コード例 #1
0
        protected void Page_Load(object sender, EventArgs e)
        {
            #region Twitter
            //Twitter oAuth Start
            if (Request["twitterauth"] != null && Request["twitterauth"] == "true")
            {
                oAuthTwitter oAuth = new oAuthTwitter();
                oAuth.CallBackUrl = Request.Url.AbsoluteUri.Replace("twitterauth=true", "twitterauth=false");
                //Redirect the user to Twitter for authorization.
                Response.Redirect(oAuth.AuthorizationLinkGet());
            }
            //Twitter Return
            if (Request["twitterauth"] != null && Request["twitterauth"] == "false")
            {
                oAuthTwitter oAuth = new oAuthTwitter();
                //Get the access token and secret.
                oAuth.AccessTokenGet(Request["oauth_token"], Request["oauth_verifier"]);
                if (oAuth.TokenSecret.Length > 0)
                {
                    //STORE THESE TOKENS FOR LATER CALLS
                    //Subsequent calls can be made without the Twitter login screen.
                    //Move this code outside of this auth process if you already have the tokens.
                    //
                    //Example:
                    //oAuthTwitter oAuth = new oAuthTwitter();
                    //oAuth.Token = Session["token"];
                    //oAuth.TokenSecret = Session["token_secret"];
                    //Then make the following Twitter call.

                    //SAMPLE TWITTER API CALL
                    string      url  = "https://api.twitter.com/1.1/account/verify_credentials.json";
                    TwitterUser user = Json.Deserialise <TwitterUser>(oAuth.oAuthWebRequest(oAuthTwitter.Method.GET, url, String.Empty));

                    if (user.id.Length > 0)
                    {
                        UserData userData = new UserData();
                        userData.id          = user.id;
                        userData.username    = user.screen_name;
                        userData.name        = user.name;
                        userData.serviceType = "twitter";
                        userData.imageUrl    = user.profile_image_url;
                        AuthSuccess(userData);
                    }

                    //POST Test
                    //url = "https://api.twitter.com/1.1/statuses/update.json";
                    //xml = oAuth.oAuthWebRequest(oAuthTwitter.Method.POST, url, "status=" + oAuth.UrlEncode("Hello @swhitley - Testing the .NET oAuth API"));
                    Response.Clear();
                    Response.Write("<script>window.opener.location.reload();window.close();</script>");
                }
            }
            #endregion

            #region Google
            //Google oAuth Start
            if (Request["googleauth"] != null && Request["googleauth"] == "true")
            {
                string returl = Request.Url.AbsoluteUri.Replace("googleauth=true", "googleauth=false");
                string url    = "https://accounts.google.com/o/oauth2/auth?client_id=" + System.Web.HttpUtility.UrlEncode(ConfigurationManager.AppSettings["google_clientid"].ToString()) + "&redirect_uri=" + System.Web.HttpUtility.UrlEncode(returl)
                                + "&scope=" + HttpUtility.UrlEncode("https://www.googleapis.com/auth/userinfo#email") + "&response_type=code";
                Response.Redirect(url);
            }
            //Google Return
            if (Request["googleauth"] != null && Request["googleauth"] == "false")
            {
                string       code   = Request["code"];
                string       returl = Request.Url.AbsoluteUri.Substring(0, Request.Url.AbsoluteUri.IndexOf("&code="));
                GoogleTokens tokens = GoogleAuth.GoogleTokensGet(code, null, returl);

                //STORE THESE TOKENS FOR LATER CALLS
                //tokens.access_token - tokens.refresh_token

                //SAMPLE GOOGLE API CALL
                //Set the access token in the header.  It expires, so prepare to use the refresh token to get a new access token (not shown).
                List <KeyValuePair <string, string> > headers = new List <KeyValuePair <string, string> >()
                {
                    new KeyValuePair <string, string>("Authorization", "OAuth " + tokens.access_token)
                };
                string     url  = "https://www.googleapis.com/userinfo/email?alt=json";
                GoogleData user = Json.Deserialise <GoogleData>(AuthUtilities.WebRequest(AuthUtilities.Method.GET, url, "", headers));

                if (user.data != null && user.data.email.Length > 0)
                {
                    UserData userData = new UserData();
                    userData.username    = user.data.email;
                    userData.serviceType = "google";
                    AuthSuccess(userData);
                }

