protected override IRequestToken GenerateRequestToken( HttpContext httpContext, OAuthRequestContext requestContext) { // Don't check to see if the token already exists... it will do! return ServiceProviderContext.TokenGenerator.CreateRequestToken(requestContext.Consumer, requestContext.Parameters); }
private bool Equals(OAuthRequestContext other) { if (other == null) { return(false); } return(((this.Parameters == null && other.Parameters == null) || (this.Parameters != null && this.Parameters.Equals(other.Parameters))) && ((this.SigningProvider == null && other.SigningProvider == null) || (this.SigningProvider != null && this.SigningProvider.Equals(other.SigningProvider))) && ((this.Consumer == null && other.Consumer == null) || (this.Consumer != null && this.Consumer.Equals(other.Consumer))) && ((this.RequestToken == null && other.RequestToken == null) || (this.RequestToken != null && this.RequestToken.Equals(other.RequestToken))) && ((this.AccessToken == null && other.AccessToken == null) || (this.AccessToken != null && this.AccessToken.Equals(other.AccessToken))) && (this.RequestId != null && this.RequestId.Equals(other.RequestId)) && (this.IsSignatureValid == other.IsSignatureValid) && ((this.Signature == null && other.Signature == null) || (this.Signature != null && this.Signature.Equals(other.Signature))) && ((this.Principal == null && other.Principal == null) || (this.Principal != null && this.Principal.Equals(other.Principal))) && ((this.ResponseParameters == null && other.ResponseParameters == null) || (this.ResponseParameters != null && this.ResponseParameters.Equals(other.ResponseParameters))) && (this.IsOAuthRequest == other.IsOAuthRequest)); }
protected virtual void ParseParameters(HttpContext httpContext, OAuthRequestContext requestContext) { // Try to parse the parameters OAuthParameters parameters = OAuthParameters.Parse(httpContext.Request, ServiceProviderContext.Settings.ParameterSources); /* * Check for missing required parameters: * * The consumer key, signature method, signature, timestamp and nonce parameters * are all required */ parameters.RequireAllOf( Constants.ConsumerKeyParameter, Constants.SignatureMethodParameter, Constants.SignatureParameter, Constants.TimestampParameter, Constants.NonceParameter, Constants.CallbackParameter); /* * The version parameter is optional, but it if is present its value must be 1.0 */ if (parameters.Version != null) { parameters.RequireVersion(Constants.Version1_0); } requestContext.Parameters = parameters; }
protected virtual void CheckVerifier(HttpContext httpContext, OAuthRequestContext requestContext) { if (!ServiceProviderContext.VerificationProvider.IsValid(requestContext.RequestToken, requestContext.Parameters.Verifier)) { OAuthRequestException.ThrowParametersRejected(new string[] { Constants.VerifierParameter }, "Invalid verifier for request token."); } }
protected virtual void SetRequestToken(HttpContext httpContext, OAuthRequestContext requestContext) { /* * Check the token */ IRequestToken token; if (ServiceProviderContext.TokenStore.ContainsRequestToken(requestContext.Parameters.Token)) { token = ServiceProviderContext.TokenStore.GetRequestToken(requestContext.Parameters.Token); /* * Ensure the token was issued to the same consumer as this request purports * to be from. */ if (!token.ConsumerKey.Equals(requestContext.Parameters.ConsumerKey)) { OAuthRequestException.ThrowTokenRejected(null); } /* * Ensure the token is valid */ if (token == null) { OAuthRequestException.ThrowTokenRejected(null); } else { switch (token.Status) { case TokenStatus.Authorized: requestContext.RequestToken = token; break; case TokenStatus.Expired: OAuthRequestException.ThrowTokenExpired(null); break; case TokenStatus.Used: OAuthRequestException.ThrowTokenUsed(null); break; case TokenStatus.Revoked: OAuthRequestException.ThrowTokenRevoked(null); break; case TokenStatus.Unauthorized: case TokenStatus.Unknown: default: OAuthRequestException.ThrowTokenRejected(null); break; } } } else { OAuthRequestException.ThrowTokenRejected(null); } }
public static void SetSigningProvider(HttpContext httpContext, OAuthRequestContext context) { /* * Check there is a signing provider for the signature method */ ISigningProvider signingProvider = ServiceProviderContext.GetSigningProvider(context.Parameters.SignatureMethod); if (signingProvider == null) { // There is no signing provider for this signature method OAuthRequestException.ThrowSignatureMethodRejected(null); } // Double check the signing provider declares that it can handle the signature method if (!signingProvider.SignatureMethod.Equals(context.Parameters.SignatureMethod)) { OAuthRequestException.ThrowSignatureMethodRejected(null); } // Ask the signing provider to check the request for pre-conditions if (!signingProvider.CheckRequest(httpContext.Request)) { OAuthRequestException.ThrowSignatureMethodRejected(null); } context.SigningProvider = signingProvider; }
