private async Task <FacebookUser> FacebookDataAsync(FacebookCredentials credentials) { // Create a query string with the Facebook access token. var fbRequestUrl = $"https://graph.facebook.com/me?fields=birthday,email,name&access_token={credentials.AccessToken}"; // Create an HttpClient request. var client = new HttpClient(); // Request the current user info from Facebook. var resp = await client.GetAsync(fbRequestUrl); resp.EnsureSuccessStatusCode(); // Do something here with the Facebook user information. var fbInfoString = await resp.Content.ReadAsStringAsync(); var fbInfo = JsonConvert.DeserializeObject <FacebookUser>(fbInfoString); // Carico l'immagine dell'utente var fbRequestImageUrl = $"https://graph.facebook.com/me/picture?access_token={credentials.AccessToken}"; var respImage = await client.GetAsync(fbRequestImageUrl); respImage.EnsureSuccessStatusCode(); fbInfo.profile_image = await respImage.Content.ReadAsByteArrayAsync(); return(fbInfo); }
public void PopulateProviderCredentials_Facebook_CreatesExpectedCredentials() { const string UserIdClaimValue = "FacebookId"; FacebookCredentials credentials = new FacebookCredentials(); TokenResult tokenResult = new TokenResult(); tokenResult.Properties.Add(TokenResult.Authentication.AccessTokenName, "TestAccessToken"); Dictionary <string, string> claims = new Dictionary <string, string> { { "Claim1", "Value1" }, { "Claim2", "Value1" }, { "Claim3", "Value1" }, { ClaimTypes.NameIdentifier, UserIdClaimValue } }; tokenResult.Claims = claims; MobileAppUser.PopulateProviderCredentials(tokenResult, credentials); Assert.Equal("TestAccessToken", credentials.AccessToken); Assert.Equal(UserIdClaimValue, credentials.UserId); Assert.Equal(claims.Count, credentials.Claims.Count); }
public void PopulateProviderCredentials_Facebook_CreatesExpectedCredentials() { const string UserIdClaimValue = "FacebookId"; FacebookCredentials credentials = new FacebookCredentials(); TokenEntry tokenEntry = new TokenEntry("facebook"); tokenEntry.AccessToken = "TestAccessToken"; List <ClaimSlim> claims = new List <ClaimSlim> { new ClaimSlim("Claim1", "Value1"), new ClaimSlim("Claim2", "Value2"), new ClaimSlim("Claim3", "Value3"), }; tokenEntry.UserClaims = claims; tokenEntry.UserId = UserIdClaimValue; IPrincipalExtensions.PopulateProviderCredentials(tokenEntry, credentials); Assert.Equal("TestAccessToken", credentials.AccessToken); Assert.Equal(UserIdClaimValue, credentials.UserId); Assert.Equal(claims.Count, credentials.Claims.Count); Assert.Equal(claims.Count, credentials.UserClaims.Count()); }
void FillDataFromFacebook(FacebookCredentials credentials, out string first, out string last, out string profile) { first = credentials.UserClaims.FirstOrDefault(c => c.Type == ClaimTypes.GivenName)?.Value ?? string.Empty; last = credentials.UserClaims.FirstOrDefault(c => c.Type == ClaimTypes.Surname)?.Value ?? string.Empty; var id = credentials.UserClaims.FirstOrDefault(c => c.Type == ClaimTypes.NameIdentifier)?.Value ?? string.Empty; profile = $"https://graph.facebook.com/{id}/picture?type=large"; }
private void ValidateLoginToken(string token, FacebookCredentials expectedCredentials) { // validate the token and get the claims principal ClaimsPrincipal claimsPrincipal = null; Assert.True(this.tokenHandler.TryValidateLoginToken(token, TestSecretKey, out claimsPrincipal)); // create a user from the token and validate properties MobileAppUser user = this.tokenHandler.CreateServiceUser((ClaimsIdentity)claimsPrincipal.Identity, token); Assert.Equal(expectedCredentials.UserId, user.Id); Assert.Equal(token, user.MobileAppAuthenticationToken); }
public AppServiceTokenHandlerTests() { this.config = new HttpConfiguration(); this.tokenHandlerMock = new Mock <AppServiceTokenHandler>(this.config) { CallBase = true }; this.tokenHandler = this.tokenHandlerMock.Object; this.credentials = new FacebookCredentials { UserId = "Facebook:1234", AccessToken = "abc123" }; }
