/// <summary>
/// Attempts to extract client identification/authentication information from a message.
/// </summary>
/// <param name="authorizationServerHost">The authorization server host.</param>
/// <param name="requestMessage">The incoming message.</param>
/// <param name="clientIdentifier">Receives the client identifier, if one was found.</param>
/// <returns>The level of the extracted client information.</returns>
public override ClientAuthenticationResult TryAuthenticateClient(IAuthorizationServerHost authorizationServerHost, AuthenticatedClientRequestBase requestMessage, out string clientIdentifier)
{
ClientAuthenticationModule authenticator = null;
ClientAuthenticationResult result = ClientAuthenticationResult.NoAuthenticationRecognized;
clientIdentifier = null;
foreach (var candidateAuthenticator in this.authenticators)
{
string candidateClientIdentifier;
var resultCandidate = candidateAuthenticator.TryAuthenticateClient(authorizationServerHost, requestMessage, out candidateClientIdentifier);
ErrorUtilities.VerifyProtocol(
result == ClientAuthenticationResult.NoAuthenticationRecognized || resultCandidate == ClientAuthenticationResult.NoAuthenticationRecognized,
"Message rejected because multiple forms of client authentication ({0} and {1}) were detected, which is forbidden by the OAuth 2 Protocol Framework specification.",
authenticator,
candidateAuthenticator);
if (resultCandidate != ClientAuthenticationResult.NoAuthenticationRecognized)
{
authenticator = candidateAuthenticator;
result = resultCandidate;
clientIdentifier = candidateClientIdentifier;
}
}
return(result);
}
/// <summary>
/// Initializes a new instance of the <see cref="OAuth2AuthorizationServerChannel"/> class.
/// </summary>
/// <param name="authorizationServer">The authorization server.</param>
/// <param name="clientAuthenticationModule">The aggregating client authentication module.</param>
protected internal OAuth2AuthorizationServerChannel(IAuthorizationServerHost authorizationServer, ClientAuthenticationModule clientAuthenticationModule)
: base(MessageTypes, InitializeBindingElements(authorizationServer, clientAuthenticationModule))
{
this.AuthorizationServer = authorizationServer;
}
/// <summary>
/// Initializes the binding elements for the OAuth channel.
/// </summary>
/// <param name="authorizationServer">The authorization server.</param>
/// <param name="clientAuthenticationModule">The aggregating client authentication module.</param>
/// <returns>
/// An array of binding elements used to initialize the channel.
/// </returns>
private static IChannelBindingElement[] InitializeBindingElements(IAuthorizationServerHost authorizationServer, ClientAuthenticationModule clientAuthenticationModule)
{
var bindingElements = new List <IChannelBindingElement>();
// The order they are provided is used for outgoing messgaes, and reversed for incoming messages.
bindingElements.Add(new MessageValidationBindingElement(clientAuthenticationModule));
bindingElements.Add(new TokenCodeSerializationBindingElement());
return(bindingElements.ToArray());
}
/// <summary>
/// Initializes a new instance of the <see cref="MessageValidationBindingElement"/> class.
/// </summary>
/// <param name="clientAuthenticationModule">The aggregating client authentication module.</param>
internal MessageValidationBindingElement(ClientAuthenticationModule clientAuthenticationModule)
{
this.clientAuthenticationModule = clientAuthenticationModule;
}
