
+ Validates some expression describing the acceptable range for an argument evaluates to true.
+
+ The expression that must evaluate to true to avoid an .
+ Name of the parameter.
+ The message to include with the exception.
+
+
+
+ Validates some expression describing the acceptable condition for an argument evaluates to true.
+
+ The expression that must evaluate to true to avoid an .
+ Name of the parameter.
+ The message to include with the exception.
+
+
+
+ Validates some expression describing the acceptable condition for an argument evaluates to true.
+
+ The expression that must evaluate to true to avoid an .
+ Name of the parameter.
+ The unformatted message.
+ Formatting arguments.
+
+
+
+ Validates some expression describing the acceptable condition for an argument evaluates to true.
+
+ The expression that must evaluate to true to avoid an .
+
+
+
+ Validates some expression describing the acceptable condition for an argument evaluates to true.
+
+ The expression that must evaluate to true to avoid an .
+ The message to include with the exception.
+
+
+
+ Validates some expression describing the acceptable condition for an argument evaluates to true.
+
+ The expression that must evaluate to true to avoid an .
+ The unformatted message.
+ Formatting arguments.
+
+
+
+ Validates that some argument describes a type that is or derives from a required type.
+
+ The type that the argument must be or derive from.
+ The type given in the argument.
+ Name of the parameter.
+
+
+
+ Validates some expression describing the acceptable condition for an argument evaluates to true.
+
+ The expression that must evaluate to true to avoid an .
+ The message.
+
+
+
+ Throws an if a condition does not evaluate to true.
+
+ The expression that must evaluate to true to avoid an .
+ The message.
+
+
+
+ Throws an
+
+ Name of the parameter.
+ The message.
+
+
+
+ A strongly-typed resource class, for looking up localized strings, etc.
+
+
+
+
+ Returns the cached ResourceManager instance used by this class.
+
+
+
+
+ Overrides the current thread's CurrentUICulture property for all
+ resource lookups using this strongly typed resource class.
+
+
+
+
+ Looks up a localized string similar to The configuration-specified type {0} must be public, and is not..
+
+
+
+
+ Looks up a localized string similar to The configuration XAML reference to {0} requires a current HttpContext to resolve..
+
+
+
+
+ Looks up a localized string similar to The current IHttpHandler is not one of types: {0}. An embedded resource URL provider must be set in your .config file..
+
+
+
+
+ Looks up a localized string similar to The empty string is not allowed..
+
+
+
+
+ Looks up a localized string similar to The argument has an unexpected value..
+
+
+
+
+ Looks up a localized string similar to The property {0} must be set before this operation is allowed..
+
+
+
+
+ Looks up a localized string similar to This object contains a response body, which is not supported..
+
+
+
+
+ Looks up a localized string similar to No current HttpContext was detected, so an {0} instance must be explicitly provided or specified in the .config file. Call the constructor overload that takes an {0}..
+
+
+
+
+ Utility methods for working with URIs.
+
+
+
+
+ Tests a URI for the presence of an OAuth payload.
+
+ The URI to test.
+ The prefix.
+
+ True if the URI contains an OAuth message.
+
+
+
+
+ Determines whether some is using HTTPS.
+
+ The Uri being tested for security.
+
+ true if the URI represents an encrypted request; otherwise, false.
+
+
+
+
+ Equivalent to UriBuilder.ToString() but omits port # if it may be implied.
+ Equivalent to UriBuilder.Uri.ToString(), but doesn't throw an exception if the Host has a wildcard.
+
+ The UriBuilder to render as a string.
+ The string version of the Uri.
+
+
+
+ Validates that a URL will be resolvable at runtime.
+
+ The page hosting the control that receives this URL as a property.
+ If set to true the page is in design-time mode rather than runtime mode.
+ The URI to check.
+ Thrown if the given URL is not a valid, resolvable URI.
+
+
+
+ A grab-bag utility class.
+
+
+
+
+ The base namespace for this library from which all other namespaces derive.
+
+
+
+
+ The web.config file-specified provider of web resource URLs.
+
+
+
+
+ Tests for equality between two objects. Safely handles the case where one or both are null.
+
+ The type of objects been checked for equality.
+ The first object.
+ The second object.
+ true if the two objects are equal; false otherwise.
+
+
+
+ Prepares a dictionary for printing as a string.
+
+ The type of the key.
+ The type of the value.
+ The dictionary or sequence of name-value pairs.
+ An object whose ToString method will perform the actual work of generating the string.
+
+ The work isn't done until (and if) the
+ method is actually called, which makes it great
+ for logging complex objects without being in a conditional block.
+
+
+
+
+ Offers deferred ToString processing for a list of elements, that are assumed
+ to generate just a single-line string.
+
+ The type of elements contained in the list.
+ The list of elements.
+ An object whose ToString method will perform the actual work of generating the string.
+
+
+
+ Offers deferred ToString processing for a list of elements.
+
+ The type of elements contained in the list.
+ The list of elements.
+ if set to true, special formatting will be applied to the output to make it clear where one element ends and the next begins.
+ An object whose ToString method will perform the actual work of generating the string.
+
+
+
+ Gets the web resource URL from a Page or object.
+
+ Some type in resource assembly.
+ Name of the manifest resource.
+ An absolute URL
+
+
+
+ Gets a human-readable description of the library name and version, including
+ whether the build is an official or private one.
+
+
+
+
+ Gets the assembly file version of the executing assembly, otherwise falls back to the assembly version.
+
+
+
+
+ Manages an individual deferred ToString call.
+
+ The type of object to be serialized as a string.
+
+
+
+ The object that will be serialized if called upon.
+
+
+
+
+ The method used to serialize to string form.
+
+
+
+
+ Initializes a new instance of the DelayedToString class.
+
+ The object that may be serialized to string form.
+ The method that will serialize the object if called upon.
+
+
+
+ Returns a that represents the current .
+
+
+ A that represents the current .
+
+
+
+
diff --git a/PROJ-ETS/packages/DotNetOpenAuth.OAuth.Consumer.4.3.0.13117/DotNetOpenAuth.OAuth.Consumer.4.3.0.13117.nupkg b/PROJ-ETS/packages/DotNetOpenAuth.OAuth.Consumer.4.3.0.13117/DotNetOpenAuth.OAuth.Consumer.4.3.0.13117.nupkg
new file mode 100644
index 0000000..4544a44
Binary files /dev/null and b/PROJ-ETS/packages/DotNetOpenAuth.OAuth.Consumer.4.3.0.13117/DotNetOpenAuth.OAuth.Consumer.4.3.0.13117.nupkg differ
diff --git a/PROJ-ETS/packages/DotNetOpenAuth.OAuth.Consumer.4.3.0.13117/DotNetOpenAuth.OAuth.Consumer.4.3.0.13117.nuspec b/PROJ-ETS/packages/DotNetOpenAuth.OAuth.Consumer.4.3.0.13117/DotNetOpenAuth.OAuth.Consumer.4.3.0.13117.nuspec
new file mode 100644
index 0000000..6b62f49
--- /dev/null
+++ b/PROJ-ETS/packages/DotNetOpenAuth.OAuth.Consumer.4.3.0.13117/DotNetOpenAuth.OAuth.Consumer.4.3.0.13117.nuspec
@@ -0,0 +1,20 @@
+
+
+
+ DotNetOpenAuth.OAuth.Consumer
+ 4.3.0.13117
+ DotNetOpenAuth OAuth 1.0(a) Consumer
+ Andrew Arnott
+ Andrew Arnott
+ http://www.opensource.org/licenses/ms-pl.html
+ http://www.dotnetopenauth.net/
+ https://github.com/AArnott/dotnetopenid/raw/v3.4/doc/logo/dnoa-logo_32x32.png
+ false
+ Improve usability, reliability, conversion rates and security simultaneously by simply asking the user for permission to access their
+ data on 3rd party services rather than asking for their password.
+ Add the role of an OAuth 1.0(a) consumer to a .NET (web) application.
+
+
+
+
+
\ No newline at end of file
diff --git a/PROJ-ETS/packages/DotNetOpenAuth.OAuth.Consumer.4.3.0.13117/lib/net35-full/DotNetOpenAuth.OAuth.Consumer.dll b/PROJ-ETS/packages/DotNetOpenAuth.OAuth.Consumer.4.3.0.13117/lib/net35-full/DotNetOpenAuth.OAuth.Consumer.dll
new file mode 100644
index 0000000..74d0c1e
Binary files /dev/null and b/PROJ-ETS/packages/DotNetOpenAuth.OAuth.Consumer.4.3.0.13117/lib/net35-full/DotNetOpenAuth.OAuth.Consumer.dll differ
diff --git a/PROJ-ETS/packages/DotNetOpenAuth.OAuth.Consumer.4.3.0.13117/lib/net35-full/DotNetOpenAuth.OAuth.Consumer.xml b/PROJ-ETS/packages/DotNetOpenAuth.OAuth.Consumer.4.3.0.13117/lib/net35-full/DotNetOpenAuth.OAuth.Consumer.xml
new file mode 100644
index 0000000..4ccee17
--- /dev/null
+++ b/PROJ-ETS/packages/DotNetOpenAuth.OAuth.Consumer.4.3.0.13117/lib/net35-full/DotNetOpenAuth.OAuth.Consumer.xml
@@ -0,0 +1,397 @@
+
+
+
+ DotNetOpenAuth.OAuth.Consumer
+
+
+
+
+ A token manager for use by a web site in its role as a consumer of
+ an individual ServiceProvider.
+
+
+
+
+ Gets the consumer key.
+
+ The consumer key.
+
+
+
+ Gets the consumer secret.
+
+ The consumer secret.
+
+
+
+ The messaging channel for OAuth 1.0(a) Consumers.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The binding element to use for signing.
+ The web application store to use for nonces.
+ The token manager instance to use.
+ The security settings.
+ The message factory.
+
+
+
+ Gets the consumer secret for a given consumer key.
+
+ The consumer key.
+ The consumer secret.
+
+
+
+ Initializes the binding elements for the OAuth channel.
+
+ The signing binding element.
+ The nonce store.
+
+ An array of binding elements used to initialize the channel.
+
+
+
+
+ An OAuth-protocol specific implementation of the
+ interface.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Analyzes an incoming request message payload to discover what kind of
+ message is embedded in it and returns the type, or null if no match is found.
+
+ The intended or actual recipient of the request message.
+ The name/value pairs that make up the message payload.
+
+ A newly instantiated -derived object that this message can
+ deserialize to. Null if the request isn't recognized as a valid protocol message.
+
+
+ The request messages are:
+ UserAuthorizationResponse
+
+
+
+
+ Analyzes an incoming request message payload to discover what kind of
+ message is embedded in it and returns the type, or null if no match is found.
+
+
+ The message that was sent as a request that resulted in the response.
+ Null on a Consumer site that is receiving an indirect message from the Service Provider.
+
+ The name/value pairs that make up the message payload.
+
+ A newly instantiated -derived object that this message can
+ deserialize to. Null if the request isn't recognized as a valid protocol message.
+
+
+ The response messages are:
+ UnauthorizedTokenResponse
+ AuthorizedTokenResponse
+
+
+
+
+ A binding element that signs outgoing messages and verifies the signature on incoming messages.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The certificate used to sign outgoing messages.
+
+
+
+ Determines whether the signature on some message is valid.
+
+ The message to check the signature on.
+
+ true if the signature on the message is valid; otherwise, false.
+
+
+
+
+ Calculates a signature for a given message.
+
+ The message to sign.
+ The signature for the message.
+
+ This method signs the message per OAuth 1.0 section 9.3.
+
+
+
+
+ Creates a new object that is a copy of the current instance.
+
+
+ A new object that is a copy of this instance.
+
+
+
+
+ Gets or sets the certificate used to sign outgoing messages. Used only by Consumers.
+
+
+
+
+ Base class for and types.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The endpoints and behavior of the Service Provider.
+ The host's method of storing and recalling tokens and secrets.
+
+
+
+ Obtains an access token for a new account at the Service Provider via 2-legged OAuth.
+
+ Any applicable parameters to include in the query string of the token request.
+ The access token.
+
+ The token secret is stored in the .
+
+
+
+
+ Creates a web request prepared with OAuth authorization
+ that may be further tailored by adding parameters by the caller.
+
+ The URL and method on the Service Provider to send the request to.
+ The access token that permits access to the protected resource.
+ The initialized WebRequest object.
+
+
+
+ Creates a web request prepared with OAuth authorization
+ that may be further tailored by adding parameters by the caller.
+
+ The URL and method on the Service Provider to send the request to.
+ The access token that permits access to the protected resource.
+ Extra parameters to include in the message. Must not be null, but may be empty.
+ The initialized WebRequest object.
+
+
+
+ Prepares an authorized request that carries an HTTP multi-part POST, allowing for binary data.
+
+ The URL and method on the Service Provider to send the request to.
+ The access token that permits access to the protected resource.
+ Extra parameters to include in the message. Must not be null, but may be empty.
+ The initialized WebRequest object.
+
+
+
+ Prepares an HTTP request that has OAuth authorization already attached to it.
+
+ The OAuth authorization message to attach to the HTTP request.
+
+ The HttpWebRequest that can be used to send the HTTP request to the remote service provider.
+
+
+ If property on the
+ has the
+ flag set and
+ is set to an HTTP method
+ that includes an entity body, the request stream is automatically sent
+ if and only if the dictionary is non-empty.
+
+
+
+
+ Creates a web request prepared with OAuth authorization
+ that may be further tailored by adding parameters by the caller.
+
+ The URL and method on the Service Provider to send the request to.
+ The access token that permits access to the protected resource.
+ The initialized WebRequest object.
+ Thrown if the request fails for any reason after it is sent to the Service Provider.
+
+
+
+ Performs application-defined tasks associated with freeing, releasing, or resetting unmanaged resources.
+
+
+
+
+ Creates a web request prepared with OAuth authorization
+ that may be further tailored by adding parameters by the caller.
+
+ The URL and method on the Service Provider to send the request to.
+ The access token that permits access to the protected resource.
+ The initialized WebRequest object.
+
+
+
+ Prepares an OAuth message that begins an authorization request that will
+ redirect the user to the Service Provider to provide that authorization.
+
+
+ An optional Consumer URL that the Service Provider should redirect the
+ User Agent to upon successful authorization.
+
+ Extra parameters to add to the request token message. Optional.
+ Extra parameters to add to the redirect to Service Provider message. Optional.
+ The request token that must be exchanged for an access token after the user has provided authorization.
+ The pending user agent redirect based message to be sent as an HttpResponse.
+
+
+
+ Exchanges a given request token for access token.
+
+ The request token that the user has authorized.
+ The verifier code.
+
+ The access token assigned by the Service Provider.
+
+
+
+
+ Releases unmanaged and - optionally - managed resources
+
+ true to release both managed and unmanaged resources; false to release only unmanaged resources.
+
+
+
+ Gets the Consumer Key used to communicate with the Service Provider.
+
+
+
+
+ Gets the Service Provider that will be accessed.
+
+
+
+
+ Gets the persistence store for tokens and secrets.
+
+
+
+
+ Gets the channel to use for sending/receiving messages.
+
+
+
+
+ Gets the security settings for this consumer.
+
+
+
+
+ Gets or sets the channel to use for sending/receiving messages.
+
+
+
+
+ Used by a desktop application to use OAuth to access the Service Provider on behalf of the User.
+
+
+ The methods on this class are thread-safe. Provided the properties are set and not changed
+ afterward, a single instance of this class may be used by an entire desktop application safely.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The endpoints and behavior of the Service Provider.
+ The host's method of storing and recalling tokens and secrets.
+
+
+
+ Begins an OAuth authorization request.
+
+ Extra parameters to add to the request token message. Optional.
+ Extra parameters to add to the redirect to Service Provider message. Optional.
+ The request token that must be exchanged for an access token after the user has provided authorization.
+ The URL to open a browser window to allow the user to provide authorization.
+
+
+
+ Exchanges a given request token for access token.
+
+ The request token that the user has authorized.
+ The access token assigned by the Service Provider.
+
+
+
+ Exchanges a given request token for access token.
+
+ The request token that the user has authorized.
+ The verifier code typed in by the user. Must not be Null for OAuth 1.0a service providers and later.
+
+ The access token assigned by the Service Provider.
+
+
+
+
+ A website or application that uses OAuth to access the Service Provider on behalf of the User.
+
+
+ The methods on this class are thread-safe. Provided the properties are set and not changed
+ afterward, a single instance of this class may be used by an entire web application safely.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The endpoints and behavior of the Service Provider.
+ The host's method of storing and recalling tokens and secrets.
+
+
+
+ Begins an OAuth authorization request and redirects the user to the Service Provider
+ to provide that authorization. Upon successful authorization, the user is redirected
+ back to the current page.
+
+ The pending user agent redirect based message to be sent as an HttpResponse.
+
+ Requires HttpContext.Current.
+
+
+
+
+ Prepares an OAuth message that begins an authorization request that will
+ redirect the user to the Service Provider to provide that authorization.
+
+
+ An optional Consumer URL that the Service Provider should redirect the
+ User Agent to upon successful authorization.
+
+ Extra parameters to add to the request token message. Optional.
+ Extra parameters to add to the redirect to Service Provider message. Optional.
+ The pending user agent redirect based message to be sent as an HttpResponse.
+
+
+
+ Processes an incoming authorization-granted message from an SP and obtains an access token.
+
+ The access token, or null if no incoming authorization message was recognized.
+
+ Requires HttpContext.Current.
+
+
+
+
+ Processes an incoming authorization-granted message from an SP and obtains an access token.
+
+ The incoming HTTP request.
+ The access token, or null if no incoming authorization message was recognized.
+
+
+
diff --git a/PROJ-ETS/packages/DotNetOpenAuth.OAuth.Consumer.4.3.0.13117/lib/net40-full/DotNetOpenAuth.OAuth.Consumer.dll b/PROJ-ETS/packages/DotNetOpenAuth.OAuth.Consumer.4.3.0.13117/lib/net40-full/DotNetOpenAuth.OAuth.Consumer.dll
new file mode 100644
index 0000000..1a25b4d
Binary files /dev/null and b/PROJ-ETS/packages/DotNetOpenAuth.OAuth.Consumer.4.3.0.13117/lib/net40-full/DotNetOpenAuth.OAuth.Consumer.dll differ
diff --git a/PROJ-ETS/packages/DotNetOpenAuth.OAuth.Consumer.4.3.0.13117/lib/net40-full/DotNetOpenAuth.OAuth.Consumer.xml b/PROJ-ETS/packages/DotNetOpenAuth.OAuth.Consumer.4.3.0.13117/lib/net40-full/DotNetOpenAuth.OAuth.Consumer.xml
new file mode 100644
index 0000000..dfe61ca
--- /dev/null
+++ b/PROJ-ETS/packages/DotNetOpenAuth.OAuth.Consumer.4.3.0.13117/lib/net40-full/DotNetOpenAuth.OAuth.Consumer.xml
@@ -0,0 +1,712 @@
+
+
+
+ DotNetOpenAuth.OAuth.Consumer
+
+
+
+
+ A token manager for use by a web site in its role as a consumer of
+ an individual ServiceProvider.
+
+
+
+
+ Gets the consumer key.
+
+ The consumer key.
+
+
+
+ Gets the consumer secret.
+
+ The consumer secret.
+
+
+
+ The messaging channel for OAuth 1.0(a) Consumers.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The binding element to use for signing.
+ The web application store to use for nonces.
+ The token manager instance to use.
+ The security settings.
+ The message factory.
+
+
+
+ Gets the consumer secret for a given consumer key.
+
+ The consumer key.
+ The consumer secret.
+
+
+
+ Initializes the binding elements for the OAuth channel.
+
+ The signing binding element.
+ The nonce store.
+
+ An array of binding elements used to initialize the channel.
+
+
+
+
+ An OAuth-protocol specific implementation of the
+ interface.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Analyzes an incoming request message payload to discover what kind of
+ message is embedded in it and returns the type, or null if no match is found.
+
+ The intended or actual recipient of the request message.
+ The name/value pairs that make up the message payload.
+
+ A newly instantiated -derived object that this message can
+ deserialize to. Null if the request isn't recognized as a valid protocol message.
+
+
+ The request messages are:
+ UserAuthorizationResponse
+
+
+
+
+ Analyzes an incoming request message payload to discover what kind of
+ message is embedded in it and returns the type, or null if no match is found.
+
+
+ The message that was sent as a request that resulted in the response.
+ Null on a Consumer site that is receiving an indirect message from the Service Provider.
+
+ The name/value pairs that make up the message payload.
+
+ A newly instantiated -derived object that this message can
+ deserialize to. Null if the request isn't recognized as a valid protocol message.
+
+
+ The response messages are:
+ UnauthorizedTokenResponse
+ AuthorizedTokenResponse
+
+
+
+
+ A binding element that signs outgoing messages and verifies the signature on incoming messages.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The certificate used to sign outgoing messages.
+
+
+
+ Determines whether the signature on some message is valid.
+
+ The message to check the signature on.
+
+ true if the signature on the message is valid; otherwise, false.
+
+
+
+
+ Calculates a signature for a given message.
+
+ The message to sign.
+ The signature for the message.
+
+ This method signs the message per OAuth 1.0 section 9.3.
+
+
+
+
+ Creates a new object that is a copy of the current instance.
+
+
+ A new object that is a copy of this instance.
+
+
+
+
+ Gets or sets the certificate used to sign outgoing messages. Used only by Consumers.
+
+
+
+
+ Base class for and types.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The endpoints and behavior of the Service Provider.
+ The host's method of storing and recalling tokens and secrets.
+
+
+
+ Obtains an access token for a new account at the Service Provider via 2-legged OAuth.
+
+ Any applicable parameters to include in the query string of the token request.
+ The access token.
+
+ The token secret is stored in the .
+
+
+
+
+ Creates an HTTP handler that automatically applies an OAuth 1 access token and signature to outbound HTTP requests.
+ The result of this method can be supplied to the constructor.
+
+ The access token to use to authorize each outbound HTTP message.
+ The inner HTTP handler to use. The default uses as the inner handler.
+ An instance.
+
+
+
+ Creates a web request prepared with OAuth authorization
+ that may be further tailored by adding parameters by the caller.
+
+ The URL and method on the Service Provider to send the request to.
+ The access token that permits access to the protected resource.
+ The initialized WebRequest object.
+
+
+
+ Creates a web request prepared with OAuth authorization
+ that may be further tailored by adding parameters by the caller.
+
+ The URL and method on the Service Provider to send the request to.
+ The access token that permits access to the protected resource.
+ Extra parameters to include in the message. Must not be null, but may be empty.
+ The initialized WebRequest object.
+
+
+
+ Prepares an authorized request that carries an HTTP multi-part POST, allowing for binary data.
+
+ The URL and method on the Service Provider to send the request to.
+ The access token that permits access to the protected resource.
+ Extra parameters to include in the message. Must not be null, but may be empty.
+ The initialized WebRequest object.
+
+
+
+ Prepares an HTTP request that has OAuth authorization already attached to it.
+
+ The OAuth authorization message to attach to the HTTP request.
+
+ The HttpWebRequest that can be used to send the HTTP request to the remote service provider.
+
+
+ If property on the
+ has the
+ flag set and
+ is set to an HTTP method
+ that includes an entity body, the request stream is automatically sent
+ if and only if the dictionary is non-empty.
+
+
+
+
+ Creates a web request prepared with OAuth authorization
+ that may be further tailored by adding parameters by the caller.
+
+ The URL and method on the Service Provider to send the request to.
+ The access token that permits access to the protected resource.
+ The initialized WebRequest object.
+ Thrown if the request fails for any reason after it is sent to the Service Provider.
+
+
+
+ Performs application-defined tasks associated with freeing, releasing, or resetting unmanaged resources.
+
+
+
+
+ Creates a web request prepared with OAuth authorization
+ that may be further tailored by adding parameters by the caller.
+
+ The URL and method on the Service Provider to send the request to.
+ The access token that permits access to the protected resource.
+ The initialized WebRequest object.
+
+
+
+ Prepares an OAuth message that begins an authorization request that will
+ redirect the user to the Service Provider to provide that authorization.
+
+
+ An optional Consumer URL that the Service Provider should redirect the
+ User Agent to upon successful authorization.
+
+ Extra parameters to add to the request token message. Optional.
+ Extra parameters to add to the redirect to Service Provider message. Optional.
+ The request token that must be exchanged for an access token after the user has provided authorization.
+ The pending user agent redirect based message to be sent as an HttpResponse.
+
+
+
+ Exchanges a given request token for access token.
+
+ The request token that the user has authorized.
+ The verifier code.
+
+ The access token assigned by the Service Provider.
+
+
+
+
+ Releases unmanaged and - optionally - managed resources
+
+ true to release both managed and unmanaged resources; false to release only unmanaged resources.
+
+
+
+ Gets the Consumer Key used to communicate with the Service Provider.
+
+
+
+
+ Gets the Service Provider that will be accessed.
+
+
+
+
+ Gets the persistence store for tokens and secrets.
+
+
+
+
+ Gets the channel to use for sending/receiving messages.
+
+
+
+
+ Gets the security settings for this consumer.
+
+
+
+
+ Gets or sets the channel to use for sending/receiving messages.
+
+
+
+
+ Used by a desktop application to use OAuth to access the Service Provider on behalf of the User.
+
+
+ The methods on this class are thread-safe. Provided the properties are set and not changed
+ afterward, a single instance of this class may be used by an entire desktop application safely.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The endpoints and behavior of the Service Provider.
+ The host's method of storing and recalling tokens and secrets.
+
+
+
+ Begins an OAuth authorization request.
+
+ Extra parameters to add to the request token message. Optional.
+ Extra parameters to add to the redirect to Service Provider message. Optional.
+ The request token that must be exchanged for an access token after the user has provided authorization.
+ The URL to open a browser window to allow the user to provide authorization.
+
+
+
+ Exchanges a given request token for access token.
+
+ The request token that the user has authorized.
+ The access token assigned by the Service Provider.
+
+
+
+ Exchanges a given request token for access token.
+
+ The request token that the user has authorized.
+ The verifier code typed in by the user. Must not be Null for OAuth 1.0a service providers and later.
+
+ The access token assigned by the Service Provider.
+
+
+
+
+ A delegating HTTP handler that signs outgoing HTTP requests
+ with an HMAC-SHA1 signature.
+
+
+
+
+ A base class for delegating s that sign
+ outgoing HTTP requests per the OAuth 1.0 "3.4 Signature" in RFC 5849.
+
+
+ This implements http://tools.ietf.org/html/rfc5849#section-3.4
+
+
+
+
+ These are the characters that may be chosen from when forming a random nonce.
+
+
+
+
+ The default nonce length.
+
+
+
+
+ The default parameters location.
+
+
+
+
+ The reference date and time for calculating time stamps.
+
+
+
+
+ An array containing simply the amperstand character.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The inner handler which is responsible for processing the HTTP response messages.
+
+
+
+ Applies OAuth authorization to the specified request.
+ This method is applied automatically to outbound requests that use this message handler instance.
+ However this method may be useful for obtaining the OAuth 1.0 signature without actually sending the request.
+
+ The request.
+
+
+
+ Sends an HTTP request to the inner handler to send to the server as an asynchronous operation.
+
+ The HTTP request message to send to the server.
+ A cancellation token to cancel operation.
+
+ Returns . The task object representing the asynchronous operation.
+
+
+
+
+ Calculates the signature for the specified buffer.
+
+ The payload to calculate the signature for.
+ The signature.
+
+
+
+ Gets the OAuth 1.0 signature to apply to the specified request.
+
+ The outbound HTTP request.
+ The oauth parameters.
+
+ The value for the "oauth_signature" parameter.
+
+
+
+
+ Gets the "ConsumerSecret&AccessTokenSecret" string, allowing either property to be empty or null.
+
+ The concatenated string.
+
+ This is useful in the PLAINTEXT and HMAC-SHA1 signature algorithms.
+
+
+
+
+ Escapes a value for transport in a URI, per RFC 3986.
+
+ The value to escape. Null and empty strings are OK.
+ The escaped value. Never null.
+
+
+
+ Returns the OAuth 1.0 timestamp for the current time.
+
+ The date time.
+ A string representation of the number of seconds since "the epoch".
+
+
+
+ Constructs the "Base String URI" as described in http://tools.ietf.org/html/rfc5849#section-3.4.1.2
+
+ The request URI.
+
+ The string to include in the signature base string.
+
+
+
+
+ Constructs the "Signature Base String" as described in http://tools.ietf.org/html/rfc5849#section-3.4.1
+
+ The HTTP request message.
+ The oauth parameters.
+
+ The signature base string.
+
+
+
+
+ Generates a string of random characters for use as a nonce.
+
+ The nonce string.
+
+
+
+ Gets the "oauth_" prefixed parameters that should be added to an outbound request.
+
+ A collection of name=value pairs.
+
+
+
+ Gets a normalized string of the query string parameters included in the request and the additional OAuth parameters.
+
+ The HTTP request.
+ The oauth parameters that will be added to the request.
+ The normalized string of parameters to included in the signature base string.
+
+
+
+ Gets or sets the location to add OAuth parameters to outbound HTTP requests.
+
+
+
+
+ Gets or sets the consumer key.
+
+
+ The consumer key.
+
+
+
+
+ Gets or sets the consumer secret.
+
+
+ The consumer secret.
+
+
+
+
+ Gets or sets the access token.
+
+
+ The access token.
+
+
+
+
+ Gets or sets the access token secret.
+
+
+ The access token secret.
+
+
+
+
+ Gets or sets the length of the nonce.
+
+
+ The length of the nonce.
+
+
+
+
+ Gets the signature method to include in the oauth_signature_method parameter.
+
+
+ The signature method.
+
+
+
+
+ The locations that oauth parameters may be added to HTTP requests.
+
+
+
+
+ The oauth parameters are added to the query string in the URL.
+
+
+
+
+ An HTTP Authorization header is added with the OAuth scheme.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The inner handler which is responsible for processing the HTTP response messages.
+
+
+
+ Calculates the signature for the specified buffer.
+
+ The payload to calculate the signature for.
+
+ The signature.
+
+
+
+
+ Gets the signature method to include in the oauth_signature_method parameter.
+
+
+ The signature method.
+
+
+
+
+ A delegating HTTP handler that signs outgoing HTTP requests
+ with the PLAINTEXT signature.
+
+
+
+
+ Calculates the signature for the specified buffer.
+
+ The payload to calculate the signature for.
+
+ The signature.
+
+ Always thrown.
+
+
+
+ Gets the OAuth 1.0 signature to apply to the specified request.
+
+ The outbound HTTP request.
+ The oauth parameters.
+
+ The value for the "oauth_signature" parameter.
+
+
+
+
+ Gets the signature method to include in the oauth_signature_method parameter.
+
+
+ The signature method.
+
+
+
+
+ A delegating HTTP handler that signs outgoing HTTP requests
+ with an RSA-SHA1 signature.
+
+
+
+
+ Calculates the signature for the specified buffer.
+
+ The payload to calculate the signature for.
+
+ The signature.
+
+
+
+
+ Gets or sets the certificate used to sign outgoing messages. Used only by Consumers.
+
+
+
+
+ Gets the signature method to include in the oauth_signature_method parameter.
+
+
+ The signature method.
+
+
+
+
+ A website or application that uses OAuth to access the Service Provider on behalf of the User.
+
+
+ The methods on this class are thread-safe. Provided the properties are set and not changed
+ afterward, a single instance of this class may be used by an entire web application safely.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The endpoints and behavior of the Service Provider.
+ The host's method of storing and recalling tokens and secrets.
+
+
+
+ Begins an OAuth authorization request and redirects the user to the Service Provider
+ to provide that authorization. Upon successful authorization, the user is redirected
+ back to the current page.
+
+ The pending user agent redirect based message to be sent as an HttpResponse.
+
+ Requires HttpContext.Current.
+
+
+
+
+ Prepares an OAuth message that begins an authorization request that will
+ redirect the user to the Service Provider to provide that authorization.
+
+
+ An optional Consumer URL that the Service Provider should redirect the
+ User Agent to upon successful authorization.
+
+ Extra parameters to add to the request token message. Optional.
+ Extra parameters to add to the redirect to Service Provider message. Optional.
+ The pending user agent redirect based message to be sent as an HttpResponse.
+
+
+
+ Processes an incoming authorization-granted message from an SP and obtains an access token.
+
+ The access token, or null if no incoming authorization message was recognized.
+
+ Requires HttpContext.Current.
+
+
+
+
+ Processes an incoming authorization-granted message from an SP and obtains an access token.
+
+ The incoming HTTP request.
+ The access token, or null if no incoming authorization message was recognized.
+
+
+
diff --git a/PROJ-ETS/packages/DotNetOpenAuth.OAuth.Consumer.4.3.0.13117/lib/net45-full/DotNetOpenAuth.OAuth.Consumer.dll b/PROJ-ETS/packages/DotNetOpenAuth.OAuth.Consumer.4.3.0.13117/lib/net45-full/DotNetOpenAuth.OAuth.Consumer.dll
new file mode 100644
index 0000000..6f5bc0e
Binary files /dev/null and b/PROJ-ETS/packages/DotNetOpenAuth.OAuth.Consumer.4.3.0.13117/lib/net45-full/DotNetOpenAuth.OAuth.Consumer.dll differ
diff --git a/PROJ-ETS/packages/DotNetOpenAuth.OAuth.Consumer.4.3.0.13117/lib/net45-full/DotNetOpenAuth.OAuth.Consumer.xml b/PROJ-ETS/packages/DotNetOpenAuth.OAuth.Consumer.4.3.0.13117/lib/net45-full/DotNetOpenAuth.OAuth.Consumer.xml
new file mode 100644
index 0000000..dfe61ca
--- /dev/null
+++ b/PROJ-ETS/packages/DotNetOpenAuth.OAuth.Consumer.4.3.0.13117/lib/net45-full/DotNetOpenAuth.OAuth.Consumer.xml
@@ -0,0 +1,712 @@
+
+
+
+ DotNetOpenAuth.OAuth.Consumer
+
+
+
+
+ A token manager for use by a web site in its role as a consumer of
+ an individual ServiceProvider.
+
+
+
+
+ Gets the consumer key.
+
+ The consumer key.
+
+
+
+ Gets the consumer secret.
+
+ The consumer secret.
+
+
+
+ The messaging channel for OAuth 1.0(a) Consumers.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The binding element to use for signing.
+ The web application store to use for nonces.
+ The token manager instance to use.
+ The security settings.
+ The message factory.
+
+
+
+ Gets the consumer secret for a given consumer key.
+
+ The consumer key.
+ The consumer secret.
+
+
+
+ Initializes the binding elements for the OAuth channel.
+
+ The signing binding element.
+ The nonce store.
+
+ An array of binding elements used to initialize the channel.
+
+
+
+
+ An OAuth-protocol specific implementation of the
+ interface.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Analyzes an incoming request message payload to discover what kind of
+ message is embedded in it and returns the type, or null if no match is found.
+
+ The intended or actual recipient of the request message.
+ The name/value pairs that make up the message payload.
+
+ A newly instantiated -derived object that this message can
+ deserialize to. Null if the request isn't recognized as a valid protocol message.
+
+
+ The request messages are:
+ UserAuthorizationResponse
+
+
+
+
+ Analyzes an incoming request message payload to discover what kind of
+ message is embedded in it and returns the type, or null if no match is found.
+
+
+ The message that was sent as a request that resulted in the response.
+ Null on a Consumer site that is receiving an indirect message from the Service Provider.
+
+ The name/value pairs that make up the message payload.
+
+ A newly instantiated -derived object that this message can
+ deserialize to. Null if the request isn't recognized as a valid protocol message.
+
+
+ The response messages are:
+ UnauthorizedTokenResponse
+ AuthorizedTokenResponse
+
+
+
+
+ A binding element that signs outgoing messages and verifies the signature on incoming messages.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The certificate used to sign outgoing messages.
+
+
+
+ Determines whether the signature on some message is valid.
+
+ The message to check the signature on.
+
+ true if the signature on the message is valid; otherwise, false.
+
+
+
+
+ Calculates a signature for a given message.
+
+ The message to sign.
+ The signature for the message.
+
+ This method signs the message per OAuth 1.0 section 9.3.
+
+
+
+
+ Creates a new object that is a copy of the current instance.
+
+
+ A new object that is a copy of this instance.
+
+
+
+
+ Gets or sets the certificate used to sign outgoing messages. Used only by Consumers.
+
+
+
+
+ Base class for and types.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The endpoints and behavior of the Service Provider.
+ The host's method of storing and recalling tokens and secrets.
+
+
+
+ Obtains an access token for a new account at the Service Provider via 2-legged OAuth.
+
+ Any applicable parameters to include in the query string of the token request.
+ The access token.
+
+ The token secret is stored in the .
+
+
+
+
+ Creates an HTTP handler that automatically applies an OAuth 1 access token and signature to outbound HTTP requests.
+ The result of this method can be supplied to the constructor.
+
+ The access token to use to authorize each outbound HTTP message.
+ The inner HTTP handler to use. The default uses as the inner handler.
+ An instance.
+
+
+
+ Creates a web request prepared with OAuth authorization
+ that may be further tailored by adding parameters by the caller.
+
+ The URL and method on the Service Provider to send the request to.
+ The access token that permits access to the protected resource.
+ The initialized WebRequest object.
+
+
+
+ Creates a web request prepared with OAuth authorization
+ that may be further tailored by adding parameters by the caller.
+
+ The URL and method on the Service Provider to send the request to.
+ The access token that permits access to the protected resource.
+ Extra parameters to include in the message. Must not be null, but may be empty.
+ The initialized WebRequest object.
+
+
+
+ Prepares an authorized request that carries an HTTP multi-part POST, allowing for binary data.
+
+ The URL and method on the Service Provider to send the request to.
+ The access token that permits access to the protected resource.
+ Extra parameters to include in the message. Must not be null, but may be empty.
+ The initialized WebRequest object.
+
+
+
+ Prepares an HTTP request that has OAuth authorization already attached to it.
+
+ The OAuth authorization message to attach to the HTTP request.
+
+ The HttpWebRequest that can be used to send the HTTP request to the remote service provider.
+
+
+ If property on the
+ has the
+ flag set and
+ is set to an HTTP method
+ that includes an entity body, the request stream is automatically sent
+ if and only if the dictionary is non-empty.
+
+
+
+
+ Creates a web request prepared with OAuth authorization
+ that may be further tailored by adding parameters by the caller.
+
+ The URL and method on the Service Provider to send the request to.
+ The access token that permits access to the protected resource.
+ The initialized WebRequest object.
+ Thrown if the request fails for any reason after it is sent to the Service Provider.
+
+
+
+ Performs application-defined tasks associated with freeing, releasing, or resetting unmanaged resources.
+
+
+
+
+ Creates a web request prepared with OAuth authorization
+ that may be further tailored by adding parameters by the caller.
+
+ The URL and method on the Service Provider to send the request to.
+ The access token that permits access to the protected resource.
+ The initialized WebRequest object.
+
+
+
+ Prepares an OAuth message that begins an authorization request that will
+ redirect the user to the Service Provider to provide that authorization.
+
+
+ An optional Consumer URL that the Service Provider should redirect the
+ User Agent to upon successful authorization.
+
+ Extra parameters to add to the request token message. Optional.
+ Extra parameters to add to the redirect to Service Provider message. Optional.
+ The request token that must be exchanged for an access token after the user has provided authorization.
+ The pending user agent redirect based message to be sent as an HttpResponse.
+
+
+
+ Exchanges a given request token for access token.
+
+ The request token that the user has authorized.
+ The verifier code.
+
+ The access token assigned by the Service Provider.
+
+
+
+
+ Releases unmanaged and - optionally - managed resources
+
+ true to release both managed and unmanaged resources; false to release only unmanaged resources.
+
+
+
+ Gets the Consumer Key used to communicate with the Service Provider.
+
+
+
+
+ Gets the Service Provider that will be accessed.
+
+
+
+
+ Gets the persistence store for tokens and secrets.
+
+
+
+
+ Gets the channel to use for sending/receiving messages.
+
+
+
+
+ Gets the security settings for this consumer.
+
+
+
+
+ Gets or sets the channel to use for sending/receiving messages.
+
+
+
+
+ Used by a desktop application to use OAuth to access the Service Provider on behalf of the User.
+
+
+ The methods on this class are thread-safe. Provided the properties are set and not changed
+ afterward, a single instance of this class may be used by an entire desktop application safely.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The endpoints and behavior of the Service Provider.
+ The host's method of storing and recalling tokens and secrets.
+
+
+
+ Begins an OAuth authorization request.
+
+ Extra parameters to add to the request token message. Optional.
+ Extra parameters to add to the redirect to Service Provider message. Optional.
+ The request token that must be exchanged for an access token after the user has provided authorization.
+ The URL to open a browser window to allow the user to provide authorization.
+
+
+
+ Exchanges a given request token for access token.
+
+ The request token that the user has authorized.
+ The access token assigned by the Service Provider.
+
+
+
+ Exchanges a given request token for access token.
+
+ The request token that the user has authorized.
+ The verifier code typed in by the user. Must not be Null for OAuth 1.0a service providers and later.
+
+ The access token assigned by the Service Provider.
+
+
+
+
+ A delegating HTTP handler that signs outgoing HTTP requests
+ with an HMAC-SHA1 signature.
+
+
+
+
+ A base class for delegating s that sign
+ outgoing HTTP requests per the OAuth 1.0 "3.4 Signature" in RFC 5849.
+
+
+ This implements http://tools.ietf.org/html/rfc5849#section-3.4
+
+
+
+
+ These are the characters that may be chosen from when forming a random nonce.
+
+
+
+
+ The default nonce length.
+
+
+
+
+ The default parameters location.
+
+
+
+
+ The reference date and time for calculating time stamps.
+
+
+
+
+ An array containing simply the amperstand character.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The inner handler which is responsible for processing the HTTP response messages.
+
+
+
+ Applies OAuth authorization to the specified request.
+ This method is applied automatically to outbound requests that use this message handler instance.
+ However this method may be useful for obtaining the OAuth 1.0 signature without actually sending the request.
+
+ The request.
+
+
+
+ Sends an HTTP request to the inner handler to send to the server as an asynchronous operation.
+
+ The HTTP request message to send to the server.
+ A cancellation token to cancel operation.
+
+ Returns . The task object representing the asynchronous operation.
+
+
+
+
+ Calculates the signature for the specified buffer.
+
+ The payload to calculate the signature for.
+ The signature.
+
+
+
+ Gets the OAuth 1.0 signature to apply to the specified request.
+
+ The outbound HTTP request.
+ The oauth parameters.
+
+ The value for the "oauth_signature" parameter.
+
+
+
+
+ Gets the "ConsumerSecret&AccessTokenSecret" string, allowing either property to be empty or null.
+
+ The concatenated string.
+
+ This is useful in the PLAINTEXT and HMAC-SHA1 signature algorithms.
+
+
+
+
+ Escapes a value for transport in a URI, per RFC 3986.
+
+ The value to escape. Null and empty strings are OK.
+ The escaped value. Never null.
+
+
+
+ Returns the OAuth 1.0 timestamp for the current time.
+
+ The date time.
+ A string representation of the number of seconds since "the epoch".
+
+
+
+ Constructs the "Base String URI" as described in http://tools.ietf.org/html/rfc5849#section-3.4.1.2
+
+ The request URI.
+
+ The string to include in the signature base string.
+
+
+
+
+ Constructs the "Signature Base String" as described in http://tools.ietf.org/html/rfc5849#section-3.4.1
+
+ The HTTP request message.
+ The oauth parameters.
+
+ The signature base string.
+
+
+
+
+ Generates a string of random characters for use as a nonce.
+
+ The nonce string.
+
+
+
+ Gets the "oauth_" prefixed parameters that should be added to an outbound request.
+
+ A collection of name=value pairs.
+
+
+
+ Gets a normalized string of the query string parameters included in the request and the additional OAuth parameters.
+
+ The HTTP request.
+ The oauth parameters that will be added to the request.
+ The normalized string of parameters to included in the signature base string.
+
+
+
+ Gets or sets the location to add OAuth parameters to outbound HTTP requests.
+
+
+
+
+ Gets or sets the consumer key.
+
+
+ The consumer key.
+
+
+
+
+ Gets or sets the consumer secret.
+
+
+ The consumer secret.
+
+
+
+
+ Gets or sets the access token.
+
+
+ The access token.
+
+
+
+
+ Gets or sets the access token secret.
+
+
+ The access token secret.
+
+
+
+
+ Gets or sets the length of the nonce.
+
+
+ The length of the nonce.
+
+
+
+
+ Gets the signature method to include in the oauth_signature_method parameter.
+
+
+ The signature method.
+
+
+
+
+ The locations that oauth parameters may be added to HTTP requests.
+
+
+
+
+ The oauth parameters are added to the query string in the URL.
+
+
+
+
+ An HTTP Authorization header is added with the OAuth scheme.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The inner handler which is responsible for processing the HTTP response messages.
+
+
+
+ Calculates the signature for the specified buffer.
+
+ The payload to calculate the signature for.
+
+ The signature.
+
+
+
+
+ Gets the signature method to include in the oauth_signature_method parameter.
+
+
+ The signature method.
+
+
+
+
+ A delegating HTTP handler that signs outgoing HTTP requests
+ with the PLAINTEXT signature.
+
+
+
+
+ Calculates the signature for the specified buffer.
+
+ The payload to calculate the signature for.
+
+ The signature.
+
+ Always thrown.
+
+
+
+ Gets the OAuth 1.0 signature to apply to the specified request.
+
+ The outbound HTTP request.
+ The oauth parameters.
+
+ The value for the "oauth_signature" parameter.
+
+
+
+
+ Gets the signature method to include in the oauth_signature_method parameter.
+
+
+ The signature method.
+
+
+
+
+ A delegating HTTP handler that signs outgoing HTTP requests
+ with an RSA-SHA1 signature.
+
+
+
+
+ Calculates the signature for the specified buffer.
+
+ The payload to calculate the signature for.
+
+ The signature.
+
+
+
+
+ Gets or sets the certificate used to sign outgoing messages. Used only by Consumers.
+
+
+
+
+ Gets the signature method to include in the oauth_signature_method parameter.
+
+
+ The signature method.
+
+
+
+
+ A website or application that uses OAuth to access the Service Provider on behalf of the User.
+
+
+ The methods on this class are thread-safe. Provided the properties are set and not changed
+ afterward, a single instance of this class may be used by an entire web application safely.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The endpoints and behavior of the Service Provider.
+ The host's method of storing and recalling tokens and secrets.
+
+
+
+ Begins an OAuth authorization request and redirects the user to the Service Provider
+ to provide that authorization. Upon successful authorization, the user is redirected
+ back to the current page.
+
+ The pending user agent redirect based message to be sent as an HttpResponse.
+
+ Requires HttpContext.Current.
+
+
+
+
+ Prepares an OAuth message that begins an authorization request that will
+ redirect the user to the Service Provider to provide that authorization.
+
+
+ An optional Consumer URL that the Service Provider should redirect the
+ User Agent to upon successful authorization.
+
+ Extra parameters to add to the request token message. Optional.
+ Extra parameters to add to the redirect to Service Provider message. Optional.
+ The pending user agent redirect based message to be sent as an HttpResponse.
+
+
+
+ Processes an incoming authorization-granted message from an SP and obtains an access token.
+
+ The access token, or null if no incoming authorization message was recognized.
+
+ Requires HttpContext.Current.
+
+
+
+
+ Processes an incoming authorization-granted message from an SP and obtains an access token.
+
+ The incoming HTTP request.
+ The access token, or null if no incoming authorization message was recognized.
+
+
+
diff --git a/PROJ-ETS/packages/DotNetOpenAuth.OAuth.Core.4.3.0.13117/DotNetOpenAuth.OAuth.Core.4.3.0.13117.nupkg b/PROJ-ETS/packages/DotNetOpenAuth.OAuth.Core.4.3.0.13117/DotNetOpenAuth.OAuth.Core.4.3.0.13117.nupkg
new file mode 100644
index 0000000..dc9040a
Binary files /dev/null and b/PROJ-ETS/packages/DotNetOpenAuth.OAuth.Core.4.3.0.13117/DotNetOpenAuth.OAuth.Core.4.3.0.13117.nupkg differ
diff --git a/PROJ-ETS/packages/DotNetOpenAuth.OAuth.Core.4.3.0.13117/DotNetOpenAuth.OAuth.Core.4.3.0.13117.nuspec b/PROJ-ETS/packages/DotNetOpenAuth.OAuth.Core.4.3.0.13117/DotNetOpenAuth.OAuth.Core.4.3.0.13117.nuspec
new file mode 100644
index 0000000..339a6a5
--- /dev/null
+++ b/PROJ-ETS/packages/DotNetOpenAuth.OAuth.Core.4.3.0.13117/DotNetOpenAuth.OAuth.Core.4.3.0.13117.nuspec
@@ -0,0 +1,19 @@
+
+
+
+ DotNetOpenAuth.OAuth.Core
+ 4.3.0.13117
+ DotNetOpenAuth OAuth 1.0(a)
+ Andrew Arnott
+ Andrew Arnott
+ http://www.opensource.org/licenses/ms-pl.html
+ http://www.dotnetopenauth.net/
+ https://github.com/AArnott/dotnetopenid/raw/v3.4/doc/logo/dnoa-logo_32x32.png
+ false
+ This package contains shared code for other NuGet packages, and contains no public API in and of itself.
+ Functionality common to implement either an OAuth 1.0 consumer or service provider.
+
+
+
+
+
\ No newline at end of file
diff --git a/PROJ-ETS/packages/DotNetOpenAuth.OAuth.Core.4.3.0.13117/content/web.config.transform b/PROJ-ETS/packages/DotNetOpenAuth.OAuth.Core.4.3.0.13117/content/web.config.transform
new file mode 100644
index 0000000..d9b5d92
--- /dev/null
+++ b/PROJ-ETS/packages/DotNetOpenAuth.OAuth.Core.4.3.0.13117/content/web.config.transform
@@ -0,0 +1,7 @@
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/PROJ-ETS/packages/DotNetOpenAuth.OAuth.Core.4.3.0.13117/lib/net35-full/DotNetOpenAuth.OAuth.dll b/PROJ-ETS/packages/DotNetOpenAuth.OAuth.Core.4.3.0.13117/lib/net35-full/DotNetOpenAuth.OAuth.dll
new file mode 100644
index 0000000..32bd083
Binary files /dev/null and b/PROJ-ETS/packages/DotNetOpenAuth.OAuth.Core.4.3.0.13117/lib/net35-full/DotNetOpenAuth.OAuth.dll differ
diff --git a/PROJ-ETS/packages/DotNetOpenAuth.OAuth.Core.4.3.0.13117/lib/net35-full/DotNetOpenAuth.OAuth.xml b/PROJ-ETS/packages/DotNetOpenAuth.OAuth.Core.4.3.0.13117/lib/net35-full/DotNetOpenAuth.OAuth.xml
new file mode 100644
index 0000000..6bfe90e
--- /dev/null
+++ b/PROJ-ETS/packages/DotNetOpenAuth.OAuth.Core.4.3.0.13117/lib/net35-full/DotNetOpenAuth.OAuth.xml
@@ -0,0 +1,1858 @@
+
+
+
+ DotNetOpenAuth.OAuth
+
+
+
+
+ Represents the <oauth/consumer> element in the host's .config file.
+
+
+
+
+ Gets the name of the security sub-element.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Gets or sets the security settings.
+
+
+
+
+ Security settings that are applicable to consumers.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Initializes a programmatically manipulatable bag of these security settings with the settings from the config file.
+
+ The newly created security settings object.
+
+
+
+ Represents the <oauth> element in the host's .config file.
+
+
+
+
+ The name of the oauth section.
+
+
+
+
+ The name of the <consumer> sub-element.
+
+
+
+
+ The name of the <serviceProvider> sub-element.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Gets the configuration section from the .config file.
+
+
+
+
+ Gets or sets the configuration specific for Consumers.
+
+
+
+
+ Gets or sets the configuration specific for Service Providers.
+
+
+
+
+ Represents the <oauth/serviceProvider> element in the host's .config file.
+
+
+
+
+ The name of the custom store sub-element.
+
+
+
+
+ Gets the name of the security sub-element.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Gets or sets the type to use for storing application state.
+
+
+
+
+ Gets or sets the security settings.
+
+
+
+
+ Security settings that are applicable to service providers.
+
+
+
+
+ Gets the name of the @minimumRequiredOAuthVersion attribute.
+
+
+
+
+ Gets the name of the @maxAuthorizationTime attribute.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Initializes a programmatically manipulatable bag of these security settings with the settings from the config file.
+
+ The newly created security settings object.
+
+
+
+ Gets or sets the minimum OAuth version a Consumer is required to support in order for this library to interoperate with it.
+
+
+ Although the earliest versions of OAuth are supported, for security reasons it may be desirable to require the
+ remote party to support a later version of OAuth.
+
+
+
+
+ Gets or sets the maximum time a user can take to complete authorization.
+
+
+ This time limit serves as a security mitigation against brute force attacks to
+ compromise (unauthorized or authorized) request tokens.
+ Longer time limits is more friendly to slow users or consumers, while shorter
+ time limits provide better security.
+
+
+
+
+ An interface that must be implemented by message transforms/validators in order
+ to be included in the channel stack.
+
+
+
+
+ Clones this instance.
+
+ The cloned instance.
+
+
+
+ Gets or sets the delegate that will initialize the non-serialized properties necessary on a
+ signable message so that its signature can be correctly calculated or verified.
+
+
+
+
+ Contract class for the interface.
+
+
+
+
+ Prepares a message for sending based on the rules of this channel binding element.
+
+ The message to prepare for sending.
+
+ The protections (if any) that this binding element applied to the message.
+ Null if this binding element did not even apply to this binding element.
+
+
+ Implementations that provide message protection must honor the
+ properties where applicable.
+
+
+
+
+ Performs any transformation on an incoming message that may be necessary and/or
+ validates an incoming message based on the rules of this channel binding element.
+
+ The incoming message to process.
+
+ The protections (if any) that this binding element applied to the message.
+ Null if this binding element did not even apply to this binding element.
+
+
+ Thrown when the binding element rules indicate that this message is invalid and should
+ NOT be processed.
+
+
+ Implementations that provide message protection must honor the
+ properties where applicable.
+
+
+
+
+ Clones this instance.
+
+ The cloned instance.
+
+
+
+ Gets or sets the delegate that will initialize the non-serialized properties necessary on a
+ signable message so that its signature can be correctly calculated or verified.
+
+
+
+
+ Gets or sets the channel that this binding element belongs to.
+
+
+ This property is set by the channel when it is first constructed.
+
+
+
+
+ Gets the protection commonly offered (if any) by this binding element.
+
+
+ This value is used to assist in sorting binding elements in the channel stack.
+
+
+
+
+ Utility methods specific to OAuth feature reporting.
+
+
+
+
+ Records the feature and dependency use.
+
+ The consumer or service provider.
+ The service.
+ The token manager.
+ The nonce store.
+
+
+
+ An interface OAuth hosts must implement for persistent storage
+ and recall of tokens and secrets for an individual OAuth consumer
+ or service provider.
+
+
+
+
+ Gets the Token Secret given a request or access token.
+
+ The request or access token.
+ The secret associated with the given token.
+ Thrown if the secret cannot be found for the given token.
+
+
+
+ Stores a newly generated unauthorized request token, secret, and optional
+ application-specific parameters for later recall.
+
+ The request message that resulted in the generation of a new unauthorized request token.
+ The response message that includes the unauthorized request token.
+ Thrown if the consumer key is not registered, or a required parameter was not found in the parameters collection.
+
+ Request tokens stored by this method SHOULD NOT associate any user account with this token.
+ It usually opens up security holes in your application to do so. Instead, you associate a user
+ account with access tokens (not request tokens) in the
+ method.
+
+
+
+
+ Deletes a request token and its associated secret and stores a new access token and secret.
+
+ The Consumer that is exchanging its request token for an access token.
+ The Consumer's request token that should be deleted/expired.
+ The new access token that is being issued to the Consumer.
+ The secret associated with the newly issued access token.
+
+
+ Any scope of granted privileges associated with the request token from the
+ original call to should be carried over
+ to the new Access Token.
+
+
+ To associate a user account with the new access token,
+ HttpContext.Current.User may be
+ useful in an ASP.NET web application within the implementation of this method.
+ Alternatively you may store the access token here without associating with a user account,
+ and wait until WebConsumer.ProcessUserAuthorization or
+ DesktopConsumer.ProcessUserAuthorization return the access
+ token to associate the access token with a user account at that point.
+
+
+
+
+
+ Classifies a token as a request token or an access token.
+
+ The token to classify.
+ Request or Access token, or invalid if the token is not recognized.
+
+
+
+ The code contract class for the interface.
+
+
+
+
+ Prevents a default instance of the class from being created.
+
+
+
+
+ Gets the Token Secret given a request or access token.
+
+ The request or access token.
+
+ The secret associated with the given token.
+
+ Thrown if the secret cannot be found for the given token.
+
+
+
+ Stores a newly generated unauthorized request token, secret, and optional
+ application-specific parameters for later recall.
+
+ The request message that resulted in the generation of a new unauthorized request token.
+ The response message that includes the unauthorized request token.
+ Thrown if the consumer key is not registered, or a required parameter was not found in the parameters collection.
+
+ Request tokens stored by this method SHOULD NOT associate any user account with this token.
+ It usually opens up security holes in your application to do so. Instead, you associate a user
+ account with access tokens (not request tokens) in the
+ method.
+
+
+
+
+ Deletes a request token and its associated secret and stores a new access token and secret.
+
+ The Consumer that is exchanging its request token for an access token.
+ The Consumer's request token that should be deleted/expired.
+ The new access token that is being issued to the Consumer.
+ The secret associated with the newly issued access token.
+
+
+ Any scope of granted privileges associated with the request token from the
+ original call to should be carried over
+ to the new Access Token.
+
+
+ To associate a user account with the new access token,
+ HttpContext.Current.User may be
+ useful in an ASP.NET web application within the implementation of this method.
+ Alternatively you may store the access token here without associating with a user account,
+ and wait until WebConsumer.ProcessUserAuthorization or
+ DesktopConsumer.ProcessUserAuthorization return the access
+ token to associate the access token with a user account at that point.
+
+
+
+
+
+ Classifies a token as a request token or an access token.
+
+ The token to classify.
+
+ Request or Access token, or invalid if the token is not recognized.
+
+
+
+
+ Sets the HTTP Method property on a signed message before the signing module gets to it.
+
+
+
+
+ Prepares a message for sending based on the rules of this channel binding element.
+
+ The message to prepare for sending.
+
+ True if the applied to this binding element
+ and the operation was successful. False otherwise.
+
+
+
+
+ Performs any transformation on an incoming message that may be necessary and/or
+ validates an incoming message based on the rules of this channel binding element.
+
+ The incoming message to process.
+
+ True if the applied to this binding element
+ and the operation was successful. False if the operation did not apply to this message.
+
+
+ Thrown when the binding element rules indicate that this message is invalid and should
+ NOT be processed.
+
+
+
+
+ Gets the protection offered (if any) by this binding element.
+
+
+
+
+ Gets or sets the channel that this binding element belongs to.
+
+
+
+
+ A binding element that signs outgoing messages and verifies the signature on incoming messages.
+
+
+
+
+ A binding element that signs outgoing messages and verifies the signature on incoming messages.
+
+
+
+
+ The signature method this binding element uses.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The OAuth signature method that the binding element uses.
+
+
+
+ Creates a new object that is a copy of the current instance.
+
+
+ A new object that is a copy of this instance.
+
+
+
+
+ Signs the outgoing message.
+
+ The message to sign.
+
+ The protections (if any) that this binding element applied to the message.
+ Null if this binding element did not even apply to this binding element.
+
+
+
+
+ Verifies the signature on an incoming message.
+
+ The message whose signature should be verified.
+
+ The protections (if any) that this binding element applied to the message.
+ Null if this binding element did not even apply to this binding element.
+
+ Thrown if the signature is invalid.
+
+
+
+ Constructs the OAuth Signature Base String and returns the result.
+
+ The message.
+ The message to derive the signature base string from.
+ The signature base string.
+
+ This method implements OAuth 1.0 section 9.1.
+
+
+
+
+ Calculates a signature for a given message.
+
+ The message to sign.
+ The signature for the message.
+
+ This method signs the message per OAuth 1.0 section 9.2.
+
+
+
+
+ Gets the "ConsumerSecret&TokenSecret" string, allowing either property to be empty or null.
+
+ The message to extract the secrets from.
+ The concatenated string.
+
+
+
+ Determines whether the signature on some message is valid.
+
+ The message to check the signature on.
+
+ true if the signature on the message is valid; otherwise, false.
+
+
+
+
+ Clones this instance.
+
+ A new instance of the binding element.
+
+ Implementations of this method need not clone the SignatureVerificationCallback member, as the
+ class does this.
+
+
+
+
+ Calculates a signature for a given message.
+
+ The message to sign.
+ The signature for the message.
+
+
+
+ Checks whether this binding element applies to this message.
+
+ The message that needs to be signed.
+ True if this binding element can be used to sign the message. False otherwise.
+
+
+
+ Sorts parameters according to OAuth signature base string rules.
+
+ The first parameter to compare.
+ The second parameter to compare.
+ Negative, zero or positive.
+
+
+
+ Gets the message protection provided by this binding element.
+
+
+
+
+ Gets or sets the channel that this binding element belongs to.
+
+
+
+
+ Gets or sets the delegate that will initialize the non-serialized properties necessary on a signed
+ message so that its signature can be correctly calculated for verification.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Calculates a signature for a given message.
+
+ The message to sign.
+ The signature for the message.
+
+ This method signs the message according to OAuth 1.0 section 9.4.1.
+
+
+
+
+ Checks whether this binding element applies to this message.
+
+ The message that needs to be signed.
+ True if this binding element can be used to sign the message. False otherwise.
+
+
+
+ Clones this instance.
+
+ A new instance of the binding element.
+
+
+
+ A binding element that signs outgoing messages and verifies the signature on incoming messages.
+
+
+
+
+ Initializes a new instance of the class
+
+
+
+
+ Calculates a signature for a given message.
+
+ The message to sign.
+ The signature for the message.
+
+ This method signs the message per OAuth 1.0 section 9.2.
+
+
+
+
+ Clones this instance.
+
+ A new instance of the binding element.
+
+
+
+ Code Contract for the class.
+
+
+
+
+ Prevents a default instance of the SigningBindingElementBaseContract class from being created.
+
+
+
+
+ Clones this instance.
+
+ A new instance of the binding element.
+
+ Implementations of this method need not clone the SignatureVerificationCallback member, as the
+ class does this.
+
+
+
+
+ Calculates a signature for a given message.
+
+ The message to sign.
+ The signature for the message.
+
+
+
+ A tamper protection applying binding element that can use any of several given
+ binding elements to apply the protection.
+
+
+
+
+ The various signing binding elements that may be applicable to a message in preferred use order.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+ The signing binding elements that may be used for some outgoing message,
+ in preferred use order.
+
+
+
+
+ Prepares a message for sending based on the rules of this channel binding element.
+
+ The message to prepare for sending.
+
+ The protections (if any) that this binding element applied to the message.
+ Null if this binding element did not even apply to this binding element.
+
+
+
+
+ Performs any transformation on an incoming message that may be necessary and/or
+ validates an incoming message based on the rules of this channel binding element.
+
+ The incoming message to process.
+
+ The protections (if any) that this binding element applied to the message.
+ Null if this binding element did not even apply to this binding element.
+
+
+
+
+ Creates a new object that is a copy of the current instance.
+
+
+ A new object that is a copy of this instance.
+
+
+
+
+ Gets or sets the delegate that will initialize the non-serialized properties necessary on a signed
+ message so that its signature can be correctly calculated for verification.
+ May be null for Consumers (who never have to verify signatures).
+
+
+
+
+ Gets the protection offered (if any) by this binding element.
+
+
+
+
+ Gets or sets the channel that this binding element belongs to.
+
+
+
+
+ The two types of tokens that exist in the OAuth protocol.
+
+
+
+
+ A token that is freely issued to any known Consumer.
+ It does not grant any authorization to access protected resources,
+ but is used as a step in obtaining that access.
+
+
+
+
+ A token only obtained after the owner of some protected resource(s)
+ has approved a Consumer's access to said resource(s).
+
+
+
+
+ An unrecognized, expired or invalid token.
+
+
+
+
+ An URI encoder that translates null references as "oob"
+ instead of an empty/missing argument.
+
+
+
+
+ The string constant "oob", used to indicate an out-of-band configuration.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Encodes the specified value.
+
+ The value. Guaranteed to never be null.
+
+ The in string form, ready for message transport.
+
+
+
+
+ Decodes the specified value.
+
+ The string value carried by the transport. Guaranteed to never be null, although it may be empty.
+
+ The deserialized form of the given string.
+
+ Thrown when the string value given cannot be decoded into the required object type.
+
+
+
+ Gets the string representation to include in a serialized message
+ when the message part has a null value.
+
+
+
+
+
+ Security settings that are applicable to consumers.
+
+
+
+
+ Security settings that may be applicable to both consumers and service providers.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ An interface implemented by all OAuth messages that have a request or access token and secret properties.
+
+
+
+
+ An interface implemented by all OAuth messages that have a request or access token property.
+
+
+
+
+ Gets or sets the Request or Access Token.
+
+
+
+
+ Gets or sets the Request or Access Token secret.
+
+
+
+
+ A strongly-typed resource class, for looking up localized strings, etc.
+
+
+
+
+ Returns the cached ResourceManager instance used by this class.
+
+
+
+
+ Overrides the current thread's CurrentUICulture property for all
+ resource lookups using this strongly typed resource class.
+
+
+
+
+ Looks up a localized string similar to Cannot send access token to Consumer for request token '{0}' before it has been authorized..
+
+
+
+
+ Looks up a localized string similar to The access token '{0}' is invalid or expired..
+
+
+
+
+ Looks up a localized string similar to Failure looking up secret for consumer or token..
+
+
+
+
+ Looks up a localized string similar to oauth_verifier argument was incorrect..
+
+
+
+
+ Looks up a localized string similar to An invalid OAuth message received and discarded..
+
+
+
+
+ Looks up a localized string similar to The {0} message included extra data which is not allowed..
+
+
+
+
+ Looks up a localized string similar to This OAuth service provider requires OAuth consumers to implement OAuth {0}, but this consumer appears to only support {1}..
+
+
+
+
+ Looks up a localized string similar to Cannot send OAuth message as multipart POST without an authorization HTTP header because sensitive data would not be signed..
+
+
+
+
+ Looks up a localized string similar to Use of the OpenID+OAuth extension requires that the token manager in use implement the {0} interface..
+
+
+
+
+ Looks up a localized string similar to The OpenID Relying Party's realm is not recognized as belonging to the OAuth Consumer identified by the consumer key given..
+
+
+
+
+ Looks up a localized string similar to The request URL query MUST NOT contain any OAuth Protocol Parameters..
+
+
+
+
+ Looks up a localized string similar to The signing element already has been associated with a channel..
+
+
+
+
+ Looks up a localized string similar to All signing elements must offer the same message protection..
+
+
+
+
+ Looks up a localized string similar to A token in the message was not recognized by the service provider..
+
+
+
+
+ Looks up a localized string similar to The RSA-SHA1 signing binding element has not been set with a certificate for signing..
+
+
+
+
+ A description of the endpoints on a Service Provider.
+
+
+
+
+ The field used to store the value of the property.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Creates a signing element that includes all the signing elements this service provider supports.
+
+ The created signing element.
+
+
+
+ Gets or sets the OAuth version supported by the Service Provider.
+
+
+
+
+ Gets or sets the URL used to obtain an unauthorized Request Token,
+ described in Section 6.1 (Obtaining an Unauthorized Request Token).
+
+
+ The request URL query MUST NOT contain any OAuth Protocol Parameters.
+ This is the URL that messages are directed to.
+
+ Thrown if this property is set to a URI with OAuth protocol parameters.
+
+
+
+ Gets or sets the URL used to obtain User authorization for Consumer access,
+ described in Section 6.2 (Obtaining User Authorization).
+
+
+ This is the URL that messages are
+ indirectly (via the user agent) sent to.
+
+
+
+
+ Gets or sets the URL used to exchange the User-authorized Request Token
+ for an Access Token, described in Section 6.3 (Obtaining an Access Token).
+
+
+ This is the URL that messages are directed to.
+
+
+
+
+ Gets or sets the signing policies that apply to this Service Provider.
+
+
+
+
+ Gets the OAuth version supported by the Service Provider.
+
+
+
+
+ A base class for all signed OAuth messages.
+
+
+
+
+ A base class for all OAuth messages.
+
+
+
+
+ A store for extra name/value data pairs that are attached to this message.
+
+
+
+
+ Gets a value indicating whether signing this message is required.
+
+
+
+
+ Gets a value indicating whether this is a direct or indirect message.
+
+
+
+
+ The URI to the remote endpoint to send this message to.
+
+
+
+
+ Backing store for the properties.
+
+
+
+
+ Backing store for the properties.
+
+
+
+
+ Initializes a new instance of the class for direct response messages.
+
+ The level of protection the message requires.
+ The request that asked for this direct response.
+ The OAuth version.
+
+
+
+ Initializes a new instance of the class for direct requests or indirect messages.
+
+ The level of protection the message requires.
+ A value indicating whether this message requires a direct or indirect transport.
+ The URI that a directed message will be delivered to.
+ The OAuth version.
+
+
+
+ Checks the message state for conformity to the protocol specification
+ and throws an exception if the message is invalid.
+
+
+
+
+ Returns a human-friendly string describing the message and all serializable properties.
+
+ The channel that will carry this message.
+
+ The string representation of this object.
+
+
+
+
+ Sets a flag indicating that this message is received (as opposed to sent).
+
+
+
+
+ Checks the message state for conformity to the protocol specification
+ and throws an exception if the message is invalid.
+
+
+
+
+ Gets the version of the protocol this message is prepared to implement.
+
+
+
+
+ Gets the level of protection this message requires.
+
+
+
+
+ Gets a value indicating whether this is a direct or indirect message.
+
+
+
+
+ Gets the dictionary of additional name/value fields tacked on to this message.
+
+
+
+
+ Gets the URI to the Service Provider endpoint to send this message to.
+
+
+
+
+ Gets the preferred method of transport for the message.
+
+
+
+
+ Gets the originating request message that caused this response to be formed.
+
+
+
+
+ Gets or sets a value indicating whether security sensitive strings are
+ emitted from the ToString() method.
+
+
+
+
+ Gets a value indicating whether this message was deserialized as an incoming message.
+
+
+
+
+ Gets the version of the protocol this message is prepared to implement.
+
+
+
+
+ Gets the level of protection this message requires.
+
+
+
+
+ Gets a value indicating whether this is a direct or indirect message.
+
+
+
+
+ Gets the dictionary of additional name/value fields tacked on to this message.
+
+
+
+
+ Gets the preferred method of transport for the message.
+
+
+
+
+ Gets or sets the URI to the Service Provider endpoint to send this message to.
+
+
+
+
+ Gets the originating request message that caused this response to be formed.
+
+
+
+
+ An interface that OAuth messages implement to support signing.
+
+
+
+
+ Gets or sets the method used to sign the message.
+
+
+
+
+ Gets or sets the Token Secret used to sign the message.
+
+
+
+
+ Gets or sets the Consumer key.
+
+
+
+
+ Gets or sets the Consumer Secret used to sign the message.
+
+
+
+
+ Gets or sets the HTTP method that will be used to transmit the message.
+
+
+
+
+ Gets or sets the URL of the intended receiver of this message.
+
+
+
+
+ The reference date and time for calculating time stamps.
+
+
+
+
+ The number of seconds since 1/1/1970, consistent with the OAuth timestamp requirement.
+
+
+
+
+ Initializes a new instance of the class.
+
+ A value indicating whether this message requires a direct or indirect transport.
+ The URI that a directed message will be delivered to.
+ The OAuth version.
+
+
+
+ Gets or sets the signature method used to sign the request.
+
+
+
+
+ Gets or sets the Token Secret used to sign the message.
+
+
+
+
+ Gets or sets the Consumer key.
+
+
+
+
+ Gets or sets the Consumer Secret used to sign the message.
+
+
+
+
+ Gets or sets the HTTP method that will be used to transmit the message.
+
+
+
+
+ Gets or sets the URI to the Service Provider endpoint to send this message to.
+
+
+
+
+ Gets or sets the message signature.
+
+
+
+
+ Gets or sets the OAuth timestamp of the message.
+
+
+
+
+ Gets the context within which the nonce must be unique.
+
+ The consumer key.
+
+
+
+ Gets or sets the message nonce used for replay detection.
+
+
+
+
+ Gets or sets the original message parts, before any normalization or default values were assigned.
+
+
+
+
+ Gets or sets the original message parts, before any normalization or default values were assigned.
+
+
+
+
+ Gets or sets the signature method used to sign the request.
+
+
+
+
+ Gets or sets the Token Secret used to sign the message.
+
+
+
+
+ Gets or sets the Consumer Secret used to sign the message.
+
+
+
+
+ Gets or sets the HTTP method that will be used to transmit the message.
+
+
+
+
+ Gets or sets the message signature.
+
+
+
+
+ Gets or sets the version of the protocol this message was created with.
+
+
+
+
+ Security settings that are applicable to service providers.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Gets or sets the minimum required version of OAuth that must be implemented by a Consumer.
+
+
+
+
+ Gets or sets the maximum time a user can take to complete authorization.
+
+
+ This time limit serves as a security mitigation against brute force attacks to
+ compromise (unauthorized or authorized) request tokens.
+ Longer time limits is more friendly to slow users or consumers, while shorter
+ time limits provide better security.
+
+
+
+
+ A direct message sent by the Consumer to exchange an authorized Request Token
+ for an Access Token and Token Secret.
+
+
+ The class is sealed because the OAuth spec forbids adding parameters to this message.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The URI of the Service Provider endpoint to send this message to.
+ The OAuth version.
+
+
+
+ Checks the message state for conformity to the protocol specification
+ and throws an exception if the message is invalid.
+
+
+
+
+ Gets or sets the Token.
+
+
+
+
+ Gets or sets the verification code received by the Consumer from the Service Provider
+ in the property.
+
+
+
+
+ Gets or sets the authorized Request Token used to obtain authorization.
+
+
+
+
+ A message attached to a request for protected resources that provides the necessary
+ credentials to be granted access to those resources.
+
+
+
+
+ A store for the binary data that is carried in the message.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The URI of the Service Provider endpoint to send this message to.
+ The OAuth version.
+
+
+
+ Gets or sets the Token.
+
+
+
+
+ Gets or sets the Access Token.
+
+
+ In addition to just allowing OAuth to verify a valid message,
+ this property is useful on the Service Provider to verify that the access token
+ has proper authorization for the resource being requested, and to know the
+ context around which user provided the authorization.
+
+
+
+
+ Gets the parts of the message that carry binary data.
+
+ A list of parts. Never null.
+
+
+
+ Gets a value indicating whether this message should be sent as multi-part POST.
+
+
+
+
+ A direct message sent from Service Provider to Consumer in response to
+ a Consumer's request.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The originating request.
+
+
+
+ Gets or sets the Access Token assigned by the Service Provider.
+
+
+
+
+ Gets or sets the Request or Access Token.
+
+
+
+
+ Gets or sets the Request or Access Token secret.
+
+
+
+
+ Gets the extra, non-OAuth parameters that will be included in the message.
+
+
+
+
+ Gets or sets the Token Secret.
+
+
+
+
+ A message used to redirect the user from a Service Provider to a Consumer's web site.
+
+
+ The class is sealed because extra parameters are determined by the callback URI provided by the Consumer.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The URI of the Consumer endpoint to send this message to.
+ The OAuth version.
+
+
+
+ Gets or sets the Request or Access Token.
+
+
+
+
+ Gets or sets the verification code that must accompany the request to exchange the
+ authorized request token for an access token.
+
+ An unguessable value passed to the Consumer via the User and REQUIRED to complete the process.
+
+ If the Consumer did not provide a callback URL, the Service Provider SHOULD display the value of the
+ verification code, and instruct the User to manually inform the Consumer that authorization is
+ completed. If the Service Provider knows a Consumer to be running on a mobile device or set-top box,
+ the Service Provider SHOULD ensure that the verifier value is suitable for manual entry.
+
+
+
+
+ Gets or sets the Request Token.
+
+
+
+
+ A message used to redirect the user from a Consumer to a Service Provider's web site
+ so the Service Provider can ask the user to authorize the Consumer's access to some
+ protected resource(s).
+
+
+
+
+ Initializes a new instance of the class.
+
+ The URI of the Service Provider endpoint to send this message to.
+ The request token.
+ The OAuth version.
+
+
+
+ Initializes a new instance of the class.
+
+ The URI of the Service Provider endpoint to send this message to.
+ The OAuth version.
+
+
+
+ Gets or sets the Request or Access Token.
+
+
+
+
+ Gets the extra, non-OAuth parameters that will be included in the message.
+
+
+
+
+ Gets a value indicating whether this is a safe OAuth authorization request.
+
+ true if the Consumer is using OAuth 1.0a or later; otherwise, false.
+
+
+
+ Gets or sets the Request Token obtained in the previous step.
+
+
+ The Service Provider MAY declare this parameter as REQUIRED, or
+ accept requests to the User Authorization URL without it, in which
+ case it will prompt the User to enter it manually.
+
+
+
+
+ Gets or sets a URL the Service Provider will use to redirect the User back
+ to the Consumer when Obtaining User Authorization is complete. Optional.
+
+
+
+
+ A direct message sent from Service Provider to Consumer in response to
+ a Consumer's request.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The unauthorized request token message that this message is being generated in response to.
+ The request token.
+ The token secret.
+
+ This constructor is used by the Service Provider to send the message.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The originating request.
+ The OAuth version.
+ This constructor is used by the consumer to deserialize the message.
+
+
+
+ Gets or sets the Request or Access Token.
+
+
+
+
+ Gets or sets the Request or Access Token secret.
+
+
+
+
+ Gets the extra, non-OAuth parameters that will be included in the message.
+
+
+
+
+ Gets or sets the Request Token.
+
+
+
+
+ Gets the original request for an unauthorized token.
+
+
+
+
+ Gets or sets the Token Secret.
+
+
+
+
+ Gets a value indicating whether the Service Provider recognized the callback parameter in the request.
+
+
+
+
+ An OAuth-specific implementation of the class.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The binding element to use for signing.
+ The ITokenManager instance to use.
+ The security settings.
+ An injected message type provider instance.
+ Except for mock testing, this should always be one of
+ OAuthConsumerMessageFactory or OAuthServiceProviderMessageFactory.
+ The binding elements.
+
+
+
+ Uri-escapes the names and values in a dictionary per OAuth 1.0 section 5.1.
+
+ The message with data to encode.
+ A dictionary of name-value pairs with their strings encoded.
+
+
+
+ Initializes a web request for sending by attaching a message to it.
+ Use this method to prepare a protected resource request that you do NOT
+ expect an OAuth message response to.
+
+ The message to attach.
+ The initialized web request.
+
+
+
+ Initializes the binding elements for the OAuth channel.
+
+ The signing binding element.
+ The nonce store.
+
+ An array of binding elements used to initialize the channel.
+
+
+
+
+ Searches an incoming HTTP request for data that could be used to assemble
+ a protocol request message.
+
+ The HTTP request to search.
+ The deserialized message, if one is found. Null otherwise.
+
+
+
+ Gets the protocol message that may be in the given HTTP response.
+
+ The response that is anticipated to contain an protocol message.
+
+ The deserialized message parts, if found. Null otherwise.
+
+
+
+
+ Prepares an HTTP request that carries a given message.
+
+ The message to send.
+
+ The prepared to send the request.
+
+
+
+
+ Queues a message for sending in the response stream where the fields
+ are sent in the response stream in querystring style.
+
+ The message to send as a response.
+ The pending user agent redirect based message to be sent as an HttpResponse.
+
+ This method implements spec V1.0 section 5.3.
+
+
+
+
+ Gets the consumer secret for a given consumer key.
+
+ The consumer key.
+ A consumer secret.
+
+
+
+ Uri-escapes the names and values in a dictionary per OAuth 1.0 section 5.1.
+
+ The dictionary with names and values to encode.
+ The dictionary to add the encoded pairs to.
+
+
+
+ Gets the HTTP method to use for a message.
+
+ The message.
+ "POST", "GET" or some other similar http verb.
+
+
+
+ Prepares to send a request to the Service Provider via the Authorization header.
+
+ The message to be transmitted to the ServiceProvider.
+ The web request ready to send.
+
+ If the message has non-empty ExtraData in it, the request stream is sent to
+ the server automatically. If it is empty, the request stream must be sent by the caller.
+ This method implements OAuth 1.0 section 5.2, item #1 (described in section 5.4).
+
+
+
+
+ Fills out the secrets in a message so that signing/verification can be performed.
+
+ The message about to be signed or whose signature is about to be verified.
+
+
+
+ Gets or sets the Consumer web application path.
+
+
+
+
+ Gets the token manager being used.
+
+
+
+
+ A direct message sent from Consumer to Service Provider to request a Request Token.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The URI of the Service Provider endpoint to send this message to.
+ The OAuth version.
+
+
+
+ Gets or sets the absolute URL to which the Service Provider will redirect the
+ User back when the Obtaining User Authorization step is completed.
+
+
+ The callback URL; or null if the Consumer is unable to receive
+ callbacks or a callback URL has been established via other means.
+
+
+
+
+ Gets the extra, non-OAuth parameters that will be included in the message.
+
+
+
+
+ A binding element that signs outgoing messages and verifies the signature on incoming messages.
+
+
+
+
+ The name of the hash algorithm to use.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ An enumeration of the OAuth protocol versions supported by this library.
+
+
+
+
+ OAuth 1.0 specification
+
+
+
+
+ OAuth 1.0a specification
+
+
+
+
+ Constants used in the OAuth protocol.
+
+
+ OAuth Protocol Parameter names and values are case sensitive. Each OAuth Protocol Parameters MUST NOT appear more than once per request, and are REQUIRED unless otherwise noted,
+ per OAuth 1.0 section 5.
+
+
+
+
+ The namespace to use for V1.0 of the protocol.
+
+
+
+
+ The prefix used for all key names in the protocol.
+
+
+
+
+ The string representation of a instance to be used to represent OAuth 1.0a.
+
+
+
+
+ The scheme to use in Authorization header message requests.
+
+
+
+
+ Gets the instance with values initialized for V1.0 of the protocol.
+
+
+
+
+ Gets the instance with values initialized for V1.0a of the protocol.
+
+
+
+
+ A list of all supported OAuth versions, in order starting from newest version.
+
+
+
+
+ The default (or most recent) supported version of the OAuth protocol.
+
+
+
+
+ The namespace to use for this version of the protocol.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Gets the OAuth Protocol instance to use for the given version.
+
+ The OAuth version to get.
+ A matching instance.
+
+
+
+ Gets the OAuth Protocol instance to use for the given version.
+
+ The OAuth version to get.
+ A matching instance.
+
+
+
+ Gets the OAuth version this instance represents.
+
+
+
+
+ Gets the version to declare on the wire.
+
+
+
+
+ Gets the enum value for the instance.
+
+
+
+
+ Gets the namespace to use for this version of the protocol.
+
+
+
+
diff --git a/PROJ-ETS/packages/DotNetOpenAuth.OAuth.Core.4.3.0.13117/lib/net40-full/DotNetOpenAuth.OAuth.dll b/PROJ-ETS/packages/DotNetOpenAuth.OAuth.Core.4.3.0.13117/lib/net40-full/DotNetOpenAuth.OAuth.dll
new file mode 100644
index 0000000..90afc7e
Binary files /dev/null and b/PROJ-ETS/packages/DotNetOpenAuth.OAuth.Core.4.3.0.13117/lib/net40-full/DotNetOpenAuth.OAuth.dll differ
diff --git a/PROJ-ETS/packages/DotNetOpenAuth.OAuth.Core.4.3.0.13117/lib/net40-full/DotNetOpenAuth.OAuth.xml b/PROJ-ETS/packages/DotNetOpenAuth.OAuth.Core.4.3.0.13117/lib/net40-full/DotNetOpenAuth.OAuth.xml
new file mode 100644
index 0000000..6bfe90e
--- /dev/null
+++ b/PROJ-ETS/packages/DotNetOpenAuth.OAuth.Core.4.3.0.13117/lib/net40-full/DotNetOpenAuth.OAuth.xml
@@ -0,0 +1,1858 @@
+
+
+
+ DotNetOpenAuth.OAuth
+
+
+
+
+ Represents the <oauth/consumer> element in the host's .config file.
+
+
+
+
+ Gets the name of the security sub-element.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Gets or sets the security settings.
+
+
+
+
+ Security settings that are applicable to consumers.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Initializes a programmatically manipulatable bag of these security settings with the settings from the config file.
+
+ The newly created security settings object.
+
+
+
+ Represents the <oauth> element in the host's .config file.
+
+
+
+
+ The name of the oauth section.
+
+
+
+
+ The name of the <consumer> sub-element.
+
+
+
+
+ The name of the <serviceProvider> sub-element.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Gets the configuration section from the .config file.
+
+
+
+
+ Gets or sets the configuration specific for Consumers.
+
+
+
+
+ Gets or sets the configuration specific for Service Providers.
+
+
+
+
+ Represents the <oauth/serviceProvider> element in the host's .config file.
+
+
+
+
+ The name of the custom store sub-element.
+
+
+
+
+ Gets the name of the security sub-element.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Gets or sets the type to use for storing application state.
+
+
+
+
+ Gets or sets the security settings.
+
+
+
+
+ Security settings that are applicable to service providers.
+
+
+
+
+ Gets the name of the @minimumRequiredOAuthVersion attribute.
+
+
+
+
+ Gets the name of the @maxAuthorizationTime attribute.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Initializes a programmatically manipulatable bag of these security settings with the settings from the config file.
+
+ The newly created security settings object.
+
+
+
+ Gets or sets the minimum OAuth version a Consumer is required to support in order for this library to interoperate with it.
+
+
+ Although the earliest versions of OAuth are supported, for security reasons it may be desirable to require the
+ remote party to support a later version of OAuth.
+
+
+
+
+ Gets or sets the maximum time a user can take to complete authorization.
+
+
+ This time limit serves as a security mitigation against brute force attacks to
+ compromise (unauthorized or authorized) request tokens.
+ Longer time limits is more friendly to slow users or consumers, while shorter
+ time limits provide better security.
+
+
+
+
+ An interface that must be implemented by message transforms/validators in order
+ to be included in the channel stack.
+
+
+
+
+ Clones this instance.
+
+ The cloned instance.
+
+
+
+ Gets or sets the delegate that will initialize the non-serialized properties necessary on a
+ signable message so that its signature can be correctly calculated or verified.
+
+
+
+
+ Contract class for the interface.
+
+
+
+
+ Prepares a message for sending based on the rules of this channel binding element.
+
+ The message to prepare for sending.
+
+ The protections (if any) that this binding element applied to the message.
+ Null if this binding element did not even apply to this binding element.
+
+
+ Implementations that provide message protection must honor the
+ properties where applicable.
+
+
+
+
+ Performs any transformation on an incoming message that may be necessary and/or
+ validates an incoming message based on the rules of this channel binding element.
+
+ The incoming message to process.
+
+ The protections (if any) that this binding element applied to the message.
+ Null if this binding element did not even apply to this binding element.
+
+
+ Thrown when the binding element rules indicate that this message is invalid and should
+ NOT be processed.
+
+
+ Implementations that provide message protection must honor the
+ properties where applicable.
+
+
+
+
+ Clones this instance.
+
+ The cloned instance.
+
+
+
+ Gets or sets the delegate that will initialize the non-serialized properties necessary on a
+ signable message so that its signature can be correctly calculated or verified.
+
+
+
+
+ Gets or sets the channel that this binding element belongs to.
+
+
+ This property is set by the channel when it is first constructed.
+
+
+
+
+ Gets the protection commonly offered (if any) by this binding element.
+
+
+ This value is used to assist in sorting binding elements in the channel stack.
+
+
+
+
+ Utility methods specific to OAuth feature reporting.
+
+
+
+
+ Records the feature and dependency use.
+
+ The consumer or service provider.
+ The service.
+ The token manager.
+ The nonce store.
+
+
+
+ An interface OAuth hosts must implement for persistent storage
+ and recall of tokens and secrets for an individual OAuth consumer
+ or service provider.
+
+
+
+
+ Gets the Token Secret given a request or access token.
+
+ The request or access token.
+ The secret associated with the given token.
+ Thrown if the secret cannot be found for the given token.
+
+
+
+ Stores a newly generated unauthorized request token, secret, and optional
+ application-specific parameters for later recall.
+
+ The request message that resulted in the generation of a new unauthorized request token.
+ The response message that includes the unauthorized request token.
+ Thrown if the consumer key is not registered, or a required parameter was not found in the parameters collection.
+
+ Request tokens stored by this method SHOULD NOT associate any user account with this token.
+ It usually opens up security holes in your application to do so. Instead, you associate a user
+ account with access tokens (not request tokens) in the
+ method.
+
+
+
+
+ Deletes a request token and its associated secret and stores a new access token and secret.
+
+ The Consumer that is exchanging its request token for an access token.
+ The Consumer's request token that should be deleted/expired.
+ The new access token that is being issued to the Consumer.
+ The secret associated with the newly issued access token.
+
+
+ Any scope of granted privileges associated with the request token from the
+ original call to should be carried over
+ to the new Access Token.
+
+
+ To associate a user account with the new access token,
+ HttpContext.Current.User may be
+ useful in an ASP.NET web application within the implementation of this method.
+ Alternatively you may store the access token here without associating with a user account,
+ and wait until WebConsumer.ProcessUserAuthorization or
+ DesktopConsumer.ProcessUserAuthorization return the access
+ token to associate the access token with a user account at that point.
+
+
+
+
+
+ Classifies a token as a request token or an access token.
+
+ The token to classify.
+ Request or Access token, or invalid if the token is not recognized.
+
+
+
+ The code contract class for the interface.
+
+
+
+
+ Prevents a default instance of the class from being created.
+
+
+
+
+ Gets the Token Secret given a request or access token.
+
+ The request or access token.
+
+ The secret associated with the given token.
+
+ Thrown if the secret cannot be found for the given token.
+
+
+
+ Stores a newly generated unauthorized request token, secret, and optional
+ application-specific parameters for later recall.
+
+ The request message that resulted in the generation of a new unauthorized request token.
+ The response message that includes the unauthorized request token.
+ Thrown if the consumer key is not registered, or a required parameter was not found in the parameters collection.
+
+ Request tokens stored by this method SHOULD NOT associate any user account with this token.
+ It usually opens up security holes in your application to do so. Instead, you associate a user
+ account with access tokens (not request tokens) in the
+ method.
+
+
+
+
+ Deletes a request token and its associated secret and stores a new access token and secret.
+
+ The Consumer that is exchanging its request token for an access token.
+ The Consumer's request token that should be deleted/expired.
+ The new access token that is being issued to the Consumer.
+ The secret associated with the newly issued access token.
+
+
+ Any scope of granted privileges associated with the request token from the
+ original call to should be carried over
+ to the new Access Token.
+
+
+ To associate a user account with the new access token,
+ HttpContext.Current.User may be
+ useful in an ASP.NET web application within the implementation of this method.
+ Alternatively you may store the access token here without associating with a user account,
+ and wait until WebConsumer.ProcessUserAuthorization or
+ DesktopConsumer.ProcessUserAuthorization return the access
+ token to associate the access token with a user account at that point.
+
+
+
+
+
+ Classifies a token as a request token or an access token.
+
+ The token to classify.
+
+ Request or Access token, or invalid if the token is not recognized.
+
+
+
+
+ Sets the HTTP Method property on a signed message before the signing module gets to it.
+
+
+
+
+ Prepares a message for sending based on the rules of this channel binding element.
+
+ The message to prepare for sending.
+
+ True if the applied to this binding element
+ and the operation was successful. False otherwise.
+
+
+
+
+ Performs any transformation on an incoming message that may be necessary and/or
+ validates an incoming message based on the rules of this channel binding element.
+
+ The incoming message to process.
+
+ True if the applied to this binding element
+ and the operation was successful. False if the operation did not apply to this message.
+
+
+ Thrown when the binding element rules indicate that this message is invalid and should
+ NOT be processed.
+
+
+
+
+ Gets the protection offered (if any) by this binding element.
+
+
+
+
+ Gets or sets the channel that this binding element belongs to.
+
+
+
+
+ A binding element that signs outgoing messages and verifies the signature on incoming messages.
+
+
+
+
+ A binding element that signs outgoing messages and verifies the signature on incoming messages.
+
+
+
+
+ The signature method this binding element uses.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The OAuth signature method that the binding element uses.
+
+
+
+ Creates a new object that is a copy of the current instance.
+
+
+ A new object that is a copy of this instance.
+
+
+
+
+ Signs the outgoing message.
+
+ The message to sign.
+
+ The protections (if any) that this binding element applied to the message.
+ Null if this binding element did not even apply to this binding element.
+
+
+
+
+ Verifies the signature on an incoming message.
+
+ The message whose signature should be verified.
+
+ The protections (if any) that this binding element applied to the message.
+ Null if this binding element did not even apply to this binding element.
+
+ Thrown if the signature is invalid.
+
+
+
+ Constructs the OAuth Signature Base String and returns the result.
+
+ The message.
+ The message to derive the signature base string from.
+ The signature base string.
+
+ This method implements OAuth 1.0 section 9.1.
+
+
+
+
+ Calculates a signature for a given message.
+
+ The message to sign.
+ The signature for the message.
+
+ This method signs the message per OAuth 1.0 section 9.2.
+
+
+
+
+ Gets the "ConsumerSecret&TokenSecret" string, allowing either property to be empty or null.
+
+ The message to extract the secrets from.
+ The concatenated string.
+
+
+
+ Determines whether the signature on some message is valid.
+
+ The message to check the signature on.
+
+ true if the signature on the message is valid; otherwise, false.
+
+
+
+
+ Clones this instance.
+
+ A new instance of the binding element.
+
+ Implementations of this method need not clone the SignatureVerificationCallback member, as the
+ class does this.
+
+
+
+
+ Calculates a signature for a given message.
+
+ The message to sign.
+ The signature for the message.
+
+
+
+ Checks whether this binding element applies to this message.
+
+ The message that needs to be signed.
+ True if this binding element can be used to sign the message. False otherwise.
+
+
+
+ Sorts parameters according to OAuth signature base string rules.
+
+ The first parameter to compare.
+ The second parameter to compare.
+ Negative, zero or positive.
+
+
+
+ Gets the message protection provided by this binding element.
+
+
+
+
+ Gets or sets the channel that this binding element belongs to.
+
+
+
+
+ Gets or sets the delegate that will initialize the non-serialized properties necessary on a signed
+ message so that its signature can be correctly calculated for verification.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Calculates a signature for a given message.
+
+ The message to sign.
+ The signature for the message.
+
+ This method signs the message according to OAuth 1.0 section 9.4.1.
+
+
+
+
+ Checks whether this binding element applies to this message.
+
+ The message that needs to be signed.
+ True if this binding element can be used to sign the message. False otherwise.
+
+
+
+ Clones this instance.
+
+ A new instance of the binding element.
+
+
+
+ A binding element that signs outgoing messages and verifies the signature on incoming messages.
+
+
+
+
+ Initializes a new instance of the class
+
+
+
+
+ Calculates a signature for a given message.
+
+ The message to sign.
+ The signature for the message.
+
+ This method signs the message per OAuth 1.0 section 9.2.
+
+
+
+
+ Clones this instance.
+
+ A new instance of the binding element.
+
+
+
+ Code Contract for the class.
+
+
+
+
+ Prevents a default instance of the SigningBindingElementBaseContract class from being created.
+
+
+
+
+ Clones this instance.
+
+ A new instance of the binding element.
+
+ Implementations of this method need not clone the SignatureVerificationCallback member, as the
+ class does this.
+
+
+
+
+ Calculates a signature for a given message.
+
+ The message to sign.
+ The signature for the message.
+
+
+
+ A tamper protection applying binding element that can use any of several given
+ binding elements to apply the protection.
+
+
+
+
+ The various signing binding elements that may be applicable to a message in preferred use order.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+ The signing binding elements that may be used for some outgoing message,
+ in preferred use order.
+
+
+
+
+ Prepares a message for sending based on the rules of this channel binding element.
+
+ The message to prepare for sending.
+
+ The protections (if any) that this binding element applied to the message.
+ Null if this binding element did not even apply to this binding element.
+
+
+
+
+ Performs any transformation on an incoming message that may be necessary and/or
+ validates an incoming message based on the rules of this channel binding element.
+
+ The incoming message to process.
+
+ The protections (if any) that this binding element applied to the message.
+ Null if this binding element did not even apply to this binding element.
+
+
+
+
+ Creates a new object that is a copy of the current instance.
+
+
+ A new object that is a copy of this instance.
+
+
+
+
+ Gets or sets the delegate that will initialize the non-serialized properties necessary on a signed
+ message so that its signature can be correctly calculated for verification.
+ May be null for Consumers (who never have to verify signatures).
+
+
+
+
+ Gets the protection offered (if any) by this binding element.
+
+
+
+
+ Gets or sets the channel that this binding element belongs to.
+
+
+
+
+ The two types of tokens that exist in the OAuth protocol.
+
+
+
+
+ A token that is freely issued to any known Consumer.
+ It does not grant any authorization to access protected resources,
+ but is used as a step in obtaining that access.
+
+
+
+
+ A token only obtained after the owner of some protected resource(s)
+ has approved a Consumer's access to said resource(s).
+
+
+
+
+ An unrecognized, expired or invalid token.
+
+
+
+
+ An URI encoder that translates null references as "oob"
+ instead of an empty/missing argument.
+
+
+
+
+ The string constant "oob", used to indicate an out-of-band configuration.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Encodes the specified value.
+
+ The value. Guaranteed to never be null.
+
+ The in string form, ready for message transport.
+
+
+
+
+ Decodes the specified value.
+
+ The string value carried by the transport. Guaranteed to never be null, although it may be empty.
+
+ The deserialized form of the given string.
+
+ Thrown when the string value given cannot be decoded into the required object type.
+
+
+
+ Gets the string representation to include in a serialized message
+ when the message part has a null value.
+
+
+
+
+
+ Security settings that are applicable to consumers.
+
+
+
+
+ Security settings that may be applicable to both consumers and service providers.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ An interface implemented by all OAuth messages that have a request or access token and secret properties.
+
+
+
+
+ An interface implemented by all OAuth messages that have a request or access token property.
+
+
+
+
+ Gets or sets the Request or Access Token.
+
+
+
+
+ Gets or sets the Request or Access Token secret.
+
+
+
+
+ A strongly-typed resource class, for looking up localized strings, etc.
+
+
+
+
+ Returns the cached ResourceManager instance used by this class.
+
+
+
+
+ Overrides the current thread's CurrentUICulture property for all
+ resource lookups using this strongly typed resource class.
+
+
+
+
+ Looks up a localized string similar to Cannot send access token to Consumer for request token '{0}' before it has been authorized..
+
+
+
+
+ Looks up a localized string similar to The access token '{0}' is invalid or expired..
+
+
+
+
+ Looks up a localized string similar to Failure looking up secret for consumer or token..
+
+
+
+
+ Looks up a localized string similar to oauth_verifier argument was incorrect..
+
+
+
+
+ Looks up a localized string similar to An invalid OAuth message received and discarded..
+
+
+
+
+ Looks up a localized string similar to The {0} message included extra data which is not allowed..
+
+
+
+
+ Looks up a localized string similar to This OAuth service provider requires OAuth consumers to implement OAuth {0}, but this consumer appears to only support {1}..
+
+
+
+
+ Looks up a localized string similar to Cannot send OAuth message as multipart POST without an authorization HTTP header because sensitive data would not be signed..
+
+
+
+
+ Looks up a localized string similar to Use of the OpenID+OAuth extension requires that the token manager in use implement the {0} interface..
+
+
+
+
+ Looks up a localized string similar to The OpenID Relying Party's realm is not recognized as belonging to the OAuth Consumer identified by the consumer key given..
+
+
+
+
+ Looks up a localized string similar to The request URL query MUST NOT contain any OAuth Protocol Parameters..
+
+
+
+
+ Looks up a localized string similar to The signing element already has been associated with a channel..
+
+
+
+
+ Looks up a localized string similar to All signing elements must offer the same message protection..
+
+
+
+
+ Looks up a localized string similar to A token in the message was not recognized by the service provider..
+
+
+
+
+ Looks up a localized string similar to The RSA-SHA1 signing binding element has not been set with a certificate for signing..
+
+
+
+
+ A description of the endpoints on a Service Provider.
+
+
+
+
+ The field used to store the value of the property.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Creates a signing element that includes all the signing elements this service provider supports.
+
+ The created signing element.
+
+
+
+ Gets or sets the OAuth version supported by the Service Provider.
+
+
+
+
+ Gets or sets the URL used to obtain an unauthorized Request Token,
+ described in Section 6.1 (Obtaining an Unauthorized Request Token).
+
+
+ The request URL query MUST NOT contain any OAuth Protocol Parameters.
+ This is the URL that messages are directed to.
+
+ Thrown if this property is set to a URI with OAuth protocol parameters.
+
+
+
+ Gets or sets the URL used to obtain User authorization for Consumer access,
+ described in Section 6.2 (Obtaining User Authorization).
+
+
+ This is the URL that messages are
+ indirectly (via the user agent) sent to.
+
+
+
+
+ Gets or sets the URL used to exchange the User-authorized Request Token
+ for an Access Token, described in Section 6.3 (Obtaining an Access Token).
+
+
+ This is the URL that messages are directed to.
+
+
+
+
+ Gets or sets the signing policies that apply to this Service Provider.
+
+
+
+
+ Gets the OAuth version supported by the Service Provider.
+
+
+
+
+ A base class for all signed OAuth messages.
+
+
+
+
+ A base class for all OAuth messages.
+
+
+
+
+ A store for extra name/value data pairs that are attached to this message.
+
+
+
+
+ Gets a value indicating whether signing this message is required.
+
+
+
+
+ Gets a value indicating whether this is a direct or indirect message.
+
+
+
+
+ The URI to the remote endpoint to send this message to.
+
+
+
+
+ Backing store for the properties.
+
+
+
+
+ Backing store for the properties.
+
+
+
+
+ Initializes a new instance of the class for direct response messages.
+
+ The level of protection the message requires.
+ The request that asked for this direct response.
+ The OAuth version.
+
+
+
+ Initializes a new instance of the class for direct requests or indirect messages.
+
+ The level of protection the message requires.
+ A value indicating whether this message requires a direct or indirect transport.
+ The URI that a directed message will be delivered to.
+ The OAuth version.
+
+
+
+ Checks the message state for conformity to the protocol specification
+ and throws an exception if the message is invalid.
+
+
+
+
+ Returns a human-friendly string describing the message and all serializable properties.
+
+ The channel that will carry this message.
+
+ The string representation of this object.
+
+
+
+
+ Sets a flag indicating that this message is received (as opposed to sent).
+
+
+
+
+ Checks the message state for conformity to the protocol specification
+ and throws an exception if the message is invalid.
+
+
+
+
+ Gets the version of the protocol this message is prepared to implement.
+
+
+
+
+ Gets the level of protection this message requires.
+
+
+
+
+ Gets a value indicating whether this is a direct or indirect message.
+
+
+
+
+ Gets the dictionary of additional name/value fields tacked on to this message.
+
+
+
+
+ Gets the URI to the Service Provider endpoint to send this message to.
+
+
+
+
+ Gets the preferred method of transport for the message.
+
+
+
+
+ Gets the originating request message that caused this response to be formed.
+
+
+
+
+ Gets or sets a value indicating whether security sensitive strings are
+ emitted from the ToString() method.
+
+
+
+
+ Gets a value indicating whether this message was deserialized as an incoming message.
+
+
+
+
+ Gets the version of the protocol this message is prepared to implement.
+
+
+
+
+ Gets the level of protection this message requires.
+
+
+
+
+ Gets a value indicating whether this is a direct or indirect message.
+
+
+
+
+ Gets the dictionary of additional name/value fields tacked on to this message.
+
+
+
+
+ Gets the preferred method of transport for the message.
+
+
+
+
+ Gets or sets the URI to the Service Provider endpoint to send this message to.
+
+
+
+
+ Gets the originating request message that caused this response to be formed.
+
+
+
+
+ An interface that OAuth messages implement to support signing.
+
+
+
+
+ Gets or sets the method used to sign the message.
+
+
+
+
+ Gets or sets the Token Secret used to sign the message.
+
+
+
+
+ Gets or sets the Consumer key.
+
+
+
+
+ Gets or sets the Consumer Secret used to sign the message.
+
+
+
+
+ Gets or sets the HTTP method that will be used to transmit the message.
+
+
+
+
+ Gets or sets the URL of the intended receiver of this message.
+
+
+
+
+ The reference date and time for calculating time stamps.
+
+
+
+
+ The number of seconds since 1/1/1970, consistent with the OAuth timestamp requirement.
+
+
+
+
+ Initializes a new instance of the class.
+
+ A value indicating whether this message requires a direct or indirect transport.
+ The URI that a directed message will be delivered to.
+ The OAuth version.
+
+
+
+ Gets or sets the signature method used to sign the request.
+
+
+
+
+ Gets or sets the Token Secret used to sign the message.
+
+
+
+
+ Gets or sets the Consumer key.
+
+
+
+
+ Gets or sets the Consumer Secret used to sign the message.
+
+
+
+
+ Gets or sets the HTTP method that will be used to transmit the message.
+
+
+
+
+ Gets or sets the URI to the Service Provider endpoint to send this message to.
+
+
+
+
+ Gets or sets the message signature.
+
+
+
+
+ Gets or sets the OAuth timestamp of the message.
+
+
+
+
+ Gets the context within which the nonce must be unique.
+
+ The consumer key.
+
+
+
+ Gets or sets the message nonce used for replay detection.
+
+
+
+
+ Gets or sets the original message parts, before any normalization or default values were assigned.
+
+
+
+
+ Gets or sets the original message parts, before any normalization or default values were assigned.
+
+
+
+
+ Gets or sets the signature method used to sign the request.
+
+
+
+
+ Gets or sets the Token Secret used to sign the message.
+
+
+
+
+ Gets or sets the Consumer Secret used to sign the message.
+
+
+
+
+ Gets or sets the HTTP method that will be used to transmit the message.
+
+
+
+
+ Gets or sets the message signature.
+
+
+
+
+ Gets or sets the version of the protocol this message was created with.
+
+
+
+
+ Security settings that are applicable to service providers.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Gets or sets the minimum required version of OAuth that must be implemented by a Consumer.
+
+
+
+
+ Gets or sets the maximum time a user can take to complete authorization.
+
+
+ This time limit serves as a security mitigation against brute force attacks to
+ compromise (unauthorized or authorized) request tokens.
+ Longer time limits is more friendly to slow users or consumers, while shorter
+ time limits provide better security.
+
+
+
+
+ A direct message sent by the Consumer to exchange an authorized Request Token
+ for an Access Token and Token Secret.
+
+
+ The class is sealed because the OAuth spec forbids adding parameters to this message.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The URI of the Service Provider endpoint to send this message to.
+ The OAuth version.
+
+
+
+ Checks the message state for conformity to the protocol specification
+ and throws an exception if the message is invalid.
+
+
+
+
+ Gets or sets the Token.
+
+
+
+
+ Gets or sets the verification code received by the Consumer from the Service Provider
+ in the property.
+
+
+
+
+ Gets or sets the authorized Request Token used to obtain authorization.
+
+
+
+
+ A message attached to a request for protected resources that provides the necessary
+ credentials to be granted access to those resources.
+
+
+
+
+ A store for the binary data that is carried in the message.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The URI of the Service Provider endpoint to send this message to.
+ The OAuth version.
+
+
+
+ Gets or sets the Token.
+
+
+
+
+ Gets or sets the Access Token.
+
+
+ In addition to just allowing OAuth to verify a valid message,
+ this property is useful on the Service Provider to verify that the access token
+ has proper authorization for the resource being requested, and to know the
+ context around which user provided the authorization.
+
+
+
+
+ Gets the parts of the message that carry binary data.
+
+ A list of parts. Never null.
+
+
+
+ Gets a value indicating whether this message should be sent as multi-part POST.
+
+
+
+
+ A direct message sent from Service Provider to Consumer in response to
+ a Consumer's request.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The originating request.
+
+
+
+ Gets or sets the Access Token assigned by the Service Provider.
+
+
+
+
+ Gets or sets the Request or Access Token.
+
+
+
+
+ Gets or sets the Request or Access Token secret.
+
+
+
+
+ Gets the extra, non-OAuth parameters that will be included in the message.
+
+
+
+
+ Gets or sets the Token Secret.
+
+
+
+
+ A message used to redirect the user from a Service Provider to a Consumer's web site.
+
+
+ The class is sealed because extra parameters are determined by the callback URI provided by the Consumer.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The URI of the Consumer endpoint to send this message to.
+ The OAuth version.
+
+
+
+ Gets or sets the Request or Access Token.
+
+
+
+
+ Gets or sets the verification code that must accompany the request to exchange the
+ authorized request token for an access token.
+
+ An unguessable value passed to the Consumer via the User and REQUIRED to complete the process.
+
+ If the Consumer did not provide a callback URL, the Service Provider SHOULD display the value of the
+ verification code, and instruct the User to manually inform the Consumer that authorization is
+ completed. If the Service Provider knows a Consumer to be running on a mobile device or set-top box,
+ the Service Provider SHOULD ensure that the verifier value is suitable for manual entry.
+
+
+
+
+ Gets or sets the Request Token.
+
+
+
+
+ A message used to redirect the user from a Consumer to a Service Provider's web site
+ so the Service Provider can ask the user to authorize the Consumer's access to some
+ protected resource(s).
+
+
+
+
+ Initializes a new instance of the class.
+
+ The URI of the Service Provider endpoint to send this message to.
+ The request token.
+ The OAuth version.
+
+
+
+ Initializes a new instance of the class.
+
+ The URI of the Service Provider endpoint to send this message to.
+ The OAuth version.
+
+
+
+ Gets or sets the Request or Access Token.
+
+
+
+
+ Gets the extra, non-OAuth parameters that will be included in the message.
+
+
+
+
+ Gets a value indicating whether this is a safe OAuth authorization request.
+
+ true if the Consumer is using OAuth 1.0a or later; otherwise, false.
+
+
+
+ Gets or sets the Request Token obtained in the previous step.
+
+
+ The Service Provider MAY declare this parameter as REQUIRED, or
+ accept requests to the User Authorization URL without it, in which
+ case it will prompt the User to enter it manually.
+
+
+
+
+ Gets or sets a URL the Service Provider will use to redirect the User back
+ to the Consumer when Obtaining User Authorization is complete. Optional.
+
+
+
+
+ A direct message sent from Service Provider to Consumer in response to
+ a Consumer's request.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The unauthorized request token message that this message is being generated in response to.
+ The request token.
+ The token secret.
+
+ This constructor is used by the Service Provider to send the message.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The originating request.
+ The OAuth version.
+ This constructor is used by the consumer to deserialize the message.
+
+
+
+ Gets or sets the Request or Access Token.
+
+
+
+
+ Gets or sets the Request or Access Token secret.
+
+
+
+
+ Gets the extra, non-OAuth parameters that will be included in the message.
+
+
+
+
+ Gets or sets the Request Token.
+
+
+
+
+ Gets the original request for an unauthorized token.
+
+
+
+
+ Gets or sets the Token Secret.
+
+
+
+
+ Gets a value indicating whether the Service Provider recognized the callback parameter in the request.
+
+
+
+
+ An OAuth-specific implementation of the class.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The binding element to use for signing.
+ The ITokenManager instance to use.
+ The security settings.
+ An injected message type provider instance.
+ Except for mock testing, this should always be one of
+ OAuthConsumerMessageFactory or OAuthServiceProviderMessageFactory.
+ The binding elements.
+
+
+
+ Uri-escapes the names and values in a dictionary per OAuth 1.0 section 5.1.
+
+ The message with data to encode.
+ A dictionary of name-value pairs with their strings encoded.
+
+
+
+ Initializes a web request for sending by attaching a message to it.
+ Use this method to prepare a protected resource request that you do NOT
+ expect an OAuth message response to.
+
+ The message to attach.
+ The initialized web request.
+
+
+
+ Initializes the binding elements for the OAuth channel.
+
+ The signing binding element.
+ The nonce store.
+
+ An array of binding elements used to initialize the channel.
+
+
+
+
+ Searches an incoming HTTP request for data that could be used to assemble
+ a protocol request message.
+
+ The HTTP request to search.
+ The deserialized message, if one is found. Null otherwise.
+
+
+
+ Gets the protocol message that may be in the given HTTP response.
+
+ The response that is anticipated to contain an protocol message.
+
+ The deserialized message parts, if found. Null otherwise.
+
+
+
+
+ Prepares an HTTP request that carries a given message.
+
+ The message to send.
+
+ The prepared to send the request.
+
+
+
+
+ Queues a message for sending in the response stream where the fields
+ are sent in the response stream in querystring style.
+
+ The message to send as a response.
+ The pending user agent redirect based message to be sent as an HttpResponse.
+
+ This method implements spec V1.0 section 5.3.
+
+
+
+
+ Gets the consumer secret for a given consumer key.
+
+ The consumer key.
+ A consumer secret.
+
+
+
+ Uri-escapes the names and values in a dictionary per OAuth 1.0 section 5.1.
+
+ The dictionary with names and values to encode.
+ The dictionary to add the encoded pairs to.
+
+
+
+ Gets the HTTP method to use for a message.
+
+ The message.
+ "POST", "GET" or some other similar http verb.
+
+
+
+ Prepares to send a request to the Service Provider via the Authorization header.
+
+ The message to be transmitted to the ServiceProvider.
+ The web request ready to send.
+
+ If the message has non-empty ExtraData in it, the request stream is sent to
+ the server automatically. If it is empty, the request stream must be sent by the caller.
+ This method implements OAuth 1.0 section 5.2, item #1 (described in section 5.4).
+
+
+
+
+ Fills out the secrets in a message so that signing/verification can be performed.
+
+ The message about to be signed or whose signature is about to be verified.
+
+
+
+ Gets or sets the Consumer web application path.
+
+
+
+
+ Gets the token manager being used.
+
+
+
+
+ A direct message sent from Consumer to Service Provider to request a Request Token.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The URI of the Service Provider endpoint to send this message to.
+ The OAuth version.
+
+
+
+ Gets or sets the absolute URL to which the Service Provider will redirect the
+ User back when the Obtaining User Authorization step is completed.
+
+
+ The callback URL; or null if the Consumer is unable to receive
+ callbacks or a callback URL has been established via other means.
+
+
+
+
+ Gets the extra, non-OAuth parameters that will be included in the message.
+
+
+
+
+ A binding element that signs outgoing messages and verifies the signature on incoming messages.
+
+
+
+
+ The name of the hash algorithm to use.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ An enumeration of the OAuth protocol versions supported by this library.
+
+
+
+
+ OAuth 1.0 specification
+
+
+
+
+ OAuth 1.0a specification
+
+
+
+
+ Constants used in the OAuth protocol.
+
+
+ OAuth Protocol Parameter names and values are case sensitive. Each OAuth Protocol Parameters MUST NOT appear more than once per request, and are REQUIRED unless otherwise noted,
+ per OAuth 1.0 section 5.
+
+
+
+
+ The namespace to use for V1.0 of the protocol.
+
+
+
+
+ The prefix used for all key names in the protocol.
+
+
+
+
+ The string representation of a instance to be used to represent OAuth 1.0a.
+
+
+
+
+ The scheme to use in Authorization header message requests.
+
+
+
+
+ Gets the instance with values initialized for V1.0 of the protocol.
+
+
+
+
+ Gets the instance with values initialized for V1.0a of the protocol.
+
+
+
+
+ A list of all supported OAuth versions, in order starting from newest version.
+
+
+
+
+ The default (or most recent) supported version of the OAuth protocol.
+
+
+
+
+ The namespace to use for this version of the protocol.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Gets the OAuth Protocol instance to use for the given version.
+
+ The OAuth version to get.
+ A matching instance.
+
+
+
+ Gets the OAuth Protocol instance to use for the given version.
+
+ The OAuth version to get.
+ A matching instance.
+
+
+
+ Gets the OAuth version this instance represents.
+
+
+
+
+ Gets the version to declare on the wire.
+
+
+
+
+ Gets the enum value for the instance.
+
+
+
+
+ Gets the namespace to use for this version of the protocol.
+
+
+
+
diff --git a/PROJ-ETS/packages/DotNetOpenAuth.OAuth.Core.4.3.0.13117/lib/net45-full/DotNetOpenAuth.OAuth.dll b/PROJ-ETS/packages/DotNetOpenAuth.OAuth.Core.4.3.0.13117/lib/net45-full/DotNetOpenAuth.OAuth.dll
new file mode 100644
index 0000000..437b6d4
Binary files /dev/null and b/PROJ-ETS/packages/DotNetOpenAuth.OAuth.Core.4.3.0.13117/lib/net45-full/DotNetOpenAuth.OAuth.dll differ
diff --git a/PROJ-ETS/packages/DotNetOpenAuth.OAuth.Core.4.3.0.13117/lib/net45-full/DotNetOpenAuth.OAuth.xml b/PROJ-ETS/packages/DotNetOpenAuth.OAuth.Core.4.3.0.13117/lib/net45-full/DotNetOpenAuth.OAuth.xml
new file mode 100644
index 0000000..6bfe90e
--- /dev/null
+++ b/PROJ-ETS/packages/DotNetOpenAuth.OAuth.Core.4.3.0.13117/lib/net45-full/DotNetOpenAuth.OAuth.xml
@@ -0,0 +1,1858 @@
+
+
+
+ DotNetOpenAuth.OAuth
+
+
+
+
+ Represents the <oauth/consumer> element in the host's .config file.
+
+
+
+
+ Gets the name of the security sub-element.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Gets or sets the security settings.
+
+
+
+
+ Security settings that are applicable to consumers.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Initializes a programmatically manipulatable bag of these security settings with the settings from the config file.
+
+ The newly created security settings object.
+
+
+
+ Represents the <oauth> element in the host's .config file.
+
+
+
+
+ The name of the oauth section.
+
+
+
+
+ The name of the <consumer> sub-element.
+
+
+
+
+ The name of the <serviceProvider> sub-element.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Gets the configuration section from the .config file.
+
+
+
+
+ Gets or sets the configuration specific for Consumers.
+
+
+
+
+ Gets or sets the configuration specific for Service Providers.
+
+
+
+
+ Represents the <oauth/serviceProvider> element in the host's .config file.
+
+
+
+
+ The name of the custom store sub-element.
+
+
+
+
+ Gets the name of the security sub-element.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Gets or sets the type to use for storing application state.
+
+
+
+
+ Gets or sets the security settings.
+
+
+
+
+ Security settings that are applicable to service providers.
+
+
+
+
+ Gets the name of the @minimumRequiredOAuthVersion attribute.
+
+
+
+
+ Gets the name of the @maxAuthorizationTime attribute.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Initializes a programmatically manipulatable bag of these security settings with the settings from the config file.
+
+ The newly created security settings object.
+
+
+
+ Gets or sets the minimum OAuth version a Consumer is required to support in order for this library to interoperate with it.
+
+
+ Although the earliest versions of OAuth are supported, for security reasons it may be desirable to require the
+ remote party to support a later version of OAuth.
+
+
+
+
+ Gets or sets the maximum time a user can take to complete authorization.
+
+
+ This time limit serves as a security mitigation against brute force attacks to
+ compromise (unauthorized or authorized) request tokens.
+ Longer time limits is more friendly to slow users or consumers, while shorter
+ time limits provide better security.
+
+
+
+
+ An interface that must be implemented by message transforms/validators in order
+ to be included in the channel stack.
+
+
+
+
+ Clones this instance.
+
+ The cloned instance.
+
+
+
+ Gets or sets the delegate that will initialize the non-serialized properties necessary on a
+ signable message so that its signature can be correctly calculated or verified.
+
+
+
+
+ Contract class for the interface.
+
+
+
+
+ Prepares a message for sending based on the rules of this channel binding element.
+
+ The message to prepare for sending.
+
+ The protections (if any) that this binding element applied to the message.
+ Null if this binding element did not even apply to this binding element.
+
+
+ Implementations that provide message protection must honor the
+ properties where applicable.
+
+
+
+
+ Performs any transformation on an incoming message that may be necessary and/or
+ validates an incoming message based on the rules of this channel binding element.
+
+ The incoming message to process.
+
+ The protections (if any) that this binding element applied to the message.
+ Null if this binding element did not even apply to this binding element.
+
+
+ Thrown when the binding element rules indicate that this message is invalid and should
+ NOT be processed.
+
+
+ Implementations that provide message protection must honor the
+ properties where applicable.
+
+
+
+
+ Clones this instance.
+
+ The cloned instance.
+
+
+
+ Gets or sets the delegate that will initialize the non-serialized properties necessary on a
+ signable message so that its signature can be correctly calculated or verified.
+
+
+
+
+ Gets or sets the channel that this binding element belongs to.
+
+
+ This property is set by the channel when it is first constructed.
+
+
+
+
+ Gets the protection commonly offered (if any) by this binding element.
+
+
+ This value is used to assist in sorting binding elements in the channel stack.
+
+
+
+
+ Utility methods specific to OAuth feature reporting.
+
+
+
+
+ Records the feature and dependency use.
+
+ The consumer or service provider.
+ The service.
+ The token manager.
+ The nonce store.
+
+
+
+ An interface OAuth hosts must implement for persistent storage
+ and recall of tokens and secrets for an individual OAuth consumer
+ or service provider.
+
+
+
+
+ Gets the Token Secret given a request or access token.
+
+ The request or access token.
+ The secret associated with the given token.
+ Thrown if the secret cannot be found for the given token.
+
+
+
+ Stores a newly generated unauthorized request token, secret, and optional
+ application-specific parameters for later recall.
+
+ The request message that resulted in the generation of a new unauthorized request token.
+ The response message that includes the unauthorized request token.
+ Thrown if the consumer key is not registered, or a required parameter was not found in the parameters collection.
+
+ Request tokens stored by this method SHOULD NOT associate any user account with this token.
+ It usually opens up security holes in your application to do so. Instead, you associate a user
+ account with access tokens (not request tokens) in the
+ method.
+
+
+
+
+ Deletes a request token and its associated secret and stores a new access token and secret.
+
+ The Consumer that is exchanging its request token for an access token.
+ The Consumer's request token that should be deleted/expired.
+ The new access token that is being issued to the Consumer.
+ The secret associated with the newly issued access token.
+
+
+ Any scope of granted privileges associated with the request token from the
+ original call to should be carried over
+ to the new Access Token.
+
+
+ To associate a user account with the new access token,
+ HttpContext.Current.User may be
+ useful in an ASP.NET web application within the implementation of this method.
+ Alternatively you may store the access token here without associating with a user account,
+ and wait until WebConsumer.ProcessUserAuthorization or
+ DesktopConsumer.ProcessUserAuthorization return the access
+ token to associate the access token with a user account at that point.
+
+
+
+
+
+ Classifies a token as a request token or an access token.
+
+ The token to classify.
+ Request or Access token, or invalid if the token is not recognized.
+
+
+
+ The code contract class for the interface.
+
+
+
+
+ Prevents a default instance of the class from being created.
+
+
+
+
+ Gets the Token Secret given a request or access token.
+
+ The request or access token.
+
+ The secret associated with the given token.
+
+ Thrown if the secret cannot be found for the given token.
+
+
+
+ Stores a newly generated unauthorized request token, secret, and optional
+ application-specific parameters for later recall.
+
+ The request message that resulted in the generation of a new unauthorized request token.
+ The response message that includes the unauthorized request token.
+ Thrown if the consumer key is not registered, or a required parameter was not found in the parameters collection.
+
+ Request tokens stored by this method SHOULD NOT associate any user account with this token.
+ It usually opens up security holes in your application to do so. Instead, you associate a user
+ account with access tokens (not request tokens) in the
+ method.
+
+
+
+
+ Deletes a request token and its associated secret and stores a new access token and secret.
+
+ The Consumer that is exchanging its request token for an access token.
+ The Consumer's request token that should be deleted/expired.
+ The new access token that is being issued to the Consumer.
+ The secret associated with the newly issued access token.
+
+
+ Any scope of granted privileges associated with the request token from the
+ original call to should be carried over
+ to the new Access Token.
+
+
+ To associate a user account with the new access token,
+ HttpContext.Current.User may be
+ useful in an ASP.NET web application within the implementation of this method.
+ Alternatively you may store the access token here without associating with a user account,
+ and wait until WebConsumer.ProcessUserAuthorization or
+ DesktopConsumer.ProcessUserAuthorization return the access
+ token to associate the access token with a user account at that point.
+
+
+
+
+
+ Classifies a token as a request token or an access token.
+
+ The token to classify.
+
+ Request or Access token, or invalid if the token is not recognized.
+
+
+
+
+ Sets the HTTP Method property on a signed message before the signing module gets to it.
+
+
+
+
+ Prepares a message for sending based on the rules of this channel binding element.
+
+ The message to prepare for sending.
+
+ True if the applied to this binding element
+ and the operation was successful. False otherwise.
+
+
+
+
+ Performs any transformation on an incoming message that may be necessary and/or
+ validates an incoming message based on the rules of this channel binding element.
+
+ The incoming message to process.
+
+ True if the applied to this binding element
+ and the operation was successful. False if the operation did not apply to this message.
+
+
+ Thrown when the binding element rules indicate that this message is invalid and should
+ NOT be processed.
+
+
+
+
+ Gets the protection offered (if any) by this binding element.
+
+
+
+
+ Gets or sets the channel that this binding element belongs to.
+
+
+
+
+ A binding element that signs outgoing messages and verifies the signature on incoming messages.
+
+
+
+
+ A binding element that signs outgoing messages and verifies the signature on incoming messages.
+
+
+
+
+ The signature method this binding element uses.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The OAuth signature method that the binding element uses.
+
+
+
+ Creates a new object that is a copy of the current instance.
+
+
+ A new object that is a copy of this instance.
+
+
+
+
+ Signs the outgoing message.
+
+ The message to sign.
+
+ The protections (if any) that this binding element applied to the message.
+ Null if this binding element did not even apply to this binding element.
+
+
+
+
+ Verifies the signature on an incoming message.
+
+ The message whose signature should be verified.
+
+ The protections (if any) that this binding element applied to the message.
+ Null if this binding element did not even apply to this binding element.
+
+ Thrown if the signature is invalid.
+
+
+
+ Constructs the OAuth Signature Base String and returns the result.
+
+ The message.
+ The message to derive the signature base string from.
+ The signature base string.
+
+ This method implements OAuth 1.0 section 9.1.
+
+
+
+
+ Calculates a signature for a given message.
+
+ The message to sign.
+ The signature for the message.
+
+ This method signs the message per OAuth 1.0 section 9.2.
+
+
+
+
+ Gets the "ConsumerSecret&TokenSecret" string, allowing either property to be empty or null.
+
+ The message to extract the secrets from.
+ The concatenated string.
+
+
+
+ Determines whether the signature on some message is valid.
+
+ The message to check the signature on.
+
+ true if the signature on the message is valid; otherwise, false.
+
+
+
+
+ Clones this instance.
+
+ A new instance of the binding element.
+
+ Implementations of this method need not clone the SignatureVerificationCallback member, as the
+ class does this.
+
+
+
+
+ Calculates a signature for a given message.
+
+ The message to sign.
+ The signature for the message.
+
+
+
+ Checks whether this binding element applies to this message.
+
+ The message that needs to be signed.
+ True if this binding element can be used to sign the message. False otherwise.
+
+
+
+ Sorts parameters according to OAuth signature base string rules.
+
+ The first parameter to compare.
+ The second parameter to compare.
+ Negative, zero or positive.
+
+
+
+ Gets the message protection provided by this binding element.
+
+
+
+
+ Gets or sets the channel that this binding element belongs to.
+
+
+
+
+ Gets or sets the delegate that will initialize the non-serialized properties necessary on a signed
+ message so that its signature can be correctly calculated for verification.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Calculates a signature for a given message.
+
+ The message to sign.
+ The signature for the message.
+
+ This method signs the message according to OAuth 1.0 section 9.4.1.
+
+
+
+
+ Checks whether this binding element applies to this message.
+
+ The message that needs to be signed.
+ True if this binding element can be used to sign the message. False otherwise.
+
+
+
+ Clones this instance.
+
+ A new instance of the binding element.
+
+
+
+ A binding element that signs outgoing messages and verifies the signature on incoming messages.
+
+
+
+
+ Initializes a new instance of the class
+
+
+
+
+ Calculates a signature for a given message.
+
+ The message to sign.
+ The signature for the message.
+
+ This method signs the message per OAuth 1.0 section 9.2.
+
+
+
+
+ Clones this instance.
+
+ A new instance of the binding element.
+
+
+
+ Code Contract for the class.
+
+
+
+
+ Prevents a default instance of the SigningBindingElementBaseContract class from being created.
+
+
+
+
+ Clones this instance.
+
+ A new instance of the binding element.
+
+ Implementations of this method need not clone the SignatureVerificationCallback member, as the
+ class does this.
+
+
+
+
+ Calculates a signature for a given message.
+
+ The message to sign.
+ The signature for the message.
+
+
+
+ A tamper protection applying binding element that can use any of several given
+ binding elements to apply the protection.
+
+
+
+
+ The various signing binding elements that may be applicable to a message in preferred use order.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+ The signing binding elements that may be used for some outgoing message,
+ in preferred use order.
+
+
+
+
+ Prepares a message for sending based on the rules of this channel binding element.
+
+ The message to prepare for sending.
+
+ The protections (if any) that this binding element applied to the message.
+ Null if this binding element did not even apply to this binding element.
+
+
+
+
+ Performs any transformation on an incoming message that may be necessary and/or
+ validates an incoming message based on the rules of this channel binding element.
+
+ The incoming message to process.
+
+ The protections (if any) that this binding element applied to the message.
+ Null if this binding element did not even apply to this binding element.
+
+
+
+
+ Creates a new object that is a copy of the current instance.
+
+
+ A new object that is a copy of this instance.
+
+
+
+
+ Gets or sets the delegate that will initialize the non-serialized properties necessary on a signed
+ message so that its signature can be correctly calculated for verification.
+ May be null for Consumers (who never have to verify signatures).
+
+
+
+
+ Gets the protection offered (if any) by this binding element.
+
+
+
+
+ Gets or sets the channel that this binding element belongs to.
+
+
+
+
+ The two types of tokens that exist in the OAuth protocol.
+
+
+
+
+ A token that is freely issued to any known Consumer.
+ It does not grant any authorization to access protected resources,
+ but is used as a step in obtaining that access.
+
+
+
+
+ A token only obtained after the owner of some protected resource(s)
+ has approved a Consumer's access to said resource(s).
+
+
+
+
+ An unrecognized, expired or invalid token.
+
+
+
+
+ An URI encoder that translates null references as "oob"
+ instead of an empty/missing argument.
+
+
+
+
+ The string constant "oob", used to indicate an out-of-band configuration.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Encodes the specified value.
+
+ The value. Guaranteed to never be null.
+
+ The in string form, ready for message transport.
+
+
+
+
+ Decodes the specified value.
+
+ The string value carried by the transport. Guaranteed to never be null, although it may be empty.
+
+ The deserialized form of the given string.
+
+ Thrown when the string value given cannot be decoded into the required object type.
+
+
+
+ Gets the string representation to include in a serialized message
+ when the message part has a null value.
+
+
+
+
+
+ Security settings that are applicable to consumers.
+
+
+
+
+ Security settings that may be applicable to both consumers and service providers.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ An interface implemented by all OAuth messages that have a request or access token and secret properties.
+
+
+
+
+ An interface implemented by all OAuth messages that have a request or access token property.
+
+
+
+
+ Gets or sets the Request or Access Token.
+
+
+
+
+ Gets or sets the Request or Access Token secret.
+
+
+
+
+ A strongly-typed resource class, for looking up localized strings, etc.
+
+
+
+
+ Returns the cached ResourceManager instance used by this class.
+
+
+
+
+ Overrides the current thread's CurrentUICulture property for all
+ resource lookups using this strongly typed resource class.
+
+
+
+
+ Looks up a localized string similar to Cannot send access token to Consumer for request token '{0}' before it has been authorized..
+
+
+
+
+ Looks up a localized string similar to The access token '{0}' is invalid or expired..
+
+
+
+
+ Looks up a localized string similar to Failure looking up secret for consumer or token..
+
+
+
+
+ Looks up a localized string similar to oauth_verifier argument was incorrect..
+
+
+
+
+ Looks up a localized string similar to An invalid OAuth message received and discarded..
+
+
+
+
+ Looks up a localized string similar to The {0} message included extra data which is not allowed..
+
+
+
+
+ Looks up a localized string similar to This OAuth service provider requires OAuth consumers to implement OAuth {0}, but this consumer appears to only support {1}..
+
+
+
+
+ Looks up a localized string similar to Cannot send OAuth message as multipart POST without an authorization HTTP header because sensitive data would not be signed..
+
+
+
+
+ Looks up a localized string similar to Use of the OpenID+OAuth extension requires that the token manager in use implement the {0} interface..
+
+
+
+
+ Looks up a localized string similar to The OpenID Relying Party's realm is not recognized as belonging to the OAuth Consumer identified by the consumer key given..
+
+
+
+
+ Looks up a localized string similar to The request URL query MUST NOT contain any OAuth Protocol Parameters..
+
+
+
+
+ Looks up a localized string similar to The signing element already has been associated with a channel..
+
+
+
+
+ Looks up a localized string similar to All signing elements must offer the same message protection..
+
+
+
+
+ Looks up a localized string similar to A token in the message was not recognized by the service provider..
+
+
+
+
+ Looks up a localized string similar to The RSA-SHA1 signing binding element has not been set with a certificate for signing..
+
+
+
+
+ A description of the endpoints on a Service Provider.
+
+
+
+
+ The field used to store the value of the property.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Creates a signing element that includes all the signing elements this service provider supports.
+
+ The created signing element.
+
+
+
+ Gets or sets the OAuth version supported by the Service Provider.
+
+
+
+
+ Gets or sets the URL used to obtain an unauthorized Request Token,
+ described in Section 6.1 (Obtaining an Unauthorized Request Token).
+
+
+ The request URL query MUST NOT contain any OAuth Protocol Parameters.
+ This is the URL that messages are directed to.
+
+ Thrown if this property is set to a URI with OAuth protocol parameters.
+
+
+
+ Gets or sets the URL used to obtain User authorization for Consumer access,
+ described in Section 6.2 (Obtaining User Authorization).
+
+
+ This is the URL that messages are
+ indirectly (via the user agent) sent to.
+
+
+
+
+ Gets or sets the URL used to exchange the User-authorized Request Token
+ for an Access Token, described in Section 6.3 (Obtaining an Access Token).
+
+
+ This is the URL that messages are directed to.
+
+
+
+
+ Gets or sets the signing policies that apply to this Service Provider.
+
+
+
+
+ Gets the OAuth version supported by the Service Provider.
+
+
+
+
+ A base class for all signed OAuth messages.
+
+
+
+
+ A base class for all OAuth messages.
+
+
+
+
+ A store for extra name/value data pairs that are attached to this message.
+
+
+
+
+ Gets a value indicating whether signing this message is required.
+
+
+
+
+ Gets a value indicating whether this is a direct or indirect message.
+
+
+
+
+ The URI to the remote endpoint to send this message to.
+
+
+
+
+ Backing store for the properties.
+
+
+
+
+ Backing store for the properties.
+
+
+
+
+ Initializes a new instance of the class for direct response messages.
+
+ The level of protection the message requires.
+ The request that asked for this direct response.
+ The OAuth version.
+
+
+
+ Initializes a new instance of the class for direct requests or indirect messages.
+
+ The level of protection the message requires.
+ A value indicating whether this message requires a direct or indirect transport.
+ The URI that a directed message will be delivered to.
+ The OAuth version.
+
+
+
+ Checks the message state for conformity to the protocol specification
+ and throws an exception if the message is invalid.
+
+
+
+
+ Returns a human-friendly string describing the message and all serializable properties.
+
+ The channel that will carry this message.
+
+ The string representation of this object.
+
+
+
+
+ Sets a flag indicating that this message is received (as opposed to sent).
+
+
+
+
+ Checks the message state for conformity to the protocol specification
+ and throws an exception if the message is invalid.
+
+
+
+
+ Gets the version of the protocol this message is prepared to implement.
+
+
+
+
+ Gets the level of protection this message requires.
+
+
+
+
+ Gets a value indicating whether this is a direct or indirect message.
+
+
+
+
+ Gets the dictionary of additional name/value fields tacked on to this message.
+
+
+
+
+ Gets the URI to the Service Provider endpoint to send this message to.
+
+
+
+
+ Gets the preferred method of transport for the message.
+
+
+
+
+ Gets the originating request message that caused this response to be formed.
+
+
+
+
+ Gets or sets a value indicating whether security sensitive strings are
+ emitted from the ToString() method.
+
+
+
+
+ Gets a value indicating whether this message was deserialized as an incoming message.
+
+
+
+
+ Gets the version of the protocol this message is prepared to implement.
+
+
+
+
+ Gets the level of protection this message requires.
+
+
+
+
+ Gets a value indicating whether this is a direct or indirect message.
+
+
+
+
+ Gets the dictionary of additional name/value fields tacked on to this message.
+
+
+
+
+ Gets the preferred method of transport for the message.
+
+
+
+
+ Gets or sets the URI to the Service Provider endpoint to send this message to.
+
+
+
+
+ Gets the originating request message that caused this response to be formed.
+
+
+
+
+ An interface that OAuth messages implement to support signing.
+
+
+
+
+ Gets or sets the method used to sign the message.
+
+
+
+
+ Gets or sets the Token Secret used to sign the message.
+
+
+
+
+ Gets or sets the Consumer key.
+
+
+
+
+ Gets or sets the Consumer Secret used to sign the message.
+
+
+
+
+ Gets or sets the HTTP method that will be used to transmit the message.
+
+
+
+
+ Gets or sets the URL of the intended receiver of this message.
+
+
+
+
+ The reference date and time for calculating time stamps.
+
+
+
+
+ The number of seconds since 1/1/1970, consistent with the OAuth timestamp requirement.
+
+
+
+
+ Initializes a new instance of the class.
+
+ A value indicating whether this message requires a direct or indirect transport.
+ The URI that a directed message will be delivered to.
+ The OAuth version.
+
+
+
+ Gets or sets the signature method used to sign the request.
+
+
+
+
+ Gets or sets the Token Secret used to sign the message.
+
+
+
+
+ Gets or sets the Consumer key.
+
+
+
+
+ Gets or sets the Consumer Secret used to sign the message.
+
+
+
+
+ Gets or sets the HTTP method that will be used to transmit the message.
+
+
+
+
+ Gets or sets the URI to the Service Provider endpoint to send this message to.
+
+
+
+
+ Gets or sets the message signature.
+
+
+
+
+ Gets or sets the OAuth timestamp of the message.
+
+
+
+
+ Gets the context within which the nonce must be unique.
+
+ The consumer key.
+
+
+
+ Gets or sets the message nonce used for replay detection.
+
+
+
+
+ Gets or sets the original message parts, before any normalization or default values were assigned.
+
+
+
+
+ Gets or sets the original message parts, before any normalization or default values were assigned.
+
+
+
+
+ Gets or sets the signature method used to sign the request.
+
+
+
+
+ Gets or sets the Token Secret used to sign the message.
+
+
+
+
+ Gets or sets the Consumer Secret used to sign the message.
+
+
+
+
+ Gets or sets the HTTP method that will be used to transmit the message.
+
+
+
+
+ Gets or sets the message signature.
+
+
+
+
+ Gets or sets the version of the protocol this message was created with.
+
+
+
+
+ Security settings that are applicable to service providers.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Gets or sets the minimum required version of OAuth that must be implemented by a Consumer.
+
+
+
+
+ Gets or sets the maximum time a user can take to complete authorization.
+
+
+ This time limit serves as a security mitigation against brute force attacks to
+ compromise (unauthorized or authorized) request tokens.
+ Longer time limits is more friendly to slow users or consumers, while shorter
+ time limits provide better security.
+
+
+
+
+ A direct message sent by the Consumer to exchange an authorized Request Token
+ for an Access Token and Token Secret.
+
+
+ The class is sealed because the OAuth spec forbids adding parameters to this message.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The URI of the Service Provider endpoint to send this message to.
+ The OAuth version.
+
+
+
+ Checks the message state for conformity to the protocol specification
+ and throws an exception if the message is invalid.
+
+
+
+
+ Gets or sets the Token.
+
+
+
+
+ Gets or sets the verification code received by the Consumer from the Service Provider
+ in the property.
+
+
+
+
+ Gets or sets the authorized Request Token used to obtain authorization.
+
+
+
+
+ A message attached to a request for protected resources that provides the necessary
+ credentials to be granted access to those resources.
+
+
+
+
+ A store for the binary data that is carried in the message.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The URI of the Service Provider endpoint to send this message to.
+ The OAuth version.
+
+
+
+ Gets or sets the Token.
+
+
+
+
+ Gets or sets the Access Token.
+
+
+ In addition to just allowing OAuth to verify a valid message,
+ this property is useful on the Service Provider to verify that the access token
+ has proper authorization for the resource being requested, and to know the
+ context around which user provided the authorization.
+
+
+
+
+ Gets the parts of the message that carry binary data.
+
+ A list of parts. Never null.
+
+
+
+ Gets a value indicating whether this message should be sent as multi-part POST.
+
+
+
+
+ A direct message sent from Service Provider to Consumer in response to
+ a Consumer's request.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The originating request.
+
+
+
+ Gets or sets the Access Token assigned by the Service Provider.
+
+
+
+
+ Gets or sets the Request or Access Token.
+
+
+
+
+ Gets or sets the Request or Access Token secret.
+
+
+
+
+ Gets the extra, non-OAuth parameters that will be included in the message.
+
+
+
+
+ Gets or sets the Token Secret.
+
+
+
+
+ A message used to redirect the user from a Service Provider to a Consumer's web site.
+
+
+ The class is sealed because extra parameters are determined by the callback URI provided by the Consumer.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The URI of the Consumer endpoint to send this message to.
+ The OAuth version.
+
+
+
+ Gets or sets the Request or Access Token.
+
+
+
+
+ Gets or sets the verification code that must accompany the request to exchange the
+ authorized request token for an access token.
+
+ An unguessable value passed to the Consumer via the User and REQUIRED to complete the process.
+
+ If the Consumer did not provide a callback URL, the Service Provider SHOULD display the value of the
+ verification code, and instruct the User to manually inform the Consumer that authorization is
+ completed. If the Service Provider knows a Consumer to be running on a mobile device or set-top box,
+ the Service Provider SHOULD ensure that the verifier value is suitable for manual entry.
+
+
+
+
+ Gets or sets the Request Token.
+
+
+
+
+ A message used to redirect the user from a Consumer to a Service Provider's web site
+ so the Service Provider can ask the user to authorize the Consumer's access to some
+ protected resource(s).
+
+
+
+
+ Initializes a new instance of the class.
+
+ The URI of the Service Provider endpoint to send this message to.
+ The request token.
+ The OAuth version.
+
+
+
+ Initializes a new instance of the class.
+
+ The URI of the Service Provider endpoint to send this message to.
+ The OAuth version.
+
+
+
+ Gets or sets the Request or Access Token.
+
+
+
+
+ Gets the extra, non-OAuth parameters that will be included in the message.
+
+
+
+
+ Gets a value indicating whether this is a safe OAuth authorization request.
+
+ true if the Consumer is using OAuth 1.0a or later; otherwise, false.
+
+
+
+ Gets or sets the Request Token obtained in the previous step.
+
+
+ The Service Provider MAY declare this parameter as REQUIRED, or
+ accept requests to the User Authorization URL without it, in which
+ case it will prompt the User to enter it manually.
+
+
+
+
+ Gets or sets a URL the Service Provider will use to redirect the User back
+ to the Consumer when Obtaining User Authorization is complete. Optional.
+
+
+
+
+ A direct message sent from Service Provider to Consumer in response to
+ a Consumer's request.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The unauthorized request token message that this message is being generated in response to.
+ The request token.
+ The token secret.
+
+ This constructor is used by the Service Provider to send the message.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The originating request.
+ The OAuth version.
+ This constructor is used by the consumer to deserialize the message.
+
+
+
+ Gets or sets the Request or Access Token.
+
+
+
+
+ Gets or sets the Request or Access Token secret.
+
+
+
+
+ Gets the extra, non-OAuth parameters that will be included in the message.
+
+
+
+
+ Gets or sets the Request Token.
+
+
+
+
+ Gets the original request for an unauthorized token.
+
+
+
+
+ Gets or sets the Token Secret.
+
+
+
+
+ Gets a value indicating whether the Service Provider recognized the callback parameter in the request.
+
+
+
+
+ An OAuth-specific implementation of the class.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The binding element to use for signing.
+ The ITokenManager instance to use.
+ The security settings.
+ An injected message type provider instance.
+ Except for mock testing, this should always be one of
+ OAuthConsumerMessageFactory or OAuthServiceProviderMessageFactory.
+ The binding elements.
+
+
+
+ Uri-escapes the names and values in a dictionary per OAuth 1.0 section 5.1.
+
+ The message with data to encode.
+ A dictionary of name-value pairs with their strings encoded.
+
+
+
+ Initializes a web request for sending by attaching a message to it.
+ Use this method to prepare a protected resource request that you do NOT
+ expect an OAuth message response to.
+
+ The message to attach.
+ The initialized web request.
+
+
+
+ Initializes the binding elements for the OAuth channel.
+
+ The signing binding element.
+ The nonce store.
+
+ An array of binding elements used to initialize the channel.
+
+
+
+
+ Searches an incoming HTTP request for data that could be used to assemble
+ a protocol request message.
+
+ The HTTP request to search.
+ The deserialized message, if one is found. Null otherwise.
+
+
+
+ Gets the protocol message that may be in the given HTTP response.
+
+ The response that is anticipated to contain an protocol message.
+
+ The deserialized message parts, if found. Null otherwise.
+
+
+
+
+ Prepares an HTTP request that carries a given message.
+
+ The message to send.
+
+ The prepared to send the request.
+
+
+
+
+ Queues a message for sending in the response stream where the fields
+ are sent in the response stream in querystring style.
+
+ The message to send as a response.
+ The pending user agent redirect based message to be sent as an HttpResponse.
+
+ This method implements spec V1.0 section 5.3.
+
+
+
+
+ Gets the consumer secret for a given consumer key.
+
+ The consumer key.
+ A consumer secret.
+
+
+
+ Uri-escapes the names and values in a dictionary per OAuth 1.0 section 5.1.
+
+ The dictionary with names and values to encode.
+ The dictionary to add the encoded pairs to.
+
+
+
+ Gets the HTTP method to use for a message.
+
+ The message.
+ "POST", "GET" or some other similar http verb.
+
+
+
+ Prepares to send a request to the Service Provider via the Authorization header.
+
+ The message to be transmitted to the ServiceProvider.
+ The web request ready to send.
+
+ If the message has non-empty ExtraData in it, the request stream is sent to
+ the server automatically. If it is empty, the request stream must be sent by the caller.
+ This method implements OAuth 1.0 section 5.2, item #1 (described in section 5.4).
+
+
+
+
+ Fills out the secrets in a message so that signing/verification can be performed.
+
+ The message about to be signed or whose signature is about to be verified.
+
+
+
+ Gets or sets the Consumer web application path.
+
+
+
+
+ Gets the token manager being used.
+
+
+
+
+ A direct message sent from Consumer to Service Provider to request a Request Token.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The URI of the Service Provider endpoint to send this message to.
+ The OAuth version.
+
+
+
+ Gets or sets the absolute URL to which the Service Provider will redirect the
+ User back when the Obtaining User Authorization step is completed.
+
+
+ The callback URL; or null if the Consumer is unable to receive
+ callbacks or a callback URL has been established via other means.
+
+
+
+
+ Gets the extra, non-OAuth parameters that will be included in the message.
+
+
+
+
+ A binding element that signs outgoing messages and verifies the signature on incoming messages.
+
+
+
+
+ The name of the hash algorithm to use.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ An enumeration of the OAuth protocol versions supported by this library.
+
+
+
+
+ OAuth 1.0 specification
+
+
+
+
+ OAuth 1.0a specification
+
+
+
+
+ Constants used in the OAuth protocol.
+
+
+ OAuth Protocol Parameter names and values are case sensitive. Each OAuth Protocol Parameters MUST NOT appear more than once per request, and are REQUIRED unless otherwise noted,
+ per OAuth 1.0 section 5.
+
+
+
+
+ The namespace to use for V1.0 of the protocol.
+
+
+
+
+ The prefix used for all key names in the protocol.
+
+
+
+
+ The string representation of a instance to be used to represent OAuth 1.0a.
+
+
+
+
+ The scheme to use in Authorization header message requests.
+
+
+
+
+ Gets the instance with values initialized for V1.0 of the protocol.
+
+
+
+
+ Gets the instance with values initialized for V1.0a of the protocol.
+
+
+
+
+ A list of all supported OAuth versions, in order starting from newest version.
+
+
+
+
+ The default (or most recent) supported version of the OAuth protocol.
+
+
+
+
+ The namespace to use for this version of the protocol.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Gets the OAuth Protocol instance to use for the given version.
+
+ The OAuth version to get.
+ A matching instance.
+
+
+
+ Gets the OAuth Protocol instance to use for the given version.
+
+ The OAuth version to get.
+ A matching instance.
+
+
+
+ Gets the OAuth version this instance represents.
+
+
+
+
+ Gets the version to declare on the wire.
+
+
+
+
+ Gets the enum value for the instance.
+
+
+
+
+ Gets the namespace to use for this version of the protocol.
+
+
+
+
diff --git a/PROJ-ETS/packages/DotNetOpenAuth.OpenId.Core.4.3.0.13117/DotNetOpenAuth.OpenId.Core.4.3.0.13117.nupkg b/PROJ-ETS/packages/DotNetOpenAuth.OpenId.Core.4.3.0.13117/DotNetOpenAuth.OpenId.Core.4.3.0.13117.nupkg
new file mode 100644
index 0000000..16adde5
Binary files /dev/null and b/PROJ-ETS/packages/DotNetOpenAuth.OpenId.Core.4.3.0.13117/DotNetOpenAuth.OpenId.Core.4.3.0.13117.nupkg differ
diff --git a/PROJ-ETS/packages/DotNetOpenAuth.OpenId.Core.4.3.0.13117/DotNetOpenAuth.OpenId.Core.4.3.0.13117.nuspec b/PROJ-ETS/packages/DotNetOpenAuth.OpenId.Core.4.3.0.13117/DotNetOpenAuth.OpenId.Core.4.3.0.13117.nuspec
new file mode 100644
index 0000000..47854ae
--- /dev/null
+++ b/PROJ-ETS/packages/DotNetOpenAuth.OpenId.Core.4.3.0.13117/DotNetOpenAuth.OpenId.Core.4.3.0.13117.nuspec
@@ -0,0 +1,22 @@
+
+
+
+ DotNetOpenAuth.OpenId.Core
+ 4.3.0.13117
+ DotNetOpenAuth OpenID Core
+ Andrew Arnott
+ Andrew Arnott
+ http://www.opensource.org/licenses/ms-pl.html
+ http://www.dotnetopenauth.net/
+ https://github.com/AArnott/dotnetopenid/raw/v3.4/doc/logo/dnoa-logo_32x32.png
+ false
+ This package contains shared code for other NuGet packages, and contains no public API in and of itself.
+ Common functionality required to implement an OpenID Provider or Relying Party.
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/PROJ-ETS/packages/DotNetOpenAuth.OpenId.Core.4.3.0.13117/content/net35-full/web.config.transform b/PROJ-ETS/packages/DotNetOpenAuth.OpenId.Core.4.3.0.13117/content/net35-full/web.config.transform
new file mode 100644
index 0000000..39ad0c9
--- /dev/null
+++ b/PROJ-ETS/packages/DotNetOpenAuth.OpenId.Core.4.3.0.13117/content/net35-full/web.config.transform
@@ -0,0 +1,35 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/PROJ-ETS/packages/DotNetOpenAuth.OpenId.Core.4.3.0.13117/content/net40-full/web.config.transform b/PROJ-ETS/packages/DotNetOpenAuth.OpenId.Core.4.3.0.13117/content/net40-full/web.config.transform
new file mode 100644
index 0000000..5e77207
--- /dev/null
+++ b/PROJ-ETS/packages/DotNetOpenAuth.OpenId.Core.4.3.0.13117/content/net40-full/web.config.transform
@@ -0,0 +1,34 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/PROJ-ETS/packages/DotNetOpenAuth.OpenId.Core.4.3.0.13117/content/net45-full/web.config.transform b/PROJ-ETS/packages/DotNetOpenAuth.OpenId.Core.4.3.0.13117/content/net45-full/web.config.transform
new file mode 100644
index 0000000..5e77207
--- /dev/null
+++ b/PROJ-ETS/packages/DotNetOpenAuth.OpenId.Core.4.3.0.13117/content/net45-full/web.config.transform
@@ -0,0 +1,34 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/PROJ-ETS/packages/DotNetOpenAuth.OpenId.Core.4.3.0.13117/lib/net35-full/DotNetOpenAuth.OpenId.dll b/PROJ-ETS/packages/DotNetOpenAuth.OpenId.Core.4.3.0.13117/lib/net35-full/DotNetOpenAuth.OpenId.dll
new file mode 100644
index 0000000..e5cddfb
Binary files /dev/null and b/PROJ-ETS/packages/DotNetOpenAuth.OpenId.Core.4.3.0.13117/lib/net35-full/DotNetOpenAuth.OpenId.dll differ
diff --git a/PROJ-ETS/packages/DotNetOpenAuth.OpenId.Core.4.3.0.13117/lib/net35-full/DotNetOpenAuth.OpenId.xml b/PROJ-ETS/packages/DotNetOpenAuth.OpenId.Core.4.3.0.13117/lib/net35-full/DotNetOpenAuth.OpenId.xml
new file mode 100644
index 0000000..aaa9f04
--- /dev/null
+++ b/PROJ-ETS/packages/DotNetOpenAuth.OpenId.Core.4.3.0.13117/lib/net35-full/DotNetOpenAuth.OpenId.xml
@@ -0,0 +1,10788 @@
+
+
+
+ DotNetOpenAuth.OpenId
+
+
+
+
+ Describes a collection of association type sub-elements in a .config file.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Returns an enumerator that iterates through the collection.
+
+
+ A that can be used to iterate through the collection.
+
+
+
+
+ When overridden in a derived class, creates a new .
+
+
+ A new .
+
+
+
+
+ Gets the element key for a specified configuration element when overridden in a derived class.
+
+ The to return the key for.
+
+ An that acts as the key for the specified .
+
+
+
+
+ Describes an association type and its maximum lifetime as an element
+ in a .config file.
+
+
+
+
+ The name of the attribute that stores the association type.
+
+
+
+
+ The name of the attribute that stores the association's maximum lifetime.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Gets or sets the protocol name of the association.
+
+
+
+
+ Gets or sets the maximum time a shared association should live.
+
+ The default value is 14 days.
+
+
+
+ The configuration element that can adjust how hostmeta discovery works.
+
+
+
+
+ The property name for enableCertificateValidationCache.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Gets or sets a value indicating whether validated certificates should be cached and not validated again.
+
+
+ This helps to avoid unexplained 5-10 second delays in certificate validation for Google Apps for Domains that impact some servers.
+
+
+
+
+ Represents the <openid> element in the host's .config file.
+
+
+
+
+ The name of the section under which this library's settings must be found.
+
+
+
+
+ The name of the <relyingParty> sub-element.
+
+
+
+
+ The name of the <provider> sub-element.
+
+
+
+
+ The name of the <extensions> sub-element.
+
+
+
+
+ The name of the <xriResolver> sub-element.
+
+
+
+
+ The name of the @maxAuthenticationTime attribute.
+
+
+
+
+ The name of the @cacheDiscovery attribute.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Gets the configuration section from the .config file.
+
+
+
+
+ Gets or sets the maximum time a user can take to complete authentication.
