Beispiel #1
0
        private OidcClient GetOidcClient()
        {
            var scopes = new List <string>
            {
                "openid",
                "profile",
                "garagedoor.read",
                "garagedoor.write",
                "weather.read",
                "lights.read",
                "lights.write",
                "offline_access",
            };

            var options = new OidcClientOptions
            {
                Authority    = OPENID_CONNECT_AUTHORITY,
                ClientId     = _clientId,
                Scope        = String.Join(" ", scopes),
                ResponseMode = OidcClientOptions.AuthorizeResponseMode.Redirect,

                RedirectUri           = _callbackUrl,
                PostLogoutRedirectUri = _callbackUrl,

                Browser = _browser,
            };

            return(new OidcClient(options));
        }
Beispiel #2
0
        private static async Task Login()
        {
            var    browser     = new Browser(44377);
            string redirectUri = "https://localhost:44377/desktop-callback/";

            var options = new OidcClientOptions
            {
                Authority    = "https://sod.superoffice.com/login",
                LoadProfile  = false,
                ClientId     = "",
                ClientSecret = "",
                Scope        = "openid",
                RedirectUri  = redirectUri,
                ResponseMode = OidcClientOptions.AuthorizeResponseMode.FormPost,
                Flow         = OidcClientOptions.AuthenticationFlow.Hybrid,
                Browser      = browser
            };

            options.Policy.Discovery.ValidateIssuerName = false;
            options.Policy.RequireAccessTokenHash       = false;

            var client = new OidcClient(options);
            var state  = await client.PrepareLoginAsync();

            Console.WriteLine($"Please wait while login...");
            _oidcClient = new OidcClient(options);
            var result = await _oidcClient.LoginAsync(new LoginRequest());

            if (!result.IsError)
            {
                GetTokens(result);
            }

            //LoginResult
        }
Beispiel #3
0
        public MainPage()
        {
            InitializeComponent();

            Login.Clicked   += Login_Clicked;
            Logout.Clicked  += Logout_Clicked;
            CallApi.Clicked += CallApi_Clicked;

            _browser = DependencyService.Get <IBrowser>();

            var options = new OidcClientOptions
            {
                // 10.0.2.2 is an alias for localhost on the computer when using the android emulator
                Authority             = "http://10.0.2.2:50405/",
                ClientId              = "native.hybrid",
                Scope                 = "openid profile email idserverapi offline_access",
                RedirectUri           = "xamarinformsclients://callback",
                PostLogoutRedirectUri = "xamarinformsclients://callback",
                Browser               = _browser,
                ResponseMode          = OidcClientOptions.AuthorizeResponseMode.Redirect,
                Policy                = new Policy()
                {
                    Discovery = new DiscoveryPolicy()
                    {
                        RequireHttps = false
                    }
                }
            };

            _client = new OidcClient(options);
        }
        protected override void OnCreate(Bundle savedInstanceState)
        {
            base.OnCreate(savedInstanceState);

            // Set our view from the "main" layout resource
            SetContentView(Resource.Layout.Main);
            var loginButton = FindViewById <Button>(Resource.Id.LoginButton);

            loginButton.Click += _loginButton_Click;

            var apiButton = FindViewById <Button>(Resource.Id.ApiButton);

            apiButton.Click += _apiButton_Click;

            var refreshButton = FindViewById <Button>(Resource.Id.RefreshButton);

            refreshButton.Click += _refreshButton_Click;

            _output = FindViewById <TextView>(Resource.Id.Output);

            ShowResults();

            _options = new OidcClientOptions
            {
                Authority    = _authority,
                ClientId     = "native.hybrid",
                Scope        = "openid profile api offline_access",
                RedirectUri  = "io.identitymodel.native://callback",
                ResponseMode = OidcClientOptions.AuthorizeResponseMode.Redirect,
                Browser      = new ChromeCustomTabsBrowser(this)
            };
        }
Beispiel #5
0
        public MainPage()
        {
            InitializeComponent();


