diff options
| author | Andrew Arnott <andrewarnott@gmail.com> | 2011-07-31 20:34:50 -0600 |
|---|---|---|
| committer | Andrew Arnott <andrewarnott@gmail.com> | 2011-07-31 20:34:50 -0600 |
| commit | cb2960f2af1c4148d8581c3543594355cccabe6f (patch) | |
| tree | ef80c81e40a961788a5013872ec9559edee503f3 /src/DotNetOpenAuth.OAuth.Consumer | |
| parent | 4a25e81697e3e68bb617fd6feb07c2beed623bfc (diff) | |
| download | DotNetOpenAuth-cb2960f2af1c4148d8581c3543594355cccabe6f.zip DotNetOpenAuth-cb2960f2af1c4148d8581c3543594355cccabe6f.tar.gz DotNetOpenAuth-cb2960f2af1c4148d8581c3543594355cccabe6f.tar.bz2 | |
Split OAuth 1.0 assemblies.
Diffstat (limited to 'src/DotNetOpenAuth.OAuth.Consumer')
6 files changed, 688 insertions, 0 deletions
diff --git a/src/DotNetOpenAuth.OAuth.Consumer/DotNetOpenAuth.OAuth.Consumer.csproj b/src/DotNetOpenAuth.OAuth.Consumer/DotNetOpenAuth.OAuth.Consumer.csproj new file mode 100644 index 0000000..cdbd2dc --- /dev/null +++ b/src/DotNetOpenAuth.OAuth.Consumer/DotNetOpenAuth.OAuth.Consumer.csproj @@ -0,0 +1,46 @@ +<?xml version="1.0" encoding="utf-8"?> +<Project ToolsVersion="4.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003"> + <Import Project="$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.props))\EnlistmentInfo.props" Condition=" '$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.props))' != '' " /> + <PropertyGroup> + <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration> + <Platform Condition=" '$(Platform)' == '' ">AnyCPU</Platform> + </PropertyGroup> + <Import Project="$(ProjectRoot)tools\DotNetOpenAuth.props" /> + <PropertyGroup> + <SchemaVersion>2.0</SchemaVersion> + <ProjectGuid>{B202E40D-4663-4A2B-ACDA-865F88FF7CAA}</ProjectGuid> + <AppDesignerFolder>Properties</AppDesignerFolder> + <AssemblyName>DotNetOpenAuth.OAuth.Consumer</AssemblyName> + </PropertyGroup> + <Import Project="$(ProjectRoot)tools\DotNetOpenAuth.Product.props" /> + <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' "> + </PropertyGroup> + <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Release|AnyCPU' "> + </PropertyGroup> + <ItemGroup> + <Compile Include="OAuth\ConsumerBase.cs" /> + <Compile Include="OAuth\DesktopConsumer.cs" /> + <Compile Include="OAuth\WebConsumer.cs" /> + <Compile Include="Properties\AssemblyInfo.cs"> + <SubType> + </SubType> + </Compile> + </ItemGroup> + <ItemGroup> + <ProjectReference Include="..\DotNetOpenAuth.Messaging\DotNetOpenAuth.Messaging.csproj"> + <Project>{60426312-6AE5-4835-8667-37EDEA670222}</Project> + <Name>DotNetOpenAuth.Messaging</Name> + </ProjectReference> + <ProjectReference Include="..\DotNetOpenAuth.OAuth\DotNetOpenAuth.OAuth.csproj"> + <Project>{A288FCC8-6FCF-46DA-A45E-5F9281556361}</Project> + <Name>DotNetOpenAuth.OAuth</Name> + </ProjectReference> + <ProjectReference Include="..\DotNetOpenAuth.OpenId\DotNetOpenAuth.OpenId.csproj"> + <Project>{3896A32A-E876-4C23-B9B8-78E17D134CD3}</Project> + <Name>DotNetOpenAuth.OpenId</Name> + </ProjectReference> + </ItemGroup> + <Import Project="$(MSBuildToolsPath)\Microsoft.CSharp.targets" /> + <Import Project="$(ProjectRoot)tools\DotNetOpenAuth.targets" /> + <Import Project="$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.targets))\EnlistmentInfo.targets" Condition=" '$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.targets))' != '' " /> +</Project>
\ No newline at end of file diff --git a/src/DotNetOpenAuth.OAuth.Consumer/OAuth/ConsumerBase.cs b/src/DotNetOpenAuth.OAuth.Consumer/OAuth/ConsumerBase.cs new file mode 100644 index 0000000..c02ca79 --- /dev/null +++ b/src/DotNetOpenAuth.OAuth.Consumer/OAuth/ConsumerBase.cs @@ -0,0 +1,302 @@ +//----------------------------------------------------------------------- +// <copyright file="ConsumerBase.cs" company="Andrew Arnott"> +// Copyright (c) Andrew Arnott. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- + +namespace DotNetOpenAuth.OAuth { + using System; + using System.Collections.Generic; + using System.Diagnostics.CodeAnalysis; + using System.Diagnostics.Contracts; + using System.Linq; + using System.Net; + using DotNetOpenAuth.Configuration; + using DotNetOpenAuth.Messaging; + using DotNetOpenAuth.Messaging.Bindings; + using DotNetOpenAuth.OAuth.ChannelElements; + using DotNetOpenAuth.OAuth.Messages; + + /// <summary> + /// Base class for <see cref="WebConsumer"/> and <see cref="DesktopConsumer"/> types. + /// </summary> + public class ConsumerBase : IDisposable { + /// <summary> + /// Initializes a new instance of the <see cref="ConsumerBase"/> class. + /// </summary> + /// <param name="serviceDescription">The endpoints and behavior of the Service Provider.