public static async Task LogoutSessionAsync(Configuration config, MASDevice device, MASUser user)
{
var url = config.GetEndpointPath(config.OAuth.SystemEndpoints.UserSessionLogout);
HttpUrlBuilder builder = new HttpUrlBuilder();
builder.Add("logout_apps", config.Mag.MobileSdk.IsSSOEnabled ? "true" : "false");
builder.Add("id_token", user.IdToken);
builder.Add("id_token_type", user.IdTokenType);
var headers = new Dictionary <string, string>
{
{ HttpHeaders.Authorization, device.AuthHeaderValue },
{ HttpHeaders.Accept, HttpContentTypes.Json },
{ "mag-identifier", device.MagId },
{ HttpHeaders.ContentType, HttpContentTypes.UrlEncoded }
};
await HttpRequestFactory.RequestAsync <HttpResponseBaseData>(new HttpRequestInfo()
{
Method = HttpMethod.POST,
Headers = headers,
Url = url,
Body = builder.ToString()
});
}
public async Task <string> GenerateCSRAsync(Configuration config, MASDevice device, string username)
{
#region Bouncy castle CSR generation
return(await Task.Run(() =>
{
X509Name subject = new X509Name(string.Format("cn={0}, ou={1}, dc={2}, o={3}", username, device.Id, device.Name, config.OAuth.Client.Organization));
var keyGenerationParameters = new KeyGenerationParameters(_random, config.Mag.MobileSdk.ClientCertRsaKeybits);
var keyPairGenerator = new RsaKeyPairGenerator();
keyPairGenerator.Init(keyGenerationParameters);
var subjectKeyPair = keyPairGenerator.GenerateKeyPair();
Pkcs10CertificationRequest request = new Pkcs10CertificationRequest(new Asn1SignatureFactory("SHA256WithRSA", subjectKeyPair.Private),
subject, subjectKeyPair.Public, new DerSet(), subjectKeyPair.Private);
var data = request.GetEncoded();
_privateKey = subjectKeyPair.Private;
return Convert.ToBase64String(data);
}));
#endregion
// MSFT way of generating the CSR
//return await CertificateEnrollmentManager.CreateRequestAsync(new CertificateRequestProperties()
//{
// KeySize = (uint)config.Mag.MobileSdk.ClientCertRsaKeybits,
// Subject = string.Format("cn={0}, ou={1}, dc={2}, o={3}", username, device.Id.GetHashCode(), device.Name, config.OAuth.Client.Organization),
// KeyUsages = EnrollKeyUsages.Decryption | EnrollKeyUsages.Signing
//});
}
public static async Task RevokeAccessTokenAsync(Configuration config, MASDevice device, MASUser user)
{
var url = config.GetEndpointPath(config.OAuth.SystemEndpoints.TokenRevocation);
var accessToken = await user.GetAccessTokenAsync();
HttpUrlBuilder builder = new HttpUrlBuilder(url);
builder.Add("token", accessToken);
builder.Add("token_type_hint", "access_token");
var headers = new Dictionary <string, string>
{
{ HttpHeaders.Authorization, device.AuthHeaderValue },
{ HttpHeaders.Accept, HttpContentTypes.Json }
};
await HttpRequestFactory.RequestAsync <HttpResponseBaseData>(new HttpRequestInfo()
{
Method = HttpMethod.DELETE,
Headers = headers,
Url = builder.ToString(),
});
}
public static async Task <RegisterResponseData> RegisterDeviceForUserAsync(Configuration config, MASDevice device, string username, string password, string csr)
{
var url = config.GetEndpointPath(config.Mag.SystemEndpoints.DeviceRegister);
var headers = new Dictionary <string, string>
{
{ "client-authorization", device.AuthHeaderValue },
{ HttpHeaders.Authorization, string.Format("Basic {0}", string.Format("{0}:{1}", username, password).ToBase64()) },
{ "device-id", device.Id.ToBase64() },
{ "device-name", device.Name.ToBase64() },
{ "cert-format", "base64" },
{ "create-session", "true" },
{ HttpHeaders.ContentType, HttpContentTypes.Plain },
{ HttpHeaders.Accept, HttpContentTypes.Plain }
};
