Added enough token management that the Appendix A scenario test is passing again.

1 files changed, 39 insertions, 48 deletions

diff --git a/src/DotNetOAuth/ServiceProvider.cs b/src/DotNetOAuth/ServiceProvider.cs
index 327e5ca..25597d1 100644
--- a/src/DotNetOAuth/ServiceProvider.cs
+++ b/src/DotNetOAuth/ServiceProvider.cs
@@ -25,60 +25,28 @@ namespace DotNetOAuth {
 	/// </remarks>

 	public class ServiceProvider {

 		/// <summary>

-		/// The field used to store the value of the <see cref="RequestTokenEndpoint"/> property.

-		/// </summary>

-		private ServiceProviderEndpoint requestTokenEndpoint;

-

-		/// <summary>

 		/// Initializes a new instance of the <see cref="ServiceProvider"/> class.

 		/// </summary>

-		public ServiceProvider() {

-			SigningBindingElementBase signingElement = new PlainTextSigningBindingElement(/*TODO*/);

-			INonceStore store = new NonceMemoryStore(StandardExpirationBindingElement.DefaultMaximumMessageAge);

-			this.Channel = new OAuthChannel(signingElement, store);

-		}

-

-		/// <summary>

-		/// Gets or sets the URL used to obtain an unauthorized Request Token,

-		/// described in Section 6.1 (Obtaining an Unauthorized Request Token).

-		/// </summary>

-		/// <remarks>

-		/// The request URL query MUST NOT contain any OAuth Protocol Parameters.

-		/// This is the URL that <see cref="Messages.RequestTokenMessage"/> messages are directed to.

-		/// </remarks>

-		/// <exception cref="ArgumentException">Thrown if this property is set to a URI with OAuth protocol parameters.</exception>

-		public ServiceProviderEndpoint RequestTokenEndpoint {

-			get {

-				return this.requestTokenEndpoint;

+		public ServiceProvider(ServiceProviderEndpoints endpoints, ITokenManager tokenManager) {

+			if (endpoints == null) {

+				throw new ArgumentNullException("endpoints");

 			}

-

-			set {

-				if (value != null && UriUtil.QueryStringContainsOAuthParameters(value.Location)) {

-					throw new ArgumentException(Strings.RequestUrlMustNotHaveOAuthParameters);

-				}

-

-				this.requestTokenEndpoint = value;

+			if (tokenManager == null) {

+				throw new ArgumentNullException("tokenManager");

 			}

-		}

 

-		/// <summary>

-		/// Gets or sets the URL used to obtain User authorization for Consumer access, 

-		/// described in Section 6.2 (Obtaining User Authorization).

-		/// </summary>

-		/// <remarks>

-		/// This is the URL that <see cref="Messages.DirectUserToServiceProviderMessage"/> messages are

-		/// indirectly (via the user agent) sent to.

-		/// </remarks>

-		public ServiceProviderEndpoint UserAuthorizationEndpoint { get; set; }

+			SigningBindingElementBase signingElement = new PlainTextSigningBindingElement(TokenSignatureVerificationCallback);

+			INonceStore store = new NonceMemoryStore(StandardExpirationBindingElement.DefaultMaximumMessageAge);

+			this.Endpoints = endpoints;

+			this.Channel = new OAuthChannel(signingElement, store);

+			this.TokenGenerator = new StandardTokenGenerator();

+			this.TokenManager = tokenManager;

+		}

 

 		/// <summary>

-		/// Gets or sets the URL used to exchange the User-authorized Request Token 

-		/// for an Access Token, described in Section 6.3 (Obtaining an Access Token).

+		/// Gets the endpoints exposed by this Service Provider.

 		/// </summary>

-		/// <remarks>

-		/// This is the URL that <see cref="Messages.RequestAccessTokenMessage"/> messages are directed to.

-		/// </remarks>

-		public ServiceProviderEndpoint AccessTokenEndpoint { get; set; }

+		public ServiceProviderEndpoints Endpoints { get; private set; }

 

 		/// <summary>

 		/// Gets or sets the channel to use for sending/receiving messages.

@@ -90,6 +58,10 @@ namespace DotNetOAuth {
 		/// </summary>

 		public Response PendingRequest { get; private set; }

 

+		internal ITokenGenerator TokenGenerator { get; set; }

+

+		internal ITokenManager TokenManager { get; private set; }

+

 		internal RequestTokenMessage ReadTokenRequest() {

 			return this.Channel.ReadFromRequest<RequestTokenMessage>();

 		}

@@ -102,7 +74,10 @@ namespace DotNetOAuth {
 			return this.Channel.ReadFromRequest<RequestTokenMessage>(request);

 		}

 

-		internal void SendUnauthorizedTokenResponse(string token, string secret) {

+		internal void SendUnauthorizedTokenResponse(RequestTokenMessage request) {

+			string token = TokenGenerator.GenerateRequestToken(request.ConsumerKey);

+			string secret = TokenGenerator.GenerateSecret();

+			TokenManager.StoreNewRequestToken(request.ConsumerKey, token, secret, null/*add params*/);

 			UnauthorizedRequestTokenMessage response = new UnauthorizedRequestTokenMessage {

 				RequestToken = token,

 				TokenSecret = secret,

@@ -143,7 +118,10 @@ namespace DotNetOAuth {
 			return this.Channel.ReadFromRequest<RequestAccessTokenMessage>(request);

 		}

 

-		internal void SendAccessToken(string accessToken, string tokenSecret) {

+		internal void SendAccessToken(RequestAccessTokenMessage request) {

+			string accessToken = TokenGenerator.GenerateAccessToken(request.ConsumerKey);

+			string tokenSecret = TokenGenerator.GenerateSecret();

+			TokenManager.ExpireRequestTokenAndStoreNewAccessToken(request.ConsumerKey, request.RequestToken, accessToken, tokenSecret);

 			var grantAccess = new GrantAccessTokenMessage {

 				AccessToken = accessToken,

 				TokenSecret = tokenSecret,

@@ -151,5 +129,18 @@ namespace DotNetOAuth {
 

 			this.Channel.Send(grantAccess);

 		}

+

+		private void TokenSignatureVerificationCallback(ITamperResistantOAuthMessage message) {

+			message.ConsumerSecret = TokenManager.GetConsumerSecret(message.ConsumerKey);

+

+			var tokenMessage = message as ITokenContainingMessage;

+			if (tokenMessage != null) {

+				message.TokenSecret = TokenManager.GetTokenSecret(tokenMessage.Token);

+			}

+

+			//message.Recipient

+			//message.AdditionalParametersInHttpRequest

+			//message.HttpMethod

+		}

 	}

 }