public SampleForm() { InitializeComponent(); var authority = "https://demo.identityserver.io"; var options = new OidcClientOptions( authority, "native", "secret", "openid email api offline_access", "http://localhost/winforms.client", new WinFormsWebView()); options.UseFormPost = true; _oidcClient = new OidcClient(options); }
public async Task no_keyset_for_identity_token_should_fail() { var tokenResponse = new Dictionary <string, object> { { "access_token", "token" }, { "expires_in", 300 }, { "id_token", Crypto.UntrustedIdentityToken }, { "refresh_token", "refresh_token" } }; _options.BackchannelHandler = new NetworkHandler(JsonConvert.SerializeObject(tokenResponse), HttpStatusCode.OK); var client = new OidcClient(_options); var state = await client.PrepareLoginAsync(); var url = $"?state={state.State}&code=bar"; var result = await client.ProcessResponseAsync(url, state); result.IsError.Should().BeTrue(); result.Error.Should().StartWith("Error validating token response: Error validating identity token: Microsoft.IdentityModel.Tokens.SecurityTokenInvalidSignatureException: IDX10500: Signature validation failed. No security keys were provided to validate the signature"); }
public async Task malformed_identity_token_on_token_response_should_fail() { var tokenResponse = new Dictionary <string, object> { { "access_token", "token" }, { "expires_in", 300 }, { "id_token", "id_token" }, { "refresh_token", "refresh_token" } }; _options.BackchannelHandler = new NetworkHandler(JsonConvert.SerializeObject(tokenResponse), HttpStatusCode.OK); var client = new OidcClient(_options); var state = await client.PrepareLoginAsync(); var url = $"?state={state.State}&code=bar"; var result = await client.ProcessResponseAsync(url, state); result.IsError.Should().BeTrue(); result.Error.Should().StartWith("Error validating token response: Error validating identity token: System.ArgumentException: IDX10709: JWT is not well formed"); }
public async Task Malformed_identity_token_on_token_response_should_fail() { var tokenResponse = new Dictionary <string, object> { { "access_token", "token" }, { "expires_in", 300 }, { "id_token", "id_token" }, { "refresh_token", "refresh_token" } }; _options.BackchannelHandler = new NetworkHandler(JsonSerializer.Serialize(tokenResponse), HttpStatusCode.OK); var client = new OidcClient(_options); var state = await client.PrepareLoginAsync(); var url = $"?state={state.State}&code=bar"; var result = await client.ProcessResponseAsync(url, state); result.IsError.Should().BeTrue(); result.Error.Should().Contain("IDX14100"); }
public async Task Missing_access_token_on_token_response_should_fail() { var tokenResponse = new Dictionary <string, object> { //{ "access_token", "token" }, { "expires_in", 300 }, { "id_token", "id_token" }, { "refresh_token", "refresh_token" } }; _options.BackchannelHandler = new NetworkHandler(JsonConvert.SerializeObject(tokenResponse), HttpStatusCode.OK); var client = new OidcClient(_options); var state = await client.PrepareLoginAsync(); var url = $"?state={state.State}&code=bar"; var result = await client.ProcessResponseAsync(url, state); result.IsError.Should().BeTrue(); result.Error.Should().Be("Error validating token response: Access token is missing on token response."); }
public async Task No_keyset_for_identity_token_should_fail() { var tokenResponse = new Dictionary <string, object> { { "access_token", "token" }, { "expires_in", 300 }, { "id_token", Crypto.UntrustedIdentityToken }, { "refresh_token", "refresh_token" } }; _options.BackchannelHandler = new NetworkHandler(JsonConvert.SerializeObject(tokenResponse), HttpStatusCode.OK); var client = new OidcClient(_options); var state = await client.PrepareLoginAsync(); var url = $"?state={state.State}&code=bar"; var result = await client.ProcessResponseAsync(url, state); result.IsError.Should().BeTrue(); result.Error.Should().Contain("IDX10501"); }
