diff options
Diffstat (limited to 'samples/OAuthResourceServer')
27 files changed, 1422 insertions, 0 deletions
diff --git a/samples/OAuthResourceServer/Code/DataClasses.dbml b/samples/OAuthResourceServer/Code/DataClasses.dbml new file mode 100644 index 0000000..3ced327 --- /dev/null +++ b/samples/OAuthResourceServer/Code/DataClasses.dbml @@ -0,0 +1,21 @@ +<?xml version="1.0" encoding="utf-8"?><Database Name="Database" EntityNamespace="OAuthResourceServer.Code" Class="DataClassesDataContext" xmlns="http://schemas.microsoft.com/linqtosql/dbml/2007"> +<Connection Mode="WebSettings" ConnectionString="Data Source=.\SQLEXPRESS;AttachDbFilename=|DataDirectory|\Database.mdf;Integrated Security=True;User Instance=True" SettingsObjectName="System.Configuration.ConfigurationManager.ConnectionStrings" SettingsPropertyName="DatabaseConnectionString" Provider="System.Data.SqlClient" /> + <Table Name="dbo.[User]" Member="Users"> + <Type Name="User"> + <Column Name="UserId" Type="System.Int32" DbType="Int NOT NULL IDENTITY" IsPrimaryKey="true" IsDbGenerated="true" CanBeNull="false" /> + <Column Name="OpenIDClaimedIdentifier" Type="System.String" DbType="NVarChar(150) NOT NULL" CanBeNull="false" /> + <Column Name="OpenIDFriendlyIdentifier" Type="System.String" DbType="NVarChar(150)" CanBeNull="true" /> + <Column Name="FullName" Type="System.String" DbType="NVarChar(150)" CanBeNull="false" /> + <Column Name="Age" Type="System.Int32" DbType="int" CanBeNull="true" /> + <Association Name="User_FavoriteSite" Member="FavoriteSites" ThisKey="UserId" OtherKey="UserId" Type="FavoriteSite" /> + </Type> + </Table> + <Table Name="dbo.FavoriteSite" Member="FavoriteSites"> + <Type Name="FavoriteSite"> + <Column Name="FavoriteSiteId" Type="System.Int32" DbType="Int NOT NULL IDENTITY" IsPrimaryKey="true" IsDbGenerated="true" CanBeNull="false" /> + <Column Name="UserId" Type="System.Int32" DbType="Int NOT NULL" CanBeNull="false" /> + <Column Name="SiteUrl" Type="System.String" DbType="NVarChar(255) NOT NULL" CanBeNull="false" /> + <Association Name="User_FavoriteSite" Member="User" ThisKey="UserId" OtherKey="UserId" Type="User" IsForeignKey="true" DeleteRule="CASCADE" DeleteOnNull="true" /> + </Type> + </Table> +</Database>
\ No newline at end of file diff --git a/samples/OAuthResourceServer/Code/DataClasses.dbml.layout b/samples/OAuthResourceServer/Code/DataClasses.dbml.layout new file mode 100644 index 0000000..4f4d9d6 --- /dev/null +++ b/samples/OAuthResourceServer/Code/DataClasses.dbml.layout @@ -0,0 +1,25 @@ +<?xml version="1.0" encoding="utf-8"?> +<ordesignerObjectsDiagram dslVersion="1.0.0.0" absoluteBounds="0, 0, 11, 8.5" name="DataClasses"> + <DataContextMoniker Name="/DataClassesDataContext" /> + <nestedChildShapes> + <classShape Id="696d2c69-040e-411d-9257-bb664b743834" absoluteBounds="0.5, 0.5, 2.125, 1.7708968098958331"> + <DataClassMoniker Name="/DataClassesDataContext/User" /> + <nestedChildShapes> + <elementListCompartment Id="cd90aeff-476c-44a9-897f-a986e4a8305b" absoluteBounds="0.515, 0.96, 2.0949999999999998, 1.2108968098958333" name="DataPropertiesCompartment" titleTextColor="Black" itemTextColor="Black" /> + </nestedChildShapes> + </classShape> + <classShape Id="8a79b099-7f87-4766-907a-db2c3e1b5716" absoluteBounds="3.5, 0.625, 2, 1.3862939453125005"> + <DataClassMoniker Name="/DataClassesDataContext/FavoriteSite" /> + <nestedChildShapes> + <elementListCompartment Id="eba736b9-f9ec-484b-8083-c77155a49e4e" absoluteBounds="3.515, 1.085, 1.9700000000000002, 0.8262939453125" name="DataPropertiesCompartment" titleTextColor="Black" itemTextColor="Black" /> + </nestedChildShapes> + </classShape> + <associationConnector edgePoints="[(2.625 : 1.31814697265625); (3.5 : 1.31814697265625)]" fixedFrom="NotFixed" fixedTo="NotFixed"> + <AssociationMoniker Name="/DataClassesDataContext/User/User_FavoriteSite" /> + <nodes> + <classShapeMoniker Id="696d2c69-040e-411d-9257-bb664b743834" /> + <classShapeMoniker Id="8a79b099-7f87-4766-907a-db2c3e1b5716" /> + </nodes> + </associationConnector> + </nestedChildShapes> +</ordesignerObjectsDiagram>
\ No newline at end of file diff --git a/samples/OAuthResourceServer/Code/DataClasses.designer.cs b/samples/OAuthResourceServer/Code/DataClasses.designer.cs new file mode 100644 index 0000000..7551f36 --- /dev/null +++ b/samples/OAuthResourceServer/Code/DataClasses.designer.cs @@ -0,0 +1,425 @@ +#pragma warning disable 1591 +//------------------------------------------------------------------------------ +// <auto-generated> +// This code was generated by a tool. +// Runtime Version:4.0.30319.1 +// +// Changes to this file may cause incorrect behavior and will be lost if +// the code is regenerated. +// </auto-generated> +//------------------------------------------------------------------------------ + +namespace OAuthResourceServer.Code +{ + using System.Data.Linq; + using System.Data.Linq.Mapping; + using System.Data; + using System.Collections.Generic; + using System.Reflection; + using System.Linq; + using System.Linq.Expressions; + using System.ComponentModel; + using System; + + + [global::System.Data.Linq.Mapping.DatabaseAttribute(Name="Database")] + public partial class DataClassesDataContext : System.Data.Linq.DataContext + { + + private static System.Data.Linq.Mapping.MappingSource mappingSource = new AttributeMappingSource(); + + #region Extensibility Method Definitions + partial void OnCreated(); + partial void InsertUser(User instance); + partial void UpdateUser(User instance); + partial void DeleteUser(User instance); + partial void InsertFavoriteSite(FavoriteSite instance); + partial void UpdateFavoriteSite(FavoriteSite instance); + partial void DeleteFavoriteSite(FavoriteSite instance); + #endregion + + public DataClassesDataContext() : + base(global::System.Configuration.ConfigurationManager.ConnectionStrings["DatabaseConnectionString"].ConnectionString, mappingSource) + { + OnCreated(); + } + + public DataClassesDataContext(string connection) : + base(connection, mappingSource) + { + OnCreated(); + } + + public DataClassesDataContext(System.Data.IDbConnection connection) : + base(connection, mappingSource) + { + OnCreated(); + } + + public DataClassesDataContext(string connection, System.Data.Linq.Mapping.MappingSource mappingSource) : + base(connection, mappingSource) + { + OnCreated(); + } + + public DataClassesDataContext(System.Data.IDbConnection connection, System.Data.Linq.Mapping.MappingSource mappingSource) : + base(connection, mappingSource) + { + OnCreated(); + } + + public System.Data.Linq.Table<User> Users + { + get + { + return this.GetTable<User>(); + } + } + + public System.Data.Linq.Table<FavoriteSite> FavoriteSites + { + get + { + return this.GetTable<FavoriteSite>(); + } + } + } + + [global::System.Data.Linq.Mapping.TableAttribute(Name="dbo.