public ActionResult UserInfo()
{
OAuth2Graph graph = new OAuth2Graph()
{
Id = "ALH0001",
FirstName = "John",
LastName = "Smith",
FullName = "John M. Smith",
Profile = "Profile of john smith",
Email="*****@*****.**"
};
//string issuer = SERVER_ADDRESS;
//string audience = "NATURE";
//By decision, the signature will not be included
//byte[] signature = AlhambraJwtTokenManager.GenerateSymmetricKeyForHmacSha256();
//string subject = "ALH0001";
//DateTime issuedAt = DateTime.UtcNow;
//DateTime expires = DateTime.UtcNow.AddMinutes(2);
//JWTSecurityToken jwt = AlhambraJwtTokenManager.GenerateJwtToken(issuer, subject, audience, expires);
//string jwtReadyToBeSent = AlhambraJwtTokenManager.EncodeJWT(jwt);
//string jwtDecoded = AlhambraJwtTokenManager.DecodeJWT(jwt);
// bool isJwtValid = AlhambraJwtTokenManager.IsTokenValid(jwt, audience, issuer);
// return Content(jwtDecoded.ToString() + "<br/><br/>" + jwtReadyToBeSent );
//DataContractJsonSerializer serializer = new DataContractJsonSerializer(typeof(OAuth2Graph));
//MemoryStream stream1 = new MemoryStream();
string result = JsonConvert.SerializeObject(graph);
//serializer.WriteObject(stream1, graph);
return Content(result,"application/json");
}
public ActionResult UserInfo()
{
var authorizationRequest = Session["AuthorizationRequest"] as OpenIdConnectAuthorizationRequest;
AlhambraOAuth2Authorization authorization = null;
RegisteredUser registeredUser = null;
if (HttpContext.Request.Headers["Authorization"].StartsWith("Bearer ", StringComparison.InvariantCultureIgnoreCase))
{
string accessToken = ASCIIEncoding.ASCII.GetString(Convert.FromBase64String(HttpContext.Request.Headers["Authorization"].Substring(7)));
if (String.IsNullOrEmpty(accessToken))
{
throw new HttpException((int)HttpStatusCode.Unauthorized, "The credentials are invalid");
}
if (!(MvcApplication.registeredAuthorizations.Exists(x => x.AccessToken == accessToken)))
{
throw new HttpException((int)HttpStatusCode.Unauthorized, "The access token is invalid");
}
else
{
authorization = MvcApplication.registeredAuthorizations.FirstOrDefault(x => x.AccessToken == accessToken);
registeredUser= MvcApplication.registeredUsers.FirstOrDefault(x=>x.Email==authorization.UserId);
}
}
else
{
throw new HttpException((int)HttpStatusCode.Unauthorized, "The authorization request only supports Bearer Token Usage");
}
OAuth2Graph graph = new OAuth2Graph()
{
Id = registeredUser.Id
};
//use the scopes
if(authorizationRequest.scope.Contains(OpenIdConnectScopes.OpenId)){
foreach (string scope in authorizationRequest.scope.Split(' '))
{
switch (scope)
{
case OpenIdConnectScopes.Profile:
graph.FirstName = registeredUser.FirstName;
graph.LastName = registeredUser.LastName;
graph.FullName = registeredUser.FullName;
graph.Profile = registeredUser.Profile;
graph.Email = registeredUser.Email;
break;
case OpenIdConnectScopes.Email:
graph.Email = registeredUser.Email;
break;
case OpenIdConnectScopes.FirstName:
graph.FirstName = registeredUser.FirstName;
break;
case OpenIdConnectScopes.LastName:
graph.FirstName = registeredUser.LastName;
break;
}
}
}
else
{
throw new HttpException((int)HttpStatusCode.BadRequest, "The request is not valid");
}
string result = JsonConvert.SerializeObject(graph);
return Content(result, "application/json");
}