diff options
| -rw-r--r-- | samples/OAuthServiceProvider/OAuth2.ashx.cs | 37 | ||||
| -rw-r--r-- | src/DotNetOpenAuth/OAuthWrap/WebAppAuthorizationServer.cs | 59 |
2 files changed, 65 insertions, 31 deletions
diff --git a/samples/OAuthServiceProvider/OAuth2.ashx.cs b/samples/OAuthServiceProvider/OAuth2.ashx.cs index 9d29772..17586be 100644 --- a/samples/OAuthServiceProvider/OAuth2.ashx.cs +++ b/samples/OAuthServiceProvider/OAuth2.ashx.cs @@ -1,12 +1,12 @@ -using System.Net; -using DotNetOpenAuth.OAuthWrap; -using OAuthServiceProvider.Code; - -namespace OAuthServiceProvider { +namespace OAuthServiceProvider { using System; using System.Collections.Generic; using System.Linq; + using System.Net; using System.Web; + using Code; + using DotNetOpenAuth.Messaging; + using DotNetOpenAuth.OAuthWrap; /// <summary> /// Summary description for OAuth2 @@ -17,19 +17,24 @@ namespace OAuthServiceProvider { /// </summary> /// <param name="context">An <see cref="T:System.Web.HttpContext"/> object that provides references to the intrinsic server objects (for example, Request, Response, Session, and Server) used to service HTTP requests.</param> public void ProcessRequest(HttpContext context) { - var request = Global.AuthorizationServer.ReadAuthorizationRequest(); - if (request == null) { - throw new HttpException((int)HttpStatusCode.BadRequest, "Missing authorization request."); - } + IDirectResponseProtocolMessage response; + if (Global.AuthorizationServer.TryPrepareAccessTokenResponse(out response)) { + Global.AuthorizationServer.Channel.Send(response); + } else { + var request = Global.AuthorizationServer.ReadAuthorizationRequest(); + if (request == null) { + throw new HttpException((int)HttpStatusCode.BadRequest, "Missing authorization request."); + } - // This sample doesn't implement support for immediate mode. - if (!request.IsUserInteractionAllowed) { - Global.AuthorizationServer.RejectAuthorizationRequest(request); - } + // This sample doesn't implement support for immediate mode. + if (!request.IsUserInteractionAllowed) { + Global.AuthorizationServer.RejectAuthorizationRequest(request); + } - // Redirect the user to a page that requires the user to be logged in. - Global.PendingOAuth2Authorization = request; - context.Response.Redirect("~/Members/Authorize2.aspx"); + // Redirect the user to a page that requires the user to be logged in. + Global.PendingOAuth2Authorization = request; + context.Response.Redirect("~/Members/Authorize2.aspx"); + } } /// <summary> diff --git a/src/DotNetOpenAuth/OAuthWrap/WebAppAuthorizationServer.cs b/src/DotNetOpenAuth/OAuthWrap/WebAppAuthorizationServer.cs index ddff08a..5959f1d 100644 --- a/src/DotNetOpenAuth/OAuthWrap/WebAppAuthorizationServer.cs +++ b/src/DotNetOpenAuth/OAuthWrap/WebAppAuthorizationServer.cs @@ -27,24 +27,14 @@ namespace DotNetOpenAuth.OAuthWrap { /// Reads in a client's request for the Authorization Server to obtain permission from /// the user to authorize the Client's access of some protected resource(s). /// </summary> - /// <returns>The incoming request, or null if no OAuth message was attached.</returns> - /// <exception cref="ProtocolException">Thrown if an unexpected OAuth message is attached to the incoming request.</exception> - /// <remarks> - /// Requires HttpContext.Current. - /// </remarks> - public WebAppRequest ReadAuthorizationRequest() { - return this.ReadAuthorizationRequest(this.Channel.GetRequestFromContext()); - } - - /// <summary> - /// Reads in a client's request for the Authorization Server to obtain permission from - /// the user to authorize the Client's access of some protected resource(s). - /// </summary> /// <param name="request">The HTTP request to read from.</param> /// <returns>The incoming request, or null if no OAuth message was attached.</returns> /// <exception cref="ProtocolException">Thrown if an unexpected OAuth message is attached to the incoming request.</exception> - public WebAppRequest ReadAuthorizationRequest(HttpRequestInfo request) { - Contract.Requires<ArgumentNullException>(request != null); + public WebAppRequest ReadAuthorizationRequest(HttpRequestInfo request = null) { + if (request == null) { + request = this.Channel.GetRequestFromContext(); + } + WebAppRequest message; this.Channel.TryReadFromRequest(request, out message); return message; @@ -66,6 +56,27 @@ namespace DotNetOpenAuth.OAuthWrap { this.Channel.Send(response); } + public bool TryPrepareAccessTokenResponse(out IDirectResponseProtocolMessage response) + { + return this.TryPrepareAccessTokenResponse(this.Channel.GetRequestFromContext(), out response); + } + + + public bool TryPrepareAccessTokenResponse(HttpRequestInfo httpRequestInfo, out IDirectResponseProtocolMessage response) + { + Contract.Requires<ArgumentNullException>(httpRequestInfo != null, "httpRequestInfo"); + + var request = ReadAccessTokenRequest(httpRequestInfo); + if (request != null) + { + response = PrepareAccessTokenResponse(request); + return true; + } + + response = null; + return false; + } + internal WebAppFailedResponse PrepareRejectAuthorizationRequest(WebAppRequest authorizationRequest, Uri callback = null) { Contract.Requires<ArgumentNullException>(authorizationRequest != null, "authorizationRequest"); Contract.Ensures(Contract.Result<OutgoingWebResponse>() != null); @@ -94,6 +105,24 @@ namespace DotNetOpenAuth.OAuthWrap { return response; } + internal WebAppAccessTokenRequest ReadAccessTokenRequest(HttpRequestInfo requestInfo = null) { + if (requestInfo == null) { + requestInfo = this.Channel.GetRequestFromContext(); + } + + WebAppAccessTokenRequest request; + this.Channel.TryReadFromRequest(requestInfo, out request); + return request; + } + + internal AccessTokenSuccessResponse PrepareAccessTokenResponse(WebAppAccessTokenRequest request) { + Contract.Requires<ArgumentNullException>(request != null, "request"); + var response = new AccessTokenSuccessResponse(request) { + // TODO: code here to initialize the response + }; + return response; + } + protected Uri GetCallback(WebAppRequest authorizationRequest) { Contract.Requires<ArgumentNullException>(authorizationRequest != null, "authorizationRequest"); Contract.Ensures(Contract.Result<Uri>() != null); |