api-dev
diff --git a/‎src/ServiceStack.Authentication.OpenId/ServiceStack.Authentication.OpenId.csproj‎
Lines changed: 3 additions & 1 deletion b/‎src/ServiceStack.Authentication.OpenId/ServiceStack.Authentication.OpenId.csproj‎
Lines changed: 3 additions & 1 deletion
diff --git a/‎src/packages/DotNetOpenAuth.Ultimate.4.3.0.13117/DotNetOpenAuth.Ultimate.4.3.0.13117.nupkg‎
2 MB b/‎src/packages/DotNetOpenAuth.Ultimate.4.3.0.13117/DotNetOpenAuth.Ultimate.4.3.0.13117.nupkg‎
2 MB
diff --git a/‎src/packages/DotNetOpenAuth.Ultimate.4.3.0.13117/content/net35-full/web.config.transform‎
Lines changed: 74 additions & 0 deletions b/‎src/packages/DotNetOpenAuth.Ultimate.4.3.0.13117/content/net35-full/web.config.transform‎
Lines changed: 74 additions & 0 deletions
diff --git a/‎src/packages/DotNetOpenAuth.Ultimate.4.3.0.13117/content/net40-full/web.config.transform‎
Lines changed: 73 additions & 0 deletions b/‎src/packages/DotNetOpenAuth.Ultimate.4.3.0.13117/content/net40-full/web.config.transform‎
Lines changed: 73 additions & 0 deletions
diff --git a/‎src/packages/DotNetOpenAuth.Ultimate.4.3.0.13117/content/net45-full/web.config.transform‎
Lines changed: 73 additions & 0 deletions b/‎src/packages/DotNetOpenAuth.Ultimate.4.3.0.13117/content/net45-full/web.config.transform‎
Lines changed: 73 additions & 0 deletions
diff --git a/‎src/packages/DotNetOpenAuth.Ultimate.4.3.0.13117/lib/net35-full/DotNetOpenAuth.dll‎
1.11 MB b/‎src/packages/DotNetOpenAuth.Ultimate.4.3.0.13117/lib/net35-full/DotNetOpenAuth.dll‎
1.11 MB
@@ -76,7 +76,9 @@
     </ProjectReference>
   </ItemGroup>
   <ItemGroup>
-    <None Include="packages.config" />
+    <None Include="packages.config">
+      <SubType>Designer</SubType>
+    </None>
   </ItemGroup>
   <Import Project="$(MSBuildToolsPath)\Microsoft.CSharp.targets" />
   <Import Project="$(SolutionDir)\.nuget\NuGet.targets" />
 
@@ -0,0 +1,74 @@
+<configuration>
+	<configSections>
+		<section name="uri" type="System.Configuration.UriSection, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
+		<sectionGroup name="dotNetOpenAuth" type="DotNetOpenAuth.Configuration.DotNetOpenAuthSection, DotNetOpenAuth">
+			<section name="openid" type="DotNetOpenAuth.Configuration.OpenIdElement, DotNetOpenAuth" requirePermission="false" allowLocation="true" />
+			<section name="oauth" type="DotNetOpenAuth.Configuration.OAuthElement, DotNetOpenAuth" requirePermission="false" allowLocation="true" />
+			<section name="messaging" type="DotNetOpenAuth.Configuration.MessagingElement, DotNetOpenAuth" requirePermission="false" allowLocation="true" />
+			<section name="reporting" type="DotNetOpenAuth.Configuration.ReportingElement, DotNetOpenAuth" requirePermission="false" allowLocation="true" />
+		</sectionGroup>
+	</configSections>
+
+	<uri>
+		<!-- The uri section is necessary to turn on .NET 3.5 support for IDN (international domain names),
+	     which is necessary for OpenID urls with unicode characters in the domain/host name. 
+	     It is also required to put the Uri class into RFC 3986 escaping mode, which OpenID and OAuth require. -->
+		<idn enabled="All"/>
+		<iriParsing enabled="true"/>
+	</uri>
+
+	<system.net>
+		<defaultProxy enabled="true" />
+		<settings>
+			<!-- This setting causes .NET to check certificate revocation lists (CRL) 
+			     before trusting HTTPS certificates.  But this setting tends to not 
+			     be allowed in shared hosting environments. -->
+			<!--<servicePointManager checkCertificateRevocationList="true"/>-->
+		</settings>
+	</system.net>
+
+	<runtime>
+		<!-- This prevents the Windows Event Log from frequently logging that HMAC1 is being used (when the other party needs it). -->
+		<legacyHMACWarning enabled="0" />
+
+		<!-- When targeting ASP.NET MVC 3, this assemblyBinding makes MVC 1 and 2 references relink
+		     to MVC 3 so libraries such as DotNetOpenAuth that compile against MVC 1 will work with it.
