protected override async Task <AccountModelBase> AddAccountAsync(AccountModelBase account = null)
{
var credentials = await GetCredential();
if (credentials == null)
{
return(null);
}
Userinfoplus userInfo;
using (var authService = new Oauth2Service(GetServiceInitializer(credentials)))
{
userInfo = await authService.Userinfo.Get().ExecuteAsync();
}
var config = GetConfiguration <ConfigModel>();
var provider = new AccountModel(userInfo.Id, userInfo.Name)
{
Email = userInfo.Email
};
config.Accounts.Add(provider);
SetConfiguration(config);
return(provider);
}
private async Task Run()
{
/*
string CREDENTIAL_FILE_PKCS12 = "c:\\your_pkcs_cert.p12";
string serviceAccountEmail = "*****@*****.**";
var certificate = new X509Certificate2(CREDENTIAL_FILE_PKCS12, "notasecret", X509KeyStorageFlags.Exportable);
ServiceAccountCredential credential = new ServiceAccountCredential(
new ServiceAccountCredential.Initializer(serviceAccountEmail)
{
Scopes = new[] { Oauth2Service.Scope.UserinfoEmail }
}.FromCertificate(certificate));
*/
string CREDENTIAL_FILE_JSON = "C:\\your_json_cert.json";
Environment.SetEnvironmentVariable("GOOGLE_APPLICATION_CREDENTIALS", CREDENTIAL_FILE_JSON);
GoogleCredential credential = await GoogleCredential.GetApplicationDefaultAsync();
if (credential.IsCreateScopedRequired)
credential = credential.CreateScoped(new string[] { Oauth2Service.Scope.UserinfoEmail });
var service = new Oauth2Service(new BaseClientService.Initializer()
{
HttpClientInitializer = credential,
ApplicationName = "Oauth2 Sample",
});
Console.WriteLine(service.Userinfo.Get().Execute().Email);
}
public async Task <bool> Login()
{
var clientSecretUri = new Uri("ms-appx:///Resources/client_secret.json", UriKind.Absolute);
try
{
credential = await GoogleWebAuthorizationBroker.AuthorizeAsync(clientSecretUri, Scopes, "user", CancellationToken.None);
await credential.RefreshTokenAsync(CancellationToken.None);
}
catch (TokenResponseException e)
{
await credential.GetAccessTokenForRequestAsync();
}
catch (Exception e)
{
return(false);
}
var initializer = new BaseClientService.Initializer()
{
HttpClientInitializer = credential,
ApplicationName = ApplicationName
};
accessToken = credential.Token.AccessToken;
Oauth2Service = new Oauth2Service(initializer);
DriveService = new DriveService(initializer);
return(true);
}
//
// GET: /oauth2callback
public ActionResult OAuth2Callback(String code)
{
var provider = GetProvider();
try
{
var state = provider.ProcessUserAuthorization(code, GetAuthorizationState());
var initializer = new BaseClientService.Initializer()
{
Authenticator = Utils.GetAuthenticatorFromState(state)
};
Oauth2Service userService = new Oauth2Service(initializer);
String userId = userService.Userinfo.Get().Fetch().Id;
Utils.StoreCredentials(userId, state);
Session["userId"] = userId;
BootstrapUser(new MirrorService(initializer), userId);
}
catch (ProtocolException)
{
// TODO(alainv): handle error.
}
return(Redirect(Url.Action("Index", "Main")));
}
private static UserCredential Authenticate()
{
Console.WriteLine("Requesting Authentication");
string[] scopes = new string[] { Oauth2Service.Scope.UserinfoEmail };
UserCredential credential = GoogleWebAuthorizationBroker.AuthorizeAsync(new ClientSecrets
{
ClientId = @"99450014535-bel11jg1ft872p8qvt84nk3qoij5bh5q.apps.googleusercontent.com",
ClientSecret = @"aTaj6A8kq38r5FkKogPAZb5q"
}, scopes, "user", CancellationToken.None).Result;
Oauth2Service oauth2Service = new Oauth2Service(
new BaseClientService.Initializer {
HttpClientInitializer = credential
});
Userinfoplus userinfo = oauth2Service.Userinfo.Get().ExecuteAsync().Result;
if (!userinfo.Email.EndsWith(@"@pilani.bits-pilani.ac.in"))
{
credential.RevokeTokenAsync(CancellationToken.None).Wait();
Console.WriteLine("\nInvalid BITS ID : {0}\n\n", userinfo.Email);
return(Authenticate());
}
return(credential);
}
//
// GET: /oauth2callback
public ActionResult OAuth2Callback(String code)
{
var provider = GetProvider();
try
{
var state = provider.ProcessUserAuthorization(code, GetAuthorizationState());
var initializer = new BaseClientService.Initializer()
{
Authenticator = Utils.GetAuthenticatorFromState(state)
};
Oauth2Service userService = new Oauth2Service(initializer);
String userId = userService.Userinfo.Get().Fetch().Id;
Utils.StoreCredentials(userId, state);
Session["userId"] = userId;
BootstrapUser(new MirrorService(initializer), userId);
}
catch (ProtocolException)
{
// TODO(alainv): handle error.
}
return Redirect(Url.Action("Index", "Main"));
}
public async Task <ActionResult> LoginByGoogle(CancellationToken cancellationToken, string returnUrl)
{
if (Session["UserRandomId"] == null)
{
Session["UserRandomId"] = new TextBuilder().GetRandomString(50);
}
var result = await new AuthorizationCodeMvcApp(this,
new AppFlowMetadata(
repoConfig.Get(ConfigurationKeyStatic.GOOGLE_APP_ID),
repoConfig.Get(ConfigurationKeyStatic.GOOGLE_APP_SECRET))).AuthorizeAsync(cancellationToken);
var service = new Oauth2Service(new BaseClientService.Initializer
{
HttpClientInitializer = result.Credential,
ApplicationName = "ASP.NET MVC Sample"
});
if (result.Credential != null)
{
var userInfo = await service.Userinfo.Get().ExecuteAsync();
if (!account.RegisterAndLogByEmail(userInfo.Email, SOURCE_GOOGLE, this))
{
this.SetMessage(InfoMessageType.Danger, Resources.ErrorOcurred);
}
Session["UserRandomId"] = null;
return(Redirect(returnUrl ?? Url.Action("Index", "Home")));
}
else
{
return(new RedirectResult(result.RedirectUri));
}
}
public async void UpdateLoginDetails()
{
UserCredential credential = await GoogleWebAuthorizationBroker.AuthorizeAsync(new ClientSecrets
{
ClientId = "957928808020-pa0lopl3crh565k6jd4djaj36rm1d9i5.apps.googleusercontent.com",
ClientSecret = "oB9U6yWFndnBqLKIRSA0nYGm"
}, new[] { Oauth2Service.Scope.UserinfoProfile }, "user", CancellationToken.None);
// Create the service.