                Response.Clear();
                Response.Write("<script>window.opener.location.reload();window.close();</script>");
            }
            #endregion

            #region Facebook
            //Facebook Return
            if (Request.Params["fbsr_" + ConfigurationManager.AppSettings["facebook_appid"].ToString()] != null && Request["facebookauth"] == "false")
            {
                string signed_request = Request["fbsr_" + ConfigurationManager.AppSettings["facebook_appid"]].ToString().Replace("\"", "");

                //Parse the signed_request;
                FacebookAuthRequest req = FacebookAuth.ParseSignedRequest(signed_request, ConfigurationManager.AppSettings["facebook_appsecret"]);

                //Get the Access Token
                string url = "https://graph.facebook.com/oauth/access_token?client_id=" + Server.UrlEncode(ConfigurationManager.AppSettings["facebook_appid"].ToString()) + "&redirect_uri=&client_secret=" + Server.UrlEncode(ConfigurationManager.AppSettings["facebook_appsecret"].ToString()) + "&code=" + Server.UrlEncode(req.code);
                NameValueCollection ret = HttpUtility.ParseQueryString(AuthUtilities.WebRequest(AuthUtilities.Method.GET, url, ""));

                string access_token = "";
                foreach (string key in ret.Keys)
                {
                    if (key == "access_token")
                    {
                        access_token = ret[key].ToString();
                    }
                }

                //STORE THIS TOKEN FOR LATER CALLS
                //access_token

                //SAMPLE FACEBOOK API CALL
                url = "https://graph.facebook.com/me?access_token=%%access_token%%";
                url = url.Replace("%%access_token%%", access_token);
                FacebookMe fb_me = Json.Deserialise <FacebookMe>(AuthUtilities.WebRequest(AuthUtilities.Method.GET, url, ""));

                //Validation -- uid and accesstoken reference same id.
                if (req.user_id == fb_me.id)
                {
                    if (fb_me.username.Length == 0)
                    {
                        fb_me.username = fb_me.name;
                    }
                    UserData userData = new UserData();
                    userData.id          = fb_me.id;
                    userData.username    = fb_me.username;
                    userData.serviceType = "facebook";
                    userData.name        = fb_me.name;

                    AuthSuccess(userData);
                }
                Response.Clear();
                Response.Write("<script>location.href = '../';</script>");
            }
            if (Request["facebookauth"] == "false" && !User.Identity.IsAuthenticated)
            {
                Response.Clear();
                Response.Write("<script>location.href = '../';</script>");
            }
            #endregion

            #region LinkedIn
            //LinkedIn Return
            if (Request.Cookies["linkedin_oauth_" + ConfigurationManager.AppSettings["linkedin_consumer_key"].ToString()] != null)
            {
                //Cookie Json object
                LinkedIn_oAuth_Cookie cookie = Json.Deserialise <LinkedIn_oAuth_Cookie>(Server.UrlDecode(Request.Cookies["linkedin_oauth_" + ConfigurationManager.AppSettings["linkedin_consumer_key"].ToString()].Value));

                //Verify the signature
                oAuthLinkedIn oAuthLi = new oAuthLinkedIn();
                string        sigBase = cookie.access_token + cookie.member_id;

                HMACSHA1 hmacsha1 = new HMACSHA1();
                hmacsha1.Key = Encoding.ASCII.GetBytes(string.Format("{0}", oAuthLi.UrlEncode(ConfigurationManager.AppSettings["linkedin_consumer_secret"])));

                string sig = oAuthLi.GenerateSignatureUsingHash(sigBase, hmacsha1);

                //Retrieve the access token.
                if (sig == cookie.signature)
                {
                    string   response     = oAuthLi.oAuthWebRequest(oAuthLinkedIn.Method.POST, oAuthLi.ACCESS_TOKEN + "?xoauth_oauth2_access_token=" + oAuthLi.UrlEncode(cookie.access_token), "");
                    string[] tokens       = response.Split('&');
                    string   token        = tokens[0].Split('=')[1];
                    string   token_secret = tokens[1].Split('=')[1];