            Login.Clicked += Login_Clicked;

            var browser = DependencyService.Get <IBrowser>();

            var options = new OidcClientOptions
            {
                Authority   = "https://demo.identityserver.io",
                ClientId    = "native.hybrid",
                Scope       = "openid profile email api offline_access",
                RedirectUri = "xamarinformsoidc://callback",
                Browser     = browser,

                ResponseMode = OidcClientOptions.AuthorizeResponseMode.Redirect,
                // RequiredHttps default is true. Remove this Policy if Https is required
                Policy = new Policy()
                {
                    Discovery = new DiscoveryPolicy {
                        RequireHttps = false
                    }
                }
            };

            _client = new OidcClient(options);
            //BindingContext = viewModel = new TestViewModel();
        }
        private async void RefreshTokens(object sender, RoutedEventArgs e)
        {
            var options = new OidcClientOptions
            {
                Authority   = _authority,
                ClientId    = _clientIdentifier,
                RedirectUri = _redirectUri
            };
            var oidcClient = new OidcClient(options);
            var result     = await oidcClient.RefreshTokenAsync(_refreshToken);

            if (result.IsError)
            {
                Message.Text += string.Format("{0} - Refresh Tokens error: {1}\n", DateTime.Now, result.Error);
            }
            else
            {
                _accessToken  = result.AccessToken;
                _refreshToken = result.RefreshToken;
                Message.Text  = string.Format("{0} - Refresh completed successfully\n", DateTime.Now);
                Message.Text += string.Format("{0} - Identity token {1}\n Access token {2}\n"
                                              , DateTime.Now
                                              , JWTTokenHelper.ReadToken(_identityToken)
                                              , JWTTokenHelper.ReadToken(_accessToken));
            }
        }
Beispiel #7
0
        public async void Start(object sender, RoutedEventArgs e)
        {
            var options = new OidcClientOptions()
            {
                Authority   = "https://demo.identityserver.io/",
                ClientId    = "interactive.public",
                Scope       = "openid profile email",
                RedirectUri = "http://127.0.0.1/sample-wpf-app",
                Browser     = new WpfEmbeddedBrowser()
            };

            _oidcClient = new OidcClient(options);

            LoginResult result;

            try
            {
                result = await _oidcClient.LoginAsync();
            }
            catch (Exception ex)
            {
                Message.Text = $"Unexpected Error: {ex.Message}";
                return;
            }

            if (result.IsError)
            {
                Message.Text = result.Error == "UserCancel" ? "The sign-in window was closed before authorization was completed." : result.Error;
            }
            else
            {
                var name = result.User.Identity.Name;
                Message.Text = $"Hello {name}";
            }
        }
        public static async Task <LoginResult> Start(IBrowser browser)
        {
            //Do not use this in production environment.
            var handler = HttpClientExtensions.CreateHttpClientHandler(true);

            var options = new OidcClientOptions
            {
                Authority          = Config.IdentityServerUrl,
                BackchannelHandler = handler,
                Browser            = browser,
                ClientId           = "NativeClient",
                ClientSecret       = "KHG+TZ8aaVx2h3^!vJ65",
                FilterClaims       = false,
                Flow        = OidcClientOptions.AuthenticationFlow.AuthorizationCode,
                LoadProfile = true,
                Scope       = "openid profile Api1 Cluster",
                RedirectUri = Config.NativeClientUrl,
                RefreshTokenInnerHttpHandler = handler,
                ResponseMode = OidcClientOptions.AuthorizeResponseMode.Redirect
            };

            var client = new OidcClient(options);

