diff options
| author | Andrew Arnott <andrewarnott@gmail.com> | 2013-03-02 08:59:34 -0800 |
|---|---|---|
| committer | Andrew Arnott <andrewarnott@gmail.com> | 2013-03-02 08:59:34 -0800 |
| commit | 1a1a37ebb26034d2f5470c3be2da18cefe5293da (patch) | |
| tree | aeb0e2e6a5d7588a449a80881e477bc9b681ce7b /src | |
| parent | ffecd2bd3cd8e0f21d4156770afe5d84626ca6bc (diff) | |
| download | DotNetOpenAuth-1a1a37ebb26034d2f5470c3be2da18cefe5293da.zip DotNetOpenAuth-1a1a37ebb26034d2f5470c3be2da18cefe5293da.tar.gz DotNetOpenAuth-1a1a37ebb26034d2f5470c3be2da18cefe5293da.tar.bz2 | |
Fixes build breaks in DNOA.AspNet
Diffstat (limited to 'src')
10 files changed, 58 insertions, 561 deletions
diff --git a/src/DotNetOpenAuth.AspNet/Clients/OAuth/AuthenticationOnlyCookieOAuthTokenManager.cs b/src/DotNetOpenAuth.AspNet/Clients/OAuth/AuthenticationOnlyCookieOAuthTokenManager.cs deleted file mode 100644 index efc382f..0000000 --- a/src/DotNetOpenAuth.AspNet/Clients/OAuth/AuthenticationOnlyCookieOAuthTokenManager.cs +++ /dev/null @@ -1,127 +0,0 @@ -//----------------------------------------------------------------------- -// <copyright file="AuthenticationOnlyCookieOAuthTokenManager.cs" company="Microsoft"> -// Copyright (c) Microsoft. All rights reserved. -// </copyright> -//----------------------------------------------------------------------- - -namespace DotNetOpenAuth.AspNet.Clients { - using System; - using System.Text; - using System.Web; - using System.Web.Security; - - /// <summary> - /// Stores OAuth tokens in the current request's cookie - /// </summary> - public class AuthenticationOnlyCookieOAuthTokenManager : IOAuthTokenManager { - /// <summary> - /// Key used for token cookie - /// </summary> - protected const string TokenCookieKey = "OAuthTokenSecret"; - - /// <summary> - /// Primary request context. - /// </summary> - private readonly HttpContextBase primaryContext; - - /// <summary> - /// Initializes a new instance of the <see cref="AuthenticationOnlyCookieOAuthTokenManager"/> class. - /// </summary> - public AuthenticationOnlyCookieOAuthTokenManager() { - } - - /// <summary> - /// Initializes a new instance of the <see cref="AuthenticationOnlyCookieOAuthTokenManager"/> class. - /// </summary> - /// <param name="context">The current request context.</param> - public AuthenticationOnlyCookieOAuthTokenManager(HttpContextBase context) { - this.primaryContext = context; - } - - /// <summary> - /// Gets the effective HttpContext object to use. - /// </summary> - protected HttpContextBase Context { - get { - return this.primaryContext ?? new HttpContextWrapper(HttpContext.Current); - } - } - - /// <summary> - /// Gets the token secret from the specified token. - /// </summary> - /// <param name="token">The token.</param> - /// <returns> - /// The token's secret - /// </returns> - public virtual string GetTokenSecret(string token) { - HttpCookie cookie = this.Context.Request.Cookies[TokenCookieKey]; - if (cookie == null || string.IsNullOrEmpty(cookie.Values[token])) { - return null; - } - - string secret = DecodeAndUnprotectToken(token, cookie.Values[token]); - return secret; - } - - /// <summary> - /// Replaces the request token with access token. - /// </summary> - /// <param name="requestToken">The request token.</param> - /// <param name="accessToken">The access token.</param> - /// <param name="accessTokenSecret">The access token secret.</param> - public virtual void ReplaceRequestTokenWithAccessToken(string requestToken, string accessToken, string accessTokenSecret) { - var cookie = new HttpCookie(TokenCookieKey) { - Value = string.Empty, - Expires = DateTime.UtcNow.AddDays(-5) - }; - this.Context.Response.Cookies.Set(cookie); - } - - /// <summary> - /// Stores the request token together with its secret. - /// </summary> - /// <param name="requestToken">The request token.</param> - /// <param name="requestTokenSecret">The request token secret.</param> - public virtual void StoreRequestToken(string requestToken, string requestTokenSecret) { - var cookie = new HttpCookie(TokenCookieKey) { - HttpOnly = true - }; - - if (FormsAuthentication.RequireSSL) { - cookie.Secure = true; - } - - var encryptedToken = ProtectAndEncodeToken(requestToken, requestTokenSecret); - cookie.Values[requestToken] = encryptedToken; - - this.Context.Response.Cookies.Set(cookie); - } - - /// <summary> - /// Protect and url-encode the specified token secret. - /// </summary> - /// <param name="token">The token to be used as a key.</param> - /// <param name="tokenSecret">The token secret to be protected</param> - /// <returns>The encrypted and protected string.