summaryrefslogtreecommitdiffstats
path: root/src/DotNetOpenAuth.OAuth2.Client/OAuth2/ClientCredentialApplicator.cs
diff options
context:
space:
mode:
Diffstat (limited to 'src/DotNetOpenAuth.OAuth2.Client/OAuth2/ClientCredentialApplicator.cs')
-rw-r--r--src/DotNetOpenAuth.OAuth2.Client/OAuth2/ClientCredentialApplicator.cs165
1 files changed, 165 insertions, 0 deletions
diff --git a/src/DotNetOpenAuth.OAuth2.Client/OAuth2/ClientCredentialApplicator.cs b/src/DotNetOpenAuth.OAuth2.Client/OAuth2/ClientCredentialApplicator.cs
new file mode 100644
index 0000000..2a9a8a7
--- /dev/null
+++ b/src/DotNetOpenAuth.OAuth2.Client/OAuth2/ClientCredentialApplicator.cs
@@ -0,0 +1,165 @@
+//-----------------------------------------------------------------------
+// <copyright file="ClientCredentialApplicator.cs" company="Andrew Arnott">
+// Copyright (c) Andrew Arnott. All rights reserved.
+// </copyright>
+//-----------------------------------------------------------------------
+
+namespace DotNetOpenAuth.OAuth2 {
+ using System;
+ using System.Collections.Generic;
+ using System.Linq;
+ using System.Net;
+ using System.Text;
+ using DotNetOpenAuth.Messaging;
+ using DotNetOpenAuth.OAuth2.Messages;
+
+ /// <summary>
+ /// A base class for extensions that apply client authentication to messages for the authorization server in specific ways.
+ /// </summary>
+ public abstract class ClientCredentialApplicator {
+ /// <summary>
+ /// Initializes a new instance of the <see cref="ClientCredentialApplicator"/> class.
+ /// </summary>
+ protected ClientCredentialApplicator() {
+ }
+
+ /// <summary>
+ /// Transmits the secret the client shares with the authorization server as a parameter in the POST entity payload.
+ /// </summary>
+ /// <param name="clientSecret">The secret the client shares with the authorization server.</param>
+ /// <returns>The credential applicator to provide to the <see cref="ClientBase"/> instance.</returns>
+ public static ClientCredentialApplicator PostParameter(string clientSecret) {
+ Requires.NotNullOrEmpty(clientSecret, "clientSecret");
+ return new PostParameterApplicator(clientSecret);
+ }
+
+ /// <summary>
+ /// Transmits the client identifier and secret in the HTTP Authorization header via HTTP Basic authentication.
+ /// </summary>
+ /// <param name="credential">The client id and secret.</param>
+ /// <returns>The credential applicator to provide to the <see cref="ClientBase"/> instance.</returns>
+ public static ClientCredentialApplicator NetworkCredential(NetworkCredential credential) {
+ Requires.NotNull(credential, "credential");
+ return new NetworkCredentialApplicator(credential);
+ }
+
+ /// <summary>
+ /// Transmits the client identifier and secret in the HTTP Authorization header via HTTP Basic authentication.
+ /// </summary>
+ /// <param name="clientSecret">The secret the client shares with the authorization server.</param>
+ /// <returns>The credential applicator to provide to the <see cref="ClientBase"/> instance.</returns>
+ public static ClientCredentialApplicator NetworkCredential(string clientSecret) {
+ Requires.NotNullOrEmpty(clientSecret, "clientSecret");
+ return new NetworkCredentialApplicator(clientSecret);
+ }
+
+ /// <summary>
+ /// Never transmits a secret. Useful for anonymous clients or clients unable to keep a secret.
+ /// </summary>
+ /// <returns>The credential applicator to provide to the <see cref="ClientBase"/> instance.</returns>
+ public static ClientCredentialApplicator NoSecret() {
+ return null;
+ }
+
+ /// <summary>
+ /// Applies the client identifier and (when applicable) the client authentication to an outbound message.
+ /// </summary>
+ /// <param name="clientIdentifier">The identifier by which the authorization server should recognize this client.</param>
+ /// <param name="request">The outbound message to apply authentication information to.</param>
+ public virtual void ApplyClientCredential(string clientIdentifier, AuthenticatedClientRequestBase request) {
+ }
+
+ /// <summary>
+ /// Applies the client identifier and (when applicable) the client authentication to an outbound message.
