diff options
| author | Andrew Arnott <andrewarnott@gmail.com> | 2010-02-04 16:50:39 -0800 |
|---|---|---|
| committer | Andrew Arnott <andrewarnott@gmail.com> | 2010-02-04 16:50:39 -0800 |
| commit | 371edfd922629af90b1266b56e1516e170d6d219 (patch) | |
| tree | 5e4d7a048c23a4ec710e3ac43dcd1e76a36ecf23 | |
| parent | 836364e9644f3c69744080430dc70c65783851a5 (diff) | |
| download | DotNetOpenAuth-371edfd922629af90b1266b56e1516e170d6d219.zip DotNetOpenAuth-371edfd922629af90b1266b56e1516e170d6d219.tar.gz DotNetOpenAuth-371edfd922629af90b1266b56e1516e170d6d219.tar.bz2 | |
Lots of work to catch up on the OAuth WRAP spec.
18 files changed, 209 insertions, 157 deletions
diff --git a/src/DotNetOpenAuth/DotNetOpenAuth.csproj b/src/DotNetOpenAuth/DotNetOpenAuth.csproj index fec065d..d1d6bd9 100644 --- a/src/DotNetOpenAuth/DotNetOpenAuth.csproj +++ b/src/DotNetOpenAuth/DotNetOpenAuth.csproj @@ -224,13 +224,13 @@ http://opensource.org/licenses/ms-pl.html </Reference> </ItemGroup> <ItemGroup Condition=" '$(ClrVersion)' == '4' "> - <Reference Include="System.Web.Mvc, Version=2.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL"/> + <Reference Include="System.Web.Mvc, Version=2.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL" /> </ItemGroup> <ItemGroup Condition=" '$(ClrVersion)' != '4' "> <!-- MVC 2 can run on CLR 2 (it doesn't require CLR 4) but since MVC 2 apps tend to use type forwarding, it's a more broadly consumable idea to bind against MVC 1 for the library unless we're building on CLR 4, which will definitely have MVC 2 available. --> - <Reference Include="System.Web.Mvc, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL"/> + <Reference Include="System.Web.Mvc, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL" /> </ItemGroup> <ItemGroup> <Compile Include="ComponentModel\ClaimTypeSuggestions.cs" /> @@ -595,7 +595,7 @@ http://opensource.org/licenses/ms-pl.html <Compile Include="OAuthWrap\Messages\AccessTokenWithConsumerNamePasswordRequest.cs" /> <Compile Include="OAuthWrap\Messages\AccessTokenWithSamlRequest.cs" /> <Compile Include="OAuthWrap\Messages\MessageBase.cs" /> - <Compile Include="OAuthWrap\Messages\AccessTokenWithDelegationCodeRequest.cs" /> + <Compile Include="OAuthWrap\Messages\AccessTokenWithVerificationCodeRequest.cs" /> <Compile Include="OAuthWrap\Messages\UserAuthorizationInUserAgentDeniedResponse.cs" /> <Compile Include="OAuthWrap\Messages\UserAuthorizationInUserAgentRequest.cs" /> <Compile Include="OAuthWrap\Messages\UserAuthorizationInUserAgentGrantedResponse.cs" /> diff --git a/src/DotNetOpenAuth/OAuthWrap/AuthorizationServerDescription.cs b/src/DotNetOpenAuth/OAuthWrap/AuthorizationServerDescription.cs index 8f8f218..7549fd0 100644 --- a/src/DotNetOpenAuth/OAuthWrap/AuthorizationServerDescription.cs +++ b/src/DotNetOpenAuth/OAuthWrap/AuthorizationServerDescription.cs @@ -24,20 +24,20 @@ namespace DotNetOpenAuth.OAuthWrap { /// <summary> /// Initializes a new instance of the <see cref="AuthorizationServerDescription"/> class. /// </summary> - /// <param name="endpointUrl">The endpoint URL of the Token Issuer.</param> + /// <param name="endpointUrl">The endpoint URL of the Authorization Server.</param> public AuthorizationServerDescription(Uri endpointUrl) : this() { this.EndpointUrl = endpointUrl; } /// <summary> - /// Gets or sets the endpoint URL of the Token Issuer. + /// Gets or sets the endpoint URL of the Authorization Server. /// </summary> /// <value>The endpoint URL.</value> public Uri EndpointUrl { get; set; } /// <summary> - /// Gets or sets the version of the OAuth WRAP protocol to use with this Token Issuer. + /// Gets or sets the version of the OAuth WRAP protocol to use with this Authorization Server. /// </summary> /// <value>The version.</value> public Version Version { get; set; } diff --git a/src/DotNetOpenAuth/OAuthWrap/ChannelElements/OAuthWrapMessageFactory.cs b/src/DotNetOpenAuth/OAuthWrap/ChannelElements/OAuthWrapMessageFactory.cs index 62cceb8..a1a26f6 100644 --- a/src/DotNetOpenAuth/OAuthWrap/ChannelElements/OAuthWrapMessageFactory.cs +++ b/src/DotNetOpenAuth/OAuthWrap/ChannelElements/OAuthWrapMessageFactory.cs @@ -37,31 +37,31 @@ namespace DotNetOpenAuth.OAuthWrap.ChannelElements { public IDirectedProtocolMessage GetNewRequestMessage(MessageReceivingEndpoint recipient, IDictionary<string, string> fields) { Version version = Protocol.DefaultVersion; - if (fields.ContainsKey(Protocol.sa_consumer_key) && fields.ContainsKey(Protocol.sa_callback)) { + if (fields.ContainsKey(Protocol.wrap_client_id) && fields.ContainsKey(Protocol.wrap_callback)) { return new UserAuthorizationInUserAgentRequest(recipient.Location, version); } - if (fields.ContainsKey(Protocol.sa_consumer_key) && fields.ContainsKey(Protocol.sa_delegation_code)) { - return new AccessTokenWithDelegationCodeRequest(recipient.Location, version); + if (fields.ContainsKey(Protocol.wrap_client_id) && fields.ContainsKey(Protocol.wrap_verification_code)) { + return new AccessTokenWithVerificationCodeRequest(recipient.Location, version); } - if (fields.ContainsKey(Protocol.sa_name)) { + if (fields.ContainsKey(Protocol.wrap_name)) { return new AccessTokenWithConsumerNamePasswordRequest(version); } - if (fields.ContainsKey(Protocol.sa_username)) { + if (fields.ContainsKey(Protocol.wrap_username)) { return new UserAuthorizationViaUsernamePasswordRequest(version); } - if (fields.ContainsKey(Protocol.sa_saml)) { + if (fields.ContainsKey(Protocol.wrap_saml)) { return new AccessTokenWithSamlRequest(version); } - if (fields.ContainsKey(Protocol.sa_delegation_code)) { + if (fields.ContainsKey(Protocol.wrap_verification_code)) { return new UserAuthorizationInUserAgentGrantedResponse(recipient.Location, version); } - if (fields.ContainsKey(Protocol.sa_error_reason)) { + if (fields.ContainsKey(Protocol.wrap_error_reason)) { return new UserAuthorizationInUserAgentDeniedResponse(recipient.Location, version); } @@ -81,9 +81,9 @@ namespace DotNetOpenAuth.OAuthWrap.ChannelElements { public IDirectResponseProtocolMessage GetNewResponseMessage(IDirectedProtocolMessage request, IDictionary<string, string> fields) { Version version = Protocol.DefaultVersion; - var accessTokenRequest = request as AccessTokenWithDelegationCodeRequest; + var accessTokenRequest = request as AccessTokenWithVerificationCodeRequest; if (accessTokenRequest != null) { - if (fields.ContainsKey(Protocol.sa_token)) { + if (fields.ContainsKey(Protocol.wrap_access_token)) { return new AccessTokenSuccessResponse(accessTokenRequest); } else { return new AccessTokenFailedResponse(accessTokenRequest); @@ -92,7 +92,7 @@ namespace DotNetOpenAuth.OAuthWrap.ChannelElements { var userAuthorization = request as UserAuthorizationViaUsernamePasswordRequest; if (userAuthorization != null) { - if (fields.ContainsKey(Protocol.sa_delegation_code)) { + if (fields.ContainsKey(Protocol.wrap_verification_code)) { return new UserAuthorizationViaUsernamePasswordSuccessResponse(userAuthorization); } else { return new UserAuthorizationViaUsernamePasswordFailedResponse(userAuthorization); diff --git a/src/DotNetOpenAuth/OAuthWrap/ConsumerBase.cs b/src/DotNetOpenAuth/OAuthWrap/ConsumerBase.cs index d45562d..cfc9657 100644 --- a/src/DotNetOpenAuth/OAuthWrap/ConsumerBase.cs +++ b/src/DotNetOpenAuth/OAuthWrap/ConsumerBase.cs @@ -19,10 +19,10 @@ namespace DotNetOpenAuth.OAuthWrap { /// <summary> /// Initializes a new instance of the <see cref="ConsumerBase"/> class. /// </summary> - /// <param name="tokenIssuer">The token issuer.</param> - protected ConsumerBase(AuthorizationServerDescription tokenIssuer) { - ErrorUtilities.VerifyArgumentNotNull(tokenIssuer, "tokenIssuer"); - this.TokenIssuer = tokenIssuer; + /// <param name="authorizationServer">The token issuer.</param> + protected ConsumerBase(AuthorizationServerDescription authorizationServer) { + ErrorUtilities.VerifyArgumentNotNull(authorizationServer, "authorizationServer"); + this.TokenIssuer = authorizationServer; } /// <summary> @@ -58,7 +58,7 @@ namespace DotNetOpenAuth.OAuthWrap { /// so that the Service Provider will allow the request through. /// </summary> /// <param name="request">The request for protected resources from the service provider.</param> - /// <param name="accessToken">The access token previously obtained from the Token Issuer.</param> + /// <param name="accessToken">The access token previously obtained from the Authorization Server.</param> public static void AuthorizeRequest(HttpWebRequest request, string accessToken) { ErrorUtilities.VerifyArgumentNotNull(request, "request"); request.Headers[HttpRequestHeader.Authorization] = Protocol.HttpAuthorizationScheme + " " + accessToken; diff --git a/src/DotNetOpenAuth/OAuthWrap/Messages/AccessTokenFailedResponse.cs b/src/DotNetOpenAuth/OAuthWrap/Messages/AccessTokenFailedResponse.cs index dc0dd97..e5c00d8 100644 --- a/src/DotNetOpenAuth/OAuthWrap/Messages/AccessTokenFailedResponse.cs +++ b/src/DotNetOpenAuth/OAuthWrap/Messages/AccessTokenFailedResponse.cs @@ -14,14 +14,14 @@ namespace DotNetOpenAuth.OAuthWrap.Messages { /// <summary> /// The direct response message that may contain the reason the access token - /// was NOT returned from the Token Issuer to the Consumer. + /// was NOT returned from the Authorization Server to the Consumer. /// </summary> internal class AccessTokenFailedResponse : MessageBase, IHttpDirectResponse { /// <summary> /// Initializes a new instance of the <see cref="AccessTokenFailedResponse"/> class. /// </summary> /// <param name="request">The request.</param> - internal AccessTokenFailedResponse(AccessTokenWithDelegationCodeRequest request) + internal AccessTokenFailedResponse(AccessTokenWithVerificationCodeRequest request) : base(request) { } @@ -44,7 +44,7 @@ namespace DotNetOpenAuth.OAuthWrap.Messages { /// The reason for the failure. Among other values, it may be <c>null</c> /// or expired_delegation_code. /// </value> - [MessagePart(Protocol.sa_error_reason, IsRequired = false, AllowEmpty = true)] + [MessagePart(Protocol.wrap_error_reason, IsRequired = false, AllowEmpty = true)] internal string ErrorReason { get; set; } } } diff --git a/src/DotNetOpenAuth/OAuthWrap/Messages/AccessTokenSuccessResponse.cs b/src/DotNetOpenAuth/OAuthWrap/Messages/AccessTokenSuccessResponse.cs index d38a2e1..9488c49 100644 --- a/src/DotNetOpenAuth/OAuthWrap/Messages/AccessTokenSuccessResponse.cs +++ b/src/DotNetOpenAuth/OAuthWrap/Messages/AccessTokenSuccessResponse.cs @@ -9,7 +9,7 @@ namespace DotNetOpenAuth.OAuthWrap.Messages { using DotNetOpenAuth.Messaging; /// <summary> - /// The direct response message that contains the access token from the Token Issuer + /// The direct response message that contains the access token from the Authorization Server /// to the Consumer. /// </summary> internal class AccessTokenSuccessResponse : MessageBase { @@ -17,7 +17,7 @@ namespace DotNetOpenAuth.OAuthWrap.Messages { /// Initializes a new instance of the <see cref="AccessTokenSuccessResponse"/> class. /// </summary> /// <param name="request">The request.