示例#1
0
        public void testGetAuthUrl()
        {
            Dictionary <String, String> configurationMap = new Dictionary <string, string>();
            string clientId     = "AQkquBDf1zctJOWGKWUEtKXm6qVhueUEMvXO_-MCI4DQQ4-LWvkDLIN2fGsd";
            string clientSecret = "EL1tVxAjhT7cJimnz5-Nsx9k2reTKSVfErNQF-CmrwJgxRtylkGTKlU4RvrX";

            configurationMap.Add("mode", "sandbox");

            APIContext apiContext = new APIContext();

            apiContext.Config = configurationMap;
            List <string> scopelist = new List <string>();

            scopelist.Add("openid");
            scopelist.Add("email");
            string redirectURI = "https://devtools-paypal.com";
            string redirectURL = Session.GetRedirectURL(clientId, redirectURI, scopelist, apiContext);

            Console.WriteLine(redirectURL);
            CreateFromAuthorizationCodeParameters param = new CreateFromAuthorizationCodeParameters();

            param.setClientId(clientId);
            param.setClientSecret(clientSecret);
            // code you will get back as part of the url after redirection
            param.setCode("VxirnJHENB8k5slnoqZOdmjQcCMJRvbI-ispixwWHke-gsOh6XJaWQNJuTCTp3n3o6ttQs3VoNX1De3HOVpmH2PLN53PPedZcTujzLqYrlTS-CqKHYb5wb0NT2joumArOdEy51D4HgoCa46dxuPMm79nX40RQXRP8J0OQsgrEbhf_Kna");
            Tokeninfo          info           = Tokeninfo.CreateFromAuthorizationCode(apiContext, param);
            UserinfoParameters userinfoParams = new UserinfoParameters();

            userinfoParams.setAccessToken(info.access_token);
            Userinfo userinfo = Userinfo.GetUserinfo(apiContext, userinfoParams);

            Console.WriteLine("Email" + userinfo.email);
        }
示例#2
0
        /// <summary>
        /// Token request object initilization to retreive user information
        /// </summary>
        /// <param name="accessToken"></param>
        /// <returns></returns>
        public object GetTokenInfo(string accessToken)
        {
            Oauth2Service.TokeninfoRequest  tokeninfoRequest = new Oauth2Service().Tokeninfo();
            Google.Apis.Discovery.Parameter accessType       = new Google.Apis.Discovery.Parameter {
                DefaultValue = GoogleReqestParameters.offline.ToString(), Name = GoogleReqestParameters.access_type.ToString()
            };
            tokeninfoRequest.RequestParameters.Add("AccessType", accessType);
            tokeninfoRequest.AccessToken = accessToken;
            Tokeninfo tokeninfo = tokeninfoRequest.Execute();

            return(tokeninfo);
        }
        public void ShouldHaveAllPermissions()
        {
            Tokeninfo tokeninfo = GW2Api.V2().TokenInfo.Get(TestData.FullAccessAccountToken);

            Assert.IsTrue(tokeninfo.Permission.Account);
            Assert.IsTrue(tokeninfo.Permission.Builds);
            Assert.IsTrue(tokeninfo.Permission.Characters);
            Assert.IsTrue(tokeninfo.Permission.Inventories);
            Assert.IsTrue(tokeninfo.Permission.Pvp);
            Assert.IsTrue(tokeninfo.Permission.Tradingpost);
            Assert.IsTrue(tokeninfo.Permission.Unlocks);
            Assert.IsTrue(tokeninfo.Permission.Wallet);
        }
示例#4
0
        public void TestCreateFromRefreshTokenDynamic()
        {
            Dictionary <string, string> configurationMap = new Dictionary <string, string>();

            configurationMap.Add("clientId", "");
            configurationMap.Add("clientSecret", "");
            configurationMap.Add("mode", "live");
            APIContext apiContext = new APIContext();

            apiContext.Config = configurationMap;

