forked from ServiceStack/ServiceStack
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathOAuthProvider.cs
More file actions
147 lines (123 loc) · 6.79 KB
/
OAuthProvider.cs
File metadata and controls
147 lines (123 loc) · 6.79 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
using System;
using System.Linq;
using ServiceStack.Common;
using ServiceStack.Configuration;
using ServiceStack.Logging;
using ServiceStack.Text;
using ServiceStack.WebHost.Endpoints;
namespace ServiceStack.ServiceInterface.Auth
{
public class OAuthProvider : AuthProvider
{
public OAuthProvider() { }
public OAuthProvider(IResourceManager appSettings, string authRealm, string oAuthProvider)
: this(appSettings, authRealm, oAuthProvider, "ConsumerKey", "ConsumerSecret") { }
public OAuthProvider(IResourceManager appSettings, string authRealm, string oAuthProvider,
string consumerKeyName, string consumerSecretName)
{
this.AuthRealm = appSettings.Get("OAuthRealm", authRealm);
this.Provider = oAuthProvider;
this.RedirectUrl = appSettings.GetString("oauth.{0}.RedirectUrl".Fmt(oAuthProvider));
this.CallbackUrl = appSettings.GetString("oauth.{0}.CallbackUrl".Fmt(oAuthProvider));
this.ConsumerKey = appSettings.GetString("oauth.{0}.{1}".Fmt(oAuthProvider, consumerKeyName));
this.ConsumerSecret = appSettings.GetString("oauth.{0}.{1}".Fmt(oAuthProvider, consumerSecretName));
this.RequestTokenUrl = appSettings.Get("oauth.{0}.RequestTokenUrl", authRealm + "oauth/request_token");
this.AuthorizeUrl = appSettings.Get("oauth.{0}.AuthorizeUrl", authRealm + "oauth/authorize");
this.AccessTokenUrl = appSettings.Get("oauth.{0}.AccessTokenUrl", authRealm + "oauth/access_token");
this.OAuthUtils = new OAuthAuthorizer(this);
this.AuthHttpGateway = new AuthHttpGateway();
}
public IAuthHttpGateway AuthHttpGateway { get; set; }
public string ConsumerKey { get; set; }
public string ConsumerSecret { get; set; }
public string RequestTokenUrl { get; set; }
public string AuthorizeUrl { get; set; }
public string AccessTokenUrl { get; set; }
public OAuthAuthorizer OAuthUtils { get; set; }
public override bool IsAuthorized(IAuthSession session, IOAuthTokens tokens, Auth request = null)
{
if (request != null)
{
if (!LoginMatchesSession(session, request.UserName)) return false;
}
return tokens != null && !string.IsNullOrEmpty(tokens.AccessTokenSecret);
}
/// <summary>
/// The entry point for all AuthProvider providers. Runs inside the AuthService so exceptions are treated normally.
/// Overridable so you can provide your own Auth implementation.
/// </summary>
/// <param name="authService"></param>
/// <param name="session"></param>
/// <param name="request"></param>
/// <returns></returns>
public override object Authenticate(IServiceBase authService, IAuthSession session, Auth request)
{
var tokens = Init(authService, ref session, request);
//Default OAuth logic based on Twitter's OAuth workflow
if (!tokens.RequestToken.IsNullOrEmpty() && !request.oauth_token.IsNullOrEmpty())
{
OAuthUtils.RequestToken = tokens.RequestToken;
OAuthUtils.RequestTokenSecret = tokens.RequestTokenSecret;
OAuthUtils.AuthorizationToken = request.oauth_token;
OAuthUtils.AuthorizationVerifier = request.oauth_verifier;
if (OAuthUtils.AcquireAccessToken())
{
tokens.AccessToken = OAuthUtils.AccessToken;
tokens.AccessTokenSecret = OAuthUtils.AccessTokenSecret;
session.IsAuthenticated = true;
OnAuthenticated(authService, session, tokens, OAuthUtils.AuthInfo);
authService.SaveSession(session, SessionExpiry);
//Haz access!
return authService.Redirect(session.ReferrerUrl.AddHashParam("s", "1"));
}
//No Joy :(
tokens.RequestToken = null;
tokens.RequestTokenSecret = null;
authService.SaveSession(session, SessionExpiry);
return authService.Redirect(session.ReferrerUrl.AddHashParam("f", "AccessTokenFailed"));
}
if (OAuthUtils.AcquireRequestToken())
{
tokens.RequestToken = OAuthUtils.RequestToken;
tokens.RequestTokenSecret = OAuthUtils.RequestTokenSecret;
authService.SaveSession(session, SessionExpiry);
//Redirect to OAuth provider to approve access
return authService.Redirect(this.AuthorizeUrl
.AddQueryParam("oauth_token", tokens.RequestToken)
.AddQueryParam("oauth_callback", session.ReferrerUrl));
}
return authService.Redirect(session.ReferrerUrl.AddHashParam("f", "RequestTokenFailed"));
}
/// <summary>
/// Sets the CallbackUrl and session.ReferrerUrl if not set and initializes the session tokens for this AuthProvider
/// </summary>
/// <param name="authService"></param>
/// <param name="session"></param>
/// <param name="request"> </param>
/// <returns></returns>
protected IOAuthTokens Init(IServiceBase authService, ref IAuthSession session, Auth request)
{
if (request != null && !LoginMatchesSession(session, request.UserName))
{
//authService.RemoveSession();
//session = authService.GetSession();
}
var requestUri = authService.RequestContext.AbsoluteUri;
if (this.CallbackUrl.IsNullOrEmpty())
this.CallbackUrl = requestUri;
if (session.ReferrerUrl.IsNullOrEmpty())
session.ReferrerUrl = (request != null ? request.Continue : null)
?? authService.RequestContext.GetHeader("Referer");
if (session.ReferrerUrl.IsNullOrEmpty()
|| session.ReferrerUrl.IndexOf("/auth", StringComparison.OrdinalIgnoreCase) >= 0)
session.ReferrerUrl = this.RedirectUrl
?? ServiceStackHttpHandlerFactory.GetBaseUrl()
?? requestUri.Substring(0, requestUri.IndexOf("/", "https://".Length + 1));
var tokens = session.ProviderOAuthAccess.FirstOrDefault(x => x.Provider == Provider);
if (tokens == null)
session.ProviderOAuthAccess.Add(tokens = new OAuthTokens { Provider = Provider });
return tokens;
}
public virtual void LoadUserOAuthProvider(IAuthSession userSession, IOAuthTokens tokens) { }
}
}