//
// GET: /Connect/Callback - Callback url from the api.xero.com authorisation endpoint
public ActionResult Callback()
{
Debug.Write("Processing: /Connect/Callback");
ApiRepository apiRepository = new ApiRepository();
ITokenRepository <AccessToken> accessTokenRepository = new HttpSessionAccessTokenRepository(Session);
ITokenRepository <RequestToken> requestTokenRepository = new HttpSessionRequestTokenRepository(Session);
string verificationCode = Request.Params["oauth_verifier"];
// Call api.xero.com/oauth/AccessToken
IOAuthSession oauthSession = apiRepository.GetOAuthSession();
IToken requestToken = requestTokenRepository.GetToken("");
if (requestToken == null)
{
throw new ApplicationException("The request token could not be retrived from the current http session. Is session state and cookies enabled?");
}
AccessToken accessToken = oauthSession.ExchangeRequestTokenForAccessToken(requestToken, verificationCode);
accessTokenRepository.SaveToken(accessToken);
GetAndStoreAuthorisedOrganisationName(apiRepository);
return(new RedirectResult("~/"));
}
public string CreateOrMergeAuthSession(IOAuthSession oAuthSession, IOAuthTokens tokens)
{
var userAuth = GetUserAuth(oAuthSession, tokens) ?? new UserAuth();
return dbFactory.Exec(dbCmd => {
var oAuthProvider = dbCmd.FirstOrDefault<UserOAuthProvider>(
"Provider = {0} AND UserId = {1}", tokens.Provider, tokens.UserId);
if (oAuthProvider == null)
{
oAuthProvider = new UserOAuthProvider {
Provider = tokens.Provider,
UserId = tokens.UserId,
};
}
oAuthProvider.PopulateMissing(tokens);
userAuth.PopulateMissing(oAuthProvider);
dbCmd.Save(userAuth);
oAuthProvider.UserAuthId = userAuth.Id != default(int)
? userAuth.Id
: (int) dbCmd.GetLastInsertId();
dbCmd.Save(oAuthProvider);
return oAuthProvider.UserAuthId.ToString();
});
}
protected void Page_Load(object sender, EventArgs e)
{
IOAuthSession session = CreateSession();
string requestTokenString = Request[Parameters.OAuth_Token];
string verifier = Request[Parameters.OAuth_Verifier];
if (string.IsNullOrEmpty(verifier))
{
throw new Exception("Expected a non-empty verifier value");
}
var requestToken = (IToken) Session[requestTokenString];
IToken accessToken;
try
{
accessToken = session.ExchangeRequestTokenForAccessToken(requestToken, verifier);
}
catch (OAuthException authEx)
{
Session["problem"] = authEx.Report;
Response.Redirect("AccessDenied.aspx");
return;
}
Session[requestTokenString] = null;
Session[accessToken.Token] = accessToken;
Response.Redirect("ViewData.aspx?oauth_token=" + accessToken.Token);
}
public void RequestTokenWithCallbackDoesNotThrowException()
{
IOAuthSession session = CreateConsumer(SignatureMethod.PlainText);
IOAuthContext context = session.BuildRequestTokenContext("GET").Context;
provider.GrantRequestToken(context);
}
/// <summary>
/// Note: Default urls are taken from the developer documentation. Override if necessary.
