public static void AuthorizePendingRequestToken() { ITokenContainingMessage tokenMessage = PendingOAuthAuthorization; TokenManager.AuthorizeRequestToken(tokenMessage.Token, LoggedInCustomer); PendingOAuthAuthorization = null; }
protected internal UserAuthorizationRequest PrepareRequestUserAuthorization(Uri callback, IDictionary <string, string> requestParameters, IDictionary <string, string> redirectParameters, out string requestToken) { // Obtain an unauthorized request token. Assume the OAuth version given in the service description. var token = new UnauthorizedTokenRequest(this.ServiceProvider.RequestTokenEndpoint, this.ServiceProvider.Version) { ConsumerKey = this.ConsumerKey, Callback = callback, }; var tokenAccessor = this.Channel.MessageDescriptions.GetAccessor(token); tokenAccessor.AddExtraParameters(requestParameters); var requestTokenResponse = this.Channel.Request <UnauthorizedTokenResponse>(token); this.TokenManager.StoreNewRequestToken(token, requestTokenResponse); // Fine-tune our understanding of the SP's supported OAuth version if it's wrong. if (this.ServiceProvider.Version != requestTokenResponse.Version) { Logger.OAuth.WarnFormat("Expected OAuth service provider at endpoint {0} to use OAuth {1} but {2} was detected. Adjusting service description to new version.", this.ServiceProvider.RequestTokenEndpoint.Location, this.ServiceProvider.Version, requestTokenResponse.Version); this.ServiceProvider.ProtocolVersion = Protocol.Lookup(requestTokenResponse.Version).ProtocolVersion; } // Request user authorization. The OAuth version will automatically include // or drop the callback that we're setting here. ITokenContainingMessage assignedRequestToken = requestTokenResponse; var requestAuthorization = new UserAuthorizationRequest(this.ServiceProvider.UserAuthorizationEndpoint, assignedRequestToken.Token, requestTokenResponse.Version) { Callback = callback, }; var requestAuthorizationAccessor = this.Channel.MessageDescriptions.GetAccessor(requestAuthorization); requestAuthorizationAccessor.AddExtraParameters(redirectParameters); requestToken = requestAuthorization.RequestToken; return(requestAuthorization); }
public UserAuthorizationResponse PrepareAuthorizationResponse(UserAuthorizationRequest request) { Contract.Requires <ArgumentNullException>(request != null); // It is very important for us to ignore the oauth_callback argument in the // UserAuthorizationRequest if the Consumer is a 1.0a consumer or else we // open up a security exploit. IServiceProviderRequestToken token = this.TokenManager.GetRequestToken(request.RequestToken); Uri callback; if (request.Version >= Protocol.V10a.Version) { // In OAuth 1.0a, we'll prefer the token-specific callback to the pre-registered one. if (token.Callback != null) { callback = token.Callback; } else { IConsumerDescription consumer = this.TokenManager.GetConsumer(token.ConsumerKey); callback = consumer.Callback; } } else { // In OAuth 1.0, we'll prefer the pre-registered callback over the token-specific one // since 1.0 has a security weakness for user-modified callback URIs. IConsumerDescription consumer = this.TokenManager.GetConsumer(token.ConsumerKey); callback = consumer.Callback ?? request.Callback; } return(callback != null?this.PrepareAuthorizationResponse(request, callback) : null); }
/// <summary> /// The request authentication. /// </summary> /// <param name="callback"> /// The callback. /// </param> public void RequestAuthentication(Uri callback) { var redirectParameters = new Dictionary <string, string>(); UserAuthorizationRequest request = this.webConsumer.PrepareRequestUserAuthorization( callback, null, redirectParameters); this.webConsumer.Channel.PrepareResponse(request).Send(); }
