public AccessToken RefreshToken(AccessToken oldToken)
{
var oAuthUtils = new OAuthUtils();
var authorizationHeader = GetRefreshTokenAuthorizationHeader(REQUEST_ACCESS_URL, "", consumerKey, consumerSecret, oldToken.Token, oldToken.AddtionalProperties[OAuthProtocolParameter.SessionHandle.GetStringValue()], oldToken.TokenSecret);
return(MakeRequest <AccessToken>(REQUEST_ACCESS_URL, authorizationHeader));
}
public static string MakeApiCall(string url, string token, string tokenSecret)
{
var oAuthUtils = new OAuthUtils();
var authorizationHeader = oAuthUtils.GetUserInfoAuthorizationHeader(url, null, consumerKey, consumerSecret, token, tokenSecret, SignatureMethod.HMACSHA1, "GET");
var request = WebRequest.Create(url);
request.Headers.Add("Authorization", authorizationHeader.ToString());
request.Method = "GET";
try
{
var response = request.GetResponse();
using (var responseStream = response.GetResponseStream())
{
var reader = new StreamReader(responseStream);
var responseText = reader.ReadToEnd();
reader.Close();
return responseText;
}
}
catch (WebException e)
{
using (var resp = e.Response)
{
using (StreamReader sr = new StreamReader(resp.GetResponseStream()))
{
var errorMessage = sr.ReadToEnd();
throw new OAuthProtocolException(errorMessage, e);
}
}
}
}
private static string MakeSignature(string method, string baseUri, Dictionary <string, string> headers)
{
var items = from k in headers.Keys
orderby k
select k + "%3D" + OAuthUtils.PercentEncode(headers[k]);
return(method + "&" + OAuthUtils.PercentEncode(baseUri) + "&" +
string.Join("%26", items.ToArray()));
}
public UserStream(Uri uri, string realm, string consumerKey, string consumerSecret,
string token, string secret)
: base(uri, AuthenticationType.OAuthV10a)
{
OAuthUtils oAuthUtils = new OAuthUtils();
AuthHeader = (oAuthUtils.GetAuthorizationHeader(
uri.ToString(), realm, consumerKey, consumerSecret, token, secret, null,
SignatureMethod.HMACSHA1, "GET")).ToString();
}
/// <summary>
/// 获取AccessToken, RefreshToken
/// </summary>
public static string GetToken()
{
try
{
QianmiContext context = OAuthUtils.GetToken(APP_KEY, APP_SECRET, AUTHORIZE_CODE);
return(string.Format("{0},{1}", context.Token.AccessToken, context.Token.RefreshToken));
}
catch (Exception ex)
{
ETong.Log.Sdk.LoggerMgr.GetLogger <Authorize>().ErrorExt("获取token时返回异常:" + ex);
}
return(string.Empty);
}
/// <summary>
/// 刷新AccessToken, RefreshToken
/// </summary>
public static void RefreshToken()
{
try
{
QianmiContext context = OAuthUtils.RefreshToken(APP_KEY, APP_SECRET, REFRESH_TOKEN);
var accessToken = context.Token.AccessToken;
var refreshToken = context.Token.RefreshToken;
UpdateToken(accessToken, refreshToken);
}
catch (Exception ex)
{
ETong.Log.Sdk.LoggerMgr.GetLogger <Authorize>().ErrorExt("刷新token时返回异常:" + ex);
}
}
public object Get(LoginRequest request)
{
TepWebContext context = new TepWebContext(PagePrivileges.EverybodyView);
string redirect = context.BaseUrl;
try {
context.Open();
context.LogInfo(this, "/login GET");
var client = new Connect2IdClient(context.GetConfigValue("sso-configUrl"));
client.SSOAuthEndpoint = context.GetConfigValue("sso-authEndpoint");
client.SSOApiClient = context.GetConfigValue("sso-clientId");
client.SSOApiSecret = context.GetConfigValue("sso-clientSecret");
client.SSOApiToken = context.GetConfigValue("sso-apiAccessToken");
if (!string.IsNullOrEmpty(request.return_to))
{
HttpContext.Current.Session["return_to"] = request.return_to;
}
var nonce = Guid.NewGuid().ToString();
HttpContext.Current.Session["oauth-nonce"] = nonce;
