//----------------------------------------------------------------------- // // Copyright (c) Outercurve Foundation. All rights reserved. // //----------------------------------------------------------------------- namespace DotNetOpenAuth.OAuth2.ChannelElements { using System; using System.Collections.Generic; using System.Linq; using System.Text; using Messages; using Messaging; using Messaging.Bindings; ///

/// A binding element for OAuth 2.0 authorization servers that create/verify /// issued authorization codes as part of obtaining access/refresh tokens. ///

internal class AuthorizationCodeBindingElement : AuthServerBindingElementBase { ///

/// Initializes a new instance of the class. ///

internal AuthorizationCodeBindingElement() { } ///

/// Gets the protection commonly offered (if any) by this binding element. ///

/// Always MessageProtections.None /// /// This value is used to assist in sorting binding elements in the channel stack. /// public override MessageProtections Protection { get { return MessageProtections.None; } } ///

/// Gets the maximum message age from the standard expiration binding element. ///

/// This interval need not account for clock skew because it is only compared within a single authorization server or farm of servers. internal static TimeSpan MaximumMessageAge { get { return Configuration.DotNetOpenAuthSection.Messaging.MaximumMessageLifetimeNoSkew; } } ///

/// Prepares a message for sending based on the rules of this channel binding element. ///

/// The message to prepare for sending. /// /// The protections (if any) that this binding element applied to the message. /// Null if this binding element did not even apply to this binding element. /// /// /// Implementations that provide message protection must honor the /// properties where applicable. /// public override MessageProtections? ProcessOutgoingMessage(IProtocolMessage message) { var response = message as EndUserAuthorizationSuccessAuthCodeResponse; if (response != null) { var directResponse = (IDirectResponseProtocolMessage)response; var request = (EndUserAuthorizationRequest)directResponse.OriginatingRequest; IAuthorizationCarryingRequest tokenCarryingResponse = response; tokenCarryingResponse.AuthorizationDescription = new AuthorizationCode(request.ClientIdentifier, request.Callback, response.Scope, response.AuthorizingUsername); return MessageProtections.None; } return null; } ///

/// Performs any transformation on an incoming message that may be necessary and/or /// validates an incoming message based on the rules of this channel binding element. ///

/// The incoming message to process. /// /// The protections (if any) that this binding element applied to the message. /// Null if this binding element did not even apply to this binding element. /// /// /// Thrown when the binding element rules indicate that this message is invalid and should /// NOT be processed. /// /// /// Implementations that provide message protection must honor the /// properties where applicable. /// public override MessageProtections? ProcessIncomingMessage(IProtocolMessage message) { var request = message as AccessTokenAuthorizationCodeRequest; if (request != null) { IAuthorizationCarryingRequest tokenRequest = request; ((AuthorizationCode)tokenRequest.AuthorizationDescription).VerifyCallback(request.Callback); return MessageProtections.None; } return null; } } }