Merge branch 'httpclient' into OAuthSimple

author: Andrew Arnott <andrewarnott@gmail.com> 2013-03-01 21:33:22 -0800
committer: Andrew Arnott <andrewarnott@gmail.com> 2013-03-01 21:33:22 -0800
commit: d4d806fbcc1c7cdc86ec8234c5792bbaf667d5a8 (patch)
tree: 93004acbee42d003dc38674fc50826d0d440583b /samples/OAuth2ProtectedWebApi/Controllers
parent: 6204dcf07f31b78478bc1ddb55a6ca9027617b67 (diff)
parent: 74b6b4efd2be2680e3067f716829b0c9385ceebe (diff)
download: DotNetOpenAuth-d4d806fbcc1c7cdc86ec8234c5792bbaf667d5a8.zip
DotNetOpenAuth-d4d806fbcc1c7cdc86ec8234c5792bbaf667d5a8.tar.gz
DotNetOpenAuth-d4d806fbcc1c7cdc86ec8234c5792bbaf667d5a8.tar.bz2
4 files changed, 111 insertions, 0 deletions
diff --git a/samples/OAuth2ProtectedWebApi/Controllers/HomeController.cs b/samples/OAuth2ProtectedWebApi/Controllers/HomeController.cs
new file mode 100644
index 0000000..3244000
--- /dev/null
+++ b/samples/OAuth2ProtectedWebApi/Controllers/HomeController.cs
@@ -0,0 +1,13 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Web;
+using System.Web.Mvc;
+
+namespace OAuth2ProtectedWebApi.Controllers {
+	public class HomeController : Controller {
+		public ActionResult Index() {
+			return View();
+		}
+	}
+}
diff --git a/samples/OAuth2ProtectedWebApi/Controllers/TokenController.cs b/samples/OAuth2ProtectedWebApi/Controllers/TokenController.cs
new file mode 100644
index 0000000..2e2873a
--- /dev/null
+++ b/samples/OAuth2ProtectedWebApi/Controllers/TokenController.cs
@@ -0,0 +1,19 @@
+namespace OAuth2ProtectedWebApi.Controllers {
+	using System;
+	using System.Collections.Generic;
+	using System.Linq;
+	using System.Net;
+	using System.Net.Http;
+	using System.Threading.Tasks;
+	using System.Web.Http;
+
+	using DotNetOpenAuth.OAuth2;
+
+	public class TokenController : ApiController {
+		// POST /api/token
+		public Task<HttpResponseMessage> Post(HttpRequestMessage request) {
+			var authServer = new AuthorizationServer(new AuthorizationServerHost());
+			return authServer.HandleTokenRequestAsync(request);
+		}
+	}
+}
+\ No newline at end of file
diff --git a/samples/OAuth2ProtectedWebApi/Controllers/UserController.cs b/samples/OAuth2ProtectedWebApi/Controllers/UserController.cs
new file mode 100644
index 0000000..c65258f
--- /dev/null
+++ b/samples/OAuth2ProtectedWebApi/Controllers/UserController.cs
@@ -0,0 +1,46 @@
+namespace OAuth2ProtectedWebApi.Controllers {
+	using System;
+	using System.Collections.Generic;
+	using System.Linq;
+	using System.Net.Http;
+	using System.Security.Principal;
+	using System.Threading.Tasks;
+	using System.Web;
+	using System.Web.Mvc;
+
+	using DotNetOpenAuth.Messaging;
+	using DotNetOpenAuth.OAuth2;
+	using DotNetOpenAuth.OAuth2.Messages;
+	using OAuth2ProtectedWebApi.Code;
+
+	// [Authorize]
+	public class UserController : Controller {
+		[HttpGet]
+		[HttpHeader("x-frame-options", "SAMEORIGIN")] // mitigates clickjacking
+		public async Task<ActionResult> Authorize() {
+			var authServer = new AuthorizationServer(new AuthorizationServerHost());
+			var authRequest = await authServer.ReadAuthorizationRequestAsync(this.Request);
+			this.ViewData["scope"] = authRequest.Scope;
+			this.ViewData["request"] = this.Request.Url;
+			return View();
+		}
+
+		[HttpPost, ValidateAntiForgeryToken]
+		public async Task<ActionResult> Respond(string request, bool approval) {
+			System.Web.HttpContext.Current.User = new GenericPrincipal(new GenericIdentity("Andrew"), new string[0]);
+			var authServer = new AuthorizationServer(new AuthorizationServerHost());
+			var httpInfo = HttpRequestInfo.Create(HttpMethod.Get.Method, new Uri(request));
+			var authRequest = await authServer.ReadAuthorizationRequestAsync(httpInfo);
+			IProtocolMessage responseMessage;
+			if (approval) {
+				responseMessage = authServer.PrepareApproveAuthorizationRequest(
+					authRequest, this.User.Identity.Name, authRequest.Scope);
+			} else {
+				responseMessage = authServer.PrepareRejectAuthorizationRequest(authRequest);
+			}
+
+			var response = await authServer.Channel.PrepareResponseAsync(responseMessage);
+			return response.AsActionResult();
+		}
+	}
+}
diff --git a/samples/OAuth2ProtectedWebApi/Controllers/ValuesController.cs b/samples/OAuth2ProtectedWebApi/Controllers/ValuesController.cs
new file mode 100644
index 0000000..601d26e
--- /dev/null
+++ b/samples/OAuth2ProtectedWebApi/Controllers/ValuesController.cs
@@ -0,0 +1,33 @@
+namespace OAuth2ProtectedWebApi.Controllers {
+	using System;
+	using System.Collections.Generic;
+	using System.Linq;
+	using System.Net;
+	using System.Net.Http;
+	using System.Web.Http;
+
+	[Authorize]
+	public class ValuesController : ApiController {
+		// GET api/values
+		public IEnumerable<string> Get() {
+			return new string[] { "value1", "value2" };
+		}
+
+		// GET api/values/5
+		public string Get(int id) {
+			return "value";
+		}
+
+		// POST api/values
+		public void Post([FromBody]string value) {
+		}
+
+		// PUT api/values/5
+		public void Put(int id, [FromBody]string value) {
+		}
+
+		// DELETE api/values/5
+		public void Delete(int id) {
+		}
+	}
+}
+\ No newline at end of file
author	Andrew Arnott <andrewarnott@gmail.com>	2013-03-01 21:33:22 -0800
committer	Andrew Arnott <andrewarnott@gmail.com>	2013-03-01 21:33:22 -0800
commit	d4d806fbcc1c7cdc86ec8234c5792bbaf667d5a8 (patch)
tree	93004acbee42d003dc38674fc50826d0d440583b /samples/OAuth2ProtectedWebApi/Controllers
parent	6204dcf07f31b78478bc1ddb55a6ca9027617b67 (diff)
parent	74b6b4efd2be2680e3067f716829b0c9385ceebe (diff)
download	DotNetOpenAuth-d4d806fbcc1c7cdc86ec8234c5792bbaf667d5a8.zip DotNetOpenAuth-d4d806fbcc1c7cdc86ec8234c5792bbaf667d5a8.tar.gz DotNetOpenAuth-d4d806fbcc1c7cdc86ec8234c5792bbaf667d5a8.tar.bz2