diff options
Diffstat (limited to 'samples/DotNetOpenAuth.ApplicationBlock/InMemoryTokenManager.cs')
| -rw-r--r-- | samples/DotNetOpenAuth.ApplicationBlock/InMemoryTokenManager.cs | 23 |
1 files changed, 22 insertions, 1 deletions
diff --git a/samples/DotNetOpenAuth.ApplicationBlock/InMemoryTokenManager.cs b/samples/DotNetOpenAuth.ApplicationBlock/InMemoryTokenManager.cs index e83817a..8b769de 100644 --- a/samples/DotNetOpenAuth.ApplicationBlock/InMemoryTokenManager.cs +++ b/samples/DotNetOpenAuth.ApplicationBlock/InMemoryTokenManager.cs @@ -10,6 +10,7 @@ namespace DotNetOpenAuth.ApplicationBlock { using System.Diagnostics; using DotNetOpenAuth.OAuth.ChannelElements; using DotNetOpenAuth.OAuth.Messages; + using DotNetOpenAuth.OpenId.Extensions.OAuth; /// <summary> /// A token manager that only retains tokens in memory. @@ -20,7 +21,7 @@ namespace DotNetOpenAuth.ApplicationBlock { /// where the user only signs in without providing any authorization to access /// Twitter APIs except to authenticate, since that access token is only useful once. /// </remarks> - public class InMemoryTokenManager : IConsumerTokenManager { + public class InMemoryTokenManager : IConsumerTokenManager, IOpenIdOAuthTokenManager { private Dictionary<string, string> tokensAndSecrets = new Dictionary<string, string>(); /// <summary> @@ -118,5 +119,25 @@ namespace DotNetOpenAuth.ApplicationBlock { } #endregion + + #region IOpenIdOAuthTokenManager Members + + /// <summary> + /// Stores a new request token obtained over an OpenID request. + /// </summary> + /// <param name="consumerKey">The consumer key.</param> + /// <param name="authorization">The authorization message carrying the request token and authorized access scope.</param> + /// <remarks> + /// <para>The token secret is the empty string.</para> + /// <para>Tokens stored by this method should be short-lived to mitigate + /// possible security threats. Their lifetime should be sufficient for the + /// relying party to receive the positive authentication assertion and immediately + /// send a follow-up request for the access token.</para> + /// </remarks> + public void StoreOpenIdAuthorizedRequestToken(string consumerKey, AuthorizationApprovedResponse authorization) { + this.tokensAndSecrets[authorization.RequestToken] = String.Empty; + } + + #endregion } }
\ No newline at end of file |