/// <summary> /// Returns a redirect result to a Microsoft logout page /// </summary> public IHttpResult RedirectToMicrosoftLogout(IServiceBase authService) { // See https://msdn.microsoft.com/en-us/office/office365/howto/authentication-v2-protocols var request = BaseAuthUrl + "/logout?client_id={1}&post_logout_redirect_uri={2}" .Fmt(TenantId, ClientId, CallbackUrl.UrlEncode()); return(authService.Redirect(LogoutUrlFilter(this, request))); }
private object RequestAccessToken(IServiceBase authService, IAuthSession session, string code, IAuthTokens tokens) { try { var appDirectory = GetDirectoryNameFromUsername(session.UserName); var appRegistry = authService.TryResolve <IApplicationRegistryService>(); if (appRegistry == null) { throw new InvalidOperationException( $"No {nameof(IApplicationRegistryService)} found registered in AppHost."); } var registration = appRegistry.GetApplicationByDirectoryName(appDirectory); if (registration == null) { throw new UnauthorizedAccessException($"Authorization for directory @{appDirectory} failed."); } var postData = $"grant_type=authorization_code&redirect_uri={CallbackUrl.UrlEncode()}&code={code}&client_id={registration.ClientId}&client_secret={registration.ClientSecret.UrlEncode()}&scope={BuildScopesFragment()}"; var result = MsGraph.TokenUrl.PostToUrl(postData); var authInfo = JsonObject.Parse(result); var authInfoNvc = authInfo.ToNameValueCollection(); if (HasError(authInfoNvc)) { return(RedirectDueToFailure(authService, session, authInfoNvc)); } tokens.AccessTokenSecret = authInfo["access_token"]; tokens.RefreshToken = authInfo["refresh_token"]; return(OnAuthenticated(authService, session, tokens, authInfo.ToDictionary()) ?? authService.Redirect(SuccessRedirectUrlFilter(this, session.ReferrerUrl.SetParam("s", "1")))); } catch (WebException webException) { if (webException.Response == null) { return(RedirectDueToFailure(authService, session, new NameValueCollection { { "error", webException.GetType().ToString() }, { "error_description", webException.Message } })); } Log.Error("Auth Failure", webException); var response = ((HttpWebResponse)webException.Response); var responseText = Encoding.UTF8.GetString( response.GetResponseStream().ReadFully()); var errorInfo = JsonObject.Parse(responseText).ToNameValueCollection(); return(RedirectDueToFailure(authService, session, errorInfo)); } }
private IHttpResult RequestAccessToken(IServiceBase authService, IAuthSession session, string code, IAuthTokens tokens) { try { var formData = "client_id={0}&redirect_uri={1}&client_secret={2}&code={3}&grant_type=authorization_code&resource={4}" .Fmt(ClientId.UrlEncode(), CallbackUrl.UrlEncode(), ClientSecret.UrlEncode(), code, ResourceId.UrlEncode()); // Endpoint only accepts posts requests var contents = AccessTokenUrl.PostToUrl(formData); // 4. The Azure AD token issuance endpoint returns an access token // and a refresh token. The refresh token can be used to request // additional access tokens. // Response is JSON var authInfo = JsonObject.Parse(contents); var authInfoNvc = authInfo.ToNameValueCollection(); if (HasError(authInfoNvc)) { return(RedirectDueToFailure(authService, session, authInfoNvc)); } tokens.AccessTokenSecret = authInfo["access_token"]; tokens.RefreshToken = authInfo["refresh_token"]; return(OnAuthenticated(authService, session, tokens, authInfo.ToDictionary()) ?? authService.Redirect(SuccessRedirectUrlFilter(this, session.ReferrerUrl.SetParam("s", "1")))); //Haz Access! } catch (WebException webException) { if (webException.Response == null) { // This could happen e.g. due to a timeout return(RedirectDueToFailure(authService, session, new NameValueCollection { { "error", webException.GetType().ToString() }, { "error_description", webException.Message } })); } Log.Error("Auth Failure", webException); var response = ((HttpWebResponse)webException.Response); var responseText = Encoding.UTF8.GetString( response.GetResponseStream().ReadFully()); var errorInfo = JsonObject.Parse(responseText).ToNameValueCollection(); return(RedirectDueToFailure(authService, session, errorInfo)); } //return RedirectDueToFailure(authService, session, new NameValueCollection()); }
private object RequestCode(IServiceBase authService, IAuthSession session, AuthUserSession userSession, IAuthTokens tokens) { var state = Guid.NewGuid().ToString("N"); userSession.State = state; var codeRequest = AuthorizeUrl + "?response_type=code&client_id={0}&redirect_uri={1}&scope={2}&state={3}" .Fmt(ClientId, CallbackUrl.UrlEncode(), Scopes.Join(","), state); if (!DomainHint.IsNullOrEmpty()) { codeRequest += "&domain_hint=" + DomainHint; } if (!tokens.UserName.IsNullOrEmpty()) { codeRequest += "&login_hint=" + tokens.UserName; } authService.SaveSession(session, SessionExpiry); return(authService.Redirect(PreAuthUrlFilter(this, codeRequest))); }
