public void CanGetOAuthToken()
{
var terminalDO = CreateAndAddTerminalDO();
using (var uow = ObjectFactory.GetInstance <IUnitOfWork>())
{
var activityTemplateDO = new ActivityTemplateDO("test_name", "test_label", "1", "test_description", terminalDO.Id);
uow.ActivityTemplateRepository.Add(activityTemplateDO);
uow.SaveChanges();
}
var externalAuthenticationDTO = new ExternalAuthenticationDTO()
{
RequestQueryString = "?id"
};
var result = _authorization.GetOAuthToken(terminalDO, externalAuthenticationDTO);
//Assert
Mock <IRestfulServiceClient> restClientMock = Mock.Get(ObjectFactory.GetInstance <IRestfulServiceClient>());
//verify that the post call is made
restClientMock.Verify(
client => client.PostAsync <ExternalAuthenticationDTO>(new Uri(terminalDO.Endpoint + "/authentication/token"),
externalAuthenticationDTO, It.IsAny <string>(), It.IsAny <Dictionary <string, string> >()), Times.Exactly(1));
restClientMock.VerifyAll();
}
public async Task <AuthorizationTokenDTO> GenerateOAuthToken(ExternalAuthenticationDTO externalAuthDTO)
{
try
{
var query = HttpUtility.ParseQueryString(externalAuthDTO.RequestQueryString);
string code = query["code"];
string state = query["state"];
if (string.IsNullOrEmpty(code) || string.IsNullOrEmpty(state))
{
throw new ApplicationException("Code or State is empty.");
}
var oauthToken = _googleIntegration.GetToken(code);
var email = await _googleIntegration.GetExternalUserId(oauthToken);
return(new AuthorizationTokenDTO()
{
Token = JsonConvert.SerializeObject(oauthToken),
ExternalStateToken = state,
ExternalAccountId = email
});
}
catch (Exception ex)
{
await _loggerService.ReportTerminalError(ex, externalAuthDTO.Fr8UserId);
return(new AuthorizationTokenDTO()
{
Error = "An error occurred while trying to authorize, please try again later."
});
}
}
public async Task <AuthorizationTokenDTO> GenerateOAuthToken(ExternalAuthenticationDTO externalAuthDTO)
{
try
{
var query = HttpUtility.ParseQueryString(externalAuthDTO.RequestQueryString);
var oAuthToken = query["oauth_token"];
var oAuthVerifier = query["oauth_verifier"];
var realmId = query["realmId"];
var state = query["state"];
var dataSource = query["dataSource"];
if (string.IsNullOrEmpty(oAuthToken) ||
string.IsNullOrEmpty(oAuthVerifier) ||
string.IsNullOrEmpty(realmId) ||
string.IsNullOrEmpty(dataSource))
{
throw new ApplicationException("OAuth Token or OAuth Verifier or Realm ID or Data Source is empty.");
}
var authToken = await _authenticator.GetAuthToken(oAuthToken, oAuthVerifier, realmId, state);
return(authToken);
}
catch (Exception ex)
{
await _loggerService.ReportTerminalError(ex, externalAuthDTO.Fr8UserId);
return(new AuthorizationTokenDTO()
{
Error = "An error occurred while trying to authorize, please try again later."
});
}
}
public async Task <AuthorizationTokenDTO> Authenticate(ExternalAuthenticationDTO externalAuthDTO)
{
string code = GetTokenValueByKey(externalAuthDTO.RequestQueryString, "code");
string state = GetTokenValueByKey(externalAuthDTO.RequestQueryString, "state");
OAuth2Response response = await GetAuthToken(code);
if (response == null)
{
throw new ArgumentNullException("Unable to get authentication token in dropbox.");
}
string externalId = "";
using (var dbx = new DropboxClient(response.AccessToken))
{
externalId = (await dbx.Users.GetCurrentAccountAsync()).Email;
}
return(new AuthorizationTokenDTO()
{
Token = response.AccessToken,
ExternalStateToken = state,
ExternalAccountId = externalId
});
}
public async Task <ActionResult> ProcessSuccessfulOAuthResponse(
string terminalName,
string terminalVersion)
{
if (string.IsNullOrEmpty(terminalName) || string.IsNullOrEmpty(terminalVersion))
{
throw new ApplicationException("TerminalName or TerminalVersion is not specified.");
}
var requestQueryString = Request.Url.Query;
if (!string.IsNullOrEmpty(requestQueryString) && requestQueryString[0] == '?')
