summaryrefslogtreecommitdiffstats
path: root/samples/OAuth2ProtectedWebApi
diff options
context:
space:
mode:
Diffstat (limited to 'samples/OAuth2ProtectedWebApi')
-rw-r--r--samples/OAuth2ProtectedWebApi/Controllers/UserController.cs37
-rw-r--r--samples/OAuth2ProtectedWebApi/Controllers/ValuesController.cs2
-rw-r--r--samples/OAuth2ProtectedWebApi/OAuth2ProtectedWebApi.csproj8
-rw-r--r--samples/OAuth2ProtectedWebApi/Web.config4
4 files changed, 44 insertions, 7 deletions
diff --git a/samples/OAuth2ProtectedWebApi/Controllers/UserController.cs b/samples/OAuth2ProtectedWebApi/Controllers/UserController.cs
index c65258f..3e673c5 100644
--- a/samples/OAuth2ProtectedWebApi/Controllers/UserController.cs
+++ b/samples/OAuth2ProtectedWebApi/Controllers/UserController.cs
@@ -7,14 +7,16 @@
using System.Threading.Tasks;
using System.Web;
using System.Web.Mvc;
-
+ using System.Web.Security;
using DotNetOpenAuth.Messaging;
using DotNetOpenAuth.OAuth2;
using DotNetOpenAuth.OAuth2.Messages;
+ using DotNetOpenAuth.OpenId;
+ using DotNetOpenAuth.OpenId.RelyingParty;
using OAuth2ProtectedWebApi.Code;
- // [Authorize]
public class UserController : Controller {
+ [Authorize]
[HttpGet]
[HttpHeader("x-frame-options", "SAMEORIGIN")] // mitigates clickjacking
public async Task<ActionResult> Authorize() {
@@ -25,12 +27,11 @@
return View();
}
+ [Authorize]
[HttpPost, ValidateAntiForgeryToken]
public async Task<ActionResult> Respond(string request, bool approval) {
- System.Web.HttpContext.Current.User = new GenericPrincipal(new GenericIdentity("Andrew"), new string[0]);
var authServer = new AuthorizationServer(new AuthorizationServerHost());
- var httpInfo = HttpRequestInfo.Create(HttpMethod.Get.Method, new Uri(request));
- var authRequest = await authServer.ReadAuthorizationRequestAsync(httpInfo);
+ var authRequest = await authServer.ReadAuthorizationRequestAsync(new Uri(request));
IProtocolMessage responseMessage;
if (approval) {
responseMessage = authServer.PrepareApproveAuthorizationRequest(
@@ -42,5 +43,31 @@
var response = await authServer.Channel.PrepareResponseAsync(responseMessage);
return response.AsActionResult();
}
+
+ public async Task<ActionResult> Login(string returnUrl) {
+ var rp = new OpenIdRelyingParty(null);
+ Realm officialWebSiteHome = Realm.AutoDetect;
+ Uri returnTo = new Uri(this.Request.Url, this.Url.Action("Authenticate"));
+ var request = await rp.CreateRequestAsync(WellKnownProviders.Google, officialWebSiteHome, returnTo);
+ if (returnUrl != null) {
+ request.SetUntrustedCallbackArgument("returnUrl", returnUrl);
+ }
+
+ var redirectingResponse = await request.GetRedirectingResponseAsync();
+ return redirectingResponse.AsActionResult();
+ }
+
+ public async Task<ActionResult> Authenticate() {
+ var rp = new OpenIdRelyingParty(null);
+ var response = await rp.GetResponseAsync(this.Request);
+ if (response != null) {
+ if (response.Status == AuthenticationStatus.Authenticated) {
+ FormsAuthentication.SetAuthCookie(response.ClaimedIdentifier, false);
+ return this.Redirect(FormsAuthentication.GetRedirectUrl(response.ClaimedIdentifier, false));
+ }
+ }
+
+ return this.RedirectToAction("Index", "Home");
+ }
}
}
diff --git a/samples/OAuth2ProtectedWebApi/Controllers/ValuesController.cs b/samples/OAuth2ProtectedWebApi/Controllers/ValuesController.cs
index 601d26e..dd07835 100644
--- a/samples/OAuth2ProtectedWebApi/Controllers/ValuesController.cs
+++ b/samples/OAuth2ProtectedWebApi/Controllers/ValuesController.cs
@@ -10,7 +10,7 @@
public class ValuesController : ApiController {
// GET api/values
public IEnumerable<string> Get() {
- return new string[] { "value1", "value2" };
+ return new string[] { "value1", this.User.Identity.Name, "value2" };
}
// GET api/values/5
diff --git a/samples/OAuth2ProtectedWebApi/OAuth2ProtectedWebApi.csproj b/samples/OAuth2ProtectedWebApi/OAuth2ProtectedWebApi.csproj
index cffbec4..9c54bcd 100644
--- a/samples/OAuth2ProtectedWebApi/OAuth2ProtectedWebApi.csproj
+++ b/samples/OAuth2ProtectedWebApi/OAuth2ProtectedWebApi.csproj
@@ -266,6 +266,14 @@
<Project>{56459a6c-6ba2-4bac-a9c0-27e3bd961fa6}</Project>
<Name>DotNetOpenAuth.OAuth2</Name>
</ProjectReference>
+ <ProjectReference Include="..\..\src\DotNetOpenAuth.OpenId.RelyingParty\DotNetOpenAuth.OpenId.RelyingParty.csproj">
+ <Project>{f458ab60-ba1c-43d9-8cef-ec01b50be87b}</Project>
+ <Name>DotNetOpenAuth.OpenId.RelyingParty</Name>
+ </ProjectReference>
+ <ProjectReference Include="..\..\src\DotNetOpenAuth.OpenId\DotNetOpenAuth.OpenId.csproj">
+ <Project>{3896a32a-e876-4c23-b9b8-78e17d134cd3}</Project>
+ <Name>DotNetOpenAuth.OpenId</Name>
+ </ProjectReference>
</ItemGroup>
<PropertyGroup>
<VisualStudioVersion Condition="'$(VisualStudioVersion)' == ''">10.0</VisualStudioVersion>
diff --git a/samples/OAuth2ProtectedWebApi/Web.config b/samples/OAuth2ProtectedWebApi/Web.config
index 9ca0994..ef67291 100644
--- a/samples/OAuth2ProtectedWebApi/Web.config
+++ b/samples/OAuth2ProtectedWebApi/Web.config
@@ -31,7 +31,9 @@
<system.web>
<compilation debug="true" targetFramework="4.5" />
<httpRuntime targetFramework="4.5" />
- <authentication mode="None" />
+ <authentication mode="Forms">
+ <forms loginUrl="/user/login" defaultUrl="/" />
+ </authentication>
<pages>
<namespaces>
<add namespace="System.Web.Helpers" />
generated by cgit v1.1 at 2025-05-18 23:39:39 +0000