private void btnLogin_Click(object sender, RoutedEventArgs e)
{
// for reference: if you ever need to get the correct callbackUri
// for your app
// var callbackUri = WebAuthenticationBroker.GetCurrentApplicationCallbackUri();
var client = new OAuth2Client(
new Uri(ExpenseTrackerConstants.IdSrvAuthorizeWp));
string nonce = Guid.NewGuid().ToString() + DateTime.Now.Ticks.ToString();
var startUrl = client.CreateAuthorizeUrl(
"native", //this client corresponds to client config on id srv level
"id_token token", //Request an id token + access token
"openid roles expensetrackerapi", //the access token should contain the id and roles scope
//will call the user info end point for this
//We no longer use the authorization code as this does not belong to the implicit flow
//The WP client isn't a confidential client...
//If you do ask for the authorization code, this flow will fail.
//Ask for the expensetrackerapi scope to get it included in the access token
ExpenseTrackerConstants.ExpenseTrackerMobile,
"state", //With state you can pass through values
nonce); //Number only used once, this is used by the STS to prevent replay attacks
WebAuthenticationBroker.AuthenticateAndContinue
(
new Uri(startUrl),
new Uri(ExpenseTrackerConstants.ExpenseTrackerMobile),
null,
WebAuthenticationOptions.None);
}
private void GetTokenButtonClick(object sender, EventArgs e)
{
var client = new OAuth2Client(new Uri(AuthorizeUrl));
var state = Guid.NewGuid().ToString();
var startUrl = client.CreateAuthorizeUrl(ClientId, "token", "corp", CallbackUri, null, state, null, null, null, new Dictionary <string, string> {
{ "kc_locale", "ka" }
});
var loginForm = new LoginFormNew(startUrl)
{
Url = startUrl, CallbackUri = new Uri(CallbackUri)
};
loginForm.ShowDialog();
if (loginForm.AuthorizeResponse != null)
{
authorizeResponse = loginForm.AuthorizeResponse;
ShowResponseInfo(authorizeResponse);
InitializeForm();
counter = authorizeResponse.ExpiresIn;
timer = new Timer();
timer.Tick += CounterTimerTick;
timer.Interval = 1000;
timer.Start();
counterLabel.Text = $"{counter} seconds";
}
}
private void btnLogin_Click(object sender, RoutedEventArgs e)
{
// for reference: if you ever need to get the correct callbackUri
// for your app
// var callbackUri = WebAuthenticationBroker.GetCurrentApplicationCallbackUri();
var client = new OAuth2Client(
new Uri(ExpenseTrackerConstants.IdSrvAuthorize));
string nonce = Guid.NewGuid().ToString() + DateTime.Now.Ticks.ToString();
var startUrl = client.CreateAuthorizeUrl(
"native",
"id_token token",
"openid roles expensetrackerapi",
ExpenseTrackerConstants.ExpenseTrackerMobile,
"state", nonce);
WebAuthenticationBroker.AuthenticateAndContinue
(
new Uri(startUrl),
new Uri(ExpenseTrackerConstants.ExpenseTrackerMobile),
null,
WebAuthenticationOptions.None);
}
public ActionResult Login()
{
var client = new OAuth2Client(new Uri($"{GrowthZoneClient.Host}/oauth/authorize"));
var authorizeUrl = client.CreateAuthorizeUrl(GrowthZoneClient.ClientId, "code", redirectUri: RedirectUri);
return(Redirect(authorizeUrl));
}
private void RequestToken(string scope, string responseType)
{
var client = new OAuth2Client(new Uri(Constants.AuthorizeEndpoint));
var startUrl = client.CreateAuthorizeUrl(
clientId: Constants.ClientId,
responseType: responseType,
scope: scope,
redirectUri: Constants.ClientRedirectUrl,
state: "random_state",
nonce: "random_nonce");
_login.Show();
_login.Start(new Uri(startUrl), new Uri(Constants.ClientRedirectUrl));
}
private void RequestToken(string scope, string responseType)
{
var client = new OAuth2Client(new Uri(Constants.AuthorizeEndpoint));
var startUrl = client.CreateAuthorizeUrl(
clientId: "hybridclient",
responseType: responseType,
scope: scope,
redirectUri: "oob://localhost/wpfclient",
state: "random_state",
nonce: "random_nonce");
_login.Show();
_login.Start(new Uri(startUrl), new Uri("oob://localhost/wpfclient"));
}
public async static Task <AuthorizeResponse> DoImplicitFlowAsync(
Uri endpoint,
string clientId,
string responseType,
string scope,
Uri redirectUri)
{
var client = new OAuth2Client(endpoint);
var state = Guid.NewGuid().ToString("N");
var nonce = Guid.NewGuid().ToString("N");
var startUri = client.CreateAuthorizeUrl(
clientId: clientId,
responseType: responseType,
scope: scope,
redirectUri: redirectUri.AbsoluteUri,
state: state,
nonce: nonce,
responseMode: "form_post");
try
{
var result = await WebAuthenticationBroker.AuthenticateAsync(
WebAuthenticationOptions.UseHttpPost,
new Uri(startUri));
if (result.ResponseStatus == WebAuthenticationStatus.Success)
{
return(new AuthorizeResponse(result.ResponseData));
}
else if (result.ResponseStatus == WebAuthenticationStatus.UserCancel)
{
throw new Exception("User cancelled authentication");
}
else if (result.ResponseStatus == WebAuthenticationStatus.ErrorHttp)
{
throw new Exception("HTTP Error returned by AuthenticateAsync() : " + result.ResponseErrorDetail.ToString());
}
else
{
throw new Exception("Error returned by AuthenticateAsync() : " + result.ResponseStatus.ToString());
}
}
catch
{
// Bad Parameter, SSL/TLS Errors and Network Unavailable errors are to be handled here.
