public async Task ChallengeWillTriggerApplyRedirectEvent()
{
var options = new MicrosoftAccountAuthenticationOptions()
{
ClientId = "Test Client Id",
ClientSecret = "Test Client Secret",
Provider = new MicrosoftAccountAuthenticationProvider
{
OnApplyRedirect = context =>
{
context.Response.Redirect(context.RedirectUri + "&custom=test");
}
}
};
var server = CreateServer(
app => app.UseMicrosoftAccountAuthentication(options),
context =>
{
context.Authentication.Challenge("Microsoft");
return true;
});
var transaction = await SendAsync(server, "http://example.com/challenge");
transaction.Response.StatusCode.ShouldBe(HttpStatusCode.Redirect);
var query = transaction.Response.Headers.Location.Query;
query.ShouldContain("custom=test");
}
// For more information on configuring authentication, please visit http://go.microsoft.com/fwlink/?LinkId=301864
public void ConfigureAuth(IAppBuilder app)
{
// Enable the application to use a cookie to store information for the signed in user
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
LoginPath = new PathString("/Account/Login")
});
// Use a cookie to temporarily store information about a user logging in with a third party login provider
app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);
// Uncomment the following lines to enable logging in with third party login providers
var msAuthOptions = new MicrosoftAccountAuthenticationOptions();
msAuthOptions.Scope.Add("wl.basic");
msAuthOptions.Scope.Add("wl.emails");
msAuthOptions.ClientId = ConfigurationManager.AppSettings["msClientId"];
msAuthOptions.ClientSecret = ConfigurationManager.AppSettings["msClientSecret"];
app.UseMicrosoftAccountAuthentication(msAuthOptions);
// app.UseTwitterAuthentication(
// consumerKey: ConfigurationManager.AppSettings["consumerKey"],
// consumerSecret: ConfigurationManager.AppSettings["consumerSecret"]
// );
var fbAuthOptions = new FacebookAuthenticationOptions
{
AppId = ConfigurationManager.AppSettings["fbAppId"],
AppSecret = ConfigurationManager.AppSettings["fbAppSecret"]
};
fbAuthOptions.Scope.Add("email");
fbAuthOptions.Scope.Add("public_profile");
fbAuthOptions.Scope.Add("user_friends");
fbAuthOptions.Provider = new FacebookAuthenticationProvider
{
OnAuthenticated = context =>
{
context.Identity.AddClaim(new Claim("FacebookAccessToken", context.AccessToken));
return Task.FromResult(true);
}
};
app.UseFacebookAuthentication(fbAuthOptions);
app.UseGoogleAuthentication(
clientId: ConfigurationManager.AppSettings["googleClientId"],
clientSecret: ConfigurationManager.AppSettings["googleClientSecret"]
);
app.UseLinkedInAuthentication(new LinkedInAuthenticationOptions
{
ClientId = ConfigurationManager.AppSettings["linkedinClientId"],
ClientSecret = ConfigurationManager.AppSettings["linkedinClientSecret"]
});
}
// For more information on configuring authentication, please visit http://go.microsoft.com/fwlink/?LinkId=301864
public void ConfigureAuth(IAppBuilder app)
{
// Allow all CORS requests
app.UseCors(CorsOptions.AllowAll);
// Configure the db context and user manager to use a single instance per request
app.CreatePerOwinContext(RestContext.Create);
app.CreatePerOwinContext<ApplicationUserManager>(ApplicationUserManager.Create);
// Enable the application to use a cookie to store information for the signed in user
// and to use a cookie to temporarily store information about a user logging in with a third party login provider
app.UseCookieAuthentication(new CookieAuthenticationOptions());
app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);
// Configure the application for OAuth based flow
PublicClientId = "self";
OAuthOptions = new OAuthAuthorizationServerOptions
{
TokenEndpointPath = new PathString("/Token"),
Provider = new ApplicationOAuthProvider(PublicClientId),
AuthorizeEndpointPath = new PathString("/api/Account/ExternalLogin"),
AccessTokenExpireTimeSpan = TimeSpan.FromDays(14),
// In production mode set AllowInsecureHttp = false
AllowInsecureHttp = true
};
// Enable the application to use bearer tokens to authenticate users
app.UseOAuthBearerTokens(OAuthOptions);
// Uncomment the following lines to enable logging in with third party login providers
var microsoftAuthentication = new MicrosoftAccountAuthenticationOptions();
microsoftAuthentication.ClientId = "000000004C16836C";