</param> - internal AccessTokenSuccessResponse(AccessTokenWithDelegationCodeRequest request) + internal AccessTokenSuccessResponse(AccessTokenWithVerificationCodeRequest request) : base(request) { } @@ -33,14 +33,21 @@ namespace DotNetOpenAuth.OAuthWrap.Messages { /// Gets or sets the access token. /// </summary> /// <value>The token.</value> - [MessagePart(Protocol.sa_token, IsRequired = true, AllowEmpty = false)] - internal string Token { get; set; } + [MessagePart(Protocol.wrap_access_token, IsRequired = true, AllowEmpty = false)] + internal string AccessToken { get; set; } + + /// <summary> + /// Gets or sets the refresh token. + /// </summary> + /// <value>The token.</value> + [MessagePart(Protocol.wrap_refresh_token, IsRequired = true, AllowEmpty = false)] + internal string RefreshToken { get; set; } /// <summary> /// Gets or sets the lifetime of the access token. /// </summary> /// <value>The lifetime.</value> - [MessagePart(Protocol.sa_token_expires_in, IsRequired = false, AllowEmpty = false, Encoder = typeof(TimespanSecondsEncoder))] + [MessagePart(Protocol.wrap_access_token_expires_in, IsRequired = false, AllowEmpty = false, Encoder = typeof(TimespanSecondsEncoder))] internal TimeSpan? Lifetime { get; set; } } } diff --git a/src/DotNetOpenAuth/OAuthWrap/Messages/AccessTokenWithConsumerNamePasswordRequest.cs b/src/DotNetOpenAuth/OAuthWrap/Messages/AccessTokenWithConsumerNamePasswordRequest.cs index 605e27e..83fcd75 100644 --- a/src/DotNetOpenAuth/OAuthWrap/Messages/AccessTokenWithConsumerNamePasswordRequest.cs +++ b/src/DotNetOpenAuth/OAuthWrap/Messages/AccessTokenWithConsumerNamePasswordRequest.cs @@ -28,14 +28,14 @@ namespace DotNetOpenAuth.OAuthWrap.Messages { /// Gets or sets the account name. /// </summary> /// <value>The consumer name.</value> - [MessagePart(Protocol.sa_name, IsRequired = true, AllowEmpty = false)] + [MessagePart(Protocol.wrap_name, IsRequired = true, AllowEmpty = false)] public string Name { get; set; } /// <summary> /// Gets or sets the account password. /// </summary> /// <value>The password.</value> - [MessagePart(Protocol.sa_password, IsRequired = true, AllowEmpty = true)] + [MessagePart(Protocol.wrap_password, IsRequired = true, AllowEmpty = true)] public string Password { get; set; } } } diff --git a/src/DotNetOpenAuth/OAuthWrap/Messages/AccessTokenWithSamlRequest.cs b/src/DotNetOpenAuth/OAuthWrap/Messages/AccessTokenWithSamlRequest.cs index 1a610ed..6b19e13 100644 --- a/src/DotNetOpenAuth/OAuthWrap/Messages/AccessTokenWithSamlRequest.cs +++ b/src/DotNetOpenAuth/OAuthWrap/Messages/AccessTokenWithSamlRequest.cs @@ -28,7 +28,7 @@ namespace DotNetOpenAuth.OAuthWrap.Messages { /// Gets or sets the SAML token. /// </summary> /// <value>A SAML token serialized as an XML document.</value> - [MessagePart(Protocol.sa_saml, IsRequired = true, AllowEmpty = false)] + [MessagePart(Protocol.wrap_saml, IsRequired = true, AllowEmpty = false)] public string Saml { get; set; } /// <summary> @@ -39,7 +39,7 @@ namespace DotNetOpenAuth.OAuthWrap.Messages { /// The spec says that the SWT parameter is required for certain scenarios, /// so we mark it as optional here since the scenario may or may not apply. /// </remarks> - [MessagePart(Protocol.sa_swt, IsRequired = false, AllowEmpty = false)] + [MessagePart(Protocol.wrap_swt, IsRequired = false, AllowEmpty = false)] public string Swt { get; set; } } } diff --git a/src/DotNetOpenAuth/OAuthWrap/Messages/AccessTokenWithDelegationCodeRequest.cs b/src/DotNetOpenAuth/OAuthWrap/Messages/AccessTokenWithVerificationCodeRequest.cs index 4374657..1edbc1a 100644 --- a/src/DotNetOpenAuth/OAuthWrap/Messages/AccessTokenWithDelegationCodeRequest.cs +++ b/src/DotNetOpenAuth/OAuthWrap/Messages/AccessTokenWithVerificationCodeRequest.cs @@ -1,5 +1,5 @@ //----------------------------------------------------------------------- -// <copyright file="AccessTokenWithDelegationCodeRequest.cs" company="Andrew Arnott"> +// <copyright file="AccessTokenWithVerificationCodeRequest.cs" company="Andrew Arnott"> // Copyright (c) Andrew Arnott. All rights reserved. // </copyright> //----------------------------------------------------------------------- @@ -10,53 +10,48 @@ namespace DotNetOpenAuth.OAuthWrap.Messages { using DotNetOpenAuth.OAuthWrap.ChannelElements; /// <summary> - /// A message sent by the Consumer directly to the Token Issuer to exchange - /// the delegation code for an Access Token. + /// A message sent by the Client directly to the Authorization Server to exchange + /// the verification code for an Access Token. /// </summary> - internal class AccessTokenWithDelegationCodeRequest : MessageBase, IDirectedProtocolMessage { + internal class AccessTokenWithVerificationCodeRequest : MessageBase, IDirectedProtocolMessage { /// <summary> - /// Initializes a new instance of the <see cref="AccessTokenWithDelegationCodeRequest"/> class. + /// Initializes a new instance of the <see cref="AccessTokenWithVerificationCodeRequest"/> class. /// </summary> - /// <param name="tokenIssuer">The token issuer.