public static void SetRequestId(OAuthRequestContext context) { /* * Check the timestamp and nonce */ context.RequestId = ServiceProviderContext.RequestIdValidator.CheckRequest( context.Parameters.Nonce, context.Parameters.Timestamp, context.Parameters.ConsumerKey, context.Parameters.Token); }
protected virtual void SetAccessToken(HttpApplication application, OAuthRequestContext context) { IAccessToken accessToken = null; if (context.Parameters.Token == null && ServiceProviderContext.Settings.AllowConsumerRequests) { accessToken = new EmptyAccessToken(context.Consumer.Key); } else if (ServiceProviderContext.TokenStore.ContainsAccessToken(context.Parameters.Token)) { accessToken = ServiceProviderContext.TokenStore.GetAccessToken(context.Parameters.Token); } if (accessToken == null) { OAuthRequestException.ThrowTokenRejected(null); } else { /* * Ensure the token was issued to the same consumer as this request purports * to be from. */ if (!accessToken.ConsumerKey.Equals(context.Parameters.ConsumerKey)) { OAuthRequestException.ThrowTokenRejected(null); } switch (accessToken.Status) { case TokenStatus.Authorized: context.AccessToken = accessToken; break; case TokenStatus.Expired: OAuthRequestException.ThrowTokenExpired(null); break; case TokenStatus.Used: OAuthRequestException.ThrowTokenUsed(null); break; case TokenStatus.Revoked: OAuthRequestException.ThrowTokenRevoked(null); break; case TokenStatus.Unauthorized: case TokenStatus.Unknown: default: OAuthRequestException.ThrowTokenRejected(null); break; } } }
protected virtual IAccessToken GenerateAccessToken(HttpContext httpContext, OAuthRequestContext requestContext) { IAccessToken accessToken; do { accessToken = ServiceProviderContext.TokenGenerator.CreateAccessToken(requestContext.Consumer, requestContext.RequestToken); }while (ServiceProviderContext.TokenStore.Contains(accessToken.Token)); return(accessToken); }
protected override void IssueRequestToken( HttpContext httpContext, OAuthRequestContext requestContext) { // Generate a request token IRequestToken token = this.GenerateRequestToken(httpContext, requestContext); // Store the token requestContext.RequestToken = token; // Don't add to the token store (as it is already in there) // Add to the response requestContext.ResponseParameters[Constants.TokenParameter] = token.Token; requestContext.ResponseParameters[Constants.TokenSecretParameter] = token.Secret; }
protected override void IssueAccessToken( HttpContext httpContext, OAuthRequestContext requestContext) { // Generate an access token IAccessToken accessToken = this.GenerateAccessToken(httpContext, requestContext); // Mark the token as authorized accessToken.Status = TokenStatus.Authorized; // Don't store the token // Don't mark the request token as used // Add to the response requestContext.ResponseParameters[Constants.TokenParameter] = accessToken.Token; requestContext.ResponseParameters[Constants.TokenSecretParameter] = accessToken.Secret; }
public virtual void HandleAuthenticateRequest(object sender, EventArgs args) { if (ServiceProviderContext.Settings.AuthenticateRequests) { HttpApplication application = (HttpApplication)sender; // Don't do anything if another authentication module has set the user already if (application.Context.User != null) { return; } OAuthRequestContext context = new OAuthRequestContext(); WorkflowHelper.StoreOAuthContext(application.Context, context); try { this.ParseParameters(application, context); this.SetConsumer(application, context); this.SetAccessToken(application, context); context.IsOAuthRequest = true; } catch (OAuthRequestException ex) { // The request may not be an OAuth request so don't pass the exception to the consumer context.AddError(ex); context.IsOAuthRequest = false; return; } try { this.SetSigningProvider(application, context); this.SetRequestId(application, context); this.SetSignature(application, context); } catch (OAuthRequestException ex) { context.AddError(ex); WorkflowHelper.SendBadRequest(application.Context, ex, null); } this.UpdateAccessToken(application, context); this.SetUser(application, context); } }
/// <summary> /// Processes the HTTP web request. /// </summary> /// <param name="context">HTTP context</param> public void ProcessRequest(HttpContext context) { OAuthRequestContext requestContext = new OAuthRequestContext(new NameValueCollection()); // Check request parameters try { // TODO: Should we ensure the realm parameter, if present, matches the configured realm? this.ParseParameters(context, requestContext); this.SetSigningProvider(context, requestContext); this.SetConsumer(context, requestContext); this.SetRequestId(context, requestContext); this.SetRequestToken(context, requestContext); this.SetSignature(context, requestContext); this.CheckVerifier(context, requestContext); } catch (OAuthRequestException ex) { requestContext.AddError(ex); WorkflowHelper.SendBadRequest(context, ex, requestContext.ResponseParameters); return; } // Allow the application to decide whether to issue the access token bool isRequestAllowed = this.AllowRequest(context, requestContext); if (isRequestAllowed) { // Allow the application to add additional response parameters WorkflowHelper.AddApplicationResponseParameters( requestContext, this.GetAdditionalResponseParameters( context, requestContext)); // Issue the token this.IssueAccessToken(context, requestContext); WorkflowHelper.SendOk(context, requestContext.ResponseParameters); } else { // Send an unauthorized response WorkflowHelper.SendUnauthorized(context, requestContext.ResponseParameters); } }