public async Task Invalid_cHash_should_fail() { var client = new OidcClient(_options); var state = await client.PrepareLoginAsync(); var key = Crypto.CreateKey(); _options.ProviderInformation.KeySet = Crypto.CreateKeySet(key); var frontChannelJwt = Crypto.CreateJwt(key, "https://authority", "client", new Claim("sub", "123"), new Claim("nonce", state.Nonce), new Claim("c_hash", "invalid")); var url = $"?state={state.State}&code=code&id_token={frontChannelJwt}"; var result = await client.ProcessResponseAsync(url, state); result.IsError.Should().BeTrue(); result.Error.Should().Be("Invalid c_hash."); }
private async void Button_Click(object sender, RoutedEventArgs e) { var options = new OidcClientOptions() { Authority = "https://localhost:44305/", ClientId = "wpf", Scope = "openid ApiOne", RedirectUri = "http://localhost/sample-wpf-app", Browser = new WpfEmbeddedBrowser() }; _oidcClient = new OidcClient(options); LoginResult result; try { result = await _oidcClient.LoginAsync(); } catch (Exception ex) { //Message.Text = $"Unexpected Error: {ex.Message}"; return; } if (result.IsError) { //Message.Text = result.Error == "UserCancel" ? "The sign-in window was closed before authorization was completed." : result.Error; } else { var name = result.User.Identity.Name; var client = new HttpClient(); client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", result.AccessToken); var apiResult = await client.GetStringAsync("https://localhost:44337/secret"); //Message.Text = $"Hello {name}"; } }
public async Task Extra_parameters_on_backchannel_should_be_sent() { var client = new OidcClient(_options); var state = await client.PrepareLoginAsync(); var url = $"?state={state.State}&code=bar"; var idToken = Crypto.CreateJwt(null, "https://authority", "client", new Claim("at_hash", Crypto.HashData("token")), new Claim("sub", "123")); var tokenResponse = new Dictionary <string, object> { { "access_token", "token" }, { "expires_in", 300 }, { "id_token", idToken }, { "refresh_token", "refresh_token" } }; var handler = new NetworkHandler(JsonSerializer.Serialize(tokenResponse), HttpStatusCode.OK); _options.BackchannelHandler = handler; var backChannel = new Parameters { { "foo", "foo" }, { "bar", "bar" } }; var result = await client.ProcessResponseAsync(url, state, backChannel); result.IsError.Should().BeFalse(); result.AccessToken.Should().Be("token"); result.IdentityToken.Should().NotBeNull(); result.User.Should().NotBeNull(); var body = handler.Body; body.Should().Contain("foo=foo"); body.Should().Contain("bar=bar"); }
private async void StartAsync(object sender, RoutedEventArgs e) { var options = new OidcClientOptions { Authority = "http://127.0.0.1:5000", ClientId = "launcher", Scope = "games", RedirectUri = "http://127.0.0.1/callback", ResponseMode = OidcClientOptions.AuthorizeResponseMode.FormPost, Flow = OidcClientOptions.AuthenticationFlow.AuthorizationCode, Browser = new WpfBrowser() }; var oidcClient = new OidcClient(options); LoginResult result; try { result = await oidcClient.LoginAsync(new LoginRequest { BrowserDisplayMode = IdentityModel.OidcClient.Browser.DisplayMode.Visible, BrowserTimeout = 300 }); } catch (Exception ex) { MessageBox.Show($"exception {ex.Message}"); return; } if (result.IsError) { MessageBox.Show(result.Error == "UserCancel" ? "The sign-in window was closed before authorization was completed." : result.Error); } else { var name = result.User.Identity.Name; MessageBox.Show($"Hello {name}"); } }
private async void PrepareClient() { var redirectUri = WebAuthenticationBroker.GetCurrentApplicationCallbackUri().OriginalString; // Create options for endpoint discovery var options = new OidcClientOptions() { Authority = "https://demo.identityserver.io", ClientId = "interactive.confidential", ClientSecret = "secret", Scope = "openid profile email api offline_access", RedirectUri = redirectUri, PostLogoutRedirectUri = redirectUri, ResponseMode = OidcClientOptions.AuthorizeResponseMode.Redirect, Flow = OidcClientOptions.AuthenticationFlow.AuthorizationCode }; // Create the client. In production application, this is often created and stored // directly in the Application class. _oidcClient = new OidcClient(options); // Invoke