Exemplo n.º 1
0
        /// <summary>
        /// Validates the request parameters.
        /// </summary>
        /// <param name="requestParams">The request parameters to validate.</param>
        /// <exception cref="InvalidParameterException">Is thrown when the parameters are invalid.</exception>
        public static void ThrowIfInvalidForAuthorizationRequest(this OAuth2Config requestParams)
        {
            if (requestParams == null)
            {
                throw new InvalidParameterException(nameof(OAuth2Config));
            }

            if (string.IsNullOrWhiteSpace(requestParams.AuthorizeServiceEndpoint))
            {
                throw new InvalidParameterException(string.Format("{0}.{1}", nameof(OAuth2Config), nameof(OAuth2Config.AuthorizeServiceEndpoint)));
            }
            if (string.IsNullOrWhiteSpace(requestParams.ClientId))
            {
                throw new InvalidParameterException(string.Format("{0}.{1}", nameof(OAuth2Config), nameof(OAuth2Config.ClientId)));
            }
            if (string.IsNullOrWhiteSpace(requestParams.RedirectUrl))
            {
                throw new InvalidParameterException(string.Format("{0}.{1}", nameof(OAuth2Config), nameof(OAuth2Config.RedirectUrl)));
            }
        }
Exemplo n.º 2
0
        /// <summary>
        /// Builds the url which shows the authorization page of the OAuth2 web service, where the
        /// user can confirm that the app is allowed to use the service.
        /// </summary>
        /// <remarks>
        /// Client-side apps should show the web page in an external browser (or Android custom tab)
        /// and not inside a WebView of the application (requirement for login with Google account).
        /// </remarks>
        /// <param name="config">The parameters of the OAuth2 service. The parameters
        /// can be read from the OAuth2 web service after registration of the app.</param>
        /// <param name="stateParam">A random string which will be passed to the OAuth2 web service,
        /// and is returned in the response. An application should persist this state so it can
        /// verify the response.</param>
        /// <param name="codeVerifier">An optional random string [43-128 chars a-z,A-Z,0-9] which
        /// will be passed to the OAuth2 web service. An application should persist this code
        /// verifier, because it is required to fetch the token.</param>
        /// <returns>A url which can be used to show the authorization page.</returns>
        public static string BuildAuthorizationRequestUrl(OAuth2Config config, string stateParam, string codeVerifier)
        {
            config.ThrowIfInvalidForAuthorizationRequest();

            Url result = new Url(config.AuthorizeServiceEndpoint)
                         .SetQueryParams(new
            {
                response_type = config.Flow.ToString().ToLowerInvariant(),
                client_id     = config.ClientId,
                redirect_uri  = config.RedirectUrl,
                scope         = config.Scope,
                state         = stateParam
            });

            if (!string.IsNullOrWhiteSpace(codeVerifier))
            {
                result.SetQueryParams(new
                {
                    code_challenge        = HashCodeVerifier(codeVerifier),
                    code_challenge_method = "S256"
                });
            }
            return(result);
        }