diff options
| author | Richard Collette <rcollette@yahoo.com> | 2014-12-23 14:46:57 -0500 |
|---|---|---|
| committer | Richard Collette <rcollette@yahoo.com> | 2014-12-23 14:46:57 -0500 |
| commit | 761bdd66da6e9ff6412a76b4a36cb721869f48b1 (patch) | |
| tree | bf76076de5ef0fc34a3b605444ec5870fdbc3cd4 /samples/OAuthAuthorizationServer | |
| parent | 2882e4fbaedee5f7c8fa56fe97bf5f60f54430b1 (diff) | |
| download | DotNetOpenAuth-761bdd66da6e9ff6412a76b4a36cb721869f48b1.zip DotNetOpenAuth-761bdd66da6e9ff6412a76b4a36cb721869f48b1.tar.gz DotNetOpenAuth-761bdd66da6e9ff6412a76b4a36cb721869f48b1.tar.bz2 | |
Undo CodeMaid formatting
Diffstat (limited to 'samples/OAuthAuthorizationServer')
3 files changed, 38 insertions, 64 deletions
diff --git a/samples/OAuthAuthorizationServer/Controllers/AccountController.cs b/samples/OAuthAuthorizationServer/Controllers/AccountController.cs index b2c725b..f3aa873 100644 --- a/samples/OAuthAuthorizationServer/Controllers/AccountController.cs +++ b/samples/OAuthAuthorizationServer/Controllers/AccountController.cs @@ -1,47 +1,38 @@ -namespace OAuthAuthorizationServer.Controllers -{ +namespace OAuthAuthorizationServer.Controllers { + using System; + using System.Linq; + using System.Threading.Tasks; + using System.Web.Mvc; + using System.Web.Security; using DotNetOpenAuth.Messaging; using DotNetOpenAuth.OpenId; using DotNetOpenAuth.OpenId.RelyingParty; using OAuthAuthorizationServer.Code; using OAuthAuthorizationServer.Models; - using System; - using System.Linq; - using System.Threading.Tasks; - using System.Web.Mvc; - using System.Web.Security; [HandleError] - public class AccountController : Controller - { + public class AccountController : Controller { // ************************************** // URL: /Account/LogOn // ************************************** - public ActionResult LogOn() - { + public ActionResult LogOn() { return View(); } [HttpPost] - public async Task<ActionResult> LogOn(LogOnModel model, string returnUrl) - { - if (ModelState.IsValid) - { + public async Task<ActionResult> LogOn(LogOnModel model, string returnUrl) { + if (ModelState.IsValid) { var rp = new OpenIdRelyingParty(); var request = await rp.CreateRequestAsync(model.UserSuppliedIdentifier, Realm.AutoDetect, new Uri(Request.Url, Url.Action("Authenticate"))); - if (request != null) - { - if (returnUrl != null) - { + if (request != null) { + if (returnUrl != null) { request.AddCallbackArguments("returnUrl", returnUrl); } var response = await request.GetRedirectingResponseAsync(); Response.ContentType = response.Content.Headers.ContentType.ToString(); return response.AsActionResult(); - } - else - { + } else { ModelState.AddModelError(string.Empty, "The identifier you supplied is not recognized as a valid OpenID Identifier."); } } @@ -50,21 +41,16 @@ return View(model); } - public async Task<ActionResult> Authenticate(string returnUrl) - { + public async Task<ActionResult> Authenticate(string returnUrl) { var rp = new OpenIdRelyingParty(); var response = await rp.GetResponseAsync(Request); - if (response != null) - { - switch (response.Status) - { + if (response != null) { + switch (response.Status) { case AuthenticationStatus.Authenticated: // Make sure we have a user account for this guy. string identifier = response.ClaimedIdentifier; // convert to string so LinqToSQL expression parsing works. - if (MvcApplication.DataContext.Users.FirstOrDefault(u => u.OpenIDClaimedIdentifier == identifier) == null) - { - MvcApplication.DataContext.Users.InsertOnSubmit(new User - { + if (MvcApplication.DataContext.Users.FirstOrDefault(u => u.OpenIDClaimedIdentifier == identifier) == null) { + MvcApplication.DataContext.Users.InsertOnSubmit(new User { OpenIDFriendlyIdentifier = response.FriendlyIdentifierForDisplay, OpenIDClaimedIdentifier = response.ClaimedIdentifier, }); @@ -85,8 +71,7 @@ // ************************************** // URL: /Account/LogOff // ************************************** - public ActionResult LogOff() - { + public ActionResult LogOff() { FormsAuthentication.SignOut(); return RedirectToAction("Index", "Home"); diff --git a/samples/OAuthAuthorizationServer/Controllers/OAuthController.cs b/samples/OAuthAuthorizationServer/Controllers/OAuthController.cs index 3e512cb..81c73ca 100644 --- a/samples/OAuthAuthorizationServer/Controllers/OAuthController.cs +++ b/samples/OAuthAuthorizationServer/Controllers/OAuthController.cs @@ -1,26 +1,25 @@ -namespace OAuthAuthorizationServer.Controllers
-{
- using DotNetOpenAuth.Messaging;
- using DotNetOpenAuth.OAuth2;
- using OAuthAuthorizationServer.Code;
- using OAuthAuthorizationServer.Models;
+namespace OAuthAuthorizationServer.Controllers {
using System;
+ using System.Collections.Generic;
using System.Linq;
using System.Net;
+ using System.Security.Cryptography;
using System.Threading.Tasks;
using System.Web;
using System.Web.Mvc;
+ using DotNetOpenAuth.Messaging;
+ using DotNetOpenAuth.OAuth2;
+ using OAuthAuthorizationServer.Code;
+ using OAuthAuthorizationServer.Models;
- public class OAuthController : Controller
- {
+ public class OAuthController : Controller {
private readonly AuthorizationServer authorizationServer = new AuthorizationServer(new OAuth2AuthorizationServer());
/// <summary>
/// The OAuth 2.0 token endpoint.