var service = new Oauth2Service(new BaseClientService.Initializer()
{
HttpClientInitializer = credential,
ApplicationName = "Youtube Viewer",
});
var GetLoginInfo = service.Userinfo.Get();
try
{
var LoginInfo = await GetLoginInfo.ExecuteAsync();
txtLoginName.Text = LoginInfo.Name;
var profileImg = new Windows.UI.Xaml.Media.ImageBrush
{
ImageSource = new BitmapImage(new Uri(LoginInfo.Picture))
};
imgProfileIcon.Fill = profileImg;
}
catch (Exception)
{
txtLoginName.Text = "";
imgProfileIcon.Fill = new Windows.UI.Xaml.Media.SolidColorBrush(Windows.UI.Color.FromArgb(0, 0, 0, 0));
}
}
/// <summary>
/// Send a request to the UserInfo API to retrieve the user's information.
/// </summary>
/// <param name="credentials">OAuth 2.0 credentials to authorize the request.</param>
/// <returns>User's information.</returns>
/// <exception cref="NoUserIdException">An error occurred.</exception>
static Userinfo GetUserInfo(IAuthorizationState credentials)
{
// create base client service initializer
BaseClientService.Initializer baseClientService = new BaseClientService.Initializer()
{
Authenticator = GetAuthenticatorFromState(credentials)
};
Oauth2Service userInfoService = new Oauth2Service(baseClientService);
Userinfo userInfo = null;
try
{
userInfo = userInfoService.Userinfo.Get().Fetch();
}
catch (GoogleApiRequestException e)
{
Console.WriteLine("An error occurred: " + e.Message);
}
if (userInfo != null && !String.IsNullOrEmpty(userInfo.Id))
{
return(userInfo);
}
else
{
throw new NoUserIdException();
}
}
public static async Task <UserInfo> SignInAsync(ClientInfo clientInfo)
{
var clientSecrets = new ClientSecrets
{
ClientId = clientInfo.ClientId,
ClientSecret = clientInfo.ClientSecret
};
var credentials = await GoogleWebAuthorizationBroker.AuthorizeAsync(
clientSecrets,
new[] { DriveService.Scope.Drive, Oauth2Service.Scope.UserinfoEmail },
Guid.NewGuid().ToString(), CancellationToken.None, new FileDataStore(clientInfo.AppName));
var oauthService = new Oauth2Service(new BaseClientService.Initializer
{
HttpClientInitializer = credentials,
ApplicationName = clientInfo.AppName
});
var userInfo = await oauthService.Userinfo.Get().ExecuteAsync();
return(new UserInfo
{
Email = userInfo.Email,
Name = userInfo.Name,
UserId = credentials.UserId
});
}
/// <summary>
/// Verifies the token against the client ID.
/// </summary>
/// <param name="authState">The credential to verify.</param>
/// <returns>The user ID that is associated with this token.</returns>
static public String VerifyToken(IAuthorizationState authState)
{
// Use Tokeninfo to validate the user and the client.
var tokeninfo_request = new Oauth2Service().Tokeninfo();
tokeninfo_request.Access_token = authState.AccessToken;
var tokeninfo = tokeninfo_request.Fetch();
if (tokeninfo == null)
{
throw new TokenVerificationException("Error while fetching tokeninfo");
}
// Verify the first part of the token for authorization. On mobile clients,
// the full string might differ, but the first part is consistent.
Regex matcher = new Regex("(\\d+)(.*).apps.googleusercontent.com$");
if (matcher.Match(tokeninfo.Issued_to).Groups[1].Value !=
matcher.Match(CLIENT_ID).Groups[1].Value)
{
throw new TokenVerificationException("Issuer other than current client.");
}
return(tokeninfo.User_id);
}
public string GetAccountNameFromToken(IAuthorizationState token)
{
var client = GetNativeApplicationClient();
var oauth2Service = new Oauth2Service(new OAuth2Authenticator <NativeApplicationClient>(client, authProvider => token));
return(oauth2Service.Userinfo.Get().Fetch().Email);
}
public async Task <IActionResult> GoogleAuthentication(string code)
{
var request = new AuthorizationCodeTokenRequest
{
Code = code,
ClientSecret = _googleAuthOptions.ClientSecret,
ClientId = _googleAuthOptions.ClientId,
GrantType = "authorization_code",
RedirectUri = "http://localhost:3000"
};
var httpClient = new HttpClient
{
BaseAddress = new Uri("https://www.googleapis.com/oauth2/v4/")
};
var tokenResponse = await request.ExecuteAsync(httpClient, "token", CancellationToken.None, SystemClock.Default);
var credentials = GoogleCredential.FromAccessToken(tokenResponse.AccessToken);
var initializer = new BaseClientService.Initializer
{
HttpClientInitializer = credentials
};
var userInfoService = new Oauth2Service(initializer);
var userInfo = await userInfoService.Userinfo.Get().ExecuteAsync();
await _usersService.CreateUserAsync(new UserCreationDto
{
Email = userInfo.Email,
Password = "******", //TODO: Add password generator
IsFromExternalService = true,
Name = userInfo.Email
});
return(Ok());
}
public async void login()
{
UserCredential credential;
using (var stream = new FileStream("client_secrets.json", FileMode.Open, FileAccess.Read))
{
credential = await GoogleWebAuthorizationBroker.AuthorizeAsync(
GoogleClientSecrets.Load(stream).Secrets,
new[] { Google.Apis.Oauth2.v2.Oauth2Service.Scope.UserinfoProfile, Google.Apis.Oauth2.v2.Oauth2Service.Scope.UserinfoEmail },
"user", CancellationToken.None);
}
// Create the service.