</returns> - protected static string ProtectAndEncodeToken(string token, string tokenSecret) - { - byte[] cookieBytes = Encoding.UTF8.GetBytes(tokenSecret); - var secretBytes = MachineKeyUtil.Protect(cookieBytes, TokenCookieKey, "Token:" + token); - return HttpServerUtility.UrlTokenEncode(secretBytes); - } - - /// <summary> - /// Url-decode and unprotect the specified encrypted token string. - /// </summary> - /// <param name="token">The token to be used as a key.</param> - /// <param name="encryptedToken">The encrypted token to be decrypted</param> - /// <returns>The original token secret</returns> - protected static string DecodeAndUnprotectToken(string token, string encryptedToken) - { - byte[] cookieBytes = HttpServerUtility.UrlTokenDecode(encryptedToken); - byte[] clearBytes = MachineKeyUtil.Unprotect(cookieBytes, TokenCookieKey, "Token:" + token); - return Encoding.UTF8.GetString(clearBytes); - } - } -}
\ No newline at end of file diff --git a/src/DotNetOpenAuth.AspNet/Clients/OAuth/CookieOAuthTokenManager.cs b/src/DotNetOpenAuth.AspNet/Clients/OAuth/CookieOAuthTokenManager.cs deleted file mode 100644 index 398ee85..0000000 --- a/src/DotNetOpenAuth.AspNet/Clients/OAuth/CookieOAuthTokenManager.cs +++ /dev/null @@ -1,79 +0,0 @@ -//----------------------------------------------------------------------- -// <copyright file="CookieOAuthTokenManager.cs" company="Microsoft"> -// Copyright (c) Microsoft. All rights reserved. -// </copyright> -//----------------------------------------------------------------------- - -namespace DotNetOpenAuth.AspNet.Clients { - using System.Web; - using System.Web.Security; - - /// <summary> - /// Stores OAuth tokens in the current request's cookie. - /// </summary> - /// <remarks> - /// This class is different from the <see cref="AuthenticationOnlyCookieOAuthTokenManager"/> in that - /// it also stores the access token after the authentication has succeeded. - /// </remarks> - public class CookieOAuthTokenManager : AuthenticationOnlyCookieOAuthTokenManager { - /// <summary> - /// Initializes a new instance of the <see cref="CookieOAuthTokenManager"/> class. - /// </summary> - public CookieOAuthTokenManager() { - } - - /// <summary> - /// Initializes a new instance of the <see cref="CookieOAuthTokenManager"/> class. - /// </summary> - /// <param name="context">The current request context.</param> - public CookieOAuthTokenManager(HttpContextBase context) - : base(context) { - } - - /// <summary> - /// Gets the token secret from the specified token. - /// </summary> - /// <param name="token">The token.</param> - /// <returns> - /// The token's secret - /// </returns> - public override string GetTokenSecret(string token) { - string secret = base.GetTokenSecret(token); - if (secret != null) { - return secret; - } - - // The base class checks for cookies in the Request object. - // Here we check in the Response object as well because we - // may have set it earlier in the request life cycle. - HttpCookie cookie = this.Context.Response.Cookies[TokenCookieKey]; - if (cookie == null || string.IsNullOrEmpty(cookie.Values[token])) { - return null; - } - - secret = DecodeAndUnprotectToken(token, cookie.Values[token]); - return secret; - } - - /// <summary> - /// Replaces the request token with access token. - /// </summary> - /// <param name="requestToken">The request token.</param> - /// <param name="accessToken">The access token.</param> - /// <param name="accessTokenSecret">The access token secret.</param> - public override void ReplaceRequestTokenWithAccessToken(string requestToken, string accessToken, string accessTokenSecret) { - var cookie = new HttpCookie(TokenCookieKey) { - HttpOnly = true - }; - - if (FormsAuthentication.RequireSSL) { - cookie.Secure = true; - } - - var encryptedToken = ProtectAndEncodeToken(accessToken, accessTokenSecret); - cookie.Values[accessToken] = encryptedToken; - - this.Context.Response.Cookies.Set(cookie); - } - } -}
\ No newline at end of file diff --git a/src/DotNetOpenAuth.AspNet/Clients/OAuth/DotNetOpenAuthWebConsumer.cs b/src/DotNetOpenAuth.AspNet/Clients/OAuth/DotNetOpenAuthWebConsumer.cs index cc35b76..1b6318f 100644 --- a/src/DotNetOpenAuth.AspNet/Clients/OAuth/DotNetOpenAuthWebConsumer.cs +++ b/src/DotNetOpenAuth.AspNet/Clients/OAuth/DotNetOpenAuthWebConsumer.cs @@ -11,6 +11,7 @@ namespace DotNetOpenAuth.AspNet.Clients { using System.Net.Http; using System.Threading; using System.Threading.Tasks; + using System.Web; using DotNetOpenAuth.Messaging; using DotNetOpenAuth.OAuth; using DotNetOpenAuth.OAuth.ChannelElements; @@ -20,13 +21,13 @@ namespace DotNetOpenAuth.AspNet.Clients { /// <summary> /// The dot net open auth web consumer. /// </summary> - public class