</param> + /// <param name="authorizationServer">The token issuer.</param> /// <param name="version">The version.</param> - internal AccessTokenWithDelegationCodeRequest(Uri tokenIssuer, Version version) - : base(version, MessageTransport.Direct, tokenIssuer) { + internal AccessTokenWithVerificationCodeRequest(Uri authorizationServer, Version version) + : base(version, MessageTransport.Direct, authorizationServer) { this.HttpMethods = HttpDeliveryMethods.PostRequest; } /// <summary> - /// Gets or sets the consumer key. - /// </summary> - /// <value>The consumer key.</value> - [MessagePart(Protocol.sa_consumer_key, IsRequired = true, AllowEmpty = false)] - internal string ConsumerKey { get; set; } + /// Gets or sets the identifier by which this client is known to the Authorization Server. + /// <value>The client identifier.</value> + [MessagePart(Protocol.wrap_client_id, IsRequired = true, AllowEmpty = false)] + internal string ClientIdentifier { get; set; } /// <summary> - /// Gets or sets the consumer secret. + /// Gets or sets the client secret. /// </summary> - /// <value>The consumer secret.</value> - [MessagePart(Protocol.sa_consumer_secret, IsRequired = true, AllowEmpty = false)] - internal string ConsumerSecret { get; set; } + /// <value>The client secret.</value> + [MessagePart(Protocol.wrap_client_secret, IsRequired = true, AllowEmpty = false)] + internal string ClientSecret { get; set; } /// <summary> - /// Gets or sets the delegation code. + /// Gets or sets the verification code previously communicated to the Client + /// in <see cref="UserAuthorizationInUserAgentGrantedResponse.VerificationCode"/>. /// </summary> - /// <value>The delegation code.</value> - [MessagePart(Protocol.sa_delegation_code, IsRequired = true, AllowEmpty = false)] - internal string DelegationCode { get; set; } + /// <value>The verification code.</value> + [MessagePart(Protocol.wrap_verification_code, IsRequired = true, AllowEmpty = false)] + internal string VerificationCode { get; set; } /// <summary> - /// Gets or sets the callback URL. + /// Gets or sets the callback URL used in <see cref="UserAuthorizationInUserAgentRequest.Callback"/> /// </summary> /// <value> - /// An absolute URL to which the Token Issuer will redirect the User back after - /// the user has approved the authorization request. + /// The Callback URL used to obtain the Verification Code. /// </value> - /// <remarks> - /// Consumers which are unable to receive callbacks MUST use <c>null</c> to indicate it - /// will receive the Verification Code out of band. - /// </remarks> - [MessagePart(Protocol.sa_callback, IsRequired = true, AllowEmpty = false, Encoder = typeof(UriOrOutOfBandEncoding))] + [MessagePart(Protocol.wrap_callback, IsRequired = true, AllowEmpty = false)] internal Uri Callback { get; set; } /// <summary> diff --git a/src/DotNetOpenAuth/OAuthWrap/Messages/MessageBase.cs b/src/DotNetOpenAuth/OAuthWrap/Messages/MessageBase.cs index ad4612a..e3d6480 100644 --- a/src/DotNetOpenAuth/OAuthWrap/Messages/MessageBase.cs +++ b/src/DotNetOpenAuth/OAuthWrap/Messages/MessageBase.cs @@ -8,6 +8,7 @@ namespace DotNetOpenAuth.OAuthWrap.Messages { using System; using System.Collections.Generic; using DotNetOpenAuth.Messaging; + using System.Diagnostics.Contracts; /// <summary> /// A common message base class for OAuth WRAP messages. @@ -39,7 +40,7 @@ namespace DotNetOpenAuth.OAuthWrap.Messages { /// </summary> /// <param name="version">The version.</param> protected MessageBase(Version version) { - ErrorUtilities.VerifyArgumentNotNull(version, "version"); + Contract.Requires<ArgumentNullException>(version != null); this.messageTransport = MessageTransport.Direct; this.version = version; } @@ -49,7 +50,7 @@ namespace DotNetOpenAuth.OAuthWrap.Messages { /// </summary> /// <param name="request">The originating request.</param> protected MessageBase(IDirectedProtocolMessage request) { - ErrorUtilities.VerifyArgumentNotNull(request, "request"); + Contract.Requires<ArgumentNullException>(request != null); this.originatingRequest = request; this.messageTransport = MessageTransport.Direct; this.version = request.Version; @@ -63,8 +64,8 @@ namespace DotNetOpenAuth.OAuthWrap.Messages { /// <param name="messageTransport">The message transport.</param> /// <param name="recipient">The recipient.