public ActionResult Login(string returnUrl)
{
var client = new AuthenticationApiClient(
new Uri(string.Format("https://{0}", ConfigurationManager.AppSettings["auth0:Domain"])));
var request = this.Request;
var redirectUri = new UriBuilder(request.Url.Scheme, request.Url.Host, this.Request.Url.IsDefaultPort ? -1 : request.Url.Port, "LoginCallback.ashx");
var authorizeUrlBuilder = client.BuildAuthorizationUrl()
.WithClient(ConfigurationManager.AppSettings["auth0:ClientId"])
.WithRedirectUrl(redirectUri.ToString())
.WithResponseType(AuthorizationResponseType.Code)
.WithScope("openid profile")
// adding this audience will cause Auth0 to use the OIDC-Conformant pipeline
// you don't need it if your client is flagged as OIDC-Conformant (Advance Settings | OAuth)
.WithAudience("https://" + @ConfigurationManager.AppSettings["auth0:Domain"] + "/userinfo");
if (!string.IsNullOrEmpty(returnUrl))
{
var state = "ru=" + HttpUtility.UrlEncode(returnUrl);
authorizeUrlBuilder.WithState(state);
}
return(new RedirectResult(authorizeUrlBuilder.Build().ToString()));
}
public Authentication()
{
Get["/login"] = o =>
{
if (this.SessionIsAuthenticated())
{
return(Response.AsRedirect("securepage"));
}
var apiClient = new AuthenticationApiClient(ConfigurationManager.AppSettings["auth0:domain"]);
var authorizationUri = apiClient.BuildAuthorizationUrl()
.WithClient(ConfigurationManager.AppSettings["auth0:ClientId"])
.WithRedirectUrl(ConfigurationManager.AppSettings["auth0:CallbackUrl"])
.WithResponseType(AuthorizationResponseType.Code)
.WithScope("openid profile")
.Build();
return(Response.AsRedirect(authorizationUri.ToString()));
};
Get["/login-callback"] = o => this
.AuthenticateThisSession()
.ThenRedirectTo("securepage");
Get["/logout"] = o => this
.RemoveAuthenticationFromThisSession()
.ThenRedirectTo("index");
}
public ActionResult Login(OAuth2Model model)
{
var client = new AuthenticationApiClient(
new Uri(string.Format("https://{0}", ConfigurationManager.AppSettings["auth0:Domain"])));
var request = this.Request;
var redirectUri = new UriBuilder(request.Url.Scheme, request.Url.Host, this.Request.Url.IsDefaultPort ? -1 : request.Url.Port, "LoginCallback.ashx");
var authorizeUrlBuilder = client.BuildAuthorizationUrl()
.WithClient(ConfigurationManager.AppSettings["auth0:ClientId"])
.WithRedirectUrl(redirectUri.ToString())
.WithResponseType(AuthorizationResponseType.Code)
.WithScope("openid email offline_access")
.WithAudience(string.IsNullOrEmpty(model.Audience) ? ConfigurationManager.AppSettings["resourceOwnerUrl"] : model.Audience);
if (!string.IsNullOrEmpty(model.ReturnUrl))
{
var state = "ru=" + HttpUtility.UrlEncode(model.ReturnUrl);
authorizeUrlBuilder.WithState(state);
}
var url = authorizeUrlBuilder.Build().ToString();
return(new RedirectResult(url));
}
public ActionResult Login(string returnUrl)
{
var client = new AuthenticationApiClient(
new Uri(string.Format("https://{0}", ConfigurationManager.AppSettings["auth0:Domain"])));
var request = this.Request;
var redirectUri = new UriBuilder(request.Url.Scheme, request.Url.Host, this.Request.Url.IsDefaultPort ? -1 : request.Url.Port, "LoginCallback.ashx");
var authorizeUrlBuilder = client.BuildAuthorizationUrl()
.WithClient(ConfigurationManager.AppSettings["auth0:ClientId"])
.WithRedirectUrl(redirectUri.ToString())
.WithResponseType(AuthorizationResponseType.Code)
.WithScope("openid profile")
.WithAudience("https://" + @ConfigurationManager.AppSettings["auth0:Domain"] + "/userinfo");
if (!string.IsNullOrEmpty(returnUrl))
{
var state = "ru=" + HttpUtility.UrlEncode(returnUrl);
authorizeUrlBuilder.WithState(state);
}
return(new RedirectResult(authorizeUrlBuilder.Build().ToString()));
//ViewBag.ReturnUrl = returnUrl;
//return View();
}