Discovery and prepare a request state, containing the nonce. // This is done here to ensure the discovery mecanism is done before // the user clicks on the SignIn button. Since the opening of a web window // should be done during the handling of a user interaction (here it's the button click), // it will be too late to reach the discovery endpoint. // Not doing this could trigger popup blockers mechanisms in browsers. _loginState = await _oidcClient.PrepareLoginAsync(); btnSignin.IsEnabled = true; resultTxt.Text = "Login URI correct"; // Same for logout url. _logoutUrl = new Uri(await _oidcClient.PrepareLogoutAsync(new LogoutRequest())); btnSignout.IsEnabled = true; resultTxt.Text = $"Initialization completed.\nStart={_loginState.StartUrl}\nCallback={_loginState.RedirectUri}\nLogout={_logoutUrl}"; }
private static OidcClient InitializeLoginClient() { int port = 7890; string authority = "https://log-in.test.miljoeportal.dk/runtime/oauth2"; string clientId = "** insert client id **"; string clientSecret = "** insert client secret **"; string redirectUri = string.Format($"http://127.0.0.1:{port}"); var options = new OidcClientOptions { Authority = authority, Policy = new Policy { Discovery = new DiscoveryPolicy { ValidateIssuerName = false, ValidateEndpoints = false } }, ClientId = clientId, ClientSecret = clientSecret, RedirectUri = redirectUri, Scope = "openid", Flow = OidcClientOptions.AuthenticationFlow.AuthorizationCode, ResponseMode = OidcClientOptions.AuthorizeResponseMode.Redirect, Browser = new SystemBrowser(port) }; var client = new OidcClient(options); return(client); }
public MainPage() { InitializeComponent(); Login.Clicked += Login_Clicked; CallApi.Clicked += CallApi_Clicked; var browser = DependencyService.Get <IBrowser>(); var options = new OidcClientOptions { Authority = "https://demo.identityserver.io", ClientId = "native.hybrid", Scope = "openid profile email api offline_access", RedirectUri = "xamarinformsclients://callback", Browser = browser, ResponseMode = OidcClientOptions.AuthorizeResponseMode.Redirect }; _client = new OidcClient(options); }
public async Task At_hash_policy_should_be_enforced(bool atHashRequired) { var client = new OidcClient(_options); var state = await client.PrepareLoginAsync(); var url = $"?state={state.State}&nonce={state.Nonce}&code=bar"; var key = Crypto.CreateKey(); var idToken = Crypto.CreateJwt(key, "https://authority", "client", new Claim("sub", "123"), new Claim("nonce", state.Nonce)); var tokenResponse = new Dictionary <string, object> { { "access_token", "token" }, { "expires_in", 300 }, { "id_token", idToken }, { "refresh_token", "refresh_token" } }; _options.ProviderInformation.KeySet = Crypto.CreateKeySet(key); _options.BackchannelHandler = new NetworkHandler(JsonSerializer.Serialize(tokenResponse), HttpStatusCode.OK); _options.Policy.RequireAccessTokenHash = atHashRequired; var result = await client.ProcessResponseAsync(url, state); if (atHashRequired) { result.IsError.Should().BeTrue(); result.Error.Should().Be("Error validating token response: at_hash is missing."); } else { result.IsError.Should().BeFalse(); result.AccessToken.Should().Be("token"); result.IdentityToken.Should().NotBeNull(); result.User.Should().NotBeNull(); } }
public MainWindow() { InitializeComponent(); _writeLine = (text) => txtOutput.Text += text + "\n"; _clearText = () => txtOutput.Text = ""; _oidcOptions = new OidcClientOptions { Authority = "{authority}", ClientId = "{clienId}", Scope = "openid profile", Flow = AuthenticationFlow.AuthorizationCode, ResponseMode = OidcClientOptions.AuthorizeResponseMode.FormPost, // should post_logout_redirect always be the same? RedirectUri = "{redirectUri}", //"http://127.0.0.1:56008/", PostLogoutRedirectUri = "{postLogoutRedirectUri}", //"http://127.0.0.1:56008/", Browser = new DefaultSystemBrowser(), }; _oidcClient = new OidcClient(_oidcOptions); }