</param> protected MessageBase(Version version, MessageTransport messageTransport, Uri recipient) { - ErrorUtilities.VerifyArgumentNotNull(version, "version"); - ErrorUtilities.VerifyArgumentNotNull(recipient, "recipient"); + Contract.Requires<ArgumentNullException>(version != null); + Contract.Requires<ArgumentNullException>(recipient != null); this.version = version; this.messageTransport = messageTransport; diff --git a/src/DotNetOpenAuth/OAuthWrap/Messages/UserAuthorizationInUserAgentDeniedResponse.cs b/src/DotNetOpenAuth/OAuthWrap/Messages/UserAuthorizationInUserAgentDeniedResponse.cs index 44268c5..b6e46c9 100644 --- a/src/DotNetOpenAuth/OAuthWrap/Messages/UserAuthorizationInUserAgentDeniedResponse.cs +++ b/src/DotNetOpenAuth/OAuthWrap/Messages/UserAuthorizationInUserAgentDeniedResponse.cs @@ -7,9 +7,10 @@ namespace DotNetOpenAuth.OAuthWrap.Messages { using System; using DotNetOpenAuth.Messaging; + using System.Diagnostics.Contracts; /// <summary> - /// The message the Token Issuer MAY use to send the user back to the Consumer + /// The message the Authorization Server MAY use to send the user back to the Consumer /// following the user's denial to grant Consumer with authorization of /// access to requested resources. /// </summary> @@ -17,28 +18,30 @@ namespace DotNetOpenAuth.OAuthWrap.Messages { /// <summary> /// A constant parameter that indicates the user refused to grant the requested authorization. /// </summary> - [MessagePart(Protocol.sa_error_reason, IsRequired = true)] - private const string ErrorReason = Protocol.sa_error_reason_denied; + [MessagePart(Protocol.wrap_error_reason, IsRequired = true)] + private const string ErrorReason = Protocol.wrap_error_reason_denied; /// <summary> /// Initializes a new instance of the <see cref="UserAuthorizationInUserAgentDeniedResponse"/> class. /// </summary> - /// <param name="consumerCallback">The recipient of the message.</param> + /// <param name="clientCallback">The recipient of the message.</param> /// <param name="version">The version.</param> - internal UserAuthorizationInUserAgentDeniedResponse(Uri consumerCallback, Version version) : - base(version, MessageTransport.Indirect, consumerCallback) { + internal UserAuthorizationInUserAgentDeniedResponse(Uri clientCallback, Version version) : + base(version, MessageTransport.Indirect, clientCallback) { + Contract.Requires<ArgumentNullException>(version != null); + Contract.Requires<ArgumentNullException>(clientCallback != null); } /// <summary> - /// Gets or sets the state of the consumer. + /// Gets or sets the state of the client that was supplied to the Authorization Server. /// </summary> /// <value> - /// An opaque value that Consumers can use to maintain state associated with this request. + /// An opaque value that Clients can use to maintain state associated with the authorization request. /// </value> /// <remarks> - /// If this value is present, the Token Issuer MUST return it to the Consumer's callback URL. + /// If this value is present, the Authorization Server MUST return it to the Client's callback URL. /// </remarks> - [MessagePart(Protocol.sa_consumer_state, IsRequired = false, AllowEmpty = true)] - public string ConsumerState { get; set; } + [MessagePart(Protocol.wrap_client_state, IsRequired = false, AllowEmpty = true)] + public string ClientState { get; set; } } } diff --git a/src/DotNetOpenAuth/OAuthWrap/Messages/UserAuthorizationInUserAgentGrantedResponse.cs b/src/DotNetOpenAuth/OAuthWrap/Messages/UserAuthorizationInUserAgentGrantedResponse.cs index ae43d5c..f89f4b7 100644 --- a/src/DotNetOpenAuth/OAuthWrap/Messages/UserAuthorizationInUserAgentGrantedResponse.cs +++ b/src/DotNetOpenAuth/OAuthWrap/Messages/UserAuthorizationInUserAgentGrantedResponse.cs @@ -7,9 +7,10 @@ namespace DotNetOpenAuth.OAuthWrap.Messages { using System; using DotNetOpenAuth.Messaging; + using System.Diagnostics.Contracts; /// <summary> - /// The message sent by the Token Issuer to the Consumer via the user agent + /// The message sent by the Authorization Server to the Consumer via the user agent /// to indicate that user authorization was granted, and to return the user /// to the Consumer where they started their experience. /// </summary> @@ -17,31 +18,32 @@ namespace DotNetOpenAuth.OAuthWrap.Messages { /// <summary> /// Initializes a new instance of the <see cref="UserAuthorizationInUserAgentGrantedResponse"/> class. /// </summary> - /// <param name="consumerCallback">The consumer callback.</param> + /// <param name="clientCallback">The client callback.</param> /// <param name="version">The protocol version.</param> - internal UserAuthorizationInUserAgentGrantedResponse(Uri consumerCallback, Version version) - : base(version, MessageTransport.Indirect, consumerCallback) { + internal UserAuthorizationInUserAgentGrantedResponse(Uri clientCallback, Version version) + : base(version, MessageTransport.Indirect, clientCallback) { + Contract.Requires<ArgumentNullException>(version != null); + Contract.Requires<ArgumentNullException>(clientCallback != null); } /// <summary> - /// Gets or sets the delegation code. + /// Gets or sets the verification code. /// </summary> /// <value> - /// The long-lived credential assigned by the Token Issuer to this Consumer for + /// The long-lived credential assigned by the Authorization Server to this Consumer for /// use in accessing the authorizing user's protected resources. /// </value> - [MessagePart(Protocol.sa_delegation_code, IsRequired = true, AllowEmpty = true)] - internal string DelegationCode { get; set; } + [MessagePart(Protocol.wrap_verification_code, IsRequired = true, AllowEmpty = true)] + internal string VerificationCode { get; set; } /// <summary> - /// Gets or sets the state of the consumer as provided by the consumer in the - /// authorization request. + /// Gets or sets some state as provided by the client in the authorization request. /// </summary> - /// <value>The state of the consumer.</value> + /// <value>An opaque value defined by the client.