static MockAuthHttpGateway()
 {
     Tokens = new OAuthTokens {
         UserId = "623501766",
         DisplayName = "Demis Bellot",
         FirstName = "Demis",
         LastName = "Bellot",
         Email = "*****@*****.**",
     };
 }
        public void Does_persist_TwitterOAuth(IUserAuthRepository userAuthRepository)
        {
            ((IClearable)userAuthRepository).Clear();

            var mockService = new Mock<IServiceBase>();
            mockService.Expect(x => x.TryResolve<IUserAuthRepository>())
                .Returns(userAuthRepository);

            var service = mockService.Object;

            MockAuthHttpGateway.Tokens = new OAuthTokens { DisplayName = "Demis Bellot TW" };

            var twitterTokens = new OAuthTokens {
                Provider = TwitterAuthConfig.Name,
                RequestToken = "JGz2CcwqgB1GR5e0EmGFxzyxGTw2rwEFFcC8a9o7g",
                RequestTokenSecret = "qkCdURJ2R10bMieVQZZad7iSwWkPYJmtBYzPoM9q0",
                UserId = "133371690876022785",
            };
            var authInfo = new Dictionary<string, string> {
                {"user_id", "133371690876022785"},
                {"screen_name", "demisbellot"},
            };

            var oAuthUserSession = GetSession();
            oAuthUserSession.OnAuthenticated(service, twitterTokens, authInfo);

            Assert.That(oAuthUserSession.UserAuthId, Is.Not.Null);

            var userAuth = userAuthRepository.GetUserAuth(oAuthUserSession.UserAuthId);
            Assert.That(userAuth.Id.ToString(), Is.EqualTo(oAuthUserSession.UserAuthId));
            Assert.That(userAuth.DisplayName, Is.EqualTo("Demis Bellot TW"));

            var authProviders = userAuthRepository.GetUserOAuthProviders(oAuthUserSession.UserAuthId);
            Assert.That(authProviders.Count, Is.EqualTo(1));
            var authProvider = authProviders[0];
            Assert.That(authProvider.UserAuthId, Is.EqualTo(userAuth.Id));
            Assert.That(authProvider.DisplayName, Is.EqualTo("Demis Bellot TW"));
            Assert.That(authProvider.FirstName, Is.Null);
            Assert.That(authProvider.LastName, Is.Null);
            Assert.That(authProvider.RequestToken, Is.EqualTo(twitterTokens.RequestToken));
            Assert.That(authProvider.RequestTokenSecret, Is.EqualTo(twitterTokens.RequestTokenSecret));

            Console.WriteLine(authProviders.Dump());
        }
        public void Does_persist_FacebookOAuth(IUserAuthRepository userAuthRepository)
        {
            ((IClearable)userAuthRepository).Clear();

            var mockService = new Mock<IServiceBase>();
            mockService.Expect(x => x.TryResolve<IUserAuthRepository>())
                .Returns(userAuthRepository);

            var serviceTokens = MockAuthHttpGateway.Tokens = new OAuthTokens {
                UserId = "623501766",
                DisplayName = "Demis Bellot FB",
                FirstName = "Demis",
                LastName = "Bellot",
                Email = "*****@*****.**",
            };

            var service = mockService.Object;
            var facebookTokens = new OAuthTokens {
                Provider = FacebookAuthConfig.Name,
                AccessTokenSecret = "AAADPaOoR848BAMkQIZCRIKnVWZAvcKWqo7Ibvec8ebV9vJrfZAz8qVupdu5EbjFzmMmbwUFDbcNDea9H6rOn5SVn8es7KYZD",
            };
            var authInfo = new Dictionary<string, string> { };

            var oAuthUserSession = GetSession();
            oAuthUserSession.OnAuthenticated(service, facebookTokens, authInfo);
            Assert.That(oAuthUserSession.FacebookUserId, Is.EqualTo(serviceTokens.UserId));

            Assert.That(oAuthUserSession.UserAuthId, Is.Not.Null);

            var userAuth = userAuthRepository.GetUserAuth(oAuthUserSession.UserAuthId);
            Assert.That(userAuth.Id.ToString(), Is.EqualTo(oAuthUserSession.UserAuthId));
            Assert.That(userAuth.DisplayName, Is.EqualTo(serviceTokens.DisplayName));
            Assert.That(userAuth.FirstName, Is.EqualTo(serviceTokens.FirstName));
            Assert.That(userAuth.LastName, Is.EqualTo(serviceTokens.LastName));
            Assert.That(userAuth.Email, Is.EqualTo(serviceTokens.Email));