+
+
+ This time limit allows the library to decide how long to cache certain values
+ necessary to complete authentication. The lower the time, the less demand on
+ the server. But too short a time can frustrate the user.
+
+
+
+
+ Gets or sets a value indicating whether the results of Identifier discovery
+ should be cached.
+
+
+ Use true to allow identifier discovery to immediately return cached results when available;
+ otherwise, use false.to force fresh results every time at the cost of slightly slower logins.
+ The default value is true.
+
+
+ When enabled, caching is done according to HTTP standards.
+
+
+
+
+ Gets or sets the configuration specific for Relying Parties.
+
+
+
+
+ Gets or sets the configuration specific for Providers.
+
+
+
+
+ Gets or sets the registered OpenID extension factories.
+
+
+
+
+ Gets or sets the configuration for the XRI resolver.
+
+
+
+
+ The section in the .config file that allows customization of OpenID Provider behaviors.
+
+
+
+
+ The name of the <provider> sub-element.
+
+
+
+
+ The name of the security sub-element.
+
+
+
+
+ Gets the name of the <behaviors> sub-element.
+
+
+
+
+ The name of the custom store sub-element.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Gets or sets the security settings.
+
+
+
+
+ Gets or sets the special behaviors to apply.
+
+
+
+
+ Gets or sets the type to use for storing application state.
+
+
+
+
+ Represents the .config file element that allows for setting the security policies of the Provider.
+
+
+
+
+ Gets the name of the @protectDownlevelReplayAttacks attribute.
+
+
+
+
+ Gets the name of the @minimumHashBitLength attribute.
+
+
+
+
+ Gets the name of the @maximumHashBitLength attribute.
+
+
+
+
+ The name of the associations collection sub-element.
+
+
+
+
+ The name of the @encodeAssociationSecretsInHandles attribute.
+
+
+
+
+ Gets the name of the @requireSsl attribute.
+
+
+
+
+ Gets the name of the @unsolicitedAssertionVerification attribute.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Initializes a programmatically manipulatable bag of these security settings with the settings from the config file.
+
+ The newly created security settings object.
+
+
+
+ Gets or sets a value indicating whether all discovery and authentication should require SSL security.
+
+
+
+
+ Gets or sets the minimum length of the hash that protects the protocol from hijackers.
+
+
+
+
+ Gets or sets the maximum length of the hash that protects the protocol from hijackers.
+
+
+
+
+ Gets or sets a value indicating whether the Provider should take special care
+ to protect OpenID 1.x relying parties against replay attacks.
+
+
+
+
+ Gets or sets the level of verification a Provider performs on an identifier before
+ sending an unsolicited assertion for it.
+
+ The default value is .
+
+
+
+ Gets or sets the configured lifetimes of the various association types.
+
+
+
+
+ Gets or sets a value indicating whether the Provider should ease the burden of storing associations
+ by encoding their secrets (in signed, encrypted form) into the association handles themselves, storing only
+ a few rotating, private symmetric keys in the Provider's store instead.
+
+
+
+
+ The section in the .config file that allows customization of OpenID Relying Party behaviors.
+
+
+
+
+ The name of the custom store sub-element.
+
+
+
+
+ The name of the <relyingParty> sub-element.
+
+
+
+
+ The name of the attribute that specifies whether dnoa.userSuppliedIdentifier is tacked onto the openid.return_to URL.
+
+
+
+
+ Gets the name of the security sub-element.
+
+
+
+
+ The name of the <behaviors> sub-element.
+
+
+
+
+ The name of the <discoveryServices> sub-element.
+
+
+
+
+ The name of the <hostMetaDiscovery> sub-element.
+
+
+
+
+ The built-in set of identifier discovery services.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Gets or sets a value indicating whether "dnoa.userSuppliedIdentifier" is tacked onto the openid.return_to URL in order to preserve what the user typed into the OpenID box.
+
+
+ The default value is true.
+
+
+
+
+ Gets or sets the security settings.
+
+
+
+
+ Gets or sets the special behaviors to apply.
+
+
+
+
+ Gets or sets the type to use for storing application state.
+
+
+
+
+ Gets or sets the host meta discovery configuration element.
+
+
+
+
+ Gets or sets the services to use for discovering service endpoints for identifiers.
+
+
+ If no discovery services are defined in the (web) application's .config file,
+ the default set of discovery services built into the library are used.
+
+
+
+
+ Represents the .config file element that allows for setting the security policies of the Relying Party.
+
+
+
+
+ Gets the name of the @minimumRequiredOpenIdVersion attribute.
+
+
+
+
+ Gets the name of the @minimumHashBitLength attribute.
+
+
+
+
+ Gets the name of the @maximumHashBitLength attribute.
+
+
+
+
+ Gets the name of the @requireSsl attribute.
+
+
+
+
+ Gets the name of the @requireDirectedIdentity attribute.
+
+
+
+
+ Gets the name of the @requireAssociation attribute.
+
+
+
+
+ Gets the name of the @rejectUnsolicitedAssertions attribute.
+
+
+
+
+ Gets the name of the @rejectDelegatedIdentifiers attribute.
+
+
+
+
+ Gets the name of the @ignoreUnsignedExtensions attribute.
+
+
+
+
+ Gets the name of the @allowDualPurposeIdentifiers attribute.
+
+
+
+
+ Gets the name of the @allowApproximateIdentifierDiscovery attribute.
+
+
+
+
+ Gets the name of the @protectDownlevelReplayAttacks attribute.
+
+
+
+
+ The name of the <trustedProviders> sub-element.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Initializes a programmatically manipulatable bag of these security settings with the settings from the config file.
+
+ The newly created security settings object.
+
+
+
+ Gets or sets a value indicating whether all discovery and authentication should require SSL security.
+
+
+
+
+ Gets or sets a value indicating whether only OP Identifiers will be discoverable
+ when creating authentication requests.
+
+
+
+
+ Gets or sets a value indicating whether authentication requests
+ will only be created where an association with the Provider can be established.
+
+
+
+
+ Gets or sets the minimum OpenID version a Provider is required to support in order for this library to interoperate with it.
+
+
+ Although the earliest versions of OpenID are supported, for security reasons it may be desirable to require the
+ remote party to support a later version of OpenID.
+
+
+
+
+ Gets or sets the minimum length of the hash that protects the protocol from hijackers.
+
+
+
+
+ Gets or sets the maximum length of the hash that protects the protocol from hijackers.
+
+
+
+
+ Gets or sets a value indicating whether all unsolicited assertions should be ignored.
+
+ The default value is false.
+
+
+
+ Gets or sets a value indicating whether delegating identifiers are refused for authentication.
+
+ The default value is false.
+
+ When set to true, login attempts that start at the RP or arrive via unsolicited
+ assertions will be rejected if discovery on the identifier shows that OpenID delegation
+ is used for the identifier. This is useful for an RP that should only accept identifiers
+ directly issued by the Provider that is sending the assertion.
+
+
+
+
+ Gets or sets a value indicating whether unsigned extensions in authentication responses should be ignored.
+
+ The default value is false.
+
+ When set to true, the methods
+ will not return any extension that was not signed by the Provider.
+
+
+
+
+ Gets or sets a value indicating whether identifiers that are both OP Identifiers and Claimed Identifiers
+ should ever be recognized as claimed identifiers.
+
+
+ The default value is false, per the OpenID 2.0 spec.
+
+
+
+
+ Gets or sets a value indicating whether certain Claimed Identifiers that exploit
+ features that .NET does not have the ability to send exact HTTP requests for will
+ still be allowed by using an approximate HTTP request.
+
+
+ The default value is true.
+
+
+
+
+ Gets or sets a value indicating whether the Relying Party should take special care
+ to protect users against replay attacks when interoperating with OpenID 1.1 Providers.
+
+
+
+
+ Gets or sets the set of trusted OpenID Provider Endpoints.
+
+
+
+
+ Represents the <xriResolver> element in the host's .config file.
+
+
+
+
+ Gets the name of the @enabled attribute.
+
+
+
+
+ The default value for .
+
+
+
+
+ The name of the <proxy> sub-element.
+
+
+
+
+ The default XRI proxy resolver to use.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Gets or sets a value indicating whether this XRI resolution is enabled.
+
+ The default value is true.
+
+
+
+ Gets or sets the proxy to use for resolving XRIs.
+
+ The default value is "xri.net".
+
+
+
+ Adds OpenID-specific extension methods to the XrdsDocument class.
+
+
+
+
+ Creates the service endpoints described in this document, useful for requesting
+ authentication of one of the OpenID Providers that result from it.
+
+ The XrdsDocument instance to use in this process.
+ The claimed identifier that was used to discover this XRDS document.
+ The user supplied identifier.
+
+ A sequence of OpenID Providers that can assert ownership of the .
+
+
+
+
+ Creates the service endpoints described in this document, useful for requesting
+ authentication of one of the OpenID Providers that result from it.
+
+ The XrdsDocument instance to use in this process.
+ The user-supplied i-name that was used to discover this XRDS document.
+ A sequence of OpenID Providers that can assert ownership of the canonical ID given in this document.
+
+
+
+ Generates OpenID Providers that can authenticate using directed identity.
+
+ The XrdsDocument instance to use in this process.
+ The OP Identifier entered (and resolved) by the user. Essentially the user-supplied identifier.
+ A sequence of the providers that can offer directed identity services.
+
+
+
+ Generates the OpenID Providers that are capable of asserting ownership
+ of a particular URI claimed identifier.
+
+ The XrdsDocument instance to use in this process.
+ The claimed identifier.
+ The user supplied identifier.
+
+ A sequence of the providers that can assert ownership of the given identifier.
+
+
+
+
+ Generates the OpenID Providers that are capable of asserting ownership
+ of a particular XRI claimed identifier.
+
+ The XrdsDocument instance to use in this process.
+ The i-name supplied by the user.
+ A sequence of the providers that can assert ownership of the given identifier.
+
+
+
+ Enumerates the XRDS service elements that describe OpenID Providers offering directed identity assertions.
+
+ The XrdsDocument instance to use in this process.
+ A sequence of service elements.
+
+
+
+ Returns the OpenID-compatible services described by a given XRDS document,
+ in priority order.
+
+ The XrdsDocument instance to use in this process.
+ A sequence of the services offered.
+
+
+
+ Stores a secret used in signing and verifying messages.
+
+
+ OpenID associations may be shared between Provider and Relying Party (smart
+ associations), or be a way for a Provider to recall its own secret for later
+ (dumb associations).
+
+
+
+
+ Initializes a new instance of the class.
+
+ The handle.
+ The secret.
+ How long the association will be useful.
+ The UTC time of when this association was originally issued by the Provider.
+
+
+
+ Re-instantiates an previously persisted in a database or some
+ other shared store.
+
+
+ The property of the previous instance.
+
+
+ The UTC value of the property of the previous instance.
+
+
+ The byte array returned by a call to on the previous
+ instance.
+
+
+ The newly dehydrated , which can be returned
+ from a custom association store's
+ IRelyingPartyAssociationStore.GetAssociation method.
+
+
+
+
+ Returns private data required to persist this in
+ permanent storage (a shared database for example) for deserialization later.
+
+
+ An opaque byte array that must be stored and returned exactly as it is provided here.
+ The byte array may vary in length depending on the specific type of ,
+ but in current versions are no larger than 256 bytes.
+
+
+ Values of public properties on the base class are not included
+ in this byte array, as they are useful for fast database lookup and are persisted separately.
+
+
+
+
+ Tests equality of two objects.
+
+ The to compare with the current .
+
+ true if the specified is equal to the current ; otherwise, false.
+
+
+
+
+ Returns the hash code.
+
+
+ A hash code for the current .
+
+
+
+
+ The string to pass as the assoc_type value in the OpenID protocol.
+
+ The protocol version of the message that the assoc_type value will be included in.
+ The value that should be used for the openid.assoc_type parameter.
+
+
+
+ Generates a signature from a given blob of data.
+
+ The data to sign. This data will not be changed (the signature is the return value).
+ The calculated signature of the data.
+
+
+
+ Returns the specific hash algorithm used for message signing.
+
+ The hash algorithm used for message signing.
+
+
+
+ Gets a unique handle by which this may be stored or retrieved.
+
+
+
+
+ Gets the UTC time when this will expire.
+
+
+
+
+ Gets a value indicating whether this has already expired.
+
+
+
+
+ Gets the length (in bits) of the hash this association creates when signing.
+
+
+
+
+ Gets a value indicating whether this instance has useful life remaining.
+
+
+ true if this instance has useful life remaining; otherwise, false.
+
+
+
+
+ Gets or sets the UTC time that this was first created.
+
+
+
+
+ Gets the duration a secret key used for signing dumb client requests will be good for.
+
+
+
+
+ Gets the number of seconds until this expires.
+ Never negative (counter runs to zero).
+
+
+
+
+ Gets the shared secret key between the consumer and provider.
+
+
+
+
+ Gets the lifetime the OpenID provider permits this .
+
+
+
+
+ Gets the minimum lifetime an association must still be good for in order for it to be used for a future authentication.
+
+
+ Associations that are not likely to last the duration of a user login are not worth using at all.
+
+
+
+
+ Gets the TimeSpan till this association expires.
+
+
+
+
+ Indicates the mode the Provider should use while authenticating the end user.
+
+
+
+
+ The Provider should use whatever credentials are immediately available
+ to determine whether the end user owns the Identifier. If sufficient
+ credentials (i.e. cookies) are not immediately available, the Provider
+ should fail rather than prompt the user.
+
+
+
+
+ The Provider should determine whether the end user owns the Identifier,
+ displaying a web page to the user to login etc., if necessary.
+
+
+
+
+ An Attribute Exchange and Simple Registration filter to make all incoming attribute
+ requests look like Simple Registration requests, and to convert the response
+ to the originally requested extension and format.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Gets or sets the AX attribute type URI formats this transform is willing to work with.
+
+
+
+
+ A strongly-typed resource class, for looking up localized strings, etc.
+
+
+
+
+ Returns the cached ResourceManager instance used by this class.
+
+
+
+
+ Overrides the current thread's CurrentUICulture property for all
+ resource lookups using this strongly typed resource class.
+
+
+
+
+ Looks up a localized string similar to The PAPE request has an incomplete set of authentication policies..
+
+
+
+
+ Looks up a localized string similar to A PAPE response is missing or is missing required policies..
+
+
+
+
+ Looks up a localized string similar to No personally identifiable information should be included in authentication responses when the PAPE authentication policy http://www.idmanagement.gov/schema/2009/05/icam/no-pii.pdf is present..
+
+
+
+
+ Looks up a localized string similar to No personally identifiable information should be requested when the http://www.idmanagement.gov/schema/2009/05/icam/no-pii.pdf PAPE policy is present..
+
+
+
+
+ Looks up a localized string similar to No PPID provider has been configured..
+
+
+
+
+ Looks up a localized string similar to Discovery on the Realm URL MUST be performed before sending a positive assertion..
+
+
+
+
+ Looks up a localized string similar to The Realm in an authentication request must be an HTTPS URL..
+
+
+
+
+ Implements the Identity, Credential, & Access Management (ICAM) OpenID 2.0 Profile
+ for the General Services Administration (GSA).
+
+
+ Relying parties that include this profile are always held to the terms required by the profile,
+ but Providers are only affected by the special behaviors of the profile when the RP specifically
+ indicates that they want to use this profile.
+
+
+
+
+ Backing field for the static property.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Gets or sets a value indicating whether PII is allowed to be requested or received via OpenID.
+
+ The default value is false.
+
+
+
+ Gets or sets a value indicating whether to ignore the SSL requirement (for testing purposes only).
+
+
+
+
+ Provides a mechanism for Relying Parties to work with OpenID 1.0 Providers
+ without losing claimed_id and op_endpoint data, which OpenID 2.0 Providers
+ are required to send back with positive assertions.
+
+
+
+
+ The "dnoa.op_endpoint" callback parameter that stores the Provider Endpoint URL
+ to tack onto the return_to URI.
+
+
+
+
+ The "dnoa.claimed_id" callback parameter that stores the Claimed Identifier
+ to tack onto the return_to URI.
+
+
+
+
+ Prepares a message for sending based on the rules of this channel binding element.
+
+ The message to prepare for sending.
+
+ The protections (if any) that this binding element applied to the message.
+ Null if this binding element did not even apply to this binding element.
+
+
+ Implementations that provide message protection must honor the
+ properties where applicable.
+
+
+
+
+ Performs any transformation on an incoming message that may be necessary and/or
+ validates an incoming message based on the rules of this channel binding element.
+
+ The incoming message to process.
+
+ The protections (if any) that this binding element applied to the message.
+ Null if this binding element did not even apply to this binding element.
+
+
+ Thrown when the binding element rules indicate that this message is invalid and should
+ NOT be processed.
+
+
+ Implementations that provide message protection must honor the
+ properties where applicable.
+
+
+
+
+ Gets or sets the channel that this binding element belongs to.
+
+
+
+ This property is set by the channel when it is first constructed.
+
+
+
+
+ Gets the protection offered (if any) by this binding element.
+
+
+
+
+
+ Code contract for the class.
+
+
+
+
+ Signs and verifies authentication assertions.
+
+
+
+
+ Prepares a message for sending based on the rules of this channel binding element.
+
+ The message to prepare for sending.
+
+ The protections (if any) that this binding element applied to the message.
+ Null if this binding element did not even apply to this binding element.
+
+
+
+
+ Performs any transformation on an incoming message that may be necessary and/or
+ validates an incoming message based on the rules of this channel binding element.
+
+ The incoming message to process.
+
+ The protections (if any) that this binding element applied to the message.
+ Null if this binding element did not even apply to this binding element.
+
+
+ Thrown when the binding element rules indicate that this message is invalid and should
+ NOT be processed.
+
+
+
+
+ Verifies the signature by unrecognized handle.
+
+ The message.
+ The signed message.
+ The protections applied.
+ The applied protections.
+
+
+
+ Calculates the signature for a given message.
+
+ The message to sign or verify.
+ The association to use to sign the message.
+ The calculated signature of the method.
+
+
+
+ Gets the association to use to sign or verify a message.
+
+ The message to sign or verify.
+ The association to use to sign or verify the message.
+
+
+
+ Gets a specific association referenced in a given message's association handle.
+
+ The signed message whose association handle should be used to lookup the association to return.
+ The referenced association; or null if such an association cannot be found.
+
+ If the association handle set in the message does not match any valid association,
+ the association handle property is cleared, and the
+ property is set to the
+ handle that could not be found.
+
+
+
+
+ Gets a private Provider association used for signing messages in "dumb" mode.
+
+ An existing or newly created association.
+
+
+
+ Ensures that all message parameters that must be signed are in fact included
+ in the signature.
+
+ The signed message.
+
+
+
+ Gets the protection offered (if any) by this binding element.
+
+
+
+
+
+ Gets or sets the channel that this binding element belongs to.
+
+
+
+
+ Gets a value indicating whether this binding element is on a Provider channel.
+
+
+
+
+ Verifies the signature by unrecognized handle.
+
+ The message.
+ The signed message.
+ The protections applied.
+
+ The applied protections.
+
+
+
+
+ Gets the association to use to sign or verify a message.
+
+ The message to sign or verify.
+
+ The association to use to sign or verify the message.
+
+
+
+
+ Gets a specific association referenced in a given message's association handle.
+
+ The signed message whose association handle should be used to lookup the association to return.
+
+ The referenced association; or null if such an association cannot be found.
+
+
+
+
+ The binding element that serializes/deserializes OpenID extensions to/from
+ their carrying OpenID messages.
+
+
+
+
+ False if unsigned extensions should be dropped. Must always be true on Providers, since RPs never sign extensions.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The extension factory.
+ The security settings.
+ Security setting for relying parties. Should be true for Providers.
+
+
+
+ Prepares a message for sending based on the rules of this channel binding element.
+
+ The message to prepare for sending.
+
+ The protections (if any) that this binding element applied to the message.
+ Null if this binding element did not even apply to this binding element.
+
+
+ Implementations that provide message protection must honor the
+ properties where applicable.
+
+
+
+
+ Performs any transformation on an incoming message that may be necessary and/or
+ validates an incoming message based on the rules of this channel binding element.
+
+ The incoming message to process.
+
+ The protections (if any) that this binding element applied to the message.
+ Null if this binding element did not even apply to this binding element.
+
+
+ Thrown when the binding element rules indicate that this message is invalid and should
+ NOT be processed.
+
+
+ Implementations that provide message protection must honor the
+ properties where applicable.
+
+
+
+
+ Gets the extensions on a message.
+
+ The carrier of the extensions.
+ If set to true only signed extensions will be available.
+ A optional filter that takes an extension type URI and
+ returns a value indicating whether that extension should be deserialized and
+ returned in the sequence. May be null.
+ A sequence of extensions in the message.
+
+
+
+ Gets the dictionary of message parts that should be deserialized into extensions.
+
+ The message.
+ If set to true only signed extensions will be available.
+
+ A dictionary of message parts, including only signed parts when appropriate.
+
+
+
+
+ Gets or sets the channel that this binding element belongs to.
+
+
+
+ This property is set by the channel when it is first constructed.
+
+
+
+
+ Gets the extension factory.
+
+
+
+
+ Gets the protection offered (if any) by this binding element.
+
+
+
+
+
+ OpenID extension factory class for creating extensions based on received Type URIs.
+
+
+ OpenID extension factories must be registered with the library. This can be
+ done by adding a factory to OpenIdRelyingParty.ExtensionFactories
+ or OpenIdProvider.ExtensionFactories, or by adding a snippet
+ such as the following to your web.config file:
+
+ <dotNetOpenAuth>
+ <openid>
+ <extensionFactories>
+ <add type="DotNetOpenAuth.ApplicationBlock.CustomExtensions.Acme, DotNetOpenAuth.ApplicationBlock" />
+ </extensionFactories>
+ </openid>
+ </dotNetOpenAuth>
+
+
+
+
+
+ Creates a new instance of some extension based on the received extension parameters.
+
+ The type URI of the extension.
+ The parameters associated specifically with this extension.
+ The OpenID message carrying this extension.
+ A value indicating whether this extension is being received at the OpenID Provider.
+
+ An instance of if the factory recognizes
+ the extension described in the input parameters; null otherwise.
+
+
+ This factory method need only initialize properties in the instantiated extension object
+ that are not bound using .
+
+
+
+
+ An interface that OAuth messages implement to support signing.
+
+
+
+
+ Gets or sets the association handle used to sign the message.
+
+ The handle for the association that was used to sign this assertion.
+
+
+
+ Gets or sets the association handle that the Provider wants the Relying Party to not use any more.
+
+ If the Relying Party sent an invalid association handle with the request, it SHOULD be included here.
+
+
+
+ Gets or sets the signed parameter order.
+
+ Comma-separated list of signed fields.
+ "op_endpoint,identity,claimed_id,return_to,assoc_handle,response_nonce"
+
+ This entry consists of the fields without the "openid." prefix that the signature covers.
+ This list MUST contain at least "op_endpoint", "return_to" "response_nonce" and "assoc_handle",
+ and if present in the response, "claimed_id" and "identity".
+ Additional keys MAY be signed as part of the message. See Generating Signatures.
+
+
+
+
+ A Uri encoder that serializes using
+ rather than the standard .
+
+
+
+
+ Encodes the specified value.
+
+ The value. Guaranteed to never be null.
+
+ The in string form, ready for message transport.
+
+
+
+
+ Decodes the specified value.
+
+ The string value carried by the transport. Guaranteed to never be null, although it may be empty.
+
+ The deserialized form of the given string.
+
+ Thrown when the string value given cannot be decoded into the required object type.
+
+
+
+ Indicates the level of strictness to require when decoding a
+ Key-Value Form encoded dictionary.
+
+
+
+
+ Be as forgiving as possible to errors made while encoding.
+
+
+
+
+ Allow for certain errors in encoding attributable to ambiguities
+ in the OpenID 1.1 spec's description of the encoding.
+
+
+
+
+ The strictest mode. The decoder requires the encoded dictionary
+ to be in strict compliance with OpenID 2.0's description of
+ the encoding.
+
+
+
+
+ Performs conversion to and from the Key-Value Form Encoding defined by
+ OpenID Authentication 2.0 section 4.1.1.
+ http://openid.net/specs/openid-authentication-2_0.html#anchor4
+
+
+ This class is thread safe and immutable.
+
+
+
+
+ The newline character sequence to use.
+
+
+
+
+ Characters that must not appear in parameter names.
+
+
+
+
+ Characters that must not appaer in parameter values.
+
+
+
+
+ The character encoding to use.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Initializes a new instance of the class.
+
+ How strictly an incoming Key-Value Form message will be held to the spec.
+
+
+
+ Encodes key/value pairs to Key-Value Form.
+
+
+ The dictionary of key/value pairs to convert to a byte stream.
+
+ The UTF8 byte array.
+
+ Enumerating a Dictionary<TKey, TValue> has undeterministic ordering.
+ If ordering of the key=value pairs is important, a deterministic enumerator must
+ be used.
+
+
+
+
+ Decodes bytes in Key-Value Form to key/value pairs.
+
+ The stream of Key-Value Form encoded bytes.
+ The deserialized dictionary.
+ Thrown when the data is not in the expected format.
+
+
+
+ Gets a value controlling how strictly an incoming Key-Value Form message will be held to the spec.
+
+
+
+
+ A channel that knows how to send and receive OpenID messages.
+
+
+
+
+ The HTTP Content-Type to use in Key-Value Form responses.
+
+
+ OpenID 2.0 section 5.1.2 says this SHOULD be text/plain. But this value
+ does not prevent free hosters like GoDaddy from tacking on their ads
+ to the end of the direct response, corrupting the data. So we deviate
+ from the spec a bit here to improve the story for free Providers.
+
+
+
+
+ The encoder that understands how to read and write Key-Value Form.
+
+
+
+
+ Initializes a new instance of the class.
+
+ A class prepared to analyze incoming messages and indicate what concrete
+ message types can deserialize from it.
+ The binding elements to use in sending and receiving messages.
+
+
+
+ Verifies the integrity and applicability of an incoming message.
+
+ The message just received.
+
+ Thrown when the message is somehow invalid, except for check_authentication messages.
+ This can be due to tampering, replay attack or expiration, among other things.
+
+
+
+
+ Prepares an HTTP request that carries a given message.
+
+ The message to send.
+
+ The prepared to send the request.
+
+
+
+
+ Gets the protocol message that may be in the given HTTP response.
+
+ The response that is anticipated to contain an protocol message.
+
+ The deserialized message parts, if found. Null otherwise.
+
+ Thrown when the response is not valid.
+
+
+
+ Called when receiving a direct response message, before deserialization begins.
+
+ The HTTP direct response.
+ The newly instantiated message, prior to deserialization.
+
+
+
+ Queues a message for sending in the response stream where the fields
+ are sent in the response stream in querystring style.
+
+ The message to send as a response.
+
+ The pending user agent redirect based message to be sent as an HttpResponse.
+
+
+ This method implements spec V1.0 section 5.3.
+
+
+
+
+ Gets the direct response of a direct HTTP request.
+
+ The web request.
+ The response to the web request.
+ Thrown on network or protocol errors.
+
+
+
+ This binding element signs a Relying Party's openid.return_to parameter
+ so that upon return, it can verify that it hasn't been tampered with.
+
+
+ Since Providers can send unsolicited assertions, not all openid.return_to
+ values will be signed. But those that are signed will be validated, and
+ any invalid or missing signatures will cause this library to not trust
+ the parameters in the return_to URL.
+ In the messaging stack, this binding element looks like an ordinary
+ transform-type of binding element rather than a protection element,
+ due to its required order in the channel stack and that it doesn't sign
+ anything except a particular message part.
+
+
+
+
+ The name of the callback parameter we'll tack onto the return_to value
+ to store our signature on the return_to parameter.
+
+
+
+
+ The name of the callback parameter we'll tack onto the return_to value
+ to store the handle of the association we use to sign the return_to parameter.
+
+
+
+
+ The URI to use for private associations at this RP.
+
+
+
+
+ The key store used to generate the private signature on the return_to parameter.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The crypto key store.
+
+
+
+ Prepares a message for sending based on the rules of this channel binding element.
+
+ The message to prepare for sending.
+
+ The protections (if any) that this binding element applied to the message.
+ Null if this binding element did not even apply to this binding element.
+
+
+ Implementations that provide message protection must honor the
+ properties where applicable.
+
+
+
+
+ Performs any transformation on an incoming message that may be necessary and/or
+ validates an incoming message based on the rules of this channel binding element.
+
+ The incoming message to process.
+
+ The protections (if any) that this binding element applied to the message.
+ Null if this binding element did not even apply to this binding element.
+
+
+ Thrown when the binding element rules indicate that this message is invalid and should
+ NOT be processed.
+
+
+ Implementations that provide message protection must honor the
+ properties where applicable.
+
+
+
+
+ Gets the return to signature.
+
+ The return to.
+ The crypto key.
+
+ The generated signature.
+
+
+ Only the parameters in the return_to URI are signed, rather than the base URI
+ itself, in order that OPs that might change the return_to's implicit port :80 part
+ or other minor changes do not invalidate the signature.
+
+
+
+
+ Gets or sets the channel that this binding element belongs to.
+
+
+
+ This property is set by the channel when it is first constructed.
+
+
+
+
+ Gets the protection offered (if any) by this binding element.
+
+
+
+ No message protection is reported because this binding element
+ does not protect the entire message -- only a part.
+
+
+
+
+ Spoofs security checks on incoming OpenID messages.
+
+
+
+
+ Prepares a message for sending based on the rules of this channel binding element.
+
+ The message to prepare for sending.
+
+ The protections (if any) that this binding element applied to the message.
+ Null if this binding element did not even apply to this binding element.
+
+
+ Implementations that provide message protection must honor the
+ properties where applicable.
+
+
+
+
+ Performs any transformation on an incoming message that may be necessary and/or
+ validates an incoming message based on the rules of this channel binding element.
+
+ The incoming message to process.
+
+ The protections (if any) that this binding element applied to the message.
+ Null if this binding element did not even apply to this binding element.
+
+
+ Thrown when the binding element rules indicate that this message is invalid and should
+ NOT be processed.
+
+
+ Implementations that provide message protection must honor the
+ properties where applicable.
+
+
+
+
+ Gets or sets the channel that this binding element belongs to.
+
+
+
+ This property is set by the channel when it is first constructed.
+
+
+
+
+ Gets the protection commonly offered (if any) by this binding element.
+
+
+
+ This value is used to assist in sorting binding elements in the channel stack.
+
+
+
+
+ Code contract for the class.
+
+
+
+
+ Prevents a default instance of the class from being created.
+
+
+
+
+ The string to pass as the assoc_type value in the OpenID protocol.
+
+ The protocol version of the message that the assoc_type value will be included in.
+
+ The value that should be used for the openid.assoc_type parameter.
+
+
+
+
+ Returns the specific hash algorithm used for message signing.
+
+
+ The hash algorithm used for message signing.
+
+
+
+
+ Gets the length (in bits) of the hash this association creates when signing.
+
+
+
+
+ Manages a fast, two-way mapping between type URIs and their aliases.
+
+
+
+
+ The format of auto-generated aliases.
+
+
+
+
+ Tracks extension Type URIs and aliases assigned to them.
+
+
+
+
+ Tracks extension aliases and Type URIs assigned to them.
+
+
+
+
+ Gets an alias assigned for a given Type URI. A new alias is assigned if necessary.
+
+ The type URI.
+ The alias assigned to this type URI. Never null.
+
+
+
+ Sets an alias and the value that will be returned by .
+
+ The alias.
+ The type URI.
+
+
+
+ Takes a sequence of type URIs and assigns aliases for all of them.
+
+ The type URIs to create aliases for.
+ An optional dictionary of URI/alias pairs that suggest preferred aliases to use if available for certain type URIs.
+
+
+
+ Sets up aliases for any Type URIs in a dictionary that do not yet have aliases defined,
+ and where the given preferred alias is still available.
+
+ A dictionary of type URI keys and alias values.
+
+
+
+ Gets the Type Uri encoded by a given alias.
+
+ The alias.
+ The Type URI.
+ Thrown if the given alias does not have a matching TypeURI.
+
+
+
+ Gets the Type Uri encoded by a given alias.
+
+ The alias.
+ The Type URI for the given alias, or null if none for that alias exist.
+
+
+
+ Returns a value indicating whether an alias has already been assigned to a type URI.
+
+ The alias in question.
+ True if the alias has already been assigned. False otherwise.
+
+
+
+ Determines whether a given TypeURI has an associated alias assigned to it.
+
+ The type URI.
+
+ true if the given type URI already has an alias assigned; false otherwise.
+
+
+
+
+ Assigns a new alias to a given Type URI.
+
+ The type URI to assign a new alias to.
+ The newly generated alias.
+
+
+
+ Gets the aliases that have been set.
+
+
+
+
+ An individual attribute to be requested of the OpenID Provider using
+ the Attribute Exchange extension.
+
+
+
+
+ Backing field for the property.
+
+
+
+
+ Initializes a new instance of the class
+ with = false, = 1.
+
+
+
+
+ Initializes a new instance of the class
+ with = false, = 1.
+
+ The unique TypeURI for that describes the attribute being sought.
+
+
+
+ Initializes a new instance of the class
+ with = 1.
+
+ The unique TypeURI for that describes the attribute being sought.
+ A value indicating whether the Relying Party considers this attribute to be required for registration.
+
+
+
+ Initializes a new instance of the class.
+
+ The unique TypeURI for that describes the attribute being sought.
+ A value indicating whether the Relying Party considers this attribute to be required for registration.
+ The maximum number of values for this attribute the Relying Party is prepared to receive.
+
+
+
+ Used by a Provider to create a response to a request for an attribute's value(s)
+ using a given array of strings.
+
+ The values for the requested attribute.
+
+ The newly created object that should be added to
+ the object.
+
+
+
+
+ Determines whether the specified is equal to the current .
+
+ The to compare with the current .
+
+ true if the specified is equal to the current ; otherwise, false.
+
+
+ The parameter is null.
+
+
+
+
+ Serves as a hash function for a particular type.
+
+
+ A hash code for the current .
+
+
+
+
+ Gets or sets the URI uniquely identifying the attribute being requested.
+
+
+
+
+ Gets or sets a value indicating whether the relying party considers this a required field.
+ Note that even if set to true, the Provider may not provide the value.
+
+
+
+
+ Gets or sets the maximum number of values for this attribute the
+ Relying Party wishes to receive from the OpenID Provider.
+ A value of int.MaxValue is considered infinity.
+
+
+
+
+ An individual attribute's value(s) as supplied by an OpenID Provider
+ in response to a prior request by an OpenID Relying Party as part of
+ a fetch request, or by a relying party as part of a store request.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The TypeURI that uniquely identifies the attribute.
+ The values for the attribute.
+
+
+
+ Initializes a new instance of the class.
+
+
+ This is internal because web sites should be using the
+ method to instantiate.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The TypeURI of the attribute whose values are being provided.
+
+
+
+ Determines whether the specified is equal to the current .
+
+ The to compare with the current .
+
+ true if the specified is equal to the current ; otherwise, false.
+
+
+ The parameter is null.
+
+
+
+
+ Serves as a hash function for a particular type.
+
+
+ A hash code for the current .
+
+
+
+
+ Gets the URI uniquely identifying the attribute whose value is being supplied.
+
+
+
+
+ Gets the values supplied by the Provider.
+
+
+
+
+ The various Type URI formats an AX attribute may use by various remote parties.
+
+
+
+
+ No attribute format.
+
+
+
+
+ AX attributes should use the Type URI format starting with http://axschema.org/.
+
+
+
+
+ AX attributes should use the Type URI format starting with http://schema.openid.net/.
+
+
+
+
+ AX attributes should use the Type URI format starting with http://openid.net/schema/.
+
+
+
+
+ All known schemas.
+
+
+
+
+ The most common schemas.
+
+
+
+
+ Helper methods shared by multiple messages in the Attribute Exchange extension.
+
+
+
+
+ Adds a request for an attribute considering it 'required'.
+
+ The attribute request collection.
+ The type URI of the required attribute.
+
+
+
+ Adds a request for an attribute without considering it 'required'.
+
+ The attribute request collection.
+ The type URI of the requested attribute.
+
+
+
+ Adds a given attribute with one or more values to the request for storage.
+ Applicable to Relying Parties only.
+
+ The collection of to add to.
+ The type URI of the attribute.
+ The attribute values.
+
+
+
+ Serializes a set of attribute values to a dictionary of fields to send in the message.
+
+ The dictionary to fill with serialized attributes.
+ The attributes.
+
+
+
+ Deserializes attribute values from an incoming set of message data.
+
+ The data coming in with the message.
+ The attribute values found in the message.
+
+
+
+ Reads through the attributes included in the response to discover
+ the alias-TypeURI relationships.
+
+ The data included in the extension message.
+ The alias manager that provides lookup between aliases and type URIs.
+
+
+
+ Attribute Exchange constants
+
+
+
+
+ The TypeURI by which the AX extension is recognized in
+ OpenID messages and in XRDS documents.
+
+
+
+
+ The Attribute Exchange Fetch message, request leg.
+
+
+
+
+ A handy base class for built-in extensions.
+
+
+
+
+ The contract any OpenID extension for DotNetOpenAuth must implement.
+
+
+ Classes that implement this interface should be marked as
+ [] to allow serializing state servers
+ to cache messages, particularly responses.
+
+
+
+
+ Gets the TypeURI the extension uses in the OpenID protocol and in XRDS advertisements.
+
+
+
+
+ Gets the additional TypeURIs that are supported by this extension, in preferred order.
+ May be empty if none other than is supported, but
+ should not be null.
+
+
+ Useful for reading in messages with an older version of an extension.
+ The value in the property is always checked before
+ trying this list.
+ If you do support multiple versions of an extension using this method,
+ consider adding a CreateResponse method to your request extension class
+ so that the response can have the context it needs to remain compatible
+ given the version of the extension in the request message.
+ The for an example.
+
+
+
+
+ Gets or sets a value indicating whether this extension was
+ signed by the sender.
+
+
+ true if this instance is signed by the sender; otherwise, false.
+
+
+
+
+ Backing store for the property.
+
+
+
+
+ Backing store for the property.
+
+
+
+
+ Backing store for the property.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The version of the extension.
+ The type URI to use in the OpenID message.
+ The additional supported type URIs by which this extension might be recognized. May be null.
+
+
+
+ Checks the message state for conformity to the protocol specification
+ and throws an exception if the message is invalid.
+
+
+ Some messages have required fields, or combinations of fields that must relate to each other
+ in specialized ways. After deserializing a message, this method checks the state of the
+ message to see if it conforms to the protocol.
+ Note that this property should not check signatures or perform any state checks
+ outside this scope of this particular message.
+
+ Thrown if the message is invalid.
+
+
+
+ Checks the message state for conformity to the protocol specification
+ and throws an exception if the message is invalid.
+
+
+ Some messages have required fields, or combinations of fields that must relate to each other
+ in specialized ways. After deserializing a message, this method checks the state of the
+ message to see if it conforms to the protocol.
+ Note that this property should not check signatures or perform any state checks
+ outside this scope of this particular message.
+
+ Thrown if the message is invalid.
+
+
+
+ Gets the TypeURI the extension uses in the OpenID protocol and in XRDS advertisements.
+
+
+
+
+ Gets the additional TypeURIs that are supported by this extension, in preferred order.
+ May be empty if none other than is supported, but
+ should not be null.
+
+
+ Useful for reading in messages with an older version of an extension.
+ The value in the property is always checked before
+ trying this list.
+ If you do support multiple versions of an extension using this method,
+ consider adding a CreateResponse method to your request extension class
+ so that the response can have the context it needs to remain compatible
+ given the version of the extension in the request message.
+ The for an example.
+
+
+
+
+ Gets or sets a value indicating whether this extension was
+ signed by the OpenID Provider.
+
+
+ true if this instance is signed by the provider; otherwise, false.
+
+
+
+
+ Gets the version of the protocol or extension this message is prepared to implement.
+
+
+
+
+ Gets the extra, non-standard Protocol parameters included in the message.
+
+
+ Implementations of this interface should ensure that this property never returns null.
+
+
+
+
+ Gets the TypeURI the extension uses in the OpenID protocol and in XRDS advertisements.
+
+
+
+
+ Gets or sets a value indicating whether this extension was
+ signed by the OpenID Provider.
+
+
+ true if this instance is signed by the provider; otherwise, false.
+
+
+
+
+ Gets the additional TypeURIs that are supported by this extension, in preferred order.
+ May be empty if none other than is supported, but
+ should not be null.
+
+
+
+ Useful for reading in messages with an older version of an extension.
+ The value in the property is always checked before
+ trying this list.
+ If you do support multiple versions of an extension using this method,
+ consider adding a CreateResponse method to your request extension class
+ so that the response can have the context it needs to remain compatible
+ given the version of the extension in the request message.
+ The for an example.
+
+
+
+
+ Gets the extra, non-standard Protocol parameters included in the message.
+
+
+
+ Implementations of this interface should ensure that this property never returns null.
+
+
+
+
+ The value for the 'mode' parameter.
+
+
+
+
+ The factory method that may be used in deserialization of this message.
+
+
+
+
+ Characters that may not appear in an attribute alias list.
+
+
+
+
+ Characters that may not appear in an attribute Type URI alias.
+
+
+
+
+ The collection of requested attributes.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Determines whether the specified is equal to the current .
+
+ The to compare with the current .
+
+ true if the specified is equal to the current ; otherwise, false.
+
+
+ The parameter is null.
+
+
+
+
+ Serves as a hash function for a particular type.
+
+
+ A hash code for the current .
+
+
+
+
+ Called when the message is about to be transmitted,
+ before it passes through the channel binding elements.
+
+
+
+
+ Called when the message has been received,
+ after it passes through the channel binding elements.
+
+
+
+
+ Checks the message state for conformity to the protocol specification
+ and throws an exception if the message is invalid.
+
+
+ Some messages have required fields, or combinations of fields that must relate to each other
+ in specialized ways. After deserializing a message, this method checks the state of the
+ message to see if it conforms to the protocol.
+ Note that this property should not check signatures or perform any state checks
+ outside this scope of this particular message.
+
+ Thrown if the message is invalid.
+
+
+
+ Splits a list of aliases by their commas.
+
+ The comma-delimited list of aliases. May be null or empty.
+ The list of aliases. Never null, but may be empty.
+
+
+
+ Gets a collection of the attributes whose values are
+ requested by the Relying Party.
+
+ A collection where the keys are the attribute type URIs, and the value
+ is all the attribute request details.
+
+
+
+ Gets or sets the URL that the OpenID Provider may re-post the fetch response
+ message to at some time after the initial response has been sent, using an
+ OpenID Authentication Positive Assertion to inform the relying party of updates
+ to the requested fields.
+
+
+
+
+ Gets or sets a list of aliases for optional attributes.
+
+ A comma-delimited list of aliases.
+
+
+
+ Gets or sets a list of aliases for required attributes.
+
+ A comma-delimited list of aliases.
+
+
+
+ The Attribute Exchange Fetch message, response leg.
+
+
+
+
+ The value of the 'mode' parameter.
+
+
+
+
+ The factory method that may be used in deserialization of this message.
+
+
+
+
+ The collection of provided attributes. This field will never be null.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Gets the first attribute value provided for a given attribute Type URI.
+
+
+ The type URI of the attribute.
+ Usually a constant from .
+
+ The first value provided for the attribute, or null if the attribute is missing or no values were provided.
+
+
+ This is meant as a helper method for the common case of just wanting one attribute value.
+ For greater flexibility or to retrieve more than just the first value for an attribute,
+ use the collection directly.
+
+
+
+
+ Determines whether the specified is equal to the current .
+
+ The to compare with the current .
+
+ true if the specified is equal to the current ; otherwise, false.
+
+
+ The parameter is null.
+
+
+
+
+ Serves as a hash function for a particular type.
+
+
+ A hash code for the current .
+
+
+
+
+ Called when the message is about to be transmitted,
+ before it passes through the channel binding elements.
+
+
+
+
+ Called when the message has been received,
+ after it passes through the channel binding elements.
+
+
+
+
+ Checks the message state for conformity to the protocol specification
+ and throws an exception if the message is invalid.
+
+
+ Some messages have required fields, or combinations of fields that must relate to each other
+ in specialized ways. After deserializing a message, this method checks the state of the
+ message to see if it conforms to the protocol.
+ Note that this property should not check signatures or perform any state checks
+ outside this scope of this particular message.
+
+ Thrown if the message is invalid.
+
+
+
+ Gets a sequence of the attributes whose values are provided by the OpenID Provider.
+
+
+
+
+ Gets a value indicating whether the OpenID Provider intends to
+ honor the request for updates.
+
+
+
+
+ Gets or sets the URL the OpenID Provider will post updates to.
+ Must be set if the Provider supports and will use this feature.
+
+
+
+
+ Gets a value indicating whether this extension is signed by the Provider.
+
+
+ true if this instance is signed by the Provider; otherwise, false.
+
+
+
+
+ The Attribute Exchange Store message, request leg.
+
+
+
+
+ The value of the 'mode' parameter.
+
+
+
+
+ The factory method that may be used in deserialization of this message.
+
+
+
+
+ The collection of provided attribute values. This field will never be null.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Called when the message is about to be transmitted,
+ before it passes through the channel binding elements.
+
+
+
+
+ Called when the message has been received,
+ after it passes through the channel binding elements.
+
+
+
+
+ Determines whether the specified is equal to the current .
+
+ The to compare with the current .
+
+ true if the specified is equal to the current ; otherwise, false.
+
+
+ The parameter is null.
+
+
+
+
+ Serves as a hash function for a particular type.
+
+
+ A hash code for the current .
+
+
+
+
+ Gets the collection of all the attributes that are included in the store request.
+
+
+
+
+ The Attribute Exchange Store message, response leg.
+
+
+
+
+ The value of the mode parameter used to express a successful store operation.
+
+
+
+
+ The value of the mode parameter used to express a store operation failure.
+
+
+
+
+ The factory method that may be used in deserialization of this message.
+
+
+
+
+ Initializes a new instance of the class
+ to represent a successful store operation.
+
+
+
+
+ Initializes a new instance of the class
+ to represent a failed store operation.
+
+ The reason for failure.
+
+
+
+ Determines whether the specified is equal to the current .
+
+ The to compare with the current .
+
+ true if the specified is equal to the current ; otherwise, false.
+
+
+ The parameter is null.
+
+
+
+
+ Serves as a hash function for a particular type.
+
+
+ A hash code for the current .
+
+
+
+
+ Checks the message state for conformity to the protocol specification
+ and throws an exception if the message is invalid.
+
+
+ Some messages have required fields, or combinations of fields that must relate to each other
+ in specialized ways. After deserializing a message, this method checks the state of the
+ message to see if it conforms to the protocol.
+ Note that this property should not check signatures or perform any state checks
+ outside this scope of this particular message.
+
+ Thrown if the message is invalid.
+
+
+
+ Gets or sets a value indicating whether the storage request succeeded.
+
+ Defaults to true.
+
+
+
+ Gets or sets the reason for the failure, if applicable.
+
+
+
+
+ Gets a value indicating whether this extension is signed by the Provider.
+
+
+ true if this instance is signed by the Provider; otherwise, false.
+
+
+
+
+ Gets or sets the mode argument.
+
+ One of 'store_response_success' or 'store_response_failure'.
+
+
+
+ Attribute types defined at http://www.axschema.org/types/.
+
+
+ If you don't see what you need here, check that URL to see if any have been added.
+ You can use new ones directly without adding them to this class, and can even make
+ up your own if you expect the other end to understand what you make up.
+
+
+
+
+ Inherent attributes about a personality such as gender and bio.
+
+
+
+ Gender, either "M" or "F"
+ "M", "F"
+
+
+ Biography (text)
+ "I am the very model of a modern Major General."
+
+
+
+ Preferences such as language and timezone.
+
+
+
+ Preferred language, as per RFC4646
+ "en-US"
+
+
+ Home time zone information (as specified in zoneinfo)
+ "America/Pacific"
+
+
+
+ The names a person goes by.
+
+
+
+ Subject's alias or "screen" name
+ "Johnny5"
+
+
+ Full name of subject
+ "John Doe"
+
+
+ Honorific prefix for the subject's name
+ "Mr.", "Mrs.", "Dr."
+
+
+ First or given name of subject
+ "John"
+
+
+ Last name or surname of subject
+ "Smith"
+
+
+ Middle name(s) of subject
+ "Robert"
+
+
+ Suffix of subject's name
+ "III", "Jr."
+
+
+
+ Business affiliation.
+
+
+
+ Company name (employer)
+ "Springfield Power"
+
+
+ Employee title
+ "Engineer"
+
+
+
+ Information about a person's birthdate.
+
+
+
+ Date of birth.
+ "1979-01-01"
+
+
+ Year of birth (four digits)
+ "1979"
+
+
+ Month of birth (1-12)
+ "05"
+
+
+ Day of birth
+ "31"
+
+
+
+ Various ways to contact a person.
+
+
+
+ Internet SMTP email address as per RFC2822
+ "jsmith@isp.example.com"
+
+
+
+ Various types of phone numbers.
+
+
+
+ Main phone number (preferred)
+ +1-800-555-1234
+
+
+ Home phone number
+ +1-800-555-1234
+
+
+ Business phone number
+ +1-800-555-1234
+
+
+ Cellular (or mobile) phone number
+ +1-800-555-1234
+
+
+ Fax number
+ +1-800-555-1234
+
+
+
+ The many fields that make up an address.
+
+
+
+ Home postal address: street number, name and apartment number
+ "#42 135 East 1st Street"
+
+
+ "#42 135 East 1st Street"
+ "Box 67"
+
+
+ Home city name
+ "Vancouver"
+
+
+ Home state or province name
+ "BC"
+
+
+ Home country code in ISO.3166.1988 (alpha 2) format
+ "CA"
+
+
+ Home postal code; region specific format
+ "V5A 4B2"
+
+
+
+ The many fields that make up an address.
+
+
+
+ Business postal address: street number, name and apartment number
+ "#42 135 East 1st Street"
+
+
+ "#42 135 East 1st Street"
+ "Box 67"
+
+
+ Business city name
+ "Vancouver"
+
+
+ Business state or province name
+ "BC"
+
+
+ Business country code in ISO.3166.1988 (alpha 2) format
+ "CA"
+
+
+ Business postal code; region specific format
+ "V5A 4B2"
+
+
+
+ Various handles for instant message clients.
+
+
+
+ AOL instant messaging service handle
+ "jsmith421234"
+
+
+ ICQ instant messaging service handle
+ "1234567"
+
+
+ MSN instant messaging service handle
+ "jsmith42@hotmail.com"
+
+
+ Yahoo! instant messaging service handle
+ "jsmith421234"
+
+
+ Jabber instant messaging service handle
+ "jsmith@jabber.example.com"
+
+
+ Skype instant messaging service handle
+ "jsmith42"
+
+
+
+ Various web addresses connected with this personality.
+
+
+
+ Web site URL
+ "http://example.com/~jsmith/"
+
+
+ Blog home page URL
+ "http://example.com/jsmith_blog/"
+
+
+ LinkedIn URL
+ "http://www.linkedin.com/pub/1/234/56"
+
+
+ Amazon URL
+ "http://www.amazon.com/gp/pdp/profile/A24DLKJ825"
+
+
+ Flickr URL
+ "http://flickr.com/photos/jsmith42/"
+
+
+ del.icio.us URL
+ "http://del.icio.us/jsmith42"
+
+
+
+ Audio and images of this personality.
+
+
+
+ Spoken name (web URL)
+ "http://example.com/~jsmith/john_smith.wav"
+
+
+ Audio greeting (web URL)
+ "http://example.com/~jsmith/i_greet_you.wav"
+
+
+ Video greeting (web URL)
+ "http://example.com/~jsmith/i_greet_you.mov"
+
+
+
+ Images of this personality.
+
+
+
+ Image (web URL); unspecified dimension
+ "http://example.com/~jsmith/image.jpg"
+
+
+ Image (web URL) with equal width and height
+ "http://example.com/~jsmith/image.jpg"
+
+
+ Image (web URL) 4:3 aspect ratio - landscape
+ "http://example.com/~jsmith/image.jpg"
+
+
+ Image (web URL) 4:3 aspect ratio - landscape
+ "http://example.com/~jsmith/image.jpg"
+
+
+ Image (web URL); favicon format as per FAVICON-W3C. The format for the image must be 16x16 pixels or 32x32 pixels, using either 8-bit or 24-bit colors. The format of the image must be one of PNG (a W3C standard), GIF, or ICO.
+ "http://example.com/~jsmith/image.jpg"
+
+
+
+ Manages the processing and construction of OpenID extensions parts.
+
+
+
+
+ This contains a set of aliases that we must be willing to implicitly
+ match to namespaces for backward compatibility with other OpenID libraries.
+
+
+
+
+ The version of OpenID that the message is using.
+
+
+
+
+ Whether extensions are being read or written.
+
+
+
+
+ The alias manager that will track Type URI to alias mappings.
+
+
+
+
+ A complex dictionary where the key is the Type URI of the extension,
+ and the value is another dictionary of the name/value args of the extension.
+
+
+
+
+ Prevents a default instance of the class from being created.
+
+
+
+
+ Creates a instance to process incoming extensions.
+
+ The parameters in the OpenID message.
+ The newly created instance of .
+
+
+
+ Creates a instance to prepare outgoing extensions.
+
+ The protocol version used for the outgoing message.
+
+ The newly created instance of .
+
+
+
+
+ Adds query parameters for OpenID extensions to the request directed
+ at the OpenID provider.
+
+ The extension type URI.
+ The arguments for this extension to add to the message.
+
+
+
+ Gets the actual arguments to add to a querystring or other response,
+ where type URI, alias, and actual key/values are all defined.
+
+
+ true if the generated parameter names should include the 'openid.' prefix.
+ This should be true for all but direct response messages.
+
+ A dictionary of key=value pairs to add to the message to carry the extension.
+
+
+
+ Gets the fields carried by a given OpenId extension.
+
+ The type URI of the extension whose fields are being queried for.
+
+ The fields included in the given extension, or null if the extension is not present.
+
+
+
+
+ Gets whether any arguments for a given extension are present.
+
+ The extension Type URI in question.
+ true if this extension is present; false otherwise.
+
+
+
+ Gets the type URIs of all discovered extensions in the message.
+
+ A sequence of the type URIs.
+
+
+
+ Gets a value indicating whether the extensions are being read (as opposed to written).
+
+
+
+
+ An interface that OpenID extensions can implement to allow authentication response
+ messages with included extensions to be processed by Javascript on the user agent.
+
+
+
+
+ Reads the extension information on an authentication response from the provider.
+
+ The incoming OpenID response carrying the extension.
+
+ A Javascript snippet that when executed on the user agent returns an object with
+ the information deserialized from the extension response.
+
+
+ This method is called before the signature on the assertion response has been
+ verified. Therefore all information in these fields should be assumed unreliable
+ and potentially falsified.
+
+
+
+
+ An extension to include with an authentication request in order to also
+ obtain authorization to access user data at the combined OpenID Provider
+ and Service Provider.
+
+
+ When requesting OpenID Authentication via the protocol mode "checkid_setup"
+ or "checkid_immediate", this extension can be used to request that the end
+ user authorize an OAuth access token at the same time as an OpenID
+ authentication. This is done by sending the following parameters as part
+ of the OpenID request. (Note that the use of "oauth" as part of the parameter
+ names here and in subsequent sections is just an example. See Section 5 for details.)
+ See section 8.
+
+
+
+
+ The factory method that may be used in deserialization of this message.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Gets or sets the consumer key agreed upon between the Consumer and Service Provider.
+
+
+
+
+ Gets or sets a string that encodes, in a way possibly specific to the Combined Provider, one or more scopes for the OAuth token expected in the authentication response.
+
+
+
+
+ The OAuth response that a Provider may include with a positive
+ OpenID identity assertion with an approved request token.
+
+
+
+
+ The factory method that may be used in deserialization of this message.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Gets or sets the user-approved request token.
+
+ The request token.
+
+
+
+ Gets or sets a string that encodes, in a way possibly specific to the Combined Provider, one or more scopes that the returned request token is valid for. This will typically indicate a subset of the scopes requested in Section 8.
+
+
+
+
+ Constants used in the OpenID OAuth extension.
+
+
+
+
+ The TypeURI for the OpenID OAuth extension.
+
+
+
+
+ The name of the parameter that carries the request token in the response.
+
+
+
+
+ The OAuth response that a Provider should include with a positive
+ OpenID identity assertion when OAuth authorization was declined.
+
+
+
+
+ The factory method that may be used in deserialization of this message.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ An OpenID extension factory that only delegates extension
+ instantiation requests to other factories.
+
+
+
+
+ The list of factories this factory delegates to.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Creates a new instance of some extension based on the received extension parameters.
+
+ The type URI of the extension.
+ The parameters associated specifically with this extension.
+ The OpenID message carrying this extension.
+ A value indicating whether this extension is being received at the OpenID Provider.
+
+ An instance of if the factory recognizes
+ the extension described in the input parameters; null otherwise.
+
+
+ This factory method need only initialize properties in the instantiated extension object
+ that are not bound using .
+
+
+
+
+ Loads the default factory and additional ones given by the configuration.
+
+ A new instance of .
+
+
+
+ Gets the extension factories that this aggregating factory delegates to.
+
+ A list of factories. May be empty, but never null.
+
+
+
+ Encodes/decodes the Simple Registration Gender type to its string representation.
+
+
+
+
+ Encodes the specified value.
+
+ The value. Guaranteed to never be null.
+
+ The in string form, ready for message transport.
+
+
+
+
+ Decodes the specified value.
+
+ The string value carried by the transport. Guaranteed to never be null, although it may be empty.
+
+ The deserialized form of the given string.
+
+ Thrown when the string value given cannot be decoded into the required object type.
+
+
+
+ An OpenID extension factory that supports registration so that third-party
+ extensions can add themselves to this library's supported extension list.
+
+
+
+
+ A collection of the registered OpenID extensions.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Creates a new instance of some extension based on the received extension parameters.
+
+ The type URI of the extension.
+ The parameters associated specifically with this extension.
+ The OpenID message carrying this extension.
+ A value indicating whether this extension is being received at the OpenID Provider.
+
+ An instance of if the factory recognizes
+ the extension described in the input parameters; null otherwise.
+
+
+ This factory method need only initialize properties in the instantiated extension object
+ that are not bound using .
+
+
+
+
+ Registers a new extension delegate.
+
+ The factory method that can create the extension.
+
+
+
+ A delegate that individual extensions may register with this factory.
+
+ The type URI of the extension.
+ The parameters associated specifically with this extension.
+ The OpenID message carrying this extension.
+ A value indicating whether this extension is being received at the OpenID Provider.
+
+ An instance of if the factory recognizes
+ the extension described in the input parameters; null otherwise.
+
+
+
+
+ Well-known authentication policies defined in the PAPE extension spec or by a recognized
+ standards body.
+
+
+ This is a class of constants rather than a flags enum because policies may be
+ freely defined and used by anyone, just by using a new Uri.
+
+
+
+
+ An authentication mechanism where the End User does not provide a shared secret to a party potentially under the control of the Relying Party. (Note that the potentially malicious Relying Party controls where the User-Agent is redirected to and thus may not send it to the End User's actual OpenID Provider).
+
+
+
+
+ An authentication mechanism where the End User authenticates to the OpenID Provider by providing over one authentication factor. Common authentication factors are something you know, something you have, and something you are. An example would be authentication using a password and a software token or digital certificate.
+
+
+
+
+ An authentication mechanism where the End User authenticates to the OpenID Provider by providing over one authentication factor where at least one of the factors is a physical factor such as a hardware device or biometric. Common authentication factors are something you know, something you have, and something you are. This policy also implies the Multi-Factor Authentication policy (http://schemas.openid.net/pape/policies/2007/06/multi-factor) and both policies MAY BE specified in conjunction without conflict. An example would be authentication using a password and a hardware token.
+
+
+
+
+ Indicates that the Provider MUST use a pair-wise pseudonym for the user that is persistent
+ and unique across the requesting realm as the openid.claimed_id and openid.identity (see Section 4.2).
+
+
+
+
+ Indicates that the OP MUST only respond with a positive assertion if the requirements demonstrated
+ by the OP to obtain certification by a Federally adopted Trust Framework Provider have been met.
+
+
+ Notwithstanding the RP may request this authentication policy, the RP MUST still
+ verify that this policy appears in the positive assertion response rather than assume the OP
+ recognized and complied with the request.
+
+
+
+
+ Indicates that the OP MUST not include any OpenID Attribute Exchange or Simple Registration
+ information regarding the user in the assertion.
+
+
+
+
+ Used in a PAPE response to indicate that no PAPE authentication policies could be satisfied.
+
+
+ Used internally by the PAPE extension, so that users don't have to know about it.
+
+
+
+
+ OpenID Provider Authentication Policy extension constants.
+
+
+
+
+ The namespace used by this extension in messages.
+
+
+
+
+ The namespace alias to use for OpenID 1.x interop, where aliases are not defined in the message.
+
+
+
+
+ The string to prepend on an Auth Level Type alias definition.
+
+
+
+
+ Well-known assurance level Type URIs.
+
+
+
+
+ The Type URI of the NIST assurance level.
+
+
+
+
+ A mapping between the PAPE TypeURI and the alias to use if
+ possible for backward compatibility reasons.
+
+
+
+
+ Parameters to be included with PAPE requests.
+
+
+
+
+ Optional. If the End User has not actively authenticated to the OP within the number of seconds specified in a manner fitting the requested policies, the OP SHOULD authenticate the End User for this request.
+
+ Integer value greater than or equal to zero in seconds.
+
+ The OP should realize that not adhering to the request for re-authentication most likely means that the End User will not be allowed access to the services provided by the RP. If this parameter is absent in the request, the OP should authenticate the user at its own discretion.
+
+
+
+
+ Zero or more authentication policy URIs that the OP SHOULD conform to when authenticating the user. If multiple policies are requested, the OP SHOULD satisfy as many as it can.
+
+ Space separated list of authentication policy URIs.
+
+ If no policies are requested, the RP may be interested in other information such as the authentication age.
+
+
+
+
+ The space separated list of the name spaces of the custom Assurance Level that RP requests, in the order of its preference.
+
+
+
+
+ An encoder/decoder design for DateTimes that must conform to the PAPE spec.
+
+
+ The timestamp MUST be formatted as specified in section 5.6 of [RFC3339] (Klyne, G. and C. Newman, “Date and Time on the Internet: Timestamps,” .), with the following restrictions:
+ * All times must be in the UTC timezone, indicated with a "Z".
+ * No fractional seconds are allowed
+ For example: 2005-05-15T17:11:51Z
+
+
+
+
+ An array of the date/time formats allowed by the PAPE extension.
+
+
+ TODO: This array of formats is not yet a complete list.
+
+
+
+
+ Encodes the specified value.
+
+ The value. Guaranteed to never be null.
+
+ The in string form, ready for message transport.
+
+
+
+
+ Decodes the specified value.
+
+ The string value carried by the transport. Guaranteed to never be null, although it may be empty.
+
+ The deserialized form of the given string.
+
+ Thrown when the string value given cannot be decoded into the required object type.
+
+
+
+ Descriptions for NIST-defined levels of assurance that a credential
+ has not been compromised and therefore the extent to which an
+ authentication assertion can be trusted.
+
+
+ One using this enum should review the following publication for details
+ before asserting or interpreting what these levels signify, notwithstanding
+ the brief summaries attached to each level in DotNetOpenAuth documentation.
+ http://csrc.nist.gov/publications/nistpubs/800-63/SP800-63V1_0_2.pdf
+
+ See PAPE spec Appendix A.1.2 (NIST Assurance Levels) for high-level example classifications of authentication methods within the defined levels.
+
+
+
+
+
+ Not an assurance level defined by NIST, but rather SHOULD be used to
+ signify that the OP recognizes the parameter and the End User
+ authentication did not meet the requirements of Level 1.
+
+
+
+
+ See this document for a thorough description:
+ http://csrc.nist.gov/publications/nistpubs/800-63/SP800-63V1_0_2.pdf
+
+
+
+
+ See this document for a thorough description:
+ http://csrc.nist.gov/publications/nistpubs/800-63/SP800-63V1_0_2.pdf
+
+
+
+
+ See this document for a thorough description:
+ http://csrc.nist.gov/publications/nistpubs/800-63/SP800-63V1_0_2.pdf
+
+
+
+
+ See this document for a thorough description:
+ http://csrc.nist.gov/publications/nistpubs/800-63/SP800-63V1_0_2.pdf
+
+
+
+
+ Utility methods for use by the PAPE extension.
+
+
+
+
+ Looks at the incoming fields and figures out what the aliases and name spaces for auth level types are.
+
+ The incoming message data in which to discover TypeURIs and aliases.
+ The initialized with the given data.
+
+
+
+ Concatenates a sequence of strings using a space as a separator.
+
+ The elements to concatenate together..
+ The concatenated string of elements.
+ Thrown if any element in the sequence includes a space.
+
+
+
+ The PAPE request part of an OpenID Authentication request message.
+
+
+
+
+ The factory method that may be used in deserialization of this message.
+
+
+
+
+ The transport field for the RP's preferred authentication policies.
+
+
+ This field is written to/read from during custom serialization.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Called when the message is about to be transmitted,
+ before it passes through the channel binding elements.
+
+
+
+
+ Called when the message has been received,
+ after it passes through the channel binding elements.
+
+
+
+
+ Determines whether the specified is equal to the current .
+
+ The to compare with the current .
+
+ true if the specified is equal to the current ; otherwise, false.
+
+
+ The parameter is null.
+
+
+
+
+ Serves as a hash function for a particular type.
+
+
+ A hash code for the current .
+
+
+
+
+ Serializes the policies as a single string per the PAPE spec..
+
+ The policies to include in the list.
+ The concatenated string of the given policies.
+
+
+
+ Serializes the auth levels to a list of aliases.
+
+ The preferred auth level types.
+ The alias manager.
+ A space-delimited list of aliases.
+
+
+
+ Gets or sets the maximum acceptable time since the End User has
+ actively authenticated to the OP in a manner fitting the requested
+ policies, beyond which the Provider SHOULD authenticate the
+ End User for this request.
+
+
+ The OP should realize that not adhering to the request for re-authentication
+ most likely means that the End User will not be allowed access to the
+ services provided by the RP. If this parameter is absent in the request,
+ the OP should authenticate the user at its own discretion.
+
+
+
+
+ Gets the list of authentication policy URIs that the OP SHOULD
+ conform to when authenticating the user. If multiple policies are
+ requested, the OP SHOULD satisfy as many as it can.
+
+ List of authentication policy URIs obtainable from
+ the class or from a custom
+ list.
+
+ If no policies are requested, the RP may be interested in other
+ information such as the authentication age.
+
+
+
+
+ Gets the namespaces of the custom Assurance Level the
+ Relying Party requests, in the order of its preference.
+
+
+
+
+ The PAPE response part of an OpenID Authentication response message.
+
+
+
+
+ The first part of a parameter name that gives the custom string value for
+ the assurance level. The second part of the parameter name is the alias for
+ that assurance level.
+
+
+
+
+ The factory method that may be used in deserialization of this message.
+
+
+
+
+ One or more authentication policy URIs that the OP conformed to when authenticating the End User.
+
+ Space separated list of authentication policy URIs.
+
+ If no policies were met though the OP wishes to convey other information in the response, this parameter MUST be included with the value of "none".
+
+
+
+
+ Backing field for the property.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Called when the message is about to be transmitted,
+ before it passes through the channel binding elements.
+
+
+
+
+ Called when the message has been received,
+ after it passes through the channel binding elements.
+
+
+
+
+ Determines whether the specified is equal to the current .
+
+ The to compare with the current .
+
+ true if the specified is equal to the current ; otherwise, false.
+
+
+ The parameter is null.
+
+
+
+
+ Serves as a hash function for a particular type.
+
+
+ A hash code for the current .
+
+
+
+
+ Serializes the applied policies for transmission from the Provider
+ to the Relying Party.
+
+ The applied policies.
+ A space-delimited list of applied policies.
+
+
+
+ Gets a list of authentication policy URIs that the
+ OP conformed to when authenticating the End User.
+
+
+
+
+ Gets or sets the most recent timestamp when the End User has
+ actively authenticated to the OP in a manner fitting the asserted policies.
+
+
+ If the RP's request included the "openid.pape.max_auth_age" parameter
+ then the OP MUST include "openid.pape.auth_time" in its response.
+ If "openid.pape.max_auth_age" was not requested, the OP MAY choose to include
+ "openid.pape.auth_time" in its response.
+
+
+
+
+ Gets or sets the Assurance Level as defined by the National
+ Institute of Standards and Technology (NIST) in Special Publication
+ 800-63 (Burr, W., Dodson, D., and W. Polk, Ed., “Electronic
+ Authentication Guideline,” April 2006.) [NIST_SP800‑63] corresponding
+ to the authentication method and policies employed by the OP when
+ authenticating the End User.
+
+
+ See PAPE spec Appendix A.1.2 (NIST Assurance Levels) for high-level
+ example classifications of authentication methods within the defined
+ levels.
+
+
+
+
+ Gets a dictionary where keys are the authentication level type URIs and
+ the values are the per authentication level defined custom value.
+
+
+ A very common key is
+ and values for this key are available in .
+
+
+
+
+ Gets a value indicating whether this extension is signed by the Provider.
+
+
+ true if this instance is signed by the Provider; otherwise, false.
+
+
+
+
+ Carries the request/require/none demand state of the simple registration fields.
+
+
+
+
+ The factory method that may be used in deserialization of this message.
+
+
+
+
+ The type URI that this particular (deserialized) extension was read in using,
+ allowing a response to alter be crafted using the same type URI.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Initializes a new instance of the class
+ by deserializing from a message.
+
+ The type URI this extension was recognized by in the OpenID message.
+
+
+
+ Tests equality between two structs.
+
+ One instance to compare.
+ Another instance to compare.
+ The result of the operator.
+
+
+
+ Tests inequality between two structs.
+
+ One instance to compare.
+ Another instance to compare.
+ The result of the operator.
+
+
+
+ Tests equality between two structs.
+
+ The to compare with the current .
+
+ true if the specified is equal to the current ; otherwise, false.
+
+
+ The parameter is null.
+
+
+
+
+ Serves as a hash function for a particular type.
+
+
+ A hash code for the current .
+
+
+
+
+ Renders the requested information as a string.
+
+
+ A that represents the current .
+
+
+
+
+ Prepares a Simple Registration response extension that is compatible with the
+ version of Simple Registration used in the request message.
+
+ The newly created instance.
+
+
+
+ Sets the profile request properties according to a list of
+ field names that might have been passed in the OpenId query dictionary.
+
+
+ The list of field names that should receive a given
+ . These field names should match
+ the OpenId specification for field names, omitting the 'openid.sreg' prefix.
+
+ The none/request/require state of the listed fields.
+
+
+
+ Assembles the profile parameter names that have a given .
+
+ The demand level (request, require, none).
+ An array of the profile parameter names that meet the criteria.
+
+
+
+ Gets or sets the URL the consumer site provides for the authenticating user to review
+ for how his claims will be used by the consumer web site.
+
+
+
+
+ Gets or sets the level of interest a relying party has in the nickname of the user.
+
+
+
+
+ Gets or sets the level of interest a relying party has in the email of the user.
+
+
+
+
+ Gets or sets the level of interest a relying party has in the full name of the user.
+
+
+
+
+ Gets or sets the level of interest a relying party has in the birthdate of the user.
+
+
+
+
+ Gets or sets the level of interest a relying party has in the gender of the user.
+
+
+
+
+ Gets or sets the level of interest a relying party has in the postal code of the user.
+
+
+
+
+ Gets or sets the level of interest a relying party has in the Country of the user.
+
+
+
+
+ Gets or sets the level of interest a relying party has in the language of the user.
+
+
+
+
+ Gets or sets the level of interest a relying party has in the time zone of the user.
+
+
+
+
+ Gets or sets a value indicating whether this instance
+ is synthesized from an AX request at the Provider.
+
+
+
+
+ Gets or sets the value of the sreg.required parameter.
+
+ A comma-delimited list of sreg fields.
+
+
+
+ Gets or sets the value of the sreg.optional parameter.
+
+ A comma-delimited list of sreg fields.
+
+
+
+ A struct storing Simple Registration field values describing an
+ authenticating user.
+
+
+
+
+ The factory method that may be used in deserialization of this message.
+
+
+
+
+ The allowed format for birthdates.
+
+
+
+
+ Storage for the raw string birthdate value.
+
+
+
+
+ Backing field for the property.
+
+
+
+
+ Backing field for the property.
+
+
+
+
+ Initializes a new instance of the class
+ using the most common, and spec prescribed type URI.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+ The type URI that must be used to identify this extension in the response message.
+ This value should be the same one the relying party used to send the extension request.
+ Commonly used type URIs supported by relying parties are defined in the
+ class.
+
+
+
+
+ Tests equality of two objects.
+
+ One instance to compare.
+ Another instance to compare.
+ The result of the operator.
+
+
+
+ Tests inequality of two objects.
+
+ One instance to compare.
+ Another instance to compare.
+ The result of the operator.
+
+
+
+ Tests equality of two objects.
+
+ The to compare with the current .
+
+ true if the specified is equal to the current ; otherwise, false.
+
+
+ The parameter is null.
+
+
+
+
+ Serves as a hash function for a particular type.
+
+
+ A hash code for the current .
+
+
+
+
+ Reads the extension information on an authentication response from the provider.
+
+ The incoming OpenID response carrying the extension.
+
+ A Javascript snippet that when executed on the user agent returns an object with
+ the information deserialized from the extension response.
+
+
+ This method is called before the signature on the assertion response has been
+ verified. Therefore all information in these fields should be assumed unreliable
+ and potentially falsified.
+
+
+
+
+ Called when the message is about to be transmitted,
+ before it passes through the channel binding elements.
+
+
+
+
+ Called when the message has been received,
+ after it passes through the channel binding elements.
+
+
+
+
+ Translates an empty string value to null, or passes through non-empty values.
+
+ The value to consider changing to null.
+ Either null or a non-empty string.
+
+
+
+ Gets or sets the nickname the user goes by.
+
+
+
+
+ Gets or sets the user's email address.
+
+
+
+
+ Gets or sets the full name of a user as a single string.
+
+
+
+
+ Gets or sets the user's birthdate.
+
+
+
+
+ Gets or sets the raw birth date string given by the extension.
+
+ A string in the format yyyy-MM-dd.
+
+
+
+ Gets or sets the gender of the user.
+
+
+
+
+ Gets or sets the zip code / postal code of the user.
+
+
+
+
+ Gets or sets the country of the user.
+
+
+
+
+ Gets or sets the primary/preferred language of the user.
+
+
+
+
+ Gets or sets the user's timezone.
+
+
+
+
+ Gets a combination of the user's full name and email address.
+
+
+
+
+ Gets or sets a combination of the language and country of the user.
+
+
+
+
+ Gets a value indicating whether this extension is signed by the Provider.
+
+
+ true if this instance is signed by the Provider; otherwise, false.
+
+
+
+
+ Simple Registration constants
+
+
+
+
+ Additional type URIs that this extension is sometimes known by remote parties.
+
+
+
+
+ Commonly used type URIs to represent the Simple Registration extension.
+
+
+
+
+ The URI "http://openid.net/extensions/sreg/1.1".
+
+
+ This is the type URI prescribed by the Simple Registration 1.1 spec.
+ http://openid.net/specs/openid-simple-registration-extension-1_1-01.html#anchor3
+
+
+
+
+ The URI "http://openid.net/sreg/1.0"
+
+
+
+
+ The URI "http://openid.net/sreg/1.1"
+
+
+
+
+ Specifies what level of interest a relying party has in obtaining the value
+ of a given field offered by the Simple Registration extension.
+
+
+
+
+ The relying party has no interest in obtaining this field.
+
+
+
+
+ The relying party would like the value of this field, but wants
+ the Provider to display the field to the user as optionally provided.
+
+
+
+
+ The relying party considers this a required field as part of
+ authentication. The Provider and/or user agent MAY still choose to
+ not provide the value of the field however, according to the
+ Simple Registration extension specification.
+
+
+
+
+ Indicates the gender of a user.
+
+
+
+
+ The user is male.
+
+
+
+
+ The user is female.
+
+
+
+
+ Constants used to support the UI extension.
+
+
+
+
+ The type URI associated with this extension.
+
+
+
+
+ The Type URI that appears in an XRDS document when the OP supports popups through the UI extension.
+
+
+
+
+ The Type URI that appears in an XRDS document when the OP supports the RP
+ specifying the user's preferred language through the UI extension.
+
+
+
+
+ The Type URI that appears in the XRDS document when the OP supports the RP
+ specifying the icon for the OP to display during authentication through the UI extension.
+
+
+
+
+ Valid values for the mode parameter of the OpenID User Interface extension.
+
+
+
+
+ Indicates that the Provider's authentication page appears in a popup window.
+
+ The constant "popup".
+
+ The RP SHOULD create the popup to be 450 pixels wide and 500 pixels tall. The popup MUST have the address bar displayed, and MUST be in a standalone browser window. The contents of the popup MUST NOT be framed by the RP.
+ The RP SHOULD open the popup centered above the main browser window, and SHOULD dim the contents of the parent window while the popup is active. The RP SHOULD ensure that the user is not surprised by the appearance of the popup, and understands how to interact with it.
+ To keep the user popup user experience consistent, it is RECOMMENDED that the OP does not resize the popup window unless the OP requires additional space to show special features that are not usually displayed as part of the default popup user experience.
+ The OP MAY close the popup without returning a response to the RP. Closing the popup without sending a response should be interpreted as a negative assertion.
+ The response to an authentication request in a popup is unchanged from [OpenID 2.0] (OpenID 2.0 Workgroup, “OpenID 2.0,” .). Relying Parties detecting that the popup was closed without receiving an authentication response SHOULD interpret the close event to be a negative assertion.
+
+
+
+
+ OpenID User Interface extension 1.0 request message.
+
+
+ Implements the extension described by: http://wiki.openid.net/f/openid_ui_extension_draft01.html
+ This extension only applies to checkid_setup requests, since checkid_immediate requests display
+ no UI to the user.
+ For rules about how the popup window should be displayed, please see the documentation of
+ .
+ An RP may determine whether an arbitrary OP supports this extension (and thereby determine
+ whether to use a standard full window redirect or a popup) via the
+ method.
+
+
+
+
+ The factory method that may be used in deserialization of this message.
+
+
+
+
+ Additional type URIs that this extension is sometimes known by remote parties.
+
+
+
+
+ Backing store for .
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Checks the message state for conformity to the protocol specification
+ and throws an exception if the message is invalid.
+
+
+ Some messages have required fields, or combinations of fields that must relate to each other
+ in specialized ways. After deserializing a message, this method checks the state of the
+ message to see if it conforms to the protocol.
+ Note that this property should not check signatures or perform any state checks
+ outside this scope of this particular message.
+
+ Thrown if the message is invalid.
+
+
+
+ Called when the message is about to be transmitted,
+ before it passes through the channel binding elements.
+
+
+
+
+ Called when the message has been received,
+ after it passes through the channel binding elements.
+
+
+
+
+ Gets or sets the list of user's preferred languages, sorted in decreasing preferred order.
+
+ The default is the of the thread that created this instance.
+
+ The user's preferred languages as a [BCP 47] language priority list, represented as a comma-separated list of BCP 47 basic language ranges in descending priority order. For instance, the value "fr-CA,fr-FR,en-CA" represents the preference for French spoken in Canada, French spoken in France, followed by English spoken in Canada.
+
+
+
+
+ Gets or sets the style of UI that the RP is hosting the OP's authentication page in.
+
+ Some value from the class. Defaults to .
+
+
+
+ Gets or sets a value indicating whether the Relying Party has an icon
+ it would like the Provider to display to the user while asking them
+ whether they would like to log in.
+
+ true if the Provider should display an icon; otherwise, false.
+
+ By default, the Provider displays the relying party's favicon.ico.
+
+
+
+
+ Gets the TypeURI the extension uses in the OpenID protocol and in XRDS advertisements.
+
+
+
+
+
+ Gets the additional TypeURIs that are supported by this extension, in preferred order.
+ May be empty if none other than is supported, but
+ should not be null.
+
+
+ Useful for reading in messages with an older version of an extension.
+ The value in the property is always checked before
+ trying this list.
+ If you do support multiple versions of an extension using this method,
+ consider adding a CreateResponse method to your request extension class
+ so that the response can have the context it needs to remain compatible
+ given the version of the extension in the request message.
+ The for an example.
+
+
+
+
+ Gets or sets a value indicating whether this extension was
+ signed by the sender.
+
+
+ true if this instance is signed by the sender; otherwise, false.
+
+
+
+
+ Gets the version of the protocol or extension this message is prepared to implement.
+
+ The value 1.0.
+
+ Implementations of this interface should ensure that this property never returns null.
+
+
+
+
+ Gets the extra, non-standard Protocol parameters included in the message.
+
+
+ Implementations of this interface should ensure that this property never returns null.
+
+
+
+
+ Constants used in implementing support for the UI extension.
+
+
+
+
+ The required width of the popup window the relying party creates for the provider.
+
+
+
+
+ The required height of the popup window the relying party creates for the provider.
+
+
+
+
+ An Identifier is either a "http" or "https" URI, or an XRI.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The original string before any normalization.
+ Whether the derived class is prepared to guarantee end-to-end discovery
+ and initial redirect for authentication is performed using SSL.
+
+
+
+ Converts the string representation of an Identifier to its strong type.
+
+ The identifier.
+ The particular Identifier instance to represent the value given.
+
+
+
+ Converts a given Uri to a strongly-typed Identifier.
+
+ The identifier to convert.
+ The result of the conversion.
+
+
+
+ Converts an Identifier to its string representation.
+
+ The identifier to convert to a string.
+ The result of the conversion.
+
+
+
+ Parses an identifier string and automatically determines
+ whether it is an XRI or URI.
+
+ Either a URI or XRI identifier.
+ An instance for the given value.
+
+
+
+ Parses an identifier string and automatically determines
+ whether it is an XRI or URI.
+
+ Either a URI or XRI identifier.
+ if set to true this Identifier will serialize exactly as given rather than in its normalized form.
+
+ An instance for the given value.
+
+
+
+
+ Attempts to parse a string for an OpenId Identifier.
+
+ The string to be parsed.
+ The parsed Identifier form.
+
+ True if the operation was successful. False if the string was not a valid OpenId Identifier.
+
+
+
+
+ Checks the validity of a given string representation of some Identifier.
+
+ The identifier.
+
+ true if the specified identifier is valid; otherwise, false.
+
+
+
+
+ Tests equality between two s.
+
+ The first Identifier.
+ The second Identifier.
+
+ true if the two instances should be considered equal; false otherwise.
+
+
+
+
+ Tests inequality between two s.
+
+ The first Identifier.
+ The second Identifier.
+
+ true if the two instances should be considered unequal; false if they are equal.
+
+
+
+
+ Tests equality between two s.
+
+ The to compare with the current .
+
+ true if the specified is equal to the current ; otherwise, false.
+
+
+ The parameter is null.
+
+
+
+
+ Gets the hash code for an for storage in a hashtable.
+
+
+ A hash code for the current .
+
+
+
+
+ Reparses the specified identifier in order to be assured that the concrete type that
+ implements the identifier is one of the well-known ones.
+
+ The identifier.
+ Either or .
+
+
+
+ Returns an that has no URI fragment.
+ Quietly returns the original if it is not
+ a or no fragment exists.
+
+ A new instance if there was a
+ fragment to remove, otherwise this same instance..
+
+
+
+ Converts a given identifier to its secure equivalent.
+ UriIdentifiers originally created with an implied HTTP scheme change to HTTPS.
+ Discovery is made to require SSL for the entire resolution process.
+
+
+ The newly created secure identifier.
+ If the conversion fails, retains
+ this identifiers identity, but will never discover any endpoints.
+
+
+ True if the secure conversion was successful.
+ False if the Identifier was originally created with an explicit HTTP scheme.
+
+
+
+
+ Gets the original string that was normalized to create this Identifier.
+
+
+
+
+ Gets the Identifier in the form in which it should be serialized.
+
+
+ For Identifiers that were originally deserialized, this is the exact same
+ string that was deserialized. For Identifiers instantiated in some other way, this is
+ the normalized form of the string used to instantiate the identifier.
+
+
+
+
+ Gets or sets a value indicating whether instances are considered equal
+ based solely on their string reprsentations.
+
+
+ This property serves as a test hook, so that MockIdentifier instances can be considered "equal"
+ to UriIdentifier instances.
+
+
+
+
+ Gets a value indicating whether this Identifier will ensure SSL is
+ used throughout the discovery phase and initial redirect of authentication.
+
+
+ If this is false, a value of true may be obtained by calling
+ .
+
+
+
+
+ Gets a value indicating whether this instance was initialized from
+ deserializing a message.
+
+
+ This is interesting because when an Identifier comes from the network,
+ we can't normalize it and then expect signatures to still verify.
+ But if the Identifier is initialized locally, we can and should normalize it
+ before serializing it.
+
+
+
+
+ Provides conversions to and from strings for messages that include members of this type.
+
+
+
+
+ Encodes the specified value as the original value that was formerly decoded.
+
+ The value. Guaranteed to never be null.
+ The in string form, ready for message transport.
+
+
+
+ Encodes the specified value.
+
+ The value. Guaranteed to never be null.
+ The in string form, ready for message transport.
+
+
+
+ Decodes the specified value.
+
+ The string value carried by the transport. Guaranteed to never be null, although it may be empty.
+ The deserialized form of the given string.
+ Thrown when the string value given cannot be decoded into the required object type.
+
+
+
+ Code Contract for the class.
+
+
+
+
+ Prevents a default instance of the IdentifierContract class from being created.
+
+
+
+
+ Returns an that has no URI fragment.
+ Quietly returns the original if it is not
+ a or no fragment exists.
+
+
+ A new instance if there was a
+ fragment to remove, otherwise this same instance..
+
+
+
+
+ Converts a given identifier to its secure equivalent.
+ UriIdentifiers originally created with an implied HTTP scheme change to HTTPS.
+ Discovery is made to require SSL for the entire resolution process.
+
+ The newly created secure identifier.
+ If the conversion fails, retains
+ this identifiers identity, but will never discover any endpoints.
+
+ True if the secure conversion was successful.
+ False if the Identifier was originally created with an explicit HTTP scheme.
+
+
+
+
+ A set of methods designed to assist in improving interop across different
+ OpenID implementations and their extensions.
+
+
+
+
+ The gender decoder to translate AX genders to Sreg.
+
+
+
+
+ Splits the AX attribute format flags into individual values for processing.
+
+ The formats to split up into individual flags.
+ A sequence of individual flags.
+
+
+
+ Transforms an AX attribute type URI from the axschema.org format into a given format.
+
+ The ax schema org format type URI.
+ The target format. Only one flag should be set.
+ The AX attribute type URI in the target format.
+
+
+
+ Detects the AX attribute type URI format from a given sample.
+
+ The type URIs to scan for recognized formats.
+ The first AX type URI format recognized in the list.
+
+
+
+ Adds an attribute fetch request if it is not already present in the AX request.
+
+ The AX request to add the attribute request to.
+ The format of the attribute's Type URI to use.
+ The attribute in axschema.org format.
+ The demand level.
+
+
+
+ Gets the gender decoder to translate AX genders to Sreg.
+
+
+
+
+ Represents a single OP endpoint from discovery on some OpenID Identifier.
+
+
+
+
+ Information published about an OpenId Provider by the
+ OpenId discovery documents found at a user's Claimed Identifier.
+
+
+ Because information provided by this interface is suppplied by a
+ user's individually published documents, it may be incomplete or inaccurate.
+
+
+
+
+ Checks whether the OpenId Identifier claims support for a given extension.
+
+ The extension whose support is being queried.
+ True if support for the extension is advertised. False otherwise.
+
+ Note that a true or false return value is no guarantee of a Provider's
+ support for or lack of support for an extension. The return value is
+ determined by how the authenticating user filled out his/her XRDS document only.
+ The only way to be sure of support for a given extension is to include
+ the extension in the request and see if a response comes back for that extension.
+
+
+
+
+ Checks whether the OpenId Identifier claims support for a given extension.
+
+ The extension whose support is being queried.
+ True if support for the extension is advertised. False otherwise.
+
+ Note that a true or false return value is no guarantee of a Provider's
+ support for or lack of support for an extension. The return value is
+ determined by how the authenticating user filled out his/her XRDS document only.
+ The only way to be sure of support for a given extension is to include
+ the extension in the request and see if a response comes back for that extension.
+
+
+
+
+ Gets the detected version of OpenID implemented by the Provider.
+
+
+
+
+ Gets the URL that the OpenID Provider receives authentication requests at.
+
+
+ This value MUST be an absolute HTTP or HTTPS URL.
+
+
+
+
+ Backing field for the property.
+
+
+
+
+ Backing field for the property.
+
+
+
+
+ Backing field for the property.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The provider endpoint.
+ The Claimed Identifier.
+ The User-supplied Identifier.
+ The Provider Local Identifier.
+ The service priority.
+ The URI priority.
+
+
+
+ Implements the operator ==.
+
+ The first service endpoint.
+ The second service endpoint.
+ The result of the operator.
+
+
+
+ Implements the operator !=.
+
+ The first service endpoint.
+ The second service endpoint.
+ The result of the operator.
+
+
+
+ Determines whether the specified is equal to the current .
+
+ The to compare with the current .
+
+ true if the specified is equal to the current ; otherwise, false.
+
+
+ The parameter is null.
+
+
+
+
+ Serves as a hash function for a particular type.
+
+
+ A hash code for the current .
+
+
+
+
+ Returns a that represents the current .
+
+
+ A that represents the current .
+
+
+
+
+ Checks whether the OpenId Identifier claims support for a given extension.
+
+ The extension whose support is being queried.
+
+ True if support for the extension is advertised. False otherwise.
+
+
+ Note that a true or false return value is no guarantee of a Provider's
+ support for or lack of support for an extension. The return value is
+ determined by how the authenticating user filled out his/her XRDS document only.
+ The only way to be sure of support for a given extension is to include
+ the extension in the request and see if a response comes back for that extension.
+
+
+
+
+ Checks whether the OpenId Identifier claims support for a given extension.
+
+ The extension whose support is being queried.
+
+ True if support for the extension is advertised. False otherwise.
+
+
+ Note that a true or false return value is no guarantee of a Provider's
+ support for or lack of support for an extension. The return value is
+ determined by how the authenticating user filled out his/her XRDS document only.
+ The only way to be sure of support for a given extension is to include
+ the extension in the request and see if a response comes back for that extension.
+
+
+
+
+ Determines whether a given extension is supported by this endpoint.
+
+ An instance of the extension to check support for.
+
+ true if the extension is supported by this endpoint; otherwise, false.
+
+
+
+
+ Creates a instance to represent some OP Identifier.
+
+ The provider identifier (actually the user-supplied identifier).
+ The provider endpoint.
+ The service priority.
+ The URI priority.
+ The created instance
+
+
+
+ Creates a instance to represent some Claimed Identifier.
+
+ The claimed identifier.
+ The provider local identifier.
+ The provider endpoint.
+ The service priority.
+ The URI priority.
+ The created instance
+
+
+
+ Creates a instance to represent some Claimed Identifier.
+
+ The claimed identifier.
+ The user supplied identifier.
+ The provider local identifier.
+ The provider endpoint.
+ The service priority.
+ The URI priority.
+ The created instance
+
+
+
+ Determines whether a given type URI is present on the specified provider endpoint.
+
+ The type URI.
+
+ true if the type URI is present on the specified provider endpoint; otherwise, false.
+
+
+
+
+ Sets the Capabilities property (this method is a test hook.)
+
+ The value.
+ The publicize.exe tool should work for the unit tests, but for some reason it fails on the build server.
+
+
+
+ Gets the priority rating for a given type of endpoint, allowing a
+ priority sorting of endpoints.
+
+ The endpoint to prioritize.
+ An arbitary integer, which may be used for sorting against other returned values from this method.
+
+
+
+ Gets the detected version of OpenID implemented by the Provider.
+
+
+
+
+ Gets the Identifier that was presented by the end user to the Relying Party,
+ or selected by the user at the OpenID Provider.
+ During the initiation phase of the protocol, an end user may enter
+ either their own Identifier or an OP Identifier. If an OP Identifier
+ is used, the OP may then assist the end user in selecting an Identifier
+ to share with the Relying Party.
+
+
+
+
+ Gets the Identifier that the end user claims to control.
+
+
+
+
+ Gets an alternate Identifier for an end user that is local to a
+ particular OP and thus not necessarily under the end user's
+ control.
+
+
+
+
+ Gets a more user-friendly (but NON-secure!) string to display to the user as his identifier.
+
+ A human-readable, abbreviated (but not secure) identifier the user MAY recognize as his own.
+
+
+
+ Gets the provider endpoint.
+
+
+
+
+ Gets the @priority given in the XRDS document for this specific OP endpoint.
+
+
+
+
+ Gets the @priority given in the XRDS document for this service
+ (which may consist of several endpoints).
+
+
+
+
+ Gets the collection of service type URIs found in the XRDS document describing this Provider.
+
+ Should never be null, but may be empty.
+
+
+
+ Gets the URL that the OpenID Provider receives authentication requests at.
+
+ This value MUST be an absolute HTTP or HTTPS URL.
+
+
+
+ Gets an XRDS sorting routine that uses the XRDS Service/@Priority
+ attribute to determine order.
+
+
+ Endpoints lacking any priority value are sorted to the end of the list.
+
+
+
+
+ Gets the protocol used by the OpenID Provider.
+
+
+
+
+ A module that provides discovery services for OpenID identifiers.
+
+
+
+
+ Performs discovery on the specified identifier.
+
+ The identifier to perform discovery on.
+ The means to place outgoing HTTP requests.
+ if set to true, no further discovery services will be called for this identifier.
+
+ A sequence of service endpoints yielded by discovery. Must not be null, but may be empty.
+
+
+
+
+ Code contract for the interface.
+
+
+
+
+ Prevents a default instance of the class from being created.
+
+
+
+
+ Performs discovery on the specified identifier.
+
+ The identifier to perform discovery on.
+ The means to place outgoing HTTP requests.
+ if set to true, no further discovery services will be called for this identifier.
+
+ A sequence of service endpoints yielded by discovery. Must not be null, but may be empty.
+
+
+
+
+ A service that can perform discovery on OpenID identifiers.
+
+
+
+
+ The RP or OP that is hosting these services.
+
+
+
+
+ Backing field for the property.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The RP or OP that creates this instance.
+
+
+
+ Performs discovery on the specified identifier.
+
+ The identifier to discover services for.
+ A non-null sequence of services discovered for the identifier.
+
+
+
+ Gets the list of services that can perform discovery on identifiers given.
+
+
+
+
+ An interface implemented by both providers and relying parties.
+
+
+
+
+ Gets the security settings.
+
+
+
+
+ Gets the web request handler.
+
+
+
+
+ Code contract for the type.
+
+
+
+
+ Prevents a default instance of the class from being created.
+
+
+
+
+ Checks whether the OpenId Identifier claims support for a given extension.
+
+ The extension whose support is being queried.
+
+ True if support for the extension is advertised. False otherwise.
+
+
+ Note that a true or false return value is no guarantee of a Provider's
+ support for or lack of support for an extension. The return value is
+ determined by how the authenticating user filled out his/her XRDS document only.
+ The only way to be sure of support for a given extension is to include
+ the extension in the request and see if a response comes back for that extension.
+
+
+
+
+ Checks whether the OpenId Identifier claims support for a given extension.
+
+ The extension whose support is being queried.
+
+ True if support for the extension is advertised. False otherwise.
+
+
+ Note that a true or false return value is no guarantee of a Provider's
+ support for or lack of support for an extension. The return value is
+ determined by how the authenticating user filled out his/her XRDS document only.
+ The only way to be sure of support for a given extension is to include
+ the extension in the request and see if a response comes back for that extension.
+
+
+
+
+ Gets the detected version of OpenID implemented by the Provider.
+
+
+
+
+ Gets the URL that the OpenID Provider receives authentication requests at.
+
+
+
+
+ Instances of this interface represent incoming authentication requests.
+ This interface provides the details of the request and allows setting
+ the response.
+
+
+
+
+ Interface exposing incoming messages to the OpenID Provider that
+ require interaction with the host site.
+
+
+
+
+ Represents an incoming OpenId authentication request.
+
+
+ Requests may be infrastructural to OpenID and allow auto-responses, or they may
+ be authentication requests where the Provider site has to make decisions based
+ on its own user database and policies.
+
+
+
+
+ Adds an extension to the response to send to the relying party.
+
+ The extension to add to the response message.
+
+
+
+ Removes any response extensions previously added using .
+
+
+ This should be called before sending a negative response back to the relying party
+ if extensions were already added, since negative responses cannot carry extensions.
+
+
+
+
+ Gets an extension sent from the relying party.
+
+ The type of the extension.
+ An instance of the extension initialized with values passed in with the request.
+
+
+
+ Gets an extension sent from the relying party.
+
+ The type of the extension.
+ An instance of the extension initialized with values passed in with the request.
+
+
+
+ Gets a value indicating whether the response is ready to be sent to the user agent.
+
+
+ This property returns false if there are properties that must be set on this
+ request instance before the response can be sent.
+
+
+
+
+ Gets or sets the security settings that apply to this request.
+
+ Defaults to the OpenIdProvider.SecuritySettings on the OpenIdProvider.
+
+
+
+ Attempts to perform relying party discovery of the return URL claimed by the Relying Party.
+
+ The web request handler.
+
+ The details of how successful the relying party discovery was.
+
+
+ Return URL verification is only attempted if this method is called.
+ See OpenID Authentication 2.0 spec section 9.2.1.
+
+
+
+
+ Gets the version of OpenID being used by the relying party that sent the request.
+
+
+
+
+ Gets the URL the consumer site claims to use as its 'base' address.
+
+
+
+
+ Gets a value indicating whether the consumer demands an immediate response.
+ If false, the consumer is willing to wait for the identity provider
+ to authenticate the user.
+
+
+
+
+ Gets or sets the provider endpoint claimed in the positive assertion.
+
+
+ The default value is the URL that the request came in on from the relying party.
+ This value MUST match the value for the OP Endpoint in the discovery results for the
+ claimed identifier being asserted in a positive response.
+
+
+
+
+ Adds an optional fragment (#fragment) portion to the ClaimedIdentifier.
+ Useful for identifier recycling.
+
+
+ Should not include the # prefix character as that will be added internally.
+ May be null or the empty string to clear a previously set fragment.
+
+
+ Unlike the property, which can only be set if
+ using directed identity, this method can be called on any URI claimed identifier.
+ Because XRI claimed identifiers (the canonical IDs) are never recycled,
+ this method shouldnot be called for XRIs.
+
+
+ Thrown when this method is called on an XRI, or on a directed identity
+ request before the property is set.
+
+
+
+
+ Gets a value indicating whether the Provider should help the user
+ select a Claimed Identifier to send back to the relying party.
+
+
+
+
+ Gets a value indicating whether the requesting Relying Party is using a delegated URL.
+
+
+ When delegated identifiers are used, the should not
+ be changed at the Provider during authentication.
+ Delegation is only detectable on requests originating from OpenID 2.0 relying parties.
+ A relying party implementing only OpenID 1.x may use delegation and this property will
+ return false anyway.
+
+
+
+
+ Gets or sets the Local Identifier to this OpenID Provider of the user attempting
+ to authenticate. Check to see if
+ this value is valid.
+
+
+ This may or may not be the same as the Claimed Identifier that the user agent
+ originally supplied to the relying party. The Claimed Identifier
+ endpoint may be delegating authentication to this provider using
+ this provider's local id, which is what this property contains.
+ Use this identifier when looking up this user in the provider's user account
+ list.
+
+
+
+
+ Gets or sets the identifier that the user agent is claiming at the relying party site.
+ Check to see if this value is valid.
+
+
+ This property can only be set if is
+ false, to prevent breaking URL delegation.
+ This will not be the same as this provider's local identifier for the user
+ if the user has set up his/her own identity page that points to this
+ provider for authentication.
+ The provider may use this identifier for displaying to the user when
+ asking for the user's permission to authenticate to the relying party.
+
+ Thrown from the setter
+ if is true.
+
+
+
+ Gets or sets a value indicating whether the provider has determined that the
+ belongs to the currently logged in user
+ and wishes to share this information with the consumer.
+
+
+
+
+ Code contract class for the type.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Adds an optional fragment (#fragment) portion to the ClaimedIdentifier.
+ Useful for identifier recycling.
+
+ Should not include the # prefix character as that will be added internally.
+ May be null or the empty string to clear a previously set fragment.
+
+ Unlike the property, which can only be set if
+ using directed identity, this method can be called on any URI claimed identifier.
+ Because XRI claimed identifiers (the canonical IDs) are never recycled,
+ this method shouldnot be called for XRIs.
+
+
+ Thrown when this method is called on an XRI, or on a directed identity
+ request before the property is set.
+
+
+
+
+ Attempts to perform relying party discovery of the return URL claimed by the Relying Party.
+
+ The web request handler to use for the RP discovery request.
+
+ The details of how successful the relying party discovery was.
+
+
+ Return URL verification is only attempted if this method is called.
+ See OpenID Authentication 2.0 spec section 9.2.1.
+
+
+
+
+ Adds an extension to the response to send to the relying party.
+
+ The extension to add to the response message.
+
+
+
+ Removes any response extensions previously added using .
+
+
+ This should be called before sending a negative response back to the relying party
+ if extensions were already added, since negative responses cannot carry extensions.
+
+
+
+
+ Gets an extension sent from the relying party.
+
+ The type of the extension.
+
+ An instance of the extension initialized with values passed in with the request.
+
+
+
+
+ Gets an extension sent from the relying party.
+
+ The type of the extension.
+
+ An instance of the extension initialized with values passed in with the request.
+
+
+
+
+ Gets a value indicating whether the Provider should help the user
+ select a Claimed Identifier to send back to the relying party.
+
+
+
+
+ Gets a value indicating whether the requesting Relying Party is using a delegated URL.
+
+
+ When delegated identifiers are used, the should not
+ be changed at the Provider during authentication.
+ Delegation is only detectable on requests originating from OpenID 2.0 relying parties.
+ A relying party implementing only OpenID 1.x may use delegation and this property will
+ return false anyway.
+
+
+
+
+ Gets or sets the Local Identifier to this OpenID Provider of the user attempting
+ to authenticate. Check to see if
+ this value is valid.
+
+
+ This may or may not be the same as the Claimed Identifier that the user agent
+ originally supplied to the relying party. The Claimed Identifier
+ endpoint may be delegating authentication to this provider using
+ this provider's local id, which is what this property contains.
+ Use this identifier when looking up this user in the provider's user account
+ list.
+
+
+
+
+ Gets or sets the identifier that the user agent is claiming at the relying party site.
+ Check to see if this value is valid.
+
+
+ This property can only be set if is
+ false, to prevent breaking URL delegation.
+ This will not be the same as this provider's local identifier for the user
+ if the user has set up his/her own identity page that points to this
+ provider for authentication.
+ The provider may use this identifier for displaying to the user when
+ asking for the user's permission to authenticate to the relying party.
+
+ Thrown from the setter
+ if is true.
+
+
+
+ Gets or sets a value indicating whether the provider has determined that the
+ belongs to the currently logged in user
+ and wishes to share this information with the consumer.
+
+
+
+
+ Gets the version of OpenID being used by the relying party that sent the request.
+
+
+
+
+ Gets the URL the consumer site claims to use as its 'base' address.
+
+
+
+
+ Gets a value indicating whether the consumer demands an immediate response.
+ If false, the consumer is willing to wait for the identity provider
+ to authenticate the user.
+
+
+
+
+ Gets or sets the provider endpoint claimed in the positive assertion.
+
+
+ The default value is the URL that the request came in on from the relying party.
+ This value MUST match the value for the OP Endpoint in the discovery results for the
+ claimed identifier being asserted in a positive response.
+
+
+
+
+ Gets a value indicating whether the response is ready to be sent to the user agent.
+
+
+ This property returns false if there are properties that must be set on this
+ request instance before the response can be sent.
+
+
+
+
+ Gets or sets the security settings that apply to this request.
+
+
+ Defaults to the OpenIdProvider.SecuritySettings on the OpenIdProvider.
+
+
+
+
+ Code contract for the type.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Adds an extension to the response to send to the relying party.
+
+ The extension to add to the response message.
+
+
+
+ Removes any response extensions previously added using .
+
+
+ This should be called before sending a negative response back to the relying party
+ if extensions were already added, since negative responses cannot carry extensions.
+
+
+
+
+ Gets an extension sent from the relying party.
+
+ The type of the extension.
+
+ An instance of the extension initialized with values passed in with the request.
+
+
+
+
+ Gets an extension sent from the relying party.
+
+ The type of the extension.
+
+ An instance of the extension initialized with values passed in with the request.
+
+
+
+
+ Attempts to perform relying party discovery of the return URL claimed by the Relying Party.
+
+ The web request handler.
+
+ The details of how successful the relying party discovery was.
+
+
+ Return URL verification is only attempted if this method is called.
+ See OpenID Authentication 2.0 spec section 9.2.1.
+
+
+
+
+ Gets the version of OpenID being used by the relying party that sent the request.
+
+
+
+
+ Gets the URL the consumer site claims to use as its 'base' address.
+
+
+
+
+ Gets a value indicating whether the consumer demands an immediate response.
+ If false, the consumer is willing to wait for the identity provider
+ to authenticate the user.
+
+
+
+
+ Gets or sets the provider endpoint.
+
+
+ The default value is the URL that the request came in on from the relying party.
+
+
+
+
+ Gets or sets the security settings that apply to this request.
+
+
+ Defaults to the OpenIdProvider.SecuritySettings on the OpenIdProvider.
+
+
+
+
+ Gets a value indicating whether the response is ready to be sent to the user agent.
+
+
+ This property returns false if there are properties that must be set on this
+ request instance before the response can be sent.
+
+
+
+
+ Applies a custom security policy to certain OpenID security settings and behaviors.
+
+
+
+
+ Applies a well known set of security requirements to a default set of security settings.
+
+ The security settings to enhance with the requirements of this profile.
+
+ Care should be taken to never decrease security when applying a profile.
+ Profiles should only enhance security requirements to avoid being
+ incompatible with each other.
+
+
+
+
+ Called when a request is received by the Provider.
+
+ The incoming request.
+
+ true if this behavior owns this request and wants to stop other behaviors
+ from handling it; false to allow other behaviors to process this request.
+
+
+ Implementations may set a new value to but
+ should not change the properties on the instance of
+ itself as that instance may be shared across many requests.
+
+
+
+
+ Called when the Provider is preparing to send a response to an authentication request.
+
+ The request that is configured to generate the outgoing response.
+
+ true if this behavior owns this request and wants to stop other behaviors
+ from handling it; false to allow other behaviors to process this request.
+
+
+
+
+ Code contract for the type.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Applies a well known set of security requirements to a default set of security settings.
+
+ The security settings to enhance with the requirements of this profile.
+
+ Care should be taken to never decrease security when applying a profile.
+ Profiles should only enhance security requirements to avoid being
+ incompatible with each other.
+
+
+
+
+ Called when a request is received by the Provider.
+
+ The incoming request.
+
+ true if this behavior owns this request and wants to stop other behaviors
+ from handling it; false to allow other behaviors to process this request.
+
+
+ Implementations may set a new value to but
+ should not change the properties on the instance of
+ itself as that instance may be shared across many requests.
+
+
+
+
+ Called when the Provider is preparing to send a response to an authentication request.
+
+ The request that is configured to generate the outgoing response.
+
+ true if this behavior owns this request and wants to stop other behaviors
+ from handling it; false to allow other behaviors to process this request.
+
+
+
+
+ Code contract for the interface.
+
+
+
+
+ Prevents a default instance of the class from being created.
+
+
+
+
+ Adds an extension to the response to send to the relying party.
+
+ The extension to add to the response message.
+
+
+
+ Removes any response extensions previously added using .
+
+
+ This should be called before sending a negative response back to the relying party
+ if extensions were already added, since negative responses cannot carry extensions.
+
+
+
+
+ Gets an extension sent from the relying party.
+
+ The type of the extension.
+
+ An instance of the extension initialized with values passed in with the request.
+
+
+
+
+ Gets an extension sent from the relying party.
+
+ The type of the extension.
+
+ An instance of the extension initialized with values passed in with the request.
+
+
+
+
+ Gets or sets the security settings that apply to this request.
+
+ Defaults to the OpenIdProvider.SecuritySettings on the OpenIdProvider.
+
+
+
+ Gets a value indicating whether the response is ready to be sent to the user agent.
+
+
+ This property returns false if there are properties that must be set on this
+ request instance before the response can be sent.
+
+
+
+
+ Security settings that are applicable to providers.
+
+
+
+
+ Security settings that may be applicable to both relying parties and providers.
+
+
+
+
+ Gets the default minimum hash bit length.
+
+
+
+
+ Gets the maximum hash bit length default for relying parties.
+
+
+
+
+ Gets the maximum hash bit length default for providers.
+
+
+
+
+ Initializes a new instance of the class.
+
+ A value indicating whether this class is being instantiated for a Provider.
+
+
+
+ Determines whether a named association fits the security requirements.
+
+ The protocol carrying the association.
+ The value of the openid.assoc_type parameter.
+
+ true if the association is permitted given the security requirements; otherwise, false.
+
+
+
+
+ Determines whether a given association fits the security requirements.
+
+ The association to check.
+
+ true if the association is permitted given the security requirements; otherwise, false.
+
+
+
+
+ Gets or sets the minimum hash length (in bits) allowed to be used in an
+ with the remote party. The default is 160.
+
+
+ SHA-1 (160 bits) has been broken. The minimum secure hash length is now 256 bits.
+ The default is still a 160 bit minimum to allow interop with common remote parties,
+ such as Yahoo! that only supports 160 bits.
+ For sites that require high security such as to store bank account information and
+ health records, 256 is the recommended value.
+
+
+
+
+ Gets or sets the maximum hash length (in bits) allowed to be used in an
+ with the remote party. The default is 256 for relying parties and 512 for providers.
+
+
+ The longer the bit length, the more secure the identities of your visitors are.
+ Setting a value higher than 256 on a relying party site may reduce performance
+ as many association requests will be denied, causing secondary requests or even
+ authentication failures.
+ Setting a value higher than 256 on a provider increases security where possible
+ without these side-effects.
+
+
+
+
+ Gets or sets a value indicating whether identifiers that are both OP Identifiers and Claimed Identifiers
+ should ever be recognized as claimed identifiers.
+
+
+ The default value is false, per the OpenID 2.0 spec.
+
+
+ OpenID 2.0 sections 7.3.2.2 and 11.2 specify that OP Identifiers never be recognized as Claimed Identifiers.
+ However, for some scenarios it may be desirable for an RP to override this behavior and allow this.
+ The security ramifications of setting this property to true have not been fully explored and
+ therefore this setting should only be changed with caution.
+
+
+
+
+ The default value for the property.
+
+
+
+
+ The default value for the property.
+
+
+
+
+ The default value for the property.
+
+
+
+
+ The default value for the property.
+
+
+
+
+ The subset of association types and their customized lifetimes.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Creates a deep clone of this instance.
+
+ A new instance that is a deep clone of this instance.
+
+
+
+ Gets a subset of the available association types and their
+ customized maximum lifetimes.
+
+
+
+
+ Gets or sets a value indicating whether Relying Party discovery will only
+ succeed if done over a secure HTTPS channel.
+
+ Default is false.
+
+
+
+ Gets or sets the level of verification a Provider performs on an identifier before
+ sending an unsolicited assertion for it.
+
+ The default value is .
+
+
+
+ Gets or sets a value indicating whether the Provider should ease the burden of storing associations
+ by encoding them in signed, encrypted form into the association handles themselves, storing only
+ a few rotating, private symmetric keys in the Provider's store instead.
+
+ The default value for this property is true.
+
+
+
+ Gets or sets a value indicating whether OpenID 1.x relying parties that may not be
+ protecting their users from replay attacks are protected from
+ replay attacks by this provider.
+
+ The default value is true.
+
+ Nonces for protection against replay attacks were not mandated
+ by OpenID 1.x, which leaves users open to replay attacks.
+ This feature works by preventing associations from being used
+ with OpenID 1.x relying parties, thereby forcing them into
+ "dumb" mode and verifying every claim with this provider.
+ This gives the provider an opportunity to verify its own nonce
+ to protect against replay attacks.
+
+
+
+
+ Gets or sets a value indicating whether outgoing extensions are always signed.
+
+
+ true if outgoing extensions should be signed; otherwise, false.
+ The default is true.
+
+
+ This property is internal because Providers should never turn it off, but it is
+ needed for testing the RP's rejection of unsigned extensions.
+
+
+
+
+ The behavior a Provider takes when verifying that it is authoritative for an
+ identifier it is about to send an unsolicited assertion for.
+
+
+
+
+ Always verify that the Provider is authoritative for an identifier before
+ sending an unsolicited assertion for it and fail if it is not.
+
+
+
+
+ Always check that the Provider is authoritative for an identifier before
+ sending an unsolicited assertion for it, but only log failures, and proceed
+ to send the unsolicited assertion.
+
+
+
+
+ Never verify that the Provider is authoritative for an identifier before
+ sending an unsolicited assertion for it.
+
+
+ This setting is useful for web servers that refuse to allow a Provider to
+ introspectively perform an HTTP GET on itself, when sending unsolicited assertions
+ for identifiers that the OP controls.
+
+
+
+
+ The result codes that may be returned from an attempt at relying party discovery.
+
+
+
+
+ Relying Party discovery failed to find an XRDS document or the document was invalid.
+
+
+ This can happen either when a relying party does not offer a service document at all,
+ or when a man-in-the-middle attack is in progress that prevents the Provider from being
+ able to discover that document.
+
+
+
+
+ Relying Party discovery yielded a valid XRDS document, but no matching return_to URI was found.
+
+
+ This is perhaps the most dangerous rating for a relying party, since it suggests that
+ they are implementing OpenID 2.0 securely, but that a hijack operation may be in progress.
+
+
+
+
+ Relying Party discovery succeeded, and a matching return_to URI was found.
+
+
+
+
+ An enumeration of the possible results of an authentication attempt.
+
+
+
+
+ The authentication was canceled by the user agent while at the provider.
+
+
+
+
+ The authentication failed because an error was detected in the OpenId communication.
+
+
+
+
+ The Provider responded to a request for immediate authentication approval
+ with a message stating that additional user agent interaction is required
+ before authentication can be completed.
+ Casting the to a
+ ISetupRequiredAuthenticationResponse in this case can help
+ you retry the authentication using setup (non-immediate) mode.
+
+
+
+
+ Authentication is completed successfully.
+
+
+
+
+ The Provider sent a message that did not contain an identity assertion,
+ but may carry OpenID extensions.
+
+
+
+
+ Instances of this interface represent relying party authentication
+ requests that may be queried/modified in specific ways before being
+ routed to the OpenID Provider.
+
+
+
+
+ Makes a dictionary of key/value pairs available when the authentication is completed.
+
+ The arguments to add to the request's return_to URI. Values must not be null.
+
+ Note that these values are NOT protected against eavesdropping in transit. No
+ privacy-sensitive data should be stored using this method.
+ The values stored here can be retrieved using
+ , which will only return the value
+ if it can be verified as untampered with in transit.
+ Since the data set here is sent in the querystring of the request and some
+ servers place limits on the size of a request URL, this data should be kept relatively
+ small to ensure successful authentication. About 1.5KB is about all that should be stored.
+
+
+
+
+ Makes a key/value pair available when the authentication is completed.
+
+ The parameter name.
+ The value of the argument. Must not be null.
+
+ Note that these values are NOT protected against eavesdropping in transit. No
+ privacy-sensitive data should be stored using this method.
+ The value stored here can be retrieved using
+ , which will only return the value
+ if it can be verified as untampered with in transit.
+ Since the data set here is sent in the querystring of the request and some
+ servers place limits on the size of a request URL, this data should be kept relatively
+ small to ensure successful authentication. About 1.5KB is about all that should be stored.
+
+
+
+
+ Makes a key/value pair available when the authentication is completed.
+
+ The parameter name.
+ The value of the argument. Must not be null.
+
+ Note that these values are NOT protected against eavesdropping in transit. No
+ security-sensitive data should be stored using this method.
+ The value stored here can be retrieved using
+ .
+ Since the data set here is sent in the querystring of the request and some
+ servers place limits on the size of a request URL, this data should be kept relatively
+ small to ensure successful authentication. About 1.5KB is about all that should be stored.
+
+
+
+
+ Makes a key/value pair available when the authentication is completed without
+ requiring a return_to signature to protect against tampering of the callback argument.
+
+ The parameter name.
+ The value of the argument. Must not be null.
+
+ Note that these values are NOT protected against eavesdropping or tampering in transit. No
+ security-sensitive data should be stored using this method.
+ The value stored here can be retrieved using
+ .
+ Since the data set here is sent in the querystring of the request and some
+ servers place limits on the size of a request URL, this data should be kept relatively
+ small to ensure successful authentication. About 1.5KB is about all that should be stored.
+
+
+
+
+ Adds an OpenID extension to the request directed at the OpenID provider.
+
+ The initialized extension to add to the request.
+
+
+
+ Redirects the user agent to the provider for authentication.
+ Execution of the current page terminates after this call.
+
+
+ This method requires an ASP.NET HttpContext.
+
+
+
+
+ Gets or sets the mode the Provider should use during authentication.
+
+
+
+
+ Gets the HTTP response the relying party should send to the user agent
+ to redirect it to the OpenID Provider to start the OpenID authentication process.
+
+
+
+
+ Gets the URL that the user agent will return to after authentication
+ completes or fails at the Provider.
+
+
+
+
+ Gets the URL that identifies this consumer web application that
+ the Provider will display to the end user.
+
+
+
+
+ Gets the Claimed Identifier that the User Supplied Identifier
+ resolved to. Null if the user provided an OP Identifier
+ (directed identity).
+
+
+ Null is returned if the user is using the directed identity feature
+ of OpenID 2.0 to make it nearly impossible for a relying party site
+ to improperly store the reserved OpenID URL used for directed identity
+ as a user's own Identifier.
+ However, to test for the Directed Identity feature, please test the
+ property rather than testing this
+ property for a null value.
+
+
+
+
+ Gets a value indicating whether the authenticating user has chosen to let the Provider
+ determine and send the ClaimedIdentifier after authentication.
+
+
+
+
+ Gets or sets a value indicating whether this request only carries extensions
+ and is not a request to verify that the user controls some identifier.
+
+
+ true if this request is merely a carrier of extensions and is not
+ about an OpenID identifier; otherwise, false.
+
+
+ Although OpenID is first and primarily an authentication protocol, its extensions
+ can be interesting all by themselves. For instance, a relying party might want
+ to know that its user is over 21 years old, or perhaps a member of some organization.
+ OpenID extensions can provide this, without any need for asserting the identity of the user.
+ Constructing an OpenID request for only extensions can be done by calling
+ OpenIdRelyingParty.CreateRequest with any valid OpenID identifier
+ (claimed identifier or OP identifier). But once this property is set to true,
+ the claimed identifier value in the request is not included in the transmitted message.
+ It is anticipated that an RP would only issue these types of requests to OPs that
+ trusts to make assertions regarding the individual holding an account at that OP, so it
+ is not likely that the RP would allow the user to type in an arbitrary claimed identifier
+ without checking that it resolved to an OP endpoint the RP has on a trust whitelist.
+
+
+
+
+ Gets information about the OpenId Provider, as advertised by the
+ OpenID discovery documents found at the
+ location.
+
+
+
+
+ Gets the discovery result leading to the formulation of this request.
+
+ The discovery result.
+
+
+
+ An instance of this interface represents an identity assertion
+ from an OpenID Provider. It may be in response to an authentication
+ request previously put to it by a Relying Party site or it may be an
+ unsolicited assertion.
+
+
+ Relying party web sites should handle both solicited and unsolicited
+ assertions. This interface does not offer a way to discern between
+ solicited and unsolicited assertions as they should be treated equally.
+
+
+
+
+ Gets a callback argument's value that was previously added using
+ .
+
+ The name of the parameter whose value is sought.
+
+ The value of the argument, or null if the named parameter could not be found.
+
+
+ Callback parameters are only available if they are complete and untampered with
+ since the original request message (as proven by a signature).
+ If the relying party is operating in stateless mode null is always
+ returned since the callback arguments could not be signed to protect against
+ tampering.
+
+
+
+
+ Gets a callback argument's value that was previously added using
+ .
+
+ The name of the parameter whose value is sought.
+
+ The value of the argument, or null if the named parameter could not be found.
+
+
+ Callback parameters are only available even if the RP is in stateless mode,
+ or the callback parameters are otherwise unverifiable as untampered with.
+ Therefore, use this method only when the callback argument is not to be
+ used to make a security-sensitive decision.
+
+
+
+
+ Gets all the callback arguments that were previously added using
+ or as a natural part
+ of the return_to URL.
+
+ A name-value dictionary. Never null.
+
+ Callback parameters are only available if they are complete and untampered with
+ since the original request message (as proven by a signature).
+ If the relying party is operating in stateless mode an empty dictionary is always
+ returned since the callback arguments could not be signed to protect against
+ tampering.
+
+
+
+
+ Gets all the callback arguments that were previously added using
+ or as a natural part
+ of the return_to URL.
+
+ A name-value dictionary. Never null.
+
+ Callback parameters are only available even if the RP is in stateless mode,
+ or the callback parameters are otherwise unverifiable as untampered with.
+ Therefore, use this method only when the callback argument is not to be
+ used to make a security-sensitive decision.
+
+
+
+
+ Tries to get an OpenID extension that may be present in the response.
+
+ The type of extension to look for in the response message.
+
+ The extension, if it is found. Null otherwise.
+
+
+ Extensions are returned only if the Provider signed them.
+ Relying parties that do not care if the values were modified in
+ transit should use the method
+ in order to allow the Provider to not sign the extension.
+ Unsigned extensions are completely unreliable and should be
+ used only to prefill user forms since the user or any other third
+ party may have tampered with the data carried by the extension.
+ Signed extensions are only reliable if the relying party
+ trusts the OpenID Provider that signed them. Signing does not mean
+ the relying party can trust the values -- it only means that the values
+ have not been tampered with since the Provider sent the message.
+
+
+
+
+ Tries to get an OpenID extension that may be present in the response.
+
+ Type of the extension to look for in the response.
+
+ The extension, if it is found. Null otherwise.
+
+
+ Extensions are returned only if the Provider signed them.
+ Relying parties that do not care if the values were modified in
+ transit should use the method
+ in order to allow the Provider to not sign the extension.
+ Unsigned extensions are completely unreliable and should be
+ used only to prefill user forms since the user or any other third
+ party may have tampered with the data carried by the extension.
+ Signed extensions are only reliable if the relying party
+ trusts the OpenID Provider that signed them. Signing does not mean
+ the relying party can trust the values -- it only means that the values
+ have not been tampered with since the Provider sent the message.
+
+
+
+
+ Tries to get an OpenID extension that may be present in the response, without
+ requiring it to be signed by the Provider.
+
+ The type of extension to look for in the response message.
+
+ The extension, if it is found. Null otherwise.
+
+
+ Extensions are returned whether they are signed or not.
+ Use the method to retrieve
+ extension responses only if they are signed by the Provider to
+ protect against tampering.
+ Unsigned extensions are completely unreliable and should be
+ used only to prefill user forms since the user or any other third
+ party may have tampered with the data carried by the extension.
+ Signed extensions are only reliable if the relying party
+ trusts the OpenID Provider that signed them. Signing does not mean
+ the relying party can trust the values -- it only means that the values
+ have not been tampered with since the Provider sent the message.
+
+
+
+
+ Tries to get an OpenID extension that may be present in the response, without
+ requiring it to be signed by the Provider.
+
+ Type of the extension to look for in the response.
+
+ The extension, if it is found. Null otherwise.
+
+
+ Extensions are returned whether they are signed or not.
+ Use the method to retrieve
+ extension responses only if they are signed by the Provider to
+ protect against tampering.
+ Unsigned extensions are completely unreliable and should be
+ used only to prefill user forms since the user or any other third
+ party may have tampered with the data carried by the extension.
+ Signed extensions are only reliable if the relying party
+ trusts the OpenID Provider that signed them. Signing does not mean
+ the relying party can trust the values -- it only means that the values
+ have not been tampered with since the Provider sent the message.
+
+
+
+
+ Gets the Identifier that the end user claims to own. For use with user database storage and lookup.
+ May be null for some failed authentications (i.e. failed directed identity authentications).
+
+
+
+ This is the secure identifier that should be used for database storage and lookup.
+ It is not always friendly (i.e. =Arnott becomes =!9B72.7DD1.50A9.5CCD), but it protects
+ user identities against spoofing and other attacks.
+
+
+ For user-friendly identifiers to display, use the
+ property.
+
+
+
+
+
+ Gets a user-friendly OpenID Identifier for display purposes ONLY.
+
+
+
+ This should be put through before
+ sending to a browser to secure against javascript injection attacks.
+
+
+ This property retains some aspects of the user-supplied identifier that get lost
+ in the . For example, XRIs used as user-supplied
+ identifiers (i.e. =Arnott) become unfriendly unique strings (i.e. =!9B72.7DD1.50A9.5CCD).
+ For display purposes, such as text on a web page that says "You're logged in as ...",
+ this property serves to provide the =Arnott string, or whatever else is the most friendly
+ string close to what the user originally typed in.
+
+
+ If the user-supplied identifier is a URI, this property will be the URI after all
+ redirects, and with the protocol and fragment trimmed off.
+ If the user-supplied identifier is an XRI, this property will be the original XRI.
+ If the user-supplied identifier is an OpenID Provider identifier (i.e. yahoo.com),
+ this property will be the Claimed Identifier, with the protocol stripped if it is a URI.
+
+
+ It is very important that this property never be used for database storage
+ or lookup to avoid identity spoofing and other security risks. For database storage
+ and lookup please use the property.
+
+
+
+
+
+ Gets the detailed success or failure status of the authentication attempt.
+
+
+
+
+ Gets information about the OpenId Provider, as advertised by the
+ OpenID discovery documents found at the
+ location, if available.
+
+
+ The Provider endpoint that issued the positive assertion;
+ or null if information about the Provider is unavailable.
+
+
+
+
+ Gets the details regarding a failed authentication attempt, if available.
+ This will be set if and only if is .
+
+
+
+
+ Code contract for the type.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Gets a callback argument's value that was previously added using
+ .
+
+ The name of the parameter whose value is sought.
+
+ The value of the argument, or null if the named parameter could not be found.
+
+
+ This may return any argument on the querystring that came with the authentication response,
+ which may include parameters not explicitly added using
+ .
+ Note that these values are NOT protected against tampering in transit.
+
+
+
+
+ Gets all the callback arguments that were previously added using
+ or as a natural part
+ of the return_to URL.
+
+ A name-value dictionary. Never null.
+
+ This MAY return any argument on the querystring that came with the authentication response,
+ which may include parameters not explicitly added using
+ .
+ Note that these values are NOT protected against tampering in transit.
+
+
+
+
+ Tries to get an OpenID extension that may be present in the response.
+
+ The type of extension to look for in the response message.
+
+ The extension, if it is found. Null otherwise.
+
+
+ Extensions are returned only if the Provider signed them.
+ Relying parties that do not care if the values were modified in
+ transit should use the method
+ in order to allow the Provider to not sign the extension.
+ Unsigned extensions are completely unreliable and should be
+ used only to prefill user forms since the user or any other third
+ party may have tampered with the data carried by the extension.
+ Signed extensions are only reliable if the relying party
+ trusts the OpenID Provider that signed them. Signing does not mean
+ the relying party can trust the values -- it only means that the values
+ have not been tampered with since the Provider sent the message.
+
+
+
+
+ Tries to get an OpenID extension that may be present in the response.
+
+ Type of the extension to look for in the response.
+
+ The extension, if it is found. Null otherwise.
+
+
+ Extensions are returned only if the Provider signed them.
+ Relying parties that do not care if the values were modified in
+ transit should use the method
+ in order to allow the Provider to not sign the extension.
+ Unsigned extensions are completely unreliable and should be
+ used only to prefill user forms since the user or any other third
+ party may have tampered with the data carried by the extension.
+ Signed extensions are only reliable if the relying party
+ trusts the OpenID Provider that signed them. Signing does not mean
+ the relying party can trust the values -- it only means that the values
+ have not been tampered with since the Provider sent the message.
+
+
+
+
+ Tries to get an OpenID extension that may be present in the response, without
+ requiring it to be signed by the Provider.
+
+ The type of extension to look for in the response message.
+
+ The extension, if it is found. Null otherwise.
+
+
+ Extensions are returned whether they are signed or not.
+ Use the method to retrieve
+ extension responses only if they are signed by the Provider to
+ protect against tampering.
+ Unsigned extensions are completely unreliable and should be
+ used only to prefill user forms since the user or any other third
+ party may have tampered with the data carried by the extension.
+ Signed extensions are only reliable if the relying party
+ trusts the OpenID Provider that signed them. Signing does not mean
+ the relying party can trust the values -- it only means that the values
+ have not been tampered with since the Provider sent the message.
+
+
+
+
+ Tries to get an OpenID extension that may be present in the response, without
+ requiring it to be signed by the Provider.
+
+ Type of the extension to look for in the response.
+
+ The extension, if it is found. Null otherwise.
+
+
+ Extensions are returned whether they are signed or not.
+ Use the method to retrieve
+ extension responses only if they are signed by the Provider to
+ protect against tampering.
+ Unsigned extensions are completely unreliable and should be
+ used only to prefill user forms since the user or any other third
+ party may have tampered with the data carried by the extension.
+ Signed extensions are only reliable if the relying party
+ trusts the OpenID Provider that signed them. Signing does not mean
+ the relying party can trust the values -- it only means that the values
+ have not been tampered with since the Provider sent the message.
+
+
+
+
+ Gets a callback argument's value that was previously added using
+ .
+
+ The name of the parameter whose value is sought.
+
+ The value of the argument, or null if the named parameter could not be found.
+
+
+ Callback parameters are only available even if the RP is in stateless mode,
+ or the callback parameters are otherwise unverifiable as untampered with.
+ Therefore, use this method only when the callback argument is not to be
+ used to make a security-sensitive decision.
+
+
+
+
+ Gets all the callback arguments that were previously added using
+ or as a natural part
+ of the return_to URL.
+
+ A name-value dictionary. Never null.
+
+ Callback parameters are only available even if the RP is in stateless mode,
+ or the callback parameters are otherwise unverifiable as untampered with.
+ Therefore, use this method only when the callback argument is not to be
+ used to make a security-sensitive decision.
+
+
+
+
+ Gets the Identifier that the end user claims to own. For use with user database storage and lookup.
+ May be null for some failed authentications (i.e. failed directed identity authentications).
+
+
+
+
+ This is the secure identifier that should be used for database storage and lookup.
+ It is not always friendly (i.e. =Arnott becomes =!9B72.7DD1.50A9.5CCD), but it protects
+ user identities against spoofing and other attacks.
+
+
+ For user-friendly identifiers to display, use the
+ property.
+
+
+
+
+
+ Gets a user-friendly OpenID Identifier for display purposes ONLY.
+
+
+
+
+ This should be put through before
+ sending to a browser to secure against javascript injection attacks.
+
+
+ This property retains some aspects of the user-supplied identifier that get lost
+ in the . For example, XRIs used as user-supplied
+ identifiers (i.e. =Arnott) become unfriendly unique strings (i.e. =!9B72.7DD1.50A9.5CCD).
+ For display purposes, such as text on a web page that says "You're logged in as ...",
+ this property serves to provide the =Arnott string, or whatever else is the most friendly
+ string close to what the user originally typed in.
+
+
+ If the user-supplied identifier is a URI, this property will be the URI after all
+ redirects, and with the protocol and fragment trimmed off.
+ If the user-supplied identifier is an XRI, this property will be the original XRI.
+ If the user-supplied identifier is an OpenID Provider identifier (i.e. yahoo.com),
+ this property will be the Claimed Identifier, with the protocol stripped if it is a URI.
+
+
+ It is very important that this property never be used for database storage
+ or lookup to avoid identity spoofing and other security risks. For database storage
+ and lookup please use the property.
+
+
+
+
+
+ Gets the detailed success or failure status of the authentication attempt.
+
+
+
+
+
+ Gets information about the OpenId Provider, as advertised by the
+ OpenID discovery documents found at the
+ location, if available.
+
+
+ The Provider endpoint that issued the positive assertion;
+ or null if information about the Provider is unavailable.
+
+
+
+
+ Gets the details regarding a failed authentication attempt, if available.
+ This will be set if and only if is .
+
+
+
+
+
+ Applies a custom security policy to certain OpenID security settings and behaviors.
+
+
+
+
+ Applies a well known set of security requirements to a default set of security settings.
+
+ The security settings to enhance with the requirements of this profile.
+
+ Care should be taken to never decrease security when applying a profile.
+ Profiles should only enhance security requirements to avoid being
+ incompatible with each other.
+
+
+
+
+ Called when an authentication request is about to be sent.
+
+ The request.
+
+ Implementations should be prepared to be called multiple times on the same outgoing message
+ without malfunctioning.
+
+
+
+
+ Called when an incoming positive assertion is received.
+
+ The positive assertion.
+
+
+
+ Contract class for the interface.
+
+
+
+
+ Prevents a default instance of the class from being created.
+
+
+
+
+ Applies a well known set of security requirements to a default set of security settings.
+
+ The security settings to enhance with the requirements of this profile.
+
+ Care should be taken to never decrease security when applying a profile.
+ Profiles should only enhance security requirements to avoid being
+ incompatible with each other.
+
+
+
+
+ Called when an authentication request is about to be sent.
+
+ The request.
+
+ Implementations should be prepared to be called multiple times on the same outgoing message
+ without malfunctioning.
+
+
+
+
+ Called when an incoming positive assertion is received.
+
+ The positive assertion.
+
+
+
+ A message a Relying Party sends to a Provider to confirm the validity
+ of a positive assertion that was signed by a Provider-only secret.
+
+
+ The significant payload of this message depends entirely upon the
+ assertion message, and therefore is all in the
+ property bag.
+
+
+
+
+ A common base class for OpenID request messages and indirect responses (since they are ultimately requests).
+
+
+
+
+ The openid.ns parameter in the message.
+
+ "http://specs.openid.net/auth/2.0"
+
+ This particular value MUST be present for the request to be a valid OpenID Authentication 2.0 request. Future versions of the specification may define different values in order to allow message recipients to properly interpret the request.
+
+
+
+
+ Backing store for the property.
+
+
+
+
+ Backing store for the property.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The OpenID version this message must comply with.
+ The OpenID Provider endpoint.
+ The value for the openid.mode parameter.
+ A value indicating whether the message will be transmitted directly or indirectly.
+
+
+
+ Checks the message state for conformity to the protocol specification
+ and throws an exception if the message is invalid.
+
+
+ Some messages have required fields, or combinations of fields that must relate to each other
+ in specialized ways. After deserializing a message, this method checks the state of the
+ message to see if it conforms to the protocol.
+ Note that this property should not check signatures or perform any state checks
+ outside this scope of this particular message.
+
+ Thrown if the message is invalid.
+
+
+
+ Sets a flag indicating that this message is received (as opposed to sent).
+
+
+
+
+ Gets some string from a given version of the OpenID protocol.
+
+ The protocol version to use for lookup.
+ A function that can retrieve the desired protocol constant.
+ The value of the constant.
+
+ This method can be used by a constructor to throw an
+ instead of a .
+
+
+
+
+ Gets the value of the openid.mode parameter.
+
+
+
+
+ Gets the preferred method of transport for the message.
+
+
+ For direct messages this is the OpenID mandated POST.
+ For indirect messages both GET and POST are allowed.
+
+
+
+
+ Gets the recipient of the message.
+
+ The OP endpoint, or the RP return_to.
+
+
+
+ Gets the version of the protocol this message is prepared to implement.
+
+ Version 2.0
+
+
+
+ Gets the level of protection this message requires.
+
+
+
+
+
+ Gets a value indicating whether this is a direct or indirect message.
+
+
+
+
+
+ Gets the extra parameters included in the message.
+
+ An empty dictionary.
+
+
+
+ Gets a value indicating whether this message was deserialized as an incoming message.
+
+
+
+
+ Gets the protocol used by this message.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The OpenID version this message must comply with.
+ The OpenID Provider endpoint.
+
+
+
+ Initializes a new instance of the class
+ based on the contents of some signed message whose signature must be verified.
+
+ The message whose signature should be verified.
+ The channel. This is used only within the constructor and is not stored in a field.
+
+
+
+ Gets or sets a value indicating whether the signature being verified by this request
+ is in fact valid.
+
+ true if the signature is valid; otherwise, false.
+
+ This property is automatically set as the message is received by the channel's
+ signing binding element.
+
+
+
+
+ Gets or sets the ReturnTo that existed in the original signed message.
+
+
+ This exists strictly for convenience in recreating the
+ message.
+
+
+
+
+ The message sent from the Provider to the Relying Party to confirm/deny
+ the validity of an assertion that was signed by a private Provider secret.
+
+
+
+
+ A common base class for OpenID direct message responses.
+
+
+
+
+ The openid.ns parameter in the message.
+
+ "http://specs.openid.net/auth/2.0"
+
+ OpenID 2.0 Section 5.1.2:
+ This particular value MUST be present for the response to be a valid OpenID 2.0 response.
+ Future versions of the specification may define different values in order to allow message
+ recipients to properly interpret the request.
+
+
+
+
+ Backing store for the properties.
+
+
+
+
+ Backing store for the properties.
+
+
+
+
+ The dictionary of parameters that are not part of the OpenID specification.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The OpenID version of the response message.
+ The originating request. May be null in case the request is unrecognizable and this is an error response.
+
+
+
+ Checks the message state for conformity to the protocol specification
+ and throws an exception if the message is invalid.
+
+
+ Some messages have required fields, or combinations of fields that must relate to each other
+ in specialized ways. After deserializing a message, this method checks the state of the
+ message to see if it conforms to the protocol.
+ Note that this property should not check signatures or perform any state checks
+ outside this scope of this particular message.
+
+ Thrown if the message is invalid.
+
+
+
+ Sets a flag indicating that this message is received (as opposed to sent).
+
+
+
+
+ Gets the version of the protocol this message is prepared to implement.
+
+ Version 2.0
+
+
+
+ Gets the level of protection this message requires.
+
+
+
+
+
+ Gets a value indicating whether this is a direct or indirect message.
+
+
+
+
+
+ Gets the extra, non-OAuth parameters included in the message.
+
+
+
+
+ Gets the originating request message that caused this response to be formed.
+
+
+ This property may be null if the request message was undecipherable.
+
+
+
+
+ Gets a value indicating whether this message was deserialized as an incoming message.
+
+
+
+
+ Gets the protocol used by this message.
+
+
+
+
+ Gets the originating request message that caused this response to be formed.
+
+
+
+
+ Initializes a new instance of the class
+ for use by the Relying Party.
+
+ The OpenID version of the response message.
+ The request that this message is responding to.
+
+
+
+ Gets or sets a value indicating whether the signature of the verification request is valid.
+
+
+
+
+ Gets or sets the handle the relying party should invalidate if is true.
+
+ The "invalidate_handle" value sent in the verification request, if the OP confirms it is invalid.
+
+ If present in a verification response with "is_valid" set to "true",
+ the Relying Party SHOULD remove the corresponding association from
+ its store and SHOULD NOT send further authentication requests with
+ this handle.
+ This two-step process for invalidating associations is necessary
+ to prevent an attacker from invalidating an association at will by
+ adding "invalidate_handle" parameters to an authentication response.
+ For OpenID 1.1, we allow this to be present but empty to put up with poor implementations such as Blogger.
+
+
+
+
+ An authentication request from a Relying Party to a Provider.
+
+
+ This message type satisfies OpenID 2.0 section 9.1.
+
+
+
+
+ An indirect request from a Relying Party to a Provider where the response
+ is expected to be signed.
+
+
+
+
+ Backing store for the property.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The OpenID version to use.
+ The Provider endpoint that receives this message.
+
+ for asynchronous javascript clients;
+ to allow the Provider to interact with the user in order to complete authentication.
+
+
+
+
+ Checks the message state for conformity to the protocol specification
+ and throws an exception if the message is invalid.
+
+
+ Some messages have required fields, or combinations of fields that must relate to each other
+ in specialized ways. After deserializing a message, this method checks the state of the
+ message to see if it conforms to the protocol.
+ Note that this property should not check signatures or perform any state checks
+ outside this scope of this particular message.
+
+ Thrown if the message is invalid.
+
+
+
+ Adds parameters to the return_to querystring.
+
+ The keys=value pairs to add to the return_to query string.
+
+ This method is useful if the Relying Party wants to recall some value
+ when and if a positive assertion comes back from the Provider.
+
+
+
+
+ Adds a parameter to the return_to querystring.
+
+ The name of the parameter.
+ The value of the argument.
+
+ This method is useful if the Relying Party wants to recall some value
+ when and if a positive assertion comes back from the Provider.
+
+
+
+
+ Gets the value of the openid.mode parameter based on the protocol version and immediate flag.
+
+ The OpenID version to use.
+
+ for asynchronous javascript clients;
+ to allow the Provider to interact with the user in order to complete authentication.
+
+ checkid_immediate or checkid_setup
+
+
+
+ Gets the list of extensions that are included with this message.
+
+
+
+ Implementations of this interface should ensure that this property never returns null.
+
+
+
+
+ Gets a value indicating whether the Provider is allowed to interact with the user
+ as part of authentication.
+
+ true if using OpenID immediate mode; otherwise, false.
+
+
+
+ Gets or sets the handle of the association the RP would like the Provider
+ to use for signing a positive assertion in the response message.
+
+ A handle for an association between the Relying Party and the OP
+ that SHOULD be used to sign the response.
+
+ If no association handle is sent, the transaction will take place in Stateless Mode
+ (Verifying Directly with the OpenID Provider).
+
+
+
+
+ Gets or sets the URL the Provider should redirect the user agent to following
+ the authentication attempt.
+
+ URL to which the OP SHOULD return the User-Agent with the response
+ indicating the status of the request.
+
+ If this value is not sent in the request it signifies that the Relying Party
+ does not wish for the end user to be returned.
+ The return_to URL MAY be used as a mechanism for the Relying Party to attach
+ context about the authentication request to the authentication response.
+ This document does not define a mechanism by which the RP can ensure that query
+ parameters are not modified by outside parties; such a mechanism can be defined
+ by the RP itself.
+
+
+
+
+ Gets or sets the Relying Party discovery URL the Provider may use to verify the
+ source of the authentication request.
+
+
+ URL pattern the OP SHOULD ask the end user to trust. See Section 9.2 (Realms).
+ This value MUST be sent if openid.return_to is omitted.
+ Default: The URL.
+
+
+
+
+ Gets or sets a value indicating whether the return_to value should be signed.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The OpenID version to use.
+ The Provider endpoint that receives this message.
+
+ for asynchronous javascript clients;
+ to allow the Provider to interact with the user in order to complete authentication.
+
+
+
+
+ Checks the message state for conformity to the protocol specification
+ and throws an exception if the message is invalid.
+
+
+ Some messages have required fields, or combinations of fields that must relate to each other
+ in specialized ways. After deserializing a message, this method checks the state of the
+ message to see if it conforms to the protocol.
+ Note that this property should not check signatures or perform any state checks
+ outside this scope of this particular message.
+
+ Thrown if the message is invalid.
+
+
+
+ Gets or sets the Claimed Identifier.
+
+
+ "openid.claimed_id" and "openid.identity" SHALL be either both present or both absent.
+ If neither value is present, the assertion is not about an identifier,
+ and will contain other information in its payload, using extensions (Extensions).
+ It is RECOMMENDED that OPs accept XRI identifiers with or without the "xri://" prefix, as specified in the Normalization (Normalization) section.
+
+
+
+
+ Gets or sets the OP Local Identifier.
+
+ The OP-Local Identifier.
+
+ If a different OP-Local Identifier is not specified, the claimed
+ identifier MUST be used as the value for openid.identity.
+ Note: If this is set to the special value
+ "http://specs.openid.net/auth/2.0/identifier_select" then the OP SHOULD
+ choose an Identifier that belongs to the end user. This parameter MAY
+ be omitted if the request is not about an identifier (for instance if
+ an extension is in use that makes the request meaningful without it;
+ see openid.claimed_id above).
+
+
+
+
+ The base class that all successful association response messages derive from.
+
+
+ Association response messages are described in OpenID 2.0 section 8.2. This type covers section 8.2.1.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The OpenID version of the response message.
+ The originating request.
+
+
+
+ Checks the message state for conformity to the protocol specification
+ and throws an exception if the message is invalid.
+
+
+ Some messages have required fields, or combinations of fields that must relate to each other
+ in specialized ways. After deserializing a message, this method checks the state of the
+ message to see if it conforms to the protocol.
+ Note that this property should not check signatures or perform any state checks
+ outside this scope of this particular message.
+
+ Thrown if the message is invalid.
+
+
+
+ Gets or sets the association handle is used as a key to refer to this association in subsequent messages.
+
+ A string 255 characters or less in length. It MUST consist only of ASCII characters in the range 33-126 inclusive (printable non-whitespace characters).
+
+
+
+ Gets or sets the preferred association type. The association type defines the algorithm to be used to sign subsequent messages.
+
+ Value: A valid association type from Section 8.3.
+
+
+
+ Gets or sets the value of the "openid.session_type" parameter from the request.
+ If the OP is unwilling or unable to support this association type, it MUST return an
+ unsuccessful response (Unsuccessful Response Parameters).
+
+ Value: A valid association session type from Section 8.4 (Association Session Types).
+ Note: Unless using transport layer encryption, "no-encryption" MUST NOT be used.
+
+
+
+ Gets or sets the lifetime, in seconds, of this association. The Relying Party MUST NOT use the association after this time has passed.
+
+ An integer, represented in base 10 ASCII.
+
+
+
+ Members found on error response messages sent from a Provider
+ to a Relying Party in response to direct and indirect message
+ requests that result in an error.
+
+
+
+
+ Gets or sets a human-readable message indicating why the request failed.
+
+
+
+
+ Gets or sets the contact address for the administrator of the server.
+
+ The contact address may take any form, as it is intended to be displayed to a person.
+
+
+
+ Gets or sets a reference token, such as a support ticket number or a URL to a news blog, etc.
+
+
+
+
+ A common base class from which indirect response messages should derive.
+
+
+
+
+ Backing store for the property.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The request that caused this response message to be constructed.
+ The value of the openid.mode parameter.
+
+
+
+ Initializes a new instance of the class
+ for unsolicited assertion scenarios.
+
+ The OpenID version supported at the Relying Party.
+
+ The URI at which the Relying Party receives OpenID indirect messages.
+
+ The value to use for the openid.mode parameter.
+
+
+
+ Gets the property of a message.
+
+ The message to fetch the protocol version from.
+ The value of the property.
+
+ This method can be used by a constructor to throw an
+ instead of a .
+
+
+
+
+ Gets the property of a message.
+
+ The message to fetch the ReturnTo from.
+ The value of the property.
+
+ This method can be used by a constructor to throw an
+ instead of a .
+
+
+
+
+ Gets the list of extensions that are included with this message.
+
+
+
+ Implementations of this interface should ensure that this property never returns null.
+
+
+
+
+ Gets the signed extensions on this message.
+
+
+
+
+ Gets the unsigned extensions on this message.
+
+
+
+
+ Gets the originating request message, if applicable.
+
+
+
+
+ An indirect message from a Provider to a Relying Party where at least part of the
+ payload is signed so the Relying Party can verify it has not been tampered with.
+
+
+
+
+ The allowed date/time formats for the response_nonce parameter.
+
+
+ This array of formats is not yet a complete list.
+
+
+
+
+ Backing field for the property.
+
+
+ The field initializer being DateTime.UtcNow allows for OpenID 1.x messages
+ to pass through the StandardExpirationBindingElement.
+
+
+
+
+ Backing store for the property.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+ The authentication request that caused this assertion to be generated.
+
+
+
+
+ Initializes a new instance of the class
+ in order to perform signature verification at the Provider.
+
+ The previously signed message.
+ The channel. This is used only within the constructor and is not stored in a field.
+
+
+
+ Initializes a new instance of the class
+ for unsolicited assertions.
+
+ The OpenID version to use.
+ The return_to URL of the Relying Party.
+ This value will commonly be from ,
+ but for unsolicited assertions may come from the Provider performing RP discovery
+ to find the appropriate return_to URL to use.
+
+
+
+ Checks the message state for conformity to the protocol specification
+ and throws an exception if the message is invalid.
+
+
+ Some messages have required fields, or combinations of fields that must relate to each other
+ in specialized ways. After deserializing a message, this method checks the state of the
+ message to see if it conforms to the protocol.
+ Note that this property should not check signatures or perform any state checks
+ outside this scope of this particular message.
+
+ Thrown if the message is invalid.
+
+
+
+ Gets the value of a named parameter in the return_to URL without signature protection.
+
+ The full name of the parameter whose value is being sought.
+ The value of the parameter if it is present and unaltered from when
+ the Relying Party signed it; null otherwise.
+
+ This method will always return null on the Provider-side, since Providers
+ cannot verify the private signature made by the relying party.
+
+
+
+
+ Gets the names of the callback parameters added to the original authentication request
+ without signature protection.
+
+ A sequence of the callback parameter names.
+
+
+
+ Gets a dictionary of all the message part names and values
+ that are included in the message signature.
+
+ The channel.
+
+ A dictionary of the signed message parts.
+
+
+
+
+ Determines whether one querystring contains every key=value pair that
+ another querystring contains.
+
+ The querystring that should contain at least all the key=value pairs of the other.
+ The querystring containing the set of key=value pairs to test for in the other.
+
+ true if contains all the query parameters that does; false otherwise.
+
+
+
+
+ Verifies that the openid.return_to field matches the URL of the actual HTTP request.
+
+
+ From OpenId Authentication 2.0 section 11.1:
+ To verify that the "openid.return_to" URL matches the URL that is processing this assertion:
+ * The URL scheme, authority, and path MUST be the same between the two URLs.
+ * Any query parameters that are present in the "openid.return_to" URL MUST
+ also be present with the same values in the URL of the HTTP request the RP received.
+
+
+
+
+ Gets the level of protection this message requires.
+
+
+ for OpenID 2.0 messages.
+ for OpenID 1.x messages.
+
+
+ Although the required protection is reduced for OpenID 1.x,
+ this library will provide Relying Party hosts with all protections
+ by adding its own specially-crafted nonce to the authentication request
+ messages except for stateless RPs in OpenID 1.x messages.
+
+
+
+
+ Gets or sets the message signature.
+
+ Base 64 encoded signature calculated as specified in Section 6 (Generating Signatures).
+
+
+
+ Gets or sets the signed parameter order.
+
+ Comma-separated list of signed fields.
+ "op_endpoint,identity,claimed_id,return_to,assoc_handle,response_nonce"
+
+ This entry consists of the fields without the "openid." prefix that the signature covers.
+ This list MUST contain at least "op_endpoint", "return_to" "response_nonce" and "assoc_handle",
+ and if present in the response, "claimed_id" and "identity".
+ Additional keys MAY be signed as part of the message. See Generating Signatures.
+
+
+
+
+ Gets or sets the association handle used to sign the message.
+
+ The handle for the association that was used to sign this assertion.
+
+
+
+ Gets or sets the nonce that will protect the message from replay attacks.
+
+
+
+
+ Gets the context within which the nonce must be unique.
+
+
+
+
+ Gets or sets the UTC date/time the message was originally sent onto the network.
+
+
+ The property setter should ensure a UTC date/time,
+ and throw an exception if this is not possible.
+
+
+ Thrown when a DateTime that cannot be converted to UTC is set.
+
+
+
+
+ Gets or sets the association handle that the Provider wants the Relying Party to not use any more.
+
+ If the Relying Party sent an invalid association handle with the request, it SHOULD be included here.
+
+ For OpenID 1.1, we allow this to be present but empty to put up with poor implementations such as Blogger.
+
+
+
+
+ Gets or sets the Provider Endpoint URI.
+
+
+
+
+ Gets or sets the return_to parameter as the relying party provided
+ it in .
+
+ Verbatim copy of the return_to URL parameter sent in the
+ request, before the Provider modified it.
+
+
+
+ Gets or sets a value indicating whether the
+ URI's query string is unaltered between when the Relying Party
+ sent the original request and when the response was received.
+
+
+ This property is not persisted in the transmitted message, and
+ has no effect on the Provider-side of the communication.
+
+
+
+
+ Gets or sets the nonce that will protect the message from replay attacks.
+
+
+ A string 255 characters or less in length, that MUST be unique to
+ this particular successful authentication response. The nonce MUST start
+ with the current time on the server, and MAY contain additional ASCII
+ characters in the range 33-126 inclusive (printable non-whitespace characters),
+ as necessary to make each response unique. The date and time MUST be
+ formatted as specified in section 5.6 of [RFC3339]
+ (Klyne, G. and C. Newman, “Date and Time on the Internet: Timestamps,” .),
+ with the following restrictions:
+
+ All times must be in the UTC timezone, indicated with a "Z".
+ No fractional seconds are allowed
+
+
+ 2005-05-15T17:11:51ZUNIQUE
+
+
+
+ Gets or sets the nonce that will protect the message from replay attacks.
+
+
+ A string 255 characters or less in length, that MUST be unique to
+ this particular successful authentication response. The nonce MUST start
+ with the current time on the server, and MAY contain additional ASCII
+ characters in the range 33-126 inclusive (printable non-whitespace characters),
+ as necessary to make each response unique. The date and time MUST be
+ formatted as specified in section 5.6 of [RFC3339]
+ (Klyne, G. and C. Newman, “Date and Time on the Internet: Timestamps,” .),
+ with the following restrictions:
+
+ All times must be in the UTC timezone, indicated with a "Z".
+ No fractional seconds are allowed
+
+
+ 2005-05-15T17:11:51ZUNIQUE
+
+
+
+ Gets the querystring key=value pairs in the return_to URL.
+
+
+
+
+ Code contract class for the IOpenIdMessageExtension interface.
+
+
+
+
+ Prevents a default instance of the class from being created.
+
+
+
+
+ Checks the message state for conformity to the protocol specification
+ and throws an exception if the message is invalid.
+
+
+ Some messages have required fields, or combinations of fields that must relate to each other
+ in specialized ways. After deserializing a message, this method checks the state of the
+ message to see if it conforms to the protocol.
+ Note that this property should not check signatures or perform any state checks
+ outside this scope of this particular message.
+
+ Thrown if the message is invalid.
+
+
+
+ Gets the TypeURI the extension uses in the OpenID protocol and in XRDS advertisements.
+
+
+
+
+ Gets the additional TypeURIs that are supported by this extension, in preferred order.
+ May be empty if none other than is supported, but
+ should not be null.
+
+
+ Useful for reading in messages with an older version of an extension.
+ The value in the property is always checked before
+ trying this list.
+ If you do support multiple versions of an extension using this method,
+ consider adding a CreateResponse method to your request extension class
+ so that the response can have the context it needs to remain compatible
+ given the version of the extension in the request message.
+ The for an example.
+
+
+
+
+ Gets or sets a value indicating whether this extension was
+ signed by the sender.
+
+
+ true if this instance is signed by the sender; otherwise, false.
+
+
+
+
+ Gets the version of the protocol or extension this message is prepared to implement.
+
+
+ Implementations of this interface should ensure that this property never returns null.
+
+
+
+
+ Gets the extra, non-standard Protocol parameters included in the message.
+
+
+ Implementations of this interface should ensure that this property never returns null.
+
+
+
+
+ The message OpenID Providers send back to Relying Parties to refuse
+ to assert the identity of a user.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The request that the relying party sent.
+
+
+
+ Initializes a new instance of the class.
+
+ The request that the relying party sent.
+ The channel to use to simulate construction of the user_setup_url, if applicable. May be null, but the user_setup_url will not be constructed.
+
+
+
+ Initializes a new instance of the class.
+
+ The version.
+ The relying party return to.
+ The value of the openid.mode parameter.
