/// <summary> /// Initializes a new instance of the <see cref="AutoResponsiveRequest"/> class. /// </summary> /// <param name="request">The request message.</param> /// <param name="response">The response that is ready for transmittal.</param> internal AutoResponsiveRequest(IDirectedProtocolMessage request, IProtocolMessage response) : base(request) { ErrorUtilities.VerifyArgumentNotNull(response, "response"); this.response = response; }
public void ReadFromRequestAuthorizationScattered() { // Start by creating a standard POST HTTP request. var postedFields = new Dictionary <string, string> { { "age", "15" }, }; // Now add another field to the request URL var builder = new UriBuilder(MessagingTestBase.DefaultUrlForHttpRequestInfo); builder.Query = "Name=Andrew"; // Finally, add an Authorization header var authHeaderFields = new Dictionary <string, string> { { "Location", "http://hostb/pathB" }, { "Timestamp", XmlConvert.ToString(DateTime.UtcNow, XmlDateTimeSerializationMode.Utc) }, }; var headers = new NameValueCollection(); headers.Add(HttpRequestHeaders.Authorization, CreateAuthorizationHeader(authHeaderFields)); headers.Add(HttpRequestHeaders.ContentType, Channel.HttpFormUrlEncoded); var requestInfo = new HttpRequestInfo("POST", builder.Uri, form: postedFields.ToNameValueCollection(), headers: headers); IDirectedProtocolMessage requestMessage = this.channel.ReadFromRequest(requestInfo); Assert.IsNotNull(requestMessage); Assert.IsInstanceOf <TestMessage>(requestMessage); TestMessage testMessage = (TestMessage)requestMessage; Assert.AreEqual(15, testMessage.Age); Assert.AreEqual("Andrew", testMessage.Name); Assert.AreEqual("http://hostb/pathB", testMessage.Location.AbsoluteUri); }
/// <summary> /// Initializes a new instance of the <see cref="AutoResponsiveRequest"/> class. /// </summary> /// <param name="provider">The provider that received the request message.</param> /// <param name="request">The request message.</param> /// <param name="response">The response that is ready for transmittal.</param> internal AutoResponsiveRequest(OpenIdProvider provider, IDirectedProtocolMessage request, IProtocolMessage response) : base(provider, request) { ErrorUtilities.VerifyArgumentNotNull(response, "response"); this.response = response; }
/// <summary> /// Initializes a web request for sending by attaching a message to it. /// Use this method to prepare a protected resource request that you do NOT /// expect an OAuth message response to. /// </summary> /// <param name="request">The message to attach.</param> /// <returns>The initialized web request.</returns> internal HttpWebRequest InitializeRequest(IDirectedProtocolMessage request) { Contract.Requires <ArgumentNullException>(request != null); ProcessOutgoingMessage(request); return(this.CreateHttpRequest(request)); }
protected override IProtocolMessage RequestCore(IDirectedProtocolMessage request) { this.ProcessMessageFilter(request, true); // Drop the outgoing message in the other channel's in-slot and let them know it's there. this.RemoteChannel.PostMessage(request); // Now wait for a response... MessageReceivingEndpoint recipient; WebHeaderCollection headers; IDictionary <string, string> responseData = this.AwaitIncomingMessage(out recipient, out headers); ErrorUtilities.VerifyInternal(recipient == null, "The recipient is expected to be null for direct responses."); // And deserialize it. IDirectResponseProtocolMessage responseMessage = this.MessageFactory.GetNewResponseMessage(request, responseData); if (responseMessage == null) { return(null); } var responseAccessor = this.MessageDescriptions.GetAccessor(responseMessage); responseAccessor.Deserialize(responseData); var responseMessageHttpRequest = responseMessage as IHttpDirectRequest; if (headers != null && responseMessageHttpRequest != null) { headers.ApplyTo(responseMessageHttpRequest.Headers); } this.ProcessMessageFilter(responseMessage, false); return(responseMessage); }
protected virtual MessageDescription GetMessageDescription(IDirectedProtocolMessage request, IDictionary <string, string> fields) { var matches = (from responseMessageType in this.responseMessageTypes let messge = responseMessageType.Key where messge.CheckMessagePartsPassBasicValidation(fields) let ctors = this.FindMatchingResponseConstructors(messge, request.GetType()) where ctors.Any() orderby GetDerivationDistance(ctors.First().GetParameters()[0].ParameterType, request.GetType()), CountInCommon(messge.Mapping.Keys, fields.Keys) descending, messge.Mapping.Count descending select messge).CacheGeneratedResults(); var match = matches.FirstOrDefault(); if (match != null) { if (Logger.Messaging.IsWarnEnabled() && matches.Count() > 1) { Logger.Messaging.WarnFormat( "Multiple message types seemed to fit the incoming data: {0}", matches.ToStringDeferred()); } return(match); } else { return(null); } }
/// <summary> /// Creates a web request prepared with OAuth authorization /// that may be further tailored by adding parameters by the caller. /// </summary> /// <param name="endpoint">The URL and method on the Service Provider to send the request to.</param> /// <param name="accessToken">The access token that permits access to the protected resource.</param> /// <returns>The initialized WebRequest object.</returns> public WebRequest PrepareAuthorizedRequest(MessageReceivingEndpoint endpoint, string accessToken) { IDirectedProtocolMessage message = this.CreateAuthorizingMessage(endpoint, accessToken); HttpWebRequest wr = this.OAuthChannel.InitializeRequest(message); return(wr); }
/// <summary> /// Initializes a new instance of the <see cref="AutoResponsiveRequest"/> class. /// </summary> /// <param name="request">The request message.</param> /// <param name="response">The response that is ready for transmittal.</param> /// <param name="securitySettings">The security settings.</param> internal AutoResponsiveRequest(IDirectedProtocolMessage request, IProtocolMessage response, ProviderSecuritySettings securitySettings) : base(request, securitySettings) { ErrorUtilities.VerifyArgumentNotNull(response, "response"); this.response = response; }
/// <summary> /// Initializes a new instance of the <see cref="DirectResponseBase"/> class. /// </summary> /// <param name="responseVersion">The OpenID version of the response message.</param> /// <param name="originatingRequest">The originating request. May be null in case the request is unrecognizable and this is an error response.</param> protected DirectResponseBase(Version responseVersion, IDirectedProtocolMessage originatingRequest) { Contract.Requires <ArgumentNullException>(responseVersion != null); this.Version = responseVersion; this.originatingRequest = originatingRequest; }
