protected virtual async Task <OAuthAccount> GetAccountFromAuthCode(WebAuthenticator authenticator, string identifier)
{
var postData = await authenticator.GetTokenPostData(ClientSecret);
var reply = await Client.PostAsync("oauth2/token", new FormUrlEncodedContent(postData));
var resp = await reply.Content.ReadAsStringAsync();
var result = Deserialize <OauthResponse>(resp);
if (!string.IsNullOrEmpty(result.Error))
{
throw new Exception(result.ErrorDescription);
}
var account = new OAuthAccount()
{
ExpiresIn = result.ExpiresIn,
Created = DateTime.UtcNow,
RefreshToken = authenticator.AuthCode,
Scope = authenticator.Scope.ToArray(),
TokenType = result.TokenType,
Token = result.AccessToken,
ClientId = ClientId,
Identifier = identifier,
};
return(account);
}
public static void AddOAuthAccount(this User user, string providerName, string providerUserId, string username, SettingsDictionary data = null) {
var account = new OAuthAccount {
Provider = providerName.ToLowerInvariant(),
ProviderUserId = providerUserId,
Username = username
};
if (data != null)
account.ExtraData.Apply(data);
user.OAuthAccounts.Add(account);
}
public static OAuthAccount ToOAuthAccount(this AuthenticationResult result)
{
var account = new OAuthAccount {
Provider = result.Provider,
ProviderUserId = result.ProviderUserId,
Username = result.UserName
};
foreach (string k in result.ExtraData.Keys)
account.ExtraData.Add(k, result.ExtraData[k]);
return account;
}
//Thanks you facebook for making your token exchange a get...
protected override async Task <OAuthAccount> GetAccountFromAuthCode(WebAuthenticator authenticator, string identifier)
{
var auth = authenticator as FacebookAuthenticator;
OauthResponse result;
if (IsUsingNative)
{
result = new OauthResponse
{
ExpiresIn = auth.Expiration,
TokenType = "Bearer",
AccessToken = auth.AuthCode,
RefreshToken = auth.AuthCode,
};
}
else
{
var postData = await authenticator.GetTokenPostData(ClientSecret);
if (string.IsNullOrWhiteSpace(TokenUrl))
{
throw new Exception("Invalid TokenURL");
}
var url = new Uri(TokenUrl).AddParameters(postData);
var reply = await Client.GetAsync(url);
var resp = await reply.Content.ReadAsStringAsync();
result = Deserialize <OauthResponse>(resp);
if (!string.IsNullOrEmpty(result.Error))
{
throw new Exception($"{result.Error} : {result.ErrorDescription}");
}
}
var account = new OAuthAccount()
{
ExpiresIn = result.ExpiresIn,
Created = DateTime.UtcNow,
RefreshToken = result.RefreshToken,
Scope = authenticator.Scope?.ToArray(),
TokenType = result.TokenType,
Token = result.AccessToken,
ClientId = ClientId,
Identifier = identifier,
IdToken = result.Id,
};
return(account);
}
public ActionResult ExternalLoginCallback(string returnUrl, string token)
{
AuthenticationResult result = _membershipProvider.VerifyOAuthAuthentication(Url.Action("ExternalLoginCallback", new { ReturnUrl = returnUrl, Token = token }));
if (!result.IsSuccessful)
{
SetErrorAlert(result.Error != null ? result.Error.Message : "An error occurred while trying to login.");
return(RedirectToAction("ExternalLoginFailure"));
}
// TODO: Need to check to see if we have a user with the specified email address already.
OAuthAccount account = result.ToOAuthAccount();
if (_membershipProvider.OAuthLogin(account, remember: true))
{
if (!String.IsNullOrEmpty(token))
{
AddInvitedUserToOrganization(token, _membershipProvider.GetUserByEmailAddress(account.EmailAddress() ?? account.Username));
}
return(RedirectToLocal(returnUrl));
}
// If the current user is logged in, then add the new OAuth account.
if (User != null && User.Identity.IsAuthenticated)
{
var user = _membershipProvider.CreateOAuthAccount(account, new User {
EmailAddress = User.Identity.Name
}); // TODO: @eric, why not pass in: User.UserEntity....
