protected virtual string BuildChallengeUrl(AuthenticationProperties properties, string redirectUri) { var scopeParameter = properties.GetParameter <ICollection <string> >(OAuthChallengeProperties.ScopeKey); var scope = scopeParameter != null?FormatScope(scopeParameter) : FormatScope(); var parameters = new Dictionary <string, string> { { "client_id", Options.ClientId }, { "scope", scope }, { "response_type", "code" }, { "redirect_uri", redirectUri }, }; if (Options.UsePkce) { var bytes = new byte[32]; CryptoRandom.GetBytes(bytes); var codeVerifier = Base64UrlTextEncoder.Encode(bytes); // Store this for use during the code redemption. properties.Items.Add(OAuthConstants.CodeVerifierKey, codeVerifier); using var sha256 = SHA256.Create(); var challengeBytes = sha256.ComputeHash(Encoding.UTF8.GetBytes(codeVerifier)); var codeChallenge = WebEncoders.Base64UrlEncode(challengeBytes); parameters[OAuthConstants.CodeChallengeKey] = codeChallenge; parameters[OAuthConstants.CodeChallengeMethodKey] = OAuthConstants.CodeChallengeMethodS256; } parameters["state"] = Options.StateDataFormat.Protect(properties); return(QueryHelpers.AddQueryString(Options.AuthorizationEndpoint, parameters)); }
private void AddQueryString <T>( IDictionary <string, string> queryStrings, AuthenticationProperties properties, string name, Func <T, string> formatter, T defaultValue) { string value = null; var parameterValue = properties.GetParameter <T>(name); if (parameterValue != null) { value = formatter(parameterValue); } else if (!properties.Items.TryGetValue(name, out value)) { value = formatter(defaultValue); } // Remove the parameter from AuthenticationProperties so it won't be serialized into the state properties.Items.Remove(name); if (value != null) { queryStrings[name] = value; } }
protected override string BuildChallengeUrl([NotNull] AuthenticationProperties properties, [NotNull] string redirectUri) { var scopeParameter = properties.GetParameter <ICollection <string> >(OAuthChallengeProperties.ScopeKey); string scopes = scopeParameter != null?FormatScope(scopeParameter) : FormatScope(); var parameters = new Dictionary <string, string?> { ["app_id"] = Options.ClientId, ["redirect_uri"] = redirectUri, ["perms"] = scopes, }; if (Options.UsePkce) { byte[] bytes = new byte[32]; RandomNumberGenerator.Fill(bytes); string codeVerifier = Microsoft.AspNetCore.WebUtilities.Base64UrlTextEncoder.Encode(bytes); // Store this for use during the code redemption. properties.Items.Add(OAuthConstants.CodeVerifierKey, codeVerifier); byte[] challengeBytes = SHA256.HashData(Encoding.UTF8.GetBytes(codeVerifier)); parameters[OAuthConstants.CodeChallengeKey] = WebEncoders.Base64UrlEncode(challengeBytes); parameters[OAuthConstants.CodeChallengeMethodKey] = OAuthConstants.CodeChallengeMethodS256; } parameters["state"] = Options.StateDataFormat.Protect(properties); return(QueryHelpers.AddQueryString(Options.AuthorizationEndpoint, parameters)); }
public void GetSetParameter_Int() { var props = new AuthenticationProperties(); Assert.Null(props.GetParameter <int?>("foo")); Assert.Equal(0, props.Parameters.Count); props.SetParameter <int?>("foo", 123); Assert.Equal(123, props.GetParameter <int?>("foo")); Assert.Equal(123, props.Parameters["foo"]); Assert.Equal(1, props.Parameters.Count); props.SetParameter <int?>("foo", null); Assert.Null(props.GetParameter <int?>("foo")); Assert.Null(props.Parameters["foo"]); Assert.Equal(1, props.Parameters.Count); }
public void GetSetParameter_String() { var props = new AuthenticationProperties(); Assert.Null(props.GetParameter <string>("foo")); Assert.Equal(0, props.Parameters.Count); props.SetParameter <string>("foo", "foo bar"); Assert.Equal("foo bar", props.GetParameter <string>("foo")); Assert.Equal("foo bar", props.Parameters["foo"]); Assert.Equal(1, props.Parameters.Count); props.SetParameter <string>("foo", null); Assert.Null(props.GetParameter <string>("foo")); Assert.Null(props.Parameters["foo"]); Assert.Equal(1, props.Parameters.Count); }