/// <summary> /// Analyzes an incoming request message payload to discover what kind of /// message is embedded in it and returns the type, or null if no match is found. /// </summary> /// <param name="request"> /// The message that was sent as a request that resulted in the response. /// Null on a Consumer site that is receiving an indirect message from the Service Provider. /// </param> /// <param name="fields">The name/value pairs that make up the message payload.</param> /// <returns> /// A newly instantiated <see cref="IProtocolMessage"/>-derived object that this message can /// deserialize to. Null if the request isn't recognized as a valid protocol message. /// </returns> /// <remarks> /// The response messages are: /// UnauthorizedTokenResponse /// AuthorizedTokenResponse /// </remarks> public virtual IDirectResponseProtocolMessage GetNewResponseMessage(IDirectedProtocolMessage request, IDictionary<string, string> fields) { MessageBase message = null; // All response messages have the oauth_token field. if (!fields.ContainsKey("oauth_token")) { return null; } // All direct message responses should have the oauth_token_secret field. if (!fields.ContainsKey("oauth_token_secret")) { Logger.OAuth.Error("An OAuth message was expected to contain an oauth_token_secret but didn't."); return null; } var unauthorizedTokenRequest = request as UnauthorizedTokenRequest; var authorizedTokenRequest = request as AuthorizedTokenRequest; if (unauthorizedTokenRequest != null) { Protocol protocol = fields.ContainsKey("oauth_callback_confirmed") ? Protocol.V10a : Protocol.V10; message = new UnauthorizedTokenResponse(unauthorizedTokenRequest, protocol.Version); } else if (authorizedTokenRequest != null) { message = new AuthorizedTokenResponse(authorizedTokenRequest); } else { Logger.OAuth.ErrorFormat("Unexpected response message given the request type {0}", request.GetType().Name); throw new ProtocolException(OAuthStrings.InvalidIncomingMessage); } if (message != null) { message.SetAsIncoming(); } return message; }
/// <summary> /// Initializes a new instance of the <see cref="DirectResponseBase"/> class. /// </summary> /// <param name="responseVersion">The OpenID version of the response message.</param> /// <param name="originatingRequest">The originating request. May be null in case the request is unrecognizable and this is an error response.</param> protected DirectResponseBase(Version responseVersion, IDirectedProtocolMessage originatingRequest) { ErrorUtilities.VerifyArgumentNotNull(responseVersion, "responseVersion"); this.Version = responseVersion; this.originatingRequest = originatingRequest; }
/// <summary> /// Creates a web request prepared with OAuth authorization /// that may be further tailored by adding parameters by the caller. /// </summary> /// <param name="endpoint">The URL and method on the Service Provider to send the request to.</param> /// <param name="accessToken">The access token that permits access to the protected resource.</param> /// <returns>The initialized WebRequest object.</returns> /// <exception cref="WebException">Thrown if the request fails for any reason after it is sent to the Service Provider.</exception> public IncomingWebResponse PrepareAuthorizedRequestAndSend(MessageReceivingEndpoint endpoint, string accessToken) { IDirectedProtocolMessage message = this.CreateAuthorizingMessage(endpoint, accessToken); HttpWebRequest wr = this.OAuthChannel.InitializeRequest(message); return(this.Channel.WebRequestHandler.GetResponse(wr)); }
/// <summary> /// Initializes a web request for sending by attaching a message to it. /// Use this method to prepare a protected resource request that you do NOT /// expect an OAuth message response to. /// </summary> /// <param name="request">The message to attach.</param> /// <returns>The initialized web request.</returns> internal HttpWebRequest InitializeRequest(IDirectedProtocolMessage request) { ErrorUtilities.VerifyArgumentNotNull(request, "request"); PrepareMessageForSending(request); return(this.CreateHttpRequest(request)); }
protected virtual HttpResponseMessage CreateFormPostResponse(IDirectedProtocolMessage message, IDictionary <string, string> fields) { using (StringWriter bodyWriter = new StringWriter(CultureInfo.InvariantCulture)) { StringBuilder hiddenFields = new StringBuilder(); foreach (var field in fields) { hiddenFields.AppendFormat("\t<input type=\"hidden\" name=\"{0}\" value=\"{1}\" />\r\n", HttpUtility.HtmlEncode(field.Key), HttpUtility.HtmlEncode(field.Value)); } bodyWriter.WriteLine( IndirectMessageFormPostFormat, HttpUtility.HtmlEncode(message.Recipient.AbsoluteUri), hiddenFields ); bodyWriter.Flush(); HttpResponseMessage response = new HttpResponseMessageWithOriginal(message) { StatusCode = HttpStatusCode.OK, Content = new StringContent(bodyWriter.ToString()) }; response.Content.Headers.ContentType = new System.Net.Http.Headers.MediaTypeHeaderValue("text/html"); return(response); } }
/// <summary> /// Initializes a new instance of the <see cref="AutoResponsiveRequest"/> class. /// </summary> /// <param name="request">The request message.</param> /// <param name="response">The response that is ready for transmittal.</param> /// <param name="securitySettings">The security settings.</param> internal AutoResponsiveRequest(IDirectedProtocolMessage request, IProtocolMessage response, ProviderSecuritySettings securitySettings) : base(request, securitySettings) { Contract.Requires <ArgumentNullException>(response != null); this.response = response; }
public IDirectResponseProtocolMessage GetNewResponseMessage(IDirectedProtocolMessage request, IDictionary <string, string> fields) { TestMessage message = (TestMessage)this.GetNewRequestMessage(null, fields); message.OriginatingRequest = request; return(message); }
public void ReadFromRequestAuthorizationScattered() { // Start by creating a standard POST HTTP request. var fields = new Dictionary <string, string> { { "age", "15" }, }; HttpRequestInfo requestInfo = CreateHttpRequestInfo(HttpDeliveryMethods.PostRequest, fields); // Now add another field to the request URL UriBuilder builder = new UriBuilder(requestInfo.UrlBeforeRewriting); builder.Query = "Name=Andrew"; requestInfo.UrlBeforeRewriting = builder.Uri; requestInfo.RawUrl = builder.Path + builder.Query + builder.Fragment; // Finally, add an Authorization header fields = new Dictionary <string, string> { { "Location", "http://hostb/pathB" }, { "Timestamp", XmlConvert.ToString(DateTime.UtcNow, XmlDateTimeSerializationMode.Utc) }, }; requestInfo.Headers.Add(HttpRequestHeader.Authorization, CreateAuthorizationHeader(fields)); IDirectedProtocolMessage requestMessage = this.channel.ReadFromRequest(requestInfo); Assert.IsNotNull(requestMessage); Assert.IsInstanceOf <TestMessage>(requestMessage); TestMessage testMessage = (TestMessage)requestMessage; Assert.AreEqual(15, testMessage.Age); Assert.AreEqual("Andrew", testMessage.Name); Assert.AreEqual("http://hostb/pathB", testMessage.Location.AbsoluteUri); }
