diff options
| author | Andrew Arnott <andrewarnott@gmail.com> | 2010-06-15 08:35:24 -0700 |
|---|---|---|
| committer | Andrew Arnott <andrewarnott@gmail.com> | 2010-06-15 08:35:24 -0700 |
| commit | a8a9269458d8e6d8d0f64143e63e94ad665cefdf (patch) | |
| tree | 4b46109b62827cc95886601c167a5106f82da222 /src | |
| parent | d2cc03592968769bced64c17997c0943209df0bf (diff) | |
| download | DotNetOpenAuth-a8a9269458d8e6d8d0f64143e63e94ad665cefdf.zip DotNetOpenAuth-a8a9269458d8e6d8d0f64143e63e94ad665cefdf.tar.gz DotNetOpenAuth-a8a9269458d8e6d8d0f64143e63e94ad665cefdf.tar.bz2 | |
More work toward OAuth 2.0 DRAFT 8
Diffstat (limited to 'src')
15 files changed, 119 insertions, 132 deletions
diff --git a/src/DotNetOpenAuth/DotNetOpenAuth.csproj b/src/DotNetOpenAuth/DotNetOpenAuth.csproj index 5418aab..3100115 100644 --- a/src/DotNetOpenAuth/DotNetOpenAuth.csproj +++ b/src/DotNetOpenAuth/DotNetOpenAuth.csproj @@ -347,6 +347,7 @@ http://opensource.org/licenses/ms-pl.html <Compile Include="OAuthWrap\Messages\UsernameAndPassword\UserNamePasswordVerificationResponse.cs" /> <Compile Include="OAuthWrap\Messages\ResponseFormat.cs" /> <Compile Include="OAuthWrap\Messages\ResponseFormatEncoder.cs" /> + <Compile Include="OAuthWrap\Messages\EndUserAuthorizationSuccessResponse.cs" /> <Compile Include="OAuthWrap\Messages\WebServer\WebServerRequest.cs" /> <Compile Include="OAuthWrap\ResourceServer.cs" /> <Compile Include="OAuthWrap\StandardAccessTokenAnalyzer.cs" /> diff --git a/src/DotNetOpenAuth/OAuthWrap/AuthorizationState.cs b/src/DotNetOpenAuth/OAuthWrap/AuthorizationState.cs index 6ca7b4f..c990b2b 100644 --- a/src/DotNetOpenAuth/OAuthWrap/AuthorizationState.cs +++ b/src/DotNetOpenAuth/OAuthWrap/AuthorizationState.cs @@ -36,18 +36,6 @@ namespace DotNetOpenAuth.OAuthWrap { public string AccessToken { get; set; } /// <summary> - /// Gets or sets the access token secret. - /// </summary> - /// <value>The access token secret.</value> - public string AccessTokenSecret { get; set; } - - /// <summary> - /// Gets or sets the type of the access token secret. - /// </summary> - /// <value>The type of the access token secret.</value> - public string AccessTokenSecretType { get; set; } - - /// <summary> /// Gets or sets the access token UTC expiration date. /// </summary> /// <value></value> diff --git a/src/DotNetOpenAuth/OAuthWrap/ChannelElements/IAccessTokenRequest.cs b/src/DotNetOpenAuth/OAuthWrap/ChannelElements/IAccessTokenRequest.cs index e270eac..d6c5bf3 100644 --- a/src/DotNetOpenAuth/OAuthWrap/ChannelElements/IAccessTokenRequest.cs +++ b/src/DotNetOpenAuth/OAuthWrap/ChannelElements/IAccessTokenRequest.cs @@ -27,10 +27,5 @@ namespace DotNetOpenAuth.OAuthWrap.ChannelElements { /// </summary> /// <value>The client secret.</value> string ClientSecret { get; } - - /// <summary> - /// Gets the type of access token secret requested. - /// </summary> - string SecretType { get; } } } diff --git a/src/DotNetOpenAuth/OAuthWrap/ClientBase.cs b/src/DotNetOpenAuth/OAuthWrap/ClientBase.cs index a733b9b..4dc6afd 100644 --- a/src/DotNetOpenAuth/OAuthWrap/ClientBase.cs +++ b/src/DotNetOpenAuth/OAuthWrap/ClientBase.cs @@ -107,13 +107,11 @@ namespace DotNetOpenAuth.OAuthWrap { ClientIdentifier = this.ClientIdentifier, ClientSecret = this.ClientSecret, RefreshToken = authorization.RefreshToken, - SecretType = authorization.AccessTokenSecretType, }; var response = this.Channel.Request<AccessTokenSuccessResponse>(request); authorization.AccessToken = response.AccessToken; authorization.AccessTokenExpirationUtc = DateTime.UtcNow + response.Lifetime; - authorization.AccessTokenSecret = response.AccessTokenSecret; authorization.AccessTokenIssueDateUtc = DateTime.UtcNow; // Just in case the scope has changed... @@ -139,7 +137,6 @@ namespace