protected override string BuildChallengeUrl(AuthenticationProperties properties, string redirectUri) { var queryStrings = new Dictionary <string, string>(StringComparer.OrdinalIgnoreCase); queryStrings.Add("request_token", properties.GetParameter <string>("RequestToken")); queryStrings.Add("redirect_uri", BuildRedirectUri(Options.CallbackPath.Value)); return(QueryHelpers.AddQueryString(Options.AuthorizationEndpoint, queryStrings)); }
/// <summary> /// BuildChallengeUrl /// </summary> protected override string BuildChallengeUrl(AuthenticationProperties properties, string redirectUri) { var parameter = properties.GetParameter <ICollection <string> >(OAuthChallengeProperties.ScopeKey); var scopes = parameter != null?FormatScope(parameter) : FormatScope(); //string siteState = Options.StateDataFormat.Protect(properties); string siteState = properties.Items.ContainsKey(RedirectName) ? properties.Items[RedirectName] : ""; if (!string.IsNullOrEmpty(siteState)) { var encode = WebUtility.UrlEncode(siteState); redirectUri += $"?{SiteReturnAdditional}={encode}"; } var timestamp = GetTimeStamp(); var state = GetState(); var signMessage = $"{scopes}{timestamp}{Options.ClientId}{state}"; var clientSecret = SignString(signMessage).Result; var res = QueryHelpers.AddQueryString(Options.AuthorizationEndpoint, new Dictionary <string, string> { { "client_id", Options.ClientId }, { "client_secret", clientSecret }, { "redirect_uri", redirectUri }, { "scope", scopes }, { "response_type", "code" }, { "state", state }, { "access_type", "online" }, { "timestamp", timestamp } }); return(res); }
public void GetSetParameter_Collection() { var props = new AuthenticationProperties(); Assert.Null(props.GetParameter <int?>("foo")); Assert.Equal(0, props.Parameters.Count); var list = new string[] { "a", "b", "c" }; props.SetParameter <ICollection <string> >("foo", list); Assert.Equal(new string[] { "a", "b", "c" }, props.GetParameter <ICollection <string> >("foo")); Assert.Same(list, props.Parameters["foo"]); Assert.Equal(1, props.Parameters.Count); props.SetParameter <ICollection <string> >("foo", null); Assert.Null(props.GetParameter <ICollection <string> >("foo")); Assert.Null(props.Parameters["foo"]); Assert.Equal(1, props.Parameters.Count); }
public static AuthToken RetrieveToken(this AuthenticationProperties properties, string tokenName = default) { if (properties is null) { throw new ArgumentNullException(nameof(properties)); } var tokenKey = TokenPropertyName(tokenName ?? string.Empty); return(properties.Parameters.ContainsKey(tokenKey) ? properties.GetParameter <AuthToken>(tokenKey) : null); }
/// <inheritdoc /> protected override string BuildChallengeUrl([NotNull] AuthenticationProperties properties, [NotNull] string redirectUri) { if (!properties.Items.TryGetValue(ShopifyAuthenticationDefaults.ShopNameAuthenticationProperty, out var shopName)) { Log.ShopNameMissing(Logger); throw new InvalidOperationException("Shopify provider AuthenticationProperties must contain ShopNameAuthenticationProperty."); } var authorizationEndpoint = string.Format(CultureInfo.InvariantCulture, Options.AuthorizationEndpoint, shopName); // Get the permission scope, which can either be set in options or overridden in AuthenticationProperties. if (!properties.Items.TryGetValue(ShopifyAuthenticationDefaults.ShopScopeAuthenticationProperty, out var scope)) { var scopeParameter = properties.GetParameter <ICollection <string> >(OAuthChallengeProperties.ScopeKey); scope = scopeParameter != null?FormatScope(scopeParameter) : FormatScope(); } var parameters = new Dictionary <string, string?>() { ["client_id"] = Options.ClientId, ["scope"] = scope, ["redirect_uri"] = redirectUri, }; if (Options.UsePkce) { var bytes = RandomNumberGenerator.GetBytes(256 / 8); var codeVerifier = WebEncoders.Base64UrlEncode(bytes); // Store this for use during the code redemption. properties.Items.Add(OAuthConstants.CodeVerifierKey, codeVerifier); var challengeBytes = SHA256.HashData(Encoding.UTF8.GetBytes(codeVerifier)); parameters[OAuthConstants.CodeChallengeKey] = WebEncoders.Base64UrlEncode(challengeBytes); parameters[OAuthConstants.CodeChallengeMethodKey] = OAuthConstants.CodeChallengeMethodS256; } parameters["state"] = Options.StateDataFormat.Protect(properties); var challengeUrl = QueryHelpers.AddQueryString(authorizationEndpoint, parameters); // If we're requesting a per-user, online only, token, add the grant_options query param. if (properties.Items.TryGetValue(ShopifyAuthenticationDefaults.GrantOptionsAuthenticationProperty, out var grantOptions) && grantOptions == ShopifyAuthenticationDefaults.PerUserAuthenticationPropertyValue) { challengeUrl = QueryHelpers.AddQueryString(challengeUrl, "grant_options[]", ShopifyAuthenticationDefaults.PerUserAuthenticationPropertyValue); } return(challengeUrl); }
