diff options
| author | Andrew Arnott <andrewarnott@gmail.com> | 2012-03-29 09:23:04 -0700 |
|---|---|---|
| committer | Andrew Arnott <andrewarnott@gmail.com> | 2012-03-29 09:23:04 -0700 |
| commit | 64259bf9b143310c4812023880bb89674fe28806 (patch) | |
| tree | 9f65853d7dc2f1bd9444b2f21055be5ae03a91fa | |
| parent | 546235d5ef68164a53fb82a6a12239ef6184b1ed (diff) | |
| download | DotNetOpenAuth-64259bf9b143310c4812023880bb89674fe28806.zip DotNetOpenAuth-64259bf9b143310c4812023880bb89674fe28806.tar.gz DotNetOpenAuth-64259bf9b143310c4812023880bb89674fe28806.tar.bz2 | |
Moved some message validation to another binding element.
| -rw-r--r-- | src/DotNetOpenAuth.OAuth2.AuthorizationServer/DotNetOpenAuth.OAuth2.AuthorizationServer.csproj | 2 | ||||
| -rw-r--r-- | src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/AccessRequestBindingElement.cs | 10 | ||||
| -rw-r--r-- | src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/MessageValidationBindingElement.cs (renamed from src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/IncomingMessageValidationBindingElement.cs) | 13 | ||||
| -rw-r--r-- | src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/OAuth2AuthorizationServerChannel.cs | 2 |
4 files changed, 12 insertions, 15 deletions
diff --git a/src/DotNetOpenAuth.OAuth2.AuthorizationServer/DotNetOpenAuth.OAuth2.AuthorizationServer.csproj b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/DotNetOpenAuth.OAuth2.AuthorizationServer.csproj index f68e60a..2861467 100644 --- a/src/DotNetOpenAuth.OAuth2.AuthorizationServer/DotNetOpenAuth.OAuth2.AuthorizationServer.csproj +++ b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/DotNetOpenAuth.OAuth2.AuthorizationServer.csproj @@ -23,7 +23,7 @@ <Compile Include="OAuth2\ChannelElements\AccessRequestBindingElement.cs" /> <Compile Include="OAuth2\ChannelElements\AccessTokenBindingElement.cs" /> <Compile Include="OAuth2\ChannelElements\AuthorizationCode.cs" /> - <Compile Include="OAuth2\ChannelElements\IncomingMessageValidationBindingElement.cs" /> + <Compile Include="OAuth2\ChannelElements\MessageValidationBindingElement.cs" /> <Compile Include="OAuth2\ChannelElements\AuthServerBindingElementBase.cs" /> <Compile Include="OAuth2\ChannelElements\IOAuth2ChannelWithAuthorizationServer.cs" /> <Compile Include="OAuth2\ChannelElements\OAuth2AuthorizationServerChannel.cs" /> diff --git a/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/AccessRequestBindingElement.cs b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/AccessRequestBindingElement.cs index 0c0f365..14391a6 100644 --- a/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/AccessRequestBindingElement.cs +++ b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/AccessRequestBindingElement.cs @@ -50,9 +50,6 @@ namespace DotNetOpenAuth.OAuth2.ChannelElements { /// <see cref="MessagePartAttribute.RequiredProtection"/> properties where applicable. /// </remarks> public override MessageProtections? ProcessOutgoingMessage(IProtocolMessage message) { - var responseWithOriginatingRequest = message as IDirectResponseProtocolMessage; - var accessRequest = responseWithOriginatingRequest.OriginatingRequest as IAccessTokenRequestInternal; - var authCodeCarrier = message as IAuthorizationCodeCarryingRequest; if (authCodeCarrier != null) { var codeFormatter = AuthorizationCode.CreateFormatter(this.AuthorizationServer); @@ -61,13 +58,6 @@ namespace DotNetOpenAuth.OAuth2.ChannelElements { return MessageProtections.None; } - var accessTokenResponse = message as AccessTokenSuccessResponse; - if (accessTokenResponse != null) { - var directResponseMessage = (IDirectResponseProtocolMessage)accessTokenResponse; - var accessTokenRequest = (AccessTokenRequestBase)directResponseMessage.OriginatingRequest; - ErrorUtilities.VerifyProtocol(accessTokenRequest.GrantType != GrantType.ClientCredentials || accessTokenResponse.RefreshToken == null, OAuthStrings.NoGrantNoRefreshToken); - } - return null; } diff --git a/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/IncomingMessageValidationBindingElement.cs b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/MessageValidationBindingElement.cs index b23643b..46a3de2 100644 --- a/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/IncomingMessageValidationBindingElement.cs +++ b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/MessageValidationBindingElement.cs @@ -1,5 +1,5 @@ //----------------------------------------------------------------------- -// <copyright file="IncomingMessageValidationBindingElement.cs" company="Outercurve Foundation"> +// <copyright file="MessageValidationBindingElement.cs" company="Outercurve Foundation"> // Copyright (c) Outercurve Foundation. All rights reserved. // </copyright> //----------------------------------------------------------------------- @@ -14,10 +14,10 @@ namespace DotNetOpenAuth.OAuth2.ChannelElements { using Messaging; /// <summary> - /// A guard for all messages incoming to an Authorization Server to ensure that they are well formed, + /// A guard for all messages to or from an Authorization Server to ensure that they are well formed, /// have valid secrets, callback URIs, etc. /// </summary> - internal class IncomingMessageValidationBindingElement : AuthServerBindingElementBase { + internal class MessageValidationBindingElement : AuthServerBindingElementBase { /// <summary> /// Gets the protection commonly offered (if any) by this binding element. /// </summary> @@ -41,6 +41,13 @@ namespace DotNetOpenAuth.OAuth2.ChannelElements { /// <see cref="MessagePartAttribute.RequiredProtection"/> properties where applicable. /// </remarks> public override MessageProtections? ProcessOutgoingMessage(IProtocolMessage message) { + var accessTokenResponse = message as AccessTokenSuccessResponse; + if (accessTokenResponse != null) { + var directResponseMessage = (IDirectResponseProtocolMessage)accessTokenResponse; + var accessTokenRequest = (AccessTokenRequestBase)directResponseMessage.OriginatingRequest; + ErrorUtilities.VerifyProtocol(accessTokenRequest.GrantType != GrantType.ClientCredentials || accessTokenResponse.RefreshToken == null, OAuthStrings.NoGrantNoRefreshToken); + } + return null; } diff --git a/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/OAuth2AuthorizationServerChannel.cs b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/OAuth2AuthorizationServerChannel.cs index dc05fea..ff12ca1 100644 --- a/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/OAuth2AuthorizationServerChannel.cs +++ b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/OAuth2AuthorizationServerChannel.cs @@ -113,7 +113,7 @@ namespace DotNetOpenAuth.OAuth2.ChannelElements { Requires.NotNull(authorizationServer, "authorizationServer"); var bindingElements = new List<IChannelBindingElement>(); - bindingElements.Add(new IncomingMessageValidationBindingElement()); + bindingElements.Add(new MessageValidationBindingElement()); bindingElements.Add(new AccessTokenBindingElement()); bindingElements.Add(new AccessRequestBindingElement()); |