/// <summary> /// Processes the HTTP web request. /// </summary> /// <param name="context">HTTP context</param> public void ProcessRequest(HttpContext context) { OAuthRequestContext requestContext = new OAuthRequestContext(new NameValueCollection()); // Check request parameters try { // TODO: Should we ensure the realm parameter, if present, matches the configured realm? this.ParseParameters(context, requestContext); this.SetSigningProvider(context, requestContext); this.SetConsumer(context, requestContext); this.SetRequestId(context, requestContext); this.SetRequestToken(context, requestContext); this.SetSignature(context, requestContext); this.CheckVerifier(context, requestContext); } catch (OAuthRequestException ex) { requestContext.AddError(ex); WorkflowHelper.SendBadRequest(context, ex, requestContext.ResponseParameters); return; } // Allow the application to decide whether to issue the access token bool isRequestAllowed = this.AllowRequest(context, requestContext); if (isRequestAllowed) { // Allow the application to add additional response parameters WorkflowHelper.AddApplicationResponseParameters( requestContext, this.GetAdditionalResponseParameters( context, requestContext)); // Issue the token this.IssueAccessToken(context, requestContext); WorkflowHelper.SendOk(context, requestContext.ResponseParameters); } else { // Send an unauthorized response WorkflowHelper.SendUnauthorized(context, requestContext.ResponseParameters); } }
protected virtual void SetUser(HttpApplication application, OAuthRequestContext context) { // If we are an EmptyAccessToken then there is no User to load. if (context.AccessToken is EmptyAccessToken) { // Setup any roles defined for Consumer Requests. string[] roles = new string[] { }; Array.Resize <string>(ref roles, ServiceProviderContext.Settings.ConsumerRequestRoles.Count); ServiceProviderContext.Settings.ConsumerRequestRoles.CopyTo(roles, 0); context.AccessToken.RequestToken.Roles = roles; return; } // Create the principal context.Principal = new OAuthPrincipal(context.AccessToken); application.Context.User = context.Principal; }
public virtual void HandleAuthenticateRequest(object sender, EventArgs args) { if (ServiceProviderContext.Settings.AuthenticateRequests) { HttpApplication application = (HttpApplication)sender; // Don't do anything if another authentication module has set the user already if (application.Context.User != null) return; OAuthRequestContext context = new OAuthRequestContext(); WorkflowHelper.StoreOAuthContext(application.Context, context); try { this.ParseParameters(application, context); this.SetConsumer(application, context); this.SetAccessToken(application, context); context.IsOAuthRequest = true; } catch (OAuthRequestException ex) { // The request may not be an OAuth request so don't pass the exception to the consumer context.AddError(ex); context.IsOAuthRequest = false; return; } try { this.SetSigningProvider(application, context); this.SetRequestId(application, context); this.SetSignature(application, context); } catch (OAuthRequestException ex) { context.AddError(ex); WorkflowHelper.SendBadRequest(application.Context, ex, null); } this.UpdateAccessToken(application, context); this.SetUser(application, context); } }
public static void AddApplicationResponseParameters(OAuthRequestContext requestContext, NameValueCollection additionalParameters) { if (additionalParameters == null) { return; } // Remove any oauth_ prefixed parameters from the application's additional response foreach (string key in additionalParameters.AllKeys) { if (key.StartsWith(Constants.OAuthParameterPrefix, StringComparison.Ordinal)) { additionalParameters.Remove(key); } } // Add the application's custom parameters requestContext.ResponseParameters.Add(additionalParameters); }
protected virtual void IssueAccessToken(HttpContext httpContext, OAuthRequestContext requestContext) { // Generate an access token IAccessToken accessToken = this.GenerateAccessToken(httpContext, requestContext); // Mark the token as authorized accessToken.Status = TokenStatus.Authorized; // Store the token ServiceProviderContext.TokenStore.Add(accessToken); // Mark the request token as used requestContext.RequestToken.Status = TokenStatus.Used; ServiceProviderContext.TokenStore.Update(requestContext.RequestToken); // Add to the response requestContext.ResponseParameters[Constants.TokenParameter] = accessToken.Token; requestContext.ResponseParameters[Constants.TokenSecretParameter] = accessToken.Secret; }
