protected override string BuildChallengeUrl(AuthenticationProperties properties, string redirectUri) { log.LogDebug("BuildChallengeUrl called with redirectUri = " + redirectUri); var scope = FormatOAuthScope(); var state = Options.StateDataFormat.Protect(properties); //var queryBuilder = new QueryBuilder() //{ // { "client_id", Options.ClientId }, // { "scope", scope }, // { "response_type", "code" }, // { "redirect_uri", redirectUri }, // { "state", state }, //}; var tenantFbOptions = new MultiTenantFacebookOptionsResolver(Options, siteResolver, siteRepo, multiTenantOptions); var queryBuilder = new QueryBuilder() { { "client_id", tenantFbOptions.AppId }, { "scope", scope }, { "response_type", "code" }, { "redirect_uri", tenantFbOptions.ResolveRedirectUrl(redirectUri) }, // we are hijacking this property here { "state", state }, }; return(Options.AuthorizationEndpoint + queryBuilder.ToString()); }
protected override async Task <OAuthTokenResponse> ExchangeCodeAsync(string code, string redirectUri) { log.LogDebug("ExchangeCodeAsync called with code " + code + " redirectUri " + redirectUri); //var queryBuilder = new QueryBuilder() //{ // { "grant_type", "authorization_code" }, // { "code", code }, // { "redirect_uri", redirectUri }, // { "client_id", Options.AppId }, // { "client_secret", Options.AppSecret }, //}; var currentSite = await GetSite(); var tenantFbOptions = new MultiTenantFacebookOptionsResolver( Options, currentSite, multiTenantOptions); var queryBuilder = new QueryBuilder() { { "grant_type", "authorization_code" }, { "code", code }, { "redirect_uri", tenantFbOptions.ResolveRedirectUrl(redirectUri) }, { "client_id", tenantFbOptions.AppId }, { "client_secret", tenantFbOptions.AppSecret }, }; var response = await Backchannel.GetAsync(Options.TokenEndpoint + queryBuilder.ToString(), Context.RequestAborted); response.EnsureSuccessStatusCode(); var form = new FormCollection(FormReader.ReadForm(await response.Content.ReadAsStringAsync())); var payload = new JObject(); foreach (string key in form.Keys) { //payload.Add(string.Equals(key, "expires", StringComparison.OrdinalIgnoreCase) ? "expires_in" : key, form[key]); payload.Add(string.Equals(key, "expires", StringComparison.OrdinalIgnoreCase) ? "expires_in" : key, (string)form[key]); } // The refresh token is not available. return(new OAuthTokenResponse(payload)); }