private static RequestResult SendMessageRequest(AuthorizationResult result) { if (result == null) return null; var parameters = new NameValueCollection { { "access_token", result.AccessTokenValue }, { "user_id", "14926992" }, { "message", "Hello test"} }; var sendMessageRequest = Nemiro.OAuth.OAuthUtility.ExecuteRequest ( "GET", "https://api.vk.com/method/messages.send", parameters, null ); return sendMessageRequest; }
private Thread StartUIThread() { // Start a new UI thread to run the browser dialog on so that we can block this one and present // a synchronous interface to callers. Thread uiSubThread = new Thread( () => { try { this.formsSyncContext = new WindowsFormsSynchronizationContext(); this.dialog = new SilentWindowsFormsAuthenticationDialog(this.OwnerWindow) { NavigationWaitMiliSecs = NavigationWaitMiliSecs }; this.dialog.Done += this.UIDoneHandler; this.threadInitializedEvent.Set(); this.dialog.AuthenticateAAD(this.RequestUri, this.CallbackUri); // Start and turn control over to the message loop. Application.Run(); this.result = this.dialog.Result; } catch (Exception e) { // Catch all exceptions to transfer them to the original calling thread. this.uiException = e; } }); uiSubThread.SetApartmentState(ApartmentState.STA); uiSubThread.IsBackground = true; uiSubThread.Start(); return uiSubThread; }
protected override bool AuthorizeCore(HttpContextBase httpContext) { var authorizer = ObjectFactory.GetInstance<IAuthorizeRequest>(); _authorizationResult = authorizer.Authorize(httpContext.Request); return _authorizationResult == AuthorizationResult.Success; }
private static RequestResult GetDialogsRequest(AuthorizationResult result) { if (result == null) return null; var parameters = new NameValueCollection { { "access_token", result.AccessTokenValue }, { "count", "10" } }; var getDialogsRequest = Nemiro.OAuth.OAuthUtility.ExecuteRequest ( "GET", "https://api.vk.com/method/messages.getDialogs", parameters, null ); return getDialogsRequest; }
/// <summary> /// Verifies the authorization results for the specified URL. /// </summary> /// <param name="url">Address at which to perform the verification.</param> /// <returns> /// <para>Returns the verification results.</para> /// </returns> public static AuthorizationResult VerifyAuthorization(string url) { AuthorizationResult result = new AuthorizationResult(); try { // HtmlDecode - small fix for wrong data from provider. // Thanks to @Nacer ( https://github.com/Nacer- ) // v1.8 UriBuilder u = new UriBuilder(HttpUtility.HtmlDecode(url)); NameValueCollection qs = null; if (!String.IsNullOrEmpty(u.Query)) { qs = HttpUtility.ParseQueryString(u.Query); } else if (String.IsNullOrEmpty(u.Query) && !String.IsNullOrEmpty(u.Fragment)) { qs = HttpUtility.ParseQueryString(u.Fragment.Substring(1)); } if (qs == null) { throw new AuthorizationException("Invalid URL. Verification code is not found."); } if (!String.IsNullOrEmpty(qs["denied"])) { throw new AccessDeniedException(qs["error_description"]); } if (!String.IsNullOrEmpty(qs["error"])) { switch (qs["error"].ToLower()) { case "access_denied": throw new AccessDeniedException(qs["error_description"]); default: throw new AuthorizationException(qs["error_description"] ?? qs["error"]); } } result = OAuthWeb.VerifyAuthorization(qs["state"], qs["oauth_verifier"] ?? qs["code"]); } catch (Exception ex) { result.ErrorInfo = ex; } return result; }
