public string GetRequestTokenAuthorizeUrl(string userId) { var requestToken = GetRequestToken(_consumer); requestToken.UserId = userId; var existingToken = _requestTokenStore.Find(userId); if (existingToken != null) { _requestTokenStore.Delete(requestToken); } _requestTokenStore.Add(requestToken); return(GetAuthorizeUrl(requestToken)); }
public AccessToken New(TKey userId) { var now = DateTime.UtcNow; var nowUntill = now.Add(_tokenAuthenticationOptions.ExpiresIn); // Specifically add the jti (random nonce), iat (issued timestamp), and sub (subject/user) claims. // You can add other claims here, if you want: var claims = new[] { new Claim(JwtRegisteredClaimNames.Sub, userId.ToString()), new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()), new Claim(JwtRegisteredClaimNames.Iat, now.Ticks.ToString(), ClaimValueTypes.Integer64) }; // Create the JWT and write it to a string var jwt = new JwtSecurityToken( issuer: _tokenAuthenticationOptions.Issuer, audience: _tokenAuthenticationOptions.Audience, claims: claims, notBefore: now, expires: nowUntill, signingCredentials: _tokenAuthenticationOptions.SigningCredentials); var encodedJwt = new JwtSecurityTokenHandler().WriteToken(jwt); var accessToken = new AccessToken { Token = encodedJwt, ExpiresOn = nowUntill }; _tokenStore.Add(new Token <TKey, TUser> { Client = "Http Client", ClientVersion = "n/a", CreatedOn = DateTime.UtcNow, Platform = "n/a", PlatformVersion = "n/a", UserId = userId, ValidUntil = nowUntill, Value = encodedJwt }); return(accessToken); }
private HttpWebRequest CreateRequest(string endPoint, string method, string accept = "application/json", string query = null) { var uri = new UriBuilder(_baseUri) { Path = endPoint, }; if (!string.IsNullOrWhiteSpace(query)) { uri.Query = query; } var request = (HttpWebRequest)WebRequest.Create(uri.Uri); request.Timeout = defaultTimeout; request.AutomaticDecompression = DecompressionMethods.GZip | DecompressionMethods.Deflate; request.Accept = accept; request.Method = method; if (ModifiedSince.HasValue) { request.IfModifiedSince = ModifiedSince.Value; } // add OAuth2 headers if (_auth != null) { //var oauthSignature = _auth.GetSignature(Consumer, User, request.RequestUri, method, Consumer); //AddHeader("Authorization", oauthSignature); //var clientId = ConfigurationManager.AppSettings["XeroClientId"]; //var secret = ConfigurationManager.AppSettings["XeroSecret"]; //_identityClient = new RestClient("https://identity.xero.com/"); //var userPass = Convert.ToBase64String(Encoding.UTF8.GetBytes($"{Consumer.ConsumerKey}:{Consumer.ConsumerSecret}")); //AddHeader("authorization", "Basic {userPass}"); var token = _auth.GetToken(null, null); if (token.HasExpired) { _xeroClient.AuthToken = token as XeroOAuthToken; token = _xeroClient.RefreshToken(); _tokenStore.Add(token); } AddHeader("Authorization", $"Bearer {token.TokenKey}"); AddHeader("Xero-tenant-id", _auth.TenantId); } AddHeaders(request); request.UserAgent = !string.IsNullOrWhiteSpace(UserAgent) ? UserAgent : "Xero Api wrapper - " + Consumer.ConsumerKey; if (_rateLimiter != null) { _rateLimiter.WaitUntilLimit(); } return(request); }