summaryrefslogtreecommitdiffstats
path: root/samples/DotNetOpenAuth.ApplicationBlock
diff options
context:
space:
mode:
Diffstat (limited to 'samples/DotNetOpenAuth.ApplicationBlock')
-rw-r--r--samples/DotNetOpenAuth.ApplicationBlock/AzureADClaims.cs77
-rw-r--r--samples/DotNetOpenAuth.ApplicationBlock/AzureADGraph.cs62
-rw-r--r--samples/DotNetOpenAuth.ApplicationBlock/AzureADHeader.cs51
-rw-r--r--samples/DotNetOpenAuth.ApplicationBlock/DotNetOpenAuth.ApplicationBlock.csproj5
-rw-r--r--samples/DotNetOpenAuth.ApplicationBlock/azureadclient.cs112
5 files changed, 307 insertions, 0 deletions
diff --git a/samples/DotNetOpenAuth.ApplicationBlock/AzureADClaims.cs b/samples/DotNetOpenAuth.ApplicationBlock/AzureADClaims.cs
new file mode 100644
index 0000000..7856539
--- /dev/null
+++ b/samples/DotNetOpenAuth.ApplicationBlock/AzureADClaims.cs
@@ -0,0 +1,77 @@
+//-----------------------------------------------------------------------
+// <copyright file="AzureADClaims.cs" company="Microsoft">
+// Copyright (c) Microsoft. All rights reserved.
+// </copyright>
+//-----------------------------------------------------------------------
+
+namespace DotNetOpenAuth.ApplicationBlock
+{
+ using System;
+ using System.ComponentModel;
+ using System.Diagnostics.CodeAnalysis;
+ using System.Runtime.Serialization;
+
+ /// <summary>
+ /// Contains clains of a AzureAD token.
+ /// </summary>
+ /// <remarks>
+ /// Technically, this class doesn't need to be public, but because we want to make it serializable in medium trust, it has to be public.
+ /// </remarks>
+ [DataContract]
+ [EditorBrowsable(EditorBrowsableState.Never)]
+ [SuppressMessage("Microsoft.Naming", "CA1704:IdentifiersShouldBeSpelledCorrectly", MessageId = "AzureAD", Justification = "Brand name")]
+ public class AzureADClaims
+ {
+ #region Public Properties
+
+ /// <summary>
+ /// Gets or sets the audience.
+ /// </summary>
+ /// <value> The audience token is valid for. </value>
+ [DataMember(Name = "aud")]
+ public string Aud { get; set; }
+
+ /// <summary>
+ /// Gets or sets the issuer.
+ /// </summary>
+ /// <value> The issuer. </value>
+ [DataMember(Name = "iss")]
+ public string Iss { get; set; }
+
+ /// <summary>
+ /// Gets or sets the early expiry time.
+ /// </summary>
+ /// <value> The early expiry time. </value>
+ [DataMember(Name = "nbf")]
+ public string Nbf { get; set; }
+
+ /// <summary>
+ /// Gets or sets the expiry time.
+ /// </summary>
+ /// <value> The expiry time. </value>
+ [DataMember(Name = "exp")]
+ public string Exp { get; set; }
+
+ /// <summary>
+ /// Gets or sets the id of the user.
+ /// </summary>
+ /// <value> The id of the user. </value>
+ [DataMember(Name = "oid")]
+ public string Oid { get; set; }
+
+ /// <summary>
+ /// Gets or sets the id of the tenant.
+ /// </summary>
+ /// <value> The tenant . </value>
+ [DataMember(Name = "tid")]
+ public string Tid { get; set; }
+
+ /// <summary>
+ /// Gets or sets the appid of application.
+ /// </summary>
+ /// <value> The id of the application. </value>
+ [DataMember(Name = "appid")]
+ public string Appid { get; set; }
+ #endregion
+ }
+}
diff --git a/samples/DotNetOpenAuth.ApplicationBlock/AzureADGraph.cs b/samples/DotNetOpenAuth.ApplicationBlock/AzureADGraph.cs
new file mode 100644
index 0000000..625a0fe
--- /dev/null
+++ b/samples/DotNetOpenAuth.ApplicationBlock/AzureADGraph.cs
@@ -0,0 +1,62 @@
+//-----------------------------------------------------------------------
+// <copyright file="AzureADGraph.cs" company="Microsoft">
+// Copyright (c) Microsoft. All rights reserved.
+// </copyright>
+//-----------------------------------------------------------------------
+
+namespace DotNetOpenAuth.ApplicationBlock
+{
+ using System;
+ using System.ComponentModel;
+ using System.Diagnostics.CodeAnalysis;
+ using System.Runtime.Serialization;
+
+ /// <summary>
+ /// Contains data of a AzureAD user.