if (!String.IsNullOrEmpty(token))
{
AddInvitedUserToOrganization(token, user);
}
return(RedirectToLocal(returnUrl));
}
// User is new, ask for their desired membership name
string loginData = _encoder.Protect(JsonConvert.SerializeObject(account));
ViewBag.ProviderDisplayName = _membershipProvider.GetOAuthClientData(result.Provider).DisplayName;
ViewBag.ReturnUrl = returnUrl;
ViewBag.Token = token;
return(View("ExternalLoginConfirmation", new ExternalLoginConfirmationModel {
FullName = account.FullName(),
EmailAddress = account.EmailAddress(),
ExternalLoginData = loginData
}));
}
protected override async Task <OAuthAccount> GetAccountFromAuthCode(Authenticator authenticator, string identifier)
{
var account = new OAuthAccount()
{
ExpiresIn = (long)(TimeSpan.FromDays(365).TotalSeconds),
Created = DateTime.UtcNow,
TokenType = "Bearer",
Token = authenticator.AuthCode,
ClientId = ClientId,
Identifier = identifier,
};
return(account);
}
public static OAuthAccount ToOAuthAccount(this AuthenticationResult result)
{
var account = new OAuthAccount {
Provider = result.Provider,
ProviderUserId = result.ProviderUserId,
Username = result.UserName
};
foreach (string k in result.ExtraData.Keys)
{
account.ExtraData.Add(k, result.ExtraData[k]);
}
return(account);
}
private IServiceAccount GetEnvironmentVariablesAccount()
{
// Try to add an account from environment variables
try
{
var account = OAuthAccount.CreateAccountFromEnvironmentVariables();
account.BaseUrl = this.ServiceRootUrl;
return(account);
}
catch (InvalidOperationException ex)
{
Console.WriteLine("Exception while getting account: {0}", ex.Message);
return(null);
}
}
public static void AddOAuthAccount(this User user, string providerName, string providerUserId, string username, SettingsDictionary data = null)
{
var account = new OAuthAccount {
Provider = providerName.ToLowerInvariant(),
ProviderUserId = providerUserId,
Username = username
};
if (data != null)
{
account.ExtraData.Apply(data);
}
user.OAuthAccounts.Add(account);
}
internal async Task GetAuthToken(OAuthAccount account)
{
try {
var deviceID = string.IsNullOrWhiteSpace(DeviceId) ? Utility.DeviceId : DeviceId;
var data = new Dictionary <string, string>
{
{ "app_id", "com.google.PlayMusic" },
{ "client_id", "228293309116.apps.googleusercontent.com" },
{ "device_id", deviceID },
{ "hl", cultureShort },
{ "lib_ver", "1.0" },
{ "response_type", "token" },
{
"scope",
"https://www.googleapis.com/auth/plus.me https://www.googleapis.com/auth/userinfo.profile https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/skyjam"
},
};
//var client = Handler == null ? new HttpClient() : new HttpClient(Handler);
var client = new HttpClient();
client.DefaultRequestHeaders.Authorization =
new System.Net.Http.Headers.AuthenticationHeaderValue(CurrentOAuthAccount.TokenType,
CurrentAccount.UserData ["MasterToken"]);
var message =
await client.PostAsync("https://www.googleapis.com/oauth2/v2/IssueToken", new FormUrlEncodedContent (data));
var json = await message.Content.ReadAsStringAsync();
var resp = Deserialize <GoogleTokenIssueResponse> (json);
if (resp?.Error?.Code == 400)
{
account.Token = "";
account.RefreshToken = "";
account.ExpiresIn = 0;
SaveAccount(account);
}
else
{
account.Token = resp.Token;
account.ExpiresIn = resp.ExpiresIn;
account.Created = DateTime.UtcNow;
await PrepareClient(Client);
}
} catch (Exception ex) {
LogManager.Shared.Report(ex);
}
}
protected override Task<OAuthAccount> GetAccountFromAuthCode(WebAuthenticator authenticator, string identifier)
{
var author = (DropBoxAuthenticator)authenticator;
var account = new OAuthAccount()
{
ExpiresIn = -1,
Created = DateTime.UtcNow,
RefreshToken = null,
Scope = new string[0],
TokenType = author.TokenType,
Token = author.Token,
ClientId = ClientId,
Identifier = identifier,
};
account.UserData["Uid"] = author.Uid;
return Task.FromResult(account);
}
internal async Task GetAuthToken(OAuthAccount account)
{
try{
var deviceId = Utility.DeviceId;
