diff options
| author | Andrew Arnott <andrewarnott@gmail.com> | 2013-03-02 16:17:00 -0800 |
|---|---|---|
| committer | Andrew Arnott <andrewarnott@gmail.com> | 2013-03-02 16:17:00 -0800 |
| commit | 09651b96839ce22116a4047876bb5a43164c1102 (patch) | |
| tree | 6070c5be6968067f05eef42bb234c4a1af0881e1 | |
| parent | 15997d4073e67ead1493b4133c1858fea09620ff (diff) | |
| download | DotNetOpenAuth-09651b96839ce22116a4047876bb5a43164c1102.zip DotNetOpenAuth-09651b96839ce22116a4047876bb5a43164c1102.tar.gz DotNetOpenAuth-09651b96839ce22116a4047876bb5a43164c1102.tar.bz2 | |
Removes trivial nonce store implementation from WebAPI sample.
5 files changed, 10 insertions, 24 deletions
diff --git a/samples/OAuth2ProtectedWebApi/Code/AuthorizationServerHost.cs b/samples/OAuth2ProtectedWebApi/Code/AuthorizationServerHost.cs index 73c5864..3149923 100644 --- a/samples/OAuth2ProtectedWebApi/Code/AuthorizationServerHost.cs +++ b/samples/OAuth2ProtectedWebApi/Code/AuthorizationServerHost.cs @@ -12,14 +12,15 @@ public class AuthorizationServerHost : IAuthorizationServerHost { private static ICryptoKeyStore cryptoKeyStore = MemoryCryptoKeyStore.Instance; - private static INonceStore nonceStore = new MemoryNonceStore(); - public ICryptoKeyStore CryptoKeyStore { get { return cryptoKeyStore; } } public INonceStore NonceStore { - get { return nonceStore; } + get { + // Implementing a nonce store is a good idea as it mitigates replay attacks. + return null; + } } public AccessTokenResult CreateAccessToken(IAccessTokenRequest accessTokenRequestMessage) { @@ -31,7 +32,7 @@ } public IClientDescription GetClient(string clientIdentifier) { - return new ClientDescription("zzz", new Uri("http://www.microsoft.com/en-us/default.aspx"), ClientType.Confidential); + return new ClientDescription("b", new Uri("http://www.microsoft.com/en-us/default.aspx"), ClientType.Confidential); } public bool IsAuthorizationValid(IAuthorizationDescription authorization) { diff --git a/samples/OAuth2ProtectedWebApi/Code/MemoryNonceStore.cs b/samples/OAuth2ProtectedWebApi/Code/MemoryNonceStore.cs deleted file mode 100644 index 3bec259..0000000 --- a/samples/OAuth2ProtectedWebApi/Code/MemoryNonceStore.cs +++ /dev/null @@ -1,14 +0,0 @@ -namespace OAuth2ProtectedWebApi.Code { - using System; - using System.Collections.Generic; - using System.Linq; - using System.Web; - - using DotNetOpenAuth.Messaging.Bindings; - - internal class MemoryNonceStore : INonceStore { - public bool StoreNonce(string context, string nonce, DateTime timestampUtc) { - return true; - } - } -}
\ No newline at end of file diff --git a/samples/OAuth2ProtectedWebApi/OAuth2ProtectedWebApi.csproj b/samples/OAuth2ProtectedWebApi/OAuth2ProtectedWebApi.csproj index 811ba5a..321d808 100644 --- a/samples/OAuth2ProtectedWebApi/OAuth2ProtectedWebApi.csproj +++ b/samples/OAuth2ProtectedWebApi/OAuth2ProtectedWebApi.csproj @@ -129,7 +129,6 @@ <Compile Include="Code\BearerTokenHandler.cs" /> <Compile Include="Code\HttpHeaderAttribute.cs" /> <Compile Include="Code\MemoryCryptoKeyStore.cs" /> - <Compile Include="Code\MemoryNonceStore.cs" /> <Compile