summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--src/DotNetOpenAuth.Test/OAuth2/MessageFactoryTests.cs4
-rw-r--r--src/DotNetOpenAuth/DotNetOpenAuth.csproj4
-rw-r--r--src/DotNetOpenAuth/OAuth2/ChannelElements/AuthorizationCodeBindingElement.cs2
-rw-r--r--src/DotNetOpenAuth/OAuth2/ChannelElements/OAuth2ChannelBase.cs3
-rw-r--r--src/DotNetOpenAuth/OAuth2/ClientBase.cs26
-rw-r--r--src/DotNetOpenAuth/OAuth2/Messages/AccessTokenAuthorizationCodeRequest.cs2
-rw-r--r--src/DotNetOpenAuth/OAuth2/Messages/EndUserAuthorizationFailedResponse.cs2
-rw-r--r--src/DotNetOpenAuth/OAuth2/Messages/EndUserAuthorizationSuccessAccessTokenResponse.cs64
-rw-r--r--src/DotNetOpenAuth/OAuth2/Messages/EndUserAuthorizationSuccessAuthCodeResponse.cs67
-rw-r--r--src/DotNetOpenAuth/OAuth2/Messages/EndUserAuthorizationSuccessResponseBase.cs (renamed from src/DotNetOpenAuth/OAuth2/Messages/EndUserAuthorizationSuccessResponse.cs)58
-rw-r--r--src/DotNetOpenAuth/OAuth2/UserAgentClient.cs23
-rw-r--r--src/DotNetOpenAuth/OAuth2/WebServerAuthorizationServer.cs19
-rw-r--r--src/DotNetOpenAuth/OAuth2/WebServerClient.cs4
13 files changed, 195 insertions, 83 deletions
diff --git a/src/DotNetOpenAuth.Test/OAuth2/MessageFactoryTests.cs b/src/DotNetOpenAuth.Test/OAuth2/MessageFactoryTests.cs
index dbd5187..230dac2 100644
--- a/src/DotNetOpenAuth.Test/OAuth2/MessageFactoryTests.cs
+++ b/src/DotNetOpenAuth.Test/OAuth2/MessageFactoryTests.cs
@@ -50,7 +50,7 @@ namespace DotNetOpenAuth.Test.OAuth2 {
{ Protocol.code, "abc" },
};
IDirectedProtocolMessage request = this.messageFactory.GetNewRequestMessage(this.recipient, fields);
- Assert.IsInstanceOf(typeof(EndUserAuthorizationSuccessResponse), request);
+ Assert.IsInstanceOf(typeof(EndUserAuthorizationSuccessResponseBase), request);
}
[TestCase, Ignore("Not yet supported")]
@@ -59,7 +59,7 @@ namespace DotNetOpenAuth.Test.OAuth2 {
{ Protocol.access_token, "abc" },
};
IDirectedProtocolMessage request = this.messageFactory.GetNewRequestMessage(this.recipient, fields);
- Assert.IsInstanceOf(typeof(EndUserAuthorizationSuccessResponse), request);
+ Assert.IsInstanceOf(typeof(EndUserAuthorizationSuccessResponseBase), request);
}
[TestCase]
diff --git a/src/DotNetOpenAuth/DotNetOpenAuth.csproj b/src/DotNetOpenAuth/DotNetOpenAuth.csproj
index 9b0b2a6..7705717 100644
--- a/src/DotNetOpenAuth/DotNetOpenAuth.csproj
+++ b/src/DotNetOpenAuth/DotNetOpenAuth.csproj
@@ -377,7 +377,9 @@ http://opensource.org/licenses/ms-pl.html
<Compile Include="OAuth2\Messages\AccessTokenBasicCredentialsRequest.cs" />
<Compile Include="OAuth2\Messages\AccessTokenRequestBase.cs" />
<Compile Include="OAuth2\Messages\AccessTokenClientCredentialsRequest.cs" />
+ <Compile Include="OAuth2\Messages\EndUserAuthorizationSuccessAccessTokenResponse.cs" />
<Compile Include="OAuth2\Messages\EndUserAuthorizationFailedResponse.cs" />
