protected void identifierBox_LoggedIn(object sender, OpenIdEventArgs e) { State.FetchResponse = e.Response.GetExtension <FetchResponse>(); ServiceProviderDescription serviceDescription = new ServiceProviderDescription { AccessTokenEndpoint = new MessageReceivingEndpoint(new Uri(e.Response.Provider.Uri, "/access_token.ashx"), HttpDeliveryMethods.AuthorizationHeaderRequest | HttpDeliveryMethods.PostRequest), TamperProtectionElements = new ITamperProtectionChannelBindingElement[] { new HmacSha1SigningBindingElement() }, }; var consumer = new WebConsumerOpenIdRelyingParty(serviceDescription, Global.OwnSampleOPHybridTokenManager); AuthorizedTokenResponse accessToken = consumer.ProcessUserAuthorization(e.Response); if (accessToken != null) { this.MultiView1.SetActiveView(this.AuthorizationGiven); // At this point, the access token would be somehow associated with the user // account at the RP. ////Database.Associate(e.Response.ClaimedIdentifier, accessToken.AccessToken); } else { this.MultiView1.SetActiveView(this.AuthorizationDenied); } // Avoid the redirect e.Cancel = true; }
// A OAuth handler when accessToken and accessTokenSecrets are known private static HttpMessageHandler OAuthHandlerWithExistingToken(String requestTokenURL, String authorizationTokenURL, String accessTokenURL, String consumerKey, String consumerSecret, String accessToken, String accessTokenSecret) { ServiceProviderDescription serviceDescription = new ServiceProviderDescription(); serviceDescription.AccessTokenEndpoint = new MessageReceivingEndpoint(new Uri(accessTokenURL), HttpDeliveryMethods.PostRequest); serviceDescription.ProtocolVersion = ProtocolVersion.V10a; serviceDescription.RequestTokenEndpoint = new MessageReceivingEndpoint(new Uri(requestTokenURL), HttpDeliveryMethods.PostRequest); serviceDescription.TamperProtectionElements = new ITamperProtectionChannelBindingElement[] { new HmacSha1SigningBindingElement() }; serviceDescription.UserAuthorizationEndpoint = new MessageReceivingEndpoint(new Uri(authorizationTokenURL), HttpDeliveryMethods.PostRequest); TokenManager tokenManager = new TokenManager(consumerKey, consumerSecret); // Here we add the known token info tokenManager.AddKnownAccessTokens(accessToken, accessTokenSecret); WebConsumer consumer = new WebConsumer(serviceDescription, tokenManager); DesktopConsumer desktopConsumer = new DesktopConsumer(serviceDescription, tokenManager); return(consumer.CreateAuthorizingHandler(accessToken, CreateSSLHandler())); }
public LucidChartUser Verify(string oauth_token, string oauth_verifier) { ServiceProviderDescription desc = new ServiceProviderDescription { RequestTokenEndpoint = new MessageReceivingEndpoint(lucidBaseChartUrl + "oauth/requestToken", HttpDeliveryMethods.GetRequest | HttpDeliveryMethods.AuthorizationHeaderRequest), UserAuthorizationEndpoint = new MessageReceivingEndpoint(lucidBaseChartUrl + "oauth/authorize", HttpDeliveryMethods.GetRequest | HttpDeliveryMethods.AuthorizationHeaderRequest), AccessTokenEndpoint = new MessageReceivingEndpoint(lucidBaseChartUrl + "oauth/accessToken?oauth_verifier=" + Uri.EscapeDataString(oauth_verifier), HttpDeliveryMethods.GetRequest | HttpDeliveryMethods.AuthorizationHeaderRequest), TamperProtectionElements = new ITamperProtectionChannelBindingElement[] { new HmacSha1SigningBindingElement() }, ProtocolVersion = ProtocolVersion.V10a }; var lucid = new WebConsumer(desc, token); var accessTokenResponse = lucid.ProcessUserAuthorization(); if (accessTokenResponse != null) { string accessToken = accessTokenResponse.AccessToken; string secret = lucid.TokenManager.GetTokenSecret(accessToken); return(new LucidChartUser() { Token = accessToken, Secret = secret }); /*HttpWebRequest req = lucid.PrepareAuthorizedRequest(new MessageReceivingEndpoint(lucidBaseChartUrl + "documents/describe/49db-4974-4f156c2b-a802-796b0a48117a", HttpDeliveryMethods.GetRequest | HttpDeliveryMethods.AuthorizationHeaderRequest), accessToken); * req.ContentType = "application/xml"; * return new StreamReader(req.GetResponse().GetResponseStream()).ReadToEnd();*/ } return(null); }
/// <summary> /// Initializes the <see cref="serviceProvider"/> field if it has not yet been initialized. /// </summary> private static void EnsureInitialized() { if (serviceProvider == null) { lock (initializerLock) { if (serviceDescription == null) { var postEndpoint = new MessageReceivingEndpoint(new Uri(Utilities.ApplicationRoot, "OAuth.ashx"), HttpDeliveryMethods.PostRequest); var getEndpoint = new MessageReceivingEndpoint(postEndpoint.Location, HttpDeliveryMethods.GetRequest); serviceDescription = new ServiceProviderDescription { TamperProtectionElements = new ITamperProtectionChannelBindingElement[] { new HmacSha1SigningBindingElement() }, RequestTokenEndpoint = postEndpoint, AccessTokenEndpoint = postEndpoint, UserAuthorizationEndpoint = getEndpoint, }; } if (tokenManager == null) { tokenManager = new OAuthServiceProviderTokenManager(); } if (serviceProvider == null) { serviceProvider = new ServiceProvider(serviceDescription, tokenManager); } } } }
