public async Task Browser_error_is_surfaced_in_authorize_response()
{
var options = new OidcClientOptions
{
ClientId = "client_id",
Scope = "openid",
RedirectUri = "http://redirect",
ProviderInformation = new ProviderInformation
{
AuthorizeEndpoint = "https://authority/authorize"
},
Browser = new TestBrowser(_ => Task.FromResult(new BrowserResult
{
ResultType = BrowserResultType.HttpError,
Error = "Something terrible happened"
}))
};
var client = new AuthorizeClient(options);
var response = await client.AuthorizeAsync(new AuthorizeRequest());
response.Error.Should().Be("Something terrible happened");
}
public void Missing_default_parameters_can_be_set_by_extra_parameters()
{
var options = new OidcClientOptions
{
ResponseMode = OidcClientOptions.AuthorizeResponseMode.FormPost,
Flow = OidcClientOptions.AuthenticationFlow.Hybrid
};
var extra = new Dictionary <string, string>
{
{ "client_id", "client_id2" },
{ "scope", "openid extra" },
{ "redirect_uri", "http://redirect2" }
};
var client = new AuthorizeClient(options);
var parameters = client.CreateAuthorizeParameters("state", "nonce", "code_challenge", extra);
parameters.Should().Contain("client_id", "client_id2");
parameters.Should().Contain("scope", "openid extra");
parameters.Should().Contain("redirect_uri", "http://redirect2");
parameters.Should().Contain("response_type", "code id_token");
parameters.Should().Contain("response_mode", "form_post");
parameters.Should().Contain("state", "state");
parameters.Should().Contain("nonce", "nonce");
parameters.Should().Contain("code_challenge", "code_challenge");
}
public void Default_parameters_should_be_used_for_authorize_request()
{
var options = new OidcClientOptions
{
ClientId = "client_id",
Scope = "openid",
Resource = { "urn:resource1", "urn:resource2" },
RedirectUri = "http://redirect"
};
var client = new AuthorizeClient(options);
var parameters = client.CreateAuthorizeParameters("state", "nonce", "code_challenge", null);
parameters.Should().HaveCount(10);
parameters.GetValues("client_id").Single().Should().Be("client_id");
parameters.GetValues("scope").Single().Should().Be("openid");
parameters.GetValues("resource").First().Should().Be("urn:resource1");
parameters.GetValues("resource").Skip(1).First().Should().Be("urn:resource2");
parameters.GetValues("redirect_uri").Single().Should().Be("http://redirect");
parameters.GetValues("response_type").Single().Should().Be("code");
parameters.GetValues("state").Single().Should().Be("state");
parameters.GetValues("nonce").Single().Should().Be("nonce");
parameters.GetValues("code_challenge").Single().Should().Be("code_challenge");
parameters.GetValues("code_challenge_method").Single().Should().Be("S256");
}
public void Missing_default_parameters_can_be_set_by_extra_parameters()
{
var options = new OidcClientOptions();
var frontChannel = new Parameters
{
{ "resource", "urn:resource1" },
{ "resource", "urn:resource2" },
{ "client_id", "client_id2" },
{ "scope", "openid extra" },
{ "redirect_uri", "http://redirect2" }
};
var client = new AuthorizeClient(options);
var parameters = client.CreateAuthorizeParameters("state", "nonce", "code_challenge", frontChannel);
parameters.Should().HaveCount(10);
parameters.GetValues("client_id").Single().Should().Be("client_id2");
parameters.GetValues("scope").Single().Should().Be("openid extra");
parameters.GetValues("redirect_uri").Single().Should().Be("http://redirect2");
parameters.GetValues("response_type").Single().Should().Be("code");
parameters.GetValues("state").Single().Should().Be("state");
parameters.GetValues("nonce").Single().Should().Be("nonce");
parameters.GetValues("code_challenge").Single().Should().Be("code_challenge");
parameters.GetValues("code_challenge_method").Single().Should().Be("S256");
var resources = parameters.GetValues("resource").ToList();
resources.Should().HaveCount(2);
resources[0].Should().Be("urn:resource1");
resources[1].Should().Be("urn:resource2");
}
public void extra_parameters_should_override_default_parameters()
{
var options = new OidcClientOptions
{
ClientId = "client_id",
Scope = "openid",
RedirectUri = "http://redirect",
ResponseMode = OidcClientOptions.AuthorizeResponseMode.FormPost,
Flow = OidcClientOptions.AuthenticationFlow.Hybrid
};
var extra = new
{
client_id = "client_id2",
scope = "openid extra",
redirect_uri = "http://redirect2"
};
var client = new AuthorizeClient(options);
