public async Task CreateCustomTokenWithoutServiceAccount()
{
var googleCred = FirebaseApp.DefaultInstance.Options.Credential;
var serviceAcct = (ServiceAccountCredential)googleCred.UnderlyingCredential;
var token = await((ITokenAccess)googleCred).GetAccessTokenForRequestAsync();
var app = FirebaseApp.Create(
new AppOptions()
{
Credential = GoogleCredential.FromAccessToken(token),
ServiceAccountId = serviceAcct.Id,
ProjectId = serviceAcct.ProjectId,
}, "IAMSignApp");
try
{
var auth = this.fixture.AuthFromApp(app);
var customToken = await this.Auth.CreateCustomTokenAsync("testuser");
var idToken = await AuthIntegrationUtils.SignInWithCustomTokenAsync(
customToken, this.fixture.TenantId);
await this.AssertValidIdTokenAsync(idToken);
}
finally
{
app.Delete();
}
}
public async Task GetMessagingWithClientFactory()
{
var handler = new MockMessageHandler()
{
Response = new FirebaseMessagingClient.SingleMessageResponse()
{
Name = "test-response",
},
};
var factory = new MockHttpClientFactory(handler);
var app = FirebaseApp.Create(new AppOptions()
{
Credential = GoogleCredential.FromAccessToken("test-token"),
HttpClientFactory = factory,
ProjectId = "test-project",
});
FirebaseMessaging messaging = FirebaseMessaging.GetMessaging(app);
Assert.NotNull(messaging);
Assert.Same(messaging, FirebaseMessaging.GetMessaging(app));
var response = await messaging.SendAsync(new Message()
{
Topic = "test-topic"
});
Assert.Equal("test-response", response);
app.Delete();
}
private FirebaseAuth CreateFirebaseAuth(HttpMessageHandler handler = null)
{
var args = FirebaseTokenVerifierArgs.ForSessionCookies(
"test-project", KeySource, Clock);
var tokenVerifier = new FirebaseTokenVerifier(args);
FirebaseUserManager userManager = null;
if (handler != null)
{
userManager = new FirebaseUserManager(new FirebaseUserManager.Args
{
Credential = GoogleCredential.FromAccessToken("test-token"),
ProjectId = "test-project",
ClientFactory = new MockHttpClientFactory(handler),
RetryOptions = RetryOptions.NoBackOff,
});
}
return(new FirebaseAuth(new FirebaseAuth.FirebaseAuthArgs()
{
SessionCookieVerifier = new Lazy <FirebaseTokenVerifier>(tokenVerifier),
UserManager = new Lazy <FirebaseUserManager>(userManager),
IdTokenVerifier = new Lazy <FirebaseTokenVerifier>(),
TokenFactory = new Lazy <FirebaseTokenFactory>(),
}));
}
public async Task SendMailAsync(string accessToken, string subject, string to, string body, string from)
{
var service = new GmailService(new BaseClientService.Initializer
{
HttpClientInitializer = GoogleCredential.FromAccessToken(accessToken),
});
//send email
var msg = new AE.Net.Mail.MailMessage
{
Subject = subject,
Body = body,
From = new MailAddress(from),
};
string Mails = to;
var recipients = Mails.Split(' ');
foreach (var recipient in recipients)
{
msg.To.Add(new MailAddress(recipient));
msg.ReplyTo.Add(msg.From);
var msgStr = new StringWriter();
msg.Save(msgStr);
await service.Users.Messages.Send(new Message()
{
Raw = Base64UrlEncode(msgStr.ToString())
}, "me").ExecuteAsync();
}
}
private void SendLogData(string Rows, string fieldName, string searchVal, string DateTime)
{
GoogleCredential credential = GoogleCredential.FromAccessToken(GetCurrentAccessToken());
var service = new SheetsService(new BaseClientService.Initializer()
{
HttpClientInitializer = credential,
ApplicationName = ApplicationName,
});
String spreadsheetId = QuickSearch2.Properties.Settings.Default.LogDataSpreadsheet;
String range = "Sheet1!A1:E1";
ValueRange body = new ValueRange();
body.MajorDimension = "ROWS";
var list = new List <object>()
{
Rows, fieldName, searchVal, DateTime
};
body.Values = new List <IList <object> > {
list
};
var result = service.Spreadsheets.Values.Append(body, spreadsheetId, range);
result.ValueInputOption = SpreadsheetsResource.ValuesResource.AppendRequest.ValueInputOptionEnum.USERENTERED;
