/// <summary>
/// Returns a redirect result to a Microsoft logout page
/// </summary>
public IHttpResult RedirectToMicrosoftLogout(IServiceBase authService)
{
// See https://msdn.microsoft.com/en-us/office/office365/howto/authentication-v2-protocols
var request = BaseAuthUrl + "/logout?client_id={1}&post_logout_redirect_uri={2}"
.Fmt(TenantId, ClientId, CallbackUrl.UrlEncode());
return(authService.Redirect(LogoutUrlFilter(this, request)));
}
private object RequestAccessToken(IServiceBase authService, IAuthSession session, string code,
IAuthTokens tokens)
{
try
{
var appDirectory = GetDirectoryNameFromUsername(session.UserName);
var appRegistry = authService.TryResolve <IApplicationRegistryService>();
if (appRegistry == null)
{
throw new InvalidOperationException(
$"No {nameof(IApplicationRegistryService)} found registered in AppHost.");
}
var registration = appRegistry.GetApplicationByDirectoryName(appDirectory);
if (registration == null)
{
throw new UnauthorizedAccessException($"Authorization for directory @{appDirectory} failed.");
}
var postData =
$"grant_type=authorization_code&redirect_uri={CallbackUrl.UrlEncode()}&code={code}&client_id={registration.ClientId}&client_secret={registration.ClientSecret.UrlEncode()}&scope={BuildScopesFragment()}";
var result = MsGraph.TokenUrl.PostToUrl(postData);
var authInfo = JsonObject.Parse(result);
var authInfoNvc = authInfo.ToNameValueCollection();
if (HasError(authInfoNvc))
{
return(RedirectDueToFailure(authService, session, authInfoNvc));
}
tokens.AccessTokenSecret = authInfo["access_token"];
tokens.RefreshToken = authInfo["refresh_token"];
return(OnAuthenticated(authService, session, tokens, authInfo.ToDictionary())
?? authService.Redirect(SuccessRedirectUrlFilter(this, session.ReferrerUrl.SetParam("s", "1"))));
}
catch (WebException webException)
{
if (webException.Response == null)
{
return(RedirectDueToFailure(authService, session, new NameValueCollection
{
{ "error", webException.GetType().ToString() },
{ "error_description", webException.Message }
}));
}
Log.Error("Auth Failure", webException);
var response = ((HttpWebResponse)webException.Response);
var responseText = Encoding.UTF8.GetString(
response.GetResponseStream().ReadFully());
var errorInfo = JsonObject.Parse(responseText).ToNameValueCollection();
return(RedirectDueToFailure(authService, session, errorInfo));
}
}
private IHttpResult RequestAccessToken(IServiceBase authService, IAuthSession session, string code, IAuthTokens tokens)
{
try
{
var formData = "client_id={0}&redirect_uri={1}&client_secret={2}&code={3}&grant_type=authorization_code&resource={4}"
.Fmt(ClientId.UrlEncode(), CallbackUrl.UrlEncode(), ClientSecret.UrlEncode(), code, ResourceId.UrlEncode());
// Endpoint only accepts posts requests
var contents = AccessTokenUrl.PostToUrl(formData);
// 4. The Azure AD token issuance endpoint returns an access token
// and a refresh token. The refresh token can be used to request
// additional access tokens.
// Response is JSON
var authInfo = JsonObject.Parse(contents);
var authInfoNvc = authInfo.ToNameValueCollection();
if (HasError(authInfoNvc))
{
return(RedirectDueToFailure(authService, session, authInfoNvc));
}
tokens.AccessTokenSecret = authInfo["access_token"];
tokens.RefreshToken = authInfo["refresh_token"];
return(OnAuthenticated(authService, session, tokens, authInfo.ToDictionary())
?? authService.Redirect(SuccessRedirectUrlFilter(this, session.ReferrerUrl.SetParam("s", "1")))); //Haz Access!
