diff options
Diffstat (limited to 'src')
10 files changed, 154 insertions, 98 deletions
diff --git a/src/DotNetOpenAuth/DotNetOpenAuth.csproj b/src/DotNetOpenAuth/DotNetOpenAuth.csproj index 8123d7a..1cbdabe 100644 --- a/src/DotNetOpenAuth/DotNetOpenAuth.csproj +++ b/src/DotNetOpenAuth/DotNetOpenAuth.csproj @@ -385,7 +385,6 @@ http://opensource.org/licenses/ms-pl.html <Compile Include="OAuth2\IClientAuthorizationTracker.cs" /> <Compile Include="OAuth2\IConsumerDescription.cs" /> <Compile Include="OAuth2\Messages\AccessProtectedResourceRequest.cs" /> - <Compile Include="OAuth2\Messages\AccessTokenAssertionRequest.cs" /> <Compile Include="OAuth2\Messages\AccessTokenAuthorizationCodeRequest.cs" /> <Compile Include="OAuth2\Messages\AccessTokenResourceOwnerPasswordCredentialsRequest.cs" /> <Compile Include="OAuth2\Messages\AccessTokenRequestBase.cs" /> @@ -398,6 +397,7 @@ http://opensource.org/licenses/ms-pl.html <Compile Include="OAuth2\Messages\AccessTokenRefreshRequest.cs" /> <Compile Include="OAuth2\Messages\EndUserAuthorizationResponseType.cs" /> <Compile Include="OAuth2\Messages\IMessageWithClientState.cs" /> + <Compile Include="OAuth2\Messages\ScopedAccessTokenRequest.cs" /> <Compile Include="OAuth2\Messages\UnauthorizedResponse.cs" /> <Compile Include="OAuth2\Messages\AccessTokenFailedResponse.cs" /> <Compile Include="OAuth2\Messages\AccessTokenSuccessResponse.cs" /> diff --git a/src/DotNetOpenAuth/OAuth2/ChannelElements/AccessRequestBindingElement.cs b/src/DotNetOpenAuth/OAuth2/ChannelElements/AccessRequestBindingElement.cs index af00409..cc4bfef 100644 --- a/src/DotNetOpenAuth/OAuth2/ChannelElements/AccessRequestBindingElement.cs +++ b/src/DotNetOpenAuth/OAuth2/ChannelElements/AccessRequestBindingElement.cs @@ -126,8 +126,11 @@ namespace DotNetOpenAuth.OAuth2.ChannelElements { var client = this.AuthorizationServer.GetClientOrThrow(accessRequest.ClientIdentifier); ErrorUtilities.VerifyProtocol(MessagingUtilities.EqualsConstantTime(client.Secret, accessRequest.ClientSecret), Protocol.incorrect_client_credentials); - // Make sure the scope the client is requesting does not exceed the scope in the grant. - ErrorUtilities.VerifyProtocol(accessRequest.Scope.IsSubsetOf(tokenRequest.AuthorizationDescription.Scope), OAuthStrings.AccessScopeExceedsGrantScope, accessRequest.Scope, tokenRequest.AuthorizationDescription.Scope); + var scopedAccessRequest = accessRequest as ScopedAccessTokenRequest; + if (scopedAccessRequest != null) { + // Make sure the scope the client is requesting does not exceed the scope in the grant. + ErrorUtilities.VerifyProtocol(scopedAccessRequest.Scope.IsSubsetOf(tokenRequest.AuthorizationDescription.Scope), OAuthStrings.AccessScopeExceedsGrantScope, scopedAccessRequest.Scope, tokenRequest.AuthorizationDescription.Scope); + } } // Make sure the authorization this token represents hasn't already been revoked. diff --git a/src/DotNetOpenAuth/OAuth2/ChannelElements/OAuth2ChannelBase.cs b/src/DotNetOpenAuth/OAuth2/ChannelElements/OAuth2ChannelBase.cs index d53e7ef..a646f51 100644 --- a/src/DotNetOpenAuth/OAuth2/ChannelElements/OAuth2ChannelBase.cs +++ b/src/DotNetOpenAuth/OAuth2/ChannelElements/OAuth2ChannelBase.cs @@ -24,7 +24,6 @@ namespace DotNetOpenAuth.OAuth2.ChannelElements { typeof(AccessTokenRefreshRequest), typeof(AccessTokenAuthorizationCodeRequest), typeof(AccessTokenResourceOwnerPasswordCredentialsRequest), - typeof(AccessTokenAssertionRequest), typeof(AccessTokenClientCredentialsRequest), typeof(AccessTokenSuccessResponse), typeof(AccessTokenFailedResponse), diff --git a/src/DotNetOpenAuth/OAuth2/Messages/AccessTokenAssertionRequest.cs b/src/DotNetOpenAuth/OAuth2/Messages/AccessTokenAssertionRequest.cs deleted file mode 100644 index fa50f6b..0000000 --- a/src/DotNetOpenAuth/OAuth2/Messages/AccessTokenAssertionRequest.cs +++ /dev/null @@ -1,49 +0,0 @@ -//----------------------------------------------------------------------- -// <copyright file="AccessTokenAssertionRequest.cs" company="Andrew Arnott"> -// Copyright (c) Andrew Arnott. All rights reserved. -// </copyright> -//----------------------------------------------------------------------- - -namespace DotNetOpenAuth.OAuth2.Messages { - using System; - using System.Collections.Generic; - using System.Linq; - using System.Text; - using DotNetOpenAuth.Messaging; - - /// <summary> - /// A request from a Client to an Authorization Server to exchange some assertion for an access token. - /// </summary> - internal class AccessTokenAssertionRequest : AccessTokenRequestBase { - /// <summary> - /// Initializes a new instance of the <see cref="AccessTokenAssertionRequest"/> class. - /// </summary> - /// <param name="tokenEndpoint">The Authorization Server's access token endpoint URL.</param> - /// <param name="version">The version.</param> - internal AccessTokenAssertionRequest(Uri tokenEndpoint, Version version) - : base(tokenEndpoint, version) { - } - - /// <summary> - /// Gets or sets the format of the assertion as defined by the Authorization Server. - /// </summary> - /// <value>The assertion format.</value> - [MessagePart(Protocol.assertion_type, IsRequired = true)] - internal Uri AssertionType { get; set; } - - /// <summary> - /// Gets or sets the assertion. - /// </summary> - /// <value>The assertion.</value> - [MessagePart(Protocol.assertion, IsRequired = true)] - internal string Assertion { get; set; } - - /// <summary> - /// Gets the type of the grant. - /// </summary> - /// <value>The type of the grant.</value> - internal override GrantType GrantType { - get { return GrantType.Assertion; } - } - } -} diff --git a/src/DotNetOpenAuth/OAuth2/Messages/AccessTokenClientCredentialsRequest.cs b/src/DotNetOpenAuth/OAuth2/Messages/AccessTokenClientCredentialsRequest.cs index ec6f36f..01e1633 100644 --- a/src/DotNetOpenAuth/OAuth2/Messages/AccessTokenClientCredentialsRequest.cs +++ b/src/DotNetOpenAuth/OAuth2/Messages/AccessTokenClientCredentialsRequest.cs @@ -19,7 +19,7 @@ namespace DotNetOpenAuth.OAuth2.Messages { /// <remarks> /// This is somewhat analogous to 2-legged OAuth. /// </remarks> - internal class AccessTokenClientCredentialsRequest : AccessTokenRequestBase { + internal class AccessTokenClientCredentialsRequest : ScopedAccessTokenRequest { /// <summary> /// Initializes