</param> + /// <param name="tokenManager">The host's method of storing and recalling tokens and secrets.</param> + protected ConsumerBase(ServiceProviderDescription serviceDescription, IConsumerTokenManager tokenManager) { + Contract.Requires<ArgumentNullException>(serviceDescription != null); + Contract.Requires<ArgumentNullException>(tokenManager != null); + + ITamperProtectionChannelBindingElement signingElement = serviceDescription.CreateTamperProtectionElement(); + INonceStore store = new NonceMemoryStore(StandardExpirationBindingElement.MaximumMessageAge); + this.SecuritySettings = OAuthElement.Configuration.Consumer.SecuritySettings.CreateSecuritySettings(); + this.OAuthChannel = new OAuthChannel(signingElement, store, tokenManager, this.SecuritySettings); + this.ServiceProvider = serviceDescription; + + OAuthReporting.RecordFeatureAndDependencyUse(this, serviceDescription, tokenManager, null); + } + + /// <summary> + /// Gets the Consumer Key used to communicate with the Service Provider. + /// </summary> + public string ConsumerKey { + get { return this.TokenManager.ConsumerKey; } + } + + /// <summary> + /// Gets the Service Provider that will be accessed. + /// </summary> + public ServiceProviderDescription ServiceProvider { get; private set; } + + /// <summary> + /// Gets the persistence store for tokens and secrets. + /// </summary> + public IConsumerTokenManager TokenManager { + get { return (IConsumerTokenManager)this.OAuthChannel.TokenManager; } + } + + /// <summary> + /// Gets the channel to use for sending/receiving messages. + /// </summary> + public Channel Channel { + get { return this.OAuthChannel; } + } + + /// <summary> + /// Gets the security settings for this consumer. + /// </summary> + internal ConsumerSecuritySettings SecuritySettings { get; private set; } + + /// <summary> + /// Gets or sets the channel to use for sending/receiving messages. + /// </summary> + internal OAuthChannel OAuthChannel { get; set; } + + /// <summary> + /// Obtains an access token for a new account at the Service Provider via 2-legged OAuth. + /// </summary> + /// <param name="requestParameters">Any applicable parameters to include in the query string of the token request.</param> + /// <returns>The access token.</returns> + /// <remarks> + /// The token secret is stored in the <see cref="TokenManager"/>. + /// </remarks> + public string RequestNewClientAccount(IDictionary<string, string> requestParameters = null) { + // Obtain an unauthorized request token. Assume the OAuth version given in the service description. + var token = new UnauthorizedTokenRequest(this.ServiceProvider.RequestTokenEndpoint, this.ServiceProvider.Version) { + ConsumerKey = this.ConsumerKey, + }; + var tokenAccessor = this.Channel.MessageDescriptions.GetAccessor(token); + tokenAccessor.AddExtraParameters(requestParameters); + var requestTokenResponse = this.Channel.Request<UnauthorizedTokenResponse>(token); + this.TokenManager.StoreNewRequestToken(token, requestTokenResponse); + + var requestAccess = new AuthorizedTokenRequest(this.ServiceProvider.AccessTokenEndpoint, this.ServiceProvider.Version) { + RequestToken = requestTokenResponse.RequestToken, + ConsumerKey = this.ConsumerKey, + }; + var grantAccess = this.Channel.Request<AuthorizedTokenResponse>(requestAccess); + this.TokenManager.ExpireRequestTokenAndStoreNewAccessToken(this.ConsumerKey, requestTokenResponse.RequestToken, grantAccess.AccessToken, grantAccess.TokenSecret); + return grantAccess.AccessToken; + } + + /// <summary> + /// Creates a web request prepared with OAuth authorization + /// that may be further tailored by adding parameters by the caller. + /// </summary> + /// <param name="endpoint">The URL and method on the Service Provider to send the request to.</param> + /// <param name="accessToken">The access token that permits access to the protected resource.</param> + /// <returns>The initialized WebRequest object.</returns> + public HttpWebRequest PrepareAuthorizedRequest(MessageReceivingEndpoint endpoint, string accessToken) { + Contract.Requires<ArgumentNullException>(endpoint != null); + Contract.Requires<ArgumentNullException>(!String.IsNullOrEmpty(accessToken)); + + return this.PrepareAuthorizedRequest(endpoint, accessToken, EmptyDictionary<string, string>.Instance); + } + + /// <summary> + /// Creates a web request prepared with OAuth authorization + /// that may be further tailored by adding parameters by the caller. + /// </summary> + /// <param name="endpoint">The URL and method on the Service Provider to send the request to.</param> + /// <param name="accessToken">The access token that permits access to the protected resource.