DotNetOpenAuthWebConsumer : IOAuthWebWorker, IDisposable { + public class DotNetOpenAuthWebConsumer : IOAuthWebWorker { #region Constants and Fields /// <summary> /// The _web consumer. /// </summary> - private readonly WebConsumer webConsumer; + private readonly Consumer webConsumer; #endregion @@ -41,11 +42,15 @@ namespace DotNetOpenAuth.AspNet.Clients { /// <param name="tokenManager"> /// The token manager. /// </param> - public DotNetOpenAuthWebConsumer(ServiceProviderDescription serviceDescription, IConsumerTokenManager tokenManager) { + public DotNetOpenAuthWebConsumer(ServiceProviderDescription serviceDescription, string consumerKey, string consumerSecret) { Requires.NotNull(serviceDescription, "serviceDescription"); - Requires.NotNull(tokenManager, "tokenManager"); - this.webConsumer = new WebConsumer(serviceDescription, tokenManager); + this.webConsumer = new Consumer { + ServiceProvider = serviceDescription, + ConsumerKey = consumerKey, + ConsumerSecret = consumerSecret, + TemporaryCredentialStorage = new CookieTemporaryCredentialStorage(), + }; } #endregion @@ -53,7 +58,7 @@ namespace DotNetOpenAuth.AspNet.Clients { /// <summary> /// Gets the DotNetOpenAuth <see cref="WebConsumer"/> instance that can be used to make OAuth 1.0 authorized HTTP requests. /// </summary> - public WebConsumer Consumer { + public Consumer Consumer { get { return this.webConsumer; } } @@ -63,8 +68,8 @@ namespace DotNetOpenAuth.AspNet.Clients { /// Creates an HTTP message handler that authorizes outgoing web requests. /// </summary> /// <param name="accessToken">The access token.</param> - public HttpMessageHandler CreateMessageHandler(string accessToken) { - Requires.NotNullOrEmpty(accessToken, "accessToken"); + public HttpMessageHandler CreateMessageHandler(AccessToken accessToken) { + Requires.NotNullOrEmpty(accessToken.Token, "accessToken"); return this.Consumer.CreateMessageHandler(accessToken); } @@ -76,8 +81,12 @@ namespace DotNetOpenAuth.AspNet.Clients { /// <returns> /// The response message. /// </returns> - public Task<AuthorizedTokenResponse> ProcessUserAuthorizationAsync(CancellationToken cancellationToken = default(CancellationToken)) { - return this.webConsumer.ProcessUserAuthorizationAsync(cancellationToken: cancellationToken); + public Task<AccessTokenResponse> ProcessUserAuthorizationAsync(HttpContextBase context = null, CancellationToken cancellationToken = default(CancellationToken)) { + if (context == null) { + context = new HttpContextWrapper(HttpContext.Current); + } + + return this.webConsumer.ProcessUserAuthorizationAsync(context.Request.Url, cancellationToken: cancellationToken); } /// <summary> @@ -88,37 +97,10 @@ namespace DotNetOpenAuth.AspNet.Clients { /// <returns> /// The response message. /// </returns> - public async Task<HttpResponseMessage> RequestAuthenticationAsync(Uri callback, CancellationToken cancellationToken = default(CancellationToken)) { - var redirectParameters = new Dictionary<string, string>(); - UserAuthorizationRequest request = await this.webConsumer.PrepareRequestUserAuthorizationAsync( - callback, null, redirectParameters, cancellationToken); - var response = await this.webConsumer.Channel.PrepareResponseAsync(request, cancellationToken); - return response; - } - - #endregion - - #region IDisposable members - - /// <summary> - /// Performs application-defined tasks associated with freeing, releasing, or resetting unmanaged resources. - /// </summary> - /// <filterpriority>2</filterpriority> - public void Dispose() { - this.Dispose(true); - GC.SuppressFinalize(this); + public Task<Uri> RequestAuthenticationAsync(Uri callback, CancellationToken cancellationToken = default(CancellationToken)) { + return this.webConsumer.RequestUserAuthorizationAsync(callback, cancellationToken: cancellationToken); } #endregion - - /// <summary> - /// Releases unmanaged and - optionally - managed resources - /// </summary> - /// <param name="disposing"><c>true</c> to release both managed and unmanaged resources; <c>false</c> to release only unmanaged resources.</param> - protected virtual void Dispose(bool disposing) { - if (disposing) { - this.webConsumer.Dispose(); - } - } } } diff --git a/src/DotNetOpenAuth.AspNet/Clients/OAuth/IOAuthTokenManager.cs b/src/DotNetOpenAuth.AspNet/Clients/OAuth/IOAuthTokenManager.cs deleted file mode 100644 index 92f1c22..0000000 --- a/src/DotNetOpenAuth.AspNet/Clients/OAuth/IOAuthTokenManager.cs +++ /dev/null @@ -1,38 +0,0 @@ -//----------------------------------------------------------------------- -// <copyright file="IOAuthTokenManager.cs" company="Microsoft"> -// Copyright (c) Microsoft. All rights reserved. -// </copyright> -//----------------------------------------------------------------------- - -namespace DotNetOpenAuth.AspNet.Clients { - /// <summary> - /// A token manager for use by a web site in its role as a consumer of - /// an individual ServiceProvider. - /// </summary> - /// <remarks> - /// This interface is used by clients of the DotNetOpenAuth.AspNet classes. - /// </remarks> - public interface IOAuthTokenManager { - /// <summary> - /// Gets the token secret from the specified token. - /// </summary> - /// <param name="token">The token.