summaryrefslogtreecommitdiffstats
path: root/samples/OAuthServiceProvider/Members
diff options
context:
space:
mode:
Diffstat (limited to 'samples/OAuthServiceProvider/Members')
-rw-r--r--samples/OAuthServiceProvider/Members/Authorize.aspx (renamed from samples/OAuthServiceProvider/Members/Authorize2.aspx)2
-rw-r--r--samples/OAuthServiceProvider/Members/Authorize.aspx.cs76
-rw-r--r--samples/OAuthServiceProvider/Members/Authorize.aspx.designer.cs (renamed from samples/OAuthServiceProvider/Members/Authorize2.aspx.designer.cs)0
-rw-r--r--samples/OAuthServiceProvider/Members/Authorize2.aspx.cs55
4 files changed, 77 insertions, 56 deletions
diff --git a/samples/OAuthServiceProvider/Members/Authorize2.aspx b/samples/OAuthServiceProvider/Members/Authorize.aspx
index eb8322f..71c538a 100644
--- a/samples/OAuthServiceProvider/Members/Authorize2.aspx
+++ b/samples/OAuthServiceProvider/Members/Authorize.aspx
@@ -1,5 +1,5 @@
<%@ Page Title="Authorize Access" Language="C#" MasterPageFile="~/MasterPage.master" AutoEventWireup="true"
- CodeBehind="Authorize2.aspx.cs" Inherits="OAuthServiceProvider.Members.Authorize2" %>
+ CodeBehind="Authorize.aspx.cs" Inherits="OAuthServiceProvider.Members.Authorize2" %>
<asp:Content ID="Content2" ContentPlaceHolderID="Body" runat="server">
<asp:MultiView runat="server" ActiveViewIndex="0" ID="multiView">
diff --git a/samples/OAuthServiceProvider/Members/Authorize.aspx.cs b/samples/OAuthServiceProvider/Members/Authorize.aspx.cs
new file mode 100644
index 0000000..1a4c78e
--- /dev/null
+++ b/samples/OAuthServiceProvider/Members/Authorize.aspx.cs
@@ -0,0 +1,76 @@
+namespace OAuthServiceProvider.Members {
+ using System;
+ using System.Collections.Generic;
+ using System.Linq;
+ using System.Net;
+ using System.Security.Cryptography;
+ using System.Web;
+ using System.Web.UI;
+ using System.Web.UI.WebControls;
+ using Code;
+
+ using DotNetOpenAuth.Messaging;
+ using DotNetOpenAuth.OAuth2;
+ using DotNetOpenAuth.OAuth2.Messages;
+
+ public partial class Authorize2 : System.Web.UI.Page {
+ private static readonly RandomNumberGenerator CryptoRandomDataGenerator = new RNGCryptoServiceProvider();
+
+ private string AuthorizationSecret {
+ get { return Session["OAuthAuthorizationSecret"] as string; }
+ set { Session["OAuthAuthorizationSecret"] = value; }
+ }
+
+ private EndUserAuthorizationRequest pendingRequest;
+
+ private Client client;
+
+ protected void Page_Load(object sender, EventArgs e) {
+ var getRequest = new HttpRequestInfo("GET", this.Request.Url, this.Request.RawUrl, new WebHeaderCollection(), null);
+ pendingRequest = Global.AuthorizationServer.ReadAuthorizationRequest(getRequest);
+ if (pendingRequest == null) {
+ throw new HttpException((int)HttpStatusCode.BadRequest, "Missing authorization request.");
+ }
+
+ client = Global.DataContext.Clients.First(c => c.ClientIdentifier == pendingRequest.ClientIdentifier);
+
+ var authServer = new OAuth2AuthorizationServer();
+ if (authServer.CanBeAutoApproved(pendingRequest)) {
+ Global.AuthorizationServer.ApproveAuthorizationRequest(pendingRequest, User.Identity.Name);
+ }
+
+ if (!IsPostBack) {
+ this.desiredAccessLabel.Text = OAuthUtilities.JoinScopes(pendingRequest.Scope);
+ this.consumerLabel.Text = client.Name;
+
+ // Generate an unpredictable secret that goes to the user agent and must come back
+ // with authorization to guarantee the user interacted with this page rather than
+ // being scripted by an evil Consumer.