microsoftAuthentication.ClientSecret = "R2GPxr8k-dIftBnAEhLRXLjuTsiIxNpl";
app.UseMicrosoftAccountAuthentication(microsoftAuthentication);
var twitterAuthentication = new TwitterAuthenticationOptions();
twitterAuthentication.ConsumerKey = "wOS8t5pPraOLwTH79OlgyttW6";
twitterAuthentication.ConsumerSecret = "gj9iMcmsixA8UvcsTRqxxoCkzkrpDKc4vuzKGpFjTRiNv3aldl";
app.UseTwitterAuthentication(twitterAuthentication);
var facebookAuthenticationOptions = new FacebookAuthenticationOptions();
facebookAuthenticationOptions.AppId = "1645027742443677";
facebookAuthenticationOptions.AppSecret = "baf2eea96164855d5e0d436c6e4c9365";
app.UseFacebookAuthentication(facebookAuthenticationOptions);
var googleAuthenticationOptions = new GoogleOAuth2AuthenticationOptions();
googleAuthenticationOptions.ClientId = "867920998848-h8vsdddu2o8dkv72243d8phu599dejgt.apps.googleusercontent.com";
googleAuthenticationOptions.ClientSecret = "k25jN1BX4bBtWxlNbaBMeIIk";
googleAuthenticationOptions.CallbackPath = new PathString("/signin-google");
googleAuthenticationOptions.Provider = new GoogleOAuth2AuthenticationProvider();
googleAuthenticationOptions.Scope.Add("email");
app.UseGoogleAuthentication(googleAuthenticationOptions);
}
// For more information on configuring authentication, please visit http://go.microsoft.com/fwlink/?LinkId=301864
public void ConfigureAuth(IAppBuilder app)
{
// Configure the db context and user manager to use a single instance per request
app.CreatePerOwinContext(AppDbContext.Create);
app.CreatePerOwinContext<ApplicationUserManager>(ApplicationUserManager.Create);
app.CreatePerOwinContext<ApplicationSignInManager>(ApplicationSignInManager.Create);
// Enable the application to use a cookie to store information for the signed in user
// and to use a cookie to temporarily store information about a user logging in with a third party login provider
// Configure the sign in cookie
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
LoginPath = new PathString("/Account/Login"),
SlidingExpiration = false,
ExpireTimeSpan = TimeSpan.FromDays(30),
Provider = new CookieAuthenticationProvider
{
OnValidateIdentity =
SecurityStampValidator.OnValidateIdentity<ApplicationUserManager, User>(
validateInterval: TimeSpan.FromMinutes(30),
regenerateIdentity: (manager, user) => user.GenerateUserIdentityAsync(manager))
}
});
app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);
// Uncomment the following lines to enable logging in with third party login providers
app.UseGoogleAuthentication("1058035413863-pmbgn6n7slu0nph17l96nu65r9oeuqui.apps.googleusercontent.com", "J5wsfYCsgClB9G5miL7Bj8A7");
var facebookOptions = new FacebookAuthenticationOptions()
{
AppId = "899746186808173",
AppSecret = "4a339373d1748469a27a021c376a6ac2",
BackchannelHttpHandler = new FacebookBackChannelHandler(),
UserInformationEndpoint = "https://graph.facebook.com/v2.4/me?fields=id,name,email,first_name,last_name,location"
};
facebookOptions.Scope.Add("email");
app.UseFacebookAuthentication(facebookOptions);
var microsoftOptions = new MicrosoftAccountAuthenticationOptions
{
Caption = "Live",
ClientId = "000000004018626B",
ClientSecret = "0JN-2FYhsi4z-NnskF3C97A63nSJbkW8"
};
microsoftOptions.Scope.Add("wl.basic");
microsoftOptions.Scope.Add("wl.emails");
app.UseMicrosoftAccountAuthentication(microsoftOptions);
}
/// <summary>
/// Authenticate users using Microsoft Account
/// </summary>
/// <param name="app">The <see cref="IAppBuilder"/> passed to the configuration method</param>
/// <param name="options">Middleware configuration options</param>
/// <returns>The updated <see cref="IAppBuilder"/></returns>
public static IAppBuilder UseMicrosoftAccountAuthentication(this IAppBuilder app, MicrosoftAccountAuthenticationOptions options)
{
if (app == null)
{
throw new ArgumentNullException("app");
}
if (options == null)
{
throw new ArgumentNullException("options");
}
app.Use(typeof(MicrosoftAccountAuthenticationMiddleware), app, options);
return app;
}
// For more information on configuring authentication, please visit http://go.microsoft.com/fwlink/?LinkId=301864
public void ConfigureAuth(IAppBuilder app)
{
// Configure the db context and user manager to use a single instance per request
app.CreatePerOwinContext(ApplicationDbContext.Create);
app.CreatePerOwinContext<ApplicationUserManager>(ApplicationUserManager.Create);
