diff options
21 files changed, 145 insertions, 1010 deletions
diff --git a/samples/OAuthServiceProvider/Code/Constants.cs b/samples/OAuthServiceProvider/Code/Constants.cs deleted file mode 100644 index 3e629f0..0000000 --- a/samples/OAuthServiceProvider/Code/Constants.cs +++ /dev/null @@ -1,32 +0,0 @@ -namespace OAuthServiceProvider.Code { - using System; - using DotNetOpenAuth.Messaging; - using DotNetOpenAuth.OAuth; - using DotNetOpenAuth.OAuth.ChannelElements; - - /// <summary> - /// Service Provider definitions. - /// </summary> - public static class Constants { - public static Uri WebRootUrl { get; set; } - - public static ServiceProviderDescription SelfDescription { - get { - ServiceProviderDescription description = new ServiceProviderDescription { - AccessTokenEndpoint = new MessageReceivingEndpoint(new Uri(WebRootUrl, "/OAuth.ashx"), HttpDeliveryMethods.PostRequest), - RequestTokenEndpoint = new MessageReceivingEndpoint(new Uri(WebRootUrl, "/OAuth.ashx"), HttpDeliveryMethods.PostRequest), - UserAuthorizationEndpoint = new MessageReceivingEndpoint(new Uri(WebRootUrl, "/OAuth.ashx"), HttpDeliveryMethods.PostRequest), - TamperProtectionElements = new ITamperProtectionChannelBindingElement[] { - new HmacSha1SigningBindingElement(), - }, - }; - - return description; - } - } - - public static ServiceProvider CreateServiceProvider() { - return new ServiceProvider(SelfDescription, Global.TokenManager, Global.NonceStore); - } - } -}
\ No newline at end of file diff --git a/samples/OAuthServiceProvider/Code/CustomOAuthTypeProvider.cs b/samples/OAuthServiceProvider/Code/CustomOAuthTypeProvider.cs deleted file mode 100644 index 67da17c..0000000 --- a/samples/OAuthServiceProvider/Code/CustomOAuthTypeProvider.cs +++ /dev/null @@ -1,34 +0,0 @@ -namespace OAuthServiceProvider.Code { - using System; - using System.Collections.Generic; - using System.Linq; - using System.Web; - using DotNetOpenAuth.Messaging; - using DotNetOpenAuth.OAuth.ChannelElements; - using DotNetOpenAuth.OAuth.Messages; - - /// <summary> - /// A custom class that will cause the OAuth library to use our custom message types - /// where we have them. - /// </summary> - public class CustomOAuthMessageFactory : OAuthServiceProviderMessageFactory { - /// <summary> - /// Initializes a new instance of the <see cref="CustomOAuthMessageFactory"/> class. - /// </summary> - /// <param name="tokenManager">The token manager instance to use.</param> - public CustomOAuthMessageFactory(IServiceProviderTokenManager tokenManager) - : base(tokenManager) { - } - - public override IDirectedProtocolMessage GetNewRequestMessage(MessageReceivingEndpoint recipient, IDictionary<string, string> fields) { - var message = base.GetNewRequestMessage(recipient, fields); - - // inject our own type here to replace the standard one - if (message is UnauthorizedTokenRequest) { - message = new RequestScopedTokenMessage(recipient, message.Version); - } - - return message; - } - } -}
\ No newline at end of file diff --git a/samples/OAuthServiceProvider/Code/DataClasses.dbml b/samples/OAuthServiceProvider/Code/DataClasses.dbml index 5522ec8..e3c9097 100644 --- a/samples/OAuthServiceProvider/Code/DataClasses.dbml +++ b/samples/OAuthServiceProvider/Code/DataClasses.dbml @@ -8,7 +8,7 @@ <Column Name="FullName" Type="System.String" DbType="NVarChar(150)" CanBeNull="false" /> <Column Name="Age" Type="System.Int32" DbType="int" CanBeNull="true" /> <Association Name="User_FavoriteSite" Member="FavoriteSites" ThisKey="UserId" OtherKey="UserId" Type="FavoriteSite" /> - <Association Name="User_OAuthToken" Member="OAuthTokens" ThisKey="UserId" OtherKey="UserId" Type="OAuthToken" /> + <Association Name="User_OAuthToken" Member="ClientAuthorizations" Storage="_OAuthTokens" ThisKey="UserId" OtherKey="UserId" Type="ClientAuthorization" /> </Type> </Table> <Table Name="dbo.FavoriteSite" Member="FavoriteSites"> @@ -19,39 +19,33 @@ <Association Name="User_FavoriteSite" Member="User" ThisKey="UserId" OtherKey="UserId" Type="User" IsForeignKey="true" DeleteRule="CASCADE" DeleteOnNull="true" /> </Type> </Table> - <Table Name="dbo.OAuthConsumer" Member="OAuthConsumers"> - <Type Name="OAuthConsumer"> - <Column Name="ConsumerId" Type="System.Int32" DbType="Int NOT NULL IDENTITY" IsPrimaryKey="true" IsDbGenerated="true" CanBeNull="false" /> - <Column Name="ConsumerKey" Type="System.String" DbType="NVarChar(50) NOT NULL" CanBeNull="false" /> - <Column Name="ConsumerSecret" Type="System.String" DbType="NVarChar(50) NOT NULL" CanBeNull="false" /> + <Table Name="dbo.OAuthConsumer" Member="Clients"> + <Type Name="Client"> + <Column Name="ConsumerId" Member="ClientId" Storage="_ConsumerId" Type="System.Int32" DbType="Int NOT NULL IDENTITY" IsPrimaryKey="true" IsDbGenerated="true" CanBeNull="false" /> + <Column Name="ConsumerKey" Member="ClientIdentifier" Storage="_ConsumerKey" Type="System.String" DbType="NVarChar(50) NOT NULL" CanBeNull="false" /> + <Column Name="ConsumerSecret" Member="ClientSecret" Storage="_ConsumerSecret" Type="System.String" DbType="NVarChar(50) NOT NULL" CanBeNull="false" /> <Column Name="Callback" Type="System.String" CanBeNull="true" /> - <Column Name="VerificationCodeFormat" Type="DotNetOpenAuth.OAuth.VerificationCodeFormat" CanBeNull="false" /> - <Column Name="VerificationCodeLength" Type="System.Int32" CanBeNull="false" /> - <Association Name="OAuthConsumer_OAuthToken" Member="OAuthTokens" ThisKey="ConsumerId" OtherKey="ConsumerId" Type="OAuthToken" /> + <Column Name="" Member="Name" Storage="_VerificationCodeLength" Type="System.String" CanBeNull="false" /> + <Association Name="OAuthConsumer_OAuthToken" Member="ClientAuthorizations" Storage="_OAuthTokens" ThisKey="ClientId" OtherKey="ClientId" Type="ClientAuthorization" /> </Type> </Table> - <Table Name="dbo.OAuthToken" Member="OAuthTokens"> - <Type Name="OAuthToken"> - <Column Name="TokenId" Type="System.Int32" DbType="Int NOT NULL IDENTITY" IsPrimaryKey="true" IsDbGenerated="true" CanBeNull="false" /> - <Column Name="Token" Type="System.String" DbType="NVarChar(50) NOT NULL" CanBeNull="false" /> - <Column Name="TokenSecret" Type="System.String" DbType="NVarChar(50) NOT NULL" CanBeNull="false" /> - <Column Name="State" Type="OAuthServiceProvider.Code.TokenAuthorizationState" DbType="INT NOT NULL" CanBeNull="false" /> - <Column Name="IssueDate" Type="System.DateTime" DbType="DateTime NOT NULL" CanBeNull="false" /> - <Column Name="ConsumerId" Type="System.Int32" DbType="Int NOT NULL" CanBeNull="false" /> + <Table Name="dbo.OAuthToken" Member="ClientAuthorizations"> + <Type Name="ClientAuthorization"> + <Column Name="TokenId" Member="AuthorizationId" Storage="_TokenId" Type="System.Int32" DbType="Int NOT NULL IDENTITY" IsPrimaryKey="true" IsDbGenerated="true" CanBeNull="false" /> + <Column Name="IssueDate" Member="CreatedOn" Storage="_IssueDate" Type="System.DateTime" DbType="DateTime NOT NULL" CanBeNull="false" /> + <Column Name="ConsumerId" Member="ClientId" Storage="_ConsumerId" Type="System.Int32" DbType="Int NOT NULL" CanBeNull="false" /> <Column Name="UserId" Type="System.Int32" DbType="Int" CanBeNull="true" /> <Column Name="Scope" Type="System.String" DbType="nvarchar(MAX)" CanBeNull="false" /> - <Column Name="RequestTokenVerifier" Type="System.String" CanBeNull="true" /> - <Column Name="RequestTokenCallback" Type="System.String" CanBeNull="true" /> - <Column Name="ConsumerVersion" Type="System.String" CanBeNull="true" /> - <Association Name="OAuthConsumer_OAuthToken" Member="OAuthConsumer" ThisKey="ConsumerId" OtherKey="ConsumerId" Type="OAuthConsumer" IsForeignKey="true" DeleteRule="CASCADE" DeleteOnNull="true" /> + <Column Name="RequestTokenVerifier" Member="ExpirationDate" Storage="_RequestTokenVerifier" Type="System.DateTime" DbType="DateTime NOT NULL" CanBeNull="false" /> + <Association Name="OAuthConsumer_OAuthToken" Member="Client" Storage="_OAuthConsumer" ThisKey="ClientId" OtherKey="ClientId" Type="Client" IsForeignKey="true" DeleteRule="CASCADE" DeleteOnNull="true" /> <Association Name="User_OAuthToken" Member="User" ThisKey="UserId" OtherKey="UserId" Type="User" IsForeignKey="true" DeleteRule="CASCADE" /> </Type> </Table> <Table Name="" Member="Nonces"> <Type Name="Nonce"> - <Column Member="Context" Type="System.String" IsPrimaryKey="true" CanBeNull="false" /> - <Column Member="Code" Type="System.String" IsPrimaryKey="true" CanBeNull="false" /> - <Column Member="Timestamp" Type="System.DateTime" IsPrimaryKey="true" CanBeNull="false" /> + <Column Name="Context" Type="System.String" IsPrimaryKey="true" CanBeNull="false" /> + <Column Name="Code" Type="System.String" IsPrimaryKey="true" CanBeNull="false" /> + <Column Name="Timestamp" Type="System.DateTime" IsPrimaryKey="true" CanBeNull="false" /> </Type> </Table> </Database>
