public async Task<HttpResponseMessage> Get([FromUri] AuthorizationResponse authzResponse)
{
Log.Info("Great, just received the response from the Authorization Endpoint, lets look at it...");
try
{
if (!string.IsNullOrEmpty(authzResponse.error))
{
return Error("Unfortunately the request was not sucessfull. The returned error is {0}, ending",
authzResponse.error);
}
Log.Info("Good, the request was sucessfull. Lets see if the returned state matches the sent state...");
if (authzResponse.state != Db.State)
{
return Error("Hum, the returned state does not match the send state. Ignoring the response, sorry.");
}
Log.Info(
"Nice, the state matches. Lets now exchange the code for an access token using the token endpoint ...");
using (var client = new HttpClient())
{
var tokenRequest = new TokenRequest
{
code = authzResponse.code,
grant_type = "authorization_code",
redirect_uri = Config.Client.redirect_uri,
};
if (Config.AuthzServer.UseAuthorizationHeader)
{
client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Basic",
Convert.ToBase64String(
Encoding.ASCII.GetBytes(Config.Client.client_id + ":" + Config.Client.client_secret)));
}
else
{
tokenRequest.client_id = Config.Client.client_id;
tokenRequest.client_secret = Config.Client.client_secret;
}
var resp = await client.PostAsync(Config.AuthzServer.TokenEndpoint,
new FormUrlEncodedContent(tokenRequest.ToPairs()));
if (resp.StatusCode == HttpStatusCode.InternalServerError)
{
return Error("Apparently we broke the authorization server, ending.");
}
if (resp.StatusCode == HttpStatusCode.NotFound)
{
return Error("Something is missing, ending.");
}
if (resp.StatusCode == HttpStatusCode.BadRequest)
{
return Error("The token endpoint refused to return an acess token, ending.");
}
if (resp.StatusCode == HttpStatusCode.Unauthorized)
{
return Error("The token endpoint did't accepted our client credentials, ending.");
}
if (resp.Content.Headers.ContentType.MediaType != "application/json")
{
return
Error(
"Expection 'application/json' from the token endpoint, however it returned '{0}', ending.",
resp.Content.Headers.ContentType.MediaType);
}
var tokenResp = await resp.Content.ReadAsAsync<TokenResponse>();
if (!tokenResp.token_type.Equals("Bearer", StringComparison.InvariantCultureIgnoreCase))
{
return Error("Unfortunately, the returned token type is unknown, ending");
}
if (string.IsNullOrEmpty(tokenResp.id_token))
{
return Error("Unfortunately, the token response does not contain an id_token, ending");
}
Log.Info("Excelent, we have an id_token {0}. Lets show it ...", tokenResp.id_token);
var idToken = new JwtSecurityToken(tokenResp.id_token);
Log.Info("--- BEGIN ID TOKEN JWT PAYLOAD ---");
foreach (var pair in idToken.Payload)
{
Log.Info("{0}:{1}",pair.Key, pair.Value);
}
Log.Info("--- END ID TOKEN JWT PAYLOAD ---");
Log.Warn("We really should validate the id token");
var theAccessToken = tokenResp.access_token;
Log.Info("Great, we have an access token {0}. Lets use it ...",
theAccessToken);
var resourceClient = new HttpClient();
Log.Info("First, get the UserInfo...");
var request = new HttpRequestMessage(HttpMethod.Get, Config.AuthzServer.UserInfo);
request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", theAccessToken);
var userInfoResp = await resourceClient.SendAsync(request);
if (userInfoResp.StatusCode != HttpStatusCode.OK)
{
return Error("Unfortunately, the UserInfo return should be OK but is {0}, ending", userInfoResp.StatusCode);
}
if (userInfoResp.Content.Headers.ContentType.MediaType != "application/json")
{
return Error("Unfortunately, the UserInfo representation should be 'application/json' but is {0}, ending", userInfoResp.Content.Headers.ContentType.MediaType);
}
var userInfo = await userInfoResp.Content.ReadAsAsync<JObject>();
Log.Info("--- BEGIN UserInfo ---");
Log.Info("{0}",userInfo);
Log.Info("--- END UserInfo ---");
//Log.Info("Returning the resource server response, I hope you liked this demo ...");
//return Request.CreateResponse(HttpStatusCode.OK, userInfo);
Log.Info("Great, lets use the access token to GET the protected resource representation",
theAccessToken);
request = new HttpRequestMessage(HttpMethod.Get, Config.ExampleResource.Uri);
request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", theAccessToken);
var resourceResp = resourceClient.SendAsync(request).Result;
var resourceRespCont = resourceResp.Content.ReadAsAsync<JObject>();
Log.Info("Returning the resource server response, I hope you liked this demo ...");
return Request.CreateResponse(HttpStatusCode.OK, resourceRespCont);
}
}
catch (Exception e)
{
return Error("An expected exception just happened, sorry: {0}", e.Message);
}
}