</param> + /// <param name="extraData">Extra parameters to include in the message. Must not be null, but may be empty.</param> + /// <returns>The initialized WebRequest object.</returns> + public HttpWebRequest PrepareAuthorizedRequest(MessageReceivingEndpoint endpoint, string accessToken, IDictionary<string, string> extraData) { + Contract.Requires<ArgumentNullException>(endpoint != null); + Contract.Requires<ArgumentNullException>(!String.IsNullOrEmpty(accessToken)); + Contract.Requires<ArgumentNullException>(extraData != null); + + IDirectedProtocolMessage message = this.CreateAuthorizingMessage(endpoint, accessToken); + foreach (var pair in extraData) { + message.ExtraData.Add(pair); + } + + HttpWebRequest wr = this.OAuthChannel.InitializeRequest(message); + return wr; + } + + /// <summary> + /// Prepares an authorized request that carries an HTTP multi-part POST, allowing for binary data. + /// </summary> + /// <param name="endpoint">The URL and method on the Service Provider to send the request to.</param> + /// <param name="accessToken">The access token that permits access to the protected resource.</param> + /// <param name="binaryData">Extra parameters to include in the message. Must not be null, but may be empty.</param> + /// <returns>The initialized WebRequest object.</returns> + public HttpWebRequest PrepareAuthorizedRequest(MessageReceivingEndpoint endpoint, string accessToken, IEnumerable<MultipartPostPart> binaryData) { + Contract.Requires<ArgumentNullException>(endpoint != null); + Contract.Requires<ArgumentException>(!String.IsNullOrEmpty(accessToken)); + Contract.Requires<ArgumentNullException>(binaryData != null); + + AccessProtectedResourceRequest message = this.CreateAuthorizingMessage(endpoint, accessToken); + foreach (MultipartPostPart part in binaryData) { + message.BinaryData.Add(part); + } + + HttpWebRequest wr = this.OAuthChannel.InitializeRequest(message); + return wr; + } + + /// <summary> + /// Prepares an HTTP request that has OAuth authorization already attached to it. + /// </summary> + /// <param name="message">The OAuth authorization message to attach to the HTTP request.</param> + /// <returns> + /// The HttpWebRequest that can be used to send the HTTP request to the remote service provider. + /// </returns> + /// <remarks> + /// If <see cref="IDirectedProtocolMessage.HttpMethods"/> property on the + /// <paramref name="message"/> has the + /// <see cref="HttpDeliveryMethods.AuthorizationHeaderRequest"/> flag set and + /// <see cref="ITamperResistantOAuthMessage.HttpMethod"/> is set to an HTTP method + /// that includes an entity body, the request stream is automatically sent + /// if and only if the <see cref="IMessage.ExtraData"/> dictionary is non-empty. + /// </remarks> + [SuppressMessage("Microsoft.Design", "CA1011:ConsiderPassingBaseTypesAsParameters", Justification = "Type of parameter forces the method to apply only to specific scenario.")] + public HttpWebRequest PrepareAuthorizedRequest(AccessProtectedResourceRequest message) { + Contract.Requires<ArgumentNullException>(message != null); + return this.OAuthChannel.InitializeRequest(message); + } + + /// <summary> + /// Creates a web request prepared with OAuth authorization + /// that may be further tailored by adding parameters by the caller. + /// </summary> + /// <param name="endpoint">The URL and method on the Service Provider to send the request to.</param> + /// <param name="accessToken">The access token that permits access to the protected resource.</param> + /// <returns>The initialized WebRequest object.</returns> + /// <exception cref="WebException">Thrown if the request fails for any reason after it is sent to the Service Provider.</exception> + public IncomingWebResponse PrepareAuthorizedRequestAndSend(MessageReceivingEndpoint endpoint, string accessToken) { + IDirectedProtocolMessage message = this.CreateAuthorizingMessage(endpoint, accessToken); + HttpWebRequest wr = this.OAuthChannel.InitializeRequest(message); + return this.Channel.WebRequestHandler.GetResponse(wr); + } + + #region IDisposable Members + + /// <summary> + /// Performs application-defined tasks associated with freeing, releasing, or resetting unmanaged resources. + /// </summary> + public void Dispose() { + this.Dispose(true); + GC.SuppressFinalize(this); + } + + #endregion + + /// <summary> + /// Creates a web request prepared with OAuth authorization + /// that may be further tailored by adding parameters by the caller. + /// </summary> + /// <param name="endpoint">The URL and method on the Service Provider to send the request to.