/// </summary>
/// <param name="consumerKey"></param>
/// <param name="consumerSecret"></param>
/// <param name="intuitQboApiUrl"></param>
/// <param name="intuitOauthUrl"></param>
/// <param name="intuitRequestTokenUrl"></param>
/// <param name="intuitAccessTokenUrl"></param>
/// <param name="intuitUserAuthorizationUrl"></param>
public OauthTokenManager(string consumerKey, string consumerSecret, string intuitQboApiUrl,
string intuitOauthUrl = "https://oauth.intuit.com/oauth/v1",
string intuitRequestTokenUrl = "https://oauth.intuit.com/oauth/v1/get_request_token",
string intuitAccessTokenUrl = "https://oauth.intuit.com/oauth/v1/get_access_token",
string intuitUserAuthorizationUrl = "https://appcenter.intuit.com/Connect/Begin")
{
if (string.IsNullOrEmpty(consumerKey)) { throw new InvalidParameterException("Oops. ConsumerKey is required."); }
if (string.IsNullOrEmpty(consumerSecret)) { throw new InvalidParameterException("Oops. ConsumerSecret is required."); }
if (string.IsNullOrEmpty(intuitQboApiUrl)) { throw new InvalidParameterException("Oops. API Url is required."); }
_intuitUserAuthorizationUrl = intuitUserAuthorizationUrl;
OauthInfo = new QboOauthConnectionInfo
{
ApiUrl = intuitQboApiUrl,
ConsumerKey = consumerKey,
ConsumerSecret = consumerSecret
};
var consumerContext = new OAuthConsumerContext
{
ConsumerKey = OauthInfo.ConsumerKey,
ConsumerSecret = OauthInfo.ConsumerSecret,
SignatureMethod = SignatureMethod.HmacSha1
};
_authSession = new OAuthSession(consumerContext, intuitRequestTokenUrl, intuitOauthUrl, intuitAccessTokenUrl);
}
public ConsumerRequest(IOAuthSession oauthSession, IOAuthContext context, IOAuthConsumerContext consumerContext, ICertificateFactory clientSslCertificateFactory)
{
_oauthSession = oauthSession;
_context = context;
_consumerContext = consumerContext;
_clientSslCertificateFactory = clientSslCertificateFactory;
}
public string CreateOrMergeAuthSession(IOAuthSession oAuthSession, IOAuthTokens tokens)
{
using (var redis = factory.GetClient())
{
UserOAuthProvider oAuthProvider = null;
var oAuthProviderId = GetAuthProviderByUserId(redis, tokens.Provider, tokens.UserId);
if (!oAuthProviderId.IsNullOrEmpty())
oAuthProvider = redis.As<UserOAuthProvider>().GetById(oAuthProviderId);
var userAuth = GetUserAuth(redis, oAuthSession, tokens)
?? new UserAuth { Id = redis.As<UserAuth>().GetNextSequence(), };
if (oAuthProvider == null)
{
oAuthProvider = new UserOAuthProvider {
Id = redis.As<UserOAuthProvider>().GetNextSequence(),
UserAuthId = userAuth.Id,
Provider = tokens.Provider,
UserId = tokens.UserId,
};
var idx = IndexProviderToUserIdHash(tokens.Provider);
redis.SetEntryInHash(idx, tokens.UserId, oAuthProvider.Id.ToString());
}
oAuthProvider.PopulateMissing(tokens);
userAuth.PopulateMissing(oAuthProvider);
redis.Store(userAuth);
redis.Store(oAuthProvider);
redis.AddItemToSet(IndexUserAuthAndProviderIdsSet(userAuth.Id), oAuthProvider.Id.ToString());
return userAuth.Id.ToString();
}
}
public void Connect(string consumerKey, string consumerSecret, string baseAddress, string redirectUrl)
{
ConsumerKey = consumerKey;
ConsumerSecret = consumerSecret;
BaseAddress = baseAddress ?? _defaultBaseAddress;
RedirectUrl = redirectUrl;
if (Current != null)
{
Current.Clean();
}
Current = this;
#if NET40
_webApp = new HttpSelfHostServer(Startup.Configuration(BaseAddress));
_webApp.OpenAsync().Wait();
#else
_webApp = WebApp.Start <Startup>(url: BaseAddress);
#endif
IOAuthSession session = CreateSession();
IToken theToken = session.GetRequestToken();
_requestToken = theToken;
// Redirect user to Intuit for Auth
string token = theToken.Token;
string secret = theToken.TokenSecret;
System.Diagnostics.Process.Start(
_baseAuthUrl
+ "?oauth_token=" + token
+ "&oauth_callback=" + UriUtility.UrlEncode(BaseAddress + "api/oauth/")
);
}
//
// GET: /Connect/Index - Main OAuth Connection Endpoint
public ActionResult Index()
{
Debug.Write("Processing: /Connect/Index");
IOAuthSession oauthSession = ServiceProvider.GetCurrentSession();
Repository repository = ServiceProvider.GetCurrentRepository();
// Can we already access an organisation??
