private static FormUrlEncodedContent GetContent(IOAuthRequest request, string signature) { var list = request.Parameters.AllKeys.Select(key => new KeyValuePair <string, string>(key, request.Parameters[key])).ToList(); list.Add(new KeyValuePair <string, string>(OAuthConstants.SignatureParameter, signature)); return(new FormUrlEncodedContent(list)); }
public Token Authorize(IOAuthRequest request) { _logger.Debug("Authorizing client credentials token request"); //Make sure consumer is valid var consumer = _serviceLocator.ConsumerRepository.GetByClientId(request.ClientId); if (consumer == null || !consumer.Secret.Equals(request.ClientSecret, StringComparison.OrdinalIgnoreCase)) { throw new OAuthException(ErrorCode.InvalidClient, "Client credentials are invalid"); } var data = new TokenData { ConsumerId = consumer.ConsumerId, Timestamp = DateTimeOffset.UtcNow.DateTime.Ticks }; return(new Token { AccessToken = _serviceLocator.Issuer.GenerateAccessToken(data), RefreshToken = _serviceLocator.Issuer.GenerateRefreshToken(data), ExpiresIn = _serviceLocator.Configuration.AccessTokenExpirationLength }); }
public ValidationResult ValidateRequest(IOAuthRequest request) { _logger.Debug("Validating password request"); var grantType = request.GrantType; if (string.IsNullOrWhiteSpace(grantType)) return new ValidationResult { ErrorCode = ErrorCode.InvalidRequest, ErrorDescription = "Parameter grant_type is missing" }; if (grantType != GrantType.Password) return new ValidationResult { ErrorCode = ErrorCode.InvalidGrant, ErrorDescription = "The specified grant_type is not supported" }; var username = request.Username; if (string.IsNullOrWhiteSpace(username)) return new ValidationResult { ErrorCode = ErrorCode.InvalidRequest, ErrorDescription = "Parameter username is missing" }; var password = request.Password; if (string.IsNullOrWhiteSpace(password)) return new ValidationResult { ErrorCode = ErrorCode.InvalidRequest, ErrorDescription = "Parameter password is missing" }; var clientId = request.ClientId; if (string.IsNullOrWhiteSpace(clientId)) return new ValidationResult { ErrorCode = ErrorCode.InvalidRequest, ErrorDescription = "Parameter client_id is missing" }; var clientSecret = request.ClientSecret; if (string.IsNullOrWhiteSpace(clientSecret)) return new ValidationResult { ErrorCode = ErrorCode.InvalidRequest, ErrorDescription = "Parameter client_secret is missing" }; if (!request.IsFormEncoded()) return new ValidationResult { ErrorCode = ErrorCode.InvalidRequest, ErrorDescription = "Content-Type must be application/x-www-form-urlencoded" }; return new ValidationResult { Success = true }; }
public ValidationResult ValidateRequest(IOAuthRequest request) { _logger.Debug("Validating client credentials request"); if (request.Method != HttpMethod.Post) return new ValidationResult { ErrorCode = ErrorCode.InvalidRequest, ErrorDescription = "Http POST method is required" }; if (!request.IsFormEncoded()) return new ValidationResult { ErrorCode = ErrorCode.InvalidRequest, ErrorDescription = "Content-Type must be application/x-www-form-urlencoded" }; var grantType = request.GrantType; if (string.IsNullOrWhiteSpace(grantType)) return new ValidationResult { ErrorCode = ErrorCode.InvalidRequest, ErrorDescription = "Parameter grant_type is missing" }; if (grantType != GrantType.ClientCredentials) return new ValidationResult { ErrorCode = ErrorCode.InvalidGrant, ErrorDescription = "The specified grant_type is not supported" }; var clientId = request.ClientId; if (string.IsNullOrWhiteSpace(clientId)) return new ValidationResult { ErrorCode = ErrorCode.InvalidRequest, ErrorDescription = "Parameter client_id is missing" }; var clientSecret = request.ClientSecret; if (string.IsNullOrWhiteSpace(clientSecret)) return new ValidationResult { ErrorCode = ErrorCode.InvalidRequest, ErrorDescription = "Parameter client_secret is missing" }; return new ValidationResult { Success = true }; }
