private ClaimsPrincipal GetPrincipal(OIDCUserInfoResponseMessage userInfoResponse, IOptions options, HttpSessionState session) { OpenIDProviderData providerData = options.OpenIDProviders[session["op"] as string]; string issuer = providerData.ProviderMatadata.Issuer; List <Claim> c = new List <Claim>(); if (userInfoResponse.Name != null) { c.Add(new Claim(ClaimTypes.Name, userInfoResponse.Name, ClaimValueTypes.String, issuer)); } if (userInfoResponse.FamilyName != null) { c.Add(new Claim(ClaimTypes.Surname, userInfoResponse.FamilyName, ClaimValueTypes.String, issuer)); } if (userInfoResponse.GivenName != null) { c.Add(new Claim(ClaimTypes.GivenName, userInfoResponse.GivenName, ClaimValueTypes.String, issuer)); } if (userInfoResponse.Email != null) { c.Add(new Claim(ClaimTypes.Email, userInfoResponse.Email, ClaimValueTypes.String, issuer)); } if (userInfoResponse.Gender != null) { c.Add(new Claim(ClaimTypes.Gender, userInfoResponse.Gender, ClaimValueTypes.String, issuer)); } c.Add(new Claim(ClaimTypes.Role, "User")); ClaimsIdentity ci = new ClaimsIdentity(c, "OpenIDAuthentication", ClaimTypes.Name, ClaimTypes.Role); ClaimsPrincipal principal = new ClaimsPrincipal(ci); return(options.RPOptions.SystemIdentityModelIdentityConfiguration.ClaimsAuthenticationManager.Authenticate(null, principal)); }
private OIDCTokenResponseMessage GetToken(OIDCAuthCodeResponseMessage authResponse, IOptions options, HttpSessionState session, string redirectUri) { OpenIDProviderData providerData = options.OpenIDProviders[session["op"] as string]; OIDCTokenRequestMessage tokenRequestMessage = new OIDCTokenRequestMessage(); tokenRequestMessage.Scope = authResponse.Scope; tokenRequestMessage.State = authResponse.State; tokenRequestMessage.Code = authResponse.Code; tokenRequestMessage.ClientId = providerData.ClientInformation.ClientId; tokenRequestMessage.ClientSecret = providerData.ClientInformation.ClientSecret; tokenRequestMessage.RedirectUri = redirectUri; tokenRequestMessage.GrantType = "authorization_code"; OIDCTokenResponseMessage response = rp.SubmitTokenRequest(providerData.ProviderMatadata.TokenEndpoint, tokenRequestMessage, providerData.ClientInformation); OIDCIdToken idToken = response.GetIdToken(providerData.ProviderMatadata.Keys, tokenRequestMessage.ClientSecret); rp.ValidateIdToken(idToken, providerData.ClientInformation, providerData.ProviderMatadata.Issuer, null); return(response); }
private OIDCAuthorizationRequestMessage generateRequestMessage(OpenIDProviderData providerData, OpenIDUrls urls) { OIDCAuthorizationRequestMessage requestMessage = new OIDCAuthorizationRequestMessage(); requestMessage.ClientId = providerData.ClientInformation.ClientId; requestMessage.Scope = new List <MessageScope>() { MessageScope.Openid, MessageScope.Profile }; requestMessage.ResponseType = new List <ResponseType>() { ResponseType.Code }; requestMessage.RedirectUri = urls.CodeCallbackCommand.ToString(); requestMessage.State = WebOperations.RandomString(); requestMessage.Nonce = WebOperations.RandomString(); requestMessage.Validate(); return(requestMessage); }
private OIDCAuthorizationRequestMessage generateRequestObject(OpenIDProviderData providerData, OpenIDUrls urls, string state, string nonce) { OIDCAuthorizationRequestMessage requestObject = new OIDCAuthorizationRequestMessage(); requestObject.Iss = providerData.ClientInformation.ClientId; requestObject.Aud = providerData.ProviderMatadata.Issuer; requestObject.ClientId = providerData.ClientInformation.ClientId; requestObject.Scope = new List <MessageScope>() { MessageScope.Openid, MessageScope.Profile }; requestObject.ResponseType = new List <ResponseType>() { ResponseType.Code }; requestObject.RedirectUri = urls.CodeCallbackCommand.ToString(); requestObject.State = state; requestObject.Nonce = nonce; requestObject.Validate(); return(requestObject); }
private OIDCUserInfoResponseMessage GetUserInfo(OIDCAuthCodeResponseMessage authResponse, IOptions options, HttpSessionState session, string accessToken) { OpenIDProviderData providerData = options.OpenIDProviders[session["op"] as string]; OpenIdRelyingParty rp = new OpenIdRelyingParty(); OIDClaims requestClaims = new OIDClaims(); requestClaims.IdToken = new Dictionary <string, OIDClaimData>(); requestClaims.IdToken.Add("name", new OIDClaimData()); requestClaims.IdToken.Add("family_name", new OIDClaimData()); requestClaims.IdToken.Add("given_name", new OIDClaimData()); requestClaims.IdToken.Add("email", new OIDClaimData()); requestClaims.IdToken.Add("gender", new OIDClaimData()); OIDCUserInfoRequestMessage userInfoRequestMessage = new OIDCUserInfoRequestMessage(); userInfoRequestMessage.Scope = authResponse.Scope; userInfoRequestMessage.State = authResponse.State; userInfoRequestMessage.Claims = requestClaims; var urlInfoUrl = providerData.ProviderMatadata.UserinfoEndpoint; return(rp.GetUserInfo(urlInfoUrl, userInfoRequestMessage, accessToken)); }