/// <summary>Refresh Tokenを使用してAccess Tokenを更新</summary> /// <param name="tokenEndpointUri">tokenEndpointUri</param> /// <param name="client_id">client_id</param> /// <param name="client_secret">client_secret</param> /// <param name="refreshToken">refreshToken</param> /// <returns>結果のJSON文字列</returns> public static async Task <string> UpdateAccessTokenByRefreshTokenAsync( Uri tokenEndpointUri, string client_id, string client_secret, string refreshToken) { // 6. アクセストークンの更新 // http://openid-foundation-japan.github.io/rfc6749.ja.html#token-refresh // 通信用の変数 HttpRequestMessage httpRequestMessage = null; HttpResponseMessage httpResponseMessage = null; // HttpRequestMessage (Method & RequestUri) httpRequestMessage = new HttpRequestMessage { Method = HttpMethod.Post, RequestUri = tokenEndpointUri, }; // HttpRequestMessage (Headers & Content) httpRequestMessage.Headers.Authorization = AuthenticationHeader.CreateBasicAuthenticationHeaderValue(client_id, client_secret); httpRequestMessage.Content = new FormUrlEncodedContent( new Dictionary <string, string> { { OAuth2AndOIDCConst.grant_type, OAuth2AndOIDCConst.RefreshTokenGrantType }, { OAuth2AndOIDCConst.RefreshToken, refreshToken }, }); // HttpResponseMessage httpResponseMessage = await OAuth2AndOIDCClient._HttpClient.SendAsync(httpRequestMessage).ConfigureAwait(false); return(await httpResponseMessage.Content.ReadAsStringAsync().ConfigureAwait(false)); }
/// <summary> /// Client Credentials Grant /// </summary> /// <param name="tokenEndpointUri">TokenエンドポイントのUri</param> /// <param name="client_id">string</param> /// <param name="client_secret">string</param> /// <param name="scopes">string</param> /// <returns>結果のJSON文字列</returns> public static async Task <string> ClientCredentialsGrantAsync( Uri tokenEndpointUri, string client_id, string client_secret, string scopes) { // 通信用の変数 HttpRequestMessage httpRequestMessage = null; HttpResponseMessage httpResponseMessage = null; // HttpRequestMessage (Method & RequestUri) httpRequestMessage = new HttpRequestMessage { Method = HttpMethod.Post, RequestUri = tokenEndpointUri, }; // HttpRequestMessage (Headers & Content) httpRequestMessage.Headers.Authorization = AuthenticationHeader.CreateBasicAuthenticationHeaderValue(client_id, client_secret); httpRequestMessage.Content = new FormUrlEncodedContent( new Dictionary <string, string> { { OAuth2AndOIDCConst.grant_type, OAuth2AndOIDCConst.ClientCredentialsGrantType }, { OAuth2AndOIDCConst.scope, scopes }, }); // HttpResponseMessage httpResponseMessage = await OAuth2AndOIDCClient._HttpClient.SendAsync(httpRequestMessage).ConfigureAwait(false); return(await httpResponseMessage.Content.ReadAsStringAsync().ConfigureAwait(false)); }
/// <summary> /// Resource Owner Password Credentials Grant /// </summary> /// <param name="tokenEndpointUri">TokenエンドポイントのUri</param> /// <param name="client_id">client_id</param> /// <param name="client_secret">client_secret</param> /// <param name="userId">userId</param> /// <param name="password">password</param> /// <param name="scopes">scopes</param> /// <returns>結果のJSON文字列</returns> public static async Task <string> ResourceOwnerPasswordCredentialsGrantAsync( Uri tokenEndpointUri, string client_id, string client_secret, string userId, string password, string scopes) { // 4.1.3. アクセストークンリクエスト // http://openid-foundation-japan.github.io/rfc6749.ja.html#token-req // 通信用の変数 HttpRequestMessage httpRequestMessage = null; HttpResponseMessage httpResponseMessage = null; // HttpRequestMessage (Method & RequestUri) httpRequestMessage = new HttpRequestMessage { Method = HttpMethod.Post, RequestUri = tokenEndpointUri, }; // HttpRequestMessage (Headers & Content) httpRequestMessage.Headers.Authorization = AuthenticationHeader.CreateBasicAuthenticationHeaderValue(client_id, client_secret); httpRequestMessage.Content = new FormUrlEncodedContent( new Dictionary <string, string> { { OAuth2AndOIDCConst.grant_type, OAuth2AndOIDCConst.ResourceOwnerPasswordCredentialsGrantType }, { "username", userId }, { "password", password }, { OAuth2AndOIDCConst.scope, scopes }, }); // HttpResponseMessage httpResponseMessage = await OAuth2AndOIDCClient._HttpClient.SendAsync(httpRequestMessage).ConfigureAwait(false); return(await httpResponseMessage.Content.ReadAsStringAsync().ConfigureAwait(false)); }
/// <summary>Introspectエンドポイントで、Tokenを無効化する。</summary> /// <param name="introspectTokenEndpointUri">IntrospectエンドポイントのUri</param> /// <param name="client_id">client_id</param> /// <param name="client_secret">client_secret</param> /// <param name="token">token</param> /// <param name="token_type_hint">token_type_hint</param> /// <returns>結果のJSON文字列</returns> public static async Task <string> IntrospectTokenAsync( Uri introspectTokenEndpointUri, string client_id, string client_secret, string token, string token_type_hint) { // 通信用の変数 HttpRequestMessage httpRequestMessage = null; HttpResponseMessage httpResponseMessage = null; // HttpRequestMessage (Method & RequestUri) httpRequestMessage = new HttpRequestMessage { Method = HttpMethod.Post, RequestUri = introspectTokenEndpointUri, }; // HttpRequestMessage (Headers & Content) httpRequestMessage.Headers.Authorization = AuthenticationHeader.CreateBasicAuthenticationHeaderValue(client_id, client_secret); httpRequestMessage.Content = new FormUrlEncodedContent( new Dictionary <string, string> { { OAuth2AndOIDCConst.token, token }, { OAuth2AndOIDCConst.token_type_hint, token_type_hint }, }); // HttpResponseMessage httpResponseMessage = await OAuth2AndOIDCClient._HttpClient.SendAsync(httpRequestMessage).ConfigureAwait(false); return(await httpResponseMessage.Content.ReadAsStringAsync().ConfigureAwait(false)); }
/// <summary>Revokeエンドポイントで、Tokenを無効化する。</summary> /// <param name="revokeTokenEndpointUri">RevokeエンドポイントのUri</param> /// <param name="client_id">client_id</param> /// <param name="client_secret">client_secret</param> /// <param name="token">token</param> /// <param name="token_type_hint">token_type_hint</param> /// <param name="authMethod">OAuth2AndOIDCEnum.AuthMethods</param> /// <returns>結果のJSON文字列</returns> public static async Task <string> RevokeTokenAsync( Uri revokeTokenEndpointUri, string client_id, string client_secret, string token, string token_type_hint, OAuth2AndOIDCEnum.AuthMethods authMethod = OAuth2AndOIDCEnum.AuthMethods.client_secret_basic) { // 通信用の変数 HttpRequestMessage httpRequestMessage = null; HttpResponseMessage httpResponseMessage = null; // HttpRequestMessage (Method & RequestUri) httpRequestMessage = new HttpRequestMessage { Method = HttpMethod.Post, RequestUri = revokeTokenEndpointUri, }; if (authMethod == OAuth2AndOIDCEnum.AuthMethods.client_secret_basic) { // HttpRequestMessage (Headers & Content) httpRequestMessage.Headers.Authorization = AuthenticationHeader.CreateBasicAuthenticationHeaderValue(client_id, client_secret); httpRequestMessage.Content = new FormUrlEncodedContent( new Dictionary <string, string> { { OAuth2AndOIDCConst.token, token }, { OAuth2AndOIDCConst.token_type_hint, token_type_hint }, }); } else if (authMethod == OAuth2AndOIDCEnum.AuthMethods.client_secret_post) { // HttpRequestMessage (Content) httpRequestMessage.Content = new FormUrlEncodedContent( new Dictionary <string, string> { { OAuth2AndOIDCConst.client_id, client_id }, { OAuth2AndOIDCConst.client_secret, client_secret }, { OAuth2AndOIDCConst.token, token }, { OAuth2AndOIDCConst.token_type_hint, token_type_hint }, }); } else { throw new ArgumentException( PublicExceptionMessage.ARGUMENT_INCORRECT, "authMethod"); } // HttpResponseMessage httpResponseMessage = await OAuth2AndOIDCClient._HttpClient.SendAsync(httpRequestMessage).ConfigureAwait(false); return(await httpResponseMessage.Content.ReadAsStringAsync().ConfigureAwait(false)); }
/// <summary>GetCredentials(Bearer)</summary> /// <param name="authHeader">string</param> /// <param name="bearerToken">string</param> /// <returns>bool</returns> public static bool GetCredentials(string authHeader, out string bearerToken) { bearerToken = ""; string[] credentials = null; if (AuthenticationHeader.GetCredentials(authHeader, out credentials) == OAuth2AndOIDCConst.Bearer) { if (credentials.Length == 1) { bearerToken = credentials[0]; return(true); } } return(false); }
/// <summary>FAPI CIBAのTokenリクエスト</summary> /// <param name="tokenEndpointUri">Uri</param> /// <param name="client_id">client_id</param> /// <param name="client_secret">client_secret</param> /// <param name="auth_req_id">string</param> /// <param name="authMethod">OAuth2AndOIDCEnum.AuthMethods</param> /// <returns>結果のJSON文字列</returns> public static async Task <string> GetAccessTokenByCibaAsync( Uri tokenEndpointUri, string client_id, string client_secret, string auth_req_id, OAuth2AndOIDCEnum.AuthMethods authMethod = OAuth2AndOIDCEnum.AuthMethods.client_secret_basic) { // 通信用の変数 HttpRequestMessage httpRequestMessage = null; HttpResponseMessage httpResponseMessage = null; // HttpRequestMessage (Method & RequestUri) httpRequestMessage = new HttpRequestMessage { Method = HttpMethod.Post, RequestUri = tokenEndpointUri, }; // body Dictionary <string, string> body = new Dictionary <string, string> { { OAuth2AndOIDCConst.grant_type, OAuth2AndOIDCConst.CibaGrantType }, { "auth_req_id", auth_req_id } }; // 認証情報の付加 if (authMethod == OAuth2AndOIDCEnum.AuthMethods.client_secret_basic) { httpRequestMessage.Headers.Authorization = AuthenticationHeader.CreateBasicAuthenticationHeaderValue(client_id, client_secret); } else if (authMethod == OAuth2AndOIDCEnum.AuthMethods.client_secret_post) { body.Add(OAuth2AndOIDCConst.client_id, client_id); body.Add(OAuth2AndOIDCConst.client_secret, client_secret); } else { throw new ArgumentException( PublicExceptionMessage.ARGUMENT_INCORRECT, "authMethod"); } httpRequestMessage.Content = new FormUrlEncodedContent(body); // HttpResponseMessage httpResponseMessage = await OAuth2AndOIDCClient._HttpClient.SendAsync(httpRequestMessage).ConfigureAwait(false); return(await httpResponseMessage.Content.ReadAsStringAsync().ConfigureAwait(false)); }
/// <summary>認可したユーザのClaim情報を取得するWebAPIを呼び出す</summary> /// <param name="userInfoEndpointUri">Uri</param> /// <param name="accessToken">accessToken</param> /// <returns>結果のJSON文字列(認可したユーザのClaim情報)</returns> public static async Task <string> GetUserInfoAsync(Uri userInfoEndpointUri, string accessToken) { // 通信用の変数 HttpRequestMessage httpRequestMessage = null; HttpResponseMessage httpResponseMessage = null; // HttpRequestMessage (Method & RequestUri) httpRequestMessage = new HttpRequestMessage { Method = HttpMethod.Get, RequestUri = userInfoEndpointUri, }; // HttpRequestMessage (Headers) httpRequestMessage.Headers.Authorization = AuthenticationHeader.CreateBearerAuthenticationHeaderValue(accessToken); // HttpResponseMessage httpResponseMessage = await OAuth2AndOIDCClient._HttpClient.SendAsync(httpRequestMessage).ConfigureAwait(false); return(await httpResponseMessage.Content.ReadAsStringAsync().ConfigureAwait(false)); }