            CreateFromRefreshTokenParameters param = new CreateFromRefreshTokenParameters();

            info = info.CreateFromRefreshToken(apiContext, param);
            Assert.AreEqual(info.access_token != null, true);
        }
        protected string GetAccessToken(Guid accountId)
        {
            var encodedRefreshToken = _accountDao.GetPayPalEncryptedRefreshToken(accountId);

            if (!encodedRefreshToken.HasValue())
            {
                throw new ArgumentNullException(string.Format("Refresh token not found for account: {0}", accountId));
            }

            var tokenInfo = new Tokeninfo {
                refresh_token = CryptoService.Decrypt(encodedRefreshToken)
            };
            var tokenResult = tokenInfo.CreateFromRefreshToken(GetAPIContext(), new CreateFromRefreshTokenParameters());

            return(string.Format("{0} {1}", tokenResult.token_type, tokenResult.access_token));
        }
示例#6
0
        public void TestCreateFromAuthorizationCodeDynamic()
        {
            Dictionary <string, string> configurationMap = new Dictionary <string, string>();

            configurationMap.Add("clientId", "");
            configurationMap.Add("clientSecret", "");
            configurationMap.Add("mode", "live");
            APIContext apiContext = new APIContext();

            apiContext.Config = configurationMap;
            CreateFromAuthorizationCodeParameters param = new CreateFromAuthorizationCodeParameters();

            // code you will get back as part of the url after redirection
            param.SetCode("xxxx");
            info = Tokeninfo.CreateFromAuthorizationCode(apiContext, param);
            Assert.AreEqual(true, info.access_token != null);
        }
        public BasePaymentResponse LinkAccount(Guid accountId, string authCode)
        {
            try
            {
                var account = _accountDao.FindById(accountId);
                if (account == null)
                {
                    throw new Exception("Account not found.");
                }

                var authorizationCodeParameters = new CreateFromAuthorizationCodeParameters();
                authorizationCodeParameters.setClientId(GetClientId());
                authorizationCodeParameters.setClientSecret(GetSecret());
                authorizationCodeParameters.SetCode(authCode);

                // Get refresh and access tokens
                var tokenInfo = Tokeninfo.CreateFromAuthorizationCodeForFuturePayments(GetAPIContext(), authorizationCodeParameters);

                // Store access token securely
                _commandBus.Send(new LinkPayPalAccount
                {
                    AccountId             = accountId,
                    EncryptedRefreshToken = CryptoService.Encrypt(tokenInfo.refresh_token)
                });

                return(new BasePaymentResponse
                {
                    IsSuccessful = true,
                    Message = "Success"
                });
            }
            catch (Exception e)
            {
                _logger.LogMessage("PayPal: LinkAccount error");
                _logger.LogError(e);
                return(new BasePaymentResponse
                {
                    IsSuccessful = false,
                    Message = e.Message
                });
            }
        }
        public void UserInfoGetUserInfoWithRefreshTokenTest()
        {
            try
            {
                var config = ConfigManager.Instance.GetProperties();
                config[BaseConstants.ClientId]     = "AYSq3RDGsmBLJE-otTkBtM-jBRd1TCQwFf9RGfwddNXWz0uFU9ztymylOhRS";
                config[BaseConstants.ClientSecret] = "EGnHDxD_qRPdaLdZz8iCr8N7_MzF-YHPTkjs6NKYQvQSBngp4PTTVWkPZRbL";
                var apiContext = new APIContext()
                {
                    Config = config
                };

                // Using the refresh token, first get an access token.
                var tokenInfo = new Tokeninfo
                {
                    refresh_token = "W1JmxG-Cogm-4aSc5Vlen37XaQTj74aQcQiTtXax5UgY7M_AJ--kLX8xNVk8LtCpmueFfcYlRK6UgQLJ-XHsxpw6kZzPpKKccRQeC4z2ldTMfXdIWajZ6CHuebs"
                };
                var refreshTokenParameters = new CreateFromRefreshTokenParameters();
                var token = tokenInfo.CreateFromRefreshToken(apiContext, refreshTokenParameters);
                this.RecordConnectionDetails();

                var userInfoParameters = new UserinfoParameters();
                userInfoParameters.SetAccessToken(token.access_token);

                // Get the user information.
                var userInfo = PayPal.Api.OpenIdConnect.Userinfo.GetUserinfo(userInfoParameters);
                this.RecordConnectionDetails();

                Assert.AreEqual("account", userInfo.family_name);
                Assert.AreEqual("facilitator account", userInfo.name);
                Assert.AreEqual("facilitator", userInfo.given_name);
                Assert.AreEqual("BUSINESS", userInfo.account_type);
                Assert.AreEqual("https://www.paypal.com/webapps/auth/identity/user/jWZav5QbA94DNm5FzsNOsq88y4QYrRvu4KLfUydcJqU", userInfo.user_id);
                Assert.IsTrue(userInfo.verified_account.Value);
                Assert.AreEqual("en_US", userInfo.locale);
            }
            catch (ConnectionException)
            {
                this.RecordConnectionDetails(false);
                throw;
            }
        }
示例#9
0
        /// <summary>
        /// Is token expired or not
        /// </summary>
        /// <param name="accessToken"></param>
        /// <returns></returns>
        public bool IsTokenExpired(string accessToken)
        {
            Tokeninfo tokeninfo = null;

