static void Authenticate() { var authorizeClient = new IdentityModel.Client.AuthorizeRequest("https://100.105.80.38:13855/connect/authorize"); var url = authorizeClient.CreateAuthorizeUrl( clientId: "silicon", responseType: "code id_token token", scope: "openid offline_access", redirectUri: "http://*****:*****@"C:\Program Files (x86)\Mozilla Firefox\firefox.exe", "-private-window \"" + url + "\""); //Console.WriteLine(client.GetStringAsync(url).Result); }
private static string RequestAccessTokenAuthorizationCode() { // did we store the token before? var cookie = HttpContext.Current.Request.Cookies.Get("ClientMVCCookie.AuthCode"); if (cookie != null && cookie["access_token"] != null && !string.IsNullOrEmpty(cookie["access_token"])) { return(cookie["access_token"]); } // no token found - request one // we'll pass through the URI we want to return to as state var state = HttpContext.Current.Request.Url.OriginalString; var authorizeRequest = new IdentityModel.Client.AuthorizeRequest( IdentityConstants.AuthEndoint); var url = authorizeRequest.CreateAuthorizeUrl("mvc_client_auth_code", "code", "management", IdentityConstants.MVCAuthCodeCallback, state); HttpContext.Current.Response.Redirect(url); return(null); }
private static string RequestAccessTokenAuthorizationCode() { //did we store the token before? var cookie = HttpContext.Current.Request.Cookies.Get("tripGalleryCookie"); if (cookie != null && cookie["access_token"] != null) { return cookie["access_token"]; } var authorizeRequest = new IdentityModel.Client.AuthorizeRequest( TripGallery.Constants.TripGallerySTSAuthorizationEndpoint); var state = HttpContext.Current.Request.Url.OriginalString; var url = authorizeRequest.CreateAuthorizeUrl("tripgalleryauthcode", "code", "gallerymanagement", TripGallery.Constants.TripGalleryMVCSTSCallback, state); HttpContext.Current.Response.Redirect(url); return null; }
public static string CreateAuthorizeUrl(this AuthorizeRequest request, string clientId, string responseType, string scope = null, string redirectUri = null, string state = null, string nonce = null, string loginHint = null, string acrValues = null, string responseMode = null, object extra = null) { var values = new Dictionary <string, string> { { OAuth2Constants.ClientId, clientId }, { OAuth2Constants.ResponseType, responseType } }; if (!string.IsNullOrWhiteSpace(scope)) { values.Add(OAuth2Constants.Scope, scope); } if (!string.IsNullOrWhiteSpace(redirectUri)) { values.Add(OAuth2Constants.RedirectUri, redirectUri); } if (!string.IsNullOrWhiteSpace(state)) { values.Add(OAuth2Constants.State, state); } if (!string.IsNullOrWhiteSpace(nonce)) { values.Add(OAuth2Constants.Nonce, nonce); } if (!string.IsNullOrWhiteSpace(loginHint)) { values.Add(OAuth2Constants.LoginHint, loginHint); } if (!string.IsNullOrWhiteSpace(acrValues)) { values.Add(OAuth2Constants.AcrValues, acrValues); } if (!string.IsNullOrWhiteSpace(responseMode)) { values.Add(OAuth2Constants.ResponseMode, responseMode); } return(request.Create(Merge(values, ObjectToDictionary(extra)))); }
private void RequestToken(string scope, string responseType) { var request = new AuthorizeRequest(Constants.AuthorizeEndpoint); var startUrl = request.CreateAuthorizeUrl( clientId: "hybridclient", responseType: responseType, scope: scope, redirectUri: "oob://localhost/wpfclient", state: "random_state", nonce: "random_nonce"); _login.Show(); _login.Start(new Uri(startUrl), new Uri("oob://localhost/wpfclient")); }
public async static Task<AuthorizeResponse> DoImplicitFlowAsync( Uri endpoint, string clientId, string responseType, string scope, Uri redirectUri) { var request = new AuthorizeRequest(endpoint); var state = Guid.NewGuid().ToString("N"); var nonce = Guid.NewGuid().ToString("N"); var startUri = request.CreateAuthorizeUrl( clientId: clientId, responseType: responseType, scope: scope, redirectUri: redirectUri.AbsoluteUri, state: state, nonce: nonce, responseMode: "form_post"); try { var result = await WebAuthenticationBroker.AuthenticateAsync( WebAuthenticationOptions.UseHttpPost, new Uri(startUri)); if (result.ResponseStatus == WebAuthenticationStatus.Success) { return new AuthorizeResponse(result.ResponseData); } else if (result.ResponseStatus == WebAuthenticationStatus.UserCancel) { throw new Exception("User cancelled authentication"); } else if (result.ResponseStatus == WebAuthenticationStatus.ErrorHttp) { throw new Exception("HTTP Error returned by AuthenticateAsync() : " + result.ResponseErrorDetail.ToString()); } else { throw new Exception("Error returned by AuthenticateAsync() : " + result.ResponseStatus.ToString()); } } catch { // Bad Parameter, SSL/TLS Errors and Network Unavailable errors are to be handled here. throw; } }
