protected override async Task <AuthenticationTicket> CreateTicketAsync(ClaimsIdentity identity, AuthenticationProperties properties, OAuthTokenResponse tokens) { var j = await LoadJson(tokens, Options.UserInformationEndpoint); var payload = JObject.Parse(j); identity.AddOptionalClaim(ClaimTypes.NameIdentifier, IsAuthenticationHelper.GetIdentifier(payload), Options.ClaimsIssuer) .AddOptionalClaim(ClaimTypes.Name, IsAuthenticationHelper.GetLogin(payload), Options.ClaimsIssuer) .AddOptionalClaim(ClaimTypes.Email, IsAuthenticationHelper.GetEmail(payload), Options.ClaimsIssuer) .AddOptionalClaim(ClaimTypes.GivenName, IsAuthenticationHelper.GetFullName(payload), Options.ClaimsIssuer); var jj = await LoadJson(tokens, Options.UserRolesEndpoint); var roles = JArray.Parse(jj); foreach (var role in IsAuthenticationHelper.GetRoles(roles)) { identity.AddOptionalClaim("is:role", role, Options.ClaimsIssuer); } var principal = new ClaimsPrincipal(identity); var ticket = new AuthenticationTicket(principal, properties, Options.AuthenticationScheme); var context = new OAuthCreatingTicketContext(ticket, Context, Options, Backchannel, tokens, payload); await Options.Events.CreatingTicket(context); return(context.Ticket); }
protected override async Task <AuthenticationTicket> CreateTicketAsync([NotNull] ClaimsIdentity identity, [NotNull] AuthenticationProperties properties, [NotNull] OAuthTokenResponse tokens) { var request = new HttpRequestMessage(HttpMethod.Get, Options.UserInformationEndpoint); request.Headers.Add("x-li-format", "json"); request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", tokens.AccessToken); var response = await Backchannel.SendAsync(request, Context.RequestAborted); response.EnsureSuccessStatusCode(); var payload = JObject.Parse(await response.Content.ReadAsStringAsync()); identity.AddOptionalClaim(ClaimTypes.NameIdentifier, LinkedInAuthenticationHelper.GetIdentifier(payload), Options.ClaimsIssuer) .AddOptionalClaim(ClaimTypes.Name, LinkedInAuthenticationHelper.GetName(payload), Options.ClaimsIssuer) .AddOptionalClaim(ClaimTypes.Email, LinkedInAuthenticationHelper.GetEmail(payload), Options.ClaimsIssuer) .AddOptionalClaim("urn:linkedin:profile", LinkedInAuthenticationHelper.GetPublicProfileUrl(payload), Options.ClaimsIssuer) .AddOptionalClaim("urn:linkedin:profilepicture", LinkedInAuthenticationHelper.GetProfilePictureUrl(payload), Options.ClaimsIssuer); var context = new OAuthCreatingTicketContext(Context, Options, Backchannel, tokens, payload) { Principal = new ClaimsPrincipal(identity), Properties = properties }; await Options.Events.CreatingTicket(context); if (context.Principal?.Identity == null) { return(null); } return(new AuthenticationTicket(context.Principal, context.Properties, Options.AuthenticationScheme)); }
protected override async Task <AuthenticationTicket> CreateTicketAsync([NotNull] ClaimsIdentity identity, [NotNull] AuthenticationProperties properties, [NotNull] OAuthTokenResponse tokens) { var request = new HttpRequestMessage(HttpMethod.Get, Options.UserInformationEndpoint); request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json")); request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", tokens.AccessToken); var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted); response.EnsureSuccessStatusCode(); var payload = JObject.Parse(await response.Content.ReadAsStringAsync()); identity.AddOptionalClaim(ClaimTypes.NameIdentifier, AutodeskAuthenticationHelper.GetUserId(payload), Options.ClaimsIssuer) .AddOptionalClaim(ClaimTypes.Name, AutodeskAuthenticationHelper.GetUserName(payload), Options.ClaimsIssuer) .AddOptionalClaim(ClaimTypes.GivenName, AutodeskAuthenticationHelper.GetFirstName(payload), Options.ClaimsIssuer) .AddOptionalClaim(ClaimTypes.Surname, AutodeskAuthenticationHelper.GetLastName(payload), Options.ClaimsIssuer) .AddOptionalClaim(ClaimTypes.Email, AutodeskAuthenticationHelper.GetEmailAddress(payload), ClaimValueTypes.Email, Options.ClaimsIssuer) .AddOptionalClaim(AutodeskAuthenticationConstants.Claims.EmailVerified, AutodeskAuthenticationHelper.GetEmailVerified(payload), ClaimValueTypes.Boolean, Options.ClaimsIssuer) .AddOptionalClaim(AutodeskAuthenticationConstants.Claims.TwoFactorEnabled, AutodeskAuthenticationHelper.GetTwoFactorEnabled(payload), ClaimValueTypes.Boolean, Options.ClaimsIssuer); var principal = new ClaimsPrincipal(identity); var ticket = new AuthenticationTicket(principal, properties, Options.AuthenticationScheme); var context = new OAuthCreatingTicketContext(ticket, Context, Options, Backchannel, tokens, payload); await Options.Events.CreatingTicket(context); return(context.Ticket); }
protected override async Task <AuthenticationTicket> CreateTicketAsync([NotNull] ClaimsIdentity identity, [NotNull] AuthenticationProperties properties, [NotNull] OAuthTokenResponse tokens) { var request = new HttpRequestMessage(HttpMethod.Get, Options.UserInformationEndpoint); request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json")); request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", tokens.AccessToken); var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted); response.EnsureSuccessStatusCode(); var payload = JObject.Parse(await response.Content.ReadAsStringAsync()); identity.AddOptionalClaim(ClaimTypes.NameIdentifier, < %= name %> AuthenticationHelper.GetIdentifier(payload), Options.ClaimsIssuer); // TODO: Add any optional claims, eg // .AddOptionalClaim("urn:<%= name.toLowerCase() %>:name", <%= name %>AuthenticationHelper.GetName(payload), Options.ClaimsIssuer) var principal = new ClaimsPrincipal(identity); var ticket = new AuthenticationTicket(principal, properties, Options.AuthenticationScheme); var context = new OAuthCreatingTicketContext(ticket, Context, Options, Backchannel, tokens, payload); await Options.Events.CreatingTicket(context); return(context.Ticket); }
protected override async Task <AuthenticationTicket> CreateTicketAsync([NotNull] ClaimsIdentity identity, [NotNull] AuthenticationProperties properties, [NotNull] OAuthTokenResponse tokens) { var address = QueryHelpers.AddQueryString(Options.UserInformationEndpoint, "access_token", tokens.AccessToken); var request = new HttpRequestMessage(HttpMethod.Get, address); request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json")); var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted); if (!response.IsSuccessStatusCode) { Logger.LogError("An error occurred when retrieving the user profile: the remote server " + "returned a {Status} response with the following payload: {Headers} {Body}.", /* Status: */ response.StatusCode, /* Headers: */ response.Headers.ToString(), /* Body: */ await response.Content.ReadAsStringAsync()); throw new HttpRequestException("An error occurred when retrieving the user profile."); } var payload = JObject.Parse(await response.Content.ReadAsStringAsync()); identity.AddOptionalClaim(ClaimTypes.NameIdentifier, BattleNetAuthenticationHelper.GetIdentifier(payload), Options.ClaimsIssuer) .AddOptionalClaim(ClaimTypes.Name, BattleNetAuthenticationHelper.GetBattleTag(payload), Options.ClaimsIssuer); var principal = new ClaimsPrincipal(identity); var ticket = new AuthenticationTicket(principal, properties, Options.AuthenticationScheme); var context = new OAuthCreatingTicketContext(ticket, Context, Options, Backchannel, tokens, payload); await Options.Events.CreatingTicket(context); return(context.Ticket); }
