diff options
Diffstat (limited to 'samples/OAuthAuthorizationServer/Controllers/OAuthController.cs')
| -rw-r--r-- | samples/OAuthAuthorizationServer/Controllers/OAuthController.cs | 22 |
1 files changed, 12 insertions, 10 deletions
diff --git a/samples/OAuthAuthorizationServer/Controllers/OAuthController.cs b/samples/OAuthAuthorizationServer/Controllers/OAuthController.cs index 4c3e4d4..3ab4096 100644 --- a/samples/OAuthAuthorizationServer/Controllers/OAuthController.cs +++ b/samples/OAuthAuthorizationServer/Controllers/OAuthController.cs @@ -4,12 +4,11 @@ using System.Linq;
using System.Net;
using System.Security.Cryptography;
+ using System.Threading.Tasks;
using System.Web;
using System.Web.Mvc;
-
using DotNetOpenAuth.Messaging;
using DotNetOpenAuth.OAuth2;
-
using OAuthAuthorizationServer.Code;
using OAuthAuthorizationServer.Models;
@@ -20,8 +19,9 @@ /// The OAuth 2.0 token endpoint.
/// </summary>
/// <returns>The response to the Client.</returns>
- public ActionResult Token() {
- return this.authorizationServer.HandleTokenRequest(this.Request).AsActionResult();
+ public async Task<ActionResult> Token() {
+ var request = await this.authorizationServer.HandleTokenRequestAsync(this.Request, this.Response.ClientDisconnectedToken);
+ return request.AsActionResult();
}
/// <summary>
@@ -30,8 +30,8 @@ /// <returns>The browser HTML response that prompts the user to authorize the client.</returns>
[Authorize, AcceptVerbs(HttpVerbs.Get | HttpVerbs.Post)]
[HttpHeader("x-frame-options", "SAMEORIGIN")] // mitigates clickjacking
- public ActionResult Authorize() {
- var pendingRequest = this.authorizationServer.ReadAuthorizationRequest();
+ public async Task<ActionResult> Authorize() {
+ var pendingRequest = await this.authorizationServer.ReadAuthorizationRequestAsync(Request, Response.ClientDisconnectedToken);
if (pendingRequest == null) {
throw new HttpException((int)HttpStatusCode.BadRequest, "Missing authorization request.");
}
@@ -41,7 +41,8 @@ // Consider auto-approving if safe to do so.
if (((OAuth2AuthorizationServer)this.authorizationServer.AuthorizationServerServices).CanBeAutoApproved(pendingRequest)) {
var approval = this.authorizationServer.PrepareApproveAuthorizationRequest(pendingRequest, HttpContext.User.Identity.Name);
- return this.authorizationServer.Channel.PrepareResponse(approval).AsActionResult();
+ var response = await this.authorizationServer.Channel.PrepareResponseAsync(approval, Response.ClientDisconnectedToken);
+ return response.AsActionResult();
}
var model = new AccountAuthorizeModel {
@@ -59,8 +60,8 @@ /// <param name="isApproved">if set to <c>true</c>, the user has authorized the Client; <c>false</c> otherwise.</param>
/// <returns>HTML response that redirects the browser to the Client.</returns>
[Authorize, HttpPost, ValidateAntiForgeryToken]
- public ActionResult AuthorizeResponse(bool isApproved) {
- var pendingRequest = this.authorizationServer.ReadAuthorizationRequest();
+ public async Task<ActionResult> AuthorizeResponse(bool isApproved) {
+ var pendingRequest = await this.authorizationServer.ReadAuthorizationRequestAsync(Request, Response.ClientDisconnectedToken);
if (pendingRequest == null) {
throw new HttpException((int)HttpStatusCode.BadRequest, "Missing authorization request.");
}
@@ -86,7 +87,8 @@ response = this.authorizationServer.PrepareRejectAuthorizationRequest(pendingRequest);
}
- return this.authorizationServer.Channel.PrepareResponse(response).AsActionResult();
+ var preparedResponse = await this.authorizationServer.Channel.PrepareResponseAsync(response, Response.ClientDisconnectedToken);
+ return preparedResponse.AsActionResult();
}
}
}
|