DotNetOpenAuth.OAuthWrap { Contract.Requires<ArgumentNullException>(accessTokenSuccess != null, "accessTokenSuccess"); authorizationState.AccessToken = accessTokenSuccess.AccessToken; - authorizationState.AccessTokenSecret = accessTokenSuccess.AccessTokenSecret; authorizationState.RefreshToken = accessTokenSuccess.RefreshToken; authorizationState.AccessTokenExpirationUtc = DateTime.UtcNow + accessTokenSuccess.Lifetime; authorizationState.AccessTokenIssueDateUtc = DateTime.UtcNow; diff --git a/src/DotNetOpenAuth/OAuthWrap/IAuthorizationState.cs b/src/DotNetOpenAuth/OAuthWrap/IAuthorizationState.cs index c0ac80d..b68d84b 100644 --- a/src/DotNetOpenAuth/OAuthWrap/IAuthorizationState.cs +++ b/src/DotNetOpenAuth/OAuthWrap/IAuthorizationState.cs @@ -30,18 +30,6 @@ namespace DotNetOpenAuth.OAuthWrap { string AccessToken { get; set; } /// <summary> - /// Gets or sets the access token secret. - /// </summary> - /// <value>The access token secret.</value> - string AccessTokenSecret { get; set; } - - /// <summary> - /// Gets or sets the type of the access token secret. - /// </summary> - /// <value>The type of the access token secret.</value> - string AccessTokenSecretType { get; set; } - - /// <summary> /// Gets or sets the access token issue date UTC. /// </summary> /// <value>The access token issue date UTC.</value> diff --git a/src/DotNetOpenAuth/OAuthWrap/Messages/AccessTokenSuccessResponse.cs b/src/DotNetOpenAuth/OAuthWrap/Messages/AccessTokenSuccessResponse.cs index cf1a90e..1c13677 100644 --- a/src/DotNetOpenAuth/OAuthWrap/Messages/AccessTokenSuccessResponse.cs +++ b/src/DotNetOpenAuth/OAuthWrap/Messages/AccessTokenSuccessResponse.cs @@ -72,16 +72,6 @@ namespace DotNetOpenAuth.OAuthWrap.Messages { public string RefreshToken { get; internal set; } /// <summary> - /// Gets or sets the access token secret. - /// </summary> - /// <value>The access token secret.</value> - /// <remarks> - /// REQUIRED if requested by the client. The corresponding access token secret as requested by the client. - /// </remarks> - [MessagePart(Protocol.access_token_secret, IsRequired = false, AllowEmpty = false)] - public string AccessTokenSecret { get; internal set; } - - /// <summary> /// Gets or sets the scope of access being requested. /// </summary> /// <value>The scope of the access request expressed as a list of space-delimited strings. The value of the scope parameter is defined by the authorization server. If the value contains multiple space-delimited strings, their order does not matter, and each string adds an additional access range to the requested scope.</value> diff --git a/src/DotNetOpenAuth/OAuthWrap/Messages/EndUserAuthorizationRequest.cs b/src/DotNetOpenAuth/OAuthWrap/Messages/EndUserAuthorizationRequest.cs index 026d33f..6e3e2e5 100644 --- a/src/DotNetOpenAuth/OAuthWrap/Messages/EndUserAuthorizationRequest.cs +++ b/src/DotNetOpenAuth/OAuthWrap/Messages/EndUserAuthorizationRequest.cs @@ -77,23 +77,23 @@ namespace DotNetOpenAuth.OAuthWrap.Messages { [MessagePart(Protocol.scope, IsRequired = false, AllowEmpty = true)] public string Scope { get; set; } - /////// <summary> - /////// Gets or sets a value indicating whether the authorization server is - /////// allowed to interact with the user before responding to the client's request. - /////// </summary> - ////public bool IsUserInteractionAllowed { - //// get { return !this.Immediate.HasValue || !this.Immediate.Value; } - //// set { this.Immediate = value ? (bool?)null : true; } - ////} + /// <summary> + /// Gets or sets a value indicating whether the authorization server is + /// allowed to interact with the user before responding to the client's request. + /// </summary> + public bool IsUserInteractionAllowed { + get { return !this.Immediate.HasValue || !this.Immediate.Value; } + set { this.Immediate = value ? (bool?)null : true; } + } - /////// <summary> - /////// Gets or sets a value indicating whether the authorization server is - /////// required to redirect the browser back to the client immediately. - /////// </summary> - /////// <remarks> - /////// OPTIONAL. The parameter value must be set to true or false. If set to true, the authorization server MUST NOT prompt the end-user to authenticate or approve access. Instead, the authorization server attempts to establish the end-user's identity via other means (e.g. browser cookies) and checks if the end-user has previously approved an identical access request by the same client and if that access grant is still active. If the authorization server does not support an immediate check or if it is unable to establish the end-user's identity or approval status, it MUST deny the request without prompting the end-user. Defaults to false if omitted. - /////// </remarks> - ////[MessagePart(Protocol.immediate, IsRequired = false, AllowEmpty = false)] - ////internal bool? Immediate { get; set; } + /// <summary> + /// Gets or sets a value indicating whether the authorization server is + /// required to redirect the browser back to the client immediately. + /// </summary> + /// <remarks> + /// OPTIONAL. The parameter value must be set to true or false. If set to true, the authorization server MUST NOT prompt the end-user to authenticate or approve access. Instead, the authorization server attempts to establish the end-user's identity via other means (e.g. browser cookies) and checks if the end-user has previously approved an identical access request by the same client and if that access grant is still active. If the authorization server does not support an immediate check or if it is unable to establish the end-user's identity or approval status, it MUST deny the request without prompting the end-user. Defaults to false if omitted. + /// </remarks> + [MessagePart(Protocol.immediate, IsRequired = false, AllowEmpty = false)] + internal bool? Immediate { get; set; } } } diff --git a/src/DotNetOpenAuth/OAuthWrap/Messages/EndUserAuthorizationSuccessResponse.cs b/src/DotNetOpenAuth/OAuthWrap/Messages/EndUserAuthorizationSuccessResponse.cs new file mode 100644 index 0000000..8a81a90 --- /dev/null +++ b/src/DotNetOpenAuth/OAuthWrap/Messages/EndUserAuthorizationSuccessResponse.cs @@ -0,0 +1,85 @@ +//----------------------------------------------------------------------- +// <copyright file="EndUserAuthorizationSuccessResponse.cs" company="Andrew Arnott"> +// Copyright (c) Andrew Arnott. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- + +namespace DotNetOpenAuth.OAuthWrap.Messages { + using System; + using System.Diagnostics.Contracts; + using DotNetOpenAuth.Messaging; + using DotNetOpenAuth.OAuthWrap.ChannelElements; + + /// <summary> + /// The message sent by the Authorization Server to the Client via the user agent + /// to indicate that user authorization was granted, and to return the user + /// to the Client where they started their experience. + /// </summary> + internal class EndUserAuthorizationSuccessResponse : MessageBase, IMessageWithClientState, ITokenCarryingRequest { + /// <summary> + /// Initializes a new instance of the <see cref="EndUserAuthorizationSuccessResponse"/> class. + /// </summary> + /// <param name="clientCallback">The client callback.</param> + /// <param name="version">The protocol version.</param> + internal EndUserAuthorizationSuccessResponse(Uri clientCallback, Version version) + : base(version, MessageTransport.Indirect, clientCallback) { + Contract.Requires<ArgumentNullException>(version != null); + Contract.Requires<ArgumentNullException>(clientCallback != null); + } + + /// <summary> + /// Initializes a new instance of the <see cref="EndUserAuthorizationSuccessResponse"/> class. + /// </summary> + /// <param name="clientCallback">The client callback.