/// <summary> /// Reads an access token to find out what data it authorizes access to. /// </summary> /// <param name="message">The message carrying the access token.</param> /// <param name="accessToken">The access token.</param> /// <param name="user">The user whose data is accessible with this access token.</param> /// <param name="scope">The scope of access authorized by this access token.</param> /// <returns> /// A value indicating whether this access token is valid. /// </returns> /// <remarks> /// This method also responsible to throw a <see cref="ProtocolException"/> or return /// <c>false</c> when the access token is expired, invalid, or from an untrusted authorization server. /// </remarks> public virtual bool TryValidateAccessToken(IDirectedProtocolMessage message, string accessToken, out string user, out HashSet<string> scope) { var accessTokenFormatter = AccessToken.CreateFormatter(this.AuthorizationServerPublicSigningKey, this.ResourceServerPrivateEncryptionKey); var token = accessTokenFormatter.Deserialize(message, accessToken); user = token.User; scope = new HashSet<string>(token.Scope, OAuthUtilities.ScopeStringComparer); return true; }
/// <summary> /// Submits a direct request message to some remote party and blocks waiting for an immediately reply. /// </summary> /// <param name="request">The request message.</param> /// <returns>The response message, or null if the response did not carry a message.</returns> /// <remarks> /// Typically a deriving channel will override <see cref="CreateHttpRequest"/> to customize this method's /// behavior. However in non-HTTP frameworks, such as unit test mocks, it may be appropriate to override /// this method to eliminate all use of an HTTP transport. /// </remarks> protected virtual IProtocolMessage RequestInternal(IDirectedProtocolMessage request) { HttpWebRequest webRequest = this.CreateHttpRequest(request); IDictionary <string, string> responseFields; using (DirectWebResponse response = this.GetDirectResponse(webRequest)) { if (response.ResponseStream == null) { return(null); } responseFields = this.ReadFromResponseInternal(response); } IDirectResponseProtocolMessage responseMessage = this.MessageFactory.GetNewResponseMessage(request, responseFields); if (responseMessage == null) { return(null); } var responseSerializer = MessageSerializer.Get(responseMessage.GetType()); responseSerializer.Deserialize(responseFields, responseMessage); return(responseMessage); }
/// <summary> /// Gets the message type that best fits the given incoming direct response data. /// </summary> /// <param name="request">The request message that prompted the response data.</param> /// <param name="fields">The data of the incoming message.</param> /// <returns> /// The message type that matches the incoming data; or <c>null</c> if no match. /// </returns> /// <exception cref="ProtocolException">May be thrown if the incoming data is ambiguous.</exception> protected virtual MessageDescription GetMessageDescription(IDirectedProtocolMessage request, IDictionary <string, string> fields) { Requires.NotNull(request, "request"); Requires.NotNull(fields, "fields"); var matches = (from responseMessageType in this.responseMessageTypes let message = responseMessageType.Key where message.CheckMessagePartsPassBasicValidation(fields) let ctors = this.FindMatchingResponseConstructors(message, request.GetType()) where ctors.Any() orderby GetDerivationDistance(ctors.First().GetParameters()[0].ParameterType, request.GetType()), CountInCommon(message.Mapping.Keys, fields.Keys) descending, message.Mapping.Count descending select message).CacheGeneratedResults(); var match = matches.FirstOrDefault(); if (match != null) { return(match); } else { // No message type matches the incoming data. return(null); } }
/// <summary> /// Reads an access token to find out what data it authorizes access to. /// </summary> /// <param name="message">The message carrying the access token.</param> /// <param name="accessToken">The access token's serialized representation.</param> /// <returns>The deserialized, validated token.</returns> /// <exception cref="ProtocolException">Thrown if the access token is expired, invalid, or from an untrusted authorization server.</exception> AccessToken IAccessTokenAnalyzer.DeserializeAccessToken(IDirectedProtocolMessage message, string accessToken) { Requires.NotNull(message, "message"); Requires.NotNullOrEmpty(accessToken, "accessToken"); Contract.Ensures(Contract.Result <AccessToken>() != null); throw new NotImplementedException(); }
/// <summary> /// Analyzes an incoming request message payload to discover what kind of /// message is embedded in it and returns the type, or null if no match is found. /// </summary> /// <param name="request">The message that was sent as a request that resulted in the response.</param> /// <param name="fields">The name/value pairs that make up the message payload.</param> /// <returns> /// A newly instantiated <see cref="IProtocolMessage"/>-derived object that this message can /// deserialize to. Null if the request isn't recognized as a valid protocol message. /// </returns> public IDirectResponseProtocolMessage GetNewResponseMessage(IDirectedProtocolMessage request, IDictionary <string, string> fields) { DirectResponseBase message = null; // Discern the OpenID version of the message. Protocol protocol = Protocol.V11; string ns; if (fields.TryGetValue(Protocol.V20.openidnp.ns, out ns)) { ErrorUtilities.VerifyProtocol(string.Equals(ns, Protocol.OpenId2Namespace, StringComparison.Ordinal), MessagingStrings.UnexpectedMessagePartValue, Protocol.V20.openidnp.ns, ns); protocol = Protocol.V20; } // Handle error messages generally. if (fields.ContainsKey(protocol.openidnp.error)) { message = new DirectErrorResponse(protocol.Version, request); } var associateRequest = request as AssociateRequest; if (associateRequest != null) { if (protocol.Version.Major >= 2 && fields.ContainsKey(protocol.openidnp.error_code)) { // This is a special recognized error case that we create a special message for. message = new AssociateUnsuccessfulResponse(protocol.Version, associateRequest); } else if (message == null) { var associateDiffieHellmanRequest = request as AssociateDiffieHellmanRequest; var associateUnencryptedRequest = request as AssociateUnencryptedRequest; if (associateDiffieHellmanRequest != null) { message = new AssociateDiffieHellmanResponse(protocol.Version, associateDiffieHellmanRequest); } if (associateUnencryptedRequest != null) { message = new AssociateUnencryptedResponse(protocol.Version, associateUnencryptedRequest); } } } var checkAuthenticationRequest = request as CheckAuthenticationRequest; if (checkAuthenticationRequest != null && message == null) { message = new CheckAuthenticationResponse(protocol.Version, checkAuthenticationRequest); } if (message != null) { message.SetAsIncoming(); } return(message); }