protected virtual void ParseParameters(HttpApplication application, OAuthRequestContext context) { // Try to parse the parameters OAuthParameters parameters = OAuthParameters.Parse(application.Request); /* * Check for missing required parameters: * * The consumer key, token, signature method, signature, timestamp and nonce parameters * are all required */ if (ServiceProviderContext.Settings.AllowConsumerRequests) { parameters.RequireAllOf( Constants.ConsumerKeyParameter, Constants.SignatureMethodParameter, Constants.SignatureParameter, Constants.TimestampParameter, Constants.NonceParameter); } else { // For 3 legged TokenParameter is required parameters.RequireAllOf( Constants.ConsumerKeyParameter, Constants.TokenParameter, Constants.SignatureMethodParameter, Constants.SignatureParameter, Constants.TimestampParameter, Constants.NonceParameter); } /* * The version parameter is optional, but it if is present its value must be 1.0 */ if (parameters.Version != null) { parameters.RequireVersion(Constants.Version1_0); } context.Parameters = parameters; }
public static void SetConsumer(OAuthRequestContext context) { /* * Get the consumer by its consumer key */ if (ServiceProviderContext.ConsumerStore.Contains(context.Parameters.ConsumerKey)) { IConsumer consumer = ServiceProviderContext.ConsumerStore.GetByKey(context.Parameters.ConsumerKey); if (consumer == null) { OAuthRequestException.ThrowConsumerKeyUnknown(null); } else { switch (consumer.Status) { case ConsumerStatus.Valid: context.Consumer = consumer; break; case ConsumerStatus.TemporarilyDisabled: OAuthRequestException.ThrowConsumerKeyRefused(null); break; case ConsumerStatus.PermanentlyDisabled: OAuthRequestException.ThrowConsumerKeyRejected(null); break; case ConsumerStatus.Unknown: default: OAuthRequestException.ThrowConsumerKeyUnknown(null); break; } } } else { OAuthRequestException.ThrowConsumerKeyUnknown(null); } }
public static void SetSignature(HttpContext httpContext, OAuthRequestContext requestContext) { // Get the token to sign with string tokenSecret; if (requestContext.AccessToken != null) { tokenSecret = requestContext.AccessToken.Secret; } else if (requestContext.RequestToken != null) { tokenSecret = requestContext.RequestToken.Secret; } else { tokenSecret = null; } /* * Check the signature */ bool isValid = requestContext.SigningProvider.CheckSignature( SignatureBase.Create( httpContext.Request.HttpMethod, new Uri(httpContext.Request.Url.GetLeftPart(UriPartial.Authority) + httpContext.Request.RawUrl), requestContext.Parameters), requestContext.Parameters.Signature, requestContext.Consumer.Secret, tokenSecret); if (!isValid) { OAuthRequestException.ThrowSignatureInvalid(null); } else { requestContext.IsSignatureValid = true; } }
private void HandleError(object sender, EventArgs e) { if (ServiceProviderContext.Settings.AuthenticateRequests) { HttpApplication application = (HttpApplication)sender; if (application.Context.Error is OAuthRequestException) { OAuthRequestException exception = (OAuthRequestException)application.Context.Error; OAuthRequestContext context = WorkflowHelper.RetrieveOAuthContext(application.Context); if (context != null) { context.AddError(exception); } application.Context.ClearError(); // Ensure we clear the exception to avoid ASP.NET handling this WorkflowHelper.SendBadRequest(application.Context, exception, null); } } }
protected virtual void IssueRequestToken(HttpContext httpContext, OAuthRequestContext requestContext) { // Generate a request token IRequestToken token = this.GenerateRequestToken(httpContext, requestContext); // Check to see if the request for a token is oob and that oob is allowed. if (requestContext.Parameters.Callback.Equals(Constants.OAuthOutOfBandCallback)) { if (ServiceProviderContext.Settings.AllowOutOfBandCallback == false) { OAuthRequestException.ThrowParametersRejected(new string[] { Constants.CallbackParameter }, "Out of band is not supported."); } } else { Uri callbackUri; if (Uri.TryCreate(requestContext.Parameters.Callback, UriKind.Absolute, out callbackUri)) { ServiceProviderContext.CallbackStore.AddCallback(token, callbackUri); } else { OAuthRequestException.ThrowParametersRejected(new string[] { Constants.CallbackParameter }, "Not a valid Uri."); } } // Store the token requestContext.RequestToken = token; ServiceProviderContext.TokenStore.Add(token); // Add to the response requestContext.ResponseParameters[Constants.CallbackConfirmedParameter] = "true"; // The spec never defines when to send false or what will happen if you do. requestContext.ResponseParameters[Constants.TokenParameter] = token.Token; requestContext.ResponseParameters[Constants.TokenSecretParameter] = token.Secret; }
