/// <summary> /// Stores a newly generated unauthorized request token, secret, and optional /// application-specific parameters for later recall. /// </summary> /// <param name="request">The request message that resulted in the generation of a new unauthorized request token.</param> /// <param name="response">The response message that includes the unauthorized request token.</param> /// <exception cref="ArgumentException">Thrown if the consumer key is not registered, or a required parameter was not found in the parameters collection.</exception> /// <remarks> /// Request tokens stored by this method SHOULD NOT associate any user account with this token. /// It usually opens up security holes in your application to do so. Instead, you associate a user /// account with access tokens (not request tokens) in the <see cref="ExpireRequestTokenAndStoreNewAccessToken"/> /// method. /// </remarks> public void StoreNewRequestToken(UnauthorizedTokenRequest request, ITokenSecretContainingMessage response) { Consumer consumer; try { consumer = Database.DataContext.Consumers.First(c => c.ConsumerKey == request.ConsumerKey); } catch (InvalidOperationException) { throw new ArgumentOutOfRangeException(); } var token = new IssuedRequestToken { Callback = request.Callback, Consumer = consumer, Token = response.Token, TokenSecret = response.TokenSecret, }; string scope; if (request.ExtraData.TryGetValue("scope", out scope)) { token.Scope = scope; } Database.DataContext.AddToIssuedTokens(token); Database.DataContext.SaveChanges(); }