public MyOAuth2Authenticator(AssertionFlowClient tokenProvider, Func<AssertionFlowClient, IAuthorizationState> authProvider)
{
Utilities.ThrowIfNull(tokenProvider, "applicationName");
Utilities.ThrowIfNull(authProvider, "authProvider");
this.tokenProvider = tokenProvider;
this.authProvider = authProvider;
}
public JsonResult CheckAuth()
{
const string ServiceAccountId = "ServiceAccountId.apps.googleusercontent.com";
const string ServiceAccountUser = "******";
X509Certificate2 cert = new X509Certificate2();
try
{
cert =
new X509Certificate2(
System.Web.HttpContext.Current.Server.MapPath(
"~/Content/key/0eee0d919aaef70bbb5da23b192aede576577058-privatekey.p12"), "notasecret",
X509KeyStorageFlags.Exportable);
}
catch (Exception ex)
{
}
AssertionFlowClient client = new AssertionFlowClient(
GoogleAuthenticationServer.Description, cert)
{
Scope = Oauth2Service.Scopes.UserinfoProfile.GetStringValue(),
// AnalyticsService.Scopes.AnalyticsReadonly.GetStringValue(),
ServiceAccountId = ServiceAccountUser //Bug, why does ServiceAccountUser have to be assigned to ServiceAccountId
//,ServiceAccountUser = ServiceAccountUser
};
OAuth2Authenticator<AssertionFlowClient> authenticator = new OAuth2Authenticator<AssertionFlowClient>(client, AssertionFlowClient.GetState);
JsonResult results = Json(authenticator);
results.JsonRequestBehavior = JsonRequestBehavior.AllowGet;
return results;
}
public void SetUp()
{
client = new AssertionFlowClient(
GoogleAuthenticationServer.Description, new X509Certificate2(@"test-key.p12", "notasecret", X509KeyStorageFlags.Exportable)) {
Scope = Scope,
ServiceAccountId = ServiceAccountId
};
state = new AuthorizationState(client.Scope.Split(' '));
channel = new MockChannel() {
ResponseMessage = new AssertionFlowMessage(GoogleAuthenticationServer.Description)
};
}
/// <summary>
/// Helper method to retrieve the Authorization State from the
/// <see cref="Google.Apis.Authentication.OAuth2.OAuth2Authenticator"/> class.
/// </summary>
/// <returns>
/// The authorization state.
/// </returns>
/// <param name='provider'>
/// The provider to use to retrieve the authorization state.
/// </param>
public static IAuthorizationState GetState(AssertionFlowClient provider)
{
provider.Scope.ThrowIfNull("Scope");
IAuthorizationState state = new AuthorizationState(provider.Scope.Split(' '));
if (provider.RefreshToken(state, null))
{
return(state);
}
else
{
return(null);
}
}
private OAuth2Authenticator<AssertionFlowClient> CreateAuthenticator()
{
var certificate = new X509Certificate2(_connStringParts["CertificateFilePath"], _connStringParts["CertificatePassword"],
X509KeyStorageFlags.Exportable);
var provider = new AssertionFlowClient(GoogleAuthenticationServer.Description, certificate)
{
ServiceAccountId = _connStringParts["ServiceAccountId"],
Scope = "https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/datastore"
};
var authenticator = new OAuth2Authenticator<AssertionFlowClient>(provider, AssertionFlowClient.GetState);
return authenticator;
}
/// <summary>
/// Build a Drive service object authorized with the service account.