            return(await client.LoginAsync(new LoginRequest()));
        }
Beispiel #9
0
 public EncodingList(
     OidcClientOptions options,
     ICollection <KeyValuePair <string, string> > list,
     string keyValueSeparator,
     string parameterSeparator,
     bool lowerCaseKeys)
 {
     if (list == null)
     {
         throw new ArgumentNullException("list");
     }
     if (list.Any() == false)
     {
         throw new ArgumentException("list is empty");
     }
     if (keyValueSeparator == null)
     {
         throw new ArgumentNullException("keyValueSeparator");
     }
     if (parameterSeparator == null)
     {
         throw new ArgumentNullException("parameterSeparator");
     }
     Logger   = options.LoggerFactory.CreateLogger <EncodingList>();
     _options = options;
     Encode(list, keyValueSeparator, parameterSeparator, lowerCaseKeys);
 }
Beispiel #10
0
        private OidcClientOptions CreateOidcClientOptions(Auth0ClientOptions options)
        {
            var oidcClientOptions = new OidcClientOptions
            {
                Authority             = $"https://{options.Domain}",
                ClientId              = options.ClientId,
                ClientSecret          = options.ClientSecret,
                Scope                 = options.Scope,
                LoadProfile           = options.LoadProfile,
                Browser               = options.Browser,
                Flow                  = AuthenticationFlow.AuthorizationCode,
                ResponseMode          = AuthorizeResponseMode.Redirect,
                RedirectUri           = options.RedirectUri ?? $"https://{_options.Domain}/mobile",
                PostLogoutRedirectUri = options.PostLogoutRedirectUri ?? $"https://{_options.Domain}/mobile",

                Policy =
                {
                    RequireAuthorizationCodeHash = false,
                    RequireAccessTokenHash       = false
                }
            };

            if (options.RefreshTokenMessageHandler != null)
            {
                oidcClientOptions.RefreshTokenInnerHttpHandler = options.RefreshTokenMessageHandler;
            }

            if (options.BackchannelHandler != null)
            {
                oidcClientOptions.BackchannelHandler = options.BackchannelHandler;
            }

            return(oidcClientOptions);
        }
        private static async Task <string> LaunchBrowserForTokenAsync()
        {
            var browser = new SystemBrowser(12345, "/native_client_callback");

            var opts = new OidcClientOptions
            {
                Authority   = authorityUrl,
                Scope       = "openid movie_api",
                RedirectUri = "http://127.0.0.1:12345/native_client_callback",
                ClientId    = "native_client",
                Browser     = browser,
            };
            // uncomment this line to enable logging
            //opts.LoggerFactory.AddConsole(LogLevel.Trace);

            var client = new OidcClient(opts);
            var result = await client.LoginAsync();

            if (result.IsError)
            {
                Console.WriteLine($"Error: {result.Error}.");
                return(null);
            }

            return(result.AccessToken);
        }
        async void Login_Clicked(object sender, EventArgs e)
        {
            var browser = DependencyService.Get <IBrowser>();

            var options = new OidcClientOptions
            {
                Authority   = "https://demo.identityserver.io",
                ClientId    = "native.hybrid",
                Scope       = "openid profile email api offline_access",
                RedirectUri = "xamarinformsclients://callback",
                Browser     = browser,

                ResponseMode = OidcClientOptions.AuthorizeResponseMode.Redirect
            };

            client = new OidcClient(options);

            result = await client.LoginAsync(new LoginRequest());

            if (result.IsError)
            {
                await DisplayAlert("Access Token", "Login error", "OK");

                return;
            }

            await DisplayAlert("Access Token", result.AccessToken, "OK");
        }
Beispiel #13
0
        public SignInPageViewModel(
            INavigationService navigationService,
            IApiClient apiClient,
            IBrowser browser)
            : base(navigationService)
        {
            this.apiClient = apiClient;
            options        = new OidcClientOptions
            {
                Authority          = GlobalSettings.Instance.BaseIdentityHostPath.ToString(),
                ClientId           = GlobalSettings.Instance.ClientId,
                ClientSecret       = GlobalSettings.Instance.ClientSecret,
                Scope              = "openid profile chat.api offline_access",
                RedirectUri        = GlobalSettings.Instance.Callback,
                Browser            = browser,
                ResponseMode       = OidcClientOptions.AuthorizeResponseMode.Redirect,
                BackchannelHandler = new HttpClientHandler
                {
                    AllowAutoRedirect = true,
                    ServerCertificateCustomValidationCallback = (message, cert, chain, errors) => true
                }
            };

