From 1fa83045cef046f16fe3c95be989de3406fb9ef2 Mon Sep 17 00:00:00 2001
From: Tommy Parnell <tparnell8@gmail.com>
Date: Wed, 8 Apr 2015 22:59:06 -0400
Subject: [PATCH] stopping point

---
 .../Owin.Security.Providers.csproj            |  1 +
 .../Untappd/ApiResponse.cs                    | 26 +++++++++
 .../Provider/UntappdAuthenticatedContext.cs   | 10 ++--
 .../Untappd/UntappdAuthenticationHandler.cs   | 54 ++++++++-----------
 .../UntappdAuthenticationMiddleware.cs        |  8 ---
 .../Untappd/UntappdAuthenticationOptions.cs   |  2 +-
 6 files changed, 55 insertions(+), 46 deletions(-)
 create mode 100644 Owin.Security.Providers/Untappd/ApiResponse.cs

diff --git a/Owin.Security.Providers/Owin.Security.Providers.csproj b/Owin.Security.Providers/Owin.Security.Providers.csproj
index a6595bc..cfe00fd 100644
--- a/Owin.Security.Providers/Owin.Security.Providers.csproj
+++ b/Owin.Security.Providers/Owin.Security.Providers.csproj
@@ -287,6 +287,7 @@
     <Compile Include="Wargaming\WargamingAuthenticationHandler.cs" />
     <Compile Include="Wargaming\WargamingAuthenticationOptions.cs" />
     <Compile Include="Wargaming\WargamingAuthenticationMiddleware.cs" />
+    <Compile Include="Untappd\ApiResponse.cs" />
     <Compile Include="Untappd\Constants.cs" />
     <Compile Include="Untappd\Provider\IUntappdAuthenticationProvider.cs" />
     <Compile Include="Untappd\Provider\UntappdAuthenticatedContext.cs" />
diff --git a/Owin.Security.Providers/Untappd/ApiResponse.cs b/Owin.Security.Providers/Untappd/ApiResponse.cs
new file mode 100644
index 0000000..4edaadf
--- /dev/null
+++ b/Owin.Security.Providers/Untappd/ApiResponse.cs
@@ -0,0 +1,26 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Text;
+using System.Threading.Tasks;
+
+namespace Owin.Security.Providers.Untappd
+{
+
+    internal class ResponseRoot
+    {
+        public Meta meta { get; set; }
+        public Response response { get; set; }
+    }
+
+    public class Meta
+    {
+        public int http_code { get; set; }
+    }
+
+    public class Response
+    {
+        public string access_token { get; set; }
+    }
+
+}
diff --git a/Owin.Security.Providers/Untappd/Provider/UntappdAuthenticatedContext.cs b/Owin.Security.Providers/Untappd/Provider/UntappdAuthenticatedContext.cs
index b7fb0c8..8d3f5a2 100644
--- a/Owin.Security.Providers/Untappd/Provider/UntappdAuthenticatedContext.cs
+++ b/Owin.Security.Providers/Untappd/Provider/UntappdAuthenticatedContext.cs
@@ -27,11 +27,11 @@ namespace Owin.Security.Providers.Untappd
             User = user;
             AccessToken = accessToken;
 
-            Id = TryGetValue(user, "_id");
-            Name = TryGetValue(user, "first_name") +" "+ TryGetValue(user, "last_name");
-            Link = TryGetValue(user, "url");
-            UserName = TryGetValue(user, "user_name");
-            Email = TryGetValue(user, "email_address");
+            Id = user["response"]["user"]["id"].ToString();
+            Name = user["response"]["user"]["first_name"].ToString() +" "+ user["response"]["user"]["last_name"].ToString();
+            Link = user["response"]["user"]["url"].ToString();
+            UserName = user["response"]["user"]["user_name"].ToString();
+            Email = user["response"]["user"]["settings"]["email_address"].ToString();
         }
 
         /// <summary>
diff --git a/Owin.Security.Providers/Untappd/UntappdAuthenticationHandler.cs b/Owin.Security.Providers/Untappd/UntappdAuthenticationHandler.cs
index 0173d4f..f9a2d7b 100644
--- a/Owin.Security.Providers/Untappd/UntappdAuthenticationHandler.cs
+++ b/Owin.Security.Providers/Untappd/UntappdAuthenticationHandler.cs
@@ -35,7 +35,6 @@ namespace Owin.Security.Providers.Untappd
             try
             {
                 string code = null;
-                string state = null;
 
                 IReadableStringCollection query = Request.Query;
                 IList<string> values = query.GetValues("code");
@@ -43,45 +42,30 @@ namespace Owin.Security.Providers.Untappd
                 {
                     code = string.Copy(values.First());
                 }
-                values = query.GetValues("state");
-                if (values != null && values.Count == 1)
-                {
-                    state = values[0];
-                }
-
-                properties = Options.StateDataFormat.Unprotect(state);
-                if (properties == null)
-                {
-                    return null;
-                }
-
-                // OAuth2 10.12 CSRF
-                if (!ValidateCorrelationId(properties, logger))
-                {
-                    return new AuthenticationTicket(null, properties);
-                }
-
                 string requestPrefix = Request.Scheme + "://" + Request.Host;
                 string redirectUri = requestPrefix + Request.PathBase + Options.CallbackPath;
 
