Exemple #1
0
        public ActionResult Token(OpenIdConnectTokenRequest tokenRequest)
        {
            if (MvcApplication.codesGenerated.ContainsKey(tokenRequest.code) && (tokenRequest.grant_type == "authorization_code"))
            {
                if (!MvcApplication.codesGenerated[tokenRequest.code])
                {
                    //you used it, now you flag it
                    MvcApplication.codesGenerated[tokenRequest.code] = true;

                    string issuer   = Config.SERVER_ADDRESS;
                    string audience = MvcApplication.registeredAuthorizations.SingleOrDefault(x => x.Code == tokenRequest.code).ClientIdentifier;
                    //By decision, the signature will not be included
                    //byte[] signature = AlhambraJwtTokenManager.GenerateSymmetricKeyForHmacSha256();

                    string   subject  = User.Identity.Name;
                    DateTime issuedAt = DateTime.UtcNow;
                    DateTime expires  = DateTime.UtcNow.AddMinutes(2);

                    JWTSecurityToken jwt = AlhambraJwtTokenManager.GenerateJwtToken(issuer, subject, audience, expires);

                    string jwtReadyToBeSent = AlhambraJwtTokenManager.EncodeJWT(jwt);

                    OpenIdConnectToken token = new OpenIdConnectToken();

                    Guid newAccessToken  = Guid.NewGuid();
                    Guid newRefreshToken = Guid.NewGuid();

                    MvcApplication.tokensGenerated.Add(newAccessToken, newRefreshToken);

                    token.access_token = newAccessToken.ToString();

                    token.expires_in    = "120";
                    token.refresh_token = newRefreshToken.ToString();
                    token.id_token      = jwtReadyToBeSent;
                    token.token_type    = "Bearer";
                    string result = JsonConvert.SerializeObject(token);

                    return(Content(result, "application/json"));
                }
                else
                {
                    throw new HttpException((int)HttpStatusCode.Unauthorized, "This code has already been used");
                }
            }
            else
            {
                throw new HttpException((int)HttpStatusCode.BadRequest, "The request is not valid");
            }
        }
Exemple #2
0
        //  [Authorize]
        public ActionResult AlhambraCallback(AlhambraCallbackInput input)
        {
            //System.Web.HttpContext.Current.Application["Authorization"]  = (AuthorizationState) client.ProcessUserAuthorization(this.Request);
            //AuthorizationState auth = (AuthorizationState)client.ProcessUserAuthorization(this.Request);
            // System.Web.HttpContext.Current.Application["Authorization"] = auth;


            // CurrentAuthorizationState = auth;

            //string code = Request.QueryString["code"];
            //System.Web.HttpContext.Current.Application.Add("Code",Request.QueryString["code"]);

            //string accessToken = Request.QueryString["access_token"];
            //authorizationState = client.ProcessUserAuthorization(this.Request);


            var tokenInfoUrl = Config.SERVER_ADDRESS + "/OAuth2/Token";

            var httpClient = new HttpClient();

            string decodedNetworkCredentials = string.Format("{0}:{1}", ConfigurationManager.AppSettings["alhambraIdentifier"], ConfigurationManager.AppSettings["alhambraSecret"]);
            string encodedNetworkCredentials = Convert.ToBase64String(Encoding.ASCII.GetBytes(decodedNetworkCredentials));

            httpClient.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Basic", encodedNetworkCredentials);

            Dictionary <string, string> formVals = new Dictionary <string, string>();

            formVals.Add("grant_type", "authorization_code");
            formVals.Add("code", input.code);

            formVals.Add("redirect_uri", Config.CLIENT_ADDRESS + "/OpenIdConnect/AlhambraCallback");


            HttpRequestMessage postRequest = new HttpRequestMessage(HttpMethod.Post, tokenInfoUrl);

            postRequest.Content = new FormUrlEncodedContent(formVals);

            HttpResponseMessage postResponse = httpClient.SendAsync(postRequest).Result;



            //in the form of an actionresult instead of a function
            //because the httpclient provides the authorization header
            //by the time it performs the request

            //string tokenInfo = httpClient.GetAsync(tokenInfoUrl).Result.Content.ReadAsStringAsync().Result;

            // System.Web.HttpContext.Current.Application["Token"]= tokenInfo;


            //var tv = new AlhambraTokenValidator();
            //tv.ValidateToken(tokenInfo, "NATURE");

            // string userInfoUrl = CLIENT_ADDRESS + "/UserInfo";

            // OAuth2Graph userInfo = httpClient.GetAsync(userInfoUrl).Result.Content.ReadAsAsync<OAuth2Graph>().Result;


            // string userInfo = httpClient.GetAsync(userInfoUrl).Result.Content.ReadAsStringAsync().Result;

            // OAuth2Graph userinfo = client.GetUserInfo(auth.AccessToken);
            //string result = JsonConvert.SerializeObject(userinfo);


            OpenIdConnectToken result = postResponse.Content.ReadAsAsync <OpenIdConnectToken>().Result;

            JWTSecurityToken token = new JWTSecurityToken(result.id_token);


            string jwtDecoded = AlhambraJwtTokenManager.DecodeJWT(token);


            return(Content("access_token: " + result.access_token +
                           "<br/>refresh_token: " + result.refresh_token +
                           "<br/>expires_in: " + result.expires_in +
                           "<br/>id_token: " + result.id_token +
                           "<br/>issuer: " + token.Issuer +
                           "<br/>Audience: " + token.Audience +
                           "<br/>Valid From: " + token.ValidFrom.ToString("yyyy-MM-ddThh:mm:ssZ") +
                           "<br/>Valid To: " + token.ValidTo.ToString("yyyy-MM-ddThh:mm:ssZ")));
        }