var data = new Dictionary <string, string> {
{ "app_id", "com.google.ios.youtube" },
{ "client_id", "755541669657-kbosfavg7pk7sr3849c3tf657hpi5jpd.apps.googleusercontent.com" },
{ "device_id", deviceId },
{ "hl", cultureShort },
{ "lib_ver", "1.0" },
{ "response_type", "token" }, {
"scope",
"https://www.googleapis.com/auth/youtube https://www.googleapis.com/auth/youtube.force-ssl https://gdata.youtube.com https://www.googleapis.com/auth/plus.stream.read https://www.googleapis.com/auth/plus.stream.write https://www.googleapis.com/auth/plus.stream.moderate https://www.googleapis.com/auth/plus.stream.write https://www.googleapis.com/auth/plus.circles.read https://www.googleapis.com/auth/plus.circles.write https://www.googleapis.com/auth/plus.me https://www.googleapis.com/auth/picasa https://www.googleapis.com/auth/plus.media.upload https://www.googleapis.com/auth/plus.settings https://www.googleapis.com/auth/plus.pages.manage https://www.google.com/accounts/OAuthLogin https://www.googleapis.com/auth/identity.plus.page.impersonation https://www.googleapis.com/auth/supportcontent"
},
};
//var client = Handler == null ? new HttpClient() : new HttpClient(Handler);
var client = new HttpClient(new ModernHttpClient.NativeMessageHandler());
client.DefaultRequestHeaders.Authorization =
new System.Net.Http.Headers.AuthenticationHeaderValue(account.TokenType,
account.UserData ["MasterToken"]);
var message =
await client.PostAsync("https://www.googleapis.com/oauth2/v2/IssueToken", new FormUrlEncodedContent (data));
var json = await message.Content.ReadAsStringAsync();
var resp = Deserialize <MusicPlayer.Api.GoogleMusic.GoogleMusicApi.GoogleTokenIssueResponse> (json);
if (resp?.Error?.Code == 400)
{
account.Token = "";
account.RefreshToken = "";
account.ExpiresIn = 0;
}
else
{
account.Token = resp.Token;
account.ExpiresIn = resp.ExpiresIn;
account.Created = DateTime.UtcNow;
await PrepareClient(Client);
}
}
catch (Exception ex) {
Console.WriteLine(ex);
}
}
protected override Task <OAuthAccount> GetAccountFromAuthCode(WebAuthenticator authenticator, string identifier)
{
var author = (DropBoxAuthenticator)authenticator;
var account = new OAuthAccount()
{
ExpiresIn = -1,
Created = DateTime.UtcNow,
RefreshToken = null,
Scope = new string[0],
TokenType = author.TokenType,
Token = author.Token,
ClientId = ClientId,
Identifier = identifier,
};
account.UserData["Uid"] = author.Uid;
return(Task.FromResult(account));
}
async Task <Account> CheckForGoogleAccount()
{
var account = CurrentOAuthAccount ?? GetAccount <OAuthAccount> (Identifier);
if (account != null)
{
if (string.IsNullOrWhiteSpace(GetAccountParentId(account)))
{
return(null);
}
return(account);
}
var googleProvider = ApiManager.Shared.GetMusicProvider(ServiceType.Google);
var googleId = googleProvider?.Id;
if (string.IsNullOrWhiteSpace(googleId))
{
return(null);
}
var googleApi = (googleProvider?.Api as GoogleMusicApi);
if (!googleApi?.HasAuthenticated ?? true)
{
await googleApi.Authenticate();
}
account = googleApi?.CurrentOAuthAccount;
if (account == null)
{
return(null);
}
currentAccount = new OAuthAccount()
{
ClientId = ClientId,
Identifier = Identifier,
TokenType = account.TokenType,
RefreshToken = "NA",
UserData = new Dictionary <string, string> {
{ "ParentId", googleProvider.Id },
}
};
return(currentAccount);
}
public bool DeleteOAuthAccount(string provider, string providerUserId)
{
User user = GetUserByOAuthProvider(provider, providerUserId);
if (user == null)
{
return(false);
}
// allow the account to be deleted only if there is a local password or there is more than one external login
if (user.OAuthAccounts.Count > 1 || !String.IsNullOrEmpty(user.Password))
{
OAuthAccount account = user.OAuthAccounts.Single(o => o.Provider == provider && o.ProviderUserId == providerUserId);
user.OAuthAccounts.Remove(account);
Save(user);
return(true);
}
return(false);
}
//Thanks you facebook for making your token exchange a get...
