/// <summary>
/// Generate the forms auth cookie.
/// </summary>
/// <param name="name"></param>
/// <param name="userData"></param>
public void AuthSuccess(UserData userData )
{
//Create Form Authentication ticket
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(
1
, userData.username
, DateTime.Now
, DateTime.Now.AddHours(18)
, true
, Json.Serialize<UserData>(userData)
, FormsAuthentication.FormsCookiePath);
string hashCookies = FormsAuthentication.Encrypt(ticket);
HttpCookie userCookie = new HttpCookie(FormsAuthentication.FormsCookieName, hashCookies);
Response.Cookies.Add(userCookie);
}
protected void Page_Load(object sender, EventArgs e)
{
#region Twitter
//Twitter oAuth Start
if (Request["twitterauth"] != null && Request["twitterauth"] == "true")
{
oAuthTwitter oAuth = new oAuthTwitter();
oAuth.CallBackUrl = Request.Url.AbsoluteUri.Replace("twitterauth=true","twitterauth=false");
//Redirect the user to Twitter for authorization.
Response.Redirect(oAuth.AuthorizationLinkGet());
}
//Twitter Return
if (Request["twitterauth"] != null && Request["twitterauth"] == "false")
{
oAuthTwitter oAuth = new oAuthTwitter();
//Get the access token and secret.
oAuth.AccessTokenGet(Request["oauth_token"], Request["oauth_verifier"]);
if (oAuth.TokenSecret.Length > 0)
{
//STORE THESE TOKENS FOR LATER CALLS
//Subsequent calls can be made without the Twitter login screen.
//Move this code outside of this auth process if you already have the tokens.
//
//Example:
//oAuthTwitter oAuth = new oAuthTwitter();
//oAuth.Token = Session["token"];
//oAuth.TokenSecret = Session["token_secret"];
//Then make the following Twitter call.
//SAMPLE TWITTER API CALL
string url = "https://api.twitter.com/1.1/account/verify_credentials.json";
TwitterUser user = Json.Deserialise<TwitterUser>(oAuth.oAuthWebRequest(oAuthTwitter.Method.GET, url, String.Empty));
if (user.id.Length > 0)
{
UserData userData = new UserData();
userData.id = user.id;
userData.username = user.screen_name;
userData.name = user.name;
userData.serviceType = "twitter";
userData.imageUrl = user.profile_image_url;
AuthSuccess(userData);
}
//POST Test
//url = "https://api.twitter.com/1.1/statuses/update.json";
//xml = oAuth.oAuthWebRequest(oAuthTwitter.Method.POST, url, "status=" + oAuth.UrlEncode("Hello @swhitley - Testing the .NET oAuth API"));
Response.Clear();
Response.Write("<script>window.opener.location.reload();window.close();</script>");
}
}
#endregion
#region Google
//Google oAuth Start
if (Request["googleauth"] != null && Request["googleauth"] == "true")
{
string returl = Request.Url.AbsoluteUri.Replace("googleauth=true","googleauth=false");
string url = "https://accounts.google.com/o/oauth2/auth?client_id=" + System.Web.HttpUtility.UrlEncode(ConfigurationManager.AppSettings["google_clientid"].ToString()) + "&redirect_uri=" + System.Web.HttpUtility.UrlEncode(returl)
+ "&scope=" + HttpUtility.UrlEncode("https://www.googleapis.com/auth/userinfo#email") + "&response_type=code";
Response.Redirect(url);
}
//Google Return
if (Request["googleauth"] != null && Request["googleauth"] == "false")
{
string code = Request["code"];
string returl = Request.Url.AbsoluteUri.Substring(0, Request.Url.AbsoluteUri.IndexOf("&code="));
GoogleTokens tokens = GoogleAuth.GoogleTokensGet(code, null, returl);
//STORE THESE TOKENS FOR LATER CALLS
//tokens.access_token - tokens.refresh_token
//SAMPLE GOOGLE API CALL
//Set the access token in the header. It expires, so prepare to use the refresh token to get a new access token (not shown).