            SignIn = new DelegateCommand(OnSignInCommand);
        }
Beispiel #14
0
        private void initializeOidcClient()
        {
            if (_oidcClient != null)
            {
                _oidcClient.Options.Authority    = authority;
                _oidcClient.Options.ClientId     = clientId;
                _oidcClient.Options.ClientSecret = clientSecret;
                _oidcClient.Options.Scope        = scope;
                _oidcClient.Options.RedirectUri  = redirectUri;
                return;
                //_oidcClient.Options.Browser = null;
                //_oidcClient = null;
            }
            var options = new OidcClientOptions
            {
                Authority    = authority,
                ClientId     = clientId,
                ClientSecret = clientSecret,
                Scope        = scope,
                RedirectUri  = redirectUri,
                FilterClaims = false,
                Browser      = new SystemBrowser(port: 7890, path: null, browserPath: internetBrowsers[cboBrowsers.SelectedIndex].Path)
            };

//            var browser = (SystemBrowser)_oidcClient.Options.Browser;

            _oidcClient = new OidcClient(options);
        }
        public async Task <OidcClientOptions> RegisterForCode()
        {
            var disco = await GetDiscoveryDocument();

            var registration = await RegisterClientForCode(disco.RegistrationEndpoint, "http://localhost:7890");

            var serilog = new LoggerConfiguration()
                          .MinimumLevel.Verbose()
                          .Enrich.FromLogContext()
                          .WriteTo.LiterateConsole(outputTemplate: "[{Timestamp:HH:mm:ss} {Level}] {SourceContext}{NewLine}{Message}{NewLine}{Exception}{NewLine}")
                          .CreateLogger();

            var options = new OidcClientOptions
            {
                Authority    = disco.Issuer,
                RedirectUri  = "http://localhost:7890",
                ClientId     = registration.ClientId,
                ClientSecret = registration.ClientSecret,
                TokenClientAuthenticationStyle = AuthenticationStyle.BasicAuthentication,
                Browser      = new SystemBrowser(port: 7890),
                FilterClaims = false
            };

            options.LoggerFactory.AddSerilog(serilog);

            options.Policy.RequireAccessTokenHash      = false;
            options.Policy.Discovery.ValidateEndpoints = false;

            return(options);
        }
        private static async Task Login()
        {
            // create a redirect URI using an available port on the loopback address.
            // requires the OP to allow random ports on 127.0.0.1 - otherwise set a static port
            var    browser     = new SystemBrowser(64879);
            string redirectUri = string.Format($"http://127.0.0.1:{browser.Port}");

            var options = new OidcClientOptions
            {
                Authority    = _authority,
                ClientId     = "swaggerui",
                RedirectUri  = redirectUri,
                Scope        = "openid profile IdentityServerApi",
                FilterClaims = false,
                Browser      = browser,
                Flow         = OidcClientOptions.AuthenticationFlow.AuthorizationCode,
                ResponseMode = OidcClientOptions.AuthorizeResponseMode.Redirect
            };

            options.Policy.Discovery.ValidateIssuerName = false;
            options.BackchannelHandler = new HttpClientHandler()
            {
                ServerCertificateCustomValidationCallback = (message, certificate, chain, sslPolicyErrors) => true
            };

            options.LoggerFactory.AddSerilog(serviceProvider.GetService <Serilog.ILogger>());

            _oidcClient = new OidcClient(options);
            var result = await _oidcClient.LoginAsync(new LoginRequest());

            ShowResult(result);
            await NextSteps(result);
        }
        static async Task <string> RequestTokenAsync()
        {
            var webView = new LoopbackWebView(callbackPort, callbackPath);

            var loggerFactory = new LoggerFactory();
            // uncomment this line for logging inside OidcClient
            //loggerFactory.AddSerilog(Log.Logger);

            var opts = new OidcClientOptions(authority,
                                             scope,
                                             callbackBase + callbackPort + callbackPath,
                                             clientId,
                                             webView: webView,
                                             loggerFactory: loggerFactory)
            {
                UseFormPost = true
            };

            var client = new OidcClient(opts);
            var result = await client.LoginAsync();

            if (!result.Success)
            {
                Console.WriteLine($"Error: {result.Error}.");
                return(null);
            }

