diff options
Diffstat (limited to 'samples/OAuthServiceProvider/Members/Authorize2.aspx.cs')
-rw-r--r-- | samples/OAuthServiceProvider/Members/Authorize2.aspx.cs | 55 |
1 files changed, 0 insertions, 55 deletions
diff --git a/samples/OAuthServiceProvider/Members/Authorize2.aspx.cs b/samples/OAuthServiceProvider/Members/Authorize2.aspx.cs deleted file mode 100644 index 88c3049..0000000 --- a/samples/OAuthServiceProvider/Members/Authorize2.aspx.cs +++ /dev/null @@ -1,55 +0,0 @@ -namespace OAuthServiceProvider.Members { - using System; - using System.Collections.Generic; - using System.Linq; - using System.Security.Cryptography; - using System.Web; - using System.Web.UI; - using System.Web.UI.WebControls; - using Code; - - using DotNetOpenAuth.OAuth2; - - public partial class Authorize2 : System.Web.UI.Page { - private static readonly RandomNumberGenerator CryptoRandomDataGenerator = new RNGCryptoServiceProvider(); - - private string AuthorizationSecret { - get { return Session["OAuthAuthorizationSecret"] as string; } - set { Session["OAuthAuthorizationSecret"] = value; } - } - - protected void Page_Load(object sender, EventArgs e) { - if (!IsPostBack) { - if (Global.PendingOAuth2Authorization == null) { - Response.Redirect("~/Members/AuthorizedConsumers.aspx"); - } else { - var pendingRequest = Global.PendingOAuth2Authorization; - this.desiredAccessLabel.Text = OAuthUtilities.JoinScopes(pendingRequest.Scope); - this.consumerLabel.Text = pendingRequest.ClientIdentifier; - - // Generate an unpredictable secret that goes to the user agent and must come back - // with authorization to guarantee the user interacted with this page rather than - // being scripted by an evil Consumer. - var randomData = new byte[8]; - CryptoRandomDataGenerator.GetBytes(randomData); - this.AuthorizationSecret = Convert.ToBase64String(randomData); - this.OAuthAuthorizationSecToken.Value = this.AuthorizationSecret; - } - } - } - - protected void allowAccessButton_Click(object sender, EventArgs e) { - if (this.AuthorizationSecret != this.OAuthAuthorizationSecToken.Value) { - throw new ArgumentException(); // probably someone trying to hack in. - } - this.AuthorizationSecret = null; // clear one time use secret - this.multiView.SetActiveView(this.AuthGranted); - - Global.AuthorizationServer.ApproveAuthorizationRequest(Global.PendingOAuth2Authorization, User.Identity.Name); - } - - protected void denyAccessButton_Click(object sender, EventArgs e) { - Global.AuthorizationServer.RejectAuthorizationRequest(Global.PendingOAuth2Authorization); - } - } -}
\ No newline at end of file |