[User]")] + public partial class User : INotifyPropertyChanging, INotifyPropertyChanged + { + + private static PropertyChangingEventArgs emptyChangingEventArgs = new PropertyChangingEventArgs(String.Empty); + + private int _UserId; + + private string _OpenIDClaimedIdentifier; + + private string _OpenIDFriendlyIdentifier; + + private string _FullName; + + private System.Nullable<int> _Age; + + private EntitySet<FavoriteSite> _FavoriteSites; + + #region Extensibility Method Definitions + partial void OnLoaded(); + partial void OnValidate(System.Data.Linq.ChangeAction action); + partial void OnCreated(); + partial void OnUserIdChanging(int value); + partial void OnUserIdChanged(); + partial void OnOpenIDClaimedIdentifierChanging(string value); + partial void OnOpenIDClaimedIdentifierChanged(); + partial void OnOpenIDFriendlyIdentifierChanging(string value); + partial void OnOpenIDFriendlyIdentifierChanged(); + partial void OnFullNameChanging(string value); + partial void OnFullNameChanged(); + partial void OnAgeChanging(System.Nullable<int> value); + partial void OnAgeChanged(); + #endregion + + public User() + { + this._FavoriteSites = new EntitySet<FavoriteSite>(new Action<FavoriteSite>(this.attach_FavoriteSites), new Action<FavoriteSite>(this.detach_FavoriteSites)); + OnCreated(); + } + + [global::System.Data.Linq.Mapping.ColumnAttribute(Storage="_UserId", AutoSync=AutoSync.OnInsert, DbType="Int NOT NULL IDENTITY", IsPrimaryKey=true, IsDbGenerated=true)] + public int UserId + { + get + { + return this._UserId; + } + set + { + if ((this._UserId != value)) + { + this.OnUserIdChanging(value); + this.SendPropertyChanging(); + this._UserId = value; + this.SendPropertyChanged("UserId"); + this.OnUserIdChanged(); + } + } + } + + [global::System.Data.Linq.Mapping.ColumnAttribute(Storage="_OpenIDClaimedIdentifier", DbType="NVarChar(150) NOT NULL", CanBeNull=false)] + public string OpenIDClaimedIdentifier + { + get + { + return this._OpenIDClaimedIdentifier; + } + set + { + if ((this._OpenIDClaimedIdentifier != value)) + { + this.OnOpenIDClaimedIdentifierChanging(value); + this.SendPropertyChanging(); + this._OpenIDClaimedIdentifier = value; + this.SendPropertyChanged("OpenIDClaimedIdentifier"); + this.OnOpenIDClaimedIdentifierChanged(); + } + } + } + + [global::System.Data.Linq.Mapping.ColumnAttribute(Storage="_OpenIDFriendlyIdentifier", DbType="NVarChar(150)")] + public string OpenIDFriendlyIdentifier + { + get + { + return this._OpenIDFriendlyIdentifier; + } + set + { + if ((this._OpenIDFriendlyIdentifier != value)) + { + this.OnOpenIDFriendlyIdentifierChanging(value); + this.SendPropertyChanging(); + this._OpenIDFriendlyIdentifier = value; + this.SendPropertyChanged("OpenIDFriendlyIdentifier"); + this.OnOpenIDFriendlyIdentifierChanged(); + } + } + } + + [global::System.Data.Linq.Mapping.ColumnAttribute(Storage="_FullName", DbType="NVarChar(150)", CanBeNull=false)] + public string FullName + { + get + { + return this._FullName; + } + set + { + if ((this._FullName != value)) + { + this.OnFullNameChanging(value); + this.SendPropertyChanging(); + this._FullName = value; + this.SendPropertyChanged("FullName"); + this.OnFullNameChanged(); + } + } + } + + [global::System.Data.Linq.Mapping.ColumnAttribute(Storage="_Age", DbType="int")] + public System.Nullable<int> Age + { + get + { + return this._Age; + } + set + { + if ((this._Age != value)) + { + this.OnAgeChanging(value); + this.SendPropertyChanging(); + this._Age = value; + this.SendPropertyChanged("Age"); + this.OnAgeChanged(); + } + } + } + + [global::System.Data.Linq.Mapping.AssociationAttribute(Name="User_FavoriteSite", Storage="_FavoriteSites", ThisKey="UserId", OtherKey="UserId")] + public EntitySet<FavoriteSite> FavoriteSites + { + get + { + return this._FavoriteSites; + } + set + { + this._FavoriteSites.Assign(value); + } + } + + public event PropertyChangingEventHandler PropertyChanging; + + public event PropertyChangedEventHandler PropertyChanged; + + protected virtual void SendPropertyChanging() + { + if ((this.PropertyChanging != null)) + { + this.PropertyChanging(this, emptyChangingEventArgs); + } + } + + protected virtual void SendPropertyChanged(String propertyName) + { + if ((this.PropertyChanged != null)) + { + this.PropertyChanged(this, new PropertyChangedEventArgs(propertyName)); + } + } + + private void attach_FavoriteSites(FavoriteSite entity) + { + this.SendPropertyChanging(); + entity.User = this; + } + + private void detach_FavoriteSites(FavoriteSite entity) + { + this.SendPropertyChanging(); + entity.User = null; + } + } + + [global::System.Data.Linq.Mapping.TableAttribute(Name="dbo.FavoriteSite")] + public partial class FavoriteSite : INotifyPropertyChanging, INotifyPropertyChanged + { + + private static PropertyChangingEventArgs emptyChangingEventArgs = new PropertyChangingEventArgs(String.Empty); + + private int _FavoriteSiteId; + + private int _UserId; + + private string _SiteUrl; + + private EntityRef<User> _User; + + #region Extensibility Method Definitions + partial void OnLoaded(); + partial void OnValidate(System.Data.Linq.ChangeAction action); + partial void OnCreated(); + partial void OnFavoriteSiteIdChanging(int value); + partial void OnFavoriteSiteIdChanged(); + partial void OnUserIdChanging(int value); + partial void OnUserIdChanged(); + partial void OnSiteUrlChanging(string value); + partial void OnSiteUrlChanged(); + #endregion + + public FavoriteSite() + { + this._User = default(EntityRef<User>); + OnCreated(); + } + + [global::System.Data.Linq.Mapping.ColumnAttribute(Storage="_FavoriteSiteId", AutoSync=AutoSync.OnInsert, DbType="Int NOT NULL IDENTITY", IsPrimaryKey=true, IsDbGenerated=true)] + public int FavoriteSiteId + { + get + { + return this._FavoriteSiteId; + } + set + { + if ((this._FavoriteSiteId != value)) + { + this.OnFavoriteSiteIdChanging(value); + this.SendPropertyChanging(); + this._FavoriteSiteId = value; + this.SendPropertyChanged("FavoriteSiteId"); + this.OnFavoriteSiteIdChanged(); + } + } + } + + [global::System.Data.Linq.Mapping.ColumnAttribute(Storage="_UserId", DbType="Int NOT NULL")] + public int UserId + { + get + { + return this._UserId; + } + set + { + if ((this._UserId != value)) + { + if (this._User.HasLoadedOrAssignedValue) + { + throw new System.Data.Linq.ForeignKeyReferenceAlreadyHasValueException(); + } + this.OnUserIdChanging(value); + this.SendPropertyChanging(); + this._UserId = value; + this.SendPropertyChanged("UserId"); + this.OnUserIdChanged(); + } + } + } + + [global::System.Data.Linq.Mapping.ColumnAttribute(Storage="_SiteUrl", DbType="NVarChar(255) NOT NULL", CanBeNull=false)] + public string SiteUrl + { + get + { + return this._SiteUrl; + } + set + { + if ((this._SiteUrl != value)) + { + this.OnSiteUrlChanging(value); + this.SendPropertyChanging(); + this._SiteUrl = value; + this.SendPropertyChanged("SiteUrl"); + this.OnSiteUrlChanged(); + } + } + } + + [global::System.Data.Linq.Mapping.AssociationAttribute(Name="User_FavoriteSite", Storage="_User", ThisKey="UserId", OtherKey="UserId", IsForeignKey=true, DeleteOnNull=true, DeleteRule="CASCADE")] + public User User + { + get + { + return this._User.Entity; + } + set + { + User previousValue = this._User.Entity; + if (((previousValue != value) + || (this._User.HasLoadedOrAssignedValue == false))) + { + this.SendPropertyChanging(); + if ((previousValue != null)) + { + this._User.Entity = null; + previousValue.FavoriteSites.Remove(this); + } + this._User.Entity = value; + if ((value != null)) + { + value.FavoriteSites.Add(this); + this._UserId = value.UserId; + } + else + { + this._UserId = default(int); + } + this.SendPropertyChanged("User"); + } + } + } + + public event PropertyChangingEventHandler PropertyChanging; + + public event PropertyChangedEventHandler PropertyChanged; + + protected virtual void SendPropertyChanging() + { + if ((this.PropertyChanging != null)) + { + this.PropertyChanging(this, emptyChangingEventArgs); + } + } + + protected virtual void SendPropertyChanged(String propertyName) + { + if ((this.PropertyChanged != null)) + { + this.PropertyChanged(this, new PropertyChangedEventArgs(propertyName)); + } + } + } +} +#pragma warning restore 1591 diff --git a/samples/OAuthResourceServer/Code/Global.cs b/samples/OAuthResourceServer/Code/Global.cs new file mode 100644 index 0000000..6e03fc2 --- /dev/null +++ b/samples/OAuthResourceServer/Code/Global.cs @@ -0,0 +1,142 @@ +namespace OAuthResourceServer.Code { + using System; + using System.Linq; + using System.Security.Cryptography; + using System.ServiceModel; + using System.Text; + using System.Web; + using DotNetOpenAuth.OAuth2; + using DotNetOpenAuth.OAuth2.Messages; + + /// <summary> + /// The web application global events and properties. + /// </summary> + public class Global : HttpApplication { + /// <summary> + /// An application memory cache of recent log messages. + /// </summary> + public static StringBuilder LogMessages = new StringBuilder(); + + /// <summary> + /// The logger for this sample to use. + /// </summary> + public static log4net.ILog Logger = log4net.LogManager.GetLogger("DotNetOpenAuth.OAuthResourceServer"); + +#if SAMPLESONLY + /// <summary> + /// The FOR SAMPLE ONLY hard-coded public key of the authorization server that is used to verify the signature on access tokens. + /// </summary> + /// <remarks> + /// In a real app, the authorization server public key would likely come from the server's HTTPS certificate, + /// but in any case would be determined by the authorization server and its policies. + /// The hard-coded value used here is so this sample works well with the OAuthAuthorizationServer sample, + /// which has the corresponding sample private key. + /// </remarks> + public static readonly RSAParameters AuthorizationServerSigningPublicKey = new RSAParameters { + Exponent = new byte[] { 1, 0, 1 }, + Modulus = new byte[] { 210, 95, 53, 12, 203, 114, 150, 23, 23, 88, 4, 200, 47, 219, 73, 54, 146, 253, 126, 121, 105, 91, 118, 217, 182, 167, 140, 6, 67, 112, 97, 183, 66, 112, 245, 103, 136, 222, 205, 28, 196, 45, 6, 223, 192, 76, 56, 180, 90, 120, 144, 19, 31, 193, 37, 129, 186, 214, 36, 53, 204, 53, 108, 133, 112, 17, 133, 244, 3, 12, 230, 29, 243, 51, 79, 253, 10, 111, 185, 23, 74, 230, 99, 94, 78, 49, 209, 39, 95, 213, 248, 212, 22, 4, 222, 145, 77, 190, 136, 230, 134, 70, 228, 241, 194, 216, 163, 234, 52, 1, 64, 181, 139, 128, 90, 255, 214, 60, 168, 233, 254, 110, 31, 102, 58, 67, 201, 33 }, + }; + + /// <summary> + /// The FOR SAMPLE ONLY hard-coded private key used to decrypt access tokens intended for this resource server. + /// </summary> + /// <remarks> + /// In a real app, the resource server would likely use its own HTTPS certificate or some other certificate stored securely + /// on the server rather than hard-coded in compiled code for security and ease of changing the certificate in case it was compromised. + /// </remarks> + internal static readonly RSAParameters ResourceServerEncryptionPrivateKey = new RSAParameters { + Exponent = new byte[] { 1, 0, 1 }, + Modulus = new byte[] { 166, 175, 117, 169, 211, 251, 45, 215, 55, 53, 202, 65, 153, 155, 92, 219, 235, 243, 61, 170, 101, 250, 221, 214, 239, 175, 238, 175, 239, 20, 144, 72, 227, 221, 4, 219, 32, 225, 101, 96, 18, 33, 117, 176, 110, 123, 109, 23, 29, 85, 93, 50, 129, 163, 113, 57, 122, 212, 141, 145, 17, 31, 67, 165, 181, 91, 117, 23, 138, 251, 198, 132, 188, 213, 10, 157, 116, 229, 48, 168, 8, 127, 28, 156, 239, 124, 117, 36, 232, 100, 222, 23, 52, 186, 239, 5, 63, 207, 185, 16, 137, 73, 137, 147, 252, 71, 9, 239, 113, 27, 88, 255, 91, 56, 192, 142, 210, 21, 34, 81, 204, 239, 57, 60, 140, 249, 15, 101 }, + P = new byte[] { 227, 25, 96, 71, 220, 99, 11, 55, 15, 241, 153, 20, 32, 213, 68, 127, 246, 162, 153, 204, 98, 26, 10, 99, 46, 189, 35, 18, 162, 180, 184, 134, 230, 198, 156, 87, 52, 174, 74, 155, 163, 204, 252, 51, 232, 189, 135, 172, 88, 24, 52, 174, 72, 157, 81, 90, 118, 59, 142, 154, 152, 201, 62, 177 }, + Q = new byte[] { 187, 229, 223, 233, 118, 20, 5, 251, 85, 8, 196, 3, 220, 232, 38, 159, 15, 95, 174, 162, 36, 13, 138, 239, 16, 85, 220, 104, 4, 162, 174, 160, 234, 133, 156, 33, 117, 139, 22, 112, 108, 214, 97, 178, 100, 191, 13, 177, 164, 30, 124, 48, 33, 118, 21, 137, 38, 59, 191, 13, 183, 5, 16, 245 }, + DP = new byte[] { 225, 112, 117, 117, 160, 191, 233, 136, 53, 153, 158, 94, 174, 225, 71, 104, 200, 75, 77, 229, 232, 148, 245, 46, 212, 93, 9, 142, 28, 90, 206, 187, 140, 40, 41, 87, 32, 130, 204, 169, 136, 135, 154, 237, 100, 227, 144, 229, 115, 102, 68, 21, 167, 28, 20, 128, 122, 210, 80, 148, 3, 139, 243, 97 }, + DQ = new byte[] { 133, 252, 100, 207, 232, 184, 92, 143, 157, 82, 115, 220, 65, 81, 118, 0, 228, 136, 153, 81, 219, 157, 160, 157, 218, 171, 47, 81, 41, 69, 12, 123, 136, 224, 159, 182, 40, 72, 119, 70, 210, 5, 137, 131, 25, 94, 55, 152, 157, 236, 115, 40, 43, 36, 54, 53, 39, 131, 97, 56, 153, 114, 206, 101 }, + InverseQ = new byte[] { 129, 119, 84, 118, 29, 35, 194, 186, 96, 169, 7, 7, 200, 22, 187, 34, 72, 131, 200, 246, 79, 120, 49, 242, 8, 220, 74, 114, 195, 95, 90, 108, 80, 2, 212, 71, 125, 100, 184, 77, 203, 236, 64, 122, 108, 212, 150, 129, 66, 248, 218, 3, 186, 71, 213, 236, 142, 66, 33, 196, 150, 216, 138, 114 }, + D = new byte[] { 94, 20, 94, 119, 18, 92, 141, 13, 17, 238, 92, 80, 22, 96, 232, 82, 128, 164, 115, 195, 191, 119, 142, 202, 135, 210, 103, 8, 10, 11, 51, 60, 208, 207, 168, 179, 253, 164, 250, 80, 245, 42, 201, 128, 97, 123, 108, 161, 69, 63, 47, 49, 24, 150, 165, 139, 105, 214, 154, 104, 172, 159, 86, 208, 64, 134, 158, 156, 234, 125, 140, 210, 3, 32, 60, 28, 62, 154, 198, 21, 132, 191, 236, 10, 158, 12, 247, 159, 177, 77, 178, 53, 238, 95, 165, 9, 200, 28, 148, 242, 35, 70, 189, 121, 169, 248, 97, 91, 111, 45, 103, 1, 167, 220, 67, 250, 175, 89, 122, 238, 192, 144, 142, 248, 198, 101, 96, 129 }, + }; +#else + [Obsolete("You must use a real key for a real app.", true)] + public static readonly RSAParameters AuthorizationServerSigningPublicKey = new RSAParameters(); + + [Obsolete("You must use a real key for a real app.", true)] + internal static readonly RSAParameters ResourceServerEncryptionPrivateKey= new RSAParameters(); +#endif + + /// <summary> + /// Gets the transaction-protected database connection for the current request. + /// </summary> + public static DataClassesDataContext DataContext { + get { + DataClassesDataContext dataContext = dataContextSimple; + if (dataContext == null) { + dataContext = new DataClassesDataContext(); + dataContext.Connection.Open(); + dataContext.Transaction = dataContext.Connection.BeginTransaction(); + dataContextSimple = dataContext; + } + + return dataContext; + } + } + + public static User LoggedInUser { + get { return Global.DataContext.Users.SingleOrDefault(user => user.OpenIDClaimedIdentifier == HttpContext.Current.User.Identity.Name); } + } + + private static DataClassesDataContext dataContextSimple { + get { + if (HttpContext.Current != null) { + return HttpContext.Current.Items["DataContext"] as DataClassesDataContext; + } else if (OperationContext.Current != null) { + object data; + if (OperationContext.Current.IncomingMessageProperties.TryGetValue("DataContext", out data)) { + return data as DataClassesDataContext; + } else { + return null; + } + } else { + throw new InvalidOperationException(); + } + } + + set { + if (HttpContext.Current != null) { + HttpContext.Current.Items["DataContext"] = value; + } else if (OperationContext.Current != null) { + OperationContext.Current.IncomingMessageProperties["DataContext"] = value; + } else { + throw new InvalidOperationException(); + } + } + } + + private static void CommitAndCloseDatabaseIfNecessary() { + var dataContext = dataContextSimple; + if (dataContext != null) { + dataContext.SubmitChanges(); + dataContext.Transaction.Commit(); + dataContext.Connection.Close(); + } + } + + private void Application_Start(object sender, EventArgs e) { + log4net.Config.XmlConfigurator.Configure(); + Logger.Info("Sample starting..."); + } + + private void Application_End(object sender, EventArgs e) { + Logger.Info("Sample shutting down..."); + + // this would be automatic, but in partial trust scenarios it is not. + log4net.LogManager.Shutdown(); + } + + private void Application_Error(object sender, EventArgs e) { + Logger.Error("An unhandled exception occurred in ASP.NET processing: " + Server.GetLastError(), Server.GetLastError()); + } + + private void Application_EndRequest(object sender, EventArgs e) { + CommitAndCloseDatabaseIfNecessary(); + } + } +}
