Exemple #1
0
        public IdentityTokenResponse PostJSONToken(IdentityTokenRequest token)
        {
            IdentityTokenResponse response = new IdentityTokenResponse();

            try
            {
                IdentityToken identityToken = null;

                using (DecodedJsonToken decodedToken = JsonTokenDecoder.Decode(token))
                {
                    if (decodedToken.IsValid)
                    {
                        identityToken = new IdentityToken(token, decodedToken.Audience, decodedToken.AuthMetadataUri);
                    }
                }

                response.token = identityToken;
            }
            catch (Exception ex)
            {
                response.errorMessage = ex.Message;
            }

            return(response);
        }
Exemple #2
0
        public async Task <HttpResponseMessage> Validate([FromBody] IdentityTokenRequest token)
        {
            //validate the identity token passed from the client
            IdentityTokenResponse response = new IdentityTokenResponse();

            try
            {
                //decode and validate the token passed in
                IdentityToken identityToken = null;
                using (DecodedJsonToken decodedToken = JsonTokenDecoder.Decode(token))
                {
                    if (decodedToken.IsValid)
                    {
                        identityToken = new IdentityToken(token, decodedToken.Audience, decodedToken.AuthMetadataUri);
                    }
                }
                response.token = identityToken;

                //now that the key is validated, we can perform a lookup against DocDB for it's hased value (combination of metadata document URL with the Exchange identifier)
                if (identityToken != null)
                {
                    //the token is valid...check if user is valid (has valid refresh token)
                    response.validToken = true;
                    string hash = ComputeSHA256Hash(response.token.uniqueID, response.token.amurl, Salt);
                    response.user = DocumentDBRepository <UserModel> .GetItem("Users", i => i.hash == hash);

                    if (response.user != null)
                    {
                        //check for and validate the refresh token
                        if (!String.IsNullOrEmpty(response.user.refresh_token))
                        {
                            var graphToken = await TokenHelper.GetAccessTokenWithRefreshToken(response.user.refresh_token, SettingsHelper.O365UnifiedAPIResourceId);

                            if (graphToken != null)
                            {
                                //TODO: get the user details against AAD Graph
                                response.validUser = true;
                            }
                        }
                    }
                    else
                    {
                        //the user doesn't exist, so we can add a placeholder record in the data store...TODO: get more data on user????
                        response.user = new UserModel()
                        {
                            id = Guid.NewGuid().ToString().ToLower(), hash = hash
                        };
                        await DocumentDBRepository <UserModel> .CreateItemAsync("Users", response.user);
                    }
                }
                else
                {
                    //this was an invalid token!!!!
                }
            }
            catch (Exception ex)
            {
                response.errorMessage = ex.Message;
            }

            return(Request.CreateResponse <IdentityTokenResponse>(HttpStatusCode.OK, response));
        }