public override async Task <object> AuthenticateAsync(IServiceBase authService, IAuthSession session, Authenticate request, CancellationToken token = default) { IAuthTokens tokens = Init(authService, ref session, request); var ctx = CreateAuthContext(authService, session, tokens); IRequest httpRequest = authService.Request; string error = httpRequest.QueryString["error"]; bool hasError = !error.IsNullOrEmpty(); if (hasError) { Log.Error($"Odnoklassniki error callback. {httpRequest.QueryString}"); return(authService.Redirect(FailedRedirectUrlFilter(ctx, session.ReferrerUrl.SetParam("f", error)))); } string code = httpRequest.QueryString["code"]; bool isPreAuthCallback = !code.IsNullOrEmpty(); if (!isPreAuthCallback) { string preAuthUrl = $"{PreAuthUrl}?client_id={ApplicationId}&redirect_uri={CallbackUrl.UrlEncode()}&response_type=code&layout=m"; await this.SaveSessionAsync(authService, session, SessionExpiry, token).ConfigAwait(); return(authService.Redirect(PreAuthUrlFilter(ctx, preAuthUrl))); } try { string payload = $"client_id={ApplicationId}&client_secret={SecretKey}&code={code}&redirect_uri={CallbackUrl.UrlEncode()}&grant_type=authorization_code"; string contents = await AccessTokenUrlFilter(ctx, AccessTokenUrl).PostToUrlAsync(payload, "*/*", RequestFilter).ConfigAwait(); var authInfo = JsonObject.Parse(contents); //ok.ru does not throw exception, but returns error property in JSON response string accessTokenError = authInfo.Get("error"); if (!accessTokenError.IsNullOrEmpty()) { Log.Error($"Odnoklassniki access_token error callback. {authInfo}"); return(authService.Redirect(session.ReferrerUrl.SetParam("f", "AccessTokenFailed"))); } tokens.AccessTokenSecret = authInfo.Get("access_token"); tokens.UserId = authInfo.Get("user_id"); session.IsAuthenticated = true; return(await OnAuthenticatedAsync(authService, session, tokens, authInfo.ToDictionary(), token).ConfigAwait() ?? await authService.Redirect(SuccessRedirectUrlFilter(ctx, session.ReferrerUrl.SetParam("s", "1"))).SuccessAuthResultAsync(authService, session).ConfigAwait()); } catch (WebException webException) { //just in case it starts throwing exceptions HttpStatusCode statusCode = ((HttpWebResponse)webException.Response).StatusCode; if (statusCode == HttpStatusCode.BadRequest) { return(authService.Redirect(FailedRedirectUrlFilter(ctx, session.ReferrerUrl.SetParam("f", "AccessTokenFailed")))); } } return(authService.Redirect(FailedRedirectUrlFilter(ctx, session.ReferrerUrl.SetParam("f", "Unknown")))); }
public override async Task <object> AuthenticateAsync(IServiceBase authService, IAuthSession session, Authenticate request, CancellationToken token = default) { IAuthTokens tokens = Init(authService, ref session, request); var ctx = CreateAuthContext(authService, session, tokens); IRequest httpRequest = authService.Request; string error = httpRequest.QueryString["error"] ?? httpRequest.QueryString["error_uri"] ?? httpRequest.QueryString["error_description"]; bool hasError = !error.IsNullOrEmpty(); if (hasError) { Log.Error($"Yandex error callback. {httpRequest.QueryString}"); return(authService.Redirect(FailedRedirectUrlFilter(ctx, session.ReferrerUrl.SetParam("f", error)))); } string code = httpRequest.QueryString["code"]; bool isPreAuthCallback = !code.IsNullOrEmpty(); if (!isPreAuthCallback) { string preAuthUrl = $"{PreAuthUrl}?response_type=code&client_id={ApplicationId}&redirect_uri={CallbackUrl.UrlEncode()}&display=popup&state={Guid.NewGuid().ToString("N")}"; await this.SaveSessionAsync(authService, session, SessionExpiry, token).ConfigAwait(); return(authService.Redirect(PreAuthUrlFilter(ctx, preAuthUrl))); } try { string payload = $"grant_type=authorization_code&code={code}&client_id={ApplicationId}&client_secret={ApplicationPassword}"; string