diff options
| author | Andrew Arnott <andrewarnott@gmail.com> | 2009-11-13 17:04:21 -0800 |
|---|---|---|
| committer | Andrew Arnott <andrewarnott@gmail.com> | 2009-11-13 17:04:21 -0800 |
| commit | e778892f1d9bf964c30ba6a10e50aedf12c2e857 (patch) | |
| tree | 73ef8790efd0348348fb64e6cf8d438932635016 /projecttemplates/WebFormsRelyingParty/Code/OAuthAuthorizationManager.cs | |
| parent | 888abd61a54576ff244533693df77f174f03c2bb (diff) | |
| download | DotNetOpenAuth-e778892f1d9bf964c30ba6a10e50aedf12c2e857.zip DotNetOpenAuth-e778892f1d9bf964c30ba6a10e50aedf12c2e857.tar.gz DotNetOpenAuth-e778892f1d9bf964c30ba6a10e50aedf12c2e857.tar.bz2 | |
Moved all the project template logic that would be common between MVC and web forms web sites into its own library.
Diffstat (limited to 'projecttemplates/WebFormsRelyingParty/Code/OAuthAuthorizationManager.cs')
| -rw-r--r-- | projecttemplates/WebFormsRelyingParty/Code/OAuthAuthorizationManager.cs | 67 |
1 files changed, 0 insertions, 67 deletions
diff --git a/projecttemplates/WebFormsRelyingParty/Code/OAuthAuthorizationManager.cs b/projecttemplates/WebFormsRelyingParty/Code/OAuthAuthorizationManager.cs deleted file mode 100644 index 480e1b9..0000000 --- a/projecttemplates/WebFormsRelyingParty/Code/OAuthAuthorizationManager.cs +++ /dev/null @@ -1,67 +0,0 @@ -//----------------------------------------------------------------------- -// <copyright file="OAuthAuthorizationManager.cs" company="Andrew Arnott"> -// Copyright (c) Andrew Arnott. All rights reserved. -// </copyright> -//----------------------------------------------------------------------- - -namespace WebFormsRelyingParty.Code { - using System; - using System.Collections.Generic; - using System.IdentityModel.Policy; - using System.Linq; - using System.Security.Principal; - using System.ServiceModel; - using System.ServiceModel.Channels; - using System.ServiceModel.Security; - using DotNetOpenAuth; - using DotNetOpenAuth.OAuth; - - /// <summary> - /// A WCF extension to authenticate incoming messages using OAuth. - /// </summary> - public class OAuthAuthorizationManager : ServiceAuthorizationManager { - public OAuthAuthorizationManager() { - } - - protected override bool CheckAccessCore(OperationContext operationContext) { - if (!base.CheckAccessCore(operationContext)) { - return false; - } - - HttpRequestMessageProperty httpDetails = operationContext.RequestContext.RequestMessage.Properties[HttpRequestMessageProperty.Name] as HttpRequestMessageProperty; - Uri requestUri = operationContext.RequestContext.RequestMessage.Properties["OriginalHttpRequestUri"] as Uri; - ServiceProvider sp = OAuthServiceProvider.ServiceProvider; - var auth = sp.ReadProtectedResourceAuthorization(httpDetails, requestUri); - if (auth != null) { - var accessToken = Global.DataContext.IssuedToken.OfType<IssuedAccessToken>().First(token => token.Token == auth.AccessToken); - - var principal = sp.CreatePrincipal(auth); - var policy = new OAuthPrincipalAuthorizationPolicy(principal); - var policies = new List<IAuthorizationPolicy> { - policy, - }; - - var securityContext = new ServiceSecurityContext(policies.AsReadOnly()); - if (operationContext.IncomingMessageProperties.Security != null) { - operationContext.IncomingMessageProperties.Security.ServiceSecurityContext = securityContext; - } else { - operationContext.IncomingMessageProperties.Security = new SecurityMessageProperty { - ServiceSecurityContext = securityContext, - }; - } - - securityContext.AuthorizationContext.Properties["Identities"] = new List<IIdentity> { - principal.Identity, - }; - - // Only allow this method call if the access token scope permits it. - string[] scopes = accessToken.Scope.Split('|'); - if (scopes.Contains(operationContext.IncomingMessageHeaders.Action)) { - return true; - } - } - - return false; - } - } -}
\ No newline at end of file |