TerribleDev/OwinOAuthProviders
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge

Browse Source
This commit is contained in:
Kristoffer Pettersson
2014-11-12 20:47:17 +01:00
parent 2fa48716cf 987381d767
commit c0df07feef
19 changed files with 610 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
NuGet/Owin.Security.Providers.nuspec
View File

@@ -2,42 +2,33 @@
<package >
<metadata>
<id>Owin.Security.Providers</id>
<version>1.10.0</version>
<version>1.11.0</version>
<authors>Jerrie Pelser, Jérémie Bertrand, Joseph Yanks, Tomáš Herceg, James Cuthbert, Payoj Baral</authors>
<owners>Jerrie Pelser</owners>
<licenseUrl>http://opensource.org/licenses/MIT</licenseUrl>
<projectUrl>https://github.com/owin-middleware/OwinOAuthProviders</projectUrl>
<requireLicenseAcceptance>false</requireLicenseAcceptance>
<description>
Additional OAuth providers for Katana (OWIN). Includes providers for
- LinkedIn
- Yahoo
- Google+
- GitHub
- Reddit
- Instagram
- StackExchange
- SalesForce
- TripIt
- Buffer
- ArcGIS
- Dropbox
- Wordpress
- OpenID 2.0 providers
Additional OAuth providers for Katana (OWIN). Includes providers for LinkedIn, Yahoo, Google+, GitHub, Reddit, Instagram, StackExchange, SalesForce, TripIt, Buffer, ArcGIS, Dropbox, Wordpress,
OpenID 2.0 providers
- Steam
</description>
<releaseNotes>
Version 1.11.0
- Add HealtGraph (Runkeeper) provider. Thank you Roberto Hernandez. (https://github.com/rjhernandez)
- Made change to WordPress provider to also retrieve information about the specific blog.
Version 1.10.0
- Add Dropbox provider
- Add WordPress provider
Version 1.9.1
- A couple of small fixes.
Version 1.9.0
- Add ArcGIS provider Thank you Dave Timmins (https://github.com/davetimmins)
- Fixes to Salesforce provider
Version 1.8.1
- Fix bug in Reddit provider

7
Owin.Security.Providers/HealthGraph/Constants.cs Normal file
View File

@@ -0,0 +1,7 @@
namespace Owin.Security.Providers.HealthGraph
{
internal static class Constants
{
public const string DefaultAuthenticationType = "HealthGraph";
}
}

33
Owin.Security.Providers/HealthGraph/HealthGraphAuthenticationExtensions.cs Normal file
View File

@@ -0,0 +1,33 @@
using System;
namespace Owin.Security.Providers.HealthGraph
{
public static class HealthGraphAuthenticationExtensions
{
public static IAppBuilder UseHealthGraphAuthentication(
this IAppBuilder app,
HealthGraphAuthenticationOptions options)
{
if (app == null)
throw new ArgumentNullException("app");
if (options == null)
throw new ArgumentNullException("options");
app.Use(typeof(HealthGraphAuthenticationMiddleware), app, options);
return app;
}
public static IAppBuilder UseHealthGraphAuthentication(
this IAppBuilder app,
string clientId,
string clientSecret)
{
return app.UseHealthGraphAuthentication(new HealthGraphAuthenticationOptions
{
ClientId = clientId,
ClientSecret = clientSecret
});
}
}
}