{
requestQueryString = requestQueryString.Substring(1);
}
TerminalDO terminal;
using (var uow = ObjectFactory.GetInstance <IUnitOfWork>())
{
terminal = uow.TerminalRepository
.FindOne(x => x.Name == terminalName && x.Version == terminalVersion);
if (terminal == null)
{
throw new ApplicationException("Could not find terminal.");
}
}
var externalAuthenticationDTO = new ExternalAuthenticationDTO()
{
RequestQueryString = requestQueryString
};
var error = await _authorization.GetOAuthToken(terminal, externalAuthenticationDTO);
if (string.IsNullOrEmpty(error))
{
return(View());
}
else
{
return(View("Error", new AuthenticationErrorVM()
{
Error = error
}));
}
}
public async Task <AuthorizationTokenDTO> GenerateOAuthToken(ExternalAuthenticationDTO externalAuthDTO)
{
try
{
return(await _authentication.Authenticate(externalAuthDTO));
}
catch (Exception ex)
{
await _loggerService.ReportTerminalError(ex, externalAuthDTO.Fr8UserId);
return(await Task.FromResult(
new AuthorizationTokenDTO()
{
Error = "An error occurred while trying to authorize, please try again later."
}
));
}
}
/// <summary>
/// Performs OAuth authentication after receiving verification code from Basecamp. Additionaly performs a check of whether use has access to Basecamp2 projects
/// </summary>
public async Task <AuthorizationTokenDTO> AuthenticateAsync(ExternalAuthenticationDTO externalState)
{
try
{
var query = HttpUtility.ParseQueryString(externalState.RequestQueryString);
var code = query["code"];
var state = query["state"];
var url = $"{_tokenUrl}?type=web_server&client_id={_clientId}&redirect_uri={HttpUtility.UrlEncode(_redirectUrl)}&client_secret={_clientSecret}&code={code}";
var response = await _restfulServiceClient.PostAsync <OAuthResponse>(new Uri(url)).ConfigureAwait(false);
var basecampAuthorizationDTO = new BasecampAuthorizationToken
{
AccessToken = response.AccessToken,
RefreshToken = response.RefreshToken,
};
//Retrieving info about username and project
var userInfo = await GetCurrentUserInfo(basecampAuthorizationDTO).ConfigureAwait(false);
if (userInfo.Accounts.TrueForAll(x => x.Product != Basecamp2Product))
{
Logger.GetLogger().Error($"Authorized user doesn't have access to Basecamp2. Fr8 User Id - {externalState.Fr8UserId}");
return(new AuthorizationTokenDTO {
Error = "We couldn't authorize you as your account doesn't have access to Basecamp2 product"
});
}
basecampAuthorizationDTO.ExpiresAt = userInfo.ExpiresAt;
return(new AuthorizationTokenDTO
{
ExternalAccountId = userInfo.Identity.Id.ToString(),
ExternalAccountName = userInfo.Identity.DisplayName,
ExternalStateToken = state,
ExpiresAt = basecampAuthorizationDTO.ExpiresAt,
Token = JsonConvert.SerializeObject(basecampAuthorizationDTO)
});
}
catch (Exception ex)
{
Logger.GetLogger().Error($"Failed to authorize with Basecamp. Fr8 User Id - {externalState.Fr8UserId}, Details - {ex}");
return(new AuthorizationTokenDTO {
Error = "An error occured while trying to authorize you. Please try again later"
});
}
}
public AuthorizationTokenDTO Authenticate(ExternalAuthenticationDTO externalAuthDTO)
{
var query = HttpUtility.ParseQueryString(externalAuthDTO.RequestQueryString);
//Code will be access code returned by the Salesforce after the user authenticates app
string code = query["code"];
//State is be value passed by us to salesforce and it's returned by the salesforce after the authentication
string state = query["state"];