a new instance of the <see cref="AccessTokenClientCredentialsRequest"/> class. /// </summary> diff --git a/src/DotNetOpenAuth/OAuth2/Messages/AccessTokenRefreshRequest.cs b/src/DotNetOpenAuth/OAuth2/Messages/AccessTokenRefreshRequest.cs index c193392..66b2497 100644 --- a/src/DotNetOpenAuth/OAuth2/Messages/AccessTokenRefreshRequest.cs +++ b/src/DotNetOpenAuth/OAuth2/Messages/AccessTokenRefreshRequest.cs @@ -6,6 +6,7 @@ namespace DotNetOpenAuth.OAuth2.Messages { using System; + using System.Collections.Generic; using DotNetOpenAuth.Messaging; using DotNetOpenAuth.OAuth2.ChannelElements; @@ -13,7 +14,7 @@ namespace DotNetOpenAuth.OAuth2.Messages { /// A request from the client to the token endpoint for a new access token /// in exchange for a refresh token that the client has previously obtained. /// </summary> - internal class AccessTokenRefreshRequest : AccessTokenRequestBase, ITokenCarryingRequest { + internal class AccessTokenRefreshRequest : ScopedAccessTokenRequest, ITokenCarryingRequest { /// <summary> /// Initializes a new instance of the <see cref="AccessTokenRefreshRequest"/> class. /// </summary> diff --git a/src/DotNetOpenAuth/OAuth2/Messages/AccessTokenRequestBase.cs b/src/DotNetOpenAuth/OAuth2/Messages/AccessTokenRequestBase.cs index 55387a6..a71dc70 100644 --- a/src/DotNetOpenAuth/OAuth2/Messages/AccessTokenRequestBase.cs +++ b/src/DotNetOpenAuth/OAuth2/Messages/AccessTokenRequestBase.cs @@ -25,7 +25,6 @@ namespace DotNetOpenAuth.OAuth2.Messages { protected AccessTokenRequestBase(Uri tokenEndpoint, Version version) : base(tokenEndpoint, version) { this.HttpMethods = HttpDeliveryMethods.PostRequest; - this.Scope = new HashSet<string>(OAuthUtilities.ScopeStringComparer); } /// <summary> @@ -36,13 +35,6 @@ namespace DotNetOpenAuth.OAuth2.Messages { internal abstract GrantType GrantType { get; } /// <summary> - /// Gets the set of scopes the Client would like the access token to provide access to. - /// </summary> - /// <value>A set of scopes. Never null.</value> - [MessagePart(Protocol.scope, IsRequired = false, Encoder = typeof(ScopeEncoder))] - internal HashSet<string> Scope { get; private set; } - - /// <summary> /// Checks the message state for conformity to the protocol specification /// and throws an exception if the message is invalid. /// </summary> diff --git a/src/DotNetOpenAuth/OAuth2/Messages/AccessTokenResourceOwnerPasswordCredentialsRequest.cs b/src/DotNetOpenAuth/OAuth2/Messages/AccessTokenResourceOwnerPasswordCredentialsRequest.cs index ed22843..82febe9 100644 --- a/src/DotNetOpenAuth/OAuth2/Messages/AccessTokenResourceOwnerPasswordCredentialsRequest.cs +++ b/src/DotNetOpenAuth/OAuth2/Messages/AccessTokenResourceOwnerPasswordCredentialsRequest.cs @@ -15,7 +15,7 @@ namespace DotNetOpenAuth.OAuth2.Messages { /// <summary> /// A request from a Client to an Authorization Server to exchange the user's username and password for an access token. /// </summary> - internal class AccessTokenResourceOwnerPasswordCredentialsRequest : AccessTokenRequestBase { + internal class AccessTokenResourceOwnerPasswordCredentialsRequest : ScopedAccessTokenRequest { /// <summary> /// Initializes a new instance of the <see cref="AccessTokenResourceOwnerPasswordCredentialsRequest"/> class. /// </summary> diff --git a/src/DotNetOpenAuth/OAuth2/Messages/OAuth 2 Messages.cd b/src/DotNetOpenAuth/OAuth2/Messages/OAuth 2 Messages.cd index a9c7703..caacdff 100644 --- a/src/DotNetOpenAuth/OAuth2/Messages/OAuth 2 Messages.cd +++ b/src/DotNetOpenAuth/OAuth2/Messages/OAuth 2 Messages.cd @@ -1,22 +1,22 @@ <?xml version="1.0" encoding="utf-8"?> <ClassDiagram MajorVersion="1" MinorVersion="1"> <Class Name="DotNetOpenAuth.OAuth2.Messages.MessageBase" Collapsed="true"> - <Position X="0.5" Y="4" Width="1.5" /> + <Position X="0.5" Y="0.5" Width="1.5" /> <TypeIdentifier> <HashCode>IAAMACQAQAAAgAkAAAAIAAYACgAAIAAAIACAACAAAIA=</HashCode> <FileName>OAuth2\Messages\MessageBase.cs</FileName> </TypeIdentifier> <Lollipop Position="0.2" /> </Class> - <Class Name="DotNetOpenAuth.OAuth2.Messages.AccessTokenAssertionRequest" Collapsed="true"> - <Position X="11" Y="5.5" Width="2.25" /> - <TypeIdentifier> - <HashCode>AAAIAAAAAAAAAAAAAgAAAAAQAAAAAAAAAAAAAAAAAAA=</HashCode> - <FileName>OAuth2\Messages\AccessTokenAssertionRequest.cs</FileName> - </TypeIdentifier> - </Class> <Class Name="DotNetOpenAuth.OAuth2.Messages.AccessTokenAuthorizationCodeRequest" Collapsed="true"> - <Position X="11" Y="6.5" Width="3" /> + <Position X="6.75" Y="6.75" Width="3" /> + <InheritanceLine Type="DotNetOpenAuth.OAuth2.Messages.AccessTokenRequestBase" FixedFromPoint="true" FixedToPoint="true"> + <Path> + <Point X="6.5" Y="6.441" /> + <Point X="6.5" Y="7.062" /> + <Point X="6.75" Y="7.062" /> + </Path> + </InheritanceLine> <TypeIdentifier> <HashCode>CCAAAAAAAAACAAAAAAAAAAAQAAAAAAAAAAAAAAAAQAA=</HashCode> <FileName>OAuth2\Messages\AccessTokenAuthorizationCodeRequest.cs</FileName> @@ -24,14 +24,28 @@ <Lollipop Position="0.2" /> </Class> <Class Name="DotNetOpenAuth.OAuth2.Messages.AccessTokenClientCredentialsRequest" Collapsed="true"> - <Position X="11" Y="3.75" Width="2.75" /> + <Position X="8.5" Y="8.75" Width="2.75" /> + <InheritanceLine Type="DotNetOpenAuth.OAuth2.Messages.ScopedAccessTokenRequest" FixedToPoint="true"> + <Path> + <Point X="7.875" Y="8.441" /> + <Point X="7.875" Y="9.062" /> + <Point X="8.5" Y="9.062" /> + </Path> + </InheritanceLine> <TypeIdentifier> <HashCode>AAAAAAAAAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAA=</HashCode> <FileName>OAuth2\Messages\AccessTokenClientCredentialsRequest.cs</FileName> </TypeIdentifier> </Class> <Class Name="DotNetOpenAuth.OAuth2.Messages.AccessTokenFailedResponse" Collapsed="true"> - <Position X="3.25" Y="1.75" Width="2.25" /> + <Position X="3.25" Y="8.5" Width="2.25" /> + <InheritanceLine Type="DotNetOpenAuth.OAuth2.Messages.MessageBase" FixedToPoint="true"> + <Path> + <Point X="1.25" Y="1.062" /> + <Point X="1.25" Y="8.812" /> + <Point X="3.25" Y="8.812" /> + </Path> + </InheritanceLine> <TypeIdentifier> <HashCode>AAAAAIAAAAAAAQAAAABAAAQAAAAAAAEQAAAAAAAAAAA=</HashCode> <FileName>OAuth2\Messages\AccessTokenFailedResponse.cs</FileName> @@ -39,34 +53,48 @@ <Lollipop Position="0.2" /> </Class> <Class