protected void Page_Load(object sender, EventArgs e) { this.MasterPage.VisibleHeader = this.MasterPage.VisibleMainMenu = this.MasterPage.VisibleLeftArea = this.MasterPage.VisibleSubmenu = this.MasterPage.VisibleBreadcrumbs = this.MasterPage.VisibleFooter = this.MasterPage.VisibleHeaderMessage = this.MasterPage.EnableOverlay = false; if (this.EnableEmbeddedStyleSheets) { if (FrameworkConfiguration.Current.WebApplication.MasterPage.Theme == Pages.MasterPageTheme.Modern) { this.Page.Header.Controls.Add(Support.CreateStyleSheetLink(ResourceProvider.GetResourceUrl(ResourceProvider.LogOnModernStyleSheet, true))); } else { this.Page.Header.Controls.Add(Support.CreateStyleSheetLink(ResourceProvider.GetResourceUrl(ResourceProvider.LogOnStyleSheet, true))); } } m_PendingRequest = TokenProvider.Current.GetPendingUserAuthorizationRequest(); if (!IsPostBack) { this.LoadResources(); MainMultiView.ActiveViewIndex = 2; if (m_PendingRequest == null) { //Response.Redirect("~/Members/AuthorizedConsumers.aspx"); // TODO: Need to redirect to user's start page? } else { MainMultiView.ActiveViewIndex = 0; string token = ((ITokenContainingMessage)m_PendingRequest).Token; IServiceProviderRequestToken requestToken = TokenProvider.Current.GetRequestToken(token); OAuthDataSet.OAuthTokenRow requestTokenRow = (OAuthDataSet.OAuthTokenRow)requestToken; ConsumerLiteral.Text = string.Format(CultureInfo.InvariantCulture, Resources.OAuthControl_ConsumerLiteral_Text, TokenProvider.Current.GetConsumer(requestTokenRow.ConsumerId).Key, FrameworkConfiguration.Current.WebApplication.Name); // Generate an unpredictable secret that goes to the user agent and must come back with authorization // to guarantee the user interacted with this page rather than being scripted by an evil Consumer. OAuthAuthorizationSecToken.Value = UserContext.OAuthAuthorizationSecret = TokenProvider.Current.GenerateTokenSecret(); } } }
public void UpdatePendingUserAuthorizationRequest(string token, UserAuthorizationRequest pendingUserAuthorizationRequest) { OAuthDataSet.OAuthTokenRow row = GetOAuthTokenRow(token); if (row != null) { row.PendingUserAuthorizationRequest = Support.Serialize(pendingUserAuthorizationRequest); using (OAuthTokenTableAdapter adapter = new OAuthTokenTableAdapter()) { adapter.Update(row); } } }
public void ProcessRequest(HttpContext context) { IProtocolMessage request = m_Provider.ReadRequest(); UnauthorizedTokenRequest requestToken = null; UserAuthorizationRequest requestAuth = null; AuthorizedTokenRequest requestAccessToken; if ((requestToken = request as UnauthorizedTokenRequest) != null) { UnauthorizedTokenResponse response = m_Provider.PrepareUnauthorizedTokenMessage(requestToken); m_Provider.Channel.Send(response); } else if ((requestAuth = request as UserAuthorizationRequest) != null) { string token = ((ITokenContainingMessage)requestAuth).Token; ((TokenProvider)m_Provider.TokenManager).UpdatePendingUserAuthorizationRequest(token, requestAuth); TokenProvider.SetTokenCookie(token); if (context == null) { throw new ArgumentNullException("context"); } context.Response.Redirect(ActionProvider.FindAction(ActionProvider.OAuthPageActionId).AbsoluteNavigateUrl); } else if ((requestAccessToken = request as AuthorizedTokenRequest) != null) { AuthorizedTokenResponse response = m_Provider.PrepareAccessTokenMessage(requestAccessToken); OAuthDataSet.OAuthTokenRow row = (OAuthDataSet.OAuthTokenRow)m_Provider.TokenManager.GetAccessToken(response.AccessToken); response.ExtraData.Add(new KeyValuePair <string, string>("api_token", LoginProvider.Current.GetToken(row.LoginId))); if (!row.IsOrganizationIdNull()) { response.ExtraData.Add(new KeyValuePair <string, string>("org", OrganizationProvider.GetOrganization(row.OrganizationId).PseudoId)); if (!row.IsInstanceIdNull()) { response.ExtraData.Add(new KeyValuePair <string, string>("dept", InstanceProvider.GetInstance(row.InstanceId, row.OrganizationId).PseudoId)); } } m_Provider.Channel.Send(response); } else { throw new InvalidOperationException(); } }
public UserAuthorizationResponse PrepareAuthorizationResponse(UserAuthorizationRequest request, Uri callback) { Requires.NotNull(request, "request"); Requires.NotNull(callback, "callback"); var authorization = new UserAuthorizationResponse(callback, request.Version) { RequestToken = request.RequestToken, }; if (authorization.Version >= Protocol.V10a.Version) { authorization.VerificationCode = CreateVerificationCode(VerificationCodeFormat.IncludedInCallback, VerifierCodeLength); } return(authorization); }