protected override async Task<OAuthAccount> GetAccountFromAuthCode(WebAuthenticator authenticator, string identifier)
{
var auth = authenticator as FacebookAuthenticator;
OauthResponse result;
if (IsUsingNative)
{
result = new OauthResponse
{
ExpiresIn = auth.Expiration,
TokenType = "Bearer",
AccessToken = auth.AuthCode,
RefreshToken = auth.AuthCode,
};
}
else {
var postData = await authenticator.GetTokenPostData(ClientSecret);
if (string.IsNullOrWhiteSpace(TokenUrl))
throw new Exception("Invalid TokenURL");
var url = new Uri(TokenUrl).AddParameters(postData);
var reply = await Client.GetAsync(url);
var resp = await reply.Content.ReadAsStringAsync();
result = Deserialize<OauthResponse>(resp);
if (!string.IsNullOrEmpty(result.Error))
throw new Exception(result.ErrorDescription);
}
var account = new OAuthAccount()
{
ExpiresIn = result.ExpiresIn,
Created = DateTime.UtcNow,
RefreshToken = result.RefreshToken,
Scope = authenticator.Scope?.ToArray(),
TokenType = result.TokenType,
Token = result.AccessToken,
ClientId = ClientId,
Identifier = identifier,
};
return account;
}
public bool OAuthLogin(OAuthAccount account, bool remember)
{
AuthenticationClientData oauthProvider = _authenticationClients[account.Provider];
HttpContextBase context = _applicationEnvironment.AcquireContext();
var securityManager = new OpenAuthSecurityManager(context, oauthProvider.AuthenticationClient, this);
bool success = securityManager.Login(account.ProviderUserId, remember);
if (success)
{
return(true);
}
User user = GetUserByEmailAddress(account.Username);
if (user == null)
{
return(false);
}
user.OAuthAccounts.Add(account);
_userCollection.Save(user);
return(securityManager.Login(account.ProviderUserId, remember));
}
public User CreateOAuthAccount(OAuthAccount account, User user)
{
var emailAddressesToCheck = new HashSet <string>(StringComparer.OrdinalIgnoreCase);
if (!String.IsNullOrWhiteSpace(user.EmailAddress))
{
emailAddressesToCheck.Add(user.EmailAddress);
}
var verifiedEmailAddresses = new HashSet <string>(StringComparer.OrdinalIgnoreCase);
if (!String.IsNullOrWhiteSpace(account.Username) && account.Username.Contains('@'))
{
verifiedEmailAddresses.Add(account.Username);
}
foreach (string key in new[] { "email", "preferred_email", "account_email", "personal_email" })
{
if (account.ExtraData.ContainsKey(key) && !String.IsNullOrWhiteSpace(account.ExtraData[key]) && account.ExtraData[key].Contains('@'))
{
verifiedEmailAddresses.Add(account.ExtraData[key]);
}
}
if (verifiedEmailAddresses.Count > 0)
{
emailAddressesToCheck.UnionWith(verifiedEmailAddresses);
}
// Try to find existing user accounts and add this OAuth account to them.
// TODO: Shouldn't we check to see if there are multiple existing users..
User existingUser = GetUserByEmailAddress(user.EmailAddress);
foreach (string email in emailAddressesToCheck)
{
User u = GetUserByEmailAddress(email);
if (u != null)
{
existingUser = u;
if (u.IsEmailAddressVerified)
{
verifiedEmailAddresses.Add(u.EmailAddress);
}
}
}
if (existingUser != null)
{
user = existingUser;
}
User oauthUser = GetUserByOAuthProvider(account.Provider, account.ProviderUserId);
if (user.OAuthAccounts == null)
{
user.OAuthAccounts = new HashSet <OAuthAccount>();
}
// The OAuth account was already associated to this user.
if (oauthUser != null && oauthUser.Id == user.Id)
{
return(oauthUser);
}
// Move OAuth account to new user.
if (oauthUser != null)
{
OAuthAccount duplicateAccount = oauthUser.OAuthAccounts.Single(o => o.Provider == account.Provider && o.ProviderUserId == account.ProviderUserId);
oauthUser.OAuthAccounts.Remove(duplicateAccount);
Save(oauthUser);
}
user.OAuthAccounts.Add(account);
user.IsActive = true;
user.IsEmailAddressVerified = user.IsEmailAddressVerified || verifiedEmailAddresses.Contains(user.EmailAddress);
// TODO: Should we be updating the users full name from the oauth extended data?
