blob: c21ae26bc9c960be5a188d7d4446aa250d88df02 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
|
//-----------------------------------------------------------------------
// <copyright file="OAuthAuthorize.aspx.cs" company="Andrew Arnott">
// Copyright (c) Andrew Arnott. All rights reserved.
// </copyright>
//-----------------------------------------------------------------------
namespace WebFormsRelyingParty.Members {
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using DotNetOpenAuth.OAuth;
using DotNetOpenAuth.OAuth.Messages;
using RelyingPartyLogic;
using WebFormsRelyingParty.Code;
public partial class OAuthAuthorize : System.Web.UI.Page {
protected void Page_Load(object sender, EventArgs e) {
if (!IsPostBack) {
var pendingRequest = OAuthServiceProvider.PendingAuthorizationRequest;
if (pendingRequest == null) {
Response.Redirect("AccountInfo.aspx");
}
this.csrfCheck.Value = Code.SiteUtilities.SetCsrfCookie();
this.consumerNameLabel.Text = HttpUtility.HtmlEncode(OAuthServiceProvider.PendingAuthorizationConsumer.Name);
this.OAuth10ConsumerWarning.Visible = pendingRequest.IsUnsafeRequest;
this.serviceProviderDomainNameLabel.Text = HttpUtility.HtmlEncode(this.Request.Url.Host);
this.consumerDomainNameLabel3.Text = this.consumerDomainNameLabel2.Text = this.consumerDomainNameLabel1.Text = HttpUtility.HtmlEncode(OAuthServiceProvider.PendingAuthorizationConsumer.Name);
} else {
Code.SiteUtilities.VerifyCsrfCookie(this.csrfCheck.Value);
}
}
protected void yesButton_Click(object sender, EventArgs e) {
this.outerMultiView.SetActiveView(this.authorizationGrantedView);
var consumer = OAuthServiceProvider.PendingAuthorizationConsumer;
var tokenManager = OAuthServiceProvider.ServiceProvider.TokenManager;
var pendingRequest = OAuthServiceProvider.PendingAuthorizationRequest;
ITokenContainingMessage requestTokenMessage = pendingRequest;
var requestToken = tokenManager.GetRequestToken(requestTokenMessage.Token);
OAuthServiceProvider.AuthorizePendingRequestToken();
// The rest of this method only executes if we couldn't automatically
// redirect to the consumer.
if (pendingRequest.IsUnsafeRequest) {
this.verifierMultiView.SetActiveView(this.noCallbackView);
} else {
this.verifierMultiView.SetActiveView(this.verificationCodeView);
string verifier = ServiceProvider.CreateVerificationCode(consumer.VerificationCodeFormat, consumer.VerificationCodeLength);
this.verificationCodeLabel.Text = HttpUtility.HtmlEncode(verifier);
requestToken.VerificationCode = verifier;
tokenManager.UpdateToken(requestToken);
}
}
protected void noButton_Click(object sender, EventArgs e) {
this.outerMultiView.SetActiveView(this.authorizationDeniedView);
OAuthServiceProvider.PendingAuthorizationRequest = null;
}
}
}
|
