summaryrefslogtreecommitdiffstats
path: root/samples/OAuth2ProtectedWebApi/Controllers
diff options
context:
space:
mode:
Diffstat (limited to 'samples/OAuth2ProtectedWebApi/Controllers')
-rw-r--r--samples/OAuth2ProtectedWebApi/Controllers/HomeController.cs13
-rw-r--r--samples/OAuth2ProtectedWebApi/Controllers/TokenController.cs17
-rw-r--r--samples/OAuth2ProtectedWebApi/Controllers/UserController.cs76
-rw-r--r--samples/OAuth2ProtectedWebApi/Controllers/ValuesController.cs33
4 files changed, 139 insertions, 0 deletions
diff --git a/samples/OAuth2ProtectedWebApi/Controllers/HomeController.cs b/samples/OAuth2ProtectedWebApi/Controllers/HomeController.cs
new file mode 100644
index 0000000..3244000
--- /dev/null
+++ b/samples/OAuth2ProtectedWebApi/Controllers/HomeController.cs
@@ -0,0 +1,13 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Web;
+using System.Web.Mvc;
+
+namespace OAuth2ProtectedWebApi.Controllers {
+ public class HomeController : Controller {
+ public ActionResult Index() {
+ return View();
+ }
+ }
+}
diff --git a/samples/OAuth2ProtectedWebApi/Controllers/TokenController.cs b/samples/OAuth2ProtectedWebApi/Controllers/TokenController.cs
new file mode 100644
index 0000000..a6ecf32
--- /dev/null
+++ b/samples/OAuth2ProtectedWebApi/Controllers/TokenController.cs
@@ -0,0 +1,17 @@
+namespace OAuth2ProtectedWebApi.Controllers {
+ using System.Net.Http;
+ using System.Threading.Tasks;
+ using System.Web.Http;
+
+ using DotNetOpenAuth.OAuth2;
+
+ using OAuth2ProtectedWebApi.Code;
+
+ public class TokenController : ApiController {
+ // POST /api/token
+ public Task<HttpResponseMessage> Post(HttpRequestMessage request) {
+ var authServer = new AuthorizationServer(new AuthorizationServerHost());
+ return authServer.HandleTokenRequestAsync(request);
+ }
+ }
+} \ No newline at end of file
diff --git a/samples/OAuth2ProtectedWebApi/Controllers/UserController.cs b/samples/OAuth2ProtectedWebApi/Controllers/UserController.cs
new file mode 100644
index 0000000..e627dc2
--- /dev/null
+++ b/samples/OAuth2ProtectedWebApi/Controllers/UserController.cs
@@ -0,0 +1,76 @@
+namespace OAuth2ProtectedWebApi.Controllers {
+ using System;
+ using System.Collections.Generic;
+ using System.Linq;
+ using System.Net.Http;
+ using System.Security.Principal;
+ using System.Threading.Tasks;
+ using System.Web;
+ using System.Web.Mvc;
+ using System.Web.Security;
+ using DotNetOpenAuth.Messaging;
+ using DotNetOpenAuth.OAuth2;
+ using DotNetOpenAuth.OAuth2.Messages;
+ using DotNetOpenAuth.OpenId;
+ using DotNetOpenAuth.OpenId.RelyingParty;
+ using OAuth2ProtectedWebApi.Code;
+
+ public class UserController : Controller {
+ [Authorize]
+ [HttpGet]
+ [HttpHeader("x-frame-options", "SAMEORIGIN")] // mitigates clickjacking
+ public async Task<ActionResult> Authorize() {
+ var authServer = new AuthorizationServer(new AuthorizationServerHost());
+ var authRequest = await authServer.ReadAuthorizationRequestAsync(this.Request);
+ this.ViewData["scope"] = authRequest.Scope;
+ this.ViewData["request"] = this.Request.Url;
+ return View();
+ }
+
+ [Authorize]
+ [HttpPost, ValidateAntiForgeryToken]
+ public async Task<ActionResult> Respond(string request, bool approval) {
+ var authServer = new AuthorizationServer(new AuthorizationServerHost());
+ var authRequest = await authServer.ReadAuthorizationRequestAsync(new Uri(request));
+ IProtocolMessage responseMessage;
+ if (approval) {
+ var grantedResponse = authServer.PrepareApproveAuthorizationRequest(
+ authRequest, this.User.Identity.Name, authRequest.Scope);
+ responseMessage = grantedResponse;
+ } else {
+ var rejectionResponse = authServer.PrepareRejectAuthorizationRequest(authRequest);
+ rejectionResponse.Error = Protocol.EndUserAuthorizationRequestErrorCodes.AccessDenied;
+ responseMessage = rejectionResponse;
+ }
+
+ var response = await authServer.Channel.PrepareResponseAsync(responseMessage);
+ return response.AsActionResult();
+ }
+
+ public async Task<ActionResult> Login(string returnUrl) {
+ var rp = new OpenIdRelyingParty(null);
+ Realm officialWebSiteHome = Realm.AutoDetect;
+ Uri returnTo = new Uri(this.Request.Url, this.Url.Action("Authenticate"));
+ var request = await rp.CreateRequestAsync(WellKnownProviders.Google, officialWebSiteHome, returnTo);
+ if (returnUrl != null) {
+ request.SetUntrustedCallbackArgument("returnUrl", returnUrl);
+ }
+
+ var redirectingResponse = await request.GetRedirectingResponseAsync();
+ return redirectingResponse.AsActionResult();
+ }
+
+ public async Task<ActionResult> Authenticate() {
+ var rp = new OpenIdRelyingParty(null);
+ var response = await rp.GetResponseAsync(this.Request);
+ if (response != null) {
+ if (response.Status == AuthenticationStatus.Authenticated) {
+ FormsAuthentication.SetAuthCookie(response.ClaimedIdentifier, false);
+ return this.Redirect(FormsAuthentication.GetRedirectUrl(response.ClaimedIdentifier, false));
+ }
+ }
+
+ return this.RedirectToAction("Index", "Home");
+ }
+ }
+}
diff --git a/samples/OAuth2ProtectedWebApi/Controllers/ValuesController.cs b/samples/OAuth2ProtectedWebApi/Controllers/ValuesController.cs
new file mode 100644
index 0000000..1c84c99
--- /dev/null
+++ b/samples/OAuth2ProtectedWebApi/Controllers/ValuesController.cs
@@ -0,0 +1,33 @@
+namespace OAuth2ProtectedWebApi.Controllers {
+ using System;
+ using System.Collections.Generic;
+ using System.Linq;
+ using System.Net;
+ using System.Net.Http;
+ using System.Web.Http;
+
+ [Authorize(Roles = "Values")]
+ public class ValuesController : ApiController {
+ // GET api/values
+ public IEnumerable<string> Get() {
+ return new string[] { "value1", this.User.Identity.Name, "value2" };
+ }
+
+ // GET api/values/5
+ public string Get(int id) {
+ return "value";
+ }
+
+ // POST api/values
+ public void Post([FromBody]string value) {
+ }
+
+ // PUT api/values/5
+ public void Put(int id, [FromBody]string value) {
+ }
+
+ // DELETE api/values/5
+ public void Delete(int id) {
+ }
+ }
+} \ No newline at end of file
generated by cgit v1.1 at 2025-06-07 15:28:53 +0000