Exemplo n.º 1
0
        /// <summary>
        /// Sets the CallbackUrl and session.ReferrerUrl if not set and initializes the session tokens for this AuthProvider
        /// </summary>
        /// <param name="authService"></param>
        /// <param name="session"></param>
        /// <param name="request"> </param>
        /// <returns></returns>
        protected IAuthTokens Init(IServiceBase authService, ref IAuthSession session, Authenticate request)
        {
            AssertValidState();

            if (this.CallbackUrl.IsNullOrEmpty())
            {
                this.CallbackUrl = authService.Request.AbsoluteUri;
            }

            if (RestoreSessionFromState == true)
            {
                var state = authService.Request.GetQueryStringOrForm(Keywords.State);
                if (!string.IsNullOrEmpty(state))
                {
                    (authService.Request.Response as IHttpResponse)?.ClearCookies();
                    authService.Request.CreateTemporarySessionId(state);
                    session = authService.Request.GetSession(reload: true);
                }
            }

            session.ReferrerUrl = GetReferrerUrl(authService, session, request);

            var tokens = session.GetAuthTokens(Provider);

            if (tokens == null)
            {
                session.AddAuthToken(tokens = new AuthTokens {
                    Provider = Provider
                });
            }

            return(tokens);
        }
Exemplo n.º 2
0
        protected IAuthTokens Init(IServiceBase authService, ref IAuthSession session, Authenticate request)
        {
            var requestUri = authService.Request.AbsoluteUri;

            if (this.CallbackUrl.IsNullOrEmpty())
            {
                this.CallbackUrl = requestUri;
            }

            if (session.ReferrerUrl.IsNullOrEmpty())
            {
                session.ReferrerUrl = request?.Continue ?? authService.Request.GetHeader("Referer");
            }

            if (session.ReferrerUrl.IsNullOrEmpty() || session.ReferrerUrl.IndexOf("/auth", StringComparison.OrdinalIgnoreCase) >= 0)
            {
                session.ReferrerUrl = this.RedirectUrl
                                      ?? HostContext.Config.WebHostUrl
                                      ?? requestUri.Substring(0, requestUri.IndexOf("/", "https://".Length + 1, StringComparison.Ordinal));
            }

            var tokens = session.GetAuthTokens(this.Provider);

            if (tokens == null)
            {
                session.AddAuthToken(tokens = new AuthTokens {
                    Provider = this.Provider
                });
            }

            return(tokens);
        }
Exemplo n.º 3
0
        /// <summary>
        /// Sets the CallbackUrl and session.ReferrerUrl if not set and initializes the session tokens for this AuthProvider
        /// </summary>
        /// <param name="authService"></param>
        /// <param name="session"></param>
        /// <param name="request"> </param>
        /// <returns></returns>
        protected IAuthTokens Init(IServiceBase authService, ref IAuthSession session, Authenticate request)
        {
            if (this.CallbackUrl.IsNullOrEmpty())
            {
                this.CallbackUrl = authService.Request.AbsoluteUri;
            }

            session.ReferrerUrl = GetReferrerUrl(authService, session, request);

            var tokens = session.GetAuthTokens(Provider);

            if (tokens == null)
            {
                session.AddAuthToken(tokens = new AuthTokens {
                    Provider = Provider
                });
            }

            return(tokens);
        }
Exemplo n.º 4
0
        public override object Authenticate(IServiceBase authService, IAuthSession session, Authenticate request)
        {
            ServiceStack.Logging.ILog log = ServiceStack.Logging.LogManager.GetLogger(typeof(OpenIDConnectProvider));


            var config = getOIDConfig();


            var tokens = Init(authService, ref session, request);

            string redirectUri = authService.Request.GetAbsoluteUrl($"~/auth/openid");

            log.Debug($"redirect uri: {redirectUri}");

            var httpRequest = authService.Request;


            if (httpRequest.GetParam("code") != null)
            {
                WebClient           webClient = new WebClient();
                NameValueCollection formData  = new NameValueCollection();
                formData["code"]          = httpRequest.GetParam("code");
                formData["client_id"]     = this.ConsumerKey;
                formData["redirect_uri"]  = redirectUri.ToLower();
                formData["grant_type"]    = "authorization_code";
                formData["client_secret"] = this.ConsumerSecret;

                string maxAge = httpRequest.GetParam("max_age");
                if (!string.IsNullOrWhiteSpace(maxAge))
                {
                    formData["max_age"] = maxAge;
                }

                string prompt = httpRequest.GetParam("prompt");
                if (!string.IsNullOrWhiteSpace(prompt))
                {
                    formData["prompt"] = maxAge;
                }

                webClient.Headers.Add("Content-Type", "application/x-www-form-urlencoded");
                var response = webClient.UploadValues(config.TokenEndpoint, formData);

