public AuthResult Authenticate(AuthRequest authRequest)
{
OAuthRequestContext context = new OAuthRequestContext();
IHttpContext httpContext = HttpContextWrapper.Wrap(authRequest.Context);
try {
ParseParameters(httpContext, context);
SetConsumer(context);
SetAccessToken(context);
context.IsOAuthRequest = true;
} catch (OAuthRequestException ex) {
// The request may not be an OAuth request so don't pass the exception to the consumer
context.AddError(ex);
context.IsOAuthRequest = false;
AuthResult error = new AuthResult(false, ex.Code, ex.Message);
CopyParameters(context.ResponseParameters, error.OutputData);
return(error);
}
try {
SetSignProvider(context);
SetRequestId(context);
SetSignature(httpContext, context);
} catch (OAuthRequestException ex) {
context.AddError(ex);
AuthResult error = new AuthResult(false, ex.Code, ex.Message);
CopyParameters(context.ResponseParameters, error.OutputData);
return(error);
}
UpdateAccessToken(httpContext, context);
bool canAccess;
try {
canAccess = VerifyAccess(authRequest.PathName, httpContext, context);
} catch (AuthenticationException ex) {
AuthResult error = new AuthResult(false, ex.Code, ex.Message);
CopyParameters(context.ResponseParameters, error.OutputData);
return(error);
}
AuthResult result = new AuthResult(canAccess);
CopyParameters(context.ResponseParameters, result.OutputData);
return(result);
}
public AuthResult Authenticate(AuthRequest authRequest)
{
OAuthRequestContext context = new OAuthRequestContext();
IHttpContext httpContext = HttpContextWrapper.Wrap(authRequest.Context);
try {
ParseParameters(httpContext, context);
SetConsumer(context);
SetAccessToken(context);
context.IsOAuthRequest = true;
} catch (OAuthRequestException ex) {
// The request may not be an OAuth request so don't pass the exception to the consumer
context.AddError(ex);
context.IsOAuthRequest = false;
AuthResult error = new AuthResult(false, ex.Code, ex.Message);
CopyParameters(context.ResponseParameters, error.OutputData);
return error;
}
try {
SetSignProvider(context);
SetRequestId(context);
SetSignature(httpContext, context);
} catch (OAuthRequestException ex) {
context.AddError(ex);
AuthResult error = new AuthResult(false, ex.Code, ex.Message);
CopyParameters(context.ResponseParameters, error.OutputData);
return error;
}
UpdateAccessToken(httpContext, context);
bool canAccess;
try {
canAccess = VerifyAccess(authRequest.PathName, httpContext, context);
} catch (AuthenticationException ex) {
AuthResult error = new AuthResult(false, ex.Code, ex.Message);
CopyParameters(context.ResponseParameters, error.OutputData);
return error;
}
AuthResult result = new AuthResult(canAccess);
CopyParameters(context.ResponseParameters, result.OutputData);
return result;
}
public TokenIssueResult ProcessIssueRequest(IHttpContext context)
{
OAuthRequestContext authContext = new OAuthRequestContext();
// Check request parameters
try {
// TODO: Should we ensure the realm parameter, if present, matches the configured realm?
ParseParameters(context, authContext);
SetSignProvider(authContext);
SetConsumer(authContext);
SetRequestId(authContext);
SetRequestToken(authContext);
SetSignature(context, authContext);
CheckVerifier(authContext);
} catch (OAuthRequestException ex) {
authContext.AddError(ex);
TokenIssueResult error = new TokenIssueResult(false, ex.Message, ex.Problem);
error.Parameters.Add(authContext.ResponseParameters);
return(error);
}
// Allow the application to decide whether to issue the access token
bool isRequestAllowed = AllowRequest(context, authContext);
if (isRequestAllowed)
{
// Allow the application to add additional response parameters
AddApplicationResponseParameters(authContext, GetAdditionalResponseParameters(context, authContext));
// Issue the token
IssueToken(context, authContext);
TokenIssueResult result = new TokenIssueResult(true);
result.Parameters.Add(authContext.ResponseParameters);
return(result);
}
else
{
TokenIssueResult error = new TokenIssueResult(false);
error.Parameters.Add(authContext.ResponseParameters);
return(error);
}
}
public TokenIssueResult ProcessIssueRequest(IHttpContext context)
{
OAuthRequestContext authContext = new OAuthRequestContext();
// Check request parameters
try {
// TODO: Should we ensure the realm parameter, if present, matches the configured realm?
ParseParameters(context, authContext);
SetSignProvider(authContext);
SetConsumer(authContext);
SetRequestId(authContext);
SetRequestToken(authContext);
SetSignature(context, authContext);
CheckVerifier(authContext);
} catch (OAuthRequestException ex) {
authContext.AddError(ex);
TokenIssueResult error = new TokenIssueResult(false, ex.Message, ex.Problem);
error.Parameters.Add(authContext.ResponseParameters);
return error;
}
// Allow the application to decide whether to issue the access token
bool isRequestAllowed = AllowRequest(context, authContext);
if (isRequestAllowed) {
// Allow the application to add additional response parameters
AddApplicationResponseParameters(authContext, GetAdditionalResponseParameters(context, authContext));
// Issue the token
IssueToken(context, authContext);
TokenIssueResult result = new TokenIssueResult(true);
result.Parameters.Add(authContext.ResponseParameters);
return result;
} else {
TokenIssueResult error = new TokenIssueResult(false);
error.Parameters.Add(authContext.ResponseParameters);
return error;
}
}