/// <summary> /// Prepares a message containing an unauthorized token for the Consumer to use in a /// user agent redirect for subsequent authorization. /// </summary> /// <param name="request">The token request message the Consumer sent that the Service Provider is now responding to.</param> /// <returns>The response message to send using the <see cref="Channel"/>, after optionally adding extra data to it.</returns> public UnauthorizedTokenResponse PrepareUnauthorizedTokenMessage(UnauthorizedTokenRequest request) { Requires.NotNull(request, "request"); string token = this.TokenGenerator.GenerateRequestToken(request.ConsumerKey); string secret = this.TokenGenerator.GenerateSecret(); UnauthorizedTokenResponse response = new UnauthorizedTokenResponse(request, token, secret); return(response); }
/// <summary> /// Prepares a message containing an unauthorized token for the Consumer to use in a /// user agent redirect for subsequent authorization. /// </summary> /// <param name="request">The token request message the Consumer sent that the Service Provider is now responding to.</param> /// <returns>The response message to send using the <see cref="Channel"/>, after optionally adding extra data to it.</returns> public UnauthorizedTokenResponse PrepareUnauthorizedTokenMessage(UnauthorizedTokenRequest request) { Contract.Requires <ArgumentNullException>(request != null); string token = this.TokenGenerator.GenerateRequestToken(request.ConsumerKey); string secret = this.TokenGenerator.GenerateSecret(); UnauthorizedTokenResponse response = new UnauthorizedTokenResponse(request, token, secret); return(response); }
/// <summary> /// Prepares a message containing an unauthorized token for the Consumer to use in a /// user agent redirect for subsequent authorization. /// </summary> /// <param name="request">The token request message the Consumer sent that the Service Provider is now responding to.</param> /// <returns>The response message to send using the <see cref="Channel"/>, after optionally adding extra data to it.</returns> public UnauthorizedTokenResponse PrepareUnauthorizedTokenMessage(UnauthorizedTokenRequest request) { if (request == null) { throw new ArgumentNullException("request"); } string token = this.TokenGenerator.GenerateRequestToken(request.ConsumerKey); string secret = this.TokenGenerator.GenerateSecret(); UnauthorizedTokenResponse response = new UnauthorizedTokenResponse(request, token, secret); return(response); }
public void ProcessRequest(HttpContext context) { IProtocolMessage request = m_Provider.ReadRequest(); UnauthorizedTokenRequest requestToken = null; UserAuthorizationRequest requestAuth = null; AuthorizedTokenRequest requestAccessToken; if ((requestToken = request as UnauthorizedTokenRequest) != null) { UnauthorizedTokenResponse response = m_Provider.PrepareUnauthorizedTokenMessage(requestToken); m_Provider.Channel.Send(response); } else if ((requestAuth = request as UserAuthorizationRequest) != null) { string token = ((ITokenContainingMessage)requestAuth).Token; ((TokenProvider)m_Provider.TokenManager).UpdatePendingUserAuthorizationRequest(token, requestAuth); TokenProvider.SetTokenCookie(token); if (context == null) { throw new ArgumentNullException("context"); } context.Response.Redirect(ActionProvider.FindAction(ActionProvider.OAuthPageActionId).AbsoluteNavigateUrl); } else if ((requestAccessToken = request as AuthorizedTokenRequest) != null) { AuthorizedTokenResponse response = m_Provider.PrepareAccessTokenMessage(requestAccessToken); OAuthDataSet.OAuthTokenRow row = (OAuthDataSet.OAuthTokenRow)m_Provider.TokenManager.GetAccessToken(response.AccessToken); response.ExtraData.Add(new KeyValuePair <string, string>("api_token", LoginProvider.Current.GetToken(row.LoginId))); if (!row.IsOrganizationIdNull()) { response.ExtraData.Add(new KeyValuePair <string, string>("org", OrganizationProvider.GetOrganization(row.OrganizationId).PseudoId)); if (!row.IsInstanceIdNull()) { response.ExtraData.Add(new KeyValuePair <string, string>("dept", InstanceProvider.GetInstance(row.InstanceId, row.OrganizationId).PseudoId)); } } m_Provider.Channel.Send(response); } else { throw new InvalidOperationException(); } }
/// <summary> /// Analyzes an incoming request message payload to discover what kind of /// message is embedded in it and returns the type, or null if no match is found. /// </summary> /// <param name="request"> /// The message that was sent as a request that resulted in the response. /// Null on a Consumer site that is receiving an indirect message from the Service Provider. /// </param> /// <param name="fields">The name/value pairs that make up the message payload.</param> /// <returns> /// A newly instantiated <see cref="IProtocolMessage"/>-derived object that this message can /// deserialize to. Null if the request isn't recognized as a valid protocol message. /// </returns> /// <remarks> /// The response messages are: /// UnauthorizedTokenResponse /// AuthorizedTokenResponse /// </remarks> public virtual IDirectResponseProtocolMessage GetNewResponseMessage(IDirectedProtocolMessage request, IDictionary <string, string> fields) { ErrorUtilities.VerifyArgumentNotNull(request, "request"); ErrorUtilities.VerifyArgumentNotNull(fields, "fields"); MessageBase message = null; // All response messages have the oauth_token field. if (!fields.ContainsKey("oauth_token")) { return(null); } // All direct message responses should have the oauth_token_secret field. if (!fields.ContainsKey("oauth_token_secret")) { Logger.Error("An OAuth message was expected to contain an oauth_token_secret but didn't."); return(null); } var unauthorizedTokenRequest = request as UnauthorizedTokenRequest; var authorizedTokenRequest = request as AuthorizedTokenRequest; if (unauthorizedTokenRequest != null) { message = new UnauthorizedTokenResponse(unauthorizedTokenRequest); } else if (authorizedTokenRequest != null) { message = new AuthorizedTokenResponse(authorizedTokenRequest); } else { Logger.ErrorFormat("Unexpected response message given the request type {0}", request.GetType().Name); throw new ProtocolException(OAuthStrings.InvalidIncomingMessage); } if (message != null) { message.SetAsIncoming(); } return(message); }