+ /// </summary>
+ /// <remarks>
+ /// Technically, this class doesn't need to be public, but because we want to make it serializable in medium trust, it has to be public.
+ /// </remarks>
+ [DataContract]
+ [EditorBrowsable(EditorBrowsableState.Never)]
+ [SuppressMessage("Microsoft.Naming", "CA1704:IdentifiersShouldBeSpelledCorrectly", MessageId = "AzureAD", Justification = "Brand name")]
+ public class AzureADGraph {
+ #region Public Properties
+
+ /// <summary>
+ /// Gets or sets the firstname.
+ /// </summary>
+ /// <value> The first name. </value>
+ [DataMember(Name = "givenName")]
+ public string GivenName { get; set; }
+
+ /// <summary>
+ /// Gets or sets the lastname.
+ /// </summary>
+ /// <value> The last name. </value>
+ [DataMember(Name = "surname")]
+ public string Surname { get; set; }
+
+ /// <summary>
+ /// Gets or sets the email.
+ /// </summary>
+ /// <value> The email. </value>
+ [DataMember(Name = "userPrincipalName")]
+ public string UserPrincipalName { get; set; }
+
+ /// <summary>
+ /// Gets or sets the fullname.
+ /// </summary>
+ /// <value> The fullname. </value>
+ [DataMember(Name = "displayName")]
+ public string DisplayName { get; set; }
+
+ /// <summary>
+ /// Gets or sets the id.
+ /// </summary>
+ /// <value> The id. </value>
+ [DataMember(Name = "objectId")]
+ public string ObjectId { get; set; }
+ #endregion
+ }
+}
diff --git a/samples/DotNetOpenAuth.ApplicationBlock/AzureADHeader.cs b/samples/DotNetOpenAuth.ApplicationBlock/AzureADHeader.cs
new file mode 100644
index 0000000..532c405
--- /dev/null
+++ b/samples/DotNetOpenAuth.ApplicationBlock/AzureADHeader.cs
@@ -0,0 +1,51 @@
+//-----------------------------------------------------------------------
+// <copyright file="AzureADHeader.cs" company="Microsoft">
+// Copyright (c) Microsoft. All rights reserved.
+// </copyright>
+//-----------------------------------------------------------------------
+
+namespace DotNetOpenAuth.ApplicationBlock
+{
+ using System;
+ using System.ComponentModel;
+ using System.Diagnostics.CodeAnalysis;
+ using System.Runtime.Serialization;
+
+ /// <summary>
+ /// Contains header of AzureAD JWT token.
+ /// </summary>
+ /// <remarks>
+ /// Technically, this class doesn't need to be public, but because we want to make it serializable in medium trust, it has to be public.
+ /// </remarks>
+ [DataContract]
+ [EditorBrowsable(EditorBrowsableState.Never)]
+ [SuppressMessage("Microsoft.Naming", "CA1704:IdentifiersShouldBeSpelledCorrectly", MessageId = "AzureAD", Justification = "Brand name")]
+
+ public class AzureADHeader
+ {
+ #region Public Properties
+
+ /// <summary>
+ /// Gets or sets the type of token. Will always be JWT
+ /// </summary>
+ /// <value> The type of token. </value>
+ [DataMember(Name = "typ")]
+ public string Typ { get; set; }
+
+ /// <summary>
+ /// Gets or sets the algo of the header.
+ /// </summary>
+ /// <value> The algo of encoding. </value>
+ [DataMember(Name = "alg")]
+ public string Alg { get; set; }
+
+ /// <summary>
+ /// Gets or sets the thumbprint of the header.
+ /// </summary>
+ /// <value> The thumbprint of the cert used to encode. </value>
+ [DataMember(Name = "x5t")]
+ public string X5t { get; set; }
+
+ #endregion
+ }
+}
diff --git a/samples/DotNetOpenAuth.ApplicationBlock/DotNetOpenAuth.ApplicationBlock.csproj b/samples/DotNetOpenAuth.ApplicationBlock/DotNetOpenAuth.ApplicationBlock.csproj
index 9b67f4d..6c2ad7a 100644
--- a/samples/DotNetOpenAuth.ApplicationBlock/DotNetOpenAuth.ApplicationBlock.csproj
+++ b/samples/DotNetOpenAuth.ApplicationBlock/DotNetOpenAuth.ApplicationBlock.csproj
@@ -76,6 +76,7 @@
<Reference Include="System.Runtime.Serialization" />
<Reference Include="System.ServiceModel.Web" />
<Reference Include="System.Web" />
+ <Reference Include="System.Web.Extensions" />
<Reference Include="System.Xml.Linq">
<RequiredTargetFramework>3.5</RequiredTargetFramework>
</Reference>
@@ -86,6 +87,10 @@
<Reference Include="System.Xml" />
</ItemGroup>
<ItemGroup>
+ <Compile Include="AzureADClaims.cs" />
+ <Compile Include="azureadclient.cs" />
+ <Compile Include="AzureADGraph.cs" />
+ <Compile Include="AzureADHeader.cs" />
<Compile Include="CustomExtensions\Acme.cs" />
<Compile Include="CustomExtensions\AcmeRequest.cs" />
<Compile Include="CustomExtensions\AcmeResponse.cs" />
diff --git a/samples/DotNetOpenAuth.ApplicationBlock/azureadclient.cs b/samples/DotNetOpenAuth.ApplicationBlock/azureadclient.cs
new file mode 100644
index 0000000..2da2bc5
--- /dev/null
+++ b/samples/DotNetOpenAuth.ApplicationBlock/azureadclient.cs
@@ -0,0 +1,112 @@
+//-----------------------------------------------------------------------
+// <copyright file="AzureADClient.cs" company="Microsoft">
+// Copyright (c) Microsoft. All rights reserved.
