public async Task <VenmoAuthResponse> RefreshAuth(string refreshToken) { logger.LogInformation("Attempting to refresh Venmo token"); Url url = new Url(BaseUrl).AppendPathSegments("oauth", "access_token"); Dictionary <string, string> data = new Dictionary <string, string>() { { "client_id", Secrets.VenmoClientId }, { "client_secret", Secrets.VenmoClientSecret }, { "refresh_token", refreshToken } }; HttpResponseMessage responseMessage = await Post(url, new FormUrlEncodedContent(data)); if (!responseMessage.IsSuccessStatusCode) { logger.LogError($"Failed to refresh token. " + $"Refresh token: {refreshToken}. Status code: {responseMessage.StatusCode}. " + $"Message: {await responseMessage.Content.ReadAsStringAsync()}"); throw new Exception("Failed to refresh token"); } string responseString = await responseMessage.Content.ReadAsStringAsync(); logger.LogInformation(responseString); VenmoAuthResponse response = JsonConvert.DeserializeObject <VenmoAuthResponse>(responseString) !; AccessToken = response.AccessToken; logger.LogInformation("Refreshed token successfully"); return(response); }
private async Task <VenmoAuthResponse> Authorize(string deviceId, HttpRequestMessage requestMessage) { requestMessage.Headers.Add("device-id", deviceId); HttpResponseMessage responseMessage = await Send(requestMessage); if (responseMessage.IsSuccessStatusCode) { VenmoAuthResponse response = JsonConvert.DeserializeObject <VenmoAuthResponse>(await responseMessage.Content.ReadAsStringAsync()) !; AccessToken = response.AccessToken; // User id will not be null here, it's returned by the Venmo API UserId = response.User?.Id; return(response); } else if (responseMessage.StatusCode == System.Net.HttpStatusCode.BadRequest) { throw CreateVenmoError(await responseMessage.Content.ReadAsStringAsync()); } else if (responseMessage.StatusCode == System.Net.HttpStatusCode.Unauthorized) { VenmoException venmoException = CreateVenmoError(await responseMessage.Content.ReadAsStringAsync()); if (venmoException.Error != null && venmoException.Error.Code.HasValue) { if (venmoException.Error.Code != 81109) { logger.LogWarning($"Unexpected 2FA error code. Expected: 81109. Actual: {venmoException.Error.Code.Value}"); } } List <string> secretList = responseMessage.Headers.GetValues("venmo-otp-secret").ToList(); if (secretList.Count == 0) { logger.LogError("venmo-otp-secret doesn't exist in error headers"); throw venmoException; } string venmoOtpSecret = secretList[0]; venmoException.VenmoOtpSecret = venmoOtpSecret; await SendTwoFactorCode(venmoOtpSecret, deviceId); throw venmoException; } else { throw CreateVenmoError(await responseMessage.Content.ReadAsStringAsync()); } }
public async Task <VenmoAuthResponse> CompleteAuth(string code) { Url url = new Url(BaseUrl).AppendPathSegments("oauth", "access_token"); Dictionary <string, string> data = new Dictionary <string, string>() { { "client_id", Secrets.VenmoClientId }, { "client_secret", Secrets.VenmoClientSecret }, { "code", code } }; HttpResponseMessage responseMessage = await Post(url, new FormUrlEncodedContent(data)); VenmoAuthResponse response = JsonConvert.DeserializeObject <VenmoAuthResponse>(await responseMessage.Content.ReadAsStringAsync()) !; AccessToken = response.AccessToken; // User id will not be null here, it's returned by the Venmo API UserId = response.User?.Id; return(response); }
public async Task AuthorizeWith2FA_Succeeds() { const string deviceId = "device"; const string venmoOtpSecret = "test"; const string otp = "123456"; VenmoAuthResponse expectedResponse = new VenmoAuthResponse() { AccessToken = "0_0", User = new VenmoUser() { Id = "auser" } }; httpMessageHandler .SetupRequest(HttpMethod.Post, "https://api.venmo.com/v1/oauth/access_token", request => { string requestDeviceId = request.Headers.GetValues("device-id").ToList()[0]; string requestVenmoOtpSecret = request.Headers.GetValues("venmo-otp-secret").ToList()[0]; string requestOtp = request.Headers.GetValues("venmo-otp").ToList()[0]; Assert.Equal(deviceId, requestDeviceId); Assert.Equal(venmoOtpSecret, requestVenmoOtpSecret); Assert.Equal(otp, requestOtp); return(requestDeviceId == deviceId && requestVenmoOtpSecret == venmoOtpSecret && requestOtp == otp); }) .ReturnsResponse(System.Net.HttpStatusCode.OK, message => { message.Content = new StringContent(JsonConvert.SerializeObject(expectedResponse), Encoding.UTF8, "application/json"); }); VenmoAuthResponse response = await venmoApi.AuthorizeWith2FA(otp, venmoOtpSecret, deviceId); Assert.Equal(expectedResponse.AccessToken, response.AccessToken); Assert.NotNull(response.User); Assert.Equal(expectedResponse.User.Id, response.User !.Id); }