+
+
+
+ Checks the message state for conformity to the protocol specification
+ and throws an exception if the message is invalid.
+
+
+ Some messages have required fields, or combinations of fields that must relate to each other
+ in specialized ways. After deserializing a message, this method checks the state of the
+ message to see if it conforms to the protocol.
+ Note that this property should not check signatures or perform any state checks
+ outside this scope of this particular message.
+
+ Thrown if the message is invalid.
+
+
+
+ Constructs the value for the user_setup_url parameter to be sent back
+ in negative assertions in response to OpenID 1.x RP's checkid_immediate requests.
+
+ The immediate request.
+ The channel to use to simulate construction of the message.
+ The value to use for the user_setup_url parameter.
+
+
+
+ Gets the value for the openid.mode that is appropriate for this response.
+
+ The request that we're responding to.
+ The value of the openid.mode parameter to use.
+
+
+
+ Gets or sets the URL the relying party can use to upgrade their authentication
+ request from an immediate to a setup message.
+
+ URL to redirect User-Agent to so the End User can do whatever's necessary to fulfill the assertion.
+
+ This part is only included in OpenID 1.x responses.
+
+
+
+
+ Gets a value indicating whether this
+ is in response to an authentication request made in immediate mode.
+
+ true if the request was in immediate mode; otherwise, false.
+
+
+
+ An identity assertion from a Provider to a Relying Party, stating that the
+ user operating the user agent is in fact some specific user known to the Provider.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+ The authentication request that caused this assertion to be generated.
+
+
+
+
+ Initializes a new instance of the class
+ for unsolicited assertions.
+
+ The OpenID version to use.
+ The return_to URL of the Relying Party.
+ This value will commonly be from ,
+ but for unsolicited assertions may come from the Provider performing RP discovery
+ to find the appropriate return_to URL to use.
+
+
+
+ Initializes a new instance of the class.
+
+ The relying party return_to endpoint that will receive this positive assertion.
+
+
+
+ Gets or sets the Claimed Identifier.
+
+
+ "openid.claimed_id" and "openid.identity" SHALL be either both present or both absent.
+ If neither value is present, the assertion is not about an identifier,
+ and will contain other information in its payload, using extensions (Extensions).
+
+
+
+
+ Gets or sets the OP Local Identifier.
+
+ The OP-Local Identifier.
+
+ OpenID Providers MAY assist the end user in selecting the Claimed
+ and OP-Local Identifiers about which the assertion is made.
+ The openid.identity field MAY be omitted if an extension is in use that
+ makes the response meaningful without it (see openid.claimed_id above).
+
+
+
+
+ Wraps an existing Identifier and prevents it from performing discovery.
+
+
+
+
+ The wrapped identifier.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The ordinary Identifier whose discovery is being masked.
+ Whether this Identifier should claim to be SSL-secure, although no discovery will never generate service endpoints anyway.
+
+
+
+ Returns a that represents the current .
+
+
+ A that represents the current .
+
+
+
+
+ Tests equality between two s.
+
+ The to compare with the current .
+
+ true if the specified is equal to the current ; otherwise, false.
+
+
+ The parameter is null.
+
+
+
+
+ Gets the hash code for an for storage in a hashtable.
+
+
+ A hash code for the current .
+
+
+
+
+ Returns an that has no URI fragment.
+ Quietly returns the original if it is not
+ a or no fragment exists.
+
+
+ A new instance if there was a
+ fragment to remove, otherwise this same instance..
+
+
+
+
+ Converts a given identifier to its secure equivalent.
+ UriIdentifiers originally created with an implied HTTP scheme change to HTTPS.
+ Discovery is made to require SSL for the entire resolution process.
+
+ The newly created secure identifier.
+ If the conversion fails, retains
+ this identifiers identity, but will never discover any endpoints.
+
+ True if the secure conversion was successful.
+ False if the Identifier was originally created with an explicit HTTP scheme.
+
+
+
+
+ A set of utilities especially useful to OpenID.
+
+
+
+
+ The prefix to designate this library's proprietary parameters added to the protocol.
+
+
+
+
+ A static variable that carries the results of a check for the presence of
+ assemblies that are required for the Diffie-Hellman algorithm.
+
+
+
+
+ Creates a random association handle.
+
+ The association handle.
+
+
+
+ Gets the OpenID protocol instance for the version in a message.
+
+ The message.
+ The OpenID protocol instance.
+
+
+
+ Changes the position of some element in a list.
+
+ The type of elements stored in the list.
+ The list to be modified.
+ The new position for the given element.
+ The element to move within the list.
+ Thrown if the element does not already exist in the list.
+
+
+
+ Corrects any URI decoding the Provider may have inappropriately done
+ to our return_to URL, resulting in an otherwise corrupted base64 encoded value.
+
+ The base64 encoded value. May be null.
+
+ The value; corrected if corruption had occurred.
+
+
+ AOL may have incorrectly URI-decoded the token for us in the return_to,
+ resulting in a token URI-decoded twice by the time we see it, and no
+ longer being a valid base64 string.
+ It turns out that the only symbols from base64 that is also encoded
+ in URI encoding rules are the + and / characters.
+ AOL decodes the %2b sequence to the + character
+ and the %2f sequence to the / character (it shouldn't decode at all).
+ When we do our own URI decoding, the + character becomes a space (corrupting base64)
+ but the / character remains a /, so no further corruption happens to this character.
+ So to correct this we just need to change any spaces we find in the token
+ back to + characters.
+
+
+
+
+ Rounds the given downward to the whole second.
+
+ The DateTime object to adjust.
+ The new value.
+
+
+
+ Gets the fully qualified Realm URL, given a Realm that may be relative to a particular page.
+
+ The hosting page that has the realm value to resolve.
+ The realm, which may begin with "*." or "~/".
+ The request context.
+ The fully-qualified realm.
+
+
+
+ Gets the extension factories from the extension aggregator on an OpenID channel.
+
+ The channel.
+ The list of factories that will be used to generate extension instances.
+
+ This is an extension method on rather than an instance
+ method on because the OpenIdRelyingParty
+ and OpenIdProvider classes don't strong-type to
+ to allow flexibility in the specific type of channel the user (or tests)
+ can plug in.
+
+
+
+
+ Loads the Diffie-Hellman assemblies.
+
+ Thrown if the DH assemblies are missing.
+
+
+
+ Gets a value indicating whether Diffie Hellman is available in this installation.
+
+
+ true if Diffie-Hellman functionality is present; otherwise, false.
+
+
+
+
+ Utility methods for working with XRDS documents.
+
+
+
+
+ Finds the Relying Party return_to receiving endpoints.
+
+ The XrdsDocument instance to use in this process.
+ A sequence of Relying Party descriptors for the return_to endpoints.
+
+ This is useful for Providers to send unsolicited assertions to Relying Parties,
+ or for Provider's to perform RP discovery/verification as part of authentication.
+
+
+
+
+ Finds the icons the relying party wants an OP to display as part of authentication,
+ per the UI extension spec.
+
+ The XrdsDocument to search.
+ A sequence of the icon URLs in preferred order.
+
+
+
+ Enumerates the XRDS service elements that describe OpenID Relying Party return_to URLs
+ that can receive authentication assertions.
+
+ The XrdsDocument instance to use in this process.
+ A sequence of service elements.
+
+
+
+ Describes some OpenID Provider endpoint and its capabilities.
+
+
+ This is an immutable type.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The OpenID Provider endpoint URL.
+ The OpenID version supported by this particular endpoint.
+
+
+
+ Initializes a new instance of the class.
+
+ The URI the provider listens on for OpenID requests.
+ The set of services offered by this endpoint.
+
+
+
+ Checks whether the OpenId Identifier claims support for a given extension.
+
+ The extension whose support is being queried.
+
+ True if support for the extension is advertised. False otherwise.
+
+
+ Note that a true or false return value is no guarantee of a Provider's
+ support for or lack of support for an extension. The return value is
+ determined by how the authenticating user filled out his/her XRDS document only.
+ The only way to be sure of support for a given extension is to include
+ the extension in the request and see if a response comes back for that extension.
+
+
+
+
+ Checks whether the OpenId Identifier claims support for a given extension.
+
+ The extension whose support is being queried.
+
+ True if support for the extension is advertised. False otherwise.
+
+
+ Note that a true or false return value is no guarantee of a Provider's
+ support for or lack of support for an extension. The return value is
+ determined by how the authenticating user filled out his/her XRDS document only.
+ The only way to be sure of support for a given extension is to include
+ the extension in the request and see if a response comes back for that extension.
+
+
+
+
+ Gets the URL that the OpenID Provider listens for incoming OpenID messages on.
+
+
+
+
+ Gets the OpenID protocol version this endpoint supports.
+
+
+ If an endpoint supports multiple versions, each version must be represented
+ by its own object.
+
+
+
+
+ Gets the collection of service type URIs found in the XRDS document describing this Provider.
+
+
+
+
+ A trust root to validate requests and match return URLs against.
+
+
+ This fills the OpenID Authentication 2.0 specification for realms.
+ See http://openid.net/specs/openid-authentication-2_0.html#realms
+
+
+
+
+ A regex used to detect a wildcard that is being used in the realm.
+
+
+
+
+ A (more or less) comprehensive list of top-level (i.e. ".com") domains,
+ for use by in order to disallow overly-broad realms
+ that allow all web sites ending with '.com', for example.
+
+
+
+
+ The Uri of the realm, with the wildcard (if any) removed.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The realm URL to use in the new instance.
+
+
+
+ Initializes a new instance of the class.
+
+ The realm URL of the Relying Party.
+
+
+
+ Initializes a new instance of the class.
+
+ The realm URI builder.
+
+ This is useful because UriBuilder can construct a host with a wildcard
+ in the Host property, but once there it can't be converted to a Uri.
+
+
+
+
+ Implicitly converts the string-form of a URI to a object.
+
+ The URI that the new Realm instance will represent.
+ The result of the conversion.
+
+
+
+ Implicitly converts a to a object.
+
+ The URI to convert to a realm.
+ The result of the conversion.
+
+
+
+ Implicitly converts a object to its form.
+
+ The realm to convert to a string value.
+ The result of the conversion.
+
+
+
+ Checks whether one is equal to another.
+
+ The to compare with the current .
+
+ true if the specified is equal to the current ; otherwise, false.
+
+
+ The parameter is null.
+
+
+
+
+ Returns the hash code used for storing this object in a hash table.
+
+
+ A hash code for the current .
+
+
+
+
+ Returns the string form of this .
+
+
+ A that represents the current .
+
+
+
+
+ Validates a URL against this trust root.
+
+ A string specifying URL to check.
+ Whether the given URL is within this trust root.
+
+
+
+ Validates a URL against this trust root.
+
+ The URL to check.
+ Whether the given URL is within this trust root.
+
+
+
+ Searches for an XRDS document at the realm URL, and if found, searches
+ for a description of a relying party endpoints (OpenId login pages).
+
+ The mechanism to use for sending HTTP requests.
+ Whether redirects may be followed when discovering the Realm.
+ This may be true when creating an unsolicited assertion, but must be
+ false when performing return URL verification per 2.0 spec section 9.2.1.
+
+ The details of the endpoints if found; or null if no service document was discovered.
+
+
+
+
+ Searches for an XRDS document at the realm URL.
+
+ The mechanism to use for sending HTTP requests.
+ Whether redirects may be followed when discovering the Realm.
+ This may be true when creating an unsolicited assertion, but must be
+ false when performing return URL verification per 2.0 spec section 9.2.1.
+
+ The XRDS document if found; or null if no service document was discovered.
+
+
+
+
+ Calls if the argument is non-null.
+ Otherwise throws .
+
+ The realm URI builder.
+ The result of UriBuilder.ToString()
+
+ This simple method is worthwhile because it checks for null
+ before dereferencing the UriBuilder. Since this is called from
+ within a constructor's base(...) call, this avoids a
+ when we should be throwing an .
+
+
+
+
+ Gets the suggested realm to use for the calling web application.
+
+ A realm that matches this applications root URL.
+
+ For most circumstances the Realm generated by this property is sufficient.
+ However a wildcard Realm, such as "http://*.microsoft.com/" may at times be more
+ desirable than "http://www.microsoft.com/" in order to allow identifier
+ correlation across related web sites for directed identity Providers.
+ Requires an HttpContext.Current context.
+
+
+
+
+ Gets a value indicating whether a '*.' prefix to the hostname is
+ used in the realm to allow subdomains or hosts to be added to the URL.
+
+
+
+
+ Gets the host component of this instance.
+
+
+
+
+ Gets the scheme name for this URI.
+
+
+
+
+ Gets the port number of this URI.
+
+
+
+
+ Gets the absolute path of the URI.
+
+
+
+
+ Gets the System.Uri.AbsolutePath and System.Uri.Query properties separated
+ by a question mark (?).
+
+
+
+
+ Gets the original string.
+
+ The original string.
+
+
+
+ Gets the realm URL. If the realm includes a wildcard, it is not included here.
+
+
+
+
+ Gets the Realm discovery URL, where the wildcard (if present) is replaced with "www.".
+
+
+ See OpenID 2.0 spec section 9.2.1 for the explanation on the addition of
+ the "www" prefix.
+
+
+
+
+ Gets a value indicating whether this realm represents a reasonable (sane) set of URLs.
+
+
+ 'http://*.com/', for example is not a reasonable pattern, as it cannot meaningfully
+ specify the site claiming it. This function attempts to find many related examples,
+ but it can only work via heuristics. Negative responses from this method should be
+ treated as advisory, used only to alert the user to examine the trust root carefully.
+
+
+
+
+ Provides conversions to and from strings for messages that include members of this type.
+
+
+
+
+ Encodes the specified value.
+
+ The value. Guaranteed to never be null.
+ The in string form, ready for message transport.
+
+
+
+ Decodes the specified value.
+
+ The string value carried by the transport. Guaranteed to never be null, although it may be empty.
+ The deserialized form of the given string.
+ Thrown when the string value given cannot be decoded into the required object type.
+
+
+
+ Encodes the specified value as the original value that was formerly decoded.
+
+ The value. Guaranteed to never be null.
+ The in string form, ready for message transport.
+
+
+
+ A description of some OpenID Relying Party endpoint.
+
+
+ This is an immutable type.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The return to.
+
+ The Type URIs of supported services advertised on a relying party's XRDS document.
+
+
+
+
+ Derives the highest OpenID protocol that this library and the OpenID Provider have
+ in common.
+
+ The supported service type URIs.
+ The best OpenID protocol version to use when communicating with this Provider.
+
+
+
+ Gets the URL to the login page on the discovered relying party web site.
+
+
+
+
+ Gets the OpenId protocol that the discovered relying party supports.
+
+
+
+
+ Diffie-Hellman encryption methods used by both the relying party and provider.
+
+
+
+
+ An array of known Diffie Hellman sessions, sorted by decreasing hash size.
+
+
+
+
+ Finds the hashing algorithm to use given an openid.session_type value.
+
+ The protocol version of the message that named the session_type to be used.
+ The value of the openid.session_type parameter.
+ The hashing algorithm to use.
+ Thrown if no match could be found for the given .
+
+
+
+ Looks up the value to be used for the openid.session_type parameter.
+
+ The protocol version that is to be used.
+ The hash size (in bits) that the DH session must have.
+ The value to be used for the openid.session_type parameter, or null if no match was found.
+
+
+
+ Encrypts/decrypts a shared secret.
+
+ The hashing algorithm that is agreed by both parties to use as part of the secret exchange.
+
+ If the secret is being encrypted, this is the new Diffie Hellman object to use.
+ If the secret is being decrypted, this must be the same Diffie Hellman object used to send the original request message.
+
+ The public key of the remote party.
+ The secret to encode, or the encoded secret. Whichever one is given will generate the opposite in the return value.
+
+ The encrypted version of the secret if the secret itself was given in .
+ The secret itself if the encrypted version of the secret was given in .
+
+
+
+
+ Ensures that the big integer represented by a given series of bytes
+ is a positive integer.
+
+ The bytes that make up the big integer.
+
+ A byte array (possibly new if a change was required) whose
+ integer is guaranteed to be positive.
+
+
+ This is to be consistent with OpenID spec section 4.2.
+
+
+
+
+ Returns the value used to initialize the static field storing DH session types.
+
+ A non-null, non-empty array.
+ >
+ This is a method rather than being inlined to the field initializer to try to avoid
+ the CLR bug that crops up sometimes if we initialize arrays using object initializer syntax.
+
+
+
+
+ Provides access to a Diffie-Hellman session algorithm and its name.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The hashing algorithm used in this particular Diffie-Hellman session type.
+ A function that will return the value of the openid.session_type parameter for a given version of OpenID.
+
+
+
+ Gets the function that will return the value of the openid.session_type parameter for a given version of OpenID.
+
+
+
+
+ Gets the hashing algorithm used in this particular Diffie-Hellman session type
+
+
+
+
+ An association that uses the HMAC-SHA family of algorithms for message signing.
+
+
+
+
+ A list of HMAC-SHA algorithms in order of decreasing bit lengths.
+
+
+
+
+ The specific variety of HMAC-SHA this association is based on (whether it be HMAC-SHA1, HMAC-SHA256, etc.)
+
+
+
+
+ Initializes a new instance of the class.
+
+ The specific variety of HMAC-SHA this association is based on (whether it be HMAC-SHA1, HMAC-SHA256, etc.)
+ The association handle.
+ The association secret.
+ The time duration the association will be good for.
+
+
+
+ Creates an HMAC-SHA association.
+
+ The OpenID protocol version that the request for an association came in on.
+ The value of the openid.assoc_type parameter.
+ The association handle.
+ The association secret.
+ How long the association will be good for.
+ The newly created association.
+
+
+
+ Creates an association with the specified handle, secret, and lifetime.
+
+ The handle.
+ The secret.
+ Total lifetime.
+ The newly created association.
+
+
+
+ Returns the length of the shared secret (in bytes).
+
+ The protocol version being used that will be used to lookup the text in
+ The value of the protocol argument specifying the type of association. For example: "HMAC-SHA1".
+ The length (in bytes) of the association secret.
+ Thrown if no association can be found by the given name.
+
+
+
+ Looks for the first association type in a preferred-order list that is
+ likely to be supported given a specific OpenID version and the security settings,
+ and perhaps a matching Diffie-Hellman session type.
+
+ The OpenID version that dictates which associations are available.
+ A value indicating whether to consider higher strength security to be better. Use true for initial association requests from the Relying Party; use false from Providers when the Relying Party asks for an unrecognized association in order to pick a suggested alternative that is likely to be supported on both sides.
+ The set of requirements the selected association type must comply to.
+ Use true for HTTP associations, false for HTTPS associations.
+ The resulting association type's well known protocol name. (i.e. HMAC-SHA256)
+ The resulting session type's well known protocol name, if a matching one is available. (i.e. DH-SHA256)
+
+ True if a qualifying association could be found; false otherwise.
+
+
+
+
+ Determines whether a named Diffie-Hellman session type and association type can be used together.
+
+ The protocol carrying the names of the session and association types.
+ The value of the openid.assoc_type parameter.
+ The value of the openid.session_type parameter.
+
+ true if the named association and session types are compatible; otherwise, false.
+
+
+
+
+ Gets the string to pass as the assoc_type value in the OpenID protocol.
+
+ The protocol version of the message that the assoc_type value will be included in.
+
+ The value that should be used for the openid.assoc_type parameter.
+
+
+
+
+ Returns the specific hash algorithm used for message signing.
+
+
+ The hash algorithm used for message signing.
+
+
+
+
+ Returns the value used to initialize the static field storing association types.
+
+ A non-null, non-empty array.
+ >
+ This is a method rather than being inlined to the field initializer to try to avoid
+ the CLR bug that crops up sometimes if we initialize arrays using object initializer syntax.
+
+
+
+
+ Gets the length (in bits) of the hash this association creates when signing.
+
+
+
+
+ Provides information about some HMAC-SHA hashing algorithm that OpenID supports.
+
+
+
+
+ Creates the using a given shared secret for the mac.
+
+ The HMAC secret.
+ The algorithm.
+
+
+
+ Gets or sets the function that takes a particular OpenID version and returns the value of the openid.assoc_type parameter in that protocol.
+
+
+
+
+ Gets or sets the name of the HMAC-SHA algorithm. (e.g. "HMAC-SHA256")
+
+
+
+
+ Gets or sets the base hash algorithm.
+
+
+
+
+ Gets the size of the hash (in bytes).
+
+
+
+
+ Represents an association request that is sent using HTTPS and otherwise communicates the shared secret in plain text.
+
+
+
+
+ An OpenID direct request from Relying Party to Provider to initiate an association.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The OpenID version this message must comply with.
+ The OpenID Provider endpoint.
+
+
+
+ Checks the message state for conformity to the protocol specification
+ and throws an exception if the message is invalid.
+
+
+ Some messages have required fields, or combinations of fields that must relate to each other
+ in specialized ways. After deserializing a message, this method checks the state of the
+ message to see if it conforms to the protocol.
+ Note that this property should not check signatures or perform any state checks
+ outside this scope of this particular message.
+
+ Thrown if the message is invalid.
+
+
+
+ Gets or sets the preferred association type. The association type defines the algorithm to be used to sign subsequent messages.
+
+ Value: A valid association type from Section 8.3.
+
+
+
+ Gets or sets the preferred association session type. This defines the method used to encrypt the association's MAC key in transit.
+
+ Value: A valid association session type from Section 8.4 (Association Session Types).
+ Note: Unless using transport layer encryption, "no-encryption" MUST NOT be used.
+
+
+
+ Initializes a new instance of the class.
+
+ The OpenID version this message must comply with.
+ The OpenID Provider endpoint.
+
+
+
+ Checks the message state for conformity to the protocol specification
+ and throws an exception if the message is invalid.
+
+
+ Some messages have required fields, or combinations of fields that must relate to each other
+ in specialized ways. After deserializing a message, this method checks the state of the
+ message to see if it conforms to the protocol.
+ Note that this property should not check signatures or perform any state checks
+ outside this scope of this particular message.
+
+ Thrown if the message is invalid.
+
+
+
+ An OpenID direct request from Relying Party to Provider to initiate an association that uses Diffie-Hellman encryption.
+
+
+
+
+ The (only) value we use for the X variable in the Diffie-Hellman algorithm.
+
+
+
+
+ The default gen value for the Diffie-Hellman algorithm.
+
+
+
+
+ The default modulus value for the Diffie-Hellman algorithm.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The OpenID version this message must comply with.
+ The OpenID Provider endpoint.
+
+
+
+ Called by the Relying Party to initialize the Diffie-Hellman algorithm and consumer public key properties.
+
+
+
+
+ Gets or sets the openid.dh_modulus value.
+
+ May be null if the default value given in the OpenID spec is to be used.
+
+
+
+ Gets or sets the openid.dh_gen value.
+
+ May be null if the default value given in the OpenID spec is to be used.
+
+
+
+ Gets or sets the openid.dh_consumer_public value.
+
+
+ This property is initialized with a call to .
+
+
+
+
+ Gets the Diffie-Hellman algorithm.
+
+
+ This property is initialized with a call to .
+
+
+
+
+ The successful Diffie-Hellman association response message.
+
+
+ Association response messages are described in OpenID 2.0 section 8.2. This type covers section 8.2.3.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The OpenID version of the response message.
+ The originating request.
+
+
+
+ Gets or sets the Provider's Diffie-Hellman public key.
+
+ btwoc(g ^ xb mod p)
+
+
+
+ Gets or sets the MAC key (shared secret), encrypted with the secret Diffie-Hellman value.
+
+ H(btwoc(g ^ (xa * xb) mod p)) XOR MAC key. H is either "SHA1" or "SHA256" depending on the session type.
+
+
+
+ The successful unencrypted association response message.
+
+
+ Association response messages are described in OpenID 2.0 section 8.2. This type covers section 8.2.2.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The OpenID version of the response message.
+ The originating request.
+
+
+
+ Gets or sets the MAC key (shared secret) for this association, Base 64 (Josefsson, S., “The Base16, Base32, and Base64 Data Encodings,” .) [RFC3548] encoded.
+
+
+
+
+ The Provider's response to a Relying Party that requested an association that the Provider does not support.
+
+
+ This message type described in OpenID 2.0 section 8.2.4.
+
+
+
+
+ A message sent from a Provider to a Relying Party in response to a direct message request that resulted in an error.
+
+
+ This message must be sent with an HTTP status code of 400.
+ This class satisfies OpenID 2.0 section 5.1.2.2.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The OpenID version of the response message.
+ The originating request.
+
+
+
+ Gets the HTTP status code that the direct respones should be sent with.
+
+
+
+
+
+ Gets the HTTP headers to add to the response.
+
+ May be an empty collection, but must not be null.
+
+
+
+ Gets or sets a human-readable message indicating why the request failed.
+
+
+
+
+ Gets or sets the contact address for the administrator of the server.
+
+ The contact address may take any form, as it is intended to be displayed to a person.
+
+
+
+ Gets or sets a reference token, such as a support ticket number or a URL to a news blog, etc.
+
+
+
+
+ A hard-coded string indicating an error occurred.
+
+ "unsupported-type"
+
+
+
+ Initializes a new instance of the class.
+
+ The OpenID version of the response message.
+ The originating request.
+
+
+
+ Gets or sets an association type supported by the OP from Section 8.3 (Association Types).
+
+
+
+
+ Gets or sets a valid association session type from Section 8.4 (Association Session Types) that the OP supports.
+
+
+
+
+ A message sent from a Provider to a Relying Party in response to an indirect message request that resulted in an error.
+
+
+ This class satisfies OpenID 2.0 section 5.2.3.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The request that resulted in this error on the Provider.
+
+
+
+ Initializes a new instance of the class.
+
+ The OpenID version this message should comply with.
+ The recipient of this message.
+
+
+
+ Gets or sets a human-readable message indicating why the request failed.
+
+
+
+
+ Gets or sets the contact address for the administrator of the server.
+
+ The contact address may take any form, as it is intended to be displayed to a person.
+
+
+
+ Gets or sets a reference token, such as a support ticket number or a URL to a news blog, etc.
+
+
+
+
+ A strongly-typed resource class, for looking up localized strings, etc.
+
+
+
+
+ Returns the cached ResourceManager instance used by this class.
+
+
+
+
+ Overrides the current thread's CurrentUICulture property for all
+ resource lookups using this strongly typed resource class.
+
+
+
+
+ Looks up a localized string similar to An absolute URI is required for this value..
+
+
+
+
+ Looks up a localized string similar to This is already a PPID Identifier..
+
+
+
+
+ Looks up a localized string similar to The requested association type '{0}' with session type '{1}' is unrecognized or not supported by this Provider due to security requirements..
+
+
+
+
+ Looks up a localized string similar to The length of the shared secret ({0}) does not match the length required by the association type ('{1}')..
+
+
+
+
+ Looks up a localized string similar to The length of the encrypted shared secret ({0}) does not match the length of the hashing algorithm ({1})..
+
+
+
+
+ Looks up a localized string similar to No association store has been given but is required for the current configuration..
+
+
+
+
+ Looks up a localized string similar to If an association store is given, a nonce store must also be provided..
+
+
+
+
+ Looks up a localized string similar to An attribute with type URI '{0}' has already been added..
+
+
+
+
+ Looks up a localized string similar to Only {0} values for attribute '{1}' were requested, but {2} were supplied..
+
+
+
+
+ Looks up a localized string similar to The private data supplied does not meet the requirements of any known Association type. Its length may be too short, or it may have been corrupted..
+
+
+
+
+ Looks up a localized string similar to The {0} extension failed to deserialize and will be skipped. {1}.
+
+
+
+
+ Looks up a localized string similar to Callback arguments are only supported when a {0} is provided to the {1}..
+
+
+
+
+ Looks up a localized string similar to A Simple Registration request can only generate a response on the receiving end..
+
+
+
+
+ Looks up a localized string similar to The openid.claimed_id and openid.identity parameters must both be present or both be absent..
+
+
+
+
+ Looks up a localized string similar to The ClaimedIdentifier property cannot be set when IsDelegatedIdentifier is true to avoid breaking OpenID URL delegation..
+
+
+
+
+ Looks up a localized string similar to This OpenID exploits features that this relying party cannot reliably verify. Please try logging in with a human-readable OpenID or from a different OpenID Provider..
+
+
+
+
+ Looks up a localized string similar to The ClaimedIdentifier property must be set first..
+
+
+
+
+ Looks up a localized string similar to An extension with this property name ('{0}') has already been registered..
+
+
+
+
+ Looks up a localized string similar to The extension '{0}' has already been registered..
+
+
+
+
+ Looks up a localized string similar to An authentication request has already been created using CreateRequest()..
+
+
+
+
+ Looks up a localized string similar to Only OpenIDs issued directly by their OpenID Provider are allowed here..
+
+
+
+
+ Looks up a localized string similar to The associate request instance must be a Diffie-Hellman instance..
+
+
+
+
+ Looks up a localized string similar to The following properties must be set before the Diffie-Hellman algorithm can generate a public key: {0}.
+
+
+
+
+ Looks up a localized string similar to URI is not SSL yet requireSslDiscovery is set to true..
+
+
+
+
+ Looks up a localized string similar to An extension sharing namespace '{0}' has already been added. Only one extension per namespace is allowed in a given request..
+
+
+
+
+ Looks up a localized string similar to Cannot lookup extension support on a rehydrated ServiceEndpoint..
+
+
+
+
+ Looks up a localized string similar to Fragment segments do not apply to XRI identifiers..
+
+
+
+
+ Looks up a localized string similar to The HTML head tag must include runat="server"..
+
+
+
+
+ Looks up a localized string similar to ClaimedIdentifier and LocalIdentifier must be the same when IsIdentifierSelect is true..
+
+
+
+
+ Looks up a localized string similar to The openid.identity and openid.claimed_id parameters must either be both present or both absent from the message..
+
+
+
+
+ Looks up a localized string similar to The Provider requested association type '{0}' and session type '{1}', which are not compatible with each other..
+
+
+
+
+ Looks up a localized string similar to {0} (Contact: {1}, Reference: {2}).
+
+
+
+
+ Looks up a localized string similar to Cannot encode '{0}' because it contains an illegal character for Key-Value Form encoding. (line {1}: '{2}').
+
+
+
+
+ Looks up a localized string similar to Invalid XmlDSig signature on XRDS document..
+
+
+
+
+ Looks up a localized string similar to Cannot decode Key-Value Form because a line was found without a '{0}' character. (line {1}: '{2}').
+
+
+
+
+ Looks up a localized string similar to The scheme must be http or https but was '{0}'..
+
+
+
+
+ Looks up a localized string similar to The value '{0}' is not a valid URI..
+
+
+
+
+ Looks up a localized string similar to Not a recognized XRI format..
+
+
+
+
+ Looks up a localized string similar to The OpenID Provider issued an assertion for an Identifier whose discovery information did not match.
+ Assertion endpoint info:
+ {0}
+ Discovered endpoint info:
+ {1}.
+
+
+
+
+ Looks up a localized string similar to The list of keys do not match the provided dictionary..
+
+
+
+
+ Looks up a localized string similar to The '{0}' and '{1}' parameters must both be or not be '{2}'..
+
+
+
+
+ Looks up a localized string similar to The maximum time allowed to complete authentication has been exceeded. Please try again..
+
+
+
+
+ Looks up a localized string similar to X.509 signing certificate issued to {0}, but a certificate for {1} was expected..
+
+
+
+
+ Looks up a localized string similar to Missing {0} element..
+
+
+
+
+ Looks up a localized string similar to No recognized association type matches the requested length of {0}..
+
+
+
+
+ Looks up a localized string similar to No recognized association type matches the requested name of '{0}'..
+
+
+
+
+ Looks up a localized string similar to Unless using transport layer encryption, "no-encryption" MUST NOT be used..
+
+
+
+
+ Looks up a localized string similar to No identifier has been set..
+
+
+
+
+ Looks up a localized string similar to No XRDS document containing OpenID relying party endpoint information could be found at {0}..
+
+
+
+
+ Looks up a localized string similar to Diffie-Hellman session type '{0}' not found for OpenID {1}..
+
+
+
+
+ Looks up a localized string similar to This operation is not supported by serialized authentication responses. Try this operation from the LoggedIn event handler..
+
+
+
+
+ Looks up a localized string similar to No OpenID endpoint found..
+
+
+
+
+ Looks up a localized string similar to No OpenID url is provided..
+
+
+
+
+ Looks up a localized string similar to This operation is only allowed when IAuthenticationResponse.State == AuthenticationStatus.SetupRequired..
+
+
+
+
+ Looks up a localized string similar to OpenID popup window or iframe did not recognize an OpenID response in the request..
+
+
+
+
+ Looks up a localized string similar to An positive OpenID assertion was received from OP endpoint {0} and was rejected based on this site's security settings..
+
+
+
+
+ Looks up a localized string similar to Unable to find the signing secret by the handle '{0}'..
+
+
+
+
+ Looks up a localized string similar to The {0} property must be set first..
+
+
+
+
+ Looks up a localized string similar to This property value is not supported by this control..
+
+
+
+
+ Looks up a localized string similar to Unable to determine the version of the OpenID protocol implemented by the Provider at endpoint '{0}'..
+
+
+
+
+ Looks up a localized string similar to An HTTP request to the realm URL ({0}) resulted in a redirect, which is not allowed during relying party discovery..
+
+
+
+
+ Looks up a localized string similar to Sorry. This site only accepts OpenIDs that are HTTPS-secured, but {0} is not a secure Identifier..
+
+
+
+
+ Looks up a localized string similar to The response is not ready. Use IsResponseReady to check whether a response is ready first..
+
+
+
+
+ Looks up a localized string similar to return_to '{0}' not under realm '{1}'..
+
+
+
+
+ Looks up a localized string similar to The {0} parameter ({1}) does not match the actual URL ({2}) the request was made with..
+
+
+
+
+ Looks up a localized string similar to The ReturnTo property must not be null to support this operation..
+
+
+
+
+ Looks up a localized string similar to The openid.return_to parameter is required in the request message in order to construct a response, but that parameter was missing..
+
+
+
+
+ Looks up a localized string similar to The following parameter(s) are not included in the signature but must be: {0}.
+
+
+
+
+ Looks up a localized string similar to Invalid birthdate value. Must be in the form yyyy-MM-dd..
+
+
+
+
+ Looks up a localized string similar to The type must implement {0}..
+
+
+
+
+ Looks up a localized string similar to The property {0} had unexpected value {1}..
+
+
+
+
+ Looks up a localized string similar to Unexpected HTTP status code {0} {1} received in direct response..
+
+
+
+
+ Looks up a localized string similar to An unsolicited assertion cannot be sent for the claimed identifier {0} because this is not an authorized Provider for that identifier..
+
+
+
+
+ Looks up a localized string similar to Rejecting unsolicited assertions requires a nonce store and an association store..
+
+
+
+
+ Looks up a localized string similar to Unsolicited assertions are not allowed at this relying party..
+
+
+
+
+ Looks up a localized string similar to Unsolicited assertions are not allowed from 1.0 OpenID Providers..
+
+
+
+
+ Looks up a localized string similar to Providing a DateTime whose Kind is Unspecified is not allowed..
+
+
+
+
+ Looks up a localized string similar to Unrecognized or missing canonicalization method..
+
+
+
+
+ Looks up a localized string similar to This feature is unavailable due to an unrecognized channel configuration..
+
+
+
+
+ Looks up a localized string similar to Unrecognized or missing signature method..
+
+
+
+
+ Looks up a localized string similar to The openid.user_setup_url parameter is required when sending negative assertion messages in response to immediate mode requests..
+
+
+
+
+ Looks up a localized string similar to The X.509 certificate used to sign this document is not trusted..
+
+
+
+
+ Looks up a localized string similar to XRI support has been disabled at this site..
+
+
+
+
+ Looks up a localized string similar to XRI resolution failed..
+
+
+
+
+ An enumeration of the OpenID protocol versions supported by this library.
+
+
+
+
+ OpenID Authentication 1.0
+
+
+
+
+ OpenID Authentication 1.1
+
+
+
+
+ OpenID Authentication 2.0
+
+
+
+
+ Tracks the several versions of OpenID this library supports and the unique
+ constants to each version used in the protocol.
+
+
+
+
+ The value of the openid.ns parameter in the OpenID 2.0 specification.
+
+
+
+
+ The parameter of the callback parameter we tack onto the return_to URL
+ to store the replay-detection nonce.
+
+
+
+
+ Scans a list for matches with some element of the OpenID protocol,
+ searching from newest to oldest protocol for the first and best match.
+
+ The type of element retrieved from the instance.
+ Takes a instance and returns an element of it.
+ The list to scan for matches.
+ The protocol with the element that matches some item in the list.
+
+
+
+ A list of all supported OpenID versions, in order starting from newest version.
+
+
+
+
+ A list of all supported OpenID versions, in order starting from newest version.
+ V1.1 and V1.0 are considered the same and only V1.1 is in the list.
+
+
+
+
+ The default (or most recent) supported version of the OpenID protocol.
+
+
+
+
+ Attempts to detect the right OpenID protocol version based on the contents
+ of an incoming OpenID indirect message or direct request.
+
+
+
+
+ Attempts to detect the right OpenID protocol version based on the contents
+ of an incoming OpenID direct response message.
+
+
+
+
+ Attemps to detect the highest OpenID protocol version supported given a set
+ of XRDS Service Type URIs included for some service.
+
+
+
+
+ The OpenID version that this instance describes.
+
+
+
+
+ The namespace of OpenId 1.x elements in XRDS documents.
+
+
+
+
+ The value of the openid.ns parameter that appears on the query string
+ whenever data is passed between relying party and provider for OpenID 2.0
+ and later.
+
+
+
+
+ The XRD/Service/Type value discovered in an XRDS document when
+ "discovering" on a Claimed Identifier (http://andrewarnott.yahoo.com)
+
+
+
+
+ The XRD/Service/Type value discovered in an XRDS document when
+ "discovering" on an OP Identifier rather than a Claimed Identifier.
+ (http://yahoo.com)
+
+
+
+
+ The XRD/Service/Type value discovered in an XRDS document when
+ "discovering" on a Realm URL and looking for the endpoint URL
+ that can receive authentication assertions.
+
+
+
+
+ Used as the Claimed Identifier and the OP Local Identifier when
+ the User Supplied Identifier is an OP Identifier.
+
+
+
+
+ The value of the 'rel' attribute in an HTML document's LINK tag
+ when the same LINK tag's HREF attribute value contains the URL to an
+ OP Endpoint URL.
+
+
+
+
+ The value of the 'rel' attribute in an HTML document's LINK tag
+ when the same LINK tag's HREF attribute value contains the URL to use
+ as the OP Local Identifier.
+
+
+
+
+ Parts of the protocol that define parameter names that appear in the
+ query string. Each parameter name is prefixed with 'openid.'.
+
+
+
+
+ Parts of the protocol that define parameter names that appear in the
+ query string. Each parameter name is NOT prefixed with 'openid.'.
+
+
+
+
+ The various 'constants' that appear as parameter arguments (values).
+
+
+
+
+ The maximum time a user can be allowed to take to complete authentication.
+
+
+ This is used to calculate the length of time that nonces are stored.
+ This is internal until we can decide whether to leave this static, or make
+ it an instance member, or put it inside the IConsumerApplicationStore interface.
+
+
+
+
+ The maximum permissible difference in clocks between relying party and
+ provider web servers, discounting time zone differences.
+
+
+ This is used when storing/validating nonces from the provider.
+ If it is conceivable that a server's clock could be up to five minutes
+ off from true UTC time, then the maximum time skew should be set to
+ ten minutes to allow one server to be five minutes ahead and the remote
+ server to be five minutes behind and still be able to communicate.
+
+
+
+
+ Checks whether a given Protocol version practically equals this one
+ for purposes of verifying a match for assertion verification.
+
+ The other version to check against this one.
+ true if this and the given Protocol versions are essentially the same.
+
+ OpenID v1.0 never had a spec, and 1.0 and 1.1 are indistinguishable because of that.
+ Therefore for assertion verification, 1.0 and 1.1 are considered equivalent.
+
+
+
+
+ Returns the enum value for the instance.
+
+
+
+
+ The value "openid."
+
+
+
+
+ A preference order list of all supported session types.
+
+
+
+
+ A preference order list of signature algorithms we support.
+
+
+
+
+ A hybrid of the store interfaces that an OpenID Provider must implement, and
+ an OpenID Relying Party may implement to operate in stateful (smart) mode.
+
+
+
+
+ Security settings that are applicable to relying parties.
+
+
+
+
+ The default value for the property.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Filters out any disallowed endpoints.
+
+ The endpoints discovered on an Identifier.
+ A sequence of endpoints that satisfy all security requirements.
+
+
+
+ Gets or sets a value indicating whether the entire pipeline from Identifier discovery to
+ Provider redirect is guaranteed to be encrypted using HTTPS for authentication to succeed.
+
+
+ Setting this property to true is appropriate for RPs with highly sensitive
+ personal information behind the authentication (money management, health records, etc.)
+ When set to true, some behavioral changes and additional restrictions are placed:
+
+ User-supplied identifiers lacking a scheme are prepended with
+ HTTPS:// rather than the standard HTTP:// automatically.
+ User-supplied identifiers are not allowed to use HTTP for the scheme.
+ All redirects during discovery on the user-supplied identifier must be HTTPS.
+ Any XRDS file found by discovery on the User-supplied identifier must be protected using HTTPS.
+ Only Provider endpoints found at HTTPS URLs will be considered.
+ If the discovered identifier is an OP Identifier (directed identity), the
+ Claimed Identifier eventually asserted by the Provider must be an HTTPS identifier.
+ In the case of an unsolicited assertion, the asserted Identifier, discovery on it and
+ the asserting provider endpoint must all be secured by HTTPS.
+
+ Although the first redirect from this relying party to the Provider is required
+ to use HTTPS, any additional redirects within the Provider cannot be protected and MAY
+ revert the user's connection to HTTP, based on individual Provider implementation.
+ There is nothing that the RP can do to detect or prevent this.
+
+ A is thrown during discovery or authentication when a secure pipeline cannot be established.
+
+
+
+
+
+ Gets or sets a value indicating whether only OP Identifiers will be discoverable
+ when creating authentication requests.
+
+
+
+
+ Gets or sets the oldest version of OpenID the remote party is allowed to implement.
+
+ Defaults to
+
+
+
+ Gets or sets the maximum allowable age of the secret a Relying Party
+ uses to its return_to URLs and nonces with 1.0 Providers.
+
+ The default value is 7 days.
+
+
+
+ Gets or sets a value indicating whether all unsolicited assertions should be ignored.
+
+ The default value is false.
+
+
+
+ Gets or sets a value indicating whether delegating identifiers are refused for authentication.
+
+ The default value is false.
+
+ When set to true, login attempts that start at the RP or arrive via unsolicited
+ assertions will be rejected if discovery on the identifier shows that OpenID delegation
+ is used for the identifier. This is useful for an RP that should only accept identifiers
+ directly issued by the Provider that is sending the assertion.
+
+
+
+
+ Gets or sets a value indicating whether unsigned extensions in authentication responses should be ignored.
+
+ The default value is false.
+
+ When set to true, the methods
+ will not return any extension that was not signed by the Provider.
+
+
+
+
+ Gets or sets a value indicating whether authentication requests will only be
+ sent to Providers with whom we can create a shared association.
+
+
+ true to immediately fail authentication if an association with the Provider cannot be established; otherwise, false.
+ The default value is false.
+
+
+
+
+ Gets or sets a value indicating whether certain Claimed Identifiers that exploit
+ features that .NET does not have the ability to send exact HTTP requests for will
+ still be allowed by using an approximate HTTP request.
+
+
+ The default value is true.
+
+
+
+
+ Gets the set of trusted OpenID Provider Endpoint URIs.
+
+
+
+
+ Gets or sets a value indicating whether any login attempt coming from an OpenID Provider Endpoint that is not on this
+ whitelist of trusted OP Endpoints will be rejected. If the trusted providers list is empty and this value
+ is true, all assertions are rejected.
+
+ Default is false.
+
+
+
+ Gets or sets a value indicating whether special measures are taken to
+ protect users from replay attacks when those users' identities are hosted
+ by OpenID 1.x Providers.
+
+ The default value is true.
+
+ Nonces for protection against replay attacks were not mandated
+ by OpenID 1.x, which leaves users open to replay attacks.
+ This feature works by adding a signed nonce to the authentication request.
+ This might increase the request size beyond what some OpenID 1.1 Providers
+ (such as Blogger) are capable of handling.
+
+
+
+
+ The discovery service for URI identifiers.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Performs discovery on the specified identifier.
+
+ The identifier to perform discovery on.
+ The means to place outgoing HTTP requests.
+ if set to true, no further discovery services will be called for this identifier.
+
+ A sequence of service endpoints yielded by discovery. Must not be null, but may be empty.
+
+
+
+
+ Searches HTML for the HEAD META tags that describe OpenID provider services.
+
+ The final URL that provided this HTML document.
+ This may not be the same as (this) userSuppliedIdentifier if the
+ userSuppliedIdentifier pointed to a 301 Redirect.
+ The user supplied identifier.
+ The HTML that was downloaded and should be searched.
+
+ A sequence of any discovered ServiceEndpoints.
+
+
+
+
+ The discovery service for XRI identifiers that uses an XRI proxy resolver for discovery.
+
+
+
+
+ The magic URL that will provide us an XRDS document for a given XRI identifier.
+
+
+ We use application/xrd+xml instead of application/xrds+xml because it gets
+ xri.net to automatically give us exactly the right XRD element for community i-names
+ automatically, saving us having to choose which one to use out of the result.
+ The ssl=true parameter tells the proxy resolver to accept only SSL connections
+ when resolving community i-names.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Performs discovery on the specified identifier.
+
+ The identifier to perform discovery on.
+ The means to place outgoing HTTP requests.
+ if set to true, no further discovery services will be called for this identifier.
+
+ A sequence of service endpoints yielded by discovery. Must not be null, but may be empty.
+
+
+
+
+ Downloads the XRDS document for this XRI.
+
+ The identifier.
+ The request handler.
+ The XRDS document.
+
+
+
+ Gets the URL from which this XRI's XRDS document may be downloaded.
+
+ The identifier.
+ The URI to HTTP GET from to get the services.
+
+
+
+ A URI style of OpenID Identifier.
+
+
+
+
+ The allowed protocol schemes in a URI Identifier.
+
+
+
+
+ The special scheme to use for HTTP URLs that should not have their paths compressed.
+
+
+
+
+ The special scheme to use for HTTPS URLs that should not have their paths compressed.
+
+
+
+
+ The special scheme to use for HTTP URLs that should not have their paths compressed.
+
+
+
+
+ The special scheme to use for HTTPS URLs that should not have their paths compressed.
+
+
+
+
+ A value indicating whether scheme substitution is being used to workaround
+ .NET path compression that invalidates some OpenIDs that have trailing periods
+ in one of their path segments.
+
+
+
+
+ Initializes static members of the class.
+
+
+ This method attempts to workaround the .NET Uri class parsing bug described here:
+ https://connect.microsoft.com/VisualStudio/feedback/details/386695/system-uri-incorrectly-strips-trailing-dots?wa=wsignin1.0#tabs
+ since some identifiers (like some of the pseudonymous identifiers from Yahoo) include path segments
+ that end with periods, which the Uri class will typically trim off.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The value this identifier will represent.
+
+
+
+ Initializes a new instance of the class.
+
+ The value this identifier will represent.
+ if set to true [require SSL discovery].
+
+
+
+ Initializes a new instance of the class.
+
+ The value this identifier will represent.
+
+
+
+ Initializes a new instance of the class.
+
+ The value this identifier will represent.
+ if set to true [require SSL discovery].
+
+
+
+ Converts a instance to a instance.
+
+ The identifier to convert to an ordinary instance.
+ The result of the conversion.
+
+
+
+ Converts a instance to a instance.
+
+ The instance to turn into a .
+ The result of the conversion.
+
+
+
+ Tests equality between this URI and another URI.
+
+ The to compare with the current .
+
+ true if the specified is equal to the current ; otherwise, false.
+
+
+ The parameter is null.
+
+
+
+
+ Returns the hash code of this XRI.
+
+
+ A hash code for the current .
+
+
+
+
+ Returns the string form of the URI.
+
+
+ A that represents the current .
+
+
+
+
+ Determines whether a URI is a valid OpenID Identifier (of any kind).
+
+ The URI to test for OpenID validity.
+
+ true if the identifier is valid; otherwise, false.
+
+
+ A valid URI is absolute (not relative) and uses an http(s) scheme.
+
+
+
+
+ Determines whether a URI is a valid OpenID Identifier (of any kind).
+
+ The URI to test for OpenID validity.
+
+ true if the identifier is valid; otherwise, false.
+
+
+ A valid URI is absolute (not relative) and uses an http(s) scheme.
+
+
+
+
+ Returns an that has no URI fragment.
+ Quietly returns the original if it is not
+ a or no fragment exists.
+
+
+ A new instance if there was a
+ fragment to remove, otherwise this same instance..
+
+
+
+
+ Converts a given identifier to its secure equivalent.
+ UriIdentifiers originally created with an implied HTTP scheme change to HTTPS.
+ Discovery is made to require SSL for the entire resolution process.
+
+ The newly created secure identifier.
+ If the conversion fails, retains
+ this identifiers identity, but will never discover any endpoints.
+
+ True if the secure conversion was successful.
+ False if the Identifier was originally created with an explicit HTTP scheme.
+
+
+
+
+ Determines whether the given URI is using a scheme in the list of allowed schemes.
+
+ The URI whose scheme is to be checked.
+
+ true if the scheme is allowed; otherwise, false.
+ false is also returned if is null.
+
+
+
+
+ Determines whether the given URI is using a scheme in the list of allowed schemes.
+
+ The URI whose scheme is to be checked.
+
+ true if the scheme is allowed; otherwise, false.
+ false is also returned if is null.
+
+
+
+
+ Tries to canonicalize a user-supplied identifier.
+ This does NOT convert a user-supplied identifier to a Claimed Identifier!
+
+ The user-supplied identifier.
+ The resulting canonical URI.
+ If set to true and the user-supplied identifier lacks a scheme, the "https://" scheme will be prepended instead of the standard "http://" one.
+ if set to true [scheme prepended].
+
+ true if the identifier was valid and could be canonicalized.
+ false if the identifier is outside the scope of allowed inputs and should be rejected.
+
+
+ Canonicalization is done by adding a scheme in front of an
+ identifier if it isn't already present. Other trivial changes that do not
+ require network access are also done, such as lower-casing the hostname in the URI.
+
+
+
+
+ Fixes up the scheme if appropriate.
+
+ The URI, already in legal form (with http(s):// prepended if necessary).
+ The resulting canonical URI.
+ true if the canonicalization was successful; false otherwise.
+
+ This does NOT standardize an OpenID URL for storage in a database, as
+ it does nothing to convert the URL to a Claimed Identifier, besides the fact
+ that it only deals with URLs whereas OpenID 2.0 supports XRIs.
+ For this, you should lookup the value stored in IAuthenticationResponse.ClaimedIdentifier.
+
+
+
+
+ Gets the special non-compressing scheme or URL for a standard scheme or URL.
+
+ The ordinary URL or scheme name.
+ The non-compressing equivalent scheme or URL for the given value.
+
+
+
+ Performs the minimal URL normalization to allow a string to be passed to the constructor.
+
+ The user-supplied identifier URI to normalize.
+ if set to true, a missing scheme should result in HTTPS being prepended instead of HTTP.
+ if set to true, the scheme was prepended during normalization.
+ The somewhat normalized URL.
+
+
+
+ Gets or sets a value indicating whether scheme substitution is being used to workaround
+ .NET path compression that invalidates some OpenIDs that have trailing periods
+ in one of their path segments.
+
+
+
+
+ Gets the URI this instance represents.
+
+
+
+
+ Gets a value indicating whether the scheme was missing when this
+ Identifier was created and added automatically as part of the
+ normalization process.
+
+
+
+
+ Gets a value indicating whether this Identifier has characters or patterns that
+ the class normalizes away and invalidating the Identifier.
+
+
+
+
+ A simple URI class that doesn't suffer from the parsing problems of the class.
+
+
+
+
+ URI characters that separate the URI Path from subsequent elements.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The value.
+
+
+
+ Returns a that represents this instance.
+
+
+ A that represents this instance.
+
+
+
+
+ Determines whether the specified is equal to this instance.
+
+ The to compare with this instance.
+
+ true if the specified is equal to this instance; otherwise, false.
+
+
+ The parameter is null.
+
+
+
+
+ Returns a hash code for this instance.
+
+
+ A hash code for this instance, suitable for use in hashing algorithms and data structures like a hash table.
+
+
+
+
+ Normalizes the characters that are escaped in the given URI path.
+
+ The path to normalize.
+ The given path, with exactly those characters escaped which should be.
+
+
+
+ Gets the scheme.
+
+ The scheme.
+
+
+
+ Gets the authority.
+
+ The authority.
+
+
+
+ Gets the path of the URI.
+
+ The path from the URI.
+
+
+
+ Gets the query.
+
+ The query.
+
+
+
+ Gets the fragment.
+
+ The fragment.
+
+
+
+ A URI parser that does not compress paths, such as trimming trailing periods from path segments.
+
+
+
+
+ The field that stores the scheme that this parser is registered under.
+
+
+
+
+ The standard "http" or "https" scheme that this parser is subverting.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The standard scheme that this parser will be subverting.
+
+
+
+ Initializes this parser with the actual scheme it should appear to be.
+
+ if set to true Uris using this scheme will look like they're using the original standard scheme.
+
+
+
+ Gets the scheme this parser is registered under.
+
+ The registered scheme.
+
+
+
+ An XRI style of OpenID Identifier.
+
+
+
+
+ The scheme and separator "xri://"
+
+
+
+
+ An XRI always starts with one of these symbols.
+
+
+
+
+ Backing store for the property.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The string value of the XRI.
+
+
+
+ Initializes a new instance of the class.
+
+ The XRI that this Identifier will represent.
+
+ If set to true, discovery and the initial authentication redirect will
+ only succeed if it can be done entirely using SSL.
+
+
+
+
+ Tests equality between this XRI and another XRI.
+
+ The to compare with the current .
+
+ true if the specified is equal to the current ; otherwise, false.
+
+
+ The parameter is null.
+
+
+
+
+ Returns the hash code of this XRI.
+
+
+ A hash code for the current .
+
+
+
+
+ Returns the canonical string form of the XRI.
+
+
+ A that represents the current .
+
+
+
+
+ Tests whether a given string represents a valid XRI format.
+
+ The value to test for XRI validity.
+
+ true if the given string constitutes a valid XRI; otherwise, false.
+
+
+
+
+ Returns an that has no URI fragment.
+ Quietly returns the original if it is not
+ a or no fragment exists.
+
+
+ A new instance if there was a
+ fragment to remove, otherwise this same instance..
+
+
+ XRI Identifiers never have a fragment part, and thus this method
+ always returns this same instance.
+
+
+
+
+ Converts a given identifier to its secure equivalent.
+ UriIdentifiers originally created with an implied HTTP scheme change to HTTPS.
+ Discovery is made to require SSL for the entire resolution process.
+
+ The newly created secure identifier.
+ If the conversion fails, retains
+ this identifiers identity, but will never discover any endpoints.
+
+ True if the secure conversion was successful.
+ False if the Identifier was originally created with an explicit HTTP scheme.
+
+
+
+
+ Takes any valid form of XRI string and returns the canonical form of the same XRI.
+
+ The xri to canonicalize.
+ The canonicalized form of the XRI.
+ The canonical form, per the OpenID spec, is no scheme and no whitespace on either end.
+
+
+
+ Gets the original XRI supplied to the constructor.
+
+
+
+
+ Gets the canonical form of the XRI string.
+
+
+
+
+ A strongly-typed resource class, for looking up localized strings, etc.
+
+
+
+
+ Returns the cached ResourceManager instance used by this class.
+
+
+
+
+ Overrides the current thread's CurrentUICulture property for all
+ resource lookups using this strongly typed resource class.
+
+
+
+
+ Looks up a localized string similar to XRI CanonicalID verification failed..
+
+
+
+
+ Looks up a localized string similar to Failure parsing XRDS document..
+
+
+
+
+ Looks up a localized string similar to The XRDS document for XRI {0} is missing the required CanonicalID element..
+
+
+
+
+ Looks up a localized string similar to Could not find XRI resolution Status tag or code attribute was invalid..
+
+
+
+
+ String constants for various content-type header values used in YADIS discovery.
+
+
+
+
+ The text/html content-type
+
+
+
+
+ The application/xhtml+xml content-type
+
+
+
+
+ The application/xrds+xml content-type
+
+
+
+
+ The text/xml content type
+
+
+
+
+ Contains the result of YADIS discovery.
+
+
+
+
+ The original web response, backed up here if the final web response is the preferred response to use
+ in case it turns out to not work out.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The user-supplied identifier.
+ The initial response.
+ The final response.
+
+
+
+ Reverts to the HTML response after the XRDS response didn't work out.
+
+
+
+
+ Applies the HTML response to the object.
+
+ The initial response.
+
+
+
+ Gets the URI of the original YADIS discovery request.
+ This is the user supplied Identifier as given in the original
+ YADIS discovery request.
+
+
+
+
+ Gets the fully resolved (after redirects) URL of the user supplied Identifier.
+ This becomes the ClaimedIdentifier.
+
+
+
+
+ Gets the location the XRDS document was downloaded from, if different
+ from the user supplied Identifier.
+
+
+
+
+ Gets the Content-Type associated with the .
+
+
+
+
+ Gets the text in the final response.
+ This may be an XRDS document or it may be an HTML document,
+ as determined by the property.
+
+
+
+
+ Gets a value indicating whether the
+ represents an XRDS document. False if the response is an HTML document.
+
+
+
+
+ An HTML HEAD tag parser.
+
+
+
+
+ Common flags to use on regex tests.
+
+
+
+
+ A regular expression designed to select tags (?)
+
+
+
+
+ A regular expression designed to select start tags (?)
+
+
+
+
+ A regular expression designed to select attributes within a tag.
+
+
+
+
+ A regular expression designed to select the HEAD tag.
+
+
+
+
+ A regular expression designed to select the HTML tag.
+
+
+
+
+ A regular expression designed to remove all comments and scripts from a string.
+
+
+
+
+ Finds all the HTML HEAD tag child elements that match the tag name of a given type.
+
+ The HTML tag of interest.
+ The HTML to scan.
+ A sequence of the matching elements.
+
+
+
+ Filters a list of controls based on presence of an attribute.
+
+ The type of HTML controls being filtered.
+ The sequence.
+ The attribute.
+ A filtered sequence of attributes.
+
+
+
+ Generates a regular expression that will find a given HTML tag.
+
+ Name of the tag.
+ The close tags (?).
+ The created regular expression.
+
+
+
+ Generates a regular expression designed to find a given tag.
+
+ The tag to find.
+ The created regular expression.
+
+
+
+ The Service element in an XRDS document.
+
+
+
+
+ A node in an XRDS document.
+
+
+
+
+ The XRD namespace xri://$xrd*($v*2.0)
+
+
+
+
+ The XRDS namespace xri://$xrds
+
+
+
+
+ Initializes a new instance of the class.
+
+ The node represented by this instance.
+ The parent node.
+
+
+
+ Initializes a new instance of the class.
+
+ The document's root node, which this instance represents.
+
+
+
+ Gets the node.
+
+
+
+
+ Gets the parent node, or null if this is the root node.
+
+
+
+
+ Gets the XML namespace resolver to use in XPath expressions.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The service element.
+ The parent.
+
+
+
+ Compares the current object with another object of the same type.
+
+ An object to compare with this object.
+
+ A 32-bit signed integer that indicates the relative order of the objects being compared. The return value has the following meanings:
+ Value
+ Meaning
+ Less than zero
+ This object is less than the parameter.
+ Zero
+ This object is equal to .
+ Greater than zero
+ This object is greater than .
+
+
+
+
+ Gets the XRD parent element.
+
+
+
+
+ Gets the priority.
+
+
+
+
+ Gets the URI child elements.
+
+
+
+
+ Gets the type child elements.
+
+ The type elements.
+
+
+
+ Gets the type child element's URIs.
+
+
+
+
+ Gets the OP Local Identifier.
+
+
+
+
+ The Type element in an XRDS document.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The type element.
+ The parent.
+
+
+
+ Gets the URI.
+
+
+
+
+ The Uri element in an XRDS document.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The URI element.
+ The service.
+
+
+
+ Compares the current object with another object of the same type.
+
+ An object to compare with this object.
+
+ A 32-bit signed integer that indicates the relative order of the objects being compared. The return value has the following meanings:
+ Value
+ Meaning
+ Less than zero
+ This object is less than the parameter.
+ Zero
+ This object is equal to .
+ Greater than zero
+ This object is greater than .
+
+
+
+
+ Gets the priority.
+
+
+
+
+ Gets the URI.
+
+
+
+
+ Gets the parent service.
+
+
+
+
+ The Xrd element in an XRDS document.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The XRD element.
+ The parent.
+
+
+
+ Searches for service sub-elements that have Type URI sub-elements that match
+ one that we have for a known OpenID protocol version.
+
+ A function that selects what element of the OpenID Protocol we're interested in finding.
+ A sequence of service elements that match the search criteria, sorted in XRDS @priority attribute order.
+
+
+
+ Gets the child service elements.
+
+ The services.
+
+
+
+ Gets a value indicating whether this XRD element's resolution at the XRI resolver was successful.
+
+
+ true if this XRD's resolution was successful; otherwise, false.
+
+
+
+
+ Gets the canonical ID (i-number) for this element.
+
+
+
+
+ Gets a value indicating whether the was verified.
+
+
+
+
+ Gets the services for OP Identifiers.
+
+
+
+
+ Gets the services for Claimed Identifiers.
+
+
+
+
+ Gets the services that would be discoverable at an RP for return_to verification.
+
+
+
+
+ Gets the services that would be discoverable at an RP for the UI extension icon.
+
+
+
+
+ Gets an enumeration of all Service/URI elements, sorted in priority order.
+
+
+
+
+ Gets the XRI resolution status code.
+
+
+
+
+ An XRDS document.
+
+
+
+
+ The namespace used by XML digital signatures.
+
+
+
+
+ The namespace used by Google Apps for Domains for OpenID URI templates.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The root node of the XRDS document.
+
+
+
+ Initializes a new instance of the class.
+
+ The Xml reader positioned at the root node of the XRDS document.
+
+
+
+ Initializes a new instance of the class.
+
+ The text that is the XRDS document.
+
+
+
+ Gets the XRD child elements of the document.
+
+
+
+
+ Gets a value indicating whether all child XRD elements were resolved successfully.
+
+
+
+
+ YADIS discovery manager.
+
+
+
+
+ The HTTP header to look for in responses to declare where the XRDS document should be found.
+
+
+
+
+ The maximum number of bytes to read from an HTTP response
+ in searching for a link to a YADIS document.
+
+
+
+
+ Gets or sets the cache that can be used for HTTP requests made during identifier discovery.
+
+
+
+
+ Performs YADIS discovery on some identifier.
+
+ The mechanism to use for sending HTTP requests.
+ The URI to perform discovery on.
+ Whether discovery should fail if any step of it is not encrypted.
+
+ The result of discovery on the given URL.
+ Null may be returned if an error occurs,
+ or if is true but part of discovery
+ is not protected by SSL.
+
+
+
+
+ Searches an HTML document for a
+ <meta http-equiv="X-XRDS-Location" content="{YadisURL}">
+ tag and returns the content of YadisURL.
+
+ The HTML to search.
+ The URI of the XRDS document if found; otherwise null.
+
+
+
+ Sends a YADIS HTTP request as part of identifier discovery.
+
+ The request handler to use to actually submit the request.
+ The URI to GET.
+ Whether only HTTPS URLs should ever be retrieved.
+ The value of the Accept HTTP header to include in the request.
+ The HTTP response retrieved from the request.
+
+
+
+ Determines whether a given HTTP response constitutes an XRDS document.
+
+ The response to test.
+
+ true if the response constains an XRDS document; otherwise, false.
+
+
+
+
diff --git a/PROJ-ETS/packages/DotNetOpenAuth.OpenId.Core.4.3.0.13117/lib/net35-full/Mono.Math.dll b/PROJ-ETS/packages/DotNetOpenAuth.OpenId.Core.4.3.0.13117/lib/net35-full/Mono.Math.dll
new file mode 100644
index 0000000..24e15d8
Binary files /dev/null and b/PROJ-ETS/packages/DotNetOpenAuth.OpenId.Core.4.3.0.13117/lib/net35-full/Mono.Math.dll differ
diff --git a/PROJ-ETS/packages/DotNetOpenAuth.OpenId.Core.4.3.0.13117/lib/net35-full/Mono.Math.xml b/PROJ-ETS/packages/DotNetOpenAuth.OpenId.Core.4.3.0.13117/lib/net35-full/Mono.Math.xml
new file mode 100644
index 0000000..f87c5c7
--- /dev/null
+++ b/PROJ-ETS/packages/DotNetOpenAuth.OpenId.Core.4.3.0.13117/lib/net35-full/Mono.Math.xml
@@ -0,0 +1,206 @@
+
+
+
+ Mono.Math
+
+
+
+
+ Default length of a BigInteger in bytes
+
+
+
+
+ The Length of this BigInteger
+
+
+
+
+ The data for this BigInteger
+
+
+
+
+ Table of primes below 2000.
+
+
+
+ This table was generated using Mathematica 4.1 using the following function:
+
+
+
+ PrimeTable [x_] := Prime [Range [1, PrimePi [x]]]
+ PrimeTable [6000]
+
+
+
+
+
+
+ Generates a new, random BigInteger of the specified length.
+
+ The number of bits for the new number.
+ A random number generator to use to obtain the bits.
+ A random number of the specified length.
+
+
+
+ Generates a new, random BigInteger of the specified length using the default RNG crypto service provider.
+
+ The number of bits for the new number.
+ A random number of the specified length.
+
+
+
+ Randomizes the bits in "this" from the specified RNG.
+
+ A RNG.
+
+
+
+ Randomizes the bits in "this" from the default RNG.
+
+
+
+
+ Tests if the specified bit is 1.
+
+ The bit to test. The least significant bit is 0.
+ True if bitNum is set to 1, else false.
+
+
+
+ Normalizes this by setting the length to the actual number of
+ uints used in data and by setting the sign to Sign.Zero if the
+ value of this is 0.
+
+
+
+
+ Generates the smallest prime >= bi
+
+ A BigInteger
+ The smallest prime >= bi. More mathematically, if bi is prime: bi, else Prime [PrimePi [bi] + 1].
+
+
+
+ Increments this by two
+
+
+
+
+ Low level functions for the BigInteger
+
+
+
+
+ Adds two numbers with the same sign.
+
+ A BigInteger
+ A BigInteger
+ bi1 + bi2
+
+
+
+ Compares two BigInteger
+
+ A BigInteger
+ A BigInteger
+ The sign of bi1 - bi2
+
+
+
+ Performs n / d and n % d in one operation.
+
+ A BigInteger, upon exit this will hold n / d
+ The divisor
+ n % d
+
+
+
+ Multiplies the data in x [xOffset:xOffset+xLen] by
+ y [yOffset:yOffset+yLen] and puts it into
+ d [dOffset:dOffset+xLen+yLen].
+
+
+
+
+ Multiplies the data in x [xOffset:xOffset+xLen] by
+ y [yOffset:yOffset+yLen] and puts the low mod words into
+ d [dOffset:dOffset+mod].
+
+
+
+
+ A factor of confidence.
+
+
+
+
+ Only suitable for development use, probability of failure may be greater than 1/2^20.
+
+
+
+
+ Suitable only for transactions which do not require forward secrecy. Probability of failure about 1/2^40
+
+
+
+
+ Designed for production use. Probability of failure about 1/2^80.
+
+
+
+
+ Suitable for sensitive data. Probability of failure about 1/2^160.
+
+
+
+
+ Use only if you have lots of time! Probability of failure about 1/2^320.
+
+
+
+
+ Only use methods which generate provable primes. Not yet implemented.
+
+
+
+
+ Finds the next prime after a given number.
+
+
+
+
+ Performs primality tests on bi, assumes trial division has been done.
+
+ A BigInteger that has been subjected to and passed trial division
+ False if bi is composite, true if it may be prime.
+ The speed of this method is dependent on Confidence
+
+
+
+ Probabilistic prime test based on Rabin-Miller's test
+
+
+
+ The number to test.
+
+
+
+
+ The number of chosen bases. The test has at least a
+ 1/4^confidence chance of falsely returning True.
+
+
+
+
+ True if "this" is a strong pseudoprime to randomly chosen bases.
+
+
+ False if "this" is definitely NOT prime.
+
+
+
+
+
diff --git a/PROJ-ETS/packages/DotNetOpenAuth.OpenId.Core.4.3.0.13117/lib/net35-full/Org.Mentalis.Security.Cryptography.dll b/PROJ-ETS/packages/DotNetOpenAuth.OpenId.Core.4.3.0.13117/lib/net35-full/Org.Mentalis.Security.Cryptography.dll
new file mode 100644
index 0000000..687ee76
Binary files /dev/null and b/PROJ-ETS/packages/DotNetOpenAuth.OpenId.Core.4.3.0.13117/lib/net35-full/Org.Mentalis.Security.Cryptography.dll differ
diff --git a/PROJ-ETS/packages/DotNetOpenAuth.OpenId.Core.4.3.0.13117/lib/net35-full/Org.Mentalis.Security.Cryptography.xml b/PROJ-ETS/packages/DotNetOpenAuth.OpenId.Core.4.3.0.13117/lib/net35-full/Org.Mentalis.Security.Cryptography.xml
new file mode 100644
index 0000000..305e65d
--- /dev/null
+++ b/PROJ-ETS/packages/DotNetOpenAuth.OpenId.Core.4.3.0.13117/lib/net35-full/Org.Mentalis.Security.Cryptography.xml
@@ -0,0 +1,204 @@
+
+
+
+ Org.Mentalis.Security.Cryptography
+
+
+
+
+ Defines the different Diffie-Hellman key generation methods.
+
+
+
+
+ Returns dynamically generated values for P and G. Unlike the Sophie Germain or DSA key generation methods,
+ this method does not ensure that the selected prime offers an adequate security level.
+
+
+
+
+ Returns values for P and G that are hard coded in this library. Contrary to what your intuition may tell you,
+ using these hard coded values is perfectly safe.
+ The values of the P and G parameters are taken from 'The OAKLEY Key Determination Protocol' [RFC2412].
+ This is the prefered key generation method, because it is very fast and very safe.
+ Because this method uses fixed values for the P and G parameters, not all bit sizes are supported.
+ The current implementation supports bit sizes of 768, 1024 and 1536.
+
+
+
+
+ Represents the parameters of the Diffie-Hellman algorithm.
+
+
+
+
+ Represents the public P parameter of the Diffie-Hellman algorithm.
+
+
+
+
+ Represents the public G parameter of the Diffie-Hellman algorithm.
+
+
+
+
+ Represents the private X parameter of the Diffie-Hellman algorithm.
+
+
+
+
+ Defines a base class from which all Diffie-Hellman implementations inherit.
+
+
+
+
+ Creates an instance of the default implementation of the algorithm.
+
+ A new instance of the default implementation of DiffieHellman.
+
+
+
+ Creates an instance of the specified implementation of .
+
+ The name of the implementation of DiffieHellman to use.
+ A new instance of the specified implementation of DiffieHellman.
+
+
+
+ Initializes a new instance.
+
+
+
+
+ When overridden in a derived class, creates the key exchange data.
+
+ The key exchange data to be sent to the intended recipient.
+
+
+
+ When overridden in a derived class, extracts secret information from the key exchange data.
+
+ The key exchange data within which the secret information is hidden.
+ The secret information derived from the key exchange data.
+
+
+
+ When overridden in a derived class, exports the .
+
+ true to include private parameters; otherwise, false.
+ The parameters for Diffie-Hellman.
+
+
+
+ When overridden in a derived class, imports the specified .
+
+ The parameters for Diffie-Hellman.
+
+
+
+ Reconstructs a object from an XML string.
+
+ The XML string to use to reconstruct the DiffieHellman object.
+ One of the values in the XML string is invalid.
+
+
+
+ Creates and returns an XML string representation of the current object.
+
+ true to include private parameters; otherwise, false.
+ An XML string encoding of the current DiffieHellman object.
+
+
+
+ Implements the Diffie-Hellman algorithm.
+
+
+
+
+ Initializes a new instance.
+
+ The default length of the shared secret is 1024 bits.
+
+
+
+ Initializes a new instance.
+
+ The length, in bits, of the public P parameter.
+ The length, in bits, of the secret value X. This parameter can be set to 0 to use the default size.
+ One of the values.
+ The larger the bit length, the more secure the algorithm is. The default is 1024 bits. The minimum bit length is 128 bits. The size of the private value will be one fourth of the bit length specified.
+ The specified bit length is invalid.
+
+
+
+ Initializes a new instance.
+
+ The P parameter of the Diffie-Hellman algorithm. This is a public parameter.
+ The G parameter of the Diffie-Hellman algorithm. This is a public parameter.
+ The X parameter of the Diffie-Hellman algorithm. This is a private parameter. If this parameters is a null reference (Nothing in Visual Basic), a secret value of the default size will be generated.
+ or is a null reference (Nothing in Visual Basic).
+ or is invalid.
+
+
+
+ Initializes a new instance.
+
+ The P parameter of the Diffie-Hellman algorithm.
+ The G parameter of the Diffie-Hellman algorithm.
+ The length, in bits, of the private value. If 0 is specified, the default value will be used.
+ or is a null reference (Nothing in Visual Basic).
+ is invalid.
+ or is invalid.
+
+
+
+ Creates the key exchange data.
+
+ The key exchange data to be sent to the intended recipient.
+
+
+
+ Extracts secret information from the key exchange data.
+
+ The key exchange data within which the shared key is hidden.
+ The shared key derived from the key exchange data.
+
+
+
+ Releases the unmanaged resources used by the SymmetricAlgorithm and optionally releases the managed resources.
+
+ true to release both managed and unmanaged resources; false to release only unmanaged resources.
+
+
+
+ Exports the .
+
+ true to include private parameters; otherwise, false.
+ The parameters for .
+
+
+
+ Imports the specified .
+
+ The parameters for .
+ parameters.P or parameters.G is a null reference (Nothing in Visual Basic) -or- parameters.P is not a prime number.
+
+
+
+ Releases the unmanaged resources used by the SymmetricAlgorithm.
+
+
+
+
+ Gets the name of the key exchange algorithm.
+
+ The name of the key exchange algorithm.
+
+
+
+ Gets the name of the signature algorithm.
+
+ The name of the signature algorithm.
+
+
+
diff --git a/PROJ-ETS/packages/DotNetOpenAuth.OpenId.Core.4.3.0.13117/lib/net40-full/DotNetOpenAuth.OpenId.dll b/PROJ-ETS/packages/DotNetOpenAuth.OpenId.Core.4.3.0.13117/lib/net40-full/DotNetOpenAuth.OpenId.dll
new file mode 100644
index 0000000..63ebe79
Binary files /dev/null and b/PROJ-ETS/packages/DotNetOpenAuth.OpenId.Core.4.3.0.13117/lib/net40-full/DotNetOpenAuth.OpenId.dll differ
diff --git a/PROJ-ETS/packages/DotNetOpenAuth.OpenId.Core.4.3.0.13117/lib/net40-full/DotNetOpenAuth.OpenId.xml b/PROJ-ETS/packages/DotNetOpenAuth.OpenId.Core.4.3.0.13117/lib/net40-full/DotNetOpenAuth.OpenId.xml
new file mode 100644
index 0000000..aaa9f04
--- /dev/null
+++ b/PROJ-ETS/packages/DotNetOpenAuth.OpenId.Core.4.3.0.13117/lib/net40-full/DotNetOpenAuth.OpenId.xml
@@ -0,0 +1,10788 @@
+
+
+
+ DotNetOpenAuth.OpenId
+
+
+
+
+ Describes a collection of association type sub-elements in a .config file.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Returns an enumerator that iterates through the collection.
+
+
+ A that can be used to iterate through the collection.
+
+
+
+
+ When overridden in a derived class, creates a new .
+
+
+ A new .
+
+
+
+
+ Gets the element key for a specified configuration element when overridden in a derived class.
+
+ The to return the key for.
+
+ An that acts as the key for the specified .
+
+
+
+
+ Describes an association type and its maximum lifetime as an element
+ in a .config file.
+
+
+
+
+ The name of the attribute that stores the association type.
+
+
+
+
+ The name of the attribute that stores the association's maximum lifetime.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Gets or sets the protocol name of the association.
+
+
+
+
+ Gets or sets the maximum time a shared association should live.
+
+ The default value is 14 days.
+
+
+
+ The configuration element that can adjust how hostmeta discovery works.
+
+
+
+
+ The property name for enableCertificateValidationCache.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Gets or sets a value indicating whether validated certificates should be cached and not validated again.
+
+
+ This helps to avoid unexplained 5-10 second delays in certificate validation for Google Apps for Domains that impact some servers.
+
+
+
+
+ Represents the <openid> element in the host's .config file.
+
+
+
+
+ The name of the section under which this library's settings must be found.
+
+
+
+
+ The name of the <relyingParty> sub-element.
+
+
+
+
+ The name of the <provider> sub-element.
+
+
+
+
+ The name of the <extensions> sub-element.
+
+
+
+
+ The name of the <xriResolver> sub-element.
+
+
+
+
+ The name of the @maxAuthenticationTime attribute.
+
+
+
+
+ The name of the @cacheDiscovery attribute.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Gets the configuration section from the .config file.
+
+
+
+
+ Gets or sets the maximum time a user can take to complete authentication.
+
+
+ This time limit allows the library to decide how long to cache certain values
+ necessary to complete authentication. The lower the time, the less demand on
+ the server. But too short a time can frustrate the user.
+
+
+
+
+ Gets or sets a value indicating whether the results of Identifier discovery
+ should be cached.
+
+
+ Use true to allow identifier discovery to immediately return cached results when available;
+ otherwise, use false.to force fresh results every time at the cost of slightly slower logins.
+ The default value is true.
+
+
+ When enabled, caching is done according to HTTP standards.
+
+
+
+
+ Gets or sets the configuration specific for Relying Parties.
+
+
+
+
+ Gets or sets the configuration specific for Providers.
+
+
+
+
+ Gets or sets the registered OpenID extension factories.
+
+
+
+
+ Gets or sets the configuration for the XRI resolver.
+
+
+
+
+ The section in the .config file that allows customization of OpenID Provider behaviors.
+
+
+
+
+ The name of the <provider> sub-element.
+
+
+
+
+ The name of the security sub-element.
+
+
+
+
+ Gets the name of the <behaviors> sub-element.
+
+
+
+
+ The name of the custom store sub-element.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Gets or sets the security settings.
+
+
+
+
+ Gets or sets the special behaviors to apply.
+
+
+
+
+ Gets or sets the type to use for storing application state.
+
+
+
+
+ Represents the .config file element that allows for setting the security policies of the Provider.
+
+
+
+
+ Gets the name of the @protectDownlevelReplayAttacks attribute.
+
+
+
+
+ Gets the name of the @minimumHashBitLength attribute.
+
+
+
+
+ Gets the name of the @maximumHashBitLength attribute.
+
+
+
+
+ The name of the associations collection sub-element.
+
+
+
+
+ The name of the @encodeAssociationSecretsInHandles attribute.
+
+
+
+
+ Gets the name of the @requireSsl attribute.
+
+
+
+
+ Gets the name of the @unsolicitedAssertionVerification attribute.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Initializes a programmatically manipulatable bag of these security settings with the settings from the config file.
+
+ The newly created security settings object.
+
+
+
+ Gets or sets a value indicating whether all discovery and authentication should require SSL security.
+
+
+
+
+ Gets or sets the minimum length of the hash that protects the protocol from hijackers.
+
+
+
+
+ Gets or sets the maximum length of the hash that protects the protocol from hijackers.
+
+
+
+
+ Gets or sets a value indicating whether the Provider should take special care
+ to protect OpenID 1.x relying parties against replay attacks.
+
+
+
+
+ Gets or sets the level of verification a Provider performs on an identifier before
+ sending an unsolicited assertion for it.
+
+ The default value is .
+
+
+
+ Gets or sets the configured lifetimes of the various association types.
+
+
+
+
+ Gets or sets a value indicating whether the Provider should ease the burden of storing associations
+ by encoding their secrets (in signed, encrypted form) into the association handles themselves, storing only
+ a few rotating, private symmetric keys in the Provider's store instead.
+
+
+
+
+ The section in the .config file that allows customization of OpenID Relying Party behaviors.
+
+
+
+
+ The name of the custom store sub-element.
+
+
+
+
+ The name of the <relyingParty> sub-element.
+
+
+
+
+ The name of the attribute that specifies whether dnoa.userSuppliedIdentifier is tacked onto the openid.return_to URL.
+
+
+
+
+ Gets the name of the security sub-element.
+
+
+
+
+ The name of the <behaviors> sub-element.
+
+
+
+
+ The name of the <discoveryServices> sub-element.
+
+
+
+
+ The name of the <hostMetaDiscovery> sub-element.
+
+
+
+
+ The built-in set of identifier discovery services.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Gets or sets a value indicating whether "dnoa.userSuppliedIdentifier" is tacked onto the openid.return_to URL in order to preserve what the user typed into the OpenID box.
+
+
+ The default value is true.
+
+
+
+
+ Gets or sets the security settings.
+
+
+
+
+ Gets or sets the special behaviors to apply.
+
+
+
+
+ Gets or sets the type to use for storing application state.
+
+
+
+
+ Gets or sets the host meta discovery configuration element.
+
+
+
+
+ Gets or sets the services to use for discovering service endpoints for identifiers.
+
+
+ If no discovery services are defined in the (web) application's .config file,
+ the default set of discovery services built into the library are used.
+
+
+
+
+ Represents the .config file element that allows for setting the security policies of the Relying Party.
+
+
+
+
+ Gets the name of the @minimumRequiredOpenIdVersion attribute.
+
+
+
+
+ Gets the name of the @minimumHashBitLength attribute.
+
+
+
+
+ Gets the name of the @maximumHashBitLength attribute.
+
+
+
+
+ Gets the name of the @requireSsl attribute.
+
+
+
+
+ Gets the name of the @requireDirectedIdentity attribute.
+
+
+
+
+ Gets the name of the @requireAssociation attribute.
+
+
+
+
+ Gets the name of the @rejectUnsolicitedAssertions attribute.
+
+
+
+
+ Gets the name of the @rejectDelegatedIdentifiers attribute.
+
+
+
+
+ Gets the name of the @ignoreUnsignedExtensions attribute.
+
+
+
+
+ Gets the name of the @allowDualPurposeIdentifiers attribute.
+
+
+
+
+ Gets the name of the @allowApproximateIdentifierDiscovery attribute.
+
+
+
+
+ Gets the name of the @protectDownlevelReplayAttacks attribute.
+
+
+
+
+ The name of the <trustedProviders> sub-element.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Initializes a programmatically manipulatable bag of these security settings with the settings from the config file.
+
+ The newly created security settings object.
+
+
+
+ Gets or sets a value indicating whether all discovery and authentication should require SSL security.
+
+
+
+
+ Gets or sets a value indicating whether only OP Identifiers will be discoverable
+ when creating authentication requests.
+
+
+
+
+ Gets or sets a value indicating whether authentication requests
+ will only be created where an association with the Provider can be established.
+
+
+
+
+ Gets or sets the minimum OpenID version a Provider is required to support in order for this library to interoperate with it.
+
+
+ Although the earliest versions of OpenID are supported, for security reasons it may be desirable to require the
+ remote party to support a later version of OpenID.
+
+
+
+
+ Gets or sets the minimum length of the hash that protects the protocol from hijackers.
+
+
+
+
+ Gets or sets the maximum length of the hash that protects the protocol from hijackers.
+
+
+
+
+ Gets or sets a value indicating whether all unsolicited assertions should be ignored.
+
+ The default value is false.
+
+
+
+ Gets or sets a value indicating whether delegating identifiers are refused for authentication.
+
+ The default value is false.
+
+ When set to true, login attempts that start at the RP or arrive via unsolicited
+ assertions will be rejected if discovery on the identifier shows that OpenID delegation
+ is used for the identifier. This is useful for an RP that should only accept identifiers
+ directly issued by the Provider that is sending the assertion.
+
+
+
+
+ Gets or sets a value indicating whether unsigned extensions in authentication responses should be ignored.
+
+ The default value is false.
+
+ When set to true, the methods
+ will not return any extension that was not signed by the Provider.
+
+
+
+
+ Gets or sets a value indicating whether identifiers that are both OP Identifiers and Claimed Identifiers
+ should ever be recognized as claimed identifiers.
+
+
+ The default value is false, per the OpenID 2.0 spec.
+
+
+
+
+ Gets or sets a value indicating whether certain Claimed Identifiers that exploit
+ features that .NET does not have the ability to send exact HTTP requests for will
+ still be allowed by using an approximate HTTP request.
+
+
+ The default value is true.
+
+
+
+
+ Gets or sets a value indicating whether the Relying Party should take special care
+ to protect users against replay attacks when interoperating with OpenID 1.1 Providers.
+
+
+
+
+ Gets or sets the set of trusted OpenID Provider Endpoints.
+
+
+
+
+ Represents the <xriResolver> element in the host's .config file.
+
+
+
+
+ Gets the name of the @enabled attribute.
+
+
+
+
+ The default value for .
+
+
+
+
+ The name of the <proxy> sub-element.
+
+
+
+
+ The default XRI proxy resolver to use.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Gets or sets a value indicating whether this XRI resolution is enabled.
+
+ The default value is true.
+
+
+
+ Gets or sets the proxy to use for resolving XRIs.
+
+ The default value is "xri.net".
+
+
+
+ Adds OpenID-specific extension methods to the XrdsDocument class.
+
+
+
+
+ Creates the service endpoints described in this document, useful for requesting
+ authentication of one of the OpenID Providers that result from it.
+
+ The XrdsDocument instance to use in this process.
+ The claimed identifier that was used to discover this XRDS document.
+ The user supplied identifier.
+
+ A sequence of OpenID Providers that can assert ownership of the .
+
+
+
+
+ Creates the service endpoints described in this document, useful for requesting
+ authentication of one of the OpenID Providers that result from it.
+
+ The XrdsDocument instance to use in this process.
+ The user-supplied i-name that was used to discover this XRDS document.
+ A sequence of OpenID Providers that can assert ownership of the canonical ID given in this document.
+
+
+
+ Generates OpenID Providers that can authenticate using directed identity.
+
+ The XrdsDocument instance to use in this process.
+ The OP Identifier entered (and resolved) by the user. Essentially the user-supplied identifier.
+ A sequence of the providers that can offer directed identity services.
+
+
+
+ Generates the OpenID Providers that are capable of asserting ownership
+ of a particular URI claimed identifier.
+
+ The XrdsDocument instance to use in this process.
+ The claimed identifier.
+ The user supplied identifier.
+
+ A sequence of the providers that can assert ownership of the given identifier.
+
+
+
+
+ Generates the OpenID Providers that are capable of asserting ownership
+ of a particular XRI claimed identifier.
+
+ The XrdsDocument instance to use in this process.
+ The i-name supplied by the user.
+ A sequence of the providers that can assert ownership of the given identifier.
+
+
+
+ Enumerates the XRDS service elements that describe OpenID Providers offering directed identity assertions.
+
+ The XrdsDocument instance to use in this process.
+ A sequence of service elements.
+
+
+
+ Returns the OpenID-compatible services described by a given XRDS document,
+ in priority order.
+
+ The XrdsDocument instance to use in this process.
+ A sequence of the services offered.
+
+
+
+ Stores a secret used in signing and verifying messages.
+
+
+ OpenID associations may be shared between Provider and Relying Party (smart
+ associations), or be a way for a Provider to recall its own secret for later
+ (dumb associations).
+
+
+
+
+ Initializes a new instance of the class.
+
+ The handle.
+ The secret.
+ How long the association will be useful.
+ The UTC time of when this association was originally issued by the Provider.
+
+
+
+ Re-instantiates an previously persisted in a database or some
+ other shared store.
+
+
+ The property of the previous instance.
+
+
+ The UTC value of the property of the previous instance.
+
+
+ The byte array returned by a call to on the previous
+ instance.
+
+
+ The newly dehydrated , which can be returned
+ from a custom association store's
+ IRelyingPartyAssociationStore.GetAssociation method.
+
+
+
+
+ Returns private data required to persist this in
+ permanent storage (a shared database for example) for deserialization later.
+
+
+ An opaque byte array that must be stored and returned exactly as it is provided here.
+ The byte array may vary in length depending on the specific type of ,
+ but in current versions are no larger than 256 bytes.
+
+
+ Values of public properties on the base class are not included
+ in this byte array, as they are useful for fast database lookup and are persisted separately.
+
+
+
+
+ Tests equality of two objects.
+
+ The to compare with the current .
+
+ true if the specified is equal to the current ; otherwise, false.
+
+
+
+
+ Returns the hash code.
+
+
+ A hash code for the current .
+
+
+
+
+ The string to pass as the assoc_type value in the OpenID protocol.
+
+ The protocol version of the message that the assoc_type value will be included in.
+ The value that should be used for the openid.assoc_type parameter.
+
+
+
+ Generates a signature from a given blob of data.
+
+ The data to sign. This data will not be changed (the signature is the return value).
+ The calculated signature of the data.
+
+
+
+ Returns the specific hash algorithm used for message signing.
+
+ The hash algorithm used for message signing.
+
+
+
+ Gets a unique handle by which this may be stored or retrieved.
+
+
+
+
+ Gets the UTC time when this will expire.
+
+
+
+
+ Gets a value indicating whether this has already expired.
+
+
+
+
+ Gets the length (in bits) of the hash this association creates when signing.
+
+
+
+
+ Gets a value indicating whether this instance has useful life remaining.
+
+
+ true if this instance has useful life remaining; otherwise, false.
+
+
+
+
+ Gets or sets the UTC time that this was first created.
+
+
+
+
+ Gets the duration a secret key used for signing dumb client requests will be good for.
+
+
+
+
+ Gets the number of seconds until this expires.
+ Never negative (counter runs to zero).
+
+
+
+
+ Gets the shared secret key between the consumer and provider.
+
+
+
+
+ Gets the lifetime the OpenID provider permits this .
+
+
+
+
+ Gets the minimum lifetime an association must still be good for in order for it to be used for a future authentication.
+
+
+ Associations that are not likely to last the duration of a user login are not worth using at all.
+
+
+
+
+ Gets the TimeSpan till this association expires.
+
+
+
+
+ Indicates the mode the Provider should use while authenticating the end user.
+
+
+
+
+ The Provider should use whatever credentials are immediately available
+ to determine whether the end user owns the Identifier. If sufficient
+ credentials (i.e. cookies) are not immediately available, the Provider
+ should fail rather than prompt the user.
+
+
+
+
+ The Provider should determine whether the end user owns the Identifier,
+ displaying a web page to the user to login etc., if necessary.
+
+
+
+
+ An Attribute Exchange and Simple Registration filter to make all incoming attribute
+ requests look like Simple Registration requests, and to convert the response
+ to the originally requested extension and format.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Gets or sets the AX attribute type URI formats this transform is willing to work with.
+
+
+
+
+ A strongly-typed resource class, for looking up localized strings, etc.
+
+
+
+
+ Returns the cached ResourceManager instance used by this class.
+
+
+
+
+ Overrides the current thread's CurrentUICulture property for all
+ resource lookups using this strongly typed resource class.
+
+
+
+
+ Looks up a localized string similar to The PAPE request has an incomplete set of authentication policies..
+
+
+
+
+ Looks up a localized string similar to A PAPE response is missing or is missing required policies..
+
+
+
+
+ Looks up a localized string similar to No personally identifiable information should be included in authentication responses when the PAPE authentication policy http://www.idmanagement.gov/schema/2009/05/icam/no-pii.pdf is present..
+
+
+
+
+ Looks up a localized string similar to No personally identifiable information should be requested when the http://www.idmanagement.gov/schema/2009/05/icam/no-pii.pdf PAPE policy is present..
+
+
+
+
+ Looks up a localized string similar to No PPID provider has been configured..
+
+
+
+
+ Looks up a localized string similar to Discovery on the Realm URL MUST be performed before sending a positive assertion..
+
+
+
+
+ Looks up a localized string similar to The Realm in an authentication request must be an HTTPS URL..
+
+
+
+
+ Implements the Identity, Credential, & Access Management (ICAM) OpenID 2.0 Profile
+ for the General Services Administration (GSA).
+
+
+ Relying parties that include this profile are always held to the terms required by the profile,
+ but Providers are only affected by the special behaviors of the profile when the RP specifically
+ indicates that they want to use this profile.
+
+
+
+
+ Backing field for the static property.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Gets or sets a value indicating whether PII is allowed to be requested or received via OpenID.
+
+ The default value is false.
+
+
+
+ Gets or sets a value indicating whether to ignore the SSL requirement (for testing purposes only).
+
+
+
+
+ Provides a mechanism for Relying Parties to work with OpenID 1.0 Providers
+ without losing claimed_id and op_endpoint data, which OpenID 2.0 Providers
+ are required to send back with positive assertions.
+
+
+
+
+ The "dnoa.op_endpoint" callback parameter that stores the Provider Endpoint URL
+ to tack onto the return_to URI.
+
+
+
+
+ The "dnoa.claimed_id" callback parameter that stores the Claimed Identifier
+ to tack onto the return_to URI.
+
+
+
+
+ Prepares a message for sending based on the rules of this channel binding element.
+
+ The message to prepare for sending.
+
+ The protections (if any) that this binding element applied to the message.
+ Null if this binding element did not even apply to this binding element.
+
+
+ Implementations that provide message protection must honor the
+ properties where applicable.
+
+
+
+
+ Performs any transformation on an incoming message that may be necessary and/or
+ validates an incoming message based on the rules of this channel binding element.
+
+ The incoming message to process.
+
+ The protections (if any) that this binding element applied to the message.
+ Null if this binding element did not even apply to this binding element.
+
+
+ Thrown when the binding element rules indicate that this message is invalid and should
+ NOT be processed.
+
+
+ Implementations that provide message protection must honor the
+ properties where applicable.
+
+
+
+
+ Gets or sets the channel that this binding element belongs to.
+
+
+
+ This property is set by the channel when it is first constructed.
+
+
+
+
+ Gets the protection offered (if any) by this binding element.
+
+
+
+
+
+ Code contract for the class.
+
+
+
+
+ Signs and verifies authentication assertions.
+
+
+
+
+ Prepares a message for sending based on the rules of this channel binding element.
+
+ The message to prepare for sending.
+
+ The protections (if any) that this binding element applied to the message.
+ Null if this binding element did not even apply to this binding element.
+
+
+
+
+ Performs any transformation on an incoming message that may be necessary and/or
+ validates an incoming message based on the rules of this channel binding element.
+
+ The incoming message to process.
+
+ The protections (if any) that this binding element applied to the message.
+ Null if this binding element did not even apply to this binding element.
+
+
+ Thrown when the binding element rules indicate that this message is invalid and should
+ NOT be processed.
+
+
+
+
+ Verifies the signature by unrecognized handle.
+
+ The message.
+ The signed message.
+ The protections applied.
+ The applied protections.
+
+
+
+ Calculates the signature for a given message.
+
+ The message to sign or verify.
+ The association to use to sign the message.
+ The calculated signature of the method.
+
+
+
+ Gets the association to use to sign or verify a message.
+
+ The message to sign or verify.
+ The association to use to sign or verify the message.
+
+
+
+ Gets a specific association referenced in a given message's association handle.
+
+ The signed message whose association handle should be used to lookup the association to return.
+ The referenced association; or null if such an association cannot be found.
+
+ If the association handle set in the message does not match any valid association,
+ the association handle property is cleared, and the
+ property is set to the
+ handle that could not be found.
+
+
+
+
+ Gets a private Provider association used for signing messages in "dumb" mode.
+
+ An existing or newly created association.
+
+
+
+ Ensures that all message parameters that must be signed are in fact included
+ in the signature.
+
+ The signed message.
+
+
+
+ Gets the protection offered (if any) by this binding element.
+
+
+
+
+
+ Gets or sets the channel that this binding element belongs to.
+
+
+
+
+ Gets a value indicating whether this binding element is on a Provider channel.
+
+
+
+
+ Verifies the signature by unrecognized handle.
+
+ The message.
+ The signed message.
+ The protections applied.
+
+ The applied protections.
+
+
+
+
+ Gets the association to use to sign or verify a message.
+
+ The message to sign or verify.
+
+ The association to use to sign or verify the message.
+
+
+
+
+ Gets a specific association referenced in a given message's association handle.
+
+ The signed message whose association handle should be used to lookup the association to return.
+
+ The referenced association; or null if such an association cannot be found.
+
+
+
+
+ The binding element that serializes/deserializes OpenID extensions to/from
+ their carrying OpenID messages.
+
+
+
+
+ False if unsigned extensions should be dropped. Must always be true on Providers, since RPs never sign extensions.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The extension factory.
+ The security settings.
+ Security setting for relying parties. Should be true for Providers.
+
+
+
+ Prepares a message for sending based on the rules of this channel binding element.
+
+ The message to prepare for sending.
+
+ The protections (if any) that this binding element applied to the message.
+ Null if this binding element did not even apply to this binding element.
+
+
+ Implementations that provide message protection must honor the
+ properties where applicable.
+
+
+
+
+ Performs any transformation on an incoming message that may be necessary and/or
+ validates an incoming message based on the rules of this channel binding element.
+
+ The incoming message to process.
+
+ The protections (if any) that this binding element applied to the message.
+ Null if this binding element did not even apply to this binding element.
+
+
+ Thrown when the binding element rules indicate that this message is invalid and should
+ NOT be processed.
+
+
+ Implementations that provide message protection must honor the
+ properties where applicable.
+
+
+
+
+ Gets the extensions on a message.
+
+ The carrier of the extensions.
+ If set to true only signed extensions will be available.
+ A optional filter that takes an extension type URI and
+ returns a value indicating whether that extension should be deserialized and
+ returned in the sequence. May be null.
+ A sequence of extensions in the message.
+
+
+
+ Gets the dictionary of message parts that should be deserialized into extensions.
+
+ The message.
+ If set to true only signed extensions will be available.
+
+ A dictionary of message parts, including only signed parts when appropriate.
+
+
+
+
+ Gets or sets the channel that this binding element belongs to.
+
+
+
+ This property is set by the channel when it is first constructed.
+
+
+
+
+ Gets the extension factory.
+
+
+
+
+ Gets the protection offered (if any) by this binding element.
+
+
+
+
+
+ OpenID extension factory class for creating extensions based on received Type URIs.
+
+
+ OpenID extension factories must be registered with the library. This can be
+ done by adding a factory to OpenIdRelyingParty.ExtensionFactories
+ or OpenIdProvider.ExtensionFactories, or by adding a snippet
+ such as the following to your web.config file:
+
+ <dotNetOpenAuth>
+ <openid>
+ <extensionFactories>
+ <add type="DotNetOpenAuth.ApplicationBlock.CustomExtensions.Acme, DotNetOpenAuth.ApplicationBlock" />
+ </extensionFactories>
+ </openid>
+ </dotNetOpenAuth>
+
+
+
+
+
+ Creates a new instance of some extension based on the received extension parameters.
+
+ The type URI of the extension.
+ The parameters associated specifically with this extension.
+ The OpenID message carrying this extension.
+ A value indicating whether this extension is being received at the OpenID Provider.
+
+ An instance of if the factory recognizes
+ the extension described in the input parameters; null otherwise.
+
+
+ This factory method need only initialize properties in the instantiated extension object
+ that are not bound using .
+
+
+
+
+ An interface that OAuth messages implement to support signing.
+
+
+
+
+ Gets or sets the association handle used to sign the message.
+
+ The handle for the association that was used to sign this assertion.
+
+
+
+ Gets or sets the association handle that the Provider wants the Relying Party to not use any more.
+
+ If the Relying Party sent an invalid association handle with the request, it SHOULD be included here.
+
+
+
+ Gets or sets the signed parameter order.
+
+ Comma-separated list of signed fields.
+ "op_endpoint,identity,claimed_id,return_to,assoc_handle,response_nonce"
+
+ This entry consists of the fields without the "openid." prefix that the signature covers.
+ This list MUST contain at least "op_endpoint", "return_to" "response_nonce" and "assoc_handle",
+ and if present in the response, "claimed_id" and "identity".
+ Additional keys MAY be signed as part of the message. See Generating Signatures.
+
+
+
+
+ A Uri encoder that serializes using
+ rather than the standard .
+
+
+
+
+ Encodes the specified value.
+
+ The value. Guaranteed to never be null.
+
+ The in string form, ready for message transport.
+
+
+
+
+ Decodes the specified value.
+
+ The string value carried by the transport. Guaranteed to never be null, although it may be empty.
+
+ The deserialized form of the given string.
+
+ Thrown when the string value given cannot be decoded into the required object type.
+
+
+
+ Indicates the level of strictness to require when decoding a
+ Key-Value Form encoded dictionary.
+
+
+
+
+ Be as forgiving as possible to errors made while encoding.
+
+
+
+
+ Allow for certain errors in encoding attributable to ambiguities
+ in the OpenID 1.1 spec's description of the encoding.
+
+
+
+
+ The strictest mode. The decoder requires the encoded dictionary
+ to be in strict compliance with OpenID 2.0's description of
+ the encoding.
+
+
+
+
+ Performs conversion to and from the Key-Value Form Encoding defined by
+ OpenID Authentication 2.0 section 4.1.1.
+ http://openid.net/specs/openid-authentication-2_0.html#anchor4
+
+
+ This class is thread safe and immutable.
+
+
+
+
+ The newline character sequence to use.
+
+
+
+
+ Characters that must not appear in parameter names.
+
+
+
+
+ Characters that must not appaer in parameter values.
+
+
+
+
+ The character encoding to use.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Initializes a new instance of the class.
+
+ How strictly an incoming Key-Value Form message will be held to the spec.
+
+
+
+ Encodes key/value pairs to Key-Value Form.
+
+
+ The dictionary of key/value pairs to convert to a byte stream.
+
+ The UTF8 byte array.
+
+ Enumerating a Dictionary<TKey, TValue> has undeterministic ordering.
+ If ordering of the key=value pairs is important, a deterministic enumerator must
+ be used.
+
+
+
+
+ Decodes bytes in Key-Value Form to key/value pairs.
+
+ The stream of Key-Value Form encoded bytes.
+ The deserialized dictionary.
+ Thrown when the data is not in the expected format.
+
+
+
+ Gets a value controlling how strictly an incoming Key-Value Form message will be held to the spec.
+
+
+
+
+ A channel that knows how to send and receive OpenID messages.
+
+
+
+
+ The HTTP Content-Type to use in Key-Value Form responses.
+
+
+ OpenID 2.0 section 5.1.2 says this SHOULD be text/plain. But this value
+ does not prevent free hosters like GoDaddy from tacking on their ads
+ to the end of the direct response, corrupting the data. So we deviate
+ from the spec a bit here to improve the story for free Providers.
+
+
+
+
+ The encoder that understands how to read and write Key-Value Form.
+
+
+
+
+ Initializes a new instance of the class.
+
+ A class prepared to analyze incoming messages and indicate what concrete
+ message types can deserialize from it.
+ The binding elements to use in sending and receiving messages.
+
+
+
+ Verifies the integrity and applicability of an incoming message.
+
+ The message just received.
+
+ Thrown when the message is somehow invalid, except for check_authentication messages.
+ This can be due to tampering, replay attack or expiration, among other things.
+
+
+
+
+ Prepares an HTTP request that carries a given message.
+
+ The message to send.
+
+ The prepared to send the request.
+
+
+
+
+ Gets the protocol message that may be in the given HTTP response.
+
+ The response that is anticipated to contain an protocol message.
+
+ The deserialized message parts, if found. Null otherwise.
+
+ Thrown when the response is not valid.
+
+
+
+ Called when receiving a direct response message, before deserialization begins.
+
+ The HTTP direct response.
+ The newly instantiated message, prior to deserialization.
+
+
+
+ Queues a message for sending in the response stream where the fields
+ are sent in the response stream in querystring style.
+
+ The message to send as a response.
+
+ The pending user agent redirect based message to be sent as an HttpResponse.
+
+
+ This method implements spec V1.0 section 5.3.
+
+
+
+
+ Gets the direct response of a direct HTTP request.
+
+ The web request.
+ The response to the web request.
+ Thrown on network or protocol errors.
+
+
+
+ This binding element signs a Relying Party's openid.return_to parameter
+ so that upon return, it can verify that it hasn't been tampered with.
+
+
+ Since Providers can send unsolicited assertions, not all openid.return_to
+ values will be signed. But those that are signed will be validated, and
+ any invalid or missing signatures will cause this library to not trust
+ the parameters in the return_to URL.
+ In the messaging stack, this binding element looks like an ordinary
+ transform-type of binding element rather than a protection element,
+ due to its required order in the channel stack and that it doesn't sign
+ anything except a particular message part.
+
+
+
+
+ The name of the callback parameter we'll tack onto the return_to value
+ to store our signature on the return_to parameter.
+
+
+
+
+ The name of the callback parameter we'll tack onto the return_to value
+ to store the handle of the association we use to sign the return_to parameter.
+
+
+
+
+ The URI to use for private associations at this RP.
+
+
+
+
+ The key store used to generate the private signature on the return_to parameter.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The crypto key store.
+
+
+
+ Prepares a message for sending based on the rules of this channel binding element.
+
+ The message to prepare for sending.
+
+ The protections (if any) that this binding element applied to the message.
+ Null if this binding element did not even apply to this binding element.
+
+
+ Implementations that provide message protection must honor the
+ properties where applicable.
+
+
+
+
+ Performs any transformation on an incoming message that may be necessary and/or
+ validates an incoming message based on the rules of this channel binding element.
+
+ The incoming message to process.
+
+ The protections (if any) that this binding element applied to the message.
+ Null if this binding element did not even apply to this binding element.
+
+
+ Thrown when the binding element rules indicate that this message is invalid and should
+ NOT be processed.
+
+
+ Implementations that provide message protection must honor the
+ properties where applicable.
+
+
+
+
+ Gets the return to signature.
+
+ The return to.
+ The crypto key.
+
+ The generated signature.
+
+
+ Only the parameters in the return_to URI are signed, rather than the base URI
+ itself, in order that OPs that might change the return_to's implicit port :80 part
+ or other minor changes do not invalidate the signature.
+
+
+
+
+ Gets or sets the channel that this binding element belongs to.
+
+
+
+ This property is set by the channel when it is first constructed.
+
+
+
+
+ Gets the protection offered (if any) by this binding element.
+
+
+
+ No message protection is reported because this binding element
+ does not protect the entire message -- only a part.
+
+
+
+
+ Spoofs security checks on incoming OpenID messages.
+
+
+
+
+ Prepares a message for sending based on the rules of this channel binding element.
+
+ The message to prepare for sending.
+
+ The protections (if any) that this binding element applied to the message.
+ Null if this binding element did not even apply to this binding element.
+
+
+ Implementations that provide message protection must honor the
+ properties where applicable.
+
+
+
+
+ Performs any transformation on an incoming message that may be necessary and/or
+ validates an incoming message based on the rules of this channel binding element.
+
+ The incoming message to process.
+
+ The protections (if any) that this binding element applied to the message.
+ Null if this binding element did not even apply to this binding element.
+
+
+ Thrown when the binding element rules indicate that this message is invalid and should
+ NOT be processed.
+
+
+ Implementations that provide message protection must honor the
+ properties where applicable.
+
+
+
+
+ Gets or sets the channel that this binding element belongs to.
+
+
+
+ This property is set by the channel when it is first constructed.
+
+
+
+
+ Gets the protection commonly offered (if any) by this binding element.
+
+
+
+ This value is used to assist in sorting binding elements in the channel stack.
+
+
+
+
+ Code contract for the class.
+
+
+
+
+ Prevents a default instance of the class from being created.
+
+
+
+
+ The string to pass as the assoc_type value in the OpenID protocol.
+
+ The protocol version of the message that the assoc_type value will be included in.
+
+ The value that should be used for the openid.assoc_type parameter.
+
+
+
+
+ Returns the specific hash algorithm used for message signing.
+
+
+ The hash algorithm used for message signing.
+
+
+
+
+ Gets the length (in bits) of the hash this association creates when signing.
+
+
+
+
+ Manages a fast, two-way mapping between type URIs and their aliases.
+
+
+
+
+ The format of auto-generated aliases.
+
+
+
+
+ Tracks extension Type URIs and aliases assigned to them.
+
+
+
+
+ Tracks extension aliases and Type URIs assigned to them.
+
+
+
+
+ Gets an alias assigned for a given Type URI. A new alias is assigned if necessary.
+
+ The type URI.
+ The alias assigned to this type URI. Never null.
+
+
+
+ Sets an alias and the value that will be returned by .
+
+ The alias.
+ The type URI.
+
+
+
+ Takes a sequence of type URIs and assigns aliases for all of them.
+
+ The type URIs to create aliases for.
+ An optional dictionary of URI/alias pairs that suggest preferred aliases to use if available for certain type URIs.
+
+
+
+ Sets up aliases for any Type URIs in a dictionary that do not yet have aliases defined,
+ and where the given preferred alias is still available.
+
+ A dictionary of type URI keys and alias values.
+
+
+
+ Gets the Type Uri encoded by a given alias.
+
+ The alias.
+ The Type URI.
+ Thrown if the given alias does not have a matching TypeURI.
+
+
+
+ Gets the Type Uri encoded by a given alias.
+
+ The alias.
+ The Type URI for the given alias, or null if none for that alias exist.
+
+
+
+ Returns a value indicating whether an alias has already been assigned to a type URI.
+
+ The alias in question.
+ True if the alias has already been assigned. False otherwise.
+
+
+
+ Determines whether a given TypeURI has an associated alias assigned to it.
+
+ The type URI.
+
+ true if the given type URI already has an alias assigned; false otherwise.
+
+
+
+
+ Assigns a new alias to a given Type URI.
+
+ The type URI to assign a new alias to.
+ The newly generated alias.
+
+
+
+ Gets the aliases that have been set.
+
+
+
+
+ An individual attribute to be requested of the OpenID Provider using
+ the Attribute Exchange extension.
+
+
+
+
+ Backing field for the property.
+
+
+
+
+ Initializes a new instance of the class
+ with = false, = 1.
+
+
+
+
+ Initializes a new instance of the class
+ with = false, = 1.
+
+ The unique TypeURI for that describes the attribute being sought.
+
+
+
+ Initializes a new instance of the class
+ with = 1.
+
+ The unique TypeURI for that describes the attribute being sought.
+ A value indicating whether the Relying Party considers this attribute to be required for registration.
+
+
+
+ Initializes a new instance of the class.
+
+ The unique TypeURI for that describes the attribute being sought.
+ A value indicating whether the Relying Party considers this attribute to be required for registration.
+ The maximum number of values for this attribute the Relying Party is prepared to receive.
+
+
+
+ Used by a Provider to create a response to a request for an attribute's value(s)
+ using a given array of strings.
+
+ The values for the requested attribute.
+
+ The newly created object that should be added to
+ the object.
+
+
+
+
+ Determines whether the specified is equal to the current .
+
+ The to compare with the current .
+
+ true if the specified is equal to the current ; otherwise, false.
+
+
+ The parameter is null.
+
+
+
+
+ Serves as a hash function for a particular type.
+
+
+ A hash code for the current .
+
+
+
+
+ Gets or sets the URI uniquely identifying the attribute being requested.
+
+
+
+
+ Gets or sets a value indicating whether the relying party considers this a required field.
+ Note that even if set to true, the Provider may not provide the value.
+
+
+
+
+ Gets or sets the maximum number of values for this attribute the
+ Relying Party wishes to receive from the OpenID Provider.
+ A value of int.MaxValue is considered infinity.
+
+
+
+
+ An individual attribute's value(s) as supplied by an OpenID Provider
+ in response to a prior request by an OpenID Relying Party as part of
+ a fetch request, or by a relying party as part of a store request.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The TypeURI that uniquely identifies the attribute.
+ The values for the attribute.
+
+
+
+ Initializes a new instance of the class.
+
+
+ This is internal because web sites should be using the
+ method to instantiate.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The TypeURI of the attribute whose values are being provided.
+
+
+
+ Determines whether the specified is equal to the current .
+
+ The to compare with the current .
+
+ true if the specified is equal to the current ; otherwise, false.
+
+
+ The parameter is null.
+
+
+
+
+ Serves as a hash function for a particular type.
+
+
+ A hash code for the current .
+
+
+
+
+ Gets the URI uniquely identifying the attribute whose value is being supplied.
+
+
+
+
+ Gets the values supplied by the Provider.
+
+
+
+
+ The various Type URI formats an AX attribute may use by various remote parties.
+
+
+
+
+ No attribute format.
+
+
+
+
+ AX attributes should use the Type URI format starting with http://axschema.org/.
+
+
+
+
+ AX attributes should use the Type URI format starting with http://schema.openid.net/.
+
+
+
+
+ AX attributes should use the Type URI format starting with http://openid.net/schema/.
+
+
+
+
+ All known schemas.
+
+
+
+
+ The most common schemas.
+
+
+
+
+ Helper methods shared by multiple messages in the Attribute Exchange extension.
+
+
+
+
+ Adds a request for an attribute considering it 'required'.
+
+ The attribute request collection.
+ The type URI of the required attribute.
+
+
+
+ Adds a request for an attribute without considering it 'required'.
+
+ The attribute request collection.
+ The type URI of the requested attribute.
+
+
+
+ Adds a given attribute with one or more values to the request for storage.
+ Applicable to Relying Parties only.
+
+ The collection of to add to.
+ The type URI of the attribute.
+ The attribute values.
+
+
+
+ Serializes a set of attribute values to a dictionary of fields to send in the message.
+
+ The dictionary to fill with serialized attributes.
+ The attributes.
+
+
+
+ Deserializes attribute values from an incoming set of message data.
+
+ The data coming in with the message.
+ The attribute values found in the message.
+
+
+
+ Reads through the attributes included in the response to discover
+ the alias-TypeURI relationships.
+
+ The data included in the extension message.
+ The alias manager that provides lookup between aliases and type URIs.
+
+
+
+ Attribute Exchange constants
+
+
+
+
+ The TypeURI by which the AX extension is recognized in
+ OpenID messages and in XRDS documents.
+
+
+
+
+ The Attribute Exchange Fetch message, request leg.
+
+
+
+
+ A handy base class for built-in extensions.
+
+
+
+
+ The contract any OpenID extension for DotNetOpenAuth must implement.
+
+
+ Classes that implement this interface should be marked as
+ [] to allow serializing state servers
+ to cache messages, particularly responses.
+
+
+
+
+ Gets the TypeURI the extension uses in the OpenID protocol and in XRDS advertisements.
+
+
+
+
+ Gets the additional TypeURIs that are supported by this extension, in preferred order.
+ May be empty if none other than is supported, but
+ should not be null.
+
+
+ Useful for reading in messages with an older version of an extension.
+ The value in the property is always checked before
+ trying this list.
+ If you do support multiple versions of an extension using this method,
+ consider adding a CreateResponse method to your request extension class
+ so that the response can have the context it needs to remain compatible
+ given the version of the extension in the request message.
+ The for an example.
+
+
+
+
+ Gets or sets a value indicating whether this extension was
+ signed by the sender.
+
+
+ true if this instance is signed by the sender; otherwise, false.
+
+
+
+
+ Backing store for the property.
+
+
+
+
+ Backing store for the property.
+
+
+
+
+ Backing store for the property.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The version of the extension.
+ The type URI to use in the OpenID message.
+ The additional supported type URIs by which this extension might be recognized. May be null.
+
+
+
+ Checks the message state for conformity to the protocol specification
+ and throws an exception if the message is invalid.
+
+
+ Some messages have required fields, or combinations of fields that must relate to each other
+ in specialized ways. After deserializing a message, this method checks the state of the
+ message to see if it conforms to the protocol.
+ Note that this property should not check signatures or perform any state checks
+ outside this scope of this particular message.
+
+ Thrown if the message is invalid.
+
+
+
+ Checks the message state for conformity to the protocol specification
+ and throws an exception if the message is invalid.
+
+
+ Some messages have required fields, or combinations of fields that must relate to each other
+ in specialized ways. After deserializing a message, this method checks the state of the
+ message to see if it conforms to the protocol.
+ Note that this property should not check signatures or perform any state checks
+ outside this scope of this particular message.
+
+ Thrown if the message is invalid.
+
+
+
+ Gets the TypeURI the extension uses in the OpenID protocol and in XRDS advertisements.
+
+
+
+
+ Gets the additional TypeURIs that are supported by this extension, in preferred order.
+ May be empty if none other than is supported, but
+ should not be null.
+
+
+ Useful for reading in messages with an older version of an extension.
+ The value in the property is always checked before
+ trying this list.
+ If you do support multiple versions of an extension using this method,
+ consider adding a CreateResponse method to your request extension class
+ so that the response can have the context it needs to remain compatible
+ given the version of the extension in the request message.
+ The for an example.
+
+
+
+
+ Gets or sets a value indicating whether this extension was
+ signed by the OpenID Provider.
+
+
+ true if this instance is signed by the provider; otherwise, false.
+
+
+
+
+ Gets the version of the protocol or extension this message is prepared to implement.
+
+
+
+
+ Gets the extra, non-standard Protocol parameters included in the message.
+
+
+ Implementations of this interface should ensure that this property never returns null.
+
+
+
+
+ Gets the TypeURI the extension uses in the OpenID protocol and in XRDS advertisements.
+
+
+
+
+ Gets or sets a value indicating whether this extension was
+ signed by the OpenID Provider.
+
+
+ true if this instance is signed by the provider; otherwise, false.
+
+
+
+
+ Gets the additional TypeURIs that are supported by this extension, in preferred order.
+ May be empty if none other than is supported, but
+ should not be null.
+
+
+
+ Useful for reading in messages with an older version of an extension.
+ The value in the property is always checked before
+ trying this list.
+ If you do support multiple versions of an extension using this method,
+ consider adding a CreateResponse method to your request extension class
+ so that the response can have the context it needs to remain compatible
+ given the version of the extension in the request message.
+ The for an example.
+
+
+
+
+ Gets the extra, non-standard Protocol parameters included in the message.
+
+
+
+ Implementations of this interface should ensure that this property never returns null.
+
+
+
+
+ The value for the 'mode' parameter.
+
+
+
+
+ The factory method that may be used in deserialization of this message.
+
+
+
+
+ Characters that may not appear in an attribute alias list.
+
+
+
+
+ Characters that may not appear in an attribute Type URI alias.
+
+
+
+
+ The collection of requested attributes.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Determines whether the specified is equal to the current .
+
+ The to compare with the current .
+
+ true if the specified is equal to the current ; otherwise, false.
+
+
+ The parameter is null.
+
+
+
+
+ Serves as a hash function for a particular type.
+
+
+ A hash code for the current .
+
+
+
+
+ Called when the message is about to be transmitted,
+ before it passes through the channel binding elements.
+
+
+
+
+ Called when the message has been received,
+ after it passes through the channel binding elements.
+
+
+
+
+ Checks the message state for conformity to the protocol specification
+ and throws an exception if the message is invalid.
+
+
+ Some messages have required fields, or combinations of fields that must relate to each other
+ in specialized ways. After deserializing a message, this method checks the state of the
+ message to see if it conforms to the protocol.
+ Note that this property should not check signatures or perform any state checks
+ outside this scope of this particular message.
+
+ Thrown if the message is invalid.
+
+
+
+ Splits a list of aliases by their commas.
+
+ The comma-delimited list of aliases. May be null or empty.
+ The list of aliases. Never null, but may be empty.
+
+
+
+ Gets a collection of the attributes whose values are
+ requested by the Relying Party.
+
+ A collection where the keys are the attribute type URIs, and the value
+ is all the attribute request details.
+
+
+
+ Gets or sets the URL that the OpenID Provider may re-post the fetch response
+ message to at some time after the initial response has been sent, using an
+ OpenID Authentication Positive Assertion to inform the relying party of updates
+ to the requested fields.
+
+
+
+
+ Gets or sets a list of aliases for optional attributes.
+
+ A comma-delimited list of aliases.
+
+
+
+ Gets or sets a list of aliases for required attributes.
+
+ A comma-delimited list of aliases.
+
+
+
+ The Attribute Exchange Fetch message, response leg.
+
+
+
+
+ The value of the 'mode' parameter.
+
+
+
+
+ The factory method that may be used in deserialization of this message.
+
+
+
+
+ The collection of provided attributes. This field will never be null.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Gets the first attribute value provided for a given attribute Type URI.
+
+
+ The type URI of the attribute.
+ Usually a constant from .
+
+ The first value provided for the attribute, or null if the attribute is missing or no values were provided.
+
+
+ This is meant as a helper method for the common case of just wanting one attribute value.
+ For greater flexibility or to retrieve more than just the first value for an attribute,
+ use the collection directly.
+
+
+
+
+ Determines whether the specified is equal to the current .
+
+ The to compare with the current .
+
+ true if the specified is equal to the current ; otherwise, false.
+
+
+ The parameter is null.
+
+
+
+
+ Serves as a hash function for a particular type.
+
+
+ A hash code for the current .
+
+
+
+
+ Called when the message is about to be transmitted,
+ before it passes through the channel binding elements.
+
+
+
+
+ Called when the message has been received,
+ after it passes through the channel binding elements.
+
+
+
+
+ Checks the message state for conformity to the protocol specification
+ and throws an exception if the message is invalid.
+
+
+ Some messages have required fields, or combinations of fields that must relate to each other
+ in specialized ways. After deserializing a message, this method checks the state of the
+ message to see if it conforms to the protocol.
+ Note that this property should not check signatures or perform any state checks
+ outside this scope of this particular message.
+
+ Thrown if the message is invalid.
+
+
+
+ Gets a sequence of the attributes whose values are provided by the OpenID Provider.
+
+
+
+
+ Gets a value indicating whether the OpenID Provider intends to
+ honor the request for updates.
+
+
+
+
+ Gets or sets the URL the OpenID Provider will post updates to.
+ Must be set if the Provider supports and will use this feature.
+
+
+
+
+ Gets a value indicating whether this extension is signed by the Provider.
+
+
+ true if this instance is signed by the Provider; otherwise, false.
+
+
+
+
+ The Attribute Exchange Store message, request leg.
+
+
+
+
+ The value of the 'mode' parameter.
+
+
+
+
+ The factory method that may be used in deserialization of this message.
+
+
+
+
+ The collection of provided attribute values. This field will never be null.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Called when the message is about to be transmitted,
+ before it passes through the channel binding elements.
+
+
+
+
+ Called when the message has been received,
+ after it passes through the channel binding elements.
+
+
+
+
+ Determines whether the specified is equal to the current .
+
+ The to compare with the current .
+
+ true if the specified is equal to the current ; otherwise, false.
+
+
+ The parameter is null.
+
+
+
+
+ Serves as a hash function for a particular type.
+
+
+ A hash code for the current .
+
+
+
+
+ Gets the collection of all the attributes that are included in the store request.
+
+
+
+
+ The Attribute Exchange Store message, response leg.
+
+
+
+
+ The value of the mode parameter used to express a successful store operation.
+
+
+
+
+ The value of the mode parameter used to express a store operation failure.
+
+
+
+
+ The factory method that may be used in deserialization of this message.
+
+
+
+
+ Initializes a new instance of the class
+ to represent a successful store operation.
+
+
+
+
+ Initializes a new instance of the class
+ to represent a failed store operation.
+
+ The reason for failure.
+
+
+
+ Determines whether the specified is equal to the current .
+
+ The to compare with the current .
+
+ true if the specified is equal to the current ; otherwise, false.
+
+
+ The parameter is null.
+
+
+
+
+ Serves as a hash function for a particular type.
+
+
+ A hash code for the current .
+
+
+
+
+ Checks the message state for conformity to the protocol specification
+ and throws an exception if the message is invalid.
+
+
+ Some messages have required fields, or combinations of fields that must relate to each other
+ in specialized ways. After deserializing a message, this method checks the state of the
+ message to see if it conforms to the protocol.
+ Note that this property should not check signatures or perform any state checks
+ outside this scope of this particular message.
+
+ Thrown if the message is invalid.
+
+
+
+ Gets or sets a value indicating whether the storage request succeeded.
+
+ Defaults to true.
+
+
+
+ Gets or sets the reason for the failure, if applicable.
+
+
+
+
+ Gets a value indicating whether this extension is signed by the Provider.
+
+
+ true if this instance is signed by the Provider; otherwise, false.
+
+
+
+
+ Gets or sets the mode argument.
+
+ One of 'store_response_success' or 'store_response_failure'.
+
+
+
+ Attribute types defined at http://www.axschema.org/types/.
+
+
+ If you don't see what you need here, check that URL to see if any have been added.
+ You can use new ones directly without adding them to this class, and can even make
+ up your own if you expect the other end to understand what you make up.
+
+
+
+
+ Inherent attributes about a personality such as gender and bio.
+
+
+
+ Gender, either "M" or "F"
+ "M", "F"
+
+
+ Biography (text)
+ "I am the very model of a modern Major General."
+
+
+
+ Preferences such as language and timezone.
+
+
+
+ Preferred language, as per RFC4646
+ "en-US"
+
+
+ Home time zone information (as specified in zoneinfo)
+ "America/Pacific"
+
+
+
+ The names a person goes by.
+
+
+
+ Subject's alias or "screen" name
+ "Johnny5"
+
+
+ Full name of subject
+ "John Doe"
+
+
+ Honorific prefix for the subject's name
+ "Mr.", "Mrs.", "Dr."
+
+
+ First or given name of subject
+ "John"
+
+
+ Last name or surname of subject
+ "Smith"
+
+
+ Middle name(s) of subject
+ "Robert"
+
+
+ Suffix of subject's name
+ "III", "Jr."
+
+
+
+ Business affiliation.
+
+
+
+ Company name (employer)
+ "Springfield Power"
+
+
+ Employee title
+ "Engineer"
+
+
+
+ Information about a person's birthdate.
+
+
+
+ Date of birth.
+ "1979-01-01"
+
+
+ Year of birth (four digits)
+ "1979"
+
+
+ Month of birth (1-12)
+ "05"
+
+
+ Day of birth
+ "31"
+
+
+
+ Various ways to contact a person.
+
+
+
+ Internet SMTP email address as per RFC2822
+ "jsmith@isp.example.com"
+
+
+
+ Various types of phone numbers.
+
+
+
+ Main phone number (preferred)
+ +1-800-555-1234
+
+
+ Home phone number
+ +1-800-555-1234
+
+
+ Business phone number
+ +1-800-555-1234
+
+
+ Cellular (or mobile) phone number
+ +1-800-555-1234
+
+
+ Fax number
+ +1-800-555-1234
+
+
+
+ The many fields that make up an address.
+
+
+
+ Home postal address: street number, name and apartment number
+ "#42 135 East 1st Street"
+
+
+ "#42 135 East 1st Street"
+ "Box 67"
+
+
+ Home city name
+ "Vancouver"
+
+
+ Home state or province name
+ "BC"
+
+
+ Home country code in ISO.3166.1988 (alpha 2) format
+ "CA"
+
+
+ Home postal code; region specific format
+ "V5A 4B2"
+
+
+
+ The many fields that make up an address.
+
+
+
+ Business postal address: street number, name and apartment number
+ "#42 135 East 1st Street"
+
+
+ "#42 135 East 1st Street"
+ "Box 67"
+
+
+ Business city name
+ "Vancouver"
+
+
+ Business state or province name
+ "BC"
+
+
+ Business country code in ISO.3166.1988 (alpha 2) format
+ "CA"
+
+
+ Business postal code; region specific format
+ "V5A 4B2"
+
+
+
+ Various handles for instant message clients.
+
+
+
+ AOL instant messaging service handle
+ "jsmith421234"
+
+
+ ICQ instant messaging service handle
+ "1234567"
+
+
+ MSN instant messaging service handle
+ "jsmith42@hotmail.com"
+
+
+ Yahoo! instant messaging service handle
+ "jsmith421234"
+
+
+ Jabber instant messaging service handle
+ "jsmith@jabber.example.com"
+
+
+ Skype instant messaging service handle
+ "jsmith42"
+
+
+
+ Various web addresses connected with this personality.
+
+
+
+ Web site URL
+ "http://example.com/~jsmith/"
+
+
+ Blog home page URL
+ "http://example.com/jsmith_blog/"
+
+
+ LinkedIn URL
+ "http://www.linkedin.com/pub/1/234/56"
+
+
+ Amazon URL
+ "http://www.amazon.com/gp/pdp/profile/A24DLKJ825"
+
+
+ Flickr URL
+ "http://flickr.com/photos/jsmith42/"
+
+
+ del.icio.us URL
+ "http://del.icio.us/jsmith42"
+
+
+
+ Audio and images of this personality.
+
+
+
+ Spoken name (web URL)
+ "http://example.com/~jsmith/john_smith.wav"
+
+
+ Audio greeting (web URL)
+ "http://example.com/~jsmith/i_greet_you.wav"
+
+
+ Video greeting (web URL)
+ "http://example.com/~jsmith/i_greet_you.mov"
+
+
+
+ Images of this personality.
+
+
+
+ Image (web URL); unspecified dimension
+ "http://example.com/~jsmith/image.jpg"
+
+
+ Image (web URL) with equal width and height
+ "http://example.com/~jsmith/image.jpg"
+
+
+ Image (web URL) 4:3 aspect ratio - landscape
+ "http://example.com/~jsmith/image.jpg"
+
+
+ Image (web URL) 4:3 aspect ratio - landscape
+ "http://example.com/~jsmith/image.jpg"
+
+
+ Image (web URL); favicon format as per FAVICON-W3C. The format for the image must be 16x16 pixels or 32x32 pixels, using either 8-bit or 24-bit colors. The format of the image must be one of PNG (a W3C standard), GIF, or ICO.
+ "http://example.com/~jsmith/image.jpg"
+
+
+
+ Manages the processing and construction of OpenID extensions parts.
+
+
+
+
+ This contains a set of aliases that we must be willing to implicitly
+ match to namespaces for backward compatibility with other OpenID libraries.
+
+
+
+
+ The version of OpenID that the message is using.
+
+
+
+
+ Whether extensions are being read or written.
+
+
+
+
+ The alias manager that will track Type URI to alias mappings.
+
+
+
+
+ A complex dictionary where the key is the Type URI of the extension,
+ and the value is another dictionary of the name/value args of the extension.
+
+
+
+
+ Prevents a default instance of the class from being created.
+
+
+
+
+ Creates a instance to process incoming extensions.
+
+ The parameters in the OpenID message.
+ The newly created instance of .
+
+
+
+ Creates a instance to prepare outgoing extensions.
+
+ The protocol version used for the outgoing message.
+
+ The newly created instance of .
+
+
+
+
+ Adds query parameters for OpenID extensions to the request directed
+ at the OpenID provider.
+
+ The extension type URI.
+ The arguments for this extension to add to the message.
+
+
+
+ Gets the actual arguments to add to a querystring or other response,
+ where type URI, alias, and actual key/values are all defined.
+
+
+ true if the generated parameter names should include the 'openid.' prefix.
+ This should be true for all but direct response messages.
+
+ A dictionary of key=value pairs to add to the message to carry the extension.
+
+
+
+ Gets the fields carried by a given OpenId extension.
+
+ The type URI of the extension whose fields are being queried for.
+
+ The fields included in the given extension, or null if the extension is not present.
+
+
+
+
+ Gets whether any arguments for a given extension are present.
+
+ The extension Type URI in question.
+ true if this extension is present; false otherwise.
+
+
+
+ Gets the type URIs of all discovered extensions in the message.
+
+ A sequence of the type URIs.
+
+
+
+ Gets a value indicating whether the extensions are being read (as opposed to written).
+
+
+
+
+ An interface that OpenID extensions can implement to allow authentication response
+ messages with included extensions to be processed by Javascript on the user agent.
+
+
+
+
+ Reads the extension information on an authentication response from the provider.
+
+ The incoming OpenID response carrying the extension.
+
+ A Javascript snippet that when executed on the user agent returns an object with
+ the information deserialized from the extension response.
+
+
+ This method is called before the signature on the assertion response has been
+ verified. Therefore all information in these fields should be assumed unreliable
+ and potentially falsified.
+
+
+
+
+ An extension to include with an authentication request in order to also
+ obtain authorization to access user data at the combined OpenID Provider
+ and Service Provider.
+
+
+ When requesting OpenID Authentication via the protocol mode "checkid_setup"
+ or "checkid_immediate", this extension can be used to request that the end
+ user authorize an OAuth access token at the same time as an OpenID
+ authentication. This is done by sending the following parameters as part
+ of the OpenID request. (Note that the use of "oauth" as part of the parameter
+ names here and in subsequent sections is just an example. See Section 5 for details.)
+ See section 8.
+
+
+
+
+ The factory method that may be used in deserialization of this message.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Gets or sets the consumer key agreed upon between the Consumer and Service Provider.
+
+
+
+
+ Gets or sets a string that encodes, in a way possibly specific to the Combined Provider, one or more scopes for the OAuth token expected in the authentication response.
+
+
+
+
+ The OAuth response that a Provider may include with a positive
+ OpenID identity assertion with an approved request token.
+
+
+
+
+ The factory method that may be used in deserialization of this message.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Gets or sets the user-approved request token.
+
+ The request token.
+
+
+
+ Gets or sets a string that encodes, in a way possibly specific to the Combined Provider, one or more scopes that the returned request token is valid for. This will typically indicate a subset of the scopes requested in Section 8.
+
+
+
+
+ Constants used in the OpenID OAuth extension.
+
+
+
+
+ The TypeURI for the OpenID OAuth extension.
+
+
+
+
+ The name of the parameter that carries the request token in the response.
+
+
+
+
+ The OAuth response that a Provider should include with a positive
+ OpenID identity assertion when OAuth authorization was declined.
+
+
+
+
+ The factory method that may be used in deserialization of this message.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ An OpenID extension factory that only delegates extension
+ instantiation requests to other factories.
+
+
+
+
+ The list of factories this factory delegates to.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Creates a new instance of some extension based on the received extension parameters.
+
+ The type URI of the extension.
+ The parameters associated specifically with this extension.
+ The OpenID message carrying this extension.
+ A value indicating whether this extension is being received at the OpenID Provider.
+
+ An instance of if the factory recognizes
+ the extension described in the input parameters; null otherwise.
+
+
+ This factory method need only initialize properties in the instantiated extension object
+ that are not bound using .
+
+
+
+
+ Loads the default factory and additional ones given by the configuration.
+
+ A new instance of .
+
+
+
+ Gets the extension factories that this aggregating factory delegates to.
+
+ A list of factories. May be empty, but never null.
+
+
+
+ Encodes/decodes the Simple Registration Gender type to its string representation.
+
+
+
+
+ Encodes the specified value.
+
+ The value. Guaranteed to never be null.
+
+ The in string form, ready for message transport.
+
+
+
+
+ Decodes the specified value.
+
+ The string value carried by the transport. Guaranteed to never be null, although it may be empty.
+
+ The deserialized form of the given string.
+
+ Thrown when the string value given cannot be decoded into the required object type.
+
+
+
+ An OpenID extension factory that supports registration so that third-party
+ extensions can add themselves to this library's supported extension list.
+
+
+
+
+ A collection of the registered OpenID extensions.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Creates a new instance of some extension based on the received extension parameters.
+
+ The type URI of the extension.
+ The parameters associated specifically with this extension.
+ The OpenID message carrying this extension.
+ A value indicating whether this extension is being received at the OpenID Provider.
+
+ An instance of if the factory recognizes
+ the extension described in the input parameters; null otherwise.
+
+
+ This factory method need only initialize properties in the instantiated extension object
+ that are not bound using .
+
+
+
+
+ Registers a new extension delegate.
+
+ The factory method that can create the extension.
+
+
+
+ A delegate that individual extensions may register with this factory.
+
+ The type URI of the extension.
+ The parameters associated specifically with this extension.
+ The OpenID message carrying this extension.
+ A value indicating whether this extension is being received at the OpenID Provider.
+
+ An instance of if the factory recognizes
+ the extension described in the input parameters; null otherwise.
+
+
+
+
+ Well-known authentication policies defined in the PAPE extension spec or by a recognized
+ standards body.
+
+
+ This is a class of constants rather than a flags enum because policies may be
+ freely defined and used by anyone, just by using a new Uri.
+
+
+
+
+ An authentication mechanism where the End User does not provide a shared secret to a party potentially under the control of the Relying Party. (Note that the potentially malicious Relying Party controls where the User-Agent is redirected to and thus may not send it to the End User's actual OpenID Provider).
+
+
+
+
+ An authentication mechanism where the End User authenticates to the OpenID Provider by providing over one authentication factor. Common authentication factors are something you know, something you have, and something you are. An example would be authentication using a password and a software token or digital certificate.
+
+
+
+
+ An authentication mechanism where the End User authenticates to the OpenID Provider by providing over one authentication factor where at least one of the factors is a physical factor such as a hardware device or biometric. Common authentication factors are something you know, something you have, and something you are. This policy also implies the Multi-Factor Authentication policy (http://schemas.openid.net/pape/policies/2007/06/multi-factor) and both policies MAY BE specified in conjunction without conflict. An example would be authentication using a password and a hardware token.
+
+
+
+
+ Indicates that the Provider MUST use a pair-wise pseudonym for the user that is persistent
+ and unique across the requesting realm as the openid.claimed_id and openid.identity (see Section 4.2).
+
+
+
+
+ Indicates that the OP MUST only respond with a positive assertion if the requirements demonstrated
+ by the OP to obtain certification by a Federally adopted Trust Framework Provider have been met.
+
+
+ Notwithstanding the RP may request this authentication policy, the RP MUST still
+ verify that this policy appears in the positive assertion response rather than assume the OP
+ recognized and complied with the request.
+
+
+
+
+ Indicates that the OP MUST not include any OpenID Attribute Exchange or Simple Registration
+ information regarding the user in the assertion.
+
+
+
+
+ Used in a PAPE response to indicate that no PAPE authentication policies could be satisfied.
+
+
+ Used internally by the PAPE extension, so that users don't have to know about it.
+
+
+
+
+ OpenID Provider Authentication Policy extension constants.
+
+
+
+
+ The namespace used by this extension in messages.
+
+
+
+
+ The namespace alias to use for OpenID 1.x interop, where aliases are not defined in the message.
+
+
+
+
+ The string to prepend on an Auth Level Type alias definition.
+
+
+
+
+ Well-known assurance level Type URIs.
+
+
+
+
+ The Type URI of the NIST assurance level.
+
+
+
+
+ A mapping between the PAPE TypeURI and the alias to use if
+ possible for backward compatibility reasons.
+
+
+
+
+ Parameters to be included with PAPE requests.
+
+
+
+
+ Optional. If the End User has not actively authenticated to the OP within the number of seconds specified in a manner fitting the requested policies, the OP SHOULD authenticate the End User for this request.
+
+ Integer value greater than or equal to zero in seconds.
+
+ The OP should realize that not adhering to the request for re-authentication most likely means that the End User will not be allowed access to the services provided by the RP. If this parameter is absent in the request, the OP should authenticate the user at its own discretion.
+
+
+
+
+ Zero or more authentication policy URIs that the OP SHOULD conform to when authenticating the user. If multiple policies are requested, the OP SHOULD satisfy as many as it can.
+
+ Space separated list of authentication policy URIs.
+
+ If no policies are requested, the RP may be interested in other information such as the authentication age.
+
+
+
+
+ The space separated list of the name spaces of the custom Assurance Level that RP requests, in the order of its preference.
+
+
+
+
+ An encoder/decoder design for DateTimes that must conform to the PAPE spec.
+
+
+ The timestamp MUST be formatted as specified in section 5.6 of [RFC3339] (Klyne, G. and C. Newman, “Date and Time on the Internet: Timestamps,” .), with the following restrictions:
+ * All times must be in the UTC timezone, indicated with a "Z".
+ * No fractional seconds are allowed
+ For example: 2005-05-15T17:11:51Z
+
+
+
+
+ An array of the date/time formats allowed by the PAPE extension.
+
+
+ TODO: This array of formats is not yet a complete list.
+
+
+
+
+ Encodes the specified value.
+
+ The value. Guaranteed to never be null.
+
+ The in string form, ready for message transport.
+
+
+
+
+ Decodes the specified value.
+
+ The string value carried by the transport. Guaranteed to never be null, although it may be empty.
+
+ The deserialized form of the given string.
+
+ Thrown when the string value given cannot be decoded into the required object type.
+
+
+
+ Descriptions for NIST-defined levels of assurance that a credential
+ has not been compromised and therefore the extent to which an
+ authentication assertion can be trusted.
+
+
+ One using this enum should review the following publication for details
+ before asserting or interpreting what these levels signify, notwithstanding
+ the brief summaries attached to each level in DotNetOpenAuth documentation.
+ http://csrc.nist.gov/publications/nistpubs/800-63/SP800-63V1_0_2.pdf
+
+ See PAPE spec Appendix A.1.2 (NIST Assurance Levels) for high-level example classifications of authentication methods within the defined levels.
+
+
+
+
+
+ Not an assurance level defined by NIST, but rather SHOULD be used to
+ signify that the OP recognizes the parameter and the End User
+ authentication did not meet the requirements of Level 1.
+
+
+
+
+ See this document for a thorough description:
+ http://csrc.nist.gov/publications/nistpubs/800-63/SP800-63V1_0_2.pdf
+
+
+
+
+ See this document for a thorough description:
+ http://csrc.nist.gov/publications/nistpubs/800-63/SP800-63V1_0_2.pdf
+
+
+
+
+ See this document for a thorough description:
+ http://csrc.nist.gov/publications/nistpubs/800-63/SP800-63V1_0_2.pdf
+
+
+
+
+ See this document for a thorough description:
+ http://csrc.nist.gov/publications/nistpubs/800-63/SP800-63V1_0_2.pdf
+
+
+
+
+ Utility methods for use by the PAPE extension.
+
+
+
+
+ Looks at the incoming fields and figures out what the aliases and name spaces for auth level types are.
+
+ The incoming message data in which to discover TypeURIs and aliases.
+ The initialized with the given data.
+
+
+
+ Concatenates a sequence of strings using a space as a separator.
+
+ The elements to concatenate together..
+ The concatenated string of elements.
+ Thrown if any element in the sequence includes a space.
+
+
+
+ The PAPE request part of an OpenID Authentication request message.
+
+
+
+
+ The factory method that may be used in deserialization of this message.
+
+
+
+
+ The transport field for the RP's preferred authentication policies.
+
+
+ This field is written to/read from during custom serialization.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Called when the message is about to be transmitted,
+ before it passes through the channel binding elements.
+
+
+
+
+ Called when the message has been received,
+ after it passes through the channel binding elements.
+
+
+
+
+ Determines whether the specified is equal to the current .
+
+ The to compare with the current .
+
+ true if the specified is equal to the current ; otherwise, false.
+
+
+ The parameter is null.
+
+
+
+
+ Serves as a hash function for a particular type.
+
+
+ A hash code for the current .
+
+
+
+
+ Serializes the policies as a single string per the PAPE spec..
+
+ The policies to include in the list.
+ The concatenated string of the given policies.
+
+
+
+ Serializes the auth levels to a list of aliases.
+
+ The preferred auth level types.
+ The alias manager.
+ A space-delimited list of aliases.
+
+
+
+ Gets or sets the maximum acceptable time since the End User has
+ actively authenticated to the OP in a manner fitting the requested
+ policies, beyond which the Provider SHOULD authenticate the
+ End User for this request.
+
+
+ The OP should realize that not adhering to the request for re-authentication
+ most likely means that the End User will not be allowed access to the
+ services provided by the RP. If this parameter is absent in the request,
+ the OP should authenticate the user at its own discretion.
+
+
+
+
+ Gets the list of authentication policy URIs that the OP SHOULD
+ conform to when authenticating the user. If multiple policies are
+ requested, the OP SHOULD satisfy as many as it can.
+
+ List of authentication policy URIs obtainable from
+ the class or from a custom
+ list.
+
+ If no policies are requested, the RP may be interested in other
+ information such as the authentication age.
+
+
+
+
+ Gets the namespaces of the custom Assurance Level the
+ Relying Party requests, in the order of its preference.
+
+
+
+
+ The PAPE response part of an OpenID Authentication response message.
+
+
+
+
+ The first part of a parameter name that gives the custom string value for
+ the assurance level. The second part of the parameter name is the alias for
+ that assurance level.
+
+
+
+
+ The factory method that may be used in deserialization of this message.
+
+
+
+
+ One or more authentication policy URIs that the OP conformed to when authenticating the End User.
+
+ Space separated list of authentication policy URIs.
+
+ If no policies were met though the OP wishes to convey other information in the response, this parameter MUST be included with the value of "none".
+
+
+
+
+ Backing field for the property.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Called when the message is about to be transmitted,
+ before it passes through the channel binding elements.
+
+
+
+
+ Called when the message has been received,
+ after it passes through the channel binding elements.
+
+
+
+
+ Determines whether the specified is equal to the current .
+
+ The to compare with the current .
+
+ true if the specified is equal to the current ; otherwise, false.
+
+
+ The parameter is null.
+
+
+
+
+ Serves as a hash function for a particular type.
+
+
+ A hash code for the current .
+
+
+
+
+ Serializes the applied policies for transmission from the Provider
+ to the Relying Party.
+
+ The applied policies.
+ A space-delimited list of applied policies.
+
+
+
+ Gets a list of authentication policy URIs that the
+ OP conformed to when authenticating the End User.
+
+
+
+
+ Gets or sets the most recent timestamp when the End User has
+ actively authenticated to the OP in a manner fitting the asserted policies.
+
+
+ If the RP's request included the "openid.pape.max_auth_age" parameter
+ then the OP MUST include "openid.pape.auth_time" in its response.
+ If "openid.pape.max_auth_age" was not requested, the OP MAY choose to include
+ "openid.pape.auth_time" in its response.
+
+
+
+
+ Gets or sets the Assurance Level as defined by the National
+ Institute of Standards and Technology (NIST) in Special Publication
+ 800-63 (Burr, W., Dodson, D., and W. Polk, Ed., “Electronic
+ Authentication Guideline,” April 2006.) [NIST_SP800‑63] corresponding
+ to the authentication method and policies employed by the OP when
+ authenticating the End User.
+
+
+ See PAPE spec Appendix A.1.2 (NIST Assurance Levels) for high-level
+ example classifications of authentication methods within the defined
+ levels.
+
+
+
+
+ Gets a dictionary where keys are the authentication level type URIs and
+ the values are the per authentication level defined custom value.
+
+
+ A very common key is
+ and values for this key are available in .
+
+
+
+
+ Gets a value indicating whether this extension is signed by the Provider.
+
+
+ true if this instance is signed by the Provider; otherwise, false.
+
+
+
+
+ Carries the request/require/none demand state of the simple registration fields.
+
+
+
+
+ The factory method that may be used in deserialization of this message.
+
+
+
+
+ The type URI that this particular (deserialized) extension was read in using,
+ allowing a response to alter be crafted using the same type URI.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Initializes a new instance of the class
+ by deserializing from a message.
+
+ The type URI this extension was recognized by in the OpenID message.
+
+
+
+ Tests equality between two structs.
+
+ One instance to compare.
+ Another instance to compare.
+ The result of the operator.
+
+
+
+ Tests inequality between two structs.
+
+ One instance to compare.
+ Another instance to compare.
+ The result of the operator.
+
+
+
+ Tests equality between two structs.
+
+ The to compare with the current .
+
+ true if the specified is equal to the current ; otherwise, false.
+
+
+ The parameter is null.
+
+
+
+
+ Serves as a hash function for a particular type.
+
+
+ A hash code for the current .
+
+
+
+
+ Renders the requested information as a string.
+
+
+ A that represents the current .
+
+
+
+
+ Prepares a Simple Registration response extension that is compatible with the
+ version of Simple Registration used in the request message.
+
+ The newly created instance.
+
+
+
+ Sets the profile request properties according to a list of
+ field names that might have been passed in the OpenId query dictionary.
+
+
+ The list of field names that should receive a given
+ . These field names should match
+ the OpenId specification for field names, omitting the 'openid.sreg' prefix.
+
+ The none/request/require state of the listed fields.
+
+
+
+ Assembles the profile parameter names that have a given .
+
+ The demand level (request, require, none).
+ An array of the profile parameter names that meet the criteria.
+
+
+
+ Gets or sets the URL the consumer site provides for the authenticating user to review
+ for how his claims will be used by the consumer web site.
+
+
+
+
+ Gets or sets the level of interest a relying party has in the nickname of the user.
+
+
+
+
+ Gets or sets the level of interest a relying party has in the email of the user.
+
+
+
+
+ Gets or sets the level of interest a relying party has in the full name of the user.
+
+
+
+
+ Gets or sets the level of interest a relying party has in the birthdate of the user.
+
+
+
+
+ Gets or sets the level of interest a relying party has in the gender of the user.
+
+
+
+
+ Gets or sets the level of interest a relying party has in the postal code of the user.
+
+
+
+
+ Gets or sets the level of interest a relying party has in the Country of the user.
+
+
+
+
+ Gets or sets the level of interest a relying party has in the language of the user.
+
+
+
+
+ Gets or sets the level of interest a relying party has in the time zone of the user.
+
+
+
+
+ Gets or sets a value indicating whether this instance
+ is synthesized from an AX request at the Provider.
+
+
+
+
+ Gets or sets the value of the sreg.required parameter.
+
+ A comma-delimited list of sreg fields.
+
+
+
+ Gets or sets the value of the sreg.optional parameter.
+
+ A comma-delimited list of sreg fields.
+
+
+
+ A struct storing Simple Registration field values describing an
+ authenticating user.
+
+
+
+
+ The factory method that may be used in deserialization of this message.
+
+
+
+
+ The allowed format for birthdates.
+
+
+
+
+ Storage for the raw string birthdate value.
+
+
+
+
+ Backing field for the property.
+
+
+
+
+ Backing field for the property.
+
+
+
+
+ Initializes a new instance of the class
+ using the most common, and spec prescribed type URI.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+ The type URI that must be used to identify this extension in the response message.
+ This value should be the same one the relying party used to send the extension request.
+ Commonly used type URIs supported by relying parties are defined in the
+ class.
+
+
+
+
+ Tests equality of two objects.
+
+ One instance to compare.
+ Another instance to compare.
+ The result of the operator.
+
+
+
+ Tests inequality of two objects.
+
+ One instance to compare.
+ Another instance to compare.
+ The result of the operator.
+
+
+
+ Tests equality of two objects.
+
+ The to compare with the current .
+
+ true if the specified is equal to the current ; otherwise, false.
+
+
+ The parameter is null.
+
+
+
+
+ Serves as a hash function for a particular type.
+
+
+ A hash code for the current .
+
+
+
+
+ Reads the extension information on an authentication response from the provider.
+
+ The incoming OpenID response carrying the extension.
+
+ A Javascript snippet that when executed on the user agent returns an object with
+ the information deserialized from the extension response.
+
+
+ This method is called before the signature on the assertion response has been
+ verified. Therefore all information in these fields should be assumed unreliable
+ and potentially falsified.
+
+
+
+
+ Called when the message is about to be transmitted,
+ before it passes through the channel binding elements.
+
+
+
+
+ Called when the message has been received,
+ after it passes through the channel binding elements.
+
+
+
+
+ Translates an empty string value to null, or passes through non-empty values.
+
+ The value to consider changing to null.
+ Either null or a non-empty string.
+
+
+
+ Gets or sets the nickname the user goes by.
+
+
+
+
+ Gets or sets the user's email address.
+
+
+
+
+ Gets or sets the full name of a user as a single string.
+
+
+
+
+ Gets or sets the user's birthdate.
+
+
+
+
+ Gets or sets the raw birth date string given by the extension.
+
+ A string in the format yyyy-MM-dd.
+
+
+
+ Gets or sets the gender of the user.
+
+
+
+
+ Gets or sets the zip code / postal code of the user.
+
+
+
+
+ Gets or sets the country of the user.
+
+
+
+
+ Gets or sets the primary/preferred language of the user.
+
+
+
+
+ Gets or sets the user's timezone.
+
+
+
+
+ Gets a combination of the user's full name and email address.
+
+
+
+
+ Gets or sets a combination of the language and country of the user.
+
+
+
+
+ Gets a value indicating whether this extension is signed by the Provider.
+
+
+ true if this instance is signed by the Provider; otherwise, false.
+
+
+
+
+ Simple Registration constants
+
+
+
+
+ Additional type URIs that this extension is sometimes known by remote parties.
+
+
+
+
+ Commonly used type URIs to represent the Simple Registration extension.
+
+
+
+
+ The URI "http://openid.net/extensions/sreg/1.1".
+
+
+ This is the type URI prescribed by the Simple Registration 1.1 spec.
+ http://openid.net/specs/openid-simple-registration-extension-1_1-01.html#anchor3
+
+
+
+
+ The URI "http://openid.net/sreg/1.0"
+
+
+
+
+ The URI "http://openid.net/sreg/1.1"
+
+
+
+
+ Specifies what level of interest a relying party has in obtaining the value
+ of a given field offered by the Simple Registration extension.
+
+
+
+
+ The relying party has no interest in obtaining this field.
+
+
+
+
+ The relying party would like the value of this field, but wants
+ the Provider to display the field to the user as optionally provided.
+
+
+
+
+ The relying party considers this a required field as part of
+ authentication. The Provider and/or user agent MAY still choose to
+ not provide the value of the field however, according to the
+ Simple Registration extension specification.
+
+
+
+
+ Indicates the gender of a user.
+
+
+
+
+ The user is male.
+
+
+
+
+ The user is female.
+
+
+
+
+ Constants used to support the UI extension.
+
+
+
+
+ The type URI associated with this extension.
+
+
+
+
+ The Type URI that appears in an XRDS document when the OP supports popups through the UI extension.
+
+
+
+
+ The Type URI that appears in an XRDS document when the OP supports the RP
+ specifying the user's preferred language through the UI extension.
+
+
+
+
+ The Type URI that appears in the XRDS document when the OP supports the RP
+ specifying the icon for the OP to display during authentication through the UI extension.
+
+
+
+
+ Valid values for the mode parameter of the OpenID User Interface extension.
+
+
+
+
+ Indicates that the Provider's authentication page appears in a popup window.
+
+ The constant "popup".
+
+ The RP SHOULD create the popup to be 450 pixels wide and 500 pixels tall. The popup MUST have the address bar displayed, and MUST be in a standalone browser window. The contents of the popup MUST NOT be framed by the RP.
+ The RP SHOULD open the popup centered above the main browser window, and SHOULD dim the contents of the parent window while the popup is active. The RP SHOULD ensure that the user is not surprised by the appearance of the popup, and understands how to interact with it.
+ To keep the user popup user experience consistent, it is RECOMMENDED that the OP does not resize the popup window unless the OP requires additional space to show special features that are not usually displayed as part of the default popup user experience.
+ The OP MAY close the popup without returning a response to the RP. Closing the popup without sending a response should be interpreted as a negative assertion.
+ The response to an authentication request in a popup is unchanged from [OpenID 2.0] (OpenID 2.0 Workgroup, “OpenID 2.0,” .). Relying Parties detecting that the popup was closed without receiving an authentication response SHOULD interpret the close event to be a negative assertion.
+
+
+
+
+ OpenID User Interface extension 1.0 request message.
+
+
+ Implements the extension described by: http://wiki.openid.net/f/openid_ui_extension_draft01.html
+ This extension only applies to checkid_setup requests, since checkid_immediate requests display
+ no UI to the user.
+ For rules about how the popup window should be displayed, please see the documentation of
+ .
+ An RP may determine whether an arbitrary OP supports this extension (and thereby determine
+ whether to use a standard full window redirect or a popup) via the
+ method.
+
+
+
+
+ The factory method that may be used in deserialization of this message.
+
+
+
+
+ Additional type URIs that this extension is sometimes known by remote parties.
+
+
+
+
+ Backing store for .
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Checks the message state for conformity to the protocol specification
+ and throws an exception if the message is invalid.
+
+
+ Some messages have required fields, or combinations of fields that must relate to each other
+ in specialized ways. After deserializing a message, this method checks the state of the
+ message to see if it conforms to the protocol.
