private static void AccessProtectedResource(string accessToken)
{
var resourceServerUri = Paths.ResourceServerBaseAddress;
var handler = new BearerTokenClientMessageHandler(accessToken, new HttpClientHandler());
using (var client = new HttpClient(handler))
{
var cleinturl = new Uri(resourceServerUri + Paths.APIPath);
var body = client.GetStringAsync(cleinturl).Result;
Console.WriteLine(body);
}
}
public async Task<ActionResult> Index()
{
var code = Request.QueryString["code"];
var error = Request.QueryString["error"];
if (!string.IsNullOrEmpty(error))
{
ViewBag.Message = error;
return View("ErrorView");
}
//Authorize request code
if (!string.IsNullOrEmpty(Request.Form.Get("submit.Authorize")))
{
// Redirect to authorization server
var url = CreateCodeFlowUrl(
// Authorize endpoint
Paths.AuthorizationServerBaseAddress + Paths.AuthorizePath,
Clients.Client1.Id,
//No client secret as well
//Code flow
"code",
//Scope
"scope1 scope2",
//Redirectedurl, this url
Clients.Client1.RedirectUrl,
//State
"123"
);
return Redirect(url);
}
//refresh token
else if (!string.IsNullOrEmpty(Request.Form.Get("submit.Refresh")))
{
// refresh token is posted back
var refreshToken = Request.Form["RefreshToken"];
//Request for access token
using (var client = new HttpClient())
{
var request = new HttpRequestMessage(HttpMethod.Post,
Paths.AuthorizationServerBaseAddress + Paths.TokenPath);
var tokenRequestElements = CreateRefreshTokenRequestElements(
Clients.Client1.Id,
Clients.Client1.Secret,
"refresh_token",
refreshToken
);
request.Content = new FormUrlEncodedContent(tokenRequestElements);
var response = await client.SendAsync(request);
response.EnsureSuccessStatusCode();
var payload = JObject.Parse(await response.Content.ReadAsStringAsync());
ViewBag.AccessToken = payload.Value<string>("access_token");
ViewBag.RefreshToken = payload.Value<string>("refresh_token");
ViewBag.ExpiresIn = payload.Value<string>("expires_in");
ViewBag.TokenType = payload.Value<string>("token_type");
ViewBag.Action = Request.Path;
}
}
//call api
else if (!string.IsNullOrEmpty(Request.Form.Get("submit.CallApi")))
{
// refresh token is posted back
var accessToken = Request.Form["AccessToken"];
var resourceServerUri = Paths.ResourceServerBaseAddress;
var handler = new BearerTokenClientMessageHandler(accessToken, new HttpClientHandler());
var client = new HttpClient(handler);
var cleinturl = new Uri(resourceServerUri + Paths.APIPath);
var body = client.GetStringAsync(cleinturl).Result;
ViewBag.ApiResponse = body;
}
//log out button
else if (!string.IsNullOrEmpty(Request.Form.Get("submit.CallLogout")))
{
var authorizationServerUri = Paths.AuthorizationServerBaseAddress;
return Redirect(Paths.AuthorizationServerBaseAddress + Paths.LogoutPath);
}
//this is code request response second leg of code grant
if (!string.IsNullOrEmpty(code))
{
//verify the state
var state = Request.QueryString["state"];
if (state != "123")
{
ViewBag.Message = "Incorrect state";
return View("ErrorView");
}
//Request for access token
using (var client = new HttpClient())
{
var request = new HttpRequestMessage(HttpMethod.Post,
Paths.AuthorizationServerBaseAddress + Paths.TokenPath);
var tokenRequestElements = CreateTokenRequestElements(
Clients.Client1.Id,
Clients.Client1.Secret,
"authorization_code",
code,
Clients.Client1.RedirectUrl
);
request.Content = new FormUrlEncodedContent(tokenRequestElements);
var response = await client.SendAsync(request);
response.EnsureSuccessStatusCode();
var payload = JObject.Parse(await response.Content.ReadAsStringAsync());
ViewBag.AccessToken = payload.Value<string>("access_token");
ViewBag.RefreshToken = payload.Value<string>("refresh_token");
ViewBag.ExpiresIn = payload.Value<string>("expires_in");
ViewBag.TokenType = payload.Value<string>("token_type");
ViewBag.Action = Request.Path;
}
}
return View("Index");
}