summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAndrew Arnott <andrewarnott@gmail.com>2010-06-01 20:02:44 -0700
committerAndrew Arnott <andrewarnott@gmail.com>2010-06-01 20:02:44 -0700
commit85ee32b3fe7212f889d9c92c9a7fea2bd26d98aa (patch)
tree9b04a149078b45fdd73947e8430aeff0c8503f7a
parent90dbeabfba73e170360e243fee6e58576c10e11a (diff)
downloadDotNetOpenAuth-85ee32b3fe7212f889d9c92c9a7fea2bd26d98aa.zip
DotNetOpenAuth-85ee32b3fe7212f889d9c92c9a7fea2bd26d98aa.tar.gz
DotNetOpenAuth-85ee32b3fe7212f889d9c92c9a7fea2bd26d98aa.tar.bz2
Access tokens now record their own lifetimes.
Diffstat
-rw-r--r--src/DotNetOpenAuth/OAuthWrap/ChannelElements/AccessRequestBindingElement.cs6
-rw-r--r--src/DotNetOpenAuth/OAuthWrap/ChannelElements/AccessToken.cs27
-rw-r--r--src/DotNetOpenAuth/OAuthWrap/ChannelElements/DataBag.cs3
-rw-r--r--src/DotNetOpenAuth/OAuthWrap/ChannelElements/OAuthWrapAuthorizationServerChannel.cs4
-rw-r--r--src/DotNetOpenAuth/OAuthWrap/ChannelElements/RefreshToken.cs3
5 files changed, 26 insertions, 17 deletions
diff --git a/src/DotNetOpenAuth/OAuthWrap/ChannelElements/AccessRequestBindingElement.cs b/src/DotNetOpenAuth/OAuthWrap/ChannelElements/AccessRequestBindingElement.cs
index 9aa210f..ab7d999 100644
--- a/src/DotNetOpenAuth/OAuthWrap/ChannelElements/AccessRequestBindingElement.cs
+++ b/src/DotNetOpenAuth/OAuthWrap/ChannelElements/AccessRequestBindingElement.cs
@@ -25,10 +25,6 @@
get { return MessageProtections.None; }
}
- protected TimeSpan AccessTokenLifetime {
- get { return TimeSpan.FromHours(1); }
- }
-
public override MessageProtections? ProcessOutgoingMessage(IProtocolMessage message) {
var tokenRequest = message as ITokenCarryingRequest;
if (tokenRequest != null) {
@@ -53,7 +49,7 @@
tokenRequest.AuthorizationDescription = RefreshToken.Decode(this.OAuthChannel, tokenRequest.CodeOrToken, message);
break;
case CodeOrTokenType.AccessToken:
- tokenRequest.AuthorizationDescription = AccessToken.Decode(this.OAuthChannel, tokenRequest.CodeOrToken, this.AccessTokenLifetime, message);
+ tokenRequest.AuthorizationDescription = AccessToken.Decode(this.OAuthChannel, tokenRequest.CodeOrToken, message);
break;
default:
throw ErrorUtilities.ThrowInternal("Unexpected value for CodeOrTokenType: " + tokenRequest.CodeOrTokenType);
diff --git a/src/DotNetOpenAuth/OAuthWrap/ChannelElements/AccessToken.cs b/src/DotNetOpenAuth/OAuthWrap/ChannelElements/AccessToken.cs
index acdcb07..dcd12c7 100644
--- a/src/DotNetOpenAuth/OAuthWrap/ChannelElements/AccessToken.cs
+++ b/src/DotNetOpenAuth/OAuthWrap/ChannelElements/AccessToken.cs
@@ -11,18 +11,19 @@ namespace DotNetOpenAuth.OAuthWrap.ChannelElements {
using System.Linq;
using System.Text;
using DotNetOpenAuth.Messaging;
+ using DotNetOpenAuth.Messaging.Bindings;
internal class AccessToken : AuthorizationDataBag {
/// <summary>
/// Initializes a new instance of the <see cref="AccessToken"/> class.
/// </summary>
/// <param name="channel">The channel.</param>
- private AccessToken(OAuthWrapAuthorizationServerChannel channel, TimeSpan? lifetime = null)
- : base(channel, true, true, true, lifetime) {
+ private AccessToken(OAuthWrapAuthorizationServerChannel channel)
+ : base(channel, true, true, true) {
Contract.Requires<ArgumentNullException>(channel != null, "channel");
}
- internal AccessToken(OAuthWrapAuthorizationServerChannel channel, IAuthorizationDescription authorization)
+ internal AccessToken(OAuthWrapAuthorizationServerChannel channel, IAuthorizationDescription authorization, TimeSpan? lifetime)
: this(channel) {
Contract.Requires<ArgumentNullException>(channel != null, "channel");
Contract.Requires<ArgumentNullException>(authorization != null, "authorization");
@@ -31,17 +32,31 @@ namespace DotNetOpenAuth.OAuthWrap.ChannelElements {
this.UtcCreationDate = authorization.UtcIssued;
this.User = authorization.User;
this.Scope = authorization.Scope;
+ this.Lifetime = lifetime;
}
- internal static AccessToken Decode(OAuthWrapAuthorizationServerChannel channel, string value, TimeSpan lifetime, IProtocolMessage containingMessage) {
+ internal TimeSpan? Lifetime { get; set; }
+
+ internal static AccessToken Decode(OAuthWrapAuthorizationServerChannel channel, string value, IProtocolMessage containingMessage = null) {
Contract.Requires<ArgumentNullException>(channel != null, "channel");
Contract.Requires<ArgumentException>(!String.IsNullOrEmpty(value));
- Contract.Requires<ArgumentNullException>(containingMessage != null, "containingMessage");
Contract.Ensures(Contract.Result<AccessToken>() != null);
- var self = new AccessToken(channel, lifetime);
+ var self = new AccessToken(channel);
self.Decode(value, containingMessage);
return self;
}
+
+ protected override void Decode(string value, IProtocolMessage containingMessage) {
+ base.Decode(value, containingMessage);
+
+ // Has this token expired?