protected override string BuildChallengeUrl([NotNull] AuthenticationProperties properties, [NotNull] string redirectUri) { var scopeParameter = properties.GetParameter <ICollection <string> >(OAuthChallengeProperties.ScopeKey); var scope = scopeParameter != null?FormatScope(scopeParameter) : FormatScope(); var parameters = new Dictionary <string, string?>() { ["appid"] = Options.ClientId, ["scope"] = scope, ["response_type"] = "code", }; if (Options.UsePkce) { var bytes = RandomNumberGenerator.GetBytes(256 / 8); var codeVerifier = WebEncoders.Base64UrlEncode(bytes); // Store this for use during the code redemption. properties.Items.Add(OAuthConstants.CodeVerifierKey, codeVerifier); var challengeBytes = SHA256.HashData(Encoding.UTF8.GetBytes(codeVerifier)); parameters[OAuthConstants.CodeChallengeKey] = WebEncoders.Base64UrlEncode(challengeBytes); parameters[OAuthConstants.CodeChallengeMethodKey] = OAuthConstants.CodeChallengeMethodS256; } var state = Options.StateDataFormat.Protect(properties); var addRedirectHash = false; if (!IsWeixinAuthorizationEndpointInUse()) { // Store state in redirectUri when authorizing Wechat Web pages to prevent "too long state parameters" error redirectUri = QueryHelpers.AddQueryString(redirectUri, OauthState, state); addRedirectHash = true; } parameters["redirect_uri"] = redirectUri; parameters[State] = addRedirectHash ? OauthState : state; var challengeUrl = QueryHelpers.AddQueryString(Options.AuthorizationEndpoint, parameters); if (addRedirectHash) { // The parameters necessary for Web Authorization of Wechat challengeUrl += "#wechat_redirect"; } return(challengeUrl); }
protected virtual string BuildChallengeUrl(AuthenticationProperties properties, string redirectUri) { var scopeParameter = properties.GetParameter <ICollection <string> >(OAuthChallengeProperties.ScopeKey); var scope = scopeParameter != null?FormatScope(scopeParameter) : FormatScope(); var state = Options.StateDataFormat.Protect(properties); var parameters = new Dictionary <string, string> { { "client_id", Options.ClientId }, { "scope", scope }, { "response_type", "code" }, { "redirect_uri", redirectUri }, { "state", state }, }; return(QueryHelpers.AddQueryString(Options.AuthorizationEndpoint, parameters)); }
private static void AddQueryString <T>(IDictionary <string, string> queryStrings, AuthenticationProperties properties, string name, Func <T, string> formatter, T defaultValue) { string str = null; var parameter = properties.GetParameter <T>(name); if (parameter != null) { str = formatter(parameter); } else if (!properties.Items.TryGetValue(name, out str)) { str = formatter(defaultValue); } properties.Items.Remove(name); if (str != null) { queryStrings[name] = str; } }
protected override string BuildChallengeUrl(AuthenticationProperties properties, string redirectUri) { var queryStrings = new Dictionary <string, string>(StringComparer.OrdinalIgnoreCase); queryStrings.Add("response_type", "code"); queryStrings.Add("client_id", Options.ClientId); queryStrings.Add("redirect_uri", redirectUri); if (Options.AccessAllAccounts) { queryStrings.Add("account", "all"); } if (null != Options.SendLimitAmount) { queryStrings.Add("meta[send_limit_amount]", Options.SendLimitAmount.ToString()); } if (null != Options.SendLimitCurrency) { queryStrings.Add("meta[send_limit_currency]", Options.SendLimitCurrency.ToString()); } if (null != Options.SendLimitPeriod) { queryStrings.Add("meta[send_limit_period]", Options.SendLimitPeriod.ToString()); } var state = Options.StateDataFormat.Protect(properties); queryStrings.Add("state", state); var scopeParameter = properties.GetParameter <ICollection <string> >(OAuthChallengeProperties.ScopeKey); var scope = scopeParameter != null?FormatScope(scopeParameter) : FormatScope(); queryStrings.Add("scope", scope); var authorizationEndpoint = QueryHelpers.AddQueryString(Options.AuthorizationEndpoint, queryStrings); return(authorizationEndpoint); }
