public static async Task <HttpResponseMessage> Run([HttpTrigger(AuthorizationLevel.Anonymous, "get", "post", Route = null)] HttpRequestMessage req, TraceWriter log)
        {
            var     OktaDomain   = "https://dev-583903.oktapreview.com";
            var     OktaApiToken = "00fWkOjwwg9xiFd-Xfgm_ePATIRxVj850Iblbb1DS_";
            Session session      = null;
            User    user         = null;

            //get username
            string publicKey = req.GetQueryNameValuePairs()
                               .FirstOrDefault(q => string.Compare(q.Key, "user", true) == 0)
                               .Value;

            if (publicKey == null)
            {
                req.CreateResponse <AuthResponse>(new AuthResponse()
                {
                    WasSuccessful = false, Message = "Must pass `user` as a query string parameter"
                });
            }

            //get password
            string privateKey = req.GetQueryNameValuePairs()
                                .FirstOrDefault(q => string.Compare(q.Key, "password", true) == 0)
                                .Value;

            if (privateKey == null)
            {
                req.CreateResponse <AuthResponse>(new AuthResponse()
                {
                    WasSuccessful = false, Message = "Must pass `password` as a query string parameter"
                });
            }

            //generate URL for service call using your configured Okta Domain
            string url = string.Format("{0}/api/v1/authn", OktaDomain);

            //build the package we're going to send to Okta
            var data = new OktaAuthenticationRequest()
            {
                username = publicKey, password = privateKey
            };

            //serialize input as json
            var json = new StringContent(JsonConvert.SerializeObject(data), Encoding.UTF8, "application/json");

            //create HttpClient to communicate with Okta's web service
            using (HttpClient client = new HttpClient())
            {
                //Set the API key
                client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("SSWS", OktaApiToken);

                //Post the json data to Okta's web service
                using (HttpResponseMessage res = await client.PostAsync(url, json))

                    //Get the response from the server
                    using (HttpContent content = res.Content)
                    {
                        //get json string from the response
                        var responseJson = await content.ReadAsStringAsync();

                        //deserialize json into complex object
                        dynamic responseObj = JsonConvert.DeserializeObject(responseJson);

                        //determine if the returned status is success
                        if (responseObj.status == "SUCCESS")
                        {
                            //get session data
                            session = new Session()
                            {
                                Token     = responseObj.sessionToken,
                                ExpiresAt = responseObj.expiresAt
                            };

                            //get user data
                            user = new User()
                            {
                                Id        = responseObj._embedded.user.id,
                                Login     = responseObj._embedded.user.login,
                                Locale    = responseObj._embedded.user.locale,
                                TimeZone  = responseObj._embedded.user.timeZone,
                                FirstName = responseObj._embedded.user.firstName,
                                LastName  = responseObj._embedded.user.lastName
                            };
                        }
                    }
            }

            //response
            var wasSuccess = session != null && user != null;

            return(req.CreateResponse <AuthResponse>(new AuthResponse()
            {
                WasSuccessful = wasSuccess,
                Message = wasSuccess ? "Success" : "Invalid username and password",
                Session = session,
                User = user
            }));
        }
Example #2
0
        public async Task <IActionResult> Run([HttpTrigger(AuthorizationLevel.Anonymous, "get", "post", Route = null)] HttpRequest req, ILogger log)
        {
            Session session = null;
            User    user    = null;

            //get username
            string publicKey  = req.Query["user"];
            string privateKey = req.Query["password"];

            var     requestBody = await new StreamReader(req.Body).ReadToEndAsync();
            dynamic body        = JsonConvert.DeserializeObject(requestBody);

            publicKey ??= body?.user;
            privateKey ??= body?.password;

            if (publicKey == null)
            {
                return(new OkObjectResult(new AuthResponse()
                {
                    WasSuccessful = false, Message = "Must pass `user` as a query string parameter or in the body"
                }));
            }



            if (privateKey == null)
            {
                return(new OkObjectResult(new AuthResponse()
                {
                    WasSuccessful = false, Message = "Must pass `password` as a query string parameter or in the body"
                }));
            }

            //generate URL for service call using your configured Okta Domain
            string url = string.Format("{0}/api/v1/authn", _oktaOptions.Domain);

            //build the package we're going to send to Okta
            var data = new OktaAuthenticationRequest()
            {
                username = publicKey, password = privateKey
            };

            //serialize input as json
            var json = new StringContent(JsonConvert.SerializeObject(data), Encoding.UTF8, "application/json");

            //create HttpClient to communicate with Okta's web service
            //Set the API key
            _httpClient.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("SSWS", _oktaOptions.ApiToken);

            //Post the json data to Okta's web service
            using HttpResponseMessage res = await _httpClient.PostAsync(url, json);

            //Get the response from the server
            using HttpContent content = res.Content;

            //get json string from the response
            var responseJson = await content.ReadAsStringAsync();

            //deserialize json into complex object
            dynamic responseObj = JsonConvert.DeserializeObject(responseJson);

            //determine if the returned status is success
            if (responseObj.status == "SUCCESS")
            {
                //get session data
                session = new Session()
                {
                    Token     = responseObj.sessionToken,
                    ExpiresAt = responseObj.expiresAt
                };

                //get user data
                user = new User()
                {
                    Id              = responseObj._embedded.user.id,
                    Login           = responseObj._embedded.user.profile.login,
                    Locale          = responseObj._embedded.user.profile.locale,
                    TimeZone        = responseObj._embedded.user.profile.timeZone,
                    FirstName       = responseObj._embedded.user.profile.firstName,
                    LastName        = responseObj._embedded.user.profile.lastName,
                    PasswordChanged = responseObj._embedded.user.passwordChanged
                };
            }


            //response
            var wasSuccess = session != null && user != null;

            return(new OkObjectResult(new AuthResponse()
            {
                WasSuccessful = wasSuccess,
                Message = wasSuccess ? "Success" : "Invalid username and password",
                Session = session,
                User = user
            }));
        }