diff options
| author | Andrew Arnott <andrewarnott@gmail.com> | 2012-04-22 08:00:42 -0700 |
|---|---|---|
| committer | Andrew Arnott <andrewarnott@gmail.com> | 2012-04-22 08:00:42 -0700 |
| commit | 94d1c68291865dc4557c599ce19cbec3c10541ff (patch) | |
| tree | f4037266b384f92435b8132a80ea917befa92c32 /src/DotNetOpenAuth.OAuth2/OAuth2/Protocol.cs | |
| parent | 1b6d8c2a40a019b43b252102353170380872da45 (diff) | |
| download | DotNetOpenAuth-94d1c68291865dc4557c599ce19cbec3c10541ff.zip DotNetOpenAuth-94d1c68291865dc4557c599ce19cbec3c10541ff.tar.gz DotNetOpenAuth-94d1c68291865dc4557c599ce19cbec3c10541ff.tar.bz2 | |
Fixes access denial errors from OAuth 2 resource servers so they include the required parameters in their WWW-Authenticate headers.
Fixes #124
Diffstat (limited to 'src/DotNetOpenAuth.OAuth2/OAuth2/Protocol.cs')
| -rw-r--r-- | src/DotNetOpenAuth.OAuth2/OAuth2/Protocol.cs | 34 |
1 files changed, 34 insertions, 0 deletions
diff --git a/src/DotNetOpenAuth.OAuth2/OAuth2/Protocol.cs b/src/DotNetOpenAuth.OAuth2/OAuth2/Protocol.cs index 986af13..d780a81 100644 --- a/src/DotNetOpenAuth.OAuth2/OAuth2/Protocol.cs +++ b/src/DotNetOpenAuth.OAuth2/OAuth2/Protocol.cs @@ -297,5 +297,39 @@ namespace DotNetOpenAuth.OAuth2 { /// </summary> internal const string Bearer = "bearer"; } + + internal static class BearerTokenUnauthorizedResponseParameters { + internal const string Realm = "realm"; + internal const string ErrorCode = "error"; + internal const string ErrorDescription = "error_description"; + internal const string ErrorUri = "error_uri"; + internal const string Scope = "scope"; + } + + /// <summary> + /// The error codes prescribed in http://self-issued.info/docs/draft-ietf-oauth-v2-bearer.html#resource-error-codes + /// </summary> + internal static class BearerTokenErrorCodes { + /// <summary> + /// The request is missing a required parameter, includes an unsupported parameter or parameter value, + /// repeats the same parameter, uses more than one method for including an access token, or is otherwise + /// malformed. The resource server SHOULD respond with the HTTP 400 (Bad Request) status code. + /// </summary> + internal const string InvalidRequest = "invalid_request"; + + /// <summary> + /// The access token provided is expired, revoked, malformed, or invalid for other reasons. + /// The resource SHOULD respond with the HTTP 401 (Unauthorized) status code. The client MAY request + /// a new access token and retry the protected resource request. + /// </summary> + internal const string InvalidToken = "invalid_token"; + + /// <summary> + /// The request requires higher privileges than provided by the access token. The resource server + /// SHOULD respond with the HTTP 403 (Forbidden) status code and MAY include the scope attribute + /// with the scope necessary to access the protected resource. + /// </summary> + internal const string InsufficientScope = "insufficient_scope"; + } } } |