if (oauthSession.HasValidAccessToken && repository != null && repository.Organisation != null)
{
return(new RedirectResult("~/"));
}
if (oauthSession is XeroApiPrivateSession)
{
throw new ApplicationException("The current private session cannot access the authorised organisation. Has the access token been revoked?");
}
// Determine the callback uri to use - this must match the domain used when the application was registerd on http://api.xero.com
var callbackUri = new UriBuilder(Request.Url.Scheme, Request.Url.Host, Request.Url.Port, Url.Action("Callback"));
// Call: GET /oauth/RequestToken
RequestToken requestToken = oauthSession.GetRequestToken(callbackUri.Uri);
Trace.WriteLine("OAuth Request Token: " + requestToken.Token);
Trace.WriteLine("OAuth Request Secret: " + requestToken.TokenSecret);
string authorisationUrl = oauthSession.GetUserAuthorizationUrl();
Trace.WriteLine("Redirecting browser to user authorisation uri:" + authorisationUrl);
return(new RedirectResult(authorisationUrl));
}
public void RequestTokenWithHmacSha1WithInvalidSignatureThrows()
{
IOAuthSession session = CreateConsumer(SignatureMethod.HmacSha1);
IOAuthContext context = session.BuildRequestTokenContext("GET").Context;
context.Signature = "wrong";
provider.GrantRequestToken(context);
}
public void run()
{
IOAuthSession consumer = Oauth.CurrentEtsyConsumer();
EtsyApi api = new EtsyApi(consumer);
InventoryManager.Load(api);
Cmd.Instance.Run();
}
public void RequestTokenWithoutCallbackWillThrowException()
{
IOAuthSession session = CreateConsumer(SignatureMethod.PlainText);
IOAuthContext context = session.BuildRequestTokenContext("GET").Context;
context.CallbackUrl = null; // clear parameter, as it will default to "oob"
provider.GrantRequestToken(context);
}
/// <summary>
/// Get Access token.
/// </summary>
private void getAccessToken()
{
IOAuthSession clientSession = CreateSession();
IToken accessToken = clientSession.ExchangeRequestTokenForAccessToken((IToken)HttpContext.Current.Session["requestToken"], HttpContext.Current.Session["oauthVerifyer"].ToString());
HttpContext.Current.Session["accessToken"] = accessToken.Token;
HttpContext.Current.Session["accessTokenSecret"] = accessToken.TokenSecret;
}
public ConsumerRequest(IOAuthSession oauthSession, IOAuthContext context, IOAuthConsumerContext consumerContext,
ICertificateFactory clientSslCertificateFactory)
{
_oauthSession = oauthSession;
_context = context;
_consumerContext = consumerContext;
_clientSslCertificateFactory = clientSslCertificateFactory;
}
public void RequestTokenWithInvalidConsumerKeyThrowsException()
{
IOAuthSession session = CreateConsumer(SignatureMethod.PlainText);
session.ConsumerContext.ConsumerKey = "invalid";
IOAuthContext context = session.BuildRequestTokenContext("GET").Context;
provider.GrantRequestToken(context);
}
public void RequestTokenWithRsaSha1WithInvalidSignatureThrows()
{
IOAuthSession session = CreateConsumer(SignatureMethod.RsaSha1);
IOAuthContext context = session.BuildRequestTokenContext("GET").Context;
context.Signature =
"eeh8hLNIlNNq1Xrp7BOCc+xgY/K8AmjxKNM7UdLqqcvNSmJqcPcf7yQIOvu8oj5R/mDvBpSb3+CEhxDoW23gggsddPIxNdOcDuEOenugoCifEY6nRz8sbtYt3GHXsDS2esEse/N8bWgDdOm2FRDKuy9OOluQuKXLjx5wkD/KYMY=";
provider.GrantRequestToken(context);
}
public void RequestTokenWithRsaSha1()
{
IOAuthSession session = CreateConsumer(SignatureMethod.RsaSha1);
IOAuthContext context = session.BuildRequestTokenContext("GET").Context;
IToken token = provider.GrantRequestToken(context);
Assert.Equal("requestkey", token.Token);
Assert.Equal("requestsecret", token.TokenSecret);
}
public void ExchangeTokensWhenVerifierIsWrongThrowsException()
{
IOAuthSession session = CreateConsumer(SignatureMethod.RsaSha1);
IOAuthContext context = session.BuildExchangeRequestTokenForAccessTokenContext(
new TokenBase {
ConsumerKey = "key", Token = "requestkey"
}, "GET", "wrong").Context;
provider.ExchangeRequestTokenForAccessToken(context);
}
/// <summary>
/// Authorizes the specified request.
