public bool InsertAuthorizationCode(Server.DataModel.AuthorizationCode Token) { const string tokenSQL = "INSERT INTO AuthorizationCode(authorization_code, client_id, resource_owner_id, redirect_uri, issue_time, scope) VALUES(@authorization_code, @client_id, @resource_owner_id, @redirect_uri, @issue_time, @scope);"; const string scopeSQL = "INSERT INTO AuthorizationCode_Scope(authorization_code, scope_name) VALUES(@authorization_code, @scope_name);"; using (IDbConnection db = DBFactory.Open()) { using (IDbTransaction trans = db.BeginTransaction()) { int res = db.Execute(tokenSQL, Token, trans); if (res != 1) { trans.Rollback(); return(false); } if (!string.IsNullOrWhiteSpace(Token.scope)) { foreach (string scope in Token.scope.Split(new char[] { ' ', ',', ';' }, StringSplitOptions.RemoveEmptyEntries)) { if (db.Execute(scopeSQL, new { authorization_code = Token.authorization_code, scope_name = scope }, trans) != 1) { trans.Rollback(); return(false); } } } trans.Commit(); return(true); } } }
public Server.DataModel.AuthorizationCode InsertAuthorizationCode(string AuthorizationCode, string ClientID, string ResourceOwnerID, long IssueTime, string Scope = "", string RedirectURI = null) { Server.DataModel.AuthorizationCode code = new Server.DataModel.AuthorizationCode() { authorization_code = AuthorizationCode, client_id = ClientID, resource_owner_id = ResourceOwnerID, issue_time = IssueTime, redirect_uri = RedirectURI, scope = Scope, }; if (InsertAuthorizationCode(code)) { return(code); } return(null); }
public T Exchange <T>(DataModels.ITokenRequest Request, DataModels.Client Client) where T : DataModels.Token, new() { Server.DataModel.AuthorizationCode code = AuthorizationCodeModel.GetAuthorizationCode(Request.code, Client.id, Request.redirect_uri != null ? Request.redirect_uri.ToString() : null); if (code == null) { throw new DataModels.TokenRequestError(DataModels.ErrorCodes.invalid_request, "Invalid token"); } DataModels.Approval Approval = ApprovalModel.GetApproval(Client.id, code.resource_owner_id); if (!AuthorizationCodeModel.DeleteAuthorizationCode(code.authorization_code, code.client_id, code.redirect_uri)) { throw new DataModels.TokenRequestError(DataModels.ErrorCodes.access_denied, "Code already used"); } return(TokenModel.InsertToken <T>( Extension.TokenHelper.CreateAccessToken(), DataModels.TokenTypes.bearer, 3600, DateTime.Now.GetTotalSeconds(), Client.id, Approval.scope, Approval.resource_owner_id, Approval.refresh_token)); }
public Server.DataModel.AuthorizationCode Authorize(DataModels.ITokenRequest Request, DataModels.Approval Approval, DataModels.Client Client, DataModels.ResourceOwner Owner) { Server.DataModel.AuthorizationCode code = AuthorizationCodeModel.InsertAuthorizationCode( Extension.TokenHelper.CreateAccessToken(), Client, Owner, DateTime.Now.GetTotalSeconds(), Approval.scope, Request.redirect_uri); if (code == null) { throw new DataModels.TokenRequestError(DataModels.ErrorCodes.server_error, "Error storing access code"); } if (string.IsNullOrWhiteSpace(Approval.refresh_token)) { Approval.refresh_token = Extension.TokenHelper.CreateAccessToken(); if (!ApprovalModel.AddOrUpdateApproval(Approval)) { AuthorizationCodeModel.DeleteAuthorizationCode(code.authorization_code, code.client_id, code.redirect_uri); throw new DataModels.TokenRequestError(DataModels.ErrorCodes.server_error, "Error updating approval"); } } return(code); }