//----------------------------------------------------------------------- // // Copyright (c) Outercurve Foundation. All rights reserved. // //----------------------------------------------------------------------- namespace DotNetOpenAuth.OAuth2 { using System; using System.Collections.Generic; using System.Diagnostics.Contracts; using System.Linq; using System.Net; using System.Text; using System.Web; using DotNetOpenAuth.Messaging; using DotNetOpenAuth.OAuth2.Messages; ///

/// An OAuth 2.0 consumer designed for web applications. ///

public class WebServerClient : ClientBase { ///

/// Initializes a new instance of the class. ///

/// The authorization server. /// The client identifier. /// The client secret. public WebServerClient(AuthorizationServerDescription authorizationServer, string clientIdentifier = null, string clientSecret = null) : base(authorizationServer, clientIdentifier, clientSecret) { } ///

/// Gets or sets an optional component that gives you greater control to record and influence the authorization process. ///

/// The authorization tracker. public IClientAuthorizationTracker AuthorizationTracker { get; set; } ///

/// Prepares a request for user authorization from an authorization server. ///

/// The scope of authorized access requested. /// The state of the client that should be sent back with the authorization response. /// The URL the authorization server should redirect the browser (typically on this site) to when the authorization is completed. If null, the current request's URL will be used. public void RequestUserAuthorization(IEnumerable scope = null, string state = null, Uri returnTo = null) { var authorizationState = new AuthorizationState(scope) { Callback = returnTo, }; this.PrepareRequestUserAuthorization(authorizationState, state).Send(); } ///

/// Prepares a request for user authorization from an authorization server. ///

/// The scope of authorized access requested. /// The state of the client that should be sent back with the authorization response. /// The URL the authorization server should redirect the browser (typically on this site) to when the authorization is completed. If null, the current request's URL will be used. /// The authorization request. public OutgoingWebResponse PrepareRequestUserAuthorization(IEnumerable scopes = null, string state = null, Uri returnTo = null) { var authorizationState = new AuthorizationState(scopes) { Callback = returnTo, }; return this.PrepareRequestUserAuthorization(authorizationState, state); } ///

/// Prepares a request for user authorization from an authorization server. ///

/// The authorization state to associate with this particular request. /// The state of the client that should be sent back with the authorization response. /// The authorization request. public OutgoingWebResponse PrepareRequestUserAuthorization(IAuthorizationState authorization, string state = null) { Requires.NotNull(authorization, "authorization"); Requires.ValidState(authorization.Callback != null || (HttpContext.Current != null && HttpContext.Current.Request != null), MessagingStrings.HttpContextRequired); Requires.ValidState(!string.IsNullOrEmpty(this.ClientIdentifier)); Contract.Ensures(Contract.Result() != null); if (authorization.Callback == null) { authorization.Callback = this.Channel.GetRequestFromContext().UrlBeforeRewriting .StripMessagePartsFromQueryString(this.Channel.MessageDescriptions.Get(typeof(EndUserAuthorizationSuccessResponseBase), Protocol.Default.Version)) .StripMessagePartsFromQueryString(this.Channel.MessageDescriptions.Get(typeof(EndUserAuthorizationFailedResponse), Protocol.Default.Version)); authorization.SaveChanges(); } var request = new EndUserAuthorizationRequest(this.AuthorizationServer) { ClientIdentifier = this.ClientIdentifier, Callback = authorization.Callback, ClientState = state, }; request.Scope.ResetContents(authorization.Scope); return this.Channel.PrepareResponse(request); } ///

/// Processes the authorization response from an authorization server, if available. ///

/// The incoming HTTP request that may carry an authorization response. /// The authorization state that contains the details of the authorization. public IAuthorizationState ProcessUserAuthorization(HttpRequestInfo request = null) { Requires.ValidState(!string.IsNullOrEmpty(this.ClientIdentifier)); Requires.ValidState(!string.IsNullOrEmpty(this.ClientSecret)); if (request == null) { request = this.Channel.GetRequestFromContext(); } IMessageWithClientState response; if (this.Channel.TryReadFromRequest(request, out response)) { Uri callback = MessagingUtilities.StripMessagePartsFromQueryString(request.UrlBeforeRewriting, this.Channel.MessageDescriptions.Get(response)); IAuthorizationState authorizationState; if (this.AuthorizationTracker != null) { authorizationState = this.AuthorizationTracker.GetAuthorizationState(callback, response.ClientState); ErrorUtilities.VerifyProtocol(authorizationState != null, OAuth2Strings.AuthorizationResponseUnexpectedMismatch); } else { authorizationState = new AuthorizationState { Callback = callback }; } var success = response as EndUserAuthorizationSuccessAuthCodeResponse; var failure = response as EndUserAuthorizationFailedResponse; ErrorUtilities.VerifyProtocol(success != null || failure != null, MessagingStrings.UnexpectedMessageReceivedOfMany); if (success != null) { this.UpdateAuthorizationWithResponse(authorizationState, success); } else { // failure Logger.OAuth.Info("User refused to grant the requested authorization at the Authorization Server."); authorizationState.Delete(); } return authorizationState; } return null; } } }