[dotnetopenauth] InMemoryTokenManager vs OAuthServiceProviderTokenManager vs OAuthConsumerTokenManager
201 views
Skip to first unread message
gabouy
Apr 16, 2010, 4:43:27 PM4/16/10
to DotNetOpenAuth
Hi Andrew,
I'm in the process of merging a project created with the ASP.NET MVC
OpenID-Infocard RP template, and the OAuth consumer sample.
I have a ContactsController, with an Index action as follows,
//The block of code withing the if authenticated was borrowed
from the GoogleAddressBook.asp.cs Page_Load method.
public ActionResult Index()
{
//if (Page.User.Identity.IsAuthenticated)
if (Request.IsAuthenticated)
{
var google = new
WebConsumer(GoogleConsumer.ServiceDescription, this.TokenManager);
// Is Google calling back with authorization?
var accessTokenResponse =
google.ProcessUserAuthorization();
if (accessTokenResponse != null)
{
this.AccessToken =
accessTokenResponse.AccessToken;
}
else if (this.AccessToken == null)
{
// If we don't yet have access, immediately
request it.
GoogleConsumer.RequestAuthorization(google,
GoogleConsumer.Applications.Contacts);
}
ViewData["AuthTokens"] =
Database.LoggedInUser.AuthenticationTokens;
return View();
}
else
{
return Redirect("/Home");
}
}
//with class properties:
private string AccessToken
{
get { return (string)Session["GoogleAccessToken"]; }
set { Session["GoogleAccessToken"] = value; }
}
private InMemoryTokenManager TokenManager
{
get
{
var tokenManager =
(InMemoryTokenManager)HttpContext.Application["GoogleTokenManager"];
if (tokenManager == null)
{
string consumerKey =
ConfigurationManager.AppSettings["googleConsumerKey"];
string consumerSecret =
ConfigurationManager.AppSettings["googleConsumerSecret"];
if (!string.IsNullOrEmpty(consumerKey))
{
tokenManager = new
InMemoryTokenManager(consumerKey,
consumerSecret);
HttpContext.Application["GoogleTokenManager"]
= tokenManager;
}
}
return tokenManager;
}
}
This code fails on RelyingPartyLogic/
OAuthServiceProviderTokenManager.GetRequestToken(string token),
because it fails to find the issued token in the database. The issued
token is stored in memory.
Some questions:
1. How is RelyingPartyLogic/
OAuthServiceProviderTokenManager.GetRequestToken triggered in the
GoogleConsumer.RequestAuthorization step?
2. I'm not sure InMemoryTokenManager is what I need since I'd expect
to user to request access only once. I tried changing
InMemoryTokenManager for OAuthConsumerTokenManager with no luck, I get
ArgumentOutOfRangeException on StoreNewRequestToken. At the moment I'm
storing consumer key and secret in the web.config, shouldnt this be
stored in the database? Am I missing some db initialization for my
consumer?
thanks,
gabo
--
You received this message because you are subscribed to the Google Groups "DotNetOpenAuth" group.
To post to this group, send email to dotnet...@googlegroups.com.
To unsubscribe from this group, send email to dotnetopenid...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/dotnetopenid?hl=en.
I'm in the process of merging a project created with the ASP.NET MVC
OpenID-Infocard RP template, and the OAuth consumer sample.
I have a ContactsController, with an Index action as follows,
//The block of code withing the if authenticated was borrowed
from the GoogleAddressBook.asp.cs Page_Load method.
public ActionResult Index()
{
//if (Page.User.Identity.IsAuthenticated)
if (Request.IsAuthenticated)
{
var google = new
WebConsumer(GoogleConsumer.ServiceDescription, this.TokenManager);
// Is Google calling back with authorization?
var accessTokenResponse =
google.ProcessUserAuthorization();
if (accessTokenResponse != null)
{
this.AccessToken =
accessTokenResponse.AccessToken;
}
else if (this.AccessToken == null)
{
// If we don't yet have access, immediately
request it.
