summaryrefslogtreecommitdiffstats
path: root/src/DotNetOpenAuth.OAuth2.Client/OAuth2/ClientBase.cs
diff options
context:
space:
mode:
Diffstat (limited to 'src/DotNetOpenAuth.OAuth2.Client/OAuth2/ClientBase.cs')
-rw-r--r--src/DotNetOpenAuth.OAuth2.Client/OAuth2/ClientBase.cs31
1 files changed, 29 insertions, 2 deletions
diff --git a/src/DotNetOpenAuth.OAuth2.Client/OAuth2/ClientBase.cs b/src/DotNetOpenAuth.OAuth2.Client/OAuth2/ClientBase.cs
index 49d0732..d4ea171 100644
--- a/src/DotNetOpenAuth.OAuth2.Client/OAuth2/ClientBase.cs
+++ b/src/DotNetOpenAuth.OAuth2.Client/OAuth2/ClientBase.cs
@@ -87,7 +87,20 @@ namespace DotNetOpenAuth.OAuth2 {
Requires.NotNull(request, "request");
Requires.NotNullOrEmpty(accessToken, "accessToken");
- OAuthUtilities.AuthorizeWithBearerToken(request, accessToken);
+ AuthorizeRequest(request.Headers, accessToken);
+ }
+
+ /// <summary>
+ /// Adds the necessary HTTP Authorization header to an HTTP request for protected resources
+ /// so that the Service Provider will allow the request through.
+ /// </summary>
+ /// <param name="requestHeaders">The headers on the request for protected resources from the service provider.</param>
+ /// <param name="accessToken">The access token previously obtained from the Authorization Server.</param>
+ public static void AuthorizeRequest(WebHeaderCollection requestHeaders, string accessToken) {
+ Requires.NotNull(requestHeaders, "requestHeaders");
+ Requires.NotNullOrEmpty(accessToken, "accessToken");
+
+ OAuthUtilities.AuthorizeWithBearerToken(requestHeaders, accessToken);
}
/// <summary>
@@ -99,6 +112,19 @@ namespace DotNetOpenAuth.OAuth2 {
public void AuthorizeRequest(HttpWebRequest request, IAuthorizationState authorization) {
Requires.NotNull(request, "request");
Requires.NotNull(authorization, "authorization");
+
+ this.AuthorizeRequest(request.Headers, authorization);
+ }
+
+ /// <summary>
+ /// Adds the OAuth authorization token to an outgoing HTTP request, renewing a
+ /// (nearly) expired access token if necessary.
+ /// </summary>
+ /// <param name="requestHeaders">The headers on the request for protected resources from the service provider.</param>
+ /// <param name="authorization">The authorization for this request previously obtained via OAuth.</param>
+ public void AuthorizeRequest(WebHeaderCollection requestHeaders, IAuthorizationState authorization) {
+ Requires.NotNull(requestHeaders, "requestHeaders");
+ Requires.NotNull(authorization, "authorization");
Requires.True(!string.IsNullOrEmpty(authorization.AccessToken), "authorization");
ErrorUtilities.VerifyProtocol(!authorization.AccessTokenExpirationUtc.HasValue || authorization.AccessTokenExpirationUtc >= DateTime.UtcNow || authorization.RefreshToken != null, ClientStrings.AuthorizationExpired);
@@ -107,7 +133,7 @@ namespace DotNetOpenAuth.OAuth2 {
this.RefreshAuthorization(authorization);
}
- AuthorizeRequest(request, authorization.AccessToken);
+ AuthorizeRequest(requestHeaders, authorization.AccessToken);
}
#if CLR4
@@ -372,6 +398,7 @@ namespace DotNetOpenAuth.OAuth2 {
var failure = response as AccessTokenFailedResponse;
ErrorUtilities.VerifyProtocol(success != null || failure != null, MessagingStrings.UnexpectedMessageReceivedOfMany);
if (success != null) {
+ authorizationState.Scope.Clear(); // clear the scope we requested so that the response will repopulate it.
UpdateAuthorizationWithResponse(authorizationState, success);
} else { // failure
Logger.OAuth.Info("Credentials rejected by the Authorization Server.");
generated by cgit v1.1 at 2025-06-08 18:43:35 +0000