public Uri NavigateImpersonation(Uri redirectAfterImpersonateUri = null, string loginHint = "") { redirectAfterImpersonateUri = new Uri($"{CallbackUri.Scheme}://{PortalSettings.Current.PortalAlias.HTTPAlias}/Impersonate"); var parameters = new List <QueryParameter> { new QueryParameter("scope", Scope), new QueryParameter("client_id", APIKey), //new QueryParameter("redirect_uri", HttpContext.Current.Server.UrlEncode($"{CallbackUri.Scheme}://{CallbackUri.Host}/Impersonate")), new QueryParameter("redirect_uri", string.IsNullOrEmpty(Settings.RedirectUri) ? HttpContext.Current.Server.UrlEncode($"{CallbackUri.Scheme}://{CallbackUri.Host}/UserProfile") : HttpContext.Current.Server.UrlEncode(CallbackUri.ToString())), new QueryParameter("state", HttpContext.Current.Server.UrlEncode(new State() { PortalId = PortalSettings.Current.PortalId, Culture = PortalSettings.Current.CultureCode, RedirectUrl = redirectAfterImpersonateUri?.ToString(), IsImpersonate = true }.ToString())), new QueryParameter("response_type", "code"), new QueryParameter("response_mode", "query"), new QueryParameter("p", Settings.ImpersonatePolicy) }; if (!string.IsNullOrEmpty(loginHint)) { parameters.Add(new QueryParameter("login_hint", loginHint)); } return(new Uri(AuthorizationEndpoint + "?" + parameters.ToNormalizedString())); }
public void NavigateUserProfile(Uri redirectAfterEditUri = null) { var parameters = new List <QueryParameter> { new QueryParameter("scope", Scope), new QueryParameter("client_id", APIKey), new QueryParameter("redirect_uri", string.IsNullOrEmpty(Settings.RedirectUri) ? HttpContext.Current.Server.UrlEncode($"{CallbackUri.Scheme}://{CallbackUri.Host}/UserProfile") : HttpContext.Current.Server.UrlEncode(CallbackUri.ToString())), new QueryParameter("state", HttpContext.Current.Server.UrlEncode(new State() { PortalId = PortalSettings.Current.PortalId, Culture = PortalSettings.Current.CultureCode, RedirectUrl = redirectAfterEditUri?.ToString(), IsUserProfile = true }.ToString())), new QueryParameter("response_type", "code"), new QueryParameter("response_mode", "query"), new QueryParameter("p", Settings.ProfilePolicy) }; HttpContext.Current.Response.Redirect(AuthorizationEndpoint + "?" + parameters.ToNormalizedString(), false); }
private void ExchangeCodeForToken() { IList <QueryParameter> parameters = new List <QueryParameter>(); parameters.Add(new QueryParameter(OAuthClientIdKey, APIKey)); parameters.Add(new QueryParameter(OAuthRedirectUriKey, HttpContext.Current.Server.UrlEncode(CallbackUri.ToString()))); //DNN-6265 Support for OAuth V2 Secrets which are not URL Friendly parameters.Add(new QueryParameter(OAuthClientSecretKey, HttpContext.Current.Server.UrlEncode(APISecret.ToString()))); parameters.Add(new QueryParameter(OAuthGrantTyepKey, "authorization_code")); parameters.Add(new QueryParameter(OAuthCodeKey, VerificationCode)); //DNN-6265 Support for OAuth V2 optional parameter if (!String.IsNullOrEmpty(APIResource)) { parameters.Add(new QueryParameter("resource", APIResource)); } string responseText = ExecuteWebRequest(TokenMethod, TokenEndpoint, parameters.ToNormalizedString(), String.Empty); AuthToken = GetToken(responseText); AuthTokenExpiry = GetExpiry(responseText); }
private AuthorisationResult AuthorizeV2() { string errorReason = HttpContext.Current.Request.Params["error_reason"]; bool userDenied = (errorReason != null); if (userDenied) { return(AuthorisationResult.Denied); } if (!HaveVerificationCode()) { var parameters = new List <QueryParameter> { new QueryParameter("scope", Scope), new QueryParameter(OAuthClientIdKey, APIKey), new QueryParameter(OAuthRedirectUriKey, HttpContext.Current.Server.UrlEncode(CallbackUri.ToString())), new QueryParameter("state", Service), new QueryParameter("response_type", "code") }; HttpContext.Current.Response.Redirect(AuthorizationEndpoint + "?" + parameters.ToNormalizedString(), true); return(AuthorisationResult.RequestingCode); } ExchangeCodeForToken(); return(String.IsNullOrEmpty(AuthToken) ? AuthorisationResult.Denied : AuthorisationResult.Authorized); }
private void ExchangeCodeForToken() { // Exchange code was already exchanged for token. Redeeming the exchange code twice on Azure AD B2C works but not on regular Azure AD if (string.IsNullOrEmpty(AuthToken)) { var parameters = new List <QueryParameter> { new QueryParameter("grant_type", "authorization_code"), new QueryParameter("client_id", APIKey), new QueryParameter("client_secret", HttpContext.Current.Server.UrlEncode(APISecret)), new QueryParameter("scope", HttpContext.Current.Server.UrlEncode(Scope)), new QueryParameter("code", VerificationCode), new QueryParameter("redirect_uri", HttpContext.Current.Server.UrlEncode(CallbackUri.ToString())) }; var responseText = ExecuteWebRequest(TokenMethod, new Uri(TokenEndpoint.AbsoluteUri), parameters.ToNormalizedString(), string.Empty); AuthToken = GetToken(responseText); AuthTokenExpiry = GetExpiry(responseText); } else { JwtIdToken = new JwtSecurityToken(AuthToken); AuthTokenExpiry = JwtIdToken.ValidTo.TimeOfDay; } }