}
catch (WebException webException)
{
if (webException.Response == null)
{
// This could happen e.g. due to a timeout
return(RedirectDueToFailure(authService, session, new NameValueCollection
{
{ "error", webException.GetType().ToString() },
{ "error_description", webException.Message }
}));
}
Log.Error("Auth Failure", webException);
var response = ((HttpWebResponse)webException.Response);
var responseText = Encoding.UTF8.GetString(
response.GetResponseStream().ReadFully());
var errorInfo = JsonObject.Parse(responseText).ToNameValueCollection();
return(RedirectDueToFailure(authService, session, errorInfo));
}
//return RedirectDueToFailure(authService, session, new NameValueCollection());
}
private object RequestCode(IServiceBase authService, IAuthSession session, AuthUserSession userSession, IAuthTokens tokens)
{
var state = Guid.NewGuid().ToString("N");
userSession.State = state;
var codeRequest = AuthorizeUrl + "?response_type=code&client_id={0}&redirect_uri={1}&scope={2}&state={3}"
.Fmt(ClientId, CallbackUrl.UrlEncode(), Scopes.Join(","), state);
if (!DomainHint.IsNullOrEmpty())
{
codeRequest += "&domain_hint=" + DomainHint;
}
if (!tokens.UserName.IsNullOrEmpty())
{
codeRequest += "&login_hint=" + tokens.UserName;
}
authService.SaveSession(session, SessionExpiry);
return(authService.Redirect(PreAuthUrlFilter(this, codeRequest)));
}
public override object Authenticate(IServiceBase authService, IAuthSession session, Authenticate request)
{
IAuthTokens tokens = Init(authService, ref session, request);
IRequest httpRequest = authService.Request;
if (request?.AccessToken != null && request?.AccessTokenSecret != null)
{
var authInfo = GetUserInfo(request.AccessToken, request.AccessTokenSecret);
if (authInfo == null || !(authInfo.Get("error") ?? authInfo.Get("error_description")).IsNullOrEmpty())
{
Logger.Error($"VK access_token error callback. {authInfo}");
return(HttpError.Unauthorized("AccessToken is not for App: " + ApplicationId));
}
tokens.AccessToken = request.AccessToken;
tokens.AccessTokenSecret = request.AccessTokenSecret;
var isHtml = authService.Request.IsHtml();
var failedResult = AuthenticateWithAccessToken(authService, session, tokens, request.AccessToken);
if (failedResult != null)
{
return(ConvertToClientError(failedResult, isHtml));
}
return(isHtml
? authService.Redirect(SuccessRedirectUrlFilter(this, session.ReferrerUrl.SetParam("s", "1")))
: null); //return default AuthenticateResponse
}
string error = httpRequest.QueryString["error_reason"]
?? httpRequest.QueryString["error_description"]
?? httpRequest.QueryString["error"];
bool hasError = !error.IsNullOrEmpty();
if (hasError)
{
Logger.Error($"VK error callback. {httpRequest.QueryString}");
return(authService.Redirect(FailedRedirectUrlFilter(this, session.ReferrerUrl.SetParam("f", error))));
}
string code = httpRequest.QueryString["code"];
bool isPreAuthCallback = !code.IsNullOrEmpty();
if (!isPreAuthCallback)
{
string preAuthUrl = $"{PreAuthUrl}?client_id={ApplicationId}&scope={Scope}&redirect_uri={CallbackUrl.UrlEncode()}&response_type=code&v={ApiVersion}";
this.SaveSession(authService, session, SessionExpiry);
return(authService.Redirect(PreAuthUrlFilter(this, preAuthUrl)));
}
try {
code = EnsureLatestCode(code);
string accessTokeUrl = $"{AccessTokenUrl}?client_id={ApplicationId}&client_secret={SecureKey}&code={code}&redirect_uri={CallbackUrl.UrlEncode()}";
string contents = HttpUtils.GetStringFromUrl(AccessTokenUrlFilter(this, accessTokeUrl), accept: "*/*", requestFilter: RequestFilter);
var authInfo = JsonObject.Parse(contents);
//VK does not throw exception, but returns error property in JSON response
string accessTokenError = authInfo.Get("error") ?? authInfo.Get("error_description");
if (!accessTokenError.IsNullOrEmpty())
{
Logger.Error($"VK access_token error callback. {authInfo}");
return(authService.Redirect(session.ReferrerUrl.SetParam("f", "AccessTokenFailed")));
}
tokens.AccessTokenSecret = authInfo.Get("access_token");
tokens.UserId = authInfo.Get("user_id");
session.IsAuthenticated = true;
var accessToken = authInfo["access_token"];
return(OnAuthenticated(authService, session, tokens, authInfo.ToDictionary())
?? authService.Redirect(SuccessRedirectUrlFilter(this, session.ReferrerUrl.SetParam("s", "1"))));
} catch (WebException webException) {
//just in case VK will start throwing exceptions
HttpStatusCode statusCode = ((HttpWebResponse)webException.Response).StatusCode;
if (statusCode == HttpStatusCode.BadRequest)
{
return(authService.Redirect(FailedRedirectUrlFilter(this, session.ReferrerUrl.SetParam("f", "AccessTokenFailed"))));
}
}
return(authService.Redirect(FailedRedirectUrlFilter(this, session.ReferrerUrl.SetParam("f", "Unknown"))));
}
public override object Authenticate(IServiceBase authService, IAuthSession session, Authenticate request)
{
var tokens = Init(authService, ref session, request);
//Transfering AccessToken/Secret from Mobile/Desktop App to Server
if (request?.AccessToken != null)
{
//https://developer.github.com/v3/oauth_authorizations/#check-an-authorization
var url = VerifyAccessTokenUrl.Fmt(ClientId, request.AccessToken);
