Exemplo n.º 1
0
        // POST api/issue
        public HttpResponseMessage Post(TokenRequest rst)
        {
            Uri scope = rst.Scope;

            if (scope == null)
            {
                return Request.CreateResponse<TokenResponse>(HttpStatusCode.BadRequest, new TokenResponse() { Error = OAuthError.INVALID_REQUEST });
            }

            string key = OAuthConfiguration.Configuration.StsSettings.SymmetricKey;
            TimeSpan lifeTime = new TimeSpan(0, 0, OAuthConfiguration.Configuration.StsSettings.TokenLifeTimeInSec); 

            var claims = new List<Claim>();
            claims.Add(new Claim(ClaimTypes.Name, this.User.Identity.Name));
            claims.Add(new Claim(ClaimTypes.Role, "AssetsServiceUser"));
            claims.Add(new Claim(ClaimTypes.Role, "Developer"));
            claims.Add(new Claim(ClaimTypes.Role, "Administrator"));

            SimpleWebToken token = new SimpleWebToken(scope, OAuthConfiguration.Configuration.StsSettings.IssuerUri.ToString(), DateTime.UtcNow + lifeTime, claims, key);

            var tokenResponse = new TokenResponse() { AccessToken = token.ToString(), TokenType = "bearer", ExpiresIn = 600 };
            return Request.CreateResponse<TokenResponse>(HttpStatusCode.OK, tokenResponse);
        }
Exemplo n.º 2
0
        private static string IssueAccessToken(Uri realm)
        {
            realm = RealmOverFiddler(realm);
            var method     = HttpMethod.Post;
            var requestUri = OAuthConfiguration.Configuration.StsSettings.IssuerUri;
            var rst        = new TokenRequest()
            {
                Scope = realm
            };
            var content     = JsonConvert.SerializeObject(rst);
            var contentType = "application/json";
            AuthenticationHeaderValue auth = null;

            HttpResponseMessage r = Send(method, requestUri, content, contentType, auth);

            while (r.StatusCode != HttpStatusCode.OK)
            {
                if (r.StatusCode == HttpStatusCode.Unauthorized)
                {
                    if (r.Headers.WwwAuthenticate.Any(h => h.Scheme == AuthenticationSchemes.Basic.ToString()))
                    {
                        var creds = Logon.Page.GetLogin(null);
                        if (!creds.IsSuccessful || creds.IsCanceled)
                        {
                            break;
                        }

                        string loginpsw = String.Format("{0}:{1}", creds.Name, creds.Psw);
                        byte[] bytes    = Encoding.ASCII.GetBytes(loginpsw);
                        auth = new AuthenticationHeaderValue(AuthenticationSchemes.Basic.ToString(), Convert.ToBase64String(bytes));
                    }
                    else if (r.Headers.Any(h => h.Key == HttpResponseHeader.SetCookie.GetName()))
                    {
                    }
                    else
                    {
                        break;
                    }
                }
                else if (r.StatusCode == HttpStatusCode.Redirect || r.StatusCode == HttpStatusCode.Moved)
                {
                    requestUri = new Uri(requestUri, r.Headers.Location.OriginalString);
                    auth       = null;
                }
                else
                {
                    break;
                }

                r = Send(method, requestUri, content, contentType, auth);
            }

            try
            {
                r.EnsureSuccessStatusCode();
                var token = r.Content.ReadAsStringAsync().Result;
                var rstr  = JsonConvert.DeserializeObject <TokenResponse>(token);
                Console.WriteLine(rstr.AccessToken);
                token = HttpUtility.UrlDecode(rstr.AccessToken);
                token = Convert.ToBase64String(Encoding.ASCII.GetBytes(token));
                TokensStore.StoreProvider.PutToken(realm, token);
                return(token);
            }
            catch (Exception ex)
            {
                throw new Exception("Unsuccessful attempt to login on STS.", ex);
            }
        }
Exemplo n.º 3
0
        private static string IssueAccessToken(Uri realm)
        {
            realm = RealmOverFiddler(realm);
            var method = HttpMethod.Post;
            var requestUri = OAuthConfiguration.Configuration.StsSettings.IssuerUri;
            var rst = new TokenRequest() { Scope = realm };
            var content = JsonConvert.SerializeObject(rst);
            var contentType = "application/json";
            AuthenticationHeaderValue auth = null;

            HttpResponseMessage r = Send(method, requestUri, content, contentType, auth);

            while (r.StatusCode != HttpStatusCode.OK)
            {
                if (r.StatusCode == HttpStatusCode.Unauthorized)
                {
                    if (r.Headers.WwwAuthenticate.Any(h => h.Scheme == AuthenticationSchemes.Basic.ToString()))
                    {
                        var creds = Logon.Page.GetLogin(null);
                        if (!creds.IsSuccessful || creds.IsCanceled)
                            break;

                        string loginpsw = String.Format("{0}:{1}", creds.Name, creds.Psw);
                        byte[] bytes = Encoding.ASCII.GetBytes(loginpsw);
                        auth = new AuthenticationHeaderValue(AuthenticationSchemes.Basic.ToString(), Convert.ToBase64String(bytes));
                    }
                    else if (r.Headers.Any(h => h.Key == HttpResponseHeader.SetCookie.GetName()))
                    {
                    }
                    else
                    {
                        break;
                    }
                }
                else if (r.StatusCode == HttpStatusCode.Redirect || r.StatusCode == HttpStatusCode.Moved)
                {
                    requestUri = new Uri(requestUri, r.Headers.Location.OriginalString);
                    auth = null;
                }
                else
                {
                    break;
                }

                r = Send(method, requestUri, content, contentType, auth);
            }

            try
            {
                r.EnsureSuccessStatusCode();
                var token = r.Content.ReadAsStringAsync().Result;
                var rstr = JsonConvert.DeserializeObject<TokenResponse>(token);
                Console.WriteLine(rstr.AccessToken);
                token = HttpUtility.UrlDecode(rstr.AccessToken);
                token = Convert.ToBase64String(Encoding.ASCII.GetBytes(token));
                TokensStore.StoreProvider.PutToken(realm, token);
                return token;
            }
            catch (Exception ex)
            {
                throw new Exception("Unsuccessful attempt to login on STS.", ex);
            }
        }
Exemplo n.º 4
0
        static string DoAuth(Uri realm)
        {
            string token = String.Empty;

            using (HttpClient client = new HttpClient())
            {
                string creds = String.Format("{0}:{1}", "badri", "badri");
                byte[] bytes = Encoding.ASCII.GetBytes(creds);
                var header = new AuthenticationHeaderValue("Basic", Convert.ToBase64String(bytes));
                client.DefaultRequestHeaders.Authorization = header;

                var rst = new TokenRequest() { Scope = realm };
                HttpContent content = new StringContent(JsonConvert.SerializeObject(rst), Encoding.UTF8, "application/json");
                token = client.PostAsync("http://ipv4.fiddler:333/api/issue", content).Result.Content.ReadAsStringAsync().Result;
                //token = client.PostAsync("http://localhost:333/api/issue", content).Result.Content.ReadAsStringAsync().Result;
            }

            var rstr = JsonConvert.DeserializeObject<TokenResponse>(token);
            Console.WriteLine(rstr.AccessToken);
            return HttpUtility.UrlDecode(rstr.AccessToken);
        }