diff options
26 files changed, 168 insertions, 542 deletions
diff --git a/samples/OAuthAuthorizationServer/Controllers/AccountController.cs b/samples/OAuthAuthorizationServer/Controllers/AccountController.cs index a62258b..1361376 100644 --- a/samples/OAuthAuthorizationServer/Controllers/AccountController.cs +++ b/samples/OAuthAuthorizationServer/Controllers/AccountController.cs @@ -1,28 +1,23 @@ -using System; -using System.Collections.Generic; -using System.Diagnostics.CodeAnalysis; -using System.Linq; -using System.Security.Principal; -using System.Web; -using System.Web.Mvc; -using System.Web.Routing; -using System.Web.Security; -using OAuthAuthorizationServer.Models; +namespace OAuthAuthorizationServer.Controllers { + using System; + using System.Collections.Generic; + using System.Diagnostics.CodeAnalysis; + using System.Linq; + using System.Security.Principal; + using System.Web; + using System.Web.Mvc; + using System.Web.Routing; + using System.Web.Security; -namespace OAuthAuthorizationServer.Controllers { + using DotNetOpenAuth.OpenId; + using DotNetOpenAuth.OpenId.RelyingParty; - [HandleError] - public class AccountController : Controller { - - public IFormsAuthenticationService FormsService { get; set; } - public IMembershipService MembershipService { get; set; } + using OAuthAuthorizationServer.Models; - protected override void Initialize(RequestContext requestContext) { - if (FormsService == null) { FormsService = new FormsAuthenticationService(); } - if (MembershipService == null) { MembershipService = new AccountMembershipService(); } + using DotNetOpenAuth.Messaging; - base.Initialize(requestContext); - } + [HandleError] + public class AccountController : Controller { // ************************************** // URL: /Account/LogOn @@ -35,15 +30,13 @@ namespace OAuthAuthorizationServer.Controllers { [HttpPost] public ActionResult LogOn(LogOnModel model, string returnUrl) { if (ModelState.IsValid) { - if (MembershipService.ValidateUser(model.UserName, model.Password)) { - FormsService.SignIn(model.UserName, model.RememberMe); - if (!String.IsNullOrEmpty(returnUrl)) { - return Redirect(returnUrl); - } else { - return RedirectToAction("Index", "Home"); - } + var rp = new OpenIdRelyingParty(); + var request = rp.CreateRequest(model.UserSuppliedIdentifier, Realm.AutoDetect, new Uri(Request.Url, Url.Action("Authenticate"))); + if (request != null) { + request.AddCallbackArguments("returnUrl", returnUrl); + return request.RedirectingResponse.AsActionResult(); } else { - ModelState.AddModelError("", "The user name or password provided is incorrect."); + ModelState.AddModelError("", "The identifier you supplied is not recognized as a valid OpenID Identifier."); } } @@ -51,77 +44,31 @@ namespace OAuthAuthorizationServer.Controllers { return View(model); } - // ************************************** - // URL: /Account/LogOff - // ************************************** - - public ActionResult LogOff() { - FormsService.SignOut(); - - return RedirectToAction("Index", "Home"); - } - - // ************************************** - // URL: /Account/Register - // ************************************** - - public ActionResult Register() { - ViewData["PasswordLength"] = MembershipService.MinPasswordLength; - return View(); - } - - [HttpPost] - public ActionResult Register(RegisterModel model) { - if (ModelState.IsValid) { - // Attempt to register the user - MembershipCreateStatus createStatus = MembershipService.CreateUser(model.UserName, model.Password, model.Email); - - if (createStatus == MembershipCreateStatus.Success) { - FormsService.SignIn(model.UserName, false /* createPersistentCookie */); - return RedirectToAction("Index", "Home"); - } else { - ModelState.AddModelError("", AccountValidation.ErrorCodeToString(createStatus)); + public ActionResult Authenticate(string returnUrl) { + var rp = new OpenIdRelyingParty(); + var response = rp.GetResponse(); + if (response != null) { + switch (response.Status) { + case AuthenticationStatus.Authenticated: + FormsAuthentication.SetAuthCookie(response.ClaimedIdentifier, false); + return this.Redirect(returnUrl); + default: + ModelState.AddModelError("", "An error occurred during login."); + break; } } - // If we got this far, something failed, redisplay form - ViewData["PasswordLength"] = MembershipService.MinPasswordLength; - return View(model); + return this.View("LogOn"); } // ************************************** - // URL: /Account/ChangePassword + // URL: /Account/LogOff // ************************************** - [Authorize] - public ActionResult ChangePassword() { - ViewData["PasswordLength"] = MembershipService.MinPasswordLength; - return View(); - } - - [Authorize] - [HttpPost] - public ActionResult ChangePassword(ChangePasswordModel model) { - if (ModelState.IsValid) { - if (MembershipService.ChangePassword(User.Identity.Name, model.OldPassword, model.NewPassword)) { - return RedirectToAction("ChangePasswordSuccess"); - } else { - ModelState.AddModelError("", "The current password is incorrect or the new password is invalid."); - } - } - - // If we got this far, something failed, redisplay form - ViewData["PasswordLength"] = MembershipService.MinPasswordLength; - return View(model); - } - - // ************************************** - // URL: /Account/ChangePasswordSuccess - // ************************************** + public ActionResult LogOff() { + FormsAuthentication.SignOut(); - public ActionResult ChangePasswordSuccess() { - return View(); + return RedirectToAction("Index", "Home"); } - } } diff --git a/samples/OAuthAuthorizationServer/Controllers/HomeController.cs b/samples/OAuthAuthorizationServer/Controllers/HomeController.cs index 1f13092..5a6a8d3 100644 --- a/samples/OAuthAuthorizationServer/Controllers/HomeController.cs +++ b/samples/OAuthAuthorizationServer/Controllers/HomeController.cs @@ -14,8 +14,6 @@ namespace OAuthAuthorizationServer.Controllers { [HandleError] public class HomeController : Controller { public ActionResult Index() { - ViewData["Message"] = "Welcome to ASP.NET MVC!"; - return View(); } diff --git a/samples/OAuthAuthorizationServer/Controllers/OAuthController.cs b/samples/OAuthAuthorizationServer/Controllers/OAuthController.cs index 1c1aeb5..98fac04 100644 --- a/samples/OAuthAuthorizationServer/Controllers/OAuthController.cs +++ b/samples/OAuthAuthorizationServer/Controllers/OAuthController.cs @@ -73,8 +73,7 @@ [Authorize, HttpPost, ValidateAntiForgeryToken] public ActionResult AuthorizeResponse(bool isApproved) { - var getRequest = new HttpRequestInfo("GET", this.Request.Url, this.Request.RawUrl, new WebHeaderCollection(), null); - var pendingRequest = authorizationServer.ReadAuthorizationRequest(getRequest); + var pendingRequest = authorizationServer.ReadAuthorizationRequest(); if (pendingRequest == null) { throw new HttpException((int)HttpStatusCode.BadRequest, "Missing authorization request."); } diff --git a/samples/OAuthAuthorizationServer/Models/AccountModels.cs b/samples/OAuthAuthorizationServer/Models/AccountModels.cs index 3ab3c56..32deb0b 100644 --- a/samples/OAuthAuthorizationServer/Models/AccountModels.cs +++ b/samples/OAuthAuthorizationServer/Models/AccountModels.cs @@ -1,248 +1,13 @@ -using System; -using System.Collections.Generic; -using System.ComponentModel; -using System.ComponentModel.DataAnnotations; -using System.Globalization; -using System.Linq; -using System.Web; -using System.Web.Mvc; -using System.Web.Security; - -namespace OAuthAuthorizationServer.Models { - - #region Models - [PropertiesMustMatch("NewPassword", "ConfirmPassword", ErrorMessage = "The new password and confirmation password do not match.")] - public class ChangePasswordModel { - [Required] - [DataType(DataType.Password)] - [DisplayName("Current password")] - public string OldPassword { get; set; } - - [Required] - [ValidatePasswordLength] - [DataType(DataType.Password)] - [DisplayName("New password")] - public string NewPassword { get; set; } - - [Required] - [DataType(DataType.Password)] - [DisplayName("Confirm new password")] - public string ConfirmPassword { get; set; } - } +namespace OAuthAuthorizationServer.Models { + using System.ComponentModel; + using System.ComponentModel.DataAnnotations; public class LogOnModel { [Required] - [DisplayName("User name")] - public string UserName { get; set; } - - [Required] - [DataType(DataType.Password)] - [DisplayName("Password")] - public string Password { get; set; } + [DisplayName("OpenID")] + public string UserSuppliedIdentifier { get; set; } [DisplayName("Remember me?")] public bool RememberMe { get; set; } } - - [PropertiesMustMatch("Password", "ConfirmPassword", ErrorMessage = "The password and confirmation password do not match.")] - public class RegisterModel { - [Required] - [DisplayName("User name")] - public string UserName { get; set; } - - [Required] - [DataType(DataType.EmailAddress)] - [DisplayName("Email address")] - public string Email { get; set; } - - [Required] - [ValidatePasswordLength] - [DataType(DataType.Password)] - [DisplayName("Password")] - public string Password { get; set; } - - [Required] - [DataType(DataType.Password)] - [DisplayName("Confirm password")] - public string ConfirmPassword { get; set; } - } - #endregion - - #region Services - // The FormsAuthentication type is sealed and contains static members, so it is difficult to - // unit test code that calls its members. The interface and helper class below demonstrate - // how to create an abstract wrapper around such a type in order to make the AccountController - // code unit testable. - - public interface IMembershipService { - int MinPasswordLength { get; } - - bool ValidateUser(string userName, string password); - MembershipCreateStatus CreateUser(string userName, string password, string email); - bool ChangePassword(string userName, string oldPassword, string newPassword); - } - - public class AccountMembershipService : IMembershipService { - private readonly MembershipProvider _provider; - - public AccountMembershipService() - : this(null) { - } - - public AccountMembershipService(MembershipProvider provider) { - _provider = provider ?? Membership.Provider; - } - - public int MinPasswordLength { - get { - return _provider.MinRequiredPasswordLength; - } - } - - public bool ValidateUser(string userName, string password) { - if (String.IsNullOrEmpty(userName)) throw new ArgumentException("Value cannot be null or empty.", "userName"); - if (String.IsNullOrEmpty(password)) throw new ArgumentException("Value cannot be null or empty.", "password"); - - return _provider.ValidateUser(userName, password); - } - - public MembershipCreateStatus CreateUser(string userName, string password, string email) { - if (String.IsNullOrEmpty(userName)) throw new ArgumentException("Value cannot be null or empty.", "userName"); - if (String.IsNullOrEmpty(password)) throw new ArgumentException("Value cannot be null or empty.", "password"); - if (String.IsNullOrEmpty(email)) throw new ArgumentException("Value cannot be null or empty.", "email"); - - MembershipCreateStatus status; - _provider.CreateUser(userName, password, email, null, null, true, null, out