var scope = context.GetConfigValue("sso-scopes").Replace(",", "%20");
var oauthEndpoint = context.GetConfigValue("oauth-authEndpoint");
redirect = string.Format("{0}{1}client_id={2}&response_type={3}&nonce={4}&state={5}&redirect_uri={6}&ajax={7}&scope={8}",
oauthEndpoint,
oauthEndpoint.Contains("?") ? "&" : "?",
context.GetConfigValue("sso-clientId"),
"code",
nonce,
Guid.NewGuid().ToString(),
context.GetConfigValue("sso-callback"),
"false",
scope
);
context.Close();
} catch (Exception e) {
context.LogError(this, e.Message, e);
context.Close();
throw e;
}
return(OAuthUtils.DoRedirect(redirect, false));
}
public static string AuthorizeRequest(string consumerKey, string consumerKeySecret, string oauthToken,
string oauthTokenSecret, string method, Uri uri, string data)
{
var headers = new Dictionary <string, string>
{
{ "oauth_consumer_key", consumerKey },
{ "oauth_nonce", MakeNonce() },
{ "oauth_signature_method", "HMAC-SHA1" },
{ "oauth_timestamp", MakeTimestamp() },
{ "oauth_version", "1.0" }
};
var signatureHeaders = new Dictionary <string, string>(headers);
if (!string.IsNullOrEmpty(oauthToken))
{
signatureHeaders.Add("oauth_token", oauthToken);
}
// Add the data and URL query string to the copy of the headers for computing the signature
if (!string.IsNullOrEmpty(data))
{
var parsed = HttpUtility.ParseQueryString(data);
foreach (string k in parsed.Keys)
{
signatureHeaders.Add(k, OAuthUtils.PercentEncode(parsed[k]));
}
}
var nvc = HttpUtility.ParseQueryString(uri.Query);
foreach (var key in nvc.Cast <string>().Where(key => key != null))
{
signatureHeaders.Add(key, OAuthUtils.PercentEncode(nvc[key]));
}
var signature = MakeSignature(method, uri.GetLeftPart(UriPartial.Path), signatureHeaders);
var compositeSigningKey = MakeSigningKey(consumerKeySecret, oauthTokenSecret);
var oauthSignature = MakeOAuthSignature(compositeSigningKey, signature);
headers.Add("oauth_signature", OAuthUtils.PercentEncode(oauthSignature));
return(HeadersToOAuth(headers));
}
protected override async Task <HttpResponseMessage> SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)
{
var parametersToSend = _parameters;
if (request.Method == HttpMethod.Post)
{
if (request.Content is FormUrlEncodedContent)
{
var extraParams = await request.Content.ReadAsStringAsync();
var parsedParams = OAuthUtils.ParseQueryString(extraParams);
parametersToSend = parametersToSend.Concat(parsedParams);
}
}
var authParams = OAuthUtils.BuildBasicParams(_clientId, parametersToSend);
if (request.Method == HttpMethod.Post)
{
request.Content = new FormUrlEncodedContent(authParams);
}
else if (request.Method == HttpMethod.Get)
{
var queryData = authParams.Select(p => p.Key + "=" + p.Value).ToString("&");
string newQuery = request.RequestUri.Query;
if (string.IsNullOrWhiteSpace(newQuery))
{
newQuery = "?" + queryData;
}
else
{
newQuery += "&" + queryData;
}
request.RequestUri = new System.Uri(request.RequestUri.OriginalString + newQuery);
}
return(await base.SendAsync(request, cancellationToken));
}
public static string PostToUrl(TwitterAuthProvider oAuthProvider, string url, string accessToken, string accessTokenSecret, Dictionary <string, string> args, string acceptType = MimeTypes.Json)
{
var uri = new Uri(url);
var webReq = (HttpWebRequest)WebRequest.Create(uri);
webReq.Accept = acceptType;
webReq.Method = HttpMethods.Post;
string data = null;
if (args != null)
{
var sb = new StringBuilder();
foreach (var arg in args)
{
if (sb.Length > 0)
{
sb.Append("&");
}
sb.AppendFormat("{0}={1}", arg.Key, OAuthUtils.PercentEncode(arg.Value));