\ No newline at end of file diff --git a/samples/OAuthResourceServer/Code/IDataApi.cs b/samples/OAuthResourceServer/Code/IDataApi.cs new file mode 100644 index 0000000..c01c822 --- /dev/null +++ b/samples/OAuthResourceServer/Code/IDataApi.cs @@ -0,0 +1,20 @@ +namespace OAuthResourceServer.Code { + using System; + using System.Collections.Generic; + using System.Linq; + using System.Runtime.Serialization; + using System.ServiceModel; + using System.Text; + + [ServiceContract] + public interface IDataApi { + [OperationContract] + int? GetAge(); + + [OperationContract] + string GetName(); + + [OperationContract] + string[] GetFavoriteSites(); + } +}
\ No newline at end of file diff --git a/samples/OAuthResourceServer/Code/OAuthAuthorizationManager.cs b/samples/OAuthResourceServer/Code/OAuthAuthorizationManager.cs new file mode 100644 index 0000000..d2d95fe --- /dev/null +++ b/samples/OAuthResourceServer/Code/OAuthAuthorizationManager.cs @@ -0,0 +1,79 @@ +namespace OAuthResourceServer.Code { + using System; + using System.Collections.Generic; + using System.IdentityModel.Policy; + using System.Linq; + using System.Security.Principal; + using System.ServiceModel; + using System.ServiceModel.Channels; + using System.ServiceModel.Security; + + using DotNetOpenAuth.Messaging; + using DotNetOpenAuth.OAuth2; + + using ProtocolException = System.ServiceModel.ProtocolException; + + /// <summary> + /// A WCF extension to authenticate incoming messages using OAuth. + /// </summary> + public class OAuthAuthorizationManager : ServiceAuthorizationManager { + public OAuthAuthorizationManager() { + } + + protected override bool CheckAccessCore(OperationContext operationContext) { + if (!base.CheckAccessCore(operationContext)) { + return false; + } + + var httpDetails = operationContext.RequestContext.RequestMessage.Properties[HttpRequestMessageProperty.Name] as HttpRequestMessageProperty; + var requestUri = operationContext.RequestContext.RequestMessage.Properties["OriginalHttpRequestUri"] as Uri; + + try { + var principal = VerifyOAuth2(httpDetails, requestUri); + if (principal != null) { + var policy = new OAuthPrincipalAuthorizationPolicy(principal); + var policies = new List<IAuthorizationPolicy> { + policy, + }; + + var securityContext = new ServiceSecurityContext(policies.AsReadOnly()); + if (operationContext.IncomingMessageProperties.Security != null) { + operationContext.IncomingMessageProperties.Security.ServiceSecurityContext = securityContext; + } else { + operationContext.IncomingMessageProperties.Security = new SecurityMessageProperty { + ServiceSecurityContext = securityContext, + }; + } + + securityContext.AuthorizationContext.Properties["Identities"] = new List<IIdentity> { + principal.Identity, + }; + + // Only allow this method call if the access token scope permits it. + return principal.IsInRole(operationContext.IncomingMessageHeaders.Action); + } else { + return false; + } + } catch (ProtocolException ex) { + Global.Logger.Error("Error processing OAuth messages.", ex); + } + + return false; + } + + private static IPrincipal VerifyOAuth2(HttpRequestMessageProperty httpDetails, Uri requestUri) { + // for this sample where the auth server and resource server are the same site, + // we use the same public/private key. + var resourceServer = new ResourceServer( + new StandardAccessTokenAnalyzer( + Global.AuthorizationServerSigningPublicKey, + Global.ResourceServerEncryptionPrivateKey)); + + IPrincipal result; + var error = resourceServer.VerifyAccess(new HttpRequestInfo(httpDetails, requestUri), out result); + + // TODO: return the prepared error code. + return error != null ? null : result; + } + } +}
\ No newline at end of file diff --git a/samples/OAuthResourceServer/Code/OAuthPrincipalAuthorizationPolicy.cs b/samples/OAuthResourceServer/Code/OAuthPrincipalAuthorizationPolicy.cs new file mode 100644 index 0000000..ac01c4d --- /dev/null +++ b/samples/OAuthResourceServer/Code/OAuthPrincipalAuthorizationPolicy.cs @@ -0,0 +1,47 @@ +namespace OAuthResourceServer.Code { + using System; + using System.Collections.Generic; + using System.IdentityModel.Claims; + using System.IdentityModel.Policy; + using System.Linq; + using System.Security.Principal; + using System.Web; + + public class OAuthPrincipalAuthorizationPolicy : IAuthorizationPolicy { + private readonly Guid uniqueId = Guid.NewGuid(); + private readonly IPrincipal principal; + + /// <summary> + /// Initializes a new instance of the <see cref="OAuthPrincipalAuthorizationPolicy"/> class. + /// </summary> + /// <param name="principal">The principal.</param> + public OAuthPrincipalAuthorizationPolicy(IPrincipal principal) { + this.principal = principal; + } + + #region IAuthorizationComponent Members + + /// <summary> + /// Gets a unique ID for this instance. + /// </summary> + public string Id { + get { return this.uniqueId.ToString(); } + } + + #endregion + + #region IAuthorizationPolicy Members + + public ClaimSet Issuer { + get { return ClaimSet.System; } + } + + public bool Evaluate(EvaluationContext evaluationContext, ref object state) { + evaluationContext.AddClaimSet(this, new DefaultClaimSet(Claim.CreateNameClaim(this.principal.Identity.Name))); + evaluationContext.Properties["Principal"] = this.principal; + return true; + } + + #endregion + } +}
\ No newline at end of file diff --git a/samples/OAuthResourceServer/Code/TracePageAppender.cs b/samples/OAuthResourceServer/Code/TracePageAppender.cs new file mode 100644 index 0000000..4dc543f --- /dev/null +++ b/samples/OAuthResourceServer/Code/TracePageAppender.cs @@ -0,0 +1,13 @@ +namespace OAuthResourceServer.Code { + using System; + using System.Collections.Generic; + using System.IO; + using System.Web; + + public class TracePageAppender : log4net.Appender.AppenderSkeleton { + protected override void Append(log4net.Core.LoggingEvent loggingEvent) { + StringWriter sw = new StringWriter(Global.LogMessages); + Layout.Format(sw, loggingEvent); + } + } +}