contents = await AccessTokenUrl.PostStringToUrlAsync(payload).ConfigAwait(); var authInfo = JsonObject.Parse(contents); //Yandex does not throw exception, but returns error property in JSON response // http://api.yandex.ru/oauth/doc/dg/reference/obtain-access-token.xml string accessTokenError = authInfo.Get("error"); if (!accessTokenError.IsNullOrEmpty()) { Log.Error($"Yandex access_token error callback. {authInfo}"); return(authService.Redirect(session.ReferrerUrl.SetParam("f", "AccessTokenFailed"))); } tokens.AccessTokenSecret = authInfo.Get("access_token"); session.IsAuthenticated = true; return(await OnAuthenticatedAsync(authService, session, tokens, authInfo.ToDictionary(), token).ConfigAwait() ?? await authService.Redirect(SuccessRedirectUrlFilter(ctx, session.ReferrerUrl.SetParam("s", "1"))).SuccessAuthResultAsync(authService, session).ConfigAwait()); } catch (WebException webException) { //just in case Yandex will start throwing exceptions var statusCode = ((HttpWebResponse)webException.Response).StatusCode; if (statusCode == HttpStatusCode.BadRequest) { return(authService.Redirect(FailedRedirectUrlFilter(ctx, session.ReferrerUrl.SetParam("f", "AccessTokenFailed")))); } } return(authService.Redirect(FailedRedirectUrlFilter(ctx, session.ReferrerUrl.SetParam("f", "Unknown")))); }
public override object Authenticate(IServiceBase authService, IAuthSession session, Authenticate request) { IAuthTokens tokens = Init(authService, ref session, request); IRequest httpRequest = authService.Request; string error = httpRequest.QueryString["error"] ?? httpRequest.QueryString["error_reason"] ?? httpRequest.QueryString["error_description"]; bool hasError = !error.IsNullOrEmpty(); if (hasError) { Log.Error("VK error callback. {0}".Fmt(httpRequest.QueryString)); return(authService.Redirect(session.ReferrerUrl.AddHashParam("f", (httpRequest.QueryString["error_reason"] ?? httpRequest.QueryString["error_description"] ?? "Unknown").UrlEncode()))); } string code = httpRequest.QueryString["code"]; bool isPreAuthCallback = !code.IsNullOrEmpty(); if (!isPreAuthCallback) { string url = PreAuthUrl + "?client_id={0}&scope={1}&redirect_uri={2}&response_type=code&v={3}" .Fmt(ApplicationId, Scope, CallbackUrl.UrlEncode(), ApiVersion); authService.SaveSession(session, SessionExpiry); return(authService.Redirect(url)); } try { code = EnsureLatestCode(code); string accessTokeUrl = AccessTokenUrl + "?client_id={0}&client_secret={1}&code={2}&redirect_uri={3}" .Fmt(ApplicationId, SecureKey, code, CallbackUrl.UrlEncode()); string contents = accessTokeUrl.GetStringFromUrl("*/*", RequestFilter); var authInfo = JsonObject.Parse(contents); //VK does not throw exception, but returns error property in JSON response string accessTokenError = authInfo.Get("error") ?? authInfo.Get("error_description"); if (!accessTokenError.IsNullOrEmpty()) { Log.Error("VK access_token error callback. {0}".Fmt(authInfo.ToString())); return(authService.Redirect(session.ReferrerUrl.AddHashParam("f", "AccessTokenFailed"))); } tokens.AccessTokenSecret = authInfo.Get("access_token"); tokens.UserId = authInfo.Get("user_id"); session.IsAuthenticated = true; authService.SaveSession(session, SessionExpiry); OnAuthenticated(authService, session, tokens, authInfo.ToDictionary()); return(authService.Redirect(session.ReferrerUrl.AddHashParam("s", "1"))); } catch (WebException webException) { //just in case VK will start throwing exceptions HttpStatusCode statusCode = ((HttpWebResponse)webException.Response).StatusCode; if (statusCode == HttpStatusCode.BadRequest) { return(authService.Redirect(session.ReferrerUrl.AddHashParam("f", "AccessTokenFailed"))); } } return(authService.Redirect(session.ReferrerUrl.AddHashParam("f", "Unknown"))); }
