diff options
Diffstat (limited to 'src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/AccessTokenBindingElement.cs')
| -rw-r--r-- | src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/AccessTokenBindingElement.cs | 94 |
1 files changed, 94 insertions, 0 deletions
diff --git a/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/AccessTokenBindingElement.cs b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/AccessTokenBindingElement.cs new file mode 100644 index 0000000..9d7e8f2 --- /dev/null +++ b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/AccessTokenBindingElement.cs @@ -0,0 +1,94 @@ +//----------------------------------------------------------------------- +// <copyright file="AccessTokenBindingElement.cs" company="Outercurve Foundation"> +// Copyright (c) Outercurve Foundation. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- + +namespace DotNetOpenAuth.OAuth2.ChannelElements { + using System; + using System.Collections.Generic; + using System.Diagnostics; + using System.Linq; + using System.Security.Cryptography; + using System.Text; + using DotNetOpenAuth.Messaging; + using DotNetOpenAuth.OAuth2.Messages; + + /// <summary> + /// Serializes access tokens inside an outgoing message. + /// </summary> + internal class AccessTokenBindingElement : AuthServerBindingElementBase { + /// <summary> + /// Initializes a new instance of the <see cref="AccessTokenBindingElement"/> class. + /// </summary> + internal AccessTokenBindingElement() { + } + + /// <summary> + /// Gets the protection commonly offered (if any) by this binding element. + /// </summary> + /// <value>Always <c>MessageProtections.None</c></value> + /// <remarks> + /// This value is used to assist in sorting binding elements in the channel stack. + /// </remarks> + public override MessageProtections Protection { + get { return MessageProtections.None; } + } + + /// <summary> + /// Prepares a message for sending based on the rules of this channel binding element. + /// </summary> + /// <param name="message">The message to prepare for sending.</param> + /// <returns> + /// The protections (if any) that this binding element applied to the message. + /// Null if this binding element did not even apply to this binding element. + /// </returns> + public override MessageProtections? ProcessOutgoingMessage(IProtocolMessage message) { + var directResponse = message as IDirectResponseProtocolMessage; + var request = directResponse != null ? directResponse.OriginatingRequest as IAccessTokenRequestInternal : null; + var authCarryingRequest = request as IAuthorizationCarryingRequest; + var accessTokenResponse = message as IAccessTokenIssuingResponse; + var implicitGrantResponse = message as EndUserAuthorizationSuccessAccessTokenResponse; + + if (request != null) { + request.AccessTokenCreationParameters = this.AuthorizationServer.GetAccessTokenParameters(request); + ErrorUtilities.VerifyHost(request.AccessTokenCreationParameters != null, "IAuthorizationServer.GetAccessTokenParameters must not return null."); + + if (accessTokenResponse != null) { + accessTokenResponse.Lifetime = request.AccessTokenCreationParameters.AccessTokenLifetime; + } + } + + if (authCarryingRequest != null) { + ErrorUtilities.VerifyInternal(request != null, MessagingStrings.UnexpectedMessageReceived, typeof(IAccessTokenRequestInternal), request.GetType()); + accessTokenResponse.AuthorizationDescription = new AccessToken(authCarryingRequest.AuthorizationDescription, accessTokenResponse.Lifetime); + } else if (implicitGrantResponse != null) { + IAccessTokenCarryingRequest tokenCarryingResponse = implicitGrantResponse; + accessTokenResponse.AuthorizationDescription = new AccessToken( + request.ClientIdentifier, + implicitGrantResponse.Scope, + implicitGrantResponse.AuthorizingUsername, + implicitGrantResponse.Lifetime); + } + + return null; + } + + /// <summary> + /// Performs any transformation on an incoming message that may be necessary and/or + /// validates an incoming message based on the rules of this channel binding element. + /// </summary> + /// <param name="message">The incoming message to process.</param> + /// <returns> + /// The protections (if any) that this binding element applied to the message. + /// Null if this binding element did not even apply to this binding element. + /// </returns> + /// <exception cref="ProtocolException"> + /// Thrown when the binding element rules indicate that this message is invalid and should + /// NOT be processed. + /// </exception> + public override MessageProtections? ProcessIncomingMessage(IProtocolMessage message) { + return null; + } + } +} |