Exemplos de código com Auth0IframeMessage em C# (CSharp)

Exemplo n.º 1

0

Exibir arquivo

Arquivo: AuthenticationServiceBase.cs Projeto: Trabber/Blazor.Auth0

        private string ValidateAth0IframeMessage(Auth0IframeMessage message)
        {
            string loginError = null;
            var    origin     = new Uri(message.Origin);

            // Validate Origin
            if (!message.IsTrusted || origin.Authority != clientSettings.Auth0Domain)
            {
                loginError = "Invalid Origin";
            }

            // Validate Error
            if (loginError == null && !string.IsNullOrEmpty(message.Error))
            {
                switch (message.Error.ToLower())
                {
                case "login_required":

                    loginError = "Login Required";

                    break;

                default:
                    loginError = message.ErrorDescription;
                    break;
                }
            }

            // Validate State
            if (loginError == null && !string.IsNullOrEmpty(latestAuthorizeUrlState) ? latestAuthorizeUrlState != message.State.Replace(' ', '+') : false)
            {
                loginError = "Invalid State";
            }

            return(loginError);
        }

Exemplo n.º 2

0

Exibir arquivo

Arquivo: AuthenticationService.cs Projeto: creative-tec/Blazor.Auth0

 public override Task HandleAuth0Message(Auth0IframeMessage message)
 {
     return(base.HandleAuth0Message(message));
 }

Exemplo n.º 3

0

Exibir arquivo

Arquivo: AuthenticationServiceBase.cs Projeto: Trabber/Blazor.Auth0

        virtual public async Task HandleAuth0Message(Auth0IframeMessage message)
        {
            var previousSessionState = SessionState;
            var abosulteUri          = new Uri(uriHelperService.GetAbsoluteUri());
            var validationError      = ValidateAth0IframeMessage(message);

            SessionInfo sessionInfo = null;

            if (string.IsNullOrEmpty(validationError))
            {
                switch (clientSettings.AuthenticationGrant)
                {
                case AuthenticationGrantTypes.implicit_grant:

                    sessionInfo = new SessionInfo()
                    {
                        AccessToken = message.AccessToken,
                        ExpiresIn   = message.ExpiresIn,
                        IdToken     = message.IdToken,
                        Scope       = message.Scope,
                        TokenType   = message.TokenType
                    };

                    break;

                default:

                    sessionInfo = await GetAccessToken(message.Code);

                    break;
                }

                var nonceIsValid = await ValidateNonce(sessionInfo.IdToken);

                var atHashIsValid = ValidateAccessTokenHash(sessionInfo.IdToken, sessionInfo.AccessToken);

                if (!nonceIsValid)
                {
                    validationError = "Invalid Nonce";
                }

                if (!atHashIsValid)
                {
                    validationError = "Invalid at_hash";
                }
            }

            if (string.IsNullOrEmpty(validationError))
            {
                SessionInfo = sessionInfo;

                ScheduleSilentLogin();

                if (clientSettings.GetUserInfoFromIdToken && !string.IsNullOrEmpty(SessionInfo.IdToken))
                {
                    // Decode JWT payload into user info
                    User = DecodeTokenPayload(SessionInfo.IdToken);
                }
                else
                {
                    // In case we're not getting the id_token from the message response or GetUserInfoFromIdToken is set to false try to get it from Auth0's API
                    User = await UserInfo(SessionInfo.AccessToken);
                }

                SessionState = SessionStates.Active;
            }

            if (!string.IsNullOrEmpty(validationError))
            {
                ClearSession();

                Console.WriteLine("Login Error: " + validationError);

                if (message.Error.ToLower() == "login_required" && clientSettings.LoginRequired)
                {
                    uriHelperService.NavigateTo(BuildAuthorizeUrl());
                    System.Threading.Thread.Sleep(30000);
                    uriHelperService.NavigateTo("/");
                }
            }

            if (previousSessionState != SessionState)
            {
                SetIsLoggedIn();
                InvokeOnSessionStateChanged();
            }

            // Redirect to home (removing the hash)
            uriHelperService.NavigateTo(abosulteUri.GetLeftPart(UriPartial.Path));
        }

Exemplo n.º 4

0

Exibir arquivo

Arquivo: AuthenticationService.cs Projeto: werdertib/Blazor.Auth0

        public async Task HandleAuth0Message(Auth0IframeMessage message)
        {
            var    abosulteUri = new Uri(uriHelperService.GetAbsoluteUri());
            var    origin      = new Uri(message.Origin);
            string loginError  = null;

            // Validate Origin
            if (!message.IsTrusted || origin.Authority != clientSettings.Auth0Domain)
            {
                loginError = "Invalid Origin";
            }

            // Validate Error
            if (loginError == null && !string.IsNullOrEmpty(message.Error))
            {
                switch (message.Error.ToLower())
                {
                case "login_required":

                    loginError = "Login Required";

                    if (clientSettings.LoginRequired)
                    {
                        SetIsLoggedIn(false);
                        uriHelperService.NavigateTo(BuildAuthorizeUrl());
                    }

                    break;

                default:
                    loginError = message.ErrorDescription;
                    break;
                }
            }

            // Validate State
            if (loginError == null && !string.IsNullOrEmpty(latestAuthorizeUrlState) ? latestAuthorizeUrlState != message.State.Replace(' ', '+') : false)
            {
                loginError = "Invalid State";
            }


            if (loginError == null)
            {
                await GetAccessToken(message.Code);

                ScheduleSilentLogin();

                if (clientSettings.GetUserInfoFromIdToken && string.IsNullOrEmpty(currentSessionTokenInfo.id_token))
                {
                    // Decode JWT payload into user info
                    User = DecodeTokenPayload(currentSessionTokenInfo.id_token);
                }
                else
                {
                    // In case we're not getting the id_token from the message response or GetUserInfoFromIdToken is set to false try to get it from Auth0's API
                    User = await UserInfo(currentSessionTokenInfo.access_token);
                }

                SessionState = SessionStates.Active;

                SetIsLoggedIn(true);

                InvokeOnSessionStateChanged();
            }
            else
            {
                SessionState                    = SessionStates.Inactive;
                User                            = null;
                currentSessionTokenInfo         = null;
                latestAuthorizeUrlCodeChallenge = null;
                latestAuthorizeUrlState         = null;
                nextSilentLoginTimer?.Stop();
                nextSilentLoginTimer?.Dispose();
                SetIsLoggedIn(false);
                Console.WriteLine("Login Error: " + loginError);
                InvokeOnSessionStateChanged();
            }

            // Redirect to home (removing the hash)
            uriHelperService.NavigateTo(abosulteUri.GetLeftPart(UriPartial.Path));
        }

Exemplos de Auth0IframeMessage em C# (CSharp)