/// </summary>
/// <param name="webRequest">The request.</param>
/// <param name="requestBody">The requestBody if form encoded parameters.</param>
public void Authorize(WebRequest webRequest, string requestBody)
{
IOAuthConsumerContext consumerContext = this.CreateConsumerContext(true);
IOAuthSession oauthSession = CreateOAuthSessionWithConsumerContext(consumerContext);
oauthSession.AccessToken = this.CreateAccessToken();
string oauthHeader = this.GetOAuthHeaderForRequest(oauthSession, webRequest);
webRequest.Headers.Add(AuthorizationHeader, oauthHeader);
}
public void RequestTokenForRsaSha1()
{
IOAuthSession session = CreateConsumer(SignatureMethod.RsaSha1);
IToken token = session.GetRequestToken();
Assert.Equal("key", token.ConsumerKey);
Assert.Equal("requestkey", token.Token);
Assert.Equal("requestsecret", token.TokenSecret);
}
public void RequestTokenWithHmacSha1WithInvalidSignatureThrows()
{
IOAuthSession session = CreateConsumer(SignatureMethod.HmacSha1);
IOAuthContext context = session.BuildRequestTokenContext("GET").Context;
context.Signature = "wrong";
var ex = Assert.Throws <OAuthException>(() => (provider.GrantRequestToken(context)));
Assert.Equal("Failed to validate signature", ex.Message);
}
public void RequestTokenWithoutCallbackWillThrowException()
{
IOAuthSession session = CreateConsumer(SignatureMethod.PlainText);
IOAuthContext context = session.BuildRequestTokenContext("GET").Context;
context.CallbackUrl = null; // clear parameter, as it will default to "oob"
var ex = Assert.Throws <OAuthException>(() => provider.GrantRequestToken(context));
Assert.Equal("Missing required parameter : oauth_callback", ex.Message);
}
public void ExchangeTokensWhenVerifierIsMatchDoesNotThrowException()
{
IOAuthSession session = CreateConsumer(SignatureMethod.RsaSha1);
IOAuthContext context = session.BuildExchangeRequestTokenForAccessTokenContext(
new TokenBase {
ConsumerKey = "key", Token = "requestkey"
}, "GET", "GzvVb5WjWfHKa/0JuFupaMyn").Context;
provider.ExchangeRequestTokenForAccessToken(context);
}
public void RequestTokenWithInvalidConsumerKeyThrowsException()
{
IOAuthSession session = CreateConsumer(SignatureMethod.PlainText);
session.ConsumerContext.ConsumerKey = "invalid";
IOAuthContext context = session.BuildRequestTokenContext("GET").Context;
var ex = Assert.Throws <OAuthException>(() => provider.GrantRequestToken(context));
Assert.Equal("Unknown Consumer (Realm: , Key: invalid)", ex.Message);
}
public void ExchangeTokensWhenVerifierIsWrongThrowsException()
{
IOAuthSession session = CreateConsumer(SignatureMethod.RsaSha1);
IOAuthContext context = session.BuildExchangeRequestTokenForAccessTokenContext(
