public async Task <IActionResult> RegisterApp(RegisterAppModel model) { if (string.IsNullOrWhiteSpace(model.Name)) { StatusMessage = "Please enter a valid name!"; return(View()); } User user = await _userManager.GetUserAsync(User); OauthApp app = new OauthApp() { Id = Guid.NewGuid().ToString(), Secret = Guid.NewGuid().ToString(), Name = model.Name, Image_Url = model.Image_Url, Owner = user.Id, Uses = 0 }; await _context.OauthApps.AddAsync(app); await _context.SaveChangesAsync(); StatusMessage = "Successfully created Application!"; return(RedirectToAction("ViewApp", new { appid = app.Id })); }
public async Task <IActionResult> Authorize(string response_type, string client_id, string redirect_uri, string scope, string state) { User user = await _userManager.GetUserAsync(User); if (response_type == null || string.IsNullOrWhiteSpace(response_type)) { return(NotFound("Please define the response type.")); } if (response_type.ToLower() == "code") { OauthApp app = await _context.OauthApps.FindAsync(client_id); if (app == null) { return(NotFound("Could not find that client ID!")); } string fscope = ""; foreach (string s in scope.Split(',')) { fscope += $"|{s}"; } AuthorizeModel model = new AuthorizeModel() { ClientID = client_id, Redirect = redirect_uri, UserID = user.Id, ReponseType = response_type, Scope = fscope, State = state }; return(View(model)); } else { return(NotFound($"Response type {response_type} is not yet supported!")); } return(NotFound("Ahhhh")); }
public async Task <IActionResult> ViewSecret(string appid) { OauthApp app = await _context.OauthApps.FindAsync(appid); if (app == null) { return(NotFound("Could not find that app!")); } User user = await _userManager.GetUserAsync(User); if (app.Owner != user.Id) { return(Unauthorized("You do not own this app!")); } return(View((object)app.Secret)); }
public async Task <IActionResult> ResetSecret(string secret) { OauthApp app = await _context.OauthApps.FirstOrDefaultAsync(x => x.Secret == secret); if (app == null) { return(NotFound("There was an error resetting the secret!")); } User user = await _userManager.GetUserAsync(User); if (app.Owner != user.Id) { return(Unauthorized("There was an error resetting the secret!")); } app.Secret = Guid.NewGuid().ToString(); _context.OauthApps.Update(app); await _context.SaveChangesAsync(); return(RedirectToAction("ViewApp", new { appid = app.Id })); }
public async Task <IActionResult> RequestToken(string grant_type, string code, string redirect_uri, string client_id, string client_secret) { if (grant_type.ToLower() == "authorization_code") { AuthorizeModel auth = authModels.FirstOrDefault(x => x.Code == code); if (auth == null) { return(NotFound("Could not find specified code.")); } if (auth.ClientID != client_id) { return(NotFound("Client ID does not match.")); } if (auth.Redirect != redirect_uri) { return(NotFound("Redirect does not match.")); } OauthApp app = await _context.OauthApps.FirstOrDefaultAsync(x => x.Id == client_id); if (app.Secret != client_secret) { return(Unauthorized("Failed authorization. This failure has been logged.")); } app.Uses += 1; _context.OauthApps.Update(app); await _context.SaveChangesAsync(); string hash = ToHex(SHA256.Create().ComputeHash(Guid.NewGuid().ToByteArray()), false); AuthToken token = new AuthToken() { Id = hash, AppId = client_id, UserId = auth.UserID, Scope = auth.Scope, Time = DateTime.UtcNow }; await _context.AuthTokens.AddAsync(token); await _context.SaveChangesAsync(); TokenResponse response = new TokenResponse() { access_token = token.Id, expires_in = 3600, svid = token.UserId }; return(Json(response)); } else { return(NotFound("Grant type not implemented!")); } }