summaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/AuthorizationServerAccessToken.cs16
-rw-r--r--src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/MessageValidationBindingElement.cs2
-rw-r--r--src/DotNetOpenAuth.OAuth2.ResourceServer/OAuth2/StandardAccessTokenAnalyzer.cs15
-rw-r--r--src/DotNetOpenAuth.OAuth2/OAuth2/AccessToken.cs9
-rw-r--r--src/DotNetOpenAuth.OAuth2/OAuth2/OAuthUtilities.cs2
-rw-r--r--src/DotNetOpenAuth.sln11
-rw-r--r--src/packages/repositories.config1
7 files changed, 50 insertions, 6 deletions
diff --git a/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/AuthorizationServerAccessToken.cs b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/AuthorizationServerAccessToken.cs
index 7c9f808..cbf4b09 100644
--- a/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/AuthorizationServerAccessToken.cs
+++ b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/AuthorizationServerAccessToken.cs
@@ -11,6 +11,7 @@ namespace DotNetOpenAuth.OAuth2 {
using System.Security.Cryptography;
using System.Text;
using DotNetOpenAuth.Messaging;
+ using DotNetOpenAuth.Messaging.Bindings;
using DotNetOpenAuth.OAuth2.ChannelElements;
/// <summary>
@@ -40,12 +41,23 @@ namespace DotNetOpenAuth.OAuth2 {
public RSACryptoServiceProvider ResourceServerEncryptionKey { get; set; }
/// <summary>
+ /// Gets or sets the symmetric key store to use if the asymmetric key properties are not set.
+ /// </summary>
+ public ICryptoKeyStore SymmetricKeyStore { get; set; }
+
+ /// <summary>
/// Serializes this instance to a simple string for transmission to the client.
/// </summary>
/// <returns>A non-empty string.</returns>
protected internal override string Serialize() {
- ErrorUtilities.VerifyHost(this.AccessTokenSigningKey != null, AuthServerStrings.AccessTokenSigningKeyMissing);
- var formatter = CreateFormatter(this.AccessTokenSigningKey, this.ResourceServerEncryptionKey);
+ ErrorUtilities.VerifyHost(this.AccessTokenSigningKey != null || this.SymmetricKeyStore != null, AuthServerStrings.AccessTokenSigningKeyMissing);
+ IDataBagFormatter<AccessToken> formatter;
+ if (this.AccessTokenSigningKey != null) {
+ formatter = CreateFormatter(this.AccessTokenSigningKey, this.ResourceServerEncryptionKey);
+ } else {
+ formatter = CreateFormatter(this.SymmetricKeyStore);
+ }
+
return formatter.Serialize(this);
}
}
diff --git a/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/MessageValidationBindingElement.cs b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/MessageValidationBindingElement.cs
index ae7aa8b..823baaf 100644
--- a/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/MessageValidationBindingElement.cs
+++ b/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/MessageValidationBindingElement.cs
@@ -71,7 +71,7 @@ namespace DotNetOpenAuth.OAuth2.ChannelElements {
ErrorUtilities.VerifyProtocol(accessTokenRequest.GrantType != GrantType.ClientCredentials || accessTokenResponse.RefreshToken == null, OAuthStrings.NoGrantNoRefreshToken);
}
- return null;
+ return MessageProtectionTasks.Null;
}
/// <summary>
diff --git a/src/DotNetOpenAuth.OAuth2.ResourceServer/OAuth2/StandardAccessTokenAnalyzer.cs b/src/DotNetOpenAuth.OAuth2.ResourceServer/OAuth2/StandardAccessTokenAnalyzer.cs
index 32f10ba..3bd0324 100644
--- a/src/DotNetOpenAuth.OAuth2.ResourceServer/OAuth2/StandardAccessTokenAnalyzer.cs
+++ b/src/DotNetOpenAuth.OAuth2.ResourceServer/OAuth2/StandardAccessTokenAnalyzer.cs
@@ -10,6 +10,7 @@ namespace DotNetOpenAuth.OAuth2 {
using System.IO;
using System.Security.Cryptography;
using DotNetOpenAuth.Messaging;
+ using DotNetOpenAuth.Messaging.Bindings;
using DotNetOpenAuth.OAuth2.ChannelElements;
using Validation;
@@ -30,6 +31,14 @@ namespace DotNetOpenAuth.OAuth2 {
}
/// <summary>
+ /// Initializes a new instance of the <see cref="StandardAccessTokenAnalyzer"/> class.
+ /// </summary>
+ public StandardAccessTokenAnalyzer(ICryptoKeyStore symmetricKeyStore) {
+ Requires.NotNull(symmetricKeyStore, "symmetricKeyStore");
+ this.SymmetricKeyStore = symmetricKeyStore;
+ }
+
+ /// <summary>
/// Gets the authorization server public signing key.
