static MockAuthHttpGateway()
{
Tokens = new OAuthTokens {
UserId = "623501766",
DisplayName = "Demis Bellot",
FirstName = "Demis",
LastName = "Bellot",
Email = "*****@*****.**",
};
}
public void Does_persist_TwitterOAuth(IUserAuthRepository userAuthRepository)
{
((IClearable)userAuthRepository).Clear();
var mockService = new Mock<IServiceBase>();
mockService.Expect(x => x.TryResolve<IUserAuthRepository>())
.Returns(userAuthRepository);
var service = mockService.Object;
MockAuthHttpGateway.Tokens = new OAuthTokens { DisplayName = "Demis Bellot TW" };
var twitterTokens = new OAuthTokens {
Provider = TwitterAuthConfig.Name,
RequestToken = "JGz2CcwqgB1GR5e0EmGFxzyxGTw2rwEFFcC8a9o7g",
RequestTokenSecret = "qkCdURJ2R10bMieVQZZad7iSwWkPYJmtBYzPoM9q0",
UserId = "133371690876022785",
};
var authInfo = new Dictionary<string, string> {
{"user_id", "133371690876022785"},
{"screen_name", "demisbellot"},
};
var oAuthUserSession = GetSession();
oAuthUserSession.OnAuthenticated(service, twitterTokens, authInfo);
Assert.That(oAuthUserSession.UserAuthId, Is.Not.Null);
var userAuth = userAuthRepository.GetUserAuth(oAuthUserSession.UserAuthId);
Assert.That(userAuth.Id.ToString(), Is.EqualTo(oAuthUserSession.UserAuthId));
Assert.That(userAuth.DisplayName, Is.EqualTo("Demis Bellot TW"));
var authProviders = userAuthRepository.GetUserOAuthProviders(oAuthUserSession.UserAuthId);
Assert.That(authProviders.Count, Is.EqualTo(1));
var authProvider = authProviders[0];
Assert.That(authProvider.UserAuthId, Is.EqualTo(userAuth.Id));
Assert.That(authProvider.DisplayName, Is.EqualTo("Demis Bellot TW"));
Assert.That(authProvider.FirstName, Is.Null);
Assert.That(authProvider.LastName, Is.Null);
Assert.That(authProvider.RequestToken, Is.EqualTo(twitterTokens.RequestToken));
Assert.That(authProvider.RequestTokenSecret, Is.EqualTo(twitterTokens.RequestTokenSecret));
Console.WriteLine(authProviders.Dump());
}
public void Does_persist_FacebookOAuth(IUserAuthRepository userAuthRepository)
{
((IClearable)userAuthRepository).Clear();
var mockService = new Mock<IServiceBase>();
mockService.Expect(x => x.TryResolve<IUserAuthRepository>())
.Returns(userAuthRepository);
var serviceTokens = MockAuthHttpGateway.Tokens = new OAuthTokens {
UserId = "623501766",
DisplayName = "Demis Bellot FB",
FirstName = "Demis",
LastName = "Bellot",
Email = "*****@*****.**",
};
var service = mockService.Object;
var facebookTokens = new OAuthTokens {
Provider = FacebookAuthConfig.Name,
AccessTokenSecret = "AAADPaOoR848BAMkQIZCRIKnVWZAvcKWqo7Ibvec8ebV9vJrfZAz8qVupdu5EbjFzmMmbwUFDbcNDea9H6rOn5SVn8es7KYZD",
};
var authInfo = new Dictionary<string, string> { };
var oAuthUserSession = GetSession();
oAuthUserSession.OnAuthenticated(service, facebookTokens, authInfo);
Assert.That(oAuthUserSession.FacebookUserId, Is.EqualTo(serviceTokens.UserId));
Assert.That(oAuthUserSession.UserAuthId, Is.Not.Null);
var userAuth = userAuthRepository.GetUserAuth(oAuthUserSession.UserAuthId);
Assert.That(userAuth.Id.ToString(), Is.EqualTo(oAuthUserSession.UserAuthId));
Assert.That(userAuth.DisplayName, Is.EqualTo(serviceTokens.DisplayName));
Assert.That(userAuth.FirstName, Is.EqualTo(serviceTokens.FirstName));
Assert.That(userAuth.LastName, Is.EqualTo(serviceTokens.LastName));
Assert.That(userAuth.Email, Is.EqualTo(serviceTokens.Email));
var authProviders = userAuthRepository.GetUserOAuthProviders(oAuthUserSession.UserAuthId);
Assert.That(authProviders.Count, Is.EqualTo(1));
var authProvider = authProviders[0];
Assert.That(authProvider.UserAuthId, Is.EqualTo(userAuth.Id));
Assert.That(authProvider.DisplayName, Is.EqualTo(serviceTokens.DisplayName));
