diff options
Diffstat (limited to 'src')
38 files changed, 635 insertions, 1350 deletions
diff --git a/src/DotNetOpenAuth/DotNetOpenAuth.csproj b/src/DotNetOpenAuth/DotNetOpenAuth.csproj index 84cbfcb..6dbc3a0 100644 --- a/src/DotNetOpenAuth/DotNetOpenAuth.csproj +++ b/src/DotNetOpenAuth/DotNetOpenAuth.csproj @@ -312,9 +312,10 @@ http://opensource.org/licenses/ms-pl.html <Compile Include="OAuth2\ChannelElements\AccessToken.cs" /> <Compile Include="OAuth2\ChannelElements\AuthorizationDataBag.cs" /> <Compile Include="OAuth2\ChannelElements\AuthServerBindingElementBase.cs" /> + <Compile Include="OAuth2\ChannelElements\GrantTypeEncoder.cs" /> + <Compile Include="OAuth2\ChannelElements\EndUserAuthorizationResponseTypeEncoder.cs" /> <Compile Include="OAuth2\ChannelElements\IDataBagFormatter.cs" /> <Compile Include="OAuth2\ChannelElements\UriStyleMessageFormatter.cs" /> - <Compile Include="OAuth2\ChannelElements\IAccessTokenRequest.cs" /> <Compile Include="OAuth2\ChannelElements\IAuthorizationDescription.cs" /> <Compile Include="OAuth2\ChannelElements\ITokenCarryingRequest.cs" /> <Compile Include="OAuth2\ChannelElements\OAuthWrapResourceServerChannel.cs" /> @@ -331,24 +332,18 @@ http://opensource.org/licenses/ms-pl.html <Compile Include="OAuth2\IClientTokenManager.cs" /> <Compile Include="OAuth2\IConsumerDescription.cs" /> <Compile Include="OAuth2\Messages\AccessProtectedResourceRequest.cs" /> - <Compile Include="OAuth2\Messages\Assertion\AssertionRequest.cs" /> - <Compile Include="OAuth2\Messages\ClientCredentials\ClientCredentialsRequest.cs" /> - <Compile Include="OAuth2\Messages\IAccessTokenSuccessResponse.cs" /> - <Compile Include="OAuth2\Messages\IMessageWithClientState.cs" /> - <Compile Include="OAuth2\Messages\RefreshAccessTokenRequest.cs" /> - <Compile Include="OAuth2\Messages\Device\DeviceAccessTokenRequest.cs" /> - <Compile Include="OAuth2\Messages\Device\DeviceRequest.cs" /> - <Compile Include="OAuth2\Messages\Device\DeviceResponse.cs" /> + <Compile Include="OAuth2\Messages\AccessTokenAssertionRequest.cs" /> + <Compile Include="OAuth2\Messages\AccessTokenAuthorizationCodeRequest.cs" /> + <Compile Include="OAuth2\Messages\AccessTokenBasicCredentialsRequest.cs" /> + <Compile Include="OAuth2\Messages\AccessTokenRequestBase.cs" /> + <Compile Include="OAuth2\Messages\AccessTokenClientCredentialsRequest.cs" /> + <Compile Include="OAuth2\Messages\GrantType.cs" /> + <Compile Include="OAuth2\Messages\AccessTokenRefreshRequest.cs" /> + <Compile Include="OAuth2\Messages\EndUserAuthorizationResponseType.cs" /> <Compile Include="OAuth2\Messages\UnauthorizedResponse.cs" /> <Compile Include="OAuth2\Messages\AccessTokenFailedResponse.cs" /> <Compile Include="OAuth2\Messages\AccessTokenSuccessResponse.cs" /> - <Compile Include="OAuth2\Messages\UserAgent\UserAgentFailedResponse.cs" /> - <Compile Include="OAuth2\Messages\UserAgent\UserAgentRequest.cs" /> - <Compile Include="OAuth2\Messages\UserAgent\UserAgentSuccessResponse.cs" /> - <Compile Include="OAuth2\Messages\UsernameAndPassword\UserNamePasswordCaptchaResponse.cs" /> - <Compile Include="OAuth2\Messages\UsernameAndPassword\UserNamePasswordVerificationResponse.cs" /> <Compile Include="OAuth2\Messages\EndUserAuthorizationSuccessResponse.cs" /> - <Compile Include="OAuth2\Messages\WebServer\WebServerRequest.cs" /> <Compile Include="OAuth2\ResourceServer.cs" /> <Compile Include="OAuth2\StandardAccessTokenAnalyzer.cs" /> <Compile Include="OAuth2\UserAgentClient.cs" /> @@ -643,13 +638,7 @@ http://opensource.org/licenses/ms-pl.html <Compile Include="OAuth2\ChannelElements\OAuthWrapAuthorizationServerChannel.cs" /> <Compile Include="OAuth2\ClientBase.cs" /> <Compile Include="OAuth2\Messages\MessageBase.cs" /> - <Compile Include="OAuth2\Messages\WebServer\WebServerAccessTokenRequest.cs" /> - <Compile Include="OAuth2\Messages\WebServer\WebServerFailedResponse.cs" /> <Compile Include="OAuth2\Messages\EndUserAuthorizationRequest.cs" /> - <Compile Include="OAuth2\Messages\WebServer\WebServerSuccessResponse.cs" /> - <Compile Include="OAuth2\Messages\UsernameAndPassword\UserNamePasswordFailedResponse.cs" /> - <Compile Include="OAuth2\Messages\UsernameAndPassword\UserNamePasswordRequest.cs" /> - <Compile Include="OAuth2\Messages\UsernameAndPassword\UserNamePasswordSuccessResponse.cs" /> <Compile Include="OAuth2\Protocol.cs" /> <Compile Include="OAuth2\OAuthWrapStrings.Designer.cs"> <AutoGen>True</AutoGen> diff --git a/src/DotNetOpenAuth/OAuth2/ChannelElements/EndUserAuthorizationResponseTypeEncoder.cs b/src/DotNetOpenAuth/OAuth2/ChannelElements/EndUserAuthorizationResponseTypeEncoder.cs new file mode 100644 index 0000000..491ace9 --- /dev/null +++ b/src/DotNetOpenAuth/OAuth2/ChannelElements/EndUserAuthorizationResponseTypeEncoder.cs @@ -0,0 +1,67 @@ +//----------------------------------------------------------------------- +// <copyright file="EndUserAuthorizationResponseTypeEncoder.cs" company="Andrew Arnott"> +// Copyright (c) Andrew Arnott. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- + +namespace DotNetOpenAuth.OAuth2.ChannelElements { + using System; + using DotNetOpenAuth.Messaging; + using DotNetOpenAuth.Messaging.Reflection; + using DotNetOpenAuth.OAuth2.Messages; + + internal class EndUserAuthorizationResponseTypeEncoder : IMessagePartEncoder { + /// <summary> + /// Initializes a new instance of the <see cref="EndUserAuthorizationResponseTypeEncoder"/> class. + /// </summary> + internal EndUserAuthorizationResponseTypeEncoder() { + } + + #region IMessagePartEncoder Members + + /// <summary> + /// Encodes the specified value. + /// </summary> + /// <param name="value">The value. Guaranteed to never be null.</param> + /// <returns> + /// The <paramref name="value"/> in string form, ready for message transport. + /// </returns> + public string Encode(object value) { + var responseType = (EndUserAuthorizationResponseType)value; + switch (responseType) + { + case EndUserAuthorizationResponseType.Both: + return Protocol.ResponseTypes.CodeAndToken; + case EndUserAuthorizationResponseType.AccessToken: + return Protocol.ResponseTypes.Token; + case EndUserAuthorizationResponseType.AuthorizationCode: + return Protocol.ResponseTypes.Code; + default: + throw ErrorUtilities.ThrowFormat(MessagingStrings.UnexpectedMessagePartValue, Protocol.response_type, value); + } + } + + /// <summary> + /// Decodes the specified value. + /// </summary> + /// <param name="value">The string value carried by the transport. Guaranteed to never be null, although it may be empty.</param> + /// <returns> + /// The deserialized form of the given string. + /// </returns> + /// <exception cref="FormatException">Thrown when the string value given cannot be decoded into the required object type.</exception> + public object Decode(string value) { + switch (value) { + case Protocol.ResponseTypes.CodeAndToken: + return EndUserAuthorizationResponseType.Both; + case Protocol.ResponseTypes.Token: + return EndUserAuthorizationResponseType.AccessToken; + case Protocol.ResponseTypes.Code: + return EndUserAuthorizationResponseType.AuthorizationCode; + default: + throw ErrorUtilities.ThrowFormat(MessagingStrings.UnexpectedMessagePartValue, Protocol.response_type, value); + } + } + + #endregion + } +} diff --git a/src/DotNetOpenAuth/OAuth2/ChannelElements/GrantTypeEncoder.cs b/src/DotNetOpenAuth/OAuth2/ChannelElements/GrantTypeEncoder.cs new file mode 100644 index 0000000..5414793 --- /dev/null +++ b/src/DotNetOpenAuth/OAuth2/ChannelElements/GrantTypeEncoder.cs @@ -0,0 +1,75 @@ +//----------------------------------------------------------------------- +// <copyright file="GrantTypeEncoder.cs" company="Andrew Arnott"> +// Copyright (c) Andrew Arnott. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- + +namespace DotNetOpenAuth.OAuth2.ChannelElements { + using System; + using DotNetOpenAuth.Messaging; + using DotNetOpenAuth.Messaging.Reflection; + using DotNetOpenAuth.OAuth2.Messages; + + internal class GrantTypeEncoder : IMessagePartEncoder { + /// <summary> + /// Initializes a new instance of the <see cref="GrantTypeEncoder"/> class. + /// </summary> + internal GrantTypeEncoder() { + } + + #region IMessagePartEncoder Members + + /// <summary> + /// Encodes the specified value. + /// </summary> + /// <param name="value">The value. Guaranteed to never be null.</param> + /// <returns> + /// The <paramref name="value"/> in string form, ready for message transport. + /// </returns> + public string Encode(object value) { + var responseType = (GrantType)value; + switch (responseType) + { + case GrantType.None: + return Protocol.GrantTypes.None; + case GrantType.AuthorizationCode: + return Protocol.GrantTypes.AuthorizationCode; + case GrantType.RefreshToken: + return Protocol.GrantTypes.RefreshToken; + case GrantType.BasicCredentials: + return Protocol.GrantTypes.BasicCredentials; + case GrantType.Assertion: + return Protocol.GrantTypes.Assertion; + default: + throw ErrorUtilities.ThrowFormat(MessagingStrings.UnexpectedMessagePartValue, Protocol.grant_type, value); + } + } + + /// <summary> + /// Decodes the specified value. + /// </summary> + /// <param name="value">The string value carried by the transport. Guaranteed to never be null, although it may be empty.</param> + /// <returns> + /// The deserialized form of the given string. + /// </returns> + /// <exception cref="FormatException">Thrown when the string value given cannot be decoded into the required object type.</exception> + public object Decode(string value) { + switch (value) { + case Protocol.GrantTypes.None: + return GrantType.None; + case Protocol.GrantTypes.Assertion: + return GrantType.Assertion; + case Protocol.GrantTypes.BasicCredentials: + return GrantType.BasicCredentials; + case Protocol.GrantTypes.RefreshToken: + return GrantType.RefreshToken; + case Protocol.GrantTypes.AuthorizationCode: + return GrantType.AuthorizationCode; + default: + throw ErrorUtilities.ThrowFormat(MessagingStrings.UnexpectedMessagePartValue, Protocol.grant_type, value); + } + } + + #endregion + } +} diff --git a/src/DotNetOpenAuth/OAuth2/ChannelElements/IAccessTokenRequest.cs b/src/DotNetOpenAuth/OAuth2/ChannelElements/IAccessTokenRequest.cs deleted file mode 100644 index f1f2361..0000000 --- a/src/DotNetOpenAuth/OAuth2/ChannelElements/IAccessTokenRequest.cs +++ /dev/null @@ -1,31 +0,0 @@ -//----------------------------------------------------------------------- -// <copyright file="IAccessTokenRequest.cs" company="Andrew Arnott"> -// Copyright (c) Andrew Arnott. All rights reserved. -// </copyright> -//----------------------------------------------------------------------- - -namespace DotNetOpenAuth.OAuth2.ChannelElements { - using System; - using System.Collections.Generic; - using System.Linq; - using System.Text; - using Messages; - using Messaging; - - /// <summary> - /// A message from the client to the authorization server requesting an access token. - /// </summary> - public interface IAccessTokenRequest : IDirectedProtocolMessage { - /// <summary> - /// Gets the client identifier. - /// </summary> - /// <value>The client identifier.</value> - string ClientIdentifier { get; } - - /// <summary> - /// Gets the client secret. - /// </summary> - /// <value>The client secret.</value> - string ClientSecret { get; } - } -} diff --git a/src/DotNetOpenAuth/OAuth2/ChannelElements/ITokenCarryingRequest.cs b/src/DotNetOpenAuth/OAuth2/ChannelElements/ITokenCarryingRequest.cs index 79d52ee..0f4d84f 100644 --- a/src/DotNetOpenAuth/OAuth2/ChannelElements/ITokenCarryingRequest.cs +++ b/src/DotNetOpenAuth/OAuth2/ChannelElements/ITokenCarryingRequest.cs @@ -14,7 +14,7 @@ namespace DotNetOpenAuth.OAuth2.ChannelElements { /// <summary> /// The code issued to the client after the user has approved authorization. /// </summary> - VerificationCode, + AuthorizationCode, /// <summary> /// The long-lived token issued to the client that enables it to obtain diff --git a/src/DotNetOpenAuth/OAuth2/ClientBase.cs b/src/DotNetOpenAuth/OAuth2/ClientBase.cs index 27bc97b..93e1c47 100644 --- a/src/DotNetOpenAuth/OAuth2/ClientBase.cs +++ b/src/DotNetOpenAuth/OAuth2/ClientBase.cs @@ -132,7 +132,7 @@ namespace DotNetOpenAuth.OAuth2 { /// </summary> /// <param name="authorizationState">The authorization state maintained by the client.</param> /// <param name="accessTokenSuccess">The access token containing response message.