public ActionResult Token(OpenIdConnectTokenRequest tokenRequest) { if (MvcApplication.codesGenerated.ContainsKey(tokenRequest.code) && (tokenRequest.grant_type == "authorization_code")) { if (!MvcApplication.codesGenerated[tokenRequest.code]) { //you used it, now you flag it MvcApplication.codesGenerated[tokenRequest.code] = true; string issuer = Config.SERVER_ADDRESS; string audience = MvcApplication.registeredAuthorizations.SingleOrDefault(x => x.Code == tokenRequest.code).ClientIdentifier; //By decision, the signature will not be included //byte[] signature = AlhambraJwtTokenManager.GenerateSymmetricKeyForHmacSha256(); string subject = User.Identity.Name; DateTime issuedAt = DateTime.UtcNow; DateTime expires = DateTime.UtcNow.AddMinutes(2); JWTSecurityToken jwt = AlhambraJwtTokenManager.GenerateJwtToken(issuer, subject, audience, expires); string jwtReadyToBeSent = AlhambraJwtTokenManager.EncodeJWT(jwt); OpenIdConnectToken token = new OpenIdConnectToken(); Guid newAccessToken = Guid.NewGuid(); Guid newRefreshToken = Guid.NewGuid(); MvcApplication.tokensGenerated.Add(newAccessToken, newRefreshToken); token.access_token = newAccessToken.ToString(); token.expires_in = "120"; token.refresh_token = newRefreshToken.ToString(); token.id_token = jwtReadyToBeSent; token.token_type = "Bearer"; string result = JsonConvert.SerializeObject(token); return(Content(result, "application/json")); } else { throw new HttpException((int)HttpStatusCode.Unauthorized, "This code has already been used"); } } else { throw new HttpException((int)HttpStatusCode.BadRequest, "The request is not valid"); } }
// [Authorize] public ActionResult AlhambraCallback(AlhambraCallbackInput input) { //System.Web.HttpContext.Current.Application["Authorization"] = (AuthorizationState) client.ProcessUserAuthorization(this.Request); //AuthorizationState auth = (AuthorizationState)client.ProcessUserAuthorization(this.Request); // System.Web.HttpContext.Current.Application["Authorization"] = auth; // CurrentAuthorizationState = auth; //string code = Request.QueryString["code"]; //System.Web.HttpContext.Current.Application.Add("Code",Request.QueryString["code"]); //string accessToken = Request.QueryString["access_token"]; //authorizationState = client.ProcessUserAuthorization(this.Request); var tokenInfoUrl = Config.SERVER_ADDRESS + "/OAuth2/Token"; var httpClient = new HttpClient(); string decodedNetworkCredentials = string.Format("{0}:{1}", ConfigurationManager.AppSettings["alhambraIdentifier"], ConfigurationManager.AppSettings["alhambraSecret"]); string encodedNetworkCredentials = Convert.ToBase64String(Encoding.ASCII.GetBytes(decodedNetworkCredentials)); httpClient.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Basic", encodedNetworkCredentials); Dictionary <string, string> formVals = new Dictionary <string, string>(); formVals.Add("grant_type", "authorization_code"); formVals.Add("code", input.code); formVals.Add("redirect_uri", Config.CLIENT_ADDRESS + "/OpenIdConnect/AlhambraCallback"); HttpRequestMessage postRequest = new HttpRequestMessage(HttpMethod.Post, tokenInfoUrl); postRequest.Content = new FormUrlEncodedContent(formVals); HttpResponseMessage postResponse = httpClient.SendAsync(postRequest).Result; //in the form of an actionresult instead of a function //because the httpclient provides the authorization header //by the time it performs the request //string tokenInfo = httpClient.GetAsync(tokenInfoUrl).Result.Content.ReadAsStringAsync().Result; // System.Web.HttpContext.Current.Application["Token"]= tokenInfo; //var tv = new AlhambraTokenValidator(); //tv.ValidateToken(tokenInfo, "NATURE"); // string userInfoUrl = CLIENT_ADDRESS + "/UserInfo"; // OAuth2Graph userInfo = httpClient.GetAsync(userInfoUrl).Result.Content.ReadAsAsync<OAuth2Graph>().Result; // string userInfo = httpClient.GetAsync(userInfoUrl).Result.Content.ReadAsStringAsync().Result; // OAuth2Graph userinfo = client.GetUserInfo(auth.AccessToken); //string result = JsonConvert.SerializeObject(userinfo); OpenIdConnectToken result = postResponse.Content.ReadAsAsync <OpenIdConnectToken>().Result; JWTSecurityToken token = new JWTSecurityToken(result.id_token); string jwtDecoded = AlhambraJwtTokenManager.DecodeJWT(token); return(Content("access_token: " + result.access_token + "<br/>refresh_token: " + result.refresh_token + "<br/>expires_in: " + result.expires_in + "<br/>id_token: " + result.id_token + "<br/>issuer: " + token.Issuer + "<br/>Audience: " + token.Audience + "<br/>Valid From: " + token.ValidFrom.ToString("yyyy-MM-ddThh:mm:ssZ") + "<br/>Valid To: " + token.ValidTo.ToString("yyyy-MM-ddThh:mm:ssZ"))); }