new TokenBase {
ConsumerKey = "key", Token = "requestkey"
}, "GET", "wrong").Context;
var ex = Assert.Throws <OAuthException>(() => provider.ExchangeRequestTokenForAccessToken(context));
Assert.Equal("The parameter \"oauth_verifier\" was rejected", ex.Message);
}
public void setup()
{
_headers = new NameValueCollection();
_oAuthSession = MockRepository.GenerateMock<IOAuthSession>();
_oAuthContext = MockRepository.GenerateMock<IOAuthContext>();
_oAuthContext.Expect(x => x.Headers).Return(_headers);
_consumerRequest = new ConsumerRequest(_oAuthSession, _oAuthContext, null, null);
}
public void AccessTokenWithHmacSha1()
{
IOAuthSession session = CreateConsumer(SignatureMethod.HmacSha1);
IOAuthContext context = session.BuildAccessTokenContext("GET", "client_auth", "username", "password").Context;
context.TokenSecret = null;
IToken accessToken = provider.CreateAccessToken(context);
Assert.Equal("accesskey", accessToken.Token);
Assert.Equal("accesssecret", accessToken.TokenSecret);
}
public void AccessProtectedResourceWithPlainText()
{
IOAuthSession session = CreateConsumer(SignatureMethod.PlainText);
session.AccessToken = new TokenBase {
ConsumerKey = "key", Token = "accesskey", TokenSecret = "accesssecret"
};
IOAuthContext context = session.Request().Get().ForUrl("http://localhost/protected.rails").SignWithToken().Context;
context.TokenSecret = null;
provider.AccessProtectedResourceRequest(context);
}
public void RequestTokenForRsaSha1WithAddtionalQueryParameters()
{
IOAuthSession session = CreateConsumer(SignatureMethod.RsaSha1);
IToken token = session
.WithQueryParameters(new { scope = "http://term.ie/apps/subscriptions" })
.GetRequestToken();
Assert.Equal("key", token.ConsumerKey);
Assert.Equal("requestkey", token.Token);
Assert.Equal("requestsecret", token.TokenSecret);
}
/// <summary>
/// Get Access token.
/// </summary>
private void getAccessToken()
{
IOAuthSession clientSession = CreateSession();
IToken accessToken = clientSession.ExchangeRequestTokenForAccessToken((IToken)HttpContext.Current.Session["requestToken"], HttpContext.Current.Session["oauthVerifyer"].ToString());
HttpContext.Current.Session["accessToken"] = accessToken.Token;
HttpContext.Current.Session["accessTokenSecret"] = accessToken.TokenSecret;
String realmId = HttpContext.Current.Session["accessTokenSecret"].ToString();
OAuthRequestValidator oauthValidator = new OAuthRequestValidator(accessToken.Token, accessToken.TokenSecret, consumerKey, consumerSecret);
ServiceContext serviceContext = new ServiceContext(realmId, IntuitServicesType.QBO, oauthValidator);
}
/// <summary>
/// Starts the authentication process.
