/// <summary> /// Get user information from the OP after user authentication /// </summary> /// <param name="url">The url to be used to retrieve user information</param> /// <param name="userInfoRequestMessage">The user info request message</param> /// <param name="accessToken">The access token obtain during authentication</param> /// <returns>The response message containing user information</returns> public OIDCUserInfoResponseMessage GetUserInfo(string url, OIDCUserInfoRequestMessage userInfoRequestMessage, string accessToken, string idTokenSub = null, bool bearer = true, string ClientSecret = null, List <OIDCKey> RPKeys = null) { WebRequest request; if (bearer) { request = WebRequest.Create(url); request.Headers.Add("Authorization", "Bearer " + accessToken); } else { request = WebRequest.Create(url + "?access_token=" + accessToken); } string returnedString = WebOperations.PostUrlContent(request, userInfoRequestMessage); string jsonToken = userInfoRequestMessage.CheckSignatureAndDecryptJWT(returnedString, null, ClientSecret, RPKeys); Dictionary <string, object> returnedJson = Deserializer.DeserializeFromJson <Dictionary <string, object> >(jsonToken); if (returnedJson.Keys.Contains("error")) { OIDCResponseError error = new OIDCResponseError(); error.DeserializeFromDictionary(returnedJson); throw new OIDCException("Error while asking for user info: " + error.Error + "\n" + error.ErrorDescription); } OIDCUserInfoResponseMessage userInfoResponse = new OIDCUserInfoResponseMessage(); userInfoResponse.DeserializeFromDictionary(returnedJson); if (idTokenSub != null && userInfoResponse.Sub != idTokenSub) { throw new OIDCException("Wrong sub in UserInfo, it does not match idToken's."); } return(userInfoResponse); }
/// <summary> /// Method that submits a tokn request to the OP. /// </summary> /// <param name="url">The URL to be used where to send the request</param> /// <param name="tokenRequestMessage">The token request message</param> /// <param name="clientInformation">The client information obtained from the OP</param> /// <returns>Returns the token response obtained from the OP</returns> public OIDCTokenResponseMessage SubmitTokenRequest(string url, OIDCTokenRequestMessage tokenRequestMessage, OIDCClientInformation clientInformation, byte[] privateKey = null) { WebRequest request = WebRequest.Create(url); OIDCAuthenticatedMessage message = tokenRequestMessage as OIDCAuthenticatedMessage; string grantType = clientInformation.TokenEndpointAuthMethod; AddClientAuthenticatedToRequest(ref request, ref message, grantType, clientInformation, privateKey); string returnedString = WebOperations.PostUrlContent(request, message); Dictionary <string, object> returnedJson = Deserializer.DeserializeFromJson <Dictionary <string, object> >(returnedString); if (returnedJson.Keys.Contains("error")) { OIDCResponseError error = new OIDCResponseError(); error.DeserializeFromDictionary(returnedJson); throw new OIDCException("Error while registering client: " + error.Error + "\n" + error.ErrorDescription); } OIDCTokenResponseMessage tokenResponse = new OIDCTokenResponseMessage(); tokenResponse.DeserializeFromDictionary(returnedJson); return(tokenResponse); }