+ Note that this property should not check signatures or perform any state checks
+ outside this scope of this particular message.
+
+ Thrown if the message is invalid.
+
+
+
+ Called when the message is about to be transmitted,
+ before it passes through the channel binding elements.
+
+
+
+
+ Called when the message has been received,
+ after it passes through the channel binding elements.
+
+
+
+
+ Gets or sets the list of user's preferred languages, sorted in decreasing preferred order.
+
+ The default is the of the thread that created this instance.
+
+ The user's preferred languages as a [BCP 47] language priority list, represented as a comma-separated list of BCP 47 basic language ranges in descending priority order. For instance, the value "fr-CA,fr-FR,en-CA" represents the preference for French spoken in Canada, French spoken in France, followed by English spoken in Canada.
+
+
+
+
+ Gets or sets the style of UI that the RP is hosting the OP's authentication page in.
+
+ Some value from the class. Defaults to .
+
+
+
+ Gets or sets a value indicating whether the Relying Party has an icon
+ it would like the Provider to display to the user while asking them
+ whether they would like to log in.
+
+ true if the Provider should display an icon; otherwise, false.
+
+ By default, the Provider displays the relying party's favicon.ico.
+
+
+
+
+ Gets the TypeURI the extension uses in the OpenID protocol and in XRDS advertisements.
+
+
+
+
+
+ Gets the additional TypeURIs that are supported by this extension, in preferred order.
+ May be empty if none other than is supported, but
+ should not be null.
+
+
+ Useful for reading in messages with an older version of an extension.
+ The value in the property is always checked before
+ trying this list.
+ If you do support multiple versions of an extension using this method,
+ consider adding a CreateResponse method to your request extension class
+ so that the response can have the context it needs to remain compatible
+ given the version of the extension in the request message.
+ The for an example.
+
+
+
+
+ Gets or sets a value indicating whether this extension was
+ signed by the sender.
+
+
+ true if this instance is signed by the sender; otherwise, false.
+
+
+
+
+ Gets the version of the protocol or extension this message is prepared to implement.
+
+ The value 1.0.
+
+ Implementations of this interface should ensure that this property never returns null.
+
+
+
+
+ Gets the extra, non-standard Protocol parameters included in the message.
+
+
+ Implementations of this interface should ensure that this property never returns null.
+
+
+
+
+ Constants used in implementing support for the UI extension.
+
+
+
+
+ The required width of the popup window the relying party creates for the provider.
+
+
+
+
+ The required height of the popup window the relying party creates for the provider.
+
+
+
+
+ An Identifier is either a "http" or "https" URI, or an XRI.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The original string before any normalization.
+ Whether the derived class is prepared to guarantee end-to-end discovery
+ and initial redirect for authentication is performed using SSL.
+
+
+
+ Converts the string representation of an Identifier to its strong type.
+
+ The identifier.
+ The particular Identifier instance to represent the value given.
+
+
+
+ Converts a given Uri to a strongly-typed Identifier.
+
+ The identifier to convert.
+ The result of the conversion.
+
+
+
+ Converts an Identifier to its string representation.
+
+ The identifier to convert to a string.
+ The result of the conversion.
+
+
+
+ Parses an identifier string and automatically determines
+ whether it is an XRI or URI.
+
+ Either a URI or XRI identifier.
+ An instance for the given value.
+
+
+
+ Parses an identifier string and automatically determines
+ whether it is an XRI or URI.
+
+ Either a URI or XRI identifier.
+ if set to true this Identifier will serialize exactly as given rather than in its normalized form.
+
+ An instance for the given value.
+
+
+
+
+ Attempts to parse a string for an OpenId Identifier.
+
+ The string to be parsed.
+ The parsed Identifier form.
+
+ True if the operation was successful. False if the string was not a valid OpenId Identifier.
+
+
+
+
+ Checks the validity of a given string representation of some Identifier.
+
+ The identifier.
+
+ true if the specified identifier is valid; otherwise, false.
+
+
+
+
+ Tests equality between two s.
+
+ The first Identifier.
+ The second Identifier.
+
+ true if the two instances should be considered equal; false otherwise.
+
+
+
+
+ Tests inequality between two s.
+
+ The first Identifier.
+ The second Identifier.
+
+ true if the two instances should be considered unequal; false if they are equal.
+
+
+
+
+ Tests equality between two s.
+
+ The to compare with the current .
+
+ true if the specified is equal to the current ; otherwise, false.
+
+
+ The parameter is null.
+
+
+
+
+ Gets the hash code for an for storage in a hashtable.
+
+
+ A hash code for the current .
+
+
+
+
+ Reparses the specified identifier in order to be assured that the concrete type that
+ implements the identifier is one of the well-known ones.
+
+ The identifier.
+ Either or .
+
+
+
+ Returns an that has no URI fragment.
+ Quietly returns the original if it is not
+ a or no fragment exists.
+
+ A new instance if there was a
+ fragment to remove, otherwise this same instance..
+
+
+
+ Converts a given identifier to its secure equivalent.
+ UriIdentifiers originally created with an implied HTTP scheme change to HTTPS.
+ Discovery is made to require SSL for the entire resolution process.
+
+
+ The newly created secure identifier.
+ If the conversion fails, retains
+ this identifiers identity, but will never discover any endpoints.
+
+
+ True if the secure conversion was successful.
+ False if the Identifier was originally created with an explicit HTTP scheme.
+
+
+
+
+ Gets the original string that was normalized to create this Identifier.
+
+
+
+
+ Gets the Identifier in the form in which it should be serialized.
+
+
+ For Identifiers that were originally deserialized, this is the exact same
+ string that was deserialized. For Identifiers instantiated in some other way, this is
+ the normalized form of the string used to instantiate the identifier.
+
+
+
+
+ Gets or sets a value indicating whether instances are considered equal
+ based solely on their string reprsentations.
+
+
+ This property serves as a test hook, so that MockIdentifier instances can be considered "equal"
+ to UriIdentifier instances.
+
+
+
+
+ Gets a value indicating whether this Identifier will ensure SSL is
+ used throughout the discovery phase and initial redirect of authentication.
+
+
+ If this is false, a value of true may be obtained by calling
+ .
+
+
+
+
+ Gets a value indicating whether this instance was initialized from
+ deserializing a message.
+
+
+ This is interesting because when an Identifier comes from the network,
+ we can't normalize it and then expect signatures to still verify.
+ But if the Identifier is initialized locally, we can and should normalize it
+ before serializing it.
+
+
+
+
+ Provides conversions to and from strings for messages that include members of this type.
+
+
+
+
+ Encodes the specified value as the original value that was formerly decoded.
+
+ The value. Guaranteed to never be null.
+ The in string form, ready for message transport.
+
+
+
+ Encodes the specified value.
+
+ The value. Guaranteed to never be null.
+ The in string form, ready for message transport.
+
+
+
+ Decodes the specified value.
+
+ The string value carried by the transport. Guaranteed to never be null, although it may be empty.
+ The deserialized form of the given string.
+ Thrown when the string value given cannot be decoded into the required object type.
+
+
+
+ Code Contract for the class.
+
+
+
+
+ Prevents a default instance of the IdentifierContract class from being created.
+
+
+
+
+ Returns an that has no URI fragment.
+ Quietly returns the original if it is not
+ a or no fragment exists.
+
+
+ A new instance if there was a
+ fragment to remove, otherwise this same instance..
+
+
+
+
+ Converts a given identifier to its secure equivalent.
+ UriIdentifiers originally created with an implied HTTP scheme change to HTTPS.
+ Discovery is made to require SSL for the entire resolution process.
+
+ The newly created secure identifier.
+ If the conversion fails, retains
+ this identifiers identity, but will never discover any endpoints.
+
+ True if the secure conversion was successful.
+ False if the Identifier was originally created with an explicit HTTP scheme.
+
+
+
+
+ A set of methods designed to assist in improving interop across different
+ OpenID implementations and their extensions.
+
+
+
+
+ The gender decoder to translate AX genders to Sreg.
+
+
+
+
+ Splits the AX attribute format flags into individual values for processing.
+
+ The formats to split up into individual flags.
+ A sequence of individual flags.
+
+
+
+ Transforms an AX attribute type URI from the axschema.org format into a given format.
+
+ The ax schema org format type URI.
+ The target format. Only one flag should be set.
+ The AX attribute type URI in the target format.
+
+
+
+ Detects the AX attribute type URI format from a given sample.
+
+ The type URIs to scan for recognized formats.
+ The first AX type URI format recognized in the list.
+
+
+
+ Adds an attribute fetch request if it is not already present in the AX request.
+
+ The AX request to add the attribute request to.
+ The format of the attribute's Type URI to use.
+ The attribute in axschema.org format.
+ The demand level.
+
+
+
+ Gets the gender decoder to translate AX genders to Sreg.
+
+
+
+
+ Represents a single OP endpoint from discovery on some OpenID Identifier.
+
+
+
+
+ Information published about an OpenId Provider by the
+ OpenId discovery documents found at a user's Claimed Identifier.
+
+
+ Because information provided by this interface is suppplied by a
+ user's individually published documents, it may be incomplete or inaccurate.
+
+
+
+
+ Checks whether the OpenId Identifier claims support for a given extension.
+
+ The extension whose support is being queried.
+ True if support for the extension is advertised. False otherwise.
+
+ Note that a true or false return value is no guarantee of a Provider's
+ support for or lack of support for an extension. The return value is
+ determined by how the authenticating user filled out his/her XRDS document only.
+ The only way to be sure of support for a given extension is to include
+ the extension in the request and see if a response comes back for that extension.
+
+
+
+
+ Checks whether the OpenId Identifier claims support for a given extension.
+
+ The extension whose support is being queried.
+ True if support for the extension is advertised. False otherwise.
+
+ Note that a true or false return value is no guarantee of a Provider's
+ support for or lack of support for an extension. The return value is
+ determined by how the authenticating user filled out his/her XRDS document only.
+ The only way to be sure of support for a given extension is to include
+ the extension in the request and see if a response comes back for that extension.
+
+
+
+
+ Gets the detected version of OpenID implemented by the Provider.
+
+
+
+
+ Gets the URL that the OpenID Provider receives authentication requests at.
+
+
+ This value MUST be an absolute HTTP or HTTPS URL.
+
+
+
+
+ Backing field for the property.
+
+
+
+
+ Backing field for the property.
+
+
+
+
+ Backing field for the property.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The provider endpoint.
+ The Claimed Identifier.
+ The User-supplied Identifier.
+ The Provider Local Identifier.
+ The service priority.
+ The URI priority.
+
+
+
+ Implements the operator ==.
+
+ The first service endpoint.
+ The second service endpoint.
+ The result of the operator.
+
+
+
+ Implements the operator !=.
+
+ The first service endpoint.
+ The second service endpoint.
+ The result of the operator.
+
+
+
+ Determines whether the specified is equal to the current .
+
+ The to compare with the current .
+
+ true if the specified is equal to the current ; otherwise, false.
+
+
+ The parameter is null.
+
+
+
+
+ Serves as a hash function for a particular type.
+
+
+ A hash code for the current .
+
+
+
+
+ Returns a that represents the current .
+
+
+ A that represents the current .
+
+
+
+
+ Checks whether the OpenId Identifier claims support for a given extension.
+
+ The extension whose support is being queried.
+
+ True if support for the extension is advertised. False otherwise.
+
+
+ Note that a true or false return value is no guarantee of a Provider's
+ support for or lack of support for an extension. The return value is
+ determined by how the authenticating user filled out his/her XRDS document only.
+ The only way to be sure of support for a given extension is to include
+ the extension in the request and see if a response comes back for that extension.
+
+
+
+
+ Checks whether the OpenId Identifier claims support for a given extension.
+
+ The extension whose support is being queried.
+
+ True if support for the extension is advertised. False otherwise.
+
+
+ Note that a true or false return value is no guarantee of a Provider's
+ support for or lack of support for an extension. The return value is
+ determined by how the authenticating user filled out his/her XRDS document only.
+ The only way to be sure of support for a given extension is to include
+ the extension in the request and see if a response comes back for that extension.
+
+
+
+
+ Determines whether a given extension is supported by this endpoint.
+
+ An instance of the extension to check support for.
+
+ true if the extension is supported by this endpoint; otherwise, false.
+
+
+
+
+ Creates a instance to represent some OP Identifier.
+
+ The provider identifier (actually the user-supplied identifier).
+ The provider endpoint.
+ The service priority.
+ The URI priority.
+ The created instance
+
+
+
+ Creates a instance to represent some Claimed Identifier.
+
+ The claimed identifier.
+ The provider local identifier.
+ The provider endpoint.
+ The service priority.
+ The URI priority.
+ The created instance
+
+
+
+ Creates a instance to represent some Claimed Identifier.
+
+ The claimed identifier.
+ The user supplied identifier.
+ The provider local identifier.
+ The provider endpoint.
+ The service priority.
+ The URI priority.
+ The created instance
+
+
+
+ Determines whether a given type URI is present on the specified provider endpoint.
+
+ The type URI.
+
+ true if the type URI is present on the specified provider endpoint; otherwise, false.
+
+
+
+
+ Sets the Capabilities property (this method is a test hook.)
+
+ The value.
+ The publicize.exe tool should work for the unit tests, but for some reason it fails on the build server.
+
+
+
+ Gets the priority rating for a given type of endpoint, allowing a
+ priority sorting of endpoints.
+
+ The endpoint to prioritize.
+ An arbitary integer, which may be used for sorting against other returned values from this method.
+
+
+
+ Gets the detected version of OpenID implemented by the Provider.
+
+
+
+
+ Gets the Identifier that was presented by the end user to the Relying Party,
+ or selected by the user at the OpenID Provider.
+ During the initiation phase of the protocol, an end user may enter
+ either their own Identifier or an OP Identifier. If an OP Identifier
+ is used, the OP may then assist the end user in selecting an Identifier
+ to share with the Relying Party.
+
+
+
+
+ Gets the Identifier that the end user claims to control.
+
+
+
+
+ Gets an alternate Identifier for an end user that is local to a
+ particular OP and thus not necessarily under the end user's
+ control.
+
+
+
+
+ Gets a more user-friendly (but NON-secure!) string to display to the user as his identifier.
+
+ A human-readable, abbreviated (but not secure) identifier the user MAY recognize as his own.
+
+
+
+ Gets the provider endpoint.
+
+
+
+
+ Gets the @priority given in the XRDS document for this specific OP endpoint.
+
+
+
+
+ Gets the @priority given in the XRDS document for this service
+ (which may consist of several endpoints).
+
+
+
+
+ Gets the collection of service type URIs found in the XRDS document describing this Provider.
+
+ Should never be null, but may be empty.
+
+
+
+ Gets the URL that the OpenID Provider receives authentication requests at.
+
+ This value MUST be an absolute HTTP or HTTPS URL.
+
+
+
+ Gets an XRDS sorting routine that uses the XRDS Service/@Priority
+ attribute to determine order.
+
+
+ Endpoints lacking any priority value are sorted to the end of the list.
+
+
+
+
+ Gets the protocol used by the OpenID Provider.
+
+
+
+
+ A module that provides discovery services for OpenID identifiers.
+
+
+
+
+ Performs discovery on the specified identifier.
+
+ The identifier to perform discovery on.
+ The means to place outgoing HTTP requests.
+ if set to true, no further discovery services will be called for this identifier.
+
+ A sequence of service endpoints yielded by discovery. Must not be null, but may be empty.
+
+
+
+
+ Code contract for the interface.
+
+
+
+
+ Prevents a default instance of the class from being created.
+
+
+
+
+ Performs discovery on the specified identifier.
+
+ The identifier to perform discovery on.
+ The means to place outgoing HTTP requests.
+ if set to true, no further discovery services will be called for this identifier.
+
+ A sequence of service endpoints yielded by discovery. Must not be null, but may be empty.
+
+
+
+
+ A service that can perform discovery on OpenID identifiers.
+
+
+
+
+ The RP or OP that is hosting these services.
+
+
+
+
+ Backing field for the property.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The RP or OP that creates this instance.
+
+
+
+ Performs discovery on the specified identifier.
+
+ The identifier to discover services for.
+ A non-null sequence of services discovered for the identifier.
+
+
+
+ Gets the list of services that can perform discovery on identifiers given.
+
+
+
+
+ An interface implemented by both providers and relying parties.
+
+
+
+
+ Gets the security settings.
+
+
+
+
+ Gets the web request handler.
+
+
+
+
+ Code contract for the type.
+
+
+
+
+ Prevents a default instance of the class from being created.
+
+
+
+
+ Checks whether the OpenId Identifier claims support for a given extension.
+
+ The extension whose support is being queried.
+
+ True if support for the extension is advertised. False otherwise.
+
+
+ Note that a true or false return value is no guarantee of a Provider's
+ support for or lack of support for an extension. The return value is
+ determined by how the authenticating user filled out his/her XRDS document only.
+ The only way to be sure of support for a given extension is to include
+ the extension in the request and see if a response comes back for that extension.
+
+
+
+
+ Checks whether the OpenId Identifier claims support for a given extension.
+
+ The extension whose support is being queried.
+
+ True if support for the extension is advertised. False otherwise.
+
+
+ Note that a true or false return value is no guarantee of a Provider's
+ support for or lack of support for an extension. The return value is
+ determined by how the authenticating user filled out his/her XRDS document only.
+ The only way to be sure of support for a given extension is to include
+ the extension in the request and see if a response comes back for that extension.
+
+
+
+
+ Gets the detected version of OpenID implemented by the Provider.
+
+
+
+
+ Gets the URL that the OpenID Provider receives authentication requests at.
+
+
+
+
+ Instances of this interface represent incoming authentication requests.
+ This interface provides the details of the request and allows setting
+ the response.
+
+
+
+
+ Interface exposing incoming messages to the OpenID Provider that
+ require interaction with the host site.
+
+
+
+
+ Represents an incoming OpenId authentication request.
+
+
+ Requests may be infrastructural to OpenID and allow auto-responses, or they may
+ be authentication requests where the Provider site has to make decisions based
+ on its own user database and policies.
+
+
+
+
+ Adds an extension to the response to send to the relying party.
+
+ The extension to add to the response message.
+
+
+
+ Removes any response extensions previously added using .
+
+
+ This should be called before sending a negative response back to the relying party
+ if extensions were already added, since negative responses cannot carry extensions.
+
+
+
+
+ Gets an extension sent from the relying party.
+
+ The type of the extension.
+ An instance of the extension initialized with values passed in with the request.
+
+
+
+ Gets an extension sent from the relying party.
+
+ The type of the extension.
+ An instance of the extension initialized with values passed in with the request.
+
+
+
+ Gets a value indicating whether the response is ready to be sent to the user agent.
+
+
+ This property returns false if there are properties that must be set on this
+ request instance before the response can be sent.
+
+
+
+
+ Gets or sets the security settings that apply to this request.
+
+ Defaults to the OpenIdProvider.SecuritySettings on the OpenIdProvider.
+
+
+
+ Attempts to perform relying party discovery of the return URL claimed by the Relying Party.
+
+ The web request handler.
+
+ The details of how successful the relying party discovery was.
+
+
+ Return URL verification is only attempted if this method is called.
+ See OpenID Authentication 2.0 spec section 9.2.1.
+
+
+
+
+ Gets the version of OpenID being used by the relying party that sent the request.
+
+
+
+
+ Gets the URL the consumer site claims to use as its 'base' address.
+
+
+
+
+ Gets a value indicating whether the consumer demands an immediate response.
+ If false, the consumer is willing to wait for the identity provider
+ to authenticate the user.
+
+
+
+
+ Gets or sets the provider endpoint claimed in the positive assertion.
+
+
+ The default value is the URL that the request came in on from the relying party.
+ This value MUST match the value for the OP Endpoint in the discovery results for the
+ claimed identifier being asserted in a positive response.
+
+
+
+
+ Adds an optional fragment (#fragment) portion to the ClaimedIdentifier.
+ Useful for identifier recycling.
+
+
+ Should not include the # prefix character as that will be added internally.
+ May be null or the empty string to clear a previously set fragment.
+
+
+ Unlike the property, which can only be set if
+ using directed identity, this method can be called on any URI claimed identifier.
+ Because XRI claimed identifiers (the canonical IDs) are never recycled,
+ this method shouldnot be called for XRIs.
+
+
+ Thrown when this method is called on an XRI, or on a directed identity
+ request before the property is set.
+
+
+
+
+ Gets a value indicating whether the Provider should help the user
+ select a Claimed Identifier to send back to the relying party.
+
+
+
+
+ Gets a value indicating whether the requesting Relying Party is using a delegated URL.
+
+
+ When delegated identifiers are used, the should not
+ be changed at the Provider during authentication.
+ Delegation is only detectable on requests originating from OpenID 2.0 relying parties.
+ A relying party implementing only OpenID 1.x may use delegation and this property will
+ return false anyway.
+
+
+
+
+ Gets or sets the Local Identifier to this OpenID Provider of the user attempting
+ to authenticate. Check to see if
+ this value is valid.
+
+
+ This may or may not be the same as the Claimed Identifier that the user agent
+ originally supplied to the relying party. The Claimed Identifier
+ endpoint may be delegating authentication to this provider using
+ this provider's local id, which is what this property contains.
+ Use this identifier when looking up this user in the provider's user account
+ list.
+
+
+
+
+ Gets or sets the identifier that the user agent is claiming at the relying party site.
+ Check to see if this value is valid.
+
+
+ This property can only be set if is
+ false, to prevent breaking URL delegation.
+ This will not be the same as this provider's local identifier for the user
+ if the user has set up his/her own identity page that points to this
+ provider for authentication.
+ The provider may use this identifier for displaying to the user when
+ asking for the user's permission to authenticate to the relying party.
+
+ Thrown from the setter
+ if is true.
+
+
+
+ Gets or sets a value indicating whether the provider has determined that the
+ belongs to the currently logged in user
+ and wishes to share this information with the consumer.
+
+
+
+
+ Code contract class for the type.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Adds an optional fragment (#fragment) portion to the ClaimedIdentifier.
+ Useful for identifier recycling.
+
+ Should not include the # prefix character as that will be added internally.
+ May be null or the empty string to clear a previously set fragment.
+
+ Unlike the property, which can only be set if
+ using directed identity, this method can be called on any URI claimed identifier.
+ Because XRI claimed identifiers (the canonical IDs) are never recycled,
+ this method shouldnot be called for XRIs.
+
+
+ Thrown when this method is called on an XRI, or on a directed identity
+ request before the property is set.
+
+
+
+
+ Attempts to perform relying party discovery of the return URL claimed by the Relying Party.
+
+ The web request handler to use for the RP discovery request.
+
+ The details of how successful the relying party discovery was.
+
+
+ Return URL verification is only attempted if this method is called.
+ See OpenID Authentication 2.0 spec section 9.2.1.
+
+
+
+
+ Adds an extension to the response to send to the relying party.
+
+ The extension to add to the response message.
+
+
+
+ Removes any response extensions previously added using .
+
+
+ This should be called before sending a negative response back to the relying party
+ if extensions were already added, since negative responses cannot carry extensions.
+
+
+
+
+ Gets an extension sent from the relying party.
+
+ The type of the extension.
+
+ An instance of the extension initialized with values passed in with the request.
+
+
+
+
+ Gets an extension sent from the relying party.
+
+ The type of the extension.
+
+ An instance of the extension initialized with values passed in with the request.
+
+
+
+
+ Gets a value indicating whether the Provider should help the user
+ select a Claimed Identifier to send back to the relying party.
+
+
+
+
+ Gets a value indicating whether the requesting Relying Party is using a delegated URL.
+
+
+ When delegated identifiers are used, the should not
+ be changed at the Provider during authentication.
+ Delegation is only detectable on requests originating from OpenID 2.0 relying parties.
+ A relying party implementing only OpenID 1.x may use delegation and this property will
+ return false anyway.
+
+
+
+
+ Gets or sets the Local Identifier to this OpenID Provider of the user attempting
+ to authenticate. Check to see if
+ this value is valid.
+
+
+ This may or may not be the same as the Claimed Identifier that the user agent
+ originally supplied to the relying party. The Claimed Identifier
+ endpoint may be delegating authentication to this provider using
+ this provider's local id, which is what this property contains.
+ Use this identifier when looking up this user in the provider's user account
+ list.
+
+
+
+
+ Gets or sets the identifier that the user agent is claiming at the relying party site.
+ Check to see if this value is valid.
+
+
+ This property can only be set if is
+ false, to prevent breaking URL delegation.
+ This will not be the same as this provider's local identifier for the user
+ if the user has set up his/her own identity page that points to this
+ provider for authentication.
+ The provider may use this identifier for displaying to the user when
+ asking for the user's permission to authenticate to the relying party.
+
+ Thrown from the setter
+ if is true.
+
+
+
+ Gets or sets a value indicating whether the provider has determined that the
+ belongs to the currently logged in user
+ and wishes to share this information with the consumer.
+
+
+
+
+ Gets the version of OpenID being used by the relying party that sent the request.
+
+
+
+
+ Gets the URL the consumer site claims to use as its 'base' address.
+
+
+
+
+ Gets a value indicating whether the consumer demands an immediate response.
+ If false, the consumer is willing to wait for the identity provider
+ to authenticate the user.
+
+
+
+
+ Gets or sets the provider endpoint claimed in the positive assertion.
+
+
+ The default value is the URL that the request came in on from the relying party.
+ This value MUST match the value for the OP Endpoint in the discovery results for the
+ claimed identifier being asserted in a positive response.
+
+
+
+
+ Gets a value indicating whether the response is ready to be sent to the user agent.
+
+
+ This property returns false if there are properties that must be set on this
+ request instance before the response can be sent.
+
+
+
+
+ Gets or sets the security settings that apply to this request.
+
+
+ Defaults to the OpenIdProvider.SecuritySettings on the OpenIdProvider.
+
+
+
+
+ Code contract for the type.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Adds an extension to the response to send to the relying party.
+
+ The extension to add to the response message.
+
+
+
+ Removes any response extensions previously added using .
+
+
+ This should be called before sending a negative response back to the relying party
+ if extensions were already added, since negative responses cannot carry extensions.
+
+
+
+
+ Gets an extension sent from the relying party.
+
+ The type of the extension.
+
+ An instance of the extension initialized with values passed in with the request.
+
+
+
+
+ Gets an extension sent from the relying party.
+
+ The type of the extension.
+
+ An instance of the extension initialized with values passed in with the request.
+
+
+
+
+ Attempts to perform relying party discovery of the return URL claimed by the Relying Party.
+
+ The web request handler.
+
+ The details of how successful the relying party discovery was.
+
+
+ Return URL verification is only attempted if this method is called.
+ See OpenID Authentication 2.0 spec section 9.2.1.
+
+
+
+
+ Gets the version of OpenID being used by the relying party that sent the request.
+
+
+
+
+ Gets the URL the consumer site claims to use as its 'base' address.
+
+
+
+
+ Gets a value indicating whether the consumer demands an immediate response.
+ If false, the consumer is willing to wait for the identity provider
+ to authenticate the user.
+
+
+
+
+ Gets or sets the provider endpoint.
+
+
+ The default value is the URL that the request came in on from the relying party.
+
+
+
+
+ Gets or sets the security settings that apply to this request.
+
+
+ Defaults to the OpenIdProvider.SecuritySettings on the OpenIdProvider.
+
+
+
+
+ Gets a value indicating whether the response is ready to be sent to the user agent.
+
+
+ This property returns false if there are properties that must be set on this
+ request instance before the response can be sent.
+
+
+
+
+ Applies a custom security policy to certain OpenID security settings and behaviors.
+
+
+
+
+ Applies a well known set of security requirements to a default set of security settings.
+
+ The security settings to enhance with the requirements of this profile.
+
+ Care should be taken to never decrease security when applying a profile.
+ Profiles should only enhance security requirements to avoid being
+ incompatible with each other.
+
+
+
+
+ Called when a request is received by the Provider.
+
+ The incoming request.
+
+ true if this behavior owns this request and wants to stop other behaviors
+ from handling it; false to allow other behaviors to process this request.
+
+
+ Implementations may set a new value to but
+ should not change the properties on the instance of
+ itself as that instance may be shared across many requests.
+
+
+
+
+ Called when the Provider is preparing to send a response to an authentication request.
+
+ The request that is configured to generate the outgoing response.
+
+ true if this behavior owns this request and wants to stop other behaviors
+ from handling it; false to allow other behaviors to process this request.
+
+
+
+
+ Code contract for the type.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Applies a well known set of security requirements to a default set of security settings.
+
+ The security settings to enhance with the requirements of this profile.
+
+ Care should be taken to never decrease security when applying a profile.
+ Profiles should only enhance security requirements to avoid being
+ incompatible with each other.
+
+
+
+
+ Called when a request is received by the Provider.
+
+ The incoming request.
+
+ true if this behavior owns this request and wants to stop other behaviors
+ from handling it; false to allow other behaviors to process this request.
+
+
+ Implementations may set a new value to but
+ should not change the properties on the instance of
+ itself as that instance may be shared across many requests.
+
+
+
+
+ Called when the Provider is preparing to send a response to an authentication request.
+
+ The request that is configured to generate the outgoing response.
+
+ true if this behavior owns this request and wants to stop other behaviors
+ from handling it; false to allow other behaviors to process this request.
+
+
+
+
+ Code contract for the interface.
+
+
+
+
+ Prevents a default instance of the class from being created.
+
+
+
+
+ Adds an extension to the response to send to the relying party.
+
+ The extension to add to the response message.
+
+
+
+ Removes any response extensions previously added using .
+
+
+ This should be called before sending a negative response back to the relying party
+ if extensions were already added, since negative responses cannot carry extensions.
+
+
+
+
+ Gets an extension sent from the relying party.
+
+ The type of the extension.
+
+ An instance of the extension initialized with values passed in with the request.
+
+
+
+
+ Gets an extension sent from the relying party.
+
+ The type of the extension.
+
+ An instance of the extension initialized with values passed in with the request.
+
+
+
+
+ Gets or sets the security settings that apply to this request.
+
+ Defaults to the OpenIdProvider.SecuritySettings on the OpenIdProvider.
+
+
+
+ Gets a value indicating whether the response is ready to be sent to the user agent.
+
+
+ This property returns false if there are properties that must be set on this
+ request instance before the response can be sent.
+
+
+
+
+ Security settings that are applicable to providers.
+
+
+
+
+ Security settings that may be applicable to both relying parties and providers.
+
+
+
+
+ Gets the default minimum hash bit length.
+
+
+
+
+ Gets the maximum hash bit length default for relying parties.
+
+
+
+
+ Gets the maximum hash bit length default for providers.
+
+
+
+
+ Initializes a new instance of the class.
+
+ A value indicating whether this class is being instantiated for a Provider.
+
+
+
+ Determines whether a named association fits the security requirements.
+
+ The protocol carrying the association.
+ The value of the openid.assoc_type parameter.
+
+ true if the association is permitted given the security requirements; otherwise, false.
+
+
+
+
+ Determines whether a given association fits the security requirements.
+
+ The association to check.
+
+ true if the association is permitted given the security requirements; otherwise, false.
+
+
+
+
+ Gets or sets the minimum hash length (in bits) allowed to be used in an
+ with the remote party. The default is 160.
+
+
+ SHA-1 (160 bits) has been broken. The minimum secure hash length is now 256 bits.
+ The default is still a 160 bit minimum to allow interop with common remote parties,
+ such as Yahoo! that only supports 160 bits.
+ For sites that require high security such as to store bank account information and
+ health records, 256 is the recommended value.
+
+
+
+
+ Gets or sets the maximum hash length (in bits) allowed to be used in an
+ with the remote party. The default is 256 for relying parties and 512 for providers.
+
+
+ The longer the bit length, the more secure the identities of your visitors are.
+ Setting a value higher than 256 on a relying party site may reduce performance
+ as many association requests will be denied, causing secondary requests or even
+ authentication failures.
+ Setting a value higher than 256 on a provider increases security where possible
+ without these side-effects.
+
+
+
+
+ Gets or sets a value indicating whether identifiers that are both OP Identifiers and Claimed Identifiers
+ should ever be recognized as claimed identifiers.
+
+
+ The default value is false, per the OpenID 2.0 spec.
+
+
+ OpenID 2.0 sections 7.3.2.2 and 11.2 specify that OP Identifiers never be recognized as Claimed Identifiers.
+ However, for some scenarios it may be desirable for an RP to override this behavior and allow this.
+ The security ramifications of setting this property to true have not been fully explored and
+ therefore this setting should only be changed with caution.
+
+
+
+
+ The default value for the property.
+
+
+
+
+ The default value for the property.
+
+
+
+
+ The default value for the property.
+
+
+
+
+ The default value for the property.
+
+
+
+
+ The subset of association types and their customized lifetimes.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Creates a deep clone of this instance.
+
+ A new instance that is a deep clone of this instance.
+
+
+
+ Gets a subset of the available association types and their
+ customized maximum lifetimes.
+
+
+
+
+ Gets or sets a value indicating whether Relying Party discovery will only
+ succeed if done over a secure HTTPS channel.
+
+ Default is false.
+
+
+
+ Gets or sets the level of verification a Provider performs on an identifier before
+ sending an unsolicited assertion for it.
+
+ The default value is .
+
+
+
+ Gets or sets a value indicating whether the Provider should ease the burden of storing associations
+ by encoding them in signed, encrypted form into the association handles themselves, storing only
+ a few rotating, private symmetric keys in the Provider's store instead.
+
+ The default value for this property is true.
+
+
+
+ Gets or sets a value indicating whether OpenID 1.x relying parties that may not be
+ protecting their users from replay attacks are protected from
+ replay attacks by this provider.
+
+ The default value is true.
+
+ Nonces for protection against replay attacks were not mandated
+ by OpenID 1.x, which leaves users open to replay attacks.
+ This feature works by preventing associations from being used
+ with OpenID 1.x relying parties, thereby forcing them into
+ "dumb" mode and verifying every claim with this provider.
+ This gives the provider an opportunity to verify its own nonce
+ to protect against replay attacks.
+
+
+
+
+ Gets or sets a value indicating whether outgoing extensions are always signed.
+
+
+ true if outgoing extensions should be signed; otherwise, false.
+ The default is true.
+
+
+ This property is internal because Providers should never turn it off, but it is
+ needed for testing the RP's rejection of unsigned extensions.
+
+
+
+
+ The behavior a Provider takes when verifying that it is authoritative for an
+ identifier it is about to send an unsolicited assertion for.
+
+
+
+
+ Always verify that the Provider is authoritative for an identifier before
+ sending an unsolicited assertion for it and fail if it is not.
+
+
+
+
+ Always check that the Provider is authoritative for an identifier before
+ sending an unsolicited assertion for it, but only log failures, and proceed
+ to send the unsolicited assertion.
+
+
+
+
+ Never verify that the Provider is authoritative for an identifier before
+ sending an unsolicited assertion for it.
+
+
+ This setting is useful for web servers that refuse to allow a Provider to
+ introspectively perform an HTTP GET on itself, when sending unsolicited assertions
+ for identifiers that the OP controls.
+
+
+
+
+ The result codes that may be returned from an attempt at relying party discovery.
+
+
+
+
+ Relying Party discovery failed to find an XRDS document or the document was invalid.
+
+
+ This can happen either when a relying party does not offer a service document at all,
+ or when a man-in-the-middle attack is in progress that prevents the Provider from being
+ able to discover that document.
+
+
+
+
+ Relying Party discovery yielded a valid XRDS document, but no matching return_to URI was found.
+
+
+ This is perhaps the most dangerous rating for a relying party, since it suggests that
+ they are implementing OpenID 2.0 securely, but that a hijack operation may be in progress.
+
+
+
+
+ Relying Party discovery succeeded, and a matching return_to URI was found.
+
+
+
+
+ An enumeration of the possible results of an authentication attempt.
+
+
+
+
+ The authentication was canceled by the user agent while at the provider.
+
+
+
+
+ The authentication failed because an error was detected in the OpenId communication.
+
+
+
+
+ The Provider responded to a request for immediate authentication approval
+ with a message stating that additional user agent interaction is required
+ before authentication can be completed.
+ Casting the to a
+ ISetupRequiredAuthenticationResponse in this case can help
+ you retry the authentication using setup (non-immediate) mode.
+
+
+
+
+ Authentication is completed successfully.
+
+
+
+
+ The Provider sent a message that did not contain an identity assertion,
+ but may carry OpenID extensions.
+
+
+
+
+ Instances of this interface represent relying party authentication
+ requests that may be queried/modified in specific ways before being
+ routed to the OpenID Provider.
+
+
+
+
+ Makes a dictionary of key/value pairs available when the authentication is completed.
+
+ The arguments to add to the request's return_to URI. Values must not be null.
+
+ Note that these values are NOT protected against eavesdropping in transit. No
+ privacy-sensitive data should be stored using this method.
+ The values stored here can be retrieved using
+ , which will only return the value
+ if it can be verified as untampered with in transit.
+ Since the data set here is sent in the querystring of the request and some
+ servers place limits on the size of a request URL, this data should be kept relatively
+ small to ensure successful authentication. About 1.5KB is about all that should be stored.
+
+
+
+
+ Makes a key/value pair available when the authentication is completed.
+
+ The parameter name.
+ The value of the argument. Must not be null.
+
+ Note that these values are NOT protected against eavesdropping in transit. No
+ privacy-sensitive data should be stored using this method.
+ The value stored here can be retrieved using
+ , which will only return the value
+ if it can be verified as untampered with in transit.
+ Since the data set here is sent in the querystring of the request and some
+ servers place limits on the size of a request URL, this data should be kept relatively
+ small to ensure successful authentication. About 1.5KB is about all that should be stored.
+
+
+
+
+ Makes a key/value pair available when the authentication is completed.
+
+ The parameter name.
+ The value of the argument. Must not be null.
+
+ Note that these values are NOT protected against eavesdropping in transit. No
+ security-sensitive data should be stored using this method.
+ The value stored here can be retrieved using
+ .
+ Since the data set here is sent in the querystring of the request and some
+ servers place limits on the size of a request URL, this data should be kept relatively
+ small to ensure successful authentication. About 1.5KB is about all that should be stored.
+
+
+
+
+ Makes a key/value pair available when the authentication is completed without
+ requiring a return_to signature to protect against tampering of the callback argument.
+
+ The parameter name.
+ The value of the argument. Must not be null.
+
+ Note that these values are NOT protected against eavesdropping or tampering in transit. No
+ security-sensitive data should be stored using this method.
+ The value stored here can be retrieved using
+ .
+ Since the data set here is sent in the querystring of the request and some
+ servers place limits on the size of a request URL, this data should be kept relatively
+ small to ensure successful authentication. About 1.5KB is about all that should be stored.
+
+
+
+
+ Adds an OpenID extension to the request directed at the OpenID provider.
+
+ The initialized extension to add to the request.
+
+
+
+ Redirects the user agent to the provider for authentication.
+ Execution of the current page terminates after this call.
+
+
+ This method requires an ASP.NET HttpContext.
+
+
+
+
+ Gets or sets the mode the Provider should use during authentication.
+
+
+
+
+ Gets the HTTP response the relying party should send to the user agent
+ to redirect it to the OpenID Provider to start the OpenID authentication process.
+
+
+
+
+ Gets the URL that the user agent will return to after authentication
+ completes or fails at the Provider.
+
+
+
+
+ Gets the URL that identifies this consumer web application that
+ the Provider will display to the end user.
+
+
+
+
+ Gets the Claimed Identifier that the User Supplied Identifier
+ resolved to. Null if the user provided an OP Identifier
+ (directed identity).
+
+
+ Null is returned if the user is using the directed identity feature
+ of OpenID 2.0 to make it nearly impossible for a relying party site
+ to improperly store the reserved OpenID URL used for directed identity
+ as a user's own Identifier.
+ However, to test for the Directed Identity feature, please test the
+ property rather than testing this
+ property for a null value.
+
+
+
+
+ Gets a value indicating whether the authenticating user has chosen to let the Provider
+ determine and send the ClaimedIdentifier after authentication.
+
+
+
+
+ Gets or sets a value indicating whether this request only carries extensions
+ and is not a request to verify that the user controls some identifier.
+
+
+ true if this request is merely a carrier of extensions and is not
+ about an OpenID identifier; otherwise, false.
+
+
+ Although OpenID is first and primarily an authentication protocol, its extensions
+ can be interesting all by themselves. For instance, a relying party might want
+ to know that its user is over 21 years old, or perhaps a member of some organization.
+ OpenID extensions can provide this, without any need for asserting the identity of the user.
+ Constructing an OpenID request for only extensions can be done by calling
+ OpenIdRelyingParty.CreateRequest with any valid OpenID identifier
+ (claimed identifier or OP identifier). But once this property is set to true,
+ the claimed identifier value in the request is not included in the transmitted message.
+ It is anticipated that an RP would only issue these types of requests to OPs that
+ trusts to make assertions regarding the individual holding an account at that OP, so it
+ is not likely that the RP would allow the user to type in an arbitrary claimed identifier
+ without checking that it resolved to an OP endpoint the RP has on a trust whitelist.
+
+
+
+
+ Gets information about the OpenId Provider, as advertised by the
+ OpenID discovery documents found at the
+ location.
+
+
+
+
+ Gets the discovery result leading to the formulation of this request.
+
+ The discovery result.
+
+
+
+ An instance of this interface represents an identity assertion
+ from an OpenID Provider. It may be in response to an authentication
+ request previously put to it by a Relying Party site or it may be an
+ unsolicited assertion.
+
+
+ Relying party web sites should handle both solicited and unsolicited
+ assertions. This interface does not offer a way to discern between
+ solicited and unsolicited assertions as they should be treated equally.
+
+
+
+
+ Gets a callback argument's value that was previously added using
+ .
+
+ The name of the parameter whose value is sought.
+
+ The value of the argument, or null if the named parameter could not be found.
+
+
+ Callback parameters are only available if they are complete and untampered with
+ since the original request message (as proven by a signature).
+ If the relying party is operating in stateless mode null is always
+ returned since the callback arguments could not be signed to protect against
+ tampering.
+
+
+
+
+ Gets a callback argument's value that was previously added using
+ .
+
+ The name of the parameter whose value is sought.
+
+ The value of the argument, or null if the named parameter could not be found.
+
+
+ Callback parameters are only available even if the RP is in stateless mode,
+ or the callback parameters are otherwise unverifiable as untampered with.
+ Therefore, use this method only when the callback argument is not to be
+ used to make a security-sensitive decision.
+
+
+
+
+ Gets all the callback arguments that were previously added using
+ or as a natural part
+ of the return_to URL.
+
+ A name-value dictionary. Never null.
+
+ Callback parameters are only available if they are complete and untampered with
+ since the original request message (as proven by a signature).
+ If the relying party is operating in stateless mode an empty dictionary is always
+ returned since the callback arguments could not be signed to protect against
+ tampering.
+
+
+
+
+ Gets all the callback arguments that were previously added using
+ or as a natural part
+ of the return_to URL.
+
+ A name-value dictionary. Never null.
+
+ Callback parameters are only available even if the RP is in stateless mode,
+ or the callback parameters are otherwise unverifiable as untampered with.
+ Therefore, use this method only when the callback argument is not to be
+ used to make a security-sensitive decision.
+
+
+
+
+ Tries to get an OpenID extension that may be present in the response.
+
+ The type of extension to look for in the response message.
+
+ The extension, if it is found. Null otherwise.
+
+
+ Extensions are returned only if the Provider signed them.
+ Relying parties that do not care if the values were modified in
+ transit should use the method
+ in order to allow the Provider to not sign the extension.
+ Unsigned extensions are completely unreliable and should be
+ used only to prefill user forms since the user or any other third
+ party may have tampered with the data carried by the extension.
+ Signed extensions are only reliable if the relying party
+ trusts the OpenID Provider that signed them. Signing does not mean
+ the relying party can trust the values -- it only means that the values
+ have not been tampered with since the Provider sent the message.
+
+
+
+
+ Tries to get an OpenID extension that may be present in the response.
+
+ Type of the extension to look for in the response.
+
+ The extension, if it is found. Null otherwise.
+
+
+ Extensions are returned only if the Provider signed them.
+ Relying parties that do not care if the values were modified in
+ transit should use the method
+ in order to allow the Provider to not sign the extension.
+ Unsigned extensions are completely unreliable and should be
+ used only to prefill user forms since the user or any other third
+ party may have tampered with the data carried by the extension.
+ Signed extensions are only reliable if the relying party
+ trusts the OpenID Provider that signed them. Signing does not mean
+ the relying party can trust the values -- it only means that the values
+ have not been tampered with since the Provider sent the message.
+
+
+
+
+ Tries to get an OpenID extension that may be present in the response, without
+ requiring it to be signed by the Provider.
+
+ The type of extension to look for in the response message.
+
+ The extension, if it is found. Null otherwise.
+
+
+ Extensions are returned whether they are signed or not.
+ Use the method to retrieve
+ extension responses only if they are signed by the Provider to
+ protect against tampering.
+ Unsigned extensions are completely unreliable and should be
+ used only to prefill user forms since the user or any other third
+ party may have tampered with the data carried by the extension.
+ Signed extensions are only reliable if the relying party
+ trusts the OpenID Provider that signed them. Signing does not mean
+ the relying party can trust the values -- it only means that the values
+ have not been tampered with since the Provider sent the message.
+
+
+
+
+ Tries to get an OpenID extension that may be present in the response, without
+ requiring it to be signed by the Provider.
+
+ Type of the extension to look for in the response.
+
+ The extension, if it is found. Null otherwise.
+
+
+ Extensions are returned whether they are signed or not.
+ Use the method to retrieve
+ extension responses only if they are signed by the Provider to
+ protect against tampering.
+ Unsigned extensions are completely unreliable and should be
+ used only to prefill user forms since the user or any other third
+ party may have tampered with the data carried by the extension.
+ Signed extensions are only reliable if the relying party
+ trusts the OpenID Provider that signed them. Signing does not mean
+ the relying party can trust the values -- it only means that the values
+ have not been tampered with since the Provider sent the message.
+
+
+
+
+ Gets the Identifier that the end user claims to own. For use with user database storage and lookup.
+ May be null for some failed authentications (i.e. failed directed identity authentications).
+
+
+
+ This is the secure identifier that should be used for database storage and lookup.
+ It is not always friendly (i.e. =Arnott becomes =!9B72.7DD1.50A9.5CCD), but it protects
+ user identities against spoofing and other attacks.
+
+
+ For user-friendly identifiers to display, use the
+ property.
+
+
+
+
+
+ Gets a user-friendly OpenID Identifier for display purposes ONLY.
+
+
+
+ This should be put through before
+ sending to a browser to secure against javascript injection attacks.
+
+
+ This property retains some aspects of the user-supplied identifier that get lost
+ in the . For example, XRIs used as user-supplied
+ identifiers (i.e. =Arnott) become unfriendly unique strings (i.e. =!9B72.7DD1.50A9.5CCD).
+ For display purposes, such as text on a web page that says "You're logged in as ...",
+ this property serves to provide the =Arnott string, or whatever else is the most friendly
+ string close to what the user originally typed in.
+
+
+ If the user-supplied identifier is a URI, this property will be the URI after all
+ redirects, and with the protocol and fragment trimmed off.
+ If the user-supplied identifier is an XRI, this property will be the original XRI.
+ If the user-supplied identifier is an OpenID Provider identifier (i.e. yahoo.com),
+ this property will be the Claimed Identifier, with the protocol stripped if it is a URI.
+
+
+ It is very important that this property never be used for database storage
+ or lookup to avoid identity spoofing and other security risks. For database storage
+ and lookup please use the property.
+
+
+
+
+
+ Gets the detailed success or failure status of the authentication attempt.
+
+
+
+
+ Gets information about the OpenId Provider, as advertised by the
+ OpenID discovery documents found at the
+ location, if available.
+
+
+ The Provider endpoint that issued the positive assertion;
+ or null if information about the Provider is unavailable.
+
+
+
+
+ Gets the details regarding a failed authentication attempt, if available.
+ This will be set if and only if is .
+
+
+
+
+ Code contract for the type.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Gets a callback argument's value that was previously added using
+ .
+
+ The name of the parameter whose value is sought.
+
+ The value of the argument, or null if the named parameter could not be found.
+
+
+ This may return any argument on the querystring that came with the authentication response,
+ which may include parameters not explicitly added using
+ .
+ Note that these values are NOT protected against tampering in transit.
+
+
+
+
+ Gets all the callback arguments that were previously added using
+ or as a natural part
+ of the return_to URL.
+
+ A name-value dictionary. Never null.
+
+ This MAY return any argument on the querystring that came with the authentication response,
+ which may include parameters not explicitly added using
+ .
+ Note that these values are NOT protected against tampering in transit.
+
+
+
+
+ Tries to get an OpenID extension that may be present in the response.
+
+ The type of extension to look for in the response message.
+
+ The extension, if it is found. Null otherwise.
+
+
+ Extensions are returned only if the Provider signed them.
+ Relying parties that do not care if the values were modified in
+ transit should use the method
+ in order to allow the Provider to not sign the extension.
+ Unsigned extensions are completely unreliable and should be
+ used only to prefill user forms since the user or any other third
+ party may have tampered with the data carried by the extension.
+ Signed extensions are only reliable if the relying party
+ trusts the OpenID Provider that signed them. Signing does not mean
+ the relying party can trust the values -- it only means that the values
+ have not been tampered with since the Provider sent the message.
+
+
+
+
+ Tries to get an OpenID extension that may be present in the response.
+
+ Type of the extension to look for in the response.
+
+ The extension, if it is found. Null otherwise.
+
+
+ Extensions are returned only if the Provider signed them.
+ Relying parties that do not care if the values were modified in
+ transit should use the method
+ in order to allow the Provider to not sign the extension.
+ Unsigned extensions are completely unreliable and should be
+ used only to prefill user forms since the user or any other third
+ party may have tampered with the data carried by the extension.
+ Signed extensions are only reliable if the relying party
+ trusts the OpenID Provider that signed them. Signing does not mean
+ the relying party can trust the values -- it only means that the values
+ have not been tampered with since the Provider sent the message.
+
+
+
+
+ Tries to get an OpenID extension that may be present in the response, without
+ requiring it to be signed by the Provider.
+
+ The type of extension to look for in the response message.
+
+ The extension, if it is found. Null otherwise.
+
+
+ Extensions are returned whether they are signed or not.
+ Use the method to retrieve
+ extension responses only if they are signed by the Provider to
+ protect against tampering.
+ Unsigned extensions are completely unreliable and should be
+ used only to prefill user forms since the user or any other third
+ party may have tampered with the data carried by the extension.
+ Signed extensions are only reliable if the relying party
+ trusts the OpenID Provider that signed them. Signing does not mean
+ the relying party can trust the values -- it only means that the values
+ have not been tampered with since the Provider sent the message.
+
+
+
+
+ Tries to get an OpenID extension that may be present in the response, without
+ requiring it to be signed by the Provider.
+
+ Type of the extension to look for in the response.
+
+ The extension, if it is found. Null otherwise.
+
+
+ Extensions are returned whether they are signed or not.
+ Use the method to retrieve
+ extension responses only if they are signed by the Provider to
+ protect against tampering.
+ Unsigned extensions are completely unreliable and should be
+ used only to prefill user forms since the user or any other third
+ party may have tampered with the data carried by the extension.
+ Signed extensions are only reliable if the relying party
+ trusts the OpenID Provider that signed them. Signing does not mean
+ the relying party can trust the values -- it only means that the values
+ have not been tampered with since the Provider sent the message.
+
+
+
+
+ Gets a callback argument's value that was previously added using
+ .
+
+ The name of the parameter whose value is sought.
+
+ The value of the argument, or null if the named parameter could not be found.
+
+
+ Callback parameters are only available even if the RP is in stateless mode,
+ or the callback parameters are otherwise unverifiable as untampered with.
+ Therefore, use this method only when the callback argument is not to be
+ used to make a security-sensitive decision.
+
+
+
+
+ Gets all the callback arguments that were previously added using
+ or as a natural part
+ of the return_to URL.
+
+ A name-value dictionary. Never null.
+
+ Callback parameters are only available even if the RP is in stateless mode,
+ or the callback parameters are otherwise unverifiable as untampered with.
+ Therefore, use this method only when the callback argument is not to be
+ used to make a security-sensitive decision.
+
+
+
+
+ Gets the Identifier that the end user claims to own. For use with user database storage and lookup.
+ May be null for some failed authentications (i.e. failed directed identity authentications).
+
+
+
+
+ This is the secure identifier that should be used for database storage and lookup.
+ It is not always friendly (i.e. =Arnott becomes =!9B72.7DD1.50A9.5CCD), but it protects
+ user identities against spoofing and other attacks.
+
+
+ For user-friendly identifiers to display, use the
+ property.
+
+
+
+
+
+ Gets a user-friendly OpenID Identifier for display purposes ONLY.
+
+
+
+
+ This should be put through before
+ sending to a browser to secure against javascript injection attacks.
+
+
+ This property retains some aspects of the user-supplied identifier that get lost
+ in the . For example, XRIs used as user-supplied
+ identifiers (i.e. =Arnott) become unfriendly unique strings (i.e. =!9B72.7DD1.50A9.5CCD).
+ For display purposes, such as text on a web page that says "You're logged in as ...",
+ this property serves to provide the =Arnott string, or whatever else is the most friendly
+ string close to what the user originally typed in.
+
+
+ If the user-supplied identifier is a URI, this property will be the URI after all
+ redirects, and with the protocol and fragment trimmed off.
+ If the user-supplied identifier is an XRI, this property will be the original XRI.
+ If the user-supplied identifier is an OpenID Provider identifier (i.e. yahoo.com),
+ this property will be the Claimed Identifier, with the protocol stripped if it is a URI.
+
+
+ It is very important that this property never be used for database storage
+ or lookup to avoid identity spoofing and other security risks. For database storage
+ and lookup please use the property.
+
+
+
+
+
+ Gets the detailed success or failure status of the authentication attempt.
+
+
+
+
+
+ Gets information about the OpenId Provider, as advertised by the
+ OpenID discovery documents found at the
+ location, if available.
+
+
+ The Provider endpoint that issued the positive assertion;
+ or null if information about the Provider is unavailable.
+
+
+
+
+ Gets the details regarding a failed authentication attempt, if available.
+ This will be set if and only if is .
+
+
+
+
+
+ Applies a custom security policy to certain OpenID security settings and behaviors.
+
+
+
+
+ Applies a well known set of security requirements to a default set of security settings.
+
+ The security settings to enhance with the requirements of this profile.
+
+ Care should be taken to never decrease security when applying a profile.
+ Profiles should only enhance security requirements to avoid being
+ incompatible with each other.
+
+
+
+
+ Called when an authentication request is about to be sent.
+
+ The request.
+
+ Implementations should be prepared to be called multiple times on the same outgoing message
+ without malfunctioning.
+
+
+
+
+ Called when an incoming positive assertion is received.
+
+ The positive assertion.
+
+
+
+ Contract class for the interface.
+
+
+
+
+ Prevents a default instance of the class from being created.
+
+
+
+
+ Applies a well known set of security requirements to a default set of security settings.
+
+ The security settings to enhance with the requirements of this profile.
+
+ Care should be taken to never decrease security when applying a profile.
+ Profiles should only enhance security requirements to avoid being
+ incompatible with each other.
+
+
+
+
+ Called when an authentication request is about to be sent.
+
+ The request.
+
+ Implementations should be prepared to be called multiple times on the same outgoing message
+ without malfunctioning.
+
+
+
+
+ Called when an incoming positive assertion is received.
+
+ The positive assertion.
+
+
+
+ A message a Relying Party sends to a Provider to confirm the validity
+ of a positive assertion that was signed by a Provider-only secret.
+
+
+ The significant payload of this message depends entirely upon the
+ assertion message, and therefore is all in the
+ property bag.
+
+
+
+
+ A common base class for OpenID request messages and indirect responses (since they are ultimately requests).
+
+
+
+
+ The openid.ns parameter in the message.
+
+ "http://specs.openid.net/auth/2.0"
+
+ This particular value MUST be present for the request to be a valid OpenID Authentication 2.0 request. Future versions of the specification may define different values in order to allow message recipients to properly interpret the request.
+
+
+
+
+ Backing store for the property.
+
+
+
+
+ Backing store for the property.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The OpenID version this message must comply with.
+ The OpenID Provider endpoint.
+ The value for the openid.mode parameter.
+ A value indicating whether the message will be transmitted directly or indirectly.
+
+
+
+ Checks the message state for conformity to the protocol specification
+ and throws an exception if the message is invalid.
+
+
+ Some messages have required fields, or combinations of fields that must relate to each other
+ in specialized ways. After deserializing a message, this method checks the state of the
+ message to see if it conforms to the protocol.
+ Note that this property should not check signatures or perform any state checks
+ outside this scope of this particular message.
+
+ Thrown if the message is invalid.
+
+
+
+ Sets a flag indicating that this message is received (as opposed to sent).
+
+
+
+
+ Gets some string from a given version of the OpenID protocol.
+
+ The protocol version to use for lookup.
+ A function that can retrieve the desired protocol constant.
+ The value of the constant.
+
+ This method can be used by a constructor to throw an
+ instead of a .
+
+
+
+
+ Gets the value of the openid.mode parameter.
+
+
+
+
+ Gets the preferred method of transport for the message.
+
+
+ For direct messages this is the OpenID mandated POST.
+ For indirect messages both GET and POST are allowed.
+
+
+
+
+ Gets the recipient of the message.
+
+ The OP endpoint, or the RP return_to.
+
+
+
+ Gets the version of the protocol this message is prepared to implement.
+
+ Version 2.0
+
+
+
+ Gets the level of protection this message requires.
+
+
+
+
+
+ Gets a value indicating whether this is a direct or indirect message.
+
+
+
+
+
+ Gets the extra parameters included in the message.
+
+ An empty dictionary.
+
+
+
+ Gets a value indicating whether this message was deserialized as an incoming message.
+
+
+
+
+ Gets the protocol used by this message.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The OpenID version this message must comply with.
+ The OpenID Provider endpoint.
+
+
+
+ Initializes a new instance of the class
+ based on the contents of some signed message whose signature must be verified.
+
+ The message whose signature should be verified.
+ The channel. This is used only within the constructor and is not stored in a field.
+
+
+
+ Gets or sets a value indicating whether the signature being verified by this request
+ is in fact valid.
+
+ true if the signature is valid; otherwise, false.
+
+ This property is automatically set as the message is received by the channel's
+ signing binding element.
+
+
+
+
+ Gets or sets the ReturnTo that existed in the original signed message.
+
+
+ This exists strictly for convenience in recreating the
+ message.
+
+
+
+
+ The message sent from the Provider to the Relying Party to confirm/deny
+ the validity of an assertion that was signed by a private Provider secret.
+
+
+
+
+ A common base class for OpenID direct message responses.
+
+
+
+
+ The openid.ns parameter in the message.
+
+ "http://specs.openid.net/auth/2.0"
+
+ OpenID 2.0 Section 5.1.2:
+ This particular value MUST be present for the response to be a valid OpenID 2.0 response.
+ Future versions of the specification may define different values in order to allow message
+ recipients to properly interpret the request.
+
+
+
+
+ Backing store for the properties.
+
+
+
+
+ Backing store for the properties.
+
+
+
+
+ The dictionary of parameters that are not part of the OpenID specification.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The OpenID version of the response message.
+ The originating request. May be null in case the request is unrecognizable and this is an error response.
+
+
+
+ Checks the message state for conformity to the protocol specification
+ and throws an exception if the message is invalid.
+
+
+ Some messages have required fields, or combinations of fields that must relate to each other
+ in specialized ways. After deserializing a message, this method checks the state of the
+ message to see if it conforms to the protocol.
+ Note that this property should not check signatures or perform any state checks
+ outside this scope of this particular message.
+
+ Thrown if the message is invalid.
+
+
+
+ Sets a flag indicating that this message is received (as opposed to sent).
+
+
+
+
+ Gets the version of the protocol this message is prepared to implement.
+
+ Version 2.0
+
+
+
+ Gets the level of protection this message requires.
+
+
+
+
+
+ Gets a value indicating whether this is a direct or indirect message.
+
+
+
+
+
+ Gets the extra, non-OAuth parameters included in the message.
+
+
+
+
+ Gets the originating request message that caused this response to be formed.
+
+
+ This property may be null if the request message was undecipherable.
+
+
+
+
+ Gets a value indicating whether this message was deserialized as an incoming message.
+
+
+
+
+ Gets the protocol used by this message.
+
+
+
+
+ Gets the originating request message that caused this response to be formed.
+
+
+
+
+ Initializes a new instance of the class
+ for use by the Relying Party.
+
+ The OpenID version of the response message.
+ The request that this message is responding to.
+
+
+
+ Gets or sets a value indicating whether the signature of the verification request is valid.
+
+
+
+
+ Gets or sets the handle the relying party should invalidate if is true.
+
+ The "invalidate_handle" value sent in the verification request, if the OP confirms it is invalid.
+
+ If present in a verification response with "is_valid" set to "true",
+ the Relying Party SHOULD remove the corresponding association from
+ its store and SHOULD NOT send further authentication requests with
+ this handle.
+ This two-step process for invalidating associations is necessary
+ to prevent an attacker from invalidating an association at will by
+ adding "invalidate_handle" parameters to an authentication response.
+ For OpenID 1.1, we allow this to be present but empty to put up with poor implementations such as Blogger.
+
+
+
+
+ An authentication request from a Relying Party to a Provider.
+
+
+ This message type satisfies OpenID 2.0 section 9.1.
+
+
+
+
+ An indirect request from a Relying Party to a Provider where the response
+ is expected to be signed.
+
+
+
+
+ Backing store for the property.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The OpenID version to use.
+ The Provider endpoint that receives this message.
+
+ for asynchronous javascript clients;
+ to allow the Provider to interact with the user in order to complete authentication.
+
+
+
+
+ Checks the message state for conformity to the protocol specification
+ and throws an exception if the message is invalid.
+
+
+ Some messages have required fields, or combinations of fields that must relate to each other
+ in specialized ways. After deserializing a message, this method checks the state of the
+ message to see if it conforms to the protocol.
+ Note that this property should not check signatures or perform any state checks
+ outside this scope of this particular message.
+
+ Thrown if the message is invalid.
+
+
+
+ Adds parameters to the return_to querystring.
+
+ The keys=value pairs to add to the return_to query string.
+
+ This method is useful if the Relying Party wants to recall some value
+ when and if a positive assertion comes back from the Provider.
+
+
+
+
+ Adds a parameter to the return_to querystring.
+
+ The name of the parameter.
+ The value of the argument.
+
+ This method is useful if the Relying Party wants to recall some value
+ when and if a positive assertion comes back from the Provider.
+
+
+
+
+ Gets the value of the openid.mode parameter based on the protocol version and immediate flag.
+
+ The OpenID version to use.
+
+ for asynchronous javascript clients;
+ to allow the Provider to interact with the user in order to complete authentication.
+
+ checkid_immediate or checkid_setup
+
+
+
+ Gets the list of extensions that are included with this message.
+
+
+
+ Implementations of this interface should ensure that this property never returns null.
+
+
+
+
+ Gets a value indicating whether the Provider is allowed to interact with the user
+ as part of authentication.
+
+ true if using OpenID immediate mode; otherwise, false.
+
+
+
+ Gets or sets the handle of the association the RP would like the Provider
+ to use for signing a positive assertion in the response message.
+
+ A handle for an association between the Relying Party and the OP
+ that SHOULD be used to sign the response.
+
+ If no association handle is sent, the transaction will take place in Stateless Mode
+ (Verifying Directly with the OpenID Provider).
+
+
+
+
+ Gets or sets the URL the Provider should redirect the user agent to following
+ the authentication attempt.
+
+ URL to which the OP SHOULD return the User-Agent with the response
+ indicating the status of the request.
+
+ If this value is not sent in the request it signifies that the Relying Party
+ does not wish for the end user to be returned.
+ The return_to URL MAY be used as a mechanism for the Relying Party to attach
+ context about the authentication request to the authentication response.
+ This document does not define a mechanism by which the RP can ensure that query
+ parameters are not modified by outside parties; such a mechanism can be defined
+ by the RP itself.
+
+
+
+
+ Gets or sets the Relying Party discovery URL the Provider may use to verify the
+ source of the authentication request.
+
+
+ URL pattern the OP SHOULD ask the end user to trust. See Section 9.2 (Realms).
+ This value MUST be sent if openid.return_to is omitted.
+ Default: The URL.
+
+
+
+
+ Gets or sets a value indicating whether the return_to value should be signed.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The OpenID version to use.
+ The Provider endpoint that receives this message.
+
+ for asynchronous javascript clients;
+ to allow the Provider to interact with the user in order to complete authentication.
+
+
+
+
+ Checks the message state for conformity to the protocol specification
+ and throws an exception if the message is invalid.
+
+
+ Some messages have required fields, or combinations of fields that must relate to each other
+ in specialized ways. After deserializing a message, this method checks the state of the
+ message to see if it conforms to the protocol.
+ Note that this property should not check signatures or perform any state checks
+ outside this scope of this particular message.
+
+ Thrown if the message is invalid.
+
+
+
+ Gets or sets the Claimed Identifier.
+
+
+ "openid.claimed_id" and "openid.identity" SHALL be either both present or both absent.
+ If neither value is present, the assertion is not about an identifier,
+ and will contain other information in its payload, using extensions (Extensions).
+ It is RECOMMENDED that OPs accept XRI identifiers with or without the "xri://" prefix, as specified in the Normalization (Normalization) section.
+
+
+
+
+ Gets or sets the OP Local Identifier.
+
+ The OP-Local Identifier.
+
+ If a different OP-Local Identifier is not specified, the claimed
+ identifier MUST be used as the value for openid.identity.
+ Note: If this is set to the special value
+ "http://specs.openid.net/auth/2.0/identifier_select" then the OP SHOULD
+ choose an Identifier that belongs to the end user. This parameter MAY
+ be omitted if the request is not about an identifier (for instance if
+ an extension is in use that makes the request meaningful without it;
+ see openid.claimed_id above).
+
+
+
+
+ The base class that all successful association response messages derive from.
+
+
+ Association response messages are described in OpenID 2.0 section 8.2. This type covers section 8.2.1.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The OpenID version of the response message.
+ The originating request.
+
+
+
+ Checks the message state for conformity to the protocol specification
+ and throws an exception if the message is invalid.
+
+
+ Some messages have required fields, or combinations of fields that must relate to each other
+ in specialized ways. After deserializing a message, this method checks the state of the
+ message to see if it conforms to the protocol.
+ Note that this property should not check signatures or perform any state checks
+ outside this scope of this particular message.
+
+ Thrown if the message is invalid.
+
+
+
+ Gets or sets the association handle is used as a key to refer to this association in subsequent messages.
+
+ A string 255 characters or less in length. It MUST consist only of ASCII characters in the range 33-126 inclusive (printable non-whitespace characters).
+
+
+
+ Gets or sets the preferred association type. The association type defines the algorithm to be used to sign subsequent messages.
+
+ Value: A valid association type from Section 8.3.
+
+
+
+ Gets or sets the value of the "openid.session_type" parameter from the request.
+ If the OP is unwilling or unable to support this association type, it MUST return an
+ unsuccessful response (Unsuccessful Response Parameters).
+
+ Value: A valid association session type from Section 8.4 (Association Session Types).
+ Note: Unless using transport layer encryption, "no-encryption" MUST NOT be used.
+
+
+
+ Gets or sets the lifetime, in seconds, of this association. The Relying Party MUST NOT use the association after this time has passed.
+
+ An integer, represented in base 10 ASCII.
+
+
+
+ Members found on error response messages sent from a Provider
+ to a Relying Party in response to direct and indirect message
+ requests that result in an error.
+
+
+
+
+ Gets or sets a human-readable message indicating why the request failed.
+
+
+
+
+ Gets or sets the contact address for the administrator of the server.
+
+ The contact address may take any form, as it is intended to be displayed to a person.
+
+
+
+ Gets or sets a reference token, such as a support ticket number or a URL to a news blog, etc.
+
+
+
+
+ A common base class from which indirect response messages should derive.
+
+
+
+
+ Backing store for the property.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The request that caused this response message to be constructed.
+ The value of the openid.mode parameter.
+
+
+
+ Initializes a new instance of the class
+ for unsolicited assertion scenarios.
+
+ The OpenID version supported at the Relying Party.
+
+ The URI at which the Relying Party receives OpenID indirect messages.
+
+ The value to use for the openid.mode parameter.
+
+
+
+ Gets the property of a message.
+
+ The message to fetch the protocol version from.
+ The value of the property.
+
+ This method can be used by a constructor to throw an
+ instead of a .
+
+
+
+
+ Gets the property of a message.
+
+ The message to fetch the ReturnTo from.
+ The value of the property.
+
+ This method can be used by a constructor to throw an
+ instead of a .
+
+
+
+
+ Gets the list of extensions that are included with this message.
+
+
+
+ Implementations of this interface should ensure that this property never returns null.
+
+
+
+
+ Gets the signed extensions on this message.
+
+
+
+
+ Gets the unsigned extensions on this message.
+
+
+
+
+ Gets the originating request message, if applicable.
+
+
+
+
+ An indirect message from a Provider to a Relying Party where at least part of the
+ payload is signed so the Relying Party can verify it has not been tampered with.
+
+
+
+
+ The allowed date/time formats for the response_nonce parameter.
+
+
+ This array of formats is not yet a complete list.
+
+
+
+
+ Backing field for the property.
+
+
+ The field initializer being DateTime.UtcNow allows for OpenID 1.x messages
+ to pass through the StandardExpirationBindingElement.
+
+
+
+
+ Backing store for the property.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+ The authentication request that caused this assertion to be generated.
+
+
+
+
+ Initializes a new instance of the class
+ in order to perform signature verification at the Provider.
+
+ The previously signed message.
+ The channel. This is used only within the constructor and is not stored in a field.
+
+
+
+ Initializes a new instance of the class
+ for unsolicited assertions.
+
+ The OpenID version to use.
+ The return_to URL of the Relying Party.
+ This value will commonly be from ,
+ but for unsolicited assertions may come from the Provider performing RP discovery
+ to find the appropriate return_to URL to use.
+
+
+
+ Checks the message state for conformity to the protocol specification
+ and throws an exception if the message is invalid.
+
+
+ Some messages have required fields, or combinations of fields that must relate to each other
+ in specialized ways. After deserializing a message, this method checks the state of the
+ message to see if it conforms to the protocol.
+ Note that this property should not check signatures or perform any state checks
+ outside this scope of this particular message.
+
+ Thrown if the message is invalid.
+
+
+
+ Gets the value of a named parameter in the return_to URL without signature protection.
+
+ The full name of the parameter whose value is being sought.
+ The value of the parameter if it is present and unaltered from when
+ the Relying Party signed it; null otherwise.
+
+ This method will always return null on the Provider-side, since Providers
+ cannot verify the private signature made by the relying party.
+
+
+
+
+ Gets the names of the callback parameters added to the original authentication request
+ without signature protection.
+
+ A sequence of the callback parameter names.
+
+
+
+ Gets a dictionary of all the message part names and values
+ that are included in the message signature.
+
+ The channel.
+
+ A dictionary of the signed message parts.
+
+
+
+
+ Determines whether one querystring contains every key=value pair that
+ another querystring contains.
+
+ The querystring that should contain at least all the key=value pairs of the other.
+ The querystring containing the set of key=value pairs to test for in the other.
+
+ true if contains all the query parameters that does; false otherwise.
+
+
+
+
+ Verifies that the openid.return_to field matches the URL of the actual HTTP request.
+
+
+ From OpenId Authentication 2.0 section 11.1:
+ To verify that the "openid.return_to" URL matches the URL that is processing this assertion:
+ * The URL scheme, authority, and path MUST be the same between the two URLs.
+ * Any query parameters that are present in the "openid.return_to" URL MUST
+ also be present with the same values in the URL of the HTTP request the RP received.
+
+
+
+
+ Gets the level of protection this message requires.
+
+
+ for OpenID 2.0 messages.
+ for OpenID 1.x messages.
+
+
+ Although the required protection is reduced for OpenID 1.x,
+ this library will provide Relying Party hosts with all protections
+ by adding its own specially-crafted nonce to the authentication request
+ messages except for stateless RPs in OpenID 1.x messages.
+
+
+
+
+ Gets or sets the message signature.
+
+ Base 64 encoded signature calculated as specified in Section 6 (Generating Signatures).
+
+
+
+ Gets or sets the signed parameter order.
+
+ Comma-separated list of signed fields.
+ "op_endpoint,identity,claimed_id,return_to,assoc_handle,response_nonce"
+
+ This entry consists of the fields without the "openid." prefix that the signature covers.
+ This list MUST contain at least "op_endpoint", "return_to" "response_nonce" and "assoc_handle",
+ and if present in the response, "claimed_id" and "identity".
+ Additional keys MAY be signed as part of the message. See Generating Signatures.
+
+
+
+
+ Gets or sets the association handle used to sign the message.
+
+ The handle for the association that was used to sign this assertion.
+
+
+
+ Gets or sets the nonce that will protect the message from replay attacks.
+
+
+
+
+ Gets the context within which the nonce must be unique.
+
+
+
+
+ Gets or sets the UTC date/time the message was originally sent onto the network.
+
+
+ The property setter should ensure a UTC date/time,
+ and throw an exception if this is not possible.
+
+
+ Thrown when a DateTime that cannot be converted to UTC is set.
+
+
+
+
+ Gets or sets the association handle that the Provider wants the Relying Party to not use any more.
+
+ If the Relying Party sent an invalid association handle with the request, it SHOULD be included here.
+
+ For OpenID 1.1, we allow this to be present but empty to put up with poor implementations such as Blogger.
+
+
+
+
+ Gets or sets the Provider Endpoint URI.
+
+
+
+
+ Gets or sets the return_to parameter as the relying party provided
+ it in .
+
+ Verbatim copy of the return_to URL parameter sent in the
+ request, before the Provider modified it.
+
+
+
+ Gets or sets a value indicating whether the
+ URI's query string is unaltered between when the Relying Party
+ sent the original request and when the response was received.
+
+
+ This property is not persisted in the transmitted message, and
+ has no effect on the Provider-side of the communication.
+
+
+
+
+ Gets or sets the nonce that will protect the message from replay attacks.
+
+
+ A string 255 characters or less in length, that MUST be unique to
+ this particular successful authentication response. The nonce MUST start
+ with the current time on the server, and MAY contain additional ASCII
+ characters in the range 33-126 inclusive (printable non-whitespace characters),
+ as necessary to make each response unique. The date and time MUST be
+ formatted as specified in section 5.6 of [RFC3339]
+ (Klyne, G. and C. Newman, “Date and Time on the Internet: Timestamps,” .),
+ with the following restrictions:
+
+ All times must be in the UTC timezone, indicated with a "Z".
+ No fractional seconds are allowed
+
+
+ 2005-05-15T17:11:51ZUNIQUE
+
+
+
+ Gets or sets the nonce that will protect the message from replay attacks.
+
+
+ A string 255 characters or less in length, that MUST be unique to
+ this particular successful authentication response. The nonce MUST start
+ with the current time on the server, and MAY contain additional ASCII
+ characters in the range 33-126 inclusive (printable non-whitespace characters),
+ as necessary to make each response unique. The date and time MUST be
+ formatted as specified in section 5.6 of [RFC3339]
+ (Klyne, G. and C. Newman, “Date and Time on the Internet: Timestamps,” .),
+ with the following restrictions:
+
+ All times must be in the UTC timezone, indicated with a "Z".
+ No fractional seconds are allowed
+
+
+ 2005-05-15T17:11:51ZUNIQUE
+
+
+
+ Gets the querystring key=value pairs in the return_to URL.
+
+
+
+
+ Code contract class for the IOpenIdMessageExtension interface.
+
+
+
+
+ Prevents a default instance of the class from being created.
+
+
+
+
+ Checks the message state for conformity to the protocol specification
+ and throws an exception if the message is invalid.
+
+
+ Some messages have required fields, or combinations of fields that must relate to each other
+ in specialized ways. After deserializing a message, this method checks the state of the
+ message to see if it conforms to the protocol.
+ Note that this property should not check signatures or perform any state checks
+ outside this scope of this particular message.
+
+ Thrown if the message is invalid.
+
+
+
+ Gets the TypeURI the extension uses in the OpenID protocol and in XRDS advertisements.
+
+
+
+
+ Gets the additional TypeURIs that are supported by this extension, in preferred order.
+ May be empty if none other than is supported, but
+ should not be null.
+
+
+ Useful for reading in messages with an older version of an extension.
+ The value in the property is always checked before
+ trying this list.
+ If you do support multiple versions of an extension using this method,
+ consider adding a CreateResponse method to your request extension class
+ so that the response can have the context it needs to remain compatible
+ given the version of the extension in the request message.
+ The for an example.
+
+
+
+
+ Gets or sets a value indicating whether this extension was
+ signed by the sender.
+
+
+ true if this instance is signed by the sender; otherwise, false.
+
+
+
+
+ Gets the version of the protocol or extension this message is prepared to implement.
+
+
+ Implementations of this interface should ensure that this property never returns null.
+
+
+
+
+ Gets the extra, non-standard Protocol parameters included in the message.
+
+
+ Implementations of this interface should ensure that this property never returns null.
+
+
+
+
+ The message OpenID Providers send back to Relying Parties to refuse
+ to assert the identity of a user.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The request that the relying party sent.
+
+
+
+ Initializes a new instance of the class.
+
+ The request that the relying party sent.
+ The channel to use to simulate construction of the user_setup_url, if applicable. May be null, but the user_setup_url will not be constructed.
+
+
+
+ Initializes a new instance of the class.
+
+ The version.
+ The relying party return to.
+ The value of the openid.mode parameter.
+
+
+
+ Checks the message state for conformity to the protocol specification
+ and throws an exception if the message is invalid.
+
+
+ Some messages have required fields, or combinations of fields that must relate to each other
+ in specialized ways. After deserializing a message, this method checks the state of the
+ message to see if it conforms to the protocol.
+ Note that this property should not check signatures or perform any state checks
+ outside this scope of this particular message.
+
+ Thrown if the message is invalid.
+
+
+
+ Constructs the value for the user_setup_url parameter to be sent back
+ in negative assertions in response to OpenID 1.x RP's checkid_immediate requests.
+
+ The immediate request.
+ The channel to use to simulate construction of the message.
+ The value to use for the user_setup_url parameter.
+
+
+
+ Gets the value for the openid.mode that is appropriate for this response.
+
+ The request that we're responding to.
+ The value of the openid.mode parameter to use.
+
+
+
+ Gets or sets the URL the relying party can use to upgrade their authentication
+ request from an immediate to a setup message.
+
+ URL to redirect User-Agent to so the End User can do whatever's necessary to fulfill the assertion.
+
+ This part is only included in OpenID 1.x responses.
+
+
+
+
+ Gets a value indicating whether this
+ is in response to an authentication request made in immediate mode.
+
+ true if the request was in immediate mode; otherwise, false.
+
+
+
+ An identity assertion from a Provider to a Relying Party, stating that the
+ user operating the user agent is in fact some specific user known to the Provider.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+ The authentication request that caused this assertion to be generated.
+
+
+
+
+ Initializes a new instance of the class
+ for unsolicited assertions.
+
+ The OpenID version to use.
+ The return_to URL of the Relying Party.
+ This value will commonly be from ,
+ but for unsolicited assertions may come from the Provider performing RP discovery
+ to find the appropriate return_to URL to use.
+
+
+
+ Initializes a new instance of the class.
+
+ The relying party return_to endpoint that will receive this positive assertion.
+
+
+
+ Gets or sets the Claimed Identifier.
+
+
+ "openid.claimed_id" and "openid.identity" SHALL be either both present or both absent.
+ If neither value is present, the assertion is not about an identifier,
+ and will contain other information in its payload, using extensions (Extensions).
+
+
+
+
+ Gets or sets the OP Local Identifier.
+
+ The OP-Local Identifier.
+
+ OpenID Providers MAY assist the end user in selecting the Claimed
+ and OP-Local Identifiers about which the assertion is made.
+ The openid.identity field MAY be omitted if an extension is in use that
+ makes the response meaningful without it (see openid.claimed_id above).
+
+
+
+
+ Wraps an existing Identifier and prevents it from performing discovery.
+
+
+
+
+ The wrapped identifier.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The ordinary Identifier whose discovery is being masked.
+ Whether this Identifier should claim to be SSL-secure, although no discovery will never generate service endpoints anyway.
+
+
+
+ Returns a that represents the current .
+
+
+ A that represents the current .
+
+
+
+
+ Tests equality between two s.
+
+ The to compare with the current .
+
+ true if the specified is equal to the current ; otherwise, false.
+
+
+ The parameter is null.
+
+
+
+
+ Gets the hash code for an for storage in a hashtable.
+
+
+ A hash code for the current .
+
+
+
+
+ Returns an that has no URI fragment.
+ Quietly returns the original if it is not
+ a or no fragment exists.
+
+
+ A new instance if there was a
+ fragment to remove, otherwise this same instance..
+
+
+
+
+ Converts a given identifier to its secure equivalent.
+ UriIdentifiers originally created with an implied HTTP scheme change to HTTPS.
+ Discovery is made to require SSL for the entire resolution process.
+
+ The newly created secure identifier.
+ If the conversion fails, retains
+ this identifiers identity, but will never discover any endpoints.
+
+ True if the secure conversion was successful.
+ False if the Identifier was originally created with an explicit HTTP scheme.
+
+
+
+
+ A set of utilities especially useful to OpenID.
+
+
+
+
+ The prefix to designate this library's proprietary parameters added to the protocol.
+
+
+
+
+ A static variable that carries the results of a check for the presence of
+ assemblies that are required for the Diffie-Hellman algorithm.
+
+
+
+
+ Creates a random association handle.
+
+ The association handle.
+
+
+
+ Gets the OpenID protocol instance for the version in a message.
+
+ The message.
+ The OpenID protocol instance.
+
+
+
+ Changes the position of some element in a list.
+
+ The type of elements stored in the list.
+ The list to be modified.
+ The new position for the given element.
+ The element to move within the list.
+ Thrown if the element does not already exist in the list.
+
+
+
+ Corrects any URI decoding the Provider may have inappropriately done
+ to our return_to URL, resulting in an otherwise corrupted base64 encoded value.
+
+ The base64 encoded value. May be null.
+
+ The value; corrected if corruption had occurred.
+
+
+ AOL may have incorrectly URI-decoded the token for us in the return_to,
+ resulting in a token URI-decoded twice by the time we see it, and no
+ longer being a valid base64 string.
+ It turns out that the only symbols from base64 that is also encoded
+ in URI encoding rules are the + and / characters.
+ AOL decodes the %2b sequence to the + character
+ and the %2f sequence to the / character (it shouldn't decode at all).
+ When we do our own URI decoding, the + character becomes a space (corrupting base64)
+ but the / character remains a /, so no further corruption happens to this character.
+ So to correct this we just need to change any spaces we find in the token
+ back to + characters.
+
+
+
+
+ Rounds the given downward to the whole second.
+
+ The DateTime object to adjust.
+ The new value.
+
+
+
+ Gets the fully qualified Realm URL, given a Realm that may be relative to a particular page.
+
+ The hosting page that has the realm value to resolve.
+ The realm, which may begin with "*." or "~/".
+ The request context.
+ The fully-qualified realm.
+
+
+
+ Gets the extension factories from the extension aggregator on an OpenID channel.
+
+ The channel.
+ The list of factories that will be used to generate extension instances.
+
+ This is an extension method on rather than an instance
+ method on because the OpenIdRelyingParty
+ and OpenIdProvider classes don't strong-type to
+ to allow flexibility in the specific type of channel the user (or tests)
+ can plug in.
+
+
+
+
+ Loads the Diffie-Hellman assemblies.
+
+ Thrown if the DH assemblies are missing.
+
+
+
+ Gets a value indicating whether Diffie Hellman is available in this installation.
+
+
+ true if Diffie-Hellman functionality is present; otherwise, false.
+
+
+
+
+ Utility methods for working with XRDS documents.
+
+
+
+
+ Finds the Relying Party return_to receiving endpoints.
+
+ The XrdsDocument instance to use in this process.
+ A sequence of Relying Party descriptors for the return_to endpoints.
+
+ This is useful for Providers to send unsolicited assertions to Relying Parties,
+ or for Provider's to perform RP discovery/verification as part of authentication.
+
+
+
+
+ Finds the icons the relying party wants an OP to display as part of authentication,
+ per the UI extension spec.
+
+ The XrdsDocument to search.
+ A sequence of the icon URLs in preferred order.
+
+
+
+ Enumerates the XRDS service elements that describe OpenID Relying Party return_to URLs
+ that can receive authentication assertions.
+
+ The XrdsDocument instance to use in this process.
+ A sequence of service elements.
+
+
+
+ Describes some OpenID Provider endpoint and its capabilities.
+
+
+ This is an immutable type.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The OpenID Provider endpoint URL.
+ The OpenID version supported by this particular endpoint.
+
+
+
+ Initializes a new instance of the class.
+
+ The URI the provider listens on for OpenID requests.
+ The set of services offered by this endpoint.
+
+
+
+ Checks whether the OpenId Identifier claims support for a given extension.
+
+ The extension whose support is being queried.
+
+ True if support for the extension is advertised. False otherwise.
+
+
+ Note that a true or false return value is no guarantee of a Provider's
+ support for or lack of support for an extension. The return value is
+ determined by how the authenticating user filled out his/her XRDS document only.
+ The only way to be sure of support for a given extension is to include
+ the extension in the request and see if a response comes back for that extension.
+
+
+
+
+ Checks whether the OpenId Identifier claims support for a given extension.
+
+ The extension whose support is being queried.
+
+ True if support for the extension is advertised. False otherwise.
+
+
+ Note that a true or false return value is no guarantee of a Provider's
+ support for or lack of support for an extension. The return value is
+ determined by how the authenticating user filled out his/her XRDS document only.
+ The only way to be sure of support for a given extension is to include
+ the extension in the request and see if a response comes back for that extension.
+
+
+
+
+ Gets the URL that the OpenID Provider listens for incoming OpenID messages on.
+
+
+
+
+ Gets the OpenID protocol version this endpoint supports.
+
+
+ If an endpoint supports multiple versions, each version must be represented
+ by its own object.
+
+
+
+
+ Gets the collection of service type URIs found in the XRDS document describing this Provider.
+
+
+
+
+ A trust root to validate requests and match return URLs against.
+
+
+ This fills the OpenID Authentication 2.0 specification for realms.
+ See http://openid.net/specs/openid-authentication-2_0.html#realms
+
+
+
+
+ A regex used to detect a wildcard that is being used in the realm.
+
+
+
+
+ A (more or less) comprehensive list of top-level (i.e. ".com") domains,
+ for use by in order to disallow overly-broad realms
+ that allow all web sites ending with '.com', for example.
+
+
+
+
+ The Uri of the realm, with the wildcard (if any) removed.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The realm URL to use in the new instance.
+
+
+
+ Initializes a new instance of the class.
+
+ The realm URL of the Relying Party.
+
+
+
+ Initializes a new instance of the class.
+
+ The realm URI builder.
+
+ This is useful because UriBuilder can construct a host with a wildcard
+ in the Host property, but once there it can't be converted to a Uri.
+
+
+
+
+ Implicitly converts the string-form of a URI to a object.
+
+ The URI that the new Realm instance will represent.
+ The result of the conversion.
+
+
+
+ Implicitly converts a to a object.
+
+ The URI to convert to a realm.
+ The result of the conversion.
+
+
+
+ Implicitly converts a object to its form.
+
+ The realm to convert to a string value.
+ The result of the conversion.
+
+
+
+ Checks whether one is equal to another.
+
+ The to compare with the current .
+
+ true if the specified is equal to the current ; otherwise, false.
+
+
+ The parameter is null.
+
+
+
+
+ Returns the hash code used for storing this object in a hash table.
+
+
+ A hash code for the current .
+
+
+
+
+ Returns the string form of this .
+
+
+ A that represents the current .
+
+
+
+
+ Validates a URL against this trust root.
+
+ A string specifying URL to check.
+ Whether the given URL is within this trust root.
+
+
+
+ Validates a URL against this trust root.
+
+ The URL to check.
+ Whether the given URL is within this trust root.
+
+
+
+ Searches for an XRDS document at the realm URL, and if found, searches
+ for a description of a relying party endpoints (OpenId login pages).
+
+ The mechanism to use for sending HTTP requests.
+ Whether redirects may be followed when discovering the Realm.
+ This may be true when creating an unsolicited assertion, but must be
+ false when performing return URL verification per 2.0 spec section 9.2.1.
+
+ The details of the endpoints if found; or null if no service document was discovered.
+
+
+
+
+ Searches for an XRDS document at the realm URL.
+
+ The mechanism to use for sending HTTP requests.
+ Whether redirects may be followed when discovering the Realm.
+ This may be true when creating an unsolicited assertion, but must be
+ false when performing return URL verification per 2.0 spec section 9.2.1.
+
+ The XRDS document if found; or null if no service document was discovered.
+
+
+
+
+ Calls if the argument is non-null.
+ Otherwise throws .
+
+ The realm URI builder.
+ The result of UriBuilder.ToString()
+
+ This simple method is worthwhile because it checks for null
+ before dereferencing the UriBuilder. Since this is called from
+ within a constructor's base(...) call, this avoids a
+ when we should be throwing an .
+
+
+
+
+ Gets the suggested realm to use for the calling web application.
+
+ A realm that matches this applications root URL.
+
+ For most circumstances the Realm generated by this property is sufficient.
+ However a wildcard Realm, such as "http://*.microsoft.com/" may at times be more
+ desirable than "http://www.microsoft.com/" in order to allow identifier
+ correlation across related web sites for directed identity Providers.
+ Requires an HttpContext.Current context.
+
+
+
+
+ Gets a value indicating whether a '*.' prefix to the hostname is
+ used in the realm to allow subdomains or hosts to be added to the URL.
+
+
+
+
+ Gets the host component of this instance.
+
+
+
+
+ Gets the scheme name for this URI.
+
+
+
+
+ Gets the port number of this URI.
+
+
+
+
+ Gets the absolute path of the URI.
+
+
+
+
+ Gets the System.Uri.AbsolutePath and System.Uri.Query properties separated
+ by a question mark (?).
+
+
+
+
+ Gets the original string.
+
+ The original string.
+
+
+
+ Gets the realm URL. If the realm includes a wildcard, it is not included here.
+
+
+
+
+ Gets the Realm discovery URL, where the wildcard (if present) is replaced with "www.".
+
+
+ See OpenID 2.0 spec section 9.2.1 for the explanation on the addition of
+ the "www" prefix.
+
+
+
+
+ Gets a value indicating whether this realm represents a reasonable (sane) set of URLs.
+
+
+ 'http://*.com/', for example is not a reasonable pattern, as it cannot meaningfully
+ specify the site claiming it. This function attempts to find many related examples,
+ but it can only work via heuristics. Negative responses from this method should be
+ treated as advisory, used only to alert the user to examine the trust root carefully.
+
+
+
+
+ Provides conversions to and from strings for messages that include members of this type.
+
+
+
+
+ Encodes the specified value.
+
+ The value. Guaranteed to never be null.
+ The in string form, ready for message transport.
+
+
+
+ Decodes the specified value.
+
+ The string value carried by the transport. Guaranteed to never be null, although it may be empty.
+ The deserialized form of the given string.
+ Thrown when the string value given cannot be decoded into the required object type.
+
+
+
+ Encodes the specified value as the original value that was formerly decoded.
+
+ The value. Guaranteed to never be null.
+ The in string form, ready for message transport.
+
+
+
+ A description of some OpenID Relying Party endpoint.
+
+
+ This is an immutable type.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The return to.
+
+ The Type URIs of supported services advertised on a relying party's XRDS document.
+
+
+
+
+ Derives the highest OpenID protocol that this library and the OpenID Provider have
+ in common.
+
+ The supported service type URIs.
+ The best OpenID protocol version to use when communicating with this Provider.
+
+
+
+ Gets the URL to the login page on the discovered relying party web site.
+
+
+
+
+ Gets the OpenId protocol that the discovered relying party supports.
+
+
+
+
+ Diffie-Hellman encryption methods used by both the relying party and provider.
+
+
+
+
+ An array of known Diffie Hellman sessions, sorted by decreasing hash size.
+
+
+
+
+ Finds the hashing algorithm to use given an openid.session_type value.
+
+ The protocol version of the message that named the session_type to be used.
+ The value of the openid.session_type parameter.
+ The hashing algorithm to use.
+ Thrown if no match could be found for the given .
+
+
+
+ Looks up the value to be used for the openid.session_type parameter.
+
+ The protocol version that is to be used.
+ The hash size (in bits) that the DH session must have.
+ The value to be used for the openid.session_type parameter, or null if no match was found.
+
+
+
+ Encrypts/decrypts a shared secret.
+
+ The hashing algorithm that is agreed by both parties to use as part of the secret exchange.
+
+ If the secret is being encrypted, this is the new Diffie Hellman object to use.
+ If the secret is being decrypted, this must be the same Diffie Hellman object used to send the original request message.
+
+ The public key of the remote party.
+ The secret to encode, or the encoded secret. Whichever one is given will generate the opposite in the return value.
+
+ The encrypted version of the secret if the secret itself was given in .
+ The secret itself if the encrypted version of the secret was given in .
+
+
+
+
+ Ensures that the big integer represented by a given series of bytes
+ is a positive integer.
+
+ The bytes that make up the big integer.
+
+ A byte array (possibly new if a change was required) whose
+ integer is guaranteed to be positive.
+
+
+ This is to be consistent with OpenID spec section 4.2.
+
+
+
+
+ Returns the value used to initialize the static field storing DH session types.
+
+ A non-null, non-empty array.
+ >
+ This is a method rather than being inlined to the field initializer to try to avoid
+ the CLR bug that crops up sometimes if we initialize arrays using object initializer syntax.
+
+
+
+
+ Provides access to a Diffie-Hellman session algorithm and its name.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The hashing algorithm used in this particular Diffie-Hellman session type.
+ A function that will return the value of the openid.session_type parameter for a given version of OpenID.
+
+
+
+ Gets the function that will return the value of the openid.session_type parameter for a given version of OpenID.
+
+
+
+
+ Gets the hashing algorithm used in this particular Diffie-Hellman session type
+
+
+
+
+ An association that uses the HMAC-SHA family of algorithms for message signing.
+
+
+
+
+ A list of HMAC-SHA algorithms in order of decreasing bit lengths.
+
+
+
+
+ The specific variety of HMAC-SHA this association is based on (whether it be HMAC-SHA1, HMAC-SHA256, etc.)
+
+
+
+
+ Initializes a new instance of the class.
+
+ The specific variety of HMAC-SHA this association is based on (whether it be HMAC-SHA1, HMAC-SHA256, etc.)
+ The association handle.
+ The association secret.
+ The time duration the association will be good for.
+
+
+
+ Creates an HMAC-SHA association.
+
+ The OpenID protocol version that the request for an association came in on.
+ The value of the openid.assoc_type parameter.
+ The association handle.
+ The association secret.
+ How long the association will be good for.
+ The newly created association.
+
+
+
+ Creates an association with the specified handle, secret, and lifetime.
+
+ The handle.
+ The secret.
+ Total lifetime.
+ The newly created association.
+
+
+
+ Returns the length of the shared secret (in bytes).
+
+ The protocol version being used that will be used to lookup the text in
+ The value of the protocol argument specifying the type of association. For example: "HMAC-SHA1".
+ The length (in bytes) of the association secret.
+ Thrown if no association can be found by the given name.
+
+
+
+ Looks for the first association type in a preferred-order list that is
+ likely to be supported given a specific OpenID version and the security settings,
+ and perhaps a matching Diffie-Hellman session type.
+
+ The OpenID version that dictates which associations are available.
+ A value indicating whether to consider higher strength security to be better. Use true for initial association requests from the Relying Party; use false from Providers when the Relying Party asks for an unrecognized association in order to pick a suggested alternative that is likely to be supported on both sides.
+ The set of requirements the selected association type must comply to.
+ Use true for HTTP associations, false for HTTPS associations.
+ The resulting association type's well known protocol name. (i.e. HMAC-SHA256)
+ The resulting session type's well known protocol name, if a matching one is available. (i.e. DH-SHA256)
+
+ True if a qualifying association could be found; false otherwise.
+
+
+
+
+ Determines whether a named Diffie-Hellman session type and association type can be used together.
+
+ The protocol carrying the names of the session and association types.
+ The value of the openid.assoc_type parameter.
+ The value of the openid.session_type parameter.
+
+ true if the named association and session types are compatible; otherwise, false.
+
+
+
+
+ Gets the string to pass as the assoc_type value in the OpenID protocol.
+
+ The protocol version of the message that the assoc_type value will be included in.
+
+ The value that should be used for the openid.assoc_type parameter.
+
+
+
+
+ Returns the specific hash algorithm used for message signing.
+
+
+ The hash algorithm used for message signing.
+
+
+
+
+ Returns the value used to initialize the static field storing association types.
+
+ A non-null, non-empty array.
+ >
+ This is a method rather than being inlined to the field initializer to try to avoid
+ the CLR bug that crops up sometimes if we initialize arrays using object initializer syntax.
+
+
+
+
+ Gets the length (in bits) of the hash this association creates when signing.
+
+
+
+
+ Provides information about some HMAC-SHA hashing algorithm that OpenID supports.
+
+
+
+
+ Creates the using a given shared secret for the mac.
+
+ The HMAC secret.
+ The algorithm.
+
+
+
+ Gets or sets the function that takes a particular OpenID version and returns the value of the openid.assoc_type parameter in that protocol.
+
+
+
+
+ Gets or sets the name of the HMAC-SHA algorithm. (e.g. "HMAC-SHA256")
+
+
+
+
+ Gets or sets the base hash algorithm.
+
+
+
+
+ Gets the size of the hash (in bytes).
+
+
+
+
+ Represents an association request that is sent using HTTPS and otherwise communicates the shared secret in plain text.
+
+
+
+
+ An OpenID direct request from Relying Party to Provider to initiate an association.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The OpenID version this message must comply with.
+ The OpenID Provider endpoint.
+
+
+
+ Checks the message state for conformity to the protocol specification
+ and throws an exception if the message is invalid.
+
+
+ Some messages have required fields, or combinations of fields that must relate to each other
+ in specialized ways. After deserializing a message, this method checks the state of the
+ message to see if it conforms to the protocol.
+ Note that this property should not check signatures or perform any state checks
+ outside this scope of this particular message.
+
+ Thrown if the message is invalid.
+
+
+
+ Gets or sets the preferred association type. The association type defines the algorithm to be used to sign subsequent messages.
+
+ Value: A valid association type from Section 8.3.
+
+
+
+ Gets or sets the preferred association session type. This defines the method used to encrypt the association's MAC key in transit.
+
+ Value: A valid association session type from Section 8.4 (Association Session Types).
+ Note: Unless using transport layer encryption, "no-encryption" MUST NOT be used.
+
+
+
+ Initializes a new instance of the class.
+
+ The OpenID version this message must comply with.
+ The OpenID Provider endpoint.
+
+
+
+ Checks the message state for conformity to the protocol specification
+ and throws an exception if the message is invalid.
+
+
+ Some messages have required fields, or combinations of fields that must relate to each other
+ in specialized ways. After deserializing a message, this method checks the state of the
+ message to see if it conforms to the protocol.
+ Note that this property should not check signatures or perform any state checks
+ outside this scope of this particular message.
+
+ Thrown if the message is invalid.
+
+
+
+ An OpenID direct request from Relying Party to Provider to initiate an association that uses Diffie-Hellman encryption.
+
+
+
+
+ The (only) value we use for the X variable in the Diffie-Hellman algorithm.
+
+
+
+
+ The default gen value for the Diffie-Hellman algorithm.
+
+
+
+
+ The default modulus value for the Diffie-Hellman algorithm.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The OpenID version this message must comply with.
+ The OpenID Provider endpoint.
+
+
+
+ Called by the Relying Party to initialize the Diffie-Hellman algorithm and consumer public key properties.
+
+
+
+
+ Gets or sets the openid.dh_modulus value.
+
+ May be null if the default value given in the OpenID spec is to be used.
+
+
+
+ Gets or sets the openid.dh_gen value.
+
+ May be null if the default value given in the OpenID spec is to be used.
+
+
+
+ Gets or sets the openid.dh_consumer_public value.
+
+
+ This property is initialized with a call to .
+
+
+
+
+ Gets the Diffie-Hellman algorithm.
+
+
+ This property is initialized with a call to .
+
+
+
+
+ The successful Diffie-Hellman association response message.
+
+
+ Association response messages are described in OpenID 2.0 section 8.2. This type covers section 8.2.3.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The OpenID version of the response message.
+ The originating request.
+
+
+
+ Gets or sets the Provider's Diffie-Hellman public key.
+
+ btwoc(g ^ xb mod p)
+
+
+
+ Gets or sets the MAC key (shared secret), encrypted with the secret Diffie-Hellman value.
+
+ H(btwoc(g ^ (xa * xb) mod p)) XOR MAC key. H is either "SHA1" or "SHA256" depending on the session type.
+
+
+
+ The successful unencrypted association response message.
+
+
+ Association response messages are described in OpenID 2.0 section 8.2. This type covers section 8.2.2.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The OpenID version of the response message.
+ The originating request.
+
+
+
+ Gets or sets the MAC key (shared secret) for this association, Base 64 (Josefsson, S., “The Base16, Base32, and Base64 Data Encodings,” .) [RFC3548] encoded.
+
+
+
+
+ The Provider's response to a Relying Party that requested an association that the Provider does not support.
+
+
+ This message type described in OpenID 2.0 section 8.2.4.
+
+
+
+
+ A message sent from a Provider to a Relying Party in response to a direct message request that resulted in an error.
+
+
+ This message must be sent with an HTTP status code of 400.
+ This class satisfies OpenID 2.0 section 5.1.2.2.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The OpenID version of the response message.
+ The originating request.
+
+
+
+ Gets the HTTP status code that the direct respones should be sent with.
+
+
+
+
+
+ Gets the HTTP headers to add to the response.
+
+ May be an empty collection, but must not be null.
+
+
+
+ Gets or sets a human-readable message indicating why the request failed.
+
+
+
+
+ Gets or sets the contact address for the administrator of the server.
+
+ The contact address may take any form, as it is intended to be displayed to a person.
+
+
+
+ Gets or sets a reference token, such as a support ticket number or a URL to a news blog, etc.
+
+
+
+
+ A hard-coded string indicating an error occurred.
+
+ "unsupported-type"
+
+
+
+ Initializes a new instance of the class.
+
+ The OpenID version of the response message.
+ The originating request.
+
+
+
+ Gets or sets an association type supported by the OP from Section 8.3 (Association Types).
+
+
+
+
+ Gets or sets a valid association session type from Section 8.4 (Association Session Types) that the OP supports.
+
+
+
+
+ A message sent from a Provider to a Relying Party in response to an indirect message request that resulted in an error.
+
+
+ This class satisfies OpenID 2.0 section 5.2.3.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The request that resulted in this error on the Provider.
+
+
+
+ Initializes a new instance of the class.
+
+ The OpenID version this message should comply with.
+ The recipient of this message.
+
+
+
+ Gets or sets a human-readable message indicating why the request failed.
+
+
+
+
+ Gets or sets the contact address for the administrator of the server.
+
+ The contact address may take any form, as it is intended to be displayed to a person.
+
+
+
+ Gets or sets a reference token, such as a support ticket number or a URL to a news blog, etc.
+
+
+
+
+ A strongly-typed resource class, for looking up localized strings, etc.
+
+
+
+
+ Returns the cached ResourceManager instance used by this class.
+
+
+
+
+ Overrides the current thread's CurrentUICulture property for all
+ resource lookups using this strongly typed resource class.
+
+
+
+
+ Looks up a localized string similar to An absolute URI is required for this value..
+
+
+
+
+ Looks up a localized string similar to This is already a PPID Identifier..
+
+
+
+
+ Looks up a localized string similar to The requested association type '{0}' with session type '{1}' is unrecognized or not supported by this Provider due to security requirements..
+
+
+
+
+ Looks up a localized string similar to The length of the shared secret ({0}) does not match the length required by the association type ('{1}')..
+
+
+
+
+ Looks up a localized string similar to The length of the encrypted shared secret ({0}) does not match the length of the hashing algorithm ({1})..
+
+
+
+
+ Looks up a localized string similar to No association store has been given but is required for the current configuration..
+
+
+
+
+ Looks up a localized string similar to If an association store is given, a nonce store must also be provided..
+
+
+
+
+ Looks up a localized string similar to An attribute with type URI '{0}' has already been added..
+
+
+
+
+ Looks up a localized string similar to Only {0} values for attribute '{1}' were requested, but {2} were supplied..
+
+
+
+
+ Looks up a localized string similar to The private data supplied does not meet the requirements of any known Association type. Its length may be too short, or it may have been corrupted..
+
+
+
+
+ Looks up a localized string similar to The {0} extension failed to deserialize and will be skipped. {1}.
+
+
+
+
+ Looks up a localized string similar to Callback arguments are only supported when a {0} is provided to the {1}..
+
+
+
+
+ Looks up a localized string similar to A Simple Registration request can only generate a response on the receiving end..
+
+
+
+
+ Looks up a localized string similar to The openid.claimed_id and openid.identity parameters must both be present or both be absent..
+
+
+
+
+ Looks up a localized string similar to The ClaimedIdentifier property cannot be set when IsDelegatedIdentifier is true to avoid breaking OpenID URL delegation..
+
+
+
+
+ Looks up a localized string similar to This OpenID exploits features that this relying party cannot reliably verify. Please try logging in with a human-readable OpenID or from a different OpenID Provider..
+
+
+
+
+ Looks up a localized string similar to The ClaimedIdentifier property must be set first..
+
+
+
+
+ Looks up a localized string similar to An extension with this property name ('{0}') has already been registered..
+
+
+
+
+ Looks up a localized string similar to The extension '{0}' has already been registered..
+
+
+
+
+ Looks up a localized string similar to An authentication request has already been created using CreateRequest()..
+
+
+
+
+ Looks up a localized string similar to Only OpenIDs issued directly by their OpenID Provider are allowed here..
+
+
+
+
+ Looks up a localized string similar to The associate request instance must be a Diffie-Hellman instance..
+
+
+
+
+ Looks up a localized string similar to The following properties must be set before the Diffie-Hellman algorithm can generate a public key: {0}.
+
+
+
+
+ Looks up a localized string similar to URI is not SSL yet requireSslDiscovery is set to true..
+
+
+
+
+ Looks up a localized string similar to An extension sharing namespace '{0}' has already been added. Only one extension per namespace is allowed in a given request..
+
+
+
+
+ Looks up a localized string similar to Cannot lookup extension support on a rehydrated ServiceEndpoint..
+
+
+
+
+ Looks up a localized string similar to Fragment segments do not apply to XRI identifiers..
+
+
+
+
+ Looks up a localized string similar to The HTML head tag must include runat="server"..
+
+
+
+
+ Looks up a localized string similar to ClaimedIdentifier and LocalIdentifier must be the same when IsIdentifierSelect is true..
+
+
+
+
+ Looks up a localized string similar to The openid.identity and openid.claimed_id parameters must either be both present or both absent from the message..
+
+
+
+
+ Looks up a localized string similar to The Provider requested association type '{0}' and session type '{1}', which are not compatible with each other..
+
+
+
+
+ Looks up a localized string similar to {0} (Contact: {1}, Reference: {2}).
+
+
+
+
+ Looks up a localized string similar to Cannot encode '{0}' because it contains an illegal character for Key-Value Form encoding. (line {1}: '{2}').
+
+
+
+
+ Looks up a localized string similar to Invalid XmlDSig signature on XRDS document..
+
+
+
+
+ Looks up a localized string similar to Cannot decode Key-Value Form because a line was found without a '{0}' character. (line {1}: '{2}').
+
+
+
+
+ Looks up a localized string similar to The scheme must be http or https but was '{0}'..
+
+
+
+
+ Looks up a localized string similar to The value '{0}' is not a valid URI..
+
+
+
+
+ Looks up a localized string similar to Not a recognized XRI format..
+
+
+
+
+ Looks up a localized string similar to The OpenID Provider issued an assertion for an Identifier whose discovery information did not match.
+ Assertion endpoint info:
+ {0}
+ Discovered endpoint info:
+ {1}.
+
+
+
+
+ Looks up a localized string similar to The list of keys do not match the provided dictionary..
+
+
+
+
+ Looks up a localized string similar to The '{0}' and '{1}' parameters must both be or not be '{2}'..
+
+
+
+
+ Looks up a localized string similar to The maximum time allowed to complete authentication has been exceeded. Please try again..
+
+
+
+
+ Looks up a localized string similar to X.509 signing certificate issued to {0}, but a certificate for {1} was expected..
+
+
+
+
+ Looks up a localized string similar to Missing {0} element..
+
+
+
+
+ Looks up a localized string similar to No recognized association type matches the requested length of {0}..
+
+
+
+
+ Looks up a localized string similar to No recognized association type matches the requested name of '{0}'..
+
+
+
+
+ Looks up a localized string similar to Unless using transport layer encryption, "no-encryption" MUST NOT be used..
+
+
+
+
+ Looks up a localized string similar to No identifier has been set..
+
+
+
+
+ Looks up a localized string similar to No XRDS document containing OpenID relying party endpoint information could be found at {0}..
+
+
+
+
+ Looks up a localized string similar to Diffie-Hellman session type '{0}' not found for OpenID {1}..
+
+
+
+
+ Looks up a localized string similar to This operation is not supported by serialized authentication responses. Try this operation from the LoggedIn event handler..
+
+
+
+
+ Looks up a localized string similar to No OpenID endpoint found..
+
+
+
+
+ Looks up a localized string similar to No OpenID url is provided..
+
+
+
+
+ Looks up a localized string similar to This operation is only allowed when IAuthenticationResponse.State == AuthenticationStatus.SetupRequired..
+
+
+
+
+ Looks up a localized string similar to OpenID popup window or iframe did not recognize an OpenID response in the request..
+
+
+
+
+ Looks up a localized string similar to An positive OpenID assertion was received from OP endpoint {0} and was rejected based on this site's security settings..
+
+
+
+
+ Looks up a localized string similar to Unable to find the signing secret by the handle '{0}'..
+
+
+
+
+ Looks up a localized string similar to The {0} property must be set first..
+
+
+
+
+ Looks up a localized string similar to This property value is not supported by this control..
+
+
+
+
+ Looks up a localized string similar to Unable to determine the version of the OpenID protocol implemented by the Provider at endpoint '{0}'..
+
+
+
+
+ Looks up a localized string similar to An HTTP request to the realm URL ({0}) resulted in a redirect, which is not allowed during relying party discovery..
+
+
+
+
+ Looks up a localized string similar to Sorry. This site only accepts OpenIDs that are HTTPS-secured, but {0} is not a secure Identifier..
+
+
+
+
+ Looks up a localized string similar to The response is not ready. Use IsResponseReady to check whether a response is ready first..
+
+
+
+
+ Looks up a localized string similar to return_to '{0}' not under realm '{1}'..
+
+
+
+
+ Looks up a localized string similar to The {0} parameter ({1}) does not match the actual URL ({2}) the request was made with..
+
+
+
+
+ Looks up a localized string similar to The ReturnTo property must not be null to support this operation..
+
+
+
+
+ Looks up a localized string similar to The openid.return_to parameter is required in the request message in order to construct a response, but that parameter was missing..
+
+
+
+
+ Looks up a localized string similar to The following parameter(s) are not included in the signature but must be: {0}.
+
+
+
+
+ Looks up a localized string similar to Invalid birthdate value. Must be in the form yyyy-MM-dd..
+
+
+
+
+ Looks up a localized string similar to The type must implement {0}..
+
+
+
+
+ Looks up a localized string similar to The property {0} had unexpected value {1}..
+
+
+
+
+ Looks up a localized string similar to Unexpected HTTP status code {0} {1} received in direct response..
+
+
+
+
+ Looks up a localized string similar to An unsolicited assertion cannot be sent for the claimed identifier {0} because this is not an authorized Provider for that identifier..
+
+
+
+
+ Looks up a localized string similar to Rejecting unsolicited assertions requires a nonce store and an association store..
+
+
+
+
+ Looks up a localized string similar to Unsolicited assertions are not allowed at this relying party..
+
+
+
+
+ Looks up a localized string similar to Unsolicited assertions are not allowed from 1.0 OpenID Providers..
+
+
+
+
+ Looks up a localized string similar to Providing a DateTime whose Kind is Unspecified is not allowed..
+
+
+
+
+ Looks up a localized string similar to Unrecognized or missing canonicalization method..
+
+
+
+
+ Looks up a localized string similar to This feature is unavailable due to an unrecognized channel configuration..
+
+
+
+
+ Looks up a localized string similar to Unrecognized or missing signature method..
+
+
+
+
+ Looks up a localized string similar to The openid.user_setup_url parameter is required when sending negative assertion messages in response to immediate mode requests..
+
+
+
+
+ Looks up a localized string similar to The X.509 certificate used to sign this document is not trusted..
+
+
+
+
+ Looks up a localized string similar to XRI support has been disabled at this site..
+
+
+
+
+ Looks up a localized string similar to XRI resolution failed..
+
+
+
+
+ An enumeration of the OpenID protocol versions supported by this library.
+
+
+
+
+ OpenID Authentication 1.0
+
+
+
+
+ OpenID Authentication 1.1
+
+
+
+
+ OpenID Authentication 2.0
+
+
+
+
+ Tracks the several versions of OpenID this library supports and the unique
+ constants to each version used in the protocol.
+
+
+
+
+ The value of the openid.ns parameter in the OpenID 2.0 specification.
+
+
+
+
+ The parameter of the callback parameter we tack onto the return_to URL
+ to store the replay-detection nonce.
+
+
+
+
+ Scans a list for matches with some element of the OpenID protocol,
+ searching from newest to oldest protocol for the first and best match.
+
+ The type of element retrieved from the instance.
+ Takes a instance and returns an element of it.
+ The list to scan for matches.
+ The protocol with the element that matches some item in the list.
+
+
+
+ A list of all supported OpenID versions, in order starting from newest version.
+
+
+
+
+ A list of all supported OpenID versions, in order starting from newest version.
+ V1.1 and V1.0 are considered the same and only V1.1 is in the list.
+
+
+
+
+ The default (or most recent) supported version of the OpenID protocol.
+
+
+
+
+ Attempts to detect the right OpenID protocol version based on the contents
+ of an incoming OpenID indirect message or direct request.
+
+
+
+
+ Attempts to detect the right OpenID protocol version based on the contents
+ of an incoming OpenID direct response message.
+
+
+
+
+ Attemps to detect the highest OpenID protocol version supported given a set
+ of XRDS Service Type URIs included for some service.
+
+
+
+
+ The OpenID version that this instance describes.
+
+
+
+
+ The namespace of OpenId 1.x elements in XRDS documents.
+
+
+
+
+ The value of the openid.ns parameter that appears on the query string
+ whenever data is passed between relying party and provider for OpenID 2.0
+ and later.
+
+
+
+
+ The XRD/Service/Type value discovered in an XRDS document when
+ "discovering" on a Claimed Identifier (http://andrewarnott.yahoo.com)
+
+
+
+
+ The XRD/Service/Type value discovered in an XRDS document when
+ "discovering" on an OP Identifier rather than a Claimed Identifier.
+ (http://yahoo.com)
+
+
+
+
+ The XRD/Service/Type value discovered in an XRDS document when
+ "discovering" on a Realm URL and looking for the endpoint URL
+ that can receive authentication assertions.
+
+
+
+
+ Used as the Claimed Identifier and the OP Local Identifier when
+ the User Supplied Identifier is an OP Identifier.
+
+
+
+
+ The value of the 'rel' attribute in an HTML document's LINK tag
+ when the same LINK tag's HREF attribute value contains the URL to an
+ OP Endpoint URL.
+
+
+
+
+ The value of the 'rel' attribute in an HTML document's LINK tag
+ when the same LINK tag's HREF attribute value contains the URL to use
+ as the OP Local Identifier.
+
+
+
+
+ Parts of the protocol that define parameter names that appear in the
+ query string. Each parameter name is prefixed with 'openid.'.
+
+
+
+
+ Parts of the protocol that define parameter names that appear in the
+ query string. Each parameter name is NOT prefixed with 'openid.'.
+
+
+
+
+ The various 'constants' that appear as parameter arguments (values).
+
+
+
+
+ The maximum time a user can be allowed to take to complete authentication.
+
+
+ This is used to calculate the length of time that nonces are stored.
+ This is internal until we can decide whether to leave this static, or make
+ it an instance member, or put it inside the IConsumerApplicationStore interface.
+
+
+
+
+ The maximum permissible difference in clocks between relying party and
+ provider web servers, discounting time zone differences.
+
+
+ This is used when storing/validating nonces from the provider.
+ If it is conceivable that a server's clock could be up to five minutes
+ off from true UTC time, then the maximum time skew should be set to
+ ten minutes to allow one server to be five minutes ahead and the remote
+ server to be five minutes behind and still be able to communicate.
+
+
+
+
+ Checks whether a given Protocol version practically equals this one
+ for purposes of verifying a match for assertion verification.
+
+ The other version to check against this one.
+ true if this and the given Protocol versions are essentially the same.
+
+ OpenID v1.0 never had a spec, and 1.0 and 1.1 are indistinguishable because of that.
+ Therefore for assertion verification, 1.0 and 1.1 are considered equivalent.
+
+
+
+
+ Returns the enum value for the instance.
+
+
+
+
+ The value "openid."
+
+
+
+
+ A preference order list of all supported session types.
+
+
+
+
+ A preference order list of signature algorithms we support.
+
+
+
+
+ A hybrid of the store interfaces that an OpenID Provider must implement, and
+ an OpenID Relying Party may implement to operate in stateful (smart) mode.
+
+
+
+
+ Security settings that are applicable to relying parties.
+
+
+
+
+ The default value for the property.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Filters out any disallowed endpoints.
+
+ The endpoints discovered on an Identifier.
+ A sequence of endpoints that satisfy all security requirements.
+
+
+
+ Gets or sets a value indicating whether the entire pipeline from Identifier discovery to
+ Provider redirect is guaranteed to be encrypted using HTTPS for authentication to succeed.
+
+
+ Setting this property to true is appropriate for RPs with highly sensitive
+ personal information behind the authentication (money management, health records, etc.)
+ When set to true, some behavioral changes and additional restrictions are placed:
+
+ User-supplied identifiers lacking a scheme are prepended with
+ HTTPS:// rather than the standard HTTP:// automatically.
+ User-supplied identifiers are not allowed to use HTTP for the scheme.
+ All redirects during discovery on the user-supplied identifier must be HTTPS.
+ Any XRDS file found by discovery on the User-supplied identifier must be protected using HTTPS.
+ Only Provider endpoints found at HTTPS URLs will be considered.
+ If the discovered identifier is an OP Identifier (directed identity), the
+ Claimed Identifier eventually asserted by the Provider must be an HTTPS identifier.
+ In the case of an unsolicited assertion, the asserted Identifier, discovery on it and
+ the asserting provider endpoint must all be secured by HTTPS.
+
+ Although the first redirect from this relying party to the Provider is required
+ to use HTTPS, any additional redirects within the Provider cannot be protected and MAY
+ revert the user's connection to HTTP, based on individual Provider implementation.
+ There is nothing that the RP can do to detect or prevent this.
+
+ A is thrown during discovery or authentication when a secure pipeline cannot be established.
+
+
+
+
+
+ Gets or sets a value indicating whether only OP Identifiers will be discoverable
+ when creating authentication requests.
+
+
+
+
+ Gets or sets the oldest version of OpenID the remote party is allowed to implement.
+
+ Defaults to
+
+
+
+ Gets or sets the maximum allowable age of the secret a Relying Party
+ uses to its return_to URLs and nonces with 1.0 Providers.
+
+ The default value is 7 days.
+
+
+
+ Gets or sets a value indicating whether all unsolicited assertions should be ignored.
+
+ The default value is false.
+
+
+
+ Gets or sets a value indicating whether delegating identifiers are refused for authentication.
+
+ The default value is false.
+
+ When set to true, login attempts that start at the RP or arrive via unsolicited
+ assertions will be rejected if discovery on the identifier shows that OpenID delegation
+ is used for the identifier. This is useful for an RP that should only accept identifiers
+ directly issued by the Provider that is sending the assertion.
+
+
+
+
+ Gets or sets a value indicating whether unsigned extensions in authentication responses should be ignored.
+
+ The default value is false.
+
+ When set to true, the methods
+ will not return any extension that was not signed by the Provider.
+
+
+
+
+ Gets or sets a value indicating whether authentication requests will only be
+ sent to Providers with whom we can create a shared association.
+
+
+ true to immediately fail authentication if an association with the Provider cannot be established; otherwise, false.
+ The default value is false.
+
+
+
+
+ Gets or sets a value indicating whether certain Claimed Identifiers that exploit
+ features that .NET does not have the ability to send exact HTTP requests for will
+ still be allowed by using an approximate HTTP request.
+
+
+ The default value is true.
+
+
+
+
+ Gets the set of trusted OpenID Provider Endpoint URIs.
+
+
+
+
+ Gets or sets a value indicating whether any login attempt coming from an OpenID Provider Endpoint that is not on this
+ whitelist of trusted OP Endpoints will be rejected. If the trusted providers list is empty and this value
+ is true, all assertions are rejected.
+
+ Default is false.
+
+
+
+ Gets or sets a value indicating whether special measures are taken to
+ protect users from replay attacks when those users' identities are hosted
+ by OpenID 1.x Providers.
+
+ The default value is true.
+
+ Nonces for protection against replay attacks were not mandated
+ by OpenID 1.x, which leaves users open to replay attacks.
+ This feature works by adding a signed nonce to the authentication request.
+ This might increase the request size beyond what some OpenID 1.1 Providers
+ (such as Blogger) are capable of handling.
+
+
+
+
+ The discovery service for URI identifiers.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Performs discovery on the specified identifier.
+
+ The identifier to perform discovery on.
+ The means to place outgoing HTTP requests.
+ if set to true, no further discovery services will be called for this identifier.
+
+ A sequence of service endpoints yielded by discovery. Must not be null, but may be empty.
+
+
+
+
+ Searches HTML for the HEAD META tags that describe OpenID provider services.
+
+ The final URL that provided this HTML document.
+ This may not be the same as (this) userSuppliedIdentifier if the
+ userSuppliedIdentifier pointed to a 301 Redirect.
+ The user supplied identifier.
+ The HTML that was downloaded and should be searched.
+
+ A sequence of any discovered ServiceEndpoints.
+
+
+
+
+ The discovery service for XRI identifiers that uses an XRI proxy resolver for discovery.
+
+
+
+
+ The magic URL that will provide us an XRDS document for a given XRI identifier.
+
+
+ We use application/xrd+xml instead of application/xrds+xml because it gets
+ xri.net to automatically give us exactly the right XRD element for community i-names
+ automatically, saving us having to choose which one to use out of the result.
+ The ssl=true parameter tells the proxy resolver to accept only SSL connections
+ when resolving community i-names.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Performs discovery on the specified identifier.
+
+ The identifier to perform discovery on.
+ The means to place outgoing HTTP requests.
+ if set to true, no further discovery services will be called for this identifier.
+
+ A sequence of service endpoints yielded by discovery. Must not be null, but may be empty.
+
+
+
+
+ Downloads the XRDS document for this XRI.
+
+ The identifier.
+ The request handler.
+ The XRDS document.
+
+
+
+ Gets the URL from which this XRI's XRDS document may be downloaded.
+
+ The identifier.
+ The URI to HTTP GET from to get the services.
+
+
+
+ A URI style of OpenID Identifier.
+
+
+
+
+ The allowed protocol schemes in a URI Identifier.
+
+
+
+
+ The special scheme to use for HTTP URLs that should not have their paths compressed.
+
+
+
+
+ The special scheme to use for HTTPS URLs that should not have their paths compressed.
+
+
+
+
+ The special scheme to use for HTTP URLs that should not have their paths compressed.
+
+
+
+
+ The special scheme to use for HTTPS URLs that should not have their paths compressed.
+
+
+
+
+ A value indicating whether scheme substitution is being used to workaround
+ .NET path compression that invalidates some OpenIDs that have trailing periods
+ in one of their path segments.
+
+
+
+
+ Initializes static members of the class.
+
+
+ This method attempts to workaround the .NET Uri class parsing bug described here:
+ https://connect.microsoft.com/VisualStudio/feedback/details/386695/system-uri-incorrectly-strips-trailing-dots?wa=wsignin1.0#tabs
+ since some identifiers (like some of the pseudonymous identifiers from Yahoo) include path segments
+ that end with periods, which the Uri class will typically trim off.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The value this identifier will represent.
+
+
+
+ Initializes a new instance of the class.
+
+ The value this identifier will represent.
+ if set to true [require SSL discovery].
+
+
+
+ Initializes a new instance of the class.
+
+ The value this identifier will represent.
+
+
+
+ Initializes a new instance of the class.
+
+ The value this identifier will represent.
+ if set to true [require SSL discovery].
+
+
+
+ Converts a instance to a instance.
+
+ The identifier to convert to an ordinary instance.
+ The result of the conversion.
+
+
+
+ Converts a instance to a instance.
+
+ The instance to turn into a .
+ The result of the conversion.
+
+
+
+ Tests equality between this URI and another URI.
+
+ The to compare with the current .
+
+ true if the specified is equal to the current ; otherwise, false.
+
+
+ The parameter is null.
+
+
+
+
+ Returns the hash code of this XRI.
+
+
+ A hash code for the current .
+
+
+
+
+ Returns the string form of the URI.
+
+
+ A that represents the current .
+
+
+
+
+ Determines whether a URI is a valid OpenID Identifier (of any kind).
+
+ The URI to test for OpenID validity.
+
+ true if the identifier is valid; otherwise, false.
+
+
+ A valid URI is absolute (not relative) and uses an http(s) scheme.
+
+
+
+
+ Determines whether a URI is a valid OpenID Identifier (of any kind).
+
+ The URI to test for OpenID validity.
+
+ true if the identifier is valid; otherwise, false.
+
+
+ A valid URI is absolute (not relative) and uses an http(s) scheme.
+
+
+
+
+ Returns an that has no URI fragment.
+ Quietly returns the original if it is not
+ a or no fragment exists.
+
+
+ A new instance if there was a
+ fragment to remove, otherwise this same instance..
+
+
+
+
+ Converts a given identifier to its secure equivalent.
+ UriIdentifiers originally created with an implied HTTP scheme change to HTTPS.
+ Discovery is made to require SSL for the entire resolution process.
+
+ The newly created secure identifier.
+ If the conversion fails, retains
+ this identifiers identity, but will never discover any endpoints.
+
+ True if the secure conversion was successful.
+ False if the Identifier was originally created with an explicit HTTP scheme.
+
+
+
+
+ Determines whether the given URI is using a scheme in the list of allowed schemes.
+
+ The URI whose scheme is to be checked.
+
+ true if the scheme is allowed; otherwise, false.
+ false is also returned if is null.
+
+
+
+
+ Determines whether the given URI is using a scheme in the list of allowed schemes.
+
+ The URI whose scheme is to be checked.
+
+ true if the scheme is allowed; otherwise, false.
+ false is also returned if is null.
+
+
+
+
+ Tries to canonicalize a user-supplied identifier.
+ This does NOT convert a user-supplied identifier to a Claimed Identifier!
+
+ The user-supplied identifier.
+ The resulting canonical URI.
+ If set to true and the user-supplied identifier lacks a scheme, the "https://" scheme will be prepended instead of the standard "http://" one.
+ if set to true [scheme prepended].
+
+ true if the identifier was valid and could be canonicalized.
+ false if the identifier is outside the scope of allowed inputs and should be rejected.
+
+
+ Canonicalization is done by adding a scheme in front of an
+ identifier if it isn't already present. Other trivial changes that do not
+ require network access are also done, such as lower-casing the hostname in the URI.
+
+
+
+
+ Fixes up the scheme if appropriate.
+
+ The URI, already in legal form (with http(s):// prepended if necessary).
+ The resulting canonical URI.
+ true if the canonicalization was successful; false otherwise.
+
+ This does NOT standardize an OpenID URL for storage in a database, as
+ it does nothing to convert the URL to a Claimed Identifier, besides the fact
+ that it only deals with URLs whereas OpenID 2.0 supports XRIs.
+ For this, you should lookup the value stored in IAuthenticationResponse.ClaimedIdentifier.
+
+
+
+
+ Gets the special non-compressing scheme or URL for a standard scheme or URL.
+
+ The ordinary URL or scheme name.
+ The non-compressing equivalent scheme or URL for the given value.
+
+
+
+ Performs the minimal URL normalization to allow a string to be passed to the constructor.
+
+ The user-supplied identifier URI to normalize.
+ if set to true, a missing scheme should result in HTTPS being prepended instead of HTTP.
+ if set to true, the scheme was prepended during normalization.
+ The somewhat normalized URL.
+
+
+
+ Gets or sets a value indicating whether scheme substitution is being used to workaround
+ .NET path compression that invalidates some OpenIDs that have trailing periods
+ in one of their path segments.
+
+
+
+
+ Gets the URI this instance represents.
+
+
+
+
+ Gets a value indicating whether the scheme was missing when this
+ Identifier was created and added automatically as part of the
+ normalization process.
+
+
+
+
+ Gets a value indicating whether this Identifier has characters or patterns that
+ the class normalizes away and invalidating the Identifier.
+
+
+
+
+ A simple URI class that doesn't suffer from the parsing problems of the class.
+
+
+
+
+ URI characters that separate the URI Path from subsequent elements.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The value.
+
+
+
+ Returns a that represents this instance.
+
+
+ A that represents this instance.
+
+
+
+
+ Determines whether the specified is equal to this instance.
+
+ The to compare with this instance.
+
+ true if the specified is equal to this instance; otherwise, false.
+
+
+ The parameter is null.
+
+
+
+
+ Returns a hash code for this instance.
+
+
+ A hash code for this instance, suitable for use in hashing algorithms and data structures like a hash table.
+
+
+
+
+ Normalizes the characters that are escaped in the given URI path.
+
+ The path to normalize.
+ The given path, with exactly those characters escaped which should be.
+
+
+
+ Gets the scheme.
+
+ The scheme.
+
+
+
+ Gets the authority.
+
+ The authority.
+
+
+
+ Gets the path of the URI.
+
+ The path from the URI.
+
+
+
+ Gets the query.
+
+ The query.
+
+
+
+ Gets the fragment.
+
+ The fragment.
+
+
+
+ A URI parser that does not compress paths, such as trimming trailing periods from path segments.
+
+
+
+
+ The field that stores the scheme that this parser is registered under.
+
+
+
+
+ The standard "http" or "https" scheme that this parser is subverting.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The standard scheme that this parser will be subverting.
+
+
+
+ Initializes this parser with the actual scheme it should appear to be.
+
+ if set to true Uris using this scheme will look like they're using the original standard scheme.
+
+
+
+ Gets the scheme this parser is registered under.
+
+ The registered scheme.
+
+
+
+ An XRI style of OpenID Identifier.
+
+
+
+
+ The scheme and separator "xri://"
+
+
+
+
+ An XRI always starts with one of these symbols.
+
+
+
+
+ Backing store for the property.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The string value of the XRI.
+
+
+
+ Initializes a new instance of the class.
+
+ The XRI that this Identifier will represent.
+
+ If set to true, discovery and the initial authentication redirect will
+ only succeed if it can be done entirely using SSL.
+
+
+
+
+ Tests equality between this XRI and another XRI.
+
+ The to compare with the current .
+
+ true if the specified is equal to the current ; otherwise, false.
+
+
+ The parameter is null.
+
+
+
+
+ Returns the hash code of this XRI.
+
+
+ A hash code for the current .
+
+
+
+
+ Returns the canonical string form of the XRI.
+
+
+ A that represents the current .
+
+
+
+
+ Tests whether a given string represents a valid XRI format.
+
+ The value to test for XRI validity.
+
+ true if the given string constitutes a valid XRI; otherwise, false.
+
+
+
+
+ Returns an that has no URI fragment.
+ Quietly returns the original if it is not
+ a or no fragment exists.
+
+
+ A new instance if there was a
+ fragment to remove, otherwise this same instance..
+
+
+ XRI Identifiers never have a fragment part, and thus this method
+ always returns this same instance.
+
+
+
+
+ Converts a given identifier to its secure equivalent.
+ UriIdentifiers originally created with an implied HTTP scheme change to HTTPS.
+ Discovery is made to require SSL for the entire resolution process.
+
+ The newly created secure identifier.
+ If the conversion fails, retains
+ this identifiers identity, but will never discover any endpoints.
+
+ True if the secure conversion was successful.
+ False if the Identifier was originally created with an explicit HTTP scheme.
+
+
+
+
+ Takes any valid form of XRI string and returns the canonical form of the same XRI.
+
+ The xri to canonicalize.
+ The canonicalized form of the XRI.
+ The canonical form, per the OpenID spec, is no scheme and no whitespace on either end.
+
+
+
+ Gets the original XRI supplied to the constructor.
+
+
+
+
+ Gets the canonical form of the XRI string.
+
+
+
+
+ A strongly-typed resource class, for looking up localized strings, etc.
+
+
+
+
+ Returns the cached ResourceManager instance used by this class.
+
+
+
+
+ Overrides the current thread's CurrentUICulture property for all
+ resource lookups using this strongly typed resource class.
+
+
+
+
+ Looks up a localized string similar to XRI CanonicalID verification failed..
+
+
+
+
+ Looks up a localized string similar to Failure parsing XRDS document..
+
+
+
+
+ Looks up a localized string similar to The XRDS document for XRI {0} is missing the required CanonicalID element..
+
+
+
+
+ Looks up a localized string similar to Could not find XRI resolution Status tag or code attribute was invalid..
+
+
+
+
+ String constants for various content-type header values used in YADIS discovery.
+
+
+
+
+ The text/html content-type
+
+
+
+
+ The application/xhtml+xml content-type
+
+
+
+
+ The application/xrds+xml content-type
+
+
+
+
+ The text/xml content type
+
+
+
+
+ Contains the result of YADIS discovery.
+
+
+
+
+ The original web response, backed up here if the final web response is the preferred response to use
+ in case it turns out to not work out.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The user-supplied identifier.
+ The initial response.
+ The final response.
+
+
+
+ Reverts to the HTML response after the XRDS response didn't work out.
+
+
+
+
+ Applies the HTML response to the object.
+
+ The initial response.
+
+
+
+ Gets the URI of the original YADIS discovery request.
+ This is the user supplied Identifier as given in the original
+ YADIS discovery request.
+
+
+
+
+ Gets the fully resolved (after redirects) URL of the user supplied Identifier.
+ This becomes the ClaimedIdentifier.
+
+
+
+
+ Gets the location the XRDS document was downloaded from, if different
+ from the user supplied Identifier.
+
+
+
+
+ Gets the Content-Type associated with the .
+
+
+
+
+ Gets the text in the final response.
+ This may be an XRDS document or it may be an HTML document,
+ as determined by the property.
+
+
+
+
+ Gets a value indicating whether the
+ represents an XRDS document. False if the response is an HTML document.
+
+
+
+
+ An HTML HEAD tag parser.
+
+
+
+
+ Common flags to use on regex tests.
+
+
+
+
+ A regular expression designed to select tags (?)
+
+
+
+
+ A regular expression designed to select start tags (?)
+
+
+
+
+ A regular expression designed to select attributes within a tag.
+
+
+
+
+ A regular expression designed to select the HEAD tag.
+
+
+
+
+ A regular expression designed to select the HTML tag.
+
+
+
+
+ A regular expression designed to remove all comments and scripts from a string.
+
+
+
+
+ Finds all the HTML HEAD tag child elements that match the tag name of a given type.
+
+ The HTML tag of interest.
+ The HTML to scan.
+ A sequence of the matching elements.
+
+
+
+ Filters a list of controls based on presence of an attribute.
+
+ The type of HTML controls being filtered.
+ The sequence.
+ The attribute.
+ A filtered sequence of attributes.
+
+
+
+ Generates a regular expression that will find a given HTML tag.
+
+ Name of the tag.
+ The close tags (?).
+ The created regular expression.
+
+
+
+ Generates a regular expression designed to find a given tag.
+
+ The tag to find.
+ The created regular expression.
+
+
+
+ The Service element in an XRDS document.
+
+
+
+
+ A node in an XRDS document.
+
+
+
+
+ The XRD namespace xri://$xrd*($v*2.0)
+
+
+
+
+ The XRDS namespace xri://$xrds
+
+
+
+
+ Initializes a new instance of the class.
+
+ The node represented by this instance.
+ The parent node.
+
+
+
+ Initializes a new instance of the class.
+
+ The document's root node, which this instance represents.
+
+
+
+ Gets the node.
+
+
+
+
+ Gets the parent node, or null if this is the root node.
+
+
+
+
+ Gets the XML namespace resolver to use in XPath expressions.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The service element.
+ The parent.
+
+
+
+ Compares the current object with another object of the same type.
+
+ An object to compare with this object.
+
+ A 32-bit signed integer that indicates the relative order of the objects being compared. The return value has the following meanings:
+ Value
+ Meaning
+ Less than zero
+ This object is less than the parameter.
+ Zero
+ This object is equal to .
+ Greater than zero
+ This object is greater than .
+
+
+
+
+ Gets the XRD parent element.
+
+
+
+
+ Gets the priority.
+
+
+
+
+ Gets the URI child elements.
+
+
+
+
+ Gets the type child elements.
+
+ The type elements.
+
+
+
+ Gets the type child element's URIs.
+
+
+
+
+ Gets the OP Local Identifier.
+
+
+
+
+ The Type element in an XRDS document.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The type element.
+ The parent.
+
+
+
+ Gets the URI.
+
+
+
+
+ The Uri element in an XRDS document.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The URI element.
+ The service.
+
+
+
+ Compares the current object with another object of the same type.
+
+ An object to compare with this object.
+
+ A 32-bit signed integer that indicates the relative order of the objects being compared. The return value has the following meanings:
+ Value
+ Meaning
+ Less than zero
+ This object is less than the parameter.
+ Zero
+ This object is equal to .
+ Greater than zero
+ This object is greater than .
+
+
+
+
+ Gets the priority.
+
+
+
+
+ Gets the URI.
+
+
+
+
+ Gets the parent service.
+
+
+
+
+ The Xrd element in an XRDS document.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The XRD element.
+ The parent.
+
+
+
+ Searches for service sub-elements that have Type URI sub-elements that match
+ one that we have for a known OpenID protocol version.
+
+ A function that selects what element of the OpenID Protocol we're interested in finding.
+ A sequence of service elements that match the search criteria, sorted in XRDS @priority attribute order.
+
+
+
+ Gets the child service elements.
+
+ The services.
+
+
+
+ Gets a value indicating whether this XRD element's resolution at the XRI resolver was successful.
+
+
+ true if this XRD's resolution was successful; otherwise, false.
+
+
+
+
+ Gets the canonical ID (i-number) for this element.
+
+
+
+
+ Gets a value indicating whether the was verified.
+
+
+
+
+ Gets the services for OP Identifiers.
+
+
+
+
+ Gets the services for Claimed Identifiers.
+
+
+
+
+ Gets the services that would be discoverable at an RP for return_to verification.
+
+
+
+
+ Gets the services that would be discoverable at an RP for the UI extension icon.
+
+
+
+
+ Gets an enumeration of all Service/URI elements, sorted in priority order.
+
+
+
+
+ Gets the XRI resolution status code.
+
+
+
+
+ An XRDS document.
+
+
+
+
+ The namespace used by XML digital signatures.
+
+
+
+
+ The namespace used by Google Apps for Domains for OpenID URI templates.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The root node of the XRDS document.
+
+
+
+ Initializes a new instance of the class.
+
+ The Xml reader positioned at the root node of the XRDS document.
+
+
+
+ Initializes a new instance of the class.
+
+ The text that is the XRDS document.
+
+
+
+ Gets the XRD child elements of the document.
+
+
+
+
+ Gets a value indicating whether all child XRD elements were resolved successfully.
+
+
+
+
+ YADIS discovery manager.
+
+
+
+
+ The HTTP header to look for in responses to declare where the XRDS document should be found.
+
+
+
+
+ The maximum number of bytes to read from an HTTP response
+ in searching for a link to a YADIS document.
+
+
+
+
+ Gets or sets the cache that can be used for HTTP requests made during identifier discovery.
+
+
+
+
+ Performs YADIS discovery on some identifier.
+
+ The mechanism to use for sending HTTP requests.
+ The URI to perform discovery on.
+ Whether discovery should fail if any step of it is not encrypted.
+
+ The result of discovery on the given URL.
+ Null may be returned if an error occurs,
+ or if is true but part of discovery
+ is not protected by SSL.
+
+
+
+
+ Searches an HTML document for a
+ <meta http-equiv="X-XRDS-Location" content="{YadisURL}">
+ tag and returns the content of YadisURL.
+
+ The HTML to search.
+ The URI of the XRDS document if found; otherwise null.
+
+
+
+ Sends a YADIS HTTP request as part of identifier discovery.
+
+ The request handler to use to actually submit the request.
+ The URI to GET.
+ Whether only HTTPS URLs should ever be retrieved.
+ The value of the Accept HTTP header to include in the request.
+ The HTTP response retrieved from the request.
+
+
+
+ Determines whether a given HTTP response constitutes an XRDS document.
+
+ The response to test.
+
+ true if the response constains an XRDS document; otherwise, false.
+
+
+
+
diff --git a/PROJ-ETS/packages/DotNetOpenAuth.OpenId.Core.4.3.0.13117/lib/net40-full/Mono.Math.dll b/PROJ-ETS/packages/DotNetOpenAuth.OpenId.Core.4.3.0.13117/lib/net40-full/Mono.Math.dll
new file mode 100644
index 0000000..23d3184
Binary files /dev/null and b/PROJ-ETS/packages/DotNetOpenAuth.OpenId.Core.4.3.0.13117/lib/net40-full/Mono.Math.dll differ
diff --git a/PROJ-ETS/packages/DotNetOpenAuth.OpenId.Core.4.3.0.13117/lib/net40-full/Mono.Math.xml b/PROJ-ETS/packages/DotNetOpenAuth.OpenId.Core.4.3.0.13117/lib/net40-full/Mono.Math.xml
new file mode 100644
index 0000000..f87c5c7
--- /dev/null
+++ b/PROJ-ETS/packages/DotNetOpenAuth.OpenId.Core.4.3.0.13117/lib/net40-full/Mono.Math.xml
@@ -0,0 +1,206 @@
+
+
+
+ Mono.Math
+
+
+
+
+ Default length of a BigInteger in bytes
+
+
+
+
+ The Length of this BigInteger
+
+
+
+
+ The data for this BigInteger
+
+
+
+
+ Table of primes below 2000.
+
+
+
+ This table was generated using Mathematica 4.1 using the following function:
+
+
+
+ PrimeTable [x_] := Prime [Range [1, PrimePi [x]]]
+ PrimeTable [6000]
+
+
+
+
+
+
+ Generates a new, random BigInteger of the specified length.
+
+ The number of bits for the new number.
+ A random number generator to use to obtain the bits.
+ A random number of the specified length.
+
+
+
+ Generates a new, random BigInteger of the specified length using the default RNG crypto service provider.
+
+ The number of bits for the new number.
+ A random number of the specified length.
+
+
+
+ Randomizes the bits in "this" from the specified RNG.
+
+ A RNG.
+
+
+
+ Randomizes the bits in "this" from the default RNG.
+
+
+
+
+ Tests if the specified bit is 1.
+
+ The bit to test. The least significant bit is 0.
+ True if bitNum is set to 1, else false.
+
+
+
+ Normalizes this by setting the length to the actual number of
+ uints used in data and by setting the sign to Sign.Zero if the
+ value of this is 0.
+
+
+
+
+ Generates the smallest prime >= bi
+
+ A BigInteger
+ The smallest prime >= bi. More mathematically, if bi is prime: bi, else Prime [PrimePi [bi] + 1].
+
+
+
+ Increments this by two
+
+
+
+
+ Low level functions for the BigInteger
+
+
+
+
+ Adds two numbers with the same sign.
+
+ A BigInteger
+ A BigInteger
+ bi1 + bi2
+
+
+
+ Compares two BigInteger
+
+ A BigInteger
+ A BigInteger
+ The sign of bi1 - bi2
+
+
+
+ Performs n / d and n % d in one operation.
+
+ A BigInteger, upon exit this will hold n / d
+ The divisor
+ n % d
+
+
+
+ Multiplies the data in x [xOffset:xOffset+xLen] by
+ y [yOffset:yOffset+yLen] and puts it into
+ d [dOffset:dOffset+xLen+yLen].
+
+
+
+
+ Multiplies the data in x [xOffset:xOffset+xLen] by
+ y [yOffset:yOffset+yLen] and puts the low mod words into
+ d [dOffset:dOffset+mod].
+
+
+
+
+ A factor of confidence.
+
+
+
+
+ Only suitable for development use, probability of failure may be greater than 1/2^20.
+
+
+
+
+ Suitable only for transactions which do not require forward secrecy. Probability of failure about 1/2^40
+
+
+
+
+ Designed for production use. Probability of failure about 1/2^80.
+
+
+
+
+ Suitable for sensitive data. Probability of failure about 1/2^160.
+
+
+
+
+ Use only if you have lots of time! Probability of failure about 1/2^320.
+
+
+
+
+ Only use methods which generate provable primes. Not yet implemented.
+
+
+
+
+ Finds the next prime after a given number.
+
+
+
+
+ Performs primality tests on bi, assumes trial division has been done.
+
+ A BigInteger that has been subjected to and passed trial division
+ False if bi is composite, true if it may be prime.
+ The speed of this method is dependent on Confidence
+
+
+
+ Probabilistic prime test based on Rabin-Miller's test
+
+
+
+ The number to test.
+
+
+
+
+ The number of chosen bases. The test has at least a
+ 1/4^confidence chance of falsely returning True.
+
+
+
+
+ True if "this" is a strong pseudoprime to randomly chosen bases.
+
+
+ False if "this" is definitely NOT prime.
+
+
+
+
+
diff --git a/PROJ-ETS/packages/DotNetOpenAuth.OpenId.Core.4.3.0.13117/lib/net40-full/Org.Mentalis.Security.Cryptography.dll b/PROJ-ETS/packages/DotNetOpenAuth.OpenId.Core.4.3.0.13117/lib/net40-full/Org.Mentalis.Security.Cryptography.dll
new file mode 100644
index 0000000..55d4a3d
Binary files /dev/null and b/PROJ-ETS/packages/DotNetOpenAuth.OpenId.Core.4.3.0.13117/lib/net40-full/Org.Mentalis.Security.Cryptography.dll differ
diff --git a/PROJ-ETS/packages/DotNetOpenAuth.OpenId.Core.4.3.0.13117/lib/net40-full/Org.Mentalis.Security.Cryptography.xml b/PROJ-ETS/packages/DotNetOpenAuth.OpenId.Core.4.3.0.13117/lib/net40-full/Org.Mentalis.Security.Cryptography.xml
new file mode 100644
index 0000000..305e65d
--- /dev/null
+++ b/PROJ-ETS/packages/DotNetOpenAuth.OpenId.Core.4.3.0.13117/lib/net40-full/Org.Mentalis.Security.Cryptography.xml
@@ -0,0 +1,204 @@
+
+
+
+ Org.Mentalis.Security.Cryptography
+
+
+
+
+ Defines the different Diffie-Hellman key generation methods.
+
+
+
+
+ Returns dynamically generated values for P and G. Unlike the Sophie Germain or DSA key generation methods,
+ this method does not ensure that the selected prime offers an adequate security level.
+
+
+
+
+ Returns values for P and G that are hard coded in this library. Contrary to what your intuition may tell you,
+ using these hard coded values is perfectly safe.
+ The values of the P and G parameters are taken from 'The OAKLEY Key Determination Protocol' [RFC2412].
+ This is the prefered key generation method, because it is very fast and very safe.
+ Because this method uses fixed values for the P and G parameters, not all bit sizes are supported.
+ The current implementation supports bit sizes of 768, 1024 and 1536.
+
+
+
+
+ Represents the parameters of the Diffie-Hellman algorithm.
+
+
+
+
+ Represents the public P parameter of the Diffie-Hellman algorithm.
+
+
+
+
+ Represents the public G parameter of the Diffie-Hellman algorithm.
+
+
+
+
+ Represents the private X parameter of the Diffie-Hellman algorithm.
+
+
+
+
+ Defines a base class from which all Diffie-Hellman implementations inherit.
+
+
+
+
+ Creates an instance of the default implementation of the algorithm.
+
+ A new instance of the default implementation of DiffieHellman.
+
+
+
+ Creates an instance of the specified implementation of .
+
+ The name of the implementation of DiffieHellman to use.
+ A new instance of the specified implementation of DiffieHellman.
+
+
+
+ Initializes a new instance.
+
+
+
+
+ When overridden in a derived class, creates the key exchange data.
+
+ The key exchange data to be sent to the intended recipient.
+
+
+
+ When overridden in a derived class, extracts secret information from the key exchange data.
+
+ The key exchange data within which the secret information is hidden.
+ The secret information derived from the key exchange data.
+
+
+
+ When overridden in a derived class, exports the .
+
+ true to include private parameters; otherwise, false.
+ The parameters for Diffie-Hellman.
+
+
+
+ When overridden in a derived class, imports the specified .
+
+ The parameters for Diffie-Hellman.
+
+
+
+ Reconstructs a object from an XML string.
+
+ The XML string to use to reconstruct the DiffieHellman object.
+ One of the values in the XML string is invalid.
+
+
+
+ Creates and returns an XML string representation of the current object.
+
+ true to include private parameters; otherwise, false.
+ An XML string encoding of the current DiffieHellman object.
+
+
+
+ Implements the Diffie-Hellman algorithm.
+
+
+
+
+ Initializes a new instance.
+
+ The default length of the shared secret is 1024 bits.
+
+
+
+ Initializes a new instance.
+
+ The length, in bits, of the public P parameter.
+ The length, in bits, of the secret value X. This parameter can be set to 0 to use the default size.
+ One of the values.
+ The larger the bit length, the more secure the algorithm is. The default is 1024 bits. The minimum bit length is 128 bits. The size of the private value will be one fourth of the bit length specified.
+ The specified bit length is invalid.
+
+
+
+ Initializes a new instance.
+
+ The P parameter of the Diffie-Hellman algorithm. This is a public parameter.
+ The G parameter of the Diffie-Hellman algorithm. This is a public parameter.
+ The X parameter of the Diffie-Hellman algorithm. This is a private parameter. If this parameters is a null reference (Nothing in Visual Basic), a secret value of the default size will be generated.
+ or is a null reference (Nothing in Visual Basic).
+ or is invalid.
+
+
+
+ Initializes a new instance.
+
+ The P parameter of the Diffie-Hellman algorithm.
+ The G parameter of the Diffie-Hellman algorithm.
+ The length, in bits, of the private value. If 0 is specified, the default value will be used.
+ or is a null reference (Nothing in Visual Basic).
+ is invalid.
+ or is invalid.
+
+
+
+ Creates the key exchange data.
+
+ The key exchange data to be sent to the intended recipient.
+
+
+
+ Extracts secret information from the key exchange data.
+
+ The key exchange data within which the shared key is hidden.
+ The shared key derived from the key exchange data.
+
+
+
+ Releases the unmanaged resources used by the SymmetricAlgorithm and optionally releases the managed resources.
+
+ true to release both managed and unmanaged resources; false to release only unmanaged resources.
+
+
+
+ Exports the .
+
+ true to include private parameters; otherwise, false.
+ The parameters for .
+
+
+
+ Imports the specified .
+
+ The parameters for .
+ parameters.P or parameters.G is a null reference (Nothing in Visual Basic) -or- parameters.P is not a prime number.
+
+
+
+ Releases the unmanaged resources used by the SymmetricAlgorithm.
+
+
+
+
+ Gets the name of the key exchange algorithm.
+
+ The name of the key exchange algorithm.
+
+
+
+ Gets the name of the signature algorithm.
+
+ The name of the signature algorithm.
+
+
+
diff --git a/PROJ-ETS/packages/DotNetOpenAuth.OpenId.Core.4.3.0.13117/lib/net45-full/DotNetOpenAuth.OpenId.dll b/PROJ-ETS/packages/DotNetOpenAuth.OpenId.Core.4.3.0.13117/lib/net45-full/DotNetOpenAuth.OpenId.dll
new file mode 100644
index 0000000..9396ae8
Binary files /dev/null and b/PROJ-ETS/packages/DotNetOpenAuth.OpenId.Core.4.3.0.13117/lib/net45-full/DotNetOpenAuth.OpenId.dll differ
diff --git a/PROJ-ETS/packages/DotNetOpenAuth.OpenId.Core.4.3.0.13117/lib/net45-full/DotNetOpenAuth.OpenId.xml b/PROJ-ETS/packages/DotNetOpenAuth.OpenId.Core.4.3.0.13117/lib/net45-full/DotNetOpenAuth.OpenId.xml
new file mode 100644
index 0000000..aaa9f04
--- /dev/null
+++ b/PROJ-ETS/packages/DotNetOpenAuth.OpenId.Core.4.3.0.13117/lib/net45-full/DotNetOpenAuth.OpenId.xml
@@ -0,0 +1,10788 @@
+
+
+
+ DotNetOpenAuth.OpenId
+
+
+
+
+ Describes a collection of association type sub-elements in a .config file.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Returns an enumerator that iterates through the collection.
+
+
+ A that can be used to iterate through the collection.
+
+
+
+
+ When overridden in a derived class, creates a new .
+
+
+ A new .
+
+
+
+
+ Gets the element key for a specified configuration element when overridden in a derived class.
+
+ The to return the key for.
+
+ An that acts as the key for the specified .
+
+
+
+
+ Describes an association type and its maximum lifetime as an element
+ in a .config file.
+
+
+
+
+ The name of the attribute that stores the association type.
+
+
+
+
+ The name of the attribute that stores the association's maximum lifetime.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Gets or sets the protocol name of the association.
+
+
+
+
+ Gets or sets the maximum time a shared association should live.
+
+ The default value is 14 days.
+
+
+
+ The configuration element that can adjust how hostmeta discovery works.
+
+
+
+
+ The property name for enableCertificateValidationCache.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Gets or sets a value indicating whether validated certificates should be cached and not validated again.
+
+
+ This helps to avoid unexplained 5-10 second delays in certificate validation for Google Apps for Domains that impact some servers.
+
+
+
+
+ Represents the <openid> element in the host's .config file.
+
+
+
+
+ The name of the section under which this library's settings must be found.
+
+
+
+
+ The name of the <relyingParty> sub-element.
+
+
+
+
+ The name of the <provider> sub-element.
+
+
+
+
+ The name of the <extensions> sub-element.
+
+
+
+
+ The name of the <xriResolver> sub-element.
+
+
+
+
+ The name of the @maxAuthenticationTime attribute.
+
+
+
+
+ The name of the @cacheDiscovery attribute.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Gets the configuration section from the .config file.
+
+
+
+
+ Gets or sets the maximum time a user can take to complete authentication.
+
+
+ This time limit allows the library to decide how long to cache certain values
+ necessary to complete authentication. The lower the time, the less demand on
+ the server. But too short a time can frustrate the user.
+
+
+
+
+ Gets or sets a value indicating whether the results of Identifier discovery
+ should be cached.
+
+
+ Use true to allow identifier discovery to immediately return cached results when available;
+ otherwise, use false.to force fresh results every time at the cost of slightly slower logins.
+ The default value is true.
+
+
+ When enabled, caching is done according to HTTP standards.
+
+
+
+
+ Gets or sets the configuration specific for Relying Parties.
+
+
+
+
+ Gets or sets the configuration specific for Providers.
+
+
+
+
+ Gets or sets the registered OpenID extension factories.
+
+
+
+
+ Gets or sets the configuration for the XRI resolver.
+
+
+
+
+ The section in the .config file that allows customization of OpenID Provider behaviors.
+
+
+
+
+ The name of the <provider> sub-element.
+
+
+
+
+ The name of the security sub-element.
+
+
+
+
+ Gets the name of the <behaviors> sub-element.
+
+
+
+
+ The name of the custom store sub-element.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Gets or sets the security settings.
+
+
+
+
+ Gets or sets the special behaviors to apply.