private FacebookDetails GetFacebookDetails(FacebookCredentials facebookCredentials) { FacebookClient facebookClient = new FacebookClient(facebookCredentials.AccessToken); dynamic me = facebookClient.Get("me"); return(new FacebookDetails() { UserId = me.id, EmailAddress = me.email, FirstName = me.first_name, LastName = me.last_name }); }
public SecurityController(UserManager <AppUser> userManager, IUserBusiness userBusiness, IOptions <AppSettings> appSettings, JwtOptions jwtOptions, IOptions <FacebookCredentials> facebookCredentials, IJwtFactory jwtFactory) { this._userManager = userManager; _userBusiness = userBusiness; this._jwtOptions = jwtOptions; this._jwtFactory = jwtFactory; _facebookCredentials = facebookCredentials.Value; _appSettings = appSettings.Value; }
public ServiceUserTests() { this.facebookCredentials = new FacebookCredentials() { UserId = "Facebook:FBUserId", AccessToken = "ABCDEF" }; HttpConfiguration config = new HttpConfiguration(); this.tokenHandlerMock = new Mock <MobileAppTokenHandler>(config) { CallBase = true }; this.tokenHandler = this.tokenHandlerMock.Object; }
public IPrincipalExtensionsTests() { this.facebookCredentials = new FacebookCredentials() { UserId = "Facebook:FBUserId", AccessToken = "ABCDEF" }; HttpConfiguration config = new HttpConfiguration(); this.tokenHandlerMock = new Mock <AppServiceTokenHandler>(config) { CallBase = true }; this.tokenHandler = this.tokenHandlerMock.Object; }
/// <summary> /// GET api/UserProfile/UserName/<provider> /// </summary> /// <param name="provider">The MobileServiceAuthenticationProvider value that specifies which provider to access</param> /// <returns>Returns the user's display name</returns> /// <remarks> /// If you need other properties from the provider then add additional API to this controller /// </remarks> async public Task <string> GetUserName(string provider) { string userName = null; try { if (provider == "MicrosoftAccount") { MicrosoftAccountCredentials credential = await User.GetAppServiceIdentityAsync <MicrosoftAccountCredentials>(Request); userName = credential.Claims["http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name"]; } else if (provider == "Google") { GoogleCredentials credential = await User.GetAppServiceIdentityAsync <GoogleCredentials>(Request); userName = credential.Claims["name"]; } else if (provider == "Twitter") { TwitterCredentials credential = await User.GetAppServiceIdentityAsync <TwitterCredentials>(Request); userName = credential.Claims["http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name"]; } else if (provider == "Facebook") { FacebookCredentials credential = await User.GetAppServiceIdentityAsync <FacebookCredentials>(Request); userName = credential.Claims["http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name"]; } else if (provider == "WindowsAzureActiveDirectory") { AzureActiveDirectoryCredentials credential = await User.GetAppServiceIdentityAsync <AzureActiveDirectoryCredentials>(Request); userName = credential.Claims["name"]; } } catch (Exception e) { System.Diagnostics.Debug.WriteLine("Exception in UserProfileController.GetUserName(): " + e.Message); userName = "******"; } return(userName); }
public async Task GetIdentityAsync_Succeeds() { // Arrange TokenEntry tokenEntry = new TokenEntry("facebook"); tokenEntry.UserId = "userId"; tokenEntry.AccessToken = "accessToken"; tokenEntry.UserClaims = new List <ClaimSlim>() { new ClaimSlim(ClaimTypes.NameIdentifier, "11111111"), new ClaimSlim("groups", "group 1"), new ClaimSlim("groups", "group 2") }; HttpResponseMessage response = CreateOkResponseWithContent(tokenEntry); MockHttpMessageHandler handler = new MockHttpMessageHandler(response); ClaimsPrincipal user = new ClaimsPrincipal(CreateMockClaimsIdentity(new[] { new Claim(JwtRegisteredClaimNames.Iss, "http://contoso.com") }, true)); HttpRequestMessage request = new