List<KeyValuePair<string, string>> headers = new List<KeyValuePair<string, string>>() { new KeyValuePair<string, string>("Authorization", "OAuth " + tokens.access_token) };
string url = "https://www.googleapis.com/userinfo/email?alt=json";
GoogleData user = Json.Deserialise<GoogleData>(AuthUtilities.WebRequest(AuthUtilities.Method.GET, url,"", headers));
if (user.data != null && user.data.email.Length > 0)
{
UserData userData = new UserData();
userData.username = user.data.email;
userData.serviceType = "google";
AuthSuccess(userData);
}
Response.Clear();
Response.Write("<script>window.opener.location.reload();window.close();</script>");
}
#endregion
#region Facebook
//Facebook Return
if (Request.Params["fbsr_" + ConfigurationManager.AppSettings["facebook_appid"].ToString()] != null && Request["facebookauth"] == "false")
{
string signed_request = Request["fbsr_" + ConfigurationManager.AppSettings["facebook_appid"]].ToString().Replace("\"", "");
//Parse the signed_request;
FacebookAuthRequest req = FacebookAuth.ParseSignedRequest(signed_request, ConfigurationManager.AppSettings["facebook_appsecret"]);
//Get the Access Token
string url = "https://graph.facebook.com/oauth/access_token?client_id=" + Server.UrlEncode(ConfigurationManager.AppSettings["facebook_appid"].ToString()) + "&redirect_uri=&client_secret=" + Server.UrlEncode(ConfigurationManager.AppSettings["facebook_appsecret"].ToString()) + "&code=" + Server.UrlEncode(req.code);
NameValueCollection ret = HttpUtility.ParseQueryString(AuthUtilities.WebRequest(AuthUtilities.Method.GET, url, ""));
string access_token = "";
foreach (string key in ret.Keys)
{
if (key == "access_token")
{
access_token = ret[key].ToString();
}
}
//STORE THIS TOKEN FOR LATER CALLS
//access_token
//SAMPLE FACEBOOK API CALL
url = "https://graph.facebook.com/me?access_token=%%access_token%%";
url = url.Replace("%%access_token%%", access_token);
FacebookMe fb_me = Json.Deserialise<FacebookMe>(AuthUtilities.WebRequest(AuthUtilities.Method.GET, url, ""));
//Validation -- uid and accesstoken reference same id.
if (req.user_id == fb_me.id)
{
if (fb_me.username.Length == 0)
{
fb_me.username = fb_me.name;
}
UserData userData = new UserData();
userData.id = fb_me.id;
userData.username = fb_me.username;
userData.serviceType = "facebook";
userData.name = fb_me.name;
AuthSuccess(userData);
}
Response.Clear();
Response.Write("<script>location.href = '../';</script>");
}
if (Request["facebookauth"] == "false" && !User.Identity.IsAuthenticated)
{
Response.Clear();
Response.Write("<script>location.href = '../';</script>");
}
#endregion
#region LinkedIn
//LinkedIn Return
if (Request.Cookies["linkedin_oauth_" + ConfigurationManager.AppSettings["linkedin_consumer_key"].ToString()] != null)
{
//Cookie Json object
LinkedIn_oAuth_Cookie cookie = Json.Deserialise<LinkedIn_oAuth_Cookie>(Server.UrlDecode(Request.Cookies["linkedin_oauth_" + ConfigurationManager.AppSettings["linkedin_consumer_key"].ToString()].Value));
//Verify the signature
oAuthLinkedIn oAuthLi = new oAuthLinkedIn();
string sigBase = cookie.access_token+cookie.member_id;
HMACSHA1 hmacsha1 = new HMACSHA1();
hmacsha1.Key = Encoding.ASCII.GetBytes(string.Format("{0}", oAuthLi.UrlEncode(ConfigurationManager.AppSettings["linkedin_consumer_secret"])));
string sig = oAuthLi.GenerateSignatureUsingHash(sigBase, hmacsha1);
//Retrieve the access token.
