diff options
| author | Andrew Arnott <andrewarnott@gmail.com> | 2013-03-01 21:33:22 -0800 |
|---|---|---|
| committer | Andrew Arnott <andrewarnott@gmail.com> | 2013-03-01 21:33:22 -0800 |
| commit | d4d806fbcc1c7cdc86ec8234c5792bbaf667d5a8 (patch) | |
| tree | 93004acbee42d003dc38674fc50826d0d440583b /src/DotNetOpenAuth.OAuth2.ResourceServer/OAuth2/StandardAccessTokenAnalyzer.cs | |
| parent | 6204dcf07f31b78478bc1ddb55a6ca9027617b67 (diff) | |
| parent | 74b6b4efd2be2680e3067f716829b0c9385ceebe (diff) | |
| download | DotNetOpenAuth-d4d806fbcc1c7cdc86ec8234c5792bbaf667d5a8.zip DotNetOpenAuth-d4d806fbcc1c7cdc86ec8234c5792bbaf667d5a8.tar.gz DotNetOpenAuth-d4d806fbcc1c7cdc86ec8234c5792bbaf667d5a8.tar.bz2 | |
Merge branch 'httpclient' into OAuthSimple
Diffstat (limited to 'src/DotNetOpenAuth.OAuth2.ResourceServer/OAuth2/StandardAccessTokenAnalyzer.cs')
| -rw-r--r-- | src/DotNetOpenAuth.OAuth2.ResourceServer/OAuth2/StandardAccessTokenAnalyzer.cs | 15 |
1 files changed, 14 insertions, 1 deletions
diff --git a/src/DotNetOpenAuth.OAuth2.ResourceServer/OAuth2/StandardAccessTokenAnalyzer.cs b/src/DotNetOpenAuth.OAuth2.ResourceServer/OAuth2/StandardAccessTokenAnalyzer.cs index 32f10ba..3bd0324 100644 --- a/src/DotNetOpenAuth.OAuth2.ResourceServer/OAuth2/StandardAccessTokenAnalyzer.cs +++ b/src/DotNetOpenAuth.OAuth2.ResourceServer/OAuth2/StandardAccessTokenAnalyzer.cs @@ -10,6 +10,7 @@ namespace DotNetOpenAuth.OAuth2 { using System.IO; using System.Security.Cryptography; using DotNetOpenAuth.Messaging; + using DotNetOpenAuth.Messaging.Bindings; using DotNetOpenAuth.OAuth2.ChannelElements; using Validation; @@ -30,6 +31,14 @@ namespace DotNetOpenAuth.OAuth2 { } /// <summary> + /// Initializes a new instance of the <see cref="StandardAccessTokenAnalyzer"/> class. + /// </summary> + public StandardAccessTokenAnalyzer(ICryptoKeyStore symmetricKeyStore) { + Requires.NotNull(symmetricKeyStore, "symmetricKeyStore"); + this.SymmetricKeyStore = symmetricKeyStore; + } + + /// <summary> /// Gets the authorization server public signing key. /// </summary> /// <value>The authorization server public signing key.</value> @@ -41,6 +50,8 @@ namespace DotNetOpenAuth.OAuth2 { /// <value>The resource server private encryption key.</value> public RSACryptoServiceProvider ResourceServerPrivateEncryptionKey { get; private set; } + public ICryptoKeyStore SymmetricKeyStore { get; private set; } + /// <summary> /// Reads an access token to find out what data it authorizes access to. /// </summary> @@ -50,7 +61,9 @@ namespace DotNetOpenAuth.OAuth2 { /// <exception cref="ProtocolException">Thrown if the access token is expired, invalid, or from an untrusted authorization server.</exception> public virtual AccessToken DeserializeAccessToken(IDirectedProtocolMessage message, string accessToken) { ErrorUtilities.VerifyProtocol(!string.IsNullOrEmpty(accessToken), ResourceServerStrings.MissingAccessToken); - var accessTokenFormatter = AccessToken.CreateFormatter(this.AuthorizationServerPublicSigningKey, this.ResourceServerPrivateEncryptionKey); + var accessTokenFormatter = this.AuthorizationServerPublicSigningKey != null + ? AccessToken.CreateFormatter(this.AuthorizationServerPublicSigningKey, this.ResourceServerPrivateEncryptionKey) + : AccessToken.CreateFormatter(this.SymmetricKeyStore); var token = new AccessToken(); try { accessTokenFormatter.Deserialize(token, accessToken, message, Protocol.access_token); |