/// <summary> /// Initializes a new instance of the <see cref="DotNetOpenAuthWebConsumer"/> class. /// </summary> /// <param name="serviceDescription"> /// The service description. /// </param> /// <param name="tokenManager"> /// The token manager. /// </param> public DotNetOpenAuthWebConsumer(ServiceProviderDescription serviceDescription, IConsumerTokenManager tokenManager) { Requires.NotNull(serviceDescription, "serviceDescription"); Requires.NotNull(tokenManager, "tokenManager"); this.webConsumer = new WebConsumer(serviceDescription, tokenManager); }
static void Main(string[] args) { var providerDesc = new ServiceProviderDescription() { RequestTokenEndpoint = new MessageReceivingEndpoint("http://localhost:8008/noop", HttpDeliveryMethods.PostRequest), AccessTokenEndpoint = new MessageReceivingEndpoint("http://localhost:8008/noop", HttpDeliveryMethods.PostRequest), UserAuthorizationEndpoint = new MessageReceivingEndpoint("http://localhost:8008/noop", HttpDeliveryMethods.PostRequest), ProtocolVersion = ProtocolVersion.V10a, TamperProtectionElements = new ITamperProtectionChannelBindingElement[] { new HmacSha1SigningBindingElement() } }; var consumerKey = "dotnet-test-key"; var consumerSecret = File.ReadAllText("..\\..\\keys\\8008\\8080\\" + consumerKey); var zeroLeggedWebConsumer = new DotNetOpenAuth.OAuth.WebConsumer(providerDesc, new ZeroLeggedTokenManager(consumerKey, consumerSecret)); var endpoint = new MessageReceivingEndpoint("http://localhost:8008/job?query=parameters&also=good", HttpDeliveryMethods.AuthorizationHeaderRequest | HttpDeliveryMethods.PostRequest); var httpRequest = zeroLeggedWebConsumer.PrepareAuthorizedRequest(endpoint, "DUMMY", new Dictionary <String, String>() { { "are", "post" }, { "parameters", "handled" }, }); var response = httpRequest.GetResponse(); var responseContent = new System.IO.StreamReader(response.GetResponseStream()).ReadToEnd(); Console.Out.WriteLine(responseContent); }
protected void identifierBox_LoggedIn(object sender, OpenIdEventArgs e) { this.RegisterAsyncTask( new PageAsyncTask( async ct => { State.FetchResponse = e.Response.GetExtension <FetchResponse>(); var serviceDescription = new ServiceProviderDescription { TokenRequestEndpoint = new Uri(e.Response.Provider.Uri, "/access_token.ashx"), }; var consumer = CreateConsumer(); consumer.ServiceProvider = serviceDescription; AccessTokenResponse accessToken = await consumer.ProcessUserAuthorizationAsync(e.Response); if (accessToken != null) { this.MultiView1.SetActiveView(this.AuthorizationGiven); // At this point, the access token would be somehow associated with the user // account at the RP. ////Database.Associate(e.Response.ClaimedIdentifier, accessToken.AccessToken); } else { this.MultiView1.SetActiveView(this.AuthorizationDenied); } // Avoid the redirect e.Cancel = true; })); }
private TwitterApi(string consumerKey, string consumerSecret, string accessToken, string tokenSecret, TokenType tokenType, ApiVersion apiVersion = ApiVersion.V1) { var consumerCredential = new ConsumerCredential(consumerKey, consumerSecret); consumerCredential.SetToken(accessToken, tokenSecret, tokenType); var serviceProviderDescription = new ServiceProviderDescription( new OAuthEndPoint("https://api.twitter.com/oauth/request_token"), new OAuthEndPoint("https://api.twitter.com/oauth/authorize", HttpMethod.Get), new OAuthEndPoint("https://api.twitter.com/oauth/access_token"), ProtocolVersion.V10A); this._OAuth = new OAuth(consumerCredential, serviceProviderDescription); this._OAuth.Realm = ApiBaseUri; this._OAuth.Proxy = null; this.ApiVersion = apiVersion; this._Configuration = new TwitterConfiguration(); this._Timer = new Timer(_ => { var newConfig = this.RetrieveConfiguration(); if (newConfig != null) { Interlocked.Exchange(ref this._Configuration, newConfig); } }, null, 1000, 1000 * 3600 * 24); }
