summaryrefslogtreecommitdiffstats
path: root/samples/ServiceProvider/App_Code/OAuthAuthorizationManager.cs
diff options
context:
space:
mode:
Diffstat (limited to 'samples/ServiceProvider/App_Code/OAuthAuthorizationManager.cs')
-rw-r--r--samples/ServiceProvider/App_Code/OAuthAuthorizationManager.cs1
1 files changed, 1 insertions, 0 deletions
diff --git a/samples/ServiceProvider/App_Code/OAuthAuthorizationManager.cs b/samples/ServiceProvider/App_Code/OAuthAuthorizationManager.cs
index 4c461e8..02118f8 100644
--- a/samples/ServiceProvider/App_Code/OAuthAuthorizationManager.cs
+++ b/samples/ServiceProvider/App_Code/OAuthAuthorizationManager.cs
@@ -22,6 +22,7 @@ public class OAuthAuthorizationManager : ServiceAuthorizationManager {
var auth = sp.GetProtectedResourceAuthorization(httpDetails, requestUri);
if (auth != null) {
var accessToken = Global.DataContext.OAuthTokens.Single(token => token.Token == auth.AccessToken);
+
// Only allow this method call if the access token scope permits it.
string[] scopes = accessToken.Scope.Split('|');
if (scopes.Contains(operationContext.IncomingMessageHeaders.Action)) {