-
Notifications
You must be signed in to change notification settings - Fork 3
/
Auth0AuthenticationStateProvider.cs
103 lines (88 loc) · 3.75 KB
/
Auth0AuthenticationStateProvider.cs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
using IdentityModel.Client;
using IdentityModel.OidcClient;
using IdentityModel.OidcClient.Browser;
using System.Collections.Generic;
using System;
using System.Threading.Tasks;
using Core.Model;
using Microsoft.AspNetCore.Components.Authorization;
using System.Security.Claims;
namespace BlazorHybridApp.Auth0
{
public class Auth0AuthenticationStateProvider : AuthenticationStateProvider
{
private readonly OidcClient oidcClient;
private readonly TokenProvider tokenProvider;
private readonly Auth0AuthenticationStateProviderOptions options;
private ClaimsPrincipal currentUser = new ClaimsPrincipal(new ClaimsIdentity());
public Auth0AuthenticationStateProvider(Auth0AuthenticationStateProviderOptions options, TokenProvider tokenProvider)
{
oidcClient = new OidcClient(new OidcClientOptions
{
Authority = $"https://{options.Domain}",
ClientId = options.ClientId,
Scope = options.Scope,
RedirectUri = options.RedirectUri,
Browser = options.Browser
});
this.options = options;
this.tokenProvider = tokenProvider;
}
public override Task<AuthenticationState> GetAuthenticationStateAsync() =>
Task.FromResult(new AuthenticationState(currentUser));
public IdentityModel.OidcClient.Browser.IBrowser Browser
{
get
{
return oidcClient.Options.Browser;
}
set
{
oidcClient.Options.Browser = value;
}
}
public async Task LogInAsync()
{
var loginRequest = new LoginRequest { FrontChannelExtraParameters = new Parameters(options.AdditionalProviderParameters) };
var loginResult = await oidcClient.LoginAsync(loginRequest);
tokenProvider.RefreshToken = loginResult.RefreshToken;
tokenProvider.AccessToken = loginResult.AccessToken;
tokenProvider.IdToken = loginResult.IdentityToken;
currentUser = loginResult.User;
if (currentUser.Identity.IsAuthenticated)
{
var identity = (ClaimsIdentity)currentUser.Identity;
var roleClaims = identity.FindAll(options.RoleClaim).ToArray();
if (roleClaims != null && roleClaims.Any())
{
foreach (var existingClaim in roleClaims)
{
identity.AddClaim(new Claim(identity.RoleClaimType, existingClaim.Value));
}
}
}
NotifyAuthenticationStateChanged(
Task.FromResult(new AuthenticationState(currentUser)));
}
public async Task LogoutAsync()
{
var logoutParameters = new Dictionary<string, string>
{
{"client_id", oidcClient.Options.ClientId },
{"returnTo", oidcClient.Options.RedirectUri }
};
var logoutRequest = new LogoutRequest();
var endSessionUrl = new RequestUrl($"{oidcClient.Options.Authority}/v2/logout")
.Create(new Parameters(logoutParameters));
var browserOptions = new BrowserOptions(endSessionUrl, oidcClient.Options.RedirectUri)
{
Timeout = TimeSpan.FromSeconds(logoutRequest.BrowserTimeout),
DisplayMode = logoutRequest.BrowserDisplayMode
};
await oidcClient.Options.Browser.InvokeAsync(browserOptions);
currentUser = new ClaimsPrincipal(new ClaimsIdentity());
NotifyAuthenticationStateChanged(
Task.FromResult(new AuthenticationState(currentUser)));
}
}
}