status); - return status; - } - - public bool ChangePassword(string userName, string oldPassword, string newPassword) { - if (String.IsNullOrEmpty(userName)) throw new ArgumentException("Value cannot be null or empty.", "userName"); - if (String.IsNullOrEmpty(oldPassword)) throw new ArgumentException("Value cannot be null or empty.", "oldPassword"); - if (String.IsNullOrEmpty(newPassword)) throw new ArgumentException("Value cannot be null or empty.", "newPassword"); - - // The underlying ChangePassword() will throw an exception rather - // than return false in certain failure scenarios. - try { - MembershipUser currentUser = _provider.GetUser(userName, true /* userIsOnline */); - return currentUser.ChangePassword(oldPassword, newPassword); - } catch (ArgumentException) { - return false; - } catch (MembershipPasswordException) { - return false; - } - } - } - - public interface IFormsAuthenticationService { - void SignIn(string userName, bool createPersistentCookie); - void SignOut(); - } - - public class FormsAuthenticationService : IFormsAuthenticationService { - public void SignIn(string userName, bool createPersistentCookie) { - if (String.IsNullOrEmpty(userName)) throw new ArgumentException("Value cannot be null or empty.", "userName"); - - FormsAuthentication.SetAuthCookie(userName, createPersistentCookie); - } - - public void SignOut() { - FormsAuthentication.SignOut(); - } - } - #endregion - - #region Validation - public static class AccountValidation { - public static string ErrorCodeToString(MembershipCreateStatus createStatus) { - // See http://go.microsoft.com/fwlink/?LinkID=177550 for - // a full list of status codes. - switch (createStatus) { - case MembershipCreateStatus.DuplicateUserName: - return "Username already exists. Please enter a different user name."; - - case MembershipCreateStatus.DuplicateEmail: - return "A username for that e-mail address already exists. Please enter a different e-mail address."; - - case MembershipCreateStatus.InvalidPassword: - return "The password provided is invalid. Please enter a valid password value."; - - case MembershipCreateStatus.InvalidEmail: - return "The e-mail address provided is invalid. Please check the value and try again."; - - case MembershipCreateStatus.InvalidAnswer: - return "The password retrieval answer provided is invalid. Please check the value and try again."; - - case MembershipCreateStatus.InvalidQuestion: - return "The password retrieval question provided is invalid. Please check the value and try again."; - - case MembershipCreateStatus.InvalidUserName: - return "The user name provided is invalid. Please check the value and try again."; - - case MembershipCreateStatus.ProviderError: - return "The authentication provider returned an error. Please verify your entry and try again. If the problem persists, please contact your system administrator."; - - case MembershipCreateStatus.UserRejected: - return "The user creation request has been canceled. Please verify your entry and try again. If the problem persists, please contact your system administrator."; - - default: - return "An unknown error occurred. Please verify your entry and try again. If the problem persists, please contact your system administrator."; - } - } - } - - [AttributeUsage(AttributeTargets.Class, AllowMultiple = true, Inherited = true)] - public sealed class PropertiesMustMatchAttribute : ValidationAttribute { - private const string _defaultErrorMessage = "'{0}' and '{1}' do not match."; - private readonly object _typeId = new object(); - - public PropertiesMustMatchAttribute(string originalProperty, string confirmProperty) - : base(_defaultErrorMessage) { - OriginalProperty = originalProperty; - ConfirmProperty = confirmProperty; - } - - public string ConfirmProperty { get; private set; } - public string OriginalProperty { get; private set; } - - public override object TypeId { - get { - return _typeId; - } - } - - public override string FormatErrorMessage(string name) { - return String.Format(CultureInfo.CurrentUICulture, ErrorMessageString, - OriginalProperty, ConfirmProperty); - } - - public override bool IsValid(object value) { - PropertyDescriptorCollection properties = TypeDescriptor.GetProperties(value); - object originalValue = properties.Find(OriginalProperty, true /* ignoreCase */).GetValue(value); - object confirmValue = properties.Find(ConfirmProperty, true /* ignoreCase */).GetValue(value); - return Object.Equals(originalValue, confirmValue); - } - } - - [AttributeUsage(AttributeTargets.Field | AttributeTargets.Property, AllowMultiple = false, Inherited = true)] - public sealed class ValidatePasswordLengthAttribute : ValidationAttribute { - private const string _defaultErrorMessage = "'{0}' must be at least {1} characters long."; - private readonly int _minCharacters = Membership.Provider.MinRequiredPasswordLength; - - public ValidatePasswordLengthAttribute() - : base(_defaultErrorMessage) { - } - - public override string FormatErrorMessage(string name) { - return String.Format(CultureInfo.CurrentUICulture, ErrorMessageString, - name, _minCharacters); - } - - public override bool IsValid(object value) { - string valueAsString = value as string; - return (valueAsString != null && valueAsString.Length >= _minCharacters); - } - } - #endregion - } diff --git a/samples/OAuthAuthorizationServer/OAuthAuthorizationServer.csproj b/samples/OAuthAuthorizationServer/OAuthAuthorizationServer.csproj index 687aa23..d4b85c2 100644 --- a/samples/OAuthAuthorizationServer/OAuthAuthorizationServer.csproj +++ b/samples/OAuthAuthorizationServer/OAuthAuthorizationServer.csproj @@ -111,10 +111,7 @@ <Content Include="Scripts\MicrosoftMvcAjax.debug.js" /> <Content Include="Scripts\MicrosoftMvcValidation.js" /> <Content Include="Scripts\MicrosoftMvcValidation.debug.js" /> - <Content Include="Views\Account\ChangePassword.aspx" /> - <Content Include="Views\Account\ChangePasswordSuccess.aspx" /> <Content Include="Views\Account\LogOn.aspx" /> - <Content Include="Views\Account\Register.aspx" /> <Content Include="Views\Home\About.aspx" /> <Content Include="Views\Home\Index.aspx" /> <Content Include="Views\Shared\Error.aspx" /> diff --git a/samples/OAuthAuthorizationServer/Views/Account/ChangePassword.aspx b/samples/OAuthAuthorizationServer/Views/Account/ChangePassword.aspx deleted file mode 100644 index 622217f..0000000 --- a/samples/OAuthAuthorizationServer/Views/Account/ChangePassword.aspx +++ /dev/null @@ -1,52 +0,0 @@ -<%@ Page Language="C#" MasterPageFile="~/Views/Shared/Site.Master" Inherits="System.Web.Mvc.ViewPage<OAuthAuthorizationServer.Models.ChangePasswordModel>" %> - -<asp:Content ID="changePasswordTitle" ContentPlaceHolderID="TitleContent" runat="server"> - Change Password -</asp:Content> - -<asp:Content ID="changePasswordContent" ContentPlaceHolderID="MainContent" runat="server"> - <h2>Change Password</h2> - <p> - Use the form below to change your password. - </p> - <p> - New passwords are required to be a minimum of <%: ViewData["PasswordLength"] %> characters in length. - </p> - - <% using (Html.BeginForm()) { %> - <%: Html.ValidationSummary(true, "Password change was unsuccessful. Please correct the errors and try again.") %> - <div> - <fieldset> - <legend>Account Information</legend> - - <div class="editor-label"> - <%: Html.LabelFor(m => m.OldPassword) %> - </div> - <div class="editor-field"> - <%: Html.PasswordFor(m => m.OldPassword) %> - <%: Html.ValidationMessageFor(m => m.OldPassword) %> - </div> - - <div class="editor-label"> - <%: Html.LabelFor(m => m.NewPassword) %> - </div> - <div class="editor-field"> - <%: Html.PasswordFor(m => m.NewPassword) %> - <%: Html.ValidationMessageFor(m => m.NewPassword) %> - </div> - - <div class="editor-label"> - <%: Html.LabelFor(m => m.ConfirmPassword) %> - </div> - <div class="editor-field"> - <%: Html.PasswordFor(m => m.ConfirmPassword) %> - <%: Html.ValidationMessageFor(m => m.ConfirmPassword) %> - </div> - - <p> - <input type="submit" value="Change Password" /> - </p> - </fieldset> - </div> - <% } %> -</asp:Content> diff --git a/samples/OAuthAuthorizationServer/Views/Account/ChangePasswordSuccess.aspx b/samples/OAuthAuthorizationServer/Views/Account/ChangePasswordSuccess.aspx deleted file mode 100644 index ec42f7b..0000000 --- a/samples/OAuthAuthorizationServer/Views/Account/ChangePasswordSuccess.aspx +++ /dev/null @@ -1,12 +0,0 @@ -<%@Language="C#" MasterPageFile="~/Views/Shared/Site.Master" Inherits="System.Web.Mvc.ViewPage" %> - -<asp:Content ID="changePasswordTitle" ContentPlaceHolderID="TitleContent" runat="server"> - Change Password -</asp:Content> - -<asp:Content ID="changePasswordSuccessContent" ContentPlaceHolderID="MainContent" runat="server"> - <h2>Change Password</h2> - <p> - Your password has been changed successfully. - </p> -</asp:Content> diff --git a/samples/OAuthAuthorizationServer/Views/Account/LogOn.aspx b/samples/OAuthAuthorizationServer/Views/Account/LogOn.aspx index 84e54a5..e83a162 100644 --- a/samples/OAuthAuthorizationServer/Views/Account/LogOn.aspx +++ b/samples/OAuthAuthorizationServer/Views/Account/LogOn.aspx @@ -1,46 +1,31 @@ <%@ Page Language="C#" MasterPageFile="~/Views/Shared/Site.Master" Inherits="System.Web.Mvc.ViewPage<OAuthAuthorizationServer.Models.LogOnModel>" %> <asp:Content ID="loginTitle" ContentPlaceHolderID="TitleContent" runat="server"> - Log On + Log On </asp:Content> - <asp:Content ID="loginContent" ContentPlaceHolderID="MainContent" runat="server"> - <h2>Log On</h2> - <p> - Please enter your username and password. <%: Html.ActionLink("Register", "Register") %> if you don't have an account. - </p> - - <% using (Html.BeginForm()) { %> - <%: Html.ValidationSummary(true, "Login was unsuccessful. Please correct the errors and try again.") %> - <div> - <fieldset> - <legend>Account Information</legend> - - <div class="editor-label"> - <%: Html.LabelFor(m => m.UserName) %> - </div> - <div class="editor-field"> - <%: Html.TextBoxFor(m => m.UserName) %> - <%: Html.ValidationMessageFor(m => m.UserName) %> - </div> - - <div class="editor-label"> - <%: Html.LabelFor(m => m.Password) %> - </div> - <div class="editor-field"> - <%: Html.PasswordFor(m => m.Password) %> - <%: Html.ValidationMessageFor(m => m.Password) %> - </div> - - <div class="editor-label"> - <%: Html.CheckBoxFor(m => m.RememberMe) %> - <%: Html.LabelFor(m => m.RememberMe) %> - </div> - - <p> - <input type="submit" value="Log On" /> - </p> - </fieldset> - </div> - <% } %> + <h2> + Log On</h2> + <% using (Html.BeginForm()) { %> + <%: Html.ValidationSummary(true, "Login was unsuccessful. Please correct the errors and try again.") %> + <div> + <fieldset> + <legend>Account Information</legend> + <div class="editor-label"> + <%: Html.LabelFor(m => m.UserSuppliedIdentifier) %> + </div> + <div class="editor-field"> + <%: Html.TextBoxFor(m => m.UserSuppliedIdentifier) %> + <%: Html.ValidationMessageFor(m => m.UserSuppliedIdentifier) %> + </div> + <div class="editor-label"> + <%: Html.CheckBoxFor(m => m.RememberMe) %> + <%: Html.LabelFor(m => m.RememberMe) %> + </div> + <p> + <input