public async Task <IHttpActionResult> ValidateZaloToken(Core.BLL.Utils.ZaloAuthResponse data) { try { if (string.IsNullOrWhiteSpace(data.uid) || string.IsNullOrWhiteSpace(data.code) || string.IsNullOrWhiteSpace(data.state)) { return(BadRequest("Provider or external access token is not sent")); } if (data.state != "punnel2019") { return(BadRequest("Token state is not valid")); } var profile = _uow.UserProfile.GetByExternalId("Zalo", data.uid); //Neu user chua dang ki => redirect dang ki if (profile == null) { var zaloProfile = new Core.BLL.Utils.ZaloUtils().GetProfile(data.code); return(Ok(new { status = 0, profile = zaloProfile })); } else { var user = await _repoUser.FindByNameAsync(profile.Email); if (user == null) { return(BadRequest("Profile is invalid")); } else { var accessTokenResponse = GenerateLocalAccessTokenResponse(user); return(Ok(new { status = 1, token = accessTokenResponse })); } } } catch (Exception ex) { _log.Error(ex); return(BadRequest()); } }
private async Task <ParsedExternalAccessToken> VerifyExternalAccessToken(string provider, string accessToken) { ParsedExternalAccessToken parsedToken = null; var verifyTokenEndPoint = ""; if (provider == "Facebook") { //You can get it from here: https://developers.facebook.com/tools/accesstoken/ //More about debug_tokn here: http://stackoverflow.com/questions/16641083/how-does-one-get-the-app-access-token-for-debug-token-inspection-on-facebook var appToken = Core.Utils.ConfigSettings.Get("FACEBOOK_APP_TOKEN", "370027363509032|fSFT-7JA_Gzswojp5Rl5on8hUvo");// "483985835067602|_C4qSBFWgJHefHrbasrduvpjog8"); verifyTokenEndPoint = string.Format("https://graph.facebook.com/debug_token?input_token={0}&access_token={1}", accessToken, appToken); } else if (provider == "Google") { verifyTokenEndPoint = string.Format("https://www.googleapis.com/oauth2/v1/tokeninfo?access_token={0}", accessToken); } else if (provider == "Zalo") { var zaloProfile = new Core.BLL.Utils.ZaloUtils().GetProfile(accessToken); return(new ParsedExternalAccessToken() { user_id = zaloProfile.id, user_name = zaloProfile.id }); } else { return(null); } _log.InfoFormat("uri ext login: {0}", verifyTokenEndPoint); var client = new HttpClient(); var uri = new Uri(verifyTokenEndPoint); var response = await client.GetAsync(uri); if (response.IsSuccessStatusCode) { var content = await response.Content.ReadAsStringAsync(); dynamic jObj = (JObject)Newtonsoft.Json.JsonConvert.DeserializeObject(content); parsedToken = new ParsedExternalAccessToken(); if (provider == "Facebook") { _log.Warn(jObj); parsedToken.user_id = jObj["data"]["user_id"]; parsedToken.app_id = jObj["data"]["app_id"]; //parsedToken.user_name = jObj["email"]; if (!string.Equals(Startup.facebookAuthOptions.AppId, parsedToken.app_id, StringComparison.OrdinalIgnoreCase)) { return(null); } } else if (provider == "Google") { parsedToken.user_id = jObj["user_id"]; parsedToken.user_name = jObj["email"]; parsedToken.app_id = jObj["audience"]; if (!string.Equals(Startup.googleAuthOptions.ClientId, parsedToken.app_id, StringComparison.OrdinalIgnoreCase)) { return(null); } } } return(parsedToken); }