public override Task Authenticated(TwitterAuthenticatedContext context)
        {
            context.Identity.AddClaim(new Claim(ExternalAccessToken, context.AccessToken));
            context.Identity.AddClaim(new Claim(ScreenName, context.ScreenName));
            context.Identity.AddClaim(new Claim(UserId, context.UserId));
            context.Identity.AddClaim(new Claim(AccessTokenSecret, context.AccessTokenSecret));

            return Task.FromResult<object>(null);
        }
        public override Task Authenticated(TwitterAuthenticatedContext context)
        {
            context.Identity.AddClaims(
                new List<Claim>
                {
                    new Claim(AccessToken, context.AccessToken),
                    new Claim(AccessTokenSecret, context.AccessTokenSecret)
                });

            return base.Authenticated(context);
        }
Exemple #3
0
        protected override async Task <AuthenticationTicket> AuthenticateCoreAsync()
        {
            AuthenticationProperties properties = null;

            try
            {
                IReadableStringCollection query = Request.Query;
                string protectedRequestToken    = Options.CookieManager.GetRequestCookie(Context, StateCookie);

                RequestToken requestToken = Options.StateDataFormat.Unprotect(protectedRequestToken);

                if (requestToken == null)
                {
                    _logger.WriteWarning("Invalid state");
                    return(null);
                }

                properties = requestToken.Properties;

                string returnedToken = query.Get("oauth_token");
                if (string.IsNullOrWhiteSpace(returnedToken))
                {
                    _logger.WriteWarning("Missing oauth_token");
                    return(new AuthenticationTicket(null, properties));
                }

                if (returnedToken != requestToken.Token)
                {
                    _logger.WriteWarning("Unmatched token");
                    return(new AuthenticationTicket(null, properties));
                }

                string oauthVerifier = query.Get("oauth_verifier");
                if (string.IsNullOrWhiteSpace(oauthVerifier))
                {
                    _logger.WriteWarning("Missing or blank oauth_verifier");
                    return(new AuthenticationTicket(null, properties));
                }

                AccessToken accessToken = await ObtainAccessTokenAsync(Options.ConsumerKey, Options.ConsumerSecret, requestToken, oauthVerifier);

                var context = new TwitterAuthenticatedContext(Context, accessToken.UserId, accessToken.ScreenName, accessToken.Token, accessToken.TokenSecret);

                context.Identity = new ClaimsIdentity(
                    new[]
                {
                    new Claim(ClaimTypes.NameIdentifier, accessToken.UserId, "http://www.w3.org/2001/XMLSchema#string", Options.AuthenticationType),
                    new Claim(ClaimTypes.Name, accessToken.ScreenName, "http://www.w3.org/2001/XMLSchema#string", Options.AuthenticationType),
                    new Claim("urn:twitter:userid", accessToken.UserId, "http://www.w3.org/2001/XMLSchema#string", Options.AuthenticationType),
                    new Claim("urn:twitter:screenname", accessToken.ScreenName, "http://www.w3.org/2001/XMLSchema#string", Options.AuthenticationType)
                },
                    Options.AuthenticationType,
                    ClaimsIdentity.DefaultNameClaimType,
                    ClaimsIdentity.DefaultRoleClaimType);
                context.Properties = requestToken.Properties;

                var cookieOptions = new CookieOptions
                {
                    HttpOnly = true,
                    Secure   = Request.IsSecure
                };

                Options.CookieManager.DeleteCookie(Context, StateCookie, cookieOptions);

                await Options.Provider.Authenticated(context);

                return(new AuthenticationTicket(context.Identity, context.Properties));
            }
            catch (Exception ex)
            {
                _logger.WriteError("Authentication failed", ex);
                return(new AuthenticationTicket(null, properties));
            }
        }
 public Task ReturnEndpoint(TwitterAuthenticatedContext context)
 {
     return Task.FromResult<object>(null);
 }
 public override Task Authenticated(TwitterAuthenticatedContext context)
 {
     context.Identity.AddClaim(new Claim("ExternalAccessToken", context.AccessToken));
     return Task.FromResult<object>(null);
 }
 public void ApplyRedirect(TwitterAuthenticatedContext context)
 {
     context.Response.Redirect(context.Properties.RedirectUri);
 }
 public virtual Task Authenticated(TwitterAuthenticatedContext context)
 {
     return(OnAuthenticated(context));
 }
 public virtual Task Authenticated(TwitterAuthenticatedContext context)
 {
     return OnAuthenticated(context);
 }
        public override Task Authenticated(TwitterAuthenticatedContext context)
        {
            context.Identity.AddClaim(new Claim(Claims.ExternalAccessToken, context.AccessToken));

            return base.Authenticated(context);
        }
        protected override async Task <AuthenticationTicket> AuthenticateCore()
        {
            _logger.WriteVerbose("AuthenticateCore");

            AuthenticationExtra extra = null;

            try
            {
                IDictionary <string, string[]> query = Request.GetQuery();
                var protectedRequestToken            = Request.GetCookies()[StateCookie];

                var requestToken = _tokenProtectionHandler.Unprotect(protectedRequestToken);

                if (requestToken == null)
                {
                    _logger.WriteWarning("Invalid state", null);
                    return(null);
                }

                extra = requestToken.Extra;

                if (!query.ContainsKey("oauth_token"))
                {
                    _logger.WriteWarning("Missing oauth_token", null);
                    return(new AuthenticationTicket(null, extra));
                }

                if (!query.ContainsKey("oauth_verifier"))
                {
                    _logger.WriteWarning("Missing oauth_verifier", null);
                    return(new AuthenticationTicket(null, extra));
                }

                var    returnedToken = query["oauth_token"].FirstOrDefault();
                string oauthVerifier = query["oauth_verifier"].FirstOrDefault();

                if (returnedToken != requestToken.Token)
                {
                    _logger.WriteWarning("Unmatched token", null);
                    return(new AuthenticationTicket(null, extra));
                }

                if (string.IsNullOrWhiteSpace(oauthVerifier))
                {
                    _logger.WriteWarning("Blank oauth_verifier", null);
                    return(new AuthenticationTicket(null, extra));
                }

                var accessToken = await ObtainAccessToken(Options.ConsumerKey, Options.ConsumerSecret, requestToken, oauthVerifier);

                var context = new TwitterAuthenticatedContext(Request.Environment, accessToken.UserId, accessToken.ScreenName);
                context.Identity = new ClaimsIdentity(
                    new[]
                {
                    new Claim(ClaimTypes.NameIdentifier, accessToken.UserId, "http://www.w3.org/2001/XMLSchema#string", Options.AuthenticationType),
                    new Claim(ClaimTypes.Name, accessToken.ScreenName, "http://www.w3.org/2001/XMLSchema#string", Options.AuthenticationType),
                    new Claim("urn:twitter:userid", accessToken.UserId, "http://www.w3.org/2001/XMLSchema#string", Options.AuthenticationType),
                    new Claim("urn:twitter:screenname", accessToken.ScreenName, "http://www.w3.org/2001/XMLSchema#string", Options.AuthenticationType),
                },
                    Options.AuthenticationType,
                    ClaimsIdentity.DefaultNameClaimType,
                    ClaimsIdentity.DefaultRoleClaimType);
                context.Extra = requestToken.Extra;

                Response.DeleteCookie(StateCookie);

                await Options.Provider.Authenticated(context);

                return(new AuthenticationTicket(context.Identity, context.Extra));
            }
            catch (Exception ex)
            {
                _logger.WriteError("Authentication failed", ex);
                return(new AuthenticationTicket(null, extra));
            }
        }