blob: cb7c819a7f9c393ddbaafe8c012bcc57038eec1d (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
|
//-----------------------------------------------------------------------
// <copyright file="OAuth.ashx.cs" company="Andrew Arnott">
// Copyright (c) Andrew Arnott. All rights reserved.
// </copyright>
//-----------------------------------------------------------------------
namespace WebFormsRelyingParty {
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.SessionState;
using DotNetOpenAuth.Messaging;
using DotNetOpenAuth.OAuth;
using DotNetOpenAuth.OAuth.Messages;
using RelyingPartyLogic;
/// <summary>
/// Responds to incoming OAuth Service Provider messages.
/// </summary>
public class OAuth : IHttpHandler, IRequiresSessionState {
/// <summary>
/// Initializes a new instance of the <see cref="OAuth"/> class.
/// </summary>
public OAuth() {
}
/// <summary>
/// Gets a value indicating whether another request can use the <see cref="T:System.Web.IHttpHandler"/> instance.
/// </summary>
/// <returns>
/// true if the <see cref="T:System.Web.IHttpHandler"/> instance is reusable; otherwise, false.
/// </returns>
public bool IsReusable {
get { return true; }
}
/// <summary>
/// Enables processing of HTTP Web requests by a custom HttpHandler that implements the <see cref="T:System.Web.IHttpHandler"/> interface.
/// </summary>
/// <param name="context">An <see cref="T:System.Web.HttpContext"/> object that provides references to the intrinsic server objects (for example, Request, Response, Session, and Server) used to service HTTP requests.</param>
public void ProcessRequest(HttpContext context) {
var serviceProvider = OAuthServiceProvider.ServiceProvider;
var requestMessage = serviceProvider.ReadRequest(new HttpRequestInfo(context.Request));
UnauthorizedTokenRequest unauthorizedTokenRequestMessage;
AuthorizedTokenRequest authorizedTokenRequestMessage;
UserAuthorizationRequest userAuthorizationRequest;
if ((unauthorizedTokenRequestMessage = requestMessage as UnauthorizedTokenRequest) != null) {
var response = serviceProvider.PrepareUnauthorizedTokenMessage(unauthorizedTokenRequestMessage);
serviceProvider.Channel.Send(response);
} else if ((authorizedTokenRequestMessage = requestMessage as AuthorizedTokenRequest) != null) {
var response = serviceProvider.PrepareAccessTokenMessage(authorizedTokenRequestMessage);
serviceProvider.Channel.Send(response);
} else if ((userAuthorizationRequest = requestMessage as UserAuthorizationRequest) != null) {
// This is a browser opening to allow the user to authorize a request token,
// so redirect to the authorization page, which will automatically redirect
// to have the user log in if necessary.
OAuthServiceProvider.PendingAuthorizationRequest = userAuthorizationRequest;
HttpContext.Current.Response.Redirect("~/Members/OAuthAuthorize.aspx");
} else {
throw new InvalidOperationException();
}
}
}
}
|