234
Owin.Security.Providers/HealthGraph/HealthGraphAuthenticationHandler.cs Normal file
View File

@@ -0,0 +1,234 @@
using System;
using System.Collections.Generic;
using System.Net.Http;
using System.Net.Http.Headers;
using System.Security.Claims;
using System.Threading.Tasks;
using Microsoft.Owin;
using Microsoft.Owin.Infrastructure;
using Microsoft.Owin.Logging;
using Microsoft.Owin.Security;
using Microsoft.Owin.Security.Infrastructure;
using Newtonsoft.Json;
using Newtonsoft.Json.Linq;
using Owin.Security.Providers.HealthGraph.Provider;
namespace Owin.Security.Providers.HealthGraph
{
public class HealthGraphAuthenticationHandler : AuthenticationHandler<HealthGraphAuthenticationOptions>
{
private const string XmlSchemaString = "http://www.w3.org/2001/XMLSchema#string";
private HttpClient httpClient;
private ILogger logger;
public HealthGraphAuthenticationHandler(
HttpClient httpClient,
ILogger logger)
{
this.httpClient = httpClient;
this.logger = logger;
}
protected async override Task<AuthenticationTicket> AuthenticateCoreAsync()
{
AuthenticationProperties properties = null;
try
{
string code = null;
string state = null;
IReadableStringCollection query = Request.Query;
IList<string> values = query.GetValues("code");
if (values != null && values.Count == 1)
{
code = values[0];
}
values = query.GetValues("state");
if (values != null && values.Count == 1)
{
state = values[0];
}
properties = Options.StateDataFormat.Unprotect(state);
if (properties == null)
{
return null;
}
// OAuth2 10.12 CSRF
if (!ValidateCorrelationId(properties, logger))
{
return new AuthenticationTicket(null, properties);
}
string requestPrefix = Request.Scheme + "://" + Request.Host;
string redirectUri = requestPrefix + Request.PathBase + Options.CallbackPath;
// Build up the body for the token request
var body = new List<KeyValuePair<string, string>>();
body.Add(new KeyValuePair<string, string>("grant_type", "authorization_code"));
body.Add(new KeyValuePair<string, string>("code", code));
body.Add(new KeyValuePair<string, string>("redirect_uri", redirectUri));
body.Add(new KeyValuePair<string, string>("client_id", Options.ClientId));
body.Add(new KeyValuePair<string, string>("client_secret", Options.ClientSecret));
// Request the token
var requestMessage = new HttpRequestMessage(HttpMethod.Post, Options.Endpoints.TokenEndpoint);
requestMessage.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
requestMessage.Content = new FormUrlEncodedContent(body);
HttpResponseMessage tokenResponse = await httpClient.SendAsync(requestMessage);
tokenResponse.EnsureSuccessStatusCode();
string text = await tokenResponse.Content.ReadAsStringAsync();
// Deserializes the token response
dynamic response = JsonConvert.DeserializeObject<dynamic>(text);
string accessToken = (string)response.access_token;
// Get the RunKeeper user
HttpRequestMessage userRequest = new HttpRequestMessage(HttpMethod.Get, Options.Endpoints.UserInfoEndpoint + "?access_token=" + Uri.EscapeDataString(accessToken));
HttpResponseMessage userResponse = await httpClient.SendAsync(userRequest, Request.CallCancelled);
userResponse.EnsureSuccessStatusCode();
var userText = await userResponse.Content.ReadAsStringAsync();
JObject user = JObject.Parse(userText);
// Get the RunKeeper Profile
HttpRequestMessage profileRequest = new HttpRequestMessage(HttpMethod.Get, Options.Endpoints.ProfileInfoEndpoint + "?access_token=" + Uri.EscapeDataString(accessToken));
HttpResponseMessage profileResponse = await httpClient.SendAsync(profileRequest, Request.CallCancelled);
profileResponse.EnsureSuccessStatusCode();