public override object Authenticate(IServiceBase authService, IAuthSession session, Authenticate request) { IAuthTokens tokens = Init(authService, ref session, request); IRequest httpRequest = authService.Request; if (request?.AccessToken != null && request?.AccessTokenSecret != null) { var authInfo = GetUserInfo(request.AccessToken, request.AccessTokenSecret); if (authInfo == null || !(authInfo.Get("error") ?? authInfo.Get("error_description")).IsNullOrEmpty()) { Logger.Error($"VK access_token error callback. {authInfo}"); return(HttpError.Unauthorized("AccessToken is not for App: " + ApplicationId)); } tokens.AccessToken = request.AccessToken; tokens.AccessTokenSecret = request.AccessTokenSecret; var isHtml = authService.Request.IsHtml(); var failedResult = AuthenticateWithAccessToken(authService, session, tokens, request.AccessToken); if (failedResult != null) { return(ConvertToClientError(failedResult, isHtml)); } return(isHtml ? authService.Redirect(SuccessRedirectUrlFilter(this, session.ReferrerUrl.SetParam("s", "1"))) : null); //return default AuthenticateResponse } string error = httpRequest.QueryString["error_reason"] ?? httpRequest.QueryString["error_description"] ?? httpRequest.QueryString["error"]; bool hasError = !error.IsNullOrEmpty(); if (hasError) { Logger.Error($"VK error callback. {httpRequest.QueryString}"); return(authService.Redirect(FailedRedirectUrlFilter(this, session.ReferrerUrl.SetParam("f", error)))); } string code = httpRequest.QueryString["code"]; bool isPreAuthCallback = !code.IsNullOrEmpty(); if (!isPreAuthCallback) { string preAuthUrl = $"{PreAuthUrl}?client_id={ApplicationId}&scope={Scope}&redirect_uri={CallbackUrl.UrlEncode()}&response_type=code&v={ApiVersion}"; this.SaveSession(authService, session, SessionExpiry); return(authService.Redirect(PreAuthUrlFilter(this, preAuthUrl))); } try { code = EnsureLatestCode(code); string accessTokeUrl = $"{AccessTokenUrl}?client_id={ApplicationId}&client_secret={SecureKey}&code={code}&redirect_uri={CallbackUrl.UrlEncode()}"; string contents = HttpUtils.GetStringFromUrl(AccessTokenUrlFilter(this, accessTokeUrl), accept: "*/*", requestFilter: RequestFilter); var authInfo = JsonObject.Parse(contents); //VK does not throw exception, but returns error property in JSON response string accessTokenError = authInfo.Get("error") ?? authInfo.Get("error_description"); if (!accessTokenError.IsNullOrEmpty()) { Logger.Error($"VK access_token error callback. {authInfo}"); return(authService.Redirect(session.ReferrerUrl.SetParam("f", "AccessTokenFailed"))); } tokens.AccessTokenSecret = authInfo.Get("access_token"); tokens.UserId = authInfo.Get("user_id"); session.IsAuthenticated = true; var accessToken = authInfo["access_token"]; return(OnAuthenticated(authService, session, tokens, authInfo.ToDictionary()) ?? authService.Redirect(SuccessRedirectUrlFilter(this, session.ReferrerUrl.SetParam("s", "1")))); } catch (WebException webException) { //just in case VK will start throwing exceptions HttpStatusCode statusCode = ((HttpWebResponse)webException.Response).StatusCode; if (statusCode == HttpStatusCode.BadRequest) { return(authService.Redirect(FailedRedirectUrlFilter(this, session.ReferrerUrl.SetParam("f", "AccessTokenFailed")))); } } return(authService.Redirect(FailedRedirectUrlFilter(this, session.ReferrerUrl.SetParam("f", "Unknown")))); }
public override object Authenticate(IServiceBase authService, IAuthSession session, Authenticate request) { var tokens = Init(authService, ref session, request); //Transfering AccessToken/Secret from Mobile/Desktop App to Server if (request?.AccessToken != null) { //https://developer.github.com/v3/oauth_authorizations/#check-an-authorization var url = VerifyAccessTokenUrl.Fmt(ClientId, request.AccessToken); var json = url.GetJsonFromUrl(requestFilter: httpReq => { httpReq.Headers[HttpRequestHeader.UserAgent] = ServiceClientBase.DefaultUserAgent; httpReq.AddBasicAuth(ClientId, ClientSecret); }); var isHtml = authService.Request.IsHtml(); var failedResult = AuthenticateWithAccessToken(authService, session, tokens, request.AccessToken); if (failedResult != null) { return(ConvertToClientError(failedResult, isHtml)); } return(isHtml ? authService.Redirect(SuccessRedirectUrlFilter(this, session.ReferrerUrl.SetParam("s", "1"))) : null); //return default AuthenticateResponse } var httpRequest = authService.Request; //https://developer.github.com/v3/oauth/#common-errors-for-the-authorization-request