public async Task <OAuth2TokenResult> GetOAuthTokenViaBrowserAsync(Uri targetUri, IEnumerable <string> scopes)
{
ThrowIfUserInteractionDisabled();
var oauthClient = new GitHubOAuth2Client(HttpClient, Context.Settings, targetUri);
// We require a desktop session to launch the user's default web browser
if (!Context.SessionManager.IsDesktopSession)
{
throw new InvalidOperationException("Browser authentication requires a desktop session");
}
var browserOptions = new OAuth2WebBrowserOptions
{
SuccessResponseHtml = GitHubResources.AuthenticationResponseSuccessHtml,
FailureResponseHtmlFormat = GitHubResources.AuthenticationResponseFailureHtmlFormat
};
var browser = new OAuth2SystemWebBrowser(Context.Environment, browserOptions);
// Write message to the terminal (if any is attached) for some feedback that we're waiting for a web response
Context.Terminal.WriteLine("info: please complete authentication in your browser...");
OAuth2AuthorizationCodeResult authCodeResult =
await oauthClient.GetAuthorizationCodeAsync(scopes, browser, CancellationToken.None);
return(await oauthClient.GetTokenByAuthorizationCodeAsync(authCodeResult, CancellationToken.None));
}
public async Task OAuth2Client_GetAuthorizationCodeAsync()
{
const string expectedAuthCode = "68c39cbd8d";
var baseUri = new Uri("https://example.com");
OAuth2ServerEndpoints endpoints = CreateEndpoints(baseUri);
var httpHandler = new TestHttpMessageHandler {
ThrowOnUnexpectedRequest = true
};
string[] expectedScopes = { "read", "write", "delete" };
OAuth2Application app = CreateTestApplication();
var server = new TestOAuth2Server(endpoints);
server.RegisterApplication(app);
server.Bind(httpHandler);
server.TokenGenerator.AuthCodes.Add(expectedAuthCode);
IOAuth2WebBrowser browser = new TestOAuth2WebBrowser(httpHandler);
OAuth2Client client = CreateClient(httpHandler, endpoints);
OAuth2AuthorizationCodeResult result = await client.GetAuthorizationCodeAsync(expectedScopes, browser, CancellationToken.None);
Assert.Equal(expectedAuthCode, result.Code);
}
private void VerifyAuthorizationCodeResult(OAuth2AuthorizationCodeResult result)
{
Assert.NotNull(result);
Assert.Equal(authorization_code, result.Code);
Assert.Equal(rootCallbackUri, result.RedirectUri);
Assert.Equal(pkceCodeVerifier, result.CodeVerifier);
}
public async Task OAuth2Client_E2E_InteractiveWebFlowAndRefresh()
{
const string expectedAuthCode = "e78a711d11";
const string expectedAccessToken1 = "LET_ME_IN-1";
const string expectedAccessToken2 = "LET_ME_IN-2";
const string expectedRefreshToken1 = "REFRESH_ME-1";
const string expectedRefreshToken2 = "REFRESH_ME-2";
var baseUri = new Uri("https://example.com");
OAuth2ServerEndpoints endpoints = CreateEndpoints(baseUri);
var httpHandler = new TestHttpMessageHandler {
ThrowOnUnexpectedRequest = true
};
string[] expectedScopes = { "read", "write", "delete" };
OAuth2Application app = CreateTestApplication();
var server = new TestOAuth2Server(endpoints);
server.RegisterApplication(app);
server.Bind(httpHandler);
server.TokenGenerator.AuthCodes.Add(expectedAuthCode);
server.TokenGenerator.AccessTokens.Add(expectedAccessToken1);
server.TokenGenerator.RefreshTokens.Add(expectedRefreshToken1);
IOAuth2WebBrowser browser = new TestOAuth2WebBrowser(httpHandler);
OAuth2Client client = CreateClient(httpHandler, endpoints);
OAuth2AuthorizationCodeResult authCodeResult = await client.GetAuthorizationCodeAsync(
expectedScopes, browser, CancellationToken.None);
OAuth2TokenResult result1 = await client.GetTokenByAuthorizationCodeAsync(authCodeResult, CancellationToken.None);
Assert.NotNull(result1);
Assert.Equal(expectedScopes, result1.Scopes);
