summaryrefslogtreecommitdiffstats
path: root/samples/OAuthServiceProvider/App_Code
diff options
context:
space:
mode:
Diffstat (limited to 'samples/OAuthServiceProvider/App_Code')
-rw-r--r--samples/OAuthServiceProvider/App_Code/DatabaseTokenManager.cs4
-rw-r--r--samples/OAuthServiceProvider/App_Code/Global.cs10
-rw-r--r--samples/OAuthServiceProvider/App_Code/OAuthAuthorizationManager.cs52
3 files changed, 41 insertions, 25 deletions
diff --git a/samples/OAuthServiceProvider/App_Code/DatabaseTokenManager.cs b/samples/OAuthServiceProvider/App_Code/DatabaseTokenManager.cs
index 710508d..8c93d2f 100644
--- a/samples/OAuthServiceProvider/App_Code/DatabaseTokenManager.cs
+++ b/samples/OAuthServiceProvider/App_Code/DatabaseTokenManager.cs
@@ -40,6 +40,10 @@ public class DatabaseTokenManager : IServiceProviderTokenManager {
}
}
+ public void UpdateToken(IServiceProviderRequestToken token) {
+ // Nothing to do here, since we're using Linq To SQL.
+ }
+
#endregion
#region ITokenManager Members
diff --git a/samples/OAuthServiceProvider/App_Code/Global.cs b/samples/OAuthServiceProvider/App_Code/Global.cs
index b343dcd..10b3cba 100644
--- a/samples/OAuthServiceProvider/App_Code/Global.cs
+++ b/samples/OAuthServiceProvider/App_Code/Global.cs
@@ -92,7 +92,15 @@ public class Global : HttpApplication {
private void Application_Start(object sender, EventArgs e) {
log4net.Config.XmlConfigurator.Configure();
Logger.Info("Sample starting...");
- Constants.WebRootUrl = new Uri(HttpContext.Current.Request.Url, "/");
+ string appPath = HttpContext.Current.Request.ApplicationPath;
+ if (!appPath.EndsWith("/")) {
+ appPath += "/";
+ }
+
+ // This will break in IIS Integrated Pipeline mode, since applications
+ // start before the first incoming request context is available.
+ // TODO: fix this.
+ Constants.WebRootUrl = new Uri(HttpContext.Current.Request.Url, appPath);
var tokenManager = new DatabaseTokenManager();
Global.TokenManager = tokenManager;
}
diff --git a/samples/OAuthServiceProvider/App_Code/OAuthAuthorizationManager.cs b/samples/OAuthServiceProvider/App_Code/OAuthAuthorizationManager.cs
index 8589932..ee90364 100644
--- a/samples/OAuthServiceProvider/App_Code/OAuthAuthorizationManager.cs
+++ b/samples/OAuthServiceProvider/App_Code/OAuthAuthorizationManager.cs
@@ -24,34 +24,38 @@ public class OAuthAuthorizationManager : ServiceAuthorizationManager {
HttpRequestMessageProperty httpDetails = operationContext.RequestContext.RequestMessage.Properties[HttpRequestMessageProperty.Name] as HttpRequestMessageProperty;
Uri requestUri = operationContext.RequestContext.RequestMessage.Properties["OriginalHttpRequestUri"] as Uri;
ServiceProvider sp = Constants.CreateServiceProvider();
- var auth = sp.ReadProtectedResourceAuthorization(httpDetails, requestUri);
- if (auth != null) {
- var accessToken = Global.DataContext.OAuthTokens.Single(token => token.Token == auth.AccessToken);
-
- var principal = sp.CreatePrincipal(auth);
- var policy = new OAuthPrincipalAuthorizationPolicy(principal);
- var policies = new List<IAuthorizationPolicy> {
- policy,
- };
-
- var securityContext = new ServiceSecurityContext(policies.AsReadOnly());
- if (operationContext.IncomingMessageProperties.Security != null) {
- operationContext.IncomingMessageProperties.Security.ServiceSecurityContext = securityContext;
- } else {
- operationContext.IncomingMessageProperties.Security = new SecurityMessageProperty {
- ServiceSecurityContext = securityContext,
+ try {
+ var auth = sp.ReadProtectedResourceAuthorization(httpDetails, requestUri);
+ if (auth != null) {
+ var accessToken = Global.DataContext.OAuthTokens.Single(token => token.Token == auth.AccessToken);
+
+ var principal = sp.CreatePrincipal(auth);
+ var policy = new OAuthPrincipalAuthorizationPolicy(principal);
+ var policies = new List<IAuthorizationPolicy> {
+ policy,
};
- }
- securityContext.AuthorizationContext.Properties["Identities"] = new List<IIdentity> {
- principal.Identity,
- };
+ var securityContext = new ServiceSecurityContext(policies.AsReadOnly());
+ if (operationContext.IncomingMessageProperties.Security != null) {
+ operationContext.IncomingMessageProperties.Security.ServiceSecurityContext = securityContext;
+ } else {
+ operationContext.IncomingMessageProperties.Security = new SecurityMessageProperty {
+ ServiceSecurityContext = securityContext,
+ };
+ }
+
+ securityContext.AuthorizationContext.Properties["Identities"] = new List<IIdentity> {
+ principal.Identity,
+ };
- // Only allow this method call if the access token scope permits it.
- string[] scopes = accessToken.Scope.Split('|');
- if (scopes.Contains(operationContext.IncomingMessageHeaders.Action)) {
- return true;
+ // Only allow this method call if the access token scope permits it.
+ string[] scopes = accessToken.Scope.Split('|');
+ if (scopes.Contains(operationContext.IncomingMessageHeaders.Action)) {
+ return true;
+ }
}
+ } catch (ProtocolException ex) {
+ Global.Logger.Error("Error processing OAuth messages.", ex);
}
return false;
generated by cgit v1.1 at 2025-05-20 09:59:05 +0000