protected virtual void SetRequestId(HttpContext httpContext, OAuthRequestContext requestContext) { WorkflowHelper.SetRequestId(requestContext); }
protected virtual void SetSigningProvider(HttpContext httpContext, OAuthRequestContext requestContext) { WorkflowHelper.SetSigningProvider(httpContext, requestContext); }
protected virtual void SetSignature(HttpContext httpContext, OAuthRequestContext requestContext) { WorkflowHelper.SetSignature(httpContext, requestContext); }
protected virtual void IssueAccessToken(HttpContext httpContext, OAuthRequestContext requestContext) { // Generate an access token IAccessToken accessToken = this.GenerateAccessToken(httpContext, requestContext); // Mark the token as authorized accessToken.Status = TokenStatus.Authorized; // Store the token ServiceProviderContext.TokenStore.Add(accessToken); // Mark the request token as used requestContext.RequestToken.Status = TokenStatus.Used; ServiceProviderContext.TokenStore.Update(requestContext.RequestToken); // Add to the response requestContext.ResponseParameters[Constants.TokenParameter] = accessToken.Token; requestContext.ResponseParameters[Constants.TokenSecretParameter] = accessToken.Secret; }
public static void SetRequestId(OAuthRequestContext context) { /* * Check the timestamp and nonce */ context.RequestId = ServiceProviderContext.RequestIdValidator.CheckRequest( context.Parameters.Nonce, context.Parameters.Timestamp, context.Parameters.ConsumerKey, context.Parameters.Token); }
public static void AddApplicationResponseParameters(OAuthRequestContext requestContext, NameValueCollection additionalParameters) { if (additionalParameters == null) return; // Remove any oauth_ prefixed parameters from the application's additional response foreach (string key in additionalParameters.AllKeys) if (key.StartsWith(Constants.OAuthParameterPrefix, StringComparison.Ordinal)) additionalParameters.Remove(key); // Add the application's custom parameters requestContext.ResponseParameters.Add(additionalParameters); }
protected virtual void SetAccessToken(HttpApplication application, OAuthRequestContext context) { IAccessToken accessToken = null; if (context.Parameters.Token == null && ServiceProviderContext.Settings.AllowConsumerRequests) { accessToken = new EmptyAccessToken(context.Consumer.Key); } else if (ServiceProviderContext.TokenStore.ContainsAccessToken(context.Parameters.Token)) accessToken = ServiceProviderContext.TokenStore.GetAccessToken(context.Parameters.Token); if (accessToken == null) OAuthRequestException.ThrowTokenRejected(null); else { /* * Ensure the token was issued to the same consumer as this request purports * to be from. */ if (!accessToken.ConsumerKey.Equals(context.Parameters.ConsumerKey)) OAuthRequestException.ThrowTokenRejected(null); switch (accessToken.Status) { case TokenStatus.Authorized: context.AccessToken = accessToken; break; case TokenStatus.Expired: OAuthRequestException.ThrowTokenExpired(null); break; case TokenStatus.Used: OAuthRequestException.ThrowTokenUsed(null); break; case TokenStatus.Revoked: OAuthRequestException.ThrowTokenRevoked(null); break; case TokenStatus.Unauthorized: case TokenStatus.Unknown: default: OAuthRequestException.ThrowTokenRejected(null); break; } } }
protected virtual void SetRequestToken(HttpContext httpContext, OAuthRequestContext requestContext) { /* * Check the token */ IRequestToken token; if (ServiceProviderContext.TokenStore.ContainsRequestToken(requestContext.Parameters.Token)) { token = ServiceProviderContext.TokenStore.GetRequestToken(requestContext.Parameters.Token); /* * Ensure the token was issued to the same consumer as this request purports * to be from. */ if (!token.ConsumerKey.Equals(requestContext.Parameters.ConsumerKey)) OAuthRequestException.ThrowTokenRejected(null); /* * Ensure the token is valid */ if (token == null) OAuthRequestException.ThrowTokenRejected(null); else switch (token.Status) { case TokenStatus.Authorized: requestContext.RequestToken = token; break; case TokenStatus.Expired: OAuthRequestException.ThrowTokenExpired(null); break; case TokenStatus.Used: OAuthRequestException.ThrowTokenUsed(null); break; case TokenStatus.Revoked: OAuthRequestException.ThrowTokenRevoked(null); break; case TokenStatus.Unauthorized: case TokenStatus.Unknown: default: OAuthRequestException.ThrowTokenRejected(null); break; } } else OAuthRequestException.ThrowTokenRejected(null); }
protected virtual void CheckVerifier(HttpContext httpContext, OAuthRequestContext requestContext) { if (!ServiceProviderContext.VerificationProvider.IsValid(requestContext.RequestToken, requestContext.Parameters.Verifier)) { OAuthRequestException.ThrowParametersRejected(new string[] { Constants.VerifierParameter }, "Invalid verifier for request token."); } }