protected override async Task <AuthenticationTicket> CreateTicketAsync([NotNull] ClaimsIdentity identity, [NotNull] AuthenticationProperties properties, [NotNull] OAuthTokenResponse tokens) { var request = new HttpRequestMessage(HttpMethod.Get, Options.UserInformationEndpoint + "?access_token=" + tokens.AccessToken); request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json")); var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted); response.EnsureSuccessStatusCode(); var payload = JObject.Parse(await response.Content.ReadAsStringAsync()); identity.AddOptionalClaim(ClaimTypes.NameIdentifier, BattleNetAuthenticationHelper.GetIdentifier(payload), Options.ClaimsIssuer) .AddOptionalClaim(ClaimTypes.Name, BattleNetAuthenticationHelper.GetBattleTag(payload), Options.ClaimsIssuer); var context = new OAuthCreatingTicketContext(Context, Options, Backchannel, tokens, payload) { Principal = new ClaimsPrincipal(identity), Properties = properties }; await Options.Events.CreatingTicket(context); if (context.Principal?.Identity == null) { return(null); } return(new AuthenticationTicket(context.Principal, context.Properties, Options.AuthenticationScheme)); }
protected override async Task <AuthenticationTicket> CreateTicketAsync([NotNull] ClaimsIdentity identity, [NotNull] AuthenticationProperties properties, [NotNull] OAuthTokenResponse tokens) { var request = new HttpRequestMessage(HttpMethod.Get, Options.UserInformationEndpoint); request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json")); request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", tokens.AccessToken); var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted); if (!response.IsSuccessStatusCode) { Logger.LogError("An error occurred while retrieving the user profile: the remote server " + "returned a {Status} response with the following payload: {Headers} {Body}.", /* Status: */ response.StatusCode, /* Headers: */ response.Headers.ToString(), /* Body: */ await response.Content.ReadAsStringAsync()); throw new HttpRequestException("An error occurred while retrieving the user profile."); } var payload = JObject.Parse(await response.Content.ReadAsStringAsync()); identity.AddOptionalClaim(ClaimTypes.NameIdentifier, GitHubAuthenticationHelper.GetIdentifier(payload), Options.ClaimsIssuer) .AddOptionalClaim(ClaimTypes.Name, GitHubAuthenticationHelper.GetLogin(payload), Options.ClaimsIssuer) .AddOptionalClaim(ClaimTypes.Email, GitHubAuthenticationHelper.GetEmail(payload), Options.ClaimsIssuer) .AddOptionalClaim("urn:github:name", GitHubAuthenticationHelper.GetName(payload), Options.ClaimsIssuer) .AddOptionalClaim("urn:github:url", GitHubAuthenticationHelper.GetLink(payload), Options.ClaimsIssuer); // When the email address is not public, retrieve it from // the emails endpoint if the user:email scope is specified. if (!string.IsNullOrEmpty(Options.UserEmailsEndpoint) && !identity.HasClaim(claim => claim.Type == ClaimTypes.Email) && Options.Scope.Contains("user:email")) { identity.AddOptionalClaim(ClaimTypes.Email, await GetEmailAsync(tokens), Options.ClaimsIssuer); } var principal = new ClaimsPrincipal(identity); var ticket = new AuthenticationTicket(principal, properties, Options.AuthenticationScheme); var context = new OAuthCreatingTicketContext(ticket, Context, Options, Backchannel, tokens, payload); await Options.Events.CreatingTicket(context); return(context.Ticket); }
protected override async Task <AuthenticationTicket> CreateTicketAsync([NotNull] ClaimsIdentity identity, [NotNull] AuthenticationProperties properties, [NotNull] OAuthTokenResponse tokens) { var request = new HttpRequestMessage(HttpMethod.Get, Options.UserInformationEndpoint); request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json")); request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", tokens.AccessToken); var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted); response.EnsureSuccessStatusCode(); var payload = JObject.Parse(await response.Content.ReadAsStringAsync()); identity.AddOptionalClaim(ClaimTypes.NameIdentifier, GitHubAuthenticationHelper.GetIdentifier(payload), Options.ClaimsIssuer) .AddOptionalClaim(ClaimTypes.Name, GitHubAuthenticationHelper.GetLogin(payload), Options.ClaimsIssuer) .AddOptionalClaim(ClaimTypes.Email, GitHubAuthenticationHelper.GetEmail(payload), Options.ClaimsIssuer) .AddOptionalClaim("urn:github:name", GitHubAuthenticationHelper.GetName(payload), Options.ClaimsIssuer) .AddOptionalClaim("urn:github:url", GitHubAuthenticationHelper.GetLink(payload), Options.ClaimsIssuer); // When the email address is not public, retrieve it from // the emails endpoint if the user:email scope is specified. if (!string.IsNullOrEmpty(Options.UserEmailsEndpoint) && !identity.HasClaim(claim => claim.Type == ClaimTypes.Email) && Options.Scope.Contains("user:email")) { identity.AddOptionalClaim(ClaimTypes.Email, await GetEmailAsync(tokens), Options.ClaimsIssuer); } var context = new OAuthCreatingTicketContext(Context, Options, Backchannel, tokens, payload) { Principal = new ClaimsPrincipal(identity), Properties = properties }; await Options.Events.CreatingTicket(context); if (context.Principal?.Identity == null) { return(null); } return(new AuthenticationTicket(context.Principal, context.Properties, Options.AuthenticationScheme)); }
protected override async Task <AuthenticationTicket> CreateTicketAsync([NotNull] ClaimsIdentity identity, [NotNull] AuthenticationProperties properties, [NotNull] OAuthTokenResponse tokens) { // Note: the ArcGIS API doesn't support content negotiation via headers. var address = QueryHelpers.AddQueryString(Options.UserInformationEndpoint, new Dictionary <string, string> { ["f"] = "json", ["token"] = tokens.AccessToken }); var request = new HttpRequestMessage(HttpMethod.Get, address); request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json")); // Request the token var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted); response.EnsureSuccessStatusCode(); var payload = JObject.Parse(await response.Content.ReadAsStringAsync()); // Note: error responses always return 200 status codes. var error = ArcGISAuthenticationHelper.GetError(payload); if (error != null) { // See https://developers.arcgis.com/authentication/server-based-user-logins/ for more information Logger.LogError("An error occurred when retrieving the user information: the remote server " + "returned a response with the following error code: {Code} {Message}.", /* Code: */ error.Value <string>("code"), /* Message: */ error.Value <string>("message")); return(null); } identity.AddOptionalClaim(ClaimTypes.NameIdentifier, ArcGISAuthenticationHelper.GetIdentifier(payload), Options.ClaimsIssuer) .AddOptionalClaim(ClaimTypes.Name, ArcGISAuthenticationHelper.GetName(payload), Options.ClaimsIssuer) .AddOptionalClaim(ClaimTypes.Email, ArcGISAuthenticationHelper.GetEmail(payload), Options.ClaimsIssuer); var context = new OAuthCreatingTicketContext(Context, Options, Backchannel, tokens, payload) { Principal = new ClaimsPrincipal(identity), Properties = properties }; await Options.Events.CreatingTicket(context); if (context.Principal?.Identity == null) { return(null); } return(new AuthenticationTicket(context.Principal, context.Properties, context.Options.AuthenticationScheme)); }