var service = new Oauth2Service(new BaseClientService.Initializer()
{
HttpClientInitializer = credential,
ApplicationName = "Organize-Me",
});
var userInfo = await service.Userinfo.Get().ExecuteAsync();
f.txt_SignUpEmail.Text = userInfo.Email;
f.FirstName = userInfo.GivenName;
f.LastName = userInfo.FamilyName;
await credential.RevokeTokenAsync(CancellationToken.None);
f.bunifuPages1.SetPage(1);
}
private async Task Run()
{
UserCredential credential;
string CLIENTSECRETS_LOCATION = "c:\\client_secrets.json";
using (var stream = new FileStream(CLIENTSECRETS_LOCATION, FileMode.Open, FileAccess.Read))
{
credential = await GoogleWebAuthorizationBroker.AuthorizeAsync(
GoogleClientSecrets.Load(stream).Secrets,
new[] { Oauth2Service.Scope.UserinfoEmail }, Environment.UserName, CancellationToken.None);
}
/*
* string clientId = "YOUR_CLIENT_ID";
* string clientSecret = "YOUR_CLIENT_SECRET";
* credential = await GoogleWebAuthorizationBroker.AuthorizeAsync(new ClientSecrets { ClientId = clientId, ClientSecret = clientSecret },
* new[] { Oauth2Service.Scope.UserinfoEmail }, Environment.UserName, CancellationToken.None);
* Console.WriteLine("Credential file saved at: " + Environment.GetFolderPath(Environment.SpecialFolder.ApplicationData));
*/
var service = new Oauth2Service(new BaseClientService.Initializer()
{
HttpClientInitializer = credential,
ApplicationName = "Oauth2 Sample",
});
Console.WriteLine(service.Userinfo.Get().Execute().Email);
}
public Service(BotUserCredential userCredential, BaseClientService.Initializer initializer, string userAccess)
{
UserCredential = userCredential;
GmailService = new GmailService(initializer);
Oauth2Service = new Oauth2Service(initializer);
UserAccess = userAccess;
}
public string OAuth2(string code)
{
//generate new developer key to use within Gmail Chrome Extension
var developerKey = Utility.Strings.Generate.NewId(10);
//generate new userId for Google Credentials
var credentialUserId = Utility.Strings.Generate.NewId(10);
try
{
//authenticate Google OAuth 2.0 via server-side
var oauthService = new Oauth2Service(new BaseClientInitializer(credentialUserId, code));
var googleUser = oauthService.Userinfo.Get().Execute();
//check if user is in the database
var user = Query.Users.GetByEmail(googleUser.Email);
var userId = 0;
if (user != null)
{
//user exists
userId = user.userId;
if (user.googleUserId == "")
{
Query.Users.UpdateGoogleUserId(userId, googleUser.Id);
}
//update Google Credentials userId
Query.Users.UpdateCredentialUserId(userId, credentialUserId);
}
else
{
//create new user
userId = Query.Users.CreateUser(new Query.Models.User()
{
email = googleUser.Email,
name = googleUser.Name != null && googleUser.Name != "" ? googleUser.Name : googleUser.Email.Split('@')[0],
gender = googleUser.Gender == "male",
locale = googleUser.Locale,
credentialUserId = credentialUserId,
googleUserId = googleUser.Id
});
}
//update developer key
Query.DeveloperKeys.Update(userId, developerKey);
//log API request
Common.Log.Api(context, Query.Models.LogApi.Names.GoogleOAuth2, userId);
return(Serializer.WriteObjectToString(new { devkey = developerKey, userId }));
}
catch (Exception)
{
//log API call
Common.Log.Api(context, Query.Models.LogApi.Names.GoogleOAuth2, 0, null, null, false);
return(Error("incorrect Google Sign-In code"));
}
}
/// <summary>
/// Token request object initilization to retreive user information
/// </summary>
/// <param name="accessToken"></param>
/// <returns></returns>
public object GetTokenInfo(string accessToken)
{
Oauth2Service.TokeninfoRequest tokeninfoRequest = new Oauth2Service().Tokeninfo();
Google.Apis.Discovery.Parameter accessType = new Google.Apis.Discovery.Parameter {
DefaultValue = GoogleReqestParameters.offline.ToString(), Name = GoogleReqestParameters.access_type.ToString()
};
tokeninfoRequest.RequestParameters.Add("AccessType", accessType);
tokeninfoRequest.AccessToken = accessToken;
Tokeninfo tokeninfo = tokeninfoRequest.Execute();
return(tokeninfo);
}
public Oauth2Service GetOauth2Service()
{
var service = new Oauth2Service(
new BaseClientService.Initializer()
{
HttpClientInitializer = _authorizationCodeApp.Credential,
ApplicationName = _applicationName
}
);
return(service);
}
public static void Main(string[] args)
{
var accessToken =
"ya29.GlvTBZnj-NGxW28OIE4jOjEsIQJh2XgxSsuDioj3VapUYeiT_D7TT6zwePEbOhLQ_dO0QlkRh5l_WX7fWm7oTnS75RWEk5OGN45tvheYwWyt0v0jexUSTO0bbETF";
var credentials = GoogleCredential.FromAccessToken(
accessToken);
var service = new Oauth2Service(new BaseClientService.Initializer
{
HttpClientInitializer = credentials
});
var user = service.Userinfo.V2.Me.Get().Execute();
}
private async Task Run()
{
//ComputeCredential credentials = new ComputeCredential(new ComputeCredential.Initializer());
GoogleCredential credential = await GoogleCredential.GetApplicationDefaultAsync();
if (credential.IsCreateScopedRequired)
credential = credential.CreateScoped(new string[] { Oauth2Service.Scope.UserinfoEmail });
var service = new Oauth2Service(new BaseClientService.Initializer()
{
HttpClientInitializer = credential,
ApplicationName = "Oauth2 Sample",
});
Console.WriteLine(service.Userinfo.Get().Execute().Email);
}
private Oauth2Service CreateUserInfoService(string userEmail)
{
var auth = GetAuthenticator(userEmail);
// Create the service.
var service = new Oauth2Service(new BaseClientService.Initializer()
{
Authenticator = auth
});
//cache it in session
return(service);
}
/// <summary>
/// Pulls the authenticated user's information from Google and uses that to update OAuth2Base.currentAuthInfo.