/// <summary> /// HttpRequestMessage转换为IDirectedProtocolMessage,填充HttpRequestMessage参数值 /// </summary> /// <param name="request"></param> /// <param name="cancellationToken"></param> /// <returns></returns> protected virtual IDirectedProtocolMessage ReadFromRequestCoreAsync(HttpRequestMessage request, CancellationToken cancellationToken) { Logger.Channel.DebugFormat("Incoming HTTP request: {0} {1}", request.Method, request.RequestUri.AbsoluteUri); var fields = new Dictionary <string, string>(); fields.AddRange(ParseUrlEncodedFormContentAsync(request, cancellationToken)); if (fields.Count == 0 && request.Method.Method != "POST") { fields.AddRange(HttpUtility.ParseQueryString(request.RequestUri.Query).AsKeyValuePairs()); } MessageReceivingEndpoint recipient; try { recipient = request.GetRecipient(); } catch (ArgumentException ex) { Logger.Messaging.WarnFormat("Unrecognized HTTP request: {0}", ex); return(null); } IDirectedProtocolMessage result = null; result = (IDirectedProtocolMessage)this.Receive(fields, recipient); return(result); }
/// <summary> /// Prepares to send a request to the Service Provider as the payload of a POST request. /// </summary> /// <param name="requestMessage">The message to be transmitted to the ServiceProvider.</param> /// <returns>The web request ready to send.</returns> /// <remarks> /// This method is simply a standard HTTP POST request with the message parts serialized to the POST entity /// with the application/x-www-form-urlencoded content type /// This method satisfies OAuth 1.0 section 5.2, item #2 and OpenID 2.0 section 4.1.2. /// </remarks> protected virtual HttpWebRequest InitializeRequestAsPost(IDirectedProtocolMessage requestMessage) { ErrorUtilities.VerifyArgumentNotNull(requestMessage, "requestMessage"); var serializer = MessageSerializer.Get(requestMessage.GetType()); var fields = serializer.Serialize(requestMessage); HttpWebRequest httpRequest = (HttpWebRequest)WebRequest.Create(requestMessage.Recipient); httpRequest.CachePolicy = this.CachePolicy; httpRequest.Method = "POST"; httpRequest.ContentType = "application/x-www-form-urlencoded"; httpRequest.Headers[HttpRequestHeader.ContentEncoding] = PostEntityEncoding.WebName; string requestBody = MessagingUtilities.CreateQueryString(fields); byte[] requestBytes = PostEntityEncoding.GetBytes(requestBody); httpRequest.ContentLength = requestBytes.Length; Stream requestStream = this.WebRequestHandler.GetRequestStream(httpRequest); try { requestStream.Write(requestBytes, 0, requestBytes.Length); } finally { // We need to be sure to close the request stream... // unless it is a MemoryStream, which is a clue that we're in // a mock stream situation and closing it would preclude reading it later. if (!(requestStream is MemoryStream)) { requestStream.Dispose(); } } return(httpRequest); }
protected virtual HttpRequestMessage InitializeRequestAsPost(IDirectedProtocolMessage requestMessage) { var messageAccessor = this.MessageDescriptions.GetAccessor(requestMessage); var fields = messageAccessor.Serialize(); var httpRequest = new HttpRequestMessage(HttpMethod.Post, requestMessage.Recipient); this.PrepareHttpWebRequest(httpRequest); var requestMessageWithBinaryData = requestMessage as IMessageWithBinaryData; if (requestMessageWithBinaryData != null && requestMessageWithBinaryData.SendAsMultipart) { var content = InitializeMultipartFormDataContent(requestMessageWithBinaryData); foreach (var field in fields) { content.Add(new StringContent(field.Value), field.Key); } httpRequest.Content = content; } else { ErrorUtilities.VerifyProtocol(requestMessageWithBinaryData == null || requestMessageWithBinaryData.BinaryData.Count == 0, MessagingStrings.BinaryDataRequiresMultipart); httpRequest.Content = new FormUrlEncodedContent(fields); } return(httpRequest); }
/// <summary> /// Reads an access token to find out what data it authorizes access to. /// </summary> /// <param name="message">The message carrying the access token.</param> /// <param name="accessToken">The access token.</param> /// <param name="user">The user whose data is accessible with this access token.</param> /// <param name="scope">The scope of access authorized by this access token.</param> /// <returns> /// A value indicating whether this access token is valid. /// </returns> bool IAccessTokenAnalyzer.TryValidateAccessToken(IDirectedProtocolMessage message, string accessToken, out string user, out HashSet<string> scope) { Requires.NotNull(message, "message"); Requires.NotNullOrEmpty(accessToken, "accessToken"); Contract.Ensures(Contract.Result<bool>() == (Contract.ValueAtReturn<string>(out user) != null)); throw new NotImplementedException(); }
protected virtual HttpResponseMessage PrepareIndirectResponse(IDirectedProtocolMessage message) { Assumes.True(message != null && message.Recipient != null); var messageAccessor = this.messageDescriptions.GetAccessor(message); Assumes.True(message != null && message.Recipient != null); var fields = messageAccessor.Serialize(); HttpResponseMessage response = null; bool tooLargeForGet = false; if ((message.HttpMethods & HttpDeliveryMethods.GetRequest) == HttpDeliveryMethods.GetRequest) { bool payloadInFragment = false; var httpIndirect = message as IHttpIndirectResponse; if (httpIndirect != null) { payloadInFragment = httpIndirect.Include301RedirectPayloadInFragment; } response = this.Create301RedirectResponse(message, fields, payloadInFragment); tooLargeForGet = response.Headers.Location.PathAndQuery.Length > this.MaximumIndirectMessageUrlLength; } if (tooLargeForGet) { ErrorUtilities.VerifyProtocol( (message.HttpMethods & HttpDeliveryMethods.PostRequest) == HttpDeliveryMethods.PostRequest, MessagingStrings.MessageExceedsGetSizePostNotAllowed); } if (response == null || tooLargeForGet) { response = this.CreateFormPostResponse(message, fields); } return(response); }
/// <summary> /// Encodes an HTTP response that will instruct the user agent to forward a message to /// some remote third party using a form POST method. /// </summary> /// <param name="message">The message to forward.</param> /// <param name="fields">The pre-serialized fields from the message.</param> /// <returns>The encoded HTTP response.</returns> protected virtual UserAgentResponse CreateFormPostResponse(IDirectedProtocolMessage message, IDictionary <string, string> fields) { ErrorUtilities.VerifyArgumentNotNull(message, "message"); ErrorUtilities.VerifyArgumentNamed(message.Recipient != null, "message", MessagingStrings.DirectedMessageMissingRecipient); ErrorUtilities.VerifyArgumentNotNull(fields, "fields"); WebHeaderCollection headers = new WebHeaderCollection(); StringWriter bodyWriter = new StringWriter(CultureInfo.InvariantCulture); StringBuilder hiddenFields = new StringBuilder(); foreach (var field in fields) { hiddenFields.AppendFormat( "\t<input type=\"hidden\" name=\"{0}\" value=\"{1}\" />\r\n", HttpUtility.HtmlEncode(field.Key), HttpUtility.HtmlEncode(field.Value)); } bodyWriter.WriteLine( indirectMessageFormPostFormat, HttpUtility.HtmlEncode(message.Recipient.AbsoluteUri), hiddenFields); bodyWriter.Flush(); UserAgentResponse response = new UserAgentResponse { Status = HttpStatusCode.OK, Headers = headers, Body = bodyWriter.ToString(), OriginalMessage = message }; return(response); }