/// <summary> /// Records the feature and dependency use. /// </summary> /// <param name="value">The consumer or service provider.</param> /// <param name="service">The service.</param> /// <param name="tokenManager">The token manager.</param> /// <param name="nonceStore">The nonce store.</param> internal static void RecordFeatureAndDependencyUse(object value, ServiceProviderDescription service, ITokenManager tokenManager, INonceStore nonceStore) { Contract.Requires(value != null); Contract.Requires(service != null); Contract.Requires(tokenManager != null); // In release builds, just quietly return. if (value == null || service == null || tokenManager == null) { return; } if (Enabled && Configuration.IncludeFeatureUsage) { StringBuilder builder = new StringBuilder(); builder.Append(value.GetType().Name); builder.Append(" "); builder.Append(tokenManager.GetType().Name); if (nonceStore != null) { builder.Append(" "); builder.Append(nonceStore.GetType().Name); } builder.Append(" "); builder.Append(service.Version); builder.Append(" "); builder.Append(service.UserAuthorizationEndpoint); observedFeatures.Add(builder.ToString()); Touch(); } }
/// <summary>Initializes a new instance of the <see cref="OAuthCoordinator"/> class.</summary> /// <param name="consumerDescription">The description of the consumer.</param> /// <param name="serviceDescription">The service description that will be used to construct the Consumer and ServiceProvider objects.</param> /// <param name="consumerAction">The code path of the Consumer.</param> /// <param name="serviceProviderAction">The code path of the Service Provider.</param> internal OAuthCoordinator(ConsumerDescription consumerDescription, ServiceProviderDescription serviceDescription, Action <WebConsumer> consumerAction, Action <ServiceProvider> serviceProviderAction) : base(consumerAction, serviceProviderAction) { Requires.NotNull(consumerDescription, "consumerDescription"); Requires.NotNull(serviceDescription, "serviceDescription"); this.consumerDescription = consumerDescription; this.serviceDescription = serviceDescription; }
/// <summary>Initializes a new instance of the <see cref="OAuthCoordinator"/> class.</summary> /// <param name="consumerDescription">The description of the consumer.</param> /// <param name="serviceDescription">The service description that will be used to construct the Consumer and ServiceProvider objects.</param> /// <param name="consumerAction">The code path of the Consumer.</param> /// <param name="serviceProviderAction">The code path of the Service Provider.</param> internal OAuthCoordinator(ConsumerDescription consumerDescription, ServiceProviderDescription serviceDescription, Action <WebConsumer> consumerAction, Action <ServiceProvider> serviceProviderAction) : base(consumerAction, serviceProviderAction) { Contract.Requires <ArgumentNullException>(consumerDescription != null); Contract.Requires <ArgumentNullException>(serviceDescription != null); this.consumerDescription = consumerDescription; this.serviceDescription = serviceDescription; }
/// <summary> /// Initializes a new instance of the <see cref="DesktopOAuthAuthorization"/> class. /// </summary> /// <param name="serviceDescription">The service description.</param> public DesktopOAuthAuthorization(ServiceProviderDescription serviceProviderDescription) : base(new DesktopConsumer(serviceProviderDescription, new WindowsCredentialStoreTokenManager())) { var inMemoryTokenManager = this.Consumer.TokenManager as WindowsCredentialStoreTokenManager; if (inMemoryTokenManager != null) { inMemoryTokenManager.SetAuthenticationTarget(this.AuthenticationTarget); } }
protected void identifierBox_LoggingIn(object sender, OpenIdEventArgs e) { ServiceProviderDescription serviceDescription = new ServiceProviderDescription { TamperProtectionElements = new ITamperProtectionChannelBindingElement[] { new HmacSha1SigningBindingElement() }, }; var consumer = new WebConsumerOpenIdRelyingParty(serviceDescription, Global.OwnSampleOPHybridTokenManager); consumer.AttachAuthorizationRequest(e.Request, "http://tempuri.org/IDataApi/GetName"); }
/// <summary> /// Initializes a new instance of the <see cref="DotNetOpenAuthWebConsumer" /> class. /// </summary> /// <param name="serviceDescription">The service description.</param> /// <param name="consumerKey">The consumer key.</param> /// <param name="consumerSecret">The consumer secret.</param> public DotNetOpenAuthWebConsumer(ServiceProviderDescription serviceDescription, string consumerKey, string consumerSecret) { Requires.NotNull(serviceDescription, "serviceDescription"); this.webConsumer = new Consumer { ServiceProvider = serviceDescription, ConsumerKey = consumerKey, ConsumerSecret = consumerSecret, TemporaryCredentialStorage = new CookieTemporaryCredentialStorage(), }; }