</param> - internal void UpdateAuthorizationWithResponse(IAuthorizationState authorizationState, IAccessTokenSuccessResponse accessTokenSuccess) { + internal void UpdateAuthorizationWithResponse(IAuthorizationState authorizationState, AccessTokenSuccessResponse accessTokenSuccess) { Contract.Requires<ArgumentNullException>(authorizationState != null, "authorizationState"); Contract.Requires<ArgumentNullException>(accessTokenSuccess != null, "accessTokenSuccess"); diff --git a/src/DotNetOpenAuth/OAuth2/Messages/AccessTokenAssertionRequest.cs b/src/DotNetOpenAuth/OAuth2/Messages/AccessTokenAssertionRequest.cs new file mode 100644 index 0000000..d3abf54 --- /dev/null +++ b/src/DotNetOpenAuth/OAuth2/Messages/AccessTokenAssertionRequest.cs @@ -0,0 +1,33 @@ +//----------------------------------------------------------------------- +// <copyright file="AccessTokenAssertionRequest.cs" company="Andrew Arnott"> +// Copyright (c) Andrew Arnott. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- + +namespace DotNetOpenAuth.OAuth2.Messages { + using System; + using System.Collections.Generic; + using System.Linq; + using System.Text; + using DotNetOpenAuth.Messaging; + + internal class AccessTokenAssertionRequest : AccessTokenRequestBase { + internal AccessTokenAssertionRequest(Uri tokenEndpoint, Version version) + : base(tokenEndpoint, version) { + } + + /// <summary> + /// Gets or sets the format of the assertion as defined by the Authorization Server. + /// </summary> + /// <value>The assertion format.</value> + [MessagePart(Protocol.assertion_type, IsRequired = true, AllowEmpty = false)] + internal string AssertionType { get; set; } + + /// <summary> + /// Gets or sets the assertion. + /// </summary> + /// <value>The assertion.</value> + [MessagePart(Protocol.assertion, IsRequired = true, AllowEmpty = false)] + internal string Assertion { get; set; } + } +} diff --git a/src/DotNetOpenAuth/OAuth2/Messages/AccessTokenAuthorizationCodeRequest.cs b/src/DotNetOpenAuth/OAuth2/Messages/AccessTokenAuthorizationCodeRequest.cs new file mode 100644 index 0000000..3e679e6 --- /dev/null +++ b/src/DotNetOpenAuth/OAuth2/Messages/AccessTokenAuthorizationCodeRequest.cs @@ -0,0 +1,86 @@ +//----------------------------------------------------------------------- +// <copyright file="AccessTokenAuthorizationCodeRequest.cs" company="Andrew Arnott"> +// Copyright (c) Andrew Arnott. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- + +namespace DotNetOpenAuth.OAuth2.Messages { + using System; + using System.Collections.Generic; + using System.Linq; + using System.Text; + + using DotNetOpenAuth.Messaging; + using DotNetOpenAuth.OAuth2.ChannelElements; + + internal class AccessTokenAuthorizationCodeRequest : AccessTokenRequestBase, ITokenCarryingRequest { + /// <summary> + /// Initializes a new instance of the <see cref="AccessTokenAuthorizationCodeRequest"/> class. + /// </summary> + /// <param name="accessTokenEndpoint">The Authorization Server's access token endpoint URL.</param> + /// <param name="version">The version.</param> + internal AccessTokenAuthorizationCodeRequest(Uri accessTokenEndpoint, Version version) + : base(accessTokenEndpoint, version) { + } + + internal override GrantType GrantType { + get { return Messages.GrantType.AuthorizationCode; } + } + + /// <summary> + /// Gets the type of the code or token. + /// </summary> + /// <value>The type of the code or token.</value> + CodeOrTokenType ITokenCarryingRequest.CodeOrTokenType { + get { return CodeOrTokenType.AuthorizationCode; } + } + + /// <summary> + /// Gets or sets the verification code or refresh/access token. + /// </summary> + /// <value>The code or token.</value> + string ITokenCarryingRequest.CodeOrToken { + get { return this.AuthorizationCode; } + set { this.AuthorizationCode = value; } + } + + /// <summary> + /// Gets or sets the authorization that the token describes. + /// </summary> + IAuthorizationDescription ITokenCarryingRequest.AuthorizationDescription { get; set; } + + /// <summary> + /// Gets or sets the verification code previously communicated to the Client + /// in <see cref="WebServerSuccessResponse.VerificationCode"/>. + /// </summary> + /// <value>The verification code received from the authorization server.</value> + [MessagePart(Protocol.code, IsRequired = true, AllowEmpty = false)] + internal string AuthorizationCode { get; set; } + + /// <summary> + /// Gets or sets the callback URL used in <see cref="EndUserAuthorizationRequest.Callback"/> + /// </summary> + /// <value> + /// The Callback URL used to obtain the Verification Code. + /// </value> + [MessagePart(Protocol.redirect_uri, IsRequired = true, AllowEmpty = false)] + internal Uri Callback { get; set; } + + /// <summary> + /// Gets or sets the identifier by which this client is known to the Authorization Server. + /// </summary> + /// <value>The client identifier.</value> + [MessagePart(Protocol.client_id, IsRequired = true, AllowEmpty = false)] + public string ClientIdentifier { get; set; } + + /// <summary> + /// Gets or sets the client secret. + /// </summary> + /// <value>The client secret.</value> + /// <remarks> + /// REQUIRED if the client identifier has a matching secret. The client secret as described in Section 3.4 (Client Credentials). + /// </remarks> + [MessagePart(Protocol.client_secret, IsRequired = false, AllowEmpty = true)] + public string ClientSecret { get; set; } + } +} diff --git a/src/DotNetOpenAuth/OAuth2/Messages/AccessTokenBasicCredentialsRequest.cs b/src/DotNetOpenAuth/OAuth2/Messages/AccessTokenBasicCredentialsRequest.cs new file mode 100644 index 0000000..e6c95ee --- /dev/null +++ b/src/DotNetOpenAuth/OAuth2/Messages/AccessTokenBasicCredentialsRequest.cs @@ -0,0 +1,42 @@ +//----------------------------------------------------------------------- +// <copyright file="AccessTokenBasicCredentialsRequest.cs" company="Andrew Arnott"> +// Copyright (c) Andrew Arnott. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- + +namespace DotNetOpenAuth.OAuth2.Messages { + using System; + using System.Collections.Generic; + using System.Linq; + using System.Text; + + using DotNetOpenAuth.Messaging; + + internal class AccessTokenBasicCredentialsRequest : AccessTokenRequestBase { + /// <summary> + /// Initializes a new instance of the <see cref="AccessTokenBasicCredentialsRequest"/> class. + /// </summary> + internal AccessTokenBasicCredentialsRequest(Uri accessTokenEndpoint, Version version) + : base(accessTokenEndpoint, version) { + } + + internal override GrantType GrantType { + get { return Messages.GrantType.BasicCredentials; } + } + + /// <summary> + /// Gets or sets the user's account username. + /// </summary> + /// <value>The username on the user's account.</value> + [MessagePart(Protocol.username, IsRequired = true, AllowEmpty = false)] + internal string UserName { get; set; } + + /// <summary> + /// Gets or sets the user's password. + /// </summary> + /// <value>The password.</value> + [MessagePart(Protocol.password, IsRequired = true, AllowEmpty = true)] + internal string Password { get; set; } + + } +} diff --git a/src/DotNetOpenAuth/OAuth2/Messages/ClientCredentials/ClientCredentialsRequest.cs b/src/DotNetOpenAuth/OAuth2/Messages/AccessTokenClientCredentialsRequest.cs index ced70a2..227765f 100644 --- a/src/DotNetOpenAuth/OAuth2/Messages/ClientCredentials/ClientCredentialsRequest.cs +++ b/src/DotNetOpenAuth/OAuth2/Messages/AccessTokenClientCredentialsRequest.cs @@ -1,5 +1,5 @@ //----------------------------------------------------------------------- -// <copyright file="ClientCredentialsRequest.cs" company="Andrew Arnott"> +// <copyright file="AccessTokenClientCredentialsRequest.cs" company="Andrew Arnott"> // Copyright (c) Andrew Arnott. All rights reserved. // </copyright> //----------------------------------------------------------------------- @@ -19,48 +19,18 @@ namespace DotNetOpenAuth.OAuth2.Messages { /// <remarks> /// This is somewhat analogous to 2-legged OAuth. /// </remarks> - internal class ClientCredentialsRequest : MessageBase, IAccessTokenRequest { + internal class AccessTokenClientCredentialsRequest : AccessTokenRequestBase { /// <summary> - /// Initializes a new instance of the <see cref="ClientCredentialsRequest"/> class. + /// Initializes a new instance of the <see cref="AccessTokenClientCredentialsRequest"/> class. /// </summary> - /// <param name="authorizationServer">The authorization server.</param> + /// <param name="tokenEndpoint">The authorization server.</param> /// <param name="version">The version.</param> - internal ClientCredentialsRequest(Uri authorizationServer, Version version) - : base(version, MessageTransport.Direct, authorizationServer) { + internal AccessTokenClientCredentialsRequest(Uri tokenEndpoint, Version version) + : base(tokenEndpoint, version) { this.HttpMethods = HttpDeliveryMethods.PostRequest; } /// <summary> - /// Gets or sets the account name. - /// </summary> - /// <value>The name on the account.</value> - [MessagePart(Protocol.client_id, IsRequired = true, AllowEmpty = false)] - public string ClientIdentifier { get; internal set; } - - /// <summary> - /// Gets or sets the user's password. - /// </summary> - /// <value>The password.</value> - [MessagePart(Protocol.client_secret, IsRequired = true, AllowEmpty = false)] - public string ClientSecret { get; internal set; } - - /// <summary> - /// Gets or sets the type of the secret. - /// </summary> - /// <value>The type of the secret.</value> - /// <remarks> - /// OPTIONAL. The access token secret type as described by Section 5.3 (Cryptographic Tokens Requests). If omitted, the authorization server will issue a bearer token (an access token without a matching secret) as described by Section 5.2 (Bearer Token Requests). - /// </remarks> - [MessagePart(Protocol.secret_type, IsRequired = false, AllowEmpty = false)] - public string SecretType { get; set; } - - /// <summary> - /// Gets or sets an optional authorization scope as defined by the Authorization Server. - /// </summary> - [MessagePart(Protocol.scope, IsRequired = false, AllowEmpty = true)] - internal string Scope { get; set; } - - /// <summary> /// Checks the message state for conformity to the protocol specification /// and throws an exception if the message is invalid. /// </summary> @@ -76,5 +46,9 @@ namespace DotNetOpenAuth.OAuth2.Messages { base.EnsureValidMessage(); ErrorUtilities.VerifyProtocol(this.Recipient.IsTransportSecure(), OAuthWrapStrings.HttpsRequired); } + + internal override GrantType GrantType { + get { return Messages.GrantType.None; } + } } } diff --git a/src/DotNetOpenAuth/OAuth2/Messages/AccessTokenFailedResponse.cs b/src/DotNetOpenAuth/OAuth2/Messages/AccessTokenFailedResponse.cs index cb77b99..28bcefe 100644 --- a/src/DotNetOpenAuth/OAuth2/Messages/AccessTokenFailedResponse.cs +++ b/src/DotNetOpenAuth/OAuth2/Messages/AccessTokenFailedResponse.cs @@ -5,7 +5,9 @@ //----------------------------------------------------------------------- namespace DotNetOpenAuth.OAuth2.Messages { - using ChannelElements; + using System; + using System.Net; + using Messaging; /// <summary> @@ -16,23 +18,69 @@ namespace DotNetOpenAuth.OAuth2.Messages { /// <remarks> /// This message type is shared by the Web App, Rich App, and Username/Password profiles. /// </remarks> - internal class AccessTokenFailedResponse : UnauthorizedResponse { + internal class AccessTokenFailedResponse : MessageBase, IHttpDirectResponse { + /// <summary> + /// A value indicating whether this error response is in result to a request that had invalid client credentials which were supplied in the HTTP Authorization header. + /// </summary> + private readonly bool invalidClientCredentialsInAuthorizationHeader; + /// <summary> /// Initializes a new instance of the <see cref="AccessTokenFailedResponse"/> class. /// </summary> - /// <param name="request">The request.</param> - internal AccessTokenFailedResponse(IAccessTokenRequest request) + /// <param name="request">The faulty request.</param> + internal AccessTokenFailedResponse(AccessTokenRequestBase request) : base(request) { } /// <summary> + /// Initializes a new instance of the <see cref="AccessTokenFailedResponse"/> class. + /// </summary> + /// <param name="request">The faulty request.</param> + /// <param name="invalidClientCredentialsInAuthorizationHeader">A value indicating whether this error response is in result to a request that had invalid client credentials which were supplied in the HTTP Authorization header.</param> + internal AccessTokenFailedResponse(AccessTokenRequestBase request, bool invalidClientCredentialsInAuthorizationHeader) + : base(request) + { + this.invalidClientCredentialsInAuthorizationHeader = invalidClientCredentialsInAuthorizationHeader; + } + + /// <summary> /// Gets or sets the error. /// </summary> - /// <value>The error.</value> - /// <remarks> - /// REQUIRED. The parameter value MUST be set to one of the values specified by each flow. - /// </remarks> + /// <value>One of the values given in <see cref="Protocol.ErrorCodes"/>.