/// </summary>
/// <remarks>Requires that Authentication has taken place and filled out asyncUserCredential first.</remarks>
public static void SetAuthenticatedUserInfo()
{
using (Oauth2Service oService = new Oauth2Service(new BaseClientService.Initializer()
{
HttpClientInitializer = asyncUserCredential,
ApplicationName = _appName,
}))
{
Userinfoplus userInfoPlus = oService.Userinfo.Get().Execute();
_currentAuthInfo.userName = Utils.GetUserFromEmail(userInfoPlus.Email);
_currentAuthInfo.domain = userInfoPlus.Hd;
}
}
public Tokeninfo GetTokenDetails(TokenResponse token)
{
var oauthService = new Oauth2Service(new Google.Apis.Services.BaseClientService.Initializer());
var tokenInfoRequest = oauthService.Tokeninfo();
tokenInfoRequest.AccessToken = token.AccessToken;
var tokenInfo = tokenInfoRequest.Execute();
Console.WriteLine("Email: {0}", tokenInfo.Email);
Console.WriteLine("Refresh Token: {0}", tokenInfo.UserId);
return(tokenInfo);
}
/// <summary>
/// Send a request to the UserInfo API to retrieve the user's information.
/// </summary>
/// <param name="credentials">OAuth 2.0 credentials to authorize the request.</param>
/// <returns>User's information.</returns>
/// <exception cref="NoUserIdException">An error occurred.</exception>
public static Userinfo GetUserInfo(IAuthenticator credentials)
{
Oauth2Service userInfoService = new Oauth2Service(credentials);
Userinfo userInfo = null;
try {
userInfo = userInfoService.Userinfo.Get().Fetch();
} catch (GoogleApiRequestException e) {
Console.WriteLine("An error occurred: " + e.Message);
}
if (userInfo != null && !String.IsNullOrEmpty(userInfo.Id)) {
return userInfo;
} else {
throw new NoUserIdException();
}
}
public async static Task Run()
{
string CRED_PATH = new Factory.FileFactory().GetFolder() + @"\api_key\My First Project-ca909aeb1219.json";
Environment.SetEnvironmentVariable("GOOGLE_APPLICATION_CREDENTIALS", CRED_PATH);
GoogleCredential credential = await GoogleCredential.GetApplicationDefaultAsync();
var service = new Oauth2Service(new BaseClientService.Initializer()
{
HttpClientInitializer = credential,
ApplicationName = "Oauth2 Sample",
}
);
}
public ActionResult SignInWithGoogle(string code)
{
// Use the code exchange flow to get an access and refresh token.
IAuthorizationCodeFlow flow =
new GoogleAuthorizationCodeFlow(new GoogleAuthorizationCodeFlow.Initializer
{
ClientSecrets = GetClientConfiguration().Secrets,
Scopes = new[] { Oauth2Service.Scope.PlusLogin, Oauth2Service.Scope.UserinfoProfile, Oauth2Service.Scope.UserinfoEmail }
});
var response = flow.ExchangeCodeForTokenAsync("", code, "postmessage", CancellationToken.None).Result; // response.accessToken now should be populated
var credential = new UserCredential(flow, "me", response);
var oauthSerivce = new Oauth2Service(new BaseClientService.Initializer
{
HttpClientInitializer = credential,
ApplicationName = "Grid Intranet"
});
var userInfo = oauthSerivce.Userinfo.Get().Execute();
var user = _userRepository.GetBy(u => u.Username == userInfo.Email, "AccessRule,Person");
if (user == null)
{
return(Json(false));
}
if (user.AccessRule == null)
{
return(Json(false));
}
if (!user.AccessRule.IsApproved)
{
return(Json(false));
}
// Everything is fine.
RecordLoginSucceeded(user);
return(Json(true));
}
/// <summary>
/// Is token expired or not
/// </summary>
/// <param name="accessToken"></param>
/// <returns></returns>
public bool IsTokenExpired(string accessToken)
{
Tokeninfo tokeninfo = null;
Oauth2Service.TokeninfoRequest tokeninfoRequest = new Oauth2Service().Tokeninfo();
Google.Apis.Discovery.Parameter accessType = new Google.Apis.Discovery.Parameter {
DefaultValue = GoogleReqestParameters.offline.ToString(), Name = GoogleReqestParameters.access_type.ToString()
};
tokeninfoRequest.RequestParameters.Add("AccessType", accessType);
tokeninfoRequest.AccessToken = accessToken;
try
{
tokeninfo = tokeninfoRequest.Execute();
}
catch (Exception)
{
// ignored
}
return(tokeninfo == null);
}
private async Task AuthenticateAsync()
{
if (_service != null)
return;
_credential = await GoogleWebAuthorizationBroker.AuthorizeAsync(
new Uri("ms-appx:///Assets/client_secrets.json"),
new[] { Oauth2Service.Scope.UserinfoEmail },
"user",
CancellationToken.None);
var initializer = new BaseClientService.Initializer()
{
HttpClientInitializer = _credential,
ApplicationName = "GoogleLogin",
};
_service = new Oauth2Service(initializer);
}
private async Task Run()
{
/*
* string CREDENTIAL_FILE_PKCS12 = "c:\\your_pkcs_cert.p12";
* string serviceAccountEmail = "*****@*****.**";
* var certificate = new X509Certificate2(CREDENTIAL_FILE_PKCS12, "notasecret", X509KeyStorageFlags.Exportable);
* ServiceAccountCredential credential = new ServiceAccountCredential(
* new ServiceAccountCredential.Initializer(serviceAccountEmail)
* {
* Scopes = new[] { Oauth2Service.Scope.UserinfoEmail }
* }.FromCertificate(certificate));
*/
// a) for google apis:
//string CREDENTIAL_FILE_JSON = "C:\\your_json_cert.json";
//Environment.SetEnvironmentVariable("GOOGLE_APPLICATION_CREDENTIALS", CREDENTIAL_FILE_JSON);
//GoogleCredential credential = await GoogleCredential.GetApplicationDefaultAsync();
if (credential.IsCreateScopedRequired)
{
credential = credential.CreateScoped(new string[] { Oauth2Service.Scope.UserinfoEmail });
}
var service = new Oauth2Service(new BaseClientService.Initializer()
{
HttpClientInitializer = credential,
ApplicationName = "Oauth2 Sample",
});
Console.WriteLine(service.Userinfo.Get().Execute().Email);
// b) For Google Cloud APIs:
var client = StorageClient.Create();
foreach (var obj in client.ListObjects("your_project", ""))
{
Console.WriteLine(obj.Name);
}
}
public async Task <ActionResult> ConnectCallBack(AuthorizationCodeResponseUrl authorizationCode,
CancellationToken taskCancellationToken)
{
try
{
var userId = CurrentUser.StringId;
var returnUrl = Request.Url.ToString();
returnUrl = returnUrl.Substring(0, returnUrl.IndexOf("?"));
var token =
await
AppFlow.Flow.ExchangeCodeForTokenAsync(userId, authorizationCode.Code, returnUrl,
taskCancellationToken);
var api = new Oauth2Service(new BaseClientService.Initializer()
{
HttpClientInitializer = new UserCredential(AppFlow.Flow, userId, token)
});
var userInfo = api.Userinfo.Get().Execute();
CurrentUser.GoogleDriveAccount = new GoogleDriveAccount
{
ConnectingDate = DateTime.UtcNow,
Enabled = true,
AccessToken = token.AccessToken,
RefreshToken = token.RefreshToken,
Issued = token.Issued,
Scope = token.Scope,
TokenType = token.TokenType,
ExpiresInSeconds = token.ExpiresInSeconds,
AccountName = userInfo.Name
};
UnitOfWork.Commit();
}
catch
{
ModelState.AddModelError("", "Can't connect to Google Drive.");
}
return(RedirectToAction <UserController>(c => c.Index()));
}
private async Task <ActionResult> UpdateDatabase(CancellationToken cancellationToken)
{
var result = await new AuthorizationCodeMvcApp(this, new AppFlowMetadata()).