            Console.WriteLine($"Access token: {result.AccessToken}");
            return(result.AccessToken);
        }
Beispiel #18
0
        private static async Task SignIn()
        {
            // create a redirect URI using an available port on the loopback address.
            // requires the OP to allow random ports on 127.0.0.1 - otherwise set a static port
            var    browser     = new SystemBrowser();
            string redirectUri = string.Format($"http://127.0.0.1:{browser.Port}");

            var options = new OidcClientOptions
            {
                Authority = Constants.Authority,

                ClientId = "console.pkce",

                RedirectUri  = redirectUri,
                Scope        = "openid profile feature1",
                FilterClaims = false,
                Browser      = browser
            };

            var serilog = new LoggerConfiguration()
                          .MinimumLevel.Error()
                          .Enrich.FromLogContext()
                          .WriteTo.Console(outputTemplate: "[{Timestamp:HH:mm:ss} {Level}] {SourceContext}{NewLine}{Message}{NewLine}{Exception}{NewLine}")
                          .CreateLogger();

            options.LoggerFactory.AddSerilog(serilog);

            _oidcClient = new OidcClient(options);
            var result = await _oidcClient.LoginAsync(new LoginRequest());

            ShowResult(result);
            await NextSteps(result);
        }
Beispiel #19
0
        public async Task <string> GetAccessToken(string pid, int securityLevel = 4, string hprNumber = "")
        {
            var options = new OidcClientOptions
            {
                Authority   = configuration.Authority,
                ClientId    = configuration.ClientId,
                Flow        = OidcClientOptions.AuthenticationFlow.AuthorizationCode,
                RedirectUri = configuration.RedirectUri,
                Scope       = configuration.Scope,
            };

            var oidcClient     = new OidcClient(options);
            var authorizeState = await oidcClient.PrepareLoginAsync();

            // Start logon - gå til STS HRD
            var testIdpUrl = await GetTestIdpUrl(authorizeState.StartUrl);

            // Gå til test idp
            var testIdpLogonRequest = await GetTestIdpLogonRequest(testIdpUrl, pid, securityLevel.ToString(), hprNumber);

            // Utfør logon med Test Idp
            var postbackRequest = await PerformTestIdpLogon(testIdpLogonRequest);

            var authCode = await PerformPostbackAndGetAuthCode(postbackRequest);

            return(await PerformAccessTokenRequest(authCode, authorizeState.CodeVerifier));
        }
Beispiel #20
0
        private static async Task Login()
        {
            var    browser     = new SystemBrowser(45656);
            string redirectUri = "https://127.0.0.1:45656";

            var options = new OidcClientOptions
            {
                Authority    = _authority,
                ClientId     = "native.code",
                RedirectUri  = redirectUri,
                Scope        = "openid profile native_api",
                FilterClaims = false,
                Browser      = browser,
                Flow         = OidcClientOptions.AuthenticationFlow.AuthorizationCode,
                ResponseMode = OidcClientOptions.AuthorizeResponseMode.Redirect,
                LoadProfile  = true
            };

            var serilog = new LoggerConfiguration()
                          .MinimumLevel.Verbose()
                          .Enrich.FromLogContext()
                          .WriteTo.Console(outputTemplate: "[{Timestamp:HH:mm:ss} {Level}] {SourceContext}{NewLine}{Message}{NewLine}{Exception}{NewLine}")
                          .CreateLogger();

            options.LoggerFactory.AddSerilog(serilog);

            _oidcClient = new OidcClient(options);
            var result = await _oidcClient.LoginAsync(new LoginRequest());

            ShowResult(result);
            await NextSteps(result);
        }
        private async void Login()
        {
            var options = new OidcClientOptions()
            {
                Authority   = "https://localhost:5001/",
                ClientId    = "MeetingsWpfApplication",
                Scope       = "openid profile",
                RedirectUri = "http://127.0.0.1/sample-wpf-app",
                Browser     = new WpfEmbeddedBrowser()
            };