+ <Compile Include="OAuth2\Messages\EndUserAuthorizationSuccessAuthCodeResponse.cs" />
<Compile Include="OAuth2\Messages\GrantType.cs" />
<Compile Include="OAuth2\Messages\AccessTokenRefreshRequest.cs" />
<Compile Include="OAuth2\Messages\EndUserAuthorizationResponseType.cs" />
@@ -385,7 +387,7 @@ http://opensource.org/licenses/ms-pl.html
<Compile Include="OAuth2\Messages\UnauthorizedResponse.cs" />
<Compile Include="OAuth2\Messages\AccessTokenFailedResponse.cs" />
<Compile Include="OAuth2\Messages\AccessTokenSuccessResponse.cs" />
- <Compile Include="OAuth2\Messages\EndUserAuthorizationSuccessResponse.cs" />
+ <Compile Include="OAuth2\Messages\EndUserAuthorizationSuccessResponseBase.cs" />
<Compile Include="OAuth2\ResourceServer.cs" />
<Compile Include="OAuth2\StandardAccessTokenAnalyzer.cs" />
<Compile Include="OAuth2\UserAgentClient.cs" />
diff --git a/src/DotNetOpenAuth/OAuth2/ChannelElements/AuthorizationCodeBindingElement.cs b/src/DotNetOpenAuth/OAuth2/ChannelElements/AuthorizationCodeBindingElement.cs
index 869a48c..21fc258 100644
--- a/src/DotNetOpenAuth/OAuth2/ChannelElements/AuthorizationCodeBindingElement.cs
+++ b/src/DotNetOpenAuth/OAuth2/ChannelElements/AuthorizationCodeBindingElement.cs
@@ -55,7 +55,7 @@ namespace DotNetOpenAuth.OAuth2.ChannelElements {
/// <see cref="MessagePartAttribute.RequiredProtection"/> properties where applicable.
/// </remarks>
public override MessageProtections? ProcessOutgoingMessage(IProtocolMessage message) {
- var response = message as EndUserAuthorizationSuccessResponse;
+ var response = message as EndUserAuthorizationSuccessAuthCodeResponse;
if (response != null) {
var directResponse = (IDirectResponseProtocolMessage)response;
var request = (EndUserAuthorizationRequest)directResponse.OriginatingRequest;
diff --git a/src/DotNetOpenAuth/OAuth2/ChannelElements/OAuth2ChannelBase.cs b/src/DotNetOpenAuth/OAuth2/ChannelElements/OAuth2ChannelBase.cs
index 56b0e7b..b211eb7 100644
--- a/src/DotNetOpenAuth/OAuth2/ChannelElements/OAuth2ChannelBase.cs
+++ b/src/DotNetOpenAuth/OAuth2/ChannelElements/OAuth2ChannelBase.cs
@@ -26,7 +26,8 @@ namespace DotNetOpenAuth.OAuth2.ChannelElements {
typeof(AccessTokenSuccessResponse),
typeof(AccessTokenFailedResponse),
typeof(EndUserAuthorizationRequest),
- typeof(EndUserAuthorizationSuccessResponse),
+ typeof(EndUserAuthorizationSuccessAuthCodeResponse),
+ typeof(EndUserAuthorizationSuccessAccessTokenResponse),
typeof(EndUserAuthorizationFailedResponse),
typeof(UnauthorizedResponse),
};
diff --git a/src/DotNetOpenAuth/OAuth2/ClientBase.cs b/src/DotNetOpenAuth/OAuth2/ClientBase.cs
index 1c5e09d..b2b63aa 100644
--- a/src/DotNetOpenAuth/OAuth2/ClientBase.cs
+++ b/src/DotNetOpenAuth/OAuth2/ClientBase.cs
@@ -159,6 +159,32 @@ namespace DotNetOpenAuth.OAuth2 {
}
/// <summary>
+ /// Updates the authorization state maintained by the client with the content of an outgoing response.