protected override async Task <AuthenticationTicket> CreateTicketAsync([NotNull] ClaimsIdentity identity, [NotNull] AuthenticationProperties properties, [NotNull] OAuthTokenResponse tokens) { var address = QueryHelpers.AddQueryString(Options.UserInformationEndpoint, new Dictionary <string, string> { ["access_token"] = tokens.AccessToken, ["openid"] = tokens.Response.Value <string>("openid") }); var response = await Backchannel.GetAsync(address); if (!response.IsSuccessStatusCode) { Logger.LogError("An error occurred while retrieving the user profile: the remote server " + "returned a {Status} response with the following payload: {Headers} {Body}.", /* Status: */ response.StatusCode, /* Headers: */ response.Headers.ToString(), /* Body: */ await response.Content.ReadAsStringAsync()); throw new HttpRequestException("An error occurred while retrieving user information."); } var payload = JObject.Parse(await response.Content.ReadAsStringAsync()); if (!string.IsNullOrEmpty(payload.Value <string>("errcode"))) { Logger.LogError("An error occurred while retrieving the user profile: the remote server " + "returned a {Status} response with the following payload: {Headers} {Body}.", /* Status: */ response.StatusCode, /* Headers: */ response.Headers.ToString(), /* Body: */ await response.Content.ReadAsStringAsync()); throw new HttpRequestException("An error occurred while retrieving user information."); } identity.AddOptionalClaim(ClaimTypes.NameIdentifier, WeixinAuthenticationHelper.GetUnionid(payload), Options.ClaimsIssuer) .AddOptionalClaim(ClaimTypes.Name, WeixinAuthenticationHelper.GetNickname(payload), Options.ClaimsIssuer) .AddOptionalClaim(ClaimTypes.Gender, WeixinAuthenticationHelper.GetSex(payload), Options.ClaimsIssuer) .AddOptionalClaim(ClaimTypes.Country, WeixinAuthenticationHelper.GetCountry(payload), Options.ClaimsIssuer) .AddOptionalClaim("urn:weixin:openid", WeixinAuthenticationHelper.GetOpenId(payload), Options.ClaimsIssuer) .AddOptionalClaim("urn:weixin:province", WeixinAuthenticationHelper.GetProvince(payload), Options.ClaimsIssuer) .AddOptionalClaim("urn:weixin:city", WeixinAuthenticationHelper.GetCity(payload), Options.ClaimsIssuer) .AddOptionalClaim("urn:weixin:headimgurl", WeixinAuthenticationHelper.GetHeadimgUrl(payload), Options.ClaimsIssuer) .AddOptionalClaim("urn:weixin:privilege", WeixinAuthenticationHelper.GetPrivilege(payload), Options.ClaimsIssuer); var principal = new ClaimsPrincipal(identity); var ticket = new AuthenticationTicket(principal, properties, Options.AuthenticationScheme); var context = new OAuthCreatingTicketContext(ticket, Context, Options, Backchannel, tokens); await Options.Events.CreatingTicket(context); return(context.Ticket); }
protected override async Task <AuthenticationTicket> CreateTicketAsync( ClaimsIdentity identity, Microsoft.AspNetCore.Authentication.AuthenticationProperties properties, OAuthTokenResponse tokens) { var address = QueryHelpers.AddQueryString(Options.UserInformationEndpoint, "access_token", tokens.AccessToken); if (Options.Fields.Count != 0) { address = QueryHelpers.AddQueryString(address, "fields", string.Join(",", Options.Fields)); } var response = await Backchannel.GetAsync(address, Context.RequestAborted); if (!response.IsSuccessStatusCode) { Logger.LogError("Произошла ошибка при получении профиля пользователя: удаленный сервер " + "вернул {Status} ответ со следующей информацией: {Headers} {Body}.", response.StatusCode, response.Headers.ToString(), await response.Content.ReadAsStringAsync()); throw new HttpRequestException("Произошла ошибка при получении профиля пользователя."); } var payload = JObject.Parse(await response.Content.ReadAsStringAsync()); var user = (JObject)payload["response"][0]; foreach (var scope in Options.Scope) { var scope_value = tokens.Response.Value <string>(scope); if (!string.IsNullOrEmpty(scope_value)) { user.Add(scope, scope_value); } } identity.AddOptionalClaim(ClaimTypes.NameIdentifier, user.Value <string>("uid"), Options.ClaimsIssuer) .AddOptionalClaim(ClaimTypes.GivenName, user.Value <string>("first_name"), Options.ClaimsIssuer) .AddOptionalClaim(ClaimTypes.Surname, user.Value <string>("last_name"), Options.ClaimsIssuer) .AddOptionalClaim(ClaimTypes.Email, user.Value <string>("email"), Options.ClaimsIssuer); var context = new OAuthCreatingTicketContext(new ClaimsPrincipal(identity), properties, Context, Scheme, Options, Backchannel, tokens, user); context.RunClaimActions(); await Options.Events.CreatingTicket(context); return(new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name)); }
/// <summary> /// Call the OAuthServer and get a user's information. /// The context object will have the Identity, AccessToken, and UserInformationEndpoint available. /// Using this information, we can query the auth server for claims to attach to the identity. /// A particular OAuthServer's endpoint returns a json object with a roles member and a name member. /// We call this endpoint with HttpClient, parse the result, and attach the claims to the Identity. /// </summary> /// <param name="identity"></param> /// <param name="properties"></param> /// <param name="tokens"></param> /// <returns></returns> protected virtual async Task <AuthenticationTicket> CustomCreateTicketAsync( ClaimsIdentity identity, AuthenticationProperties properties, WeixinOAuthTokenResponse tokens) { if (identity == null) { throw new ArgumentNullException(nameof(identity)); } if (properties == null) { throw new ArgumentNullException(nameof(properties)); } if (tokens == null) { throw new ArgumentNullException(nameof(tokens)); } var openId = tokens.OpenId; var scope = tokens.Scope; // std:NameIdentifier identity.AddOptionalClaim(ClaimTypes.NameIdentifier, openId, Options.ClaimsIssuer); identity.AddOptionalClaim(WeixinOAuthClaimTypes.OpenId, openId, Options.ClaimsIssuer); // scope identity.AddOptionalClaim(WeixinOAuthClaimTypes.Scope, scope, Options.ClaimsIssuer); if (SplitScope(scope).Contains(WeixinOAuthScopes.snsapi_userinfo)) { identity = await RetrieveUserInfoAsync(tokens.AccessToken, openId, identity); } var principal = new ClaimsPrincipal(identity); var ticket = new AuthenticationTicket(principal, properties, Scheme.Name); var context = new WeixinOAuthCreatingTicketContext(Context, Scheme, Options, Backchannel, ticket, tokens); await Options.Events.CreatingTicket(context); return(context.Ticket); }
