blob: 7886157b928f8514dfd2407b9c2a2ec010247195 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
|
<%@ Page Title="" Language="C#" MasterPageFile="~/Site.Master" AutoEventWireup="true"
CodeBehind="OAuthAuthorize.aspx.cs" Inherits="WebFormsRelyingParty.Members.OAuthAuthorize" %>
<asp:Content ID="Content2" ContentPlaceHolderID="Body" runat="server">
<h2>
Client authorization
</h2>
<asp:MultiView runat="server" ID="outerMultiView" ActiveViewIndex="0">
<asp:View runat="server" ID="getPermissionView">
<div style="background-color: Yellow">
<b>Warning</b>: Never give your login credentials to another web site or application.
</div>
<p>
The
<asp:Label ID="consumerNameLabel" runat="server" Text="(app name)" />
application is requesting to access the private data in your account here. Is that
alright with you?
</p>
<p>
If you grant access now, you can revoke it at any time by returning to <a href="AccountInfo.aspx"
target="_blank">your account page</a>.
</p>
<div style="display: none" id="responseButtonsDiv">
<asp:Button ID="yesButton" runat="server" Text="Yes" OnClick="yesButton_Click" />
<asp:Button ID="noButton" runat="server" Text="No" OnClick="noButton_Click" />
<asp:HiddenField runat="server" ID="csrfCheck" EnableViewState="false" />
</div>
<div id="javascriptDisabled">
<b>Javascript appears to be disabled in your browser. </b>This page requires Javascript
to be enabled to better protect your security.
</div>
<asp:Panel runat="server" BackColor="Red" ForeColor="White" Font-Bold="true" Visible="false"
ID="OAuth10ConsumerWarning">
This website is registered with
<asp:Label runat="server" ID="serviceProviderDomainNameLabel" />
to make authorization requests, but has not been configured to send requests securely.
If you grant access but you did not initiate this request at
<asp:Label runat="server" ID="consumerDomainNameLabel1" />, it may be possible for
other users of
<asp:Label runat="server" ID="consumerDomainNameLabel2" />
to access your data. We recommend you deny access unless you are certain that you
initiated this request directly with
<asp:Label runat="server" ID="consumerDomainNameLabel3" />.
</asp:Panel>
<script language="javascript" type="text/javascript">
//<![CDATA[
// we use HTML to hide the action buttons and Javascript to show them
// to protect against click-jacking in an iframe whose javascript is disabled.
document.getElementById('responseButtonsDiv').style.display = 'block';
document.getElementById('javascriptDisabled').style.display = 'none';
// Frame busting code (to protect us from being hosted in an iframe).
// This protects us from click-jacking.
if (document.location !== window.top.location) {
window.top.location = document.location;
}
//]]>
</script>
</asp:View>
<asp:View ID="authorizationGrantedView" runat="server">
<p>
Authorization has been granted.</p>
<asp:MultiView runat="server" ID="verifierMultiView" ActiveViewIndex="0">
<asp:View ID="verificationCodeView" runat="server">
<p>
You must enter this verification code at the Consumer:
<asp:Label runat="server" ID="verificationCodeLabel" />
</p>
</asp:View>
<asp:View ID="noCallbackView" runat="server">
<p>
You may now close this window and return to the Consumer.
</p>
</asp:View>
</asp:MultiView>
</asp:View>
<asp:View ID="authorizationDeniedView" runat="server">
<p>
Authorization has been denied. You're free to do whatever now.
</p>
</asp:View>
</asp:MultiView>
</asp:Content>
|
