public void LoginUsingSessionShouldValidateSession() { var rpcClient = new Client(Settings.RpcUri, Settings.StreamingUri, AppKey); rpcClient.LogIn(Settings.RpcUserName, Settings.RpcPassword); Assert.That(rpcClient.Session, Is.Not.Null.Or.Empty); //This should work var rpcClientUsingSession = new Client(Settings.RpcUri, Settings.StreamingUri, AppKey); rpcClientUsingSession.LogInUsingSession(Settings.RpcUserName, rpcClient.Session); Assert.That(rpcClientUsingSession.Session, Is.Not.Null.Or.Empty); //After the session has been destroyed, trying to login using it should fail rpcClient.LogOut(); try { rpcClientUsingSession.LogInUsingSession(Settings.RpcUserName, rpcClient.Session); Assert.Fail("should throw"); } catch (ReliableHttpException) { } try { rpcClientUsingSession.LogInUsingSession(Settings.RpcUserName, Guid.NewGuid().ToString()); Assert.Fail("should throw"); } catch (ReliableHttpException) { } //And there shouldn't be a session Assert.IsNullOrEmpty(rpcClientUsingSession.Session); // this client is already logged out. should we swallow unauthorized exceptions in the logout methods? // rpcClientUsingSession.LogOut(); rpcClientUsingSession.Dispose(); rpcClient.Dispose(); }
public void LoginUsingSessionShouldValidateSession() { var rpcClient = new Client(Settings.RpcUri, Settings.StreamingUri, AppKey); rpcClient.LogIn(Settings.RpcUserName, Settings.RpcPassword); Assert.That(rpcClient.Session, Is.Not.Null.Or.Empty); //This should work var rpcClientUsingSession = new Client(Settings.RpcUri, Settings.StreamingUri, AppKey); rpcClientUsingSession.LogInUsingSession(Settings.RpcUserName, rpcClient.Session); Assert.That(rpcClientUsingSession.Session, Is.Not.Null.Or.Empty); //After the session has been destroyed, trying to login using it should fail rpcClient.LogOut(); try { rpcClientUsingSession.LogInUsingSession(Settings.RpcUserName, rpcClient.Session); Assert.Fail("should throw"); } catch (ReliableHttpException) { } try { rpcClientUsingSession.LogInUsingSession(Settings.RpcUserName, Guid.NewGuid().ToString()); Assert.Fail("should throw"); } catch (ReliableHttpException) { } //And there shouldn't be a session Assert.IsNullOrEmpty(rpcClientUsingSession.Session); // this client is already logged out. should we swallow unauthorized exceptions in the logout methods? // rpcClientUsingSession.LogOut(); rpcClientUsingSession.Dispose(); rpcClient.Dispose(); }
protected void Page_Load(object sender, EventArgs e) { string state = Request["state"]; string code = Request["code"]; if (code != null) { string authServer = WebConfigurationManager.AppSettings["authServer"]; var grant_type = "authorization_code"; var client_id = "123"; var client_secret = "456"; var client = new WebClient(); client.Headers.Add("Content-Type", "application/x-www-form-urlencoded"); string upload = string.Format("client_id={0}&client_secret={1}&grant_type={2}&code={3}", HttpUtility.UrlEncode(client_id), HttpUtility.UrlEncode(client_secret), HttpUtility.UrlEncode(grant_type), HttpUtility.UrlEncode(code)); var payload = client.UploadString(authServer + "/Token", upload); JObject payloadobj = (JObject) JsonConvert.DeserializeObject(payload); string refresh_token = payloadobj["refresh_token"].Value<string>(); string access_token = payloadobj["access_token"].Value<string>(); // #TODO: clarify expire date var pair = access_token.Split(new char[] { ':' }, StringSplitOptions.RemoveEmptyEntries); var username = pair[0]; var session = pair[1]; // save it for later user Session["CIAPI_SESSION"] = session; Session["CIAPI_USERNAME"] = username; Session["CIAPI_REFRESHTOKEN"] = refresh_token; } // fancy app code if (Session["CIAPI_SESSION"] == null) { // not authorized, show button AuthPanel.Visible = true; CIAPIPanel.Visible = false; } else { // authorized. do something with session CIAPIPanel.Visible = true; AuthPanel.Visible = false; string savedSession = (string)Session["CIAPI_SESSION"]; string savedUsername = (string)Session["CIAPI_USERNAME"]; AccountInformationResponseDTO result; using (var client = new Client(new Uri("https://ciapi.cityindex.com/tradingapi"), new Uri("http://foo.com"), "CIAPIAuthConsumer")) { client.LogInUsingSession(savedUsername, savedSession); result = client.AccountInformation.GetClientAndTradingAccount(); } LogonUserNameLabel.Text = result.LogonUserName; } }