</param> - /// <returns>The token's secret</returns> - string GetTokenSecret(string token); - - /// <summary> - /// Stores the request token together with its secret. - /// </summary> - /// <param name="requestToken">The request token.</param> - /// <param name="requestTokenSecret">The request token secret.</param> - void StoreRequestToken(string requestToken, string requestTokenSecret); - - /// <summary> - /// Replaces the request token with access token. - /// </summary> - /// <param name="requestToken">The request token.</param> - /// <param name="accessToken">The access token.</param> - /// <param name="accessTokenSecret">The access token secret.</param> - void ReplaceRequestTokenWithAccessToken(string requestToken, string accessToken, string accessTokenSecret); - } -}
\ No newline at end of file diff --git a/src/DotNetOpenAuth.AspNet/Clients/OAuth/IOAuthWebWorker.cs b/src/DotNetOpenAuth.AspNet/Clients/OAuth/IOAuthWebWorker.cs index 7763add..e3ee3e8 100644 --- a/src/DotNetOpenAuth.AspNet/Clients/OAuth/IOAuthWebWorker.cs +++ b/src/DotNetOpenAuth.AspNet/Clients/OAuth/IOAuthWebWorker.cs @@ -10,7 +10,9 @@ namespace DotNetOpenAuth.AspNet.Clients { using System.Net.Http; using System.Threading; using System.Threading.Tasks; + using System.Web; using DotNetOpenAuth.Messaging; + using DotNetOpenAuth.OAuth; using DotNetOpenAuth.OAuth.Messages; /// <summary> @@ -21,23 +23,23 @@ namespace DotNetOpenAuth.AspNet.Clients { /// Creates an HTTP message handler that authorizes outgoing web requests. /// </summary> /// <param name="accessToken">The access token.</param> - HttpMessageHandler CreateMessageHandler(string accessToken); + HttpMessageHandler CreateMessageHandler(AccessToken accessToken); /// <summary> /// The process user authorization. /// </summary> /// <param name="cancellationToken">The cancellation token.</param> /// <returns> - /// The response message. + /// The access token, if obtained; otherwise <c>null</c>. /// </returns> - Task<AuthorizedTokenResponse> ProcessUserAuthorizationAsync(CancellationToken cancellationToken = default(CancellationToken)); + Task<AccessTokenResponse> ProcessUserAuthorizationAsync(HttpContextBase context = null, CancellationToken cancellationToken = default(CancellationToken)); /// <summary> /// The request authentication. /// </summary> /// <param name="callback">The callback.</param> /// <param name="cancellationToken">The cancellation token.</param> - /// <returns>The response message</returns> - Task<HttpResponseMessage> RequestAuthenticationAsync(Uri callback, CancellationToken cancellationToken = default(CancellationToken)); + /// <returns>The URL to redirect the user agent to.</returns> + Task<Uri> RequestAuthenticationAsync(Uri callback, CancellationToken cancellationToken = default(CancellationToken)); } } diff --git a/src/DotNetOpenAuth.AspNet/Clients/OAuth/InMemoryOAuthTokenManager.cs b/src/DotNetOpenAuth.AspNet/Clients/OAuth/InMemoryOAuthTokenManager.cs deleted file mode 100644 index a97e5d8..0000000 --- a/src/DotNetOpenAuth.AspNet/Clients/OAuth/InMemoryOAuthTokenManager.cs +++ /dev/null @@ -1,160 +0,0 @@ -//----------------------------------------------------------------------- -// <copyright file="InMemoryOAuthTokenManager.cs" company="Microsoft"> -// Copyright (c) Microsoft. All rights reserved. -// </copyright> -//----------------------------------------------------------------------- - -namespace DotNetOpenAuth.AspNet.Clients { - using System; - using System.Collections.Generic; - using System.Threading; - using System.Web; - using DotNetOpenAuth.OAuth; - using DotNetOpenAuth.OAuth.ChannelElements; - using DotNetOpenAuth.OAuth.Messages; - using Validation; - - /// <summary> - /// An implementation of IOAuthTokenManager which stores keys in memory. - /// </summary> - public sealed class InMemoryOAuthTokenManager : IConsumerTokenManager { - #region Constants and Fields - - /// <summary> - /// The _tokens and secrets. - /// </summary> - private readonly Dictionary<string, string> tokensAndSecrets = new Dictionary<string, string>(); - - #endregion - - #region Constructors and Destructors - - /// <summary> - /// Initializes a