Various fixes to the sample OAuth 2.0 Authorization Server sample.

2 files changed, 6 insertions, 1 deletions

diff --git a/samples/OAuthAuthorizationServer/Controllers/HomeController.cs b/samples/OAuthAuthorizationServer/Controllers/HomeController.cs
index 1887576..1311caa 100644
--- a/samples/OAuthAuthorizationServer/Controllers/HomeController.cs
+++ b/samples/OAuthAuthorizationServer/Controllers/HomeController.cs
@@ -4,7 +4,7 @@
 	using System.IO;
 	using System.Linq;
 	using System.Web.Mvc;
-
+	using System.Web.Security;
 	using OAuthAuthorizationServer.Code;
 
 	[HandleError]
@@ -39,6 +39,10 @@
 				});
 
 				dc.SubmitChanges();
+
+				// Force the user to log out because a new database warrants a new row in the users table, which we create
+				// when the user logs in.
+				FormsAuthentication.SignOut();
 				ViewData["Success"] = true;
 			} catch (SqlException ex) {
 				ViewData["Error"] = string.Join("<br>", ex.Errors.OfType<SqlError>().Select(er => er.Message).ToArray());
diff --git a/samples/OAuthAuthorizationServer/Controllers/OAuthController.cs b/samples/OAuthAuthorizationServer/Controllers/OAuthController.cs
index 11e7b11..fb836a6 100644
--- a/samples/OAuthAuthorizationServer/Controllers/OAuthController.cs
+++ b/samples/OAuthAuthorizationServer/Controllers/OAuthController.cs
@@ -113,6 +113,7 @@
 						User = MvcApplication.LoggedInUser,

 						CreatedOnUtc = DateTime.UtcNow,

 					});

+				MvcApplication.DataContext.SubmitChanges(); // submit now so that this new row can be retrieved later in this same HTTP request

 

 				// In this simple sample, the user either agrees to the entire scope requested by the client or none of it.  

 				// But in a real app, you could grant a reduced scope of access to the client by passing a scope parameter to this method.