DotNetOpenAuth.OAuth2.Client

Represents the <oauth2/client> section in the host's .config file.

The name of the oauth2/client section.

The name of the @maxAuthorizationTime attribute.

Initializes a new instance of the class.

Gets the configuration section from the .config file.

Gets or sets the maximum time a user can take to complete authentication.

A description of an OAuth Authorization Server as seen by an OAuth Client.

Initializes a new instance of the class.

Gets or sets the Authorization Server URL from which an Access Token is requested by the Client.

An HTTPS URL. After obtaining authorization from the resource owner, clients request an access token from the authorization server's token endpoint. The URI of the token endpoint can be found in the service documentation, or can be obtained by the client by making an unauthorized protected resource request (from the WWW-Authenticate response header token-uri (The 'authorization-uri' Attribute) attribute). The token endpoint advertised by the resource server MAY include a query component as defined by [RFC3986] (Berners-Lee, T., Fielding, R., and L. Masinter, “Uniform Resource Identifier (URI): Generic Syntax,” January 2005.) section 3. Since requests to the token endpoint result in the transmission of plain text credentials in the HTTP request and response, the authorization server MUST require the use of a transport-layer mechanism such as TLS/SSL (or a secure channel with equivalent protections) when sending requests to the token endpoints.

Gets or sets the Authorization Server URL where the Client (re)directs the User to make an authorization request.

An HTTPS URL. Clients direct the resource owner to the authorization endpoint to approve their access request. Before granting access, the resource owner first authenticates with the authorization server. The way in which the authorization server authenticates the end-user (e.g. username and password login, OpenID, session cookies) and in which the authorization server obtains the end-user's authorization, including whether it uses a secure channel such as TLS/SSL, is beyond the scope of this specification. However, the authorization server MUST first verify the identity of the end-user. The URI of the authorization endpoint can be found in the service documentation, or can be obtained by the client by making an unauthorized protected resource request (from the WWW-Authenticate response header auth-uri (The 'authorization-uri' Attribute) attribute). The authorization endpoint advertised by the resource server MAY include a query component as defined by [RFC3986] (Berners-Lee, T., Fielding, R., and L. Masinter, “Uniform Resource Identifier (URI): Generic Syntax,” January 2005.) section 3. Since requests to the authorization endpoint result in user authentication and the transmission of sensitive values, the authorization server SHOULD require the use of a transport-layer mechanism such as TLS/SSL (or a secure channel with equivalent protections) when sending requests to the authorization endpoints.

Gets or sets the OAuth version supported by the Authorization Server.

Gets the version of the OAuth protocol to use with this Authorization Server.

The version.

A simple in-memory copy of an authorization state.

Provides access to a persistent object that tracks the state of an authorization.

Deletes this authorization, including access token and refresh token where applicable.

This method is invoked when an authorization attempt fails, is rejected, is revoked, or expires and cannot be renewed.

Saves any changes made to this authorization object's properties.

This method is invoked after DotNetOpenAuth changes any property.

Gets or sets the callback URL used to obtain authorization.

The callback URL.

Gets or sets the long-lived token used to renew the short-lived .

The refresh token.

Gets or sets the access token.

The access token.

Gets or sets the access token issue date UTC.

The access token issue date UTC.

Gets or sets the access token UTC expiration date.

Gets the scope the token is (to be) authorized for.

The scope.

Initializes a new instance of the class.

The scopes of access being requested or that was obtained.

Deletes this authorization, including access token and refresh token where applicable.

This method is invoked when an authorization attempt fails, is rejected, is revoked, or expires and cannot be renewed.

Saves any changes made to this authorization object's properties.

This method is invoked after DotNetOpenAuth changes any property.

Gets or sets the callback URL used to obtain authorization.

The callback URL.

Gets or sets the long-lived token used to renew the short-lived .

The refresh token.

Gets or sets the access token.

The access token.