// Enable the application to use a cookie to store information for the signed in user
// and to use a cookie to temporarily store information about a user logging in with a third party login provider
app.UseCookieAuthentication(new CookieAuthenticationOptions());
app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);
// Configure the application for OAuth based flow
PublicClientId = "self";
OAuthOptions = new OAuthAuthorizationServerOptions
{
TokenEndpointPath = new PathString("/Token"),
Provider = new ApplicationOAuthProvider(PublicClientId),
AuthorizeEndpointPath = new PathString("/api/Account/ExternalLogin"),
AccessTokenExpireTimeSpan = TimeSpan.FromDays(14),
// In production mode set AllowInsecureHttp = false
AllowInsecureHttp = true
};
// Enable the application to use bearer tokens to authenticate users
app.UseOAuthBearerTokens(OAuthOptions);
// Sign in with Microsoft ID
var msOptions = new MicrosoftAccountAuthenticationOptions
{
ClientId = WebConfigurationManager.AppSettings["MicrosoftIDClientID"],
ClientSecret = WebConfigurationManager.AppSettings["MicrosoftIDClientSecret"]
};
msOptions.Scope.Clear();
msOptions.Scope.Add("wl.signin");
app.UseMicrosoftAccountAuthentication(msOptions);
//app.UseTwitterAuthentication(
// consumerKey: "",
// consumerSecret: "");
//app.UseFacebookAuthentication(
// appId: "",
// appSecret: "");
//app.UseGoogleAuthentication(new GoogleOAuth2AuthenticationOptions()
//{
// ClientId = "",
// ClientSecret = ""
//});
}
/// <summary>
/// Configure microsoft account sign-in
/// </summary>
/// <param name="app"></param>
/// <param name="clientId"></param>
/// <param name="clientSecret"></param>
/// <param name="caption"></param>
/// <param name="style"></param>
/// <param name="icon"></param>
/// <remarks>
///
/// Nuget installation:
/// Microsoft.Owin.Security.MicrosoftAccount
///
/// Microsoft account documentation for ASP.Net Identity can be found:
///
/// http://www.asp.net/web-api/overview/security/external-authentication-services#MICROSOFT
/// http://blogs.msdn.com/b/webdev/archive/2012/09/19/configuring-your-asp-net-application-for-microsoft-oauth-account.aspx
///
/// Microsoft apps can be created here:
///
/// http://go.microsoft.com/fwlink/?LinkID=144070
///
/// </remarks>
public static void ConfigureBackOfficeMicrosoftAuth(this IAppBuilder app, string clientId, string clientSecret,
string caption = "Microsoft", string style = "btn-microsoft", string icon = "fa-windows")
{
var msOptions = new MicrosoftAccountAuthenticationOptions
{
ClientId = clientId,
ClientSecret = clientSecret,
SignInAsAuthenticationType = Constants.Security.BackOfficeExternalAuthenticationType,
CallbackPath = new PathString("/umbraco-microsoft-signin")
};
msOptions.ForUmbracoBackOffice(style, icon);
msOptions.Caption = caption;
app.UseMicrosoftAccountAuthentication(msOptions);
}
// For more information on configuring authentication, please visit http://go.microsoft.com/fwlink/?LinkId=301864
public void ConfigureAuth(IAppBuilder app)
{
app.UseCors(CorsOptions.AllowAll);
// Configure the db context and user manager to use a single instance per request
app.CreatePerOwinContext(EntityModel.Create);
app.CreatePerOwinContext<ApplicationUserManager>(ApplicationUserManager.Create);
// Configure the application for OAuth based flow
PublicClientId = "self";
app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);
OAuthOptions = new OAuthAuthorizationServerOptions
{
TokenEndpointPath = new PathString("/API/Token"),
Provider = new ApplicationOAuthProvider(PublicClientId),
AuthorizeEndpointPath = new PathString("/api/Account/ExternalLogin"),
AccessTokenExpireTimeSpan = TimeSpan.FromDays(30),
AllowInsecureHttp = true
};
// Enable the application to use bearer tokens to authenticate users
app.UseOAuthBearerTokens(OAuthOptions);
app.SetDefaultSignInAsAuthenticationType(DefaultAuthenticationTypes.ExternalCookie);
// Uncomment the following lines to enable logging in with third party login providers
var microsoftOptions = new MicrosoftAccountAuthenticationOptions
{
ClientId = "000000004012ABA5",
ClientSecret = "9KHkk7OfuYwr06NpsaBKEZxD0wfQZgE2"
};
microsoftOptions.Scope.Add("wl.emails");
var facebookOptions = new FacebookAuthenticationOptions
{
AppId = "775625759162004",
AppSecret = "d411869c0707a273d6530a6a9cc592f7"
};
facebookOptions.Scope.Add("email");