static public String BuildAuthorizeUrl(Prompt prompt, bool isSamlRequest, State previousState = null)
{
var context = HttpContext.Current;
var client = new AuthenticationApiClient(
new Uri(string.Format("https://{0}", ConfigurationManager.AppSettings["auth0:Domain"])));
var request = context.Request;
var redirectUri = new UriBuilder(request.Url.Scheme, request.Url.Host, context.Request.Url.IsDefaultPort ? -1 : request.Url.Port, "LoginCallback.ashx");
var authorizeUrlBuilder = client.BuildAuthorizationUrl()
.WithClient(ConfigurationManager.AppSettings["auth0:ClientId"])
.WithRedirectUrl(redirectUri.ToString())
.WithResponseType(AuthorizationResponseType.Code)
.WithScope("openid profile")
// adding this audience will cause Auth0 to use the OIDC-Conformant pipeline
// you don't need it if your client is flagged as OIDC-Conformant (Advance Settings | OAuth)
.WithAudience("https://" + @ConfigurationManager.AppSettings["auth0:Domain"] + "/userinfo")
.WithState(State.Create(isSamlRequest, previousState));
if (prompt != Prompt.undefined)
{
authorizeUrlBuilder.WithValue("prompt", prompt.ToString());
}
if (isSamlRequest)
{
authorizeUrlBuilder.WithConnection(ConfigurationManager.AppSettings["auth0:SamlConnection"]);
}
return(authorizeUrlBuilder.Build().ToString());
}
public void Preserves_Uri_Path()
{
var authenticationApiClient = new AuthenticationApiClient(new Uri("https://localhost:2000/something/here"));
var authorizationUrl = authenticationApiClient.BuildAuthorizationUrl()
.WithResponseType(AuthorizationResponseType.Code)
.WithClient("rLNKKMORlaDzrMTqGtSL9ZSXiBBksCQW")
.WithConnection("google-oauth2")
.Build();
authorizationUrl.Should()
.Be(
new Uri("https://localhost:2000/something/here/authorize?response_type=code&client_id=rLNKKMORlaDzrMTqGtSL9ZSXiBBksCQW&connection=google-oauth2"));
}
public ActionResult ExternalLogin(string connection, string returnUrl)
{
var redirectUri = Request.Url.Scheme + "://" + Request.Url.Authority + "/signin-auth0";
return(Redirect(auth0.BuildAuthorizationUrl()
.WithClient(System.Configuration.ConfigurationManager.AppSettings["auth0:ClientId"])
.WithConnection(connection)
.WithRedirectUrl(redirectUri.ToString())
.WithState("ru=" + returnUrl)
.WithResponseType(Auth0.AuthenticationApi.Models.AuthorizationResponseType.Code)
.WithScope("openid name email")
.Build()
.ToString()));
}
public void Can_build_authorization_uri_with_params_overloads()
{
var authenticationApiClient = new AuthenticationApiClient(GetVariable("AUTH0_AUTHENTICATION_API_URL"));
var authorizationUrl = authenticationApiClient.BuildAuthorizationUrl()
.WithResponseType(AuthorizationResponseType.Code)
.WithScopes("openid", "offline_access")
.WithState("MyState")
.WithConnectionScopes("ConnectionScope", "More")
.Build();
authorizationUrl.Should()
.Be(
new Uri("https://auth0-dotnet-integration-tests.auth0.com/authorize?response_type=code&scope=openid%20offline_access&state=MyState&connection_scope=ConnectionScope%20More"));
}
public async Task Can_build_authorization_uri()
{
var authenticationApiClient = new AuthenticationApiClient(new Uri(GetVariable("AUTH0_AUTHENTICATION_API_URL")));
var authorizationUrl = authenticationApiClient.BuildAuthorizationUrl()
.WithResponseType(AuthorizationResponseType.Code)
.WithClient("rLNKKMORlaDzrMTqGtSL9ZSXiBBksCQW")
.WithConnection("google-oauth2")
.WithRedirectUrl("http://www.jerriepelser.com/test")
.WithScope("openid offline_access")
.Build();
authorizationUrl.Should()
.Be(
@"https://auth0-dotnet-integration-tests.auth0.com/authorize?response_type=code&client_id=rLNKKMORlaDzrMTqGtSL9ZSXiBBksCQW&connection=google-oauth2&redirect_uri=http%3A%2F%2Fwww.jerriepelser.com%2Ftest&scope=openid%20offline_access");
}
public void Can_provide_response_mode()
{
var authenticationApiClient = new AuthenticationApiClient(GetVariable("AUTH0_AUTHENTICATION_API_URL"));