            var authProviders = userAuthRepository.GetUserOAuthProviders(oAuthUserSession.UserAuthId);
            Assert.That(authProviders.Count, Is.EqualTo(1));
            var authProvider = authProviders[0];
            Assert.That(authProvider.UserAuthId, Is.EqualTo(userAuth.Id));
            Assert.That(authProvider.DisplayName, Is.EqualTo(serviceTokens.DisplayName));
            Assert.That(authProvider.FirstName, Is.EqualTo(serviceTokens.FirstName));
            Assert.That(authProvider.LastName, Is.EqualTo(serviceTokens.LastName));
            Assert.That(authProvider.Email, Is.EqualTo(serviceTokens.Email));
            Assert.That(authProvider.RequestToken, Is.Null);
            Assert.That(authProvider.RequestTokenSecret, Is.Null);
            Assert.That(authProvider.AccessToken, Is.Null);
            Assert.That(authProvider.AccessTokenSecret, Is.EqualTo(facebookTokens.AccessTokenSecret));

            Console.WriteLine(authProviders.Dump());
        }
        public void Does_merge_FacebookOAuth_TwitterOAuth(IUserAuthRepository userAuthRepository)
        {
            ((IClearable)userAuthRepository).Clear();

            var mockService = new Mock<IServiceBase>();
            mockService.Expect(x => x.TryResolve<IUserAuthRepository>())
                .Returns(userAuthRepository);

            var service = mockService.Object;

            var serviceTokensFb = MockAuthHttpGateway.Tokens = new OAuthTokens {
                UserId = "623501766",
                DisplayName = "Demis Bellot FB",
                FirstName = "Demis",
                LastName = "Bellot",
                Email = "*****@*****.**",
            };

            var facebookTokens = new OAuthTokens {
                Provider = FacebookAuthConfig.Name,
                AccessTokenSecret = "AAADDDCCCoR848BAMkQIZCRIKnVWZAvcKWqo7Ibvec8ebV9vJrfZAz8qVupdu5EbjFzmMmbwUFDbcNDea9H6rOn5SVn8es7KYZD",
            };

            var oAuthUserSession = GetSession();
            oAuthUserSession.OnAuthenticated(service, facebookTokens, new Dictionary<string, string>());

            var serviceTokensTw = MockAuthHttpGateway.Tokens = new OAuthTokens { DisplayName = "Demis Bellot TW" };

            var twitterTokens = new OAuthTokens {
                Provider = TwitterAuthConfig.Name,
                RequestToken = "JGGZZ22CCqgB1GR5e0EmGFxzyxGTw2rwEFFcC8a9o7g",
                RequestTokenSecret = "qKKCCUUJ2R10bMieVQZZad7iSwWkPYJmtBYzPoM9q0",
                UserId = "133371690876022785",
            };
            var authInfo = new Dictionary<string, string> {
                {"user_id", "133371690876022785"},
                {"screen_name", "demisbellot"},
            };

            oAuthUserSession.OnAuthenticated(service, twitterTokens, authInfo);

            Assert.That(oAuthUserSession.TwitterUserId, Is.EqualTo(authInfo["user_id"]));
            Assert.That(oAuthUserSession.TwitterScreenName, Is.EqualTo(authInfo["screen_name"]));

            var userAuth = userAuthRepository.GetUserAuth(oAuthUserSession.UserAuthId);
            Assert.That(userAuth.Id.ToString(), Is.EqualTo(oAuthUserSession.UserAuthId));
            Assert.That(userAuth.DisplayName, Is.EqualTo(serviceTokensTw.DisplayName));
            Assert.That(userAuth.FirstName, Is.EqualTo(serviceTokensFb.FirstName));
            Assert.That(userAuth.LastName, Is.EqualTo(serviceTokensFb.LastName));
            Assert.That(userAuth.Email, Is.EqualTo(serviceTokensFb.Email));

            var authProviders = userAuthRepository.GetUserOAuthProviders(oAuthUserSession.UserAuthId);
            Assert.That(authProviders.Count, Is.EqualTo(2));

            Console.WriteLine(userAuth.Dump());
            Console.WriteLine(authProviders.Dump());
        }
        /// <summary>
        /// Sets the CallbackUrl and session.ReferrerUrl if not set and initializes the session tokens for this AuthProvider
        /// </summary>
        /// <param name="authService"></param>
        /// <param name="session"></param>
        /// <param name="request"> </param>
        /// <returns></returns>
        protected IOAuthTokens Init(IServiceBase authService, ref IAuthSession session, Auth request)
        {
            if (request != null && !LoginMatchesSession(session, request.UserName))
            {
                //authService.RemoveSession();
                //session = authService.GetSession();
            }

            var requestUri = authService.RequestContext.AbsoluteUri;
            if (this.CallbackUrl.IsNullOrEmpty())
                this.CallbackUrl = requestUri;

            if (session.ReferrerUrl.IsNullOrEmpty())
                session.ReferrerUrl = authService.RequestContext.GetHeader("Referer");