GoogleConsumer.RequestAuthorization(google,
GoogleConsumer.Applications.Contacts);
}
ViewData["AuthTokens"] =
Database.LoggedInUser.AuthenticationTokens;
return View();
}
else
{
return Redirect("/Home");
}
}
//with class properties:
private string AccessToken
{
get { return (string)Session["GoogleAccessToken"]; }
set { Session["GoogleAccessToken"] = value; }
}
private InMemoryTokenManager TokenManager
{
get
{
var tokenManager =
(InMemoryTokenManager)HttpContext.Application["GoogleTokenManager"];
if (tokenManager == null)
{
string consumerKey =
ConfigurationManager.AppSettings["googleConsumerKey"];
string consumerSecret =
ConfigurationManager.AppSettings["googleConsumerSecret"];
if (!string.IsNullOrEmpty(consumerKey))
{
tokenManager = new
InMemoryTokenManager(consumerKey,
consumerSecret);
HttpContext.Application["GoogleTokenManager"]
= tokenManager;
}
}
return tokenManager;
}
}
This code fails on RelyingPartyLogic/
OAuthServiceProviderTokenManager.GetRequestToken(string token),
because it fails to find the issued token in the database. The issued
token is stored in memory.
Some questions:
1. How is RelyingPartyLogic/
OAuthServiceProviderTokenManager.GetRequestToken triggered in the
GoogleConsumer.RequestAuthorization step?
2. I'm not sure InMemoryTokenManager is what I need since I'd expect
to user to request access only once. I tried changing
InMemoryTokenManager for OAuthConsumerTokenManager with no luck, I get
ArgumentOutOfRangeException on StoreNewRequestToken. At the moment I'm
storing consumer key and secret in the web.config, shouldnt this be
stored in the database? Am I missing some db initialization for my
consumer?
thanks,
gabo
--
You received this message because you are subscribed to the Google Groups "DotNetOpenAuth" group.
To post to this group, send email to dotnet...@googlegroups.com.
To unsubscribe from this group, send email to dotnetopenid...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/dotnetopenid?hl=en.
Andrew Arnott
Apr 17, 2010, 4:47:42 PM4/17/10
to dotnetopenid
Inline...
Ya, mixing token managers in one app generally isn't what you want to do, as I think from your questions below you've already figured out.
DNOA invokes GetRequestToken on the ITokenManager instance that you pass into the ConsumerBase (WebConsumer or DesktopConsumer) constructor.
It's not what anyone should be using. It's a "for sample only" class.
On Fri, Apr 16, 2010 at 1:43 PM, gabouy <gabriel.lop...@gmail.com> wrote:
This code fails on RelyingPartyLogic/
OAuthServiceProviderTokenManager.GetRequestToken(string token),
because it fails to find the issued token in the database. The issued
token is stored in memory.
Ya, mixing token managers in one app generally isn't what you want to do, as I think from your questions below you've already figured out.
Some questions:
1. How is RelyingPartyLogic/
OAuthServiceProviderTokenManager.GetRequestToken triggered in the
GoogleConsumer.RequestAuthorization step?
DNOA invokes GetRequestToken on the ITokenManager instance that you pass into the ConsumerBase (WebConsumer or DesktopConsumer) constructor.
2. I'm not sure InMemoryTokenManager is what I need since I'd expect
to user to request access only once.
It's not what anyone should be using. It's a "for sample only" class.
I tried changing
InMemoryTokenManager for OAuthConsumerTokenManager with no luck, I get
ArgumentOutOfRangeException on StoreNewRequestToken.
I'd have to see the exception stack trace and error message to know what's going on here.
At the moment I'm
storing consumer key and secret in the web.config, shouldnt this be
stored in the database?
It could go either way. You can code it up in your IConsumerTokenManager implementation however you want. I like to store data in a database when the data has more than a single row. But since your web app generally has only one consumer key and secret for each SP, I find web.config more convenient.
Am I missing some db initialization for my
consumer?
Let's review this question after you're using a real token manager class and not the one in the sample. :) The project template's token manager is a "real" one. You're welcome to airlift this into your own code if that's helpful.
thanks,
gabo
--
You received this message because you are subscribed to the Google Groups "DotNetOpenAuth" group.