+ /// </summary>
+ /// <param name="authorizationState">The authorization state maintained by the client.</param>
+ /// <param name="accessTokenSuccess">The access token containing response message.</param>
+ internal void UpdateAuthorizationWithResponse(IAuthorizationState authorizationState, EndUserAuthorizationSuccessAccessTokenResponse accessTokenSuccess) {
+ Contract.Requires<ArgumentNullException>(authorizationState != null, "authorizationState");
+ Contract.Requires<ArgumentNullException>(accessTokenSuccess != null, "accessTokenSuccess");
+
+ authorizationState.AccessToken = accessTokenSuccess.AccessToken;
+ authorizationState.AccessTokenExpirationUtc = DateTime.UtcNow + accessTokenSuccess.Lifetime;
+ authorizationState.AccessTokenIssueDateUtc = DateTime.UtcNow;
+ if (accessTokenSuccess.Scope != null && accessTokenSuccess.Scope != authorizationState.Scope) {
+ if (authorizationState.Scope != null) {
+ Logger.OAuth.InfoFormat(
+ "Requested scope of \"{0}\" changed to \"{1}\" by authorization server.",
+ authorizationState.Scope,
+ accessTokenSuccess.Scope);
+ }
+
+ authorizationState.Scope = accessTokenSuccess.Scope;
+ }
+
+ authorizationState.SaveChanges();
+ }
+
+ /// <summary>
/// Calculates the fraction of life remaining in an access token.
/// </summary>
/// <param name="authorization">The authorization to measure.</param>
diff --git a/src/DotNetOpenAuth/OAuth2/Messages/AccessTokenAuthorizationCodeRequest.cs b/src/DotNetOpenAuth/OAuth2/Messages/AccessTokenAuthorizationCodeRequest.cs
index d898862..fe634d1 100644
--- a/src/DotNetOpenAuth/OAuth2/Messages/AccessTokenAuthorizationCodeRequest.cs
+++ b/src/DotNetOpenAuth/OAuth2/Messages/AccessTokenAuthorizationCodeRequest.cs
@@ -59,7 +59,7 @@ namespace DotNetOpenAuth.OAuth2.Messages {
/// <summary>
/// Gets or sets the verification code previously communicated to the Client
- /// in <see cref="EndUserAuthorizationSuccessResponse.AuthorizationCode"/>.
+ /// in <see cref="EndUserAuthorizationSuccessResponseBase.AuthorizationCode"/>.
/// </summary>
/// <value>The verification code received from the authorization server.</value>
[MessagePart(Protocol.code, IsRequired = true, AllowEmpty = false)]
diff --git a/src/DotNetOpenAuth/OAuth2/Messages/EndUserAuthorizationFailedResponse.cs b/src/DotNetOpenAuth/OAuth2/Messages/EndUserAuthorizationFailedResponse.cs
index e2f4b37..6cfd715 100644
--- a/src/DotNetOpenAuth/OAuth2/Messages/EndUserAuthorizationFailedResponse.cs
+++ b/src/DotNetOpenAuth/OAuth2/Messages/EndUserAuthorizationFailedResponse.cs
@@ -15,7 +15,7 @@ namespace DotNetOpenAuth.OAuth2.Messages {
internal class EndUserAuthorizationFailedResponse : MessageBase, IMessageWithClientState {
/// <summary>
- /// Initializes a new instance of the <see cref="EndUserAuthorizationSuccessResponse"/> class.
+ /// Initializes a new instance of the <see cref="EndUserAuthorizationSuccessResponseBase"/> class.
