diff options
| author | Andrew Arnott <andrewarnott@gmail.com> | 2008-10-06 08:47:38 -0700 |
|---|---|---|
| committer | Andrew <andrewarnott@gmail.com> | 2008-10-06 08:47:38 -0700 |
| commit | c4198363f4f88a54c65ba22ef7a9cd97a35e743b (patch) | |
| tree | 72232d8007e9d92c2218f6b8e37412542a47c80f /samples/ServiceProvider/App_Code/OAuthAuthorizationManager.cs | |
| parent | f367f68a81e06dcab56348c85f7c09526123c916 (diff) | |
| download | DotNetOpenAuth-c4198363f4f88a54c65ba22ef7a9cd97a35e743b.zip DotNetOpenAuth-c4198363f4f88a54c65ba22ef7a9cd97a35e743b.tar.gz DotNetOpenAuth-c4198363f4f88a54c65ba22ef7a9cd97a35e743b.tar.bz2 | |
Added specific authorization to sample for allowing limited access.
Diffstat (limited to 'samples/ServiceProvider/App_Code/OAuthAuthorizationManager.cs')
| -rw-r--r-- | samples/ServiceProvider/App_Code/OAuthAuthorizationManager.cs | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/samples/ServiceProvider/App_Code/OAuthAuthorizationManager.cs b/samples/ServiceProvider/App_Code/OAuthAuthorizationManager.cs index 2b4e06b..4c461e8 100644 --- a/samples/ServiceProvider/App_Code/OAuthAuthorizationManager.cs +++ b/samples/ServiceProvider/App_Code/OAuthAuthorizationManager.cs @@ -22,8 +22,12 @@ public class OAuthAuthorizationManager : ServiceAuthorizationManager { var auth = sp.GetProtectedResourceAuthorization(httpDetails, requestUri);
if (auth != null) {
var accessToken = Global.DataContext.OAuthTokens.Single(token => token.Token == auth.AccessToken);
- operationContext.IncomingMessageProperties["OAuthAccessToken"] = accessToken;
- return true;
+ // Only allow this method call if the access token scope permits it.
+ string[] scopes = accessToken.Scope.Split('|');
+ if (scopes.Contains(operationContext.IncomingMessageHeaders.Action)) {
+ operationContext.IncomingMessageProperties["OAuthAccessToken"] = accessToken;
+ return true;
+ }
}
return false;
|