            _oidcClient = new OidcClient(options);

            LoginResult result;

            try
            {
                result = await _oidcClient.LoginAsync();
            }
            catch (Exception ex)
            {
                Message = $"Unexpected Error: {ex.Message}";
                return;
            }

            if (result.IsError)
            {
                Message = result.Error == "UserCancel" ? "The sign-in window was closed before authorization was completed." : result.Error;
            }
            else
            {
                var name = result.User.Identity.Name;
                Message = $"Hello {name}";
            }
        }
Beispiel #22
0
        public async Task <ClaimsPrincipal> SignIn()
        {
            // create a redirect URI using an available port on the loopback address.
            // requires the OP to allow random ports on 127.0.0.1 - otherwise set a static port
            var    browser     = new Browser(12345);
            string redirectUri = string.Format($"http://localhost:{browser.Port}/");

            var options = new OidcClientOptions
            {
                Authority    = System.Configuration.ConfigurationManager.AppSettings["SSO"],
                ClientId     = System.Configuration.ConfigurationManager.AppSettings["SSO.Client"],
                ClientSecret = System.Configuration.ConfigurationManager.AppSettings["SSO.Secret"],
                RedirectUri  = redirectUri,
                Scope        = "openid profile",
                FilterClaims = false,
                Browser      = browser
            };

            _oidcClient = new OidcClient(options);
            var result = await _oidcClient.LoginAsync(new LoginRequest());

            if (result.IsError)
            {
                Console.WriteLine("\n\nError:\n{0}", result.Error);
                return(null);
            }

            return(result.User);
        }
        public static ValueTask <LoginResult> Signin(String authority)
        {
            SystemBrowser browser     = new SystemBrowser(5002);
            String        redirectUri = $"http://127.0.0.1:{browser.Port}";

            OidcClientOptions options = new OidcClientOptions
            {
                Authority    = authority,
                ClientId     = "Shell.Windows",
                RedirectUri  = redirectUri,
                Scope        = "openid profile email",
                FilterClaims = false,

                Browser = browser,
                IdentityTokenValidator       = new JwtHandlerIdentityTokenValidator(),
                RefreshTokenInnerHttpHandler = new HttpClientHandler(),
            };

            options.LoggerFactory.AddSerilog(
                new LoggerConfiguration()
                .MinimumLevel.Debug()
                .Enrich.FromLogContext()
                .WriteTo.Console(
                    outputTemplate: "[{Timestamp:HH:mm:ss} {Level}] {SourceContext}{NewLine}{Message}{NewLine}{Exception}{NewLine}",
                    theme: AnsiConsoleTheme.Code
                    )
                .CreateLogger()
                );

            return(new ValueTask <LoginResult>(new OidcClient(options).LoginAsync()));
        }
Beispiel #24
0
        /// <summary>
        /// The entry point of the application
        /// </summary>
        /// <param name="args">The CLI arguments</param>
        public static async Task Main(string[] args)
        {
            var network = new NetworkService();

            var browser     = new SystemBrowser(network.GetNextAvailablePort());
            var redirectUri = $"http://127.0.0.1:{browser.Port}";

            var options = new OidcClientOptions
            {
                Authority    = "https://localhost:11009",
                ClientId     = "native",
                RedirectUri  = redirectUri,
                Browser      = browser,
                Scope        = "openid profile email",
                FilterClaims = false
            };

            var client = new OidcClient(options);

            var result = await client.LoginAsync(new LoginRequest
            {
                BrowserTimeout     = (int)TimeSpan.FromMinutes(5).TotalSeconds,
                BrowserDisplayMode = DisplayMode.Visible
            });

            if (result.IsError)
            {
                Console.WriteLine($"Error while logging in {result.Error}");
                return;
            }

            Console.WriteLine($"Got token {result.AccessToken}");