/// <summary> /// 重定向 /// </summary> /// <param name="message"></param> /// <param name="fields"></param> /// <param name="payloadInFragment"></param> /// <returns></returns> protected virtual HttpResponseMessage Create301RedirectResponse(IDirectedProtocolMessage message, IDictionary <string, string> fields, bool payloadInFragment = false) { UriBuilder builder = new UriBuilder(message.Recipient); if (payloadInFragment) { builder.AppendFragmentArgs(fields); } else { builder.AppendQueryArgs(fields); } Logger.Http.DebugFormat("Redirecting to {0}", builder.Uri.AbsoluteUri); HttpResponseMessage response = new HttpResponseMessageWithOriginal(message) { StatusCode = HttpStatusCode.Redirect, Content = new StringContent(string.Format(CultureInfo.InvariantCulture, RedirectResponseBodyFormat, builder.Uri.AbsoluteUri)) }; response.Headers.Location = builder.Uri; response.Content.Headers.ContentType = new System.Net.Http.Headers.MediaTypeHeaderValue("text/html") { CharSet = "utf-8" }; return(response); }
/// <summary> /// Initializes a web request for sending by attaching a message to it. /// Use this method to prepare a protected resource request that you do NOT /// expect an OAuth message response to. /// </summary> /// <param name="request">The message to attach.</param> /// <returns>The initialized web request.</returns> internal HttpWebRequest InitializeRequest(IDirectedProtocolMessage request) { Requires.NotNull(request, "request"); ProcessOutgoingMessage(request); return(this.CreateHttpRequest(request)); }
/// <summary> /// Initializes a new instance of the <see cref="AutoResponsiveRequest"/> class. /// </summary> /// <param name="request">The request message.</param> /// <param name="response">The response that is ready for transmittal.</param> /// <param name="securitySettings">The security settings.</param> internal AutoResponsiveRequest(IDirectedProtocolMessage request, IProtocolMessage response, ProviderSecuritySettings securitySettings) : base(request, securitySettings) { Requires.NotNull(response, "response"); this.response = response; }
/// <summary> /// Initializes a new instance of the <see cref="DirectResponseBase"/> class. /// </summary> /// <param name="responseVersion">The OpenID version of the response message.</param> /// <param name="originatingRequest">The originating request. May be null in case the request is unrecognizable and this is an error response.</param> protected DirectResponseBase(Version responseVersion, IDirectedProtocolMessage originatingRequest) { Requires.NotNull(responseVersion, "responseVersion"); this.Version = responseVersion; this.originatingRequest = originatingRequest; }
/// <summary> /// Prepares an HTTP request that carries a given message. /// </summary> /// <param name="request">The message to send.</param> /// <returns> /// The <see cref="HttpRequest"/> prepared to send the request. /// </returns> protected override HttpWebRequest CreateHttpRequest(IDirectedProtocolMessage request) { ErrorUtilities.VerifyArgumentNotNull(request, "request"); ErrorUtilities.VerifyArgumentNamed(request.Recipient != null, "request", MessagingStrings.DirectedMessageMissingRecipient); IDirectedProtocolMessage oauthRequest = request as IDirectedProtocolMessage; ErrorUtilities.VerifyArgument(oauthRequest != null, MessagingStrings.UnexpectedType, typeof(IDirectedProtocolMessage), request.GetType()); HttpWebRequest httpRequest; HttpDeliveryMethods transmissionMethod = oauthRequest.HttpMethods; if ((transmissionMethod & HttpDeliveryMethods.AuthorizationHeaderRequest) != 0) { httpRequest = this.InitializeRequestAsAuthHeader(request); } else if ((transmissionMethod & HttpDeliveryMethods.PostRequest) != 0) { httpRequest = this.InitializeRequestAsPost(request); } else if ((transmissionMethod & HttpDeliveryMethods.GetRequest) != 0) { httpRequest = InitializeRequestAsGet(request); } else { throw new NotSupportedException(); } return(httpRequest); }
/// <summary> /// Initializes a new instance of the <see cref="MessageBase"/> class for direct response messages. /// </summary> /// <param name="protectionRequired">The level of protection the message requires.</param> /// <param name="originatingRequest">The request that asked for this direct response.</param> protected MessageBase(MessageProtections protectionRequired, IDirectedProtocolMessage originatingRequest) { ErrorUtilities.VerifyArgumentNotNull(originatingRequest, "originatingRequest"); this.protectionRequired = protectionRequired; this.transport = MessageTransport.Direct; this.originatingRequest = originatingRequest; }
/// <summary> /// Reads an access token to find out what data it authorizes access to. /// </summary> /// <param name="message">The message carrying the access token.</param> /// <param name="accessToken">The access token's serialized representation.</param> /// <returns>The deserialized, validated token.</returns> /// <exception cref="ProtocolException">Thrown if the access token is expired, invalid, or from an untrusted authorization server.</exception> public virtual AccessToken DeserializeAccessToken(IDirectedProtocolMessage message, string accessToken) { var accessTokenFormatter = AccessToken.CreateFormatter(this.AuthorizationServerPublicSigningKey, this.ResourceServerPrivateEncryptionKey); var token = new AccessToken(); accessTokenFormatter.Deserialize(token, accessToken, message, Protocol.access_token); return(token); }
/// <summary> /// Initializes a new instance of the <see cref="MessageBase"/> class. /// </summary> /// <param name="request">The originating request.</param> /// <param name="recipient">The recipient of the directed message. Null if not applicable.</param> protected MessageBase(IDirectedProtocolMessage request, Uri recipient = null) { Contract.Requires<ArgumentNullException>(request != null); this.originatingRequest = request; this.messageTransport = request.Transport; this.version = request.Version; this.Recipient = recipient; this.HttpMethods = HttpDeliveryMethods.GetRequest; }
/// <summary> /// Initializes a new instance of the <see cref="MessageBase"/> class. /// </summary> /// <param name="request">The originating request.</param> /// <param name="recipient">The recipient of the directed message. Null if not applicable.</param> protected MessageBase(IDirectedProtocolMessage request, Uri recipient = null) { Requires.NotNull(request, "request"); this.originatingRequest = request; this.messageTransport = request.Transport; this.version = request.Version; this.Recipient = recipient; this.HttpMethods = HttpDeliveryMethods.GetRequest; }
