diff options
| author | Andrew Arnott <andrewarnott@gmail.com> | 2012-03-16 22:41:46 -0700 |
|---|---|---|
| committer | Andrew Arnott <andrewarnott@gmail.com> | 2012-03-16 22:41:46 -0700 |
| commit | 1068d8217e19c6ac300a1077e13c2b1dae01bc4b (patch) | |
| tree | 018d648707e90520f32f97462dbac78d12da2cb6 /samples/OAuthAuthorizationServer/Code/OAuth2AuthorizationServer.cs | |
| parent | 9f35726ca8389fb29aee849a8133e6672c4c55d6 (diff) | |
| download | DotNetOpenAuth-1068d8217e19c6ac300a1077e13c2b1dae01bc4b.zip DotNetOpenAuth-1068d8217e19c6ac300a1077e13c2b1dae01bc4b.tar.gz DotNetOpenAuth-1068d8217e19c6ac300a1077e13c2b1dae01bc4b.tar.bz2 | |
Redistributed OAuth2 code into their more specific assemblies.
Diffstat (limited to 'samples/OAuthAuthorizationServer/Code/OAuth2AuthorizationServer.cs')
| -rw-r--r-- | samples/OAuthAuthorizationServer/Code/OAuth2AuthorizationServer.cs | 17 |
1 files changed, 7 insertions, 10 deletions
diff --git a/samples/OAuthAuthorizationServer/Code/OAuth2AuthorizationServer.cs b/samples/OAuthAuthorizationServer/Code/OAuth2AuthorizationServer.cs index b837d4c..2287762 100644 --- a/samples/OAuthAuthorizationServer/Code/OAuth2AuthorizationServer.cs +++ b/samples/OAuthAuthorizationServer/Code/OAuth2AuthorizationServer.cs @@ -45,29 +45,26 @@ get { return AsymmetricTokenSigningPrivateKey; } } - public TimeSpan GetAccessTokenLifetime(IAccessTokenRequest accessTokenRequestMessage) { + public AccessTokenParameters GetAccessTokenParameters(IAccessTokenRequest accessTokenRequestMessage) { + var parameters = new AccessTokenParameters(); + // Just for the sake of the sample, we use a short-lived token. This can be useful to mitigate the security risks // of access tokens that are used over standard HTTP. // But this is just the lifetime of the access token. The client can still renew it using their refresh token until // the authorization itself expires. - TimeSpan lifetime = TimeSpan.FromMinutes(2); + parameters.AccessTokenLifetime = TimeSpan.FromMinutes(2); // Also take into account the remaining life of the authorization and artificially shorten the access token's lifetime // to account for that if necessary. //// TODO: code here - return lifetime; - } - - public RSACryptoServiceProvider GetResourceServerEncryptionKey(IAccessTokenRequest accessTokenRequestMessage) { - var resourceServerEncryptionKey = new RSACryptoServiceProvider(); - // For this sample, we assume just one resource server. // If this authorization server needs to mint access tokens for more than one resource server, // we'd look at the request message passed to us and decide which public key to return. - resourceServerEncryptionKey.ImportParameters(ResourceServerEncryptionPublicKey); + parameters.ResourceServerEncryptionKey = new RSACryptoServiceProvider(); + parameters.ResourceServerEncryptionKey.ImportParameters(ResourceServerEncryptionPublicKey); - return resourceServerEncryptionKey; + return parameters; } public IClientDescription GetClient(string clientIdentifier) { |