var json = url.GetJsonFromUrl(requestFilter: httpReq => {
httpReq.Headers[HttpRequestHeader.UserAgent] = ServiceClientBase.DefaultUserAgent;
httpReq.AddBasicAuth(ClientId, ClientSecret);
});
var isHtml = authService.Request.IsHtml();
var failedResult = AuthenticateWithAccessToken(authService, session, tokens, request.AccessToken);
if (failedResult != null)
{
return(ConvertToClientError(failedResult, isHtml));
}
return(isHtml
? authService.Redirect(SuccessRedirectUrlFilter(this, session.ReferrerUrl.SetParam("s", "1")))
: null); //return default AuthenticateResponse
}
var httpRequest = authService.Request;
//https://developer.github.com/v3/oauth/#common-errors-for-the-authorization-request
var error = httpRequest.QueryString["error"]
?? httpRequest.QueryString["error_uri"]
?? httpRequest.QueryString["error_description"];
var hasError = !error.IsNullOrEmpty();
if (hasError)
{
Logger.Error($"GitHub error callback. {httpRequest.QueryString}");
return(authService.Redirect(FailedRedirectUrlFilter(this, session.ReferrerUrl.SetParam("f", error))));
}
var code = httpRequest.QueryString["code"];
var isPreAuthCallback = !code.IsNullOrEmpty();
if (!isPreAuthCallback)
{
var scopes = Scopes.Join("%20");
string preAuthUrl = $"{PreAuthUrl}?client_id={ClientId}&redirect_uri={CallbackUrl.UrlEncode()}&scope={scopes}&state={Guid.NewGuid():N}";
this.SaveSession(authService, session, SessionExpiry);
return(authService.Redirect(PreAuthUrlFilter(this, preAuthUrl)));
}
try
{
string accessTokenUrl = $"{AccessTokenUrl}?client_id={ClientId}&redirect_uri={CallbackUrl.UrlEncode()}&client_secret={ClientSecret}&code={code}";
var contents = AccessTokenUrlFilter(this, accessTokenUrl).GetStringFromUrl();
var authInfo = PclExportClient.Instance.ParseQueryString(contents);
//GitHub does not throw exception, but just return error with descriptions
//https://developer.github.com/v3/oauth/#common-errors-for-the-access-token-request
var accessTokenError = authInfo["error"]
?? authInfo["error_uri"]
?? authInfo["error_description"];
if (!accessTokenError.IsNullOrEmpty())
{
Logger.Error($"GitHub access_token error callback. {authInfo}");
return(authService.Redirect(FailedRedirectUrlFilter(this, session.ReferrerUrl.SetParam("f", "AccessTokenFailed"))));
}
var accessToken = authInfo["access_token"];
return(AuthenticateWithAccessToken(authService, session, tokens, accessToken)
?? authService.Redirect(SuccessRedirectUrlFilter(this, session.ReferrerUrl.SetParam("s", "1")))); //Haz Access!
}
catch (WebException webException)
{
//just in case GitHub will start throwing exceptions
var statusCode = ((HttpWebResponse)webException.Response).StatusCode;
if (statusCode == HttpStatusCode.BadRequest)
{
return(authService.Redirect(FailedRedirectUrlFilter(this, session.ReferrerUrl.SetParam("f", "AccessTokenFailed"))));
}
}
return(authService.Redirect(FailedRedirectUrlFilter(this, session.ReferrerUrl.SetParam("f", "Unknown"))));
}
public override object Authenticate(IServiceBase authService, IAuthSession session, Authenticate request)
{
IAuthTokens tokens = Init(authService, ref session, request);
IRequest httpRequest = authService.Request;
string error = httpRequest.QueryString["error"]
?? httpRequest.QueryString["error_reason"]
?? httpRequest.QueryString["error_description"];
bool hasError = !error.IsNullOrEmpty();
if (hasError)
{
Log.Error("VK error callback. {0}".Fmt(httpRequest.QueryString));
return(authService.Redirect(session.ReferrerUrl.AddHashParam("f",
(httpRequest.QueryString["error_reason"]
?? httpRequest.QueryString["error_description"]
?? "Unknown").UrlEncode())));
}
string code = httpRequest.QueryString["code"];
bool isPreAuthCallback = !code.IsNullOrEmpty();
if (!isPreAuthCallback)
{
string url = PreAuthUrl + "?client_id={0}&scope={1}&redirect_uri={2}&response_type=code&v={3}"
.Fmt(ApplicationId, Scope, CallbackUrl.UrlEncode(), ApiVersion);
authService.SaveSession(session, SessionExpiry);
return(authService.Redirect(url));
}
try
{
code = EnsureLatestCode(code);
string accessTokeUrl = AccessTokenUrl + "?client_id={0}&client_secret={1}&code={2}&redirect_uri={3}"
.Fmt(ApplicationId, SecureKey, code, CallbackUrl.UrlEncode());
string contents = accessTokeUrl.GetStringFromUrl("*/*", RequestFilter);
var authInfo = JsonObject.Parse(contents);
//VK does not throw exception, but returns error property in JSON response
string accessTokenError = authInfo.Get("error") ?? authInfo.Get("error_description");
if (!accessTokenError.IsNullOrEmpty())
{
Log.Error("VK access_token error callback. {0}".Fmt(authInfo.ToString()));
return(authService.Redirect(session.ReferrerUrl.AddHashParam("f", "AccessTokenFailed")));
}
tokens.AccessTokenSecret = authInfo.Get("access_token");
tokens.UserId = authInfo.Get("user_id");
session.IsAuthenticated = true;
return(OnAuthenticated(authService, session, tokens, authInfo.ToDictionary())
?? authService.Redirect(session.ReferrerUrl.AddHashParam("s", "1")));
}
catch (WebException webException)
{
//just in case VK will start throwing exceptions
HttpStatusCode statusCode = ((HttpWebResponse)webException.Response).StatusCode;
if (statusCode == HttpStatusCode.BadRequest)
{
