summaryrefslogtreecommitdiffstats
path: root/samples
diff options
context:
space:
mode:
Diffstat (limited to 'samples')
-rw-r--r--samples/OAuthAuthorizationServer/Code/OAuth2AuthorizationServer.cs22
-rw-r--r--samples/OAuthAuthorizationServer/Controllers/OAuthController.cs16
-rw-r--r--samples/OAuthResourceServer/Code/Global.cs35
3 files changed, 54 insertions, 19 deletions
diff --git a/samples/OAuthAuthorizationServer/Code/OAuth2AuthorizationServer.cs b/samples/OAuthAuthorizationServer/Code/OAuth2AuthorizationServer.cs
index ec2f8fd..d71416e 100644
--- a/samples/OAuthAuthorizationServer/Code/OAuth2AuthorizationServer.cs
+++ b/samples/OAuthAuthorizationServer/Code/OAuth2AuthorizationServer.cs
@@ -11,9 +11,10 @@
using DotNetOpenAuth.OAuth2.Messages;
internal class OAuth2AuthorizationServer : IAuthorizationServer {
- internal static readonly RSAParameters AsymmetricTokenSigningPrivateKey;
+ private static readonly RSAParameters AsymmetricTokenSigningPrivateKey;
- internal static readonly RSACryptoServiceProvider AsymmetricTokenSigningServiceProvider;
+ [ThreadStatic]
+ internal static readonly RSACryptoServiceProvider AsymmetricTokenSigningServiceProvider = CreateAsymmetricTokenSigningServiceProvider();
private static readonly byte[] secret;
@@ -47,12 +48,23 @@
var privateKey = keyPair.ExportParameters(true);
var publicKey = keyPair.ExportParameters(false);
- // Ultimately the private key information must be what is returned bout the AccessTokenSigningPrivateKey property.
+ // Ultimately the private key information must be what is returned through the AccessTokenSigningPrivateKey property.
AsymmetricTokenSigningPrivateKey = privateKey;
#endif
+ }
- AsymmetricTokenSigningServiceProvider = new RSACryptoServiceProvider();
- AsymmetricTokenSigningServiceProvider.ImportParameters(AsymmetricTokenSigningPrivateKey);
+ /// <summary>
+ /// Creates the asymmetric token signing service provider.
+ /// </summary>
+ /// <returns>An RSA crypto service provider.</returns>
+ /// <remarks>
+ /// Since <see cref="RSACryptoServiceProvider"/> are not thread-safe, one must be created for each thread.
+ /// In this sample we just create one for each incoming request. Be sure to call Dispose on them to release native handles.
+ /// </remarks>
+ private static RSACryptoServiceProvider CreateAsymmetricTokenSigningServiceProvider() {
+ var asymmetricTokenSigningServiceProvider = new RSACryptoServiceProvider();
+ asymmetricTokenSigningServiceProvider.ImportParameters(AsymmetricTokenSigningPrivateKey);
+ return asymmetricTokenSigningServiceProvider;
}
#region Implementation of IAuthorizationServer
diff --git a/samples/OAuthAuthorizationServer/Controllers/OAuthController.cs b/samples/OAuthAuthorizationServer/Controllers/OAuthController.cs
index fc332d0..b9fbe65 100644
--- a/samples/OAuthAuthorizationServer/Controllers/OAuthController.cs
+++ b/samples/OAuthAuthorizationServer/Controllers/OAuthController.cs
@@ -37,14 +37,20 @@
/// <summary>
/// The resource server's encryption service provider with private key.
/// </summary>
- private static readonly RSACryptoServiceProvider ResourceServerEncryptionServiceProvider;
+ /// <remarks>
+ /// Since <see cref="RSACryptoServiceProvider"/> are not thread-safe, one must be created for each thread.
+ /// </remarks>
+ [ThreadStatic]
+ private static RSACryptoServiceProvider ResourceServerEncryptionServiceProvider = CreateResourceServerEncryptionServiceProvider();
/// <summary>
- /// Initializes the <see cref="OAuthController"/> class.
+ /// Creates the resource server's encryption service provider with private key.
