private static RequestResult SendMessageRequest(AuthorizationResult result)
{
if (result == null)
return null;
var parameters = new NameValueCollection
{
{ "access_token", result.AccessTokenValue },
{ "user_id", "14926992" },
{ "message", "Hello test"}
};
var sendMessageRequest = Nemiro.OAuth.OAuthUtility.ExecuteRequest
(
"GET",
"https://api.vk.com/method/messages.send",
parameters,
null
);
return sendMessageRequest;
}
private Thread StartUIThread()
{
// Start a new UI thread to run the browser dialog on so that we can block this one and present
// a synchronous interface to callers.
Thread uiSubThread = new Thread(
() =>
{
try
{
this.formsSyncContext = new WindowsFormsSynchronizationContext();
this.dialog = new SilentWindowsFormsAuthenticationDialog(this.OwnerWindow)
{
NavigationWaitMiliSecs = NavigationWaitMiliSecs
};
this.dialog.Done += this.UIDoneHandler;
this.threadInitializedEvent.Set();
this.dialog.AuthenticateAAD(this.RequestUri, this.CallbackUri);
// Start and turn control over to the message loop.
Application.Run();
this.result = this.dialog.Result;
}
catch (Exception e)
{
// Catch all exceptions to transfer them to the original calling thread.
this.uiException = e;
}
});
uiSubThread.SetApartmentState(ApartmentState.STA);
uiSubThread.IsBackground = true;
uiSubThread.Start();
return uiSubThread;
}
protected override bool AuthorizeCore(HttpContextBase httpContext)
{
var authorizer = ObjectFactory.GetInstance<IAuthorizeRequest>();
_authorizationResult = authorizer.Authorize(httpContext.Request);
return _authorizationResult == AuthorizationResult.Success;
}
private static RequestResult GetDialogsRequest(AuthorizationResult result)
{
if (result == null)
return null;
var parameters = new NameValueCollection
{
{ "access_token", result.AccessTokenValue },
{ "count", "10" }
};
var getDialogsRequest = Nemiro.OAuth.OAuthUtility.ExecuteRequest
(
"GET",
"https://api.vk.com/method/messages.getDialogs",
parameters,
null
);
return getDialogsRequest;
}
/// <summary>
/// Verifies the authorization results for the specified URL.
/// </summary>
/// <param name="url">Address at which to perform the verification.</param>
/// <returns>
/// <para>Returns the verification results.</para>
/// </returns>
public static AuthorizationResult VerifyAuthorization(string url)
{
AuthorizationResult result = new AuthorizationResult();
try
{
// HtmlDecode - small fix for wrong data from provider.
// Thanks to @Nacer ( https://github.com/Nacer- ) // v1.8
UriBuilder u = new UriBuilder(HttpUtility.HtmlDecode(url));
NameValueCollection qs = null;
if (!String.IsNullOrEmpty(u.Query))
{
qs = HttpUtility.ParseQueryString(u.Query);
}
else if (String.IsNullOrEmpty(u.Query) && !String.IsNullOrEmpty(u.Fragment))
{
qs = HttpUtility.ParseQueryString(u.Fragment.Substring(1));
}
if (qs == null)
{
throw new AuthorizationException("Invalid URL. Verification code is not found.");
}
if (!String.IsNullOrEmpty(qs["denied"]))
{
throw new AccessDeniedException(qs["error_description"]);
}
if (!String.IsNullOrEmpty(qs["error"]))
{
switch (qs["error"].ToLower())
{
case "access_denied":
throw new AccessDeniedException(qs["error_description"]);
default:
throw new AuthorizationException(qs["error_description"] ?? qs["error"]);
}
}
result = OAuthWeb.VerifyAuthorization(qs["state"], qs["oauth_verifier"] ?? qs["code"]);
}
catch (Exception ex)
{
result.ErrorInfo = ex;
}
return result;
}
/// <summary>
/// Verifies the authorization results for the specified request identifier and the code of the authorization.
