public async Task <RedirectResult> AuthorizeCallback(string code, string state) { if (string.IsNullOrEmpty(state) || !Memory.TryGetValue(state, out _)) { // Unrecognized Nonce, go back home return(BackToHome()); } // Delete the nonce now, we are done with it Memory.Remove(state); // Check if we already recognize this code, if not, build it var codeEntity = await DBContext.OAuthCodes.FindAsync(code); if (codeEntity == null) { codeEntity = new OAuthCodeEntity { Value = code }; await DBContext.AddAsync(codeEntity); await DBContext.SaveChangesAsync(); } var token = string.IsNullOrEmpty(codeEntity.UserId) ? null : DBContext .OAuthTokens .FirstOrDefault(t => t.UserId == codeEntity.UserId && (t.Expiry == null || t.Expiry.Value > DateTime.Now) ); // This user already has a valid access token, lets just use that instead if (token != null) { return(BackToHome(token)); } // This is a new, unrecognized user, try and fetch an access token var tokenUri = UriPath.Combine(Config.PathOfExileApi.Route, "/OAuth/Token"); var redirectUri = Url.Action("TokenCallback", "OAuth", null, Request.Scheme); var queryParams = new Dictionary <string, string> { { "client_id", Config.PathOfExileApi.ClientId }, { "client_secret", Config.PathOfExileApi.ClientSecret }, { "code", code }, { "grant_type", "authorization_code" }, { "redirect_uri", redirectUri } }; var tokenQuery = QueryHelpers.AddQueryString(tokenUri, queryParams); return(Redirect(tokenQuery)); }
public Tuple <OAuthErrorType, string> GetCode(string clientID, ICollection <string> scopes) { if (VerifyScopes(scopes) == OAuthErrorType.InvalidScope) { return(Tuple.Create(OAuthErrorType.InvalidScope, String.Empty)); } OAuthCodeEntity entity = new OAuthCodeEntity() { Code = RandomGenerator.GeneratorRandomNQCode(32), ClientID = clientID, TimeoutTimestamp = ConvertTimespan.Get(DateTime.Now.AddMinutes(10)), Scopes = scopes }; AccessCodeDataProvider.Instance.Insert(entity); return(Tuple.Create(OAuthErrorType.NoError, entity.Code)); }
public Tuple <OAuthErrorType, OAuthTokenEntity> GetToken(string clientID, string code) { OAuthCodeEntity codeEntity = AccessCodeDataProvider.Instance.Get(code, clientID); if (codeEntity == null) { return(Tuple.Create(OAuthErrorType.UnAuthorizedClient, new OAuthTokenEntity())); } ClientEntity clientEntity = ClientInformationDataProvider.Instance.GetClientMetadata(clientID); OAuthTokenEntity accessToken = new OAuthTokenEntity() { AccessToken = RandomGenerator.GeneratorRandomNQCode(32), TokenType = "authorization_code", ExpiresIn = clientEntity.ExpiresIn, RefreshToken = RandomGenerator.GeneratorRandomNQCode(32), Scopes = codeEntity.Scopes, StartTime = ConvertTimespan.Get(DateTime.Now) }; TokenDataProvider.Instance.Insert(accessToken); return(Tuple.Create(OAuthErrorType.NoError, accessToken)); }
internal void Insert(OAuthCodeEntity entity) { this.GetCollection <OAuthCodeEntity>().InsertOne(entity); }
public static async Task Authenticate() { string redirect_URL = ConfigurationManager.AppSettings.Get("OAUTH_REDIRECT"); string gitkraken_authorize_URL = ConfigurationManager.AppSettings.Get("GITKRAKEN_AUTHORIZE"); string gitkraken_accessToken_URL = ConfigurationManager.AppSettings.Get("GITKRAKEN_ACCESSTOKEN"); string clientID = ConfigurationManager.AppSettings.Get("OAUTH_CLIENTID"); string clientSecret = ConfigurationManager.AppSettings.Get("OAUTH_SECRET"); int loginTimeout = int.Parse(ConfigurationManager.AppSettings.Get("APP_LOGIN_TIMEOUT")); string state = randomB64(32); _listener = new HttpListener(); _listener.Prefixes.Add(redirect_URL); _listener.Start(); string request_URL = string.Format("{0}?response_type=code&scope=board:write user:read&state={1}&client_id={2}", new object[] { gitkraken_authorize_URL, state, clientID }); System.Diagnostics.Process.Start(request_URL); Timer timeoutTimer = new Timer { Enabled = true, AutoReset = false, Interval = loginTimeout }; timeoutTimer.Elapsed += new ElapsedEventHandler(StopListening); HttpListenerContext requestContext = null; try { requestContext = await _listener.GetContextAsync(); } catch (HttpListenerException) { SendPage("UI\\HTML\\OAuthErrorPage.html", requestContext.Response); requestContext.Response.StatusCode = 500;; LastErrorMessage = "You took too long to login. Try again."; return; } OAuthCodeEntity oAuthResponse = OAuthCodeEntity.CreateEntity(requestContext.Request); if (!state.Equals(oAuthResponse.State)) { SendPage("UI\\HTML\\OAuthErrorPage.html", requestContext.Response); requestContext.Response.StatusCode = 500; throw new OAuthException("Error Validation Token. Please Try Again."); } else { SendPage("UI\\HTML\\OAuthSuccessPage.html", requestContext.Response); requestContext.Response.StatusCode = 200; } requestContext.Response.Close(); _listener.Stop(); AccessTokenSegment tokenRequestBody = new AccessTokenSegment("authorization_code", clientID, clientSecret, oAuthResponse.Code); HttpRequest <AccessTokenSegment> tokenRequest = new HttpRequest <AccessTokenSegment>(gitkraken_accessToken_URL, HttpMethod.Post, tokenRequestBody, null, AccessToken); AccessToken = await Requesting.MakeRequest <OAuthTokenEntity>(tokenRequest); }