/// </summary>
/// <param name="clientCallback">The URL to redirect to so the client receives the message. This may not be built into the request message if the client pre-registered the URL with the authorization server.</param>
/// <param name="version">The protocol version.</param>
diff --git a/src/DotNetOpenAuth/OAuth2/Messages/EndUserAuthorizationSuccessAccessTokenResponse.cs b/src/DotNetOpenAuth/OAuth2/Messages/EndUserAuthorizationSuccessAccessTokenResponse.cs
new file mode 100644
index 0000000..41c7e68
--- /dev/null
+++ b/src/DotNetOpenAuth/OAuth2/Messages/EndUserAuthorizationSuccessAccessTokenResponse.cs
@@ -0,0 +1,64 @@
+//-----------------------------------------------------------------------
+// <copyright file="EndUserAuthorizationSuccessAccessTokenResponse.cs" company="Andrew Arnott">
+// Copyright (c) Andrew Arnott. All rights reserved.
+// </copyright>
+//-----------------------------------------------------------------------
+
+namespace DotNetOpenAuth.OAuth2.Messages {
+ using System;
+ using System.Collections.Generic;
+ using System.Diagnostics.Contracts;
+ using System.Linq;
+ using System.Text;
+
+ using DotNetOpenAuth.Messaging;
+ using DotNetOpenAuth.OAuth2.ChannelElements;
+
+ /// <summary>
+ /// The message sent by the Authorization Server to the Client via the user agent
+ /// to indicate that user authorization was granted, carrying only an access token,
+ /// and to return the user to the Client where they started their experience.
+ /// </summary>
+ internal class EndUserAuthorizationSuccessAccessTokenResponse : EndUserAuthorizationSuccessResponseBase, ITokenCarryingRequest {
+ /// <summary>
+ /// Initializes a new instance of the <see cref="EndUserAuthorizationSuccessAccessTokenResponse"/> class.
+ /// </summary>
+ /// <param name="clientCallback">The URL to redirect to so the client receives the message. This may not be built into the request message if the client pre-registered the URL with the authorization server.</param>
+ /// <param name="version">The protocol version.</param>
+ internal EndUserAuthorizationSuccessAccessTokenResponse(Uri clientCallback, Version version)
+ : base(clientCallback, version) {
+ Contract.Requires<ArgumentNullException>(version != null);
+ Contract.Requires<ArgumentNullException>(clientCallback != null);
+ }
+
+ /// <summary>
+ /// Initializes a new instance of the <see cref="EndUserAuthorizationSuccessAccessTokenResponse"/> class.
+ /// </summary>
+ /// <param name="clientCallback">The URL to redirect to so the client receives the message. This may not be built into the request message if the client pre-registered the URL with the authorization server.</param>
+ /// <param name="request">The authorization request from the user agent on behalf of the client.</param>
+ internal EndUserAuthorizationSuccessAccessTokenResponse(Uri clientCallback, EndUserAuthorizationRequest request)
+ : base(clientCallback, request) {
+ Contract.Requires<ArgumentNullException>(clientCallback != null, "clientCallback");
+ Contract.Requires<ArgumentNullException>(request != null, "request");
+ ((IMessageWithClientState)this).ClientState = request.ClientState;
+ }
+
+ [MessagePart(Protocol.access_token, AllowEmpty = false, IsRequired = true)]
+ internal string AccessToken { get; set; }
+
+ #region ITokenCarryingRequest Members
+
+ string ITokenCarryingRequest.CodeOrToken {
+ get { return this.AccessToken; }
+ set { this.AccessToken = value; }
+ }
+
+ CodeOrTokenType ITokenCarryingRequest.CodeOrTokenType {
+ get { return CodeOrTokenType.AccessToken; }
+ }
+
+ IAuthorizationDescription ITokenCarryingRequest.AuthorizationDescription { get; set; }
+
+ #endregion
+ }
+}
diff --git a/src/DotNetOpenAuth/OAuth2/Messages/EndUserAuthorizationSuccessAuthCodeResponse.cs b/src/DotNetOpenAuth/OAuth2/Messages/EndUserAuthorizationSuccessAuthCodeResponse.cs
new file mode 100644
index 0000000..5ef501b
--- /dev/null
+++ b/src/DotNetOpenAuth/OAuth2/Messages/EndUserAuthorizationSuccessAuthCodeResponse.cs
@@ -0,0 +1,67 @@
+//-----------------------------------------------------------------------
+// <copyright file="EndUserAuthorizationSuccessAuthCodeResponse.cs" company="Andrew Arnott">
+// Copyright (c) Andrew Arnott. All rights reserved.
