diff options
| author | Andrew Arnott <andrewarnott@gmail.com> | 2013-03-02 16:17:00 -0800 |
|---|---|---|
| committer | Andrew Arnott <andrewarnott@gmail.com> | 2013-03-02 16:17:00 -0800 |
| commit | 09651b96839ce22116a4047876bb5a43164c1102 (patch) | |
| tree | 6070c5be6968067f05eef42bb234c4a1af0881e1 /samples/OAuth2ProtectedWebApi | |
| parent | 15997d4073e67ead1493b4133c1858fea09620ff (diff) | |
| download | DotNetOpenAuth-09651b96839ce22116a4047876bb5a43164c1102.zip DotNetOpenAuth-09651b96839ce22116a4047876bb5a43164c1102.tar.gz DotNetOpenAuth-09651b96839ce22116a4047876bb5a43164c1102.tar.bz2 | |
Removes trivial nonce store implementation from WebAPI sample.
Diffstat (limited to 'samples/OAuth2ProtectedWebApi')
3 files changed, 5 insertions, 19 deletions
diff --git a/samples/OAuth2ProtectedWebApi/Code/AuthorizationServerHost.cs b/samples/OAuth2ProtectedWebApi/Code/AuthorizationServerHost.cs index 73c5864..3149923 100644 --- a/samples/OAuth2ProtectedWebApi/Code/AuthorizationServerHost.cs +++ b/samples/OAuth2ProtectedWebApi/Code/AuthorizationServerHost.cs @@ -12,14 +12,15 @@ public class AuthorizationServerHost : IAuthorizationServerHost { private static ICryptoKeyStore cryptoKeyStore = MemoryCryptoKeyStore.Instance; - private static INonceStore nonceStore = new MemoryNonceStore(); - public ICryptoKeyStore CryptoKeyStore { get { return cryptoKeyStore; } } public INonceStore NonceStore { - get { return nonceStore; } + get { + // Implementing a nonce store is a good idea as it mitigates replay attacks. + return null; + } } public AccessTokenResult CreateAccessToken(IAccessTokenRequest accessTokenRequestMessage) { @@ -31,7 +32,7 @@ } public IClientDescription GetClient(string clientIdentifier) { - return new ClientDescription("zzz", new Uri("http://www.microsoft.com/en-us/default.aspx"), ClientType.Confidential); + return new ClientDescription("b", new Uri("http://www.microsoft.com/en-us/default.aspx"), ClientType.Confidential); } public bool IsAuthorizationValid(IAuthorizationDescription authorization) { diff --git a/samples/OAuth2ProtectedWebApi/Code/MemoryNonceStore.cs b/samples/OAuth2ProtectedWebApi/Code/MemoryNonceStore.cs deleted file mode 100644 index 3bec259..0000000 --- a/samples/OAuth2ProtectedWebApi/Code/MemoryNonceStore.cs +++ /dev/null @@ -1,14 +0,0 @@ -namespace OAuth2ProtectedWebApi.Code { - using System; - using System.Collections.Generic; - using System.Linq; - using System.Web; - - using DotNetOpenAuth.Messaging.Bindings; - - internal class MemoryNonceStore : INonceStore { - public bool StoreNonce(string context, string nonce, DateTime timestampUtc) { - return true; - } - } -}
\ No newline at end of file diff --git a/samples/OAuth2ProtectedWebApi/OAuth2ProtectedWebApi.csproj b/samples/OAuth2ProtectedWebApi/OAuth2ProtectedWebApi.csproj index 811ba5a..321d808 100644 --- a/samples/OAuth2ProtectedWebApi/OAuth2ProtectedWebApi.csproj +++ b/samples/OAuth2ProtectedWebApi/OAuth2ProtectedWebApi.csproj @@ -129,7 +129,6 @@ <Compile Include="Code\BearerTokenHandler.cs" /> <Compile Include="Code\HttpHeaderAttribute.cs" /> <Compile Include="Code\MemoryCryptoKeyStore.cs" /> - <Compile Include="Code\MemoryNonceStore.cs" /> <Compile Include="Controllers\HomeController.cs" /> <Compile Include="Controllers\TokenController.cs" /> <Compile Include="Controllers\UserController.cs" /> |