public void HandleOidcUserAddUpdate_NewUserGetsCreatedWithCorrectData() { var expectedFirstName = System.Guid.NewGuid().ToString("N"); var expectedLastName = System.Guid.NewGuid().ToString("N"); var expectedMiddleName = System.Guid.NewGuid().ToString("N"); var expectedNickName = System.Guid.NewGuid().ToString("N"); var expectedEmailAddress = System.Guid.NewGuid().ToString("N") + "@fakeinbox.com"; var userId = System.Guid.NewGuid().ToString("N"); var tokenHandler = new JwtSecurityTokenHandler(); var tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(new[] { new Claim(JwtClaimTypes.Subject, userId), new Claim(JwtClaimTypes.Email, expectedEmailAddress), new Claim(JwtClaimTypes.NickName, expectedNickName), new Claim(JwtClaimTypes.GivenName, expectedFirstName), new Claim(JwtClaimTypes.MiddleName, expectedMiddleName), new Claim(JwtClaimTypes.FamilyName, expectedLastName) }), }; var token = ( JwtSecurityToken )tokenHandler.CreateToken(tokenDescriptor); var oidcClient = new OidcClient(); var userName = oidcClient.HandleOidcUserAddUpdate(token, "test"); var userLoginService = new UserLoginService(new RockContext()); var actualUserLogin = userLoginService.Queryable().Where(ul => ul.UserName == userName).FirstOrDefault(); Assert.That.IsNotNull(actualUserLogin); Assert.That.AreEqual("OIDC_" + userId, actualUserLogin.UserName); Assert.That.AreEqual(expectedEmailAddress.ToLower(), actualUserLogin.Person.Email.ToLower()); Assert.That.AreEqual(expectedFirstName.ToLower(), actualUserLogin.Person.FirstName.ToLower()); Assert.That.AreEqual(expectedMiddleName.ToLower(), actualUserLogin.Person.MiddleName.ToLower()); Assert.That.AreEqual(expectedLastName.ToLower(), actualUserLogin.Person.LastName.ToLower()); Assert.That.AreEqual(expectedNickName.ToLower(), actualUserLogin.Person.NickName.ToLower()); }
public async Task untrusted_identity_token_should_fail() { var tokenResponse = new Dictionary <string, object> { { "access_token", "token" }, { "expires_in", 300 }, { "id_token", Crypto.UntrustedIdentityToken }, { "refresh_token", "refresh_token" } }; _options.ProviderInformation.KeySet = Crypto.CreateKeySet(Crypto.CreateKey()); _options.BackchannelHandler = new NetworkHandler(JsonConvert.SerializeObject(tokenResponse), HttpStatusCode.OK); var client = new OidcClient(_options); var state = await client.PrepareLoginAsync(); var url = $"?state={state.State}&code=bar"; var result = await client.ProcessResponseAsync(url, state); result.IsError.Should().BeTrue(); result.Error.Should().StartWith("Error validating token response: Error validating identity token: Microsoft.IdentityModel.Tokens.SecurityTokenSignatureKeyNotFoundException: IDX10501: Signature validation failed. Unable to match 'kid'"); }
public async Task Untrusted_identity_token_should_fail() { var tokenResponse = new Dictionary <string, object> { { "access_token", "token" }, { "expires_in", 300 }, { "id_token", Crypto.UntrustedIdentityToken }, { "refresh_token", "refresh_token" } }; _options.ProviderInformation.KeySet = Crypto.CreateKeySet(Crypto.CreateKey()); _options.BackchannelHandler = new NetworkHandler(JsonSerializer.Serialize(tokenResponse), HttpStatusCode.OK); var client = new OidcClient(_options); var state = await client.PrepareLoginAsync(); var url = $"?state={state.State}&code=bar"; var result = await client.ProcessResponseAsync(url, state); result.IsError.Should().BeTrue(); result.Error.Should().Contain("invalid_signature"); }
private static async Task SignIn() { // create a redirect URI using an available port on the loopback address. // requires the OP to allow random ports on 127.0.0.1 - otherwise set a static port var browser = new SystemBrowser(); string redirectUri = string.Format($"http://127.0.0.1:{browser.Port}"); var options = new OidcClientOptions { Authority = _authority, ClientId = "interactive.public", RedirectUri = redirectUri, Scope = "openid profile api offline_access", FilterClaims = false, Browser = browser, IdentityTokenValidator = new JwtHandlerIdentityTokenValidator(), RefreshTokenInnerHttpHandler = new HttpClientHandler() }; var serilog = new LoggerConfiguration() .MinimumLevel.Debug() .Enrich.FromLogContext() .WriteTo.Console(outputTemplate: "[{Timestamp:HH:mm:ss} {Level}] {SourceContext}{NewLine}{Message}{NewLine}{Exception}{NewLine}", theme: AnsiConsoleTheme.Code) .CreateLogger(); options.LoggerFactory.AddSerilog(serilog); _oidcClient = new OidcClient(options); var result = await _oidcClient.LoginAsync(new LoginRequest()); _apiClient = new HttpClient(result.RefreshTokenHandler) { BaseAddress = new Uri(_api) }; ShowResult(result); await NextSteps(result); }