Save(user);
return(user);
}
public ResultPage(AuthenticatonResult result, Action returnCallback)
{
_returnCallback = returnCallback;
var stack = new StackLayout
{
VerticalOptions = LayoutOptions.Center,
HorizontalOptions = LayoutOptions.Center
};
if (result)
{
_account = result.Account;
stack.Children.Add(new Label
{
Text = $"Provider: {_account.ProviderName}"
});
stack.Children.Add(new Label
{
Text = $"Id: {_account.Id}"
});
stack.Children.Add(new Label
{
Text = $"Name: {_account.DisplayName}"
});
var token = _account.AccessToken;
if (token.Expires.HasValue)
{
SetExpireText();
stack.Children.Add(_expireLabel);
}
if (result.Account.RefreshesToken)
{
stack.Children.Add(new Button
{
Text = "Refresh Token",
Command = new Command(async() =>
{
var response = await result.Account.RefreshToken();
if (response)
{
SetExpireText();
}
})
});
}
}
else
{
stack.Children.Add(new Label
{
Text = "Authentication failed!"
});
stack.Children.Add(new Label
{
Text = $"Reason: {result.Error}"
});
if (!string.IsNullOrEmpty(result.ErrorDescription))
{
stack.Children.Add(new Label
{
Text = $"Description: {result.ErrorDescription}"
});
}
}
stack.Children.Add(new Button
{
Text = "Back",
Command = new Command(returnCallback)
});
Content = stack;
}
public User CreateOAuthAccount(OAuthAccount account, User user)
{
var emailAddressesToCheck = new HashSet<string>(StringComparer.OrdinalIgnoreCase);
if (!String.IsNullOrWhiteSpace(user.EmailAddress))
emailAddressesToCheck.Add(user.EmailAddress);
var verifiedEmailAddresses = new HashSet<string>(StringComparer.OrdinalIgnoreCase);
if (!String.IsNullOrWhiteSpace(account.Username) && account.Username.Contains('@'))
verifiedEmailAddresses.Add(account.Username);
foreach (string key in new[] { "email", "preferred_email", "account_email", "personal_email" }) {
if (account.ExtraData.ContainsKey(key) && !String.IsNullOrWhiteSpace(account.ExtraData[key]) && account.ExtraData[key].Contains('@'))
verifiedEmailAddresses.Add(account.ExtraData[key]);
}
if (verifiedEmailAddresses.Count > 0)
emailAddressesToCheck.UnionWith(verifiedEmailAddresses);
// Try to find existing user accounts and add this OAuth account to them.
// TODO: Shouldn't we check to see if there are multiple existing users..
User existingUser = GetUserByEmailAddress(user.EmailAddress);
foreach (string email in emailAddressesToCheck) {
User u = GetUserByEmailAddress(email);
if (u != null) {
existingUser = u;
if (u.IsEmailAddressVerified)
verifiedEmailAddresses.Add(u.EmailAddress);
}
}
if (existingUser != null)
user = existingUser;
User oauthUser = GetUserByOAuthProvider(account.Provider, account.ProviderUserId);
if (user.OAuthAccounts == null)
user.OAuthAccounts = new HashSet<OAuthAccount>();
// The OAuth account was already associated to this user.
if (oauthUser != null && oauthUser.Id == user.Id)
return oauthUser;
// Move OAuth account to new user.
if (oauthUser != null) {
OAuthAccount duplicateAccount = oauthUser.OAuthAccounts.Single(o => o.Provider == account.Provider && o.ProviderUserId == account.ProviderUserId);
oauthUser.OAuthAccounts.Remove(duplicateAccount);
Save(oauthUser);
}
user.OAuthAccounts.Add(account);
user.IsActive = true;
user.IsEmailAddressVerified = user.IsEmailAddressVerified || verifiedEmailAddresses.Contains(user.EmailAddress);
// TODO: Should we be updating the users full name from the oauth extended data?
Save(user);
return user;
}
public bool OAuthLogin(OAuthAccount account, bool remember)
{
AuthenticationClientData oauthProvider = _authenticationClients[account.Provider];
HttpContextBase context = _applicationEnvironment.AcquireContext();
var securityManager = new OpenAuthSecurityManager(context, oauthProvider.AuthenticationClient, this);
bool success = securityManager.Login(account.ProviderUserId, remember);
if (success)
return true;
User user = GetUserByEmailAddress(account.Username);
if (user == null)
return false;
user.OAuthAccounts.Add(account);
_userCollection.Save(user);
return securityManager.Login(account.ProviderUserId, remember);
}
