diff options
Diffstat (limited to 'src/OAuth/OAuthAuthorizationServer')
4 files changed, 107 insertions, 71 deletions
diff --git a/src/OAuth/OAuthAuthorizationServer/Code/OAuth2AuthorizationServer.cs b/src/OAuth/OAuthAuthorizationServer/Code/OAuth2AuthorizationServer.cs index eb7f1f5..aa9f3e6 100644 --- a/src/OAuth/OAuthAuthorizationServer/Code/OAuth2AuthorizationServer.cs +++ b/src/OAuth/OAuthAuthorizationServer/Code/OAuth2AuthorizationServer.cs @@ -31,7 +31,11 @@ #region Implementation of IAuthorizationServerHost - public ICryptoKeyStore CryptoKeyStore { + public AutomatedAuthorizationCheckResponse CheckAuthorizeClientCredentialsGrant(IAccessTokenRequest accessRequest) { + throw new NotImplementedException(); + } + + public ICryptoKeyStore CryptoKeyStore { get { return MvcApplication.KeyNonceStore; } } @@ -78,7 +82,11 @@ return this.IsAuthorizationValid(authorization.Scope, authorization.ClientIdentifier, authorization.UtcIssued, authorization.User); } - public bool TryAuthorizeResourceOwnerCredentialGrant(string userName, string password, IAccessTokenRequest accessRequest, out string canonicalUserName) { + public AutomatedUserAuthorizationCheckResponse CheckAuthorizeResourceOwnerCredentialGrant(string userName, string password, IAccessTokenRequest accessRequest) { + throw new NotImplementedException(); + } + + public bool TryAuthorizeResourceOwnerCredentialGrant(string userName, string password, IAccessTokenRequest accessRequest, out string canonicalUserName) { // This web site delegates user authentication to OpenID Providers, and as such no users have local passwords with this server. throw new NotSupportedException(); } diff --git a/src/OAuth/OAuthAuthorizationServer/OAuthAuthorizationServer.csproj b/src/OAuth/OAuthAuthorizationServer/OAuthAuthorizationServer.csproj index 07f5f47..d0834df 100644 --- a/src/OAuth/OAuthAuthorizationServer/OAuthAuthorizationServer.csproj +++ b/src/OAuth/OAuthAuthorizationServer/OAuthAuthorizationServer.csproj @@ -44,32 +44,41 @@ <WarningLevel>4</WarningLevel>
</PropertyGroup>
<ItemGroup>
- <Reference Include="DotNetOpenAuth.Core">
- <HintPath>..\..\..\packages\DotNetOpenAuth.Core.4.1.0.12182\lib\net40-full\DotNetOpenAuth.Core.dll</HintPath>
+ <Reference Include="DotNetOpenAuth.Core, Version=4.3.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <SpecificVersion>False</SpecificVersion>
+ <HintPath>..\..\..\packages\DotNetOpenAuth.Core.4.3.1.13153\lib\net40-full\DotNetOpenAuth.Core.dll</HintPath>
</Reference>
- <Reference Include="DotNetOpenAuth.Core.UI">
- <HintPath>..\..\..\packages\DotNetOpenAuth.Core.UI.4.1.0.12182\lib\net40-full\DotNetOpenAuth.Core.UI.dll</HintPath>
+ <Reference Include="DotNetOpenAuth.Core.UI, Version=4.3.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <SpecificVersion>False</SpecificVersion>
+ <HintPath>..\..\..\packages\DotNetOpenAuth.Core.UI.4.3.1.13153\lib\net40-full\DotNetOpenAuth.Core.UI.dll</HintPath>
</Reference>
- <Reference Include="DotNetOpenAuth.OAuth2">
- <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth2.Core.0.25.0-draft1\lib\net40-full\DotNetOpenAuth.OAuth2.dll</HintPath>
+ <Reference Include="DotNetOpenAuth.OAuth2, Version=4.3.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <SpecificVersion>False</SpecificVersion>
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth2.Core.4.3.1.13153\lib\net40-full\DotNetOpenAuth.OAuth2.dll</HintPath>
</Reference>
- <Reference Include="DotNetOpenAuth.OAuth2.AuthorizationServer">
- <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth2.AuthorizationServer.0.25.0-draft1\lib\net40-full\DotNetOpenAuth.OAuth2.AuthorizationServer.dll</HintPath>