Gets or sets the access token UTC expiration date.

Gets or sets the access token issue date UTC.

The access token issue date UTC.

Gets the scope the token is (to be) authorized for.

The scope.

Gets or sets a value indicating whether this instance is deleted.

true if this instance is deleted; otherwise, false.

An that applies a bearer token to each outbound HTTP request.

Initializes a new instance of the class.

The bearer token. The inner handler.

Initializes a new instance of the class.

The client associated with the authorization. The authorization. The inner handler.

Sends an HTTP request to the inner handler to send to the server as an asynchronous operation.

The HTTP request message to send to the server. A cancellation token to cancel operation. Returns . The task object representing the asynchronous operation.

Gets the bearer token.

The bearer token.

Gets the authorization.

Gets the OAuth 2 client associated with the .

An interface that defines the OAuth2 client specific channel additions.

Gets or sets the identifier by which this client is known to the Authorization Server.

Gets or sets the client credentials applicator extension to use.

Gets quotas used when deserializing JSON.

The messaging channel used by OAuth 2.0 Clients.

The messages receivable by this channel.

Initializes a new instance of the class.

Prepares an HTTP request that carries a given message.

The message to send. The prepared to send the request. This method must be overridden by a derived class, unless the method is overridden and does not require this method.

Gets the protocol message that may be in the given HTTP response.

The response that is anticipated to contain an protocol message. The deserialized message parts, if found. Null otherwise. Thrown when the response is not valid.

Gets the protocol message that may be embedded in the given HTTP request.

The request to search for an embedded message. The deserialized message, if one is found. Null otherwise.

Queues a message for sending in the response stream where the fields are sent in the response stream in querystring style.

The message to send as a response. The pending user agent redirect based message to be sent as an HttpResponse. This method implements spec OAuth V1.0 section 5.3.

Performs additional processing on an outgoing web request before it is sent to the remote server.

The request.

Gets or sets the identifier by which this client is known to the Authorization Server.

Gets or sets the tool to use to apply client credentials to authenticated requests to the Authorization Server.

May be null if this client has no client secret.

Gets quotas used when deserializing JSON.

A base class for extensions that apply client authentication to messages for the authorization server in specific ways.

Initializes a new instance of the class.

Transmits the secret the client shares with the authorization server as a parameter in the POST entity payload.

The secret the client shares with the authorization server. The credential applicator to provide to the instance.

Transmits the client identifier and secret in the HTTP Authorization header via HTTP Basic authentication.

The client id and secret. The credential applicator to provide to the instance.

Transmits the client identifier and secret in the HTTP Authorization header via HTTP Basic authentication.

The secret the client shares with the authorization server. The credential applicator to provide to the instance.

Never transmits a secret. Useful for anonymous clients or clients unable to keep a secret.

The credential applicator to provide to the instance.

Applies the client identifier and (when applicable) the client authentication to an outbound message.

The identifier by which the authorization server should recognize this client. The outbound message to apply authentication information to.

Applies the client identifier and (when applicable) the client authentication to an outbound message.

The identifier by which the authorization server should recognize this client. The outbound message to apply authentication information to.

Authenticates the client via HTTP Basic.

The client identifier and secret.

The client secret.

Initializes a new instance of the class.

The client secret.

Initializes a new instance of the class.

The client credential.

Applies the client identifier and (when applicable) the client authentication to an outbound message.

The identifier by which the authorization server should recognize this client. The outbound message to apply authentication information to.

Applies the client identifier and (when applicable) the client authentication to an outbound message.

The identifier by which the authorization server should recognize this client. The outbound message to apply authentication information to.

Authenticates the client via a client_secret parameter in the message.

The client secret.

Initializes a new instance of the class.

The client secret.

Applies the client identifier and (when applicable) the client authentication to an outbound message.

The identifier by which the authorization server should recognize this client. The outbound message to apply authentication information to.

A token manager implemented by some clients to assist in tracking authorization state.