                    //STORE THESE TOKENS FOR LATER CALLS
                    oAuthLi.Token       = token;
                    oAuthLi.TokenSecret = token_secret;

                    //SAMPLE LINKEDIN API CALL
                    string url = "http://api.linkedin.com/v1/people/id=%%id%%:("
                                 + "id"
                                 + ",first-name"
                                 + ",last-name"
                                 + ")";
                    url = url.Replace("%%id%%", cookie.member_id);
                    string xml = oAuthLi.oAuthWebRequest(oAuthLinkedIn.Method.GET, url, "");

                    XmlDocument xmlDoc = new XmlDocument();
                    xmlDoc.LoadXml(xml);
                    string id   = "";
                    string name = "";
                    foreach (XmlElement person in xmlDoc.GetElementsByTagName("person"))
                    {
                        if (person["id"] != null)
                        {
                            id = person["id"].InnerText;
                        }
                        if (person["first-name"] != null)
                        {
                            name = person["first-name"].InnerText;
                        }
                        if (person["last-name"] != null)
                        {
                            if (name.Length > 0)
                            {
                                name += " ";
                            }
                            name += person["last-name"].InnerText;
                        }
                    }

                    if (id.Length > 0)
                    {
                        UserData userData = new UserData();
                        userData.id          = id;
                        userData.username    = name;
                        userData.name        = name;
                        userData.serviceType = "linkedin";
                        AuthSuccess(userData);
                    }

                    Response.Clear();
                    Response.Write(Request["callback"].ToString() + "()");
                }
            }
            #endregion

            #region Auth.Net
            //App.net oAuth Start
            if (Request["appdotnetauth"] != null && Request["appdotnetauth"] == "true")
            {
                //TODO: Customize this list for your needs.
                string scope = (
                    AppDotNetAuth.Scope.stream
                    | AppDotNetAuth.Scope.follow
                    | AppDotNetAuth.Scope.write_post
                    | AppDotNetAuth.Scope.messages
                    | AppDotNetAuth.Scope.export
                    ).ToString().Replace(",", "");

                //Redirect the user to App.net for authorization.
                Response.Redirect(AppDotNetAuth.AuthorizationLinkGet(scope, Request.Url.AbsoluteUri.Replace("appdotnetauth=true", "appdotnetauth=false")));
            }
            //App.net Return
            if (Request["appdotnetauth"] != null && Request["appdotnetauth"] == "false")
            {
                if (Request["code"] != null && Request["state"] != null)
                {
                    AppDotNetAuth oAuth = new AppDotNetAuth();

                    //Get the access token.
                    oAuth.TokenGet(Request["code"].ToString(), Request["state"].ToString());

                    if (oAuth.access_token.Length > 0)
                    {
                        //STORE THE ACCESS TOKEN FOR LATER CALLS
                        //Subsequent calls can be made without the App.net login screen.
                        //Move this code outside of this auth process if you already have the tokens.
                        //
                        //Example:
                        //AppDotNetAuth oAuth = new AppDotNetAuth();
                        //oAuth.access_token = Session["access_token"];
                        //Then make the following App.net call.

                        ////SAMPLE App.net API CALL
                        string url = AppDotNetAuth.USER.Replace("[user_id]", "me");

                        AppDotNetUser user = Json.Deserialise <AppDotNetUserWrapper>(AuthUtilities.WebRequest(AuthUtilities.Method.GET, url, String.Empty, oAuth.AuthHeader())).data;

                        if (user.id.Length > 0)
                        {
                            UserData userData = new UserData();
                            userData.id          = user.id;
                            userData.username    = user.username;
                            userData.name        = user.name;
                            userData.serviceType = "appdotnet";
                            AuthSuccess(userData);
                        }

                        //POST Test
                        //url = AppDotNetAuth.WRITE_POST;
                        //string json = AuthUtilities.WebRequest(AuthUtilities.Method.POST, url, "text=" + HttpUtility.UrlEncode("Hello @swhitley - Testing the .NET oAuth API"), oAuth.AuthHeader());

                        Response.Clear();
                        Response.Write("<script>window.opener.location.reload();window.close();</script>");
                    }
                }
            }
            #endregion