private void beginButton_Click(object sender, RoutedEventArgs e) { try { var service = new ServiceProviderDescription { RequestTokenEndpoint = new MessageReceivingEndpoint(this.requestTokenUrlBox.Text, this.requestTokenHttpMethod.SelectedIndex == 0 ? HttpDeliveryMethods.GetRequest : HttpDeliveryMethods.PostRequest), UserAuthorizationEndpoint = new MessageReceivingEndpoint(this.authorizeUrlBox.Text, HttpDeliveryMethods.GetRequest), AccessTokenEndpoint = new MessageReceivingEndpoint(this.accessTokenUrlBox.Text, this.accessTokenHttpMethod.SelectedIndex == 0 ? HttpDeliveryMethods.GetRequest : HttpDeliveryMethods.PostRequest), TamperProtectionElements = new ITamperProtectionChannelBindingElement[] { new HmacSha1SigningBindingElement() }, ProtocolVersion = this.oauthVersion.SelectedIndex == 0 ? ProtocolVersion.V10 : ProtocolVersion.V10a, }; var tokenManager = new InMemoryTokenManager(); tokenManager.ConsumerKey = this.consumerKeyBox.Text; tokenManager.ConsumerSecret = this.consumerSecretBox.Text; var consumer = new DesktopConsumer(service, tokenManager); string accessToken; if (service.ProtocolVersion == ProtocolVersion.V10) { string requestToken; Uri authorizeUrl = consumer.RequestUserAuthorization(null, null, out requestToken); Process.Start(authorizeUrl.AbsoluteUri); MessageBox.Show(this, "Click OK when you've authorized the app."); var authorizationResponse = consumer.ProcessUserAuthorization(requestToken, null); accessToken = authorizationResponse.AccessToken; } else { var authorizePopup = new Authorize( consumer, (DesktopConsumer c, out string requestToken) => c.RequestUserAuthorization(null, null, out requestToken)); authorizePopup.Owner = this; bool?result = authorizePopup.ShowDialog(); if (result.HasValue && result.Value) { accessToken = authorizePopup.AccessToken; } else { return; } } HttpDeliveryMethods resourceHttpMethod = this.resourceHttpMethodList.SelectedIndex < 2 ? HttpDeliveryMethods.GetRequest : HttpDeliveryMethods.PostRequest; if (this.resourceHttpMethodList.SelectedIndex == 1) { resourceHttpMethod |= HttpDeliveryMethods.AuthorizationHeaderRequest; } var resourceEndpoint = new MessageReceivingEndpoint(this.resourceUrlBox.Text, resourceHttpMethod); using (IncomingWebResponse resourceResponse = consumer.PrepareAuthorizedRequestAndSend(resourceEndpoint, accessToken)) { this.resultsBox.Text = resourceResponse.GetResponseReader().ReadToEnd(); } } catch (DotNetOpenAuth.Messaging.ProtocolException ex) { MessageBox.Show(this, ex.Message); } }
private WebConsumer GetConsumer() { ServiceProviderDescription serviceDescription = new ServiceProviderDescription() { TamperProtectionElements = new DotNetOpenAuth.Messaging.ITamperProtectionChannelBindingElement[] { new HmacSha1SigningBindingElement() } }; return(new WebConsumer(serviceDescription, this._tokenManager)); }
static TwitterCustomClient() { ServiceProviderDescription serviceProviderDescription = new ServiceProviderDescription(); serviceProviderDescription.RequestTokenEndpoint = new MessageReceivingEndpoint("https://api.twitter.com/oauth/request_token", HttpDeliveryMethods.GetRequest | HttpDeliveryMethods.AuthorizationHeaderRequest); serviceProviderDescription.UserAuthorizationEndpoint = new MessageReceivingEndpoint("https://api.twitter.com/oauth/authenticate", HttpDeliveryMethods.GetRequest | HttpDeliveryMethods.AuthorizationHeaderRequest); serviceProviderDescription.AccessTokenEndpoint = new MessageReceivingEndpoint("https://api.twitter.com/oauth/access_token", HttpDeliveryMethods.GetRequest | HttpDeliveryMethods.AuthorizationHeaderRequest); serviceProviderDescription.TamperProtectionElements = new ITamperProtectionChannelBindingElement[] { new HmacSha1SigningBindingElement() }; TwitterCustomClient.TwitterServiceDescription = serviceProviderDescription; }
public void AccessTokenUriTest() { var target = new ServiceProviderDescription(); MessageReceivingEndpoint expected = new MessageReceivingEndpoint("http://localhost/accesstoken", HttpDeliveryMethods.GetRequest); MessageReceivingEndpoint actual; target.AccessTokenEndpoint = expected; actual = target.AccessTokenEndpoint; Assert.AreEqual(expected, actual); target.AccessTokenEndpoint = null; Assert.IsNull(target.AccessTokenEndpoint); }