/// </summary>
/// <returns>Drive service object.</returns>
public static DriveService BuildService()
{
string p = HttpContext.Current.Server.MapPath(SERVICE_ACCOUNT_PKCS12_FILE_PATH);
bool b =System.IO.File.Exists(p);
X509Certificate2 certificate = new X509Certificate2(p, "notasecret",
X509KeyStorageFlags.Exportable);
var provider = new AssertionFlowClient(GoogleAuthenticationServer.Description, certificate)
{
ServiceAccountId = SERVICE_ACCOUNT_EMAIL,
Scope = DriveService.Scopes.Drive.GetStringValue(),
};
var auth = new OAuth2Authenticator<AssertionFlowClient>(provider, AssertionFlowClient.GetState);
return new DriveService(auth);
}
public IList<int> GetStats()
{
string scope = AnalyticsService.Scopes.AnalyticsReadonly.GetStringValue();
//UPDATE this to match your developer account address. Note, you also need to add this address
//as a user on your Google Analytics profile which you want to extract data from (this may take
//up to 15 mins to recognise)
string client_id = "*****@*****.**";
//UPDATE this to match the path to your certificate
string key_file = @"E:\path\to\cert.p12";
string key_pass = "******";
AuthorizationServerDescription desc = GoogleAuthenticationServer.Description;
X509Certificate2 key = new X509Certificate2(key_file, key_pass, X509KeyStorageFlags.Exportable);
AssertionFlowClient client =
new AssertionFlowClient(desc, key) { ServiceAccountId = client_id, Scope = scope };
OAuth2Authenticator<AssertionFlowClient> auth =
new OAuth2Authenticator<AssertionFlowClient>(client, AssertionFlowClient.GetState);
AnalyticsService gas = new AnalyticsService(new BaseClientService.Initializer() { Authenticator = auth });
//UPDATE the ga:nnnnnnnn string to match your profile Id from Google Analytics
DataResource.GaResource.GetRequest r =
gas.Data.Ga.Get("ga:nnnnnnnn", "2013-01-01", "2013-01-31", "ga:visitors");
r.Dimensions = "ga:pagePath";
r.Sort = "-ga:visitors";
r.MaxResults = 5;
GaData d = r.Execute();
IList<int> stats = new List<int>();
for (int y = 0; y < d.Rows.Count; y++)
{
stats.Add(Convert.ToInt32(d.Rows[y][1]));
}
return stats;
}
private static TaskqueueService BuildService(string accountId, string accountKeyFilePath)
{
X509Certificate2 certificate = new X509Certificate2(accountKeyFilePath, "notasecret",
X509KeyStorageFlags.Exportable);
var provider = new AssertionFlowClient(GoogleAuthenticationServer.Description, certificate)
{
ServiceAccountId = accountId,
Scope = TaskqueueService.Scopes.Taskqueue.GetStringValue()
};
// uses a custom authernticator to avoid an SDK token refresh bug...
var auth = new MyOAuth2Authenticator(provider, AssertionFlowClient.GetState);
return new TaskqueueService((new BaseClientService.Initializer()
{
Authenticator = auth
}));
}
public CalendarService CalendarService()
{
var certificate = new X509Certificate2(
_serviceAccountCertPath, "notasecret", X509KeyStorageFlags.Exportable);
var provider = new AssertionFlowClient(GoogleAuthenticationServer.Description, certificate)
{
ServiceAccountId = _serviceAccountEmail,
Scope = "https://www.googleapis.com/auth/calendar"
};
if (_serviceAccountUser != string.Empty)
{
provider.ServiceAccountUser = _serviceAccountUser;
}
var auth = new OAuth2Authenticator<AssertionFlowClient>(provider, AssertionFlowClient.GetState);
return new CalendarService((new BaseClientService.Initializer() { Authenticator = auth }));
}
public static IAuthenticator getCredentials(string scope)
{
const string ServiceAccountId = "SERVICEACCOUNTID.apps.googleusercontent.com";
const string ServiceAccountUser = "******";
try
{
AssertionFlowClient client = new AssertionFlowClient(
GoogleAuthenticationServer.Description,
new X509Certificate2(
