Broke out OAuth 2 into 4 separate assemblies.

3 files changed, 229 insertions, 0 deletions

diff --git a/src/DotNetOpenAuth.OAuth2.ResourceServer/DotNetOpenAuth.OAuth2.ResourceServer.csproj b/src/DotNetOpenAuth.OAuth2.ResourceServer/DotNetOpenAuth.OAuth2.ResourceServer.csproj
new file mode 100644
index 0000000..48010df
--- /dev/null
+++ b/src/DotNetOpenAuth.OAuth2.ResourceServer/DotNetOpenAuth.OAuth2.ResourceServer.csproj
@@ -0,0 +1,41 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project ToolsVersion="4.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+  <Import Project="$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.props))\EnlistmentInfo.props" Condition=" '$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.props))' != '' " />
+  <PropertyGroup>
+    <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration>
+    <Platform Condition=" '$(Platform)' == '' ">AnyCPU</Platform>
+  </PropertyGroup>
+  <Import Project="$(ProjectRoot)tools\DotNetOpenAuth.props" />
+  <PropertyGroup>
+    <SchemaVersion>2.0</SchemaVersion>
+    <ProjectGuid>{A1A3150A-7B0E-4A34-8E35-045296CD3C76}</ProjectGuid>
+    <AppDesignerFolder>Properties</AppDesignerFolder>
+    <AssemblyName>DotNetOpenAuth.OAuth2.ResourceServer</AssemblyName>
+  </PropertyGroup>
+  <Import Project="$(ProjectRoot)tools\DotNetOpenAuth.Product.props" />
+  <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' ">
+  </PropertyGroup>
+  <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Release|AnyCPU' ">
+  </PropertyGroup>
+  <ItemGroup>
+    <Compile Include="OAuth2\ResourceServer.cs" />
+    <Compile Include="Properties\AssemblyInfo.cs" />
+  </ItemGroup>
+  <ItemGroup>
+    <ProjectReference Include="..\DotNetOpenAuth.Messaging\DotNetOpenAuth.Messaging.csproj">
+      <Project>{60426312-6AE5-4835-8667-37EDEA670222}</Project>
+      <Name>DotNetOpenAuth.Messaging</Name>
+    </ProjectReference>
+    <ProjectReference Include="..\DotNetOpenAuth.OAuth.ServiceProvider\DotNetOpenAuth.OAuth.ServiceProvider.csproj">
+      <Project>{FED1923A-6D70-49B5-A37A-FB744FEC1C86}</Project>
+      <Name>DotNetOpenAuth.OAuth.ServiceProvider</Name>
+    </ProjectReference>
+    <ProjectReference Include="..\DotNetOpenAuth.OAuth2\DotNetOpenAuth.OAuth2.csproj">
+      <Project>{56459A6C-6BA2-4BAC-A9C0-27E3BD961FA6}</Project>
+      <Name>DotNetOpenAuth.OAuth2</Name>
+    </ProjectReference>
+  </ItemGroup>
+  <Import Project="$(MSBuildToolsPath)\Microsoft.CSharp.targets" />
+  <Import Project="$(ProjectRoot)tools\DotNetOpenAuth.targets" />
+  <Import Project="$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.targets))\EnlistmentInfo.targets" Condition=" '$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.targets))' != '' " />
+</Project>
\ No newline at end of file
diff --git a/src/DotNetOpenAuth.OAuth2.ResourceServer/OAuth2/ResourceServer.cs b/src/DotNetOpenAuth.OAuth2.ResourceServer/OAuth2/ResourceServer.cs
new file mode 100644
index 0000000..a5baef0
--- /dev/null
+++ b/src/DotNetOpenAuth.OAuth2.ResourceServer/OAuth2/ResourceServer.cs
@@ -0,0 +1,136 @@
+//-----------------------------------------------------------------------
+// <copyright file="ResourceServer.cs" company="Andrew Arnott">
+//     Copyright (c) Andrew Arnott. All rights reserved.
+// </copyright>
+//-----------------------------------------------------------------------
+
+namespace DotNetOpenAuth.OAuth2 {
+	using System;
+	using System.Collections.Generic;
+	using System.Diagnostics.CodeAnalysis;
+	using System.Diagnostics.Contracts;
+	using System.Linq;
+	using System.Net;
+	using System.Security.Principal;
+	using System.ServiceModel.Channels;
+	using System.Text;
+	using System.Text.RegularExpressions;
+	using System.Web;
+	using ChannelElements;
+	using Messages;
+	using Messaging;
+
+	/// <summary>
+	/// Provides services for validating OAuth access tokens.