var error = httpRequest.QueryString["error"] ?? httpRequest.QueryString["error_uri"] ?? httpRequest.QueryString["error_description"]; var hasError = !error.IsNullOrEmpty(); if (hasError) { Logger.Error($"GitHub error callback. {httpRequest.QueryString}"); return(authService.Redirect(FailedRedirectUrlFilter(this, session.ReferrerUrl.SetParam("f", error)))); } var code = httpRequest.QueryString["code"]; var isPreAuthCallback = !code.IsNullOrEmpty(); if (!isPreAuthCallback) { var scopes = Scopes.Join("%20"); string preAuthUrl = $"{PreAuthUrl}?client_id={ClientId}&redirect_uri={CallbackUrl.UrlEncode()}&scope={scopes}&state={Guid.NewGuid():N}"; this.SaveSession(authService, session, SessionExpiry); return(authService.Redirect(PreAuthUrlFilter(this, preAuthUrl))); } try { string accessTokenUrl = $"{AccessTokenUrl}?client_id={ClientId}&redirect_uri={CallbackUrl.UrlEncode()}&client_secret={ClientSecret}&code={code}"; var contents = AccessTokenUrlFilter(this, accessTokenUrl).GetStringFromUrl(); var authInfo = PclExportClient.Instance.ParseQueryString(contents); //GitHub does not throw exception, but just return error with descriptions //https://developer.github.com/v3/oauth/#common-errors-for-the-access-token-request var accessTokenError = authInfo["error"] ?? authInfo["error_uri"] ?? authInfo["error_description"]; if (!accessTokenError.IsNullOrEmpty()) { Logger.Error($"GitHub access_token error callback. {authInfo}"); return(authService.Redirect(FailedRedirectUrlFilter(this, session.ReferrerUrl.SetParam("f", "AccessTokenFailed")))); } var accessToken = authInfo["access_token"]; return(AuthenticateWithAccessToken(authService, session, tokens, accessToken) ?? authService.Redirect(SuccessRedirectUrlFilter(this, session.ReferrerUrl.SetParam("s", "1")))); //Haz Access! } catch (WebException webException) { //just in case GitHub will start throwing exceptions var statusCode = ((HttpWebResponse)webException.Response).StatusCode; if (statusCode == HttpStatusCode.BadRequest) { return(authService.Redirect(FailedRedirectUrlFilter(this, session.ReferrerUrl.SetParam("f", "AccessTokenFailed")))); } } return(authService.Redirect(FailedRedirectUrlFilter(this, session.ReferrerUrl.SetParam("f", "Unknown")))); }
public override object Authenticate(IServiceBase authService, IAuthSession session, Authenticate request) { IAuthTokens tokens = Init(authService, ref session, request); IRequest httpRequest = authService.Request; string error = httpRequest.QueryString["error"] ?? httpRequest.QueryString["error_reason"] ?? httpRequest.QueryString["error_description"]; bool hasError = !error.IsNullOrEmpty(); if (hasError) { Log.Error("VK error callback. {0}".Fmt(httpRequest.QueryString)); return(authService.Redirect(session.ReferrerUrl.AddHashParam("f", (httpRequest.QueryString["error_reason"] ?? httpRequest.QueryString["error_description"] ?? "Unknown").UrlEncode()))); } string code = httpRequest.QueryString["code"]; bool isPreAuthCallback = !code.IsNullOrEmpty(); if (!isPreAuthCallback) { string url = PreAuthUrl + "?client_id={0}&scope={1}&redirect_uri={2}&response_type=code&v={3}" .Fmt(ApplicationId, Scope, CallbackUrl.UrlEncode(), ApiVersion); authService.SaveSession(session, SessionExpiry); return(authService.Redirect(url)); } try { code = EnsureLatestCode(code); string accessTokeUrl = AccessTokenUrl + "?client_id={0}&client_secret={1}&code={2}&redirect_uri={3}" .Fmt(ApplicationId, SecureKey, code, CallbackUrl.UrlEncode()); string contents = accessTokeUrl.GetStringFromUrl("*/*", RequestFilter); var authInfo = JsonObject.Parse(contents); //VK does not throw exception, but returns error property in JSON response string accessTokenError = authInfo.Get("error") ?? authInfo.Get("error_description"); if (!accessTokenError.IsNullOrEmpty()) { Log.Error("VK access_token error callback. {0}".Fmt(authInfo.ToString())); return(authService.Redirect(session.ReferrerUrl.AddHashParam("f", "AccessTokenFailed"))); } tokens.AccessTokenSecret = authInfo.Get("access_token"); tokens.UserId = authInfo.Get("user_id"); session.IsAuthenticated = true; return(OnAuthenticated(authService, session, tokens, authInfo.ToDictionary()) ?? authService.Redirect(session.ReferrerUrl.AddHashParam("s", "1"))); } catch (WebException webException) { //just in case VK will start throwing exceptions HttpStatusCode statusCode = ((HttpWebResponse)webException.Response).StatusCode; if (statusCode == HttpStatusCode.BadRequest) { return(authService.Redirect(session.ReferrerUrl.AddHashParam("f", "AccessTokenFailed"))); } } return(authService.Redirect(session.ReferrerUrl.AddHashParam("f", "Unknown"))); }