Assert.That(authProvider.FirstName, Is.EqualTo(serviceTokens.FirstName));
Assert.That(authProvider.LastName, Is.EqualTo(serviceTokens.LastName));
Assert.That(authProvider.Email, Is.EqualTo(serviceTokens.Email));
Assert.That(authProvider.RequestToken, Is.Null);
Assert.That(authProvider.RequestTokenSecret, Is.Null);
Assert.That(authProvider.AccessToken, Is.Null);
Assert.That(authProvider.AccessTokenSecret, Is.EqualTo(facebookTokens.AccessTokenSecret));
Console.WriteLine(authProviders.Dump());
}
public void Does_merge_FacebookOAuth_TwitterOAuth(IUserAuthRepository userAuthRepository)
{
((IClearable)userAuthRepository).Clear();
var mockService = new Mock<IServiceBase>();
mockService.Expect(x => x.TryResolve<IUserAuthRepository>())
.Returns(userAuthRepository);
var service = mockService.Object;
var serviceTokensFb = MockAuthHttpGateway.Tokens = new OAuthTokens {
UserId = "623501766",
DisplayName = "Demis Bellot FB",
FirstName = "Demis",
LastName = "Bellot",
Email = "*****@*****.**",
};
var facebookTokens = new OAuthTokens {
Provider = FacebookAuthConfig.Name,
AccessTokenSecret = "AAADDDCCCoR848BAMkQIZCRIKnVWZAvcKWqo7Ibvec8ebV9vJrfZAz8qVupdu5EbjFzmMmbwUFDbcNDea9H6rOn5SVn8es7KYZD",
};
var oAuthUserSession = GetSession();
oAuthUserSession.OnAuthenticated(service, facebookTokens, new Dictionary<string, string>());
var serviceTokensTw = MockAuthHttpGateway.Tokens = new OAuthTokens { DisplayName = "Demis Bellot TW" };
var twitterTokens = new OAuthTokens {
Provider = TwitterAuthConfig.Name,
RequestToken = "JGGZZ22CCqgB1GR5e0EmGFxzyxGTw2rwEFFcC8a9o7g",
RequestTokenSecret = "qKKCCUUJ2R10bMieVQZZad7iSwWkPYJmtBYzPoM9q0",
UserId = "133371690876022785",
};
var authInfo = new Dictionary<string, string> {
{"user_id", "133371690876022785"},
{"screen_name", "demisbellot"},
};
oAuthUserSession.OnAuthenticated(service, twitterTokens, authInfo);
Assert.That(oAuthUserSession.TwitterUserId, Is.EqualTo(authInfo["user_id"]));
Assert.That(oAuthUserSession.TwitterScreenName, Is.EqualTo(authInfo["screen_name"]));
var userAuth = userAuthRepository.GetUserAuth(oAuthUserSession.UserAuthId);
Assert.That(userAuth.Id.ToString(), Is.EqualTo(oAuthUserSession.UserAuthId));
Assert.That(userAuth.DisplayName, Is.EqualTo(serviceTokensTw.DisplayName));
Assert.That(userAuth.FirstName, Is.EqualTo(serviceTokensFb.FirstName));
Assert.That(userAuth.LastName, Is.EqualTo(serviceTokensFb.LastName));
Assert.That(userAuth.Email, Is.EqualTo(serviceTokensFb.Email));
var authProviders = userAuthRepository.GetUserOAuthProviders(oAuthUserSession.UserAuthId);
Assert.That(authProviders.Count, Is.EqualTo(2));
Console.WriteLine(userAuth.Dump());
Console.WriteLine(authProviders.Dump());
}
/// <summary>
/// Sets the CallbackUrl and session.ReferrerUrl if not set and initializes the session tokens for this AuthProvider
/// </summary>
/// <param name="authService"></param>
/// <param name="session"></param>
/// <param name="request"> </param>
/// <returns></returns>
protected IOAuthTokens Init(IServiceBase authService, ref IAuthSession session, Auth request)
{
if (request != null && !LoginMatchesSession(session, request.UserName))
{
//authService.RemoveSession();
//session = authService.GetSession();
}
var requestUri = authService.RequestContext.AbsoluteUri;
if (this.CallbackUrl.IsNullOrEmpty())
this.CallbackUrl = requestUri;
if (session.ReferrerUrl.IsNullOrEmpty())
session.ReferrerUrl = authService.RequestContext.GetHeader("Referer");
if (session.ReferrerUrl.IsNullOrEmpty()
|| session.ReferrerUrl.IndexOf("/auth", StringComparison.OrdinalIgnoreCase) >= 0)
session.ReferrerUrl = this.RedirectUrl