new instance of the <see cref="InMemoryOAuthTokenManager"/> class. - /// </summary> - /// <param name="consumerKey"> - /// The consumer key. - /// </param> - /// <param name="consumerSecret"> - /// The consumer secret. - /// </param> - public InMemoryOAuthTokenManager(string consumerKey, string consumerSecret) { - Requires.NotNull(consumerKey, "consumerKey"); - Requires.NotNull(consumerSecret, "consumerSecret"); - - this.ConsumerKey = consumerKey; - this.ConsumerSecret = consumerSecret; - } - - #endregion - - #region Public Properties - - /// <summary> - /// Gets the consumer key. - /// </summary> - public string ConsumerKey { get; private set; } - - /// <summary> - /// Gets the consumer secret. - /// </summary> - public string ConsumerSecret { get; private set; } - - #endregion - - #region Public Methods and Operators - - /// <summary> - /// Deletes a request token and its associated secret and stores a new access token and secret. - /// </summary> - /// <param name="consumerKey"> - /// The Consumer that is exchanging its request token for an access token. - /// </param> - /// <param name="requestToken"> - /// The Consumer's request token that should be deleted/expired. - /// </param> - /// <param name="accessToken"> - /// The new access token that is being issued to the Consumer. - /// </param> - /// <param name="accessTokenSecret"> - /// The secret associated with the newly issued access token. - /// </param> - /// <remarks> - /// <para> - /// Any scope of granted privileges associated with the request token from the - /// original call to - /// <see cref="StoreNewRequestToken"/> - /// should be carried over - /// to the new Access Token. - /// </para> - /// <para> - /// To associate a user account with the new access token, - /// <see cref="System.Web.HttpContext.User">HttpContext.Current.User</see> - /// may be - /// useful in an ASP.NET web application within the implementation of this method. - /// Alternatively you may store the access token here without associating with a user account, - /// and wait until - /// <see cref="WebConsumer.ProcessUserAuthorizationAsync(HttpRequestBase, CancellationToken)"/> - /// or - /// <see cref="DesktopConsumer.ProcessUserAuthorizationAsync(string, string, CancellationToken)"/> - /// return the access - /// token to associate the access token with a user account at that point. - /// </para> - /// </remarks> - public void ExpireRequestTokenAndStoreNewAccessToken( - string consumerKey, string requestToken, string accessToken, string accessTokenSecret) { - this.tokensAndSecrets.Remove(requestToken); - this.tokensAndSecrets[accessToken] = accessTokenSecret; - } - - /// <summary> - /// Gets the Token Secret given a request or access token. - /// </summary> - /// <param name="token"> - /// The request or access token. - /// </param> - /// <returns> - /// The secret associated with the given token. - /// </returns> - /// <exception cref="ArgumentException"> - /// Thrown if the secret cannot be found for the given token. - /// </exception> - public string GetTokenSecret(string token) { - return this.tokensAndSecrets[token]; - } - - /// <summary> - /// Classifies a token as a request token or an access token. - /// </summary> - /// <param name="token"> - /// The token to classify. - /// </param> - /// <returns> - /// Request or Access token, or invalid if the token is not recognized. - /// </returns> - public TokenType GetTokenType(string token) { - throw new NotImplementedException(); - } - - /// <summary> - /// Stores a newly generated unauthorized request token, secret, and optional application-specific parameters for later recall. - /// </summary> - /// <param name="request"> - /// The request message that resulted in the generation of a new unauthorized request token. - /// </param> - /// <param name="response"> - /// The response message that includes the unauthorized request token. - /// </param> - /// <exception cref="ArgumentException"> - /// Thrown if the consumer key is not registered, or a required parameter was not found in the parameters collection. - /// </exception> - /// <remarks> - /// Request tokens stored by this method SHOULD NOT associate any user account with this token. It usually opens up security holes in your application to do so. Instead, you associate a user account with access tokens (not request tokens) in the <see cref="ExpireRequestTokenAndStoreNewAccessToken"/> method. - /// </remarks> - public void StoreNewRequestToken(UnauthorizedTokenRequest request, ITokenSecretContainingMessage response) { - this.tokensAndSecrets[response.Token] = response.TokenSecret; - } - - #endregion - } -} diff --git