return(authService.Redirect(session.ReferrerUrl.AddHashParam("f", "AccessTokenFailed")));
}
}
return(authService.Redirect(session.ReferrerUrl.AddHashParam("f", "Unknown")));
}
public override object Authenticate(IServiceBase authService, IAuthSession session, Authenticate request)
{
var tokens = Init(authService, ref session, request);
var httpRequest = authService.Request;
//https://developer.github.com/v3/oauth/#common-errors-for-the-authorization-request
var error = httpRequest.QueryString["error"]
?? httpRequest.QueryString["error_uri"]
?? httpRequest.QueryString["error_description"];
var hasError = !error.IsNullOrEmpty();
if (hasError)
{
Log.Error("GitHub error callback. {0}".Fmt(httpRequest.QueryString));
return(authService.Redirect(session.ReferrerUrl));
}
var code = httpRequest.QueryString["code"];
var isPreAuthCallback = !code.IsNullOrEmpty();
if (!isPreAuthCallback)
{
string url = PreAuthUrl + "?client_id={0}&redirect_uri={1}&scope={2}&state={3}"
.Fmt(ClientId, CallbackUrl.UrlEncode(), Scopes.Join(","), Guid.NewGuid().ToString("N"));
authService.SaveSession(session, SessionExpiry);
return(authService.Redirect(url));
}
string accessTokenUrl = AccessTokenUrl + "?client_id={0}&redirect_uri={1}&client_secret={2}&code={3}"
.Fmt(ClientId, CallbackUrl.UrlEncode(), ClientSecret, code);
try
{
var contents = accessTokenUrl.GetStringFromUrl();
var authInfo = HttpUtility.ParseQueryString(contents);
//GitHub does not throw exception, but just return error with descriptions
//https://developer.github.com/v3/oauth/#common-errors-for-the-access-token-request
var accessTokenError = authInfo["error"]
?? authInfo["error_uri"]
?? authInfo["error_description"];
if (!accessTokenError.IsNullOrEmpty())
{
Log.Error("GitHub access_token error callback. {0}".Fmt(authInfo.ToString()));
return(authService.Redirect(session.ReferrerUrl.AddHashParam("f", "AccessTokenFailed")));
}
tokens.AccessTokenSecret = authInfo["access_token"];
session.IsAuthenticated = true;
return(OnAuthenticated(authService, session, tokens, authInfo.ToDictionary())
?? authService.Redirect(session.ReferrerUrl.AddHashParam("s", "1"))); //Haz Access!
}
catch (WebException webException)
{
//just in case GitHub will start throwing exceptions
var statusCode = ((HttpWebResponse)webException.Response).StatusCode;
if (statusCode == HttpStatusCode.BadRequest)
{
return(authService.Redirect(session.ReferrerUrl.AddHashParam("f", "AccessTokenFailed")));
}
}
return(authService.Redirect(session.ReferrerUrl.AddHashParam("f", "Unknown")));
}
public override object Authenticate(IServiceBase authService, IAuthSession session, Authenticate request)
{
IAuthTokens tokens = Init(authService, ref session, request);
IRequest httpRequest = authService.Request;
string error = httpRequest.QueryString["error"];
bool hasError = !error.IsNullOrEmpty();
if (hasError)
{
Logger.Error($"Odnoklassniki error callback. {httpRequest.QueryString}");
return(authService.Redirect(FailedRedirectUrlFilter(this, session.ReferrerUrl.SetParam("f", error))));
}
string code = httpRequest.QueryString["code"];
bool isPreAuthCallback = !code.IsNullOrEmpty();
if (!isPreAuthCallback)
{
string preAuthUrl = $"{PreAuthUrl}?client_id={ApplicationId}&redirect_uri={CallbackUrl.UrlEncode()}&response_type=code&layout=m";
this.SaveSession(authService, session, SessionExpiry);
return(authService.Redirect(PreAuthUrlFilter(this, preAuthUrl)));
}
try
{
string payload = $"client_id={ApplicationId}&client_secret={SecretKey}&code={code}&redirect_uri={CallbackUrl.UrlEncode()}&grant_type=authorization_code";
string contents = AccessTokenUrlFilter(this, AccessTokenUrl).PostToUrl(payload, "*/*", RequestFilter);
var authInfo = JsonObject.Parse(contents);
//ok.ru does not throw exception, but returns error property in JSON response
string accessTokenError = authInfo.Get("error");
if (!accessTokenError.IsNullOrEmpty())
{
Logger.Error($"Odnoklassniki access_token error callback. {authInfo}");
return(authService.Redirect(session.ReferrerUrl.SetParam("f", "AccessTokenFailed")));
}
tokens.AccessTokenSecret = authInfo.Get("access_token");
tokens.UserId = authInfo.Get("user_id");
session.IsAuthenticated = true;
return(OnAuthenticated(authService, session, tokens, authInfo.ToDictionary())
?? authService.Redirect(SuccessRedirectUrlFilter(this, session.ReferrerUrl.SetParam("s", "1"))));
}
catch (WebException webException)
{
//just in case it starts throwing exceptions
HttpStatusCode statusCode = ((HttpWebResponse)webException.Response).StatusCode;
if (statusCode == HttpStatusCode.BadRequest)
{
return(authService.Redirect(FailedRedirectUrlFilter(this, session.ReferrerUrl.SetParam("f", "AccessTokenFailed"))));
}
}
return(authService.Redirect(FailedRedirectUrlFilter(this, session.ReferrerUrl.SetParam("f", "Unknown"))));
}
public override object Authenticate(IServiceBase authService, IAuthSession session, Authenticate request)
{
IAuthTokens tokens = Init(authService, ref session, request);
IRequest httpRequest = authService.Request;
string error = httpRequest.QueryString["error"]
?? httpRequest.QueryString["error_uri"]
?? httpRequest.QueryString["error_description"];
bool hasError = !error.IsNullOrEmpty();
if (hasError)
{
