forked from openiddict/openiddict-core
-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathHomeController.cs
More file actions
96 lines (81 loc) · 3.89 KB
/
HomeController.cs
File metadata and controls
96 lines (81 loc) · 3.89 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
using System;
using System.Linq;
using System.Net.Http;
using System.Net.Http.Headers;
using System.Threading;
using System.Threading.Tasks;
using System.Web;
using System.Web.Mvc;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Owin.Security;
using Microsoft.Owin.Security.Cookies;
using OpenIddict.Client;
using OpenIddict.Sandbox.AspNet.Client.ViewModels.Home;
using static OpenIddict.Abstractions.OpenIddictConstants;
using static OpenIddict.Client.Owin.OpenIddictClientOwinConstants;
namespace OpenIddict.Sandbox.AspNet.Client.Controllers;
public class HomeController([FromKeyedServices("ApiClient")] HttpClient client, OpenIddictClientService service) : Controller
{
[HttpGet, Route("~/")]
public async Task<ActionResult> Index(CancellationToken cancellationToken) => View(new IndexViewModel
{
Providers = from registration in await service.GetClientRegistrationsAsync(cancellationToken)
where !string.IsNullOrEmpty(registration.ProviderName)
where !string.IsNullOrEmpty(registration.ProviderDisplayName)
select registration
});
[Authorize, HttpPost, Route("~/message"), ValidateAntiForgeryToken]
public async Task<ActionResult> GetMessage(CancellationToken cancellationToken)
{
var context = HttpContext.GetOwinContext();
var result = await context.Authentication.AuthenticateAsync(CookieAuthenticationDefaults.AuthenticationType);
var token = result.Properties.Dictionary[Tokens.BackchannelAccessToken];
using var request = new HttpRequestMessage(HttpMethod.Get, "api/message");
request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", token);
using var response = await client.SendAsync(request, cancellationToken);
response.EnsureSuccessStatusCode();
return View("Index", new IndexViewModel
{
Message = await response.Content.ReadAsStringAsync(),
Providers = from registration in await service.GetClientRegistrationsAsync(cancellationToken)
where !string.IsNullOrEmpty(registration.ProviderName)
where !string.IsNullOrEmpty(registration.ProviderDisplayName)
select registration
});
}
[Authorize, HttpPost, Route("~/refresh-token")]
[ValidateAntiForgeryToken]
public async Task<ActionResult> RefreshToken(CancellationToken cancellationToken)
{
var context = HttpContext.GetOwinContext();
var ticket = await context.Authentication.AuthenticateAsync(CookieAuthenticationDefaults.AuthenticationType);
if (!ticket.Properties.Dictionary.TryGetValue(Tokens.RefreshToken, out string token))
{
return new HttpStatusCodeResult(400);
}
var result = await service.AuthenticateWithRefreshTokenAsync(new()
{
CancellationToken = cancellationToken,
RefreshToken = token,
RegistrationId = ticket.Identity.FindFirst(Claims.Private.RegistrationId)?.Value
});
var properties = new AuthenticationProperties(ticket.Properties.Dictionary)
{
RedirectUri = null
};
properties.Dictionary[Tokens.BackchannelAccessToken] = result.AccessToken;
if (!string.IsNullOrEmpty(result.RefreshToken))
{
properties.Dictionary[Tokens.RefreshToken] = result.RefreshToken;
}
context.Authentication.SignIn(properties, ticket.Identity);
return View("Index", new IndexViewModel
{
Message = result.AccessToken,
Providers = from registration in await service.GetClientRegistrationsAsync(cancellationToken)
where !string.IsNullOrEmpty(registration.ProviderName)
where !string.IsNullOrEmpty(registration.ProviderDisplayName)
select registration
});
}
}