/// <summary>GetCredentials(Basic)</summary> /// <param name="authHeader">string</param> /// <param name="client_id">string</param> /// <param name="client_secret">string</param> /// <returns>bool</returns> public static bool GetCredentials(string authHeader, out string client_id, out string client_secret) { client_id = ""; client_secret = ""; string[] credentials = null; if (AuthenticationHeader.GetCredentials(authHeader, out credentials) == OAuth2AndOIDCConst.Basic) { // Length == 1 の ケースもサポート if (credentials.Length == 1) { client_id = credentials[0]; return(true); } else if (credentials.Length == 2) { client_id = credentials[0]; client_secret = credentials[1]; return(true); } } return(false); }
/// <summary> /// code, etc. からAccess Tokenを取得する。 /// </summary> /// <param name="tokenEndpointUri">TokenエンドポイントのUri</param> /// <param name="client_id">client_id</param> /// <param name="client_secret">client_secret</param> /// <param name="redirect_uri">redirect_uri</param> /// <param name="code">code</param> /// <param name="code_verifier">code_verifier</param> /// <param name="assertion">assertion</param> /// <param name="authMethod">OAuth2AndOIDCEnum.AuthMethods</param> /// <returns>結果のJSON文字列</returns> private static async Task <string> GetAccessTokenByCodeAsync(Uri tokenEndpointUri, string client_id, string client_secret, string redirect_uri, string code, string code_verifier, string assertion, OAuth2AndOIDCEnum.AuthMethods authMethod = OAuth2AndOIDCEnum.AuthMethods.client_secret_basic) { // 4.1.3. アクセストークンリクエスト // http://openid-foundation-japan.github.io/rfc6749.ja.html#token-req // 通信用の変数 HttpRequestMessage httpRequestMessage = null; HttpResponseMessage httpResponseMessage = null; // HttpRequestMessage (Method & RequestUri) httpRequestMessage = new HttpRequestMessage { Method = HttpMethod.Post, RequestUri = tokenEndpointUri, }; if (string.IsNullOrEmpty(code_verifier) && string.IsNullOrEmpty(assertion)) { // 通常のアクセストークン・リクエスト Dictionary <string, string> body = new Dictionary <string, string> { { OAuth2AndOIDCConst.grant_type, OAuth2AndOIDCConst.AuthorizationCodeGrantType }, { OAuth2AndOIDCConst.code, code }, { OAuth2AndOIDCConst.redirect_uri, HttpUtility.HtmlEncode(redirect_uri) }, }; // 認証情報の付加 if (authMethod == OAuth2AndOIDCEnum.AuthMethods.client_secret_basic) { httpRequestMessage.Headers.Authorization = AuthenticationHeader.CreateBasicAuthenticationHeaderValue(client_id, client_secret); } else if (authMethod == OAuth2AndOIDCEnum.AuthMethods.client_secret_post) { body.Add(OAuth2AndOIDCConst.client_id, client_id); body.Add(OAuth2AndOIDCConst.client_secret, client_secret); } else { throw new ArgumentException( PublicExceptionMessage.ARGUMENT_INCORRECT, "authMethod"); } httpRequestMessage.Content = new FormUrlEncodedContent(body); } else if (!string.IsNullOrEmpty(code_verifier) && authMethod == OAuth2AndOIDCEnum.AuthMethods.client_secret_post) { // OAuth PKCEのアクセストークン・リクエスト httpRequestMessage.Content = new FormUrlEncodedContent( new Dictionary <string, string> { { OAuth2AndOIDCConst.grant_type, OAuth2AndOIDCConst.AuthorizationCodeGrantType }, { OAuth2AndOIDCConst.code, code }, { OAuth2AndOIDCConst.client_id, client_id }, { OAuth2AndOIDCConst.code_verifier, code_verifier }, { OAuth2AndOIDCConst.redirect_uri, HttpUtility.HtmlEncode(redirect_uri) }, }); } else if (!string.IsNullOrEmpty(assertion) && authMethod == OAuth2AndOIDCEnum.AuthMethods.private_key_jwt) { // FAPI1のアクセストークン・リクエスト httpRequestMessage.Content = new FormUrlEncodedContent( new Dictionary <string, string> { { OAuth2AndOIDCConst.grant_type, OAuth2AndOIDCConst.AuthorizationCodeGrantType }, { OAuth2AndOIDCConst.code, code }, { OAuth2AndOIDCConst.assertion, assertion }, { OAuth2AndOIDCConst.redirect_uri, HttpUtility.HtmlEncode(redirect_uri) }, }); } else { throw new ArgumentException( PublicExceptionMessage.ARGUMENT_INCORRECT, "code_verifier, assertion, authMethod"); } // HttpResponseMessage httpResponseMessage = await OAuth2AndOIDCClient._HttpClient.SendAsync(httpRequestMessage).ConfigureAwait(false); return(await httpResponseMessage.Content.ReadAsStringAsync().ConfigureAwait(false)); }
/// <summary> /// code, etc. からAccess Tokenを取得する。 /// </summary> /// <param name="tokenEndpointUri">TokenエンドポイントのUri</param> /// <param name="client_id">client_id</param> /// <param name="client_secret">client_secret</param> /// <param name="redirect_uri">redirect_uri</param> /// <param name="code">code</param> /// <param name="code_verifier">code_verifier</param> /// <param name="assertion">assertion</param> /// <returns>結果のJSON文字列</returns> private static async Task <string> GetAccessTokenByCodeAsync( Uri tokenEndpointUri, string client_id, string client_secret, string redirect_uri, string code, string code_verifier, string assertion) { // 4.1.3. アクセストークンリクエスト // http://openid-foundation-japan.github.io/rfc6749.ja.html#token-req // 通信用の変数 HttpRequestMessage httpRequestMessage = null; HttpResponseMessage httpResponseMessage = null; // HttpRequestMessage (Method & RequestUri) httpRequestMessage = new HttpRequestMessage { Method = HttpMethod.Post, RequestUri = tokenEndpointUri, }; // HttpRequestMessage (Headers & Content) httpRequestMessage.Headers.Authorization = AuthenticationHeader.CreateBasicAuthenticationHeaderValue(client_id, client_secret); if (string.IsNullOrEmpty(code_verifier) && string.IsNullOrEmpty(assertion)) { // 通常のアクセストークン・リクエスト httpRequestMessage.Content = new FormUrlEncodedContent( new Dictionary <string, string> { { OAuth2AndOIDCConst.grant_type, OAuth2AndOIDCConst.AuthorizationCodeGrantType }, { OAuth2AndOIDCConst.code, code }, { OAuth2AndOIDCConst.redirect_uri, HttpUtility.HtmlEncode(redirect_uri) }, }); } else if (!string.IsNullOrEmpty(code_verifier)) { // OAuth PKCEのアクセストークン・リクエスト httpRequestMessage.Content = new FormUrlEncodedContent( new Dictionary <string, string> { { OAuth2AndOIDCConst.grant_type, OAuth2AndOIDCConst.AuthorizationCodeGrantType }, { OAuth2AndOIDCConst.code, code }, { OAuth2AndOIDCConst.code_verifier, code_verifier }, { OAuth2AndOIDCConst.redirect_uri, HttpUtility.HtmlEncode(redirect_uri) }, }); } else if (!string.IsNullOrEmpty(assertion)) { // FAPI1のアクセストークン・リクエスト httpRequestMessage.Content = new FormUrlEncodedContent( new Dictionary <string, string> { { OAuth2AndOIDCConst.grant_type, OAuth2AndOIDCConst.AuthorizationCodeGrantType }, { OAuth2AndOIDCConst.code, code }, { OAuth2AndOIDCConst.assertion, assertion }, { OAuth2AndOIDCConst.redirect_uri, HttpUtility.HtmlEncode(redirect_uri) }, }); } // HttpResponseMessage httpResponseMessage = await OAuth2AndOIDCClient._HttpClient.SendAsync(httpRequestMessage).ConfigureAwait(false); return(await httpResponseMessage.Content.ReadAsStringAsync().ConfigureAwait(false)); }