protected override string BuildChallengeUrl(AuthenticationProperties properties, [NotNull] string redirectUri) { string value = base.Options.StateDataFormat.Protect(properties); Dictionary <string, string> dictionary = new Dictionary <string, string> { ["appid"] = base.Options.AppID, ["scope"] = FormatScope(), ["response_type"] = "code", ["redirect_uri"] = redirectUri, ["state"] = value }; string parameter = properties.GetParameter <string>("loginTmpCode"); if (!string.IsNullOrWhiteSpace(parameter)) { dictionary.Add("loginTmpCode", parameter); } redirectUri = QueryHelpers.AddQueryString(base.Options.AuthorizationEndpoint, dictionary); return(redirectUri); }
=> string.Join(",", scopes); // // OAuth2 3.3 space separated, but weixin not #region Pick value from AuthenticationProperties private static string PickAuthenticationProperty <T>( AuthenticationProperties properties, string name, Func <T, string> formatter, T defaultValue) { string value = null; var parameterValue = properties.GetParameter <T>(name); if (parameterValue != null) { value = formatter(parameterValue); } else if (!properties.Items.TryGetValue(name, out value)) { value = formatter(defaultValue); } // Remove the parameter from AuthenticationProperties so it won't be serialized into the state properties.Items.Remove(name); return(value); }
protected override string BuildChallengeUrl([NotNull] AuthenticationProperties properties, [NotNull] string redirectUri) { var scopeParameter = properties.GetParameter <ICollection <string> >(OAuthChallengeProperties.ScopeKey); var scope = scopeParameter != null?FormatScope(scopeParameter) : FormatScope(); var parameters = new Dictionary <string, string?> { ["client_id"] = Options.ClientId, ["scope"] = scope, ["response_type"] = "code" }; if (Options.UsePkce) { var bytes = new byte[32]; RandomNumberGenerator.Fill(bytes); var codeVerifier = Base64UrlTextEncoder.Encode(bytes); // Store this for use during the code redemption. properties.Items.Add(OAuthConstants.CodeVerifierKey, codeVerifier); var challengeBytes = SHA256.HashData(Encoding.UTF8.GetBytes(codeVerifier)); var codeChallenge = WebEncoders.Base64UrlEncode(challengeBytes); parameters[OAuthConstants.CodeChallengeKey] = codeChallenge; parameters[OAuthConstants.CodeChallengeMethodKey] = OAuthConstants.CodeChallengeMethodS256; } var state = Options.StateDataFormat.Protect(properties); parameters["state"] = state; // Mixcloud does not appear to support the `state` parameter, so have to bundle it here: parameters["redirect_uri"] = QueryHelpers.AddQueryString(redirectUri, "state", state); return(QueryHelpers.AddQueryString(Options.AuthorizationEndpoint, parameters)); }
private string PickAuthenticationProperty <T>( AuthenticationProperties properties, string name, Func <T, string> formatter, T defaultValue) { string value = null; var parameterValue = properties.GetParameter <T>(name); if (parameterValue != null) { value = formatter(parameterValue); } else if (!properties.Items.TryGetValue(name, out value)) { value = formatter(defaultValue); } // Remove the parameter from AuthenticationProperties so it won't be serialized into the state Logger.LogWarning($"BuildChallengeUrl: properties.Items[\"{name}\"] with value \"{value}\" will be Picked!"); properties.Items.Remove(name); return(value); }
public static void AddQueryString <T>(this IDictionary <string, string> querystring, T defaultValue, AuthenticationProperties properties, string keyName, Func <T, string> stringFormatter = null) { var value = string.Empty; T getParameter = default; //Difference between this and going to the actual collection items through //properties.Items var parameterValue = properties.GetParameter <T>(keyName); if (parameterValue != null) { getParameter = parameterValue; } value = stringFormatter != null? stringFormatter(getParameter) : getParameter?.ToString(); if (!string.IsNullOrWhiteSpace(value)) { querystring[keyName] = value; } }