public Uri NavigateImpersonation(Uri redirectAfterImpersonateUri = null, string loginHint = "")
{
redirectAfterImpersonateUri = new Uri($"{CallbackUri.Scheme}://{PortalSettings.Current.PortalAlias.HTTPAlias}/Impersonate");
var parameters = new List <QueryParameter>
{
new QueryParameter("scope", Scope),
new QueryParameter("client_id", APIKey),
//new QueryParameter("redirect_uri", HttpContext.Current.Server.UrlEncode($"{CallbackUri.Scheme}://{CallbackUri.Host}/Impersonate")),
new QueryParameter("redirect_uri", string.IsNullOrEmpty(Settings.RedirectUri)
? HttpContext.Current.Server.UrlEncode($"{CallbackUri.Scheme}://{CallbackUri.Host}/UserProfile")
: HttpContext.Current.Server.UrlEncode(CallbackUri.ToString())),
new QueryParameter("state", HttpContext.Current.Server.UrlEncode(new State()
{
PortalId = PortalSettings.Current.PortalId,
Culture = PortalSettings.Current.CultureCode,
RedirectUrl = redirectAfterImpersonateUri?.ToString(),
IsImpersonate = true
}.ToString())),
new QueryParameter("response_type", "code"),
new QueryParameter("response_mode", "query"),
new QueryParameter("p", Settings.ImpersonatePolicy)
};
if (!string.IsNullOrEmpty(loginHint))
{
parameters.Add(new QueryParameter("login_hint", loginHint));
}
return(new Uri(AuthorizationEndpoint + "?" + parameters.ToNormalizedString()));
}
public void NavigateUserProfile(Uri redirectAfterEditUri = null)
{
var parameters = new List <QueryParameter>
{
new QueryParameter("scope", Scope),
new QueryParameter("client_id", APIKey),
new QueryParameter("redirect_uri", string.IsNullOrEmpty(Settings.RedirectUri)
? HttpContext.Current.Server.UrlEncode($"{CallbackUri.Scheme}://{CallbackUri.Host}/UserProfile")
: HttpContext.Current.Server.UrlEncode(CallbackUri.ToString())),
new QueryParameter("state", HttpContext.Current.Server.UrlEncode(new State()
{
PortalId = PortalSettings.Current.PortalId,
Culture = PortalSettings.Current.CultureCode,
RedirectUrl = redirectAfterEditUri?.ToString(),
IsUserProfile = true
}.ToString())),
new QueryParameter("response_type", "code"),
new QueryParameter("response_mode", "query"),
new QueryParameter("p", Settings.ProfilePolicy)
};
HttpContext.Current.Response.Redirect(AuthorizationEndpoint + "?" + parameters.ToNormalizedString(), false);
}
private void ExchangeCodeForToken()
{
IList <QueryParameter> parameters = new List <QueryParameter>();
parameters.Add(new QueryParameter(OAuthClientIdKey, APIKey));
parameters.Add(new QueryParameter(OAuthRedirectUriKey, HttpContext.Current.Server.UrlEncode(CallbackUri.ToString())));
//DNN-6265 Support for OAuth V2 Secrets which are not URL Friendly
parameters.Add(new QueryParameter(OAuthClientSecretKey, HttpContext.Current.Server.UrlEncode(APISecret.ToString())));
parameters.Add(new QueryParameter(OAuthGrantTyepKey, "authorization_code"));
parameters.Add(new QueryParameter(OAuthCodeKey, VerificationCode));
//DNN-6265 Support for OAuth V2 optional parameter
if (!String.IsNullOrEmpty(APIResource))
{
parameters.Add(new QueryParameter("resource", APIResource));
}
string responseText = ExecuteWebRequest(TokenMethod, TokenEndpoint, parameters.ToNormalizedString(), String.Empty);
AuthToken = GetToken(responseText);
AuthTokenExpiry = GetExpiry(responseText);
}
private AuthorisationResult AuthorizeV2()
{
string errorReason = HttpContext.Current.Request.Params["error_reason"];