+
+
+
+
+ Gets or sets the type to use for storing application state.
+
+
+
+
+ Represents the .config file element that allows for setting the security policies of the Provider.
+
+
+
+
+ Gets the name of the @protectDownlevelReplayAttacks attribute.
+
+
+
+
+ Gets the name of the @minimumHashBitLength attribute.
+
+
+
+
+ Gets the name of the @maximumHashBitLength attribute.
+
+
+
+
+ The name of the associations collection sub-element.
+
+
+
+
+ The name of the @encodeAssociationSecretsInHandles attribute.
+
+
+
+
+ Gets the name of the @requireSsl attribute.
+
+
+
+
+ Gets the name of the @unsolicitedAssertionVerification attribute.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Initializes a programmatically manipulatable bag of these security settings with the settings from the config file.
+
+ The newly created security settings object.
+
+
+
+ Gets or sets a value indicating whether all discovery and authentication should require SSL security.
+
+
+
+
+ Gets or sets the minimum length of the hash that protects the protocol from hijackers.
+
+
+
+
+ Gets or sets the maximum length of the hash that protects the protocol from hijackers.
+
+
+
+
+ Gets or sets a value indicating whether the Provider should take special care
+ to protect OpenID 1.x relying parties against replay attacks.
+
+
+
+
+ Gets or sets the level of verification a Provider performs on an identifier before
+ sending an unsolicited assertion for it.
+
+ The default value is .
+
+
+
+ Gets or sets the configured lifetimes of the various association types.
+
+
+
+
+ Gets or sets a value indicating whether the Provider should ease the burden of storing associations
+ by encoding their secrets (in signed, encrypted form) into the association handles themselves, storing only
+ a few rotating, private symmetric keys in the Provider's store instead.
+
+
+
+
+ The section in the .config file that allows customization of OpenID Relying Party behaviors.
+
+
+
+
+ The name of the custom store sub-element.
+
+
+
+
+ The name of the <relyingParty> sub-element.
+
+
+
+
+ The name of the attribute that specifies whether dnoa.userSuppliedIdentifier is tacked onto the openid.return_to URL.
+
+
+
+
+ Gets the name of the security sub-element.
+
+
+
+
+ The name of the <behaviors> sub-element.
+
+
+
+
+ The name of the <discoveryServices> sub-element.
+
+
+
+
+ The name of the <hostMetaDiscovery> sub-element.
+
+
+
+
+ The built-in set of identifier discovery services.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Gets or sets a value indicating whether "dnoa.userSuppliedIdentifier" is tacked onto the openid.return_to URL in order to preserve what the user typed into the OpenID box.
+
+
+ The default value is true.
+
+
+
+
+ Gets or sets the security settings.
+
+
+
+
+ Gets or sets the special behaviors to apply.
+
+
+
+
+ Gets or sets the type to use for storing application state.
+
+
+
+
+ Gets or sets the host meta discovery configuration element.
+
+
+
+
+ Gets or sets the services to use for discovering service endpoints for identifiers.
+
+
+ If no discovery services are defined in the (web) application's .config file,
+ the default set of discovery services built into the library are used.
+
+
+
+
+ Represents the .config file element that allows for setting the security policies of the Relying Party.
+
+
+
+
+ Gets the name of the @minimumRequiredOpenIdVersion attribute.
+
+
+
+
+ Gets the name of the @minimumHashBitLength attribute.
+
+
+
+
+ Gets the name of the @maximumHashBitLength attribute.
+
+
+
+
+ Gets the name of the @requireSsl attribute.
+
+
+
+
+ Gets the name of the @requireDirectedIdentity attribute.
+
+
+
+
+ Gets the name of the @requireAssociation attribute.
+
+
+
+
+ Gets the name of the @rejectUnsolicitedAssertions attribute.
+
+
+
+
+ Gets the name of the @rejectDelegatedIdentifiers attribute.
+
+
+
+
+ Gets the name of the @ignoreUnsignedExtensions attribute.
+
+
+
+
+ Gets the name of the @allowDualPurposeIdentifiers attribute.
+
+
+
+
+ Gets the name of the @allowApproximateIdentifierDiscovery attribute.
+
+
+
+
+ Gets the name of the @protectDownlevelReplayAttacks attribute.
+
+
+
+
+ The name of the <trustedProviders> sub-element.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Initializes a programmatically manipulatable bag of these security settings with the settings from the config file.
+
+ The newly created security settings object.
+
+
+
+ Gets or sets a value indicating whether all discovery and authentication should require SSL security.
+
+
+
+
+ Gets or sets a value indicating whether only OP Identifiers will be discoverable
+ when creating authentication requests.
+
+
+
+
+ Gets or sets a value indicating whether authentication requests
+ will only be created where an association with the Provider can be established.
+
+
+
+
+ Gets or sets the minimum OpenID version a Provider is required to support in order for this library to interoperate with it.
+
+
+ Although the earliest versions of OpenID are supported, for security reasons it may be desirable to require the
+ remote party to support a later version of OpenID.
+
+
+
+
+ Gets or sets the minimum length of the hash that protects the protocol from hijackers.
+
+
+
+
+ Gets or sets the maximum length of the hash that protects the protocol from hijackers.
+
+
+
+
+ Gets or sets a value indicating whether all unsolicited assertions should be ignored.
+
+ The default value is false.
+
+
+
+ Gets or sets a value indicating whether delegating identifiers are refused for authentication.
+
+ The default value is false.
+
+ When set to true, login attempts that start at the RP or arrive via unsolicited
+ assertions will be rejected if discovery on the identifier shows that OpenID delegation
+ is used for the identifier. This is useful for an RP that should only accept identifiers
+ directly issued by the Provider that is sending the assertion.
+
+
+
+
+ Gets or sets a value indicating whether unsigned extensions in authentication responses should be ignored.
+
+ The default value is false.
+
+ When set to true, the methods
+ will not return any extension that was not signed by the Provider.
+
+
+
+
+ Gets or sets a value indicating whether identifiers that are both OP Identifiers and Claimed Identifiers
+ should ever be recognized as claimed identifiers.
+
+
+ The default value is false, per the OpenID 2.0 spec.
+
+
+
+
+ Gets or sets a value indicating whether certain Claimed Identifiers that exploit
+ features that .NET does not have the ability to send exact HTTP requests for will
+ still be allowed by using an approximate HTTP request.
+
+
+ The default value is true.
+
+
+
+
+ Gets or sets a value indicating whether the Relying Party should take special care
+ to protect users against replay attacks when interoperating with OpenID 1.1 Providers.
+
+
+
+
+ Gets or sets the set of trusted OpenID Provider Endpoints.
+
+
+
+
+ Represents the <xriResolver> element in the host's .config file.
+
+
+
+
+ Gets the name of the @enabled attribute.
+
+
+
+
+ The default value for .
+
+
+
+
+ The name of the <proxy> sub-element.
+
+
+
+
+ The default XRI proxy resolver to use.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Gets or sets a value indicating whether this XRI resolution is enabled.
+
+ The default value is true.
+
+
+
+ Gets or sets the proxy to use for resolving XRIs.
+
+ The default value is "xri.net".
+
+
+
+ Adds OpenID-specific extension methods to the XrdsDocument class.
+
+
+
+
+ Creates the service endpoints described in this document, useful for requesting
+ authentication of one of the OpenID Providers that result from it.
+
+ The XrdsDocument instance to use in this process.
+ The claimed identifier that was used to discover this XRDS document.
+ The user supplied identifier.
+
+ A sequence of OpenID Providers that can assert ownership of the .
+
+
+
+
+ Creates the service endpoints described in this document, useful for requesting
+ authentication of one of the OpenID Providers that result from it.
+
+ The XrdsDocument instance to use in this process.
+ The user-supplied i-name that was used to discover this XRDS document.
+ A sequence of OpenID Providers that can assert ownership of the canonical ID given in this document.
+
+
+
+ Generates OpenID Providers that can authenticate using directed identity.
+
+ The XrdsDocument instance to use in this process.
+ The OP Identifier entered (and resolved) by the user. Essentially the user-supplied identifier.
+ A sequence of the providers that can offer directed identity services.
+
+
+
+ Generates the OpenID Providers that are capable of asserting ownership
+ of a particular URI claimed identifier.
+
+ The XrdsDocument instance to use in this process.
+ The claimed identifier.
+ The user supplied identifier.
+
+ A sequence of the providers that can assert ownership of the given identifier.
+
+
+
+
+ Generates the OpenID Providers that are capable of asserting ownership
+ of a particular XRI claimed identifier.
+
+ The XrdsDocument instance to use in this process.
+ The i-name supplied by the user.
+ A sequence of the providers that can assert ownership of the given identifier.
+
+
+
+ Enumerates the XRDS service elements that describe OpenID Providers offering directed identity assertions.
+
+ The XrdsDocument instance to use in this process.
+ A sequence of service elements.
+
+
+
+ Returns the OpenID-compatible services described by a given XRDS document,
+ in priority order.
+
+ The XrdsDocument instance to use in this process.
+ A sequence of the services offered.
+
+
+
+ Stores a secret used in signing and verifying messages.
+
+
+ OpenID associations may be shared between Provider and Relying Party (smart
+ associations), or be a way for a Provider to recall its own secret for later
+ (dumb associations).
+
+
+
+
+ Initializes a new instance of the class.
+
+ The handle.
+ The secret.
+ How long the association will be useful.
+ The UTC time of when this association was originally issued by the Provider.
+
+
+
+ Re-instantiates an previously persisted in a database or some
+ other shared store.
+
+
+ The property of the previous instance.
+
+
+ The UTC value of the property of the previous instance.
+
+
+ The byte array returned by a call to on the previous
+ instance.
+
+
+ The newly dehydrated , which can be returned
+ from a custom association store's
+ IRelyingPartyAssociationStore.GetAssociation method.
+
+
+
+
+ Returns private data required to persist this in
+ permanent storage (a shared database for example) for deserialization later.
+
+
+ An opaque byte array that must be stored and returned exactly as it is provided here.
+ The byte array may vary in length depending on the specific type of ,
+ but in current versions are no larger than 256 bytes.
+
+
+ Values of public properties on the base class are not included
+ in this byte array, as they are useful for fast database lookup and are persisted separately.
+
+
+
+
+ Tests equality of two objects.
+
+ The to compare with the current .
+
+ true if the specified is equal to the current ; otherwise, false.
+
+
+
+
+ Returns the hash code.
+
+
+ A hash code for the current .
+
+
+
+
+ The string to pass as the assoc_type value in the OpenID protocol.
+
+ The protocol version of the message that the assoc_type value will be included in.
+ The value that should be used for the openid.assoc_type parameter.
+
+
+
+ Generates a signature from a given blob of data.
+
+ The data to sign. This data will not be changed (the signature is the return value).
+ The calculated signature of the data.
+
+
+
+ Returns the specific hash algorithm used for message signing.
+
+ The hash algorithm used for message signing.
+
+
+
+ Gets a unique handle by which this may be stored or retrieved.
+
+
+
+
+ Gets the UTC time when this will expire.
+
+
+
+
+ Gets a value indicating whether this has already expired.
+
+
+
+
+ Gets the length (in bits) of the hash this association creates when signing.
+
+
+
+
+ Gets a value indicating whether this instance has useful life remaining.
+
+
+ true if this instance has useful life remaining; otherwise, false.
+
+
+
+
+ Gets or sets the UTC time that this was first created.
+
+
+
+
+ Gets the duration a secret key used for signing dumb client requests will be good for.
+
+
+
+
+ Gets the number of seconds until this expires.
+ Never negative (counter runs to zero).
+
+
+
+
+ Gets the shared secret key between the consumer and provider.
+
+
+
+
+ Gets the lifetime the OpenID provider permits this .
+
+
+
+
+ Gets the minimum lifetime an association must still be good for in order for it to be used for a future authentication.
+
+
+ Associations that are not likely to last the duration of a user login are not worth using at all.
+
+
+
+
+ Gets the TimeSpan till this association expires.
+
+
+
+
+ Indicates the mode the Provider should use while authenticating the end user.
+
+
+
+
+ The Provider should use whatever credentials are immediately available
+ to determine whether the end user owns the Identifier. If sufficient
+ credentials (i.e. cookies) are not immediately available, the Provider
+ should fail rather than prompt the user.
+
+
+
+
+ The Provider should determine whether the end user owns the Identifier,
+ displaying a web page to the user to login etc., if necessary.
+
+
+
+
+ An Attribute Exchange and Simple Registration filter to make all incoming attribute
+ requests look like Simple Registration requests, and to convert the response
+ to the originally requested extension and format.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Gets or sets the AX attribute type URI formats this transform is willing to work with.
+
+
+
+
+ A strongly-typed resource class, for looking up localized strings, etc.
+
+
+
+
+ Returns the cached ResourceManager instance used by this class.
+
+
+
+
+ Overrides the current thread's CurrentUICulture property for all
+ resource lookups using this strongly typed resource class.
+
+
+
+
+ Looks up a localized string similar to The PAPE request has an incomplete set of authentication policies..
+
+
+
+
+ Looks up a localized string similar to A PAPE response is missing or is missing required policies..
+
+
+
+
+ Looks up a localized string similar to No personally identifiable information should be included in authentication responses when the PAPE authentication policy http://www.idmanagement.gov/schema/2009/05/icam/no-pii.pdf is present..
+
+
+
+
+ Looks up a localized string similar to No personally identifiable information should be requested when the http://www.idmanagement.gov/schema/2009/05/icam/no-pii.pdf PAPE policy is present..
+
+
+
+
+ Looks up a localized string similar to No PPID provider has been configured..
+
+
+
+
+ Looks up a localized string similar to Discovery on the Realm URL MUST be performed before sending a positive assertion..
+
+
+
+
+ Looks up a localized string similar to The Realm in an authentication request must be an HTTPS URL..
+
+
+
+
+ Implements the Identity, Credential, & Access Management (ICAM) OpenID 2.0 Profile
+ for the General Services Administration (GSA).
+
+
+ Relying parties that include this profile are always held to the terms required by the profile,
+ but Providers are only affected by the special behaviors of the profile when the RP specifically
+ indicates that they want to use this profile.
+
+
+
+
+ Backing field for the static property.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Gets or sets a value indicating whether PII is allowed to be requested or received via OpenID.
+
+ The default value is false.
+
+
+
+ Gets or sets a value indicating whether to ignore the SSL requirement (for testing purposes only).
+
+
+
+
+ Provides a mechanism for Relying Parties to work with OpenID 1.0 Providers
+ without losing claimed_id and op_endpoint data, which OpenID 2.0 Providers
+ are required to send back with positive assertions.
+
+
+
+
+ The "dnoa.op_endpoint" callback parameter that stores the Provider Endpoint URL
+ to tack onto the return_to URI.
+
+
+
+
+ The "dnoa.claimed_id" callback parameter that stores the Claimed Identifier
+ to tack onto the return_to URI.
+
+
+
+
+ Prepares a message for sending based on the rules of this channel binding element.
+
+ The message to prepare for sending.
+
+ The protections (if any) that this binding element applied to the message.
+ Null if this binding element did not even apply to this binding element.
+
+
+ Implementations that provide message protection must honor the
+ properties where applicable.
+
+
+
+
+ Performs any transformation on an incoming message that may be necessary and/or
+ validates an incoming message based on the rules of this channel binding element.
+
+ The incoming message to process.
+
+ The protections (if any) that this binding element applied to the message.
+ Null if this binding element did not even apply to this binding element.
+
+
+ Thrown when the binding element rules indicate that this message is invalid and should
+ NOT be processed.
+
+
+ Implementations that provide message protection must honor the
+ properties where applicable.
+
+
+
+
+ Gets or sets the channel that this binding element belongs to.
+
+
+
+ This property is set by the channel when it is first constructed.
+
+
+
+
+ Gets the protection offered (if any) by this binding element.
+
+
+
+
+
+ Code contract for the class.
+
+
+
+
+ Signs and verifies authentication assertions.
+
+
+
+
+ Prepares a message for sending based on the rules of this channel binding element.
+
+ The message to prepare for sending.
+
+ The protections (if any) that this binding element applied to the message.
+ Null if this binding element did not even apply to this binding element.
+
+
+
+
+ Performs any transformation on an incoming message that may be necessary and/or
+ validates an incoming message based on the rules of this channel binding element.
+
+ The incoming message to process.
+
+ The protections (if any) that this binding element applied to the message.
+ Null if this binding element did not even apply to this binding element.
+
+
+ Thrown when the binding element rules indicate that this message is invalid and should
+ NOT be processed.
+
+
+
+
+ Verifies the signature by unrecognized handle.
+
+ The message.
+ The signed message.
+ The protections applied.
+ The applied protections.
+
+
+
+ Calculates the signature for a given message.
+
+ The message to sign or verify.
+ The association to use to sign the message.
+ The calculated signature of the method.
+
+
+
+ Gets the association to use to sign or verify a message.
+
+ The message to sign or verify.
+ The association to use to sign or verify the message.
+
+
+
+ Gets a specific association referenced in a given message's association handle.
+
+ The signed message whose association handle should be used to lookup the association to return.
+ The referenced association; or null if such an association cannot be found.
+
+ If the association handle set in the message does not match any valid association,
+ the association handle property is cleared, and the
+ property is set to the
+ handle that could not be found.
+
+
+
+
+ Gets a private Provider association used for signing messages in "dumb" mode.
+
+ An existing or newly created association.
+
+
+
+ Ensures that all message parameters that must be signed are in fact included
+ in the signature.
+
+ The signed message.
+
+
+
+ Gets the protection offered (if any) by this binding element.
+
+
+
+
+
+ Gets or sets the channel that this binding element belongs to.
+
+
+
+
+ Gets a value indicating whether this binding element is on a Provider channel.
+
+
+
+
+ Verifies the signature by unrecognized handle.
+
+ The message.
+ The signed message.
+ The protections applied.
+
+ The applied protections.
+
+
+
+
+ Gets the association to use to sign or verify a message.
+
+ The message to sign or verify.
+
+ The association to use to sign or verify the message.
+
+
+
+
+ Gets a specific association referenced in a given message's association handle.
+
+ The signed message whose association handle should be used to lookup the association to return.
+
+ The referenced association; or null if such an association cannot be found.
+
+
+
+
+ The binding element that serializes/deserializes OpenID extensions to/from
+ their carrying OpenID messages.
+
+
+
+
+ False if unsigned extensions should be dropped. Must always be true on Providers, since RPs never sign extensions.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The extension factory.
+ The security settings.
+ Security setting for relying parties. Should be true for Providers.
+
+
+
+ Prepares a message for sending based on the rules of this channel binding element.
+
+ The message to prepare for sending.
+
+ The protections (if any) that this binding element applied to the message.
+ Null if this binding element did not even apply to this binding element.
+
+
+ Implementations that provide message protection must honor the
+ properties where applicable.
+
+
+
+
+ Performs any transformation on an incoming message that may be necessary and/or
+ validates an incoming message based on the rules of this channel binding element.
+
+ The incoming message to process.
+
+ The protections (if any) that this binding element applied to the message.
+ Null if this binding element did not even apply to this binding element.
+
+
+ Thrown when the binding element rules indicate that this message is invalid and should
+ NOT be processed.
+
+
+ Implementations that provide message protection must honor the
+ properties where applicable.
+
+
+
+
+ Gets the extensions on a message.
+
+ The carrier of the extensions.
+ If set to true only signed extensions will be available.
+ A optional filter that takes an extension type URI and
+ returns a value indicating whether that extension should be deserialized and
+ returned in the sequence. May be null.
+ A sequence of extensions in the message.
+
+
+
+ Gets the dictionary of message parts that should be deserialized into extensions.
+
+ The message.
+ If set to true only signed extensions will be available.
+
+ A dictionary of message parts, including only signed parts when appropriate.
+
+
+
+
+ Gets or sets the channel that this binding element belongs to.
+
+
+
+ This property is set by the channel when it is first constructed.
+
+
+
+
+ Gets the extension factory.
+
+
+
+
+ Gets the protection offered (if any) by this binding element.
+
+
+
+
+
+ OpenID extension factory class for creating extensions based on received Type URIs.
+
+
+ OpenID extension factories must be registered with the library. This can be
+ done by adding a factory to OpenIdRelyingParty.ExtensionFactories
+ or OpenIdProvider.ExtensionFactories, or by adding a snippet
+ such as the following to your web.config file:
+
+ <dotNetOpenAuth>
+ <openid>
+ <extensionFactories>
+ <add type="DotNetOpenAuth.ApplicationBlock.CustomExtensions.Acme, DotNetOpenAuth.ApplicationBlock" />
+ </extensionFactories>
+ </openid>
+ </dotNetOpenAuth>
+
+
+
+
+
+ Creates a new instance of some extension based on the received extension parameters.
+
+ The type URI of the extension.
+ The parameters associated specifically with this extension.
+ The OpenID message carrying this extension.
+ A value indicating whether this extension is being received at the OpenID Provider.
+
+ An instance of if the factory recognizes
+ the extension described in the input parameters; null otherwise.
+
+
+ This factory method need only initialize properties in the instantiated extension object
+ that are not bound using .
+
+
+
+
+ An interface that OAuth messages implement to support signing.
+
+
+
+
+ Gets or sets the association handle used to sign the message.
+
+ The handle for the association that was used to sign this assertion.
+
+
+
+ Gets or sets the association handle that the Provider wants the Relying Party to not use any more.
+
+ If the Relying Party sent an invalid association handle with the request, it SHOULD be included here.
+
+
+
+ Gets or sets the signed parameter order.
+
+ Comma-separated list of signed fields.
+ "op_endpoint,identity,claimed_id,return_to,assoc_handle,response_nonce"
+
+ This entry consists of the fields without the "openid." prefix that the signature covers.
+ This list MUST contain at least "op_endpoint", "return_to" "response_nonce" and "assoc_handle",
+ and if present in the response, "claimed_id" and "identity".
+ Additional keys MAY be signed as part of the message. See Generating Signatures.
+
+
+
+
+ A Uri encoder that serializes using
+ rather than the standard .
+
+
+
+
+ Encodes the specified value.
+
+ The value. Guaranteed to never be null.
+
+ The in string form, ready for message transport.
+
+
+
+
+ Decodes the specified value.
+
+ The string value carried by the transport. Guaranteed to never be null, although it may be empty.
+
+ The deserialized form of the given string.
+
+ Thrown when the string value given cannot be decoded into the required object type.
+
+
+
+ Indicates the level of strictness to require when decoding a
+ Key-Value Form encoded dictionary.
+
+
+
+
+ Be as forgiving as possible to errors made while encoding.
+
+
+
+
+ Allow for certain errors in encoding attributable to ambiguities
+ in the OpenID 1.1 spec's description of the encoding.
+
+
+
+
+ The strictest mode. The decoder requires the encoded dictionary
+ to be in strict compliance with OpenID 2.0's description of
+ the encoding.
+
+
+
+
+ Performs conversion to and from the Key-Value Form Encoding defined by
+ OpenID Authentication 2.0 section 4.1.1.
+ http://openid.net/specs/openid-authentication-2_0.html#anchor4
+
+
+ This class is thread safe and immutable.
+
+
+
+
+ The newline character sequence to use.
+
+
+
+
+ Characters that must not appear in parameter names.
+
+
+
+
+ Characters that must not appaer in parameter values.
+
+
+
+
+ The character encoding to use.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Initializes a new instance of the class.
+
+ How strictly an incoming Key-Value Form message will be held to the spec.
+
+
+
+ Encodes key/value pairs to Key-Value Form.
+
+
+ The dictionary of key/value pairs to convert to a byte stream.
+
+ The UTF8 byte array.
+
+ Enumerating a Dictionary<TKey, TValue> has undeterministic ordering.
+ If ordering of the key=value pairs is important, a deterministic enumerator must
+ be used.
+
+
+
+
+ Decodes bytes in Key-Value Form to key/value pairs.
+
+ The stream of Key-Value Form encoded bytes.
+ The deserialized dictionary.
+ Thrown when the data is not in the expected format.
+
+
+
+ Gets a value controlling how strictly an incoming Key-Value Form message will be held to the spec.
+
+
+
+
+ A channel that knows how to send and receive OpenID messages.
+
+
+
+
+ The HTTP Content-Type to use in Key-Value Form responses.
+
+
+ OpenID 2.0 section 5.1.2 says this SHOULD be text/plain. But this value
+ does not prevent free hosters like GoDaddy from tacking on their ads
+ to the end of the direct response, corrupting the data. So we deviate
+ from the spec a bit here to improve the story for free Providers.
+
+
+
+
+ The encoder that understands how to read and write Key-Value Form.
+
+
+
+
+ Initializes a new instance of the class.
+
+ A class prepared to analyze incoming messages and indicate what concrete
+ message types can deserialize from it.
+ The binding elements to use in sending and receiving messages.
+
+
+
+ Verifies the integrity and applicability of an incoming message.
+
+ The message just received.
+
+ Thrown when the message is somehow invalid, except for check_authentication messages.
+ This can be due to tampering, replay attack or expiration, among other things.
+
+
+
+
+ Prepares an HTTP request that carries a given message.
+
+ The message to send.
+
+ The prepared to send the request.
+
+
+
+
+ Gets the protocol message that may be in the given HTTP response.
+
+ The response that is anticipated to contain an protocol message.
+
+ The deserialized message parts, if found. Null otherwise.
+
+ Thrown when the response is not valid.
+
+
+
+ Called when receiving a direct response message, before deserialization begins.
+
+ The HTTP direct response.
+ The newly instantiated message, prior to deserialization.
+
+
+
+ Queues a message for sending in the response stream where the fields
+ are sent in the response stream in querystring style.
+
+ The message to send as a response.
+
+ The pending user agent redirect based message to be sent as an HttpResponse.
+
+
+ This method implements spec V1.0 section 5.3.
+
+
+
+
+ Gets the direct response of a direct HTTP request.
+
+ The web request.
+ The response to the web request.
+ Thrown on network or protocol errors.
+
+
+
+ This binding element signs a Relying Party's openid.return_to parameter
+ so that upon return, it can verify that it hasn't been tampered with.
+
+
+ Since Providers can send unsolicited assertions, not all openid.return_to
+ values will be signed. But those that are signed will be validated, and
+ any invalid or missing signatures will cause this library to not trust
+ the parameters in the return_to URL.
+ In the messaging stack, this binding element looks like an ordinary
+ transform-type of binding element rather than a protection element,
+ due to its required order in the channel stack and that it doesn't sign
+ anything except a particular message part.
+
+
+
+
+ The name of the callback parameter we'll tack onto the return_to value
+ to store our signature on the return_to parameter.
+
+
+
+
+ The name of the callback parameter we'll tack onto the return_to value
+ to store the handle of the association we use to sign the return_to parameter.
+
+
+
+
+ The URI to use for private associations at this RP.
+
+
+
+
+ The key store used to generate the private signature on the return_to parameter.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The crypto key store.
+
+
+
+ Prepares a message for sending based on the rules of this channel binding element.
+
+ The message to prepare for sending.
+
+ The protections (if any) that this binding element applied to the message.
+ Null if this binding element did not even apply to this binding element.
+
+
+ Implementations that provide message protection must honor the
+ properties where applicable.
+
+
+
+
+ Performs any transformation on an incoming message that may be necessary and/or
+ validates an incoming message based on the rules of this channel binding element.
+
+ The incoming message to process.
+
+ The protections (if any) that this binding element applied to the message.
+ Null if this binding element did not even apply to this binding element.
+
+
+ Thrown when the binding element rules indicate that this message is invalid and should
+ NOT be processed.
+
+
+ Implementations that provide message protection must honor the
+ properties where applicable.
+
+
+
+
+ Gets the return to signature.
+
+ The return to.
+ The crypto key.
+
+ The generated signature.
+
+
+ Only the parameters in the return_to URI are signed, rather than the base URI
+ itself, in order that OPs that might change the return_to's implicit port :80 part
+ or other minor changes do not invalidate the signature.
+
+
+
+
+ Gets or sets the channel that this binding element belongs to.
+
+
+
+ This property is set by the channel when it is first constructed.
+
+
+
+
+ Gets the protection offered (if any) by this binding element.
+
+
+
+ No message protection is reported because this binding element
+ does not protect the entire message -- only a part.
+
+
+
+
+ Spoofs security checks on incoming OpenID messages.
+
+
+
+
+ Prepares a message for sending based on the rules of this channel binding element.
+
+ The message to prepare for sending.
+
+ The protections (if any) that this binding element applied to the message.
+ Null if this binding element did not even apply to this binding element.
+
+
+ Implementations that provide message protection must honor the
+ properties where applicable.
+
+
+
+
+ Performs any transformation on an incoming message that may be necessary and/or
+ validates an incoming message based on the rules of this channel binding element.
+
+ The incoming message to process.
+
+ The protections (if any) that this binding element applied to the message.
+ Null if this binding element did not even apply to this binding element.
+
+
+ Thrown when the binding element rules indicate that this message is invalid and should
+ NOT be processed.
+
+
+ Implementations that provide message protection must honor the
+ properties where applicable.
+
+
+
+
+ Gets or sets the channel that this binding element belongs to.
+
+
+
+ This property is set by the channel when it is first constructed.
+
+
+
+
+ Gets the protection commonly offered (if any) by this binding element.
+
+
+
+ This value is used to assist in sorting binding elements in the channel stack.
+
+
+
+
+ Code contract for the class.
+
+
+
+
+ Prevents a default instance of the class from being created.
+
+
+
+
+ The string to pass as the assoc_type value in the OpenID protocol.
+
+ The protocol version of the message that the assoc_type value will be included in.
+
+ The value that should be used for the openid.assoc_type parameter.
+
+
+
+
+ Returns the specific hash algorithm used for message signing.
+
+
+ The hash algorithm used for message signing.
+
+
+
+
+ Gets the length (in bits) of the hash this association creates when signing.
+
+
+
+
+ Manages a fast, two-way mapping between type URIs and their aliases.
+
+
+
+
+ The format of auto-generated aliases.
+
+
+
+
+ Tracks extension Type URIs and aliases assigned to them.
+
+
+
+
+ Tracks extension aliases and Type URIs assigned to them.
+
+
+
+
+ Gets an alias assigned for a given Type URI. A new alias is assigned if necessary.
+
+ The type URI.
+ The alias assigned to this type URI. Never null.
+
+
+
+ Sets an alias and the value that will be returned by .
+
+ The alias.
+ The type URI.
+
+
+
+ Takes a sequence of type URIs and assigns aliases for all of them.
+
+ The type URIs to create aliases for.
+ An optional dictionary of URI/alias pairs that suggest preferred aliases to use if available for certain type URIs.
+
+
+
+ Sets up aliases for any Type URIs in a dictionary that do not yet have aliases defined,
+ and where the given preferred alias is still available.
+
+ A dictionary of type URI keys and alias values.
+
+
+
+ Gets the Type Uri encoded by a given alias.
+
+ The alias.
+ The Type URI.
+ Thrown if the given alias does not have a matching TypeURI.
+
+
+
+ Gets the Type Uri encoded by a given alias.
+
+ The alias.
+ The Type URI for the given alias, or null if none for that alias exist.
+
+
+
+ Returns a value indicating whether an alias has already been assigned to a type URI.
+
+ The alias in question.
+ True if the alias has already been assigned. False otherwise.
+
+
+
+ Determines whether a given TypeURI has an associated alias assigned to it.
+
+ The type URI.
+
+ true if the given type URI already has an alias assigned; false otherwise.
+
+
+
+
+ Assigns a new alias to a given Type URI.
+
+ The type URI to assign a new alias to.
+ The newly generated alias.
+
+
+
+ Gets the aliases that have been set.
+
+
+
+
+ An individual attribute to be requested of the OpenID Provider using
+ the Attribute Exchange extension.
+
+
+
+
+ Backing field for the property.
+
+
+
+
+ Initializes a new instance of the class
+ with = false, = 1.
+
+
+
+
+ Initializes a new instance of the class
+ with = false, = 1.
+
+ The unique TypeURI for that describes the attribute being sought.
+
+
+
+ Initializes a new instance of the class
+ with = 1.
+
+ The unique TypeURI for that describes the attribute being sought.
+ A value indicating whether the Relying Party considers this attribute to be required for registration.
+
+
+
+ Initializes a new instance of the class.
+
+ The unique TypeURI for that describes the attribute being sought.
+ A value indicating whether the Relying Party considers this attribute to be required for registration.
+ The maximum number of values for this attribute the Relying Party is prepared to receive.
+
+
+
+ Used by a Provider to create a response to a request for an attribute's value(s)
+ using a given array of strings.
+
+ The values for the requested attribute.
+
+ The newly created object that should be added to
+ the object.
+
+
+
+
+ Determines whether the specified is equal to the current .
+
+ The to compare with the current .
+
+ true if the specified is equal to the current ; otherwise, false.
+
+
+ The parameter is null.
+
+
+
+
+ Serves as a hash function for a particular type.
+
+
+ A hash code for the current .
+
+
+
+
+ Gets or sets the URI uniquely identifying the attribute being requested.
+
+
+
+
+ Gets or sets a value indicating whether the relying party considers this a required field.
+ Note that even if set to true, the Provider may not provide the value.
+
+
+
+
+ Gets or sets the maximum number of values for this attribute the
+ Relying Party wishes to receive from the OpenID Provider.
+ A value of int.MaxValue is considered infinity.
+
+
+
+
+ An individual attribute's value(s) as supplied by an OpenID Provider
+ in response to a prior request by an OpenID Relying Party as part of
+ a fetch request, or by a relying party as part of a store request.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The TypeURI that uniquely identifies the attribute.
+ The values for the attribute.
+
+
+
+ Initializes a new instance of the class.
+
+
+ This is internal because web sites should be using the
+ method to instantiate.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The TypeURI of the attribute whose values are being provided.
+
+
+
+ Determines whether the specified is equal to the current .
+
+ The to compare with the current .
+
+ true if the specified is equal to the current ; otherwise, false.
+
+
+ The parameter is null.
+
+
+
+
+ Serves as a hash function for a particular type.
+
+
+ A hash code for the current .
+
+
+
+
+ Gets the URI uniquely identifying the attribute whose value is being supplied.
+
+
+
+
+ Gets the values supplied by the Provider.
+
+
+
+
+ The various Type URI formats an AX attribute may use by various remote parties.
+
+
+
+
+ No attribute format.
+
+
+
+
+ AX attributes should use the Type URI format starting with http://axschema.org/.
+
+
+
+
+ AX attributes should use the Type URI format starting with http://schema.openid.net/.
+
+
+
+
+ AX attributes should use the Type URI format starting with http://openid.net/schema/.
+
+
+
+
+ All known schemas.
+
+
+
+
+ The most common schemas.
+
+
+
+
+ Helper methods shared by multiple messages in the Attribute Exchange extension.
+
+
+
+
+ Adds a request for an attribute considering it 'required'.
+
+ The attribute request collection.
+ The type URI of the required attribute.
+
+
+
+ Adds a request for an attribute without considering it 'required'.
+
+ The attribute request collection.
+ The type URI of the requested attribute.
+
+
+
+ Adds a given attribute with one or more values to the request for storage.
+ Applicable to Relying Parties only.
+
+ The collection of to add to.
+ The type URI of the attribute.
+ The attribute values.
+
+
+
+ Serializes a set of attribute values to a dictionary of fields to send in the message.
+
+ The dictionary to fill with serialized attributes.
+ The attributes.
+
+
+
+ Deserializes attribute values from an incoming set of message data.
+
+ The data coming in with the message.
+ The attribute values found in the message.
+
+
+
+ Reads through the attributes included in the response to discover
+ the alias-TypeURI relationships.
+
+ The data included in the extension message.
+ The alias manager that provides lookup between aliases and type URIs.
+
+
+
+ Attribute Exchange constants
+
+
+
+
+ The TypeURI by which the AX extension is recognized in
+ OpenID messages and in XRDS documents.
+
+
+
+
+ The Attribute Exchange Fetch message, request leg.
+
+
+
+
+ A handy base class for built-in extensions.
+
+
+
+
+ The contract any OpenID extension for DotNetOpenAuth must implement.
+
+
+ Classes that implement this interface should be marked as
+ [] to allow serializing state servers
+ to cache messages, particularly responses.
+
+
+
+
+ Gets the TypeURI the extension uses in the OpenID protocol and in XRDS advertisements.
+
+
+
+
+ Gets the additional TypeURIs that are supported by this extension, in preferred order.
+ May be empty if none other than is supported, but
+ should not be null.
+
+
+ Useful for reading in messages with an older version of an extension.
+ The value in the property is always checked before
+ trying this list.
+ If you do support multiple versions of an extension using this method,
+ consider adding a CreateResponse method to your request extension class
+ so that the response can have the context it needs to remain compatible
+ given the version of the extension in the request message.
+ The for an example.
+
+
+
+
+ Gets or sets a value indicating whether this extension was
+ signed by the sender.
+
+
+ true if this instance is signed by the sender; otherwise, false.
+
+
+
+
+ Backing store for the property.
+
+
+
+
+ Backing store for the property.
+
+
+
+
+ Backing store for the property.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The version of the extension.
+ The type URI to use in the OpenID message.
+ The additional supported type URIs by which this extension might be recognized. May be null.
+
+
+
+ Checks the message state for conformity to the protocol specification
+ and throws an exception if the message is invalid.
+
+
+ Some messages have required fields, or combinations of fields that must relate to each other
+ in specialized ways. After deserializing a message, this method checks the state of the
+ message to see if it conforms to the protocol.
+ Note that this property should not check signatures or perform any state checks
+ outside this scope of this particular message.
+
+ Thrown if the message is invalid.
+
+
+
+ Checks the message state for conformity to the protocol specification
+ and throws an exception if the message is invalid.
+
+
+ Some messages have required fields, or combinations of fields that must relate to each other
+ in specialized ways. After deserializing a message, this method checks the state of the
+ message to see if it conforms to the protocol.
+ Note that this property should not check signatures or perform any state checks
+ outside this scope of this particular message.
+
+ Thrown if the message is invalid.
+
+
+
+ Gets the TypeURI the extension uses in the OpenID protocol and in XRDS advertisements.
+
+
+
+
+ Gets the additional TypeURIs that are supported by this extension, in preferred order.
+ May be empty if none other than is supported, but
+ should not be null.
+
+
+ Useful for reading in messages with an older version of an extension.
+ The value in the property is always checked before
+ trying this list.
+ If you do support multiple versions of an extension using this method,
+ consider adding a CreateResponse method to your request extension class
+ so that the response can have the context it needs to remain compatible
+ given the version of the extension in the request message.
+ The for an example.
+
+
+
+
+ Gets or sets a value indicating whether this extension was
+ signed by the OpenID Provider.
+
+
+ true if this instance is signed by the provider; otherwise, false.
+
+
+
+
+ Gets the version of the protocol or extension this message is prepared to implement.
+
+
+
+
+ Gets the extra, non-standard Protocol parameters included in the message.
+
+
+ Implementations of this interface should ensure that this property never returns null.
+
+
+
+
+ Gets the TypeURI the extension uses in the OpenID protocol and in XRDS advertisements.
+
+
+
+
+ Gets or sets a value indicating whether this extension was
+ signed by the OpenID Provider.
+
+
+ true if this instance is signed by the provider; otherwise, false.
+
+
+
+
+ Gets the additional TypeURIs that are supported by this extension, in preferred order.
+ May be empty if none other than is supported, but
+ should not be null.
+
+
+
+ Useful for reading in messages with an older version of an extension.
+ The value in the property is always checked before
+ trying this list.
+ If you do support multiple versions of an extension using this method,
+ consider adding a CreateResponse method to your request extension class
+ so that the response can have the context it needs to remain compatible
+ given the version of the extension in the request message.
+ The for an example.
+
+
+
+
+ Gets the extra, non-standard Protocol parameters included in the message.
+
+
+
+ Implementations of this interface should ensure that this property never returns null.
+
+
+
+
+ The value for the 'mode' parameter.
+
+
+
+
+ The factory method that may be used in deserialization of this message.
+
+
+
+
+ Characters that may not appear in an attribute alias list.
+
+
+
+
+ Characters that may not appear in an attribute Type URI alias.
+
+
+
+
+ The collection of requested attributes.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Determines whether the specified is equal to the current .
+
+ The to compare with the current .
+
+ true if the specified is equal to the current ; otherwise, false.
+
+
+ The parameter is null.
+
+
+
+
+ Serves as a hash function for a particular type.
+
+
+ A hash code for the current .
+
+
+
+
+ Called when the message is about to be transmitted,
+ before it passes through the channel binding elements.
+
+
+
+
+ Called when the message has been received,
+ after it passes through the channel binding elements.
+
+
+
+
+ Checks the message state for conformity to the protocol specification
+ and throws an exception if the message is invalid.
+
+
+ Some messages have required fields, or combinations of fields that must relate to each other
+ in specialized ways. After deserializing a message, this method checks the state of the
+ message to see if it conforms to the protocol.
+ Note that this property should not check signatures or perform any state checks
+ outside this scope of this particular message.
+
+ Thrown if the message is invalid.
+
+
+
+ Splits a list of aliases by their commas.
+
+ The comma-delimited list of aliases. May be null or empty.
+ The list of aliases. Never null, but may be empty.
+
+
+
+ Gets a collection of the attributes whose values are
+ requested by the Relying Party.
+
+ A collection where the keys are the attribute type URIs, and the value
+ is all the attribute request details.
+
+
+
+ Gets or sets the URL that the OpenID Provider may re-post the fetch response
+ message to at some time after the initial response has been sent, using an
+ OpenID Authentication Positive Assertion to inform the relying party of updates
+ to the requested fields.
+
+
+
+
+ Gets or sets a list of aliases for optional attributes.
+
+ A comma-delimited list of aliases.
+
+
+
+ Gets or sets a list of aliases for required attributes.
+
+ A comma-delimited list of aliases.
+
+
+
+ The Attribute Exchange Fetch message, response leg.
+
+
+
+
+ The value of the 'mode' parameter.
+
+
+
+
+ The factory method that may be used in deserialization of this message.
+
+
+
+
+ The collection of provided attributes. This field will never be null.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Gets the first attribute value provided for a given attribute Type URI.
+
+
+ The type URI of the attribute.
+ Usually a constant from .
+
+ The first value provided for the attribute, or null if the attribute is missing or no values were provided.
+
+
+ This is meant as a helper method for the common case of just wanting one attribute value.
+ For greater flexibility or to retrieve more than just the first value for an attribute,
+ use the collection directly.
+
+
+
+
+ Determines whether the specified is equal to the current .
+
+ The to compare with the current .
+
+ true if the specified is equal to the current ; otherwise, false.
+
+
+ The parameter is null.
+
+
+
+
+ Serves as a hash function for a particular type.
+
+
+ A hash code for the current .
+
+
+
+
+ Called when the message is about to be transmitted,
+ before it passes through the channel binding elements.
+
+
+
+
+ Called when the message has been received,
+ after it passes through the channel binding elements.
+
+
+
+
+ Checks the message state for conformity to the protocol specification
+ and throws an exception if the message is invalid.
+
+
+ Some messages have required fields, or combinations of fields that must relate to each other
+ in specialized ways. After deserializing a message, this method checks the state of the
+ message to see if it conforms to the protocol.
+ Note that this property should not check signatures or perform any state checks
+ outside this scope of this particular message.
+
+ Thrown if the message is invalid.
+
+
+
+ Gets a sequence of the attributes whose values are provided by the OpenID Provider.
+
+
+
+
+ Gets a value indicating whether the OpenID Provider intends to
+ honor the request for updates.
+
+
+
+
+ Gets or sets the URL the OpenID Provider will post updates to.
+ Must be set if the Provider supports and will use this feature.
+
+
+
+
+ Gets a value indicating whether this extension is signed by the Provider.
+
+
+ true if this instance is signed by the Provider; otherwise, false.
+
+
+
+
+ The Attribute Exchange Store message, request leg.
+
+
+
+
+ The value of the 'mode' parameter.
+
+
+
+
+ The factory method that may be used in deserialization of this message.
+
+
+
+
+ The collection of provided attribute values. This field will never be null.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Called when the message is about to be transmitted,
+ before it passes through the channel binding elements.
+
+
+
+
+ Called when the message has been received,
+ after it passes through the channel binding elements.
+
+
+
+
+ Determines whether the specified is equal to the current .
+
+ The to compare with the current .
+
+ true if the specified is equal to the current ; otherwise, false.
+
+
+ The parameter is null.
+
+
+
+
+ Serves as a hash function for a particular type.
+
+
+ A hash code for the current .
+
+
+
+
+ Gets the collection of all the attributes that are included in the store request.
+
+
+
+
+ The Attribute Exchange Store message, response leg.
+
+
+
+
+ The value of the mode parameter used to express a successful store operation.
+
+
+
+
+ The value of the mode parameter used to express a store operation failure.
+
+
+
+
+ The factory method that may be used in deserialization of this message.
+
+
+
+
+ Initializes a new instance of the class
+ to represent a successful store operation.
+
+
+
+
+ Initializes a new instance of the class
+ to represent a failed store operation.
+
+ The reason for failure.
+
+
+
+ Determines whether the specified is equal to the current .
+
+ The to compare with the current .
+
+ true if the specified is equal to the current ; otherwise, false.
+
+
+ The parameter is null.
+
+
+
+
+ Serves as a hash function for a particular type.
+
+
+ A hash code for the current .
+
+
+
+
+ Checks the message state for conformity to the protocol specification
+ and throws an exception if the message is invalid.
+
+
+ Some messages have required fields, or combinations of fields that must relate to each other
+ in specialized ways. After deserializing a message, this method checks the state of the
+ message to see if it conforms to the protocol.
+ Note that this property should not check signatures or perform any state checks
+ outside this scope of this particular message.
+
+ Thrown if the message is invalid.
+
+
+
+ Gets or sets a value indicating whether the storage request succeeded.
+
+ Defaults to true.
+
+
+
+ Gets or sets the reason for the failure, if applicable.
+
+
+
+
+ Gets a value indicating whether this extension is signed by the Provider.
+
+
+ true if this instance is signed by the Provider; otherwise, false.
+
+
+
+
+ Gets or sets the mode argument.
+
+ One of 'store_response_success' or 'store_response_failure'.
+
+
+
+ Attribute types defined at http://www.axschema.org/types/.
+
+
+ If you don't see what you need here, check that URL to see if any have been added.
+ You can use new ones directly without adding them to this class, and can even make
+ up your own if you expect the other end to understand what you make up.
+
+
+
+
+ Inherent attributes about a personality such as gender and bio.
+
+
+
+ Gender, either "M" or "F"
+ "M", "F"
+
+
+ Biography (text)
+ "I am the very model of a modern Major General."
+
+
+
+ Preferences such as language and timezone.
+
+
+
+ Preferred language, as per RFC4646
+ "en-US"
+
+
+ Home time zone information (as specified in zoneinfo)
+ "America/Pacific"
+
+
+
+ The names a person goes by.
+
+
+
+ Subject's alias or "screen" name
+ "Johnny5"
+
+
+ Full name of subject
+ "John Doe"
+
+
+ Honorific prefix for the subject's name
+ "Mr.", "Mrs.", "Dr."
+
+
+ First or given name of subject
+ "John"
+
+
+ Last name or surname of subject
+ "Smith"
+
+
+ Middle name(s) of subject
+ "Robert"
+
+
+ Suffix of subject's name
+ "III", "Jr."
+
+
+
+ Business affiliation.
+
+
+
+ Company name (employer)
+ "Springfield Power"
+
+
+ Employee title
+ "Engineer"
+
+
+
+ Information about a person's birthdate.
+
+
+
+ Date of birth.
+ "1979-01-01"
+
+
+ Year of birth (four digits)
+ "1979"
+
+
+ Month of birth (1-12)
+ "05"
+
+
+ Day of birth
+ "31"
+
+
+
+ Various ways to contact a person.
+
+
+
+ Internet SMTP email address as per RFC2822
+ "jsmith@isp.example.com"
+
+
+
+ Various types of phone numbers.
+
+
+
+ Main phone number (preferred)
+ +1-800-555-1234
+
+
+ Home phone number
+ +1-800-555-1234
+
+
+ Business phone number
+ +1-800-555-1234
+
+
+ Cellular (or mobile) phone number
+ +1-800-555-1234
+
+
+ Fax number
+ +1-800-555-1234
+
+
+
+ The many fields that make up an address.
+
+
+
+ Home postal address: street number, name and apartment number
+ "#42 135 East 1st Street"
+
+
+ "#42 135 East 1st Street"
+ "Box 67"
+
+
+ Home city name
+ "Vancouver"
+
+
+ Home state or province name
+ "BC"
+
+
+ Home country code in ISO.3166.1988 (alpha 2) format
+ "CA"
+
+
+ Home postal code; region specific format
+ "V5A 4B2"
+
+
+
+ The many fields that make up an address.
+
+
+
+ Business postal address: street number, name and apartment number
+ "#42 135 East 1st Street"
+
+
+ "#42 135 East 1st Street"
+ "Box 67"
+
+
+ Business city name
+ "Vancouver"
+
+
+ Business state or province name
+ "BC"
+
+
+ Business country code in ISO.3166.1988 (alpha 2) format
+ "CA"
+
+
+ Business postal code; region specific format
+ "V5A 4B2"
+
+
+
+ Various handles for instant message clients.
+
+
+
+ AOL instant messaging service handle
+ "jsmith421234"
+
+
+ ICQ instant messaging service handle
+ "1234567"
+
+
+ MSN instant messaging service handle
+ "jsmith42@hotmail.com"
+
+
+ Yahoo! instant messaging service handle
+ "jsmith421234"
+
+
+ Jabber instant messaging service handle
+ "jsmith@jabber.example.com"
+
+
+ Skype instant messaging service handle
+ "jsmith42"
+
+
+
+ Various web addresses connected with this personality.
+
+
+
+ Web site URL
+ "http://example.com/~jsmith/"
+
+
+ Blog home page URL
+ "http://example.com/jsmith_blog/"
+
+
+ LinkedIn URL
+ "http://www.linkedin.com/pub/1/234/56"
+
+
+ Amazon URL
+ "http://www.amazon.com/gp/pdp/profile/A24DLKJ825"
+
+
+ Flickr URL
+ "http://flickr.com/photos/jsmith42/"
+
+
+ del.icio.us URL
+ "http://del.icio.us/jsmith42"
+
+
+
+ Audio and images of this personality.
+
+
+
+ Spoken name (web URL)
+ "http://example.com/~jsmith/john_smith.wav"
+
+
+ Audio greeting (web URL)
+ "http://example.com/~jsmith/i_greet_you.wav"
+
+
+ Video greeting (web URL)
+ "http://example.com/~jsmith/i_greet_you.mov"
+
+
+
+ Images of this personality.
+
+
+
+ Image (web URL); unspecified dimension
+ "http://example.com/~jsmith/image.jpg"
+
+
+ Image (web URL) with equal width and height
+ "http://example.com/~jsmith/image.jpg"
+
+
+ Image (web URL) 4:3 aspect ratio - landscape
+ "http://example.com/~jsmith/image.jpg"
+
+
+ Image (web URL) 4:3 aspect ratio - landscape
+ "http://example.com/~jsmith/image.jpg"
+
+
+ Image (web URL); favicon format as per FAVICON-W3C. The format for the image must be 16x16 pixels or 32x32 pixels, using either 8-bit or 24-bit colors. The format of the image must be one of PNG (a W3C standard), GIF, or ICO.
+ "http://example.com/~jsmith/image.jpg"
+
+
+
+ Manages the processing and construction of OpenID extensions parts.
+
+
+
+
+ This contains a set of aliases that we must be willing to implicitly
+ match to namespaces for backward compatibility with other OpenID libraries.
+
+
+
+
+ The version of OpenID that the message is using.
+
+
+
+
+ Whether extensions are being read or written.
+
+
+
+
+ The alias manager that will track Type URI to alias mappings.
+
+
+
+
+ A complex dictionary where the key is the Type URI of the extension,
+ and the value is another dictionary of the name/value args of the extension.
+
+
+
+
+ Prevents a default instance of the class from being created.
+
+
+
+
+ Creates a instance to process incoming extensions.
+
+ The parameters in the OpenID message.
+ The newly created instance of .
+
+
+
+ Creates a instance to prepare outgoing extensions.
+
+ The protocol version used for the outgoing message.
+
+ The newly created instance of .
+
+
+
+
+ Adds query parameters for OpenID extensions to the request directed
+ at the OpenID provider.
+
+ The extension type URI.
+ The arguments for this extension to add to the message.
+
+
+
+ Gets the actual arguments to add to a querystring or other response,
+ where type URI, alias, and actual key/values are all defined.
+
+
+ true if the generated parameter names should include the 'openid.' prefix.
+ This should be true for all but direct response messages.
+
+ A dictionary of key=value pairs to add to the message to carry the extension.
+
+
+
+ Gets the fields carried by a given OpenId extension.
+
+ The type URI of the extension whose fields are being queried for.
+
+ The fields included in the given extension, or null if the extension is not present.
+
+
+
+
+ Gets whether any arguments for a given extension are present.
+
+ The extension Type URI in question.
+ true if this extension is present; false otherwise.
+
+
+
+ Gets the type URIs of all discovered extensions in the message.
+
+ A sequence of the type URIs.
+
+
+
+ Gets a value indicating whether the extensions are being read (as opposed to written).
+
+
+
+
+ An interface that OpenID extensions can implement to allow authentication response
+ messages with included extensions to be processed by Javascript on the user agent.
+
+
+
+
+ Reads the extension information on an authentication response from the provider.
+
+ The incoming OpenID response carrying the extension.
+
+ A Javascript snippet that when executed on the user agent returns an object with
+ the information deserialized from the extension response.
+
+
+ This method is called before the signature on the assertion response has been
+ verified. Therefore all information in these fields should be assumed unreliable
+ and potentially falsified.
+
+
+
+
+ An extension to include with an authentication request in order to also
+ obtain authorization to access user data at the combined OpenID Provider
+ and Service Provider.
+
+
+ When requesting OpenID Authentication via the protocol mode "checkid_setup"
+ or "checkid_immediate", this extension can be used to request that the end
+ user authorize an OAuth access token at the same time as an OpenID
+ authentication. This is done by sending the following parameters as part
+ of the OpenID request. (Note that the use of "oauth" as part of the parameter
+ names here and in subsequent sections is just an example. See Section 5 for details.)
+ See section 8.
+
+
+
+
+ The factory method that may be used in deserialization of this message.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Gets or sets the consumer key agreed upon between the Consumer and Service Provider.
+
+
+
+
+ Gets or sets a string that encodes, in a way possibly specific to the Combined Provider, one or more scopes for the OAuth token expected in the authentication response.
+
+
+
+
+ The OAuth response that a Provider may include with a positive
+ OpenID identity assertion with an approved request token.
+
+
+
+
+ The factory method that may be used in deserialization of this message.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Gets or sets the user-approved request token.
+
+ The request token.
+
+
+
+ Gets or sets a string that encodes, in a way possibly specific to the Combined Provider, one or more scopes that the returned request token is valid for. This will typically indicate a subset of the scopes requested in Section 8.
+
+
+
+
+ Constants used in the OpenID OAuth extension.
+
+
+
+
+ The TypeURI for the OpenID OAuth extension.
+
+
+
+
+ The name of the parameter that carries the request token in the response.
+
+
+
+
+ The OAuth response that a Provider should include with a positive
+ OpenID identity assertion when OAuth authorization was declined.
+
+
+
+
+ The factory method that may be used in deserialization of this message.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ An OpenID extension factory that only delegates extension
+ instantiation requests to other factories.
+
+
+
+
+ The list of factories this factory delegates to.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Creates a new instance of some extension based on the received extension parameters.
+
+ The type URI of the extension.
+ The parameters associated specifically with this extension.
+ The OpenID message carrying this extension.
+ A value indicating whether this extension is being received at the OpenID Provider.
+
+ An instance of if the factory recognizes
+ the extension described in the input parameters; null otherwise.
+
+
+ This factory method need only initialize properties in the instantiated extension object
+ that are not bound using .
+
+
+
+
+ Loads the default factory and additional ones given by the configuration.
+
+ A new instance of .
+
+
+
+ Gets the extension factories that this aggregating factory delegates to.
+
+ A list of factories. May be empty, but never null.
+
+
+
+ Encodes/decodes the Simple Registration Gender type to its string representation.
+
+
+
+
+ Encodes the specified value.
+
+ The value. Guaranteed to never be null.
+
+ The in string form, ready for message transport.
+
+
+
+
+ Decodes the specified value.
+
+ The string value carried by the transport. Guaranteed to never be null, although it may be empty.
+
+ The deserialized form of the given string.
+
+ Thrown when the string value given cannot be decoded into the required object type.
+
+
+
+ An OpenID extension factory that supports registration so that third-party
+ extensions can add themselves to this library's supported extension list.
+
+
+
+
+ A collection of the registered OpenID extensions.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Creates a new instance of some extension based on the received extension parameters.
+
+ The type URI of the extension.
+ The parameters associated specifically with this extension.
+ The OpenID message carrying this extension.
+ A value indicating whether this extension is being received at the OpenID Provider.
+
+ An instance of if the factory recognizes
+ the extension described in the input parameters; null otherwise.
+
+
+ This factory method need only initialize properties in the instantiated extension object
+ that are not bound using .
+
+
+
+
+ Registers a new extension delegate.
+
+ The factory method that can create the extension.
+
+
+
+ A delegate that individual extensions may register with this factory.
+
+ The type URI of the extension.
+ The parameters associated specifically with this extension.
+ The OpenID message carrying this extension.
+ A value indicating whether this extension is being received at the OpenID Provider.
+
+ An instance of if the factory recognizes
+ the extension described in the input parameters; null otherwise.
+
+
+
+
+ Well-known authentication policies defined in the PAPE extension spec or by a recognized
+ standards body.
+
+
+ This is a class of constants rather than a flags enum because policies may be
+ freely defined and used by anyone, just by using a new Uri.
+
+
+
+
+ An authentication mechanism where the End User does not provide a shared secret to a party potentially under the control of the Relying Party. (Note that the potentially malicious Relying Party controls where the User-Agent is redirected to and thus may not send it to the End User's actual OpenID Provider).
+
+
+
+
+ An authentication mechanism where the End User authenticates to the OpenID Provider by providing over one authentication factor. Common authentication factors are something you know, something you have, and something you are. An example would be authentication using a password and a software token or digital certificate.
+
+
+
+
+ An authentication mechanism where the End User authenticates to the OpenID Provider by providing over one authentication factor where at least one of the factors is a physical factor such as a hardware device or biometric. Common authentication factors are something you know, something you have, and something you are. This policy also implies the Multi-Factor Authentication policy (http://schemas.openid.net/pape/policies/2007/06/multi-factor) and both policies MAY BE specified in conjunction without conflict. An example would be authentication using a password and a hardware token.
+
+
+
+
+ Indicates that the Provider MUST use a pair-wise pseudonym for the user that is persistent
+ and unique across the requesting realm as the openid.claimed_id and openid.identity (see Section 4.2).
+
+
+
+
+ Indicates that the OP MUST only respond with a positive assertion if the requirements demonstrated
+ by the OP to obtain certification by a Federally adopted Trust Framework Provider have been met.
+
+
+ Notwithstanding the RP may request this authentication policy, the RP MUST still
+ verify that this policy appears in the positive assertion response rather than assume the OP
+ recognized and complied with the request.
+
+
+
+
+ Indicates that the OP MUST not include any OpenID Attribute Exchange or Simple Registration
+ information regarding the user in the assertion.
+
+
+
+
+ Used in a PAPE response to indicate that no PAPE authentication policies could be satisfied.
+
+
+ Used internally by the PAPE extension, so that users don't have to know about it.
+
+
+
+
+ OpenID Provider Authentication Policy extension constants.
+
+
+
+
+ The namespace used by this extension in messages.
+
+
+
+
+ The namespace alias to use for OpenID 1.x interop, where aliases are not defined in the message.
+
+
+
+
+ The string to prepend on an Auth Level Type alias definition.
+
+
+
+
+ Well-known assurance level Type URIs.
+
+
+
+
+ The Type URI of the NIST assurance level.
+
+
+
+
+ A mapping between the PAPE TypeURI and the alias to use if
+ possible for backward compatibility reasons.
+
+
+
+
+ Parameters to be included with PAPE requests.
+
+
+
+
+ Optional. If the End User has not actively authenticated to the OP within the number of seconds specified in a manner fitting the requested policies, the OP SHOULD authenticate the End User for this request.
+
+ Integer value greater than or equal to zero in seconds.
+
+ The OP should realize that not adhering to the request for re-authentication most likely means that the End User will not be allowed access to the services provided by the RP. If this parameter is absent in the request, the OP should authenticate the user at its own discretion.
+
+
+
+
+ Zero or more authentication policy URIs that the OP SHOULD conform to when authenticating the user. If multiple policies are requested, the OP SHOULD satisfy as many as it can.
+
+ Space separated list of authentication policy URIs.
+
+ If no policies are requested, the RP may be interested in other information such as the authentication age.
+
+
+
+
+ The space separated list of the name spaces of the custom Assurance Level that RP requests, in the order of its preference.
+
+
+
+
+ An encoder/decoder design for DateTimes that must conform to the PAPE spec.
+
+
+ The timestamp MUST be formatted as specified in section 5.6 of [RFC3339] (Klyne, G. and C. Newman, “Date and Time on the Internet: Timestamps,” .), with the following restrictions:
+ * All times must be in the UTC timezone, indicated with a "Z".
+ * No fractional seconds are allowed
+ For example: 2005-05-15T17:11:51Z
+
+
+
+
+ An array of the date/time formats allowed by the PAPE extension.
+
+
+ TODO: This array of formats is not yet a complete list.
+
+
+
+
+ Encodes the specified value.
+
+ The value. Guaranteed to never be null.
+
+ The in string form, ready for message transport.
+
+
+
+
+ Decodes the specified value.
+
+ The string value carried by the transport. Guaranteed to never be null, although it may be empty.
+
+ The deserialized form of the given string.
+
+ Thrown when the string value given cannot be decoded into the required object type.
+
+
+
+ Descriptions for NIST-defined levels of assurance that a credential
+ has not been compromised and therefore the extent to which an
+ authentication assertion can be trusted.
+
+
+ One using this enum should review the following publication for details
+ before asserting or interpreting what these levels signify, notwithstanding
+ the brief summaries attached to each level in DotNetOpenAuth documentation.
+ http://csrc.nist.gov/publications/nistpubs/800-63/SP800-63V1_0_2.pdf
+
+ See PAPE spec Appendix A.1.2 (NIST Assurance Levels) for high-level example classifications of authentication methods within the defined levels.
+
+
+
+
+
+ Not an assurance level defined by NIST, but rather SHOULD be used to
+ signify that the OP recognizes the parameter and the End User
+ authentication did not meet the requirements of Level 1.
+
+
+
+
+ See this document for a thorough description:
+ http://csrc.nist.gov/publications/nistpubs/800-63/SP800-63V1_0_2.pdf
+
+
+
+
+ See this document for a thorough description:
+ http://csrc.nist.gov/publications/nistpubs/800-63/SP800-63V1_0_2.pdf
+
+
+
+
+ See this document for a thorough description:
+ http://csrc.nist.gov/publications/nistpubs/800-63/SP800-63V1_0_2.pdf
+
+
+
+
+ See this document for a thorough description:
+ http://csrc.nist.gov/publications/nistpubs/800-63/SP800-63V1_0_2.pdf
+
+
+
+
+ Utility methods for use by the PAPE extension.
+
+
+
+
+ Looks at the incoming fields and figures out what the aliases and name spaces for auth level types are.
+
+ The incoming message data in which to discover TypeURIs and aliases.
+ The initialized with the given data.
+
+
+
+ Concatenates a sequence of strings using a space as a separator.
+
+ The elements to concatenate together..
+ The concatenated string of elements.
+ Thrown if any element in the sequence includes a space.
+
+
+
+ The PAPE request part of an OpenID Authentication request message.
+
+
+
+
+ The factory method that may be used in deserialization of this message.
+
+
+
+
+ The transport field for the RP's preferred authentication policies.
+
+
+ This field is written to/read from during custom serialization.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Called when the message is about to be transmitted,
+ before it passes through the channel binding elements.
+
+
+
+
+ Called when the message has been received,
+ after it passes through the channel binding elements.
+
+
+
+
+ Determines whether the specified is equal to the current .
+
+ The to compare with the current .
+
+ true if the specified is equal to the current ; otherwise, false.
+
+
+ The parameter is null.
+
+
+
+
+ Serves as a hash function for a particular type.
+
+
+ A hash code for the current .
+
+
+
+
+ Serializes the policies as a single string per the PAPE spec..
+
+ The policies to include in the list.
+ The concatenated string of the given policies.
+
+
+
+ Serializes the auth levels to a list of aliases.
+
+ The preferred auth level types.
+ The alias manager.
+ A space-delimited list of aliases.
+
+
+
+ Gets or sets the maximum acceptable time since the End User has
+ actively authenticated to the OP in a manner fitting the requested
+ policies, beyond which the Provider SHOULD authenticate the
+ End User for this request.
+
+
+ The OP should realize that not adhering to the request for re-authentication
+ most likely means that the End User will not be allowed access to the
+ services provided by the RP. If this parameter is absent in the request,
+ the OP should authenticate the user at its own discretion.
+
+
+
+
+ Gets the list of authentication policy URIs that the OP SHOULD
+ conform to when authenticating the user. If multiple policies are
+ requested, the OP SHOULD satisfy as many as it can.
+
+ List of authentication policy URIs obtainable from
+ the class or from a custom
+ list.
+
+ If no policies are requested, the RP may be interested in other
+ information such as the authentication age.
+
+
+
+
+ Gets the namespaces of the custom Assurance Level the
+ Relying Party requests, in the order of its preference.
+
+
+
+
+ The PAPE response part of an OpenID Authentication response message.
+
+
+
+
+ The first part of a parameter name that gives the custom string value for
+ the assurance level. The second part of the parameter name is the alias for
+ that assurance level.
+
+
+
+
+ The factory method that may be used in deserialization of this message.
+
+
+
+
+ One or more authentication policy URIs that the OP conformed to when authenticating the End User.
+
+ Space separated list of authentication policy URIs.
+
+ If no policies were met though the OP wishes to convey other information in the response, this parameter MUST be included with the value of "none".
+
+
+
+
+ Backing field for the property.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Called when the message is about to be transmitted,
+ before it passes through the channel binding elements.
+
+
+
+
+ Called when the message has been received,
+ after it passes through the channel binding elements.
+
+
+
+
+ Determines whether the specified is equal to the current .
+
+ The to compare with the current .
+
+ true if the specified is equal to the current ; otherwise, false.
+
+
+ The parameter is null.
+
+
+
+
+ Serves as a hash function for a particular type.
+
+
+ A hash code for the current .
+
+
+
+
+ Serializes the applied policies for transmission from the Provider
+ to the Relying Party.
+
+ The applied policies.
+ A space-delimited list of applied policies.
+
+
+
+ Gets a list of authentication policy URIs that the
+ OP conformed to when authenticating the End User.
+
+
+
+
+ Gets or sets the most recent timestamp when the End User has
+ actively authenticated to the OP in a manner fitting the asserted policies.
+
+
+ If the RP's request included the "openid.pape.max_auth_age" parameter
+ then the OP MUST include "openid.pape.auth_time" in its response.
+ If "openid.pape.max_auth_age" was not requested, the OP MAY choose to include
+ "openid.pape.auth_time" in its response.
+
+
+
+
+ Gets or sets the Assurance Level as defined by the National
+ Institute of Standards and Technology (NIST) in Special Publication
+ 800-63 (Burr, W., Dodson, D., and W. Polk, Ed., “Electronic
+ Authentication Guideline,” April 2006.) [NIST_SP800‑63] corresponding
+ to the authentication method and policies employed by the OP when
+ authenticating the End User.
+
+
+ See PAPE spec Appendix A.1.2 (NIST Assurance Levels) for high-level
+ example classifications of authentication methods within the defined
+ levels.
+
+
+
+
+ Gets a dictionary where keys are the authentication level type URIs and
+ the values are the per authentication level defined custom value.
+
+
+ A very common key is
+ and values for this key are available in .
+
+
+
+
+ Gets a value indicating whether this extension is signed by the Provider.
+
+
+ true if this instance is signed by the Provider; otherwise, false.
+
+
+
+
+ Carries the request/require/none demand state of the simple registration fields.
+
+
+
+
+ The factory method that may be used in deserialization of this message.
+
+
+
+
+ The type URI that this particular (deserialized) extension was read in using,
+ allowing a response to alter be crafted using the same type URI.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Initializes a new instance of the class
+ by deserializing from a message.
+
+ The type URI this extension was recognized by in the OpenID message.
+
+
+
+ Tests equality between two structs.
+
+ One instance to compare.
+ Another instance to compare.
+ The result of the operator.
+
+
+
+ Tests inequality between two structs.
+
+ One instance to compare.
+ Another instance to compare.
+ The result of the operator.
+
+
+
+ Tests equality between two structs.
+
+ The to compare with the current .
+
+ true if the specified is equal to the current ; otherwise, false.
+
+
+ The parameter is null.
+
+
+
+
+ Serves as a hash function for a particular type.
+
+
+ A hash code for the current .
+
+
+
+
+ Renders the requested information as a string.
+
+
+ A that represents the current .
+
+
+
+
+ Prepares a Simple Registration response extension that is compatible with the
+ version of Simple Registration used in the request message.
+
+ The newly created instance.
+
+
+
+ Sets the profile request properties according to a list of
+ field names that might have been passed in the OpenId query dictionary.
+
+
+ The list of field names that should receive a given
+ . These field names should match
+ the OpenId specification for field names, omitting the 'openid.sreg' prefix.
+
+ The none/request/require state of the listed fields.
+
+
+
+ Assembles the profile parameter names that have a given .
+
+ The demand level (request, require, none).
+ An array of the profile parameter names that meet the criteria.
+
+
+
+ Gets or sets the URL the consumer site provides for the authenticating user to review
+ for how his claims will be used by the consumer web site.
+
+
+
+
+ Gets or sets the level of interest a relying party has in the nickname of the user.
+
+
+
+
+ Gets or sets the level of interest a relying party has in the email of the user.
+
+
+
+
+ Gets or sets the level of interest a relying party has in the full name of the user.
+
+
+
+
+ Gets or sets the level of interest a relying party has in the birthdate of the user.
+
+
+
+
+ Gets or sets the level of interest a relying party has in the gender of the user.
+
+
+
+
+ Gets or sets the level of interest a relying party has in the postal code of the user.
+
+
+
+
+ Gets or sets the level of interest a relying party has in the Country of the user.
+
+
+
+
+ Gets or sets the level of interest a relying party has in the language of the user.
+
+
+
+
+ Gets or sets the level of interest a relying party has in the time zone of the user.
+
+
+
+
+ Gets or sets a value indicating whether this instance
+ is synthesized from an AX request at the Provider.
+
+
+
+
+ Gets or sets the value of the sreg.required parameter.
+
+ A comma-delimited list of sreg fields.
+
+
+
+ Gets or sets the value of the sreg.optional parameter.
+
+ A comma-delimited list of sreg fields.
+
+
+
+ A struct storing Simple Registration field values describing an
+ authenticating user.
+
+
+
+
+ The factory method that may be used in deserialization of this message.
+
+
+
+
+ The allowed format for birthdates.
+
+
+
+
+ Storage for the raw string birthdate value.
+
+
+
+
+ Backing field for the property.
+
+
+
+
+ Backing field for the property.
+
+
+
+
+ Initializes a new instance of the class
+ using the most common, and spec prescribed type URI.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+ The type URI that must be used to identify this extension in the response message.
+ This value should be the same one the relying party used to send the extension request.
+ Commonly used type URIs supported by relying parties are defined in the
+ class.
+
+
+
+
+ Tests equality of two objects.
+
+ One instance to compare.
+ Another instance to compare.
+ The result of the operator.
+
+
+
+ Tests inequality of two objects.
+
+ One instance to compare.
+ Another instance to compare.
+ The result of the operator.
+
+
+
+ Tests equality of two objects.
+
+ The to compare with the current .
+
+ true if the specified is equal to the current ; otherwise, false.
+
+
+ The parameter is null.
+
+
+
+
+ Serves as a hash function for a particular type.
+
+
+ A hash code for the current .
+
+
+
+
+ Reads the extension information on an authentication response from the provider.
+
+ The incoming OpenID response carrying the extension.
+
+ A Javascript snippet that when executed on the user agent returns an object with
+ the information deserialized from the extension response.
+
+
+ This method is called before the signature on the assertion response has been
+ verified. Therefore all information in these fields should be assumed unreliable
+ and potentially falsified.
+
+
+
+
+ Called when the message is about to be transmitted,
+ before it passes through the channel binding elements.
+
+
+
+
+ Called when the message has been received,
+ after it passes through the channel binding elements.
+
+
+
+
+ Translates an empty string value to null, or passes through non-empty values.
+
+ The value to consider changing to null.
+ Either null or a non-empty string.
+
+
+
+ Gets or sets the nickname the user goes by.
+
+
+
+
+ Gets or sets the user's email address.
+
+
+
+
+ Gets or sets the full name of a user as a single string.
+
+
+
+
+ Gets or sets the user's birthdate.
+
+
+
+
+ Gets or sets the raw birth date string given by the extension.
+
+ A string in the format yyyy-MM-dd.
+
+
+
+ Gets or sets the gender of the user.
+
+
+
+
+ Gets or sets the zip code / postal code of the user.
+
+
+
+
+ Gets or sets the country of the user.
+
+
+
+
+ Gets or sets the primary/preferred language of the user.
+
+
+
+
+ Gets or sets the user's timezone.
+
+
+
+
+ Gets a combination of the user's full name and email address.
+
+
+
+
+ Gets or sets a combination of the language and country of the user.
+
+
+
+
+ Gets a value indicating whether this extension is signed by the Provider.
+
+
+ true if this instance is signed by the Provider; otherwise, false.
+
+
+
+
+ Simple Registration constants
+
+
+
+
+ Additional type URIs that this extension is sometimes known by remote parties.
+
+
+
+
+ Commonly used type URIs to represent the Simple Registration extension.
+
+
+
+
+ The URI "http://openid.net/extensions/sreg/1.1".
+
+
+ This is the type URI prescribed by the Simple Registration 1.1 spec.
+ http://openid.net/specs/openid-simple-registration-extension-1_1-01.html#anchor3
+
+
+
+
+ The URI "http://openid.net/sreg/1.0"
+
+
+
+
+ The URI "http://openid.net/sreg/1.1"
+
+
+
+
+ Specifies what level of interest a relying party has in obtaining the value
+ of a given field offered by the Simple Registration extension.
+
+
+
+
+ The relying party has no interest in obtaining this field.
+
+
+
+
+ The relying party would like the value of this field, but wants
+ the Provider to display the field to the user as optionally provided.
+
+
+
+
+ The relying party considers this a required field as part of
+ authentication. The Provider and/or user agent MAY still choose to
+ not provide the value of the field however, according to the
+ Simple Registration extension specification.
+
+
+
+
+ Indicates the gender of a user.
+
+
+
+
+ The user is male.
+
+
+
+
+ The user is female.
+
+
+
+
+ Constants used to support the UI extension.
+
+
+
+
+ The type URI associated with this extension.
+
+
+
+
+ The Type URI that appears in an XRDS document when the OP supports popups through the UI extension.
+
+
+
+
+ The Type URI that appears in an XRDS document when the OP supports the RP
+ specifying the user's preferred language through the UI extension.
+
+
+
+
+ The Type URI that appears in the XRDS document when the OP supports the RP
+ specifying the icon for the OP to display during authentication through the UI extension.
+
+
+
+
+ Valid values for the mode parameter of the OpenID User Interface extension.
+
+
+
+
+ Indicates that the Provider's authentication page appears in a popup window.
+
+ The constant "popup".
+
+ The RP SHOULD create the popup to be 450 pixels wide and 500 pixels tall. The popup MUST have the address bar displayed, and MUST be in a standalone browser window. The contents of the popup MUST NOT be framed by the RP.
+ The RP SHOULD open the popup centered above the main browser window, and SHOULD dim the contents of the parent window while the popup is active. The RP SHOULD ensure that the user is not surprised by the appearance of the popup, and understands how to interact with it.
+ To keep the user popup user experience consistent, it is RECOMMENDED that the OP does not resize the popup window unless the OP requires additional space to show special features that are not usually displayed as part of the default popup user experience.
+ The OP MAY close the popup without returning a response to the RP. Closing the popup without sending a response should be interpreted as a negative assertion.
+ The response to an authentication request in a popup is unchanged from [OpenID 2.0] (OpenID 2.0 Workgroup, “OpenID 2.0,” .). Relying Parties detecting that the popup was closed without receiving an authentication response SHOULD interpret the close event to be a negative assertion.
+
+
+
+
+ OpenID User Interface extension 1.0 request message.
+
+
+ Implements the extension described by: http://wiki.openid.net/f/openid_ui_extension_draft01.html
+ This extension only applies to checkid_setup requests, since checkid_immediate requests display
+ no UI to the user.
+ For rules about how the popup window should be displayed, please see the documentation of
+ .
+ An RP may determine whether an arbitrary OP supports this extension (and thereby determine
+ whether to use a standard full window redirect or a popup) via the
+ method.
+
+
+
+
+ The factory method that may be used in deserialization of this message.
+
+
+
+
+ Additional type URIs that this extension is sometimes known by remote parties.
+
+
+
+
+ Backing store for .
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Checks the message state for conformity to the protocol specification
+ and throws an exception if the message is invalid.
+
+
+ Some messages have required fields, or combinations of fields that must relate to each other
+ in specialized ways. After deserializing a message, this method checks the state of the
+ message to see if it conforms to the protocol.
+ Note that this property should not check signatures or perform any state checks
+ outside this scope of this particular message.
+
+ Thrown if the message is invalid.
+
+
+
+ Called when the message is about to be transmitted,
+ before it passes through the channel binding elements.
+
+
+
+
+ Called when the message has been received,
+ after it passes through the channel binding elements.
+
+
+
+
+ Gets or sets the list of user's preferred languages, sorted in decreasing preferred order.
+
+ The default is the of the thread that created this instance.
+
+ The user's preferred languages as a [BCP 47] language priority list, represented as a comma-separated list of BCP 47 basic language ranges in descending priority order. For instance, the value "fr-CA,fr-FR,en-CA" represents the preference for French spoken in Canada, French spoken in France, followed by English spoken in Canada.
+
+
+
+
+ Gets or sets the style of UI that the RP is hosting the OP's authentication page in.
+
+ Some value from the class. Defaults to .
+
+
+
+ Gets or sets a value indicating whether the Relying Party has an icon
+ it would like the Provider to display to the user while asking them
+ whether they would like to log in.
+
+ true if the Provider should display an icon; otherwise, false.
+
+ By default, the Provider displays the relying party's favicon.ico.
+
+
+
+
+ Gets the TypeURI the extension uses in the OpenID protocol and in XRDS advertisements.
+
+
+
+
+
+ Gets the additional TypeURIs that are supported by this extension, in preferred order.
+ May be empty if none other than is supported, but
+ should not be null.
+
+
+ Useful for reading in messages with an older version of an extension.
+ The value in the property is always checked before
+ trying this list.
+ If you do support multiple versions of an extension using this method,
+ consider adding a CreateResponse method to your request extension class
+ so that the response can have the context it needs to remain compatible
+ given the version of the extension in the request message.
+ The for an example.
+
+
+
+
+ Gets or sets a value indicating whether this extension was
+ signed by the sender.
+
+
+ true if this instance is signed by the sender; otherwise, false.
+
+
+
+
+ Gets the version of the protocol or extension this message is prepared to implement.
+
+ The value 1.0.
+
+ Implementations of this interface should ensure that this property never returns null.
+
+
+
+
+ Gets the extra, non-standard Protocol parameters included in the message.
+
+
+ Implementations of this interface should ensure that this property never returns null.
+
+
+
+
+ Constants used in implementing support for the UI extension.
+
+
+
+
+ The required width of the popup window the relying party creates for the provider.
+
+
+
+
+ The required height of the popup window the relying party creates for the provider.
+
+
+
+
+ An Identifier is either a "http" or "https" URI, or an XRI.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The original string before any normalization.
+ Whether the derived class is prepared to guarantee end-to-end discovery
+ and initial redirect for authentication is performed using SSL.
+
+
+
+ Converts the string representation of an Identifier to its strong type.
+
+ The identifier.
+ The particular Identifier instance to represent the value given.
+
+
+
+ Converts a given Uri to a strongly-typed Identifier.
+
+ The identifier to convert.
+ The result of the conversion.
+
+
+
+ Converts an Identifier to its string representation.
+
+ The identifier to convert to a string.
+ The result of the conversion.
+
+
+
+ Parses an identifier string and automatically determines
+ whether it is an XRI or URI.
+
+ Either a URI or XRI identifier.
+ An instance for the given value.
+
+
+
+ Parses an identifier string and automatically determines
+ whether it is an XRI or URI.
+
+ Either a URI or XRI identifier.
+ if set to true this Identifier will serialize exactly as given rather than in its normalized form.
+
+ An instance for the given value.
+
+
+
+
+ Attempts to parse a string for an OpenId Identifier.
+
+ The string to be parsed.
+ The parsed Identifier form.
+
+ True if the operation was successful. False if the string was not a valid OpenId Identifier.
+
+
+
+
+ Checks the validity of a given string representation of some Identifier.
+
+ The identifier.
+
+ true if the specified identifier is valid; otherwise, false.
+
+
+
+
+ Tests equality between two s.
+
+ The first Identifier.
+ The second Identifier.
+
+ true if the two instances should be considered equal; false otherwise.
+
+
+
+
+ Tests inequality between two s.
+
+ The first Identifier.
+ The second Identifier.
+
+ true if the two instances should be considered unequal; false if they are equal.
+
+
+
+
+ Tests equality between two s.
+
+ The to compare with the current .
+
+ true if the specified is equal to the current ; otherwise, false.
+
+
+ The parameter is null.
+
+
+
+
+ Gets the hash code for an for storage in a hashtable.
+
+
+ A hash code for the current .
+
+
+
+
+ Reparses the specified identifier in order to be assured that the concrete type that
+ implements the identifier is one of the well-known ones.
+
+ The identifier.
+ Either or .
+
+
+
+ Returns an that has no URI fragment.
+ Quietly returns the original if it is not
+ a or no fragment exists.
+
+ A new instance if there was a
+ fragment to remove, otherwise this same instance..
+
+
+
+ Converts a given identifier to its secure equivalent.
+ UriIdentifiers originally created with an implied HTTP scheme change to HTTPS.
+ Discovery is made to require SSL for the entire resolution process.
+
+
+ The newly created secure identifier.
+ If the conversion fails, retains
+ this identifiers identity, but will never discover any endpoints.
+
+
+ True if the secure conversion was successful.
+ False if the Identifier was originally created with an explicit HTTP scheme.
+
+
+
+
+ Gets the original string that was normalized to create this Identifier.
+
+
+
+
+ Gets the Identifier in the form in which it should be serialized.
+
+
+ For Identifiers that were originally deserialized, this is the exact same
+ string that was deserialized. For Identifiers instantiated in some other way, this is
+ the normalized form of the string used to instantiate the identifier.
+
+
+
+
+ Gets or sets a value indicating whether instances are considered equal
+ based solely on their string reprsentations.
+
+
+ This property serves as a test hook, so that MockIdentifier instances can be considered "equal"
+ to UriIdentifier instances.
+
+
+
+
+ Gets a value indicating whether this Identifier will ensure SSL is
+ used throughout the discovery phase and initial redirect of authentication.
+
+
+ If this is false, a value of true may be obtained by calling
+ .
+
+
+
+
+ Gets a value indicating whether this instance was initialized from
+ deserializing a message.
+
+
+ This is interesting because when an Identifier comes from the network,
+ we can't normalize it and then expect signatures to still verify.
+ But if the Identifier is initialized locally, we can and should normalize it
+ before serializing it.
+
+
+
+
+ Provides conversions to and from strings for messages that include members of this type.
+
+
+
+
+ Encodes the specified value as the original value that was formerly decoded.
+
+ The value. Guaranteed to never be null.
+ The in string form, ready for message transport.
+
+
+
+ Encodes the specified value.
+
+ The value. Guaranteed to never be null.
+ The in string form, ready for message transport.
+
+
+
+ Decodes the specified value.
+
+ The string value carried by the transport. Guaranteed to never be null, although it may be empty.
+ The deserialized form of the given string.
+ Thrown when the string value given cannot be decoded into the required object type.
+
+
+
+ Code Contract for the class.
+
+
+
+
+ Prevents a default instance of the IdentifierContract class from being created.
+
+
+
+
+ Returns an that has no URI fragment.
+ Quietly returns the original if it is not
+ a or no fragment exists.
+
+
+ A new instance if there was a
+ fragment to remove, otherwise this same instance..
+
+
+
+
+ Converts a given identifier to its secure equivalent.
+ UriIdentifiers originally created with an implied HTTP scheme change to HTTPS.
+ Discovery is made to require SSL for the entire resolution process.
+
+ The newly created secure identifier.
+ If the conversion fails, retains
+ this identifiers identity, but will never discover any endpoints.
+
+ True if the secure conversion was successful.
+ False if the Identifier was originally created with an explicit HTTP scheme.
+
+
+
+
+ A set of methods designed to assist in improving interop across different
+ OpenID implementations and their extensions.
+
+
+
+
+ The gender decoder to translate AX genders to Sreg.
+
+
+
+
+ Splits the AX attribute format flags into individual values for processing.
+
+ The formats to split up into individual flags.
+ A sequence of individual flags.
+
+
+
+ Transforms an AX attribute type URI from the axschema.org format into a given format.
+
+ The ax schema org format type URI.
+ The target format. Only one flag should be set.
+ The AX attribute type URI in the target format.
+
+
+
+ Detects the AX attribute type URI format from a given sample.
+
+ The type URIs to scan for recognized formats.
+ The first AX type URI format recognized in the list.
+
+
+
+ Adds an attribute fetch request if it is not already present in the AX request.
+
+ The AX request to add the attribute request to.
+ The format of the attribute's Type URI to use.
+ The attribute in axschema.org format.
+ The demand level.
+
+
+
+ Gets the gender decoder to translate AX genders to Sreg.
+
+
+
+
+ Represents a single OP endpoint from discovery on some OpenID Identifier.
+
+
+
+
+ Information published about an OpenId Provider by the
+ OpenId discovery documents found at a user's Claimed Identifier.
+
+
+ Because information provided by this interface is suppplied by a
+ user's individually published documents, it may be incomplete or inaccurate.
+
+
+
+
+ Checks whether the OpenId Identifier claims support for a given extension.
+
+ The extension whose support is being queried.
+ True if support for the extension is advertised. False otherwise.
+
+ Note that a true or false return value is no guarantee of a Provider's
+ support for or lack of support for an extension. The return value is
+ determined by how the authenticating user filled out his/her XRDS document only.
+ The only way to be sure of support for a given extension is to include
+ the extension in the request and see if a response comes back for that extension.
+
+
+
+
+ Checks whether the OpenId Identifier claims support for a given extension.
+
+ The extension whose support is being queried.
+ True if support for the extension is advertised. False otherwise.
+
+ Note that a true or false return value is no guarantee of a Provider's
+ support for or lack of support for an extension. The return value is
+ determined by how the authenticating user filled out his/her XRDS document only.
+ The only way to be sure of support for a given extension is to include
+ the extension in the request and see if a response comes back for that extension.
+
+
+
+
+ Gets the detected version of OpenID implemented by the Provider.
+
+
+
+
+ Gets the URL that the OpenID Provider receives authentication requests at.
+
+
+ This value MUST be an absolute HTTP or HTTPS URL.
+
+
+
+
+ Backing field for the property.
+
+
+
+
+ Backing field for the property.
+
+
+
+
+ Backing field for the property.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The provider endpoint.
+ The Claimed Identifier.
+ The User-supplied Identifier.
+ The Provider Local Identifier.
+ The service priority.
+ The URI priority.
+
+
+
+ Implements the operator ==.
+
+ The first service endpoint.
+ The second service endpoint.
+ The result of the operator.
+
+
+
+ Implements the operator !=.
+
+ The first service endpoint.
+ The second service endpoint.
+ The result of the operator.
+
+
+
+ Determines whether the specified is equal to the current .
+
+ The to compare with the current .
+
+ true if the specified is equal to the current ; otherwise, false.
+
+
+ The parameter is null.
+
+
+
+
+ Serves as a hash function for a particular type.
+
+
+ A hash code for the current .
+
+
+
+
+ Returns a that represents the current .
+
+
+ A that represents the current .
+
+
+
+
+ Checks whether the OpenId Identifier claims support for a given extension.
+
+ The extension whose support is being queried.
+
+ True if support for the extension is advertised. False otherwise.
+
+
+ Note that a true or false return value is no guarantee of a Provider's
+ support for or lack of support for an extension. The return value is
+ determined by how the authenticating user filled out his/her XRDS document only.
+ The only way to be sure of support for a given extension is to include
+ the extension in the request and see if a response comes back for that extension.
+
+
+
+
+ Checks whether the OpenId Identifier claims support for a given extension.
+
+ The extension whose support is being queried.
+
+ True if support for the extension is advertised. False otherwise.
+
+
+ Note that a true or false return value is no guarantee of a Provider's
+ support for or lack of support for an extension. The return value is
+ determined by how the authenticating user filled out his/her XRDS document only.
+ The only way to be sure of support for a given extension is to include
+ the extension in the request and see if a response comes back for that extension.
+
+
+
+
+ Determines whether a given extension is supported by this endpoint.
+
+ An instance of the extension to check support for.
+
+ true if the extension is supported by this endpoint; otherwise, false.
+
+
+
+
+ Creates a instance to represent some OP Identifier.
+
+ The provider identifier (actually the user-supplied identifier).
+ The provider endpoint.
+ The service priority.
+ The URI priority.
+ The created instance
+
+
+
+ Creates a instance to represent some Claimed Identifier.
+
+ The claimed identifier.
+ The provider local identifier.
+ The provider endpoint.
+ The service priority.
+ The URI priority.
+ The created instance
+
+
+
+ Creates a instance to represent some Claimed Identifier.
+
+ The claimed identifier.
+ The user supplied identifier.
+ The provider local identifier.
+ The provider endpoint.
+ The service priority.
+ The URI priority.
+ The created instance
+
+
+
+ Determines whether a given type URI is present on the specified provider endpoint.
+
+ The type URI.
+
+ true if the type URI is present on the specified provider endpoint; otherwise, false.
+
+
+
+
+ Sets the Capabilities property (this method is a test hook.)
+
+ The value.
+ The publicize.exe tool should work for the unit tests, but for some reason it fails on the build server.
+
+
+
+ Gets the priority rating for a given type of endpoint, allowing a
+ priority sorting of endpoints.
+
+ The endpoint to prioritize.
+ An arbitary integer, which may be used for sorting against other returned values from this method.
+
+
+
+ Gets the detected version of OpenID implemented by the Provider.
+
+
+
+
+ Gets the Identifier that was presented by the end user to the Relying Party,
+ or selected by the user at the OpenID Provider.
+ During the initiation phase of the protocol, an end user may enter
+ either their own Identifier or an OP Identifier. If an OP Identifier
+ is used, the OP may then assist the end user in selecting an Identifier
+ to share with the Relying Party.
+
+
+
+
+ Gets the Identifier that the end user claims to control.
+
+
+
+
+ Gets an alternate Identifier for an end user that is local to a
+ particular OP and thus not necessarily under the end user's
+ control.
+
+
+
+
+ Gets a more user-friendly (but NON-secure!) string to display to the user as his identifier.
+
+ A human-readable, abbreviated (but not secure) identifier the user MAY recognize as his own.
+
+
+
+ Gets the provider endpoint.
+
+
+
+
+ Gets the @priority given in the XRDS document for this specific OP endpoint.
+
+
+
+
+ Gets the @priority given in the XRDS document for this service
+ (which may consist of several endpoints).
+
+
+
+
+ Gets the collection of service type URIs found in the XRDS document describing this Provider.
+
+ Should never be null, but may be empty.
+
+
+
+ Gets the URL that the OpenID Provider receives authentication requests at.
+
+ This value MUST be an absolute HTTP or HTTPS URL.
+
+
+
+ Gets an XRDS sorting routine that uses the XRDS Service/@Priority
+ attribute to determine order.
+
+
+ Endpoints lacking any priority value are sorted to the end of the list.
+
+
+
+
+ Gets the protocol used by the OpenID Provider.
+
+
+
+
+ A module that provides discovery services for OpenID identifiers.
+
+
+
+
+ Performs discovery on the specified identifier.
+
+ The identifier to perform discovery on.
+ The means to place outgoing HTTP requests.
+ if set to true, no further discovery services will be called for this identifier.
+
+ A sequence of service endpoints yielded by discovery. Must not be null, but may be empty.
+
+
+
+
+ Code contract for the interface.
+
+
+
+
+ Prevents a default instance of the class from being created.
+
+
+
+
+ Performs discovery on the specified identifier.
+
+ The identifier to perform discovery on.
+ The means to place outgoing HTTP requests.
+ if set to true, no further discovery services will be called for this identifier.
+
+ A sequence of service endpoints yielded by discovery. Must not be null, but may be empty.
+
+
+
+
+ A service that can perform discovery on OpenID identifiers.
+
+
+
+
+ The RP or OP that is hosting these services.
+
+
+
+
+ Backing field for the property.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The RP or OP that creates this instance.
+
+
+
+ Performs discovery on the specified identifier.
+
+ The identifier to discover services for.
+ A non-null sequence of services discovered for the identifier.
+
+
+
+ Gets the list of services that can perform discovery on identifiers given.
+
+
+
+
+ An interface implemented by both providers and relying parties.
+
+
+
+
+ Gets the security settings.
+
+
+
+
+ Gets the web request handler.
+
+
+
+
+ Code contract for the type.
+
+
+
+
+ Prevents a default instance of the class from being created.
+
+
+
+
+ Checks whether the OpenId Identifier claims support for a given extension.
+
+ The extension whose support is being queried.
+
+ True if support for the extension is advertised. False otherwise.
+
+
+ Note that a true or false return value is no guarantee of a Provider's
+ support for or lack of support for an extension. The return value is
+ determined by how the authenticating user filled out his/her XRDS document only.
+ The only way to be sure of support for a given extension is to include
+ the extension in the request and see if a response comes back for that extension.
+
+
+
+
+ Checks whether the OpenId Identifier claims support for a given extension.
+
+ The extension whose support is being queried.
+
+ True if support for the extension is advertised. False otherwise.
+
+
+ Note that a true or false return value is no guarantee of a Provider's
+ support for or lack of support for an extension. The return value is
+ determined by how the authenticating user filled out his/her XRDS document only.
+ The only way to be sure of support for a given extension is to include
+ the extension in the request and see if a response comes back for that extension.
+
+
+
+
+ Gets the detected version of OpenID implemented by the Provider.
+
+
+
+
+ Gets the URL that the OpenID Provider receives authentication requests at.
+
+
+
+
+ Instances of this interface represent incoming authentication requests.
+ This interface provides the details of the request and allows setting
+ the response.
+
+
+
+
+ Interface exposing incoming messages to the OpenID Provider that
+ require interaction with the host site.
+
+
+
+
+ Represents an incoming OpenId authentication request.
+
+
+ Requests may be infrastructural to OpenID and allow auto-responses, or they may
+ be authentication requests where the Provider site has to make decisions based
+ on its own user database and policies.
+
+
+
+
+ Adds an extension to the response to send to the relying party.
+
+ The extension to add to the response message.
+
+
+
+ Removes any response extensions previously added using .
+
+
+ This should be called before sending a negative response back to the relying party
+ if extensions were already added, since negative responses cannot carry extensions.
+
+
+
+
+ Gets an extension sent from the relying party.
+
+ The type of the extension.
+ An instance of the extension initialized with values passed in with the request.
+
+
+
+ Gets an extension sent from the relying party.
+
+ The type of the extension.
+ An instance of the extension initialized with values passed in with the request.
+
+
+
+ Gets a value indicating whether the response is ready to be sent to the user agent.
+
+
+ This property returns false if there are properties that must be set on this
+ request instance before the response can be sent.
+
+
+
+
+ Gets or sets the security settings that apply to this request.
+
+ Defaults to the OpenIdProvider.SecuritySettings on the OpenIdProvider.
+
+
+
+ Attempts to perform relying party discovery of the return URL claimed by the Relying Party.
+
+ The web request handler.
+
+ The details of how successful the relying party discovery was.
+
+
+ Return URL verification is only attempted if this method is called.
+ See OpenID Authentication 2.0 spec section 9.2.1.
+
+
+
+
+ Gets the version of OpenID being used by the relying party that sent the request.
+
+
+
+
+ Gets the URL the consumer site claims to use as its 'base' address.
+
+
+
+
+ Gets a value indicating whether the consumer demands an immediate response.
+ If false, the consumer is willing to wait for the identity provider
+ to authenticate the user.
+
+
+
+
+ Gets or sets the provider endpoint claimed in the positive assertion.
+
+
+ The default value is the URL that the request came in on from the relying party.
+ This value MUST match the value for the OP Endpoint in the discovery results for the
+ claimed identifier being asserted in a positive response.
+
+
+
+
+ Adds an optional fragment (#fragment) portion to the ClaimedIdentifier.
+ Useful for identifier recycling.
+
+
+ Should not include the # prefix character as that will be added internally.
+ May be null or the empty string to clear a previously set fragment.
+
+
+ Unlike the property, which can only be set if
+ using directed identity, this method can be called on any URI claimed identifier.
+ Because XRI claimed identifiers (the canonical IDs) are never recycled,
+ this method shouldnot be called for XRIs.
+
+
+ Thrown when this method is called on an XRI, or on a directed identity
+ request before the property is set.
+
+
+
+
+ Gets a value indicating whether the Provider should help the user
+ select a Claimed Identifier to send back to the relying party.
+
+
+
+
+ Gets a value indicating whether the requesting Relying Party is using a delegated URL.
+
+
+ When delegated identifiers are used, the should not
+ be changed at the Provider during authentication.
+ Delegation is only detectable on requests originating from OpenID 2.0 relying parties.
+ A relying party implementing only OpenID 1.x may use delegation and this property will
+ return false anyway.
+
+
+
+
+ Gets or sets the Local Identifier to this OpenID Provider of the user attempting
+ to authenticate. Check to see if
+ this value is valid.
+
+
+ This may or may not be the same as the Claimed Identifier that the user agent
+ originally supplied to the relying party. The Claimed Identifier
+ endpoint may be delegating authentication to this provider using
+ this provider's local id, which is what this property contains.
+ Use this identifier when looking up this user in the provider's user account
+ list.
+
+
+
+
+ Gets or sets the identifier that the user agent is claiming at the relying party site.
+ Check to see if this value is valid.
+
+
+ This property can only be set if is
+ false, to prevent breaking URL delegation.
+ This will not be the same as this provider's local identifier for the user
+ if the user has set up his/her own identity page that points to this
+ provider for authentication.
+ The provider may use this identifier for displaying to the user when
+ asking for the user's permission to authenticate to the relying party.
+
+ Thrown from the setter
+ if is true.
+
+
+
+ Gets or sets a value indicating whether the provider has determined that the
+ belongs to the currently logged in user
+ and wishes to share this information with the consumer.
+
+
+
+
+ Code contract class for the type.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Adds an optional fragment (#fragment) portion to the ClaimedIdentifier.
+ Useful for identifier recycling.
+
+ Should not include the # prefix character as that will be added internally.
+ May be null or the empty string to clear a previously set fragment.
+
+ Unlike the property, which can only be set if
+ using directed identity, this method can be called on any URI claimed identifier.
+ Because XRI claimed identifiers (the canonical IDs) are never recycled,
+ this method shouldnot be called for XRIs.
+
+
+ Thrown when this method is called on an XRI, or on a directed identity
+ request before the property is set.
+
+
+
+
+ Attempts to perform relying party discovery of the return URL claimed by the Relying Party.
+
+ The web request handler to use for the RP discovery request.
+
+ The details of how successful the relying party discovery was.
+
+
+ Return URL verification is only attempted if this method is called.
+ See OpenID Authentication 2.0 spec section 9.2.1.
+
+
+
+
+ Adds an extension to the response to send to the relying party.
+
+ The extension to add to the response message.
+
+
+
+ Removes any response extensions previously added using .
+
+
+ This should be called before sending a negative response back to the relying party
+ if extensions were already added, since negative responses cannot carry extensions.
+
+
+
+
+ Gets an extension sent from the relying party.
+
+ The type of the extension.
+
+ An instance of the extension initialized with values passed in with the request.
+
+
+
+
+ Gets an extension sent from the relying party.
+
+ The type of the extension.
+
+ An instance of the extension initialized with values passed in with the request.
+
+
+
+
+ Gets a value indicating whether the Provider should help the user
+ select a Claimed Identifier to send back to the relying party.
+
+
+
+
+ Gets a value indicating whether the requesting Relying Party is using a delegated URL.
+
+
+ When delegated identifiers are used, the should not
+ be changed at the Provider during authentication.
+ Delegation is only detectable on requests originating from OpenID 2.0 relying parties.
+ A relying party implementing only OpenID 1.x may use delegation and this property will
+ return false anyway.
+
+
+
+
+ Gets or sets the Local Identifier to this OpenID Provider of the user attempting
+ to authenticate. Check to see if
+ this value is valid.
+
+
+ This may or may not be the same as the Claimed Identifier that the user agent
+ originally supplied to the relying party. The Claimed Identifier
+ endpoint may be delegating authentication to this provider using
+ this provider's local id, which is what this property contains.
+ Use this identifier when looking up this user in the provider's user account
+ list.
+
+
+
+
+ Gets or sets the identifier that the user agent is claiming at the relying party site.
+ Check to see if this value is valid.
+
+
+ This property can only be set if is
+ false, to prevent breaking URL delegation.
+ This will not be the same as this provider's local identifier for the user
+ if the user has set up his/her own identity page that points to this
+ provider for authentication.
+ The provider may use this identifier for displaying to the user when
+ asking for the user's permission to authenticate to the relying party.
+
+ Thrown from the setter
+ if is true.
+
+
+
+ Gets or sets a value indicating whether the provider has determined that the
+ belongs to the currently logged in user
+ and wishes to share this information with the consumer.
+
+
+
+
+ Gets the version of OpenID being used by the relying party that sent the request.
+
+
+
+
+ Gets the URL the consumer site claims to use as its 'base' address.
+
+
+
+
+ Gets a value indicating whether the consumer demands an immediate response.
+ If false, the consumer is willing to wait for the identity provider
+ to authenticate the user.
+
+
+
+
+ Gets or sets the provider endpoint claimed in the positive assertion.
+
+
+ The default value is the URL that the request came in on from the relying party.
+ This value MUST match the value for the OP Endpoint in the discovery results for the
+ claimed identifier being asserted in a positive response.
+
+
+
+
+ Gets a value indicating whether the response is ready to be sent to the user agent.
+
+
+ This property returns false if there are properties that must be set on this
+ request instance before the response can be sent.
+
+
+
+
+ Gets or sets the security settings that apply to this request.
+
+
+ Defaults to the OpenIdProvider.SecuritySettings on the OpenIdProvider.
+
+
+
+
+ Code contract for the type.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Adds an extension to the response to send to the relying party.
+
+ The extension to add to the response message.
+
+
+
+ Removes any response extensions previously added using .
+
+
+ This should be called before sending a negative response back to the relying party
+ if extensions were already added, since negative responses cannot carry extensions.
+
+
+
+
+ Gets an extension sent from the relying party.
+
+ The type of the extension.
+
+ An instance of the extension initialized with values passed in with the request.
+
+
+
+
+ Gets an extension sent from the relying party.
+
+ The type of the extension.
+
+ An instance of the extension initialized with values passed in with the request.
+
+
+
+
+ Attempts to perform relying party discovery of the return URL claimed by the Relying Party.
+
+ The web request handler.
+
+ The details of how successful the relying party discovery was.
+
+
+ Return URL verification is only attempted if this method is called.
+ See OpenID Authentication 2.0 spec section 9.2.1.
+
+
+
+
+ Gets the version of OpenID being used by the relying party that sent the request.
+
+
+
+
+ Gets the URL the consumer site claims to use as its 'base' address.
+
+
+
+
+ Gets a value indicating whether the consumer demands an immediate response.
+ If false, the consumer is willing to wait for the identity provider
+ to authenticate the user.
+
+
+
+
+ Gets or sets the provider endpoint.
+
+
+ The default value is the URL that the request came in on from the relying party.
+
+
+
+
+ Gets or sets the security settings that apply to this request.
+
+
+ Defaults to the OpenIdProvider.SecuritySettings on the OpenIdProvider.
+
+
+
+
+ Gets a value indicating whether the response is ready to be sent to the user agent.
+
+
+ This property returns false if there are properties that must be set on this
+ request instance before the response can be sent.
+
+
+
+
+ Applies a custom security policy to certain OpenID security settings and behaviors.
+
+
+
+
+ Applies a well known set of security requirements to a default set of security settings.
+
+ The security settings to enhance with the requirements of this profile.
+
+ Care should be taken to never decrease security when applying a profile.
+ Profiles should only enhance security requirements to avoid being
+ incompatible with each other.
+
+
+
+
+ Called when a request is received by the Provider.
+
+ The incoming request.
+
+ true if this behavior owns this request and wants to stop other behaviors
+ from handling it; false to allow other behaviors to process this request.
+
+
+ Implementations may set a new value to but
+ should not change the properties on the instance of
+ itself as that instance may be shared across many requests.
+
+
+
+
+ Called when the Provider is preparing to send a response to an authentication request.
+
+ The request that is configured to generate the outgoing response.
+
+ true if this behavior owns this request and wants to stop other behaviors
+ from handling it; false to allow other behaviors to process this request.
+
+
+
+
+ Code contract for the type.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Applies a well known set of security requirements to a default set of security settings.
+
+ The security settings to enhance with the requirements of this profile.
+
+ Care should be taken to never decrease security when applying a profile.
+ Profiles should only enhance security requirements to avoid being
+ incompatible with each other.
+
+
+
+
+ Called when a request is received by the Provider.
+
+ The incoming request.
+
+ true if this behavior owns this request and wants to stop other behaviors
+ from handling it; false to allow other behaviors to process this request.
+
+
+ Implementations may set a new value to but
+ should not change the properties on the instance of
+ itself as that instance may be shared across many requests.
+
+
+
+
+ Called when the Provider is preparing to send a response to an authentication request.
+
+ The request that is configured to generate the outgoing response.
+
+ true if this behavior owns this request and wants to stop other behaviors
+ from handling it; false to allow other behaviors to process this request.
+
+
+
+
+ Code contract for the interface.
+
+
+
+
+ Prevents a default instance of the class from being created.
+
+
+
+
+ Adds an extension to the response to send to the relying party.
+
+ The extension to add to the response message.
+
+
+
+ Removes any response extensions previously added using .
+
+
+ This should be called before sending a negative response back to the relying party
+ if extensions were already added, since negative responses cannot carry extensions.
+
+
+
+
+ Gets an extension sent from the relying party.
+
+ The type of the extension.
+
+ An instance of the extension initialized with values passed in with the request.
+
+
+
+
+ Gets an extension sent from the relying party.
+
+ The type of the extension.
+
+ An instance of the extension initialized with values passed in with the request.
+
+
+
+
+ Gets or sets the security settings that apply to this request.
+
+ Defaults to the OpenIdProvider.SecuritySettings on the OpenIdProvider.
+
+
+
+ Gets a value indicating whether the response is ready to be sent to the user agent.
+
+
+ This property returns false if there are properties that must be set on this
+ request instance before the response can be sent.
+
+
+
+
+ Security settings that are applicable to providers.
+
+
+
+
+ Security settings that may be applicable to both relying parties and providers.
+
+
+
+
+ Gets the default minimum hash bit length.
+
+
+
+
+ Gets the maximum hash bit length default for relying parties.
+
+
+
+
+ Gets the maximum hash bit length default for providers.
+
+
+
+
+ Initializes a new instance of the class.
+
+ A value indicating whether this class is being instantiated for a Provider.
+
+
+
+ Determines whether a named association fits the security requirements.
+
+ The protocol carrying the association.
+ The value of the openid.assoc_type parameter.
+
+ true if the association is permitted given the security requirements; otherwise, false.
+
+
+
+
+ Determines whether a given association fits the security requirements.
+
+ The association to check.
+
+ true if the association is permitted given the security requirements; otherwise, false.
+
+
+
+
+ Gets or sets the minimum hash length (in bits) allowed to be used in an
+ with the remote party. The default is 160.
+
+
+ SHA-1 (160 bits) has been broken. The minimum secure hash length is now 256 bits.
+ The default is still a 160 bit minimum to allow interop with common remote parties,
+ such as Yahoo! that only supports 160 bits.
+ For sites that require high security such as to store bank account information and
+ health records, 256 is the recommended value.
+
+
+
+
+ Gets or sets the maximum hash length (in bits) allowed to be used in an
+ with the remote party. The default is 256 for relying parties and 512 for providers.
+
+
+ The longer the bit length, the more secure the identities of your visitors are.
+ Setting a value higher than 256 on a relying party site may reduce performance
+ as many association requests will be denied, causing secondary requests or even
+ authentication failures.
+ Setting a value higher than 256 on a provider increases security where possible
+ without these side-effects.
+
+
+
+
+ Gets or sets a value indicating whether identifiers that are both OP Identifiers and Claimed Identifiers
+ should ever be recognized as claimed identifiers.
+
+
+ The default value is false, per the OpenID 2.0 spec.
+
+
+ OpenID 2.0 sections 7.3.2.2 and 11.2 specify that OP Identifiers never be recognized as Claimed Identifiers.
+ However, for some scenarios it may be desirable for an RP to override this behavior and allow this.
+ The security ramifications of setting this property to true have not been fully explored and
+ therefore this setting should only be changed with caution.
+
+
+
+
+ The default value for the property.
+
+
+
+
+ The default value for the property.
+
+
+
+
+ The default value for the property.
+
+
+
+
+ The default value for the property.
+
+
+
+
+ The subset of association types and their customized lifetimes.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Creates a deep clone of this instance.
+
+ A new instance that is a deep clone of this instance.
+
+
+
+ Gets a subset of the available association types and their
+ customized maximum lifetimes.
+
+
+
+
+ Gets or sets a value indicating whether Relying Party discovery will only
+ succeed if done over a secure HTTPS channel.
+
+ Default is false.
+
+
+
+ Gets or sets the level of verification a Provider performs on an identifier before
+ sending an unsolicited assertion for it.
+
+ The default value is .
+
+
+
+ Gets or sets a value indicating whether the Provider should ease the burden of storing associations
+ by encoding them in signed, encrypted form into the association handles themselves, storing only
+ a few rotating, private symmetric keys in the Provider's store instead.
+
+ The default value for this property is true.
+
+
+
+ Gets or sets a value indicating whether OpenID 1.x relying parties that may not be
+ protecting their users from replay attacks are protected from
+ replay attacks by this provider.
+
+ The default value is true.
+
+ Nonces for protection against replay attacks were not mandated
+ by OpenID 1.x, which leaves users open to replay attacks.
+ This feature works by preventing associations from being used
+ with OpenID 1.x relying parties, thereby forcing them into
+ "dumb" mode and verifying every claim with this provider.
+ This gives the provider an opportunity to verify its own nonce
+ to protect against replay attacks.
+
+
+
+
+ Gets or sets a value indicating whether outgoing extensions are always signed.
+
+
+ true if outgoing extensions should be signed; otherwise, false.
+ The default is true.
+
+
+ This property is internal because Providers should never turn it off, but it is
+ needed for testing the RP's rejection of unsigned extensions.
+
+
+
+
+ The behavior a Provider takes when verifying that it is authoritative for an
+ identifier it is about to send an unsolicited assertion for.
+
+
+
+
+ Always verify that the Provider is authoritative for an identifier before
+ sending an unsolicited assertion for it and fail if it is not.
+
+
+
+
+ Always check that the Provider is authoritative for an identifier before
+ sending an unsolicited assertion for it, but only log failures, and proceed
+ to send the unsolicited assertion.
+
+
+
+
+ Never verify that the Provider is authoritative for an identifier before
+ sending an unsolicited assertion for it.
+
+
+ This setting is useful for web servers that refuse to allow a Provider to
+ introspectively perform an HTTP GET on itself, when sending unsolicited assertions
+ for identifiers that the OP controls.
+
+
+
+
+ The result codes that may be returned from an attempt at relying party discovery.
+
+
+
+
+ Relying Party discovery failed to find an XRDS document or the document was invalid.
+
+
+ This can happen either when a relying party does not offer a service document at all,
+ or when a man-in-the-middle attack is in progress that prevents the Provider from being
+ able to discover that document.
+
+
+
+
+ Relying Party discovery yielded a valid XRDS document, but no matching return_to URI was found.
+
+
+ This is perhaps the most dangerous rating for a relying party, since it suggests that
+ they are implementing OpenID 2.0 securely, but that a hijack operation may be in progress.
+
+
+
+
+ Relying Party discovery succeeded, and a matching return_to URI was found.
+
+
+
+
+ An enumeration of the possible results of an authentication attempt.
+
+
+
+
+ The authentication was canceled by the user agent while at the provider.
+
+
+
+
+ The authentication failed because an error was detected in the OpenId communication.
+
+
+
+
+ The Provider responded to a request for immediate authentication approval
+ with a message stating that additional user agent interaction is required
+ before authentication can be completed.
+ Casting the to a
+ ISetupRequiredAuthenticationResponse in this case can help
+ you retry the authentication using setup (non-immediate) mode.
+
+
+
+
+ Authentication is completed successfully.
+
+
+
+
+ The Provider sent a message that did not contain an identity assertion,
+ but may carry OpenID extensions.
+
+
+
+
+ Instances of this interface represent relying party authentication
+ requests that may be queried/modified in specific ways before being
+ routed to the OpenID Provider.
+
+
+
+
+ Makes a dictionary of key/value pairs available when the authentication is completed.
+
+ The arguments to add to the request's return_to URI. Values must not be null.
+
+ Note that these values are NOT protected against eavesdropping in transit. No
+ privacy-sensitive data should be stored using this method.
+ The values stored here can be retrieved using
+ , which will only return the value
+ if it can be verified as untampered with in transit.
+ Since the data set here is sent in the querystring of the request and some
+ servers place limits on the size of a request URL, this data should be kept relatively
+ small to ensure successful authentication. About 1.5KB is about all that should be stored.
+
+
+
+
+ Makes a key/value pair available when the authentication is completed.
+
+ The parameter name.
+ The value of the argument. Must not be null.
+
+ Note that these values are NOT protected against eavesdropping in transit. No
+ privacy-sensitive data should be stored using this method.
+ The value stored here can be retrieved using
+ , which will only return the value
+ if it can be verified as untampered with in transit.
+ Since the data set here is sent in the querystring of the request and some
+ servers place limits on the size of a request URL, this data should be kept relatively
+ small to ensure successful authentication. About 1.5KB is about all that should be stored.
+
+
+
+
+ Makes a key/value pair available when the authentication is completed.
+
+ The parameter name.
+ The value of the argument. Must not be null.
+
+ Note that these values are NOT protected against eavesdropping in transit. No
+ security-sensitive data should be stored using this method.
+ The value stored here can be retrieved using
+ .
+ Since the data set here is sent in the querystring of the request and some
+ servers place limits on the size of a request URL, this data should be kept relatively
+ small to ensure successful authentication. About 1.5KB is about all that should be stored.
+
+
+
+
+ Makes a key/value pair available when the authentication is completed without
+ requiring a return_to signature to protect against tampering of the callback argument.
+
+ The parameter name.
+ The value of the argument. Must not be null.
+
+ Note that these values are NOT protected against eavesdropping or tampering in transit. No
+ security-sensitive data should be stored using this method.
+ The value stored here can be retrieved using
+ .
+ Since the data set here is sent in the querystring of the request and some
+ servers place limits on the size of a request URL, this data should be kept relatively
+ small to ensure successful authentication. About 1.5KB is about all that should be stored.
+
+
+
+
+ Adds an OpenID extension to the request directed at the OpenID provider.
+
+ The initialized extension to add to the request.
+
+
+
+ Redirects the user agent to the provider for authentication.
+ Execution of the current page terminates after this call.
+
+
+ This method requires an ASP.NET HttpContext.
+
+
+
+
+ Gets or sets the mode the Provider should use during authentication.
+
+
+
+
+ Gets the HTTP response the relying party should send to the user agent
+ to redirect it to the OpenID Provider to start the OpenID authentication process.
+
+
+
+
+ Gets the URL that the user agent will return to after authentication
+ completes or fails at the Provider.
+
+
+
+
+ Gets the URL that identifies this consumer web application that
+ the Provider will display to the end user.
+
+
+
+
+ Gets the Claimed Identifier that the User Supplied Identifier
+ resolved to. Null if the user provided an OP Identifier
+ (directed identity).
+
+
+ Null is returned if the user is using the directed identity feature
+ of OpenID 2.0 to make it nearly impossible for a relying party site
+ to improperly store the reserved OpenID URL used for directed identity
+ as a user's own Identifier.
+ However, to test for the Directed Identity feature, please test the
+ property rather than testing this
+ property for a null value.
+
+
+
+
+ Gets a value indicating whether the authenticating user has chosen to let the Provider
+ determine and send the ClaimedIdentifier after authentication.
+
+
+
+
+ Gets or sets a value indicating whether this request only carries extensions
+ and is not a request to verify that the user controls some identifier.
+
+
+ true if this request is merely a carrier of extensions and is not
+ about an OpenID identifier; otherwise, false.
+
+
+ Although OpenID is first and primarily an authentication protocol, its extensions
+ can be interesting all by themselves. For instance, a relying party might want
+ to know that its user is over 21 years old, or perhaps a member of some organization.
+ OpenID extensions can provide this, without any need for asserting the identity of the user.
+ Constructing an OpenID request for only extensions can be done by calling
+ OpenIdRelyingParty.CreateRequest with any valid OpenID identifier
+ (claimed identifier or OP identifier). But once this property is set to true,
+ the claimed identifier value in the request is not included in the transmitted message.
+ It is anticipated that an RP would only issue these types of requests to OPs that
+ trusts to make assertions regarding the individual holding an account at that OP, so it
+ is not likely that the RP would allow the user to type in an arbitrary claimed identifier
+ without checking that it resolved to an OP endpoint the RP has on a trust whitelist.
+
+
+
+
+ Gets information about the OpenId Provider, as advertised by the
+ OpenID discovery documents found at the
+ location.
+
+
+
+
+ Gets the discovery result leading to the formulation of this request.
+
+ The discovery result.
+
+
+
+ An instance of this interface represents an identity assertion
+ from an OpenID Provider. It may be in response to an authentication
+ request previously put to it by a Relying Party site or it may be an
+ unsolicited assertion.
+
+
+ Relying party web sites should handle both solicited and unsolicited
+ assertions. This interface does not offer a way to discern between
+ solicited and unsolicited assertions as they should be treated equally.
+
+
+
+
+ Gets a callback argument's value that was previously added using
+ .
+
+ The name of the parameter whose value is sought.
+
+ The value of the argument, or null if the named parameter could not be found.
+
+
+ Callback parameters are only available if they are complete and untampered with
+ since the original request message (as proven by a signature).
+ If the relying party is operating in stateless mode null is always
+ returned since the callback arguments could not be signed to protect against
+ tampering.
+
+
+
+
+ Gets a callback argument's value that was previously added using
+ .
+
+ The name of the parameter whose value is sought.
+
+ The value of the argument, or null if the named parameter could not be found.
+
+
+ Callback parameters are only available even if the RP is in stateless mode,
+ or the callback parameters are otherwise unverifiable as untampered with.
+ Therefore, use this method only when the callback argument is not to be
+ used to make a security-sensitive decision.
+
+
+
+
+ Gets all the callback arguments that were previously added using
+ or as a natural part
+ of the return_to URL.
+
+ A name-value dictionary. Never null.
+
+ Callback parameters are only available if they are complete and untampered with
+ since the original request message (as proven by a signature).
+ If the relying party is operating in stateless mode an empty dictionary is always
+ returned since the callback arguments could not be signed to protect against
+ tampering.
+
+
+
+
+ Gets all the callback arguments that were previously added using
+ or as a natural part
+ of the return_to URL.
+
+ A name-value dictionary. Never null.
+
+ Callback parameters are only available even if the RP is in stateless mode,
+ or the callback parameters are otherwise unverifiable as untampered with.
+ Therefore, use this method only when the callback argument is not to be
+ used to make a security-sensitive decision.
+
+
+
+
+ Tries to get an OpenID extension that may be present in the response.
+
+ The type of extension to look for in the response message.
+
+ The extension, if it is found. Null otherwise.
+
+
+ Extensions are returned only if the Provider signed them.
+ Relying parties that do not care if the values were modified in
+ transit should use the method
+ in order to allow the Provider to not sign the extension.
+ Unsigned extensions are completely unreliable and should be
+ used only to prefill user forms since the user or any other third
+ party may have tampered with the data carried by the extension.
+ Signed extensions are only reliable if the relying party
+ trusts the OpenID Provider that signed them. Signing does not mean
+ the relying party can trust the values -- it only means that the values
+ have not been tampered with since the Provider sent the message.
+
+
+
+
+ Tries to get an OpenID extension that may be present in the response.
+
+ Type of the extension to look for in the response.
+
+ The extension, if it is found. Null otherwise.
+
+
+ Extensions are returned only if the Provider signed them.
+ Relying parties that do not care if the values were modified in
+ transit should use the method
+ in order to allow the Provider to not sign the extension.
+ Unsigned extensions are completely unreliable and should be
+ used only to prefill user forms since the user or any other third
+ party may have tampered with the data carried by the extension.
+ Signed extensions are only reliable if the relying party
+ trusts the OpenID Provider that signed them. Signing does not mean
+ the relying party can trust the values -- it only means that the values
+ have not been tampered with since the Provider sent the message.
+
+
+
+
+ Tries to get an OpenID extension that may be present in the response, without
+ requiring it to be signed by the Provider.
+
+ The type of extension to look for in the response message.
+
+ The extension, if it is found. Null otherwise.
+
+
+ Extensions are returned whether they are signed or not.
+ Use the method to retrieve
+ extension responses only if they are signed by the Provider to
+ protect against tampering.
+ Unsigned extensions are completely unreliable and should be
+ used only to prefill user forms since the user or any other third
+ party may have tampered with the data carried by the extension.
+ Signed extensions are only reliable if the relying party
+ trusts the OpenID Provider that signed them. Signing does not mean
+ the relying party can trust the values -- it only means that the values
+ have not been tampered with since the Provider sent the message.
+
+
+
+
+ Tries to get an OpenID extension that may be present in the response, without
+ requiring it to be signed by the Provider.
+
+ Type of the extension to look for in the response.
+
+ The extension, if it is found. Null otherwise.
+
+
+ Extensions are returned whether they are signed or not.
+ Use the method to retrieve
+ extension responses only if they are signed by the Provider to
+ protect against tampering.
+ Unsigned extensions are completely unreliable and should be
+ used only to prefill user forms since the user or any other third
+ party may have tampered with the data carried by the extension.
+ Signed extensions are only reliable if the relying party
+ trusts the OpenID Provider that signed them. Signing does not mean
+ the relying party can trust the values -- it only means that the values
+ have not been tampered with since the Provider sent the message.
+
+
+
+
+ Gets the Identifier that the end user claims to own. For use with user database storage and lookup.
+ May be null for some failed authentications (i.e. failed directed identity authentications).
+
+
+
+ This is the secure identifier that should be used for database storage and lookup.
+ It is not always friendly (i.e. =Arnott becomes =!9B72.7DD1.50A9.5CCD), but it protects
+ user identities against spoofing and other attacks.
+
+
+ For user-friendly identifiers to display, use the
+ property.
+
+
+
+
+
+ Gets a user-friendly OpenID Identifier for display purposes ONLY.
+
+
+
+ This should be put through before
+ sending to a browser to secure against javascript injection attacks.
+
+
+ This property retains some aspects of the user-supplied identifier that get lost
+ in the . For example, XRIs used as user-supplied
+ identifiers (i.e. =Arnott) become unfriendly unique strings (i.e. =!9B72.7DD1.50A9.5CCD).
+ For display purposes, such as text on a web page that says "You're logged in as ...",
+ this property serves to provide the =Arnott string, or whatever else is the most friendly
+ string close to what the user originally typed in.
+
+
+ If the user-supplied identifier is a URI, this property will be the URI after all
+ redirects, and with the protocol and fragment trimmed off.
+ If the user-supplied identifier is an XRI, this property will be the original XRI.
+ If the user-supplied identifier is an OpenID Provider identifier (i.e. yahoo.com),
+ this property will be the Claimed Identifier, with the protocol stripped if it is a URI.
+
+
+ It is very important that this property never be used for database storage
+ or lookup to avoid identity spoofing and other security risks. For database storage
+ and lookup please use the property.
+
+
+
+
+
+ Gets the detailed success or failure status of the authentication attempt.
+
+
+
+
+ Gets information about the OpenId Provider, as advertised by the
+ OpenID discovery documents found at the
+ location, if available.
+
+
+ The Provider endpoint that issued the positive assertion;
+ or null if information about the Provider is unavailable.
+
+
+
+
+ Gets the details regarding a failed authentication attempt, if available.
+ This will be set if and only if is .
+
+
+
+
+ Code contract for the type.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Gets a callback argument's value that was previously added using
+ .
+
+ The name of the parameter whose value is sought.
+
+ The value of the argument, or null if the named parameter could not be found.
+
+
+ This may return any argument on the querystring that came with the authentication response,
+ which may include parameters not explicitly added using
+ .
+ Note that these values are NOT protected against tampering in transit.
+
+
+
+
+ Gets all the callback arguments that were previously added using
+ or as a natural part
+ of the return_to URL.
+
+ A name-value dictionary. Never null.
+
+ This MAY return any argument on the querystring that came with the authentication response,
+ which may include parameters not explicitly added using
+ .
+ Note that these values are NOT protected against tampering in transit.
+
+
+
+
+ Tries to get an OpenID extension that may be present in the response.
+
+ The type of extension to look for in the response message.
+
+ The extension, if it is found. Null otherwise.
+
+
+ Extensions are returned only if the Provider signed them.
+ Relying parties that do not care if the values were modified in
+ transit should use the method
+ in order to allow the Provider to not sign the extension.
+ Unsigned extensions are completely unreliable and should be
+ used only to prefill user forms since the user or any other third
+ party may have tampered with the data carried by the extension.
+ Signed extensions are only reliable if the relying party
+ trusts the OpenID Provider that signed them. Signing does not mean
+ the relying party can trust the values -- it only means that the values
+ have not been tampered with since the Provider sent the message.
+
+
+
+
+ Tries to get an OpenID extension that may be present in the response.
+
+ Type of the extension to look for in the response.
+
+ The extension, if it is found. Null otherwise.
+
+
+ Extensions are returned only if the Provider signed them.
+ Relying parties that do not care if the values were modified in
+ transit should use the method
+ in order to allow the Provider to not sign the extension.
+ Unsigned extensions are completely unreliable and should be
+ used only to prefill user forms since the user or any other third
+ party may have tampered with the data carried by the extension.
+ Signed extensions are only reliable if the relying party
+ trusts the OpenID Provider that signed them. Signing does not mean
+ the relying party can trust the values -- it only means that the values
+ have not been tampered with since the Provider sent the message.
+
+
+
+
+ Tries to get an OpenID extension that may be present in the response, without
+ requiring it to be signed by the Provider.
+
+ The type of extension to look for in the response message.
+
+ The extension, if it is found. Null otherwise.
+
+
+ Extensions are returned whether they are signed or not.
+ Use the method to retrieve
+ extension responses only if they are signed by the Provider to
+ protect against tampering.
+ Unsigned extensions are completely unreliable and should be
+ used only to prefill user forms since the user or any other third
+ party may have tampered with the data carried by the extension.
+ Signed extensions are only reliable if the relying party
+ trusts the OpenID Provider that signed them. Signing does not mean
+ the relying party can trust the values -- it only means that the values
+ have not been tampered with since the Provider sent the message.
+
+
+
+
+ Tries to get an OpenID extension that may be present in the response, without
+ requiring it to be signed by the Provider.
+
+ Type of the extension to look for in the response.
+
+ The extension, if it is found. Null otherwise.
+
+
+ Extensions are returned whether they are signed or not.
+ Use the method to retrieve
+ extension responses only if they are signed by the Provider to
+ protect against tampering.
+ Unsigned extensions are completely unreliable and should be
+ used only to prefill user forms since the user or any other third
+ party may have tampered with the data carried by the extension.
+ Signed extensions are only reliable if the relying party
+ trusts the OpenID Provider that signed them. Signing does not mean
+ the relying party can trust the values -- it only means that the values
+ have not been tampered with since the Provider sent the message.
+
+
+
+
+ Gets a callback argument's value that was previously added using
+ .
+
+ The name of the parameter whose value is sought.
+
+ The value of the argument, or null if the named parameter could not be found.
+
+
+ Callback parameters are only available even if the RP is in stateless mode,
+ or the callback parameters are otherwise unverifiable as untampered with.
+ Therefore, use this method only when the callback argument is not to be
+ used to make a security-sensitive decision.
+
+
+
+
+ Gets all the callback arguments that were previously added using
+ or as a natural part
+ of the return_to URL.
+
+ A name-value dictionary. Never null.
+
+ Callback parameters are only available even if the RP is in stateless mode,
+ or the callback parameters are otherwise unverifiable as untampered with.
+ Therefore, use this method only when the callback argument is not to be
+ used to make a security-sensitive decision.
+
+
+
+
+ Gets the Identifier that the end user claims to own. For use with user database storage and lookup.
+ May be null for some failed authentications (i.e. failed directed identity authentications).
+
+
+
+
+ This is the secure identifier that should be used for database storage and lookup.
+ It is not always friendly (i.e. =Arnott becomes =!9B72.7DD1.50A9.5CCD), but it protects
+ user identities against spoofing and other attacks.
+
+
+ For user-friendly identifiers to display, use the
+ property.
+
+
+
+
+
+ Gets a user-friendly OpenID Identifier for display purposes ONLY.
+
+
+
+
+ This should be put through before
+ sending to a browser to secure against javascript injection attacks.
+
+
+ This property retains some aspects of the user-supplied identifier that get lost
+ in the . For example, XRIs used as user-supplied
+ identifiers (i.e. =Arnott) become unfriendly unique strings (i.e. =!9B72.7DD1.50A9.5CCD).
+ For display purposes, such as text on a web page that says "You're logged in as ...",
+ this property serves to provide the =Arnott string, or whatever else is the most friendly
+ string close to what the user originally typed in.
+
+
+ If the user-supplied identifier is a URI, this property will be the URI after all
+ redirects, and with the protocol and fragment trimmed off.
+ If the user-supplied identifier is an XRI, this property will be the original XRI.
+ If the user-supplied identifier is an OpenID Provider identifier (i.e. yahoo.com),
+ this property will be the Claimed Identifier, with the protocol stripped if it is a URI.
+
+
+ It is very important that this property never be used for database storage
+ or lookup to avoid identity spoofing and other security risks. For database storage
+ and lookup please use the property.
+
+
+
+
+
+ Gets the detailed success or failure status of the authentication attempt.
+
+
+
+
+
+ Gets information about the OpenId Provider, as advertised by the
+ OpenID discovery documents found at the
+ location, if available.
+
+
+ The Provider endpoint that issued the positive assertion;
+ or null if information about the Provider is unavailable.
+
+
+
+
+ Gets the details regarding a failed authentication attempt, if available.
+ This will be set if and only if is .
+
+
+
+
+
+ Applies a custom security policy to certain OpenID security settings and behaviors.
+
+
+
+
+ Applies a well known set of security requirements to a default set of security settings.
+
+ The security settings to enhance with the requirements of this profile.
+
+ Care should be taken to never decrease security when applying a profile.
+ Profiles should only enhance security requirements to avoid being
+ incompatible with each other.
+
+
+
+
+ Called when an authentication request is about to be sent.
+
+ The request.
+
+ Implementations should be prepared to be called multiple times on the same outgoing message
+ without malfunctioning.
+
+
+
+
+ Called when an incoming positive assertion is received.
+
+ The positive assertion.
+
+
+
+ Contract class for the interface.
+
+
+
+
+ Prevents a default instance of the class from being created.
+
+
+
+
+ Applies a well known set of security requirements to a default set of security settings.
+
+ The security settings to enhance with the requirements of this profile.
+
+ Care should be taken to never decrease security when applying a profile.
+ Profiles should only enhance security requirements to avoid being
+ incompatible with each other.
+
+
+
+
+ Called when an authentication request is about to be sent.
+
+ The request.
+
+ Implementations should be prepared to be called multiple times on the same outgoing message
+ without malfunctioning.
+
+
+
+
+ Called when an incoming positive assertion is received.
+
+ The positive assertion.
+
+
+
+ A message a Relying Party sends to a Provider to confirm the validity
+ of a positive assertion that was signed by a Provider-only secret.
+
+
+ The significant payload of this message depends entirely upon the
+ assertion message, and therefore is all in the
+ property bag.
+
+
+
+
+ A common base class for OpenID request messages and indirect responses (since they are ultimately requests).
+
+
+
+
+ The openid.ns parameter in the message.
+
+ "http://specs.openid.net/auth/2.0"
+
+ This particular value MUST be present for the request to be a valid OpenID Authentication 2.0 request. Future versions of the specification may define different values in order to allow message recipients to properly interpret the request.
+
+
+
+
+ Backing store for the property.
+
+
+
+
+ Backing store for the property.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The OpenID version this message must comply with.
+ The OpenID Provider endpoint.
+ The value for the openid.mode parameter.
+ A value indicating whether the message will be transmitted directly or indirectly.
+
+
+
+ Checks the message state for conformity to the protocol specification
+ and throws an exception if the message is invalid.
+
+
+ Some messages have required fields, or combinations of fields that must relate to each other
+ in specialized ways. After deserializing a message, this method checks the state of the
+ message to see if it conforms to the protocol.
+ Note that this property should not check signatures or perform any state checks
+ outside this scope of this particular message.
+
+ Thrown if the message is invalid.
+
+
+
+ Sets a flag indicating that this message is received (as opposed to sent).
+
+
+
+
+ Gets some string from a given version of the OpenID protocol.
+
+ The protocol version to use for lookup.
+ A function that can retrieve the desired protocol constant.
+ The value of the constant.
+
+ This method can be used by a constructor to throw an
+ instead of a .
+
+
+
+
+ Gets the value of the openid.mode parameter.
+
+
+
+
+ Gets the preferred method of transport for the message.
+
+
+ For direct messages this is the OpenID mandated POST.
+ For indirect messages both GET and POST are allowed.
+
+
+
+
+ Gets the recipient of the message.
+
+ The OP endpoint, or the RP return_to.
+
+
+
+ Gets the version of the protocol this message is prepared to implement.
+
+ Version 2.0
+
+
+
+ Gets the level of protection this message requires.
+
+
+
+
+
+ Gets a value indicating whether this is a direct or indirect message.
+
+
+
+
+
+ Gets the extra parameters included in the message.
+
+ An empty dictionary.
+
+
+
+ Gets a value indicating whether this message was deserialized as an incoming message.
+
+
+
+
+ Gets the protocol used by this message.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The OpenID version this message must comply with.
+ The OpenID Provider endpoint.
+
+
+
+ Initializes a new instance of the class
+ based on the contents of some signed message whose signature must be verified.
+
+ The message whose signature should be verified.
+ The channel. This is used only within the constructor and is not stored in a field.
+
+
+
+ Gets or sets a value indicating whether the signature being verified by this request
+ is in fact valid.
+
+ true if the signature is valid; otherwise, false.
+
+ This property is automatically set as the message is received by the channel's
+ signing binding element.
+
+
+
+
+ Gets or sets the ReturnTo that existed in the original signed message.
+
+
+ This exists strictly for convenience in recreating the
+ message.
+
+
+
+
+ The message sent from the Provider to the Relying Party to confirm/deny
+ the validity of an assertion that was signed by a private Provider secret.
+
+
+
+
+ A common base class for OpenID direct message responses.
+
+
+
+
+ The openid.ns parameter in the message.
+
+ "http://specs.openid.net/auth/2.0"
+
+ OpenID 2.0 Section 5.1.2:
+ This particular value MUST be present for the response to be a valid OpenID 2.0 response.
+ Future versions of the specification may define different values in order to allow message
+ recipients to properly interpret the request.
+
+
+
+
+ Backing store for the properties.
+
+
+
+
+ Backing store for the properties.
+
+
+
+
+ The dictionary of parameters that are not part of the OpenID specification.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The OpenID version of the response message.
+ The originating request. May be null in case the request is unrecognizable and this is an error response.
+
+
+
+ Checks the message state for conformity to the protocol specification
+ and throws an exception if the message is invalid.
+
+
+ Some messages have required fields, or combinations of fields that must relate to each other
+ in specialized ways. After deserializing a message, this method checks the state of the
+ message to see if it conforms to the protocol.
+ Note that this property should not check signatures or perform any state checks
+ outside this scope of this particular message.
+
+ Thrown if the message is invalid.
+
+
+
+ Sets a flag indicating that this message is received (as opposed to sent).
+
+
+
+
+ Gets the version of the protocol this message is prepared to implement.
+
+ Version 2.0
+
+
+
+ Gets the level of protection this message requires.
+
+
+
+
+
+ Gets a value indicating whether this is a direct or indirect message.
+
+
+
+
+
+ Gets the extra, non-OAuth parameters included in the message.
+
+
+
+
+ Gets the originating request message that caused this response to be formed.
+
+
+ This property may be null if the request message was undecipherable.
+
+
+
+
+ Gets a value indicating whether this message was deserialized as an incoming message.
+
+
+
+
+ Gets the protocol used by this message.
+
+
+
+
+ Gets the originating request message that caused this response to be formed.
+
+
+
+
+ Initializes a new instance of the class
+ for use by the Relying Party.
+
+ The OpenID version of the response message.
+ The request that this message is responding to.
+
+
+
+ Gets or sets a value indicating whether the signature of the verification request is valid.
+
+
+
+
+ Gets or sets the handle the relying party should invalidate if is true.
+
+ The "invalidate_handle" value sent in the verification request, if the OP confirms it is invalid.
+
+ If present in a verification response with "is_valid" set to "true",
+ the Relying Party SHOULD remove the corresponding association from
+ its store and SHOULD NOT send further authentication requests with
+ this handle.
+ This two-step process for invalidating associations is necessary
+ to prevent an attacker from invalidating an association at will by
+ adding "invalidate_handle" parameters to an authentication response.
+ For OpenID 1.1, we allow this to be present but empty to put up with poor implementations such as Blogger.
+
+
+
+
+ An authentication request from a Relying Party to a Provider.
+
+
+ This message type satisfies OpenID 2.0 section 9.1.
+
+
+
+
+ An indirect request from a Relying Party to a Provider where the response
+ is expected to be signed.
+
+
+
+
+ Backing store for the property.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The OpenID version to use.
+ The Provider endpoint that receives this message.
+
+ for asynchronous javascript clients;
+ to allow the Provider to interact with the user in order to complete authentication.
+
+
+
+
+ Checks the message state for conformity to the protocol specification
+ and throws an exception if the message is invalid.
+
+
+ Some messages have required fields, or combinations of fields that must relate to each other
+ in specialized ways. After deserializing a message, this method checks the state of the
+ message to see if it conforms to the protocol.
+ Note that this property should not check signatures or perform any state checks
+ outside this scope of this particular message.
+
+ Thrown if the message is invalid.
+
+
+
+ Adds parameters to the return_to querystring.
+
+ The keys=value pairs to add to the return_to query string.
+
+ This method is useful if the Relying Party wants to recall some value
+ when and if a positive assertion comes back from the Provider.
+
+
+
+
+ Adds a parameter to the return_to querystring.
+
+ The name of the parameter.
+ The value of the argument.
+
+ This method is useful if the Relying Party wants to recall some value
+ when and if a positive assertion comes back from the Provider.
+
+
+
+
+ Gets the value of the openid.mode parameter based on the protocol version and immediate flag.
+
+ The OpenID version to use.
+
+ for asynchronous javascript clients;
+ to allow the Provider to interact with the user in order to complete authentication.
+
+ checkid_immediate or checkid_setup
+
+
+
+ Gets the list of extensions that are included with this message.
+
+
+
+ Implementations of this interface should ensure that this property never returns null.
+
+
+
+
+ Gets a value indicating whether the Provider is allowed to interact with the user
+ as part of authentication.
+
+ true if using OpenID immediate mode; otherwise, false.
+
+
+
+ Gets or sets the handle of the association the RP would like the Provider
+ to use for signing a positive assertion in the response message.
+
+ A handle for an association between the Relying Party and the OP
+ that SHOULD be used to sign the response.
+
+ If no association handle is sent, the transaction will take place in Stateless Mode
+ (Verifying Directly with the OpenID Provider).
+
+
+
+
+ Gets or sets the URL the Provider should redirect the user agent to following
+ the authentication attempt.
+
+ URL to which the OP SHOULD return the User-Agent with the response
+ indicating the status of the request.
+
+ If this value is not sent in the request it signifies that the Relying Party
+ does not wish for the end user to be returned.
+ The return_to URL MAY be used as a mechanism for the Relying Party to attach
+ context about the authentication request to the authentication response.
+ This document does not define a mechanism by which the RP can ensure that query
+ parameters are not modified by outside parties; such a mechanism can be defined
+ by the RP itself.
+
+
+
+
+ Gets or sets the Relying Party discovery URL the Provider may use to verify the
+ source of the authentication request.
+
+
+ URL pattern the OP SHOULD ask the end user to trust. See Section 9.2 (Realms).
+ This value MUST be sent if openid.return_to is omitted.
+ Default: The URL.
+
+
+
+
+ Gets or sets a value indicating whether the return_to value should be signed.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The OpenID version to use.
+ The Provider endpoint that receives this message.
+
+ for asynchronous javascript clients;
+ to allow the Provider to interact with the user in order to complete authentication.
+
+
+
+
+ Checks the message state for conformity to the protocol specification
+ and throws an exception if the message is invalid.
+
+
+ Some messages have required fields, or combinations of fields that must relate to each other
+ in specialized ways. After deserializing a message, this method checks the state of the
+ message to see if it conforms to the protocol.
+ Note that this property should not check signatures or perform any state checks
+ outside this scope of this particular message.
+
+ Thrown if the message is invalid.
+
+
+
+ Gets or sets the Claimed Identifier.
+
+
+ "openid.claimed_id" and "openid.identity" SHALL be either both present or both absent.
+ If neither value is present, the assertion is not about an identifier,
+ and will contain other information in its payload, using extensions (Extensions).
+ It is RECOMMENDED that OPs accept XRI identifiers with or without the "xri://" prefix, as specified in the Normalization (Normalization) section.
+
+
+
+
+ Gets or sets the OP Local Identifier.
+
+ The OP-Local Identifier.
+
+ If a different OP-Local Identifier is not specified, the claimed
+ identifier MUST be used as the value for openid.identity.
+ Note: If this is set to the special value
+ "http://specs.openid.net/auth/2.0/identifier_select" then the OP SHOULD
+ choose an Identifier that belongs to the end user. This parameter MAY
+ be omitted if the request is not about an identifier (for instance if
+ an extension is in use that makes the request meaningful without it;
+ see openid.claimed_id above).
+
+
+
+
+ The base class that all successful association response messages derive from.
+
+
+ Association response messages are described in OpenID 2.0 section 8.2. This type covers section 8.2.1.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The OpenID version of the response message.
+ The originating request.
+
+
+
+ Checks the message state for conformity to the protocol specification
+ and throws an exception if the message is invalid.
+
+
+ Some messages have required fields, or combinations of fields that must relate to each other
+ in specialized ways. After deserializing a message, this method checks the state of the
+ message to see if it conforms to the protocol.
+ Note that this property should not check signatures or perform any state checks
+ outside this scope of this particular message.
+
+ Thrown if the message is invalid.
+
+
+
+ Gets or sets the association handle is used as a key to refer to this association in subsequent messages.
+
+ A string 255 characters or less in length. It MUST consist only of ASCII characters in the range 33-126 inclusive (printable non-whitespace characters).
+
+
+
+ Gets or sets the preferred association type. The association type defines the algorithm to be used to sign subsequent messages.
+
+ Value: A valid association type from Section 8.3.
+
+
+
+ Gets or sets the value of the "openid.session_type" parameter from the request.
+ If the OP is unwilling or unable to support this association type, it MUST return an
+ unsuccessful response (Unsuccessful Response Parameters).
+
+ Value: A valid association session type from Section 8.4 (Association Session Types).
+ Note: Unless using transport layer encryption, "no-encryption" MUST NOT be used.
+
+
+
+ Gets or sets the lifetime, in seconds, of this association. The Relying Party MUST NOT use the association after this time has passed.
+
+ An integer, represented in base 10 ASCII.
+
+
+
+ Members found on error response messages sent from a Provider
+ to a Relying Party in response to direct and indirect message
+ requests that result in an error.
+
+
+
+
+ Gets or sets a human-readable message indicating why the request failed.
+
+
+
+
+ Gets or sets the contact address for the administrator of the server.
+
+ The contact address may take any form, as it is intended to be displayed to a person.
+
+
+
+ Gets or sets a reference token, such as a support ticket number or a URL to a news blog, etc.
+
+
+
+
+ A common base class from which indirect response messages should derive.
+
+
+
+
+ Backing store for the property.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The request that caused this response message to be constructed.
+ The value of the openid.mode parameter.
+
+
+
+ Initializes a new instance of the class
+ for unsolicited assertion scenarios.
+
+ The OpenID version supported at the Relying Party.
+
+ The URI at which the Relying Party receives OpenID indirect messages.
+
+ The value to use for the openid.mode parameter.
+
+
+
+ Gets the property of a message.
+
+ The message to fetch the protocol version from.
+ The value of the property.
+
+ This method can be used by a constructor to throw an
+ instead of a .
+
+
+
+
+ Gets the property of a message.
+
+ The message to fetch the ReturnTo from.
+ The value of the property.
+
+ This method can be used by a constructor to throw an
+ instead of a .
+
+
+
+
+ Gets the list of extensions that are included with this message.
+
+
+
+ Implementations of this interface should ensure that this property never returns null.
+
+
+
+
+ Gets the signed extensions on this message.
+
+
+
+
+ Gets the unsigned extensions on this message.
+
+
+
+
+ Gets the originating request message, if applicable.
+
+
+
+
+ An indirect message from a Provider to a Relying Party where at least part of the
+ payload is signed so the Relying Party can verify it has not been tampered with.
+
+
+
+
+ The allowed date/time formats for the response_nonce parameter.
+
+
+ This array of formats is not yet a complete list.
+
+
+
+
+ Backing field for the property.
+
+
+ The field initializer being DateTime.UtcNow allows for OpenID 1.x messages
+ to pass through the StandardExpirationBindingElement.
+
+
+
+
+ Backing store for the property.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+ The authentication request that caused this assertion to be generated.
+
+
+
+
+ Initializes a new instance of the class
+ in order to perform signature verification at the Provider.
+
+ The previously signed message.
+ The channel. This is used only within the constructor and is not stored in a field.
+
+
+
+ Initializes a new instance of the class
+ for unsolicited assertions.
+
+ The OpenID version to use.
+ The return_to URL of the Relying Party.
+ This value will commonly be from ,
+ but for unsolicited assertions may come from the Provider performing RP discovery
+ to find the appropriate return_to URL to use.
+
+
+
+ Checks the message state for conformity to the protocol specification
+ and throws an exception if the message is invalid.
+
+
+ Some messages have required fields, or combinations of fields that must relate to each other
+ in specialized ways. After deserializing a message, this method checks the state of the
+ message to see if it conforms to the protocol.
+ Note that this property should not check signatures or perform any state checks
+ outside this scope of this particular message.
+
+ Thrown if the message is invalid.
+
+
+
+ Gets the value of a named parameter in the return_to URL without signature protection.
+
+ The full name of the parameter whose value is being sought.
+ The value of the parameter if it is present and unaltered from when
+ the Relying Party signed it; null otherwise.
+
+ This method will always return null on the Provider-side, since Providers
+ cannot verify the private signature made by the relying party.
+
+
+
+
+ Gets the names of the callback parameters added to the original authentication request
+ without signature protection.
+
+ A sequence of the callback parameter names.
+
+
+
+ Gets a dictionary of all the message part names and values
+ that are included in the message signature.
+
+ The channel.
+
+ A dictionary of the signed message parts.
+
+
+
+
+ Determines whether one querystring contains every key=value pair that
+ another querystring contains.
+
+ The querystring that should contain at least all the key=value pairs of the other.
+ The querystring containing the set of key=value pairs to test for in the other.
+
+ true if contains all the query parameters that does; false otherwise.
+
+
+
+
+ Verifies that the openid.return_to field matches the URL of the actual HTTP request.
+
+
+ From OpenId Authentication 2.0 section 11.1:
+ To verify that the "openid.return_to" URL matches the URL that is processing this assertion:
+ * The URL scheme, authority, and path MUST be the same between the two URLs.
+ * Any query parameters that are present in the "openid.return_to" URL MUST
+ also be present with the same values in the URL of the HTTP request the RP received.
+
+
+
+
+ Gets the level of protection this message requires.
+
+
+ for OpenID 2.0 messages.
+ for OpenID 1.x messages.
+
+
+ Although the required protection is reduced for OpenID 1.x,
+ this library will provide Relying Party hosts with all protections
+ by adding its own specially-crafted nonce to the authentication request
+ messages except for stateless RPs in OpenID 1.x messages.
+
+
+
+
+ Gets or sets the message signature.
+
+ Base 64 encoded signature calculated as specified in Section 6 (Generating Signatures).
+
+
+
+ Gets or sets the signed parameter order.
+
+ Comma-separated list of signed fields.
+ "op_endpoint,identity,claimed_id,return_to,assoc_handle,response_nonce"
+
+ This entry consists of the fields without the "openid." prefix that the signature covers.
+ This list MUST contain at least "op_endpoint", "return_to" "response_nonce" and "assoc_handle",
+ and if present in the response, "claimed_id" and "identity".
+ Additional keys MAY be signed as part of the message. See Generating Signatures.
+
+
+
+
+ Gets or sets the association handle used to sign the message.
+
+ The handle for the association that was used to sign this assertion.
+
+
+
+ Gets or sets the nonce that will protect the message from replay attacks.
+
+
+
+
+ Gets the context within which the nonce must be unique.
+
+
+
+
+ Gets or sets the UTC date/time the message was originally sent onto the network.
+
+
+ The property setter should ensure a UTC date/time,
+ and throw an exception if this is not possible.
+
+
+ Thrown when a DateTime that cannot be converted to UTC is set.
+
+
+
+
+ Gets or sets the association handle that the Provider wants the Relying Party to not use any more.
+
+ If the Relying Party sent an invalid association handle with the request, it SHOULD be included here.
+
+ For OpenID 1.1, we allow this to be present but empty to put up with poor implementations such as Blogger.
+
+
+
+
+ Gets or sets the Provider Endpoint URI.
+
+
+
+
+ Gets or sets the return_to parameter as the relying party provided
+ it in .
+
+ Verbatim copy of the return_to URL parameter sent in the
+ request, before the Provider modified it.
+
+
+
+ Gets or sets a value indicating whether the
+ URI's query string is unaltered between when the Relying Party
+ sent the original request and when the response was received.
+
+
+ This property is not persisted in the transmitted message, and
+ has no effect on the Provider-side of the communication.
+
+
+
+
+ Gets or sets the nonce that will protect the message from replay attacks.
+
+
+ A string 255 characters or less in length, that MUST be unique to
+ this particular successful authentication response. The nonce MUST start
+ with the current time on the server, and MAY contain additional ASCII
+ characters in the range 33-126 inclusive (printable non-whitespace characters),
+ as necessary to make each response unique. The date and time MUST be
+ formatted as specified in section 5.6 of [RFC3339]
+ (Klyne, G. and C. Newman, “Date and Time on the Internet: Timestamps,” .),
+ with the following restrictions:
+
+ All times must be in the UTC timezone, indicated with a "Z".
+ No fractional seconds are allowed
+
+
+ 2005-05-15T17:11:51ZUNIQUE
+
+
+
+ Gets or sets the nonce that will protect the message from replay attacks.
+
+
+ A string 255 characters or less in length, that MUST be unique to
+ this particular successful authentication response. The nonce MUST start
+ with the current time on the server, and MAY contain additional ASCII
+ characters in the range 33-126 inclusive (printable non-whitespace characters),
+ as necessary to make each response unique. The date and time MUST be
+ formatted as specified in section 5.6 of [RFC3339]
+ (Klyne, G. and C. Newman, “Date and Time on the Internet: Timestamps,” .),
+ with the following restrictions:
+
+ All times must be in the UTC timezone, indicated with a "Z".
+ No fractional seconds are allowed
+
+
+ 2005-05-15T17:11:51ZUNIQUE
+
+
+
+ Gets the querystring key=value pairs in the return_to URL.
+
+
+
+
+ Code contract class for the IOpenIdMessageExtension interface.
+
+
+
+
+ Prevents a default instance of the class from being created.
+
+
+
+
+ Checks the message state for conformity to the protocol specification
+ and throws an exception if the message is invalid.
+
+
+ Some messages have required fields, or combinations of fields that must relate to each other
+ in specialized ways. After deserializing a message, this method checks the state of the
+ message to see if it conforms to the protocol.
+ Note that this property should not check signatures or perform any state checks
+ outside this scope of this particular message.
+
+ Thrown if the message is invalid.
+
+
+
+ Gets the TypeURI the extension uses in the OpenID protocol and in XRDS advertisements.
+
+
+
+
+ Gets the additional TypeURIs that are supported by this extension, in preferred order.
+ May be empty if none other than is supported, but
+ should not be null.
+
+
+ Useful for reading in messages with an older version of an extension.
+ The value in the property is always checked before
+ trying this list.
+ If you do support multiple versions of an extension using this method,
+ consider adding a CreateResponse method to your request extension class
+ so that the response can have the context it needs to remain compatible
+ given the version of the extension in the request message.
+ The for an example.
+
+
+
+
+ Gets or sets a value indicating whether this extension was
+ signed by the sender.
+
+
+ true if this instance is signed by the sender; otherwise, false.
+
+
+
+
+ Gets the version of the protocol or extension this message is prepared to implement.
+
+
+ Implementations of this interface should ensure that this property never returns null.
+
+
+
+
+ Gets the extra, non-standard Protocol parameters included in the message.
+
+
+ Implementations of this interface should ensure that this property never returns null.
+
+
+
+
+ The message OpenID Providers send back to Relying Parties to refuse
+ to assert the identity of a user.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The request that the relying party sent.
+
+
+
+ Initializes a new instance of the class.
+
+ The request that the relying party sent.
+ The channel to use to simulate construction of the user_setup_url, if applicable. May be null, but the user_setup_url will not be constructed.
+
+
+
+ Initializes a new instance of the class.
+
+ The version.
+ The relying party return to.
+ The value of the openid.mode parameter.
+
+
+
+ Checks the message state for conformity to the protocol specification
+ and throws an exception if the message is invalid.
+
+
+ Some messages have required fields, or combinations of fields that must relate to each other
+ in specialized ways. After deserializing a message, this method checks the state of the
+ message to see if it conforms to the protocol.
+ Note that this property should not check signatures or perform any state checks
+ outside this scope of this particular message.
+
+ Thrown if the message is invalid.
+
+
+
+ Constructs the value for the user_setup_url parameter to be sent back
+ in negative assertions in response to OpenID 1.x RP's checkid_immediate requests.
+
+ The immediate request.
+ The channel to use to simulate construction of the message.
+ The value to use for the user_setup_url parameter.
+
+
+
+ Gets the value for the openid.mode that is appropriate for this response.
+
+ The request that we're responding to.
+ The value of the openid.mode parameter to use.
+
+
+
+ Gets or sets the URL the relying party can use to upgrade their authentication
+ request from an immediate to a setup message.
+
+ URL to redirect User-Agent to so the End User can do whatever's necessary to fulfill the assertion.
+
+ This part is only included in OpenID 1.x responses.
+
+
+
+
+ Gets a value indicating whether this
+ is in response to an authentication request made in immediate mode.