Log.Error("Yandex error callback. {0}".Fmt(httpRequest.QueryString));
return(authService.Redirect(FailedRedirectUrlFilter(this, session.ReferrerUrl.AddParam("f", error))));
}
string code = httpRequest.QueryString["code"];
bool isPreAuthCallback = !code.IsNullOrEmpty();
if (!isPreAuthCallback)
{
string preAuthUrl = PreAuthUrl + "?response_type=code&client_id={0}&redirect_uri={1}&display=popup&state={2}".Fmt(ApplicationId, CallbackUrl.UrlEncode(), Guid.NewGuid().ToString("N"));
authService.SaveSession(session, SessionExpiry);
return(authService.Redirect(PreAuthUrlFilter(this, preAuthUrl)));
}
try
{
string payload = "grant_type=authorization_code&code={0}&client_id={1}&client_secret={2}".Fmt(code, ApplicationId, ApplicationPassword);
string contents = AccessTokenUrl.PostStringToUrl(payload);
var authInfo = JsonObject.Parse(contents);
//Yandex does not throw exception, but returns error property in JSON response
// http://api.yandex.ru/oauth/doc/dg/reference/obtain-access-token.xml
string accessTokenError = authInfo.Get("error");
if (!accessTokenError.IsNullOrEmpty())
{
Log.Error("Yandex access_token error callback. {0}".Fmt(authInfo.ToString()));
return(authService.Redirect(session.ReferrerUrl.AddParam("f", "AccessTokenFailed")));
}
tokens.AccessTokenSecret = authInfo.Get("access_token");
session.IsAuthenticated = true;
return(OnAuthenticated(authService, session, tokens, authInfo.ToDictionary())
?? authService.Redirect(SuccessRedirectUrlFilter(this, session.ReferrerUrl.AddParam("s", "1"))));
}
catch (WebException webException)
{
//just in case Yandex will start throwing exceptions
HttpStatusCode statusCode = ((HttpWebResponse)webException.Response).StatusCode;
if (statusCode == HttpStatusCode.BadRequest)
{
return(authService.Redirect(FailedRedirectUrlFilter(this, session.ReferrerUrl.AddParam("f", "AccessTokenFailed"))));
}
}
return(authService.Redirect(FailedRedirectUrlFilter(this, session.ReferrerUrl.AddParam("f", "Unknown"))));
}
private object RequestCode(IServiceBase authService, Authenticate request, IAuthSession session,
AuthUserSession userSession, IAuthTokens tokens)
{
var appDirectory = GetDirectoryNameFromUsername(request.UserName);
session.UserName = request.UserName;
var appRegistry = authService.TryResolve <IApplicationRegistryService>();
if (appRegistry == null)
{
throw new InvalidOperationException(
$"No {nameof(IApplicationRegistryService)} found registered in AppHost.");
}
var registration = appRegistry.GetApplicationByDirectoryName(appDirectory);
if (registration == null)
{
throw new UnauthorizedAccessException($"Authorization for directory @{appDirectory} failed.");
}
var state = Guid.NewGuid().ToString("N");
tokens.Items.Add("ClientId", registration.ClientId);
userSession.State = state;
var reqUrl =
$"{MsGraph.AuthorizationUrl}?client_id={registration.ClientId}&response_type=code&redirect_uri={CallbackUrl.UrlEncode()}&scope={BuildScopesFragment()}&state={state}";
authService.SaveSession(session, SessionExpiry);
return(authService.Redirect(PreAuthUrlFilter(this, reqUrl)));
}
public override object Authenticate(IServiceBase authService, IAuthSession session, Authenticate request)
{
var tokens = Init(authService, ref session, request);
var httpRequest = authService.Request;
//https://developer.github.com/v3/oauth/#common-errors-for-the-authorization-request
var error = httpRequest.QueryString["error"]
?? httpRequest.QueryString["error_uri"]
?? httpRequest.QueryString["error_description"];
var hasError = !error.IsNullOrEmpty();
if (hasError)
{
Log.Error($"GitHub error callback. {httpRequest.QueryString}");
return(authService.Redirect(FailedRedirectUrlFilter(this, session.ReferrerUrl.SetParam("f", error))));
}
var code = httpRequest.QueryString["code"];
var isPreAuthCallback = !code.IsNullOrEmpty();
if (!isPreAuthCallback)
{
string preAuthUrl = $"{PreAuthUrl}?client_id={ClientId}&redirect_uri={CallbackUrl.UrlEncode()}&scope={Scopes.Join(",")}&state={Guid.NewGuid().ToString("N")}";
this.SaveSession(authService, session, SessionExpiry);
return(authService.Redirect(PreAuthUrlFilter(this, preAuthUrl)));
}
string accessTokenUrl = $"{AccessTokenUrl}?client_id={ClientId}&redirect_uri={CallbackUrl.UrlEncode()}&client_secret={ClientSecret}&code={code}";
try
{
var contents = AccessTokenUrlFilter(this, accessTokenUrl).GetStringFromUrl();
var authInfo = PclExportClient.Instance.ParseQueryString(contents);
//GitHub does not throw exception, but just return error with descriptions
//https://developer.github.com/v3/oauth/#common-errors-for-the-access-token-request
var accessTokenError = authInfo["error"]
?? authInfo["error_uri"]
?? authInfo["error_description"];
if (!accessTokenError.IsNullOrEmpty())
{
Log.Error($"GitHub access_token error callback. {authInfo}");
return(authService.Redirect(FailedRedirectUrlFilter(this, session.ReferrerUrl.SetParam("f", "AccessTokenFailed"))));
}
tokens.AccessTokenSecret = authInfo["access_token"];
session.IsAuthenticated = true;
return(OnAuthenticated(authService, session, tokens, authInfo.ToDictionary())
?? authService.Redirect(SuccessRedirectUrlFilter(this, session.ReferrerUrl.SetParam("s", "1")))); //Haz Access!
