protected void Page_Load(object sender, EventArgs e) { if (!IsPostBack) { this.pendingRequest = OAuthServiceProvider.AuthorizationServer.ReadAuthorizationRequest(); if (this.pendingRequest == null) { throw new HttpException((int)HttpStatusCode.BadRequest, "Missing authorization request."); } this.csrfCheck.Value = Code.SiteUtilities.SetCsrfCookie(); var requestingClient = Database.DataContext.Clients.First(c => c.ClientIdentifier == this.pendingRequest.ClientIdentifier); this.consumerNameLabel.Text = HttpUtility.HtmlEncode(requestingClient.Name); this.scopeLabel.Text = HttpUtility.HtmlEncode(OAuthUtilities.JoinScopes(this.pendingRequest.Scope)); // Consider auto-approving if safe to do so. if (((OAuthAuthorizationServer)OAuthServiceProvider.AuthorizationServer.AuthorizationServerServices).CanBeAutoApproved(this.pendingRequest)) { OAuthServiceProvider.AuthorizationServer.ApproveAuthorizationRequest(this.pendingRequest, HttpContext.Current.User.Identity.Name); } this.ViewState["AuthRequest"] = this.pendingRequest; } else { Code.SiteUtilities.VerifyCsrfCookie(this.csrfCheck.Value); this.pendingRequest = (EndUserAuthorizationRequest)this.ViewState["AuthRequest"]; } }
public bool TryAuthorizeResourceOwnerCredentialGrant(string userName, string password, IAccessTokenRequest accessRequest, out string canonicalUserName) { var user = MvcApplication.DataContext.Users.SingleOrDefault( u => u.Username == userName && u.Password == password); canonicalUserName = userName; if (user == null) { return(false); } #region add an authorization for this client // The authorization we file in our database lasts until the user explicitly revokes it. // You can cause the authorization to expire by setting the ExpirationDateUTC // property in the below created ClientAuthorization. var client = MvcApplication.DataContext.Clients.First(c => c.ClientIdentifier == accessRequest.ClientIdentifier); client.ClientAuthorizations.Add( new ClientAuthorization { Scope = OAuthUtilities.JoinScopes(accessRequest.Scope), User = MvcApplication.DataContext.Users.FirstOrDefault(u => u.Username == userName), CreatedOnUtc = DateTime.UtcNow, }); MvcApplication.DataContext.SaveChanges(); // submit now so that this new row can be retrieved later in this same HTTP request #endregion return(true); }
public ActionResult AuthorizeResponse(bool isApproved) { var pendingRequest = this.m_AuthorizationServer.ReadAuthorizationRequestAsync(Request, Response.ClientDisconnectedToken); if (pendingRequest == null) { throw new HttpException((int)HttpStatusCode.BadRequest, "Missing authorization request."); } IDirectedProtocolMessage response; if (isApproved) { var clientInfo = m_ClientRep.Get(s => s.ClientIdentifier == pendingRequest.ClientIdentifier); var user = AuthorizeHelper.GetCurrentUser(); var userInfo = m_UserRep.Get(s => s.OpenIDClaimedIdentifier == user.UserName); m_ClientAuthRep.Add(new ClientAuthorization() { Scope = OAuthUtilities.JoinScopes(pendingRequest.Scope), UserId = userInfo.UserId, CreatedOnUtc = DateTime.UtcNow, ClientId = clientInfo.ClientId }); response = this.m_AuthorizationServer.PrepareApproveAuthorizationRequest(pendingRequest, user.UserName); } else { response = this.m_AuthorizationServer.PrepareRejectAuthorizationRequest(pendingRequest); } var res = this.m_AuthorizationServer.Channel.PrepareResponseAsync(response, Response.ClientDisconnectedToken); Response.ContentType = res.Content.Headers.ContentType.ToString(); return(res.AsActionResult()); }
