/// <summary> /// Sends a request for exchanging authorization code to an access token, and handles the response. /// </summary> /// <param name="config">Client configuration, overridden to use the contain the dynamic /// redirect URI.</param> /// <param name="args">Authorization operation arguments.</param> protected void RequestAndHandleAccessToken( IAuthorizationCodeGrantConfig config, AuthorizationCodeGrantArgs args) { string jsonResponse = RequestAccessToken(config, args); ReadAccessTokenResponse(jsonResponse); }
/// <summary> /// Exchanges an authorization code received earlier during OAuth 2.0 Authorization Code Grant flow execution /// to an access token. /// </summary> /// <param name="code">The authorization code.</param> /// <param name="oauthConfig">OAuth configuration.</param> /// <param name="codeVerifier">PKCE (Proog Key for Code Exchange) code verifier, /// if using PKCE to secure the Authorization Code Grant flow.</param> /// <returns>The access token response as a string.</returns> public static string RequestAccessToken(string code, IAuthorizationCodeGrantConfig oauthConfig, string codeVerifier = null) { if (oauthConfig.TokenUri == null) { throw new InvalidOperationException("OAuthConfig.TokenUri must be specified"); } var tokenRequest = WebRequest.CreateHttp(oauthConfig.TokenUri); if (oauthConfig.AllowInsecureCerts) { tokenRequest.ServerCertificateValidationCallback = (sender, certificate, chain, sslPolicyErrors) => true; } tokenRequest.Method = "POST"; tokenRequest.AllowAutoRedirect = false; tokenRequest.ContentType = "application/x-www-form-urlencoded"; using (var requestStreamWriter = new StreamWriter(tokenRequest.GetRequestStream())) { requestStreamWriter.Write("grant_type="); requestStreamWriter.Write(HttpUtility.UrlEncode(GRANT_TYPE_AUTHORIZATION_CODE)); requestStreamWriter.Write("&code="); requestStreamWriter.Write(HttpUtility.UrlEncode(code)); requestStreamWriter.Write("&client_id="); requestStreamWriter.Write(HttpUtility.UrlEncode(oauthConfig.ClientID)); if (oauthConfig.RedirectUri != null) { requestStreamWriter.Write("&redirect_uri="); requestStreamWriter.Write(HttpUtility.UrlEncode(oauthConfig.RedirectUri)); } if (oauthConfig.ClientSecret != null && !oauthConfig.UsePkce) { requestStreamWriter.Write("&client_secret="); requestStreamWriter.Write(HttpUtility.UrlEncode(oauthConfig.ClientSecret)); } if (codeVerifier != null && oauthConfig.UsePkce) { requestStreamWriter.Write("&code_verifier="); requestStreamWriter.Write(HttpUtility.UrlEncode(codeVerifier)); } } string jsonResponse; using (var response = tokenRequest.GetResponse()) { using (var responseStreamReader = new StreamReader(response.GetResponseStream())) { jsonResponse = responseStreamReader.ReadToEnd(); } } return(jsonResponse); }
/// <summary> /// Exchanges a refresh token received earlier during OAuth 2.0 Authorization Code Grant flow execution /// to a new access token. /// </summary> /// <param name="refreshToken">The refresh token.</param> /// <param name="oauthConfig">OAuth configuration.</param> /// <param name="scope">OAuth scope, optional. If <c>null</c>, requesting the same scope that had been granted /// with the original access token.</param> /// <returns>The access token response as a string.</returns> public static string RefreshAccessToken(string refreshToken, IAuthorizationCodeGrantConfig oauthConfig, string scope = null) { if (oauthConfig.TokenUri == null) { throw new InvalidOperationException("OAuthConfig.TokenUri must be specified"); } var tokenRequest = WebRequest.CreateHttp(oauthConfig.TokenUri); tokenRequest.Method = "POST"; tokenRequest.AllowAutoRedirect = false; tokenRequest.ContentType = "application/x-www-form-urlencoded"; using (var requestStreamWriter = new StreamWriter(tokenRequest.GetRequestStream())) { requestStreamWriter.Write("grant_type="); requestStreamWriter.Write(HttpUtility.UrlEncode(GRANT_TYPE_REFRESH_TOKEN)); requestStreamWriter.Write("&refresh_token="); requestStreamWriter.Write(HttpUtility.UrlEncode(refreshToken)); requestStreamWriter.Write("&client_id="); requestStreamWriter.Write(HttpUtility.UrlEncode(oauthConfig.ClientID)); if (oauthConfig.ClientSecret != null) { requestStreamWriter.Write("&client_secret="); requestStreamWriter.Write(HttpUtility.UrlEncode(oauthConfig.ClientSecret)); } if (scope != null) { requestStreamWriter.Write("&scope="); requestStreamWriter.Write(HttpUtility.UrlEncode(scope)); } } string jsonResponse; using (var response = tokenRequest.GetResponse()) { using (var responseStreamReader = new StreamReader(response.GetResponseStream())) { jsonResponse = responseStreamReader.ReadToEnd(); } } return(jsonResponse); }