Gets the state of the authorization for a given callback URL and client state.

The callback URL. State of the client stored at the beginning of an authorization request. The authorization state; may be null if no authorization state matches.

Contract class for the interface.

Prevents a default instance of the class from being created.

Gets the state of the authorization for a given callback URL and client state.

The callback URL. State of the client stored at the beginning of an authorization request. The authorization state; may be null if no authorization state matches.

A request from a Client to an Authorization Server to exchange an authorization code for an access token, and (at the authorization server's option) a refresh token.

Initializes a new instance of the class.

The authorization server.

A request from the client to the token endpoint for a new access token in exchange for a refresh token that the client has previously obtained.

Initializes a new instance of the class.

The authorization server.

A message sent by a web application Client to the AuthorizationServer via the user agent to obtain authorization from the user and prepare to issue an access token to the client if permission is granted.

Initializes a new instance of the class.

The authorization server.

Initializes a new instance of the class.

The authorization server.

A strongly-typed resource class, for looking up localized strings, etc.

Returns the cached ResourceManager instance used by this class.

Overrides the current thread's CurrentUICulture property for all resource lookups using this strongly typed resource class.

Looks up a localized string similar to Access token has expired and cannot be automatically refreshed..

Looks up a localized string similar to Authorization has expired..

Looks up a localized string similar to Unexpected OAuth authorization response received with callback and client state that does not match an expected value..

Looks up a localized string similar to Failed to obtain access token. Authorization Server reports reason: {0}.

Looks up a localized string similar to Unexpected response Content-Type {0}.

The OAuth client for the user-agent flow, providing services for installed apps and in-browser Javascript widgets.

A base class for common OAuth Client behaviors.

Initializes a new instance of the class.

The token issuer. The client identifier. The tool to use to apply client credentials to authenticated requests to the Authorization Server. May be null for clients with no secret or other means of authentication.

Adds the necessary HTTP Authorization header to an HTTP request for protected resources so that the Service Provider will allow the request through.

The request for protected resources from the service provider. The access token previously obtained from the Authorization Server.

Adds the necessary HTTP Authorization header to an HTTP request for protected resources so that the Service Provider will allow the request through.

The headers on the request for protected resources from the service provider. The access token previously obtained from the Authorization Server.

Adds the OAuth authorization token to an outgoing HTTP request, renewing a (nearly) expired access token if necessary.

The request for protected resources from the service provider. The authorization for this request previously obtained via OAuth.

Adds the OAuth authorization token to an outgoing HTTP request, renewing a (nearly) expired access token if necessary.

The headers on the request for protected resources from the service provider. The authorization for this request previously obtained via OAuth.

Creates an HTTP handler that automatically applies an OAuth 2 (bearer) access token to outbound HTTP requests. The result of this method can be supplied to the constructor.

The bearer token to apply to each outbound HTTP message. The inner HTTP handler to use. The default uses as the inner handler. An instance.

Creates an HTTP handler that automatically applies the OAuth 2 access token to outbound HTTP requests. The result of this method can be supplied to the constructor.

The authorization to apply to the message. The inner HTTP handler to use. The default uses as the inner handler. An instance.

Refreshes a short-lived access token using a longer-lived refresh token with a new access token that has the same scope as the refresh token. The refresh token itself may also be refreshed.

The authorization to update. If given, the access token will not be refreshed if its remaining lifetime exceeds this value. A value indicating whether the access token was actually renewed; true if it was renewed, or false if it still had useful life remaining. This method may modify the value of the property on the parameter if the authorization server has cycled out your refresh token. If the parameter value was updated, this method calls on that instance.

Gets an access token that may be used for only a subset of the scope for which a given refresh token is authorized.

The refresh token. The scope subset desired in the access token. A description of the obtained access token, and possibly a new refresh token. If the return value includes a new refresh token, the old refresh token should be discarded and replaced with the new one.

