protected override string BuildChallengeUrl(AuthenticationProperties properties, string redirectUri)
{
var secret = new EsiaClientSecret(Options);
///Options.ClientSecret = secret.GenerateClientSecretAsync().Result;
Options.ClientSecret = secret.GetSecretData(redirectUri).Result;
var clientSecret = secret.GenerateClientSecretByOptionsAsync(secret).Result;
if (clientSecret == Options.ClientSecret)
{
throw new Exception();
}
var queryStrings = new Dictionary <string, string>
{
{ "response_type", "code" },
{ "client_id", Options.ClientId },
{ "redirect_uri", redirectUri },
{ "scope", secret.Scope },
{ "access_type", Options.AccessType },
{ "state", secret.State },
{ "client_secret", Options.ClientSecret },
{ "timestamp", secret.Timestamp },
};
var authorizationEndpoint = QueryHelpers.AddQueryString(Options.AuthorizationEndpoint, queryStrings);
return(authorizationEndpoint);
}
protected override async Task <OAuthTokenResponse> ExchangeCodeAsync(OAuthCodeExchangeContext context)
{
var secret = new EsiaClientSecret(Options);
//Options.ClientSecret = await secret.GenerateClientSecretAsync();
Options.ClientSecret = await secret.GetSecretData(context.RedirectUri);
var requestParam = new Dictionary <string, string>
{
{ "client_id", Options.ClientId },
{ "code", context.Code },
{ "grant_type", "authorization_code" },
{ "state", secret.State },
{ "scope", secret.Scope },
{ "timestamp", secret.Timestamp },
{ "token_type", "Bearer" },
{ "client_secret", Options.ClientSecret },
{ "redirect_uri", context.RedirectUri }
};
var request = new HttpRequestMessage(HttpMethod.Post, Options.TokenEndpoint);
request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
request.Content = new FormUrlEncodedContent(requestParam);
using var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
if (!response.IsSuccessStatusCode)
{
Logger.LogError("An error occurred while retrieving an access token: the remote server " +
"returned a {Status} response with the following payload: {Headers} {Body}.",
/* Status: */ response.StatusCode,
/* Headers: */ response.Headers.ToString(),
/* Body: */ await response.Content.ReadAsStringAsync());
return(OAuthTokenResponse.Failed(new Exception("An error occurred while retrieving an access token.")));
}
var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync());
return(OAuthTokenResponse.Success(payload));
}
protected override async Task <OAuthTokenResponse> ExchangeCodeAsync(OAuthCodeExchangeContext context)
{
var secret = new EsiaClientSecret(Options);
Options.ClientSecret = secret.GenerateClientSecret();
var requestParam = new Dictionary <string, string>
{
{ "client_id", Options.ClientId },
{ "code", context.Code },
{ "grant_type", "authorization_code" },
{ "state", secret.State },
{ "scope", secret.Scope },
{ "timestamp", secret.Timestamp },
{ "token_type", "Bearer" },
{ "client_secret", Options.ClientSecret },
{ "redirect_uri", context.RedirectUri }
};
var request = new HttpRequestMessage(HttpMethod.Post, Options.TokenEndpoint);
request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
request.Content = new FormUrlEncodedContent(requestParam);
var response = await Backchannel.SendAsync(request, Context.RequestAborted);
if (response.IsSuccessStatusCode)
{
var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync());
return(OAuthTokenResponse.Success(payload));
}
else
{
var error = "OAuth token endpoint failure: " + await Display(response);
return(OAuthTokenResponse.Failed(new Exception(error)));
}
}
internal async Task <string> GenerateClientSecretByOptionsAsync(EsiaClientSecret secret)
{
string signMessage = secret.Scope + secret.Timestamp + Options.ClientId + secret.State;
return(await SignMessageAsync(signMessage));
}