+
+ true if the request was in immediate mode; otherwise, false.
+
+
+
+ An identity assertion from a Provider to a Relying Party, stating that the
+ user operating the user agent is in fact some specific user known to the Provider.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+ The authentication request that caused this assertion to be generated.
+
+
+
+
+ Initializes a new instance of the class
+ for unsolicited assertions.
+
+ The OpenID version to use.
+ The return_to URL of the Relying Party.
+ This value will commonly be from ,
+ but for unsolicited assertions may come from the Provider performing RP discovery
+ to find the appropriate return_to URL to use.
+
+
+
+ Initializes a new instance of the class.
+
+ The relying party return_to endpoint that will receive this positive assertion.
+
+
+
+ Gets or sets the Claimed Identifier.
+
+
+ "openid.claimed_id" and "openid.identity" SHALL be either both present or both absent.
+ If neither value is present, the assertion is not about an identifier,
+ and will contain other information in its payload, using extensions (Extensions).
+
+
+
+
+ Gets or sets the OP Local Identifier.
+
+ The OP-Local Identifier.
+
+ OpenID Providers MAY assist the end user in selecting the Claimed
+ and OP-Local Identifiers about which the assertion is made.
+ The openid.identity field MAY be omitted if an extension is in use that
+ makes the response meaningful without it (see openid.claimed_id above).
+
+
+
+
+ Wraps an existing Identifier and prevents it from performing discovery.
+
+
+
+
+ The wrapped identifier.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The ordinary Identifier whose discovery is being masked.
+ Whether this Identifier should claim to be SSL-secure, although no discovery will never generate service endpoints anyway.
+
+
+
+ Returns a that represents the current .
+
+
+ A that represents the current .
+
+
+
+
+ Tests equality between two s.
+
+ The to compare with the current .
+
+ true if the specified is equal to the current ; otherwise, false.
+
+
+ The parameter is null.
+
+
+
+
+ Gets the hash code for an for storage in a hashtable.
+
+
+ A hash code for the current .
+
+
+
+
+ Returns an that has no URI fragment.
+ Quietly returns the original if it is not
+ a or no fragment exists.
+
+
+ A new instance if there was a
+ fragment to remove, otherwise this same instance..
+
+
+
+
+ Converts a given identifier to its secure equivalent.
+ UriIdentifiers originally created with an implied HTTP scheme change to HTTPS.
+ Discovery is made to require SSL for the entire resolution process.
+
+ The newly created secure identifier.
+ If the conversion fails, retains
+ this identifiers identity, but will never discover any endpoints.
+
+ True if the secure conversion was successful.
+ False if the Identifier was originally created with an explicit HTTP scheme.
+
+
+
+
+ A set of utilities especially useful to OpenID.
+
+
+
+
+ The prefix to designate this library's proprietary parameters added to the protocol.
+
+
+
+
+ A static variable that carries the results of a check for the presence of
+ assemblies that are required for the Diffie-Hellman algorithm.
+
+
+
+
+ Creates a random association handle.
+
+ The association handle.
+
+
+
+ Gets the OpenID protocol instance for the version in a message.
+
+ The message.
+ The OpenID protocol instance.
+
+
+
+ Changes the position of some element in a list.
+
+ The type of elements stored in the list.
+ The list to be modified.
+ The new position for the given element.
+ The element to move within the list.
+ Thrown if the element does not already exist in the list.
+
+
+
+ Corrects any URI decoding the Provider may have inappropriately done
+ to our return_to URL, resulting in an otherwise corrupted base64 encoded value.
+
+ The base64 encoded value. May be null.
+
+ The value; corrected if corruption had occurred.
+
+
+ AOL may have incorrectly URI-decoded the token for us in the return_to,
+ resulting in a token URI-decoded twice by the time we see it, and no
+ longer being a valid base64 string.
+ It turns out that the only symbols from base64 that is also encoded
+ in URI encoding rules are the + and / characters.
+ AOL decodes the %2b sequence to the + character
+ and the %2f sequence to the / character (it shouldn't decode at all).
+ When we do our own URI decoding, the + character becomes a space (corrupting base64)
+ but the / character remains a /, so no further corruption happens to this character.
+ So to correct this we just need to change any spaces we find in the token
+ back to + characters.
+
+
+
+
+ Rounds the given downward to the whole second.
+
+ The DateTime object to adjust.
+ The new value.
+
+
+
+ Gets the fully qualified Realm URL, given a Realm that may be relative to a particular page.
+
+ The hosting page that has the realm value to resolve.
+ The realm, which may begin with "*." or "~/".
+ The request context.
+ The fully-qualified realm.
+
+
+
+ Gets the extension factories from the extension aggregator on an OpenID channel.
+
+ The channel.
+ The list of factories that will be used to generate extension instances.
+
+ This is an extension method on rather than an instance
+ method on because the OpenIdRelyingParty
+ and OpenIdProvider classes don't strong-type to
+ to allow flexibility in the specific type of channel the user (or tests)
+ can plug in.
+
+
+
+
+ Loads the Diffie-Hellman assemblies.
+
+ Thrown if the DH assemblies are missing.
+
+
+
+ Gets a value indicating whether Diffie Hellman is available in this installation.
+
+
+ true if Diffie-Hellman functionality is present; otherwise, false.
+
+
+
+
+ Utility methods for working with XRDS documents.
+
+
+
+
+ Finds the Relying Party return_to receiving endpoints.
+
+ The XrdsDocument instance to use in this process.
+ A sequence of Relying Party descriptors for the return_to endpoints.
+
+ This is useful for Providers to send unsolicited assertions to Relying Parties,
+ or for Provider's to perform RP discovery/verification as part of authentication.
+
+
+
+
+ Finds the icons the relying party wants an OP to display as part of authentication,
+ per the UI extension spec.
+
+ The XrdsDocument to search.
+ A sequence of the icon URLs in preferred order.
+
+
+
+ Enumerates the XRDS service elements that describe OpenID Relying Party return_to URLs
+ that can receive authentication assertions.
+
+ The XrdsDocument instance to use in this process.
+ A sequence of service elements.
+
+
+
+ Describes some OpenID Provider endpoint and its capabilities.
+
+
+ This is an immutable type.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The OpenID Provider endpoint URL.
+ The OpenID version supported by this particular endpoint.
+
+
+
+ Initializes a new instance of the class.
+
+ The URI the provider listens on for OpenID requests.
+ The set of services offered by this endpoint.
+
+
+
+ Checks whether the OpenId Identifier claims support for a given extension.
+
+ The extension whose support is being queried.
+
+ True if support for the extension is advertised. False otherwise.
+
+
+ Note that a true or false return value is no guarantee of a Provider's
+ support for or lack of support for an extension. The return value is
+ determined by how the authenticating user filled out his/her XRDS document only.
+ The only way to be sure of support for a given extension is to include
+ the extension in the request and see if a response comes back for that extension.
+
+
+
+
+ Checks whether the OpenId Identifier claims support for a given extension.
+
+ The extension whose support is being queried.
+
+ True if support for the extension is advertised. False otherwise.
+
+
+ Note that a true or false return value is no guarantee of a Provider's
+ support for or lack of support for an extension. The return value is
+ determined by how the authenticating user filled out his/her XRDS document only.
+ The only way to be sure of support for a given extension is to include
+ the extension in the request and see if a response comes back for that extension.
+
+
+
+
+ Gets the URL that the OpenID Provider listens for incoming OpenID messages on.
+
+
+
+
+ Gets the OpenID protocol version this endpoint supports.
+
+
+ If an endpoint supports multiple versions, each version must be represented
+ by its own object.
+
+
+
+
+ Gets the collection of service type URIs found in the XRDS document describing this Provider.
+
+
+
+
+ A trust root to validate requests and match return URLs against.
+
+
+ This fills the OpenID Authentication 2.0 specification for realms.
+ See http://openid.net/specs/openid-authentication-2_0.html#realms
+
+
+
+
+ A regex used to detect a wildcard that is being used in the realm.
+
+
+
+
+ A (more or less) comprehensive list of top-level (i.e. ".com") domains,
+ for use by in order to disallow overly-broad realms
+ that allow all web sites ending with '.com', for example.
+
+
+
+
+ The Uri of the realm, with the wildcard (if any) removed.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The realm URL to use in the new instance.
+
+
+
+ Initializes a new instance of the class.
+
+ The realm URL of the Relying Party.
+
+
+
+ Initializes a new instance of the class.
+
+ The realm URI builder.
+
+ This is useful because UriBuilder can construct a host with a wildcard
+ in the Host property, but once there it can't be converted to a Uri.
+
+
+
+
+ Implicitly converts the string-form of a URI to a object.
+
+ The URI that the new Realm instance will represent.
+ The result of the conversion.
+
+
+
+ Implicitly converts a to a object.
+
+ The URI to convert to a realm.
+ The result of the conversion.
+
+
+
+ Implicitly converts a object to its form.
+
+ The realm to convert to a string value.
+ The result of the conversion.
+
+
+
+ Checks whether one is equal to another.
+
+ The to compare with the current .
+
+ true if the specified is equal to the current ; otherwise, false.
+
+
+ The parameter is null.
+
+
+
+
+ Returns the hash code used for storing this object in a hash table.
+
+
+ A hash code for the current .
+
+
+
+
+ Returns the string form of this .
+
+
+ A that represents the current .
+
+
+
+
+ Validates a URL against this trust root.
+
+ A string specifying URL to check.
+ Whether the given URL is within this trust root.
+
+
+
+ Validates a URL against this trust root.
+
+ The URL to check.
+ Whether the given URL is within this trust root.
+
+
+
+ Searches for an XRDS document at the realm URL, and if found, searches
+ for a description of a relying party endpoints (OpenId login pages).
+
+ The mechanism to use for sending HTTP requests.
+ Whether redirects may be followed when discovering the Realm.
+ This may be true when creating an unsolicited assertion, but must be
+ false when performing return URL verification per 2.0 spec section 9.2.1.
+
+ The details of the endpoints if found; or null if no service document was discovered.
+
+
+
+
+ Searches for an XRDS document at the realm URL.
+
+ The mechanism to use for sending HTTP requests.
+ Whether redirects may be followed when discovering the Realm.
+ This may be true when creating an unsolicited assertion, but must be
+ false when performing return URL verification per 2.0 spec section 9.2.1.
+
+ The XRDS document if found; or null if no service document was discovered.
+
+
+
+
+ Calls if the argument is non-null.
+ Otherwise throws .
+
+ The realm URI builder.
+ The result of UriBuilder.ToString()
+
+ This simple method is worthwhile because it checks for null
+ before dereferencing the UriBuilder. Since this is called from
+ within a constructor's base(...) call, this avoids a
+ when we should be throwing an .
+
+
+
+
+ Gets the suggested realm to use for the calling web application.
+
+ A realm that matches this applications root URL.
+
+ For most circumstances the Realm generated by this property is sufficient.
+ However a wildcard Realm, such as "http://*.microsoft.com/" may at times be more
+ desirable than "http://www.microsoft.com/" in order to allow identifier
+ correlation across related web sites for directed identity Providers.
+ Requires an HttpContext.Current context.
+
+
+
+
+ Gets a value indicating whether a '*.' prefix to the hostname is
+ used in the realm to allow subdomains or hosts to be added to the URL.
+
+
+
+
+ Gets the host component of this instance.
+
+
+
+
+ Gets the scheme name for this URI.
+
+
+
+
+ Gets the port number of this URI.
+
+
+
+
+ Gets the absolute path of the URI.
+
+
+
+
+ Gets the System.Uri.AbsolutePath and System.Uri.Query properties separated
+ by a question mark (?).
+
+
+
+
+ Gets the original string.
+
+ The original string.
+
+
+
+ Gets the realm URL. If the realm includes a wildcard, it is not included here.
+
+
+
+
+ Gets the Realm discovery URL, where the wildcard (if present) is replaced with "www.".
+
+
+ See OpenID 2.0 spec section 9.2.1 for the explanation on the addition of
+ the "www" prefix.
+
+
+
+
+ Gets a value indicating whether this realm represents a reasonable (sane) set of URLs.
+
+
+ 'http://*.com/', for example is not a reasonable pattern, as it cannot meaningfully
+ specify the site claiming it. This function attempts to find many related examples,
+ but it can only work via heuristics. Negative responses from this method should be
+ treated as advisory, used only to alert the user to examine the trust root carefully.
+
+
+
+
+ Provides conversions to and from strings for messages that include members of this type.
+
+
+
+
+ Encodes the specified value.
+
+ The value. Guaranteed to never be null.
+ The in string form, ready for message transport.
+
+
+
+ Decodes the specified value.
+
+ The string value carried by the transport. Guaranteed to never be null, although it may be empty.
+ The deserialized form of the given string.
+ Thrown when the string value given cannot be decoded into the required object type.
+
+
+
+ Encodes the specified value as the original value that was formerly decoded.
+
+ The value. Guaranteed to never be null.
+ The in string form, ready for message transport.
+
+
+
+ A description of some OpenID Relying Party endpoint.
+
+
+ This is an immutable type.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The return to.
+
+ The Type URIs of supported services advertised on a relying party's XRDS document.
+
+
+
+
+ Derives the highest OpenID protocol that this library and the OpenID Provider have
+ in common.
+
+ The supported service type URIs.
+ The best OpenID protocol version to use when communicating with this Provider.
+
+
+
+ Gets the URL to the login page on the discovered relying party web site.
+
+
+
+
+ Gets the OpenId protocol that the discovered relying party supports.
+
+
+
+
+ Diffie-Hellman encryption methods used by both the relying party and provider.
+
+
+
+
+ An array of known Diffie Hellman sessions, sorted by decreasing hash size.
+
+
+
+
+ Finds the hashing algorithm to use given an openid.session_type value.
+
+ The protocol version of the message that named the session_type to be used.
+ The value of the openid.session_type parameter.
+ The hashing algorithm to use.
+ Thrown if no match could be found for the given .
+
+
+
+ Looks up the value to be used for the openid.session_type parameter.
+
+ The protocol version that is to be used.
+ The hash size (in bits) that the DH session must have.
+ The value to be used for the openid.session_type parameter, or null if no match was found.
+
+
+
+ Encrypts/decrypts a shared secret.
+
+ The hashing algorithm that is agreed by both parties to use as part of the secret exchange.
+
+ If the secret is being encrypted, this is the new Diffie Hellman object to use.
+ If the secret is being decrypted, this must be the same Diffie Hellman object used to send the original request message.
+
+ The public key of the remote party.
+ The secret to encode, or the encoded secret. Whichever one is given will generate the opposite in the return value.
+
+ The encrypted version of the secret if the secret itself was given in .
+ The secret itself if the encrypted version of the secret was given in .
+
+
+
+
+ Ensures that the big integer represented by a given series of bytes
+ is a positive integer.
+
+ The bytes that make up the big integer.
+
+ A byte array (possibly new if a change was required) whose
+ integer is guaranteed to be positive.
+
+
+ This is to be consistent with OpenID spec section 4.2.
+
+
+
+
+ Returns the value used to initialize the static field storing DH session types.
+
+ A non-null, non-empty array.
+ >
+ This is a method rather than being inlined to the field initializer to try to avoid
+ the CLR bug that crops up sometimes if we initialize arrays using object initializer syntax.
+
+
+
+
+ Provides access to a Diffie-Hellman session algorithm and its name.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The hashing algorithm used in this particular Diffie-Hellman session type.
+ A function that will return the value of the openid.session_type parameter for a given version of OpenID.
+
+
+
+ Gets the function that will return the value of the openid.session_type parameter for a given version of OpenID.
+
+
+
+
+ Gets the hashing algorithm used in this particular Diffie-Hellman session type
+
+
+
+
+ An association that uses the HMAC-SHA family of algorithms for message signing.
+
+
+
+
+ A list of HMAC-SHA algorithms in order of decreasing bit lengths.
+
+
+
+
+ The specific variety of HMAC-SHA this association is based on (whether it be HMAC-SHA1, HMAC-SHA256, etc.)
+
+
+
+
+ Initializes a new instance of the class.
+
+ The specific variety of HMAC-SHA this association is based on (whether it be HMAC-SHA1, HMAC-SHA256, etc.)
+ The association handle.
+ The association secret.
+ The time duration the association will be good for.
+
+
+
+ Creates an HMAC-SHA association.
+
+ The OpenID protocol version that the request for an association came in on.
+ The value of the openid.assoc_type parameter.
+ The association handle.
+ The association secret.
+ How long the association will be good for.
+ The newly created association.
+
+
+
+ Creates an association with the specified handle, secret, and lifetime.
+
+ The handle.
+ The secret.
+ Total lifetime.
+ The newly created association.
+
+
+
+ Returns the length of the shared secret (in bytes).
+
+ The protocol version being used that will be used to lookup the text in
+ The value of the protocol argument specifying the type of association. For example: "HMAC-SHA1".
+ The length (in bytes) of the association secret.
+ Thrown if no association can be found by the given name.
+
+
+
+ Looks for the first association type in a preferred-order list that is
+ likely to be supported given a specific OpenID version and the security settings,
+ and perhaps a matching Diffie-Hellman session type.
+
+ The OpenID version that dictates which associations are available.
+ A value indicating whether to consider higher strength security to be better. Use true for initial association requests from the Relying Party; use false from Providers when the Relying Party asks for an unrecognized association in order to pick a suggested alternative that is likely to be supported on both sides.
+ The set of requirements the selected association type must comply to.
+ Use true for HTTP associations, false for HTTPS associations.
+ The resulting association type's well known protocol name. (i.e. HMAC-SHA256)
+ The resulting session type's well known protocol name, if a matching one is available. (i.e. DH-SHA256)
+
+ True if a qualifying association could be found; false otherwise.
+
+
+
+
+ Determines whether a named Diffie-Hellman session type and association type can be used together.
+
+ The protocol carrying the names of the session and association types.
+ The value of the openid.assoc_type parameter.
+ The value of the openid.session_type parameter.
+
+ true if the named association and session types are compatible; otherwise, false.
+
+
+
+
+ Gets the string to pass as the assoc_type value in the OpenID protocol.
+
+ The protocol version of the message that the assoc_type value will be included in.
+
+ The value that should be used for the openid.assoc_type parameter.
+
+
+
+
+ Returns the specific hash algorithm used for message signing.
+
+
+ The hash algorithm used for message signing.
+
+
+
+
+ Returns the value used to initialize the static field storing association types.
+
+ A non-null, non-empty array.
+ >
+ This is a method rather than being inlined to the field initializer to try to avoid
+ the CLR bug that crops up sometimes if we initialize arrays using object initializer syntax.
+
+
+
+
+ Gets the length (in bits) of the hash this association creates when signing.
+
+
+
+
+ Provides information about some HMAC-SHA hashing algorithm that OpenID supports.
+
+
+
+
+ Creates the using a given shared secret for the mac.
+
+ The HMAC secret.
+ The algorithm.
+
+
+
+ Gets or sets the function that takes a particular OpenID version and returns the value of the openid.assoc_type parameter in that protocol.
+
+
+
+
+ Gets or sets the name of the HMAC-SHA algorithm. (e.g. "HMAC-SHA256")
+
+
+
+
+ Gets or sets the base hash algorithm.
+
+
+
+
+ Gets the size of the hash (in bytes).
+
+
+
+
+ Represents an association request that is sent using HTTPS and otherwise communicates the shared secret in plain text.
+
+
+
+
+ An OpenID direct request from Relying Party to Provider to initiate an association.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The OpenID version this message must comply with.
+ The OpenID Provider endpoint.
+
+
+
+ Checks the message state for conformity to the protocol specification
+ and throws an exception if the message is invalid.
+
+
+ Some messages have required fields, or combinations of fields that must relate to each other
+ in specialized ways. After deserializing a message, this method checks the state of the
+ message to see if it conforms to the protocol.
+ Note that this property should not check signatures or perform any state checks
+ outside this scope of this particular message.
+
+ Thrown if the message is invalid.
+
+
+
+ Gets or sets the preferred association type. The association type defines the algorithm to be used to sign subsequent messages.
+
+ Value: A valid association type from Section 8.3.
+
+
+
+ Gets or sets the preferred association session type. This defines the method used to encrypt the association's MAC key in transit.
+
+ Value: A valid association session type from Section 8.4 (Association Session Types).
+ Note: Unless using transport layer encryption, "no-encryption" MUST NOT be used.
+
+
+
+ Initializes a new instance of the class.
+
+ The OpenID version this message must comply with.
+ The OpenID Provider endpoint.
+
+
+
+ Checks the message state for conformity to the protocol specification
+ and throws an exception if the message is invalid.
+
+
+ Some messages have required fields, or combinations of fields that must relate to each other
+ in specialized ways. After deserializing a message, this method checks the state of the
+ message to see if it conforms to the protocol.
+ Note that this property should not check signatures or perform any state checks
+ outside this scope of this particular message.
+
+ Thrown if the message is invalid.
+
+
+
+ An OpenID direct request from Relying Party to Provider to initiate an association that uses Diffie-Hellman encryption.
+
+
+
+
+ The (only) value we use for the X variable in the Diffie-Hellman algorithm.
+
+
+
+
+ The default gen value for the Diffie-Hellman algorithm.
+
+
+
+
+ The default modulus value for the Diffie-Hellman algorithm.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The OpenID version this message must comply with.
+ The OpenID Provider endpoint.
+
+
+
+ Called by the Relying Party to initialize the Diffie-Hellman algorithm and consumer public key properties.
+
+
+
+
+ Gets or sets the openid.dh_modulus value.
+
+ May be null if the default value given in the OpenID spec is to be used.
+
+
+
+ Gets or sets the openid.dh_gen value.
+
+ May be null if the default value given in the OpenID spec is to be used.
+
+
+
+ Gets or sets the openid.dh_consumer_public value.
+
+
+ This property is initialized with a call to .
+
+
+
+
+ Gets the Diffie-Hellman algorithm.
+
+
+ This property is initialized with a call to .
+
+
+
+
+ The successful Diffie-Hellman association response message.
+
+
+ Association response messages are described in OpenID 2.0 section 8.2. This type covers section 8.2.3.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The OpenID version of the response message.
+ The originating request.
+
+
+
+ Gets or sets the Provider's Diffie-Hellman public key.
+
+ btwoc(g ^ xb mod p)
+
+
+
+ Gets or sets the MAC key (shared secret), encrypted with the secret Diffie-Hellman value.
+
+ H(btwoc(g ^ (xa * xb) mod p)) XOR MAC key. H is either "SHA1" or "SHA256" depending on the session type.
+
+
+
+ The successful unencrypted association response message.
+
+
+ Association response messages are described in OpenID 2.0 section 8.2. This type covers section 8.2.2.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The OpenID version of the response message.
+ The originating request.
+
+
+
+ Gets or sets the MAC key (shared secret) for this association, Base 64 (Josefsson, S., “The Base16, Base32, and Base64 Data Encodings,” .) [RFC3548] encoded.
+
+
+
+
+ The Provider's response to a Relying Party that requested an association that the Provider does not support.
+
+
+ This message type described in OpenID 2.0 section 8.2.4.
+
+
+
+
+ A message sent from a Provider to a Relying Party in response to a direct message request that resulted in an error.
+
+
+ This message must be sent with an HTTP status code of 400.
+ This class satisfies OpenID 2.0 section 5.1.2.2.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The OpenID version of the response message.
+ The originating request.
+
+
+
+ Gets the HTTP status code that the direct respones should be sent with.
+
+
+
+
+
+ Gets the HTTP headers to add to the response.
+
+ May be an empty collection, but must not be null.
+
+
+
+ Gets or sets a human-readable message indicating why the request failed.
+
+
+
+
+ Gets or sets the contact address for the administrator of the server.
+
+ The contact address may take any form, as it is intended to be displayed to a person.
+
+
+
+ Gets or sets a reference token, such as a support ticket number or a URL to a news blog, etc.
+
+
+
+
+ A hard-coded string indicating an error occurred.
+
+ "unsupported-type"
+
+
+
+ Initializes a new instance of the class.
+
+ The OpenID version of the response message.
+ The originating request.
+
+
+
+ Gets or sets an association type supported by the OP from Section 8.3 (Association Types).
+
+
+
+
+ Gets or sets a valid association session type from Section 8.4 (Association Session Types) that the OP supports.
+
+
+
+
+ A message sent from a Provider to a Relying Party in response to an indirect message request that resulted in an error.
+
+
+ This class satisfies OpenID 2.0 section 5.2.3.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The request that resulted in this error on the Provider.
+
+
+
+ Initializes a new instance of the class.
+
+ The OpenID version this message should comply with.
+ The recipient of this message.
+
+
+
+ Gets or sets a human-readable message indicating why the request failed.
+
+
+
+
+ Gets or sets the contact address for the administrator of the server.
+
+ The contact address may take any form, as it is intended to be displayed to a person.
+
+
+
+ Gets or sets a reference token, such as a support ticket number or a URL to a news blog, etc.
+
+
+
+
+ A strongly-typed resource class, for looking up localized strings, etc.
+
+
+
+
+ Returns the cached ResourceManager instance used by this class.
+
+
+
+
+ Overrides the current thread's CurrentUICulture property for all
+ resource lookups using this strongly typed resource class.
+
+
+
+
+ Looks up a localized string similar to An absolute URI is required for this value..
+
+
+
+
+ Looks up a localized string similar to This is already a PPID Identifier..
+
+
+
+
+ Looks up a localized string similar to The requested association type '{0}' with session type '{1}' is unrecognized or not supported by this Provider due to security requirements..
+
+
+
+
+ Looks up a localized string similar to The length of the shared secret ({0}) does not match the length required by the association type ('{1}')..
+
+
+
+
+ Looks up a localized string similar to The length of the encrypted shared secret ({0}) does not match the length of the hashing algorithm ({1})..
+
+
+
+
+ Looks up a localized string similar to No association store has been given but is required for the current configuration..
+
+
+
+
+ Looks up a localized string similar to If an association store is given, a nonce store must also be provided..
+
+
+
+
+ Looks up a localized string similar to An attribute with type URI '{0}' has already been added..
+
+
+
+
+ Looks up a localized string similar to Only {0} values for attribute '{1}' were requested, but {2} were supplied..
+
+
+
+
+ Looks up a localized string similar to The private data supplied does not meet the requirements of any known Association type. Its length may be too short, or it may have been corrupted..
+
+
+
+
+ Looks up a localized string similar to The {0} extension failed to deserialize and will be skipped. {1}.
+
+
+
+
+ Looks up a localized string similar to Callback arguments are only supported when a {0} is provided to the {1}..
+
+
+
+
+ Looks up a localized string similar to A Simple Registration request can only generate a response on the receiving end..
+
+
+
+
+ Looks up a localized string similar to The openid.claimed_id and openid.identity parameters must both be present or both be absent..
+
+
+
+
+ Looks up a localized string similar to The ClaimedIdentifier property cannot be set when IsDelegatedIdentifier is true to avoid breaking OpenID URL delegation..
+
+
+
+
+ Looks up a localized string similar to This OpenID exploits features that this relying party cannot reliably verify. Please try logging in with a human-readable OpenID or from a different OpenID Provider..
+
+
+
+
+ Looks up a localized string similar to The ClaimedIdentifier property must be set first..
+
+
+
+
+ Looks up a localized string similar to An extension with this property name ('{0}') has already been registered..
+
+
+
+
+ Looks up a localized string similar to The extension '{0}' has already been registered..
+
+
+
+
+ Looks up a localized string similar to An authentication request has already been created using CreateRequest()..
+
+
+
+
+ Looks up a localized string similar to Only OpenIDs issued directly by their OpenID Provider are allowed here..
+
+
+
+
+ Looks up a localized string similar to The associate request instance must be a Diffie-Hellman instance..
+
+
+
+
+ Looks up a localized string similar to The following properties must be set before the Diffie-Hellman algorithm can generate a public key: {0}.
+
+
+
+
+ Looks up a localized string similar to URI is not SSL yet requireSslDiscovery is set to true..
+
+
+
+
+ Looks up a localized string similar to An extension sharing namespace '{0}' has already been added. Only one extension per namespace is allowed in a given request..
+
+
+
+
+ Looks up a localized string similar to Cannot lookup extension support on a rehydrated ServiceEndpoint..
+
+
+
+
+ Looks up a localized string similar to Fragment segments do not apply to XRI identifiers..
+
+
+
+
+ Looks up a localized string similar to The HTML head tag must include runat="server"..
+
+
+
+
+ Looks up a localized string similar to ClaimedIdentifier and LocalIdentifier must be the same when IsIdentifierSelect is true..
+
+
+
+
+ Looks up a localized string similar to The openid.identity and openid.claimed_id parameters must either be both present or both absent from the message..
+
+
+
+
+ Looks up a localized string similar to The Provider requested association type '{0}' and session type '{1}', which are not compatible with each other..
+
+
+
+
+ Looks up a localized string similar to {0} (Contact: {1}, Reference: {2}).
+
+
+
+
+ Looks up a localized string similar to Cannot encode '{0}' because it contains an illegal character for Key-Value Form encoding. (line {1}: '{2}').
+
+
+
+
+ Looks up a localized string similar to Invalid XmlDSig signature on XRDS document..
+
+
+
+
+ Looks up a localized string similar to Cannot decode Key-Value Form because a line was found without a '{0}' character. (line {1}: '{2}').
+
+
+
+
+ Looks up a localized string similar to The scheme must be http or https but was '{0}'..
+
+
+
+
+ Looks up a localized string similar to The value '{0}' is not a valid URI..
+
+
+
+
+ Looks up a localized string similar to Not a recognized XRI format..
+
+
+
+
+ Looks up a localized string similar to The OpenID Provider issued an assertion for an Identifier whose discovery information did not match.
+ Assertion endpoint info:
+ {0}
+ Discovered endpoint info:
+ {1}.
+
+
+
+
+ Looks up a localized string similar to The list of keys do not match the provided dictionary..
+
+
+
+
+ Looks up a localized string similar to The '{0}' and '{1}' parameters must both be or not be '{2}'..
+
+
+
+
+ Looks up a localized string similar to The maximum time allowed to complete authentication has been exceeded. Please try again..
+
+
+
+
+ Looks up a localized string similar to X.509 signing certificate issued to {0}, but a certificate for {1} was expected..
+
+
+
+
+ Looks up a localized string similar to Missing {0} element..
+
+
+
+
+ Looks up a localized string similar to No recognized association type matches the requested length of {0}..
+
+
+
+
+ Looks up a localized string similar to No recognized association type matches the requested name of '{0}'..
+
+
+
+
+ Looks up a localized string similar to Unless using transport layer encryption, "no-encryption" MUST NOT be used..
+
+
+
+
+ Looks up a localized string similar to No identifier has been set..
+
+
+
+
+ Looks up a localized string similar to No XRDS document containing OpenID relying party endpoint information could be found at {0}..
+
+
+
+
+ Looks up a localized string similar to Diffie-Hellman session type '{0}' not found for OpenID {1}..
+
+
+
+
+ Looks up a localized string similar to This operation is not supported by serialized authentication responses. Try this operation from the LoggedIn event handler..
+
+
+
+
+ Looks up a localized string similar to No OpenID endpoint found..
+
+
+
+
+ Looks up a localized string similar to No OpenID url is provided..
+
+
+
+
+ Looks up a localized string similar to This operation is only allowed when IAuthenticationResponse.State == AuthenticationStatus.SetupRequired..
+
+
+
+
+ Looks up a localized string similar to OpenID popup window or iframe did not recognize an OpenID response in the request..
+
+
+
+
+ Looks up a localized string similar to An positive OpenID assertion was received from OP endpoint {0} and was rejected based on this site's security settings..
+
+
+
+
+ Looks up a localized string similar to Unable to find the signing secret by the handle '{0}'..
+
+
+
+
+ Looks up a localized string similar to The {0} property must be set first..
+
+
+
+
+ Looks up a localized string similar to This property value is not supported by this control..
+
+
+
+
+ Looks up a localized string similar to Unable to determine the version of the OpenID protocol implemented by the Provider at endpoint '{0}'..
+
+
+
+
+ Looks up a localized string similar to An HTTP request to the realm URL ({0}) resulted in a redirect, which is not allowed during relying party discovery..
+
+
+
+
+ Looks up a localized string similar to Sorry. This site only accepts OpenIDs that are HTTPS-secured, but {0} is not a secure Identifier..
+
+
+
+
+ Looks up a localized string similar to The response is not ready. Use IsResponseReady to check whether a response is ready first..
+
+
+
+
+ Looks up a localized string similar to return_to '{0}' not under realm '{1}'..
+
+
+
+
+ Looks up a localized string similar to The {0} parameter ({1}) does not match the actual URL ({2}) the request was made with..
+
+
+
+
+ Looks up a localized string similar to The ReturnTo property must not be null to support this operation..
+
+
+
+
+ Looks up a localized string similar to The openid.return_to parameter is required in the request message in order to construct a response, but that parameter was missing..
+
+
+
+
+ Looks up a localized string similar to The following parameter(s) are not included in the signature but must be: {0}.
+
+
+
+
+ Looks up a localized string similar to Invalid birthdate value. Must be in the form yyyy-MM-dd..
+
+
+
+
+ Looks up a localized string similar to The type must implement {0}..
+
+
+
+
+ Looks up a localized string similar to The property {0} had unexpected value {1}..
+
+
+
+
+ Looks up a localized string similar to Unexpected HTTP status code {0} {1} received in direct response..
+
+
+
+
+ Looks up a localized string similar to An unsolicited assertion cannot be sent for the claimed identifier {0} because this is not an authorized Provider for that identifier..
+
+
+
+
+ Looks up a localized string similar to Rejecting unsolicited assertions requires a nonce store and an association store..
+
+
+
+
+ Looks up a localized string similar to Unsolicited assertions are not allowed at this relying party..
+
+
+
+
+ Looks up a localized string similar to Unsolicited assertions are not allowed from 1.0 OpenID Providers..
+
+
+
+
+ Looks up a localized string similar to Providing a DateTime whose Kind is Unspecified is not allowed..
+
+
+
+
+ Looks up a localized string similar to Unrecognized or missing canonicalization method..
+
+
+
+
+ Looks up a localized string similar to This feature is unavailable due to an unrecognized channel configuration..
+
+
+
+
+ Looks up a localized string similar to Unrecognized or missing signature method..
+
+
+
+
+ Looks up a localized string similar to The openid.user_setup_url parameter is required when sending negative assertion messages in response to immediate mode requests..
+
+
+
+
+ Looks up a localized string similar to The X.509 certificate used to sign this document is not trusted..
+
+
+
+
+ Looks up a localized string similar to XRI support has been disabled at this site..
+
+
+
+
+ Looks up a localized string similar to XRI resolution failed..
+
+
+
+
+ An enumeration of the OpenID protocol versions supported by this library.
+
+
+
+
+ OpenID Authentication 1.0
+
+
+
+
+ OpenID Authentication 1.1
+
+
+
+
+ OpenID Authentication 2.0
+
+
+
+
+ Tracks the several versions of OpenID this library supports and the unique
+ constants to each version used in the protocol.
+
+
+
+
+ The value of the openid.ns parameter in the OpenID 2.0 specification.
+
+
+
+
+ The parameter of the callback parameter we tack onto the return_to URL
+ to store the replay-detection nonce.
+
+
+
+
+ Scans a list for matches with some element of the OpenID protocol,
+ searching from newest to oldest protocol for the first and best match.
+
+ The type of element retrieved from the instance.
+ Takes a instance and returns an element of it.
+ The list to scan for matches.
+ The protocol with the element that matches some item in the list.
+
+
+
+ A list of all supported OpenID versions, in order starting from newest version.
+
+
+
+
+ A list of all supported OpenID versions, in order starting from newest version.
+ V1.1 and V1.0 are considered the same and only V1.1 is in the list.
+
+
+
+
+ The default (or most recent) supported version of the OpenID protocol.
+
+
+
+
+ Attempts to detect the right OpenID protocol version based on the contents
+ of an incoming OpenID indirect message or direct request.
+
+
+
+
+ Attempts to detect the right OpenID protocol version based on the contents
+ of an incoming OpenID direct response message.
+
+
+
+
+ Attemps to detect the highest OpenID protocol version supported given a set
+ of XRDS Service Type URIs included for some service.
+
+
+
+
+ The OpenID version that this instance describes.
+
+
+
+
+ The namespace of OpenId 1.x elements in XRDS documents.
+
+
+
+
+ The value of the openid.ns parameter that appears on the query string
+ whenever data is passed between relying party and provider for OpenID 2.0
+ and later.
+
+
+
+
+ The XRD/Service/Type value discovered in an XRDS document when
+ "discovering" on a Claimed Identifier (http://andrewarnott.yahoo.com)
+
+
+
+
+ The XRD/Service/Type value discovered in an XRDS document when
+ "discovering" on an OP Identifier rather than a Claimed Identifier.
+ (http://yahoo.com)
+
+
+
+
+ The XRD/Service/Type value discovered in an XRDS document when
+ "discovering" on a Realm URL and looking for the endpoint URL
+ that can receive authentication assertions.
+
+
+
+
+ Used as the Claimed Identifier and the OP Local Identifier when
+ the User Supplied Identifier is an OP Identifier.
+
+
+
+
+ The value of the 'rel' attribute in an HTML document's LINK tag
+ when the same LINK tag's HREF attribute value contains the URL to an
+ OP Endpoint URL.
+
+
+
+
+ The value of the 'rel' attribute in an HTML document's LINK tag
+ when the same LINK tag's HREF attribute value contains the URL to use
+ as the OP Local Identifier.
+
+
+
+
+ Parts of the protocol that define parameter names that appear in the
+ query string. Each parameter name is prefixed with 'openid.'.
+
+
+
+
+ Parts of the protocol that define parameter names that appear in the
+ query string. Each parameter name is NOT prefixed with 'openid.'.
+
+
+
+
+ The various 'constants' that appear as parameter arguments (values).
+
+
+
+
+ The maximum time a user can be allowed to take to complete authentication.
+
+
+ This is used to calculate the length of time that nonces are stored.
+ This is internal until we can decide whether to leave this static, or make
+ it an instance member, or put it inside the IConsumerApplicationStore interface.
+
+
+
+
+ The maximum permissible difference in clocks between relying party and
+ provider web servers, discounting time zone differences.
+
+
+ This is used when storing/validating nonces from the provider.
+ If it is conceivable that a server's clock could be up to five minutes
+ off from true UTC time, then the maximum time skew should be set to
+ ten minutes to allow one server to be five minutes ahead and the remote
+ server to be five minutes behind and still be able to communicate.
+
+
+
+
+ Checks whether a given Protocol version practically equals this one
+ for purposes of verifying a match for assertion verification.
+
+ The other version to check against this one.
+ true if this and the given Protocol versions are essentially the same.
+
+ OpenID v1.0 never had a spec, and 1.0 and 1.1 are indistinguishable because of that.
+ Therefore for assertion verification, 1.0 and 1.1 are considered equivalent.
+
+
+
+
+ Returns the enum value for the instance.
+
+
+
+
+ The value "openid."
+
+
+
+
+ A preference order list of all supported session types.
+
+
+
+
+ A preference order list of signature algorithms we support.
+
+
+
+
+ A hybrid of the store interfaces that an OpenID Provider must implement, and
+ an OpenID Relying Party may implement to operate in stateful (smart) mode.
+
+
+
+
+ Security settings that are applicable to relying parties.
+
+
+
+
+ The default value for the property.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Filters out any disallowed endpoints.
+
+ The endpoints discovered on an Identifier.
+ A sequence of endpoints that satisfy all security requirements.
+
+
+
+ Gets or sets a value indicating whether the entire pipeline from Identifier discovery to
+ Provider redirect is guaranteed to be encrypted using HTTPS for authentication to succeed.
+
+
+ Setting this property to true is appropriate for RPs with highly sensitive
+ personal information behind the authentication (money management, health records, etc.)
+ When set to true, some behavioral changes and additional restrictions are placed:
+
+ User-supplied identifiers lacking a scheme are prepended with
+ HTTPS:// rather than the standard HTTP:// automatically.
+ User-supplied identifiers are not allowed to use HTTP for the scheme.
+ All redirects during discovery on the user-supplied identifier must be HTTPS.
+ Any XRDS file found by discovery on the User-supplied identifier must be protected using HTTPS.
+ Only Provider endpoints found at HTTPS URLs will be considered.
+ If the discovered identifier is an OP Identifier (directed identity), the
+ Claimed Identifier eventually asserted by the Provider must be an HTTPS identifier.
+ In the case of an unsolicited assertion, the asserted Identifier, discovery on it and
+ the asserting provider endpoint must all be secured by HTTPS.
+
+ Although the first redirect from this relying party to the Provider is required
+ to use HTTPS, any additional redirects within the Provider cannot be protected and MAY
+ revert the user's connection to HTTP, based on individual Provider implementation.
+ There is nothing that the RP can do to detect or prevent this.
+
+ A is thrown during discovery or authentication when a secure pipeline cannot be established.
+
+
+
+
+
+ Gets or sets a value indicating whether only OP Identifiers will be discoverable
+ when creating authentication requests.
+
+
+
+
+ Gets or sets the oldest version of OpenID the remote party is allowed to implement.
+
+ Defaults to
+
+
+
+ Gets or sets the maximum allowable age of the secret a Relying Party
+ uses to its return_to URLs and nonces with 1.0 Providers.
+
+ The default value is 7 days.
+
+
+
+ Gets or sets a value indicating whether all unsolicited assertions should be ignored.
+
+ The default value is false.
+
+
+
+ Gets or sets a value indicating whether delegating identifiers are refused for authentication.
+
+ The default value is false.
+
+ When set to true, login attempts that start at the RP or arrive via unsolicited
+ assertions will be rejected if discovery on the identifier shows that OpenID delegation
+ is used for the identifier. This is useful for an RP that should only accept identifiers
+ directly issued by the Provider that is sending the assertion.
+
+
+
+
+ Gets or sets a value indicating whether unsigned extensions in authentication responses should be ignored.
+
+ The default value is false.
+
+ When set to true, the methods
+ will not return any extension that was not signed by the Provider.
+
+
+
+
+ Gets or sets a value indicating whether authentication requests will only be
+ sent to Providers with whom we can create a shared association.
+
+
+ true to immediately fail authentication if an association with the Provider cannot be established; otherwise, false.
+ The default value is false.
+
+
+
+
+ Gets or sets a value indicating whether certain Claimed Identifiers that exploit
+ features that .NET does not have the ability to send exact HTTP requests for will
+ still be allowed by using an approximate HTTP request.
+
+
+ The default value is true.
+
+
+
+
+ Gets the set of trusted OpenID Provider Endpoint URIs.
+
+
+
+
+ Gets or sets a value indicating whether any login attempt coming from an OpenID Provider Endpoint that is not on this
+ whitelist of trusted OP Endpoints will be rejected. If the trusted providers list is empty and this value
+ is true, all assertions are rejected.
+
+ Default is false.
+
+
+
+ Gets or sets a value indicating whether special measures are taken to
+ protect users from replay attacks when those users' identities are hosted
+ by OpenID 1.x Providers.
+
+ The default value is true.
+
+ Nonces for protection against replay attacks were not mandated
+ by OpenID 1.x, which leaves users open to replay attacks.
+ This feature works by adding a signed nonce to the authentication request.
+ This might increase the request size beyond what some OpenID 1.1 Providers
+ (such as Blogger) are capable of handling.
+
+
+
+
+ The discovery service for URI identifiers.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Performs discovery on the specified identifier.
+
+ The identifier to perform discovery on.
+ The means to place outgoing HTTP requests.
+ if set to true, no further discovery services will be called for this identifier.
+
+ A sequence of service endpoints yielded by discovery. Must not be null, but may be empty.
+
+
+
+
+ Searches HTML for the HEAD META tags that describe OpenID provider services.
+
+ The final URL that provided this HTML document.
+ This may not be the same as (this) userSuppliedIdentifier if the
+ userSuppliedIdentifier pointed to a 301 Redirect.
+ The user supplied identifier.
+ The HTML that was downloaded and should be searched.
+
+ A sequence of any discovered ServiceEndpoints.
+
+
+
+
+ The discovery service for XRI identifiers that uses an XRI proxy resolver for discovery.
+
+
+
+
+ The magic URL that will provide us an XRDS document for a given XRI identifier.
+
+
+ We use application/xrd+xml instead of application/xrds+xml because it gets
+ xri.net to automatically give us exactly the right XRD element for community i-names
+ automatically, saving us having to choose which one to use out of the result.
+ The ssl=true parameter tells the proxy resolver to accept only SSL connections
+ when resolving community i-names.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Performs discovery on the specified identifier.
+
+ The identifier to perform discovery on.
+ The means to place outgoing HTTP requests.
+ if set to true, no further discovery services will be called for this identifier.
+
+ A sequence of service endpoints yielded by discovery. Must not be null, but may be empty.
+
+
+
+
+ Downloads the XRDS document for this XRI.
+
+ The identifier.
+ The request handler.
+ The XRDS document.
+
+
+
+ Gets the URL from which this XRI's XRDS document may be downloaded.
+
+ The identifier.
+ The URI to HTTP GET from to get the services.
+
+
+
+ A URI style of OpenID Identifier.
+
+
+
+
+ The allowed protocol schemes in a URI Identifier.
+
+
+
+
+ The special scheme to use for HTTP URLs that should not have their paths compressed.
+
+
+
+
+ The special scheme to use for HTTPS URLs that should not have their paths compressed.
+
+
+
+
+ The special scheme to use for HTTP URLs that should not have their paths compressed.
+
+
+
+
+ The special scheme to use for HTTPS URLs that should not have their paths compressed.
+
+
+
+
+ A value indicating whether scheme substitution is being used to workaround
+ .NET path compression that invalidates some OpenIDs that have trailing periods
+ in one of their path segments.
+
+
+
+
+ Initializes static members of the class.
+
+
+ This method attempts to workaround the .NET Uri class parsing bug described here:
+ https://connect.microsoft.com/VisualStudio/feedback/details/386695/system-uri-incorrectly-strips-trailing-dots?wa=wsignin1.0#tabs
+ since some identifiers (like some of the pseudonymous identifiers from Yahoo) include path segments
+ that end with periods, which the Uri class will typically trim off.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The value this identifier will represent.
+
+
+
+ Initializes a new instance of the class.
+
+ The value this identifier will represent.
+ if set to true [require SSL discovery].
+
+
+
+ Initializes a new instance of the class.
+
+ The value this identifier will represent.
+
+
+
+ Initializes a new instance of the class.
+
+ The value this identifier will represent.
+ if set to true [require SSL discovery].
+
+
+
+ Converts a instance to a instance.
+
+ The identifier to convert to an ordinary instance.
+ The result of the conversion.
+
+
+
+ Converts a instance to a instance.
+
+ The instance to turn into a .
+ The result of the conversion.
+
+
+
+ Tests equality between this URI and another URI.
+
+ The to compare with the current .
+
+ true if the specified is equal to the current ; otherwise, false.
+
+
+ The parameter is null.
+
+
+
+
+ Returns the hash code of this XRI.
+
+
+ A hash code for the current .
+
+
+
+
+ Returns the string form of the URI.
+
+
+ A that represents the current .
+
+
+
+
+ Determines whether a URI is a valid OpenID Identifier (of any kind).
+
+ The URI to test for OpenID validity.
+
+ true if the identifier is valid; otherwise, false.
+
+
+ A valid URI is absolute (not relative) and uses an http(s) scheme.
+
+
+
+
+ Determines whether a URI is a valid OpenID Identifier (of any kind).
+
+ The URI to test for OpenID validity.
+
+ true if the identifier is valid; otherwise, false.
+
+
+ A valid URI is absolute (not relative) and uses an http(s) scheme.
+
+
+
+
+ Returns an that has no URI fragment.
+ Quietly returns the original if it is not
+ a or no fragment exists.
+
+
+ A new instance if there was a
+ fragment to remove, otherwise this same instance..
+
+
+
+
+ Converts a given identifier to its secure equivalent.
+ UriIdentifiers originally created with an implied HTTP scheme change to HTTPS.
+ Discovery is made to require SSL for the entire resolution process.
+
+ The newly created secure identifier.
+ If the conversion fails, retains
+ this identifiers identity, but will never discover any endpoints.
+
+ True if the secure conversion was successful.
+ False if the Identifier was originally created with an explicit HTTP scheme.
+
+
+
+
+ Determines whether the given URI is using a scheme in the list of allowed schemes.
+
+ The URI whose scheme is to be checked.
+
+ true if the scheme is allowed; otherwise, false.
+ false is also returned if is null.
+
+
+
+
+ Determines whether the given URI is using a scheme in the list of allowed schemes.
+
+ The URI whose scheme is to be checked.
+
+ true if the scheme is allowed; otherwise, false.
+ false is also returned if is null.
+
+
+
+
+ Tries to canonicalize a user-supplied identifier.
+ This does NOT convert a user-supplied identifier to a Claimed Identifier!
+
+ The user-supplied identifier.
+ The resulting canonical URI.
+ If set to true and the user-supplied identifier lacks a scheme, the "https://" scheme will be prepended instead of the standard "http://" one.
+ if set to true [scheme prepended].
+
+ true if the identifier was valid and could be canonicalized.
+ false if the identifier is outside the scope of allowed inputs and should be rejected.
+
+
+ Canonicalization is done by adding a scheme in front of an
+ identifier if it isn't already present. Other trivial changes that do not
+ require network access are also done, such as lower-casing the hostname in the URI.
+
+
+
+
+ Fixes up the scheme if appropriate.
+
+ The URI, already in legal form (with http(s):// prepended if necessary).
+ The resulting canonical URI.
+ true if the canonicalization was successful; false otherwise.
+
+ This does NOT standardize an OpenID URL for storage in a database, as
+ it does nothing to convert the URL to a Claimed Identifier, besides the fact
+ that it only deals with URLs whereas OpenID 2.0 supports XRIs.
+ For this, you should lookup the value stored in IAuthenticationResponse.ClaimedIdentifier.
+
+
+
+
+ Gets the special non-compressing scheme or URL for a standard scheme or URL.
+
+ The ordinary URL or scheme name.
+ The non-compressing equivalent scheme or URL for the given value.
+
+
+
+ Performs the minimal URL normalization to allow a string to be passed to the constructor.
+
+ The user-supplied identifier URI to normalize.
+ if set to true, a missing scheme should result in HTTPS being prepended instead of HTTP.
+ if set to true, the scheme was prepended during normalization.
+ The somewhat normalized URL.
+
+
+
+ Gets or sets a value indicating whether scheme substitution is being used to workaround
+ .NET path compression that invalidates some OpenIDs that have trailing periods
+ in one of their path segments.
+
+
+
+
+ Gets the URI this instance represents.
+
+
+
+
+ Gets a value indicating whether the scheme was missing when this
+ Identifier was created and added automatically as part of the
+ normalization process.
+
+
+
+
+ Gets a value indicating whether this Identifier has characters or patterns that
+ the class normalizes away and invalidating the Identifier.
+
+
+
+
+ A simple URI class that doesn't suffer from the parsing problems of the class.
+
+
+
+
+ URI characters that separate the URI Path from subsequent elements.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The value.
+
+
+
+ Returns a that represents this instance.
+
+
+ A that represents this instance.
+
+
+
+
+ Determines whether the specified is equal to this instance.
+
+ The to compare with this instance.
+
+ true if the specified is equal to this instance; otherwise, false.
+
+
+ The parameter is null.
+
+
+
+
+ Returns a hash code for this instance.
+
+
+ A hash code for this instance, suitable for use in hashing algorithms and data structures like a hash table.
+
+
+
+
+ Normalizes the characters that are escaped in the given URI path.
+
+ The path to normalize.
+ The given path, with exactly those characters escaped which should be.
+
+
+
+ Gets the scheme.
+
+ The scheme.
+
+
+
+ Gets the authority.
+
+ The authority.
+
+
+
+ Gets the path of the URI.
+
+ The path from the URI.
+
+
+
+ Gets the query.
+
+ The query.
+
+
+
+ Gets the fragment.
+
+ The fragment.
+
+
+
+ A URI parser that does not compress paths, such as trimming trailing periods from path segments.
+
+
+
+
+ The field that stores the scheme that this parser is registered under.
+
+
+
+
+ The standard "http" or "https" scheme that this parser is subverting.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The standard scheme that this parser will be subverting.
+
+
+
+ Initializes this parser with the actual scheme it should appear to be.
+
+ if set to true Uris using this scheme will look like they're using the original standard scheme.
+
+
+
+ Gets the scheme this parser is registered under.
+
+ The registered scheme.
+
+
+
+ An XRI style of OpenID Identifier.
+
+
+
+
+ The scheme and separator "xri://"
+
+
+
+
+ An XRI always starts with one of these symbols.
+
+
+
+
+ Backing store for the property.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The string value of the XRI.
+
+
+
+ Initializes a new instance of the class.
+
+ The XRI that this Identifier will represent.
+
+ If set to true, discovery and the initial authentication redirect will
+ only succeed if it can be done entirely using SSL.
+
+
+
+
+ Tests equality between this XRI and another XRI.
+
+ The to compare with the current .
+
+ true if the specified is equal to the current ; otherwise, false.
+
+
+ The parameter is null.
+
+
+
+
+ Returns the hash code of this XRI.
+
+
+ A hash code for the current .
+
+
+
+
+ Returns the canonical string form of the XRI.
+
+
+ A that represents the current .
+
+
+
+
+ Tests whether a given string represents a valid XRI format.
+
+ The value to test for XRI validity.
+
+ true if the given string constitutes a valid XRI; otherwise, false.
+
+
+
+
+ Returns an that has no URI fragment.
+ Quietly returns the original if it is not
+ a or no fragment exists.
+
+
+ A new instance if there was a
+ fragment to remove, otherwise this same instance..
+
+
+ XRI Identifiers never have a fragment part, and thus this method
+ always returns this same instance.
+
+
+
+
+ Converts a given identifier to its secure equivalent.
+ UriIdentifiers originally created with an implied HTTP scheme change to HTTPS.
+ Discovery is made to require SSL for the entire resolution process.
+
+ The newly created secure identifier.
+ If the conversion fails, retains
+ this identifiers identity, but will never discover any endpoints.
+
+ True if the secure conversion was successful.
+ False if the Identifier was originally created with an explicit HTTP scheme.
+
+
+
+
+ Takes any valid form of XRI string and returns the canonical form of the same XRI.
+
+ The xri to canonicalize.
+ The canonicalized form of the XRI.
+ The canonical form, per the OpenID spec, is no scheme and no whitespace on either end.
+
+
+
+ Gets the original XRI supplied to the constructor.
+
+
+
+
+ Gets the canonical form of the XRI string.
+
+
+
+
+ A strongly-typed resource class, for looking up localized strings, etc.
+
+
+
+
+ Returns the cached ResourceManager instance used by this class.
+
+
+
+
+ Overrides the current thread's CurrentUICulture property for all
+ resource lookups using this strongly typed resource class.
+
+
+
+
+ Looks up a localized string similar to XRI CanonicalID verification failed..
+
+
+
+
+ Looks up a localized string similar to Failure parsing XRDS document..
+
+
+
+
+ Looks up a localized string similar to The XRDS document for XRI {0} is missing the required CanonicalID element..
+
+
+
+
+ Looks up a localized string similar to Could not find XRI resolution Status tag or code attribute was invalid..
+
+
+
+
+ String constants for various content-type header values used in YADIS discovery.
+
+
+
+
+ The text/html content-type
+
+
+
+
+ The application/xhtml+xml content-type
+
+
+
+
+ The application/xrds+xml content-type
+
+
+
+
+ The text/xml content type
+
+
+
+
+ Contains the result of YADIS discovery.
+
+
+
+
+ The original web response, backed up here if the final web response is the preferred response to use
+ in case it turns out to not work out.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The user-supplied identifier.
+ The initial response.
+ The final response.
+
+
+
+ Reverts to the HTML response after the XRDS response didn't work out.
+
+
+
+
+ Applies the HTML response to the object.
+
+ The initial response.
+
+
+
+ Gets the URI of the original YADIS discovery request.
+ This is the user supplied Identifier as given in the original
+ YADIS discovery request.
+
+
+
+
+ Gets the fully resolved (after redirects) URL of the user supplied Identifier.
+ This becomes the ClaimedIdentifier.
+
+
+
+
+ Gets the location the XRDS document was downloaded from, if different
+ from the user supplied Identifier.
+
+
+
+
+ Gets the Content-Type associated with the .
+
+
+
+
+ Gets the text in the final response.
+ This may be an XRDS document or it may be an HTML document,
+ as determined by the property.
+
+
+
+
+ Gets a value indicating whether the
+ represents an XRDS document. False if the response is an HTML document.
+
+
+
+
+ An HTML HEAD tag parser.
+
+
+
+
+ Common flags to use on regex tests.
+
+
+
+
+ A regular expression designed to select tags (?)
+
+
+
+
+ A regular expression designed to select start tags (?)
+
+
+
+
+ A regular expression designed to select attributes within a tag.
+
+
+
+
+ A regular expression designed to select the HEAD tag.
+
+
+
+
+ A regular expression designed to select the HTML tag.
+
+
+
+
+ A regular expression designed to remove all comments and scripts from a string.
+
+
+
+
+ Finds all the HTML HEAD tag child elements that match the tag name of a given type.
+
+ The HTML tag of interest.
+ The HTML to scan.
+ A sequence of the matching elements.
+
+
+
+ Filters a list of controls based on presence of an attribute.
+
+ The type of HTML controls being filtered.
+ The sequence.
+ The attribute.
+ A filtered sequence of attributes.
+
+
+
+ Generates a regular expression that will find a given HTML tag.
+
+ Name of the tag.
+ The close tags (?).
+ The created regular expression.
+
+
+
+ Generates a regular expression designed to find a given tag.
+
+ The tag to find.
+ The created regular expression.
+
+
+
+ The Service element in an XRDS document.
+
+
+
+
+ A node in an XRDS document.
+
+
+
+
+ The XRD namespace xri://$xrd*($v*2.0)
+
+
+
+
+ The XRDS namespace xri://$xrds
+
+
+
+
+ Initializes a new instance of the class.
+
+ The node represented by this instance.
+ The parent node.
+
+
+
+ Initializes a new instance of the class.
+
+ The document's root node, which this instance represents.
+
+
+
+ Gets the node.
+
+
+
+
+ Gets the parent node, or null if this is the root node.
+
+
+
+
+ Gets the XML namespace resolver to use in XPath expressions.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The service element.
+ The parent.
+
+
+
+ Compares the current object with another object of the same type.
+
+ An object to compare with this object.
+
+ A 32-bit signed integer that indicates the relative order of the objects being compared. The return value has the following meanings:
+ Value
+ Meaning
+ Less than zero
+ This object is less than the parameter.
+ Zero
+ This object is equal to .
+ Greater than zero
+ This object is greater than .
+
+
+
+
+ Gets the XRD parent element.
+
+
+
+
+ Gets the priority.
+
+
+
+
+ Gets the URI child elements.
+
+
+
+
+ Gets the type child elements.
+
+ The type elements.
+
+
+
+ Gets the type child element's URIs.
+
+
+
+
+ Gets the OP Local Identifier.
+
+
+
+
+ The Type element in an XRDS document.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The type element.
+ The parent.
+
+
+
+ Gets the URI.
+
+
+
+
+ The Uri element in an XRDS document.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The URI element.
+ The service.
+
+
+
+ Compares the current object with another object of the same type.
+
+ An object to compare with this object.
+
+ A 32-bit signed integer that indicates the relative order of the objects being compared. The return value has the following meanings:
+ Value
+ Meaning
+ Less than zero
+ This object is less than the parameter.
+ Zero
+ This object is equal to .
+ Greater than zero
+ This object is greater than .
+
+
+
+
+ Gets the priority.
+
+
+
+
+ Gets the URI.
+
+
+
+
+ Gets the parent service.
+
+
+
+
+ The Xrd element in an XRDS document.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The XRD element.
+ The parent.
+
+
+
+ Searches for service sub-elements that have Type URI sub-elements that match
+ one that we have for a known OpenID protocol version.
+
+ A function that selects what element of the OpenID Protocol we're interested in finding.
+ A sequence of service elements that match the search criteria, sorted in XRDS @priority attribute order.
+
+
+
+ Gets the child service elements.
+
+ The services.
+
+
+
+ Gets a value indicating whether this XRD element's resolution at the XRI resolver was successful.
+
+
+ true if this XRD's resolution was successful; otherwise, false.
+
+
+
+
+ Gets the canonical ID (i-number) for this element.
+
+
+
+
+ Gets a value indicating whether the was verified.
+
+
+
+
+ Gets the services for OP Identifiers.
+
+
+
+
+ Gets the services for Claimed Identifiers.
+
+
+
+
+ Gets the services that would be discoverable at an RP for return_to verification.
+
+
+
+
+ Gets the services that would be discoverable at an RP for the UI extension icon.
+
+
+
+
+ Gets an enumeration of all Service/URI elements, sorted in priority order.
+
+
+
+
+ Gets the XRI resolution status code.
+
+
+
+
+ An XRDS document.
+
+
+
+
+ The namespace used by XML digital signatures.
+
+
+
+
+ The namespace used by Google Apps for Domains for OpenID URI templates.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The root node of the XRDS document.
+
+
+
+ Initializes a new instance of the class.
+
+ The Xml reader positioned at the root node of the XRDS document.
+
+
+
+ Initializes a new instance of the class.
+
+ The text that is the XRDS document.
+
+
+
+ Gets the XRD child elements of the document.
+
+
+
+
+ Gets a value indicating whether all child XRD elements were resolved successfully.
+
+
+
+
+ YADIS discovery manager.
+
+
+
+
+ The HTTP header to look for in responses to declare where the XRDS document should be found.
+
+
+
+
+ The maximum number of bytes to read from an HTTP response
+ in searching for a link to a YADIS document.
+
+
+
+
+ Gets or sets the cache that can be used for HTTP requests made during identifier discovery.
+
+
+
+
+ Performs YADIS discovery on some identifier.
+
+ The mechanism to use for sending HTTP requests.
+ The URI to perform discovery on.
+ Whether discovery should fail if any step of it is not encrypted.
+
+ The result of discovery on the given URL.
+ Null may be returned if an error occurs,
+ or if is true but part of discovery
+ is not protected by SSL.
+
+
+
+
+ Searches an HTML document for a
+ <meta http-equiv="X-XRDS-Location" content="{YadisURL}">
+ tag and returns the content of YadisURL.
+
+ The HTML to search.
+ The URI of the XRDS document if found; otherwise null.
+
+
+
+ Sends a YADIS HTTP request as part of identifier discovery.
+
+ The request handler to use to actually submit the request.
+ The URI to GET.
+ Whether only HTTPS URLs should ever be retrieved.
+ The value of the Accept HTTP header to include in the request.
+ The HTTP response retrieved from the request.
+
+
+
+ Determines whether a given HTTP response constitutes an XRDS document.
+
+ The response to test.
+
+ true if the response constains an XRDS document; otherwise, false.
+
+
+
+
diff --git a/PROJ-ETS/packages/DotNetOpenAuth.OpenId.Core.4.3.0.13117/lib/net45-full/Mono.Math.dll b/PROJ-ETS/packages/DotNetOpenAuth.OpenId.Core.4.3.0.13117/lib/net45-full/Mono.Math.dll
new file mode 100644
index 0000000..f8d1732
Binary files /dev/null and b/PROJ-ETS/packages/DotNetOpenAuth.OpenId.Core.4.3.0.13117/lib/net45-full/Mono.Math.dll differ
diff --git a/PROJ-ETS/packages/DotNetOpenAuth.OpenId.Core.4.3.0.13117/lib/net45-full/Mono.Math.xml b/PROJ-ETS/packages/DotNetOpenAuth.OpenId.Core.4.3.0.13117/lib/net45-full/Mono.Math.xml
new file mode 100644
index 0000000..f87c5c7
--- /dev/null
+++ b/PROJ-ETS/packages/DotNetOpenAuth.OpenId.Core.4.3.0.13117/lib/net45-full/Mono.Math.xml
@@ -0,0 +1,206 @@
+
+
+
+ Mono.Math
+
+
+
+
+ Default length of a BigInteger in bytes
+
+
+
+
+ The Length of this BigInteger
+
+
+
+
+ The data for this BigInteger
+
+
+
+
+ Table of primes below 2000.
+
+
+
+ This table was generated using Mathematica 4.1 using the following function:
+
+
+
+ PrimeTable [x_] := Prime [Range [1, PrimePi [x]]]
+ PrimeTable [6000]
+
+
+
+
+
+
+ Generates a new, random BigInteger of the specified length.
+
+ The number of bits for the new number.
+ A random number generator to use to obtain the bits.
+ A random number of the specified length.
+
+
+
+ Generates a new, random BigInteger of the specified length using the default RNG crypto service provider.
+
+ The number of bits for the new number.
+ A random number of the specified length.
+
+
+
+ Randomizes the bits in "this" from the specified RNG.
+
+ A RNG.
+
+
+
+ Randomizes the bits in "this" from the default RNG.
+
+
+
+
+ Tests if the specified bit is 1.
+
+ The bit to test. The least significant bit is 0.
+ True if bitNum is set to 1, else false.
+
+
+
+ Normalizes this by setting the length to the actual number of
+ uints used in data and by setting the sign to Sign.Zero if the
+ value of this is 0.
+
+
+
+
+ Generates the smallest prime >= bi
+
+ A BigInteger
+ The smallest prime >= bi. More mathematically, if bi is prime: bi, else Prime [PrimePi [bi] + 1].
+
+
+
+ Increments this by two
+
+
+
+
+ Low level functions for the BigInteger
+
+
+
+
+ Adds two numbers with the same sign.
+
+ A BigInteger
+ A BigInteger
+ bi1 + bi2
+
+
+
+ Compares two BigInteger
+
+ A BigInteger
+ A BigInteger
+ The sign of bi1 - bi2
+
+
+
+ Performs n / d and n % d in one operation.
+
+ A BigInteger, upon exit this will hold n / d
+ The divisor
+ n % d
+
+
+
+ Multiplies the data in x [xOffset:xOffset+xLen] by
+ y [yOffset:yOffset+yLen] and puts it into
+ d [dOffset:dOffset+xLen+yLen].
+
+
+
+
+ Multiplies the data in x [xOffset:xOffset+xLen] by
+ y [yOffset:yOffset+yLen] and puts the low mod words into
+ d [dOffset:dOffset+mod].
+
+
+
+
+ A factor of confidence.
+
+
+
+
+ Only suitable for development use, probability of failure may be greater than 1/2^20.
+
+
+
+
+ Suitable only for transactions which do not require forward secrecy. Probability of failure about 1/2^40
+
+
+
+
+ Designed for production use. Probability of failure about 1/2^80.
+
+
+
+
+ Suitable for sensitive data. Probability of failure about 1/2^160.
+
+
+
+
+ Use only if you have lots of time! Probability of failure about 1/2^320.
+
+
+
+
+ Only use methods which generate provable primes. Not yet implemented.
+
+
+
+
+ Finds the next prime after a given number.
+
+
+
+
+ Performs primality tests on bi, assumes trial division has been done.
+
+ A BigInteger that has been subjected to and passed trial division
+ False if bi is composite, true if it may be prime.
+ The speed of this method is dependent on Confidence
+
+
+
+ Probabilistic prime test based on Rabin-Miller's test
+
+
+
+ The number to test.
+
+
+
+
+ The number of chosen bases. The test has at least a
+ 1/4^confidence chance of falsely returning True.
+
+
+
+
+ True if "this" is a strong pseudoprime to randomly chosen bases.
+
+
+ False if "this" is definitely NOT prime.
+
+
+
+
+
diff --git a/PROJ-ETS/packages/DotNetOpenAuth.OpenId.Core.4.3.0.13117/lib/net45-full/Org.Mentalis.Security.Cryptography.dll b/PROJ-ETS/packages/DotNetOpenAuth.OpenId.Core.4.3.0.13117/lib/net45-full/Org.Mentalis.Security.Cryptography.dll
new file mode 100644
index 0000000..dd326e4
Binary files /dev/null and b/PROJ-ETS/packages/DotNetOpenAuth.OpenId.Core.4.3.0.13117/lib/net45-full/Org.Mentalis.Security.Cryptography.dll differ
diff --git a/PROJ-ETS/packages/DotNetOpenAuth.OpenId.Core.4.3.0.13117/lib/net45-full/Org.Mentalis.Security.Cryptography.xml b/PROJ-ETS/packages/DotNetOpenAuth.OpenId.Core.4.3.0.13117/lib/net45-full/Org.Mentalis.Security.Cryptography.xml
new file mode 100644
index 0000000..305e65d
--- /dev/null
+++ b/PROJ-ETS/packages/DotNetOpenAuth.OpenId.Core.4.3.0.13117/lib/net45-full/Org.Mentalis.Security.Cryptography.xml
@@ -0,0 +1,204 @@
+
+
+
+ Org.Mentalis.Security.Cryptography
+
+
+
+
+ Defines the different Diffie-Hellman key generation methods.
+
+
+
+
+ Returns dynamically generated values for P and G. Unlike the Sophie Germain or DSA key generation methods,
+ this method does not ensure that the selected prime offers an adequate security level.
+
+
+
+
+ Returns values for P and G that are hard coded in this library. Contrary to what your intuition may tell you,
+ using these hard coded values is perfectly safe.
+ The values of the P and G parameters are taken from 'The OAKLEY Key Determination Protocol' [RFC2412].
+ This is the prefered key generation method, because it is very fast and very safe.
+ Because this method uses fixed values for the P and G parameters, not all bit sizes are supported.
+ The current implementation supports bit sizes of 768, 1024 and 1536.
+
+
+
+
+ Represents the parameters of the Diffie-Hellman algorithm.
+
+
+
+
+ Represents the public P parameter of the Diffie-Hellman algorithm.
+
+
+
+
+ Represents the public G parameter of the Diffie-Hellman algorithm.
+
+
+
+
+ Represents the private X parameter of the Diffie-Hellman algorithm.
+
+
+
+
+ Defines a base class from which all Diffie-Hellman implementations inherit.
+
+
+
+
+ Creates an instance of the default implementation of the algorithm.
+
+ A new instance of the default implementation of DiffieHellman.
+
+
+
+ Creates an instance of the specified implementation of .
+
+ The name of the implementation of DiffieHellman to use.
+ A new instance of the specified implementation of DiffieHellman.
+
+
+
+ Initializes a new instance.
+
+
+
+
+ When overridden in a derived class, creates the key exchange data.
+
+ The key exchange data to be sent to the intended recipient.
+
+
+
+ When overridden in a derived class, extracts secret information from the key exchange data.
+
+ The key exchange data within which the secret information is hidden.
+ The secret information derived from the key exchange data.
+
+
+
+ When overridden in a derived class, exports the .
+
+ true to include private parameters; otherwise, false.
+ The parameters for Diffie-Hellman.
+
+
+
+ When overridden in a derived class, imports the specified .
+
+ The parameters for Diffie-Hellman.
+
+
+
+ Reconstructs a object from an XML string.
+
+ The XML string to use to reconstruct the DiffieHellman object.
+ One of the values in the XML string is invalid.
+
+
+
+ Creates and returns an XML string representation of the current object.
+
+ true to include private parameters; otherwise, false.
+ An XML string encoding of the current DiffieHellman object.
+
+
+
+ Implements the Diffie-Hellman algorithm.
+
+
+
+
+ Initializes a new instance.
+
+ The default length of the shared secret is 1024 bits.
+
+
+
+ Initializes a new instance.
+
+ The length, in bits, of the public P parameter.
+ The length, in bits, of the secret value X. This parameter can be set to 0 to use the default size.
+ One of the values.
+ The larger the bit length, the more secure the algorithm is. The default is 1024 bits. The minimum bit length is 128 bits. The size of the private value will be one fourth of the bit length specified.
+ The specified bit length is invalid.
+
+
+
+ Initializes a new instance.
+
+ The P parameter of the Diffie-Hellman algorithm. This is a public parameter.
+ The G parameter of the Diffie-Hellman algorithm. This is a public parameter.
+ The X parameter of the Diffie-Hellman algorithm. This is a private parameter. If this parameters is a null reference (Nothing in Visual Basic), a secret value of the default size will be generated.
+ or is a null reference (Nothing in Visual Basic).
+ or is invalid.
+
+
+
+ Initializes a new instance.
+
+ The P parameter of the Diffie-Hellman algorithm.
+ The G parameter of the Diffie-Hellman algorithm.
+ The length, in bits, of the private value. If 0 is specified, the default value will be used.
+ or is a null reference (Nothing in Visual Basic).
+ is invalid.
+ or is invalid.
+
+
+
+ Creates the key exchange data.
+
+ The key exchange data to be sent to the intended recipient.
+
+
+
+ Extracts secret information from the key exchange data.
+
+ The key exchange data within which the shared key is hidden.
+ The shared key derived from the key exchange data.
+
+
+
+ Releases the unmanaged resources used by the SymmetricAlgorithm and optionally releases the managed resources.
+
+ true to release both managed and unmanaged resources; false to release only unmanaged resources.
+
+
+
+ Exports the .
+
+ true to include private parameters; otherwise, false.
+ The parameters for .
+
+
+
+ Imports the specified .
+
+ The parameters for .
+ parameters.P or parameters.G is a null reference (Nothing in Visual Basic) -or- parameters.P is not a prime number.
+
+
+
+ Releases the unmanaged resources used by the SymmetricAlgorithm.
+
+
+
+
+ Gets the name of the key exchange algorithm.
+
+ The name of the key exchange algorithm.
+
+
+
+ Gets the name of the signature algorithm.
+
+ The name of the signature algorithm.
+
+
+
diff --git a/PROJ-ETS/packages/DotNetOpenAuth.OpenId.RelyingParty.4.3.0.13117/DotNetOpenAuth.OpenId.RelyingParty.4.3.0.13117.nupkg b/PROJ-ETS/packages/DotNetOpenAuth.OpenId.RelyingParty.4.3.0.13117/DotNetOpenAuth.OpenId.RelyingParty.4.3.0.13117.nupkg
new file mode 100644
index 0000000..b00cf75
Binary files /dev/null and b/PROJ-ETS/packages/DotNetOpenAuth.OpenId.RelyingParty.4.3.0.13117/DotNetOpenAuth.OpenId.RelyingParty.4.3.0.13117.nupkg differ
diff --git a/PROJ-ETS/packages/DotNetOpenAuth.OpenId.RelyingParty.4.3.0.13117/DotNetOpenAuth.OpenId.RelyingParty.4.3.0.13117.nuspec b/PROJ-ETS/packages/DotNetOpenAuth.OpenId.RelyingParty.4.3.0.13117/DotNetOpenAuth.OpenId.RelyingParty.4.3.0.13117.nuspec
new file mode 100644
index 0000000..8a7ad03
--- /dev/null
+++ b/PROJ-ETS/packages/DotNetOpenAuth.OpenId.RelyingParty.4.3.0.13117/DotNetOpenAuth.OpenId.RelyingParty.4.3.0.13117.nuspec
@@ -0,0 +1,20 @@
+
+
+
+ DotNetOpenAuth.OpenId.RelyingParty
+ 4.3.0.13117
+ DotNetOpenAuth OpenID Relying Party
+ Andrew Arnott
+ Andrew Arnott
+ http://www.opensource.org/licenses/ms-pl.html
+ http://www.dotnetopenauth.net/
+ https://github.com/AArnott/dotnetopenid/raw/v3.4/doc/logo/dnoa-logo_32x32.png
+ false
+ Increase conversion rates to your web site by lowering the bar to create an account with your site,
+ by allowing customers to use accounts they already have with other sites, such as Google and Yahoo!
+ Add OpenID 1.1/2.0 Relying Party authentication functionality to a web application programmatically.
+
+
+
+
+
\ No newline at end of file
diff --git a/PROJ-ETS/packages/DotNetOpenAuth.OpenId.RelyingParty.4.3.0.13117/content/web.config.transform b/PROJ-ETS/packages/DotNetOpenAuth.OpenId.RelyingParty.4.3.0.13117/content/web.config.transform
new file mode 100644
index 0000000..c9adf3f
--- /dev/null
+++ b/PROJ-ETS/packages/DotNetOpenAuth.OpenId.RelyingParty.4.3.0.13117/content/web.config.transform
@@ -0,0 +1,19 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/PROJ-ETS/packages/DotNetOpenAuth.OpenId.RelyingParty.4.3.0.13117/lib/net35-full/DotNetOpenAuth.OpenId.RelyingParty.dll b/PROJ-ETS/packages/DotNetOpenAuth.OpenId.RelyingParty.4.3.0.13117/lib/net35-full/DotNetOpenAuth.OpenId.RelyingParty.dll
new file mode 100644
index 0000000..bd49e46
Binary files /dev/null and b/PROJ-ETS/packages/DotNetOpenAuth.OpenId.RelyingParty.4.3.0.13117/lib/net35-full/DotNetOpenAuth.OpenId.RelyingParty.dll differ
diff --git a/PROJ-ETS/packages/DotNetOpenAuth.OpenId.RelyingParty.4.3.0.13117/lib/net35-full/DotNetOpenAuth.OpenId.RelyingParty.xml b/PROJ-ETS/packages/DotNetOpenAuth.OpenId.RelyingParty.4.3.0.13117/lib/net35-full/DotNetOpenAuth.OpenId.RelyingParty.xml
new file mode 100644
index 0000000..50b4dde
--- /dev/null
+++ b/PROJ-ETS/packages/DotNetOpenAuth.OpenId.RelyingParty.4.3.0.13117/lib/net35-full/DotNetOpenAuth.OpenId.RelyingParty.xml
@@ -0,0 +1,3568 @@
+
+
+
+ DotNetOpenAuth.OpenId.RelyingParty
+
+
+
+
+ The COM interface describing the DotNetOpenAuth functionality available to
+ COM client OpenID relying parties.
+
+
+
+
+ Creates an authentication request to verify that a user controls
+ some given Identifier.
+
+
+ The Identifier supplied by the user. This may be a URL, an XRI or i-name.
+
+
+ The shorest URL that describes this relying party web site's address.
+ For example, if your login page is found at https://www.example.com/login.aspx,
+ your realm would typically be https://www.example.com/.
+
+
+ The URL of the login page, or the page prepared to receive authentication
+ responses from the OpenID Provider.
+
+
+ An authentication request object that describes the HTTP response to
+ send to the user agent to initiate the authentication.
+
+ Thrown if no OpenID endpoint could be found.
+
+
+
+ Creates an authentication request to verify that a user controls
+ some given Identifier.
+
+ The Identifier supplied by the user. This may be a URL, an XRI or i-name.
+ The shorest URL that describes this relying party web site's address.
+ For example, if your login page is found at https://www.example.com/login.aspx,
+ your realm would typically be https://www.example.com/.
+ The URL of the login page, or the page prepared to receive authentication
+ responses from the OpenID Provider.
+ A comma-delimited list of simple registration fields to request as optional.
+ A comma-delimited list of simple registration fields to request as required.
+
+ An authentication request object that describes the HTTP response to
+ send to the user agent to initiate the authentication.
+
+ Thrown if no OpenID endpoint could be found.
+
+
+
+ Gets the result of a user agent's visit to his OpenId provider in an
+ authentication attempt. Null if no response is available.
+
+ The incoming request URL .
+ The form data that may have been included in the case of a POST request.
+ The Provider's response to a previous authentication request, or null if no response is present.
+
+
+
+ An Attribute Exchange and Simple Registration filter to make all incoming attribute
+ requests look like Simple Registration requests, and to convert the response
+ to the originally requested extension and format.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Applies a well known set of security requirements to a default set of security settings.
+
+ The security settings to enhance with the requirements of this profile.
+
+ Care should be taken to never decrease security when applying a profile.
+ Profiles should only enhance security requirements to avoid being
+ incompatible with each other.
+
+
+
+
+ Called when an authentication request is about to be sent.
+
+ The request.
+
+ Implementations should be prepared to be called multiple times on the same outgoing message
+ without malfunctioning.
+
+
+
+
+ Called when an incoming positive assertion is received.
+
+ The positive assertion.
+
+
+
+ Implements the Identity, Credential, & Access Management (ICAM) OpenID 2.0 Profile
+ for the General Services Administration (GSA).
+
+
+ Relying parties that include this profile are always held to the terms required by the profile,
+ but Providers are only affected by the special behaviors of the profile when the RP specifically
+ indicates that they want to use this profile.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Applies a well known set of security requirements.
+
+ The security settings to enhance with the requirements of this profile.
+
+ Care should be taken to never decrease security when applying a profile.
+ Profiles should only enhance security requirements to avoid being
+ incompatible with each other.
+
+
+
+
+ Called when an authentication request is about to be sent.
+
+ The request.
+
+
+
+ Called when an incoming positive assertion is received.
+
+ The positive assertion.
+
+
+
+ The OpenID binding element responsible for reading/writing OpenID extensions
+ at the Relying Party.
+
+
+
+
+ The security settings that apply to this relying party, if it is a relying party.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The extension factory.
+ The security settings.
+
+
+
+ The messaging channel for OpenID relying parties.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The association store to use.
+ The nonce store to use.
+ The security settings to apply.
+
+
+
+ Initializes a new instance of the class.
+
+ The association store to use.
+ The nonce store to use.
+ An object that knows how to distinguish the various OpenID message types for deserialization purposes.
+ The security settings to apply.
+ A value indicating whether the channel is set up with no functional security binding elements.
+
+
+
+ A value indicating whether the channel is set up
+ with no functional security binding elements.
+
+ A new instance that will not perform verification on incoming messages or apply any security to outgoing messages.
+
+ A value of true allows the relying party to preview incoming
+ messages without invalidating nonces or checking signatures.
+ Setting this to true poses a great security risk and is only
+ present to support the OpenIdAjaxTextBox which needs to preview
+ messages, and will validate them later.
+
+
+
+
+ Initializes the binding elements.
+
+ The crypto key store.
+ The nonce store to use.
+ The security settings to apply. Must be an instance of either or ProviderSecuritySettings.
+ A value indicating whether the channel is set up with no functional security binding elements.
+
+ An array of binding elements which may be used to construct the channel.
+
+
+
+
+ Message factory for OpenID Relying Parties.
+
+
+
+
+ Analyzes an incoming request message payload to discover what kind of
+ message is embedded in it and returns the type, or null if no match is found.
+
+ The intended or actual recipient of the request message.
+ The name/value pairs that make up the message payload.
+
+ A newly instantiated -derived object that this message can
+ deserialize to. Null if the request isn't recognized as a valid protocol message.
+
+
+
+
+ Analyzes an incoming request message payload to discover what kind of
+ message is embedded in it and returns the type, or null if no match is found.
+
+ The message that was sent as a request that resulted in the response.
+ The name/value pairs that make up the message payload.
+
+ A newly instantiated -derived object that this message can
+ deserialize to. Null if the request isn't recognized as a valid protocol message.
+
+
+
+
+ Helps ensure compliance to some properties in the .
+
+
+
+
+ The security settings that are active on the relying party.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The security settings.
+
+
+
+ Prepares a message for sending based on the rules of this channel binding element.
+
+ The message to prepare for sending.
+
+ The protections (if any) that this binding element applied to the message.
+ Null if this binding element did not even apply to this binding element.
+
+
+ Implementations that provide message protection must honor the
+ properties where applicable.
+
+
+
+
+ Performs any transformation on an incoming message that may be necessary and/or
+ validates an incoming message based on the rules of this channel binding element.
+
+ The incoming message to process.
+
+ The protections (if any) that this binding element applied to the message.
+ Null if this binding element did not even apply to this binding element.
+
+
+ Thrown when the binding element rules indicate that this message is invalid and should
+ NOT be processed.
+
+
+ Implementations that provide message protection must honor the
+ properties where applicable.
+
+
+
+
+ Gets or sets the channel that this binding element belongs to.
+
+
+ This property is set by the channel when it is first constructed.
+
+
+
+
+ Gets the protection commonly offered (if any) by this binding element.
+
+
+ This value is used to assist in sorting binding elements in the channel stack.
+
+
+
+
+ The signing binding element for OpenID Relying Parties.
+
+
+
+
+ The association store used by Relying Parties to look up the secrets needed for signing.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The association store used to look up the secrets needed for signing. May be null for dumb Relying Parties.
+
+
+
+ Gets a specific association referenced in a given message's association handle.
+
+ The signed message whose association handle should be used to lookup the association to return.
+
+ The referenced association; or null if such an association cannot be found.
+
+
+
+
+ Gets the association to use to sign or verify a message.
+
+ The message to sign or verify.
+
+ The association to use to sign or verify the message.
+
+
+
+
+ Verifies the signature by unrecognized handle.
+
+ The message.
+ The signed message.
+ The protections applied.
+
+ The applied protections.
+
+
+
+
+ This binding element adds a nonce to a Relying Party's outgoing
+ authentication request when working against an OpenID 1.0 Provider
+ in order to protect against replay attacks or on all authentication
+ requests to distinguish solicited from unsolicited assertions.
+
+
+ This nonce goes beyond the OpenID 1.x spec, but adds to security.
+ Since this library's Provider implementation also provides special nonce
+ protection for 1.0 messages, this security feature overlaps with that one.
+ This means that if an RP from this library were talking to an OP from this
+ library, but the Identifier being authenticated advertised the OP as a 1.x
+ OP, then both RP and OP might try to use a nonce for protecting the assertion.
+ There's no problem with that--it will still all work out. And it would be a
+ very rare combination of elements anyway.
+
+
+ This binding element deactivates itself for OpenID 2.0 (or later) messages
+ since they are automatically protected in the protocol by the Provider's
+ openid.response_nonce parameter. The exception to this is when
+ is
+ set to true, which will not only add a request nonce to every outgoing
+ authentication request but also require that it be present in positive
+ assertions, effectively disabling unsolicited assertions.
+
+ In the messaging stack, this binding element looks like an ordinary
+ transform-type of binding element rather than a protection element,
+ due to its required order in the channel stack and that it exists
+ only on the RP side and only on some messages.
+
+
+
+
+ The context within which return_to nonces must be unique -- they all go into the same bucket.
+
+
+
+
+ The length of the generated nonce's random part.
+
+
+
+
+ The nonce store that will allow us to recall which nonces we've seen before.
+
+
+
+
+ The security settings at the RP.
+
+
+
+
+ Backing field for the property.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The nonce store to use.
+ The security settings of the RP.
+
+
+
+ Prepares a message for sending based on the rules of this channel binding element.
+
+ The message to prepare for sending.
+
+ The protections (if any) that this binding element applied to the message.
+ Null if this binding element did not even apply to this binding element.
+
+
+ Implementations that provide message protection must honor the
+ properties where applicable.
+
+
+
+
+ Performs any transformation on an incoming message that may be necessary and/or
+ validates an incoming message based on the rules of this channel binding element.
+
+ The incoming message to process.
+
+ The protections (if any) that this binding element applied to the message.
+ Null if this binding element did not even apply to this binding element.
+
+
+ Thrown when the binding element rules indicate that this message is invalid and should
+ NOT be processed.
+
+
+ Implementations that provide message protection must honor the
+ properties where applicable.
+
+
+
+
+ Determines whether a request nonce should be applied the request
+ or should be expected in the response.
+
+ The authentication request or the positive assertion response.
+
+ true if the message exchanged with an OpenID 1.x provider
+ or if unsolicited assertions should be rejected at the RP; otherwise false.
+
+
+
+
+ Gets or sets the channel that this binding element belongs to.
+
+
+ This property is set by the channel when it is first constructed.
+
+
+
+
+ Gets the protection offered (if any) by this binding element.
+
+
+
+
+ Gets the maximum message age from the standard expiration binding element.
+
+
+
+
+ A special DotNetOpenAuth-only nonce used by the RP when talking to 1.0 OPs in order
+ to protect against replay attacks.
+
+
+
+
+ The random bits generated for the nonce.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The creation date of the nonce.
+ The random bits that help make the nonce unique.
+
+
+
+ Creates a new nonce.
+
+ The newly instantiated instance.
+
+
+
+ Deserializes a nonce from the return_to parameter.
+
+ The base64-encoded value of the nonce.
+ The instantiated and initialized nonce.
+
+
+
+ Serializes the entire nonce for adding to the return_to URL.
+
+ The base64-encoded string representing the nonce.
+
+
+
+ Gets the creation date.
+
+
+
+
+ Gets the random part of the nonce as a base64 encoded string.
+
+
+
+
+ A set of methods designed to assist in improving interop across different
+ OpenID implementations and their extensions.
+
+
+
+
+ Adds an Attribute Exchange (AX) extension to the authentication request
+ that asks for the same attributes as the Simple Registration (sreg) extension
+ that is already applied.
+
+ The authentication request.
+ The attribute formats to use in the AX request.
+
+ If discovery on the user-supplied identifier yields hints regarding which
+ extensions and attribute formats the Provider supports, this method MAY ignore the
+ argument and accomodate the Provider to minimize
+ the size of the request.
+ If the request does not carry an sreg extension, the method logs a warning but
+ otherwise quietly returns doing nothing.
+
+
+
+
+ Looks for Simple Registration and Attribute Exchange (all known formats)
+ response extensions and returns them as a Simple Registration extension.
+
+ The authentication response.
+ if set to true unsigned extensions will be included in the search.
+
+ The Simple Registration response if found,
+ or a fabricated one based on the Attribute Exchange extension if found,
+ or just an empty if there was no data.
+ Never null.
+
+
+
+ Gets the attribute value if available.
+
+ The AX fetch response extension to look for the attribute value.
+ The type URI of the attribute, using the axschema.org format of .
+ The AX type URI formats to search.
+
+ The first value of the attribute, if available.
+
+
+
+
+ Tries to find the exact format of AX attribute Type URI supported by the Provider.
+
+ The authentication request.
+ The attribute formats the RP will try if this discovery fails.
+ The AX format(s) to use based on the Provider's advertised AX support.
+
+
+
+ The discovery service to support host-meta based discovery, such as Google Apps for Domains.
+
+
+ The spec for this discovery mechanism can be found at:
+ http://groups.google.com/group/google-federated-login-api/web/openid-discovery-for-hosted-domains
+ and the XMLDSig spec referenced in that spec can be found at:
+ http://wiki.oasis-open.org/xri/XrdOne/XmlDsigProfile
+
+
+
+
+ Path to the well-known location of the host-meta document at a domain.
+
+
+
+
+ The URI template for discovery host-meta on domains hosted by
+ Google Apps for Domains.
+
+
+
+
+ The pattern within a host-meta file to look for to obtain the URI to the XRDS document.
+
+
+
+
+ A set of certificate thumbprints that have been verified.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Performs discovery on the specified identifier.
+
+ The identifier to perform discovery on.
+ The means to place outgoing HTTP requests.
+ if set to true, no further discovery services will be called for this identifier.
+
+ A sequence of service endpoints yielded by discovery. Must not be null, but may be empty.
+
+
+
+
+ Gets the XRD elements that have a given CanonicalID.
+
+ The XRDS document.
+ The CanonicalID to match on.
+ A sequence of XRD elements.
+
+
+
+ Gets the described-by services in XRD elements.
+
+ The XRDs to search.
+ A sequence of services.
+
+
+
+ Gets the services for an identifier that are described by an external XRDS document.
+
+ The XRD elements to search for described-by services.
+ The identifier under discovery.
+ The request handler.
+ The discovered services.
+
+
+
+ Validates the XML digital signature on an XRDS document.
+
+ The XRDS document whose signature should be validated.
+ The identifier under discovery.
+ The response.
+ The host name on the certificate that should be used to verify the signature in the XRDS.
+ Thrown if the XRDS document has an invalid or a missing signature.
+
+
+
+ Verifies the cert chain.
+
+ The certs.
+
+ This must be in a method of its own because there is a LinkDemand on the
+ method. By being in a method of its own, the caller of this method may catch a
+ that is thrown if we're not running with full trust and execute
+ an alternative plan.
+
+ Thrown if the certificate chain is invalid or unverifiable.
+
+
+
+ Gets the XRDS HTTP response for a given identifier.
+
+ The identifier.
+ The request handler.
+ The location of the XRDS document to retrieve.
+
+ A HTTP response carrying an XRDS document.
+
+ Thrown if the XRDS document could not be obtained.
+
+
+
+ Verifies that a certificate chain is trusted.
+
+ The chain of certificates to verify.
+
+
+
+ Gets the XRDS HTTP response for a given identifier.
+
+ The identifier.
+ The request handler.
+ The host name on the certificate that should be used to verify the signature in the XRDS.
+ A HTTP response carrying an XRDS document, or null if one could not be obtained.
+ Thrown if the XRDS document could not be obtained.
+
+
+
+ Gets the location of the XRDS document that describes a given identifier.
+
+ The identifier under discovery.
+ The request handler.
+ The host name on the certificate that should be used to verify the signature in the XRDS.
+ An absolute URI, or null if one could not be determined.
+
+
+
+ Gets the host-meta for a given identifier.
+
+ The identifier.
+ The request handler.
+ The host name on the certificate that should be used to verify the signature in the XRDS.
+
+ The host-meta response, or null if no host-meta document could be obtained.
+
+
+
+
+ Gets the URIs authorized to host host-meta documents on behalf of a given domain.
+
+ The identifier.
+ A sequence of URIs that MAY provide the host-meta for a given identifier.
+
+
+
+ Gets the set of URI templates to use to contact host-meta hosting proxies
+ for domain discovery.
+
+
+
+
+ Gets or sets a value indicating whether to trust Google to host domains' host-meta documents.
+
+
+ This property is just a convenient mechanism for checking or changing the set of
+ trusted host-meta proxies in the property.
+
+
+
+
+ A description of a web server that hosts host-meta documents.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The proxy formatting string.
+ The signing host formatting string.
+
+
+
+ Gets the absolute proxy URI.
+
+ The identifier being discovered.
+ The an absolute URI.
+
+
+
+ Gets the signing host URI.
+
+ The identifier being discovered.
+ A host name.
+
+
+
+ Determines whether the specified is equal to the current .
+
+ The to compare with the current .
+
+ true if the specified is equal to the current ; otherwise, false.
+
+
+ The parameter is null.
+
+
+
+
+ Serves as a hash function for a particular type.
+
+
+ A hash code for the current .
+
+
+
+
+ Gets the URL of the host-meta proxy.
+
+ The absolute proxy URL, which may include {0} to be replaced with the host of the identifier to be discovered.
+
+
+
+ Gets the formatting string to determine the expected host name on the certificate
+ that is expected to be used to sign the XRDS document.
+
+
+ Either a string literal, or a formatting string where these placeholders may exist:
+ {0} the host on the identifier discovery was originally performed on;
+ {1} the host on this proxy.
+
+
+
+
+ The COM type used to provide details of an authentication result to a relying party COM client.
+
+
+
+
+ The response read in by the Relying Party.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The response.
+
+
+
+ Gets an Identifier that the end user claims to own. For use with user database storage and lookup.
+ May be null for some failed authentications (i.e. failed directed identity authentications).
+
+
+
+ This is the secure identifier that should be used for database storage and lookup.
+ It is not always friendly (i.e. =Arnott becomes =!9B72.7DD1.50A9.5CCD), but it protects
+ user identities against spoofing and other attacks.
+
+
+ For user-friendly identifiers to display, use the
+ property.
+
+
+
+
+
+ Gets a user-friendly OpenID Identifier for display purposes ONLY.
+
+
+
+ This should be put through before
+ sending to a browser to secure against javascript injection attacks.
+
+
+ This property retains some aspects of the user-supplied identifier that get lost
+ in the . For example, XRIs used as user-supplied
+ identifiers (i.e. =Arnott) become unfriendly unique strings (i.e. =!9B72.7DD1.50A9.5CCD).
+ For display purposes, such as text on a web page that says "You're logged in as ...",
+ this property serves to provide the =Arnott string, or whatever else is the most friendly
+ string close to what the user originally typed in.
+
+
+ If the user-supplied identifier is a URI, this property will be the URI after all
+ redirects, and with the protocol and fragment trimmed off.
+ If the user-supplied identifier is an XRI, this property will be the original XRI.
+ If the user-supplied identifier is an OpenID Provider identifier (i.e. yahoo.com),
+ this property will be the Claimed Identifier, with the protocol stripped if it is a URI.
+
+
+ It is very important that this property never be used for database storage
+ or lookup to avoid identity spoofing and other security risks. For database storage
+ and lookup please use the property.
+
+
+
+
+
+ Gets the provider endpoint that sent the assertion.
+
+
+
+
+ Gets a value indicating whether the authentication attempt succeeded.
+
+
+
+
+ Gets the Simple Registration response.
+
+
+
+
+ Gets details regarding a failed authentication attempt, if available.
+
+
+
+
+ A struct storing Simple Registration field values describing an
+ authenticating user.
+
+
+
+
+ The Simple Registration claims response message that this shim wraps.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The Simple Registration response to wrap.
+
+
+
+ Gets the nickname the user goes by.
+
+
+
+
+ Gets the user's email address.
+
+
+
+
+ Gets the full name of a user as a single string.
+
+
+
+
+ Gets the raw birth date string given by the extension.
+
+ A string in the format yyyy-MM-dd.
+
+
+
+ Gets the gender of the user.
+
+
+
+
+ Gets the zip code / postal code of the user.
+
+
+
+
+ Gets the country of the user.
+
+
+
+
+ Gets the primary/preferred language of the user.
+
+
+
+
+ Gets the user's timezone.
+
+
+
+
+ Implementation of , providing a subset of the
+ functionality available to .NET clients.
+
+
+
+
+ The OpenIdRelyingParty instance to use for requests.
+
+
+
+
+ Initializes static members of the class.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Creates an authentication request to verify that a user controls
+ some given Identifier.
+
+
+ The Identifier supplied by the user. This may be a URL, an XRI or i-name.
+
+
+ The shorest URL that describes this relying party web site's address.
+ For example, if your login page is found at https://www.example.com/login.aspx,
+ your realm would typically be https://www.example.com/.
+
+
+ The URL of the login page, or the page prepared to receive authentication
+ responses from the OpenID Provider.
+
+
+ An authentication request object that describes the HTTP response to
+ send to the user agent to initiate the authentication.
+
+ Thrown if no OpenID endpoint could be found.
+
+
+
+ Creates an authentication request to verify that a user controls
+ some given Identifier.
+
+ The Identifier supplied by the user. This may be a URL, an XRI or i-name.
+ The shorest URL that describes this relying party web site's address.
+ For example, if your login page is found at https://www.example.com/login.aspx,
+ your realm would typically be https://www.example.com/.
+ The URL of the login page, or the page prepared to receive authentication
+ responses from the OpenID Provider.
+ A comma-delimited list of simple registration fields to request as optional.
+ A comma-delimited list of simple registration fields to request as required.
+
+ An authentication request object that describes the HTTP response to
+ send to the user agent to initiate the authentication.
+
+ Thrown if no OpenID endpoint could be found.
+
+
+
+ Gets the result of a user agent's visit to his OpenId provider in an
+ authentication attempt. Null if no response is available.
+
+ The incoming request URL.
+ The form data that may have been included in the case of a POST request.
+ The Provider's response to a previous authentication request, or null if no response is present.
+
+
+
+ The successful Diffie-Hellman association response message.
+
+
+ Association response messages are described in OpenID 2.0 section 8.2. This type covers section 8.2.3.
+
+
+
+
+ A successful association response as it is received by the relying party.
+
+
+
+
+ Called to create the Association based on a request previously given by the Relying Party.
+
+ The prior request for an association.
+ The created association.
+
+
+
+ Initializes a new instance of the class.
+
+ The OpenID version of the response message.
+ The originating request.
+
+
+
+ Creates the association at relying party side after the association response has been received.
+
+ The original association request that was already sent and responded to.
+ The newly created association.
+
+ The resulting association is not added to the association store and must be done by the caller.
+
+
+
+
+ Utility methods for requesting associations from the relying party.
+
+
+
+
+ Creates an association request message that is appropriate for a given Provider.
+
+ The set of requirements the selected association type must comply to.
+ The provider to create an association with.
+
+ The message to send to the Provider to request an association.
+ Null if no association could be created that meet the security requirements
+ and the provider OpenID version.
+
+
+
+
+ Creates an association request message that is appropriate for a given Provider.
+
+ The set of requirements the selected association type must comply to.
+ The provider to create an association with.
+ Type of the association.
+ Type of the session.
+
+ The message to send to the Provider to request an association.
+ Null if no association could be created that meet the security requirements
+ and the provider OpenID version.
+
+
+
+
+ Code contract for the interface.
+
+
+
+
+ Checks the message state for conformity to the protocol specification
+ and throws an exception if the message is invalid.
+
+ Thrown if the message is invalid.
+
+
+
+ Called to create the Association based on a request previously given by the Relying Party.
+
+ The prior request for an association.
+
+ The created association.
+
+
+
+
+ Gets the level of protection this message requires.
+
+
+
+
+ Gets a value indicating whether this is a direct or indirect message.
+
+
+
+
+ Gets the version of the protocol or extension this message is prepared to implement.
+
+
+
+
+ Gets the extra, non-standard Protocol parameters included in the message.
+
+
+
+
+ A response to an unencrypted assocation request, as it is received by the relying party.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The version.
+ The request.
+
+
+
+ Called to create the Association based on a request previously given by the Relying Party.
+
+ The prior request for an association.
+ The created association.
+
+
+
+ Wraps a standard so that it behaves as an association store.
+
+
+
+
+ Stores s for lookup by their handle, keeping
+ associations separated by a given OP Endpoint.
+
+
+ Expired associations should be periodically cleared out of an association store.
+ This should be done frequently enough to avoid a memory leak, but sparingly enough
+ to not be a performance drain. Because this balance can vary by host, it is the
+ responsibility of the host to initiate this cleaning.
+
+
+
+
+ Saves an for later recall.
+
+ The OP Endpoint with which the association is established.
+ The association to store.
+
+ If the new association conflicts (in OP endpoint and association handle) with an existing association,
+ (which should never happen by the way) implementations may overwrite the previously saved association.
+
+
+
+
+ Gets the best association (the one with the longest remaining life) for a given key.
+
+ The OP Endpoint with which the association is established.
+ The security requirements that the returned association must meet.
+
+ The requested association, or null if no unexpired s exist for the given key.
+
+
+ In the event that multiple associations exist for the given
+ , it is important for the
+ implementation for this method to use the
+ to pick the best (highest grade or longest living as the host's policy may dictate)
+ association that fits the security requirements.
+ Associations that are returned that do not meet the security requirements will be
+ ignored and a new association created.
+
+
+
+
+ Gets the association for a given key and handle.
+
+ The OP Endpoint with which the association is established.
+ The handle of the specific association that must be recalled.
+ The requested association, or null if no unexpired s exist for the given key and handle.
+
+
+ Removes a specified handle that may exist in the store.
+ The OP Endpoint with which the association is established.
+ The handle of the specific association that must be deleted.
+
+ Deprecated. The return value is insignificant.
+ Previously: True if the association existed in this store previous to this call.
+
+
+ No exception should be thrown if the association does not exist in the store
+ before this call.
+
+
+
+
+ The underlying key store.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The key store.
+
+
+
+ Saves an for later recall.
+
+ The OP Endpoint with which the association is established.
+ The association to store.
+
+
+
+ Gets the best association (the one with the longest remaining life) for a given key.
+
+ The OP Endpoint with which the association is established.
+ The security requirements that the returned association must meet.
+
+ The requested association, or null if no unexpired s exist for the given key.
+
+
+
+
+ Gets the association for a given key and handle.
+
+ The OP Endpoint with which the association is established.
+ The handle of the specific association that must be recalled.
+
+ The requested association, or null if no unexpired s exist for the given key and handle.
+
+
+
+
+ Removes a specified handle that may exist in the store.
+
+ The OP Endpoint with which the association is established.
+ The handle of the specific association that must be deleted.
+
+ True if the association existed in this store previous to this call.
+
+
+
+
+ Constants used in implementing support for the UI extension.
+
+
+
+
+ Gets the window.open javascript snippet to use to open a popup window
+ compliant with the UI extension.
+
+ The relying party.
+ The authentication request to place in the window.
+ The name to assign to the popup window.
+ A string starting with 'window.open' and forming just that one method call.
+
+
+
+ Code Contract for the class.
+
+
+
+
+ Saves an for later recall.
+
+ The Uri (for relying parties) or Smart/Dumb (for providers).
+ The association to store.
+
+ TODO: what should implementations do on association handle conflict?
+
+
+
+
+ Gets the best association (the one with the longest remaining life) for a given key.
+
+ The Uri (for relying parties) or Smart/Dumb (for Providers).
+ The security requirements that the returned association must meet.
+
+ The requested association, or null if no unexpired s exist for the given key.
+
+
+ In the event that multiple associations exist for the given
+ , it is important for the
+ implementation for this method to use the
+ to pick the best (highest grade or longest living as the host's policy may dictate)
+ association that fits the security requirements.
+ Associations that are returned that do not meet the security requirements will be
+ ignored and a new association created.
+
+
+
+
+ Gets the association for a given key and handle.
+
+ The Uri (for relying parties) or Smart/Dumb (for Providers).
+ The handle of the specific association that must be recalled.
+
+ The requested association, or null if no unexpired s exist for the given key and handle.
+
+
+
+
+ Removes a specified handle that may exist in the store.
+
+ The Uri (for relying parties) or Smart/Dumb (for Providers).
+ The handle of the specific association that must be deleted.
+
+ True if the association existed in this store previous to this call.
+
+
+ No exception should be thrown if the association does not exist in the store
+ before this call.
+
+
+
+
+ A dictionary of handle/Association pairs.
+
+
+ Each method is locked, even if it is only one line, so that they are thread safe
+ against each other, particularly the ones that enumerate over the list, since they
+ can break if the collection is changed by another thread during enumeration.
+
+
+
+
+ The lookup table where keys are the association handles and values are the associations themselves.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Stores an in the collection.
+
+ The association to add to the collection.
+
+
+
+ Returns the with the given handle. Null if not found.
+
+ The handle to the required association.
+ The desired association, or null if none with the given handle could be found.
+
+
+
+ Removes the with the given handle.
+
+ The handle to the required association.
+ Whether an with the given handle was in the collection for removal.
+
+
+
+ Removes all expired associations from the collection.
+
+
+
+
+ Gets the s ordered in order of descending issue date
+ (most recently issued comes first). An empty sequence if no valid associations exist.
+
+
+ This property is used by relying parties that are initiating authentication requests.
+ It does not apply to Providers, which always need a specific association by handle.
+
+
+
+
+ Manages the establishment, storage and retrieval of associations at the relying party.
+
+
+
+
+ The storage to use for saving and retrieving associations. May be null.
+
+
+
+
+ Backing field for the property.
+
+
+
+
+ Backing field for the property.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The channel the relying party is using.
+ The association store. May be null for dumb mode relying parties.
+ The security settings.
+
+
+
+ Gets an association between this Relying Party and a given Provider
+ if it already exists in the association store.
+
+ The provider to create an association with.
+ The association if one exists and has useful life remaining. Otherwise null.
+
+
+
+ Gets an existing association with the specified Provider, or attempts to create
+ a new association of one does not already exist.
+
+ The provider to get an association for.
+ The existing or new association; null if none existed and one could not be created.
+
+
+
+ Creates a new association with a given Provider.
+
+ The provider to create an association with.
+
+ The newly created association, or null if no association can be created with
+ the given Provider given the current security settings.
+
+
+ A new association is created and returned even if one already exists in the
+ association store.
+ Any new association is automatically added to the .
+
+
+
+
+ Creates a new association with a given Provider.
+
+ The provider to create an association with.
+ The associate request. May be null, which will always result in a null return value..
+ The number of times to try the associate request again if the Provider suggests it.
+
+ The newly created association, or null if no association can be created with
+ the given Provider given the current security settings.
+
+
+
+
+ Gets or sets the channel to use for establishing associations.
+
+ The channel.
+
+
+
+ Gets or sets the security settings to apply in choosing association types to support.
+
+
+
+
+ Gets a value indicating whether this instance has an association store.
+
+
+ true if the relying party can act in 'smart' mode;
+ false if the relying party must always act in 'dumb' mode.
+
+
+
+
+ Gets the storage to use for saving and retrieving associations. May be null.
+
+
+
+
+ Preferences regarding creation and use of an association between a relying party
+ and provider for authentication.
+
+
+
+
+ Indicates that an association should be created for use in authentication
+ if one has not already been established between the relying party and the
+ selected provider.
+
+
+ Even with this value, if an association attempt fails or the relying party
+ has no application store to recall associations, the authentication may
+ proceed without an association.
+
+
+
+
+ Indicates that an association should be used for authentication only if
+ it happens to already exist.
+
+
+
+
+ Indicates that an authentication attempt should NOT use an OpenID association
+ between the relying party and the provider, even if an association was previously
+ created.
+
+
+
+
+ Facilitates customization and creation and an authentication request
+ that a Relying Party is preparing to send.
+
+
+
+
+ The name of the internal callback parameter to use to store the user-supplied identifier.
+
+
+
+
+ The relying party that created this request object.
+
+
+
+
+ How an association may or should be created or used in the formulation of the
+ authentication request.
+
+
+
+
+ The extensions that have been added to this authentication request.
+
+
+
+
+ Arguments to add to the return_to part of the query string, so that
+ these values come back to the consumer when the user agent returns.
+
+
+
+
+ A value indicating whether the return_to callback arguments must be signed.
+
+
+ This field defaults to false, but is set to true as soon as the first callback argument
+ is added that indicates it must be signed. At which point, all arguments are signed
+ even if individual ones did not need to be.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The endpoint that describes the OpenID Identifier and Provider that will complete the authentication.
+ The realm, or root URL, of the host web site.
+ The base return_to URL that the Provider should return the user to to complete authentication. This should not include callback parameters as these should be added using the method.
+ The relying party that created this instance.
+
+
+
+ Makes a dictionary of key/value pairs available when the authentication is completed.
+
+ The arguments to add to the request's return_to URI.
+
+ Note that these values are NOT protected against eavesdropping in transit. No
+ privacy-sensitive data should be stored using this method.
+ The values stored here can be retrieved using
+ , which will only return the value
+ if it hasn't been tampered with in transit.
+ Since the data set here is sent in the querystring of the request and some
+ servers place limits on the size of a request URL, this data should be kept relatively
+ small to ensure successful authentication. About 1.5KB is about all that should be stored.
+
+
+
+
+ Makes a key/value pair available when the authentication is completed.
+
+ The parameter name.
+ The value of the argument.
+
+ Note that these values are NOT protected against eavesdropping in transit. No
+ privacy-sensitive data should be stored using this method.
+ The value stored here can be retrieved using
+ , which will only return the value
+ if it hasn't been tampered with in transit.
+ Since the data set here is sent in the querystring of the request and some
+ servers place limits on the size of a request URL, this data should be kept relatively
+ small to ensure successful authentication. About 1.5KB is about all that should be stored.
+
+
+
+
+ Makes a key/value pair available when the authentication is completed.
+
+ The parameter name.
+ The value of the argument. Must not be null.
+
+ Note that these values are NOT protected against tampering in transit. No
+ security-sensitive data should be stored using this method.
+ The value stored here can be retrieved using
+ .
+ Since the data set here is sent in the querystring of the request and some
+ servers place limits on the size of a request URL, this data should be kept relatively
+ small to ensure successful authentication. About 1.5KB is about all that should be stored.
+
+
+
+
+ Makes a key/value pair available when the authentication is completed without
+ requiring a return_to signature to protect against tampering of the callback argument.
+
+ The parameter name.
+ The value of the argument. Must not be null.
+
+ Note that these values are NOT protected against eavesdropping or tampering in transit. No
+ security-sensitive data should be stored using this method.
+ The value stored here can be retrieved using
+ .
+ Since the data set here is sent in the querystring of the request and some
+ servers place limits on the size of a request URL, this data should be kept relatively
+ small to ensure successful authentication. About 1.5KB is about all that should be stored.
+
+
+
+
+ Adds an OpenID extension to the request directed at the OpenID provider.
+
+ The initialized extension to add to the request.
+
+
+
+ Redirects the user agent to the provider for authentication.
+
+
+ This method requires an ASP.NET HttpContext.
+
+
+
+
+ Performs identifier discovery, creates associations and generates authentication requests
+ on-demand for as long as new ones can be generated based on the results of Identifier discovery.
+
+ The user supplied identifier.
+ The relying party.
+ The realm.
+ The return_to base URL.
+ if set to true, associations that do not exist between this Relying Party and the asserting Providers are created before the authentication request is created.
+
+ A sequence of authentication requests, any of which constitutes a valid identity assertion on the Claimed Identifier.
+ Never null, but may be empty.
+
+
+
+
+ Creates an instance of FOR TESTING PURPOSES ONLY.
+
+ The discovery result.
+ The realm.
+ The return to.
+ The relying party.
+ The instantiated .
+
+
+
+ Creates the request message to send to the Provider,
+ based on the properties in this instance.
+
+ The message to send to the Provider.
+
+
+
+ Performs deferred request generation for the method.
+
+ The user supplied identifier.
+ The relying party.
+ The realm.
+ The return_to base URL.
+ The discovered service endpoints on the Claimed Identifier.
+ if set to true, associations that do not exist between this Relying Party and the asserting Providers are created before the authentication request is created.
+
+ A sequence of authentication requests, any of which constitutes a valid identity assertion on the Claimed Identifier.
+ Never null, but may be empty.
+
+
+ All data validation and cleansing steps must have ALREADY taken place
+ before calling this method.
+
+
+
+
+ Returns a filtered and sorted list of the available OP endpoints for a discovered Identifier.
+
+ The endpoints.
+ The relying party.
+ A filtered and sorted list of endpoints; may be empty if the input was empty or the filter removed all endpoints.
+
+
+
+ Creates the request message to send to the Provider,
+ based on the properties in this instance.
+
+ The message to send to the Provider.
+
+
+
+ Gets the association to use for this authentication request.
+
+ The association to use; null to use 'dumb mode'.
+
+
+
+ Gets or sets the mode the Provider should use during authentication.
+
+
+
+
+
+ Gets the HTTP response the relying party should send to the user agent
+ to redirect it to the OpenID Provider to start the OpenID authentication process.
+
+
+
+
+
+ Gets the URL that the user agent will return to after authentication
+ completes or fails at the Provider.
+
+
+
+
+
+ Gets the URL that identifies this consumer web application that
+ the Provider will display to the end user.
+
+
+
+
+ Gets the Claimed Identifier that the User Supplied Identifier
+ resolved to. Null if the user provided an OP Identifier
+ (directed identity).
+
+
+
+ Null is returned if the user is using the directed identity feature
+ of OpenID 2.0 to make it nearly impossible for a relying party site
+ to improperly store the reserved OpenID URL used for directed identity
+ as a user's own Identifier.
+ However, to test for the Directed Identity feature, please test the
+ property rather than testing this
+ property for a null value.
+
+
+
+
+ Gets a value indicating whether the authenticating user has chosen to let the Provider
+ determine and send the ClaimedIdentifier after authentication.
+
+
+
+
+ Gets or sets a value indicating whether this request only carries extensions
+ and is not a request to verify that the user controls some identifier.
+
+
+ true if this request is merely a carrier of extensions and is not
+ about an OpenID identifier; otherwise, false.
+
+
+
+
+ Gets information about the OpenId Provider, as advertised by the
+ OpenId discovery documents found at the
+ location.
+
+
+
+
+ Gets the discovery result leading to the formulation of this request.
+
+ The discovery result.
+
+
+
+ Gets or sets how an association may or should be created or used
+ in the formulation of the authentication request.
+
+
+
+
+ Gets the extensions that have been added to the request.
+
+
+
+
+ Gets the list of extensions for this request.
+
+
+
+
+ An authentication request comparer that judges equality solely on the OP endpoint hostname.
+
+
+
+
+ The singleton instance of this comparer.
+
+
+
+
+ Prevents a default instance of the class from being created.
+
+
+
+
+ Determines whether the specified objects are equal.
+
+ The first object to compare.
+ The second object to compare.
+
+ true if the specified objects are equal; otherwise, false.
+
+
+
+
+ Returns a hash code for the specified object.
+
+ The for which a hash code is to be returned.
+ A hash code for the specified object.
+
+ The type of is a reference type and is null.
+
+
+
+
+ Gets the singleton instance of this comparer.
+
+
+
+
+ Wraps a negative assertion response in an instance
+ for public consumption by the host web site.
+
+
+
+
+ An interface to expose useful properties and functionality for handling
+ authentication responses that are returned from Immediate authentication
+ requests that require a subsequent request to be made in non-immediate mode.
+
+
+
+
+ Gets the to pass to
+ in a subsequent authentication attempt.
+
+
+
+
+ The negative assertion message that was received by the RP that was used
+ to create this instance.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The negative assertion response received by the Relying Party.
+
+
+
+ Gets a callback argument's value that was previously added using
+ .
+
+ The name of the parameter whose value is sought.
+
+ The value of the argument, or null if the named parameter could not be found.
+
+
+ This may return any argument on the querystring that came with the authentication response,
+ which may include parameters not explicitly added using
+ .
+ Note that these values are NOT protected against tampering in transit.
+
+
+
+
+ Gets a callback argument's value that was previously added using
+ .
+
+ The name of the parameter whose value is sought.
+
+ The value of the argument, or null if the named parameter could not be found.
+
+
+ Callback parameters are only available even if the RP is in stateless mode,
+ or the callback parameters are otherwise unverifiable as untampered with.
+ Therefore, use this method only when the callback argument is not to be
+ used to make a security-sensitive decision.
+
+
+
+
+ Gets all the callback arguments that were previously added using
+ or as a natural part
+ of the return_to URL.
+
+ A name-value dictionary. Never null.
+
+ This MAY return any argument on the querystring that came with the authentication response,
+ which may include parameters not explicitly added using
+ .
+ Note that these values are NOT protected against tampering in transit.
+
+
+
+
+ Gets all the callback arguments that were previously added using
+ or as a natural part
+ of the return_to URL.
+
+ A name-value dictionary. Never null.
+
+ Callback parameters are only available even if the RP is in stateless mode,
+ or the callback parameters are otherwise unverifiable as untampered with.
+ Therefore, use this method only when the callback argument is not to be
+ used to make a security-sensitive decision.
+
+
+
+
+ Tries to get an OpenID extension that may be present in the response.
+
+ The type of extension to look for in the response message.
+
+ The extension, if it is found. Null otherwise.
+
+
+ Extensions are returned only if the Provider signed them.
+ Relying parties that do not care if the values were modified in
+ transit should use the method
+ in order to allow the Provider to not sign the extension.
+ Unsigned extensions are completely unreliable and should be
+ used only to prefill user forms since the user or any other third
+ party may have tampered with the data carried by the extension.
+ Signed extensions are only reliable if the relying party
+ trusts the OpenID Provider that signed them. Signing does not mean
+ the relying party can trust the values -- it only means that the values
+ have not been tampered with since the Provider sent the message.
+
+
+
+
+ Tries to get an OpenID extension that may be present in the response.
+
+ Type of the extension to look for in the response.
+
+ The extension, if it is found. Null otherwise.
+
+
+ Extensions are returned only if the Provider signed them.
+ Relying parties that do not care if the values were modified in
+ transit should use the method
+ in order to allow the Provider to not sign the extension.
+ Unsigned extensions are completely unreliable and should be
+ used only to prefill user forms since the user or any other third
+ party may have tampered with the data carried by the extension.
+ Signed extensions are only reliable if the relying party
+ trusts the OpenID Provider that signed them. Signing does not mean
+ the relying party can trust the values -- it only means that the values
+ have not been tampered with since the Provider sent the message.
+
+
+
+
+ Tries to get an OpenID extension that may be present in the response, without
+ requiring it to be signed by the Provider.
+
+ The type of extension to look for in the response message.
+
+ The extension, if it is found. Null otherwise.
+
+
+ Extensions are returned whether they are signed or not.
+ Use the method to retrieve
+ extension responses only if they are signed by the Provider to
+ protect against tampering.
+ Unsigned extensions are completely unreliable and should be
+ used only to prefill user forms since the user or any other third
+ party may have tampered with the data carried by the extension.
+ Signed extensions are only reliable if the relying party
+ trusts the OpenID Provider that signed them. Signing does not mean
+ the relying party can trust the values -- it only means that the values
+ have not been tampered with since the Provider sent the message.
+
+
+
+
+ Tries to get an OpenID extension that may be present in the response.
+
+ Type of the extension to look for in the response.
+
+ The extension, if it is found. Null otherwise.
+
+
+ Extensions are returned whether they are signed or not.
+ Use the method to retrieve
+ extension responses only if they are signed by the Provider to
+ protect against tampering.
+ Unsigned extensions are completely unreliable and should be
+ used only to prefill user forms since the user or any other third
+ party may have tampered with the data carried by the extension.
+ Signed extensions are only reliable if the relying party
+ trusts the OpenID Provider that signed them. Signing does not mean
+ the relying party can trust the values -- it only means that the values
+ have not been tampered with since the Provider sent the message.
+
+
+
+
+ Gets the Identifier that the end user claims to own. For use with user database storage and lookup.
+ May be null for some failed authentications (i.e. failed directed identity authentications).
+
+
+
+
+ This is the secure identifier that should be used for database storage and lookup.
+ It is not always friendly (i.e. =Arnott becomes =!9B72.7DD1.50A9.5CCD), but it protects
+ user identities against spoofing and other attacks.
+
+
+ For user-friendly identifiers to display, use the
+ property.
+
+
+
+
+
+ Gets a user-friendly OpenID Identifier for display purposes ONLY.
+
+
+
+
+ This should be put through before
+ sending to a browser to secure against javascript injection attacks.
+
+
+ This property retains some aspects of the user-supplied identifier that get lost
+ in the . For example, XRIs used as user-supplied
+ identifiers (i.e. =Arnott) become unfriendly unique strings (i.e. =!9B72.7DD1.50A9.5CCD).
+ For display purposes, such as text on a web page that says "You're logged in as ...",
+ this property serves to provide the =Arnott string, or whatever else is the most friendly
+ string close to what the user originally typed in.
+
+
+ If the user-supplied identifier is a URI, this property will be the URI after all
+ redirects, and with the protocol and fragment trimmed off.
+ If the user-supplied identifier is an XRI, this property will be the original XRI.
+ If the user-supplied identifier is an OpenID Provider identifier (i.e. yahoo.com),
+ this property will be the Claimed Identifier, with the protocol stripped if it is a URI.
+
+
+ It is very important that this property never be used for database storage
+ or lookup to avoid identity spoofing and other security risks. For database storage
+ and lookup please use the property.
+
+
+
+
+
+ Gets the detailed success or failure status of the authentication attempt.
+
+
+
+
+
+ Gets information about the OpenId Provider, as advertised by the
+ OpenID discovery documents found at the
+ location.
+
+
+ The Provider endpoint that issued the positive assertion;
+ or null if information about the Provider is unavailable.
+
+
+
+
+ Gets the details regarding a failed authentication attempt, if available.
+ This will be set if and only if is .
+
+
+
+
+
+ Gets the to pass to
+ in a subsequent authentication attempt.
+
+
+
+
+
+ Wraps an extension-only response from the OP in an instance
+ for public consumption by the host web site.
+
+
+
+
+ Backin field for the property.
+
+
+
+
+ Information about the OP endpoint that issued this assertion.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The response message.
+
+
+
+ Gets a callback argument's value that was previously added using
+ .
+
+ The name of the parameter whose value is sought.
+
+ The value of the argument, or null if the named parameter could not be found.
+
+
+ Callback parameters are only available if they are complete and untampered with
+ since the original request message (as proven by a signature).
+ If the relying party is operating in stateless mode null is always
+ returned since the callback arguments could not be signed to protect against
+ tampering.
+
+
+
+
+ Gets a callback argument's value that was previously added using
+ .
+
+ The name of the parameter whose value is sought.
+
+ The value of the argument, or null if the named parameter could not be found.
+
+
+ Callback parameters are only available even if the RP is in stateless mode,
+ or the callback parameters are otherwise unverifiable as untampered with.
+ Therefore, use this method only when the callback argument is not to be
+ used to make a security-sensitive decision.
+
+
+
+
+ Gets all the callback arguments that were previously added using
+ or as a natural part
+ of the return_to URL.
+
+ A name-value dictionary. Never null.
+
+ Callback parameters are only available if they are complete and untampered with
+ since the original request message (as proven by a signature).
+ If the relying party is operating in stateless mode an empty dictionary is always
+ returned since the callback arguments could not be signed to protect against
+ tampering.
+
+
+
+
+ Gets all the callback arguments that were previously added using
+ or as a natural part
+ of the return_to URL.
+
+ A name-value dictionary. Never null.
+
+ Callback parameters are only available if they are complete and untampered with
+ since the original request message (as proven by a signature).
+ If the relying party is operating in stateless mode an empty dictionary is always
+ returned since the callback arguments could not be signed to protect against
+ tampering.
+
+
+
+
+ Tries to get an OpenID extension that may be present in the response.
+
+ The type of extension to look for in the response message.
+
+ The extension, if it is found. Null otherwise.
+
+
+ Extensions are returned only if the Provider signed them.
+ Relying parties that do not care if the values were modified in
+ transit should use the method
+ in order to allow the Provider to not sign the extension.
+ Unsigned extensions are completely unreliable and should be
+ used only to prefill user forms since the user or any other third
+ party may have tampered with the data carried by the extension.
+ Signed extensions are only reliable if the relying party
+ trusts the OpenID Provider that signed them. Signing does not mean
+ the relying party can trust the values -- it only means that the values
+ have not been tampered with since the Provider sent the message.
+
+
+
+
+ Tries to get an OpenID extension that may be present in the response.
+
+ Type of the extension to look for in the response.
+
+ The extension, if it is found. Null otherwise.
+
+
+ Extensions are returned only if the Provider signed them.
+ Relying parties that do not care if the values were modified in
+ transit should use the method
+ in order to allow the Provider to not sign the extension.
+ Unsigned extensions are completely unreliable and should be
+ used only to prefill user forms since the user or any other third
+ party may have tampered with the data carried by the extension.
+ Signed extensions are only reliable if the relying party
+ trusts the OpenID Provider that signed them. Signing does not mean
+ the relying party can trust the values -- it only means that the values
+ have not been tampered with since the Provider sent the message.
+
+
+
+
+ Tries to get an OpenID extension that may be present in the response, without
+ requiring it to be signed by the Provider.
+
+ The type of extension to look for in the response message.
+
+ The extension, if it is found. Null otherwise.
+
+
+ Extensions are returned whether they are signed or not.
+ Use the method to retrieve
+ extension responses only if they are signed by the Provider to
+ protect against tampering.
+ Unsigned extensions are completely unreliable and should be
+ used only to prefill user forms since the user or any other third
+ party may have tampered with the data carried by the extension.
+ Signed extensions are only reliable if the relying party
+ trusts the OpenID Provider that signed them. Signing does not mean
+ the relying party can trust the values -- it only means that the values
+ have not been tampered with since the Provider sent the message.
+
+
+
+
+ Tries to get an OpenID extension that may be present in the response.
+
+ Type of the extension to look for in the response.
+
+ The extension, if it is found. Null otherwise.
+
+
+ Extensions are returned whether they are signed or not.
+ Use the method to retrieve
+ extension responses only if they are signed by the Provider to
+ protect against tampering.
+ Unsigned extensions are completely unreliable and should be
+ used only to prefill user forms since the user or any other third
+ party may have tampered with the data carried by the extension.
+ Signed extensions are only reliable if the relying party
+ trusts the OpenID Provider that signed them. Signing does not mean
+ the relying party can trust the values -- it only means that the values
+ have not been tampered with since the Provider sent the message.
+
+
+
+
+ Gets the Identifier that the end user claims to own. For use with user database storage and lookup.
+ May be null for some failed authentications (i.e. failed directed identity authentications).
+
+
+
+ This is the secure identifier that should be used for database storage and lookup.
+ It is not always friendly (i.e. =Arnott becomes =!9B72.7DD1.50A9.5CCD), but it protects
+ user identities against spoofing and other attacks.
+
+
+ For user-friendly identifiers to display, use the
+ property.
+
+
+
+
+
+ Gets a user-friendly OpenID Identifier for display purposes ONLY.
+
+
+
+
+ This should be put through before
+ sending to a browser to secure against javascript injection attacks.
+
+
+ This property retains some aspects of the user-supplied identifier that get lost
+ in the . For example, XRIs used as user-supplied
+ identifiers (i.e. =Arnott) become unfriendly unique strings (i.e. =!9B72.7DD1.50A9.5CCD).
+ For display purposes, such as text on a web page that says "You're logged in as ...",
+ this property serves to provide the =Arnott string, or whatever else is the most friendly
+ string close to what the user originally typed in.
+
+
+ If the user-supplied identifier is a URI, this property will be the URI after all
+ redirects, and with the protocol and fragment trimmed off.
+ If the user-supplied identifier is an XRI, this property will be the original XRI.
+ If the user-supplied identifier is an OpenID Provider identifier (i.e. yahoo.com),
+ this property will be the Claimed Identifier, with the protocol stripped if it is a URI.
+
+
+ It is very important that this property never be used for database storage
+ or lookup to avoid identity spoofing and other security risks. For database storage
+ and lookup please use the property.
+
+
+
+
+
+ Gets the detailed success or failure status of the authentication attempt.
+
+
+
+
+ Gets information about the OpenId Provider, as advertised by the
+ OpenID discovery documents found at the
+ location.
+
+
+ The Provider endpoint that issued the positive assertion;
+ or null if information about the Provider is unavailable.
+
+
+
+
+ Gets the details regarding a failed authentication attempt, if available.
+ This will be set if and only if is .
+
+
+
+
+
+ Gets a value indicating whether trusted callback arguments are available.
+
+
+ We use this internally to avoid logging a warning during a standard snapshot creation.
+
+
+
+
+ Gets the positive extension-only message the Relying Party received that this instance wraps.
+
+
+
+
+ Wraps a positive assertion response in an instance
+ for public consumption by the host web site.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The positive assertion response that was just received by the Relying Party.
+ The relying party.
+
+
+
+ Verifies that the positive assertion data matches the results of
+ discovery on the Claimed Identifier.
+
+ The relying party.
+
+ Thrown when the Provider is asserting that a user controls an Identifier
+ when discovery on that Identifier contradicts what the Provider says.
+ This would be an indication of either a misconfigured Provider or
+ an attempt by someone to spoof another user's identity with a rogue Provider.
+
+
+
+
+ Gets the Identifier that the end user claims to own. For use with user database storage and lookup.
+ May be null for some failed authentications (i.e. failed directed identity authentications).
+
+
+
+
+ This is the secure identifier that should be used for database storage and lookup.
+ It is not always friendly (i.e. =Arnott becomes =!9B72.7DD1.50A9.5CCD), but it protects
+ user identities against spoofing and other attacks.
+
+
+ For user-friendly identifiers to display, use the
+ property.
+
+
+
+
+
+ Gets a user-friendly OpenID Identifier for display purposes ONLY.
+
+
+
+ This should be put through before
+ sending to a browser to secure against javascript injection attacks.
+
+
+ This property retains some aspects of the user-supplied identifier that get lost
+ in the . For example, XRIs used as user-supplied
+ identifiers (i.e. =Arnott) become unfriendly unique strings (i.e. =!9B72.7DD1.50A9.5CCD).
+ For display purposes, such as text on a web page that says "You're logged in as ...",
+ this property serves to provide the =Arnott string, or whatever else is the most friendly
+ string close to what the user originally typed in.
+
+
+ If the user-supplied identifier is a URI, this property will be the URI after all
+ redirects, and with the protocol and fragment trimmed off.
+ If the user-supplied identifier is an XRI, this property will be the original XRI.
+ If the user-supplied identifier is an OpenID Provider identifier (i.e. yahoo.com),
+ this property will be the Claimed Identifier, with the protocol stripped if it is a URI.
+
+
+ It is very important that this property never be used for database storage
+ or lookup to avoid identity spoofing and other security risks. For database storage
+ and lookup please use the property.
+
+
+
+
+
+ Gets the detailed success or failure status of the authentication attempt.
+
+
+
+
+ Gets the OpenID service endpoint reconstructed from the assertion message.
+
+
+ This information is straight from the Provider, and therefore must not
+ be trusted until verified as matching the discovery information for
+ the claimed identifier to avoid a Provider asserting an Identifier
+ for which it has no authority.
+
+
+
+
+ Gets the positive assertion response message.
+
+
+
+
+ Wraps a failed authentication response in an instance
+ for public consumption by the host web site.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The exception that resulted in the failed authentication.
+
+
+
+ Gets all the callback arguments that were previously added using
+ or as a natural part
+ of the return_to URL.
+
+ A name-value dictionary. Never null.
+
+ This MAY return any argument on the querystring that came with the authentication response,
+ which may include parameters not explicitly added using
+ .
+ Note that these values are NOT protected against tampering in transit.
+
+
+
+
+ Gets all the callback arguments that were previously added using
+ or as a natural part
+ of the return_to URL.
+
+ A name-value dictionary. Never null.
+
+ Callback parameters are only available even if the RP is in stateless mode,
+ or the callback parameters are otherwise unverifiable as untampered with.
+ Therefore, use this method only when the callback argument is not to be
+ used to make a security-sensitive decision.
+
+
+
+
+ Gets a callback argument's value that was previously added using
+ .
+
+ The name of the parameter whose value is sought.
+
+ The value of the argument, or null if the named parameter could not be found.
+
+
+ This may return any argument on the querystring that came with the authentication response,
+ which may include parameters not explicitly added using
+ .
+ Note that these values are NOT protected against tampering in transit.
+
+
+
+
+ Gets a callback argument's value that was previously added using
+ .
+
+ The name of the parameter whose value is sought.
+
+ The value of the argument, or null if the named parameter could not be found.
+
+
+ Callback parameters are only available even if the RP is in stateless mode,
+ or the callback parameters are otherwise unverifiable as untampered with.
+ Therefore, use this method only when the callback argument is not to be
+ used to make a security-sensitive decision.
+
+
+
+
+ Tries to get an OpenID extension that may be present in the response.
+
+ The type of extension to look for in the response message.
+
+ The extension, if it is found. Null otherwise.
+
+
+ Extensions are returned only if the Provider signed them.
+ Relying parties that do not care if the values were modified in
+ transit should use the method
+ in order to allow the Provider to not sign the extension.
+ Unsigned extensions are completely unreliable and should be
+ used only to prefill user forms since the user or any other third
+ party may have tampered with the data carried by the extension.
+ Signed extensions are only reliable if the relying party
+ trusts the OpenID Provider that signed them. Signing does not mean
+ the relying party can trust the values -- it only means that the values
+ have not been tampered with since the Provider sent the message.
+
+
+
+
+ Tries to get an OpenID extension that may be present in the response.
+
+ Type of the extension to look for in the response.
+
+ The extension, if it is found. Null otherwise.
+
+
+ Extensions are returned only if the Provider signed them.
+ Relying parties that do not care if the values were modified in
+ transit should use the method
+ in order to allow the Provider to not sign the extension.
+ Unsigned extensions are completely unreliable and should be
+ used only to prefill user forms since the user or any other third
+ party may have tampered with the data carried by the extension.
+ Signed extensions are only reliable if the relying party
+ trusts the OpenID Provider that signed them. Signing does not mean
+ the relying party can trust the values -- it only means that the values
+ have not been tampered with since the Provider sent the message.
+
+
+
+
+ Tries to get an OpenID extension that may be present in the response, without
+ requiring it to be signed by the Provider.
+
+ The type of extension to look for in the response message.
+
+ The extension, if it is found. Null otherwise.
+
+
+ Extensions are returned whether they are signed or not.
+ Use the method to retrieve
+ extension responses only if they are signed by the Provider to
+ protect against tampering.
+ Unsigned extensions are completely unreliable and should be
+ used only to prefill user forms since the user or any other third
+ party may have tampered with the data carried by the extension.
+ Signed extensions are only reliable if the relying party
+ trusts the OpenID Provider that signed them. Signing does not mean
+ the relying party can trust the values -- it only means that the values
+ have not been tampered with since the Provider sent the message.
+
+
+
+
+ Tries to get an OpenID extension that may be present in the response.
+
+ Type of the extension to look for in the response.
+
+ The extension, if it is found. Null otherwise.
+
+
+ Extensions are returned whether they are signed or not.
+ Use the method to retrieve
+ extension responses only if they are signed by the Provider to
+ protect against tampering.
+ Unsigned extensions are completely unreliable and should be
+ used only to prefill user forms since the user or any other third
+ party may have tampered with the data carried by the extension.
+ Signed extensions are only reliable if the relying party
+ trusts the OpenID Provider that signed them. Signing does not mean
+ the relying party can trust the values -- it only means that the values
+ have not been tampered with since the Provider sent the message.
+
+
+
+
+ Gets the Identifier that the end user claims to own. For use with user database storage and lookup.
+ May be null for some failed authentications (i.e. failed directed identity authentications).
+
+
+
+
+ This is the secure identifier that should be used for database storage and lookup.
+ It is not always friendly (i.e. =Arnott becomes =!9B72.7DD1.50A9.5CCD), but it protects
+ user identities against spoofing and other attacks.
+
+
+ For user-friendly identifiers to display, use the
+ property.
+
+
+
+
+
+ Gets a user-friendly OpenID Identifier for display purposes ONLY.
+
+
+
+
+ This should be put through before
+ sending to a browser to secure against javascript injection attacks.
+
+
+ This property retains some aspects of the user-supplied identifier that get lost
+ in the . For example, XRIs used as user-supplied
+ identifiers (i.e. =Arnott) become unfriendly unique strings (i.e. =!9B72.7DD1.50A9.5CCD).
+ For display purposes, such as text on a web page that says "You're logged in as ...",
+ this property serves to provide the =Arnott string, or whatever else is the most friendly
+ string close to what the user originally typed in.
+
+
+ If the user-supplied identifier is a URI, this property will be the URI after all
+ redirects, and with the protocol and fragment trimmed off.
+ If the user-supplied identifier is an XRI, this property will be the original XRI.
+ If the user-supplied identifier is an OpenID Provider identifier (i.e. yahoo.com),
+ this property will be the Claimed Identifier, with the protocol stripped if it is a URI.
+
+
+ It is very important that this property never be used for database storage
+ or lookup to avoid identity spoofing and other security risks. For database storage
+ and lookup please use the property.
+
+
+
+
+
+ Gets the detailed success or failure status of the authentication attempt.
+
+
+
+
+
+ Gets information about the OpenId Provider, as advertised by the
+ OpenID discovery documents found at the
+ location.
+
+
+ The Provider endpoint that issued the positive assertion;
+ or null if information about the Provider is unavailable.
+
+
+
+
+ Gets the details regarding a failed authentication attempt, if available.
+ This will be set if and only if is .
+
+
+
+
+ Code contract class for the type.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Gets the to pass to
+ in a subsequent authentication attempt.
+
+
+
+
+ A delegate that decides whether a given OpenID Provider endpoint may be
+ considered for authenticating a user.
+
+ The endpoint for consideration.
+
+ True if the endpoint should be considered.
+ False to remove it from the pool of acceptable providers.
+
+
+
+
+ Provides the programmatic facilities to act as an OpenID relying party.
+
+
+
+
+ The name of the key to use in the HttpApplication cache to store the
+ instance of to use.
+
+
+
+
+ Backing store for the property.
+
+
+
+
+ The discovery services to use for identifiers.
+
+
+
+
+ Backing field for the property.
+
+
+
+
+ The lock to obtain when initializing the member.
+
+
+
+
+ A dictionary of extension response types and the javascript member
+ name to map them to on the user agent.
+
+
+
+
+ Backing field for the property.
+
+
+
+
+ Backing store for the property.
+
+
+
+
+ Backing field for the property.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The application store. If null, the relying party will always operate in "stateless/dumb mode".
+
+
+
+ Initializes a new instance of the class.
+
+ The association store. If null, the relying party will always operate in "stateless/dumb mode".
+ The nonce store to use. If null, the relying party will always operate in "stateless/dumb mode".
+
+
+
+ Creates an authentication request to verify that a user controls
+ some given Identifier.
+
+
+ The Identifier supplied by the user. This may be a URL, an XRI or i-name.
+
+
+ The shorest URL that describes this relying party web site's address.
+ For example, if your login page is found at https://www.example.com/login.aspx,
+ your realm would typically be https://www.example.com/.
+
+
+ The URL of the login page, or the page prepared to receive authentication
+ responses from the OpenID Provider.
+
+
+ An authentication request object to customize the request and generate
+ an object to send to the user agent to initiate the authentication.
+
+ Thrown if no OpenID endpoint could be found.
+
+
+
+ Creates an authentication request to verify that a user controls
+ some given Identifier.
+
+
+ The Identifier supplied by the user. This may be a URL, an XRI or i-name.
+
+
+ The shorest URL that describes this relying party web site's address.
+ For example, if your login page is found at https://www.example.com/login.aspx,
+ your realm would typically be https://www.example.com/.
+
+
+ An authentication request object that describes the HTTP response to
+ send to the user agent to initiate the authentication.
+
+
+ Requires an HttpContext.Current context.
+
+ Thrown if no OpenID endpoint could be found.
+ Thrown if HttpContext.Current == null.
+
+
+
+ Creates an authentication request to verify that a user controls
+ some given Identifier.
+
+
+ The Identifier supplied by the user. This may be a URL, an XRI or i-name.
+
+
+ An authentication request object that describes the HTTP response to
+ send to the user agent to initiate the authentication.
+
+
+ Requires an HttpContext.Current context.
+
+ Thrown if no OpenID endpoint could be found.
+ Thrown if HttpContext.Current == null.
+
+
+
+ Generates the authentication requests that can satisfy the requirements of some OpenID Identifier.
+
+
+ The Identifier supplied by the user. This may be a URL, an XRI or i-name.
+
+
+ The shorest URL that describes this relying party web site's address.
+ For example, if your login page is found at https://www.example.com/login.aspx,
+ your realm would typically be https://www.example.com/.
+
+
+ The URL of the login page, or the page prepared to receive authentication
+ responses from the OpenID Provider.
+
+
+ A sequence of authentication requests, any of which constitutes a valid identity assertion on the Claimed Identifier.
+ Never null, but may be empty.
+
+
+ Any individual generated request can satisfy the authentication.
+ The generated requests are sorted in preferred order.
+ Each request is generated as it is enumerated to. Associations are created only as
+ is called.
+ No exception is thrown if no OpenID endpoints were discovered.
+ An empty enumerable is returned instead.
+
+
+
+
+ Generates the authentication requests that can satisfy the requirements of some OpenID Identifier.
+
+
+ The Identifier supplied by the user. This may be a URL, an XRI or i-name.
+
+
+ The shorest URL that describes this relying party web site's address.
+ For example, if your login page is found at https://www.example.com/login.aspx,
+ your realm would typically be https://www.example.com/.
+
+
+ A sequence of authentication requests, any of which constitutes a valid identity assertion on the Claimed Identifier.
+ Never null, but may be empty.
+
+
+ Any individual generated request can satisfy the authentication.
+ The generated requests are sorted in preferred order.
+ Each request is generated as it is enumerated to. Associations are created only as
+ is called.
+ No exception is thrown if no OpenID endpoints were discovered.
+ An empty enumerable is returned instead.
+ Requires an HttpContext.Current context.
+
+ Thrown if HttpContext.Current == null.
+
+
+
+ Generates the authentication requests that can satisfy the requirements of some OpenID Identifier.
+
+
+ The Identifier supplied by the user. This may be a URL, an XRI or i-name.
+
+
+ A sequence of authentication requests, any of which constitutes a valid identity assertion on the Claimed Identifier.
+ Never null, but may be empty.
+
+
+ Any individual generated request can satisfy the authentication.
+ The generated requests are sorted in preferred order.
+ Each request is generated as it is enumerated to. Associations are created only as
+ is called.
+ No exception is thrown if no OpenID endpoints were discovered.
+ An empty enumerable is returned instead.
+ Requires an HttpContext.Current context.
+
+ Thrown if HttpContext.Current == null.
+
+
+
+ Gets an authentication response from a Provider.
+
+ The processed authentication response if there is any; null otherwise.
+
+ Requires an HttpContext.Current context.
+
+
+
+
+ Gets an authentication response from a Provider.
+
+ The HTTP request that may be carrying an authentication response from the Provider.
+ The processed authentication response if there is any; null otherwise.
+
+
+
+ Processes the response received in a popup window or iframe to an AJAX-directed OpenID authentication.
+
+ The HTTP response to send to this HTTP request.
+
+ Requires an HttpContext.Current context.
+
+
+
+
+ Processes the response received in a popup window or iframe to an AJAX-directed OpenID authentication.
+
+ The incoming HTTP request that is expected to carry an OpenID authentication response.
+ The HTTP response to send to this HTTP request.
+
+
+
+ Allows an OpenID extension to read data out of an unverified positive authentication assertion
+ and send it down to the client browser so that Javascript running on the page can perform
+ some preprocessing on the extension data.
+
+ The extension response type that will read data from the assertion.
+ The property name on the openid_identifier input box object that will be used to store the extension data. For example: sreg
+
+ This method should be called before .
+
+
+
+
+ Performs application-defined tasks associated with freeing, releasing, or resetting unmanaged resources.
+
+
+
+
+ Determines whether some parameter name belongs to OpenID or this library
+ as a protocol or internal parameter name.
+
+ Name of the parameter.
+
+ true if the named parameter is a library- or protocol-specific parameter; otherwise, false.
+
+
+
+
+ Creates a relying party that does not verify incoming messages against
+ nonce or association stores.
+
+ The instantiated .
+
+ Useful for previewing messages while
+ allowing them to be fully processed and verified later.
+
+
+
+
+ Processes the response received in a popup window or iframe to an AJAX-directed OpenID authentication.
+
+ The incoming HTTP request that is expected to carry an OpenID authentication response.
+ The callback fired after the response status has been determined but before the Javascript response is formulated.
+
+ The HTTP response to send to this HTTP request.
+
+
+
+
+ Performs discovery on the specified identifier.
+
+ The identifier to discover services for.
+ A non-null sequence of services discovered for the identifier.
+
+
+
+ Checks whether a given OP Endpoint is permitted by the host relying party.
+
+ The OP endpoint.
+ true if the OP Endpoint is allowed; false otherwise.
+
+
+
+ Releases unmanaged and - optionally - managed resources
+
+ true to release both managed and unmanaged resources; false to release only unmanaged resources.
+
+
+
+ Invokes a method on a parent frame or window and closes the calling popup window if applicable.
+
+ The method to call on the parent window, including
+ parameters. (i.e. "callback('arg1', 2)"). No escaping is done by this method.
+ The entire HTTP response to send to the popup window or iframe to perform the invocation.
+
+
+
+ Called by derived classes when behaviors are added or removed.
+
+ The collection being modified.
+ The instance containing the event data.
+
+
+
+ Gets an XRDS sorting routine that uses the XRDS Service/@Priority
+ attribute to determine order.
+
+
+ Endpoints lacking any priority value are sorted to the end of the list.
+
+
+
+
+ Gets the standard state storage mechanism that uses ASP.NET's
+ HttpApplication state dictionary to store associations and nonces.
+
+
+
+
+ Gets or sets the channel to use for sending/receiving messages.
+
+
+
+
+ Gets the security settings used by this Relying Party.
+
+
+
+
+ Gets the security settings.
+
+
+
+
+ Gets or sets the optional Provider Endpoint filter to use.
+
+
+ Provides a way to optionally filter the providers that may be used in authenticating a user.
+ If provided, the delegate should return true to accept an endpoint, and false to reject it.
+ If null, all identity providers will be accepted. This is the default.
+
+
+
+
+ Gets or sets the ordering routine that will determine which XRDS
+ Service element to try first
+
+ Default is .
+
+ This may never be null. To reset to default behavior this property
+ can be set to the value of .
+
+
+
+
+ Gets the extension factories.
+
+
+
+
+ Gets a list of custom behaviors to apply to OpenID actions.
+
+
+ Adding behaviors can impact the security settings of this
+ instance in ways that subsequently removing the behaviors will not reverse.
+
+
+
+
+ Gets the list of services that can perform discovery on identifiers given to this relying party.
+
+
+
+
+ Gets the web request handler to use for discovery and the part of
+ authentication where direct messages are sent to an untrusted remote party.
+
+
+
+
+ Gets a value indicating whether this Relying Party can sign its return_to
+ parameter in outgoing authentication requests.
+
+
+
+
+ Gets the web request handler to use for discovery and the part of
+ authentication where direct messages are sent to an untrusted remote party.
+
+
+
+
+ Gets the association manager.
+
+
+
+
+ Gets the instance used to process authentication responses
+ without verifying the assertion or consuming nonces.
+
+
+
+
+ A serializable snapshot of a verified authentication message.
+
+
+
+
+ The callback arguments that came with the authentication response.
+
+
+
+
+ The untrusted callback arguments that came with the authentication response.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The authentication response to copy from.
+
+
+
+ Tries to get an OpenID extension that may be present in the response.
+
+ The type of extension to look for in the response message.
+
+ The extension, if it is found. Null otherwise.
+
+
+ Extensions are returned only if the Provider signed them.
+ Relying parties that do not care if the values were modified in
+ transit should use the method
+ in order to allow the Provider to not sign the extension.
+ Unsigned extensions are completely unreliable and should be
+ used only to prefill user forms since the user or any other third
+ party may have tampered with the data carried by the extension.
+ Signed extensions are only reliable if the relying party
+ trusts the OpenID Provider that signed them. Signing does not mean
+ the relying party can trust the values -- it only means that the values
+ have not been tampered with since the Provider sent the message.
+
+
+
+
+ Tries to get an OpenID extension that may be present in the response.
+
+ Type of the extension to look for in the response.
+
+ The extension, if it is found. Null otherwise.
+
+
+ Extensions are returned only if the Provider signed them.
+ Relying parties that do not care if the values were modified in
+ transit should use the method
+ in order to allow the Provider to not sign the extension.
+ Unsigned extensions are completely unreliable and should be
+ used only to prefill user forms since the user or any other third
+ party may have tampered with the data carried by the extension.
+ Signed extensions are only reliable if the relying party
+ trusts the OpenID Provider that signed them. Signing does not mean
+ the relying party can trust the values -- it only means that the values
+ have not been tampered with since the Provider sent the message.
+
+
+
+
+ Tries to get an OpenID extension that may be present in the response, without
+ requiring it to be signed by the Provider.
+
+ The type of extension to look for in the response message.
+
+ The extension, if it is found. Null otherwise.
+
+
+ Extensions are returned whether they are signed or not.
+ Use the method to retrieve
+ extension responses only if they are signed by the Provider to
+ protect against tampering.
+ Unsigned extensions are completely unreliable and should be
+ used only to prefill user forms since the user or any other third
+ party may have tampered with the data carried by the extension.
+ Signed extensions are only reliable if the relying party
+ trusts the OpenID Provider that signed them. Signing does not mean
+ the relying party can trust the values -- it only means that the values
+ have not been tampered with since the Provider sent the message.
+
+
+
+
+ Tries to get an OpenID extension that may be present in the response.
+
+ Type of the extension to look for in the response.
+
+ The extension, if it is found. Null otherwise.
+
+
+ Extensions are returned whether they are signed or not.
+ Use the method to retrieve
+ extension responses only if they are signed by the Provider to
+ protect against tampering.
+ Unsigned extensions are completely unreliable and should be
+ used only to prefill user forms since the user or any other third
+ party may have tampered with the data carried by the extension.
+ Signed extensions are only reliable if the relying party
+ trusts the OpenID Provider that signed them. Signing does not mean
+ the relying party can trust the values -- it only means that the values
+ have not been tampered with since the Provider sent the message.
+
+
+
+
+ Gets all the callback arguments that were previously added using
+ or as a natural part
+ of the return_to URL.
+
+ A name-value dictionary. Never null.
+
+ This MAY return any argument on the querystring that came with the authentication response,
+ which may include parameters not explicitly added using
+ .
+ Note that these values are NOT protected against tampering in transit.
+
+
+
+
+ Gets all the callback arguments that were previously added using
+ or as a natural part
+ of the return_to URL.
+
+ A name-value dictionary. Never null.
+
+ Callback parameters are only available even if the RP is in stateless mode,
+ or the callback parameters are otherwise unverifiable as untampered with.
+ Therefore, use this method only when the callback argument is not to be
+ used to make a security-sensitive decision.
+
+
+
+
+ Gets a callback argument's value that was previously added using
+ .
+
+ The name of the parameter whose value is sought.
+
+ The value of the argument, or null if the named parameter could not be found.
+
+
+ This may return any argument on the querystring that came with the authentication response,
+ which may include parameters not explicitly added using
+ .
+ Note that these values are NOT protected against tampering in transit.
+
+
+
+
+ Gets a callback argument's value that was previously added using
+ .
+
+ The name of the parameter whose value is sought.
+
+ The value of the argument, or null if the named parameter could not be found.
+
+
+ Callback parameters are only available even if the RP is in stateless mode,
+ or the callback parameters are otherwise unverifiable as untampered with.
+ Therefore, use this method only when the callback argument is not to be
+ used to make a security-sensitive decision.
+
+
+
+
+ Gets the Identifier that the end user claims to own. For use with user database storage and lookup.
+ May be null for some failed authentications (i.e. failed directed identity authentications).
+
+
+
+
+ This is the secure identifier that should be used for database storage and lookup.
+ It is not always friendly (i.e. =Arnott becomes =!9B72.7DD1.50A9.5CCD), but it protects
+ user identities against spoofing and other attacks.
+
+
+ For user-friendly identifiers to display, use the
+ property.
+
+
+
+
+
+ Gets a user-friendly OpenID Identifier for display purposes ONLY.
+
+
+
+
+ This should be put through before
+ sending to a browser to secure against javascript injection attacks.
+
+
+ This property retains some aspects of the user-supplied identifier that get lost
+ in the . For example, XRIs used as user-supplied
+ identifiers (i.e. =Arnott) become unfriendly unique strings (i.e. =!9B72.7DD1.50A9.5CCD).
+ For display purposes, such as text on a web page that says "You're logged in as ...",
+ this property serves to provide the =Arnott string, or whatever else is the most friendly
+ string close to what the user originally typed in.
+
+
+ If the user-supplied identifier is a URI, this property will be the URI after all
+ redirects, and with the protocol and fragment trimmed off.
+ If the user-supplied identifier is an XRI, this property will be the original XRI.
+ If the user-supplied identifier is an OpenID Provider identifier (i.e. yahoo.com),
+ this property will be the Claimed Identifier, with the protocol stripped if it is a URI.
+
+
+ It is very important that this property never be used for database storage
+ or lookup to avoid identity spoofing and other security risks. For database storage
+ and lookup please use the property.
+
+
+
+
+
+ Gets the detailed success or failure status of the authentication attempt.
+
+
+
+
+
+ Gets information about the OpenId Provider, as advertised by the
+ OpenID discovery documents found at the
+ location.
+
+
+ The Provider endpoint that issued the positive assertion;
+ or null if information about the Provider is unavailable.
+
+
+
+
+ Gets the details regarding a failed authentication attempt, if available.
+ This will be set if and only if is .
+
+
+
+
+
+ A very simple IXrdsProviderEndpoint implementation for verifying that all positive
+ assertions (particularly unsolicited ones) are received from OP endpoints that
+ are deemed permissible by the host RP.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The positive assertion.
+
+
+
+ Checks whether the OpenId Identifier claims support for a given extension.
+
+ The extension whose support is being queried.
+
+ True if support for the extension is advertised. False otherwise.
+
+
+ Note that a true or false return value is no guarantee of a Provider's
+ support for or lack of support for an extension. The return value is
+ determined by how the authenticating user filled out his/her XRDS document only.
+ The only way to be sure of support for a given extension is to include
+ the extension in the request and see if a response comes back for that extension.
+
+
+
+
+ Checks whether the OpenId Identifier claims support for a given extension.
+
+ The extension whose support is being queried.
+
+ True if support for the extension is advertised. False otherwise.
+
+
+ Note that a true or false return value is no guarantee of a Provider's
+ support for or lack of support for an extension. The return value is
+ determined by how the authenticating user filled out his/her XRDS document only.
+ The only way to be sure of support for a given extension is to include
+ the extension in the request and see if a response comes back for that extension.
+
+
+
+
+ Gets the detected version of OpenID implemented by the Provider.
+
+
+
+
+ Gets the URL that the OpenID Provider receives authentication requests at.
+
+
+
+
+ An in-memory store for Relying Parties, suitable for single server, single process
+ ASP.NET web sites.
+
+
+
+
+ The nonce store to use.
+
+
+
+
+ The association store to use.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Gets the key in a given bucket and handle.