+ var randomData = new byte[8];
+ CryptoRandomDataGenerator.GetBytes(randomData);
+ this.AuthorizationSecret = Convert.ToBase64String(randomData);
+ this.OAuthAuthorizationSecToken.Value = this.AuthorizationSecret;
+ }
+ }
+
+ protected void allowAccessButton_Click(object sender, EventArgs e) {
+ if (this.AuthorizationSecret != this.OAuthAuthorizationSecToken.Value) {
+ throw new ArgumentException(); // probably someone trying to hack in.
+ }
+ this.AuthorizationSecret = null; // clear one time use secret
+ this.multiView.SetActiveView(this.AuthGranted);
+
+ client.ClientAuthorizations.Add(
+ new ClientAuthorization {
+ Scope = OAuthUtilities.JoinScopes(pendingRequest.Scope),
+ User = Global.LoggedInUser,
+ CreatedOnUtc = DateTime.UtcNow,
+ });
+ Global.AuthorizationServer.ApproveAuthorizationRequest(pendingRequest, User.Identity.Name);
+ }
+
+ protected void denyAccessButton_Click(object sender, EventArgs e) {
+ Global.AuthorizationServer.RejectAuthorizationRequest(pendingRequest);
+ }
+ }
+} \ No newline at end of file
diff --git a/samples/OAuthServiceProvider/Members/Authorize2.aspx.designer.cs b/samples/OAuthServiceProvider/Members/Authorize.aspx.designer.cs
index db39669..db39669 100644
--- a/samples/OAuthServiceProvider/Members/Authorize2.aspx.designer.cs
+++ b/samples/OAuthServiceProvider/Members/Authorize.aspx.designer.cs
diff --git a/samples/OAuthServiceProvider/Members/Authorize2.aspx.cs b/samples/OAuthServiceProvider/Members/Authorize2.aspx.cs
deleted file mode 100644
index 88c3049..0000000
--- a/samples/OAuthServiceProvider/Members/Authorize2.aspx.cs
+++ /dev/null
@@ -1,55 +0,0 @@
-namespace OAuthServiceProvider.Members {
- using System;
- using System.Collections.Generic;
- using System.Linq;
- using System.Security.Cryptography;
- using System.Web;
- using System.Web.UI;
- using System.Web.UI.WebControls;
- using Code;
-
- using DotNetOpenAuth.OAuth2;
-
- public partial class Authorize2 : System.Web.UI.Page {
- private static readonly RandomNumberGenerator CryptoRandomDataGenerator = new RNGCryptoServiceProvider();
-
- private string AuthorizationSecret {
- get { return Session["OAuthAuthorizationSecret"] as string; }
- set { Session["OAuthAuthorizationSecret"] = value; }
- }
-
- protected void Page_Load(object sender, EventArgs e) {
- if (!IsPostBack) {
- if (Global.PendingOAuth2Authorization == null) {
- Response.Redirect("~/Members/AuthorizedConsumers.aspx");
- } else {
- var pendingRequest = Global.PendingOAuth2Authorization;
- this.desiredAccessLabel.Text = OAuthUtilities.JoinScopes(pendingRequest.Scope);
- this.consumerLabel.Text = pendingRequest.ClientIdentifier;
-
- // Generate an unpredictable secret that goes to the user agent and must come back
- // with authorization to guarantee the user interacted with this page rather than
- // being scripted by an evil Consumer.
- var randomData = new byte[8];
- CryptoRandomDataGenerator.GetBytes(randomData);
- this.AuthorizationSecret = Convert.ToBase64String(randomData);
- this.OAuthAuthorizationSecToken.Value = this.AuthorizationSecret;
- }
- }
- }
-
- protected void allowAccessButton_Click(object sender, EventArgs e) {
- if (this.AuthorizationSecret != this.OAuthAuthorizationSecToken.Value) {
- throw new ArgumentException(); // probably someone trying to hack in.
- }
- this.AuthorizationSecret = null; // clear one time use secret
- this.multiView.SetActiveView(this.AuthGranted);
-
- Global.AuthorizationServer.ApproveAuthorizationRequest(Global.PendingOAuth2Authorization, User.Identity.Name);
- }
-
- protected void denyAccessButton_Click(object sender, EventArgs e) {
- Global.AuthorizationServer.RejectAuthorizationRequest(Global.PendingOAuth2Authorization);
- }
- }
-} \ No newline at end of file
generated by cgit v1.1 at 2025-06-01 15:25:25 +0000