private bool Equals(OAuthRequestContext other) { if (other == null) return false; return ((this.Parameters == null && other.Parameters == null) || (this.Parameters != null && this.Parameters.Equals(other.Parameters))) && ((this.SigningProvider == null && other.SigningProvider == null) || (this.SigningProvider != null && this.SigningProvider.Equals(other.SigningProvider))) && ((this.Consumer == null && other.Consumer == null) || (this.Consumer != null && this.Consumer.Equals(other.Consumer))) && ((this.RequestToken == null && other.RequestToken == null) || (this.RequestToken != null && this.RequestToken.Equals(other.RequestToken))) && ((this.AccessToken == null && other.AccessToken == null) || (this.AccessToken != null && this.AccessToken.Equals(other.AccessToken))) && (this.RequestId != null && this.RequestId.Equals(other.RequestId)) && (this.IsSignatureValid == other.IsSignatureValid) && ((this.Signature == null && other.Signature == null) || (this.Signature != null && this.Signature.Equals(other.Signature))) && ((this.Principal == null && other.Principal == null) || (this.Principal != null && this.Principal.Equals(other.Principal))) && ((this.ResponseParameters == null && other.ResponseParameters == null) || (this.ResponseParameters != null && this.ResponseParameters.Equals(other.ResponseParameters))) && (this.IsOAuthRequest == other.IsOAuthRequest); }
/// <summary> /// Supplies additional parameters to send in the response. /// </summary> /// /// <remarks> /// Parameter names prefixed with <c>"oauth_"</c> will be stripped. /// </remarks> /// /// <param name="httpContext">HTTP context</param> /// <param name="requestContext">OAuth request context</param> /// /// <returns> /// A collection of parameters to add to the response, or /// <c>null</c> if no additional parameters should be sent /// </returns> protected virtual NameValueCollection GetAdditionalResponseParameters(HttpContext httpContext, OAuthRequestContext requestContext) { // By default, there are no extra parameters return null; }
/// <summary> /// Determines whether an access token is issued for this request. /// </summary> /// /// <remarks> /// <para> /// If you need to apply extra rules before allowing an access /// token to be issued, you should create an AccessTokenHandler class /// which inherits from this & overrides the AllowRequest method /// and add it as a HTTP handler for the access token URI. /// </para> /// /// <para> /// If AllowRequest returns <c>true</c> the access token will /// be issued. Additional application-specific response /// parameters can be added by overriding the /// <see cref="GetAdditionalResponseParameters"/> method. /// </para> /// /// <para> /// If AllowRequest returns <c>false</c> then a 401 Unauthorized /// response will be returned. /// </para> /// /// <para> /// The <paramref name="requestContext"/> parameter contains /// the OAuth information parsed from the request. /// </para> /// </remarks> /// /// <param name="httpContext">HTTP context</param> /// <param name="requestContext">OAuth request context</param> /// /// <returns> /// <c>true</c>, if an access token should be issued; <c>false</c> /// otherwise /// </returns> protected virtual bool AllowRequest(HttpContext httpContext, OAuthRequestContext requestContext) { // By default, requests for access tokens are allowed return true; }
protected virtual IAccessToken GenerateAccessToken(HttpContext httpContext, OAuthRequestContext requestContext) { IAccessToken accessToken; do { accessToken = ServiceProviderContext.TokenGenerator.CreateAccessToken(requestContext.Consumer, requestContext.RequestToken); } while (ServiceProviderContext.TokenStore.Contains(accessToken.Token)); return accessToken; }
public static void SetSigningProvider(HttpContext httpContext, OAuthRequestContext context) { /* * Check there is a signing provider for the signature method */ ISigningProvider signingProvider = ServiceProviderContext.GetSigningProvider(context.Parameters.SignatureMethod); if (signingProvider == null) { // There is no signing provider for this signature method OAuthRequestException.ThrowSignatureMethodRejected(null); } // Double check the signing provider declares that it can handle the signature method if (!signingProvider.SignatureMethod.Equals(context.Parameters.SignatureMethod)) OAuthRequestException.ThrowSignatureMethodRejected(null); // Ask the signing provider to check the request for pre-conditions if (!signingProvider.CheckRequest(httpContext.Request)) OAuthRequestException.ThrowSignatureMethodRejected(null); context.SigningProvider = signingProvider; }
protected virtual void UpdateAccessToken(HttpApplication application, OAuthRequestContext context) { // TODO: Update access token according to its usage policy... }
