/// <summary>
/// Initializes a new instance of the <see cref="ServiceProvider"/> class.
/// </summary>
/// <param name="serviceDescription">The endpoints and behavior on the Service Provider.</param>
/// <param name="tokenManager">The host's method of storing and recalling tokens and secrets.</param>
/// <param name="messageTypeProvider">An object that can figure out what type of message is being received for deserialization.</param>
public ServiceProvider(ServiceProviderDescription serviceDescription, IServiceProviderTokenManager tokenManager, OAuthServiceProviderMessageFactory messageTypeProvider)
: this(serviceDescription, tokenManager, OAuthElement.Configuration.ServiceProvider.ApplicationStore.CreateInstance(HttpApplicationStore), messageTypeProvider)
{
Requires.NotNull(serviceDescription, "serviceDescription");
Requires.NotNull(tokenManager, "tokenManager");
Requires.NotNull(messageTypeProvider, "messageTypeProvider");
}
protected void identifierBox_LoggedIn(object sender, OpenIdEventArgs e) {
this.RegisterAsyncTask(
new PageAsyncTask(
async ct => {
State.FetchResponse = e.Response.GetExtension<FetchResponse>();
var serviceDescription = new ServiceProviderDescription {
TokenRequestEndpoint = new Uri(e.Response.Provider.Uri, "/access_token.ashx"),
};
var consumer = CreateConsumer();
consumer.ServiceProvider = serviceDescription;
AccessTokenResponse accessToken = await consumer.ProcessUserAuthorizationAsync(e.Response);
if (accessToken != null) {
this.MultiView1.SetActiveView(this.AuthorizationGiven);
// At this point, the access token would be somehow associated with the user
// account at the RP.
////Database.Associate(e.Response.ClaimedIdentifier, accessToken.AccessToken);
} else {
this.MultiView1.SetActiveView(this.AuthorizationDenied);
}
// Avoid the redirect
e.Cancel = true;
}));
}
/// <summary>
/// Initializes a new instance of the <see cref="ServiceProvider"/> class.
/// </summary>
/// <param name="serviceDescription">The endpoints and behavior on the Service Provider.</param>
/// <param name="tokenManager">The host's method of storing and recalling tokens and secrets.</param>
/// <param name="messageTypeProvider">An object that can figure out what type of message is being received for deserialization.</param>
public ServiceProvider(ServiceProviderDescription serviceDescription, IServiceProviderTokenManager tokenManager, OAuthServiceProviderMessageFactory messageTypeProvider)
: this(serviceDescription, tokenManager, DotNetOpenAuthSection.Configuration.OAuth.ServiceProvider.ApplicationStore.CreateInstance(HttpApplicationStore), messageTypeProvider)
{
Contract.Requires <ArgumentNullException>(serviceDescription != null);
Contract.Requires <ArgumentNullException>(tokenManager != null);
Contract.Requires <ArgumentNullException>(messageTypeProvider != null);
}
/// <summary>
/// Records the feature and dependency use.
/// </summary>
/// <param name="value">The consumer or service provider.</param>
/// <param name="service">The service.</param>
/// <param name="tokenManager">The token manager.</param>
/// <param name="nonceStore">The nonce store.</param>
internal static void RecordFeatureAndDependencyUse(object value, ServiceProviderDescription service, ITokenManager tokenManager, INonceStore nonceStore) {
Contract.Requires(value != null);
Contract.Requires(service != null);
Contract.Requires(tokenManager != null);
// In release builds, just quietly return.
if (value == null || service == null || tokenManager == null) {
return;
}
if (Reporting.Enabled && Reporting.Configuration.IncludeFeatureUsage) {
StringBuilder builder = new StringBuilder();
builder.Append(value.GetType().Name);
builder.Append(" ");
builder.Append(tokenManager.GetType().Name);
if (nonceStore != null) {
builder.Append(" ");
builder.Append(nonceStore.GetType().Name);
}
builder.Append(" ");
builder.Append(service.Version);
builder.Append(" ");
builder.Append(service.UserAuthorizationEndpoint);
Reporting.ObservedFeatures.Add(builder.ToString());
Reporting.Touch();
}
}
static ImgurProvider()
{
ServiceProviderDescription service = new ServiceProviderDescription();
service.RequestTokenEndpoint = new DotNetOpenAuth.Messaging.MessageReceivingEndpoint("http://www.flickr.com/services/oauth/request_token", DotNetOpenAuth.Messaging.HttpDeliveryMethods.PostRequest);
service.AccessTokenEndpoint = new DotNetOpenAuth.Messaging.MessageReceivingEndpoint("http://www.flickr.com/services/oauth/access_token", DotNetOpenAuth.Messaging.HttpDeliveryMethods.PostRequest);
ImgurProvider.ImgurServiceDescription = service;
}
static void Main(string[] args)
{
var providerDesc = new ServiceProviderDescription()
{
RequestTokenEndpoint = new MessageReceivingEndpoint("http://localhost:8008/noop", HttpDeliveryMethods.PostRequest),
AccessTokenEndpoint = new MessageReceivingEndpoint("http://localhost:8008/noop", HttpDeliveryMethods.PostRequest),
UserAuthorizationEndpoint = new MessageReceivingEndpoint("http://localhost:8008/noop", HttpDeliveryMethods.PostRequest),
ProtocolVersion = ProtocolVersion.V10a,
TamperProtectionElements = new ITamperProtectionChannelBindingElement[] { new HmacSha1SigningBindingElement() }
};
var consumerKey = "dotnet-test-key";
var consumerSecret = File.ReadAllText("..\\..\\keys\\8008\\8080\\" + consumerKey);
var zeroLeggedWebConsumer = new DotNetOpenAuth.OAuth.WebConsumer(providerDesc, new ZeroLeggedTokenManager(consumerKey, consumerSecret));
var endpoint = new MessageReceivingEndpoint("http://localhost:8008/job?query=parameters&also=good", HttpDeliveryMethods.AuthorizationHeaderRequest | HttpDeliveryMethods.PostRequest);
var httpRequest = zeroLeggedWebConsumer.PrepareAuthorizedRequest(endpoint, "DUMMY", new Dictionary<String, String>()
{
{"are", "post"},
{"parameters", "handled"},
});
var response = httpRequest.GetResponse();
var responseContent = new System.IO.StreamReader(response.GetResponseStream()).ReadToEnd();
Console.Out.WriteLine(responseContent);
}
protected void identifierBox_LoggingIn(object sender, OpenIdEventArgs e) {
ServiceProviderDescription serviceDescription = new ServiceProviderDescription {
TamperProtectionElements = new ITamperProtectionChannelBindingElement[] { new HmacSha1SigningBindingElement() },
};
var consumer = new WebConsumerOpenIdRelyingParty(serviceDescription, Global.OwnSampleOPHybridTokenManager);
consumer.AttachAuthorizationRequest(e.Request, "http://tempuri.org/IDataApi/GetName");
}
/// <summary>
/// Initializes a new instance of the <see cref="DesktopOAuthAuthorization"/> class.