type="submit" value="Log On" /> + </p> + </fieldset> + </div> + <% } %> </asp:Content> diff --git a/samples/OAuthAuthorizationServer/Views/Account/Register.aspx b/samples/OAuthAuthorizationServer/Views/Account/Register.aspx deleted file mode 100644 index b26ed56..0000000 --- a/samples/OAuthAuthorizationServer/Views/Account/Register.aspx +++ /dev/null @@ -1,60 +0,0 @@ -<%@ Page Language="C#" MasterPageFile="~/Views/Shared/Site.Master" Inherits="System.Web.Mvc.ViewPage<OAuthAuthorizationServer.Models.RegisterModel>" %> - -<asp:Content ID="registerTitle" ContentPlaceHolderID="TitleContent" runat="server"> - Register -</asp:Content> - -<asp:Content ID="registerContent" ContentPlaceHolderID="MainContent" runat="server"> - <h2>Create a New Account</h2> - <p> - Use the form below to create a new account. - </p> - <p> - Passwords are required to be a minimum of <%: ViewData["PasswordLength"] %> characters in length. - </p> - - <% using (Html.BeginForm()) { %> - <%: Html.ValidationSummary(true, "Account creation was unsuccessful. Please correct the errors and try again.") %> - <div> - <fieldset> - <legend>Account Information</legend> - - <div class="editor-label"> - <%: Html.LabelFor(m => m.UserName) %> - </div> - <div class="editor-field"> - <%: Html.TextBoxFor(m => m.UserName) %> - <%: Html.ValidationMessageFor(m => m.UserName) %> - </div> - - <div class="editor-label"> - <%: Html.LabelFor(m => m.Email) %> - </div> - <div class="editor-field"> - <%: Html.TextBoxFor(m => m.Email) %> - <%: Html.ValidationMessageFor(m => m.Email) %> - </div> - - <div class="editor-label"> - <%: Html.LabelFor(m => m.Password) %> - </div> - <div class="editor-field"> - <%: Html.PasswordFor(m => m.Password) %> - <%: Html.ValidationMessageFor(m => m.Password) %> - </div> - - <div class="editor-label"> - <%: Html.LabelFor(m => m.ConfirmPassword) %> - </div> - <div class="editor-field"> - <%: Html.PasswordFor(m => m.ConfirmPassword) %> - <%: Html.ValidationMessageFor(m => m.ConfirmPassword) %> - </div> - - <p> - <input type="submit" value="Register" /> - </p> - </fieldset> - </div> - <% } %> -</asp:Content> diff --git a/samples/OAuthAuthorizationServer/Views/Home/Index.aspx b/samples/OAuthAuthorizationServer/Views/Home/Index.aspx index 443ae8e..b4b1235 100644 --- a/samples/OAuthAuthorizationServer/Views/Home/Index.aspx +++ b/samples/OAuthAuthorizationServer/Views/Home/Index.aspx @@ -5,14 +5,14 @@ </asp:Content> <asp:Content ID="Content2" ContentPlaceHolderID="MainContent" runat="server"> <h2> - <%: ViewData["Message"] %></h2> + DotNetOpenAuth presents the OAuth 2.0 Authorization Server! + </h2> <p> - To learn more about ASP.NET MVC visit <a href="http://asp.net/mvc" title="ASP.NET MVC Website"> - http://asp.net/mvc</a>. + To learn more about DotNetOpenAuth visit <a href="http://www.DotNetOpenAuth.net/" + title="DotNetOpenAuth web site">http://www.DotNetOpenAuth.net/</a>. </p> - <% using (Html.BeginForm("CreateDatabase", "Home")) - {%> - <input type="submit" value="(Re)Create Database" /> + <% using (Html.BeginForm("CreateDatabase", "Home")) {%> + <input type="submit" value="(Re)Create Database" /> <% - }%> + }%> </asp:Content> diff --git a/samples/OAuthAuthorizationServer/Views/Shared/Site.Master b/samples/OAuthAuthorizationServer/Views/Shared/Site.Master index 0f4ef9e..43f68e1 100644 --- a/samples/OAuthAuthorizationServer/Views/Shared/Site.Master +++ b/samples/OAuthAuthorizationServer/Views/Shared/Site.Master @@ -12,7 +12,7 @@ <div id="header"> <div id="title"> - <h1>My MVC Application</h1> + <h1>DotNetOpenAuth OAuth 2.0 Authorization Server</h1> </div> <div id="logindisplay"> diff --git a/samples/OAuthAuthorizationServer/Web.config b/samples/OAuthAuthorizationServer/Web.config index e83c11e..c2c9ec1 100644 --- a/samples/OAuthAuthorizationServer/Web.config +++ b/samples/OAuthAuthorizationServer/Web.config @@ -6,7 +6,58 @@ --> <configuration> - <connectionStrings> + <configSections> + <section name="uri" type="System.Configuration.UriSection, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"/> + <section name="log4net" type="log4net.Config.Log4NetConfigurationSectionHandler" requirePermission="false"/> + <section name="dotNetOpenAuth" type="DotNetOpenAuth.Configuration.DotNetOpenAuthSection" requirePermission="false" allowLocation="true"/> + </configSections> + + <!-- The uri section is necessary to turn on .NET 3.5 support for IDN (international domain names), + which is necessary for OpenID urls with unicode characters in the domain/host name. + It is also required to put the Uri class into RFC 3986 escaping mode, which OpenID and OAuth require. --> + <uri> + <idn enabled="All"/> + <iriParsing enabled="true"/> + </uri> + + <system.net> + <defaultProxy enabled="true" /> + <settings> + <!-- This setting causes .NET to check certificate revocation lists (CRL) + before trusting HTTPS certificates. But this setting tends to not + be allowed in shared hosting environments. --> + <!--<servicePointManager checkCertificateRevocationList="true"/>--> + </settings> + </system.net> + + <!-- this is an optional configuration section where aspects of dotnetopenauth can be customized --> + <dotNetOpenAuth> + <!-- Allow DotNetOpenAuth to publish usage statistics to library authors to improve the library. --> + <reporting enabled="true" /> + + <!-- Relaxing SSL requirements is useful for simple samples, but NOT a good idea in production. --> + <messaging relaxSslRequirements="true" /> + </dotNetOpenAuth> + + <log4net> + <appender name="TracePageAppender" type="OAuthResourceServer.Code.TracePageAppender, OAuthResourceServer"> + <layout type="log4net.Layout.PatternLayout"> + <conversionPattern value="%date (GMT%date{%z}) [%thread] %-5level %logger - %message%newline"/> + </layout> + </appender> + <!