To post to this group, send email to dotnet...@googlegroups.com.
To unsubscribe from this group, send email to dotnetopenid...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/dotnetopenid?hl=en.
gabouy
Apr 19, 2010, 11:28:28 AM4/19/10
to DotNetOpenAuth
Hi Andew,
Thanks again for the response. We finally figured out our asp.net mvc
webapp was intenting to act not only as consumer but as service
provider as well, attempting to find an issued token from the
IssuedTokens table. We commented the OAuthAuthenticationModule
httpModule, and it stopped triggering the
OAuthServiceProviderTokenManager, and started to work well.
We still have to review the InMemoryTokenManager, my understanding is
it should be replaced for the OAuthConsumerTokenManager.
thanks for your help,
gabo
> > dotnetopenid...@googlegroups.com<dotnetopenid%2Bunsu...@googlegroups.com>
> > .
Thanks again for the response. We finally figured out our asp.net mvc
webapp was intenting to act not only as consumer but as service
provider as well, attempting to find an issued token from the
IssuedTokens table. We commented the OAuthAuthenticationModule
httpModule, and it stopped triggering the
OAuthServiceProviderTokenManager, and started to work well.
We still have to review the InMemoryTokenManager, my understanding is
it should be replaced for the OAuthConsumerTokenManager.
thanks for your help,
gabo
> On Fri, Apr 16, 2010 at 1:43 PM, gabouy <gabriel.lopezrodrig...@gmail.com>wrote:
>
> > This code fails on RelyingPartyLogic/
> > OAuthServiceProviderTokenManager.GetRequestToken(string token),
> > because it fails to find the issued token in the database. The issued
> > token is stored in memory.
>
> Ya, mixing token managers in one app generally isn't what you want to do, as
> I think from your questions below you've already figured out.
>
>
>
> > Some questions:
> > 1. How is RelyingPartyLogic/
> > OAuthServiceProviderTokenManager.GetRequestToken triggered in the
> > GoogleConsumer.RequestAuthorization step?
>
> DNOA invokes GetRequestToken on the ITokenManager instance that you pass
> into the ConsumerBase (WebConsumer or DesktopConsumer) constructor.
>
> > 2. I'm not sure InMemoryTokenManager is what I need since I'd expect
> > to user to request access only once.
>
> It's not what *anyone* should be using. It's a "for sample only" class.
>
> > This code fails on RelyingPartyLogic/
> > OAuthServiceProviderTokenManager.GetRequestToken(string token),
> > because it fails to find the issued token in the database. The issued
> > token is stored in memory.
>
> Ya, mixing token managers in one app generally isn't what you want to do, as
> I think from your questions below you've already figured out.
>
>
>
> > Some questions:
> > 1. How is RelyingPartyLogic/
> > OAuthServiceProviderTokenManager.GetRequestToken triggered in the
> > GoogleConsumer.RequestAuthorization step?
>
> DNOA invokes GetRequestToken on the ITokenManager instance that you pass
> into the ConsumerBase (WebConsumer or DesktopConsumer) constructor.
>
> > 2. I'm not sure InMemoryTokenManager is what I need since I'd expect
> > to user to request access only once.
>
> > .
> > For more options, visit this group at
> >http://groups.google.com/group/dotnetopenid?hl=en.
>
> --
> You received this message because you are subscribed to the Google Groups "DotNetOpenAuth" group.
> To post to this group, send email to dotnet...@googlegroups.com.
> To unsubscribe from this group, send email to dotnetopenid...@googlegroups.com.
> For more options, visit this group athttp://groups.google.com/group/dotnetopenid?hl=en.
> >http://groups.google.com/group/dotnetopenid?hl=en.
>
> --
> You received this message because you are subscribed to the Google Groups "DotNetOpenAuth" group.
> To post to this group, send email to dotnet...@googlegroups.com.
> To unsubscribe from this group, send email to dotnetopenid...@googlegroups.com.
Reply all
Reply to author
Forward
0 new messages