blob: 3149923339d947cea50fafdfa69b5aea9d552c1e (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
|
namespace OAuth2ProtectedWebApi {
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using DotNetOpenAuth.Messaging.Bindings;
using DotNetOpenAuth.OAuth2;
using DotNetOpenAuth.OAuth2.ChannelElements;
using DotNetOpenAuth.OAuth2.Messages;
using OAuth2ProtectedWebApi.Code;
public class AuthorizationServerHost : IAuthorizationServerHost {
private static ICryptoKeyStore cryptoKeyStore = MemoryCryptoKeyStore.Instance;
public ICryptoKeyStore CryptoKeyStore {
get { return cryptoKeyStore; }
}
public INonceStore NonceStore {
get {
// Implementing a nonce store is a good idea as it mitigates replay attacks.
return null;
}
}
public AccessTokenResult CreateAccessToken(IAccessTokenRequest accessTokenRequestMessage) {
var accessToken = new AuthorizationServerAccessToken();
accessToken.Lifetime = TimeSpan.FromHours(1);
accessToken.SymmetricKeyStore = this.CryptoKeyStore;
var result = new AccessTokenResult(accessToken);
return result;
}
public IClientDescription GetClient(string clientIdentifier) {
return new ClientDescription("b", new Uri("http://www.microsoft.com/en-us/default.aspx"), ClientType.Confidential);
}
public bool IsAuthorizationValid(IAuthorizationDescription authorization) {
return true;
}
public AutomatedUserAuthorizationCheckResponse CheckAuthorizeResourceOwnerCredentialGrant(string userName, string password, IAccessTokenRequest accessRequest) {
throw new NotSupportedException();
}
public AutomatedAuthorizationCheckResponse CheckAuthorizeClientCredentialsGrant(IAccessTokenRequest accessRequest) {
throw new NotSupportedException();
}
}
}
|