public override object Authenticate(IServiceBase authService, IAuthSession session, Authenticate request) { var tokens = Init(authService, ref session, request); var httpRequest = authService.Request; //https://developer.github.com/v3/oauth/#common-errors-for-the-authorization-request var error = httpRequest.QueryString["error"] ?? httpRequest.QueryString["error_uri"] ?? httpRequest.QueryString["error_description"]; var hasError = !error.IsNullOrEmpty(); if (hasError) { Log.Error("GitHub error callback. {0}".Fmt(httpRequest.QueryString)); return(authService.Redirect(session.ReferrerUrl)); } var code = httpRequest.QueryString["code"]; var isPreAuthCallback = !code.IsNullOrEmpty(); if (!isPreAuthCallback) { string url = PreAuthUrl + "?client_id={0}&redirect_uri={1}&scope={2}&state={3}" .Fmt(ClientId, CallbackUrl.UrlEncode(), Scopes.Join(","), Guid.NewGuid().ToString("N")); authService.SaveSession(session, SessionExpiry); return(authService.Redirect(url)); } string accessTokenUrl = AccessTokenUrl + "?client_id={0}&redirect_uri={1}&client_secret={2}&code={3}" .Fmt(ClientId, CallbackUrl.UrlEncode(), ClientSecret, code); try { var contents = accessTokenUrl.GetStringFromUrl(); var authInfo = HttpUtility.ParseQueryString(contents); //GitHub does not throw exception, but just return error with descriptions //https://developer.github.com/v3/oauth/#common-errors-for-the-access-token-request var accessTokenError = authInfo["error"] ?? authInfo["error_uri"] ?? authInfo["error_description"]; if (!accessTokenError.IsNullOrEmpty()) { Log.Error("GitHub access_token error callback. {0}".Fmt(authInfo.ToString())); return(authService.Redirect(session.ReferrerUrl.AddHashParam("f", "AccessTokenFailed"))); } tokens.AccessTokenSecret = authInfo["access_token"]; session.IsAuthenticated = true; return(OnAuthenticated(authService, session, tokens, authInfo.ToDictionary()) ?? authService.Redirect(session.ReferrerUrl.AddHashParam("s", "1"))); //Haz Access! } catch (WebException webException) { //just in case GitHub will start throwing exceptions var statusCode = ((HttpWebResponse)webException.Response).StatusCode; if (statusCode == HttpStatusCode.BadRequest) { return(authService.Redirect(session.ReferrerUrl.AddHashParam("f", "AccessTokenFailed"))); } } return(authService.Redirect(session.ReferrerUrl.AddHashParam("f", "Unknown"))); }
public override object Authenticate(IServiceBase authService, IAuthSession session, Authenticate request) { IAuthTokens tokens = Init(authService, ref session, request); IRequest httpRequest = authService.Request; string error = httpRequest.QueryString["error"]; bool hasError = !error.IsNullOrEmpty(); if (hasError) { Logger.Error($"Odnoklassniki error callback. {httpRequest.QueryString}"); return(authService.Redirect(FailedRedirectUrlFilter(this, session.ReferrerUrl.SetParam("f", error)))); } string code = httpRequest.QueryString["code"]; bool isPreAuthCallback = !code.IsNullOrEmpty(); if (!isPreAuthCallback) { string preAuthUrl = $"{PreAuthUrl}?client_id={ApplicationId}&redirect_uri={CallbackUrl.UrlEncode()}&response_type=code&layout=m"; this.SaveSession(authService, session, SessionExpiry); return(authService.Redirect(PreAuthUrlFilter(this, preAuthUrl))); } try { string payload = $"client_id={ApplicationId}&client_secret={SecretKey}&code={code}&redirect_uri={CallbackUrl.UrlEncode()}&grant_type=authorization_code"; string contents = AccessTokenUrlFilter(this, AccessTokenUrl).PostToUrl(payload, "*/*", RequestFilter); var authInfo = JsonObject.Parse(contents); //ok.ru does not throw exception, but returns error property in JSON response string accessTokenError = authInfo.Get("error"); if (!accessTokenError.IsNullOrEmpty()) { Logger.Error($"Odnoklassniki access_token error callback. {authInfo}"); return(authService.Redirect(session.ReferrerUrl.SetParam("f", "AccessTokenFailed"))); } tokens.AccessTokenSecret = authInfo.Get("access_token"); tokens.UserId = authInfo.Get("user_id"); session.IsAuthenticated = true; return(OnAuthenticated(authService, session, tokens, authInfo.ToDictionary()) ?? authService.Redirect(SuccessRedirectUrlFilter(this, session.ReferrerUrl.SetParam("s", "1")))); } catch (WebException webException) { //just in case it starts throwing exceptions HttpStatusCode statusCode = ((HttpWebResponse)webException.Response).StatusCode; if (statusCode == HttpStatusCode.BadRequest) { return(authService.Redirect(FailedRedirectUrlFilter(this, session.ReferrerUrl.SetParam("f", "AccessTokenFailed")))); } } return(authService.Redirect(FailedRedirectUrlFilter(this, session.ReferrerUrl.SetParam("f", "Unknown")))); }