            //TODO: Add Error Handling
        }
コード例 #2
0
ファイル: Auth.aspx.cs プロジェクト: hispafox/AuthPack
        protected void Page_Load(object sender, EventArgs e)
        {
            #region Twitter
            //Twitter oAuth Start
            if (Request["twitterauth"] != null && Request["twitterauth"] == "true")
            {
                oAuthTwitter oAuth = new oAuthTwitter();
                oAuth.CallBackUrl = Request.Url.AbsoluteUri.Replace("twitterauth=true","twitterauth=false");
                //Redirect the user to Twitter for authorization.
                Response.Redirect(oAuth.AuthorizationLinkGet());
            }
            //Twitter Return
            if (Request["twitterauth"] != null && Request["twitterauth"] == "false")
            {
                oAuthTwitter oAuth = new oAuthTwitter();
                //Get the access token and secret.
                oAuth.AccessTokenGet(Request["oauth_token"], Request["oauth_verifier"]);
                if (oAuth.TokenSecret.Length > 0)
                {
                    //STORE THESE TOKENS FOR LATER CALLS
                    //Subsequent calls can be made without the Twitter login screen.
                    //Move this code outside of this auth process if you already have the tokens.
                    //
                    //Example:
                    //oAuthTwitter oAuth = new oAuthTwitter();
                    //oAuth.Token = Session["token"];
                    //oAuth.TokenSecret = Session["token_secret"];
                    //Then make the following Twitter call.

                    //SAMPLE TWITTER API CALL
                    string url = "https://api.twitter.com/1.1/account/verify_credentials.json";
                    TwitterUser user = Json.Deserialise<TwitterUser>(oAuth.oAuthWebRequest(oAuthTwitter.Method.GET, url, String.Empty));

                    if (user.id.Length > 0)
                    {
                        UserData userData = new UserData();
                        userData.id = user.id;
                        userData.username = user.screen_name;
                        userData.name = user.name;
                        userData.serviceType = "twitter";
                        userData.imageUrl = user.profile_image_url;
                        AuthSuccess(userData);
                    }

                    //POST Test
                    //url = "https://api.twitter.com/1.1/statuses/update.json";
                    //xml = oAuth.oAuthWebRequest(oAuthTwitter.Method.POST, url, "status=" + oAuth.UrlEncode("Hello @swhitley - Testing the .NET oAuth API"));
                    Response.Clear();
                    Response.Write("<script>window.opener.location.reload();window.close();</script>");

                }
            }
            #endregion

            #region Google
            //Google oAuth Start
            if (Request["googleauth"] != null && Request["googleauth"] == "true")
            {
                string returl = Request.Url.AbsoluteUri.Replace("googleauth=true","googleauth=false");
                string url = "https://accounts.google.com/o/oauth2/auth?client_id=" + System.Web.HttpUtility.UrlEncode(ConfigurationManager.AppSettings["google_clientid"].ToString()) + "&redirect_uri=" + System.Web.HttpUtility.UrlEncode(returl)
                    + "&scope=" + HttpUtility.UrlEncode("https://www.googleapis.com/auth/userinfo#email") + "&response_type=code";
                Response.Redirect(url);
            }
            //Google Return
            if (Request["googleauth"] != null && Request["googleauth"] == "false")
            {
                string code = Request["code"];
                string returl = Request.Url.AbsoluteUri.Substring(0, Request.Url.AbsoluteUri.IndexOf("&code="));
                GoogleTokens tokens = GoogleAuth.GoogleTokensGet(code, null, returl);

                //STORE THESE TOKENS FOR LATER CALLS
                //tokens.access_token - tokens.refresh_token

                //SAMPLE GOOGLE API CALL
                //Set the access token in the header.  It expires, so prepare to use the refresh token to get a new access token (not shown).
                List<KeyValuePair<string, string>> headers = new List<KeyValuePair<string, string>>() { new KeyValuePair<string, string>("Authorization", "OAuth " + tokens.access_token) };
                string url = "https://www.googleapis.com/userinfo/email?alt=json";
                GoogleData user = Json.Deserialise<GoogleData>(AuthUtilities.WebRequest(AuthUtilities.Method.GET, url,"", headers));

                if (user.data != null && user.data.email.Length > 0)
                {
                    UserData userData = new UserData();
                    userData.username = user.data.email;
                    userData.serviceType = "google";
                    AuthSuccess(userData);
                }