AuthenticationClient authClient = (AuthenticationClient)Task.Run(() => GetAuthToken(code)).Result;
string username = "";
string externalAccountId = "";
var curUserInfo =
Task.Run(
() =>
new ForceClient(authClient.InstanceUrl, authClient.AccessToken, authClient.ApiVersion)
.UserInfo <object>(authClient.Id)).Result;
JToken propertyValue;
var jCurUserInfo = (JObject)curUserInfo;
if (jCurUserInfo.TryGetValue("display_name", out propertyValue))
{
username = propertyValue.Value <string>();
}
if (jCurUserInfo.TryGetValue("user_id", out propertyValue))
{
externalAccountId = propertyValue.Value <string>();
}
return(new AuthorizationTokenDTO()
{
Token = JsonConvert.SerializeObject(new { AccessToken = authClient.AccessToken, RefreshToken = authClient.RefreshToken }),
ExternalAccountId = externalAccountId,
ExternalAccountName = username,
ExternalStateToken = state,
AdditionalAttributes = $"instance_url={authClient.InstanceUrl};api_version={authClient.ApiVersion}"
});
}
public async Task <AuthorizationTokenDTO> GenerateOAuthToken(ExternalAuthenticationDTO externalAuthDTO)
{
try
{
var query = HttpUtility.ParseQueryString(externalAuthDTO.RequestQueryString);
string code = query["code"];
string state = query["state"];
if (string.IsNullOrEmpty(code) || string.IsNullOrEmpty(state))
{
throw new ApplicationException("Code or State is empty.");
}
var oauthTokenData = await _asanaOAuth.GetOAuthTokenDataAsync(code);
var userInfo = oauthTokenData.Value <JObject>("data");
var secondsToExpiration = oauthTokenData.Value <int>("expires_in");
var expirationDate = _asanaOAuth.CalculateExpirationTime(secondsToExpiration);
return(new AuthorizationTokenDTO
{
Token = oauthTokenData.ToString(),
ExternalAccountId = userInfo.Value <string>("id"),
ExternalAccountName = userInfo.Value <string>("name"),
ExternalStateToken = state,
ExpiresAt = expirationDate,
AdditionalAttributes = expirationDate.ToString("O")
});
}
catch (Exception ex)
{
await _loggerService.ReportTerminalError(ex, externalAuthDTO.Fr8UserId);
return(new AuthorizationTokenDTO()
{
Error = "An error occurred while trying to authorize, please try again later."
});
}
}
public async Task <AuthorizationTokenDTO> GenerateOAuthToken(ExternalAuthenticationDTO externalAuthDTO)
{
try
{
string code;
string state;
ParseCodeAndState(externalAuthDTO.RequestQueryString, out code, out state);
if (string.IsNullOrEmpty(code) || string.IsNullOrEmpty(state))
{
throw new ApplicationException("Code or State is empty.");
}
var oauthToken = await _slackIntegration.GetOAuthToken(code);
var userInfo = await _slackIntegration.GetUserInfo(oauthToken);
return(new AuthorizationTokenDTO
{
Token = oauthToken,
ExternalAccountId = userInfo.UserId,
ExternalAccountName = userInfo.UserName,
ExternalDomainId = userInfo.TeamId,
ExternalDomainName = userInfo.TeamName,
ExternalStateToken = state,
});
}
catch (Exception ex)
{
await _loggerService.ReportTerminalError(ex, externalAuthDTO.Fr8UserId);
return(new AuthorizationTokenDTO()
{
Error = "An error occurred while trying to authorize, please try again later."
});
}
}
public async Task <AuthorizationTokenDTO> GenerateOAuthToken(
ExternalAuthenticationDTO externalAuthDTO)
{
try
{
return(_authentication.Authenticate(externalAuthDTO));
}
catch (Exception ex)
{
//The event reporting mechanism does not give the actual error message and it has been commented out in the BaseTerminal#ReportTerminalError
//Logging explicitly to log4net to see the logs in the App Insights.
