summaryrefslogtreecommitdiffstats
path: root/src/DotNetOpenAuth.OAuth2/OAuth2
diff options
context:
space:
mode:
Diffstat (limited to 'src/DotNetOpenAuth.OAuth2/OAuth2')
-rw-r--r--src/DotNetOpenAuth.OAuth2/OAuth2/ChannelElements/AuthorizationCode.cs7
-rw-r--r--src/DotNetOpenAuth.OAuth2/OAuth2/Messages/AccessTokenAuthorizationCodeRequest.cs5
2 files changed, 9 insertions, 3 deletions
diff --git a/src/DotNetOpenAuth.OAuth2/OAuth2/ChannelElements/AuthorizationCode.cs b/src/DotNetOpenAuth.OAuth2/OAuth2/ChannelElements/AuthorizationCode.cs
index ad9730a..6199178 100644
--- a/src/DotNetOpenAuth.OAuth2/OAuth2/ChannelElements/AuthorizationCode.cs
+++ b/src/DotNetOpenAuth.OAuth2/OAuth2/ChannelElements/AuthorizationCode.cs
@@ -33,12 +33,11 @@ namespace DotNetOpenAuth.OAuth2.ChannelElements {
/// Initializes a new instance of the <see cref="AuthorizationCode"/> class.
/// </summary>
/// <param name="clientIdentifier">The client identifier.</param>
- /// <param name="callback">The callback the client used to obtain authorization.</param>
+ /// <param name="callback">The callback the client used to obtain authorization, if one was explicitly included in the request.</param>
/// <param name="scopes">The authorized scopes.</param>
/// <param name="username">The name on the account that authorized access.</param>
internal AuthorizationCode(string clientIdentifier, Uri callback, IEnumerable<string> scopes, string username) {
Requires.NotNullOrEmpty(clientIdentifier, "clientIdentifier");
- Requires.NotNull(callback, "callback");
this.ClientIdentifier = clientIdentifier;
this.CallbackHash = CalculateCallbackHash(callback);
@@ -96,6 +95,10 @@ namespace DotNetOpenAuth.OAuth2.ChannelElements {
/// </returns>
[SuppressMessage("Microsoft.Reliability", "CA2000:Dispose objects before losing scope", Justification = "False positive.")]
private static byte[] CalculateCallbackHash(Uri callback) {
+ if (callback == null) {
+ return null;
+ }
+
using (var hasher = new SHA256Managed()) {
return hasher.ComputeHash(Encoding.UTF8.GetBytes(callback.AbsoluteUri));
}
diff --git a/src/DotNetOpenAuth.OAuth2/OAuth2/Messages/AccessTokenAuthorizationCodeRequest.cs b/src/DotNetOpenAuth.OAuth2/OAuth2/Messages/AccessTokenAuthorizationCodeRequest.cs
index 7c7cdc7..4931040 100644
--- a/src/DotNetOpenAuth.OAuth2/OAuth2/Messages/AccessTokenAuthorizationCodeRequest.cs
+++ b/src/DotNetOpenAuth.OAuth2/OAuth2/Messages/AccessTokenAuthorizationCodeRequest.cs
@@ -81,7 +81,10 @@ namespace DotNetOpenAuth.OAuth2.Messages {
/// <value>
/// The Callback URL used to obtain the Verification Code.
/// </value>
- [MessagePart(Protocol.redirect_uri, IsRequired = true)]
+ /// <remarks>
+ /// REQUIRED, if the redirect_uri parameter was included in the authorization request as described in Section 4.1.1, and their values MUST be identical.
+ /// </remarks>
+ [MessagePart(Protocol.redirect_uri, IsRequired = false)]
internal Uri Callback { get; set; }
/// <summary>