diff options
| author | Andrew Arnott <andrewarnott@gmail.com> | 2010-07-18 15:22:19 -0700 |
|---|---|---|
| committer | Andrew Arnott <andrewarnott@gmail.com> | 2010-07-18 15:22:19 -0700 |
| commit | c1ed5e2627ab5b93481a795b4e5c9cd4109b65b6 (patch) | |
| tree | a7bfabe7b75111f2d9fe388b2dc3a1519e9cbb4b | |
| parent | 022490456385e67c7fffaed624529113cd3d8778 (diff) | |
| download | DotNetOpenAuth-c1ed5e2627ab5b93481a795b4e5c9cd4109b65b6.zip DotNetOpenAuth-c1ed5e2627ab5b93481a795b4e5c9cd4109b65b6.tar.gz DotNetOpenAuth-c1ed5e2627ab5b93481a795b4e5c9cd4109b65b6.tar.bz2 | |
Allowed user agents to have client secrets since they could theoretically register their own at install time.
| -rw-r--r-- | src/DotNetOpenAuth/OAuth2/ClientBase.cs | 2 | ||||
| -rw-r--r-- | src/DotNetOpenAuth/OAuth2/Messages/EndUserAuthorizationRequest.cs | 9 | ||||
| -rw-r--r-- | src/DotNetOpenAuth/OAuth2/UserAgentClient.cs | 12 | ||||
| -rw-r--r-- | src/DotNetOpenAuth/OAuth2/WebServerClient.cs | 9 |
4 files changed, 9 insertions, 23 deletions
diff --git a/src/DotNetOpenAuth/OAuth2/ClientBase.cs b/src/DotNetOpenAuth/OAuth2/ClientBase.cs index bdeab75..ec957b3 100644 --- a/src/DotNetOpenAuth/OAuth2/ClientBase.cs +++ b/src/DotNetOpenAuth/OAuth2/ClientBase.cs @@ -54,7 +54,7 @@ namespace DotNetOpenAuth.OAuth2 { /// <summary> /// Gets or sets the client secret shared with the Authorization Server. /// </summary> - protected internal string ClientSecret { get; set; } + public string ClientSecret { get; set; } /// <summary> /// Adds the necessary HTTP Authorization header to an HTTP request for protected resources diff --git a/src/DotNetOpenAuth/OAuth2/Messages/EndUserAuthorizationRequest.cs b/src/DotNetOpenAuth/OAuth2/Messages/EndUserAuthorizationRequest.cs index d870aba..108c323 100644 --- a/src/DotNetOpenAuth/OAuth2/Messages/EndUserAuthorizationRequest.cs +++ b/src/DotNetOpenAuth/OAuth2/Messages/EndUserAuthorizationRequest.cs @@ -27,7 +27,6 @@ namespace DotNetOpenAuth.OAuth2.Messages { Contract.Requires<ArgumentNullException>(authorizationEndpoint != null); Contract.Requires<ArgumentNullException>(version != null); this.HttpMethods = HttpDeliveryMethods.GetRequest; - this.ResponseType = EndUserAuthorizationResponseType.AuthorizationCode; } /// <summary> @@ -42,10 +41,14 @@ namespace DotNetOpenAuth.OAuth2.Messages { } /// <summary> - /// Gets or sets the type of the authorization that the client expects of the authorization server. + /// Gets the type of the authorization that the client expects of the authorization server. /// </summary> + /// <value>Always <see cref="EndUserAuthorizationResponseType.AuthorizationCode"/>. Other response types are not supported.</value> [MessagePart(Protocol.response_type, IsRequired = true, AllowEmpty = false, Encoder = typeof(EndUserAuthorizationResponseTypeEncoder))] - public EndUserAuthorizationResponseType ResponseType { get; set; } + public EndUserAuthorizationResponseType ResponseType + { + get { return EndUserAuthorizationResponseType.AuthorizationCode; } + } /// <summary> /// Gets or sets the identifier by which this client is known to the Authorization Server. diff --git a/src/DotNetOpenAuth/OAuth2/UserAgentClient.cs b/src/DotNetOpenAuth/OAuth2/UserAgentClient.cs index db73cd9..b848ec4 100644 --- a/src/DotNetOpenAuth/OAuth2/UserAgentClient.cs +++ b/src/DotNetOpenAuth/OAuth2/UserAgentClient.cs @@ -23,8 +23,8 @@ namespace DotNetOpenAuth.OAuth2 { /// </summary> /// <param name="authorizationServer">The token issuer.</param> /// <param name="clientIdentifier">The client identifier.</param> - public UserAgentClient(AuthorizationServerDescription authorizationServer, string clientIdentifier = null) - : base(authorizationServer, clientIdentifier) { + public UserAgentClient(AuthorizationServerDescription authorizationServer, string clientIdentifier = null, string clientSecret = null) + : base(authorizationServer, clientIdentifier, clientSecret) { } /// <summary> @@ -36,12 +36,6 @@ namespace DotNetOpenAuth.OAuth2 { Contract.Requires<ArgumentNullException>(authorizationEndpoint != null, "authorizationEndpoint"); } - // TODO: remove this. user agent clients can't keep secrets. - public new string ClientSecret { - get { return base.ClientSecret; } - set { base.ClientSecret = value; } - } - /// <summary> /// Generates a URL that the user's browser can be directed to in order to authorize /// this client to access protected data at some resource server. @@ -71,8 +65,6 @@ namespace DotNetOpenAuth.OAuth2 { ClientIdentifier = this.ClientIdentifier, Scope = authorization.Scope, Callback = authorization.Callback, - // TODO: bring back ResponseType = AccessToken, since user agents can't keep secrets, thus can't process authorization codes. - //ResponseType = EndUserAuthorizationResponseType.AccessToken, }; return this.Channel.PrepareResponse(request).GetDirectUriRequest(this.Channel); diff --git a/src/DotNetOpenAuth/OAuth2/WebServerClient.cs b/src/DotNetOpenAuth/OAuth2/WebServerClient.cs index 9b95677..061c58c 100644 --- a/src/DotNetOpenAuth/OAuth2/WebServerClient.cs +++ b/src/DotNetOpenAuth/OAuth2/WebServerClient.cs @@ -30,15 +30,6 @@ namespace DotNetOpenAuth.OAuth2 { } /// <summary> - /// Gets or sets the client secret shared with the Authorization Server. - /// </summary> - /// <value></value> - public new string ClientSecret { - get { return base.ClientSecret; } - set { base.ClientSecret = value; } - } - - /// <summary> /// Gets or sets an optional component that gives you greater control to record and influence the authorization process. /// </summary> /// <value>The authorization tracker.</value> |