private async Task <TokenData> GetTokens(string authCode, IdentityProviderClientSettings clientSettings, string redirectUri) { var httpClient = _httpClientFactory.CreateClient(); var discoveryResponse = await _discoveryCache.GetAsync(); if (discoveryResponse.IsError) { _discoveryCache.Refresh(); throw new Exception(discoveryResponse.Error); } var tokenResponse = await httpClient.RequestAuthorizationCodeTokenAsync(new AuthorizationCodeTokenRequest { Address = discoveryResponse.TokenEndpoint, Code = authCode, ClientId = clientSettings.ClientId, ClientSecret = clientSettings.ClientSecret, RedirectUri = redirectUri }); if (tokenResponse.IsError) { throw new Exception(tokenResponse.Error); } return(new TokenData(tokenResponse)); }
private async Task <IntrospectionResponse> IntrospectToken(HttpClient httpClient, string bearer) { var discoveryResponse = await _discoveryCache.GetAsync(); if (discoveryResponse.IsError) { _discoveryCache.Refresh(); throw new Exception(discoveryResponse.Error); } var introspectionResponse = await httpClient.IntrospectTokenAsync(new TokenIntrospectionRequest { Address = discoveryResponse.IntrospectionEndpoint, ClientId = _ironcladSettings.IntrospectionClient.ClientId, ClientSecret = _ironcladSettings.IntrospectionClient.ClientSecret, Token = bearer }); return(introspectionResponse); }
private async Task <ActionResult> RedirectToExternalProvider(string query) { var discoveryResponse = await _discoveryCache.GetAsync(); if (discoveryResponse.IsError) { _discoveryCache.Refresh(); throw new Exception(discoveryResponse.Error); } var externalAuthorizeUrl = $"{discoveryResponse.AuthorizeEndpoint}{query}"; _log.Info( $"Redirect URI substitued, trying to proxy to external provider on {externalAuthorizeUrl}"); return(Redirect(externalAuthorizeUrl)); }
public async Task <IActionResult> Login([FromRoute] string platform, [FromQuery] string returnUrl) { string clientId; string signinCallback; switch (platform) { case "android": clientId = _ironcladSettings.AndroidClient.ClientId; signinCallback = Url.AbsoluteAction("SigninCallbackAndroid", "Callback"); break; case "ios": clientId = _ironcladSettings.IosClient.ClientId; signinCallback = Url.AbsoluteAction("SigninCallbackIos", "Callback"); break; default: return(BadRequest()); } var discoveryResponse = await _discoveryCache.GetAsync(); if (discoveryResponse.IsError) { _discoveryCache.Refresh(); throw new Exception(discoveryResponse.Error); } var authorizeRequest = new Dictionary <string, string> { { OidcConstants.AuthorizeRequest.ClientId, clientId }, { OidcConstants.AuthorizeRequest.RedirectUri, signinCallback }, { OidcConstants.AuthorizeRequest.Scope, "profile openid email lykke offline_access" }, { OidcConstants.AuthorizeRequest.ResponseType, OidcConstants.ResponseTypes.Code }, { OidcConstants.AuthorizeRequest.Nonce, "mn4vcynp2tOEj7W9m88l" }, { OidcConstants.AuthorizeRequest.State, "ttoY604BgSsliwgcnIt8" } }; var query = QueryString.Create(authorizeRequest); var externalAuthorizeUrl = $"{discoveryResponse.AuthorizeEndpoint}{query.ToUriComponent()}"; return(Redirect(externalAuthorizeUrl)); }