            Oauth2Service.TokeninfoRequest  tokeninfoRequest = new Oauth2Service().Tokeninfo();
            Google.Apis.Discovery.Parameter accessType       = new Google.Apis.Discovery.Parameter {
                DefaultValue = GoogleReqestParameters.offline.ToString(), Name = GoogleReqestParameters.access_type.ToString()
            };
            tokeninfoRequest.RequestParameters.Add("AccessType", accessType);
            tokeninfoRequest.AccessToken = accessToken;
            try
            {
                tokeninfo = tokeninfoRequest.Execute();
            }
            catch (Exception)
            {
                // ignored
            }
            return(tokeninfo == null);
        }
        /// <summary>
        /// Delete contact group created by dot align project.
        /// </summary>
        /// <param name="Lead411UserInfo"></param>
        /// <param name="reqType"></param>
        public async Task <bool> DeleteContactFolder(Lead411UserInfo Lead411UserInfo, RequestType reqType)
        {
            bool result = false;

            // Retrieving the contact group is required in order to get the Etag.
            try
            {
                GoogleValidationResponse googleValidationResponse = new GoogleValidationResponse();
                //Get new access token
                if (Authentication.IsTokenExpired(Lead411UserInfo.AccessToken))
                {
                    googleValidationResponse = (GoogleValidationResponse)Authentication.GetAccessTokenByRefreshToken(Lead411UserInfo.RefreshToken, reqType);
                    //Save new access token to db
                    _iAccount.SaveRefreshToken(Lead411UserInfo.RefreshToken, Lead411UserInfo.AccessToken, Lead411UserInfo.Email, AccountType.Gmail);
                }
                else
                {
                    googleValidationResponse.access_token = Lead411UserInfo.AccessToken;
                }
                if (googleValidationResponse.access_token != null)
                {
                    Lead411UserInfo.AccessToken = googleValidationResponse.access_token;
                    //Get Userinfo
                    Tokeninfo tokeninfo = (Tokeninfo)Authentication.GetUserProfile(Lead411UserInfo.AccessToken);

                    UserCredential userCredential = (UserCredential)Authentication.CreateAutherizationServiceObject(tokeninfo.Scope, tokeninfo.ExpiresIn, tokeninfo.UserId, Lead411UserInfo.AccessToken, Lead411UserInfo.RefreshToken);

                    ContactsRequest contactRequest = (ContactsRequest)Authentication.ContactsRequest(Lead411UserInfo.AccessToken, Lead411UserInfo.RefreshToken);

                    result = await Operation.DeleteContactFolder(contactRequest);
                }
            }
            catch //(GDataVersionConflictException e)
            {
                // Etags mismatch: handle the exception.
            }
            return(result);
        }
示例#11
0
        public void TestCreateFromRefreshTokenDynamic()
        {
            Dictionary<string, string> configurationMap = new Dictionary<string, string>();
            configurationMap.Add("clientId", "");
            configurationMap.Add("clientSecret", "");
            configurationMap.Add("mode", "live");
            APIContext apiContext = new APIContext();
            apiContext.Config = configurationMap;

            CreateFromRefreshTokenParameters param = new CreateFromRefreshTokenParameters();
            info = info.CreateFromRefreshToken(apiContext, param);
            Assert.AreEqual(info.access_token != null, true);
        }
示例#12
0
        public void TestCreateFromAuthorizationCodeDynamic()
        {
            Dictionary<string, string> configurationMap = new Dictionary<string, string>();
            configurationMap.Add("clientId", "");
            configurationMap.Add("clientSecret", "");
            configurationMap.Add("mode", "live");
            APIContext apiContext = new APIContext();
            apiContext.Config = configurationMap;
            CreateFromAuthorizationCodeParameters param = new CreateFromAuthorizationCodeParameters();

            // code you will get back as part of the url after redirection
            param.SetCode("xxxx");
            info = Tokeninfo.CreateFromAuthorizationCode(apiContext, param);
            Assert.AreEqual(true, info.access_token != null);
        }
示例#13
0
        /// <summary>
        /// Processes the request based on the path.
        /// </summary>
        /// <param name="context">Contains the request and response.</param>
        public void ProcessRequest(HttpContext context)
        {
            // Redirect base path to signin.
            if (context.Request.Path.EndsWith("/"))
            {
                context.Response.RedirectPermanent("signin.ashx");
            }


