//-----------------------------------------------------------------------
//
// Copyright (c) Andrew Arnott. All rights reserved.
//
//-----------------------------------------------------------------------
namespace DotNetOpenAuth.OAuth2 {
using System;
using System.Collections.Generic;
using System.Linq;
using System.Net;
using System.Text;
using DotNetOpenAuth.Messaging;
using DotNetOpenAuth.OAuth2.Messages;
///
/// A base class for extensions that apply client authentication to messages for the authorization server in specific ways.
///
public abstract class ClientCredentialApplicator {
///
/// Initializes a new instance of the class.
///
protected ClientCredentialApplicator() {
}
///
/// Transmits the secret the client shares with the authorization server as a parameter in the POST entity payload.
///
/// The secret the client shares with the authorization server.
/// The credential applicator to provide to the instance.
public static ClientCredentialApplicator PostParameter(string clientSecret) {
Requires.NotNullOrEmpty(clientSecret, "clientSecret");
return new PostParameterApplicator(clientSecret);
}
///
/// Transmits the client identifier and secret in the HTTP Authorization header via HTTP Basic authentication.
///
/// The secret the client shares with the authorization server.
/// The credential applicator to provide to the instance.
public static ClientCredentialApplicator HttpBasic(string clientSecret) {
Requires.NotNullOrEmpty(clientSecret, "clientSecret");
return new HttpBasicApplicator(clientSecret);
}
///
/// Never transmits a secret. Useful for anonymous clients or clients unable to keep a secret.
///
/// The credential applicator to provide to the instance.
public static ClientCredentialApplicator NoSecret() {
return null;
}
///
/// Applies the client identifier and (when applicable) the client authentication to an outbound message.
///
/// The identifier by which the authorization server should recognize this client.
/// The outbound message to apply authentication information to.
public abstract void ApplyClientCredential(string clientIdentifier, AuthenticatedClientRequestBase request);
///
/// Authenticates the client via HTTP Basic.
///
private class HttpBasicApplicator : ClientCredentialApplicator {
///
/// The client secret.
///
private readonly string clientSecret;
///
/// Initializes a new instance of the class.
///
/// The client secret.
internal HttpBasicApplicator(string clientSecret) {
Requires.NotNullOrEmpty(clientSecret, "clientSecret");
this.clientSecret = clientSecret;
}
///
/// Applies the client identifier and (when applicable) the client authentication to an outbound message.
///
/// The identifier by which the authorization server should recognize this client.
/// The outbound message to apply authentication information to.
public override void ApplyClientCredential(string clientIdentifier, AuthenticatedClientRequestBase request) {
// When using network credentials, the client authentication is not done as standard message parts.
request.ClientIdentifier = null;
request.ClientSecret = null;
OAuthUtilities.ApplyHttpBasicAuth(request.Headers, clientIdentifier, this.clientSecret);
}
}
///
/// Authenticates the client via a client_secret parameter in the message.
///
private class PostParameterApplicator : ClientCredentialApplicator {
///
/// The client secret.
///
private readonly string secret;
///
/// Initializes a new instance of the class.
///
/// The client secret.
internal PostParameterApplicator(string clientSecret) {
Requires.NotNullOrEmpty(clientSecret, "clientSecret");
this.secret = clientSecret;
}
///
/// Applies the client identifier and (when applicable) the client authentication to an outbound message.
///
/// The identifier by which the authorization server should recognize this client.
/// The outbound message to apply authentication information to.
public override void ApplyClientCredential(string clientIdentifier, AuthenticatedClientRequestBase request) {
request.ClientSecret = this.secret;
}
}
}
}