</value> [MessagePart(Protocol.error, IsRequired = true, AllowEmpty = false)] internal string Error { get; set; } + + /// <summary> + /// Gets or sets a human readable description of the error. + /// </summary> + /// <value>Human-readable text providing additional information, used to assist in the understanding and resolution of the error that occurred.</value> + [MessagePart(Protocol.error_description, AllowEmpty = true, IsRequired = false)] + internal string ErrorDescription { get; set; } + + /// <summary> + /// Gets or sets the location of the web page that describes the error and possible resolution. + /// </summary> + /// <value>A URI identifying a human-readable web page with information about the error, used to provide the end-user with additional information about the error.</value> + [MessagePart(Protocol.error_uri, AllowEmpty = false, IsRequired = false)] + internal Uri ErrorUri { get; set; } + + #region IHttpDirectResponse Members + + /// <summary> + /// Gets the HTTP status code that the direct response should be sent with. + /// </summary> + HttpStatusCode IHttpDirectResponse.HttpStatusCode { + get { return this.invalidClientCredentialsInAuthorizationHeader ? HttpStatusCode.Unauthorized : HttpStatusCode.BadRequest; } + } + + /// <summary> + /// Gets the HTTP headers to add to the response. + /// </summary> + /// <value>May be an empty collection, but must not be <c>null</c>.</value> + WebHeaderCollection IHttpDirectResponse.Headers { + get { return new WebHeaderCollection(); } + } + + #endregion } } diff --git a/src/DotNetOpenAuth/OAuth2/Messages/RefreshAccessTokenRequest.cs b/src/DotNetOpenAuth/OAuth2/Messages/AccessTokenRefreshRequest.cs index a69636b..f15f190 100644 --- a/src/DotNetOpenAuth/OAuth2/Messages/RefreshAccessTokenRequest.cs +++ b/src/DotNetOpenAuth/OAuth2/Messages/AccessTokenRefreshRequest.cs @@ -1,5 +1,5 @@ //----------------------------------------------------------------------- -// <copyright file="RefreshAccessTokenRequest.cs" company="Andrew Arnott"> +// <copyright file="AccessTokenRefreshRequest.cs" company="Andrew Arnott"> // Copyright (c) Andrew Arnott. All rights reserved. // </copyright> //----------------------------------------------------------------------- @@ -13,27 +13,21 @@ namespace DotNetOpenAuth.OAuth2.Messages { /// A request from the client to the token endpoint for a new access token /// in exchange for a refresh token that the client has previously obtained. /// </summary> - internal class RefreshAccessTokenRequest : MessageBase, IAccessTokenRequest, ITokenCarryingRequest { + internal class AccessTokenRefreshRequest : AccessTokenRequestBase, ITokenCarryingRequest { /// <summary> - /// The type of message. - /// </summary> - [MessagePart(Protocol.type, IsRequired = true)] - private const string Type = "refresh"; - - /// <summary> - /// Initializes a new instance of the <see cref="RefreshAccessTokenRequest"/> class. + /// Initializes a new instance of the <see cref="AccessTokenRefreshRequest"/> class. /// </summary> /// <param name="tokenEndpoint">The token endpoint.</param> /// <param name="version">The version.</param> - internal RefreshAccessTokenRequest(Uri tokenEndpoint, Version version) - : base(version, MessageTransport.Direct, tokenEndpoint) { + internal AccessTokenRefreshRequest(Uri tokenEndpoint, Version version) + : base(tokenEndpoint, version) { } /// <summary> - /// Initializes a new instance of the <see cref="RefreshAccessTokenRequest"/> class. + /// Initializes a new instance of the <see cref="AccessTokenRefreshRequest"/> class. /// </summary> /// <param name="authorizationServer">The authorization server.</param> - internal RefreshAccessTokenRequest(AuthorizationServerDescription authorizationServer) + internal AccessTokenRefreshRequest(AuthorizationServerDescription authorizationServer) : this(authorizationServer.TokenEndpoint, authorizationServer.Version) { } @@ -45,6 +39,7 @@ namespace DotNetOpenAuth.OAuth2.Messages { get { return CodeOrTokenType.RefreshToken; } } + /// <summary> /// Gets or sets the verification code or refresh/access token. /// </summary> @@ -60,23 +55,6 @@ namespace DotNetOpenAuth.OAuth2.Messages { IAuthorizationDescription ITokenCarryingRequest.AuthorizationDescription { get; set; } /// <summary> - /// Gets or sets the identifier by which this client is known to the Authorization Server. - /// </summary> - /// <value>The client identifier.</value> - [MessagePart(Protocol.client_id, IsRequired = true, AllowEmpty = false)] - public string ClientIdentifier { get; set; } - - /// <summary> - /// Gets or sets the client secret. - /// </summary> - /// <value>The client secret.</value> - /// <remarks> - /// REQUIRED if the client identifier has a matching secret. The client secret as described in Section 3.4 (Client Credentials). - /// </remarks> - [MessagePart(Protocol.client_secret, IsRequired = false, AllowEmpty = true)] - public string ClientSecret { get; set; } - - /// <summary> /// Gets or sets the refresh token. /// </summary> /// <value>The refresh token.</value> @@ -85,5 +63,9 @@ namespace DotNetOpenAuth.OAuth2.Messages { /// </remarks> [MessagePart(Protocol.refresh_token, IsRequired = true, AllowEmpty = false)] internal string RefreshToken { get; set; } + + internal override GrantType GrantType { + get { return Messages.GrantType.RefreshToken; } + } } } diff --git a/src/DotNetOpenAuth/OAuth2/Messages/AccessTokenRequestBase.cs b/src/DotNetOpenAuth/OAuth2/Messages/AccessTokenRequestBase.cs new file mode 100644 index 0000000..86ec216 --- /dev/null +++ b/src/DotNetOpenAuth/OAuth2/Messages/AccessTokenRequestBase.cs @@ -0,0 +1,69 @@ +//----------------------------------------------------------------------- +// <copyright file="AccessTokenRequestBase.cs" company="Andrew Arnott"> +// Copyright (c) Andrew Arnott. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- + +namespace DotNetOpenAuth.OAuth2.Messages { + using System; + using System.Collections.Generic; + using System.Linq; + using System.Text; + using DotNetOpenAuth.Configuration; + using DotNetOpenAuth.Messaging; + using DotNetOpenAuth.OAuth2.ChannelElements; + + internal abstract class AccessTokenRequestBase : MessageBase, IAccessTokenRequest { + /// <summary> + /// Initializes a new instance of the <see cref="AccessTokenRequestBase"/> class. + /// </summary> + /// <param name="tokenEndpoint">The Authorization Server's access token endpoint URL.</param> + /// <param name="version">The version.</param> + protected AccessTokenRequestBase(Uri tokenEndpoint, Version version) + : base(version, MessageTransport.Direct, tokenEndpoint) { + this.HttpMethods = HttpDeliveryMethods.PostRequest; + } + + /// <summary> + /// Gets or sets the client identifier previously obtained from the Authorization Server. + /// </summary> + /// <value>The client identifier.</value> + [MessagePart(Protocol.client_id, IsRequired = true, AllowEmpty = false)] + public string ClientIdentifier { get; internal set; } + + /// <summary> + /// Gets or sets the client secret. + /// </summary> + /// <value>The client secret.</value> + /// <remarks> + /// REQUIRED. The client secret as described in Section 3.1 (Client Credentials). OPTIONAL if no client secret was issued. + /// </remarks> + [MessagePart(Protocol.client_secret, IsRequired = false, AllowEmpty = true)] + public string ClientSecret { get; internal set; } + + [MessagePart(Protocol.grant_type, IsRequired = true, AllowEmpty = false, Encoder = typeof(GrantTypeEncoder))] + internal abstract GrantType GrantType { get; } + + [MessagePart(Protocol.scope, IsRequired = true, AllowEmpty = true)] + internal string Scope { get; set; } + + /// <summary> + /// Checks the message state for conformity to the protocol specification + /// and throws an exception if the message is invalid. + /// </summary> + /// <remarks> + /// <para>Some messages have required fields, or combinations of fields that must relate to each other + /// in specialized ways. After deserializing a message, this method checks the state of the + /// message to see if it conforms to the protocol.</para> + /// <para>Note that this property should <i>not</i> check signatures or perform any state checks + /// outside this scope of this particular message.</para> + /// </remarks> + /// <exception cref="ProtocolException">Thrown if the message is invalid.</exception> + protected override void EnsureValidMessage() { + base.EnsureValidMessage(); + ErrorUtilities.VerifyProtocol( + DotNetOpenAuthSection.Configuration.Messaging.RelaxSslRequirements || this.Recipient.IsTransportSecure(), + OAuthWrapStrings.HttpsRequired); + } + } +} diff --git a/src/DotNetOpenAuth/OAuth2/Messages/AccessTokenSuccessResponse.cs b/src/DotNetOpenAuth/OAuth2/Messages/AccessTokenSuccessResponse.cs index 6031c3a..a38081d 100644 --- a/src/DotNetOpenAuth/OAuth2/Messages/AccessTokenSuccessResponse.cs +++ b/src/DotNetOpenAuth/OAuth2/Messages/AccessTokenSuccessResponse.cs @@ -17,7 +17,7 @@ namespace DotNetOpenAuth.OAuth2.Messages { /// <remarks> /// This message type is shared by the Web App, Rich App, and Username/Password profiles. /// </remarks> - internal class AccessTokenSuccessResponse : MessageBase, IHttpDirectResponse, IAccessTokenSuccessResponse { + internal class AccessTokenSuccessResponse : MessageBase, IHttpDirectResponse { /// <summary> /// Initializes a new instance of the <see cref="AccessTokenSuccessResponse"/> class. /// </summary> diff --git a/src/DotNetOpenAuth/OAuth2/Messages/Assertion/AssertionRequest.cs b/src/DotNetOpenAuth/OAuth2/Messages/Assertion/AssertionRequest.cs deleted file mode 100644 index b986b14..0000000 --- a/src/DotNetOpenAuth/OAuth2/Messages/Assertion/AssertionRequest.cs +++ /dev/null @@ -1,99 +0,0 @@ -//----------------------------------------------------------------------- -// <copyright file="AssertionRequest.cs" company="Andrew Arnott"> -// Copyright (c) Andrew Arnott. All rights reserved. -// </copyright> -//----------------------------------------------------------------------- - -namespace DotNetOpenAuth.OAuth2.Messages { - using System; - using System.Collections.Generic; - using System.Linq; - using System.Text; - using DotNetOpenAuth.Messaging; - using DotNetOpenAuth.OAuth2.ChannelElements; - - /// <summary> - /// A request from a Client to an Authorization Server with some assertion for an access token. - /// </summary> - internal class AssertionRequest : MessageBase, IAccessTokenRequest { - /// <summary> - /// The type of message. - /// </summary> - [MessagePart(Protocol.type, IsRequired = true)] - private const string Type = "assertion"; - - /// <summary> - /// Initializes a new instance of the <see cref="AssertionRequest"/> class. - /// </summary> - /// <param name="authorizationServer">The authorization server.</param> - /// <param name="version">The version.</param> - internal AssertionRequest(Uri authorizationServer, Version version) - : base(version, MessageTransport.Direct, authorizationServer) { - this.HttpMethods = HttpDeliveryMethods.PostRequest; - } - - /// <summary> - /// Gets or sets the identifier by which this client is known to the Authorization Server. - /// </summary> - /// <value>The client identifier.</value> - [MessagePart(Protocol.client_id, IsRequired = true, AllowEmpty = false)] - public string ClientIdentifier { get; set; } - - /// <summary> - /// Gets or sets the client secret. - /// </summary> - /// <value>The client secret.</value> - /// <remarks> - /// REQUIRED if the client identifier has a matching secret. The client secret as described in Section 3.4 (Client Credentials). - /// </remarks> - [MessagePart(Protocol.client_secret, IsRequired = false, AllowEmpty = true)] - public string ClientSecret { get; set; } - - /// <summary> - /// Gets or sets an optional authorization scope as defined by the Authorization Server. - /// </summary> - [MessagePart(Protocol.scope, IsRequired = false, AllowEmpty = true)] - public string Scope { get; internal set; } - - /// <summary> - /// Gets or sets the type of the secret. - /// </summary> - /// <value>The type of the secret.</value> - /// <remarks> - /// OPTIONAL. The access token secret type as described by Section 5.3 (Cryptographic Tokens Requests). If omitted, the authorization server will issue a bearer token (an access token without a matching secret) as described by Section 5.2 (Bearer Token Requests). - /// </remarks> - [MessagePart(Protocol.secret_type, IsRequired = false, AllowEmpty = false)] - public string SecretType { get; internal set; } - - /// <summary> - /// Gets or sets the format of the assertion as defined by the Authorization Server. - /// </summary> - /// <value>The assertion format.