private static void Main() { // DotNetOpenAuth only issues access tokens when the client uses an HTTPS connection. As we will most // likely run the server on our local development machine with only a self-signed SSL certificate, setting up // connection to the server will fail as the SSL certificate is considered invalid by the .NET framework. // To circumvent this, we add the line below that will consider all SSL certificates as valid, including // self-signed certificaties. Note: this should only be used for testing purposes. ServicePointManager.ServerCertificateValidationCallback = (sender, certificate, chain, errors) => true; // The description of the authorization server to which we will be connecting. The most important component // is the token endpoint, which is the URL at which the server listens for token requests var authorizationServerDescription = new AuthorizationServerDescription { TokenEndpoint = new Uri("https://localhost:44303/tokens"), ProtocolVersion = ProtocolVersion.V20 }; // Create the client with which we will be connecting to the server. var userAgentClient = new UserAgentClient(authorizationServerDescription, clientIdentifier: "demo-client-1", clientSecret: "demo-client-secret-1"); // The scope that we request for the client. Note: this can also be null if we don't want to request any specific // scope or more than one scope if we want to request an access token that is valid for several scopes var clientScopes = new[] { "demo-scope-client-1" }; // Request a new client access token for the specified scopes (http://tools.ietf.org/html/draft-ietf-oauth-v2-31#section-4.4) // This method will use the client identifier and client secret used when constructing the UserAgentClient instance var clientAccessToken = userAgentClient.GetClientAccessToken(clientScopes); // Output some information about the retrieved client access token Console.WriteLine("[RETRIEVED CLIENT ACCESS TOKEN]"); Console.WriteLine("Access token: {0}", clientAccessToken.AccessToken); Console.WriteLine("Expiration time: {0}", clientAccessToken.AccessTokenExpirationUtc); Console.WriteLine("Scope: {0}", OAuthUtilities.JoinScopes(clientAccessToken.Scope)); // The scope that we request for the user. Note: this can also be null if we don't want to request any specific // scope or more than one scope if we want to request an access token that is valid for several scopes var userScopes = new[] { "demo-scope-1" }; // Request a new user access token for the specified user and the specified scopes (http://tools.ietf.org/html/draft-ietf-oauth-v2-31#page-35) var userAccessToken = userAgentClient.ExchangeUserCredentialForToken("demo-user-1", "demo-user-password-1", userScopes); // Output some information about the retrieved user access token Console.WriteLine("\n[RETRIEVED USER ACCESS TOKEN]"); Console.WriteLine("Access token: {0}", userAccessToken.AccessToken); Console.WriteLine("Refresh token: {0}", userAccessToken.RefreshToken); Console.WriteLine("Expiration time: {0}", userAccessToken.AccessTokenExpirationUtc); Console.WriteLine("Scope: {0}", OAuthUtilities.JoinScopes(userAccessToken.Scope)); var refreshed = userAgentClient.RefreshAuthorization(userAccessToken); Console.WriteLine("\n[REFRESHING USER ACCESS TOKEN]"); Console.WriteLine("Access token refreshed: {0}", refreshed); Console.WriteLine("\nPress any key to exit..."); Console.ReadKey(); }
protected void yesButton_Click(object sender, EventArgs e) { var requestingClient = Database.DataContext.Clients.First(c => c.ClientIdentifier == this.pendingRequest.ClientIdentifier); Database.LoggedInUser.ClientAuthorizations.Add( new ClientAuthorization { Client = requestingClient, Scope = OAuthUtilities.JoinScopes(this.pendingRequest.Scope), User = Database.LoggedInUser, CreatedOnUtc = DateTime.UtcNow.CutToSecond(), }); OAuthServiceProvider.AuthorizationServer.ApproveAuthorizationRequest(this.pendingRequest, HttpContext.Current.User.Identity.Name); }