public static bool IsFormEncoded(this IOAuthRequest request) { // Content-Type may or may not include the character encoding (e.g. charset=UTF-8) var contentType = request.ContentType; return(!string.IsNullOrEmpty(contentType) && contentType.StartsWith(ContentType.FormEncoded, StringComparison.OrdinalIgnoreCase)); }
public static void ParseRequest(this IOAuthRequest oauthRequest, HttpRequestBase request, bool skipValidation) { oauthRequest.HttpMethod = request.HttpMethod; oauthRequest.Url = request.Url; // Launch requests pass parameters as form fields oauthRequest.Parameters.Add(skipValidation ? request.Unvalidated.Form : request.Form); }
public ValidationResult ValidateRequest(IOAuthRequest request) { _logger.Debug("Validating resource request"); if (string.IsNullOrWhiteSpace(request.AccessToken)) return new ValidationResult {Success = false}; return new ValidationResult {Success = true}; }
public Token Authorize(IOAuthRequest request) { _logger.Debug("Authorizing refresh token request"); if (request.ContentType != ContentType.FormEncoded) { throw new OAuthException(ErrorCode.InvalidRequest, "Invalid content type."); } //Make sure consumer is valid var consumer = _consumerRepository.GetByClientId(request.ClientId); if (consumer == null) { throw new OAuthException(ErrorCode.InvalidClient, "Client credentials are invalid"); } if (consumer.Secret != request.ClientSecret) { throw new OAuthException(ErrorCode.InvalidClient, "User credentials are invalid"); } var refreshToken = request.RefreshToken; if (string.IsNullOrWhiteSpace(refreshToken)) { throw new OAuthException(ErrorCode.InvalidRequest, "Refresh token is invalid"); } var tokenData = _issuer.DecodeRefreshToken(refreshToken); if (tokenData.ConsumerId != consumer.ConsumerId) { throw new OAuthException(ErrorCode.UnauthorizedClient, "Refresh token is invalid"); } if (!_resourceOwnerRepository.IsConsumerApproved(tokenData.ResourceOwnerId, tokenData.ConsumerId)) { throw new OAuthException(ErrorCode.UnauthorizedClient, "Unauthorized access"); } var newTokenData = new TokenData { ConsumerId = consumer.ConsumerId, ResourceOwnerId = tokenData.ResourceOwnerId, Timestamp = DateTimeOffset.UtcNow.DateTime.Ticks }; return(new Token { AccessToken = _issuer.GenerateAccessToken(newTokenData), ExpiresIn = _configuration.AccessTokenExpirationLength, RefreshToken = _issuer.GenerateRefreshToken(newTokenData) }); }
public Token Authorize(IOAuthRequest request) { _logger.Debug("Authorizing password token request"); if (request.ContentType != ContentType.FormEncoded) { throw new OAuthException(ErrorCode.InvalidRequest, "Invalid content type."); } //Make sure consumer is valid var consumer = _serviceLocator.ConsumerRepository.GetByClientId(request.ClientId); if (consumer == null) { throw new OAuthException(ErrorCode.InvalidClient, "Client credentials are invalid"); } if (consumer.Secret != request.ClientSecret) { throw new OAuthException(ErrorCode.InvalidClient, "User credentials are invalid"); } //Make sure resource owner is valid var resourceOwner = _serviceLocator.ResourceOwnerRepository.GetByUsername(consumer.ConsumerId, request.Username); if (resourceOwner == null) { throw new OAuthException(ErrorCode.InvalidClient, "User credentials are invalid"); } if (!_serviceLocator.PasswordHasher.CheckPassword(request.Password, resourceOwner.Password)) { throw new OAuthException(ErrorCode.InvalidClient, "User credentials are invalid"); } //Make sure consumer is approved by resource owner _serviceLocator.ResourceOwnerRepository.ApproveConsumer(resourceOwner.ResourceOwnerId, consumer.ConsumerId); var data = new TokenData { ConsumerId = consumer.ConsumerId, ResourceOwnerId = resourceOwner.ResourceOwnerId, Timestamp = DateTimeOffset.UtcNow.DateTime.Ticks }; return(new Token { AccessToken = _serviceLocator.Issuer.GenerateAccessToken(data), RefreshToken = _serviceLocator.Issuer.GenerateRefreshToken(data), ExpiresIn = _serviceLocator.Configuration.AccessTokenExpirationLength }); }