if (sig == cookie.signature)
{
string response = oAuthLi.oAuthWebRequest(oAuthLinkedIn.Method.POST, oAuthLi.ACCESS_TOKEN + "?xoauth_oauth2_access_token=" + oAuthLi.UrlEncode(cookie.access_token), "");
string[] tokens = response.Split('&');
string token = tokens[0].Split('=')[1];
string token_secret = tokens[1].Split('=')[1];
//STORE THESE TOKENS FOR LATER CALLS
oAuthLi.Token = token;
oAuthLi.TokenSecret = token_secret;
//SAMPLE LINKEDIN API CALL
string url = "http://api.linkedin.com/v1/people/id=%%id%%:("
+ "id"
+ ",first-name"
+ ",last-name"
+ ")";
url = url.Replace("%%id%%", cookie.member_id);
string xml = oAuthLi.oAuthWebRequest(oAuthLinkedIn.Method.GET, url, "");
XmlDocument xmlDoc = new XmlDocument();
xmlDoc.LoadXml(xml);
string id = "";
string name = "";
foreach (XmlElement person in xmlDoc.GetElementsByTagName("person"))
{
if (person["id"] != null)
{
id = person["id"].InnerText;
}
if (person["first-name"] != null)
{
name = person["first-name"].InnerText;
}
if (person["last-name"] != null)
{
if (name.Length > 0)
{
name += " ";
}
name += person["last-name"].InnerText;
}
}
if (id.Length > 0)
{
UserData userData = new UserData();
userData.id = id;
userData.username = name;
userData.name = name;
userData.serviceType = "linkedin";
AuthSuccess(userData);
}
Response.Clear();
Response.Write(Request["callback"].ToString() + "()");
}
}
#endregion
#region Auth.Net
//App.net oAuth Start
if (Request["appdotnetauth"] != null && Request["appdotnetauth"] == "true")
{
//TODO: Customize this list for your needs.
string scope = (
AppDotNetAuth.Scope.stream
| AppDotNetAuth.Scope.follow
| AppDotNetAuth.Scope.write_post
| AppDotNetAuth.Scope.messages
| AppDotNetAuth.Scope.export
).ToString().Replace(",","");
//Redirect the user to App.net for authorization.
Response.Redirect(AppDotNetAuth.AuthorizationLinkGet(scope,Request.Url.AbsoluteUri.Replace("appdotnetauth=true","appdotnetauth=false")));
}
//App.net Return
if (Request["appdotnetauth"] != null && Request["appdotnetauth"] == "false")
{
if (Request["code"] != null && Request["state"] != null)
{
AppDotNetAuth oAuth = new AppDotNetAuth();
//Get the access token.
oAuth.TokenGet(Request["code"].ToString(), Request["state"].ToString());
if (oAuth.access_token.Length > 0)
{
//STORE THE ACCESS TOKEN FOR LATER CALLS
//Subsequent calls can be made without the App.net login screen.
//Move this code outside of this auth process if you already have the tokens.
//
//Example:
//AppDotNetAuth oAuth = new AppDotNetAuth();
//oAuth.access_token = Session["access_token"];
//Then make the following App.net call.
////SAMPLE App.net API CALL
string url = AppDotNetAuth.USER.Replace("[user_id]", "me");
AppDotNetUser user = Json.Deserialise<AppDotNetUserWrapper>(AuthUtilities.WebRequest(AuthUtilities.Method.GET, url, String.Empty, oAuth.AuthHeader())).data;
if (user.id.Length > 0)
{
UserData userData = new UserData();
userData.id = user.id;
userData.username = user.username;
userData.name = user.name;
userData.serviceType = "appdotnet";
AuthSuccess(userData);
}
//POST Test
//url = AppDotNetAuth.WRITE_POST;
//string json = AuthUtilities.WebRequest(AuthUtilities.Method.POST, url, "text=" + HttpUtility.UrlEncode("Hello @swhitley - Testing the .NET oAuth API"), oAuth.AuthHeader());
Response.Clear();
Response.Write("<script>window.opener.location.reload();window.close();</script>");
}
}
}
#endregion
//TODO: Add Error Handling
}