</param> + /// <param name="request">The request.</param> + internal EndUserAuthorizationSuccessResponse(Uri clientCallback, EndUserAuthorizationRequest request) + : base(request, clientCallback) { + Contract.Requires<ArgumentNullException>(clientCallback != null, "clientCallback"); + Contract.Requires<ArgumentNullException>(request != null, "request"); + ((IMessageWithClientState)this).ClientState = ((IMessageWithClientState)request).ClientState; + } + + string ITokenCarryingRequest.CodeOrToken { + get { return this.VerificationCode; } + set { this.VerificationCode = value; } + } + + CodeOrTokenType ITokenCarryingRequest.CodeOrTokenType { + get { return CodeOrTokenType.VerificationCode; } + } + + IAuthorizationDescription ITokenCarryingRequest.AuthorizationDescription { get; set; } + + /// <summary> + /// Gets or sets some state as provided by the client in the authorization request. + /// </summary> + /// <value>An opaque value defined by the client.</value> + /// <remarks> + /// REQUIRED if the Client sent the value in the <see cref="EndUserAuthorizationRequest"/>. + /// </remarks> + [MessagePart(Protocol.state, IsRequired = false, AllowEmpty = true)] + string IMessageWithClientState.ClientState { get; set; } + + /// <summary> + /// Gets or sets the scope. + /// </summary> + /// <value>The scope.</value> + [MessagePart(Protocol.scope, IsRequired = false, AllowEmpty = true)] + public string Scope { get; set; } + + /// <summary> + /// Gets or sets the verification code. + /// </summary> + /// <value> + /// The long-lived credential assigned by the Authorization Server to this Consumer for + /// use in accessing the authorizing user's protected resources. + /// </value> + [MessagePart(Protocol.code, IsRequired = false, AllowEmpty = false)] + internal string VerificationCode { get; set; } + + /// <summary> + /// Gets or sets the authorizing user's account name. + /// </summary> + internal string AuthorizingUsername { get; set; } + } +} diff --git a/src/DotNetOpenAuth/OAuthWrap/Messages/IAccessTokenSuccessResponse.cs b/src/DotNetOpenAuth/OAuthWrap/Messages/IAccessTokenSuccessResponse.cs index 12e7b66..6211d78 100644 --- a/src/DotNetOpenAuth/OAuthWrap/Messages/IAccessTokenSuccessResponse.cs +++ b/src/DotNetOpenAuth/OAuthWrap/Messages/IAccessTokenSuccessResponse.cs @@ -22,12 +22,6 @@ namespace DotNetOpenAuth.OAuthWrap.Messages { string AccessToken { get; } /// <summary> - /// Gets the access token secret. - /// </summary> - /// <value>The access token secret.</value> - string AccessTokenSecret { get; } - - /// <summary> /// Gets the refresh token. /// </summary> /// <value>The refresh token.</value> diff --git a/src/DotNetOpenAuth/OAuthWrap/Messages/RefreshAccessTokenRequest.cs b/src/DotNetOpenAuth/OAuthWrap/Messages/RefreshAccessTokenRequest.cs index ba40f30..028544b 100644 --- a/src/DotNetOpenAuth/OAuthWrap/Messages/RefreshAccessTokenRequest.cs +++ b/src/DotNetOpenAuth/OAuthWrap/Messages/RefreshAccessTokenRequest.cs @@ -62,16 +62,6 @@ namespace DotNetOpenAuth.OAuthWrap.Messages { IAuthorizationDescription ITokenCarryingRequest.AuthorizationDescription { get; set; } /// <summary> - /// Gets or sets the type of the secret. - /// </summary> - /// <value>The type of the secret.</value> - /// <remarks> - /// OPTIONAL. The access token secret type as described by Section 5.3 (Cryptographic Tokens Requests). If omitted, the authorization server will issue a bearer token (an access token without a matching secret) as described by Section 5.2 (Bearer Token Requests). - /// </remarks> - [MessagePart(Protocol.secret_type, IsRequired = false, AllowEmpty = false)] - public string SecretType { get; set; } - - /// <summary> /// Gets or sets the identifier by which this client is known to the Authorization Server. /// </summary> /// <value>The client identifier.