</value> - [MessagePart(Protocol.assertion_format, IsRequired = true, AllowEmpty = false)] - internal string AssertionFormat { get; set; } - - /// <summary> - /// Gets or sets the assertion. - /// </summary> - /// <value>The assertion.</value> - [MessagePart(Protocol.assertion, IsRequired = true, AllowEmpty = false)] - internal string Assertion { get; set; } - - /// <summary> - /// Checks the message state for conformity to the protocol specification - /// and throws an exception if the message is invalid. - /// </summary> - /// <remarks> - /// <para>Some messages have required fields, or combinations of fields that must relate to each other - /// in specialized ways. After deserializing a message, this method checks the state of the - /// message to see if it conforms to the protocol.</para> - /// <para>Note that this property should <i>not</i> check signatures or perform any state checks - /// outside this scope of this particular message.</para> - /// </remarks> - /// <exception cref="ProtocolException">Thrown if the message is invalid.</exception> - protected override void EnsureValidMessage() { - base.EnsureValidMessage(); - ErrorUtilities.VerifyProtocol(this.Recipient.IsTransportSecure(), OAuthWrapStrings.HttpsRequired); - } - } -} diff --git a/src/DotNetOpenAuth/OAuth2/Messages/Device/DeviceAccessTokenRequest.cs b/src/DotNetOpenAuth/OAuth2/Messages/Device/DeviceAccessTokenRequest.cs deleted file mode 100644 index 8b45101..0000000 --- a/src/DotNetOpenAuth/OAuth2/Messages/Device/DeviceAccessTokenRequest.cs +++ /dev/null @@ -1,98 +0,0 @@ -//----------------------------------------------------------------------- -// <copyright file="DeviceAccessTokenRequest.cs" company="Andrew Arnott"> -// Copyright (c) Andrew Arnott. All rights reserved. -// </copyright> -//----------------------------------------------------------------------- - -namespace DotNetOpenAuth.OAuth2.Messages { - using System; - using System.Collections.Generic; - using System.Diagnostics.Contracts; - using System.Linq; - using System.Text; - using DotNetOpenAuth.Messaging; - using DotNetOpenAuth.OAuth2.ChannelElements; - - /// <summary> - /// A message from the Client to the Authorization Server exchanging a - /// verification code for refresh and access tokens. - /// </summary> - internal class DeviceAccessTokenRequest : MessageBase, IAccessTokenRequest { - /// <summary> - /// A constant that identifies the flow this message belongs to. - /// </summary> - [MessagePart(Protocol.type, IsRequired = true)] - private const string MessageType = "device_token"; - - /// <summary> - /// Initializes a new instance of the <see cref="DeviceAccessTokenRequest"/> class. - /// </summary> - /// <param name="authorizationServer">The authorization server.</param> - /// <param name="version">The version.</param> - internal DeviceAccessTokenRequest(Uri authorizationServer, Version version) - : base(version, MessageTransport.Direct, authorizationServer) { - this.HttpMethods = HttpDeliveryMethods.PostRequest; - } - - /// <summary> - /// Initializes a new instance of the <see cref="DeviceAccessTokenRequest"/> class. - /// </summary> - /// <param name="authorizationServer">The authorization server.</param> - internal DeviceAccessTokenRequest(AuthorizationServerDescription authorizationServer) - : this(authorizationServer.TokenEndpoint, authorizationServer.Version) { - Contract.Requires<ArgumentNullException>(authorizationServer != null); - Contract.Requires<ArgumentException>(authorizationServer.Version != null); - Contract.Requires<ArgumentException>(authorizationServer.TokenEndpoint != null); - } - - /// <summary> - /// Gets or sets the identifier by which this client is known to the Authorization Server. - /// </summary> - /// <value>The client identifier.</value> - [MessagePart(Protocol.client_id, IsRequired = true, AllowEmpty = false)] - public string ClientIdentifier { get; internal set; } - - /// <summary> - /// Gets the client secret. - /// </summary> - /// <value>The client secret.</value> - string IAccessTokenRequest.ClientSecret { - get { return null; } - } - - /// <summary> - /// Gets or sets the type of the secret. - /// </summary> - /// <value>The type of the secret.</value> - /// <remarks> - /// OPTIONAL. The access token secret type as described by Section 5.3 (Cryptographic Tokens Requests). If omitted, the authorization server will issue a bearer token (an access token without a matching secret) as described by Section 5.2 (Bearer Token Requests). - /// </remarks> - [MessagePart(Protocol.secret_type, IsRequired = false, AllowEmpty = false)] - public string SecretType { get; set; } - - /// <summary> - /// Gets or sets the verification code previously communicated to the Client - /// in <see cref="DeviceResponse.VerificationCode"/>. - /// </summary> - /// <value>The verification code.</value> - [MessagePart(Protocol.code, IsRequired = true, AllowEmpty = false)] - internal string VerificationCode { get; set; } - - /// <summary> - /// Checks the message state for conformity to the protocol specification - /// and throws an exception if the message is invalid. - /// </summary> - /// <remarks> - /// <para>Some messages have required fields, or combinations of fields that must relate to each other - /// in specialized ways. After deserializing a message, this method checks the state of the - /// message to see if it conforms to the protocol.</para> - /// <para>Note that this property should <i>not</i> check signatures or perform any state checks - /// outside this scope of this particular message.</para> - /// </remarks> - /// <exception cref="ProtocolException">Thrown if the message is invalid.</exception> - protected override void EnsureValidMessage() { - base.EnsureValidMessage(); - ErrorUtilities.VerifyProtocol(this.Recipient.IsTransportSecure(), OAuthWrapStrings.HttpsRequired); - } - } -} diff --git a/src/DotNetOpenAuth/OAuth2/Messages/Device/DeviceRequest.cs b/src/DotNetOpenAuth/OAuth2/Messages/Device/DeviceRequest.cs deleted file mode 100644 index ada8d56..0000000 --- a/src/DotNetOpenAuth/OAuth2/Messages/Device/DeviceRequest.cs +++ /dev/null @@ -1,61 +0,0 @@ -//----------------------------------------------------------------------- -// <copyright file="DeviceRequest.cs" company="Andrew Arnott"> -// Copyright (c) Andrew Arnott. All rights reserved. -// </copyright> -//----------------------------------------------------------------------- - -namespace DotNetOpenAuth.OAuth2.Messages { - using System; - using System.Collections.Generic; - using System.Diagnostics.Contracts; - using System.Linq; - using System.Text; - using DotNetOpenAuth.Messaging; - - /// <summary> - /// A request from a rich app Client to an Authorization Server requested - /// authorization to access user Protected Data. - /// </summary> - internal class DeviceRequest : MessageBase { - /// <summary> - /// A constant that identifies the type of message coming into the auth server. - /// </summary> - [MessagePart(Protocol.type, IsRequired = true)] - private const string MessageType = "device_code"; - - /// <summary> - /// Initializes a new instance of the <see cref="DeviceRequest"/> class. - /// </summary> - /// <param name="tokenEndpoint">The authorization server.</param> - /// <param name="version">The version.</param> - internal DeviceRequest(Uri tokenEndpoint, Version version) - : base(version, MessageTransport.Direct, tokenEndpoint) { - this.HttpMethods = HttpDeliveryMethods.GetRequest; - } - - /// <summary> - /// Initializes a new instance of the <see cref="DeviceRequest"/> class. - /// </summary> - /// <param name="authorizationServer">The authorization server.</param> - internal DeviceRequest(AuthorizationServerDescription authorizationServer) - : this(authorizationServer.TokenEndpoint, authorizationServer.Version) { - Contract.Requires<ArgumentNullException>(authorizationServer != null); - Contract.Requires<ArgumentException>(authorizationServer.Version != null); - Contract.Requires<ArgumentException>(authorizationServer.TokenEndpoint != null); - } - - /// <summary> - /// Gets or sets the client identifier previously obtained from the Authorization Server. - /// </summary> - /// <value>The client identifier.</value> - [MessagePart(Protocol.client_id, IsRequired = true, AllowEmpty = false)] - internal string ClientIdentifier { get; set; } - - /// <summary> - /// Gets or sets the scope. - /// </summary> - /// <value>The Authorization Server MAY define authorization scope values for the Client to include.</value> - [MessagePart(Protocol.scope, IsRequired = false, AllowEmpty = true)] - internal string Scope { get; set; } - } -} diff --git a/src/DotNetOpenAuth/OAuth2/Messages/Device/DeviceResponse.cs b/src/DotNetOpenAuth/OAuth2/Messages/Device/DeviceResponse.cs deleted file mode 100644 index 12732f8..0000000 --- a/src/DotNetOpenAuth/OAuth2/Messages/Device/DeviceResponse.cs +++ /dev/null @@ -1,76 +0,0 @@ -//----------------------------------------------------------------------- -// <copyright file="DeviceResponse.cs" company="Andrew Arnott"> -// Copyright (c) Andrew Arnott. All rights reserved. -// </copyright> -//----------------------------------------------------------------------- - -namespace DotNetOpenAuth.OAuth2.Messages { - using System; - using System.Collections.Generic; - using System.Linq; - using System.Text; - using DotNetOpenAuth.Messaging; - - /// <summary> - /// An indirect response from the Authorization Server to the rich app Client - /// with the verification code. - /// </summary> - internal class DeviceResponse : MessageBase { - /// <summary> - /// Initializes a new instance of the <see cref="DeviceResponse"/> class. - /// </summary> - /// <param name="request">The request.</param> - internal DeviceResponse(DeviceRequest request) - : base(request) { - } - - /// <summary> - /// Gets or sets the verification code. - /// </summary> - /// <value> - /// The long-lived credential assigned by the Authorization Server to this Client for - /// use in accessing the authorizing user's protected resources. - /// </value> - [MessagePart(Protocol.code, IsRequired = true, AllowEmpty = false)] - internal string VerificationCode { get; set; } - - /// <summary> - /// Gets or sets the code the user must enter on the authorization page. - /// </summary> - /// <value>The user code.</value> - [MessagePart(Protocol.user_code, IsRequired = true, AllowEmpty = false)] - internal string UserCode { get; set; } - - /// <summary> - /// Gets or sets the user authorization URI on the authorization server. - /// </summary> - /// <value> - /// REQUIRED. The end-user verification URI on the authorization server. The URI should be short and easy to remember as end-users will be asked to manually type it into their user-agent. - /// </value> - [MessagePart(Protocol.verification_uri, IsRequired = true)] - internal Uri VerificationUri { get; set; } - - /// <summary> - /// Gets or sets the lifetime. - /// </summary> - /// <value>The lifetime.</value> - [MessagePart(Protocol.expires_in, IsRequired = false, Encoder = typeof(TimespanSecondsEncoder))] - internal TimeSpan? Lifetime { get; set; } - - /// <summary> - /// Gets or sets the minimum amount of time that the client SHOULD wait between polling requests to the token endpoint. - /// </summary> - [MessagePart(Protocol.interval, IsRequired = false, Encoder = typeof(TimespanSecondsEncoder))] - internal TimeSpan? PollingInterval { get; set; } - - /// <summary> - /// Gets a value indicating whether the user granted the authorization request. - /// </summary> - /// <value> - /// <c>true</c> if authorization is granted; otherwise, <c>false</c>. - /// </value> - internal bool IsGranted { - get { return !string.IsNullOrEmpty(this.VerificationCode) && this.VerificationCode != Protocol.user_denied; } - } - } -} diff --git a/src/DotNetOpenAuth/OAuth2/Messages/EndUserAuthorizationRequest.cs b/src/DotNetOpenAuth/OAuth2/Messages/EndUserAuthorizationRequest.cs index 32461c5..71a3e82 100644 --- a/src/DotNetOpenAuth/OAuth2/Messages/EndUserAuthorizationRequest.cs +++ b/src/DotNetOpenAuth/OAuth2/Messages/EndUserAuthorizationRequest.cs @@ -8,6 +8,7 @@ namespace DotNetOpenAuth.OAuth2.Messages { using System; using System.Diagnostics.Contracts; using DotNetOpenAuth.Messaging; + using DotNetOpenAuth.OAuth2.ChannelElements; /// <summary> /// A message sent by a web application Client to the AuthorizationServer @@ -15,7 +16,7 @@ namespace DotNetOpenAuth.OAuth2.Messages { /// to issue an access token to the Consumer if permission is granted. /// </summary> [Serializable] - public abstract class EndUserAuthorizationRequest : MessageBase, IMessageWithClientState { + public abstract class EndUserAuthorizationRequest : MessageBase { /// <summary> /// Initializes a new instance of the <see cref="EndUserAuthorizationRequest"/> class. /// </summary> @@ -40,6 +41,12 @@ namespace DotNetOpenAuth.OAuth2.Messages { } /// <summary> + /// Gets or sets the type of the authorization that the client expects of the authorization server. + /// </summary> + [MessagePart(Protocol.response_type, IsRequired = true, AllowEmpty = false, Encoder = typeof(EndUserAuthorizationResponseTypeEncoder))] + public EndUserAuthorizationResponseType ResponseType { get; set; } + + /// <summary> /// Gets or sets the identifier by which this client is known to the Authorization Server. /// </summary> [MessagePart(Protocol.client_id, IsRequired = true, AllowEmpty = false)] @@ -81,7 +88,10 @@ namespace DotNetOpenAuth.OAuth2.Messages { /// Gets or sets a value indicating whether the authorization server is /// allowed to interact with the user before responding to the client's request. /// </summary> - public bool IsUserInteractionAllowed { + /// <remarks> + /// This is internal because it doesn't appear in recent drafts of the spec. + /// </remarks> + internal bool IsUserInteractionAllowed { get { return !this.Immediate.HasValue || !this.Immediate.Value; } set { this.Immediate = value ? (bool?)null : true; } } diff --git a/src/DotNetOpenAuth/OAuth2/Messages/EndUserAuthorizationResponseType.cs b/src/DotNetOpenAuth/OAuth2/Messages/EndUserAuthorizationResponseType.cs new file mode 100644 index 0000000..3afcae5 --- /dev/null +++ b/src/DotNetOpenAuth/OAuth2/Messages/EndUserAuthorizationResponseType.cs @@ -0,0 +1,31 @@ +//----------------------------------------------------------------------- +// <copyright file="EndUserAuthorizationResponseType.cs" company="Andrew Arnott"> +// Copyright (c) Andrew Arnott. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- + +namespace DotNetOpenAuth.OAuth2.Messages { + using System; + + /// <summary> + /// An indication of what kind of response the client is requesting from the authorization server + /// after the user has granted authorized access. + /// </summary> + [Flags] + public enum EndUserAuthorizationResponseType { + /// <summary> + /// An access token should be returned immediately. + /// </summary> + AccessToken = 0x1, + + /// <summary> + /// An authorization code should be returned, which can later be exchanged for refresh and access tokens. + /// </summary> + AuthorizationCode = 0x2, + + /// <summary> + /// Both an access token and an authorization code should be returned. + /// </summary> + Both = AccessToken | AuthorizationCode, + } +} diff --git a/src/DotNetOpenAuth/OAuth2/Messages/EndUserAuthorizationSuccessResponse.cs b/src/DotNetOpenAuth/OAuth2/Messages/EndUserAuthorizationSuccessResponse.cs index a487ff0..c0b7038 100644 --- a/src/DotNetOpenAuth/OAuth2/Messages/EndUserAuthorizationSuccessResponse.cs +++ b/src/DotNetOpenAuth/OAuth2/Messages/EndUserAuthorizationSuccessResponse.cs @@ -15,7 +15,7 @@ namespace DotNetOpenAuth.OAuth2.Messages { /// to indicate that user authorization was granted, and to return the user /// to the Client where they started their experience. /// </summary> - internal class EndUserAuthorizationSuccessResponse : MessageBase, IMessageWithClientState, ITokenCarryingRequest { + internal class EndUserAuthorizationSuccessResponse : MessageBase { /// <summary> /// Initializes a new instance of the <see cref="EndUserAuthorizationSuccessResponse"/> class. /// </summary> @@ -39,16 +39,11 @@ namespace DotNetOpenAuth.OAuth2.Messages { ((IMessageWithClientState)this).ClientState = ((IMessageWithClientState)request).ClientState; } - string ITokenCarryingRequest.CodeOrToken { - get { return this.VerificationCode; } - set { this.VerificationCode = value; } - } - - CodeOrTokenType ITokenCarryingRequest.CodeOrTokenType { - get { return CodeOrTokenType.VerificationCode; } - } + [MessagePart(Protocol.code, AllowEmpty = false, IsRequired = false)] + internal string AuthorizationCode { get; set; } - IAuthorizationDescription ITokenCarryingRequest.AuthorizationDescription { get; set; } + [MessagePart(Protocol.access_token, AllowEmpty = false, IsRequired = false)] + internal string AccessToken { get; set; } /// <summary> /// Gets or sets some state as provided by the client in the authorization request. @@ -61,6 +56,13 @@ namespace DotNetOpenAuth.OAuth2.Messages { string IMessageWithClientState.ClientState { get; set; } /// <summary> + /// Gets or sets the lifetime of the authorization. + /// </summary> + /// <value>The lifetime.</value> + [MessagePart(Protocol.expires_in, IsRequired = false, Encoder = typeof(TimespanSecondsEncoder))] + internal TimeSpan? Lifetime { get; set; } + + /// <summary> /// Gets or sets the scope. /// </summary> /// <value>The scope.</value> @@ -68,16 +70,6 @@ namespace DotNetOpenAuth.OAuth2.Messages { public string Scope { get; set; } /// <summary> - /// Gets or sets the verification code. - /// </summary> - /// <value> - /// The long-lived credential assigned by the Authorization Server to this Consumer for - /// use in accessing the authorizing user's protected resources. - /// </value> - [MessagePart(Protocol.code, IsRequired = false, AllowEmpty = false)] - internal string VerificationCode { get; set; } - - /// <summary> /// Gets or sets the authorizing user's account name. /// </summary> internal string AuthorizingUsername { get; set; } diff --git a/src/DotNetOpenAuth/OAuth2/Messages/GrantType.cs b/src/DotNetOpenAuth/OAuth2/Messages/GrantType.cs new file mode 100644 index 0000000..1321ac2 --- /dev/null +++ b/src/DotNetOpenAuth/OAuth2/Messages/GrantType.cs @@ -0,0 +1,42 @@ +//----------------------------------------------------------------------- +// <copyright file="GrantType.cs" company="Andrew Arnott"> +// Copyright (c) Andrew Arnott. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- + +namespace DotNetOpenAuth.OAuth2.Messages { + /// <summary> + /// The types of authorizations that a client can use to obtain + /// a refresh token and/or an access token. + /// </summary> + internal enum GrantType { + /// <summary> + /// The client is providing the authorization code previously obtained from an end user authorization response. + /// </summary> + AuthorizationCode, + + /// <summary> + /// The client is providing the end user's username and password to the authorization server. + /// </summary> + BasicCredentials, + + /// <summary> + /// The client is providing an assertion it obtained from another source. + /// </summary> + Assertion, + + /// <summary> + /// The client is providing a refresh token. + /// </summary> + RefreshToken, + + /// <summary> + /// No authorization to access a user's data has been given. The client is requesting + /// an access token authorized for its own private data. This fits the classic OAuth 1.0(a) "2-legged OAuth" scenario. + /// </summary> + /// <remarks> + /// When requesting an access token using the none access grant type (no access grant is included), the client is requesting access to the protected resources under its control, or those of another resource owner which has been previously arranged with the authorization server (the method of which is beyond the scope of this specification). + /// </remarks> + None, + } +} diff --git a/src/DotNetOpenAuth/OAuth2/Messages/IAccessTokenSuccessResponse.cs b/src/DotNetOpenAuth/OAuth2/Messages/IAccessTokenSuccessResponse.cs deleted file mode 100644 index 82803a8..0000000 --- a/src/DotNetOpenAuth/OAuth2/Messages/IAccessTokenSuccessResponse.cs +++ /dev/null @@ -1,42 +0,0 @@ -//----------------------------------------------------------------------- -// <copyright file="IAccessTokenSuccessResponse.cs" company="Andrew Arnott"> -// Copyright (c) Andrew Arnott. All rights reserved. -// </copyright> -//----------------------------------------------------------------------- - -namespace DotNetOpenAuth.OAuth2.Messages { - using System; - using System.Collections.Generic; - using System.Linq; - using System.Text; - - /// <summary> - /// A response message from the authorization server to the client that contains an access token - /// and possibly a refresh token - /// </summary> - internal interface IAccessTokenSuccessResponse { - /// <summary> - /// Gets the access token. - /// </summary> - /// <value>The access token.</value> - string AccessToken { get; } - - /// <summary> - /// Gets the refresh token. - /// </summary> - /// <value>The refresh token.</value> - string RefreshToken { get; } - - /// <summary> - /// Gets the lifetime. - /// </summary> - /// <value>The lifetime.</value> - TimeSpan? Lifetime { get; } - - /// <summary> - /// Gets the scope. - /// </summary> - /// <value>The scope.</value> - string Scope { get; } - } -} diff --git a/src/DotNetOpenAuth/OAuth2/Messages/IMessageWithClientState.cs b/src/DotNetOpenAuth/OAuth2/Messages/IMessageWithClientState.cs deleted file mode 100644 index fa371ae..0000000 --- a/src/DotNetOpenAuth/OAuth2/Messages/IMessageWithClientState.cs +++ /dev/null @@ -1,21 +0,0 @@ -//----------------------------------------------------------------------- -// <copyright file="IMessageWithClientState.cs" company="Andrew Arnott"> -// Copyright (c) Andrew Arnott. All rights reserved. -// </copyright> -//----------------------------------------------------------------------- - -namespace DotNetOpenAuth.OAuth2.Messages { - using DotNetOpenAuth.Messaging; - - /// <summary> - /// A message carrying client state the authorization server should preserve on behalf of the client - /// during an authorization. - /// </summary> - internal interface IMessageWithClientState : IProtocolMessage { - /// <summary> - /// Gets or sets the state of the client. - /// </summary> - /// <value>The state of the client.</value> - string ClientState { get; set; } - } -} diff --git a/src/DotNetOpenAuth/OAuth2/Messages/UserAgent/UserAgentFailedResponse.cs b/src/DotNetOpenAuth/OAuth2/Messages/UserAgent/UserAgentFailedResponse.cs deleted file mode 100644 index ffac52d..0000000 --- a/src/DotNetOpenAuth/OAuth2/Messages/UserAgent/UserAgentFailedResponse.cs +++ /dev/null @@ -1,53 +0,0 @@ -//----------------------------------------------------------------------- -// <copyright file="UserAgentFailedResponse.cs" company="Andrew Arnott"> -// Copyright (c) Andrew Arnott. All rights reserved. -// </copyright> -//----------------------------------------------------------------------- - -namespace DotNetOpenAuth.OAuth2.Messages { - using System; - using System.Collections.Generic; - using System.Linq; - using System.Text; - using DotNetOpenAuth.Messaging; - - /// <summary> - /// An authorization denied response message in the user-agent flow. - /// </summary> - internal class UserAgentFailedResponse : MessageBase, IHttpIndirectResponse { - /// <summary> - /// A constant parameter that indicates the user refused to grant the requested authorization. - /// </summary> - [MessagePart(Protocol.error, IsRequired = true)] - private const string ErrorReason = Protocol.user_denied; - - /// <summary> - /// Initializes a new instance of the <see cref="UserAgentFailedResponse"/> class. - /// </summary> - /// <param name="clientCallback">The client callback.</param> - /// <param name="version">The version.</param> - internal UserAgentFailedResponse(Uri clientCallback, Version version) - : base(version, MessageTransport.Indirect, clientCallback) { - } - - /// <summary> - /// Gets or sets the state of the client that was supplied to the Authorization Server. - /// </summary> - /// <value> - /// An opaque value that Clients can use to maintain state associated with the authorization request. - /// </value> - /// <remarks> - /// If this value is present, the Authorization Server MUST return it to the Client's callback URL. - /// </remarks> - [MessagePart(Protocol.state, IsRequired = false, AllowEmpty = true)] - public string ClientState { get; set; } - - /// <summary> - /// Gets a value indicating whether the payload for the message should be included - /// in the redirect fragment instead of the query string or POST entity. - /// </summary> - bool IHttpIndirectResponse.Include301RedirectPayloadInFragment { - get { return true; } - } - } -} diff --git a/src/DotNetOpenAuth/OAuth2/Messages/UserAgent/UserAgentRequest.cs b/src/DotNetOpenAuth/OAuth2/Messages/UserAgent/UserAgentRequest.cs deleted file mode 100644 index d79690f..0000000 --- a/src/DotNetOpenAuth/OAuth2/Messages/UserAgent/UserAgentRequest.cs +++ /dev/null @@ -1,43 +0,0 @@ -//----------------------------------------------------------------------- -// <copyright file="UserAgentRequest.cs" company="Andrew Arnott"> -// Copyright (c) Andrew Arnott. All rights reserved. -// </copyright> -//----------------------------------------------------------------------- - -namespace DotNetOpenAuth.OAuth2.Messages { - using System; - using System.Collections.Generic; - using System.Linq; - using System.Text; - using DotNetOpenAuth.Messaging; - - /// <summary> - /// A message requesting user authorization to access protected data on behalf - /// of an installed application or browser-hosted Javascript. - /// </summary> - [Serializable] - internal class UserAgentRequest : EndUserAuthorizationRequest { - /// <summary> - /// The type of message. - /// </summary> - [MessagePart(Protocol.type, IsRequired = true)] - private const string Type = "user_agent"; - - /// <summary> - /// Initializes a new instance of the <see cref="UserAgentRequest"/> class. - /// </summary> - /// <param name="authorizationEndpoint">The authorization endpoint.