Left: | ||
Right: |
LEFT | RIGHT |
---|---|
1 /* | 1 /* |
2 Copyright 2013 Google Inc | 2 Copyright 2013 Google Inc |
3 | 3 |
4 Licensed under the Apache License, Version 2.0 (the "License"); | 4 Licensed under the Apache License, Version 2.0 (the "License"); |
5 you may not use this file except in compliance with the License. | 5 you may not use this file except in compliance with the License. |
6 You may obtain a copy of the License at | 6 You may obtain a copy of the License at |
7 | 7 |
8 http://www.apache.org/licenses/LICENSE-2.0 | 8 http://www.apache.org/licenses/LICENSE-2.0 |
9 | 9 |
10 Unless required by applicable law or agreed to in writing, software | 10 Unless required by applicable law or agreed to in writing, software |
11 distributed under the License is distributed on an "AS IS" BASIS, | 11 distributed under the License is distributed on an "AS IS" BASIS, |
12 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | 12 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
13 See the License for the specific language governing permissions and | 13 See the License for the specific language governing permissions and |
14 limitations under the License. | 14 limitations under the License. |
15 */ | 15 */ |
16 | 16 |
17 using System; | 17 using System; |
18 using System.Threading.Tasks; | 18 using System.Threading.Tasks; |
19 | 19 |
20 using Google.Apis.Auth.OAuth2.Responses; | 20 using Google.Apis.Auth.OAuth2.Responses; |
21 using Google.Apis.Util.Store; | 21 using Google.Apis.Util.Store; |
22 | 22 |
23 namespace Google.Apis.Auth.OAuth2.Web | 23 namespace Google.Apis.Auth.OAuth2.Web |
24 { | 24 { |
25 /// <summary>Auth Utility methods for web development.</summary> | 25 /// <summary>Auth Utility methods for web development.</summary> |
26 public class AuthWebUtility | 26 public class AuthWebUtility |
27 { | 27 { |
28 /// <summary>Extracts the redirect URI from the state OAuth2 parameter.< /summary> | 28 /// <summary>Extracts the redirect URI from the state OAuth2 parameter.< /summary> |
29 /// <remarks> | 29 /// <remarks> |
30 /// In case the data store is not <c>null</c>, this method verifies that the state parameter which was returned | 30 /// If the data store is not <c>null</c>, this method verifies that the state parameter which was returned |
class
2013/10/09 19:27:57
"In case the data store is not <c>null</a>"
shoul
peleyal
2013/10/10 19:44:31
Done.
| |
31 /// from the authorization server is the same as the one we set before r edirecting to the authorization server. | 31 /// from the authorization server is the same as the one we set before r edirecting to the authorization server. |
32 /// </remarks> | 32 /// </remarks> |
33 /// <param name="dataStore">The data store which contains the original s tate parameter.</param> | 33 /// <param name="dataStore">The data store which contains the original s tate parameter.</param> |
34 /// <param name="userId">User identifier.</param> | 34 /// <param name="userId">User identifier.</param> |
35 /// <param name="state"> | 35 /// <param name="state"> |
36 /// The authorization state parameter which we got back from the authori zation server. | 36 /// The authorization state parameter which we got back from the authori zation server. |
37 /// </param> | 37 /// </param> |
38 /// <returns>Redirect URI to the address which initializes the authoriza tion code flow.</returns> | 38 /// <returns>Redirect URI to the address which initializes the authoriza tion code flow.</returns> |
39 public static async Task<string> ExtracRedirectFromState(IDataStore data Store, string userId, string state) | 39 public static async Task<string> ExtracRedirectFromState(IDataStore data Store, string userId, string state) |
40 { | 40 { |
41 var oauthState = state; | 41 var oauthState = state; |
42 if (dataStore != null) | 42 if (dataStore != null) |
43 { | 43 { |
44 var userKey = AuthorizationCodeWebApp.StateKey + userId; | 44 var userKey = AuthorizationCodeWebApp.StateKey + userId; |
45 var expectedState = await dataStore.GetAsync<string>(userKey); | 45 var expectedState = await dataStore.GetAsync<string>(userKey); |
46 | 46 |
47 // Check that the random number in the end of the state paramete r equals to the one that we stored in· | 47 // Verify that the stored state is equal to the one we got back from the authorization server. |
class
2013/10/09 19:27:57
Note that state could be a string. Although the do
peleyal
2013/10/10 19:44:31
Done.
| |
48 // the datastore. | |
49 if (!Object.Equals(oauthState, expectedState)) | 48 if (!Object.Equals(oauthState, expectedState)) |
50 { | 49 { |
51 throw new TokenResponseException(new TokenErrorResponse | 50 throw new TokenResponseException(new TokenErrorResponse |
52 { | 51 { |
53 Error = "State is invalid" | 52 Error = "State is invalid" |
54 }); | 53 }); |
55 } | 54 } |
56 await dataStore.DeleteAsync<string>(userKey); | 55 await dataStore.DeleteAsync<string>(userKey); |
57 oauthState = oauthState.Substring(0, oauthState.Length - Authori zationCodeWebApp.StateRandomLength); | 56 oauthState = oauthState.Substring(0, oauthState.Length - Authori zationCodeWebApp.StateRandomLength); |
58 } | 57 } |
59 | 58 |
60 return oauthState; | 59 return oauthState; |
61 } | 60 } |
62 } | 61 } |
63 } | 62 } |
LEFT | RIGHT |