protected override bool OnBeforeAction(IEngineContext context, IController controller, IControllerContext controllerContext) { var authService = context.Services.GetService<IOAuthService>(); AccessOutcome outcome = authService.AccessProtectedResource(context.Request); _threadOutcome = outcome; if (!outcome.Granted) { controllerContext.PropertyBag["outcome"] = outcome; throw Error.AccessDeniedToProtectedResource(outcome); } return true; }
public AccessOutcome VerifyProtectedResourceRequest(OAuthContext context) { var outcome = new AccessOutcome { Context = context }; SigningContext signingContext = null; try { signingContext = CreateSignatureContextForAuthContext(context); } catch (Exception ex) { outcome.AdditionalInfo = "Failed to parse request for context info"; return(outcome); } if (!_signer.ValidateSignature(context, signingContext)) { outcome.AdditionalInfo = "Failed to validate signature"; return(outcome); } if (context.Token != "accesskey") { outcome.AdditionalInfo = "Invalid access token"; return(outcome); } if (context.ConsumerKey != "key") { outcome.AdditionalInfo = "Invalid consumer key"; return(outcome); } outcome.Granted = true; outcome.AccessToken = new TokenBase { ConsumerKey = "key", TokenSecret = "accesssecret", Token = "accesskey" }; return(outcome); }
public AccessOutcome VerifyProtectedResourceRequest(OAuthContext context) { var outcome = new AccessOutcome {Context = context}; SigningContext signingContext = null; try { signingContext = CreateSignatureContextForAuthContext(context); } catch (Exception ex) { outcome.AdditionalInfo = "Failed to parse request for context info"; return outcome; } if (!_signer.ValidateSignature(context, signingContext)) { outcome.AdditionalInfo = "Failed to validate signature"; return outcome; } if (context.Token != "accesskey") { outcome.AdditionalInfo = "Invalid access token"; return outcome; } if (context.ConsumerKey != "key") { outcome.AdditionalInfo = "Invalid consumer key"; return outcome; } outcome.Granted = true; outcome.AccessToken = new TokenBase {ConsumerKey = "key", TokenSecret = "accesssecret", Token = "accesskey"}; return outcome; }
public static Exception AccessDeniedToProtectedResource(AccessOutcome outcome) { Uri uri = outcome.Context.GenerateUri(); if (string.IsNullOrEmpty(outcome.AdditionalInfo)) { return new AccessDeniedException(outcome, string.Format("Access to resource \"{0}\" was denied", uri)); } return new AccessDeniedException(outcome, string.Format("Access to resource: {0} was denied, additional info: {1}", uri, outcome.AdditionalInfo)); }
public AccessDeniedException(AccessOutcome outcome) : this(outcome, null) { }
public AccessDeniedException(AccessOutcome outcome, string message) : base(message) { _outcome = outcome; }
protected override void OnAfterRendering(IEngineContext context, IController controller, IControllerContext controllerContext) { _threadOutcome = null; }