/// <summary> /// Reads response and populates this object from the response parameters received /// from the server as a response to an authorization request. /// </summary> /// <param name="config">Client configuration, overridden to use the contain the dynamic /// redirect URI.</param> /// <param name="args">Authorization operation arguments.</param> /// <param name="responseParameters">The response parameters from the server.</param> /// <returns>Returns the OAuth state read from the response parameters, or <c>null</c> if no <c>state</c> /// response parameter found.</returns> protected string ReadAuthorizationResponse( IAuthorizationCodeGrantConfig config, AuthorizationCodeGrantArgs args, NameValueCollection responseParameters) { AuthorizationCode = responseParameters["code"]; var retValue = base.ReadAuthorizationResponse(args, responseParameters); if (AuthorizationCode != null) { try { // Authorization code has been received, call the token endpoint for getting an access token RequestAndHandleAccessToken(config, args); } finally { AuthorizationCode = null; } } return(retValue); }
/// <summary> /// Exchanges a refresh token received earlier during OAuth 2.0 Authorization Code Grant flow execution /// to a new access token. /// </summary> /// <param name="refreshToken">The refresh token.</param> /// <param name="oauthConfig">OAuth configuration.</param> /// <param name="scope">OAuth scope, optional. If <c>null</c>, requesting the same scope that had been granted /// with the original access token.</param> /// <returns>The access token response as a string.</returns> public static string RefreshAccessToken(string refreshToken, IAuthorizationCodeGrantConfig oauthConfig, string scope = null) { if (oauthConfig.TokenUri == null) { throw new InvalidOperationException("OAuthConfig.TokenUri must be specified"); } var tokenRequest = WebRequest.CreateHttp(oauthConfig.TokenUri); tokenRequest.Method = "POST"; tokenRequest.AllowAutoRedirect = false; tokenRequest.ContentType = "application/x-www-form-urlencoded"; using (var requestStreamWriter = new StreamWriter(tokenRequest.GetRequestStream())) { requestStreamWriter.Write("grant_type="); requestStreamWriter.Write(HttpUtility.UrlEncode(GRANT_TYPE_REFRESH_TOKEN)); requestStreamWriter.Write("&refresh_token="); requestStreamWriter.Write(HttpUtility.UrlEncode(refreshToken)); requestStreamWriter.Write("&client_id="); requestStreamWriter.Write(HttpUtility.UrlEncode(oauthConfig.ClientID)); if (!oauthConfig.UsePkce && !string.IsNullOrEmpty(oauthConfig.ClientSecret)) { requestStreamWriter.Write("&client_secret="); requestStreamWriter.Write(HttpUtility.UrlEncode(oauthConfig.ClientSecret)); } if (scope != null) { requestStreamWriter.Write("&scope="); requestStreamWriter.Write(HttpUtility.UrlEncode(scope)); } } string jsonResponse; var certValidationCallback = ServicePointManager.ServerCertificateValidationCallback; try { if (oauthConfig.AllowInsecureCerts) { ServicePointManager.ServerCertificateValidationCallback = delegate { return(true); }; } using (var response = tokenRequest.GetResponse()) using (var responseStreamReader = new StreamReader(response.GetResponseStream())) { jsonResponse = responseStreamReader.ReadToEnd(); } } catch (WebException ex) { using (var errorResponse = ex.Response.GetResponseStream()) using (var errorResponseStreamReader = new StreamReader(errorResponse)) { jsonResponse = errorResponseStreamReader.ReadToEnd(); } } finally { if (oauthConfig.AllowInsecureCerts) { ServicePointManager.ServerCertificateValidationCallback = certValidationCallback; } } return(jsonResponse); }
/// <summary> /// Initialized a new instance of the <see cref="AuthorizationCodeGrantConfigWrapper"/> class. /// </summary> /// <param name="wrapped">The wrapped config object.</param> protected AuthorizationCodeGrantConfigWrapper(IAuthorizationCodeGrantConfig wrapped) : base(wrapped) { }
public AuthorizationCodeGrantConfigWithDynamicRedirectUri(IAuthorizationCodeGrantConfig wrapped, string redirectUri) : base(wrapped) { this.redirectUri = redirectUri; }
/// <summary> /// Sends a request for exchanging authorization code to an access token. /// </summary> /// <param name="config">Client configuration, overridden to use the contain the dynamic /// redirect URI.</param> /// <param name="args">Authorization operation arguments.</param> protected string RequestAccessToken( IAuthorizationCodeGrantConfig config, AuthorizationCodeGrantArgs args) { return(OAuthUtil.RequestAccessToken(AuthorizationCode, config, args.CodeVerifier)); }