public static bool TryReadAuthorization(
            this MessageReceivedContext context,
            OpenIdConnectOptions options,
            TetraPakAuthConfig authConfig,
            ILogger logger,
            out string authorization)
        {
            authorization = context.Request.Headers[authConfig.AuthorizationHeader];
            var isTokenAvailable = !string.IsNullOrWhiteSpace(authorization);
            var isJwtToken       = authorization.TryParseToJwtSecurityToken(out var jwt);

            if (!logger.IsEnabled(LogLevel.Debug))
            {
                return(isTokenAvailable);
            }

            logger.Debug($"Received message: {context.Request.Path.Value}");
            if (!isTokenAvailable)
            {
                logger.Debug($"No authorization found");
                return(false);
            }

            if (isJwtToken)
            {
                logger.Debug($"Received JWT: \n{jwt.ToDebugString()}");
                logger.Debug($"Environment: {authConfig.Environment}");
                logger.Debug($"Discovery document URL: {options.MetadataAddress}");
                return(true);
            }

            logger.Debug($"Received token: \n{authorization}");
            return(true);
        }
Beispiel #2
0
        public static async Task <Outcome <TokenRefreshResponse> > RefreshTokenAsync(
            this TetraPakAuthConfig authConfig,
            string refreshToken,
            ILogger logger)
        {
            var body    = makeRefreshTokenBody(refreshToken, authConfig.IsPkceUsed ? authConfig.ClientId : null);
            var uri     = authConfig.TokenIssuerUrl;
            var request = (HttpWebRequest)WebRequest.Create(uri);

            request.Method      = "POST";
            request.ContentType = "application/x-www-form-urlencoded";
            request.Accept      = "Accept=text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8";
            var bodyData = Encoding.ASCII.GetBytes(body);

            request.ContentLength = bodyData.Length;
            var stream = request.GetRequestStream();
            await stream.WriteAsync(bodyData.AsMemory(0, bodyData.Length));

            stream.Close();

            try
            {
                var response = await request.GetResponseAsync();

                stream = response.GetResponseStream()
                         ?? throw new Exception("Unexpected error: No response when requesting token.");

                using var r = new StreamReader(stream);
                var text = await r.ReadToEndAsync();

                logger.Debug(response as HttpWebResponse, text);
                return(await buildAuthResultAsync(text));
            }
            catch (Exception ex)
            {
                ex = new Exception($"Refresh token flow failed: {ex.Message}", ex);
                logger.Error(ex);
                return(Outcome <TokenRefreshResponse> .Fail(ex));
            }
        }
Beispiel #3
0
 public ConfiguredClientCredentialsProvider(TetraPakAuthConfig authConfig)
 {
     _authConfig = authConfig ?? throw new ArgumentNullException(nameof(authConfig));
 }