diff options
author | Andrew Arnott <andrewarnott@gmail.com> | 2012-05-29 18:00:36 -0700 |
---|---|---|
committer | Andrew Arnott <andrewarnott@gmail.com> | 2012-05-29 18:00:36 -0700 |
commit | 1c0bac40d9f9a8daf01e9b762d7aaceb94aa670a (patch) | |
tree | 668ce6724fa1101c300cfb0960c2e1e895d0edbf /src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements | |
parent | 7f61a61f4e9073af1f62f15f08e8f0893bffee5e (diff) | |
download | DotNetOpenAuth-1c0bac40d9f9a8daf01e9b762d7aaceb94aa670a.zip DotNetOpenAuth-1c0bac40d9f9a8daf01e9b762d7aaceb94aa670a.tar.gz DotNetOpenAuth-1c0bac40d9f9a8daf01e9b762d7aaceb94aa670a.tar.bz2 |
Special handling for client credential grant type
Access token requests that carry client credential grants are now
specially handled and signal to the authorization server that an
authorization record should be created.
More work toward #138
Diffstat (limited to 'src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements')
-rw-r--r-- | src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/MessageValidationBindingElement.cs | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/MessageValidationBindingElement.cs b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/MessageValidationBindingElement.cs index e6ca2f3..80b843a 100644 --- a/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/MessageValidationBindingElement.cs +++ b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/MessageValidationBindingElement.cs @@ -138,6 +138,19 @@ namespace DotNetOpenAuth.OAuth2.ChannelElements { } applied = true; + } else if (clientCredentialOnly != null) { + try { + if (!this.AuthorizationServer.TryAuthorizeClientCredentialsGrant(clientCredentialOnly)) { + Logger.OAuth.ErrorFormat( + "Client credentials grant access request for client \"{0}\" rejected by authorization server host.", + clientCredentialOnly.ClientIdentifier); + throw new TokenEndpointProtocolException(accessTokenRequest, Protocol.AccessTokenRequestErrorCodes.UnauthorizedClient); + } + } catch (NotSupportedException) { + throw new TokenEndpointProtocolException(accessTokenRequest, Protocol.AccessTokenRequestErrorCodes.UnsupportedGrantType); + } catch (NotImplementedException) { + throw new TokenEndpointProtocolException(accessTokenRequest, Protocol.AccessTokenRequestErrorCodes.UnsupportedGrantType); + } } else { // Check that authorization requests come with an acceptable callback URI. var authorizationRequest = message as EndUserAuthorizationRequest; |