}
data = sb.ToString();
}
webReq.Headers[HttpRequestHeader.Authorization] = OAuthAuthorizer.AuthorizeRequest(
oAuthProvider, accessToken, accessTokenSecret, "POST", uri, data);
if (data != null)
{
webReq.ContentType = MimeTypes.FormUrlEncoded;
using (var writer = new StreamWriter(webReq.GetRequestStream()))
writer.Write(data);
}
using (var webRes = webReq.GetResponse())
{
return(webRes.ReadToEnd());
}
}
protected AuthorizeHeader GetRefreshTokenAuthorizationHeader(string url, string realm, string consumerKey, string consumerSecret, string token, string sessionHandle, string tokenSecret, SignatureMethod signatureMethod = SignatureMethod.HMACSHA1, string httpMethod = "POST")
{
var timestamp = OAuthUtils.GenerateTimeStamp();
var nounce = OAuthUtils.GenerateNonce(timestamp);
var protocolParameters = OAuthUtils.ExtractQueryStrings(url);
protocolParameters.Add(new OAuthUtils.ProtocolParameter(OAuthProtocolParameter.ConsumerKey.GetStringValue(), consumerKey));
protocolParameters.Add(new OAuthUtils.ProtocolParameter(OAuthProtocolParameter.SignatureMethod.GetStringValue(), signatureMethod.GetStringValue()));
protocolParameters.Add(new OAuthUtils.ProtocolParameter(OAuthProtocolParameter.Timestamp.GetStringValue(), timestamp));
protocolParameters.Add(new OAuthUtils.ProtocolParameter(OAuthProtocolParameter.Nounce.GetStringValue(), nounce));
protocolParameters.Add(new OAuthUtils.ProtocolParameter(OAuthProtocolParameter.Version.GetStringValue(), OAuthUtils.OAuthVersion));
protocolParameters.Add(new OAuthUtils.ProtocolParameter(OAuthProtocolParameter.Token.GetStringValue(), token));
protocolParameters.Add(new OAuthUtils.ProtocolParameter(OAuthProtocolParameter.SessionHandle.GetStringValue(), sessionHandle));
string signatureBaseString = OAuthUtils.GenerateSignatureBaseString(url, httpMethod, protocolParameters);
System.Diagnostics.Debug.WriteLine(signatureBaseString);
var signature = OAuthUtils.GenerateSignature(consumerSecret, signatureMethod, signatureBaseString, tokenSecret);
return(new AuthorizeHeader(realm, consumerKey, signatureMethod.GetStringValue(), signature, timestamp, nounce, OAuthUtils.OAuthVersion, token, null, sessionHandle));
}
public object Get(OauthLogoutRequest request)
{
TepWebContext context = new TepWebContext(PagePrivileges.EverybodyView);
try {
context.Open();
context.LogInfo(this, string.Format("/logout GET"));
context.EndSession();
context.Close();
} catch (Exception e) {
context.LogError(this, e.Message, e);
context.Close();
throw e;
}
if (request.redirect_uri != null)
{
return(OAuthUtils.DoRedirect(request.redirect_uri, request.ajax));
}
else
{
return(OAuthUtils.DoRedirect(context.GetConfigValue("BaseUrl"), request.ajax));
}
}
public void Intercept(IInvocation invocation)
{
var webAttribs = from s in
(from a in invocation.Method.GetCustomAttributes(false).ToArray() select a)
where s is WebInvokeAttribute || s is WebGetAttribute
select s;
if (webAttribs.Count() != 1)
throw new Exception("ServiceModel.Web attributes not found on method");
var attrib = webAttribs.Single();
UriTemplate uriTemplate = new UriTemplate("");
string httpMethod = "GET";
if (attrib is WebGetAttribute)
{
uriTemplate = new UriTemplate(((WebGetAttribute)attrib).UriTemplate);
httpMethod = "GET";
}
else if (attrib is WebInvokeAttribute)
{
uriTemplate = new UriTemplate(((WebInvokeAttribute)attrib).UriTemplate);
httpMethod = "POST";
}
Dictionary<string, string> uriParams = new Dictionary<string, string>();
ParameterInfo[] Params = invocation.Method.GetParameters();
object[] Args = invocation.Arguments;
