diff options
| author | Andrew Arnott <andrewarnott@gmail.com> | 2012-05-29 18:00:36 -0700 |
|---|---|---|
| committer | Andrew Arnott <andrewarnott@gmail.com> | 2012-05-29 18:00:36 -0700 |
| commit | 1c0bac40d9f9a8daf01e9b762d7aaceb94aa670a (patch) | |
| tree | 668ce6724fa1101c300cfb0960c2e1e895d0edbf /projecttemplates/RelyingPartyLogic/OAuthAuthorizationServer.cs | |
| parent | 7f61a61f4e9073af1f62f15f08e8f0893bffee5e (diff) | |
| download | DotNetOpenAuth-1c0bac40d9f9a8daf01e9b762d7aaceb94aa670a.zip DotNetOpenAuth-1c0bac40d9f9a8daf01e9b762d7aaceb94aa670a.tar.gz DotNetOpenAuth-1c0bac40d9f9a8daf01e9b762d7aaceb94aa670a.tar.bz2 | |
Special handling for client credential grant type
Access token requests that carry client credential grants are now
specially handled and signal to the authorization server that an
authorization record should be created.
More work toward #138
Diffstat (limited to 'projecttemplates/RelyingPartyLogic/OAuthAuthorizationServer.cs')
| -rw-r--r-- | projecttemplates/RelyingPartyLogic/OAuthAuthorizationServer.cs | 25 |
1 files changed, 23 insertions, 2 deletions
diff --git a/projecttemplates/RelyingPartyLogic/OAuthAuthorizationServer.cs b/projecttemplates/RelyingPartyLogic/OAuthAuthorizationServer.cs index a5eb09c..afc652b 100644 --- a/projecttemplates/RelyingPartyLogic/OAuthAuthorizationServer.cs +++ b/projecttemplates/RelyingPartyLogic/OAuthAuthorizationServer.cs @@ -133,14 +133,35 @@ namespace RelyingPartyLogic { /// Or <c>null</c> if the return value is false. /// </param> /// <returns> - /// <c>true</c> if the given credentials are valid; otherwise, <c>false</c>. + /// <c>true</c> if the given credentials are valid and the authorization granted; otherwise, <c>false</c>. /// </returns> - /// <exception cref="NotSupportedException">May be thrown if the authorization server does not support the resource owner password credential grant type.</exception> + /// <exception cref="NotSupportedException"> + /// May be thrown if the authorization server does not support the resource owner password credential grant type. + /// </exception> public bool TryAuthorizeResourceOwnerCredentialGrant(string userName, string password, IAccessTokenRequest accessRequest, out string canonicalUserName) { // This web site delegates user authentication to OpenID Providers, and as such no users have local passwords with this server. throw new NotSupportedException(); } + /// <summary> + /// Determines whether an access token request given a client credential grant should be authorized + /// and if so records an authorization entry such that subsequent calls to <see cref="IsAuthorizationValid"/> would + /// return <c>true</c>. + /// </summary> + /// <param name="accessRequest"> + /// The access request the credentials came with. + /// This may be useful if the authorization server wishes to apply some policy based on the client that is making the request. + /// </param> + /// <returns> + /// <c>true</c> if the given credentials are valid and the authorization granted; otherwise, <c>false</c>. + /// </returns> + /// <exception cref="NotSupportedException"> + /// May be thrown if the authorization server does not support the client credential grant type. + /// </exception> + public bool TryAuthorizeClientCredentialsGrant(IAccessTokenRequest accessRequest) { + throw new NotImplementedException(); + } + #endregion public bool CanBeAutoApproved(EndUserAuthorizationRequest authorizationRequest) { |