diff --git a/Owin.Security.Providers/Salesforce/Provider/SalesforceAuthenticatedContext.cs b/Owin.Security.Providers/Salesforce/Provider/SalesforceAuthenticatedContext.cs index b42875f..5655e59 100644 --- a/Owin.Security.Providers/Salesforce/Provider/SalesforceAuthenticatedContext.cs +++ b/Owin.Security.Providers/Salesforce/Provider/SalesforceAuthenticatedContext.cs @@ -1,7 +1,5 @@ // Copyright (c) Microsoft Open Technologies, Inc. All rights reserved. See License.txt in the project root for license information. -using System; -using System.Globalization; using System.Security.Claims; using Microsoft.Owin; using Microsoft.Owin.Security; diff --git a/Owin.Security.Providers/Salesforce/SalesforceAuthenticationHandler.cs b/Owin.Security.Providers/Salesforce/SalesforceAuthenticationHandler.cs index 777cf9b..d3d4e98 100644 --- a/Owin.Security.Providers/Salesforce/SalesforceAuthenticationHandler.cs +++ b/Owin.Security.Providers/Salesforce/SalesforceAuthenticationHandler.cs @@ -65,12 +65,14 @@ namespace Owin.Security.Providers.Salesforce string redirectUri = requestPrefix + Request.PathBase + Options.CallbackPath; // Build up the body for the token request - var body = new List>(); - body.Add(new KeyValuePair("code", code)); - body.Add(new KeyValuePair("redirect_uri", redirectUri)); - body.Add(new KeyValuePair("client_id", Options.ClientId)); - body.Add(new KeyValuePair("client_secret", Options.ClientSecret)); - body.Add(new KeyValuePair("grant_type", "authorization_code")); + var body = new List> + { + new KeyValuePair("code", code), + new KeyValuePair("redirect_uri", redirectUri), + new KeyValuePair("client_id", Options.ClientId), + new KeyValuePair("client_secret", Options.ClientSecret), + new KeyValuePair("grant_type", "authorization_code") + }; // Request the token var requestMessage = new HttpRequestMessage(HttpMethod.Post, Options.Endpoints.TokenEndpoint); @@ -92,11 +94,13 @@ namespace Owin.Security.Providers.Salesforce text = await userResponse.Content.ReadAsStringAsync(); JObject user = JObject.Parse(text); - var context = new SalesforceAuthenticatedContext(Context, user, accessToken); - context.Identity = new ClaimsIdentity( - Options.AuthenticationType, - ClaimsIdentity.DefaultNameClaimType, - ClaimsIdentity.DefaultRoleClaimType); + var context = new SalesforceAuthenticatedContext(Context, user, accessToken) + { + Identity = new ClaimsIdentity( + Options.AuthenticationType, + ClaimsIdentity.DefaultNameClaimType, + ClaimsIdentity.DefaultRoleClaimType) + }; if (!string.IsNullOrEmpty(context.UserId)) { @@ -180,9 +184,6 @@ namespace Owin.Security.Providers.Salesforce // OAuth2 10.12 CSRF GenerateCorrelationId(properties); - // comma separated - //string scope = string.Join(",", Options.Scope); - string state = Options.StateDataFormat.Protect(properties); string authorizationEndpoint = string.Format( diff --git a/Owin.Security.Providers/Salesforce/SalesforceAuthenticationOptions.cs b/Owin.Security.Providers/Salesforce/SalesforceAuthenticationOptions.cs index c6529dc..490e900 100644 --- a/Owin.Security.Providers/Salesforce/SalesforceAuthenticationOptions.cs +++ b/Owin.Security.Providers/Salesforce/SalesforceAuthenticationOptions.cs @@ -13,22 +13,16 @@ namespace Owin.Security.Providers.Salesforce /// /// Endpoint which is used to redirect users to request Salesforce access /// - /// - /// Defaults to