var googleOptions = new GoogleOAuth2AuthenticationOptions()
{
ClientId =
"469646760415-qfrnioi99r3bmcfpsi7997m1h6qgj0b3.apps.googleusercontent.com",
ClientSecret = "9YdAukql7ZKrm6RUI4hfXA7S"
};
app.UseFacebookAuthentication(facebookOptions);
app.UseMicrosoftAccountAuthentication(microsoftOptions);
app.UseGoogleAuthentication(googleOptions);
}
// For more information on configuring authentication, please visit http://go.microsoft.com/fwlink/?LinkId=301864
public void ConfigureAuth(IAppBuilder app)
{
// Configure the db context, user manager and signin manager to use a single instance per request
app.CreatePerOwinContext(ApplicationDbContext.Create);
app.CreatePerOwinContext<ApplicationUserManager>(ApplicationUserManager.Create);
app.CreatePerOwinContext<ApplicationSignInManager>(ApplicationSignInManager.Create);
// Enable the application to use a cookie to store information for the signed in user
// and to use a cookie to temporarily store information about a user logging in with a third party login provider
// Configure the sign in cookie
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
LoginPath = new PathString("/Account/Login"),
Provider = new CookieAuthenticationProvider
{
// Enables the application to validate the security stamp when the user logs in.
// This is a security feature which is used when you change a password or add an external login to your account.
OnValidateIdentity = SecurityStampValidator.OnValidateIdentity<ApplicationUserManager, ApplicationUser>(
validateInterval: TimeSpan.FromMinutes(30),
regenerateIdentity: (manager, user) => user.GenerateUserIdentityAsync(manager))
}
});
app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);
// Enables the application to temporarily store user information when they are verifying the second factor in the two-factor authentication process.
app.UseTwoFactorSignInCookie(DefaultAuthenticationTypes.TwoFactorCookie, TimeSpan.FromMinutes(5));
// Enables the application to remember the second login verification factor such as phone or email.
// Once you check this option, your second step of verification during the login process will be remembered on the device where you logged in from.
// This is similar to the RememberMe option when you log in.
app.UseTwoFactorRememberBrowserCookie(DefaultAuthenticationTypes.TwoFactorRememberBrowserCookie);
// Enable Microsoft Account login.
var msaOptions = new MicrosoftAccountAuthenticationOptions
{
ClientId = ConfigurationManager.AppSettings["MsaClientId"],
ClientSecret = ConfigurationManager.AppSettings["MsaClientSecret"]
};
msaOptions.Scope.Add("wl.basic"); // Always required.
msaOptions.Scope.Add("wl.emails"); // Need this to get user email.
app.UseMicrosoftAccountAuthentication(msaOptions);
}
private static void SetupMicrosoftAuth(IAppBuilder app)
{
MicrosoftAccountAuthenticationOptions microsoftOptions = new MicrosoftAccountAuthenticationOptions()
{
ClientId = MicrosoftClientId,
ClientSecret = MicrosoftClientSecret
};
app.UseMicrosoftAccountAuthentication(
clientId: MicrosoftClientId,
clientSecret: MicrosoftClientSecret);
}
public static IAppBuilder UseMicrosoftAccountAuthentication(this IAppBuilder app, MicrosoftAccountAuthenticationOptions options)
{
app.Use(typeof(MicrosoftAccountAuthenticationMiddleware), app, options);
return app;
}
private static void AddMicrosoftAccount(IAppBuilder app)
{
var keys = ConfigurationHelper.MicrosoftOAuthKeys;
if (keys == null)
return;
var microsoftAccountAuthenticationOptions = new MicrosoftAccountAuthenticationOptions
{
ClientId = keys.Item1,
ClientSecret = keys.Item2,
};
microsoftAccountAuthenticationOptions.Scope.Add("wl.basic");
microsoftAccountAuthenticationOptions.Scope.Add("wl.emails");
app.UseMicrosoftAccountAuthentication(microsoftAccountAuthenticationOptions);
}
/// <summary>
/// Enables authenticating users using their Microsoft account.
/// </summary>
/// <remarks>
/// To use this feature you need to have a developer account registered and an app created at Microsoft. You can do all
/// this at https://account.live.com/developers/applications.
/// Once the app is created, copy the client id and client secret that is provided and put them as credentials in this
/// method.
/// Security Note: Never store sensitive data in your source code. The account and credentials are added to the code above to keep the sample simple.