</param> - /// <param name="version">The version.</param> - internal UserAgentRequest(Uri authorizationEndpoint, Version version) - : base(authorizationEndpoint, version) { - } - - /// <summary> - /// Initializes a new instance of the <see cref="UserAgentRequest"/> class. - /// </summary> - /// <param name="authorizationServer">The authorization server.</param> - internal UserAgentRequest(AuthorizationServerDescription authorizationServer) - : base(authorizationServer) { - } - } -} diff --git a/src/DotNetOpenAuth/OAuth2/Messages/UserAgent/UserAgentSuccessResponse.cs b/src/DotNetOpenAuth/OAuth2/Messages/UserAgent/UserAgentSuccessResponse.cs deleted file mode 100644 index 0d1dd31..0000000 --- a/src/DotNetOpenAuth/OAuth2/Messages/UserAgent/UserAgentSuccessResponse.cs +++ /dev/null @@ -1,63 +0,0 @@ -//----------------------------------------------------------------------- -// <copyright file="UserAgentSuccessResponse.cs" company="Andrew Arnott"> -// Copyright (c) Andrew Arnott. All rights reserved. -// </copyright> -//----------------------------------------------------------------------- - -namespace DotNetOpenAuth.OAuth2.Messages { - using System; - using System.Collections.Generic; - using System.Linq; - using System.Text; - using DotNetOpenAuth.Messaging; - - /// <summary> - /// A message from the authorization server to a user-agent client indicating that authorization has been granted. - /// </summary> - internal class UserAgentSuccessResponse : EndUserAuthorizationSuccessResponse, IHttpIndirectResponse, IAccessTokenSuccessResponse { - /// <summary> - /// Initializes a new instance of the <see cref="UserAgentSuccessResponse"/> class. - /// </summary> - /// <param name="clientCallback">The client callback.</param> - /// <param name="version">The version.</param> - internal UserAgentSuccessResponse(Uri clientCallback, Version version) - : base(clientCallback, version) { - } - - /// <summary> - /// Gets a value indicating whether the payload for the message should be included - /// in the redirect fragment instead of the query string or POST entity. - /// </summary> - bool IHttpIndirectResponse.Include301RedirectPayloadInFragment { - get { return true; } - } - - string IAccessTokenSuccessResponse.RefreshToken { - get { return null; } - } - - /// <summary> - /// Gets or sets the access token. - /// </summary> - /// <value>The access token.</value> - [MessagePart(Protocol.access_token, IsRequired = true, AllowEmpty = false)] - public string AccessToken { get; internal set; } - - /// <summary> - /// Gets or sets the lifetime of the access token. - /// </summary> - /// <value>The lifetime.</value> - [MessagePart(Protocol.expires_in, IsRequired = false, Encoder = typeof(TimespanSecondsEncoder))] - public TimeSpan? Lifetime { get; internal set; } - - /// <summary> - /// Gets or sets the state. - /// </summary> - /// <value>The state.</value> - /// <remarks> - /// REQUIRED if the state parameter was present in the client authorization request. Set to the exact value received from the client. - /// </remarks> - [MessagePart(Protocol.state, IsRequired = false, AllowEmpty = true)] - internal string ClientState { get; set; } - } -} diff --git a/src/DotNetOpenAuth/OAuth2/Messages/UsernameAndPassword/UserNamePasswordCaptchaResponse.cs b/src/DotNetOpenAuth/OAuth2/Messages/UsernameAndPassword/UserNamePasswordCaptchaResponse.cs deleted file mode 100644 index 56bf21f..0000000 --- a/src/DotNetOpenAuth/OAuth2/Messages/UsernameAndPassword/UserNamePasswordCaptchaResponse.cs +++ /dev/null @@ -1,54 +0,0 @@ -//----------------------------------------------------------------------- -// <copyright file="UsernamePasswordCaptchaResponse.cs" company="Andrew Arnott"> -// Copyright (c) Andrew Arnott. All rights reserved. -// </copyright> -//----------------------------------------------------------------------- - -namespace DotNetOpenAuth.OAuth2.Messages { - using System; - using System.Collections.Generic; - using System.Linq; - using System.Net; - using System.Text; - using DotNetOpenAuth.Messaging; - - /// <summary> - /// A response from the Authorization Server indicating the Client must have the user - /// complete a CAPTCHA puzzle prior to authorization. - /// </summary> - internal class UsernamePasswordCaptchaResponse : MessageBase, IHttpDirectResponse { - /// <summary> - /// Initializes a new instance of the <see cref="UsernamePasswordCaptchaResponse"/> class. - /// </summary> - /// <param name="request">The request.</param> - internal UsernamePasswordCaptchaResponse(UserNamePasswordRequest request) - : base(request) { - } - - #region IHttpDirectResponse Members - - /// <summary> - /// Gets the HTTP status code that the direct response should be sent with. - /// </summary> - HttpStatusCode IHttpDirectResponse.HttpStatusCode { - get { return HttpStatusCode.BadRequest; } - } - - /// <summary> - /// Gets the HTTP headers to add to the response. - /// </summary> - /// <value>May be an empty collection, but must not be <c>null</c>.</value> - WebHeaderCollection IHttpDirectResponse.Headers { - get { return new WebHeaderCollection(); } - } - - #endregion - - /// <summary> - /// Gets or sets the URL to the CAPTCHA puzzle. - /// </summary> - /// <value>The captcha URL.</value> - [MessagePart(Protocol.wrap_captcha_url, IsRequired = true, AllowEmpty = false)] - internal Uri CaptchaPuzzle { get; set; } - } -} diff --git a/src/DotNetOpenAuth/OAuth2/Messages/UsernameAndPassword/UserNamePasswordFailedResponse.cs b/src/DotNetOpenAuth/OAuth2/Messages/UsernameAndPassword/UserNamePasswordFailedResponse.cs deleted file mode 100644 index 3ba2a61..0000000 --- a/src/DotNetOpenAuth/OAuth2/Messages/UsernameAndPassword/UserNamePasswordFailedResponse.cs +++ /dev/null @@ -1,22 +0,0 @@ -//----------------------------------------------------------------------- -// <copyright file="UserNamePasswordFailedResponse.cs" company="Andrew Arnott"> -// Copyright (c) Andrew Arnott. All rights reserved. -// </copyright> -//----------------------------------------------------------------------- - -namespace DotNetOpenAuth.OAuth2.Messages { - /// <summary> - /// A response from the Authorization Server to the Consumer to indicate that a - /// request for a delegation code failed, probably due to an invalid - /// username and password. - /// </summary> - internal class UserNamePasswordFailedResponse : UnauthorizedResponse { - /// <summary> - /// Initializes a new instance of the <see cref="UserNamePasswordFailedResponse"/> class. - /// </summary> - /// <param name="request">The request.</param> - internal UserNamePasswordFailedResponse(UserNamePasswordRequest request) - : base(request) { - } - } -} diff --git a/src/DotNetOpenAuth/OAuth2/Messages/UsernameAndPassword/UserNamePasswordRequest.cs b/src/DotNetOpenAuth/OAuth2/Messages/UsernameAndPassword/UserNamePasswordRequest.cs deleted file mode 100644 index e8d1d92..0000000 --- a/src/DotNetOpenAuth/OAuth2/Messages/UsernameAndPassword/UserNamePasswordRequest.cs +++ /dev/null @@ -1,132 +0,0 @@ -//----------------------------------------------------------------------- -// <copyright file="UserNamePasswordRequest.cs" company="Andrew Arnott"> -// Copyright (c) Andrew Arnott. All rights reserved. -// </copyright> -//----------------------------------------------------------------------- - -namespace DotNetOpenAuth.OAuth2.Messages { - using System; - using System.Collections.Generic; - using System.Diagnostics.Contracts; - using System.Linq; - using System.Text; - using DotNetOpenAuth.Messaging; - using DotNetOpenAuth.OAuth2.ChannelElements; - - /// <summary> - /// A request for a delegation code in exchange for a user's confidential - /// username and password. - /// </summary> - /// <remarks> - /// After this request has been sent, the consumer application MUST discard - /// the confidential user credentials and use the delegation code going forward. - /// </remarks> - internal class UserNamePasswordRequest : MessageBase, IAccessTokenRequest { - /// <summary> - /// A constant that identifies the flow this request belongs to. - /// </summary> - [MessagePart(Protocol.type, IsRequired = true)] - private const string Type = "username"; - - /// <summary> - /// Initializes a new instance of the <see cref="UserNamePasswordRequest"/> class. - /// </summary> - /// <param name="tokenEndpoint">The authorization server.</param> - /// <param name="version">The version.</param> - internal UserNamePasswordRequest(Uri tokenEndpoint, Version version) - : base(version, MessageTransport.Direct, tokenEndpoint) { - this.HttpMethods = HttpDeliveryMethods.PostRequest; - } - - /// <summary> - /// Initializes a new instance of the <see cref="UserNamePasswordRequest"/> class. - /// </summary> - /// <param name="authorizationServer">The authorization server.</param> - internal UserNamePasswordRequest(AuthorizationServerDescription authorizationServer) - : this(authorizationServer.TokenEndpoint, authorizationServer.Version) { - Contract.Requires<ArgumentNullException>(authorizationServer != null); - Contract.Requires<ArgumentException>(authorizationServer.Version != null); - Contract.Requires<ArgumentException>(authorizationServer.TokenEndpoint != null); - } - - /// <summary> - /// Gets or sets the client identifier previously obtained from the Authorization Server. - /// </summary> - /// <value>The client identifier.</value> - [MessagePart(Protocol.client_id, IsRequired = true, AllowEmpty = false)] - public string ClientIdentifier { get; internal set; } - - /// <summary> - /// Gets or sets the client secret. - /// </summary> - /// <value>The client secret.</value> - /// <remarks> - /// REQUIRED. The client secret as described in Section 3.1 (Client Credentials). OPTIONAL if no client secret was issued. - /// </remarks> - [MessagePart(Protocol.client_secret, IsRequired = false, AllowEmpty = true)] - public string ClientSecret { get; internal set; } - - /// <summary> - /// Gets or sets the type of the secret. - /// </summary> - /// <value>The type of the secret.</value> - /// <remarks> - /// OPTIONAL. The access token secret type as described by Section 5.3 (Cryptographic Tokens Requests). If omitted, the authorization server will issue a bearer token (an access token without a matching secret) as described by Section 5.2 (Bearer Token Requests). - /// </remarks> - [MessagePart(Protocol.secret_type, IsRequired = false, AllowEmpty = false)] - public string SecretType { get; set; } - - /// <summary> - /// Gets or sets the user's account username. - /// </summary> - /// <value>The username on the user's account.</value> - [MessagePart(Protocol.username, IsRequired = true, AllowEmpty = false)] - internal string UserName { get; set; } - - /// <summary> - /// Gets or sets the user's password. - /// </summary> - /// <value>The password.</value> - [MessagePart(Protocol.password, IsRequired = true, AllowEmpty = true)] - internal string Password { get; set; } - - /// <summary> - /// Gets or sets the CAPTCHA puzzle that the user just solved, if applicable. - /// </summary> - /// <value>The captcha puzzle location.</value> - [MessagePart(Protocol.wrap_captcha_url, IsRequired = false, AllowEmpty = false)] - internal Uri CaptchaPuzzle { get; set; } - - /// <summary> - /// Gets or sets the solution to the CAPTCHA puzzle the user just solved, if applicable. - /// </summary> - /// <value>The CAPTCHA solution.</value> - [MessagePart(Protocol.wrap_captcha_solution, IsRequired = false, AllowEmpty = false)] - internal string CaptchaSolution { get; set; } - - /// <summary> - /// Gets or sets the scope. - /// </summary> - /// <value>The scope.</value> - [MessagePart(Protocol.scope, IsRequired = false, AllowEmpty = true)] - internal string Scope { get; set; } - - /// <summary> - /// Checks the message state for conformity to the protocol specification - /// and throws an exception if the message is invalid. - /// </summary> - /// <remarks> - /// <para>Some messages have required fields, or combinations of fields that must relate to each other - /// in specialized ways. After deserializing a message, this method checks the state of the - /// message to see if it conforms to the protocol.