public void StoreOpenIdAuthorizedRequestToken(string consumerKey, AuthorizationApprovedResponse authorization) { this.requestTokens[authorization.RequestToken] = new InMemoryServiceProviderRequestToken { Token = authorization.RequestToken, Scope = authorization.Scope, ConsumerVersion = authorization.Version, }; }
/// <summary> /// Stores a new request token obtained over an OpenID request. /// </summary> /// <param name="consumerKey">The consumer key.</param> /// <param name="authorization">The authorization message carrying the request token and authorized access scope.</param> /// <remarks> /// <para>The token secret is the empty string.</para> /// <para>Tokens stored by this method should be short-lived to mitigate /// possible security threats. Their lifetime should be sufficient for the /// relying party to receive the positive authentication assertion and immediately /// send a follow-up request for the access token.</para> /// </remarks> public void StoreOpenIdAuthorizedRequestToken(string consumerKey, AuthorizationApprovedResponse authorization) { using (var db = new DbManager(_dbId)) { db.ExecuteNonQuery(new SqlInsert(TOKEN_TABLE, true).InColumnValue("token", authorization.RequestToken).InColumnValue("token_secret", String.Empty)); } }
/// <summary> /// Stores a new request token obtained over an OpenID request. /// </summary> /// <param name="consumerKey">The consumer key.</param> /// <param name="authorization">The authorization message carrying the request token and authorized access scope.</param> /// <remarks> /// <para>The token secret is the empty string.</para> /// <para>Tokens stored by this method should be short-lived to mitigate /// possible security threats. Their lifetime should be sufficient for the /// relying party to receive the positive authentication assertion and immediately /// send a follow-up request for the access token.</para> /// </remarks> public void StoreOpenIdAuthorizedRequestToken(string consumerKey, AuthorizationApprovedResponse authorization) { log.Info("Storing openId auth request token " + authorization.RequestToken); this.tokensAndSecrets[authorization.RequestToken] = string.Empty; }
/// <summary> /// Stores a new request token obtained over an OpenID request. /// </summary> /// <param name="consumerKey">The consumer key.</param> /// <param name="authorization">The authorization message carrying the request token and authorized access scope.</param> /// <remarks> /// <para>The token secret is the empty string.</para> /// <para>Tokens stored by this method should be short-lived to mitigate /// possible security threats. Their lifetime should be sufficient for the /// relying party to receive the positive authentication assertion and immediately /// send a follow-up request for the access token.</para> /// </remarks> public void StoreOpenIdAuthorizedRequestToken(string consumerKey, AuthorizationApprovedResponse authorization) { this.tokensAndSecrets[authorization.RequestToken] = String.Empty; }
public void StoreOpenIdAuthorizedRequestToken(string consumerKey, AuthorizationApprovedResponse authorization) { throw new NotImplementedException(); }
public void AttachAuthorizationResponse(IHostProcessedRequest openIdAuthenticationRequest, string scope) { Requires.NotNull(openIdAuthenticationRequest, "openIdAuthenticationRequest"); RequiresEx.ValidState(this.TokenManager is ICombinedOpenIdProviderTokenManager); var openidTokenManager = this.TokenManager as ICombinedOpenIdProviderTokenManager; IOpenIdMessageExtension response; if (scope != null) { // Generate an authorized request token to return to the relying party. string consumerKey = openidTokenManager.GetConsumerKey(openIdAuthenticationRequest.Realm); var approvedResponse = new AuthorizationApprovedResponse { RequestToken = this.TokenGenerator.GenerateRequestToken(consumerKey), Scope = scope, }; openidTokenManager.StoreOpenIdAuthorizedRequestToken(consumerKey, approvedResponse); response = approvedResponse; } else { response = new AuthorizationDeclinedResponse(); } openIdAuthenticationRequest.AddResponseExtension(response); }
public void AttachAuthorizationResponse(IHostProcessedRequest openIdAuthenticationRequest, string scope) { Contract.Requires(openIdAuthenticationRequest != null); Contract.Requires(this.TokenManager is IOpenIdOAuthTokenManager); ErrorUtilities.VerifyArgumentNotNull(openIdAuthenticationRequest, "openIdAuthenticationRequest"); var openidTokenManager = this.TokenManager as ICombinedOpenIdProviderTokenManager; ErrorUtilities.VerifyOperation(openidTokenManager != null, OAuthStrings.OpenIdOAuthExtensionRequiresSpecialTokenManagerInterface, typeof(ICombinedOpenIdProviderTokenManager).FullName); IOpenIdMessageExtension response; if (scope != null) { // Generate an authorized request token to return to the relying party. string consumerKey = openidTokenManager.GetConsumerKey(openIdAuthenticationRequest.Realm); var approvedResponse = new AuthorizationApprovedResponse { RequestToken = this.TokenGenerator.GenerateRequestToken(consumerKey), Scope = scope, }; openidTokenManager.StoreOpenIdAuthorizedRequestToken(consumerKey, approvedResponse); response = approvedResponse; } else { response = new AuthorizationDeclinedResponse(); } openIdAuthenticationRequest.AddResponseExtension(response); }