static String GetAccessToken(String name, String password)
{
try
{
// Create a message for the Client Account and Password profile
// We need to specify the username and password for the client
// and a POST will be sent with the body:
// wrap_name=<name>&wrap_password=<password>
var requestMessage = new ClientAccountRequest(name, password);
// DEBUG: Show this message on screen
ShowObject("AccessTokenRequestMessage (Client Account and Password Profile)", requestMessage);
// Send the message to the Access Token URL of the Authorization Server
var request = WebRequest.Create(accessTokenUrl);
request.WriteRequest(requestMessage);
// DEBUG: Show HTTP request for access token
ShowRequest("Access Token Request (Client Account and Password Profile)", request as HttpWebRequest);
// Parse and show result
var responseMessage = request.GetResponse().ReadAccessTokenResponse();
// DEBUG: Show token on screen
ShowObject("AccessTokenResponseMessage (Client Account and Password Profile)", responseMessage);
return responseMessage.AccessToken;
}
catch (WebException exception)
{
ShowResponse(
"Resource response (exception, Client Account and Password Profile)",
exception.Response as HttpWebResponse);
}
return null;
}
/// <summary>
/// Reads a AccessTokenRequest message from a collection of names and values. Instances
/// of this type of collection are used extensively by ASP.NET (Request.Form, for example)
/// but, for those cases, it's better to use the appropriate extension method
/// (Request.ReadAccessTokenRequest instead of Request.Form.ReadAccessRequest).
/// </summary>
/// <param name="names">The collection to initialize the request message.</param>
/// <returns>An instance of a type derived from AccessTokenRequest. The specific type
/// depends on the parameters provided in the request.</returns>
public static AccessTokenRequest ReadAccessTokenRequest(this NameValueCollection names)
{
if (null == names)
throw new ArgumentNullException("names");
// Try to find what profile is being used.
AccessTokenRequest message = null;
if (false == String.IsNullOrEmpty(names[WrapConstants.Parameters.Assertion]))
message = new AssertionRequest();
else if (false == String.IsNullOrEmpty(names[WrapConstants.Parameters.Name]))
message = new ClientAccountRequest();
else if (false == String.IsNullOrEmpty(names[WrapConstants.Parameters.UserName]))
message = new UserNameRequest();
else if (false == String.IsNullOrEmpty(names[WrapConstants.Parameters.ClientSecret]))
message = new WebAppRequest();
else if (false == String.IsNullOrEmpty(names[WrapConstants.Parameters.VerificationCode]))
message = new RichAppRequest();
if (null == message)
throw new WrapMessageException("Message not recognized.");
// Only WRAP related parameters are added to the message. The specification
// allows implementation defined additional parameters, but those can be
// read directly from the original collection.
foreach (String key in names.Keys)
{
String value = names[key];
if (false == key.StartsWith("wrap_", StringComparison.OrdinalIgnoreCase) || String.IsNullOrEmpty(value))
continue;
message.SetParameter(key, value);
}
// Check that the required parameters are set, according to
// the profile
message.Validate();
return message;
}
public void Process(ClientAccountRequest request)
{
ProcessCommon(request);
}