public string CreateAuthorizationRequest()
{
// Create URI to authorization endpoint
var authorizeRequest = new RequestUrl(Constants.AuthorizeUri);
// Dictionary with values for the authorize request
var dic = new Dictionary <string, string>();
dic.Add("client_id", Constants.ClientId);
dic.Add("client_secret", Constants.ClientSecret);
dic.Add("response_type", "code id_token");
dic.Add("scope", Constants.Scope);
dic.Add("redirect_uri", Constants.RedirectUri);
dic.Add("nonce", Guid.NewGuid().ToString("N"));
dic.Add("code_challenge", CreateCodeChallenge());
dic.Add("code_challenge_method", "S256");
// Add CSRF token to protect against cross-site request forgery attacks.
var currentCSRFToken = Guid.NewGuid().ToString("N");
dic.Add("state", currentCSRFToken);
var authorizeUri = authorizeRequest.Create(dic);
return(authorizeUri);
}
public void null_value_should_return_base()
{
var request = new RequestUrl("http://server/authorize");
var url = request.Create(null);
url.Should().Be("http://server/authorize");
}
public void empty_value_should_return_base()
{
var request = new RequestUrl("http://server/authorize");
var values = new Dictionary <string, string>();
var url = request.Create(values);
url.Should().Be("http://server/authorize");
}
internal string CreateAuthorizeUrl(string state, string nonce, string codeChallenge, IDictionary <string, string> extraParameters)
{
_logger.LogTrace("CreateAuthorizeUrl");
var parameters = CreateAuthorizeParameters(state, nonce, codeChallenge, extraParameters);
var request = new RequestUrl(_options.ProviderInformation.AuthorizeEndpoint);
return(request.Create(parameters));
}
public void empty_value_should_return_base()
{
var request = new RequestUrl("http://server/authorize");
var values = new Parameters();
var url = request.Create(values);
url.Should().Be("http://server/authorize");
}
public async Task <UserInfo> GetUserInfoAsync()
{
var requestUrl = new RequestUrl(_settingsService.UserInfoEndpoint);
var userInfo = await _requestProvider.GetAsync <UserInfo>(requestUrl.Create(null),
_settingsService.AuthAccessToken);
return(userInfo);
}
public string CreateRegisterRequestUri()
{
var requestUrl = new RequestUrl(GlobalSettings.Instance.RegisterWebsite);
var dic = new Dictionary <string, string>
{
{ "returnUrl", GlobalSettings.Instance.RegisterCallback }
};
return(requestUrl.Create(dic));
}
internal string CreateAuthorizeUrl(string state, string codeChallenge,
Parameters frontChannelParameters)
{
_logger.LogTrace("CreateAuthorizeUrl");
var parameters = CreateAuthorizeParameters(state, codeChallenge, frontChannelParameters);
var request = new RequestUrl(_options.ProviderInformation.AuthorizeEndpoint);
return(request.Create(parameters));
}
public async Task <ArticlesPaginated> GetArticlesAsync(int pageIndex, int pageSize = 5)
{
var requestUrl = new RequestUrl(_settingsService.ArticlesEndpoint);
var dictionary = new Dictionary <string, string>
{
{ "pageIndex", pageIndex.ToString() },
{ "pageSize", pageSize.ToString() }
};
return(await _requestProvider.GetAsync <ArticlesPaginated>(requestUrl.Create(dictionary)));
}
public async Task <List <CommentResponse> > GetCommentsAsync(int id, bool isArticle = true)
{
var requestUrl = new RequestUrl(_settingsService.CommentsEndpoint + "/" + id);
var dic = new Dictionary <string, string>
{
{ "isArticle", isArticle.ToString() }
};
var url = requestUrl.Create(dic);
var comments = await _requestProvider.GetAsync <List <CommentResponse> >(url);
return(comments);
}
/// <summary>
/// Creates a end_session URL.