                Response.Clear();
                Response.Write("<script>window.opener.location.reload();window.close();</script>");

            }
            #endregion

            #region Facebook
            //Facebook Return
            if (Request.Params["fbsr_" + ConfigurationManager.AppSettings["facebook_appid"].ToString()] != null && Request["facebookauth"] == "false")
            {
                string signed_request = Request["fbsr_" + ConfigurationManager.AppSettings["facebook_appid"]].ToString().Replace("\"", "");

                //Parse the signed_request;
                FacebookAuthRequest req = FacebookAuth.ParseSignedRequest(signed_request, ConfigurationManager.AppSettings["facebook_appsecret"]);

                //Get the Access Token
                string url = "https://graph.facebook.com/oauth/access_token?client_id=" + Server.UrlEncode(ConfigurationManager.AppSettings["facebook_appid"].ToString()) + "&redirect_uri=&client_secret=" + Server.UrlEncode(ConfigurationManager.AppSettings["facebook_appsecret"].ToString()) + "&code=" + Server.UrlEncode(req.code);
                NameValueCollection ret = HttpUtility.ParseQueryString(AuthUtilities.WebRequest(AuthUtilities.Method.GET, url, ""));

                string access_token = "";
                foreach (string key in ret.Keys)
                {
                    if (key == "access_token")
                    {
                        access_token = ret[key].ToString();
                    }
                }

                //STORE THIS TOKEN FOR LATER CALLS
                //access_token

                //SAMPLE FACEBOOK API CALL
                url = "https://graph.facebook.com/me?access_token=%%access_token%%";
                url = url.Replace("%%access_token%%", access_token);
                FacebookMe fb_me = Json.Deserialise<FacebookMe>(AuthUtilities.WebRequest(AuthUtilities.Method.GET, url, ""));

                //Validation -- uid and accesstoken reference same id.
                if (req.user_id == fb_me.id)
                {
                    if (fb_me.username.Length == 0)
                    {
                        fb_me.username = fb_me.name;
                    }
                    UserData userData = new UserData();
                    userData.id = fb_me.id;
                    userData.username = fb_me.username;
                    userData.serviceType = "facebook";
                    userData.name = fb_me.name;

                    AuthSuccess(userData);
                }
                Response.Clear();
                Response.Write("<script>location.href = '../';</script>");
            }
            if (Request["facebookauth"] == "false" && !User.Identity.IsAuthenticated)
            {
                Response.Clear();
                Response.Write("<script>location.href = '../';</script>");
            }
            #endregion

            #region LinkedIn
            //LinkedIn Return
            if (Request.Cookies["linkedin_oauth_" + ConfigurationManager.AppSettings["linkedin_consumer_key"].ToString()] != null)
            {
                //Cookie Json object
                LinkedIn_oAuth_Cookie cookie = Json.Deserialise<LinkedIn_oAuth_Cookie>(Server.UrlDecode(Request.Cookies["linkedin_oauth_" + ConfigurationManager.AppSettings["linkedin_consumer_key"].ToString()].Value));

                //Verify the signature
                oAuthLinkedIn oAuthLi = new oAuthLinkedIn();
                string sigBase = cookie.access_token+cookie.member_id;

                HMACSHA1 hmacsha1 = new HMACSHA1();
                hmacsha1.Key = Encoding.ASCII.GetBytes(string.Format("{0}", oAuthLi.UrlEncode(ConfigurationManager.AppSettings["linkedin_consumer_secret"])));

                string sig = oAuthLi.GenerateSignatureUsingHash(sigBase, hmacsha1);

                //Retrieve the access token.
                if (sig == cookie.signature)
                {
                    string response = oAuthLi.oAuthWebRequest(oAuthLinkedIn.Method.POST, oAuthLi.ACCESS_TOKEN + "?xoauth_oauth2_access_token=" + oAuthLi.UrlEncode(cookie.access_token), "");
                    string[] tokens = response.Split('&');
                    string token = tokens[0].Split('=')[1];
                    string token_secret = tokens[1].Split('=')[1];