                var str = System.Text.Encoding.Default.GetString(response);

                var json = JsonObject.Parse(str);

                try
                {
                    tokens.AccessToken  = json.Get <string>("access_token");
                    tokens.RequestToken = json.Get <string>("id_token");

                    session.AddAuthToken(tokens);

                    setSession(json.Get <string>("id_token"), session);

                    this.SaveSession(authService, session, SessionExpiry);
                }
                catch
                {
                    return(this.Logout(authService, request));
                }

                string redirectTo = authService.Request.GetAbsoluteUrl($"~/");


                string stateId = httpRequest.GetParam("state");

                log.Debug($"stateId: {stateId}");
                if (!string.IsNullOrWhiteSpace(stateId))
                {
                    Guid stateGuid;
                    if (Guid.TryParse(stateId, out stateGuid))
                    {
                        if (redirectUrls.ContainsKey(stateGuid))
                        {
                            if (!string.IsNullOrWhiteSpace(redirectUrls[stateGuid]))
                            {
                                redirectTo = redirectUrls[stateGuid];
                                log.Debug($"redirectTo: {redirectTo}");
                                redirectUrls.Remove(stateGuid);
                            }
                        }
                    }
                    else
                    {
                        string redirUrl = HttpUtility.UrlDecode(stateId);
                        if (redirUrl.StartsWith("http", StringComparison.InvariantCultureIgnoreCase))
                        {
                            redirectTo = redirUrl;
                        }
                    }
                }

                return(OnAuthenticated(authService, session, tokens, httpRequest.FormData.ToDictionary())
                       ?? doRedirect(authService, SuccessRedirectUrlFilter(this, redirectTo)));                                            //Haz Access!
            }
            else
            {
                log.Debug($"referrer: {session.ReferrerUrl}");
                Guid stateId = Guid.NewGuid();
                redirectUrls[stateId] = cleanSiteUrl(session.ReferrerUrl);

                var maxAge = httpRequest.GetParam("max_age");
                if (!string.IsNullOrWhiteSpace(maxAge))
                {
                    maxAge = $"&max_age={maxAge}";
                }

                var prompt = "";
                //if (ServiceDefaults.Instance.Authentication.PromptForLogin)
                //{
                //	prompt = $"&prompt=login";
                //}

                var error = httpRequest.GetParam("f");

                if (!string.IsNullOrWhiteSpace(error))
                {
                    return(HttpError.Unauthorized("AccessToken validation failed."));
                }
                else
                {
                    return(authService.Redirect($"{config.AuthorizationEndpoint}?client_id={this.ConsumerKey}&redirect_uri={redirectUri.ToLower()}&response_type=code&scope=openid%20email&state={stateId}{maxAge}{prompt}"));
                }
            }
        }
Exemplo n.º 5
0
        protected IAuthTokens Init(IServiceBase authService, ref IAuthSession session, Authenticate request)
        {
            var requestUri = authService.Request.AbsoluteUri;
            if (this.CallbackUrl.IsNullOrEmpty())
            {
                this.CallbackUrl = requestUri;
            }

            if (session.ReferrerUrl.IsNullOrEmpty())
            {
                session.ReferrerUrl = (request != null ? request.Continue : null) ?? authService.Request.GetHeader("Referer");
            }

            if (session.ReferrerUrl.IsNullOrEmpty() || session.ReferrerUrl.IndexOf("/auth", StringComparison.OrdinalIgnoreCase) >= 0)
            {
                session.ReferrerUrl = this.RedirectUrl
                    ?? HttpHandlerFactory.GetBaseUrl()
                    ?? requestUri.Substring(0, requestUri.IndexOf("/", "https://".Length + 1, StringComparison.Ordinal));
            }

            var tokens = session.GetAuthTokens(this.Provider);
            if (tokens == null)
            {
                session.AddAuthToken(tokens = new AuthTokens { Provider = this.Provider });
            }

            return tokens;
        }
Exemplo n.º 6
0
        /// <summary>
        /// Sets the CallbackUrl and session.ReferrerUrl if not set and initializes the session tokens for this AuthProvider
        /// </summary>
        /// <param name="authService"></param>
        /// <param name="session"></param>
        /// <param name="request"> </param>
        /// <returns></returns>
        protected IAuthTokens Init(IServiceBase authService, ref IAuthSession session, Authenticate request)
        {
            if (this.CallbackUrl.IsNullOrEmpty())
                this.CallbackUrl = authService.Request.AbsoluteUri;

            session.ReferrerUrl = GetReferrerUrl(authService, session, request);

            var tokens = session.GetAuthTokens(Provider);
            if (tokens == null)
                session.AddAuthToken(tokens = new AuthTokens { Provider = Provider });

            return tokens;
        }