+// </copyright>
+//-----------------------------------------------------------------------
+
+namespace DotNetOpenAuth.OAuth2.Messages {
+ using System;
+ using System.Collections.Generic;
+ using System.Diagnostics.Contracts;
+ using System.Linq;
+ using System.Text;
+
+ using DotNetOpenAuth.Messaging;
+ using DotNetOpenAuth.OAuth2.ChannelElements;
+
+ /// <summary>
+ /// The message sent by the Authorization Server to the Client via the user agent
+ /// to indicate that user authorization was granted, carrying an authorization code and possibly an access token,
+ /// and to return the user to the Client where they started their experience.
+ /// </summary>
+ internal class EndUserAuthorizationSuccessAuthCodeResponse : EndUserAuthorizationSuccessResponseBase, ITokenCarryingRequest {
+ /// <summary>
+ /// Initializes a new instance of the <see cref="EndUserAuthorizationSuccessAuthCodeResponse"/> class.
+ /// </summary>
+ /// <param name="clientCallback">The URL to redirect to so the client receives the message. This may not be built into the request message if the client pre-registered the URL with the authorization server.</param>
+ /// <param name="version">The protocol version.</param>
+ internal EndUserAuthorizationSuccessAuthCodeResponse(Uri clientCallback, Version version)
+ : base(clientCallback, version) {
+ Contract.Requires<ArgumentNullException>(version != null);
+ Contract.Requires<ArgumentNullException>(clientCallback != null);
+ }
+
+ /// <summary>
+ /// Initializes a new instance of the <see cref="EndUserAuthorizationSuccessAuthCodeResponse"/> class.
+ /// </summary>
+ /// <param name="clientCallback">The URL to redirect to so the client receives the message. This may not be built into the request message if the client pre-registered the URL with the authorization server.</param>
+ /// <param name="request">The authorization request from the user agent on behalf of the client.</param>
+ internal EndUserAuthorizationSuccessAuthCodeResponse(Uri clientCallback, EndUserAuthorizationRequest request)
+ : base(clientCallback, request) {
+ Contract.Requires<ArgumentNullException>(clientCallback != null, "clientCallback");
+ Contract.Requires<ArgumentNullException>(request != null, "request");
+ ((IMessageWithClientState)this).ClientState = request.ClientState;
+ }
+
+ [MessagePart(Protocol.code, AllowEmpty = false, IsRequired = true)]
+ internal string AuthorizationCode { get; set; }
+
+ [MessagePart(Protocol.access_token, AllowEmpty = false, IsRequired = false)]
+ internal string AccessToken { get; set; }
+
+ #region ITokenCarryingRequest Members
+
+ string ITokenCarryingRequest.CodeOrToken {
+ get { return this.AuthorizationCode; }
+ set { this.AuthorizationCode = value; }
+ }
+
+ CodeOrTokenType ITokenCarryingRequest.CodeOrTokenType {
+ get { return CodeOrTokenType.AuthorizationCode; }
+ }
+
+ IAuthorizationDescription ITokenCarryingRequest.AuthorizationDescription { get; set; }
+
+ #endregion
+ }
+}
diff --git a/src/DotNetOpenAuth/OAuth2/Messages/EndUserAuthorizationSuccessResponse.cs b/src/DotNetOpenAuth/OAuth2/Messages/EndUserAuthorizationSuccessResponseBase.cs
index 6d4ce40..d66c2d8 100644
--- a/src/DotNetOpenAuth/OAuth2/Messages/EndUserAuthorizationSuccessResponse.cs
+++ b/src/DotNetOpenAuth/OAuth2/Messages/EndUserAuthorizationSuccessResponseBase.cs
@@ -1,5 +1,5 @@
//-----------------------------------------------------------------------
-// <copyright file="EndUserAuthorizationSuccessResponse.cs" company="Andrew Arnott">
+// <copyright file="EndUserAuthorizationSuccessResponseBase.cs" company="Andrew Arnott">
// Copyright (c) Andrew Arnott. All rights reserved.