protected override async Task <AuthenticationTicket> CreateTicketAsync([NotNull] ClaimsIdentity identity, [NotNull] AuthenticationProperties properties, [NotNull] OAuthTokenResponse tokens) { var userInformationEndpoint = $"{Options.UserInformationEndpoint}?access_token={tokens.AccessToken}"; if (Options.SignedRequestsEnforced) { var parameters = new Dictionary <string, string> { ["access_token"] = tokens.AccessToken }; var sig = SignRequest(InstagramAuthenticationDefaults.UserInformationEndpoint, parameters, Options.ClientSecret); userInformationEndpoint += $"&sig={sig}"; } var request = new HttpRequestMessage(HttpMethod.Get, userInformationEndpoint); request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json")); var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted); response.EnsureSuccessStatusCode(); var payload = JObject.Parse(await response.Content.ReadAsStringAsync()).Value <JObject>("data"); identity.AddOptionalClaim(ClaimTypes.NameIdentifier, InstagramAuthenticationHelper.GetIdentifier(payload), Options.ClaimsIssuer) .AddOptionalClaim(ClaimTypes.Name, InstagramAuthenticationHelper.GetFullName(payload), Options.ClaimsIssuer); var context = new OAuthCreatingTicketContext(Context, Options, Backchannel, tokens, payload) { Principal = new ClaimsPrincipal(identity), Properties = properties }; await Options.Events.CreatingTicket(context); if (context.Principal?.Identity == null) { return(null); } return(new AuthenticationTicket(context.Principal, context.Properties, context.Options.AuthenticationScheme)); }
protected override async Task <AuthenticationTicket> CreateTicketAsync([NotNull] ClaimsIdentity identity, [NotNull] AuthenticationProperties properties, [NotNull] OAuthTokenResponse tokens) { var address = QueryHelpers.AddQueryString(Options.UserInformationEndpoint, new Dictionary <string, string> { ["access_token"] = tokens.AccessToken, ["uid"] = tokens.Response.Value <string>("uid") }); var request = new HttpRequestMessage(HttpMethod.Get, address); request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json")); var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted); if (!response.IsSuccessStatusCode) { Logger.LogError("An error occurred while retrieving the user profile: the remote server " + "returned a {Status} response with the following payload: {Headers} {Body}.", /* Status: */ response.StatusCode, /* Headers: */ response.Headers.ToString(), /* Body: */ await response.Content.ReadAsStringAsync()); throw new HttpRequestException("An error occurred while retrieving the user profile."); } var payload = JObject.Parse(await response.Content.ReadAsStringAsync()); identity.AddOptionalClaim(ClaimTypes.NameIdentifier, WeiboAuthenticationHelper.GetId(payload), Options.ClaimsIssuer) .AddOptionalClaim(ClaimTypes.Name, WeiboAuthenticationHelper.GetName(payload), Options.ClaimsIssuer) .AddOptionalClaim(ClaimTypes.Gender, WeiboAuthenticationHelper.GetGender(payload), Options.ClaimsIssuer) .AddOptionalClaim("urn:weibo:screen_name", WeiboAuthenticationHelper.GetScreenName(payload), Options.ClaimsIssuer) .AddOptionalClaim("urn:weibo:profile_image_url", WeiboAuthenticationHelper.GetProfileImageUrl(payload), Options.ClaimsIssuer) .AddOptionalClaim("urn:weibo:avatar_large", WeiboAuthenticationHelper.GetAvatarLarge(payload), Options.ClaimsIssuer) .AddOptionalClaim("urn:weibo:avatar_hd", WeiboAuthenticationHelper.GetAvatarHD(payload), Options.ClaimsIssuer) .AddOptionalClaim("urn:weibo:cover_image_phone", WeiboAuthenticationHelper.GetCoverImagePhone(payload), Options.ClaimsIssuer) .AddOptionalClaim("urn:weibo:location", WeiboAuthenticationHelper.GetLocation(payload), Options.ClaimsIssuer); var principal = new ClaimsPrincipal(identity); var ticket = new AuthenticationTicket(principal, properties, Options.AuthenticationScheme); var context = new OAuthCreatingTicketContext(ticket, Context, Options, Backchannel, tokens); await Options.Events.CreatingTicket(context); return(context.Ticket); }
protected override async Task <AuthenticationTicket> CreateTicketAsync([NotNull] ClaimsIdentity identity, [NotNull] AuthenticationProperties properties, [NotNull] OAuthTokenResponse tokens) { // See https://developer.foursquare.com/overview/versioning // for more information about the mandatory "v" and "m" parameters. var address = QueryHelpers.AddQueryString(Options.UserInformationEndpoint, new Dictionary <string, string> { ["m"] = "foursquare", ["v"] = Options.ApiVersion, ["oauth_token"] = tokens.AccessToken, }); var request = new HttpRequestMessage(HttpMethod.Get, address); var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted); if (!response.IsSuccessStatusCode) { Logger.LogError("An error occurred while retrieving the user profile: the remote server " + "returned a {Status} response with the following payload: {Headers} {Body}.", /* Status: */ response.StatusCode, /* Headers: */ response.Headers.ToString(), /* Body: */ await response.Content.ReadAsStringAsync()); throw new HttpRequestException("An error occurred while retrieving the user profile."); } var payload = JObject.Parse(await response.Content.ReadAsStringAsync()); identity.AddOptionalClaim(ClaimTypes.NameIdentifier, FoursquareAuthenticationHelper.GetIdentifier(payload), Options.ClaimsIssuer) .AddOptionalClaim(ClaimTypes.Surname, FoursquareAuthenticationHelper.GetLastName(payload), Options.ClaimsIssuer) .AddOptionalClaim(ClaimTypes.GivenName, FoursquareAuthenticationHelper.GetFirstName(payload), Options.ClaimsIssuer) .AddOptionalClaim(ClaimTypes.Name, FoursquareAuthenticationHelper.GetUserName(payload), Options.ClaimsIssuer) .AddOptionalClaim(ClaimTypes.Gender, FoursquareAuthenticationHelper.GetGender(payload), Options.ClaimsIssuer) .AddOptionalClaim(ClaimTypes.Email, FoursquareAuthenticationHelper.GetContactEmail(payload), Options.ClaimsIssuer) .AddOptionalClaim(ClaimTypes.Uri, FoursquareAuthenticationHelper.GetCanonicalUrl(payload), Options.ClaimsIssuer); var principal = new ClaimsPrincipal(identity); var ticket = new AuthenticationTicket(principal, properties, Options.AuthenticationScheme); var context = new OAuthCreatingTicketContext(ticket, Context, Options, Backchannel, tokens, payload); await Options.Events.CreatingTicket(context); return(context.Ticket); }
