protected virtual async Task <AuthenticationTicket> CreateTicketAsync(
ClaimsIdentity identity,
AuthenticationProperties properties,
AccessToken token)
{
log.LogDebug("CreateTicketAsync called tokens.ScreenName was " + token.ScreenName);
var context = new TwitterCreatingTicketContext(Context, token.UserId, token.ScreenName, token.Token, token.TokenSecret)
{
Principal = new ClaimsPrincipal(identity),
Properties = properties
};
await Options.Events.CreatingTicket(context);
if (context.Principal?.Identity == null)
{
return(null);
}
ISiteSettings site = siteResolver.Resolve();
if (site != null)
{
Claim siteGuidClaim = new Claim("SiteGuid", site.SiteGuid.ToString());
if (!identity.HasClaim(siteGuidClaim.Type, siteGuidClaim.Value))
{
identity.AddClaim(siteGuidClaim);
}
}
//return new AuthenticationTicket(notification.Principal, notification.Properties, Options.AuthenticationScheme);
return(new AuthenticationTicket(context.Principal, context.Properties, AuthenticationScheme.External));
}
internal static Task OnCreatingTicket(TwitterCreatingTicketContext context)
{
if (context.Principal != null)
{
Helpers.ThrowIfConditionFailed(() => context.UserId == "valid_user_id", "UserId is not valid");
Helpers.ThrowIfConditionFailed(() => context.ScreenName == "valid_screen_name", "ScreenName is not valid");
Helpers.ThrowIfConditionFailed(() => context.AccessToken == "valid_oauth_token", "AccessToken is not valid");
Helpers.ThrowIfConditionFailed(() => context.AccessTokenSecret == "valid_oauth_token_secret", "AccessTokenSecret is not valid");
context.Principal.Identities.First().AddClaim(new Claim("ManageStore", "false"));
}
return(Task.FromResult(0));
}
protected virtual async Task <AuthenticationTicket> CreateTicketAsync(
ClaimsIdentity identity, AuthenticationProperties properties, AccessToken token, JObject user)
{
foreach (var action in Options.ClaimActions)
{
action.Run(user, identity, ClaimsIssuer);
}
var context = new TwitterCreatingTicketContext(Context, Scheme, Options, new ClaimsPrincipal(identity), properties, token.UserId, token.ScreenName, token.Token, token.TokenSecret, user);
await Events.CreatingTicket(context);
return(new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name));
}
/// <summary> /// Invoked whenever Twitter successfully authenticates a user /// </summary> /// <param name="context">Contains information about the login session as well as the user <see cref="System.Security.Claims.ClaimsIdentity"/>.</param> /// <returns>A <see cref="Task"/> representing the completed operation.</returns> public virtual Task CreatingTicket(TwitterCreatingTicketContext context) => OnCreatingTicket(context);
private async Task TwitterCreatingTicketEventHandler(TwitterCreatingTicketContext context)
{
}
public async Task OnCreatingTicket(TwitterCreatingTicketContext context)
{
var nonce = Guid.NewGuid().ToString("N");
var authorizationParts = new SortedDictionary <string, string>
{
{ "oauth_consumer_key", context.Options.ConsumerKey },
{ "oauth_nonce", nonce },
{ "oauth_signature_method", "HMAC-SHA1" },
{ "oauth_timestamp", GenerateTimeStamp() },
{ "oauth_token", context.AccessToken },
{ "oauth_version", "1.0" }
};
var parameterBuilder = new StringBuilder();
foreach (var authorizationKey in authorizationParts)
{
parameterBuilder.AppendFormat("{0}={1}&",
UrlEncoder.Default.Encode(authorizationKey.Key),
UrlEncoder.Default.Encode(authorizationKey.Value));
}
parameterBuilder.Length--;
var parameterString = parameterBuilder.ToString();
var resource_url = "https://api.twitter.com/1.1/account/verify_credentials.json";
var resource_query = "include_email=true";
var canonicalizedRequestBuilder = new StringBuilder();
canonicalizedRequestBuilder.Append(HttpMethod.Get.Method);
canonicalizedRequestBuilder.Append("&");
canonicalizedRequestBuilder.Append(UrlEncoder.Default.Encode(resource_url));
canonicalizedRequestBuilder.Append("&");
canonicalizedRequestBuilder.Append(UrlEncoder.Default.Encode(resource_query));
canonicalizedRequestBuilder.Append("%26");
canonicalizedRequestBuilder.Append(UrlEncoder.Default.Encode(parameterString));
var signature = ComputeSignature(context.Options.ConsumerSecret, context.AccessTokenSecret, canonicalizedRequestBuilder.ToString());
authorizationParts.Add("oauth_signature", signature);
var authorizationHeaderBuilder = new StringBuilder();
authorizationHeaderBuilder.Append("OAuth ");
foreach (var authorizationPart in authorizationParts)
{
authorizationHeaderBuilder.AppendFormat(
"{0}=\"{1}\", ", authorizationPart.Key,
UrlEncoder.Default.Encode(authorizationPart.Value));
}
authorizationHeaderBuilder.Length = authorizationHeaderBuilder.Length - 2;
var request = new HttpRequestMessage(HttpMethod.Get, resource_url + "?include_email=true");
request.Headers.Add("Authorization", authorizationHeaderBuilder.ToString());
var httpClient = new System.Net.Http.HttpClient();
var response = await httpClient.SendAsync(request, context.HttpContext.RequestAborted);
response.EnsureSuccessStatusCode();
string responseText = await response.Content.ReadAsStringAsync();
var result = JObject.Parse(responseText);
var email = result.Value <string>("email");
var identity = (ClaimsIdentity)context.Principal.Identity;
if (!string.IsNullOrEmpty(email))
{
identity.AddClaim(new Claim(ClaimTypes.Email, email, ClaimValueTypes.String, "Twitter"));
}
}