</param> + /// <param name="accessToken">The access token that permits access to the protected resource.</param> + /// <returns>The initialized WebRequest object.</returns> + protected internal AccessProtectedResourceRequest CreateAuthorizingMessage(MessageReceivingEndpoint endpoint, string accessToken) { + Contract.Requires<ArgumentNullException>(endpoint != null); + Contract.Requires<ArgumentNullException>(!String.IsNullOrEmpty(accessToken)); + + AccessProtectedResourceRequest message = new AccessProtectedResourceRequest(endpoint, this.ServiceProvider.Version) { + AccessToken = accessToken, + ConsumerKey = this.ConsumerKey, + }; + + return message; + } + + /// <summary> + /// Prepares an OAuth message that begins an authorization request that will + /// redirect the user to the Service Provider to provide that authorization. + /// </summary> + /// <param name="callback"> + /// An optional Consumer URL that the Service Provider should redirect the + /// User Agent to upon successful authorization. + /// </param> + /// <param name="requestParameters">Extra parameters to add to the request token message. Optional.</param> + /// <param name="redirectParameters">Extra parameters to add to the redirect to Service Provider message. Optional.</param> + /// <param name="requestToken">The request token that must be exchanged for an access token after the user has provided authorization.</param> + /// <returns>The pending user agent redirect based message to be sent as an HttpResponse.</returns> + [SuppressMessage("Microsoft.Design", "CA1021:AvoidOutParameters", MessageId = "3#", Justification = "Two results")] + protected internal UserAuthorizationRequest PrepareRequestUserAuthorization(Uri callback, IDictionary<string, string> requestParameters, IDictionary<string, string> redirectParameters, out string requestToken) { + // Obtain an unauthorized request token. Assume the OAuth version given in the service description. + var token = new UnauthorizedTokenRequest(this.ServiceProvider.RequestTokenEndpoint, this.ServiceProvider.Version) { + ConsumerKey = this.ConsumerKey, + Callback = callback, + }; + var tokenAccessor = this.Channel.MessageDescriptions.GetAccessor(token); + tokenAccessor.AddExtraParameters(requestParameters); + var requestTokenResponse = this.Channel.Request<UnauthorizedTokenResponse>(token); + this.TokenManager.StoreNewRequestToken(token, requestTokenResponse); + + // Fine-tune our understanding of the SP's supported OAuth version if it's wrong. + if (this.ServiceProvider.Version != requestTokenResponse.Version) { + Logger.OAuth.WarnFormat("Expected OAuth service provider at endpoint {0} to use OAuth {1} but {2} was detected. Adjusting service description to new version.", this.ServiceProvider.RequestTokenEndpoint.Location, this.ServiceProvider.Version, requestTokenResponse.Version); + this.ServiceProvider.ProtocolVersion = Protocol.Lookup(requestTokenResponse.Version).ProtocolVersion; + } + + // Request user authorization. The OAuth version will automatically include + // or drop the callback that we're setting here. + ITokenContainingMessage assignedRequestToken = requestTokenResponse; + var requestAuthorization = new UserAuthorizationRequest(this.ServiceProvider.UserAuthorizationEndpoint, assignedRequestToken.Token, requestTokenResponse.Version) { + Callback = callback, + }; + var requestAuthorizationAccessor = this.Channel.MessageDescriptions.GetAccessor(requestAuthorization); + requestAuthorizationAccessor.AddExtraParameters(redirectParameters); + requestToken = requestAuthorization.RequestToken; + return requestAuthorization; + } + + /// <summary> + /// Exchanges a given request token for access token. + /// </summary> + /// <param name="requestToken">The request token that the user has authorized.</param> + /// <param name="verifier">The verifier code.</param> + /// <returns> + /// The access token assigned by the Service Provider. + /// </returns> + protected AuthorizedTokenResponse ProcessUserAuthorization(string requestToken, string verifier) { + Contract.Requires<ArgumentException>(!String.IsNullOrEmpty(requestToken)); + Contract.Ensures(Contract.Result<AuthorizedTokenResponse>() != null); + + var requestAccess = new AuthorizedTokenRequest(this.ServiceProvider.AccessTokenEndpoint, this.ServiceProvider.Version) { + RequestToken = requestToken, + VerificationCode = verifier, + ConsumerKey = this.ConsumerKey, + }; + var grantAccess = this.Channel.Request<AuthorizedTokenResponse>(requestAccess); + this.TokenManager.ExpireRequestTokenAndStoreNewAccessToken(this.ConsumerKey, requestToken, grantAccess.AccessToken, grantAccess.TokenSecret); + return grantAccess; + } + + /// <summary> + /// Releases unmanaged and - optionally - managed resources + /// </summary> + /// <param name="disposing"><c>true</c> to release both managed and unmanaged resources; <c>false</c> to release only unmanaged resources.