/// <summary> /// Stores a new request token obtained over an OpenID request. /// </summary> /// <param name="consumerKey">The consumer key.</param> /// <param name="authorization">The authorization message carrying the request token and authorized access scope.</param> /// <remarks> /// <para>The token secret is the empty string.</para> /// <para>Tokens stored by this method should be short-lived to mitigate /// possible security threats. Their lifetime should be sufficient for the /// relying party to receive the positive authentication assertion and immediately /// send a follow-up request for the access token.</para> /// </remarks> public void StoreOpenIdAuthorizedRequestToken(string consumerKey, AuthorizationApprovedResponse authorization) { using (var db = new DbManager(_dbId)) { db.ExecuteNonQuery(new SqlInsert(TOKEN_TABLE, true).InColumnValue("token", authorization.RequestToken).InColumnValue("token_secret", String.Empty)); } }
public void AttachAuthorizationResponse(IHostProcessedRequest openIdAuthenticationRequest, string scope) { Requires.NotNull(openIdAuthenticationRequest, "openIdAuthenticationRequest"); RequiresEx.ValidState(this.TokenManager is ICombinedOpenIdProviderTokenManager); var openidTokenManager = this.TokenManager as ICombinedOpenIdProviderTokenManager; IOpenIdMessageExtension response; if (scope != null) { // Generate an authorized request token to return to the relying party. string consumerKey = openidTokenManager.GetConsumerKey(openIdAuthenticationRequest.Realm); var approvedResponse = new AuthorizationApprovedResponse { RequestToken = this.TokenGenerator.GenerateRequestToken(consumerKey), Scope = scope, }; openidTokenManager.StoreOpenIdAuthorizedRequestToken(consumerKey, approvedResponse); response = approvedResponse; } else { response = new AuthorizationDeclinedResponse(); } openIdAuthenticationRequest.AddResponseExtension(response); }
public void StoreOpenIdAuthorizedRequestToken(string consumerKey, AuthorizationApprovedResponse authorization) { this.requestTokens[authorization.RequestToken] = new InMemoryServiceProviderRequestToken { Token = authorization.RequestToken, Scope = authorization.Scope, ConsumerVersion = authorization.Version, }; }
protected void Page_Load(object sender, EventArgs e) { // This is what the NetSuite SuiteSignOn ConnectionPoint sends: // GET /administratorportal/SSO/sso_page.aspx?oauth_token=08046c1c166a7a6c47471857502d364b0d59415418156f15db22f76dcfe648&dc=001&env=SANDBOX // see the NetSuite SuiteSignOn doc about dc & env processing to build endpoints ServiceProviderDescription provider = GetServiceDescription(); // Set up OAuth with our keys and stuff string token = Request.Params["oauth_token"]; string consumerKey = "yourconsumerkey"; // this has to match what is defined on our NetSuite account - ConnectionPoint to CRMLink string sharedSecret = "yoursharedsecret"; // this has to match what is defined on our NetSuite account - ConnectionPoint to CRMLink - Careful - NO funny chars like '!' // I got this InMemoryTokenManager from another DotNetOpenAuth post in SO InMemoryTokenManager _tokenManager = new InMemoryTokenManager(consumerKey, sharedSecret); AuthorizationApprovedResponse authApprovedResponse = new AuthorizationApprovedResponse(); authApprovedResponse.RequestToken = token; _tokenManager.StoreOpenIdAuthorizedRequestToken(consumerKey, authApprovedResponse); WebConsumer consumer = new WebConsumer(provider, _tokenManager); // this is the SSO address in netsuite to use. Should be production or sandbox, based on the values of dc and env string uri = "https://system.sandbox.netsuite.com/app/common/integration/ssoapplistener.nl"; MessageReceivingEndpoint endpoint = new MessageReceivingEndpoint(uri, methods); WebRequest verifyRequest = consumer.PrepareAuthorizedRequest(endpoint, token ); HttpWebResponse responseData = verifyRequest.GetResponse() as HttpWebResponse; XDocument responseXml; responseXml = XDocument.Load(responseData.GetResponseStream()); // process the SSO values that come back from NetSuite in the XML They should look something // like the following: /* XML response should look like this: <?xml version="1.0" encoding="UTF-8"?> <outboundSso> <entityInfo> <ENTITYINTERNALID>987654</ENTITYINTERNALID> <ENTITYNAME>Fred</ENTITYNAME> <ENTITYEMAIL>[email protected]</ENTITYEMAIL> </entityInfo> </outboundSso> */ // If that data looks good, you can mark the user as logged in, and redirect to whatever // page (like SSOLandingPage.aspx) you want, which will be shown inside a frame on the NetSuite page. Response.Redirect("~/SSOLandingPage.aspx", false);
public void StoreOpenIdAuthorizedRequestToken(string consumerKey, AuthorizationApprovedResponse authorization) { this.tokensAndSecrets[authorization.RequestToken] = String.Empty; }
/// <summary> /// Stores a new request token obtained over an OpenID request. /// </summary> /// <param name="consumerKey">The consumer key.</param> /// <param name="authorization">The authorization message carrying the request token and authorized access scope.</param> /// <remarks> /// <para>The token secret is the empty string.</para> /// <para>Tokens stored by this method should be short-lived to mitigate /// possible security threats. Their lifetime should be sufficient for the /// relying party to receive the positive authentication assertion and immediately /// send a follow-up request for the access token.</para> /// </remarks> public void StoreOpenIdAuthorizedRequestToken(string consumerKey, AuthorizationApprovedResponse authorization) { log.Info("Storing openId auth request token " + authorization.RequestToken); this.tokensAndSecrets[authorization.RequestToken] = string.Empty; }
/// <summary> /// Stores a new request token obtained over an OpenID request. /// </summary> /// <param name="consumerKey">The consumer key.</param> /// <param name="authorization">The authorization message carrying the request token and authorized access scope.</param> /// <remarks> /// <para>The token secret is the empty string.</para> /// <para>Tokens stored by this method should be short-lived to mitigate /// possible security threats. Their lifetime should be sufficient for the /// relying party to receive the positive authentication assertion and immediately /// send a follow-up request for the access token.</para> /// </remarks> public void StoreOpenIdAuthorizedRequestToken(string consumerKey, AuthorizationApprovedResponse authorization) { _tokensAndSecrets[authorization.RequestToken] = String.Empty; }