/// <summary> /// Verifies the authorization results for the specified request identifier and the code of the authorization. /// </summary> /// <param name="requestId">Request identifier.</param> /// <param name="code">The authorization code received from the provider server.</param> /// <returns> /// <para>Returns the verification results.</para> /// </returns> /// <remarks> /// <para>This method is intended for internal use. It is recommended to use the overload <see cref="VerifyAuthorization()"/> or <see cref="VerifyAuthorization(string)"/>.</para> /// </remarks> public static AuthorizationResult VerifyAuthorization(string requestId, string code) { var result = new AuthorizationResult(); try { if (String.IsNullOrEmpty(requestId)) { throw new ArgumentNullException("requestId"); } if (String.IsNullOrEmpty(code)) { throw new ArgumentNullException("code"); } if (!OAuthManager.Requests.ContainsKey(requestId)) { throw new AuthorizationException("Sorry, request key not found. Please try again authorization."); } var client = OAuthManager.Requests[requestId].Client; client.AuthorizationCode = code; result.RequestId = requestId; result.ClientName = OAuthManager.Requests[requestId].ClientName; result.ProtocolVersion = client.Version; result.AccessToken = client.AccessToken; // is not empty and not error if (!result.AccessToken.IsEmpty && result.AccessToken.IsSuccessfully) { // get the user profile details result.UserInfo = client.GetUserInfo(client.AccessToken); } } catch (Exception ex) { // error result.ErrorInfo = ex; } return result; }
public async Task <bool> DoesUserHavePermission(ClaimsPrincipal user, string specificationId, SpecificationActionTypes permissionRequired) { AuthorizationResult authorizationResult = await _authorizationService.AuthorizeAsync(user, specificationId, new SpecificationRequirement(permissionRequired)); return(authorizationResult.Succeeded); }
/// <summary> /// 转换为微信访问令牌 /// </summary> /// <param name="value">授权结果</param> /// <returns></returns> public static WechatAccessTokenResult ToWechatToken(this AuthorizationResult value) { value.CheckNotNull(nameof(value)); return(!value.Success ? null : value.Result.ToObject <WechatAccessTokenResult>()); }
public Task <AuthorizationResult> AuthorizeAsync(ClaimsPrincipal user, object resource, IEnumerable <IAuthorizationRequirement> requirements) { return(Task.FromResult(AuthorizationResult.Success())); }
public Task <AuthorizationResult> AuthorizeAsync(ClaimsPrincipal user, object resource, string policyName) { return(Task.FromResult(AuthorizationResult.Success())); }
public static void ConfigureMockWebUI(AuthorizationResult authorizationResult) { ConfigureMockWebUI(authorizationResult, new Dictionary <string, string>()); }
public override void DecidePolicy(WKWebView webView, WKNavigationAction navigationAction, Action <WKNavigationActionPolicy> decisionHandler) { string requestUrlString = navigationAction.Request.Url.ToString(); // If the URL has the browser:// scheme then this is a request to open an external browser if (requestUrlString.StartsWith(iOSBrokerConstants.BrowserExtPrefix, StringComparison.OrdinalIgnoreCase)) { DispatchQueue.MainQueue.DispatchAsync(() => _authenticationAgentUIViewController.CancelAuthentication(null, null)); // Build the HTTPS URL for launching with an external browser var httpsUrlBuilder = new UriBuilder(requestUrlString) { Scheme = Uri.UriSchemeHttps }; requestUrlString = httpsUrlBuilder.Uri.AbsoluteUri; DispatchQueue.MainQueue.DispatchAsync( () => UIApplication.SharedApplication.OpenUrl(new NSUrl(requestUrlString))); _authenticationAgentUIViewController.DismissViewController(true, null); decisionHandler(WKNavigationActionPolicy.Cancel); return; } if (requestUrlString.StartsWith(_authenticationAgentUIViewController.Callback, StringComparison.OrdinalIgnoreCase) || requestUrlString.StartsWith(iOSBrokerConstants.BrowserExtInstallPrefix, StringComparison.OrdinalIgnoreCase)) { _authenticationAgentUIViewController.DismissViewController(true, () => _authenticationAgentUIViewController.CallbackMethod(AuthorizationResult.FromUri(requestUrlString))); decisionHandler(WKNavigationActionPolicy.Cancel); return; } if (requestUrlString.StartsWith(iOSBrokerConstants.DeviceAuthChallengeRedirect, StringComparison.OrdinalIgnoreCase)) { Uri uri = new Uri(requestUrlString); string query = uri.Query; if (query.StartsWith("?", StringComparison.OrdinalIgnoreCase)) { query = query.Substring(1); } Dictionary <string, string> keyPair = CoreHelpers.ParseKeyValueList(query, '&', true, false, null); string