protected override async Task <AuthenticationTicket> AuthenticateCoreAsync() { AuthenticationProperties properties = null; try { string code = null; string state = null; string error = null; var query = Request.Query; //CHECK FOR ERRORS IF RECEIVED var values = query.GetValues("error"); if (values != null && values.Count > 0) { error = values[0]; } //IF ERROR IS RETURNED, DISCONTINUE THE OPERATION FROM HERE. if (!string.IsNullOrEmpty(error)) { throw new Exception(error); } //IN CASE OF SUCCESS, SP APP WILL RECEIVE THE CODE values = query.GetValues("code"); if (values != null && values.Count > 0) { code = values[0]; } //CHECK FOR THE STATES values = query.GetValues("state"); if (values != null && values.Count > 0) { state = values[0]; } properties = Options.StateDataFormat.Unprotect(state); if (properties == null) { return(null); } //OAuth2 10.12 CROSS SITE REQUEST FORGERY - VALIDATE if (!ValidateCorrelationId(properties, _logger)) { return(new AuthenticationTicket(null, properties)); } //REDIRECT URI var requestPrefix = Request.Scheme + "://" + Request.Host; var redirectUri = requestPrefix + Request.PathBase + Options.CallbackPath; //MAKE A REQUEST TO GET THE ACCESS TOKEN HttpClient httpClient = new HttpClient(); //CREATING BODY FOR TOKEN REQUEST IEnumerable <KeyValuePair <string, string> > requestBody = new List <KeyValuePair <string, string> > { new KeyValuePair <string, string>("redirect_uri", redirectUri), new KeyValuePair <string, string>("grant_type", "authorization_code"), new KeyValuePair <string, string>("client_id", Options.ClientId), new KeyValuePair <string, string>("client_secret", Options.ClientSecret), new KeyValuePair <string, string>("code", code) }; string tokenResponse = await PostFormUrlEncoded <string>(Options.UAEPassEndPoints.TokenEndpoint, requestBody); //DESERIALIZE CONTENT dynamic response = JsonConvert.DeserializeObject <dynamic>(tokenResponse); //STORING ACCESS TOKEN - NO REFRESH TOKEN IS SUPPORTED BY UAE PASS var accessToken = (string)response.access_token; //GET USER'S INFORMATION FROM UAE PASS USING USER INFO END POINT httpClient = new HttpClient(); httpClient.DefaultRequestHeaders.Add("Accept", "application/json"); httpClient.DefaultRequestHeaders.Add("Authorization", "Bearer " + accessToken); HttpResponseMessage userResponse = await httpClient.GetAsync(Options.UAEPassEndPoints.UserInfoEndpoint); userResponse.EnsureSuccessStatusCode(); var rawResponse = await userResponse.Content.ReadAsStringAsync(); var user = JsonConvert.DeserializeObject <UAEPassUser>(rawResponse); var context = new UAEPassAuthenticatedContext(Context, user, accessToken, rawResponse) { Identity = new ClaimsIdentity( Options.AuthenticationType, ClaimsIdentity.DefaultNameClaimType, ClaimsIdentity.DefaultRoleClaimType) }; if (!string.IsNullOrEmpty(context.Id)) { context.Identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, context.Id, XmlSchemaString, Options.AuthenticationType)); } if (!string.IsNullOrEmpty(context.UserName)) { context.Identity.AddClaim(new Claim(ClaimsIdentity.DefaultNameClaimType, context.UserName, XmlSchemaString, Options.AuthenticationType)); } if (!string.IsNullOrEmpty(context.Email)) { context.Identity.AddClaim(new Claim(ClaimTypes.Email, context.Email, XmlSchemaString, Options.AuthenticationType)); } if (!string.IsNullOrEmpty(context.Name)) { context.Identity.AddClaim(new Claim("urn:UAEPass:name", context.Name, XmlSchemaString, Options.AuthenticationType)); } context.Properties = properties; await Options.Provider.Authenticated(context); var retTicket = new AuthenticationTicket(context.Identity, context.Properties); retTicket.Properties.AllowRefresh = false; retTicket.Properties.IsPersistent = true; return(retTicket); } catch (Exception ex) { _logger.WriteError(ex.Message); } return(new AuthenticationTicket(null, properties)); }
public virtual Task Authenticated(UAEPassAuthenticatedContext context) { return(OnAuthenticated(context)); }