/// </remarks>
/// <param name="app">The application to associate with the login provider.</param>
private static void EnableMicrosoftAccountLogin(IAppBuilder app)
{
// Note that the id and secret code below are fictitious and will not work when calling Microsoft.
MicrosoftAccountAuthenticationOptions microsoftOptions = new MicrosoftAccountAuthenticationOptions
{
ClientId = "0000000049673D31",
ClientSecret = "hkQB8uwZ55HrkIcpeU9J6tXXebrMUpOS"
};
microsoftOptions.Scope.Add("email");
app.UseMicrosoftAccountAuthentication(microsoftOptions);
}
// For more information on configuring authentication, please visit http://go.microsoft.com/fwlink/?LinkId=301864
public void ConfigureAuth(IAppBuilder app)
{
// Configure the db context, user manager and signin manager to use a single instance per request
app.CreatePerOwinContext(ApplicationDbContext.Create);
app.CreatePerOwinContext<ApplicationUserManager>(ApplicationUserManager.Create);
app.CreatePerOwinContext<ApplicationSignInManager>(ApplicationSignInManager.Create);
// Enable the application to use a cookie to store information for the signed in user
// and to use a cookie to temporarily store information about a user logging in with a third party login provider
// Configure the sign in cookie
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
LoginPath = new PathString("/Account/Login"),
Provider = new CookieAuthenticationProvider
{
// Enables the application to validate the security stamp when the user logs in.
// This is a security feature which is used when you change a password or add an external login to your account.
OnValidateIdentity = SecurityStampValidator.OnValidateIdentity<ApplicationUserManager, ApplicationUser>(
validateInterval: TimeSpan.FromMinutes(30),
regenerateIdentity: (manager, user) => user.GenerateUserIdentityAsync(manager))
}
});
app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);
// Enables the application to temporarily store user information when they are verifying the second factor in the two-factor authentication process.
app.UseTwoFactorSignInCookie(DefaultAuthenticationTypes.TwoFactorCookie, TimeSpan.FromMinutes(5));
// Enables the application to remember the second login verification factor such as phone or email.
// Once you check this option, your second step of verification during the login process will be remembered on the device where you logged in from.
// This is similar to the RememberMe option when you log in.
app.UseTwoFactorRememberBrowserCookie(DefaultAuthenticationTypes.TwoFactorRememberBrowserCookie);
// Uncomment the following lines to enable logging in with third party login providers
#region Microsoft
var microsoftAuthenticationOptions = new MicrosoftAccountAuthenticationOptions()
{
ClientId = ConfigurationManager.AppSettings["MsI"],
ClientSecret = ConfigurationManager.AppSettings["MsS"],
Provider = new MicrosoftAccountAuthenticationProvider()
{
OnAuthenticated = async context =>
{
context.Identity.AddClaim(new System.Security.Claims.Claim("MicrosoftAccessToken", context.AccessToken));
foreach (var claim in context.User)
{
var claimType = string.Format("urn:microsoft:{0}", claim.Key);
string claimValue = claim.Value.ToString();
if (!context.Identity.HasClaim(claimType, claimValue))
context.Identity.AddClaim(new System.Security.Claims.Claim(claimType, claimValue, "XmlSchemaString", "Microsoft"));
}
}
}
};
microsoftAuthenticationOptions.Scope.Add("wl.basic");
microsoftAuthenticationOptions.Scope.Add("wl.emails");
microsoftAuthenticationOptions.Scope.Add("wl.birthday");
app.UseMicrosoftAccountAuthentication(microsoftAuthenticationOptions);
#endregion Microsoft
#region Twitter
var twitterAuthenticationOptions = new TwitterAuthenticationOptions()
{
ConsumerKey = ConfigurationManager.AppSettings["TwtI"],
ConsumerSecret = ConfigurationManager.AppSettings["TwtS"]
};
app.UseTwitterAuthentication(twitterAuthenticationOptions);
#endregion Twitter
#region Facebook
var facebookAuthenticationOptions = new FacebookAuthenticationOptions()
{
AppId = ConfigurationManager.AppSettings["FaceI"],
AppSecret = ConfigurationManager.AppSettings["FaceS"],
Provider = new FacebookAuthenticationProvider()