AuthorizeAsync(cancellationToken);
if (result.Credential != null)
{
var serviceInitializer = new BaseClientService.Initializer
{
HttpClientInitializer = result.Credential,
ApplicationName = "AssistMe"
};
userConfig.GoogleAccessToken = result.Credential.Token.AccessToken;
Session["UserConfig"] = userConfig;
var service = new DriveService(serviceInitializer);
var oauthService = new Oauth2Service(serviceInitializer);
HttpContext.Session["DriveService"] = service;
HttpContext.Session["Oauth2Service"] = oauthService;
var gDriveHelper = new GDriveHelper();
gDriveHelper.InitBaseSystem();
if (log.IsDebugEnabled)
{
log.DebugFormat("Base init completed for user: {0}", userConfig.User_Id);
}
//var data = await result.Credential.RefreshTokenAsync(cancellationToken);
//ViewBag.Message = // "FILE COUNT IS: " + list.Items.Count();
return(RedirectToAction("Index", "Home"));
}
else
{
return(new RedirectResult(result.RedirectUri));
}
}
private void getUserInfo()
{
bool result = true;
if (credential == null)
{
result = GoogleConnect();
}
if (result == false || credential == null)
{
return;
}
Oauth2Service service = new Oauth2Service(
new BaseClientService.Initializer()
{
HttpClientInitializer = credential,
ApplicationName = AppDomain.CurrentDomain.FriendlyName,
});
userInfo = service.Userinfo.Get().Execute();
}
public async Task<ActionResult> Login(CancellationToken cancellationToken)
{
var result = await new AuthorizationCodeMvcApp(this, new AppFlowMetadata()).AuthorizeAsync(cancellationToken);
if (result.Credential != null)
{
var service = new Oauth2Service(new BaseClientService.Initializer
{
HttpClientInitializer = result.Credential,
ApplicationName = this.ApplicationName
});
var response = await service.Userinfo.Get().ExecuteAsync();
this.Session["UserInfo"] = response;
return RedirectToAction("Index", "Home");
}
else
{
return new RedirectResult(result.RedirectUri);
}
}
/// <summary>
/// Verifies the token against the client ID.
/// </summary>
/// <param name="authState">The credential to verify.</param>
/// <returns>The user ID that is associated with this token.</returns>
public static String VerifyToken(IAuthorizationState authState)
{
// Use Tokeninfo to validate the user and the client.
var tokeninfo_request = new Oauth2Service().Tokeninfo();
tokeninfo_request.Access_token = authState.AccessToken;
var tokeninfo = tokeninfo_request.Fetch();
if (tokeninfo == null)
{
throw new TokenVerificationException("Error while fetching tokeninfo");
}
// Verify the first part of the token for authorization. On mobile clients,
// the full string might differ, but the first part is consistent.
Regex matcher = new Regex("(\\d+)(.*).apps.googleusercontent.com$");
if (matcher.Match(tokeninfo.Issued_to).Groups[1].Value !=
matcher.Match(CLIENT_ID).Groups[1].Value)
{
throw new TokenVerificationException("Issuer other than current client.");
}
return tokeninfo.User_id;
}
private async Task Run()
{
UserCredential credential;
string CLIENTSECRETS_LOCATION = "c:\\client_secrets.json";
using (var stream = new FileStream(CLIENTSECRETS_LOCATION, FileMode.Open, FileAccess.Read))
{
credential = await GoogleWebAuthorizationBroker.AuthorizeAsync(
GoogleClientSecrets.Load(stream).Secrets,
new[] { Oauth2Service.Scope.UserinfoEmail }, Environment.UserName, CancellationToken.None);
}
/*
string clientId = "YOUR_CLIENT_ID";
string clientSecret = "YOUR_CLIENT_SECRET";
credential = await GoogleWebAuthorizationBroker.AuthorizeAsync(new ClientSecrets { ClientId = clientId, ClientSecret = clientSecret },
new[] { Oauth2Service.Scope.UserinfoEmail }, Environment.UserName, CancellationToken.None);
Console.WriteLine("Credential file saved at: " + Environment.GetFolderPath(Environment.SpecialFolder.ApplicationData));
*/
var service = new Oauth2Service(new BaseClientService.Initializer()
{
HttpClientInitializer = credential,
ApplicationName = "Oauth2 Sample",
});
Console.WriteLine(service.Userinfo.Get().Execute().Email);
}
private async Task Run()
{
//ComputeCredential credentials = new ComputeCredential(new ComputeCredential.Initializer());
GoogleCredential credential = await GoogleCredential.GetApplicationDefaultAsync();
if (credential.IsCreateScopedRequired)
{
credential = credential.CreateScoped(new string[] { Oauth2Service.Scope.UserinfoEmail });
}
var service = new Oauth2Service(new BaseClientService.Initializer()
{
HttpClientInitializer = credential,
ApplicationName = "Oauth2 Sample",
});
Console.WriteLine(service.Userinfo.Get().Execute().Email);
var client = StorageClient.Create();
foreach (var obj in client.ListObjects("your_project", ""))
{
Console.WriteLine(obj.Name);
}
}
/// <summary>
/// Send a request to the UserInfo API to retrieve the user's information.
