/*** implementing the methods for AuthenticationConclusion ***/ public override GenericAuth.AuthenticationConclusion createConclusionOidcImplicit( OIDC10.AuthenticationResponse_with_id_token authenticationResponse) { var AuthConclusion = new GenericAuth.AuthenticationConclusion(); AuthConclusion.channel = authenticationResponse.SVX_sender; OIDC10.JwtTokenBody jwtTokenBody = authenticationResponse.id_token.theParams; if (jwtTokenBody.aud != this.client_id) { throw new Exception("client_id in the jwtToken is not of this relying party."); } var userProfile = new GGUserProfile(); userProfile.UserID = ((GGJwtToken)jwtTokenBody).sub; userProfile.Email = ((GGJwtToken)jwtTokenBody).email; userProfile.GG_ID = ((GGJwtToken)jwtTokenBody).sub; userProfile.FullName = getFullName(authenticationResponse.access_token); //checking CSRF_state var stateParams = new OAuth20.StateParams { client = authenticationResponse.SVX_sender, idpPrincipal = idpParticipantId.principal }; stateGenerator.Verify(stateParams, authenticationResponse.state); AuthConclusion.userProfile = userProfile; AuthConclusion.userProfile.Authority = "Google.com"; return(AuthConclusion); }
// Very little of this is Weibo-specific. Consider moving it to // OAuth20. (Exception: it's unclear if the user profile request is an // OAuth20 concept at all, so maybe the entirety of that should move to // Weibo with only a hook remaining in OAuth20.) /*** implementing the methods for AuthorizationRequest ***/ public override OAuth20.AuthorizationRequest createAuthorizationRequest(SVX.Channel client) { var authorizationRequest = new OAuth20.AuthorizationRequest(); authorizationRequest.client_id = client_id; authorizationRequest.response_type = "code"; //authorizationRequest.scope = "user_about_me email"; authorizationRequest.redirect_uri = redirect_uri; var stateParams = new OAuth20.StateParams { client = client, idpPrincipal = idpParticipantId.principal }; authorizationRequest.state = stateGenerator.Generate(stateParams, SVX_Principal); return(authorizationRequest); }
/*** implementing the methods for AccessTokenRequest ***/ public override OAuth20.AccessTokenRequest createAccessTokenRequest(OAuth20.AuthorizationResponse authorizationResponse) { var stateParams = new OAuth20.StateParams { client = authorizationResponse.SVX_sender, idpPrincipal = idpParticipantId.principal }; stateGenerator.Verify(stateParams, authorizationResponse.state); OAuth20.AccessTokenRequest _AccessTokenRequest = new OAuth20.AccessTokenRequest(); _AccessTokenRequest.client_id = client_id; _AccessTokenRequest.code = authorizationResponse.code; _AccessTokenRequest.redirect_uri = redirect_uri; _AccessTokenRequest.grant_type = "authorization_code"; _AccessTokenRequest.client_secret = client_secret; return(_AccessTokenRequest); }
/*** implementing the methods for AccessTokenRequest ***/ public override OAuth20.AccessTokenRequest createAccessTokenRequest(OAuth20.AuthorizationResponse authorizationResponse) { var stateParams = new OAuth20.StateParams { client = authorizationResponse.SVX_sender, idpPrincipal = idpParticipantId.principal }; stateGenerator.Verify(stateParams, authorizationResponse.state); OAuth20.AccessTokenRequest _AccessTokenRequest = new OAuth20.AccessTokenRequest(); //Facebook's access token request doesn't need "grant_type=authorization_code". //See https://developers.facebook.com/docs/facebook-login/manually-build-a-login-flow _AccessTokenRequest.client_id = client_id; _AccessTokenRequest.code = authorizationResponse.code; _AccessTokenRequest.redirect_uri = redirect_uri; _AccessTokenRequest.client_secret = client_secret; return(_AccessTokenRequest); }
public override OAuth20.AuthorizationRequest createAuthorizationRequest(SVX.Channel client) { GGAuthenticationRequest GGAuthenticationRequest = new GGAuthenticationRequest(); GGAuthenticationRequest.client_id = client_id; GGAuthenticationRequest.response_type = "id_token token"; GGAuthenticationRequest.scope = "openid email profile"; GGAuthenticationRequest.redirect_uri = redirect_uri; GGAuthenticationRequest.response_mode = "form_post"; var stateParams = new OAuth20.StateParams { client = client, idpPrincipal = idpParticipantId.principal }; GGAuthenticationRequest.state = stateGenerator.Generate(stateParams, SVX_Principal); HashAlgorithm hashAlgo = SHA1.Create(); GGAuthenticationRequest.nonce = BitConverter.ToString(hashAlgo.ComputeHash(System.Text.Encoding.UTF8.GetBytes(client.id))); return(GGAuthenticationRequest); }