\ No newline at end of file diff --git a/samples/OAuthServiceProvider/Code/DataClasses.dbml.layout b/samples/OAuthServiceProvider/Code/DataClasses.dbml.layout index 9b80443..e300457 100644 --- a/samples/OAuthServiceProvider/Code/DataClasses.dbml.layout +++ b/samples/OAuthServiceProvider/Code/DataClasses.dbml.layout @@ -14,16 +14,16 @@ <elementListCompartment Id="eba736b9-f9ec-484b-8083-c77155a49e4e" absoluteBounds="3.515, 1.085, 1.9700000000000002, 0.8262939453125" name="DataPropertiesCompartment" titleTextColor="Black" itemTextColor="Black" /> </nestedChildShapes> </classShape> - <classShape Id="f909becb-85b1-4fe6-bb16-3feb3e4fe3ee" absoluteBounds="0.625, 3.25, 2, 1.9631982421874996"> - <DataClassMoniker Name="/DataClassesDataContext/OAuthConsumer" /> + <classShape Id="f909becb-85b1-4fe6-bb16-3feb3e4fe3ee" absoluteBounds="0.5, 3.5, 2, 1.7708968098958327"> + <DataClassMoniker Name="/DataClassesDataContext/Client" /> <nestedChildShapes> - <elementListCompartment Id="464308c4-d112-4448-b0c9-d9b82fb0ca4e" absoluteBounds="0.64, 3.71, 1.9700000000000002, 1.4031982421875" name="DataPropertiesCompartment" titleTextColor="Black" itemTextColor="Black" /> + <elementListCompartment Id="464308c4-d112-4448-b0c9-d9b82fb0ca4e" absoluteBounds="0.515, 3.96, 1.9700000000000002, 1.2108968098958333" name="DataPropertiesCompartment" titleTextColor="Black" itemTextColor="Black" /> </nestedChildShapes> </classShape> - <classShape Id="895ebbc8-8352-4c04-9e53-b8e6c8302d36" absoluteBounds="3.5, 3.125, 2, 2.9247054036458326"> - <DataClassMoniker Name="/DataClassesDataContext/OAuthToken" /> + <classShape Id="895ebbc8-8352-4c04-9e53-b8e6c8302d36" absoluteBounds="3.5, 3.125, 2, 1.9631982421874996"> + <DataClassMoniker Name="/DataClassesDataContext/ClientAuthorization" /> <nestedChildShapes> - <elementListCompartment Id="403126d0-3d2a-4af4-b0b8-c489a830bbd4" absoluteBounds="3.515, 3.585, 1.9700000000000002, 2.364705403645833" name="DataPropertiesCompartment" titleTextColor="Black" itemTextColor="Black" /> + <elementListCompartment Id="403126d0-3d2a-4af4-b0b8-c489a830bbd4" absoluteBounds="3.515, 3.585, 1.9700000000000002, 1.4031982421875" name="DataPropertiesCompartment" titleTextColor="Black" itemTextColor="Black" /> </nestedChildShapes> </classShape> <associationConnector edgePoints="[(2.625 : 1.31814697265625); (3.5 : 1.31814697265625)]" fixedFrom="NotFixed" fixedTo="NotFixed"> @@ -33,14 +33,14 @@ <classShapeMoniker Id="8a79b099-7f87-4766-907a-db2c3e1b5716" /> </nodes> </associationConnector> - <associationConnector edgePoints="[(2.625 : 4.23159912109375); (3.5 : 4.23159912109375)]" fixedFrom="NotFixed" fixedTo="NotFixed"> - <AssociationMoniker Name="/DataClassesDataContext/OAuthConsumer/OAuthConsumer_OAuthToken" /> + <associationConnector edgePoints="[(2.5 : 4.29409912109375); (3.5 : 4.29409912109375)]" fixedFrom="Algorithm" fixedTo="Algorithm"> + <AssociationMoniker Name="/DataClassesDataContext/Client/OAuthConsumer_OAuthToken" /> <nodes> <classShapeMoniker Id="f909becb-85b1-4fe6-bb16-3feb3e4fe3ee" /> <classShapeMoniker Id="895ebbc8-8352-4c04-9e53-b8e6c8302d36" /> </nodes> </associationConnector> - <associationConnector edgePoints="[(0.53125 : 2.27089680989583); (0.53125 : 5.66270182291667); (3.5 : 5.66270182291667)]" fixedFrom="NotFixed" fixedTo="NotFixed"> + <associationConnector edgePoints="[(2.42590266277457 : 2.27089680989583); (2.42590266277457 : 3.25); (2.75 : 3.25); (2.75 : 3.67829756054687); (3.5 : 3.67829756054687)]" fixedFrom="Caller" fixedTo="Algorithm"> <AssociationMoniker Name="/DataClassesDataContext/User/User_OAuthToken" /> <nodes> <classShapeMoniker Id="696d2c69-040e-411d-9257-bb664b743834" /> diff --git a/samples/OAuthServiceProvider/Code/DataClasses.designer.cs b/samples/OAuthServiceProvider/Code/DataClasses.designer.cs index 3c0d936..eabcb1c 100644 --- a/samples/OAuthServiceProvider/Code/DataClasses.designer.cs +++ b/samples/OAuthServiceProvider/Code/DataClasses.designer.cs @@ -36,12 +36,12 @@ namespace OAuthServiceProvider.Code partial void InsertFavoriteSite(FavoriteSite instance); partial void UpdateFavoriteSite(FavoriteSite instance); partial void DeleteFavoriteSite(FavoriteSite instance); - partial void InsertOAuthConsumer(OAuthConsumer instance); - partial void UpdateOAuthConsumer(OAuthConsumer instance); - partial void DeleteOAuthConsumer(OAuthConsumer instance); - partial void InsertOAuthToken(OAuthToken instance); - partial void UpdateOAuthToken(OAuthToken instance); - partial void DeleteOAuthToken(OAuthToken instance); + partial void InsertClient(Client instance); + partial void UpdateClient(Client instance); + partial void DeleteClient(Client instance); + partial void InsertClientAuthorization(ClientAuthorization instance); + partial void UpdateClientAuthorization(ClientAuthorization instance); + partial void DeleteClientAuthorization(ClientAuthorization instance); partial void InsertNonce(Nonce instance); partial void UpdateNonce(Nonce instance); partial void DeleteNonce(Nonce instance); @@ -93,19 +93,19 @@ namespace OAuthServiceProvider.Code } } - public System.Data.Linq.Table<OAuthConsumer> OAuthConsumers + public System.Data.Linq.Table<Client> Clients { get { - return this.GetTable<OAuthConsumer>(); + return this.GetTable<Client>(); } } - public System.Data.Linq.Table<OAuthToken> OAuthTokens + public System.Data.Linq.Table<ClientAuthorization> ClientAuthorizations { get { - return this.GetTable<OAuthToken>(); + return this.GetTable<ClientAuthorization>(); } } @@ -136,7 +136,7 @@ namespace OAuthServiceProvider.Code private EntitySet<FavoriteSite> _FavoriteSites; - private EntitySet<OAuthToken> _OAuthTokens; + private EntitySet<ClientAuthorization> _OAuthTokens; #region Extensibility Method Definitions partial void OnLoaded(); @@ -157,7 +157,7 @@ namespace OAuthServiceProvider.Code public User() { this._FavoriteSites = new EntitySet<FavoriteSite>(new Action<FavoriteSite>(this.attach_FavoriteSites), new Action<FavoriteSite>(this.detach_FavoriteSites)); - this._OAuthTokens = new EntitySet<OAuthToken>(new Action<OAuthToken>(this.attach_OAuthTokens), new Action<OAuthToken>(this.detach_OAuthTokens)); + this._OAuthTokens = new EntitySet<ClientAuthorization>(new Action<ClientAuthorization>(this.attach_OAuthTokens), new Action<ClientAuthorization>(this.detach_OAuthTokens)); OnCreated(); } @@ -274,8 +274,8 @@ namespace OAuthServiceProvider.Code } } - [global::System.Data.Linq.Mapping.AssociationAttribute(Name="User_OAuthToken", Storage="_OAuthTokens", ThisKey="UserId", OtherKey="UserId")] - public EntitySet<OAuthToken> OAuthTokens + [global::System.Data.Linq.Mapping.AssociationAttribute(Name="User_ClientAuthorization", Storage="_OAuthTokens", ThisKey="UserId", OtherKey="UserId")] + public EntitySet<ClientAuthorization> ClientAuthorizations { get { @@ -319,13 +319,13 @@ namespace OAuthServiceProvider.Code entity.User = null; } - private void attach_OAuthTokens(OAuthToken entity) + private void attach_OAuthTokens(ClientAuthorization entity) { this.SendPropertyChanging(); entity.User = this; } - private void detach_OAuthTokens(OAuthToken entity) + private void detach_OAuthTokens(ClientAuthorization entity) { this.SendPropertyChanging(); entity.User = null; @@ -484,7 +484,7 @@ namespace OAuthServiceProvider.Code } [global::System.Data.Linq.Mapping.TableAttribute(Name="dbo.OAuthConsumer")] - public partial class OAuthConsumer : INotifyPropertyChanging, INotifyPropertyChanged + public partial class Client : INotifyPropertyChanging, INotifyPropertyChanged { private static PropertyChangingEventArgs emptyChangingEventArgs = new PropertyChangingEventArgs(String.Empty); @@ -497,38 +497,34 @@ namespace OAuthServiceProvider.Code private string _Callback; - private DotNetOpenAuth.OAuth.VerificationCodeFormat _VerificationCodeFormat; + private string _VerificationCodeLength; - private