</value> diff --git a/src/DotNetOpenAuth/OAuthWrap/Messages/UserAgent/UserAgentSuccessResponse.cs b/src/DotNetOpenAuth/OAuthWrap/Messages/UserAgent/UserAgentSuccessResponse.cs index 607cf5f..a4f5b1a 100644 --- a/src/DotNetOpenAuth/OAuthWrap/Messages/UserAgent/UserAgentSuccessResponse.cs +++ b/src/DotNetOpenAuth/OAuthWrap/Messages/UserAgent/UserAgentSuccessResponse.cs @@ -14,15 +14,14 @@ namespace DotNetOpenAuth.OAuthWrap.Messages { /// <summary> /// A message from the authorization server to a user-agent client indicating that authorization has been granted. /// </summary> - internal class UserAgentSuccessResponse : MessageBase, IHttpIndirectResponse, IAccessTokenSuccessResponse { + internal class UserAgentSuccessResponse : EndUserAuthorizationSuccessResponse, IHttpIndirectResponse, IAccessTokenSuccessResponse { /// <summary> /// Initializes a new instance of the <see cref="UserAgentSuccessResponse"/> class. /// </summary> /// <param name="clientCallback">The client callback.</param> /// <param name="version">The version.</param> internal UserAgentSuccessResponse(Uri clientCallback, Version version) - : base(version, MessageTransport.Indirect, clientCallback) - { + : base(clientCallback, version) { } /// <summary> @@ -33,6 +32,10 @@ namespace DotNetOpenAuth.OAuthWrap.Messages { get { return true; } } + string IAccessTokenSuccessResponse.RefreshToken { + get { return null; } + } + /// <summary> /// Gets the access token. /// </summary> @@ -48,14 +51,6 @@ namespace DotNetOpenAuth.OAuthWrap.Messages { public TimeSpan? Lifetime { get; internal set; } /// <summary> - /// Gets the scope. - /// </summary> - /// <value>The scope.</value> - string IAccessTokenSuccessResponse.Scope { - get { return null; } - } - - /// <summary> /// Gets or sets the state. /// </summary> /// <value>The state.</value> diff --git a/src/DotNetOpenAuth/OAuthWrap/Messages/WebServer/WebServerRequest.cs b/src/DotNetOpenAuth/OAuthWrap/Messages/WebServer/WebServerRequest.cs index d6f25e4..9024cb2 100644 --- a/src/DotNetOpenAuth/OAuthWrap/Messages/WebServer/WebServerRequest.cs +++ b/src/DotNetOpenAuth/OAuthWrap/Messages/WebServer/WebServerRequest.cs @@ -4,7 +4,7 @@ // </copyright> //----------------------------------------------------------------------- -namespace DotNetOpenAuth.OAuthWrap.Messages.WebServer { +namespace DotNetOpenAuth.OAuthWrap.Messages { using System; using System.Collections.Generic; using System.Diagnostics.Contracts; diff --git a/src/DotNetOpenAuth/OAuthWrap/Messages/WebServer/WebServerSuccessResponse.cs b/src/DotNetOpenAuth/OAuthWrap/Messages/WebServer/WebServerSuccessResponse.cs index dc5b70b..a6a2de3 100644 --- a/src/DotNetOpenAuth/OAuthWrap/Messages/WebServer/WebServerSuccessResponse.cs +++ b/src/DotNetOpenAuth/OAuthWrap/Messages/WebServer/WebServerSuccessResponse.cs @@ -15,14 +15,14 @@ namespace DotNetOpenAuth.OAuthWrap.Messages { /// to indicate that user authorization was granted, and to return the user /// to the Client where they started their experience. /// </summary> - internal class WebServerSuccessResponse : MessageBase, IMessageWithClientState, ITokenCarryingRequest { + internal class WebServerSuccessResponse : EndUserAuthorizationSuccessResponse { /// <summary> /// Initializes a new instance of the <see cref="WebServerSuccessResponse"/> class. /// </summary> /// <param name="clientCallback">The client callback.</param> /// <param name="version">The protocol version.