</value> /// <remarks> - /// REQUIRED if the Consumer sent the value in the <see cref="UserAuthorizationRequestInUserAgentRequest"/>. + /// REQUIRED if the Client sent the value in the <see cref="UserAuthorizationRequestInUserAgentRequest"/>. /// </remarks> - [MessagePart(Protocol.sa_consumer_state, IsRequired = false, AllowEmpty = true)] - internal string ConsumerState { get; set; } + [MessagePart(Protocol.wrap_client_state, IsRequired = false, AllowEmpty = true)] + internal string ClientState { get; set; } } } diff --git a/src/DotNetOpenAuth/OAuthWrap/Messages/UserAuthorizationInUserAgentRequest.cs b/src/DotNetOpenAuth/OAuthWrap/Messages/UserAuthorizationInUserAgentRequest.cs index 7e5191f..1199e4c 100644 --- a/src/DotNetOpenAuth/OAuthWrap/Messages/UserAuthorizationInUserAgentRequest.cs +++ b/src/DotNetOpenAuth/OAuthWrap/Messages/UserAuthorizationInUserAgentRequest.cs @@ -18,43 +18,49 @@ namespace DotNetOpenAuth.OAuthWrap.Messages { /// <summary> /// Initializes a new instance of the <see cref="UserAuthorizationInUserAgentRequest"/> class. /// </summary> - /// <param name="tokenIssuer">The token issuer URL to direct the user to.</param> + /// <param name="authorizationServer">The token issuer URL to direct the user to.</param> /// <param name="version">The protocol version.</param> - public UserAuthorizationInUserAgentRequest(Uri tokenIssuer, Version version) - : base(version, MessageTransport.Indirect, tokenIssuer) { + public UserAuthorizationInUserAgentRequest(Uri authorizationServer, Version version) + : base(version, MessageTransport.Indirect, authorizationServer) { } /// <summary> - /// Gets or sets the consumer key. + /// Gets or sets the identifier by which this client is known to the Authorization Server. /// </summary> - /// <value>The consumer key.</value> - [MessagePart(Protocol.sa_consumer_key, IsRequired = true, AllowEmpty = false)] - public string ConsumerKey { get; set; } + [MessagePart(Protocol.wrap_client_id, IsRequired = true, AllowEmpty = false)] + public string ClientIdentifier { get; set; } /// <summary> /// Gets or sets the callback URL. /// </summary> /// <value> - /// An absolute URL to which the Token Issuer will redirect the User back after + /// An absolute URL to which the Authorization Server will redirect the User back after /// the user has approved the authorization request. /// </value> /// <remarks> - /// Consumers which are unable to receive callbacks MUST use <c>null</c> to indicate it - /// will receive the Delegation Code out of band. + /// Authorization Servers MAY require that the wrap_callback URL match the previously + /// registered value for the Client Identifier. /// </remarks> - [MessagePart(Protocol.sa_callback, IsRequired = true, AllowEmpty = false, Encoder = typeof(UriOrOutOfBandEncoding))] + [MessagePart(Protocol.wrap_callback, IsRequired = true, AllowEmpty = false)] public Uri Callback { get; set; } /// <summary> - /// Gets or sets the state of the consumer. + /// Gets or sets state of the client that should be sent back with the authorization response. /// </summary> /// <value> - /// An opaque value that Consumers can use to maintain state associated with this request. + /// An opaque value that Clients can use to maintain state associated with this request. /// </value> /// <remarks> - /// If this value is present, the Token Issuer MUST return it to the Consumer's callback URL. + /// If this value is present, the Authorization Server MUST return it to the Client's Callback URL. /// </remarks> - [MessagePart(Protocol.sa_consumer_state, IsRequired = false, AllowEmpty = true)] - public string ConsumerState { get; set; } + [MessagePart(Protocol.wrap_client_state, IsRequired = false, AllowEmpty = true)] + public string ClientState { get; set; } + + /// <summary> + /// Gets or sets the scope. + /// </summary> + /// <value>The Authorization Server MAY define authorization scope values for the Client to include.</value> + [MessagePart(Protocol.wrap_scope, IsRequired = false, AllowEmpty = true)] + public string Scope { get; set; } } } diff --git a/src/DotNetOpenAuth/OAuthWrap/Messages/UserAuthorizationViaUsernamePasswordFailedResponse.cs b/src/DotNetOpenAuth/OAuthWrap/Messages/UserAuthorizationViaUsernamePasswordFailedResponse.cs index 4a6fdf4..533ad2d 100644 --- a/src/DotNetOpenAuth/OAuthWrap/Messages/UserAuthorizationViaUsernamePasswordFailedResponse.cs +++ b/src/DotNetOpenAuth/OAuthWrap/Messages/UserAuthorizationViaUsernamePasswordFailedResponse.cs @@ -13,7 +13,7 @@ namespace DotNetOpenAuth.OAuthWrap.Messages { using DotNetOpenAuth.Messaging; /// <summary> - /// A response from the Token Issuer to the Consumer to indicate that a + /// A response from the Authorization Server to the Consumer to indicate that a /// request for a delegation code failed, probably due to an invalid /// username and password. /// </summary> @@ -45,7 +45,7 @@ namespace DotNetOpenAuth.OAuthWrap.Messages { /// The reason for the failure. Among other values, it may be <c>null</c> /// or invalid_user_credentials. /// </value> - [MessagePart(Protocol.sa_error_reason, IsRequired = false, AllowEmpty = true)] + [MessagePart(Protocol.wrap_error_reason, IsRequired = false, AllowEmpty = true)] internal string ErrorReason { get; set; } } } diff --git a/src/DotNetOpenAuth/OAuthWrap/Messages/UserAuthorizationViaUsernamePasswordRequest.cs b/src/DotNetOpenAuth/OAuthWrap/Messages/UserAuthorizationViaUsernamePasswordRequest.cs index cf01940..34a804e 100644 --- a/src/DotNetOpenAuth/OAuthWrap/Messages/UserAuthorizationViaUsernamePasswordRequest.cs +++ b/src/DotNetOpenAuth/OAuthWrap/Messages/UserAuthorizationViaUsernamePasswordRequest.cs @@ -32,28 +32,28 @@ namespace DotNetOpenAuth.OAuthWrap.Messages { /// Gets or sets the consumer key. /// </summary> /// <value>The consumer key.