public static AuthenticationStep StartAuthentication(int client_id) { var number = new Random().Next(); var authLink = new UriBuilder( "https", "osu.ppy.sh", 443, "oauth/authorize", $"?client_id={client_id}&redirect_uri={_httpListeningUrl}&response_type=code&scope=public&state={number}" ).Uri; var stepResult = new AuthenticationStep { client_id = client_id, number = number, listener = new HttpListener(), Link = authLink.ToString(), }; stepResult.listener.Prefixes.Add(_httpListeningUrl); stepResult.listener.Start(); return(stepResult); }
public string GetNextAuthenticationStep(User user, int currentSecurityLevel, int requestedSecurityLevel, AuthenticationSteps step) { AuthenticationStep auth = new AuthenticationStep() { SecurityModeId = (int)step, UserId = user.Id, CreationDateTime = DateTime.Now }; _UnitOfWork.AuthenticationStepRepository.Add(auth); _UnitOfWork.Complete(); var nextStep = GetNextAuthenticationStep(user.UserName, user.Id, currentSecurityLevel, requestedSecurityLevel); return(nextStep); }
public static async Task <APIV2Token> FinalizeAuthenticationAsync(string client_secret, AuthenticationStep step) { var context = await step.listener.GetContextAsync(); var request = context.Request; var response = context.Response; string responseString = "<html><body>You may now close this tab, go back to the application</body></html>"; byte[] buffer = Encoding.UTF8.GetBytes(responseString); response.ContentLength64 = buffer.Length; Stream output = response.OutputStream; output.Write(buffer, 0, buffer.Length); output.Close(); var code = request.QueryString["code"]; var state = request.QueryString["state"]; if (state != step.number.ToString()) { throw new Exception("Got the wrong state from the authentication"); } using var http = new HttpClient { BaseAddress = new Uri("https://osu.ppy.sh") }; var httpRequest = new HttpRequestMessage(HttpMethod.Post, "/oauth/token"); var postParam = new Dictionary <string, string>() { { "client_id", "1950" }, { "client_secret", client_secret }, { "code", code }, { "grant_type", "authorization_code" }, { "redirect_uri", _httpListeningUrl } }; httpRequest.Content = new FormUrlEncodedContent(postParam); var httpResponse = await http.SendAsync(httpRequest); var stream = await httpResponse.Content.ReadAsStreamAsync(); using StreamReader sr = new StreamReader(stream); using JsonReader reader = new JsonTextReader(sr); var obj = await JToken.ReadFromAsync(reader); if (obj["token_type"].Value <string>() != "Bearer") { throw new Exception("Invalid token type"); } var token = new APIV2Token() { ExpiryDate = DateTime.Now.AddSeconds(obj["expires_in"].Value <int>()), AccessToken = obj["access_token"].Value <string>(), RefreshToken = obj["refresh_token"].Value <string>() }; return(token); }