/// </summary>
- static OAuthController() {
- ResourceServerEncryptionServiceProvider = new RSACryptoServiceProvider();
- ResourceServerEncryptionServiceProvider.ImportParameters(ResourceServerEncryptionPublicKey);
+ /// <returns>An RSA crypto service provider.</returns>
+ private static RSACryptoServiceProvider CreateResourceServerEncryptionServiceProvider() {
+ var resourceServerEncryptionServiceProvider = new RSACryptoServiceProvider();
+ resourceServerEncryptionServiceProvider.ImportParameters(ResourceServerEncryptionPublicKey);
+ return resourceServerEncryptionServiceProvider;
}
/// <summary>
diff --git a/samples/OAuthResourceServer/Code/Global.cs b/samples/OAuthResourceServer/Code/Global.cs
index 5080609..a70930b 100644
--- a/samples/OAuthResourceServer/Code/Global.cs
+++ b/samples/OAuthResourceServer/Code/Global.cs
@@ -34,7 +34,11 @@
/// <summary>
/// The authorization server crypto service provider that contains a public key.
/// </summary>
- public static readonly RSACryptoServiceProvider AuthorizationServerSigningServiceProvider;
+ /// <remarks>
+ /// Since <see cref="RSACryptoServiceProvider"/> are not thread-safe, one must be created for each thread.
+ /// </remarks>
+ [ThreadStatic]
+ public static readonly RSACryptoServiceProvider AuthorizationServerSigningServiceProvider = CreateAuthorizationServerSigningServiceProvider();
/// <summary>
/// An application memory cache of recent log messages.
@@ -66,23 +70,36 @@
};
#else
[Obsolete("You must use a real key for a real app.", true)]
- internal static readonly RSAParameters ResourceServerEncryptionPrivateKey= new RSAParameters();
+ internal static readonly RSAParameters ResourceServerEncryptionPrivateKey = new RSAParameters();
#endif
/// <summary>
/// The crypto service provider for this resource server that contains the private key used to decrypt an access token.
/// </summary>
- internal static readonly RSACryptoServiceProvider ResourceServerEncryptionServiceProvider;
+ /// <remarks>
+ /// Since <see cref="RSACryptoServiceProvider"/> are not thread-safe, one must be created for each thread.
+ /// </remarks>
+ [ThreadStatic]
+ internal static readonly RSACryptoServiceProvider ResourceServerEncryptionServiceProvider = CreateResourceServerEncryptionServiceProvider();
/// <summary>
- /// Initializes the <see cref="Global"/> class.
+ /// Creates the crypto service provider for this resource server that contains the private key used to decrypt an access token.
/// </summary>
- static Global() {
- AuthorizationServerSigningServiceProvider = new RSACryptoServiceProvider();
- AuthorizationServerSigningServiceProvider.ImportParameters(AuthorizationServerSigningPublicKey);
+ /// <returns>An RSA crypto service provider.</returns>
+ private static RSACryptoServiceProvider CreateResourceServerEncryptionServiceProvider() {
+ var resourceServerEncryptionServiceProvider = new RSACryptoServiceProvider();
+ resourceServerEncryptionServiceProvider.ImportParameters(ResourceServerEncryptionPrivateKey);
+ return resourceServerEncryptionServiceProvider;
+ }
- ResourceServerEncryptionServiceProvider = new RSACryptoServiceProvider();
- ResourceServerEncryptionServiceProvider.ImportParameters(ResourceServerEncryptionPrivateKey);
+ /// <summary>
+ /// Creates the crypto service provider for the authorization server that contains the public key used to verify an access token signature.
+ /// </summary>
+ /// <returns>An RSA crypto service provider.</returns>
+ private static RSACryptoServiceProvider CreateAuthorizationServerSigningServiceProvider() {
+ var authorizationServerSigningServiceProvider = new RSACryptoServiceProvider();
+ authorizationServerSigningServiceProvider.ImportParameters(AuthorizationServerSigningPublicKey);
+ return authorizationServerSigningServiceProvider;
}
private void Application_Start(object sender, EventArgs e) {
generated by cgit v1.1 at 2025-06-06 04:17:31 +0000