string sValue;
for (int i = 0; i < invocation.Arguments.Count(); i++)
{
sValue = TypeUtils.StringOrNull(Args[i]);
if (!string.IsNullOrEmpty(sValue)) uriParams.Add(Params[i].Name, sValue);
}
Uri uri = uriTemplate.BindByName(new Uri("http://api.twitter.com"), uriParams, false);
//swReflection.Stop();
logger.Trace(uri.ToString());
Stopwatch swSetup = new Stopwatch();
swSetup.Start();
webRequest = (HttpWebRequest)WebRequest.Create(uri);
// Add OAuth authorization header
if (OAuthParams != null)
{
OAuthUtils oAuthUtils = new OAuthUtils();
string authHeader = (oAuthUtils.GetAuthorizationHeader(
System.Web.HttpUtility.UrlDecode(uri.AbsoluteUri), OAuthParams.Realm, OAuthParams.ConsumerKey, OAuthParams.ConsumerSecret,
OAuthParams.UserToken, OAuthParams.UserSecret, null, SignatureMethod.HMACSHA1, httpMethod)).ToString();
webRequest.Headers[HttpRequestHeader.Authorization] = authHeader;
}
logger.Trace(webRequest.Headers.ToString());
webRequest.UserAgent = "Toketee 0.1";
webRequest.Timeout = Timeout;
webRequest.KeepAlive = false;
webRequest.Method = httpMethod;
swSetup.Stop();
//TODO implement connection manager
//webRequest.ServicePoint
var swRequest = new Stopwatch();
swRequest.Start();
try
{
webResponse = (HttpWebResponse)webRequest.GetResponse();
}
catch (WebException we)
{
switch (we.Status)
{
case WebExceptionStatus.Timeout:
// retry operation, see if endpoint is available or if there's another problem
break;
}
webResponse = (HttpWebResponse)we.Response;
}
finally
{
}
swRequest.Stop();
Encoding encode = System.Text.Encoding.UTF8;
var responseStream = new StreamReader(webResponse.GetResponseStream(), encode);
string sResponse = responseStream.ReadToEnd();
logJson.Trace(new JsonFormatter(sResponse).Format());
// TODO add exception trapping
var result = new WebClientResult(webResponse, sResponse, true, null);
// TODO move to an error handling method
// Look for known Twitter return errors
var jObject = new JObject(sResponse);
switch (jObject["error"].ToString())
{
case "Incorrect signature":
throw new TwitterOAuthIncorrectSignatureException(sResponse);
}
invocation.ReturnValue = result;
}
string EncryptUUID(string UUID)
{
return(UUID = OAuthUtils.GetSecureUUID(UUID));
}
public object Get(OauthCallBackRequest request)
{
TepWebContext context = new TepWebContext(PagePrivileges.EverybodyView);
HttpResult redirect = null;
User user = null;
try {
context.Open();
context.LogInfo(this, string.Format("/oauth/cb GET"));
if (!string.IsNullOrEmpty(request.error))
{
context.LogError(this, request.error);
context.EndSession();
var baseUrl = context.BaseUrl;
context.Close();
return(OAuthUtils.DoRedirect(baseUrl, false));
}
context.LogDebug(this, string.Format("Get token from code"));
TepOauthAuthenticationType auth = new TepOauthAuthenticationType(context);
var client = auth.Client;
var tokenResponse = client.AccessToken(request.Code);
context.LogDebug(this, string.Format("Get user profile"));
user = auth.GetUserProfile(context);
if (tokenResponse.access_token != null)
{
client.StoreTokenAccess(tokenResponse.access_token, user.Username, tokenResponse.expires_in);
}
if (tokenResponse.refresh_token != null)
{
client.StoreTokenRefresh(tokenResponse.refresh_token, user.Username);
}
if (tokenResponse.id_token != null)
{
client.StoreTokenId(tokenResponse.id_token, user.Username, tokenResponse.expires_in);
}
if (user == null)
{
context.LogError(this, string.Format("Error to load user"));
var uri = new UriBuilder(context.GetConfigValue("BaseUrl"));
uri.Path = "/";
uri.Query = "error=login";
