public ActionResult AuthenticateCallback(string providerKey) { if (string.IsNullOrEmpty(providerKey)) { throw new ArgumentNullException("providerKey"); } // Determine which settings we need, based on the Provider. var settings = _authenticationService.GetAuthenticateServiceSettings(providerKey, Request.Url); // Make sure we use our 'previous' State value. settings.State = (Session[StateKey] as string) ?? string.Empty; var model = new AuthenticateCallbackViewModel(); try { // Grab the authenticated client information. model.AuthenticatedClient = _authenticationService.GetAuthenticatedClient(settings, Request.QueryString); Session.Remove(StateKey); } catch (Exception exception) { model.Exception = exception; } return(View(model)); }
public ActionResult AuthenticateCallback(string providerKey) { if (string.IsNullOrEmpty(providerKey)) { throw new ArgumentNullException("providerKey"); } // Determine which settings we need, based on the Provider. var settings = AuthenticationService.GetAuthenticateServiceSettings(providerKey, Request.Url, "home/authenticatecallback"); // Don't check for somet State. settings.State = null; var model = new AuthenticateCallbackViewModel(); try { // Grab the authenticated client information. model.AuthenticatedClient = AuthenticationService.GetAuthenticatedClient(settings, Request.QueryString); } catch (Exception exception) { model.Exception = exception; } return(View(model)); }
public ActionResult AuthenticateCallback(string providerkey) { if (string.IsNullOrEmpty(providerkey)) { throw new ArgumentException("No provider key was supplied on the callback."); } // Determine which settings we need, based on the Provider. var settings = AuthenticationService.GetAuthenticateServiceSettings(providerkey, Request.Url, Url.CallbackFromOAuthProvider()); // Pull the "ToKeep" token from the cookie and the "ToSend" token from the query string var keptToken = DeserializeToken(Request); var recievedToken = Request.QueryString["state"]; if (string.IsNullOrEmpty(recievedToken)) { throw new InvalidOperationException( "No state/recievedToken was retrieved from the provider. Are you sure you passed any state/token data to provider .. and .. that the provider can send it back to us? We need this to prevent any Cross site request forgery."); } // Validate the token against the recieved one and grab extra data string extraData = AntiForgery.ValidateToken(keptToken, recievedToken); var model = new AuthenticateCallbackViewModel(); try { // Grab the authenticated client information. model.AuthenticatedClient = AuthenticationService.GetAuthenticatedClient(settings, Request.QueryString); } catch (Exception exception) { model.Exception = exception; } // If we have a redirect Url, lets grab this :) // NOTE: We've implimented the extraData part of the tokenData as the redirect url. if (!string.IsNullOrEmpty(extraData)) { model.RedirectUrl = new Uri(extraData); } // Finally! We can hand over the logic to the consumer to do whatever they want. return(View("AuthenticateCallback", model)); }
public ActionResult AuthenticateCallback() { var client = AuthenticationService.CheckCallback(Request, Session.SessionID); var model = new AuthenticateCallbackViewModel(); if (client is FacebookClient) { var facebookClient = client as FacebookClient; model.AccessToken = facebookClient.AccessToken; model.Name = (facebookClient.UserInformation.FirstName + " " + facebookClient.UserInformation.LastName).Trim(); model.UserName = facebookClient.UserInformation.UserName; model.Message = "Authenticated with Facebook successfully."; } return(View(model)); }
public ActionResult AuthenticateCallback(string providerKey) { if (string.IsNullOrEmpty(providerKey)) { throw new ArgumentNullException("providerKey"); } var model = new AuthenticateCallbackViewModel(); try { // Determine which settings we need, based on the Provider. // NOTE: We don't want to use the default callback route, so we're specifying our own route, here. var settings = _authenticationService.GetAuthenticateServiceSettings(providerKey, Request.Url, "home/authenticatecallback"); // Make sure we use our 'previous' State value. var existingCookie = Request.Cookies[_antiForgery.DefaultCookieName]; var token = existingCookie != null ? existingCookie.Value : null; settings.State = token; // Lets clean up. Request.Cookies.Remove(_antiForgery.DefaultCookieName); // Validate Cookie var extraData = _antiForgery.ValidateToken(token, Request.QueryString["state"]); // Grab the authenticated client information. model.AuthenticatedClient = _authenticationService.GetAuthenticatedClient(settings, Request.QueryString); if (!string.IsNullOrEmpty(extraData)) { model.Referrer = new Uri(extraData); } } catch (Exception exception) { model.Exception = exception; } return(View(model)); }