protected override async Task <AuthenticationTicket> CreateTicketAsync([NotNull] ClaimsIdentity identity, [NotNull] AuthenticationProperties properties, [NotNull] OAuthTokenResponse tokens) { var request = new HttpRequestMessage(HttpMethod.Get, Options.UserInformationEndpoint); request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json")); request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", tokens.AccessToken); var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted); if (!response.IsSuccessStatusCode) { Logger.LogError("An error occurred when retrieving the user profile: the remote server " + "returned a {Status} response with the following payload: {Headers} {Body}.", /* Status: */ response.StatusCode, /* Headers: */ response.Headers.ToString(), /* Body: */ await response.Content.ReadAsStringAsync()); throw new HttpRequestException("An error occurred when retrieving the user profile."); } var payload = JObject.Parse(await response.Content.ReadAsStringAsync()); SpotifyChangeControlLib.SCCManager oSCCManager = new SpotifyChangeControlLib.SCCManager(); string sProfileID = SpotifyAuthenticationHelper.GetIdentifier(payload); string sAuthCode = request.Headers.Authorization.Parameter; string sAccessCode = tokens.AccessToken; string sRefreshCode = tokens.RefreshToken; string sTokenType = tokens.TokenType; int iExpiresIn = Convert.ToInt32(tokens.ExpiresIn); oSCCManager.AddSpotifyUser(sProfileID, sAuthCode, sAccessCode, sRefreshCode, sTokenType, iExpiresIn, DateTime.Now.ToUniversalTime(), DateTime.Now.ToUniversalTime()); identity.AddOptionalClaim(ClaimTypes.NameIdentifier, SpotifyAuthenticationHelper.GetIdentifier(payload), Options.ClaimsIssuer) .AddOptionalClaim(ClaimTypes.Name, SpotifyAuthenticationHelper.GetName(payload), Options.ClaimsIssuer) .AddOptionalClaim("urn:spotify:url", SpotifyAuthenticationHelper.GetLink(payload), Options.ClaimsIssuer) .AddOptionalClaim("urn:spotify:profilepicture", SpotifyAuthenticationHelper.GetProfilePictureUrl(payload), Options.ClaimsIssuer); var principal = new ClaimsPrincipal(identity); var ticket = new AuthenticationTicket(principal, properties, Options.AuthenticationScheme); var context = new OAuthCreatingTicketContext(ticket, Context, Options, Backchannel, tokens, payload); await Options.Events.CreatingTicket(context); return(context.Ticket); }
protected override async Task <AuthenticationTicket> CreateTicketAsync([NotNull] ClaimsIdentity identity, [NotNull] AuthenticationProperties properties, [NotNull] OAuthTokenResponse tokens) { // Note: MYOB doesn't provide a user information endpoint, // so we rely on the details sent back in the token request. var user = (JObject)tokens.Response.SelectToken("user"); identity.AddOptionalClaim(ClaimTypes.NameIdentifier, MyobAuthenticationHelper.GetIdentifier(user), Options.ClaimsIssuer) .AddOptionalClaim(ClaimTypes.Name, MyobAuthenticationHelper.GetUsername(user), Options.ClaimsIssuer); var principal = new ClaimsPrincipal(identity); var ticket = new AuthenticationTicket(principal, properties, Options.AuthenticationScheme); var context = new OAuthCreatingTicketContext(ticket, Context, Options, Backchannel, tokens, user); await Options.Events.CreatingTicket(context); return(context.Ticket); }
protected override async Task <AuthenticationTicket> CreateTicketAsync([NotNull] ClaimsIdentity identity, [NotNull] AuthenticationProperties properties, [NotNull] OAuthTokenResponse tokens) { // Note: access tokens and request keys are passed in the querystring for StackExchange var address = QueryHelpers.AddQueryString(Options.UserInformationEndpoint, new Dictionary <string, string>() { ["access_token"] = tokens.AccessToken, ["key"] = Options.RequestKey, ["site"] = Options.Site }); var request = new HttpRequestMessage(HttpMethod.Get, address); request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json")); var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted); if (!response.IsSuccessStatusCode) { Logger.LogError("An error occurred while retrieving the user profile: the remote server " + "returned a {Status} response with the following payload: {Headers} {Body}.", /* Status: */ response.StatusCode, /* Headers: */ response.Headers.ToString(), /* Body: */ await response.Content.ReadAsStringAsync()); throw new HttpRequestException("An error occurred while retrieving the user profile."); } var payload = JObject.Parse(await response.Content.ReadAsStringAsync()); // Note: the email claim cannot be retrieved from StackExchange's user information endpoint. identity.AddOptionalClaim(ClaimTypes.NameIdentifier, StackExchangeAuthenticationHelper.GetIdentifier(payload), Options.ClaimsIssuer) .AddOptionalClaim(ClaimTypes.Name, StackExchangeAuthenticationHelper.GetDisplayName(payload), Options.ClaimsIssuer) .AddOptionalClaim(ClaimTypes.Webpage, StackExchangeAuthenticationHelper.GetWebsiteUrl(payload), Options.ClaimsIssuer) .AddOptionalClaim("urn:stackexchange:link", StackExchangeAuthenticationHelper.GetLink(payload), Options.ClaimsIssuer); var principal = new ClaimsPrincipal(identity); var ticket = new AuthenticationTicket(principal, properties, Options.AuthenticationScheme); var context = new OAuthCreatingTicketContext(ticket, Context, Options, Backchannel, tokens, payload); await Options.Events.CreatingTicket(context); return(context.Ticket); }
protected override async Task <AuthenticationTicket> CreateTicketAsync(ClaimsIdentity identity, AuthenticationProperties properties, OAuthTokenResponse tokens) { var address = QueryHelpers.AddQueryString(Options.UserInformationEndpoint, "access_token", tokens.AccessToken); address = QueryHelpers.AddQueryString(address, "v", Options.ApiVersion); if (Options.Fields.Count != 0) { address = QueryHelpers.AddQueryString(address, "fields", string.Join(",", Options.Fields)); } var response = await Backchannel.GetAsync(address, Context.RequestAborted); if (!response.IsSuccessStatusCode) { Logger.LogError("An error occurred while retrieving the user profile: the remote server " + "returned a {Status} response with the following payload: {Headers} {Body}.", /* Status: */ response.StatusCode, /* Headers: */ response.Headers.ToString(), /* Body: */ await response.Content.ReadAsStringAsync()); throw new HttpRequestException("An error occurred while retrieving the user profile."); } var payload = JObject.Parse(await response.Content.ReadAsStringAsync()); var context = new OAuthCreatingTicketContext(new ClaimsPrincipal(identity), properties, Context, Scheme, Options, Backchannel, tokens, payload); var user = (JObject)payload["response"][0]; identity.AddOptionalClaim(ClaimTypes.NameIdentifier, VkontakteHelper.GetId(user), Options.ClaimsIssuer) .AddOptionalClaim(ClaimTypes.Name, VkontakteHelper.GetName(user), Options.ClaimsIssuer) .AddOptionalClaim(ClaimTypes.GivenName, VkontakteHelper.GetFirstName(user), Options.ClaimsIssuer) .AddOptionalClaim(ClaimTypes.Surname, VkontakteHelper.GetLastName(user), Options.ClaimsIssuer) .AddOptionalClaim(ClaimTypes.Hash, VkontakteHelper.GetHash(user), Options.ClaimsIssuer) .AddOptionalClaim("urn:vkontakte:photo:link", VkontakteHelper.GetPhoto(user), Options.ClaimsIssuer) .AddOptionalClaim("urn:vkontakte:photo_thumb:link", VkontakteHelper.GetPhotoThumbnail(user), Options.ClaimsIssuer); context.RunClaimActions(); await Events.CreatingTicket(context); return(new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name)); }