public static void SetConsumer(OAuthRequestContext context) { /* * Get the consumer by its consumer key */ if (ServiceProviderContext.ConsumerStore.Contains(context.Parameters.ConsumerKey)) { IConsumer consumer = ServiceProviderContext.ConsumerStore.GetByKey(context.Parameters.ConsumerKey); if (consumer == null) OAuthRequestException.ThrowConsumerKeyUnknown(null); else switch (consumer.Status) { case ConsumerStatus.Valid: context.Consumer = consumer; break; case ConsumerStatus.TemporarilyDisabled: OAuthRequestException.ThrowConsumerKeyRefused(null); break; case ConsumerStatus.PermanentlyDisabled: OAuthRequestException.ThrowConsumerKeyRejected(null); break; case ConsumerStatus.Unknown: default: OAuthRequestException.ThrowConsumerKeyUnknown(null); break; } } else OAuthRequestException.ThrowConsumerKeyUnknown(null); }
protected virtual void IssueRequestToken(HttpContext httpContext, OAuthRequestContext requestContext) { // Generate a request token IRequestToken token = this.GenerateRequestToken(httpContext, requestContext); // Check to see if the request for a token is oob and that oob is allowed. if (requestContext.Parameters.Callback.Equals(Constants.OAuthOutOfBandCallback)) { if (ServiceProviderContext.Settings.AllowOutOfBandCallback == false) OAuthRequestException.ThrowParametersRejected(new string[] { Constants.CallbackParameter }, "Out of band is not supported."); } else { Uri callbackUri; if (Uri.TryCreate(requestContext.Parameters.Callback, UriKind.Absolute, out callbackUri)) { ServiceProviderContext.CallbackStore.AddCallback(token, callbackUri); } else OAuthRequestException.ThrowParametersRejected(new string[] { Constants.CallbackParameter }, "Not a valid Uri."); } // Store the token requestContext.RequestToken = token; ServiceProviderContext.TokenStore.Add(token); // Add to the response requestContext.ResponseParameters[Constants.CallbackConfirmedParameter] = "true"; // The spec never defines when to send false or what will happen if you do. requestContext.ResponseParameters[Constants.TokenParameter] = token.Token; requestContext.ResponseParameters[Constants.TokenSecretParameter] = token.Secret; }
public static void SetSignature(HttpContext httpContext, OAuthRequestContext requestContext) { // Get the token to sign with string tokenSecret; if (requestContext.AccessToken != null) tokenSecret = requestContext.AccessToken.Secret; else if (requestContext.RequestToken != null) tokenSecret = requestContext.RequestToken.Secret; else tokenSecret = null; /* * Check the signature */ bool isValid = requestContext.SigningProvider.CheckSignature( SignatureBase.Create( httpContext.Request.HttpMethod, new Uri(httpContext.Request.Url.GetLeftPart(UriPartial.Authority) + httpContext.Request.RawUrl), requestContext.Parameters), requestContext.Parameters.Signature, requestContext.Consumer.Secret, tokenSecret); if (!isValid) OAuthRequestException.ThrowSignatureInvalid(null); else requestContext.IsSignatureValid = true; }
protected virtual void UpdateAccessToken(HttpApplication application, OAuthRequestContext context) { // TODO: Update access token according to its usage policy... }
public static void StoreOAuthContext(HttpContext httpContext, OAuthRequestContext oauthContext) { httpContext.Items[typeof(OAuthRequestContext)] = oauthContext; }
protected virtual void SetRequestId(HttpContext httpContext, OAuthRequestContext requestContext) { WorkflowHelper.SetRequestId(requestContext); }
protected virtual IRequestToken GenerateRequestToken(HttpContext httpContext, OAuthRequestContext requestContext) { IRequestToken requestToken; do { requestToken = ServiceProviderContext.TokenGenerator.CreateRequestToken(requestContext.Consumer, requestContext.Parameters); }while (ServiceProviderContext.TokenStore.Contains(requestToken.Token)); return(requestToken); }
protected virtual void SetSignature(HttpContext httpContext, OAuthRequestContext requestContext) { WorkflowHelper.SetSignature(httpContext, requestContext); }
protected virtual void SetUser(HttpApplication application, OAuthRequestContext context) { // If we are an EmptyAccessToken then there is no User to load. if (context.AccessToken is EmptyAccessToken) { // Setup any roles defined for Consumer Requests. string[] roles = new string[] { }; Array.Resize<string>(ref roles, ServiceProviderContext.Settings.ConsumerRequestRoles.Count); ServiceProviderContext.Settings.ConsumerRequestRoles.CopyTo(roles, 0); context.AccessToken.RequestToken.Roles = roles; return; } // Create the principal context.Principal = new OAuthPrincipal(context.AccessToken); application.Context.User = context.Principal; }
protected virtual void SetRequestId(HttpApplication application, OAuthRequestContext context) { WorkflowHelper.SetRequestId(context); }
protected virtual void SetSigningProvider(HttpContext httpContext, OAuthRequestContext requestContext) { WorkflowHelper.SetSigningProvider(httpContext, requestContext); }
/// <summary> /// Supplies additional parameters to send in the response. /// </summary> /// /// <remarks> /// Parameter names prefixed with <c>"oauth_"</c> will be stripped. /// </remarks> /// /// <param name="httpContext">HTTP context</param> /// <param name="requestContext">OAuth request context</param> /// /// <returns> /// A collection of parameters to add to the response, or /// <c>null</c> if no additional parameters should be sent /// </returns> protected virtual NameValueCollection GetAdditionalResponseParameters(HttpContext httpContext, OAuthRequestContext requestContext) { // By default, there are no extra parameters return(null); }