/// </summary>
/// <value>The authorization server public signing key.</value>
@@ -41,6 +50,8 @@ namespace DotNetOpenAuth.OAuth2 {
/// <value>The resource server private encryption key.</value>
public RSACryptoServiceProvider ResourceServerPrivateEncryptionKey { get; private set; }
+ public ICryptoKeyStore SymmetricKeyStore { get; private set; }
+
/// <summary>
/// Reads an access token to find out what data it authorizes access to.
/// </summary>
@@ -50,7 +61,9 @@ namespace DotNetOpenAuth.OAuth2 {
/// <exception cref="ProtocolException">Thrown if the access token is expired, invalid, or from an untrusted authorization server.</exception>
public virtual AccessToken DeserializeAccessToken(IDirectedProtocolMessage message, string accessToken) {
ErrorUtilities.VerifyProtocol(!string.IsNullOrEmpty(accessToken), ResourceServerStrings.MissingAccessToken);
- var accessTokenFormatter = AccessToken.CreateFormatter(this.AuthorizationServerPublicSigningKey, this.ResourceServerPrivateEncryptionKey);
+ var accessTokenFormatter = this.AuthorizationServerPublicSigningKey != null
+ ? AccessToken.CreateFormatter(this.AuthorizationServerPublicSigningKey, this.ResourceServerPrivateEncryptionKey)
+ : AccessToken.CreateFormatter(this.SymmetricKeyStore);
var token = new AccessToken();
try {
accessTokenFormatter.Deserialize(token, accessToken, message, Protocol.access_token);
diff --git a/src/DotNetOpenAuth.OAuth2/OAuth2/AccessToken.cs b/src/DotNetOpenAuth.OAuth2/OAuth2/AccessToken.cs
index fa87972..a8c911e 100644
--- a/src/DotNetOpenAuth.OAuth2/OAuth2/AccessToken.cs
+++ b/src/DotNetOpenAuth.OAuth2/OAuth2/AccessToken.cs
@@ -57,6 +57,15 @@ namespace DotNetOpenAuth.OAuth2 {
}
/// <summary>
+ /// Creates a formatter capable of serializing/deserializing an access token.
+ /// </summary>
+ /// <returns>An access token serializer.</returns>
+ internal static IDataBagFormatter<AccessToken> CreateFormatter(ICryptoKeyStore symmetricKeyStore) {
+ Requires.NotNull(symmetricKeyStore, "symmetricKeyStore");
+ return new UriStyleMessageFormatter<AccessToken>(symmetricKeyStore, bucket: "AccessTokens", signed: true, encrypted: true);
+ }
+
+ /// <summary>
/// Initializes this instance of the <see cref="AccessToken"/> class.
/// </summary>
/// <param name="authorization">The authorization to apply to this access token.</param>
diff --git a/src/DotNetOpenAuth.OAuth2/OAuth2/OAuthUtilities.cs b/src/DotNetOpenAuth.OAuth2/OAuth2/OAuthUtilities.cs
index 13ea287..e51eb24 100644
--- a/src/DotNetOpenAuth.OAuth2/OAuth2/OAuthUtilities.cs
+++ b/src/DotNetOpenAuth.OAuth2/OAuth2/OAuthUtilities.cs
@@ -172,7 +172,7 @@ namespace DotNetOpenAuth.OAuth2 {
string concat = userName + ":" + password;
byte[] bits = HttpBasicEncoding.GetBytes(concat);
string base64 = Convert.ToBase64String(bits);
- headers.Authorization = new AuthenticationHeaderValue(HttpBasicAuthScheme, base64);
+ headers.Authorization = new AuthenticationHeaderValue(HttpBasicAuthScheme.TrimEnd(), base64);
}
/// <summary>
diff --git a/src/DotNetOpenAuth.sln b/src/DotNetOpenAuth.sln
index db126bc..2def580 100644
--- a/src/DotNetOpenAuth.sln
+++ b/src/DotNetOpenAuth.sln
@@ -219,6 +219,8 @@ Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "DotNetOpenAuth.OAuth.Common
EndProject
Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "DotNetOpenAuth.OAuth2.ClientAuthorization", "DotNetOpenAuth.OAuth2.ClientAuthorization\DotNetOpenAuth.OAuth2.ClientAuthorization.csproj", "{CCF3728A-B3D7-404A-9BC6-75197135F2D7}"
EndProject