</value> - [MessagePart(Protocol.sa_consumer_key, IsRequired = true, AllowEmpty = false)] - internal string ConsumerKey { get; set; } + [MessagePart(Protocol.wrap_client_id, IsRequired = true, AllowEmpty = false)] + internal string ClientIdentifier { get; set; } /// <summary> /// Gets or sets the consumer secret. /// </summary> /// <value>The consumer secret.</value> - [MessagePart(Protocol.sa_consumer_secret, IsRequired = true, AllowEmpty = false)] - internal string ConsumerSecret { get; set; } + [MessagePart(Protocol.wrap_client_secret, IsRequired = true, AllowEmpty = false)] + internal string ClientSecret { get; set; } /// <summary> /// Gets or sets the username. /// </summary> /// <value>The name of the user.</value> - [MessagePart(Protocol.sa_username, IsRequired = true, AllowEmpty = false)] + [MessagePart(Protocol.wrap_username, IsRequired = true, AllowEmpty = false)] internal string UserName { get; set; } /// <summary> /// Gets or sets the user's password. /// </summary> /// <value>The password.</value> - [MessagePart(Protocol.sa_password, IsRequired = true, AllowEmpty = false)] + [MessagePart(Protocol.wrap_password, IsRequired = true, AllowEmpty = false)] internal string Password { get; set; } /// <summary> diff --git a/src/DotNetOpenAuth/OAuthWrap/Messages/UserAuthorizationViaUsernamePasswordSuccessResponse.cs b/src/DotNetOpenAuth/OAuthWrap/Messages/UserAuthorizationViaUsernamePasswordSuccessResponse.cs index 11c9a20..5e4e530 100644 --- a/src/DotNetOpenAuth/OAuthWrap/Messages/UserAuthorizationViaUsernamePasswordSuccessResponse.cs +++ b/src/DotNetOpenAuth/OAuthWrap/Messages/UserAuthorizationViaUsernamePasswordSuccessResponse.cs @@ -12,7 +12,7 @@ namespace DotNetOpenAuth.OAuthWrap.Messages { using DotNetOpenAuth.Messaging; /// <summary> - /// A response from the Token Issuer to the Consumer containing a delegation code + /// A response from the Authorization Server to the Consumer containing a delegation code /// that the Consumer should use to obtain an access token. /// </summary> internal class UserAuthorizationViaUsernamePasswordSuccessResponse : MessageBase { @@ -25,13 +25,13 @@ namespace DotNetOpenAuth.OAuthWrap.Messages { } /// <summary> - /// Gets or sets the delegation code. + /// Gets or sets the verification code. /// </summary> /// <value> - /// The long-lived credential assigned by the Token Issuer to this Consumer for + /// The long-lived credential assigned by the Authorization Server to this Consumer for /// use in accessing the authorizing user's protected resources. /// </value> - [MessagePart(Protocol.sa_delegation_code, IsRequired = true, AllowEmpty = true)] - internal string DelegationCode { get; set; } + [MessagePart(Protocol.wrap_verification_code, IsRequired = true, AllowEmpty = true)] + internal string VerificationCode { get; set; } } } diff --git a/src/DotNetOpenAuth/OAuthWrap/Protocol.cs b/src/DotNetOpenAuth/OAuthWrap/Protocol.cs index 59d77c1..4adf78c 100644 --- a/src/DotNetOpenAuth/OAuthWrap/Protocol.cs +++ b/src/DotNetOpenAuth/OAuthWrap/Protocol.cs @@ -23,54 +23,64 @@ namespace DotNetOpenAuth.OAuthWrap { internal static readonly Version V10 = new Version(1, 0); /// <summary> - /// The HTTP authorization scheme "SimpleAPIAuth"; + /// The HTTP authorization scheme "WRAP"; /// </summary> - internal const string HttpAuthorizationScheme = "SimpleAPIAuth"; + internal const string HttpAuthorizationScheme = "WRAP"; /// <summary> - /// The "sa_consumer_state" string. + /// The "wrap_client_state" string. /// </summary> - internal const string sa_consumer_state = "sa_consumer_state"; + internal const string wrap_client_state = "wrap_client_state"; /// <summary> - /// The "sa_callback" string. + /// The "wrap_callback" string. /// </summary> - internal const string sa_callback = "sa_callback"; + internal const string wrap_callback = "wrap_callback"; /// <summary> - /// The "sa_consumer_key" string. + /// The "wrap_client_id" string. /// </summary> - internal const string sa_consumer_key = "sa_consumer_key"; + internal const string wrap_client_id = "wrap_client_id"; /// <summary> - /// The "sa_consumer_secret" string. + /// The "wrap_scope" string. /// </summary> - internal const string sa_consumer_secret = "sa_consumer_secret"; + internal const string wrap_scope = "wrap_scope"; /// <summary> - /// The "sa_delegation_code" string. + /// The "wrap_client_secret" string. /// </summary> - internal const string sa_delegation_code = "sa_delegation_code"; + internal const string wrap_client_secret = "wrap_client_secret"; /// <summary> - /// The "sa_error_reason" string. + /// The "wrap_verification_code" string. /// </summary> - internal const string sa_error_reason = "sa_error_reason"; + internal const string