Пример #1
0
        private object RequestCode(IServiceBase authService, IAuthSession session, AuthUserSession userSession, IAuthTokens tokens)
        {
            var state = Guid.NewGuid().ToString("N");

            userSession.State = state;
            var codeRequest = AuthorizeUrl + "?response_type=code&client_id={0}&redirect_uri={1}&scope={2}&state={3}"
                              .Fmt(ClientId, CallbackUrl.UrlEncode(), Scopes.Join(","), state);

            if (!DomainHint.IsNullOrEmpty())
            {
                codeRequest += "&domain_hint=" + DomainHint;
            }
            if (!tokens.UserName.IsNullOrEmpty())
            {
                codeRequest += "&login_hint=" + tokens.UserName;
            }
            authService.SaveSession(session, SessionExpiry);
            return(authService.Redirect(PreAuthUrlFilter(this, codeRequest)));
        }
Пример #2
0
        public override object Authenticate(IServiceBase authService, IAuthSession session, Authenticate request)
        {
            var tokens = Init(authService, ref session, request);

            //Transfering AccessToken/Secret from Mobile/Desktop App to Server
            if (request?.AccessToken != null)
            {
                //https://developer.github.com/v3/oauth_authorizations/#check-an-authorization

                var url  = VerifyAccessTokenUrl.Fmt(ClientId, request.AccessToken);
                var json = url.GetJsonFromUrl(requestFilter: httpReq => {
                    httpReq.Headers[HttpRequestHeader.UserAgent] = ServiceClientBase.DefaultUserAgent;
                    httpReq.AddBasicAuth(ClientId, ClientSecret);
                });

                var isHtml       = authService.Request.IsHtml();
                var failedResult = AuthenticateWithAccessToken(authService, session, tokens, request.AccessToken);
                if (failedResult != null)
                {
                    return(ConvertToClientError(failedResult, isHtml));
                }

                return(isHtml
                    ? authService.Redirect(SuccessRedirectUrlFilter(this, session.ReferrerUrl.SetParam("s", "1")))
                    : null); //return default AuthenticateResponse
            }

            var httpRequest = authService.Request;

            //https://developer.github.com/v3/oauth/#common-errors-for-the-authorization-request
            var error = httpRequest.QueryString["error"]
                        ?? httpRequest.QueryString["error_uri"]
                        ?? httpRequest.QueryString["error_description"];

            var hasError = !error.IsNullOrEmpty();

            if (hasError)
            {
                Logger.Error($"GitHub error callback. {httpRequest.QueryString}");
                return(authService.Redirect(FailedRedirectUrlFilter(this, session.ReferrerUrl.SetParam("f", error))));
            }

            var code = httpRequest.QueryString["code"];
            var isPreAuthCallback = !code.IsNullOrEmpty();

            if (!isPreAuthCallback)
            {
                var    scopes     = Scopes.Join("%20");
                string preAuthUrl = $"{PreAuthUrl}?client_id={ClientId}&redirect_uri={CallbackUrl.UrlEncode()}&scope={scopes}&state={Guid.NewGuid():N}";

                this.SaveSession(authService, session, SessionExpiry);
                return(authService.Redirect(PreAuthUrlFilter(this, preAuthUrl)));
            }

            try
            {
                string accessTokenUrl = $"{AccessTokenUrl}?client_id={ClientId}&redirect_uri={CallbackUrl.UrlEncode()}&client_secret={ClientSecret}&code={code}";
                var    contents       = AccessTokenUrlFilter(this, accessTokenUrl).GetStringFromUrl();
                var    authInfo       = PclExportClient.Instance.ParseQueryString(contents);

                //GitHub does not throw exception, but just return error with descriptions
                //https://developer.github.com/v3/oauth/#common-errors-for-the-access-token-request
                var accessTokenError = authInfo["error"]
                                       ?? authInfo["error_uri"]
                                       ?? authInfo["error_description"];

                if (!accessTokenError.IsNullOrEmpty())
                {
                    Logger.Error($"GitHub access_token error callback. {authInfo}");
                    return(authService.Redirect(FailedRedirectUrlFilter(this, session.ReferrerUrl.SetParam("f", "AccessTokenFailed"))));
                }

                var accessToken = authInfo["access_token"];

                return(AuthenticateWithAccessToken(authService, session, tokens, accessToken)
                       ?? authService.Redirect(SuccessRedirectUrlFilter(this, session.ReferrerUrl.SetParam("s", "1")))); //Haz Access!
            }
            catch (WebException webException)
            {
                //just in case GitHub will start throwing exceptions
                var statusCode = ((HttpWebResponse)webException.Response).StatusCode;
                if (statusCode == HttpStatusCode.BadRequest)
                {
                    return(authService.Redirect(FailedRedirectUrlFilter(this, session.ReferrerUrl.SetParam("f", "AccessTokenFailed"))));
                }
            }
            return(authService.Redirect(FailedRedirectUrlFilter(this, session.ReferrerUrl.SetParam("f", "Unknown"))));
        }