/// </summary>
private void FireAuth()
{
IOAuthSession session = CreateSession();
IToken requestToken = session.GetRequestToken();
HttpContext.Current.Session["requestToken"] = requestToken;
var authUrl = string.Format("{0}?oauth_token={1}&oauth_callback={2}", authorizeUrl, requestToken.Token, UriUtility.UrlEncode(oauthCallbackUrl));
HttpContext.Current.Session["oauthLink"] = authUrl;
HttpContext.Current.Response.Redirect(authUrl);
}
public void ExchangeTokensWhenVerifierIsMissingThrowsException()
{
string verifier = null;
IOAuthSession session = CreateConsumer(SignatureMethod.RsaSha1);
IOAuthContext context = session.BuildExchangeRequestTokenForAccessTokenContext(
new TokenBase {
ConsumerKey = "key", Token = "requestkey"
}, "GET", verifier).Context;
var ex = Assert.Throws <OAuthException>(() => provider.ExchangeRequestTokenForAccessToken(context));
Assert.Equal("Missing required parameter : oauth_verifier", ex.Message);
}
public void MakeAuthenticatedCallForTokenRsaSha1WithPost()
{
IOAuthSession session = CreateConsumer(SignatureMethod.RsaSha1);
session.AccessToken = new TokenBase {
ConsumerKey = "key", Token = "accesskey", TokenSecret = "accesssecret"
};
string contents = session.Request().Post().ForUrl("http://term.ie/oauth/example/echo_api.php")
.WithFormParameters(new { success = "true" })
.ToString();
Assert.Equal("success=true", contents);
}
public void ExchangeRequestTokenForAccessTokenRsaSha1()
{
IOAuthSession session = CreateConsumer(SignatureMethod.RsaSha1);
IToken requestToken = session.GetRequestToken();
// now exchange the token
IToken accessToken = session.ExchangeRequestTokenForAccessToken(requestToken);
Assert.Equal("key", accessToken.ConsumerKey);
Assert.Equal("accesskey", accessToken.Token);
Assert.Equal("accesssecret", accessToken.TokenSecret);
}
public void RequestTokenForRsaSha1()
{
using (With.NoCertificateValidation())
{
// simple test, just requests a token using RSHA1...
IOAuthSession session = CreateGoogleContactsSession();
IToken token = session.GetRequestToken();
Assert.AreEqual("weitu.googlepages.com", token.ConsumerKey);
Assert.IsTrue(token.Token.Length > 0);
Assert.IsNotNull(token.TokenSecret); // interesting - secret used to be null, now it's a randomly generated value... hmmm
}
}
public override object Authenticate(IServiceBase service, OAuth request, IOAuthSession session, IOAuthTokens tokens, OAuthAuthorizer oAuth)
{
var code = service.RequestContext.Get<IHttpRequest>().QueryString["code"];
var isPreAuthCallback = !code.IsNullOrEmpty();
if (!isPreAuthCallback)
{
var preAuthUrl = PreAuthUrl + "?client_id={0}&redirect_uri={1}&scope={2}"
.Fmt(AppId, this.CallbackUrl.UrlEncode(), string.Join(",", Permissions));
return service.Redirect(preAuthUrl);
}
var accessTokenUrl = this.AccessTokenUrl + "?client_id={0}&redirect_uri={1}&client_secret={2}&code={3}"
.Fmt(AppId, this.CallbackUrl.UrlEncode(), AppSecret, code);
try
{
var contents = accessTokenUrl.DownloadUrl();
var authInfo = HttpUtility.ParseQueryString(contents);
tokens.AccessTokenSecret = authInfo["access_token"];
service.SaveSession(session);
session.OnAuthenticated(service, tokens, authInfo.ToDictionary());
//Haz access!
