summaryrefslogtreecommitdiffstats
path: root/src/DotNetOpenAuth.OAuth2/OAuth2
Commit message (Collapse)AuthorAgeFilesLines
* Removes inappropriate input validation of the signingKey argument in the ↵Andrew Arnott2013-12-031-2/+0
| | | | | | | | AccessToken.CreateFormatter method. This was breaking ResourceServer scenarios where the ResourceServer did not have the authorization server's private signing key. Fixes #298
* Lots of StyleCop fixes.Andrew Arnott2013-03-261-1/+4
|
* Adds a cookie delegating handler, fixes tests.Andrew Arnott2013-03-231-2/+2
|
* Switched Channel to receiving messages via HttpRequestMessage as well.Andrew Arnott2013-03-041-4/+4
|
* Fixes up user rejection cases.Andrew Arnott2013-03-031-44/+44
|
* Fixes basic auth creation.Andrew Arnott2013-03-011-1/+1
|
* Adds support for symmetric key signing and encryption of access tokens.Andrew Arnott2013-03-011-0/+9
| | | | This targets the common scenario where authorization servers and resource servers are actually on the same web application, and asymmetric cryptography is overkill and requires extra setup.
* OAuth2.Client builds.Andrew Arnott2013-01-131-3/+5
|
* Fixes the 16 failing unit tests.Andrew Arnott2012-12-271-1/+0
|
* Removes more remnants of Code Contracts.Andrew Arnott2012-12-265-62/+2
|
* Replaces DNOA's internal Requires class with Validation NuGet package.Andrew Arnott2012-12-265-0/+5
|
* Adds ClientBase.AuthorizeRequest overloads that accept WebHeaderCollection.Andrew Arnott2012-11-111-1/+14
| | | | Fixes #119
* Authorization Server hosts now instantiate their own AccessTokens rather ↵Andrew Arnott2012-04-251-24/+45
| | | | | | | than just parameters. AccessTokens are now serialized via a virtual method on that instance. Fixes #38, I think.
* Fixed build breaks when targeting .NET 3.5.Andrew Arnott2012-04-234-7/+7
|
* Fixes access denial errors from OAuth 2 resource servers so they include the ↵Andrew Arnott2012-04-227-77/+300
| | | | | | required parameters in their WWW-Authenticate headers. Fixes #124
* Fixed up the configuration story for OAuth 2.Andrew Arnott2012-04-181-23/+0
|
* StyleCop cleanup, and reversal of some code changes that were no longer ↵Andrew Arnott2012-04-183-21/+74
| | | | necessary.
* We have HTTP Basic client authentication working now in OAuth 2.Andrew Arnott2012-04-182-3/+60
|
* Trimmed off xml doc comment.Andrew Arnott2012-04-141-1/+0
|
* Fixed C# warning.Andrew Arnott2012-04-041-1/+1
|
* AccessToken is now a public class.Andrew Arnott2012-04-012-9/+11
| | | | | | | | | | | Resource Servers can now handle access tokens that are issued for a client's data (not a 3rd party resource owner's). Client Identifiers are no longer included in access tokens for unauthenticated clients. More work needed on IAccessTokenAnalyzer and the access token formatter. We need to generalize the serialization itself so folks can use JWT, etc. We also still need access token to have a host-defined map of claims. Fixes #104 Fixes #102
* Moved localizable strings into specific OAuth 2 assemblies.Andrew Arnott2012-03-312-85/+1
|
* Fixed up an authorization server's token endpoint to generate more accurate ↵Andrew Arnott2012-03-303-96/+20
| | | | error messages.
