public object Get(OAuthAuthorizeRequest request) { if (!string.IsNullOrEmpty(request.Username) && !string.IsNullOrEmpty(request.Password)) { // unattended authentication, immediately perform token exchange // and use data from the querystring bool is_allowed = RainyStandaloneServer.OAuth.Authenticator(request.Username, request.Password); if (!is_allowed) { throw new UnauthorizedException(); } var auth_service = new OAuthAuthenticateService(); var resp = (OAuthAuthenticateResponse)auth_service.TokenExchangeAfterAuthentication( request.Username, request.Password, Request.QueryString["oauth_token"] ); Response.Redirect(resp.RedirectUrl); return(null); } else { TextReader reader = new StreamReader("/Users/td/gateway.html"); string resp = reader.ReadToEnd(); reader.Close(); return(resp); } }
public object Any(OAuthAuthorizeRequest request) { if (!string.IsNullOrEmpty(request.Username) && !string.IsNullOrEmpty(request.Password)) { // unattended authentication, immediately perform token exchange // and use data from the querystring bool is_allowed = authenticator.VerifyCredentials(request.Username, request.Password); if (!is_allowed) { throw new UnauthorizedException(); } var auth_service = new OAuthAuthenticateService(connFactory, oauthHandler, authenticator); var resp = (OAuthAuthenticateResponse)auth_service.TokenExchangeAfterAuthentication( request.Username, request.Password, Request.QueryString["oauth_token"] ); Response.Redirect(resp.RedirectUrl); return(null); } else { // take all url parameters and redirect to the login page string prams = new Uri(Request.RawUrl).PathAndQuery.Split(new char[] { '?' })[1]; Response.Redirect("/admin/#/login?" + prams); Response.EndServiceStackRequest(); return(null); } }
public object Get(OAuthAuthorizeRequest request) { if (!string.IsNullOrEmpty (request.Username) && !string.IsNullOrEmpty (request.Password)) { // unattended authentication, immediately perform token exchange // and use data from the querystring bool is_allowed = RainyStandaloneServer.OAuth.Authenticator (request.Username, request.Password); if (!is_allowed) { throw new UnauthorizedException (); } var auth_service = new OAuthAuthenticateService (); var resp = (OAuthAuthenticateResponse) auth_service.TokenExchangeAfterAuthentication ( request.Username, request.Password, Request.QueryString["oauth_token"] ); Response.Redirect (resp.RedirectUrl); return null; } else { TextReader reader = new StreamReader ("/Users/td/gateway.html"); string resp = reader.ReadToEnd (); reader.Close (); return resp; } }
public object Any(OAuthAuthorizeRequest request) { if (!string.IsNullOrEmpty (request.Username) && !string.IsNullOrEmpty (request.Password)) { // unattended authentication, immediately perform token exchange // and use data from the querystring bool is_allowed = authenticator.VerifyCredentials (request.Username, request.Password); if (!is_allowed) { throw new UnauthorizedException (); } var auth_service = new OAuthAuthenticateService (connFactory, oauthHandler, authenticator); var resp = (OAuthAuthenticateResponse) auth_service.TokenExchangeAfterAuthentication ( request.Username, request.Password, Request.QueryString["oauth_token"] ); Response.Redirect (resp.RedirectUrl); return null; } else { // take all url parameters and redirect to the login page string prams = new Uri (Request.RawUrl).PathAndQuery.Split (new char[] { '?' })[1]; Response.Redirect ("/admin/#/login?" + prams); Response.EndServiceStackRequest (); return null; } }
public object Any(OAuthAuthorizeRequest request) { // keep this line to inspect the Request in monodevelop's debugger // really helps debugging API calls var servicestack_http_request = Request; // TODO the OAuth spec allows other ways of specifying the parameters besides the query string // (i.e. the authorization header, form-encoded POST values, etc. We have to handle those // in the future. var original_request = (HttpListenerRequest)Request.OriginalRequest; var context = new OAuthContextBuilder ().FromUri (Request.HttpMethod, original_request.Url); // check if the user is authorized // TODO this is just a basic hack to enable authorization if (!userIsAllowed (request.Username, request.Password)) { // unauthorized Logger.WarnFormat ("Failed to authorize user {0}", request.Username); Response.StatusCode = 403; Response.StatusDescription ="Authorization failed"; Response.Write ( "<html><h1 style='margin-top: 1em'>Authorization failed for user " + "<b>" + request.Username + "</b>" + " (maybe wrong password?).</h1></html>" ); Response.Close (); return null; } // authorization succeeded, continue Logger.InfoFormat ("Successfully authorized user: {0}", request.Username); var request_token = Rainy.RainyStandaloneServer.OAuth.RequestTokens.GetToken (context.Token); request_token.Verifier = Guid.NewGuid ().ToString (); request_token.AccessDenied = false; request_token.AccessToken = new AccessToken () { ConsumerKey = request_token.ConsumerKey, Realm = request_token.Realm, Token = Guid.NewGuid ().ToString (), TokenSecret = Guid.NewGuid ().ToString (), UserName = request.Username, ExpiryDate = DateTime.Now.AddYears (99) }; RainyStandaloneServer.OAuth.RequestTokens.SaveToken (request_token); Logger.DebugFormat ("created an access token for user {0}: {1}", request.Username, request_token); // redirect to the provded callback var redirect_url = request_token.CallbackUrl + "?oauth_verifier=" + request_token.Verifier + "&oauth_token=" + request_token.Token; Logger.DebugFormat ("redirecting user to consumer at: {1}", request.Username, redirect_url); Response.Redirect (redirect_url); return null; }