//Logger.GetLogger().Error("Terminal SalesForce Authentication error happened. The error message is " + ex.Message);
Logger.GetLogger().Error($"Terminal SalesForce Authentication error happened. Fr8UserId = {externalAuthDTO.Fr8UserId} The error message is {ex.Message} ");
//Report the terminal error in the standard Fr8 Event Reporting mechanism
await _loggerService.ReportTerminalError(ex, externalAuthDTO.Fr8UserId);
return(new AuthorizationTokenDTO
{
Error = string.Format("An error occured ({0}) while trying to authenticate, please try again later.", ex.Message)
});
}
}
public async Task <AuthorizationTokenDTO> GenerateOAuthToken(ExternalAuthenticationDTO externalAuthDTO)
{
return(await _basecampApiClient.AuthenticateAsync(externalAuthDTO));
}
public async Task <AuthenticateResponse> GetOAuthToken(TerminalDO terminal, ExternalAuthenticationDTO externalAuthDTO)
{
var hasAuthentication = _activityTemplate.GetQuery().Any(x => x.Terminal.Id == terminal.Id);
if (!hasAuthentication)
{
throw new WrongAuthenticationTypeException();
}
var restClient = ObjectFactory.GetInstance <IRestfulServiceClient>();
var response = await restClient.PostAsync(
new Uri(terminal.Endpoint + "/authentication/token"),
externalAuthDTO, null, _terminalService.GetRequestHeaders(terminal, null));
var authTokenDTO = JsonConvert.DeserializeObject <AuthorizationTokenDTO>(response);
if (!string.IsNullOrEmpty(authTokenDTO.Error))
{
return(new AuthenticateResponse
{
Error = authTokenDTO.Error
});
}
using (var uow = ObjectFactory.GetInstance <IUnitOfWork>())
{
var authTokenByExternalState = uow.AuthorizationTokenRepository
.FindTokenByExternalState(authTokenDTO.ExternalStateToken, terminal.Id);
if (authTokenByExternalState == null)
{
throw new MissingObjectException($"Authorization token with external state '{authTokenDTO.ExternalStateToken}' doesn't exist");
}
var authTokenByExternalAccountId = uow.AuthorizationTokenRepository
.FindTokenByExternalAccount(
authTokenDTO.ExternalAccountId,
terminal.Id,
authTokenByExternalState.UserID);
if (authTokenByExternalAccountId != null)
{
authTokenByExternalAccountId.Token = authTokenDTO.Token;
authTokenByExternalState.ExternalAccountId = authTokenDTO.ExternalAccountId;
authTokenByExternalState.ExternalAccountName = string.IsNullOrEmpty(authTokenDTO.ExternalAccountName) ? authTokenDTO.ExternalAccountId : authTokenDTO.ExternalAccountName;
authTokenByExternalState.ExternalDomainId = authTokenDTO.ExternalDomainId;
authTokenByExternalState.ExternalDomainName = string.IsNullOrEmpty(authTokenDTO.ExternalDomainName) ? authTokenDTO.ExternalDomainId : authTokenDTO.ExternalDomainName;
authTokenByExternalAccountId.ExternalStateToken = null;
authTokenByExternalState.AdditionalAttributes = authTokenDTO.AdditionalAttributes;
authTokenByExternalState.ExpiresAt = authTokenDTO.ExpiresAt;
if (authTokenByExternalState != null)
{
uow.AuthorizationTokenRepository.Remove(authTokenByExternalState);
}
EventManager.AuthTokenCreated(authTokenByExternalAccountId);
}
else
{
authTokenByExternalState.Token = authTokenDTO.Token;
authTokenByExternalState.ExternalAccountId = authTokenDTO.ExternalAccountId;
authTokenByExternalState.ExternalAccountName = string.IsNullOrEmpty(authTokenDTO.ExternalAccountName) ? authTokenDTO.ExternalAccountId : authTokenDTO.ExternalAccountName;
authTokenByExternalState.ExternalDomainId = authTokenDTO.ExternalDomainId;
authTokenByExternalState.ExternalDomainName = string.IsNullOrEmpty(authTokenDTO.ExternalDomainName) ? authTokenDTO.ExternalDomainId : authTokenDTO.ExternalDomainName;
authTokenByExternalState.ExternalStateToken = null;
authTokenByExternalState.AdditionalAttributes = authTokenDTO.AdditionalAttributes;
authTokenByExternalState.ExpiresAt = authTokenDTO.ExpiresAt;
EventManager.AuthTokenCreated(authTokenByExternalState);
}
uow.SaveChanges();
return(new AuthenticateResponse
{
AuthorizationToken = Mapper.Map <AuthorizationTokenDTO>(authTokenByExternalAccountId ?? authTokenByExternalState),
Error = null
});
}
}
public async Task <ActionResult> ProcessSuccessfulOAuthResponse(
string terminalName,
string terminalVersion,
string state = null)
{
//Here state is optional and is designed to pass auth token external state (to identify token in database) in case 3rd party service doesn't return unknown parameters contained in URL back
if (string.IsNullOrEmpty(terminalName) || string.IsNullOrEmpty(terminalVersion))
{
throw new ApplicationException("TerminalName or TerminalVersion is not specified.");
}
var requestQueryString = Request.Url.Query;
if (!string.IsNullOrEmpty(requestQueryString) && requestQueryString[0] == '?')
