diff options
| author | Andrew Arnott <andrewarnott@gmail.com> | 2009-06-25 19:51:02 -0700 |
|---|---|---|
| committer | Andrew Arnott <andrewarnott@gmail.com> | 2009-06-25 19:51:02 -0700 |
| commit | 3b2fe4819cf449d1ab88178d055239c64b3cfd5e (patch) | |
| tree | e191391cc71af22a854a06fee0079dbb74405752 /samples/OAuthServiceProvider/App_Code/OAuthAuthorizationManager.cs | |
| parent | 97e3fc44a6911289baf3435febc0b003e56ad4e8 (diff) | |
| parent | f3ce247dfaa965011c7f8417d00e0fa3dfad4a35 (diff) | |
| download | DotNetOpenAuth-3b2fe4819cf449d1ab88178d055239c64b3cfd5e.zip DotNetOpenAuth-3b2fe4819cf449d1ab88178d055239c64b3cfd5e.tar.gz DotNetOpenAuth-3b2fe4819cf449d1ab88178d055239c64b3cfd5e.tar.bz2 | |
Merge branch 'master' into contracts
Conflicts:
src/DotNetOpenAuth.vsmdi
src/DotNetOpenAuth/Configuration/TypeConfigurationCollection.cs
src/DotNetOpenAuth/Configuration/TypeConfigurationElement.cs
src/DotNetOpenAuth/DotNetOpenAuth.csproj
src/DotNetOpenAuth/Messaging/HttpRequestInfo.cs
src/DotNetOpenAuth/Messaging/Reflection/MessagePart.cs
src/DotNetOpenAuth/Messaging/Reflection/ValueMapping.cs
src/DotNetOpenAuth/OAuth/ChannelElements/OAuthChannel.cs
src/DotNetOpenAuth/OAuth/ConsumerBase.cs
src/DotNetOpenAuth/OAuth/Messages/MessageBase.cs
src/DotNetOpenAuth/OAuth/Messages/UnauthorizedTokenResponse.cs
src/DotNetOpenAuth/OAuth/ServiceProvider.cs
src/DotNetOpenAuth/OpenId/Protocol.cs
src/DotNetOpenAuth/OpenId/Provider/AutoResponsiveRequest.cs
src/DotNetOpenAuth/OpenId/Provider/HostProcessedRequest.cs
src/DotNetOpenAuth/OpenId/Provider/IHostProcessedRequest.cs
src/DotNetOpenAuth/OpenId/Provider/Request.cs
src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdRelyingParty.cs
src/DotNetOpenAuth/OpenId/RelyingParty/ServiceEndpoint.cs
Diffstat (limited to 'samples/OAuthServiceProvider/App_Code/OAuthAuthorizationManager.cs')
| -rw-r--r-- | samples/OAuthServiceProvider/App_Code/OAuthAuthorizationManager.cs | 17 |
1 files changed, 16 insertions, 1 deletions
diff --git a/samples/OAuthServiceProvider/App_Code/OAuthAuthorizationManager.cs b/samples/OAuthServiceProvider/App_Code/OAuthAuthorizationManager.cs index fce1ad4..1ec2cb5 100644 --- a/samples/OAuthServiceProvider/App_Code/OAuthAuthorizationManager.cs +++ b/samples/OAuthServiceProvider/App_Code/OAuthAuthorizationManager.cs @@ -1,7 +1,10 @@ using System; +using System.Collections.Generic; +using System.IdentityModel.Policy; using System.Linq; using System.ServiceModel; using System.ServiceModel.Channels; +using System.ServiceModel.Security; using DotNetOpenAuth; using DotNetOpenAuth.OAuth; @@ -24,10 +27,22 @@ public class OAuthAuthorizationManager : ServiceAuthorizationManager { if (auth != null) { var accessToken = Global.DataContext.OAuthTokens.Single(token => token.Token == auth.AccessToken); + var policy = new OAuthPrincipalAuthorizationPolicy(sp.CreatePrincipal(auth)); + var policies = new List<IAuthorizationPolicy> { + policy, + }; + var securityContext = new ServiceSecurityContext(policies.AsReadOnly()); + if (operationContext.IncomingMessageProperties.Security != null) { + operationContext.IncomingMessageProperties.Security.ServiceSecurityContext = securityContext; + } else { + operationContext.IncomingMessageProperties.Security = new SecurityMessageProperty { + ServiceSecurityContext = securityContext, + }; + } + // Only allow this method call if the access token scope permits it. string[] scopes = accessToken.Scope.Split('|'); if (scopes.Contains(operationContext.IncomingMessageHeaders.Action)) { - operationContext.IncomingMessageProperties["OAuthAccessToken"] = accessToken; return true; } } |