Пример #1
0
        protected override bool OnBeforeAction(IEngineContext context, IController controller,
                                               IControllerContext controllerContext)
        {
            var authService = context.Services.GetService<IOAuthService>();

            AccessOutcome outcome = authService.AccessProtectedResource(context.Request);

            _threadOutcome = outcome;

            if (!outcome.Granted)
            {
                controllerContext.PropertyBag["outcome"] = outcome;
                throw Error.AccessDeniedToProtectedResource(outcome);
            }

            return true;
        }
Пример #2
0
        public AccessOutcome VerifyProtectedResourceRequest(OAuthContext context)
        {
            var outcome = new AccessOutcome {
                Context = context
            };

            SigningContext signingContext = null;

            try
            {
                signingContext = CreateSignatureContextForAuthContext(context);
            }
            catch (Exception ex)
            {
                outcome.AdditionalInfo = "Failed to parse request for context info";
                return(outcome);
            }

            if (!_signer.ValidateSignature(context, signingContext))
            {
                outcome.AdditionalInfo = "Failed to validate signature";
                return(outcome);
            }

            if (context.Token != "accesskey")
            {
                outcome.AdditionalInfo = "Invalid access token";
                return(outcome);
            }

            if (context.ConsumerKey != "key")
            {
                outcome.AdditionalInfo = "Invalid consumer key";
                return(outcome);
            }

            outcome.Granted     = true;
            outcome.AccessToken = new TokenBase {
                ConsumerKey = "key", TokenSecret = "accesssecret", Token = "accesskey"
            };

            return(outcome);
        }
        public AccessOutcome VerifyProtectedResourceRequest(OAuthContext context)
        {
            var outcome = new AccessOutcome {Context = context};
            
            SigningContext signingContext = null;
            
            try
            {
                signingContext = CreateSignatureContextForAuthContext(context);
            }
            catch (Exception ex)
            {
                outcome.AdditionalInfo = "Failed to parse request for context info";
                return outcome;
            }

            if (!_signer.ValidateSignature(context, signingContext))
            {
                outcome.AdditionalInfo = "Failed to validate signature";
                return outcome;
            }

            if (context.Token != "accesskey")
            {
                outcome.AdditionalInfo = "Invalid access token";
                return outcome;
            }

            if (context.ConsumerKey != "key")
            {
                outcome.AdditionalInfo = "Invalid consumer key";
                return outcome;
            }

            outcome.Granted = true;
            outcome.AccessToken = new TokenBase {ConsumerKey = "key", TokenSecret = "accesssecret", Token = "accesskey"};

            return outcome;
        }
Пример #4
0
    public static Exception AccessDeniedToProtectedResource(AccessOutcome outcome)
    {
      Uri uri = outcome.Context.GenerateUri();

      if (string.IsNullOrEmpty(outcome.AdditionalInfo))
      {
        return new AccessDeniedException(outcome, string.Format("Access to resource \"{0}\" was denied", uri));
      }

      return new AccessDeniedException(outcome,
                                       string.Format("Access to resource: {0} was denied, additional info: {1}",
                                                     uri, outcome.AdditionalInfo));
    }
 public AccessDeniedException(AccessOutcome outcome)
     : this(outcome, null)
 {
 }
 public AccessDeniedException(AccessOutcome outcome, string message) : base(message)
 {
     _outcome = outcome;
 }
Пример #7
0
 protected override void OnAfterRendering(IEngineContext context, IController controller,
                                          IControllerContext controllerContext)
 {
     _threadOutcome = null;
 }