protected ViewController(IntPtr handle) : base(handle) { IdentityModelEventSource.ShowPII = true; var options = new OidcClientOptions { Authority = "https://demo.identityserver.io", ClientId = "native.hybrid", Scope = "openid profile email api offline_access", ResponseMode = OidcClientOptions.AuthorizeResponseMode.Redirect, RedirectUri = "SFAuthenticationSessionExample://callback", PostLogoutRedirectUri = "SFAuthenticationSessionExample://callback", //Browser = new SFAuthenticationSessionBrowser() // new in iOS 12 Browser = new ASWebAuthenticationSessionBrowser() }; _client = new OidcClient(options); }
public MainPage() { InitializeComponent(); var browser = DependencyService.Get <IBrowser>(); var options = new OidcClientOptions { Authority = "http://192.168.1.107:5000/", ClientId = "xamarin", Scope = "openid ApiOne", RedirectUri = "xamarinformsclients://callback", Browser = browser, ResponseMode = OidcClientOptions.AuthorizeResponseMode.Redirect }; options.Policy.Discovery.RequireHttps = false; _client = new OidcClient(options); _apiClient.Value.BaseAddress = new Uri("http://192.168.1.107:5002/"); }
private static async Task Login(OidcClientOptions options) { // create a redirect URI using an available port on the loopback address. requires the // OP to allow random ports on 127.0.0.1 - otherwise set a static port var browser = new SystemBrowser(3000); string redirectUri = string.Format($"http://127.0.0.1:{browser.Port}"); //string redirectUri = "https://keycloak.docufy.de/auth/realms/AzureAdTest/broker/oidc/endpoint/auth"; //var options = new OidcClientOptions //{ // Authority = _authority, // ClientId = "native.code", // RedirectUri = redirectUri, // Scope = "openid profile api", // FilterClaims = false, // Browser = browser, // Flow = OidcClientOptions.AuthenticationFlow.AuthorizationCode, // ResponseMode = OidcClientOptions.AuthorizeResponseMode.Redirect //}; options.Browser = browser; options.RedirectUri = redirectUri; var serilog = new LoggerConfiguration() .MinimumLevel.Error() .Enrich.FromLogContext() .WriteTo.LiterateConsole(outputTemplate: "[{Timestamp:HH:mm:ss} {Level}] {SourceContext}{NewLine}{Message}{NewLine}{Exception}{NewLine}") .CreateLogger(); options.LoggerFactory.AddSerilog(serilog); _oidcClient = new OidcClient(options); var result = await _oidcClient.LoginAsync(new LoginRequest()); ShowResult(result); await NextSteps(result); }
private async void Window_Loaded(object sender, RoutedEventArgs e) { var options = new OidcClientOptions() { Authority = "http://localhost:5001", ClientId = "8b25bce5-fbee-41a8-ba0e-8385fe4afff7", ClientSecret = "8b25bce5-fbee-41a8-ba0e-8385fe4afff7", Scope = "openid profile openIdConnectClient", RedirectUri = "http://127.0.0.1/sample-wpf-app", ResponseMode = OidcClientOptions.AuthorizeResponseMode.FormPost, Flow = OidcClientOptions.AuthenticationFlow.AuthorizationCode, Browser = new WpfEmbeddedBrowser() }; _oidcClient = new OidcClient(options); LoginResult result; try { result = await _oidcClient.LoginAsync(new LoginRequest { BrowserDisplayMode = DisplayMode.Visible }); } catch (Exception ex) { Message.Text = $"Unexpected Error: {ex.Message}"; return; } if (result.IsError) { Message.Text = result.Error == "UserCancel" ? "A janela de autenticação foi fechada antes da autorização ser completada." : result.Error; } else { var name = result.User.Identity.Name; Message.Text = $"Hello {name}"; } }
