protected AuthenticateResult HandleAuthenticateSync() { if (!Request.Headers.TryGetValue("Authorization", out var headerRow)) { return(AuthenticateResult.NoResult()); } if (!AuthenticationHeaderValue.TryParse(headerRow.ToString(), out var header)) { return(AuthenticateResult.NoResult()); } if (header.Scheme != "TelegramWidget") { return(AuthenticateResult.NoResult()); } byte[] infoInBase64; try { infoInBase64 = Convert.FromBase64String(header.Parameter); } catch { return(AuthenticateResult.Fail($"invalid base64 content")); } var jsonParam = Encoding.UTF8.GetString(infoInBase64); TelegramUserInfo userInfo; try { userInfo = JsonSerializer.Deserialize <TelegramUserInfo>(jsonParam); } catch { return(AuthenticateResult.Fail($"invalid json content in base64 string")); } var loginWidget = new LoginWidget(telegramBotOptions.Value.AccessToken) { AllowedTimeOffset = (long)TimeSpan.FromDays(10).TotalSeconds }; var userInfoAsDictionary = ReadUserInfoAsDictionary(userInfo); var authResult = loginWidget.CheckAuthorization(userInfoAsDictionary); if (authResult != Authorization.Valid) { return(AuthenticateResult.Fail($"Incorrect telegram info: {authResult}")); } var tgIdentity = TelegramWidgetClaimsIdentityGenerator.GetIdentityForUserInfo(userInfo); var internalPrincipal = internalClaimsIdentityGenerator.Generate(userInfo); var principal = new ClaimsPrincipal(new ClaimsIdentity[] { tgIdentity, internalPrincipal }); return(AuthenticateResult.Success(new AuthenticationTicket(principal, AuthenticationSchemeConstants.TelegramWidgetAuthenticationScheme))); }
public void Detect_MissingField_AuthDate() { Dictionary <string, string> fields = new Dictionary <string, string>() { { "id", string.Empty }, { "hash", string.Empty } }; Authorization authorizationResult = _loginWidget.CheckAuthorization(fields); Assert.Equal(Authorization.MissingFields, authorizationResult); }
public Authorization LinkAccount(TelegramAccount account) { if (!IsConnected) { Console.WriteLine("Not connected to Telegram."); return(Authorization.MissingFields); } LoginWidget widget = new LoginWidget(OTHubSettings.Instance.Telegram.BotKey); var dict = account.ToStringDictionary(); return(widget.CheckAuthorization(dict)); }
public void Real_Data_Valid() { LoginWidget loginWidget = new LoginWidget(LoginWidgetTestsFixture.RealLifeDataTests_Token) { AllowedTimeOffset = int.MaxValue }; foreach (SortedDictionary <string, string> testData in LoginWidgetTestsFixture.RealLifeDataTests) { Authorization authorizationResult = loginWidget.CheckAuthorization(testData); Assert.Equal(Authorization.Valid, authorizationResult); } }
protected override async Task <HandleRequestResult> HandleRemoteAuthenticateAsync() { TelegramOAuthHandler telegramOAuthHandler = this; LoginWidget loginWidget = new LoginWidget(telegramOAuthHandler.Options.ClientSecret); Dictionary <string, string> parameters = telegramOAuthHandler.Context.Request.Query.Keys.ToDictionary(k => k, v => telegramOAuthHandler.Context.Request.Query[v].FirstOrDefault()); Authorization authorized = loginWidget.CheckAuthorization(parameters); if (authorized != Authorization.Valid) { return(HandleRequestResult.Fail($"Authorization state: {authorized}")); } TelegramUser telegramUser = new TelegramUser(parameters[Fields.Id]); ClaimsIdentity identity = new ClaimsIdentity(new[] { new Claim("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier", telegramUser.Id, "http://www.w3.org/2001/XMLSchema#string", telegramOAuthHandler.ClaimsIssuer), //new Claim("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name", telegramUser.Username,"http://www.w3.org/2001/XMLSchema#string", telegramOAuthHandler.ClaimsIssuer) }, telegramOAuthHandler.ClaimsIssuer); AuthenticationProperties authenticationProperties = null; var cookie = Request.Cookies["__Telegram"]; if (string.IsNullOrEmpty(cookie)) { return(HandleRequestResult.Fail("State cookie not present")); } authenticationProperties = telegramOAuthHandler.Options.StateDataFormat.Unprotect(cookie); if (authenticationProperties == null) { return(HandleRequestResult.Fail("Authentication properties null")); } JObject user = JObject.FromObject(telegramUser); Response.Cookies.Delete("__Telegram"); return(HandleRequestResult.Success(await telegramOAuthHandler.CreateTicketAsync(identity, authenticationProperties, OAuthTokenResponse.Success(user)))); }
public async Task <IActionResult> LoginCallback(int id, string first_name, string username, string photo_url, string auth_date, string hash) { Dictionary <string, string> fields = new Dictionary <string, string>() { { "id", id.ToString() }, { "first_name", first_name }, { "username", username }, { "photo_url", photo_url }, { "auth_date", auth_date }, { "hash", hash } }; var loginWidget = new LoginWidget(AppSettingsProvider.BotApiKey); try { if (loginWidget.CheckAuthorization(fields) == Authorization.Valid) { var aspnetuser = await _appUsersManagerService.GetUserAsync(fields["username"], long.Parse(fields["id"])); _appUsersManagerService.Update_Photourl(aspnetuser.TelegramId, fields["photo_url"]); //sign the user and go to home await _signInManager.SignInAsync(aspnetuser, isPersistent : false); } } catch (Exception ex) { var log = new Log(); log.LogMessage(ex.Message + " " + ex.StackTrace + " " + ex.InnerException); _appdb.Logger.Add(log); _appdb.SaveChangesAsync().Wait(); } return(RedirectToAction("Index", "Home")); }