var parameters = client.CreateParameters("state", "nonce", "code_challenge", extra);
parameters.Should().Contain("client_id", "client_id2");
parameters.Should().Contain("scope", "openid extra");
parameters.Should().Contain("redirect_uri", "http://redirect2");
parameters.Should().Contain("response_type", "code id_token");
parameters.Should().Contain("response_mode", "form_post");
parameters.Should().Contain("state", "state");
parameters.Should().Contain("nonce", "nonce");
parameters.Should().Contain("code_challenge", "code_challenge");
}
public void Extra_parameters_should_override_default_parameters()
{
var options = new OidcClientOptions
{
ClientId = "client_id",
Scope = "openid",
RedirectUri = "http://redirect"
};
var frontChannel = new FrontChannelParameters
{
Extra = new Parameters
{
{ "client_id", "client_id2" },
{ "scope", "openid extra" },
{ "redirect_uri", "http://redirect2" }
}
};
var client = new AuthorizeClient(options);
var parameters = client.CreateAuthorizeParameters("state", "nonce", "code_challenge", frontChannel);
parameters.Should().Contain("client_id", "client_id2");
parameters.Should().Contain("scope", "openid extra");
parameters.Should().Contain("redirect_uri", "http://redirect2");
parameters.Should().Contain("response_type", "code");
parameters.Should().Contain("state", "state");
parameters.Should().Contain("nonce", "nonce");
parameters.Should().Contain("code_challenge", "code_challenge");
}
public void Default_parameters_should_be_used_for_authorize_request()
{
var options = new OidcClientOptions
{
ClientId = "client_id",
Scope = "openid",
RedirectUri = "http://redirect",
ResponseMode = OidcClientOptions.AuthorizeResponseMode.FormPost,
Flow = OidcClientOptions.AuthenticationFlow.Hybrid
};
var client = new AuthorizeClient(options);
var parameters = client.CreateAuthorizeParameters("state", "nonce", "code_challenge", null);
parameters.Should().Contain("client_id", "client_id");
parameters.Should().Contain("scope", "openid");
parameters.Should().Contain("redirect_uri", "http://redirect");
parameters.Should().Contain("response_type", "code id_token");
parameters.Should().Contain("response_mode", "form_post");
parameters.Should().Contain("state", "state");
parameters.Should().Contain("nonce", "nonce");
parameters.Should().Contain("code_challenge", "code_challenge");
}
public void Default_parameters_should_create_expected_end_session_url()
{
var options = new OidcClientOptions();
var client = new AuthorizeClient(options);
var url = client.CreateEndSessionUrl("https://server/end_session", new LogoutRequest());
url.Should().Be("https://server/end_session");
}
public void Id_token_hint_should_create_expected_end_session_url()
{
var options = new OidcClientOptions();
var client = new AuthorizeClient(options);
var url = client.CreateEndSessionUrl("https://server/end_session", new LogoutRequest {
IdTokenHint = "id_token"
});
url.Should().Be("https://server/end_session?id_token_hint=id_token");
}
public void Post_logout_redirect_parameter_should_create_expected_end_session_url()
{
var options = new OidcClientOptions
{
PostLogoutRedirectUri = "https://client.com/page"
};
var client = new AuthorizeClient(options);
var url = client.CreateEndSessionUrl("https://server/end_session", new LogoutRequest());
url.Should().Be("https://server/end_session?post_logout_redirect_uri=https%3A%2F%2Fclient.com%2Fpage");
}
static void Main(string[] args)
{
using (var client = new HttpClient())
{
var authClient = new AuthorizeClient(client);
Console.WriteLine($"Requesting Authorize Token for ClientID {rdpUsername} from RDP server\n");
var authToken = GetToken(rdpUsername, rdpPassword, authClient);
DumpToken(authToken);
Console.WriteLine($"\n\nPress any key to refresh the Token: {authToken.Refresh_token}\n");
Console.ReadKey();
authToken = RefreshToken(rdpUsername, authToken.Refresh_token, authClient);
DumpToken(authToken);
}
}
public void Default_parameters_should_be_used_for_authorize_request()
{
var options = new OidcClientOptions
{
ClientId = "client_id",
Scope = "openid",
RedirectUri = "http://redirect"
};
var client = new AuthorizeClient(options);
var parameters = client.CreateAuthorizeParameters("state", "nonce", "code_challenge", null);
parameters.Should().Contain("client_id", "client_id");
parameters.Should().Contain("scope", "openid");
parameters.Should().Contain("redirect_uri", "http://redirect");
