// // disable StyleCop on this file //----------------------------------------------------------------------- // // Copyright (c) Outercurve Foundation. All rights reserved. // //----------------------------------------------------------------------- namespace DotNetOpenAuth.OAuth2 { using System; using System.Collections.Generic; ///

/// An enumeration of the OAuth protocol versions supported by this library. ///

public enum ProtocolVersion { ///

/// The OAuth 2.0 specification. ///

V20, } ///

/// Protocol constants for OAuth 2.0. ///

public class Protocol { ///

/// The HTTP authorization scheme "Bearer"; ///

internal const string BearerHttpAuthorizationScheme = "Bearer"; ///

/// The HTTP authorization scheme "Bearer "; ///

internal const string BearerHttpAuthorizationSchemeWithTrailingSpace = BearerHttpAuthorizationScheme + " "; ///

/// The format of the HTTP Authorization header value that authorizes OAuth 2.0 requests using bearer access tokens. ///

internal const string BearerHttpAuthorizationHeaderFormat = BearerHttpAuthorizationSchemeWithTrailingSpace + "{0}"; ///

/// The name of the parameter whose value is an OAuth 2.0 bearer access token, as it is defined /// in a URL-encoded POST entity or URL query string. ///

internal const string BearerTokenEncodedUrlParameterName = "access_token"; ///

/// The "state" string. ///

internal const string state = "state"; ///

/// The "redirect_uri_mismatch" string. ///

internal const string redirect_uri_mismatch = "redirect_uri_mismatch"; ///

/// The "redirect_uri" string. ///

internal const string redirect_uri = "redirect_uri"; ///

/// The "client_id" string. ///

internal const string client_id = "client_id"; ///

/// The "scope" string. ///

internal const string scope = "scope"; ///

/// The "client_secret" string. ///

internal const string client_secret = "client_secret"; ///

/// The "code" string. ///

internal const string code = "code"; ///

/// The "error" string. ///

internal const string error = "error"; ///

/// The "access_token" string. ///

internal const string access_token = "access_token"; ///

/// The "token_type" string. ///

internal const string token_type = "token_type"; ///

/// The "refresh_token" string. ///

internal const string refresh_token = "refresh_token"; ///

/// The "expires_in" string. ///

internal const string expires_in = "expires_in"; ///

/// The "username" string. ///

internal const string username = "username"; ///

/// The "password" string. ///

internal const string password = "password"; ///

/// Gets the instance with values initialized for V1.0 of the protocol. ///

internal static readonly Protocol V20 = new Protocol { Version = new Version(2, 0), ProtocolVersion = ProtocolVersion.V20, }; ///

/// A list of all supported OAuth versions, in order starting from newest version. ///

internal static readonly List AllVersions = new List() { V20 }; ///

/// The default (or most recent) supported version of the OpenID protocol. ///

internal static readonly Protocol Default = AllVersions[0]; ///

/// The "error_uri" string. ///

internal const string error_uri = "error_uri"; ///

/// The "error_description" string. ///

internal const string error_description = "error_description"; ///

/// The "response_type" string. ///

internal const string response_type = "response_type"; ///

/// The "grant_type" string. ///

internal const string grant_type = "grant_type"; ///

/// Gets or sets the OAuth 2.0 version represented by this instance. ///

/// The version. internal Version Version { get; private set; } ///

/// Gets or sets the OAuth 2.0 version represented by this instance. ///

/// The protocol version. internal ProtocolVersion ProtocolVersion { get; private set; } ///

/// Gets the OAuth Protocol instance to use for the given version. ///

/// The OAuth version to get. /// A matching instance. internal static Protocol Lookup(ProtocolVersion version) { switch (version) { case ProtocolVersion.V20: return Protocol.V20; default: throw new ArgumentOutOfRangeException("version"); } } ///

