diff options
| author | Andrew Arnott <andrewarnott@gmail.com> | 2013-03-01 21:22:52 -0800 |
|---|---|---|
| committer | Andrew Arnott <andrewarnott@gmail.com> | 2013-03-01 21:22:52 -0800 |
| commit | bb7549901264bf51276bdd33cab293b83a7fcceb (patch) | |
| tree | ecd95f4d7abea7dd1d8fbd7be0b565266ee5ce19 /src/DotNetOpenAuth.OAuth2.AuthorizationServer | |
| parent | 9b403a0a59e0385e5a2a7e95e3053de7f0e90a34 (diff) | |
| download | DotNetOpenAuth-bb7549901264bf51276bdd33cab293b83a7fcceb.zip DotNetOpenAuth-bb7549901264bf51276bdd33cab293b83a7fcceb.tar.gz DotNetOpenAuth-bb7549901264bf51276bdd33cab293b83a7fcceb.tar.bz2 | |
Adds support for symmetric key signing and encryption of access tokens.
This targets the common scenario where authorization servers and resource servers are actually on the same web application, and asymmetric cryptography is overkill and requires extra setup.
Diffstat (limited to 'src/DotNetOpenAuth.OAuth2.AuthorizationServer')
| -rw-r--r-- | src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/AuthorizationServerAccessToken.cs | 16 |
1 files changed, 14 insertions, 2 deletions
diff --git a/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/AuthorizationServerAccessToken.cs b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/AuthorizationServerAccessToken.cs index 7c9f808..cbf4b09 100644 --- a/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/AuthorizationServerAccessToken.cs +++ b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/AuthorizationServerAccessToken.cs @@ -11,6 +11,7 @@ namespace DotNetOpenAuth.OAuth2 { using System.Security.Cryptography; using System.Text; using DotNetOpenAuth.Messaging; + using DotNetOpenAuth.Messaging.Bindings; using DotNetOpenAuth.OAuth2.ChannelElements; /// <summary> @@ -40,12 +41,23 @@ namespace DotNetOpenAuth.OAuth2 { public RSACryptoServiceProvider ResourceServerEncryptionKey { get; set; } /// <summary> + /// Gets or sets the symmetric key store to use if the asymmetric key properties are not set. + /// </summary> + public ICryptoKeyStore SymmetricKeyStore { get; set; } + + /// <summary> /// Serializes this instance to a simple string for transmission to the client. /// </summary> /// <returns>A non-empty string.</returns> protected internal override string Serialize() { - ErrorUtilities.VerifyHost(this.AccessTokenSigningKey != null, AuthServerStrings.AccessTokenSigningKeyMissing); - var formatter = CreateFormatter(this.AccessTokenSigningKey, this.ResourceServerEncryptionKey); + ErrorUtilities.VerifyHost(this.AccessTokenSigningKey != null || this.SymmetricKeyStore != null, AuthServerStrings.AccessTokenSigningKeyMissing); + IDataBagFormatter<AccessToken> formatter; + if (this.AccessTokenSigningKey != null) { + formatter = CreateFormatter(this.AccessTokenSigningKey, this.ResourceServerEncryptionKey); + } else { + formatter = CreateFormatter(this.SymmetricKeyStore); + } + return formatter.Serialize(this); } } |