diff options
| author | Andrew Arnott <andrewarnott@gmail.com> | 2012-02-02 19:55:29 -0800 |
|---|---|---|
| committer | Andrew Arnott <andrewarnott@gmail.com> | 2012-02-02 19:55:29 -0800 |
| commit | c1c763ef7ae943c7945c6d75459d02613329dd44 (patch) | |
| tree | 3b39d9b629fc2435813fb666ad2e8bbb025714bf /samples/OAuthServiceProvider/Code/OAuthAuthorizationManager.cs | |
| parent | 492f4566b70142e5fc41a9c3fb4564c64c66ac5f (diff) | |
| download | DotNetOpenAuth-c1c763ef7ae943c7945c6d75459d02613329dd44.zip DotNetOpenAuth-c1c763ef7ae943c7945c6d75459d02613329dd44.tar.gz DotNetOpenAuth-c1c763ef7ae943c7945c6d75459d02613329dd44.tar.bz2 | |
Added OAuth 1.0 samples from v3.4 branch and fixed them up a bit so that
they work here.
Fixes #64
Diffstat (limited to 'samples/OAuthServiceProvider/Code/OAuthAuthorizationManager.cs')
| -rw-r--r-- | samples/OAuthServiceProvider/Code/OAuthAuthorizationManager.cs | 65 |
1 files changed, 65 insertions, 0 deletions
diff --git a/samples/OAuthServiceProvider/Code/OAuthAuthorizationManager.cs b/samples/OAuthServiceProvider/Code/OAuthAuthorizationManager.cs new file mode 100644 index 0000000..917a252 --- /dev/null +++ b/samples/OAuthServiceProvider/Code/OAuthAuthorizationManager.cs @@ -0,0 +1,65 @@ +namespace OAuthServiceProvider.Code { + using System; + using System.Collections.Generic; + using System.IdentityModel.Policy; + using System.Linq; + using System.Security.Principal; + using System.ServiceModel; + using System.ServiceModel.Channels; + using System.ServiceModel.Security; + using DotNetOpenAuth; + using DotNetOpenAuth.OAuth; + + /// <summary> + /// A WCF extension to authenticate incoming messages using OAuth. + /// </summary> + public class OAuthAuthorizationManager : ServiceAuthorizationManager { + public OAuthAuthorizationManager() { + } + + protected override bool CheckAccessCore(OperationContext operationContext) { + if (!base.CheckAccessCore(operationContext)) { + return false; + } + + HttpRequestMessageProperty httpDetails = operationContext.RequestContext.RequestMessage.Properties[HttpRequestMessageProperty.Name] as HttpRequestMessageProperty; + Uri requestUri = operationContext.RequestContext.RequestMessage.Properties.Via; + ServiceProvider sp = Constants.CreateServiceProvider(); + try { + var auth = sp.ReadProtectedResourceAuthorization(httpDetails, requestUri); + if (auth != null) { + var accessToken = Global.DataContext.OAuthTokens.Single(token => token.Token == auth.AccessToken); + + var principal = sp.CreatePrincipal(auth); + var policy = new OAuthPrincipalAuthorizationPolicy(principal); + var policies = new List<IAuthorizationPolicy> { + policy, + }; + + var securityContext = new ServiceSecurityContext(policies.AsReadOnly()); + if (operationContext.IncomingMessageProperties.Security != null) { + operationContext.IncomingMessageProperties.Security.ServiceSecurityContext = securityContext; + } else { + operationContext.IncomingMessageProperties.Security = new SecurityMessageProperty { + ServiceSecurityContext = securityContext, + }; + } + + securityContext.AuthorizationContext.Properties["Identities"] = new List<IIdentity> { + principal.Identity, + }; + + // Only allow this method call if the access token scope permits it. + string[] scopes = accessToken.Scope.Split('|'); + if (scopes.Contains(operationContext.IncomingMessageHeaders.Action)) { + return true; + } + } + } catch (ProtocolException ex) { + Global.Logger.Error("Error processing OAuth messages.", ex); + } + + return false; + } + } +}
\ No newline at end of file |