</param> + protected virtual void Dispose(bool disposing) { + if (disposing) { + this.Channel.Dispose(); + } + } + } +} diff --git a/src/DotNetOpenAuth.OAuth.Consumer/OAuth/DesktopConsumer.cs b/src/DotNetOpenAuth.OAuth.Consumer/OAuth/DesktopConsumer.cs new file mode 100644 index 0000000..f9c1a94 --- /dev/null +++ b/src/DotNetOpenAuth.OAuth.Consumer/OAuth/DesktopConsumer.cs @@ -0,0 +1,73 @@ +//----------------------------------------------------------------------- +// <copyright file="DesktopConsumer.cs" company="Andrew Arnott"> +// Copyright (c) Andrew Arnott. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- + +namespace DotNetOpenAuth.OAuth { + using System; + using System.Collections.Generic; + using System.Diagnostics.CodeAnalysis; + using DotNetOpenAuth.Messaging; + using DotNetOpenAuth.OAuth; + using DotNetOpenAuth.OAuth.ChannelElements; + using DotNetOpenAuth.OAuth.Messages; + + /// <summary> + /// Used by a desktop application to use OAuth to access the Service Provider on behalf of the User. + /// </summary> + /// <remarks> + /// The methods on this class are thread-safe. Provided the properties are set and not changed + /// afterward, a single instance of this class may be used by an entire desktop application safely. + /// </remarks> + public class DesktopConsumer : ConsumerBase { + /// <summary> + /// Initializes a new instance of the <see cref="DesktopConsumer"/> class. + /// </summary> + /// <param name="serviceDescription">The endpoints and behavior of the Service Provider.</param> + /// <param name="tokenManager">The host's method of storing and recalling tokens and secrets.</param> + public DesktopConsumer(ServiceProviderDescription serviceDescription, IConsumerTokenManager tokenManager) + : base(serviceDescription, tokenManager) { + } + + /// <summary> + /// Begins an OAuth authorization request. + /// </summary> + /// <param name="requestParameters">Extra parameters to add to the request token message. Optional.</param> + /// <param name="redirectParameters">Extra parameters to add to the redirect to Service Provider message. Optional.</param> + /// <param name="requestToken">The request token that must be exchanged for an access token after the user has provided authorization.</param> + /// <returns>The URL to open a browser window to allow the user to provide authorization.</returns> + [SuppressMessage("Microsoft.Design", "CA1021:AvoidOutParameters", MessageId = "2#", Justification = "Two results")] + public Uri RequestUserAuthorization(IDictionary<string, string> requestParameters, IDictionary<string, string> redirectParameters, out string requestToken) { + var message = this.PrepareRequestUserAuthorization(null, requestParameters, redirectParameters, out requestToken); + OutgoingWebResponse response = this.Channel.PrepareResponse(message); + return response.GetDirectUriRequest(this.Channel); + } + + /// <summary> + /// Exchanges a given request token for access token. + /// </summary> + /// <param name="requestToken">The request token that the user has authorized.</param> + /// <returns>The access token assigned by the Service Provider.</returns> + [Obsolete("Use the ProcessUserAuthorization method that takes a verifier parameter instead.")] + public AuthorizedTokenResponse ProcessUserAuthorization(string requestToken) { + return this.ProcessUserAuthorization(requestToken, null); + } + + /// <summary> + /// Exchanges a given request token for access token. + /// </summary> + /// <param name="requestToken">The request token that the user has authorized.</param> + /// <param name="verifier">The verifier code typed in by the user. Must not be <c>Null</c> for OAuth 1.0a service providers and later.</param> + /// <returns> + /// The access token assigned by the Service Provider. + /// </returns> + public new AuthorizedTokenResponse ProcessUserAuthorization(string requestToken, string verifier) { + if (this.ServiceProvider.Version >= Protocol.V10a.Version) { + ErrorUtilities.VerifyNonZeroLength(verifier, "verifier"); + } + + return base.ProcessUserAuthorization(requestToken, verifier); + } + } +} diff --git a/src/DotNetOpenAuth.OAuth.Consumer/OAuth/WebConsumer.cs b/src/DotNetOpenAuth.OAuth.Consumer/OAuth/WebConsumer.cs new file mode 100644 index 0000000..de37b80 --- /dev/null +++ b/src/DotNetOpenAuth.OAuth.Consumer/OAuth/WebConsumer.cs @@ -0,0 +1,155 @@ +//----------------------------------------------------------------------- +// <copyright file="WebConsumer.cs" company="Andrew Arnott"> +// Copyright (c) Andrew Arnott. