protected void Page_Load(object sender, EventArgs e)
{
if (!IsPostBack)
{
Master.SelectedTab = tabID.tabHome;
if (Page.User.Identity.IsAuthenticated)
{
mvServices.SetActiveView(vwAuthenticated);
foreach (MFBOAuthScope scope in Enum.GetValues(typeof(MFBOAuthScope)))
{
if (scope != MFBOAuthScope.none)
{
cklScopes.Items.Add(new ListItem(MFBOauthServer.ScopeDescription(scope), scope.ToString()));
}
}
gvMyServices.DataSource = (util.GetIntParam(Request, "a", 0) != 0 && MyFlightbook.Profile.GetUser(Page.User.Identity.Name).CanSupport) ? MFBOauth2Client.GetAvailableClients() : OwnedClients;
gvMyServices.DataBind();
}
else
{
mvServices.SetActiveView(vwGuest);
}
}
}
protected void gvMyServices_RowUpdating(object sender, GridViewUpdateEventArgs e)
{
if (e == null)
{
throw new ArgumentNullException("e");
}
MFBOauth2Client client = new List <MFBOauth2Client>(OwnedClients)[e.RowIndex];
client.ClientSecret = (string)e.NewValues["ClientSecret"];
client.ClientName = (string)e.NewValues["ClientName"];
client.Callback = (string)e.NewValues["Callback"];
client.Scope = (string)e.NewValues["Scope"];
try
{
MFBOauthServer.ScopesFromString(client.Scope); // will throw an exception for an invalid scope.
client.Commit();
gvMyServices.EditIndex = -1;
OwnedClients = null; // force a refresh.
gvMyServices.DataSource = OwnedClients;
gvMyServices.DataBind();
}
catch (UnauthorizedAccessException ex)
{
lblErrGV.Text = ex.Message;
}
catch (MyFlightbookValidationException ex)
{
lblErrGV.Text = ex.Message;
}
catch (ArgumentOutOfRangeException ex)
{
lblErrGV.Text = ex.Message;
}
}
protected void Page_Load(object sender, EventArgs e)
{
if (!IsPostBack)
{
Master.SelectedTab = tabID.tabHome;
if (Page.User.Identity.IsAuthenticated)
{
mvServices.SetActiveView(vwAuthenticated);
foreach (MFBOAuthScope scope in Enum.GetValues(typeof(MFBOAuthScope)))
{
if (scope != MFBOAuthScope.none)
{
cklScopes.Items.Add(new ListItem(MFBOauthServer.ScopeDescription(scope), scope.ToString()));
}
}
gvMyServices.DataSource = AdminMode ? MFBOauth2Client.GetAvailableClients() : OwnedClients;
gvMyServices.DataBind();
}
else
{
mvServices.SetActiveView(vwGuest);
}
}
}
protected void Page_Load(object sender, EventArgs e)
{
try
{
if (!Request.IsSecureConnection)
{
throw new HttpException((int)HttpStatusCode.Forbidden, Resources.LocalizedText.oAuthErrNotSecure);
}
if (!IsPostBack)
{
if ((m_pendingRequest = this.authorizationServer.ReadAuthorizationRequest()) == null)
{
throw new HttpException((int)HttpStatusCode.BadRequest, Resources.LocalizedText.oAuthErrMissingRequest);
}
MFBOauth2Client client = (MFBOauth2Client)authorizationServer.AuthorizationServerServices.GetClient(m_pendingRequest.ClientIdentifier);
if (Uri.Compare(m_pendingRequest.Callback, new Uri(client.Callback), UriComponents.HostAndPort | UriComponents.PathAndQuery, UriFormat.UriEscaped, StringComparison.CurrentCultureIgnoreCase) != 0)
{
throw new HttpException((int)HttpStatusCode.BadRequest, Resources.LocalizedText.oAuthErrBadRedirectURL);
}
HashSet <string> allowedScopes = OAuthUtilities.SplitScopes(client.Scope);
if (!m_pendingRequest.Scope.IsSubsetOf(allowedScopes))
{
throw new HttpException((int)HttpStatusCode.BadRequest, Resources.LocalizedText.oAuthErrUnauthorizedScopes);
}
IEnumerable <MFBOAuthScope> requestedScopes = MFBOauthServer.ScopesFromStrings(m_pendingRequest.Scope);
// See if there are any scopes that are requested that are not allowed.
IEnumerable <string> lstScopes = MFBOauthServer.ScopeDescriptions(requestedScopes);
mvScopesRequested.SetActiveView(lstScopes.Count() == 0 ? vwNoScopes : vwRequestedScopes);
rptPermissions.DataSource = lstScopes;
rptPermissions.DataBind();
ViewState[szVSKeyPendingRequest] = m_pendingRequest;
lblClientName.Text = client.ClientName;
}
else
{
m_pendingRequest = (EndUserAuthorizationRequest)ViewState[szVSKeyPendingRequest];
}
}
catch (HttpException ex)
{
RejectWithError(ex.Message);
}
catch (MyFlightbook.MyFlightbookException ex)
{
lblErr.Text = ex.Message;
mvAuthorize.SetActiveView(vwErr);
}
}
protected void btnAddClient_Click(object sender, EventArgs e)
{
Page.Validate("newClient");
if (Page.IsValid)
{
List <string> lst = new List <string>();
foreach (ListItem li in cklScopes.Items)
{
if (li.Selected)
{
lst.Add(li.Value);
}
}
string szScopes = String.Join(",", lst);
MFBOauth2Client client = new MFBOauth2Client(txtClient.Text, txtSecret.Text, "https://" + txtCallback.Text, txtName.Text, szScopes, Page.User.Identity.Name);
try
{
MFBOauthServer.ScopesFromString(szScopes); // will throw an exception for an invalid scope.
client.Commit(); // will throw any exception.
