diff options
Diffstat (limited to 'samples/ServiceProvider/App_Code')
7 files changed, 46 insertions, 6 deletions
diff --git a/samples/ServiceProvider/App_Code/DataApi.cs b/samples/ServiceProvider/App_Code/DataApi.cs index 43f402a..5c187c3 100644 --- a/samples/ServiceProvider/App_Code/DataApi.cs +++ b/samples/ServiceProvider/App_Code/DataApi.cs @@ -1,6 +1,7 @@ using System.Linq;
using System.Globalization;
using System.ServiceModel;
+using System.Text;
public class DataApi : IDataApi {
public int? GetAge() {
@@ -11,6 +12,10 @@ public class DataApi : IDataApi { return AccessToken.User.FullName;
}
+ public string[] GetFavoriteSites() {
+ return AccessToken.User.FavoriteSites.Select(site => site.SiteUrl).ToArray();
+ }
+
private static OAuthToken AccessToken {
get { return OperationContext.Current.IncomingMessageProperties["OAuthAccessToken"] as OAuthToken; }
}
diff --git a/samples/ServiceProvider/App_Code/DataClasses.dbml b/samples/ServiceProvider/App_Code/DataClasses.dbml index 8fac02c..328d461 100644 --- a/samples/ServiceProvider/App_Code/DataClasses.dbml +++ b/samples/ServiceProvider/App_Code/DataClasses.dbml @@ -37,6 +37,7 @@ <Column Name="IssueDate" Type="System.DateTime" DbType="DateTime NOT NULL" CanBeNull="false" />
<Column Name="ConsumerId" Type="System.Int32" DbType="Int NOT NULL" CanBeNull="false" />
<Column Name="UserId" Type="System.Int32" DbType="Int" CanBeNull="true" />
+ <Column Name="Scope" Type="System.String" DbType="nvarchar(MAX)" CanBeNull="false" />
<Association Name="OAuthConsumer_OAuthToken" Member="OAuthConsumer" ThisKey="ConsumerId" OtherKey="ConsumerId" Type="OAuthConsumer" IsForeignKey="true" DeleteRule="CASCADE" DeleteOnNull="true" />
<Association Name="User_OAuthToken" Member="User" ThisKey="UserId" OtherKey="UserId" Type="User" IsForeignKey="true" DeleteRule="CASCADE" />
</Type>
diff --git a/samples/ServiceProvider/App_Code/DataClasses.dbml.layout b/samples/ServiceProvider/App_Code/DataClasses.dbml.layout index 50eafa2..71f46f3 100644 --- a/samples/ServiceProvider/App_Code/DataClasses.dbml.layout +++ b/samples/ServiceProvider/App_Code/DataClasses.dbml.layout @@ -20,10 +20,10 @@ <elementListCompartment Id="464308c4-d112-4448-b0c9-d9b82fb0ca4e" absoluteBounds="0.64, 3.71, 1.9700000000000002, 0.8262939453125" name="DataPropertiesCompartment" titleTextColor="Black" itemTextColor="Black" />
</nestedChildShapes>
</classShape>
- <classShape Id="895ebbc8-8352-4c04-9e53-b8e6c8302d36" absoluteBounds="3.5, 3.125, 2, 2.1554996744791666">
+ <classShape Id="895ebbc8-8352-4c04-9e53-b8e6c8302d36" absoluteBounds="3.5, 3.125, 2, 2.3478011067708326">
<DataClassMoniker Name="/DataClassesDataContext/OAuthToken" />
<nestedChildShapes>
- <elementListCompartment Id="403126d0-3d2a-4af4-b0b8-c489a830bbd4" absoluteBounds="3.515, 3.585, 1.9700000000000002, 1.5954996744791665" name="DataPropertiesCompartment" titleTextColor="Black" itemTextColor="Black" />
+ <elementListCompartment Id="403126d0-3d2a-4af4-b0b8-c489a830bbd4" absoluteBounds="3.515, 3.585, 1.9700000000000002, 1.7878011067708333" name="DataPropertiesCompartment" titleTextColor="Black" itemTextColor="Black" />
</nestedChildShapes>
</classShape>
<associationConnector edgePoints="[(2.625 : 1.31814697265625); (3.5 : 1.31814697265625)]" fixedFrom="NotFixed" fixedTo="NotFixed">
@@ -33,14 +33,14 @@ <classShapeMoniker Id="8a79b099-7f87-4766-907a-db2c3e1b5716" />
</nodes>
</associationConnector>
- <associationConnector edgePoints="[(2.625 : 3.94314697265625); (3.5 : 3.94314697265625)]" fixedFrom="NotFixed" fixedTo="NotFixed">
+ <associationConnector edgePoints="[(2.625 : 3.94314697265625); (3.5 : 3.94314697265625)]" fixedFrom="Algorithm" fixedTo="Algorithm">
<AssociationMoniker Name="/DataClassesDataContext/OAuthConsumer/OAuthConsumer_OAuthToken" />
<nodes>
<classShapeMoniker Id="f909becb-85b1-4fe6-bb16-3feb3e4fe3ee" />
<classShapeMoniker Id="895ebbc8-8352-4c04-9e53-b8e6c8302d36" />
</nodes>
</associationConnector>
- <associationConnector edgePoints="[(0.53125 : 2.27089680989583); (0.53125 : 4.98964680989583); (3.5 : 4.98964680989583)]" fixedFrom="NotFixed" fixedTo="NotFixed">
+ <associationConnector edgePoints="[(0.53125 : 2.27089680989583); (0.53125 : 5.08579752604167); (3.5 : 5.08579752604167)]" fixedFrom="Algorithm" fixedTo="Algorithm">
