/// <summary>
/// The entry point for all AuthProvider providers. Runs inside the AuthService so exceptions are treated normally.
/// Overridable so you can provide your own Auth implementation.
/// </summary>
/// <param name="authService"></param>
/// <param name="session"></param>
/// <param name="request"></param>
/// <returns></returns>
public override object Authenticate(IServiceBase authService, IAuthSession session, Authenticate request)
{
var tokens = Init(authService, ref session, request);
//Default OAuth logic based on Twitter's OAuth workflow
if (!tokens.RequestToken.IsNullOrEmpty() && !request.oauth_token.IsNullOrEmpty())
{
OAuthUtils.RequestToken = tokens.RequestToken;
OAuthUtils.RequestTokenSecret = tokens.RequestTokenSecret;
OAuthUtils.AuthorizationToken = request.oauth_token;
OAuthUtils.AuthorizationVerifier = request.oauth_verifier;
if (OAuthUtils.AcquireAccessToken())
{
session.IsAuthenticated = true;
tokens.AccessToken = OAuthUtils.AccessToken;
tokens.AccessTokenSecret = OAuthUtils.AccessTokenSecret;
return(OnAuthenticated(authService, session, tokens, OAuthUtils.AuthInfo)
?? authService.Redirect(SuccessRedirectUrlFilter(this, session.ReferrerUrl.SetParam("s", "1")))); //Haz Access
}
//No Joy :(
tokens.RequestToken = null;
tokens.RequestTokenSecret = null;
authService.SaveSession(session, SessionExpiry);
return(authService.Redirect(FailedRedirectUrlFilter(this, session.ReferrerUrl.SetParam("f", "AccessTokenFailed"))));
}
if (OAuthUtils.AcquireRequestToken())
{
tokens.RequestToken = OAuthUtils.RequestToken;
tokens.RequestTokenSecret = OAuthUtils.RequestTokenSecret;
authService.SaveSession(session, SessionExpiry);
//Redirect to OAuth provider to approve access
return(authService.Redirect(AccessTokenUrlFilter(this, this.AuthorizeUrl
.AddQueryParam("oauth_token", tokens.RequestToken)
.AddQueryParam("oauth_callback", session.ReferrerUrl))));
}
return(authService.Redirect(FailedRedirectUrlFilter(this, session.ReferrerUrl.SetParam("f", "RequestTokenFailed"))));
}
public override object Authenticate(IServiceBase authService, IAuthSession session, Authenticate request)
{
var tokens = Init(authService, ref session, request);
//Transferring AccessToken/Secret from Mobile/Desktop App to Server
if (request.AccessToken != null && request.AccessTokenSecret != null)
{
tokens.AccessToken = request.AccessToken;
tokens.AccessTokenSecret = request.AccessTokenSecret;
var validToken = AuthHttpGateway.VerifyTwitterAccessToken(
ConsumerKey, ConsumerSecret,
tokens.AccessToken, tokens.AccessTokenSecret,
out var userId,
out var email);
if (!validToken)
{
return(HttpError.Unauthorized("AccessToken is invalid"));
}
if (!string.IsNullOrEmpty(request.UserName) && userId != request.UserName)
{
return(HttpError.Unauthorized("AccessToken does not match UserId: " + request.UserName));
}
tokens.UserId = userId;
session.IsAuthenticated = true;
var failedResult = OnAuthenticated(authService, session, tokens, new Dictionary <string, string>());
var isHtml = authService.Request.IsHtml();
if (failedResult != null)
{
return(ConvertToClientError(failedResult, isHtml));
}
return(isHtml
? authService.Redirect(SuccessRedirectUrlFilter(this, session.ReferrerUrl.SetParam("s", "1")))
: null); //return default AuthenticateResponse
}
//Default OAuth logic based on Twitter's OAuth workflow
if (!tokens.RequestTokenSecret.IsNullOrEmpty() && !request.oauth_token.IsNullOrEmpty())
{
if (OAuthUtils.AcquireAccessToken(tokens.RequestTokenSecret, request.oauth_token, request.oauth_verifier))
{
session.IsAuthenticated = true;
tokens.AccessToken = OAuthUtils.AccessToken;