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "OAuth2ProtectedWebApi", "..\samples\OAuth2ProtectedWebApi\OAuth2ProtectedWebApi.csproj", "{58A3721F-5B5C-4CA7-BE39-91640B5B4924}"
+EndProject
Global
GlobalSection(SolutionConfigurationPlatforms) = preSolution
CodeAnalysis|Any CPU = CodeAnalysis|Any CPU
@@ -503,6 +505,12 @@ Global
{CCF3728A-B3D7-404A-9BC6-75197135F2D7}.Debug|Any CPU.Build.0 = Debug|Any CPU
{CCF3728A-B3D7-404A-9BC6-75197135F2D7}.Release|Any CPU.ActiveCfg = Release|Any CPU
{CCF3728A-B3D7-404A-9BC6-75197135F2D7}.Release|Any CPU.Build.0 = Release|Any CPU
+ {58A3721F-5B5C-4CA7-BE39-91640B5B4924}.CodeAnalysis|Any CPU.ActiveCfg = Release|Any CPU
+ {58A3721F-5B5C-4CA7-BE39-91640B5B4924}.CodeAnalysis|Any CPU.Build.0 = Release|Any CPU
+ {58A3721F-5B5C-4CA7-BE39-91640B5B4924}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+ {58A3721F-5B5C-4CA7-BE39-91640B5B4924}.Debug|Any CPU.Build.0 = Debug|Any CPU
+ {58A3721F-5B5C-4CA7-BE39-91640B5B4924}.Release|Any CPU.ActiveCfg = Release|Any CPU
+ {58A3721F-5B5C-4CA7-BE39-91640B5B4924}.Release|Any CPU.Build.0 = Release|Any CPU
EndGlobalSection
GlobalSection(SolutionProperties) = preSolution
HideSolutionNode = FALSE
@@ -526,6 +534,7 @@ Global
{9529606E-AF76-4387-BFB7-3D10A5B399AA} = {1E2CBAA5-60A3-4AED-912E-541F5753CDC6}
{E135F455-0669-49F8-9207-07FCA8C8FC79} = {1E2CBAA5-60A3-4AED-912E-541F5753CDC6}
{C78E8235-1D46-43EB-A912-80B522C4E9AE} = {1E2CBAA5-60A3-4AED-912E-541F5753CDC6}
+ {58A3721F-5B5C-4CA7-BE39-91640B5B4924} = {1E2CBAA5-60A3-4AED-912E-541F5753CDC6}
{6EB90284-BD15-461C-BBF2-131CF55F7C8B} = {8A5CEDB9-7F8A-4BE2-A1B9-97130F453277}
{5C65603B-235F-47E6-B536-06385C60DE7F} = {E9ED920D-1F83-48C0-9A4B-09CCE505FE6D}
{A78F8FC6-7B03-4230-BE41-761E400D6810} = {B9EB8729-4B54-4453-B089-FE6761BA3057}
@@ -535,12 +544,12 @@ Global
{C7EF1823-3AA7-477E-8476-28929F5C05D2} = {8D4236F7-C49B-49D3-BA71-6B86C9514BDE}
{9AF74F53-10F5-49A2-B747-87B97CD559D3} = {8D4236F7-C49B-49D3-BA71-6B86C9514BDE}
{529B4262-6B5A-4EF9-BD3B-1D29A2597B67} = {8D4236F7-C49B-49D3-BA71-6B86C9514BDE}
+ {238B6BA8-AD99-43C9-B8E2-D2BCE6CE04DC} = {8D4236F7-C49B-49D3-BA71-6B86C9514BDE}
{57A7DD35-666C-4FA3-9A1B-38961E50CA27} = {8D4236F7-C49B-49D3-BA71-6B86C9514BDE}
{60426312-6AE5-4835-8667-37EDEA670222} = {8D4236F7-C49B-49D3-BA71-6B86C9514BDE}
{173E7B8D-E751-46E2-A133-F72297C0D2F4} = {8D4236F7-C49B-49D3-BA71-6B86C9514BDE}
{51835086-9611-4C53-819B-F2D5C9320873} = {8D4236F7-C49B-49D3-BA71-6B86C9514BDE}
{115217C5-22CD-415C-A292-0DD0238CDD89} = {8D4236F7-C49B-49D3-BA71-6B86C9514BDE}
- {238B6BA8-AD99-43C9-B8E2-D2BCE6CE04DC} = {8D4236F7-C49B-49D3-BA71-6B86C9514BDE}
{3896A32A-E876-4C23-B9B8-78E17D134CD3} = {C7EF1823-3AA7-477E-8476-28929F5C05D2}
{F8284738-3B5D-4733-A511-38C23F4A763F} = {C7EF1823-3AA7-477E-8476-28929F5C05D2}
{F458AB60-BA1C-43D9-8CEF-EC01B50BE87B} = {C7EF1823-3AA7-477E-8476-28929F5C05D2}
diff --git a/src/packages/repositories.config b/src/packages/repositories.config
index 6931a9d..fe99184 100644
--- a/src/packages/repositories.config
+++ b/src/packages/repositories.config
@@ -4,6 +4,7 @@
<repository path="..\..\projecttemplates\RelyingPartyLogic\packages.config" />
<repository path="..\..\projecttemplates\WebFormsRelyingParty\packages.config" />
<repository path="..\..\samples\DotNetOpenAuth.ApplicationBlock\packages.config" />
+ <repository path="..\..\samples\OAuth2ProtectedWebApi\packages.config" />
<repository path="..\..\samples\OAuthAuthorizationServer\packages.config" />
<repository path="..\..\samples\OAuthClient\packages.config" />
<repository path="..\..\samples\OAuthConsumer\packages.config" />
generated by cgit v1.1 at 2025-05-17 22:28:48 +0000