diff options
Diffstat (limited to 'samples')
| -rw-r--r-- | samples/Consumer/SampleWcf.aspx.cs | 15 | ||||
| -rw-r--r-- | samples/ServiceProvider/App_Code/DataApi.cs | 10 | ||||
| -rw-r--r-- | samples/ServiceProvider/App_Code/DatabaseTokenManager.cs | 4 | ||||
| -rw-r--r-- | samples/ServiceProvider/App_Code/Global.cs | 71 | ||||
| -rw-r--r-- | samples/ServiceProvider/App_Code/OAuthAuthorizationManager.cs | 1 | ||||
| -rw-r--r-- | samples/ServiceProvider/App_Code/TokenAuthorizationState.cs | 11 | ||||
| -rw-r--r-- | samples/ServiceProvider/Members/Authorize.aspx.cs | 1 |
7 files changed, 62 insertions, 51 deletions
diff --git a/samples/Consumer/SampleWcf.aspx.cs b/samples/Consumer/SampleWcf.aspx.cs index b06446f..42907dc 100644 --- a/samples/Consumer/SampleWcf.aspx.cs +++ b/samples/Consumer/SampleWcf.aspx.cs @@ -1,16 +1,16 @@ using System;
-using System.Linq;
+using System.Collections.Generic;
using System.Globalization;
+using System.Linq;
using System.Net;
using System.ServiceModel;
using System.ServiceModel.Channels;
+using System.ServiceModel.Security;
+using System.Web.UI.WebControls;
using DotNetOAuth;
using DotNetOAuth.ChannelElements;
using DotNetOAuth.Messaging;
using SampleServiceProvider;
-using System.Collections.Generic;
-using System.Web.UI.WebControls;
-using System.ServiceModel.Security;
/// <summary>
/// Sample consumer of our Service Provider sample's WCF service.
@@ -33,9 +33,10 @@ public partial class SampleWcf : System.Web.UI.Page { Consumer consumer = this.CreateConsumer();
UriBuilder callback = new UriBuilder(Request.Url);
callback.Query = null;
- string scope = string.Join("|", (from item in scopeList.Items.OfType<ListItem>()
- where item.Selected
- select item.Value).ToArray());
+ string[] scopes = (from item in scopeList.Items.OfType<ListItem>()
+ where item.Selected
+ select item.Value).ToArray();
+ string scope = string.Join("|", scopes);
var requestParams = new Dictionary<string, string> {
{ "scope", scope },
};
diff --git a/samples/ServiceProvider/App_Code/DataApi.cs b/samples/ServiceProvider/App_Code/DataApi.cs index 5c187c3..ecd3618 100644 --- a/samples/ServiceProvider/App_Code/DataApi.cs +++ b/samples/ServiceProvider/App_Code/DataApi.cs @@ -1,9 +1,11 @@ using System.Linq;
-using System.Globalization;
using System.ServiceModel;
-using System.Text;
public class DataApi : IDataApi {
+ private static OAuthToken AccessToken {
+ get { return OperationContext.Current.IncomingMessageProperties["OAuthAccessToken"] as OAuthToken; }
+ }
+
public int? GetAge() {
return AccessToken.User.Age;
}
@@ -15,8 +17,4 @@ public class DataApi : IDataApi { public string[] GetFavoriteSites() {
return AccessToken.User.FavoriteSites.Select(site => site.SiteUrl).ToArray();
}
-
- private static OAuthToken AccessToken {
- get { return OperationContext.Current.IncomingMessageProperties["OAuthAccessToken"] as OAuthToken; }
- }
}
diff --git a/samples/ServiceProvider/App_Code/DatabaseTokenManager.cs b/samples/ServiceProvider/App_Code/DatabaseTokenManager.cs index ef9ee3f..cf4c6c6 100644 --- a/samples/ServiceProvider/App_Code/DatabaseTokenManager.cs +++ b/samples/ServiceProvider/App_Code/DatabaseTokenManager.cs @@ -5,12 +5,10 @@ //-----------------------------------------------------------------------
using System;
-using System.Linq;
-using System.Data.Linq;
using System.Collections.Generic;
using System.Diagnostics;
+using System.Linq;
using DotNetOAuth.ChannelElements;
-using DotNetOAuth.Messaging;
public class DatabaseTokenManager : ITokenManager {
#region ITokenManager Members
diff --git a/samples/ServiceProvider/App_Code/Global.cs b/samples/ServiceProvider/App_Code/Global.cs index fdef34c..311d415 100644 --- a/samples/ServiceProvider/App_Code/Global.cs +++ b/samples/ServiceProvider/App_Code/Global.cs @@ -1,13 +1,12 @@ using System;
-using System.Collections.Generic;
using System.Linq;
-using System.Web;
-using System.Text;
using System.ServiceModel;
+using System.Text;
+using System.Web;
using DotNetOAuth.Messages;
/// <summary>
-/// Summary description for Global
+/// The web application global events and properties.
