private static void TokenIntrospection(string introscpectionEndpoint, string accessToken, string scope, string secret) { var client = new IntrospectionClient(introscpectionEndpoint, scope, secret); var request = new IntrospectionRequest { Token = accessToken }; var result = client.SendAsync(request).Result; if (result.IsError) { Console.WriteLine(result.Error); } else { if (result.IsActive) { var claims = result.Claims.ToList(); var expirationClaim = claims.FirstOrDefault(x => x.Type == "exp"); var validFromClaim = claims.FirstOrDefault(x => x.Type == "nbf"); long expirationTimeStamp = Convert.ToInt64(expirationClaim.Value); long validFromTimeStamp = Convert.ToInt64(validFromClaim.Value); var expirationDate = TimeStampToDate(expirationTimeStamp); var issuedDate = TimeStampToDate(validFromTimeStamp); } else { Console.WriteLine("token is not active"); } } }
private static void Introspection(string accessToken) { var client = new IntrospectionClient( Constants.IntrospectionEndpoint, "api1", "secret"); var request = new IntrospectionRequest { Token = accessToken }; var result = client.SendAsync(request).Result; if (result.IsError) { Console.WriteLine(result.Error); } else { if (result.IsActive) { result.Claims.ToList().ForEach(c => Console.WriteLine("{0}: {1}", c.Item1, c.Item2)); } else { Console.WriteLine("token is not active"); } } }
private static void Introspection(string accessToken) { var client = new IntrospectionClient( "https://localhost:44333/core/connect/introspect", "write", "secret"); var request = new IntrospectionRequest { Token = accessToken }; var result = client.SendAsync(request).Result; if (result.IsError) { Console.WriteLine(result.Error); } else { if (result.IsActive) { result.Claims.ToList().ForEach(c => Console.WriteLine("{0}: {1}", c.Item1, c.Item2)); } else { Console.WriteLine("token is not active"); } } }
public async Task <ActionResult <IntrospectionResponse> > ValidateToken([FromForm] IntrospectionRequest request) { if (string.IsNullOrEmpty(request.Token)) { return(BadRequest("Token canot be empty.")); } var response = await _authentication.IntrospectionValidation(request); return(Ok(response)); }
public static IntrospectionParameter ToParameter(this IntrospectionRequest viewModel) { return(new IntrospectionParameter { ClientAssertion = viewModel.ClientAssertion, ClientAssertionType = viewModel.ClientAssertionType, ClientId = viewModel.ClientId, ClientSecret = viewModel.ClientSecret, Token = viewModel.Token, TokenTypeHint = viewModel.TokenTypeHint }); }
public static IntrospectionParameter ToParameter(this IntrospectionRequest viewModel) { return(new() { ClientAssertion = viewModel.client_assertion, ClientAssertionType = viewModel.client_assertion_type, ClientId = viewModel.client_id, ClientSecret = viewModel.client_secret, Token = viewModel.token, TokenTypeHint = viewModel.token_type_hint }); }
public async Task WhenIntrospectingAndTokenDoesNotExistThenResponseShowsInactiveToken() { var tokenClient = new TokenClient( TokenCredentials.FromClientCredentials("client", "client"), _server.Client, new Uri(BaseUrl + WellKnownOpenidConfiguration)); var introspection = await tokenClient.Introspect( IntrospectionRequest.Create("invalid_token", TokenTypes.AccessToken, "pat")) .ConfigureAwait(false) as Option <OauthIntrospectionResponse> .Result; Assert.False(introspection.Item.Active); }
private async Task <IntrospectionResponse> ValidateToken(string token) { var clientInstroption = new IntrospectionClient(WebConfigurationManager.AppSettings["is3host"] + "/identity/core/connect/introspect", "sampleAPI", "dmsecret"); var request = new IntrospectionRequest { Token = token }; return(clientInstroption.SendAsync(request).Result); }
protected override async Task <int> ExecuteCommandAsync() { int result = -1; try { var discoClient = await DiscoveryClient.GetAsync(Server.Value()); if (discoClient.IsError) { Logger.LogError($"{discoClient.ErrorType} : {discoClient.Error}"); } else { var client = new IntrospectionClient(discoClient.IntrospectionEndpoint, Client.Value(), Secret.Value()); var request = new IntrospectionRequest { Token = Token.Value() }; var introspectionResponse = await client.SendAsync(request); if (introspectionResponse.IsError) { Logger.LogError(introspectionResponse.Error); } else { if (introspectionResponse.IsActive) { introspectionResponse.Claims.ToList().ForEach( c => Logger.LogInformation($"{c.Type}: {c.Value}")); } else { Logger.LogInformation("token is not active"); } } } } catch (Exception ex) { throw new CommandException(ex.Message); } return(result); }