/// </summary>
/// <param name="serviceDescription">The service description.</param>
public DesktopOAuthAuthorization(ServiceProviderDescription serviceProviderDescription)
: base(new DesktopConsumer(serviceProviderDescription, new WindowsCredentialStoreTokenManager()))
{
var inMemoryTokenManager = this.Consumer.TokenManager as WindowsCredentialStoreTokenManager;
if (inMemoryTokenManager != null)
{
inMemoryTokenManager.SetAuthenticationTarget(this.AuthenticationTarget);
}
}
public static ServiceProviderDescription CreateServiceProviderDescription(Service service)
{
ServiceProviderDescription desc = new ServiceProviderDescription();
desc.RequestTokenEndpoint = new MessageReceivingEndpoint(service.OAuthRequestToken, HttpDeliveryMethods.PostRequest);
desc.UserAuthorizationEndpoint = new MessageReceivingEndpoint(service.OAuthAuthorizeToken, HttpDeliveryMethods.GetRequest);
desc.AccessTokenEndpoint = new MessageReceivingEndpoint(service.OAuthGetAccessToken, HttpDeliveryMethods.PostRequest);
desc.TamperProtectionElements = new ITamperProtectionChannelBindingElement[] { new HmacSha1SigningBindingElement() };
return desc;
}
/*public static ServiceProviderDescription CreateServiceProviderDescription(Service service)
{
ServiceProviderDescription desc = new ServiceProviderDescription();
desc.RequestTokenEndpoint = new MessageReceivingEndpoint(service.OAuthRequestToken, HttpDeliveryMethods.PostRequest);
desc.UserAuthorizationEndpoint = new MessageReceivingEndpoint(service.OAuthAuthorizeToken, HttpDeliveryMethods.GetRequest);
desc.AccessTokenEndpoint = new MessageReceivingEndpoint(service.OAuthGetAccessToken, HttpDeliveryMethods.PostRequest);
desc.TamperProtectionElements = new ITamperProtectionChannelBindingElement[] { new HmacSha1SigningBindingElement() };
return desc;
}*/
public static ServiceProviderDescription CreateServiceProviderDescription(Uri httpBaseUri)
{
ServiceProviderDescription desc = new ServiceProviderDescription();
desc.RequestTokenEndpoint = new MessageReceivingEndpoint(new Uri(httpBaseUri, "/oauth/get_request_token"), HttpDeliveryMethods.PostRequest);
desc.UserAuthorizationEndpoint = new MessageReceivingEndpoint(new Uri(httpBaseUri, "/oauth/authorize_token"), HttpDeliveryMethods.GetRequest);
desc.AccessTokenEndpoint = new MessageReceivingEndpoint(new Uri(httpBaseUri, "/oauth/get_access_token"), HttpDeliveryMethods.PostRequest);
desc.TamperProtectionElements = new ITamperProtectionChannelBindingElement[] { new HmacSha1SigningBindingElement() };
return desc;
}
/// <summary>
/// Initializes a new instance of the <see cref="DotNetOpenAuthWebConsumer" /> class.
