public async Task <IHttpActionResult> ValidateZaloToken(Core.BLL.Utils.ZaloAuthResponse data)
{
try
{
if (string.IsNullOrWhiteSpace(data.uid) || string.IsNullOrWhiteSpace(data.code) || string.IsNullOrWhiteSpace(data.state))
{
return(BadRequest("Provider or external access token is not sent"));
}
if (data.state != "punnel2019")
{
return(BadRequest("Token state is not valid"));
}
var profile = _uow.UserProfile.GetByExternalId("Zalo", data.uid);
//Neu user chua dang ki => redirect dang ki
if (profile == null)
{
var zaloProfile = new Core.BLL.Utils.ZaloUtils().GetProfile(data.code);
return(Ok(new { status = 0, profile = zaloProfile }));
}
else
{
var user = await _repoUser.FindByNameAsync(profile.Email);
if (user == null)
{
return(BadRequest("Profile is invalid"));
}
else
{
var accessTokenResponse = GenerateLocalAccessTokenResponse(user);
return(Ok(new { status = 1, token = accessTokenResponse }));
}
}
}
catch (Exception ex)
{
_log.Error(ex);
return(BadRequest());
}
}
private async Task <ParsedExternalAccessToken> VerifyExternalAccessToken(string provider, string accessToken)
{
ParsedExternalAccessToken parsedToken = null;
var verifyTokenEndPoint = "";
if (provider == "Facebook")
{
//You can get it from here: https://developers.facebook.com/tools/accesstoken/
//More about debug_tokn here: http://stackoverflow.com/questions/16641083/how-does-one-get-the-app-access-token-for-debug-token-inspection-on-facebook
var appToken = Core.Utils.ConfigSettings.Get("FACEBOOK_APP_TOKEN", "370027363509032|fSFT-7JA_Gzswojp5Rl5on8hUvo");// "483985835067602|_C4qSBFWgJHefHrbasrduvpjog8");
verifyTokenEndPoint = string.Format("https://graph.facebook.com/debug_token?input_token={0}&access_token={1}", accessToken, appToken);
}
else if (provider == "Google")
{
verifyTokenEndPoint = string.Format("https://www.googleapis.com/oauth2/v1/tokeninfo?access_token={0}", accessToken);
}
else if (provider == "Zalo")
{
var zaloProfile = new Core.BLL.Utils.ZaloUtils().GetProfile(accessToken);
return(new ParsedExternalAccessToken()
{
user_id = zaloProfile.id,
user_name = zaloProfile.id
});
}
else
{
return(null);
}
_log.InfoFormat("uri ext login: {0}", verifyTokenEndPoint);
var client = new HttpClient();
var uri = new Uri(verifyTokenEndPoint);
var response = await client.GetAsync(uri);
if (response.IsSuccessStatusCode)
{
var content = await response.Content.ReadAsStringAsync();
dynamic jObj = (JObject)Newtonsoft.Json.JsonConvert.DeserializeObject(content);
parsedToken = new ParsedExternalAccessToken();
if (provider == "Facebook")
{
_log.Warn(jObj);
parsedToken.user_id = jObj["data"]["user_id"];
parsedToken.app_id = jObj["data"]["app_id"];
//parsedToken.user_name = jObj["email"];
if (!string.Equals(Startup.facebookAuthOptions.AppId, parsedToken.app_id, StringComparison.OrdinalIgnoreCase))
{
return(null);
}
}
else if (provider == "Google")
{
parsedToken.user_id = jObj["user_id"];
parsedToken.user_name = jObj["email"];
parsedToken.app_id = jObj["audience"];
if (!string.Equals(Startup.googleAuthOptions.ClientId, parsedToken.app_id, StringComparison.OrdinalIgnoreCase))
{
return(null);
}
}
}
return(parsedToken);
}