throw;
}
}
private void RequestToken(string scope, string responseType)
{
var client = new OAuth2Client(new Uri(Constants.AuthorizeEndpoint));
var startUrl = client.CreateAuthorizeUrl(
clientId: "implicitclient",
responseType: responseType,
scope: scope,
redirectUri: "oob://localhost/wpfclient",
state: "random_state",
nonce: "random_nonce" /**,
* loginHint: "alice",
* acrValues: "idp:Google b c" **/);
_login.Show();
_login.Start(new Uri(startUrl), new Uri("oob://localhost/wpfclient"));
}
private void RequestToken(string scope, string responseType)
{
var client = new OAuth2Client(new Uri(Constants.AuthorizeEndpoint));
//var client = new OAuth2Client(new Uri("https://login.microsoftonline.com/70248591-7dbf-4c5c-a3e3-0a009f207bb2/oauth2/authorize"));
var startUrl = client.CreateAuthorizeUrl(
clientId: "implicitclient",
//clientId: "7b3e70c3-32f7-4b32-82b9-93260ff47b47",
responseType: responseType,
scope: scope,
redirectUri: "oob://localhost/wpfclient",
state: "random_state",
nonce: "random_nonce" /**,
* loginHint: "alice",
* acrValues: "idp:Google b c" **/);
_login.Show();
_login.Start(new Uri(startUrl), new Uri("oob://localhost/wpfclient"));
}
public ActionResult SignIn()
{
var client = new OAuth2Client(new Uri(Constants.AuthorizeEndpoint));
var url = client.CreateAuthorizeUrl(
"implicitclient",
"id_token",
"openid email",
"http://localhost:11716/account/signInCallback",
"state",
new Dictionary <string, string>
{
{ "nonce", "nonce" },
{ "response_mode", "form_post" }
});
return(Redirect(url));
}
/// <summary>
/// Create authorise url.
/// </summary>
/// <param name="clientId">The client id.</param>
/// <param name="responseTypes">The response types <see cref="SignOn.GetIDTokenResponseTypes()"/>.</param>
/// <param name="scopes">The scopes for this request.</param>
/// <param name="redirectUri">The redirect url.</param>
/// <param name="state">The state.</param>
/// <param name="nonce">The nonce.</param>
/// <param name="loginHint">The login hint.</param>
/// <param name="acrValues">The acr values (idp:Google b c).</param>
/// <param name="responseMode">The response mode (form_post).</param>
/// <param name="additionalValues">Additional values.</param>
/// <returns>The authosise URL.</returns>
public string CreateAuthoriseUrl(
string clientId,
string[] responseTypes,
string[] scopes = null,
string redirectUri = null,
string state = "random_state",
string nonce = "random_nonce",
string loginHint = null,
string acrValues = null,
string responseMode = null,
Dictionary <string, string> additionalValues = null)
{
// Create a request.