protected void Page_Load(object sender, EventArgs e) { // This is what the NetSuite SuiteSignOn ConnectionPoint sends: // GET /administratorportal/SSO/sso_page.aspx?oauth_token=08046c1c166a7a6c47471857502d364b0d59415418156f15db22f76dcfe648&dc=001&env=SANDBOX // see the NetSuite SuiteSignOn doc about dc & env processing to build endpoints ServiceProviderDescription provider = GetServiceDescription(); // Set up OAuth with our keys and stuff string token = Request.Params["oauth_token"]; string consumerKey = "yourconsumerkey"; // this has to match what is defined on our NetSuite account - ConnectionPoint to CRMLink string sharedSecret = "yoursharedsecret"; // this has to match what is defined on our NetSuite account - ConnectionPoint to CRMLink - Careful - NO funny chars like '!' // I got this InMemoryTokenManager from another DotNetOpenAuth post in SO InMemoryTokenManager _tokenManager = new InMemoryTokenManager(consumerKey, sharedSecret); AuthorizationApprovedResponse authApprovedResponse = new AuthorizationApprovedResponse(); authApprovedResponse.RequestToken = token; _tokenManager.StoreOpenIdAuthorizedRequestToken(consumerKey, authApprovedResponse); WebConsumer consumer = new WebConsumer(provider, _tokenManager); // this is the SSO address in netsuite to use. Should be production or sandbox, based on the values of dc and env string uri = "https://system.sandbox.netsuite.com/app/common/integration/ssoapplistener.nl"; MessageReceivingEndpoint endpoint = new MessageReceivingEndpoint(uri, methods); WebRequest verifyRequest = consumer.PrepareAuthorizedRequest(endpoint, token ); HttpWebResponse responseData = verifyRequest.GetResponse() as HttpWebResponse; XDocument responseXml; responseXml = XDocument.Load(responseData.GetResponseStream()); // process the SSO values that come back from NetSuite in the XML They should look something // like the following: /* XML response should look like this: <?xml version="1.0" encoding="UTF-8"?> <outboundSso> <entityInfo> <ENTITYINTERNALID>987654</ENTITYINTERNALID> <ENTITYNAME>Fred</ENTITYNAME> <ENTITYEMAIL>[email protected]</ENTITYEMAIL> </entityInfo> </outboundSso> */ // If that data looks good, you can mark the user as logged in, and redirect to whatever // page (like SSOLandingPage.aspx) you want, which will be shown inside a frame on the NetSuite page. Response.Redirect("~/SSOLandingPage.aspx", false);
private WebConsumer GetConsumer() { MessageReceivingEndpoint oauthEndpoint = new MessageReceivingEndpoint(new Uri(this.AuthorisationUrl), HttpDeliveryMethods.PostRequest); ServiceProviderDescription serviceDescription = new ServiceProviderDescription() { RequestTokenEndpoint = oauthEndpoint, UserAuthorizationEndpoint = oauthEndpoint, AccessTokenEndpoint = oauthEndpoint, TamperProtectionElements = new DotNetOpenAuth.Messaging.ITamperProtectionChannelBindingElement[] { new HmacSha1SigningBindingElement() } }; return(new WebConsumer(serviceDescription, this.TokenManager)); }
public void SpecAppendixAExample() { ServiceProviderDescription serviceDescription = new ServiceProviderDescription() { RequestTokenEndpoint = new MessageReceivingEndpoint("https://photos.example.net/request_token", HttpDeliveryMethods.PostRequest), UserAuthorizationEndpoint = new MessageReceivingEndpoint("http://photos.example.net/authorize", HttpDeliveryMethods.GetRequest), AccessTokenEndpoint = new MessageReceivingEndpoint("https://photos.example.net/access_token", HttpDeliveryMethods.PostRequest), TamperProtectionElements = new ITamperProtectionChannelBindingElement[] { new PlaintextSigningBindingElement(), new HmacSha1SigningBindingElement(), }, }; MessageReceivingEndpoint accessPhotoEndpoint = new MessageReceivingEndpoint("http://photos.example.net/photos?file=vacation.jpg&size=original", HttpDeliveryMethods.AuthorizationHeaderRequest | HttpDeliveryMethods.GetRequest); ConsumerDescription consumerDescription = new ConsumerDescription("dpf43f3p2l4k3l03", "kd94hf93k423kf44"); OAuthCoordinator coordinator = new OAuthCoordinator( consumerDescription, serviceDescription, consumer => { consumer.Channel.PrepareResponse(consumer.PrepareRequestUserAuthorization(new Uri("http://printer.example.com/request_token_ready"), null, null)); // .Send() dropped because this is just a simulation string accessToken = consumer.ProcessUserAuthorization().AccessToken; var photoRequest = consumer.CreateAuthorizingMessage(accessPhotoEndpoint, accessToken); OutgoingWebResponse protectedPhoto = ((CoordinatingOAuthChannel)consumer.Channel).RequestProtectedResource(photoRequest); Assert.IsNotNull(protectedPhoto); Assert.AreEqual(HttpStatusCode.OK, protectedPhoto.Status); Assert.AreEqual("image/jpeg", protectedPhoto.Headers[HttpResponseHeader.ContentType]); Assert.AreNotEqual(0, protectedPhoto.ResponseStream.Length); }, sp => { var requestTokenMessage = sp.ReadTokenRequest(); sp.Channel.PrepareResponse(sp.PrepareUnauthorizedTokenMessage(requestTokenMessage)); // .Send() dropped because this is just a simulation var authRequest = sp.ReadAuthorizationRequest(); ((InMemoryTokenManager)sp.TokenManager).AuthorizeRequestToken(authRequest.RequestToken); sp.Channel.PrepareResponse(sp.PrepareAuthorizationResponse(authRequest)); // .Send() dropped because this is just a simulation var accessRequest = sp.ReadAccessTokenRequest(); sp.Channel.PrepareResponse(sp.PrepareAccessTokenMessage(accessRequest)); // .Send() dropped because this is just a simulation string accessToken = sp.ReadProtectedResourceAuthorization().AccessToken; ((CoordinatingOAuthChannel)sp.Channel).SendDirectRawResponse(new OutgoingWebResponse { ResponseStream = new MemoryStream(new byte[] { 0x33, 0x66 }), Headers = new WebHeaderCollection { { HttpResponseHeader.ContentType, "image/jpeg" }, }, }); }); coordinator.Run(); }