protected virtual void SetSignature(HttpApplication application, OAuthRequestContext context) { WorkflowHelper.SetSignature(application.Context, context); }
protected virtual IRequestToken GenerateRequestToken(HttpContext httpContext, OAuthRequestContext requestContext) { IRequestToken requestToken; do { requestToken = ServiceProviderContext.TokenGenerator.CreateRequestToken(requestContext.Consumer, requestContext.Parameters); } while (ServiceProviderContext.TokenStore.Contains(requestToken.Token)); return requestToken; }
protected virtual void SetRequestId(HttpApplication application, OAuthRequestContext context) { WorkflowHelper.SetRequestId(context); }
protected virtual void ParseParameters(HttpContext httpContext, OAuthRequestContext requestContext) { // Try to parse the parameters OAuthParameters parameters = OAuthParameters.Parse(httpContext.Request, ServiceProviderContext.Settings.ParameterSources); /* * Check for missing required parameters: * * The consumer key, signature method, signature, timestamp and nonce parameters * are all required */ parameters.RequireAllOf( Constants.ConsumerKeyParameter, Constants.TokenParameter, Constants.SignatureMethodParameter, Constants.SignatureParameter, Constants.TimestampParameter, Constants.NonceParameter, Constants.VerifierParameter); /* * The version parameter is optional, but it if is present its value must be 1.0 */ if (parameters.Version != null) parameters.RequireVersion(Constants.Version1_0); /* * Check that there are no other parameters except for realm, version and * the required parameters */ parameters.AllowOnly( Constants.ConsumerKeyParameter, Constants.TokenParameter, Constants.SignatureMethodParameter, Constants.SignatureParameter, Constants.TimestampParameter, Constants.NonceParameter, Constants.VerifierParameter, Constants.VersionParameter, // (optional) Constants.RealmParameter); // (optional) requestContext.Parameters = parameters; }
/// <summary> /// Determines whether an access token is issued for this request. /// </summary> /// /// <remarks> /// <para> /// If you need to apply extra rules before allowing an access /// token to be issued, you should create an AccessTokenHandler class /// which inherits from this & overrides the AllowRequest method /// and add it as a HTTP handler for the access token URI. /// </para> /// /// <para> /// If AllowRequest returns <c>true</c> the access token will /// be issued. Additional application-specific response /// parameters can be added by overriding the /// <see cref="GetAdditionalResponseParameters"/> method. /// </para> /// /// <para> /// If AllowRequest returns <c>false</c> then a 401 Unauthorized /// response will be returned. /// </para> /// /// <para> /// The <paramref name="requestContext"/> parameter contains /// the OAuth information parsed from the request. /// </para> /// </remarks> /// /// <param name="httpContext">HTTP context</param> /// <param name="requestContext">OAuth request context</param> /// /// <returns> /// <c>true</c>, if an access token should be issued; <c>false</c> /// otherwise /// </returns> protected virtual bool AllowRequest(HttpContext httpContext, OAuthRequestContext requestContext) { // By default, requests for access tokens are allowed return(true); }
public static void StoreOAuthContext(HttpContext httpContext, OAuthRequestContext oauthContext) { httpContext.Items[typeof(OAuthRequestContext)] = oauthContext; }
protected virtual void ParseParameters(HttpApplication application, OAuthRequestContext context) { // Try to parse the parameters OAuthParameters parameters = OAuthParameters.Parse(application.Request); /* * Check for missing required parameters: * * The consumer key, token, signature method, signature, timestamp and nonce parameters * are all required */ if (ServiceProviderContext.Settings.AllowConsumerRequests) { parameters.RequireAllOf( Constants.ConsumerKeyParameter, Constants.SignatureMethodParameter, Constants.SignatureParameter, Constants.TimestampParameter, Constants.NonceParameter); } else { // For 3 legged TokenParameter is required parameters.RequireAllOf( Constants.ConsumerKeyParameter, Constants.TokenParameter, Constants.SignatureMethodParameter, Constants.SignatureParameter, Constants.TimestampParameter, Constants.NonceParameter); } /* * The version parameter is optional, but it if is present its value must be 1.0 */ if (parameters.Version != null) parameters.RequireVersion(Constants.Version1_0); context.Parameters = parameters; }
protected virtual void SetSignature(HttpApplication application, OAuthRequestContext context) { WorkflowHelper.SetSignature(application.Context, context); }