/// <summary>
/// Authenticates a user against the IdSrv
/// </summary>
/// <param name="email"></param>
/// <param name="password"></param>
/// <returns></returns>
private static async Task <TokenResponse> AuthenticateUserAsync(string email, string password)
{
var idSrvTokenClientOpts = IdSrvTokenClientOpts.InitDefault();
//netcoreapp2.2
//var tokenClient = new TokenClient(
// $"{idSrvTokenClientOpts.Authority}/connect/token",
// idSrvTokenClientOpts.ClientId,
// idSrvTokenClientOpts.ClientSecret
//);
//try
//{
// return
// await
// tokenClient.RequestResourceOwnerPasswordAsync(email, password,
// idSrvTokenClientOpts.RequiredScopes);
//}
//catch (Exception ex)
//{
// return null;
//}
//netcore 3.0
try
{
var client = new HttpClient();
return(await client.RequestPasswordTokenAsync(new PasswordTokenRequest
{
Address = $"{idSrvTokenClientOpts.Authority}/connect/token",
ClientId = idSrvTokenClientOpts.ClientId,
ClientSecret = idSrvTokenClientOpts.ClientSecret,
Scope = idSrvTokenClientOpts.RequiredScopes,
UserName = email,
Password = password
}));
}
catch (Exception ex)
{
return(null);
}
}
/// <summary>
/// Refreshes auth tokens - auth token + refresh token
/// </summary>
/// <param name="refreshToken"></param>
/// <returns></returns>
private static async Task <TokenResponse> RequestRefreshTokenAsync(string refreshToken)
{
var idSrvTokenClientOpts = IdSrvTokenClientOpts.InitDefault();
//netcoreapp2.2
//var tokenClient = new TokenClient(
// $"{idSrvTokenClientOpts.Authority}/connect/token",
// idSrvTokenClientOpts.ClientId,
// idSrvTokenClientOpts.ClientSecret
//);
//try
//{
// return await tokenClient.RequestRefreshTokenAsync(refreshToken);
//}
//catch
//{
// return null;
//}
try
{
var client = new HttpClient();
return(await client.RequestRefreshTokenAsync(new RefreshTokenRequest
{
Address = $"{idSrvTokenClientOpts.Authority}/connect/token",
ClientId = idSrvTokenClientOpts.ClientId,
ClientSecret = idSrvTokenClientOpts.ClientSecret,
RefreshToken = refreshToken
}));
}
catch
{
return(null);
}
}
/// <summary>
/// Extracts IdSrvTokenClientOpts from app settings via using the specified key; vakue of this key should be a json serialised IdSrvTokenClientOpts object
/// </summary>
/// <param name="cfgKey"></param>
/// <param name="silent">Whether or not the constructor should throw if unable to deserialise opts object</param>
public IdSrvTokenClientOpts(string cfgKey, bool silent = true)
{
IdSrvTokenClientOpts idSrvTokenClientOpts = null;
try
{
idSrvTokenClientOpts =
JsonConvert.DeserializeObject <IdSrvTokenClientOpts>(ConfigurationManager.AppSettings[cfgKey]);
}
catch (Exception ex)
{
if (!silent)
{
throw;
}
}
Authority = idSrvTokenClientOpts?.Authority;
ClientId = idSrvTokenClientOpts?.ClientId;
ClientSecret = idSrvTokenClientOpts?.ClientSecret;
RequiredScopes = idSrvTokenClientOpts?.RequiredScopes;
}
/// <summary>
/// Authenticates a user against the IdSrv
/// </summary>
/// <param name="email"></param>
/// <param name="password"></param>
/// <returns></returns>
private static async Task <TokenResponse> AuthenticateUserAsync(string email, string password)
{
var idSrvTokenClientOpts = IdSrvTokenClientOpts.InitDefault();
var tokenClient = new TokenClient(
$"{idSrvTokenClientOpts.Authority}/connect/token",
idSrvTokenClientOpts.ClientId,
idSrvTokenClientOpts.ClientSecret
);
try
{
return
(await
tokenClient.RequestResourceOwnerPasswordAsync(email, password,
idSrvTokenClientOpts.RequiredScopes));
}
catch (Exception ex)
{
return(null);
}
}
public static async Task <AuthOutput> ValidateTokenAsync(string accessToken)
{
var idSrvTokenClientOpts = IdSrvTokenClientOpts.InitDefault();
//GET /connect/accesstokenvalidation?token=<token>
var client = new RestClient($"{idSrvTokenClientOpts.Authority}/connect");
var request = new RestRequest("accesstokenvalidation", Method.GET);
request.AddQueryParameter("token", accessToken);
var response = await client.ExecuteTaskAsync <Dictionary <string, string> >(request);
return(new AuthOutput
{
Success = response.StatusCode == HttpStatusCode.OK,
AccessToken = accessToken,
//Note: accesstokenvalidation returns expiration in seconds since epoch.
//Code below should give time in UTC
AccessTOkenExpirationTimeUtc = new DateTime(1970, 01, 01, 0, 0, 0, DateTimeKind.Utc).AddSeconds(response.Data.ContainsKey("exp") ? long.Parse(response.Data["exp"]) : 0)
});
}