HttpRequestMessage(); request.Headers.Add(AuthHeaderName, "token"); //Act FacebookCredentials creds = await user.GetAppServiceIdentityAsync <FacebookCredentials>(request, new HttpClient(handler)); // Assert Assert.Equal(tokenEntry.UserId, creds.UserId); Assert.Equal(tokenEntry.AccessToken, creds.AccessToken); Assert.Equal("Facebook", creds.Provider); // Verify Claims Assert.Equal(2, creds.Claims.Count()); Assert.Equal("11111111", creds.Claims[ClaimTypes.NameIdentifier]); Assert.Equal("group 2", creds.Claims["groups"]); // this is overwritten // Verify UserClaims Assert.Equal(3, creds.UserClaims.Count()); Assert.Equal("11111111", creds.UserClaims.Single(c => c.Type == ClaimTypes.NameIdentifier).Value); Assert.Equal(2, creds.UserClaims.Count(c => c.Type == "groups")); Assert.Equal(new[] { "group 1", "group 2" }, creds.UserClaims.Where(c => c.Type == "groups").Select(c => c.Value)); Assert.Equal("http://contoso.com/.auth/me?provider=facebook", handler.ActualRequest.RequestUri.ToString()); Assert.Equal("token", handler.ActualRequest.GetHeaderOrDefault(AuthHeaderName)); }
public TokenInfo GetDummyUserToken() { ProviderCredentials creds = new FacebookCredentials { Provider = "Facebook", UserId = "Facebook:[email protected]", AccessToken = "somepassword" }; Claim[] claims = new Claim[] { new Claim(ClaimTypes.NameIdentifier, creds.UserId) }; ClaimsIdentity claimsIdentity = new ClaimsIdentity(claims); TokenInfo tokenInfo = this.handler.CreateTokenInfo(claimsIdentity, creds, TimeSpan.FromDays(10), this.Services.Settings.MasterKey); LoginResult actual = this.handler.CreateLoginResult(tokenInfo, creds, this.Services.Settings.MasterKey); return(tokenInfo); }
public TokenInfo GetDummyUserToken() { ProviderCredentials creds = new FacebookCredentials { Provider = "Facebook", UserId = "Facebook:[email protected]", AccessToken = "somepassword" }; Claim[] claims = new Claim[] { new Claim(ClaimTypes.NameIdentifier, creds.UserId) }; ClaimsIdentity claimsIdentity = new ClaimsIdentity(claims); TokenInfo tokenInfo = this.handler.CreateTokenInfo(claimsIdentity, creds, TimeSpan.FromDays(10), this.Services.Settings.MasterKey); LoginResult actual = this.handler.CreateLoginResult(tokenInfo, creds, this.Services.Settings.MasterKey); return tokenInfo; }
public FormResponse Login([FromBody] FacebookCredentials facebookCredentials) { FormResponse formResponse = new FormResponse(); FacebookDetails facebookDetails = this.GetFacebookDetails(facebookCredentials); if (this.Members.Login(facebookDetails.EmailAddress, this.GetPassword(facebookDetails))) { formResponse.Success = true; formResponse.Message = ((IPartier)this.Members.GetByUsername(facebookDetails.EmailAddress)).PartyUrl; } else { this.ModelState.AddModelError("LoginValidation", "Unknown user"); formResponse.Errors = this.ModelState.GetErrors(); } return(formResponse); }
// GET api/<controller> public async Task <User> Get() { if (credentials == null) { // get the credentials of the user who already signed in credentials = await User.GetAppServiceIdentityAsync <FacebookCredentials>(Request); } fbRequestUrl = "https://graph.facebook.com/me?fields=name,email,id&access_token=" + credentials.AccessToken; var client = new HttpClient(); var resp = await client.GetAsync(fbRequestUrl); resp.EnsureSuccessStatusCode(); var fbInfo = await resp.Content.ReadAsStringAsync(); FacebookInfo info = JsonConvert.DeserializeObject <FacebookInfo>(fbInfo); context = new ToDoTogetherAppContext(); domainManager = new EntityDomainManager <DataObjects.User>(context, Request); var user = context.Users.FirstOrDefault(u => u.Email == info.Email); // create new user in the database if one doesn't already exist if (user == null) { user = new DataObjects.User { Email = info.Email, UserName = info.Name, ProviderId = info.Id }; await domainManager.InsertAsync(user); } // add user to the database with just an email (user was previously added by someone else to the project as a colaborator) else if (string.IsNullOrEmpty(user.ProviderId)) { user.UserName = info.Name; user.ProviderId = info.Id; await context.SaveChangesAsync(); } return(user); }