{
requestQueryString = requestQueryString.Substring(1);
var queryDictionary = System.Web.HttpUtility.ParseQueryString(requestQueryString);
if (queryDictionary["error"] != null && queryDictionary["error"] == "access_denied")
{
//user has denied access for our app, so close the window
dynamic model = new ExpandoObject();
model.AuthorizationTokenId = string.Empty;
model.TerminalId = 0;
model.TerminalName = string.Empty;
return(View(model));
}
if (!string.IsNullOrEmpty(state) && queryDictionary["state"] == null)
{
requestQueryString = $"{requestQueryString}&state={state}";
}
}
TerminalDO terminal = _terminal.GetAll().FirstOrDefault(x => x.Name == terminalName && x.Version == terminalVersion);
if (terminal == null)
{
throw new ApplicationException("Could not find terminal.");
}
string userId = null;
// It is unlikely that ASP cookies/headers/other stuff that is used to track current session will be send within auth callback from external service
// We need a smarter approach
/*using (var uow = ObjectFactory.GetInstance<IUnitOfWork>())
* {
* userId = _security.GetCurrentAccount(uow).Id;
* }*/
var externalAuthenticationDTO = new ExternalAuthenticationDTO()
{
RequestQueryString = requestQueryString,
Fr8UserId = userId
};
var response = await _authorization.GetOAuthToken(terminal, externalAuthenticationDTO);
if (string.IsNullOrEmpty(response.Error))
{
dynamic model = new ExpandoObject();
model.AuthorizationTokenId = response.AuthorizationToken.Id;
model.TerminalId = response.AuthorizationToken.TerminalID;
model.TerminalName = terminal.Name;
if (response.AuthorizationToken.ExternalAccountId == "*****@*****.**")
{
EventManager.TerminalAuthenticationCompleted(response.AuthorizationToken.UserId, terminal, response.AuthorizationToken);
}
return(View(model));
}
else
{
EventManager.OAuthAuthenticationFailed(requestQueryString, response.Error);
return(View("Error", new AuthenticationErrorVM()
{
Error = response.Error
}));
}
}
public async Task <AuthorizationTokenDTO> GenerateOAuthToken(
ExternalAuthenticationDTO externalAuthDTO)
{
try
{
var query = HttpUtility.ParseQueryString(externalAuthDTO.RequestQueryString);
string code = query["code"];
string state = query["state"];
string accessUrl = "https://api.box.com/oauth2/token";
string url = accessUrl;
string payload = $"grant_type=authorization_code&code={HttpUtility.UrlEncode(code)}" +
$"&client_id={HttpUtility.UrlEncode(BoxHelpers.ClientId)}&" +
$"&client_secret={HttpUtility.UrlEncode(BoxHelpers.Secret)}" +
$"&redirect_uri={HttpUtility.UrlEncode(BoxHelpers.RedirectUri)}";
var httpClient = new HttpClient(new HttpClientHandler
{
AutomaticDecompression = DecompressionMethods.GZip | DecompressionMethods.Deflate
})
{
BaseAddress = new Uri(url)
};
httpClient.DefaultRequestHeaders.Accept.Add(new System.Net.Http.Headers.MediaTypeWithQualityHeaderValue("application/json"));
httpClient.DefaultRequestHeaders.Add("User-Agent", "oauth2-draft-v10");
HttpRequestMessage request = new HttpRequestMessage(HttpMethod.Post, accessUrl);
request.Content = new StringContent(payload, Encoding.UTF8,
"application/x-www-form-urlencoded");
var result = await httpClient.SendAsync(request);
var response = await result.Content.ReadAsStringAsync();
var jsonObj = JsonConvert.DeserializeObject <JObject>(response);
var token = new BoxAuthTokenDO(
jsonObj.Value <string>("access_token"),
jsonObj.Value <string>("refresh_token"),
DateTime.UtcNow.AddSeconds(jsonObj.Value <int>("expires_in"))
);
var userId = await new BoxService(token).GetCurrentUserLogin();
return(new AuthorizationTokenDTO()
{
Token = JsonConvert.SerializeObject(token),
ExternalStateToken = state,
ExternalAccountId = userId
});
}
catch (Exception ex)
{
await _loggerService.ReportTerminalError(ex);
Logger.GetLogger().Error(ex.Message);
return(await Task.FromResult(
new AuthorizationTokenDTO()
{
Error = "An error occurred while trying to authorize, please try again later."
}
));
}
}