</para> - /// <para>Note that this property should <i>not</i> check signatures or perform any state checks - /// outside this scope of this particular message.</para> - /// </remarks> - /// <exception cref="ProtocolException">Thrown if the message is invalid.</exception> - protected override void EnsureValidMessage() { - base.EnsureValidMessage(); - ErrorUtilities.VerifyProtocol(this.Recipient.IsTransportSecure(), OAuthWrapStrings.HttpsRequired); - ErrorUtilities.VerifyProtocol((this.CaptchaPuzzle == null) == (this.CaptchaSolution == null), "CAPTCHA puzzle and solution must either be both absent or both present."); - } - } -} diff --git a/src/DotNetOpenAuth/OAuth2/Messages/UsernameAndPassword/UserNamePasswordSuccessResponse.cs b/src/DotNetOpenAuth/OAuth2/Messages/UsernameAndPassword/UserNamePasswordSuccessResponse.cs deleted file mode 100644 index 9ad42c9..0000000 --- a/src/DotNetOpenAuth/OAuth2/Messages/UsernameAndPassword/UserNamePasswordSuccessResponse.cs +++ /dev/null @@ -1,51 +0,0 @@ -//----------------------------------------------------------------------- -// <copyright file="UserNamePasswordSuccessResponse.cs" company="Andrew Arnott"> -// Copyright (c) Andrew Arnott. All rights reserved. -// </copyright> -//----------------------------------------------------------------------- - -namespace DotNetOpenAuth.OAuth2.Messages { - using System; - using System.Collections.Generic; - using System.Linq; - using System.Text; - using DotNetOpenAuth.Messaging; - - /// <summary> - /// A response from the Authorization Server to the Client containing a refresh token - /// and an access token. - /// </summary> - internal class UserNamePasswordSuccessResponse : MessageBase { - /// <summary> - /// Initializes a new instance of the <see cref="UserNamePasswordSuccessResponse"/> class. - /// </summary> - /// <param name="request">The request.</param> - internal UserNamePasswordSuccessResponse(UserNamePasswordRequest request) - : base(request) { - } - - /// <summary> - /// Gets or sets the verification code. - /// </summary> - /// <value> - /// The long-lived credential assigned by the Authorization Server to this Client for - /// use in accessing the authorizing user's protected resources. - /// </value> - [MessagePart(Protocol.refresh_token, IsRequired = true, AllowEmpty = false)] - internal string RefreshToken { get; set; } - - /// <summary> - /// Gets or sets the access token. - /// </summary> - /// <value>The access token.</value> - [MessagePart(Protocol.access_token, IsRequired = true, AllowEmpty = false)] - internal string AccessToken { get; set; } - - /// <summary> - /// Gets or sets the lifetime of the access token. - /// </summary> - /// <value>The lifetime.</value> - [MessagePart(Protocol.expires_in, IsRequired = false, Encoder = typeof(TimespanSecondsEncoder))] - internal TimeSpan? Lifetime { get; set; } - } -} diff --git a/src/DotNetOpenAuth/OAuth2/Messages/UsernameAndPassword/UserNamePasswordVerificationResponse.cs b/src/DotNetOpenAuth/OAuth2/Messages/UsernameAndPassword/UserNamePasswordVerificationResponse.cs deleted file mode 100644 index 079b102..0000000 --- a/src/DotNetOpenAuth/OAuth2/Messages/UsernameAndPassword/UserNamePasswordVerificationResponse.cs +++ /dev/null @@ -1,55 +0,0 @@ -//----------------------------------------------------------------------- -// <copyright file="UserNamePasswordVerificationResponse.cs" company="Andrew Arnott"> -// Copyright (c) Andrew Arnott. All rights reserved. -// </copyright> -//----------------------------------------------------------------------- - -namespace DotNetOpenAuth.OAuth2.Messages { - using System; - using System.Collections.Generic; - using System.Linq; - using System.Net; - using System.Text; - using DotNetOpenAuth.Messaging; - - /// <summary> - /// A response from the Authorization Server to the client indicating that the user - /// must visit a URL to complete an additional verification step before proceeding. - /// </summary> - internal class UserNamePasswordVerificationResponse : MessageBase, IHttpDirectResponse { - /// <summary> - /// Initializes a new instance of the <see cref="UserNamePasswordVerificationResponse"/> class. - /// </summary> - /// <param name="request">The request.</param> - internal UserNamePasswordVerificationResponse(UserNamePasswordRequest request) - : base(request) { - } - - #region IHttpDirectResponse Members - - /// <summary> - /// Gets the HTTP status code that the direct response should be sent with. - /// </summary> - /// <value><see cref="HttpStatusCode.BadRequest"/></value> - HttpStatusCode IHttpDirectResponse.HttpStatusCode { - get { return HttpStatusCode.BadRequest; } - } - - /// <summary> - /// Gets the HTTP headers to add to the response. - /// </summary> - WebHeaderCollection IHttpDirectResponse.Headers { - get { return new WebHeaderCollection(); } - } - - #endregion - - /// <summary> - /// Gets or sets the verification URL the user must visit with a browser - /// to complete some step to defeat automated attacks. - /// </summary> - /// <value>The verification URL.</value> - [MessagePart(Protocol.code, IsRequired = true, AllowEmpty = false)] - internal Uri VerificationUrl { get; set; } - } -} diff --git a/src/DotNetOpenAuth/OAuth2/Messages/WebServer/WebServerAccessTokenRequest.cs b/src/DotNetOpenAuth/OAuth2/Messages/WebServer/WebServerAccessTokenRequest.cs deleted file mode 100644 index e32d77b..0000000 --- a/src/DotNetOpenAuth/OAuth2/Messages/WebServer/WebServerAccessTokenRequest.cs +++ /dev/null @@ -1,134 +0,0 @@ -//----------------------------------------------------------------------- -// <copyright file="WebServerAccessTokenRequest.cs" company="Andrew Arnott"> -// Copyright (c) Andrew Arnott. All rights reserved. -// </copyright> -//----------------------------------------------------------------------- - -namespace DotNetOpenAuth.OAuth2.Messages { - using System; - using System.Diagnostics.Contracts; - using ChannelElements; - using Configuration; - using Messaging; - - /// <summary> - /// A message sent by the Client directly to the Authorization Server to exchange - /// the verification code for an Access Token. - /// </summary> - /// <remarks> - /// Used by the Web App (and Rich App?) profiles. - /// </remarks> - internal class WebServerAccessTokenRequest : MessageBase, IAccessTokenRequest, ITokenCarryingRequest { - /// <summary> - /// The type of message. - /// </summary> - [MessagePart(Protocol.type, IsRequired = true)] - private const string Type = "web_server"; - - /// <summary> - /// Initializes a new instance of the <see cref="WebServerAccessTokenRequest"/> class. - /// </summary> - /// <param name="accessTokenEndpoint">The Authorization Server's access token endpoint URL.</param> - /// <param name="version">The version.</param> - internal WebServerAccessTokenRequest(Uri accessTokenEndpoint, Version version) - : base(version, MessageTransport.Direct, accessTokenEndpoint) { - this.HttpMethods = HttpDeliveryMethods.PostRequest; - } - - /// <summary> - /// Initializes a new instance of the <see cref="WebServerAccessTokenRequest"/> class. - /// </summary> - /// <param name="authorizationServer">The authorization server.</param> - internal WebServerAccessTokenRequest(AuthorizationServerDescription authorizationServer) - : this(authorizationServer.TokenEndpoint, authorizationServer.Version) { - Contract.Requires<ArgumentNullException>(authorizationServer != null); - Contract.Requires<ArgumentException>(authorizationServer.Version != null); - Contract.Requires<ArgumentException>(authorizationServer.TokenEndpoint != null); - } - - /// <summary> - /// Gets the type of the code or token. - /// </summary> - /// <value>The type of the code or token.</value> - CodeOrTokenType ITokenCarryingRequest.CodeOrTokenType { - get { return CodeOrTokenType.VerificationCode; } - } - - /// <summary> - /// Gets or sets the verification code or refresh/access token. - /// </summary> - /// <value>The code or token.</value> - string ITokenCarryingRequest.CodeOrToken { - get { return this.VerificationCode; } - set { this.VerificationCode = value; } - } - - /// <summary> - /// Gets or sets the authorization that the token describes. - /// </summary> - IAuthorizationDescription ITokenCarryingRequest.AuthorizationDescription { get; set; } - - /// <summary> - /// Gets or sets the identifier by which this client is known to the Authorization Server. - /// </summary> - /// <value>The client identifier.</value> - [MessagePart(Protocol.client_id, IsRequired = true, AllowEmpty = false)] - public string ClientIdentifier { get; set; } - - /// <summary> - /// Gets or sets the client secret. - /// </summary> - /// <value>The client secret.</value> - /// <remarks> - /// REQUIRED if the client identifier has a matching secret. The client secret as described in Section 3.4 (Client Credentials). - /// </remarks> - [MessagePart(Protocol.client_secret, IsRequired = false, AllowEmpty = true)] - public string ClientSecret { get; set; } - - /// <summary> - /// Gets or sets the type of the secret. - /// </summary> - /// <value>The type of the secret.</value> - /// <remarks> - /// OPTIONAL. The access token secret type as described by Section 5.3 (Cryptographic Tokens Requests). If omitted, the authorization server will issue a bearer token (an access token without a matching secret) as described by Section 5.2 (Bearer Token Requests). - /// </remarks> - [MessagePart(Protocol.secret_type, IsRequired = false, AllowEmpty = false)] - public string SecretType { get; set; } - - /// <summary> - /// Gets or sets the verification code previously communicated to the Client - /// in <see cref="WebServerSuccessResponse.VerificationCode"/>. - /// </summary> - /// <value>The verification code received from the authorization server.</value> - [MessagePart(Protocol.code, IsRequired = true, AllowEmpty = false)] - internal string VerificationCode { get; set; } - - /// <summary> - /// Gets or sets the callback URL used in <see cref="EndUserAuthorizationRequest.Callback"/> - /// </summary> - /// <value> - /// The Callback URL used to obtain the Verification Code. - /// </value> - [MessagePart(Protocol.redirect_uri, IsRequired = true, AllowEmpty = false)] - internal Uri Callback { get; set; } - - /// <summary> - /// Checks the message state for conformity to the protocol specification - /// and throws an exception if the message is invalid. - /// </summary> - /// <remarks> - /// <para>Some messages have required fields, or combinations of fields that must relate to each other - /// in specialized ways. After deserializing a message, this method checks the state of the - /// message to see if it conforms to the protocol.</para> - /// <para>Note that this property should <i>not</i> check signatures or perform any state checks - /// outside this scope of this particular message.</para> - /// </remarks> - /// <exception cref="ProtocolException">Thrown if the message is invalid.</exception> - protected override void EnsureValidMessage() { - base.EnsureValidMessage(); - ErrorUtilities.VerifyProtocol( - DotNetOpenAuthSection.Configuration.Messaging.RelaxSslRequirements || this.Recipient.IsTransportSecure(), - OAuthWrapStrings.HttpsRequired); - } - } -} diff --git a/src/DotNetOpenAuth/OAuth2/Messages/WebServer/WebServerFailedResponse.cs b/src/DotNetOpenAuth/OAuth2/Messages/WebServer/WebServerFailedResponse.cs deleted file mode 100644 index 6735087..0000000 --- a/src/DotNetOpenAuth/OAuth2/Messages/WebServer/WebServerFailedResponse.cs +++ /dev/null @@ -1,59 +0,0 @@ -//----------------------------------------------------------------------- -// <copyright file="WebServerFailedResponse.cs" company="Andrew Arnott"> -// Copyright (c) Andrew Arnott. All rights reserved. -// </copyright> -//----------------------------------------------------------------------- - -namespace DotNetOpenAuth.OAuth2.Messages { - using System; - using System.Diagnostics.Contracts; - using DotNetOpenAuth.Messaging; - - /// <summary> - /// The message the Authorization Server MAY use to send the user back to the Client - /// following the user's denial to grant Consumer with authorization of - /// access to requested resources. - /// </summary> - internal class WebServerFailedResponse : MessageBase, IMessageWithClientState { - /// <summary> - /// A constant parameter that indicates the user refused to grant the requested authorization. - /// </summary> - [MessagePart(Protocol.error, IsRequired = true)] - private const string ErrorReason = Protocol.user_denied; - - /// <summary> - /// Initializes a new instance of the <see cref="WebServerFailedResponse"/> class. - /// </summary> - /// <param name="clientCallback">The recipient of the message.