Include="Controllers\HomeController.cs" /> <Compile Include="Controllers\TokenController.cs" /> <Compile Include="Controllers\UserController.cs" /> diff --git a/samples/OAuthConsumerWpf/MainWindow.xaml b/samples/OAuthConsumerWpf/MainWindow.xaml index d89d489..8bc1e6a 100644 --- a/samples/OAuthConsumerWpf/MainWindow.xaml +++ b/samples/OAuthConsumerWpf/MainWindow.xaml @@ -142,10 +142,10 @@ <ColumnDefinition Width="auto" /> </Grid.ColumnDefinitions> <Label Grid.Row="1" TabIndex="202">Token Endpoint URL</Label> - <TextBox Grid.Row="1" Grid.Column="1" x:Name="oauth2TokenEndpointBox" Text="http://localhost:18916/OAuthTokenEndpoint.ashx" TabIndex="203" /> + <TextBox Grid.Row="1" Grid.Column="1" x:Name="oauth2TokenEndpointBox" Text="http://localhost:23603/api/token" TabIndex="203" /> <Label Grid.Row="1" Grid.Column="2" TabIndex="204">POST</Label> <Label Grid.Row="2" TabIndex="205">User Authorization URL</Label> - <TextBox Grid.Row="2" Grid.Column="1" x:Name="oauth2AuthorizationUrlBox" Text="http://localhost:18916/Account/Authorize" TabIndex="206" /> + <TextBox Grid.Row="2" Grid.Column="1" x:Name="oauth2AuthorizationUrlBox" Text="http://localhost:23603/user/Authorize" TabIndex="206" /> <Label Grid.Row="2" Grid.Column="2" TabIndex="207">GET</Label> <Label Grid.Row="0" TabIndex="200">Grant Type</Label> <ComboBox Grid.Row="0" Grid.Column="1" Grid.ColumnSpan="2" x:Name="flowBox" SelectedIndex="0" TabIndex="201"> @@ -156,7 +156,7 @@ </ComboBox.Items> </ComboBox> <Label Grid.Row="3" TabIndex="207">Resource URL</Label> - <TextBox Grid.Row="3" Grid.Column="1" x:Name="oauth2ResourceUrlBox" Text="http://localhost:18916/" TabIndex="208" /> + <TextBox Grid.Row="3" Grid.Column="1" x:Name="oauth2ResourceUrlBox" Text="http://localhost:23603/api/values" TabIndex="208" /> <ComboBox Grid.Row="3" Grid.Column="2" x:Name="oauth2ResourceHttpMethodList" SelectedIndex="0" TabIndex="209"> <ComboBox.Items> <ComboBoxItem>GET w/ header</ComboBoxItem> @@ -173,7 +173,7 @@ <Label Grid.Row="7" TabIndex="216">OAuth 2.0 version</Label> <ComboBox Grid.Row="7" Grid.Column="1" SelectedIndex="0" x:Name="oauth2Version" TabIndex="217"> <ComboBox.Items> - <ComboBoxItem>2.0 DRAFT 16</ComboBoxItem> + <ComboBoxItem>RFC 6749</ComboBoxItem> </ComboBox.Items> </ComboBox> <Button Grid.Row="8" Grid.Column="1" x:Name="oauth2BeginButton" Click="oauth2BeginButton_Click" TabIndex="218">Begin</Button> diff --git a/samples/OAuthConsumerWpf/MainWindow.xaml.cs b/samples/OAuthConsumerWpf/MainWindow.xaml.cs index a2cdfe9..5d94920 100644 --- a/samples/OAuthConsumerWpf/MainWindow.xaml.cs +++ b/samples/OAuthConsumerWpf/MainWindow.xaml.cs @@ -174,7 +174,7 @@ var authorizePopup = new Authorize2(client); authorizePopup.Authorization.Scope.AddRange(OAuthUtilities.SplitScopes(this.oauth2ScopeBox.Text)); - authorizePopup.Authorization.Callback = new Uri("http://localhost:59721/"); + authorizePopup.Authorization.Callback = new Uri("http://www.microsoft.com/en-us/default.aspx"); authorizePopup.Owner = this; bool? result = authorizePopup.ShowDialog(); if (result.HasValue && result.Value) { |