var request = new OAuth2Client(new Uri(_baseAddress.TrimEnd('/') + "/" + _authorizeEndpoint.Trim('/')));
return(request.CreateAuthorizeUrl(clientId, String.Join(" ", responseTypes), (scopes == null ? null : String.Join(" ", scopes)),
redirectUri, state, nonce, loginHint, acrValues, responseMode, additionalValues));
}
private void RequestToken(string scope, string responseType)
{
var additional = new Dictionary <string, string>
{
{ "nonce", "nonce" }
};
var client = new OAuth2Client(new Uri(Constants.AuthorizeEndpoint));
var startUrl = client.CreateAuthorizeUrl(
"implicitclient",
responseType,
scope,
"oob://localhost/wpfclient",
"state",
additional);
_login.Show();
_login.Start(new Uri(startUrl), new Uri("oob://localhost/wpfclient"));
}
public void RequestToken(string clientid, string authuri, string scope, string responseType, string callbackUri)
{
var additional = new Dictionary <string, string>
{
{ "nonce", "nonce" },
// { "login_hint", "idp:Google" }
};
var client = new OAuth2Client(new Uri(authuri));
var startUrl = client.CreateAuthorizeUrl(
clientid,
responseType,
scope,
callbackUri,
"state",
additionalValues: additional);
this.Show();
this.Start(new Uri(startUrl), new Uri(callbackUri));
}
private void RequestToken(string scope, string responseType)
{
var additional = new Dictionary <string, string>
{
{ "nonce", "should_be_random" },
// { "login_hint", "idp:Google" },
// { "acr_values", "a b c" }
};
var client = new OAuth2Client(new Uri(Constants.AuthorizeEndpoint));
var startUrl = client.CreateAuthorizeUrl(
"implicitclient",
responseType,
scope,
"oob://localhost/wpfclient",
"random_state",
additional);
_login.Show();
_login.Start(new Uri(startUrl), new Uri("oob://localhost/wpfclient"));
}
public static void DoImplicitFlowAsync(
Uri endpoint,
string clientId,
string responseType,
string scope,
Uri redirectUri)
{
var client = new OAuth2Client(endpoint);
var state = Guid.NewGuid().ToString("N");
var nonce = Guid.NewGuid().ToString("N");
var startUri = client.CreateAuthorizeUrl(
clientId: clientId,
responseType: responseType,
scope: scope,
redirectUri: redirectUri.AbsoluteUri,
state: state,
nonce: nonce);
try
{
// On Windows Phone 8.1, the AuthenticateAsync method isn't implemented on
// the WebAuthenticationBroker. Therefor, AuthenticateAndContinue is used.
//
// Callback = ContinueWebAuthentication in MainPage.xaml.cs
WebAuthenticationBroker.AuthenticateAndContinue(
new Uri(startUri),
redirectUri,
null,
WebAuthenticationOptions.None
);
}
catch
{
// Bad Parameter, SSL/TLS Errors and Network Unavailable errors are to be handled here.
throw;
}
}
public static async Task <HttpResponseMessage> Run(
[HttpTrigger(AuthorizationLevel.Anonymous, "get", "post", Route = null)] HttpRequestMessage req,
TraceWriter log)
{
log.Info("C# HTTP trigger function processed a request.");
if (req.Method == HttpMethod.Get)
{
var client = new OAuth2Client(new Uri(ConfigurationManager.AppSettings["OneLoginUrl"]));
string url = client.CreateAuthorizeUrl(
clientId: ConfigurationManager.AppSettings["OneLoginClientId"],
redirectUri: ConfigurationManager.AppSettings["RedirectUri"],
responseType: "id_token",
responseMode: "form_post",
scope: "openid",
nonce: Guid.NewGuid().ToString());
log.Info("getting token from " + url);
var response = req.CreateResponse(HttpStatusCode.Redirect);
response.Headers.Location = new Uri(url);
return(response);
}
else if (req.Method == HttpMethod.Post)
{
log.Info("token posted");
var data = await req.Content.ReadAsStringAsync();
log.Info("token " + data);
var token = data.Substring(9);
//todo validation
//var parameters = new TokenValidationParameters
//{
// key
//};
var tokenHandler = new JwtSecurityTokenHandler();
var unvalidatedJwt = tokenHandler.ReadJwtToken(token);
//SecurityToken validated;
//tokenHandler.ValidateToken(token, parameters, out validated);
//log.Info("token issuer" + validated.Issuer);
//var jwt = validated as JwtSecurityToken;
//log.Info("jwt " + jwt.Payload);
var tokenHelper = new TokenHelper();
var valid = tokenHelper.ValidateToken(token);
if (valid)
{
var response = req.CreateResponse(HttpStatusCode.Redirect);
response.Headers.Location = new Uri(ConfigurationManager.AppSettings["TokenRedirect"] + token);
return(response);
//return req.CreateResponse(HttpStatusCode.OK, unvalidatedJwt, "application/json");
}
else
{
return(req.CreateResponse(HttpStatusCode.Forbidden));
}
}
return(req.CreateResponse(HttpStatusCode.OK, "invalid"));
}
