diff options
Diffstat (limited to 'projecttemplates/RelyingPartyLogic/OAuthAuthorizationManager.cs')
| -rw-r--r-- | projecttemplates/RelyingPartyLogic/OAuthAuthorizationManager.cs | 9 |
1 files changed, 3 insertions, 6 deletions
diff --git a/projecttemplates/RelyingPartyLogic/OAuthAuthorizationManager.cs b/projecttemplates/RelyingPartyLogic/OAuthAuthorizationManager.cs index e38d955..6daf56e 100644 --- a/projecttemplates/RelyingPartyLogic/OAuthAuthorizationManager.cs +++ b/projecttemplates/RelyingPartyLogic/OAuthAuthorizationManager.cs @@ -38,7 +38,7 @@ namespace RelyingPartyLogic { var resourceServer = new ResourceServer(tokenAnalyzer); try { - IPrincipal principal = resourceServer.GetPrincipal(httpDetails, requestUri); + IPrincipal principal = resourceServer.GetPrincipal(httpDetails, requestUri, operationContext.IncomingMessageHeaders.Action); var policy = new OAuthPrincipalAuthorizationPolicy(principal); var policies = new List<IAuthorizationPolicy> { policy, @@ -57,13 +57,10 @@ namespace RelyingPartyLogic { principal.Identity, }; - // Only allow this method call if the access token scope permits it. - if (principal.IsInRole(operationContext.IncomingMessageHeaders.Action)) { - return true; - } + return true; } catch (ProtocolFaultResponseException ex) { // Return the appropriate unauthorized response to the client. - ex.ErrorResponse.Send(); + ex.CreateErrorResponse().Send(); } catch (DotNetOpenAuth.Messaging.ProtocolException/* ex*/) { ////Logger.Error("Error processing OAuth messages.", ex); } |