redirect = OAuthUtils.DoRedirect(uri.Uri.AbsoluteUri, false);
}
else
{
context.LogDebug(this, string.Format("Loaded user '{0}'", user.Username));
context.StartSession(auth, user);
context.SetUserInformation(auth, user);
if (string.IsNullOrEmpty(HttpContext.Current.Session["return_to"] as string))
{
HttpContext.Current.Session["return_to"] = context.GetConfigValue("BaseUrl");
}
redirect = OAuthUtils.DoRedirect(HttpContext.Current.Session["return_to"] as string, false);
}
HttpContext.Current.Session["return_to"] = null;
context.Close();
} catch (Exception e) {
context.LogError(this, e.Message + " - " + e.StackTrace);
context.Close();
redirect = OAuthUtils.DoRedirect(context.GetConfigValue("BaseUrl"), false);
}
return(redirect);
}
public object Get(CallBackRequest request)
{
var redirect = "";
TepWebContext context = new TepWebContext(PagePrivileges.EverybodyView);
UserTep user = null;
try {
context.Open();
context.LogInfo(this, string.Format("/cb GET"));
if (!string.IsNullOrEmpty(request.error))
{
context.LogError(this, request.error);
context.EndSession();
return(OAuthUtils.DoRedirect(context.BaseUrl, false));
}
Connect2IdClient client = new Connect2IdClient(context.GetConfigValue("sso-configUrl"));
client.SSOAuthEndpoint = context.GetConfigValue("sso-authEndpoint");
client.SSOApiClient = context.GetConfigValue("sso-clientId");
client.SSOApiSecret = context.GetConfigValue("sso-clientSecret");
client.SSOApiToken = context.GetConfigValue("sso-apiAccessToken");
client.RedirectUri = context.GetConfigValue("sso-callback");
OauthTokenResponse tokenresponse;
try {
tokenresponse = client.AccessToken(request.Code);
DBCookie.StoreDBCookie(context, context.GetConfigValue("cookieID-token-access"), tokenresponse.access_token, null, tokenresponse.expires_in);
DBCookie.StoreDBCookie(context, context.GetConfigValue("cookieID-token-refresh"), tokenresponse.refresh_token, null);
DBCookie.StoreDBCookie(context, context.GetConfigValue("cookieID-token-id"), tokenresponse.id_token, null, tokenresponse.expires_in);
} catch (Exception e) {
DBCookie.DeleteDBCookie(context, context.GetConfigValue("cookieID-token-access"));
DBCookie.DeleteDBCookie(context, context.GetConfigValue("cookieID-token-refresh"));
DBCookie.DeleteDBCookie(context, context.GetConfigValue("cookieID-token-id"));
throw e;
}
TepLdapAuthenticationType auth = (TepLdapAuthenticationType)IfyWebContext.GetAuthenticationType(typeof(TepLdapAuthenticationType));
auth.SetConnect2IdCLient(client);
auth.TrustEmail = true;
user = (UserTep)auth.GetUserProfile(context);
if (user == null)
{
throw new Exception("Unable to load user");
}
context.LogDebug(this, string.Format("Loaded user '{0}'", user.Username));
if (string.IsNullOrEmpty(user.Email))
{
throw new Exception("Invalid email");
}
context.StartSession(auth, user);
context.SetUserInformation(auth, user);
DBCookie.StoreDBCookie(context, context.GetConfigValue("cookieID-token-access"), tokenresponse.access_token, user.Username, tokenresponse.expires_in);
DBCookie.StoreDBCookie(context, context.GetConfigValue("cookieID-token-refresh"), tokenresponse.refresh_token, user.Username);
DBCookie.StoreDBCookie(context, context.GetConfigValue("cookieID-token-id"), tokenresponse.id_token, user.Username, tokenresponse.expires_in);
redirect = context.GetConfigValue("dashboard_page");
if (string.IsNullOrEmpty(redirect))
{
redirect = context.GetConfigValue("BaseUrl");
}
if (!string.IsNullOrEmpty(HttpContext.Current.Session["return_to"] as string))
{
redirect = HttpContext.Current.Session["return_to"] as string;