public UserAuthorizationResponse PrepareAuthorizationResponse(UserAuthorizationRequest request) { ErrorUtilities.VerifyArgumentNotNull(request, "request"); if (request.Callback != null) { var authorization = new UserAuthorizationResponse(request.Callback) { RequestToken = request.RequestToken, }; return(authorization); } else { return(null); } }
public UserAuthorizationResponse PrepareAuthorizationResponse(UserAuthorizationRequest request, Uri callback) { Contract.Requires <ArgumentNullException>(request != null); Contract.Requires <ArgumentNullException>(callback != null); var authorization = new UserAuthorizationResponse(callback, request.Version) { RequestToken = request.RequestToken, }; if (authorization.Version >= Protocol.V10a.Version) { authorization.VerificationCode = CreateVerificationCode(VerificationCodeFormat.IncludedInCallback, VerifierCodeLength); } return(authorization); }
/// <summary> /// Analyzes an incoming request message payload to discover what kind of /// message is embedded in it and returns the type, or null if no match is found. /// </summary> /// <param name="recipient">The intended or actual recipient of the request message.</param> /// <param name="fields">The name/value pairs that make up the message payload.</param> /// <returns> /// A newly instantiated <see cref="IProtocolMessage"/>-derived object that this message can /// deserialize to. Null if the request isn't recognized as a valid protocol message. /// </returns> /// <remarks> /// The request messages are: /// UnauthorizedTokenRequest /// AuthorizedTokenRequest /// UserAuthorizationRequest /// AccessProtectedResourceRequest /// </remarks> public virtual IDirectedProtocolMessage GetNewRequestMessage(MessageReceivingEndpoint recipient, IDictionary <string, string> fields) { ErrorUtilities.VerifyArgumentNotNull(recipient, "recipient"); ErrorUtilities.VerifyArgumentNotNull(fields, "fields"); MessageBase message = null; if (fields.ContainsKey("oauth_consumer_key") && !fields.ContainsKey("oauth_token")) { message = new UnauthorizedTokenRequest(recipient); } else if (fields.ContainsKey("oauth_consumer_key") && fields.ContainsKey("oauth_token")) { // Discern between RequestAccessToken and AccessProtectedResources, // which have all the same parameters, by figuring out what type of token // is in the token parameter. bool tokenTypeIsAccessToken = this.tokenManager.GetTokenType(fields["oauth_token"]) == TokenType.AccessToken; message = tokenTypeIsAccessToken ? (MessageBase) new AccessProtectedResourceRequest(recipient) : new AuthorizedTokenRequest(recipient); } else { // fail over to the message with no required fields at all. message = new UserAuthorizationRequest(recipient); } if (message != null) { message.SetAsIncoming(); } return(message); }
protected internal UserAuthorizationRequest PrepareRequestUserAuthorization(Uri callback, IDictionary <string, string> requestParameters, IDictionary <string, string> redirectParameters, out string requestToken) { // Obtain an unauthorized request token. var token = new UnauthorizedTokenRequest(this.ServiceProvider.RequestTokenEndpoint) { ConsumerKey = this.ConsumerKey, }; token.AddExtraParameters(requestParameters); var requestTokenResponse = this.Channel.Request <UnauthorizedTokenResponse>(token); this.TokenManager.StoreNewRequestToken(token, requestTokenResponse); // Request user authorization. ITokenContainingMessage assignedRequestToken = requestTokenResponse; var requestAuthorization = new UserAuthorizationRequest(this.ServiceProvider.UserAuthorizationEndpoint, assignedRequestToken.Token) { Callback = callback, }; requestAuthorization.AddExtraParameters(redirectParameters); requestToken = requestAuthorization.RequestToken; return(requestAuthorization); }