public async Task <object> Get() { FacebookCredentials fbCreds = await this.User.GetAppServiceIdentityAsync <FacebookCredentials>(this.Request); TwitterCredentials twitterCreds = await this.User.GetAppServiceIdentityAsync <TwitterCredentials>(this.Request); GoogleCredentials googCreds = await this.User.GetAppServiceIdentityAsync <GoogleCredentials>(this.Request); MicrosoftAccountCredentials msCreds = await this.User.GetAppServiceIdentityAsync <MicrosoftAccountCredentials>(this.Request); AzureActiveDirectoryCredentials aadCreds = await this.User.GetAppServiceIdentityAsync <AzureActiveDirectoryCredentials>(this.Request); return(new { FacebookCreds = fbCreds, TwitterCreds = twitterCreds, GoogleCreds = googCreds, MicrosoftAccountCreds = msCreds, AadCreds = aadCreds, Claims = (this.User as ClaimsPrincipal).Claims.Select(c => new { Type = c.Type, Value = c.Value }) }); }
private static void ValidateTestCredentials(FacebookCredentials credentials) { Assert.Equal("Facebook", credentials.Provider); Assert.Equal("Facebook:1234", credentials.UserId); Assert.Equal("abc123", credentials.AccessToken); }
internal static void PopulateProviderCredentials(TokenEntry tokenEntry, ProviderCredentials credentials) { if (tokenEntry.UserClaims != null) { Collection <Claim> userClaims = new Collection <Claim>(); foreach (ClaimSlim claim in tokenEntry.UserClaims) { userClaims.Add(new Claim(claim.Type, claim.Value)); } credentials.UserClaims = userClaims; } FacebookCredentials facebookCredentials = credentials as FacebookCredentials; if (facebookCredentials != null) { facebookCredentials.AccessToken = tokenEntry.AccessToken; facebookCredentials.UserId = tokenEntry.UserId; return; } GoogleCredentials googleCredentials = credentials as GoogleCredentials; if (googleCredentials != null) { googleCredentials.AccessToken = tokenEntry.AccessToken; googleCredentials.RefreshToken = tokenEntry.RefreshToken; googleCredentials.UserId = tokenEntry.UserId; googleCredentials.AccessTokenExpiration = tokenEntry.ExpiresOn; return; } AzureActiveDirectoryCredentials aadCredentials = credentials as AzureActiveDirectoryCredentials; if (aadCredentials != null) { aadCredentials.AccessToken = tokenEntry.IdToken; Claim objectIdClaim = credentials.UserClaims.FirstOrDefault(c => string.Equals(c.Type, ObjectIdentifierClaimType, StringComparison.OrdinalIgnoreCase)); if (objectIdClaim != null) { aadCredentials.ObjectId = objectIdClaim.Value; } Claim tenantIdClaim = credentials.UserClaims.FirstOrDefault(c => string.Equals(c.Type, TenantIdClaimType, StringComparison.OrdinalIgnoreCase)); if (tenantIdClaim != null) { aadCredentials.TenantId = tenantIdClaim.Value; } aadCredentials.UserId = tokenEntry.UserId; return; } MicrosoftAccountCredentials microsoftAccountCredentials = credentials as MicrosoftAccountCredentials; if (microsoftAccountCredentials != null) { microsoftAccountCredentials.AccessToken = tokenEntry.AccessToken; microsoftAccountCredentials.RefreshToken = tokenEntry.RefreshToken; microsoftAccountCredentials.UserId = tokenEntry.UserId; microsoftAccountCredentials.AccessTokenExpiration = tokenEntry.ExpiresOn; return; } TwitterCredentials twitterCredentials = credentials as TwitterCredentials; if (twitterCredentials != null) { twitterCredentials.AccessToken = tokenEntry.AccessToken; twitterCredentials.AccessTokenSecret = tokenEntry.AccessTokenSecret; twitterCredentials.UserId = tokenEntry.UserId; return; } }
