Пример #1
0
        /// <summary>
        /// Returns a new <see cref="AuthorisationCodeResponse"/> instance containing the values parsed from the provided <paramref name="queryString"/>.
        /// </summary>
        /// <param name="queryString">The query part of a url to parse.</param>
        /// <returns>A new <see cref="AuthorisationCodeResponse"/> instance containing the parsed values.</returns>
        public static AuthorisationCodeResponse FromUrlQueryString(string queryString)
        {
            if (queryString == null)
            {
                throw new ArgumentNullException(nameof(queryString));
            }

            var retVal = new AuthorisationCodeResponse();

            if (queryString.StartsWith("/"))
            {
                queryString = queryString.Substring(1);
            }

            var keyValuePairs = queryString.Split(UrlKeyValuePairSeparators);

            foreach (var kvp in keyValuePairs)
            {
                var parts = kvp.Split(UrlKeyValueSeparators);
                switch (parts[0])
                {
                case "code":
                    retVal.AuthorisationCode = Uri.UnescapeDataString(parts[1]);
                    break;

                case "state":
                    retVal.State = Uri.UnescapeDataString(parts[1]);
                    break;
                }
            }

            return(retVal);
        }
Пример #2
0
        /// <summary>
        /// Provides an authorisation code by deserialising the body of the response from an authentication uri request as json.
        /// </summary>
        /// <remarks>
        /// <para>You almost certainly do not want to use this. A proper OAuth2 authorization_code flow should involve user interaction to authenticate.
        /// This method avoids that. Instead it assumes the authorisation url returns a simple json object with a 'code' property containing the authorisation code.
        /// Typically this is not the case, so it will not work. However, some third party systems have implemented this style of authentication for systems integrations when
        /// they should have implemented the client or implicit grant flows instead. In those cases, this method can be provided to the <see cref="OAuth2.OAuth2Settings.RequestAuthentication"/>
        /// property to enable the auth flow without additional code.</para>
        /// </remarks>
        /// <param name="authorisationUri"></param>
        /// <returns></returns>
        public static async Task <AuthorisationCodeResponse> NonInteractiveAuthenticationByJsonResponse(Uri authorisationUri)
        {
            using (var client = CreateDefaultHttpClient())
            {
                var authCodeResult = await client.GetAsync(authorisationUri).ConfigureAwait(false);

                authCodeResult.EnsureSuccessStatusCode();
                string authCodeResponse = await authCodeResult.Content.ReadAsStringAsync().ConfigureAwait(false);

                var retVal = new AuthorisationCodeResponse();

                var jsonobject = Newtonsoft.Json.Linq.JObject.Parse(authCodeResponse);
                retVal.AuthorisationCode = jsonobject["code"].ToString();
                if (jsonobject["state"] != null)
                {
                    retVal.State = jsonobject["state"].ToString();
                }

                return(retVal);
            }
        }