-                // Build up the body for the token request
-                var body = new List<KeyValuePair<string, string>>();
-                body.Add(new KeyValuePair<string, string>("client_id", Options.ClientId));
-                body.Add(new KeyValuePair<string, string>("client_secret", Options.ClientSecret));
-                body.Add(new KeyValuePair<string, string>("redirect_uri", redirectUri));
-                body.Add(new KeyValuePair<string, string>("code", code));
+                //// Build up the body for the token request
+                //var body = new List<KeyValuePair<string, string>>();
+                //body.Add(new KeyValuePair<string, string>("client_id", Options.ClientId));
+                //body.Add(new KeyValuePair<string, string>("client_secret", Options.ClientSecret));
+                //body.Add(new KeyValuePair<string, string>("redirect_url", redirectUri));
+                //body.Add(new KeyValuePair<string, string>("response_type", "code"));
+                //body.Add(new KeyValuePair<string, string>("code", code));
 
                 // Request the token
-                var requestMessage = new HttpRequestMessage(HttpMethod.Post, Options.Endpoints.TokenEndpoint);
-                requestMessage.Content = new FormUrlEncodedContent(body);
+                var requestMessage = new HttpRequestMessage(HttpMethod.Get, 
+                    
+                    
+                    String.Format(@"{0}/?client_id={1}&client_secret={2}&response_type=code&redirect_url={3}&code={4}", Options.Endpoints.TokenEndpoint,Options.ClientId, Options.ClientSecret, redirectUri, code));
                 requestMessage.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
                 HttpResponseMessage tokenResponse = await httpClient.SendAsync(requestMessage);
                 tokenResponse.EnsureSuccessStatusCode();
                 string text = await tokenResponse.Content.ReadAsStringAsync();
 
                 // Deserializes the token response
-                dynamic response = JsonConvert.DeserializeObject<dynamic>(text);
-                string accessToken = (string)response.access_token;
+                var response = JsonConvert.DeserializeObject<ResponseRoot>(text);
+                string accessToken = response.response.access_token;
 
                 // Get the Untappd user
                 HttpRequestMessage userRequest = new HttpRequestMessage(HttpMethod.Get, Options.Endpoints.UserInfoEndpoint + "?access_token=" + Uri.EscapeDataString(accessToken));
@@ -116,10 +100,16 @@ namespace Owin.Security.Providers.Untappd
                 {
                     context.Identity.AddClaim(new Claim("urn:Untappd:url", context.Link, XmlSchemaString, Options.AuthenticationType));
                 }
+               
+
+                IDictionary<string, string> data = new Dictionary<string, string>
+                     {
+                        { "userData", "Data" }
+                    };
+                properties = new AuthenticationProperties(data);
                 context.Properties = properties;
-
                 await Options.Provider.Authenticated(context);
-
+                
                 return new AuthenticationTicket(context.Identity, context.Properties);
             }
             catch (Exception ex)
@@ -167,7 +157,7 @@ namespace Owin.Security.Providers.Untappd
                 string authorizationEndpoint =
                     Options.Endpoints.AuthorizationEndpoint +
                     "?client_id=" + Uri.EscapeDataString(Options.ClientId) +
-                    "&redirect_uri=" + Uri.EscapeDataString(redirectUri) +
+                    "&redirect_url=" + Uri.EscapeDataString(redirectUri) +
                     "&response_type=" + "code";
 
                 Response.Redirect(authorizationEndpoint);
diff --git a/Owin.Security.Providers/Untappd/UntappdAuthenticationMiddleware.cs b/Owin.Security.Providers/Untappd/UntappdAuthenticationMiddleware.cs
index 0fc0000..c8a5df2 100644
--- a/Owin.Security.Providers/Untappd/UntappdAuthenticationMiddleware.cs
+++ b/Owin.Security.Providers/Untappd/UntappdAuthenticationMiddleware.cs
@@ -32,14 +32,6 @@ namespace Owin.Security.Providers.Untappd
             if (Options.Provider == null)
                 Options.Provider = new UntappdAuthenticationProvider();
 
-            if (Options.StateDataFormat == null)
-            {
-                IDataProtector dataProtector = app.CreateDataProtector(
-                    typeof (UntappdAuthenticationMiddleware).FullName,
-                    Options.AuthenticationType, "v1");
-                Options.StateDataFormat = new PropertiesDataFormat(dataProtector);
-            }
-
             if (String.IsNullOrEmpty(Options.SignInAsAuthenticationType))
                 Options.SignInAsAuthenticationType = app.GetDefaultSignInAsAuthenticationType();
 
diff --git a/Owin.Security.Providers/Untappd/UntappdAuthenticationOptions.cs b/Owin.Security.Providers/Untappd/UntappdAuthenticationOptions.cs
index 81886fe..165ee7a 100644
--- a/Owin.Security.Providers/Untappd/UntappdAuthenticationOptions.cs
+++ b/Owin.Security.Providers/Untappd/UntappdAuthenticationOptions.cs
@@ -37,7 +37,7 @@ namespace Owin.Security.Providers.Untappd
 
         private const string AuthorizationEndPoint = "https://untappd.com/oauth/authenticate";
         private const string TokenEndpoint = "https://untappd.com/oauth/authorize";
-        private const string UserInfoEndpoint = "https://untappd.com/v4/user/info";
+        private const string UserInfoEndpoint = "https://api.untappd.com/v4/user/info";
 
         /// <summary>
         ///     Gets or sets the a pinned certificate validator to use to validate the endpoints used