public async Task OAuth2Client_GetDeviceCodeAsync() { const string expectedUserCode = "254583"; const string expectedDeviceCode = "6d1e34151aff4f41b9f186e177a0b15d"; var baseUri = new Uri("https://example.com"); OAuth2ServerEndpoints endpoints = CreateEndpoints(baseUri); var httpHandler = new TestHttpMessageHandler { ThrowOnUnexpectedRequest = true }; string[] expectedScopes = { "read", "write", "delete" }; OAuth2Application app = CreateTestApplication(); var server = new TestOAuth2Server(endpoints); server.RegisterApplication(app); server.Bind(httpHandler); server.TokenGenerator.UserCodes.Add(expectedUserCode); server.TokenGenerator.DeviceCodes.Add(expectedDeviceCode); OAuth2Client client = CreateClient(httpHandler, endpoints); OAuth2DeviceCodeResult result = await client.GetDeviceCodeAsync(expectedScopes, CancellationToken.None); Assert.Equal(expectedUserCode, result.UserCode); Assert.Equal(expectedDeviceCode, result.DeviceCode); }
public async Task <OAuth2TokenResult> GetOAuthTokenViaDeviceCodeAsync(Uri targetUri, IEnumerable <string> scopes) { ThrowIfUserInteractionDisabled(); var oauthClient = new GitHubOAuth2Client(HttpClient, Context.Settings, targetUri); OAuth2DeviceCodeResult dcr = await oauthClient.GetDeviceCodeAsync(scopes, CancellationToken.None); // If we have a desktop session show the device code in a dialog if (Context.Settings.IsGuiPromptsEnabled && Context.SessionManager.IsDesktopSession && TryFindHelperExecutablePath(out string helperPath)) { var args = new StringBuilder("device"); args.AppendFormat(" --code {0} ", QuoteCmdArg(dcr.UserCode)); args.AppendFormat(" --url {0}", QuoteCmdArg(dcr.VerificationUri.ToString())); var promptCts = new CancellationTokenSource(); var tokenCts = new CancellationTokenSource(); // Show the dialog with the device code but don't await its closure Task promptTask = InvokeHelperAsync(helperPath, args.ToString(), null, promptCts.Token); // Start the request for an OAuth token but don't wait Task <OAuth2TokenResult> tokenTask = oauthClient.GetTokenByDeviceCodeAsync(dcr, tokenCts.Token); Task t = await Task.WhenAny(promptTask, tokenTask); // If the dialog was closed the user wishes to cancel the request if (t == promptTask) { tokenCts.Cancel(); } OAuth2TokenResult tokenResult; try { tokenResult = await tokenTask; } catch (OperationCanceledException) { throw new Exception("User canceled device code authentication"); } // Close the dialog promptCts.Cancel(); return(tokenResult); } else { ThrowIfTerminalPromptsDisabled(); string deviceMessage = $"To complete authentication please visit {dcr.VerificationUri} and enter the following code:" + Environment.NewLine + dcr.UserCode; Context.Terminal.WriteLine(deviceMessage); return(await oauthClient.GetTokenByDeviceCodeAsync(dcr, CancellationToken.None)); } }
public async Task OAuth2Client_E2E_DeviceFlowAndRefresh() { const string expectedUserCode = "736998"; const string expectedDeviceCode = "db6558b2a1d649758394ac3c2d9e00b1"; const string expectedAccessToken1 = "LET_ME_IN-1"; const string expectedAccessToken2 = "LET_ME_IN-2"; const string expectedRefreshToken1 = "REFRESH_ME-1"; const string expectedRefreshToken2 = "REFRESH_ME-2"; var baseUri = new Uri("https://example.com"); OAuth2ServerEndpoints endpoints = CreateEndpoints(baseUri); var httpHandler = new TestHttpMessageHandler { ThrowOnUnexpectedRequest = true }; string[] expectedScopes = { "read", "write", "delete" }; OAuth2Application app = CreateTestApplication(); var server = new TestOAuth2Server(endpoints); server.RegisterApplication(app); server.Bind(httpHandler); server.TokenGenerator.UserCodes.Add(expectedUserCode); server.TokenGenerator.DeviceCodes.Add(expectedDeviceCode); server.TokenGenerator.AccessTokens.Add(expectedAccessToken1); server.TokenGenerator.RefreshTokens.Add(expectedRefreshToken1); OAuth2Client client = CreateClient(httpHandler, endpoints); OAuth2DeviceCodeResult deviceResult = await client.GetDeviceCodeAsync(expectedScopes, CancellationToken.None); // Simulate the user taking some time to sign in with the user code Thread.Sleep(1000); server.SignInDeviceWithUserCode(deviceResult.UserCode); OAuth2TokenResult result1 = await