public ValidationResult ValidateRequest(IOAuthRequest request) { _logger.Debug("Validating resource request"); if (string.IsNullOrWhiteSpace(request.AccessToken)) { return new ValidationResult { Success = false } } ; return(new ValidationResult { Success = true }); } }
public Token Authorize(IOAuthRequest request) { _logger.Debug("Authorizing refresh token request"); if (request.ContentType != ContentType.FormEncoded) throw new OAuthException(ErrorCode.InvalidRequest, "Invalid content type."); //Make sure consumer is valid var consumer = _consumerRepository.GetByClientId(request.ClientId); if (consumer == null) throw new OAuthException(ErrorCode.InvalidClient, "Client credentials are invalid"); if (consumer.Secret != request.ClientSecret) throw new OAuthException(ErrorCode.InvalidClient, "User credentials are invalid"); var refreshToken = request.RefreshToken; if (string.IsNullOrWhiteSpace(refreshToken)) throw new OAuthException(ErrorCode.InvalidRequest, "Refresh token is invalid"); var tokenData = _issuer.DecodeRefreshToken(refreshToken); if (tokenData.ConsumerId != consumer.ConsumerId) throw new OAuthException(ErrorCode.UnauthorizedClient, "Refresh token is invalid"); if (!_resourceOwnerRepository.IsConsumerApproved(tokenData.ResourceOwnerId, tokenData.ConsumerId)) throw new OAuthException(ErrorCode.UnauthorizedClient, "Unauthorized access"); var newTokenData = new TokenData { ConsumerId = consumer.ConsumerId, ResourceOwnerId = tokenData.ResourceOwnerId, Timestamp = DateTimeOffset.UtcNow.DateTime.Ticks }; return new Token { AccessToken = _issuer.GenerateAccessToken(newTokenData), ExpiresIn = _configuration.AccessTokenExpirationLength, RefreshToken = _issuer.GenerateRefreshToken(newTokenData) }; }
public Token Authorize(IOAuthRequest request) { _logger.Debug("Authorizing password token request"); if (request.ContentType != ContentType.FormEncoded) throw new OAuthException(ErrorCode.InvalidRequest, "Invalid content type."); //Make sure consumer is valid var consumer = _serviceLocator.ConsumerRepository.GetByClientId(request.ClientId); if (consumer == null) throw new OAuthException(ErrorCode.InvalidClient, "Client credentials are invalid"); if (consumer.Secret != request.ClientSecret) throw new OAuthException(ErrorCode.InvalidClient, "User credentials are invalid"); //Make sure resource owner is valid var resourceOwner = _serviceLocator.ResourceOwnerRepository.GetByUsername(consumer.ConsumerId, request.Username); if (resourceOwner == null) throw new OAuthException(ErrorCode.InvalidClient, "User credentials are invalid"); if (!_serviceLocator.PasswordHasher.CheckPassword(request.Password, resourceOwner.Password)) throw new OAuthException(ErrorCode.InvalidClient, "User credentials are invalid"); //Make sure consumer is approved by resource owner _serviceLocator.ResourceOwnerRepository.ApproveConsumer(resourceOwner.ResourceOwnerId, consumer.ConsumerId); var data = new TokenData { ConsumerId = consumer.ConsumerId, ResourceOwnerId = resourceOwner.ResourceOwnerId, Timestamp = DateTimeOffset.UtcNow.DateTime.Ticks }; return new Token { AccessToken = _serviceLocator.Issuer.GenerateAccessToken(data), RefreshToken = _serviceLocator.Issuer.GenerateRefreshToken(data), ExpiresIn = _serviceLocator.Configuration.AccessTokenExpirationLength }; }