\ No newline at end of file diff --git a/samples/OAuthResourceServer/Code/Utilities.cs b/samples/OAuthResourceServer/Code/Utilities.cs new file mode 100644 index 0000000..234f6bb --- /dev/null +++ b/samples/OAuthResourceServer/Code/Utilities.cs @@ -0,0 +1,28 @@ +namespace OAuthResourceServer.Code { + using System; + using System.Collections.Generic; + using System.Linq; + using System.Security.Principal; + using System.Web; + + /// <summary> + /// Extension methods and other helpful utility methods. + /// </summary> + public static class Utilities { + /// <summary> + /// Gets the database entity representing the user identified by a given <see cref="IIdentity"/> instance. + /// </summary> + /// <param name="identity">The identity of the user.</param> + /// <returns> + /// The database object for that user; or <c>null</c> if the user could not + /// be found or if <paramref name="identity"/> is <c>null</c> or represents an anonymous identity. + /// </returns> + public static User GetUser(this IIdentity identity) { + if (identity == null || !identity.IsAuthenticated) { + return null; + } + + return Global.DataContext.Users.SingleOrDefault(user => user.OpenIDClaimedIdentifier == identity.Name); + } + } +}
\ No newline at end of file diff --git a/samples/OAuthResourceServer/DataApi.cs b/samples/OAuthResourceServer/DataApi.cs new file mode 100644 index 0000000..718f815 --- /dev/null +++ b/samples/OAuthResourceServer/DataApi.cs @@ -0,0 +1,35 @@ +namespace OAuthResourceServer { + using System.Linq; + using System.ServiceModel; + + using Code; + + /// <summary> + /// The WCF service API. + /// </summary> + /// <remarks> + /// Note how there is no code here that is bound to OAuth or any other + /// credential/authorization scheme. That's all part of the channel/binding elsewhere. + /// And the reference to OperationContext.Current.ServiceSecurityContext.PrimaryIdentity + /// is the user being impersonated by the WCF client. + /// In the OAuth case, it is the user who authorized the OAuth access token that was used + /// to gain access to the service. + /// </remarks> + public class DataApi : IDataApi { + private User User { + get { return OperationContext.Current.ServiceSecurityContext.PrimaryIdentity.GetUser(); } + } + + public int? GetAge() { + return User.Age; + } + + public string GetName() { + return User.FullName; + } + + public string[] GetFavoriteSites() { + return User.FavoriteSites.Select(site => site.SiteUrl).ToArray(); + } + } +}
\ No newline at end of file diff --git a/samples/OAuthResourceServer/DataApi.svc b/samples/OAuthResourceServer/DataApi.svc new file mode 100644 index 0000000..9a36ef6 --- /dev/null +++ b/samples/OAuthResourceServer/DataApi.svc @@ -0,0 +1 @@ +<%@ ServiceHost Language="C#" Debug="true" Service="OAuthResourceServer.DataApi" CodeBehind="DataApi.cs" %> diff --git a/samples/OAuthResourceServer/Default.aspx b/samples/OAuthResourceServer/Default.aspx new file mode 100644 index 0000000..55402bf --- /dev/null +++ b/samples/OAuthResourceServer/Default.aspx @@ -0,0 +1,13 @@ +<%@ Page Title="DotNetOpenAuth Service Provider Sample" Language="C#" MasterPageFile="~/MasterPage.master" CodeBehind="~/Default.aspx.cs" Inherits="OAuthResourceServer._Default" AutoEventWireup="True" %> + +<%@ Import Namespace="System.IO" %> +<%@ Import Namespace="System.Data.SqlClient" %> + +<asp:Content ID="Content2" ContentPlaceHolderID="Body" runat="Server"> + <asp:Button ID="createDatabaseButton" runat="server" Text="(Re)create Database" OnClick="createDatabaseButton_Click" /> + <asp:Label runat="server" ID="databaseStatus" EnableViewState="false" Text="Database recreated!" + Visible="false" /> + <p>Note that to be useful, you really need to either modify the database to add an + account with data that will be accessed by this sample, or modify this very page + to inject that data into the database. </p> +</asp:Content> diff --git a/samples/OAuthResourceServer/Default.aspx.cs b/samples/OAuthResourceServer/Default.aspx.cs new file mode 100644 index 0000000..502e039 --- /dev/null +++ b/samples/OAuthResourceServer/Default.aspx.cs @@ -0,0 +1,43 @@ +namespace OAuthResourceServer { + using System; + using System.Configuration; + using System.IO; + + using Code; + + public partial class _Default : System.Web.UI.Page { + protected void createDatabaseButton_Click(object sender, EventArgs e) { + string databasePath = Path.Combine(Server.MapPath(Request.ApplicationPath), "App_Data"); + if (!Directory.Exists(databasePath)) { + Directory.CreateDirectory(databasePath); + } + string connectionString = ConfigurationManager.ConnectionStrings["DatabaseConnectionString"].ConnectionString.Replace("|DataDirectory|", databasePath); + var dc = new DataClassesDataContext(connectionString); + if (dc.DatabaseExists()) { + dc.DeleteDatabase(); + } + try { + dc.CreateDatabase(); + + // Fill with sample data. + dc.Users.InsertOnSubmit(new User { + OpenIDFriendlyIdentifier = "=arnott", + OpenIDClaimedIdentifier = "=!9B72.7DD1.50A9.5CCD", + Age = 27, + FullName = "Andrew Arnott", + FavoriteSites = new System.Data.Linq.EntitySet<FavoriteSite> { + new FavoriteSite { SiteUrl = "http://www.microsoft.com" }, + new FavoriteSite { SiteUrl = "http://www.google.com" }, + }, + }); + + dc.SubmitChanges(); + this.databaseStatus.Visible = true; + } catch (System.Data.SqlClient.SqlException ex) { + foreach (System.Data.SqlClient.SqlError error in ex.Errors) { + Response.Write(error.Message); + } + } + } + } +}
\ No newline at end of file diff --git a/samples/OAuthResourceServer/Default.aspx.designer.cs b/samples/OAuthResourceServer/Default.aspx.designer.cs new file mode 100644 index 0000000..4cd67de --- /dev/null +++ b/samples/OAuthResourceServer/Default.aspx.designer.cs @@ -0,0 +1,33 @@ +//------------------------------------------------------------------------------ +// <auto-generated> +// This code was generated by a tool. +// +// Changes to this file may cause incorrect behavior and will be lost if +// the code is regenerated. +// </auto-generated> +//------------------------------------------------------------------------------ + +namespace OAuthResourceServer { + + + public partial class _Default { + + /// <summary> + /// createDatabaseButton control. + /// </summary> + /// <remarks> + /// Auto-generated field. + /// To modify move field declaration from designer file to code-behind file. + /// </remarks> + protected global::System.Web.UI.WebControls.Button createDatabaseButton; + + /// <summary> + /// databaseStatus control. + /// </summary> + /// <remarks> + /// Auto-generated field. + /// To modify move field declaration from designer file to code-behind file. + /// </remarks> + protected global::System.Web.UI.WebControls.Label databaseStatus; + } +} diff --git a/samples/OAuthResourceServer/Global.asax b/samples/OAuthResourceServer/Global.asax new file mode 100644 index 0000000..0f290d5 --- /dev/null +++ b/samples/OAuthResourceServer/Global.asax @@ -0,0 +1 @@ +<%@ Application Inherits="OAuthResourceServer.Code.Global" CodeBehind="Code\Global.cs" %> diff --git a/samples/OAuthResourceServer/Login.aspx b/samples/OAuthResourceServer/Login.aspx new file mode 100644 index 0000000..fd858c8 --- /dev/null +++ b/samples/OAuthResourceServer/Login.aspx @@ -0,0 +1,11 @@ +<%@ Page Title="Login" Language="C#" MasterPageFile="~/MasterPage.master" %> + +<%@ Register Assembly="DotNetOpenAuth" Namespace="DotNetOpenAuth.OpenId.RelyingParty" TagPrefix="rp" %> +<script runat="server"> + protected void Page_Load(object sender, EventArgs e) { + OpenIdLogin1.Focus(); + } +</script> +<asp:Content ID="Content2" ContentPlaceHolderID="Body" runat="Server"> + <rp:OpenIdLogin runat="server" TabIndex='1' ID="OpenIdLogin1" /> +</asp:Content> diff --git a/samples/OAuthResourceServer/MasterPage.master