OwnedClients = null; // force a refresh.
gvMyServices.DataSource = OwnedClients;
gvMyServices.DataBind();
txtCallback.Text = txtClient.Text = txtName.Text = txtSecret.Text = string.Empty;
foreach (ListItem li in cklScopes.Items)
{
li.Selected = false;
}
Expando.ExpandoControl.Collapsed = true;
util.NotifyAdminEvent("oAuth client created", String.Format(CultureInfo.CurrentCulture, "User: {0}, Name: {1}", Page.User.Identity.Name, client.ClientName), ProfileRoles.maskCanReport);
}
catch (UnauthorizedAccessException ex)
{
lblErr.Text = ex.Message;
}
catch (MyFlightbookValidationException ex)
{
lblErr.Text = ex.Message;
}
catch (ArgumentOutOfRangeException ex)
{
lblErr.Text = ex.Message;
}
}
}
protected void gvOAuthClients_RowDataBound(object sender, GridViewRowEventArgs e)
{
if (e == null)
{
throw new ArgumentNullException("e");
}
if (e.Row.RowType == DataControlRowType.DataRow)
{
MFBOauthClientAuth oauth = (MFBOauthClientAuth)e.Row.DataItem;
if (oauth.Scope != null)
{
IEnumerable <string> lstScopes = MFBOauthServer.ScopeDescriptions(MFBOauthServer.ScopesFromString(oauth.Scope));
((MultiView)e.Row.FindControl("mvScopesRequested")).SetActiveView(lstScopes.Count() == 0 ? ((View)e.Row.FindControl("vwNoScopes")) : ((View)e.Row.FindControl("vwRequestedScopes")));
Repeater rpt = (Repeater)e.Row.FindControl("rptPermissions");
rpt.DataSource = lstScopes;
rpt.DataBind();
}
}
}
protected void Page_Load(object sender, EventArgs e)
{
try
{
if (!Request.IsSecureConnection)
{
throw new HttpException((int)HttpStatusCode.Forbidden, Resources.LocalizedText.oAuthErrNotSecure);
}
if (!IsPostBack)
{
if ((m_pendingRequest = this.authorizationServer.ReadAuthorizationRequest()) == null)
{
throw new HttpException((int)HttpStatusCode.BadRequest, Resources.LocalizedText.oAuthErrMissingRequest);
}
MFBOauth2Client client = (MFBOauth2Client)authorizationServer.AuthorizationServerServices.GetClient(m_pendingRequest.ClientIdentifier);
bool fIsValidCallback = false;
foreach (string callback in client.Callbacks)
{
if (Uri.Compare(m_pendingRequest.Callback, new Uri(callback), UriComponents.HostAndPort | UriComponents.PathAndQuery, UriFormat.SafeUnescaped, StringComparison.CurrentCultureIgnoreCase) == 0)
{
fIsValidCallback = true;
break;
}
}
if (!fIsValidCallback)
{
throw new HttpException((int)HttpStatusCode.BadRequest, String.Format(System.Globalization.CultureInfo.CurrentCulture, Resources.LocalizedText.oAuthErrBadRedirectURL, m_pendingRequest.Callback.ToString()));
}
HashSet <string> allowedScopes = OAuthUtilities.SplitScopes(client.Scope);
if (!m_pendingRequest.Scope.IsSubsetOf(allowedScopes))
{
throw new HttpException((int)HttpStatusCode.BadRequest, Resources.LocalizedText.oAuthErrUnauthorizedScopes);
}
IEnumerable <MFBOAuthScope> requestedScopes = MFBOauthServer.ScopesFromStrings(m_pendingRequest.Scope);
// See if there are any scopes that are requested that are not allowed.
IEnumerable <string> lstScopes = MFBOauthServer.ScopeDescriptions(requestedScopes);
mvScopesRequested.SetActiveView(!lstScopes.Any() ? vwNoScopes : vwRequestedScopes);
rptPermissions.DataSource = lstScopes;
rptPermissions.DataBind();
ViewState[szVSKeyPendingRequest] = m_pendingRequest;
lblClientName.Text = HttpUtility.HtmlEncode(client.ClientName);
}
else
{
m_pendingRequest = (EndUserAuthorizationRequest)ViewState[szVSKeyPendingRequest];
}
}
catch (Exception ex) when(ex is HttpException || ex is ProtocolException || ex is ProtocolFaultResponseException || ex is MyFlightbook.MyFlightbookException)
{
lblErr.Text = ex.Message;
mvAuthorize.SetActiveView(vwErr);
}
}