public async Task<ViewResult> Connect(CredentialsModel credentials)
{
_authenticationToken = AcquireOAuthAccessToken(credentials);
var userSessionToken = await AcquireUserSessionToken(_authenticationToken, new Uri(credentials.API));
return View("Widget", new WidgetModel(userSessionToken, credentials.FullCDNPath));
}
/// <summary>
/// Obtains an OAuth access token which can then be used to make authorized calls
/// to the Direct ID API.
/// </summary>
/// <remarks>
/// <para>The returned value is expected to be included in the authentication header
/// of subsequent API requests.</para>
/// <para>As the returned value authenticates the application, API calls made using
/// this value should only be made using server-side code.</para>
/// </remarks>
private static string AcquireOAuthAccessToken(CredentialsModel credentials)
{
TrimCredentialsModel(credentials);
var context = new Microsoft.IdentityModel.Clients.ActiveDirectory.AuthenticationContext(
credentials.Authority);
var accessToken = context.AcquireToken(
credentials.ResourceID,
new Microsoft.IdentityModel.Clients.ActiveDirectory.ClientCredential(
credentials.ClientID,
credentials.SecretKey));
if (accessToken == null)
{
throw new InvalidOperationException(
"Unable to acquire access token from resource: " + credentials.ResourceID +
". Please check your settings from Direct ID.");
}
return accessToken.AccessToken;
}
private static void TrimCredentialsModel(CredentialsModel credentials)
{
credentials.API = credentials.API.Trim();
credentials.Authority = credentials.Authority.Trim();
credentials.ClientID = credentials.ClientID.Trim();
credentials.ResourceID = credentials.ResourceID.Trim();
credentials.SecretKey = credentials.SecretKey.Trim();
credentials.FullCDNPath = credentials.FullCDNPath.Trim(new Char[] { ' ', '/' });
}