Esempio n. 1
0
        private void LoadSession(out string authCode, out LiveAuthException error)
        {
            authCode = null;
            error    = null;

            // only load session once.
            if (this.loginStatus == null)
            {
                if (this.webContext != null)
                {
                    // Reads current login status from session cookie.
                    this.loginStatus = HttpContextUtility.GetUserLoginStatus(this.webContext);

                    HttpContextUtility.ReadAuthCodeRequest(
                        webContext, out authCode, out this.appRequestState, out this.appRequestTs, out error);
                    if (this.loginStatus.Status == LiveConnectSessionStatus.Unknown &&
                        error != null && error.ErrorCode == AuthErrorCodes.AccessDenied)
                    {
                        this.loginStatus = new LiveLoginResult(LiveConnectSessionStatus.NotConnected, null);
                    }
                }
                else
                {
                    this.loginStatus = new LiveLoginResult(LiveConnectSessionStatus.Unknown, null);
                }

                this.publicAuthClient.Session = this.loginStatus.Session;
            }
        }
Esempio n. 2
0
        /// <summary>
        /// Clear the auth state in the current session
        /// </summary>
        public void ClearSession(HttpContextBase context)
        {
            LiveUtility.ValidateNotNullParameter(context, "context");

            HttpContextUtility.ClearUserSession(context);
            this.loginStatus = null;
            this.publicAuthClient.Session = null;
            this.publicAuthClient.FirePendingPropertyChangedEvents();
        }
Esempio n. 3
0
        private void CompleteAuthTask(LiveLoginResult loginResult)
        {
            Debug.Assert(loginResult != null);

            loginResult = this.ValidateSessionInitScopes(loginResult);
            HttpContextUtility.UpdateUserSession(this.webContext, loginResult, this.appRequestTs);

            if (loginResult.Session != null)
            {
                // Only update Session property if there is a new session.
                this.publicAuthClient.Session = loginResult.Session;
            }

            this.publicAuthClient.FirePendingPropertyChangedEvents();

            TaskCompletionSource <LiveLoginResult> taskSource = this.currentTask;

            if (taskSource != null)
            {
                this.currentTask = null;

                if (loginResult.Error != null)
                {
                    var error = loginResult.Error as LiveAuthException;
                    if (error == null)
                    {
                        error = new LiveAuthException(AuthErrorCodes.ClientError, error.Message, loginResult.Error);
                    }

                    error.State = this.appRequestState;
                    taskSource.SetException(loginResult.Error);
                }
                else
                {
                    loginResult.State = this.appRequestState;
                    taskSource.SetResult(loginResult);
                }
            }
        }
Esempio n. 4
0
        private bool CheckRefreshTokenRequest(out IEnumerable <string> scopes, out LiveAuthException error)
        {
            string clientIdFromRequestUrl;

            error = null;
            bool isTokenRequest = HttpContextUtility.ReadRefreshTokenRequest(this.webContext, out clientIdFromRequestUrl, out scopes);

            if (isTokenRequest)
            {
                if (string.Compare(clientIdFromRequestUrl, this.clientId, StringComparison.InvariantCultureIgnoreCase) != 0)
                {
                    // The request client Id does not match current client Id.
                    error = new LiveAuthException(AuthErrorCodes.ClientError, ErrorText.RefreshRequestClientIdNotMatch);
                }

                if (this.refreshTokenHandler == null)
                {
                    // The web client is requesting requesting refresh token, however, the server has not implemented this logic.
                    error = new LiveAuthException(AuthErrorCodes.ClientError, ErrorText.IRefreshTokenHandlerNotProvided);
                }
            }

            return(isTokenRequest);
        }