diff options
| -rw-r--r-- | src/DotNetOpenAuth.OAuth2/DotNetOpenAuth.OAuth2.csproj | 1 | ||||
| -rw-r--r-- | src/DotNetOpenAuth.OAuth2/OAuth2/ClientType.cs | 47 | ||||
| -rw-r--r-- | src/DotNetOpenAuth.OAuth2/OAuth2/IClientDescription.cs | 12 |
3 files changed, 60 insertions, 0 deletions
diff --git a/src/DotNetOpenAuth.OAuth2/DotNetOpenAuth.OAuth2.csproj b/src/DotNetOpenAuth.OAuth2/DotNetOpenAuth.OAuth2.csproj index 2031019..094d005 100644 --- a/src/DotNetOpenAuth.OAuth2/DotNetOpenAuth.OAuth2.csproj +++ b/src/DotNetOpenAuth.OAuth2/DotNetOpenAuth.OAuth2.csproj @@ -36,6 +36,7 @@ <Compile Include="OAuth2\ChannelElements\AuthorizationCode.cs" /> <Compile Include="OAuth2\ChannelElements\AuthorizationCodeBindingElement.cs" /> <Compile Include="OAuth2\ChannelElements\AuthServerAllFlowsBindingElement.cs" /> + <Compile Include="OAuth2\ClientType.cs" /> <Compile Include="OAuth2\IAccessTokenAnalyzer.cs" /> <Compile Include="OAuth2\IAuthorizationServer.cs" /> <Compile Include="OAuth2\IAuthorizationState.cs" /> diff --git a/src/DotNetOpenAuth.OAuth2/OAuth2/ClientType.cs b/src/DotNetOpenAuth.OAuth2/OAuth2/ClientType.cs new file mode 100644 index 0000000..9e8ed2a --- /dev/null +++ b/src/DotNetOpenAuth.OAuth2/OAuth2/ClientType.cs @@ -0,0 +1,47 @@ +//----------------------------------------------------------------------- +// <copyright file="ClientType.cs" company="Outercurve Foundation"> +// Copyright (c) Outercurve Foundation. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- + +namespace DotNetOpenAuth.OAuth2 { + /// <summary> + /// OAuth 2 Client types + /// </summary> + /// <remarks> + /// <para>Based on their ability to + /// authenticate securely with the authorization server (i.e. ability to + /// maintain the confidentiality of their client credentials).</para> + /// <para>The client type designation is based on the authorization server's + /// definition of secure authentication and its acceptable exposure + /// levels of client credentials.</para> + /// <para>The authorization server SHOULD NOT make assumptions about the client + /// type, nor accept the type information provided by the client + /// developer without first establishing trust.</para> + /// <para>A client application consisting of multiple components, each with its + /// own client type (e.g. a distributed client with both a confidential + /// server-based component and a public browser-based component), MUST + /// register each component separately as a different client to ensure + /// proper handling by the authorization server. The authorization + /// server MAY provider tools to manage such complex clients through a + /// single administration interface.</para> + /// </remarks> + public enum ClientType { + /// <summary> + /// Clients capable of maintaining the confidentiality of their + /// credentials (e.g. client implemented on a secure server with + /// restricted access to the client credentials), or capable of secure + /// client authentication using other means. + /// </summary> + Confidential, + + /// <summary> + /// Clients incapable of maintaining the confidentiality of their + /// credentials (e.g. clients executing on the device used by the + /// resource owner such as an installed native application or a web + /// browser-based application), and incapable of secure client + /// authentication via any other means. + /// </summary> + Public, + } +} diff --git a/src/DotNetOpenAuth.OAuth2/OAuth2/IClientDescription.cs b/src/DotNetOpenAuth.OAuth2/OAuth2/IClientDescription.cs index 84eb6b6..d30151b 100644 --- a/src/DotNetOpenAuth.OAuth2/OAuth2/IClientDescription.cs +++ b/src/DotNetOpenAuth.OAuth2/OAuth2/IClientDescription.cs @@ -27,6 +27,11 @@ namespace DotNetOpenAuth.OAuth2 { Uri DefaultCallback { get; } /// <summary> + /// Gets the type of the client. + /// </summary> + ClientType ClientType { get; } + + /// <summary> /// Determines whether a callback URI included in a client's authorization request /// is among those allowed callbacks for the registered client. /// </summary> @@ -69,6 +74,13 @@ namespace DotNetOpenAuth.OAuth2 { } /// <summary> + /// Gets the type of the client. + /// </summary> + ClientType IClientDescription.ClientType { + get { throw new NotImplementedException(); } + } + + /// <summary> /// Gets the callback to use when an individual authorization request /// does not include an explicit callback URI. /// </summary> |