+// </copyright>
+//-----------------------------------------------------------------------
+
+namespace DotNetOpenAuth.ApplicationBlock
+{
+ using System;
+ using System.Collections.Generic;
+ using System.Linq;
+ using System.Text;
+ using System.Web.Script.Serialization;
+ using DotNetOpenAuth.OAuth2;
+
+ public class AzureADClient : WebServerClient
+ {
+ private static readonly AuthorizationServerDescription AzureADDescription = new AuthorizationServerDescription
+ {
+ TokenEndpoint = new Uri("https://login.windows.net/global/oauth2/token"),
+ AuthorizationEndpoint = new Uri("https://login.windows.net/global/oauth2/authorize?resource=00000002-0000-0000-c000-000000000000/graph.windows.net"),
+ };
+
+ /// <summary>
+ /// Initializes a new instance of the <see cref="AzureADClient"/> class.
+ /// </summary>
+ public AzureADClient()
+ : base(AzureADDescription)
+ {
+ }
+
+ #region Methods
+
+ /// <summary>
+ /// Parses the access token into an AzureAD token.
+ /// </summary>
+ /// <param name="token">
+ /// The token as a string.
+ /// </param>
+ /// <returns>
+ /// The claims as an object and null in case of failure.
+ /// </returns>
+ public AzureADClaims ParseAccessToken(string token)
+ {
+ try
+ {
+ // This is the encoded JWT token split into the 3 parts
+ string[] strparts = token.Split('.');
+
+ // Decparts has the header and claims section decoded from JWT
+ string jwtHeader, jwtClaims;
+ string jwtb64Header, jwtb64Claims, jwtb64Sig;
+ byte[] jwtSig;
+ if (strparts.Length != 3)
+ {
+ return null;
+ }
+ jwtb64Header = strparts[0];
+ jwtb64Claims = strparts[1];
+ jwtb64Sig = strparts[2];
+ jwtHeader = Base64URLdecode(jwtb64Header);
+ jwtClaims = Base64URLdecode(jwtb64Claims);
+ jwtSig = Base64URLdecodebyte(jwtb64Sig);
+
+ JavaScriptSerializer s1 = new JavaScriptSerializer();
+
+ AzureADClaims claimsAD = s1.Deserialize<AzureADClaims>(jwtClaims);
+ AzureADHeader headerAD = s1.Deserialize<AzureADHeader>(jwtHeader);
+
+ return claimsAD;
+ }
+ catch (Exception)
+ {
+ return null;
+ }
+ }
+
+ /// <summary>
+ /// Base64 decode function except that it switches -_ to +/ before base64 decode
+ /// </summary>
+ /// <param name="str">
+ /// The string to be base64urldecoded.
+ /// </param>
+ /// <returns>
+ /// Decoded string as string using UTF8 encoding.
+ /// </returns>
+ private static string Base64URLdecode(string str)
+ {
+ System.Text.UTF8Encoding encoder = new System.Text.UTF8Encoding();
+ return encoder.GetString(Base64URLdecodebyte(str));
+ }
+
+ /// <summary>
+ /// Base64 decode function except that it switches -_ to +/ before base64 decode
+ /// </summary>
+ /// <param name="str">
+ /// The string to be base64urldecoded.
+ /// </param>
+ /// <returns>
+ /// Decoded string as bytes.
+ /// </returns>
+ private static byte[] Base64URLdecodebyte(string str)
+ {
+ // First replace chars and then pad per spec
+ str = str.Replace('-', '+').Replace('_', '/');
+ str = str.PadRight(str.Length + ((4 - (str.Length % 4)) % 4), '=');
+ return Convert.FromBase64String(str);
+ }
+
+ #endregion
+ }
+}
generated by cgit v1.1 at 2025-05-12 09:46:29 +0000