public override async Task <object> AuthenticateAsync(IServiceBase authService, IAuthSession session, Authenticate request, CancellationToken token = default) { IAuthTokens tokens = Init(authService, ref session, request); var ctx = CreateAuthContext(authService, session, tokens); IRequest httpRequest = authService.Request; if (request?.AccessToken != null && request?.AccessTokenSecret != null) { var authInfo = await GetUserInfoAsync(request.AccessToken, request.AccessTokenSecret).ConfigAwait(); if (authInfo == null || !(authInfo.Get("error") ?? authInfo.Get("error_description")).IsNullOrEmpty()) { Log.Error($"VK access_token error callback. {authInfo}"); return(HttpError.Unauthorized("AccessToken is not for App: " + ApplicationId)); } tokens.AccessToken = request.AccessToken; tokens.AccessTokenSecret = request.AccessTokenSecret; var isHtml = authService.Request.IsHtml(); var failedResult = await AuthenticateWithAccessTokenAsync(authService, session, tokens, request.AccessToken).ConfigAwait(); if (failedResult != null) { return(ConvertToClientError(failedResult, isHtml)); } return(isHtml ? await authService.Redirect(SuccessRedirectUrlFilter(ctx, session.ReferrerUrl.SetParam("s", "1"))).SuccessAuthResultAsync(authService, session).ConfigAwait() : null); //return default AuthenticateResponse } string error = httpRequest.QueryString["error_reason"] ?? httpRequest.QueryString["error_description"] ?? httpRequest.QueryString["error"]; bool hasError = !error.IsNullOrEmpty(); if (hasError) { Log.Error($"VK error callback. {httpRequest.QueryString}"); return(authService.Redirect(FailedRedirectUrlFilter(ctx, session.ReferrerUrl.SetParam("f", error)))); } string code = httpRequest.QueryString["code"]; bool isPreAuthCallback = !code.IsNullOrEmpty(); if (!isPreAuthCallback) { string preAuthUrl = $"{PreAuthUrl}?client_id={ApplicationId}&scope={Scope}&redirect_uri={CallbackUrl.UrlEncode()}&response_type=code&v={ApiVersion}"; await this.SaveSessionAsync(authService, session, SessionExpiry, token).ConfigAwait(); return(authService.Redirect(PreAuthUrlFilter(ctx, preAuthUrl))); } try { code = EnsureLatestCode(code); string accessTokeUrl = $"{AccessTokenUrl}?client_id={ApplicationId}&client_secret={SecureKey}&code={code}&redirect_uri={CallbackUrl.UrlEncode()}"; string contents = await AccessTokenUrlFilter(ctx, accessTokeUrl) .GetStringFromUrlAsync(requestFilter: req => req.With(c => c.UserAgent = ServiceClientBase.DefaultUserAgent), token: token).ConfigAwait(); var authInfo = JsonObject.Parse(contents); //VK does not throw exception, but returns error property in JSON response string accessTokenError = authInfo.Get("error") ?? authInfo.Get("error_description"); if (!accessTokenError.IsNullOrEmpty()) { Log.Error($"VK access_token error callback. {authInfo}"); return(authService.Redirect(session.ReferrerUrl.SetParam("f", "AccessTokenFailed"))); } tokens.AccessTokenSecret = authInfo.Get("access_token"); tokens.UserId = authInfo.Get("user_id"); session.IsAuthenticated = true; //Haz Access return(await OnAuthenticatedAsync(authService, session, tokens, authInfo.ToDictionary(), token).ConfigAwait() ?? await authService.Redirect(SuccessRedirectUrlFilter(ctx, session.ReferrerUrl.SetParam("s", "1"))).SuccessAuthResultAsync(authService, session).ConfigAwait()); } catch (Exception ex) { //just in case VK will start throwing exceptions var statusCode = ex.GetStatus(); if (statusCode == HttpStatusCode.BadRequest) { return(authService.Redirect(FailedRedirectUrlFilter(ctx, session.ReferrerUrl.SetParam("f", "AccessTokenFailed")))); } } return(authService.Redirect(FailedRedirectUrlFilter(ctx, session.ReferrerUrl.SetParam("f", "Unknown")))); }