return service.Redirect(session.ReferrerUrl.AddQueryParam("s", "1"));
}
catch (WebException we)
{
var statusCode = ((HttpWebResponse)we.Response).StatusCode;
if (statusCode == HttpStatusCode.BadRequest)
{
return service.Redirect(session.ReferrerUrl.AddQueryParam("f", "AccessTokenFailed"));
}
}
//Shouldn't get here
return service.Redirect(session.ReferrerUrl.AddQueryParam("f", "Unknown"));
}
public UserAuth GetUserAuth(IOAuthSession authSession, IOAuthTokens tokens)
{
if (!authSession.UserAuthId.IsNullOrEmpty())
{
var userAuth = GetUserAuth(authSession.UserAuthId);
if (userAuth != null) return userAuth;
}
if (!authSession.UserName.IsNullOrEmpty())
{
var userAuth = GetUserAuthByUserName(authSession.UserName);
if (userAuth != null) return userAuth;
}
if (tokens == null || tokens.Provider.IsNullOrEmpty() || tokens.UserId.IsNullOrEmpty())
return null;
return dbFactory.Exec(dbCmd => {
var oAuthProvider = dbCmd.FirstOrDefault<UserOAuthProvider>(
"Provider = {0} AND UserId = {1}", tokens.Provider, tokens.UserId);
if (oAuthProvider != null)
{
var userAuth = dbCmd.GetByIdOrDefault<UserAuth>(oAuthProvider.UserAuthId);
return userAuth;
}
return null;
});
}
private UserAuth GetUserAuth(IRedisClientFacade redis, IOAuthSession authSession, IOAuthTokens tokens)
{
if (!authSession.UserAuthId.IsNullOrEmpty())
{
var userAuth = GetUserAuth(redis, authSession.UserAuthId);
if (userAuth != null) return userAuth;
}
if (!authSession.UserName.IsNullOrEmpty())
{
var userAuth = GetUserAuthByUserName(authSession.UserName);
if (userAuth != null) return userAuth;
}
if (tokens == null || tokens.Provider.IsNullOrEmpty() || tokens.UserId.IsNullOrEmpty()) return null;
var oAuthProviderId = GetAuthProviderByUserId(redis, tokens.Provider, tokens.UserId);
if (!oAuthProviderId.IsNullOrEmpty())
{
var oauthProvider = redis.As<UserOAuthProvider>().GetById(oAuthProviderId);
if (oauthProvider != null)
return redis.As<UserAuth>().GetById(oauthProvider.UserAuthId);
}
return null;
}
public static void SaveSession(this IServiceBase service, IOAuthSession session)
{
using (var cache = service.GetCacheClient())
{
var sessionKey = AuthService.GetSessionKey(service.GetSessionId());
cache.Set(sessionKey, session);
}
}
public OAuthService(string consumerKey, string consumerSecret, string baseUrl, string callbackUrl)
{
credentials = new OAuthCredentials(consumerKey, consumerSecret);
session = CreateSession(credentials, baseUrl, callbackUrl);
}
private void LoadUserAuth(IOAuthSession session, UserAuth userAuth)
{
if (userAuth == null) return;
session.UserAuthId = userAuth.Id.ToString();
session.DisplayName = userAuth.DisplayName;
session.FirstName = userAuth.FirstName;
session.LastName = userAuth.LastName;
session.Email = userAuth.Email;
}
public void SaveUserAuth(IOAuthSession oAuthSession)
{
dbFactory.Exec(dbCmd => {
var userAuth = !oAuthSession.UserAuthId.IsNullOrEmpty()
? dbCmd.GetByIdOrDefault<UserAuth>(oAuthSession.UserAuthId)
: oAuthSession.TranslateTo<UserAuth>();
if (userAuth.Id == default(int) && !oAuthSession.UserAuthId.IsNullOrEmpty())
userAuth.Id = int.Parse(oAuthSession.UserAuthId);
dbCmd.Save(userAuth);
});
}
private static IConsumerResponse CallApi(IOAuthSession oauthSession, string method, string body, Uri baseUrl, string endpointName, string itemId, /*string whereClause, string orderBy,*/ DateTime? lastModifiedDate, NameValueCollection additionalQueryParams, string acceptMimeType)
{
method = string.IsNullOrEmpty(method) ? "GET" : method.ToUpper();
Uri uri = ConstructUri(baseUrl, endpointName, itemId, /*whereClause, orderBy,*/ additionalQueryParams);
IConsumerRequest oauthRequest = oauthSession.Request()
.ForMethod(method)
.ForUri(uri)
.WithAcceptHeader(acceptMimeType ?? "text/xml")
.SignWithToken();
if ((method == "PUT" || method == "POST"))
{
oauthRequest = oauthRequest.WithBody(body);
}
if (lastModifiedDate.HasValue)
{
oauthRequest.Context.Headers.Add("If-Modified-Since", lastModifiedDate.Value.ToString("yyyy-MM-dd HH:mm:ss"));
}
var consumerResponse = oauthRequest.ToConsumerResponse();
// Check for <ApiException> response message
if (consumerResponse.Content.StartsWith("<ApiException"))
{
ApiExceptionDetails details = ModelSerializer.DeserializeTo<ApiExceptionDetails>(consumerResponse.Content);
throw new ApiException(details);
}
return consumerResponse;
}
public UserAuth GetUserAuth(IOAuthSession authSession, IOAuthTokens tokens)
{
using (var redis = factory.GetClient())
return GetUserAuth(redis, authSession, tokens);
}
public IConsumerRequest CreateConsumerRequest(IOAuthSession session, IOAuthContext context, IOAuthConsumerContext consumerContext)
{
return new ConsumerRequest(session, context, consumerContext, CertificateFactory);
}
public OauthMessageInspector(IOAuthSession authSession)
{
_authSession = authSession;
}
public OAuthBehavior(IOAuthSession authSession)
{
_authSession = authSession;
}
/// <summary>
/// Gets the current OAuthSession (used for getting request tokens, access tokens, etc.)
