private static async Task <SessionAuthorizationTransaction> GenerateTransaction( IJSRuntime jsRuntime, OpenId.Models.AuthorizeOptions authorizeOptions, bool responseTypeIncludesIdToken) { string lastUsedConnection = string.IsNullOrEmpty(authorizeOptions.Realm) ? authorizeOptions.Connection : authorizeOptions.Realm; string appState = string.IsNullOrEmpty(authorizeOptions.AppState) ? Auth0.CommonAuthentication.GenerateNonce(authorizeOptions.KeyLength) : authorizeOptions.AppState; authorizeOptions.State = string.IsNullOrEmpty(authorizeOptions.State) ? Auth0.CommonAuthentication.GenerateNonce(authorizeOptions.KeyLength) : authorizeOptions.State; string nonce = responseTypeIncludesIdToken ? string.IsNullOrEmpty(authorizeOptions.Nonce) ? Auth0.CommonAuthentication.GenerateNonce(authorizeOptions.KeyLength) : authorizeOptions.Nonce : null; SessionAuthorizationTransaction transaction = new SessionAuthorizationTransaction() { Nonce = nonce, AppState = appState, State = authorizeOptions.State, CodeVerifier = authorizeOptions.CodeVerifier, RedirectUri = authorizeOptions.RedirectUri, Connnection = lastUsedConnection, }; await Storage.SetItem( jsRuntime, $"{authorizeOptions.Namespace}{authorizeOptions.State}", transaction ).ConfigureAwait(false); return(transaction); }
/// <summary> /// Builds the an authorization URI. /// </summary> /// <param name="buildAuthorizedUrlOptions">A <see cref="AuthorizeOptions"/> param.</param> /// <returns>An <see cref="string"/> representing an authorization URI.</returns> public static string BuildAuthorizeUrl(OpenId.Models.AuthorizeOptions buildAuthorizedUrlOptions) { if (buildAuthorizedUrlOptions is null) { throw new ArgumentNullException(nameof(buildAuthorizedUrlOptions)); } Utils.ValidateObject(buildAuthorizedUrlOptions); var responseType = Auth0.CommonAuthentication.ParseResponseType(buildAuthorizedUrlOptions.ResponseType); var responseMode = Auth0.CommonAuthentication.ParseResponseMode(buildAuthorizedUrlOptions.ResponseMode); var query = new QueryString(); query = query.Add("response_type", responseType); query = query.Add("state", buildAuthorizedUrlOptions.State); query = query.Add("nonce", buildAuthorizedUrlOptions.Nonce); query = query.Add("client_id", buildAuthorizedUrlOptions.ClientID); query = query.Add("scope", buildAuthorizedUrlOptions.Scope); if (buildAuthorizedUrlOptions.CodeChallengeMethod != CodeChallengeMethods.None) { var codechallengeMethod = Auth0.CommonAuthentication.ParseCodeChallengeMethod(buildAuthorizedUrlOptions.CodeChallengeMethod); query = query.Add("code_challenge_method", codechallengeMethod); query = query.Add("code_challenge", buildAuthorizedUrlOptions.CodeChallenge); } if (!string.IsNullOrEmpty(buildAuthorizedUrlOptions.Connection)) { query = query.Add("connection", buildAuthorizedUrlOptions.Connection); } if (!string.IsNullOrEmpty(buildAuthorizedUrlOptions.Audience)) { query = query.Add("audience", buildAuthorizedUrlOptions.Audience); } if (!string.IsNullOrEmpty(responseMode)) { query = query.Add("response_mode", responseMode); } query = query.Add("redirect_uri", buildAuthorizedUrlOptions.RedirectUri); var uriBuilder = new UriBuilder() { Scheme = buildAuthorizedUrlOptions.AuthorizeEndpoint.Scheme, Host = buildAuthorizedUrlOptions.AuthorizeEndpoint.Host, Path = buildAuthorizedUrlOptions.AuthorizeEndpoint.PathAndQuery, Query = query.ToUriComponent(), }; return(uriBuilder.Uri.AbsoluteUri); }
/// <summary> /// Process a new Authentication trasanction. /// </summary> /// <param name="jsRuntime">The <see cref="IJSRuntime"/> instance.</param> /// <param name="authorizeOptions">The <see cref="AuthorizeOptions"/> instance.</param> /// <returns>A <see cref="Task{TResult}"/> representing the result of the asynchronous operation.</returns> internal static async Task <OpenId.Models.AuthorizeOptions> Proccess(IJSRuntime jsRuntime, OpenId.Models.AuthorizeOptions authorizeOptions) { if (authorizeOptions is null) { throw new ArgumentNullException(nameof(authorizeOptions)); } Utils.ValidateObject(authorizeOptions); bool responseTypeIncludesIdToken = authorizeOptions.ResponseType == ResponseTypes.IdToken || authorizeOptions.ResponseType == ResponseTypes.TokenAndIdToken; SessionAuthorizationTransaction transaction = await GenerateTransaction( jsRuntime, authorizeOptions, responseTypeIncludesIdToken ).ConfigureAwait(false); if (string.IsNullOrEmpty(authorizeOptions.State)) { authorizeOptions.State = transaction.State; } if (responseTypeIncludesIdToken && string.IsNullOrEmpty(authorizeOptions.Nonce)) { authorizeOptions.Nonce = transaction.Nonce; } return(authorizeOptions); }
/// <summary> /// Initiates the Authorization flow by calling the IDP's /authorize enpoint. /// </summary> /// <param name="jsRuntime">A <see cref="IJSRuntime"/> param.</param> /// <param name="navigationManager">A <see cref="NavigationManager"/> param.</param> /// <param name="authorizeOptions">A <see cref="AuthorizeOptions"/> param.</param> /// <returns>A <see cref="Task"/> representing the result of the asynchronous operation.</returns> public static async Task Authorize(IJSRuntime jsRuntime, NavigationManager navigationManager, OpenId.Models.AuthorizeOptions authorizeOptions) { if (jsRuntime is null) { throw new ArgumentNullException(nameof(jsRuntime)); } if (navigationManager is null) { throw new ArgumentNullException(nameof(navigationManager)); } if (authorizeOptions is null) { throw new ArgumentNullException(nameof(authorizeOptions)); } Utils.ValidateObject(authorizeOptions); authorizeOptions = await TransactionManager.Proccess(jsRuntime, authorizeOptions).ConfigureAwait(false); var authorizeUrl = BuildAuthorizeUrl(authorizeOptions); navigationManager.NavigateTo(authorizeUrl); }