diff options
| author | Andrew Arnott <andrewarnott@gmail.com> | 2012-04-25 06:21:30 -0700 |
|---|---|---|
| committer | Andrew Arnott <andrewarnott@gmail.com> | 2012-04-25 06:21:30 -0700 |
| commit | d10db64d32f10c9514918541542af3bbf5889fca (patch) | |
| tree | 34a338c26072e142c50e59e119a8b10551ed1524 /samples | |
| parent | bf30c08cce5b18f6dc1679be8e4e610819efa9a7 (diff) | |
| download | DotNetOpenAuth-d10db64d32f10c9514918541542af3bbf5889fca.zip DotNetOpenAuth-d10db64d32f10c9514918541542af3bbf5889fca.tar.gz DotNetOpenAuth-d10db64d32f10c9514918541542af3bbf5889fca.tar.bz2 | |
Authorization Server hosts now instantiate their own AccessTokens rather than just parameters.
AccessTokens are now serialized via a virtual method on that instance.
Fixes #38, I think.
Diffstat (limited to 'samples')
| -rw-r--r-- | samples/OAuthAuthorizationServer/Code/OAuth2AuthorizationServer.cs | 15 |
1 files changed, 8 insertions, 7 deletions
diff --git a/samples/OAuthAuthorizationServer/Code/OAuth2AuthorizationServer.cs b/samples/OAuthAuthorizationServer/Code/OAuth2AuthorizationServer.cs index 0ea702d..b16b478 100644 --- a/samples/OAuthAuthorizationServer/Code/OAuth2AuthorizationServer.cs +++ b/samples/OAuthAuthorizationServer/Code/OAuth2AuthorizationServer.cs @@ -39,14 +39,14 @@ get { return MvcApplication.KeyNonceStore; } } - public AccessTokenParameters GetAccessTokenParameters(IAccessTokenRequest accessTokenRequestMessage) { - var parameters = new AccessTokenParameters(); + public AccessTokenResult CreateAccessToken(IAccessTokenRequest accessTokenRequestMessage) { + var accessToken = new AuthorizationServerAccessToken(); // Just for the sake of the sample, we use a short-lived token. This can be useful to mitigate the security risks // of access tokens that are used over standard HTTP. // But this is just the lifetime of the access token. The client can still renew it using their refresh token until // the authorization itself expires. - parameters.AccessTokenLifetime = TimeSpan.FromMinutes(2); + accessToken.Lifetime = TimeSpan.FromMinutes(2); // Also take into account the remaining life of the authorization and artificially shorten the access token's lifetime // to account for that if necessary. @@ -55,12 +55,13 @@ // For this sample, we assume just one resource server. // If this authorization server needs to mint access tokens for more than one resource server, // we'd look at the request message passed to us and decide which public key to return. - parameters.ResourceServerEncryptionKey = new RSACryptoServiceProvider(); - parameters.ResourceServerEncryptionKey.ImportParameters(ResourceServerEncryptionPublicKey); + accessToken.ResourceServerEncryptionKey = new RSACryptoServiceProvider(); + accessToken.ResourceServerEncryptionKey.ImportParameters(ResourceServerEncryptionPublicKey); - parameters.AccessTokenSigningKey = CreateRSA(); + accessToken.AccessTokenSigningKey = CreateRSA(); - return parameters; + var result = new AccessTokenResult(accessToken); + return result; } public IClientDescription GetClient(string clientIdentifier) { |