/// </summary>
public class Global : HttpApplication {
/// <summary>
@@ -20,32 +19,6 @@ public class Global : HttpApplication { /// </summary>
public static log4net.ILog Logger = log4net.LogManager.GetLogger("DotNetOAuth.ConsumerSample");
- private static DataClassesDataContext dataContextSimple {
- get {
- if (HttpContext.Current != null) {
- return HttpContext.Current.Items["DataContext"] as DataClassesDataContext;
- } else if (OperationContext.Current != null) {
- object data;
- if (OperationContext.Current.IncomingMessageProperties.TryGetValue("DataContext", out data)) {
- return data as DataClassesDataContext;
- } else {
- return null;
- }
- } else {
- throw new InvalidOperationException();
- }
- }
- set {
- if (HttpContext.Current != null) {
- HttpContext.Current.Items["DataContext"] = value;
- } else if (OperationContext.Current != null) {
- OperationContext.Current.IncomingMessageProperties["DataContext"] = value;
- } else {
- throw new InvalidOperationException();
- }
- }
- }
-
/// <summary>
/// Gets the transaction-protected database connection for the current request.
/// </summary>
@@ -74,6 +47,38 @@ public class Global : HttpApplication { set { HttpContext.Current.Session["authrequest"] = value; }
}
+ private static DataClassesDataContext dataContextSimple {
+ get {
+ if (HttpContext.Current != null) {
+ return HttpContext.Current.Items["DataContext"] as DataClassesDataContext;
+ } else if (OperationContext.Current != null) {
+ object data;
+ if (OperationContext.Current.IncomingMessageProperties.TryGetValue("DataContext", out data)) {
+ return data as DataClassesDataContext;
+ } else {
+ return null;
+ }
+ } else {
+ throw new InvalidOperationException();
+ }
+ }
+
+ set {
+ if (HttpContext.Current != null) {
+ HttpContext.Current.Items["DataContext"] = value;
+ } else if (OperationContext.Current != null) {
+ OperationContext.Current.IncomingMessageProperties["DataContext"] = value;
+ } else {
+ throw new InvalidOperationException();
+ }
+ }
+ }
+
+ public static void AuthorizePendingRequestToken() {
+ TokenManager.AuthorizeRequestToken(PendingOAuthAuthorization.RequestToken, LoggedInUser);
+ PendingOAuthAuthorization = null;
+ }
+
private static void CommitAndCloseDatabaseIfNecessary() {
var dataContext = dataContextSimple;
if (dataContext != null) {
@@ -93,6 +98,7 @@ public class Global : HttpApplication { private void Application_End(object sender, EventArgs e) {
Logger.Info("Sample shutting down...");
+
// this would be automatic, but in partial trust scenarios it is not.
log4net.LogManager.Shutdown();
}
@@ -104,9 +110,4 @@ public class Global : HttpApplication { private void Application_EndRequest(object sender, EventArgs e) {
CommitAndCloseDatabaseIfNecessary();
}
-
- public static void AuthorizePendingRequestToken() {
- TokenManager.AuthorizeRequestToken(PendingOAuthAuthorization.RequestToken, LoggedInUser);
- PendingOAuthAuthorization = null;
- }
}
diff --git a/samples/ServiceProvider/App_Code/OAuthAuthorizationManager.cs b/samples/ServiceProvider/App_Code/OAuthAuthorizationManager.cs index 4c461e8..02118f8 100644 --- a/samples/ServiceProvider/App_Code/OAuthAuthorizationManager.cs +++ b/samples/ServiceProvider/App_Code/OAuthAuthorizationManager.cs @@ -22,6 +22,7 @@ public class OAuthAuthorizationManager : ServiceAuthorizationManager { var auth = sp.GetProtectedResourceAuthorization(httpDetails, requestUri);
if (auth != null) {
var accessToken = Global.DataContext.OAuthTokens.Single(token => token.Token == auth.AccessToken);
+
// Only allow this method call if the access token scope permits it.
string[] scopes = accessToken.Scope.Split('|');
if (scopes.Contains(operationContext.IncomingMessageHeaders.Action)) {
diff --git a/samples/ServiceProvider/App_Code/TokenAuthorizationState.cs b/samples/ServiceProvider/App_Code/TokenAuthorizationState.cs index bb959c6..ff93684 100644 --- a/samples/ServiceProvider/App_Code/TokenAuthorizationState.cs +++ b/samples/ServiceProvider/App_Code/TokenAuthorizationState.cs @@ -7,7 +7,18 @@ using System.Web; /// Various states an OAuth token can be in.
/// </summary>
public enum TokenAuthorizationState : int {
+ /// <summary>
+ /// An unauthorized request token.
+ /// </summary>
UnauthorizedRequestToken = 0,
+
+ /// <summary>
+ /// An authorized request token.
+ /// </summary>
AuthorizedRequestToken = 1,
+
+ /// <summary>
+ /// An authorized access token.
+ /// </summary>
AccessToken = 2,
}
diff --git a/samples/ServiceProvider/Members/Authorize.aspx.cs b/samples/ServiceProvider/Members/Authorize.aspx.cs index 32cc697..0f3a90c 100644 --- a/samples/ServiceProvider/Members/Authorize.aspx.cs +++ b/samples/ServiceProvider/Members/Authorize.aspx.cs @@ -32,6 +32,7 @@ public partial class Authorize : System.Web.UI.Page { response.Send();
}
}
+
protected void denyAccessButton_Click(object sender, EventArgs e) {
// erase the request token.
multiView.ActiveViewIndex = 2;
|