/// </summary>
/// <param name="requestId">Request identifier.</param>
/// <param name="code">The authorization code received from the provider server.</param>
/// <returns>
/// <para>Returns the verification results.</para>
/// </returns>
/// <remarks>
/// <para>This method is intended for internal use. It is recommended to use the overload <see cref="VerifyAuthorization()"/> or <see cref="VerifyAuthorization(string)"/>.</para>
/// </remarks>
public static AuthorizationResult VerifyAuthorization(string requestId, string code)
{
var result = new AuthorizationResult();
try
{
if (String.IsNullOrEmpty(requestId))
{
throw new ArgumentNullException("requestId");
}
if (String.IsNullOrEmpty(code))
{
throw new ArgumentNullException("code");
}
if (!OAuthManager.Requests.ContainsKey(requestId))
{
throw new AuthorizationException("Sorry, request key not found. Please try again authorization.");
}
var client = OAuthManager.Requests[requestId].Client;
client.AuthorizationCode = code;
result.RequestId = requestId;
result.ClientName = OAuthManager.Requests[requestId].ClientName;
result.ProtocolVersion = client.Version;
result.AccessToken = client.AccessToken;
// is not empty and not error
if (!result.AccessToken.IsEmpty && result.AccessToken.IsSuccessfully)
{
// get the user profile details
result.UserInfo = client.GetUserInfo(client.AccessToken);
}
}
catch (Exception ex)
{
// error
result.ErrorInfo = ex;
}
return result;
}
public async Task <bool> DoesUserHavePermission(ClaimsPrincipal user, string specificationId, SpecificationActionTypes permissionRequired)
{
AuthorizationResult authorizationResult = await _authorizationService.AuthorizeAsync(user, specificationId, new SpecificationRequirement(permissionRequired));
return(authorizationResult.Succeeded);
}
/// <summary>
/// 转换为微信访问令牌
/// </summary>
/// <param name="value">授权结果</param>
/// <returns></returns>
public static WechatAccessTokenResult ToWechatToken(this AuthorizationResult value)
{
value.CheckNotNull(nameof(value));
return(!value.Success ? null : value.Result.ToObject <WechatAccessTokenResult>());
}
public Task <AuthorizationResult> AuthorizeAsync(ClaimsPrincipal user, object resource, IEnumerable <IAuthorizationRequirement> requirements)
{
return(Task.FromResult(AuthorizationResult.Success()));
}
public Task <AuthorizationResult> AuthorizeAsync(ClaimsPrincipal user, object resource, string policyName)
{
return(Task.FromResult(AuthorizationResult.Success()));
}
public static void ConfigureMockWebUI(AuthorizationResult authorizationResult)
{
ConfigureMockWebUI(authorizationResult, new Dictionary <string, string>());
}
public override void DecidePolicy(WKWebView webView, WKNavigationAction navigationAction, Action <WKNavigationActionPolicy> decisionHandler)
{
string requestUrlString = navigationAction.Request.Url.ToString();
// If the URL has the browser:// scheme then this is a request to open an external browser
if (requestUrlString.StartsWith(iOSBrokerConstants.BrowserExtPrefix, StringComparison.OrdinalIgnoreCase))
{
DispatchQueue.MainQueue.DispatchAsync(() => _authenticationAgentUIViewController.CancelAuthentication(null, null));
// Build the HTTPS URL for launching with an external browser
var httpsUrlBuilder = new UriBuilder(requestUrlString)
{
Scheme = Uri.UriSchemeHttps
};
requestUrlString = httpsUrlBuilder.Uri.AbsoluteUri;
DispatchQueue.MainQueue.DispatchAsync(
() => UIApplication.SharedApplication.OpenUrl(new NSUrl(requestUrlString)));
_authenticationAgentUIViewController.DismissViewController(true, null);
decisionHandler(WKNavigationActionPolicy.Cancel);
return;
}
if (requestUrlString.StartsWith(_authenticationAgentUIViewController.Callback, StringComparison.OrdinalIgnoreCase) ||
requestUrlString.StartsWith(iOSBrokerConstants.BrowserExtInstallPrefix, StringComparison.OrdinalIgnoreCase))
{
_authenticationAgentUIViewController.DismissViewController(true, () =>
_authenticationAgentUIViewController.CallbackMethod(AuthorizationResult.FromUri(requestUrlString)));
decisionHandler(WKNavigationActionPolicy.Cancel);
return;
}
if (requestUrlString.StartsWith(iOSBrokerConstants.DeviceAuthChallengeRedirect, StringComparison.OrdinalIgnoreCase))
{
Uri uri = new Uri(requestUrlString);
