diff options
| author | Andrew Arnott <andrewarnott@gmail.com> | 2011-04-08 08:00:07 -0700 |
|---|---|---|
| committer | Andrew Arnott <andrewarnott@gmail.com> | 2011-04-08 08:01:23 -0700 |
| commit | 70d8fe9dfbb3f57c3b769379f5987e16f8369b98 (patch) | |
| tree | da58b52994f3e782f6f08bf308744a3800a1e10c /samples | |
| parent | b5c537741ad3015c29469672884fffbe0fbcb1b6 (diff) | |
| download | DotNetOpenAuth-70d8fe9dfbb3f57c3b769379f5987e16f8369b98.zip DotNetOpenAuth-70d8fe9dfbb3f57c3b769379f5987e16f8369b98.tar.gz DotNetOpenAuth-70d8fe9dfbb3f57c3b769379f5987e16f8369b98.tar.bz2 | |
Made the OAuth 2.0 callback validation more flexible to the host.
Diffstat (limited to 'samples')
| -rw-r--r-- | samples/OAuthAuthorizationServer/Code/Client.cs | 25 |
1 files changed, 17 insertions, 8 deletions
diff --git a/samples/OAuthAuthorizationServer/Code/Client.cs b/samples/OAuthAuthorizationServer/Code/Client.cs index 8669c19..62bc193 100644 --- a/samples/OAuthAuthorizationServer/Code/Client.cs +++ b/samples/OAuthAuthorizationServer/Code/Client.cs @@ -18,17 +18,26 @@ } /// <summary> - /// Gets the allowed callback URIs that this client has pre-registered with the service provider, if any. + /// Gets the callback to use when an individual authorization request + /// does not include an explicit callback URI. /// </summary> /// <value> - /// The URIs that user authorization responses may be directed to; must not be <c>null</c>, but may be empty. + /// An absolute URL; or <c>null</c> if none is registered. /// </value> - /// <remarks> - /// The first element in this list (if any) will be used as the default client redirect URL if the client sends an authorization request without a redirect URL. - /// If the list is empty, any callback is allowed for this client. - /// </remarks> - List<Uri> IConsumerDescription.AllowedCallbacks { - get { return string.IsNullOrEmpty(this.Callback) ? new List<Uri>() : new List<Uri>(new Uri[] { new Uri(this.Callback) }); } + Uri IConsumerDescription.DefaultCallback { + get { return string.IsNullOrEmpty(this.Callback) ? null : new Uri(this.Callback); } + } + + /// <summary> + /// Determines whether a callback URI included in a client's authorization request + /// is among those allowed callbacks for the registered client. + /// </summary> + /// <param name="callback">The absolute URI the client has requested the authorization result be received at.</param> + /// <returns> + /// <c>true</c> if the callback URL is allowable for this client; otherwise, <c>false</c>. + /// </returns> + bool IConsumerDescription.IsCallbackAllowed(Uri callback) { + return string.IsNullOrEmpty(this.Callback) || callback == new Uri(this.Callback); } #endregion |