/// </summary>
/// <param name="credentials">OAuth 2.0 credentials to authorize the request.</param>
/// <returns>User's information.</returns>
/// <exception cref="NoUserIdException">An error occurred.</exception>
static Userinfo GetUserInfo(IAuthorizationState credentials)
{
Oauth2Service userInfoService = new Oauth2Service(GetAuthenticatorFromState(credentials));
Userinfo userInfo = null;
try
{
userInfo = userInfoService.Userinfo.Get().Fetch();
}
catch (GoogleApiRequestException e)
{
Console.WriteLine("An error occurred: " + e.Message);
}
if (userInfo != null && !String.IsNullOrEmpty(userInfo.Id))
{
return userInfo;
}
else
{
throw new NoUserIdException();
}
}
/// <summary>
/// Processes the request based on the path.
/// </summary>
/// <param name="context">Contains the request and response.</param>
public void ProcessRequest(HttpContext context)
{
// Get the code from the request POST body.
string accessToken = context.Request.Params["access_token"];
string idToken = context.Request.Params["id_token"];
// Validate the ID token
if (idToken != null)
{
JWTSecurityToken token = new JWTSecurityToken(idToken);
JWTSecurityTokenHandler jwt = new JWTSecurityTokenHandler();
// Configure validation
Byte[][] certBytes = getCertBytes();
for (int i = 0; i < certBytes.Length; i++)
{
X509Certificate2 certificate = new X509Certificate2(certBytes[i]);
X509SecurityToken certToken = new X509SecurityToken(certificate);
// Set up token validation
TokenValidationParameters tvp = new TokenValidationParameters();
tvp.AllowedAudience = CLIENT_ID;
tvp.SigningToken = certToken;
tvp.ValidIssuer = "accounts.google.com";
// Enable / disable tests
tvp.ValidateNotBefore = false;
tvp.ValidateExpiration = true;
tvp.ValidateSignature = true;
tvp.ValidateIssuer = true;
// Account for clock skew. Look at current time when getting the message
// "The token is expired" in try/catch block.
// This is relative to GMT, for example, GMT-8 is:
tvp.ClockSkewInSeconds = 3600 * 13;
try
{
// Validate using the provider
ClaimsPrincipal cp = jwt.ValidateToken(token, tvp);
if (cp != null)
{
its.valid = true;
its.message = "Valid ID Token.";
}
}
catch (Exception e)
{
// Multiple certificates are tested.
if (its.valid != true)
{
its.message = "Invalid ID Token.";
}
if (e.Message.IndexOf("The token is expired") > 0)
{
// TODO: Check current time in the exception for clock skew.
}
}
}
// Get the Google+ id for this user from the "sub" claim.
Claim[] claims = token.Claims.ToArray<Claim>();
for (int i = 0; i < claims.Length; i++)
{
if (claims[i].Type.Equals("sub"))
{
its.gplus_id = claims[i].Value;
}
}
}
// Use Tokeninfo to validate the user and the client.
var tokeninfo_request = new Oauth2Service().Tokeninfo();
tokeninfo_request.Access_token = accessToken;
// Use Google as a trusted provider to validate the token.
// Invalid values, including expired tokens, return 400
Tokeninfo tokeninfo = null;
try
{
tokeninfo = tokeninfo_request.Fetch();
if (tokeninfo.Issued_to != CLIENT_ID){
ats.message = "Access Token not meant for this app.";
}else{
ats.valid = true;
ats.message = "Valid Access Token.";
ats.gplus_id = tokeninfo.User_id;
}
}
catch (Exception stve)
{
ats.message = "Invalid Access Token.";
}
// Use the wrapper to return JSON
token_status_wrapper tsr = new token_status_wrapper();
tsr.id_token_status = its;
tsr.access_token_status = ats;
context.Response.StatusCode = 200;
context.Response.ContentType = "text/json";
context.Response.Write(JsonConvert.SerializeObject(tsr));
}
/// <summary>
/// Processes the request based on the path.
/// </summary>
/// <param name="context">Contains the request and response.</param>
public void ProcessRequest(HttpContext context)
{
// Redirect base path to signin.
if (context.Request.Path.Equals("/"))
{
context.Response.RedirectPermanent("signin.ashx");
}
// This is reached when the root document is passed. Return HTML
// using index.html as a template.
if (context.Request.Path.Equals("/signin.ashx"))
{
String state = (String)context.Session["state"];
// Store a random string in the session for verifying
// the responses in our OAuth2 flow.
if (state == null)
{
Random random = new Random((int)DateTime.Now.Ticks);
StringBuilder builder = new StringBuilder();
for (int i = 0; i < 13; i++)
{
builder.Append(Convert.ToChar(
Convert.ToInt32(Math.Floor(
26 * random.NextDouble() + 65))));
}
state = builder.ToString();
context.Session["state"] = state;
}
// Render the templated HTML.
String templatedHTML = File.ReadAllText(
context.Server.MapPath("index.html"));
templatedHTML = Regex.Replace(templatedHTML,
"[{]{2}\\s*APPLICATION_NAME\\s*[}]{2}", APP_NAME);
templatedHTML = Regex.Replace(templatedHTML,
"[{]{2}\\s*CLIENT_ID\\s*[}]{2}", CLIENT_ID);
templatedHTML = Regex.Replace(templatedHTML,
"[{]{2}\\s*STATE\\s*[}]{2}", state);
context.Response.ContentType = "text/html";
context.Response.Write(templatedHTML);
return;
}
if (context.Session["authState"] == null)
{
// The connect action exchanges a code from the sign-in button,
// verifies it, and creates OAuth2 credentials.
if (context.Request.Path.Contains("/connect"))
{
// Get the code from the request POST body.
StreamReader sr = new StreamReader(
context.Request.InputStream);
string code = sr.ReadToEnd();
string state = context.Request["state"];
string userid = context.Request["gplus_id"];
// Test that the request state matches the session state.
if (!state.Equals(context.Session["state"]))
{
context.Response.StatusCode = 401;
return;
}
// Manually perform the OAuth2 flow for now.
var authObject = ManualCodeExchanger.ExchangeCode(code);
// Create an authorization state from the returned token.
