public AppServiceCertificateController() { model = new OAuthDataStore(); ascStore = new AppServiceCertificateStore(); string connectionString = "Server=VED2k12;Database=Secrets;Integrated Security = true"; string queryString = "SELECT * FROM SecretEntries"; using (SqlConnection connection = new SqlConnection(connectionString)) { connection.Open(); SqlCommand sqlCommand = new SqlCommand(queryString, connection); SqlDataReader reader = sqlCommand.ExecuteReader(); while (reader.Read()) { if (reader.GetString(0) == "apikey") { condorAPIKey = reader.GetString(1); } if (reader.GetString(0) == "url") { condorURL = reader.GetString(1); } } connection.Close(); } }
public UserProfileController() { model = new OAuthDataStore(); }
// // This method will be invoked as a call-back from an authentication service (e.g., https://login.microsoftonline.com/). // It is not intended to be called directly, only as a redirect from the authorization request in UserProfileController. // On completion, the method will cache the refresh token and access tokens, and redirect to the URL // specified in the state parameter. // public async Task <ActionResult> Index(string code, string error, string error_description, string resource, string state) { string userObjectID = ClaimsPrincipal.Current.FindFirst("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier").Value; // NOTE: In production, OAuth must be done over a secure HTTPS connection. if (Request.Url.Scheme != "https" && !Request.Url.IsLoopback) { return(View("Error")); } // Ensure there is a state value on the response. If there is none, stop OAuth processing and display an error. if (state == null) { ViewBag.ErrorMessage = "Error Generating State."; return(View("Error")); } // Handle errors from the OAuth response, if any. If there are errors, stop OAuth processing and display an error. if (error != null) { return(View("Error")); } string redirectUri = ValidateState(state, userObjectID); if (redirectUri == null) { ViewBag.ErrorMessage = "Error Validating State."; return(View("Error")); } // Redeem the authorization code from the response for an access token and refresh token. // When this code completes, the user is redirected back to /UserProfile so the UserProfileController.Index // method can then fetch the tokens and use them in subsequent calls. try { // Replace this with code to get the access tokens manually string dest = "https://login.microsoftonline.com/b3aa98fb-8679-40e4-a942-6047017aa1a4/oauth2/token"; HttpWebRequest req = (HttpWebRequest)WebRequest.Create(dest); req.Method = "POST"; req.ContentType = "application/x-www-form-urlencoded"; string postData = String.Format("grant_type=authorization_code&client_id={0}&code={1}&redirect_uri={2}&client_secret={3}&resource={4}", Startup.clientId, code, new Uri(Request.Url.GetLeftPart(UriPartial.Path)), Startup.appKey, resource); System.Text.ASCIIEncoding encoding = new System.Text.ASCIIEncoding(); byte[] bytes = encoding.GetBytes(postData); req.ContentLength = bytes.Length; Stream nStream = req.GetRequestStream(); nStream.Write(bytes, 0, bytes.Length); nStream.Close(); HttpWebResponse resp = (HttpWebResponse)req.GetResponse(); System.Runtime.Serialization.Json.DataContractJsonSerializer json = new System.Runtime.Serialization.Json.DataContractJsonSerializer(typeof(OAuthTokenResponse)); OAuthTokenResponse recvtoken = json.ReadObject(resp.GetResponseStream()) as OAuthTokenResponse; OAuthDataStore model = new OAuthDataStore(); string encodedState = Url.Encode(state); IEnumerable <OAuthTokenSet> query = from OAuthTokenSet in model.OAuthTokens where OAuthTokenSet.state == encodedState select OAuthTokenSet; OAuthTokenSet token = query.First(); token.accessToken = recvtoken.access_token; token.tokenType = recvtoken.token_type; token.refreshToken = recvtoken.refresh_token; token.userId = userObjectID; token.state = state; token.accessTokenExpiry = DateTime.Now.AddSeconds(Convert.ToDouble(recvtoken.expires_in)).ToUniversalTime().ToString(DateTimeFormatInfo.CurrentInfo.UniversalSortableDateTimePattern); try { model.SaveChanges(); } catch (Exception e) { throw; } return(Redirect(redirectUri)); } catch (Exception e) { return(Redirect("/UserProfile/Index?authError=token")); } }