            // This is reached when the root document is passed. Return HTML
            // using index.html as a template.
            if (context.Request.Path.EndsWith("/signin.ashx"))
            {
                String state = (String)context.Session["state"];

                // Store a random string in the session for verifying
                // the responses in our OAuth2 flow.
                if (state == null)
                {
                    Random        random  = new Random((int)DateTime.Now.Ticks);
                    StringBuilder builder = new StringBuilder();
                    for (int i = 0; i < 13; i++)
                    {
                        builder.Append(Convert.ToChar(
                                           Convert.ToInt32(Math.Floor(
                                                               26 * random.NextDouble() + 65))));
                    }
                    state = builder.ToString();
                    context.Session["state"] = state;
                }

                // Render the templated HTML.
                String templatedHTML = File.ReadAllText(
                    context.Server.MapPath("index.html"));
                templatedHTML = Regex.Replace(templatedHTML,
                                              "[{]{2}\\s*APPLICATION_NAME\\s*[}]{2}", APP_NAME);
                templatedHTML = Regex.Replace(templatedHTML,
                                              "[{]{2}\\s*CLIENT_ID\\s*[}]{2}", secrets.ClientId);
                templatedHTML = Regex.Replace(templatedHTML,
                                              "[{]{2}\\s*STATE\\s*[}]{2}", state);

                context.Response.ContentType = "text/html";
                context.Response.Write(templatedHTML);
                return;
            }

            if (context.Session["authState"] == null)
            {
                // The connect action exchanges a code from the sign-in button,
                // verifies it, and creates OAuth2 credentials.
                if (context.Request.Path.Contains("/connect"))
                {
                    // Get the code from the request POST body.
                    StreamReader sr = new StreamReader(
                        context.Request.InputStream);
                    string code = sr.ReadToEnd();

                    string state = context.Request["state"];

                    // Test that the request state matches the session state.
                    if (!state.Equals(context.Session["state"]))
                    {
                        context.Response.StatusCode = 401;
                        return;
                    }

                    // Use the code exchange flow to get an access and refresh token.
                    IAuthorizationCodeFlow flow =
                        new GoogleAuthorizationCodeFlow(new GoogleAuthorizationCodeFlow.Initializer
                    {
                        ClientSecrets = secrets,
                        Scopes        = SCOPES
                    });

                    token = flow.ExchangeCodeForTokenAsync("", code, "postmessage",
                                                           CancellationToken.None).Result;

                    // Create an authorization state from the returned token.
                    context.Session["authState"] = token;

                    // Get tokeninfo for the access token if you want to verify.
                    Oauth2Service service = new Oauth2Service(
                        new Google.Apis.Services.BaseClientService.Initializer());
                    Oauth2Service.TokeninfoRequest request = service.Tokeninfo();
                    request.AccessToken = token.AccessToken;

                    Tokeninfo info = request.Execute();

                    string gplus_id = info.UserId;
                }
                else
                {
                    // No cached state and we are not connecting.
                    context.Response.StatusCode = 400;
                    return;
                }
            }
            else if (context.Request.Path.Contains("/connect"))
            {
                // The user is already connected and credentials are cached.
                context.Response.ContentType = "application/json";
                context.Response.StatusCode  = 200;
                context.Response.Write(JsonConvert.SerializeObject("Current user is already connected."));
                return;
            }
            else
            {
                // Register the authenticator and construct the Plus service
                // for performing API calls on behalf of the user.
                token = (TokenResponse)context.Session["authState"];
                IAuthorizationCodeFlow flow =
                    new GoogleAuthorizationCodeFlow(new GoogleAuthorizationCodeFlow.Initializer
                {
                    ClientSecrets = secrets,
                    Scopes        = SCOPES
                });

                UserCredential credential = new UserCredential(flow, "me", token);
                bool           success    = credential.RefreshTokenAsync(CancellationToken.None).Result;

                token = credential.Token;
                ps    = new PlusService(
                    new Google.Apis.Services.BaseClientService.Initializer()
                {
                    ApplicationName       = ".NET Quickstart",
                    HttpClientInitializer = credential
                });
            }

            // Perform an authenticated API request to retrieve the list of
            // people that the user has made visible to the app.
            if (context.Request.Path.Contains("/people"))
            {
                // Get the PeopleFeed for the currently authenticated user.
                PeopleFeed pf = ps.People.List("me",
                                               PeopleResource.ListRequest.CollectionEnum.Visible).Execute();