protected override async Task <AuthenticationTicket> CreateTicketAsync([NotNull] ClaimsIdentity identity, [NotNull] AuthenticationProperties properties, [NotNull] OAuthTokenResponse tokens) { var request = new HttpRequestMessage(HttpMethod.Get, Options.UserInformationEndpoint); request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json")); request.Headers.Authorization = new AuthenticationHeaderValue("bearer", tokens.AccessToken); // When a custom user agent is specified in the options, add it to the request headers // to override the default (generic) user agent used by the OAuth2 base middleware. if (!string.IsNullOrEmpty(Options.UserAgent)) { request.Headers.UserAgent.ParseAdd(Options.UserAgent); } var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted); if (!response.IsSuccessStatusCode) { Logger.LogError("An error occurred while retrieving the user profile: the remote server " + "returned a {Status} response with the following payload: {Headers} {Body}.", /* Status: */ response.StatusCode, /* Headers: */ response.Headers.ToString(), /* Body: */ await response.Content.ReadAsStringAsync()); throw new HttpRequestException("An error occurred while retrieving the user profile."); } var payload = JObject.Parse(await response.Content.ReadAsStringAsync()); identity.AddOptionalClaim(ClaimTypes.NameIdentifier, RedditAuthenticationHelper.GetIdentifier(payload), Options.ClaimsIssuer) .AddOptionalClaim(ClaimTypes.Name, RedditAuthenticationHelper.GetName(payload), Options.ClaimsIssuer) .AddOptionalClaim("urn:reddit:over18", RedditAuthenticationHelper.GetOver18(payload), Options.ClaimsIssuer); var principal = new ClaimsPrincipal(identity); var ticket = new AuthenticationTicket(principal, properties, Options.AuthenticationScheme); var context = new OAuthCreatingTicketContext(ticket, Context, Options, Backchannel, tokens, payload); await Options.Events.CreatingTicket(context); return(context.Ticket); }
protected override async Task <AuthenticationTicket> CreateTicketAsync([NotNull] ClaimsIdentity identity, [NotNull] AuthenticationProperties properties, [NotNull] OAuthTokenResponse tokens) { var request = new HttpRequestMessage(HttpMethod.Get, Options.UserInformationEndpoint); request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json")); request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", tokens.AccessToken); var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted); if (!response.IsSuccessStatusCode) { Logger.LogError("An error occurred while retrieving the user profile: the remote server " + "returned a {Status} response with the following payload: {Headers} {Body}.", /* Status: */ response.StatusCode, /* Headers: */ response.Headers.ToString(), /* Body: */ await response.Content.ReadAsStringAsync()); throw new HttpRequestException("An error occurred while retrieving the user profile."); } var payload = JObject.Parse(await response.Content.ReadAsStringAsync()); identity.AddOptionalClaim(ClaimTypes.NameIdentifier, MailChimpAuthenticationHelper.GetIdentifier(payload), Options.ClaimsIssuer) .AddOptionalClaim(ClaimTypes.Name, MailChimpAuthenticationHelper.GetName(payload), Options.ClaimsIssuer) .AddOptionalClaim(ClaimTypes.Email, MailChimpAuthenticationHelper.GetEmail(payload), Options.ClaimsIssuer) .AddOptionalClaim(ClaimTypes.Role, MailChimpAuthenticationHelper.GetRole(payload), Options.ClaimsIssuer) .AddOptionalClaim("urn:mailchimp:dc", MailChimpAuthenticationHelper.GetDataCenter(payload), Options.ClaimsIssuer) .AddOptionalClaim("urn:mailchimp:account_name", MailChimpAuthenticationHelper.GetAccountName(payload), Options.ClaimsIssuer) .AddOptionalClaim("urn:mailchimp:login_id", MailChimpAuthenticationHelper.GetLoginId(payload), Options.ClaimsIssuer) .AddOptionalClaim("urn:mailchimp:login_email", MailChimpAuthenticationHelper.GetLoginEmail(payload), Options.ClaimsIssuer) .AddOptionalClaim("urn:mailchimp:login_url", MailChimpAuthenticationHelper.GetLoginUrl(payload), Options.ClaimsIssuer) .AddOptionalClaim("urn:mailchimp:api_endpoint", MailChimpAuthenticationHelper.GetApiEndPoint(payload), Options.ClaimsIssuer); var principal = new ClaimsPrincipal(identity); var ticket = new AuthenticationTicket(principal, properties, Options.AuthenticationScheme); var context = new OAuthCreatingTicketContext(ticket, Context, Options, Backchannel, tokens, payload); await Options.Events.CreatingTicket(context); return(context.Ticket); }
protected override async Task <AuthenticationTicket> CreateTicketAsync([NotNull] ClaimsIdentity identity, [NotNull] AuthenticationProperties properties, [NotNull] OAuthTokenResponse tokens) { var address = QueryHelpers.AddQueryString(Options.UserInformationEndpoint, "access_token", tokens.AccessToken); if (Options.UseSignedRequests) { // Compute the HMAC256 signature. var signature = ComputeSignature(address); // Add the signature to the query string. address = QueryHelpers.AddQueryString(address, "sig", signature); } var request = new HttpRequestMessage(HttpMethod.Get, address); request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json")); var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted); response.EnsureSuccessStatusCode(); var payload = JObject.Parse(await response.Content.ReadAsStringAsync()).Value <JObject>("data"); identity.AddOptionalClaim(ClaimTypes.NameIdentifier, InstagramAuthenticationHelper.GetIdentifier(payload), Options.ClaimsIssuer) .AddOptionalClaim(ClaimTypes.Name, InstagramAuthenticationHelper.GetFullName(payload), Options.ClaimsIssuer); var context = new OAuthCreatingTicketContext(Context, Options, Backchannel, tokens, payload) { Principal = new ClaimsPrincipal(identity), Properties = properties }; await Options.Events.CreatingTicket(context); if (context.Principal?.Identity == null) { return(null); } return(new AuthenticationTicket(context.Principal, context.Properties, context.Options.AuthenticationScheme)); }
protected override async Task <AuthenticationTicket> CreateTicketAsync([NotNull] ClaimsIdentity identity, [NotNull] AuthenticationProperties properties, [NotNull] OAuthTokenResponse tokens) { // See https://developer.foursquare.com/overview/versioning // for more information about the mandatory "v" and "m" parameters. var address = QueryHelpers.AddQueryString(Options.UserInformationEndpoint, new Dictionary <string, string> { ["m"] = "foursquare", ["v"] = Options.ApiVersion, ["oauth_token"] = tokens.AccessToken, }); var request = new HttpRequestMessage(HttpMethod.Get, address); var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted); response.EnsureSuccessStatusCode(); var payload = JObject.Parse(await response.Content.ReadAsStringAsync()); identity.AddOptionalClaim(ClaimTypes.NameIdentifier, FoursquareAuthenticationHelper.GetIdentifier(payload), Options.ClaimsIssuer) .AddOptionalClaim(ClaimTypes.Surname, FoursquareAuthenticationHelper.GetLastName(payload), Options.ClaimsIssuer) .AddOptionalClaim(ClaimTypes.GivenName, FoursquareAuthenticationHelper.GetFirstName(payload), Options.ClaimsIssuer) .AddOptionalClaim(ClaimTypes.Name, FoursquareAuthenticationHelper.GetUserName(payload), Options.ClaimsIssuer) .AddOptionalClaim(ClaimTypes.Gender, FoursquareAuthenticationHelper.GetGender(payload), Options.ClaimsIssuer) .AddOptionalClaim(ClaimTypes.Email, FoursquareAuthenticationHelper.GetContactEmail(payload), Options.ClaimsIssuer) .AddOptionalClaim(ClaimTypes.Uri, FoursquareAuthenticationHelper.GetCanonicalUrl(payload), Options.ClaimsIssuer); var context = new OAuthCreatingTicketContext(Context, Options, Backchannel, tokens, payload) { Principal = new ClaimsPrincipal(identity), Properties = properties }; await Options.Events.CreatingTicket(context); if (context.Principal?.Identity == null) { return(null); } return(new AuthenticationTicket(context.Principal, context.Properties, context.Options.AuthenticationScheme)); }
