Merge pull request #19 from Microsoft/users/wismythe/oauth-web-sample-may29

OAuth web sample readme and web.config app property name tweaks

Author: Justin Marks

OAuthWebSample/.gitignore

@@ -156,3 +156,11 @@ $RECYCLE.BIN/
 
 # Mac desktop service store files
 .DS_Store
+
+
+# =====
+# Other
+# =====
+storage*
+db.lock
+*.pubxml

OAuthWebSample/OAuthWebSample.sln

@@ -16,6 +16,11 @@ Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Configurations", "Configura
 		PublishScripts\Configurations\OAuthSample-WAWS-dev.json = PublishScripts\Configurations\OAuthSample-WAWS-dev.json
 	EndProjectSection
 EndProject
+Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Solution Items", "Solution Items", "{9099F192-D034-4AB2-B628-EDB4B4C2BB81}"
+	ProjectSection(SolutionItems) = preProject
+		README.md = README.md
+	EndProjectSection
+EndProject
 Global
 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
 		Debug|Any CPU = Debug|Any CPU

OAuthWebSample/OAuthWebSample/Controllers/HomeController.cs

@@ -10,7 +10,7 @@ public class HomeController : Controller
     {
         public ActionResult Index()
         {
-            ViewBag.AppId = System.Configuration.ConfigurationManager.AppSettings["AppId"];
+            ViewBag.ClientAppId = System.Configuration.ConfigurationManager.AppSettings["ClientAppId"];
             ViewBag.CallbackUrl = System.Configuration.ConfigurationManager.AppSettings["CallbackUrl"];
             ViewBag.Scope = System.Configuration.ConfigurationManager.AppSettings["Scope"];
 

OAuthWebSample/OAuthWebSample/Controllers/OAuthController.cs

@@ -17,7 +17,6 @@ public ActionResult Index()
         {
 
             return View();
-
         }
 
         public ActionResult RequestToken(string code, string status)
@@ -70,7 +69,7 @@ private String PerformTokenRequest(String postData, out TokenModel token)
 
             HttpWebRequest webRequest = (HttpWebRequest)WebRequest.Create(
                 ConfigurationManager.AppSettings["TokenUrl"]
-                );
+            );
 
             webRequest.Method = "POST";
             webRequest.ContentLength = postData.Length;
@@ -114,7 +113,7 @@ public String GenerateAuthorizeUrl()
             UriBuilder uriBuilder = new UriBuilder(ConfigurationManager.AppSettings["AuthUrl"]);
             var queryParams = HttpUtility.ParseQueryString(uriBuilder.Query ?? String.Empty);
 
-            queryParams["client_id"] = ConfigurationManager.AppSettings["AppId"];
+            queryParams["client_id"] = ConfigurationManager.AppSettings["ClientAppId"];
             queryParams["response_type"] = "Assertion";
             queryParams["state"] = "state";
             queryParams["scope"] = ConfigurationManager.AppSettings["Scope"];
@@ -128,20 +127,19 @@ public String GenerateAuthorizeUrl()
         public string GenerateRequestPostData(string code)
         {
             return string.Format("client_assertion_type=urn:ietf:params:oauth:client-assertion-type:jwt-bearer&client_assertion={0}&grant_type=urn:ietf:params:oauth:grant-type:jwt-bearer&assertion={1}&redirect_uri={2}",
-                HttpUtility.UrlEncode(ConfigurationManager.AppSettings["ClientSecret"]),
+                HttpUtility.UrlEncode(ConfigurationManager.AppSettings["ClientAppSecret"]),
                 HttpUtility.UrlEncode(code),
                 ConfigurationManager.AppSettings["CallbackUrl"]
-                );
+            );
         }
 
         public string GenerateRefreshPostData(string refreshToken)
         {
             return string.Format("client_assertion_type=urn:ietf:params:oauth:client-assertion-type:jwt-bearer&client_assertion={0}&grant_type=refresh_token&assertion={1}&redirect_uri={2}",
-                HttpUtility.UrlEncode(ConfigurationManager.AppSettings["ClientSecret"]),
+                HttpUtility.UrlEncode(ConfigurationManager.AppSettings["ClientAppSecret"]),
                 HttpUtility.UrlEncode(refreshToken),
                 ConfigurationManager.AppSettings["CallbackUrl"]
-                );
-
+            );
         }
     }
 }