public override object Authenticate(IServiceBase authService, IAuthSession session, Authenticate request) { IAuthTokens tokens = Init(authService, ref session, request); IRequest httpRequest = authService.Request; string error = httpRequest.QueryString["error"] ?? httpRequest.QueryString["error_uri"] ?? httpRequest.QueryString["error_description"]; bool hasError = !error.IsNullOrEmpty(); if (hasError) { Log.Error("Yandex error callback. {0}".Fmt(httpRequest.QueryString)); return(authService.Redirect(FailedRedirectUrlFilter(this, session.ReferrerUrl.AddParam("f", error)))); } string code = httpRequest.QueryString["code"]; bool isPreAuthCallback = !code.IsNullOrEmpty(); if (!isPreAuthCallback) { string preAuthUrl = PreAuthUrl + "?response_type=code&client_id={0}&redirect_uri={1}&display=popup&state={2}".Fmt(ApplicationId, CallbackUrl.UrlEncode(), Guid.NewGuid().ToString("N")); authService.SaveSession(session, SessionExpiry); return(authService.Redirect(PreAuthUrlFilter(this, preAuthUrl))); } try { string payload = "grant_type=authorization_code&code={0}&client_id={1}&client_secret={2}".Fmt(code, ApplicationId, ApplicationPassword); string contents = AccessTokenUrl.PostStringToUrl(payload); var authInfo = JsonObject.Parse(contents); //Yandex does not throw exception, but returns error property in JSON response // http://api.yandex.ru/oauth/doc/dg/reference/obtain-access-token.xml string accessTokenError = authInfo.Get("error"); if (!accessTokenError.IsNullOrEmpty()) { Log.Error("Yandex access_token error callback. {0}".Fmt(authInfo.ToString())); return(authService.Redirect(session.ReferrerUrl.AddParam("f", "AccessTokenFailed"))); } tokens.AccessTokenSecret = authInfo.Get("access_token"); session.IsAuthenticated = true; return(OnAuthenticated(authService, session, tokens, authInfo.ToDictionary()) ?? authService.Redirect(SuccessRedirectUrlFilter(this, session.ReferrerUrl.AddParam("s", "1")))); } catch (WebException webException) { //just in case Yandex will start throwing exceptions HttpStatusCode statusCode = ((HttpWebResponse)webException.Response).StatusCode; if (statusCode == HttpStatusCode.BadRequest) { return(authService.Redirect(FailedRedirectUrlFilter(this, session.ReferrerUrl.AddParam("f", "AccessTokenFailed")))); } } return(authService.Redirect(FailedRedirectUrlFilter(this, session.ReferrerUrl.AddParam("f", "Unknown")))); }
private object RequestCode(IServiceBase authService, Authenticate request, IAuthSession session, AuthUserSession userSession, IAuthTokens tokens) { var appDirectory = GetDirectoryNameFromUsername(request.UserName); session.UserName = request.UserName; var appRegistry = authService.TryResolve <IApplicationRegistryService>(); if (appRegistry == null) { throw new InvalidOperationException( $"No {nameof(IApplicationRegistryService)} found registered in AppHost."); } var registration = appRegistry.GetApplicationByDirectoryName(appDirectory); if (registration == null) { throw new UnauthorizedAccessException($"Authorization for directory @{appDirectory} failed."); } var state = Guid.NewGuid().ToString("N"); tokens.Items.Add("ClientId", registration.ClientId); userSession.State = state; var reqUrl = $"{MsGraph.AuthorizationUrl}?client_id={registration.ClientId}&response_type=code&redirect_uri={CallbackUrl.UrlEncode()}&scope={BuildScopesFragment()}&state={state}"; authService.SaveSession(session, SessionExpiry); return(authService.Redirect(PreAuthUrlFilter(this, reqUrl))); }
public override object Authenticate(IServiceBase authService, IAuthSession session, Authenticate request) { var tokens = Init(authService, ref session, request); var httpRequest = authService.Request; //https://developer.github.com/v3/oauth/#common-errors-for-the-authorization-request var error = httpRequest.QueryString["error"] ?? httpRequest.QueryString["error_uri"] ?? httpRequest.QueryString["error_description"]; var hasError = !error.IsNullOrEmpty(); if (hasError) { Log.Error($"GitHub error callback. {httpRequest.QueryString}"); return(authService.Redirect(FailedRedirectUrlFilter(this, session.ReferrerUrl.SetParam("f", error)))); } var code = httpRequest.QueryString["code"]; var isPreAuthCallback = !code.IsNullOrEmpty(); if (!isPreAuthCallback) { string preAuthUrl = $"{PreAuthUrl}?client_id={ClientId}&redirect_uri={CallbackUrl.UrlEncode()}&scope={Scopes.Join(",")}&state={Guid.NewGuid().ToString("N")}"; this.SaveSession(authService, session, SessionExpiry); return(authService.Redirect(PreAuthUrlFilter(this, preAuthUrl))); } string accessTokenUrl = $"{AccessTokenUrl}?client_id={ClientId}&redirect_uri={CallbackUrl.UrlEncode()}&client_secret={ClientSecret}&code={code}"; try { var contents = AccessTokenUrlFilter(this, accessTokenUrl).GetStringFromUrl(); var authInfo = PclExportClient.Instance.ParseQueryString(contents); //GitHub does not throw exception, but just return error with descriptions //https://developer.github.com/v3/oauth/#common-errors-for-the-access-token-request var accessTokenError = authInfo["error"] ?? authInfo["error_uri"] ?? authInfo["error_description"]; if (!accessTokenError.IsNullOrEmpty()) { Log.Error($"GitHub access_token error callback. {authInfo}"); return(authService.Redirect(FailedRedirectUrlFilter(this, session.ReferrerUrl.SetParam("f", "AccessTokenFailed")))); } tokens.AccessTokenSecret = authInfo["access_token"]; session.IsAuthenticated = true; return(OnAuthenticated(authService, session, tokens, authInfo.ToDictionary()) ?? authService.Redirect(SuccessRedirectUrlFilter(this, session.ReferrerUrl.SetParam("s", "1")))); //Haz Access! } catch (WebException webException) { //just in case GitHub will start throwing exceptions var statusCode = ((HttpWebResponse)webException.Response).StatusCode; if (statusCode == HttpStatusCode.BadRequest) { return(authService.Redirect(FailedRedirectUrlFilter(this, session.ReferrerUrl.SetParam("f", "AccessTokenFailed")))); } } return(authService.Redirect(FailedRedirectUrlFilter(this, session.ReferrerUrl.SetParam("f", "Unknown")))); }
public override async Task <object> AuthenticateAsync(IServiceBase authService, IAuthSession session, Authenticate request, CancellationToken token = default) { var tokens = Init(authService, ref session, request); var ctx = CreateAuthContext(authService, session, tokens); //Transferring AccessToken/Secret from Mobile/Desktop App to Server if (request?.AccessToken != null) { //https://developer.github.com/v3/oauth_authorizations/#check-an-authorization var url = VerifyAccessTokenUrl.Fmt(ClientId, request.AccessToken); var json = await url.GetJsonFromUrlAsync(requestFilter : req => req.With(c => { c.UserAgent = ServiceClientBase.DefaultUserAgent; c.SetAuthBasic(ClientId, ClientSecret); }), token : token).ConfigAwait(); var isHtml = authService.Request.IsHtml(); var failedResult = await AuthenticateWithAccessTokenAsync(authService, session, tokens, request.AccessToken, token).ConfigAwait(); if (failedResult != null) { return(ConvertToClientError(failedResult, isHtml)); } return(isHtml ? await authService.Redirect(SuccessRedirectUrlFilter(ctx, session.ReferrerUrl.SetParam("s", "1"))).SuccessAuthResultAsync(authService, session).ConfigAwait() : null); //return default AuthenticateResponse } var httpRequest = authService.Request; //https://developer.github.com/v3/oauth/#common-errors-for-the-authorization-request var error = httpRequest.QueryString["error"] ?? httpRequest.QueryString["error_uri"] ?? httpRequest.QueryString["error_description"]; var hasError = !error.IsNullOrEmpty(); if (hasError) { Log.Error($"GitHub error callback. {httpRequest.QueryString}"); return(authService.Redirect(FailedRedirectUrlFilter(ctx, session.ReferrerUrl.SetParam("f", error)))); } var code = httpRequest.QueryString["code"]; var isPreAuthCallback = !code.IsNullOrEmpty(); if (!isPreAuthCallback) { var scopes = Scopes.Join("%20"); string preAuthUrl = $"{PreAuthUrl}?client_id={ClientId}&redirect_uri={CallbackUrl.UrlEncode()}&scope={scopes}&{Keywords.State}={session.Id}"; await this.SaveSessionAsync(authService, session, SessionExpiry, token).ConfigAwait(); return(authService.Redirect(PreAuthUrlFilter(ctx, preAuthUrl))); } try { string accessTokenUrl = $"{AccessTokenUrl}?client_id={ClientId}&redirect_uri={CallbackUrl.UrlEncode()}&client_secret={ClientSecret}&code={code}"; var contents = await AccessTokenUrlFilter(ctx, accessTokenUrl).GetStringFromUrlAsync().ConfigAwait(); var authInfo = PclExportClient.Instance.ParseQueryString(contents); //GitHub does not throw exception, but just return error with descriptions //https://developer.github.com/v3/oauth/#common-errors-for-the-access-token-request var accessTokenError = authInfo["error"] ?? authInfo["error_uri"] ?? authInfo["error_description"]; if (!accessTokenError.IsNullOrEmpty()) { Log.Error($"GitHub access_token error callback. {authInfo}"); return(authService.Redirect(FailedRedirectUrlFilter(ctx, session.ReferrerUrl.SetParam("f", "AccessTokenFailed")))); } var accessToken = authInfo["access_token"]; //Haz Access! return(await AuthenticateWithAccessTokenAsync(authService, session, tokens, accessToken, token).ConfigAwait() ?? await authService.Redirect(SuccessRedirectUrlFilter(ctx, session.ReferrerUrl.SetParam("s", "1"))).SuccessAuthResultAsync(authService, session).ConfigAwait()); } catch (WebException webException) { var errorBody = webException.GetResponseBodyAsync(token); Log.Error("GitHub AccessToken Failed:\n" + errorBody); //just in case GitHub will start throwing exceptions var statusCode = ((HttpWebResponse)webException.Response).StatusCode; if (statusCode == HttpStatusCode.BadRequest) { return(authService.Redirect(FailedRedirectUrlFilter(ctx, session.ReferrerUrl.SetParam("f", "AccessTokenFailed")))); } } return(authService.Redirect(FailedRedirectUrlFilter(ctx, session.ReferrerUrl.SetParam("f", "Unknown")))); }