public static AuthorizedTokenResponse CompleteAuthorization(DesktopConsumer consumer, string requestToken, string userCode) { // Because Yammer has a proprietary callback_token parameter, and it's passed // with the message that specifically bans extra arguments being passed, we have // to cheat by adding the data to the URL itself here. var customServiceDescription = new ServiceProviderDescription { RequestTokenEndpoint = ServiceDescription.RequestTokenEndpoint, UserAuthorizationEndpoint = ServiceDescription.UserAuthorizationEndpoint, AccessTokenEndpoint = new MessageReceivingEndpoint(ServiceDescription.AccessTokenEndpoint.Location.AbsoluteUri + "?oauth_verifier=" + Uri.EscapeDataString(userCode), HttpDeliveryMethods.AuthorizationHeaderRequest | HttpDeliveryMethods.PostRequest), TamperProtectionElements = ServiceDescription.TamperProtectionElements, ProtocolVersion = ProtocolVersion.V10, }; // To use a custom service description we also must create a new WebConsumer. var customConsumer = new DesktopConsumer(customServiceDescription, consumer.TokenManager); var response = customConsumer.ProcessUserAuthorization(requestToken, userCode); return(response); }
public static AuthorizedTokenResponse CompleteAuthorization(DesktopConsumer consumer, string requestToken, string userCode) { var customServiceDescription = new ServiceProviderDescription { RequestTokenEndpoint = ServiceProviderDescription.RequestTokenEndpoint, UserAuthorizationEndpoint = new MessageReceivingEndpoint( string.Format("{0}?key={1}&token={2}", ServiceProviderDescription.UserAuthorizationEndpoint.Location.AbsoluteUri, consumer.TokenManager.ConsumerKey, requestToken), HttpDeliveryMethods.AuthorizationHeaderRequest | HttpDeliveryMethods.GetRequest), AccessTokenEndpoint = new MessageReceivingEndpoint( ServiceProviderDescription.AccessTokenEndpoint.Location.AbsoluteUri + "?oauth_verifier" + userCode + string.Empty, HttpDeliveryMethods.AuthorizationHeaderRequest | HttpDeliveryMethods.GetRequest), TamperProtectionElements = ServiceProviderDescription.TamperProtectionElements, ProtocolVersion = ProtocolVersion.V10a }; var customConsumer = new DesktopConsumer(customServiceDescription, consumer.TokenManager); var response = customConsumer.ProcessUserAuthorization(requestToken, userCode); return(response); }
private async void beginButton_Click(object sender, RoutedEventArgs e) { try { var service = new ServiceProviderDescription( this.requestTokenUrlBox.Text, this.authorizeUrlBox.Text, this.accessTokenUrlBox.Text); var consumer = new Consumer(this.consumerKeyBox.Text, this.consumerSecretBox.Text, service, new MemoryTemporaryCredentialStorage()); DotNetOpenAuth.OAuth.AccessToken accessToken; var authorizePopup = new Authorize(consumer, c => c.RequestUserAuthorizationAsync(null, null)); authorizePopup.Owner = this; bool?result = authorizePopup.ShowDialog(); if (result.HasValue && result.Value) { accessToken = authorizePopup.AccessToken; } else { return; } HttpMethod resourceHttpMethod = this.resourceHttpMethodList.SelectedIndex < 2 ? HttpMethod.Get : HttpMethod.Post; using (var handler = consumer.CreateMessageHandler(accessToken)) { handler.Location = this.resourceHttpMethodList.SelectedIndex == 1 ? OAuth1HttpMessageHandlerBase.OAuthParametersLocation.AuthorizationHttpHeader : OAuth1HttpMessageHandlerBase.OAuthParametersLocation.QueryString; using (var httpClient = consumer.CreateHttpClient(handler)) { var request = new HttpRequestMessage(resourceHttpMethod, this.resourceUrlBox.Text); using (var resourceResponse = await httpClient.SendAsync(request)) { this.resultsBox.Text = await resourceResponse.Content.ReadAsStringAsync(); } } } } catch (DotNetOpenAuth.Messaging.ProtocolException ex) { MessageBox.Show(this, ex.Message); } }
