Permalink
Browse files

Merge pull request #142 from dotnetjunky/v4.0a

Make the MachineKeyUtil class internal
  • Loading branch information...
2 parents 957a181 + 3d1dcc4 commit 01ff3ee1aa3209b9dfd9b9456f05a3a9c0b1234d @AArnott AArnott committed May 9, 2012
View
4 src/DotNetOpenAuth.AspNet/Clients/OAuth/AuthenticationOnlyCookieOAuthTokenManager.cs
@@ -87,6 +87,10 @@ public class AuthenticationOnlyCookieOAuthTokenManager : IOAuthTokenManager {
/// <param name="requestTokenSecret">The request token secret.</param>
public void StoreRequestToken(string requestToken, string requestTokenSecret) {
var cookie = new HttpCookie(TokenCookieKey);
+ if (FormsAuthentication.RequireSSL) {
+ cookie.Secure = true;
+ }
+
byte[] cookieBytes = Encoding.UTF8.GetBytes(requestTokenSecret);
var secretBytes = MachineKeyUtil.Protect(cookieBytes, TokenCookieKey, "Token:" + requestToken);
cookie.Values[requestToken] = HttpServerUtility.UrlTokenEncode(secretBytes);
View
2 src/DotNetOpenAuth.AspNet/MachineKeyUtil.cs
@@ -24,7 +24,7 @@ namespace DotNetOpenAuth.AspNet {
/// since the implementation will change when upgrading 4.0 -> 4.5. This should be
/// used for transient data only.
/// </summary>
- public static class MachineKeyUtil {
+ internal static class MachineKeyUtil {
/// <summary>
/// MachineKey implementation depending on the target .NET framework version
/// </summary>

0 comments on commit 01ff3ee

Please sign in to comment.