public Client UpdateClient(OAuth2.DataModels.Client Client) { const string sql = "UPDATE `Client` SET `name` = COALESCE(@name, `name`), `description` = COALESCE(@description, `description`), `secret` = COALESCE(@secret, `secret`), `redirect_uri` = COALESCE(@redirect_uri, `redirect_uri`), `type` = COALESCE(@type, `type`), `icon` = COALESCE(@icon, `icon`), `allowed_scope` = COALESCE(@allowed_scope, `allowed_scope`), `contact_email` = COALESCE(@contact_email, `contact_email`), `owned_by` = COALESCE(@owned_by, `owned_by`), `service_account` = COALESCE(@service_account, `service_account`) WHERE id = @id"; using (IDbConnection db = DBFactory.Open()) { if (db.Execute(sql, new { name = Client.name, description = Client.description, secret = Client.secret, redirect_uri = Client.redirect_uri, type = Client.type, icon = Client.icon, allowed_scope = Client.allowed_scope, contact_email = Client.contact_email, owned_by = Client.owned_by, service_account = Client.service_account, id = Client.id }) != 0) { return(GetClientByID(Client.id)); } return(null); } }
public Client SetClient(OAuth2.DataModels.Client Client, string ResourceOwner) { const string sql = "UPDATE `Client` SET `name` = @name, `description` = @description, `secret` = @secret, `redirect_uri` = @redirect_uri, `type` = @type, `icon` = @icon, `allowed_scope` = @allowed_scope, `contact_email` = @contact_email, `owned_by` = @owned_by, `service_account` = @service_account WHERE id = @id AND (COALESCE(`owned_by`,'NULL') = COALESCE(@current_owned_by, 'NULL'));"; using (IDbConnection db = DBFactory.Open()) { if (db.Execute(sql, new { name = Client.name, description = Client.description, secret = Client.secret, redirect_uri = Client.redirect_uri, type = Client.type, icon = Client.icon, allowed_scope = Client.allowed_scope, contact_email = Client.contact_email, owned_by = Client.owned_by, service_account = Client.service_account, id = Client.id, current_owned_by = ResourceOwner }) != 0) { return(GetClientByID(Client.id)); } return(null); } }
public OAuth2.DataModels.TokenResponse Get(TokenRequest request) { if (request.response_type == null) { Response.StatusCode = 400; throw new OAuth2.DataModels.TokenRequestError() { error = OAuth2.DataModels.ErrorCodes.invalid_request, error_description = "Missing or invalid response type. Valid: token, code", }; } if (request.response_type.Value != AuthTypes.code && request.response_type.Value != AuthTypes.token) { throw new DataModels.TokenRequestError(DataModels.ErrorCodes.unsupported_response_type, "Only the 'code' and 'token' response types are supported for get operations"); } OAuth2.DataModels.Client client = ValidateClient(request.client_id, request.client_password, false, false); Uri clientUri = ValidateRedirectURI(request.redirect_uri, client.redirect_uri); switch (request.response_type.Value) { case AuthTypes.token: HandleTokenGrant(request, client); return(null); case AuthTypes.code: HandleCodeGrant(request, client); return(null); } Response.StatusCode = 500; throw new OAuth2.DataModels.TokenRequestError() { error = OAuth2.DataModels.ErrorCodes.server_error, error_description = "Unknow server error" }; }
public OAuth2.DataModels.TokenResponse Post(TokenRequest request) { if (request.grant_type == null || request.grant_type.Value == AuthTypes.code || request.grant_type.Value == AuthTypes.token) { Response.StatusCode = 400; throw new OAuth2.DataModels.TokenRequestError() { error = OAuth2.DataModels.ErrorCodes.invalid_request, error_description = "Missing or invalid grant type. Valid: " + string.Join(", ", EnumValuesExtension <AuthTypes> .GetValues().Where((cur) => cur != AuthTypes.token && cur != AuthTypes.code)) }; } OAuth2.DataModels.Client client = ValidateClient(request.client_id, request.client_password); Uri clientUri = ValidateRedirectURI(request.redirect_uri, client.redirect_uri); switch (request.grant_type.Value) { case AuthTypes.client_credentials: return(HandleClientCredentialsGrant(request, client)); case AuthTypes.password: return(HandlePasswordGrant(request, client)); case AuthTypes.authorization_code: HandleCodeExchange(request, client); return(null); case AuthTypes.refresh_token: HandleRefreshTokenGrant(request, client); return(null); default: throw new DataModels.TokenRequestError(DataModels.ErrorCodes.invalid_request, string.Format("Grant Type {0} is not supported", request.grant_type.Value)); } }
protected DataModels.Client ValidateClient(string ClientID, string ClientPassword, bool CheckPasswordIfNotWebClient = true, bool RequirePasswordForWebClients = true) { if (string.IsNullOrEmpty(ClientID)) { Response.StatusCode = 400; throw new OAuth2.DataModels.TokenRequestError() { error = OAuth2.DataModels.ErrorCodes.invalid_request, error_description = "Missing client id" }; } OAuth2.DataModels.Client client = ClientModel.GetClientByID(ClientID); if (client == null) { Response.StatusCode = 400; throw new OAuth2.DataModels.TokenRequestError() { error = OAuth2.DataModels.ErrorCodes.unauthorized_client, error_description = "invalid client id or client password specified" }; } if ((((client.type == DataModels.ClientTypes.web_application && RequirePasswordForWebClients) || (CheckPasswordIfNotWebClient && !string.IsNullOrWhiteSpace(client.secret))) && ClientPassword != client.secret)) { Response.StatusCode = 400; throw new OAuth2.DataModels.TokenRequestError() { error = OAuth2.DataModels.ErrorCodes.unauthorized_client, error_description = "invalid client id or client password specified" }; } return(client); }
public Client UpdateClient(OAuth2.DataModels.Client Client, OAuth2.DataModels.ResourceOwner ResourceOwner) { return(UpdateClient(Client, ResourceOwner.id)); }
public bool ClientExists(OAuth2.DataModels.Client Client) { return(ClientExists(Client.id)); }
public bool DeleteClient(OAuth2.DataModels.Client Client) { return(DeleteClient(Client.id)); }
public bool DeleteClient(OAuth2.DataModels.Client Client, OAuth2.DataModels.ResourceOwner ResourceOwner) { return(DeleteClient(Client.id, ResourceOwner.id)); }