public Token Authorize(IOAuthRequest request) { _logger.Debug("Authorizing client credentials token request"); //Make sure consumer is valid var consumer = _serviceLocator.ConsumerRepository.GetByClientId(request.ClientId); if (consumer == null || !consumer.Secret.Equals(request.ClientSecret,StringComparison.OrdinalIgnoreCase)) throw new OAuthException(ErrorCode.InvalidClient, "Client credentials are invalid"); var data = new TokenData { ConsumerId = consumer.ConsumerId, Timestamp = DateTimeOffset.UtcNow.DateTime.Ticks }; return new Token { AccessToken = _serviceLocator.Issuer.GenerateAccessToken(data), RefreshToken = _serviceLocator.Issuer.GenerateRefreshToken(data), ExpiresIn = _serviceLocator.Configuration.AccessTokenExpirationLength }; }
public ValidationResult ValidateRequest(IOAuthRequest request) { _logger.Debug("Validating password request"); var grantType = request.GrantType; if (string.IsNullOrWhiteSpace(grantType)) { return new ValidationResult { ErrorCode = ErrorCode.InvalidRequest, ErrorDescription = "Parameter grant_type is missing" } } ; if (grantType != GrantType.Password) { return new ValidationResult { ErrorCode = ErrorCode.InvalidGrant, ErrorDescription = "The specified grant_type is not supported" } } ; var username = request.Username; if (string.IsNullOrWhiteSpace(username)) { return new ValidationResult { ErrorCode = ErrorCode.InvalidRequest, ErrorDescription = "Parameter username is missing" } } ; var password = request.Password; if (string.IsNullOrWhiteSpace(password)) { return new ValidationResult { ErrorCode = ErrorCode.InvalidRequest, ErrorDescription = "Parameter password is missing" } } ; var clientId = request.ClientId; if (string.IsNullOrWhiteSpace(clientId)) { return new ValidationResult { ErrorCode = ErrorCode.InvalidRequest, ErrorDescription = "Parameter client_id is missing" } } ; var clientSecret = request.ClientSecret; if (string.IsNullOrWhiteSpace(clientSecret)) { return new ValidationResult { ErrorCode = ErrorCode.InvalidRequest, ErrorDescription = "Parameter client_secret is missing" } } ; if (!request.IsFormEncoded()) { return new ValidationResult { ErrorCode = ErrorCode.InvalidRequest, ErrorDescription = "Content-Type must be application/x-www-form-urlencoded" } } ; return(new ValidationResult { Success = true }); } } }
public static void ParseRequest(this IOAuthRequest oauthRequest, HttpRequestBase request) { ParseRequest(oauthRequest, request, false); }
public ValidationResult ValidateRequest(IOAuthRequest request) { _logger.Debug("Validating client credentials request"); if (request.Method != HttpMethod.Post) { return new ValidationResult { ErrorCode = ErrorCode.InvalidRequest, ErrorDescription = "Http POST method is required" } } ; if (request.ContentType != ContentType.FormEncoded) { return new ValidationResult { ErrorCode = ErrorCode.InvalidRequest, ErrorDescription = "Content Type must be application/x-www-form-urlencoded" } } ; var grantType = request.GrantType; if (string.IsNullOrWhiteSpace(grantType)) { return new ValidationResult { ErrorCode = ErrorCode.InvalidRequest, ErrorDescription = "Parameter grant_type is missing" } } ; if (grantType != GrantType.ClientCredentials) { return new ValidationResult { ErrorCode = ErrorCode.InvalidGrant, ErrorDescription = "The specified grant_type is not supported" } } ; var clientId = request.ClientId; if (string.IsNullOrWhiteSpace(clientId)) { return new ValidationResult { ErrorCode = ErrorCode.InvalidRequest, ErrorDescription = "Parameter client_id is missing" } } ; var clientSecret = request.ClientSecret; if (string.IsNullOrWhiteSpace(clientSecret)) { return new ValidationResult { ErrorCode = ErrorCode.InvalidRequest, ErrorDescription = "Parameter client_secret is missing" } } ; return(new ValidationResult { Success = true }); } } }