// POST api/issue public HttpResponseMessage Post(TokenRequest rst) { Uri scope = rst.Scope; if (scope == null) { return Request.CreateResponse<TokenResponse>(HttpStatusCode.BadRequest, new TokenResponse() { Error = OAuthError.INVALID_REQUEST }); } string key = OAuthConfiguration.Configuration.StsSettings.SymmetricKey; TimeSpan lifeTime = new TimeSpan(0, 0, OAuthConfiguration.Configuration.StsSettings.TokenLifeTimeInSec); var claims = new List<Claim>(); claims.Add(new Claim(ClaimTypes.Name, this.User.Identity.Name)); claims.Add(new Claim(ClaimTypes.Role, "AssetsServiceUser")); claims.Add(new Claim(ClaimTypes.Role, "Developer")); claims.Add(new Claim(ClaimTypes.Role, "Administrator")); SimpleWebToken token = new SimpleWebToken(scope, OAuthConfiguration.Configuration.StsSettings.IssuerUri.ToString(), DateTime.UtcNow + lifeTime, claims, key); var tokenResponse = new TokenResponse() { AccessToken = token.ToString(), TokenType = "bearer", ExpiresIn = 600 }; return Request.CreateResponse<TokenResponse>(HttpStatusCode.OK, tokenResponse); }
private static string IssueAccessToken(Uri realm) { realm = RealmOverFiddler(realm); var method = HttpMethod.Post; var requestUri = OAuthConfiguration.Configuration.StsSettings.IssuerUri; var rst = new TokenRequest() { Scope = realm }; var content = JsonConvert.SerializeObject(rst); var contentType = "application/json"; AuthenticationHeaderValue auth = null; HttpResponseMessage r = Send(method, requestUri, content, contentType, auth); while (r.StatusCode != HttpStatusCode.OK) { if (r.StatusCode == HttpStatusCode.Unauthorized) { if (r.Headers.WwwAuthenticate.Any(h => h.Scheme == AuthenticationSchemes.Basic.ToString())) { var creds = Logon.Page.GetLogin(null); if (!creds.IsSuccessful || creds.IsCanceled) { break; } string loginpsw = String.Format("{0}:{1}", creds.Name, creds.Psw); byte[] bytes = Encoding.ASCII.GetBytes(loginpsw); auth = new AuthenticationHeaderValue(AuthenticationSchemes.Basic.ToString(), Convert.ToBase64String(bytes)); } else if (r.Headers.Any(h => h.Key == HttpResponseHeader.SetCookie.GetName())) { } else { break; } } else if (r.StatusCode == HttpStatusCode.Redirect || r.StatusCode == HttpStatusCode.Moved) { requestUri = new Uri(requestUri, r.Headers.Location.OriginalString); auth = null; } else { break; } r = Send(method, requestUri, content, contentType, auth); } try { r.EnsureSuccessStatusCode(); var token = r.Content.ReadAsStringAsync().Result; var rstr = JsonConvert.DeserializeObject <TokenResponse>(token); Console.WriteLine(rstr.AccessToken); token = HttpUtility.UrlDecode(rstr.AccessToken); token = Convert.ToBase64String(Encoding.ASCII.GetBytes(token)); TokensStore.StoreProvider.PutToken(realm, token); return(token); } catch (Exception ex) { throw new Exception("Unsuccessful attempt to login on STS.", ex); } }
private static string IssueAccessToken(Uri realm) { realm = RealmOverFiddler(realm); var method = HttpMethod.Post; var requestUri = OAuthConfiguration.Configuration.StsSettings.IssuerUri; var rst = new TokenRequest() { Scope = realm }; var content = JsonConvert.SerializeObject(rst); var contentType = "application/json"; AuthenticationHeaderValue auth = null; HttpResponseMessage r = Send(method, requestUri, content, contentType, auth); while (r.StatusCode != HttpStatusCode.OK) { if (r.StatusCode == HttpStatusCode.Unauthorized) { if (r.Headers.WwwAuthenticate.Any(h => h.Scheme == AuthenticationSchemes.Basic.ToString())) { var creds = Logon.Page.GetLogin(null); if (!creds.IsSuccessful || creds.IsCanceled) break; string loginpsw = String.Format("{0}:{1}", creds.Name, creds.Psw); byte[] bytes = Encoding.ASCII.GetBytes(loginpsw); auth = new AuthenticationHeaderValue(AuthenticationSchemes.Basic.ToString(), Convert.ToBase64String(bytes)); } else if (r.Headers.Any(h => h.Key == HttpResponseHeader.SetCookie.GetName())) { } else { break; } } else if (r.StatusCode == HttpStatusCode.Redirect || r.StatusCode == HttpStatusCode.Moved) { requestUri = new Uri(requestUri, r.Headers.Location.OriginalString); auth = null; } else { break; } r = Send(method, requestUri, content, contentType, auth); } try { r.EnsureSuccessStatusCode(); var token = r.Content.ReadAsStringAsync().Result; var rstr = JsonConvert.DeserializeObject<TokenResponse>(token); Console.WriteLine(rstr.AccessToken); token = HttpUtility.UrlDecode(rstr.AccessToken); token = Convert.ToBase64String(Encoding.ASCII.GetBytes(token)); TokensStore.StoreProvider.PutToken(realm, token); return token; } catch (Exception ex) { throw new Exception("Unsuccessful attempt to login on STS.", ex); } }
static string DoAuth(Uri realm) { string token = String.Empty; using (HttpClient client = new HttpClient()) { string creds = String.Format("{0}:{1}", "badri", "badri"); byte[] bytes = Encoding.ASCII.GetBytes(creds); var header = new AuthenticationHeaderValue("Basic", Convert.ToBase64String(bytes)); client.DefaultRequestHeaders.Authorization = header; var rst = new TokenRequest() { Scope = realm }; HttpContent content = new StringContent(JsonConvert.SerializeObject(rst), Encoding.UTF8, "application/json"); token = client.PostAsync("http://ipv4.fiddler:333/api/issue", content).Result.Content.ReadAsStringAsync().Result; //token = client.PostAsync("http://localhost:333/api/issue", content).Result.Content.ReadAsStringAsync().Result; } var rstr = JsonConvert.DeserializeObject<TokenResponse>(token); Console.WriteLine(rstr.AccessToken); return HttpUtility.UrlDecode(rstr.AccessToken); }