public ActionResult UserInfo() { var auth = System.Web.HttpContext.Current.Application["Authorization"] as AuthorizationState; OAuth2Graph graph = client.GetUserInfo(auth.AccessToken); return(View(graph)); }
// [Authorize] public ActionResult AlhambraCallback() { //System.Web.HttpContext.Current.Application["Authorization"] = (AuthorizationState) client.ProcessUserAuthorization(this.Request); AuthorizationState auth = (AuthorizationState)client.ProcessUserAuthorization(this.Request); System.Web.HttpContext.Current.Application["Authorization"] = auth; // CurrentAuthorizationState = auth; //string code = Request.QueryString["code"]; //System.Web.HttpContext.Current.Application.Add("Code",Request.QueryString["code"]); //string accessToken = Request.QueryString["access_token"]; //authorizationState = client.ProcessUserAuthorization(this.Request); var httpClient = new HttpClient(); httpClient.DefaultRequestHeaders.Authorization = new System.Net.Http.Headers.AuthenticationHeaderValue("Bearer", auth.AccessToken); // var tokenInfoUrl = CLIENT_ADDRESS + "/OAuth2/TokenInfo"; //in the form of an actionresult instead of a function //because the httpclient provides the authorization header //by the time it performs the request // string tokenInfo = httpClient.GetAsync(tokenInfoUrl).Result.Content.ReadAsStringAsync().Result; // System.Web.HttpContext.Current.Application["Token"]= tokenInfo; //var tv = new AlhambraTokenValidator(); //tv.ValidateToken(tokenInfo, "NATURE"); // string userInfoUrl = CLIENT_ADDRESS + "/UserInfo"; // OAuth2Graph userInfo = httpClient.GetAsync(userInfoUrl).Result.Content.ReadAsAsync<OAuth2Graph>().Result; // string userInfo = httpClient.GetAsync(userInfoUrl).Result.Content.ReadAsStringAsync().Result; OAuth2Graph userinfo = client.GetUserInfo(auth.AccessToken); //string result = JsonConvert.SerializeObject(userinfo); //return Content(result); string valuesOfForm = null; foreach (string s in Request.Form.AllKeys) { valuesOfForm = valuesOfForm + ", " + s + ":" + Request.Form[s]; } return(Content("Access Token: " + auth.AccessToken + "<br/>Refresh Token: " + auth.RefreshToken + "<br/>Expires In: " + auth.AccessTokenExpirationUtc + "<br/>Issued At: " + auth.AccessTokenIssueDateUtc + "<br/>Values: " + valuesOfForm + "<br/> Content Type: " + Request.ContentType + "<br/>Input Stream: " + Request.InputStream.ToString())); }
public ActionResult UserInfo() { OAuth2Graph graph = new OAuth2Graph() { Id = "ALH0001", FirstName = "John", LastName = "Smith", FullName = "John M. Smith", Profile = "Profile of john smith", Email = "*****@*****.**" }; //string issuer = SERVER_ADDRESS; //string audience = "NATURE"; //By decision, the signature will not be included //byte[] signature = AlhambraJwtTokenManager.GenerateSymmetricKeyForHmacSha256(); //string subject = "ALH0001"; //DateTime issuedAt = DateTime.UtcNow; //DateTime expires = DateTime.UtcNow.AddMinutes(2); //JWTSecurityToken jwt = AlhambraJwtTokenManager.GenerateJwtToken(issuer, subject, audience, expires); //string jwtReadyToBeSent = AlhambraJwtTokenManager.EncodeJWT(jwt); //string jwtDecoded = AlhambraJwtTokenManager.DecodeJWT(jwt); // bool isJwtValid = AlhambraJwtTokenManager.IsTokenValid(jwt, audience, issuer); // return Content(jwtDecoded.ToString() + "<br/><br/>" + jwtReadyToBeSent ); //DataContractJsonSerializer serializer = new DataContractJsonSerializer(typeof(OAuth2Graph)); //MemoryStream stream1 = new MemoryStream(); string result = JsonConvert.SerializeObject(graph); //serializer.WriteObject(stream1, graph); return(Content(result, "application/json")); }
public ActionResult UserInfo() { var authorizationRequest = Session["AuthorizationRequest"] as OpenIdConnectAuthorizationRequest; AlhambraOAuth2Authorization authorization = null; RegisteredUser registeredUser = null; if (HttpContext.Request.Headers["Authorization"].StartsWith("Bearer ", StringComparison.InvariantCultureIgnoreCase)) { string accessToken = ASCIIEncoding.ASCII.GetString(Convert.FromBase64String(HttpContext.Request.Headers["Authorization"].Substring(7))); if (String.IsNullOrEmpty(accessToken)) { throw new HttpException((int)HttpStatusCode.Unauthorized, "The credentials are invalid"); } if (!(MvcApplication.registeredAuthorizations.Exists(x => x.AccessToken == accessToken))) { throw new HttpException((int)HttpStatusCode.Unauthorized, "The access token is invalid"); } else { authorization = MvcApplication.registeredAuthorizations.FirstOrDefault(x => x.AccessToken == accessToken); registeredUser = MvcApplication.registeredUsers.FirstOrDefault(x => x.Email == authorization.UserId); } } else { throw new HttpException((int)HttpStatusCode.Unauthorized, "The authorization request only supports Bearer Token Usage"); } OAuth2Graph graph = new OAuth2Graph() { Id = registeredUser.Id }; //use the scopes if (authorizationRequest.scope.Contains(OpenIdConnectScopes.OpenId)) { foreach (string scope in authorizationRequest.scope.Split(' ')) { switch (scope) { case OpenIdConnectScopes.Profile: graph.FirstName = registeredUser.FirstName; graph.LastName = registeredUser.LastName; graph.FullName = registeredUser.FullName; graph.Profile = registeredUser.Profile; graph.Email = registeredUser.Email; break; case OpenIdConnectScopes.Email: graph.Email = registeredUser.Email; break; case OpenIdConnectScopes.FirstName: graph.FirstName = registeredUser.FirstName; break; case OpenIdConnectScopes.LastName: graph.FirstName = registeredUser.LastName; break; } } } else { throw new HttpException((int)HttpStatusCode.BadRequest, "The request is not valid"); } string result = JsonConvert.SerializeObject(graph); return(Content(result, "application/json")); }