b/samples/OAuthResourceServer/MasterPage.master new file mode 100644 index 0000000..136dfc9 --- /dev/null +++ b/samples/OAuthResourceServer/MasterPage.master @@ -0,0 +1,23 @@ +<%@ Master Language="C#" %> + +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> + +<script runat="server"> + +</script> + +<html xmlns="http://www.w3.org/1999/xhtml"> +<head runat="server"> + <title>DotNetOpenAuth Service Provider sample</title> + <asp:ContentPlaceHolder ID="head" runat="server"/> +</head> +<body> + <form id="form1" runat="server"> + <h1>DotNetOpenAuth Service Provider sample</h1> + <div> + <asp:ContentPlaceHolder ID="Body" runat="server"> + </asp:ContentPlaceHolder> + </div> + </form> +</body> +</html> diff --git a/samples/OAuthResourceServer/Members/Logoff.aspx b/samples/OAuthResourceServer/Members/Logoff.aspx new file mode 100644 index 0000000..afa9dd9 --- /dev/null +++ b/samples/OAuthResourceServer/Members/Logoff.aspx @@ -0,0 +1,8 @@ +<%@ Page Title="Log off" Language="C#" MasterPageFile="~/MasterPage.master" %> + +<script runat="server"> + private void Page_Load(object sender, EventArgs e) { + FormsAuthentication.SignOut(); + Response.Redirect("~/"); + } +</script> diff --git a/samples/OAuthResourceServer/Members/Web.config b/samples/OAuthResourceServer/Members/Web.config new file mode 100644 index 0000000..50fab27 --- /dev/null +++ b/samples/OAuthResourceServer/Members/Web.config @@ -0,0 +1,8 @@ +<?xml version="1.0"?> +<configuration> + <system.web> + <authorization> + <deny users="?"/> + </authorization> + </system.web> +</configuration> diff --git a/samples/OAuthResourceServer/OAuthResourceServer.csproj b/samples/OAuthResourceServer/OAuthResourceServer.csproj new file mode 100644 index 0000000..bdd407a --- /dev/null +++ b/samples/OAuthResourceServer/OAuthResourceServer.csproj @@ -0,0 +1,154 @@ +<?xml version="1.0" encoding="utf-8"?> +<Project ToolsVersion="4.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003"> + <Import Project="$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.props))\EnlistmentInfo.props" Condition=" '$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.props))' != '' " /> + <PropertyGroup> + <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration> + <Platform Condition=" '$(Platform)' == '' ">AnyCPU</Platform> + <ProductVersion> + </ProductVersion> + <SchemaVersion>2.0</SchemaVersion> + <ProjectGuid>{E135F455-0669-49F8-9207-07FCA8C8FC79}</ProjectGuid> + <ProjectTypeGuids>{349c5851-65df-11da-9384-00065b846f21};{fae04ec0-301f-11d3-bf4b-00c04f79efbc}</ProjectTypeGuids> + <OutputType>Library</OutputType> + <AppDesignerFolder>Properties</AppDesignerFolder> + <RootNamespace>OAuthResourceServer</RootNamespace> + <AssemblyName>OAuthResourceServer</AssemblyName> + <TargetFrameworkVersion>v3.5</TargetFrameworkVersion> + </PropertyGroup> + <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' "> + <DebugSymbols>true</DebugSymbols> + <DebugType>full</DebugType> + <Optimize>false</Optimize> + <OutputPath>bin\</OutputPath> + <DefineConstants>TRACE;DEBUG;SAMPLESONLY</DefineConstants> + <ErrorReport>prompt</ErrorReport> + <WarningLevel>4</WarningLevel> + </PropertyGroup> + <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Release|AnyCPU' "> + <DebugType>pdbonly</DebugType> + <Optimize>true</Optimize> + <OutputPath>bin\</OutputPath> + <DefineConstants>TRACE</DefineConstants> + <ErrorReport>prompt</ErrorReport> + <WarningLevel>4</WarningLevel> + </PropertyGroup> + <ItemGroup> + <Reference Include="log4net"> + <HintPath>..\..\lib\log4net.dll</HintPath> + </Reference> + <Reference Include="System" /> + <Reference Include="System.Data" /> + <Reference Include="System.Core" /> + <Reference Include="System.Data.DataSetExtensions" /> + <Reference Include="System.Data.Linq" /> + <Reference Include="System.IdentityModel" /> + <Reference Include="System.ServiceModel" /> + <Reference Include="System.Web.Extensions" /> + <Reference Include="System.Xml.Linq" /> + <Reference Include="System.Drawing" /> + <Reference Include="System.Web" /> + <Reference Include="System.Xml" /> + <Reference Include="System.Configuration" /> + <Reference Include="System.Web.Services" /> + <Reference Include="System.EnterpriseServices" /> + <Reference Include="System.Web.Mobile" /> + </ItemGroup> + <ItemGroup> + <Content Include="DataApi.svc" /> + <Content Include="Default.aspx" /> + <Content Include="favicon.ico" /> + <Content Include="Global.asax" /> + <Content Include="Login.aspx" /> + <Content Include="Members\Logoff.aspx" /> + <Content Include="TracePage.aspx" /> + <Content Include="Web.config" /> + </ItemGroup> + <ItemGroup> + <Compile Include="Default.aspx.designer.cs"> + <DependentUpon>Default.aspx</DependentUpon> + </Compile> + <Compile Include="Properties\AssemblyInfo.cs" /> + <Compile Include="DataApi.cs"> + <DependentUpon>DataApi.svc</DependentUpon> + </Compile> + <Compile Include="Code\Global.cs" /> + <Compile Include="Code\IDataApi.cs" /> + <Compile Include="Code\OAuthAuthorizationManager.cs" /> + <Compile Include="Code\OAuthPrincipalAuthorizationPolicy.cs" /> + <Compile Include="Code\TracePageAppender.cs" /> + <Compile Include="Code\Utilities.cs" /> + <Compile Include="Code\DataClasses.designer.cs"> + <AutoGen>True</AutoGen> + <DesignTime>True</DesignTime> + <DependentUpon>DataClasses.dbml</DependentUpon> + </Compile> + <Compile Include="Default.aspx.cs"> + <DependentUpon>Default.aspx</DependentUpon> + <SubType>ASPXCodeBehind</SubType> + </Compile> + <Compile Include="TracePage.aspx.cs"> + <DependentUpon>TracePage.aspx</DependentUpon> + <SubType>ASPXCodeBehind</SubType> + </Compile> + <Compile Include="TracePage.aspx.designer.cs"> + <DependentUpon>TracePage.aspx</DependentUpon> + </Compile> + </ItemGroup> + <ItemGroup> + <Folder Include="App_Data\" /> + </ItemGroup> + <ItemGroup> + <Content Include="MasterPage.master" /> + </ItemGroup> + <ItemGroup> + <None Include="Code\DataClasses.dbml"> + <Generator>MSLinqToSQLGenerator</Generator> + <LastGenOutput>DataClasses.designer.cs</LastGenOutput> + <SubType>Designer</SubType> + </None> + <Content Include="Members\Web.config" /> + </ItemGroup> + <ItemGroup> + <None Include="Code\DataClasses.dbml.layout"> + <DependentUpon>DataClasses.dbml</DependentUpon> + </None> + </ItemGroup> + <ItemGroup> + <Service Include="{3259AA49-8AA1-44D3-9025-A0B520596A8C}" /> + </ItemGroup> + <ItemGroup> + <ProjectReference Include="..\..\src\DotNetOpenAuth\DotNetOpenAuth.csproj"> + <Project>{3191B653-F76D-4C1A-9A5A-347BC3AAAAB7}</Project> + <Name>DotNetOpenAuth</Name> + </ProjectReference> + </ItemGroup> + <Import Project="$(MSBuildBinPath)\Microsoft.CSharp.targets" /> + <Import Project="$(MSBuildExtensionsPath32)\Microsoft\VisualStudio\v10.0\WebApplications\Microsoft.WebApplication.targets" /> + <ProjectExtensions> + <VisualStudio> + <FlavorProperties GUID="{349c5851-65df-11da-9384-00065b846f21}"> + <WebProjectProperties> + <UseIIS>False</UseIIS> + <AutoAssignPort>False</AutoAssignPort> + <DevelopmentServerPort>65169</DevelopmentServerPort> + <DevelopmentServerVPath>/</DevelopmentServerVPath> + <IISUrl> + </IISUrl> + <NTLMAuthentication>False</NTLMAuthentication> + <UseCustomServer>False</UseCustomServer> + <CustomServerUrl> + </CustomServerUrl> + <SaveServerSettingsInUserFile>False</SaveServerSettingsInUserFile> + </WebProjectProperties> + </FlavorProperties> + </VisualStudio> + </ProjectExtensions> + <!-- To modify your build process, add your task inside one of the targets below and uncomment it. + Other similar extension points exist, see Microsoft.Common.targets. + <Target Name="BeforeBuild"> + </Target> + <Target Name="AfterBuild"> + </Target> + --> + <Import Project="$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.targets))\EnlistmentInfo.targets" Condition=" '$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.targets))' != '' " /> +</Project>