/// </summary>
/// <param name="serviceDescription">The service description.</param>
/// <param name="consumerKey">The consumer key.</param>
/// <param name="consumerSecret">The consumer secret.</param>
public DotNetOpenAuthWebConsumer(ServiceProviderDescription serviceDescription, string consumerKey, string consumerSecret) {
Requires.NotNull(serviceDescription, "serviceDescription");
this.webConsumer = new Consumer {
ServiceProvider = serviceDescription,
ConsumerKey = consumerKey,
ConsumerSecret = consumerSecret,
TemporaryCredentialStorage = new CookieTemporaryCredentialStorage(),
};
}
public void AccessTokenUriTest() {
var target = new ServiceProviderDescription();
MessageReceivingEndpoint expected = new MessageReceivingEndpoint("http://localhost/accesstoken", HttpDeliveryMethods.GetRequest);
MessageReceivingEndpoint actual;
target.AccessTokenEndpoint = expected;
actual = target.AccessTokenEndpoint;
Assert.AreEqual(expected, actual);
target.AccessTokenEndpoint = null;
Assert.IsNull(target.AccessTokenEndpoint);
}
protected OAuthAuthenticator(
ServiceProviderDescription description,
Func<string, AuthResult.Data> selector,
string endpoint,
string consumerKey,
string consumerSecret)
{
_endpoint = new MessageReceivingEndpoint(endpoint, HttpDeliveryMethods.GetRequest);
_selector = selector;
_client = new WebConsumer(description, new InMemoryTokenManager(consumerKey, consumerSecret));
}
/// <summary>
/// Initializes a new instance of the <see cref="ConsumerBase"/> class.
/// </summary>
/// <param name="serviceDescription">The endpoints and behavior of the Service Provider.</param>
/// <param name="tokenManager">The host's method of storing and recalling tokens and secrets.</param>
protected ConsumerBase(ServiceProviderDescription serviceDescription, IConsumerTokenManager tokenManager)
{
ErrorUtilities.VerifyArgumentNotNull(serviceDescription, "serviceDescription");
ErrorUtilities.VerifyArgumentNotNull(tokenManager, "tokenManager");
ITamperProtectionChannelBindingElement signingElement = serviceDescription.CreateTamperProtectionElement();
INonceStore store = new NonceMemoryStore(StandardExpirationBindingElement.DefaultMaximumMessageAge);
this.OAuthChannel = new OAuthChannel(signingElement, store, tokenManager);
this.ServiceProvider = serviceDescription;
this.SecuritySettings = DotNetOpenAuthSection.Configuration.OAuth.Consumer.SecuritySettings.CreateSecuritySettings();
}
static BitBucketAuthenticationClient()
{
ServiceProviderDescription spd = new ServiceProviderDescription();
spd.RequestTokenEndpoint = new MessageReceivingEndpoint("https://bitbucket.org/api/1.0/oauth/request_token", HttpDeliveryMethods.PostRequest | HttpDeliveryMethods.AuthorizationHeaderRequest);
spd.UserAuthorizationEndpoint = new MessageReceivingEndpoint("https://bitbucket.org/api/1.0/oauth/authenticate", HttpDeliveryMethods.GetRequest | HttpDeliveryMethods.AuthorizationHeaderRequest);
spd.AccessTokenEndpoint = new MessageReceivingEndpoint("https://bitbucket.org/api/1.0/oauth/access_token", HttpDeliveryMethods.PostRequest | HttpDeliveryMethods.AuthorizationHeaderRequest);
spd.TamperProtectionElements = new[] { new HmacSha1SigningBindingElement() };
BitBucketServiceDescription = spd;
}
/// <summary>
/// Initializes a new instance of the <see cref="ConsumerBase"/> class.
/// </summary>
/// <param name="serviceDescription">The endpoints and behavior of the Service Provider.</param>
/// <param name="tokenManager">The host's method of storing and recalling tokens and secrets.</param>
protected ConsumerBase(ServiceProviderDescription serviceDescription, IConsumerTokenManager tokenManager) {
Requires.NotNull(serviceDescription, "serviceDescription");
Requires.NotNull(tokenManager, "tokenManager");
ITamperProtectionChannelBindingElement signingElement = serviceDescription.CreateTamperProtectionElement();
INonceStore store = new NonceMemoryStore(StandardExpirationBindingElement.MaximumMessageAge);
this.SecuritySettings = OAuthElement.Configuration.Consumer.SecuritySettings.CreateSecuritySettings();
this.OAuthChannel = new OAuthConsumerChannel(signingElement, store, tokenManager, this.SecuritySettings);
this.ServiceProvider = serviceDescription;
OAuthReporting.RecordFeatureAndDependencyUse(this, serviceDescription, tokenManager, null);
}
/// <summary>
/// Initializes a new instance of the <see cref="ConsumerBase"/> class.
/// </summary>
/// <param name="serviceDescription">The endpoints and behavior of the Service Provider.</param>
/// <param name="tokenManager">The host's method of storing and recalling tokens and secrets.</param>
protected ConsumerBase(ServiceProviderDescription serviceDescription, IConsumerTokenManager tokenManager) {
Contract.Requires<ArgumentNullException>(serviceDescription != null);
Contract.Requires<ArgumentNullException>(tokenManager != null);
ITamperProtectionChannelBindingElement signingElement = serviceDescription.CreateTamperProtectionElement();
INonceStore store = new NonceMemoryStore(StandardExpirationBindingElement.MaximumMessageAge);
this.SecuritySettings = DotNetOpenAuthSection.Configuration.OAuth.Consumer.SecuritySettings.CreateSecuritySettings();
this.OAuthChannel = new OAuthChannel(signingElement, store, tokenManager, this.SecuritySettings);
this.ServiceProvider = serviceDescription;
Reporting.RecordFeatureAndDependencyUse(this, serviceDescription, tokenManager, null);
}
/// <summary>
/// Initializes a new instance of the <see cref="Consumer" /> class.