/// </summary>
/// <returns>The response to the Client.</returns>
- public async Task<ActionResult> Token()
- {
+ public async Task<ActionResult> Token() {
var request = await this.authorizationServer.HandleTokenRequestAsync(this.Request, this.Response.ClientDisconnectedToken);
Response.ContentType = request.Content.Headers.ContentType.ToString();
return request.AsActionResult();
@@ -32,27 +31,23 @@ /// <returns>The browser HTML response that prompts the user to authorize the client.</returns>
[Authorize, AcceptVerbs(HttpVerbs.Get | HttpVerbs.Post)]
[HttpHeader("x-frame-options", "SAMEORIGIN")] // mitigates clickjacking
- public async Task<ActionResult> Authorize()
- {
+ public async Task<ActionResult> Authorize() {
var pendingRequest = await this.authorizationServer.ReadAuthorizationRequestAsync(Request, Response.ClientDisconnectedToken);
- if (pendingRequest == null)
- {
+ if (pendingRequest == null) {
throw new HttpException((int)HttpStatusCode.BadRequest, "Missing authorization request.");
}
var requestingClient = MvcApplication.DataContext.Clients.First(c => c.ClientIdentifier == pendingRequest.ClientIdentifier);
// Consider auto-approving if safe to do so.
- if (((OAuth2AuthorizationServer)this.authorizationServer.AuthorizationServerServices).CanBeAutoApproved(pendingRequest))
- {
+ if (((OAuth2AuthorizationServer)this.authorizationServer.AuthorizationServerServices).CanBeAutoApproved(pendingRequest)) {
var approval = this.authorizationServer.PrepareApproveAuthorizationRequest(pendingRequest, HttpContext.User.Identity.Name);
var response = await this.authorizationServer.Channel.PrepareResponseAsync(approval, Response.ClientDisconnectedToken);
Response.ContentType = response.Content.Headers.ContentType.ToString();
return response.AsActionResult();
}
- var model = new AccountAuthorizeModel
- {
+ var model = new AccountAuthorizeModel {
ClientApp = requestingClient.Name,
Scope = pendingRequest.Scope,
AuthorizationRequest = pendingRequest,
@@ -67,24 +62,20 @@ /// <param name="isApproved">if set to <c>true</c>, the user has authorized the Client; <c>false</c> otherwise.</param>
/// <returns>HTML response that redirects the browser to the Client.</returns>
[Authorize, HttpPost, ValidateAntiForgeryToken]
- public async Task<ActionResult> AuthorizeResponse(bool isApproved)
- {
+ public async Task<ActionResult> AuthorizeResponse(bool isApproved) {
var pendingRequest = await this.authorizationServer.ReadAuthorizationRequestAsync(Request, Response.ClientDisconnectedToken);
- if (pendingRequest == null)
- {
+ if (pendingRequest == null) {
throw new HttpException((int)HttpStatusCode.BadRequest, "Missing authorization request.");
}
IDirectedProtocolMessage response;
- if (isApproved)
- {
+ if (isApproved) {
// The authorization we file in our database lasts until the user explicitly revokes it.
// You can cause the authorization to expire by setting the ExpirationDateUTC
// property in the below created ClientAuthorization.
var client = MvcApplication.DataContext.Clients.First(c => c.ClientIdentifier == pendingRequest.ClientIdentifier);
client.ClientAuthorizations.Add(
- new ClientAuthorization
- {
+ new ClientAuthorization {
Scope = OAuthUtilities.JoinScopes(pendingRequest.Scope),
User = MvcApplication.LoggedInUser,
CreatedOnUtc = DateTime.UtcNow,
@@ -94,9 +85,7 @@ // In this simple sample, the user either agrees to the entire scope requested by the client or none of it.
// But in a real app, you could grant a reduced scope of access to the client by passing a scope parameter to this method.
response = this.authorizationServer.PrepareApproveAuthorizationRequest(pendingRequest, User.Identity.Name);
- }
- else
- {
+ } else {
response = this.authorizationServer.PrepareRejectAuthorizationRequest(pendingRequest);
}
diff --git a/samples/OAuthAuthorizationServer/Web.config b/samples/OAuthAuthorizationServer/Web.config index 419c93c..08cd69b 100644 --- a/samples/OAuthAuthorizationServer/Web.config +++ b/samples/OAuthAuthorizationServer/Web.config @@ -71,7 +71,7 @@ </log4net> <connectionStrings> - <add name="DatabaseConnectionString" connectionString="Data Source=.\SQLEXPRESS;AttachDbFilename=|DataDirectory|\Database4.mdf;Integrated Security=True;User Instance=True" + <add name="DatabaseConnectionString" connectionString="Data Source=.\SQLEXPRESS;AttachDbFilename=|DataDirectory|\Database4.mdf;Integrated Security=True;User Instance=True" providerName="System.Data.SqlClient" /> </connectionStrings> |