wrap_verification_code = "wrap_verification_code"; + + /// <summary> + /// The "wrap_error_reason" string. + /// </summary> + internal const string wrap_error_reason = "wrap_error_reason"; /// <summary> /// The "user_denied" string. /// </summary> - internal const string sa_error_reason_denied = "user_denied"; + internal const string wrap_error_reason_denied = "user_denied"; + + /// <summary> + /// The "wrap_access_token" string. + /// </summary> + internal const string wrap_access_token = "wrap_access_token"; /// <summary> - /// The "sa_token" string. + /// The "wrap_refresh_token" string. /// </summary> - internal const string sa_token = "sa_token"; + internal const string wrap_refresh_token = "wrap_refresh_token"; /// <summary> - /// The "sa_token_expires_in" string. + /// The "wrap_access_token_expires_in" string. /// </summary> - internal const string sa_token_expires_in = "sa_token_expires_in"; + internal const string wrap_access_token_expires_in = "wrap_access_token_expires_in"; /// <summary> /// The "expired_delegation_code" string. @@ -78,28 +88,28 @@ namespace DotNetOpenAuth.OAuthWrap { internal const string expired_delegation_code = "expired_delegation_code"; /// <summary> - /// The "sa_username" string. + /// The "wrap_username" string. /// </summary> - internal const string sa_username = "sa_username"; + internal const string wrap_username = "wrap_username"; /// <summary> - /// The "sa_password" string. + /// The "wrap_password" string. /// </summary> - internal const string sa_password = "sa_password"; + internal const string wrap_password = "wrap_password"; /// <summary> - /// The "sa_name" string. + /// The "wrap_name" string. /// </summary> - internal const string sa_name = "sa_name"; + internal const string wrap_name = "wrap_name"; /// <summary> - /// The "sa_SAML" string. + /// The "wrap_SAML" string. /// </summary> - internal const string sa_saml = "sa_SAML"; + internal const string wrap_saml = "wrap_SAML"; /// <summary> - /// The "sa_SWT" string. + /// The "wrap_SWT" string. /// </summary> - internal const string sa_swt = "sa_SWT"; + internal const string wrap_swt = "wrap_SWT"; } } diff --git a/src/DotNetOpenAuth/OAuthWrap/WebConsumer.cs b/src/DotNetOpenAuth/OAuthWrap/WebConsumer.cs index 3470b62..fbba0f8 100644 --- a/src/DotNetOpenAuth/OAuthWrap/WebConsumer.cs +++ b/src/DotNetOpenAuth/OAuthWrap/WebConsumer.cs @@ -11,6 +11,8 @@ namespace DotNetOpenAuth.OAuthWrap { using System.Text; using DotNetOpenAuth.Messaging; using DotNetOpenAuth.OAuthWrap.Messages; + using System.Diagnostics.Contracts; + using System.Web; /// <summary> /// An OAuth WRAP consumer designed for web applications. @@ -19,9 +21,9 @@ namespace DotNetOpenAuth.OAuthWrap { /// <summary> /// Initializes a new instance of the <see cref="WebConsumer"/> class. /// </summary> - /// <param name="tokenIssuer">The token issuer.</param> - public WebConsumer(AuthorizationServerDescription tokenIssuer) - : base(tokenIssuer) { + /// <param name="authorizationServer">The token issuer.</param> + public WebConsumer(AuthorizationServerDescription authorizationServer) + : base(authorizationServer) { } /// <summary> @@ -40,10 +42,36 @@ namespace DotNetOpenAuth.OAuthWrap { : base(tokenIssuerEndpoint) { } - public UserAuthorizationInUserAgentRequest PrepareRequestUserAuthorization(string consumerKey) { - var request = new UserAuthorizationInUserAgentRequest(this.TokenIssuer.EndpointUrl, this.TokenIssuer.Version); - request.ConsumerKey = consumerKey; - request.Callback = this.Channel.GetRequestFromContext().UrlBeforeRewriting; + /// <summary> + /// Gets or sets the identifier by which this client is known to the Authorization Server. + /// </summary> + public string ClientIdentifier { get; set; } + + /// <summary> + /// Gets or sets the client secret shared with the Authorization Server. + /// </summary> + public string ClientSecret { get; set; } + + public UserAuthorizationInUserAgentRequest PrepareRequestUserAuthorization() { + Contract.Requires<InvalidOperationException>(HttpContext.Current != null && HttpContext.Current.Request != null, MessagingStrings.HttpContextRequired); + Contract.Requires<InvalidOperationException>(!string.IsNullOrEmpty(this.ClientIdentifier)); + Contract.Ensures(Contract.Result<UserAuthorizationInUserAgentRequest>() != null); + Contract.Ensures(Contract.Result<UserAuthorizationInUserAgentRequest>().ClientIdentifier == this.ClientIdentifier); + + return this.PrepareRequestUserAuthorization(this.Channel.GetRequestFromContext().UrlBeforeRewriting); + } + + public UserAuthorizationInUserAgentRequest PrepareRequestUserAuthorization(Uri callback) { + Contract.Requires<ArgumentNullException>(callback != null); + Contract.Requires<InvalidOperationException>(!string.IsNullOrEmpty(this.ClientIdentifier)); + Contract.Ensures(Contract.Result<UserAuthorizationInUserAgentRequest>() != null); + Contract.Ensures(Contract.Result<UserAuthorizationInUserAgentRequest>().Callback == callback); + Contract.Ensures(Contract.Result<UserAuthorizationInUserAgentRequest>().ClientIdentifier == this.ClientIdentifier); + + var request = new UserAuthorizationInUserAgentRequest(this.TokenIssuer.EndpointUrl, this.TokenIssuer.Version) { + ClientIdentifier = this.ClientIdentifier, + Callback = callback, + }; return request; } |