/// </summary>
/// <param name="consumerKey">The consumer key.</param>
/// <param name="consumerSecret">The consumer secret.</param>
/// <param name="serviceProvider">The service provider.</param>
/// <param name="temporaryCredentialStorage">The temporary credential storage.</param>
/// <param name="hostFactories">The host factories.</param>
public Consumer(
string consumerKey,
string consumerSecret,
ServiceProviderDescription serviceProvider,
ITemporaryCredentialStorage temporaryCredentialStorage,
IHostFactories hostFactories = null) {
this.ConsumerKey = consumerKey;
this.ConsumerSecret = consumerSecret;
this.ServiceProvider = serviceProvider;
this.TemporaryCredentialStorage = temporaryCredentialStorage;
this.HostFactories = hostFactories ?? new DefaultOAuthHostFactories();
}
/// <summary>
/// Initializes a new instance of the <see cref="Consumer" /> class.
/// </summary>
/// <param name="consumerKey">The consumer key.</param>
/// <param name="consumerSecret">The consumer secret.</param>
/// <param name="serviceProvider">The service provider.</param>
/// <param name="temporaryCredentialStorage">The temporary credential storage.</param>
/// <param name="hostFactories">The host factories.</param>
public Consumer(
string consumerKey,
string consumerSecret,
ServiceProviderDescription serviceProvider,
ITemporaryCredentialStorage temporaryCredentialStorage,
IHostFactories hostFactories = null)
{
this.ConsumerKey = consumerKey;
this.ConsumerSecret = consumerSecret;
this.ServiceProvider = serviceProvider;
this.TemporaryCredentialStorage = temporaryCredentialStorage;
this.HostFactories = hostFactories ?? new DefaultOAuthHostFactories();
}
/// <summary>
/// Initializes a new instance of the <see cref="ConsumerBase"/> class.
/// </summary>
/// <param name="serviceDescription">The endpoints and behavior of the Service Provider.</param>
/// <param name="tokenManager">The host's method of storing and recalling tokens and secrets.</param>
protected ConsumerBase(ServiceProviderDescription serviceDescription, ITokenManager tokenManager)
{
if (serviceDescription == null) {
throw new ArgumentNullException("serviceDescription");
}
if (tokenManager == null) {
throw new ArgumentNullException("tokenManager");
}
ITamperProtectionChannelBindingElement signingElement = serviceDescription.CreateTamperProtectionElement();
INonceStore store = new NonceMemoryStore(StandardExpirationBindingElement.DefaultMaximumMessageAge);
this.OAuthChannel = new OAuthChannel(signingElement, store, tokenManager, new OAuthConsumerMessageFactory());
this.ServiceProvider = serviceDescription;
}
/// <summary>
/// Initializes a new instance of the <see cref="ConsumerBase"/> class.
/// </summary>
/// <param name="serviceDescription">The endpoints and behavior of the Service Provider.</param>
/// <param name="tokenManager">The host's method of storing and recalling tokens and secrets.</param>
protected ConsumerBase(ServiceProviderDescription serviceDescription, IConsumerTokenManager tokenManager)
{
Requires.NotNull(serviceDescription, "serviceDescription");
Requires.NotNull(tokenManager, "tokenManager");
ITamperProtectionChannelBindingElement signingElement = serviceDescription.CreateTamperProtectionElement();
INonceStore store = new NonceMemoryStore(StandardExpirationBindingElement.MaximumMessageAge);
this.SecuritySettings = OAuthElement.Configuration.Consumer.SecuritySettings.CreateSecuritySettings();
this.OAuthChannel = new OAuthConsumerChannel(signingElement, store, tokenManager, this.SecuritySettings);
this.ServiceProvider = serviceDescription;
OAuthReporting.RecordFeatureAndDependencyUse(this, serviceDescription, tokenManager, null);
}
/// <summary>
/// Initializes a new instance of the <see cref="ConsumerBase"/> class.
/// </summary>
/// <param name="serviceDescription">The endpoints and behavior of the Service Provider.</param>
/// <param name="tokenManager">The host's method of storing and recalling tokens and secrets.</param>
protected ConsumerBase(ServiceProviderDescription serviceDescription, IConsumerTokenManager tokenManager)
{
Contract.Requires <ArgumentNullException>(serviceDescription != null);
Contract.Requires <ArgumentNullException>(tokenManager != null);
ITamperProtectionChannelBindingElement signingElement = serviceDescription.CreateTamperProtectionElement();
INonceStore store = new NonceMemoryStore(StandardExpirationBindingElement.MaximumMessageAge);
this.OAuthChannel = new OAuthChannel(signingElement, store, tokenManager);
this.ServiceProvider = serviceDescription;
this.SecuritySettings = DotNetOpenAuthSection.Configuration.OAuth.Consumer.SecuritySettings.CreateSecuritySettings();
Reporting.RecordFeatureAndDependencyUse(this, serviceDescription, tokenManager, null);
}
/// <summary>
/// Initializes a new instance of the <see cref="ServiceProvider"/> class.
