Rietveld Code Review Tool
Help | Bug tracker | Discussion group | Source code | Sign in
(453)

Unified Diff: Src/GoogleApis.Auth/OAuth2/AuthorizationCodeWebApp.cs

Issue 13972043: Issue 351: Reimplement OAuth2 (Step 3 - Tests, Flows and Credential) (Closed) Base URL: https://google-api-dotnet-client.googlecode.com/hg/
Patch Set: minor Created 10 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Please Sign in to add in-line comments.
Jump to:
View side-by-side diff with in-line comments
Download patch
Index: Src/GoogleApis.Auth/OAuth2/AuthorizationCodeWebApp.cs
===================================================================
new file mode 100644
--- /dev/null
+++ b/Src/GoogleApis.Auth/OAuth2/AuthorizationCodeWebApp.cs
@@ -0,0 +1,127 @@
+/*
+Copyright 2013 Google Inc
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+using System;
+using System.Threading;
+using System.Threading.Tasks;
+
+using Google.Apis.Auth.OAuth2.Requests;
+
+namespace Google.Apis.Auth.OAuth2
+{
+ /// <summary>
+ /// Thread safe OAuth 2.0 authorization code flow for a web application that persists end-user credentials.
+ /// </summary>
+ public class AuthorizationCodeWebApp
+ {
+ /// <summary>
+ /// The state key. As part of making the request for authorization code we save the original request to verify
+ /// that this server create the original request.
+ /// </summary>
+ public const string StateKey = "oauth_";
+
+ /// <summary>The length of the random number which will be added to the end of the state parameter.</summary>
+ public const int StateRandomLength = 8;
+
+ /// <summary>
+ /// AuthResult which contains the user's credentials if it was loaded successfully from the store. Otherwise
+ /// it contains the redirect URI for the authorization server.
+ /// </summary>
+ public class AuthResult
+ {
+ /// <summary>
+ /// Gets or sets the user's credentials or <c>null</c> in case the end user needs to authorize.
+ /// </summary>
+ public UserCredential Credential { get; set; }
+
+ /// <summary>
+ /// Gets or sets the redirect URI to for the user to authorize against the authorization server or
+ /// <c>null</c> in case the <see cref="Google.Apis.Auth.OAuth2.UserCredential"/> was loaded from the data
+ /// store.
+ /// </summary>
+ public string RedirectUri { get; set; }
+ }
+
+ private readonly IAuthorizationCodeFlow flow;
+ private readonly string redirectUri;
+ private readonly string state;
+
+ /// <summary>Gets the authorization code flow.</summary>
+ public IAuthorizationCodeFlow Flow
+ {
+ get { return flow; }
+ }
+
+ /// <summary>Gets the OAuth2 callback redirect URI.</summary>
+ public string RedirectUri
+ {
+ get { return redirectUri; }
+ }
+
+ /// <summary>Gets the state which is used to navigate back to the page that started the OAuth flow.</summary>
+ public string State
+ {
+ get { return state; }
+ }
+
+ /// <summary>
+ /// Constructs a new authorization code installed application with the given flow and code receiver.
+ /// </summary>
+ public AuthorizationCodeWebApp(IAuthorizationCodeFlow flow, string redirectUri, string state)
+ {
+ // TODO(peleyal): should we provide a way to disable to random number in the end of the state parameter?
+ this.flow = flow;
+ this.redirectUri = redirectUri;
+ this.state = state;
+ }
+
+ /// <summary>Authorizes the web application to access user's protected data.</summary>
+ /// <param name="userId">User identifier</param>
+ /// <param name="taskCancellationToken">Cancellation token to cancel an operation</param>
+ /// <returns>
+ /// Auth result object which contains the user's credential or redirect URI for the authorization server
+ /// </returns>
+ public async Task<AuthResult> Authorize(string userId, CancellationToken taskCancellationToken)
+ {
+ // Try to load a token from the data store.
+ var token = await Flow.LoadTokenAsync(userId, taskCancellationToken).ConfigureAwait(false);
+
+ // If the stored token is null or it doesn't have a refresh token and the access token is expired, we need
+ // to retrieve a new access token.
+ if (token == null || (token.RefreshToken == null && token.IsExpired(flow.Clock)))
+ {
+ // Create a authorization code request.
+ AuthorizationCodeRequestUrl codeRequest = Flow.CreateAuthorizationCodeRequest(redirectUri);
+
+ // Add a random number to the end of the state so we can indicate the original request was made by this
+ // call.
+ var oauthState = state;
+ if (Flow.DataStore != null)
+ {
+ var rndString = new string('9', StateRandomLength);
+ var random = new Random().Next(int.Parse(rndString)).ToString("D" + StateRandomLength);
+ oauthState += random;
+ await Flow.DataStore.StoreAsync(StateKey + userId, oauthState);
+ }
+ codeRequest.State = oauthState;
+
+ return new AuthResult { RedirectUri = codeRequest.Build().ToString() };
+ }
+
+ return new AuthResult { Credential = new UserCredential(flow, userId, token) };
+ }
+ }
+}
« no previous file with comments | « Src/GoogleApis.Auth/OAuth2/AuthorizationCodeInstalledApp.cs ('k') | Src/GoogleApis.Auth/OAuth2/BearerToken.cs » ('j') | no next file with comments »

Powered by Google App Engine
RSS Feeds Recent Issues | This issue
This is Rietveld f62528b