+ <Reference Include="DotNetOpenAuth.OAuth2.AuthorizationServer, Version=4.3.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <SpecificVersion>False</SpecificVersion>
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth2.AuthorizationServer.4.3.1.13153\lib\net40-full\DotNetOpenAuth.OAuth2.AuthorizationServer.dll</HintPath>
</Reference>
- <Reference Include="DotNetOpenAuth.OAuth2.ClientAuthorization">
- <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth2.ClientAuthorization.0.25.0-draft1\lib\net40-full\DotNetOpenAuth.OAuth2.ClientAuthorization.dll</HintPath>
+ <Reference Include="DotNetOpenAuth.OAuth2.ClientAuthorization, Version=4.3.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <SpecificVersion>False</SpecificVersion>
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OAuth2.ClientAuthorization.4.3.1.13153\lib\net40-full\DotNetOpenAuth.OAuth2.ClientAuthorization.dll</HintPath>
</Reference>
- <Reference Include="DotNetOpenAuth.OpenId">
- <HintPath>..\..\..\packages\DotNetOpenAuth.OpenId.Core.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OpenId.dll</HintPath>
+ <Reference Include="DotNetOpenAuth.OpenId, Version=4.3.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <SpecificVersion>False</SpecificVersion>
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OpenId.Core.4.3.1.13153\lib\net40-full\DotNetOpenAuth.OpenId.dll</HintPath>
</Reference>
- <Reference Include="DotNetOpenAuth.OpenId.RelyingParty">
- <HintPath>..\..\..\packages\DotNetOpenAuth.OpenId.RelyingParty.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OpenId.RelyingParty.dll</HintPath>
+ <Reference Include="DotNetOpenAuth.OpenId.RelyingParty, Version=4.3.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <SpecificVersion>False</SpecificVersion>
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OpenId.RelyingParty.4.3.1.13153\lib\net40-full\DotNetOpenAuth.OpenId.RelyingParty.dll</HintPath>
</Reference>
- <Reference Include="DotNetOpenAuth.OpenId.RelyingParty.UI">
- <HintPath>..\..\..\packages\DotNetOpenAuth.OpenId.RelyingParty.UI.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OpenId.RelyingParty.UI.dll</HintPath>
+ <Reference Include="DotNetOpenAuth.OpenId.RelyingParty.UI, Version=4.3.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <SpecificVersion>False</SpecificVersion>
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OpenId.RelyingParty.UI.4.3.1.13153\lib\net40-full\DotNetOpenAuth.OpenId.RelyingParty.UI.dll</HintPath>
</Reference>
- <Reference Include="DotNetOpenAuth.OpenId.UI">
- <HintPath>..\..\..\packages\DotNetOpenAuth.OpenId.Core.UI.4.1.0.12182\lib\net40-full\DotNetOpenAuth.OpenId.UI.dll</HintPath>
+ <Reference Include="DotNetOpenAuth.OpenId.UI, Version=4.3.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246, processorArchitecture=MSIL">
+ <SpecificVersion>False</SpecificVersion>
+ <HintPath>..\..\..\packages\DotNetOpenAuth.OpenId.Core.UI.4.3.1.13153\lib\net40-full\DotNetOpenAuth.OpenId.UI.dll</HintPath>
</Reference>
<Reference Include="log4net">
<HintPath>..\..\..\packages\log4net.2.0.0\lib\net40-full\log4net.dll</HintPath>
@@ -79,6 +88,31 @@ <Reference Include="System.Data" />
<Reference Include="System.Data.Linq" />
<Reference Include="System.Drawing" />
+ <Reference Include="System.IO">
+ <HintPath>..\..\..\packages\Microsoft.Bcl.1.1.3\lib\net40\System.IO.dll</HintPath>
+ </Reference>
+ <Reference Include="System.Net.Http, Version=2.2.13.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=MSIL">
+ <SpecificVersion>False</SpecificVersion>
