diff options
Diffstat (limited to 'src')
3 files changed, 19 insertions, 7 deletions
diff --git a/src/DotNetOpenAuth.Core/Messaging/MessagingUtilities.cs b/src/DotNetOpenAuth.Core/Messaging/MessagingUtilities.cs index 3c62ffe..1305620 100644 --- a/src/DotNetOpenAuth.Core/Messaging/MessagingUtilities.cs +++ b/src/DotNetOpenAuth.Core/Messaging/MessagingUtilities.cs @@ -1107,12 +1107,18 @@ namespace DotNetOpenAuth.Messaging { /// Tests whether two arrays are equal in contents and ordering. /// </summary> /// <typeparam name="T">The type of elements in the arrays.</typeparam> - /// <param name="first">The first array in the comparison. May not be null.</param> - /// <param name="second">The second array in the comparison. May not be null.</param> + /// <param name="first">The first array in the comparison. May be null.</param> + /// <param name="second">The second array in the comparison. May be null.</param> /// <returns>True if the arrays equal; false otherwise.</returns> internal static bool AreEquivalent<T>(T[] first, T[] second) { - Requires.NotNull(first, "first"); - Requires.NotNull(second, "second"); + if (first == null && second == null) { + return true; + } + + if (first == null || second == null) { + return false; + } + if (first.Length != second.Length) { return false; } diff --git a/src/DotNetOpenAuth.OAuth2/OAuth2/ChannelElements/AuthorizationCode.cs b/src/DotNetOpenAuth.OAuth2/OAuth2/ChannelElements/AuthorizationCode.cs index ad9730a..6199178 100644 --- a/src/DotNetOpenAuth.OAuth2/OAuth2/ChannelElements/AuthorizationCode.cs +++ b/src/DotNetOpenAuth.OAuth2/OAuth2/ChannelElements/AuthorizationCode.cs @@ -33,12 +33,11 @@ namespace DotNetOpenAuth.OAuth2.ChannelElements { /// Initializes a new instance of the <see cref="AuthorizationCode"/> class. /// </summary> /// <param name="clientIdentifier">The client identifier.</param> - /// <param name="callback">The callback the client used to obtain authorization.</param> + /// <param name="callback">The callback the client used to obtain authorization, if one was explicitly included in the request.</param> /// <param name="scopes">The authorized scopes.</param> /// <param name="username">The name on the account that authorized access.</param> internal AuthorizationCode(string clientIdentifier, Uri callback, IEnumerable<string> scopes, string username) { Requires.NotNullOrEmpty(clientIdentifier, "clientIdentifier"); - Requires.NotNull(callback, "callback"); this.ClientIdentifier = clientIdentifier; this.CallbackHash = CalculateCallbackHash(callback); @@ -96,6 +95,10 @@ namespace DotNetOpenAuth.OAuth2.ChannelElements { /// </returns> [SuppressMessage("Microsoft.Reliability", "CA2000:Dispose objects before losing scope", Justification = "False positive.")] private static byte[] CalculateCallbackHash(Uri callback) { + if (callback == null) { + return null; + } + using (var hasher = new SHA256Managed()) { return hasher.ComputeHash(Encoding.UTF8.GetBytes(callback.AbsoluteUri)); } diff --git a/src/DotNetOpenAuth.OAuth2/OAuth2/Messages/AccessTokenAuthorizationCodeRequest.cs b/src/DotNetOpenAuth.OAuth2/OAuth2/Messages/AccessTokenAuthorizationCodeRequest.cs index 7c7cdc7..4931040 100644 --- a/src/DotNetOpenAuth.OAuth2/OAuth2/Messages/AccessTokenAuthorizationCodeRequest.cs +++ b/src/DotNetOpenAuth.OAuth2/OAuth2/Messages/AccessTokenAuthorizationCodeRequest.cs @@ -81,7 +81,10 @@ namespace DotNetOpenAuth.OAuth2.Messages { /// <value> /// The Callback URL used to obtain the Verification Code. /// </value> - [MessagePart(Protocol.redirect_uri, IsRequired = true)] + /// <remarks> + /// REQUIRED, if the redirect_uri parameter was included in the authorization request as described in Section 4.1.1, and their values MUST be identical. + /// </remarks> + [MessagePart(Protocol.redirect_uri, IsRequired = false)] internal Uri Callback { get; set; } /// <summary> |