-- Setup the root category, add the appenders and set the default level --> + <root> + <level value="INFO"/> + <!--<appender-ref ref="RollingFileAppender" />--> + <appender-ref ref="TracePageAppender"/> + </root> + <!-- Specify the level for some specific categories --> + <logger name="DotNetOpenAuth"> + <level value="ALL"/> + </logger> + </log4net> + + <connectionStrings> <add name="DatabaseConnectionString" connectionString="Data Source=.\SQLEXPRESS;AttachDbFilename=|DataDirectory|\Database.mdf;Integrated Security=True;User Instance=True" providerName="System.Data.SqlClient" /> </connectionStrings> diff --git a/samples/OAuthClient/MasterPage.master b/samples/OAuthClient/MasterPage.master index 0044208..4f23a05 100644 --- a/samples/OAuthClient/MasterPage.master +++ b/samples/OAuthClient/MasterPage.master @@ -8,12 +8,12 @@ <html xmlns="http://www.w3.org/1999/xhtml"> <head runat="server"> - <title>DotNetOpenAuth Consumer sample</title> + <title>DotNetOpenAuth OAuth 2.0 Client sample</title> <asp:ContentPlaceHolder ID="head" runat="server"/> </head> <body> <form id="form1" runat="server"> - <h1>DotNetOpenAuth Consumer ASP.NET WebForms sample</h1> + <h1>DotNetOpenAuth OAuth 2.0 Client ASP.NET WebForms sample</h1> <div> <asp:ContentPlaceHolder ID="Body" runat="server"> </asp:ContentPlaceHolder> diff --git a/samples/OAuthClient/OAuthClient.csproj b/samples/OAuthClient/OAuthClient.csproj index f0a148f..37e42b2 100644 --- a/samples/OAuthClient/OAuthClient.csproj +++ b/samples/OAuthClient/OAuthClient.csproj @@ -64,10 +64,10 @@ <Content Include="GoogleAddressBook.aspx" /> <Content Include="images\Sign-in-with-Twitter-darker.png" /> <Content Include="Yammer.aspx" /> - <None Include="Service References\SampleServiceProvider\DataApi.disco" /> - <None Include="Service References\SampleServiceProvider\configuration91.svcinfo" /> - <None Include="Service References\SampleServiceProvider\configuration.svcinfo" /> - <None Include="Service References\SampleServiceProvider\Reference.svcmap"> + <None Include="Service References\SampleResourceServer\DataApi.disco" /> + <None Include="Service References\SampleResourceServer\configuration91.svcinfo" /> + <None Include="Service References\SampleResourceServer\configuration.svcinfo" /> + <None Include="Service References\SampleResourceServer\Reference.svcmap"> <Generator>WCF Proxy Generator</Generator> <LastGenOutput>Reference.cs</LastGenOutput> </None> @@ -76,10 +76,10 @@ <Content Include="TracePage.aspx" /> <Content Include="Twitter.aspx" /> <Content Include="Web.config" /> - <None Include="Service References\SampleServiceProvider\DataApi1.xsd"> + <None Include="Service References\SampleResourceServer\DataApi1.xsd"> <SubType>Designer</SubType> </None> - <None Include="Service References\SampleServiceProvider\DataApi2.xsd"> + <None Include="Service References\SampleResourceServer\DataApi2.xsd"> <SubType>Designer</SubType> </None> </ItemGroup> @@ -107,7 +107,7 @@ <Compile Include="SampleWcf2.aspx.designer.cs"> <DependentUpon>SampleWcf2.aspx</DependentUpon> </Compile> - <Compile Include="Service References\SampleServiceProvider\Reference.cs"> + <Compile Include="Service References\SampleResourceServer\Reference.cs"> <AutoGen>True</AutoGen> <DesignTime>True</DesignTime> <DependentUpon>Reference.svcmap</DependentUpon> @@ -153,8 +153,8 @@ </ItemGroup> <ItemGroup> <Content Include="MasterPage.master" /> - <None Include="Service References\SampleServiceProvider\DataApi.wsdl" /> - <None Include="Service References\SampleServiceProvider\DataApi.xsd"> + <None Include="Service References\SampleResourceServer\DataApi.wsdl" /> + <None Include="Service References\SampleResourceServer\DataApi.xsd"> <SubType>Designer</SubType> </None> <None Include="Settings.StyleCop" /> @@ -173,7 +173,7 @@ <WCFMetadata Include="Service References\" /> </ItemGroup> <ItemGroup> - <WCFMetadataStorage Include="Service References\SampleServiceProvider\" /> + <WCFMetadataStorage Include="Service References\SampleResourceServer\" /> </ItemGroup> <Import Project="$(MSBuildBinPath)\Microsoft.CSharp.targets" /> <Import Project="$(MSBuildExtensionsPath32)\Microsoft\VisualStudio\v10.0\WebApplications\Microsoft.WebApplication.targets" /> diff --git a/samples/OAuthClient/SampleWcf2.aspx.cs b/samples/OAuthClient/SampleWcf2.aspx.cs index 1b17ab3..41f2896 100644 --- a/samples/OAuthClient/SampleWcf2.aspx.cs +++ b/samples/OAuthClient/SampleWcf2.aspx.cs @@ -12,7 +12,7 @@ using System.Web.UI.WebControls; using DotNetOpenAuth.OAuth2; - using SampleServiceProvider; + using SampleResourceServer; public partial class SampleWcf2 : System.Web.UI.Page { /// <summary> @@ -24,9 +24,9 @@ /// The details about the sample OAuth-enabled WCF service that this sample client calls into. /// </summary> private static AuthorizationServerDescription authServerDescription = new AuthorizationServerDescription { - TokenEndpoint = new Uri("http://localhost:65169/OAuth.ashx"), - AuthorizationEndpoint = new Uri("http://localhost:65169/Members/Authorize.aspx"), - }; + TokenEndpoint = new Uri("http://localhost:50172/OAuth/Token"), + AuthorizationEndpoint = new Uri("http://localhost:50172/OAuth/Authorize"), + }; /// <summary> /// Initializes static members of the <see cref="SampleWcf2"/> class. @@ -56,6 +56,14 @@ // We are receiving an authorization response. Store it and associate it with this user. Authorization = authorization; Response.Redirect(Request.Path); // get rid of the /?code= parameter + } else { + if (Authorization != null) { + // Indicate to the user that we have already obtained authorization on some of these. + foreach (var li in this.scopeList.Items.OfType<ListItem>().Where(li => Authorization.Scope.Contains(li.Value))) { + li.Selected = true; + } + authorizationLabel.Text = "Authorization received!"; + } } } } diff --git a/samples/OAuthClient/Service References/SampleServiceProvider/DataApi.disco b/samples/OAuthClient/Service References/SampleResourceServer/DataApi.disco index f8d5e5b..f8d5e5b 100644 --- a/samples/OAuthClient/Service References/SampleServiceProvider/DataApi.disco +++ b/samples/OAuthClient/Service References/SampleResourceServer/DataApi.disco diff --git a/samples/OAuthClient/Service References/SampleServiceProvider/DataApi.wsdl b/samples/OAuthClient/Service References/SampleResourceServer/DataApi.wsdl index 702762a..702762a 100644 --- a/samples/OAuthClient/Service References/SampleServiceProvider/DataApi.wsdl +++ b/samples/OAuthClient/Service References/SampleResourceServer/DataApi.wsdl diff --git a/samples/OAuthClient/Service References/SampleServiceProvider/DataApi.xsd b/samples/OAuthClient/Service References/SampleResourceServer/DataApi.xsd index 3109534..3109534 100644 --- a/samples/OAuthClient/Service References/SampleServiceProvider/DataApi.xsd +++ b/samples/OAuthClient/Service References/SampleResourceServer/DataApi.xsd diff --git a/samples/OAuthClient/Service References/SampleServiceProvider/DataApi1.xsd b/samples/OAuthClient/Service References/SampleResourceServer/DataApi1.xsd index d58e7f3..d58e7f3 100644 --- a/samples/OAuthClient/Service References/SampleServiceProvider/DataApi1.xsd +++ b/samples/OAuthClient/Service References/SampleResourceServer/DataApi1.xsd diff --git a/samples/OAuthClient/Service References/SampleServiceProvider/DataApi2.xsd b/samples/OAuthClient/Service References/SampleResourceServer/DataApi2.xsd index 04a74a4..04a74a4 100644 --- a/samples/OAuthClient/Service References/SampleServiceProvider/DataApi2.xsd +++ b/samples/OAuthClient/Service References/SampleResourceServer/DataApi2.xsd diff --git a/samples/OAuthClient/Service References/SampleServiceProvider/Reference.cs b/samples/OAuthClient/Service References/SampleResourceServer/Reference.cs index 8532ed1..10f4265 100644 --- a/samples/OAuthClient/Service References/SampleServiceProvider/Reference.cs +++ b/samples/OAuthClient/Service References/SampleResourceServer/Reference.cs @@ -8,11 +8,11 @@ // </auto-generated> //------------------------------------------------------------------------------ -namespace OAuthClient.SampleServiceProvider { +namespace OAuthClient.SampleResourceServer { [System.CodeDom.Compiler.GeneratedCodeAttribute("System.ServiceModel", "4.0.0.0")] - [System.ServiceModel.ServiceContractAttribute(ConfigurationName="SampleServiceProvider.IDataApi")] + [System.ServiceModel.ServiceContractAttribute(ConfigurationName="SampleResourceServer.IDataApi")] public interface IDataApi { [System.ServiceModel.OperationContractAttribute(Action="http://tempuri.org/IDataApi/GetAge", ReplyAction="http://tempuri.org/IDataApi/GetAgeResponse")] @@ -26,12 +26,12 @@ namespace OAuthClient.SampleServiceProvider { } [System.CodeDom.Compiler.GeneratedCodeAttribute("System.ServiceModel", "4.0.0.0")] - public interface IDataApiChannel : IDataApi, System.ServiceModel.IClientChannel { + public interface IDataApiChannel : OAuthClient.SampleResourceServer.IDataApi, System.ServiceModel.IClientChannel { } [System.Diagnostics.DebuggerStepThroughAttribute()] [System.CodeDom.Compiler.GeneratedCodeAttribute("System.ServiceModel", "4.0.0.0")] - public partial class DataApiClient : System.ServiceModel.ClientBase<IDataApi>, IDataApi { + public partial class DataApiClient : System.ServiceModel.ClientBase<OAuthClient.SampleResourceServer.IDataApi>, OAuthClient.SampleResourceServer.IDataApi { public DataApiClient() { } diff --git a/samples/OAuthClient/Service References/SampleServiceProvider/Reference.svcmap b/samples/OAuthClient/Service References/SampleResourceServer/Reference.svcmap index 4463f99..4463f99 100644 --- a/samples/OAuthClient/Service References/SampleServiceProvider/Reference.svcmap +++ b/samples/OAuthClient/Service References/SampleResourceServer/Reference.svcmap diff --git a/samples/OAuthClient/Service References/SampleServiceProvider/configuration.svcinfo b/samples/OAuthClient/Service References/SampleResourceServer/configuration.svcinfo index 3bc7fee..c21c2f6 100644 --- a/samples/OAuthClient/Service References/SampleServiceProvider/configuration.svcinfo +++ b/samples/OAuthClient/Service References/SampleResourceServer/configuration.svcinfo @@ -5,6 +5,6 @@ <binding digest="System.ServiceModel.Configuration.WSHttpBindingElement, System.ServiceModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089:<?xml version="1.0" encoding="utf-16"?><Data hostNameComparisonMode="StrongWildcard" messageEncoding="Text" name="WSHttpBinding_IDataApi" textEncoding="utf-8" transactionFlow="false"><readerQuotas maxArrayLength="16384" maxBytesPerRead="4096" maxDepth="32" maxNameTableCharCount="16384" maxStringContentLength="8192" /><reliableSession enabled="false" inactivityTimeout="00:10:00" ordered="true" /><security mode="Message"><message algorithmSuite="Default" clientCredentialType="Windows" negotiateServiceCredential="true" /><transport clientCredentialType="Windows" proxyCredentialType="None" realm="" /></security></Data>" bindingType="wsHttpBinding" name="WSHttpBinding_IDataApi" /> </bindings> <endpoints> - <endpoint normalizedDigest="<?xml version="1.0" encoding="utf-16"?