109 lines
4.5 KiB
C#
109 lines
4.5 KiB
C#
using System;
|
|
using System.Collections.Generic;
|
|
using System.Net.Http;
|
|
using System.Net.Http.Headers;
|
|
using System.Threading.Tasks;
|
|
using IdentityModel.OidcClient;
|
|
using Thinktecture.IdentityModel.Client;
|
|
|
|
namespace webapi.StrongAuth
|
|
{
|
|
public class StrongAuthClient : OAuth2Client{
|
|
public StrongAuthClient(Uri address, AuthenticationHeaderValue authentication) : base(address)
|
|
{
|
|
_client.DefaultRequestHeaders.Authorization = authentication;
|
|
}
|
|
}
|
|
public class StrongAuthLib
|
|
{
|
|
public string GetAuthUrl(string strongAuthAuthorizeUrl,
|
|
string clientId,
|
|
string redirectUrl,
|
|
string state,
|
|
string acrValues,
|
|
string uiLocales,
|
|
string scope)
|
|
{
|
|
|
|
var client = new OAuth2Client(new Uri(strongAuthAuthorizeUrl));
|
|
return client.CreateAuthorizeUrl(
|
|
clientId: clientId,
|
|
redirectUri: redirectUrl,
|
|
responseType: "code",
|
|
scope: scope,
|
|
state: state,
|
|
acrValues: acrValues,
|
|
//responseMode: "form_post",
|
|
//nonce: Guid.NewGuid().ToString(),
|
|
additionalValues: new Dictionary<string, string>()
|
|
{
|
|
{ "ui_locales", uiLocales}
|
|
});
|
|
|
|
//var options = new OidcClientOptions(strongAuthAuthorizeUrl, clientId,
|
|
// "secret", redirectUrl, scope);
|
|
//{
|
|
// Authority = strongAuthAuthorizeUrl, //_authority,
|
|
// ClientId = clientId, //"interactive.public",
|
|
// RedirectUri = redirectUrl, //redirectUri,
|
|
// Scope = scope, //"openid profile api",
|
|
// FilterClaims = true,
|
|
// LoadProfile = true
|
|
//};
|
|
|
|
//var client = new OidcClient(options);
|
|
//var state1 = client.PrepareLoginAsync().GetAwaiter().GetResult();
|
|
//return state1.StartUrl;
|
|
|
|
//var ru = new RequestUrl(strongAuthAuthorizeUrl); // ConfigurationManager.AppSettings["StrongAuthAuthorizeUrl"]); // "https://preprod.signicat.com/oidc/authorize");
|
|
|
|
//return ru.CreateAuthorizeUrl(
|
|
// clientId: clientId, // ConfigurationManager.AppSettings["ClientId"], //"demo-preprod",
|
|
// responseType: "code",
|
|
// redirectUri: redirectUrl, //ConfigurationManager.AppSettings["RedirectUrl"], //"http://localhost:8080/redirect", //"https://labs.signicat.com/redirect",
|
|
// state: state, //ConfigurationManager.AppSettings["state"], //"Testing_123",
|
|
// acrValues: acrValues, //ConfigurationManager.AppSettings["acrValues"], //"urn:signicat:oidc:portal:ftn",
|
|
// uiLocales: uiLocales, //ConfigurationManager.AppSettings["uiLocales"], //"fi",
|
|
// scope: scope //ConfigurationManager.AppSettings["scope"]); // "openid"); //"openid+profile+email+address+phone+offline_access"); // "openid+profile+ftn+signicat.national_id");
|
|
//);
|
|
}
|
|
|
|
public async Task<string> GetUserInfoAccessToken(
|
|
string baseAuthKey,
|
|
string strongAuthTokenUrl,
|
|
string redirectUrl,
|
|
string code)
|
|
{
|
|
var client = new StrongAuthClient(new Uri(strongAuthTokenUrl),
|
|
new AuthenticationHeaderValue("Basic", Convert.ToBase64String(
|
|
System.Text.Encoding.UTF8.GetBytes(baseAuthKey))));
|
|
|
|
var response = await client.RequestAuthorizationCodeAsync(code, redirectUrl);
|
|
|
|
//using (var client = new HttpClient())
|
|
//{
|
|
// client.DefaultRequestHeaders.Authorization =
|
|
// new AuthenticationHeaderValue("Basic", Convert.ToBase64String(
|
|
// System.Text.Encoding.UTF8.GetBytes(baseAuthKey)));
|
|
|
|
// var response = await client.RequestTokenAsync(new TokenRequest
|
|
// {
|
|
// Address = strongAuthTokenUrl,
|
|
// GrantType = "authorization_code",
|
|
// ClientId = clientId,
|
|
// Parameters =
|
|
// {
|
|
// { "redirect_uri", redirectUrl },
|
|
// { "code", code }
|
|
// }
|
|
// });
|
|
|
|
if (response.IsError || string.IsNullOrEmpty(response.AccessToken))
|
|
{
|
|
return null;
|
|
}
|
|
return response.AccessToken;
|
|
}
|
|
}
|
|
}
|