/// <summary> /// Initializes a new instance of the <see cref="MessageBase"/> class for direct response messages. /// </summary> /// <param name="protectionRequired">The level of protection the message requires.</param> /// <param name="originatingRequest">The request that asked for this direct response.</param> /// <param name="version">The OAuth version.</param> protected MessageBase(MessageProtections protectionRequired, IDirectedProtocolMessage originatingRequest, Version version) { Requires.NotNull(originatingRequest, "originatingRequest"); Requires.NotNull(version, "version"); this.protectionRequired = protectionRequired; this.transport = MessageTransport.Direct; this.originatingRequest = originatingRequest; this.Version = version; }
/// <summary> /// Initializes a new instance of the <see cref="MessageBase"/> class for direct response messages. /// </summary> /// <param name="protectionRequired">The level of protection the message requires.</param> /// <param name="originatingRequest">The request that asked for this direct response.</param> /// <param name="version">The OAuth version.</param> protected MessageBase(MessageProtections protectionRequired, IDirectedProtocolMessage originatingRequest, Version version) { Contract.Requires<ArgumentNullException>(originatingRequest != null); Contract.Requires<ArgumentNullException>(version != null); this.protectionRequired = protectionRequired; this.transport = MessageTransport.Direct; this.originatingRequest = originatingRequest; this.Version = version; }
/// <summary> /// Reads an access token to find out what data it authorizes access to. /// </summary> /// <param name="message">The message carrying the access token.</param> /// <param name="accessToken">The access token's serialized representation.</param> /// <returns>The deserialized, validated token.</returns> /// <exception cref="ProtocolException">Thrown if the access token is expired, invalid, or from an untrusted authorization server.</exception> public virtual AccessToken DeserializeAccessToken(IDirectedProtocolMessage message, string accessToken) { ErrorUtilities.VerifyProtocol(!string.IsNullOrEmpty(accessToken), ResourceServerStrings.MissingAccessToken); var accessTokenFormatter = AccessToken.CreateFormatter(this.AuthorizationServerPublicSigningKey, this.ResourceServerPrivateEncryptionKey); var token = new AccessToken(); try { accessTokenFormatter.Deserialize(token, accessToken, message, Protocol.access_token); } catch (IOException ex) { throw new ProtocolException(ResourceServerStrings.InvalidAccessToken, ex); } return token; }
/// <summary> /// Prepares an HTTP request that carries a given message. /// </summary> /// <param name="request">The message to send.</param> /// <returns> /// The <see cref="HttpWebRequest"/> prepared to send the request. /// </returns> /// <remarks> /// This method must be overridden by a derived class, unless the <see cref="Channel.RequestCore"/> method /// is overridden and does not require this method. /// </remarks> protected override HttpWebRequest CreateHttpRequest(IDirectedProtocolMessage request) { HttpWebRequest httpRequest; if ((request.HttpMethods & HttpDeliveryMethods.GetRequest) != 0) { httpRequest = InitializeRequestAsGet(request); } else if ((request.HttpMethods & HttpDeliveryMethods.PostRequest) != 0) { httpRequest = InitializeRequestAsPost(request); } else { throw new NotSupportedException(); } return httpRequest; }
/// <summary> /// Analyzes an incoming request message payload to discover what kind of /// message is embedded in it and returns the type, or null if no match is found. /// </summary> /// <param name="request">The message that was sent as a request that resulted in the response.</param> /// <param name="fields">The name/value pairs that make up the message payload.</param> /// <returns> /// A newly instantiated <see cref="IProtocolMessage"/>-derived object that this message can /// deserialize to. Null if the request isn't recognized as a valid protocol message. /// </returns> public IDirectResponseProtocolMessage GetNewResponseMessage(IDirectedProtocolMessage request, IDictionary<string, string> fields) { DirectResponseBase message = null; // Discern the OpenID version of the message. Protocol protocol = Protocol.V11; string ns; if (fields.TryGetValue(Protocol.V20.openidnp.ns, out ns)) { ErrorUtilities.VerifyProtocol(string.Equals(ns, Protocol.OpenId2Namespace, StringComparison.Ordinal), MessagingStrings.UnexpectedMessagePartValue, Protocol.V20.openidnp.ns, ns); protocol = Protocol.V20; } // Handle error messages generally. if (fields.ContainsKey(protocol.openidnp.error)) { message = new DirectErrorResponse(protocol.Version, request); } var associateRequest = request as AssociateRequest; if (associateRequest != null) { if (protocol.Version.Major >= 2 && fields.ContainsKey(protocol.openidnp.error_code)) { // This is a special recognized error case that we create a special message for. message = new AssociateUnsuccessfulResponse(protocol.Version, associateRequest); } else if (message == null) { if (OpenIdUtilities.IsDiffieHellmanPresent) { var associateDiffieHellmanRequest = request as AssociateDiffieHellmanRequest; if (associateDiffieHellmanRequest != null) { message = new AssociateDiffieHellmanRelyingPartyResponse(protocol.Version, associateDiffieHellmanRequest); } } var associateUnencryptedRequest = request as AssociateUnencryptedRequest; if (associateUnencryptedRequest != null) { message = new AssociateUnencryptedResponseRelyingParty(protocol.Version, associateUnencryptedRequest); } } } var checkAuthenticationRequest = request as CheckAuthenticationRequest; if (checkAuthenticationRequest != null && message == null) { message = new CheckAuthenticationResponse(protocol.Version, checkAuthenticationRequest); } if (message != null) { message.SetAsIncoming(); } return message; }
/// <summary> /// Scans the incoming request for an authorization response message. /// </summary> /// <param name="authorizationState">The authorization.</param> /// <param name="response">The incoming authorization response message.</param> /// <returns> /// The granted authorization, or <c>null</c> if the incoming HTTP request did not contain an authorization server response or authorization was rejected. /// </returns> internal IAuthorizationState ProcessUserAuthorization(IAuthorizationState authorizationState, IDirectedProtocolMessage response) { Requires.NotNull(authorizationState, "authorizationState"); Requires.NotNull(response, "response"); EndUserAuthorizationSuccessAccessTokenResponse accessTokenSuccess; EndUserAuthorizationSuccessAuthCodeResponse authCodeSuccess; if ((accessTokenSuccess = response as EndUserAuthorizationSuccessAccessTokenResponse) != null) { UpdateAuthorizationWithResponse(authorizationState, accessTokenSuccess); } else if ((authCodeSuccess = response as EndUserAuthorizationSuccessAuthCodeResponse) != null) { this.UpdateAuthorizationWithResponse(authorizationState, authCodeSuccess); } else if (response is EndUserAuthorizationFailedResponse) { authorizationState.Delete(); return null; } return authorizationState; }
