diff options
| author | Andrew Arnott <andrewarnott@gmail.com> | 2012-02-19 21:35:41 -0800 |
|---|---|---|
| committer | Andrew Arnott <andrewarnott@gmail.com> | 2012-02-19 21:35:41 -0800 |
| commit | 339d48e68b86344bb611ed1db1050d8c2f569927 (patch) | |
| tree | c1495f55f5feb68b0b40ec929533dbbebc71a24b /src/DotNetOpenAuth.OAuth2/OAuth2 | |
| parent | 2746ec1fabc080c0ce8b088fa342e5ba1178ba70 (diff) | |
| parent | 061794ec18d2e3286194f6db849d9b3b0bedb7b3 (diff) | |
| download | DotNetOpenAuth-339d48e68b86344bb611ed1db1050d8c2f569927.zip DotNetOpenAuth-339d48e68b86344bb611ed1db1050d8c2f569927.tar.gz DotNetOpenAuth-339d48e68b86344bb611ed1db1050d8c2f569927.tar.bz2 | |
Merge branch 'master' into HEAD
Diffstat (limited to 'src/DotNetOpenAuth.OAuth2/OAuth2')
5 files changed, 29 insertions, 4 deletions
diff --git a/src/DotNetOpenAuth.OAuth2/OAuth2/ChannelElements/OAuth2AuthorizationServerChannel.cs b/src/DotNetOpenAuth.OAuth2/OAuth2/ChannelElements/OAuth2AuthorizationServerChannel.cs index 1026018..295ee86 100644 --- a/src/DotNetOpenAuth.OAuth2/OAuth2/ChannelElements/OAuth2AuthorizationServerChannel.cs +++ b/src/DotNetOpenAuth.OAuth2/OAuth2/ChannelElements/OAuth2AuthorizationServerChannel.cs @@ -56,6 +56,7 @@ namespace DotNetOpenAuth.OAuth2.ChannelElements { /// </remarks> protected override OutgoingWebResponse PrepareDirectResponse(IProtocolMessage response) { var webResponse = new OutgoingWebResponse(); + this.ApplyMessageTemplate(response, webResponse); string json = this.SerializeAsJson(response); webResponse.SetResponse(json, new ContentType(JsonEncoded)); return webResponse; diff --git a/src/DotNetOpenAuth.OAuth2/OAuth2/ChannelElements/OAuth2ResourceServerChannel.cs b/src/DotNetOpenAuth.OAuth2/OAuth2/ChannelElements/OAuth2ResourceServerChannel.cs index cc61d47..1c2a080 100644 --- a/src/DotNetOpenAuth.OAuth2/OAuth2/ChannelElements/OAuth2ResourceServerChannel.cs +++ b/src/DotNetOpenAuth.OAuth2/OAuth2/ChannelElements/OAuth2ResourceServerChannel.cs @@ -106,10 +106,9 @@ namespace DotNetOpenAuth.OAuth2.ChannelElements { ErrorUtilities.VerifyInternal(unauthorizedResponse != null, "Only unauthorized responses are expected."); // First initialize based on the specifics within the message. - var httpResponse = response as IHttpDirectResponse; - webResponse.Status = httpResponse != null ? httpResponse.HttpStatusCode : HttpStatusCode.Unauthorized; - foreach (string headerName in httpResponse.Headers) { - webResponse.Headers.Add(headerName, httpResponse.Headers[headerName]); + this.ApplyMessageTemplate(response, webResponse); + if (!(response is IHttpDirectResponse)) { + webResponse.Status = HttpStatusCode.Unauthorized; } // Now serialize all the message parts into the WWW-Authenticate header. diff --git a/src/DotNetOpenAuth.OAuth2/OAuth2/Messages/AccessTokenSuccessResponse.cs b/src/DotNetOpenAuth.OAuth2/OAuth2/Messages/AccessTokenSuccessResponse.cs index c5c93b5..534929b 100644 --- a/src/DotNetOpenAuth.OAuth2/OAuth2/Messages/AccessTokenSuccessResponse.cs +++ b/src/DotNetOpenAuth.OAuth2/OAuth2/Messages/AccessTokenSuccessResponse.cs @@ -95,5 +95,18 @@ namespace DotNetOpenAuth.OAuth2.Messages { /// Gets or sets a value indicating whether a refresh token is or should be included in the response. /// </summary> internal bool HasRefreshToken { get; set; } + + /// <summary> + /// Checks the message state for conformity to the protocol specification + /// and throws an exception if the message is invalid. + /// </summary> + /// <exception cref="ProtocolException">Thrown if the message is invalid.</exception> + protected override void EnsureValidMessage() { + base.EnsureValidMessage(); + + // Per OAuth 2.0 section 4.4.3 (draft 23), refresh tokens should never be included + // in a response to an access token request that used the client credential grant type. + ErrorUtilities.VerifyProtocol(!this.HasRefreshToken || !(this.OriginatingRequest is AccessTokenClientCredentialsRequest), OAuthStrings.RefreshTokenInappropriateForRequestType, this.OriginatingRequest.GetType().Name); + } } } diff --git a/src/DotNetOpenAuth.OAuth2/OAuth2/OAuthStrings.Designer.cs b/src/DotNetOpenAuth.OAuth2/OAuth2/OAuthStrings.Designer.cs index dcd6139..2167b5f 100644 --- a/src/DotNetOpenAuth.OAuth2/OAuth2/OAuthStrings.Designer.cs +++ b/src/DotNetOpenAuth.OAuth2/OAuth2/OAuthStrings.Designer.cs @@ -160,6 +160,15 @@ namespace DotNetOpenAuth.OAuth2 { } /// <summary> + /// Looks up a localized string similar to The request message type {0} should not be responded to with a refresh token.. + /// </summary> + internal static string RefreshTokenInappropriateForRequestType { + get { + return ResourceManager.GetString("RefreshTokenInappropriateForRequestType", resourceCulture); + } + } + + /// <summary> /// Looks up a localized string similar to Individual scopes may not contain spaces.. /// </summary> internal static string ScopesMayNotContainSpaces { diff --git a/src/DotNetOpenAuth.OAuth2/OAuth2/OAuthStrings.resx b/src/DotNetOpenAuth.OAuth2/OAuth2/OAuthStrings.resx index 9f920e7..6fad914 100644 --- a/src/DotNetOpenAuth.OAuth2/OAuth2/OAuthStrings.resx +++ b/src/DotNetOpenAuth.OAuth2/OAuth2/OAuthStrings.resx @@ -150,6 +150,9 @@ <data name="NoGrantNoRefreshToken" xml:space="preserve"> <value>Refresh tokens should not be granted without the request including an access grant.</value> </data> + <data name="RefreshTokenInappropriateForRequestType" xml:space="preserve"> + <value>The request message type {0} should not be responded to with a refresh token.</value> + </data> <data name="ScopesMayNotContainSpaces" xml:space="preserve"> <value>Individual scopes may not contain spaces.</value> </data> |