summaryrefslogtreecommitdiffstats
path: root/src/DotNetOpenAuth.OAuth2.Client/OAuth2/ClientBase.cs
diff options
context:
space:
mode:
Diffstat (limited to 'src/DotNetOpenAuth.OAuth2.Client/OAuth2/ClientBase.cs')
-rw-r--r--src/DotNetOpenAuth.OAuth2.Client/OAuth2/ClientBase.cs42
1 files changed, 39 insertions, 3 deletions
diff --git a/src/DotNetOpenAuth.OAuth2.Client/OAuth2/ClientBase.cs b/src/DotNetOpenAuth.OAuth2.Client/OAuth2/ClientBase.cs
index 49d0732..e9c952d 100644
--- a/src/DotNetOpenAuth.OAuth2.Client/OAuth2/ClientBase.cs
+++ b/src/DotNetOpenAuth.OAuth2.Client/OAuth2/ClientBase.cs
@@ -16,6 +16,8 @@ namespace DotNetOpenAuth.OAuth2 {
#endif
using System.Security;
using System.Text;
+ using System.Xml;
+
using DotNetOpenAuth.Messaging;
using DotNetOpenAuth.OAuth2.ChannelElements;
using DotNetOpenAuth.OAuth2.Messages;
@@ -71,6 +73,13 @@ namespace DotNetOpenAuth.OAuth2 {
}
/// <summary>
+ /// Gets quotas used when deserializing JSON.
+ /// </summary>
+ public XmlDictionaryReaderQuotas JsonReaderQuotas {
+ get { return this.OAuthChannel.JsonReaderQuotas; }
+ }
+
+ /// <summary>
/// Gets the OAuth client channel.
/// </summary>
internal IOAuth2ChannelWithClient OAuthChannel {
@@ -87,7 +96,20 @@ namespace DotNetOpenAuth.OAuth2 {
Requires.NotNull(request, "request");
Requires.NotNullOrEmpty(accessToken, "accessToken");
- OAuthUtilities.AuthorizeWithBearerToken(request, accessToken);
+ AuthorizeRequest(request.Headers, accessToken);
+ }
+
+ /// <summary>
+ /// Adds the necessary HTTP Authorization header to an HTTP request for protected resources
+ /// so that the Service Provider will allow the request through.
+ /// </summary>
+ /// <param name="requestHeaders">The headers on the request for protected resources from the service provider.</param>
+ /// <param name="accessToken">The access token previously obtained from the Authorization Server.</param>
+ public static void AuthorizeRequest(WebHeaderCollection requestHeaders, string accessToken) {
+ Requires.NotNull(requestHeaders, "requestHeaders");
+ Requires.NotNullOrEmpty(accessToken, "accessToken");
+
+ OAuthUtilities.AuthorizeWithBearerToken(requestHeaders, accessToken);
}
/// <summary>
@@ -99,6 +121,19 @@ namespace DotNetOpenAuth.OAuth2 {
public void AuthorizeRequest(HttpWebRequest request, IAuthorizationState authorization) {
Requires.NotNull(request, "request");
Requires.NotNull(authorization, "authorization");
+
+ this.AuthorizeRequest(request.Headers, authorization);
+ }
+
+ /// <summary>
+ /// Adds the OAuth authorization token to an outgoing HTTP request, renewing a
+ /// (nearly) expired access token if necessary.
+ /// </summary>
+ /// <param name="requestHeaders">The headers on the request for protected resources from the service provider.</param>
+ /// <param name="authorization">The authorization for this request previously obtained via OAuth.</param>
+ public void AuthorizeRequest(WebHeaderCollection requestHeaders, IAuthorizationState authorization) {
+ Requires.NotNull(requestHeaders, "requestHeaders");
+ Requires.NotNull(authorization, "authorization");
Requires.True(!string.IsNullOrEmpty(authorization.AccessToken), "authorization");
ErrorUtilities.VerifyProtocol(!authorization.AccessTokenExpirationUtc.HasValue || authorization.AccessTokenExpirationUtc >= DateTime.UtcNow || authorization.RefreshToken != null, ClientStrings.AuthorizationExpired);
@@ -107,7 +142,7 @@ namespace DotNetOpenAuth.OAuth2 {
this.RefreshAuthorization(authorization);
}
- AuthorizeRequest(request, authorization.AccessToken);
+ AuthorizeRequest(requestHeaders, authorization.AccessToken);
}
#if CLR4
@@ -216,7 +251,7 @@ namespace DotNetOpenAuth.OAuth2 {
Requires.NotNull(password, "password");
var request = new AccessTokenResourceOwnerPasswordCredentialsRequest(this.AuthorizationServer.TokenEndpoint, this.AuthorizationServer.Version) {
- UserName = userName,
+ RequestingUserName = userName,
Password = password,
};
@@ -372,6 +407,7 @@ namespace DotNetOpenAuth.OAuth2 {
var failure = response as AccessTokenFailedResponse;
ErrorUtilities.VerifyProtocol(success != null || failure != null, MessagingStrings.UnexpectedMessageReceivedOfMany);
if (success != null) {
+ authorizationState.Scope.Clear(); // clear the scope we requested so that the response will repopulate it.
UpdateAuthorizationWithResponse(authorizationState, success);
} else { // failure
Logger.OAuth.Info("Credentials rejected by the Authorization Server.");
generated by cgit v1.1 at 2025-05-20 19:44:37 +0000