diff options
Diffstat (limited to 'src/DotNetOpenAuth/OAuth2/Messages/WebServer')
4 files changed, 312 insertions, 0 deletions
diff --git a/src/DotNetOpenAuth/OAuth2/Messages/WebServer/WebServerAccessTokenRequest.cs b/src/DotNetOpenAuth/OAuth2/Messages/WebServer/WebServerAccessTokenRequest.cs new file mode 100644 index 0000000..323d6de --- /dev/null +++ b/src/DotNetOpenAuth/OAuth2/Messages/WebServer/WebServerAccessTokenRequest.cs @@ -0,0 +1,148 @@ +//----------------------------------------------------------------------- +// <copyright file="WebServerAccessTokenRequest.cs" company="Andrew Arnott"> +// Copyright (c) Andrew Arnott. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- + +namespace DotNetOpenAuth.OAuth2.Messages { + using System; + using System.Diagnostics.Contracts; + using ChannelElements; + using Configuration; + using Messaging; + + /// <summary> + /// A message sent by the Client directly to the Authorization Server to exchange + /// the verification code for an Access Token. + /// </summary> + /// <remarks> + /// Used by the Web App (and Rich App?) profiles. + /// </remarks> + internal class WebServerAccessTokenRequest : MessageBase, IAccessTokenRequest, ITokenCarryingRequest, IOAuthDirectResponseFormat { + /// <summary> + /// The type of message. + /// </summary> + [MessagePart(Protocol.type, IsRequired = true)] + private const string Type = "web_server"; + + /// <summary> + /// Initializes a new instance of the <see cref="WebServerAccessTokenRequest"/> class. + /// </summary> + /// <param name="accessTokenEndpoint">The Authorization Server's access token endpoint URL.</param> + /// <param name="version">The version.</param> + internal WebServerAccessTokenRequest(Uri accessTokenEndpoint, Version version) + : base(version, MessageTransport.Direct, accessTokenEndpoint) { + this.HttpMethods = HttpDeliveryMethods.PostRequest; + } + + /// <summary> + /// Initializes a new instance of the <see cref="WebServerAccessTokenRequest"/> class. + /// </summary> + /// <param name="authorizationServer">The authorization server.</param> + internal WebServerAccessTokenRequest(AuthorizationServerDescription authorizationServer) + : this(authorizationServer.TokenEndpoint, authorizationServer.Version) { + Contract.Requires<ArgumentNullException>(authorizationServer != null); + Contract.Requires<ArgumentException>(authorizationServer.Version != null); + Contract.Requires<ArgumentException>(authorizationServer.TokenEndpoint != null); + + // We prefer URL encoding of the data. + this.Format = ResponseFormat.Form; + } + + /// <summary> + /// Gets the type of the code or token. + /// </summary> + /// <value>The type of the code or token.</value> + CodeOrTokenType ITokenCarryingRequest.CodeOrTokenType { + get { return CodeOrTokenType.VerificationCode; } + } + + /// <summary> + /// Gets or sets the verification code or refresh/access token. + /// </summary> + /// <value>The code or token.</value> + string ITokenCarryingRequest.CodeOrToken { + get { return this.VerificationCode; } + set { this.VerificationCode = value; } + } + + /// <summary> + /// Gets or sets the authorization that the token describes. + /// </summary> + IAuthorizationDescription ITokenCarryingRequest.AuthorizationDescription { get; set; } + + /// <summary> + /// Gets or sets the identifier by which this client is known to the Authorization Server. + /// </summary> + /// <value>The client identifier.</value> + [MessagePart(Protocol.client_id, IsRequired = true, AllowEmpty = false)] + public string ClientIdentifier { get; set; } + + /// <summary> + /// Gets or sets the client secret. + /// </summary> + /// <value>The client secret.</value> + /// <remarks> + /// REQUIRED if the client identifier has a matching secret. The client secret as described in Section 3.4 (Client Credentials). + /// </remarks> + [MessagePart(Protocol.client_secret, IsRequired = false, AllowEmpty = true)] + public string ClientSecret { get; set; } + + /// <summary> + /// Gets or sets the type of the secret. + /// </summary> + /// <value>The type of the secret.</value> + /// <remarks> + /// OPTIONAL. The access token secret type as described by Section 5.3 (Cryptographic Tokens Requests). If omitted, the authorization server will issue a bearer token (an access token without a matching secret) as described by Section 5.2 (Bearer Token Requests). + /// </remarks> + [MessagePart(Protocol.secret_type, IsRequired = false, AllowEmpty = false)] + public string SecretType { get; set; } + + ResponseFormat IOAuthDirectResponseFormat.Format { + get { return this.Format.HasValue ? this.Format.Value : ResponseFormat.Json; } + } + + /// <summary> + /// Gets or sets the verification code previously communicated to the Client + /// in <see cref="WebServerSuccessResponse.VerificationCode"/>. + /// </summary> + /// <value>The verification code received from the authorization server.