Example #1
0
        private async Task <object> GetAccessTokenAsync(OAuthOptions oAuthOptions,
                                                        Microsoft.IdentityModel.Tokens.JsonWebKey jsonWebKey)
        {
            var clientAssertion = CreateJwtClientAssertion(oAuthOptions, jsonWebKey);

            using (var httpClient = new HttpClient())
            {
                var parameters = new Dictionary <string, string>
                {
                    { "grant_type", "authorization_code" },
                    { "code", oAuthOptions.AuthorizationCode },
                    { "client_assertion", HttpUtility.UrlEncode(clientAssertion) },
                    { "client_assertion_type", ClientAssertionType },
                    { "scope", string.Join(SpaceSeparator, oAuthOptions.Scopes) },
                    { "redirect_uri", oAuthOptions.RedirectUri.AbsoluteUri }
                };

                var httpContent  = new FormUrlEncodedContent(parameters);
                var httpResponse = await httpClient.PostAsync(oAuthOptions.TokenEndpoint, httpContent);

                return(!httpResponse.IsSuccessStatusCode
                    ? (object)JsonConvert.DeserializeObject <ErrorResponse>(await httpResponse.Content.ReadAsStringAsync())
                    : JsonConvert.DeserializeObject <AuthorizationCodeFlowResponse>(await httpResponse.Content.ReadAsStringAsync()));
            }
        }
Example #2
0
 public AppHost(OAuthOptions oAuthOptions,
                IDataProvider dataProvider,
                IConfiguration configuration)
 {
     _oAuthOptions  = oAuthOptions ?? throw new ArgumentNullException(nameof(oAuthOptions));
     _dataProvider  = dataProvider ?? throw new ArgumentNullException(nameof(dataProvider));
     _configuration = configuration ?? throw new ArgumentNullException(nameof(configuration));
 }
Example #3
0
        private string CreateJwtClientAssertion(OAuthOptions oAuthOptions,
                                                Microsoft.IdentityModel.Tokens.JsonWebKey jwk)
        {
            var tokenHandler    = new JwtSecurityTokenHandler();
            var tokenDescriptor = new SecurityTokenDescriptor
            {
                Expires            = DateTime.UtcNow.AddMinutes(960),
                SigningCredentials = new SigningCredentials(jwk, SecurityAlgorithms.RsaSha256Signature),
                Subject            = new ClaimsIdentity(new List <Claim>
                {
                    new Claim("sub", oAuthOptions.ClientId.ToString()),
                    new Claim("iss", oAuthOptions.ClientId.ToString()),
                    new Claim("jti", Guid.NewGuid().ToString()),
                    new Claim("aud", oAuthOptions.TokenEndpoint.ToString())
                })
            };

            return(tokenHandler.WriteToken(tokenHandler.CreateJwtSecurityToken(tokenDescriptor)));
        }
Example #4
0
        private async Task <object> ExchangeRefreshTokenAsync(OAuthOptions oAuthOptions,
                                                              Microsoft.IdentityModel.Tokens.JsonWebKey jsonWebKey,
                                                              string refreshToken)
        {
            var clientAssertion = CreateJwtClientAssertion(oAuthOptions, jsonWebKey);

            using (var httpClient = new HttpClient())
            {
                var parameters = new Dictionary <string, string>
                {
                    { "grant_type", "refresh_token" },
                    { "refresh_token", refreshToken },
                    { "client_assertion", HttpUtility.UrlEncode(clientAssertion) },
                    { "client_assertion_type", ClientAssertionType }
                };

                var httpContent  = new FormUrlEncodedContent(parameters);
                var httpResponse = await httpClient.PostAsync(oAuthOptions.TokenEndpoint, httpContent);

                return(!httpResponse.IsSuccessStatusCode
                    ? (object)JsonConvert.DeserializeObject <ErrorResponse>(await httpResponse.Content.ReadAsStringAsync())
                    : JsonConvert.DeserializeObject <AuthorizationCodeFlowResponse>(await httpResponse.Content.ReadAsStringAsync()));
            }
        }