var profileText = await profileResponse.Content.ReadAsStringAsync();
JObject profile = JObject.Parse(profileText);
var context = new HealthGraphAuthenticatedContext(Context, user, profile, accessToken);
context.Identity = new ClaimsIdentity(
Options.AuthenticationType,
ClaimsIdentity.DefaultNameClaimType,
ClaimsIdentity.DefaultRoleClaimType);
if (!string.IsNullOrEmpty(context.UserId))
{
context.Identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, context.UserId, XmlSchemaString, Options.AuthenticationType));
}
if (!string.IsNullOrEmpty(context.Name))
{
context.Identity.AddClaim(new Claim(ClaimsIdentity.DefaultNameClaimType, context.Name, XmlSchemaString, Options.AuthenticationType));
}
context.Properties = properties;
await Options.Provider.Authenticated(context);
return new AuthenticationTicket(context.Identity, context.Properties);
}
catch (Exception ex)
{
logger.WriteError(ex.Message);
}
return new AuthenticationTicket(null, properties);
}
protected override Task ApplyResponseChallengeAsync()
{
if (Response.StatusCode != 401)
{
return Task.FromResult<object>(null);
}
AuthenticationResponseChallenge challenge = Helper.LookupChallenge(Options.AuthenticationType, Options.AuthenticationMode);
if (challenge != null)
{
string baseUri =
Request.Scheme +
Uri.SchemeDelimiter +
Request.Host +
Request.PathBase;
string currentUri =
baseUri +
Request.Path +
Request.QueryString;
string redirectUri =
baseUri +
Options.CallbackPath;
AuthenticationProperties properties = challenge.Properties;
if (string.IsNullOrEmpty(properties.RedirectUri))
{
properties.RedirectUri = currentUri;
}
// OAuth2 10.12 CSRF
GenerateCorrelationId(properties);
// comma separated
string state = Options.StateDataFormat.Protect(properties);
string authorizationEndpoint =
Options.Endpoints.AuthorizationEndpoint +
"?client_id=" + Uri.EscapeDataString(Options.ClientId) +
"&redirect_uri=" + Uri.EscapeDataString(redirectUri) +
"&response_type=code" +
"&state=" + Uri.EscapeDataString(state);
Response.Redirect(authorizationEndpoint);
}
return Task.FromResult<object>(null);
}
public override async Task<bool> InvokeAsync()
{
return await InvokeReplyPathAsync();
}
private async Task<bool> InvokeReplyPathAsync()
{
if (Options.CallbackPath.HasValue && Options.CallbackPath == Request.Path)
{
// TODO: error responses
AuthenticationTicket ticket = await AuthenticateAsync();
if (ticket == null)
{
logger.WriteWarning("Invalid return state, unable to redirect.");
Response.StatusCode = 500;
return true;
}
var context = new HealthGraphReturnEndpointContext(Context, ticket);
context.SignInAsAuthenticationType = Options.SignInAsAuthenticationType;
context.RedirectUri = ticket.Properties.RedirectUri;
await Options.Provider.ReturnEndpoint(context);
if (context.SignInAsAuthenticationType != null &&
context.Identity != null)
{
ClaimsIdentity grantIdentity = context.Identity;
if (!string.Equals(grantIdentity.AuthenticationType, context.SignInAsAuthenticationType, StringComparison.Ordinal))
{
grantIdentity = new ClaimsIdentity(grantIdentity.Claims, context.SignInAsAuthenticationType, grantIdentity.NameClaimType, grantIdentity.RoleClaimType);
}
Context.Authentication.SignIn(context.Properties, grantIdentity);
}
if (!context.IsRequestCompleted && context.RedirectUri != null)
{
string redirectUri = context.RedirectUri;
if (context.Identity == null)
{
// add a redirect hint that sign-in failed in some way
redirectUri = WebUtilities.AddQueryString(redirectUri, "error", "access_denied");
}
Response.Redirect(redirectUri);
context.RequestCompleted();
}
return context.IsRequestCompleted;
}
return false;
}
}
}

