public static async Task <string> Process(Uri requestUri, string state, string code, string error, string error_description)
{
var cookie = SecureUrlToken.Decode <LoginState>(state);
if (!string.IsNullOrEmpty(error))
{
await Conversation.ResumeAsync(cookie.State, new AuthenticationResultActivity(cookie.State.GetPostToUserMessage()) { Error = error, ErrorDescription = error_description });
return("<html><head><script type='text/javascript'>window.close();</script></head><body>An error occurred during authentication. You can close this browser window</body></html>");
}
string securityCode = null;
await Conversation.ResumeAsync(cookie.State, new AuthenticationResultActivity(cookie.State.GetPostToUserMessage())
{
Code = code,
RequestUri = requestUri,
State = cookie,
Done = (x) =>
{
securityCode = x;
}
});
if (string.IsNullOrEmpty(securityCode))
{
return("<html><head><script type='text/javascript'>window.close();</script></head><body>You can close this browser window</body></html>");
}
else
{
return($"<html><head></head><body>Please copy and paste this key into the conversation with the bot: {securityCode}.</body></html>");
}
}
public async Task <HttpResponseMessage> PostAuthorize([FromBody] AuthorizeArgs a)
{
var cookie = SecureUrlToken.Decode <ResumptionCookie>(a.state);
if (!string.IsNullOrEmpty(a.error))
{
await Conversation.ResumeAsync(cookie, new AuthenticationResultModel(cookie.GetMessage()) { Error = a.error, ErrorDescription = a.error_description });
return(new HttpResponseMessage(HttpStatusCode.OK)
{
Content = new StringContent("<html><head><script type='text/javascript'>window.close();</script></head><body>An error occurred during authentication. You can close this browser window</body></html>", Encoding.UTF8, "text/html")
});
}
// Get access token
var authContext = new AuthenticationContext(ConfigurationManager.AppSettings["Authority"]);
var authResult = await authContext.AcquireTokenByAuthorizationCodeAsync(
a.code,
new Uri(this.Request.RequestUri.GetLeftPart(UriPartial.Path)),
new ClientCredential(
ConfigurationManager.AppSettings["ClientId"],
ConfigurationManager.AppSettings["ClientSecret"]));
var upn = authResult?.UserInfo?.DisplayableId;
var result = new AuthenticationResultModel(cookie.GetMessage())
{
AccessToken = authResult.IdToken
};
if (upn == cookie.GetMessage().From.Id)
{
await Conversation.ResumeAsync(cookie, result);
return(new HttpResponseMessage(HttpStatusCode.OK)
{
Content = new StringContent("<html><head><script type='text/javascript'>window.close();</script></head><body>You can close this browser window</body></html>", Encoding.UTF8, "text/html")
});
}
else
{
var rnd = new Random();
result.SecurityKey = string.Join("", Enumerable.Range(0, 6).Select(i => rnd.Next(10).ToString()));
await Conversation.ResumeAsync(cookie, result);
return(new HttpResponseMessage(HttpStatusCode.OK)
{
Content = new StringContent($"<html><head></head><body><!--We can't auto-auth you because {upn} != {cookie.GetMessage().From.Id}. -->Please copy and paste this key into the conversation with the bot: {result.SecurityKey}.</body></html>", Encoding.UTF8, "text/html")
});
}
}