+	/// </summary>
+	public class ResourceServer {
+		/// <summary>
+		/// Initializes a new instance of the <see cref="ResourceServer"/> class.
+		/// </summary>
+		/// <param name="accessTokenAnalyzer">The access token analyzer.</param>
+		public ResourceServer(IAccessTokenAnalyzer accessTokenAnalyzer) {
+			Contract.Requires<ArgumentNullException>(accessTokenAnalyzer != null);
+
+			this.AccessTokenAnalyzer = accessTokenAnalyzer;
+			this.Channel = new OAuth2ResourceServerChannel();
+		}
+
+		/// <summary>
+		/// Gets the access token analyzer.
+		/// </summary>
+		/// <value>The access token analyzer.</value>
+		public IAccessTokenAnalyzer AccessTokenAnalyzer { get; private set; }
+
+		/// <summary>
+		/// Gets the channel.
+		/// </summary>
+		/// <value>The channel.</value>
+		internal OAuth2ResourceServerChannel Channel { get; private set; }
+
+		/// <summary>
+		/// Discovers what access the client should have considering the access token in the current request.
+		/// </summary>
+		/// <param name="userName">The name on the account the client has access to.</param>
+		/// <param name="scope">The set of operations the client is authorized for.</param>
+		/// <returns>An error to return to the client if access is not authorized; <c>null</c> if access is granted.</returns>
+		[SuppressMessage("Microsoft.Design", "CA1021:AvoidOutParameters", MessageId = "0#", Justification = "Try pattern")]
+		[SuppressMessage("Microsoft.Design", "CA1021:AvoidOutParameters", MessageId = "1#", Justification = "Try pattern")]
+		public OutgoingWebResponse VerifyAccess(out string userName, out HashSet<string> scope) {
+			return this.VerifyAccess(this.Channel.GetRequestFromContext(), out userName, out scope);
+		}
+
+		/// <summary>
+		/// Discovers what access the client should have considering the access token in the current request.
+		/// </summary>
+		/// <param name="httpRequestInfo">The HTTP request info.</param>
+		/// <param name="userName">The name on the account the client has access to.</param>
+		/// <param name="scope">The set of operations the client is authorized for.</param>
+		/// <returns>
+		/// An error to return to the client if access is not authorized; <c>null</c> if access is granted.
+		/// </returns>
+		[SuppressMessage("Microsoft.Design", "CA1021:AvoidOutParameters", MessageId = "1#", Justification = "Try pattern")]
+		[SuppressMessage("Microsoft.Design", "CA1021:AvoidOutParameters", MessageId = "2#", Justification = "Try pattern")]
+		public virtual OutgoingWebResponse VerifyAccess(HttpRequestInfo httpRequestInfo, out string userName, out HashSet<string> scope) {
+			Contract.Requires<ArgumentNullException>(httpRequestInfo != null);
+
+			AccessProtectedResourceRequest request = null;
+			try {
+				if (this.Channel.TryReadFromRequest<AccessProtectedResourceRequest>(httpRequestInfo, out request)) {
+					if (this.AccessTokenAnalyzer.TryValidateAccessToken(request, request.AccessToken, out userName, out scope)) {
+						// No errors to return.
+						return null;
+					}
+
+					throw ErrorUtilities.ThrowProtocol("Bad access token");
+				} else {
+					var response = new UnauthorizedResponse(new ProtocolException("Missing access token"));
+
+					userName = null;
+					scope = null;
+					return this.Channel.PrepareResponse(response);
+				}
+			} catch (ProtocolException ex) {
+				var response = request != null ? new UnauthorizedResponse(request, ex) : new UnauthorizedResponse(ex);
+
+				userName = null;
+				scope = null;
+				return this.Channel.PrepareResponse(response);
+			}
+		}
+
+		/// <summary>
+		/// Discovers what access the client should have considering the access token in the current request.
+		/// </summary>
+		/// <param name="httpRequestInfo">The HTTP request info.</param>
+		/// <param name="principal">The principal that contains the user and roles that the access token is authorized for.</param>
+		/// <returns>
+		/// An error to return to the client if access is not authorized; <c>null</c> if access is granted.
+		/// </returns>
+		[SuppressMessage("Microsoft.Design", "CA1021:AvoidOutParameters", MessageId = "1#", Justification = "Try pattern")]
+		public virtual OutgoingWebResponse VerifyAccess(HttpRequestInfo httpRequestInfo, out IPrincipal principal) {
+			string username;
+			HashSet<string> scope;
+			var result = this.VerifyAccess(httpRequestInfo, out username, out scope);
+			principal = result == null ? new OAuth.ChannelElements.OAuthPrincipal(username, scope != null ? scope.ToArray() : new string[0]) : null;
+			return result;
+		}
+
+		/// <summary>
+		/// Discovers what access the client should have considering the access token in the current request.
