/// <summary> /// Requests an access token using a partially .initialized request message. /// </summary> /// <param name="request">The request message.</param> /// <param name="scopes">The scopes requested by the client.</param> /// <returns>The result of the request.</returns> private IAuthorizationState RequestAccessToken(ScopedAccessTokenRequest request, IEnumerable <string> scopes = null) { Requires.NotNull(request, "request"); var authorizationState = new AuthorizationState(scopes); request.ClientIdentifier = this.ClientIdentifier; this.ApplyClientCredential(request); request.Scope.UnionWith(authorizationState.Scope); var response = this.Channel.Request(request); var success = response as AccessTokenSuccessResponse; var failure = response as AccessTokenFailedResponse; ErrorUtilities.VerifyProtocol(success != null || failure != null, MessagingStrings.UnexpectedMessageReceivedOfMany); if (success != null) { authorizationState.Scope.Clear(); // clear the scope we requested so that the response will repopulate it. UpdateAuthorizationWithResponse(authorizationState, success); } else // failure { Logger.OAuth.Info("Credentials rejected by the Authorization Server."); authorizationState.Delete(); } return(authorizationState); }
/// <summary> /// Requests an access token using a partially .initialized request message. /// </summary> /// <param name="request">The request message.</param> /// <param name="scopes">The scopes requested by the client.</param> /// <param name="cancellationToken">The cancellation token.</param> /// <returns> /// The result of the request. /// </returns> private async Task <IAuthorizationState> RequestAccessTokenAsync(IDirectedProtocolMessage request, IEnumerable <string> scopes, CancellationToken cancellationToken) { Requires.NotNull(request, "request"); var authorizationState = new AuthorizationState(scopes); // Process client credential and scopes if supported by request message. var accessTokenRequest = request as IAccessTokenRequest; if (accessTokenRequest != null) { var authRequest = request as AuthenticatedClientRequestBase; if (authRequest != null) { authRequest.ClientIdentifier = this.ClientIdentifier; } this.ApplyClientCredential(accessTokenRequest); accessTokenRequest.Scope.UnionWith(authorizationState.Scope); } var response = await this.Channel.RequestAsync(request, cancellationToken); var success = response as AccessTokenSuccessResponse; var failure = response as AccessTokenFailedResponse; ErrorUtilities.VerifyProtocol(success != null || failure != null, MessagingStrings.UnexpectedMessageReceivedOfMany); if (success != null) { authorizationState.Scope.Clear(); // clear the scope we requested so that the response will repopulate it. UpdateAuthorizationWithResponse(authorizationState, success); } else { // failure Logger.OAuth.Info("Credentials rejected by the Authorization Server."); authorizationState.Delete(); } return(authorizationState); }
/// <summary> /// Requests an access token using a partially .initialized request message. /// </summary> /// <param name="request">The request message.</param> /// <param name="scopes">The scopes requested by the client.</param> /// <param name="cancellationToken">The cancellation token.</param> /// <returns> /// The result of the request. /// </returns> private async Task<IAuthorizationState> RequestAccessTokenAsync(ScopedAccessTokenRequest request, IEnumerable<string> scopes, CancellationToken cancellationToken) { Requires.NotNull(request, "request"); var authorizationState = new AuthorizationState(scopes); request.ClientIdentifier = this.ClientIdentifier; this.ApplyClientCredential(request); request.Scope.UnionWith(authorizationState.Scope); var response = await this.Channel.RequestAsync(request, cancellationToken); var success = response as AccessTokenSuccessResponse; var failure = response as AccessTokenFailedResponse; ErrorUtilities.VerifyProtocol(success != null || failure != null, MessagingStrings.UnexpectedMessageReceivedOfMany); if (success != null) { authorizationState.Scope.Clear(); // clear the scope we requested so that the response will repopulate it. UpdateAuthorizationWithResponse(authorizationState, success); } else { // failure Logger.OAuth.Info("Credentials rejected by the Authorization Server."); authorizationState.Delete(); } return authorizationState; }
/// <summary> /// Exchanges a resource owner's password credential for OAuth 2.0 refresh and access tokens. /// </summary> /// <param name="userName">The resource owner's username, as it is known by the authorization server.</param> /// <param name="password">The resource owner's account password.</param> /// <param name="scopes">The desired scope of access.</param> /// <returns>The result, containing the tokens if successful.</returns> public IAuthorizationState ExchangeUserCredentialForToken(string userName, string password, IEnumerable<string> scopes = null) { Requires.NotNullOrEmpty(userName, "userName"); Requires.NotNull(password, "password"); var authorizationState = new AuthorizationState(scopes); var request = new AccessTokenResourceOwnerPasswordCredentialsRequest(this.AuthorizationServer.TokenEndpoint, this.AuthorizationServer.Version) { ClientIdentifier = this.ClientIdentifier, ClientSecret = this.ClientSecret, UserName = userName, Password = password, }; var response = this.Channel.Request(request); var success = response as AccessTokenSuccessResponse; var failure = response as AccessTokenFailedResponse; ErrorUtilities.VerifyProtocol(success != null || failure != null, MessagingStrings.UnexpectedMessageReceivedOfMany); if (success != null) { UpdateAuthorizationWithResponse(authorizationState, success); } else { // failure Logger.OAuth.Info("Resource Owner credentials rejected by the Authorization Server."); authorizationState.Delete(); } return authorizationState; }
/// <summary> /// Requests an access token using a partially .initialized request message. /// </summary> /// <param name="request">The request message.</param> /// <param name="scopes">The scopes requested by the client.</param> /// <returns>The result of the request.</returns> private IAuthorizationState RequestAccessToken(ScopedAccessTokenRequest request, IEnumerable<string> scopes = null) { Requires.NotNull(request, "request"); var authorizationState = new AuthorizationState(scopes); request.ClientIdentifier = this.ClientIdentifier; request.ClientSecret = this.ClientSecret; request.Scope.UnionWith(authorizationState.Scope); var response = this.Channel.Request(request); var success = response as AccessTokenSuccessResponse; var failure = response as AccessTokenFailedResponse; ErrorUtilities.VerifyProtocol(success != null || failure != null, MessagingStrings.UnexpectedMessageReceivedOfMany); if (success != null) { UpdateAuthorizationWithResponse(authorizationState, success); } else { // failure Logger.OAuth.Info("Credentials rejected by the Authorization Server."); authorizationState.Delete(); } return authorizationState; }