\ No newline at end of file diff --git a/samples/OAuthResourceServer/Properties/AssemblyInfo.cs b/samples/OAuthResourceServer/Properties/AssemblyInfo.cs new file mode 100644 index 0000000..c553ba4 --- /dev/null +++ b/samples/OAuthResourceServer/Properties/AssemblyInfo.cs @@ -0,0 +1,35 @@ +using System.Reflection; +using System.Runtime.CompilerServices; +using System.Runtime.InteropServices; + +// General Information about an assembly is controlled through the following +// set of attributes. Change these attribute values to modify the information +// associated with an assembly. +[assembly: AssemblyTitle("OAuthResourceServer")] +[assembly: AssemblyDescription("")] +[assembly: AssemblyConfiguration("")] +[assembly: AssemblyCompany("")] +[assembly: AssemblyProduct("OAuthResourceServer")] +[assembly: AssemblyCopyright("Copyright © 2010")] +[assembly: AssemblyTrademark("")] +[assembly: AssemblyCulture("")] + +// Setting ComVisible to false makes the types in this assembly not visible +// to COM components. If you need to access a type in this assembly from +// COM, set the ComVisible attribute to true on that type. +[assembly: ComVisible(false)] + +// The following GUID is for the ID of the typelib if this project is exposed to COM +[assembly: Guid("B6206451-6557-4568-8D25-84AF93EC8B7B")] + +// Version information for an assembly consists of the following four values: +// +// Major Version +// Minor Version +// Build Number +// Revision +// +// You can specify all the values or you can default the Revision and Build Numbers +// by using the '*' as shown below: +[assembly: AssemblyVersion("1.0.0.0")] +[assembly: AssemblyFileVersion("1.0.0.0")] diff --git a/samples/OAuthResourceServer/Settings.StyleCop b/samples/OAuthResourceServer/Settings.StyleCop new file mode 100644 index 0000000..7f55ce6 --- /dev/null +++ b/samples/OAuthResourceServer/Settings.StyleCop @@ -0,0 +1 @@ +<StyleCopSettings Version="4.3" />
\ No newline at end of file diff --git a/samples/OAuthResourceServer/TracePage.aspx b/samples/OAuthResourceServer/TracePage.aspx new file mode 100644 index 0000000..c347830 --- /dev/null +++ b/samples/OAuthResourceServer/TracePage.aspx @@ -0,0 +1,18 @@ +<%@ Page Language="C#" AutoEventWireup="true" Inherits="OAuthResourceServer.TracePage" Codebehind="TracePage.aspx.cs" %> + +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> +<html xmlns="http://www.w3.org/1999/xhtml"> +<head runat="server"> + <title></title> +</head> +<body> + <form id="form1" runat="server"> + <p align="right"> + <asp:Button runat="server" Text="Clear log" ID="clearLogButton" OnClick="clearLogButton_Click" /> + </p> + <pre> + <asp:PlaceHolder runat="server" ID="placeHolder1" /> + </pre> + </form> +</body> +</html> diff --git a/samples/OAuthResourceServer/TracePage.aspx.cs b/samples/OAuthResourceServer/TracePage.aspx.cs new file mode 100644 index 0000000..4841c89 --- /dev/null +++ b/samples/OAuthResourceServer/TracePage.aspx.cs @@ -0,0 +1,24 @@ +namespace OAuthResourceServer { + using System; + using System.Collections.Generic; + using System.Web; + using System.Web.UI; + using System.Web.UI.WebControls; + using Code; + + /// <summary> + /// A page to display recent log messages. + /// </summary> + public partial class TracePage : System.Web.UI.Page { + protected void Page_Load(object sender, EventArgs e) { + this.placeHolder1.Controls.Add(new Label { Text = HttpUtility.HtmlEncode(Global.LogMessages.ToString()) }); + } + + protected void clearLogButton_Click(object sender, EventArgs e) { + Global.LogMessages.Length = 0; + + // clear the page immediately, and allow for F5 without a Postback warning. + Response.Redirect(Request.Url.AbsoluteUri); + } + } +}
\ No newline at end of file diff --git a/samples/OAuthResourceServer/TracePage.aspx.designer.cs b/samples/OAuthResourceServer/TracePage.aspx.designer.cs new file mode 100644 index 0000000..58dc5d1 --- /dev/null +++ b/samples/OAuthResourceServer/TracePage.aspx.designer.cs @@ -0,0 +1,42 @@ +//------------------------------------------------------------------------------ +// <auto-generated> +// This code was generated by a tool. +// +// Changes to this file may cause incorrect behavior and will be lost if +// the code is regenerated. +// </auto-generated> +//------------------------------------------------------------------------------ + +namespace OAuthResourceServer { + + + public partial class TracePage { + + /// <summary> + /// form1 control. + /// </summary> + /// <remarks> + /// Auto-generated field. + /// To modify move field declaration from designer file to code-behind file. + /// </remarks> + protected global::System.Web.UI.HtmlControls.HtmlForm form1; + + /// <summary> + /// clearLogButton control. + /// </summary> + /// <remarks> + /// Auto-generated field. + /// To modify move field declaration from designer file to code-behind file. + /// </remarks> + protected global::System.Web.UI.WebControls.Button clearLogButton; + + /// <summary> + /// placeHolder1 control. + /// </summary> + /// <remarks> + /// Auto-generated field. + /// To modify move field declaration from designer file to code-behind file. + /// </remarks> + protected global::System.Web.UI.WebControls.PlaceHolder placeHolder1; + } +} diff --git a/samples/OAuthResourceServer/Web.config b/samples/OAuthResourceServer/Web.config new file mode 100644 index 0000000..eb63c58 --- /dev/null +++ b/samples/OAuthResourceServer/Web.config @@ -0,0 +1,172 @@ +<?xml version="1.0"?> +<configuration> + <configSections> + <section name="uri" type="System.Configuration.UriSection, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"/> + <section name="log4net" type="log4net.Config.Log4NetConfigurationSectionHandler" requirePermission="false"/> + <section name="dotNetOpenAuth" type="DotNetOpenAuth.Configuration.DotNetOpenAuthSection" requirePermission="false" allowLocation="true"/> + <sectionGroup name="system.web.extensions" type="System.Web.Configuration.SystemWebExtensionsSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"> + <sectionGroup name="scripting" type="System.Web.Configuration.ScriptingSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"> + <section name="scriptResourceHandler" type="System.Web.Configuration.ScriptingScriptResourceHandlerSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication"/> + <sectionGroup name="webServices" type="System.Web.Configuration.ScriptingWebServicesSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"> + <section name="jsonSerialization" type="System.Web.Configuration.ScriptingJsonSerializationSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="Everywhere"/> + <section name="profileService" type="System.Web.Configuration.ScriptingProfileServiceSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication"/> + <section name="authenticationService" type="System.Web.Configuration.ScriptingAuthenticationServiceSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication"/> + <section name="roleService" type="System.Web.Configuration.ScriptingRoleServiceSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication"/> + </sectionGroup> + </sectionGroup> + </sectionGroup> + </configSections> + + <!