+ <HintPath>..\..\..\packages\Microsoft.Net.Http.2.2.13\lib\net40\System.Net.Http.dll</HintPath>
+ </Reference>
+ <Reference Include="System.Net.Http.Extensions, Version=2.2.13.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=MSIL">
+ <SpecificVersion>False</SpecificVersion>
+ <HintPath>..\..\..\packages\Microsoft.Net.Http.2.2.13\lib\net40\System.Net.Http.Extensions.dll</HintPath>
+ </Reference>
+ <Reference Include="System.Net.Http.Primitives, Version=2.2.13.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=MSIL">
+ <SpecificVersion>False</SpecificVersion>
+ <HintPath>..\..\..\packages\Microsoft.Net.Http.2.2.13\lib\net40\System.Net.Http.Primitives.dll</HintPath>
+ </Reference>
+ <Reference Include="System.Net.Http.WebRequest, Version=2.2.13.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=MSIL">
+ <SpecificVersion>False</SpecificVersion>
+ <HintPath>..\..\..\packages\Microsoft.Net.Http.2.2.13\lib\net40\System.Net.Http.WebRequest.dll</HintPath>
+ </Reference>
+ <Reference Include="System.Runtime">
+ <HintPath>..\..\..\packages\Microsoft.Bcl.1.1.3\lib\net40\System.Runtime.dll</HintPath>
+ </Reference>
+ <Reference Include="System.Threading.Tasks">
+ <HintPath>..\..\..\packages\Microsoft.Bcl.1.1.3\lib\net40\System.Threading.Tasks.dll</HintPath>
+ </Reference>
<Reference Include="System.Web.DynamicData" />
<Reference Include="System.Web.Entity" />
<Reference Include="System.Web.ApplicationServices" />
@@ -235,4 +269,5 @@ </ProjectExtensions>
<Import Project="$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.targets))\EnlistmentInfo.targets" Condition=" '$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.targets))' != '' " />
<Import Project="$(SolutionDir)\.nuget\nuget.targets" />
+ <Import Project="..\..\..\packages\Microsoft.Bcl.Build.1.0.8\tools\Microsoft.Bcl.Build.targets" />
</Project>
\ No newline at end of file diff --git a/src/OAuth/OAuthAuthorizationServer/Web.config b/src/OAuth/OAuthAuthorizationServer/Web.config index fc811c8..71b76f0 100644 --- a/src/OAuth/OAuthAuthorizationServer/Web.config +++ b/src/OAuth/OAuthAuthorizationServer/Web.config @@ -11,17 +11,17 @@ <sectionGroup name="oauth2" type="DotNetOpenAuth.Configuration.OAuth2SectionGroup, DotNetOpenAuth.OAuth2">
<section name="authorizationServer" type="DotNetOpenAuth.Configuration.OAuth2AuthorizationServerSection, DotNetOpenAuth.OAuth2.AuthorizationServer" requirePermission="false" allowLocation="true" />
</sectionGroup>
- <section name="messaging" type="DotNetOpenAuth.Configuration.MessagingElement, DotNetOpenAuth.Core" requirePermission="false" allowLocation="true" />
- <section name="reporting" type="DotNetOpenAuth.Configuration.ReportingElement, DotNetOpenAuth.Core" requirePermission="false" allowLocation="true" />
- <section name="openid" type="DotNetOpenAuth.Configuration.OpenIdElement, DotNetOpenAuth.OpenId" requirePermission="false" allowLocation="true" />
- </sectionGroup>
+
+
+
+ <section name="messaging" type="DotNetOpenAuth.Configuration.MessagingElement, DotNetOpenAuth.Core" requirePermission="false" allowLocation="true" /><section name="reporting" type="DotNetOpenAuth.Configuration.ReportingElement, DotNetOpenAuth.Core" requirePermission="false" allowLocation="true" /><section name="openid" type="DotNetOpenAuth.Configuration.OpenIdElement, DotNetOpenAuth.OpenId" requirePermission="false" allowLocation="true" /></sectionGroup>
</configSections>
<!-- The uri section is necessary to turn on .NET 3.5 support for IDN (international domain names),
which is necessary for OpenID urls with unicode characters in the domain/host name.