/// <summary> /// Analyzes an incoming request message payload to discover what kind of /// message is embedded in it and returns the type, or null if no match is found. /// </summary> /// <param name="request"> /// The message that was sent as a request that resulted in the response. /// Null on a Consumer site that is receiving an indirect message from the Service Provider. /// </param> /// <param name="fields">The name/value pairs that make up the message payload.</param> /// <returns> /// The <see cref="IProtocolMessage"/>-derived concrete class that this message can /// deserialize to. Null if the request isn't recognized as a valid protocol message. /// </returns> /// <remarks> /// The response messages are: /// None. /// </remarks> public virtual IDirectResponseProtocolMessage GetNewResponseMessage(IDirectedProtocolMessage request, IDictionary<string, string> fields) { Logger.OAuth.Error("Service Providers are not expected to ever receive responses."); return null; }
/// <summary> /// Prepares the return value for the GetRequest method in the event of an exception. /// </summary> /// <param name="ex">The exception that forms the basis of the error response. Must not be null.</param> /// <param name="httpRequestInfo">The incoming HTTP request. Must not be null.</param> /// <param name="incomingMessage">The incoming message. May be null in the case that it was malformed.</param> /// <returns> /// Either the <see cref="IRequest"/> to return to the host site or null to indicate no response could be reasonably created and that the caller should rethrow the exception. /// </returns> private IRequest GetErrorResponse(ProtocolException ex, HttpRequestInfo httpRequestInfo, IDirectedProtocolMessage incomingMessage) { Contract.Requires<ArgumentNullException>(ex != null); Contract.Requires<ArgumentNullException>(httpRequestInfo != null); Logger.OpenId.Error("An exception was generated while processing an incoming OpenID request.", ex); IErrorMessage errorMessage; // We must create the appropriate error message type (direct vs. indirect) // based on what we see in the request. string returnTo = httpRequestInfo.QueryString[Protocol.Default.openid.return_to]; if (returnTo != null) { // An indirect request message from the RP // We need to return an indirect response error message so the RP can consume it. // Consistent with OpenID 2.0 section 5.2.3. var indirectRequest = incomingMessage as SignedResponseRequest; if (indirectRequest != null) { errorMessage = new IndirectErrorResponse(indirectRequest); } else { errorMessage = new IndirectErrorResponse(Protocol.Default.Version, new Uri(returnTo)); } } else if (httpRequestInfo.HttpMethod == "POST") { // A direct request message from the RP // We need to return a direct response error message so the RP can consume it. // Consistent with OpenID 2.0 section 5.1.2.2. errorMessage = new DirectErrorResponse(Protocol.Default.Version, incomingMessage); } else { // This may be an indirect request from an RP that was so badly // formed that we cannot even return an error to the RP. // The best we can do is display an error to the user. // Returning null cues the caller to "throw;" return null; } errorMessage.ErrorMessage = ex.ToStringDescriptive(); // Allow host to log this error and issue a ticket #. // We tear off the field to a local var for thread safety. IErrorReporting hostErrorHandler = this.ErrorReporting; if (hostErrorHandler != null) { errorMessage.Contact = hostErrorHandler.Contact; errorMessage.Reference = hostErrorHandler.LogError(ex); } if (incomingMessage != null) { return new AutoResponsiveRequest(incomingMessage, errorMessage, this.SecuritySettings); } else { return new AutoResponsiveRequest(errorMessage, this.SecuritySettings); } }
/// <summary> /// Prepares to send a request to the Service Provider via the Authorization header. /// </summary> /// <param name="requestMessage">The message to be transmitted to the ServiceProvider.</param> /// <returns>The web request ready to send.</returns> /// <remarks> /// <para>If the message has non-empty ExtraData in it, the request stream is sent to /// the server automatically. If it is empty, the request stream must be sent by the caller.</para> /// <para>This method implements OAuth 1.0 section 5.2, item #1 (described in section 5.4).</para> /// </remarks> private HttpWebRequest InitializeRequestAsAuthHeader(IDirectedProtocolMessage requestMessage) { var dictionary = this.MessageDescriptions.GetAccessor(requestMessage); // copy so as to not modify original var fields = new Dictionary<string, string>(); foreach (string key in dictionary.DeclaredKeys) { fields.Add(key, dictionary[key]); } if (this.Realm != null) { fields.Add("realm", this.Realm.AbsoluteUri); } HttpWebRequest httpRequest; UriBuilder recipientBuilder = new UriBuilder(requestMessage.Recipient); bool hasEntity = HttpMethodHasEntity(GetHttpMethod(requestMessage)); if (!hasEntity) { MessagingUtilities.AppendQueryArgs(recipientBuilder, requestMessage.ExtraData); } httpRequest = (HttpWebRequest)WebRequest.Create(recipientBuilder.Uri); this.PrepareHttpWebRequest(httpRequest); httpRequest.Method = GetHttpMethod(requestMessage); httpRequest.Headers.Add(HttpRequestHeader.Authorization, MessagingUtilities.AssembleAuthorizationHeader(Protocol.AuthorizationHeaderScheme, fields)); if (hasEntity) { // WARNING: We only set up the request stream for the caller if there is // extra data. If there isn't any extra data, the caller must do this themselves. var requestMessageWithBinaryData = requestMessage as IMessageWithBinaryData; if (requestMessageWithBinaryData != null && requestMessageWithBinaryData.SendAsMultipart) { // Include the binary data in the multipart entity, and any standard text extra message data. // The standard declared message parts are included in the authorization header. var multiPartFields = new List<MultipartPostPart>(requestMessageWithBinaryData.BinaryData); multiPartFields.AddRange(requestMessage.ExtraData.Select(field => MultipartPostPart.CreateFormPart(field.Key, field.Value))); this.SendParametersInEntityAsMultipart(httpRequest, multiPartFields); } else { ErrorUtilities.VerifyProtocol(requestMessageWithBinaryData == null || requestMessageWithBinaryData.BinaryData.Count == 0, MessagingStrings.BinaryDataRequiresMultipart); if (requestMessage.ExtraData.Count > 0) { this.SendParametersInEntity(httpRequest, requestMessage.ExtraData); } else { // We'll assume the content length is zero since the caller may not have // anything. They're responsible to change it when the add the payload if they have one. httpRequest.ContentLength = 0; } } } return httpRequest; }