Name="DotNetOpenAuth.OAuth2.Messages.AccessTokenRefreshRequest" Collapsed="true"> - <Position X="11" Y="4.75" Width="2.25" /> + <Position X="8.5" Y="9.75" Width="2.25" /> + <InheritanceLine Type="DotNetOpenAuth.OAuth2.Messages.ScopedAccessTokenRequest" FixedToPoint="true"> + <Path> + <Point X="7.875" Y="8.441" /> + <Point X="7.875" Y="10.125" /> + <Point X="8.5" Y="10.125" /> + </Path> + </InheritanceLine> <TypeIdentifier> - <HashCode>CCAAAAAAQAACAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAA=</HashCode> + <HashCode>CCAAAAAAQAACACAAAAAAAAAQAAAAAAAAAAAAAAAAAAA=</HashCode> <FileName>OAuth2\Messages\AccessTokenRefreshRequest.cs</FileName> </TypeIdentifier> <Lollipop Position="0.2" /> </Class> <Class Name="DotNetOpenAuth.OAuth2.Messages.AccessTokenRequestBase" Collapsed="true"> - <Position X="7.75" Y="7.25" Width="2" /> + <Position X="5.75" Y="5.75" Width="2" /> + <InheritanceLine Type="DotNetOpenAuth.OAuth2.Messages.AuthenticatedClientRequestBase" FixedFromPoint="true"> + <Path> + <Point X="4.375" Y="5.941" /> + <Point X="4.375" Y="6.096" /> + <Point X="5.75" Y="6.096" /> + </Path> + </InheritanceLine> <TypeIdentifier> - <HashCode>AAAAAAAAQAAAACAAAAAAAAAQAAAAAAAAAAAAAAAAAAA=</HashCode> + <HashCode>AAAAAAAAQAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAA=</HashCode> <FileName>OAuth2\Messages\AccessTokenRequestBase.cs</FileName> </TypeIdentifier> </Class> <Class Name="DotNetOpenAuth.OAuth2.Messages.AccessTokenResourceOwnerPasswordCredentialsRequest" Collapsed="true"> - <Position X="11" Y="7.25" Width="4" /> + <Position X="8.5" Y="10.5" Width="4" /> <TypeIdentifier> - <HashCode>AAAAAAAAAAAAAAAAAAAAAAAQAAAAAAACAQAAAAAAAAA=</HashCode> + <HashCode>AAAAAAAAAAAAACAAAAAAAAAQAAAAAAACAQAAAAAAAAA=</HashCode> <FileName>OAuth2\Messages\AccessTokenResourceOwnerPasswordCredentialsRequest.cs</FileName> </TypeIdentifier> </Class> <Class Name="DotNetOpenAuth.OAuth2.Messages.AccessTokenSuccessResponse" Collapsed="true"> - <Position X="3.25" Y="2.75" Width="2.25" /> + <Position X="3.25" Y="7.5" Width="2.25" /> <InheritanceLine Type="DotNetOpenAuth.OAuth2.Messages.MessageBase" FixedToPoint="true"> <Path> - <Point X="1.25" Y="4" /> - <Point X="1.25" Y="3.125" /> - <Point X="3.25" Y="3.125" /> + <Point X="1.25" Y="1.062" /> + <Point X="1.25" Y="7.812" /> + <Point X="3.25" Y="7.812" /> </Path> </InheritanceLine> <TypeIdentifier> @@ -76,14 +104,21 @@ <Lollipop Position="0.2" /> </Class> <Class Name="DotNetOpenAuth.OAuth2.Messages.AuthenticatedClientRequestBase" Collapsed="true"> - <Position X="3.25" Y="7.25" Width="2.25" /> + <Position X="3.25" Y="5.25" Width="2.25" /> <TypeIdentifier> <HashCode>AAAAAAAAAAAAAAAAAAAAAAAAAAwAAAAAAAAAAAAAAAA=</HashCode> <FileName>OAuth2\Messages\AuthenticatedClientRequestBase.cs</FileName> </TypeIdentifier> </Class> <Class Name="DotNetOpenAuth.OAuth2.Messages.EndUserAuthorizationFailedResponse" Collapsed="true"> - <Position X="3.25" Y="6.5" Width="2.75" /> + <Position X="3.25" Y="4.5" Width="2.75" /> + <InheritanceLine Type="DotNetOpenAuth.OAuth2.Messages.MessageBase" FixedToPoint="true"> + <Path> + <Point X="1.25" Y="1.062" /> + <Point X="1.25" Y="4.875" /> + <Point