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- + +namespace DotNetOpenAuth.OAuth { + using System; + using System.Collections.Generic; + using System.Diagnostics.Contracts; + using System.Web; + using DotNetOpenAuth.Messaging; + using DotNetOpenAuth.OAuth.ChannelElements; + using DotNetOpenAuth.OAuth.Messages; + using DotNetOpenAuth.OpenId.Extensions.OAuth; + using DotNetOpenAuth.OpenId.RelyingParty; + + /// <summary> + /// A website or application that uses OAuth to access the Service Provider on behalf of the User. + /// </summary> + /// <remarks> + /// The methods on this class are thread-safe. Provided the properties are set and not changed + /// afterward, a single instance of this class may be used by an entire web application safely. + /// </remarks> + public class WebConsumer : ConsumerBase { + /// <summary> + /// Initializes a new instance of the <see cref="WebConsumer"/> class. + /// </summary> + /// <param name="serviceDescription">The endpoints and behavior of the Service Provider.</param> + /// <param name="tokenManager">The host's method of storing and recalling tokens and secrets.</param> + public WebConsumer(ServiceProviderDescription serviceDescription, IConsumerTokenManager tokenManager) + : base(serviceDescription, tokenManager) { + } + + /// <summary> + /// Begins an OAuth authorization request and redirects the user to the Service Provider + /// to provide that authorization. Upon successful authorization, the user is redirected + /// back to the current page. + /// </summary> + /// <returns>The pending user agent redirect based message to be sent as an HttpResponse.</returns> + /// <remarks> + /// Requires HttpContext.Current. + /// </remarks> + public UserAuthorizationRequest PrepareRequestUserAuthorization() { + Uri callback = this.Channel.GetRequestFromContext().UrlBeforeRewriting.StripQueryArgumentsWithPrefix(Protocol.ParameterPrefix); + return this.PrepareRequestUserAuthorization(callback, null, null); + } + + /// <summary> + /// Prepares an OAuth message that begins an authorization request that will + /// redirect the user to the Service Provider to provide that authorization. + /// </summary> + /// <param name="callback"> + /// An optional Consumer URL that the Service Provider should redirect the + /// User Agent to upon successful authorization. + /// </param> + /// <param name="requestParameters">Extra parameters to add to the request token message. Optional.</param> + /// <param name="redirectParameters">Extra parameters to add to the redirect to Service Provider message. Optional.</param> + /// <returns>The pending user agent redirect based message to be sent as an HttpResponse.</returns> + public UserAuthorizationRequest PrepareRequestUserAuthorization(Uri callback, IDictionary<string, string> requestParameters, IDictionary<string, string> redirectParameters) { + string token; + return this.PrepareRequestUserAuthorization(callback, requestParameters, redirectParameters, out token); + } + + /// <summary> + /// Processes an incoming authorization-granted message from an SP and obtains an access token. + /// </summary> + /// <returns>The access token, or null if no incoming authorization message was recognized.</returns> + /// <remarks> + /// Requires HttpContext.Current. + /// </remarks> + public AuthorizedTokenResponse ProcessUserAuthorization() { + return this.ProcessUserAuthorization(this.Channel.GetRequestFromContext()); + } + + /// <summary> + /// Attaches an OAuth authorization request to an outgoing OpenID authentication request. + /// </summary> + /// <param name="openIdAuthenticationRequest">The OpenID authentication request.</param> + /// <param name="scope">The scope of access that is requested of the service provider.</param> + public void AttachAuthorizationRequest(IAuthenticationRequest openIdAuthenticationRequest, string scope) { + Contract.Requires<ArgumentNullException>(openIdAuthenticationRequest != null); + + var authorizationRequest = new AuthorizationRequest { + Consumer = this.ConsumerKey, + Scope = scope, + }; + + openIdAuthenticationRequest.AddExtension(authorizationRequest); + } + + /// <summary> + /// Processes an incoming authorization-granted message from an SP and obtains an access token. + /// </summary> + /// <param name="openIdAuthenticationResponse">The OpenID authentication response that may be carrying an authorized request token.