https://login.salesforce.com/services/oauth2/authorize - /// public string AuthorizationEndpoint { get; set; } /// /// Endpoint which is used to exchange code for access token /// - /// - /// Defaults to https://login.salesforce.com/services/oauth2/token - /// public string TokenEndpoint { get; set; } } - private const string AuthorizationEndPoint = "https://login.salesforce.com/services/oauth2/authorize"; - private const string TokenEndpoint = "https://login.salesforce.com/services/oauth2/token"; + private const string AuthorizationEndPoint = ""; + private const string TokenEndpoint = ""; /// /// Gets or sets the a pinned certificate validator to use to validate the endpoints used diff --git a/OwinOAuthProvidersDemo/App_Data/aspnet-OwinOAuthProvidersDemo-20131113093838.mdf b/OwinOAuthProvidersDemo/App_Data/aspnet-OwinOAuthProvidersDemo-20131113093838.mdf index b7224c0..1a84f29 100644 Binary files a/OwinOAuthProvidersDemo/App_Data/aspnet-OwinOAuthProvidersDemo-20131113093838.mdf and b/OwinOAuthProvidersDemo/App_Data/aspnet-OwinOAuthProvidersDemo-20131113093838.mdf differ diff --git a/OwinOAuthProvidersDemo/App_Data/aspnet-OwinOAuthProvidersDemo-20131113093838_log.ldf b/OwinOAuthProvidersDemo/App_Data/aspnet-OwinOAuthProvidersDemo-20131113093838_log.ldf index 681ba07..6d2e671 100644 Binary files a/OwinOAuthProvidersDemo/App_Data/aspnet-OwinOAuthProvidersDemo-20131113093838_log.ldf and b/OwinOAuthProvidersDemo/App_Data/aspnet-OwinOAuthProvidersDemo-20131113093838_log.ldf differ diff --git a/OwinOAuthProvidersDemo/App_Start/Startup.Auth.cs b/OwinOAuthProvidersDemo/App_Start/Startup.Auth.cs index 12c3d7d..6b1f77a 100755 --- a/OwinOAuthProvidersDemo/App_Start/Startup.Auth.cs +++ b/OwinOAuthProvidersDemo/App_Start/Startup.Auth.cs @@ -80,21 +80,19 @@ namespace OwinOAuthProvidersDemo // Use OpenId provider login uri instead of discovery uri //app.UseOpenIDAuthentication("http://openid.orange.fr/server", "Orange", true); - app.UseSalesforceAuthentication("", ""); - //in scenarios where a sandbox URL needs to be used app.UseSalesforceAuthentication(new SalesforceAuthenticationOptions { Endpoints = - new Owin.Security.Providers.Salesforce.SalesforceAuthenticationOptions. + new SalesforceAuthenticationOptions. SalesforceAuthenticationEndpoints { AuthorizationEndpoint = - "https://cs5.salesforce.com/services/oauth2/authorize", - TokenEndpoint = "https://cs5.salesforce.com/services/oauth2/token" + "https://ap1.salesforce.com/services/oauth2/authorize", + TokenEndpoint = "https://ap1.salesforce.com/services/oauth2/token" }, - ClientId = "", - ClientSecret = "" + ClientId = "3MVG9Y6d_Btp4xp5epd3nPl2fNfrMmM4AALkiggjcPPqIaZk3gwisao_ysPAO0VtTmD3yjn3kmXeoH12pQu9M", + ClientSecret = "2096527102750431971" }); } } diff --git a/OwinOAuthProvidersDemo/Controllers/AccountController.cs b/OwinOAuthProvidersDemo/Controllers/AccountController.cs index 1faa5d6..4e544a9 100644 --- a/OwinOAuthProvidersDemo/Controllers/AccountController.cs +++ b/OwinOAuthProvidersDemo/Controllers/AccountController.cs @@ -23,6 +23,8 @@ namespace OwinOAuthProvidersDemo.Controllers public AccountController(UserManager userManager) { UserManager = userManager; + //to support email address as user name + UserManager.UserValidator = new UserValidator(UserManager) { AllowOnlyAlphanumericUserNames = false }; } public UserManager UserManager { get; private set; }