Assert.Equal(expectedAccessToken1, result1.AccessToken);
Assert.Equal(expectedRefreshToken1, result1.RefreshToken);
server.TokenGenerator.AccessTokens.Add(expectedAccessToken2);
server.TokenGenerator.RefreshTokens.Add(expectedRefreshToken2);
OAuth2TokenResult result2 = await client.GetTokenByRefreshTokenAsync(result1.RefreshToken, CancellationToken.None);
Assert.NotNull(result2);
Assert.Equal(expectedScopes, result2.Scopes);
Assert.Equal(expectedAccessToken2, result2.AccessToken);
Assert.Equal(expectedRefreshToken2, result2.RefreshToken);
}
public async Task <OAuth2TokenResult> GetOAuthTokenAsync(Uri targetUri, IEnumerable <string> scopes)
{
ThrowIfUserInteractionDisabled();
var oauthClient = new GitHubOAuth2Client(HttpClient, Context.Settings, targetUri);
// If we have a desktop session try authentication using the user's default web browser
if (Context.SessionManager.IsDesktopSession)
{
var browserOptions = new OAuth2WebBrowserOptions
{
SuccessResponseHtml = GitHubResources.AuthenticationResponseSuccessHtml,
FailureResponseHtmlFormat = GitHubResources.AuthenticationResponseFailureHtmlFormat
};
var browser = new OAuth2SystemWebBrowser(browserOptions);
// Write message to the terminal (if any is attached) for some feedback that we're waiting for a web response
Context.Terminal.WriteLine("info: please complete authentication in your browser...");
OAuth2AuthorizationCodeResult authCodeResult = await oauthClient.GetAuthorizationCodeAsync(scopes, browser, CancellationToken.None);
return(await oauthClient.GetTokenByAuthorizationCodeAsync(authCodeResult, CancellationToken.None));
}
else
{
ThrowIfTerminalPromptsDisabled();
if (GitHubConstants.IsOAuthDeviceAuthSupported)
{
OAuth2DeviceCodeResult deviceCodeResult = await oauthClient.GetDeviceCodeAsync(scopes, CancellationToken.None);
string deviceMessage = $"To complete authentication please visit {deviceCodeResult.VerificationUri} and enter the following code:" +
Environment.NewLine +
deviceCodeResult.UserCode;
Context.Terminal.WriteLine(deviceMessage);
return(await oauthClient.GetTokenByDeviceCodeAsync(deviceCodeResult, CancellationToken.None));
}
// We'd like to try using an OAuth2 flow that does not require a web browser on this device
// such as the device code flow (RFC 8628) but GitHub's auth stack does not support this.
throw new NotSupportedException("GitHub OAuth authentication is not supported without an interactive desktop session.");
}
}
public async Task OAuth2Client_GetTokenByAuthorizationCodeAsync()
{
const string authCode = "a63ef59691";
const string expectedAccessToken = "LET_ME_IN";
const string expectedRefreshToken = "REFRESH_ME";
var baseUri = new Uri("https://example.com");
OAuth2ServerEndpoints endpoints = CreateEndpoints(baseUri);
var httpHandler = new TestHttpMessageHandler {
ThrowOnUnexpectedRequest = true
};
string[] expectedScopes = { "read", "write", "delete" };
OAuth2Application app = CreateTestApplication();
app.AuthGrants.Add(new OAuth2Application.AuthCodeGrant(authCode, expectedScopes));
var server = new TestOAuth2Server(endpoints);
server.RegisterApplication(app);
server.Bind(httpHandler);
server.TokenGenerator.AccessTokens.Add(expectedAccessToken);
server.TokenGenerator.RefreshTokens.Add(expectedRefreshToken);
OAuth2Client client = CreateClient(httpHandler, endpoints);
var authCodeResult = new OAuth2AuthorizationCodeResult(authCode, TestRedirectUri);
OAuth2TokenResult result = await client.GetTokenByAuthorizationCodeAsync(authCodeResult, CancellationToken.None);
Assert.NotNull(result);
Assert.Equal(expectedScopes, result.Scopes);
Assert.Equal(expectedAccessToken, result.AccessToken);
Assert.Equal(expectedRefreshToken, result.RefreshToken);
}