// </copyright>
//-----------------------------------------------------------------------
@@ -15,36 +15,30 @@ namespace DotNetOpenAuth.OAuth2.Messages {
/// to indicate that user authorization was granted, and to return the user
/// to the Client where they started their experience.
/// </summary>
- internal class EndUserAuthorizationSuccessResponse : MessageBase, IMessageWithClientState, ITokenCarryingRequest {
+ internal abstract class EndUserAuthorizationSuccessResponseBase : MessageBase, IMessageWithClientState {
/// <summary>
- /// Initializes a new instance of the <see cref="EndUserAuthorizationSuccessResponse"/> class.
+ /// Initializes a new instance of the <see cref="EndUserAuthorizationSuccessResponseBase"/> class.
/// </summary>
/// <param name="clientCallback">The URL to redirect to so the client receives the message. This may not be built into the request message if the client pre-registered the URL with the authorization server.</param>
/// <param name="version">The protocol version.</param>
- internal EndUserAuthorizationSuccessResponse(Uri clientCallback, Version version)
+ internal EndUserAuthorizationSuccessResponseBase(Uri clientCallback, Version version)
: base(version, MessageTransport.Indirect, clientCallback) {
Contract.Requires<ArgumentNullException>(version != null);
Contract.Requires<ArgumentNullException>(clientCallback != null);
}
/// <summary>
- /// Initializes a new instance of the <see cref="EndUserAuthorizationSuccessResponse"/> class.
+ /// Initializes a new instance of the <see cref="EndUserAuthorizationSuccessResponseBase"/> class.
/// </summary>
/// <param name="clientCallback">The URL to redirect to so the client receives the message. This may not be built into the request message if the client pre-registered the URL with the authorization server.</param>
/// <param name="request">The authorization request from the user agent on behalf of the client.</param>
- internal EndUserAuthorizationSuccessResponse(Uri clientCallback, EndUserAuthorizationRequest request)
+ internal EndUserAuthorizationSuccessResponseBase(Uri clientCallback, EndUserAuthorizationRequest request)
: base(request, clientCallback) {
Contract.Requires<ArgumentNullException>(clientCallback != null, "clientCallback");
Contract.Requires<ArgumentNullException>(request != null, "request");
((IMessageWithClientState)this).ClientState = request.ClientState;
}
- [MessagePart(Protocol.code, AllowEmpty = false, IsRequired = true)] // TODO: this isn't required when the access_token part is present.
- internal string AuthorizationCode { get; set; }
-
- [MessagePart(Protocol.access_token, AllowEmpty = false, IsRequired = false)]
- internal string AccessToken { get; set; }
-
/// <summary>
/// Gets or sets some state as provided by the client in the authorization request.
/// </summary>
@@ -63,7 +57,7 @@ namespace DotNetOpenAuth.OAuth2.Messages {
internal TimeSpan? Lifetime { get; set; }
/// <summary>
- /// Gets or sets the scope.
+ /// Gets or sets the scope of the <see cref="AccessToken"/> if one is given; otherwise the scope of the authorization code.
/// </summary>
/// <value>The scope.</value>
[MessagePart(Protocol.scope, IsRequired = false, AllowEmpty = true)]
@@ -73,43 +67,5 @@ namespace DotNetOpenAuth.OAuth2.Messages {
/// Gets or sets the authorizing user's account name.