a/src/DotNetOpenAuth.AspNet/Clients/OAuth/LinkedInClient.cs b/src/DotNetOpenAuth.AspNet/Clients/OAuth/LinkedInClient.cs index 7aa1dd4..637bbd0 100644 --- a/src/DotNetOpenAuth.AspNet/Clients/OAuth/LinkedInClient.cs +++ b/src/DotNetOpenAuth.AspNet/Clients/OAuth/LinkedInClient.cs @@ -28,21 +28,10 @@ namespace DotNetOpenAuth.AspNet.Clients { /// <summary> /// Describes the OAuth service provider endpoints for LinkedIn. /// </summary> - public static readonly ServiceProviderDescription LinkedInServiceDescription = new ServiceProviderDescription { - RequestTokenEndpoint = - new MessageReceivingEndpoint( - "https://api.linkedin.com/uas/oauth/requestToken", - HttpDeliveryMethods.GetRequest | HttpDeliveryMethods.AuthorizationHeaderRequest), - UserAuthorizationEndpoint = - new MessageReceivingEndpoint( - "https://www.linkedin.com/uas/oauth/authenticate", - HttpDeliveryMethods.GetRequest | HttpDeliveryMethods.AuthorizationHeaderRequest), - AccessTokenEndpoint = - new MessageReceivingEndpoint( - "https://api.linkedin.com/uas/oauth/accessToken", - HttpDeliveryMethods.GetRequest | HttpDeliveryMethods.AuthorizationHeaderRequest), - TamperProtectionElements = new ITamperProtectionChannelBindingElement[] { new HmacSha1SigningBindingElement() }, - }; + public static readonly ServiceProviderDescription LinkedInServiceDescription = new ServiceProviderDescription( + "https://api.linkedin.com/uas/oauth/requestToken", + "https://www.linkedin.com/uas/oauth/authenticate", + "https://api.linkedin.com/uas/oauth/accessToken"); #endregion @@ -51,28 +40,10 @@ namespace DotNetOpenAuth.AspNet.Clients { /// <summary> /// Initializes a new instance of the <see cref="LinkedInClient"/> class. /// </summary> - /// <remarks> - /// Tokens exchanged during the OAuth handshake are stored in cookies. - /// </remarks> - /// <param name="consumerKey"> - /// The LinkedIn app's consumer key. - /// </param> - /// <param name="consumerSecret"> - /// The LinkedIn app's consumer secret. - /// </param> - [SuppressMessage("Microsoft.Reliability", "CA2000:Dispose objects before losing scope", - Justification = "We can't dispose the object because we still need it through the app lifetime.")] - public LinkedInClient(string consumerKey, string consumerSecret) - : this(consumerKey, consumerSecret, new CookieOAuthTokenManager()) { } - - /// <summary> - /// Initializes a new instance of the <see cref="LinkedInClient"/> class. - /// </summary> /// <param name="consumerKey">The consumer key.</param> /// <param name="consumerSecret">The consumer secret.</param> - /// <param name="tokenManager">The token manager.</param> - public LinkedInClient(string consumerKey, string consumerSecret, IOAuthTokenManager tokenManager) - : base("linkedIn", LinkedInServiceDescription, new SimpleConsumerTokenManager(consumerKey, consumerSecret, tokenManager)) { + public LinkedInClient(string consumerKey, string consumerSecret) + : base("linkedIn", LinkedInServiceDescription, consumerKey, consumerSecret) { } #endregion @@ -89,12 +60,11 @@ namespace DotNetOpenAuth.AspNet.Clients { /// </returns> [SuppressMessage("Microsoft.Design", "CA1031:DoNotCatchGeneralExceptionTypes", Justification = "We don't care if the request fails.")] - protected override async Task<AuthenticationResult> VerifyAuthenticationCoreAsync(AuthorizedTokenResponse response, CancellationToken cancellationToken = default(CancellationToken)) { + protected override async Task<AuthenticationResult> VerifyAuthenticationCoreAsync(AccessTokenResponse response, CancellationToken cancellationToken = default(CancellationToken)) { // See here for Field Selectors API http://developer.linkedin.com/docs/DOC-1014 const string ProfileRequestUrl = "https://api.linkedin.com/v1/people/~:(id,first-name,last-name,headline,industry,summary)"; - string accessToken = response.AccessToken; - + var accessToken = response.AccessToken; var authorizingHandler = this.WebWorker.CreateMessageHandler(accessToken); try { using (var httpClient = new HttpClient(authorizingHandler)) { @@ -108,7 +78,8 @@ namespace DotNetOpenAuth.AspNet.Clients { string userName = firstName + " " + lastName; var extraData = new Dictionary<string, string>(); - extraData.Add("accesstoken", accessToken); + extraData.Add("accesstoken", accessToken.Token); + extraData.Add("accesstokensecret", accessToken.Secret); extraData.Add("name", userName); extraData.AddDataIfNotEmpty(document, "headline"); extraData.AddDataIfNotEmpty(document, "summary"); @@ -123,8 +94,7 @@ namespace DotNetOpenAuth.AspNet.Clients { } } } - } - catch (Exception exception) { + } catch (Exception exception) { return new AuthenticationResult(exception); } } diff --git a/src/DotNetOpenAuth.AspNet/Clients/OAuth/OAuthClient.cs