                // This JSON, representing the people feed, will later be
                // parsed by the JavaScript client.
                string jsonContent =
                    Newtonsoft.Json.JsonConvert.SerializeObject(pf);
                context.Response.ContentType = "application/json";
                context.Response.Write(jsonContent);
                return;
            }

            // Disconnect the user from the application by revoking the tokens
            // and removing all locally stored data associated with the user.
            if (context.Request.Path.Contains("/disconnect"))
            {
                // Perform a get request to the token endpoint to revoke the
                // refresh token.
                token = (TokenResponse)context.Session["authState"];
                string tokenToRevoke = (token.RefreshToken != null) ?
                                       token.RefreshToken : token.AccessToken;

                WebRequest request = WebRequest.Create(
                    "https://accounts.google.com/o/oauth2/revoke?token=" +
                    token);

                WebResponse response = request.GetResponse();

                // Remove the cached credentials.
                context.Session["authState"] = null;

                // You could reset the state in the session but you must also
                // reset the state on the client.
                // context.Session["state"] = null;
                context.Response.Write(
                    response.GetResponseStream().ToString().ToCharArray());
                return;
            }
        }
示例#14
0
        /// <summary>
        /// Processes the request based on the path.
        /// </summary>
        /// <param name="context">Contains the request and response.</param>
        public void ProcessRequest(HttpContext context)
        {
            // Get the code from the request POST body.
            string accessToken = context.Request.Params["access_token"];
            string idToken     = context.Request.Params["id_token"];

            // Validate the ID token
            if (idToken != null)
            {
                JwtSecurityToken        token = new JwtSecurityToken(idToken);
                JwtSecurityTokenHandler jsth  = new JwtSecurityTokenHandler();

                // Configure validation
                Byte[][] certBytes = getCertBytes();
                Dictionary <String, X509Certificate2> certificates = new Dictionary <String, X509Certificate2>();

                for (int i = 0; i < certBytes.Length; i++)
                {
                    X509Certificate2 certificate = new X509Certificate2(certBytes[i]);
                    certificates.Add(certificate.Thumbprint, certificate);
                }
                {
                    // Set up token validation
                    TokenValidationParameters tvp = new TokenValidationParameters()
                    {
                        ValidateActor = false,                                    // check the profile ID

                        ValidateAudience = (CLIENT_ID != "YOUR_VALID_CLIENT_ID"), // check the client ID
                        ValidAudience    = CLIENT_ID,

                        ValidateIssuer = true, // check token came from Google
                        ValidIssuer    = "accounts.google.com",

                        ValidateIssuerSigningKey = true,
                        RequireSignedTokens      = true,
                        CertificateValidator     = X509CertificateValidator.None,
                        IssuerSigningKeyResolver = (s, securityToken, identifier, parameters) =>
                        {
                            return(identifier.Select(x =>
                            {
                                // TODO: Consider returning null here if you have case sensitive JWTs.

                                /*if (!certificates.ContainsKey(x.Id))
                                 * {
                                 *  return new X509SecurityKey(certificates[x.Id]);
                                 * }*/
                                if (certificates.ContainsKey(x.Id.ToUpper()))
                                {
                                    return new X509SecurityKey(certificates[x.Id.ToUpper()]);
                                }
                                return null;
                            }).First(x => x != null));
                        },
                        ValidateLifetime      = true,
                        RequireExpirationTime = true,
                        ClockSkew             = TimeSpan.FromHours(13)
                    };

                    try
                    {
                        // Validate using the provider
                        SecurityToken   validatedToken;
                        ClaimsPrincipal cp = jsth.ValidateToken(idToken, tvp, out validatedToken);
                        if (cp != null)
                        {
                            its.valid   = true;
                            its.message = "Valid ID Token.";
                        }
                    }
                    catch (Exception e)
                    {
                        // Multiple certificates are tested.
                        if (its.valid != true)
                        {
                            its.message = "Invalid ID Token.";
                        }
                        if (e.Message.IndexOf("The token is expired") > 0)
                        {
                            // TODO: Check current time in the exception for clock skew.
                        }
                    }
                }

                // Get the Google+ id for this user from the "sub" claim.
                Claim[] claims = token.Claims.ToArray <Claim>();
                for (int i = 0; i < claims.Length; i++)
                {
                    if (claims[i].Type.Equals("sub"))
                    {
                        its.gplus_id = claims[i].Value;
                    }
                }
            }