OAuthWebSample/OAuthWebSample/OAuthWebSample.csproj

@@ -21,6 +21,7 @@
     <IISExpressWindowsAuthentication>disabled</IISExpressWindowsAuthentication>
     <IISExpressUseClassicPipelineMode>false</IISExpressUseClassicPipelineMode>
     <UseGlobalApplicationHostFile />
+    <Use64BitIISExpress />
   </PropertyGroup>
   <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' ">
     <DebugSymbols>true</DebugSymbols>
@@ -182,7 +183,7 @@
     <VisualStudio>
       <FlavorProperties GUID="{349c5851-65df-11da-9384-00065b846f21}">
         <WebProjectProperties>
-          <UseIIS>True</UseIIS>
+          <UseIIS>False</UseIIS>
           <AutoAssignPort>True</AutoAssignPort>
           <DevelopmentServerPort>43742</DevelopmentServerPort>
           <DevelopmentServerVPath>/</DevelopmentServerVPath>

OAuthWebSample/OAuthWebSample/Views/Home/Index.cshtml

@@ -2,7 +2,7 @@
     ViewBag.Title = "Visual Studio Online OAuth Client Sample";
 
     var missingMsg = "Not set - update web.config";
-    var appIdVal = !String.IsNullOrEmpty(ViewBag.AppId) ? ViewBag.AppId : missingMsg;
+    var clientAppIdVal = !String.IsNullOrEmpty(ViewBag.ClientAppId) ? ViewBag.ClientAppId : missingMsg;
     var scopeVal = !String.IsNullOrEmpty(ViewBag.Scope) ? ViewBag.Scope : missingMsg;
     var callbackUrlVal = !String.IsNullOrEmpty(ViewBag.CallbackUrl) ? ViewBag.CallbackUrl : missingMsg;
 }
@@ -12,7 +12,7 @@
 <div class="jumbotron">
     <h1>Visual Studio Online OAuth Client Sample</h1>
     <p class="lead">This app shows how to authorize a user to authorize an app and then to request an access token to access Visual Studio Online on their behalf.</p>
-    <p><a href="/oauth/requesttoken" class="btn btn-primary btn-large"  >Start &raquo;</a></p>
+    <p><a href="/oauth/requesttoken" class="btn btn-primary btn-large"  >Authorize &raquo;</a></p>
 </div>
 
 <div class="row">
@@ -24,7 +24,7 @@
                 <li><a href="https://app.vsaex.visualstudio.com/app/register">Register</a> a client app with Visual Studio Online</li>
                 <li>Update the web.config of this web app and set the App ID, Scope, App Secret, and Callback URL set in the registered app. The callback URL should be https://<i>site</i>/oauth/callback
                     <ul>
-                        <li>App ID: <strong>@appIdVal</strong></li>
+                        <li>App ID: <strong>@clientAppIdVal</strong></li>
                         <li>Scope: <strong>@scopeVal</strong></li>
                         <li>Callback URL: <strong>@callbackUrlVal</strong></li>
                     </ul>