83
Owin.Security.Providers/HealthGraph/HealthGraphAuthenticationMiddleware.cs Normal file
View File

@@ -0,0 +1,83 @@
using System;
using System.Globalization;
using System.Net.Http;
using Microsoft.Owin;
using Microsoft.Owin.Logging;
using Microsoft.Owin.Security;
using Microsoft.Owin.Security.DataHandler;
using Microsoft.Owin.Security.DataProtection;
using Microsoft.Owin.Security.Infrastructure;
using Owin.Security.Providers.HealthGraph.Provider;
using Owin.Security.Providers.Properties;
namespace Owin.Security.Providers.HealthGraph
{
public class HealthGraphAuthenticationMiddleware : AuthenticationMiddleware<HealthGraphAuthenticationOptions>
{
private readonly HttpClient httpClient;
private readonly ILogger logger;
public HealthGraphAuthenticationMiddleware(
OwinMiddleware next,
IAppBuilder app,
HealthGraphAuthenticationOptions options) : base(next, options)
{
if (String.IsNullOrWhiteSpace(Options.ClientId))
throw new ArgumentException(String.Format(CultureInfo.CurrentCulture,
Resources.Exception_OptionMustBeProvided, "ClientId"));
if (String.IsNullOrWhiteSpace(Options.ClientSecret))
throw new ArgumentException(String.Format(CultureInfo.CurrentCulture,
Resources.Exception_OptionMustBeProvided, "ClientSecret"));
logger = app.CreateLogger<HealthGraphAuthenticationMiddleware>();
if (Options.Provider == null)
Options.Provider = new HealthGraphAuthenticationProvider();
if (Options.StateDataFormat == null)
{
IDataProtector dataProtector = app.CreateDataProtector(
typeof(HealthGraphAuthenticationMiddleware).FullName,
Options.AuthenticationType,
"v1");
Options.StateDataFormat = new PropertiesDataFormat(dataProtector);
}
if (String.IsNullOrEmpty(Options.SignInAsAuthenticationType))
Options.SignInAsAuthenticationType = app.GetDefaultSignInAsAuthenticationType();
httpClient = new HttpClient(ResolveHttpMessageHandler(Options))
{
Timeout = Options.BackchannelTimeout,
MaxResponseContentBufferSize = 1024 * 1024 * 10,
};
httpClient.DefaultRequestHeaders.UserAgent.ParseAdd("Microsoft Owin HealthGraph middleware");
httpClient.DefaultRequestHeaders.ExpectContinue = false;
}
protected override AuthenticationHandler<HealthGraphAuthenticationOptions> CreateHandler()
{
return new HealthGraphAuthenticationHandler(httpClient, logger);
}
private HttpMessageHandler ResolveHttpMessageHandler(HealthGraphAuthenticationOptions options)
{
HttpMessageHandler handler = options.BackchannelHttpHandler ?? new WebRequestHandler();
// If they provided a validator, apply it or fail.
if (options.BackchannelCertificateValidator != null)
{
// Set the cert validate callback
var webRequestHandler = handler as WebRequestHandler;
if (webRequestHandler == null)
{
throw new InvalidOperationException(Resources.Exception_ValidatorHandlerMismatch);
}
webRequestHandler.ServerCertificateValidationCallback = options.BackchannelCertificateValidator.Validate;
}
return handler;
}
}
}

96
Owin.Security.Providers/HealthGraph/HealthGraphAuthenticationOptions.cs Normal file
View File

@@ -0,0 +1,96 @@
using System;
using System.Collections.Generic;
using System.Net.Http;
using Microsoft.Owin;
using Microsoft.Owin.Security;
using Microsoft.Owin.Security.DataHandler;
using Owin.Security.Providers.HealthGraph.Provider;
namespace Owin.Security.Providers.HealthGraph
{
public class HealthGraphAuthenticationOptions : AuthenticationOptions
{
private const string AuthorizationEndPoint = "https://runkeeper.com/apps/authorize";
private const string TokenEndpoint = "https://runkeeper.com/apps/token";
private const string UserInfoEndpoint = "https://api.runkeeper.com/user";
private const string ProfileInfoEndpoint = "https://api.runkeeper.com/profile";
public class HealthGraphAuthenticationEndpoints
{
/// <summary>
/// Endpoint which is used to redirect users to request GitHub access
/// </summary>
/// <remarks>
/// Defaults to https://runkeeper.com/apps/authorize
/// </remarks>
public string AuthorizationEndpoint { get; set; }
/// <summary>
/// Endpoint which is used to exchange code for access token
/// </summary>
/// <remarks>
/// Defaults to https://api.runkeeper.com/profile
/// </remarks>
public string TokenEndpoint { get; set; }
/// <summary>
/// Endpoint which is used to obtain user information after authentication
/// </summary>
/// <remarks>
/// Defaults to https://api.runkeeper.com/user
/// </remarks>
public string UserInfoEndpoint { get; set; }
/// <summary>
/// Endpoint which is used to obtain user information after authentication
/// </summary>
/// <remarks>
/// Defaults to https://api.runkeeper.com/profile
/// </remarks>
public string ProfileInfoEndpoint { get; set; }
}
public HealthGraphAuthenticationOptions()
: base(Constants.DefaultAuthenticationType)
{
Caption = Constants.DefaultAuthenticationType;
CallbackPath = new PathString("/signin-healthgraph");
AuthenticationMode = AuthenticationMode.Passive;
BackchannelTimeout = TimeSpan.FromSeconds(60);
Endpoints = new HealthGraphAuthenticationEndpoints
{
AuthorizationEndpoint = AuthorizationEndPoint,
TokenEndpoint = TokenEndpoint,
UserInfoEndpoint = UserInfoEndpoint,
ProfileInfoEndpoint = ProfileInfoEndpoint,
};
}
public ICertificateValidator BackchannelCertificateValidator { get; set; }
public HttpMessageHandler BackchannelHttpHandler { get; set; }
public TimeSpan BackchannelTimeout { get; set; }
public PathString CallbackPath { get; set; }
public string Caption
{
get { return Description.Caption; }
set { Description.Caption = value; }
}
public string ClientId { get; set; }
public string ClientSecret { get; set; }
public PropertiesDataFormat StateDataFormat { get; set; }
public HealthGraphAuthenticationEndpoints Endpoints { get; set; }
public IHealthGraphAuthenticationProvider Provider { get; set; }
public string SignInAsAuthenticationType { get; set; }
}
}