b/src/DotNetOpenAuth.AspNet/Clients/OAuth/OAuthClient.cs index ffe5c07..03006f2 100644 --- a/src/DotNetOpenAuth.AspNet/Clients/OAuth/OAuthClient.cs +++ b/src/DotNetOpenAuth.AspNet/Clients/OAuth/OAuthClient.cs @@ -33,34 +33,14 @@ namespace DotNetOpenAuth.AspNet.Clients { /// Name of the provider. /// </param> /// <param name="serviceDescription"> - /// The service description. - /// </param> - /// <param name="consumerKey"> - /// The consumer key. - /// </param> - /// <param name="consumerSecret"> - /// The consumer secret. - /// </param> - protected OAuthClient( - string providerName, ServiceProviderDescription serviceDescription, string consumerKey, string consumerSecret) - : this(providerName, serviceDescription, new InMemoryOAuthTokenManager(consumerKey, consumerSecret)) { } - - /// <summary> - /// Initializes a new instance of the <see cref="OAuthClient"/> class. - /// </summary> - /// <param name="providerName"> - /// Name of the provider. - /// </param> - /// <param name="serviceDescription"> /// The service Description. /// </param> /// <param name="tokenManager"> /// The token Manager. /// </param> - [SuppressMessage("Microsoft.Reliability", "CA2000:Dispose objects before losing scope", Justification = "I don't know how to ensure this rule is followed given this API")] protected OAuthClient( - string providerName, ServiceProviderDescription serviceDescription, IConsumerTokenManager tokenManager) - : this(providerName, new DotNetOpenAuthWebConsumer(serviceDescription, tokenManager)) { + string providerName, ServiceProviderDescription serviceDescription, string consumerKey, string consumerSecret) + : this(providerName, new DotNetOpenAuthWebConsumer(serviceDescription, consumerKey, consumerSecret)) { } /// <summary> @@ -128,7 +108,7 @@ namespace DotNetOpenAuth.AspNet.Clients { /// An instance of <see cref="AuthenticationResult" /> containing authentication result. /// </returns> public virtual async Task<AuthenticationResult> VerifyAuthenticationAsync(HttpContextBase context, CancellationToken cancellationToken = default(CancellationToken)) { - AuthorizedTokenResponse response = await this.WebWorker.ProcessUserAuthorizationAsync(cancellationToken); + AccessTokenResponse response = await this.WebWorker.ProcessUserAuthorizationAsync(context, cancellationToken); if (response == null) { return AuthenticationResult.Failed; } @@ -139,7 +119,8 @@ namespace DotNetOpenAuth.AspNet.Clients { var wrapExtraData = result.ExtraData.IsReadOnly ? new Dictionary<string, string>(result.ExtraData) : result.ExtraData; - wrapExtraData["accesstoken"] = response.AccessToken; + wrapExtraData["accesstoken"] = response.AccessToken.Token; + wrapExtraData["accesstokensecret"] = response.AccessToken.Secret; AuthenticationResult wrapResult = new AuthenticationResult( result.IsSuccessful, @@ -174,14 +155,14 @@ namespace DotNetOpenAuth.AspNet.Clients { /// <summary> /// Check if authentication succeeded after user is redirected back from the service provider. /// </summary> - /// <param name="response"> - /// The response token returned from service provider + /// <param name="accessToken"> + /// The access token returned from service provider /// </param> /// <param name="cancellationToken">The cancellation token.</param> /// <returns> /// Authentication result /// </returns> - protected abstract Task<AuthenticationResult> VerifyAuthenticationCoreAsync(AuthorizedTokenResponse response, CancellationToken cancellationToken); + protected abstract Task<AuthenticationResult> VerifyAuthenticationCoreAsync(AccessTokenResponse accessToken, CancellationToken cancellationToken); #endregion } } diff --git a/src/DotNetOpenAuth.AspNet/Clients/OAuth/TwitterClient.cs b/src/DotNetOpenAuth.AspNet/Clients/OAuth/TwitterClient.cs index 0f5e0db..88bb530 100644 --- a/src/DotNetOpenAuth.AspNet/Clients/OAuth/TwitterClient.cs +++ b/src/DotNetOpenAuth.AspNet/Clients/OAuth/TwitterClient.cs @@ -28,51 +28,23 @@ namespace DotNetOpenAuth.AspNet.Clients { /// <summary> /// The description of Twitter's OAuth protocol URIs for use with their "Sign in with Twitter" feature. /// </summary> - public static readonly ServiceProviderDescription TwitterServiceDescription = new ServiceProviderDescription { - RequestTokenEndpoint = - new MessageReceivingEndpoint( - "https://api.twitter.com/oauth/request_token", - HttpDeliveryMethods.GetRequest | HttpDeliveryMethods.AuthorizationHeaderRequest), - UserAuthorizationEndpoint = - new MessageReceivingEndpoint( - "https://api.twitter.com/oauth/authenticate", - HttpDeliveryMethods.GetRequest | HttpDeliveryMethods.AuthorizationHeaderRequest), - AccessTokenEndpoint = - new