X="3.25" Y="4.875" /> + </Path> + </InheritanceLine> <TypeIdentifier> <HashCode>AAAAAIAAAAAAAQAAAAAAAAgAAAAAAAEAAAAAAAAAAAA=</HashCode> <FileName>OAuth2\Messages\EndUserAuthorizationFailedResponse.cs</FileName> @@ -91,14 +126,21 @@ <Lollipop Position="0.2" /> </Class> <Class Name="DotNetOpenAuth.OAuth2.Messages.EndUserAuthorizationRequest" Collapsed="true"> - <Position X="3.25" Y="5.5" Width="2.25" /> + <Position X="3.25" Y="0.5" Width="2.25" /> <TypeIdentifier> <HashCode>AAAAAAAAQAAAACAAAAAAAACAAAQAAAQAAAAAAAAAQAA=</HashCode> <FileName>OAuth2\Messages\EndUserAuthorizationRequest.cs</FileName> </TypeIdentifier> </Class> <Class Name="DotNetOpenAuth.OAuth2.Messages.EndUserAuthorizationSuccessAccessTokenResponse" Collapsed="true"> - <Position X="6.75" Y="4.25" Width="3.75" /> + <Position X="6.25" Y="3.75" Width="3.75" /> + <InheritanceLine Type="DotNetOpenAuth.OAuth2.Messages.EndUserAuthorizationSuccessResponseBase" FixedToPoint="true"> + <Path> + <Point X="4.625" Y="2.191" /> + <Point X="4.625" Y="4.062" /> + <Point X="6.25" Y="4.062" /> + </Path> + </InheritanceLine> <TypeIdentifier> <HashCode>CCAAAAAAAAACAAAAAAAAAAACEAAAAAAAAAAAAAAAAgA=</HashCode> <FileName>OAuth2\Messages\EndUserAuthorizationSuccessAccessTokenResponse.cs</FileName> @@ -106,13 +148,12 @@ <Lollipop Position="0.2" /> </Class> <Class Name="DotNetOpenAuth.OAuth2.Messages.EndUserAuthorizationSuccessAuthCodeResponse" Collapsed="true"> - <Position X="6.75" Y="3" Width="3.5" /> - <InheritanceLine Type="DotNetOpenAuth.OAuth2.Messages.EndUserAuthorizationSuccessResponseBase" FixedFromPoint="true"> + <Position X="6.25" Y="2.5" Width="3.5" /> + <InheritanceLine Type="DotNetOpenAuth.OAuth2.Messages.EndUserAuthorizationSuccessResponseBase" FixedToPoint="true"> <Path> - <Point X="6" Y="4.062" /> - <Point X="6.375" Y="4.062" /> - <Point X="6.375" Y="3.346" /> - <Point X="6.75" Y="3.346" /> + <Point X="4.625" Y="2.191" /> + <Point X="4.625" Y="2.875" /> + <Point X="6.25" Y="2.875" /> </Path> </InheritanceLine> <TypeIdentifier> @@ -122,7 +163,14 @@ <Lollipop Position="0.2" /> </Class> <Class Name="DotNetOpenAuth.OAuth2.Messages.EndUserAuthorizationSuccessResponseBase" Collapsed="true"> - <Position X="3.25" Y="3.75" Width="2.75" /> + <Position X="3.25" Y="1.5" Width="2.75" /> + <InheritanceLine Type="DotNetOpenAuth.OAuth2.Messages.MessageBase" FixedToPoint="true"> + <Path> + <Point X="1.25" Y="1.062" /> + <Point X="1.25" Y="1.75" /> + <Point X="3.25" Y="1.75" /> + </Path> + </InheritanceLine> <TypeIdentifier> <HashCode>AAACAAAAAAAAACAAAAAAAAgAAAAAAAAAAEAAAAAAAAA=</HashCode> <FileName>OAuth2\Messages\EndUserAuthorizationSuccessResponseBase.cs</FileName> @@ -130,7 +178,14 @@ <Lollipop Position="0.2" /> </Class> <Class Name="DotNetOpenAuth.OAuth2.Messages.AccessProtectedResourceRequest" Collapsed="true"> - <Position X="3.25" Y="4.75" Width="2.5" /> + <Position X="3.25" Y="9.75" Width="2.5" /> + <InheritanceLine Type="DotNetOpenAuth.OAuth2.Messages.MessageBase" FixedToPoint="true"> + <Path> + <Point X="1.25" Y="1.062" /> + <Point X="1.25" Y="10" /> + <Point