44
Owin.Security.Providers/HealthGraph/Provider/HealthGraphAuthenticatedContext.cs Normal file
View File

@@ -0,0 +1,44 @@
using System.Security.Claims;
using Microsoft.Owin;
using Microsoft.Owin.Security;
using Microsoft.Owin.Security.Provider;
using Newtonsoft.Json.Linq;
namespace Owin.Security.Providers.HealthGraph.Provider
{
public class HealthGraphAuthenticatedContext : BaseContext
{
public HealthGraphAuthenticatedContext(IOwinContext context,
JObject user,
JObject profile,
string accessToken) : base(context)
{
User = user;
Profile = profile;
AccessToken = accessToken;
UserId = TryGetValue(user, "userID");
Name = TryGetValue(profile, "name");
}
public JObject Profile { get; set; }
public JObject User { get; set; }
public string UserId { get; set; }
public string Name { get; set; }
public string AccessToken { get; set; }
public ClaimsIdentity Identity { get; set; }
public AuthenticationProperties Properties { get; set; }
private static string TryGetValue(JObject user, string propertyName)
{
JToken value;
return user.TryGetValue(propertyName, out value) ? value.ToString() : null;
}
}
}

28
Owin.Security.Providers/HealthGraph/Provider/HealthGraphAuthenticationProvider.cs Normal file
View File

@@ -0,0 +1,28 @@
using System;
using System.Threading.Tasks;
namespace Owin.Security.Providers.HealthGraph.Provider
{
public class HealthGraphAuthenticationProvider : IHealthGraphAuthenticationProvider
{
public HealthGraphAuthenticationProvider()
{
OnAuthenticated = context => Task.FromResult<object>(null);
OnReturnEndPoint = context => Task.FromResult<object>(null);
}
public Func<HealthGraphAuthenticatedContext, Task> OnAuthenticated { get; set; }
public Func<HealthGraphReturnEndpointContext, Task> OnReturnEndPoint { get; set; }
public Task Authenticated(HealthGraphAuthenticatedContext context)
{
return OnAuthenticated(context);
}
public Task ReturnEndpoint(HealthGraphReturnEndpointContext context)
{
return OnReturnEndPoint(context);
}
}
}

15
Owin.Security.Providers/HealthGraph/Provider/HealthGraphReturnEndpointContext.cs Normal file
View File

@@ -0,0 +1,15 @@
using Microsoft.Owin;
using Microsoft.Owin.Security;
using Microsoft.Owin.Security.Provider;
namespace Owin.Security.Providers.HealthGraph.Provider
{
public class HealthGraphReturnEndpointContext : ReturnEndpointContext
{
public HealthGraphReturnEndpointContext(IOwinContext context,
AuthenticationTicket ticket)
: base(context, ticket)
{
}
}
}

12
Owin.Security.Providers/HealthGraph/Provider/IHealthGraphAuthenticationProvider.cs Normal file
View File

@@ -0,0 +1,12 @@
using System.Threading.Tasks;
using Owin.Security.Providers.GitHub;
namespace Owin.Security.Providers.HealthGraph.Provider
{
public interface IHealthGraphAuthenticationProvider
{
Task Authenticated(HealthGraphAuthenticatedContext context);
Task ReturnEndpoint(HealthGraphReturnEndpointContext context);
}
}

