/// <summary>
/// Stores a given nonce and timestamp.
/// </summary>
/// <param name="context">The context, or namespace, within which the
/// <paramref name="nonce"/> must be unique.
/// The context SHOULD be treated as case-sensitive.
/// The value will never be <c>null</c> but may be the empty string.</param>
/// <param name="nonce">A series of random characters.</param>
/// <param name="timestampUtc">The UTC timestamp that together with the nonce string make it unique
/// within the given <paramref name="context"/>.
/// The timestamp may also be used by the data store to clear out old nonces.</param>
/// <returns>
/// True if the context+nonce+timestamp (combination) was not previously in the database.
/// False if the nonce was stored previously with the same timestamp and context.
/// </returns>
/// <remarks>
/// The nonce must be stored for no less than the maximum time window a message may
/// be processed within before being discarded as an expired message.
/// This maximum message age can be looked up via the
/// <see cref="DotNetOpenAuth.Configuration.MessagingElement.MaximumMessageLifetime"/>
/// property, accessible via the <see cref="Configuration"/>
/// property.
/// </remarks>
public bool StoreNonce(string context, string nonce, DateTime timestampUtc)
{
var db = new OAuthEntities();
db.oauth_nonce.AddObject(new oauth_nonce() { Context = context, Code = nonce, Timestamp = timestampUtc });
try
{
db.SaveChanges();
return true;
}
catch (SqlException)
{
return false;
}
}
public void StoreKey(string bucket, string handle, CryptoKey key)
{
var keyRow = new oauth_symmetriccryptokey()
{
Bucket = bucket,
Handle = handle,
Secret = key.Key,
ExpiresUtc = key.ExpiresUtc,
};
var db = new OAuthEntities();
db.oauth_symmetriccryptokey.AddObject(keyRow);
db.SaveChanges();
}
public ActionResult AuthorizeResponse(bool isApproved)
{
var pendingRequest = this.authorizationServer.ReadAuthorizationRequest();
if (pendingRequest == null)
{
throw new HttpException((int)HttpStatusCode.BadRequest, "Missing authorization request.");
}
IDirectedProtocolMessage response;
if (isApproved)
{
// The authorization we file in our database lasts until the user explicitly revokes it.
// You can cause the authorization to expire by setting the ExpirationDateUTC
// property in the below created ClientAuthorization.
var db = new OAuthEntities();
var client = db.oauth_client.First(c => c.ClientIdentifier == pendingRequest.ClientIdentifier);
var username = "******";//HttpContext.User.Identity.Name;
var user = db.sys_user.FirstOrDefault(c => c.Username == username);
db.oauth_clientauthorization.AddObject(new oauth_clientauthorization
{
UserId = user.ID,
ClientId = client.ClientId,
CreatedOnUtc = DateTime.UtcNow,
Scope = OAuthUtilities.JoinScopes(pendingRequest.Scope),
ExpirationDateUtc = DateTime.UtcNow.AddMinutes(1)
});
db.SaveChanges(); // submit now so that this new row can be retrieved later in this same HTTP request
// In this simple sample, the user either agrees to the entire scope requested by the client or none of it.
// But in a real app, you could grant a reduced scope of access to the client by passing a scope parameter to this method.
response = this.authorizationServer.PrepareApproveAuthorizationRequest(pendingRequest, username);
}
else
{
response = this.authorizationServer.PrepareRejectAuthorizationRequest(pendingRequest);
}
var a = this.authorizationServer.Channel.PrepareResponse(response);
return a.AsActionResult();
}
