/// <summary>
/// Request access token, passing the supplied args to the OAuth2 endpoint.
/// </summary>
/// <param name="session"></param>
/// <param name="args"></param>
/// <param name="useAccessToken">Store the returned access token in session and use that in future requests to the resource server.</param>
/// <returns></returns>
public static OAuth2AccessTokenResponse GetAndStoreAccessToken(ISession session, object args, bool useAccessToken)
{
OAuth2Settings settings = GetSettings(session);
Request request = session.Bind(settings.TokenEndpoint)
.AsFormUrlEncoded()
.AcceptJson();
if (settings.ClientAuthenticationMethod == OAuth2Settings.DefaultClientAuthenticationMethods.BasicAuthenticationHeader)
{
request = request.BasicAuthentication(settings.ClientID, settings.ClientSecret);
}
using (var response = request.AcceptJson().Post <Hashtable>(args))
{
OAuth2AccessTokenResponse accessToken = new OAuth2AccessTokenResponse
{
access_token = TryGet <string>(response.Body["access_token"]),
token_type = TryGet <string>(response.Body["token_type"]),
expires_in = TryGet <long?>(response.Body["expires_in"]),
refresh_token = TryGet <string>(response.Body["refresh_token"]),
AllParameters = response.Body
};
if (useAccessToken)
{
OAuth2SessionState state = session.OAuth2_GetOrCreateState();
state.AccessToken = accessToken.access_token;
state.TokenType = ParseAccessTokenType(accessToken.token_type);
OAuth2_ActivateAuthorization(session, accessToken.access_token, state.TokenType);
}
return(accessToken);
}
}
/// <summary>
/// Restore authorization state previously obtained from OAuth2_GetState.
/// </summary>
/// <param name="session">Ramone session.</param>
/// <param name="state"></param>
/// <returns></returns>
public static ISession OAuth2_RestoreState(this ISession session, OAuth2SessionState state)
{
session.Items[OAuth2StateSessionKey] = state;
if (state.AccessToken != null)
{
OAuth2_ActivateAuthorization(session, state.AccessToken, state.TokenType);
}
return(session);
}
internal static OAuth2SessionState OAuth2_GetOrCreateState(this ISession session)
{
object obj;
session.Items.TryGetValue(OAuth2StateSessionKey, out obj);
OAuth2SessionState state = obj as OAuth2SessionState;
if (state == null)
{
state = new OAuth2SessionState();
session.Items[OAuth2StateSessionKey] = state;
}
return(state);
}
/// <summary>
/// Extract authorization code from authorization response encoded in a redirect URL from the authorization endpoint.
/// </summary>
/// <remarks>After completion of the authorization process the browser will be redirected to a URL specified
/// by the client (and configured using Ramone's OAuth2Settings). This URL will contain the acquired
/// authorization code. Call OAuth2_GetAuthorizationCodeFromRedirectUrl to extract the code.</remarks>
/// <param name="session">Ramone session.</param>
/// <param name="redirectUrl"></param>
/// <returns>Authorization code</returns>
public static string OAuth2_GetAuthorizationCodeFromRedirectUrl(this ISession session, string redirectUrl)
{
Condition.Requires(redirectUrl, "redirectUrl").IsNotNull();
OAuth2SessionState sessionState = session.OAuth2_GetState();
NameValueCollection parameters = UrlUtility.ParseQueryString(new Uri(redirectUrl).Query);
string state = parameters["state"];
if (sessionState.AuthorizationState == null || state != sessionState.AuthorizationState)
{
return(null);
}
return(parameters["code"]);
}
/// <summary>
/// Get URL for user authorization via browser (user agent). This will initiate the "Authorization Code Grant" flow.
/// </summary>
/// <remarks>See http://tools.ietf.org/html/rfc6749#section-4.1.1</remarks>
/// <param name="session">Ramone session.</param>
/// <param name="scope">Space separated list of strings identifying the required scopes (as defined by the authorization server).</param>
/// <returns>Authorization request URL.</returns>
public static Uri OAuth2_GetAuthorizationRequestUrl(this ISession session, string scope = null)
{
OAuth2Settings settings = GetSettings(session);
string authorizationRequestState = RandomStrings.GetRandomStringWithLettersAndDigitsOnly(20);
OAuth2SessionState state = session.OAuth2_GetOrCreateState();
state.AuthorizationState = authorizationRequestState;
var codeRequestArgs = new
{
response_type = "code",
client_id = settings.ClientID,
redirect_uri = settings.RedirectUri.ToString(),
scope = scope,
state = authorizationRequestState
};
return(settings.AuthorizationEndpoint.AddQueryParameters(codeRequestArgs));
}