X="3.25" Y="10" /> + </Path> + </InheritanceLine> <TypeIdentifier> <HashCode>CCAAAAAAQAACAAAAAAACAAAAEAAAAAAAAAEAAAQACAE=</HashCode> <FileName>OAuth2\Messages\AccessProtectedResourceRequest.cs</FileName> @@ -138,13 +193,34 @@ <Lollipop Position="0.2" /> </Class> <Class Name="DotNetOpenAuth.OAuth2.Messages.UnauthorizedResponse" Collapsed="true"> - <Position X="3.25" Y="0.75" Width="2" /> + <Position X="3.25" Y="10.75" Width="2" /> + <InheritanceLine Type="DotNetOpenAuth.OAuth2.Messages.MessageBase" FixedToPoint="true"> + <Path> + <Point X="1.25" Y="1.062" /> + <Point X="1.25" Y="11.125" /> + <Point X="3.25" Y="11.125" /> + </Path> + </InheritanceLine> <TypeIdentifier> <HashCode>AUABAAAAAAAAACAAAAAAAAQIAAAAAAAQAAAAAAAAABA=</HashCode> <FileName>OAuth2\Messages\UnauthorizedResponse.cs</FileName> </TypeIdentifier> <Lollipop Position="0.2" /> </Class> + <Class Name="DotNetOpenAuth.OAuth2.Messages.ScopedAccessTokenRequest" Collapsed="true"> + <Position X="6.75" Y="7.75" Width="2.25" /> + <InheritanceLine Type="DotNetOpenAuth.OAuth2.Messages.AccessTokenRequestBase" FixedFromPoint="true" FixedToPoint="true"> + <Path> + <Point X="6.5" Y="6.441" /> + <Point X="6.5" Y="8.125" /> + <Point X="6.75" Y="8.125" /> + </Path> + </InheritanceLine> + <TypeIdentifier> + <HashCode>AAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=</HashCode> + <FileName>OAuth2\Messages\ScopedAccessTokenRequest.cs</FileName> + </TypeIdentifier> + </Class> <Interface Name="DotNetOpenAuth.OAuth2.Messages.IMessageWithClientState"> <Position X="11.5" Y="0.5" Width="2" /> <TypeIdentifier> diff --git a/src/DotNetOpenAuth/OAuth2/Messages/ScopedAccessTokenRequest.cs b/src/DotNetOpenAuth/OAuth2/Messages/ScopedAccessTokenRequest.cs new file mode 100644 index 0000000..0e0329b --- /dev/null +++ b/src/DotNetOpenAuth/OAuth2/Messages/ScopedAccessTokenRequest.cs @@ -0,0 +1,34 @@ +//----------------------------------------------------------------------- +// <copyright file="ScopedAccessTokenRequest.cs" company="Andrew Arnott"> +// Copyright (c) Andrew Arnott. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- + +namespace DotNetOpenAuth.OAuth2.Messages { + using System; + using System.Collections.Generic; + using DotNetOpenAuth.Messaging; + using DotNetOpenAuth.OAuth2.ChannelElements; + + /// <summary> + /// An access token request that includes a scope parameter. + /// </summary> + internal abstract class ScopedAccessTokenRequest : AccessTokenRequestBase { + /// <summary> + /// Initializes a new instance of the <see cref="ScopedAccessTokenRequest"/> class. + /// </summary> + /// <param name="tokenEndpoint">The Authorization Server's access token endpoint URL.</param> + /// <param name="version">The version.</param> + internal ScopedAccessTokenRequest(Uri tokenEndpoint, Version version) + : base(tokenEndpoint, version) { + this.Scope = new HashSet<string>(OAuthUtilities.ScopeStringComparer); + } + + /// <summary> + /// Gets the set of scopes the Client would like the access token to provide access to. + /// </summary> + /// <value>A set of scopes. Never null.</value> + [MessagePart(Protocol.scope, IsRequired = false, Encoder = typeof(ScopeEncoder))] + internal HashSet<string> Scope { get; private set; } + } +} |