protected override async Task <AuthenticationTicket> CreateTicketAsync( ClaimsIdentity identity, Microsoft.AspNetCore.Authentication.AuthenticationProperties properties, OAuthTokenResponse tokens) { var request = new HttpRequestMessage(HttpMethod.Get, Options.UserInformationEndpoint); request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json")); request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", tokens.AccessToken); var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted); if (!response.IsSuccessStatusCode) { Logger.LogError("Произошла ошибка при получении профиля пользователя: удаленный сервер " + "вернул {Status} ответ со следующей информацией: {Headers} {Body}.", response.StatusCode, response.Headers.ToString(), await response.Content.ReadAsStringAsync()); throw new HttpRequestException("Произошла ошибка при получении профиля пользователя."); } var payload = JObject.Parse(await response.Content.ReadAsStringAsync()); identity.AddOptionalClaim(ClaimTypes.NameIdentifier, payload.Value <string>("id"), Options.ClaimsIssuer) .AddOptionalClaim(ClaimTypes.Name, payload.Value <string>("login"), Options.ClaimsIssuer) .AddOptionalClaim(ClaimTypes.Surname, payload.Value <string>("last_name"), Options.ClaimsIssuer) .AddOptionalClaim(ClaimTypes.GivenName, payload.Value <string>("first_name"), Options.ClaimsIssuer) .AddOptionalClaim(ClaimTypes.Email, payload.Value <JArray>("emails")?[0]?.Value <string>(), Options.ClaimsIssuer); var context = new OAuthCreatingTicketContext(new ClaimsPrincipal(identity), properties, Context, Scheme, Options, Backchannel, tokens, payload); context.RunClaimActions(); await Options.Events.CreatingTicket(context); return(new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name)); }
protected override async Task <AuthenticationTicket> CreateTicketAsync([NotNull] ClaimsIdentity identity, [NotNull] AuthenticationProperties properties, [NotNull] OAuthTokenResponse tokens) { // Note: unlike the other social providers, the userinfo endpoint is user-specific and can't be set globally. // For more information, see https://developer.salesforce.com/page/Digging_Deeper_into_OAuth_2.0_on_Force.com var request = new HttpRequestMessage(HttpMethod.Get, tokens.Response.Value <string>("id")); request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", tokens.AccessToken); request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json")); var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted); if (!response.IsSuccessStatusCode) { Logger.LogError("An error occurred when retrieving the user profile: the remote server " + "returned a {Status} response with the following payload: {Headers} {Body}.", /* Status: */ response.StatusCode, /* Headers: */ response.Headers.ToString(), /* Body: */ await response.Content.ReadAsStringAsync()); throw new HttpRequestException("An error occurred when retrieving the user from the Salesforce identity service."); } var payload = JObject.Parse(await response.Content.ReadAsStringAsync()); identity.AddOptionalClaim(ClaimTypes.NameIdentifier, SalesforceAuthenticationHelper.GetUserIdentifier(payload), Options.ClaimsIssuer) .AddOptionalClaim(ClaimTypes.Name, SalesforceAuthenticationHelper.GetUserName(payload), Options.ClaimsIssuer) .AddOptionalClaim("urn:salesforce:email", SalesforceAuthenticationHelper.GetEmail(payload), Options.ClaimsIssuer) .AddOptionalClaim("urn:salesforce:thumbnail_photo", SalesforceAuthenticationHelper.GetThumbnailPhoto(payload), Options.ClaimsIssuer) .AddOptionalClaim("urn:salesforce:utc_offset", SalesforceAuthenticationHelper.GetUtcOffset(payload).ToString(), Options.ClaimsIssuer) .AddOptionalClaim("urn:salesforce:rest_url", SalesforceAuthenticationHelper.GetRestUrl(payload), Options.ClaimsIssuer); var principal = new ClaimsPrincipal(identity); var ticket = new AuthenticationTicket(principal, properties, Options.AuthenticationScheme); var context = new OAuthCreatingTicketContext(ticket, Context, Options, Backchannel, tokens, payload); await Options.Events.CreatingTicket(context); return(context.Ticket); }
protected override async Task <AuthenticationTicket> CreateTicketAsync([NotNull] ClaimsIdentity identity, [NotNull] AuthenticationProperties properties, [NotNull] OAuthTokenResponse tokens) { var request = new HttpRequestMessage(HttpMethod.Get, Options.UserInformationEndpoint); request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json")); request.Headers.Authorization = new AuthenticationHeaderValue(tokens.TokenType, tokens.AccessToken); var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted); if (!response.IsSuccessStatusCode) { Logger.LogError("An error occurred while retrieving the user profile: the remote server " + "returned a {Status} response with the following payload: {Headers} {Body}.", /* Status: */ response.StatusCode, /* Headers: */ response.Headers.ToString(), /* Body: */ await response.Content.ReadAsStringAsync()); throw new HttpRequestException("An error occurred while retrieving the user profile."); } var payload = JArray.Parse(await response.Content.ReadAsStringAsync()); var user = (JObject)payload[0]; identity.AddOptionalClaim(ClaimTypes.NameIdentifier, GitterAuthenticationHelper.GetIdentifier(user), Options.ClaimsIssuer) .AddOptionalClaim(ClaimTypes.Name, GitterAuthenticationHelper.GetUsername(user), Options.ClaimsIssuer) .AddOptionalClaim(ClaimTypes.Webpage, GitterAuthenticationHelper.GetLink(user), Options.ClaimsIssuer) .AddOptionalClaim("urn:gitter:displayname", GitterAuthenticationHelper.GetDisplayName(user), Options.ClaimsIssuer) .AddOptionalClaim("urn:gitter:avatarurlsmall", GitterAuthenticationHelper.GetAvatarUrlSmall(user), Options.ClaimsIssuer) .AddOptionalClaim("urn:gitter:avatarurlmedium", GitterAuthenticationHelper.GetAvatarUrlMedium(user), Options.ClaimsIssuer); var principal = new ClaimsPrincipal(identity); var ticket = new AuthenticationTicket(principal, properties, Options.AuthenticationScheme); var context = new OAuthCreatingTicketContext(ticket, Context, Options, Backchannel, tokens, user); await Options.Events.CreatingTicket(context); return(context.Ticket); }