</value> + [MessagePart(Protocol.code, IsRequired = true, AllowEmpty = false)] + internal string VerificationCode { get; set; } + + /// <summary> + /// Gets or sets the callback URL used in <see cref="EndUserAuthorizationRequest.Callback"/> + /// </summary> + /// <value> + /// The Callback URL used to obtain the Verification Code. + /// </value> + [MessagePart(Protocol.redirect_uri, IsRequired = true, AllowEmpty = false)] + internal Uri Callback { get; set; } + + /// <summary> + /// Gets or sets the format the client is requesting the authorization server should deliver the request in. + /// </summary> + /// <value>The format.</value> + [MessagePart(Protocol.format, Encoder = typeof(ResponseFormatEncoder))] + private ResponseFormat? Format { get; set; } + + /// <summary> + /// Checks the message state for conformity to the protocol specification + /// and throws an exception if the message is invalid. + /// </summary> + /// <remarks> + /// <para>Some messages have required fields, or combinations of fields that must relate to each other + /// in specialized ways. After deserializing a message, this method checks the state of the + /// message to see if it conforms to the protocol.</para> + /// <para>Note that this property should <i>not</i> check signatures or perform any state checks + /// outside this scope of this particular message.</para> + /// </remarks> + /// <exception cref="ProtocolException">Thrown if the message is invalid.</exception> + protected override void EnsureValidMessage() { + base.EnsureValidMessage(); + ErrorUtilities.VerifyProtocol( + DotNetOpenAuthSection.Configuration.Messaging.RelaxSslRequirements || this.Recipient.IsTransportSecure(), + OAuthWrapStrings.HttpsRequired); + } + } +} diff --git a/src/DotNetOpenAuth/OAuth2/Messages/WebServer/WebServerFailedResponse.cs b/src/DotNetOpenAuth/OAuth2/Messages/WebServer/WebServerFailedResponse.cs new file mode 100644 index 0000000..6735087 --- /dev/null +++ b/src/DotNetOpenAuth/OAuth2/Messages/WebServer/WebServerFailedResponse.cs @@ -0,0 +1,59 @@ +//----------------------------------------------------------------------- +// <copyright file="WebServerFailedResponse.cs" company="Andrew Arnott"> +// Copyright (c) Andrew Arnott. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- + +namespace DotNetOpenAuth.OAuth2.Messages { + using System; + using System.Diagnostics.Contracts; + using DotNetOpenAuth.Messaging; + + /// <summary> + /// The message the Authorization Server MAY use to send the user back to the Client + /// following the user's denial to grant Consumer with authorization of + /// access to requested resources. + /// </summary> + internal class WebServerFailedResponse : MessageBase, IMessageWithClientState { + /// <summary> + /// A constant parameter that indicates the user refused to grant the requested authorization. + /// </summary> + [MessagePart(Protocol.error, IsRequired = true)] + private const string ErrorReason = Protocol.user_denied; + + /// <summary> + /// Initializes a new instance of the <see cref="WebServerFailedResponse"/> class. + /// </summary> + /// <param name="clientCallback">The recipient of the message.</param> + /// <param name="version">The version.</param> + internal WebServerFailedResponse(Uri clientCallback, Version version) : + base(version, MessageTransport.Indirect, clientCallback) { + Contract.Requires<ArgumentNullException>(version != null); + Contract.Requires<ArgumentNullException>(clientCallback != null); + } + + /// <summary> + /// Initializes a new instance of the <see cref="WebServerFailedResponse"/> class. + /// </summary> + /// <param name="clientCallback">The client callback.</param> + /// <param name="request">The request.</param> + internal WebServerFailedResponse(Uri clientCallback, EndUserAuthorizationRequest request) + : this(clientCallback, ((IMessage)request).Version) { + Contract.Requires<ArgumentNullException>(clientCallback != null, "clientCallback"); + Contract.Requires<ArgumentNullException>(request != null, "request"); + ((IMessageWithClientState)this).ClientState = ((IMessageWithClientState)request).ClientState; + } + + /// <summary> + /// Gets or sets the state of the client that was supplied to the Authorization Server. + /// </summary> + /// <value> + /// An opaque value that Clients can use to maintain state associated with the authorization request. + /// </value> + /// <remarks> + /// If this value is present, the Authorization Server MUST return it to the Client's callback URL. + /// </remarks> + [MessagePart(Protocol.state, IsRequired = false, AllowEmpty = true)] + public string ClientState { get; set; } + } +} diff --git a/src/DotNetOpenAuth/OAuth2/Messages/WebServer/WebServerRequest.cs b/src/DotNetOpenAuth/OAuth2/Messages/WebServer/WebServerRequest.cs new file mode 100644 index 0000000..c1d9f26 --- /dev/null +++ b/src/DotNetOpenAuth/OAuth2/Messages/WebServer/WebServerRequest.cs @@ -0,0 +1,50 @@ +//----------------------------------------------------------------------- +// <copyright file="WebServerRequest.cs" company="Andrew Arnott"> +// Copyright (c) Andrew Arnott. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- + +namespace DotNetOpenAuth.OAuth2.Messages { + using System; + using System.Collections.Generic; + using System.Diagnostics.Contracts; + using System.Linq; + using System.Text; + using DotNetOpenAuth.Messaging; + + /// <summary> + /// A message sent by a web application Client to the AuthorizationServer + /// via the user agent to obtain authorization from the user and prepare + /// to issue an access token to the Consumer if permission is granted. + /// </summary> + [Serializable] + public class WebServerRequest : EndUserAuthorizationRequest { + /// <summary> + /// The type of message. + /// </summary> + [MessagePart(Protocol.type, IsRequired = true)] + private const string Type = "web_server"; + + /// <summary> + /// Initializes a new instance of the <see cref="WebServerRequest"/> class. + /// </summary> + /// <param name="authorizationEndpoint">The Authorization Server's user authorization URL to direct the user to.</param> + /// <param name="version">The protocol version.</param> + internal WebServerRequest(Uri authorizationEndpoint, Version version) + : base(authorizationEndpoint, version) { + Contract.Requires<ArgumentNullException>(authorizationEndpoint != null); + Contract.Requires<ArgumentNullException>(version != null); + } + + /// <summary> + /// Initializes a new instance of the <see cref="WebServerRequest"/> class. + /// </summary> + /// <param name="authorizationServer">The authorization server.</param> + internal WebServerRequest(AuthorizationServerDescription authorizationServer) + : base(authorizationServer) { + Contract.Requires<ArgumentNullException>(authorizationServer != null); + Contract.Requires<ArgumentException>(authorizationServer.Version != null); + Contract.Requires<ArgumentException>(authorizationServer.AuthorizationEndpoint != null); + } + } +} diff --git a/src/DotNetOpenAuth/OAuth2/Messages/WebServer/WebServerSuccessResponse.cs b/src/DotNetOpenAuth/OAuth2/Messages/WebServer/WebServerSuccessResponse.cs new file mode 100644 index 0000000..7135ba0 --- /dev/null +++ b/src/DotNetOpenAuth/OAuth2/Messages/WebServer/WebServerSuccessResponse.cs @@ -0,0 +1,55 @@ +//----------------------------------------------------------------------- +// <copyright file="WebServerSuccessResponse.cs" company="Andrew Arnott"> +// Copyright (c) Andrew Arnott. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- + +namespace DotNetOpenAuth.OAuth2.Messages { + using System; + using System.Diagnostics.Contracts; + using DotNetOpenAuth.Messaging; + using DotNetOpenAuth.OAuth2.ChannelElements; + + /// <summary> + /// The message sent by the Authorization Server to the Client via the user agent + /// to indicate that user authorization was granted, and to return the user + /// to the Client where they started their experience. + /// </summary> + internal class WebServerSuccessResponse : EndUserAuthorizationSuccessResponse { + /// <summary> + /// Initializes a new instance of the <see cref="WebServerSuccessResponse"/> class. + /// </summary> + /// <param name="clientCallback">The client callback.</param> + /// <param name="version">The protocol version.</param> + internal WebServerSuccessResponse(Uri clientCallback, Version version) + : base(clientCallback, version) { + Contract.Requires<ArgumentNullException>(version != null); + Contract.Requires<ArgumentNullException>(clientCallback != null); + } + + /// <summary> + /// Initializes a new instance of the <see cref="WebServerSuccessResponse"/> class. + /// </summary> + /// <param name="clientCallback">The client callback.</param> + /// <param name="request">The request.</param> + internal WebServerSuccessResponse(Uri clientCallback, EndUserAuthorizationRequest request) + : base(clientCallback, request) { + Contract.Requires<ArgumentNullException>(clientCallback != null, "clientCallback"); + Contract.Requires<ArgumentNullException>(request != null, "request"); + ((IMessageWithClientState)this).ClientState = ((IMessageWithClientState)request).ClientState; + } + + /// <summary> + /// Gets or sets the verification code. + /// </summary> + /// <value> + /// The long-lived credential assigned by the Authorization Server to this Consumer for + /// use in accessing the authorizing user's protected resources. + /// </value> + [MessagePart(Protocol.code, IsRequired = true, AllowEmpty = false)] + internal new string VerificationCode { + get { return base.VerificationCode; } + set { base.VerificationCode = value; } + } + } +} |