void DenyRequestForAccess(string tokenString) { RequestToken requestToken = RequestTokenRepository.GetToken(tokenString); // fairly naieve approach to status codes, generally you would want to examine either the inner exception or the // problem report to determine an appropriate status code for your technology / architecture. requestToken.Verifier = UnguessableGenerator.GenerateUnguessable(); requestToken.AccessDenied = true; RequestTokenRepository.SaveToken(requestToken); }
void ApproveRequestForAccess(string tokenString) { RequestToken requestToken = RequestTokenRepository.GetToken(tokenString); var accessToken = new AccessToken { ConsumerKey = requestToken.ConsumerKey, Realm = requestToken.Realm, Token = Guid.NewGuid().ToString(), TokenSecret = Guid.NewGuid().ToString(), UserName = HttpContext.Current.User.Identity.Name, ExpireyDate = DateTime.Now.AddMinutes(1) }; AccessTokenRepository.SaveToken(accessToken); requestToken.AccessToken = accessToken; requestToken.Verifier = UnguessableGenerator.GenerateUnguessable(); RequestTokenRepository.SaveToken(requestToken); }