int _VerificationCodeLength; - - private EntitySet<OAuthToken> _OAuthTokens; + private EntitySet<ClientAuthorization> _OAuthTokens; #region Extensibility Method Definitions partial void OnLoaded(); partial void OnValidate(System.Data.Linq.ChangeAction action); partial void OnCreated(); - partial void OnConsumerIdChanging(int value); - partial void OnConsumerIdChanged(); - partial void OnConsumerKeyChanging(string value); - partial void OnConsumerKeyChanged(); - partial void OnConsumerSecretChanging(string value); - partial void OnConsumerSecretChanged(); + partial void OnClientIdChanging(int value); + partial void OnClientIdChanged(); + partial void OnClientIdentifierChanging(string value); + partial void OnClientIdentifierChanged(); + partial void OnClientSecretChanging(string value); + partial void OnClientSecretChanged(); partial void OnCallbackChanging(string value); partial void OnCallbackChanged(); - partial void OnVerificationCodeFormatChanging(DotNetOpenAuth.OAuth.VerificationCodeFormat value); - partial void OnVerificationCodeFormatChanged(); - partial void OnVerificationCodeLengthChanging(int value); - partial void OnVerificationCodeLengthChanged(); + partial void OnNameChanging(string value); + partial void OnNameChanged(); #endregion - public OAuthConsumer() + public Client() { - this._OAuthTokens = new EntitySet<OAuthToken>(new Action<OAuthToken>(this.attach_OAuthTokens), new Action<OAuthToken>(this.detach_OAuthTokens)); + this._OAuthTokens = new EntitySet<ClientAuthorization>(new Action<ClientAuthorization>(this.attach_OAuthTokens), new Action<ClientAuthorization>(this.detach_OAuthTokens)); OnCreated(); } - [global::System.Data.Linq.Mapping.ColumnAttribute(Storage="_ConsumerId", AutoSync=AutoSync.OnInsert, DbType="Int NOT NULL IDENTITY", IsPrimaryKey=true, IsDbGenerated=true)] - public int ConsumerId + [global::System.Data.Linq.Mapping.ColumnAttribute(Name="ConsumerId", Storage="_ConsumerId", AutoSync=AutoSync.OnInsert, DbType="Int NOT NULL IDENTITY", IsPrimaryKey=true, IsDbGenerated=true)] + public int ClientId { get { @@ -538,17 +534,17 @@ namespace OAuthServiceProvider.Code { if ((this._ConsumerId != value)) { - this.OnConsumerIdChanging(value); + this.OnClientIdChanging(value); this.SendPropertyChanging(); this._ConsumerId = value; - this.SendPropertyChanged("ConsumerId"); - this.OnConsumerIdChanged(); + this.SendPropertyChanged("ClientId"); + this.OnClientIdChanged(); } } } - [global::System.Data.Linq.Mapping.ColumnAttribute(Storage="_ConsumerKey", DbType="NVarChar(50) NOT NULL", CanBeNull=false)] - public string ConsumerKey + [global::System.Data.Linq.Mapping.ColumnAttribute(Name="ConsumerKey", Storage="_ConsumerKey", DbType="NVarChar(50) NOT NULL", CanBeNull=false)] + public string ClientIdentifier { get { @@ -558,17 +554,17 @@ namespace OAuthServiceProvider.Code { if ((this._ConsumerKey != value)) { - this.OnConsumerKeyChanging(value); + this.OnClientIdentifierChanging(value); this.SendPropertyChanging(); this._ConsumerKey = value; - this.SendPropertyChanged("ConsumerKey"); - this.OnConsumerKeyChanged(); + this.SendPropertyChanged("ClientIdentifier"); + this.OnClientIdentifierChanged(); } } } - [global::System.Data.Linq.Mapping.ColumnAttribute(Storage="_ConsumerSecret", DbType="NVarChar(50) NOT NULL", CanBeNull=false)] - public string ConsumerSecret + [global::System.Data.Linq.Mapping.ColumnAttribute(Name="ConsumerSecret", Storage="_ConsumerSecret", DbType="NVarChar(50) NOT NULL", CanBeNull=false)] + public string ClientSecret { get { @@ -578,11 +574,11 @@ namespace OAuthServiceProvider.Code { if ((this._ConsumerSecret != value)) { - this.OnConsumerSecretChanging(value); + this.OnClientSecretChanging(value); this.SendPropertyChanging(); this._ConsumerSecret = value; - this.SendPropertyChanged("ConsumerSecret"); - this.OnConsumerSecretChanged(); + this.SendPropertyChanged("ClientSecret"); + this.OnClientSecretChanged(); } } } @@ -607,28 +603,8 @@ namespace OAuthServiceProvider.Code } } - [global::System.Data.Linq.Mapping.ColumnAttribute(Storage="_VerificationCodeFormat")] - public DotNetOpenAuth.OAuth.VerificationCodeFormat VerificationCodeFormat - { - get - { - return this._VerificationCodeFormat; - } - set - { - if ((this._VerificationCodeFormat != value)) - { - this.OnVerificationCodeFormatChanging(value); - this.SendPropertyChanging(); - this._VerificationCodeFormat = value; - this.SendPropertyChanged("VerificationCodeFormat"); - this.OnVerificationCodeFormatChanged(); - } - } - } - - [global::System.Data.Linq.Mapping.ColumnAttribute(Storage="_VerificationCodeLength")] - public int VerificationCodeLength + [global::System.Data.Linq.Mapping.ColumnAttribute(Name="", Storage="_VerificationCodeLength", CanBeNull=false)] + public string Name { get { @@ -638,17 +614,17 @@ namespace OAuthServiceProvider.Code { if ((this._VerificationCodeLength != value)) { - this.OnVerificationCodeLengthChanging(value); + this.OnNameChanging(value); this.SendPropertyChanging(); this._VerificationCodeLength = value; - this.SendPropertyChanged("VerificationCodeLength"); - this.OnVerificationCodeLengthChanged(); + this.SendPropertyChanged("Name"); + this.OnNameChanged(); } } } - [global::System.Data.Linq.Mapping.AssociationAttribute(Name="OAuthConsumer_OAuthToken", Storage="_OAuthTokens", ThisKey="ConsumerId", OtherKey="ConsumerId")] - public EntitySet<OAuthToken> OAuthTokens + [global::System.Data.Linq.Mapping.AssociationAttribute(Name="Client_ClientAuthorization", Storage="_OAuthTokens", ThisKey="ClientId", OtherKey="ClientId")] + public EntitySet<ClientAuthorization> ClientAuthorizations { get { @@ -680,33 +656,27 @@ namespace OAuthServiceProvider.Code } } - private void attach_OAuthTokens(OAuthToken entity) + private void attach_OAuthTokens(ClientAuthorization entity) { this.SendPropertyChanging(); - entity.OAuthConsumer = this; + entity.Client = this; } - private void detach_OAuthTokens(OAuthToken entity) + private void detach_OAuthTokens(ClientAuthorization entity) { this.SendPropertyChanging(); - entity.OAuthConsumer = null; + entity.Client = null; } } [global::System.Data.Linq.Mapping.TableAttribute(Name="dbo.OAuthToken")] - public partial class OAuthToken : INotifyPropertyChanging, INotifyPropertyChanged + public partial class ClientAuthorization : INotifyPropertyChanging, INotifyPropertyChanged { private static PropertyChangingEventArgs emptyChangingEventArgs = new PropertyChangingEventArgs(String.Empty); private int _TokenId; - private string _Token; - - private string _TokenSecret; - - private OAuthServiceProvider.Code.TokenAuthorizationState _State; - private System.DateTime _IssueDate; private int _ConsumerId; @@ -715,13 +685,9 @@ namespace OAuthServiceProvider.Code private string _Scope; - private string _RequestTokenVerifier; + private System.DateTime _RequestTokenVerifier; - private string _RequestTokenCallback; - - private string _ConsumerVersion; - - private EntityRef<OAuthConsumer> _OAuthConsumer; + private EntityRef<Client> _OAuthConsumer; private EntityRef<User> _User; @@ -729,39 +695,29 @@ namespace OAuthServiceProvider.Code partial void OnLoaded(); partial void OnValidate(System.Data.Linq.ChangeAction action); partial void OnCreated(); - partial void OnTokenIdChanging(int value); - partial void OnTokenIdChanged(); - partial void OnTokenChanging(string value); - partial void OnTokenChanged(); - partial void OnTokenSecretChanging(string value); - partial void OnTokenSecretChanged(); - partial void OnStateChanging(OAuthServiceProvider.Code.TokenAuthorizationState value); - partial void OnStateChanged(); - partial void OnIssueDateChanging(System.DateTime value); - partial void OnIssueDateChanged(); - partial void OnConsumerIdChanging(int value); - partial void OnConsumerIdChanged(); + partial void OnAuthorizationIdChanging(int value); + partial void OnAuthorizationIdChanged(); + partial void OnCreatedOnChanging(System.DateTime value); + partial void OnCreatedOnChanged(); + partial void OnClientIdChanging(int value); + partial void OnClientIdChanged(); partial void OnUserIdChanging(System.Nullable<int> value); partial void OnUserIdChanged(); partial void OnScopeChanging(string value); partial void OnScopeChanged(); - partial void OnRequestTokenVerifierChanging(string value); - partial void OnRequestTokenVerifierChanged(); - partial