コード例 #1
0
        private OIDCTokenResponseMessage GetToken(OIDCAuthCodeResponseMessage authResponse, IOptions options, HttpSessionState session, string redirectUri)
        {
            OpenIDProviderData providerData = options.OpenIDProviders[session["op"] as string];

            OIDCTokenRequestMessage tokenRequestMessage = new OIDCTokenRequestMessage();
            tokenRequestMessage.Scope = authResponse.Scope;
            tokenRequestMessage.State = authResponse.State;
            tokenRequestMessage.Code = authResponse.Code;
            tokenRequestMessage.ClientId = providerData.ClientInformation.ClientId;
            tokenRequestMessage.ClientSecret = providerData.ClientInformation.ClientSecret;
            tokenRequestMessage.RedirectUri = redirectUri;
            tokenRequestMessage.GrantType = "authorization_code";

            OIDCTokenResponseMessage response = rp.SubmitTokenRequest(providerData.ProviderMatadata.TokenEndpoint, tokenRequestMessage, providerData.ClientInformation);
            OIDCIdToken idToken = response.GetIdToken(providerData.ProviderMatadata.Keys, tokenRequestMessage.ClientSecret);
            rp.ValidateIdToken(idToken, providerData.ClientInformation, providerData.ProviderMatadata.Issuer, null);
            return response;
        }
コード例 #2
0
        public OIDCTokenResponseMessage GetToken(OIDCAuthCodeResponseMessage authResponse)
        {
            OIDCTokenRequestMessage tokenRequestMessage = new OIDCTokenRequestMessage();
            tokenRequestMessage.Scope = authResponse.Scope;
            tokenRequestMessage.State = authResponse.State;
            tokenRequestMessage.Code = authResponse.Code;
            tokenRequestMessage.ClientId = clientInformation.ClientId;
            tokenRequestMessage.ClientSecret = clientInformation.ClientSecret;
            tokenRequestMessage.RedirectUri = clientInformation.RedirectUris[0];
            tokenRequestMessage.GrantType = "authorization_code";

            OpenIdRelyingParty rp = new OpenIdRelyingParty();
            OIDCTokenResponseMessage response = rp.SubmitTokenRequest(providerMetadata.TokenEndpoint, tokenRequestMessage, clientInformation);
            OIDCIdToken idToken = response.GetIdToken(providerMetadata.Keys, tokenRequestMessage.ClientSecret);
            rp.ValidateIdToken(idToken, clientInformation, providerMetadata.Issuer, null);
            return response;
        }
コード例 #3
0
        /// <summary>
        /// Method called toparse an authentication code response from OP.
        /// </summary>
        /// <param name="queryString">The string reprsenting the authentication response provided
        /// by the OP.</param>
        /// <param name="scope">(optional) Eventual scope used for the call to be used for verification.</param>
        /// <param name="state">(optional) Eventual state used for the call to be used for verification.</param>
        /// <returns>A validated message containing answer frop OP.</returns>
        public OIDCAuthCodeResponseMessage ParseAuthCodeResponse(string queryString, List<MessageScope> scope = null, string state = null)
        {
            OIDCAuthCodeResponseMessage responseMessage = new OIDCAuthCodeResponseMessage();
            try
            {
                responseMessage.DeserializeFromQueryString(queryString);
            }
            catch (OIDCException)
            {
                OIDCResponseError error = new OIDCResponseError();
                error.DeserializeFromQueryString(queryString);
                throw new OIDCException("Error while parsing authorization response: " + error.Error + "\n" + error.ErrorDescription);
            }

            if (scope != null && responseMessage.Scope != null && responseMessage.Scope.Equals(scope))
            {
                throw new OIDCException("Error with authentication answer, wrong scope.");
            }

            if (state != null && responseMessage.State != state)
            {
                throw new OIDCException("Error with authentication answer, wrong state.");
            }

            return responseMessage;
        }
コード例 #4
0
        private OIDCUserInfoResponseMessage GetUserInfo(OIDCAuthCodeResponseMessage authResponse, IOptions options, HttpSessionState session, string accessToken)
        {
            OpenIDProviderData providerData = options.OpenIDProviders[session["op"] as string];
            OpenIdRelyingParty rp = new OpenIdRelyingParty();

            OIDClaims requestClaims = new OIDClaims();
            requestClaims.IdToken = new Dictionary<string, OIDClaimData>();
            requestClaims.IdToken.Add("name", new OIDClaimData());
            requestClaims.IdToken.Add("family_name", new OIDClaimData());
            requestClaims.IdToken.Add("given_name", new OIDClaimData());
            requestClaims.IdToken.Add("email", new OIDClaimData());
            requestClaims.IdToken.Add("gender", new OIDClaimData());

            OIDCUserInfoRequestMessage userInfoRequestMessage = new OIDCUserInfoRequestMessage();
            userInfoRequestMessage.Scope = authResponse.Scope;
            userInfoRequestMessage.State = authResponse.State;
            userInfoRequestMessage.Claims = requestClaims;

            var urlInfoUrl = providerData.ProviderMatadata.UserinfoEndpoint;
            return rp.GetUserInfo(urlInfoUrl, userInfoRequestMessage, accessToken);
        }