public async Task <List <Claim> > RequestAndValidateTokenAsync(string code) { List <Claim> claims = null; // Request var response = await RequestTokenAsync(code); // Validate var tempAuthentication = new TempAuthentication(); var tempState = await tempAuthentication.GetTempStateAsync(); tempAuthentication.SignOut(); if (!string.IsNullOrWhiteSpace(response.IdentityToken)) { claims = ValidateToken(response.IdentityToken, tempState.Item2); if (!string.IsNullOrWhiteSpace(response.AccessToken)) { //claims.AddRange(await GetUserInfoClaimsAsync(response.AccessToken)); claims.Add(new Claim("access_token", response.AccessToken)); claims.Add(new Claim("expires_at", (DateTime.UtcNow.ToEpochTime() + response.ExpiresIn).ToDateTimeFromEpoch().ToString())); } if (!string.IsNullOrWhiteSpace(response.RefreshToken)) { claims.Add(new Claim("refresh_token", response.RefreshToken)); } } return(claims); }
public async Task <ActionResult> Index(string code, string state) { var tempAuthentiction = new TempAuthentication(); var tempState = await tempAuthentiction.GetTempStateAsync(); if (!state.Equals(tempState.Item1, StringComparison.Ordinal)) { return(new HttpStatusCodeResult(HttpStatusCode.BadRequest, "state invalid")); } var token = new Token(); var claims = await token.RequestAndValidateTokenAsync(code); var id = new ClaimsIdentity(claims, DefaultAuthenticationTypes.ApplicationCookie); Request.GetOwinContext().Authentication.SignIn(id); return(RedirectToAction("Index", "Home")); }