public string GetRequestTokenAuthorizeUrl(string userId)
{
var requestToken = GetRequestToken(_consumer);
requestToken.UserId = userId;
var existingToken = _requestTokenStore.Find(userId);
if (existingToken != null)
{
_requestTokenStore.Delete(requestToken);
}
_requestTokenStore.Add(requestToken);
return(GetAuthorizeUrl(requestToken));
}
public AccessToken New(TKey userId)
{
var now = DateTime.UtcNow;
var nowUntill = now.Add(_tokenAuthenticationOptions.ExpiresIn);
// Specifically add the jti (random nonce), iat (issued timestamp), and sub (subject/user) claims.
// You can add other claims here, if you want:
var claims = new[]
{
new Claim(JwtRegisteredClaimNames.Sub, userId.ToString()),
new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()),
new Claim(JwtRegisteredClaimNames.Iat, now.Ticks.ToString(), ClaimValueTypes.Integer64)
};
// Create the JWT and write it to a string
var jwt = new JwtSecurityToken(
issuer: _tokenAuthenticationOptions.Issuer,
audience: _tokenAuthenticationOptions.Audience,
claims: claims,
notBefore: now,
expires: nowUntill,
signingCredentials: _tokenAuthenticationOptions.SigningCredentials);
var encodedJwt = new JwtSecurityTokenHandler().WriteToken(jwt);
var accessToken = new AccessToken
{
Token = encodedJwt,
ExpiresOn = nowUntill
};
_tokenStore.Add(new Token <TKey, TUser>
{
Client = "Http Client",
ClientVersion = "n/a",
CreatedOn = DateTime.UtcNow,
Platform = "n/a",
PlatformVersion = "n/a",
UserId = userId,
ValidUntil = nowUntill,
Value = encodedJwt
});
return(accessToken);
}
private HttpWebRequest CreateRequest(string endPoint, string method, string accept = "application/json", string query = null)
{
var uri = new UriBuilder(_baseUri)
{
Path = endPoint,
};
if (!string.IsNullOrWhiteSpace(query))
{
uri.Query = query;
}
var request = (HttpWebRequest)WebRequest.Create(uri.Uri);
request.Timeout = defaultTimeout;
request.AutomaticDecompression = DecompressionMethods.GZip | DecompressionMethods.Deflate;
request.Accept = accept;
request.Method = method;
if (ModifiedSince.HasValue)
{
request.IfModifiedSince = ModifiedSince.Value;
}
// add OAuth2 headers
if (_auth != null)
{
//var oauthSignature = _auth.GetSignature(Consumer, User, request.RequestUri, method, Consumer);
//AddHeader("Authorization", oauthSignature);
//var clientId = ConfigurationManager.AppSettings["XeroClientId"];
//var secret = ConfigurationManager.AppSettings["XeroSecret"];
//_identityClient = new RestClient("https://identity.xero.com/");
//var userPass = Convert.ToBase64String(Encoding.UTF8.GetBytes($"{Consumer.ConsumerKey}:{Consumer.ConsumerSecret}"));
//AddHeader("authorization", "Basic {userPass}");
var token = _auth.GetToken(null, null);
if (token.HasExpired)
{
_xeroClient.AuthToken = token as XeroOAuthToken;
token = _xeroClient.RefreshToken();
_tokenStore.Add(token);
}
AddHeader("Authorization", $"Bearer {token.TokenKey}");
AddHeader("Xero-tenant-id", _auth.TenantId);
}
AddHeaders(request);
request.UserAgent = !string.IsNullOrWhiteSpace(UserAgent) ? UserAgent : "Xero Api wrapper - " + Consumer.ConsumerKey;
if (_rateLimiter != null)
{
_rateLimiter.WaitUntilLimit();
}
return(request);
}