result.Execute();
}
private void GetFileId()
{
GoogleCredential credential = GoogleCredential.FromAccessToken(GetCurrentAccessToken());
var service = new SheetsService(new BaseClientService.Initializer()
{
HttpClientInitializer = credential,
ApplicationName = ApplicationName,
});
try
{
String spreadsheetId = QuickSearch2.Properties.Settings.Default.DefaultSpreadsheetID;
String range = "Sheet1!A1";
SpreadsheetsResource.ValuesResource.GetRequest request =
service.Spreadsheets.Values.Get(spreadsheetId, range);
ValueRange ress = request.Execute();
IList <IList <Object> > values = ress.Values;
if (values != null && values.Count > 0)
{
var mainID = values[0];
fileId = mainID[0].ToString();
}
else
{
ScriptManager.RegisterStartupScript(UpdatePanel1, UpdatePanel1.GetType(), "Error", "alert('Could not find ID')", true);
}
}
catch (Exception ex)
{
ScriptManager.RegisterStartupScript(UpdatePanel1, UpdatePanel1.GetType(), "Error", "alert('Unable to connect to specified Google Sheet due to " + ex + "')", true);
}
}
public async Task CreateCustomTokenWithoutServiceAccount()
{
var googleCred = FirebaseApp.DefaultInstance.Options.Credential;
var serviceAcct = (ServiceAccountCredential)googleCred.UnderlyingCredential;
var token = await((ITokenAccess)googleCred).GetAccessTokenForRequestAsync();
var app = FirebaseApp.Create(
new AppOptions()
{
Credential = GoogleCredential.FromAccessToken(token),
ServiceAccountId = serviceAcct.Id,
}, "IAMSignApp");
try
{
var customToken = await FirebaseAuth.GetAuth(app).CreateCustomTokenAsync(
"testuser");
var idToken = await SignInWithCustomTokenAsync(customToken);
var decoded = await FirebaseAuth.DefaultInstance.VerifyIdTokenAsync(idToken);
Assert.Equal("testuser", decoded.Uid);
}
finally
{
app.Delete();
}
}
public async Task Signer()
{
var bytes = Encoding.UTF8.GetBytes("signature");
var handler = new MockMessageHandler()
{
Response = new IAMSigner.SignBlobResponse()
{
Signature = Convert.ToBase64String(bytes),
},
};
var factory = new MockHttpClientFactory(handler);
var signer = new FixedAccountIAMSigner(
factory, GoogleCredential.FromAccessToken("token"), "test-service-account");
Assert.Equal("test-service-account", await signer.GetKeyIdAsync());
byte[] data = Encoding.UTF8.GetBytes("Hello world");
byte[] signature = await signer.SignDataAsync(data);
Assert.Equal(bytes, signature);
var req = NewtonsoftJsonSerializer.Instance.Deserialize <IAMSigner.SignBlobRequest>(
handler.Request);
Assert.Equal(Convert.ToBase64String(data), req.BytesToSign);
Assert.Equal(1, handler.Calls);
}
public async Task Signer()
{
var bytes = Encoding.UTF8.GetBytes("signature");
var handler = new MockMessageHandler()
{
Response = "discovered-service-account",
};
var factory = new MockHttpClientFactory(handler);
var signer = new IAMSigner(factory, GoogleCredential.FromAccessToken("token"));
Assert.Equal("discovered-service-account", await signer.GetKeyIdAsync());
Assert.Equal(1, handler.Calls);
// should only fetch account once
Assert.Equal("discovered-service-account", await signer.GetKeyIdAsync());
Assert.Equal(1, handler.Calls);
handler.Response = new IAMSigner.SignBlobResponse()
{
Signature = Convert.ToBase64String(bytes),
};
byte[] data = Encoding.UTF8.GetBytes("Hello world");
byte[] signature = await signer.SignDataAsync(data);
Assert.Equal(bytes, signature);
var req = NewtonsoftJsonSerializer.Instance.Deserialize <IAMSigner.SignBlobRequest>(
handler.LastRequestBody);
Assert.Equal(Convert.ToBase64String(data), req.BytesToSign);
Assert.Equal(2, handler.Calls);
Assert.Equal("Bearer token", handler.LastRequestHeaders.Authorization?.ToString());
}
public async Task WhenConnectingWithInvalidAccessToken_ThenReadingFailsWithUnauthorizedException
([LinuxInstance(InitializeScript = InstallApache)] InstanceRequest vm)
{
await vm.AwaitReady();
// NB. Fiddler might cause this test to fail.
