public async Task <ITokenResponse> ExchangeCodeAsync(IIdxContext idxContext, CancellationToken cancellationToken = default) { var client = GetClient(); var payload = new Dictionary <string, string>(); payload.Add("interaction_code", GetInteractionCode()); payload.Add("grant_type", "interaction_code"); // Add PKCE params payload.Add("code_verifier", idxContext.CodeVerifier); payload.Add("client_id", client.Configuration.ClientId); if (client.Configuration.IsConfidentialClient) { payload.Add("client_secret", client.Configuration.ClientSecret); } var headers = new Dictionary <string, string>(); headers.Add("Content-Type", HttpRequestContentBuilder.ContentTypeFormUrlEncoded); var request = new HttpRequest { Uri = Href, Payload = payload, Headers = headers, }; var httpVerb = (HttpVerb)Enum.Parse(typeof(HttpVerb), Method, true); return(await client.SendAsync <TokenResponse>(request, httpVerb, cancellationToken).ConfigureAwait(false)); }
public static async Task <SignInWidgetConfiguration> StartWidgetSignInAsync(this HttpSessionStateBase session, IIdxClient idxClient, string state = null, CancellationToken cancellationToken = default) { IIdxContext idxContext = (IIdxContext)session[state]; SignInWidgetConfiguration signInWidgetConfiguration = new SignInWidgetConfiguration(idxClient.Configuration, idxContext); if (idxContext == null) { WidgetSignInResponse widgetSignInResponse = await idxClient.StartWidgetSignInAsync(cancellationToken); idxContext = widgetSignInResponse.IdxContext; signInWidgetConfiguration = widgetSignInResponse.SignInWidgetConfiguration; } session[idxContext.State] = idxContext; return(signInWidgetConfiguration); }
/// <summary> /// Initializes a new instance of the <see cref="SignInWidgetConfiguration"/> class. /// </summary> /// <param name="idxConfiguration">The IDX configuration.</param> /// <param name="idxContext">The IDX context.</param> /// <param name="version">The widget version to use.</param> public SignInWidgetConfiguration(IdxConfiguration idxConfiguration, IIdxContext idxContext, string version = DefaultVersion) { this.UseInteractionCodeFlow = true; this.Version = version ?? DefaultVersion; this.BaseUrl = idxConfiguration?.Issuer?.Split(new string[] { "/oauth2" }, StringSplitOptions.RemoveEmptyEntries)[0]; this.ClientId = idxConfiguration?.ClientId; this.RedirectUri = idxConfiguration?.RedirectUri; this.AuthParams = new SignInWidgetAuthParams(idxConfiguration); this.InteractionHandle = idxContext?.InteractionHandle; this.State = idxContext?.State; this.CodeChallenge = idxContext?.CodeChallenge; this.CodeChallengeMethod = idxContext?.CodeChallengeMethod; }
/// <summary> /// This method is called by a 302 browser redirect back to the application from Okta after successful authentication to an external /// identity provider. /// </summary> /// <param name="state">The state handle.</param> /// <param name="interaction_code">The interaction code. This is the value that is exchanged for tokens.</param> /// <param name="error">The error if an error occurred.</param> /// <param name="error_description">The error description if an error occurred.</param> /// <returns></returns> public async Task <ActionResult> Callback(string state = null, string interaction_code = null, string error = null, string error_description = null) { try { IIdxContext idxContext = Session[state] as IIdxContext; if ("interaction_required".Equals(error)) { return(View("Error", new InteractionCodeErrorViewModel { Error = error, ErrorDescription = "Multifactor Authentication and Social Identity Providers is not currently supported, Authentication failed." })); } if (!string.IsNullOrEmpty(error)) { return(View("Error", new InteractionCodeErrorViewModel { Error = error, ErrorDescription = error_description })); } if (string.IsNullOrEmpty(interaction_code)) { return(View("Error", new InteractionCodeErrorViewModel { Error = "null_interaction_code", ErrorDescription = "interaction_code was not specified" })); } Okta.Idx.Sdk.TokenResponse tokens = await _idxClient.RedeemInteractionCodeAsync(idxContext, interaction_code); ClaimsIdentity identity = await AuthenticationHelper.GetIdentityFromTokenResponseAsync(_idxClient.Configuration, tokens); _authenticationManager.SignIn(new AuthenticationProperties { IsPersistent = false }, identity); return(RedirectToAction("Index", "Home")); } catch (Exception ex) { return(View("Error", new InteractionCodeErrorViewModel { Error = ex.GetType().Name, ErrorDescription = ex.Message })); } }