-
Notifications
You must be signed in to change notification settings - Fork 17
/
Copy pathHomeController.cs
181 lines (141 loc) · 5.7 KB
/
HomeController.cs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
//using IdentityModel.Client;
using Intuit.Ipp.OAuth2PlatformClient;
using System;
using System.Security.Claims;
using System.Threading.Tasks;
using System.Web;
using System.Web.Mvc;
using System.Configuration;
using System.Net;
using System.Collections.Generic;
namespace MvcCodeFlowClientManual.Controllers
{
public class HomeController : Controller
{
DiscoveryClient discoveryClient;
DiscoveryResponse doc;
AuthorizeRequest request;
public static IList<JsonWebKey> keys;
public static string scope;
public static string authorizeUrl;
public async Task<ActionResult> Index()
{
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;
Session.Clear();
Session.Abandon();
Request.GetOwinContext().Authentication.SignOut("Cookies");
//Intialize DiscoverPolicy
DiscoveryPolicy dpolicy = new DiscoveryPolicy();
dpolicy.RequireHttps = true;
dpolicy.ValidateIssuerName = true;
//Assign the Sandbox Discovery url for the Apps' Dev clientid and clientsecret that you use
//Or
//Assign the Production Discovery url for the Apps' Production clientid and clientsecret that you use
string discoveryUrl = ConfigurationManager.AppSettings["DiscoveryUrl"];
if (discoveryUrl != null && AppController.clientid != null && AppController.clientsecret != null)
{
discoveryClient = new DiscoveryClient(discoveryUrl);
}
else
{
Exception ex= new Exception("Discovery Url missing!");
throw ex;
}
doc = await discoveryClient.GetAsync();
if (doc.StatusCode == HttpStatusCode.OK)
{
//Authorize endpoint
AppController.authorizeUrl = doc.AuthorizeEndpoint;
//Token endpoint
AppController.tokenEndpoint = doc.TokenEndpoint;
//Token Revocation enpoint
AppController.revocationEndpoint = doc.RevocationEndpoint;
//UserInfo endpoint
AppController.userinfoEndpoint = doc.UserInfoEndpoint;
//Issuer endpoint
AppController.issuerEndpoint = doc.Issuer;
//JWKS Keys
AppController.keys = doc.KeySet.Keys;
}
//Get mod and exponent value
foreach (var key in AppController.keys)
{
if (key.N != null)
{
//Mod
AppController.mod = key.N;
}
if (key.E != null)
{
//Exponent
AppController.expo = key.E;
}
}
return View();
}
public ActionResult MyAction(string submitButton)
{
switch (submitButton)
{
case "C2QB":
// delegate sending to C2QB Action
return (C2QB());
case "GetAppNow":
// call another action to GetAppNow
return (GetAppNow());
case "SIWI":
// call another action to SIWI
return (SIWI());
default:
// If they've submitted the form without a submitButton,
// just return the view again.
return (View());
}
}
private ActionResult C2QB()
{
scope = OidcScopes.Accounting.GetStringValue() + " " + OidcScopes.Payment.GetStringValue();
authorizeUrl = GetAuthorizeUrl(scope);
// perform the redirect here.
return Redirect(authorizeUrl);
}
private ActionResult GetAppNow()
{
scope = OidcScopes.Accounting.GetStringValue() + " " + OidcScopes.Payment.GetStringValue() + " " + OidcScopes.OpenId.GetStringValue() + " " + OidcScopes.Address.GetStringValue()
+ " " + OidcScopes.Email.GetStringValue() + " " + OidcScopes.Phone.GetStringValue()
+ " " + OidcScopes.Profile.GetStringValue();
authorizeUrl = GetAuthorizeUrl(scope);
// perform the redirect here.
return Redirect(authorizeUrl);
}
private ActionResult SIWI()
{
scope = OidcScopes.OpenId.GetStringValue() + " " + OidcScopes.Address.GetStringValue()
+ " " + OidcScopes.Email.GetStringValue() + " " + OidcScopes.Phone.GetStringValue()
+ " " + OidcScopes.Profile.GetStringValue();
authorizeUrl = GetAuthorizeUrl(scope);
// perform the redirect here.
return Redirect(authorizeUrl);
}
private void SetTempState(string state)
{
var tempId = new ClaimsIdentity("TempState");
tempId.AddClaim(new Claim("state", state));
Request.GetOwinContext().Authentication.SignIn(tempId);
}
private string GetAuthorizeUrl(string scope)
{
var state = Guid.NewGuid().ToString("N");
SetTempState(state);
//Make Authorization request
var request = new AuthorizeRequest(AppController.authorizeUrl);
string url = request.CreateAuthorizeUrl(
clientId: AppController.clientid,
responseType: OidcConstants.AuthorizeResponse.Code,
scope: scope,
redirectUri: AppController.redirectUrl,
state: state);
return url;
}
}
}