private void Initialize()
{
var webRequest = (HttpWebRequest)WebRequest.Create("https://" + Auth0Module.Auth0Domain + "/userinfo");
webRequest.Headers.Add("Authorization", String.Format("Bearer {0}", access_token));
var webResponse = (HttpWebResponse)webRequest.GetResponse();
var serializer = new JavaScriptSerializer();
using (var stream = webResponse.GetResponseStream())
{
using (var reader = new StreamReader(stream))
{
claims = serializer.Deserialize <Dictionary <string, object> >(reader.ReadToEnd());
Auth0Trace.WriteLine("principal = {0} claims", claims.Count);
}
}
// add exp
var base64 = id_token.Split('.')[1];
int mod4 = base64.Length % 4;
if (mod4 > 0)
{
base64 += new string('=', 4 - mod4);
}
var jwt = Encoding.UTF8.GetString(Convert.FromBase64String(base64));
var json = serializer.Deserialize <Dictionary <string, object> >(jwt);
claims["exp"] = json["exp"];
}
public void AuthenticateRequest(object sender, EventArgs e)
{
var application = (HttpApplication)sender;
var request = application.Request;
var requestUrl = new Uri(request.Url, request.RawUrl);
var response = application.Response;
Auth0Trace.WriteLine("request = {0}", requestUrl);
if (requestUrl.AbsolutePath.StartsWith(LogoutPath, StringComparison.OrdinalIgnoreCase))
{
if (requestUrl.AbsolutePath.Equals(LogoutPath, StringComparison.OrdinalIgnoreCase))
{
RemoveSessionCookie(application);
response.Redirect(GetLogoutUrl(application), endResponse: true);
}
else
{
response.Write("<a href=\"/\">login</a>");
application.CompleteRequest();
}
return;
}
string redirectUri;
var token = AuthenticateUser(application, out redirectUri);
if (token == null)
{
redirectUri = redirectUri ?? GetLoginUrl(application);
}
if (!String.IsNullOrEmpty(redirectUri))
{
Auth0Trace.WriteLine("redirectUri = {0}", redirectUri);
response.Redirect(redirectUri, endResponse: true);
return;
}
var principal = token.GetPrincipal();
HttpContext.Current.User = principal;
Thread.CurrentPrincipal = principal;
}
public static Auth0Token DecodeCookie(byte[] bytes)
{
try
{
for (int i = DefaultCookieTransforms.Length - 1; i >= 0; --i)
{
bytes = DefaultCookieTransforms[i].Decode(bytes);
}
return(Auth0Token.FromBytes(bytes));
}
catch (Exception ex)
{
Auth0Trace.WriteLine("DecodeCookie failed with {0}", ex);
// bad cookie
return(null);
}
}
public static Auth0Token AuthenticateUser(HttpApplication application, out string redirectUri)
{
redirectUri = null;
var request = application.Context.Request;
var requestUrl = new Uri(request.Url, request.RawUrl);
if (!requestUrl.AbsolutePath.Equals(LoginCallbackPath, StringComparison.OrdinalIgnoreCase))
{
return(ReadSessionCookie(application));
}
var query = HttpUtility.ParseQueryString(requestUrl.Query);
var code = query["code"];
if (String.IsNullOrEmpty(code))
{
return(ReadSessionCookie(application));
}
var tokenRequestUri = String.Format("https://{0}/oauth/token", Auth0Domain);
var client_id = Auth0ClientId;
var client_secret = Auth0ClientSecret;
var redirect_uri = GetRedirectUrl(application);
var payload = new StringBuilder("grant_type=authorization_code");
payload.AppendFormat("&client_id={0}", WebUtility.UrlEncode(client_id));
payload.AppendFormat("&client_secret={0}", WebUtility.UrlEncode(client_secret));
payload.AppendFormat("&redirect_uri={0}", WebUtility.UrlEncode(redirect_uri));
payload.AppendFormat("&code={0}", WebUtility.UrlEncode(code));
var webRequest = (HttpWebRequest)WebRequest.Create(tokenRequestUri);
webRequest.Method = "POST";
webRequest.ContentType = "application/x-www-form-urlencoded";
using (var stream = webRequest.GetRequestStream())
{
var bytes = Encoding.UTF8.GetBytes(payload.ToString());
stream.Write(bytes, 0, bytes.Length);
}
try
{
var webResponse = (HttpWebResponse)webRequest.GetResponse();
using (var stream = webResponse.GetResponseStream())
{
var token = Auth0Token.FromStream(stream);
WriteSessionCookie(application, token);
redirectUri = query["state"];
return(token);
}
}
catch (WebException ex)
{
Auth0Trace.WriteLine("POST {0} failed with {1}", tokenRequestUri, ex);
throw HandleOAuthError(ex, tokenRequestUri);
}
}