/// </summary>
internal string AuthorizingUsername { get; set; }
-
- #region ITokenCarryingRequest Members
-
- string ITokenCarryingRequest.CodeOrToken {
- get { return this.AuthorizationCode; }
- set { this.AuthorizationCode = value;}
- }
-
- CodeOrTokenType ITokenCarryingRequest.CodeOrTokenType {
- get { return CodeOrTokenType.AuthorizationCode; }
- }
-
- IAuthorizationDescription ITokenCarryingRequest.AuthorizationDescription { get; set; }
-
- #endregion
-
- /// <summary>
- /// Checks the message state for conformity to the protocol specification
- /// and throws an exception if the message is invalid.
- /// </summary>
- /// <remarks>
- /// <para>Some messages have required fields, or combinations of fields that must relate to each other
- /// in specialized ways. After deserializing a message, this method checks the state of the
- /// message to see if it conforms to the protocol.</para>
- /// <para>Note that this property should <i>not</i> check signatures or perform any state checks
- /// outside this scope of this particular message.</para>
- /// </remarks>
- /// <exception cref="ProtocolException">Thrown if the message is invalid.</exception>
- protected override void EnsureValidMessage()
- {
- base.EnsureValidMessage();
-
- ErrorUtilities.VerifyProtocol(
- !string.IsNullOrEmpty(this.AuthorizationCode) || !string.IsNullOrEmpty(this.AccessToken),
- MessagingStrings.RequiredParametersMissing,
- this.GetType().Name,
- string.Join(", ", new string[] { Protocol.code,Protocol.access_token}));
- }
}
}
diff --git a/src/DotNetOpenAuth/OAuth2/UserAgentClient.cs b/src/DotNetOpenAuth/OAuth2/UserAgentClient.cs
index fc96e77..1a30af0 100644
--- a/src/DotNetOpenAuth/OAuth2/UserAgentClient.cs
+++ b/src/DotNetOpenAuth/OAuth2/UserAgentClient.cs
@@ -23,7 +23,6 @@ namespace DotNetOpenAuth.OAuth2 {
/// </summary>
/// <param name="authorizationServer">The token issuer.</param>
/// <param name="clientIdentifier">The client identifier.</param>
- /// <param name="clientSecret">The client secret.</param>
public UserAgentClient(AuthorizationServerDescription authorizationServer, string clientIdentifier = null)
: base(authorizationServer, clientIdentifier) {
}
@@ -91,26 +90,10 @@ namespace DotNetOpenAuth.OAuth2 {
return null;
}
- EndUserAuthorizationSuccessResponse success;
+ EndUserAuthorizationSuccessAccessTokenResponse success;
EndUserAuthorizationFailedResponse failure;
- if ((success = response as EndUserAuthorizationSuccessResponse) != null) {
- var accessTokenRequest = new AccessTokenAuthorizationCodeRequest(this.AuthorizationServer) {
- ClientIdentifier = this.ClientIdentifier,
- ClientSecret = this.ClientSecret,
- Callback = authorizationState.Callback,
- AuthorizationCode = success.AuthorizationCode,
- };
- IProtocolMessage accessTokenResponse = this.Channel.Request(accessTokenRequest);
- var accessTokenSuccess = accessTokenResponse as AccessTokenSuccessResponse;
- var failedAccessTokenResponse = accessTokenResponse as AccessTokenFailedResponse;
- if (accessTokenSuccess != null) {
- this.UpdateAuthorizationWithResponse(authorizationState, accessTokenSuccess);
- } else if (failedAccessTokenResponse != null) {
- authorizationState.Delete();
- return null;
- } else {
- ErrorUtilities.ThrowProtocol(MessagingStrings.UnexpectedMessageReceivedOfMany);
- }
+ if ((success = response as EndUserAuthorizationSuccessAccessTokenResponse) != null) {
