diff options
| author | Andrew Arnott <andrewarnott@gmail.com> | 2013-03-03 07:20:01 -0800 |
|---|---|---|
| committer | Andrew Arnott <andrewarnott@gmail.com> | 2013-03-03 07:20:01 -0800 |
| commit | e38569da243fb331c46bfc2823dab749b5416327 (patch) | |
| tree | e2d312777958271dfed83b4e73b57fe953245261 /src/DotNetOpenAuth.OAuth2.ResourceServer/OAuth2/StandardAccessTokenAnalyzer.cs | |
| parent | ae44be6fcfe656d7f8ff0bb6162c67cc06384884 (diff) | |
| parent | 778328ec797299ed6aa01279b3ccbf1eb15258bd (diff) | |
| download | DotNetOpenAuth-e38569da243fb331c46bfc2823dab749b5416327.zip DotNetOpenAuth-e38569da243fb331c46bfc2823dab749b5416327.tar.gz DotNetOpenAuth-e38569da243fb331c46bfc2823dab749b5416327.tar.bz2 | |
Merge remote-tracking branch 'origin/v4.1' into v4.1
Diffstat (limited to 'src/DotNetOpenAuth.OAuth2.ResourceServer/OAuth2/StandardAccessTokenAnalyzer.cs')
| -rw-r--r-- | src/DotNetOpenAuth.OAuth2.ResourceServer/OAuth2/StandardAccessTokenAnalyzer.cs | 12 |
1 files changed, 9 insertions, 3 deletions
diff --git a/src/DotNetOpenAuth.OAuth2.ResourceServer/OAuth2/StandardAccessTokenAnalyzer.cs b/src/DotNetOpenAuth.OAuth2.ResourceServer/OAuth2/StandardAccessTokenAnalyzer.cs index 54d86ff..33b99f9 100644 --- a/src/DotNetOpenAuth.OAuth2.ResourceServer/OAuth2/StandardAccessTokenAnalyzer.cs +++ b/src/DotNetOpenAuth.OAuth2.ResourceServer/OAuth2/StandardAccessTokenAnalyzer.cs @@ -8,6 +8,7 @@ namespace DotNetOpenAuth.OAuth2 { using System; using System.Collections.Generic; using System.Diagnostics.Contracts; + using System.IO; using System.Security.Cryptography; using DotNetOpenAuth.Messaging; using DotNetOpenAuth.OAuth2.ChannelElements; @@ -23,8 +24,7 @@ namespace DotNetOpenAuth.OAuth2 { /// <param name="resourceServerPrivateEncryptionKey">The crypto service provider with the resource server private encryption key.</param> public StandardAccessTokenAnalyzer(RSACryptoServiceProvider authorizationServerPublicSigningKey, RSACryptoServiceProvider resourceServerPrivateEncryptionKey) { Requires.NotNull(authorizationServerPublicSigningKey, "authorizationServerPublicSigningKey"); - Requires.NotNull(resourceServerPrivateEncryptionKey, "resourceServerPrivateEncryptionKey"); - Requires.True(!resourceServerPrivateEncryptionKey.PublicOnly, "resourceServerPrivateEncryptionKey"); + Requires.True(resourceServerPrivateEncryptionKey == null || !resourceServerPrivateEncryptionKey.PublicOnly, "resourceServerPrivateEncryptionKey"); this.AuthorizationServerPublicSigningKey = authorizationServerPublicSigningKey; this.ResourceServerPrivateEncryptionKey = resourceServerPrivateEncryptionKey; } @@ -49,9 +49,15 @@ namespace DotNetOpenAuth.OAuth2 { /// <returns>The deserialized, validated token.</returns> /// <exception cref="ProtocolException">Thrown if the access token is expired, invalid, or from an untrusted authorization server.</exception> public virtual AccessToken DeserializeAccessToken(IDirectedProtocolMessage message, string accessToken) { + ErrorUtilities.VerifyProtocol(!string.IsNullOrEmpty(accessToken), ResourceServerStrings.MissingAccessToken); var accessTokenFormatter = AccessToken.CreateFormatter(this.AuthorizationServerPublicSigningKey, this.ResourceServerPrivateEncryptionKey); var token = new AccessToken(); - accessTokenFormatter.Deserialize(token, message, accessToken, Protocol.access_token); + try { + accessTokenFormatter.Deserialize(token, message, accessToken, Protocol.access_token); + } catch (IOException ex) { + throw new ProtocolException(ResourceServerStrings.InvalidAccessToken, ex); + } + return token; } } |