void OnRequestTokenCallbackChanging(string value); - partial void OnRequestTokenCallbackChanged(); - partial void OnConsumerVersionChanging(string value); - partial void OnConsumerVersionChanged(); + partial void OnExpirationDateChanging(System.DateTime value); + partial void OnExpirationDateChanged(); #endregion - public OAuthToken() + public ClientAuthorization() { - this._OAuthConsumer = default(EntityRef<OAuthConsumer>); + this._OAuthConsumer = default(EntityRef<Client>); this._User = default(EntityRef<User>); OnCreated(); } - [global::System.Data.Linq.Mapping.ColumnAttribute(Storage="_TokenId", AutoSync=AutoSync.OnInsert, DbType="Int NOT NULL IDENTITY", IsPrimaryKey=true, IsDbGenerated=true)] - public int TokenId + [global::System.Data.Linq.Mapping.ColumnAttribute(Name="TokenId", Storage="_TokenId", AutoSync=AutoSync.OnInsert, DbType="Int NOT NULL IDENTITY", IsPrimaryKey=true, IsDbGenerated=true)] + public int AuthorizationId { get { @@ -771,77 +727,17 @@ namespace OAuthServiceProvider.Code { if ((this._TokenId != value)) { - this.OnTokenIdChanging(value); + this.OnAuthorizationIdChanging(value); this.SendPropertyChanging(); this._TokenId = value; - this.SendPropertyChanged("TokenId"); - this.OnTokenIdChanged(); + this.SendPropertyChanged("AuthorizationId"); + this.OnAuthorizationIdChanged(); } } } - [global::System.Data.Linq.Mapping.ColumnAttribute(Storage="_Token", DbType="NVarChar(50) NOT NULL", CanBeNull=false)] - public string Token - { - get - { - return this._Token; - } - set - { - if ((this._Token != value)) - { - this.OnTokenChanging(value); - this.SendPropertyChanging(); - this._Token = value; - this.SendPropertyChanged("Token"); - this.OnTokenChanged(); - } - } - } - - [global::System.Data.Linq.Mapping.ColumnAttribute(Storage="_TokenSecret", DbType="NVarChar(50) NOT NULL", CanBeNull=false)] - public string TokenSecret - { - get - { - return this._TokenSecret; - } - set - { - if ((this._TokenSecret != value)) - { - this.OnTokenSecretChanging(value); - this.SendPropertyChanging(); - this._TokenSecret = value; - this.SendPropertyChanged("TokenSecret"); - this.OnTokenSecretChanged(); - } - } - } - - [global::System.Data.Linq.Mapping.ColumnAttribute(Storage="_State", DbType="INT NOT NULL", CanBeNull=false)] - public OAuthServiceProvider.Code.TokenAuthorizationState State - { - get - { - return this._State; - } - set - { - if ((this._State != value)) - { - this.OnStateChanging(value); - this.SendPropertyChanging(); - this._State = value; - this.SendPropertyChanged("State"); - this.OnStateChanged(); - } - } - } - - [global::System.Data.Linq.Mapping.ColumnAttribute(Storage="_IssueDate", DbType="DateTime NOT NULL")] - public System.DateTime IssueDate + [global::System.Data.Linq.Mapping.ColumnAttribute(Name="IssueDate", Storage="_IssueDate", DbType="DateTime NOT NULL")] + public System.DateTime CreatedOn { get { @@ -851,17 +747,17 @@ namespace OAuthServiceProvider.Code { if ((this._IssueDate != value)) { - this.OnIssueDateChanging(value); + this.OnCreatedOnChanging(value); this.SendPropertyChanging(); this._IssueDate = value; - this.SendPropertyChanged("IssueDate"); - this.OnIssueDateChanged(); + this.SendPropertyChanged("CreatedOn"); + this.OnCreatedOnChanged(); } } } - [global::System.Data.Linq.Mapping.ColumnAttribute(Storage="_ConsumerId", DbType="Int NOT NULL")] - public int ConsumerId + [global::System.Data.Linq.Mapping.ColumnAttribute(Name="ConsumerId", Storage="_ConsumerId", DbType="Int NOT NULL")] + public int ClientId { get { @@ -871,15 +767,11 @@ namespace OAuthServiceProvider.Code { if ((this._ConsumerId != value)) { - if (this._OAuthConsumer.HasLoadedOrAssignedValue) - { - throw new System.Data.Linq.ForeignKeyReferenceAlreadyHasValueException(); - } - this.OnConsumerIdChanging(value); + this.OnClientIdChanging(value); this.SendPropertyChanging(); this._ConsumerId = value; - this.SendPropertyChanged("ConsumerId"); - this.OnConsumerIdChanged(); + this.SendPropertyChanged("ClientId"); + this.OnClientIdChanged(); } } } @@ -928,8 +820,8 @@ namespace OAuthServiceProvider.Code } } - [global::System.Data.Linq.Mapping.ColumnAttribute(Storage="_RequestTokenVerifier")] - public string RequestTokenVerifier + [global::System.Data.Linq.Mapping.ColumnAttribute(Name="RequestTokenVerifier", Storage="_RequestTokenVerifier", DbType="DateTime NOT NULL")] + public System.DateTime ExpirationDate { get { @@ -939,57 +831,17 @@ namespace OAuthServiceProvider.Code { if ((this._RequestTokenVerifier != value)) { - this.OnRequestTokenVerifierChanging(value); + this.OnExpirationDateChanging(value); this.SendPropertyChanging(); this._RequestTokenVerifier = value; - this.SendPropertyChanged("RequestTokenVerifier"); - this.OnRequestTokenVerifierChanged(); - } - } - } - - [global::System.Data.Linq.Mapping.ColumnAttribute(Storage="_RequestTokenCallback")] - public string RequestTokenCallback - { - get - { - return this._RequestTokenCallback; - } - set - { - if ((this._RequestTokenCallback != value)) - { - this.OnRequestTokenCallbackChanging(value); - this.SendPropertyChanging(); - this._RequestTokenCallback = value; - this.SendPropertyChanged("RequestTokenCallback"); - this.OnRequestTokenCallbackChanged(); - } - } - } - - [global::System.Data.Linq.Mapping.ColumnAttribute(Storage="_ConsumerVersion")] - public string ConsumerVersion - { - get - { - return this._ConsumerVersion; - } - set - { - if ((this._ConsumerVersion != value)) - { - this.OnConsumerVersionChanging(value); - this.SendPropertyChanging(); - this._ConsumerVersion = value; - this.SendPropertyChanged("ConsumerVersion"); - this.OnConsumerVersionChanged(); + this.SendPropertyChanged("ExpirationDate"); + this.OnExpirationDateChanged(); } } } - [global::System.Data.Linq.Mapping.AssociationAttribute(Name="OAuthConsumer_OAuthToken", Storage="_OAuthConsumer", ThisKey="ConsumerId", OtherKey="ConsumerId", IsForeignKey=true, DeleteOnNull=true, DeleteRule="CASCADE")] - public OAuthConsumer OAuthConsumer + [global::System.Data.Linq.Mapping.AssociationAttribute(Name="Client_ClientAuthorization", Storage="_OAuthConsumer", ThisKey="ClientId", OtherKey="ClientId", IsForeignKey=true, DeleteOnNull=true, DeleteRule="CASCADE")] + public Client Client { get { @@ -997,7 +849,7 @@ namespace OAuthServiceProvider.Code } set { - OAuthConsumer previousValue = this._OAuthConsumer.Entity; + Client previousValue = this._OAuthConsumer.Entity; if (((previousValue != value) || (this._OAuthConsumer.HasLoadedOrAssignedValue == false))) { @@ -1005,24 +857,24 @@ namespace OAuthServiceProvider.Code if ((previousValue != null)) { this._OAuthConsumer.Entity = null; - previousValue.OAuthTokens.Remove(this); + previousValue.ClientAuthorizations.Remove(this); } this._OAuthConsumer.Entity = value; if ((value != null)) { - value.OAuthTokens.Add(this); - this._ConsumerId = value.ConsumerId; + value.ClientAuthorizations.Add(this); + this._ConsumerId = value.ClientId; } else { this._ConsumerId = default(int); } - this.SendPropertyChanged("OAuthConsumer"); + this.SendPropertyChanged("Client"); } } } - [global::System.Data.Linq.Mapping.AssociationAttribute(Name="User_OAuthToken", Storage="_User", ThisKey="UserId", OtherKey="UserId", IsForeignKey=true, DeleteRule="CASCADE")] + [global::System.Data.Linq.Mapping.AssociationAttribute(Name="User_ClientAuthorization", Storage="_User", ThisKey="UserId", OtherKey="UserId", IsForeignKey=true, DeleteRule="CASCADE")] public User User { get @@ -1039,12 +891,12 @@ namespace OAuthServiceProvider.Code if ((previousValue != null)) { this._User.Entity = null; - previousValue.OAuthTokens.Remove(this); + previousValue.ClientAuthorizations.Remove(this); } this._User.Entity = value; if ((value != null)) { - value.OAuthTokens.Add(this); + value.ClientAuthorizations.Add(this); this._UserId = value.UserId; } else diff --git a/samples/OAuthServiceProvider/Code/DatabaseNonceStore.cs b/samples/OAuthServiceProvider/Code/DatabaseNonceStore.cs index f0c10d1..7c37a25 100644 --- a/samples/OAuthServiceProvider/Code/DatabaseNonceStore.cs +++ b/samples/OAuthServiceProvider/Code/DatabaseNonceStore.cs @@ -1,10 +1,7 @@ namespace OAuthServiceProvider.Code { using System; - using System.Collections.Generic; - using System.Linq; - using System.Web; - using DotNetOpenAuth.Messaging.Bindings; using System.Data.SqlClient; + using