public void LoginUsingSessionShouldValidateSession()
{
var rpcClient = new Client(Settings.RpcUri, Settings.StreamingUri, AppKey);
rpcClient.LogIn(Settings.RpcUserName, Settings.RpcPassword);
Assert.That(rpcClient.Session, Is.Not.Null.Or.Empty);
//This should work
var rpcClientUsingSession = new Client(Settings.RpcUri, Settings.StreamingUri, AppKey);
rpcClientUsingSession.LogInUsingSession(Settings.RpcUserName, rpcClient.Session);
Assert.That(rpcClientUsingSession.Session, Is.Not.Null.Or.Empty);
//After the session has been destroyed, trying to login using it should fail
rpcClient.LogOut();
try
{
rpcClientUsingSession.LogInUsingSession(Settings.RpcUserName, rpcClient.Session);
Assert.Fail("should throw");
}
catch (ReliableHttpException)
{
}
try
{
rpcClientUsingSession.LogInUsingSession(Settings.RpcUserName, Guid.NewGuid().ToString());
Assert.Fail("should throw");
}
catch (ReliableHttpException)
{
}
//And there shouldn't be a session
Assert.IsNullOrEmpty(rpcClientUsingSession.Session);
// this client is already logged out. should we swallow unauthorized exceptions in the logout methods?
// rpcClientUsingSession.LogOut();
rpcClientUsingSession.Dispose();
rpcClient.Dispose();
}
public void LoginUsingSessionShouldValidateSession()
{
var rpcClient = new Client(Settings.RpcUri, Settings.StreamingUri, AppKey);
rpcClient.LogIn(Settings.RpcUserName, Settings.RpcPassword);
Assert.That(rpcClient.Session, Is.Not.Null.Or.Empty);
//This should work
var rpcClientUsingSession = new Client(Settings.RpcUri, Settings.StreamingUri, AppKey);
rpcClientUsingSession.LogInUsingSession(Settings.RpcUserName, rpcClient.Session);
Assert.That(rpcClientUsingSession.Session, Is.Not.Null.Or.Empty);
//After the session has been destroyed, trying to login using it should fail
rpcClient.LogOut();
try
{
rpcClientUsingSession.LogInUsingSession(Settings.RpcUserName, rpcClient.Session);
Assert.Fail("should throw");
}
catch (ReliableHttpException)
{
}
try
{
rpcClientUsingSession.LogInUsingSession(Settings.RpcUserName, Guid.NewGuid().ToString());
Assert.Fail("should throw");
}
catch (ReliableHttpException)
{
}
//And there shouldn't be a session
Assert.IsNullOrEmpty(rpcClientUsingSession.Session);
// this client is already logged out. should we swallow unauthorized exceptions in the logout methods?
// rpcClientUsingSession.LogOut();
rpcClientUsingSession.Dispose();
rpcClient.Dispose();
}
protected void Page_Load(object sender, EventArgs e)
{
string state = Request["state"];
string code = Request["code"];
if (code != null)
{
string authServer = WebConfigurationManager.AppSettings["authServer"];
var grant_type = "authorization_code";
var client_id = "123";
var client_secret = "456";
var client = new WebClient();
client.Headers.Add("Content-Type", "application/x-www-form-urlencoded");
string upload =
string.Format("client_id={0}&client_secret={1}&grant_type={2}&code={3}", HttpUtility.UrlEncode(client_id), HttpUtility.UrlEncode(client_secret), HttpUtility.UrlEncode(grant_type), HttpUtility.UrlEncode(code));
var payload = client.UploadString(authServer + "/Token", upload);
JObject payloadobj = (JObject) JsonConvert.DeserializeObject(payload);
string refresh_token = payloadobj["refresh_token"].Value<string>();
string access_token = payloadobj["access_token"].Value<string>();
// #TODO: clarify expire date
var pair = access_token.Split(new char[] { ':' }, StringSplitOptions.RemoveEmptyEntries);
var username = pair[0];
var session = pair[1];
// save it for later user
Session["CIAPI_SESSION"] = session;
Session["CIAPI_USERNAME"] = username;
Session["CIAPI_REFRESHTOKEN"] = refresh_token;
}
// fancy app code
if (Session["CIAPI_SESSION"] == null)
{
// not authorized, show button
AuthPanel.Visible = true;
CIAPIPanel.Visible = false;
}
else
{
// authorized. do something with session
CIAPIPanel.Visible = true;
AuthPanel.Visible = false;
string savedSession = (string)Session["CIAPI_SESSION"];
string savedUsername = (string)Session["CIAPI_USERNAME"];
AccountInformationResponseDTO result;
using (var client = new Client(new Uri("https://ciapi.cityindex.com/tradingapi"), new Uri("http://foo.com"), "CIAPIAuthConsumer"))
{
client.LogInUsingSession(savedUsername, savedSession);
result = client.AccountInformation.GetClientAndTradingAccount();
}
LogonUserNameLabel.Text = result.LogonUserName;
}
}