+ this.UpdateAuthorizationWithResponse(authorizationState, success);
} else if ((failure = response as EndUserAuthorizationFailedResponse) != null) {
authorizationState.Delete();
return null;
diff --git a/src/DotNetOpenAuth/OAuth2/WebServerAuthorizationServer.cs b/src/DotNetOpenAuth/OAuth2/WebServerAuthorizationServer.cs
index 2aa96b3..67ea1d6 100644
--- a/src/DotNetOpenAuth/OAuth2/WebServerAuthorizationServer.cs
+++ b/src/DotNetOpenAuth/OAuth2/WebServerAuthorizationServer.cs
@@ -101,16 +101,29 @@ namespace DotNetOpenAuth.OAuth2 {
return response;
}
- internal EndUserAuthorizationSuccessResponse PrepareApproveAuthorizationRequest(EndUserAuthorizationRequest authorizationRequest, Uri callback = null) {
+ internal EndUserAuthorizationSuccessResponseBase PrepareApproveAuthorizationRequest(EndUserAuthorizationRequest authorizationRequest, Uri callback = null) {
Contract.Requires<ArgumentNullException>(authorizationRequest != null, "authorizationRequest");
- Contract.Ensures(Contract.Result<EndUserAuthorizationSuccessResponse>() != null);
+ Contract.Ensures(Contract.Result<EndUserAuthorizationSuccessResponseBase>() != null);
if (callback == null) {
callback = this.GetCallback(authorizationRequest);
}
var client = this.AuthorizationServer.GetClientOrThrow(authorizationRequest.ClientIdentifier);
- var response = new EndUserAuthorizationSuccessResponse(callback, authorizationRequest);
+ EndUserAuthorizationSuccessResponseBase response;
+ switch (authorizationRequest.ResponseType)
+ {
+ case EndUserAuthorizationResponseType.AccessToken:
+ response = new EndUserAuthorizationSuccessAccessTokenResponse(callback, authorizationRequest);
+ break;
+ case EndUserAuthorizationResponseType.Both:
+ case EndUserAuthorizationResponseType.AuthorizationCode:
+ response = new EndUserAuthorizationSuccessAuthCodeResponse(callback, authorizationRequest);
+ break;
+ default:
+ throw ErrorUtilities.ThrowInternal("Unexpected response type.");
+ }
+
return response;
}
diff --git a/src/DotNetOpenAuth/OAuth2/WebServerClient.cs b/src/DotNetOpenAuth/OAuth2/WebServerClient.cs
index e307405..d7116df 100644
--- a/src/DotNetOpenAuth/OAuth2/WebServerClient.cs
+++ b/src/DotNetOpenAuth/OAuth2/WebServerClient.cs
@@ -79,7 +79,7 @@ namespace DotNetOpenAuth.OAuth2 {
if (authorization.Callback == null) {
authorization.Callback = this.Channel.GetRequestFromContext().UrlBeforeRewriting
- .StripMessagePartsFromQueryString(this.Channel.MessageDescriptions.Get(typeof(EndUserAuthorizationSuccessResponse), Protocol.Default.Version))
+ .StripMessagePartsFromQueryString(this.Channel.MessageDescriptions.Get(typeof(EndUserAuthorizationSuccessResponseBase), Protocol.Default.Version))
.StripMessagePartsFromQueryString(this.Channel.MessageDescriptions.Get(typeof(EndUserAuthorizationFailedResponse), Protocol.Default.Version));
authorization.SaveChanges();
}
@@ -116,7 +116,7 @@ namespace DotNetOpenAuth.OAuth2 {
} else {
authorizationState = new AuthorizationState { Callback = callback };
}
- var success = response as EndUserAuthorizationSuccessResponse;
+ var success = response as EndUserAuthorizationSuccessAuthCodeResponse;
var failure = response as EndUserAuthorizationFailedResponse;
ErrorUtilities.VerifyProtocol(success != null || failure != null, MessagingStrings.UnexpectedMessageReceivedOfMany);
if (success != null) {
generated by cgit v1.1 at 2025-05-17 21:19:21 +0000