+ /// </summary>
+ /// <param name="clientIdentifier">The identifier by which the authorization server should recognize this client.</param>
+ /// <param name="request">The outbound message to apply authentication information to.</param>
+ public virtual void ApplyClientCredential(string clientIdentifier, HttpWebRequest request) {
+ }
+
+ /// <summary>
+ /// Authenticates the client via HTTP Basic.
+ /// </summary>
+ private class NetworkCredentialApplicator : ClientCredentialApplicator {
+ /// <summary>
+ /// The client identifier and secret.
+ /// </summary>
+ private readonly NetworkCredential credential;
+
+ /// <summary>
+ /// The client secret.
+ /// </summary>
+ private readonly string clientSecret;
+
+ /// <summary>
+ /// Initializes a new instance of the <see cref="NetworkCredentialApplicator"/> class.
+ /// </summary>
+ /// <param name="clientSecret">The client secret.</param>
+ internal NetworkCredentialApplicator(string clientSecret) {
+ Requires.NotNullOrEmpty(clientSecret, "clientSecret");
+ this.clientSecret = clientSecret;
+ }
+
+ /// <summary>
+ /// Initializes a new instance of the <see cref="NetworkCredentialApplicator"/> class.
+ /// </summary>
+ /// <param name="credential">The client credential.</param>
+ internal NetworkCredentialApplicator(NetworkCredential credential) {
+ Requires.NotNull(credential, "credential");
+ this.credential = credential;
+ }
+
+ /// <summary>
+ /// Applies the client identifier and (when applicable) the client authentication to an outbound message.
+ /// </summary>
+ /// <param name="clientIdentifier">The identifier by which the authorization server should recognize this client.</param>
+ /// <param name="request">The outbound message to apply authentication information to.</param>
+ public override void ApplyClientCredential(string clientIdentifier, AuthenticatedClientRequestBase request) {
+ // When using network credentials, the client authentication is not done as standard message parts.
+ request.ClientIdentifier = null;
+ request.ClientSecret = null;
+ }
+
+ /// <summary>
+ /// Applies the client identifier and (when applicable) the client authentication to an outbound message.
+ /// </summary>
+ /// <param name="clientIdentifier">The identifier by which the authorization server should recognize this client.</param>
+ /// <param name="request">The outbound message to apply authentication information to.</param>
+ public override void ApplyClientCredential(string clientIdentifier, HttpWebRequest request) {
+ if (this.credential != null && this.credential.UserName == clientIdentifier) {
+ ErrorUtilities.VerifyHost(false, "Client identifiers \"{0}\" and \"{1}\" do not match.", this.credential.UserName, clientIdentifier);
+ }
+
+ request.Credentials = this.credential ?? new NetworkCredential(clientIdentifier, this.clientSecret);
+ }
+ }
+
+ /// <summary>
+ /// Authenticates the client via a client_secret parameter in the message.
+ /// </summary>
+ private class PostParameterApplicator : ClientCredentialApplicator {
+ /// <summary>
+ /// The client secret.
+ /// </summary>
+ private readonly string secret;
+
+ /// <summary>
+ /// Initializes a new instance of the <see cref="PostParameterApplicator"/> class.
+ /// </summary>
+ /// <param name="clientSecret">The client secret.</param>
+ internal PostParameterApplicator(string clientSecret) {
+ Requires.NotNullOrEmpty(clientSecret, "clientSecret");
+ this.secret = clientSecret;
+ }
+
+ /// <summary>
+ /// Applies the client identifier and (when applicable) the client authentication to an outbound message.
+ /// </summary>
+ /// <param name="clientIdentifier">The identifier by which the authorization server should recognize this client.</param>
+ /// <param name="request">The outbound message to apply authentication information to.</param>
+ public override void ApplyClientCredential(string clientIdentifier, AuthenticatedClientRequestBase request) {
+ request.ClientSecret = this.secret;
+ }
+ }
+ }
+}
generated by cgit v1.1 at 2025-05-18 08:52:07 +0000