protected void Page_Load(object sender, EventArgs e) { this.RegisterAsyncTask( new PageAsyncTask( async ct => { if (!IsPostBack) { this.pendingRequest = await OAuthServiceProvider.AuthorizationServer.ReadAuthorizationRequestAsync( new HttpRequestWrapper(Request), Response.ClientDisconnectedToken); if (this.pendingRequest == null) { throw new HttpException((int)HttpStatusCode.BadRequest, "Missing authorization request."); } this.csrfCheck.Value = Code.SiteUtilities.SetCsrfCookie(); var requestingClient = Database.DataContext.Clients.First(c => c.ClientIdentifier == this.pendingRequest.ClientIdentifier); this.consumerNameLabel.Text = HttpUtility.HtmlEncode(requestingClient.Name); this.scopeLabel.Text = HttpUtility.HtmlEncode(OAuthUtilities.JoinScopes(this.pendingRequest.Scope)); // Consider auto-approving if safe to do so. if ( ((OAuthAuthorizationServer)OAuthServiceProvider.AuthorizationServer.AuthorizationServerServices) .CanBeAutoApproved(this.pendingRequest)) { var response = OAuthServiceProvider.AuthorizationServer.PrepareApproveAuthorizationRequest( this.pendingRequest, HttpContext.Current.User.Identity.Name); var responseMessage = await OAuthServiceProvider.AuthorizationServer.Channel.PrepareResponseAsync( response, Response.ClientDisconnectedToken); await responseMessage.SendAsync(new HttpContextWrapper(this.Context), Response.ClientDisconnectedToken); this.Context.Response.End(); } this.ViewState["AuthRequest"] = this.pendingRequest; } else { Code.SiteUtilities.VerifyCsrfCookie(this.csrfCheck.Value); this.pendingRequest = (EndUserAuthorizationRequest)this.ViewState["AuthRequest"]; } })); }
public ActionResult AuthorizeResponse(bool isApproved) { var pendingRequest = this.authorizationServer.ReadAuthorizationRequest(); if (pendingRequest == null) { throw new HttpException((int)HttpStatusCode.BadRequest, "Missing authorization request."); } IDirectedProtocolMessage response; if (isApproved) { // The authorization we file in our database lasts until the user explicitly revokes it. // You can cause the authorization to expire by setting the ExpirationDateUTC // property in the below created ClientAuthorization. var client = MvcApplication.DataContext.Clients.First(c => c.ClientIdentifier == pendingRequest.ClientIdentifier); client.ClientAuthorizations.Add( new ClientAuthorization { Scope = OAuthUtilities.JoinScopes(pendingRequest.Scope), User = MvcApplication.LoggedInUser, CreatedOnUtc = DateTime.UtcNow, }); MvcApplication.DataContext.SubmitChanges(); // submit now so that this new row can be retrieved later in this same HTTP request // In this simple sample, the user either agrees to the entire scope requested by the client or none of it. // But in a real app, you could grant a reduced scope of access to the client by passing a scope parameter to this method. response = this.authorizationServer.PrepareApproveAuthorizationRequest(pendingRequest, User.Identity.Name); } else { response = this.authorizationServer.PrepareRejectAuthorizationRequest(pendingRequest); //var errorResponse = response as EndUserAuthorizationFailedResponse; //if (errorResponse != null) { // errorResponse.Error = "accesss_denied"; // see http://tools.ietf.org/id/draft-ietf-oauth-v2-31.html#rfc.section.4.1.2.1 for valid values // errorResponse.ErrorDescription = "The resource owner or authorization server denied the request"; //} } return(this.authorizationServer.Channel.PrepareResponse(response).AsActionResult()); }
public ActionResult AuthoriseResponse(bool isApproved) { var authorizationServer = new AuthorizationServer(new OAuth2AuthorizationServerHost()); var pendingRequest = authorizationServer.ReadAuthorizationRequest(); if (pendingRequest == null) { throw new HttpException((int)HttpStatusCode.BadRequest, "Missing authorization request."); } IDirectedProtocolMessage response; if (isApproved) { // The authorization we file in our database lasts until the user explicitly revokes it. // You can cause the authorization to expire by setting the ExpirationDateUTC // property in the below created ClientAuthorization. var service = ServiceFactory.GetOAuth2AuthService(); var client = service.GetOAuthClient(pendingRequest.ClientIdentifier); var user = service.GetOAuthUsers(HttpContext.User.Identity.Name); service.AddOAuthClientAuthor(new OAuthClientAuthor { UserID = user.ID, ClientID = client.ID, Scope = OAuthUtilities.JoinScopes(pendingRequest.Scope), ExpireUtc = DateTime.Now.AddDays(1), Time = DateTime.Now, }); // submit now so that this new row can be retrieved later in this same HTTP request // In this simple sample, the user either agrees to the entire scope requested by the client or none of it. // But in a real app, you could grant a reduced scope of access to the client by passing a scope parameter to this method. response = authorizationServer.PrepareApproveAuthorizationRequest(pendingRequest, User.Identity.Name); } else { response = authorizationServer.PrepareRejectAuthorizationRequest(pendingRequest); } return(authorizationServer.Channel.PrepareResponse(response).AsActionResultMvc5()); }
public ActionResult AuthoriseResponse(bool isApproved) { using (OAuth2AuthorizationServer server = (new OAuth2AuthorizationServer(new X509Certificate2(ConfigurationManager.AppSettings["AbsolutePathToPfx"], ConfigurationManager.AppSettings["CertificatePassword"]), new X509Certificate2(ConfigurationManager.AppSettings["AbsolutePathToCertificate"])))) { AuthorizationServer authorizationServer = new AuthorizationServer(server); var pendingRequest = authorizationServer.ReadAuthorizationRequest(); if (pendingRequest == null) { throw new HttpException((int)HttpStatusCode.BadRequest, "Missing authorization request."); } IDirectedProtocolMessage response; if (isApproved) { // The authorization we file in our database lasts until the user explicitly revokes it. // You can cause the authorization to expire by setting the ExpirationDateUTC // property in the below created ClientAuthorization. var client = MvcApplication.DataContext.Clients.First(c => c.ClientIdentifier == pendingRequest.ClientIdentifier); client.ClientAuthorizations.Add( new ClientAuthorization { Scope = OAuthUtilities.JoinScopes(pendingRequest.Scope), User = MvcApplication.DataContext.Users.FirstOrDefault(u => u.Username == System.Web.HttpContext.Current.User.Identity.Name), CreatedOnUtc = DateTime.UtcNow, }); MvcApplication.DataContext.SaveChanges(); // submit now so that this new row can be retrieved later in this same HTTP request // In this simple sample, the user either agrees to the entire scope requested by the client or none of it. // But in a real app, you could grant a reduced scope of access to the client by passing a scope parameter to this method. response = authorizationServer.PrepareApproveAuthorizationRequest(pendingRequest, User.Identity.Name); } else { response = authorizationServer.PrepareRejectAuthorizationRequest(pendingRequest); } return(authorizationServer.Channel.PrepareResponse(response).AsActionResult()); } }
protected void btnYes_Click(object sender, EventArgs e) { if (m_pendingRequest == null) { throw new HttpException((int)HttpStatusCode.BadRequest, Resources.LocalizedText.oAuthErrMissingRequest); } MFBOauthClientAuth ca = new MFBOauthClientAuth { Scope = OAuthUtilities.JoinScopes(m_pendingRequest.Scope), ClientId = m_pendingRequest.ClientIdentifier, UserId = Page.User.Identity.Name, ExpirationDateUtc = DateTime.UtcNow.AddDays(14) }; if (ca.fCommit()) { EndUserAuthorizationSuccessResponseBase resp = authorizationServer.PrepareApproveAuthorizationRequest(m_pendingRequest, Page.User.Identity.Name); OutgoingWebResponse wr = authorizationServer.Channel.PrepareResponse(resp); wr.Send(); } else { RejectWithError(Resources.LocalizedText.oAuthErrCreationFailed); } }