It is also required to put the Uri class into RFC 3986 escaping mode, which OpenID and OAuth require. -->
<!-- this is an optional configuration section where aspects of dotnetopenauth can be customized -->
<dotNetOpenAuth>
- <!-- Allow DotNetOpenAuth to publish usage statistics to library authors to improve the library. -->
+
<oauth2>
<authorizationServer></authorizationServer>
</oauth2>
@@ -31,26 +31,15 @@ <whitelistHosts>
<!-- since this is a sample, and will often be used with localhost -->
<add name="localhost" />
- </whitelistHosts>
+ <!-- Uncomment to enable communication with localhost (should generally not activate in production!) --><!--<add name="localhost" />--></whitelistHosts>
</untrustedWebRequest>
</messaging>
- <reporting enabled="true" />
- <openid>
- <relyingParty>
- <security requireSsl="false">
- <!-- Uncomment the trustedProviders tag if your relying party should only accept positive assertions from a closed set of OpenID Providers. -->
- <!--<trustedProviders rejectAssertionsFromUntrustedProviders="true">
+
+
+ <!-- Allow DotNetOpenAuth to publish usage statistics to library authors to improve the library. --><reporting enabled="true" /><!-- This is an optional configuration section where aspects of dotnetopenauth can be customized. --><!-- For a complete set of configuration options see http://www.dotnetopenauth.net/developers/code-snippets/configuration-options/ --><openid><relyingParty><security requireSsl="false"><!-- Uncomment the trustedProviders tag if your relying party should only accept positive assertions from a closed set of OpenID Providers. --><!--<trustedProviders rejectAssertionsFromUntrustedProviders="true">
<add endpoint="https://www.google.com/accounts/o8/ud" />
- </trustedProviders>-->
- </security>
- <behaviors>
- <!-- The following OPTIONAL behavior allows RPs to use SREG only, but be compatible
- with OPs that use Attribute Exchange (in various formats). -->
- <add type="DotNetOpenAuth.OpenId.RelyingParty.Behaviors.AXFetchAsSregTransform, DotNetOpenAuth.OpenId.RelyingParty" />
- </behaviors>
- </relyingParty>
- </openid>
- </dotNetOpenAuth>
+ </trustedProviders>--></security><behaviors><!-- The following OPTIONAL behavior allows RPs to use SREG only, but be compatible
+ with OPs that use Attribute Exchange (in various formats). --><add type="DotNetOpenAuth.OpenId.RelyingParty.Behaviors.AXFetchAsSregTransform, DotNetOpenAuth.OpenId.RelyingParty" /></behaviors></relyingParty></openid></dotNetOpenAuth>
<log4net>
<!-- Setup the root category, add the appenders and set the default level -->
<root>
@@ -102,28 +91,30 @@ <assemblyIdentity name="System.Web.Mvc" publicKeyToken="31bf3856ad364e35" />
<bindingRedirect oldVersion="1.0.0.0-2.0.0.0" newVersion="3.0.0.0" />
</dependentAssembly>
+ <dependentAssembly>
+ <assemblyIdentity name="System.Net.Http" publicKeyToken="b03f5f7f11d50a3a" culture="neutral" />
+ <bindingRedirect oldVersion="0.0.0.0-2.2.13.0" newVersion="2.2.13.0" />
+ </dependentAssembly>
</assemblyBinding>
- <legacyHMACWarning enabled="0" />
- </runtime>
- <system.net>
- <defaultProxy enabled="true" />
- <settings>
- <!-- This setting causes .NET to check certificate revocation lists (CRL)
- before trusting HTTPS certificates. But this setting tends to not
- be allowed in shared hosting environments. -->
- <!--<servicePointManager checkCertificateRevocationList="true"/>-->
- </settings>
- </system.net>
- <uri>
- <!-- The uri section is necessary to turn on .NET 3.5 support for IDN (international domain names),
- which is necessary for OpenID urls with unicode characters in the domain/host name.
- It is also required to put the Uri class into RFC 3986 escaping mode, which OpenID and OAuth require. -->
- <idn enabled="All" />
- <iriParsing enabled="true" />
- </uri>
+
+ <!-- This prevents the Windows Event Log from frequently logging that HMAC1 is being used (when the other party needs it). --><legacyHMACWarning enabled="0" /><!-- When targeting ASP.NET MVC 3, this assemblyBinding makes MVC 1 and 2 references relink
+ to MVC 3 so libraries such as DotNetOpenAuth that compile against MVC 1 will work with it.
