diff --git a/testOauthClient/Startup.cs b/testOauthClient/Startup.cs index 8808d446..ec0e6372 100755 --- a/testOauthClient/Startup.cs +++ b/testOauthClient/Startup.cs @@ -8,6 +8,11 @@ using Microsoft.AspNet.Authentication; using Microsoft.AspNet.Http; using Microsoft.AspNet.Authentication.Cookies; using Microsoft.Extensions.WebEncoders; +using Microsoft.AspNet.Authentication.OAuth; +using System.Net.Http; +using System.Net.Http.Headers; +using Newtonsoft.Json.Linq; +using System.Security.Claims; namespace testOauthClient { @@ -27,8 +32,9 @@ namespace testOauthClient // This method gets called by the runtime. Use this method to add services to the container. public void ConfigureServices(IServiceCollection services) { - - services.Configure(options => { + + services.Configure(options => + { options.SignInScheme = "Bearer"; }); @@ -37,7 +43,7 @@ namespace testOauthClient services.AddAuthentication(); services.AddMvc(); - + } // This method gets called by the runtime. Use this method to configure the HTTP request pipeline. @@ -54,12 +60,14 @@ namespace testOauthClient { app.UseExceptionHandler("/Home/Error"); } - app.UseIISPlatformHandler(options => { + app.UseIISPlatformHandler(options => + { options.AuthenticationDescriptions.Clear(); }); app.UseStaticFiles(); - app.UseCookieAuthentication(new CookieAuthenticationOptions { + app.UseCookieAuthentication(new CookieAuthenticationOptions + { AutomaticAuthenticate = true, AutomaticChallenge = true, AuthenticationScheme = "Bearer", @@ -68,18 +76,46 @@ namespace testOauthClient LoginPath = new PathString("/signin"), LogoutPath = new PathString("/signout") }); - + app.UseOAuthAuthentication( - options => {  + options => + { options.AuthenticationScheme = "Yavsc"; options.AuthorizationEndpoint = "http://dev.pschneider.fr/authorize"; options.TokenEndpoint = "http://dev.pschneider.fr/token"; options.CallbackPath = new PathString("/signin-yavsc"); - options.ClientId="21d8bd1b-4aed-4fcb-9ed9-00b43f6a8169"; - options.ClientSecret="blih"; + options.ClientId = "21d8bd1b-4aed-4fcb-9ed9-00b43f6a8169"; + options.ClientSecret = "blih"; options.Scope.Add("profile"); - // options.SaveTokensAsClaims = true; + options.SaveTokensAsClaims = true; options.UserInformationEndpoint = "http://dev.pschneider.fr/api/me"; + options.Events = new OAuthEvents + { + OnCreatingTicket = async context => + { + var request = new HttpRequestMessage(HttpMethod.Get, options.UserInformationEndpoint); + request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", context.AccessToken); + var response = await context.Backchannel.SendAsync(request); + response.EnsureSuccessStatusCode(); + + var payload = JObject.Parse(await response.Content.ReadAsStringAsync()); + var identifier = payload.Value("id"); + var givenName = payload.Value("givenName"); + var emails = payload.Value("emails"); + string email = null; + if (emails !=null) + email = emails.First?.Value(); + var url = payload.Value("url"); + + context.Identity.AddClaim( + new Claim( ClaimTypes.NameIdentifier,identifier)); + context.Identity.AddClaim( + new Claim( ClaimTypes.Name,givenName)); + context.Identity.AddClaim( + new Claim( ClaimTypes.Email,email)); + + } + }; } );