/// </summary>
/// <param name="serviceDescription">The endpoints and behavior on the Service Provider.</param>
/// <param name="tokenManager">The host's method of storing and recalling tokens and secrets.</param>
/// <param name="nonceStore">The nonce store.</param>
/// <param name="messageTypeProvider">An object that can figure out what type of message is being received for deserialization.</param>
public ServiceProvider(ServiceProviderDescription serviceDescription, IServiceProviderTokenManager tokenManager, INonceStore nonceStore, OAuthServiceProviderMessageFactory messageTypeProvider)
{
Requires.NotNull(serviceDescription, "serviceDescription");
Requires.NotNull(tokenManager, "tokenManager");
Requires.NotNull(nonceStore, "nonceStore");
Requires.NotNull(messageTypeProvider, "messageTypeProvider");
var signingElement = serviceDescription.CreateTamperProtectionElement();
this.ServiceDescription = serviceDescription;
this.SecuritySettings = OAuthElement.Configuration.ServiceProvider.SecuritySettings.CreateSecuritySettings();
this.OAuthChannel = new OAuthServiceProviderChannel(signingElement, nonceStore, tokenManager, this.SecuritySettings, messageTypeProvider);
this.TokenGenerator = new StandardTokenGenerator();
OAuthReporting.RecordFeatureAndDependencyUse(this, serviceDescription, tokenManager, nonceStore);
}
/// <summary>
/// Initializes a new instance of the <see cref="ServiceProvider"/> class.
/// </summary>
/// <param name="serviceDescription">The endpoints and behavior on the Service Provider.</param>
/// <param name="tokenManager">The host's method of storing and recalling tokens and secrets.</param>
/// <param name="nonceStore">The nonce store.</param>
/// <param name="messageTypeProvider">An object that can figure out what type of message is being received for deserialization.</param>
public ServiceProvider(ServiceProviderDescription serviceDescription, IServiceProviderTokenManager tokenManager, INonceStore nonceStore, OAuthServiceProviderMessageFactory messageTypeProvider)
{
Contract.Requires <ArgumentNullException>(serviceDescription != null);
Contract.Requires <ArgumentNullException>(tokenManager != null);
Contract.Requires <ArgumentNullException>(nonceStore != null);
Contract.Requires <ArgumentNullException>(messageTypeProvider != null);
var signingElement = serviceDescription.CreateTamperProtectionElement();
this.ServiceDescription = serviceDescription;
this.OAuthChannel = new OAuthChannel(signingElement, nonceStore, tokenManager, messageTypeProvider);
this.TokenGenerator = new StandardTokenGenerator();
this.SecuritySettings = DotNetOpenAuthSection.Configuration.OAuth.ServiceProvider.SecuritySettings.CreateSecuritySettings();
Reporting.RecordFeatureAndDependencyUse(this, serviceDescription, tokenManager, nonceStore);
}
public TwitterHandler(ClaimProvider issuer)
: base(issuer)
{
this.issuer = issuer;
this.consumerKey = issuer.Parameters["consumer_key"];
this.consumerSecret = issuer.Parameters["consumer_secret"];
this.apiUrl = issuer.Parameters["api_url"];
var description = new ServiceProviderDescription
{
RequestTokenEndpoint = new MessageReceivingEndpoint("http://twitter.com/oauth/request_token", HttpDeliveryMethods.GetRequest | HttpDeliveryMethods.AuthorizationHeaderRequest),
UserAuthorizationEndpoint = new MessageReceivingEndpoint("http://twitter.com/oauth/authenticate", HttpDeliveryMethods.GetRequest | HttpDeliveryMethods.AuthorizationHeaderRequest),
AccessTokenEndpoint = new MessageReceivingEndpoint("http://twitter.com/oauth/access_token", HttpDeliveryMethods.GetRequest | HttpDeliveryMethods.AuthorizationHeaderRequest),
TamperProtectionElements = new ITamperProtectionChannelBindingElement[] { new HmacSha1SigningBindingElement() }
};
}
public void SpecAppendixAExample()
{
ServiceProviderDescription serviceDescription = new ServiceProviderDescription() {
RequestTokenEndpoint = new MessageReceivingEndpoint("https://photos.example.net/request_token", HttpDeliveryMethods.PostRequest),
UserAuthorizationEndpoint = new MessageReceivingEndpoint("http://photos.example.net/authorize", HttpDeliveryMethods.GetRequest),
AccessTokenEndpoint = new MessageReceivingEndpoint("https://photos.example.net/access_token", HttpDeliveryMethods.PostRequest),
TamperProtectionElements = new ITamperProtectionChannelBindingElement[] {
new PlaintextSigningBindingElement(),
new HmacSha1SigningBindingElement(),
},
};
MessageReceivingEndpoint accessPhotoEndpoint = new MessageReceivingEndpoint("http://photos.example.net/photos?file=vacation.jpg&size=original", HttpDeliveryMethods.AuthorizationHeaderRequest | HttpDeliveryMethods.GetRequest);
ConsumerDescription consumerDescription = new ConsumerDescription("dpf43f3p2l4k3l03", "kd94hf93k423kf44");
OAuthCoordinator coordinator = new OAuthCoordinator(
consumerDescription,
serviceDescription,
consumer => {
consumer.Channel.PrepareResponse(consumer.PrepareRequestUserAuthorization(new Uri("http://printer.example.com/request_token_ready"), null, null)); // .Send() dropped because this is just a simulation
string accessToken = consumer.ProcessUserAuthorization().AccessToken;
var photoRequest = consumer.CreateAuthorizingMessage(accessPhotoEndpoint, accessToken);
OutgoingWebResponse protectedPhoto = ((CoordinatingOAuthChannel)consumer.Channel).RequestProtectedResource(photoRequest);
Assert.IsNotNull(protectedPhoto);
Assert.AreEqual(HttpStatusCode.OK, protectedPhoto.Status);
Assert.AreEqual("image/jpeg", protectedPhoto.Headers[HttpResponseHeader.ContentType]);
Assert.AreNotEqual(0, protectedPhoto.ResponseStream.Length);
},
sp => {
var requestTokenMessage = sp.ReadTokenRequest();
sp.Channel.PrepareResponse(sp.PrepareUnauthorizedTokenMessage(requestTokenMessage)); // .Send() dropped because this is just a simulation
var authRequest = sp.ReadAuthorizationRequest();
((InMemoryTokenManager)sp.TokenManager).AuthorizeRequestToken(authRequest.RequestToken);
sp.Channel.PrepareResponse(sp.PrepareAuthorizationResponse(authRequest)); // .Send() dropped because this is just a simulation
var accessRequest = sp.ReadAccessTokenRequest();
sp.Channel.PrepareResponse(sp.PrepareAccessTokenMessage(accessRequest)); // .Send() dropped because this is just a simulation
string accessToken = sp.ReadProtectedResourceAuthorization().AccessToken;
((CoordinatingOAuthChannel)sp.Channel).SendDirectRawResponse(new OutgoingWebResponse {
ResponseStream = new MemoryStream(new byte[] { 0x33, 0x66 }),
Headers = new WebHeaderCollection {
{ HttpResponseHeader.ContentType, "image/jpeg" },
},
});
});
coordinator.Run();
}
/// <summary>
/// Initializes a new instance of the <see cref="ConsumerBase"/> class.