DotNetOpenAuth.Messaging.Bindings; /// <summary> /// A database-persisted nonce store. diff --git a/samples/OAuthServiceProvider/Code/DatabaseTokenManager.cs b/samples/OAuthServiceProvider/Code/DatabaseTokenManager.cs deleted file mode 100644 index 721e124..0000000 --- a/samples/OAuthServiceProvider/Code/DatabaseTokenManager.cs +++ /dev/null @@ -1,159 +0,0 @@ -//----------------------------------------------------------------------- -// <copyright file="DatabaseTokenManager.cs" company="Andrew Arnott"> -// Copyright (c) Andrew Arnott. All rights reserved. -// </copyright> -//----------------------------------------------------------------------- - -namespace OAuthServiceProvider.Code { - using System; - using System.Collections.Generic; - using System.Diagnostics; - using System.Linq; - using DotNetOpenAuth.OAuth.ChannelElements; - using DotNetOpenAuth.OAuth.Messages; - - public class DatabaseTokenManager : IServiceProviderTokenManager { - #region IServiceProviderTokenManager - - public IConsumerDescription GetConsumer(string consumerKey) { - var consumerRow = Global.DataContext.OAuthConsumers.SingleOrDefault( - consumerCandidate => consumerCandidate.ConsumerKey == consumerKey); - if (consumerRow == null) { - throw new KeyNotFoundException(); - } - - return consumerRow; - } - - public IServiceProviderRequestToken GetRequestToken(string token) { - try { - return Global.DataContext.OAuthTokens.First(t => t.Token == token && t.State != TokenAuthorizationState.AccessToken); - } catch (InvalidOperationException ex) { - throw new KeyNotFoundException("Unrecognized token", ex); - } - } - - public IServiceProviderAccessToken GetAccessToken(string token) { - try { - return Global.DataContext.OAuthTokens.First(t => t.Token == token && t.State == TokenAuthorizationState.AccessToken); - } catch (InvalidOperationException ex) { - throw new KeyNotFoundException("Unrecognized token", ex); - } - } - - public void UpdateToken(IServiceProviderRequestToken token) { - // Nothing to do here, since we're using Linq To SQL. - } - - #endregion - - #region ITokenManager Members - - public string GetTokenSecret(string token) { - var tokenRow = Global.DataContext.OAuthTokens.SingleOrDefault( - tokenCandidate => tokenCandidate.Token == token); - if (tokenRow == null) { - throw new ArgumentException(); - } - - return tokenRow.TokenSecret; - } - - public void StoreNewRequestToken(UnauthorizedTokenRequest request, ITokenSecretContainingMessage response) { - RequestScopedTokenMessage scopedRequest = (RequestScopedTokenMessage)request; - var consumer = Global.DataContext.OAuthConsumers.Single(consumerRow => consumerRow.ConsumerKey == request.ConsumerKey); - string scope = scopedRequest.Scope; - OAuthToken newToken = new OAuthToken { - OAuthConsumer = consumer, - Token = response.Token, - TokenSecret = response.TokenSecret, - IssueDate = DateTime.UtcNow, - Scope = scope, - }; - - Global.DataContext.OAuthTokens.InsertOnSubmit(newToken); - Global.DataContext.SubmitChanges(); - } - - /// <summary> - /// Checks whether a given request token has already been authorized - /// by some user for use by the Consumer that requested it. - /// </summary> - /// <param name="requestToken">The Consumer's request token.</param> - /// <returns> - /// True if the request token has already been fully authorized by the user - /// who owns the relevant protected resources. False if the token has not yet - /// been authorized, has expired or does not exist. - /// </returns> - public bool IsRequestTokenAuthorized(string requestToken) { - var tokenFound = Global.DataContext.OAuthTokens.SingleOrDefault( - token => token.Token == requestToken && - token.State == TokenAuthorizationState.AuthorizedRequestToken); - return tokenFound != null; - } - - public void ExpireRequestTokenAndStoreNewAccessToken(string consumerKey, string requestToken, string accessToken, string accessTokenSecret) { - var data = Global.DataContext; - var consumerRow = data.OAuthConsumers.Single(consumer => consumer.ConsumerKey == consumerKey); - var tokenRow = data.OAuthTokens.Single(token => token.Token == requestToken && token.OAuthConsumer == consumerRow); - Debug.Assert(tokenRow.State == TokenAuthorizationState.AuthorizedRequestToken, "The token should be authorized already!"); - - // Update the existing row to be an access token. - tokenRow.IssueDate = DateTime.UtcNow; - tokenRow.State = TokenAuthorizationState.AccessToken; - tokenRow.Token = accessToken; - tokenRow.TokenSecret = accessTokenSecret; - } - - /// <summary> - /// Classifies a token as a request token or an access token. - /// </summary> - /// <param name="token">The token to classify.</param> - /// <returns>Request or Access token, or invalid if the token is not recognized.</returns> - public TokenType GetTokenType(string token) { - var tokenRow = Global.DataContext.OAuthTokens.SingleOrDefault(tokenCandidate => tokenCandidate.Token == token); - if (tokenRow == null) { - return TokenType.InvalidToken; - } else if (tokenRow.State == TokenAuthorizationState.AccessToken) { - return TokenType.AccessToken; - } else { - return TokenType.RequestToken; - } - } - - #endregion - - public void AuthorizeRequestToken(string requestToken, User user) { - if (requestToken == null) { - throw new ArgumentNullException("requestToken"); - } - if (user == null) { - throw new ArgumentNullException("user"); - } - - var tokenRow = Global.DataContext.OAuthTokens.SingleOrDefault( - tokenCandidate => tokenCandidate.Token == requestToken && - tokenCandidate.State == TokenAuthorizationState.UnauthorizedRequestToken); - if (tokenRow == null) { - throw new ArgumentException(); - } - - tokenRow.State = TokenAuthorizationState.AuthorizedRequestToken; - tokenRow.User = user; - } - - public OAuthConsumer GetConsumerForToken(string token) { - if (String.IsNullOrEmpty(token)) { - throw new ArgumentNullException("requestToken"); - } - - var tokenRow = Global.DataContext.OAuthTokens.SingleOrDefault( - tokenCandidate => tokenCandidate.Token == token); - if (tokenRow == null) { - throw new ArgumentException(); - } - - return tokenRow.OAuthConsumer; - } - } -}
\ No newline at end of file diff --git a/samples/OAuthServiceProvider/Code/Global.cs b/samples/OAuthServiceProvider/Code/Global.cs index 7c2e9f7..bcfa8ae 100644 --- a/samples/OAuthServiceProvider/Code/Global.cs +++ b/samples/OAuthServiceProvider/Code/Global.cs @@ -4,7 +4,6 @@ using System.ServiceModel; using System.Text; using System.Web; - using DotNetOpenAuth.OAuth.Messages; using DotNetOpenAuth.OAuth2; using DotNetOpenAuth.OAuth2.Messages; @@ -41,19 +40,12 @@ } } - public static DatabaseTokenManager TokenManager { get; set; } - public static DatabaseNonceStore NonceStore { get; set; } public static User LoggedInUser { get { return Global.DataContext.Users.SingleOrDefault(user => user.OpenIDClaimedIdentifier == HttpContext.Current.User.Identity.Name); } } - public static UserAuthorizationRequest PendingOAuthAuthorization { - get { return HttpContext.Current.Session["authrequest"] as UserAuthorizationRequest; } - set { HttpContext.Current.Session["authrequest"] = value; } - } - public static EndUserAuthorizationRequest PendingOAuth2Authorization { get { return HttpContext.Current.Session["authrequest"] as EndUserAuthorizationRequest; } @@ -87,12 +79,6 @@ } } - public static void AuthorizePendingRequestToken() { - ITokenContainingMessage tokenMessage = PendingOAuthAuthorization; - TokenManager.AuthorizeRequestToken(tokenMessage.Token, LoggedInUser); - PendingOAuthAuthorization = null; - } - private static void CommitAndCloseDatabaseIfNecessary() { var dataContext = dataContextSimple; if (dataContext != null) { @@ -110,11 +96,6 @@ appPath += "/"; } - // This will break in IIS Integrated Pipeline mode, since applications - // start before the first incoming request context is available. - // TODO: fix this. - Constants.WebRootUrl = new Uri(HttpContext.Current.Request.Url, appPath); - Global.TokenManager = new DatabaseTokenManager(); Global.NonceStore = new DatabaseNonceStore(); } diff --git a/samples/OAuthServiceProvider/Code/OAuth2AuthorizationServer.cs b/samples/OAuthServiceProvider/Code/OAuth2AuthorizationServer.cs index 00503c4..210e2ad 100644 --- a/samples/OAuthServiceProvider/Code/OAuth2AuthorizationServer.cs +++ b/samples/OAuthServiceProvider/Code/OAuth2AuthorizationServer.cs @@ -40,8 +40,8 @@ } public IConsumerDescription GetClient(string clientIdentifier) { - var consumerRow = Global.DataContext.OAuthConsumers.SingleOrDefault( - consumerCandidate => consumerCandidate.ConsumerKey == clientIdentifier); + var consumerRow = Global.DataContext.Clients.SingleOrDefault( + consumerCandidate => consumerCandidate.ClientIdentifier == clientIdentifier); if (consumerRow == null) { throw new ArgumentOutOfRangeException("clientIdentifier"); } diff --git a/samples/OAuthServiceProvider/Code/OAuthAuthorizationManager.cs b/samples/OAuthServiceProvider/Code/OAuthAuthorizationManager.cs index 3c8a3be..aa5428f 100644 --- a/samples/OAuthServiceProvider/Code/OAuthAuthorizationManager.cs +++ b/samples/OAuthServiceProvider/Code/OAuthAuthorizationManager.cs @@ -9,8 +9,6 @@ using System.ServiceModel.Security; using DotNetOpenAuth.Messaging; - using DotNetOpenAuth.OAuth; - using DotNetOpenAuth.OAuth.ChannelElements; using DotNetOpenAuth.OAuth2; using ProtocolException = System.ServiceModel.ProtocolException; @@ -31,7 +29,7 @@ var requestUri = operationContext.RequestContext.RequestMessage.Properties["OriginalHttpRequestUri"] as Uri; try { - var principal = this.VerifyOAuth2(httpDetails, requestUri); + var principal = VerifyOAuth2(httpDetails, requestUri); if (principal != null) { var policy = new OAuthPrincipalAuthorizationPolicy(principal); var policies = new List<IAuthorizationPolicy> { @@ -63,19 +61,7 @@ return false; } - private OAuthPrincipal VerifyOAuth1(HttpRequestMessageProperty httpDetails, Uri requestUri) { - ServiceProvider sp = Constants.CreateServiceProvider(); - var auth = sp.ReadProtectedResourceAuthorization(httpDetails, requestUri); - if (auth != null) { - var accessToken = Global.DataContext.OAuthTokens.Single(token => token.Token == auth.AccessToken); - var principal = sp.CreatePrincipal(auth); - return principal; - } - - return null; - } - - private OAuthPrincipal VerifyOAuth2(HttpRequestMessageProperty httpDetails, Uri requestUri) { + private static IPrincipal VerifyOAuth2(HttpRequestMessageProperty httpDetails, Uri requestUri) { // for this sample where the auth server and resource server are the same site, // we use the same public/private key. var resourceServer = new ResourceServer( @@ -83,15 +69,11 @@ OAuth2AuthorizationServer.AsymmetricKey, OAuth2AuthorizationServer.AsymmetricKey)); - string username; - HashSet<string> scope; - var error = resourceServer.VerifyAccess(new HttpRequestInfo(httpDetails, requestUri), out username, out scope); - if (error == null) { - var principal = new OAuthPrincipal(username, scope.ToArray()); - return principal; - } else { - return null; - } + IPrincipal result; + var error = resourceServer.VerifyAccess(new HttpRequestInfo(httpDetails, requestUri), out result); + + // TODO: return the prepared error code. + return error != null ? null : result; } } }
\ No newline at end of file diff --git a/samples/OAuthServiceProvider/Code/OAuthConsumer.cs b/samples/OAuthServiceProvider/Code/OAuthConsumer.cs index 8291929..bf97950 100644 --- a/samples/OAuthServiceProvider/Code/OAuthConsumer.cs +++ b/samples/OAuthServiceProvider/Code/OAuthConsumer.cs @@ -9,47 +9,19 @@ namespace OAuthServiceProvider.Code { using System.Collections.Generic; using System.Linq; using System.Web; - using DotNetOpenAuth.OAuth.ChannelElements; + using DotNetOpenAuth.OAuth2; - public partial class OAuthConsumer : IConsumerDescription, DotNetOpenAuth.OAuth2.IConsumerDescription { + public partial class Client : IConsumerDescription { #region IConsumerDescription Members - string IConsumerDescription.Key { - get { return this.ConsumerKey; } - } - string IConsumerDescription.Secret { - get { return this.ConsumerSecret; } - } - - System.Security.Cryptography.X509Certificates.X509Certificate2 IConsumerDescription.Certificate { - get { return null; } + get { return this.ClientSecret; } } Uri IConsumerDescription.Callback { get { return string.IsNullOrEmpty(this.Callback) ? null : new Uri(this.Callback); } } - DotNetOpenAuth.OAuth.VerificationCodeFormat IConsumerDescription.VerificationCodeFormat { - get { return this.VerificationCodeFormat; } - } - - int IConsumerDescription.VerificationCodeLength { - get { return this.VerificationCodeLength; } - } - - #endregion - - #region IConsumerDescription Members - - string DotNetOpenAuth.OAuth2.IConsumerDescription.Secret { - get { return this.ConsumerSecret; } - } - - Uri DotNetOpenAuth.OAuth2.IConsumerDescription.Callback { - get { return string.IsNullOrEmpty(this.Callback) ? null : new Uri(this.Callback); } - } - #endregion } }
\ No newline at end of file diff --git a/samples/OAuthServiceProvider/Code/OAuthPrincipalAuthorizationPolicy.cs b/samples/OAuthServiceProvider/Code/OAuthPrincipalAuthorizationPolicy.cs index a25f4c5..cf14eab 100644 --- a/samples/OAuthServiceProvider/Code/OAuthPrincipalAuthorizationPolicy.cs +++ b/samples/OAuthServiceProvider/Code/OAuthPrincipalAuthorizationPolicy.cs @@ -4,18 +4,18 @@ using System.IdentityModel.Claims; using System.IdentityModel.Policy; using System.Linq; + using System.Security.Principal; using System.Web; - using DotNetOpenAuth.OAuth.ChannelElements; public class OAuthPrincipalAuthorizationPolicy : IAuthorizationPolicy { private readonly Guid uniqueId = Guid.NewGuid(); - private readonly OAuthPrincipal principal; + private readonly IPrincipal principal; /// <summary> /// Initializes a new instance of the <see cref="OAuthPrincipalAuthorizationPolicy"/> class. /// </summary> /// <param name="principal">The principal.</param> - public OAuthPrincipalAuthorizationPolicy(OAuthPrincipal principal) { + public OAuthPrincipalAuthorizationPolicy(IPrincipal principal) { this.principal = principal; } diff --git a/samples/OAuthServiceProvider/Code/OAuthToken.cs b/samples/OAuthServiceProvider/Code/OAuthToken.cs deleted file mode 100644 index 182a3e3..0000000 --- a/samples/OAuthServiceProvider/Code/OAuthToken.cs +++ /dev/null @@ -1,66 +0,0 @@ -//----------------------------------------------------------------------- -// <copyright file="OAuthToken.cs" company="Andrew Arnott"> -// Copyright (c) Andrew Arnott. All rights reserved. -// </copyright> -//----------------------------------------------------------------------- - -namespace OAuthServiceProvider.Code { - using System; - using System.Collections.Generic; - using System.Linq; - using System.Web; - using DotNetOpenAuth.OAuth.ChannelElements; - - public partial class OAuthToken : IServiceProviderRequestToken, IServiceProviderAccessToken { - #region IServiceProviderRequestToken Members - - string IServiceProviderRequestToken.Token { - get { return this.Token; } - } - - string IServiceProviderRequestToken.ConsumerKey { - get { return this.OAuthConsumer.ConsumerKey; } - } - - DateTime IServiceProviderRequestToken.CreatedOn { - get { return this.IssueDate; } - } - - Uri IServiceProviderRequestToken.Callback { - get { return string.IsNullOrEmpty(this.RequestTokenCallback) ? null : new Uri(this.RequestTokenCallback); } - set { this.RequestTokenCallback = value.AbsoluteUri; } - } - - string IServiceProviderRequestToken.VerificationCode { - get { return this.RequestTokenVerifier; } - set { this.RequestTokenVerifier = value; } - } - - Version IServiceProviderRequestToken.ConsumerVersion { - get { return new Version(this.ConsumerVersion); } - set { this.ConsumerVersion = value.ToString(); } - } - - #endregion - - #region IServiceProviderAccessToken Members - - string IServiceProviderAccessToken.Token { - get { return this.Token; } - } - - DateTime? IServiceProviderAccessToken.ExpirationDate { - get { return null; } - } - - string IServiceProviderAccessToken.Username { - get { return this.User.OpenIDClaimedIdentifier; } - } - - string[] IServiceProviderAccessToken.Roles { - get { return this.Scope.Split('|'); } - } - - #endregion - } -}
