diff options
| author | Andrew Arnott <andrewarnott@gmail.com> | 2012-03-31 16:07:08 -0700 |
|---|---|---|
| committer | Andrew Arnott <andrewarnott@gmail.com> | 2012-03-31 16:07:08 -0700 |
| commit | 59bce425ab8eb11b7a318bb857bc3efb9c7c448a (patch) | |
| tree | a2e97a1dc09e88598938a5d55d62114c7fdd93d6 /src | |
| parent | af226f837b7bb5050ab511e66ba75714f79d8865 (diff) | |
| download | DotNetOpenAuth-59bce425ab8eb11b7a318bb857bc3efb9c7c448a.zip DotNetOpenAuth-59bce425ab8eb11b7a318bb857bc3efb9c7c448a.tar.gz DotNetOpenAuth-59bce425ab8eb11b7a318bb857bc3efb9c7c448a.tar.bz2 | |
Moved access token signing key to the parameters object.
This also presumably solves the threading concerns of sharing one instance.
Fixes #34
Diffstat (limited to 'src')
3 files changed, 19 insertions, 27 deletions
diff --git a/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/TokenCodeSerializationBindingElement.cs b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/TokenCodeSerializationBindingElement.cs index b14f366..41bc609 100644 --- a/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/TokenCodeSerializationBindingElement.cs +++ b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/TokenCodeSerializationBindingElement.cs @@ -71,7 +71,9 @@ namespace DotNetOpenAuth.OAuth2.ChannelElements { var accessTokenResponse = message as IAccessTokenIssuingResponse; if (accessTokenResponse != null && accessTokenResponse.AuthorizationDescription != null) { ErrorUtilities.VerifyInternal(request != null, "We should always have a direct request message for this case."); - var accessTokenFormatter = AccessToken.CreateFormatter(this.AuthorizationServer.AccessTokenSigningKey, request.AccessTokenCreationParameters.ResourceServerEncryptionKey); + var accessTokenFormatter = AccessToken.CreateFormatter( + request.AccessTokenCreationParameters.AccessTokenSigningKey, + request.AccessTokenCreationParameters.ResourceServerEncryptionKey); accessTokenResponse.AccessToken = accessTokenFormatter.Serialize(accessTokenResponse.AuthorizationDescription); } diff --git a/src/DotNetOpenAuth.OAuth2.ClientAuthorization/OAuth2/AccessTokenParameters.cs b/src/DotNetOpenAuth.OAuth2.ClientAuthorization/OAuth2/AccessTokenParameters.cs index a214f20..21702d7 100644 --- a/src/DotNetOpenAuth.OAuth2.ClientAuthorization/OAuth2/AccessTokenParameters.cs +++ b/src/DotNetOpenAuth.OAuth2.ClientAuthorization/OAuth2/AccessTokenParameters.cs @@ -37,6 +37,17 @@ namespace DotNetOpenAuth.OAuth2 { public TimeSpan AccessTokenLifetime { get; set; } /// <summary> + /// Gets the crypto service provider with the asymmetric private key to use for signing access tokens. + /// </summary> + /// <returns>A crypto service provider instance that contains the private key.</returns> + /// <value>Must not be null, and must contain the private key.</value> + /// <remarks> + /// The public key in the private/public key pair will be used by the resource + /// servers to validate that the access token is minted by a trusted authorization server. + /// </remarks> + public RSACryptoServiceProvider AccessTokenSigningKey { get; set; } + + /// <summary> /// Gets or sets the key to encrypt the access token. /// </summary> public RSACryptoServiceProvider ResourceServerEncryptionKey { get; set; } @@ -72,6 +83,11 @@ namespace DotNetOpenAuth.OAuth2 { IDisposable value = this.ResourceServerEncryptionKey; value.Dispose(); } + + if (this.AccessTokenSigningKey != null) { + IDisposable value = this.AccessTokenSigningKey; + value.Dispose(); + } } } diff --git a/src/DotNetOpenAuth.OAuth2.ClientAuthorization/OAuth2/IAuthorizationServer.cs b/src/DotNetOpenAuth.OAuth2.ClientAuthorization/OAuth2/IAuthorizationServer.cs index 03ef781..292cba6 100644 --- a/src/DotNetOpenAuth.OAuth2.ClientAuthorization/OAuth2/IAuthorizationServer.cs +++ b/src/DotNetOpenAuth.OAuth2.ClientAuthorization/OAuth2/IAuthorizationServer.cs @@ -38,17 +38,6 @@ namespace DotNetOpenAuth.OAuth2 { INonceStore VerificationCodeNonceStore { get; } /// <summary> - /// Gets the crypto service provider with the asymmetric private key to use for signing access tokens. - /// </summary> - /// <returns>A crypto service provider instance that contains the private key.</returns> - /// <value>Must not be null, and must contain the private key.</value> - /// <remarks> - /// The public key in the private/public key pair will be used by the resource - /// servers to validate that the access token is minted by a trusted authorization server. - /// </remarks> - RSACryptoServiceProvider AccessTokenSigningKey { get; } - - /// <summary> /// Obtains parameters to go into the formulation of an access token. /// </summary> /// <param name="accessTokenRequestMessage">Details regarding the resources that the access token will grant access to, and the identity of the client @@ -135,21 +124,6 @@ namespace DotNetOpenAuth.OAuth2 { } /// <summary> - /// Gets the crypto service provider with the asymmetric private key to use for signing access tokens. - /// </summary> - /// <value> - /// Must not be null, and must contain the private key. - /// </value> - /// <returns>A crypto service provider instance that contains the private key.</returns> - RSACryptoServiceProvider IAuthorizationServer.AccessTokenSigningKey { - get { - Contract.Ensures(Contract.Result<RSACryptoServiceProvider>() != null); - Contract.Ensures(!Contract.Result<RSACryptoServiceProvider>().PublicOnly); - throw new NotImplementedException(); - } - } - - /// <summary> /// Gets the client with a given identifier. /// </summary> /// <param name="clientIdentifier">The client identifier.</param> |