<AssociationMoniker Name="/DataClassesDataContext/User/User_OAuthToken" />
<nodes>
<classShapeMoniker Id="696d2c69-040e-411d-9257-bb664b743834" />
diff --git a/samples/ServiceProvider/App_Code/DataClasses.designer.cs b/samples/ServiceProvider/App_Code/DataClasses.designer.cs index b465471..612cd75 100644 --- a/samples/ServiceProvider/App_Code/DataClasses.designer.cs +++ b/samples/ServiceProvider/App_Code/DataClasses.designer.cs @@ -629,6 +629,8 @@ public partial class OAuthToken : INotifyPropertyChanging, INotifyPropertyChange private System.Nullable<int> _UserId;
+ private string _Scope;
+
private EntityRef<OAuthConsumer> _OAuthConsumer;
private EntityRef<User> _User;
@@ -651,6 +653,8 @@ public partial class OAuthToken : INotifyPropertyChanging, INotifyPropertyChange partial void OnConsumerIdChanged();
partial void OnUserIdChanging(System.Nullable<int> value);
partial void OnUserIdChanged();
+ partial void OnScopeChanging(string value);
+ partial void OnScopeChanged();
#endregion
public OAuthToken()
@@ -808,6 +812,26 @@ public partial class OAuthToken : INotifyPropertyChanging, INotifyPropertyChange }
}
+ [Column(Storage="_Scope", DbType="nvarchar(MAX)", CanBeNull=false)]
+ public string Scope
+ {
+ get
+ {
+ return this._Scope;
+ }
+ set
+ {
+ if ((this._Scope != value))
+ {
+ this.OnScopeChanging(value);
+ this.SendPropertyChanging();
+ this._Scope = value;
+ this.SendPropertyChanged("Scope");
+ this.OnScopeChanged();
+ }
+ }
+ }
+
[Association(Name="OAuthConsumer_OAuthToken", Storage="_OAuthConsumer", ThisKey="ConsumerId", OtherKey="ConsumerId", IsForeignKey=true, DeleteOnNull=true, DeleteRule="CASCADE")]
public OAuthConsumer OAuthConsumer
{
diff --git a/samples/ServiceProvider/App_Code/DatabaseTokenManager.cs b/samples/ServiceProvider/App_Code/DatabaseTokenManager.cs index 468687d..ef9ee3f 100644 --- a/samples/ServiceProvider/App_Code/DatabaseTokenManager.cs +++ b/samples/ServiceProvider/App_Code/DatabaseTokenManager.cs @@ -10,6 +10,7 @@ using System.Data.Linq; using System.Collections.Generic;
using System.Diagnostics;
using DotNetOAuth.ChannelElements;
+using DotNetOAuth.Messaging;
public class DatabaseTokenManager : ITokenManager {
#region ITokenManager Members
@@ -36,11 +37,13 @@ public class DatabaseTokenManager : ITokenManager { public void StoreNewRequestToken(string consumerKey, string requestToken, string requestTokenSecret, IDictionary<string, string> parameters) {
var consumer = Global.DataContext.OAuthConsumers.Single(consumerRow => consumerRow.ConsumerKey == consumerKey);
+ string scope = parameters["scope"];
OAuthToken newToken = new OAuthToken {
OAuthConsumer = consumer,
Token = requestToken,
TokenSecret = requestTokenSecret,
IssueDate = DateTime.UtcNow,
+ Scope = scope,
};
Global.DataContext.OAuthTokens.InsertOnSubmit(newToken);
diff --git a/samples/ServiceProvider/App_Code/IDataApi.cs b/samples/ServiceProvider/App_Code/IDataApi.cs index 22acde0..ce9dafe 100644 --- a/samples/ServiceProvider/App_Code/IDataApi.cs +++ b/samples/ServiceProvider/App_Code/IDataApi.cs @@ -12,4 +12,7 @@ public interface IDataApi { [OperationContract]
string GetName();
+
+ [OperationContract]
+ string[] GetFavoriteSites();
}
diff --git a/samples/ServiceProvider/App_Code/OAuthAuthorizationManager.cs b/samples/ServiceProvider/App_Code/OAuthAuthorizationManager.cs index 2b4e06b..4c461e8 100644 --- a/samples/ServiceProvider/App_Code/OAuthAuthorizationManager.cs +++ b/samples/ServiceProvider/App_Code/OAuthAuthorizationManager.cs @@ -22,8 +22,12 @@ public class OAuthAuthorizationManager : ServiceAuthorizationManager { var auth = sp.GetProtectedResourceAuthorization(httpDetails, requestUri);
if (auth != null) {
var accessToken = Global.DataContext.OAuthTokens.Single(token => token.Token == auth.AccessToken);
- operationContext.IncomingMessageProperties["OAuthAccessToken"] = accessToken;
- return true;
+ // Only allow this method call if the access token scope permits it.
+ string[] scopes = accessToken.Scope.Split('|');
+ if (scopes.Contains(operationContext.IncomingMessageHeaders.Action)) {
+ operationContext.IncomingMessageProperties["OAuthAccessToken"] = accessToken;
+ return true;
+ }
}
return false;
|