/// </summary>
/// <param name="serviceDescription">The endpoints and behavior of the Service Provider.</param>
/// <param name="tokenManager">The host's method of storing and recalling tokens and secrets.</param>
protected ConsumerBase(ServiceProviderDescription serviceDescription, ITokenManager tokenManager)
{
if (serviceDescription == null)
{
throw new ArgumentNullException("serviceDescription");
}
if (tokenManager == null)
{
throw new ArgumentNullException("tokenManager");
}
ITamperProtectionChannelBindingElement signingElement = serviceDescription.CreateTamperProtectionElement();
INonceStore store = new NonceMemoryStore(StandardExpirationBindingElement.DefaultMaximumMessageAge);
this.OAuthChannel = new OAuthChannel(signingElement, store, tokenManager, new OAuthConsumerMessageFactory());
this.ServiceProvider = serviceDescription;
}
public static AuthorizedTokenResponse CompleteAuthorization(DesktopConsumer consumer, string requestToken, string userCode) {
// Because Yammer has a proprietary callback_token parameter, and it's passed
// with the message that specifically bans extra arguments being passed, we have
// to cheat by adding the data to the URL itself here.
var customServiceDescription = new ServiceProviderDescription {
RequestTokenEndpoint = ServiceDescription.RequestTokenEndpoint,
UserAuthorizationEndpoint = ServiceDescription.UserAuthorizationEndpoint,
AccessTokenEndpoint = new MessageReceivingEndpoint(ServiceDescription.AccessTokenEndpoint.Location.AbsoluteUri + "?oauth_verifier=" + Uri.EscapeDataString(userCode), HttpDeliveryMethods.AuthorizationHeaderRequest | HttpDeliveryMethods.PostRequest),
TamperProtectionElements = ServiceDescription.TamperProtectionElements,
ProtocolVersion = ProtocolVersion.V10,
};
// To use a custom service description we also must create a new WebConsumer.
var customConsumer = new DesktopConsumer(customServiceDescription, consumer.TokenManager);
var response = customConsumer.ProcessUserAuthorization(requestToken, userCode);
return response;
}
/// <summary>
/// Initializes a new instance of the <see cref="ServiceProvider"/> class.
/// </summary>
/// <param name="serviceDescription">The endpoints and behavior on the Service Provider.</param>
/// <param name="tokenManager">The host's method of storing and recalling tokens and secrets.</param>
/// <param name="messageTypeProvider">An object that can figure out what type of message is being received for deserialization.</param>
public ServiceProvider(ServiceProviderDescription serviceDescription, ITokenManager tokenManager, OAuthServiceProviderMessageFactory messageTypeProvider)
{
if (serviceDescription == null) {
throw new ArgumentNullException("serviceDescription");
}
if (tokenManager == null) {
throw new ArgumentNullException("tokenManager");
}
if (messageTypeProvider == null) {
throw new ArgumentNullException("messageTypeProvider");
}
var signingElement = serviceDescription.CreateTamperProtectionElement();
INonceStore store = new NonceMemoryStore(StandardExpirationBindingElement.DefaultMaximumMessageAge);
this.ServiceDescription = serviceDescription;
this.OAuthChannel = new OAuthChannel(signingElement, store, tokenManager, messageTypeProvider);
this.TokenGenerator = new StandardTokenGenerator();
}
private static ServiceProviderDescription GetServiceProviderDescription(Uri oauthUri)
{
var deliveryMethods = DotNetOpenAuth.Messaging.HttpDeliveryMethods.AuthorizationHeaderRequest | DotNetOpenAuth.Messaging.HttpDeliveryMethods.PostRequest;
var endpoint = new DotNetOpenAuth.Messaging.MessageReceivingEndpoint(oauthUri.ToString(), deliveryMethods);
var serviceDescription = new DotNetOpenAuth.OAuth.ServiceProviderDescription()
{
AccessTokenEndpoint = endpoint,
RequestTokenEndpoint = endpoint,
UserAuthorizationEndpoint = endpoint,
TamperProtectionElements = new DotNetOpenAuth.Messaging.ITamperProtectionChannelBindingElement[] {
new DotNetOpenAuth.OAuth.ChannelElements.HmacSha1SigningBindingElement()
}
};
return serviceDescription;
}
public DropboxOAuthConsumer(int userId, IDropboxService dropboxService, IUserService userService)
{
var dropboxEnpoints = dropboxService.GetDroboxOAuthEndpoints();
ServiceProviderDescription = new ServiceProviderDescription
{
RequestTokenEndpoint = new MessageReceivingEndpoint(dropboxEnpoints.RequestToken,
HttpDeliveryMethods.AuthorizationHeaderRequest | HttpDeliveryMethods.PostRequest),
UserAuthorizationEndpoint = new MessageReceivingEndpoint(dropboxEnpoints.UserAuthorization,