static void Authenticate() { var authorizeClient = new IdentityModel.Client.AuthorizeRequest("https://100.105.80.38:13855/connect/authorize"); var url = authorizeClient.CreateAuthorizeUrl( clientId: "silicon", responseType: "code id_token token", scope: "openid offline_access", redirectUri: "http://*****:*****@"C:\Program Files (x86)\Mozilla Firefox\firefox.exe", "-private-window \"" + url + "\""); //Console.WriteLine(client.GetStringAsync(url).Result); }
private void RequestToken(string scope, string responseType) { var request = new AuthorizeRequest(Constants.AuthorizeEndpoint); var startUrl = request.CreateAuthorizeUrl( clientId: "implicitclient", responseType: responseType, scope: scope, redirectUri: "oob://localhost/wpfclient", state: "random_state", nonce: "random_nonce" /**, loginHint: "alice", acrValues: "idp:Google b c" **/); _login.Show(); _login.Start(new Uri(startUrl), new Uri("oob://localhost/wpfclient")); }
private string CreateUrl() { _nonce = CryptoRandom.CreateUniqueId(32); _verifier = CryptoRandom.CreateUniqueId(32); var challenge = _verifier.ToCodeChallenge(); var request = new AuthorizeRequest(_config.AuthorizationEndpoint); return request.CreateAuthorizeUrl( clientId: _settings.ClientId, responseType: "code id_token", scope: _settings.Scope, redirectUri: _settings.RedirectUri, nonce: _nonce, responseMode: OidcConstants.ResponseModes.FormPost, codeChallenge: challenge, codeChallengeMethod: OidcConstants.CodeChallengeMethods.Sha256); }
public IHttpActionResult ExternalLogin() { var state = Guid.NewGuid().ToString("N"); var nonce = Guid.NewGuid().ToString("N"); //SetTempState(state, nonce); var request = new AuthorizeRequest("https://localhost:44302/connect/authorize"); var url = request.CreateAuthorizeUrl( clientId: "AngularClient2", responseType: "code", scope: "Api", redirectUri: Url.Link("externalLoginCallBack", new {} ), state: state, nonce: nonce,acrValues:"idp:Facebook"); return Redirect(url); }
public ActionResult Index(string scopes) { var state = Guid.NewGuid().ToString("N"); var nonce = Guid.NewGuid().ToString("N"); SetTempState(state, nonce); var request = new AuthorizeRequest(Constants.AuthorizeEndpoint); var url = request.CreateAuthorizeUrl( clientId: "codeclient", responseType: "code", scope: scopes, redirectUri: "https://localhost:44312/callback", state: state, nonce: nonce); return Redirect(url); }
private static string RequestTokenAuthorizationCode() { var cookie = HttpContext.Current.Request.Cookies.Get("ideal.auth"); if (cookie?["access_token"] != null) { return cookie["access_token"]; } var authorizeRequest = new AuthorizeRequest(IdealConstants.STSAuthorizationEndpoint); var state = HttpContext.Current.Request.Url.OriginalString; var url = authorizeRequest.CreateAuthorizeUrl(IdealConstants.ClientId, "code", "sampleApi", IdealConstants.ClientCallbackUrl, state); HttpContext.Current.Response.Redirect(url); return null; }
private static string RequestAccessTokenAuthorizationCode() { // did we store the token before? var cookie = HttpContext.Current.Request.Cookies.Get("TripGalleryCookie"); if (cookie != null && cookie["access_token"] != null) { return(cookie["access_token"]); } var authorizeRequest = new IdentityModel.Client.AuthorizeRequest( TripGallery.Constants.TripGallerySTSAuthorizationEndpoint); var state = HttpContext.Current.Request.Url.OriginalString; var url = authorizeRequest.CreateAuthorizeUrl("tripgalleryauthcode", "code", "gallerymanagement", TripGallery.Constants.TripGalleryMVCSTSCallback, state); HttpContext.Current.Response.Redirect(url); return(null); }