byte[] request = new ASCIIEncoding().GetBytes(
"GET / HTTP/1.0\r\n\r\n");
var stream = new SshRelayStream(
new IapTunnelingEndpoint(
GoogleCredential.FromAccessToken("invalid"),
vm.InstanceReference,
80,
IapTunnelingEndpoint.DefaultNetworkInterface));
await stream.WriteAsync(request, 0, request.Length, CancellationToken.None);
AssertEx.ThrowsAggregateException <UnauthorizedException>(() =>
{
byte[] buffer = new byte[64 * 1024];
stream.ReadAsync(buffer, 0, buffer.Length, CancellationToken.None).Wait();
});
}
private Person GetAccountData(Account account)
{
Person person;
try
{
this._provider.ClientIdentifier = (base.Application.ApplicationKey);
this._provider.ClientSecret = (base.Application.ApplicationSecret);
this.auth = this.GetAuthState(account.AccessTokenSecret);
var request = new PeopleServiceService(new BaseClientService.Initializer()
{
HttpClientInitializer = GoogleCredential.FromAccessToken(this.auth.AccessToken),
}).People.Get("people/me");
request.RequestMaskIncludeField = "person.names,person.emailAddresses,person.metadata";
person = request.Execute();
//person = new PeopleServiceService(new OAuth2Authenticator<NativeApplicationClient>(this._provider, new Func<NativeApplicationClient, IAuthorizationState>(this.GetAuthentication))).People.Get("me").Fetch();
}
catch (Exception exception)
{
new GooglePlusExceptionAnalyzer().Analyze(exception);
return(null);
}
return(person);
}
public void add_named_health_check_when_properly_configured()
{
var services = new ServiceCollection();
services.AddHealthChecks()
.AddGcpCloudStorage(setup =>
{
setup.ProjectId = Guid.NewGuid().ToString();
setup.Bucket = "mybucket";
setup.GoogleCredential = GoogleCredential.FromAccessToken("xxxxxxxxx");
//OTHER WAYS TO AUTHENTICATE
//setup.GoogleCredential = GoogleCredential.GetApplicationDefault();
//setup.GoogleCredential = GoogleCredential.FromComputeCredential(new ComputeCredential());
//setup.GoogleCredential = GoogleCredential.FromServiceAccountCredential(new ServiceAccountCredential(null));
//setup.GoogleCredential = GoogleCredential.FromFile("./path");
//setup.GoogleCredential = GoogleCredential.FromJson("./path/jsonfile.json");
//setup.GoogleCredential = GoogleCredential.FromStream(Stream.Null);
}, name: "my-cloud-storage-group");
var serviceProvider = services.BuildServiceProvider();
var options = serviceProvider.GetService <IOptions <HealthCheckServiceOptions> >();
var registration = options.Value.Registrations.First();
var check = registration.Factory(serviceProvider);
registration.Name.Should().Be("my-cloud-storage-group");
check.GetType().Should().Be(typeof(GcpCloudStorageHealthCheck));
}
public async Task AccountDiscoveryError()
{
var bytes = Encoding.UTF8.GetBytes("signature");
var handler = new MockMessageHandler()
{
StatusCode = HttpStatusCode.InternalServerError,
};
var factory = new MockHttpClientFactory(handler);
var signer = new IAMSigner(factory, GoogleCredential.FromAccessToken("token"));
var errorMessage = "Failed to determine service account ID. Make sure to initialize the SDK "
+ "with service account credentials or specify a service account "
+ "ID with iam.serviceAccounts.signBlob permission. Please refer to "
+ "https://firebase.google.com/docs/auth/admin/create-custom-tokens for "
+ "more details on creating custom tokens.";
var ex = await Assert.ThrowsAsync <InvalidOperationException>(
async() => await signer.GetKeyIdAsync());
Assert.Equal(1, handler.Calls);
Assert.Equal(errorMessage, ex.Message);
Assert.IsType <HttpRequestException>(ex.InnerException);
ex = await Assert.ThrowsAsync <InvalidOperationException>(
async() => await signer.GetKeyIdAsync());
Assert.Equal(1, handler.Calls);
Assert.Equal(errorMessage, ex.Message);