9
Owin.Security.Providers/Owin.Security.Providers.csproj
View File

@@ -95,6 +95,7 @@
<Compile Include="Dropbox\Provider\DropboxReturnEndpointContext.cs" />
<Compile Include="Dropbox\Provider\IDropboxAuthenticationProvider.cs" />
<Compile Include="GitHub\Constants.cs" />
<Compile Include="HealthGraph\Constants.cs" />
<Compile Include="GitHub\GitHubAuthenticationExtensions.cs" />
<Compile Include="GitHub\GitHubAuthenticationHandler.cs" />
<Compile Include="GitHub\GitHubAuthenticationMiddleware.cs" />
@@ -112,6 +113,13 @@
<Compile Include="GooglePlus\Provider\GooglePlusAuthenticationProvider.cs" />
<Compile Include="GooglePlus\Provider\GooglePlusReturnEndpointContext.cs" />
<Compile Include="GooglePlus\Provider\IGooglePlusAuthenticationProvider.cs" />
<Compile Include="HealthGraph\HealthGraphAuthenticationExtensions.cs" />
<Compile Include="HealthGraph\HealthGraphAuthenticationHandler.cs" />
<Compile Include="HealthGraph\HealthGraphAuthenticationMiddleware.cs" />
<Compile Include="HealthGraph\Provider\HealthGraphAuthenticatedContext.cs" />
<Compile Include="HealthGraph\Provider\HealthGraphAuthenticationProvider.cs" />
<Compile Include="HealthGraph\Provider\HealthGraphReturnEndpointContext.cs" />
<Compile Include="HealthGraph\Provider\IHealthGraphAuthenticationProvider.cs" />
<Compile Include="Instagram\Constants.cs" />
<Compile Include="Instagram\InstagramAuthenticationExtensions.cs" />
<Compile Include="Instagram\InstagramAuthenticationHandler.cs" />
@@ -162,6 +170,7 @@
<Compile Include="Reddit\RedditAuthenticationHandler.cs" />
<Compile Include="Reddit\RedditAuthenticationMiddleware.cs" />
<Compile Include="Reddit\RedditAuthenticationOptions.cs" />
<Compile Include="HealthGraph\HealthGraphAuthenticationOptions.cs" />
<Compile Include="Salesforce\Constants.cs" />
<Compile Include="Salesforce\Provider\ISalesforceAuthenticationProvider.cs" />
<Compile Include="Salesforce\Provider\SalesforceAuthenticatedContext.cs" />

4
Owin.Security.Providers/Properties/AssemblyInfo.cs
View File

@@ -32,5 +32,5 @@ using System.Runtime.InteropServices;
// You can specify all the values or you can default the Build and Revision Numbers
// by using the '*' as shown below:
// [assembly: AssemblyVersion("1.0.*")]
[assembly: AssemblyVersion("1.10.0.0")]
[assembly: AssemblyFileVersion("1.10.0.0")]
[assembly: AssemblyVersion("1.11.0.0")]
[assembly: AssemblyFileVersion("1.11.0.0")]

16
Owin.Security.Providers/WordPress/Provider/WordPressAuthenticatedContext.cs
View File

@@ -23,13 +23,15 @@ namespace Owin.Security.Providers.WordPress
/// <param name="accessToken">WordPress Access token</param>
/// <param name="blogId">The ID for this blog</param>
/// <param name="blogUrl">The URL for this blog</param>
public WordPressAuthenticatedContext(IOwinContext context, JObject user, string accessToken, string blogId, string blogUrl)
public WordPressAuthenticatedContext(IOwinContext context, JObject user, JObject site, string accessToken, string blogId, string blogUrl)
: base(context)
{
User = user;
Site = site;
AccessToken = accessToken;
BlogId = blogId;
BlogUrl = blogUrl;
BlogName = TryGetValue(site, "name");
Id = TryGetValue(user, "ID");
Name = TryGetValue(user, "display_name");
@@ -49,6 +51,13 @@ namespace Owin.Security.Providers.WordPress
/// </remarks>
public JObject User { get; private set; }
/// <summary>
/// Gets the JSON-serialized user
/// </summary>
/// <remarks>
/// Contains the WordPress user obtained from the endpoint https://public-api.wordpress.com/rest/v1/sites/{siteId}
/// </remarks>
public JObject Site { get; private set; }
/// <summary>
/// Gets the WordPress OAuth access token
/// </summary>
@@ -64,6 +73,11 @@ namespace Owin.Security.Providers.WordPress
/// </summary>
public string BlogUrl { get; private set; }
/// <summary>
/// The name of the blog for the token
/// </summary>
public string BlogName { get; set; }
/// <summary>
/// Gets the WordPress access token expiration time
/// </summary>

