diff options
| author | Andrew Arnott <andrewarnott@gmail.com> | 2009-03-26 14:17:05 -0700 |
|---|---|---|
| committer | Andrew Arnott <andrewarnott@gmail.com> | 2009-03-26 14:17:05 -0700 |
| commit | 1bfeae7973d31f3e69a83793d95904abf4f653bc (patch) | |
| tree | 50938143aae7a17001c68c99ffc3bcdb5bac6f1f /samples/OAuthServiceProvider/App_Code/OAuthAuthorizationManager.cs | |
| parent | 00f1f6baf79d6f42bcaaf24b1e43f3c86f540b2a (diff) | |
| download | DotNetOpenAuth-1bfeae7973d31f3e69a83793d95904abf4f653bc.zip DotNetOpenAuth-1bfeae7973d31f3e69a83793d95904abf4f653bc.tar.gz DotNetOpenAuth-1bfeae7973d31f3e69a83793d95904abf4f653bc.tar.bz2 | |
Renamed OAuth sample sites.
Diffstat (limited to 'samples/OAuthServiceProvider/App_Code/OAuthAuthorizationManager.cs')
| -rw-r--r-- | samples/OAuthServiceProvider/App_Code/OAuthAuthorizationManager.cs | 37 |
1 files changed, 37 insertions, 0 deletions
diff --git a/samples/OAuthServiceProvider/App_Code/OAuthAuthorizationManager.cs b/samples/OAuthServiceProvider/App_Code/OAuthAuthorizationManager.cs new file mode 100644 index 0000000..fce1ad4 --- /dev/null +++ b/samples/OAuthServiceProvider/App_Code/OAuthAuthorizationManager.cs @@ -0,0 +1,37 @@ +using System; +using System.Linq; +using System.ServiceModel; +using System.ServiceModel.Channels; +using DotNetOpenAuth; +using DotNetOpenAuth.OAuth; + +/// <summary> +/// A WCF extension to authenticate incoming messages using OAuth. +/// </summary> +public class OAuthAuthorizationManager : ServiceAuthorizationManager { + public OAuthAuthorizationManager() { + } + + protected override bool CheckAccessCore(OperationContext operationContext) { + if (!base.CheckAccessCore(operationContext)) { + return false; + } + + HttpRequestMessageProperty httpDetails = operationContext.RequestContext.RequestMessage.Properties[HttpRequestMessageProperty.Name] as HttpRequestMessageProperty; + Uri requestUri = operationContext.RequestContext.RequestMessage.Properties["OriginalHttpRequestUri"] as Uri; + ServiceProvider sp = Constants.CreateServiceProvider(); + var auth = sp.ReadProtectedResourceAuthorization(httpDetails, requestUri); + if (auth != null) { + var accessToken = Global.DataContext.OAuthTokens.Single(token => token.Token == auth.AccessToken); + + // Only allow this method call if the access token scope permits it. + string[] scopes = accessToken.Scope.Split('|'); + if (scopes.Contains(operationContext.IncomingMessageHeaders.Action)) { + operationContext.IncomingMessageProperties["OAuthAccessToken"] = accessToken; + return true; + } + } + + return false; + } +} |