public bool HasPermissionForResource(ResourceRequest req)
{
ValidateTokenRequest treq = createValidateTokenRequest(req);
ValidateTokenResponse tresq = callValidateTokenEndpoint(treq);
return(conclude(tresq));
}
public override ValidateTokenResponse Process_ValidateTicket(ValidateTokenRequest req, AccessTokenEntry tokenEntry)
{
ValidateTokenResponse resp = new ValidateTokenResponse();
resp.access_token = req.access_token;
resp.client_id = tokenEntry.Realm;
resp.claimed_scope = tokenEntry.permissions;
resp.scope = req.scope;
resp.UserID = tokenEntry.UserID;
resp.Realm = tokenEntry.Realm;
return(resp);
}
public ValidateTokenRequest createValidateTokenRequest(ResourceRequest res_req)
{
ValidateTokenRequest vtreq = new ValidateTokenRequest();
vtreq.access_token = res_req.access_token;
vtreq.scope = res_req.scope;
vtreq.UserID = res_req.UserID;
vtreq.client_id = this.Realm;
vtreq = pre_ValidateTokenRequest(vtreq);
CST_Ops.recordme(this, res_req, vtreq);
return(vtreq);
}
public override AuthTicket_Resp ValidateTicket(AuthTicket_Req vtr)
{
Contract.Assume(vtr == GlobalObjects_base.AuthTicket_Req);
ValidateTokenRequest req = (ValidateTokenRequest)vtr;
AccessTokenEntry tokenEntry = (AccessTokenEntry)AccessTokenRecs.getEntry(req.access_token, req.client_id, req.UserID);
if (req.client_id != tokenEntry.Realm || req.UserID != tokenEntry.UserID || tokenEntry.permissions.permissionSet.IsSupersetOf(req.scope.permissionSet) == false)
{
return(null);
}
ValidateTokenResponse resp = (ValidateTokenResponse)Process_ValidateTicket(req, tokenEntry);
CST_Ops.recordme(this, req, resp, false, false);
return(resp);
}
public override ValidateTokenResponse callValidateTokenEndpoint(ValidateTokenRequest treq)
{
ValidateTokenResponse vtr = new ValidateTokenResponse();
FBPermssionData fbPermssionData = new FBPermssionData();
string url = TokenEndpointUrl + "/" + treq.UserID + "/permissions?access_token=" + treq.access_token.token;
HttpWebRequest request = (HttpWebRequest)WebRequest.Create(url);
HttpWebResponse response = (HttpWebResponse)request.GetResponse();
DataContractJsonSerializer serializer = new DataContractJsonSerializer(typeof(FBPermssionData));
fbPermssionData = serializer.ReadObject(response.GetResponseStream()) as FBPermssionData;
CST_Ops.recordme(new OAuth20NameSpace.AuthorizationServerImpl(), treq, vtr, typeof(AuthorizationServer).GetMethod("ValidateTicket"), "facebook.com", false, false);
vtr.UserID = treq.UserID;
vtr.scope = treq.scope;
vtr.access_token = treq.access_token;
return(vtr);
}
public abstract ValidateTokenResponse callValidateTokenEndpoint(ValidateTokenRequest treq);
public virtual ValidateTokenRequest pre_ValidateTokenRequest(ValidateTokenRequest req)
{
return(req);
}
public virtual ValidateTokenResponse Process_ValidateTicket(ValidateTokenRequest req, AccessTokenEntry tokenEntry)
{
ValidateTokenResponse resp = new ValidateTokenResponse();
resp.access_token = req.access_token;
resp.client_id = tokenEntry.Realm;
resp.claimed_scope = tokenEntry.permissions;
resp.scope = req.scope;
resp.UserID = tokenEntry.UserID;
resp.Realm = tokenEntry.Realm;
return resp;
}
public abstract ValidateTokenResponse callValidateTokenEndpoint(ValidateTokenRequest treq);
public virtual ValidateTokenRequest pre_ValidateTokenRequest(ValidateTokenRequest req)
{
return req;
}
public ValidateTokenRequest createValidateTokenRequest(ResourceRequest res_req)
{
ValidateTokenRequest vtreq = new ValidateTokenRequest();
vtreq.access_token = res_req.access_token;
vtreq.scope = res_req.scope;
vtreq.UserID = res_req.UserID;
vtreq.client_id = this.Realm;
vtreq = pre_ValidateTokenRequest(vtreq);
CST_Ops.recordme(this, res_req, vtreq);
return vtreq;
}
public override ValidateTokenResponse callValidateTokenEndpoint(ValidateTokenRequest treq)
{
ValidateTokenResponse vtr = new ValidateTokenResponse();
FBPermssionData fbPermssionData = new FBPermssionData();
string url = TokenEndpointUrl + "/" + treq.UserID + "/permissions?access_token=" + treq.access_token.token;
HttpWebRequest request = (HttpWebRequest)WebRequest.Create(url);
HttpWebResponse response = (HttpWebResponse)request.GetResponse();
DataContractJsonSerializer serializer = new DataContractJsonSerializer(typeof(FBPermssionData));
fbPermssionData = serializer.ReadObject(response.GetResponseStream()) as FBPermssionData;
CST_Ops.recordme(new OAuth20NameSpace.AuthorizationServerImpl(), treq, vtr, typeof(AuthorizationServer).GetMethod("ValidateTicket"), "facebook.com", false, false);
vtr.UserID = treq.UserID;
vtr.scope = treq.scope;
vtr.access_token = treq.access_token;
return vtr;
}
