private async Task <string> GetToken(string requestToken) { if (!string.IsNullOrEmpty(_accessToken)) { return(_accessToken); } var discover = await _httpClient.GetDiscoveryDocumentAsync(new DiscoveryDocumentRequest() { Address = _configuration["IdentityServerURL"], Policy = new DiscoveryPolicy() { RequireHttps = false } }); if (discover.IsError) { throw discover.Exception; } TokenExchangeTokenRequest tokenExchangeTokenRequest = new TokenExchangeTokenRequest() { Address = discover.TokenEndpoint, ClientId = _configuration["ClientId"], ClientSecret = _configuration["ClientSecret"], GrantType = _configuration["TokenGrantType"], SubjectToken = requestToken, SubjectTokenType = "urn:ietf:params:oauth:token-type:access-token", Scope = "openid discount_fullpermission fake_payment_fullpermission" }; var tokenResponse = await _httpClient.RequestTokenExchangeTokenAsync(tokenExchangeTokenRequest); if (tokenResponse.IsError) { throw tokenResponse.Exception; } _accessToken = tokenResponse.AccessToken; return(_accessToken); }
public async Task <TokenResponse> RequestTokenExchangeTokenAsync(HttpClient httpClient, TokenExchangeTokenRequest request) { var result = await httpClient.RequestTokenExchangeTokenAsync(request); return(result); }
public async Task OnGetAsync() { NameIdentifier = User.Claims.GetClaimsByType(".externalNamedIdentitier").FirstOrDefault().Value; IdToken = User.Claims.GetClaimsByType(".id_token").FirstOrDefault().Value; var key = _oidcPipelineKey.GetOIDCPipeLineKey(); OriginalAuthorizationRequest = await _oidcPipelineStore.GetOriginalIdTokenRequestAsync(key); var queryScopes = (from item in OriginalAuthorizationRequest.Raw where item.Key == "scope" let scopes = item.Value.Split(" ") from cItem in scopes where cItem.StartsWith(ScopeBaseUrl) select cItem).ToList(); var scope = string.Join(" ", queryScopes); scope += " offline_access"; var docoTokenService = await _tokenServiceDiscoveryCache.GetAsync(); _logger.LogDebug(docoTokenService.Raw); /* * ArbitraryTokenTokenRequestV2 = new ArbitraryTokenTokenRequestV2() { * Address = docoTokenService.TokenEndpoint, * ClientId = _FluffyBunny4TokenServiceConfiguration.ClientId, * ClientSecret = _FluffyBunny4TokenServiceConfiguration.ClientSecret, * Subject = NameIdentifier, * Scope = new HashSet<string>(), * ArbitraryClaims = new Dictionary<string, List<string>>(), * ArbitraryAmrs = new List<string>(), * ArbitraryAudiences = new List<string>(), * CustomPayload = null * }; */ TokenExchangeTokenRequest = new TokenExchangeTokenRequest { Address = docoTokenService.TokenEndpoint, ClientId = _FluffyBunny4TokenServiceConfiguration.ClientId, ClientSecret = _FluffyBunny4TokenServiceConfiguration.ClientSecret, Scope = scope, GrantType = OidcConstants.GrantTypes.TokenExchange, SubjectTokenType = FluffyBunny4.Constants.TokenExchangeTypes.IdToken, SubjectToken = IdToken }; _logger.LogDebug(_serializer.Serialize(TokenExchangeTokenRequest, true)); var client = _httpClientFactory.CreateClient("HttpClient"); TokenPayload = await _fluffyBunnyTokenService.RequestTokenExchangeTokenAsync(client, TokenExchangeTokenRequest); if (TokenPayload.IsError) { _logger.LogError("RequestTokenExchangeTokenAsync"); _logger.LogError(TokenPayload.ErrorDescription); } var tokenExchangePayload = new { access_token = TokenPayload.AccessToken, refresh_token = TokenPayload.RefreshToken, scope = TokenPayload.Scope, token_type = TokenPayload.TokenType }; await _oidcPipelineStore.StoreTempCustomObjectAsync(key, "token-exchange", tokenExchangePayload); }
/// <summary> /// Sends a token exchange request. /// </summary> /// <param name="client">The client.</param> /// <param name="request">The request.</param> /// <param name="cancellationToken">The cancellation token.</param> /// <returns></returns> public static async Task <TokenResponse> RequestTokenExchangeTokenAsync(this HttpMessageInvoker client, TokenExchangeTokenRequest request, CancellationToken cancellationToken = default) { var clone = request.Clone(); clone.Parameters.AddRequired(OidcConstants.TokenRequest.GrantType, OidcConstants.GrantTypes.TokenExchange); clone.Parameters.AddRequired(OidcConstants.TokenRequest.SubjectToken, request.SubjectToken); clone.Parameters.AddRequired(OidcConstants.TokenRequest.SubjectTokenType, request.SubjectTokenType); clone.Parameters.AddOptional(OidcConstants.TokenRequest.Resource, request.Resource); clone.Parameters.AddOptional(OidcConstants.TokenRequest.Audience, request.Audience); clone.Parameters.AddOptional(OidcConstants.TokenRequest.Scope, request.Scope); clone.Parameters.AddOptional(OidcConstants.TokenRequest.RequestedTokenType, request.RequestedTokenType); clone.Parameters.AddOptional(OidcConstants.TokenRequest.ActorToken, request.ActorToken); clone.Parameters.AddOptional(OidcConstants.TokenRequest.ActorTokenType, request.ActorTokenType); return(await client.RequestTokenAsync(clone, cancellationToken).ConfigureAwait()); }