diff options
| author | Andrew Arnott <andrewarnott@gmail.com> | 2012-02-24 09:02:58 -0800 |
|---|---|---|
| committer | Andrew Arnott <andrewarnott@gmail.com> | 2012-02-24 09:02:58 -0800 |
| commit | 98f555915c230a8af154984fb7d29f58a5027acc (patch) | |
| tree | d6303fe488eb02f2fe5d4eb5d0a4db7f8b4ec148 /src/DotNetOpenAuth.OAuth2/OAuth2/ChannelElements/AccessRequestBindingElement.cs | |
| parent | b06334b3cd7fa616c5a53ced828b890c1380744a (diff) | |
| download | DotNetOpenAuth-98f555915c230a8af154984fb7d29f58a5027acc.zip DotNetOpenAuth-98f555915c230a8af154984fb7d29f58a5027acc.tar.gz DotNetOpenAuth-98f555915c230a8af154984fb7d29f58a5027acc.tar.bz2 | |
Adds support for the resource owner password credential grant.
Fixes #72
Diffstat (limited to 'src/DotNetOpenAuth.OAuth2/OAuth2/ChannelElements/AccessRequestBindingElement.cs')
| -rw-r--r-- | src/DotNetOpenAuth.OAuth2/OAuth2/ChannelElements/AccessRequestBindingElement.cs | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/src/DotNetOpenAuth.OAuth2/OAuth2/ChannelElements/AccessRequestBindingElement.cs b/src/DotNetOpenAuth.OAuth2/OAuth2/ChannelElements/AccessRequestBindingElement.cs index 6132c98..b0cef58 100644 --- a/src/DotNetOpenAuth.OAuth2/OAuth2/ChannelElements/AccessRequestBindingElement.cs +++ b/src/DotNetOpenAuth.OAuth2/OAuth2/ChannelElements/AccessRequestBindingElement.cs @@ -114,6 +114,7 @@ namespace DotNetOpenAuth.OAuth2.ChannelElements { try { var authCodeCarrier = message as IAuthorizationCodeCarryingRequest; var refreshTokenCarrier = message as IRefreshTokenCarryingRequest; + var resourceOwnerPasswordCarrier = message as AccessTokenResourceOwnerPasswordCredentialsRequest; if (authCodeCarrier != null) { var authorizationCodeFormatter = AuthorizationCode.CreateFormatter(this.AuthorizationServer); var authorizationCode = authorizationCodeFormatter.Deserialize(message, authCodeCarrier.Code); @@ -122,6 +123,23 @@ namespace DotNetOpenAuth.OAuth2.ChannelElements { var refreshTokenFormatter = RefreshToken.CreateFormatter(this.AuthorizationServer.CryptoKeyStore); var refreshToken = refreshTokenFormatter.Deserialize(message, refreshTokenCarrier.RefreshToken); refreshTokenCarrier.AuthorizationDescription = refreshToken; + } else if (resourceOwnerPasswordCarrier != null) { + try { + if (this.AuthorizationServer.IsResourceOwnerCredentialValid(resourceOwnerPasswordCarrier.UserName, resourceOwnerPasswordCarrier.Password)) { + resourceOwnerPasswordCarrier.CredentialsValidated = true; + } else { + Logger.OAuth.WarnFormat("Resource owner password credential for user \"{0}\" rejected by authorization server host.", resourceOwnerPasswordCarrier.UserName); + + // TODO: fix this to report the appropriate error code for a bad credential. + throw new ProtocolException(); + } + } catch (NotSupportedException) { + // TODO: fix this to return the appropriate error code for not supporting resource owner password credentials + throw new ProtocolException(); + } catch (NotImplementedException) { + // TODO: fix this to return the appropriate error code for not supporting resource owner password credentials + throw new ProtocolException(); + } } else { throw ErrorUtilities.ThrowInternal("Unexpected message type: " + tokenRequest.GetType()); } |