-- The uri section is necessary to turn on .NET 3.5 support for IDN (international domain names), + which is necessary for OpenID urls with unicode characters in the domain/host name. + It is also required to put the Uri class into RFC 3986 escaping mode, which OpenID and OAuth require. --> + <uri> + <idn enabled="All"/> + <iriParsing enabled="true"/> + </uri> + + <system.net> + <defaultProxy enabled="true" /> + <settings> + <!-- This setting causes .NET to check certificate revocation lists (CRL) + before trusting HTTPS certificates. But this setting tends to not + be allowed in shared hosting environments. --> + <!--<servicePointManager checkCertificateRevocationList="true"/>--> + </settings> + </system.net> + + <!-- this is an optional configuration section where aspects of dotnetopenauth can be customized --> + <dotNetOpenAuth> + <!-- Allow DotNetOpenAuth to publish usage statistics to library authors to improve the library. --> + <reporting enabled="true" /> + + <!-- Relaxing SSL requirements is useful for simple samples, but NOT a good idea in production. --> + <messaging relaxSslRequirements="true" /> + </dotNetOpenAuth> + + <appSettings/> + <connectionStrings> + <add name="DatabaseConnectionString" connectionString="Data Source=.\SQLEXPRESS;AttachDbFilename=|DataDirectory|\Database.mdf;Integrated Security=True;User Instance=True" + providerName="System.Data.SqlClient" /> + </connectionStrings> + + <system.web> + <!-- + Set compilation debug="true" to insert debugging + symbols into the compiled page. Because this + affects performance, set this value to true only + during development. + --> + <compilation debug="true"> + <assemblies> + <add assembly="System.Core, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/> + <add assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> + <add assembly="System.Data.DataSetExtensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/> + <add assembly="System.Xml.Linq, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/> + <add assembly="System.Data.Linq, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/> + <remove assembly="DotNetOpenAuth.Contracts"/> + </assemblies> + </compilation> + <authentication mode="Forms"> + <forms name="oauthSP" /> + </authentication> + <pages> + <controls> + <add tagPrefix="asp" namespace="System.Web.UI" assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> + <add tagPrefix="asp" namespace="System.Web.UI.WebControls" assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> + </controls> + </pages> + <httpHandlers> + <remove verb="*" path="*.asmx"/> + <add verb="*" path="*.asmx" validate="false" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> + <add verb="*" path="*_AppService.axd" validate="false" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> + <add verb="GET,HEAD" path="ScriptResource.axd" type="System.Web.Handlers.ScriptResourceHandler, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" validate="false"/> + </httpHandlers> + <httpModules> + <add name="ScriptModule" type="System.Web.Handlers.ScriptModule, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> + </httpModules> + </system.web> + <system.codedom> + <compilers> + <compiler language="c#;cs;csharp" extension=".cs" warningLevel="4" type="Microsoft.CSharp.CSharpCodeProvider, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"> + <providerOption name="CompilerVersion" value="v3.5"/> + <providerOption name="WarnAsError" value="false"/> + </compiler> + <compiler language="vb;vbs;visualbasic;vbscript" extension=".vb" warningLevel="4" type="Microsoft.VisualBasic.VBCodeProvider, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"> + <providerOption name="CompilerVersion" value="v3.5"/> + <providerOption name="OptionInfer" value="true"/> + <providerOption name="WarnAsError" value="false"/> + </compiler> + </compilers> + </system.codedom> + <!-- + The system.webServer section is required for running ASP.NET AJAX under Internet + Information Services 7.0. It is not necessary for previous version of IIS. + --> + <system.webServer> + <validation validateIntegratedModeConfiguration="false"/> + <modules> + <remove name="ScriptModule"/> + <add name="ScriptModule" preCondition="managedHandler" type="System.Web.Handlers.ScriptModule, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> + </modules> + <handlers> + <remove name="WebServiceHandlerFactory-Integrated"/> + <remove name="ScriptHandlerFactory"/> + <remove name="ScriptHandlerFactoryAppServices"/> + <remove name="ScriptResource"/> + <add name="ScriptHandlerFactory" verb="*" path="*.asmx" preCondition="integratedMode" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> + <add name="ScriptHandlerFactoryAppServices" verb="*" path="*_AppService.axd" preCondition="integratedMode" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> + <add name="ScriptResource" preCondition="integratedMode" verb="GET,HEAD" path="ScriptResource.axd" type="System.Web.Handlers.ScriptResourceHandler, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> + </handlers> + </system.webServer> + <runtime> + <assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1"> + <dependentAssembly> + <assemblyIdentity name="System.Web.Extensions" publicKeyToken="31bf3856ad364e35"/> + <bindingRedirect oldVersion="1.0.0.0-1.1.0.0" newVersion="3.5.0.0"/> + </dependentAssembly> + <dependentAssembly> + <assemblyIdentity name="System.Web.Extensions.Design" publicKeyToken="31bf3856ad364e35"/> + <bindingRedirect oldVersion="1.0.0.0-1.1.0.0" newVersion="3.5.0.0"/> + </dependentAssembly> + </assemblyBinding> + </runtime> + <log4net> + <appender name="TracePageAppender" type="OAuthResourceServer.Code.TracePageAppender, OAuthResourceServer"> + <layout type="log4net.Layout.PatternLayout"> + <conversionPattern value="%date (GMT%date{%z}) [%thread] %-5level %logger - %message%newline"/> + </layout> + </appender> + <!-- Setup the root category, add the appenders and set the default level --> + <root> + <level value="INFO"/> + <!--<appender-ref ref="RollingFileAppender" />--> + <appender-ref ref="TracePageAppender"/> + </root> + <!-- Specify the level for some specific categories --> + <logger name="DotNetOpenAuth"> + <level value="ALL"/> + </logger> + </log4net> + <system.serviceModel> + <behaviors> + <serviceBehaviors> + <behavior name="DataApiBehavior"> + <serviceMetadata httpGetEnabled="true"/> + <serviceDebug includeExceptionDetailInFaults="true"/> + <serviceAuthorization serviceAuthorizationManagerType="OAuthResourceServer.Code.OAuthAuthorizationManager, OAuthResourceServer" principalPermissionMode="Custom"/> + </behavior> + </serviceBehaviors> + </behaviors> + <services> + <service behaviorConfiguration="DataApiBehavior" name="OAuthResourceServer.DataApi"> + <endpoint address="" binding="wsHttpBinding" contract="OAuthResourceServer.Code.IDataApi"> + <identity> + <dns value="localhost"/> + </identity> + </endpoint> + <endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange"/> + </service> + </services> + </system.serviceModel> +</configuration> diff --git a/samples/OAuthResourceServer/favicon.ico b/samples/OAuthResourceServer/favicon.ico Binary files differnew file mode 100644 index 0000000..e227dbe --- /dev/null +++ b/samples/OAuthResourceServer/favicon.ico |