protected void allowAccessButton_Click(object sender, EventArgs e) {
			if (this.AuthorizationSecret != this.OAuthAuthorizationSecToken.Value) {
				throw new ArgumentException(); // probably someone trying to hack in.
			}
			this.AuthorizationSecret = null; // clear one time use secret
			var pending = Global.PendingOAuthAuthorization;
			Global.AuthorizePendingRequestToken();
			this.multiView.ActiveViewIndex = 1;

			ServiceProvider sp = new ServiceProvider(Constants.SelfDescription, Global.TokenManager);
			var response = sp.PrepareAuthorizationResponse(pending);
			if (response != null) {
				sp.Channel.Send(response);
			} else {
				if (pending.IsUnsafeRequest) {
					this.verifierMultiView.ActiveViewIndex = 1;
				} else {
					string verifier = ServiceProvider.CreateVerificationCode(VerificationCodeFormat.AlphaNumericNoLookAlikes, 10);
					this.verificationCodeLabel.Text = verifier;
					ITokenContainingMessage requestTokenMessage = pending;
					var requestToken = Global.TokenManager.GetRequestToken(requestTokenMessage.Token);
					requestToken.VerificationCode = verifier;
					Global.TokenManager.UpdateToken(requestToken);
				}
			}
		}
Beispiel #2
0
 public OAuth()
 {
     sp = new ServiceProvider(Constants.SelfDescription, Global.TokenManager, new CustomOAuthMessageFactory(Global.TokenManager));
 }
 /// <summary>
 /// Initializes static members of the <see cref="OAuthHybrid"/> class.
 /// </summary>
 static OAuthHybrid()
 {
     ServiceProvider = new ServiceProvider(GetServiceDescription(), TokenManager);
 }
        /// <summary>
        /// Initializes the <see cref="serviceProvider"/> field if it has not yet been initialized.
        /// </summary>
        private static void EnsureInitialized()
        {
            if (serviceProvider == null)
            {
                lock (initializerLock)
                {
                    if (serviceDescription == null)
                    {
                        var postEndpoint = new MessageReceivingEndpoint(new Uri(Utilities.ApplicationRoot, "OAuth.ashx"), HttpDeliveryMethods.PostRequest);
                        var getEndpoint = new MessageReceivingEndpoint(postEndpoint.Location, HttpDeliveryMethods.GetRequest);
                        serviceDescription = new ServiceProviderDescription
                        {
                            TamperProtectionElements = new ITamperProtectionChannelBindingElement[] { new HmacSha1SigningBindingElement() },
                            RequestTokenEndpoint = postEndpoint,
                            AccessTokenEndpoint = postEndpoint,
                            UserAuthorizationEndpoint = getEndpoint,
                        };
                    }

                    if (tokenManager == null)
                    {
                        tokenManager = new OAuthServiceProviderTokenManager();
                    }

                    if (serviceProvider == null)
                    {
                        serviceProvider = new ServiceProvider(serviceDescription, tokenManager);
                    }
                }
            }
        }
		public async Task SpecAppendixAExample() {
			var serviceDescription = new ServiceProviderDescription(
				"https://photos.example.net/request_token",
				"http://photos.example.net/authorize",
				"https://photos.example.net/access_token");
			var serviceHostDescription = new ServiceProviderHostDescription {
				RequestTokenEndpoint = new MessageReceivingEndpoint(serviceDescription.TemporaryCredentialsRequestEndpoint, HttpDeliveryMethods.PostRequest | HttpDeliveryMethods.AuthorizationHeaderRequest),
				UserAuthorizationEndpoint = new MessageReceivingEndpoint(serviceDescription.ResourceOwnerAuthorizationEndpoint, HttpDeliveryMethods.GetRequest),
				AccessTokenEndpoint = new MessageReceivingEndpoint(serviceDescription.TokenRequestEndpoint, HttpDeliveryMethods.PostRequest | HttpDeliveryMethods.AuthorizationHeaderRequest),
				TamperProtectionElements = new ITamperProtectionChannelBindingElement[] { new HmacSha1SigningBindingElement(), },
			};
			var accessPhotoEndpoint = new Uri("http://photos.example.net/photos?file=vacation.jpg&size=original");
			var consumerDescription = new ConsumerDescription("dpf43f3p2l4k3l03", "kd94hf93k423kf44");

			var tokenManager = new InMemoryTokenManager();
			tokenManager.AddConsumer(consumerDescription);
			var sp = new ServiceProvider(serviceHostDescription, tokenManager);