public async Task <ActionResult> AuthorizeResponse(bool isApproved) { var pendingRequest = await this.authorizationServer.ReadAuthorizationRequestAsync(Request, Response.ClientDisconnectedToken); if (pendingRequest == null) { throw new HttpException((int)HttpStatusCode.BadRequest, "Missing authorization request."); } IDirectedProtocolMessage response; if (isApproved) { // The authorization we file in our database lasts until the user explicitly revokes it. // You can cause the authorization to expire by setting the ExpirationDateUTC // property in the below created ClientAuthorization. var client = MvcApplication.DataContext.Clients.First(c => c.ClientIdentifier == pendingRequest.ClientIdentifier); client.ClientAuthorizations.Add( new ClientAuthorization { Scope = OAuthUtilities.JoinScopes(pendingRequest.Scope), User = MvcApplication.LoggedInUser, CreatedOnUtc = DateTime.UtcNow, }); MvcApplication.DataContext.SubmitChanges(); // submit now so that this new row can be retrieved later in this same HTTP request // In this simple sample, the user either agrees to the entire scope requested by the client or none of it. // But in a real app, you could grant a reduced scope of access to the client by passing a scope parameter to this method. response = this.authorizationServer.PrepareApproveAuthorizationRequest(pendingRequest, User.Identity.Name); } else { response = this.authorizationServer.PrepareRejectAuthorizationRequest(pendingRequest); } var preparedResponse = await this.authorizationServer.Channel.PrepareResponseAsync(response, Response.ClientDisconnectedToken); Response.ContentType = preparedResponse.Content.Headers.ContentType.ToString(); return(preparedResponse.AsActionResult()); }
protected void yesButton_Click(object sender, EventArgs e) { this.RegisterAsyncTask( new PageAsyncTask( async ct => { var requestingClient = Database.DataContext.Clients.First(c => c.ClientIdentifier == this.pendingRequest.ClientIdentifier); Database.LoggedInUser.ClientAuthorizations.Add( new ClientAuthorization { Client = requestingClient, Scope = OAuthUtilities.JoinScopes(this.pendingRequest.Scope), User = Database.LoggedInUser, CreatedOnUtc = DateTime.UtcNow.CutToSecond(), }); var response = OAuthServiceProvider.AuthorizationServer.PrepareApproveAuthorizationRequest( this.pendingRequest, HttpContext.Current.User.Identity.Name); var responseMessage = await OAuthServiceProvider.AuthorizationServer.Channel.PrepareResponseAsync(response, Response.ClientDisconnectedToken); await responseMessage.SendAsync(new HttpContextWrapper(this.Context), Response.ClientDisconnectedToken); this.Context.Response.End(); })); }
public ActionResult ProcessAuthorization(bool isApproved) { // Have DotNetOpenAuth read the info we need out of the request EndUserAuthorizationRequest pendingRequest = _authorizationServer.ReadAuthorizationRequest(); if (pendingRequest == null) { throw new HttpException(Convert.ToInt32(HttpStatusCode.BadRequest), "Missing authorization request."); } // Make sure the client is one we recognize Client requestingClient = _clientRepository.GetById(pendingRequest.ClientIdentifier); if (requestingClient == null) { throw new HttpException(Convert.ToInt32(HttpStatusCode.BadRequest), "Invalid request"); } // Make sure the resource is defined, it definitely should be due to the ResourceAuthenticated attribute Resource requestedResource = _resourceRepository.FindWithSupportedScopes(pendingRequest.Scope); if (requestedResource == null) { throw new HttpException(Convert.ToInt32(HttpStatusCode.BadRequest), "Invalid request"); } // See if authorization of this client was approved by the user // At this point, the user either agrees to the entire scope requested by the client or none of it. // If we gave capability for user to reduce scope to give client less access, some changes would be required here IDirectedProtocolMessage authRequest; if (isApproved) { // Add user to our repository if this is their first time var requestingUser = _userRepository.GetById(User.Identity.Name); if (requestingUser == null) { requestingUser = new User { Id = User.Identity.Name, CreateDateUtc = DateTime.UtcNow }; _userRepository.Insert(requestingUser); _userRepository.Save(); } // The authorization we file in our database lasts