diff options
| author | Andrew Arnott <andrewarnott@gmail.com> | 2012-04-20 19:43:19 -0700 |
|---|---|---|
| committer | Andrew Arnott <andrewarnott@gmail.com> | 2012-04-20 19:43:19 -0700 |
| commit | dd8ace7ab2b1b51ebd4fb5f04fb9b5e30bfe4493 (patch) | |
| tree | b9792d82bb3de9fa66a4e429b8f7dd2c23ad8cfe /src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/ClientCredentialHttpBasicReader.cs | |
| parent | bd0de8217763d02759815b91588cd578becf496b (diff) | |
| parent | 6da931cf632ccbfdab0b44b9ffd45ed7ff19c308 (diff) | |
| download | DotNetOpenAuth-dd8ace7ab2b1b51ebd4fb5f04fb9b5e30bfe4493.zip DotNetOpenAuth-dd8ace7ab2b1b51ebd4fb5f04fb9b5e30bfe4493.tar.gz DotNetOpenAuth-dd8ace7ab2b1b51ebd4fb5f04fb9b5e30bfe4493.tar.bz2 | |
Adds extensibility points for authenticating OAuth 2 clients at the client and authorization server ends.
Fixes #105
Related to #75
Diffstat (limited to 'src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/ClientCredentialHttpBasicReader.cs')
| -rw-r--r-- | src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/ClientCredentialHttpBasicReader.cs | 48 |
1 files changed, 48 insertions, 0 deletions
diff --git a/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/ClientCredentialHttpBasicReader.cs b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/ClientCredentialHttpBasicReader.cs new file mode 100644 index 0000000..655d38f --- /dev/null +++ b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/ClientCredentialHttpBasicReader.cs @@ -0,0 +1,48 @@ +//----------------------------------------------------------------------- +// <copyright file="ClientCredentialHttpBasicReader.cs" company="Andrew Arnott"> +// Copyright (c) Andrew Arnott. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- + +namespace DotNetOpenAuth.OAuth2.ChannelElements { + using System; + using System.Collections.Generic; + using System.Linq; + using System.Text; + using System.Web; + using DotNetOpenAuth.Messaging; + using DotNetOpenAuth.OAuth2.Messages; + + /// <summary> + /// Reads client authentication information from the HTTP Authorization header via Basic authentication. + /// </summary> + public class ClientCredentialHttpBasicReader : ClientAuthenticationModule { + /// <summary> + /// Gets this module's contribution to an HTTP 401 WWW-Authenticate header so the client knows what kind of authentication this module supports. + /// </summary> + public override string AuthenticateHeader { + get { return "Basic"; } + } + + /// <summary> + /// Attempts to extract client identification/authentication information from a message. + /// </summary> + /// <param name="authorizationServerHost">The authorization server host.</param> + /// <param name="requestMessage">The incoming message.</param> + /// <param name="clientIdentifier">Receives the client identifier, if one was found.</param> + /// <returns>The level of the extracted client information.</returns> + public override ClientAuthenticationResult TryAuthenticateClient(IAuthorizationServerHost authorizationServerHost, AuthenticatedClientRequestBase requestMessage, out string clientIdentifier) { + Requires.NotNull(authorizationServerHost, "authorizationServerHost"); + Requires.NotNull(requestMessage, "requestMessage"); + + var credential = OAuthUtilities.ParseHttpBasicAuth(requestMessage.Headers); + if (credential != null) { + clientIdentifier = credential.UserName; + return TryAuthenticateClientBySecret(authorizationServerHost, credential.UserName, credential.Password); + } + + clientIdentifier = null; + return ClientAuthenticationResult.NoAuthenticationRecognized; + } + } +} |