responseHeader = DeviceAuthHelper.GetBypassChallengeResponse(keyPair); NSMutableUrlRequest newRequest = (NSMutableUrlRequest)navigationAction.Request.MutableCopy(); newRequest.Url = new NSUrl(keyPair["SubmitUrl"]); newRequest[iOSBrokerConstants.ChallengeResponseHeader] = responseHeader; webView.LoadRequest(newRequest); decisionHandler(WKNavigationActionPolicy.Cancel); return; } if (!navigationAction.Request.Url.AbsoluteString.Equals(AboutBlankUri, StringComparison.OrdinalIgnoreCase) && !navigationAction.Request.Url.Scheme.Equals(Uri.UriSchemeHttps, StringComparison.OrdinalIgnoreCase)) { AuthorizationResult result = AuthorizationResult.FromStatus( AuthorizationStatus.ErrorHttp, MsalError.NonHttpsRedirectNotSupported, MsalErrorMessage.NonHttpsRedirectNotSupported); _authenticationAgentUIViewController.DismissViewController(true, () => _authenticationAgentUIViewController.CallbackMethod(result)); decisionHandler(WKNavigationActionPolicy.Cancel); return; } decisionHandler(WKNavigationActionPolicy.Allow); return; }
internal protected override async Task AcquireAuthorizationAsync() { var authorizationUri = CreateAuthorizationUri(true, true); var uiEvent = new UiEvent(); using (ServiceBundle.TelemetryManager.CreateTelemetryHelper( AuthenticationRequestParameters.RequestContext.TelemetryRequestId, AuthenticationRequestParameters.ClientId, uiEvent)) { var requestContext = AuthenticationRequestParameters.RequestContext; var response = await _httpManager.SendGetAsync(authorizationUri, new Dictionary <string, string>(), requestContext).ConfigureAwait(false); if (response != null && response.StatusCode == HttpStatusCode.OK && !string.IsNullOrEmpty(response.Body)) { var csrf = GetField(response.Body, "csrf"); var transId = GetField(response.Body, "transId"); var policy = GetField(response.Body, "policy"); var pageViewId = GetField(response.Body, "pageViewId"); var api = GetField(response.Body, "api"); var logonUri = CreateLogonUri(transId, policy); var postData = new Dictionary <string, string> { ["request_type"] = "RESPONSE", ["logonIdentifier"] = Username, ["password"] = Password }; var response2 = await _httpManager.SendPostAsync(logonUri, new Dictionary <string, string> { ["X-CSRF-TOKEN"] = csrf }, postData, requestContext).ConfigureAwait(false); if (response2 != null && response2.StatusCode == HttpStatusCode.OK) { var confirmedUri = CreateConfirmedUri(csrf, transId, policy, pageViewId, api); var response3 = await _httpManager.SendGetAsync(confirmedUri, new Dictionary <string, string> { ["x-ms-cpim-pageviewid"] = pageViewId }, requestContext).ConfigureAwait(false); if (response3 != null && (response3.StatusCode == HttpStatusCode.Found || response3.StatusCode == HttpStatusCode.OK)) { AuthorizationResult = new AuthorizationResult(AuthorizationStatus.Success, response3.Headers?.Location); } else { AuthorizationResult = new AuthorizationResult(AuthorizationStatus.ErrorHttp); } } else { AuthorizationResult = new AuthorizationResult(AuthorizationStatus.ErrorHttp); } } else { AuthorizationResult = new AuthorizationResult(AuthorizationStatus.ErrorHttp); } uiEvent.UserCancelled = AuthorizationResult.Status == AuthorizationStatus.UserCancel; uiEvent.AccessDenied = AuthorizationResult.Status == AuthorizationStatus.ProtocolError; } }
public async void GivenHardDeleteActionNotAuthorized_WhenRequestingHardDeleteAction_ThenForbiddenResultShouldBeReturned() { _authorizationService.AuthorizeAsync(Arg.Any <ClaimsPrincipal>(), Arg.Any <object>(), policyName: "HardDelete").Returns(Task.FromResult(AuthorizationResult.Failed())); var result = await _controller.Delete("typea", "ida", true); Assert.IsType <ForbidResult>(result); }
protected void SetupAuthorization(bool isAuthorized) { MockAuthorizationService .Setup(x => x.AuthorizeAsync(It.IsAny <ClaimsPrincipal>(), null, It.IsAny <IEnumerable <IAuthorizationRequirement> >())) .ReturnsAsync(isAuthorized ? AuthorizationResult.Success() : AuthorizationResult.Failed()); }