{
OnAuthenticated = async context =>
{
context.Identity.AddClaim(new System.Security.Claims.Claim("FacebookAccessToken", context.AccessToken));
}
}
};
facebookAuthenticationOptions.Scope.Add("public_profile");
facebookAuthenticationOptions.Scope.Add("email");
facebookAuthenticationOptions.Scope.Add("user_birthday");
app.UseFacebookAuthentication(facebookAuthenticationOptions);
#endregion Facebook
#region Google
var googleAuthenticationOptions = new GoogleOAuth2AuthenticationOptions()
{
ClientId = ConfigurationManager.AppSettings["GglI"],
ClientSecret = ConfigurationManager.AppSettings["GglS"],
Provider = new GoogleOAuth2AuthenticationProvider()
{
OnAuthenticated = async context =>
{
context.Identity.AddClaim(new System.Security.Claims.Claim("GoogleAccessToken", context.AccessToken));
foreach (var claim in context.User)
{
var claimType = string.Format("urn:google:{0}", claim.Key);
string claimValue = claim.Value.ToString();
if (!context.Identity.HasClaim(claimType, claimValue))
context.Identity.AddClaim(new System.Security.Claims.Claim(claimType, claimValue, "XmlSchemaString", "Google"));
}
}
}
};
googleAuthenticationOptions.Scope.Add("https://www.googleapis.com/auth/plus.login email");
app.UseGoogleAuthentication(googleAuthenticationOptions);
#endregion Google
}
public async Task AuthenticatedEventCanGetRefreshToken()
{
var options = new MicrosoftAccountAuthenticationOptions()
{
ClientId = "Test Client Id",
ClientSecret = "Test Client Secret",
BackchannelHttpHandler = new TestHttpMessageHandler
{
Sender = async req =>
{
if (req.RequestUri.AbsoluteUri == "https://login.live.com/oauth20_token.srf")
{
return await ReturnJsonResponse(new
{
access_token = "Test Access Token",
expire_in = 3600,
token_type = "Bearer",
refresh_token = "Test Refresh Token"
});
}
else if (req.RequestUri.GetLeftPart(UriPartial.Path) == "https://apis.live.net/v5.0/me")
{
return await ReturnJsonResponse(new
{
id = "Test User ID",
name = "Test Name",
first_name = "Test Given Name",
last_name = "Test Family Name",
emails = new
{
preferred = "Test email"
}
});
}
return null;
}
},
Provider = new MicrosoftAccountAuthenticationProvider
{
OnAuthenticated = context =>
{
var refreshToken = context.RefreshToken;
context.Identity.AddClaim(new Claim("RefreshToken", refreshToken));
return Task.FromResult<object>(null);
}
}
};
var server = CreateServer(
app => app.UseMicrosoftAccountAuthentication(options),
context =>
{
var req = context.Request;
var res = context.Response;
Describe(res, new AuthenticateResult(req.User.Identity, new AuthenticationProperties(), new AuthenticationDescription()));
return true;
});
var properties = new AuthenticationProperties();
var correlationKey = ".AspNet.Correlation.Microsoft";
var correlationValue = "TestCorrelationId";
properties.Dictionary.Add(correlationKey, correlationValue);
properties.RedirectUri = "/me";
var state = options.StateDataFormat.Protect(properties);
var transaction = await SendAsync(server,
"https://example.com/signin-microsoft?code=TestCode&state=" + Uri.EscapeDataString(state),
correlationKey + "=" + correlationValue);
transaction.Response.StatusCode.ShouldBe(HttpStatusCode.Redirect);
transaction.Response.Headers.Location.ToString().ShouldBe("/me");
transaction.SetCookie.Count.ShouldBe(2);
transaction.SetCookie[0].ShouldContain(correlationKey);
transaction.SetCookie[1].ShouldContain(".AspNet.External");
var authCookie = transaction.AuthenticationCookieValue;
transaction = await SendAsync(server, "https://example.com/me", authCookie);
transaction.Response.StatusCode.ShouldBe(HttpStatusCode.OK);
transaction.FindClaimValue("RefreshToken").ShouldBe("Test Refresh Token");
}
private static MicrosoftAccountAuthenticationOptions GetMicrosoftAuthenticationOptions()
{
var options = new MicrosoftAccountAuthenticationOptions
{
ClientId = GetClientID("Microsoft"),
ClientSecret = GetClientSecret("Microsoft"),
Provider = new MicrosoftAccountAuthenticationProvider
{
OnAuthenticated = context =>
{
context.Identity.AddClaim(new System.Security.Claims.Claim("urn:microsoftaccount:access_token", context.AccessToken));
foreach (var claim in context.User)
{