internal static void PopulateProviderCredentials(TokenEntry tokenEntry, ProviderCredentials credentials) { if (tokenEntry.UserClaims != null) { credentials.Claims = new Dictionary <string, string>(); foreach (ClaimSlim claim in tokenEntry.UserClaims) { credentials.Claims[claim.Type] = claim.Value; } } FacebookCredentials facebookCredentials = credentials as FacebookCredentials; if (facebookCredentials != null) { facebookCredentials.AccessToken = tokenEntry.AccessToken; facebookCredentials.UserId = tokenEntry.UserId; return; } GoogleCredentials googleCredentials = credentials as GoogleCredentials; if (googleCredentials != null) { googleCredentials.AccessToken = tokenEntry.AccessToken; googleCredentials.RefreshToken = tokenEntry.RefreshToken; googleCredentials.UserId = tokenEntry.UserId; googleCredentials.AccessTokenExpiration = tokenEntry.ExpiresOn; return; } AzureActiveDirectoryCredentials aadCredentials = credentials as AzureActiveDirectoryCredentials; if (aadCredentials != null) { aadCredentials.AccessToken = tokenEntry.IdToken; aadCredentials.ObjectId = credentials.Claims.GetValueOrDefault(ObjectIdentifierClaimType); aadCredentials.TenantId = credentials.Claims.GetValueOrDefault(TenantIdClaimType); aadCredentials.UserId = tokenEntry.UserId; return; } MicrosoftAccountCredentials microsoftAccountCredentials = credentials as MicrosoftAccountCredentials; if (microsoftAccountCredentials != null) { microsoftAccountCredentials.AccessToken = tokenEntry.AccessToken; microsoftAccountCredentials.RefreshToken = tokenEntry.RefreshToken; microsoftAccountCredentials.UserId = tokenEntry.UserId; microsoftAccountCredentials.AccessTokenExpiration = tokenEntry.ExpiresOn; return; } TwitterCredentials twitterCredentials = credentials as TwitterCredentials; if (twitterCredentials != null) { twitterCredentials.AccessToken = tokenEntry.AccessToken; twitterCredentials.AccessTokenSecret = tokenEntry.AccessTokenSecret; twitterCredentials.UserId = tokenEntry.UserId; return; } }
public FormResponse RegisterGuest([FromUri] Guid partyGuid, [FromBody] FacebookCredentials facebookCredentials) { FormResponse formResponse = new FormResponse(); FacebookDetails facebookDetails = this.GetFacebookDetails(facebookCredentials); // no helper method on this.Members to register a user with a given memberType, so calling provider directly UmbracoMembershipProviderBase membersUmbracoMembershipProvider = (UmbracoMembershipProviderBase)Membership.Providers[Constants.Conventions.Member.UmbracoMemberProviderName]; MembershipCreateStatus membershipCreateStatus; MembershipUser membershipUser = membersUmbracoMembershipProvider.CreateUser( PartyGuest.Alias, // member type alias facebookDetails.EmailAddress, // username this.GetPassword(facebookDetails), // password facebookDetails.EmailAddress, // email null, // forgotten password question null, // forgotten password answer true, // is approved null, // provider user key out membershipCreateStatus); if (membershipCreateStatus != MembershipCreateStatus.Success) { switch (membershipCreateStatus) { case MembershipCreateStatus.DuplicateEmail: case MembershipCreateStatus.DuplicateUserName: this.ModelState.AddModelError("RegisterGuestValidation", "Email already registered"); formResponse.Errors = this.ModelState.GetErrors(); break; } return(formResponse); } // cast from MembershipUser rather than use this.Members.GetCurrentMember() helper (which needs a round trip for the login) PartyGuest partyGuest = (PartyGuest)membershipUser; partyGuest.FacebookRegistration = true; partyGuest.FirstName = facebookDetails.FirstName; partyGuest.LastName = facebookDetails.LastName; // update database with member and party guid (duplicated data, but never changes) this.DatabaseContext.Database.Insert(new MemberPartyRow(partyGuest.Id, partyGuid)); // (duplicate data) store party guid in cms cache partyGuest.PartyGuid = partyGuid; // add member to DotMailer DotMailerService.GuestRegistrationStarted((Contact)partyGuest); // send cookie FormsAuthentication.SetAuthCookie(partyGuest.Username, true); formResponse.Success = true; formResponse.Message = this.Umbraco.TypedContentSingleAtXPath("//" + Wonderland.Logic.Models.Content.RegisterGuest.Alias).Url; return(formResponse); }