tokens.AccessTokenSecret = OAuthUtils.AccessTokenSecret;
return(OnAuthenticated(authService, session, tokens, OAuthUtils.AuthInfo)
?? authService.Redirect(SuccessRedirectUrlFilter(this, session.ReferrerUrl.SetParam("s", "1")))); //Haz Access
}
//No Joy :(
tokens.RequestToken = null;
tokens.RequestTokenSecret = null;
this.SaveSession(authService, session, SessionExpiry);
return(authService.Redirect(FailedRedirectUrlFilter(this, session.ReferrerUrl.SetParam("f", "AccessTokenFailed"))));
}
if (OAuthUtils.AcquireRequestToken())
{
tokens.RequestToken = OAuthUtils.RequestToken;
tokens.RequestTokenSecret = OAuthUtils.RequestTokenSecret;
this.SaveSession(authService, session, SessionExpiry);
//Redirect to OAuth provider to approve access
return(authService.Redirect(AccessTokenUrlFilter(this, this.AuthorizeUrl
.AddQueryParam("oauth_token", tokens.RequestToken)
.AddQueryParam("oauth_callback", session.ReferrerUrl)
.AddQueryParam(Keywords.State, session.Id) // doesn't support state param atm, but it's here when it does
)));
}
return(authService.Redirect(FailedRedirectUrlFilter(this, session.ReferrerUrl.SetParam("f", "RequestTokenFailed"))));
}
public override object Authenticate(IServiceBase authService, IAuthSession session, Authenticate request)
{
var tokens = Init(authService, ref session, request);
//Transfering AccessToken/Secret from Mobile/Desktop App to Server
if (request.AccessToken != null && request.AccessTokenSecret != null)
{
session.IsAuthenticated = true;
long userId;
if (request.UserName != null && long.TryParse(request.UserName, out userId))
{
tokens.UserId = userId.ToString();
}
tokens.AccessToken = request.AccessToken;
tokens.AccessTokenSecret = request.AccessTokenSecret;
var authResponse = OnAuthenticated(authService, session, tokens, new Dictionary <string, string>());
if (authResponse != null)
{
return(authResponse);
}
var isHtml = authService.Request.ResponseContentType.MatchesContentType(MimeTypes.Html);
return(isHtml
? authService.Redirect(SuccessRedirectUrlFilter(this, session.ReferrerUrl.SetParam("s", "1")))
: null); //return default AuthenticateResponse
}
//Default OAuth logic based on Twitter's OAuth workflow
if (!tokens.RequestToken.IsNullOrEmpty() && !request.oauth_token.IsNullOrEmpty())
{
OAuthUtils.RequestToken = tokens.RequestToken;
OAuthUtils.RequestTokenSecret = tokens.RequestTokenSecret;
OAuthUtils.AuthorizationToken = request.oauth_token;
OAuthUtils.AuthorizationVerifier = request.oauth_verifier;
if (OAuthUtils.AcquireAccessToken())
{
session.IsAuthenticated = true;
tokens.AccessToken = OAuthUtils.AccessToken;
tokens.AccessTokenSecret = OAuthUtils.AccessTokenSecret;
return(OnAuthenticated(authService, session, tokens, OAuthUtils.AuthInfo)
?? authService.Redirect(SuccessRedirectUrlFilter(this, session.ReferrerUrl.SetParam("s", "1")))); //Haz Access
}
//No Joy :(
tokens.RequestToken = null;
tokens.RequestTokenSecret = null;
this.SaveSession(authService, session, SessionExpiry);
return(authService.Redirect(FailedRedirectUrlFilter(this, session.ReferrerUrl.SetParam("f", "AccessTokenFailed"))));
}
if (OAuthUtils.AcquireRequestToken())
{
tokens.RequestToken = OAuthUtils.RequestToken;
tokens.RequestTokenSecret = OAuthUtils.RequestTokenSecret;
this.SaveSession(authService, session, SessionExpiry);
//Redirect to OAuth provider to approve access
return(authService.Redirect(AccessTokenUrlFilter(this, this.AuthorizeUrl
.AddQueryParam("oauth_token", tokens.RequestToken)
.AddQueryParam("oauth_callback", session.ReferrerUrl))));
}
return(authService.Redirect(FailedRedirectUrlFilter(this, session.ReferrerUrl.SetParam("f", "RequestTokenFailed"))));
}
