private IAuthorizationState GetAuthorization(WebServerClient client)
{
// If this user is already authenticated, then just return the auth state.
IAuthorizationState state = AuthState;
if (state != null)
{
return(state);
}
// Check if an authorization request already is in progress.
state = client.ProcessUserAuthorization(new HttpRequestInfo(HttpContext.Current.Request));
if (state != null && (!string.IsNullOrEmpty(state.AccessToken) || !string.IsNullOrEmpty(state.RefreshToken)))
{
// Store and return the credentials.
HttpContext.Current.Session["AUTH_STATE"] = _state = state;
return(state);
}
// Otherwise do a new authorization request.
string scope = TasksService.Scopes.TasksReadonly.GetStringValue();
OutgoingWebResponse response = client.PrepareRequestUserAuthorization(new[] { scope }, "");
response.Send(); // Will throw a ThreadAbortException to prevent sending another response.
return(null);
}
protected void RejectWithError(string szError)
{
EndUserAuthorizationFailedResponse resp = authorizationServer.PrepareRejectAuthorizationRequest(m_pendingRequest);
resp.Error = szError;
OutgoingWebResponse wr = authorizationServer.Channel.PrepareResponse(resp);
wr.Send();
}
/// <summary>
/// Gets the authorization object for the client-side flow.
/// </summary>
/// <param name="client">The client used for authorization.
/// </param>
/// <returns>An authorization state that can be used for API queries.
/// </returns>
protected IAuthorizationState GetAuthorization(WebServerClient client)
{
// If we don't yet have user, use the client to perform
// authorization.
if (_authState != null)
{
HttpRequestInfo reqinfo = null;
if (_httpReqMethod != null && _reqUri != null && _rawUrl != null &&
_headers != null && _inputStream != null)
{
reqinfo = new HttpRequestInfo(_httpReqMethod, _reqUri, _rawUrl,
(System.Net.WebHeaderCollection)_headers, _inputStream);
}
if (reqinfo == null)
{
reqinfo = new HttpRequestInfo(HttpContext.Current.Request);
}
client.ProcessUserAuthorization(reqinfo);
}
// Check for a cached session state.
if (_authState == null)
{
_authState = (IAuthorizationState)HttpContext.Current.
Session["AUTH_STATE"];
}
// Check if we need to refresh the authorization state and refresh
// it if necessary.
if (_authState != null)
{
if (_authState.RefreshToken.IsNotNullOrEmpty() && (_authState.AccessToken == null ||
DateTime.UtcNow > _authState.AccessTokenExpirationUtc))
{
client.RefreshToken(_authState);
}
return(_authState);
}
// If we fall through to here, perform an authorization request.
OutgoingWebResponse response =
client.PrepareRequestUserAuthorization();
response.Send();
// Note: response.send will throw a ThreadAbortException to
// prevent sending another response.
return(null);
}
/// <summary>
/// Notifies the user agent via an AJAX response of a completed authentication attempt.
/// </summary>
protected override void ScriptClosingPopupOrIFrame()
{
Action <AuthenticationStatus> callback = status => {
if (status == AuthenticationStatus.Authenticated)
{
this.OnUnconfirmedPositiveAssertion(); // event handler will fill the clientScriptExtensions collection.
}
};
OutgoingWebResponse response = this.RelyingParty.ProcessResponseFromPopup(
this.RelyingParty.Channel.GetRequestFromContext(),
callback);
response.Send();
}
public void Send()
{
StringWriter writer = new StringWriter();
HttpRequest httpRequest = new HttpRequest("file", "http://server", string.Empty);
HttpResponse httpResponse = new HttpResponse(writer);
HttpContext context = new HttpContext(httpRequest, httpResponse);
HttpContext.Current = context;
OutgoingWebResponse response = new OutgoingWebResponse();
response.Status = System.Net.HttpStatusCode.OK;
response.Headers["someHeaderName"] = "someHeaderValue";
response.Body = "some body";
response.Send();
string results = writer.ToString();
// For some reason the only output in test is the body... the headers require a web host
Assert.AreEqual(response.Body, results);
}
protected void btnYes_Click(object sender, EventArgs e)
{
if (m_pendingRequest == null)
{
throw new HttpException((int)HttpStatusCode.BadRequest, Resources.LocalizedText.oAuthErrMissingRequest);
}
MFBOauthClientAuth ca = new MFBOauthClientAuth {
Scope = OAuthUtilities.JoinScopes(m_pendingRequest.Scope), ClientId = m_pendingRequest.ClientIdentifier, UserId = Page.User.Identity.Name, ExpirationDateUtc = DateTime.UtcNow.AddDays(14)
};
if (ca.fCommit())
{
EndUserAuthorizationSuccessResponseBase resp = authorizationServer.PrepareApproveAuthorizationRequest(m_pendingRequest, Page.User.Identity.Name);
OutgoingWebResponse wr = authorizationServer.Channel.PrepareResponse(resp);
wr.Send();
}
else
{
RejectWithError(Resources.LocalizedText.oAuthErrCreationFailed);
}
}
// GetAuthorization
/// <summary>
/// Gets the authorization object for the client-side flow.
/// </summary>
/// <param name="client">The client used for authorization.
/// </param>
/// <returns>An authorization state that can be used for API queries.
/// </returns>
private IAuthorizationState GetAuthorization(WebServerClient client)
{
// If we don't yet have user, use the client to perform
// authorization.
if (_authState != null)
{
HttpRequestInfo reqinfo =
new HttpRequestInfo(HttpContext.Current.Request);
client.ProcessUserAuthorization(reqinfo);
}
// Check for a cached session state.
if (_authState == null)
{
_authState = (IAuthorizationState)HttpContext.Current.
Session["AUTH_STATE"];
}
// Check if we need to refresh the authorization state and refresh
// it if necessary.
if (_authState != null)
{
if (_authState.AccessToken == null ||
DateTime.UtcNow > _authState.AccessTokenExpirationUtc)
{
client.RefreshToken(_authState);
}
return(_authState);
}
// If we fall through to here, perform an authorization request.
OutgoingWebResponse response =
client.PrepareRequestUserAuthorization(_authState.Scope);
response.Send();
// Note: response.send will throw a ThreadAbortException to
// prevent sending another response.
return(null);
}
// for getting initial access and renewal tokens via OAuth handshake
IAuthorizationState GetGoogleTokens(WebServerClient client)
{
// check if authorization request already is in progress
IAuthorizationState state = client.ProcessUserAuthorization(new HttpRequestInfo(System.Web.HttpContext.Current.Request));
if (state != null && (!string.IsNullOrEmpty(state.AccessToken) || !string.IsNullOrEmpty(state.RefreshToken)))
{ // store refresh token
string username = System.Web.HttpContext.Current.User.Identity.Name;
UserStorageContext storage = Storage.NewUserContext;
User user = storage.Users.Include("UserCredentials").Single <User>(u => u.Name == username);
user.AddCredential(UserCredential.GoogleConsent, state.AccessToken, state.AccessTokenExpirationUtc, state.RefreshToken);
storage.SaveChanges();
return(state);
}
// otherwise make a new authorization request
OutgoingWebResponse response = client.PrepareRequestUserAuthorization(GoogleClient.Scopes);
response.Headers["Location"] += "&access_type=offline&approval_prompt=force";
response.Send(); // will throw a ThreadAbortException to prevent sending another response
return(null);
}
public override void ExecuteResult(ControllerContext context)
{
_outgoingWebResponse.Send(context.HttpContext);
}