            if (session.ReferrerUrl.IsNullOrEmpty()
                || session.ReferrerUrl.IndexOf("/auth", StringComparison.OrdinalIgnoreCase) >= 0)
                session.ReferrerUrl = this.RedirectUrl
                    ?? ServiceStackHttpHandlerFactory.GetBaseUrl()
                    ?? requestUri.Substring(0, requestUri.IndexOf("/", "https://".Length + 1));

            var tokens = session.ProviderOAuthAccess.FirstOrDefault(x => x.Provider == Provider);
            if (tokens == null)
                session.ProviderOAuthAccess.Add(tokens = new OAuthTokens { Provider = Provider });

            return tokens;
        }
        /// <summary>
        /// Sets the CallbackUrl and session.ReferrerUrl if not set and initializes the session tokens for this AuthProvider
        /// </summary>
        /// <param name="authService"></param>
        /// <param name="session"></param>
        /// <param name="request"> </param>
        /// <returns></returns>
        protected IOAuthTokens Init(IServiceBase authService, ref IAuthSession session, Auth request)
        {
            if (request != null && !LoginMatchesSession(session, request.UserName))
            {
                //authService.RemoveSession();
                //session = authService.GetSession();
            }

            if (this.CallbackUrl.IsNullOrEmpty())
                this.CallbackUrl = authService.RequestContext.AbsoluteUri;

            if (session.ReferrerUrl.IsNullOrEmpty())
                session.ReferrerUrl = authService.RequestContext.GetHeader("Referer") ?? this.CallbackUrl;

            var tokens = session.ProviderOAuthAccess.FirstOrDefault(x => x.Provider == Provider);
            if (tokens == null)
                session.ProviderOAuthAccess.Add(tokens = new OAuthTokens { Provider = Provider });

            return tokens;
        }
        protected IOAuthTokens Init(IServiceBase authService, ref IAuthSession session, Authenticate request)
        {
            var requestUri = authService.RequestContext.AbsoluteUri;
            if (this.CallbackUrl.IsNullOrEmpty())
            {
                this.CallbackUrl = requestUri;
            }

            if (session.ReferrerUrl.IsNullOrEmpty())
            {
                session.ReferrerUrl = (request != null ? request.Continue : null) ?? authService.RequestContext.GetHeader("Referer");
            }

            if (session.ReferrerUrl.IsNullOrEmpty() || session.ReferrerUrl.IndexOf("/auth", StringComparison.OrdinalIgnoreCase) >= 0)
            {
                session.ReferrerUrl = this.RedirectUrl
                                      ?? ServiceStackHttpHandlerFactory.GetBaseUrl()
                                      ?? requestUri.Substring(0, requestUri.IndexOf("/", "https://".Length + 1, StringComparison.Ordinal));
            }

            var tokens = session.ProviderOAuthAccess.FirstOrDefault(x => x.Provider == this.Provider);
            if (tokens == null)
            {
                session.ProviderOAuthAccess.Add(tokens = new OAuthTokens { Provider = this.Provider });
            }

            return tokens;
        }
Exemple #8
0
        public override object OnGet(Auth request)
        {
            if (ValidateFn != null)
            {
                var response = ValidateFn(this, HttpMethods.Get, request);
                if (response != null)
                {
                    return(response);
                }
            }

            AssertAuthProviders();

            if (request.provider == LogoutAction)
            {
                this.RemoveSession();
                return(new AuthResponse());
            }

            var provider = request.provider ?? AuthConfigs[0].Provider;

            if (provider == BasicProvider || provider == CredentialsProvider)
            {
                return(CredentialsAuth(request));
            }

            var oAuthConfig = AuthConfigs.FirstOrDefault(x => x.Provider == provider);

            if (oAuthConfig == null)
            {
                throw HttpError.NotFound("No configuration was added for OAuth provider '{0}'".Fmt(provider));
            }

            var session = this.GetSession();

            if (oAuthConfig.CallbackUrl.IsNullOrEmpty())
            {
                oAuthConfig.CallbackUrl = base.RequestContext.AbsoluteUri;
            }

            if (session.ReferrerUrl.IsNullOrEmpty())
            {
                session.ReferrerUrl = base.RequestContext.GetHeader("Referer") ?? oAuthConfig.CallbackUrl;
            }

            var oAuth = new OAuthAuthorizer(oAuthConfig);

            if (!session.IsAuthorized(provider))
            {
                var tokens = session.ProviderOAuthAccess.FirstOrDefault(x => x.Provider == provider);
                if (tokens == null)
                {
                    session.ProviderOAuthAccess.Add(tokens = new OAuthTokens {
                        Provider = provider
                    });
                }

                return(oAuthConfig.Authenticate(this, request, session, tokens, oAuth));
            }

            //Already Authenticated
            return(this.Redirect(session.ReferrerUrl.AddHashParam("s", "0")));
        }