parameters.Should().Contain("response_type", "code");
parameters.Should().Contain("state", "state");
parameters.Should().Contain("nonce", "nonce");
parameters.Should().Contain("code_challenge", "code_challenge");
}
public PrePayrollController()
{
SessionModel.Initialize();
var configClientAdapter = ClientConfiguration.GetAdapterFromConfig();
authorizeClient = new AuthorizeClient(SessionModel.AuthorizationHeader, configClientAdapter);
clientPT = new Client <Period>(SessionModel.AuthorizationHeader, configClientAdapter);
clientPD = new Client <PeriodDetail>(SessionModel.AuthorizationHeader, configClientAdapter);
incidentsClient = new Client <Incident>(SessionModel.AuthorizationHeader, configClientAdapter);
vacationsClient = new Client <Vacation>(SessionModel.AuthorizationHeader, configClientAdapter);
inhabilitiesClient = new Client <Inhability>(SessionModel.AuthorizationHeader, configClientAdapter);
clientOD = new Client <OverdraftDetail>(SessionModel.AuthorizationHeader, configClientAdapter);
clientO = new Client <Overdraft>(SessionModel.AuthorizationHeader, configClientAdapter);
conceptsClient = new Client <ConceptPayment>(SessionModel.AuthorizationHeader, configClientAdapter);
calculationClient = new CalculationClient(SessionModel.AuthorizationHeader, configClientAdapter);
stampingClient = new StampingClient(SessionModel.AuthorizationHeader, configClientAdapter);
clientCP = new Client <catCFDI_CodigoPostal>(SessionModel.AuthorizationHeader, configClientAdapter);
clientPCC = new Client <PayrollCompanyConfiguration>(SessionModel.AuthorizationHeader, configClientAdapter);
overdraftClient = new OverdraftClient(SessionModel.AuthorizationHeader, configClientAdapter);
}
static void Main(string[] args)
{
EndpointAddress endpoint = new
EndpointAddress(new Uri("http://localhost:8735/Rameshkartik/WCFSamples/AuthorizationService"), EndpointIdentity.CreateDnsIdentity("WCFServer"));
WSHttpBinding binding = new WSHttpBinding();
binding.Security.Mode = SecurityMode.Message;
binding.Security.Message.ClientCredentialType = MessageCredentialType.Windows;
AuthorizationServiceReference.AuthorizeClient ProxyRefrence = new AuthorizeClient(binding, endpoint);
//ProxyRefrence.ClientCredentials.UserName.UserName = "******";
//ProxyRefrence.ClientCredentials.UserName.Password = "******";
ProxyRefrence.ClientCredentials.ServiceCertificate.Authentication.CertificateValidationMode = X509CertificateValidationMode.None;
//ProxyRefrence.SayHello("Ramesh");
Console.WriteLine("Message Sent");
bool bTemp = ProxyRefrence.GetData(100, "Message");
Console.WriteLine("Hi");
}
public void Missing_default_parameters_can_be_set_by_extra_parameters()
{
var options = new OidcClientOptions();
var extra = new Dictionary <string, string>
{
{ "client_id", "client_id2" },
{ "scope", "openid extra" },
{ "redirect_uri", "http://redirect2" }
};
var client = new AuthorizeClient(options);
var parameters = client.CreateAuthorizeParameters("state", "nonce", "code_challenge", extra);
parameters.Should().Contain("client_id", "client_id2");
parameters.Should().Contain("scope", "openid extra");
parameters.Should().Contain("redirect_uri", "http://redirect2");
parameters.Should().Contain("response_type", "code");
parameters.Should().Contain("state", "state");
parameters.Should().Contain("nonce", "nonce");
parameters.Should().Contain("code_challenge", "code_challenge");
}
/// <summary>Used to get a new set of token for password grant.</summary>
/// <param name="username">The resource owner username (typically ClientID/EDP Username).</param>
/// <param name="password">The resource owner password.</param>
/// <param name="client">The AuthorizeClient object. Internal codes will call TokenAsync from the AuthorizeClient class to request a new token</param>
/// <returns><see cref="Tokenresponse"/></returns>
/// <exception cref="EDPAuthorizeException">A server side error occurred. Internal code will catch the exception and print to console output</exception>
/// <exception cref="Exception">A general error occurred.Internal code will catch the exception and print to console output</exception>
public static Tokenresponse GetToken(string username, string password, AuthorizeClient client)
{
try
{
var tokenResult = client
.TokenAsync("password", username, password, "", "trapi", "", clientid, "", "true", "",
"")
.GetAwaiter().GetResult();
return(tokenResult.Result);