return(await HttpRequestFactory.RequestAsync <RegisterResponseData>(new HttpRequestInfo()
{
Method = HttpMethod.POST,
Url = url,
Headers = headers,
Body = csr
}));
}
public static async Task <AuthorizationProvidersResponseData> GetAuthorizationProviders(Configuration config, MASDevice device)
{
var url = config.GetEndpointPath(config.OAuth.SystemEndpoints.Authorization);
var scope = config.DefaultClientId.Scope;
var urlBuilder = new HttpUrlBuilder(url);
urlBuilder.Add("client_id", device.ClientId);
urlBuilder.Add("redirect_uri", "");
urlBuilder.Add("scope", scope);
urlBuilder.Add("response_type", "code");
urlBuilder.Add("display", "social_login");
var headers = new Dictionary <string, string>
{
{ HttpHeaders.Accept, HttpContentTypes.Json }
};
return(await HttpRequestFactory.RequestAsync <AuthorizationProvidersResponseData>(new HttpRequestInfo()
{
Method = HttpMethod.GET,
Url = urlBuilder.ToString(),
Headers = headers,
}));
}
public static async Task <UserInfoResponseData> GetUserInfoAsync(Configuration config, MASDevice device, MASUser user)
{
var url = config.GetEndpointPath(config.OAuth.ProjectedEndpoints.UserInfo);
var accessTokenHeaderValue = await user.GetAccessHeaderValueAsync();
var headers = new Dictionary <string, string>
{
{ HttpHeaders.Authorization, accessTokenHeaderValue },
{ "mag-identifier", device.MagId },
{ HttpHeaders.Accept, HttpContentTypes.Json }
};
return(await HttpRequestFactory.RequestAsync <UserInfoResponseData>(new HttpRequestInfo()
{
Url = url,
Method = HttpMethod.GET,
Headers = headers
}));
}
public static Task <RequestTokenResponseData> RefreshAccessTokenAsync(Configuration config, MASDevice device, string refreshToken)
{
var url = config.GetEndpointPath(config.OAuth.SystemEndpoints.Token);
var headers = new Dictionary <string, string>
{
{ HttpHeaders.Authorization, device.AuthHeaderValue },
{ "mag-identifier", device.MagId },
{ HttpHeaders.ContentType, HttpContentTypes.UrlEncoded },
{ HttpHeaders.Accept, HttpContentTypes.Json }
};
var scope = config.DefaultClientId.Scope;
var builder = new HttpUrlBuilder();
builder.Add("scope", scope);
builder.Add("refresh_token", refreshToken);
builder.Add("grant_type", "refresh_token");
return(HttpRequestFactory.RequestAsync <RequestTokenResponseData>(new HttpRequestInfo()
{
Method = HttpMethod.POST,
Url = url,
Headers = headers,
Body = builder.ToString()
}));
}
public static Task <RequestTokenResponseData> RequestAccessTokenAnonymouslyAsync(Configuration config, MASDevice device)
{
var url = config.GetEndpointPath(config.OAuth.SystemEndpoints.Token);
var headers = new Dictionary <string, string>
{
{ HttpHeaders.Authorization, device.AuthHeaderValue },
{ "mag-identifier", device.MagId },
{ HttpHeaders.ContentType, HttpContentTypes.UrlEncoded },
{ HttpHeaders.Accept, HttpContentTypes.Json }
};
var scope = config.DefaultClientId.Scope;
var builder = new HttpUrlBuilder();
builder.Add("scope", "openid msso phone profile address email");
//builder.Add("client_id", device.ClientId);
//builder.Add("client_secret", device.ClientSecret);
builder.Add("grant_type", "client_credentials");
return(HttpRequestFactory.RequestAsync <RequestTokenResponseData>(new HttpRequestInfo()
{
Method = HttpMethod.POST,
Url = url,
Headers = headers,
Body = builder.ToString()
}));
}
public static Task <UnregisterResponseData> UnregisterDevice(Configuration config, MASDevice device)
{
var url = config.GetEndpointPath(config.Mag.SystemEndpoints.DeviceRemove);
return(HttpRequestFactory.RequestAsync <UnregisterResponseData>(new HttpRequestInfo()
{
Method = HttpMethod.DELETE,
Url = url,
Certificate = device.Certificate
}));
}