</param> - /// <param name="version">The version.</param> - internal WebServerFailedResponse(Uri clientCallback, Version version) : - base(version, MessageTransport.Indirect, clientCallback) { - Contract.Requires<ArgumentNullException>(version != null); - Contract.Requires<ArgumentNullException>(clientCallback != null); - } - - /// <summary> - /// Initializes a new instance of the <see cref="WebServerFailedResponse"/> class. - /// </summary> - /// <param name="clientCallback">The client callback.</param> - /// <param name="request">The request.</param> - internal WebServerFailedResponse(Uri clientCallback, EndUserAuthorizationRequest request) - : this(clientCallback, ((IMessage)request).Version) { - Contract.Requires<ArgumentNullException>(clientCallback != null, "clientCallback"); - Contract.Requires<ArgumentNullException>(request != null, "request"); - ((IMessageWithClientState)this).ClientState = ((IMessageWithClientState)request).ClientState; - } - - /// <summary> - /// Gets or sets the state of the client that was supplied to the Authorization Server. - /// </summary> - /// <value> - /// An opaque value that Clients can use to maintain state associated with the authorization request. - /// </value> - /// <remarks> - /// If this value is present, the Authorization Server MUST return it to the Client's callback URL. - /// </remarks> - [MessagePart(Protocol.state, IsRequired = false, AllowEmpty = true)] - public string ClientState { get; set; } - } -} diff --git a/src/DotNetOpenAuth/OAuth2/Messages/WebServer/WebServerRequest.cs b/src/DotNetOpenAuth/OAuth2/Messages/WebServer/WebServerRequest.cs deleted file mode 100644 index a789c10..0000000 --- a/src/DotNetOpenAuth/OAuth2/Messages/WebServer/WebServerRequest.cs +++ /dev/null @@ -1,50 +0,0 @@ -//----------------------------------------------------------------------- -// <copyright file="WebServerRequest.cs" company="Andrew Arnott"> -// Copyright (c) Andrew Arnott. All rights reserved. -// </copyright> -//----------------------------------------------------------------------- - -namespace DotNetOpenAuth.OAuth2.Messages { - using System; - using System.Collections.Generic; - using System.Diagnostics.Contracts; - using System.Linq; - using System.Text; - using DotNetOpenAuth.Messaging; - - /// <summary> - /// A message sent by a web application Client to the AuthorizationServer - /// via the user agent to obtain authorization from the user and prepare - /// to issue an access token to the Consumer if permission is granted. - /// </summary> - [Serializable] - internal class WebServerRequest : EndUserAuthorizationRequest { - /// <summary> - /// The type of message. - /// </summary> - [MessagePart(Protocol.type, IsRequired = true)] - private const string Type = "web_server"; - - /// <summary> - /// Initializes a new instance of the <see cref="WebServerRequest"/> class. - /// </summary> - /// <param name="authorizationEndpoint">The Authorization Server's user authorization URL to direct the user to.</param> - /// <param name="version">The protocol version.</param> - internal WebServerRequest(Uri authorizationEndpoint, Version version) - : base(authorizationEndpoint, version) { - Contract.Requires<ArgumentNullException>(authorizationEndpoint != null); - Contract.Requires<ArgumentNullException>(version != null); - } - - /// <summary> - /// Initializes a new instance of the <see cref="WebServerRequest"/> class. - /// </summary> - /// <param name="authorizationServer">The authorization server.</param> - internal WebServerRequest(AuthorizationServerDescription authorizationServer) - : base(authorizationServer) { - Contract.Requires<ArgumentNullException>(authorizationServer != null); - Contract.Requires<ArgumentException>(authorizationServer.Version != null); - Contract.Requires<ArgumentException>(authorizationServer.AuthorizationEndpoint != null); - } - } -} diff --git a/src/DotNetOpenAuth/OAuth2/Messages/WebServer/WebServerSuccessResponse.cs b/src/DotNetOpenAuth/OAuth2/Messages/WebServer/WebServerSuccessResponse.cs deleted file mode 100644 index 7135ba0..0000000 --- a/src/DotNetOpenAuth/OAuth2/Messages/WebServer/WebServerSuccessResponse.cs +++ /dev/null @@ -1,55 +0,0 @@ -//----------------------------------------------------------------------- -// <copyright file="WebServerSuccessResponse.cs" company="Andrew Arnott"> -// Copyright (c) Andrew Arnott. All rights reserved. -// </copyright> -//----------------------------------------------------------------------- - -namespace DotNetOpenAuth.OAuth2.Messages { - using System; - using System.Diagnostics.Contracts; - using DotNetOpenAuth.Messaging; - using DotNetOpenAuth.OAuth2.ChannelElements; - - /// <summary> - /// The message sent by the Authorization Server to the Client via the user agent - /// to indicate that user authorization was granted, and to return the user - /// to the Client where they started their experience. - /// </summary> - internal class WebServerSuccessResponse : EndUserAuthorizationSuccessResponse { - /// <summary> - /// Initializes a new instance of the <see cref="WebServerSuccessResponse"/> class. - /// </summary> - /// <param name="clientCallback">The client callback.</param> - /// <param name="version">The protocol version.</param> - internal WebServerSuccessResponse(Uri clientCallback, Version version) - : base(clientCallback, version) { - Contract.Requires<ArgumentNullException>(version != null); - Contract.Requires<ArgumentNullException>(clientCallback != null); - } - - /// <summary> - /// Initializes a new instance of the <see cref="WebServerSuccessResponse"/> class. - /// </summary> - /// <param name="clientCallback">The client callback.</param> - /// <param name="request">The request.</param> - internal WebServerSuccessResponse(Uri clientCallback, EndUserAuthorizationRequest request) - : base(clientCallback, request) { - Contract.Requires<ArgumentNullException>(clientCallback != null, "clientCallback"); - Contract.Requires<ArgumentNullException>(request != null, "request"); - ((IMessageWithClientState)this).ClientState = ((IMessageWithClientState)request).ClientState; - } - - /// <summary> - /// Gets or sets the verification code. - /// </summary> - /// <value> - /// The long-lived credential assigned by the Authorization Server to this Consumer for - /// use in accessing the authorizing user's protected resources. - /// </value> - [MessagePart(Protocol.code, IsRequired = true, AllowEmpty = false)] - internal new string VerificationCode { - get { return base.VerificationCode; } - set { base.VerificationCode = value; } - } - } -} diff --git a/src/DotNetOpenAuth/OAuth2/Protocol.cs b/src/DotNetOpenAuth/OAuth2/Protocol.cs index 9dfc9ae..5819cac 100644 --- a/src/DotNetOpenAuth/OAuth2/Protocol.cs +++ b/src/DotNetOpenAuth/OAuth2/Protocol.cs @@ -159,57 +159,52 @@ namespace DotNetOpenAuth.OAuth2 { internal const string assertion = "assertion"; /// <summary> - /// The "assertion_format" string. + /// The "assertion_type" string. /// </summary> - internal const string assertion_format = "assertion_format"; + internal const string assertion_type = "assertion_type"; /// <summary> - /// The "wrap_SAML" string. + /// The "user_denied" string. /// </summary> - internal const string wrap_saml = "wrap_SAML"; + internal const string user_denied = "user_denied"; /// <summary> - /// The "wrap_SWT" string. + /// Gets the <see cref="Protocol"/> instance with values initialized for V1.0 of the protocol. /// </summary> - internal const string wrap_swt = "wrap_SWT"; + internal static readonly Protocol V20 = new Protocol { + Version = new Version(2, 0), + ProtocolVersion = ProtocolVersion.V20, + }; /// <summary> - /// The "wrap_captcha_url" string. + /// A list of all supported OAuth versions, in order starting from newest version. /// </summary> - internal const string wrap_captcha_url = "wrap_captcha_url"; + internal static readonly List<Protocol> AllVersions = new List<Protocol>() { V20 }; /// <summary> - /// The "wrap_captcha_solution" string. + /// The default (or most recent) supported version of the OpenID protocol. /// </summary> - internal const string wrap_captcha_solution = "wrap_captcha_solution"; + internal static readonly Protocol Default = AllVersions[0]; /// <summary> - /// The "user_denied" string. + /// The "error_uri" string. /// </summary> - internal const string user_denied = "user_denied"; + public const string error_uri = "error_uri"; /// <summary> - /// The "secret_type" string. + /// The "error_description" string. /// </summary> - internal const string secret_type = "secret_type"; + internal const string error_description = "error_description"; /// <summary> - /// Gets the <see cref="Protocol"/> instance with values initialized for V1.0 of the protocol. + /// The "response_type" string. /// </summary> - internal static readonly Protocol V20 = new Protocol { - Version = new Version(2, 0), - ProtocolVersion = ProtocolVersion.V20, - }; + internal const string response_type = "response_type"; /// <summary> - /// A list of all supported OAuth versions, in order starting from newest version. + /// The "grant_type" string. /// </summary> - internal static readonly List<Protocol> AllVersions = new List<Protocol>() { V20 }; - - /// <summary> - /// The default (or most recent) supported version of the OpenID protocol. - /// </summary> - internal static readonly Protocol Default = AllVersions[0]; + internal const string grant_type = "grant_type"; /// <summary> /// Gets or sets the OAuth 2.0 version represented by this instance. @@ -235,11 +230,60 @@ namespace DotNetOpenAuth.OAuth2 { } } - internal static class ResponseFormats + internal static class ResponseTypes + { + internal const string Code = "code"; + internal const string Token = "token"; + internal const string CodeAndToken = "code-and-token"; + } + + internal static class GrantTypes + { + internal const string AuthorizationCode = "authorization-code"; + + internal const string BasicCredentials = "basic-credentials"; + + internal const string Assertion = "assertion"; + + internal const string RefreshToken = "refresh-token"; + + internal const string None = "none"; + } + + /// <summary> + /// Error codes that an authorization server can return to a client in response to a malformed or unsupported access token request. + /// </summary> + internal static class ErrorCodes { - internal const string Json = "json"; - internal const string Xml = "xml"; - internal const string Form = "form"; + /// <summary> + /// The request is missing a required parameter, includes an unknown parameter or parameter value, repeats a parameter, includes multiple credentials, utilizes more than one mechanism for authenticating the client, or is otherwise malformed. + /// </summary> + internal const string InvalidRequest = "invalid-request"; + + /// <summary> + /// The client identifier provided is invalid, the client failed to authenticate, or the client provided multiple client credentials. + /// </summary> + internal const string InvalidClientCredentials = "invalid-client-credentials"; + + /// <summary> + /// The client is not authorized to use the access grant type provided. + /// </summary> + internal const string UnauthorizedClient = "unauthorized-client"; + + /// <summary> + /// The provided access grant is invalid, expired, or revoked (e.g. invalid assertion, expired authorization token, bad end-user basic credentials, or mismatching authorization code and redirection URI). + /// </summary> + internal const string InvalidGrant = "invalid-grant"; + + /// <summary> + /// The access grant included - its type or another attribute - is not supported by the authorization server. + /// </summary> + internal const string UnsupportedGrantType = "unsupported-grant-type"; + + /// <summary> + /// The requested scope is invalid, unknown, malformed, or exceeds the previously granted scope. + /// </summary> + internal const string InvalidScope = "invalid-scope"; } } } diff --git a/src/DotNetOpenAuth/OpenId/Extensions/SimpleRegistration/Gender.cs b/src/DotNetOpenAuth/OpenId/Extensions/SimpleRegistration/Gender.cs index 3cc47c6..979c481 100644 --- a/src/DotNetOpenAuth/OpenId/Extensions/SimpleRegistration/Gender.cs +++ b/src/DotNetOpenAuth/OpenId/Extensions/SimpleRegistration/Gender.cs @@ -38,7 +38,7 @@ namespace DotNetOpenAuth.OpenId.Extensions.SimpleRegistration { /// The <paramref name="value"/> in string form, ready for message transport. /// </returns> public string Encode(object value) { - Gender? gender = (Gender?)value; + var gender = (Gender?)value; if (gender.HasValue) { switch (gender.Value) { case Gender.Male: return Constants.Genders.Male; |