protected override async Task <AuthenticationTicket> CreateTicketAsync([NotNull] ClaimsIdentity identity, [NotNull] AuthenticationProperties properties, [NotNull] OAuthTokenResponse tokens) { var request = new HttpRequestMessage(HttpMethod.Get, Options.UserInformationEndpoint); request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", tokens.AccessToken); var response = await Backchannel.SendAsync(request, Context.RequestAborted); if (!response.IsSuccessStatusCode) { Logger.LogError("An error occurred while retrieving the user profile: the remote server " + "returned a {Status} response with the following payload: {Headers} {Body}.", /* Status: */ response.StatusCode, /* Headers: */ response.Headers.ToString(), /* Body: */ await response.Content.ReadAsStringAsync()); throw new HttpRequestException("An error occurred while retrieving the user profile."); } var payload = JObject.Parse(await response.Content.ReadAsStringAsync()); identity.AddOptionalClaim(ClaimTypes.NameIdentifier, YammerAuthenticationHelper.GetId(payload), Options.ClaimsIssuer) .AddOptionalClaim(ClaimTypes.GivenName, YammerAuthenticationHelper.GetFirstName(payload), Options.ClaimsIssuer) .AddOptionalClaim(ClaimTypes.Surname, YammerAuthenticationHelper.GetLastName(payload), Options.ClaimsIssuer) .AddOptionalClaim(ClaimTypes.Name, YammerAuthenticationHelper.GetName(payload), Options.ClaimsIssuer) .AddOptionalClaim(ClaimTypes.Email, YammerAuthenticationHelper.GetEmail(payload), Options.ClaimsIssuer) .AddOptionalClaim("urn:yammer:link", YammerAuthenticationHelper.GetLink(payload), Options.ClaimsIssuer) .AddOptionalClaim("urn:yammer:job_title", YammerAuthenticationHelper.GetJobTitle(payload), Options.ClaimsIssuer); var principal = new ClaimsPrincipal(identity); var ticket = new AuthenticationTicket(principal, properties, Options.AuthenticationScheme); var context = new OAuthCreatingTicketContext(ticket, Context, Options, Backchannel, tokens, payload); await Options.Events.CreatingTicket(context); return(context.Ticket); }
protected override async Task <AuthenticationTicket> CreateTicketAsync([NotNull] ClaimsIdentity identity, [NotNull] AuthenticationProperties properties, [NotNull] OAuthTokenResponse tokens) { var address = QueryHelpers.AddQueryString(Options.UserInformationEndpoint, "oauth_token", tokens.AccessToken); var request = new HttpRequestMessage(HttpMethod.Get, address); request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json")); var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted); response.EnsureSuccessStatusCode(); var payload = JObject.Parse(await response.Content.ReadAsStringAsync()); identity.AddOptionalClaim(ClaimTypes.NameIdentifier, SoundCloudAuthenticationHelper.GetIdentifier(payload), Options.ClaimsIssuer) .AddOptionalClaim(ClaimTypes.Name, SoundCloudAuthenticationHelper.GetUserName(payload), Options.ClaimsIssuer) .AddOptionalClaim(ClaimTypes.Country, SoundCloudAuthenticationHelper.GetCountry(payload), Options.ClaimsIssuer) .AddOptionalClaim("urn:soundcloud:fullname", SoundCloudAuthenticationHelper.GetFullName(payload), Options.ClaimsIssuer) .AddOptionalClaim("urn:soundcloud:city", SoundCloudAuthenticationHelper.GetCity(payload), Options.ClaimsIssuer) .AddOptionalClaim("urn:soundcloud:profileurl", SoundCloudAuthenticationHelper.GetProfileUrl(payload), Options.ClaimsIssuer); var context = new OAuthCreatingTicketContext(Context, Options, Backchannel, tokens, payload) { Principal = new ClaimsPrincipal(identity), Properties = properties }; await Options.Events.CreatingTicket(context); if (context.Principal?.Identity == null) { return(null); } return(new AuthenticationTicket(context.Principal, context.Properties, context.Options.AuthenticationScheme)); }
protected override async Task <AuthenticationTicket> CreateTicketAsync([NotNull] ClaimsIdentity identity, [NotNull] AuthenticationProperties properties, [NotNull] OAuthTokenResponse tokens) { var request = new HttpRequestMessage(HttpMethod.Get, Options.UserInformationEndpoint); request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json")); request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", tokens.AccessToken); var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted); response.EnsureSuccessStatusCode(); var payload = JObject.Parse(await response.Content.ReadAsStringAsync()); identity.AddOptionalClaim(ClaimTypes.NameIdentifier, WordPressAuthenticationHelper.GetIdentifier(payload), Options.ClaimsIssuer) .AddOptionalClaim(ClaimTypes.Name, WordPressAuthenticationHelper.GetUsername(payload), Options.ClaimsIssuer) .AddOptionalClaim("urn:wordpress:email", WordPressAuthenticationHelper.GetEmail(payload), Options.ClaimsIssuer) .AddOptionalClaim("urn:wordpress:displayname", WordPressAuthenticationHelper.GetDisplayName(payload), Options.ClaimsIssuer) .AddOptionalClaim("urn:wordpress:profileurl", WordPressAuthenticationHelper.GetProfileUrl(payload), Options.ClaimsIssuer) .AddOptionalClaim("urn:wordpress:avatarurl", WordPressAuthenticationHelper.GetAvatarUrl(payload), Options.ClaimsIssuer) .AddOptionalClaim("urn:wordpress:primaryblog", WordPressAuthenticationHelper.GetPrimaryBlog(payload), Options.ClaimsIssuer); var context = new OAuthCreatingTicketContext(Context, Options, Backchannel, tokens, payload) { Principal = new ClaimsPrincipal(identity), Properties = properties }; await Options.Events.CreatingTicket(context); if (context.Principal?.Identity == null) { return(null); } return(new AuthenticationTicket(context.Principal, context.Properties, Options.AuthenticationScheme)); }
/// <inheritdoc /> protected override async Task <AuthenticationTicket> CreateTicketAsync( [NotNull] ClaimsIdentity identity, [NotNull] AuthenticationProperties properties, [NotNull] OAuthTokenResponse tokens) { var endpoint = Options.UserInformationEndpoint; if (Options.Fields.Count > 0) { endpoint = QueryHelpers.AddQueryString(endpoint, "fields", string.Join(",", Options.Fields)); } var request = new HttpRequestMessage(HttpMethod.Get, endpoint); request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json")); request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", tokens.AccessToken); var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted); response.EnsureSuccessStatusCode(); var payload = JObject.Parse(await response.Content.ReadAsStringAsync()); identity.AddOptionalClaim(ClaimTypes.NameIdentifier, AmazonAuthenticationHelper.GetIdentifier(payload), Options.ClaimsIssuer) .AddOptionalClaim(ClaimTypes.Email, AmazonAuthenticationHelper.GetEmail(payload), Options.ClaimsIssuer) .AddOptionalClaim(ClaimTypes.Name, AmazonAuthenticationHelper.GetName(payload), Options.ClaimsIssuer) .AddOptionalClaim(ClaimTypes.PostalCode, AmazonAuthenticationHelper.GetPostalCode(payload), Options.ClaimsIssuer); var principal = new ClaimsPrincipal(identity); var ticket = new AuthenticationTicket(principal, properties, Options.AuthenticationScheme); var context = new OAuthCreatingTicketContext(ticket, Context, Options, Backchannel, tokens, payload); await Options.Events.CreatingTicket(context); return(context.Ticket); }