+		<assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
+			<dependentAssembly>
+				<assemblyIdentity name="System.Web.Mvc" publicKeyToken="31bf3856ad364e35" />
+				<bindingRedirect oldVersion="1.0.0.0-3.0.0.0" newVersion="3.0.0.0" />
+			</dependentAssembly>
+		</assemblyBinding>
+		-->
+	</runtime>
+
+	<dotNetOpenAuth>
+		<!-- This is an optional configuration section where aspects of dotnetopenauth can be customized. -->
+		<!-- For a complete set of configuration options see http://www.dotnetopenauth.net/developers/code-snippets/configuration-options/ -->
+		<openid>
+			<relyingParty>
+				<security requireSsl="false">
+					<!-- Uncomment the trustedProviders tag if your relying party should only accept positive assertions from a closed set of OpenID Providers. -->
+					<!--<trustedProviders rejectAssertionsFromUntrustedProviders="true">
+						<add endpoint="https://www.google.com/accounts/o8/ud" />
+					</trustedProviders>-->
+				</security>
+				<behaviors>
+					<!-- The following OPTIONAL behavior allows RPs to use SREG only, but be compatible
+					     with OPs that use Attribute Exchange (in various formats). -->
+					<add type="DotNetOpenAuth.OpenId.RelyingParty.Behaviors.AXFetchAsSregTransform, DotNetOpenAuth" />
+				</behaviors>
+			</relyingParty>
+		</openid>
+		<messaging>
+			<untrustedWebRequest>
+				<whitelistHosts>
+					<!-- Uncomment to enable communication with localhost (should generally not activate in production!) -->
+					<!--<add name="localhost" />-->
+				</whitelistHosts>
+			</untrustedWebRequest>
+		</messaging>
+		<!-- Allow DotNetOpenAuth to publish usage statistics to library authors to improve the library. -->
+		<reporting enabled="true" />
+	</dotNetOpenAuth>
+</configuration>
@@ -0,0 +1,73 @@
+<configuration>
+	<configSections>
+		<sectionGroup name="dotNetOpenAuth" type="DotNetOpenAuth.Configuration.DotNetOpenAuthSection, DotNetOpenAuth">
+			<section name="openid" type="DotNetOpenAuth.Configuration.OpenIdElement, DotNetOpenAuth" requirePermission="false" allowLocation="true" />
+			<section name="oauth" type="DotNetOpenAuth.Configuration.OAuthElement, DotNetOpenAuth" requirePermission="false" allowLocation="true" />
+			<section name="messaging" type="DotNetOpenAuth.Configuration.MessagingElement, DotNetOpenAuth" requirePermission="false" allowLocation="true" />
+			<section name="reporting" type="DotNetOpenAuth.Configuration.ReportingElement, DotNetOpenAuth" requirePermission="false" allowLocation="true" />
+		</sectionGroup>
+	</configSections>
+
+	<uri>
+		<!-- The uri section is necessary to turn on .NET 3.5 support for IDN (international domain names),
+	     which is necessary for OpenID urls with unicode characters in the domain/host name. 
+	     It is also required to put the Uri class into RFC 3986 escaping mode, which OpenID and OAuth require. -->
+		<idn enabled="All"/>
+		<iriParsing enabled="true"/>
+	</uri>
+
+	<system.net>
+		<defaultProxy enabled="true" />
+		<settings>
+			<!-- This setting causes .NET to check certificate revocation lists (CRL) 
+			     before trusting HTTPS certificates.  But this setting tends to not 
+			     be allowed in shared hosting environments. -->
+			<!--<servicePointManager checkCertificateRevocationList="true"/>-->
+		</settings>
+	</system.net>
+
+	<runtime>
+		<!-- This prevents the Windows Event Log from frequently logging that HMAC1 is being used (when the other party needs it). -->
+		<legacyHMACWarning enabled="0" />
+
+		<!-- When targeting ASP.NET MVC 3, this assemblyBinding makes MVC 1 and 2 references relink
+		     to MVC 3 so libraries such as DotNetOpenAuth that compile against MVC 1 will work with it.