OAuthWebSample/OAuthWebSample/Web.config

@@ -11,13 +11,12 @@
     <add key="UnobtrusiveJavaScriptEnabled" value="true" />
 
     <!-- App Settings for OAuth-->
-    <add key="AppId" value=""/>
-    <add key="AppSecret" value=""/>
-    <add key="ClientSecret" value=""/>
-    <add key="Scope" value=""/>
+    <add key="ClientAppId" value="INSERT HERE"/>
+    <add key="ClientAppSecret" value="INSERT HERE"/>
+    <add key="Scope" value="INSERT HERE"/>
+    <add key="CallbackUrl" value="INSERT HERE"/>
     <add key="AuthUrl" value="https://app.vssps.visualstudio.com/oauth2/authorize"/>
-    <add key="TokenUrl" value="https://app.vssps.visualstudio.com/oauth2/token"/>
-    <add key="CallbackUrl" value=""/>
+    <add key="TokenUrl" value="https://app.vssps.visualstudio.com/oauth2/token"/>    
   </appSettings>
   <system.web>
     <compilation debug="true" targetFramework="4.5" />

OAuthWebSample/README.md

@@ -1,32 +1,39 @@
-# ASP.NET web app (OAuth sample)
+# ASP.NET web app (VSTS OAuth sample)
 
 This sample shows how to prompt a user to authorize a cloud service that can call APIs on Visual Studio Team Services on behalf of the user.
 
-To learn more about OAuth in Visual Studio Team Services, see [Authorize access with OAuth 2.0](https://www.visualstudio.com/docs/integrate/get-started/authentication/oauth)
+To learn more about OAuth in Visual Studio Team Services, see [Authorize access to VSTS with OAuth 2.0](https://docs.microsoft.com/vsts/integrate/get-started/authentication/oauth?view=vsts)
 
 ## How to setup
 
-> These instructions assume you will be deploying this sample app to an Azure web site. To learn more and to get started, visit [Get started with Azure Web Sites and ASP.NET](http://azure.microsoft.com/documentation/articles/web-sites-dotnet-get-started).
+> These instructions assume you will be deploying this sample app to an Azure web app. To learn more and to get started, visit [Get started with Azure Web Apps and ASP.NET](https://docs.microsoft.com/azure/app-service/app-service-web-get-started-dotnet-framework).
 
 1. Register an OAuth client app in Visual Studio Team Services (https://app.vsaex.visualstudio.com/app/register) 
-   * The callback URL should be https://yoursite.azurewebsites.net/oauth/callback, where "yoursite" is the name of your Azure web site
-2. Clone this repository
-3. Open the solution (VstsOAuthSample.sln) in Visual Studio 2015 or later
-4. Update the following settings in web.config to match the values in the app you just registered:
-  *  App ID
-  *  App Secret (use the "Client Secret" shown on the VSTS Application Settings page, not the App Secret)
-  *  Scope (space separated)
-  *  Callback URL
-5. Build the solution (this will trigger a NuGet package restore, which will pull in all dependencies of the project)
-6. Deploy the app to Azure
+   * The callback URL should be https://yoursite.azurewebsites.net/oauth/callback, where `yoursite` is the name of your Azure web app
+
+2. Clone this repository and open the solution `OAuthWebSample\OAuthWebSample.sln` in Visual Studio 2015 or later
+
+3. Update the following settings in web.config to match the values in the app you just registered:
+   *  `ClientAppID`
+   *  `ClientAppSecret` (use the "Client Secret" shown on the VSTS Application Settings page, not the App Secret)
+   *  `Scope` (space separated)
+   *  `CallbackUrl`
+
+4. Build the solution (this will trigger a NuGet package restore, which will pull in all dependencies of the project)
+
+5. Publish the app to Azure
 
 ### Run the sample
 
-1. Navigate to the deployed app (https://yoursite.azurewebsites.net)
+1. Navigate to your app (https://yoursite.azurewebsites.net)
+
 2. Confirm your App ID, scope, and callback URL are displayed properly
-   ![app](appstart.png)
-3. Click **Start**
+    ![app](appstart.png)
+
+3. Click **Authorize**
+
 4. Sign in to Visual Studio Team Services (if prompted)
+
 5. Review and accept the authorization request
 
 If everything is setup properly, Visual Studio Team Services will issue an access token and refresh token and both values will be displayed. **You should keep these values secret**. Also a new authorization will appear in [your profile page](https://app.vssps.visualstudio.com/Profile/View).