+ <assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
+ <dependentAssembly>
+ <assemblyIdentity name="System.Web.Mvc" publicKeyToken="31bf3856ad364e35" />
+ <bindingRedirect oldVersion="1.0.0.0-3.0.0.0" newVersion="3.0.0.0" />
+ </dependentAssembly>
+ </assemblyBinding>
+ --></runtime>
+
+
<appSettings>
<add key="ClientValidationEnabled" value="false" />
<add key="UnobtrusiveJavaScriptEnabled" value="false" />
</appSettings>
-</configuration>
\ No newline at end of file +<system.net><defaultProxy enabled="true" /><settings><!-- This setting causes .NET to check certificate revocation lists (CRL)
+ before trusting HTTPS certificates. But this setting tends to not
+ be allowed in shared hosting environments. --><!--<servicePointManager checkCertificateRevocationList="true"/>--></settings></system.net><uri><!-- The uri section is necessary to turn on .NET 3.5 support for IDN (international domain names),
+ which is necessary for OpenID urls with unicode characters in the domain/host name.
+ It is also required to put the Uri class into RFC 3986 escaping mode, which OpenID and OAuth require. --><idn enabled="All" /><iriParsing enabled="true" /></uri></configuration>
\ No newline at end of file diff --git a/src/OAuth/OAuthAuthorizationServer/packages.config b/src/OAuth/OAuthAuthorizationServer/packages.config index dea78e4..3206181 100644 --- a/src/OAuth/OAuthAuthorizationServer/packages.config +++ b/src/OAuth/OAuthAuthorizationServer/packages.config @@ -1,14 +1,16 @@ <?xml version="1.0" encoding="utf-8"?>
<packages>
- <package id="CodeContracts.Unofficial" version="1.0.0.2" targetFramework="net40" />
- <package id="DotNetOpenAuth.Core" version="4.1.0.12182" targetFramework="net40" />
- <package id="DotNetOpenAuth.Core.UI" version="4.1.0.12182" targetFramework="net40" />
- <package id="DotNetOpenAuth.OAuth2.AuthorizationServer" version="0.25.0-draft1" targetFramework="net40" />
- <package id="DotNetOpenAuth.OAuth2.ClientAuthorization" version="0.25.0-draft1" targetFramework="net40" />
- <package id="DotNetOpenAuth.OAuth2.Core" version="0.25.0-draft1" targetFramework="net40" />
- <package id="DotNetOpenAuth.OpenId.Core" version="4.1.0.12182" targetFramework="net40" />
- <package id="DotNetOpenAuth.OpenId.Core.UI" version="4.1.0.12182" targetFramework="net40" />
- <package id="DotNetOpenAuth.OpenId.RelyingParty" version="4.1.0.12182" targetFramework="net40" />
- <package id="DotNetOpenAuth.OpenId.RelyingParty.UI" version="4.1.0.12182" targetFramework="net40" />
+ <package id="DotNetOpenAuth.Core" version="4.3.1.13153" targetFramework="net40" />
+ <package id="DotNetOpenAuth.Core.UI" version="4.3.1.13153" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OAuth2.AuthorizationServer" version="4.3.1.13153" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OAuth2.ClientAuthorization" version="4.3.1.13153" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OAuth2.Core" version="4.3.1.13153" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OpenId.Core" version="4.3.1.13153" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OpenId.Core.UI" version="4.3.1.13153" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OpenId.RelyingParty" version="4.3.1.13153" targetFramework="net40" />
+ <package id="DotNetOpenAuth.OpenId.RelyingParty.UI" version="4.3.1.13153" targetFramework="net40" />
<package id="log4net" version="2.0.0" targetFramework="net40" />
+ <package id="Microsoft.Bcl" version="1.1.3" targetFramework="net40" />
+ <package id="Microsoft.Bcl.Build" version="1.0.8" targetFramework="net40" />
+ <package id="Microsoft.Net.Http" version="2.2.13" targetFramework="net40" />
</packages>
\ No newline at end of file |