HttpDeliveryMethods.AuthorizationHeaderRequest | HttpDeliveryMethods.GetRequest),
AccessTokenEndpoint = new MessageReceivingEndpoint(dropboxEnpoints.AccessToken,
HttpDeliveryMethods.AuthorizationHeaderRequest | HttpDeliveryMethods.PostRequest),
TamperProtectionElements = new ITamperProtectionChannelBindingElement[] { new HmacSha1SigningBindingElement() },
ProtocolVersion = ProtocolVersion.V10
};
WebConsumer = new WebConsumer(ServiceProviderDescription, new DropboxConsumerTokenManager(userId, dropboxService, userService));
}
public TwitterConsumer(string consumerKey, string consumerSecret)
{
ConsumerKey = consumerKey;
ConsumerSecret = consumerSecret;
var providerDescription = new ServiceProviderDescription
{
RequestTokenEndpoint = new MessageReceivingEndpoint("https://api.twitter.com/oauth/request_token", HttpDeliveryMethods.PostRequest),
UserAuthorizationEndpoint = new MessageReceivingEndpoint("https://api.twitter.com/oauth/authorize", HttpDeliveryMethods.GetRequest),
AccessTokenEndpoint = new MessageReceivingEndpoint("https://api.twitter.com/oauth/access_token", HttpDeliveryMethods.GetRequest),
TamperProtectionElements = new ITamperProtectionChannelBindingElement[]
{
new HmacSha1SigningBindingElement()
}
};
Consumer = new DesktopConsumer(
providerDescription,
new TokenManager(ConsumerKey, ConsumerSecret));
return;
}
/// <summary>
/// Initializes a new instance of the <see cref="ServiceProvider"/> class.
/// </summary>
/// <param name="serviceDescription">The endpoints and behavior on the Service Provider.</param>
/// <param name="tokenManager">The host's method of storing and recalling tokens and secrets.</param>
/// <param name="messageTypeProvider">An object that can figure out what type of message is being received for deserialization.</param>
public ServiceProvider(ServiceProviderDescription serviceDescription, ITokenManager tokenManager, OAuthServiceProviderMessageFactory messageTypeProvider)
{
if (serviceDescription == null)
{
throw new ArgumentNullException("serviceDescription");
}
if (tokenManager == null)
{
throw new ArgumentNullException("tokenManager");
}
if (messageTypeProvider == null)
{
throw new ArgumentNullException("messageTypeProvider");
}
var signingElement = serviceDescription.CreateTamperProtectionElement();
INonceStore store = new NonceMemoryStore(StandardExpirationBindingElement.DefaultMaximumMessageAge);
this.ServiceDescription = serviceDescription;
this.OAuthChannel = new OAuthChannel(signingElement, store, tokenManager, messageTypeProvider);
this.TokenGenerator = new StandardTokenGenerator();
}
protected void identifierBox_LoggedIn(object sender, OpenIdEventArgs e) {
State.FetchResponse = e.Response.GetExtension<FetchResponse>();
ServiceProviderDescription serviceDescription = new ServiceProviderDescription {
AccessTokenEndpoint = new MessageReceivingEndpoint(new Uri(e.Response.Provider.Uri, "/access_token.ashx"), HttpDeliveryMethods.AuthorizationHeaderRequest | HttpDeliveryMethods.PostRequest),
TamperProtectionElements = new ITamperProtectionChannelBindingElement[] { new HmacSha1SigningBindingElement() },
};
var consumer = new WebConsumerOpenIdRelyingParty(serviceDescription, Global.OwnSampleOPHybridTokenManager);
AuthorizedTokenResponse accessToken = consumer.ProcessUserAuthorization(e.Response);
if (accessToken != null) {
this.MultiView1.SetActiveView(this.AuthorizationGiven);
// At this point, the access token would be somehow associated with the user
// account at the RP.
////Database.Associate(e.Response.ClaimedIdentifier, accessToken.AccessToken);
} else {
this.MultiView1.SetActiveView(this.AuthorizationDenied);
}
// Avoid the redirect
e.Cancel = true;
}
public YDDesktopConsumer(ServiceProviderDescription serviceProvider, YDTokenManager tokenManager)
: base(serviceProvider, tokenManager)
{
_tokenManager = tokenManager;
}
/// <summary>
/// Initializes a new instance of the <see cref="ServiceProvider"/> class.
/// </summary>
/// <param name="serviceDescription">The endpoints and behavior on the Service Provider.</param>
/// <param name="tokenManager">The host's method of storing and recalling tokens and secrets.</param>
public ServiceProvider(ServiceProviderDescription serviceDescription, ITokenManager tokenManager)
: this(serviceDescription, tokenManager, new OAuthServiceProviderMessageFactory(tokenManager))
{
}
/// <summary>
/// Initializes a new instance of the <see cref="OAuthClient"/> class.
