summaryrefslogtreecommitdiffstats
path: root/samples/OAuthServiceProvider/Code
diff options
context:
space:
mode:
Diffstat (limited to 'samples/OAuthServiceProvider/Code')
-rw-r--r--samples/OAuthServiceProvider/Code/OAuth2AuthorizationServer.cs20
1 files changed, 15 insertions, 5 deletions
diff --git a/samples/OAuthServiceProvider/Code/OAuth2AuthorizationServer.cs b/samples/OAuthServiceProvider/Code/OAuth2AuthorizationServer.cs
index 15d791e..70474f2 100644
--- a/samples/OAuthServiceProvider/Code/OAuth2AuthorizationServer.cs
+++ b/samples/OAuthServiceProvider/Code/OAuth2AuthorizationServer.cs
@@ -1,16 +1,26 @@
-using DotNetOpenAuth.Messaging.Bindings;
-using DotNetOpenAuth.OAuth.ChannelElements;
-
-namespace OAuthServiceProvider.Code {
+namespace OAuthServiceProvider.Code {
using System;
using System.Collections.Generic;
using System.Linq;
+ using System.Security.Cryptography;
using System.Web;
+ using DotNetOpenAuth.Messaging;
+ using DotNetOpenAuth.Messaging.Bindings;
+ using DotNetOpenAuth.OAuth.ChannelElements;
using DotNetOpenAuth.OAuthWrap;
internal class OAuth2AuthorizationServer : IAuthorizationServer {
- private static readonly byte[] secret = new byte[] { 0x33, 0x55 }; // TODO: make this cryptographically strong and unique per app.
+ private static readonly byte[] secret;
+
private readonly INonceStore nonceStore = new DatabaseNonceStore();
+
+ static OAuth2AuthorizationServer()
+ {
+ RandomNumberGenerator crypto = new RNGCryptoServiceProvider();
+ secret = new byte[16];
+ crypto.GetBytes(secret);
+ }
+
#region Implementation of IAuthorizationServer
public byte[] Secret {
generated by cgit v1.1 at 2025-05-17 02:12:19 +0000