            Console.WriteLine("Hello World!");
        }
Beispiel #25
0
        private static async Task SignIn()
        {
            // create a redirect URI using an available port on the loopback address.
            string redirectUri = string.Format("http://127.0.0.1:7890/");

            var options = new OidcClientOptions
            {
                Authority    = Constants.Authority,
                ClientId     = "console.hybrid.pkce",
                RedirectUri  = redirectUri,
                Scope        = "openid profile api1",
                FilterClaims = false,
                Browser      = new SystemBrowser(port: 7890)
            };

            var serilog = new LoggerConfiguration()
                          .MinimumLevel.Error()
                          .Enrich.FromLogContext()
                          .WriteTo.LiterateConsole(outputTemplate: "[{Timestamp:HH:mm:ss} {Level}] {SourceContext}{NewLine}{Message}{NewLine}{Exception}{NewLine}")
                          .CreateLogger();

            options.LoggerFactory.AddSerilog(serilog);

            _oidcClient = new OidcClient(options);
            var result = await _oidcClient.LoginAsync();

            ShowResult(result);
            await NextSteps(result);
        }
Beispiel #26
0
        private static async Task SignIn()
        {
            // create a redirect URI using an available port on the loopback address.
            // requires the OP to allow random ports on 127.0.0.1 - otherwise set a static port
            var    browser     = new SystemBrowser();
            string redirectUri = string.Format($"http://127.0.0.1:{browser.Port}");



            var options = new OidcClientOptions
            {
                Authority    = Authority,
                ClientId     = ClientId,
                RedirectUri  = redirectUri,
                Scope        = $"openid profile {Scope}",
                FilterClaims = false,
                Browser      = browser,
                Flow         = OidcClientOptions.AuthenticationFlow.AuthorizationCode,
                ResponseMode = OidcClientOptions.AuthorizeResponseMode.Redirect,
            };

            _oidcClient = new OidcClient(options);
            var result = await _oidcClient.LoginAsync(extraParameters : new { acr_values = $"tenant:{Tenant}" });

            ShowResult(result);
            await NextSteps(result);
        }
        public void Missing_default_parameters_can_be_set_by_extra_parameters()
        {
            var options = new OidcClientOptions
            {
                ResponseMode = OidcClientOptions.AuthorizeResponseMode.FormPost,
                Flow         = OidcClientOptions.AuthenticationFlow.Hybrid
            };

            var extra = new Dictionary <string, string>
            {
                { "client_id", "client_id2" },
                { "scope", "openid extra" },
                { "redirect_uri", "http://redirect2" }
            };

            var client     = new AuthorizeClient(options);
            var parameters = client.CreateAuthorizeParameters("state", "nonce", "code_challenge", extra);

            parameters.Should().Contain("client_id", "client_id2");
            parameters.Should().Contain("scope", "openid extra");
            parameters.Should().Contain("redirect_uri", "http://redirect2");

            parameters.Should().Contain("response_type", "code id_token");
            parameters.Should().Contain("response_mode", "form_post");

            parameters.Should().Contain("state", "state");
            parameters.Should().Contain("nonce", "nonce");
            parameters.Should().Contain("code_challenge", "code_challenge");
        }
        public void Default_parameters_should_be_used_for_authorize_request()
        {
            var options = new OidcClientOptions
            {
                ClientId    = "client_id",
                Scope       = "openid",
                RedirectUri = "http://redirect",

                ResponseMode = OidcClientOptions.AuthorizeResponseMode.FormPost,
                Flow         = OidcClientOptions.AuthenticationFlow.Hybrid
            };

            var client     = new AuthorizeClient(options);
            var parameters = client.CreateAuthorizeParameters("state", "nonce", "code_challenge", null);

            parameters.Should().Contain("client_id", "client_id");
            parameters.Should().Contain("scope", "openid");
            parameters.Should().Contain("redirect_uri", "http://redirect");

            parameters.Should().Contain("response_type", "code id_token");
            parameters.Should().Contain("response_mode", "form_post");