var claimType = string.Format("urn:microsoftaccount:{0}", claim.Key);
var claimValue = claim.Value.ToString();
if (!context.Identity.HasClaim(claimType, claimValue))
context.Identity.AddClaim(new System.Security.Claims.Claim(claimType, claimValue, "XmlSchemaString", "Microsoft"));
}
return Task.FromResult(0);
}
}
};
options.Scope.Add("wl.emails");
options.Scope.Add("wl.basic");
return options;
}
public void MicrosoftAuthenticationWithProviderConfiguration(IAppBuilder app)
{
app.UseAuthSignInCookie();
var option = new MicrosoftAccountAuthenticationOptions()
{
ClientId = "000000004C0F442C",
ClientSecret = "EkXbW-Vr6Rqzi6pugl1jWIBsDotKLmqR",
Provider = new MicrosoftAccountAuthenticationProvider()
{
OnAuthenticated = async context =>
{
await Task.Run(() =>
{
Assert.Equal<string>("ValidAccessToken", context.AccessToken);
Assert.Equal<string>("ValidRefreshToken", context.RefreshToken);
Assert.Equal<string>("Owinauthtester", context.FirstName);
Assert.Equal<string>("fccf9a24999f4f4f", context.Id);
Assert.Equal<string>("Owinauthtester", context.LastName);
Assert.Equal<string>("Owinauthtester Owinauthtester", context.Name);
Assert.NotNull(context.User);
Assert.Equal<string>(context.Id, context.User.SelectToken("id").ToString());
context.Identity.AddClaim(new Claim("Authenticated", "true"));
});
},
OnReturnEndpoint = async context =>
{
await Task.Run(() =>
{
if (context.Identity != null && context.SignInAsAuthenticationType == "Application")
{
context.Identity.AddClaim(new Claim("ReturnEndpoint", "true"));
context.Identity.AddClaim(new Claim(context.Identity.RoleClaimType, "Guest", ClaimValueTypes.String));
}
else if (context.Identity == null)
{
context.Identity = new ClaimsIdentity("Microsoft", "Name_Failed", "Role_Failed");
context.SignInAsAuthenticationType = "Application";
}
});
},
OnApplyRedirect = context =>
{
context.Response.Redirect(context.RedirectUri + "&custom_redirect_uri=custom");
}
},
BackchannelHttpHandler = new MicrosoftChannelHttpHandler(),
BackchannelCertificateValidator = new CustomCertificateValidator(),
StateDataFormat = new CustomStateDataFormat(),
};
option.Scope.Add("wl.basic");
option.Scope.Add("wl.signin");
app.UseMicrosoftAccountAuthentication(option);
app.UseExternalApplication("Microsoft");
}
private static void ConfigureIdentityProviders(IAppBuilder app, string signInAsType)
{
var google = new GoogleOAuth2AuthenticationOptions
{
AuthenticationType = "Google",
SignInAsAuthenticationType = signInAsType,
ClientId = "767400843187-8boio83mb57ruogr9af9ut09fkg56b27.apps.googleusercontent.com",
ClientSecret = "5fWcBT0udKY7_b6E3gEiJlze"
};
app.UseGoogleAuthentication(google);
var fb = new FacebookAuthenticationOptions
{
AuthenticationType = "Facebook",
SignInAsAuthenticationType = signInAsType,
AppId = "676607329068058",
AppSecret = "9d6ab75f921942e61fb43a9b1fc25c63"
};
app.UseFacebookAuthentication(fb);
var twitter = new TwitterAuthenticationOptions
{
AuthenticationType = "Twitter",
SignInAsAuthenticationType = signInAsType,
ConsumerKey = "N8r8w7PIepwtZZwtH066kMlmq",
ConsumerSecret = "df15L2x6kNI50E4PYcHS0ImBQlcGIt6huET8gQN41VFpUCwNjM"
};
app.UseTwitterAuthentication(twitter);
var ms = new MicrosoftAccountAuthenticationOptions
{
AuthenticationType = "Microsoft",
SignInAsAuthenticationType = signInAsType,
ClientId = "N8r8w7PIe",
ClientSecret = "df15L2x6kNI50E"
};
app.UseMicrosoftAccountAuthentication(ms);
var github = new GitHubAuthenticationOptions()
{
AuthenticationType = "Github",
SignInAsAuthenticationType = signInAsType,
ClientId = "N8r8w7PIe",
ClientSecret = "df15L2x6kNI50E"
};
app.UseGitHubAuthentication(github);
}
/// <summary>
/// Enables authenticating users using their Microsoft account.
/// </summary>
/// <remarks>
/// To use this feature you need to have a developer account registered and an app created at Microsoft. You can do all
/// this at https://account.live.com/developers/applications.
/// Once the app is created, copy the client id and client secret that is provided and put them as credentials in this
/// method.
/// Security Note: Never store sensitive data in your source code. The account and credentials are added to the code above to keep the sample simple.
