private async Task <string> GetToken(string requestToken)
{
if (!string.IsNullOrEmpty(_accessToken))
{
return(_accessToken);
}
var discover = await _httpClient.GetDiscoveryDocumentAsync(new DiscoveryDocumentRequest()
{
Address = _configuration["IdentityServerURL"],
Policy = new DiscoveryPolicy()
{
RequireHttps = false
}
});
if (discover.IsError)
{
throw discover.Exception;
}
TokenExchangeTokenRequest tokenExchangeTokenRequest = new TokenExchangeTokenRequest()
{
Address = discover.TokenEndpoint,
ClientId = _configuration["ClientId"],
ClientSecret = _configuration["ClientSecret"],
GrantType = _configuration["TokenGrantType"],
SubjectToken = requestToken,
SubjectTokenType = "urn:ietf:params:oauth:token-type:access-token",
Scope = "openid discount_fullpermission fake_payment_fullpermission"
};
var tokenResponse = await _httpClient.RequestTokenExchangeTokenAsync(tokenExchangeTokenRequest);
if (tokenResponse.IsError)
{
throw tokenResponse.Exception;
}
_accessToken = tokenResponse.AccessToken;
return(_accessToken);
}
public async Task <TokenResponse> RequestTokenExchangeTokenAsync(HttpClient httpClient, TokenExchangeTokenRequest request)
{
var result = await httpClient.RequestTokenExchangeTokenAsync(request);
return(result);
}
public async Task OnGetAsync()
{
NameIdentifier = User.Claims.GetClaimsByType(".externalNamedIdentitier").FirstOrDefault().Value;
IdToken = User.Claims.GetClaimsByType(".id_token").FirstOrDefault().Value;
var key = _oidcPipelineKey.GetOIDCPipeLineKey();
OriginalAuthorizationRequest = await _oidcPipelineStore.GetOriginalIdTokenRequestAsync(key);
var queryScopes = (from item in OriginalAuthorizationRequest.Raw
where item.Key == "scope"
let scopes = item.Value.Split(" ")
from cItem in scopes
where cItem.StartsWith(ScopeBaseUrl)
select cItem).ToList();
var scope = string.Join(" ", queryScopes);
scope += " offline_access";
var docoTokenService = await _tokenServiceDiscoveryCache.GetAsync();
_logger.LogDebug(docoTokenService.Raw);
/*
* ArbitraryTokenTokenRequestV2 = new ArbitraryTokenTokenRequestV2() {
* Address = docoTokenService.TokenEndpoint,
* ClientId = _FluffyBunny4TokenServiceConfiguration.ClientId,
* ClientSecret = _FluffyBunny4TokenServiceConfiguration.ClientSecret,
* Subject = NameIdentifier,
* Scope = new HashSet<string>(),
* ArbitraryClaims = new Dictionary<string, List<string>>(),
* ArbitraryAmrs = new List<string>(),
* ArbitraryAudiences = new List<string>(),
* CustomPayload = null
* };
*/
TokenExchangeTokenRequest = new TokenExchangeTokenRequest
{
Address = docoTokenService.TokenEndpoint,
ClientId = _FluffyBunny4TokenServiceConfiguration.ClientId,
ClientSecret = _FluffyBunny4TokenServiceConfiguration.ClientSecret,
Scope = scope,
GrantType = OidcConstants.GrantTypes.TokenExchange,
SubjectTokenType = FluffyBunny4.Constants.TokenExchangeTypes.IdToken,
SubjectToken = IdToken
};
_logger.LogDebug(_serializer.Serialize(TokenExchangeTokenRequest, true));
var client = _httpClientFactory.CreateClient("HttpClient");
TokenPayload = await _fluffyBunnyTokenService.RequestTokenExchangeTokenAsync(client, TokenExchangeTokenRequest);
if (TokenPayload.IsError)
{
_logger.LogError("RequestTokenExchangeTokenAsync");
_logger.LogError(TokenPayload.ErrorDescription);
}
var tokenExchangePayload = new
{
access_token = TokenPayload.AccessToken,
refresh_token = TokenPayload.RefreshToken,
scope = TokenPayload.Scope,
token_type = TokenPayload.TokenType
};
await _oidcPipelineStore.StoreTempCustomObjectAsync(key, "token-exchange", tokenExchangePayload);
}
/// <summary>
/// Sends a token exchange request.
/// </summary>
/// <param name="client">The client.</param>
/// <param name="request">The request.</param>
/// <param name="cancellationToken">The cancellation token.</param>
/// <returns></returns>
public static async Task <TokenResponse> RequestTokenExchangeTokenAsync(this HttpMessageInvoker client, TokenExchangeTokenRequest request, CancellationToken cancellationToken = default)
{
var clone = request.Clone();
clone.Parameters.AddRequired(OidcConstants.TokenRequest.GrantType, OidcConstants.GrantTypes.TokenExchange);
clone.Parameters.AddRequired(OidcConstants.TokenRequest.SubjectToken, request.SubjectToken);
clone.Parameters.AddRequired(OidcConstants.TokenRequest.SubjectTokenType, request.SubjectTokenType);
clone.Parameters.AddOptional(OidcConstants.TokenRequest.Resource, request.Resource);
clone.Parameters.AddOptional(OidcConstants.TokenRequest.Audience, request.Audience);
clone.Parameters.AddOptional(OidcConstants.TokenRequest.Scope, request.Scope);
clone.Parameters.AddOptional(OidcConstants.TokenRequest.RequestedTokenType, request.RequestedTokenType);
clone.Parameters.AddOptional(OidcConstants.TokenRequest.ActorToken, request.ActorToken);
clone.Parameters.AddOptional(OidcConstants.TokenRequest.ActorTokenType, request.ActorTokenType);
return(await client.RequestTokenAsync(clone, cancellationToken).ConfigureAwait());
}
