public static Exception AccessDeniedToProtectedResource(AccessOutcome outcome)
{
Uri uri = outcome.Context.GenerateUri();
if (string.IsNullOrEmpty(outcome.AdditionalInfo))
{
return(new AccessDeniedException(outcome, string.Format("Access to resource \"{0}\" was denied", uri)));
}
return(new AccessDeniedException(outcome,
string.Format("Access to resource: {0} was denied, additional info: {1}",
uri, outcome.AdditionalInfo)));
}
public void AccessProtectedResource()
{
OAuthConsumer consumer = CreateConsumer(SignatureMethod.RsaSha1);
var contextFactory = new OAuthContextFactory();
OAuthContext context = contextFactory.FromUri("GET", new Uri("http://localhost/protected.rails"));
consumer.SignContext(context,
new TokenBase {
ConsumerKey = "key", Token = "accesskey", TokenSecret = "accesssecret"
});
AccessOutcome outcome = provider.VerifyProtectedResourceRequest(context);
Assert.IsTrue(outcome.Granted, outcome.AdditionalInfo);
Assert.IsNotNull(outcome.AccessToken);
}
protected override bool OnBeforeAction(IEngineContext context, IController controller,
IControllerContext controllerContext)
{
var authService = context.Services.GetService <IOAuthService>();
AccessOutcome outcome = authService.AccessProtectedResource(context.Request);
_threadOutcome = outcome;
if (!outcome.Granted)
{
controllerContext.PropertyBag["outcome"] = outcome;
throw Error.AccessDeniedToProtectedResource(outcome);
}
return(true);
}
protected override void OnAfterRendering(IEngineContext context, IController controller,
IControllerContext controllerContext)
{
_threadOutcome = null;
}
public AccessDeniedException(AccessOutcome outcome, string message) : base(message)
{
_outcome = outcome;
}
public AccessDeniedException(AccessOutcome outcome)
: this(outcome, null)
{
}