var authorizationUrl = authenticationApiClient.BuildAuthorizationUrl()
.WithResponseType(AuthorizationResponseType.Code)
.WithClient("rLNKKMORlaDzrMTqGtSL9ZSXiBBksCQW")
.WithRedirectUrl("http://www.jerriepelser.com/test")
.WithScope("openid")
.WithResponseMode(AuthorizationResponseMode.FormPost)
.Build();
authorizationUrl.Should()
.Be(
@"https://auth0-dotnet-integration-tests.auth0.com/authorize?response_type=code&client_id=rLNKKMORlaDzrMTqGtSL9ZSXiBBksCQW&redirect_uri=http%3A%2F%2Fwww.jerriepelser.com%2Ftest&scope=openid&response_mode=form_post");
}
public void Can_provide_multiple_response_type()
{
var authenticationApiClient = new AuthenticationApiClient(GetVariable("AUTH0_AUTHENTICATION_API_URL"));
var authorizationUrl = authenticationApiClient.BuildAuthorizationUrl()
.WithResponseType(AuthorizationResponseType.Code)
.WithClient("rLNKKMORlaDzrMTqGtSL9ZSXiBBksCQW")
.WithConnection("google-oauth2")
.WithRedirectUrl("http://www.jerriepelser.com/test")
.WithScope("openid offline_access")
.Build();
authorizationUrl.Should()
.Be(
@"https://auth0-dotnet-integration-tests.auth0.com/authorize?response_type=code&client_id=rLNKKMORlaDzrMTqGtSL9ZSXiBBksCQW&connection=google-oauth2&redirect_uri=http%3A%2F%2Fwww.jerriepelser.com%2Ftest&scope=openid%20offline_access");
}
public void Can_build_authorization_uri_with_organization()
{
var authenticationApiClient = new AuthenticationApiClient(GetVariable("AUTH0_AUTHENTICATION_API_URL"));
var authorizationUrl = authenticationApiClient.BuildAuthorizationUrl()
.WithResponseType(AuthorizationResponseType.Code)
.WithClient("rLNKKMORlaDzrMTqGtSL9ZSXiBBksCQW")
.WithRedirectUrl("http://www.jerriepelser.com/test")
.WithScope("openid offline_access")
.WithNonce("MyNonce")
.WithState("MyState")
.WithOrganization("123")
.Build();
authorizationUrl.Should()
.Be(
new Uri("https://dx-sdks-testing.us.auth0.com/authorize?response_type=code&client_id=rLNKKMORlaDzrMTqGtSL9ZSXiBBksCQW&redirect_uri=http%3A%2F%2Fwww.jerriepelser.com%2Ftest&scope=openid%20offline_access&nonce=MyNonce&state=MyState&organization=123"));
}
public void Can_build_authorization_uri()
{
var authenticationApiClient = new AuthenticationApiClient(new Uri(GetVariable("AUTH0_AUTHENTICATION_API_URL")));
var authorizationUrl = authenticationApiClient.BuildAuthorizationUrl()
.WithResponseType(AuthorizationResponseType.Code)
.WithClient("rLNKKMORlaDzrMTqGtSL9ZSXiBBksCQW")
.WithConnection("google-oauth2")
.WithRedirectUrl("http://www.jerriepelser.com/test")
.WithScope("openid offline_access")
.WithAudience("https://myapi.com/v2")
.WithNonce("MyNonce")
.WithState("MyState")
.Build();
authorizationUrl.Should()
.Be(
new Uri("https://auth0-dotnet-integration-tests.auth0.com/authorize?response_type=code&client_id=rLNKKMORlaDzrMTqGtSL9ZSXiBBksCQW&connection=google-oauth2&redirect_uri=http%3A%2F%2Fwww.jerriepelser.com%2Ftest&scope=openid%20offline_access&audience=https%3A%2F%2Fmyapi.com%2Fv2&nonce=MyNonce&state=MyState"));
}
public void Authorize(HttpResponse Response, bool IsSecure)
{
Requires.PropertyNotNullOrEmpty("Config", "TenantDomain", Config.TenantDomain);
Requires.PropertyNotNullOrEmpty("Config", "ClientId", Config.ClientId);
var cookie = AntiForgery.GenerateCookie(IsSecure);
var apiClient = new AuthenticationApiClient(Config.TenantDomain);
var authBuilder = apiClient.BuildAuthorizationUrl()
.WithResponseType(AuthorizationResponseType.Code)
.WithClient(Config.ClientId)
.WithRedirectUrl(RedirectUrl)
.WithScope(_Scope)
.WithState(cookie.Value);
var authorizationUrl = string.IsNullOrEmpty(Config.ConnectionName) ? authBuilder.Build() : authBuilder.WithConnection(Config.ConnectionName).Build();
Response.Cookies.Set(cookie);
Response.Redirect(authorizationUrl.ToString(), true);
}