public override AuthorisationResult Authorize() { string errorReason = HttpContext.Current.Request.Params["error_reason"]; bool userDenied = (errorReason != null); if (userDenied) { return(AuthorisationResult.Denied); } if (!HaveVerificationCode()) { var parameters = new List <QueryParameter> { new QueryParameter("scope", Scope), new QueryParameter("client_id", APIKey), new QueryParameter("redirect_uri", HttpContext.Current.Server.UrlEncode(CallbackUri.ToString())), new QueryParameter("state", HttpContext.Current.Server.UrlEncode(new State() { PortalId = Settings.PortalID, Culture = PortalSettings.Current.CultureCode, RedirectUrl = HttpContext.Current.Request["returnurl"] }.ToString())), new QueryParameter("response_type", "code"), new QueryParameter("response_mode", "query"), }; HttpContext.Current.Response.Redirect(AuthorizationEndpoint + "?" + parameters.ToNormalizedString(), false); HttpContext.Current.Response.Flush(); return(AuthorisationResult.RequestingCode); } ExchangeCodeForToken(); SaveTokenCookie(string.IsNullOrEmpty(AuthToken)); if (!string.IsNullOrEmpty(AuthToken) && !string.IsNullOrEmpty(HttpContext.Current.Request["state"])) { var state = new State(HttpContext.Current.Request["state"]); if (!string.IsNullOrEmpty(state.RedirectUrl)) { this.RedirectUrl = state.RedirectUrl; } } return(string.IsNullOrEmpty(AuthToken) ? AuthorisationResult.Denied : AuthorisationResult.Authorized); }
private void ExchangeCodeForToken() { var parameters = new List <QueryParameter> { new QueryParameter("grant_type", "authorization_code"), new QueryParameter("client_id", APIKey), new QueryParameter("scope", Scope), new QueryParameter("code", VerificationCode), new QueryParameter("redirect_uri", HttpContext.Current.Server.UrlEncode(CallbackUri.ToString())) }; var responseText = ExecuteWebRequest(TokenMethod, new Uri($"{TokenEndpoint.AbsoluteUri}?p={PolicyName}"), parameters.ToNormalizedString(), string.Empty); AuthToken = GetToken(responseText); AuthTokenExpiry = GetExpiry(responseText); }
public override AuthorisationResult Authorize() { string errorReason = HttpContext.Current.Request.Params["error_reason"]; bool userDenied = (errorReason != null); if (userDenied) { return(AuthorisationResult.Denied); } if (!string.IsNullOrEmpty(HttpContext.Current.Request.UrlReferrer?.Query) && HttpContext.Current.Request.UrlReferrer.Query.IndexOf("p=" + Settings.PasswordResetPolicy + "&") > -1) { Policy = PolicyEnum.PasswordResetPolicy; } if (!HaveVerificationCode()) { var parameters = new List <QueryParameter> { new QueryParameter("scope", Scope), new QueryParameter("client_id", APIKey), new QueryParameter("redirect_uri", HttpContext.Current.Server.UrlEncode(CallbackUri.ToString())), new QueryParameter("state", HttpContext.Current.Server.UrlEncode(new State() { PortalId = Settings.PortalID, Culture = PortalSettings.Current.CultureCode }.ToString())), new QueryParameter("response_type", "code"), new QueryParameter("response_mode", "query"), new QueryParameter("p", PolicyName) }; HttpContext.Current.Response.Redirect(AuthorizationEndpoint + "?" + parameters.ToNormalizedString(), false); return(AuthorisationResult.RequestingCode); } ExchangeCodeForToken(); SaveTokenCookie(string.IsNullOrEmpty(AuthToken)); return(string.IsNullOrEmpty(AuthToken) ? AuthorisationResult.Denied : AuthorisationResult.Authorized); }
private void ExchangeCodeForToken() { IList <QueryParameter> parameters = new List <QueryParameter>(); parameters.Add(new QueryParameter(OAuthClientIdKey, APIKey)); parameters.Add(new QueryParameter(OAuthRedirectUriKey, HttpContext.Current.Server.UrlEncode(CallbackUri.ToString()))); parameters.Add(new QueryParameter(OAuthClientSecretKey, APISecret)); parameters.Add(new QueryParameter(OAuthGrantTyepKey, "authorization_code")); parameters.Add(new QueryParameter(OAuthCodeKey, VerificationCode)); string responseText = ExecuteWebRequest(TokenMethod, TokenEndpoint, parameters.ToNormalizedString(), String.Empty); AuthToken = GetToken(responseText); AuthTokenExpiry = GetExpiry(responseText); }
public IConsumerRequest BuildRequestTokenContext(string method) { var consumerRequest = ConsumerRequestExtensions.ForMethod(Request(), method); var alterContext = ConsumerRequestExtensions.AlterContext(consumerRequest, context => context.CallbackUrl = (CallbackUri == null) ? "oob" : CallbackUri.ToString()); var request1 = ConsumerRequestExtensions.AlterContext(alterContext, context => context.Token = null); var request = ConsumerRequestExtensions.ForUri(request1, RequestTokenUri); return(request .SignWithoutToken()); }
public IConsumerRequest BuildRequestTokenContext(string method) { return(Request() .ForMethod(method) .AlterContext(context => context.CallbackUrl = (CallbackUri == null) ? "oob" : CallbackUri.ToString()) .AlterContext(context => context.Token = null) .ForUri(RequestTokenUri) .SignWithoutToken()); }