Exchanges a resource owner's password credential for OAuth 2.0 refresh and access tokens.

The resource owner's username, as it is known by the authorization server. The resource owner's account password. The desired scope of access. The result, containing the tokens if successful.

Obtains an access token for accessing client-controlled resources on the resource server.

The desired scopes. The result of the authorization request.

Updates the authorization state maintained by the client with the content of an outgoing response.

The authorization state maintained by the client. The access token containing response message.

Updates the authorization state maintained by the client with the content of an outgoing response.

The authorization state maintained by the client. The access token containing response message.

Updates authorization state with a success response from the Authorization Server.

The authorization state to update. The authorization success message obtained from the authorization server.

Applies the default client authentication mechanism given a client secret.

The client secret. May be null The client credential applicator.

Applies any applicable client credential to an authenticated outbound request to the authorization server.

The request to apply authentication information to.

Calculates the fraction of life remaining in an access token.

The authorization to measure. A fractional number no greater than 1. Could be negative if the access token has already expired.

Requests an access token using a partially .initialized request message.

The request message. The scopes requested by the client. The result of the request.

Gets the token issuer.

The token issuer.

Gets the OAuth channel.

The channel.

Gets or sets the identifier by which this client is known to the Authorization Server.

Gets or sets the tool to use to apply client credentials to authenticated requests to the Authorization Server.

May be null if this client has no client secret.

Gets quotas used when deserializing JSON.

Gets the OAuth client channel.

Initializes a new instance of the class.

The token issuer. The client identifier. The client secret.

Initializes a new instance of the class.

The authorization endpoint. The token endpoint. The client identifier. The client secret.

Initializes a new instance of the class.

The authorization endpoint. The token endpoint. The client identifier. The tool to use to apply client credentials to authenticated requests to the Authorization Server. May be null for clients with no secret or other means of authentication.

Initializes a new instance of the class.

Generates a URL that the user's browser can be directed to in order to authorize this client to access protected data at some resource server.

The scope of authorized access requested. The client state that should be returned with the authorization response. The URL that the authorization response should be sent to via a user-agent redirect. A fully-qualified URL suitable to initiate the authorization flow.

Generates a URL that the user's browser can be directed to in order to authorize this client to access protected data at some resource server.

The authorization state that is tracking this particular request. Optional. true to request an access token in the fragment of the response's URL; false to authenticate to the authorization server and acquire the access token (and possibly a refresh token) via a private channel. The client state that should be returned with the authorization response. A fully-qualified URL suitable to initiate the authorization flow.

Scans the incoming request for an authorization response message.

The actual URL of the incoming HTTP request. The authorization. The granted authorization, or null if the incoming HTTP request did not contain an authorization server response or authorization was rejected.

Scans the incoming request for an authorization response message.

The authorization. The incoming authorization response message. The granted authorization, or null if the incoming HTTP request did not contain an authorization server response or authorization was rejected.

Generates a URL that the user's browser can be directed to in order to authorize this client to access protected data at some resource server.

An OAuth 2.0 consumer designed for web applications.

The cookie name for XSRF mitigation during authorization code grant flows.

Initializes a new instance of the class.

The authorization server. The client identifier. The client secret.

Initializes a new instance of the class.

The authorization server. The client identifier. The tool to use to apply client credentials to authenticated requests to the Authorization Server. May be null for clients with no secret or other means of authentication.

Prepares a request for user authorization from an authorization server.

The scope of authorized access requested. The URL the authorization server should redirect the browser (typically on this site) to when the authorization is completed. If null, the current request's URL will be used.

Prepares a request for user authorization from an authorization server.

The authorization state to associate with this particular request. The authorization request.

Processes the authorization response from an authorization server, if available.

The incoming HTTP request that may carry an authorization response. The authorization state that contains the details of the authorization.

Gets or sets an optional component that gives you greater control to record and influence the authorization process.

The authorization tracker.