bool userDenied = (errorReason != null);
if (userDenied)
{
return(AuthorisationResult.Denied);
}
if (!HaveVerificationCode())
{
var parameters = new List <QueryParameter>
{
new QueryParameter("scope", Scope),
new QueryParameter(OAuthClientIdKey, APIKey),
new QueryParameter(OAuthRedirectUriKey, HttpContext.Current.Server.UrlEncode(CallbackUri.ToString())),
new QueryParameter("state", Service),
new QueryParameter("response_type", "code")
};
HttpContext.Current.Response.Redirect(AuthorizationEndpoint + "?" + parameters.ToNormalizedString(), true);
return(AuthorisationResult.RequestingCode);
}
ExchangeCodeForToken();
return(String.IsNullOrEmpty(AuthToken) ? AuthorisationResult.Denied : AuthorisationResult.Authorized);
}
private void ExchangeCodeForToken()
{
// Exchange code was already exchanged for token. Redeeming the exchange code twice on Azure AD B2C works but not on regular Azure AD
if (string.IsNullOrEmpty(AuthToken))
{
var parameters = new List <QueryParameter>
{
new QueryParameter("grant_type", "authorization_code"),
new QueryParameter("client_id", APIKey),
new QueryParameter("client_secret", HttpContext.Current.Server.UrlEncode(APISecret)),
new QueryParameter("scope", HttpContext.Current.Server.UrlEncode(Scope)),
new QueryParameter("code", VerificationCode),
new QueryParameter("redirect_uri", HttpContext.Current.Server.UrlEncode(CallbackUri.ToString()))
};
var responseText = ExecuteWebRequest(TokenMethod, new Uri(TokenEndpoint.AbsoluteUri), parameters.ToNormalizedString(), string.Empty);
AuthToken = GetToken(responseText);
AuthTokenExpiry = GetExpiry(responseText);
}
else
{
JwtIdToken = new JwtSecurityToken(AuthToken);
AuthTokenExpiry = JwtIdToken.ValidTo.TimeOfDay;
}
}
public override AuthorisationResult Authorize()
{
string errorReason = HttpContext.Current.Request.Params["error_reason"];
bool userDenied = (errorReason != null);
if (userDenied)
{
return(AuthorisationResult.Denied);
}
if (!HaveVerificationCode())
{
var parameters = new List <QueryParameter>
{
new QueryParameter("scope", Scope),
new QueryParameter("client_id", APIKey),
new QueryParameter("redirect_uri", HttpContext.Current.Server.UrlEncode(CallbackUri.ToString())),
new QueryParameter("state", HttpContext.Current.Server.UrlEncode(new State()
{
PortalId = Settings.PortalID,
Culture = PortalSettings.Current.CultureCode,
RedirectUrl = HttpContext.Current.Request["returnurl"]
}.ToString())),
new QueryParameter("response_type", "code"),
new QueryParameter("response_mode", "query"),
};
HttpContext.Current.Response.Redirect(AuthorizationEndpoint + "?" + parameters.ToNormalizedString(), false);
HttpContext.Current.Response.Flush();
return(AuthorisationResult.RequestingCode);
}
ExchangeCodeForToken();
SaveTokenCookie(string.IsNullOrEmpty(AuthToken));
if (!string.IsNullOrEmpty(AuthToken) && !string.IsNullOrEmpty(HttpContext.Current.Request["state"]))
{
var state = new State(HttpContext.Current.Request["state"]);
if (!string.IsNullOrEmpty(state.RedirectUrl))
{
this.RedirectUrl = state.RedirectUrl;
}
}
return(string.IsNullOrEmpty(AuthToken) ? AuthorisationResult.Denied : AuthorisationResult.Authorized);
}
private void ExchangeCodeForToken()
{
var parameters = new List <QueryParameter>
{
new QueryParameter("grant_type", "authorization_code"),