MessageReceivingEndpoint( - "https://api.twitter.com/oauth/access_token", - HttpDeliveryMethods.GetRequest | HttpDeliveryMethods.AuthorizationHeaderRequest), - TamperProtectionElements = new ITamperProtectionChannelBindingElement[] { new HmacSha1SigningBindingElement() }, - }; + public static readonly ServiceProviderDescription TwitterServiceDescription = + new ServiceProviderDescription( + "https://api.twitter.com/oauth/request_token", + "https://api.twitter.com/oauth/authenticate", + "https://api.twitter.com/oauth/access_token"); #endregion #region Constructors and Destructors /// <summary> - /// Initializes a new instance of the <see cref="TwitterClient"/> class with the specified consumer key and consumer secret. - /// </summary> - /// <remarks> - /// Tokens exchanged during the OAuth handshake are stored in cookies. - /// </remarks> - /// <param name="consumerKey"> - /// The consumer key. - /// </param> - /// <param name="consumerSecret"> - /// The consumer secret. - /// </param> - [SuppressMessage("Microsoft.Reliability", "CA2000:Dispose objects before losing scope", - Justification = "We can't dispose the object because we still need it through the app lifetime.")] - public TwitterClient(string consumerKey, string consumerSecret) - : this(consumerKey, consumerSecret, new AuthenticationOnlyCookieOAuthTokenManager()) { } - - /// <summary> /// Initializes a new instance of the <see cref="TwitterClient"/> class. /// </summary> /// <param name="consumerKey">The consumer key.</param> /// <param name="consumerSecret">The consumer secret.</param> - /// <param name="tokenManager">The token manager.</param> - public TwitterClient(string consumerKey, string consumerSecret, IOAuthTokenManager tokenManager) - : base("twitter", TwitterServiceDescription, new SimpleConsumerTokenManager(consumerKey, consumerSecret, tokenManager)) { + public TwitterClient(string consumerKey, string consumerSecret) + : base("twitter", TwitterServiceDescription, consumerKey, consumerSecret) { } #endregion @@ -89,17 +61,17 @@ namespace DotNetOpenAuth.AspNet.Clients { /// </returns> [SuppressMessage("Microsoft.Design", "CA1031:DoNotCatchGeneralExceptionTypes", Justification = "We don't care if the request for additional data fails.")] - protected override async Task<AuthenticationResult> VerifyAuthenticationCoreAsync(AuthorizedTokenResponse response, CancellationToken cancellationToken) { - string accessToken = response.AccessToken; + protected override async Task<AuthenticationResult> VerifyAuthenticationCoreAsync(AccessTokenResponse response, CancellationToken cancellationToken) { string userId = response.ExtraData["user_id"]; string userName = response.ExtraData["screen_name"]; var profileRequestUrl = new Uri("https://api.twitter.com/1/users/show.xml?user_id=" + MessagingUtilities.EscapeUriDataStringRfc3986(userId)); - var authorizingHandler = this.WebWorker.CreateMessageHandler(accessToken); + var authorizingHandler = this.WebWorker.CreateMessageHandler(response.AccessToken); var extraData = new Dictionary<string, string>(); - extraData.Add("accesstoken", accessToken); + extraData.Add("accesstoken", response.AccessToken.Token); + extraData.Add("accesstokensecret", response.AccessToken.Secret); try { using (var httpClient = new HttpClient(authorizingHandler)) { using (HttpResponseMessage profileResponse = await httpClient.GetAsync(profileRequestUrl, cancellationToken)) { diff --git a/src/DotNetOpenAuth.AspNet/DotNetOpenAuth.AspNet.csproj b/src/DotNetOpenAuth.AspNet/DotNetOpenAuth.AspNet.csproj index 7c64203..b3b52d9 100644 --- a/src/DotNetOpenAuth.AspNet/DotNetOpenAuth.AspNet.csproj +++ b/src/DotNetOpenAuth.AspNet/DotNetOpenAuth.AspNet.csproj @@ -50,11 +50,6 @@ <Compile Include="AuthenticationResult.cs" /> <Compile Include="Clients\DictionaryExtensions.cs" /> <Compile Include="Clients\OAuth2\WindowsLiveClient.cs" /> - <Compile Include="Clients\OAuth\AuthenticationOnlyCookieOAuthTokenManager.cs"> - <SubType>Code</SubType> - </Compile> - <Compile Include="Clients\OAuth\CookieOAuthTokenManager.cs" /> - <Compile Include="Clients\OAuth\IOAuthTokenManager.cs" /> <Compile Include="IAuthenticationClient.cs" /> <Compile Include="Clients\OAuth2\FacebookClient.cs" /> <Compile Include="Clients\OAuth2\FacebookGraphData.cs" /> @@ -64,7 +59,6 @@ <Compile Include="Clients\OAuth2\MicrosoftClient.cs" /> <Compile Include="Clients\OAuth2\MicrosoftClientUserData.cs" /> <Compile Include="Clients\OAuth\DotNetOpenAuthWebConsumer.cs" /> - <Compile Include="Clients\OAuth\InMemoryOAuthTokenManager.cs" /> <Compile Include="Clients\OAuth\IOAuthWebWorker.cs" /> <Compile Include="Clients\OAuth\LinkedInClient.cs" /> <Compile Include="Clients\OAuth\OAuthClient.cs" /> |