/// <inheritdoc /> public async Task <Option <UmaIntrospectionResponse> > Introspect( IntrospectionRequest introspectionRequest, CancellationToken cancellationToken = default) { var discoveryInformation = await GetUmaConfiguration(cancellationToken).ConfigureAwait(false); var request = new HttpRequestMessage { Method = HttpMethod.Post, Content = new FormUrlEncodedContent(introspectionRequest), RequestUri = discoveryInformation.IntrospectionEndpoint }; return(await GetResult <UmaIntrospectionResponse>(request, introspectionRequest.PatToken, cancellationToken : cancellationToken) .ConfigureAwait(false)); }
public void ValidatingClientToken_WithValidCredential_ReturnsOkStatusCode() { // Arrange var tokenClient = identityServerHost.GetTokenClient(); var introClient = identityServerHost.GetIntroClient(); var clientCredential = tokenClient.RequestClientCredentialsAsync("identityserverhost").Result; var introRequest = new IntrospectionRequest { ClientId = "testclient", Token = clientCredential.AccessToken }; // Act var introResponse = introClient.SendAsync(introRequest).Result; // Assert Assert.AreEqual(HttpStatusCode.OK, introResponse.HttpStatusCode); }
public async Task When_Introspecting_AccessToken_Then_Information_Are_Returned() { var tokenClient = new TokenClient( TokenCredentials.FromClientCredentials("client", "client"), _server.Client, new Uri(BaseUrl + WellKnownOpenidConfiguration)); var result = await tokenClient.GetToken(TokenRequest.FromPassword("administrator", "password", new[] { "scim" })) .ConfigureAwait(false) as Option <GrantedTokenResponse> .Result; var introspection = await tokenClient.Introspect( IntrospectionRequest.Create(result.Item.AccessToken, TokenTypes.AccessToken, "pat")) .ConfigureAwait(false) as Option <OauthIntrospectionResponse> .Result; Assert.Single(introspection.Item.Scope); Assert.Equal("scim", introspection.Item.Scope.First()); }
public async Task When_Revoking_RefreshToken_Then_True_Is_Returned() { var tokenClient = new TokenClient( TokenCredentials.FromClientCredentials("client", "client"), _server.Client, new Uri(BaseUrl + WellKnownOpenidConfiguration)); var result = await tokenClient .GetToken(TokenRequest.FromPassword("administrator", "password", new[] { "scim", "offline" })) .ConfigureAwait(false) as Option <GrantedTokenResponse> .Result; var revoke = await tokenClient .RevokeToken(RevokeTokenRequest.Create(result.Item.RefreshToken, TokenTypes.RefreshToken)) .ConfigureAwait(false); var introspectClient = new UmaClient(_server.Client, new Uri(BaseUrl + WellKnownOpenidConfiguration)); var ex = await introspectClient.Introspect( IntrospectionRequest.Create(result.Item.RefreshToken, TokenTypes.RefreshToken, "pat")) .ConfigureAwait(false); Assert.IsType <Option.Success>(revoke); Assert.IsType <Option <UmaIntrospectionResponse> .Error>(ex); }
private static async Task IntrospectAsync(string accessToken) { var disco = await DiscoveryClient.GetAsync(Constants.Authority); if (disco.IsError) { throw new Exception(disco.Error); } var client = new IntrospectionClient( disco.IntrospectionEndpoint, "api1", "secret"); var request = new IntrospectionRequest { Token = accessToken }; var result = await client.SendAsync(request); if (result.IsError) { Console.WriteLine(result.Error); } else { if (result.IsActive) { result.Claims.ToList().ForEach(c => Console.WriteLine("{0}: {1}", c.Type, c.Value)); } else { Console.WriteLine("token is not active"); } } }
public async Task <bool> IsAuthTokenValid(string authCode, string authority) { var client = new IntrospectionClient( $"{authority}/connect/introspect", "api1", "secret"); var request = new IntrospectionRequest { Token = Properties.Settings.Default.AuthCode }; try { var result = await client.SendAsync(request); return(result.IsActive); } catch { AddSnacbkarErrorMessageToQueeue("Error contacting the server"); return(false); } }
public async Task <IActionResult> Post( [FromForm] IntrospectionRequest introspectionRequest, CancellationToken cancellationToken) { if (introspectionRequest?.token == null) { return(BuildError( ErrorCodes.InvalidRequest, "no parameter in body request", HttpStatusCode.BadRequest)); } var result = await _introspectionActions.Execute( introspectionRequest.ToParameter(), cancellationToken) .ConfigureAwait(false); return(result switch { Option <OauthIntrospectionResponse> .Result r => Ok(r.Item), Option <OauthIntrospectionResponse> .Error e => BadRequest(e.Details), _ => throw new ArgumentOutOfRangeException() });
/// <inheritdoc/> public async Task <IntrospectionResponse> IntrospectionValidation(IntrospectionRequest request) { List <Func <Task <IntrospectionResponse> > > validationFunctions = new(); validationFunctions.Add(async() => await ValidateEFormidlingAccessToken(request.Token)); /* * if token type hint is provided in the request, * the suitable validation function should be moved to the top of the list * to possibly avoid unnessesary validation attempts. */ foreach (Func <Task <IntrospectionResponse> > func in validationFunctions) { var res = await func(); if (res.Active) { return(res); } } return(new IntrospectionResponse()); }