diff options
Diffstat (limited to 'src/DotNetOpenAuth.OAuth2/OAuth2')
3 files changed, 74 insertions, 21 deletions
diff --git a/src/DotNetOpenAuth.OAuth2/OAuth2/ChannelElements/ClientAuthenticationResult.cs b/src/DotNetOpenAuth.OAuth2/OAuth2/ChannelElements/ClientAuthenticationResult.cs new file mode 100644 index 0000000..b0f86a9 --- /dev/null +++ b/src/DotNetOpenAuth.OAuth2/OAuth2/ChannelElements/ClientAuthenticationResult.cs @@ -0,0 +1,32 @@ +//----------------------------------------------------------------------- +// <copyright file="ClientAuthenticationResult.cs" company="Andrew Arnott"> +// Copyright (c) Andrew Arnott. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- + +namespace DotNetOpenAuth.OAuth2.ChannelElements { + /// <summary> + /// Describes the various levels at which client information may be extracted from an inbound message. + /// </summary> + public enum ClientAuthenticationResult { + /// <summary> + /// No client identification or authentication was discovered. + /// </summary> + NoAuthenticationRecognized, + + /// <summary> + /// The client identified itself, but did not attempt to authenticate itself. + /// </summary> + ClientIdNotAuthenticated, + + /// <summary> + /// The client authenticated itself (provided compelling evidence that it was who it claims to be). + /// </summary> + ClientAuthenticated, + + /// <summary> + /// The client failed in an attempt to authenticate itself, claimed to be an unrecognized client, or otherwise messed up. + /// </summary> + ClientAuthenticationRejected, + } +} diff --git a/src/DotNetOpenAuth.OAuth2/OAuth2/ChannelElements/IClientAuthenticationModule.cs b/src/DotNetOpenAuth.OAuth2/OAuth2/ChannelElements/IClientAuthenticationModule.cs index b7c4792..470e533 100644 --- a/src/DotNetOpenAuth.OAuth2/OAuth2/ChannelElements/IClientAuthenticationModule.cs +++ b/src/DotNetOpenAuth.OAuth2/OAuth2/ChannelElements/IClientAuthenticationModule.cs @@ -1,22 +1,23 @@ -namespace DotNetOpenAuth.OAuth2.ChannelElements { - using System; - using System.Collections.Generic; - using System.Linq; - using System.Text; - using System.Web; - using DotNetOpenAuth.Messaging; - - public enum ClientAuthenticationResult { - NoAuthenticationRecognized, - - ClientIdNotAuthenticated, +//----------------------------------------------------------------------- +// <copyright file="IClientAuthenticationModule.cs" company="Andrew Arnott"> +// Copyright (c) Andrew Arnott. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- - ClientAuthenticated, - - ClientAuthenticationRejected, - } +namespace DotNetOpenAuth.OAuth2.ChannelElements { + using DotNetOpenAuth.Messaging; + /// <summary> + /// An interface implemented by extension that can read incoming messages and extract the client identifier and + /// possibly authentication information (like a shared secret, signed nonce, etc.) + /// </summary> public interface IClientAuthenticationModule { + /// <summary> + /// Attempts to extract client identification/authentication information from a message. + /// </summary> + /// <param name="requestMessage">The incoming message. Always an instance of <see cref="AuthenticatedClientRequestBase"/></param> + /// <param name="clientIdentifier">Receives the client identifier, if one was found.</param> + /// <returns>The level of the extracted client information.</returns> ClientAuthenticationResult TryAuthenticateClient(IDirectedProtocolMessage requestMessage, out string clientIdentifier); } } diff --git a/src/DotNetOpenAuth.OAuth2/OAuth2/OAuthUtilities.cs b/src/DotNetOpenAuth.OAuth2/OAuth2/OAuthUtilities.cs index 2e83482..661d102 100644 --- a/src/DotNetOpenAuth.OAuth2/OAuth2/OAuthUtilities.cs +++ b/src/DotNetOpenAuth.OAuth2/OAuth2/OAuthUtilities.cs @@ -18,21 +18,32 @@ namespace DotNetOpenAuth.OAuth2 { /// Some common utility methods for OAuth 2.0. /// </summary> public static class OAuthUtilities { - private const string HttpBasicAuthScheme = "Basic "; - /// <summary> /// The <see cref="StringComparer"/> instance to use when comparing scope equivalence. /// </summary> public static readonly StringComparer ScopeStringComparer = StringComparer.Ordinal; /// <summary> + /// The string "Basic ". + /// </summary> + private const string HttpBasicAuthScheme = "Basic "; + + /// <summary> /// The delimiter between scope elements. /// </summary> - private static char[] scopeDelimiter = new char[] { ' ' }; + private static readonly char[] scopeDelimiter = new char[] { ' ' }; + /// <summary> + /// A colon, in a 1-length character array. + /// </summary> private static readonly char[] ColonSeparator = new char[] { ':' }; /// <summary> + /// The encoding to use when preparing credentials for transit in HTTP Basic base64 encoding form. + /// </summary> + private static readonly Encoding HttpBasicEncoding = Encoding.UTF8; + + /// <summary> /// The characters that may appear in an access token that is included in an HTTP Authorization header. /// </summary> /// <remarks> @@ -134,8 +145,12 @@ namespace DotNetOpenAuth.OAuth2 { accessToken); } - private static readonly Encoding HttpBasicEncoding = Encoding.UTF8; - + /// <summary> + /// Applies the HTTP Authorization header for HTTP Basic authentication. + /// </summary> + /// <param name="headers">The headers collection to set the authorization header to.</param> + /// <param name="userName">The username. Cannot be empty.</param> + /// <param name="password">The password. Cannot be null.</param> internal static void ApplyHttpBasicAuth(WebHeaderCollection headers, string userName, string password) { Requires.NotNull(headers, "headers"); Requires.NotNullOrEmpty(userName, "userName"); @@ -148,6 +163,11 @@ namespace DotNetOpenAuth.OAuth2 { headers[HttpRequestHeader.Authorization] = header; } + /// <summary> + /// Extracts the username and password from an HTTP Basic authorized web header. + /// </summary> + /// <param name="headers">The incoming web headers.</param> + /// <returns>The network credentials; or <c>null</c> if none could be discovered in the request.</returns> internal static NetworkCredential ParseHttpBasicAuth(WebHeaderCollection headers) { Requires.NotNull(headers, "headers"); |