HttpContext.Current.Server.MapPath(
"~/Content/key/0eee0d919aaef70bbb5da23b192aede576577058-privatekey.p12"), "notasecret",
X509KeyStorageFlags.Exportable))
{
Scope = scope,
// AnalyticsService.Scopes.AnalyticsReadonly.GetStringValue(),
ServiceAccountId = ServiceAccountUser
//Bug, why does ServiceAccountUser have to be assigned to ServiceAccountId
//,ServiceAccountUser = ServiceAccountUser
};
OAuth2Authenticator<AssertionFlowClient> authenticator = new OAuth2Authenticator<AssertionFlowClient>(client,
AssertionFlowClient
.GetState);
return authenticator;
}
catch (Exception ex)
{
log.Error("NOOOOOOO: " + ex.Message);
throw new Exception("AHHHHHHHHHHHHH");
}
// AnalyticsService service = new AnalyticsService(new BaseClientService.Initializer() { Authenticator = authenticator });
//string profileId = "ga:64968920";
//string startDate = "2010-10-01";
//string endDate = "2010-10-31";
//string metrics = "ga:visits";
//DataResource.GaResource.GetRequest request = service.Data.Ga.Get(profileId, startDate, endDate, metrics);
//request.Dimensions = "ga:date";
//GaData data = request.Fetch();
return null;
}
public DirectoryService DirectoryService()
{
var certificate = new X509Certificate2(
_serviceAccountCertPath, "notasecret", X509KeyStorageFlags.Exportable);
var scopes = Google.Apis.Admin.Directory.directory_v1.DirectoryService.Scopes.AdminDirectoryUser.GetStringValue() + @" " +
Google.Apis.Admin.Directory.directory_v1.DirectoryService.Scopes.AdminDirectoryGroup.GetStringValue() + @" " +
Google.Apis.Admin.Directory.directory_v1.DirectoryService.Scopes.AdminDirectoryOrgunit.GetStringValue() + @" " +
Google.Apis.Admin.Directory.directory_v1.DirectoryService.Scopes.AdminDirectoryDeviceChromeos.GetStringValue() + @" " +
Google.Apis.Admin.Directory.directory_v1.DirectoryService.Scopes.AdminDirectoryDeviceMobile.GetStringValue() + @" " +
Google.Apis.Admin.Directory.directory_v1.DirectoryService.Scopes.AdminDirectoryDeviceMobileAction.GetStringValue();
var provider = new AssertionFlowClient(GoogleAuthenticationServer.Description, certificate)
{
ServiceAccountId = _serviceAccountEmail,
Scope = @scopes
};
if (_serviceAccountUser != string.Empty)
{
provider.ServiceAccountUser = _serviceAccountUser;
}
var auth = new OAuth2Authenticator<AssertionFlowClient>(provider, AssertionFlowClient.GetState);
return new DirectoryService((new BaseClientService.Initializer() { Authenticator = auth }));
}
public GroupssettingsService GroupSettingsService()
{
var certificate = new X509Certificate2(
_serviceAccountCertPath, "notasecret", X509KeyStorageFlags.Exportable);
var provider = new AssertionFlowClient(GoogleAuthenticationServer.Description, certificate)
{
ServiceAccountId = _serviceAccountEmail,
Scope = GroupssettingsService.Scopes.AppsGroupsSettings.GetStringValue()
};
if (_serviceAccountUser != string.Empty)
{
provider.ServiceAccountUser = _serviceAccountUser;
}
var auth = new OAuth2Authenticator<AssertionFlowClient>(provider, AssertionFlowClient.GetState);
return new GroupssettingsService((new BaseClientService.Initializer() { Authenticator = auth }));
}
/// <summary>
/// Helper method to retrieve the Authorization State from the
/// <see cref="Google.Apis.Authentication.OAuth2.OAuth2Authenticator"/> class.
/// </summary>
/// <returns>
/// The authorization state.
/// </returns>
/// <param name='provider'>
/// The provider to use to retrieve the authorization state.
/// </param>
public static IAuthorizationState GetState(AssertionFlowClient provider)
{
provider.Scope.ThrowIfNull("Scope");
IAuthorizationState state = new AuthorizationState(provider.Scope.Split(' '));
if (provider.RefreshToken(state, null)) {
return state;
} else {
return null;
}
}