?? ServiceStackHttpHandlerFactory.GetBaseUrl()
?? requestUri.Substring(0, requestUri.IndexOf("/", "https://".Length + 1));
var tokens = session.ProviderOAuthAccess.FirstOrDefault(x => x.Provider == Provider);
if (tokens == null)
session.ProviderOAuthAccess.Add(tokens = new OAuthTokens { Provider = Provider });
return tokens;
}
/// <summary>
/// Sets the CallbackUrl and session.ReferrerUrl if not set and initializes the session tokens for this AuthProvider
/// </summary>
/// <param name="authService"></param>
/// <param name="session"></param>
/// <param name="request"> </param>
/// <returns></returns>
protected IOAuthTokens Init(IServiceBase authService, ref IAuthSession session, Auth request)
{
if (request != null && !LoginMatchesSession(session, request.UserName))
{
//authService.RemoveSession();
//session = authService.GetSession();
}
if (this.CallbackUrl.IsNullOrEmpty())
this.CallbackUrl = authService.RequestContext.AbsoluteUri;
if (session.ReferrerUrl.IsNullOrEmpty())
session.ReferrerUrl = authService.RequestContext.GetHeader("Referer") ?? this.CallbackUrl;
var tokens = session.ProviderOAuthAccess.FirstOrDefault(x => x.Provider == Provider);
if (tokens == null)
session.ProviderOAuthAccess.Add(tokens = new OAuthTokens { Provider = Provider });
return tokens;
}
protected IOAuthTokens Init(IServiceBase authService, ref IAuthSession session, Authenticate request)
{
var requestUri = authService.RequestContext.AbsoluteUri;
if (this.CallbackUrl.IsNullOrEmpty())
{
this.CallbackUrl = requestUri;
}
if (session.ReferrerUrl.IsNullOrEmpty())
{
session.ReferrerUrl = (request != null ? request.Continue : null) ?? authService.RequestContext.GetHeader("Referer");
}
if (session.ReferrerUrl.IsNullOrEmpty() || session.ReferrerUrl.IndexOf("/auth", StringComparison.OrdinalIgnoreCase) >= 0)
{
session.ReferrerUrl = this.RedirectUrl
?? ServiceStackHttpHandlerFactory.GetBaseUrl()
?? requestUri.Substring(0, requestUri.IndexOf("/", "https://".Length + 1, StringComparison.Ordinal));
}
var tokens = session.ProviderOAuthAccess.FirstOrDefault(x => x.Provider == this.Provider);
if (tokens == null)
{
session.ProviderOAuthAccess.Add(tokens = new OAuthTokens { Provider = this.Provider });
}
return tokens;
}
public override object OnGet(Auth request)
{
if (ValidateFn != null)
{
var response = ValidateFn(this, HttpMethods.Get, request);
if (response != null)
{
return(response);
}
}
AssertAuthProviders();
if (request.provider == LogoutAction)
{
this.RemoveSession();
return(new AuthResponse());
}
var provider = request.provider ?? AuthConfigs[0].Provider;
if (provider == BasicProvider || provider == CredentialsProvider)
{
return(CredentialsAuth(request));
}
var oAuthConfig = AuthConfigs.FirstOrDefault(x => x.Provider == provider);
if (oAuthConfig == null)
{
throw HttpError.NotFound("No configuration was added for OAuth provider '{0}'".Fmt(provider));
}
var session = this.GetSession();
if (oAuthConfig.CallbackUrl.IsNullOrEmpty())
{
oAuthConfig.CallbackUrl = base.RequestContext.AbsoluteUri;
}
if (session.ReferrerUrl.IsNullOrEmpty())
{
session.ReferrerUrl = base.RequestContext.GetHeader("Referer") ?? oAuthConfig.CallbackUrl;
}
var oAuth = new OAuthAuthorizer(oAuthConfig);
if (!session.IsAuthorized(provider))
{
var tokens = session.ProviderOAuthAccess.FirstOrDefault(x => x.Provider == provider);
if (tokens == null)
{
session.ProviderOAuthAccess.Add(tokens = new OAuthTokens {
Provider = provider
});
}
return(oAuthConfig.Authenticate(this, request, session, tokens, oAuth));
}
//Already Authenticated
return(this.Redirect(session.ReferrerUrl.AddHashParam("s", "0")));
}