                    //STORE THESE TOKENS FOR LATER CALLS
                    oAuthLi.Token = token;
                    oAuthLi.TokenSecret = token_secret;

                    //SAMPLE LINKEDIN API CALL
                    string url = "http://api.linkedin.com/v1/people/id=%%id%%:("
                    + "id"
                    + ",first-name"
                    + ",last-name"
                    + ")";
                    url = url.Replace("%%id%%", cookie.member_id);
                    string xml = oAuthLi.oAuthWebRequest(oAuthLinkedIn.Method.GET, url, "");

                    XmlDocument xmlDoc = new XmlDocument();
                    xmlDoc.LoadXml(xml);
                    string id = "";
                    string name = "";
                    foreach (XmlElement person in xmlDoc.GetElementsByTagName("person"))
                    {
                        if (person["id"] != null)
                        {
                            id = person["id"].InnerText;
                        }
                        if (person["first-name"] != null)
                        {
                            name = person["first-name"].InnerText;
                        }
                        if (person["last-name"] != null)
                        {
                            if (name.Length > 0)
                            {
                                name += " ";
                            }
                            name += person["last-name"].InnerText;
                        }
                    }

                    if (id.Length > 0)
                    {
                        UserData userData = new UserData();
                        userData.id = id;
                        userData.username = name;
                        userData.name = name;
                        userData.serviceType = "linkedin";
                        AuthSuccess(userData);
                    }

                    Response.Clear();
                    Response.Write(Request["callback"].ToString() + "()");
                }
            }
            #endregion

            #region Auth.Net
            //App.net oAuth Start
            if (Request["appdotnetauth"] != null && Request["appdotnetauth"] == "true")
            {
                //TODO: Customize this list for your needs.
                string scope = (
                      AppDotNetAuth.Scope.stream
                    | AppDotNetAuth.Scope.follow
                    | AppDotNetAuth.Scope.write_post
                    | AppDotNetAuth.Scope.messages
                    | AppDotNetAuth.Scope.export
                    ).ToString().Replace(",","");

                //Redirect the user to App.net for authorization.
                Response.Redirect(AppDotNetAuth.AuthorizationLinkGet(scope,Request.Url.AbsoluteUri.Replace("appdotnetauth=true","appdotnetauth=false")));
            }
            //App.net Return
            if (Request["appdotnetauth"] != null && Request["appdotnetauth"] == "false")
            {
                if (Request["code"] != null && Request["state"] != null)
                {
                    AppDotNetAuth oAuth = new AppDotNetAuth();

                    //Get the access token.
                    oAuth.TokenGet(Request["code"].ToString(), Request["state"].ToString());

                    if (oAuth.access_token.Length > 0)
                    {
                        //STORE THE ACCESS TOKEN FOR LATER CALLS
                        //Subsequent calls can be made without the App.net login screen.
                        //Move this code outside of this auth process if you already have the tokens.
                        //
                        //Example:
                        //AppDotNetAuth oAuth = new AppDotNetAuth();
                        //oAuth.access_token = Session["access_token"];
                        //Then make the following App.net call.

                        ////SAMPLE App.net API CALL
                        string url = AppDotNetAuth.USER.Replace("[user_id]", "me");

                        AppDotNetUser user = Json.Deserialise<AppDotNetUserWrapper>(AuthUtilities.WebRequest(AuthUtilities.Method.GET, url, String.Empty, oAuth.AuthHeader())).data;

                        if (user.id.Length > 0)
                        {
                            UserData userData = new UserData();
                            userData.id = user.id;
                            userData.username = user.username;
                            userData.name = user.name;
                            userData.serviceType = "appdotnet";
                            AuthSuccess(userData);
                        }

                        //POST Test
                        //url = AppDotNetAuth.WRITE_POST;
                        //string json = AuthUtilities.WebRequest(AuthUtilities.Method.POST, url, "text=" + HttpUtility.UrlEncode("Hello @swhitley - Testing the .NET oAuth API"), oAuth.AuthHeader());

                        Response.Clear();
                        Response.Write("<script>window.opener.location.reload();window.close();</script>");

                    }
                }
            }
            #endregion

            //TODO: Add Error Handling
        }