//-----------------------------------------------------------------------
//
// Copyright (c) Andrew Arnott. All rights reserved.
//
//-----------------------------------------------------------------------
namespace WebFormsRelyingParty.Code {
using System;
using System.Collections.Generic;
using System.Linq;
using System.Security.Cryptography.X509Certificates;
using System.Web;
using DotNetOpenAuth.OAuth;
using DotNetOpenAuth.OAuth.ChannelElements;
using DotNetOpenAuth.OAuth.Messages;
///
/// The token manager this web site uses in its roles both as
/// a consumer and as a service provider.
///
public class OAuthTokenManager : ITokenManager {
///
/// Initializes a new instance of the class.
///
protected OAuthTokenManager() {
}
#region ITokenManager Members
///
/// Gets the Token Secret given a request or access token.
///
/// The request or access token.
///
/// The secret associated with the given token.
///
/// Thrown if the secret cannot be found for the given token.
public string GetTokenSecret(string token) {
try {
return Global.DataContext.IssuedToken.First(t => t.Token == token).TokenSecret;
} catch (InvalidOperationException) {
throw new ArgumentOutOfRangeException();
}
}
///
/// Stores a newly generated unauthorized request token, secret, and optional
/// application-specific parameters for later recall.
///
/// The request message that resulted in the generation of a new unauthorized request token.
/// The response message that includes the unauthorized request token.
/// Thrown if the consumer key is not registered, or a required parameter was not found in the parameters collection.
///
/// Request tokens stored by this method SHOULD NOT associate any user account with this token.
/// It usually opens up security holes in your application to do so. Instead, you associate a user
/// account with access tokens (not request tokens) in the
/// method.
///
public void StoreNewRequestToken(UnauthorizedTokenRequest request, ITokenSecretContainingMessage response) {
Consumer consumer;
try {
consumer = Global.DataContext.Consumer.First(c => c.ConsumerKey == request.ConsumerKey);
} catch (InvalidOperationException) {
throw new ArgumentOutOfRangeException();
}
var token = new IssuedRequestToken {
Callback = request.Callback,
Consumer = consumer,
CreatedOn = DateTime.Now,
Token = response.Token,
TokenSecret = response.TokenSecret,
};
Global.DataContext.AddToIssuedToken(token);
Global.DataContext.SaveChanges();
}
public void ExpireRequestTokenAndStoreNewAccessToken(string consumerKey, string requestToken, string accessToken, string accessTokenSecret) {
var requestTokenEntity = Global.DataContext.IssuedToken.OfType().First(
t => t.Consumer.ConsumerKey == consumerKey && t.Token == requestToken);
Global.DataContext.DeleteObject(requestTokenEntity);
var accessTokenEntity = new IssuedAccessToken {
Token = accessToken,
TokenSecret = accessTokenSecret,
ExpirationDate = null, // currently, our access tokens don't expire
CreatedOn = DateTime.Now,
};
Global.DataContext.AddToIssuedToken(accessTokenEntity);
Global.DataContext.SaveChanges();
}
///
/// Classifies a token as a request token or an access token.
///
/// The token to classify.
///
/// Request or Access token, or invalid if the token is not recognized.
///
public TokenType GetTokenType(string token) {
IssuedToken tok = Global.DataContext.IssuedToken.FirstOrDefault(t => t.Token == token);
if (tok == null) {
return TokenType.InvalidToken;
} else {
return tok is IssuedAccessToken ? TokenType.AccessToken : TokenType.RequestToken;
}
}
#endregion
}
}