/// </summary>
/// <param name="request">The request.</param>
/// <param name="idTokenHint">The id_token hint.</param>
/// <param name="postLogoutRedirectUri">The post logout redirect URI.</param>
/// <param name="state">The state.</param>
/// <param name="extra">The extra parameters.</param>
/// <returns></returns>
public static string CreateEndSessionUrl(this RequestUrl request,
string idTokenHint = null,
string postLogoutRedirectUri = null,
string state = null,
Parameters extra = null)
{
var values = new Parameters();
values.AddOptional(OidcConstants.EndSessionRequest.IdTokenHint, idTokenHint);
values.AddOptional(OidcConstants.EndSessionRequest.PostLogoutRedirectUri, postLogoutRedirectUri);
values.AddOptional(OidcConstants.EndSessionRequest.State, state);
return(request.Create(values.Merge(extra)));
}
public void Create_absolute_url_should_behave_as_expected()
{
var request = new RequestUrl("http://server/authorize");
var parameters = new Parameters
{
{ "foo", "foo" },
{ "bar", "bar" }
};
var url = request.Create(parameters);
url.Should().Be("http://server/authorize?foo=foo&bar=bar");
}
public void Create_relative_url_should_behave_as_expected()
{
var request = new RequestUrl("/authorize");
var parmeters = new
{
foo = "foo",
bar = "bar"
};
var url = request.Create(parmeters);
url.Should().Be("/authorize?foo=foo&bar=bar");
}
public void Multiple_parameter_names_should_behave_as_expected()
{
var request = new RequestUrl("http://server/authorize");
var parameters = new Parameters
{
{ "foo", "foo" },
{ "foo", "bar" }
};
var url = request.Create(parameters);
url.Should().Be("http://server/authorize?foo=foo&foo=bar");
}
public void Special_characters_in_query_param_should_be_encoded_correctly()
{
var request = new RequestUrl("http://server/authorize");
var parmeters = new
{
scope = "a b c",
clientId = "a+b+c"
};
var url = request.Create(parmeters);
url.Should().Be("http://server/authorize?scope=a%20b%20c&clientId=a%2Bb%2Bc");
}
public void Null_values_should_be_skipped()
{
var request = new RequestUrl("/authorize");
var parameters = new Dictionary <string, string>
{
{ "foo", "foo" },
{ "bar", null }
};
var url = request.Create(parameters);
url.Should().Be("/authorize?foo=foo");
}
public string CreateAuthorizationRequestUri()
{
var requestUrl = new RequestUrl(GlobalSettings.Instance.AuthorizeEndpoint);
var dic = new Dictionary <string, string>();
dic.Add("client_id", GlobalSettings.Instance.ClientId);
dic.Add("client_secret", GlobalSettings.Instance.ClientSecret);
dic.Add("response_type", OidcConstants.ResponseTypes.CodeIdToken);
dic.Add("scope", "openid profile webapi");
dic.Add("nonce", Guid.NewGuid().ToString("N"));
dic.Add("redirect_uri", GlobalSettings.Instance.Callback);
dic.Add("code_challenge", CreateCodeChallenge());
dic.Add("code_challenge_method", OidcConstants.CodeChallengeMethods.Sha256);
return(requestUrl.Create(dic));
}
/// <summary>
/// Creates an authorize URL.
