/// <summary> /// Raises the <see cref="E:System.Web.UI.Control.Init" /> event. /// </summary> /// <param name="e">An <see cref="T:System.EventArgs" /> object that contains the event data.</param> protected override void OnInit(EventArgs e) { base.OnInit(e); if (OAuthSettings["OAuthRequireSsl"].AsBoolean() && Request.Url.Scheme.ToLower() != "https") { throw new Exception("OAuth requires SSL."); } CheckAcceptableDomain(); // Log the user out if (!String.IsNullOrEmpty(PageParameter("OAuthLogout"))) { var authentication = HttpContext.Current.GetOwinContext().Authentication; authentication.SignOut(DefaultAuthenticationTypes.ApplicationCookie); authentication.Challenge(DefaultAuthenticationTypes.ApplicationCookie); Response.Redirect(OAuthSettings["OAuthLoginPath"] + "?logout=true&ReturnUrl=" + Server.UrlEncode(Request.RawUrl.Replace("&OAuthLogout=true", ""))); } if (IsPostBack) { if (!string.IsNullOrEmpty(Request.Form.Get("__EVENTTARGET")) && Request.Form.Get("__EVENTTARGET") == btnGrant.UniqueID) { if (CurrentUser != null) { OAuthContext context = new OAuthContext(); ClientService clientService = new ClientService(context); Client OAuthClient = clientService.GetByApiKey(PageParameter(PageParameterKeys.ClientId).AsGuid()); if (OAuthClient != null && OAuthClient.Active == true) { ClientScopeService clientScopeService = new ClientScopeService(context); AuthorizationService authorizationService = new AuthorizationService(context); foreach (var clientScope in clientScopeService.Queryable().Where(cs => cs.ClientId == OAuthClient.Id && cs.Active == true).Select(cs => cs.Scope)) { var authorization = authorizationService.Queryable().Where(a => a.Client.Id == OAuthClient.Id && a.UserLoginId == CurrentUser.Id && a.ScopeId == clientScope.Id).FirstOrDefault(); if (authorization == null) { authorization = new org.secc.OAuth.Model.Authorization(); authorizationService.Add(authorization); } authorization.Active = true; authorization.ClientId = OAuthClient.Id; authorization.UserLoginId = CurrentUser.Id; authorization.ScopeId = clientScope.Id; } context.SaveChanges(); Response.Redirect(Request.RawUrl); } } } } }