}
catch (WebException webException)
{
//just in case GitHub will start throwing exceptions
var statusCode = ((HttpWebResponse)webException.Response).StatusCode;
if (statusCode == HttpStatusCode.BadRequest)
{
return(authService.Redirect(FailedRedirectUrlFilter(this, session.ReferrerUrl.SetParam("f", "AccessTokenFailed"))));
}
}
return(authService.Redirect(FailedRedirectUrlFilter(this, session.ReferrerUrl.SetParam("f", "Unknown"))));
}
public override async Task <object> AuthenticateAsync(IServiceBase authService, IAuthSession session, Authenticate request, CancellationToken token = default)
{
var tokens = Init(authService, ref session, request);
var ctx = CreateAuthContext(authService, session, tokens);
//Transferring AccessToken/Secret from Mobile/Desktop App to Server
if (request?.AccessToken != null)
{
//https://developer.github.com/v3/oauth_authorizations/#check-an-authorization
var url = VerifyAccessTokenUrl.Fmt(ClientId, request.AccessToken);
var json = await url.GetJsonFromUrlAsync(requestFilter : req =>
req.With(c => {
c.UserAgent = ServiceClientBase.DefaultUserAgent;
c.SetAuthBasic(ClientId, ClientSecret);
}), token : token).ConfigAwait();
var isHtml = authService.Request.IsHtml();
var failedResult = await AuthenticateWithAccessTokenAsync(authService, session, tokens, request.AccessToken, token).ConfigAwait();
if (failedResult != null)
{
return(ConvertToClientError(failedResult, isHtml));
}
return(isHtml
? await authService.Redirect(SuccessRedirectUrlFilter(ctx, session.ReferrerUrl.SetParam("s", "1"))).SuccessAuthResultAsync(authService, session).ConfigAwait()
: null); //return default AuthenticateResponse
}
var httpRequest = authService.Request;
//https://developer.github.com/v3/oauth/#common-errors-for-the-authorization-request
var error = httpRequest.QueryString["error"]
?? httpRequest.QueryString["error_uri"]
?? httpRequest.QueryString["error_description"];
var hasError = !error.IsNullOrEmpty();
if (hasError)
{
Log.Error($"GitHub error callback. {httpRequest.QueryString}");
return(authService.Redirect(FailedRedirectUrlFilter(ctx, session.ReferrerUrl.SetParam("f", error))));
}
var code = httpRequest.QueryString["code"];
var isPreAuthCallback = !code.IsNullOrEmpty();
if (!isPreAuthCallback)
{
var scopes = Scopes.Join("%20");
string preAuthUrl = $"{PreAuthUrl}?client_id={ClientId}&redirect_uri={CallbackUrl.UrlEncode()}&scope={scopes}&{Keywords.State}={session.Id}";
await this.SaveSessionAsync(authService, session, SessionExpiry, token).ConfigAwait();
return(authService.Redirect(PreAuthUrlFilter(ctx, preAuthUrl)));
}
try
{
string accessTokenUrl = $"{AccessTokenUrl}?client_id={ClientId}&redirect_uri={CallbackUrl.UrlEncode()}&client_secret={ClientSecret}&code={code}";
var contents = await AccessTokenUrlFilter(ctx, accessTokenUrl).GetStringFromUrlAsync().ConfigAwait();
var authInfo = PclExportClient.Instance.ParseQueryString(contents);
//GitHub does not throw exception, but just return error with descriptions
//https://developer.github.com/v3/oauth/#common-errors-for-the-access-token-request
var accessTokenError = authInfo["error"]
?? authInfo["error_uri"]
?? authInfo["error_description"];
if (!accessTokenError.IsNullOrEmpty())
{
Log.Error($"GitHub access_token error callback. {authInfo}");
return(authService.Redirect(FailedRedirectUrlFilter(ctx, session.ReferrerUrl.SetParam("f", "AccessTokenFailed"))));
}
var accessToken = authInfo["access_token"];
//Haz Access!