_authState = CreateState(
authObject.access_token, authObject.refresh_token,
DateTime.UtcNow,
DateTime.UtcNow.AddSeconds(authObject.expires_in));
// Use Tokeninfo to validate the user and the client.
var tokeninfo_request = new Oauth2Service().Tokeninfo();
tokeninfo_request.Access_token = _authState.AccessToken;
var tokeninfo = tokeninfo_request.Fetch();
if (userid == tokeninfo.User_id
&& tokeninfo.Issued_to == CLIENT_ID)
{
context.Session["authState"] = _authState;
}
else
{
// The credentials did not match.
context.Response.StatusCode = 401;
return;
}
}
else
{
// No cached state and we are not connecting.
context.Response.StatusCode = 400;
return;
}
}
else
{
// Register the authenticator and construct the Plus service
// for performing API calls on behalf of the user.
_authState =
(IAuthorizationState)context.Session["authState"];
AuthorizationServerDescription description =
GoogleAuthenticationServer.Description;
var provider = new WebServerClient(description);
provider.ClientIdentifier = CLIENT_ID;
provider.ClientSecret = CLIENT_SECRET;
var authenticator =
new OAuth2Authenticator<WebServerClient>(
provider,
GetAuthorization)
{
NoCaching = true
};
ps = new PlusService(authenticator);
}
// Perform an authenticated API request to retrieve the list of
// people that the user has made visible to the app.
if (context.Request.Path.Contains("/people"))
{
// Get the PeopleFeed for the currently authenticated user.
PeopleFeed pf = ps.People.List("me", PeopleResource.CollectionEnum.Visible).Fetch();
// This JSON, representing the people feed, will later be
// parsed by the JavaScript client.
string jsonContent =
Newtonsoft.Json.JsonConvert.SerializeObject(pf);
context.Response.ContentType = "application/json";
context.Response.Write(jsonContent);
return;
}
// Disconnect the user from the application by revoking the tokens
// and removing all locally stored data associated with the user.
if (context.Request.Path.Contains("/disconnect"))
{
// Perform a get request to the token endpoint to revoke the
// refresh token.
_authState =
(IAuthorizationState)context.Session["authState"];
string token = (_authState.RefreshToken != null) ?
_authState.RefreshToken : _authState.AccessToken;
WebRequest request = WebRequest.Create(
"https://accounts.google.com/o/oauth2/revoke?token=" +
token);
WebResponse response = request.GetResponse();
// Remove the cached credentials.
context.Session["authState"] = null;
// You could reset the state in the session but you must also
// reset the state on the client.
// context.Session["state"] = null;
context.Response.Write(
response.GetResponseStream().ToString().ToCharArray());
return;
}
}
/// <summary>
/// Processes the request based on the path.
/// </summary>
/// <param name="context">Contains the request and response.</param>
public void ProcessRequest(HttpContext context)
{
// Get the code from the request POST body.
string accessToken = context.Request.Params["access_token"];
string idToken = context.Request.Params["id_token"];
// Validate the ID token
if (idToken != null)
{
JwtSecurityToken token = new JwtSecurityToken(idToken);
JwtSecurityTokenHandler jsth = new JwtSecurityTokenHandler();
// Configure validation
Byte[][] certBytes = getCertBytes();
Dictionary<String, X509Certificate2> certificates = new Dictionary<String, X509Certificate2>();
for (int i = 0; i < certBytes.Length; i++)
{
X509Certificate2 certificate = new X509Certificate2(certBytes[i]);
certificates.Add(certificate.Thumbprint, certificate);
}
{
// Set up token validation
TokenValidationParameters tvp = new TokenValidationParameters()
{
ValidateActor = false, // check the profile ID
ValidateAudience = (CLIENT_ID != "YOUR_VALID_CLIENT_ID"), // check the client ID
ValidAudience = CLIENT_ID,
ValidateIssuer = true, // check token came from Google
ValidIssuer = "accounts.google.com",
ValidateIssuerSigningKey = true,
RequireSignedTokens = true,
CertificateValidator = X509CertificateValidator.None,
IssuerSigningKeyResolver = (s, securityToken, identifier, parameters) =>
{
return identifier.Select(x =>
{
// TODO: Consider returning null here if you have case sensitive JWTs.
/*if (!certificates.ContainsKey(x.Id))
{
return new X509SecurityKey(certificates[x.Id]);
}*/
if (certificates.ContainsKey(x.Id.ToUpper()))
{
return new X509SecurityKey(certificates[x.Id.ToUpper()]);
}
return null;
}).First(x => x != null);
},
ValidateLifetime = true,
RequireExpirationTime = true,
ClockSkew = TimeSpan.FromHours(13)
};
try
{
// Validate using the provider
SecurityToken validatedToken;
ClaimsPrincipal cp = jsth.ValidateToken(idToken, tvp, out validatedToken);
if (cp != null)
{
its.valid = true;
its.message = "Valid ID Token.";
}
}
catch (Exception e)
{
// Multiple certificates are tested.
if (its.valid != true)
{
its.message = "Invalid ID Token.";
}
if (e.Message.IndexOf("The token is expired") > 0)
{
// TODO: Check current time in the exception for clock skew.
}
}
}
// Get the Google+ id for this user from the "sub" claim.
Claim[] claims = token.Claims.ToArray<Claim>();
for (int i = 0; i < claims.Length; i++)
{
if (claims[i].Type.Equals("sub"))
{
its.gplus_id = claims[i].Value;
}
}
}
// Use Tokeninfo to validate the user and the client.
var tokeninfo_request = new Oauth2Service().Tokeninfo();
tokeninfo_request.AccessToken = accessToken;
// Use Google as a trusted provider to validate the token.
// Invalid values, including expired tokens, return 400
Tokeninfo tokeninfo = null;
try
{
tokeninfo = tokeninfo_request.Execute();
if (tokeninfo.IssuedTo != CLIENT_ID)
{
ats.message = "Access Token not meant for this app.";
}
else
{
ats.valid = true;
ats.message = "Valid Access Token.";
ats.gplus_id = tokeninfo.UserId;
}
}
catch (Exception stve)
{
ats.message = "Invalid Access Token: " + stve.Message;
}
// Use the wrapper to return JSON
token_status_wrapper tsr = new token_status_wrapper();
tsr.id_token_status = its;
tsr.access_token_status = ats;
context.Response.StatusCode = 200;
context.Response.ContentType = "text/json";
context.Response.Write(JsonConvert.SerializeObject(tsr));
}
/// <summary>
/// Processes the request based on the path.