+
+ The bucket name. Case sensitive.
+ The key handle. Case sensitive.
+
+ The cryptographic key, or null if no matching key was found.
+
+
+
+
+ Gets a sequence of existing keys within a given bucket.
+
+ The bucket name. Case sensitive.
+
+ A sequence of handles and keys, ordered by descending .
+
+
+
+
+ Stores a cryptographic key.
+
+ The name of the bucket to store the key in. Case sensitive.
+ The handle to the key, unique within the bucket. Case sensitive.
+ The key to store.
+ Thrown in the event of a conflict with an existing key in the same bucket and with the same handle.
+
+
+
+ Removes the key.
+
+ The bucket name. Case sensitive.
+ The key handle. Case sensitive.
+
+
+
+ Stores a given nonce and timestamp.
+
+ The context, or namespace, within which the must be unique.
+ A series of random characters.
+ The timestamp that together with the nonce string make it unique.
+ The timestamp may also be used by the data store to clear out old nonces.
+
+ True if the nonce+timestamp (combination) was not previously in the database.
+ False if the nonce was stored previously with the same timestamp.
+
+
+ The nonce must be stored for no less than the maximum time window a message may
+ be processed within before being discarded as an expired message.
+ If the binding element is applicable to your channel, this expiration window
+ is retrieved or set using the
+ property.
+
+
+
+
+ Common OpenID Provider Identifiers.
+
+
+
+
+ The Yahoo OP Identifier.
+
+
+
+
+ The Google OP Identifier.
+
+
+
+
+ The MyOpenID OP Identifier.
+
+
+
+
+ The Verisign OP Identifier.
+
+
+
+
+ The MyVidoop OP Identifier.
+
+
+
+
+ Prevents a default instance of the class from being created.
+
+
+
+
diff --git a/PROJ-ETS/packages/DotNetOpenAuth.OpenId.RelyingParty.4.3.0.13117/lib/net40-full/DotNetOpenAuth.OpenId.RelyingParty.dll b/PROJ-ETS/packages/DotNetOpenAuth.OpenId.RelyingParty.4.3.0.13117/lib/net40-full/DotNetOpenAuth.OpenId.RelyingParty.dll
new file mode 100644
index 0000000..72de67b
Binary files /dev/null and b/PROJ-ETS/packages/DotNetOpenAuth.OpenId.RelyingParty.4.3.0.13117/lib/net40-full/DotNetOpenAuth.OpenId.RelyingParty.dll differ
diff --git a/PROJ-ETS/packages/DotNetOpenAuth.OpenId.RelyingParty.4.3.0.13117/lib/net40-full/DotNetOpenAuth.OpenId.RelyingParty.xml b/PROJ-ETS/packages/DotNetOpenAuth.OpenId.RelyingParty.4.3.0.13117/lib/net40-full/DotNetOpenAuth.OpenId.RelyingParty.xml
new file mode 100644
index 0000000..50b4dde
--- /dev/null
+++ b/PROJ-ETS/packages/DotNetOpenAuth.OpenId.RelyingParty.4.3.0.13117/lib/net40-full/DotNetOpenAuth.OpenId.RelyingParty.xml
@@ -0,0 +1,3568 @@
+
+
+
+ DotNetOpenAuth.OpenId.RelyingParty
+
+
+
+
+ The COM interface describing the DotNetOpenAuth functionality available to
+ COM client OpenID relying parties.
+
+
+
+
+ Creates an authentication request to verify that a user controls
+ some given Identifier.
+
+
+ The Identifier supplied by the user. This may be a URL, an XRI or i-name.
+
+
+ The shorest URL that describes this relying party web site's address.
+ For example, if your login page is found at https://www.example.com/login.aspx,
+ your realm would typically be https://www.example.com/.
+
+
+ The URL of the login page, or the page prepared to receive authentication
+ responses from the OpenID Provider.
+
+
+ An authentication request object that describes the HTTP response to
+ send to the user agent to initiate the authentication.
+
+ Thrown if no OpenID endpoint could be found.
+
+
+
+ Creates an authentication request to verify that a user controls
+ some given Identifier.
+
+ The Identifier supplied by the user. This may be a URL, an XRI or i-name.
+ The shorest URL that describes this relying party web site's address.
+ For example, if your login page is found at https://www.example.com/login.aspx,
+ your realm would typically be https://www.example.com/.
+ The URL of the login page, or the page prepared to receive authentication
+ responses from the OpenID Provider.
+ A comma-delimited list of simple registration fields to request as optional.
+ A comma-delimited list of simple registration fields to request as required.
+
+ An authentication request object that describes the HTTP response to
+ send to the user agent to initiate the authentication.
+
+ Thrown if no OpenID endpoint could be found.
+
+
+
+ Gets the result of a user agent's visit to his OpenId provider in an
+ authentication attempt. Null if no response is available.
+
+ The incoming request URL .
+ The form data that may have been included in the case of a POST request.
+ The Provider's response to a previous authentication request, or null if no response is present.
+
+
+
+ An Attribute Exchange and Simple Registration filter to make all incoming attribute
+ requests look like Simple Registration requests, and to convert the response
+ to the originally requested extension and format.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Applies a well known set of security requirements to a default set of security settings.
+
+ The security settings to enhance with the requirements of this profile.
+
+ Care should be taken to never decrease security when applying a profile.
+ Profiles should only enhance security requirements to avoid being
+ incompatible with each other.
+
+
+
+
+ Called when an authentication request is about to be sent.
+
+ The request.
+
+ Implementations should be prepared to be called multiple times on the same outgoing message
+ without malfunctioning.
+
+
+
+
+ Called when an incoming positive assertion is received.
+
+ The positive assertion.
+
+
+
+ Implements the Identity, Credential, & Access Management (ICAM) OpenID 2.0 Profile
+ for the General Services Administration (GSA).
+
+
+ Relying parties that include this profile are always held to the terms required by the profile,
+ but Providers are only affected by the special behaviors of the profile when the RP specifically
+ indicates that they want to use this profile.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Applies a well known set of security requirements.
+
+ The security settings to enhance with the requirements of this profile.
+
+ Care should be taken to never decrease security when applying a profile.
+ Profiles should only enhance security requirements to avoid being
+ incompatible with each other.
+
+
+
+
+ Called when an authentication request is about to be sent.
+
+ The request.
+
+
+
+ Called when an incoming positive assertion is received.
+
+ The positive assertion.
+
+
+
+ The OpenID binding element responsible for reading/writing OpenID extensions
+ at the Relying Party.
+
+
+
+
+ The security settings that apply to this relying party, if it is a relying party.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The extension factory.
+ The security settings.
+
+
+
+ The messaging channel for OpenID relying parties.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The association store to use.
+ The nonce store to use.
+ The security settings to apply.
+
+
+
+ Initializes a new instance of the class.
+
+ The association store to use.
+ The nonce store to use.
+ An object that knows how to distinguish the various OpenID message types for deserialization purposes.
+ The security settings to apply.
+ A value indicating whether the channel is set up with no functional security binding elements.
+
+
+
+ A value indicating whether the channel is set up
+ with no functional security binding elements.
+
+ A new instance that will not perform verification on incoming messages or apply any security to outgoing messages.
+
+ A value of true allows the relying party to preview incoming
+ messages without invalidating nonces or checking signatures.
+ Setting this to true poses a great security risk and is only
+ present to support the OpenIdAjaxTextBox which needs to preview
+ messages, and will validate them later.
+
+
+
+
+ Initializes the binding elements.
+
+ The crypto key store.
+ The nonce store to use.
+ The security settings to apply. Must be an instance of either or ProviderSecuritySettings.
+ A value indicating whether the channel is set up with no functional security binding elements.
+
+ An array of binding elements which may be used to construct the channel.
+
+
+
+
+ Message factory for OpenID Relying Parties.
+
+
+
+
+ Analyzes an incoming request message payload to discover what kind of
+ message is embedded in it and returns the type, or null if no match is found.
+
+ The intended or actual recipient of the request message.
+ The name/value pairs that make up the message payload.
+
+ A newly instantiated -derived object that this message can
+ deserialize to. Null if the request isn't recognized as a valid protocol message.
+
+
+
+
+ Analyzes an incoming request message payload to discover what kind of
+ message is embedded in it and returns the type, or null if no match is found.
+
+ The message that was sent as a request that resulted in the response.
+ The name/value pairs that make up the message payload.
+
+ A newly instantiated -derived object that this message can
+ deserialize to. Null if the request isn't recognized as a valid protocol message.
+
+
+
+
+ Helps ensure compliance to some properties in the .
+
+
+
+
+ The security settings that are active on the relying party.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The security settings.
+
+
+
+ Prepares a message for sending based on the rules of this channel binding element.
+
+ The message to prepare for sending.
+
+ The protections (if any) that this binding element applied to the message.
+ Null if this binding element did not even apply to this binding element.
+
+
+ Implementations that provide message protection must honor the
+ properties where applicable.
+
+
+
+
+ Performs any transformation on an incoming message that may be necessary and/or
+ validates an incoming message based on the rules of this channel binding element.
+
+ The incoming message to process.
+
+ The protections (if any) that this binding element applied to the message.
+ Null if this binding element did not even apply to this binding element.
+
+
+ Thrown when the binding element rules indicate that this message is invalid and should
+ NOT be processed.
+
+
+ Implementations that provide message protection must honor the
+ properties where applicable.
+
+
+
+
+ Gets or sets the channel that this binding element belongs to.
+
+
+ This property is set by the channel when it is first constructed.
+
+
+
+
+ Gets the protection commonly offered (if any) by this binding element.
+
+
+ This value is used to assist in sorting binding elements in the channel stack.
+
+
+
+
+ The signing binding element for OpenID Relying Parties.
+
+
+
+
+ The association store used by Relying Parties to look up the secrets needed for signing.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The association store used to look up the secrets needed for signing. May be null for dumb Relying Parties.
+
+
+
+ Gets a specific association referenced in a given message's association handle.
+
+ The signed message whose association handle should be used to lookup the association to return.
+
+ The referenced association; or null if such an association cannot be found.
+
+
+
+
+ Gets the association to use to sign or verify a message.
+
+ The message to sign or verify.
+
+ The association to use to sign or verify the message.
+
+
+
+
+ Verifies the signature by unrecognized handle.
+
+ The message.
+ The signed message.
+ The protections applied.
+
+ The applied protections.
+
+
+
+
+ This binding element adds a nonce to a Relying Party's outgoing
+ authentication request when working against an OpenID 1.0 Provider
+ in order to protect against replay attacks or on all authentication
+ requests to distinguish solicited from unsolicited assertions.
+
+
+ This nonce goes beyond the OpenID 1.x spec, but adds to security.
+ Since this library's Provider implementation also provides special nonce
+ protection for 1.0 messages, this security feature overlaps with that one.
+ This means that if an RP from this library were talking to an OP from this
+ library, but the Identifier being authenticated advertised the OP as a 1.x
+ OP, then both RP and OP might try to use a nonce for protecting the assertion.
+ There's no problem with that--it will still all work out. And it would be a
+ very rare combination of elements anyway.
+
+
+ This binding element deactivates itself for OpenID 2.0 (or later) messages
+ since they are automatically protected in the protocol by the Provider's
+ openid.response_nonce parameter. The exception to this is when
+ is
+ set to true, which will not only add a request nonce to every outgoing
+ authentication request but also require that it be present in positive
+ assertions, effectively disabling unsolicited assertions.
+
+ In the messaging stack, this binding element looks like an ordinary
+ transform-type of binding element rather than a protection element,
+ due to its required order in the channel stack and that it exists
+ only on the RP side and only on some messages.
+
+
+
+
+ The context within which return_to nonces must be unique -- they all go into the same bucket.
+
+
+
+
+ The length of the generated nonce's random part.
+
+
+
+
+ The nonce store that will allow us to recall which nonces we've seen before.
+
+
+
+
+ The security settings at the RP.
+
+
+
+
+ Backing field for the property.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The nonce store to use.
+ The security settings of the RP.
+
+
+
+ Prepares a message for sending based on the rules of this channel binding element.
+
+ The message to prepare for sending.
+
+ The protections (if any) that this binding element applied to the message.
+ Null if this binding element did not even apply to this binding element.
+
+
+ Implementations that provide message protection must honor the
+ properties where applicable.
+
+
+
+
+ Performs any transformation on an incoming message that may be necessary and/or
+ validates an incoming message based on the rules of this channel binding element.
+
+ The incoming message to process.
+
+ The protections (if any) that this binding element applied to the message.
+ Null if this binding element did not even apply to this binding element.
+
+
+ Thrown when the binding element rules indicate that this message is invalid and should
+ NOT be processed.
+
+
+ Implementations that provide message protection must honor the
+ properties where applicable.
+
+
+
+
+ Determines whether a request nonce should be applied the request
+ or should be expected in the response.
+
+ The authentication request or the positive assertion response.
+
+ true if the message exchanged with an OpenID 1.x provider
+ or if unsolicited assertions should be rejected at the RP; otherwise false.
+
+
+
+
+ Gets or sets the channel that this binding element belongs to.
+
+
+ This property is set by the channel when it is first constructed.
+
+
+
+
+ Gets the protection offered (if any) by this binding element.
+
+
+
+
+ Gets the maximum message age from the standard expiration binding element.
+
+
+
+
+ A special DotNetOpenAuth-only nonce used by the RP when talking to 1.0 OPs in order
+ to protect against replay attacks.
+
+
+
+
+ The random bits generated for the nonce.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The creation date of the nonce.
+ The random bits that help make the nonce unique.
+
+
+
+ Creates a new nonce.
+
+ The newly instantiated instance.
+
+
+
+ Deserializes a nonce from the return_to parameter.
+
+ The base64-encoded value of the nonce.
+ The instantiated and initialized nonce.
+
+
+
+ Serializes the entire nonce for adding to the return_to URL.
+
+ The base64-encoded string representing the nonce.
+
+
+
+ Gets the creation date.
+
+
+
+
+ Gets the random part of the nonce as a base64 encoded string.
+
+
+
+
+ A set of methods designed to assist in improving interop across different
+ OpenID implementations and their extensions.
+
+
+
+
+ Adds an Attribute Exchange (AX) extension to the authentication request
+ that asks for the same attributes as the Simple Registration (sreg) extension
+ that is already applied.
+
+ The authentication request.
+ The attribute formats to use in the AX request.
+
+ If discovery on the user-supplied identifier yields hints regarding which
+ extensions and attribute formats the Provider supports, this method MAY ignore the
+ argument and accomodate the Provider to minimize
+ the size of the request.
+ If the request does not carry an sreg extension, the method logs a warning but
+ otherwise quietly returns doing nothing.
+
+
+
+
+ Looks for Simple Registration and Attribute Exchange (all known formats)
+ response extensions and returns them as a Simple Registration extension.
+
+ The authentication response.
+ if set to true unsigned extensions will be included in the search.
+
+ The Simple Registration response if found,
+ or a fabricated one based on the Attribute Exchange extension if found,
+ or just an empty if there was no data.
+ Never null.
+
+
+
+ Gets the attribute value if available.
+
+ The AX fetch response extension to look for the attribute value.
+ The type URI of the attribute, using the axschema.org format of .
+ The AX type URI formats to search.
+
+ The first value of the attribute, if available.
+
+
+
+
+ Tries to find the exact format of AX attribute Type URI supported by the Provider.
+
+ The authentication request.
+ The attribute formats the RP will try if this discovery fails.
+ The AX format(s) to use based on the Provider's advertised AX support.
+
+
+
+ The discovery service to support host-meta based discovery, such as Google Apps for Domains.
+
+
+ The spec for this discovery mechanism can be found at:
+ http://groups.google.com/group/google-federated-login-api/web/openid-discovery-for-hosted-domains
+ and the XMLDSig spec referenced in that spec can be found at:
+ http://wiki.oasis-open.org/xri/XrdOne/XmlDsigProfile
+
+
+
+
+ Path to the well-known location of the host-meta document at a domain.
+
+
+
+
+ The URI template for discovery host-meta on domains hosted by
+ Google Apps for Domains.
+
+
+
+
+ The pattern within a host-meta file to look for to obtain the URI to the XRDS document.
+
+
+
+
+ A set of certificate thumbprints that have been verified.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Performs discovery on the specified identifier.
+
+ The identifier to perform discovery on.
+ The means to place outgoing HTTP requests.
+ if set to true, no further discovery services will be called for this identifier.
+
+ A sequence of service endpoints yielded by discovery. Must not be null, but may be empty.
+
+
+
+
+ Gets the XRD elements that have a given CanonicalID.
+
+ The XRDS document.
+ The CanonicalID to match on.
+ A sequence of XRD elements.
+
+
+
+ Gets the described-by services in XRD elements.
+
+ The XRDs to search.
+ A sequence of services.
+
+
+
+ Gets the services for an identifier that are described by an external XRDS document.
+
+ The XRD elements to search for described-by services.
+ The identifier under discovery.
+ The request handler.
+ The discovered services.
+
+
+
+ Validates the XML digital signature on an XRDS document.
+
+ The XRDS document whose signature should be validated.
+ The identifier under discovery.
+ The response.
+ The host name on the certificate that should be used to verify the signature in the XRDS.
+ Thrown if the XRDS document has an invalid or a missing signature.
+
+
+
+ Verifies the cert chain.
+
+ The certs.
+
+ This must be in a method of its own because there is a LinkDemand on the
+ method. By being in a method of its own, the caller of this method may catch a
+ that is thrown if we're not running with full trust and execute
+ an alternative plan.
+
+ Thrown if the certificate chain is invalid or unverifiable.
+
+
+
+ Gets the XRDS HTTP response for a given identifier.
+
+ The identifier.
+ The request handler.
+ The location of the XRDS document to retrieve.
+
+ A HTTP response carrying an XRDS document.
+
+ Thrown if the XRDS document could not be obtained.
+
+
+
+ Verifies that a certificate chain is trusted.
+
+ The chain of certificates to verify.
+
+
+
+ Gets the XRDS HTTP response for a given identifier.
+
+ The identifier.
+ The request handler.
+ The host name on the certificate that should be used to verify the signature in the XRDS.
+ A HTTP response carrying an XRDS document, or null if one could not be obtained.
+ Thrown if the XRDS document could not be obtained.
+
+
+
+ Gets the location of the XRDS document that describes a given identifier.
+
+ The identifier under discovery.
+ The request handler.
+ The host name on the certificate that should be used to verify the signature in the XRDS.
+ An absolute URI, or null if one could not be determined.
+
+
+
+ Gets the host-meta for a given identifier.
+
+ The identifier.
+ The request handler.
+ The host name on the certificate that should be used to verify the signature in the XRDS.
+
+ The host-meta response, or null if no host-meta document could be obtained.
+
+
+
+
+ Gets the URIs authorized to host host-meta documents on behalf of a given domain.
+
+ The identifier.
+ A sequence of URIs that MAY provide the host-meta for a given identifier.
+
+
+
+ Gets the set of URI templates to use to contact host-meta hosting proxies
+ for domain discovery.
+
+
+
+
+ Gets or sets a value indicating whether to trust Google to host domains' host-meta documents.
+
+
+ This property is just a convenient mechanism for checking or changing the set of
+ trusted host-meta proxies in the property.
+
+
+
+
+ A description of a web server that hosts host-meta documents.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The proxy formatting string.
+ The signing host formatting string.
+
+
+
+ Gets the absolute proxy URI.
+
+ The identifier being discovered.
+ The an absolute URI.
+
+
+
+ Gets the signing host URI.
+
+ The identifier being discovered.
+ A host name.
+
+
+
+ Determines whether the specified is equal to the current .
+
+ The to compare with the current .
+
+ true if the specified is equal to the current ; otherwise, false.
+
+
+ The parameter is null.
+
+
+
+
+ Serves as a hash function for a particular type.
+
+
+ A hash code for the current .
+
+
+
+
+ Gets the URL of the host-meta proxy.
+
+ The absolute proxy URL, which may include {0} to be replaced with the host of the identifier to be discovered.
+
+
+
+ Gets the formatting string to determine the expected host name on the certificate
+ that is expected to be used to sign the XRDS document.
+
+
+ Either a string literal, or a formatting string where these placeholders may exist:
+ {0} the host on the identifier discovery was originally performed on;
+ {1} the host on this proxy.
+
+
+
+
+ The COM type used to provide details of an authentication result to a relying party COM client.
+
+
+
+
+ The response read in by the Relying Party.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The response.
+
+
+
+ Gets an Identifier that the end user claims to own. For use with user database storage and lookup.
+ May be null for some failed authentications (i.e. failed directed identity authentications).
+
+
+
+ This is the secure identifier that should be used for database storage and lookup.
+ It is not always friendly (i.e. =Arnott becomes =!9B72.7DD1.50A9.5CCD), but it protects
+ user identities against spoofing and other attacks.
+
+
+ For user-friendly identifiers to display, use the
+ property.
+
+
+
+
+
+ Gets a user-friendly OpenID Identifier for display purposes ONLY.
+
+
+
+ This should be put through before
+ sending to a browser to secure against javascript injection attacks.
+
+
+ This property retains some aspects of the user-supplied identifier that get lost
+ in the . For example, XRIs used as user-supplied
+ identifiers (i.e. =Arnott) become unfriendly unique strings (i.e. =!9B72.7DD1.50A9.5CCD).
+ For display purposes, such as text on a web page that says "You're logged in as ...",
+ this property serves to provide the =Arnott string, or whatever else is the most friendly
+ string close to what the user originally typed in.
+
+
+ If the user-supplied identifier is a URI, this property will be the URI after all
+ redirects, and with the protocol and fragment trimmed off.
+ If the user-supplied identifier is an XRI, this property will be the original XRI.
+ If the user-supplied identifier is an OpenID Provider identifier (i.e. yahoo.com),
+ this property will be the Claimed Identifier, with the protocol stripped if it is a URI.
+
+
+ It is very important that this property never be used for database storage
+ or lookup to avoid identity spoofing and other security risks. For database storage
+ and lookup please use the property.
+
+
+
+
+
+ Gets the provider endpoint that sent the assertion.
+
+
+
+
+ Gets a value indicating whether the authentication attempt succeeded.
+
+
+
+
+ Gets the Simple Registration response.
+
+
+
+
+ Gets details regarding a failed authentication attempt, if available.
+
+
+
+
+ A struct storing Simple Registration field values describing an
+ authenticating user.
+
+
+
+
+ The Simple Registration claims response message that this shim wraps.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The Simple Registration response to wrap.
+
+
+
+ Gets the nickname the user goes by.
+
+
+
+
+ Gets the user's email address.
+
+
+
+
+ Gets the full name of a user as a single string.
+
+
+
+
+ Gets the raw birth date string given by the extension.
+
+ A string in the format yyyy-MM-dd.
+
+
+
+ Gets the gender of the user.
+
+
+
+
+ Gets the zip code / postal code of the user.
+
+
+
+
+ Gets the country of the user.
+
+
+
+
+ Gets the primary/preferred language of the user.
+
+
+
+
+ Gets the user's timezone.
+
+
+
+
+ Implementation of , providing a subset of the
+ functionality available to .NET clients.
+
+
+
+
+ The OpenIdRelyingParty instance to use for requests.
+
+
+
+
+ Initializes static members of the class.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Creates an authentication request to verify that a user controls
+ some given Identifier.
+
+
+ The Identifier supplied by the user. This may be a URL, an XRI or i-name.
+
+
+ The shorest URL that describes this relying party web site's address.
+ For example, if your login page is found at https://www.example.com/login.aspx,
+ your realm would typically be https://www.example.com/.
+
+
+ The URL of the login page, or the page prepared to receive authentication
+ responses from the OpenID Provider.
+
+
+ An authentication request object that describes the HTTP response to
+ send to the user agent to initiate the authentication.
+
+ Thrown if no OpenID endpoint could be found.
+
+
+
+ Creates an authentication request to verify that a user controls
+ some given Identifier.
+
+ The Identifier supplied by the user. This may be a URL, an XRI or i-name.
+ The shorest URL that describes this relying party web site's address.
+ For example, if your login page is found at https://www.example.com/login.aspx,
+ your realm would typically be https://www.example.com/.
+ The URL of the login page, or the page prepared to receive authentication
+ responses from the OpenID Provider.
+ A comma-delimited list of simple registration fields to request as optional.
+ A comma-delimited list of simple registration fields to request as required.
+
+ An authentication request object that describes the HTTP response to
+ send to the user agent to initiate the authentication.
+
+ Thrown if no OpenID endpoint could be found.
+
+
+
+ Gets the result of a user agent's visit to his OpenId provider in an
+ authentication attempt. Null if no response is available.
+
+ The incoming request URL.
+ The form data that may have been included in the case of a POST request.
+ The Provider's response to a previous authentication request, or null if no response is present.
+
+
+
+ The successful Diffie-Hellman association response message.
+
+
+ Association response messages are described in OpenID 2.0 section 8.2. This type covers section 8.2.3.
+
+
+
+
+ A successful association response as it is received by the relying party.
+
+
+
+
+ Called to create the Association based on a request previously given by the Relying Party.
+
+ The prior request for an association.
+ The created association.
+
+
+
+ Initializes a new instance of the class.
+
+ The OpenID version of the response message.
+ The originating request.
+
+
+
+ Creates the association at relying party side after the association response has been received.
+
+ The original association request that was already sent and responded to.
+ The newly created association.
+
+ The resulting association is not added to the association store and must be done by the caller.
+
+
+
+
+ Utility methods for requesting associations from the relying party.
+
+
+
+
+ Creates an association request message that is appropriate for a given Provider.
+
+ The set of requirements the selected association type must comply to.
+ The provider to create an association with.
+
+ The message to send to the Provider to request an association.
+ Null if no association could be created that meet the security requirements
+ and the provider OpenID version.
+
+
+
+
+ Creates an association request message that is appropriate for a given Provider.
+
+ The set of requirements the selected association type must comply to.
+ The provider to create an association with.
+ Type of the association.
+ Type of the session.
+
+ The message to send to the Provider to request an association.
+ Null if no association could be created that meet the security requirements
+ and the provider OpenID version.
+
+
+
+
+ Code contract for the interface.
+
+
+
+
+ Checks the message state for conformity to the protocol specification
+ and throws an exception if the message is invalid.
+
+ Thrown if the message is invalid.
+
+
+
+ Called to create the Association based on a request previously given by the Relying Party.
+
+ The prior request for an association.
+
+ The created association.
+
+
+
+
+ Gets the level of protection this message requires.
+
+
+
+
+ Gets a value indicating whether this is a direct or indirect message.
+
+
+
+
+ Gets the version of the protocol or extension this message is prepared to implement.
+
+
+
+
+ Gets the extra, non-standard Protocol parameters included in the message.
+
+
+
+
+ A response to an unencrypted assocation request, as it is received by the relying party.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The version.
+ The request.
+
+
+
+ Called to create the Association based on a request previously given by the Relying Party.
+
+ The prior request for an association.
+ The created association.
+
+
+
+ Wraps a standard so that it behaves as an association store.
+
+
+
+
+ Stores s for lookup by their handle, keeping
+ associations separated by a given OP Endpoint.
+
+
+ Expired associations should be periodically cleared out of an association store.
+ This should be done frequently enough to avoid a memory leak, but sparingly enough
+ to not be a performance drain. Because this balance can vary by host, it is the
+ responsibility of the host to initiate this cleaning.
+
+
+
+
+ Saves an for later recall.
+
+ The OP Endpoint with which the association is established.
+ The association to store.
+
+ If the new association conflicts (in OP endpoint and association handle) with an existing association,
+ (which should never happen by the way) implementations may overwrite the previously saved association.
+
+
+
+
+ Gets the best association (the one with the longest remaining life) for a given key.
+
+ The OP Endpoint with which the association is established.
+ The security requirements that the returned association must meet.
+
+ The requested association, or null if no unexpired s exist for the given key.
+
+
+ In the event that multiple associations exist for the given
+ , it is important for the
+ implementation for this method to use the
+ to pick the best (highest grade or longest living as the host's policy may dictate)
+ association that fits the security requirements.
+ Associations that are returned that do not meet the security requirements will be
+ ignored and a new association created.
+
+
+
+
+ Gets the association for a given key and handle.
+
+ The OP Endpoint with which the association is established.
+ The handle of the specific association that must be recalled.
+ The requested association, or null if no unexpired s exist for the given key and handle.
+
+
+ Removes a specified handle that may exist in the store.
+ The OP Endpoint with which the association is established.
+ The handle of the specific association that must be deleted.
+
+ Deprecated. The return value is insignificant.
+ Previously: True if the association existed in this store previous to this call.
+
+
+ No exception should be thrown if the association does not exist in the store
+ before this call.
+
+
+
+
+ The underlying key store.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The key store.
+
+
+
+ Saves an for later recall.
+
+ The OP Endpoint with which the association is established.
+ The association to store.
+
+
+
+ Gets the best association (the one with the longest remaining life) for a given key.
+
+ The OP Endpoint with which the association is established.
+ The security requirements that the returned association must meet.
+
+ The requested association, or null if no unexpired s exist for the given key.
+
+
+
+
+ Gets the association for a given key and handle.
+
+ The OP Endpoint with which the association is established.
+ The handle of the specific association that must be recalled.
+
+ The requested association, or null if no unexpired s exist for the given key and handle.
+
+
+
+
+ Removes a specified handle that may exist in the store.
+
+ The OP Endpoint with which the association is established.
+ The handle of the specific association that must be deleted.
+
+ True if the association existed in this store previous to this call.
+
+
+
+
+ Constants used in implementing support for the UI extension.
+
+
+
+
+ Gets the window.open javascript snippet to use to open a popup window
+ compliant with the UI extension.
+
+ The relying party.
+ The authentication request to place in the window.
+ The name to assign to the popup window.
+ A string starting with 'window.open' and forming just that one method call.
+
+
+
+ Code Contract for the class.
+
+
+
+
+ Saves an for later recall.
+
+ The Uri (for relying parties) or Smart/Dumb (for providers).
+ The association to store.
+
+ TODO: what should implementations do on association handle conflict?
+
+
+
+
+ Gets the best association (the one with the longest remaining life) for a given key.
+
+ The Uri (for relying parties) or Smart/Dumb (for Providers).
+ The security requirements that the returned association must meet.
+
+ The requested association, or null if no unexpired s exist for the given key.
+
+
+ In the event that multiple associations exist for the given
+ , it is important for the
+ implementation for this method to use the
+ to pick the best (highest grade or longest living as the host's policy may dictate)
+ association that fits the security requirements.
+ Associations that are returned that do not meet the security requirements will be
+ ignored and a new association created.
+
+
+
+
+ Gets the association for a given key and handle.
+
+ The Uri (for relying parties) or Smart/Dumb (for Providers).
+ The handle of the specific association that must be recalled.
+
+ The requested association, or null if no unexpired s exist for the given key and handle.
+
+
+
+
+ Removes a specified handle that may exist in the store.
+
+ The Uri (for relying parties) or Smart/Dumb (for Providers).
+ The handle of the specific association that must be deleted.
+
+ True if the association existed in this store previous to this call.
+
+
+ No exception should be thrown if the association does not exist in the store
+ before this call.
+
+
+
+
+ A dictionary of handle/Association pairs.
+
+
+ Each method is locked, even if it is only one line, so that they are thread safe
+ against each other, particularly the ones that enumerate over the list, since they
+ can break if the collection is changed by another thread during enumeration.
+
+
+
+
+ The lookup table where keys are the association handles and values are the associations themselves.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Stores an in the collection.
+
+ The association to add to the collection.
+
+
+
+ Returns the with the given handle. Null if not found.
+
+ The handle to the required association.
+ The desired association, or null if none with the given handle could be found.
+
+
+
+ Removes the with the given handle.
+
+ The handle to the required association.
+ Whether an with the given handle was in the collection for removal.
+
+
+
+ Removes all expired associations from the collection.
+
+
+
+
+ Gets the s ordered in order of descending issue date
+ (most recently issued comes first). An empty sequence if no valid associations exist.
+
+
+ This property is used by relying parties that are initiating authentication requests.
+ It does not apply to Providers, which always need a specific association by handle.
+
+
+
+
+ Manages the establishment, storage and retrieval of associations at the relying party.
+
+
+
+
+ The storage to use for saving and retrieving associations. May be null.
+
+
+
+
+ Backing field for the property.
+
+
+
+
+ Backing field for the property.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The channel the relying party is using.
+ The association store. May be null for dumb mode relying parties.
+ The security settings.
+
+
+
+ Gets an association between this Relying Party and a given Provider
+ if it already exists in the association store.
+
+ The provider to create an association with.
+ The association if one exists and has useful life remaining. Otherwise null.
+
+
+
+ Gets an existing association with the specified Provider, or attempts to create
+ a new association of one does not already exist.
+
+ The provider to get an association for.
+ The existing or new association; null if none existed and one could not be created.
+
+
+
+ Creates a new association with a given Provider.
+
+ The provider to create an association with.
+
+ The newly created association, or null if no association can be created with
+ the given Provider given the current security settings.
+
+
+ A new association is created and returned even if one already exists in the
+ association store.
+ Any new association is automatically added to the .
+
+
+
+
+ Creates a new association with a given Provider.
+
+ The provider to create an association with.
+ The associate request. May be null, which will always result in a null return value..
+ The number of times to try the associate request again if the Provider suggests it.
+
+ The newly created association, or null if no association can be created with
+ the given Provider given the current security settings.
+
+
+
+
+ Gets or sets the channel to use for establishing associations.
+
+ The channel.
+
+
+
+ Gets or sets the security settings to apply in choosing association types to support.
+
+
+
+
+ Gets a value indicating whether this instance has an association store.
+
+
+ true if the relying party can act in 'smart' mode;
+ false if the relying party must always act in 'dumb' mode.
+
+
+
+
+ Gets the storage to use for saving and retrieving associations. May be null.
+
+
+
+
+ Preferences regarding creation and use of an association between a relying party
+ and provider for authentication.
+
+
+
+
+ Indicates that an association should be created for use in authentication
+ if one has not already been established between the relying party and the
+ selected provider.
+
+
+ Even with this value, if an association attempt fails or the relying party
+ has no application store to recall associations, the authentication may
+ proceed without an association.
+
+
+
+
+ Indicates that an association should be used for authentication only if
+ it happens to already exist.
+
+
+
+
+ Indicates that an authentication attempt should NOT use an OpenID association
+ between the relying party and the provider, even if an association was previously
+ created.
+
+
+
+
+ Facilitates customization and creation and an authentication request
+ that a Relying Party is preparing to send.
+
+
+
+
+ The name of the internal callback parameter to use to store the user-supplied identifier.
+
+
+
+
+ The relying party that created this request object.
+
+
+
+
+ How an association may or should be created or used in the formulation of the
+ authentication request.
+
+
+
+
+ The extensions that have been added to this authentication request.
+
+
+
+
+ Arguments to add to the return_to part of the query string, so that
+ these values come back to the consumer when the user agent returns.
+
+
+
+
+ A value indicating whether the return_to callback arguments must be signed.
+
+
+ This field defaults to false, but is set to true as soon as the first callback argument
+ is added that indicates it must be signed. At which point, all arguments are signed
+ even if individual ones did not need to be.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The endpoint that describes the OpenID Identifier and Provider that will complete the authentication.
+ The realm, or root URL, of the host web site.
+ The base return_to URL that the Provider should return the user to to complete authentication. This should not include callback parameters as these should be added using the method.
+ The relying party that created this instance.
+
+
+
+ Makes a dictionary of key/value pairs available when the authentication is completed.
+
+ The arguments to add to the request's return_to URI.
+
+ Note that these values are NOT protected against eavesdropping in transit. No
+ privacy-sensitive data should be stored using this method.
+ The values stored here can be retrieved using
+ , which will only return the value
+ if it hasn't been tampered with in transit.
+ Since the data set here is sent in the querystring of the request and some
+ servers place limits on the size of a request URL, this data should be kept relatively
+ small to ensure successful authentication. About 1.5KB is about all that should be stored.
+
+
+
+
+ Makes a key/value pair available when the authentication is completed.
+
+ The parameter name.
+ The value of the argument.
+
+ Note that these values are NOT protected against eavesdropping in transit. No
+ privacy-sensitive data should be stored using this method.
+ The value stored here can be retrieved using
+ , which will only return the value
+ if it hasn't been tampered with in transit.
+ Since the data set here is sent in the querystring of the request and some
+ servers place limits on the size of a request URL, this data should be kept relatively
+ small to ensure successful authentication. About 1.5KB is about all that should be stored.
+
+
+
+
+ Makes a key/value pair available when the authentication is completed.
+
+ The parameter name.
+ The value of the argument. Must not be null.
+
+ Note that these values are NOT protected against tampering in transit. No
+ security-sensitive data should be stored using this method.
+ The value stored here can be retrieved using
+ .
+ Since the data set here is sent in the querystring of the request and some
+ servers place limits on the size of a request URL, this data should be kept relatively
+ small to ensure successful authentication. About 1.5KB is about all that should be stored.
+
+
+
+
+ Makes a key/value pair available when the authentication is completed without
+ requiring a return_to signature to protect against tampering of the callback argument.
+
+ The parameter name.
+ The value of the argument. Must not be null.
+
+ Note that these values are NOT protected against eavesdropping or tampering in transit. No
+ security-sensitive data should be stored using this method.
+ The value stored here can be retrieved using
+ .
+ Since the data set here is sent in the querystring of the request and some
+ servers place limits on the size of a request URL, this data should be kept relatively
+ small to ensure successful authentication. About 1.5KB is about all that should be stored.
+
+
+
+
+ Adds an OpenID extension to the request directed at the OpenID provider.
+
+ The initialized extension to add to the request.
+
+
+
+ Redirects the user agent to the provider for authentication.
+
+
+ This method requires an ASP.NET HttpContext.
+
+
+
+
+ Performs identifier discovery, creates associations and generates authentication requests
+ on-demand for as long as new ones can be generated based on the results of Identifier discovery.
+
+ The user supplied identifier.
+ The relying party.
+ The realm.
+ The return_to base URL.
+ if set to true, associations that do not exist between this Relying Party and the asserting Providers are created before the authentication request is created.
+
+ A sequence of authentication requests, any of which constitutes a valid identity assertion on the Claimed Identifier.
+ Never null, but may be empty.
+
+
+
+
+ Creates an instance of FOR TESTING PURPOSES ONLY.
+
+ The discovery result.
+ The realm.
+ The return to.
+ The relying party.
+ The instantiated .
+
+
+
+ Creates the request message to send to the Provider,
+ based on the properties in this instance.
+
+ The message to send to the Provider.
+
+
+
+ Performs deferred request generation for the method.
+
+ The user supplied identifier.
+ The relying party.
+ The realm.
+ The return_to base URL.
+ The discovered service endpoints on the Claimed Identifier.
+ if set to true, associations that do not exist between this Relying Party and the asserting Providers are created before the authentication request is created.
+
+ A sequence of authentication requests, any of which constitutes a valid identity assertion on the Claimed Identifier.
+ Never null, but may be empty.
+
+
+ All data validation and cleansing steps must have ALREADY taken place
+ before calling this method.
+
+
+
+
+ Returns a filtered and sorted list of the available OP endpoints for a discovered Identifier.
+
+ The endpoints.
+ The relying party.
+ A filtered and sorted list of endpoints; may be empty if the input was empty or the filter removed all endpoints.
+
+
+
+ Creates the request message to send to the Provider,
+ based on the properties in this instance.
+
+ The message to send to the Provider.
+
+
+
+ Gets the association to use for this authentication request.
+
+ The association to use; null to use 'dumb mode'.
+
+
+
+ Gets or sets the mode the Provider should use during authentication.
+
+
+
+
+
+ Gets the HTTP response the relying party should send to the user agent
+ to redirect it to the OpenID Provider to start the OpenID authentication process.
+
+
+
+
+
+ Gets the URL that the user agent will return to after authentication
+ completes or fails at the Provider.
+
+
+
+
+
+ Gets the URL that identifies this consumer web application that
+ the Provider will display to the end user.
+
+
+
+
+ Gets the Claimed Identifier that the User Supplied Identifier
+ resolved to. Null if the user provided an OP Identifier
+ (directed identity).
+
+
+
+ Null is returned if the user is using the directed identity feature
+ of OpenID 2.0 to make it nearly impossible for a relying party site
+ to improperly store the reserved OpenID URL used for directed identity
+ as a user's own Identifier.
+ However, to test for the Directed Identity feature, please test the
+ property rather than testing this
+ property for a null value.
+
+
+
+
+ Gets a value indicating whether the authenticating user has chosen to let the Provider
+ determine and send the ClaimedIdentifier after authentication.
+
+
+
+
+ Gets or sets a value indicating whether this request only carries extensions
+ and is not a request to verify that the user controls some identifier.
+
+
+ true if this request is merely a carrier of extensions and is not
+ about an OpenID identifier; otherwise, false.
+
+
+
+
+ Gets information about the OpenId Provider, as advertised by the
+ OpenId discovery documents found at the
+ location.
+
+
+
+
+ Gets the discovery result leading to the formulation of this request.
+
+ The discovery result.
+
+
+
+ Gets or sets how an association may or should be created or used
+ in the formulation of the authentication request.
+
+
+
+
+ Gets the extensions that have been added to the request.
+
+
+
+
+ Gets the list of extensions for this request.
+
+
+
+
+ An authentication request comparer that judges equality solely on the OP endpoint hostname.
+
+
+
+
+ The singleton instance of this comparer.
+
+
+
+
+ Prevents a default instance of the class from being created.
+
+
+
+
+ Determines whether the specified objects are equal.
+
+ The first object to compare.
+ The second object to compare.
+
+ true if the specified objects are equal; otherwise, false.
+
+
+
+
+ Returns a hash code for the specified object.
+
+ The for which a hash code is to be returned.
+ A hash code for the specified object.
+
+ The type of is a reference type and is null.
+
+
+
+
+ Gets the singleton instance of this comparer.
+
+
+
+
+ Wraps a negative assertion response in an instance
+ for public consumption by the host web site.
+
+
+
+
+ An interface to expose useful properties and functionality for handling
+ authentication responses that are returned from Immediate authentication
+ requests that require a subsequent request to be made in non-immediate mode.
+
+
+
+
+ Gets the to pass to
+ in a subsequent authentication attempt.
+
+
+
+
+ The negative assertion message that was received by the RP that was used
+ to create this instance.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The negative assertion response received by the Relying Party.
+
+
+
+ Gets a callback argument's value that was previously added using
+ .
+
+ The name of the parameter whose value is sought.
+
+ The value of the argument, or null if the named parameter could not be found.
+
+
+ This may return any argument on the querystring that came with the authentication response,
+ which may include parameters not explicitly added using
+ .
+ Note that these values are NOT protected against tampering in transit.
+
+
+
+
+ Gets a callback argument's value that was previously added using
+ .
+
+ The name of the parameter whose value is sought.
+
+ The value of the argument, or null if the named parameter could not be found.
+
+
+ Callback parameters are only available even if the RP is in stateless mode,
+ or the callback parameters are otherwise unverifiable as untampered with.
+ Therefore, use this method only when the callback argument is not to be
+ used to make a security-sensitive decision.
+
+
+
+
+ Gets all the callback arguments that were previously added using
+ or as a natural part
+ of the return_to URL.
+
+ A name-value dictionary. Never null.
+
+ This MAY return any argument on the querystring that came with the authentication response,
+ which may include parameters not explicitly added using
+ .
+ Note that these values are NOT protected against tampering in transit.
+
+
+
+
+ Gets all the callback arguments that were previously added using
+ or as a natural part
+ of the return_to URL.
+
+ A name-value dictionary. Never null.
+
+ Callback parameters are only available even if the RP is in stateless mode,
+ or the callback parameters are otherwise unverifiable as untampered with.
+ Therefore, use this method only when the callback argument is not to be
+ used to make a security-sensitive decision.
+
+
+
+
+ Tries to get an OpenID extension that may be present in the response.
+
+ The type of extension to look for in the response message.
+
+ The extension, if it is found. Null otherwise.
+
+
+ Extensions are returned only if the Provider signed them.
+ Relying parties that do not care if the values were modified in
+ transit should use the method
+ in order to allow the Provider to not sign the extension.
+ Unsigned extensions are completely unreliable and should be
+ used only to prefill user forms since the user or any other third
+ party may have tampered with the data carried by the extension.
+ Signed extensions are only reliable if the relying party
+ trusts the OpenID Provider that signed them. Signing does not mean
+ the relying party can trust the values -- it only means that the values
+ have not been tampered with since the Provider sent the message.
+
+
+
+
+ Tries to get an OpenID extension that may be present in the response.
+
+ Type of the extension to look for in the response.
+
+ The extension, if it is found. Null otherwise.
+
+
+ Extensions are returned only if the Provider signed them.
+ Relying parties that do not care if the values were modified in
+ transit should use the method
+ in order to allow the Provider to not sign the extension.
+ Unsigned extensions are completely unreliable and should be
+ used only to prefill user forms since the user or any other third
+ party may have tampered with the data carried by the extension.
+ Signed extensions are only reliable if the relying party
+ trusts the OpenID Provider that signed them. Signing does not mean
+ the relying party can trust the values -- it only means that the values
+ have not been tampered with since the Provider sent the message.
+
+
+
+
+ Tries to get an OpenID extension that may be present in the response, without
+ requiring it to be signed by the Provider.
+
+ The type of extension to look for in the response message.
+
+ The extension, if it is found. Null otherwise.
+
+
+ Extensions are returned whether they are signed or not.
+ Use the method to retrieve
+ extension responses only if they are signed by the Provider to
+ protect against tampering.
+ Unsigned extensions are completely unreliable and should be
+ used only to prefill user forms since the user or any other third
+ party may have tampered with the data carried by the extension.
+ Signed extensions are only reliable if the relying party
+ trusts the OpenID Provider that signed them. Signing does not mean
+ the relying party can trust the values -- it only means that the values
+ have not been tampered with since the Provider sent the message.
+
+
+
+
+ Tries to get an OpenID extension that may be present in the response.
+
+ Type of the extension to look for in the response.
+
+ The extension, if it is found. Null otherwise.
+
+
+ Extensions are returned whether they are signed or not.
+ Use the method to retrieve
+ extension responses only if they are signed by the Provider to
+ protect against tampering.
+ Unsigned extensions are completely unreliable and should be
+ used only to prefill user forms since the user or any other third
+ party may have tampered with the data carried by the extension.
+ Signed extensions are only reliable if the relying party
+ trusts the OpenID Provider that signed them. Signing does not mean
+ the relying party can trust the values -- it only means that the values
+ have not been tampered with since the Provider sent the message.
+
+
+
+
+ Gets the Identifier that the end user claims to own. For use with user database storage and lookup.
+ May be null for some failed authentications (i.e. failed directed identity authentications).
+
+
+
+
+ This is the secure identifier that should be used for database storage and lookup.
+ It is not always friendly (i.e. =Arnott becomes =!9B72.7DD1.50A9.5CCD), but it protects
+ user identities against spoofing and other attacks.
+
+
+ For user-friendly identifiers to display, use the
+ property.
+
+
+
+
+
+ Gets a user-friendly OpenID Identifier for display purposes ONLY.
+
+
+
+
+ This should be put through before
+ sending to a browser to secure against javascript injection attacks.
+
+
+ This property retains some aspects of the user-supplied identifier that get lost
+ in the . For example, XRIs used as user-supplied
+ identifiers (i.e. =Arnott) become unfriendly unique strings (i.e. =!9B72.7DD1.50A9.5CCD).
+ For display purposes, such as text on a web page that says "You're logged in as ...",
+ this property serves to provide the =Arnott string, or whatever else is the most friendly
+ string close to what the user originally typed in.
+
+
+ If the user-supplied identifier is a URI, this property will be the URI after all
+ redirects, and with the protocol and fragment trimmed off.
+ If the user-supplied identifier is an XRI, this property will be the original XRI.
+ If the user-supplied identifier is an OpenID Provider identifier (i.e. yahoo.com),
+ this property will be the Claimed Identifier, with the protocol stripped if it is a URI.
+
+
+ It is very important that this property never be used for database storage
+ or lookup to avoid identity spoofing and other security risks. For database storage
+ and lookup please use the property.
+
+
+
+
+
+ Gets the detailed success or failure status of the authentication attempt.
+
+
+
+
+
+ Gets information about the OpenId Provider, as advertised by the
+ OpenID discovery documents found at the
+ location.
+
+
+ The Provider endpoint that issued the positive assertion;
+ or null if information about the Provider is unavailable.
+
+
+
+
+ Gets the details regarding a failed authentication attempt, if available.
+ This will be set if and only if is .
+
+
+
+
+
+ Gets the to pass to
+ in a subsequent authentication attempt.
+
+
+
+
+
+ Wraps an extension-only response from the OP in an instance
+ for public consumption by the host web site.
+
+
+
+
+ Backin field for the property.
+
+
+
+
+ Information about the OP endpoint that issued this assertion.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The response message.
+
+
+
+ Gets a callback argument's value that was previously added using
+ .
+
+ The name of the parameter whose value is sought.
+
+ The value of the argument, or null if the named parameter could not be found.
+
+
+ Callback parameters are only available if they are complete and untampered with
+ since the original request message (as proven by a signature).
+ If the relying party is operating in stateless mode null is always
+ returned since the callback arguments could not be signed to protect against
+ tampering.
+
+
+
+
+ Gets a callback argument's value that was previously added using
+ .
+
+ The name of the parameter whose value is sought.
+
+ The value of the argument, or null if the named parameter could not be found.
+
+
+ Callback parameters are only available even if the RP is in stateless mode,
+ or the callback parameters are otherwise unverifiable as untampered with.
+ Therefore, use this method only when the callback argument is not to be
+ used to make a security-sensitive decision.
+
+
+
+
+ Gets all the callback arguments that were previously added using
+ or as a natural part
+ of the return_to URL.
+
+ A name-value dictionary. Never null.
+
+ Callback parameters are only available if they are complete and untampered with
+ since the original request message (as proven by a signature).
+ If the relying party is operating in stateless mode an empty dictionary is always
+ returned since the callback arguments could not be signed to protect against
+ tampering.
+
+
+
+
+ Gets all the callback arguments that were previously added using
+ or as a natural part
+ of the return_to URL.
+
+ A name-value dictionary. Never null.
+
+ Callback parameters are only available if they are complete and untampered with
+ since the original request message (as proven by a signature).
+ If the relying party is operating in stateless mode an empty dictionary is always
+ returned since the callback arguments could not be signed to protect against
+ tampering.
+
+
+
+
+ Tries to get an OpenID extension that may be present in the response.
+
+ The type of extension to look for in the response message.
+
+ The extension, if it is found. Null otherwise.
+
+
+ Extensions are returned only if the Provider signed them.
+ Relying parties that do not care if the values were modified in
+ transit should use the method
+ in order to allow the Provider to not sign the extension.
+ Unsigned extensions are completely unreliable and should be
+ used only to prefill user forms since the user or any other third
+ party may have tampered with the data carried by the extension.
+ Signed extensions are only reliable if the relying party
+ trusts the OpenID Provider that signed them. Signing does not mean
+ the relying party can trust the values -- it only means that the values
+ have not been tampered with since the Provider sent the message.
+
+
+
+
+ Tries to get an OpenID extension that may be present in the response.
+
+ Type of the extension to look for in the response.
+
+ The extension, if it is found. Null otherwise.
+
+
+ Extensions are returned only if the Provider signed them.
+ Relying parties that do not care if the values were modified in
+ transit should use the method
+ in order to allow the Provider to not sign the extension.
+ Unsigned extensions are completely unreliable and should be
+ used only to prefill user forms since the user or any other third
+ party may have tampered with the data carried by the extension.
+ Signed extensions are only reliable if the relying party
+ trusts the OpenID Provider that signed them. Signing does not mean
+ the relying party can trust the values -- it only means that the values
+ have not been tampered with since the Provider sent the message.
+
+
+
+
+ Tries to get an OpenID extension that may be present in the response, without
+ requiring it to be signed by the Provider.
+
+ The type of extension to look for in the response message.
+
+ The extension, if it is found. Null otherwise.
+
+
+ Extensions are returned whether they are signed or not.
+ Use the method to retrieve
+ extension responses only if they are signed by the Provider to
+ protect against tampering.
+ Unsigned extensions are completely unreliable and should be
+ used only to prefill user forms since the user or any other third
+ party may have tampered with the data carried by the extension.
+ Signed extensions are only reliable if the relying party
+ trusts the OpenID Provider that signed them. Signing does not mean
+ the relying party can trust the values -- it only means that the values
+ have not been tampered with since the Provider sent the message.
+
+
+
+
+ Tries to get an OpenID extension that may be present in the response.
+
+ Type of the extension to look for in the response.
+
+ The extension, if it is found. Null otherwise.
+
+
+ Extensions are returned whether they are signed or not.
+ Use the method to retrieve
+ extension responses only if they are signed by the Provider to
+ protect against tampering.
+ Unsigned extensions are completely unreliable and should be
+ used only to prefill user forms since the user or any other third
+ party may have tampered with the data carried by the extension.
+ Signed extensions are only reliable if the relying party
+ trusts the OpenID Provider that signed them. Signing does not mean
+ the relying party can trust the values -- it only means that the values
+ have not been tampered with since the Provider sent the message.
+
+
+
+
+ Gets the Identifier that the end user claims to own. For use with user database storage and lookup.
+ May be null for some failed authentications (i.e. failed directed identity authentications).
+
+
+
+ This is the secure identifier that should be used for database storage and lookup.
+ It is not always friendly (i.e. =Arnott becomes =!9B72.7DD1.50A9.5CCD), but it protects
+ user identities against spoofing and other attacks.
+
+
+ For user-friendly identifiers to display, use the
+ property.
+
+
+
+
+
+ Gets a user-friendly OpenID Identifier for display purposes ONLY.
+
+
+
+
+ This should be put through before
+ sending to a browser to secure against javascript injection attacks.
+
+
+ This property retains some aspects of the user-supplied identifier that get lost
+ in the . For example, XRIs used as user-supplied
+ identifiers (i.e. =Arnott) become unfriendly unique strings (i.e. =!9B72.7DD1.50A9.5CCD).
+ For display purposes, such as text on a web page that says "You're logged in as ...",
+ this property serves to provide the =Arnott string, or whatever else is the most friendly
+ string close to what the user originally typed in.
+
+
+ If the user-supplied identifier is a URI, this property will be the URI after all
+ redirects, and with the protocol and fragment trimmed off.
+ If the user-supplied identifier is an XRI, this property will be the original XRI.
+ If the user-supplied identifier is an OpenID Provider identifier (i.e. yahoo.com),
+ this property will be the Claimed Identifier, with the protocol stripped if it is a URI.
+
+
+ It is very important that this property never be used for database storage
+ or lookup to avoid identity spoofing and other security risks. For database storage
+ and lookup please use the property.
+
+
+
+
+
+ Gets the detailed success or failure status of the authentication attempt.
+
+
+
+
+ Gets information about the OpenId Provider, as advertised by the
+ OpenID discovery documents found at the
+ location.
+
+
+ The Provider endpoint that issued the positive assertion;
+ or null if information about the Provider is unavailable.
+
+
+
+
+ Gets the details regarding a failed authentication attempt, if available.
+ This will be set if and only if is .
+
+
+
+
+
+ Gets a value indicating whether trusted callback arguments are available.
+
+
+ We use this internally to avoid logging a warning during a standard snapshot creation.
+
+
+
+
+ Gets the positive extension-only message the Relying Party received that this instance wraps.
+
+
+
+
+ Wraps a positive assertion response in an instance
+ for public consumption by the host web site.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The positive assertion response that was just received by the Relying Party.
+ The relying party.
+
+
+
+ Verifies that the positive assertion data matches the results of
+ discovery on the Claimed Identifier.
+
+ The relying party.
+
+ Thrown when the Provider is asserting that a user controls an Identifier
+ when discovery on that Identifier contradicts what the Provider says.
+ This would be an indication of either a misconfigured Provider or
+ an attempt by someone to spoof another user's identity with a rogue Provider.
+
+
+
+
+ Gets the Identifier that the end user claims to own. For use with user database storage and lookup.
+ May be null for some failed authentications (i.e. failed directed identity authentications).
+
+
+
+
+ This is the secure identifier that should be used for database storage and lookup.
+ It is not always friendly (i.e. =Arnott becomes =!9B72.7DD1.50A9.5CCD), but it protects
+ user identities against spoofing and other attacks.
+
+
+ For user-friendly identifiers to display, use the
+ property.
+
+
+
+
+
+ Gets a user-friendly OpenID Identifier for display purposes ONLY.
+
+
+
+ This should be put through before
+ sending to a browser to secure against javascript injection attacks.
+
+
+ This property retains some aspects of the user-supplied identifier that get lost
+ in the . For example, XRIs used as user-supplied
+ identifiers (i.e. =Arnott) become unfriendly unique strings (i.e. =!9B72.7DD1.50A9.5CCD).
+ For display purposes, such as text on a web page that says "You're logged in as ...",
+ this property serves to provide the =Arnott string, or whatever else is the most friendly
+ string close to what the user originally typed in.
+
+
+ If the user-supplied identifier is a URI, this property will be the URI after all
+ redirects, and with the protocol and fragment trimmed off.
+ If the user-supplied identifier is an XRI, this property will be the original XRI.
+ If the user-supplied identifier is an OpenID Provider identifier (i.e. yahoo.com),
+ this property will be the Claimed Identifier, with the protocol stripped if it is a URI.
+
+
+ It is very important that this property never be used for database storage
+ or lookup to avoid identity spoofing and other security risks. For database storage
+ and lookup please use the property.
+
+
+
+
+
+ Gets the detailed success or failure status of the authentication attempt.
+
+
+
+
+ Gets the OpenID service endpoint reconstructed from the assertion message.
+
+
+ This information is straight from the Provider, and therefore must not
+ be trusted until verified as matching the discovery information for
+ the claimed identifier to avoid a Provider asserting an Identifier
+ for which it has no authority.
+
+
+
+
+ Gets the positive assertion response message.
+
+
+
+
+ Wraps a failed authentication response in an instance
+ for public consumption by the host web site.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The exception that resulted in the failed authentication.
+
+
+
+ Gets all the callback arguments that were previously added using
+ or as a natural part
+ of the return_to URL.
+
+ A name-value dictionary. Never null.
+
+ This MAY return any argument on the querystring that came with the authentication response,
+ which may include parameters not explicitly added using
+ .
+ Note that these values are NOT protected against tampering in transit.
+
+
+
+
+ Gets all the callback arguments that were previously added using
+ or as a natural part
+ of the return_to URL.
+
+ A name-value dictionary. Never null.
+
+ Callback parameters are only available even if the RP is in stateless mode,
+ or the callback parameters are otherwise unverifiable as untampered with.
+ Therefore, use this method only when the callback argument is not to be
+ used to make a security-sensitive decision.
+
+
+
+
+ Gets a callback argument's value that was previously added using
+ .
+
+ The name of the parameter whose value is sought.
+
+ The value of the argument, or null if the named parameter could not be found.
+
+
+ This may return any argument on the querystring that came with the authentication response,
+ which may include parameters not explicitly added using
+ .
+ Note that these values are NOT protected against tampering in transit.
+
+
+
+
+ Gets a callback argument's value that was previously added using
+ .
+
+ The name of the parameter whose value is sought.
+
+ The value of the argument, or null if the named parameter could not be found.
+
+
+ Callback parameters are only available even if the RP is in stateless mode,
+ or the callback parameters are otherwise unverifiable as untampered with.
+ Therefore, use this method only when the callback argument is not to be
+ used to make a security-sensitive decision.
+
+
+
+
+ Tries to get an OpenID extension that may be present in the response.
+
+ The type of extension to look for in the response message.
+
+ The extension, if it is found. Null otherwise.
+
+
+ Extensions are returned only if the Provider signed them.
+ Relying parties that do not care if the values were modified in
+ transit should use the method
+ in order to allow the Provider to not sign the extension.
+ Unsigned extensions are completely unreliable and should be
+ used only to prefill user forms since the user or any other third
+ party may have tampered with the data carried by the extension.
+ Signed extensions are only reliable if the relying party
+ trusts the OpenID Provider that signed them. Signing does not mean
+ the relying party can trust the values -- it only means that the values
+ have not been tampered with since the Provider sent the message.
+
+
+
+
+ Tries to get an OpenID extension that may be present in the response.
+
+ Type of the extension to look for in the response.
+
+ The extension, if it is found. Null otherwise.
+
+
+ Extensions are returned only if the Provider signed them.
+ Relying parties that do not care if the values were modified in
+ transit should use the method
+ in order to allow the Provider to not sign the extension.
+ Unsigned extensions are completely unreliable and should be
+ used only to prefill user forms since the user or any other third
+ party may have tampered with the data carried by the extension.
+ Signed extensions are only reliable if the relying party
+ trusts the OpenID Provider that signed them. Signing does not mean
+ the relying party can trust the values -- it only means that the values
+ have not been tampered with since the Provider sent the message.
+
+
+
+
+ Tries to get an OpenID extension that may be present in the response, without
+ requiring it to be signed by the Provider.
+
+ The type of extension to look for in the response message.
+
+ The extension, if it is found. Null otherwise.
+
+
+ Extensions are returned whether they are signed or not.
+ Use the method to retrieve
+ extension responses only if they are signed by the Provider to
+ protect against tampering.
+ Unsigned extensions are completely unreliable and should be
+ used only to prefill user forms since the user or any other third
+ party may have tampered with the data carried by the extension.
+ Signed extensions are only reliable if the relying party
+ trusts the OpenID Provider that signed them. Signing does not mean
+ the relying party can trust the values -- it only means that the values
+ have not been tampered with since the Provider sent the message.
+
+
+
+
+ Tries to get an OpenID extension that may be present in the response.
+
+ Type of the extension to look for in the response.
+
+ The extension, if it is found. Null otherwise.
+
+
+ Extensions are returned whether they are signed or not.
+ Use the method to retrieve
+ extension responses only if they are signed by the Provider to
+ protect against tampering.
+ Unsigned extensions are completely unreliable and should be
+ used only to prefill user forms since the user or any other third
+ party may have tampered with the data carried by the extension.
+ Signed extensions are only reliable if the relying party
+ trusts the OpenID Provider that signed them. Signing does not mean
+ the relying party can trust the values -- it only means that the values
+ have not been tampered with since the Provider sent the message.
+
+
+
+
+ Gets the Identifier that the end user claims to own. For use with user database storage and lookup.
+ May be null for some failed authentications (i.e. failed directed identity authentications).
+
+
+
+
+ This is the secure identifier that should be used for database storage and lookup.
+ It is not always friendly (i.e. =Arnott becomes =!9B72.7DD1.50A9.5CCD), but it protects
+ user identities against spoofing and other attacks.
+
+
+ For user-friendly identifiers to display, use the
+ property.
+
+
+
+
+
+ Gets a user-friendly OpenID Identifier for display purposes ONLY.
+
+
+
+
+ This should be put through before
+ sending to a browser to secure against javascript injection attacks.
+
+
+ This property retains some aspects of the user-supplied identifier that get lost
+ in the . For example, XRIs used as user-supplied
+ identifiers (i.e. =Arnott) become unfriendly unique strings (i.e. =!9B72.7DD1.50A9.5CCD).
+ For display purposes, such as text on a web page that says "You're logged in as ...",
+ this property serves to provide the =Arnott string, or whatever else is the most friendly
+ string close to what the user originally typed in.
+
+
+ If the user-supplied identifier is a URI, this property will be the URI after all
+ redirects, and with the protocol and fragment trimmed off.
+ If the user-supplied identifier is an XRI, this property will be the original XRI.
+ If the user-supplied identifier is an OpenID Provider identifier (i.e. yahoo.com),
+ this property will be the Claimed Identifier, with the protocol stripped if it is a URI.
+
+
+ It is very important that this property never be used for database storage
+ or lookup to avoid identity spoofing and other security risks. For database storage
+ and lookup please use the property.
+
+
+
+
+
+ Gets the detailed success or failure status of the authentication attempt.
+
+
+
+
+
+ Gets information about the OpenId Provider, as advertised by the
+ OpenID discovery documents found at the
+ location.
+
+
+ The Provider endpoint that issued the positive assertion;
+ or null if information about the Provider is unavailable.
+
+
+
+
+ Gets the details regarding a failed authentication attempt, if available.
+ This will be set if and only if is .
+
+
+
+
+ Code contract class for the type.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Gets the to pass to
+ in a subsequent authentication attempt.
+
+
+
+
+ A delegate that decides whether a given OpenID Provider endpoint may be
+ considered for authenticating a user.
+
+ The endpoint for consideration.
+
+ True if the endpoint should be considered.
+ False to remove it from the pool of acceptable providers.
+
+
+
+
+ Provides the programmatic facilities to act as an OpenID relying party.
+
+
+
+
+ The name of the key to use in the HttpApplication cache to store the
+ instance of to use.
+
+
+
+
+ Backing store for the property.
+
+
+
+
+ The discovery services to use for identifiers.
+
+
+
+
+ Backing field for the property.
+
+
+
+
+ The lock to obtain when initializing the member.
+
+
+
+
+ A dictionary of extension response types and the javascript member
+ name to map them to on the user agent.
+
+
+
+
+ Backing field for the property.
+
+
+
+
+ Backing store for the property.
+
+
+
+
+ Backing field for the property.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The application store. If null, the relying party will always operate in "stateless/dumb mode".
+
+
+
+ Initializes a new instance of the class.
+
+ The association store. If null, the relying party will always operate in "stateless/dumb mode".
+ The nonce store to use. If null, the relying party will always operate in "stateless/dumb mode".
+
+
+
+ Creates an authentication request to verify that a user controls
+ some given Identifier.
+
+
+ The Identifier supplied by the user. This may be a URL, an XRI or i-name.
+
+
+ The shorest URL that describes this relying party web site's address.
+ For example, if your login page is found at https://www.example.com/login.aspx,
+ your realm would typically be https://www.example.com/.
+
+
+ The URL of the login page, or the page prepared to receive authentication
+ responses from the OpenID Provider.
+
+
+ An authentication request object to customize the request and generate
+ an object to send to the user agent to initiate the authentication.
+
+ Thrown if no OpenID endpoint could be found.
+
+
+
+ Creates an authentication request to verify that a user controls
+ some given Identifier.
+
+
+ The Identifier supplied by the user. This may be a URL, an XRI or i-name.
+
+
+ The shorest URL that describes this relying party web site's address.
+ For example, if your login page is found at https://www.example.com/login.aspx,
+ your realm would typically be https://www.example.com/.
+
+
+ An authentication request object that describes the HTTP response to
+ send to the user agent to initiate the authentication.
+
+
+ Requires an HttpContext.Current context.
+
+ Thrown if no OpenID endpoint could be found.
+ Thrown if HttpContext.Current == null.
+
+
+
+ Creates an authentication request to verify that a user controls
+ some given Identifier.
+
+
+ The Identifier supplied by the user. This may be a URL, an XRI or i-name.
+
+
+ An authentication request object that describes the HTTP response to
+ send to the user agent to initiate the authentication.
+
+
+ Requires an HttpContext.Current context.
+
+ Thrown if no OpenID endpoint could be found.
+ Thrown if HttpContext.Current == null.
+
+
+
+ Generates the authentication requests that can satisfy the requirements of some OpenID Identifier.
+
+
+ The Identifier supplied by the user. This may be a URL, an XRI or i-name.
+
+
+ The shorest URL that describes this relying party web site's address.
+ For example, if your login page is found at https://www.example.com/login.aspx,
+ your realm would typically be https://www.example.com/.
+
+
+ The URL of the login page, or the page prepared to receive authentication
+ responses from the OpenID Provider.
+
+
+ A sequence of authentication requests, any of which constitutes a valid identity assertion on the Claimed Identifier.
+ Never null, but may be empty.
+
+
+ Any individual generated request can satisfy the authentication.
+ The generated requests are sorted in preferred order.
+ Each request is generated as it is enumerated to. Associations are created only as
+ is called.
+ No exception is thrown if no OpenID endpoints were discovered.
+ An empty enumerable is returned instead.
+
+
+
+
+ Generates the authentication requests that can satisfy the requirements of some OpenID Identifier.
+
+
+ The Identifier supplied by the user. This may be a URL, an XRI or i-name.
+
+
+ The shorest URL that describes this relying party web site's address.
+ For example, if your login page is found at https://www.example.com/login.aspx,
+ your realm would typically be https://www.example.com/.
+
+
+ A sequence of authentication requests, any of which constitutes a valid identity assertion on the Claimed Identifier.
+ Never null, but may be empty.
+
+
+ Any individual generated request can satisfy the authentication.
+ The generated requests are sorted in preferred order.
+ Each request is generated as it is enumerated to. Associations are created only as
+ is called.
+ No exception is thrown if no OpenID endpoints were discovered.
+ An empty enumerable is returned instead.
+ Requires an HttpContext.Current context.
+
+ Thrown if HttpContext.Current == null.
+
+
+
+ Generates the authentication requests that can satisfy the requirements of some OpenID Identifier.
+
+
+ The Identifier supplied by the user. This may be a URL, an XRI or i-name.
+
+
+ A sequence of authentication requests, any of which constitutes a valid identity assertion on the Claimed Identifier.
+ Never null, but may be empty.
+
+
+ Any individual generated request can satisfy the authentication.
+ The generated requests are sorted in preferred order.
+ Each request is generated as it is enumerated to. Associations are created only as
+ is called.
+ No exception is thrown if no OpenID endpoints were discovered.
+ An empty enumerable is returned instead.
+ Requires an HttpContext.Current context.
+
+ Thrown if HttpContext.Current == null.
+
+
+
+ Gets an authentication response from a Provider.
+
+ The processed authentication response if there is any; null otherwise.
+
+ Requires an HttpContext.Current context.
+
+
+
+
+ Gets an authentication response from a Provider.
+
+ The HTTP request that may be carrying an authentication response from the Provider.
+ The processed authentication response if there is any; null otherwise.
+
+
+
+ Processes the response received in a popup window or iframe to an AJAX-directed OpenID authentication.
+
+ The HTTP response to send to this HTTP request.
+
+ Requires an HttpContext.Current context.
+
+
+
+
+ Processes the response received in a popup window or iframe to an AJAX-directed OpenID authentication.
+
+ The incoming HTTP request that is expected to carry an OpenID authentication response.
+ The HTTP response to send to this HTTP request.
+
+
+
+ Allows an OpenID extension to read data out of an unverified positive authentication assertion
+ and send it down to the client browser so that Javascript running on the page can perform
+ some preprocessing on the extension data.
+
+ The extension response type that will read data from the assertion.
+ The property name on the openid_identifier input box object that will be used to store the extension data. For example: sreg
+
+ This method should be called before .
+
+
+
+
+ Performs application-defined tasks associated with freeing, releasing, or resetting unmanaged resources.
+
+
+
+
+ Determines whether some parameter name belongs to OpenID or this library
+ as a protocol or internal parameter name.
+
+ Name of the parameter.
+
+ true if the named parameter is a library- or protocol-specific parameter; otherwise, false.
+
+
+
+
+ Creates a relying party that does not verify incoming messages against
+ nonce or association stores.
+
+ The instantiated .
+
+ Useful for previewing messages while
+ allowing them to be fully processed and verified later.
+
+
+
+
+ Processes the response received in a popup window or iframe to an AJAX-directed OpenID authentication.
+
+ The incoming HTTP request that is expected to carry an OpenID authentication response.
+ The callback fired after the response status has been determined but before the Javascript response is formulated.
+
+ The HTTP response to send to this HTTP request.
+
+
+
+
+ Performs discovery on the specified identifier.
+
+ The identifier to discover services for.
+ A non-null sequence of services discovered for the identifier.
+
+
+
+ Checks whether a given OP Endpoint is permitted by the host relying party.
+
+ The OP endpoint.
+ true if the OP Endpoint is allowed; false otherwise.
+
+
+
+ Releases unmanaged and - optionally - managed resources
+
+ true to release both managed and unmanaged resources; false to release only unmanaged resources.
+
+
+
+ Invokes a method on a parent frame or window and closes the calling popup window if applicable.
+
+ The method to call on the parent window, including
+ parameters. (i.e. "callback('arg1', 2)"). No escaping is done by this method.
+ The entire HTTP response to send to the popup window or iframe to perform the invocation.
+
+
+
+ Called by derived classes when behaviors are added or removed.
+
+ The collection being modified.
+ The instance containing the event data.
+
+
+
+ Gets an XRDS sorting routine that uses the XRDS Service/@Priority
+ attribute to determine order.
+
+
+ Endpoints lacking any priority value are sorted to the end of the list.
+
+
+
+
+ Gets the standard state storage mechanism that uses ASP.NET's
+ HttpApplication state dictionary to store associations and nonces.
+
+
+
+
+ Gets or sets the channel to use for sending/receiving messages.
+
+
+
+
+ Gets the security settings used by this Relying Party.
+
+
+
+
+ Gets the security settings.
+
+
+
+
+ Gets or sets the optional Provider Endpoint filter to use.
+
+
+ Provides a way to optionally filter the providers that may be used in authenticating a user.
+ If provided, the delegate should return true to accept an endpoint, and false to reject it.
+ If null, all identity providers will be accepted. This is the default.
+
+
+
+
+ Gets or sets the ordering routine that will determine which XRDS
+ Service element to try first
+
+ Default is .
+
+ This may never be null. To reset to default behavior this property
+ can be set to the value of .
+
+
+
+
+ Gets the extension factories.
+
+
+
+
+ Gets a list of custom behaviors to apply to OpenID actions.
+
+
+ Adding behaviors can impact the security settings of this
+ instance in ways that subsequently removing the behaviors will not reverse.
+
+
+
+
+ Gets the list of services that can perform discovery on identifiers given to this relying party.
+
+
+
+
+ Gets the web request handler to use for discovery and the part of
+ authentication where direct messages are sent to an untrusted remote party.
+
+
+
+
+ Gets a value indicating whether this Relying Party can sign its return_to
+ parameter in outgoing authentication requests.
+
+
+
+
+ Gets the web request handler to use for discovery and the part of
+ authentication where direct messages are sent to an untrusted remote party.
+
+
+
+
+ Gets the association manager.
+
+
+
+
+ Gets the instance used to process authentication responses
+ without verifying the assertion or consuming nonces.
+
+
+
+
+ A serializable snapshot of a verified authentication message.
+
+
+
+
+ The callback arguments that came with the authentication response.
+
+
+
+
+ The untrusted callback arguments that came with the authentication response.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The authentication response to copy from.
+
+
+
+ Tries to get an OpenID extension that may be present in the response.
+
+ The type of extension to look for in the response message.
+
+ The extension, if it is found. Null otherwise.
+
+
+ Extensions are returned only if the Provider signed them.
+ Relying parties that do not care if the values were modified in
+ transit should use the method
+ in order to allow the Provider to not sign the extension.
+ Unsigned extensions are completely unreliable and should be
+ used only to prefill user forms since the user or any other third
+ party may have tampered with the data carried by the extension.
+ Signed extensions are only reliable if the relying party
+ trusts the OpenID Provider that signed them. Signing does not mean
+ the relying party can trust the values -- it only means that the values
+ have not been tampered with since the Provider sent the message.
+
+
+
+
+ Tries to get an OpenID extension that may be present in the response.
+
+ Type of the extension to look for in the response.
+
+ The extension, if it is found. Null otherwise.
+
+
+ Extensions are returned only if the Provider signed them.
+ Relying parties that do not care if the values were modified in
+ transit should use the method
+ in order to allow the Provider to not sign the extension.
+ Unsigned extensions are completely unreliable and should be
+ used only to prefill user forms since the user or any other third
+ party may have tampered with the data carried by the extension.
+ Signed extensions are only reliable if the relying party
+ trusts the OpenID Provider that signed them. Signing does not mean
+ the relying party can trust the values -- it only means that the values
+ have not been tampered with since the Provider sent the message.
+
+
+
+
+ Tries to get an OpenID extension that may be present in the response, without
+ requiring it to be signed by the Provider.
+
+ The type of extension to look for in the response message.
+
+ The extension, if it is found. Null otherwise.
+
+
+ Extensions are returned whether they are signed or not.
+ Use the method to retrieve
+ extension responses only if they are signed by the Provider to
+ protect against tampering.
+ Unsigned extensions are completely unreliable and should be
+ used only to prefill user forms since the user or any other third
+ party may have tampered with the data carried by the extension.
+ Signed extensions are only reliable if the relying party
+ trusts the OpenID Provider that signed them. Signing does not mean
+ the relying party can trust the values -- it only means that the values
+ have not been tampered with since the Provider sent the message.
+
+
+
+
+ Tries to get an OpenID extension that may be present in the response.
+
+ Type of the extension to look for in the response.
+
+ The extension, if it is found. Null otherwise.
+
+
+ Extensions are returned whether they are signed or not.
+ Use the method to retrieve
+ extension responses only if they are signed by the Provider to
+ protect against tampering.
+ Unsigned extensions are completely unreliable and should be
+ used only to prefill user forms since the user or any other third
+ party may have tampered with the data carried by the extension.
+ Signed extensions are only reliable if the relying party
+ trusts the OpenID Provider that signed them. Signing does not mean
+ the relying party can trust the values -- it only means that the values
+ have not been tampered with since the Provider sent the message.
+
+
+
+
+ Gets all the callback arguments that were previously added using
+ or as a natural part
+ of the return_to URL.
+
+ A name-value dictionary. Never null.
+
+ This MAY return any argument on the querystring that came with the authentication response,
+ which may include parameters not explicitly added using
+ .
+ Note that these values are NOT protected against tampering in transit.
+
+
+
+
+ Gets all the callback arguments that were previously added using
+ or as a natural part
+ of the return_to URL.
+
+ A name-value dictionary. Never null.
+
+ Callback parameters are only available even if the RP is in stateless mode,
+ or the callback parameters are otherwise unverifiable as untampered with.
+ Therefore, use this method only when the callback argument is not to be
+ used to make a security-sensitive decision.
+
+
+
+
+ Gets a callback argument's value that was previously added using
+ .
+
+ The name of the parameter whose value is sought.
+
+ The value of the argument, or null if the named parameter could not be found.
+
+
+ This may return any argument on the querystring that came with the authentication response,
+ which may include parameters not explicitly added using
+ .
+ Note that these values are NOT protected against tampering in transit.
+
+
+
+
+ Gets a callback argument's value that was previously added using
+ .
+
+ The name of the parameter whose value is sought.
+
+ The value of the argument, or null if the named parameter could not be found.
+
+
+ Callback parameters are only available even if the RP is in stateless mode,
+ or the callback parameters are otherwise unverifiable as untampered with.
+ Therefore, use this method only when the callback argument is not to be
+ used to make a security-sensitive decision.
+
+
+
+
+ Gets the Identifier that the end user claims to own. For use with user database storage and lookup.
+ May be null for some failed authentications (i.e. failed directed identity authentications).
+
+
+
+
+ This is the secure identifier that should be used for database storage and lookup.
+ It is not always friendly (i.e. =Arnott becomes =!9B72.7DD1.50A9.5CCD), but it protects
+ user identities against spoofing and other attacks.
+
+
+ For user-friendly identifiers to display, use the
+ property.
+
+
+
+
+
+ Gets a user-friendly OpenID Identifier for display purposes ONLY.
+
+
+
+
+ This should be put through before
+ sending to a browser to secure against javascript injection attacks.
+
+
+ This property retains some aspects of the user-supplied identifier that get lost
+ in the . For example, XRIs used as user-supplied
+ identifiers (i.e. =Arnott) become unfriendly unique strings (i.e. =!9B72.7DD1.50A9.5CCD).
+ For display purposes, such as text on a web page that says "You're logged in as ...",
+ this property serves to provide the =Arnott string, or whatever else is the most friendly
+ string close to what the user originally typed in.
+
+
+ If the user-supplied identifier is a URI, this property will be the URI after all
+ redirects, and with the protocol and fragment trimmed off.
+ If the user-supplied identifier is an XRI, this property will be the original XRI.
+ If the user-supplied identifier is an OpenID Provider identifier (i.e. yahoo.com),
+ this property will be the Claimed Identifier, with the protocol stripped if it is a URI.
+
+
+ It is very important that this property never be used for database storage
+ or lookup to avoid identity spoofing and other security risks. For database storage
+ and lookup please use the property.
+
+
+
+
+
+ Gets the detailed success or failure status of the authentication attempt.
+
+
+
+
+
+ Gets information about the OpenId Provider, as advertised by the
+ OpenID discovery documents found at the
+ location.
+
+
+ The Provider endpoint that issued the positive assertion;
+ or null if information about the Provider is unavailable.
+
+
+
+
+ Gets the details regarding a failed authentication attempt, if available.
+ This will be set if and only if is .
+
+
+
+
+
+ A very simple IXrdsProviderEndpoint implementation for verifying that all positive
+ assertions (particularly unsolicited ones) are received from OP endpoints that
+ are deemed permissible by the host RP.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The positive assertion.
+
+
+
+ Checks whether the OpenId Identifier claims support for a given extension.
+
+ The extension whose support is being queried.
+
+ True if support for the extension is advertised. False otherwise.
+
+
+ Note that a true or false return value is no guarantee of a Provider's
+ support for or lack of support for an extension. The return value is
+ determined by how the authenticating user filled out his/her XRDS document only.
+ The only way to be sure of support for a given extension is to include
+ the extension in the request and see if a response comes back for that extension.
+
+
+
+
+ Checks whether the OpenId Identifier claims support for a given extension.
+
+ The extension whose support is being queried.
+
+ True if support for the extension is advertised. False otherwise.
+
+
+ Note that a true or false return value is no guarantee of a Provider's
+ support for or lack of support for an extension. The return value is
+ determined by how the authenticating user filled out his/her XRDS document only.
+ The only way to be sure of support for a given extension is to include
+ the extension in the request and see if a response comes back for that extension.
+
+
+
+
+ Gets the detected version of OpenID implemented by the Provider.
+
+
+
+
+ Gets the URL that the OpenID Provider receives authentication requests at.
+
+
+
+
+ An in-memory store for Relying Parties, suitable for single server, single process
+ ASP.NET web sites.
+
+
+
+
+ The nonce store to use.
+
+
+
+
+ The association store to use.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Gets the key in a given bucket and handle.
+
+ The bucket name. Case sensitive.
+ The key handle. Case sensitive.
+
+ The cryptographic key, or null if no matching key was found.
+
+
+
+
+ Gets a sequence of existing keys within a given bucket.
+
+ The bucket name. Case sensitive.
+
+ A sequence of handles and keys, ordered by descending .
+
+
+
+
+ Stores a cryptographic key.
+
+ The name of the bucket to store the key in. Case sensitive.
+ The handle to the key, unique within the bucket. Case sensitive.
+ The key to store.
+ Thrown in the event of a conflict with an existing key in the same bucket and with the same handle.
+
+
+
+ Removes the key.
+
+ The bucket name. Case sensitive.
+ The key handle. Case sensitive.
+
+
+
+ Stores a given nonce and timestamp.
+
+ The context, or namespace, within which the must be unique.
+ A series of random characters.
+ The timestamp that together with the nonce string make it unique.
+ The timestamp may also be used by the data store to clear out old nonces.
+
+ True if the nonce+timestamp (combination) was not previously in the database.
+ False if the nonce was stored previously with the same timestamp.
+
+
+ The nonce must be stored for no less than the maximum time window a message may
+ be processed within before being discarded as an expired message.
+ If the binding element is applicable to your channel, this expiration window
+ is retrieved or set using the
+ property.
+
+
+
+
+ Common OpenID Provider Identifiers.
+
+
+
+
+ The Yahoo OP Identifier.
+
+
+
+
+ The Google OP Identifier.
+
+
+
+
+ The MyOpenID OP Identifier.
+
+
+
+
+ The Verisign OP Identifier.
+
+
+
+
+ The MyVidoop OP Identifier.
+
+
+
+
+ Prevents a default instance of the class from being created.
+
+
+
+
diff --git a/PROJ-ETS/packages/DotNetOpenAuth.OpenId.RelyingParty.4.3.0.13117/lib/net45-full/DotNetOpenAuth.OpenId.RelyingParty.dll b/PROJ-ETS/packages/DotNetOpenAuth.OpenId.RelyingParty.4.3.0.13117/lib/net45-full/DotNetOpenAuth.OpenId.RelyingParty.dll
new file mode 100644
index 0000000..54e221c
Binary files /dev/null and b/PROJ-ETS/packages/DotNetOpenAuth.OpenId.RelyingParty.4.3.0.13117/lib/net45-full/DotNetOpenAuth.OpenId.RelyingParty.dll differ
diff --git a/PROJ-ETS/packages/DotNetOpenAuth.OpenId.RelyingParty.4.3.0.13117/lib/net45-full/DotNetOpenAuth.OpenId.RelyingParty.xml b/PROJ-ETS/packages/DotNetOpenAuth.OpenId.RelyingParty.4.3.0.13117/lib/net45-full/DotNetOpenAuth.OpenId.RelyingParty.xml
new file mode 100644
index 0000000..50b4dde
--- /dev/null
+++ b/PROJ-ETS/packages/DotNetOpenAuth.OpenId.RelyingParty.4.3.0.13117/lib/net45-full/DotNetOpenAuth.OpenId.RelyingParty.xml
@@ -0,0 +1,3568 @@
+
+
+
+ DotNetOpenAuth.OpenId.RelyingParty
+
+
+
+
+ The COM interface describing the DotNetOpenAuth functionality available to
+ COM client OpenID relying parties.
+
+
+
+
+ Creates an authentication request to verify that a user controls
+ some given Identifier.
+
+
+ The Identifier supplied by the user. This may be a URL, an XRI or i-name.
+
+
+ The shorest URL that describes this relying party web site's address.
+ For example, if your login page is found at https://www.example.com/login.aspx,
+ your realm would typically be https://www.example.com/.
+
+
+ The URL of the login page, or the page prepared to receive authentication
+ responses from the OpenID Provider.
+
+
+ An authentication request object that describes the HTTP response to
+ send to the user agent to initiate the authentication.
+
+ Thrown if no OpenID endpoint could be found.
+
+
+
+ Creates an authentication request to verify that a user controls
+ some given Identifier.
+
+ The Identifier supplied by the user. This may be a URL, an XRI or i-name.
+ The shorest URL that describes this relying party web site's address.
+ For example, if your login page is found at https://www.example.com/login.aspx,
+ your realm would typically be https://www.example.com/.
+ The URL of the login page, or the page prepared to receive authentication
+ responses from the OpenID Provider.
+ A comma-delimited list of simple registration fields to request as optional.
+ A comma-delimited list of simple registration fields to request as required.
+
+ An authentication request object that describes the HTTP response to
+ send to the user agent to initiate the authentication.
+
+ Thrown if no OpenID endpoint could be found.
+
+
+
+ Gets the result of a user agent's visit to his OpenId provider in an
+ authentication attempt. Null if no response is available.
+
+ The incoming request URL .
+ The form data that may have been included in the case of a POST request.
+ The Provider's response to a previous authentication request, or null if no response is present.
+
+
+
+ An Attribute Exchange and Simple Registration filter to make all incoming attribute
+ requests look like Simple Registration requests, and to convert the response
+ to the originally requested extension and format.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Applies a well known set of security requirements to a default set of security settings.
+
+ The security settings to enhance with the requirements of this profile.
+
+ Care should be taken to never decrease security when applying a profile.
+ Profiles should only enhance security requirements to avoid being
+ incompatible with each other.
+
+
+
+
+ Called when an authentication request is about to be sent.
+
+ The request.
+
+ Implementations should be prepared to be called multiple times on the same outgoing message
+ without malfunctioning.
+
+
+
+
+ Called when an incoming positive assertion is received.
+
+ The positive assertion.
+
+
+
+ Implements the Identity, Credential, & Access Management (ICAM) OpenID 2.0 Profile
+ for the General Services Administration (GSA).
+
+
+ Relying parties that include this profile are always held to the terms required by the profile,
+ but Providers are only affected by the special behaviors of the profile when the RP specifically
+ indicates that they want to use this profile.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Applies a well known set of security requirements.
+
+ The security settings to enhance with the requirements of this profile.
+
+ Care should be taken to never decrease security when applying a profile.
+ Profiles should only enhance security requirements to avoid being
+ incompatible with each other.
+
+
+
+
+ Called when an authentication request is about to be sent.
+
+ The request.
+
+
+
+ Called when an incoming positive assertion is received.
+
+ The positive assertion.
+
+
+
+ The OpenID binding element responsible for reading/writing OpenID extensions
+ at the Relying Party.
+
+
+
+
+ The security settings that apply to this relying party, if it is a relying party.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The extension factory.
+ The security settings.
+
+
+
+ The messaging channel for OpenID relying parties.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The association store to use.
+ The nonce store to use.
+ The security settings to apply.
+
+
+
+ Initializes a new instance of the class.
+
+ The association store to use.
+ The nonce store to use.
+ An object that knows how to distinguish the various OpenID message types for deserialization purposes.
+ The security settings to apply.
+ A value indicating whether the channel is set up with no functional security binding elements.
+
+
+
+ A value indicating whether the channel is set up
+ with no functional security binding elements.
+
+ A new instance that will not perform verification on incoming messages or apply any security to outgoing messages.
+
+ A value of true allows the relying party to preview incoming
+ messages without invalidating nonces or checking signatures.
+ Setting this to true poses a great security risk and is only
+ present to support the OpenIdAjaxTextBox which needs to preview
+ messages, and will validate them later.
+
+
+
+
+ Initializes the binding elements.
+
+ The crypto key store.
+ The nonce store to use.
+ The security settings to apply. Must be an instance of either or ProviderSecuritySettings.
+ A value indicating whether the channel is set up with no functional security binding elements.
+
+ An array of binding elements which may be used to construct the channel.
+
+
+
+
+ Message factory for OpenID Relying Parties.
+
+
+
+
+ Analyzes an incoming request message payload to discover what kind of
+ message is embedded in it and returns the type, or null if no match is found.
+
+ The intended or actual recipient of the request message.
+ The name/value pairs that make up the message payload.
+
+ A newly instantiated -derived object that this message can
+ deserialize to. Null if the request isn't recognized as a valid protocol message.
+
+
+
+
+ Analyzes an incoming request message payload to discover what kind of
+ message is embedded in it and returns the type, or null if no match is found.
+
+ The message that was sent as a request that resulted in the response.
+ The name/value pairs that make up the message payload.
+
+ A newly instantiated -derived object that this message can
+ deserialize to. Null if the request isn't recognized as a valid protocol message.
+
+
+
+
+ Helps ensure compliance to some properties in the .
+
+
+
+
+ The security settings that are active on the relying party.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The security settings.
+
+
+
+ Prepares a message for sending based on the rules of this channel binding element.
+
+ The message to prepare for sending.
+
+ The protections (if any) that this binding element applied to the message.
+ Null if this binding element did not even apply to this binding element.
+
+
+ Implementations that provide message protection must honor the
+ properties where applicable.
+
+
+
+
+ Performs any transformation on an incoming message that may be necessary and/or
+ validates an incoming message based on the rules of this channel binding element.
+
+ The incoming message to process.
+
+ The protections (if any) that this binding element applied to the message.
+ Null if this binding element did not even apply to this binding element.
+
+
+ Thrown when the binding element rules indicate that this message is invalid and should
+ NOT be processed.
+
+
+ Implementations that provide message protection must honor the
+ properties where applicable.
+
+
+
+
+ Gets or sets the channel that this binding element belongs to.
+
+
+ This property is set by the channel when it is first constructed.
+
+
+
+
+ Gets the protection commonly offered (if any) by this binding element.
+
+
+ This value is used to assist in sorting binding elements in the channel stack.
+
+
+
+
+ The signing binding element for OpenID Relying Parties.
+
+
+
+
+ The association store used by Relying Parties to look up the secrets needed for signing.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The association store used to look up the secrets needed for signing. May be null for dumb Relying Parties.
+
+
+
+ Gets a specific association referenced in a given message's association handle.
+
+ The signed message whose association handle should be used to lookup the association to return.
+
+ The referenced association; or null if such an association cannot be found.
+
+
+
+
+ Gets the association to use to sign or verify a message.
+
+ The message to sign or verify.
+
+ The association to use to sign or verify the message.
+
+
+
+
+ Verifies the signature by unrecognized handle.
+
+ The message.
+ The signed message.
+ The protections applied.
+
+ The applied protections.
+
+
+
+
+ This binding element adds a nonce to a Relying Party's outgoing
+ authentication request when working against an OpenID 1.0 Provider
+ in order to protect against replay attacks or on all authentication
+ requests to distinguish solicited from unsolicited assertions.
+
+
+ This nonce goes beyond the OpenID 1.x spec, but adds to security.
+ Since this library's Provider implementation also provides special nonce
+ protection for 1.0 messages, this security feature overlaps with that one.
+ This means that if an RP from this library were talking to an OP from this
+ library, but the Identifier being authenticated advertised the OP as a 1.x
+ OP, then both RP and OP might try to use a nonce for protecting the assertion.
+ There's no problem with that--it will still all work out. And it would be a
+ very rare combination of elements anyway.
+
+
+ This binding element deactivates itself for OpenID 2.0 (or later) messages
+ since they are automatically protected in the protocol by the Provider's
+ openid.response_nonce parameter. The exception to this is when
+ is
+ set to true, which will not only add a request nonce to every outgoing
+ authentication request but also require that it be present in positive
+ assertions, effectively disabling unsolicited assertions.
+
+ In the messaging stack, this binding element looks like an ordinary
+ transform-type of binding element rather than a protection element,
+ due to its required order in the channel stack and that it exists
+ only on the RP side and only on some messages.
+
+
+
+
+ The context within which return_to nonces must be unique -- they all go into the same bucket.
+
+
+
+
+ The length of the generated nonce's random part.
+
+
+
+
+ The nonce store that will allow us to recall which nonces we've seen before.
+
+
+
+
+ The security settings at the RP.
+
+
+
+
+ Backing field for the property.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The nonce store to use.
+ The security settings of the RP.
+
+
+
+ Prepares a message for sending based on the rules of this channel binding element.
+
+ The message to prepare for sending.
+
+ The protections (if any) that this binding element applied to the message.
+ Null if this binding element did not even apply to this binding element.
+
+
+ Implementations that provide message protection must honor the
+ properties where applicable.
+
+
+
+
+ Performs any transformation on an incoming message that may be necessary and/or
+ validates an incoming message based on the rules of this channel binding element.
+
+ The incoming message to process.
+
+ The protections (if any) that this binding element applied to the message.
+ Null if this binding element did not even apply to this binding element.
+
+
+ Thrown when the binding element rules indicate that this message is invalid and should
+ NOT be processed.
+
+
+ Implementations that provide message protection must honor the
+ properties where applicable.
+
+
+
+
+ Determines whether a request nonce should be applied the request
+ or should be expected in the response.
+
+ The authentication request or the positive assertion response.
+
+ true if the message exchanged with an OpenID 1.x provider
+ or if unsolicited assertions should be rejected at the RP; otherwise false.
+
+
+
+
+ Gets or sets the channel that this binding element belongs to.
+
+
+ This property is set by the channel when it is first constructed.
+
+
+
+
+ Gets the protection offered (if any) by this binding element.
+
+
+
+
+ Gets the maximum message age from the standard expiration binding element.
+
+
+
+
+ A special DotNetOpenAuth-only nonce used by the RP when talking to 1.0 OPs in order
+ to protect against replay attacks.
+
+
+
+
+ The random bits generated for the nonce.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The creation date of the nonce.
+ The random bits that help make the nonce unique.
+
+
+
+ Creates a new nonce.
+
+ The newly instantiated instance.
+
+
+
+ Deserializes a nonce from the return_to parameter.
+
+ The base64-encoded value of the nonce.
+ The instantiated and initialized nonce.
+
+
+
+ Serializes the entire nonce for adding to the return_to URL.
+
+ The base64-encoded string representing the nonce.
+
+
+
+ Gets the creation date.
+
+
+
+
+ Gets the random part of the nonce as a base64 encoded string.
+
+
+
+
+ A set of methods designed to assist in improving interop across different
+ OpenID implementations and their extensions.
+
+
+
+
+ Adds an Attribute Exchange (AX) extension to the authentication request
+ that asks for the same attributes as the Simple Registration (sreg) extension
+ that is already applied.
+
+ The authentication request.
+ The attribute formats to use in the AX request.
+
+ If discovery on the user-supplied identifier yields hints regarding which
+ extensions and attribute formats the Provider supports, this method MAY ignore the
+ argument and accomodate the Provider to minimize
+ the size of the request.
+ If the request does not carry an sreg extension, the method logs a warning but
+ otherwise quietly returns doing nothing.
+
+
+
+
+ Looks for Simple Registration and Attribute Exchange (all known formats)
+ response extensions and returns them as a Simple Registration extension.
+
+ The authentication response.
+ if set to true unsigned extensions will be included in the search.
+
+ The Simple Registration response if found,
+ or a fabricated one based on the Attribute Exchange extension if found,
+ or just an empty if there was no data.
+ Never null.
+
+
+
+ Gets the attribute value if available.
+
+ The AX fetch response extension to look for the attribute value.
+ The type URI of the attribute, using the axschema.org format of .
+ The AX type URI formats to search.
+
+ The first value of the attribute, if available.
+
+
+
+
+ Tries to find the exact format of AX attribute Type URI supported by the Provider.
+
+ The authentication request.
+ The attribute formats the RP will try if this discovery fails.
+ The AX format(s) to use based on the Provider's advertised AX support.
+
+
+
+ The discovery service to support host-meta based discovery, such as Google Apps for Domains.
+
+
+ The spec for this discovery mechanism can be found at:
+ http://groups.google.com/group/google-federated-login-api/web/openid-discovery-for-hosted-domains
+ and the XMLDSig spec referenced in that spec can be found at:
+ http://wiki.oasis-open.org/xri/XrdOne/XmlDsigProfile
+
+
+
+
+ Path to the well-known location of the host-meta document at a domain.
+
+
+
+
+ The URI template for discovery host-meta on domains hosted by
+ Google Apps for Domains.
+
+
+
+
+ The pattern within a host-meta file to look for to obtain the URI to the XRDS document.
+
+
+
+
+ A set of certificate thumbprints that have been verified.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Performs discovery on the specified identifier.
+
+ The identifier to perform discovery on.
+ The means to place outgoing HTTP requests.
+ if set to true, no further discovery services will be called for this identifier.
+
+ A sequence of service endpoints yielded by discovery. Must not be null, but may be empty.
+
+
+
+
+ Gets the XRD elements that have a given CanonicalID.
+
+ The XRDS document.
+ The CanonicalID to match on.
+ A sequence of XRD elements.
+
+
+
+ Gets the described-by services in XRD elements.
+
+ The XRDs to search.
+ A sequence of services.
+
+
+
+ Gets the services for an identifier that are described by an external XRDS document.
+
+ The XRD elements to search for described-by services.
+ The identifier under discovery.
+ The request handler.
+ The discovered services.
+
+
+
+ Validates the XML digital signature on an XRDS document.
+
+ The XRDS document whose signature should be validated.
+ The identifier under discovery.
+ The response.
+ The host name on the certificate that should be used to verify the signature in the XRDS.
+ Thrown if the XRDS document has an invalid or a missing signature.
+
+
+
+ Verifies the cert chain.
+
+ The certs.
+
+ This must be in a method of its own because there is a LinkDemand on the
+ method. By being in a method of its own, the caller of this method may catch a
+ that is thrown if we're not running with full trust and execute
+ an alternative plan.
+
+ Thrown if the certificate chain is invalid or unverifiable.
+
+
+
+ Gets the XRDS HTTP response for a given identifier.
+
+ The identifier.
+ The request handler.
+ The location of the XRDS document to retrieve.
+
+ A HTTP response carrying an XRDS document.
+
+ Thrown if the XRDS document could not be obtained.
+
+
+
+ Verifies that a certificate chain is trusted.
+
+ The chain of certificates to verify.
+
+
+
+ Gets the XRDS HTTP response for a given identifier.
+
+ The identifier.
+ The request handler.
+ The host name on the certificate that should be used to verify the signature in the XRDS.
+ A HTTP response carrying an XRDS document, or null if one could not be obtained.
+ Thrown if the XRDS document could not be obtained.
+
+
+
+ Gets the location of the XRDS document that describes a given identifier.
+
+ The identifier under discovery.
+ The request handler.
+ The host name on the certificate that should be used to verify the signature in the XRDS.
+ An absolute URI, or null if one could not be determined.
+
+
+
+ Gets the host-meta for a given identifier.
+
+ The identifier.
+ The request handler.
+ The host name on the certificate that should be used to verify the signature in the XRDS.
+
+ The host-meta response, or null if no host-meta document could be obtained.
+
+
+
+
+ Gets the URIs authorized to host host-meta documents on behalf of a given domain.
+
+ The identifier.
+ A sequence of URIs that MAY provide the host-meta for a given identifier.
+
+
+
+ Gets the set of URI templates to use to contact host-meta hosting proxies
+ for domain discovery.
+
+
+
+
+ Gets or sets a value indicating whether to trust Google to host domains' host-meta documents.
+
+
+ This property is just a convenient mechanism for checking or changing the set of
+ trusted host-meta proxies in the property.
+
+
+
+
+ A description of a web server that hosts host-meta documents.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The proxy formatting string.
+ The signing host formatting string.
+
+
+
+ Gets the absolute proxy URI.
+
+ The identifier being discovered.
+ The an absolute URI.
+
+
+
+ Gets the signing host URI.
+
+ The identifier being discovered.
+ A host name.
+
+
+
+ Determines whether the specified is equal to the current .
+
+ The to compare with the current .
+
+ true if the specified is equal to the current ; otherwise, false.
+
+
+ The parameter is null.
+
+
+
+
+ Serves as a hash function for a particular type.
+
+
+ A hash code for the current .
+
+
+
+
+ Gets the URL of the host-meta proxy.
+
+ The absolute proxy URL, which may include {0} to be replaced with the host of the identifier to be discovered.
+
+
+
+ Gets the formatting string to determine the expected host name on the certificate
+ that is expected to be used to sign the XRDS document.
+
+
+ Either a string literal, or a formatting string where these placeholders may exist:
+ {0} the host on the identifier discovery was originally performed on;
+ {1} the host on this proxy.
+
+
+
+
+ The COM type used to provide details of an authentication result to a relying party COM client.
+
+
+
+
+ The response read in by the Relying Party.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The response.
+
+
+
+ Gets an Identifier that the end user claims to own. For use with user database storage and lookup.
+ May be null for some failed authentications (i.e. failed directed identity authentications).
+
+
+
+ This is the secure identifier that should be used for database storage and lookup.
+ It is not always friendly (i.e. =Arnott becomes =!9B72.7DD1.50A9.5CCD), but it protects
+ user identities against spoofing and other attacks.
+
+
+ For user-friendly identifiers to display, use the
+ property.
+
+
+
+
+
+ Gets a user-friendly OpenID Identifier for display purposes ONLY.
+
+
+
+ This should be put through before
+ sending to a browser to secure against javascript injection attacks.
+
+
+ This property retains some aspects of the user-supplied identifier that get lost
+ in the . For example, XRIs used as user-supplied
+ identifiers (i.e. =Arnott) become unfriendly unique strings (i.e. =!9B72.7DD1.50A9.5CCD).
+ For display purposes, such as text on a web page that says "You're logged in as ...",
+ this property serves to provide the =Arnott string, or whatever else is the most friendly
+ string close to what the user originally typed in.
+
+
+ If the user-supplied identifier is a URI, this property will be the URI after all
+ redirects, and with the protocol and fragment trimmed off.
+ If the user-supplied identifier is an XRI, this property will be the original XRI.
+ If the user-supplied identifier is an OpenID Provider identifier (i.e. yahoo.com),
+ this property will be the Claimed Identifier, with the protocol stripped if it is a URI.
+
+
+ It is very important that this property never be used for database storage
+ or lookup to avoid identity spoofing and other security risks. For database storage
+ and lookup please use the property.
+
+
+
+
+
+ Gets the provider endpoint that sent the assertion.
+
+
+
+
+ Gets a value indicating whether the authentication attempt succeeded.
+
+
+
+
+ Gets the Simple Registration response.
+
+
+
+
+ Gets details regarding a failed authentication attempt, if available.
+
+
+
+
+ A struct storing Simple Registration field values describing an
+ authenticating user.
+
+
+
+
+ The Simple Registration claims response message that this shim wraps.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The Simple Registration response to wrap.
+
+
+
+ Gets the nickname the user goes by.
+
+
+
+
+ Gets the user's email address.
+
+
+
+
+ Gets the full name of a user as a single string.
+
+
+
+
+ Gets the raw birth date string given by the extension.
+
+ A string in the format yyyy-MM-dd.
+
+
+
+ Gets the gender of the user.
+
+
+
+
+ Gets the zip code / postal code of the user.
+
+
+
+
+ Gets the country of the user.
+
+
+
+
+ Gets the primary/preferred language of the user.
+
+
+
+
+ Gets the user's timezone.
+
+
+
+
+ Implementation of , providing a subset of the
+ functionality available to .NET clients.
+
+
+
+
+ The OpenIdRelyingParty instance to use for requests.
+
+
+
+
+ Initializes static members of the class.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Creates an authentication request to verify that a user controls
+ some given Identifier.
+
+
+ The Identifier supplied by the user. This may be a URL, an XRI or i-name.
+
+
+ The shorest URL that describes this relying party web site's address.
+ For example, if your login page is found at https://www.example.com/login.aspx,
+ your realm would typically be https://www.example.com/.
+
+
+ The URL of the login page, or the page prepared to receive authentication
+ responses from the OpenID Provider.
+
+
+ An authentication request object that describes the HTTP response to
+ send to the user agent to initiate the authentication.
+
+ Thrown if no OpenID endpoint could be found.
+
+
+
+ Creates an authentication request to verify that a user controls
+ some given Identifier.
+
+ The Identifier supplied by the user. This may be a URL, an XRI or i-name.
+ The shorest URL that describes this relying party web site's address.
+ For example, if your login page is found at https://www.example.com/login.aspx,
+ your realm would typically be https://www.example.com/.
+ The URL of the login page, or the page prepared to receive authentication
+ responses from the OpenID Provider.
+ A comma-delimited list of simple registration fields to request as optional.
+ A comma-delimited list of simple registration fields to request as required.
+
+ An authentication request object that describes the HTTP response to
+ send to the user agent to initiate the authentication.
+
+ Thrown if no OpenID endpoint could be found.
+
+
+
+ Gets the result of a user agent's visit to his OpenId provider in an
+ authentication attempt. Null if no response is available.
+
+ The incoming request URL.
+ The form data that may have been included in the case of a POST request.
+ The Provider's response to a previous authentication request, or null if no response is present.
+
+
+
+ The successful Diffie-Hellman association response message.
+
+
+ Association response messages are described in OpenID 2.0 section 8.2. This type covers section 8.2.3.
+
+
+
+
+ A successful association response as it is received by the relying party.
+
+
+
+
+ Called to create the Association based on a request previously given by the Relying Party.
+
+ The prior request for an association.
+ The created association.
+
+
+
+ Initializes a new instance of the class.
+
+ The OpenID version of the response message.
+ The originating request.
+
+
+
+ Creates the association at relying party side after the association response has been received.
+
+ The original association request that was already sent and responded to.
+ The newly created association.
+
+ The resulting association is not added to the association store and must be done by the caller.
+
+
+
+
+ Utility methods for requesting associations from the relying party.
+
+
+
+
+ Creates an association request message that is appropriate for a given Provider.
+
+ The set of requirements the selected association type must comply to.
+ The provider to create an association with.
+
+ The message to send to the Provider to request an association.
+ Null if no association could be created that meet the security requirements
+ and the provider OpenID version.
+
+
+
+
+ Creates an association request message that is appropriate for a given Provider.
+
+ The set of requirements the selected association type must comply to.
+ The provider to create an association with.
+ Type of the association.
+ Type of the session.
+
+ The message to send to the Provider to request an association.
+ Null if no association could be created that meet the security requirements
+ and the provider OpenID version.
+
+
+
+
+ Code contract for the interface.
+
+
+
+
+ Checks the message state for conformity to the protocol specification
+ and throws an exception if the message is invalid.
+
+ Thrown if the message is invalid.
+
+
+
+ Called to create the Association based on a request previously given by the Relying Party.
+
+ The prior request for an association.
+
+ The created association.
+
+
+
+
+ Gets the level of protection this message requires.
+
+
+
+
+ Gets a value indicating whether this is a direct or indirect message.
+
+
+
+
+ Gets the version of the protocol or extension this message is prepared to implement.
+
+
+
+
+ Gets the extra, non-standard Protocol parameters included in the message.
+
+
+
+
+ A response to an unencrypted assocation request, as it is received by the relying party.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The version.
+ The request.
+
+
+
+ Called to create the Association based on a request previously given by the Relying Party.
+
+ The prior request for an association.
+ The created association.
+
+
+
+ Wraps a standard so that it behaves as an association store.
+
+
+
+
+ Stores s for lookup by their handle, keeping
+ associations separated by a given OP Endpoint.
+
+
+ Expired associations should be periodically cleared out of an association store.
+ This should be done frequently enough to avoid a memory leak, but sparingly enough
+ to not be a performance drain. Because this balance can vary by host, it is the
+ responsibility of the host to initiate this cleaning.
+
+
+
+
+ Saves an for later recall.
+
+ The OP Endpoint with which the association is established.
+ The association to store.
+
+ If the new association conflicts (in OP endpoint and association handle) with an existing association,
+ (which should never happen by the way) implementations may overwrite the previously saved association.
+
+
+
+
+ Gets the best association (the one with the longest remaining life) for a given key.
+
+ The OP Endpoint with which the association is established.
+ The security requirements that the returned association must meet.
+
+ The requested association, or null if no unexpired s exist for the given key.
+
+
+ In the event that multiple associations exist for the given
+ , it is important for the
+ implementation for this method to use the
+ to pick the best (highest grade or longest living as the host's policy may dictate)
+ association that fits the security requirements.
+ Associations that are returned that do not meet the security requirements will be
+ ignored and a new association created.
+
+
+
+
+ Gets the association for a given key and handle.
+
+ The OP Endpoint with which the association is established.
+ The handle of the specific association that must be recalled.
+ The requested association, or null if no unexpired s exist for the given key and handle.
+
+
+ Removes a specified handle that may exist in the store.
+ The OP Endpoint with which the association is established.
+ The handle of the specific association that must be deleted.
+
+ Deprecated. The return value is insignificant.
+ Previously: True if the association existed in this store previous to this call.
+
+
+ No exception should be thrown if the association does not exist in the store
+ before this call.
+
+
+
+
+ The underlying key store.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The key store.
+
+
+
+ Saves an for later recall.
+
+ The OP Endpoint with which the association is established.
+ The association to store.
+
+
+
+ Gets the best association (the one with the longest remaining life) for a given key.
+
+ The OP Endpoint with which the association is established.
+ The security requirements that the returned association must meet.
+
+ The requested association, or null if no unexpired s exist for the given key.
+
+
+
+
+ Gets the association for a given key and handle.
+
+ The OP Endpoint with which the association is established.
+ The handle of the specific association that must be recalled.
+
+ The requested association, or null if no unexpired s exist for the given key and handle.
+
+
+
+
+ Removes a specified handle that may exist in the store.
+
+ The OP Endpoint with which the association is established.
+ The handle of the specific association that must be deleted.
+
+ True if the association existed in this store previous to this call.
+
+
+
+
+ Constants used in implementing support for the UI extension.
+
+
+
+
+ Gets the window.open javascript snippet to use to open a popup window
+ compliant with the UI extension.
+
+ The relying party.
+ The authentication request to place in the window.
+ The name to assign to the popup window.
+ A string starting with 'window.open' and forming just that one method call.
+
+
+
+ Code Contract for the class.
+
+
+
+
+ Saves an for later recall.
+
+ The Uri (for relying parties) or Smart/Dumb (for providers).
+ The association to store.
+
+ TODO: what should implementations do on association handle conflict?
+
+
+
+
+ Gets the best association (the one with the longest remaining life) for a given key.
+
+ The Uri (for relying parties) or Smart/Dumb (for Providers).
+ The security requirements that the returned association must meet.
+
+ The requested association, or null if no unexpired s exist for the given key.
+
+
+ In the event that multiple associations exist for the given
+ , it is important for the
+ implementation for this method to use the
+ to pick the best (highest grade or longest living as the host's policy may dictate)
+ association that fits the security requirements.
+ Associations that are returned that do not meet the security requirements will be
+ ignored and a new association created.
+
+
+
+
+ Gets the association for a given key and handle.
+
+ The Uri (for relying parties) or Smart/Dumb (for Providers).
+ The handle of the specific association that must be recalled.
+
+ The requested association, or null if no unexpired s exist for the given key and handle.
+
+
+
+
+ Removes a specified handle that may exist in the store.
+
+ The Uri (for relying parties) or Smart/Dumb (for Providers).
+ The handle of the specific association that must be deleted.
+
+ True if the association existed in this store previous to this call.
+
+
+ No exception should be thrown if the association does not exist in the store
+ before this call.
+
+
+
+
+ A dictionary of handle/Association pairs.
+
+
+ Each method is locked, even if it is only one line, so that they are thread safe
+ against each other, particularly the ones that enumerate over the list, since they
+ can break if the collection is changed by another thread during enumeration.
+
+
+
+
+ The lookup table where keys are the association handles and values are the associations themselves.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Stores an in the collection.
+
+ The association to add to the collection.
+
+
+
+ Returns the with the given handle. Null if not found.
+
+ The handle to the required association.
+ The desired association, or null if none with the given handle could be found.
+
+
+
+ Removes the with the given handle.
+
+ The handle to the required association.
+ Whether an with the given handle was in the collection for removal.
+
+
+
+ Removes all expired associations from the collection.
+
+
+
+
+ Gets the s ordered in order of descending issue date
+ (most recently issued comes first). An empty sequence if no valid associations exist.
+
+
+ This property is used by relying parties that are initiating authentication requests.
+ It does not apply to Providers, which always need a specific association by handle.
+
+
+
+
+ Manages the establishment, storage and retrieval of associations at the relying party.
+
+
+
+
+ The storage to use for saving and retrieving associations. May be null.
+
+
+
+
+ Backing field for the property.
+
+
+
+
+ Backing field for the property.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The channel the relying party is using.
+ The association store. May be null for dumb mode relying parties.
+ The security settings.
+
+
+
+ Gets an association between this Relying Party and a given Provider
+ if it already exists in the association store.
+
+ The provider to create an association with.
+ The association if one exists and has useful life remaining. Otherwise null.
+
+
+
+ Gets an existing association with the specified Provider, or attempts to create
+ a new association of one does not already exist.
+
+ The provider to get an association for.
+ The existing or new association; null if none existed and one could not be created.
+
+
+
+ Creates a new association with a given Provider.
+
+ The provider to create an association with.
+
+ The newly created association, or null if no association can be created with
+ the given Provider given the current security settings.
+
+
+ A new association is created and returned even if one already exists in the
+ association store.
+ Any new association is automatically added to the .
+
+
+
+
+ Creates a new association with a given Provider.
+
+ The provider to create an association with.
+ The associate request. May be null, which will always result in a null return value..
+ The number of times to try the associate request again if the Provider suggests it.
+
+ The newly created association, or null if no association can be created with
+ the given Provider given the current security settings.
+
+
+
+
+ Gets or sets the channel to use for establishing associations.
+
+ The channel.
+
+
+
+ Gets or sets the security settings to apply in choosing association types to support.
+
+
+
+
+ Gets a value indicating whether this instance has an association store.
+
+
+ true if the relying party can act in 'smart' mode;
+ false if the relying party must always act in 'dumb' mode.
+
+
+
+
+ Gets the storage to use for saving and retrieving associations. May be null.
+
+
+
+
+ Preferences regarding creation and use of an association between a relying party
+ and provider for authentication.
+
+
+
+
+ Indicates that an association should be created for use in authentication
+ if one has not already been established between the relying party and the
+ selected provider.
+
+
+ Even with this value, if an association attempt fails or the relying party
+ has no application store to recall associations, the authentication may
+ proceed without an association.
+
+
+
+
+ Indicates that an association should be used for authentication only if
+ it happens to already exist.
+
+
+
+
+ Indicates that an authentication attempt should NOT use an OpenID association
+ between the relying party and the provider, even if an association was previously
+ created.
+
+
+
+
+ Facilitates customization and creation and an authentication request
+ that a Relying Party is preparing to send.
+
+
+
+
+ The name of the internal callback parameter to use to store the user-supplied identifier.
+
+
+
+
+ The relying party that created this request object.
+
+
+
+
+ How an association may or should be created or used in the formulation of the
+ authentication request.
+
+
+
+
+ The extensions that have been added to this authentication request.
+
+
+
+
+ Arguments to add to the return_to part of the query string, so that
+ these values come back to the consumer when the user agent returns.
+
+
+
+
+ A value indicating whether the return_to callback arguments must be signed.
+
+
+ This field defaults to false, but is set to true as soon as the first callback argument
+ is added that indicates it must be signed. At which point, all arguments are signed
+ even if individual ones did not need to be.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The endpoint that describes the OpenID Identifier and Provider that will complete the authentication.
+ The realm, or root URL, of the host web site.
+ The base return_to URL that the Provider should return the user to to complete authentication. This should not include callback parameters as these should be added using the method.
+ The relying party that created this instance.
+
+
+
+ Makes a dictionary of key/value pairs available when the authentication is completed.
+
+ The arguments to add to the request's return_to URI.
+
+ Note that these values are NOT protected against eavesdropping in transit. No
+ privacy-sensitive data should be stored using this method.
+ The values stored here can be retrieved using
+ , which will only return the value
+ if it hasn't been tampered with in transit.
+ Since the data set here is sent in the querystring of the request and some
+ servers place limits on the size of a request URL, this data should be kept relatively
+ small to ensure successful authentication. About 1.5KB is about all that should be stored.
+
+
+
+
+ Makes a key/value pair available when the authentication is completed.
+
+ The parameter name.
+ The value of the argument.
+
+ Note that these values are NOT protected against eavesdropping in transit. No
+ privacy-sensitive data should be stored using this method.
+ The value stored here can be retrieved using
+ , which will only return the value
+ if it hasn't been tampered with in transit.
+ Since the data set here is sent in the querystring of the request and some
+ servers place limits on the size of a request URL, this data should be kept relatively
+ small to ensure successful authentication. About 1.5KB is about all that should be stored.
+
+
+
+
+ Makes a key/value pair available when the authentication is completed.
+
+ The parameter name.
+ The value of the argument. Must not be null.
+
+ Note that these values are NOT protected against tampering in transit. No
+ security-sensitive data should be stored using this method.
+ The value stored here can be retrieved using
+ .
+ Since the data set here is sent in the querystring of the request and some
+ servers place limits on the size of a request URL, this data should be kept relatively
+ small to ensure successful authentication. About 1.5KB is about all that should be stored.
+
+
+
+
+ Makes a key/value pair available when the authentication is completed without
+ requiring a return_to signature to protect against tampering of the callback argument.
+
+ The parameter name.
+ The value of the argument. Must not be null.
+
+ Note that these values are NOT protected against eavesdropping or tampering in transit. No
+ security-sensitive data should be stored using this method.
+ The value stored here can be retrieved using
+ .
+ Since the data set here is sent in the querystring of the request and some
+ servers place limits on the size of a request URL, this data should be kept relatively
+ small to ensure successful authentication. About 1.5KB is about all that should be stored.
+
+
+
+
+ Adds an OpenID extension to the request directed at the OpenID provider.
+
+ The initialized extension to add to the request.
+
+
+
+ Redirects the user agent to the provider for authentication.
+
+
+ This method requires an ASP.NET HttpContext.
+
+
+
+
+ Performs identifier discovery, creates associations and generates authentication requests
+ on-demand for as long as new ones can be generated based on the results of Identifier discovery.
+
+ The user supplied identifier.
+ The relying party.
+ The realm.
+ The return_to base URL.
+ if set to true, associations that do not exist between this Relying Party and the asserting Providers are created before the authentication request is created.
+
+ A sequence of authentication requests, any of which constitutes a valid identity assertion on the Claimed Identifier.
+ Never null, but may be empty.
+
+
+
+
+ Creates an instance of FOR TESTING PURPOSES ONLY.
+
+ The discovery result.
+ The realm.
+ The return to.
+ The relying party.
+ The instantiated .
+
+
+
+ Creates the request message to send to the Provider,
+ based on the properties in this instance.
+
+ The message to send to the Provider.
+
+
+
+ Performs deferred request generation for the method.
+
+ The user supplied identifier.
+ The relying party.
+ The realm.
+ The return_to base URL.
+ The discovered service endpoints on the Claimed Identifier.
+ if set to true, associations that do not exist between this Relying Party and the asserting Providers are created before the authentication request is created.
+
+ A sequence of authentication requests, any of which constitutes a valid identity assertion on the Claimed Identifier.
+ Never null, but may be empty.
+
+
+ All data validation and cleansing steps must have ALREADY taken place
+ before calling this method.
+
+
+
+
+ Returns a filtered and sorted list of the available OP endpoints for a discovered Identifier.
+
+ The endpoints.
+ The relying party.
+ A filtered and sorted list of endpoints; may be empty if the input was empty or the filter removed all endpoints.
+
+
+
+ Creates the request message to send to the Provider,
+ based on the properties in this instance.
+
+ The message to send to the Provider.
+
+
+
+ Gets the association to use for this authentication request.
+
+ The association to use; null to use 'dumb mode'.
+
+
+
+ Gets or sets the mode the Provider should use during authentication.
+
+
+
+
+
+ Gets the HTTP response the relying party should send to the user agent
+ to redirect it to the OpenID Provider to start the OpenID authentication process.
+
+
+
+
+
+ Gets the URL that the user agent will return to after authentication
+ completes or fails at the Provider.
+
+
+
+
+
+ Gets the URL that identifies this consumer web application that
+ the Provider will display to the end user.
+
+
+
+
+ Gets the Claimed Identifier that the User Supplied Identifier
+ resolved to. Null if the user provided an OP Identifier
+ (directed identity).
+
+
+
+ Null is returned if the user is using the directed identity feature
+ of OpenID 2.0 to make it nearly impossible for a relying party site
+ to improperly store the reserved OpenID URL used for directed identity
+ as a user's own Identifier.
+ However, to test for the Directed Identity feature, please test the
+ property rather than testing this
+ property for a null value.
+
+
+
+
+ Gets a value indicating whether the authenticating user has chosen to let the Provider
+ determine and send the ClaimedIdentifier after authentication.
+
+
+
+
+ Gets or sets a value indicating whether this request only carries extensions
+ and is not a request to verify that the user controls some identifier.
+
+
+ true if this request is merely a carrier of extensions and is not
+ about an OpenID identifier; otherwise, false.
+
+
+
+
+ Gets information about the OpenId Provider, as advertised by the
+ OpenId discovery documents found at the
+ location.
+
+
+
+
+ Gets the discovery result leading to the formulation of this request.
+
+ The discovery result.
+
+
+
+ Gets or sets how an association may or should be created or used
+ in the formulation of the authentication request.
+
+
+
+
+ Gets the extensions that have been added to the request.
+
+
+
+
+ Gets the list of extensions for this request.
+
+
+
+
+ An authentication request comparer that judges equality solely on the OP endpoint hostname.
+
+
+
+
+ The singleton instance of this comparer.
+
+
+
+
+ Prevents a default instance of the class from being created.
+
+
+
+
+ Determines whether the specified objects are equal.
+
+ The first object to compare.
+ The second object to compare.
+
+ true if the specified objects are equal; otherwise, false.
+
+
+
+
+ Returns a hash code for the specified object.
+
+ The for which a hash code is to be returned.
+ A hash code for the specified object.
+
+ The type of is a reference type and is null.
+
+
+
+
+ Gets the singleton instance of this comparer.
+
+
+
+
+ Wraps a negative assertion response in an instance
+ for public consumption by the host web site.
+
+
+
+
+ An interface to expose useful properties and functionality for handling
+ authentication responses that are returned from Immediate authentication
+ requests that require a subsequent request to be made in non-immediate mode.
+
+
+
+
+ Gets the to pass to
+ in a subsequent authentication attempt.
+
+
+
+
+ The negative assertion message that was received by the RP that was used
+ to create this instance.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The negative assertion response received by the Relying Party.
+
+
+
+ Gets a callback argument's value that was previously added using
+ .
+
+ The name of the parameter whose value is sought.
+
+ The value of the argument, or null if the named parameter could not be found.
+
+
+ This may return any argument on the querystring that came with the authentication response,
+ which may include parameters not explicitly added using
+ .
+ Note that these values are NOT protected against tampering in transit.
+
+
+
+
+ Gets a callback argument's value that was previously added using
+ .
+
+ The name of the parameter whose value is sought.
+
+ The value of the argument, or null if the named parameter could not be found.
+
+
+ Callback parameters are only available even if the RP is in stateless mode,
+ or the callback parameters are otherwise unverifiable as untampered with.
+ Therefore, use this method only when the callback argument is not to be
+ used to make a security-sensitive decision.
+
+
+
+
+ Gets all the callback arguments that were previously added using
+ or as a natural part
+ of the return_to URL.
+
+ A name-value dictionary. Never null.
+
+ This MAY return any argument on the querystring that came with the authentication response,
+ which may include parameters not explicitly added using
+ .
+ Note that these values are NOT protected against tampering in transit.
+
+
+
+
+ Gets all the callback arguments that were previously added using
+ or as a natural part
+ of the return_to URL.
+
+ A name-value dictionary. Never null.
+
+ Callback parameters are only available even if the RP is in stateless mode,
+ or the callback parameters are otherwise unverifiable as untampered with.
+ Therefore, use this method only when the callback argument is not to be
+ used to make a security-sensitive decision.
+
+
+
+
+ Tries to get an OpenID extension that may be present in the response.
+
+ The type of extension to look for in the response message.
+
+ The extension, if it is found. Null otherwise.
+
+
+ Extensions are returned only if the Provider signed them.
+ Relying parties that do not care if the values were modified in
+ transit should use the method
+ in order to allow the Provider to not sign the extension.
+ Unsigned extensions are completely unreliable and should be
+ used only to prefill user forms since the user or any other third
+ party may have tampered with the data carried by the extension.
+ Signed extensions are only reliable if the relying party
+ trusts the OpenID Provider that signed them. Signing does not mean
+ the relying party can trust the values -- it only means that the values
+ have not been tampered with since the Provider sent the message.
+
+
+
+
+ Tries to get an OpenID extension that may be present in the response.
+
+ Type of the extension to look for in the response.
+
+ The extension, if it is found. Null otherwise.
+
+
+ Extensions are returned only if the Provider signed them.
+ Relying parties that do not care if the values were modified in
+ transit should use the method
+ in order to allow the Provider to not sign the extension.
+ Unsigned extensions are completely unreliable and should be
+ used only to prefill user forms since the user or any other third
+ party may have tampered with the data carried by the extension.
+ Signed extensions are only reliable if the relying party
+ trusts the OpenID Provider that signed them. Signing does not mean
+ the relying party can trust the values -- it only means that the values
+ have not been tampered with since the Provider sent the message.
+
+
+
+
+ Tries to get an OpenID extension that may be present in the response, without
+ requiring it to be signed by the Provider.
+
+ The type of extension to look for in the response message.
+
+ The extension, if it is found. Null otherwise.
+
+
+ Extensions are returned whether they are signed or not.
+ Use the method to retrieve
+ extension responses only if they are signed by the Provider to
+ protect against tampering.
+ Unsigned extensions are completely unreliable and should be
+ used only to prefill user forms since the user or any other third
+ party may have tampered with the data carried by the extension.
+ Signed extensions are only reliable if the relying party
+ trusts the OpenID Provider that signed them. Signing does not mean
+ the relying party can trust the values -- it only means that the values
+ have not been tampered with since the Provider sent the message.
+
+
+
+
+ Tries to get an OpenID extension that may be present in the response.
+
+ Type of the extension to look for in the response.
+
+ The extension, if it is found. Null otherwise.
+
+
+ Extensions are returned whether they are signed or not.
+ Use the method to retrieve
+ extension responses only if they are signed by the Provider to
+ protect against tampering.
+ Unsigned extensions are completely unreliable and should be
+ used only to prefill user forms since the user or any other third
+ party may have tampered with the data carried by the extension.
+ Signed extensions are only reliable if the relying party
+ trusts the OpenID Provider that signed them. Signing does not mean
+ the relying party can trust the values -- it only means that the values
+ have not been tampered with since the Provider sent the message.
+
+
+
+
+ Gets the Identifier that the end user claims to own. For use with user database storage and lookup.
+ May be null for some failed authentications (i.e. failed directed identity authentications).
+
+
+
+
+ This is the secure identifier that should be used for database storage and lookup.
+ It is not always friendly (i.e. =Arnott becomes =!9B72.7DD1.50A9.5CCD), but it protects
+ user identities against spoofing and other attacks.
+
+
+ For user-friendly identifiers to display, use the
+ property.
+
+
+
+
+
+ Gets a user-friendly OpenID Identifier for display purposes ONLY.
+
+
+
+
+ This should be put through before
+ sending to a browser to secure against javascript injection attacks.
+
+
+ This property retains some aspects of the user-supplied identifier that get lost
+ in the . For example, XRIs used as user-supplied
+ identifiers (i.e. =Arnott) become unfriendly unique strings (i.e. =!9B72.7DD1.50A9.5CCD).
+ For display purposes, such as text on a web page that says "You're logged in as ...",
+ this property serves to provide the =Arnott string, or whatever else is the most friendly
+ string close to what the user originally typed in.
+
+
+ If the user-supplied identifier is a URI, this property will be the URI after all
+ redirects, and with the protocol and fragment trimmed off.
+ If the user-supplied identifier is an XRI, this property will be the original XRI.
+ If the user-supplied identifier is an OpenID Provider identifier (i.e. yahoo.com),
+ this property will be the Claimed Identifier, with the protocol stripped if it is a URI.
+
+
+ It is very important that this property never be used for database storage
+ or lookup to avoid identity spoofing and other security risks. For database storage
+ and lookup please use the property.
+
+
+
+
+
+ Gets the detailed success or failure status of the authentication attempt.
+
+
+
+
+
+ Gets information about the OpenId Provider, as advertised by the
+ OpenID discovery documents found at the
+ location.
+
+
+ The Provider endpoint that issued the positive assertion;
+ or null if information about the Provider is unavailable.
+
+
+
+
+ Gets the details regarding a failed authentication attempt, if available.
+ This will be set if and only if is .
+
+
+
+
+
+ Gets the to pass to
+ in a subsequent authentication attempt.
+
+
+
+
+
+ Wraps an extension-only response from the OP in an instance
+ for public consumption by the host web site.
+
+
+
+
+ Backin field for the property.
+
+
+
+
+ Information about the OP endpoint that issued this assertion.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The response message.
+
+
+
+ Gets a callback argument's value that was previously added using
+ .
+
+ The name of the parameter whose value is sought.
+
+ The value of the argument, or null if the named parameter could not be found.
+
+
+ Callback parameters are only available if they are complete and untampered with
+ since the original request message (as proven by a signature).
+ If the relying party is operating in stateless mode null is always
+ returned since the callback arguments could not be signed to protect against
+ tampering.
+
+
+
+
+ Gets a callback argument's value that was previously added using
+ .
+
+ The name of the parameter whose value is sought.
+
+ The value of the argument, or null if the named parameter could not be found.
+
+
+ Callback parameters are only available even if the RP is in stateless mode,
+ or the callback parameters are otherwise unverifiable as untampered with.
+ Therefore, use this method only when the callback argument is not to be
+ used to make a security-sensitive decision.
+
+
+
+
+ Gets all the callback arguments that were previously added using
+ or as a natural part
+ of the return_to URL.
+
+ A name-value dictionary. Never null.
+
+ Callback parameters are only available if they are complete and untampered with
+ since the original request message (as proven by a signature).
+ If the relying party is operating in stateless mode an empty dictionary is always
+ returned since the callback arguments could not be signed to protect against
+ tampering.
+
+
+
+
+ Gets all the callback arguments that were previously added using
+ or as a natural part
+ of the return_to URL.
+
+ A name-value dictionary. Never null.
+
+ Callback parameters are only available if they are complete and untampered with
+ since the original request message (as proven by a signature).
+ If the relying party is operating in stateless mode an empty dictionary is always
+ returned since the callback arguments could not be signed to protect against
+ tampering.
+
+
+
+
+ Tries to get an OpenID extension that may be present in the response.
+
+ The type of extension to look for in the response message.
+
+ The extension, if it is found. Null otherwise.
+
+
+ Extensions are returned only if the Provider signed them.
+ Relying parties that do not care if the values were modified in
+ transit should use the method
+ in order to allow the Provider to not sign the extension.
+ Unsigned extensions are completely unreliable and should be
+ used only to prefill user forms since the user or any other third
+ party may have tampered with the data carried by the extension.
+ Signed extensions are only reliable if the relying party
+ trusts the OpenID Provider that signed them. Signing does not mean
+ the relying party can trust the values -- it only means that the values
+ have not been tampered with since the Provider sent the message.
+
+
+
+
+ Tries to get an OpenID extension that may be present in the response.
+
+ Type of the extension to look for in the response.
+
+ The extension, if it is found. Null otherwise.
+
+
+ Extensions are returned only if the Provider signed them.
+ Relying parties that do not care if the values were modified in
+ transit should use the method
+ in order to allow the Provider to not sign the extension.
+ Unsigned extensions are completely unreliable and should be
+ used only to prefill user forms since the user or any other third
+ party may have tampered with the data carried by the extension.
+ Signed extensions are only reliable if the relying party
+ trusts the OpenID Provider that signed them. Signing does not mean
+ the relying party can trust the values -- it only means that the values
+ have not been tampered with since the Provider sent the message.
+
+
+
+
+ Tries to get an OpenID extension that may be present in the response, without
+ requiring it to be signed by the Provider.
+
+ The type of extension to look for in the response message.
+
+ The extension, if it is found. Null otherwise.
+
+
+ Extensions are returned whether they are signed or not.
+ Use the method to retrieve
+ extension responses only if they are signed by the Provider to
+ protect against tampering.
+ Unsigned extensions are completely unreliable and should be
+ used only to prefill user forms since the user or any other third
+ party may have tampered with the data carried by the extension.
+ Signed extensions are only reliable if the relying party
+ trusts the OpenID Provider that signed them. Signing does not mean
+ the relying party can trust the values -- it only means that the values
+ have not been tampered with since the Provider sent the message.
+
+
+
+
+ Tries to get an OpenID extension that may be present in the response.
+
+ Type of the extension to look for in the response.
+
+ The extension, if it is found. Null otherwise.
+
+
+ Extensions are returned whether they are signed or not.
+ Use the method to retrieve
+ extension responses only if they are signed by the Provider to
+ protect against tampering.
+ Unsigned extensions are completely unreliable and should be
+ used only to prefill user forms since the user or any other third
+ party may have tampered with the data carried by the extension.
+ Signed extensions are only reliable if the relying party
+ trusts the OpenID Provider that signed them. Signing does not mean
+ the relying party can trust the values -- it only means that the values
+ have not been tampered with since the Provider sent the message.
+
+
+
+
+ Gets the Identifier that the end user claims to own. For use with user database storage and lookup.
+ May be null for some failed authentications (i.e. failed directed identity authentications).
+
+
+
+ This is the secure identifier that should be used for database storage and lookup.
+ It is not always friendly (i.e. =Arnott becomes =!9B72.7DD1.50A9.5CCD), but it protects
+ user identities against spoofing and other attacks.
+
+
+ For user-friendly identifiers to display, use the
+ property.
+
+
+
+
+
+ Gets a user-friendly OpenID Identifier for display purposes ONLY.
+
+
+
+
+ This should be put through before
+ sending to a browser to secure against javascript injection attacks.
+
+
+ This property retains some aspects of the user-supplied identifier that get lost
+ in the . For example, XRIs used as user-supplied
+ identifiers (i.e. =Arnott) become unfriendly unique strings (i.e. =!9B72.7DD1.50A9.5CCD).
+ For display purposes, such as text on a web page that says "You're logged in as ...",
+ this property serves to provide the =Arnott string, or whatever else is the most friendly
+ string close to what the user originally typed in.
+
+
+ If the user-supplied identifier is a URI, this property will be the URI after all
+ redirects, and with the protocol and fragment trimmed off.
+ If the user-supplied identifier is an XRI, this property will be the original XRI.
+ If the user-supplied identifier is an OpenID Provider identifier (i.e. yahoo.com),
+ this property will be the Claimed Identifier, with the protocol stripped if it is a URI.
+
+
+ It is very important that this property never be used for database storage
+ or lookup to avoid identity spoofing and other security risks. For database storage
+ and lookup please use the property.
+
+
+
+
+
+ Gets the detailed success or failure status of the authentication attempt.
+
+
+
+
+ Gets information about the OpenId Provider, as advertised by the
+ OpenID discovery documents found at the
+ location.
+
+
+ The Provider endpoint that issued the positive assertion;
+ or null if information about the Provider is unavailable.
+
+
+
+
+ Gets the details regarding a failed authentication attempt, if available.
+ This will be set if and only if is .
+
+
+
+
+
+ Gets a value indicating whether trusted callback arguments are available.
+
+
+ We use this internally to avoid logging a warning during a standard snapshot creation.
+
+
+
+
+ Gets the positive extension-only message the Relying Party received that this instance wraps.
+
+
+
+
+ Wraps a positive assertion response in an instance
+ for public consumption by the host web site.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The positive assertion response that was just received by the Relying Party.
+ The relying party.
+
+
+
+ Verifies that the positive assertion data matches the results of
+ discovery on the Claimed Identifier.
+
+ The relying party.
+
+ Thrown when the Provider is asserting that a user controls an Identifier
+ when discovery on that Identifier contradicts what the Provider says.
+ This would be an indication of either a misconfigured Provider or
+ an attempt by someone to spoof another user's identity with a rogue Provider.
+
+
+
+
+ Gets the Identifier that the end user claims to own. For use with user database storage and lookup.
+ May be null for some failed authentications (i.e. failed directed identity authentications).
+
+
+
+
+ This is the secure identifier that should be used for database storage and lookup.
+ It is not always friendly (i.e. =Arnott becomes =!9B72.7DD1.50A9.5CCD), but it protects
+ user identities against spoofing and other attacks.
+
+
+ For user-friendly identifiers to display, use the
+ property.
+
+
+
+
+
+ Gets a user-friendly OpenID Identifier for display purposes ONLY.
+
+
+
+ This should be put through before
+ sending to a browser to secure against javascript injection attacks.
+
+
+ This property retains some aspects of the user-supplied identifier that get lost
+ in the . For example, XRIs used as user-supplied
+ identifiers (i.e. =Arnott) become unfriendly unique strings (i.e. =!9B72.7DD1.50A9.5CCD).
+ For display purposes, such as text on a web page that says "You're logged in as ...",
+ this property serves to provide the =Arnott string, or whatever else is the most friendly
+ string close to what the user originally typed in.
+
+
+ If the user-supplied identifier is a URI, this property will be the URI after all
+ redirects, and with the protocol and fragment trimmed off.
+ If the user-supplied identifier is an XRI, this property will be the original XRI.
+ If the user-supplied identifier is an OpenID Provider identifier (i.e. yahoo.com),
+ this property will be the Claimed Identifier, with the protocol stripped if it is a URI.
+
+
+ It is very important that this property never be used for database storage
+ or lookup to avoid identity spoofing and other security risks. For database storage
+ and lookup please use the property.
+
+
+
+
+
+ Gets the detailed success or failure status of the authentication attempt.
+
+
+
+
+ Gets the OpenID service endpoint reconstructed from the assertion message.
+
+
+ This information is straight from the Provider, and therefore must not
+ be trusted until verified as matching the discovery information for
+ the claimed identifier to avoid a Provider asserting an Identifier
+ for which it has no authority.
+
+
+
+
+ Gets the positive assertion response message.
+
+
+
+
+ Wraps a failed authentication response in an instance
+ for public consumption by the host web site.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The exception that resulted in the failed authentication.
+
+
+
+ Gets all the callback arguments that were previously added using
+ or as a natural part
+ of the return_to URL.
+
+ A name-value dictionary. Never null.
+
+ This MAY return any argument on the querystring that came with the authentication response,
+ which may include parameters not explicitly added using
+ .
+ Note that these values are NOT protected against tampering in transit.
+
+
+
+
+ Gets all the callback arguments that were previously added using
+ or as a natural part
+ of the return_to URL.
+
+ A name-value dictionary. Never null.
+
+ Callback parameters are only available even if the RP is in stateless mode,
+ or the callback parameters are otherwise unverifiable as untampered with.
+ Therefore, use this method only when the callback argument is not to be
+ used to make a security-sensitive decision.
+
+
+
+
+ Gets a callback argument's value that was previously added using
+ .
+
+ The name of the parameter whose value is sought.
+
+ The value of the argument, or null if the named parameter could not be found.
+
+
+ This may return any argument on the querystring that came with the authentication response,
+ which may include parameters not explicitly added using
+ .
+ Note that these values are NOT protected against tampering in transit.
+
+
+
+
+ Gets a callback argument's value that was previously added using
+ .
+
+ The name of the parameter whose value is sought.
+
+ The value of the argument, or null if the named parameter could not be found.
+
+
+ Callback parameters are only available even if the RP is in stateless mode,
+ or the callback parameters are otherwise unverifiable as untampered with.
+ Therefore, use this method only when the callback argument is not to be
+ used to make a security-sensitive decision.
+
+
+
+
+ Tries to get an OpenID extension that may be present in the response.
+
+ The type of extension to look for in the response message.
+
+ The extension, if it is found. Null otherwise.
+
+
+ Extensions are returned only if the Provider signed them.
+ Relying parties that do not care if the values were modified in
+ transit should use the method
+ in order to allow the Provider to not sign the extension.
+ Unsigned extensions are completely unreliable and should be
+ used only to prefill user forms since the user or any other third
+ party may have tampered with the data carried by the extension.
+ Signed extensions are only reliable if the relying party
+ trusts the OpenID Provider that signed them. Signing does not mean
+ the relying party can trust the values -- it only means that the values
+ have not been tampered with since the Provider sent the message.
+
+
+
+
+ Tries to get an OpenID extension that may be present in the response.
+
+ Type of the extension to look for in the response.
+
+ The extension, if it is found. Null otherwise.
+
+
+ Extensions are returned only if the Provider signed them.
+ Relying parties that do not care if the values were modified in
+ transit should use the method
+ in order to allow the Provider to not sign the extension.
+ Unsigned extensions are completely unreliable and should be
+ used only to prefill user forms since the user or any other third
+ party may have tampered with the data carried by the extension.
+ Signed extensions are only reliable if the relying party
+ trusts the OpenID Provider that signed them. Signing does not mean
+ the relying party can trust the values -- it only means that the values
+ have not been tampered with since the Provider sent the message.
+
+
+
+
+ Tries to get an OpenID extension that may be present in the response, without
+ requiring it to be signed by the Provider.
+
+ The type of extension to look for in the response message.
+
+ The extension, if it is found. Null otherwise.
+
+
+ Extensions are returned whether they are signed or not.
+ Use the method to retrieve
+ extension responses only if they are signed by the Provider to
+ protect against tampering.
+ Unsigned extensions are completely unreliable and should be
+ used only to prefill user forms since the user or any other third
+ party may have tampered with the data carried by the extension.
+ Signed extensions are only reliable if the relying party
+ trusts the OpenID Provider that signed them. Signing does not mean
+ the relying party can trust the values -- it only means that the values
+ have not been tampered with since the Provider sent the message.
+
+
+
+
+ Tries to get an OpenID extension that may be present in the response.
+
+ Type of the extension to look for in the response.
+
+ The extension, if it is found. Null otherwise.
+
+
+ Extensions are returned whether they are signed or not.
+ Use the method to retrieve
+ extension responses only if they are signed by the Provider to
+ protect against tampering.
+ Unsigned extensions are completely unreliable and should be
+ used only to prefill user forms since the user or any other third
+ party may have tampered with the data carried by the extension.
+ Signed extensions are only reliable if the relying party
+ trusts the OpenID Provider that signed them. Signing does not mean
+ the relying party can trust the values -- it only means that the values
+ have not been tampered with since the Provider sent the message.
+
+
+
+
+ Gets the Identifier that the end user claims to own. For use with user database storage and lookup.
+ May be null for some failed authentications (i.e. failed directed identity authentications).
+
+
+
+
+ This is the secure identifier that should be used for database storage and lookup.
+ It is not always friendly (i.e. =Arnott becomes =!9B72.7DD1.50A9.5CCD), but it protects
+ user identities against spoofing and other attacks.
+
+
+ For user-friendly identifiers to display, use the
+ property.
+
+
+
+
+
+ Gets a user-friendly OpenID Identifier for display purposes ONLY.
+
+
+
+
+ This should be put through before
+ sending to a browser to secure against javascript injection attacks.
+
+
+ This property retains some aspects of the user-supplied identifier that get lost
+ in the . For example, XRIs used as user-supplied
+ identifiers (i.e. =Arnott) become unfriendly unique strings (i.e. =!9B72.7DD1.50A9.5CCD).
+ For display purposes, such as text on a web page that says "You're logged in as ...",
+ this property serves to provide the =Arnott string, or whatever else is the most friendly
+ string close to what the user originally typed in.
+
+
+ If the user-supplied identifier is a URI, this property will be the URI after all
+ redirects, and with the protocol and fragment trimmed off.
+ If the user-supplied identifier is an XRI, this property will be the original XRI.
+ If the user-supplied identifier is an OpenID Provider identifier (i.e. yahoo.com),
+ this property will be the Claimed Identifier, with the protocol stripped if it is a URI.
+
+
+ It is very important that this property never be used for database storage
+ or lookup to avoid identity spoofing and other security risks. For database storage
+ and lookup please use the property.
+
+
+
+
+
+ Gets the detailed success or failure status of the authentication attempt.
+
+
+
+
+
+ Gets information about the OpenId Provider, as advertised by the
+ OpenID discovery documents found at the
+ location.
+
+
+ The Provider endpoint that issued the positive assertion;
+ or null if information about the Provider is unavailable.
+
+
+
+
+ Gets the details regarding a failed authentication attempt, if available.
+ This will be set if and only if is .
+
+
+
+
+ Code contract class for the type.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Gets the to pass to
+ in a subsequent authentication attempt.
+
+
+
+
+ A delegate that decides whether a given OpenID Provider endpoint may be
+ considered for authenticating a user.
+
+ The endpoint for consideration.
+
+ True if the endpoint should be considered.
+ False to remove it from the pool of acceptable providers.
+
+
+
+
+ Provides the programmatic facilities to act as an OpenID relying party.
+
+
+
+
+ The name of the key to use in the HttpApplication cache to store the
+ instance of to use.
+
+
+
+
+ Backing store for the property.
+
+
+
+
+ The discovery services to use for identifiers.
+
+
+
+
+ Backing field for the property.
+
+
+
+
+ The lock to obtain when initializing the member.
+
+
+
+
+ A dictionary of extension response types and the javascript member
+ name to map them to on the user agent.
+
+
+
+
+ Backing field for the property.
+
+
+
+
+ Backing store for the property.
+
+
+
+
+ Backing field for the property.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The application store. If null, the relying party will always operate in "stateless/dumb mode".
+
+
+
+ Initializes a new instance of the class.
+
+ The association store. If null, the relying party will always operate in "stateless/dumb mode".
+ The nonce store to use. If null, the relying party will always operate in "stateless/dumb mode".
+
+
+
+ Creates an authentication request to verify that a user controls
+ some given Identifier.
+
+
+ The Identifier supplied by the user. This may be a URL, an XRI or i-name.
+
+
+ The shorest URL that describes this relying party web site's address.
+ For example, if your login page is found at https://www.example.com/login.aspx,
+ your realm would typically be https://www.example.com/.
+
+
+ The URL of the login page, or the page prepared to receive authentication
+ responses from the OpenID Provider.
+
+
+ An authentication request object to customize the request and generate
+ an object to send to the user agent to initiate the authentication.
+
+ Thrown if no OpenID endpoint could be found.
+
+
+
+ Creates an authentication request to verify that a user controls
+ some given Identifier.
+
+
+ The Identifier supplied by the user. This may be a URL, an XRI or i-name.
+
+
+ The shorest URL that describes this relying party web site's address.
+ For example, if your login page is found at https://www.example.com/login.aspx,
+ your realm would typically be https://www.example.com/.
+
+
+ An authentication request object that describes the HTTP response to
+ send to the user agent to initiate the authentication.
+
+
+ Requires an HttpContext.Current context.
+
+ Thrown if no OpenID endpoint could be found.
+ Thrown if HttpContext.Current == null.
+
+
+
+ Creates an authentication request to verify that a user controls
+ some given Identifier.
+
+
+ The Identifier supplied by the user. This may be a URL, an XRI or i-name.
+
+
+ An authentication request object that describes the HTTP response to
+ send to the user agent to initiate the authentication.
+
+
+ Requires an HttpContext.Current context.
+
+ Thrown if no OpenID endpoint could be found.
+ Thrown if HttpContext.Current == null.
+
+
+
+ Generates the authentication requests that can satisfy the requirements of some OpenID Identifier.
+
+
+ The Identifier supplied by the user. This may be a URL, an XRI or i-name.
+
+
+ The shorest URL that describes this relying party web site's address.
+ For example, if your login page is found at https://www.example.com/login.aspx,
+ your realm would typically be https://www.example.com/.
+
+
+ The URL of the login page, or the page prepared to receive authentication
+ responses from the OpenID Provider.
+
+
+ A sequence of authentication requests, any of which constitutes a valid identity assertion on the Claimed Identifier.
+ Never null, but may be empty.
+
+
+ Any individual generated request can satisfy the authentication.
+ The generated requests are sorted in preferred order.
+ Each request is generated as it is enumerated to. Associations are created only as
+ is called.
+ No exception is thrown if no OpenID endpoints were discovered.
+ An empty enumerable is returned instead.
+
+
+
+
+ Generates the authentication requests that can satisfy the requirements of some OpenID Identifier.
+
+
+ The Identifier supplied by the user. This may be a URL, an XRI or i-name.
+
+
+ The shorest URL that describes this relying party web site's address.
+ For example, if your login page is found at https://www.example.com/login.aspx,
+ your realm would typically be https://www.example.com/.
+
+
+ A sequence of authentication requests, any of which constitutes a valid identity assertion on the Claimed Identifier.
+ Never null, but may be empty.
+
+
+ Any individual generated request can satisfy the authentication.
+ The generated requests are sorted in preferred order.
+ Each request is generated as it is enumerated to. Associations are created only as
+ is called.
+ No exception is thrown if no OpenID endpoints were discovered.
+ An empty enumerable is returned instead.
+ Requires an HttpContext.Current context.
+
+ Thrown if HttpContext.Current == null.
+
+
+
+ Generates the authentication requests that can satisfy the requirements of some OpenID Identifier.
+
+
+ The Identifier supplied by the user. This may be a URL, an XRI or i-name.
+
+
+ A sequence of authentication requests, any of which constitutes a valid identity assertion on the Claimed Identifier.
+ Never null, but may be empty.
+
+
+ Any individual generated request can satisfy the authentication.
+ The generated requests are sorted in preferred order.
+ Each request is generated as it is enumerated to. Associations are created only as
+ is called.
+ No exception is thrown if no OpenID endpoints were discovered.
+ An empty enumerable is returned instead.
+ Requires an HttpContext.Current context.
+
+ Thrown if HttpContext.Current == null.
+
+
+
+ Gets an authentication response from a Provider.
+
+ The processed authentication response if there is any; null otherwise.
+
+ Requires an HttpContext.Current context.
+
+
+
+
+ Gets an authentication response from a Provider.
+
+ The HTTP request that may be carrying an authentication response from the Provider.
+ The processed authentication response if there is any; null otherwise.
+
+
+
+ Processes the response received in a popup window or iframe to an AJAX-directed OpenID authentication.
+
+ The HTTP response to send to this HTTP request.
+
+ Requires an HttpContext.Current context.
+
+
+
+
+ Processes the response received in a popup window or iframe to an AJAX-directed OpenID authentication.
+
+ The incoming HTTP request that is expected to carry an OpenID authentication response.
+ The HTTP response to send to this HTTP request.
+
+
+
+ Allows an OpenID extension to read data out of an unverified positive authentication assertion
+ and send it down to the client browser so that Javascript running on the page can perform
+ some preprocessing on the extension data.
+
+ The extension response type that will read data from the assertion.
+ The property name on the openid_identifier input box object that will be used to store the extension data. For example: sreg
+
+ This method should be called before .
+
+
+
+
+ Performs application-defined tasks associated with freeing, releasing, or resetting unmanaged resources.
+
+
+
+
+ Determines whether some parameter name belongs to OpenID or this library
+ as a protocol or internal parameter name.
+
+ Name of the parameter.
+
+ true if the named parameter is a library- or protocol-specific parameter; otherwise, false.
+
+
+
+
+ Creates a relying party that does not verify incoming messages against
+ nonce or association stores.
+
+ The instantiated .
+
+ Useful for previewing messages while
+ allowing them to be fully processed and verified later.
+
+
+
+
+ Processes the response received in a popup window or iframe to an AJAX-directed OpenID authentication.
+
+ The incoming HTTP request that is expected to carry an OpenID authentication response.
+ The callback fired after the response status has been determined but before the Javascript response is formulated.
+
+ The HTTP response to send to this HTTP request.
+
+
+
+
+ Performs discovery on the specified identifier.
+
+ The identifier to discover services for.
+ A non-null sequence of services discovered for the identifier.
+
+
+
+ Checks whether a given OP Endpoint is permitted by the host relying party.
+
+ The OP endpoint.
+ true if the OP Endpoint is allowed; false otherwise.
+
+
+
+ Releases unmanaged and - optionally - managed resources
+
+ true to release both managed and unmanaged resources; false to release only unmanaged resources.
+
+
+
+ Invokes a method on a parent frame or window and closes the calling popup window if applicable.
+
+ The method to call on the parent window, including
+ parameters. (i.e. "callback('arg1', 2)"). No escaping is done by this method.
+ The entire HTTP response to send to the popup window or iframe to perform the invocation.
+
+
+
+ Called by derived classes when behaviors are added or removed.
+
+ The collection being modified.
+ The instance containing the event data.
+
+
+
+ Gets an XRDS sorting routine that uses the XRDS Service/@Priority
+ attribute to determine order.
+
+
+ Endpoints lacking any priority value are sorted to the end of the list.
+
+
+
+
+ Gets the standard state storage mechanism that uses ASP.NET's
+ HttpApplication state dictionary to store associations and nonces.
+
+
+
+
+ Gets or sets the channel to use for sending/receiving messages.
+
+
+
+
+ Gets the security settings used by this Relying Party.
+
+
+
+
+ Gets the security settings.
+
+
+
+
+ Gets or sets the optional Provider Endpoint filter to use.
+
+
+ Provides a way to optionally filter the providers that may be used in authenticating a user.
+ If provided, the delegate should return true to accept an endpoint, and false to reject it.
+ If null, all identity providers will be accepted. This is the default.
+
+
+
+
+ Gets or sets the ordering routine that will determine which XRDS
+ Service element to try first
+
+ Default is .
+
+ This may never be null. To reset to default behavior this property
+ can be set to the value of .
+
+
+
+
+ Gets the extension factories.
+
+
+
+
+ Gets a list of custom behaviors to apply to OpenID actions.
+
+
+ Adding behaviors can impact the security settings of this
+ instance in ways that subsequently removing the behaviors will not reverse.
+
+
+
+
+ Gets the list of services that can perform discovery on identifiers given to this relying party.
+
+
+
+
+ Gets the web request handler to use for discovery and the part of
+ authentication where direct messages are sent to an untrusted remote party.
+
+
+
+
+ Gets a value indicating whether this Relying Party can sign its return_to
+ parameter in outgoing authentication requests.
+
+
+
+
+ Gets the web request handler to use for discovery and the part of
+ authentication where direct messages are sent to an untrusted remote party.
+
+
+
+
+ Gets the association manager.
+
+
+
+
+ Gets the instance used to process authentication responses
+ without verifying the assertion or consuming nonces.
+
+
+
+
+ A serializable snapshot of a verified authentication message.
+
+
+
+
+ The callback arguments that came with the authentication response.
+
+
+
+
+ The untrusted callback arguments that came with the authentication response.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The authentication response to copy from.
