/// <summary>
/// Concatenates and encodes client credentials for use in an authorization header
/// </summary>
/// <param name="options">Contains the client credentials</param>
/// <returns>Client credentials for use in an authorization header</returns>
private static string BuildAuthorizationHeaderValue(IFOAuthOptions options)
{
string authorizationCreds = string.Format(CultureInfo.InvariantCulture, "{0}:{1}", options.ClientId, options.ClientSecret);
authorizationCreds = authorizationCreds.ToUtf8Hex();
return(authorizationCreds);
}
/// <summary>
/// Requests a new OAuth token from the Authorization service
/// </summary>
/// <param name="context">The context to sue for cookie access</param>
/// <returns>The OAuth token</returns>
public static async Task <IFOAuthAccess> RefreshAccessAsync(IOwinContext context)
{
try
{
var authOptions = IFOAuthOptions.Construct();
string currentRefreshToken = context.Request.Cookies["iflo_refresh_token"];
if (currentRefreshToken != null)
{
var oauth2Token = await RefreshAccessTokenAsync(currentRefreshToken, authOptions);
IFOAuthAccess access = new IFOAuthAccess(oauth2Token);
access.Persist(context);
return(access);
}
}
catch (Exception)
{
// TODO handle exceptions
}
return(null);
}
/// <summary>
/// Reads settings from config file and creates a prototypical instance of an IFOAuthOptions entity
/// </summary>
/// <returns>A fully populated IFOAuthOptions entity</returns>
public static IFOAuthOptions Construct()
{
// Client Id from the Intelliflo developer portal
string clientId = System.Configuration.ConfigurationManager.AppSettings["ClientId"];
// API Key from Intelliflo developer portal
string clientSecret = System.Configuration.ConfigurationManager.AppSettings["ClientSecret"];
// RedirectUri is the URI where the user will be redirected to after they sign in.
string redirectUri = System.Configuration.ConfigurationManager.AppSettings["RedirectUri"];
// Authority is the URI for the identity provider
string authority = System.Configuration.ConfigurationManager.AppSettings["AuthorityUri"];
IFOAuthOptions options = new IFOAuthOptions();
// from https://identity.intelliflo.com/core/.well-known/openid-configuration
options.AuthorizationEndpoint = string.Format(CultureInfo.InvariantCulture, "{0}/core/connect/authorize", authority);
options.TokenEndpoint = string.Format(CultureInfo.InvariantCulture, "{0}/core/connect/token", authority);
options.UserInfoEndpoint = string.Format(CultureInfo.InvariantCulture, "{0}/core/connect/userinfo", authority);
options.ClientId = clientId;
options.ClientSecret = clientSecret;
options.CallbackPath = new PathString(redirectUri); // must be on https
// compulsory scopes
options.Scope.Add("openid");
options.Scope.Add("myprofile");
options.Scope.Add("profile");
options.Scope.Add("offline_access ");
// should match what is configured for the client in the portal
// options.Scope.Add("client_data");
// options.Scope.Add("client_financial_data");
// options.Scope.Add("firm_data");
return(options);
}
/// <summary>
/// Requests a new OAuth token from the Authorization service
/// </summary>
/// <param name="refreshToken">The refresh token to use</param>
/// <param name="options">Parameters to use when making the call</param>
/// <returns>The OAuth token</returns>
public static async Task <JObject> RefreshAccessTokenAsync(string refreshToken, IFOAuthOptions options)
{
string scopes = string.Join(" ", options.Scope);
var tokenRequestParameters = new List <KeyValuePair <string, string> >
{
new KeyValuePair <string, string>("grant_type", "refresh_token"),
new KeyValuePair <string, string>("refresh_token", refreshToken),
new KeyValuePair <string, string>("scope", scopes)
};
var requestContent = new FormUrlEncodedContent(tokenRequestParameters);
var authorizationHeaderValue = BuildAuthorizationHeaderValue(options);
var refreshTokenRequest = new HttpRequestMessage(HttpMethod.Post, options.TokenEndpoint);
refreshTokenRequest.Headers.Authorization = new AuthenticationHeaderValue("Basic", authorizationHeaderValue);
refreshTokenRequest.Content = new FormUrlEncodedContent(tokenRequestParameters);
HttpClient httpClient = new HttpClient();
HttpResponseMessage response = await httpClient.SendAsync(refreshTokenRequest);
response.EnsureSuccessStatusCode();
string oauthTokenResponse = await response.Content.ReadAsStringAsync();
JObject oauth2Token = JObject.Parse(oauthTokenResponse);
return(oauth2Token);
}
/// <summary>
/// Configure the application to authenticate using IO
/// </summary>
public static void ConfigureAuthWithIntelliflo(IAppBuilder app)
{
var options = IFOAuthOptions.Construct();
app.Use(typeof(IFOAuthMiddleware), app, options);
}