+		/// </summary>
+		/// <param name="request">HTTP details from an incoming WCF message.</param>
+		/// <param name="requestUri">The URI of the WCF service endpoint.</param>
+		/// <param name="principal">The principal that contains the user and roles that the access token is authorized for.</param>
+		/// <returns>
+		/// An error to return to the client if access is not authorized; <c>null</c> if access is granted.
+		/// </returns>
+		[SuppressMessage("Microsoft.Design", "CA1021:AvoidOutParameters", MessageId = "1#", Justification = "Try pattern")]
+		[SuppressMessage("Microsoft.Design", "CA1021:AvoidOutParameters", MessageId = "2#", Justification = "Try pattern")]
+		public virtual OutgoingWebResponse VerifyAccess(HttpRequestMessageProperty request, Uri requestUri, out IPrincipal principal) {
+			Contract.Requires<ArgumentNullException>(request != null);
+			Contract.Requires<ArgumentNullException>(requestUri != null);
+
+			return this.VerifyAccess(new HttpRequestInfo(request, requestUri), out principal);
+		}
+	}
+}
diff --git a/src/DotNetOpenAuth.OAuth2.ResourceServer/Properties/AssemblyInfo.cs b/src/DotNetOpenAuth.OAuth2.ResourceServer/Properties/AssemblyInfo.cs
new file mode 100644
index 0000000..ad8decc
--- /dev/null
+++ b/src/DotNetOpenAuth.OAuth2.ResourceServer/Properties/AssemblyInfo.cs
@@ -0,0 +1,52 @@
+//-----------------------------------------------------------------------
+// <copyright file="AssemblyInfo.cs" company="Andrew Arnott">
+//     Copyright (c) Andrew Arnott. All rights reserved.
+// </copyright>
+//-----------------------------------------------------------------------
+
+// We DON'T put an AssemblyVersionAttribute in here because it is generated in the build.
+
+using System;
+using System.Diagnostics.Contracts;
+using System.Net;
+using System.Reflection;
+using System.Resources;
+using System.Runtime.CompilerServices;
+using System.Runtime.InteropServices;
+using System.Security;
+using System.Security.Permissions;
+using System.Web.UI;
+
+// General Information about an assembly is controlled through the following 
+// set of attributes. Change these attribute values to modify the information
+// associated with an assembly.
+[assembly: AssemblyTitle("DotNetOpenAuth OAuth 2.0")]
+[assembly: AssemblyDescription("")]
+[assembly: AssemblyConfiguration("")]
+[assembly: AssemblyCompany("")]
+[assembly: AssemblyProduct("DotNetOpenAuth")]
+[assembly: AssemblyCopyright("Copyright ©  2008")]
+[assembly: AssemblyTrademark("")]
+[assembly: AssemblyCulture("")]
+[assembly: NeutralResourcesLanguage("en-US")]
+[assembly: CLSCompliant(true)]
+
+// Setting ComVisible to false makes the types in this assembly not visible 
+// to COM components.  If you need to access a type in this assembly from 
+// COM, set the ComVisible attribute to true on that type.
+[assembly: ComVisible(false)]
+
+// The following GUID is for the ID of the typelib if this project is exposed to COM
+[assembly: Guid("7d73990c-47c0-4256-9f20-a893add9e289")]
+
+[assembly: ContractVerification(true)]
+
+#if StrongNameSigned
+// See comment at top of this file.  We need this so that strong-naming doesn't
+// keep this assembly from being useful to shared host (medium trust) web sites.
+[assembly: AllowPartiallyTrustedCallers]
+
+[assembly: InternalsVisibleTo("DotNetOpenAuth.Test, PublicKey=0024000004800000940000000602000000240000525341310004000001000100AD093C3765257C89A7010E853F2C7C741FF92FA8ACE06D7B8254702CAD5CF99104447F63AB05F8BB6F51CE0D81C8C93D2FCE8C20AAFF7042E721CBA16EAAE98778611DED11C0ABC8900DC5667F99B50A9DADEC24DBD8F2C91E3E8AD300EF64F1B4B9536CEB16FB440AF939F57624A9B486F867807C649AE4830EAB88C6C03998")]
+#else
+[assembly: InternalsVisibleTo("DotNetOpenAuth.Test")]
+#endif