}
catch (EDPAuthorizeException <AuthError> edpAuthorizeException)
{
Console.WriteLine(
$"HttpStatusCode:{edpAuthorizeException.StatusCode} {edpAuthorizeException.Result.Error1} {edpAuthorizeException.Result.Error_description} {edpAuthorizeException.Result.Error_uri}");
}
catch (Exception exception)
{
Console.WriteLine(exception.Message);
}
return(null);
}
/// <summary>
/// Login for client
/// </summary>
/// <param name="clienteRequest"></param>
/// <returns></returns>
public ModeloResponse <ClienteResponse> LoginClient(AuthorizeClient clienteRequest)
{
try
{
using (DataConnectionFactory <ClienteResponse> dapper = new ConnectionFactory <ClienteResponse>(AppConfiguration.Instance.MasivianBD).GetConnectionMananager())
{
dapper.AddParameter("Usuario", clienteRequest.Usuario);
dapper.AddParameter("Contrasena", clienteRequest.Contrasena);
var list = dapper.GetList(StoreProcedures.SP_Login);
if (list != null && list.Any())
{
return(ResponseManager <ClienteResponse> .ResponseOK(0, list));
}
return(ResponseManager <ClienteResponse> .ResponseConflict("Usuario o Contrasena incorrecta"));
}
}
catch (System.Exception ex)
{
Log.Error(ex, ex.Message);
return(ResponseManager <ClienteResponse> .ResponseInternalServerError(ex.Message));
}
}
/// <summary>Used to refresh an access token</summary>
/// <param name="username">The resource owner username (typically ClientID/RDP Username).</param>
/// <param name="refreshToken">The refreshToken used to get a new Access Token from the RDP Server.</param>
/// <param name="client">The AuthorizeClient object. Internal codes will call TokenAsync from the AuthorizeClient class to request a new token</param>
/// <returns><see cref="Tokenresponse"/></returns>
/// <exception cref="EDPAuthorizeException">A server side error occurred. Internal code will catch the exception and print to console output</exception>
/// <exception cref="Exception">A general error occurred.Internal code will catch the exception and print to console output</exception>
public static Tokenresponse RefreshToken(string username, string refreshToken, AuthorizeClient client)
{
Tokenresponse tokenResponse = null;
try
{
tokenResponse = client.TokenAsync("refresh_token", username, "", "", "", refreshToken,
username, "",
"", "", "").GetAwaiter().GetResult().Result;
}
catch (EDPAuthorizeException <AuthError> edpAuthorizeException)
{
Console.WriteLine(
$"HttpStatusCode:{edpAuthorizeException.StatusCode} {edpAuthorizeException.Result.Error1} {edpAuthorizeException.Result.Error_description} {edpAuthorizeException.Result.Error_uri}");
}
catch (Exception exception)
{
Console.WriteLine(exception.Message);
}
return(tokenResponse);
}
/// <summary>
///
/// </summary>
/// <param name="authorizeClient"></param>
public DeleteFileController(
AuthorizeClient authorizeClient
)
{
_authorizeClient = authorizeClient;
}
/// <summary>
/// Use this function to Refresh the Access Token
/// </summary>
/// <param name="username"> EDP username</param>
/// <param name="refreshToken">The refresh token</param>
/// <param name="client">AuthorizeClient object to call TokenAsync</param>
/// <param name="cts">CancellationToken</param>
/// <returns></returns>
public static Tokenresponse RefreshToken(string username, string refreshToken, AuthorizeClient client,
CancellationToken cts)
{
Tokenresponse tokenResponse = null;
tokenResponse = client.TokenAsync("refresh_token", username, "", "", "", refreshToken,
username, "",
"", "", "", cts).GetAwaiter().GetResult().Result;
return(tokenResponse);
}
/// <summary>
///
/// </summary>
/// <param name="authorizeClient"></param>
public GetRepoFilesListController(
AuthorizeClient authorizeClient
)
{
_authorizeClient = authorizeClient;
}
/// <summary>
///
/// </summary>
/// <param name="authorizeClient"></param>
public GetReposInfoController(
AuthorizeClient authorizeClient
)
{
_authorizeClient = authorizeClient;
}
/// <summary>
///
/// </summary>
/// <param name="authorizeClient"></param>
public GetFileContentController(
AuthorizeClient authorizeClient
)
{
_authorizeClient = authorizeClient;
}
/// <summary>
///
/// </summary>
/// <param name="authorizeClient"></param>
public CreateFileController(
AuthorizeClient authorizeClient
)
{
_authorizeClient = authorizeClient;
}
/// <summary> There is a loop inside the function to ask user to enter EDP username and password until it get a valid token.