/// </summary>
/// <param name="providerName">
/// Name of the provider.
/// </param>
/// <param name="serviceDescription">
/// The service Description.
/// </param>
/// <param name="tokenManager">
/// The token Manager.
/// </param>
protected OAuthClient(
string providerName, ServiceProviderDescription serviceDescription, IConsumerTokenManager tokenManager)
: this(providerName, new DotNetOpenAuthWebConsumer(serviceDescription, tokenManager)) {}
/// <summary>
/// Initializes a new instance of the <see cref="OAuthClient"/> class.
/// </summary>
/// <param name="providerName">
/// Name of the provider.
/// </param>
/// <param name="serviceDescription">
/// The service description.
/// </param>
/// <param name="consumerKey">
/// The consumer key.
/// </param>
/// <param name="consumerSecret">
/// The consumer secret.
/// </param>
protected OAuthClient(
string providerName, ServiceProviderDescription serviceDescription, string consumerKey, string consumerSecret)
: this(providerName, serviceDescription, new InMemoryOAuthTokenManager(consumerKey, consumerSecret)) {}
/// <summary>
/// Initializes a new instance of the <see cref="DesktopConsumer"/> class.
/// </summary>
/// <param name="serviceDescription">The endpoints and behavior of the Service Provider.</param>
/// <param name="tokenManager">The host's method of storing and recalling tokens and secrets.</param>
public DesktopConsumer(ServiceProviderDescription serviceDescription, IConsumerTokenManager tokenManager)
: base(serviceDescription, tokenManager)
{
}
/// <summary>
/// Initializes a new instance of the <see cref="ServiceProviderOpenIdProvider"/> class.
/// </summary>
/// <param name="serviceDescription">The service description.</param>
/// <param name="tokenManager">The token manager.</param>
/// <param name="nonceStore">The nonce store.</param>
/// <param name="messageTypeProvider">The message type provider.</param>
public ServiceProviderOpenIdProvider(ServiceProviderDescription serviceDescription, IServiceProviderTokenManager tokenManager, INonceStore nonceStore, OAuthServiceProviderMessageFactory messageTypeProvider)
: base(serviceDescription, tokenManager, nonceStore, messageTypeProvider)
{
}
/// <summary>
/// Initializes a new instance of the <see cref="WebConsumer"/> class.
/// </summary>
/// <param name="serviceDescription">The endpoints and behavior of the Service Provider.</param>
/// <param name="tokenManager">The host's method of storing and recalling tokens and secrets.</param>
public WebConsumer(ServiceProviderDescription serviceDescription, IConsumerTokenManager tokenManager)
: base(serviceDescription, tokenManager)
{
}
/// <summary>
/// Initializes a new instance of the <see cref="ServiceProviderOpenIdProvider"/> class.
/// </summary>
/// <param name="serviceDescription">The service description.</param>
/// <param name="tokenManager">The token manager.</param>
/// <param name="nonceStore">The nonce store.</param>
public ServiceProviderOpenIdProvider(ServiceProviderDescription serviceDescription, IServiceProviderTokenManager tokenManager, INonceStore nonceStore)
: base(serviceDescription, tokenManager, nonceStore)
{
}
public void RequestTokenUriWithOAuthParametersTest()
{
var target = new ServiceProviderDescription();
target.RequestTokenEndpoint = new MessageReceivingEndpoint("http://localhost/requesttoken?oauth_token=something", HttpDeliveryMethods.GetRequest);
}
/// <summary>
/// Initializes a new instance of the <see cref="ServiceProviderOpenIdProvider"/> class.
/// </summary>
/// <param name="serviceDescription">The endpoints and behavior on the Service Provider.</param>
/// <param name="tokenManager">The host's method of storing and recalling tokens and secrets.</param>
public ServiceProviderOpenIdProvider(ServiceProviderDescription serviceDescription, IServiceProviderTokenManager tokenManager)
: base(serviceDescription, tokenManager)
{
}
/// <summary>
/// Initializes a new instance of the <see cref="WebConsumerOpenIdRelyingParty"/> class.
/// </summary>
/// <param name="serviceDescription">The endpoints and behavior of the Service Provider.</param>
/// <param name="tokenManager">The host's method of storing and recalling tokens and secrets.</param>
public WebConsumerOpenIdRelyingParty(ServiceProviderDescription serviceDescription, IConsumerTokenManager tokenManager)
: base(serviceDescription, tokenManager)
{
}
/// <summary>
/// Initializes a new instance of the <see cref="ServiceProvider"/> class.
/// </summary>
/// <param name="serviceDescription">The endpoints and behavior on the Service Provider.</param>
/// <param name="tokenManager">The host's method of storing and recalling tokens and secrets.</param>
/// <param name="nonceStore">The nonce store.</param>
public ServiceProvider(ServiceProviderDescription serviceDescription, IServiceProviderTokenManager tokenManager, INonceStore nonceStore)
: this(serviceDescription, tokenManager, nonceStore, new OAuthServiceProviderMessageFactory(tokenManager))
{
}
/// <summary>
/// Initializes a new instance of the <see cref="DesktopConsumer"/> class.
/// </summary>
/// <param name="serviceDescription">The endpoints and behavior of the Service Provider.</param>
/// <param name="tokenManager">The host's method of storing and recalling tokens and secrets.</param>
public DesktopConsumer(ServiceProviderDescription serviceDescription, ITokenManager tokenManager)
: base(serviceDescription, tokenManager)
{
}
