public static async Task <HttpGetJsonResult> HttpGetJsonAsync(string uri, AuthState authState)
{
if (!authState.IsAuthorized)
{
return(new HttpGetJsonResult {
Code = X_HTTP_NEED_REAUTHZ
});
}
if (authState.NeedsTokenRefresh)
{
RefreshTokenResult result;
try {
result = await authState.Client.RefreshTokenAsync(authState.RefreshToken);
authState.Update(result);
} catch (Exception e) {
result = new RefreshTokenResult {
Error = e.Message
};
}
if (result.IsError)
{
return(new HttpGetJsonResult {
Code = authState.IsAuthorized ? X_HTTP_ERROR : X_HTTP_NEED_REAUTHZ,
Json = new { error = result.Error }
});
}
}
try {
#if true
// Use custom HttpClientHandler for demonstration. (next 4 lines)
var handler = new HttpClientHandlerEx();
handler.BeforeRequestAsyncHooks += LogPage.HttpRequestLoggerAsync;
handler.AfterResponseAsyncHooks += LogPage.HttpResponseLoggerAsync;
using (var client = new HttpClient(handler: handler)) {
#else
// This is normal implementation.
using (var client = new HttpClient()) {
#endif
client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", authState.AccessToken);
var response = await client.GetAsync(uri);
return(new HttpGetJsonResult {
Code = response.StatusCode == HttpStatusCode.Unauthorized ? X_HTTP_NEED_REAUTHZ : response.StatusCode,
Json = JsonConvert.DeserializeObject(await response.Content.ReadAsStringAsync())
});
}
} catch (Exception ex) {
return(new HttpGetJsonResult {
Code = X_HTTP_ERROR,
Json = new { error = ex.GetType().Name, error_description = ex.Message }
});
}
}
public async Task UriCacheKey_equal_comparison()
{
var baseUri = _server.Urls[0];
var clientHandler = new HttpClientHandlerEx();
var client = HttpClientFactory.Create().Build(clientHandler);
_ = await client.GetAsync($"{baseUri}{_endpointUri}");
var cachedUriKey = Assert.Single(clientHandler.AlreadySeenAddresses);
Assert.True(new HttpClientHandlerEx.UriCacheKey($"{baseUri}{_endpointUri}") == cachedUriKey);
}
public async Task HttpClientHandlerEx_should_cache_visited_url()
{
var baseUri = _server.Urls[0];
var clientHandler = new HttpClientHandlerEx();
var client = HttpClientFactory.Create().Build(clientHandler);
_ = await client.GetAsync($"{baseUri}{_endpointUri}");
var cachedUriKey = Assert.Single(clientHandler.AlreadySeenAddresses);
Assert.Equal(new HttpClientHandlerEx.UriCacheKey($"{baseUri}{_endpointUri}"), cachedUriKey);
}
protected async void OnSignoutButtonClicked(object sender, EventArgs e)
{
if (authState.RefreshToken == null && authState.AccessToken == null)
{
return;
}
var endpoint = await authState.GetRevocationEndpointAsync();
if (endpoint != null)
{
#if true
// Use custom HttpClientHandler for demonstration. (next 4 lines)
var handler = new HttpClientHandlerEx();
handler.BeforeRequestAsyncHooks += LogPage.HttpRequestLoggerAsync;
handler.AfterResponseAsyncHooks += LogPage.HttpResponseLoggerAsync;
var client = new TokenRevocationClient(endpoint, innerHttpMessageHandler: handler);
#else
// This is normal implementation.
var client = new TokenRevocationClient(endpoint);
#endif
var result = await client.RevokeAsync(new TokenRevocationRequest {
Token = authState.RefreshToken ?? authState.AccessToken
});
#if true
// Google Accounts will return an "invalid_token" error on HTTP 400, not HTTP 200,
// in response to a revocation request for a token that has already been revoked.
if (result.IsError && result.Error != "invalid_token")
{
#else
// This is normal implementation.
if (result.IsError)
{
#endif
#region // Write program to be executed when revoking authorization fails.
ShowAuthState();
ResultLabel.Text = StringResources.MsgAuthRevokeNg;
#endregion
return;
}
}
#region // Program to be executed when revoking authorization succeeds.
authState.Reset();
ShowAuthState();
ResultLabel.Text = StringResources.MsgAuthRevokeOk;
#endregion
}
public App()
{
StringResources.Culture = DependencyService.Get <ILocale>().GetLanguage();
AuthState = new AuthState();
AuthState.UpdateHooks += SaveAuthState;
var browser = DependencyService.Get <IBrowserEx>(DependencyFetchTarget.NewInstance);
browser.CustomUrlScheme = CUSTOM_URL_SCHEME;
browser.RedirectUri = REDIRECT_URI;
// Setup for demonstration. (next 2 lines)
browser.BeforeAuthzRequestHooks += LogPage.AuthzRequestLogger;
browser.AfterAuthzResponseHooks += LogPage.AuthzResponseLogger;
var options = new OidcClientOptions {
Authority = ISSUER_URI,
#if __ANDROID__
ClientId = CLIENT_ID_ANDROID,
#elif __IOS__
ClientId = CLIENT_ID_IOS,
#endif
Scope = SCOPE,
RedirectUri = REDIRECT_URI,
ResponseMode = OidcClientOptions.AuthorizeResponseMode.Redirect,
RefreshDiscoveryDocumentForLogin = false,
Browser = browser
};
// Google Accounts has endpoints provided from www.googleapis.com in addition to accounts.google.com.
options.Policy.Discovery.AdditionalEndpointBaseAddresses = new[] { "https://www.googleapis.com" };
// Setup for demonstration. (next 4 lines)
var handler = new HttpClientHandlerEx();
handler.BeforeRequestAsyncHooks += LogPage.HttpRequestLoggerAsync;
handler.AfterResponseAsyncHooks += LogPage.HttpResponseLoggerAsync;
options.BackchannelHandler = handler;
// Setup for debugging. (next 5 lines)
var serilog = new LoggerConfiguration()
.MinimumLevel.Verbose()
.WriteTo.Debug()
.CreateLogger();
options.LoggerFactory.AddSerilog(serilog);
var client = new OidcClient(options);
AuthState.Update(client);
var file = IsolatedStorageFile.GetUserStoreForApplication();
try {
using (var stream = file.OpenFile(PREFERENCE_FILE_NAME, FileMode.Open)) {
using (var reader = new StreamReader(stream)) {
var crypto = DependencyService.Get <ICrypto>();
AuthState.LoadFromJson(crypto.DecryptString(reader.ReadToEnd()));
}
}
} catch (FileNotFoundException) { }
InitializeComponent();
MainPage = new MasterDetail();
}