/// User can press Ctrl+c to exit from the loop and exit the application</summary>
/// <return>True if login success and False if user cancelled the login</return>
/// <param name="appConfig"> Required appConfig to read config parameters. </param>
/// <param name="authToken"> Application has to pass Tokenresponse object to the function and
/// the function will return Tokenresponse to application. It could be null if user cancelled the login </param>
public static bool DoLoginAndGetToken(out Tokenresponse authToken, Config appConfig)
{
authToken = null;
var bCancelledLogin = false;
var cts = new CancellationTokenSource();
Console.TreatControlCAsInput = false;
Console.CancelKeyPress += (s, ev) =>
{
bCancelledLogin = true;
ev.Cancel = true;
cts.Cancel();
};
do
{
Console.WriteLine("\nSignin to RDP(Refinitiv Data Platform) Press Ctrl+C to cancel");
Console.WriteLine("=============================");
if (bCancelledLogin)
{
break;
}
if (string.IsNullOrEmpty(appConfig.Username))
{
Console.Write("Machine ID or Username(Email):");
appConfig.Username = Console.ReadLine();
}
else
{
Console.WriteLine($"Machine ID or Username(Email):{appConfig.Username}");
}
//if (!RegexUtilities.IsValidEmail(appConfig.Username))
//{
//assume that client use machine ID and assign machine id to client id.
// appConfig.ClientId = appConfig.Username;
//}
//else
//{
if (string.IsNullOrEmpty(appConfig.ClientId))
{
Console.Write("Enter Client ID/AppKey:");
appConfig.ClientId = Console.ReadLine();
}
else
{
Console.WriteLine($"Client ID:{appConfig.ClientId}");
}
//}
if (!bCancelledLogin && string.IsNullOrEmpty(appConfig.RefreshToken) && string.IsNullOrEmpty(appConfig.Password))
{
Console.Write("Enter Password:"******"=============================");
if (bCancelledLogin)
{
break;
}
Console.WriteLine("Logging in to the EDP server, please wait");
using (var client = new HttpClient(GenerateHttpClientHandler(appConfig)))
{
var authClient = new AuthorizeClient(client);
//If user specify authorize token url vi app config, it overrides default authorize url.
if (!string.IsNullOrEmpty(appConfig.AuthBaseURL))
{
authClient.BaseUrl = appConfig.AuthBaseURL;
}
try
{
authToken = string.IsNullOrEmpty(appConfig.RefreshToken)
? GetNewToken(appConfig.Username, appConfig.Password, appConfig.ClientId, authClient, cts.Token)
: RefreshToken(
appConfig.Username,
appConfig.RefreshToken,
authClient,
cts.Token);
}
catch (EDPAuthorizeException <AuthError> exception)
{
Console.WriteLine(
$"Login Failed! Status Code:{exception.StatusCode} "
+ $"Error:{exception.Result.Error1} {exception.Result.Error_description} {exception.Result.Error_uri}");
}
catch (Exception exception)
{
Console.WriteLine($"\nGet {exception.GetType().Name} Error {exception.Message}");
}
finally
{
//reset everything to empty and ask user to enter credential again.
appConfig.Username = string.Empty;
appConfig.Password = string.Empty;
appConfig.RefreshToken = string.Empty;
appConfig.ClientId = string.Empty;
//Console.WriteLine("\nRe-enter EDP username and password or press Ctrl+C to exit");
}
}
} while (!bCancelledLogin && (authToken == null));
return(!bCancelledLogin && (authToken != null));
}
/// <summary>
///
/// </summary>
/// <param name="authorizeClient"></param>
public GetReadmeController(
AuthorizeClient authorizeClient
)
{
_authorizeClient = authorizeClient;
}
/// <summary>
/// Use this function to get a New AccessToken+Refresh token
/// </summary>
/// <param name="username">EDP Username</param>
/// <param name="password">EDP Password</param>
/// <param name="client">Authorization Client object</param>
/// <param name="cancellationToken">CancellationToken object</param>
/// <returns></returns>
public static Tokenresponse GetNewToken(string username, string password, string clientId, AuthorizeClient client,
CancellationToken cancellationToken)
{
var tokenResult = client
.TokenAsync("password", username, password, "", "trapi", "", clientId, "", "true", "",
"", cancellationToken)
.GetAwaiter().GetResult();
return(tokenResult.Result);
}
static void Main(string[] args)
{
AuthorizationServiceReference.AuthorizeClient cli = new AuthorizeClient();
Console.WriteLine(cli.GetData(1040));
Console.ReadKey();
}