/// </summary>
/// <param name="context">Contains the request and response.</param>
public void ProcessRequest(HttpContext context)
{
// Redirect base path to signin.
if (context.Request.Path.EndsWith("/"))
{
context.Response.RedirectPermanent("signin.ashx");
}
// This is reached when the root document is passed. Return HTML
// using index.html as a template.
if (context.Request.Path.EndsWith("/signin.ashx"))
{
String state = (String)context.Session["state"];
// Store a random string in the session for verifying
// the responses in our OAuth2 flow.
if (state == null)
{
Random random = new Random((int)DateTime.Now.Ticks);
StringBuilder builder = new StringBuilder();
for (int i = 0; i < 13; i++)
{
builder.Append(Convert.ToChar(
Convert.ToInt32(Math.Floor(
26 * random.NextDouble() + 65))));
}
state = builder.ToString();
context.Session["state"] = state;
}
// Render the templated HTML.
String templatedHTML = File.ReadAllText(
context.Server.MapPath("index.html"));
templatedHTML = Regex.Replace(templatedHTML,
"[{]{2}\\s*APPLICATION_NAME\\s*[}]{2}", APP_NAME);
templatedHTML = Regex.Replace(templatedHTML,
"[{]{2}\\s*CLIENT_ID\\s*[}]{2}", secrets.ClientId);
templatedHTML = Regex.Replace(templatedHTML,
"[{]{2}\\s*STATE\\s*[}]{2}", state);
context.Response.ContentType = "text/html";
context.Response.Write(templatedHTML);
return;
}
if (context.Session["authState"] == null)
{
// The connect action exchanges a code from the sign-in button,
// verifies it, and creates OAuth2 credentials.
if (context.Request.Path.Contains("/connect"))
{
// Get the code from the request POST body.
StreamReader sr = new StreamReader(
context.Request.InputStream);
string code = sr.ReadToEnd();
string state = context.Request["state"];
// Test that the request state matches the session state.
if (!state.Equals(context.Session["state"]))
{
context.Response.StatusCode = 401;
return;
}
// Use the code exchange flow to get an access and refresh token.
IAuthorizationCodeFlow flow =
new GoogleAuthorizationCodeFlow(new GoogleAuthorizationCodeFlow.Initializer
{
ClientSecrets = secrets,
Scopes = SCOPES
});
token = flow.ExchangeCodeForTokenAsync("", code, "postmessage",
CancellationToken.None).Result;
// Create an authorization state from the returned token.
context.Session["authState"] = token;
// Get tokeninfo for the access token if you want to verify.
Oauth2Service service = new Oauth2Service(
new Google.Apis.Services.BaseClientService.Initializer());
Oauth2Service.TokeninfoRequest request = service.Tokeninfo();
request.AccessToken = token.AccessToken;
Tokeninfo info = request.Execute();
string gplus_id = info.UserId;
}
else
{
// No cached state and we are not connecting.
context.Response.StatusCode = 400;
return;
}
}
else if (context.Request.Path.Contains("/connect"))
{
// The user is already connected and credentials are cached.
context.Response.ContentType = "application/json";
context.Response.StatusCode = 200;
context.Response.Write(JsonConvert.SerializeObject("Current user is already connected."));
return;
}
else
{
// Register the authenticator and construct the Plus service
// for performing API calls on behalf of the user.
token = (TokenResponse)context.Session["authState"];
IAuthorizationCodeFlow flow =
new GoogleAuthorizationCodeFlow(new GoogleAuthorizationCodeFlow.Initializer
{
ClientSecrets = secrets,
Scopes = SCOPES
});
UserCredential credential = new UserCredential(flow, "me", token);
bool success = credential.RefreshTokenAsync(CancellationToken.None).Result;
token = credential.Token;
ps = new PlusService(
new Google.Apis.Services.BaseClientService.Initializer()
{
ApplicationName = ".NET Quickstart",
HttpClientInitializer = credential
});
}
// Perform an authenticated API request to retrieve the list of
// people that the user has made visible to the app.
if (context.Request.Path.Contains("/people"))
{
// Get the PeopleFeed for the currently authenticated user.
PeopleFeed pf = ps.People.List("me",
PeopleResource.ListRequest.CollectionEnum.Visible).Execute();
// This JSON, representing the people feed, will later be
// parsed by the JavaScript client.
string jsonContent =
Newtonsoft.Json.JsonConvert.SerializeObject(pf);
context.Response.ContentType = "application/json";
context.Response.Write(jsonContent);
return;
}
// Disconnect the user from the application by revoking the tokens
// and removing all locally stored data associated with the user.
if (context.Request.Path.Contains("/disconnect"))
{
// Perform a get request to the token endpoint to revoke the
// refresh token.
token = (TokenResponse)context.Session["authState"];
string tokenToRevoke = (token.RefreshToken != null) ?
token.RefreshToken : token.AccessToken;
WebRequest request = WebRequest.Create(
"https://accounts.google.com/o/oauth2/revoke?token=" +
tokenToRevoke);
WebResponse response = request.GetResponse();
// Remove the cached credentials.
context.Session["authState"] = null;
// You could reset the state in the session but you must also
// reset the state on the client.
// context.Session["state"] = null;
context.Response.Write(
response.GetResponseStream().ToString().ToCharArray());
return;
}
}
public string GetAccountNameFromToken(IAuthorizationState token)
{
var client = GetNativeApplicationClient();
var oauth2Service = new Oauth2Service(new OAuth2Authenticator<NativeApplicationClient>(client, authProvider => token));
return oauth2Service.Userinfo.Get().Fetch().Email;
}
public static Userinfo GetUserInfo(IAuthenticator credentials)
{
Oauth2Service userInfoService = new Oauth2Service(new BaseClientService.Initializer() { Authenticator = credentials });
Userinfo userInfo = null;
string err = "";
try
{
userInfo = userInfoService.Userinfo.Get().Fetch();
}
catch (GoogleApiRequestException e)
{
err = "An error occurred: " + e.Message;
Console.WriteLine(err);
}
if (userInfo != null && !String.IsNullOrEmpty(userInfo.Id))
{
return userInfo;
}
else
{
throw new Exception(err);
}
}