/// </summary>
/// <returns></returns>
public static IOAuthSession GetCurrentSession()
{
return _oauthSession ?? (_oauthSession = CreateOAuthSession());
}
public XeroConnection(IOAuthSession session, IToken token)
{
_session = session;
_token = token;
}
public void LoadUserAuth(IOAuthSession session, IOAuthTokens tokens)
{
session.ThrowIfNull("session");
var userAuth = GetUserAuth(session, tokens);
LoadUserAuth(session, userAuth);
}
public void SaveUserAuth(IOAuthSession oAuthSession)
{
using (var redis = factory.GetClient())
{
var userAuth = !oAuthSession.UserAuthId.IsNullOrEmpty()
? GetUserAuth(redis, oAuthSession.UserAuthId)
: oAuthSession.TranslateTo<UserAuth>();
if (userAuth.Id == default(int) && !oAuthSession.UserAuthId.IsNullOrEmpty())
userAuth.Id = int.Parse(oAuthSession.UserAuthId);
redis.Store(userAuth);
}
}
/// <summary>
/// Initializes a new instance of the <see cref="IntegrationProxy"/> class.
/// </summary>
/// <param name="oauthSession">The oauth session.</param>
public IntegrationProxy (IOAuthSession oauthSession)
{
_oauthSession = oauthSession;
}
public virtual object Authenticate(IServiceBase service, OAuth request, IOAuthSession session,
IOAuthTokens tokens, OAuthAuthorizer oAuth)
{
//Default oAuth logic based on Twitter's oAuth workflow
if (!tokens.RequestToken.IsNullOrEmpty() && !request.oauth_token.IsNullOrEmpty())
{
oAuth.RequestToken = tokens.RequestToken;
oAuth.RequestTokenSecret = tokens.RequestTokenSecret;
oAuth.AuthorizationToken = request.oauth_token;
oAuth.AuthorizationVerifier = request.oauth_verifier;
if (oAuth.AcquireAccessToken())
{
tokens.AccessToken = oAuth.AccessToken;
tokens.AccessTokenSecret = oAuth.AccessTokenSecret;
session.OnAuthenticated(service, tokens, oAuth.AuthInfo);
service.SaveSession(session);
//Haz access!
return service.Redirect(session.ReferrerUrl.AddQueryParam("s", "1"));
}
//No Joy :(
return service.Redirect(session.ReferrerUrl.AddQueryParam("f", "AccessTokenFailed"));
}
if (oAuth.AcquireRequestToken())
{
tokens.RequestToken = oAuth.RequestToken;
tokens.RequestTokenSecret = oAuth.RequestTokenSecret;
service.SaveSession(session);
//Redirect to OAuth provider to approve access
return service.Redirect(this.AuthorizeUrl
.AddQueryParam("oauth_token", tokens.RequestToken)
.AddQueryParam("oauth_callback", session.ReferrerUrl));
}
return service.Redirect(session.ReferrerUrl.AddQueryParam("f", "RequestTokenFailed"));
}