return(await AuthenticateWithAccessTokenAsync(authService, session, tokens, accessToken, token).ConfigAwait()
?? await authService.Redirect(SuccessRedirectUrlFilter(ctx, session.ReferrerUrl.SetParam("s", "1"))).SuccessAuthResultAsync(authService, session).ConfigAwait());
}
catch (WebException webException)
{
var errorBody = webException.GetResponseBodyAsync(token);
Log.Error("GitHub AccessToken Failed:\n" + errorBody);
//just in case GitHub will start throwing exceptions
var statusCode = ((HttpWebResponse)webException.Response).StatusCode;
if (statusCode == HttpStatusCode.BadRequest)
{
return(authService.Redirect(FailedRedirectUrlFilter(ctx, session.ReferrerUrl.SetParam("f", "AccessTokenFailed"))));
}
}
return(authService.Redirect(FailedRedirectUrlFilter(ctx, session.ReferrerUrl.SetParam("f", "Unknown"))));
}
public override async Task <object> AuthenticateAsync(IServiceBase authService, IAuthSession session, Authenticate request, CancellationToken token = default)
{
IAuthTokens tokens = Init(authService, ref session, request);
var ctx = CreateAuthContext(authService, session, tokens);
IRequest httpRequest = authService.Request;
string error = httpRequest.QueryString["error"];
bool hasError = !error.IsNullOrEmpty();
if (hasError)
{
Log.Error($"Odnoklassniki error callback. {httpRequest.QueryString}");
return(authService.Redirect(FailedRedirectUrlFilter(ctx, session.ReferrerUrl.SetParam("f", error))));
}
string code = httpRequest.QueryString["code"];
bool isPreAuthCallback = !code.IsNullOrEmpty();
if (!isPreAuthCallback)
{
string preAuthUrl = $"{PreAuthUrl}?client_id={ApplicationId}&redirect_uri={CallbackUrl.UrlEncode()}&response_type=code&layout=m";
await this.SaveSessionAsync(authService, session, SessionExpiry, token).ConfigAwait();
return(authService.Redirect(PreAuthUrlFilter(ctx, preAuthUrl)));
}
try
{
string payload = $"client_id={ApplicationId}&client_secret={SecretKey}&code={code}&redirect_uri={CallbackUrl.UrlEncode()}&grant_type=authorization_code";
string contents = await AccessTokenUrlFilter(ctx, AccessTokenUrl)
.PostToUrlAsync(formData: payload, requestFilter: req =>
req.With(c => {
c.UserAgent = ServiceClientBase.DefaultUserAgent;
c.Accept = "*/*";
}),
token: token).ConfigAwait();
var authInfo = JsonObject.Parse(contents);
//ok.ru does not throw exception, but returns error property in JSON response
string accessTokenError = authInfo.Get("error");
if (!accessTokenError.IsNullOrEmpty())
{
Log.Error($"Odnoklassniki access_token error callback. {authInfo}");
return(authService.Redirect(session.ReferrerUrl.SetParam("f", "AccessTokenFailed")));
}
tokens.AccessTokenSecret = authInfo.Get("access_token");
tokens.UserId = authInfo.Get("user_id");
session.IsAuthenticated = true;
return(await OnAuthenticatedAsync(authService, session, tokens, authInfo.ToDictionary(), token).ConfigAwait()
?? await authService.Redirect(SuccessRedirectUrlFilter(ctx, session.ReferrerUrl.SetParam("s", "1"))).SuccessAuthResultAsync(authService, session).ConfigAwait());
}
catch (Exception ex)
{
//just in case it starts throwing exceptions
var statusCode = ex.GetStatus();
if (statusCode == HttpStatusCode.BadRequest)
{
return(authService.Redirect(FailedRedirectUrlFilter(ctx, session.ReferrerUrl.SetParam("f", "AccessTokenFailed"))));
}
}
return(authService.Redirect(FailedRedirectUrlFilter(ctx, session.ReferrerUrl.SetParam("f", "Unknown"))));
}
public override async Task <object> AuthenticateAsync(IServiceBase authService, IAuthSession session, Authenticate request, CancellationToken token = default)
{
IAuthTokens tokens = Init(authService, ref session, request);
var ctx = CreateAuthContext(authService, session, tokens);
IRequest httpRequest = authService.Request;
string error = httpRequest.QueryString["error"]
?? httpRequest.QueryString["error_uri"]
?? httpRequest.QueryString["error_description"];
bool hasError = !error.IsNullOrEmpty();
if (hasError)
{
Log.Error($"Yandex error callback. {httpRequest.QueryString}");
return(authService.Redirect(FailedRedirectUrlFilter(ctx, session.ReferrerUrl.SetParam("f", error))));
}
string code = httpRequest.QueryString["code"];
bool isPreAuthCallback = !code.IsNullOrEmpty();
if (!isPreAuthCallback)
{
string preAuthUrl = $"{PreAuthUrl}?response_type=code&client_id={ApplicationId}&redirect_uri={CallbackUrl.UrlEncode()}&display=popup&state={Guid.NewGuid().ToString("N")}";
await this.SaveSessionAsync(authService, session, SessionExpiry, token).ConfigAwait();
return(authService.Redirect(PreAuthUrlFilter(ctx, preAuthUrl)));
}
try
{
string payload = $"grant_type=authorization_code&code={code}&client_id={ApplicationId}&client_secret={ApplicationPassword}";
string contents = await AccessTokenUrl.PostStringToUrlAsync(payload).ConfigAwait();
var authInfo = JsonObject.Parse(contents);
//Yandex does not throw exception, but returns error property in JSON response
