/// <summary> /// Retrieves an access token from ACS to call the source of the specified context token at the specified /// targetHost. The targetHost must be registered for principal the that sent the context token. /// </summary> /// <param name="contextToken">Context token issued by the intended access token audience</param> /// <param name="targetHost">Url authority of the target principal</param> /// <returns>An access token with an audience matching the context token's source</returns> public static OAuth2AccessTokenResponse GetAccessToken(SharePointContextToken contextToken, string targetHost) { string targetPrincipalName = contextToken.TargetPrincipalName; // Extract the refreshToken from the context token string refreshToken = contextToken.RefreshToken; if (String.IsNullOrEmpty(refreshToken)) { return null; } string realm = Realm ?? contextToken.Realm; string resource = GetFormattedPrincipal(targetPrincipalName, targetHost, realm); string clientId = GetFormattedPrincipal(ClientId, null, realm); OAuth2AccessTokenRequest oauth2Request = OAuth2MessageFactory.CreateAccessTokenRequestWithRefreshToken( clientId, ClientSecret, refreshToken, resource); // Get token OAuth2S2SClient client = new OAuth2S2SClient(); OAuth2AccessTokenResponse oauth2Response; try { oauth2Response = client.Issue(AcsMetadataParser.GetStsUrl(realm), oauth2Request) as OAuth2AccessTokenResponse; } catch (WebException wex) { using (StreamReader sr = new StreamReader(wex.Response.GetResponseStream())) { string responseText = sr.ReadToEnd(); throw new WebException(wex.Message + " - " + responseText, wex); } } return oauth2Response; }
protected void Page_Load(object sender, EventArgs e) { TokenHelper.TrustAllCertificates(); string contextTokenString = TokenHelper.GetContextTokenFromRequest(Request); if (contextTokenString != null) { // Get context token contextToken = TokenHelper.ReadAndValidateContextToken(contextTokenString, Request.Url.Authority); // Get the host web's URL and the access token. sharepointUrl = new Uri(Request.QueryString["SPHostUrl"]); accessToken = TokenHelper.GetAccessToken(contextToken, sharepointUrl.Authority).AccessToken; // Pass the access token to the button event handler. Button1.CommandArgument = accessToken; } }