public async Task SpecAppendixAExample() { var serviceDescription = new ServiceProviderDescription( "https://photos.example.net/request_token", "http://photos.example.net/authorize", "https://photos.example.net/access_token"); var serviceHostDescription = new ServiceProviderHostDescription { RequestTokenEndpoint = new MessageReceivingEndpoint(serviceDescription.TemporaryCredentialsRequestEndpoint, HttpDeliveryMethods.PostRequest | HttpDeliveryMethods.AuthorizationHeaderRequest), UserAuthorizationEndpoint = new MessageReceivingEndpoint(serviceDescription.ResourceOwnerAuthorizationEndpoint, HttpDeliveryMethods.GetRequest), AccessTokenEndpoint = new MessageReceivingEndpoint(serviceDescription.TokenRequestEndpoint, HttpDeliveryMethods.PostRequest | HttpDeliveryMethods.AuthorizationHeaderRequest), TamperProtectionElements = new ITamperProtectionChannelBindingElement[] { new HmacSha1SigningBindingElement(), }, }; var accessPhotoEndpoint = new Uri("http://photos.example.net/photos?file=vacation.jpg&size=original"); var consumerDescription = new ConsumerDescription("dpf43f3p2l4k3l03", "kd94hf93k423kf44"); var tokenManager = new InMemoryTokenManager(); tokenManager.AddConsumer(consumerDescription); var sp = new ServiceProvider(serviceHostDescription, tokenManager); Handle(serviceDescription.TemporaryCredentialsRequestEndpoint).By( async(request, ct) => { var requestTokenMessage = await sp.ReadTokenRequestAsync(request, ct); return(await sp.Channel.PrepareResponseAsync(sp.PrepareUnauthorizedTokenMessage(requestTokenMessage))); }); Handle(serviceDescription.ResourceOwnerAuthorizationEndpoint).By( async(request, ct) => { var authRequest = await sp.ReadAuthorizationRequestAsync(request, ct); ((InMemoryTokenManager)sp.TokenManager).AuthorizeRequestToken(authRequest.RequestToken); return(await sp.Channel.PrepareResponseAsync(sp.PrepareAuthorizationResponse(authRequest))); }); Handle(serviceDescription.TokenRequestEndpoint).By( async(request, ct) => { var accessRequest = await sp.ReadAccessTokenRequestAsync(request, ct); return(await sp.Channel.PrepareResponseAsync(sp.PrepareAccessTokenMessage(accessRequest), ct)); }); Handle(accessPhotoEndpoint).By( async(request, ct) => { string accessToken = (await sp.ReadProtectedResourceAuthorizationAsync(request)).AccessToken; Assert.That(accessToken, Is.Not.Null.And.Not.Empty); var responseMessage = new HttpResponseMessage { Content = new ByteArrayContent(new byte[] { 0x33, 0x66 }), }; responseMessage.Content.Headers.ContentType = new MediaTypeHeaderValue("image/jpeg"); return(responseMessage); }); var consumer = new Consumer( consumerDescription.ConsumerKey, consumerDescription.ConsumerSecret, serviceDescription, new MemoryTemporaryCredentialStorage()); consumer.HostFactories = this.HostFactories; var authorizeUrl = await consumer.RequestUserAuthorizationAsync(new Uri("http://printer.example.com/request_token_ready")); Uri authorizeResponseUri; this.HostFactories.AllowAutoRedirects = false; using (var httpClient = this.HostFactories.CreateHttpClient()) { using (var response = await httpClient.GetAsync(authorizeUrl)) { Assert.That(response.StatusCode, Is.EqualTo(HttpStatusCode.Redirect)); authorizeResponseUri = response.Headers.Location; } } var accessTokenResponse = await consumer.ProcessUserAuthorizationAsync(authorizeResponseUri); Assert.That(accessTokenResponse, Is.Not.Null); using (var authorizingClient = consumer.CreateHttpClient(accessTokenResponse.AccessToken)) { using (var protectedPhoto = await authorizingClient.GetAsync(accessPhotoEndpoint)) { Assert.That(protectedPhoto, Is.Not.Null); protectedPhoto.EnsureSuccessStatusCode(); Assert.That("image/jpeg", Is.EqualTo(protectedPhoto.Content.Headers.ContentType.MediaType)); Assert.That(protectedPhoto.Content.Headers.ContentLength, Is.Not.EqualTo(0)); } } }
/// <summary> /// Initializes a new instance of the <see cref="WebOAuthAuthorization"/> class. /// </summary> /// <param name="serviceProviderDescription">The service provider description.</param> public MvcOAuthAuthorization(IConsumerTokenManager tokenManager, string accessToken, ServiceProviderDescription serviceProviderDescription) : base(tokenManager, accessToken, serviceProviderDescription) { }
/// <summary> /// Initializes a new instance of the <see cref="DesktopOAuthAuthorization"/> class /// that uses a custom token manager. /// </summary> /// <param name="tokenManager">The token manager.</param> /// <param name="accessToken">The access token.</param> public DesktopOAuthAuthorization(IConsumerTokenManager tokenManager, string accessToken, ServiceProviderDescription serviceProviderDescription) : base(new DesktopConsumer(serviceProviderDescription, tokenManager)) { this.accessToken = accessToken; }
public void RequestTokenUriWithOAuthParametersTest() { var target = new ServiceProviderDescription(); target.RequestTokenEndpoint = new MessageReceivingEndpoint("http://localhost/requesttoken?oauth_token=something", HttpDeliveryMethods.GetRequest); }