+
+
+
+ Tries to get an OpenID extension that may be present in the response.
+
+ The type of extension to look for in the response message.
+
+ The extension, if it is found. Null otherwise.
+
+
+ Extensions are returned only if the Provider signed them.
+ Relying parties that do not care if the values were modified in
+ transit should use the method
+ in order to allow the Provider to not sign the extension.
+ Unsigned extensions are completely unreliable and should be
+ used only to prefill user forms since the user or any other third
+ party may have tampered with the data carried by the extension.
+ Signed extensions are only reliable if the relying party
+ trusts the OpenID Provider that signed them. Signing does not mean
+ the relying party can trust the values -- it only means that the values
+ have not been tampered with since the Provider sent the message.
+
+
+
+
+ Tries to get an OpenID extension that may be present in the response.
+
+ Type of the extension to look for in the response.
+
+ The extension, if it is found. Null otherwise.
+
+
+ Extensions are returned only if the Provider signed them.
+ Relying parties that do not care if the values were modified in
+ transit should use the method
+ in order to allow the Provider to not sign the extension.
+ Unsigned extensions are completely unreliable and should be
+ used only to prefill user forms since the user or any other third
+ party may have tampered with the data carried by the extension.
+ Signed extensions are only reliable if the relying party
+ trusts the OpenID Provider that signed them. Signing does not mean
+ the relying party can trust the values -- it only means that the values
+ have not been tampered with since the Provider sent the message.
+
+
+
+
+ Tries to get an OpenID extension that may be present in the response, without
+ requiring it to be signed by the Provider.
+
+ The type of extension to look for in the response message.
+
+ The extension, if it is found. Null otherwise.
+
+
+ Extensions are returned whether they are signed or not.
+ Use the method to retrieve
+ extension responses only if they are signed by the Provider to
+ protect against tampering.
+ Unsigned extensions are completely unreliable and should be
+ used only to prefill user forms since the user or any other third
+ party may have tampered with the data carried by the extension.
+ Signed extensions are only reliable if the relying party
+ trusts the OpenID Provider that signed them. Signing does not mean
+ the relying party can trust the values -- it only means that the values
+ have not been tampered with since the Provider sent the message.
+
+
+
+
+ Tries to get an OpenID extension that may be present in the response.
+
+ Type of the extension to look for in the response.
+
+ The extension, if it is found. Null otherwise.
+
+
+ Extensions are returned whether they are signed or not.
+ Use the method to retrieve
+ extension responses only if they are signed by the Provider to
+ protect against tampering.
+ Unsigned extensions are completely unreliable and should be
+ used only to prefill user forms since the user or any other third
+ party may have tampered with the data carried by the extension.
+ Signed extensions are only reliable if the relying party
+ trusts the OpenID Provider that signed them. Signing does not mean
+ the relying party can trust the values -- it only means that the values
+ have not been tampered with since the Provider sent the message.
+
+
+
+
+ Gets all the callback arguments that were previously added using
+ or as a natural part
+ of the return_to URL.
+
+ A name-value dictionary. Never null.
+
+ This MAY return any argument on the querystring that came with the authentication response,
+ which may include parameters not explicitly added using
+ .
+ Note that these values are NOT protected against tampering in transit.
+
+
+
+
+ Gets all the callback arguments that were previously added using
+ or as a natural part
+ of the return_to URL.
+
+ A name-value dictionary. Never null.
+
+ Callback parameters are only available even if the RP is in stateless mode,
+ or the callback parameters are otherwise unverifiable as untampered with.
+ Therefore, use this method only when the callback argument is not to be
+ used to make a security-sensitive decision.
+
+
+
+
+ Gets a callback argument's value that was previously added using
+ .
+
+ The name of the parameter whose value is sought.
+
+ The value of the argument, or null if the named parameter could not be found.
+
+
+ This may return any argument on the querystring that came with the authentication response,
+ which may include parameters not explicitly added using
+ .
+ Note that these values are NOT protected against tampering in transit.
+
+
+
+
+ Gets a callback argument's value that was previously added using
+ .
+
+ The name of the parameter whose value is sought.
+
+ The value of the argument, or null if the named parameter could not be found.
+
+
+ Callback parameters are only available even if the RP is in stateless mode,
+ or the callback parameters are otherwise unverifiable as untampered with.
+ Therefore, use this method only when the callback argument is not to be
+ used to make a security-sensitive decision.
+
+
+
+
+ Gets the Identifier that the end user claims to own. For use with user database storage and lookup.
+ May be null for some failed authentications (i.e. failed directed identity authentications).
+
+
+
+
+ This is the secure identifier that should be used for database storage and lookup.
+ It is not always friendly (i.e. =Arnott becomes =!9B72.7DD1.50A9.5CCD), but it protects
+ user identities against spoofing and other attacks.
+
+
+ For user-friendly identifiers to display, use the
+ property.
+
+
+
+
+
+ Gets a user-friendly OpenID Identifier for display purposes ONLY.
+
+
+
+
+ This should be put through before
+ sending to a browser to secure against javascript injection attacks.
+
+
+ This property retains some aspects of the user-supplied identifier that get lost
+ in the . For example, XRIs used as user-supplied
+ identifiers (i.e. =Arnott) become unfriendly unique strings (i.e. =!9B72.7DD1.50A9.5CCD).
+ For display purposes, such as text on a web page that says "You're logged in as ...",
+ this property serves to provide the =Arnott string, or whatever else is the most friendly
+ string close to what the user originally typed in.
+
+
+ If the user-supplied identifier is a URI, this property will be the URI after all
+ redirects, and with the protocol and fragment trimmed off.
+ If the user-supplied identifier is an XRI, this property will be the original XRI.
+ If the user-supplied identifier is an OpenID Provider identifier (i.e. yahoo.com),
+ this property will be the Claimed Identifier, with the protocol stripped if it is a URI.
+
+
+ It is very important that this property never be used for database storage
+ or lookup to avoid identity spoofing and other security risks. For database storage
+ and lookup please use the property.
+
+
+
+
+
+ Gets the detailed success or failure status of the authentication attempt.
+
+
+
+
+
+ Gets information about the OpenId Provider, as advertised by the
+ OpenID discovery documents found at the
+ location.
+
+
+ The Provider endpoint that issued the positive assertion;
+ or null if information about the Provider is unavailable.
+
+
+
+
+ Gets the details regarding a failed authentication attempt, if available.
+ This will be set if and only if is .
+
+
+
+
+
+ A very simple IXrdsProviderEndpoint implementation for verifying that all positive
+ assertions (particularly unsolicited ones) are received from OP endpoints that
+ are deemed permissible by the host RP.
+
+
+
+
+ Initializes a new instance of the class.
+
+ The positive assertion.
+
+
+
+ Checks whether the OpenId Identifier claims support for a given extension.
+
+ The extension whose support is being queried.
+
+ True if support for the extension is advertised. False otherwise.
+
+
+ Note that a true or false return value is no guarantee of a Provider's
+ support for or lack of support for an extension. The return value is
+ determined by how the authenticating user filled out his/her XRDS document only.
+ The only way to be sure of support for a given extension is to include
+ the extension in the request and see if a response comes back for that extension.
+
+
+
+
+ Checks whether the OpenId Identifier claims support for a given extension.
+
+ The extension whose support is being queried.
+
+ True if support for the extension is advertised. False otherwise.
+
+
+ Note that a true or false return value is no guarantee of a Provider's
+ support for or lack of support for an extension. The return value is
+ determined by how the authenticating user filled out his/her XRDS document only.
+ The only way to be sure of support for a given extension is to include
+ the extension in the request and see if a response comes back for that extension.
+
+
+
+
+ Gets the detected version of OpenID implemented by the Provider.
+
+
+
+
+ Gets the URL that the OpenID Provider receives authentication requests at.
+
+
+
+
+ An in-memory store for Relying Parties, suitable for single server, single process
+ ASP.NET web sites.
+
+
+
+
+ The nonce store to use.
+
+
+
+
+ The association store to use.
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+ Gets the key in a given bucket and handle.
+
+ The bucket name. Case sensitive.
+ The key handle. Case sensitive.
+
+ The cryptographic key, or null if no matching key was found.
+
+
+
+
+ Gets a sequence of existing keys within a given bucket.
+
+ The bucket name. Case sensitive.
+
+ A sequence of handles and keys, ordered by descending .
+
+
+
+
+ Stores a cryptographic key.
+
+ The name of the bucket to store the key in. Case sensitive.
+ The handle to the key, unique within the bucket. Case sensitive.
+ The key to store.
+ Thrown in the event of a conflict with an existing key in the same bucket and with the same handle.
+
+
+
+ Removes the key.
+
+ The bucket name. Case sensitive.
+ The key handle. Case sensitive.
+
+
+
+ Stores a given nonce and timestamp.
+
+ The context, or namespace, within which the must be unique.
+ A series of random characters.
+ The timestamp that together with the nonce string make it unique.
+ The timestamp may also be used by the data store to clear out old nonces.
+
+ True if the nonce+timestamp (combination) was not previously in the database.
+ False if the nonce was stored previously with the same timestamp.
+
+
+ The nonce must be stored for no less than the maximum time window a message may
+ be processed within before being discarded as an expired message.
+ If the binding element is applicable to your channel, this expiration window
+ is retrieved or set using the
+ property.
+
+
+
+
+ Common OpenID Provider Identifiers.
+
+
+
+
+ The Yahoo OP Identifier.
+
+
+
+
+ The Google OP Identifier.
+
+
+
+
+ The MyOpenID OP Identifier.
+
+
+
+
+ The Verisign OP Identifier.
+
+
+
+
+ The MyVidoop OP Identifier.
+
+
+
+
+ Prevents a default instance of the class from being created.
+
+
+
+
diff --git a/PROJ-ETS/packages/Microsoft.AspNet.Membership.OpenAuth.1.0.1/Microsoft.AspNet.Membership.OpenAuth.1.0.1.nupkg b/PROJ-ETS/packages/Microsoft.AspNet.Membership.OpenAuth.1.0.1/Microsoft.AspNet.Membership.OpenAuth.1.0.1.nupkg
new file mode 100644
index 0000000..a9e9f27
Binary files /dev/null and b/PROJ-ETS/packages/Microsoft.AspNet.Membership.OpenAuth.1.0.1/Microsoft.AspNet.Membership.OpenAuth.1.0.1.nupkg differ
diff --git a/PROJ-ETS/packages/Microsoft.AspNet.Membership.OpenAuth.1.0.1/Microsoft.AspNet.Membership.OpenAuth.1.0.1.nuspec b/PROJ-ETS/packages/Microsoft.AspNet.Membership.OpenAuth.1.0.1/Microsoft.AspNet.Membership.OpenAuth.1.0.1.nuspec
new file mode 100644
index 0000000..7f28772
--- /dev/null
+++ b/PROJ-ETS/packages/Microsoft.AspNet.Membership.OpenAuth.1.0.1/Microsoft.AspNet.Membership.OpenAuth.1.0.1.nuspec
@@ -0,0 +1,19 @@
+
+
+
+ Microsoft.AspNet.Membership.OpenAuth
+ 1.0.1
+ Microsoft DotNetOpenAuth helpers for ASP.NET Membership
+ Microsoft
+ Microsoft
+ http://www.microsoft.com/web/webpi/eula/WebDeveloperTools_1_eula_ENU.htm
+ http://www.asp.net/
+ true
+ A series of helpers to enable using DotNetOpenAuth in an ASP.NET application that utilizes the Membership system for user management.
+ en-US
+ Microsoft AspNet OpenId OAuth authentication
+
+
+
+
+
\ No newline at end of file
diff --git a/PROJ-ETS/packages/Microsoft.AspNet.Membership.OpenAuth.1.0.1/lib/net40/Microsoft.AspNet.Membership.OpenAuth.dll b/PROJ-ETS/packages/Microsoft.AspNet.Membership.OpenAuth.1.0.1/lib/net40/Microsoft.AspNet.Membership.OpenAuth.dll
new file mode 100644
index 0000000..b013680
Binary files /dev/null and b/PROJ-ETS/packages/Microsoft.AspNet.Membership.OpenAuth.1.0.1/lib/net40/Microsoft.AspNet.Membership.OpenAuth.dll differ
diff --git a/PROJ-ETS/packages/Microsoft.AspNet.Membership.OpenAuth.1.0.1/lib/net40/Microsoft.AspNet.Membership.OpenAuth.xml b/PROJ-ETS/packages/Microsoft.AspNet.Membership.OpenAuth.1.0.1/lib/net40/Microsoft.AspNet.Membership.OpenAuth.xml
new file mode 100644
index 0000000..2db9cbf
--- /dev/null
+++ b/PROJ-ETS/packages/Microsoft.AspNet.Membership.OpenAuth.1.0.1/lib/net40/Microsoft.AspNet.Membership.OpenAuth.xml
@@ -0,0 +1,300 @@
+
+
+
+ Microsoft.AspNet.Membership.OpenAuth
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+
+
+
+
+
+
+ Adds support for logging in with a Facebook account.
+ The OpenAuth client manager.
+ Your Facebook appId.
+ Your Facebook appSecret.
+
+
+ Adds support for logging in with a Facebook account.
+ The OpenAuth client manager.
+ Your Facebook appId.
+ Your Facebook appSecret.
+
+
+ Adds support for logging in with a Google account.
+ The OpenAuth client manager.
+
+
+ Adds support for logging in with a Google account.
+ The OpenAuth client manager.
+
+
+ Adds support for logging in with a Microsoft account.
+ The OpenAuth client manager.
+
+
+ Adds support for logging in with a Microsoft account.
+ The OpenAuth client manager.
+
+
+ Adds support for logging in with a Twitter account
+ The OpenAuth client manager.
+
+
+ Adds support for logging in with a Twitter account
+ The OpenAuth client manager.
+
+
+
+
+
+ An implementation for storing association data for Membership users to OAuth/OpenID providers using Entity Framework Code First.
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ Encapsulates the static Membership system APIs.
+
+
+
+
+
+
+
+
+
+
+ Provides static methods to manage OpenAuth login and account information in an ASP.NET application.
+
+
+ Adds an external login account to an existing membership user.
+ The name of the external authentication provider.
+ The user ID of the user with the external authentication provider.
+ The user name of the user with the external authentication provider.
+ The user name of the local membership user.
+
+
+ Adds a local password for the specified local user.
+ The user name.
+ The new local password.
+
+
+ External authentication service providers to use.
+
+
+ Gets or sets the connection string name for the database OpenAuth account details are stored in.
+
+
+
+
+ Deletes the association of the specified external account for the specified membership user.
+ True if the association was deleted successfully, false if it wasn't found.
+ The user name of the local membership user.
+ The authentication provider name.
+ The user ID of the user with the authentication provider.
+
+
+ Returns the details for the external accounts registered for the specified membership user.
+ The user name of the local membership user.
+
+
+ Gets the provider display name.
+ The name of the provider.
+
+
+ Gets the name of the external authentication provider that redirected to the current request.
+
+
+ Determines if the specified user has a local password on this site.
+ The local membership user name.
+
+
+ Determines if the specified URL is local to this web site.
+ The URL.
+
+
+ Logs in a user via OpenAuth using the specified authentication provider and provider user ID. The user must already be registered with the site with this OpenAuth provider.
+ True if the user was logged in successfully, false if the login failed, e.g. if the user is not currently registered.
+ The authentication provider name.
+ The user ID of the user with the authentication provider.
+ A flag indicating whether the login cookie created should be persistent.
+
+
+ Request authentication from the provider specified by redirecting the user to the service's login page.
+ The name of the authentication provider.
+ The local URL to return to.
+
+
+ Gets or sets the name of the database table the OpenAuth external account details are stored in.
+
+
+ Gets or sets the name of the database table the OpenAuth user details are stored in.
+
+
+ Verify the provider result on the current request.
+ The return URL to be passed to the external authentication provider. This must match the return URL that was passed to the call of RequestAuthentication.
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+
+
+
+ Provides methods to manage OpenAuth login and account information in an ASP.NET application.
+
+
+
+ Adds an external login account to an existing membership user.
+ The name of the external authentication provider.
+ The user ID of the user with the external authentication provider.
+ The user name of the user with the external authentication provider.
+ The user name of the local membership user.
+
+
+ Adds a local password for the specified local user.
+ The user name.
+ The new local password.
+
+
+ Creates a random password for use when creating a new local membership user. By default, this method simply calls into the Membership.GeneratePassword method.
+
+
+
+
+ Deletes the association of the specified external account for the specified membership user.
+ True if the association was deleted successfully, false if it wasn't found.
+ The user name of the local membership user.
+ The authentication provider name.
+ The user ID of the user with the authentication provider.
+
+
+ Returns the details for the external accounts registered for the specified membership user.
+ The user name of the local membership user.
+
+
+ Gets the provider display name.
+ The name of the provider.
+
+
+ Gets the name of the external authentication provider that redirected to the specified request.
+
+
+ Determines if the specified membership user has a local password on this site.
+ The local membership user name.
+
+
+ Determines if the specified URL is local to this web site
+ The URL
+
+
+ Logs in a user via OpenAuth using the specified authentication provider and provider user ID. The user must already be registered with the site with this OpenAuth provider.
+ True if the user was logged in successfully, false if the login failed, e.g. if the user is not currently registered.
+ The authentication provider name.
+ The user ID of the user with the authentication provider.
+ A flag indicating whether the login cookie created should be persistent.
+
+
+ Request authentication from the provider specified by redirecting the user to the service's login page.
+ The current HTTP context.
+ The name of the authentication provider.
+ The local URL to return to.
+
+
+ Verify the provider result on the current request.
+ The current HTTP context.
+ The return URL to be passed to the external authentication provider. This must match the return URL that was passed to the call of RequestAuthentication.
+
+
+ Represents the database for storing association data for Membership users to OAuth/OpenID providers.
+
+
+ Creates an instance.
+ The Membership application name.
+
+
+ Adds a record associating an OAuth/OpenID account with a membership user.
+ The name of the OAuth/OpenID provider.
+ The OAuth/OpenID user ID.
+ The OAuth/OpenID user name.
+ The user name of the membership user.
+ A flag indicating whether this account association is for a new membership user.
+
+
+ The Membership application name.
+
+
+ Deletes the association record of the OAuth/OpenID account for the specified membership user.
+
+
+ Returns details of the OAuth/OpenID providers registered for the specified membership user.
+ The Membership user name.
+
+
+ Gets the user name of the membership user currently associated with the specified OAuth/OpenID provider.
+ The name of the OAuth/OpenID provider.
+ The OAuth/OpenID user ID.
+ A flag indicating whether to update the last used field.
+
+
+ Returns a flag indicating whether the specified membership user has a local password set.
+ The user name of the membership user.
+
+
+ Sets a flag indicating whether the specified membership user has a local password set.
+ The user name of the membership user.
+ The flag value.
+
+
+
+
+
+
+
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+
+
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/PROJ-ETS/packages/Microsoft.AspNet.Membership.OpenAuth.1.0.1/lib/net45/Microsoft.AspNet.Membership.OpenAuth.dll b/PROJ-ETS/packages/Microsoft.AspNet.Membership.OpenAuth.1.0.1/lib/net45/Microsoft.AspNet.Membership.OpenAuth.dll
new file mode 100644
index 0000000..03faf55
Binary files /dev/null and b/PROJ-ETS/packages/Microsoft.AspNet.Membership.OpenAuth.1.0.1/lib/net45/Microsoft.AspNet.Membership.OpenAuth.dll differ
diff --git a/PROJ-ETS/packages/Microsoft.AspNet.Membership.OpenAuth.1.0.1/lib/net45/Microsoft.AspNet.Membership.OpenAuth.xml b/PROJ-ETS/packages/Microsoft.AspNet.Membership.OpenAuth.1.0.1/lib/net45/Microsoft.AspNet.Membership.OpenAuth.xml
new file mode 100644
index 0000000..7da5e88
--- /dev/null
+++ b/PROJ-ETS/packages/Microsoft.AspNet.Membership.OpenAuth.1.0.1/lib/net45/Microsoft.AspNet.Membership.OpenAuth.xml
@@ -0,0 +1,272 @@
+
+
+
+ Microsoft.AspNet.Membership.OpenAuth
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ An implementation for storing association data for Membership users to OAuth/OpenID providers using Entity Framework Code First.
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ Encapsulates the static Membership system APIs
+
+
+
+
+
+
+
+
+
+
+ Provides static methods to manage OpenAuth login and account information in an ASP.NET application.
+
+
+ Adds an external login account to an existing membership user.
+ The name of the external authentication provider.
+ The user ID of the user with the external authentication provider.
+ The user name of the user with the external authentication provider.
+ The user name of the local membership user.
+
+
+ Adds a local password for the specified local user.
+ The user name.
+ The new local password.
+
+
+ External authentication service providers to use.
+
+
+ Gets or sets the connection string name for the database OpenAuth account details are stored in.
+
+
+
+
+ Deletes the association of the specified external account for the specified membership user.
+ True if the association was deleted successfully, false if it wasn't found.
+ The user name of the local membership user.
+ The authentication provider name.
+ The user ID of the user with the authentication provider.
+
+
+ Returns the details for the external accounts registered for the specified membership user.
+ The user name of the local membership user.
+
+
+ Gets the provider dislpay name.
+ The name of the provider.
+
+
+ Gets the name of the external authentication provider that redirected to the current request.
+
+
+ Determines if the specified user has a local password on this site.
+ The local membership user name.
+
+
+ Determines if the specified URL is local to this web site.
+ The URL.
+
+
+ Logs in a user via OpenAuth using the specified authentication provider and provider user ID. The user must already be registered with the site with this OpenAuth provider.
+ True if the user was logged in successfully, false if the login failed, e.g. if the user is not currently registered.
+ The authentication provider name.
+ The user ID of the user with the authentication provider.
+ A flag indicating whether a the login cookie created should be persistent.
+
+
+ Request authentication from the provider specified by redirecting the user to the service's login page.
+ The name of the authentication provider.
+ The local URL to return to.
+
+
+ Gets or sets the name of the database table the OpenAuth external account details are stored in.
+
+
+ Gets or sets the name of the database table the OpenAuth user details are stored in.
+
+
+ Verify the provider result on the current request.
+ The return URL to be passed to the external authentication provider. This must match the return URL that was passed to the call of RequestAuthentication.
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+
+
+
+ Provides methods to manage OpenAuth login and account information in an ASP.NET application.
+
+
+
+ Adds an external login account to an existing membership user.
+ The name of the external authentication provider.
+ The user ID of the user with the external authentication provider.
+ The user name of the user with the external authentication provider.
+ The user name of the local membership user.
+
+
+ Adds a local password for the specified local user.
+ The user name.
+ The new local password.
+
+
+ Creates a random password for use when creating a new local membership user. By default, this method simply calls into the Membership.GeneratePassword method.
+
+
+
+
+ Deletes the association of the specified external account for the specified membership user.
+ True if the association was deleted successfully, false if it wasn't found.
+ The user name of the local membership user.
+ The authentication provider name.
+ The user ID of the user with the authentication provider.
+
+
+ Returns the details for the external accounts registered for the specified membership user.
+ The user name of the local membership user.
+
+
+ Gets the provider dislpay name.
+ The name of the provider.
+
+
+ Gets the name of the external authentication provider that redirected to the specified request.
+
+
+ Determines if the specified membership user has a local password on this site.
+ The local membership user name.
+
+
+ Determines if the specified URL is local to this web site
+ The URL
+
+
+ Logs in a user via OpenAuth using the specified authentication provider and provider user ID. The user must already be registered with the site with this OpenAuth provider.
+ True if the user was logged in successfully, false if the login failed, e.g. if the user is not currently registered.
+ The authentication provider name.
+ The user ID of the user with the authentication provider.
+ A flag indicating whether a the login cookie created should be persistent.
+
+
+ Request authentication from the provider specified by redirecting the user to the service's login page.
+ The current HTTP context.
+ The name of the authentication provider.
+ The local URL to return to.
+
+
+ Verify the provider result on the current request.
+ The current HTTP context.
+ The return URL to be passed to the external authentication provider. This must match the return URL that was passed to the call of RequestAuthentication.
+
+
+ Represents the database for storing association data for Membership users to OAuth/OpenID providers.
+
+
+ Creates an instance.
+ The Membership application name.
+
+
+ Adds a record associating an OAuth/OpenID account with a membership user.
+ The name of the OAuth/OpenID provider.
+ The OAuth/OpenID user ID.
+ The OAuth/OpenID user name.
+ The user name of the membership user.
+ A flag indicating whether this account association is for a new membership user.
+
+
+ The Membership application name.
+
+
+ Deletes the association record of the OAuth/OpenID account for the specified membership user.
+
+
+ Returns details of the OAuth/OpenID providers registered for the specified membership user.
+ The Membership user name.
+
+
+ Gets the user name of the membership user currently associated with the specificed OAuth/OpenID provider.
+ The name of the OAuth/OpenID provider.
+ The OAuth/OpenID user ID.
+ A flag indicating whether to update the last used field.
+
+
+ Returns a flag indicating whether the specified membership user has a local password set.
+ The user name of the membership user.
+
+
+ Sets a flag indicating whether the specified membership user has a local password set.
+ The user name of the membership user.
+ The flag value.
+
+
+
+
+
+
+
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+
+
+
+
+
+
+ Initializes a new instance of the class.
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/PROJ-ETS/packages/Microsoft.AspNet.Providers.Core.1.2/Microsoft.AspNet.Providers.Core.1.2.nupkg b/PROJ-ETS/packages/Microsoft.AspNet.Providers.Core.1.2/Microsoft.AspNet.Providers.Core.1.2.nupkg
new file mode 100644
index 0000000..4ba4602
Binary files /dev/null and b/PROJ-ETS/packages/Microsoft.AspNet.Providers.Core.1.2/Microsoft.AspNet.Providers.Core.1.2.nupkg differ
diff --git a/PROJ-ETS/packages/Microsoft.AspNet.Providers.Core.1.2/Microsoft.AspNet.Providers.Core.1.2.nuspec b/PROJ-ETS/packages/Microsoft.AspNet.Providers.Core.1.2/Microsoft.AspNet.Providers.Core.1.2.nuspec
new file mode 100644
index 0000000..5ef96bc
--- /dev/null
+++ b/PROJ-ETS/packages/Microsoft.AspNet.Providers.Core.1.2/Microsoft.AspNet.Providers.Core.1.2.nuspec
@@ -0,0 +1,18 @@
+
+
+
+ Microsoft.AspNet.Providers.Core
+ 1.2
+ Microsoft ASP.NET Universal Providers Core Libraries
+ Microsoft
+ Microsoft
+ http://www.microsoft.com/web/webpi/eula/providers_1_eula_ENU.htm
+ https://download-codeplex.sec.s-msft.com/Download?ProjectName=aspnetwebstack&DownloadId=360555
+ true
+ ASP.NET Universal Providers add provider support in ASP.NET 4 for all editions of SQL Server 2005 and later and to SQL Azure. If you use these providers to develop your application, the application will be ready for cloud environments like Azure. Other than supporting additional storage options, the providers work like the existing SQL-based providers, so that you can easily switch an application to use cloud storage via SQL Azure.
+ ASP.NET Universal Providers extend SQL support in ASP.NET 4 to all editions of SQL Server 2005 and later and to SQL Azure.
+
+
+
+
+
\ No newline at end of file
diff --git a/PROJ-ETS/packages/Microsoft.AspNet.Providers.Core.1.2/lib/net40/System.Web.Providers.dll b/PROJ-ETS/packages/Microsoft.AspNet.Providers.Core.1.2/lib/net40/System.Web.Providers.dll
new file mode 100644
index 0000000..1b40f44
Binary files /dev/null and b/PROJ-ETS/packages/Microsoft.AspNet.Providers.Core.1.2/lib/net40/System.Web.Providers.dll differ
diff --git a/PROJ-ETS/packages/Microsoft.AspNet.Providers.Core.1.2/readme.html b/PROJ-ETS/packages/Microsoft.AspNet.Providers.Core.1.2/readme.html
new file mode 100644
index 0000000..7d35ba9
--- /dev/null
+++ b/PROJ-ETS/packages/Microsoft.AspNet.Providers.Core.1.2/readme.html
@@ -0,0 +1,377 @@
+
+
+
+
+
+ASP.NET Universal Providers Readme
+
+
+
+
+
+
+
ASP.NET Universal Providers have been created in order to extend support to all editions of SQL Server 2005 and later and to SQL Azure. If you use these providers to develop your application, the application will be ready for cloud environments like Azure.
+
Other than supporting additional storage options, the providers work like the existing SQL-based providers. Except as noted below, using ASP.NET Universal Providers requires no change in any of your applications.
To install ASP.NET Universal Providers, you use a NuGet package, which installs all required files (including this documentation). The NuGet package automatically enables the new providers when it is installed. By default, the NuGet package configures provider to use SQL Server Express. To use SQL Server Compact or SQL Azure, you must change the connection string for the provider, as explained
+later in this document.
+
+
To enable the providers, the NuGet package adds configuration entries in the
+web.config file. The configuration for these providers is the same as the existing
+SqlMembershipProvider class, but the type parameter is set to the type of the new providers, as shown in the following table:
+
+
+
+
+
SQL Provider Types
+
Equivalent Type for Universal Providers
+
+
+
System.Web.Security.SqlMembershipProvider
+
System.Web.Providers.DefaultMembershipProvider
+
+
+
System.Web.Profile.SqlProfileProvider
+
System.Web.Providers.DefaultProfileProvider
+
+
+
System.Web.Security.SqlRoleProvider
+
System.Web.Providers.DefaultRoleProvider
+
+
+
(Built into default provider)
+
System.Web.Providers.DefaultSessionStateProvider
+
+
+
In the web.config file, the configuration looks like the following example (the connection string has been wrapped for readability). The differences from the configuration for older SQL-based providers are highlighted. Notice that a section has been added to define custom session-state handling using a custom provider, as described later under
+Storing Data in Session State using ASP.NET Universal Providers.
By default, ASP.NET stores session data using an in-process (in-memory) session provider. This provider allows you to put any object in session state, because session state simply holds a reference to the object, not the object itself.
+
However, cloud environments might run your application on multiple computers. Therefore, for cloud-based applications, the application must store session state in some form of storage (like a database) that be accessed by more than one machine. This puts some restrictions on what data you store in session state — essentially, the data must be serializable.
+
When you install ASP.NET Universal Providers, the installation process configures session state to use the
+System.Web.Providers.DefaultSessionStateProvider type, as shown in the
+web.config file example earlier. This type stores session state in a database.
+
Session data must be serializable. If you attempt to store something in session state that is not serializable, you will receive the following error:
+
+
Unable to serialize the session state. In 'StateServer' and 'SQLServer' mode, ASP.NET will serialize the session state objects, and as a result non-serializable objects or MarshalByRef objects are not permitted. the same restriction applies if similar serialization is done by the custom session state store in 'Custom' mode.
+
+
There are two ways to resolve this issue: by marking the type as serializable or by using a surrogate serializer.
+
+
Marking Types as Serializable
+
+
If you have access to the source code for the type that is being stored in session state, you can mark the type using the
+Serializable attribute, as in the following example. If the type contains additional classes, all the contained classes must be serializable as well.
+
[Serializable]
+public class Address { }
+
+[Serializable]
+public class Person {
+ public Address Work;
+ public Address Home;
+}
+
+
Using a Surrogate Serializer in .NET Framework 4.5
+
+
If it's not practical to mark the type as serializable in source code, and if you are using .NET Framework 4.5, you can use a surrogate serializer. (This technique does not work in .NET Framework 4.)
+
Create a class that implements the
+ISerializationSurrogate interface. In this class, you implement
+GetObjectData and
+SetObjectData methods in order to serialize and deserialze the data, respectively. In
+GetObjectData you invoke
+SerializationInfo.AddValue (using the appropriate overload for the data type of your data) to add individual fields of the object to serialize to a
+SerializationInfo object. In
+SetObjectData you extract the serialized version back to its original value in the object. Here's an example:
+
+
+
+
+
+
+
+
+
+
+
public class EmployeeSerializationSurrogate : ISerializationSurrogate
+{
+ // Serialize the Employee object to save the object name and address fields.
+ public void GetObjectData(Object obj, SerializationInfo info, StreamingContext context)
+ {
+ Employee emp = (Employee)obj;
+ info.AddValue("name", emp.name);
+ info.AddValue("address", emp.address);
+ }
+
+ // Deserialize the Employee object to set the object name and address fields.
+ public Object SetObjectData(Object obj, SerializationInfo info, StreamingContext context,
+ ISurrogateSelector selector)
+ {
+ Employee emp = (Employee)obj;
+ emp.name = info.GetString("name");
+ emp.address = info.GetString("address");
+ return null;
+ }
+}
+
You then register the serializer and the class to be serialized using the
+SurrogateSelector class in code, like this:
+
protected void Page_Load(object sender, EventArgs e)
+{
+ SurrogateSelector ss = new SurrogateSelector();
+ ss.AddSurrogate(typeof(Employee), new StreamingContext(StreamingContextStates.All), new EmployeeSerializationSurrogate());
+ SessionStateUtility.SerializationSurrogateSelector = ss;
+}
If you are deploying to a cloud environment that has multiple web server instances, you should change session state mode from "InProc" to "Custom". In addition, change the connection string named "DefaultConnection" to connect to an instance of SQL Server (including SQL Azure and SQL Compact) instead of to SQL Server Express.
During the installation process, NuGet performs an exact match on items in the
+web.config file. If you have customized any of the elements in web.config that are updated by the installation process for ASP.NET Universal Providers, the installation process will not find these elements. Instead of updating the elements, the installation process will assume that they do not exist and add them. As a result, the
+web.config will effectively contain duplicate elements.
+
If your application is experiencing issues that indicate problems in the web.config file, make sure that the file contains the elements that are illustrated earlier in this document and remove any duplicate elements.
+
+
+
+
If you are working in Visual Studio and use Server Explorer to open the database that contains the membership, role, profile, or session provider tables, and if you then try to run the application, you might see an error like the following:
+
Cannot open database "aspnet" requested by the login. The login failed. Login failed for user 'yourname.'
+
To resolve this issue, right-click the database in Server Explorer and then click
+Close Connection.
+
+
+
+
+
The new providers do not use the same tables, stored procedures, and database objects as the SQL-based providers. If you switch to the new providers in an existing application, the data from the existing tables will not be available. We are considering creating a conversion utility to help you move existing applications to the new providers.
+
+
+
+
+
Web Parts personalization will not work with Universal Providers. You must use the SQL Personalization provider. That in turn does not work with LocalDB, so you must use SQL Server Express.
+
+
+
+
This release requires that the ASP.NET application be running under full trust.
This is a preliminary document and may be changed substantially prior to final commercial release of the software described herein.
+
The information contained in this document represents the current view of Microsoft Corporation on the issues discussed as of the date of publication. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information presented after the date of publication.
+
This White Paper is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS DOCUMENT.
+
Complying with all applicable copyright laws is the responsibility of the user. Without limiting the rights under copyright, no part of this document may be reproduced, stored in or introduced into a retrieval system, or transmitted in any form or by any means (electronic, mechanical, photocopying, recording, or otherwise), or for any purpose, without the express written permission of Microsoft Corporation.
+
Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual property rights covering subject matter in this document. Except as expressly provided in any written license agreement from Microsoft, the furnishing of this document does not give you any license to these patents, trademarks, copyrights, or other intellectual property.
+
Unless otherwise noted, the example companies, organizations, products, domain names, e-mail addresses, logos, people, places and events depicted herein are fictitious, and no association with any real company, organization, product, domain name, email address, logo, person, place or event is intended or should be inferred.
Microsoft and Windows are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries.
+
The names of actual companies and products mentioned herein may be the trademarks of their respective owners.
+
+
+
diff --git a/PROJ-ETS/packages/Microsoft.Net.Http.2.0.20710.0/Microsoft.Net.Http.2.0.20710.0.nupkg b/PROJ-ETS/packages/Microsoft.Net.Http.2.0.20710.0/Microsoft.Net.Http.2.0.20710.0.nupkg
new file mode 100644
index 0000000..1d93a25
Binary files /dev/null and b/PROJ-ETS/packages/Microsoft.Net.Http.2.0.20710.0/Microsoft.Net.Http.2.0.20710.0.nupkg differ
diff --git a/PROJ-ETS/packages/Microsoft.Net.Http.2.0.20710.0/Microsoft.Net.Http.2.0.20710.0.nuspec b/PROJ-ETS/packages/Microsoft.Net.Http.2.0.20710.0/Microsoft.Net.Http.2.0.20710.0.nuspec
new file mode 100644
index 0000000..1a7f360
--- /dev/null
+++ b/PROJ-ETS/packages/Microsoft.Net.Http.2.0.20710.0/Microsoft.Net.Http.2.0.20710.0.nuspec
@@ -0,0 +1,18 @@
+
+
+
+ Microsoft.Net.Http
+ 2.0.20710.0
+ Microsoft .NET Framework 4 HTTP Client Libraries
+ Microsoft
+ Microsoft
+ http://www.microsoft.com/web/webpi/eula/MVC_4_eula_ENU.htm
+ http://www.asp.net/web-api
+ true
+ This package provides a programming interface for modern HTTP applications. This package includes HttpClient for sending requests over HTTP, as well as HttpRequestMessage and HttpResponseMessage for processing HTTP messages.
+
+
+
+
+
+
\ No newline at end of file
diff --git a/PROJ-ETS/packages/Microsoft.Net.Http.2.0.20710.0/lib/net40/System.Net.Http.WebRequest.dll b/PROJ-ETS/packages/Microsoft.Net.Http.2.0.20710.0/lib/net40/System.Net.Http.WebRequest.dll
new file mode 100644
index 0000000..b26b59a
Binary files /dev/null and b/PROJ-ETS/packages/Microsoft.Net.Http.2.0.20710.0/lib/net40/System.Net.Http.WebRequest.dll differ
diff --git a/PROJ-ETS/packages/Microsoft.Net.Http.2.0.20710.0/lib/net40/System.Net.Http.WebRequest.xml b/PROJ-ETS/packages/Microsoft.Net.Http.2.0.20710.0/lib/net40/System.Net.Http.WebRequest.xml
new file mode 100644
index 0000000..dea1f98
--- /dev/null
+++ b/PROJ-ETS/packages/Microsoft.Net.Http.2.0.20710.0/lib/net40/System.Net.Http.WebRequest.xml
@@ -0,0 +1,63 @@
+
+
+
+ System.Net.Http.WebRequest
+
+
+
+ Represents the class that is used to create special for use with the Real-Time-Communications (RTC) background notification infrastructure.
+
+
+ Creates a special for use with the Real-Time-Communications (RTC) background notification infrastructure.
+ Returns .An HTTP request message for use with the RTC background notification infrastructure.
+ The HTTP method.
+ The Uri the request is sent to.
+
+
+ Provides desktop-specific features not available to Windows Store apps or other environments.
+
+
+ Initializes a new instance of the class.
+
+
+ Gets or sets a value that indicates whether to pipeline the request to the Internet resource.
+ Returns .true if the request should be pipelined; otherwise, false. The default is true.
+
+
+ Gets or sets a value indicating the level of authentication and impersonation used for this request.
+ Returns .A bitwise combination of the values. The default value is .
+
+
+ Gets or sets the cache policy for this request.
+ Returns .A object that defines a cache policy. The default is .
+
+
+ Gets or sets the collection of security certificates that are associated with this request.
+ Returns .The collection of security certificates associated with this request.
+
+
+ Gets or sets the amount of time, in milliseconds, the application will wait for 100-continue from the server before uploading data.
+ Returns .The amount of time, in milliseconds, the application will wait for 100-continue from the server before uploading data. The default value is 350 milliseconds.
+
+
+ Gets or sets the impersonation level for the current request.
+ Returns .The impersonation level for the request. The default is .
+
+
+ Gets or sets the maximum allowed length of the response headers.
+ Returns .The length, in kilobytes (1024 bytes), of the response headers.
+
+
+ Gets or sets a time-out in milliseconds when writing a request to or reading a response from a server.
+ Returns .The number of milliseconds before the writing or reading times out. The default value is 300,000 milliseconds (5 minutes).
+
+
+ Gets or sets a callback method to validate the server certificate.
+ Returns .A callback method to validate the server certificate.
+
+
+ Gets or sets a value that indicates whether to allow high-speed NTLM-authenticated connection sharing.
+ Returns .true to keep the authenticated connection open; otherwise, false.
+
+
+
\ No newline at end of file
diff --git a/PROJ-ETS/packages/Microsoft.Net.Http.2.0.20710.0/lib/net40/System.Net.Http.dll b/PROJ-ETS/packages/Microsoft.Net.Http.2.0.20710.0/lib/net40/System.Net.Http.dll
new file mode 100644
index 0000000..2ee8ff7
Binary files /dev/null and b/PROJ-ETS/packages/Microsoft.Net.Http.2.0.20710.0/lib/net40/System.Net.Http.dll differ
diff --git a/PROJ-ETS/packages/Microsoft.Net.Http.2.0.20710.0/lib/net40/System.Net.Http.xml b/PROJ-ETS/packages/Microsoft.Net.Http.2.0.20710.0/lib/net40/System.Net.Http.xml
new file mode 100644
index 0000000..34457cb
--- /dev/null
+++ b/PROJ-ETS/packages/Microsoft.Net.Http.2.0.20710.0/lib/net40/System.Net.Http.xml
@@ -0,0 +1,2308 @@
+
+
+
+ System.Net.Http
+
+
+
+ Provides HTTP content based on a byte array.
+
+
+ Initializes a new instance of the class.
+ The content used to initialize the .
+ The parameter is null.
+
+
+ Initializes a new instance of the class.
+ The content used to initialize the .
+ The offset, in bytes, in the parameter used to initialize the .
+ The number of bytes in the starting from the parameter used to initialize the .
+ The parameter is null.
+ The parameter is less than zero.-or-The parameter is greater than the length of content specified by the parameter.-or-The parameter is less than zero.-or-The parameter is greater than the length of content specified by the parameter - minus the parameter.
+
+
+ Creates an HTTP content stream as an asynchronous operation for reading whose backing store is memory from the .
+ Returns .The task object representing the asynchronous operation.
+
+
+ Serialize and write the byte array provided in the constructor to an HTTP content stream as an asynchronous operation.
+ Returns . The task object representing the asynchronous operation.
+ The target stream.
+ Information about the transport, like channel binding token. This parameter may be null.
+
+
+ Determines whether a byte array has a valid length in bytes.
+ Returns .true if is a valid length; otherwise, false.
+ The length in bytes of the byte array.
+
+
+ Specifies how client certificates are provided.
+
+
+ The application manually provides the client certificates to the . This value is the default.
+
+
+ The will attempt to provide all available client certificates automatically.
+
+
+ A base type for HTTP handlers that delegate the processing of HTTP response messages to another handler, called the inner handler.
+
+
+ Creates a new instance of the class.
+
+
+ Creates a new instance of the class with a specific inner handler.
+ The inner handler which is responsible for processing the HTTP response messages.
+
+
+ Releases the unmanaged resources used by the , and optionally disposes of the managed resources.
+ true to release both managed and unmanaged resources; false to releases only unmanaged resources.
+
+
+ Gets or sets the inner handler which processes the HTTP response messages.
+ Returns .The inner handler for HTTP response messages.
+
+
+ Sends an HTTP request to the inner handler to send to the server as an asynchronous operation.
+ Returns . The task object representing the asynchronous operation.
+ The HTTP request message to send to the server.
+ A cancellation token to cancel operation.
+ The was null.
+
+
+ A container for name/value tuples encoded using application/x-www-form-urlencoded MIME type.
+
+
+ Initializes a new instance of the class with a specific collection of name/value pairs.
+ A collection of name/value pairs.
+
+
+ Provides a base class for sending HTTP requests and receiving HTTP responses from a resource identified by a URI.
+
+
+ Initializes a new instance of the class.
+
+
+ Initializes a new instance of the class with a specific handler.
+ The HTTP handler stack to use for sending requests.
+
+
+ Initializes a new instance of the class with a specific handler.
+ The responsible for processing the HTTP response messages.
+ true if the inner handler should be disposed of by Dispose(),false if you intend to reuse the inner handler.
+
+
+ Gets or sets the base address of Uniform Resource Identifier (URI) of the Internet resource used when sending requests.
+ Returns .The base address of Uniform Resource Identifier (URI) of the Internet resource used when sending requests.
+
+
+ Cancel all pending requests on this instance.
+
+
+ Gets the headers which should be sent with each request.
+ Returns .The headers which should be sent with each request.
+
+
+ Send a DELETE request to the specified Uri as an asynchronous operation.
+ Returns .The task object representing the asynchronous operation.
+ The Uri the request is sent to.
+ The was null.
+
+
+ Send a DELETE request to the specified Uri with a cancellation token as an asynchronous operation.
+ Returns .The task object representing the asynchronous operation.
+ The Uri the request is sent to.
+ A cancellation token that can be used by other objects or threads to receive notice of cancellation.
+ The was null.
+
+
+ Send a DELETE request to the specified Uri as an asynchronous operation.
+ Returns .The task object representing the asynchronous operation.
+ The Uri the request is sent to.
+ The was null.
+
+
+ Send a DELETE request to the specified Uri with a cancellation token as an asynchronous operation.
+ Returns .The task object representing the asynchronous operation.
+ The Uri the request is sent to.
+ A cancellation token that can be used by other objects or threads to receive notice of cancellation.
+ The was null.
+
+
+ Releases the unmanaged resources used by the and optionally disposes of the managed resources.
+ true to release both managed and unmanaged resources; false to releases only unmanaged resources.
+
+
+ Send a GET request to the specified Uri as an asynchronous operation.
+ Returns .The task object representing the asynchronous operation.
+ The Uri the request is sent to.
+ The was null.
+
+
+ Send a GET request to the specified Uri with an HTTP completion option as an asynchronous operation.
+ Returns .
+ The Uri the request is sent to.
+ An HTTP completion option value that indicates when the operation should be considered completed.
+ The was null.
+
+
+ Send a GET request to the specified Uri with an HTTP completion option and a cancellation token as an asynchronous operation.
+ Returns .
+ The Uri the request is sent to.
+ An HTTP completion option value that indicates when the operation should be considered completed.
+ A cancellation token that can be used by other objects or threads to receive notice of cancellation.
+ The was null.
+
+
+ Send a GET request to the specified Uri with a cancellation token as an asynchronous operation.
+ Returns .
+ The Uri the request is sent to.
+ A cancellation token that can be used by other objects or threads to receive notice of cancellation.
+ The was null.
+
+
+ Send a GET request to the specified Uri as an asynchronous operation.
+ Returns .The task object representing the asynchronous operation.
+ The Uri the request is sent to.
+ The was null.
+
+
+ Send a GET request to the specified Uri with an HTTP completion option as an asynchronous operation.
+ Returns .The task object representing the asynchronous operation.
+ The Uri the request is sent to.
+ An HTTP completion option value that indicates when the operation should be considered completed.
+ The was null.
+
+
+ Send a GET request to the specified Uri with an HTTP completion option and a cancellation token as an asynchronous operation.
+ Returns .The task object representing the asynchronous operation.
+ The Uri the request is sent to.
+ An HTTP completion option value that indicates when the operation should be considered completed.
+ A cancellation token that can be used by other objects or threads to receive notice of cancellation.
+ The was null.
+
+
+ Send a GET request to the specified Uri with a cancellation token as an asynchronous operation.
+ Returns .The task object representing the asynchronous operation.
+ The Uri the request is sent to.
+ A cancellation token that can be used by other objects or threads to receive notice of cancellation.
+ The was null.
+
+
+ Send a GET request to the specified Uri and return the response body as a byte array in an asynchronous operation.
+ Returns .The task object representing the asynchronous operation.
+ The Uri the request is sent to.
+ The was null.
+
+
+ Send a GET request to the specified Uri and return the response body as a byte array in an asynchronous operation.
+ Returns .The task object representing the asynchronous operation.
+ The Uri the request is sent to.
+ The was null.
+
+
+ Send a GET request to the specified Uri and return the response body as a stream in an asynchronous operation.
+ Returns .The task object representing the asynchronous operation.
+ The Uri the request is sent to.
+ The was null.
+
+
+ Send a GET request to the specified Uri and return the response body as a stream in an asynchronous operation.
+ Returns .The task object representing the asynchronous operation.
+ The Uri the request is sent to.
+ The was null.
+
+
+ Send a GET request to the specified Uri and return the response body as a string in an asynchronous operation.
+ Returns .The task object representing the asynchronous operation.
+ The Uri the request is sent to.
+ The was null.
+
+
+ Send a GET request to the specified Uri and return the response body as a string in an asynchronous operation.
+ Returns .The task object representing the asynchronous operation.
+ The Uri the request is sent to.
+ The was null.
+
+
+ Gets or sets the maximum number of bytes to buffer when reading the response content.
+ Returns .The maximum number of bytes to buffer when reading the response content. The default value for this property is 64K.
+ The size specified is less than or equal to zero.
+ An operation has already been started on the current instance.
+ The current instance has been disposed.
+
+
+ Send a POST request to the specified Uri as an asynchronous operation.
+ Returns .The task object representing the asynchronous operation.
+ The Uri the request is sent to.
+ The HTTP request content sent to the server.
+ The was null.
+
+
+ Send a POST request with a cancellation token as an asynchronous operation.
+ Returns .The task object representing the asynchronous operation.
+ The Uri the request is sent to.
+ The HTTP request content sent to the server.
+ A cancellation token that can be used by other objects or threads to receive notice of cancellation.
+ The was null.
+
+
+ Send a POST request to the specified Uri as an asynchronous operation.
+ Returns .The task object representing the asynchronous operation.
+ The Uri the request is sent to.
+ The HTTP request content sent to the server.
+ The was null.
+
+
+ Send a POST request with a cancellation token as an asynchronous operation.
+ Returns .The task object representing the asynchronous operation.
+ The Uri the request is sent to.
+ The HTTP request content sent to the server.
+ A cancellation token that can be used by other objects or threads to receive notice of cancellation.
+ The was null.
+
+
+ Send a PUT request to the specified Uri as an asynchronous operation.
+ Returns .The task object representing the asynchronous operation.
+ The Uri the request is sent to.
+ The HTTP request content sent to the server.
+ The was null.
+
+
+ Send a PUT request with a cancellation token as an asynchronous operation.
+ Returns .The task object representing the asynchronous operation.
+ The Uri the request is sent to.
+ The HTTP request content sent to the server.
+ A cancellation token that can be used by other objects or threads to receive notice of cancellation.
+ The was null.
+
+
+ Send a PUT request to the specified Uri as an asynchronous operation.
+ Returns .The task object representing the asynchronous operation.
+ The Uri the request is sent to.
+ The HTTP request content sent to the server.
+ The was null.
+
+
+ Send a PUT request with a cancellation token as an asynchronous operation.
+ Returns .The task object representing the asynchronous operation.
+ The Uri the request is sent to.
+ The HTTP request content sent to the server.
+ A cancellation token that can be used by other objects or threads to receive notice of cancellation.
+ The was null.
+
+
+ Send an HTTP request as an asynchronous operation.
+ Returns .The task object representing the asynchronous operation.
+ The HTTP request message to send.
+ The was null.
+ The request message was already sent by the instance.
+
+
+ Send an HTTP request as an asynchronous operation.
+ Returns .The task object representing the asynchronous operation.
+ The HTTP request message to send.
+ When the operation should complete (as soon as a response is available or after reading the whole response content).
+ The was null.
+ The request message was already sent by the instance.
+
+
+ Send an HTTP request as an asynchronous operation.
+ Returns .The task object representing the asynchronous operation.
+ The HTTP request message to send.
+ When the operation should complete (as soon as a response is available or after reading the whole response content).
+ The cancellation token to cancel operation.
+ The was null.
+ The request message was already sent by the instance.
+
+
+ Send an HTTP request as an asynchronous operation.
+ Returns .The task object representing the asynchronous operation.
+ The HTTP request message to send.
+ The cancellation token to cancel operation.
+ The was null.
+ The request message was already sent by the instance.
+
+
+ Gets or sets the number of milliseconds to wait before the request times out.
+ Returns .The number of milliseconds to wait before the request times out.
+ The timeout specified is less than or equal to zero and is not .
+ An operation has already been started on the current instance.
+ The current instance has been disposed.
+
+
+ The default message handler used by .
+
+
+ Creates an instance of a class.
+
+
+ Gets or sets a value that indicates whether the handler should follow redirection responses.
+ Returns .true if the if the handler should follow redirection responses; otherwise false. The default value is true.
+
+
+ Gets or sets the type of decompression method used by the handler for automatic decompression of the HTTP content response.
+ Returns .The automatic decompression method used by the handler. The default value is .
+
+
+ Gets or sets the collection of security certificates that are associated with this handler.
+ Returns .The collection of security certificates associated with this handler.
+
+
+ Gets or sets the cookie container used to store server cookies by the handler.
+ Returns .The cookie container used to store server cookies by the handler.
+
+
+ Gets or sets authentication information used by this handler.
+ Returns .The authentication credentials associated with the handler. The default is null.
+
+
+ Releases the unmanaged resources used by the and optionally disposes of the managed resources.
+ true to release both managed and unmanaged resources; false to releases only unmanaged resources.
+
+
+ Gets or sets the maximum number of redirects that the handler follows.
+ Returns .The maximum number of redirection responses that the handler follows. The default value is 50.
+
+
+ Gets or sets the maximum request content buffer size used by the handler.
+ Returns .The maximum request content buffer size in bytes. The default value is 65,536 bytes.
+
+
+ Gets or sets a value that indicates whether the handler sends an Authorization header with the request.
+ Returns .true for the handler to send an HTTP Authorization header with requests after authentication has taken place; otherwise, false. The default is false.
+
+
+ Gets or sets proxy information used by the handler.
+ Returns .The proxy information used by the handler. The default value is null.
+
+
+ Creates an instance of based on the information provided in the as an operation that will not block.
+ Returns .The task object representing the asynchronous operation.
+ The HTTP request message.
+ A cancellation token to cancel the operation.
+ The was null.
+
+
+ Gets a value that indicates whether the handler supports automatic response content decompression.
+ Returns .true if the if the handler supports automatic response content decompression; otherwise false. The default value is true.
+
+
+ Gets a value that indicates whether the handler supports proxy settings.
+ Returns .true if the if the handler supports proxy settings; otherwise false. The default value is true.
+
+
+ Gets a value that indicates whether the handler supports configuration settings for the and properties.
+ Returns .true if the if the handler supports configuration settings for the and properties; otherwise false. The default value is true.
+
+
+ Gets or sets a value that indicates whether the handler uses the property to store server cookies and uses these cookies when sending requests.
+ Returns .true if the if the handler supports uses the property to store server cookies and uses these cookies when sending requests; otherwise false. The default value is true.
+
+
+ Gets or sets a value that controls whether default credentials are sent with requests by the handler.
+ Returns .true if the default credentials are used; otherwise false. The default value is false.
+
+
+ Gets or sets a value that indicates whether the handler uses a proxy for requests.
+ Returns .true if the handler should use a proxy for requests; otherwise false. The default value is true.
+
+
+ Indicates if operations should be considered completed either as soon as a response is available, or after reading the entire response message including the content.
+
+
+ The operation should complete after reading the entire response including the content.
+
+
+ The operation should complete as soon as a response is available and headers are read. The content is not read yet.
+
+
+ A base class representing an HTTP entity body and content headers.
+
+
+ Initializes a new instance of the class.
+
+
+ Write the HTTP content to a stream as an asynchronous operation.
+ Returns .The task object representing the asynchronous operation.
+ The target stream.
+
+
+ Write the HTTP content to a stream as an asynchronous operation.
+ Returns .The task object representing the asynchronous operation.
+ The target stream.
+ Information about the transport (channel binding token, for example). This parameter may be null.
+
+
+ Write the HTTP content to a memory stream as an asynchronous operation.
+ Returns .The task object representing the asynchronous operation.
+
+
+ Releases the unmanaged resources and disposes of the managed resources used by the .
+
+
+ Releases the unmanaged resources used by the and optionally disposes of the managed resources.
+ true to release both managed and unmanaged resources; false to releases only unmanaged resources.
+
+
+ Gets the HTTP content headers as defined in RFC 2616.
+ Returns .The content headers as defined in RFC 2616.
+
+
+ Serialize the HTTP content to a memory buffer as an asynchronous operation.
+ Returns .The task object representing the asynchronous operation.
+
+
+ Serialize the HTTP content to a memory buffer as an asynchronous operation.
+ Returns .The task object representing the asynchronous operation.
+ The maximum size, in bytes, of the buffer to use.
+
+
+ Write the HTTP content to a byte array as an asynchronous operation.
+ Returns .The task object representing the asynchronous operation.
+
+
+ Write the HTTP content to a stream as an asynchronous operation.
+ Returns .The task object representing the asynchronous operation.
+
+
+ Write the HTTP content to a string as an asynchronous operation.
+ Returns .The task object representing the asynchronous operation.
+
+
+ Serialize the HTTP content to a stream as an asynchronous operation.
+ Returns .The task object representing the asynchronous operation.
+ The target stream.
+ Information about the transport (channel binding token, for example). This parameter may be null.
+
+
+ Determines whether the HTTP content has a valid length in bytes.
+ Returns .true if is a valid length; otherwise, false.
+ The length in bytes of the HHTP content.
+
+
+ A base type for HTTP message handlers.
+
+
+ Initializes a new instance of the class.
+
+
+ Releases the unmanaged resources and disposes of the managed resources used by the .
+
+
+ Releases the unmanaged resources used by the and optionally disposes of the managed resources.
+ true to release both managed and unmanaged resources; false to releases only unmanaged resources.
+
+
+ Send an HTTP request as an asynchronous operation.
+ Returns .The task object representing the asynchronous operation.
+ The HTTP request message to send.
+ The cancellation token to cancel operation.
+ The was null.
+
+
+ The base type for and other message originators.
+
+
+ Initializes an instance of a class with a specific .
+ The responsible for processing the HTTP response messages.
+
+
+ Initializes an instance of a class with a specific .
+ The responsible for processing the HTTP response messages.
+ true if the inner handler should be disposed of by Dispose(),false if you intend to reuse the inner handler.
+
+
+ Releases the unmanaged resources and disposes of the managed resources used by the .
+
+
+ Releases the unmanaged resources used by the and optionally disposes of the managed resources.
+ true to release both managed and unmanaged resources; false to releases only unmanaged resources.
+
+
+ Send an HTTP request as an asynchronous operation.
+ Returns .The task object representing the asynchronous operation.
+ The HTTP request message to send.
+ The cancellation token to cancel operation.
+ The was null.
+
+
+ A helper class for retrieving and comparing standard HTTP methods.
+
+
+ Initializes a new instance of the class with a specific HTTP method.
+ The HTTP method.
+
+
+ Represents an HTTP DELETE protocol method.
+ Returns .
+
+
+ Determines whether the specified is equal to the current .
+ Returns .true if the specified object is equal to the current object; otherwise, false.
+ The HTTP method to compare with the current object.
+
+
+ Determines whether the specified is equal to the current .
+ Returns .true if the specified object is equal to the current object; otherwise, false.
+ The object to compare with the current object.
+
+
+ Represents an HTTP GET protocol method.
+ Returns .
+
+
+ Serves as a hash function for this type.
+ Returns .A hash code for the current .
+
+
+ Represents an HTTP HEAD protocol method. The HEAD method is identical to GET except that the server only returns message-headers in the response, without a message-body.
+ Returns .
+
+
+ An HTTP method.
+ Returns .An HTTP method represented as a .
+
+
+ The equality operator for comparing two objects.
+ Returns .true if the specified and parameters are equal; otherwise, false.
+ The left to an equality operator.
+ The right to an equality operator.
+
+
+ The inequality operator for comparing two objects.
+ Returns .true if the specified and parameters are inequal; otherwise, false.
+ The left to an inequality operator.
+ The right to an inequality operator.
+
+
+ Represents an HTTP OPTIONS protocol method.
+ Returns .
+
+
+ Represents an HTTP POST protocol method that is used to post a new entity as an addition to a URI.
+ Returns .
+
+
+ Represents an HTTP PUT protocol method that is used to replace an entity identified by a URI.
+ Returns .
+
+
+ Returns a string that represents the current object.
+ Returns .A string representing the current object.
+
+
+ Represents an HTTP TRACE protocol method.
+ Returns .
+
+
+ A base class for exceptions thrown by the and classes.
+
+
+ Initializes a new instance of the class.
+
+
+ Initializes a new instance of the class with a specific message that describes the current exception.
+ A message that describes the current exception.
+
+
+ Initializes a new instance of the class with a specific message that describes the current exception and an inner exception.
+ A message that describes the current exception.
+ The inner exception.
+
+
+ Represents a HTTP request message.
+
+
+ Initializes a new instance of the class.
+
+
+ Initializes a new instance of the class with an HTTP method and a request .
+ The HTTP method.
+ A string that represents the request .
+
+
+ Initializes a new instance of the class with an HTTP method and a request .
+ The HTTP method.
+ The to request.
+
+
+ Gets or sets the contents of the HTTP message.
+ Returns .The content of a message
+
+
+ Releases the unmanaged resources and disposes of the managed resources used by the .
+
+
+ Releases the unmanaged resources used by the and optionally disposes of the managed resources.
+ true to release both managed and unmanaged resources; false to releases only unmanaged resources.
+
+
+ Gets the collection of HTTP request headers.
+ Returns .The collection of HTTP request headers.
+
+
+ Gets or sets the HTTP method used by the HTTP request message.
+ Returns .The HTTP method used by the request message. The default is the GET method.
+
+
+ Gets a set of properties for the HTTP request.
+ Returns .
+
+
+ Gets or sets the used for the HTTP request.
+ Returns .The used for the HTTP request.
+
+
+ Returns a string that represents the current object.
+ Returns .A string representation of the current object.
+
+
+ Gets or sets the HTTP message version.
+ Returns .The HTTP message version. The default is 1.1.
+
+
+ Represents a HTTP response message.
+
+
+ Initializes a new instance of the class.
+
+
+ Initializes a new instance of the class with a specific .
+ The status code of the HTTP response.
+
+
+ Gets or sets the content of a HTTP response message.
+ Returns .The content of the HTTP response message.
+
+
+ Releases the unmanaged resources and disposes of unmanaged resources used by the .
+
+
+ Releases the unmanaged resources used by the and optionally disposes of the managed resources.
+ true to release both managed and unmanaged resources; false to releases only unmanaged resources.
+
+
+ Throws an exception if the property for the HTTP response is false.
+ Returns .The HTTP response message if the call is successful.
+
+
+ Gets the collection of HTTP response headers.
+ Returns .The collection of HTTP response headers.
+
+
+ Gets a value that indicates if the HTTP response was successful.
+ Returns .A value that indicates if the HTTP response was successful. true if was in the range 200-299; otherwise false.
+
+
+ Gets or sets the reason phrase which typically is sent by servers together with the status code.
+ Returns .The reason phrase sent by the server.
+
+
+ Gets or sets the request message which led to this response message.
+ Returns .The request message which led to this response message.
+
+
+ Gets or sets the status code of the HTTP response.
+ Returns .The status code of the HTTP response.
+
+
+ Returns a string that represents the current object.
+ Returns .A string representation of the current object.
+
+
+ Gets or sets the HTTP message version.
+ Returns .The HTTP message version. The default is 1.1.
+
+
+ A base type for handlers which only do some small processing of request and/or response messages.
+
+
+ Creates an instance of a class.
+
+
+ Creates an instance of a class with a specific inner handler.
+ The inner handler which is responsible for processing the HTTP response messages.
+
+
+ Processes an HTTP request message.
+ Returns .The HTTP request message that was processed.
+ The HTTP request message to process.
+ A cancellation token that can be used by other objects or threads to receive notice of cancellation.
+
+
+ Processes an HTTP response message.
+ Returns .The HTTP response message that was processed.
+ The HTTP response message to process.
+ A cancellation token that can be used by other objects or threads to receive notice of cancellation.
+
+
+ Sends an HTTP request to the inner handler to send to the server as an asynchronous operation.
+ Returns .The task object representing the asynchronous operation.
+ The HTTP request message to send to the server.
+ A cancellation token that can be used by other objects or threads to receive notice of cancellation.
+ The was null.
+
+
+ Provides a collection of objects that get serialized using the multipart/* content type specification.
+
+
+ Creates a new instance of the class.
+
+
+ Creates a new instance of the class.
+ The subtype of the multipart content.
+ The was null or contains only white space characters.
+
+
+ Creates a new instance of the class.
+ The subtype of the multipart content.
+ The boundary string for the multipart content.
+ The was null or an empty string.The was null or contains only white space characters.-or-The ends with a space character.
+ The length of the was greater than 70.
+
+
+ Add multipart HTTP content to a collection of objects that get serialized using the multipart/* content type specification.
+ The HTTP content to add to the collection.
+ The was null.
+
+
+ Releases the unmanaged resources used by the and optionally disposes of the managed resources.
+ true to release both managed and unmanaged resources; false to releases only unmanaged resources.
+
+
+ Returns an enumerator that iterates through the collection of objects that get serialized using the multipart/* content type specification..
+ Returns .An object that can be used to iterate through the collection.
+
+
+ Serialize the multipart HTTP content to a stream as an asynchronous operation.
+ Returns .The task object representing the asynchronous operation.
+ The target stream.
+ Information about the transport (channel binding token, for example). This parameter may be null.
+
+
+ The explicit implementation of the method.
+ Returns .An object that can be used to iterate through the collection.
+
+
+ Determines whether the HTTP multipart content has a valid length in bytes.
+ Returns .true if is a valid length; otherwise, false.
+ The length in bytes of the HHTP content.
+
+
+ Provides a container for content encoded using multipart/form-data MIME type.
+
+
+ Creates a new instance of the class.
+
+
+ Creates a new instance of the class.
+ The boundary string for the multipart form data content.
+ The was null or contains only white space characters.-or-The ends with a space character.
+ The length of the was greater than 70.
+
+
+ Add HTTP content to a collection of objects that get serialized to multipart/form-data MIME type.
+ The HTTP content to add to the collection.
+ The was null.
+
+
+ Add HTTP content to a collection of objects that get serialized to multipart/form-data MIME type.
+ The HTTP content to add to the collection.
+ The name for the HTTP content to add.
+ The was null or contains only white space characters.
+ The was null.
+
+
+ Add HTTP content to a collection of objects that get serialized to multipart/form-data MIME type.
+ The HTTP content to add to the collection.
+ The name for the HTTP content to add.
+ The file name for the HTTP content to add to the collection.
+ The was null or contains only white space characters.-or-The was null or contains only white space characters.
+ The was null.
+
+
+ Provides HTTP content based on a stream.
+
+
+ Creates a new instance of the class.
+ The content used to initialize the .
+
+
+ Creates a new instance of the class.
+ The content used to initialize the .
+ The size, in bytes, of the buffer for the .
+ The was null.
+ The was less than or equal to zero.
+
+
+ Write the HTTP stream content to a memory stream as an asynchronous operation.
+ Returns .The task object representing the asynchronous operation.
+
+
+ Releases the unmanaged resources used by the and optionally disposes of the managed resources.
+ true to release both managed and unmanaged resources; false to releases only unmanaged resources.
+
+
+ Serialize the HTTP content to a stream as an asynchronous operation.
+ Returns .The task object representing the asynchronous operation.
+ The target stream.
+ Information about the transport (channel binding token, for example). This parameter may be null.
+
+
+ Determines whether the stream content has a valid length in bytes.
+ Returns .true if is a valid length; otherwise, false.
+ The length in bytes of the stream content.
+
+
+ Provides HTTP content based on a string.
+
+
+ Creates a new instance of the class.
+ The content used to initialize the .
+
+
+ Creates a new instance of the class.
+ The content used to initialize the .
+ The encoding to use for the content.
+
+
+ Creates a new instance of the class.
+ The content used to initialize the .
+ The encoding to use for the content.
+ The media type to use for the content.
+
+
+ Represents authentication information in Authorization, ProxyAuthorization, WWW-Authenticate, and Proxy-Authenticate header values.
+
+
+ Initializes a new instance of the class.
+ The scheme to use for authorization.
+
+
+ Initializes a new instance of the class.
+ The scheme to use for authorization.
+ The credentials containing the authentication information of the user agent for the resource being requested.
+
+
+ Determines whether the specified is equal to the current object.
+ Returns .true if the specified is equal to the current object; otherwise, false.
+ The object to compare with the current object.
+
+
+ Serves as a hash function for an object.
+ Returns .A hash code for the current object.
+
+
+ Gets the credentials containing the authentication information of the user agent for the resource being requested.
+ Returns .The credentials containing the authentication information.
+
+
+ Converts a string to an instance.
+ Returns .An instance.
+ A string that represents authentication header value information.
+
+ is a null reference.
+
+ is not valid authentication header value information.
+
+
+ Gets the scheme to use for authorization.
+ Returns .The scheme to use for authorization.
+
+
+ Creates a new object that is a copy of the current instance.
+ Returns .A copy of the current instance.
+
+
+ Returns a string that represents the current object.
+ Returns .A string that represents the current object.
+
+
+ Determines whether a string is valid information.
+ Returns .true if is valid information; otherwise, false.
+ The string to validate.
+ The version of the string.
+
+
+ Represents the value of the Cache-Control header.
+
+
+ Initializes a new instance of the class.
+
+
+ Determines whether the specified is equal to the current object.
+ Returns .true if the specified is equal to the current object; otherwise, false.
+ The object to compare with the current object.
+
+
+ Cache-extension tokens, each with an optional assigned value.
+ Returns .A collection of cache-extension tokens each with an optional assigned value.
+
+
+ Serves as a hash function for a object.
+ Returns .A hash code for the current object.
+
+
+ The maximum age, specified in seconds, that the HTTP client is willing to accept a response.
+ Returns .The time in seconds.
+
+
+ Whether an HTTP client is willing to accept a response that has exceeded its expiration time.
+ Returns .true if the HTTP client is willing to accept a response that has exceed the expiration time; otherwise, false.
+
+
+ The maximum time, in seconds, an HTTP client is willing to accept a response that has exceeded its expiration time.
+ Returns .The time in seconds.
+
+
+ The freshness lifetime, in seconds, that an HTTP client is willing to accept a response.
+ Returns .The time in seconds.
+
+
+ Whether the origin server require revalidation of a cache entry on any subsequent use when the cache entry becomes stale.
+ Returns .true if the origin server requires revalidation of a cache entry on any subsequent use when the entry becomes stale; otherwise, false.
+
+
+ Whether an HTTP client is willing to accept a cached response.
+ Returns .true if the HTTP client is willing to accept a cached response; otherwise, false.
+
+
+ A collection of fieldnames in the "no-cache" directive in a cache-control header field on an HTTP response.
+ Returns .A collection of fieldnames.
+
+
+ Whether a cache must not store any part of either the HTTP request mressage or any response.
+ Returns .true if a cache must not store any part of either the HTTP request mressage or any response; otherwise, false.
+
+
+ Whether a cache or proxy must not change any aspect of the entity-body.
+ Returns .true if a cache or proxy must not change any aspect of the entity-body; otherwise, false.
+
+
+ Whether a cache should either respond using a cached entry that is consistent with the other constraints of the HTTP request, or respond with a 504 (Gateway Timeout) status.
+ Returns .true if a cache should either respond using a cached entry that is consistent with the other constraints of the HTTP request, or respond with a 504 (Gateway Timeout) status; otherwise, false.
+
+
+ Converts a string to an instance.
+ Returns .A instance.
+ A string that represents cache-control header value information.
+
+ is a null reference.
+
+ is not valid cache-control header value information.
+
+
+ Whether all or part of the HTTP response message is intended for a single user and must not be cached by a shared cache.
+ Returns .true if the HTTP response message is intended for a single user and must not be cached by a shared cache; otherwise, false.
+
+
+ A collection fieldnames in the "private" directive in a cache-control header field on an HTTP response.
+ Returns .A collection of fieldnames.
+
+
+ Whether the origin server require revalidation of a cache entry on any subsequent use when the cache entry becomes stale for shared user agent caches.
+ Returns .true if the origin server requires revalidation of a cache entry on any subsequent use when the entry becomes stale for shared user agent caches; otherwise, false.
+
+
+ Whether an HTTP response may be cached by any cache, even if it would normally be non-cacheable or cacheable only within a non- shared cache.
+ Returns .true if the HTTP response may be cached by any cache, even if it would normally be non-cacheable or cacheable only within a non- shared cache; otherwise, false.
+
+
+ The shared maximum age, specified in seconds, in an HTTP response that overrides the "max-age" directive in a cache-control header or an Expires header for a shared cache.
+ Returns .The time in seconds.
+
+
+ Creates a new object that is a copy of the current instance.
+ Returns .A copy of the current instance.
+
+
+ Returns a string that represents the current object.
+ Returns .A string that represents the current object.
+
+
+ Determines whether a string is valid information.
+ Returns .true if is valid information; otherwise, false.
+ The string to validate.
+ The version of the string.
+
+
+ Represents the value of the Content-Disposition header.
+
+
+ Initializes a new instance of the class.
+ A .
+
+
+ Initializes a new instance of the class.
+ A string that contains a .
+
+
+ The date at which the file was created.
+ Returns .The file creation date.
+
+
+ The disposition type for a content body part.
+ Returns .The disposition type.
+
+
+ Determines whether the specified is equal to the current object.
+ Returns .true if the specified is equal to the current object; otherwise, false.
+ The object to compare with the current object.
+
+
+ A suggestion for how to construct a filename for storing the message payload to be used if the entity is detached and stored in a separate file.
+ Returns .A suggested filename.
+
+
+ A suggestion for how to construct filenames for storing message payloads to be used if the entities are detached and stored in a separate files.
+ Returns .A suggested filename of the form filename*.
+
+
+ Serves as a hash function for an object.
+ Returns .A hash code for the current object.
+
+
+ The date at which the file was last modified.
+ Returns .The file modification date.
+
+
+ The name for a content body part.
+ Returns .The name for the content body part.
+
+
+ A set of parameters included the Content-Disposition header.
+ Returns .A collection of parameters.
+
+
+ Converts a string to an instance.
+ Returns .An instance.
+ A string that represents content disposition header value information.
+
+ is a null reference.
+
+ is not valid content disposition header value information.
+
+
+ The date the file was last read.
+ Returns .The last read date.
+
+
+ The approximate size, in bytes, of the file.
+ Returns .The approximate size, in bytes.
+
+
+ Creates a new object that is a copy of the current instance.
+ Returns .A copy of the current instance.
+
+
+ Returns a string that represents the current object.
+ Returns .A string that represents the current object.
+
+
+ Determines whether a string is valid information.
+ Returns .true if is valid information; otherwise, false.
+ The string to validate.
+ The version of the string.
+
+
+ Represents the value of the Content-Range header.
+
+
+ Initializes a new instance of the class.
+ The starting or ending point of the range, in bytes.
+
+
+ Initializes a new instance of the class.
+ The position, in bytes, at which to start sending data.
+ The position, in bytes, at which to stop sending data.
+
+
+ Initializes a new instance of the class.
+ The position, in bytes, at which to start sending data.
+ The position, in bytes, at which to stop sending data.
+ The starting or ending point of the range, in bytes.
+
+
+ Determines whether the specified Object is equal to the current object.
+ Returns .true if the specified is equal to the current object; otherwise, false.
+ The object to compare with the current object.
+
+
+ Gets the position at which to start sending data.
+ Returns .The position, in bytes, at which to start sending data.
+
+
+ Serves as a hash function for an object.
+ Returns .A hash code for the current object.
+
+
+ Gets whether the Content-Range header has a length specified.
+ Returns .true if the Content-Range has a length specified; otherwise, false.
+
+
+ Gets whether the Content-Range has a range specified.
+ Returns .true if the Content-Range has a range specified; otherwise, false.
+
+
+ Gets the length of the full entity-body.
+ Returns .The length of the full entity-body.
+
+
+ Converts a string to an instance.
+ Returns .An instance.
+ A string that represents content range header value information.
+
+ is a null reference.
+
+ is not valid content range header value information.
+
+
+ Creates a new object that is a copy of the current instance.
+ Returns .A copy of the current instance.
+
+
+ Gets the position at which to stop sending data.
+ Returns .The position at which to stop sending data.
+
+
+ Returns a string that represents the current object.
+ Returns .A string that represents the current object.
+
+
+ Determines whether a string is valid information.
+ Returns .true if is valid information; otherwise, false.
+ The string to validate.
+ The version of the string.
+
+
+ The range units used.
+ Returns .A that contains range units.
+
+
+ Represents an entity-tag header value.
+
+
+ Initializes a new instance of the class.
+ A string that contains an .
+
+
+ Initializes a new instance of the class.
+ A string that contains an .
+ A value that indicates if this entity-tag header is a weak validator. If the entity-tag header is weak validator, then should be set to true. If the entity-tag header is a strong validator, then should be set to false.
+
+
+ Gets the entity-tag header value.
+ Returns .
+
+
+ Determines whether the specified is equal to the current object.
+ Returns .true if the specified is equal to the current object; otherwise, false.
+ The object to compare with the current object.
+
+
+ Serves as a hash function for an object.
+ Returns .A hash code for the current object.
+
+
+ Gets whether the entity-tag is prefaced by a weakness indicator.
+ Returns .true if the entity-tag is prefaced by a weakness indicator; otherwise, false.
+
+
+ Converts a string to an instance.
+ Returns .An instance.
+ A string that represents entity tag header value information.
+
+ is a null reference.
+
+ is not valid entity tag header value information.
+
+
+ Creates a new object that is a copy of the current instance.
+ Returns .A copy of the current instance.
+
+
+ Gets the opaque quoted string.
+ Returns .An opaque quoted string.
+
+
+ Returns a string that represents the current object.
+ Returns .A string that represents the current object.
+
+
+ Determines whether a string is valid information.
+ Returns .true if is valid information; otherwise, false.
+ The string to validate.
+ The version of the string.
+
+
+ Represents the collection of Content Headers as defined in RFC 2616.
+
+
+ Gets the value of the Allow content header on an HTTP response.
+ Returns .The value of the Allow header on an HTTP response.
+
+
+ Gets the value of the Content-Disposition content header on an HTTP response.
+ Returns .The value of the Content-Disposition content header on an HTTP response.
+
+
+ Gets the value of the Content-Encoding content header on an HTTP response.
+ Returns .The value of the Content-Encoding content header on an HTTP response.
+
+
+ Gets the value of the Content-Language content header on an HTTP response.
+ Returns .The value of the Content-Language content header on an HTTP response.
+
+
+ Gets or sets the value of the Content-Length content header on an HTTP response.
+ Returns .The value of the Content-Length content header on an HTTP response.
+
+
+ Gets or sets the value of the Content-Location content header on an HTTP response.
+ Returns .The value of the Content-Location content header on an HTTP response.
+
+
+ Gets or sets the value of the Content-MD5 content header on an HTTP response.
+ Returns .The value of the Content-MD5 content header on an HTTP response.
+
+
+ Gets or sets the value of the Content-Range content header on an HTTP response.
+ Returns .The value of the Content-Range content header on an HTTP response.
+
+
+ Gets or sets the value of the Content-Type content header on an HTTP response.
+ Returns .The value of the Content-Type content header on an HTTP response.
+
+
+ Gets or sets the value of the Expires content header on an HTTP response.
+ Returns .The value of the Expires content header on an HTTP response.
+
+
+ Gets or sets the value of the Last-Modified content header on an HTTP response.
+ Returns .The value of the Last-Modified content header on an HTTP response.
+
+
+ A collection of headers and their values as defined in RFC 2616.
+
+
+ Initializes a new instance of the class.
+
+
+ Adds the specified header and its values into the collection.
+ The header to add to the collection.
+ A list of header values to add to the collection.
+
+
+ Adds the specified header and its value into the collection.
+ The header to add to the collection.
+ The content of the header.
+
+
+ Removes all headers from the collection.
+
+
+ Returns if a specific header exists in the collection.
+ Returns .true is the specified header exists in the collection; otherwise false.
+ The specific header.
+
+
+ Returns an enumerator that can iterate through the instance.
+ Returns .An enumerator for the .
+
+
+ Returns all header values for a specified header stored in the collection.
+ Returns .An array of header strings.
+ The specified header to return values for.
+
+
+ Removes the specified header from the collection.
+ Returns .
+ The name of the header to remove from the collection.
+
+
+ Gets an enumerator that can iterate through a .
+ Returns .An instance of an implementation of an that can iterate through a .
+
+
+ Returns a string that represents the current object.
+ Returns .A string that represents the current object.
+
+
+ Returns a value that indicates whether the specified header and its values were added to the collection without validating the provided information.
+ Returns .true if the specified header and could be added to the collection; otherwise false.
+ The header to add to the collection.
+ The values of the header.
+
+
+ Returns a value that indicates whether the specified header and its value were added to the collection without validating the provided information.
+ Returns .true if the specified header and could be added to the collection; otherwise false.
+ The header to add to the collection.
+ The content of the header.
+
+
+ Return if a specified header and specified values are stored in the collection.
+ Returns .true is the specified header and values are stored in the collection; otherwise false.
+ The specified header.
+ The specified header values.
+
+
+ Represents a collection of header values.
+
+
+
+
+
+ Returns .
+
+
+
+ Returns .
+
+
+ Returns .
+
+
+ Returns .
+
+
+
+ Returns .
+
+
+ Returns .
+
+
+ Returns a string that represents the current XXX object.
+ Returns .A string that represents the current object.
+
+
+ Determines whether a string is valid XXX information.
+ Returns .
+ The string to validate.
+
+
+ Represents the collection of Request Headers as defined in RFC 2616.
+
+
+ Gets the value of the Accept header for an HTTP request.
+ Returns .The value of the Accept header for an HTTP request.
+
+
+ Gets the value of the Accept-Charset header for an HTTP request.
+ Returns .The value of the Accept-Charset header for an HTTP request.
+
+
+ Gets the value of the Accept-Encoding header for an HTTP request.
+ Returns .The value of the Accept-Encoding header for an HTTP request.
+
+
+ Gets the value of the Accept-Language header for an HTTP request.
+ Returns .The value of the Accept-Language header for an HTTP request.
+
+
+ Gets or sets the value of the Authorization header for an HTTP request.
+ Returns .The value of the Authorization header for an HTTP request.
+
+
+ Gets or sets the value of the Cache-Control header for an HTTP request.
+ Returns .The value of the Cache-Control header for an HTTP request.
+
+
+ Gets the value of the Connection header for an HTTP request.
+ Returns .The value of the Connection header for an HTTP request.
+
+
+ Gets or sets a value that indicates if the Connection header for an HTTP request contains Close.
+ Returns .true if the Connection header contains Close, otherwise false.
+
+
+ Gets or sets the value of the Date header for an HTTP request.
+ Returns .The value of the Date header for an HTTP request.
+
+
+ Gets the value of the Expect header for an HTTP request.
+ Returns .The value of the Expect header for an HTTP request.
+
+
+ Gets or sets a value that indicates if the Expect header for an HTTP request contains Continue.
+ Returns .true if the Expect header contains Continue, otherwise false.
+
+
+ Gets or sets the value of the From header for an HTTP request.
+ Returns .The value of the From header for an HTTP request.
+
+
+ Gets or sets the value of the Host header for an HTTP request.
+ Returns .The value of the Host header for an HTTP request.
+
+
+ Gets the value of the If-Match header for an HTTP request.
+ Returns .The value of the If-Match header for an HTTP request.
+
+
+ Gets or sets the value of the If-Modified-Since header for an HTTP request.
+ Returns .The value of the If-Modified-Since header for an HTTP request.
+
+
+ Gets the value of the If-None-Match header for an HTTP request.
+ Returns .Gets the value of the If-None-Match header for an HTTP request.
+
+
+ Gets or sets the value of the If-Range header for an HTTP request.
+ Returns .The value of the If-Range header for an HTTP request.
+
+
+ Gets or sets the value of the If-Unmodified-Since header for an HTTP request.
+ Returns .The value of the If-Unmodified-Since header for an HTTP request.
+
+
+ Gets or sets the value of the Max-Forwards header for an HTTP request.
+ Returns .The value of the Max-Forwards header for an HTTP request.
+
+
+ Gets the value of the Pragma header for an HTTP request.
+ Returns .The value of the Pragma header for an HTTP request.
+
+
+ Gets or sets the value of the Proxy-Authorization header for an HTTP request.
+ Returns .The value of the Proxy-Authorization header for an HTTP request.
+
+
+ Gets or sets the value of the Range header for an HTTP request.
+ Returns .The value of the Range header for an HTTP request.
+
+
+ Gets or sets the value of the Referer header for an HTTP request.
+ Returns .The value of the Referer header for an HTTP request.
+
+
+ Gets the value of the TE header for an HTTP request.
+ Returns .The value of the TE header for an HTTP request.
+
+
+ Gets the value of the Trailer header for an HTTP request.
+ Returns .The value of the Trailer header for an HTTP request.
+
+
+ Gets the value of the Transfer-Encoding header for an HTTP request.
+ Returns .The value of the Transfer-Encoding header for an HTTP request.
+
+
+ Gets or sets a value that indicates if the Transfer-Encoding header for an HTTP request contains chunked.
+ Returns .true if the Transfer-Encoding header contains chunked, otherwise false.
+
+
+ Gets the value of the Upgrade header for an HTTP request.
+ Returns .The value of the Upgrade header for an HTTP request.
+
+
+ Gets the value of the User-Agent header for an HTTP request.
+ Returns .The value of the User-Agent header for an HTTP request.
+
+
+ Gets the value of the Via header for an HTTP request.
+ Returns .The value of the Via header for an HTTP request.
+
+
+ Gets the value of the Warning header for an HTTP request.
+ Returns .The value of the Warning header for an HTTP request.
+
+
+ Represents the collection of Response Headers as defined in RFC 2616.
+
+
+ Gets the value of the Accept-Ranges header for an HTTP response.
+ Returns .The value of the Accept-Ranges header for an HTTP response.
+
+
+ Gets or sets the value of the Age header for an HTTP response.
+ Returns .The value of the Age header for an HTTP response.
+
+
+ Gets or sets the value of the Cache-Control header for an HTTP response.
+ Returns .The value of the Cache-Control header for an HTTP response.
+
+
+ Gets the value of the Connection header for an HTTP response.
+ Returns .The value of the Connection header for an HTTP response.
+
+
+ Gets or sets a value that indicates if the Connection header for an HTTP response contains Close.
+ Returns .true if the Connection header contains Close, otherwise false.
+
+
+ Gets or sets the value of the Date header for an HTTP response.
+ Returns .The value of the Date header for an HTTP response.
+
+
+ Gets or sets the value of the ETag header for an HTTP response.
+ Returns .The value of the ETag header for an HTTP response.
+
+
+ Gets or sets the value of the Location header for an HTTP response.
+ Returns .The value of the Location header for an HTTP response.
+
+
+ Gets the value of the Pragma header for an HTTP response.
+ Returns .The value of the Pragma header for an HTTP response.
+
+
+ Gets the value of the Proxy-Authenticate header for an HTTP response.
+ Returns .The value of the Proxy-Authenticate header for an HTTP response.
+
+
+ Gets or sets the value of the Retry-After header for an HTTP response.
+ Returns .The value of the Retry-After header for an HTTP response.
+
+
+ Gets the value of the Server header for an HTTP response.
+ Returns .The value of the Server header for an HTTP response.
+
+
+ Gets the value of the Trailer header for an HTTP response.
+ Returns .The value of the Trailer header for an HTTP response.
+
+
+ Gets the value of the Transfer-Encoding header for an HTTP response.
+ Returns .The value of the Transfer-Encoding header for an HTTP response.
+
+
+ Gets or sets a value that indicates if the Transfer-Encoding header for an HTTP response contains chunked.
+ Returns .true if the Transfer-Encoding header contains chunked, otherwise false.
+
+
+ Gets the value of the Upgrade header for an HTTP response.
+ Returns .The value of the Upgrade header for an HTTP response.
+
+
+ Gets the value of the Vary header for an HTTP response.
+ Returns .The value of the Vary header for an HTTP response.
+
+
+ Gets the value of the Via header for an HTTP response.
+ Returns .The value of the Via header for an HTTP response.
+
+
+ Gets the value of the Warning header for an HTTP response.
+ Returns .The value of the Warning header for an HTTP response.
+
+
+ Gets the value of the WWW-Authenticate header for an HTTP response.
+ Returns .The value of the WWW-Authenticate header for an HTTP response.
+
+
+ Represents a media-type as defined in the RFC 2616.
+
+
+ Initializes a new instance of the class.
+
+
+ Initializes a new instance of the class.
+
+
+ Gets or sets the character set.
+ Returns .The character set.
+
+
+ Determines whether the specified is equal to the current object.
+ Returns .true if the specified is equal to the current object; otherwise, false.
+ The object to compare with the current object.
+
+
+ Serves as a hash function for an object.
+ Returns .A hash code for the current object.
+
+
+ Gets or sets the media-type header value.
+ Returns .The media-type header value.
+
+
+ Gets or sets the media-type header value parameters.
+ Returns .The media-type header value parameters.
+
+
+ Converts a string to an instance.
+ Returns .An instance.
+ A string that represents media type header value information.
+
+ is a null reference.
+
+ is not valid media type header value information.
+
+
+ Creates a new object that is a copy of the current instance.
+ Returns .A copy of the current instance.
+
+
+ Returns a string that represents the current object.
+ Returns .A string that represents the current object.
+
+
+ Determines whether a string is valid information.
+ Returns .true if is valid information; otherwise, false.
+ The string to validate.
+ The version of the string.
+
+
+ Represents a content-type header value with an additional quality.
+
+
+ Initializes a new instance of the class.
+
+
+ Initializes a new instance of the class.
+
+
+ Converts a string to an instance.
+ Returns .An instance.
+ A string that represents media type with quality header value information.
+
+ is a null reference.
+
+ is not valid media type with quality header value information.
+
+
+ Returns .
+
+
+ Creates a new object that is a copy of the current instance.
+ Returns .A copy of the current instance.
+
+
+ Determines whether a string is valid information.
+ Returns .true if is valid information; otherwise, false.
+ The string to validate.
+ The version of the string.
+
+
+ Represents a name/value pair.
+
+
+ Initializes a new instance of the class.
+
+
+ Initializes a new instance of the class.
+ The header name.
+
+
+ Initializes a new instance of the class.
+ The header name.
+ The header value.
+
+
+ Determines whether the specified is equal to the current object.
+ Returns .true if the specified is equal to the current object; otherwise, false.
+ The object to compare with the current object.
+
+
+ Serves as a hash function for an object.
+ Returns .A hash code for the current object.
+
+
+ Gets the header name.
+ Returns .The header name.
+
+
+ Converts a string to an instance.
+ Returns .An instance.
+ A string that represents name value header value information.
+
+ is a null reference.
+
+ is not valid name value header value information.
+
+
+ Creates a new object that is a copy of the current instance.
+ Returns .A copy of the current instance.
+
+
+ Returns a string that represents the current object.
+ Returns .A string that represents the current object.
+
+
+ Determines whether a string is valid information.
+ Returns .true if is valid information; otherwise, false.
+ The string to validate.
+ The version of the string.
+
+
+ Gets the header value.
+ Returns .The header value.
+
+
+ Represents a name/value pair with parameters.
+
+
+ Initializes a new instance of the class.
+
+
+ Initializes a new instance of the class.
+
+
+ Initializes a new instance of the class.
+
+
+ Determines whether the specified is equal to the current object.
+ Returns .true if the specified is equal to the current object; otherwise, false.
+ The object to compare with the current object.
+
+
+ Serves as a hash function for an object.
+ Returns .A hash code for the current object.
+
+
+ Returns .
+
+
+ Converts a string to an instance.
+ Returns .An instance.
+ A string that represents name value with parameter header value information.
+
+ is a null reference.
+
+ is not valid name value with parameter header value information.
+
+
+ Creates a new object that is a copy of the current instance.
+ Returns .A copy of the current instance.
+
+
+ Returns a string that represents the current object.
+ Returns .A string that represents the current object.
+
+
+ Determines whether a string is valid information.
+ Returns .true if is valid information; otherwise, false.
+ The string to validate.
+ The version of the string.
+
+
+ Represents a product token in header value.
+
+
+ Initializes a new instance of the class.
+
+
+ Initializes a new instance of the class.
+
+
+ Determines whether the specified is equal to the current object.
+ Returns .true if the specified is equal to the current object; otherwise, false.
+ The object to compare with the current object.
+
+
+ Serves as a hash function for an object.
+ Returns .A hash code for the current object.
+
+
+ Gets the name of the product token.
+ Returns .The name of the product token.
+
+
+ Converts a string to an instance.
+ Returns .An instance.
+ A string that represents product header value information.
+
+
+ Creates a new object that is a copy of the current instance.
+ Returns .A copy of the current instance.
+
+
+ Returns a string that represents the current object.
+ Returns .A string that represents the current object.
+
+
+ Determines whether a string is valid information.
+ Returns .true if is valid information; otherwise, false.
+ The string to validate.
+ The version of the string.
+
+
+ Gets the version of the product token.
+ Returns .The version of the product token.
+
+
+ Represents a value which can either be a product or a comment.
+
+
+ Initializes a new instance of the class.
+
+
+ Initializes a new instance of the class.
+
+
+ Initializes a new instance of the class.
+
+
+ Returns .
+
+
+ Determines whether the specified is equal to the current object.
+ Returns .true if the specified is equal to the current object; otherwise, false.
+ The object to compare with the current object.
+
+
+ Serves as a hash function for an object.
+ Returns .A hash code for the current object.
+
+
+ Converts a string to an instance.
+ Returns .An instance.
+ A string that represents product info header value information.
+
+ is a null reference.
+
+ is not valid product info header value information.
+
+
+ Returns .
+
+
+ Creates a new object that is a copy of the current instance.
+ Returns .A copy of the current instance.
+
+
+ Returns a string that represents the current object.
+ Returns .A string that represents the current object.
+
+
+ Determines whether a string is valid information.
+ Returns .true if is valid information; otherwise, false.
+ The string to validate.
+ The version of the string.
+
+
+ Represents a header value which can either be a date/time or an entity-tag value.
+
+
+ Initializes a new instance of the class.
+
+
+ Initializes a new instance of the class.
+
+
+ Initializes a new instance of the class.
+
+
+ Returns .
+
+
+ Returns .
+
+
+ Determines whether the specified is equal to the current object.
+ Returns .true if the specified is equal to the current object; otherwise, false.
+
+
+ Serves as a hash function for an object.
+ Returns .A hash code for the current object.
+
+
+ Converts a string to an instance.
+ Returns .An instance.
+ A string that represents range condition header value information.
+
+ is a null reference.
+
+ is not valid range Condition header value information.
+
+
+ Creates a new object that is a copy of the current instance.
+ Returns .A copy of the current instance.
+
+
+ Returns a string that represents the current object.
+ Returns .A string that represents the current object.
+
+
+ Determines whether a string is valid information.
+ Returns .true if is valid information; otherwise, false.
+ The string to validate.
+ The version of the string.
+
+
+ Represents the value of the Range header.
+
+
+ Initializes a new instance of the class.
+
+
+ Initializes a new instance of the class.
+
+
+ Determines whether the specified is equal to the current object.
+ Returns .true if the specified is equal to the current object; otherwise, false.
+ The object to compare with the current object.
+
+
+ Serves as a hash function for an object.
+ Returns .A hash code for the current object.
+
+
+ Converts a string to an instance.
+ Returns .An instance.
+ A string that represents range header value information.
+
+ is a null reference.
+
+ is not valid range header value information.
+
+
+ Returns .
+
+
+ Creates a new object that is a copy of the current instance.
+ Returns .A copy of the current instance.
+
+
+ Returns a string that represents the current object.
+ Returns .A string that represents the current object.
+
+
+ Determines whether a string is valid information.
+ Returns .true if is valid information; otherwise, false.
+ he string to validate.
+ The version of the string.
+
+
+ Returns .
+
+
+ Represents a byte-range header value.
+
+
+ Initializes a new instance of the class.
+
+
+ Determines whether the specified is equal to the current object.
+ Returns .true if the specified is equal to the current object; otherwise, false.
+ The object to compare with the current object.
+
+
+ Returns .
+
+
+ Serves as a hash function for an object.
+ Returns .A hash code for the current object.
+
+
+ Creates a new object that is a copy of the current instance.
+ Returns .A copy of the current instance.
+
+
+ Returns .
+
+
+ Returns a string that represents the current object.
+ Returns .A string that represents the current object.
+
+
+ Represents a header value which can either be a date/time or a timespan value.
+
+
+ Initializes a new instance of the class.
+
+
+ Initializes a new instance of the class.
+
+
+ Returns .
+
+
+ Returns .
+
+
+ Determines whether the specified is equal to the current object.
+ Returns .true if the specified is equal to the current object; otherwise, false.
+ The object to compare with the current object.
+
+
+ Serves as a hash function for an object.
+ Returns .A hash code for the current object.
+
+
+ Converts a string to an instance.
+ Returns .An instance.
+ A string that represents retry condition header value information.
+
+ is a null reference.
+
+ is not valid retry condition header value information.
+
+
+ Creates a new object that is a copy of the current instance.
+ Returns .A copy of the current instance.
+
+
+ Returns a string that represents the current object.
+ Returns .A string that represents the current object.
+
+
+ Determines whether a string is valid information.
+ Returns .true if is valid information; otherwise, false.
+ The string to validate.
+ The version of the string.
+
+
+ Represents a string header value with an optional quality.
+
+
+ Initializes a new instance of the class.
+
+
+ Initializes a new instance of the class.
+
+
+ Determines whether the specified Object is equal to the current object.
+ Returns .true if the specified is equal to the current object; otherwise, false.
+ The object to compare with the current object.
+
+
+ Serves as a hash function for an object.
+ Returns .A hash code for the current object.
+
+
+ Converts a string to an instance.
+ Returns .An instance.
+ A string that represents quality header value information.
+
+ is a null reference.
+
+ is not valid string with quality header value information.
+
+
+ Returns .
+
+
+ Creates a new object that is a copy of the current instance.
+ Returns .A copy of the current instance.
+
+
+ Returns a string that represents the current object.
+ Returns .A string that represents the current object.
+
+
+ Determines whether a string is valid information.
+ Returns .true if is valid information; otherwise, false.
+ The string to validate.
+ The version of the string.
+
+
+ Returns .
+
+
+ Represents a transfer-coding header value.
+
+
+ Initializes a new instance of the class.
+
+
+ Initializes a new instance of the class.
+
+
+ Determines whether the specified Object is equal to the current object.
+ Returns .true if the specified is equal to the current object; otherwise, false.
+ The object to compare with the current object.
+
+
+ Serves as a hash function for an object.
+ Returns .A hash code for the current object.
+
+
+ Gets the transfer-coding parameters.
+ Returns .The transfer-coding parameters.
+
+
+ Converts a string to an instance.
+ Returns .An instance.
+ A string that represents transfer-coding header value information.
+
+ is a null reference.
+
+ is not valid transfer-coding header value information.
+
+
+ Creates a new object that is a copy of the current instance.
+ Returns .A copy of the current instance.
+
+
+ Returns a string that represents the current object.
+ Returns .A string that represents the current object.
+
+
+ Determines whether a string is valid information.
+ Returns .true if is valid information; otherwise, false.
+ The string to validate.
+ The version of the string.
+
+
+ Gets the transfer-coding value.
+ Returns .The transfer-coding value.
+
+
+ Represents a transfer-coding header value with optional quality.
+
+
+ Initializes a new instance of the class.
+
+
+ Initializes a new instance of the class.
+
+
+ Converts a string to an instance.
+ Returns .An instance.
+ A string that represents transfer-coding value information.
+
+ is a null reference.
+
+ is not valid transfer-coding with quality header value information.
+
+
+ Returns .
+
+
+ Creates a new object that is a copy of the current instance.
+ Returns .A copy of the current instance.
+
+
+ Determines whether a string is valid information.
+ Returns .true if is valid information; otherwise, false.
+ The string to validate.
+ The version of the string.
+
+
+ Represents the value of a Via header.
+
+
+ Initializes a new instance of the class.
+ The protocol version of the received protocol.
+ The host and port that the request or response was received by.
+
+
+ Initializes a new instance of the class.
+ The protocol version of the received protocol.
+ The host and port that the request or response was received by.
+ The protocol name of the received protocol.
+
+
+ Initializes a new instance of the class.
+ The protocol version of the received protocol.
+ The host and port that the request or response was received by.
+ The protocol name of the received protocol.
+ The comment field used to identify the software of the recipient proxy or gateway.
+
+
+ Gets the comment field used to identify the software of the recipient proxy or gateway.
+ Returns .The comment field used to identify the software of the recipient proxy or gateway.
+
+
+ Determines whether the specified is equal to the current object.
+ Returns .true if the specified is equal to the current object; otherwise, false.
+ The object to compare with the current object.
+
+
+ Serves as a hash function for an object.
+ Returns .Returns a hash code for the current object.
+
+
+ Converts a string to an instance.
+ Returns .An instance.
+ A string that represents via header value information.
+
+ is a null reference.
+
+ is not valid via header value information.
+
+
+ Gets the protocol name of the received protocol.
+ Returns .The protocol name.
+
+
+ Gets the protocol version of the received protocol.
+ Returns .The protocol version.
+
+
+ Gets the host and port that the request or response was received by.
+ Returns .The host and port that the request or response was received by.
+
+
+ Creates a new object that is a copy of the current instance.
+ Returns .A copy of the current instance.
+
+
+ Returns a string that represents the current object.
+ Returns .A string that represents the current object.
+
+
+ Determines whether a string is valid information.
+ Returns .true if is valid information; otherwise, false.
+ The string to validate.
+ The version of the string.
+
+
+ Represents a warning value used by the Warning header.
+
+
+ Initializes a new instance of the class.
+ The specific warning code.
+ The host that attached the warning.
+ A quoted-string containing the warning text.
+
+
+ Initializes a new instance of the class.
+ The specific warning code.
+ The host that attached the warning.
+ A quoted-string containing the warning text.
+ The date/time stamp of the warning.
+
+
+ Gets the host that attached the warning.
+ Returns .The host that attached the warning.
+
+
+ Gets the specific warning code.
+ Returns .The specific warning code.
+
+
+ Gets the date/time stamp of the warning.
+ Returns .The date/time stamp of the warning.
+
+
+ Determines whether the specified is equal to the current object.
+ Returns .true if the specified is equal to the current object; otherwise, false.
+ The object to compare with the current object.
+
+
+ Serves as a hash function for an object.
+ Returns .A hash code for the current object.
+
+
+ Converts a string to an instance.
+ Returns an instance.
+ A string that represents authentication header value information.
+
+ is a null reference.
+
+ is not valid authentication header value information.
+
+
+ Creates a new object that is a copy of the current instance.
+ Returns .Returns a copy of the current instance.
+
+
+ Gets a quoted-string containing the warning text.
+ Returns .A quoted-string containing the warning text.
+
+
+ Returns a string that represents the current object.
+ Returns .A string that represents the current object.
+
+
+ Determines whether a string is valid information.
+ Returns .true if is valid information; otherwise, false.
+ The string to validate.
+ The version of the string.
+
+
+
\ No newline at end of file
diff --git a/PROJ-ETS/packages/Microsoft.Net.Http.2.0.20710.0/lib/net45/_._ b/PROJ-ETS/packages/Microsoft.Net.Http.2.0.20710.0/lib/net45/_._
new file mode 100644
index 0000000..5f28270
--- /dev/null
+++ b/PROJ-ETS/packages/Microsoft.Net.Http.2.0.20710.0/lib/net45/_._
@@ -0,0 +1 @@
+
\ No newline at end of file
diff --git a/PROJ-ETS/packages/Modernizr.2.6.2/Content/Scripts/modernizr-2.6.2.js b/PROJ-ETS/packages/Modernizr.2.6.2/Content/Scripts/modernizr-2.6.2.js
new file mode 100644
index 0000000..56a0022
--- /dev/null
+++ b/PROJ-ETS/packages/Modernizr.2.6.2/Content/Scripts/modernizr-2.6.2.js
@@ -0,0 +1,1393 @@
+/*!
+ * Modernizr v2.6.2
+ * www.modernizr.com
+ *
+ * Copyright (c) Faruk Ates, Paul Irish, Alex Sexton
+ * Available under the BSD and MIT licenses: www.modernizr.com/license/
+ */
+
+/*
+ * Modernizr tests which native CSS3 and HTML5 features are available in
+ * the current UA and makes the results available to you in two ways:
+ * as properties on a global Modernizr object, and as classes on the
+ * element. This information allows you to progressively enhance
+ * your pages with a granular level of control over the experience.
+ *
+ * Modernizr has an optional (not included) conditional resource loader
+ * called Modernizr.load(), based on Yepnope.js (yepnopejs.com).
+ * To get a build that includes Modernizr.load(), as well as choosing
+ * which tests to include, go to www.modernizr.com/download/
+ *
+ * Authors Faruk Ates, Paul Irish, Alex Sexton
+ * Contributors Ryan Seddon, Ben Alman
+ */
+
+window.Modernizr = (function( window, document, undefined ) {
+
+ var version = '2.6.2',
+
+ Modernizr = {},
+
+ /*>>cssclasses*/
+ // option for enabling the HTML classes to be added
+ enableClasses = true,
+ /*>>cssclasses*/
+
+ docElement = document.documentElement,
+
+ /**
+ * Create our "modernizr" element that we do most feature tests on.
+ */
+ mod = 'modernizr',
+ modElem = document.createElement(mod),
+ mStyle = modElem.style,
+
+ /**
+ * Create the input element for various Web Forms feature tests.
+ */
+ inputElem /*>>inputelem*/ = document.createElement('input') /*>>inputelem*/ ,
+
+ /*>>smile*/
+ smile = ':)',
+ /*>>smile*/
+
+ toString = {}.toString,
+
+ // TODO :: make the prefixes more granular
+ /*>>prefixes*/
+ // List of property values to set for css tests. See ticket #21
+ prefixes = ' -webkit- -moz- -o- -ms- '.split(' '),
+ /*>>prefixes*/
+
+ /*>>domprefixes*/
+ // Following spec is to expose vendor-specific style properties as:
+ // elem.style.WebkitBorderRadius
+ // and the following would be incorrect:
+ // elem.style.webkitBorderRadius
+
+ // Webkit ghosts their properties in lowercase but Opera & Moz do not.
+ // Microsoft uses a lowercase `ms` instead of the correct `Ms` in IE8+
+ // erik.eae.net/archives/2008/03/10/21.48.10/
+
+ // More here: github.com/Modernizr/Modernizr/issues/issue/21
+ omPrefixes = 'Webkit Moz O ms',
+
+ cssomPrefixes = omPrefixes.split(' '),
+
+ domPrefixes = omPrefixes.toLowerCase().split(' '),
+ /*>>domprefixes*/
+
+ /*>>ns*/
+ ns = {'svg': 'http://www.w3.org/2000/svg'},
+ /*>>ns*/
+
+ tests = {},
+ inputs = {},
+ attrs = {},
+
+ classes = [],
+
+ slice = classes.slice,
+
+ featureName, // used in testing loop
+
+
+ /*>>teststyles*/
+ // Inject element with style element and some CSS rules
+ injectElementWithStyles = function( rule, callback, nodes, testnames ) {
+
+ var style, ret, node, docOverflow,
+ div = document.createElement('div'),
+ // After page load injecting a fake body doesn't work so check if body exists
+ body = document.body,
+ // IE6 and 7 won't return offsetWidth or offsetHeight unless it's in the body element, so we fake it.
+ fakeBody = body || document.createElement('body');
+
+ if ( parseInt(nodes, 10) ) {
+ // In order not to give false positives we create a node for each test
+ // This also allows the method to scale for unspecified uses
+ while ( nodes-- ) {
+ node = document.createElement('div');
+ node.id = testnames ? testnames[nodes] : mod + (nodes + 1);
+ div.appendChild(node);
+ }
+ }
+
+ // '].join('');
+ div.id = mod;
+ // IE6 will false positive on some tests due to the style element inside the test div somehow interfering offsetHeight, so insert it into body or fakebody.
+ // Opera will act all quirky when injecting elements in documentElement when page is served as xml, needs fakebody too. #270
+ (body ? div : fakeBody).innerHTML += style;
+ fakeBody.appendChild(div);
+ if ( !body ) {
+ //avoid crashing IE8, if background image is used
+ fakeBody.style.background = '';
+ //Safari 5.13/5.1.4 OSX stops loading if ::-webkit-scrollbar is used and scrollbars are visible
+ fakeBody.style.overflow = 'hidden';
+ docOverflow = docElement.style.overflow;
+ docElement.style.overflow = 'hidden';
+ docElement.appendChild(fakeBody);
+ }
+
+ ret = callback(div, rule);
+ // If this is done after page load we don't want to remove the body so check if body exists
+ if ( !body ) {
+ fakeBody.parentNode.removeChild(fakeBody);
+ docElement.style.overflow = docOverflow;
+ } else {
+ div.parentNode.removeChild(div);
+ }
+
+ return !!ret;
+
+ },
+ /*>>teststyles*/
+
+ /*>>mq*/
+ // adapted from matchMedia polyfill
+ // by Scott Jehl and Paul Irish
+ // gist.github.com/786768
+ testMediaQuery = function( mq ) {
+
+ var matchMedia = window.matchMedia || window.msMatchMedia;
+ if ( matchMedia ) {
+ return matchMedia(mq).matches;
+ }
+
+ var bool;
+
+ injectElementWithStyles('@media ' + mq + ' { #' + mod + ' { position: absolute; } }', function( node ) {
+ bool = (window.getComputedStyle ?
+ getComputedStyle(node, null) :
+ node.currentStyle)['position'] == 'absolute';
+ });
+
+ return bool;
+
+ },
+ /*>>mq*/
+
+
+ /*>>hasevent*/
+ //
+ // isEventSupported determines if a given element supports the given event
+ // kangax.github.com/iseventsupported/
+ //
+ // The following results are known incorrects:
+ // Modernizr.hasEvent("webkitTransitionEnd", elem) // false negative
+ // Modernizr.hasEvent("textInput") // in Webkit. github.com/Modernizr/Modernizr/issues/333
+ // ...
+ isEventSupported = (function() {
+
+ var TAGNAMES = {
+ 'select': 'input', 'change': 'input',
+ 'submit': 'form', 'reset': 'form',
+ 'error': 'img', 'load': 'img', 'abort': 'img'
+ };
+
+ function isEventSupported( eventName, element ) {
+
+ element = element || document.createElement(TAGNAMES[eventName] || 'div');
+ eventName = 'on' + eventName;
+
+ // When using `setAttribute`, IE skips "unload", WebKit skips "unload" and "resize", whereas `in` "catches" those
+ var isSupported = eventName in element;
+
+ if ( !isSupported ) {
+ // If it has no `setAttribute` (i.e. doesn't implement Node interface), try generic element
+ if ( !element.setAttribute ) {
+ element = document.createElement('div');
+ }
+ if ( element.setAttribute && element.removeAttribute ) {
+ element.setAttribute(eventName, '');
+ isSupported = is(element[eventName], 'function');
+
+ // If property was created, "remove it" (by setting value to `undefined`)
+ if ( !is(element[eventName], 'undefined') ) {
+ element[eventName] = undefined;
+ }
+ element.removeAttribute(eventName);
+ }
+ }
+
+ element = null;
+ return isSupported;
+ }
+ return isEventSupported;
+ })(),
+ /*>>hasevent*/
+
+ // TODO :: Add flag for hasownprop ? didn't last time
+
+ // hasOwnProperty shim by kangax needed for Safari 2.0 support
+ _hasOwnProperty = ({}).hasOwnProperty, hasOwnProp;
+
+ if ( !is(_hasOwnProperty, 'undefined') && !is(_hasOwnProperty.call, 'undefined') ) {
+ hasOwnProp = function (object, property) {
+ return _hasOwnProperty.call(object, property);
+ };
+ }
+ else {
+ hasOwnProp = function (object, property) { /* yes, this can give false positives/negatives, but most of the time we don't care about those */
+ return ((property in object) && is(object.constructor.prototype[property], 'undefined'));
+ };
+ }
+
+ // Adapted from ES5-shim https://github.com/kriskowal/es5-shim/blob/master/es5-shim.js
+ // es5.github.com/#x15.3.4.5
+
+ if (!Function.prototype.bind) {
+ Function.prototype.bind = function bind(that) {
+
+ var target = this;
+
+ if (typeof target != "function") {
+ throw new TypeError();
+ }
+
+ var args = slice.call(arguments, 1),
+ bound = function () {
+
+ if (this instanceof bound) {
+
+ var F = function(){};
+ F.prototype = target.prototype;
+ var self = new F();
+
+ var result = target.apply(
+ self,
+ args.concat(slice.call(arguments))
+ );
+ if (Object(result) === result) {
+ return result;
+ }
+ return self;
+
+ } else {
+
+ return target.apply(
+ that,
+ args.concat(slice.call(arguments))
+ );
+
+ }
+
+ };
+
+ return bound;
+ };
+ }
+
+ /**
+ * setCss applies given styles to the Modernizr DOM node.
+ */
+ function setCss( str ) {
+ mStyle.cssText = str;
+ }
+
+ /**
+ * setCssAll extrapolates all vendor-specific css strings.
+ */
+ function setCssAll( str1, str2 ) {
+ return setCss(prefixes.join(str1 + ';') + ( str2 || '' ));
+ }
+
+ /**
+ * is returns a boolean for if typeof obj is exactly type.
+ */
+ function is( obj, type ) {
+ return typeof obj === type;
+ }
+
+ /**
+ * contains returns a boolean for if substr is found within str.
+ */
+ function contains( str, substr ) {
+ return !!~('' + str).indexOf(substr);
+ }
+
+ /*>>testprop*/
+
+ // testProps is a generic CSS / DOM property test.
+
+ // In testing support for a given CSS property, it's legit to test:
+ // `elem.style[styleName] !== undefined`
+ // If the property is supported it will return an empty string,
+ // if unsupported it will return undefined.
+
+ // We'll take advantage of this quick test and skip setting a style
+ // on our modernizr element, but instead just testing undefined vs
+ // empty string.
+
+ // Because the testing of the CSS property names (with "-", as
+ // opposed to the camelCase DOM properties) is non-portable and
+ // non-standard but works in WebKit and IE (but not Gecko or Opera),
+ // we explicitly reject properties with dashes so that authors
+ // developing in WebKit or IE first don't end up with
+ // browser-specific content by accident.
+
+ function testProps( props, prefixed ) {
+ for ( var i in props ) {
+ var prop = props[i];
+ if ( !contains(prop, "-") && mStyle[prop] !== undefined ) {
+ return prefixed == 'pfx' ? prop : true;
+ }
+ }
+ return false;
+ }
+ /*>>testprop*/
+
+ // TODO :: add testDOMProps
+ /**
+ * testDOMProps is a generic DOM property test; if a browser supports
+ * a certain property, it won't return undefined for it.
+ */
+ function testDOMProps( props, obj, elem ) {
+ for ( var i in props ) {
+ var item = obj[props[i]];
+ if ( item !== undefined) {
+
+ // return the property name as a string
+ if (elem === false) return props[i];
+
+ // let's bind a function
+ if (is(item, 'function')){
+ // default to autobind unless override
+ return item.bind(elem || obj);
+ }
+
+ // return the unbound function or obj or value
+ return item;
+ }
+ }
+ return false;
+ }
+
+ /*>>testallprops*/
+ /**
+ * testPropsAll tests a list of DOM properties we want to check against.
+ * We specify literally ALL possible (known and/or likely) properties on
+ * the element including the non-vendor prefixed one, for forward-
+ * compatibility.
+ */
+ function testPropsAll( prop, prefixed, elem ) {
+
+ var ucProp = prop.charAt(0).toUpperCase() + prop.slice(1),
+ props = (prop + ' ' + cssomPrefixes.join(ucProp + ' ') + ucProp).split(' ');
+
+ // did they call .prefixed('boxSizing') or are we just testing a prop?
+ if(is(prefixed, "string") || is(prefixed, "undefined")) {
+ return testProps(props, prefixed);
+
+ // otherwise, they called .prefixed('requestAnimationFrame', window[, elem])
+ } else {
+ props = (prop + ' ' + (domPrefixes).join(ucProp + ' ') + ucProp).split(' ');
+ return testDOMProps(props, prefixed, elem);
+ }
+ }
+ /*>>testallprops*/
+
+
+ /**
+ * Tests
+ * -----
+ */
+
+ // The *new* flexbox
+ // dev.w3.org/csswg/css3-flexbox
+
+ tests['flexbox'] = function() {
+ return testPropsAll('flexWrap');
+ };
+
+ // The *old* flexbox
+ // www.w3.org/TR/2009/WD-css3-flexbox-20090723/
+
+ tests['flexboxlegacy'] = function() {
+ return testPropsAll('boxDirection');
+ };
+
+ // On the S60 and BB Storm, getContext exists, but always returns undefined
+ // so we actually have to call getContext() to verify
+ // github.com/Modernizr/Modernizr/issues/issue/97/
+
+ tests['canvas'] = function() {
+ var elem = document.createElement('canvas');
+ return !!(elem.getContext && elem.getContext('2d'));
+ };
+
+ tests['canvastext'] = function() {
+ return !!(Modernizr['canvas'] && is(document.createElement('canvas').getContext('2d').fillText, 'function'));
+ };
+
+ // webk.it/70117 is tracking a legit WebGL feature detect proposal
+
+ // We do a soft detect which may false positive in order to avoid
+ // an expensive context creation: bugzil.la/732441
+
+ tests['webgl'] = function() {
+ return !!window.WebGLRenderingContext;
+ };
+
+ /*
+ * The Modernizr.touch test only indicates if the browser supports
+ * touch events, which does not necessarily reflect a touchscreen
+ * device, as evidenced by tablets running Windows 7 or, alas,
+ * the Palm Pre / WebOS (touch) phones.
+ *
+ * Additionally, Chrome (desktop) used to lie about its support on this,
+ * but that has since been rectified: crbug.com/36415
+ *
+ * We also test for Firefox 4 Multitouch Support.
+ *
+ * For more info, see: modernizr.github.com/Modernizr/touch.html
+ */
+
+ tests['touch'] = function() {
+ var bool;
+
+ if(('ontouchstart' in window) || window.DocumentTouch && document instanceof DocumentTouch) {
+ bool = true;
+ } else {
+ injectElementWithStyles(['@media (',prefixes.join('touch-enabled),('),mod,')','{#modernizr{top:9px;position:absolute}}'].join(''), function( node ) {
+ bool = node.offsetTop === 9;
+ });
+ }
+
+ return bool;
+ };
+
+
+ // geolocation is often considered a trivial feature detect...
+ // Turns out, it's quite tricky to get right:
+ //
+ // Using !!navigator.geolocation does two things we don't want. It:
+ // 1. Leaks memory in IE9: github.com/Modernizr/Modernizr/issues/513
+ // 2. Disables page caching in WebKit: webk.it/43956
+ //
+ // Meanwhile, in Firefox < 8, an about:config setting could expose
+ // a false positive that would throw an exception: bugzil.la/688158
+
+ tests['geolocation'] = function() {
+ return 'geolocation' in navigator;
+ };
+
+
+ tests['postmessage'] = function() {
+ return !!window.postMessage;
+ };
+
+
+ // Chrome incognito mode used to throw an exception when using openDatabase
+ // It doesn't anymore.
+ tests['websqldatabase'] = function() {
+ return !!window.openDatabase;
+ };
+
+ // Vendors had inconsistent prefixing with the experimental Indexed DB:
+ // - Webkit's implementation is accessible through webkitIndexedDB
+ // - Firefox shipped moz_indexedDB before FF4b9, but since then has been mozIndexedDB
+ // For speed, we don't test the legacy (and beta-only) indexedDB
+ tests['indexedDB'] = function() {
+ return !!testPropsAll("indexedDB", window);
+ };
+
+ // documentMode logic from YUI to filter out IE8 Compat Mode
+ // which false positives.
+ tests['hashchange'] = function() {
+ return isEventSupported('hashchange', window) && (document.documentMode === undefined || document.documentMode > 7);
+ };
+
+ // Per 1.6:
+ // This used to be Modernizr.historymanagement but the longer
+ // name has been deprecated in favor of a shorter and property-matching one.
+ // The old API is still available in 1.6, but as of 2.0 will throw a warning,
+ // and in the first release thereafter disappear entirely.
+ tests['history'] = function() {
+ return !!(window.history && history.pushState);
+ };
+
+ tests['draganddrop'] = function() {
+ var div = document.createElement('div');
+ return ('draggable' in div) || ('ondragstart' in div && 'ondrop' in div);
+ };
+
+ // FF3.6 was EOL'ed on 4/24/12, but the ESR version of FF10
+ // will be supported until FF19 (2/12/13), at which time, ESR becomes FF17.
+ // FF10 still uses prefixes, so check for it until then.
+ // for more ESR info, see: mozilla.org/en-US/firefox/organizations/faq/
+ tests['websockets'] = function() {
+ return 'WebSocket' in window || 'MozWebSocket' in window;
+ };
+
+
+ // css-tricks.com/rgba-browser-support/
+ tests['rgba'] = function() {
+ // Set an rgba() color and check the returned value
+
+ setCss('background-color:rgba(150,255,150,.5)');
+
+ return contains(mStyle.backgroundColor, 'rgba');
+ };
+
+ tests['hsla'] = function() {
+ // Same as rgba(), in fact, browsers re-map hsla() to rgba() internally,
+ // except IE9 who retains it as hsla
+
+ setCss('background-color:hsla(120,40%,100%,.5)');
+
+ return contains(mStyle.backgroundColor, 'rgba') || contains(mStyle.backgroundColor, 'hsla');
+ };
+
+ tests['multiplebgs'] = function() {
+ // Setting multiple images AND a color on the background shorthand property
+ // and then querying the style.background property value for the number of
+ // occurrences of "url(" is a reliable method for detecting ACTUAL support for this!
+
+ setCss('background:url(https://),url(https://),red url(https://)');
+
+ // If the UA supports multiple backgrounds, there should be three occurrences
+ // of the string "url(" in the return value for elemStyle.background
+
+ return (/(url\s*\(.*?){3}/).test(mStyle.background);
+ };
+
+
+
+ // this will false positive in Opera Mini
+ // github.com/Modernizr/Modernizr/issues/396
+
+ tests['backgroundsize'] = function() {
+ return testPropsAll('backgroundSize');
+ };
+
+ tests['borderimage'] = function() {
+ return testPropsAll('borderImage');
+ };
+
+
+ // Super comprehensive table about all the unique implementations of
+ // border-radius: muddledramblings.com/table-of-css3-border-radius-compliance
+
+ tests['borderradius'] = function() {
+ return testPropsAll('borderRadius');
+ };
+
+ // WebOS unfortunately false positives on this test.
+ tests['boxshadow'] = function() {
+ return testPropsAll('boxShadow');
+ };
+
+ // FF3.0 will false positive on this test
+ tests['textshadow'] = function() {
+ return document.createElement('div').style.textShadow === '';
+ };
+
+
+ tests['opacity'] = function() {
+ // Browsers that actually have CSS Opacity implemented have done so
+ // according to spec, which means their return values are within the
+ // range of [0.0,1.0] - including the leading zero.
+
+ setCssAll('opacity:.55');
+
+ // The non-literal . in this regex is intentional:
+ // German Chrome returns this value as 0,55
+ // github.com/Modernizr/Modernizr/issues/#issue/59/comment/516632
+ return (/^0.55$/).test(mStyle.opacity);
+ };
+
+
+ // Note, Android < 4 will pass this test, but can only animate
+ // a single property at a time
+ // daneden.me/2011/12/putting-up-with-androids-bullshit/
+ tests['cssanimations'] = function() {
+ return testPropsAll('animationName');
+ };
+
+
+ tests['csscolumns'] = function() {
+ return testPropsAll('columnCount');
+ };
+
+
+ tests['cssgradients'] = function() {
+ /**
+ * For CSS Gradients syntax, please see:
+ * webkit.org/blog/175/introducing-css-gradients/
+ * developer.mozilla.org/en/CSS/-moz-linear-gradient
+ * developer.mozilla.org/en/CSS/-moz-radial-gradient
+ * dev.w3.org/csswg/css3-images/#gradients-
+ */
+
+ var str1 = 'background-image:',
+ str2 = 'gradient(linear,left top,right bottom,from(#9f9),to(white));',
+ str3 = 'linear-gradient(left top,#9f9, white);';
+
+ setCss(
+ // legacy webkit syntax (FIXME: remove when syntax not in use anymore)
+ (str1 + '-webkit- '.split(' ').join(str2 + str1) +
+ // standard syntax // trailing 'background-image:'
+ prefixes.join(str3 + str1)).slice(0, -str1.length)
+ );
+
+ return contains(mStyle.backgroundImage, 'gradient');
+ };
+
+
+ tests['cssreflections'] = function() {
+ return testPropsAll('boxReflect');
+ };
+
+
+ tests['csstransforms'] = function() {
+ return !!testPropsAll('transform');
+ };
+
+
+ tests['csstransforms3d'] = function() {
+
+ var ret = !!testPropsAll('perspective');
+
+ // Webkit's 3D transforms are passed off to the browser's own graphics renderer.
+ // It works fine in Safari on Leopard and Snow Leopard, but not in Chrome in
+ // some conditions. As a result, Webkit typically recognizes the syntax but
+ // will sometimes throw a false positive, thus we must do a more thorough check:
+ if ( ret && 'webkitPerspective' in docElement.style ) {
+
+ // Webkit allows this media query to succeed only if the feature is enabled.
+ // `@media (transform-3d),(-webkit-transform-3d){ ... }`
+ injectElementWithStyles('@media (transform-3d),(-webkit-transform-3d){#modernizr{left:9px;position:absolute;height:3px;}}', function( node, rule ) {
+ ret = node.offsetLeft === 9 && node.offsetHeight === 3;
+ });
+ }
+ return ret;
+ };
+
+
+ tests['csstransitions'] = function() {
+ return testPropsAll('transition');
+ };
+
+
+ /*>>fontface*/
+ // @font-face detection routine by Diego Perini
+ // javascript.nwbox.com/CSSSupport/
+
+ // false positives:
+ // WebOS github.com/Modernizr/Modernizr/issues/342
+ // WP7 github.com/Modernizr/Modernizr/issues/538
+ tests['fontface'] = function() {
+ var bool;
+
+ injectElementWithStyles('@font-face {font-family:"font";src:url("https://")}', function( node, rule ) {
+ var style = document.getElementById('smodernizr'),
+ sheet = style.sheet || style.styleSheet,
+ cssText = sheet ? (sheet.cssRules && sheet.cssRules[0] ? sheet.cssRules[0].cssText : sheet.cssText || '') : '';
+
+ bool = /src/i.test(cssText) && cssText.indexOf(rule.split(' ')[0]) === 0;
+ });
+
+ return bool;
+ };
+ /*>>fontface*/
+
+ // CSS generated content detection
+ tests['generatedcontent'] = function() {
+ var bool;
+
+ injectElementWithStyles(['#',mod,'{font:0/0 a}#',mod,':after{content:"',smile,'";visibility:hidden;font:3px/1 a}'].join(''), function( node ) {
+ bool = node.offsetHeight >= 3;
+ });
+
+ return bool;
+ };
+
+
+
+ // These tests evaluate support of the video/audio elements, as well as
+ // testing what types of content they support.
+ //
+ // We're using the Boolean constructor here, so that we can extend the value
+ // e.g. Modernizr.video // true
+ // Modernizr.video.ogg // 'probably'
+ //
+ // Codec values from : github.com/NielsLeenheer/html5test/blob/9106a8/index.html#L845
+ // thx to NielsLeenheer and zcorpan
+
+ // Note: in some older browsers, "no" was a return value instead of empty string.
+ // It was live in FF3.5.0 and 3.5.1, but fixed in 3.5.2
+ // It was also live in Safari 4.0.0 - 4.0.4, but fixed in 4.0.5
+
+ tests['video'] = function() {
+ var elem = document.createElement('video'),
+ bool = false;
+
+ // IE9 Running on Windows Server SKU can cause an exception to be thrown, bug #224
+ try {
+ if ( bool = !!elem.canPlayType ) {
+ bool = new Boolean(bool);
+ bool.ogg = elem.canPlayType('video/ogg; codecs="theora"') .replace(/^no$/,'');
+
+ // Without QuickTime, this value will be `undefined`. github.com/Modernizr/Modernizr/issues/546
+ bool.h264 = elem.canPlayType('video/mp4; codecs="avc1.42E01E"') .replace(/^no$/,'');
+
+ bool.webm = elem.canPlayType('video/webm; codecs="vp8, vorbis"').replace(/^no$/,'');
+ }
+
+ } catch(e) { }
+
+ return bool;
+ };
+
+ tests['audio'] = function() {
+ var elem = document.createElement('audio'),
+ bool = false;
+
+ try {
+ if ( bool = !!elem.canPlayType ) {
+ bool = new Boolean(bool);
+ bool.ogg = elem.canPlayType('audio/ogg; codecs="vorbis"').replace(/^no$/,'');
+ bool.mp3 = elem.canPlayType('audio/mpeg;') .replace(/^no$/,'');
+
+ // Mimetypes accepted:
+ // developer.mozilla.org/En/Media_formats_supported_by_the_audio_and_video_elements
+ // bit.ly/iphoneoscodecs
+ bool.wav = elem.canPlayType('audio/wav; codecs="1"') .replace(/^no$/,'');
+ bool.m4a = ( elem.canPlayType('audio/x-m4a;') ||
+ elem.canPlayType('audio/aac;')) .replace(/^no$/,'');
+ }
+ } catch(e) { }
+
+ return bool;
+ };
+
+
+ // In FF4, if disabled, window.localStorage should === null.
+
+ // Normally, we could not test that directly and need to do a
+ // `('localStorage' in window) && ` test first because otherwise Firefox will
+ // throw bugzil.la/365772 if cookies are disabled
+
+ // Also in iOS5 Private Browsing mode, attempting to use localStorage.setItem
+ // will throw the exception:
+ // QUOTA_EXCEEDED_ERRROR DOM Exception 22.
+ // Peculiarly, getItem and removeItem calls do not throw.
+
+ // Because we are forced to try/catch this, we'll go aggressive.
+
+ // Just FWIW: IE8 Compat mode supports these features completely:
+ // www.quirksmode.org/dom/html5.html
+ // But IE8 doesn't support either with local files
+
+ tests['localstorage'] = function() {
+ try {
+ localStorage.setItem(mod, mod);
+ localStorage.removeItem(mod);
+ return true;
+ } catch(e) {
+ return false;
+ }
+ };
+
+ tests['sessionstorage'] = function() {
+ try {
+ sessionStorage.setItem(mod, mod);
+ sessionStorage.removeItem(mod);
+ return true;
+ } catch(e) {
+ return false;
+ }
+ };
+
+
+ tests['webworkers'] = function() {
+ return !!window.Worker;
+ };
+
+
+ tests['applicationcache'] = function() {
+ return !!window.applicationCache;
+ };
+
+
+ // Thanks to Erik Dahlstrom
+ tests['svg'] = function() {
+ return !!document.createElementNS && !!document.createElementNS(ns.svg, 'svg').createSVGRect;
+ };
+
+ // specifically for SVG inline in HTML, not within XHTML
+ // test page: paulirish.com/demo/inline-svg
+ tests['inlinesvg'] = function() {
+ var div = document.createElement('div');
+ div.innerHTML = '';
+ return (div.firstChild && div.firstChild.namespaceURI) == ns.svg;
+ };
+
+ // SVG SMIL animation
+ tests['smil'] = function() {
+ return !!document.createElementNS && /SVGAnimate/.test(toString.call(document.createElementNS(ns.svg, 'animate')));
+ };
+
+ // This test is only for clip paths in SVG proper, not clip paths on HTML content
+ // demo: srufaculty.sru.edu/david.dailey/svg/newstuff/clipPath4.svg
+
+ // However read the comments to dig into applying SVG clippaths to HTML content here:
+ // github.com/Modernizr/Modernizr/issues/213#issuecomment-1149491
+ tests['svgclippaths'] = function() {
+ return !!document.createElementNS && /SVGClipPath/.test(toString.call(document.createElementNS(ns.svg, 'clipPath')));
+ };
+
+ /*>>webforms*/
+ // input features and input types go directly onto the ret object, bypassing the tests loop.
+ // Hold this guy to execute in a moment.
+ function webforms() {
+ /*>>input*/
+ // Run through HTML5's new input attributes to see if the UA understands any.
+ // We're using f which is the element created early on
+ // Mike Taylr has created a comprehensive resource for testing these attributes
+ // when applied to all input types:
+ // miketaylr.com/code/input-type-attr.html
+ // spec: www.whatwg.org/specs/web-apps/current-work/multipage/the-input-element.html#input-type-attr-summary
+
+ // Only input placeholder is tested while textarea's placeholder is not.
+ // Currently Safari 4 and Opera 11 have support only for the input placeholder
+ // Both tests are available in feature-detects/forms-placeholder.js
+ Modernizr['input'] = (function( props ) {
+ for ( var i = 0, len = props.length; i < len; i++ ) {
+ attrs[ props[i] ] = !!(props[i] in inputElem);
+ }
+ if (attrs.list){
+ // safari false positive's on datalist: webk.it/74252
+ // see also github.com/Modernizr/Modernizr/issues/146
+ attrs.list = !!(document.createElement('datalist') && window.HTMLDataListElement);
+ }
+ return attrs;
+ })('autocomplete autofocus list placeholder max min multiple pattern required step'.split(' '));
+ /*>>input*/
+
+ /*>>inputtypes*/
+ // Run through HTML5's new input types to see if the UA understands any.
+ // This is put behind the tests runloop because it doesn't return a
+ // true/false like all the other tests; instead, it returns an object
+ // containing each input type with its corresponding true/false value
+
+ // Big thanks to @miketaylr for the html5 forms expertise. miketaylr.com/
+ Modernizr['inputtypes'] = (function(props) {
+
+ for ( var i = 0, bool, inputElemType, defaultView, len = props.length; i < len; i++ ) {
+
+ inputElem.setAttribute('type', inputElemType = props[i]);
+ bool = inputElem.type !== 'text';
+
+ // We first check to see if the type we give it sticks..
+ // If the type does, we feed it a textual value, which shouldn't be valid.
+ // If the value doesn't stick, we know there's input sanitization which infers a custom UI
+ if ( bool ) {
+
+ inputElem.value = smile;
+ inputElem.style.cssText = 'position:absolute;visibility:hidden;';
+
+ if ( /^range$/.test(inputElemType) && inputElem.style.WebkitAppearance !== undefined ) {
+
+ docElement.appendChild(inputElem);
+ defaultView = document.defaultView;
+
+ // Safari 2-4 allows the smiley as a value, despite making a slider
+ bool = defaultView.getComputedStyle &&
+ defaultView.getComputedStyle(inputElem, null).WebkitAppearance !== 'textfield' &&
+ // Mobile android web browser has false positive, so must
+ // check the height to see if the widget is actually there.
+ (inputElem.offsetHeight !== 0);
+
+ docElement.removeChild(inputElem);
+
+ } else if ( /^(search|tel)$/.test(inputElemType) ){
+ // Spec doesn't define any special parsing or detectable UI
+ // behaviors so we pass these through as true
+
+ // Interestingly, opera fails the earlier test, so it doesn't
+ // even make it here.
+
+ } else if ( /^(url|email)$/.test(inputElemType) ) {
+ // Real url and email support comes with prebaked validation.
+ bool = inputElem.checkValidity && inputElem.checkValidity() === false;
+
+ } else {
+ // If the upgraded input compontent rejects the :) text, we got a winner
+ bool = inputElem.value != smile;
+ }
+ }
+
+ inputs[ props[i] ] = !!bool;
+ }
+ return inputs;
+ })('search tel url email datetime date month week time datetime-local number range color'.split(' '));
+ /*>>inputtypes*/
+ }
+ /*>>webforms*/
+
+
+ // End of test definitions
+ // -----------------------
+
+
+
+ // Run through all tests and detect their support in the current UA.
+ // todo: hypothetically we could be doing an array of tests and use a basic loop here.
+ for ( var feature in tests ) {
+ if ( hasOwnProp(tests, feature) ) {
+ // run the test, throw the return value into the Modernizr,
+ // then based on that boolean, define an appropriate className
+ // and push it into an array of classes we'll join later.
+ featureName = feature.toLowerCase();
+ Modernizr[featureName] = tests[feature]();
+
+ classes.push((Modernizr[featureName] ? '' : 'no-') + featureName);
+ }
+ }
+
+ /*>>webforms*/
+ // input tests need to run.
+ Modernizr.input || webforms();
+ /*>>webforms*/
+
+
+ /**
+ * addTest allows the user to define their own feature tests
+ * the result will be added onto the Modernizr object,
+ * as well as an appropriate className set on the html element
+ *
+ * @param feature - String naming the feature
+ * @param test - Function returning true if feature is supported, false if not
+ */
+ Modernizr.addTest = function ( feature, test ) {
+ if ( typeof feature == 'object' ) {
+ for ( var key in feature ) {
+ if ( hasOwnProp( feature, key ) ) {
+ Modernizr.addTest( key, feature[ key ] );
+ }
+ }
+ } else {
+
+ feature = feature.toLowerCase();
+
+ if ( Modernizr[feature] !== undefined ) {
+ // we're going to quit if you're trying to overwrite an existing test
+ // if we were to allow it, we'd do this:
+ // var re = new RegExp("\\b(no-)?" + feature + "\\b");
+ // docElement.className = docElement.className.replace( re, '' );
+ // but, no rly, stuff 'em.
+ return Modernizr;
+ }
+
+ test = typeof test == 'function' ? test() : test;
+
+ if (typeof enableClasses !== "undefined" && enableClasses) {
+ docElement.className += ' ' + (test ? '' : 'no-') + feature;
+ }
+ Modernizr[feature] = test;
+
+ }
+
+ return Modernizr; // allow chaining.
+ };
+
+
+ // Reset modElem.cssText to nothing to reduce memory footprint.
+ setCss('');
+ modElem = inputElem = null;
+
+ /*>>shiv*/
+ /*! HTML5 Shiv v3.6.1 | @afarkas @jdalton @jon_neal @rem | MIT/GPL2 Licensed */
+ ;(function(window, document) {
+ /*jshint evil:true */
+ /** Preset options */
+ var options = window.html5 || {};
+
+ /** Used to skip problem elements */
+ var reSkip = /^<|^(?:button|map|select|textarea|object|iframe|option|optgroup)$/i;
+
+ /** Not all elements can be cloned in IE **/
+ var saveClones = /^(?:a|b|code|div|fieldset|h1|h2|h3|h4|h5|h6|i|label|li|ol|p|q|span|strong|style|table|tbody|td|th|tr|ul)$/i;
+
+ /** Detect whether the browser supports default html5 styles */
+ var supportsHtml5Styles;
+
+ /** Name of the expando, to work with multiple documents or to re-shiv one document */
+ var expando = '_html5shiv';
+
+ /** The id for the the documents expando */
+ var expanID = 0;
+
+ /** Cached data for each document */
+ var expandoData = {};
+
+ /** Detect whether the browser supports unknown elements */
+ var supportsUnknownElements;
+
+ (function() {
+ try {
+ var a = document.createElement('a');
+ a.innerHTML = '';
+ //if the hidden property is implemented we can assume, that the browser supports basic HTML5 Styles
+ supportsHtml5Styles = ('hidden' in a);
+
+ supportsUnknownElements = a.childNodes.length == 1 || (function() {
+ // assign a false positive if unable to shiv
+ (document.createElement)('a');
+ var frag = document.createDocumentFragment();
+ return (
+ typeof frag.cloneNode == 'undefined' ||
+ typeof frag.createDocumentFragment == 'undefined' ||
+ typeof frag.createElement == 'undefined'
+ );
+ }());
+ } catch(e) {
+ supportsHtml5Styles = true;
+ supportsUnknownElements = true;
+ }
+
+ }());
+
+ /*--------------------------------------------------------------------------*/
+
+ /**
+ * Creates a style sheet with the given CSS text and adds it to the document.
+ * @private
+ * @param {Document} ownerDocument The document.
+ * @param {String} cssText The CSS text.
+ * @returns {StyleSheet} The style element.
+ */
+ function addStyleSheet(ownerDocument, cssText) {
+ var p = ownerDocument.createElement('p'),
+ parent = ownerDocument.getElementsByTagName('head')[0] || ownerDocument.documentElement;
+
+ p.innerHTML = 'x';
+ return parent.insertBefore(p.lastChild, parent.firstChild);
+ }
+
+ /**
+ * Returns the value of `html5.elements` as an array.
+ * @private
+ * @returns {Array} An array of shived element node names.
+ */
+ function getElements() {
+ var elements = html5.elements;
+ return typeof elements == 'string' ? elements.split(' ') : elements;
+ }
+
+ /**
+ * Returns the data associated to the given document
+ * @private
+ * @param {Document} ownerDocument The document.
+ * @returns {Object} An object of data.
+ */
+ function getExpandoData(ownerDocument) {
+ var data = expandoData[ownerDocument[expando]];
+ if (!data) {
+ data = {};
+ expanID++;
+ ownerDocument[expando] = expanID;
+ expandoData[expanID] = data;
+ }
+ return data;
+ }
+
+ /**
+ * returns a shived element for the given nodeName and document
+ * @memberOf html5
+ * @param {String} nodeName name of the element
+ * @param {Document} ownerDocument The context document.
+ * @returns {Object} The shived element.
+ */
+ function createElement(nodeName, ownerDocument, data){
+ if (!ownerDocument) {
+ ownerDocument = document;
+ }
+ if(supportsUnknownElements){
+ return ownerDocument.createElement(nodeName);
+ }
+ if (!data) {
+ data = getExpandoData(ownerDocument);
+ }
+ var node;
+
+ if (data.cache[nodeName]) {
+ node = data.cache[nodeName].cloneNode();
+ } else if (saveClones.test(nodeName)) {
+ node = (data.cache[nodeName] = data.createElem(nodeName)).cloneNode();
+ } else {
+ node = data.createElem(nodeName);
+ }
+
+ // Avoid adding some elements to fragments in IE < 9 because
+ // * Attributes like `name` or `type` cannot be set/changed once an element
+ // is inserted into a document/fragment
+ // * Link elements with `src` attributes that are inaccessible, as with
+ // a 403 response, will cause the tab/window to crash
+ // * Script elements appended to fragments will execute when their `src`
+ // or `text` property is set
+ return node.canHaveChildren && !reSkip.test(nodeName) ? data.frag.appendChild(node) : node;
+ }
+
+ /**
+ * returns a shived DocumentFragment for the given document
+ * @memberOf html5
+ * @param {Document} ownerDocument The context document.
+ * @returns {Object} The shived DocumentFragment.
+ */
+ function createDocumentFragment(ownerDocument, data){
+ if (!ownerDocument) {
+ ownerDocument = document;
+ }
+ if(supportsUnknownElements){
+ return ownerDocument.createDocumentFragment();
+ }
+ data = data || getExpandoData(ownerDocument);
+ var clone = data.frag.cloneNode(),
+ i = 0,
+ elems = getElements(),
+ l = elems.length;
+ for(;i>shiv*/
+
+ // Assign private properties to the return object with prefix
+ Modernizr._version = version;
+
+ // expose these for the plugin API. Look in the source for how to join() them against your input
+ /*>>prefixes*/
+ Modernizr._prefixes = prefixes;
+ /*>>prefixes*/
+ /*>>domprefixes*/
+ Modernizr._domPrefixes = domPrefixes;
+ Modernizr._cssomPrefixes = cssomPrefixes;
+ /*>>domprefixes*/
+
+ /*>>mq*/
+ // Modernizr.mq tests a given media query, live against the current state of the window
+ // A few important notes:
+ // * If a browser does not support media queries at all (eg. oldIE) the mq() will always return false
+ // * A max-width or orientation query will be evaluated against the current state, which may change later.
+ // * You must specify values. Eg. If you are testing support for the min-width media query use:
+ // Modernizr.mq('(min-width:0)')
+ // usage:
+ // Modernizr.mq('only screen and (max-width:768)')
+ Modernizr.mq = testMediaQuery;
+ /*>>mq*/
+
+ /*>>hasevent*/
+ // Modernizr.hasEvent() detects support for a given event, with an optional element to test on
+ // Modernizr.hasEvent('gesturestart', elem)
+ Modernizr.hasEvent = isEventSupported;
+ /*>>hasevent*/
+
+ /*>>testprop*/
+ // Modernizr.testProp() investigates whether a given style property is recognized
+ // Note that the property names must be provided in the camelCase variant.
+ // Modernizr.testProp('pointerEvents')
+ Modernizr.testProp = function(prop){
+ return testProps([prop]);
+ };
+ /*>>testprop*/
+
+ /*>>testallprops*/
+ // Modernizr.testAllProps() investigates whether a given style property,
+ // or any of its vendor-prefixed variants, is recognized
+ // Note that the property names must be provided in the camelCase variant.
+ // Modernizr.testAllProps('boxSizing')
+ Modernizr.testAllProps = testPropsAll;
+ /*>>testallprops*/
+
+
+ /*>>teststyles*/
+ // Modernizr.testStyles() allows you to add custom styles to the document and test an element afterwards
+ // Modernizr.testStyles('#modernizr { position:absolute }', function(elem, rule){ ... })
+ Modernizr.testStyles = injectElementWithStyles;
+ /*>>teststyles*/
+
+
+ /*>>prefixed*/
+ // Modernizr.prefixed() returns the prefixed or nonprefixed property name variant of your input
+ // Modernizr.prefixed('boxSizing') // 'MozBoxSizing'
+
+ // Properties must be passed as dom-style camelcase, rather than `box-sizing` hypentated style.
+ // Return values will also be the camelCase variant, if you need to translate that to hypenated style use:
+ //
+ // str.replace(/([A-Z])/g, function(str,m1){ return '-' + m1.toLowerCase(); }).replace(/^ms-/,'-ms-');
+
+ // If you're trying to ascertain which transition end event to bind to, you might do something like...
+ //
+ // var transEndEventNames = {
+ // 'WebkitTransition' : 'webkitTransitionEnd',
+ // 'MozTransition' : 'transitionend',
+ // 'OTransition' : 'oTransitionEnd',
+ // 'msTransition' : 'MSTransitionEnd',
+ // 'transition' : 'transitionend'
+ // },
+ // transEndEventName = transEndEventNames[ Modernizr.prefixed('transition') ];
+
+ Modernizr.prefixed = function(prop, obj, elem){
+ if(!obj) {
+ return testPropsAll(prop, 'pfx');
+ } else {
+ // Testing DOM property e.g. Modernizr.prefixed('requestAnimationFrame', window) // 'mozRequestAnimationFrame'
+ return testPropsAll(prop, obj, elem);
+ }
+ };
+ /*>>prefixed*/
+
+
+ /*>>cssclasses*/
+ // Remove "no-js" class from element, if it exists:
+ docElement.className = docElement.className.replace(/(^|\s)no-js(\s|$)/, '$1$2') +
+
+ // Add the new classes to the element.
+ (enableClasses ? ' js ' + classes.join(' ') : '');
+ /*>>cssclasses*/
+
+ return Modernizr;
+
+})(this, this.document);
diff --git a/PROJ-ETS/packages/Modernizr.2.6.2/Modernizr.2.6.2.nupkg b/PROJ-ETS/packages/Modernizr.2.6.2/Modernizr.2.6.2.nupkg
new file mode 100644
index 0000000..df20288
Binary files /dev/null and b/PROJ-ETS/packages/Modernizr.2.6.2/Modernizr.2.6.2.nupkg differ
diff --git a/PROJ-ETS/packages/Modernizr.2.6.2/Modernizr.2.6.2.nuspec b/PROJ-ETS/packages/Modernizr.2.6.2/Modernizr.2.6.2.nuspec
new file mode 100644
index 0000000..88039ac
--- /dev/null
+++ b/PROJ-ETS/packages/Modernizr.2.6.2/Modernizr.2.6.2.nuspec
@@ -0,0 +1,22 @@
+
+
+
+ Modernizr
+ 2.6.2
+ Modernizr
+ Faruk Ateş, Paul Irish, Alex Sexton
+ Faruk Ateş, Paul Irish, Alex Sexton
+ http://www.modernizr.com/license/
+ http://www.modernizr.com/
+ http://www.modernizr.com/i/logo.png
+ false
+ Modernizr adds classes to the <html> element which allow you to target specific browser functionality in your stylesheet. You don't actually need to write any Javascript to use it.
+ Modernizr is a small and simple JavaScript library that helps you take advantage of emerging web technologies (CSS3, HTML5) while still maintaining a fine level of control over older browsers that may not yet support these new technologies.
+ NOTE: This package is maintained on behalf of the library owners by the NuGet Community Packages project at http://nugetpackages.codeplex.com/
+ Modernizr is a small and simple JavaScript library that helps you take advantage of emerging web technologies (CSS3, HTML 5) while still maintaining a fine level of control over older browsers that may not yet support these new technologies.
+
+
+ en-US
+ JavaScript HTML HTML5 CSS CSS3 SVG
+
+
\ No newline at end of file
diff --git a/PROJ-ETS/packages/Modernizr.2.6.2/Tools/common.ps1 b/PROJ-ETS/packages/Modernizr.2.6.2/Tools/common.ps1
new file mode 100644
index 0000000..b061c65
--- /dev/null
+++ b/PROJ-ETS/packages/Modernizr.2.6.2/Tools/common.ps1
@@ -0,0 +1,75 @@
+function AddOrUpdate-Reference($scriptsFolderProjectItem, $fileNamePattern, $newFileName) {
+ try {
+ $referencesFileProjectItem = $scriptsFolderProjectItem.ProjectItems.Item("_references.js")
+ }
+ catch {
+ # _references.js file not found
+ return
+ }
+
+ if ($referencesFileProjectItem -eq $null) {
+ # _references.js file not found
+ return
+ }
+
+ $referencesFilePath = $referencesFileProjectItem.FileNames(1)
+ $referencesTempFilePath = Join-Path $env:TEMP "_references.tmp.js"
+
+ if ((Select-String $referencesFilePath -pattern $fileNamePattern).Length -eq 0) {
+ # File has no existing matching reference line
+ # Add the full reference line to the beginning of the file
+ "/// " | Add-Content $referencesTempFilePath -Encoding UTF8
+ Get-Content $referencesFilePath | Add-Content $referencesTempFilePath
+ }
+ else {
+ # Loop through file and replace old file name with new file name
+ Get-Content $referencesFilePath | ForEach-Object { $_ -replace $fileNamePattern, $newFileName } > $referencesTempFilePath
+ }
+
+ # Copy over the new _references.js file
+ Copy-Item $referencesTempFilePath $referencesFilePath -Force
+ Remove-Item $referencesTempFilePath -Force
+}
+
+function Remove-Reference($scriptsFolderProjectItem, $fileNamePattern) {
+ try {
+ $referencesFileProjectItem = $scriptsFolderProjectItem.ProjectItems.Item("_references.js")
+ }
+ catch {
+ # _references.js file not found
+ return
+ }
+
+ if ($referencesFileProjectItem -eq $null) {
+ return
+ }
+
+ $referencesFilePath = $referencesFileProjectItem.FileNames(1)
+ $referencesTempFilePath = Join-Path $env:TEMP "_references.tmp.js"
+
+ if ((Select-String $referencesFilePath -pattern $fileNamePattern).Length -eq 1) {
+ # Delete the line referencing the file
+ Get-Content $referencesFilePath | ForEach-Object { if (-not ($_ -match $fileNamePattern)) { $_ } } > $referencesTempFilePath
+
+ # Copy over the new _references.js file
+ Copy-Item $referencesTempFilePath $referencesFilePath -Force
+ Remove-Item $referencesTempFilePath -Force
+ }
+}
+
+# Extract the version number from the file in the package's content\scripts folder
+$packageScriptsFolder = Join-Path $installPath Content\Scripts
+$modernizrFileName = Join-Path $packageScriptsFolder "modernizr-*.js" | Get-ChildItem -Exclude "*.min.js","*-vsdoc.js" | Split-Path -Leaf
+$modernizrFileNameRegEx = "modernizr-((?:\d+\.)?(?:\d+\.)?(?:\d+\.)?(?:\d+)).js"
+$modernizrFileName -match $modernizrFileNameRegEx
+$ver = $matches[1]
+
+# Get the project item for the scripts folder
+try {
+ $scriptsFolderProjectItem = $project.ProjectItems.Item("Scripts")
+ $projectScriptsFolderPath = $scriptsFolderProjectItem.FileNames(1)
+}
+catch {
+ # No Scripts folder
+ Write-Host "No scripts folder found"
+}
\ No newline at end of file
diff --git a/PROJ-ETS/packages/Modernizr.2.6.2/Tools/install.ps1 b/PROJ-ETS/packages/Modernizr.2.6.2/Tools/install.ps1
new file mode 100644
index 0000000..8a71107
--- /dev/null
+++ b/PROJ-ETS/packages/Modernizr.2.6.2/Tools/install.ps1
@@ -0,0 +1,12 @@
+param($installPath, $toolsPath, $package, $project)
+
+. (Join-Path $toolsPath common.ps1)
+
+if ($scriptsFolderProjectItem -eq $null) {
+ # No Scripts folder
+ Write-Host "No Scripts folder found"
+ exit
+}
+
+# Update the _references.js file
+AddOrUpdate-Reference $scriptsFolderProjectItem $modernizrFileNameRegEx $modernizrFileName
\ No newline at end of file
diff --git a/PROJ-ETS/packages/Modernizr.2.6.2/Tools/uninstall.ps1 b/PROJ-ETS/packages/Modernizr.2.6.2/Tools/uninstall.ps1
new file mode 100644
index 0000000..13c5c16
--- /dev/null
+++ b/PROJ-ETS/packages/Modernizr.2.6.2/Tools/uninstall.ps1
@@ -0,0 +1,6 @@
+param($installPath, $toolsPath, $package, $project)
+
+. (Join-Path $toolsPath common.ps1)
+
+# Update the _references.js file
+Remove-Reference $scriptsFolderProjectItem $modernizrFileNameRegEx
\ No newline at end of file
diff --git a/PROJ-ETS/packages/WebGrease.1.3.0/WebGrease.1.3.0.nupkg b/PROJ-ETS/packages/WebGrease.1.3.0/WebGrease.1.3.0.nupkg
new file mode 100644
index 0000000..9ec7ef6
Binary files /dev/null and b/PROJ-ETS/packages/WebGrease.1.3.0/WebGrease.1.3.0.nupkg differ
diff --git a/PROJ-ETS/packages/WebGrease.1.3.0/WebGrease.1.3.0.nuspec b/PROJ-ETS/packages/WebGrease.1.3.0/WebGrease.1.3.0.nuspec
new file mode 100644
index 0000000..f2b6529
--- /dev/null
+++ b/PROJ-ETS/packages/WebGrease.1.3.0/WebGrease.1.3.0.nuspec
@@ -0,0 +1,17 @@
+
+
+
+ WebGrease
+ 1.3.0
+ webgrease@microsoft.com
+ webgrease@microsoft.com
+ http://www.microsoft.com/web/webpi/eula/msn_webgrease_eula.htm
+ true
+ Web Grease is a suite of tools for optimizing javascript, css files and images.
+ en-US
+
+
+
+
+
+
\ No newline at end of file
diff --git a/PROJ-ETS/packages/WebGrease.1.3.0/lib/Antlr3.Runtime.dll b/PROJ-ETS/packages/WebGrease.1.3.0/lib/Antlr3.Runtime.dll
new file mode 100644
index 0000000..9592285
Binary files /dev/null and b/PROJ-ETS/packages/WebGrease.1.3.0/lib/Antlr3.Runtime.dll differ
diff --git a/PROJ-ETS/packages/WebGrease.1.3.0/lib/WebGrease.dll b/PROJ-ETS/packages/WebGrease.1.3.0/lib/WebGrease.dll
new file mode 100644
index 0000000..c4bc0f8
Binary files /dev/null and b/PROJ-ETS/packages/WebGrease.1.3.0/lib/WebGrease.dll differ
diff --git a/PROJ-ETS/packages/WebGrease.1.3.0/tools/WG.exe b/PROJ-ETS/packages/WebGrease.1.3.0/tools/WG.exe
new file mode 100644
index 0000000..e91761a
Binary files /dev/null and b/PROJ-ETS/packages/WebGrease.1.3.0/tools/WG.exe differ