            parameters.Should().Contain("state", "state");
            parameters.Should().Contain("nonce", "nonce");
            parameters.Should().Contain("code_challenge", "code_challenge");
        }
Beispiel #29
0
        async void OnLoginButtonClicked(object sender, EventArgs e)
        {
            var options = new OidcClientOptions
            {
                Authority    = Constants.AuthorityUri,
                ClientId     = Constants.ClientId,
                Scope        = Constants.Scope,
                RedirectUri  = Constants.RedirectUri,
                ResponseMode = OidcClientOptions.AuthorizeResponseMode.Redirect
            };

            var oidcClient = new OidcClient(options);
            var state      = await oidcClient.PrepareLoginAsync();

            var response = await DependencyService.Get <INativeBrowser>().LaunchBrowserAsync(state.StartUrl);

            // HACK: Replace the RedirectURI, purely for UWP, with the current application callback URI.
            state.RedirectUri = Constants.RedirectUri;
            var result = await oidcClient.ProcessResponseAsync(response, state);

            if (result.IsError)
            {
                Debug.WriteLine("\tERROR: {0}", result.Error);
                return;
            }

            _accessToken = result.AccessToken;
        }
Beispiel #30
0
        private void InitializeBrowserLogin()
        {
            var browser = DependencyService.Get <IBrowser>();
            //var browser = new ChromeCustomTabsBrowser();

            var options = new OidcClientOptions
            {
                //Authority = "https://monthas.northeurope.cloudapp.azure.com",
                Authority = "https://monthasbjridserver.azurewebsites.net",
                ClientId  = "xamarin",
                //ClientSecret = "49C1A7E1-0C79-4A89-A3D6-A37998FB86B0".ToSha256(),
                //Scope = "openid profile email api offline_access",
                Scope       = "openid profile",
                RedirectUri = "xamarinformsclients://callback",
                //RedirectUri = "http://monthas.northeurope.cloudapp.azure.com/xamarinformsclients://callback",
                Browser = browser,



                BackchannelHandler = new HttpClientHandler()
                {
                    ServerCertificateCustomValidationCallback = (message, certificate, chain, sslPolicyErrors) => true
                },
                //Policy = new Policy()
                //{
                //    Discovery = new DiscoveryPolicy() { RequireHttps = false }
                //},
                ResponseMode = OidcClientOptions.AuthorizeResponseMode.Redirect
            };

            _client = new OidcClient(options);

            _apiClient.Value.BaseAddress = new Uri("https://monthasbjridserver.azurewebsites.net/");
            //_apiClient.Value.BaseAddress = new Uri("https://monthas.northeurope.cloudapp.azure.com/");
        }
        public SampleForm()
        {
            InitializeComponent();

            var authority = "https://demo.identityserver.io";

            var options = new OidcClientOptions(
                authority, 
                "native", 
                "secret", 
                "openid email api offline_access",
                "http://localhost/winforms.client", 
                new WinFormsWebView());
            options.UseFormPost = true;

            _oidcClient = new OidcClient(options);
        }
        private async void LoginButton_Click(object sender, RoutedEventArgs e)
        {
            var authority = "https://demo.identityserver.io";
            var webView = new UwpWebView(enableWindowsAuthentication: false);

            var options = new OidcClientOptions(
                authority:    authority,
                clientId:     "native",
                clientSecret: "secret",
                scope:        "openid profile api offline_access",
                redirectUri:  WebAuthenticationBroker.GetCurrentApplicationCallbackUri().AbsoluteUri,
                webView:      webView);

            var client = new OidcClient(options);
            var result = await client.LoginAsync();

            if (!string.IsNullOrEmpty(result.Error))
            {
                ResultTextBox.Text = result.Error;
                return;
            }

            var sb = new StringBuilder(128);

            foreach (var claim in result.Claims)
            {
                sb.AppendLine($"{claim.Type}: {claim.Value}");
            }

            sb.AppendLine($"refresh token: {result.RefreshToken}");
            sb.AppendLine($"access token: {result.AccessToken}");
            
            ResultTextBox.Text = sb.ToString();

            _client = new HttpClient(result.Handler);
            _client.BaseAddress = new Uri("https://demo.identityserver.io/api/");
        }