private static async Task <ClaimsPrincipal> GetOpenIdClaims(OpenIdToken token, OpenIdConnectConfiguration openIdConfig, string clientSecret)
{
using (var client = new HttpClient())
{
var content = new FormUrlEncodedContent(new[]
{
new KeyValuePair <string, string>("code", token.code),
new KeyValuePair <string, string>("client_id", token.clientId),
new KeyValuePair <string, string>("client_secret", clientSecret),
new KeyValuePair <string, string>("redirect_uri", token.redirectUri),
new KeyValuePair <string, string>("grant_type", "authorization_code"),
});
var result = await client.PostAsync(openIdConfig.TokenEndpoint, content);
var resultContent = await result.Content.ReadAsStringAsync();
var authenticationToken = GetAuthenticationToken(resultContent);
var jwtSigKey = CreateJwtSigKey(clientSecret);
var keys = new List <SecurityKey>(openIdConfig.SigningKeys)
{
jwtSigKey
};
return(TryGetClaims(keys, authenticationToken));
}
}
public async Task <AccessToken> Google([FromBody] OpenIdToken token)
{
var openIdConfig = await OpenIdConnectConfiguration("https://accounts.google.com");
var claims = await GetOpenIdClaims(token, openIdConfig, "IZU-xYB1tK7yb5aB44D2EoJP");
var idClaim = GetIdClaim(claims);
if (idClaim.Value == "100554319379838513055")
{
return(CreateAccessToken("google marwijn", new[] { "user", "admin" }));
}
return(null);
}
public async Task <AccessToken> Live([FromBody] OpenIdToken token)
{
var openIdConfig = await OpenIdConnectConfiguration("https://login.live.com");
var claims = await GetOpenIdClaims(token, openIdConfig, "ev5dkWRA3MrMnqJdXwm7KxC");
var idClaim = GetIdClaim(claims);
if (idClaim.Value == "AAAAAAAAAAAAAAAAAAAAAMzUub7tQTCHc4vPncZqxLo")
{
return(CreateAccessToken("hotmail marwijn", new[] { "user" }));
}
return(null);
}