private static HttpMessageHandler OAuthHandler(string requestTokenURL, string authorizationTokenURL, string accessTokenURL, string consumerKey, string consumerSecret, string user, string passwd, string authUrl) { ServiceProviderDescription serviceDescription = new ServiceProviderDescription(); serviceDescription.AccessTokenEndpoint = new MessageReceivingEndpoint(new Uri(accessTokenURL), HttpDeliveryMethods.PostRequest); serviceDescription.ProtocolVersion = ProtocolVersion.V10a; serviceDescription.RequestTokenEndpoint = new MessageReceivingEndpoint(new Uri(requestTokenURL), HttpDeliveryMethods.PostRequest); serviceDescription.TamperProtectionElements = new ITamperProtectionChannelBindingElement[] { new HmacSha1SigningBindingElement() }; serviceDescription.UserAuthorizationEndpoint = new MessageReceivingEndpoint(new Uri(authorizationTokenURL), HttpDeliveryMethods.PostRequest); TokenManager tokenManager = new TokenManager(consumerKey, consumerSecret); WebConsumer consumer = new WebConsumer(serviceDescription, tokenManager); // callback is never called by CLM, but needed to do OAuth based forms login // XXX - Dns.GetHostName() alway seems to return simple, uppercased hostname string callback = "https://" + Dns.GetHostName() + '.' + IPGlobalProperties.GetIPGlobalProperties().DomainName + ":9443/cb"; callback = callback.ToLower(); consumer.PrepareRequestUserAuthorization(new Uri(callback), null, null); OslcClient oslcClient = new OslcClient(); HttpClient client = oslcClient.GetHttpClient(); HttpStatusCode statusCode = HttpStatusCode.Unused; string location = null; HttpResponseMessage resp; try { client.DefaultRequestHeaders.Clear(); resp = client.GetAsync(authorizationTokenURL + "?oauth_token=" + tokenManager.GetRequestToken() + "&oauth_callback=" + Uri.EscapeUriString(callback).Replace("#", "%23").Replace("/", "%2F").Replace(":", "%3A")).Result; statusCode = resp.StatusCode; if (statusCode == HttpStatusCode.Found) { location = resp.Headers.Location.AbsoluteUri; resp.ConsumeContent(); statusCode = FollowRedirects(client, statusCode, location); } string securityCheckUrl = "j_username="******"&j_password="******"application/x-www-form-urlencoded"); mediaTypeValue.CharSet = "utf-8"; content.Headers.ContentType = mediaTypeValue; resp = client.PostAsync(authUrl + "/j_security_check", content).Result; statusCode = resp.StatusCode; string jazzAuthMessage = null; IEnumerable <string> values = new List <string>(); if (resp.Headers.TryGetValues(JAZZ_AUTH_MESSAGE_HEADER, out values)) { jazzAuthMessage = values.Last(); } if (jazzAuthMessage != null && string.Compare(jazzAuthMessage, JAZZ_AUTH_FAILED, true) == 0) { resp.ConsumeContent(); throw new JazzAuthFailedException(user, authUrl); } else if (statusCode != HttpStatusCode.OK && statusCode != HttpStatusCode.Found) { resp.ConsumeContent(); throw new JazzAuthErrorException(statusCode, authUrl); } else //success { Uri callbackUrl = resp.Headers.Location; resp = client.GetAsync(callbackUrl.AbsoluteUri).Result; callbackUrl = resp.Headers.Location; resp = client.GetAsync(callbackUrl.AbsoluteUri).Result; callbackUrl = resp.Headers.Location; NameValueCollection qscoll = callbackUrl.ParseQueryString(); if (callbackUrl.OriginalString.StartsWith(callback + '?') && qscoll["oauth_verifier"] != null) { DesktopConsumer desktopConsumer = new DesktopConsumer(serviceDescription, tokenManager); AuthorizedTokenResponse authorizedTokenResponse = desktopConsumer.ProcessUserAuthorization(tokenManager.GetRequestToken(), qscoll["oauth_verifier"]); return(consumer.CreateAuthorizingHandler(authorizedTokenResponse.AccessToken, CreateSSLHandler())); } throw new JazzAuthErrorException(statusCode, authUrl); } } catch (JazzAuthFailedException jfe) { throw jfe; } catch (JazzAuthErrorException jee) { throw jee; } catch (Exception e) { Console.WriteLine(e.StackTrace); } // return consumer.CreateAuthorizingHandler(accessToken); return(null); }
/// <summary> /// Initializes a new instance of the <see cref="OAuthClient" /> class. /// </summary> /// <param name="providerName">Name of the provider.</param> /// <param name="serviceDescription">The service Description.</param> /// <param name="consumerKey">The consumer key.</param> /// <param name="consumerSecret">The consumer secret.</param> protected OAuthClient( string providerName, ServiceProviderDescription serviceDescription, string consumerKey, string consumerSecret) : this(providerName, new DotNetOpenAuthWebConsumer(serviceDescription, consumerKey, consumerSecret)) { }