notazof
/
yavsc
1
0
Fork 0
Code Issues Pull Requests Packages Projects 1 Releases Wiki Activity
yavsc/Yavsc/Controllers/OAuthController.cs

174 lines
6.0 KiB
C#
Raw Normal View History Unescape Escape

nettoyage
8 years ago
using System.Linq;
integration https://github.com/XacronDevelopment/oauth-aspnet
8 years ago
using System.Security.Claims;
using System.Threading.Tasks;
using Microsoft.AspNet.Authorization;
using Microsoft.AspNet.DataProtection.KeyManagement;
oauth
8 years ago
using Microsoft.AspNet.Http.Authentication;
integration https://github.com/XacronDevelopment/oauth-aspnet
8 years ago
using Microsoft.AspNet.Identity;
using Microsoft.AspNet.Mvc;
oauth
8 years ago
using Microsoft.AspNet.WebUtilities;
integration https://github.com/XacronDevelopment/oauth-aspnet
8 years ago
using Microsoft.Extensions.Logging;
using Microsoft.Extensions.OptionsModel;
oauth
8 years ago
using OAuth.AspNet.AuthServer;
integration https://github.com/XacronDevelopment/oauth-aspnet
8 years ago
using Yavsc.Models;
namespace Yavsc.Controllers
{
oauth
8 years ago
public class TokenResponse
{
public string access_token { get; set; }
public int expires_in { get; set; }
public string grant_type { get; set; }
public int entity_id { get; set; }
}
integration https://github.com/XacronDevelopment/oauth-aspnet
8 years ago
[AllowAnonymous]
public class OAuthController : Controller
{
ApplicationDbContext _context;
UserManager<ApplicationUser> _userManager;
oauth
8 years ago
integration https://github.com/XacronDevelopment/oauth-aspnet
8 years ago
SiteSettings _siteSettings;
ILogger _logger;
private readonly SignInManager<ApplicationUser> _signInManager;
public OAuthController(ApplicationDbContext context, SignInManager<ApplicationUser> signInManager, IKeyManager keyManager,
UserManager<ApplicationUser> userManager,
IOptions<SiteSettings> siteSettings,
ILoggerFactory loggerFactory
)
{
_siteSettings = siteSettings.Value;
_context = context;
_signInManager = signInManager;
_userManager = userManager;
_logger = loggerFactory.CreateLogger<OAuthController>();
}
oauth
8 years ago
/*
private async Task<string> GetToken(string purpose, string userid, DateTime? expires)
integration https://github.com/XacronDevelopment/oauth-aspnet
8 years ago
{
oauth
8 years ago
// Here, you should create or look up an identity for the user which is being authenticated.
// For now, just creating a simple generic identity.
var identuser = await _userManager.FindByIdAsync(userid);
integration https://github.com/XacronDevelopment/oauth-aspnet
8 years ago
oauth
8 years ago
return await _tokenProvider.GenerateAsync(purpose, _userManager, identuser);
integration https://github.com/XacronDevelopment/oauth-aspnet
8 years ago
}
oauth
8 years ago
/// <summary>
/// Check if currently authenticated. Will throw an exception of some sort which shoudl be caught by a general
/// exception handler and returned to the user as a 401, if not authenticated. Will return a fresh token if
/// the user is authenticated, which will reset the expiry.
/// </summary>
/// <returns></returns>
[HttpGet, HttpPost, Authorize]
[Route("~/oauth/token")]
public async Task<dynamic> Get()
{
bool authenticated = false;
string user = null;
int entityId = -1;
string token = null;
DateTime? tokenExpires = default(DateTime?);
var currentUser = User;
if (currentUser != null)
{
authenticated = currentUser.Identity.IsAuthenticated;
if (authenticated)
{
user = User.GetUserId();
_logger.LogInformation($"authenticated user:{user}");
foreach (Claim c in currentUser.Claims) if (c.Type == "EntityID") entityId = Convert.ToInt32(c.Value);
tokenExpires = DateTime.UtcNow.AddMinutes(2);
token = await GetToken("id_token", user, tokenExpires);
return new TokenResponse { access_token = token, expires_in = 3400, entity_id = entityId };
}
}
return new { authenticated = false };
} */
integration https://github.com/XacronDevelopment/oauth-aspnet
8 years ago
[HttpGet("~/api/getclaims"), Produces("application/json")]
public IActionResult GetClaims()
{
var identity = User.Identity as ClaimsIdentity;
var claims = from c in identity.Claims
select new
{
subject = c.Subject.Name,
type = c.Type,
value = c.Value
};
return Ok(claims);
}
oauth
8 years ago
[HttpGet(Constants.AuthorizePath)]
public async Task<ActionResult> Authorize()
integration https://github.com/XacronDevelopment/oauth-aspnet
8 years ago
{
oauth
8 years ago
if (Response.StatusCode != 200)
{
return View("AuthorizeError");
}
AuthenticationManager authentication = Request.HttpContext.Authentication;
ClaimsPrincipal principal = await authentication.AuthenticateAsync(Constants.ApplicationAuthenticationSheme);
if (principal == null)
{
await authentication.ChallengeAsync(Constants.ApplicationAuthenticationSheme);
if (Response.StatusCode == 200)
return new HttpUnauthorizedResult();
return new HttpStatusCodeResult(Response.StatusCode);
}
string[] scopes = { };
if (Request.QueryString.HasValue)
{
var queryStringComponents = QueryHelpers.ParseQuery(Request.QueryString.Value);
if (queryStringComponents.ContainsKey("scope"))
scopes = queryStringComponents["scope"];
}
if (Request.Method == "POST")
{
if (!string.IsNullOrEmpty(Request.Form["submit.Grant"]))
{
principal = new ClaimsPrincipal(principal.Identities);
ClaimsIdentity primaryIdentity = (ClaimsIdentity)principal.Identity;
foreach (var scope in scopes)
{
primaryIdentity.AddClaim(new Claim("urn:oauth:scope", scope));
}
await authentication.SignInAsync(OAuthDefaults.AuthenticationType, principal);
}
if (!string.IsNullOrEmpty(Request.Form["submit.Login"]))
{
await authentication.SignOutAsync(Constants.ApplicationAuthenticationSheme);
await authentication.ChallengeAsync(Constants.ApplicationAuthenticationSheme);
return new HttpUnauthorizedResult();
}
}
return View(new AuthorisationView { Scopes = scopes } );
integration https://github.com/XacronDevelopment/oauth-aspnet
8 years ago
}
}
}