/// <summary> /// Analyzes an incoming request message payload to discover what kind of /// message is embedded in it and returns the type, or null if no match is found. /// </summary> /// <param name="request">The message that was sent as a request that resulted in the response.</param> /// <param name="fields">The name/value pairs that make up the message payload.</param> /// <returns> /// A newly instantiated <see cref="IProtocolMessage"/>-derived object that this message can /// deserialize to. Null if the request isn't recognized as a valid protocol message. /// </returns> IDirectResponseProtocolMessage IMessageFactory.GetNewResponseMessage(IDirectedProtocolMessage request, IDictionary<string, string> fields) { Requires.NotNull(request, "request"); Requires.NotNull(fields, "fields"); throw new NotImplementedException(); }
/// <summary> /// Analyzes an incoming request message payload to discover what kind of /// message is embedded in it and returns the type, or null if no match is found. /// </summary> /// <param name="request">The message that was sent as a request that resulted in the response.</param> /// <param name="fields">The name/value pairs that make up the message payload.</param> /// <returns> /// A newly instantiated <see cref="IProtocolMessage"/>-derived object that this message can /// deserialize to. Null if the request isn't recognized as a valid protocol message. /// </returns> IDirectResponseProtocolMessage IMessageFactory.GetNewResponseMessage(IDirectedProtocolMessage request, IDictionary<string, string> fields) { Contract.Requires<ArgumentNullException>(request != null); Contract.Requires<ArgumentNullException>(fields != null); throw new NotImplementedException(); }
/// <summary> /// Initializes a web request for sending by attaching a message to it. /// Use this method to prepare a protected resource request that you do NOT /// expect an OAuth message response to. /// </summary> /// <param name="request">The message to attach.</param> /// <returns>The initialized web request.</returns> internal HttpWebRequest InitializeRequest(IDirectedProtocolMessage request) { Requires.NotNull(request, "request"); ProcessOutgoingMessage(request); return this.CreateHttpRequest(request); }
/// <summary> /// Reads an access token to find out what data it authorizes access to. /// </summary> /// <param name="message">The message carrying the access token.</param> /// <param name="accessToken">The access token's serialized representation.</param> /// <returns>The deserialized, validated token.</returns> /// <exception cref="ProtocolException">Thrown if the access token is expired, invalid, or from an untrusted authorization server.</exception> public virtual AccessToken DeserializeAccessToken(IDirectedProtocolMessage message, string accessToken) { var accessTokenFormatter = AccessToken.CreateFormatter(this.AuthorizationServerPublicSigningKey, this.ResourceServerPrivateEncryptionKey); var token = accessTokenFormatter.Deserialize(message, accessToken, Protocol.access_token); return token; }
internal new void PrepareIndirectResponse(IDirectedProtocolMessage message) { base.PrepareIndirectResponse(message); }
internal new void CreateFormPostResponse(IDirectedProtocolMessage message, IDictionary<string, string> fields) { base.CreateFormPostResponse(message, fields); }
internal new void Create301RedirectResponse(IDirectedProtocolMessage message, IDictionary<string, string> fields, bool payloadInFragment = false) { base.Create301RedirectResponse(message, fields, payloadInFragment); }
/// <summary> /// Initializes a new instance of the <see cref="CoordinatingHttpRequestInfo"/> class. /// </summary> /// <param name="message">The message being passed in through a mock transport. May be null.</param> /// <param name="httpMethod">The HTTP method that the incoming request came in on, whether or not <paramref name="message"/> is null.</param> internal CoordinatingHttpRequestInfo(IDirectedProtocolMessage message, HttpDeliveryMethods httpMethod) : base(GetHttpVerb(httpMethod), message.Recipient) { this.message = message; }
protected override HttpWebRequest CreateHttpRequest(IDirectedProtocolMessage request) { throw new NotImplementedException("CreateHttpRequest"); }
/// <summary> /// Prepares an HTTP request that carries a given message. /// </summary> /// <param name="request">The message to send.</param> /// <returns> /// The <see cref="HttpRequest"/> prepared to send the request. /// </returns> protected override HttpWebRequest CreateHttpRequest(IDirectedProtocolMessage request) { HttpWebRequest httpRequest; HttpDeliveryMethods transmissionMethod = request.HttpMethods; if ((transmissionMethod & HttpDeliveryMethods.AuthorizationHeaderRequest) != 0) { httpRequest = this.InitializeRequestAsAuthHeader(request); } else if ((transmissionMethod & HttpDeliveryMethods.PostRequest) != 0) { var requestMessageWithBinaryData = request as IMessageWithBinaryData; ErrorUtilities.VerifyProtocol(requestMessageWithBinaryData == null || !requestMessageWithBinaryData.SendAsMultipart, OAuthStrings.MultipartPostMustBeUsedWithAuthHeader); httpRequest = this.InitializeRequestAsPost(request); } else if ((transmissionMethod & HttpDeliveryMethods.GetRequest) != 0) { httpRequest = InitializeRequestAsGet(request); } else if ((transmissionMethod & HttpDeliveryMethods.HeadRequest) != 0) { httpRequest = InitializeRequestAsHead(request); } else if ((transmissionMethod & HttpDeliveryMethods.PutRequest) != 0) { httpRequest = this.InitializeRequestAsPut(request); } else if ((transmissionMethod & HttpDeliveryMethods.DeleteRequest) != 0) { httpRequest = InitializeRequestAsDelete(request); } else { throw new NotSupportedException(); } return httpRequest; }
/// <summary> /// Prepares an HTTP request that carries a given message. /// </summary> /// <param name="request">The message to send.</param> /// <returns> /// The <see cref="HttpWebRequest"/> prepared to send the request. /// </returns> protected override HttpRequestMessage CreateHttpRequest(IDirectedProtocolMessage request) { return this.InitializeRequestAsPost(request); }
/// <summary> /// Gets the HTTP method to use for a message. /// </summary> /// <param name="message">The message.</param> /// <returns>"POST", "GET" or some other similar http verb.</returns> private static string GetHttpMethod(IDirectedProtocolMessage message) { Requires.NotNull(message, "message"); var signedMessage = message as ITamperResistantOAuthMessage; if (signedMessage != null) { return signedMessage.HttpMethod; } else { return MessagingUtilities.GetHttpVerb(message.HttpMethods); } }