/// <summary> /// Creates a new user based on a external access token. /// </summary> /// <param name="provider"></param> /// <param name="verifiedAccessToken"></param> /// <param name="externalAccessToken"></param> /// <returns></returns> private async Task<IHttpActionResult> CreateNewUserFromExternalAccesToken(string provider, ParsedExternalAccessToken verifiedAccessToken, string externalAccessToken) { RegisterExternalBindingModel model = new RegisterExternalBindingModel() { UserName = verifiedAccessToken.email, // this is null Provider = provider, ExternalAccessToken = externalAccessToken }; Student student = new Student(); student.username = verifiedAccessToken.email; student.email = verifiedAccessToken.email; KompetansetorgetServerContext db = new KompetansetorgetServerContext(); db.students.Add(student); db.SaveChanges(); return await RegisterExternal(model); }
/// <summary> /// Verifies with the provider that the token is indeed valid and contains the correct client id /// (not a login token for another application). /// </summary> /// <param name="provider"></param> /// <param name="accessToken"></param> /// <returns></returns> private async Task<ParsedExternalAccessToken> VerifyExternalAccessToken(string provider, string accessToken) { ParsedExternalAccessToken parsedToken = null; var verifyTokenEndPoint = ""; if (provider == "Facebook") { //You can get it from here: https://developers.facebook.com/tools/accesstoken/ //More about debug_tokn here: http://stackoverflow.com/questions/16641083/how-does-one-get-the-app-access-token-for-debug-token-inspection-on-facebook var appToken = "xxxxx"; verifyTokenEndPoint = string.Format("https://graph.facebook.com/debug_token?input_token={0}&access_token={1}", accessToken, appToken); } else if (provider == "Google") { verifyTokenEndPoint = string.Format("https://www.googleapis.com/oauth2/v1/tokeninfo?access_token={0}", accessToken); } else { return null; } var client = new HttpClient(); var uri = new Uri(verifyTokenEndPoint); var response = await client.GetAsync(uri); if (response.IsSuccessStatusCode) { var content = await response.Content.ReadAsStringAsync(); dynamic jObj = (JObject)Newtonsoft.Json.JsonConvert.DeserializeObject(content); parsedToken = new ParsedExternalAccessToken(); if (provider == "Facebook") { parsedToken.user_id = jObj["data"]["user_id"]; parsedToken.app_id = jObj["data"]["app_id"]; if (!string.Equals(Startup.facebookAuthOptions.AppId, parsedToken.app_id, StringComparison.OrdinalIgnoreCase)) { return null; } } else if (provider == "Google") { parsedToken.user_id = jObj["user_id"]; parsedToken.app_id = jObj["audience"]; // The email attribute might be null unless correct scope is given at the clients Google login implementation. parsedToken.email = jObj["email"]; if ( !string.Equals(Startup.googleAuthOptions.ClientId, parsedToken.app_id, StringComparison.OrdinalIgnoreCase)) { return null; } } } return parsedToken; }