/// Error codes that an authorization server can return to a client in response to a malformed or unsupported end user authorization request. ///

public static class EndUserAuthorizationRequestErrorCodes { ///

/// The request is missing a required parameter, includes an unknown parameter or parameter value, or is otherwise malformed. ///

public const string InvalidRequest = "invalid_request"; ///

/// The client is not authorized to use the requested response type. ///

public const string UnauthorizedClient = "unauthorized_client"; ///

/// The end-user or authorization server denied the request. ///

public const string AccessDenied = "access_denied"; ///

/// The requested response type is not supported by the authorization server. ///

public const string UnsupportedResponseType = "unsupported_response_type"; ///

/// The requested scope is invalid, unknown, or malformed. ///

public const string InvalidScope = "invalid_scope"; ///

/// The authorization server encountered an unexpected condition which prevented it from fulfilling the request. ///

public const string ServerError = "server_error"; ///

/// The authorization server is currently unable to handle the request due to a temporary overloading or maintenance of the server. ///

public const string TemporarilyUnavailable = "temporarily_unavailable"; } ///

/// Values for the "response_type" parameter. ///

internal static class ResponseTypes { ///

/// The string "code". ///

internal const string Code = "code"; ///

/// The string "token". ///

internal const string Token = "token"; } internal static class GrantTypes { internal const string AuthorizationCode = "authorization_code"; internal const string Password = "password"; internal const string Assertion = "assertion"; internal const string RefreshToken = "refresh_token"; internal const string ClientCredentials = "client_credentials"; } ///

/// Error codes that an authorization server can return to a client in response to a malformed or unsupported access token request. ///

internal static class AccessTokenRequestErrorCodes { ///

/// The request is missing a required parameter, includes an unknown parameter or parameter value, repeats a parameter, /// includes multiple credentials, utilizes more than one mechanism for authenticating the client, or is otherwise malformed. ///

internal const string InvalidRequest = "invalid_request"; ///

/// Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). /// The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. /// If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with /// an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme /// used by the client. ///

internal const string InvalidClient = "invalid_client"; ///

/// The provided authorization grant (e.g. authorization code, resource owner credentials) or refresh token is invalid, expired, /// revoked, does not match the redirection URI used in the authorization request, or was issued to another client. ///

internal const string InvalidGrant = "invalid_grant"; ///

/// The authenticated client is not authorized to use this authorization grant type. ///

internal const string UnauthorizedClient = "unauthorized_client"; ///

/// The authorization grant type is not supported by the authorization server. ///

internal const string UnsupportedGrantType = "unsupported_grant_type"; ///

/// The requested scope is invalid, unknown, malformed, or exceeds the scope granted by the resource owner. ///

internal const string InvalidScope = "invalid_scope"; } ///

/// Recognized access token types. ///

internal static class AccessTokenTypes { ///

/// The "bearer" token type. ///

internal const string Bearer = "bearer"; } internal static class BearerTokenUnauthorizedResponseParameters { internal const string Realm = "realm"; internal const string ErrorCode = "error"; internal const string ErrorDescription = "error_description"; internal const string ErrorUri = "error_uri"; internal const string Scope = "scope"; } ///

/// The error codes prescribed in http://self-issued.info/docs/draft-ietf-oauth-v2-bearer.html#resource-error-codes ///

internal static class BearerTokenErrorCodes { ///

/// The request is missing a required parameter, includes an unsupported parameter or parameter value, /// repeats the same parameter, uses more than one method for including an access token, or is otherwise /// malformed. The resource server SHOULD respond with the HTTP 400 (Bad Request) status code. ///

internal const string InvalidRequest = "invalid_request"; ///

/// The access token provided is expired, revoked, malformed, or invalid for other reasons. /// The resource SHOULD respond with the HTTP 401 (Unauthorized) status code. The client MAY request /// a new access token and retry the protected resource request. ///

internal const string InvalidToken = "invalid_token"; ///

/// The request requires higher privileges than provided by the access token. The resource server /// SHOULD respond with the HTTP 403 (Forbidden) status code and MAY include the scope attribute /// with the scope necessary to access the protected resource. ///

internal const string InsufficientScope = "insufficient_scope"; } } }