public async Task <ITokenResponse> ExchangeCodeAsync(IIdxContext idxContext, CancellationToken cancellationToken = default)
{
var client = GetClient();
var payload = new Dictionary <string, string>();
payload.Add("interaction_code", GetInteractionCode());
payload.Add("grant_type", "interaction_code");
// Add PKCE params
payload.Add("code_verifier", idxContext.CodeVerifier);
payload.Add("client_id", client.Configuration.ClientId);
if (client.Configuration.IsConfidentialClient)
{
payload.Add("client_secret", client.Configuration.ClientSecret);
}
var headers = new Dictionary <string, string>();
headers.Add("Content-Type", HttpRequestContentBuilder.ContentTypeFormUrlEncoded);
var request = new HttpRequest
{
Uri = Href,
Payload = payload,
Headers = headers,
};
var httpVerb = (HttpVerb)Enum.Parse(typeof(HttpVerb), Method, true);
return(await client.SendAsync <TokenResponse>(request, httpVerb, cancellationToken).ConfigureAwait(false));
}
public static async Task <SignInWidgetConfiguration> StartWidgetSignInAsync(this HttpSessionStateBase session, IIdxClient idxClient, string state = null, CancellationToken cancellationToken = default)
{
IIdxContext idxContext = (IIdxContext)session[state];
SignInWidgetConfiguration signInWidgetConfiguration = new SignInWidgetConfiguration(idxClient.Configuration, idxContext);
if (idxContext == null)
{
WidgetSignInResponse widgetSignInResponse = await idxClient.StartWidgetSignInAsync(cancellationToken);
idxContext = widgetSignInResponse.IdxContext;
signInWidgetConfiguration = widgetSignInResponse.SignInWidgetConfiguration;
}
session[idxContext.State] = idxContext;
return(signInWidgetConfiguration);
}
/// <summary>
/// Initializes a new instance of the <see cref="SignInWidgetConfiguration"/> class.
/// </summary>
/// <param name="idxConfiguration">The IDX configuration.</param>
/// <param name="idxContext">The IDX context.</param>
/// <param name="version">The widget version to use.</param>
public SignInWidgetConfiguration(IdxConfiguration idxConfiguration, IIdxContext idxContext, string version = DefaultVersion)
{
this.UseInteractionCodeFlow = true;
this.Version = version ?? DefaultVersion;
this.BaseUrl = idxConfiguration?.Issuer?.Split(new string[] { "/oauth2" }, StringSplitOptions.RemoveEmptyEntries)[0];
this.ClientId = idxConfiguration?.ClientId;
this.RedirectUri = idxConfiguration?.RedirectUri;
this.AuthParams = new SignInWidgetAuthParams(idxConfiguration);
this.InteractionHandle = idxContext?.InteractionHandle;
this.State = idxContext?.State;
this.CodeChallenge = idxContext?.CodeChallenge;
this.CodeChallengeMethod = idxContext?.CodeChallengeMethod;
}
/// <summary>
/// This method is called by a 302 browser redirect back to the application from Okta after successful authentication to an external
/// identity provider.
/// </summary>
/// <param name="state">The state handle.</param>
/// <param name="interaction_code">The interaction code. This is the value that is exchanged for tokens.</param>
/// <param name="error">The error if an error occurred.</param>
/// <param name="error_description">The error description if an error occurred.</param>
/// <returns></returns>
public async Task <ActionResult> Callback(string state = null, string interaction_code = null, string error = null, string error_description = null)
{
try
{
IIdxContext idxContext = Session[state] as IIdxContext;
if ("interaction_required".Equals(error))
{
return(View("Error", new InteractionCodeErrorViewModel {
Error = error, ErrorDescription = "Multifactor Authentication and Social Identity Providers is not currently supported, Authentication failed."
}));
}
if (!string.IsNullOrEmpty(error))
{
return(View("Error", new InteractionCodeErrorViewModel {
Error = error, ErrorDescription = error_description
}));
}
if (string.IsNullOrEmpty(interaction_code))
{
return(View("Error", new InteractionCodeErrorViewModel {
Error = "null_interaction_code", ErrorDescription = "interaction_code was not specified"
}));
}
Okta.Idx.Sdk.TokenResponse tokens = await _idxClient.RedeemInteractionCodeAsync(idxContext, interaction_code);
ClaimsIdentity identity = await AuthenticationHelper.GetIdentityFromTokenResponseAsync(_idxClient.Configuration, tokens);
_authenticationManager.SignIn(new AuthenticationProperties {
IsPersistent = false
}, identity);
return(RedirectToAction("Index", "Home"));
}
catch (Exception ex)
{
return(View("Error", new InteractionCodeErrorViewModel {
Error = ex.GetType().Name, ErrorDescription = ex.Message
}));
}
}