\ No newline at end of file diff --git a/samples/OAuthServiceProvider/Code/RequestScopedTokenMessage.cs b/samples/OAuthServiceProvider/Code/RequestScopedTokenMessage.cs deleted file mode 100644 index 984d683..0000000 --- a/samples/OAuthServiceProvider/Code/RequestScopedTokenMessage.cs +++ /dev/null @@ -1,25 +0,0 @@ -namespace OAuthServiceProvider.Code { - using System; - using DotNetOpenAuth.Messaging; - using DotNetOpenAuth.OAuth.Messages; - - /// <summary> - /// A custom web app version of the message sent to request an unauthorized token. - /// </summary> - public class RequestScopedTokenMessage : UnauthorizedTokenRequest { - /// <summary> - /// Initializes a new instance of the <see cref="RequestScopedTokenMessage"/> class. - /// </summary> - /// <param name="endpoint">The endpoint that will receive the message.</param> - /// <param name="version">The OAuth version.</param> - public RequestScopedTokenMessage(MessageReceivingEndpoint endpoint, Version version) - : base(endpoint, version) { - } - - /// <summary> - /// Gets or sets the scope of the access being requested. - /// </summary> - [MessagePart("scope", IsRequired = true)] - public string Scope { get; set; } - } -}
\ No newline at end of file diff --git a/samples/OAuthServiceProvider/Code/TokenAuthorizationState.cs b/samples/OAuthServiceProvider/Code/TokenAuthorizationState.cs deleted file mode 100644 index a9cfa4e..0000000 --- a/samples/OAuthServiceProvider/Code/TokenAuthorizationState.cs +++ /dev/null @@ -1,26 +0,0 @@ -namespace OAuthServiceProvider.Code { - using System; - using System.Collections.Generic; - using System.Linq; - using System.Web; - - /// <summary> - /// Various states an OAuth token can be in. - /// </summary> - public enum TokenAuthorizationState : int { - /// <summary> - /// An unauthorized request token. - /// </summary> - UnauthorizedRequestToken = 0, - - /// <summary> - /// An authorized request token. - /// </summary> - AuthorizedRequestToken = 1, - - /// <summary> - /// An authorized access token. - /// </summary> - AccessToken = 2, - } -}
\ No newline at end of file diff --git a/samples/OAuthServiceProvider/Default.aspx.cs b/samples/OAuthServiceProvider/Default.aspx.cs index 653046a..9193da4 100644 --- a/samples/OAuthServiceProvider/Default.aspx.cs +++ b/samples/OAuthServiceProvider/Default.aspx.cs @@ -22,9 +22,10 @@ dc.CreateDatabase(); // Fill with sample data. - dc.OAuthConsumers.InsertOnSubmit(new OAuthConsumer { - ConsumerKey = "sampleconsumer", - ConsumerSecret = "samplesecret", + dc.Clients.InsertOnSubmit(new Client { + ClientIdentifier = "sampleconsumer", + ClientSecret = "samplesecret", + Name = "Some sample client", }); dc.Users.InsertOnSubmit(new User { OpenIDFriendlyIdentifier = "=arnott", diff --git a/samples/OAuthServiceProvider/Members/Authorize.aspx b/samples/OAuthServiceProvider/Members/Authorize.aspx deleted file mode 100644 index 251189a..0000000 --- a/samples/OAuthServiceProvider/Members/Authorize.aspx +++ /dev/null @@ -1,58 +0,0 @@ -<%@ Page Title="Authorize Access" Language="C#" MasterPageFile="~/MasterPage.master" AutoEventWireup="true" Inherits="OAuthServiceProvider.Authorize" Codebehind="Authorize.aspx.cs" %> - -<asp:Content ID="Content2" ContentPlaceHolderID="Body" runat="Server"> - <asp:MultiView runat="server" ActiveViewIndex="0" ID="multiView"> - <asp:View runat="server"> - <div style="background-color: Yellow"> - <b>Warning</b>: Never give your login credentials to another web site or application. - </div> - <asp:HiddenField runat="server" ID="OAuthAuthorizationSecToken" EnableViewState="false" /> - <p>The client web site or application <asp:Label ID="consumerLabel" Font-Bold="true" - runat="server" Text="[consumer]" /> wants access to your <asp:Label ID="desiredAccessLabel" - Font-Bold="true" runat="server" Text="[protected resource]" />. </p> - <p>Do you want to allow this? </p> - <div style="display: none" id="responseButtonsDiv"> - <asp:Button ID="allowAccessButton" runat="server" Text="Yes" OnClick="allowAccessButton_Click" /> - <asp:Button ID="denyAccessButton" runat="server" Text="No" OnClick="denyAccessButton_Click" /> - </div> - <div id="javascriptDisabled"> - <b>Javascript appears to be disabled in your browser. </b>This page requires Javascript - to be enabled to better protect your security. - </div> - <p>If you grant access now, you can revoke it at any time by returning to this page. - </p> - <asp:Panel runat="server" BackColor="Red" ForeColor="White" Font-Bold="true" Visible="false" ID="OAuth10ConsumerWarning"> - This website is registered with service_PROVIDER_DOMAIN_NAME to make authorization requests, but has not been configured to send requests securely. If you grant access but you did not initiate this request at consumer_DOMAIN_NAME, it may be possible for other users of consumer_DOMAIN_NAME to access your data. We recommend you deny access unless you are certain that you initiated this request directly with consumer_DOMAIN_NAME. - </asp:Panel> - <script language="javascript" type="text/javascript"> - //<![CDATA[ - // we use HTML to hide the action buttons and Javascript to show them - // to protect against click-jacking in an iframe whose javascript is disabled. - document.getElementById('responseButtonsDiv').style.display = 'block'; - document.getElementById('javascriptDisabled').style.display = 'none'; - - // Frame busting code (to protect us from being hosted in an iframe). - // This protects us from click-jacking. - if (document.location !== window.top.location) { - window.top.location = document.location; - } - //]]> - </script> - </asp:View> - <asp:View runat="server"> - <p>Authorization has been granted.</p> - <asp:MultiView runat="server" ID="verifierMultiView" ActiveViewIndex="0"> - <asp:View runat="server"> - <p>You must enter this verification code at the Consumer: <asp:Label runat="server" - ID="verificationCodeLabel" /> </p> - </asp:View> - <asp:View ID="View1" runat="server"> - <p>You may now close this window and return to the Consumer. </p> - </asp:View> - </asp:MultiView> - </asp:View> - <asp:View runat="server"> - <p>Authorization has been denied. You're free to do whatever now. </p> - </asp:View> - </asp:MultiView> -</asp:Content> diff --git a/samples/OAuthServiceProvider/Members/Authorize.aspx.cs b/samples/OAuthServiceProvider/Members/Authorize.aspx.cs deleted file mode 100644 index faa2147..0000000 --- a/samples/OAuthServiceProvider/Members/Authorize.aspx.cs +++ /dev/null @@ -1,80 +0,0 @@ -namespace OAuthServiceProvider { - using System; - using System.Collections.Generic; - using System.Linq; - using System.Security.Cryptography; - using System.Web; - using System.Web.UI; - using System.Web.UI.WebControls; - using DotNetOpenAuth; - using DotNetOpenAuth.OAuth; - using DotNetOpenAuth.OAuth.Messages; - using OAuthServiceProvider.Code; - - /// <summary> - /// Conducts the user through a Consumer authorization process. - /// </summary> - public partial class Authorize : System.Web.UI.Page { - private static readonly RandomNumberGenerator CryptoRandomDataGenerator = new RNGCryptoServiceProvider(); - - private string AuthorizationSecret { - get { return Session["OAuthAuthorizationSecret"] as string; } - set { Session["OAuthAuthorizationSecret"] = value; } - } - - protected void Page_Load(object sender, EventArgs e) { - if (!IsPostBack) { - if (Global.PendingOAuthAuthorization == null) { - Response.Redirect("~/Members/AuthorizedConsumers.aspx"); - } else { - ITokenContainingMessage pendingToken = Global.PendingOAuthAuthorization; - var token = Global.DataContext.OAuthTokens.Single(t => t.Token == pendingToken.Token); - this.desiredAccessLabel.Text = token.Scope; - this.consumerLabel.Text = Global.TokenManager.GetConsumerForToken(token.Token).ConsumerKey; - - // Generate an unpredictable secret that goes to the user agent and must come back - // with authorization to guarantee the user interacted with this page rather than - // being scripted by an evil Consumer. - byte[] randomData = new byte[8]; - CryptoRandomDataGenerator.GetBytes(randomData); - this.AuthorizationSecret = Convert.ToBase64String(randomData); - this.OAuthAuthorizationSecToken.Value = this.AuthorizationSecret; - - this.OAuth10ConsumerWarning.Visible = Global.PendingOAuthAuthorization.IsUnsafeRequest; - } - } - } - - protected void allowAccessButton_Click(object sender, EventArgs e) { - if (this.AuthorizationSecret != this.OAuthAuthorizationSecToken.Value) { - throw new ArgumentException(); // probably someone trying to hack in. - } - this.AuthorizationSecret = null; // clear one time use secret - var pending = Global.PendingOAuthAuthorization; - Global.AuthorizePendingRequestToken(); - this.multiView.ActiveViewIndex = 1; - - ServiceProvider sp = new ServiceProvider(Constants.SelfDescription, Global.TokenManager); - var response = sp.PrepareAuthorizationResponse(pending); - if (response != null) { - sp.Channel.Send(response); - } else { - if (pending.IsUnsafeRequest) { - this.verifierMultiView.ActiveViewIndex = 1; - } else { - string verifier = ServiceProvider.CreateVerificationCode(VerificationCodeFormat.AlphaNumericNoLookAlikes, 10); - this.verificationCodeLabel.Text = verifier; - ITokenContainingMessage requestTokenMessage = pending; - var requestToken = Global.TokenManager.GetRequestToken(requestTokenMessage.Token); - requestToken.VerificationCode = verifier; - Global.TokenManager.UpdateToken(requestToken); - } - } - } - - protected void denyAccessButton_Click(object sender, EventArgs e) { - // erase the request token. - this.multiView.ActiveViewIndex = 2; - } - } -}