client.GetTokenByDeviceCodeAsync(deviceResult, CancellationToken.None); Assert.NotNull(result1); Assert.Equal(expectedScopes, result1.Scopes); Assert.Equal(expectedAccessToken1, result1.AccessToken); Assert.Equal(expectedRefreshToken1, result1.RefreshToken); server.TokenGenerator.AccessTokens.Add(expectedAccessToken2); server.TokenGenerator.RefreshTokens.Add(expectedRefreshToken2); OAuth2TokenResult result2 = await client.GetTokenByRefreshTokenAsync(result1.RefreshToken, CancellationToken.None); Assert.NotNull(result2); Assert.Equal(expectedScopes, result2.Scopes); Assert.Equal(expectedAccessToken2, result2.AccessToken); Assert.Equal(expectedRefreshToken2, result2.RefreshToken); }
public async Task OAuth2Client_GetTokenByDeviceCodeAsync() { const string expectedUserCode = "342728"; const string expectedDeviceCode = "ad6498533bf54f4db53e49612a4acfb0"; const string expectedAccessToken = "LET_ME_IN"; const string expectedRefreshToken = "REFRESH_ME"; var baseUri = new Uri("https://example.com"); OAuth2ServerEndpoints endpoints = CreateEndpoints(baseUri); var httpHandler = new TestHttpMessageHandler { ThrowOnUnexpectedRequest = true }; string[] expectedScopes = { "read", "write", "delete" }; var grant = new OAuth2Application.DeviceCodeGrant(expectedUserCode, expectedDeviceCode, expectedScopes); OAuth2Application app = CreateTestApplication(); app.DeviceGrants.Add(grant); var server = new TestOAuth2Server(endpoints); server.RegisterApplication(app); server.Bind(httpHandler); server.TokenGenerator.UserCodes.Add(expectedUserCode); server.TokenGenerator.DeviceCodes.Add(expectedDeviceCode); server.TokenGenerator.AccessTokens.Add(expectedAccessToken); server.TokenGenerator.RefreshTokens.Add(expectedRefreshToken); OAuth2Client client = CreateClient(httpHandler, endpoints); var deviceCodeResult = new OAuth2DeviceCodeResult(expectedDeviceCode, expectedUserCode, null, null); Task <OAuth2TokenResult> resultTask = client.GetTokenByDeviceCodeAsync(deviceCodeResult, CancellationToken.None); // Simulate the user taking some time to sign in with the user code Thread.Sleep(1000); server.SignInDeviceWithUserCode(expectedUserCode); OAuth2TokenResult result = await resultTask; Assert.NotNull(result); Assert.Equal(expectedScopes, result.Scopes); Assert.Equal(expectedAccessToken, result.AccessToken); Assert.Equal(expectedRefreshToken, result.RefreshToken); }
public async Task <OAuth2TokenResult> GetOAuthTokenAsync(Uri targetUri, IEnumerable <string> scopes) { ThrowIfUserInteractionDisabled(); var oauthClient = new GitHubOAuth2Client(HttpClient, Context.Settings, targetUri); // If we have a desktop session try authentication using the user's default web browser if (Context.SessionManager.IsDesktopSession) { var browserOptions = new OAuth2WebBrowserOptions { SuccessResponseHtml = GitHubResources.AuthenticationResponseSuccessHtml, FailureResponseHtmlFormat = GitHubResources.AuthenticationResponseFailureHtmlFormat }; var browser = new OAuth2SystemWebBrowser(browserOptions); // Write message to the terminal (if any is attached) for some feedback that we're waiting for a web response Context.Terminal.WriteLine("info: please complete authentication in your browser..."); OAuth2AuthorizationCodeResult authCodeResult = await oauthClient.GetAuthorizationCodeAsync(scopes, browser, CancellationToken.None); return(await oauthClient.GetTokenByAuthorizationCodeAsync(authCodeResult, CancellationToken.None)); } else { ThrowIfTerminalPromptsDisabled(); if (GitHubConstants.IsOAuthDeviceAuthSupported) { OAuth2DeviceCodeResult deviceCodeResult = await oauthClient.GetDeviceCodeAsync(scopes, CancellationToken.None); string deviceMessage = $"To complete authentication please visit {deviceCodeResult.VerificationUri} and enter the following code:" + Environment.NewLine + deviceCodeResult.UserCode; Context.Terminal.WriteLine(deviceMessage); return(await oauthClient.GetTokenByDeviceCodeAsync(deviceCodeResult, CancellationToken.None)); } // We'd like to try using an OAuth2 flow that does not require a web browser on this device // such as the device code flow (RFC 8628) but GitHub's auth stack does not support this. throw new NotSupportedException("GitHub OAuth authentication is not supported without an interactive desktop session."); } }