			Handle(serviceDescription.TemporaryCredentialsRequestEndpoint).By(
				async (request, ct) => {
					var requestTokenMessage = await sp.ReadTokenRequestAsync(request, ct);
					return await sp.Channel.PrepareResponseAsync(sp.PrepareUnauthorizedTokenMessage(requestTokenMessage));
				});
			Handle(serviceDescription.ResourceOwnerAuthorizationEndpoint).By(
				async (request, ct) => {
					var authRequest = await sp.ReadAuthorizationRequestAsync(request, ct);
					((InMemoryTokenManager)sp.TokenManager).AuthorizeRequestToken(authRequest.RequestToken);
					return await sp.Channel.PrepareResponseAsync(sp.PrepareAuthorizationResponse(authRequest));
				});
			Handle(serviceDescription.TokenRequestEndpoint).By(
				async (request, ct) => {
					var accessRequest = await sp.ReadAccessTokenRequestAsync(request, ct);
					return await sp.Channel.PrepareResponseAsync(sp.PrepareAccessTokenMessage(accessRequest), ct);
				});
			Handle(accessPhotoEndpoint).By(
				async (request, ct) => {
					string accessToken = (await sp.ReadProtectedResourceAuthorizationAsync(request)).AccessToken;
					Assert.That(accessToken, Is.Not.Null.And.Not.Empty);
					var responseMessage = new HttpResponseMessage { Content = new ByteArrayContent(new byte[] { 0x33, 0x66 }), };
					responseMessage.Content.Headers.ContentType = new MediaTypeHeaderValue("image/jpeg");
					return responseMessage;
				});

			var consumer = new Consumer(
				consumerDescription.ConsumerKey,
				consumerDescription.ConsumerSecret,
				serviceDescription,
				new MemoryTemporaryCredentialStorage());
			consumer.HostFactories = this.HostFactories;
			var authorizeUrl = await consumer.RequestUserAuthorizationAsync(new Uri("http://printer.example.com/request_token_ready"));
			Uri authorizeResponseUri;
			this.HostFactories.AllowAutoRedirects = false;
			using (var httpClient = this.HostFactories.CreateHttpClient()) {
				using (var response = await httpClient.GetAsync(authorizeUrl)) {
					Assert.That(response.StatusCode, Is.EqualTo(HttpStatusCode.Redirect));
					authorizeResponseUri = response.Headers.Location;
				}
			}

			var accessTokenResponse = await consumer.ProcessUserAuthorizationAsync(authorizeResponseUri);
			Assert.That(accessTokenResponse, Is.Not.Null);

			using (var authorizingClient = consumer.CreateHttpClient(accessTokenResponse.AccessToken)) {
				using (var protectedPhoto = await authorizingClient.GetAsync(accessPhotoEndpoint)) {
					Assert.That(protectedPhoto, Is.Not.Null);
					protectedPhoto.EnsureSuccessStatusCode();
					Assert.That("image/jpeg", Is.EqualTo(protectedPhoto.Content.Headers.ContentType.MediaType));
					Assert.That(protectedPhoto.Content.Headers.ContentLength, Is.Not.EqualTo(0));
				}
			}
		}
        /// <summary>
        /// Initializes the <see cref="serviceProvider"/> field if it has not yet been initialized.
        /// </summary>
        private void EnsureInitialized()
        {
            if (serviceProvider != null)
            {
                return;
            }

            lock (InitializerLock)
            {
                if (serviceDescription == null)
                {
                    var providerConfig = Configuration.OAuthSectionGroup.ServiceProvider;
                    var requestTokenUrl = new MessageReceivingEndpoint(new Uri(providerConfig.Endpoints.RequestToken.Url), HttpDeliveryMethods.PostRequest);
                    var accessTokenUrl = new MessageReceivingEndpoint(new Uri(providerConfig.Endpoints.AccessToken.Url), HttpDeliveryMethods.GetRequest);
                    var authorisationUrl = new MessageReceivingEndpoint(new Uri(providerConfig.Endpoints.UserAuthorisation.Url), HttpDeliveryMethods.GetRequest);
                    serviceDescription = new ServiceProviderDescription
                    {
                        TamperProtectionElements = new ITamperProtectionChannelBindingElement[] { new HmacSha1SigningBindingElement() },
                        RequestTokenEndpoint = requestTokenUrl,
                        AccessTokenEndpoint = accessTokenUrl,
                        UserAuthorizationEndpoint = authorisationUrl,
                    };
                }

                if (tokenManager == null)
                {
                    tokenManager = new TokenManager(this.consumers, this.issuedTokens);
                }

                if (nonceDbStore == null)
                {
                    nonceDbStore = new NonceDbStore(this.nonces);
                }

                if (serviceProvider == null)
                {
                    serviceProvider = new ServiceProvider(serviceDescription, tokenManager, nonceDbStore);
                }
            }
        }