><Data address="http://localhost:65169/DataApi.svc" binding="wsHttpBinding" bindingConfiguration="WSHttpBinding_IDataApi" contract="SampleServiceProvider.IDataApi" name="WSHttpBinding_IDataApi"><identity><dns value="localhost" /></identity></Data>" digest="<?xml version="1.0" encoding="utf-16"?><Data address="http://localhost:65169/DataApi.svc" binding="wsHttpBinding" bindingConfiguration="WSHttpBinding_IDataApi" contract="SampleServiceProvider.IDataApi" name="WSHttpBinding_IDataApi"><identity><dns value="localhost" /></identity></Data>" contractName="SampleServiceProvider.IDataApi" name="WSHttpBinding_IDataApi" /> + <endpoint normalizedDigest="<?xml version="1.0" encoding="utf-16"?><Data address="http://localhost:65169/DataApi.svc" binding="wsHttpBinding" bindingConfiguration="WSHttpBinding_IDataApi" contract="SampleResourceServer.IDataApi" name="WSHttpBinding_IDataApi"><identity><dns value="localhost" /></identity></Data>" digest="<?xml version="1.0" encoding="utf-16"?><Data address="http://localhost:65169/DataApi.svc" binding="wsHttpBinding" bindingConfiguration="WSHttpBinding_IDataApi" contract="SampleResourceServer.IDataApi" name="WSHttpBinding_IDataApi"><identity><dns value="localhost" /></identity></Data>" contractName="SampleResourceServer.IDataApi" name="WSHttpBinding_IDataApi" /> </endpoints> </configurationSnapshot>
\ No newline at end of file diff --git a/samples/OAuthClient/Service References/SampleServiceProvider/configuration91.svcinfo b/samples/OAuthClient/Service References/SampleResourceServer/configuration91.svcinfo index 5f546e3..3dd0d1a 100644 --- a/samples/OAuthClient/Service References/SampleServiceProvider/configuration91.svcinfo +++ b/samples/OAuthClient/Service References/SampleResourceServer/configuration91.svcinfo @@ -1,5 +1,5 @@ <?xml version="1.0" encoding="utf-8"?> -<SavedWcfConfigurationInformation xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" Version="9.1" CheckSum="miGR8Db77ObVmfXAUkO0QWZjRdw="> +<SavedWcfConfigurationInformation xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" Version="9.1" CheckSum="Go5YjnH8CtVcll2vFbhXoqBKm/A="> <bindingConfigurations> <bindingConfiguration bindingType="wsHttpBinding" name="WSHttpBinding_IDataApi"> <properties> @@ -127,7 +127,7 @@ </bindingConfiguration> </bindingConfigurations> <endpoints> - <endpoint name="WSHttpBinding_IDataApi" contract="SampleServiceProvider.IDataApi" bindingType="wsHttpBinding" address="http://localhost:65169/DataApi.svc" bindingConfiguration="WSHttpBinding_IDataApi"> + <endpoint name="WSHttpBinding_IDataApi" contract="SampleResourceServer.IDataApi" bindingType="wsHttpBinding" address="http://localhost:65169/DataApi.svc" bindingConfiguration="WSHttpBinding_IDataApi"> <properties> <property path="/address" isComplexType="false" isExplicitlyDefined="true" clrType="System.Uri, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"> <serializedValue>http://localhost:65169/DataApi.svc</serializedValue> @@ -142,7 +142,7 @@ <serializedValue>WSHttpBinding_IDataApi</serializedValue> </property> <property path="/contract" isComplexType="false" isExplicitlyDefined="true" clrType="System.String, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"> - <serializedValue>SampleServiceProvider.IDataApi</serializedValue> + <serializedValue>SampleResourceServer.IDataApi</serializedValue> </property> <property path="/headers" isComplexType="true" isExplicitlyDefined="false" clrType="System.ServiceModel.Configuration.AddressHeaderCollectionElement, System.ServiceModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"> <serializedValue>System.ServiceModel.Configuration.AddressHeaderCollectionElement</serializedValue> diff --git a/samples/OAuthClient/Web.config b/samples/OAuthClient/Web.config index 985a05f..0aa28b2 100644 --- a/samples/OAuthClient/Web.config +++ b/samples/OAuthClient/Web.config @@ -190,17 +190,17 @@ enabled="false" /> <security mode="Message"> <transport clientCredentialType="Windows" proxyCredentialType="None" - realm=""/> + realm="" /> <message clientCredentialType="Windows" negotiateServiceCredential="true" - algorithmSuite="Default" establishSecurityContext="true" /> + algorithmSuite="Default" /> </security> </binding> </wsHttpBinding> </bindings> <client> - <endpoint address="http://localhost:65169/DataApi.svc" - binding="wsHttpBinding" bindingConfiguration="WSHttpBinding_IDataApi" - contract="SampleServiceProvider.IDataApi" name="WSHttpBinding_IDataApi"> + <endpoint address="http://localhost:65169/DataApi.svc" binding="wsHttpBinding" + bindingConfiguration="WSHttpBinding_IDataApi" contract="SampleResourceServer.IDataApi" + name="WSHttpBinding_IDataApi"> <identity> <dns value="localhost" /> </identity> diff --git a/samples/OAuthResourceServer/MasterPage.master b/samples/OAuthResourceServer/MasterPage.master index 136dfc9..a038594 100644 --- a/samples/OAuthResourceServer/MasterPage.master +++ b/samples/OAuthResourceServer/MasterPage.master @@ -8,12 +8,12 @@ <html xmlns="http://www.w3.org/1999/xhtml"> <head runat="server"> - <title>DotNetOpenAuth Service Provider sample</title> + <title>DotNetOpenAuth OAuth 2.0 Authorization Server sample</title> <asp:ContentPlaceHolder ID="head" runat="server"/> </head> <body> <form id="form1" runat="server"> - <h1>DotNetOpenAuth Service Provider sample</h1> + <h1>DotNetOpenAuth OAuth 2.0 Authorization Server sample</h1> <div> <asp:ContentPlaceHolder ID="Body" runat="server"> </asp:ContentPlaceHolder> |