+ if (this.Lifetime.HasValue) {
+ DateTime expirationDate = this.UtcCreationDate + this.Lifetime.Value;
+ if (expirationDate < DateTime.UtcNow) {
+ throw new ExpiredMessageException(expirationDate, containingMessage);
+ }
+ }
+ }
}
}
diff --git a/src/DotNetOpenAuth/OAuthWrap/ChannelElements/DataBag.cs b/src/DotNetOpenAuth/OAuthWrap/ChannelElements/DataBag.cs
index e10f08c..d398685 100644
--- a/src/DotNetOpenAuth/OAuthWrap/ChannelElements/DataBag.cs
+++ b/src/DotNetOpenAuth/OAuthWrap/ChannelElements/DataBag.cs
@@ -87,9 +87,8 @@ namespace DotNetOpenAuth.OAuthWrap.ChannelElements {
return Convert.ToBase64String(encoded);
}
- protected virtual void Decode(string value, IProtocolMessage containingMessage) {
+ protected virtual void Decode(string value, IProtocolMessage containingMessage = null) {
Contract.Requires<ArgumentException>(!String.IsNullOrEmpty(value));
- Contract.Requires<ArgumentNullException>(containingMessage != null, "containingMessage");
byte[] encoded = Convert.FromBase64String(value);
diff --git a/src/DotNetOpenAuth/OAuthWrap/ChannelElements/OAuthWrapAuthorizationServerChannel.cs b/src/DotNetOpenAuth/OAuthWrap/ChannelElements/OAuthWrapAuthorizationServerChannel.cs
index 7742096..0d11e57 100644
--- a/src/DotNetOpenAuth/OAuthWrap/ChannelElements/OAuthWrapAuthorizationServerChannel.cs
+++ b/src/DotNetOpenAuth/OAuthWrap/ChannelElements/OAuthWrapAuthorizationServerChannel.cs
@@ -69,11 +69,11 @@ namespace DotNetOpenAuth.OAuthWrap.ChannelElements {
public virtual AccessTokenSuccessResponse PrepareAccessToken(IAccessTokenRequest request, TimeSpan? accessTokenLifetime = null, bool includeRefreshToken = true) {
Contract.Requires<ArgumentNullException>(request != null, "request");
- var accessToken = new AccessToken(this, request.AuthorizationDescription);
+ var accessToken = new AccessToken(this, request.AuthorizationDescription, accessTokenLifetime);
var response = new AccessTokenSuccessResponse(request) {
Scope = request.AuthorizationDescription.Scope,
AccessToken = accessToken.Encode(),
- Lifetime = accessTokenLifetime,
+ Lifetime = accessToken.Lifetime,
};
if (includeRefreshToken) {
diff --git a/src/DotNetOpenAuth/OAuthWrap/ChannelElements/RefreshToken.cs b/src/DotNetOpenAuth/OAuthWrap/ChannelElements/RefreshToken.cs
index 19b267d..33deb34 100644
--- a/src/DotNetOpenAuth/OAuthWrap/ChannelElements/RefreshToken.cs
+++ b/src/DotNetOpenAuth/OAuthWrap/ChannelElements/RefreshToken.cs
@@ -33,10 +33,9 @@ namespace DotNetOpenAuth.OAuthWrap.ChannelElements {
this.Scope = authorization.Scope;
}
- internal static RefreshToken Decode(OAuthWrapAuthorizationServerChannel channel, string value, IProtocolMessage containingMessage) {
+ internal static RefreshToken Decode(OAuthWrapAuthorizationServerChannel channel, string value, IProtocolMessage containingMessage = null) {
Contract.Requires<ArgumentNullException>(channel != null, "channel");
Contract.Requires<ArgumentException>(!String.IsNullOrEmpty(value));
- Contract.Requires<ArgumentNullException>(containingMessage != null, "containingMessage");
Contract.Ensures(Contract.Result<RefreshToken>() != null);
var self = new RefreshToken(channel);
generated by cgit v1.1 at 2025-05-21 16:45:41 +0000