private async void Login_OnClick(object sender, RoutedEventArgs e) { var options = new OidcClientOptions { Authority = Constants.AuthorityUri, ClientId = Constants.ClientId, Scope = Constants.Scope, RedirectUri = Constants.RedirectUri, ResponseMode = OidcClientOptions.AuthorizeResponseMode.Redirect, Browser = new Browser(), Policy = new Policy { Discovery = new DiscoveryPolicy { RequireHttps = false } } }; _oidcClient = new OidcClient(options); _loginResult = await _oidcClient.LoginAsync(new LoginRequest()); if (_loginResult.IsError) { ViewModel.Result = $"Error: {_loginResult.Error}"; return; } ViewModel.Result = "Success"; ViewModel.IdentityToken = _loginResult.IdentityToken; ViewModel.AccessToken = _loginResult.AccessToken; _httpClient.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", _loginResult?.AccessToken ?? string.Empty); var response = await _httpClient.GetAsync(""); var content = await response.Content.ReadAsStringAsync(); ViewModel.UserInfo = content; }
public async void Start(object sender, RoutedEventArgs e) { var options = new OidcClientOptions() { Authority = "http://localhost:53382/", ClientId = "windows-client", Scope = "openid profile", RedirectUri = "urn:ietf:wg:oauth:2.0:oob", ResponseMode = OidcClientOptions.AuthorizeResponseMode.FormPost, Flow = OidcClientOptions.AuthenticationFlow.AuthorizationCode, Browser = new WpfEmbeddedBrowser(), ClientSecret = "secret" }; _oidcClient = new OidcClient(options); LoginResult result; try { result = await _oidcClient.LoginAsync(); } catch (Exception ex) { Message.Text = $"Unexpected Error: {ex.Message}"; return; } if (result.IsError) { Message.Text = result.Error == "UserCancel" ? "The sign-in window was closed before authorization was completed." : result.Error; } else { var name = result.User.Identity.Name; Message.Text = $"Hello {name}"; } }
public async Task Sending_authorization_header_should_succeed() { _options.ClientSecret = "secret"; _options.TokenClientCredentialStyle = Client.ClientCredentialStyle.AuthorizationHeader; var client = new OidcClient(_options); var state = await client.PrepareLoginAsync(); var url = $"?state={state.State}&nonce={state.Nonce}&code=bar"; var key = Crypto.CreateKey(); var idToken = Crypto.CreateJwt(key, "https://authority", "client", new Claim("at_hash", Crypto.HashData("token")), new Claim("sub", "123"), new Claim("nonce", state.Nonce)); var tokenResponse = new Dictionary <string, object> { { "access_token", "token" }, { "expires_in", 300 }, { "id_token", idToken }, { "refresh_token", "refresh_token" } }; _options.ProviderInformation.KeySet = Crypto.CreateKeySet(key); var backChannelHandler = new NetworkHandler(JsonSerializer.Serialize(tokenResponse), HttpStatusCode.OK); _options.BackchannelHandler = backChannelHandler; var result = await client.ProcessResponseAsync(url, state); var request = backChannelHandler.Request; request.Headers.Authorization.Should().NotBeNull(); request.Headers.Authorization.Scheme.Should().Be("Basic"); request.Headers.Authorization.Parameter.Should() .Be(BasicAuthenticationOAuthHeaderValue.EncodeCredential("client", "secret")); }
private async void LoginSysBrowseButton_Click(object sender, RoutedEventArgs e) { var options = new OidcClientOptions { Authority = "https://demo.identityserver.io", ClientId = "native.hybrid", Scope = "openid profile api offline_access", RedirectUri = "io.identityserver.demo.uwp://callback", ResponseMode = OidcClientOptions.AuthorizeResponseMode.Redirect, Browser = new SystemBrowser() }; var client = new OidcClient(options); var result = await client.LoginAsync(new LoginRequest()); if (!string.IsNullOrEmpty(result.Error)) { ResultTextBox.Text = result.Error; return; } var sb = new StringBuilder(128); foreach (var claim in result.User.Claims) { sb.AppendLine($"{claim.Type}: {claim.Value}"); } sb.AppendLine($"refresh token: {result.RefreshToken}"); sb.AppendLine($"access token: {result.AccessToken}"); ResultTextBox.Text = sb.ToString(); _result = result; _client = new HttpClient(result.RefreshTokenHandler); _client.BaseAddress = new Uri("https://demo.identityserver.io/"); }