until the user explicitly revokes it. // You can cause the authorization to expire by setting the ExpirationDateUTC // property in the below created ClientAuthorization. _authorizationRepository.Insert(new Authorization { ClientId = requestingClient.Id, Scope = OAuthUtilities.JoinScopes(pendingRequest.Scope), UserId = requestingUser.Id, ResourceId = requestedResource.Id, CreatedOnUtc = DateTime.UtcNow }); _authorizationRepository.Save(); // Have DotNetOpenAuth generate an approval to send back to the client authRequest = _authorizationServer.PrepareApproveAuthorizationRequest(pendingRequest, User.Identity.Name); } else { // Have DotNetOpenAuth generate a rejection to send back to the client authRequest = _authorizationServer.PrepareRejectAuthorizationRequest(pendingRequest); // The PrepareResponse call below is giving an error of "The following required parameters were missing from the DotNetOpenAuth.OAuth2.Messages.EndUserAuthorizationFailedResponse message: error" // unless I do this..... var msg = (EndUserAuthorizationFailedResponse)authRequest; msg.Error = "User denied your request"; } // This will redirect to the client app using their defined callback, so they can handle // the approval or rejection as they see fit return(_authorizationServer.Channel.PrepareResponse(authRequest).AsActionResult()); }
/// <summary> /// Create a authorise token from the request. Returns the bdy html result. /// </summary> /// <param name="httpRequest">The current http request.</param> /// <param name="rawUri">A System.Uri object containing information regarding the URL of the current request.</param> /// <param name="queryString">The collection of HTTP query string variables.</param> /// <param name="form">The collection of form variables.</param> /// <param name="headers">The collection of HTTP headers.</param> /// <param name="cookies">The collection of cookies sent by the client.</param> /// <param name="returnType">The type of response to return.</param> /// <param name="responseHeaders">The response headers for the request.</param> /// <param name="isApprovedByUser">Has the user approved the client to access the resources.</param> /// <returns>The formatted redirect url; else null.</returns> private object CreateAuthorise(HttpRequestBase httpRequest, Uri rawUri, NameValueCollection queryString, NameValueCollection form, NameValueCollection headers, HttpCookieCollection cookies, int returnType, out System.Net.WebHeaderCollection responseHeaders, bool isApprovedByUser) { IDirectedProtocolMessage response = null; OutgoingWebResponse webResponse = null; string clientID = null; string nonce = null; string codeKey = null; try { // Make sure that all the passed parameters are valid. if (httpRequest == null) { throw new ArgumentNullException("httpRequest"); } if (rawUri == null) { throw new ArgumentNullException("rawUri"); } if (queryString == null) { throw new ArgumentNullException("queryString"); } if (form == null) { throw new ArgumentNullException("form"); } if (headers == null) { throw new ArgumentNullException("headers"); } if (cookies == null) { throw new ArgumentNullException("cookies"); } // Read the request make sure it is valid. EndUserAuthorizationRequest pendingRequest = _authorizationServer.ReadAuthorizationRequest(httpRequest); if (pendingRequest == null) { throw new Exception("Missing authorization request."); } // Only process if the user has approved the request. if (isApprovedByUser) { // Make sure all maditor parameters are present. _oAuthAuthorizationServer.ValidateAuthoriseRequestParametersAbsent(queryString); if (_oAuthAuthorizationServer.ParametersAbsent.Count() > 0) { throw new Exception("Some authorisation request parameters are missing."); } // Assign each query string parameter. clientID = pendingRequest.ClientIdentifier; string callback = pendingRequest.Callback.ToString(); string state = pendingRequest.ClientState; string scope = OAuthUtilities.JoinScopes(pendingRequest.Scope); string responseType = (pendingRequest.ResponseType == EndUserAuthorizationResponseType.AccessToken ? "token" : "code"); string companyUniqueUserID = queryString["com_unique_uid"]; // Set the crytography key store values. _authorizationServer.AuthorizationServerServices.CryptoKeyStore.ExpiryDateTime = DateTime.UtcNow.AddYears(1); _authorizationServer.AuthorizationServerServices.CryptoKeyStore.ClientIndetifier = clientID; _authorizationServer.AuthorizationServerServices.CryptoKeyStore.GetCodeKey = false; // Create a new nonce and store it in the nonce store. nonce = _nonceStore.GenerateNonce(); _nonceStore.StoreNonce(DateTime.UtcNow, nonce, clientID); // Create the access token from the stores, and create a new verification code. string verifier = _consumerStore.SetVerificationCode(clientID, nonce, companyUniqueUserID, scope); EndUserAuthorizationSuccessAccessTokenResponse successAccessTokenResponse = null; // Prepare the request. pass the nonce and join the userID and nonce of // the user that approved the resource access request. response = _authorizationServer.PrepareApproveAuthorizationRequest( pendingRequest, companyUniqueUserID + "_" + nonce, nonce, out successAccessTokenResponse); // Prepare the authorisation response. webResponse = _authorizationServer.Channel.PrepareResponse(response); // Create the query collection of the code request // and extract the code value that is to be sent // the the client. NameValueCollection queryResponseString = new NameValueCollection(); Uri uriRequest = webResponse.GetDirectUriRequest(_authorizationServer.Channel); // For each query item. string[] queries = uriRequest.Query.Split(new char[] { '&' }); foreach (string query in queries) { // Add the query name and value to the collection. string[] queriesNameValue = query.Split(new char[] { '=' }); queryResponseString.Add(queriesNameValue[0].TrimStart(new char[] { '?' }), queriesNameValue[1]); } // What type of response is to be handled. switch (pendingRequest.ResponseType) { case EndUserAuthorizationResponseType.AuthorizationCode: // The user has requested a code, this is // used so the client can get a token later. // If the code response type exits. if (queryResponseString["code"] != null) { codeKey = HttpUtility.UrlDecode(queryResponseString["code"]); } // Insert the code key (code or token); if (!String.IsNullOrEmpty(codeKey)) { _tokenStore.StoreCodeKey(clientID, nonce, codeKey); } break; case EndUserAuthorizationResponseType.AccessToken: // This is used so the client is approved and a token is sent back. // Update the access token. if (successAccessTokenResponse != null) { if (!String.IsNullOrEmpty(successAccessTokenResponse.AccessToken)) { _tokenStore.UpdateAccessToken(successAccessTokenResponse.AccessToken, nonce); } } break; } } else { // Send an error response. response = _authorizationServer.PrepareRejectAuthorizationRequest(pendingRequest); } // What type should be returned. switch (returnType) { case 0: // A URI request redirect only. responseHeaders = webResponse.Headers; return(webResponse.GetDirectUriRequest(_authorizationServer.Channel)); case 1: // The complete html body. responseHeaders = webResponse.Headers; return(webResponse.Body); default: // Default is the complete html body. responseHeaders = webResponse.Headers; return(webResponse.Body); } } catch (Exception ex) { // Get the current token errors. responseHeaders = null; _tokenError = ex.Message; return(null); } }
protected override string Serialize() { DateTime?expirationDateUtc = null; if (this.Lifetime.HasValue) { DateTime expirationDate = this.UtcIssued + this.Lifetime.Value; expirationDateUtc = expirationDate.ToLocalTime(); } var token = this.SaveClientAuthorization(this.ClientIdentifier, this.User, OAuthUtilities.JoinScopes(this.Scope), expirationDateUtc); return(token); }