</param> + /// <returns> + /// The access token, or null if OAuth authorization was denied by the user or service provider. + /// </returns> + /// <remarks> + /// The access token, if granted, is automatically stored in the <see cref="ConsumerBase.TokenManager"/>. + /// The token manager instance must implement <see cref="IOpenIdOAuthTokenManager"/>. + /// </remarks> + public AuthorizedTokenResponse ProcessUserAuthorization(IAuthenticationResponse openIdAuthenticationResponse) { + Contract.Requires<ArgumentNullException>(openIdAuthenticationResponse != null); + Contract.Requires<InvalidOperationException>(this.TokenManager is IOpenIdOAuthTokenManager); + var openidTokenManager = this.TokenManager as IOpenIdOAuthTokenManager; + ErrorUtilities.VerifyOperation(openidTokenManager != null, OAuthStrings.OpenIdOAuthExtensionRequiresSpecialTokenManagerInterface, typeof(IOpenIdOAuthTokenManager).FullName); + + // The OAuth extension is only expected in positive assertion responses. + if (openIdAuthenticationResponse.Status != AuthenticationStatus.Authenticated) { + return null; + } + + // Retrieve the OAuth extension + var positiveAuthorization = openIdAuthenticationResponse.GetExtension<AuthorizationApprovedResponse>(); + if (positiveAuthorization == null) { + return null; + } + + // Prepare a message to exchange the request token for an access token. + // We are careful to use a v1.0 message version so that the oauth_verifier is not required. + var requestAccess = new AuthorizedTokenRequest(this.ServiceProvider.AccessTokenEndpoint, Protocol.V10.Version) { + RequestToken = positiveAuthorization.RequestToken, + ConsumerKey = this.ConsumerKey, + }; + + // Retrieve the access token and store it in the token manager. + openidTokenManager.StoreOpenIdAuthorizedRequestToken(this.ConsumerKey, positiveAuthorization); + var grantAccess = this.Channel.Request<AuthorizedTokenResponse>(requestAccess); + this.TokenManager.ExpireRequestTokenAndStoreNewAccessToken(this.ConsumerKey, positiveAuthorization.RequestToken, grantAccess.AccessToken, grantAccess.TokenSecret); + + // Provide the caller with the access token so it may be associated with the user + // that is logging in. + return grantAccess; + } + + /// <summary> + /// Processes an incoming authorization-granted message from an SP and obtains an access token. + /// </summary> + /// <param name="request">The incoming HTTP request.</param> + /// <returns>The access token, or null if no incoming authorization message was recognized.</returns> + public AuthorizedTokenResponse ProcessUserAuthorization(HttpRequestInfo request) { + Contract.Requires<ArgumentNullException>(request != null); + + UserAuthorizationResponse authorizationMessage; + if (this.Channel.TryReadFromRequest<UserAuthorizationResponse>(request, out authorizationMessage)) { + string requestToken = authorizationMessage.RequestToken; + string verifier = authorizationMessage.VerificationCode; + return this.ProcessUserAuthorization(requestToken, verifier); + } else { + return null; + } + } + } +} diff --git a/src/DotNetOpenAuth.OAuth.Consumer/Properties/AssemblyInfo.cs b/src/DotNetOpenAuth.OAuth.Consumer/Properties/AssemblyInfo.cs new file mode 100644 index 0000000..0730b90 --- /dev/null +++ b/src/DotNetOpenAuth.OAuth.Consumer/Properties/AssemblyInfo.cs @@ -0,0 +1,56 @@ +//----------------------------------------------------------------------- +// <copyright file="AssemblyInfo.cs" company="Andrew Arnott"> +// Copyright (c) Andrew Arnott. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- + +// We DON'T put an AssemblyVersionAttribute in here because it is generated in the build. + +using System; +using System.Diagnostics.Contracts; +using System.Net; +using System.Reflection; +using System.Resources; +using System.Runtime.CompilerServices; +using System.Runtime.InteropServices; +using System.Security; +using System.Security.Permissions; +using System.Web.UI; + +// General Information about an assembly is controlled through the following +// set of attributes. Change these attribute values to modify the information +// associated with an assembly. +[assembly: AssemblyTitle("DotNetOpenAuth OAuth")] +[assembly: AssemblyDescription("")] +[assembly: AssemblyConfiguration("")] +[assembly: AssemblyCompany("")] +[assembly: AssemblyProduct("DotNetOpenAuth")] +[assembly: AssemblyCopyright("Copyright © 2008")] +[assembly: AssemblyTrademark("")] +[assembly: AssemblyCulture("")] +[assembly: NeutralResourcesLanguage("en-US")] +[assembly: CLSCompliant(true)] + +// Setting ComVisible to false makes the types in this assembly not visible +// to COM components. If you need to access a type in this assembly from +// COM, set the ComVisible attribute to true on