/// <summary> /// Attempts to extract client identification/authentication information from a message. /// </summary> /// <param name="authorizationServerHost">The authorization server host.</param> /// <param name="requestMessage">The incoming message.</param> /// <param name="clientIdentifier">Receives the client identifier, if one was found.</param> /// <returns>The level of the extracted client information.</returns> public override ClientAuthenticationResult TryAuthenticateClient(IAuthorizationServerHost authorizationServerHost, AuthenticatedClientRequestBase requestMessage, out string clientIdentifier) { ClientAuthenticationModule authenticator = null; ClientAuthenticationResult result = ClientAuthenticationResult.NoAuthenticationRecognized; clientIdentifier = null; foreach (var candidateAuthenticator in this.authenticators) { string candidateClientIdentifier; var resultCandidate = candidateAuthenticator.TryAuthenticateClient(authorizationServerHost, requestMessage, out candidateClientIdentifier); ErrorUtilities.VerifyProtocol( result == ClientAuthenticationResult.NoAuthenticationRecognized || resultCandidate == ClientAuthenticationResult.NoAuthenticationRecognized, "Message rejected because multiple forms of client authentication ({0} and {1}) were detected, which is forbidden by the OAuth 2 Protocol Framework specification.", authenticator, candidateAuthenticator); if (resultCandidate != ClientAuthenticationResult.NoAuthenticationRecognized) { authenticator = candidateAuthenticator; result = resultCandidate; clientIdentifier = candidateClientIdentifier; } } return(result); }
/// <summary> /// Initializes a new instance of the <see cref="OAuth2AuthorizationServerChannel"/> class. /// </summary> /// <param name="authorizationServer">The authorization server.</param> /// <param name="clientAuthenticationModule">The aggregating client authentication module.</param> protected internal OAuth2AuthorizationServerChannel(IAuthorizationServerHost authorizationServer, ClientAuthenticationModule clientAuthenticationModule) : base(MessageTypes, InitializeBindingElements(authorizationServer, clientAuthenticationModule)) { this.AuthorizationServer = authorizationServer; }
/// <summary> /// Initializes the binding elements for the OAuth channel. /// </summary> /// <param name="authorizationServer">The authorization server.</param> /// <param name="clientAuthenticationModule">The aggregating client authentication module.</param> /// <returns> /// An array of binding elements used to initialize the channel. /// </returns> private static IChannelBindingElement[] InitializeBindingElements(IAuthorizationServerHost authorizationServer, ClientAuthenticationModule clientAuthenticationModule) { var bindingElements = new List <IChannelBindingElement>(); // The order they are provided is used for outgoing messgaes, and reversed for incoming messages. bindingElements.Add(new MessageValidationBindingElement(clientAuthenticationModule)); bindingElements.Add(new TokenCodeSerializationBindingElement()); return(bindingElements.ToArray()); }
/// <summary> /// Initializes a new instance of the <see cref="MessageValidationBindingElement"/> class. /// </summary> /// <param name="clientAuthenticationModule">The aggregating client authentication module.</param> internal MessageValidationBindingElement(ClientAuthenticationModule clientAuthenticationModule) { this.clientAuthenticationModule = clientAuthenticationModule; }