new QueryParameter("client_id", APIKey),
new QueryParameter("scope", Scope),
new QueryParameter("code", VerificationCode),
new QueryParameter("redirect_uri", HttpContext.Current.Server.UrlEncode(CallbackUri.ToString()))
};
var responseText = ExecuteWebRequest(TokenMethod, new Uri($"{TokenEndpoint.AbsoluteUri}?p={PolicyName}"), parameters.ToNormalizedString(), string.Empty);
AuthToken = GetToken(responseText);
AuthTokenExpiry = GetExpiry(responseText);
}
public override AuthorisationResult Authorize()
{
string errorReason = HttpContext.Current.Request.Params["error_reason"];
bool userDenied = (errorReason != null);
if (userDenied)
{
return(AuthorisationResult.Denied);
}
if (!string.IsNullOrEmpty(HttpContext.Current.Request.UrlReferrer?.Query) &&
HttpContext.Current.Request.UrlReferrer.Query.IndexOf("p=" + Settings.PasswordResetPolicy + "&") > -1)
{
Policy = PolicyEnum.PasswordResetPolicy;
}
if (!HaveVerificationCode())
{
var parameters = new List <QueryParameter>
{
new QueryParameter("scope", Scope),
new QueryParameter("client_id", APIKey),
new QueryParameter("redirect_uri", HttpContext.Current.Server.UrlEncode(CallbackUri.ToString())),
new QueryParameter("state", HttpContext.Current.Server.UrlEncode(new State()
{
PortalId = Settings.PortalID,
Culture = PortalSettings.Current.CultureCode
}.ToString())),
new QueryParameter("response_type", "code"),
new QueryParameter("response_mode", "query"),
new QueryParameter("p", PolicyName)
};
HttpContext.Current.Response.Redirect(AuthorizationEndpoint + "?" + parameters.ToNormalizedString(), false);
return(AuthorisationResult.RequestingCode);
}
ExchangeCodeForToken();
SaveTokenCookie(string.IsNullOrEmpty(AuthToken));
return(string.IsNullOrEmpty(AuthToken) ? AuthorisationResult.Denied : AuthorisationResult.Authorized);
}
private void ExchangeCodeForToken()
{
IList <QueryParameter> parameters = new List <QueryParameter>();
parameters.Add(new QueryParameter(OAuthClientIdKey, APIKey));
parameters.Add(new QueryParameter(OAuthRedirectUriKey, HttpContext.Current.Server.UrlEncode(CallbackUri.ToString())));
parameters.Add(new QueryParameter(OAuthClientSecretKey, APISecret));
parameters.Add(new QueryParameter(OAuthGrantTyepKey, "authorization_code"));
parameters.Add(new QueryParameter(OAuthCodeKey, VerificationCode));
string responseText = ExecuteWebRequest(TokenMethod, TokenEndpoint, parameters.ToNormalizedString(), String.Empty);
AuthToken = GetToken(responseText);
AuthTokenExpiry = GetExpiry(responseText);
}
public IConsumerRequest BuildRequestTokenContext(string method)
{
var consumerRequest = ConsumerRequestExtensions.ForMethod(Request(), method);
var alterContext = ConsumerRequestExtensions.AlterContext(consumerRequest, context => context.CallbackUrl = (CallbackUri == null) ? "oob" : CallbackUri.ToString());
var request1 = ConsumerRequestExtensions.AlterContext(alterContext, context => context.Token = null);
var request = ConsumerRequestExtensions.ForUri(request1, RequestTokenUri);
return(request
.SignWithoutToken());
}
public IConsumerRequest BuildRequestTokenContext(string method)
{
return(Request()
.ForMethod(method)
.AlterContext(context => context.CallbackUrl = (CallbackUri == null) ? "oob" : CallbackUri.ToString())
.AlterContext(context => context.Token = null)
.ForUri(RequestTokenUri)
.SignWithoutToken());
}
