Method | Description | |
---|---|---|
CanBeAutoApproved ( DotNetOpenAuth.OAuth2.Messages.EndUserAuthorizationRequest authorizationRequest ) : bool | ||
GetAccessTokenParameters ( IAccessTokenRequest accessTokenRequestMessage ) : DotNetOpenAuth.OAuth2.AccessTokenParameters |
Obtains parameters to go into the formulation of an access token.
|
|
GetClient ( string clientIdentifier ) : IClientDescription |
Gets the client with a given identifier.
|
|
IsAuthorizationValid ( IAuthorizationDescription authorization ) : bool |
Determines whether a described authorization is (still) valid. When establishing that an authorization is still valid, it's very important to only match on recorded authorizations that meet these criteria: 1) The client identifier matches. 2) The user account matches. 3) The scope on the recorded authorization must include all scopes in the given authorization. 4) The date the recorded authorization was issued must be no later that the date the given authorization was issued.One possible scenario is where the user authorized a client, later revoked authorization, and even later reinstated authorization. This subsequent recorded authorization would not satisfy requirement #4 in the above list. This is important because the revocation the user went through should invalidate all previously issued tokens as a matter of security in the event the user was revoking access in order to sever authorization on a stolen account or piece of hardware in which the tokens were stored. |
|
IsResourceOwnerCredentialValid ( string userName, string password ) : bool |
Determines whether a given set of resource owner credentials is valid based on the authorization server's user database.
|
|
OAuthAuthorizationServer ( ) : System |
Initializes a new instance of the OAuthAuthorizationServer class.
|
Method | Description | |
---|---|---|
IsAuthorizationValid ( HashSet |
public CanBeAutoApproved ( DotNetOpenAuth.OAuth2.Messages.EndUserAuthorizationRequest authorizationRequest ) : bool | ||
authorizationRequest | DotNetOpenAuth.OAuth2.Messages.EndUserAuthorizationRequest | |
return | bool |
public GetAccessTokenParameters ( IAccessTokenRequest accessTokenRequestMessage ) : DotNetOpenAuth.OAuth2.AccessTokenParameters | ||
accessTokenRequestMessage | IAccessTokenRequest | Details regarding the resources that the access token will grant access to, and the identity of the client /// that will receive that access. /// Based on this information the receiving resource server can be determined and the lifetime of the access /// token can be set based on the sensitivity of the resources. |
return | DotNetOpenAuth.OAuth2.AccessTokenParameters |
public GetClient ( string clientIdentifier ) : IClientDescription | ||
clientIdentifier | string | The client identifier. |
return | IClientDescription |
public IsAuthorizationValid ( IAuthorizationDescription authorization ) : bool | ||
authorization | IAuthorizationDescription | The authorization. |
return | bool |
public IsResourceOwnerCredentialValid ( string userName, string password ) : bool | ||
userName | string | Username on the account. |
password | string | The user's password. |
return | bool |