// http://api.yandex.ru/oauth/doc/dg/reference/obtain-access-token.xml
string accessTokenError = authInfo.Get("error");
if (!accessTokenError.IsNullOrEmpty())
{
Log.Error($"Yandex access_token error callback. {authInfo}");
return(authService.Redirect(session.ReferrerUrl.SetParam("f", "AccessTokenFailed")));
}
tokens.AccessTokenSecret = authInfo.Get("access_token");
session.IsAuthenticated = true;
return(await OnAuthenticatedAsync(authService, session, tokens, authInfo.ToDictionary(), token).ConfigAwait()
?? await authService.Redirect(SuccessRedirectUrlFilter(ctx, session.ReferrerUrl.SetParam("s", "1"))).SuccessAuthResultAsync(authService, session).ConfigAwait());
}
catch (WebException webException)
{
//just in case Yandex will start throwing exceptions
var statusCode = ((HttpWebResponse)webException.Response).StatusCode;
if (statusCode == HttpStatusCode.BadRequest)
{
return(authService.Redirect(FailedRedirectUrlFilter(ctx, session.ReferrerUrl.SetParam("f", "AccessTokenFailed"))));
}
}
return(authService.Redirect(FailedRedirectUrlFilter(ctx, session.ReferrerUrl.SetParam("f", "Unknown"))));
}
public override async Task <object> AuthenticateAsync(IServiceBase authService, IAuthSession session, Authenticate request, CancellationToken token = default)
{
IAuthTokens tokens = Init(authService, ref session, request);
var ctx = CreateAuthContext(authService, session, tokens);
IRequest httpRequest = authService.Request;
if (request?.AccessToken != null && request?.AccessTokenSecret != null)
{
var authInfo = await GetUserInfoAsync(request.AccessToken, request.AccessTokenSecret).ConfigAwait();
if (authInfo == null || !(authInfo.Get("error") ?? authInfo.Get("error_description")).IsNullOrEmpty())
{
Log.Error($"VK access_token error callback. {authInfo}");
return(HttpError.Unauthorized("AccessToken is not for App: " + ApplicationId));
}
tokens.AccessToken = request.AccessToken;
tokens.AccessTokenSecret = request.AccessTokenSecret;
var isHtml = authService.Request.IsHtml();
var failedResult = await AuthenticateWithAccessTokenAsync(authService, session, tokens, request.AccessToken).ConfigAwait();
if (failedResult != null)
{
return(ConvertToClientError(failedResult, isHtml));
}
return(isHtml
? await authService.Redirect(SuccessRedirectUrlFilter(ctx, session.ReferrerUrl.SetParam("s", "1"))).SuccessAuthResultAsync(authService, session).ConfigAwait()
: null); //return default AuthenticateResponse
}
string error = httpRequest.QueryString["error_reason"]
?? httpRequest.QueryString["error_description"]
?? httpRequest.QueryString["error"];
bool hasError = !error.IsNullOrEmpty();
if (hasError)
{
Log.Error($"VK error callback. {httpRequest.QueryString}");
return(authService.Redirect(FailedRedirectUrlFilter(ctx, session.ReferrerUrl.SetParam("f", error))));
}
string code = httpRequest.QueryString["code"];
bool isPreAuthCallback = !code.IsNullOrEmpty();
if (!isPreAuthCallback)
{
string preAuthUrl = $"{PreAuthUrl}?client_id={ApplicationId}&scope={Scope}&redirect_uri={CallbackUrl.UrlEncode()}&response_type=code&v={ApiVersion}";
await this.SaveSessionAsync(authService, session, SessionExpiry, token).ConfigAwait();
return(authService.Redirect(PreAuthUrlFilter(ctx, preAuthUrl)));
}
try {
code = EnsureLatestCode(code);
string accessTokeUrl = $"{AccessTokenUrl}?client_id={ApplicationId}&client_secret={SecureKey}&code={code}&redirect_uri={CallbackUrl.UrlEncode()}";
string contents = await AccessTokenUrlFilter(ctx, accessTokeUrl)
.GetStringFromUrlAsync(requestFilter: req => req.With(c => c.UserAgent = ServiceClientBase.DefaultUserAgent), token: token).ConfigAwait();
var authInfo = JsonObject.Parse(contents);
//VK does not throw exception, but returns error property in JSON response
string accessTokenError = authInfo.Get("error") ?? authInfo.Get("error_description");
if (!accessTokenError.IsNullOrEmpty())
{
Log.Error($"VK access_token error callback. {authInfo}");
return(authService.Redirect(session.ReferrerUrl.SetParam("f", "AccessTokenFailed")));
}
tokens.AccessTokenSecret = authInfo.Get("access_token");
tokens.UserId = authInfo.Get("user_id");
session.IsAuthenticated = true;
//Haz Access
return(await OnAuthenticatedAsync(authService, session, tokens, authInfo.ToDictionary(), token).ConfigAwait()
?? await authService.Redirect(SuccessRedirectUrlFilter(ctx, session.ReferrerUrl.SetParam("s", "1"))).SuccessAuthResultAsync(authService, session).ConfigAwait());
}
catch (Exception ex)
{
//just in case VK will start throwing exceptions
var statusCode = ex.GetStatus();
if (statusCode == HttpStatusCode.BadRequest)
{
return(authService.Redirect(FailedRedirectUrlFilter(ctx, session.ReferrerUrl.SetParam("f", "AccessTokenFailed"))));
}
}
return(authService.Redirect(FailedRedirectUrlFilter(ctx, session.ReferrerUrl.SetParam("f", "Unknown"))));
}
