diff options
| author | Andrew Arnott <andrewarnott@gmail.com> | 2013-06-09 17:56:16 -0700 |
|---|---|---|
| committer | Andrew Arnott <andrewarnott@gmail.com> | 2013-06-09 17:56:16 -0700 |
| commit | da9e554cd6364ac1bcf7ab23a8b5fe20e8a26192 (patch) | |
| tree | 4aaef4d9e8901d09e9f3638241645c19787fd2ec | |
| parent | ef21fed4150b6dba853f518a8467e268bb209ab7 (diff) | |
| download | DotNetOpenAuth-da9e554cd6364ac1bcf7ab23a8b5fe20e8a26192.zip DotNetOpenAuth-da9e554cd6364ac1bcf7ab23a8b5fe20e8a26192.tar.gz DotNetOpenAuth-da9e554cd6364ac1bcf7ab23a8b5fe20e8a26192.tar.bz2 | |
Fixes the OAuthServiceProvider sample issue with recognizing protected resource requests:
Expected message DotNetOpenAuth.OAuth.Messages.AccessProtectedResourceRequest but received DotNetOpenAuth.OAuth.Messages.UserAuthorizationRequest instead.
The issue was that in converting a WCF message to an HttpRequestMessage, the Authorization header was truncated (sort of), but in a way we could reassemble the original message.
| -rw-r--r-- | src/DotNetOpenAuth.Core/Messaging/MessagingUtilities.cs | 18 | ||||
| -rw-r--r-- | src/DotNetOpenAuth.OAuth/OAuth/ChannelElements/OAuthChannel.cs | 3 |
2 files changed, 20 insertions, 1 deletions
diff --git a/src/DotNetOpenAuth.Core/Messaging/MessagingUtilities.cs b/src/DotNetOpenAuth.Core/Messaging/MessagingUtilities.cs index 0ec490a..cfb9da3 100644 --- a/src/DotNetOpenAuth.Core/Messaging/MessagingUtilities.cs +++ b/src/DotNetOpenAuth.Core/Messaging/MessagingUtilities.cs @@ -1536,6 +1536,24 @@ namespace DotNetOpenAuth.Messaging { } /// <summary> + /// Reassembles multiple values in an HTTP request header as a comma-delimited list. + /// </summary> + /// <param name="headers">The headers from which to read a header.</param> + /// <param name="headerName">Name of the header to read.</param> + /// <returns>A comma-delimited list of values for the named header, or <c>null</c> if no header was included in the collection by the specified name.</returns> + internal static string GetJointValues(this System.Net.Http.Headers.HttpRequestHeaders headers, string headerName) { + Requires.NotNull(headers, "headers"); + Requires.NotNullOrEmpty(headerName, "headerName"); + + IEnumerable<string> values; + if (headers.TryGetValues(headerName, out values)) { + return string.Join(",", values); + } + + return null; + } + + /// <summary> /// Gets the URI that contains the entire payload that would be sent by the browser for the specified redirect-based request message. /// </summary> /// <param name="response">The redirecting response message.</param> diff --git a/src/DotNetOpenAuth.OAuth/OAuth/ChannelElements/OAuthChannel.cs b/src/DotNetOpenAuth.OAuth/OAuth/ChannelElements/OAuthChannel.cs index d606ff0..e68dc63 100644 --- a/src/DotNetOpenAuth.OAuth/OAuth/ChannelElements/OAuthChannel.cs +++ b/src/DotNetOpenAuth.OAuth/OAuth/ChannelElements/OAuthChannel.cs @@ -120,7 +120,8 @@ namespace DotNetOpenAuth.OAuth.ChannelElements { /// <returns>The deserialized message, if one is found. Null otherwise.</returns> protected override async Task<IDirectedProtocolMessage> ReadFromRequestCoreAsync(HttpRequestMessage request, CancellationToken cancellationToken) { // First search the Authorization header. - var authorization = request.Headers.Authorization; + AuthenticationHeaderValue authorization; + AuthenticationHeaderValue.TryParse(request.Headers.GetJointValues("Authorization"), out authorization); var fields = MessagingUtilities.ParseAuthorizationHeader(Protocol.AuthorizationHeaderScheme, authorization).ToDictionary(); fields.Remove("realm"); // ignore the realm parameter, since we don't use it, and it must be omitted from signature base string. |