            // Use Tokeninfo to validate the user and the client.
            var tokeninfo_request = new Oauth2Service().Tokeninfo();

            tokeninfo_request.AccessToken = accessToken;

            // Use Google as a trusted provider to validate the token.
            // Invalid values, including expired tokens, return 400
            Tokeninfo tokeninfo = null;

            try
            {
                tokeninfo = tokeninfo_request.Execute();
                if (tokeninfo.IssuedTo != CLIENT_ID)
                {
                    ats.message = "Access Token not meant for this app.";
                }
                else
                {
                    ats.valid    = true;
                    ats.message  = "Valid Access Token.";
                    ats.gplus_id = tokeninfo.UserId;
                }
            }
            catch (Exception stve)
            {
                ats.message = "Invalid Access Token: " + stve.Message;
            }

            // Use the wrapper to return JSON
            token_status_wrapper tsr = new token_status_wrapper();

            tsr.id_token_status     = its;
            tsr.access_token_status = ats;

            context.Response.StatusCode  = 200;
            context.Response.ContentType = "text/json";
            context.Response.Write(JsonConvert.SerializeObject(tsr));
        }
        public void ShouldHaveCorrectTokenName()
        {
            Tokeninfo tokeninfo = GW2Api.V2().TokenInfo.Get(TestData.FullAccessAccountToken);

            Assert.AreEqual(TestData.FullAccessAccountTokenName, tokeninfo.Name);
        }
        public void ShouldHaveCorrectTokenId()
        {
            Tokeninfo tokeninfo = GW2Api.V2().TokenInfo.Get(TestData.FullAccessAccountToken);

            Assert.AreEqual(TestData.FullAccessAccountToken.Substring(0, 36), tokeninfo.Id); // Seems like only 36 letters of the Id will be returned.
        }
        /// <summary>
        /// Code example for creating a future payment object.
        /// </summary>
        /// <param name="correlationId"></param>
        /// <param name="authorizationCode"></param>
        private Payment CreateFuturePayment(string correlationId, string authorizationCode, string redirectUrl)
        {
            // ###Payer
            // A resource representing a Payer that funds a payment
            // Payment Method
            // as `paypal`
            Payer payer = new Payer()
            {
                payment_method = "paypal"
            };

            // ###Details
            // Let's you specify details of a payment amount.
            Details details = new Details()
            {
                tax      = "15",
                shipping = "10",
                subtotal = "75"
            };

            // ###Amount
            // Let's you specify a payment amount.
            var amount = new Amount()
            {
                currency = "USD",
                total    = "100", // Total must be equal to sum of shipping, tax and subtotal.
                details  = details
            };

            // # Redirect URLS
            var redirUrls = new RedirectUrls()
            {
                cancel_url = redirectUrl,
                return_url = redirectUrl
            };

            // ###Items
            // Items within a transaction.
            var itemList = new ItemList()
            {
                items = new List <Item>()
            };

            itemList.items.Add(new Item()
            {
                name     = "Item Name",
                currency = "USD",
                price    = "15",
                quantity = "5",
                sku      = "sku"
            });

            // ###Transaction
            // A transaction defines the contract of a
            // payment - what is the payment for and who
            // is fulfilling it.
            var transactionList = new List <Transaction>();

            // The Payment creation API requires a list of
            // Transaction; add the created `Transaction`
            // to a List
            transactionList.Add(new Transaction()
            {
                description = "Transaction description.",
                amount      = amount,
                item_list   = itemList
            });

            var authorizationCodeParameters = new CreateFromAuthorizationCodeParameters();

            authorizationCodeParameters.setClientId(Configuration.ClientId);
            authorizationCodeParameters.setClientSecret(Configuration.ClientSecret);
            authorizationCodeParameters.SetCode(authorizationCode);

            var apiContext = new APIContext();

            apiContext.Config = Configuration.GetConfig();

            var tokenInfo   = Tokeninfo.CreateFromAuthorizationCodeForFuturePayments(apiContext, authorizationCodeParameters);
            var accessToken = string.Format("{0} {1}", tokenInfo.token_type, tokenInfo.access_token);

            // ###Payment
            // A FuturePayment Resource
            this.futurePayment = new FuturePayment()
            {
                intent        = "authorize",
                payer         = payer,
                transactions  = transactionList,
                redirect_urls = redirUrls
            };
            return(this.futurePayment.Create(accessToken, correlationId));
        }