/// </summary>
/// <param name="request">The request.</param>
/// <param name="clientId">The client identifier.</param>
/// <param name="responseType">The response type.</param>
/// <param name="scope">The scope.</param>
/// <param name="redirectUri">The redirect URI.</param>
/// <param name="state">The state.</param>
/// <param name="nonce">The nonce.</param>
/// <param name="loginHint">The login hint.</param>
/// <param name="acrValues">The acr values.</param>
/// <param name="prompt">The prompt.</param>
/// <param name="responseMode">The response mode.</param>
/// <param name="codeChallenge">The code challenge.</param>
/// <param name="codeChallengeMethod">The code challenge method.</param>
/// <param name="display">The display option.</param>
/// <param name="maxAge">The max age.</param>
/// <param name="uiLocales">The ui locales.</param>
/// <param name="idTokenHint">The id_token hint.</param>
/// <param name="extra">Extra parameters.</param>
/// <returns></returns>
public static string CreateAuthorizeUrl(this RequestUrl request,
string clientId,
string responseType,
string scope = null,
string redirectUri = null,
string state = null,
string nonce = null,
string loginHint = null,
string acrValues = null,
string prompt = null,
string responseMode = null,
string codeChallenge = null,
string codeChallengeMethod = null,
string display = null,
int?maxAge = null,
string uiLocales = null,
string idTokenHint = null,
Parameters extra = null)
{
var values = new Parameters
{
{ OidcConstants.AuthorizeRequest.ClientId, clientId },
{ OidcConstants.AuthorizeRequest.ResponseType, responseType }
};
values.AddOptional(OidcConstants.AuthorizeRequest.Scope, scope);
values.AddOptional(OidcConstants.AuthorizeRequest.RedirectUri, redirectUri);
values.AddOptional(OidcConstants.AuthorizeRequest.State, state);
values.AddOptional(OidcConstants.AuthorizeRequest.Nonce, nonce);
values.AddOptional(OidcConstants.AuthorizeRequest.LoginHint, loginHint);
values.AddOptional(OidcConstants.AuthorizeRequest.AcrValues, acrValues);
values.AddOptional(OidcConstants.AuthorizeRequest.Prompt, prompt);
values.AddOptional(OidcConstants.AuthorizeRequest.ResponseMode, responseMode);
values.AddOptional(OidcConstants.AuthorizeRequest.CodeChallenge, codeChallenge);
values.AddOptional(OidcConstants.AuthorizeRequest.CodeChallengeMethod, codeChallengeMethod);
values.AddOptional(OidcConstants.AuthorizeRequest.Display, display);
values.AddOptional(OidcConstants.AuthorizeRequest.MaxAge, maxAge?.ToString());
values.AddOptional(OidcConstants.AuthorizeRequest.UiLocales, uiLocales);
values.AddOptional(OidcConstants.AuthorizeRequest.IdTokenHint, idTokenHint);
return(request.Create(values.Merge(extra)));
}
private async void Login()
{
try
{
//Create AuthRequest
var authRequest = new RequestUrl(Constants.QiitaOauthUrl);
var param = new Parameters();
param.Add("client_id", Constants.QiitaOauthClientID);
param.Add("scope", "read_qiita");
string requestUrl = authRequest.Create(param);
//Auth
var authResult = await WebAuthenticator.AuthenticateAsync(
new Uri(requestUrl),
new Uri(Constants.QiitaCallBackUrl));
var accessToken = authResult?.AccessToken;
}
catch (Exception ex)
{
Console.Write(ex.Message);
}
}
public async Task <IActionResult> Login()
{
var nonce = CryptoRandom.CreateRandomKeyString(64);
var verifier = CryptoRandom.CreateRandomKeyString(64);
var challenge = verifier.ToSha256();
var requestUrl = new RequestUrl(AUTHORIZE_ENDPOINT);
var client = new HttpClient();
var url = requestUrl.Create(new
{
client_id = "Plc.LacHdr.Client.Mvc.AuthCode",
response_type = "code",
scope = "openid profile Plc.LacHdr.Api",
redirect_uri = "https://localhost:5021/auth-callback",
code_challenge = challenge,
code_challenge_method = "S256"
}
);
var response = await client.GetAsync(url);
return(Redirect(url));
}
/// <summary>
/// Creates an authorize URL.
/// </summary>
/// <param name="request">The request.</param>
/// <param name="parameters">The parameters.</param>
/// <returns></returns>
public static string Create(this RequestUrl request, Parameters parameters)
{
return(request.Create(parameters));
}