summaryrefslogtreecommitdiffstats
path: root/samples/OAuthAuthorizationServer/Controllers
Commit message (Collapse)AuthorAgeFilesLines
* Corrected indentation back to being tab based.Richard Collette2014-12-262-118/+117
|
* Undo CodeMaid formattingRichard Collette2014-12-232-63/+37
|
* Fix #355 Response.ContentType not set when AsActionResult is used.Richard Collette2014-12-182-152/+183
|
* Removes some optional cancellation tokens that don't work with all server ↵Andrew Arnott2013-03-281-3/+3
| | | | configurations.
* Removed references to obsolete AsyncController.Andrew Arnott2013-01-272-2/+2
|
* Fixed a bunch more samples.Andrew Arnott2013-01-232-19/+21
|
* Incremented the OAuth 2.0 client sample's port # so as to not conflict with ↵Andrew Arnott2012-03-221-1/+1
| | | | the OAuth 1.0 consumer sample.
* Access token endpoint now can respond with appropriate errors.Andrew Arnott2012-03-141-6/+1
|
* Fixed StyleCop mesage.Andrew Arnott2012-03-011-1/+1
|
* Slightly simplified sample OAuth 2 authorization server token endpoint action.Andrew Arnott2012-02-251-6/+4
|
* Added another frame busting technique to make the authorization server more ↵Andrew Arnott2012-02-201-0/+1
| | | | secure.
* We have an implicit grant javascript client that can obtain an access token.Andrew Arnott2011-06-201-0/+5
| | | | It doesn't know how to use it yet though.
* Access token lifetimes are now controlled by the IAuthorizationServer ↵Andrew Arnott2011-06-161-11/+1
| | | | | | instance supplied by the host. It is consistent whether the access token is obtained via implicit grant or from a refresh token.
* Implicit grants are now sort of working on the authorization server side.unknown2011-06-151-32/+2
| | | | | | Still to do: * Ensure no auto-authorize of access tokens based on previous authorizations for the unauthenticated client. * Provide the authorization server with a way to indicate access token lifetime, and to veto the request based on the requested scopes being too dangerous for the less secure implicit grant type.
* Various fixes to the sample OAuth 2.0 Authorization Server sample.Andrew Arnott2011-05-272-1/+6
|
* Allowed for cycling of symmetric cryptographic keys by replacing the ↵Andrew Arnott2011-05-271-10/+10
| | | | | | effectively constant byte[] secret with a new ICryptoKeyStore throughout the OAuth 2 and OpenID stacks. And StyleCop fixes.
* Fixed static field initialization.Andrew Arnott2011-04-071-13/+6
|
* Fixed non-thread-safe use of RsaCryptoServiceProvider instances.Andrew Arnott2011-04-071-5/+11
|
* Replaced OAuth2 API demands for RSAParameters with demands for ↵Andrew Arnott2011-04-061-103/+116
| | | | | | | | RSACryptoServiceProvider. This allows for servers that have non-exportable private keys to still use those private keys for signing and decryption. Closes #16
* Removed database component from the Resource Server sample.Andrew Arnott2010-08-112-5/+12
|
* Fixed bug where sample logon page would throw due to no returnUrl parameter.Andrew Arnott2010-08-111-14/+17
|
* Non-functional cleanup.Andrew Arnott2010-08-111-10/+10
|
* Now StyleCop clean.Andrew Arnott2010-08-013-53/+49
|
* Some user-notification enhancements to the OAuth 2 samples.Andrew Arnott2010-08-011-1/+15
|
* The OAuthClient, OAuthResourceServer and OAuthAuthorizationServer samples ↵Andrew Arnott2010-08-013-95/+39
| | | | now work!
* Split the OAuthServiceProvider sample into two samples: ↵Andrew Arnott2010-07-313-0/+289
OAuthAuthorizationServer and OAuthResourceServer. Renamed OAuthConsumer to OAuthClient.
generated by cgit v1.1 at 2025-05-11 08:24:41 +0000