Rietveld Code Review Tool
Help | Bug tracker | Discussion group | Source code | Sign in
(745)

Side by Side Diff: Src/GoogleApis.Auth/OAuth2/Web/AuthWebUtility.cs

Issue 14341043: Issue 351: Reimplement OAuth2 (Step 4): ServiceAccount and MVC (Closed) Base URL: https://google-api-dotnet-client.googlecode.com/hg/
Patch Set: minor Created 10 years, 5 months ago
Left:
Right:
Use n/p to move between diff chunks; N/P to move between comments. Please Sign in to add in-line comments.
Jump to:
View unified diff | Download patch
OLDNEW
(Empty)
1 /*
2 Copyright 2013 Google Inc
3
4 Licensed under the Apache License, Version 2.0 (the "License");
5 you may not use this file except in compliance with the License.
6 You may obtain a copy of the License at
7
8 http://www.apache.org/licenses/LICENSE-2.0
9
10 Unless required by applicable law or agreed to in writing, software
11 distributed under the License is distributed on an "AS IS" BASIS,
12 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 See the License for the specific language governing permissions and
14 limitations under the License.
15 */
16
17 using System;
18 using System.Threading.Tasks;
19
20 using Google.Apis.Auth.OAuth2.Responses;
21 using Google.Apis.Util.Store;
22
23 namespace Google.Apis.Auth.OAuth2.Web
24 {
25 /// <summary>Auth Utility methods for web development.</summary>
26 public class AuthWebUtility
27 {
28 /// <summary>Extracts the redirect URI from the state OAuth2 parameter.< /summary>
29 /// <remarks>
30 /// In case the data store is not <c>null</c>, this method verifies that the state parameter which was returned
class 2013/10/09 19:27:57 "In case the data store is not <c>null</a>" shoul
peleyal 2013/10/10 19:44:31 Done.
31 /// from the authorization server is the same as the one we set before r edirecting to the authorization server.
32 /// </remarks>
33 /// <param name="dataStore">The data store which contains the original s tate parameter.</param>
34 /// <param name="userId">User identifier.</param>
35 /// <param name="state">
36 /// The authorization state parameter which we got back from the authori zation server.
37 /// </param>
38 /// <returns>Redirect URI to the address which initializes the authoriza tion code flow.</returns>
39 public static async Task<string> ExtracRedirectFromState(IDataStore data Store, string userId, string state)
40 {
41 var oauthState = state;
42 if (dataStore != null)
43 {
44 var userKey = AuthorizationCodeWebApp.StateKey + userId;
45 var expectedState = await dataStore.GetAsync<string>(userKey);
46
47 // Check that the random number in the end of the state paramete r equals to the one that we stored in·
class 2013/10/09 19:27:57 Note that state could be a string. Although the do
peleyal 2013/10/10 19:44:31 Done.
48 // the datastore.
49 if (!Object.Equals(oauthState, expectedState))
50 {
51 throw new TokenResponseException(new TokenErrorResponse
52 {
53 Error = "State is invalid"
54 });
55 }
56 await dataStore.DeleteAsync<string>(userKey);
57 oauthState = oauthState.Substring(0, oauthState.Length - Authori zationCodeWebApp.StateRandomLength);
58 }
59
60 return oauthState;
61 }
62 }
63 }
OLDNEW
« no previous file with comments | « Src/GoogleApis.Auth/OAuth2/UserCredential.cs ('k') | Src/GoogleApis.Auth/OAuth2/Web/AuthorizationCodeWebApp.cs » ('j') | no next file with comments »

Powered by Google App Engine
RSS Feeds Recent Issues | This issue
This is Rietveld f62528b