Assert.IsType <HttpRequestException>(ex.InnerException);
}
public async Task UnsubscribeWithClientFactory()
{
var handler = new MockMessageHandler()
{
Response = @"{""results"":[{}]}",
};
var factory = new MockHttpClientFactory(handler);
var app = FirebaseApp.Create(new AppOptions()
{
Credential = GoogleCredential.FromAccessToken("test-token"),
HttpClientFactory = factory,
ProjectId = "test-project",
});
FirebaseMessaging messaging = FirebaseMessaging.GetMessaging(app);
Assert.NotNull(messaging);
Assert.Same(messaging, FirebaseMessaging.GetMessaging(app));
var response = await messaging.UnsubscribeFromTopicAsync("test-topic", new List <string> {
"test-token"
});
Assert.Equal(0, response.FailureCount);
Assert.Equal(1, response.SuccessCount);
app.Delete();
}
public async Task <IActionResult> GoogleAuthentication(string code)
{
var request = new AuthorizationCodeTokenRequest
{
Code = code,
ClientSecret = _googleAuthOptions.ClientSecret,
ClientId = _googleAuthOptions.ClientId,
GrantType = "authorization_code",
RedirectUri = "http://localhost:3000"
};
var httpClient = new HttpClient
{
BaseAddress = new Uri("https://www.googleapis.com/oauth2/v4/")
};
var tokenResponse = await request.ExecuteAsync(httpClient, "token", CancellationToken.None, SystemClock.Default);
var credentials = GoogleCredential.FromAccessToken(tokenResponse.AccessToken);
var initializer = new BaseClientService.Initializer
{
HttpClientInitializer = credentials
};
var userInfoService = new Oauth2Service(initializer);
var userInfo = await userInfoService.Userinfo.Get().ExecuteAsync();
await _usersService.CreateUserAsync(new UserCreationDto
{
Email = userInfo.Email,
Password = "******", //TODO: Add password generator
IsFromExternalService = true,
Name = userInfo.Email
});
return(Ok());
}
private async Task ShowBasicUserInfo()
{
GoogleCredential cred = GoogleCredential.FromAccessToken(Token_Access);
var youtubeService = new YouTubeService(new BaseClientService.Initializer()
{
HttpClientInitializer = cred,
ApplicationName = "MyYouTubeTest"
});
var listRequest = youtubeService.Channels.List("id");
listRequest.Mine = true;
var searchListResponse = listRequest.Execute();
string channelId = searchListResponse.Items[0].Id;
Debug.Write(channelId);
listRequest = youtubeService.Channels.List("snippet");
listRequest.Id = channelId;
searchListResponse = listRequest.Execute();
this.ChannelTitle = searchListResponse.Items[0].Snippet.Title;
Debug.Write(ChannelTitle);
this.Thumbnail_uri = searchListResponse.Items[0].Snippet.Thumbnails.Default__.Url;
Debug.Write(Thumbnail_uri);
}
public void NullOrEmptyBucketName_ThrowsArgumentNullException()
{
var credential = GoogleCredential.FromAccessToken("test_token");
var client = StorageClient.Create(credential);
Assert.Throws <ArgumentNullException>(() => new GoogleCloudStorageFileProvider(client, null));
Assert.Throws <ArgumentNullException>(() => new GoogleCloudStorageFileProvider(client, string.Empty));
}
private BaseClientService.Initializer createInitializer(string accessToken)
{
return(new BaseClientService.Initializer
{
ApplicationName = "Project Network Topology Dump",
HttpClientInitializer = GoogleCredential.FromAccessToken(accessToken)
});
}
/// <summary>
/// Adds firebase authentication to the service collection using an access token for the key
/// </summary>
/// <param name="services">IServiceCollection instance to which you will be adding the auth policy</param>
/// <param name="accessToken">The access token to use for the credential</param>
/// <param name="accessMethod">
/// Optional. The Google.Apis.Auth.OAuth2.IAccessMethod to use within
/// this credential. If null, will default to Google.Apis.Auth.OAuth2.BearerToken.AuthorizationHeaderAccessMethod.
