diff options
Diffstat (limited to 'src/DotNetOpenAuth.AspNet/Clients/OAuth/InMemoryOAuthTokenManager.cs')
| -rw-r--r-- | src/DotNetOpenAuth.AspNet/Clients/OAuth/InMemoryOAuthTokenManager.cs | 157 |
1 files changed, 157 insertions, 0 deletions
diff --git a/src/DotNetOpenAuth.AspNet/Clients/OAuth/InMemoryOAuthTokenManager.cs b/src/DotNetOpenAuth.AspNet/Clients/OAuth/InMemoryOAuthTokenManager.cs new file mode 100644 index 0000000..b45a65b --- /dev/null +++ b/src/DotNetOpenAuth.AspNet/Clients/OAuth/InMemoryOAuthTokenManager.cs @@ -0,0 +1,157 @@ +//----------------------------------------------------------------------- +// <copyright file="InMemoryOAuthTokenManager.cs" company="Microsoft"> +// Copyright (c) Microsoft. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- + +namespace DotNetOpenAuth.AspNet.Clients { + using System; + using System.Collections.Generic; + using DotNetOpenAuth.OAuth; + using DotNetOpenAuth.OAuth.ChannelElements; + using DotNetOpenAuth.OAuth.Messages; + + /// <summary> + /// An implementation of IOAuthTokenManager which stores keys in memory. + /// </summary> + public sealed class InMemoryOAuthTokenManager : IConsumerTokenManager { + #region Constants and Fields + + /// <summary> + /// The _tokens and secrets. + /// </summary> + private readonly Dictionary<string, string> tokensAndSecrets = new Dictionary<string, string>(); + + #endregion + + #region Constructors and Destructors + + /// <summary> + /// Initializes a new instance of the <see cref="InMemoryOAuthTokenManager"/> class. + /// </summary> + /// <param name="consumerKey"> + /// The consumer key. + /// </param> + /// <param name="consumerSecret"> + /// The consumer secret. + /// </param> + public InMemoryOAuthTokenManager(string consumerKey, string consumerSecret) { + Requires.NotNull(consumerKey, "consumerKey"); + Requires.NotNull(consumerSecret, "consumerSecret"); + + this.ConsumerKey = consumerKey; + this.ConsumerSecret = consumerSecret; + } + + #endregion + + #region Public Properties + + /// <summary> + /// Gets the consumer key. + /// </summary> + public string ConsumerKey { get; private set; } + + /// <summary> + /// Gets the consumer secret. + /// </summary> + public string ConsumerSecret { get; private set; } + + #endregion + + #region Public Methods and Operators + + /// <summary> + /// Deletes a request token and its associated secret and stores a new access token and secret. + /// </summary> + /// <param name="consumerKey"> + /// The Consumer that is exchanging its request token for an access token. + /// </param> + /// <param name="requestToken"> + /// The Consumer's request token that should be deleted/expired. + /// </param> + /// <param name="accessToken"> + /// The new access token that is being issued to the Consumer. + /// </param> + /// <param name="accessTokenSecret"> + /// The secret associated with the newly issued access token. + /// </param> + /// <remarks> + /// <para> + /// Any scope of granted privileges associated with the request token from the + /// original call to + /// <see cref="StoreNewRequestToken"/> + /// should be carried over + /// to the new Access Token. + /// </para> + /// <para> + /// To associate a user account with the new access token, + /// <see cref="System.Web.HttpContext.User">HttpContext.Current.User</see> + /// may be + /// useful in an ASP.NET web application within the implementation of this method. + /// Alternatively you may store the access token here without associating with a user account, + /// and wait until + /// <see cref="WebConsumer.ProcessUserAuthorization()"/> + /// or + /// <see cref="DesktopConsumer.ProcessUserAuthorization(string, string)"/> + /// return the access + /// token to associate the access token with a user account at that point. + /// </para> + /// </remarks> + public void ExpireRequestTokenAndStoreNewAccessToken( + string consumerKey, string requestToken, string accessToken, string accessTokenSecret) { + this.tokensAndSecrets.Remove(requestToken); + this.tokensAndSecrets[accessToken] = accessTokenSecret; + } + + /// <summary> + /// Gets the Token Secret given a request or access token. + /// </summary> + /// <param name="token"> + /// The request or access token. + /// </param> + /// <returns> + /// The secret associated with the given token. + /// </returns> + /// <exception cref="ArgumentException"> + /// Thrown if the secret cannot be found for the given token. + /// </exception> + public string GetTokenSecret(string token) { + return this.tokensAndSecrets[token]; + } + + /// <summary> + /// Classifies a token as a request token or an access token. + /// </summary> + /// <param name="token"> + /// The token to classify. + /// </param> + /// <returns> + /// Request or Access token, or invalid if the token is not recognized. + /// </returns> + public TokenType GetTokenType(string token) { + throw new NotImplementedException(); + } + + /// <summary> + /// Stores a newly generated unauthorized request token, secret, and optional application-specific parameters for later recall. + /// </summary> + /// <param name="request"> + /// The request message that resulted in the generation of a new unauthorized request token. + /// </param> + /// <param name="response"> + /// The response message that includes the unauthorized request token. + /// </param> + /// <exception cref="ArgumentException"> + /// Thrown if the consumer key is not registered, or a required parameter was not found in the parameters collection. + /// </exception> + /// <remarks> + /// Request tokens stored by this method SHOULD NOT associate any user account with this token. It usually opens up security holes in your application to do so. Instead, you associate a user account with access tokens (not request tokens) in the <see cref="ExpireRequestTokenAndStoreNewAccessToken"/> method. + /// </remarks> + public void StoreNewRequestToken(UnauthorizedTokenRequest request, ITokenSecretContainingMessage response) { + this.tokensAndSecrets[response.Token] = response.TokenSecret; + } + + #endregion + } +} |