HttpContext.Current.Session["return_to"] = null;
}
context.Close();
} catch (Exception e) {
context.LogError(this, e.Message, e);
context.Close();
throw e;
}
return(OAuthUtils.DoRedirect(redirect, false));
}
public void Intercept(IInvocation invocation)
{
var webAttribs = from s in
(from a in invocation.Method.GetCustomAttributes(false).ToArray() select a)
where s is WebInvokeAttribute || s is WebGetAttribute
select s;
if (webAttribs.Count() != 1)
throw new Exception("ServiceModel.Web attributes not found on method");
var attrib = webAttribs.Single();
var uriTemplate = new UriTemplate("");
string httpMethod = "GET";
if (attrib is WebGetAttribute)
{
uriTemplate = new UriTemplate(((WebGetAttribute)attrib).UriTemplate);
httpMethod = "GET";
}
else if (attrib is WebInvokeAttribute)
{
uriTemplate = new UriTemplate(((WebInvokeAttribute)attrib).UriTemplate);
httpMethod = "POST";
}
var uriParams = new Dictionary<string, string>();
ParameterInfo[] Params = invocation.Method.GetParameters();
object[] args = invocation.Arguments;
for (int i = 0; i < invocation.Arguments.Count(); i++)
{
string sValue = TypeUtils.StringOrNull(args[i]);
if (!string.IsNullOrEmpty(sValue)) uriParams.Add(Params[i].Name, sValue);
}
var combinedUriParams = _baseParams.Union(uriParams).ToDictionary(p => p.Key, p => p.Value);
Uri uriLoc = uriTemplate.BindByName(_uriBase, combinedUriParams, false);
//swReflection.Stop();
Log.Trace(uriLoc.ToString());
var swSetup = new Stopwatch();
swSetup.Start();
_webRequest = (HttpWebRequest)WebRequest.Create(uriLoc);
// Add OAuth authorization header
if (_oAuthParams != null)
{
var oAuthUtils = new OAuthUtils();
string authHeader = (oAuthUtils.GetAuthorizationHeader(
System.Web.HttpUtility.UrlDecode(uriLoc.AbsoluteUri), _oAuthParams.Realm, _oAuthParams.ConsumerKey, _oAuthParams.ConsumerSecret,
_oAuthParams.UserToken, _oAuthParams.UserSecret, null, SignatureMethod.HMACSHA1, httpMethod)).ToString();
_webRequest.Headers[HttpRequestHeader.Authorization] = authHeader;
}
Log.Trace(_webRequest.Headers.ToString());
//TODO replace with app settings
_webRequest.UserAgent = "Toketee 0.1";
_webRequest.Timeout = _timeout;
_webRequest.KeepAlive = false;
_webRequest.Method = httpMethod;
swSetup.Stop();
//TODO implement connection manager
var swRequest = new Stopwatch();
swRequest.Start();
try
{
_webResponse = (HttpWebResponse)_webRequest.GetResponse();
}
catch (WebException we)
{
switch (we.Status)
{
case WebExceptionStatus.Timeout:
// retry operation, see if endpoint is available or if there's another problem
break;
}
_webResponse = (HttpWebResponse)we.Response;
}
finally
{
}
swRequest.Stop();
Encoding encode = System.Text.Encoding.UTF8;
if (_webResponse != null)
{
var responseStream = new StreamReader(_webResponse.GetResponseStream(), encode);
string sResponse = responseStream.ReadToEnd();
LogJson.Trace(new JsonFormatter(sResponse).Format());
// TODO add exception trapping
var result = new WebClientResult(_webResponse, sResponse, true, null);
// TODO move to an error handling method
// This is twitter specific, need to move over to TwitterAPI
switch (Utility.Parse.GetValueFromJson(sResponse, "error"))
{
case "Incorrect signature":
throw new OAuthIncorrectSignatureException(sResponse);
}
invocation.ReturnValue = result;
}
else
{
invocation.ReturnValue = null;
}
}
private static string MakeSigningKey(string consumerSecret, string oauthTokenSecret)
{
return(OAuthUtils.PercentEncode(consumerSecret) + "&" +
(oauthTokenSecret != null ? OAuthUtils.PercentEncode(oauthTokenSecret) : ""));
}
