public ActionResult AuthenticateCallback(string providerKey)
{
if (string.IsNullOrEmpty(providerKey))
{
throw new ArgumentNullException("providerKey");
}
// Determine which settings we need, based on the Provider.
var settings = _authenticationService.GetAuthenticateServiceSettings(providerKey, Request.Url);
// Make sure we use our 'previous' State value.
settings.State = (Session[StateKey] as string) ?? string.Empty;
var model = new AuthenticateCallbackViewModel();
try
{
// Grab the authenticated client information.
model.AuthenticatedClient = _authenticationService.GetAuthenticatedClient(settings, Request.QueryString);
Session.Remove(StateKey);
}
catch (Exception exception)
{
model.Exception = exception;
}
return(View(model));
}
public ActionResult AuthenticateCallback(string providerKey)
{
if (string.IsNullOrEmpty(providerKey))
{
throw new ArgumentNullException("providerKey");
}
// Determine which settings we need, based on the Provider.
var settings = AuthenticationService.GetAuthenticateServiceSettings(providerKey, Request.Url, "home/authenticatecallback");
// Don't check for somet State.
settings.State = null;
var model = new AuthenticateCallbackViewModel();
try
{
// Grab the authenticated client information.
model.AuthenticatedClient = AuthenticationService.GetAuthenticatedClient(settings, Request.QueryString);
}
catch (Exception exception)
{
model.Exception = exception;
}
return(View(model));
}
public ActionResult AuthenticateCallback(string providerkey)
{
if (string.IsNullOrEmpty(providerkey))
{
throw new ArgumentException("No provider key was supplied on the callback.");
}
// Determine which settings we need, based on the Provider.
var settings = AuthenticationService.GetAuthenticateServiceSettings(providerkey, Request.Url,
Url.CallbackFromOAuthProvider());
// Pull the "ToKeep" token from the cookie and the "ToSend" token from the query string
var keptToken = DeserializeToken(Request);
var recievedToken = Request.QueryString["state"];
if (string.IsNullOrEmpty(recievedToken))
{
throw new InvalidOperationException(
"No state/recievedToken was retrieved from the provider. Are you sure you passed any state/token data to provider .. and .. that the provider can send it back to us? We need this to prevent any Cross site request forgery.");
}
// Validate the token against the recieved one and grab extra data
string extraData = AntiForgery.ValidateToken(keptToken, recievedToken);
var model = new AuthenticateCallbackViewModel();
try
{
// Grab the authenticated client information.
model.AuthenticatedClient = AuthenticationService.GetAuthenticatedClient(settings, Request.QueryString);
}
catch (Exception exception)
{
model.Exception = exception;
}
// If we have a redirect Url, lets grab this :)
// NOTE: We've implimented the extraData part of the tokenData as the redirect url.
if (!string.IsNullOrEmpty(extraData))
{
model.RedirectUrl = new Uri(extraData);
}
// Finally! We can hand over the logic to the consumer to do whatever they want.
return(View("AuthenticateCallback", model));
}
public ActionResult AuthenticateCallback()
{
var client = AuthenticationService.CheckCallback(Request, Session.SessionID);
var model = new AuthenticateCallbackViewModel();
if (client is FacebookClient)
{
var facebookClient = client as FacebookClient;
model.AccessToken = facebookClient.AccessToken;
model.Name =
(facebookClient.UserInformation.FirstName + " " + facebookClient.UserInformation.LastName).Trim();
model.UserName = facebookClient.UserInformation.UserName;
model.Message = "Authenticated with Facebook successfully.";
}
return(View(model));
}
public ActionResult AuthenticateCallback(string providerKey)
{
if (string.IsNullOrEmpty(providerKey))
{
throw new ArgumentNullException("providerKey");
}
var model = new AuthenticateCallbackViewModel();
try
{
// Determine which settings we need, based on the Provider.
// NOTE: We don't want to use the default callback route, so we're specifying our own route, here.
var settings = _authenticationService.GetAuthenticateServiceSettings(providerKey, Request.Url,
"home/authenticatecallback");
// Make sure we use our 'previous' State value.
var existingCookie = Request.Cookies[_antiForgery.DefaultCookieName];
var token = existingCookie != null ? existingCookie.Value : null;
settings.State = token;
// Lets clean up.
Request.Cookies.Remove(_antiForgery.DefaultCookieName);
// Validate Cookie
var extraData = _antiForgery.ValidateToken(token, Request.QueryString["state"]);
// Grab the authenticated client information.
model.AuthenticatedClient = _authenticationService.GetAuthenticatedClient(settings, Request.QueryString);
if (!string.IsNullOrEmpty(extraData))
{
model.Referrer = new Uri(extraData);
}
}
catch (Exception exception)
{
model.Exception = exception;
}
return(View(model));
}