string query = uri.Query;
if (query.StartsWith("?", StringComparison.OrdinalIgnoreCase))
{
query = query.Substring(1);
}
Dictionary <string, string> keyPair = CoreHelpers.ParseKeyValueList(query, '&', true, false, null);
string responseHeader = DeviceAuthHelper.GetBypassChallengeResponse(keyPair);
NSMutableUrlRequest newRequest = (NSMutableUrlRequest)navigationAction.Request.MutableCopy();
newRequest.Url = new NSUrl(keyPair["SubmitUrl"]);
newRequest[iOSBrokerConstants.ChallengeResponseHeader] = responseHeader;
webView.LoadRequest(newRequest);
decisionHandler(WKNavigationActionPolicy.Cancel);
return;
}
if (!navigationAction.Request.Url.AbsoluteString.Equals(AboutBlankUri, StringComparison.OrdinalIgnoreCase) &&
!navigationAction.Request.Url.Scheme.Equals(Uri.UriSchemeHttps, StringComparison.OrdinalIgnoreCase))
{
AuthorizationResult result = AuthorizationResult.FromStatus(
AuthorizationStatus.ErrorHttp,
MsalError.NonHttpsRedirectNotSupported,
MsalErrorMessage.NonHttpsRedirectNotSupported);
_authenticationAgentUIViewController.DismissViewController(true, () => _authenticationAgentUIViewController.CallbackMethod(result));
decisionHandler(WKNavigationActionPolicy.Cancel);
return;
}
decisionHandler(WKNavigationActionPolicy.Allow);
return;
}
internal protected override async Task AcquireAuthorizationAsync()
{
var authorizationUri = CreateAuthorizationUri(true, true);
var uiEvent = new UiEvent();
using (ServiceBundle.TelemetryManager.CreateTelemetryHelper(
AuthenticationRequestParameters.RequestContext.TelemetryRequestId,
AuthenticationRequestParameters.ClientId,
uiEvent))
{
var requestContext = AuthenticationRequestParameters.RequestContext;
var response = await _httpManager.SendGetAsync(authorizationUri, new Dictionary <string, string>(), requestContext).ConfigureAwait(false);
if (response != null &&
response.StatusCode == HttpStatusCode.OK &&
!string.IsNullOrEmpty(response.Body))
{
var csrf = GetField(response.Body, "csrf");
var transId = GetField(response.Body, "transId");
var policy = GetField(response.Body, "policy");
var pageViewId = GetField(response.Body, "pageViewId");
var api = GetField(response.Body, "api");
var logonUri = CreateLogonUri(transId, policy);
var postData = new Dictionary <string, string>
{
["request_type"] = "RESPONSE",
["logonIdentifier"] = Username,
["password"] = Password
};
var response2 = await _httpManager.SendPostAsync(logonUri, new Dictionary <string, string> {
["X-CSRF-TOKEN"] = csrf
}, postData, requestContext).ConfigureAwait(false);
if (response2 != null &&
response2.StatusCode == HttpStatusCode.OK)
{
var confirmedUri = CreateConfirmedUri(csrf, transId, policy, pageViewId, api);
var response3 = await _httpManager.SendGetAsync(confirmedUri, new Dictionary <string, string> {
["x-ms-cpim-pageviewid"] = pageViewId
}, requestContext).ConfigureAwait(false);
if (response3 != null &&
(response3.StatusCode == HttpStatusCode.Found ||
response3.StatusCode == HttpStatusCode.OK))
{
AuthorizationResult = new AuthorizationResult(AuthorizationStatus.Success, response3.Headers?.Location);
}
else
{
AuthorizationResult = new AuthorizationResult(AuthorizationStatus.ErrorHttp);
}
}
else
{
AuthorizationResult = new AuthorizationResult(AuthorizationStatus.ErrorHttp);
}
}
else
{
AuthorizationResult = new AuthorizationResult(AuthorizationStatus.ErrorHttp);
}
uiEvent.UserCancelled = AuthorizationResult.Status == AuthorizationStatus.UserCancel;
uiEvent.AccessDenied = AuthorizationResult.Status == AuthorizationStatus.ProtocolError;
}
}
public async void GivenHardDeleteActionNotAuthorized_WhenRequestingHardDeleteAction_ThenForbiddenResultShouldBeReturned()
{
_authorizationService.AuthorizeAsync(Arg.Any <ClaimsPrincipal>(), Arg.Any <object>(), policyName: "HardDelete").Returns(Task.FromResult(AuthorizationResult.Failed()));
var result = await _controller.Delete("typea", "ida", true);
Assert.IsType <ForbidResult>(result);
}
protected void SetupAuthorization(bool isAuthorized)
{
MockAuthorizationService
.Setup(x => x.AuthorizeAsync(It.IsAny <ClaimsPrincipal>(), null, It.IsAny <IEnumerable <IAuthorizationRequirement> >()))
.ReturnsAsync(isAuthorized ? AuthorizationResult.Success() : AuthorizationResult.Failed());
}
