-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathAfasAuthClient.cs
88 lines (74 loc) · 3.25 KB
/
AfasAuthClient.cs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
using AFASSB.Models;
using System;
using System.Collections.Generic;
using System.Net.Http;
using System.Net.Http.Headers;
using System.Text;
using System.Text.Json;
using System.Threading.Tasks;
using System.Security.Cryptography;
public class AfasAuthClient
{
private readonly string _clientUrl;
private readonly string _clientId;
private readonly string _clientSecret;
private readonly string _redirectUri;
private readonly HttpClient httpClient = new HttpClient();
public string AccessToken { get; private set; }
public AfasAuthClient(string clientUrl, string clientId, string clientSecret, string redirectUri)
{
_clientUrl = clientUrl;
_clientId = clientId;
_clientSecret = clientSecret;
_redirectUri = redirectUri;
}
public async Task<string> AuthorizeWithPKCE(string state, string codeChallenge)
{
string authorizationRequest = $"{_clientUrl}/app/auth?response_type=code&client_id={_clientId}&redirect_uri={_redirectUri}&code_challenge={codeChallenge}&code_challenge_method=S256&state={state}";
// Simulate user interaction and obtain the authorization code
Console.WriteLine($"Open the following URL in a web browser to authorize the application: {authorizationRequest}");
Console.WriteLine("Enter the authorization code:");
string authorizationCode = Console.ReadLine();
return authorizationCode;
}
public string GenerateCodeVerifier()
{
byte[] randomBytes = new byte[32];
using (var rng = RandomNumberGenerator.Create())
{
rng.GetBytes(randomBytes);
}
return Convert.ToBase64String(randomBytes)
.TrimEnd('=')
.Replace('+', '-')
.Replace('/', '_');
}
public string GenerateCodeChallenge(string codeVerifier)
{
using (var sha256 = SHA256.Create())
{
byte[] challengeBytes = sha256.ComputeHash(Encoding.UTF8.GetBytes(codeVerifier));
return Convert.ToBase64String(challengeBytes)
.TrimEnd('=')
.Replace('+', '-')
.Replace('/', '_');
}
}
public async Task GetAccessTokenAsync(string authorizationCode, string codeVerifier, string state)
{
var requestBody = new FormUrlEncodedContent(new[]
{
new KeyValuePair<string, string>("grant_type", "authorization_code"),
new KeyValuePair<string, string>("client_id", _clientId),
new KeyValuePair<string, string>("client_secret", _clientSecret),
new KeyValuePair<string, string>("redirect_uri", _redirectUri),
new KeyValuePair<string, string>("code", authorizationCode),
new KeyValuePair<string, string>("code_verifier", codeVerifier),
new KeyValuePair<string, string>("state", state),
});
var response = await httpClient.PostAsync($"{_clientUrl}/app/token", requestBody);
response.EnsureSuccessStatusCode();
var tokenResponse = await JsonSerializer.DeserializeAsync<JsonElement>(await response.Content.ReadAsStreamAsync());
AccessToken = tokenResponse.GetProperty("access_token").GetString();
}
}