* Removed broken class diagram.Andrew Arnott2012-03-241-164/+0
|
* A bunch more moving of OAuth2 classes between assemblies.Andrew Arnott2012-03-1610-716/+0
|
* Redistributed OAuth2 code into their more specific assemblies.Andrew Arnott2012-03-1638-3013/+80
|
* Access token endpoint now can respond with appropriate errors.Andrew Arnott2012-03-141-2/+9
|
* Fixed error message generated in exception thrown for bad access token requests.Andrew Arnott2012-03-142-3/+3
|
* FxCop fixes and suppressions.Andrew Arnott2012-03-104-3/+5
|
* Applied all the StyleCop fixes necessary by the StyleCop 4.7 upgrade.Andrew Arnott2012-03-106-6/+6
|
* Hacks in support for Facebook, which is missing the token_type parameter in ↵Andrew Arnott2012-03-071-1/+1
| | | | | | its successful access token responses. Fixes #82
* Replaced API requirements for HttpRequestInfo with HttpRequestBase (new in ↵Andrew Arnott2012-03-053-12/+13
| | | | | | .NET 3.5 SP1). This makes us more friendly to MVC as well as mock-based unit testing.
* StyleCop fix.Andrew Arnott2012-02-251-2/+1
|
* Added client credential grant type support and a test to prove it.Andrew Arnott2012-02-253-5/+56
| | | | Fixes #33
* Adds support for the resource owner password credential grant.Andrew Arnott2012-02-243-1/+88
| | | | Fixes #72
* OAuth2 resource servers accept the HTTP verbs: PUT, DELETE, HEAD in addition ↵Andrew Arnott2012-02-231-0/+1
| | | | | | to the normal GET, POST Fixes #62
* Split out the authorization carrying messages into distinct interfaces.Andrew Arnott2012-02-2312-132/+157
| | | | This is to support additional grant types such as resource owner password credential and client credentials.
* Fixed compiler warning.Andrew Arnott2012-02-221-1/+1
|
* Split up end user authorization request message types between auth code and ↵Andrew Arnott2012-02-213-17/+77
| | | | implicit.
* Added scaffolding for OAuth2 unit tests and added the first test for client ↵Andrew Arnott2012-02-209-17/+113
| | | | authorization.
* Added spec required HTTP header in access token response.Andrew Arnott2012-02-191-0/+1
|
* Removed requirement for callback parameter, per the spec.Andrew Arnott2012-02-192-3/+9
|
* Fixed up the various protocol channels to correctly apply HTTP headers ↵Andrew Arnott2012-02-192-7/+3
| | | | prescribed by the messages.
* Avoid a NullReferenceException is an OAuth 2 resource server's direct ↵Andrew Arnott2012-02-161-3/+7
| | | | response message doesn't implement IHttpDirectResponse.
* Suppressed refresh tokens when client credentials are used to comply with ↵Andrew Arnott2012-02-163-0/+25
| | | | OAuth 2.0 section 4.4.3.
* Added a couple of new authorization request response codes.Andrew Arnott2012-02-131-0/+10
|
* Added valid scope token verification.Andrew Arnott2012-02-123-1/+42
|
* Added ClientType enum.Andrew Arnott2012-02-122-0/+59
|
* Renamed IConsumerDescription to IClientDescription.Andrew Arnott2012-02-123-15/+15
|
* Fixed many FxCop messages in OAuth2 assemblies. #68Andrew Arnott2012-02-096-2/+35
|
* Added DotNetOpenAuth.OAuth.Common to contain dependencies shared between ↵Andrew Arnott2012-02-083-3/+15
| | | | | | OAuth 1 and OAuth 2. Related to and closes #71
* Updated all copyright notices to reflect copyright assignment to Outercurve.Andrew Arnott2012-02-0549-98/+98
| | | | Fixes #66
* Removed some lingering ccrewrite.exe dependent code.Andrew Arnott2011-09-201-1/+1
|
* All product assemblies build without ccrewrite.exe now.Andrew Arnott2011-09-1818-52/+52
|
* Broke out OAuth 2 into 4 separate assemblies.Andrew Arnott2011-08-018-1271/+0
|
* Trying to fix up configuration section code.Andrew Arnott2011-07-103-3/+3
|
* First pass at dividing DotNetOpenAuth features into separate assemblies.Andrew Arnott2011-07-0161-0/+6229
Nothing compiles at this point.
generated by cgit v1.1 at 2025-05-29 01:57:09 +0000