/// </param>
public static void AddFirebaseAdminFromAccessToken(
this IServiceCollection services,
string accessToken,
IAccessMethod accessMethod = null)
{
AddAuthPolicy(services);
CreateApp(GoogleCredential.FromAccessToken(accessToken, accessMethod));
}
private static FirebaseApp CreateFirebaseApp()
{
var options = new AppOptions
{
Credential = GoogleCredential.FromAccessToken("token"),
ProjectId = "project1",
};
return(FirebaseApp.Create(options));
}
private FixedAccountIAMSigner CreateFixedAccountIAMSigner(HttpClientFactory factory)
{
return(new FixedAccountIAMSigner(new FixedAccountIAMSigner.Args()
{
ClientFactory = factory,
Credential = GoogleCredential.FromAccessToken("token"),
KeyId = "test-service-account",
RetryOptions = RetryOptions.NoBackOff,
}));
}
internal static GoogleCredential ResolveCredentials(
string emulatorHost, GoogleCredential original)
{
if (!string.IsNullOrWhiteSpace(emulatorHost))
{
return(GoogleCredential.FromAccessToken("owner"));
}
return(original);
}
GmailService GetService()
{
GetToken();
var credential = GoogleCredential.FromAccessToken(accessToken);
var service = new GmailService(new BaseClientService.Initializer()
{
HttpClientInitializer = credential
});
return(service);
}
public void GetProjectIdFromOptions()
{
var options = new AppOptions()
{
Credential = GoogleCredential.FromAccessToken("token"),
ProjectId = "explicit-project",
};
var app = FirebaseApp.Create(options);
Assert.Equal("explicit-project", app.GetProjectId());
}
public async Task <SheetsService> GetSheetsServiceAsync()
{
string accessToken = await GetAccessTokenAsync();
var credential = GoogleCredential.FromAccessToken(accessToken);
var serviceInitializer = new BaseClientService.Initializer()
{
HttpClientInitializer = credential
};
return(new SheetsService(serviceInitializer));
}
public static void Main(string[] args)
{
var accessToken =
"ya29.GlvTBZnj-NGxW28OIE4jOjEsIQJh2XgxSsuDioj3VapUYeiT_D7TT6zwePEbOhLQ_dO0QlkRh5l_WX7fWm7oTnS75RWEk5OGN45tvheYwWyt0v0jexUSTO0bbETF";
var credentials = GoogleCredential.FromAccessToken(
accessToken);
var service = new Oauth2Service(new BaseClientService.Initializer
{
HttpClientInitializer = credentials
});
var user = service.Userinfo.V2.Me.Get().Execute();
}
private void InitDriveService()
{
// see: https://stackoverflow.com/q/38390197/3576052
GoogleCredential credential = GoogleCredential.FromAccessToken(oauthClient.AccessToken);
driveService = new DriveService(new BaseClientService.Initializer
{
ApplicationName = AppName,
HttpClientInitializer = credential
}
);
}
public GoogleCalendarService(TokenEntity googleToken, string calendarId, string timeZone = null)
{
var credential = GoogleCredential.FromAccessToken(googleToken.AccessToken);
service = new CalendarService(new BaseClientService.Initializer()
{
HttpClientInitializer = credential,
ApplicationName = APPLICATION_NAME,
});
CalendarId = calendarId;
TimeZone = timeZone ?? Constants.DEFAULT_TIMEZONE;
}
public void NoHttpClientFactory()
{
var credential = GoogleCredential.FromAccessToken("token");
var options = new AppOptions()
{
Credential = credential,
ProjectId = "test-project",
ServiceAccountId = "*****@*****.**",
HttpClientFactory = null,
};
Assert.Throws <ArgumentNullException>(() => FirebaseApp.Create(options));
}
private async Task <YouTubeService> GetApiInstance(string userId, string authCode)
{
var accessToken = await _googleAuthService.GetUserAccessToken(userId, authCode);
var cred = GoogleCredential.FromAccessToken(accessToken);
var service = new YouTubeService(new BaseClientService.Initializer
{
HttpClientInitializer = cred
});
return(service);
}
