summaryrefslogtreecommitdiffstats
path: root/src/DotNetOpenAuth.OAuth2.AuthorizationServer/OAuth2/ChannelElements/MessageValidationBindingElement.cs
Commit message (Collapse)AuthorAgeFilesLines
* Closes #356, Closes #357, Closes #358David Christiansen2015-01-041-0/+2
|
* Fixes NullReferenceException in MessageValidationBindingElement.Andrew Arnott2013-02-281-1/+1
|
* More warning fixes.Andrew Arnott2013-02-161-2/+2
|
* More warning fixes.Andrew Arnott2013-02-101-1/+1
|
* C# compiler warning fixes.Andrew Arnott2013-02-101-5/+6
|
* OAuth2.AuthorizationServer now builds.Andrew Arnott2013-01-131-2/+4
|
* Removes more remnants of Code Contracts.Andrew Arnott2012-12-261-1/+0
|
* Replaces DNOA's internal Requires class with Validation NuGet package.Andrew Arnott2012-12-261-0/+1
|
* CreateAccessToken reveals username to hostAndrew Arnott2012-12-241-3/+3
| | | | | | | IAuthorizationServerHost.CreateAccessToken now has access to authoring usernames. Fixes #219
* Authorization servers can override the granted scopes for all grant types.Andrew Arnott2012-10-301-5/+10
| | | | | | This change adds the ability for authorization servers to override the granted scopes of client credential and resource owner password grant types. Fixes #225
* Fix error message.Andrew Arnott2012-08-231-1/+1
|
* Special handling for client credential grant typeAndrew Arnott2012-05-291-0/+13
| | | | | | | | Access token requests that carry client credential grants are now specially handled and signal to the authorization server that an authorization record should be created. More work toward #138
* Resource owner password grant method renameAndrew Arnott2012-05-291-36/+38
| | | | | | | | | | | | Renamed IAuthorizationServerHost.IsResourceOwnerCredentialValid to TryAuthorizeResourceOwnerCredentialGrant so that authorization servers are prepared to approve refresh tokens that may be issued as a result of a resource owner password grant. This also removes some of the "validation" that wasn't really doing anything useful for resource owner password grant types. Toward an eventual fix for #138
* Anonymous clients can now exchange resource owner credentials for refresh ↵Andrew Arnott2012-04-221-7/+15
| | | | | | | | and access tokens. (authenticated clients already could). Fixes #100
* Fixes access denial errors from OAuth 2 resource servers so they include the ↵Andrew Arnott2012-04-221-12/+3
| | | | | | required parameters in their WWW-Authenticate headers. Fixes #124
* Fixed HTTP Basic authentication for OAuth 2 clients so that it actually ↵Andrew Arnott2012-04-191-8/+10
| | | | works in the sample.
* Fixed up the configuration story for OAuth 2.Andrew Arnott2012-04-181-3/+11
|
* StyleCop cleanup, and reversal of some code changes that were no longer ↵Andrew Arnott2012-04-181-0/+7
| | | | necessary.
* We have HTTP Basic client authentication working now in OAuth 2.Andrew Arnott2012-04-181-3/+12
|
* Authorization server hosts may now provide canonical usernames for the ↵Andrew Arnott2012-04-161-1/+4
| | | | | | resource owner given correct resource owner credentials. Fixes #103
* Authorization servers now gain insight into the calling client when ↵Andrew Arnott2012-04-151-1/+1
| | | | | | validating resource owner credential grant type requests. Fixes #101
* Renamed IAuthorizationServer to IAuthorizationServerHost.Andrew Arnott2012-04-081-1/+1
| | | | To avoid confusion with the concrete class AuthorizationServer.
* Allows the authorization server to store merely the hashes of client secrets.Andrew Arnott2012-04-011-3/+2
| | | | Fixes #92
* Moved localizable strings into specific OAuth 2 assemblies.Andrew Arnott2012-03-311-2/+2
|
* Consolidated all code and token serializations to one binding element.Andrew Arnott2012-03-301-0/+56
|
* Fixed up an authorization server's token endpoint to generate more accurate ↵Andrew Arnott2012-03-301-2/+2
| | | | error messages.
* Moved some message validation to another binding element.Andrew Arnott2012-03-291-0/+104
generated by cgit v1.1 at 2025-05-13 21:50:54 +0000