that type. +[assembly: ComVisible(false)] + +// The following GUID is for the ID of the typelib if this project is exposed to COM +[assembly: Guid("7d73990c-47c0-4256-9f20-a893add9e289")] + +[assembly: ContractVerification(true)] + +#if StrongNameSigned +// See comment at top of this file. We need this so that strong-naming doesn't +// keep this assembly from being useful to shared host (medium trust) web sites. +[assembly: AllowPartiallyTrustedCallers] + +[assembly: InternalsVisibleTo("DotNetOpenAuth.Test, PublicKey=0024000004800000940000000602000000240000525341310004000001000100AD093C3765257C89A7010E853F2C7C741FF92FA8ACE06D7B8254702CAD5CF99104447F63AB05F8BB6F51CE0D81C8C93D2FCE8C20AAFF7042E721CBA16EAAE98778611DED11C0ABC8900DC5667F99B50A9DADEC24DBD8F2C91E3E8AD300EF64F1B4B9536CEB16FB440AF939F57624A9B486F867807C649AE4830EAB88C6C03998")] +[assembly: InternalsVisibleTo("DotNetOpenAuth.OAuth2, PublicKey=0024000004800000940000000602000000240000525341310004000001000100AD093C3765257C89A7010E853F2C7C741FF92FA8ACE06D7B8254702CAD5CF99104447F63AB05F8BB6F51CE0D81C8C93D2FCE8C20AAFF7042E721CBA16EAAE98778611DED11C0ABC8900DC5667F99B50A9DADEC24DBD8F2C91E3E8AD300EF64F1B4B9536CEB16FB440AF939F57624A9B486F867807C649AE4830EAB88C6C03998")] +#else +[assembly: InternalsVisibleTo("DotNetOpenAuth.Test")] +[assembly: InternalsVisibleTo("DotNetOpenAuth.OAuth.Consumer")] +[assembly: InternalsVisibleTo("DotNetOpenAuth.OAuth.ServiceProvider")] +[assembly: InternalsVisibleTo("DotNetOpenAuth.OAuth2")] +#endif diff --git a/src/DotNetOpenAuth.OAuth.Consumer/Properties/Properties/AssemblyInfo.cs b/src/DotNetOpenAuth.OAuth.Consumer/Properties/Properties/AssemblyInfo.cs new file mode 100644 index 0000000..21104e3 --- /dev/null +++ b/src/DotNetOpenAuth.OAuth.Consumer/Properties/Properties/AssemblyInfo.cs @@ -0,0 +1,56 @@ +//----------------------------------------------------------------------- +// <copyright file="AssemblyInfo.cs" company="Andrew Arnott"> +// Copyright (c) Andrew Arnott. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- + +// We DON'T put an AssemblyVersionAttribute in here because it is generated in the build. + +using System; +using System.Diagnostics.Contracts; +using System.Net; +using System.Reflection; +using System.Resources; +using System.Runtime.CompilerServices; +using System.Runtime.InteropServices; +using System.Security; +using System.Security.Permissions; +using System.Web.UI; + +[assembly: TagPrefix("DotNetOpenAuth.OAuth", "oauth")] + +// General Information about an assembly is controlled through the following +// set of attributes. Change these attribute values to modify the information +// associated with an assembly. +[assembly: AssemblyTitle("DotNetOpenAuth OAuth")] +[assembly: AssemblyDescription("")] +[assembly: AssemblyConfiguration("")] +[assembly: AssemblyCompany("")] +[assembly: AssemblyProduct("DotNetOpenAuth")] +[assembly: AssemblyCopyright("Copyright © 2008")] +[assembly: AssemblyTrademark("")] +[assembly: AssemblyCulture("")] +[assembly: NeutralResourcesLanguage("en-US")] +[assembly: CLSCompliant(true)] + +// Setting ComVisible to false makes the types in this assembly not visible +// to COM components. If you need to access a type in this assembly from +// COM, set the ComVisible attribute to true on that type. +[assembly: ComVisible(false)] + +// The following GUID is for the ID of the typelib if this project is exposed to COM +[assembly: Guid("7d73990c-47c0-4256-9f20-a893add9e289")] + +[assembly: ContractVerification(true)] + +#if StrongNameSigned +// See comment at top of this file. We need this so that strong-naming doesn't +// keep this assembly from being useful to shared host (medium trust) web sites. +[assembly: AllowPartiallyTrustedCallers] + +[assembly: InternalsVisibleTo("DotNetOpenAuth.Test, PublicKey=0024000004800000940000000602000000240000525341310004000001000100AD093C3765257C89A7010E853F2C7C741FF92FA8ACE06D7B8254702CAD5CF99104447F63AB05F8BB6F51CE0D81C8C93D2FCE8C20AAFF7042E721CBA16EAAE98778611DED11C0ABC8900DC5667F99B50A9DADEC24DBD8F2C91E3E8AD300EF64F1B4B9536CEB16FB440AF939F57624A9B486F867807C649AE4830EAB88C6C03998")] +[assembly: InternalsVisibleTo("DotNetOpenAuth.OAuth2, PublicKey=0024000004800000940000000602000000240000525341310004000001000100AD093C3765257C89A7010E853F2C7C741FF92FA8ACE06D7B8254702CAD5CF99104447F63AB05F8BB6F51CE0D81C8C93D2FCE8C20AAFF7042E721CBA16EAAE98778611DED11C0ABC8900DC5667F99B50A9DADEC24DBD8F2C91E3E8AD300EF64F1B4B9536CEB16FB440AF939F57624A9B486F867807C649AE4830EAB88C6C03998")] +#else +[assembly: InternalsVisibleTo("DotNetOpenAuth.Test")] +[assembly: InternalsVisibleTo("DotNetOpenAuth.OAuth2")] +#endif |