private async Task LoginUsingUsernameAndPasswordAsync() { const string responseType = "code id_token"; //implicit flow: "id_token token" // Space-separated list of scopes we want to receive var scopes = $"openid email profile offline_access {TimesheetConstants.ApiScope}"; var nonce = GenerateNonce(); // Unique token for the authorization request. try { var redirectUri = WebAuthenticationBroker.GetCurrentApplicationCallbackUri(); var request = new AuthorizeRequest(TimesheetConstants.AuthorizeEndpoint); var authUrl = request.CreateAuthorizeUrl(TimesheetConstants.ClientId, responseType, scopes, redirectUri.ToString(), nonce: nonce); var requestUri = new Uri(authUrl); var result = await WebAuthenticationBroker.AuthenticateAsync(WebAuthenticationOptions.None, requestUri, redirectUri); if (result.ResponseStatus == WebAuthenticationStatus.Success) { // Successful authentication, but we only have the ID token. var response = new AuthorizeResponse(result.ResponseData); // We need to ask for the access token and refresh tokens now. var tokenResponse = await GetAuthTokenAsync(response); // Store the tokens in the password vault ApiService.StoreTokenInVault(tokenResponse); // And finish the login process await FinishLoginAsync(tokenResponse); } } catch (Exception ex) { var dlg = new MessageDialog(ex.Message, "Error"); await dlg.ShowAsync(); } }
private async Task<string> CreateUrlAsync(AuthorizeResult result, string codeChallenge, object extraParameters) { var request = new AuthorizeRequest((await _options.GetEndpointsAsync()).Authorize); var url = request.CreateAuthorizeUrl( clientId: _options.ClientId, responseType: OidcConstants.ResponseTypes.CodeIdToken, scope: _options.Scope, redirectUri: result.RedirectUri, responseMode: _options.UseFormPost ? OidcConstants.ResponseModes.FormPost : null, nonce: result.Nonce, codeChallenge: codeChallenge, codeChallengeMethod: _options.UseProofKeys ? OidcConstants.CodeChallengeMethods.Sha256 : null, extra: extraParameters); return url; }
public void StartFlow(string responseType, string scope) { // create URI to authorize endpoint - use WebHost or SelfHost from the // samples solution. var authorizeRequest = new AuthorizeRequest("https://localhost:44333/core/connect/authorize"); // dictionary with values for the authorize request var dic = new Dictionary<string, string>(); dic.Add("client_id", "implicitclient"); dic.Add("response_type", responseType); dic.Add("scope", scope); dic.Add("redirect_uri", "https://xamarin-oidc-sample/redirect"); dic.Add("nonce", Guid.NewGuid().ToString("N")); // add CSRF token to protect against cross-site request forgery attacks. _currentCSRFToken = Guid.NewGuid().ToString("N"); dic.Add("state", _currentCSRFToken); var authorizeUri = authorizeRequest.Create(dic); // or use CreateAuthorizeUrl, passing in the values we defined in the dictionary. // authorizeRequest.CreateAuthorizeUrl("implicitclient", ...); wvLogin.Source = authorizeUri; wvLogin.IsVisible = true; }
public string CreateAuthorizeUrl( string clientId, string responseType, string scope = null, string redirectUri = null, string state = null, string nonce = null, string loginHint = null, string acrValues = null, string responseMode = null, object extra = null) { var url = new AuthorizeRequest(AuthorizeEndpoint).CreateAuthorizeUrl( clientId: clientId, responseType: responseType, scope: scope, redirectUri: redirectUri, state: state, nonce: nonce, loginHint: loginHint, acrValues: acrValues, responseMode: responseMode, extra: extra); return url; }
/// <summary>Creates the authorize URL.</summary> /// <param name="request">The request.</param> /// <param name="values">The values (either using a string Dictionary or an object's properties).</param> /// <returns></returns> public static string Create(this AuthorizeRequest request, object values) { return(request.Create(ObjectToDictionary(values))); }
public void StartFlow(string responseType, string scope) { // create URI to auth endpoint var authorizeRequest = new AuthorizeRequest("https://xamarinoidcsamplests.azurewebsites.net/identity/connect/authorize"); // note: change URI to wherever you deployed your STS (CTRL-SHIFT-F is your friend :)). // For use with IIS Express, check https://www.github.com/KevinDockx/XamarinFormsOIDCSample. // dictionary with values for the authorize request var dic = new Dictionary<string, string>(); dic.Add("client_id", "xamarinsampleimplicit"); dic.Add("response_type", responseType); dic.Add("scope", scope); dic.Add("redirect_uri", "https://xamarin-oidc-sample/redirect"); dic.Add("nonce", Guid.NewGuid().ToString("N")); // add CSRF token to protect against cross-site request forgery attacks. _currentCSRFToken = Guid.NewGuid().ToString("N"); dic.Add("state", _currentCSRFToken); var authorizeUri = authorizeRequest.Create(dic); // or use CreateAuthorizeUrl, passing in the values we defined in the dictionary. // authorizeRequest.CreateAuthorizeUrl("xamarinsampleimplicit", ...); wvLogin.Source = authorizeUri; wvLogin.IsVisible = true; }