</param> internal WebServerSuccessResponse(Uri clientCallback, Version version) - : base(version, MessageTransport.Indirect, clientCallback) { + : base(clientCallback, version) { Contract.Requires<ArgumentNullException>(version != null); Contract.Requires<ArgumentNullException>(clientCallback != null); } @@ -33,58 +33,23 @@ namespace DotNetOpenAuth.OAuthWrap.Messages { /// <param name="clientCallback">The client callback.</param> /// <param name="request">The request.</param> internal WebServerSuccessResponse(Uri clientCallback, EndUserAuthorizationRequest request) - : base(request, clientCallback) { + : base(clientCallback, request) { Contract.Requires<ArgumentNullException>(clientCallback != null, "clientCallback"); Contract.Requires<ArgumentNullException>(request != null, "request"); ((IMessageWithClientState)this).ClientState = ((IMessageWithClientState)request).ClientState; } /// <summary> - /// Gets or sets the verification code or refresh/access token. - /// </summary> - /// <value>The code or token.</value> - string ITokenCarryingRequest.CodeOrToken { - get { return this.VerificationCode; } - set { this.VerificationCode = value; } - } - - /// <summary> - /// Gets the type of the code or token. - /// </summary> - /// <value>The type of the code or token.</value> - CodeOrTokenType ITokenCarryingRequest.CodeOrTokenType { - get { return CodeOrTokenType.VerificationCode; } - } - - /// <summary> - /// Gets or sets the authorization that the token describes. - /// </summary> - /// <value></value> - IAuthorizationDescription ITokenCarryingRequest.AuthorizationDescription { get; set; } - - /// <summary> - /// Gets or sets some state as provided by the client in the authorization request. - /// </summary> - /// <value>An opaque value defined by the client.</value> - /// <remarks> - /// REQUIRED if the Client sent the value in the <see cref="EndUserAuthorizationRequest"/>. - /// </remarks> - [MessagePart(Protocol.state, IsRequired = false, AllowEmpty = true)] - string IMessageWithClientState.ClientState { get; set; } - - /// <summary> /// Gets or sets the verification code. /// </summary> /// <value> /// The long-lived credential assigned by the Authorization Server to this Consumer for /// use in accessing the authorizing user's protected resources. /// </value> - [MessagePart(Protocol.code, IsRequired = true, AllowEmpty = true)] - internal string VerificationCode { get; set; } - - /// <summary> - /// Gets or sets the authorizing user's account name. - /// </summary> - internal string AuthorizingUsername { get; set; } + [MessagePart(Protocol.code, IsRequired = true, AllowEmpty = false)] + internal new string VerificationCode { + get { return base.VerificationCode; } + set { base.VerificationCode = value; } + } } } diff --git a/src/DotNetOpenAuth/OAuthWrap/UserAgentClient.cs b/src/DotNetOpenAuth/OAuthWrap/UserAgentClient.cs index 9b23bc1..5af4cbb 100644 --- a/src/DotNetOpenAuth/OAuthWrap/UserAgentClient.cs +++ b/src/DotNetOpenAuth/OAuthWrap/UserAgentClient.cs @@ -56,7 +56,6 @@ namespace DotNetOpenAuth.OAuthWrap { var request = new UserAgentRequest(this.AuthorizationServer) { ClientIdentifier = this.ClientIdentifier, Scope = authorization.Scope, - SecretType = authorization.AccessTokenSecretType, Callback = authorization.Callback, Immediate = immediate, }; diff --git a/src/DotNetOpenAuth/OAuthWrap/WebServerClient.cs b/src/DotNetOpenAuth/OAuthWrap/WebServerClient.cs index eaa86b3..858afd7 100644 --- a/src/DotNetOpenAuth/OAuthWrap/WebServerClient.cs +++ b/src/DotNetOpenAuth/OAuthWrap/WebServerClient.cs @@ -60,7 +60,7 @@ namespace DotNetOpenAuth.OAuthWrap { authorization.SaveChanges(); } - var request = new EndUserAuthorizationRequest(this.AuthorizationServer) { + var request = new WebServerRequest(this.AuthorizationServer) { ClientIdentifier = this.ClientIdentifier, Callback = authorization.Callback, Scope = authorization.Scope, |