\ No newline at end of file diff --git a/samples/OAuthServiceProvider/Members/Authorize.aspx.designer.cs b/samples/OAuthServiceProvider/Members/Authorize.aspx.designer.cs deleted file mode 100644 index 8aaf94d..0000000 --- a/samples/OAuthServiceProvider/Members/Authorize.aspx.designer.cs +++ /dev/null @@ -1,105 +0,0 @@ -//------------------------------------------------------------------------------ -// <auto-generated> -// This code was generated by a tool. -// -// Changes to this file may cause incorrect behavior and will be lost if -// the code is regenerated. -// </auto-generated> -//------------------------------------------------------------------------------ - -namespace OAuthServiceProvider { - - - public partial class Authorize { - - /// <summary> - /// multiView control. - /// </summary> - /// <remarks> - /// Auto-generated field. - /// To modify move field declaration from designer file to code-behind file. - /// </remarks> - protected global::System.Web.UI.WebControls.MultiView multiView; - - /// <summary> - /// OAuthAuthorizationSecToken control. - /// </summary> - /// <remarks> - /// Auto-generated field. - /// To modify move field declaration from designer file to code-behind file. - /// </remarks> - protected global::System.Web.UI.WebControls.HiddenField OAuthAuthorizationSecToken; - - /// <summary> - /// consumerLabel control. - /// </summary> - /// <remarks> - /// Auto-generated field. - /// To modify move field declaration from designer file to code-behind file. - /// </remarks> - protected global::System.Web.UI.WebControls.Label consumerLabel; - - /// <summary> - /// desiredAccessLabel control. - /// </summary> - /// <remarks> - /// Auto-generated field. - /// To modify move field declaration from designer file to code-behind file. - /// </remarks> - protected global::System.Web.UI.WebControls.Label desiredAccessLabel; - - /// <summary> - /// allowAccessButton control. - /// </summary> - /// <remarks> - /// Auto-generated field. - /// To modify move field declaration from designer file to code-behind file. - /// </remarks> - protected global::System.Web.UI.WebControls.Button allowAccessButton; - - /// <summary> - /// denyAccessButton control. - /// </summary> - /// <remarks> - /// Auto-generated field. - /// To modify move field declaration from designer file to code-behind file. - /// </remarks> - protected global::System.Web.UI.WebControls.Button denyAccessButton; - - /// <summary> - /// OAuth10ConsumerWarning control. - /// </summary> - /// <remarks> - /// Auto-generated field. - /// To modify move field declaration from designer file to code-behind file. - /// </remarks> - protected global::System.Web.UI.WebControls.Panel OAuth10ConsumerWarning; - - /// <summary> - /// verifierMultiView control. - /// </summary> - /// <remarks> - /// Auto-generated field. - /// To modify move field declaration from designer file to code-behind file. - /// </remarks> - protected global::System.Web.UI.WebControls.MultiView verifierMultiView; - - /// <summary> - /// verificationCodeLabel control. - /// </summary> - /// <remarks> - /// Auto-generated field. - /// To modify move field declaration from designer file to code-behind file. - /// </remarks> - protected global::System.Web.UI.WebControls.Label verificationCodeLabel; - - /// <summary> - /// View1 control. - /// </summary> - /// <remarks> - /// Auto-generated field. - /// To modify move field declaration from designer file to code-behind file. - /// </remarks> - protected global::System.Web.UI.WebControls.View View1; - } -} diff --git a/samples/OAuthServiceProvider/OAuth.ashx b/samples/OAuthServiceProvider/OAuth.ashx deleted file mode 100644 index efa8140..0000000 --- a/samples/OAuthServiceProvider/OAuth.ashx +++ /dev/null @@ -1,42 +0,0 @@ -<%@ WebHandler Language="C#" Class="OAuth" %> - -using System; -using System.Linq; -using System.Web; -using System.Web.SessionState; -using DotNetOpenAuth.OAuth; -using DotNetOpenAuth.OAuth.ChannelElements; -using DotNetOpenAuth.OAuth.Messages; -using DotNetOpenAuth.Messaging; -using OAuthServiceProvider.Code; - -public class OAuth : IHttpHandler, IRequiresSessionState { - private ServiceProvider sp; - - public OAuth() { - sp = new ServiceProvider(Constants.SelfDescription, Global.TokenManager, new CustomOAuthMessageFactory(Global.TokenManager)); - } - - public void ProcessRequest(HttpContext context) { - IProtocolMessage request = sp.ReadRequest(); - RequestScopedTokenMessage requestToken; - UserAuthorizationRequest requestAuth; - AuthorizedTokenRequest requestAccessToken; - if ((requestToken = request as RequestScopedTokenMessage) != null) { - var response = sp.PrepareUnauthorizedTokenMessage(requestToken); - sp.Channel.Send(response); - } else if ((requestAuth = request as UserAuthorizationRequest) != null) { - Global.PendingOAuthAuthorization = requestAuth; - HttpContext.Current.Response.Redirect("~/Members/Authorize.aspx"); - } else if ((requestAccessToken = request as AuthorizedTokenRequest) != null) { - var response = sp.PrepareAccessTokenMessage(requestAccessToken); - sp.Channel.Send(response); - } else { - throw new InvalidOperationException(); - } - } - - public bool IsReusable { - get { return true; } - } -} diff --git a/samples/OAuthServiceProvider/OAuthServiceProvider.csproj b/samples/OAuthServiceProvider/OAuthServiceProvider.csproj index 94e7bb3..f2e5cfd 100644 --- a/samples/OAuthServiceProvider/OAuthServiceProvider.csproj +++ b/samples/OAuthServiceProvider/OAuthServiceProvider.csproj @@ -59,7 +59,6 @@ <Content Include="favicon.ico" /> <Content Include="Global.asax" /> <Content Include="Login.aspx" /> - <Content Include="Members\Authorize.aspx" /> <Content Include="Members\Authorize2.aspx" /> <Content Include="Members\AuthorizedConsumers.aspx" /> <Content Include="Members\Logoff.aspx" /> @@ -86,23 +85,14 @@ <Compile Include="DataApi.cs"> <DependentUpon>DataApi.svc</DependentUpon> </Compile> - <Compile Include="Members\Authorize.aspx.designer.cs"> - <DependentUpon>Authorize.aspx</DependentUpon> - </Compile> <Compile Include="Members\AuthorizedConsumers.aspx.designer.cs"> <DependentUpon>AuthorizedConsumers.aspx</DependentUpon> </Compile> - <Compile Include="Code\Constants.cs" /> - <Compile Include="Code\CustomOAuthTypeProvider.cs" /> - <Compile Include="Code\DatabaseTokenManager.cs" /> <Compile Include="Code\Global.cs" /> <Compile Include="Code\IDataApi.cs" /> <Compile Include="Code\OAuthAuthorizationManager.cs" /> <Compile Include="Code\OAuthConsumer.cs" /> <Compile Include="Code\OAuthPrincipalAuthorizationPolicy.cs" /> - <Compile Include="Code\OAuthToken.cs" /> - <Compile Include="Code\RequestScopedTokenMessage.cs" /> - <Compile Include="Code\TokenAuthorizationState.cs" /> <Compile Include="Code\TracePageAppender.cs" /> <Compile Include="Code\Utilities.cs" /> <Compile Include="Code\DataClasses.designer.cs"> @@ -114,10 +104,6 @@ <DependentUpon>Default.aspx</DependentUpon> <SubType>ASPXCodeBehind</SubType> </Compile> - <Compile Include="Members\Authorize.aspx.cs"> - <DependentUpon>Authorize.aspx</DependentUpon> - <SubType>ASPXCodeBehind</SubType> - </Compile> <Compile Include="Members\AuthorizedConsumers.aspx.cs"> <DependentUpon>AuthorizedConsumers.aspx</DependentUpon> <SubType>ASPXCodeBehind</SubType> @@ -134,9 +120,6 @@ <Folder Include="App_Data\" /> </ItemGroup> <ItemGroup> - <Content Include="OAuth.ashx" /> - </ItemGroup> - <ItemGroup> <Content Include="MasterPage.master" /> </ItemGroup> <ItemGroup> |