12
Owin.Security.Providers/WordPress/WordPressAuthenticationHandler.cs
View File

@@ -18,6 +18,7 @@ namespace Owin.Security.Providers.WordPress
private const string XmlSchemaString = "http://www.w3.org/2001/XMLSchema#string";
private const string TokenEndpoint = "https://public-api.wordpress.com/oauth2/token";
private const string UserInfoEndpoint = "https://public-api.wordpress.com/rest/v1/me";
private const string SiteInfoEndpoint = "https://public-api.wordpress.com/rest/v1/sites/";
private readonly ILogger logger;
private readonly HttpClient httpClient;
@@ -93,7 +94,16 @@ namespace Owin.Security.Providers.WordPress
text = await graphResponse.Content.ReadAsStringAsync();
JObject user = JObject.Parse(text);
var context = new WordPressAuthenticatedContext(Context, user, accessToken, blogId, blogUrl);
// Get the site details
HttpRequestMessage siteRequest = new HttpRequestMessage(HttpMethod.Get, SiteInfoEndpoint + blogId);
siteRequest.Headers.Add("User-Agent", "OWIN OAuth Provider");
siteRequest.Headers.Add("Authorization", "BEARER " + accessToken);
HttpResponseMessage siteResponse = await httpClient.SendAsync(siteRequest, Request.CallCancelled);
siteResponse.EnsureSuccessStatusCode();
text = await siteResponse.Content.ReadAsStringAsync();
JObject site = JObject.Parse(text);
var context = new WordPressAuthenticatedContext(Context, user, site, accessToken, blogId, blogUrl);
context.Identity = new ClaimsIdentity(
Options.AuthenticationType,
ClaimsIdentity.DefaultNameClaimType,

2
OwinOAuthProviders.sln
View File

@@ -1,7 +1,7 @@
Microsoft Visual Studio Solution File, Format Version 12.00
# Visual Studio 2013
VisualStudioVersion = 12.0.21005.1
VisualStudioVersion = 12.0.30723.0
MinimumVisualStudioVersion = 10.0.40219.1
Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "OwinOAuthProvidersDemo", "OwinOAuthProvidersDemo\OwinOAuthProvidersDemo.csproj", "{5A438007-0C90-4DAC-BAA1-54A32164067F}"
EndProject

BIN
OwinOAuthProvidersDemo/App_Data/aspnet-OwinOAuthProvidersDemo-20131113093838.mdf
View File

Binary file not shown.

BIN
OwinOAuthProvidersDemo/App_Data/aspnet-OwinOAuthProvidersDemo-20131113093838_log.ldf
View File

Binary file not shown.

13
OwinOAuthProvidersDemo/App_Start/Startup.Auth.cs
View File

@@ -9,6 +9,7 @@ using Owin.Security.Providers.Dropbox;
using Owin.Security.Providers.GitHub;
using Owin.Security.Providers.GooglePlus;
using Owin.Security.Providers.GooglePlus.Provider;
using Owin.Security.Providers.HealthGraph;
using Owin.Security.Providers.Instagram;
using Owin.Security.Providers.LinkedIn;
using Owin.Security.Providers.Reddit;
@@ -56,7 +57,7 @@ namespace OwinOAuthProvidersDemo
//app.UseYahooAuthentication("", "");
//app.UseTripItAuthentication("", "");
//app.UseGitHubAuthentication("", "");
//app.UseBufferAuthentication("", "");
@@ -130,13 +131,17 @@ namespace OwinOAuthProvidersDemo
// clientId: "",
// clientSecret: "");
//app.UseWordPressAuthentication(
// clientId: "",
// clientSecret: "");
app.UseWordPressAuthentication(
clientId: "37490",
clientSecret: "rt3YrwGaX6yPtAnfwLuz1KBxwEVrYz4LdTynnNe15hxFQZc0ysqjrccl7689IlbD");
//app.UseDropboxAuthentication(
// appKey: "",
// appSecret: "");
//app.UseHealthGraphAuthentication(
// clientId: "",
// clientSecret: "");
}
}
}

1
README.md
View File

@@ -8,6 +8,7 @@ Provides a set of extra authentication providers for OWIN ([Project Katana](http
- GitHub
- Instagram
- StackExchange
- HealthGraph
- Battle.net
- OpenID
- Generic OpenID 2.0 provider