public ActionResult Authorize(bool isApproved) {
if (isApproved) {
var consumer = OAuthServiceProvider.PendingAuthorizationConsumer;
var tokenManager = OAuthServiceProvider.ServiceProvider.TokenManager;
var pendingRequest = OAuthServiceProvider.PendingAuthorizationRequest;
ITokenContainingMessage requestTokenMessage = pendingRequest;
var requestToken = tokenManager.GetRequestToken(requestTokenMessage.Token);
var response = OAuthServiceProvider.AuthorizePendingRequestTokenAsWebResponse();
if (response != null) {
// The consumer provided a callback URL that can take care of everything else.
return response.AsActionResult();
}
var model = new AccountAuthorizeModel {
ConsumerApp = consumer.Name,
};
if (!pendingRequest.IsUnsafeRequest) {
model.VerificationCode = ServiceProvider.CreateVerificationCode(consumer.VerificationCodeFormat, consumer.VerificationCodeLength);
requestToken.VerificationCode = model.VerificationCode;
tokenManager.UpdateToken(requestToken);
}
return View("AuthorizeApproved", model);
} else {
OAuthServiceProvider.PendingAuthorizationRequest = null;
return View("AuthorizeDenied");
}
}
public ActionResult Authorize() {
if (OAuthServiceProvider.PendingAuthorizationRequest == null) {
return RedirectToAction("Edit");
}
var model = new AccountAuthorizeModel {
ConsumerApp = OAuthServiceProvider.PendingAuthorizationConsumer.Name,
IsUnsafeRequest = OAuthServiceProvider.PendingAuthorizationRequest.IsUnsafeRequest,
};
return View(model);
}
public ActionResult Authorize() {
var pendingRequest = OAuthServiceProvider.AuthorizationServer.ReadAuthorizationRequest();
if (pendingRequest == null) {
throw new HttpException((int)HttpStatusCode.BadRequest, "Missing authorization request.");
}
var requestingClient = Database.DataContext.Clients.First(c => c.ClientIdentifier == pendingRequest.ClientIdentifier);
// Consider auto-approving if safe to do so.
if (((OAuthAuthorizationServer)OAuthServiceProvider.AuthorizationServer.AuthorizationServerServices).CanBeAutoApproved(pendingRequest)) {
var approval = OAuthServiceProvider.AuthorizationServer.PrepareApproveAuthorizationRequest(pendingRequest, HttpContext.User.Identity.Name);
return OAuthServiceProvider.AuthorizationServer.Channel.PrepareResponse(approval).AsActionResult();
}
var model = new AccountAuthorizeModel {
ClientApp = requestingClient.Name,
Scope = pendingRequest.Scope,
AuthorizationRequest = pendingRequest,
};
return View(model);
}