/// </remarks>
/// <param name="app">The application to associate with the login provider.</param>
private static void EnableMicrosoftAccountLogin(IAppBuilder app)
{
// Note that the id and secret code below are fictitious and will not work when calling Microsoft.
MicrosoftAccountAuthenticationOptions microsoftOptions = new MicrosoftAccountAuthenticationOptions
{
ClientId = "<ChangeThis>",
ClientSecret = "<ChangeThis>"
};
microsoftOptions.Scope.Add("email");
app.UseMicrosoftAccountAuthentication(microsoftOptions);
}
private static void EnableMicrosoftAuth(IAppBuilder app)
{
var microSoftAuthOpt = new MicrosoftAccountAuthenticationOptions();
microSoftAuthOpt.ClientId = Credentials.Microsoft_Id;
microSoftAuthOpt.ClientSecret = Credentials.Microsoft_Secret;
microSoftAuthOpt.Scope.Add("wl.emails");
microSoftAuthOpt.Provider = new MicrosoftOAuthProvider();
app.UseMicrosoftAccountAuthentication(microSoftAuthOpt);
}
// For more information on configuring authentication, please visit http://go.microsoft.com/fwlink/?LinkId=301864
public static void ConfigureAuth(IAppBuilder app)
{
// Configure the db context and user manager to use a single instance per request
// TODO Is this correct to make DbContext accessible from Web application?
app.CreatePerOwinContext(WealthEconomyContext.Create);
app.CreatePerOwinContext<UserManagerFactory>(UserManagerFactory.Create);
// Use a cookie to temporarily store information about a user logging in with a third party login provider
app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);
// Configure the application for OAuth based flow
PublicClientId = "self";
var OAuthServerOptions = new OAuthAuthorizationServerOptions
{
TokenEndpointPath = new PathString("/api/Token"),
Provider = new ApplicationOAuthProvider(PublicClientId),
//AuthorizeEndpointPath = new PathString("/api/Account/ExternalLogin"), // TODO ?
AccessTokenExpireTimeSpan = TimeSpan.FromDays(14),
AllowInsecureHttp = true
};
// Enable the application to use bearer tokens to authenticate users
app.UseOAuthBearerTokens(OAuthServerOptions);
// Configure Facebook login
var facebookAppId = Framework.AppSettings.FacebookAppId;
var facebookAppSecret = Framework.AppSettings.FacebookAppSecret;
if (!string.IsNullOrWhiteSpace(facebookAppId) && !string.IsNullOrWhiteSpace(facebookAppSecret))
{
var facebookAuthOptions = new FacebookAuthenticationOptions()
{
AppId = Framework.AppSettings.FacebookAppId,
AppSecret = Framework.AppSettings.FacebookAppSecret,
UserInformationEndpoint = "https://graph.facebook.com/v2.5/me?fields=email",
BackchannelHttpHandler = new FacebookBackChannelHandler(),
CallbackPath = new PathString("/api/Account/ExternalLoginFacebook") // Middleware is going to handle this, no need to implement
};
facebookAuthOptions.Scope.Add("email");
app.UseFacebookAuthentication(facebookAuthOptions);
}
// Configure Google login
var googleClientId = Framework.AppSettings.GoogleClientId;
var googleClientSecret = Framework.AppSettings.GoogleClientSecret;
if (!string.IsNullOrWhiteSpace(googleClientId) && !string.IsNullOrWhiteSpace(googleClientSecret))
{
var googleAuthOptions = new GoogleOAuth2AuthenticationOptions()
{
ClientId = googleClientId,
ClientSecret = googleClientSecret,
CallbackPath = new PathString("/api/Account/ExternalLoginGoogle") // Middleware is going to handle this, no need to implement
};
app.UseGoogleAuthentication(googleAuthOptions);
}
// Configure Microsoft Accounts login
var microsoftClientId = Framework.AppSettings.MicrosoftClientId;
var microsoftClientSecret = Framework.AppSettings.MicrosoftClientSecret;
if (!string.IsNullOrWhiteSpace(microsoftClientId) && !string.IsNullOrWhiteSpace(microsoftClientSecret))
{
var microsoftAccountAuthOptions = new MicrosoftAccountAuthenticationOptions()
{
ClientId = Framework.AppSettings.MicrosoftClientId,
ClientSecret = Framework.AppSettings.MicrosoftClientSecret,
CallbackPath = new PathString("/api/Account/ExternalLoginMicrosoft") // Middleware is going to handle this, no need to implement
};
microsoftAccountAuthOptions.Scope.Add("wl.emails");
app.UseMicrosoftAccountAuthentication(microsoftAccountAuthOptions);
}
}