public override async Task <object> AuthenticateAsync(IServiceBase authService, IAuthSession session, Authenticate request, CancellationToken token = default) { IAuthTokens tokens = Init(authService, ref session, request); var ctx = CreateAuthContext(authService, session, tokens); IRequest httpRequest = authService.Request; string error = httpRequest.QueryString["error"]; bool hasError = !error.IsNullOrEmpty(); if (hasError) { Log.Error($"Odnoklassniki error callback. {httpRequest.QueryString}"); return(authService.Redirect(FailedRedirectUrlFilter(ctx, session.ReferrerUrl.SetParam("f", error)))); } string code = httpRequest.QueryString["code"]; bool isPreAuthCallback = !code.IsNullOrEmpty(); if (!isPreAuthCallback) { string preAuthUrl = $"{PreAuthUrl}?client_id={ApplicationId}&redirect_uri={CallbackUrl.UrlEncode()}&response_type=code&layout=m"; await this.SaveSessionAsync(authService, session, SessionExpiry, token).ConfigAwait(); return(authService.Redirect(PreAuthUrlFilter(ctx, preAuthUrl))); } try { string payload = $"client_id={ApplicationId}&client_secret={SecretKey}&code={code}&redirect_uri={CallbackUrl.UrlEncode()}&grant_type=authorization_code"; string contents = await AccessTokenUrlFilter(ctx, AccessTokenUrl) .PostToUrlAsync(formData: payload, requestFilter: req => req.With(c => { c.UserAgent = ServiceClientBase.DefaultUserAgent; c.Accept = "*/*"; }), token: token).ConfigAwait(); var authInfo = JsonObject.Parse(contents); //ok.ru does not throw exception, but returns error property in JSON response string accessTokenError = authInfo.Get("error"); if (!accessTokenError.IsNullOrEmpty()) { Log.Error($"Odnoklassniki access_token error callback. {authInfo}"); return(authService.Redirect(session.ReferrerUrl.SetParam("f", "AccessTokenFailed"))); } tokens.AccessTokenSecret = authInfo.Get("access_token"); tokens.UserId = authInfo.Get("user_id"); session.IsAuthenticated = true; return(await OnAuthenticatedAsync(authService, session, tokens, authInfo.ToDictionary(), token).ConfigAwait() ?? await authService.Redirect(SuccessRedirectUrlFilter(ctx, session.ReferrerUrl.SetParam("s", "1"))).SuccessAuthResultAsync(authService, session).ConfigAwait()); } catch (Exception ex) { //just in case it starts throwing exceptions var statusCode = ex.GetStatus(); if (statusCode == HttpStatusCode.BadRequest) { return(authService.Redirect(FailedRedirectUrlFilter(ctx, session.ReferrerUrl.SetParam("f", "AccessTokenFailed")))); } } return(authService.Redirect(FailedRedirectUrlFilter(ctx, session.ReferrerUrl.SetParam("f", "Unknown")))); }
public override async Task <object> AuthenticateAsync(IServiceBase authService, IAuthSession session, Authenticate request, CancellationToken token = default) { IAuthTokens tokens = Init(authService, ref session, request); var ctx = CreateAuthContext(authService, session, tokens); IRequest httpRequest = authService.Request; string error = httpRequest.QueryString["error"] ?? httpRequest.QueryString["error_uri"] ?? httpRequest.QueryString["error_description"]; bool hasError = !error.IsNullOrEmpty(); if (hasError) { Log.Error($"Yandex error callback. {httpRequest.QueryString}"); return(authService.Redirect(FailedRedirectUrlFilter(ctx, session.ReferrerUrl.SetParam("f", error)))); } string code = httpRequest.QueryString["code"]; bool isPreAuthCallback = !code.IsNullOrEmpty(); if (!isPreAuthCallback) { string preAuthUrl = $"{PreAuthUrl}?response_type=code&client_id={ApplicationId}&redirect_uri={CallbackUrl.UrlEncode()}&display=popup&state={Guid.NewGuid().ToString("N")}"; await this.SaveSessionAsync(authService, session, SessionExpiry, token).ConfigAwait(); return(authService.Redirect(PreAuthUrlFilter(ctx, preAuthUrl))); } try { string payload = $"grant_type=authorization_code&code={code}&client_id={ApplicationId}&client_secret={ApplicationPassword}"; string contents = await AccessTokenUrl.PostStringToUrlAsync(payload).ConfigAwait(); var authInfo = JsonObject.Parse(contents); //Yandex does not throw exception, but returns error property in JSON response // http://api.yandex.ru/oauth/doc/dg/reference/obtain-access-token.xml string accessTokenError = authInfo.Get("error"); if (!accessTokenError.IsNullOrEmpty()) { Log.Error($"Yandex access_token error callback. {authInfo}"); return(authService.Redirect(session.ReferrerUrl.SetParam("f", "AccessTokenFailed"))); } tokens.AccessTokenSecret = authInfo.Get("access_token"); session.IsAuthenticated = true; return(await OnAuthenticatedAsync(authService, session, tokens, authInfo.ToDictionary(), token).ConfigAwait() ?? await authService.Redirect(SuccessRedirectUrlFilter(ctx, session.ReferrerUrl.SetParam("s", "1"))).SuccessAuthResultAsync(authService, session).ConfigAwait()); } catch (WebException webException) { //just in case Yandex will start throwing exceptions var statusCode = ((HttpWebResponse)webException.Response).StatusCode; if (statusCode == HttpStatusCode.BadRequest) { return(authService.Redirect(FailedRedirectUrlFilter(ctx, session.ReferrerUrl.SetParam("f", "AccessTokenFailed")))); } } return(authService.Redirect(FailedRedirectUrlFilter(ctx, session.ReferrerUrl.SetParam("f", "Unknown")))); }
public override async Task <object> AuthenticateAsync(IServiceBase authService, IAuthSession session, Authenticate request, CancellationToken token = default) { IAuthTokens tokens = Init(authService, ref session, request); var ctx = CreateAuthContext(authService, session, tokens); IRequest httpRequest = authService.Request; if (request?.AccessToken != null && request?.AccessTokenSecret != null) { var authInfo = await GetUserInfoAsync(request.AccessToken, request.AccessTokenSecret).ConfigAwait(); if (authInfo == null || !(authInfo.Get("error") ?? authInfo.Get("error_description")).IsNullOrEmpty()) { Log.Error($"VK access_token error callback. {authInfo}"); return(HttpError.Unauthorized("AccessToken is not for App: " + ApplicationId)); } tokens.AccessToken = request.AccessToken; tokens.AccessTokenSecret = request.AccessTokenSecret; var isHtml = authService.Request.IsHtml(); var failedResult = await AuthenticateWithAccessTokenAsync(authService, session, tokens, request.AccessToken).ConfigAwait(); if (failedResult != null) { return(ConvertToClientError(failedResult, isHtml)); } return(isHtml ? await authService.Redirect(SuccessRedirectUrlFilter(ctx, session.ReferrerUrl.SetParam("s", "1"))).SuccessAuthResultAsync(authService, session).ConfigAwait() : null); //return default AuthenticateResponse } string error = httpRequest.QueryString["error_reason"] ?? httpRequest.QueryString["error_description"] ?? httpRequest.QueryString["error"]; bool hasError = !error.IsNullOrEmpty(); if (hasError) { Log.Error($"VK error callback. {httpRequest.QueryString}"); return(authService.Redirect(FailedRedirectUrlFilter(ctx, session.ReferrerUrl.SetParam("f", error)))); } string code = httpRequest.QueryString["code"]; bool isPreAuthCallback = !code.IsNullOrEmpty(); if (!isPreAuthCallback) { string preAuthUrl = $"{PreAuthUrl}?client_id={ApplicationId}&scope={Scope}&redirect_uri={CallbackUrl.UrlEncode()}&response_type=code&v={ApiVersion}"; await this.SaveSessionAsync(authService, session, SessionExpiry, token).ConfigAwait(); return(authService.Redirect(PreAuthUrlFilter(ctx, preAuthUrl))); } try { code = EnsureLatestCode(code); string accessTokeUrl = $"{AccessTokenUrl}?client_id={ApplicationId}&client_secret={SecureKey}&code={code}&redirect_uri={CallbackUrl.UrlEncode()}"; string contents = await AccessTokenUrlFilter(ctx, accessTokeUrl) .GetStringFromUrlAsync(requestFilter: req => req.With(c => c.UserAgent = ServiceClientBase.DefaultUserAgent), token: token).ConfigAwait(); var authInfo = JsonObject.Parse(contents); //VK does not throw exception, but returns error property in JSON response string accessTokenError = authInfo.Get("error") ?? authInfo.Get("error_description"); if (!accessTokenError.IsNullOrEmpty()) { Log.Error($"VK access_token error callback. {authInfo}"); return(authService.Redirect(session.ReferrerUrl.SetParam("f", "AccessTokenFailed"))); } tokens.AccessTokenSecret = authInfo.Get("access_token"); tokens.UserId = authInfo.Get("user_id"); session.IsAuthenticated = true; //Haz Access return(await OnAuthenticatedAsync(authService, session, tokens, authInfo.ToDictionary(), token).ConfigAwait() ?? await authService.Redirect(SuccessRedirectUrlFilter(ctx, session.ReferrerUrl.SetParam("s", "1"))).SuccessAuthResultAsync(authService, session).ConfigAwait()); } catch (Exception ex) { //just in case VK will start throwing exceptions var statusCode = ex.GetStatus(); if (statusCode == HttpStatusCode.BadRequest) { return(authService.Redirect(FailedRedirectUrlFilter(ctx, session.ReferrerUrl.SetParam("f", "AccessTokenFailed")))); } } return(authService.Redirect(FailedRedirectUrlFilter(ctx, session.ReferrerUrl.SetParam("f", "Unknown")))); }