private async void Button_Click(object sender, EventArgs e) { var authority = "https://demo.identityserver.io"; var options = new OidcClientOptions( authority, "native", "secret", "openid profile api offline_access", "io.identitymodel.native://callback", new ChromeCustomTabsWebView(this)); _oidcClient = new OidcClient(options); var result = await _oidcClient.LoginAsync(); var txtResult = FindViewById <EditText>(Resource.Id.editText1); if (!string.IsNullOrEmpty(result.Error)) { txtResult.Text = result.Error; return; } var sb = new StringBuilder(128); foreach (var claim in result.Claims) { sb.Append(string.Format("{0}: {1}\n", claim.Type, claim.Value)); } sb.Append(string.Format("\n{0}: {1}\n", "refresh token", result.RefreshToken)); sb.Append(string.Format("\n{0}: {1}\n", "access token", result.AccessToken)); txtResult.Text = sb.ToString(); _apiClient = new HttpClient(result.Handler); _apiClient.BaseAddress = new Uri("https://demo.identityserver.io/api/"); }
private async void Window_Loaded(object sender, RoutedEventArgs e) { var options = new OidcClientOptions() { Authority = "https://demo.identityserver.io/", ClientId = "interactive.public", Scope = "openid profile email", RedirectUri = "http://127.0.0.1/sample-wpf-app", Browser = new WpfEmbeddedBrowser(), Policy = new Policy { RequireIdentityTokenSignature = false } }; var _oidcClient = new OidcClient(options); LoginResult loginResult; try { loginResult = await _oidcClient.LoginAsync(); } catch (Exception exception) { txbMessage.Text = $"Unexpected Error: {exception.Message}"; return; } if (loginResult.IsError) { txbMessage.Text = loginResult.Error == "UserCancel" ? "The sign-in window was closed before authorization was completed." : loginResult.Error; } else { txbMessage.Text = loginResult.User.Identity.Name; } }
public async void Start(object sender, RoutedEventArgs e) { var options = new OidcClientOptions() { Authority = "https://demo.identityserver.io/", ClientId = "native.code", Scope = "openid profile email", RedirectUri = "http://127.0.0.1/sample-wpf-app", ResponseMode = OidcClientOptions.AuthorizeResponseMode.FormPost, Flow = OidcClientOptions.AuthenticationFlow.AuthorizationCode, Browser = new WpfEmbeddedBrowser() }; _oidcClient = new OidcClient(options); LoginResult result; try { result = await _oidcClient.LoginAsync(); } catch (Exception ex) { Message.Text = $"Unexpected Error: {ex.Message}"; return; } if (result.IsError) { Message.Text = result.Error == "UserCancel" ? "The sign-in window was closed before authorization was completed." : result.Error; } else { var name = result.User.Identity.Name; _result = result; Message.Text = $"Hello {name}"; } }
public MainPage() { InitializeComponent(); Login.Clicked += Login_Clicked; CallApi.Clicked += CallApi_Clicked; var browser = DependencyService.Get <IBrowser>(); var options = new OidcClientOptions { Authority = "https://as.landsense.eu", ClientId = Constant.AndroidClientId, ClientSecret = Constant.ClientIdSecret, Scope = Constant.Scope, RedirectUri = Constant.AndroidRedirectUrl, Flow = OidcClientOptions.AuthenticationFlow.AuthorizationCode, Browser = browser, ResponseMode = OidcClientOptions.AuthorizeResponseMode.Redirect }; _client = new OidcClient(options); }
private async void LoginButton_Click(object sender, RoutedEventArgs e) { var authority = "https://demo.identityserver.io"; var webView = new UwpWebView(enableWindowsAuthentication: false); var options = new OidcClientOptions( authority: authority, clientId: "native", clientSecret: "secret", scope: "openid profile api offline_access", redirectUri: WebAuthenticationBroker.GetCurrentApplicationCallbackUri().AbsoluteUri, webView: webView); var client = new OidcClient(options); var result = await client.LoginAsync(); if (!string.IsNullOrEmpty(result.Error)) { ResultTextBox.Text = result.Error; return; } var sb = new StringBuilder(128); foreach (var claim in result.Claims) { sb.AppendLine($"{claim.Type}: {claim.Value}"); } sb.AppendLine($"refresh token: {result.RefreshToken}"); sb.AppendLine($"access token: {result.AccessToken}"); ResultTextBox.Text = sb.ToString(); _client = new HttpClient(result.Handler); _client.BaseAddress = new Uri("https://demo.identityserver.io/api/"); }