+		<assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
+			<dependentAssembly>
+				<assemblyIdentity name="System.Web.Mvc" publicKeyToken="31bf3856ad364e35" />
+				<bindingRedirect oldVersion="1.0.0.0-3.0.0.0" newVersion="3.0.0.0" />
+			</dependentAssembly>
+		</assemblyBinding>
+		-->
+	</runtime>
+
+	<dotNetOpenAuth>
+		<!-- This is an optional configuration section where aspects of dotnetopenauth can be customized. -->
+		<!-- For a complete set of configuration options see http://www.dotnetopenauth.net/developers/code-snippets/configuration-options/ -->
+		<openid>
+			<relyingParty>
+				<security requireSsl="false">
+					<!-- Uncomment the trustedProviders tag if your relying party should only accept positive assertions from a closed set of OpenID Providers. -->
+					<!--<trustedProviders rejectAssertionsFromUntrustedProviders="true">
+						<add endpoint="https://www.google.com/accounts/o8/ud" />
+					</trustedProviders>-->
+				</security>
+				<behaviors>
+					<!-- The following OPTIONAL behavior allows RPs to use SREG only, but be compatible
+					     with OPs that use Attribute Exchange (in various formats). -->
+					<add type="DotNetOpenAuth.OpenId.RelyingParty.Behaviors.AXFetchAsSregTransform, DotNetOpenAuth" />
+				</behaviors>
+			</relyingParty>
+		</openid>
+		<messaging>
+			<untrustedWebRequest>
+				<whitelistHosts>
+					<!-- Uncomment to enable communication with localhost (should generally not activate in production!) -->
+					<!--<add name="localhost" />-->
+				</whitelistHosts>
+			</untrustedWebRequest>
+		</messaging>
+		<!-- Allow DotNetOpenAuth to publish usage statistics to library authors to improve the library. -->
+		<reporting enabled="true" />
+	</dotNetOpenAuth>
+</configuration>
@@ -0,0 +1,73 @@
+<configuration>
+	<configSections>
+		<sectionGroup name="dotNetOpenAuth" type="DotNetOpenAuth.Configuration.DotNetOpenAuthSection, DotNetOpenAuth">
+			<section name="openid" type="DotNetOpenAuth.Configuration.OpenIdElement, DotNetOpenAuth" requirePermission="false" allowLocation="true" />
+			<section name="oauth" type="DotNetOpenAuth.Configuration.OAuthElement, DotNetOpenAuth" requirePermission="false" allowLocation="true" />
+			<section name="messaging" type="DotNetOpenAuth.Configuration.MessagingElement, DotNetOpenAuth" requirePermission="false" allowLocation="true" />
+			<section name="reporting" type="DotNetOpenAuth.Configuration.ReportingElement, DotNetOpenAuth" requirePermission="false" allowLocation="true" />
+		</sectionGroup>
+	</configSections>
+
+	<uri>
+		<!-- The uri section is necessary to turn on .NET 3.5 support for IDN (international domain names),
+	     which is necessary for OpenID urls with unicode characters in the domain/host name. 
+	     It is also required to put the Uri class into RFC 3986 escaping mode, which OpenID and OAuth require. -->
+		<idn enabled="All"/>
+		<iriParsing enabled="true"/>
+	</uri>
+
+	<system.net>
+		<defaultProxy enabled="true" />
+		<settings>
+			<!-- This setting causes .NET to check certificate revocation lists (CRL) 
+			     before trusting HTTPS certificates.  But this setting tends to not 
+			     be allowed in shared hosting environments. -->
+			<!--<servicePointManager checkCertificateRevocationList="true"/>-->
+		</settings>
+	</system.net>
+
+	<runtime>
+		<!-- This prevents the Windows Event Log from frequently logging that HMAC1 is being used (when the other party needs it). -->
+		<legacyHMACWarning enabled="0" />
+
+		<!-- When targeting ASP.NET MVC 3, this assemblyBinding makes MVC 1 and 2 references relink
+		     to MVC 3 so libraries such as DotNetOpenAuth that compile against MVC 1 will work with it.
+		<assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
+			<dependentAssembly>
+				<assemblyIdentity name="System.Web.Mvc" publicKeyToken="31bf3856ad364e35" />
+				<bindingRedirect oldVersion="1.0.0.0-3.0.0.0" newVersion="3.0.0.0" />
+			</dependentAssembly>
+		</assemblyBinding>
+		-->
+	</runtime>
+
+	<dotNetOpenAuth>
+		<!-- This is an optional configuration section where aspects of dotnetopenauth can be customized. -->
+		<!-- For a complete set of configuration options see http://www.dotnetopenauth.net/developers/code-snippets/configuration-options/ -->
+		<openid>
+			<relyingParty>
+				<security requireSsl="false">
+					<!-- Uncomment the trustedProviders tag if your relying party should only accept positive assertions from a closed set of OpenID Providers. -->
+					<!--<trustedProviders rejectAssertionsFromUntrustedProviders="true">
+						<add endpoint="https://www.google.com/accounts/o8/ud" />
+					</trustedProviders>-->
+				</security>
+				<behaviors>
+					<!-- The following OPTIONAL behavior allows RPs to use SREG only, but be compatible
+					     with OPs that use Attribute Exchange (in various formats). -->
+					<add type="DotNetOpenAuth.OpenId.RelyingParty.Behaviors.AXFetchAsSregTransform, DotNetOpenAuth" />
+				</behaviors>
+			</relyingParty>
+		</openid>
+		<messaging>
+			<untrustedWebRequest>
+				<whitelistHosts>
+					<!-- Uncomment to enable communication with localhost (should generally not activate in production!) -->
+					<!--<add name="localhost" />-->
+				</whitelistHosts>
+			</untrustedWebRequest>
+		</messaging>
+		<!-- Allow DotNetOpenAuth to publish usage statistics to library authors to improve the library. -->
+		<reporting enabled="true" />
+	</dotNetOpenAuth>
+</configuration>