Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- var result = JsonConvert.DeserializeObject<Dictionary<string, string>>(response);
- var user = (ClaimsIdentity)context.Principal.Identities.Single(claimsIdentity => claimsIdentity.AuthenticationType == "ecm-qbo");
- user.AddClaim(new Claim(type: ClaimTypes.Name, result["givenName"]));
- result.ToList().ForEach(kvp => {
- user.AddClaim(new Claim(type: kvp.Key, value: kvp.Value, valueType: null, issuer: "qbo", originalIssuer: "qbo", subject: user));
- });
- public void ConfigureServices(IServiceCollection services) {
- services.Configure<CookiePolicyOptions>(options => {
- // This lambda determines whether user consent for non-essential cookies is needed for a given request.
- options.CheckConsentNeeded = context => true;
- options.MinimumSameSitePolicy = SameSiteMode.None;
- });
- services.ConfigureApplicationCookie(o => {
- o.Cookie.Name = "auth_cookie";
- o.Cookie.SameSite = SameSiteMode.None;
- o.Events.OnRedirectToLogin = context => {
- context.Response.StatusCode = StatusCodes.Status401Unauthorized;
- return Task.CompletedTask;
- };
- });
- services.AddAuthentication(o => {
- o.DefaultAuthenticateScheme = CookieAuthenticationDefaults.AuthenticationScheme;
- o.DefaultSignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
- o.DefaultChallengeScheme = CookieAuthenticationDefaults.AuthenticationScheme;
- })
- .AddOAuth("qbo", "qbo", o => {
- o.CallbackPath = new PathString("/signin-qbo");
- o.ClaimActions.MapJsonKey(ClaimTypes.NameIdentifier, "sub");
- o.ClaimActions.MapJsonKey(ClaimTypes.Email, "email");
- o.ClaimActions.MapJsonKey(ClaimTypes.GivenName, "givenName");
- o.ClaimActions.MapJsonKey(ClaimTypes.Surname, "familyName");
- o.ClaimActions.MapJsonKey(ClaimTypes.Name, "givenName");
- o.ClientId = Configuration["ecm.qbo.client-id"];
- o.ClientSecret = Configuration["ecm.qbo.client-secret"];
- o.SaveTokens = true;
- o.ClaimsIssuer = "ecm-qbo";
- o.Scope.Add("openid");
- o.Scope.Add("profile");
- o.Scope.Add("email");
- o.Scope.Add("com.intuit.quickbooks.accounting");
- o.AuthorizationEndpoint = Configuration["ecm.qbo.authorization-endpoint"];
- o.TokenEndpoint = Configuration["ecm.qbo.token-endpoint"];
- o.UserInformationEndpoint = Configuration["ecm.qbo.user-info-endpoint"];
- o.Events.OnCreatingTicket = async context => {
- var companyId = context.Request.Query["realmid"].FirstOrDefault() ?? throw new ArgumentNullException("realmId");
- var accessToken = context.AccessToken;
- var refreshToken = context.RefreshToken;
- var tokens = context.Properties.GetTokens();
- Configuration["ecm.qbo.access-token"] = accessToken;
- Configuration["ecm.qbo.refresh-token"] = refreshToken;
- Configuration["ecm.qbo.realm-id"] = companyId;
- context.Backchannel.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", context.AccessToken);
- context.Backchannel.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
- var response = await context.Backchannel.GetStringAsync(context.Options.UserInformationEndpoint);
- var result = JsonConvert.DeserializeObject<Dictionary<string, string>>(response);
- var user = (ClaimsIdentity)context.Principal.Identities.Single(claimsIdentity => claimsIdentity.AuthenticationType == "ecm-qbo");
- user.AddClaim(new Claim(type: ClaimTypes.Name, result["givenName"]));
- result.ToList().ForEach(kvp => {
- user.AddClaim(new Claim(type: kvp.Key, value: kvp.Value, valueType: null, issuer: "qbo", originalIssuer: "qbo", subject: user));
- });
- await context.HttpContext.SignInAsync(IdentityConstants.ExternalScheme, context.Principal, new AuthenticationProperties {
- IsPersistent = false,
- RedirectUri = "/"
- });
- };
- });
- services.AddDbContext<ApplicationDbContext>(options =>
- options.UseSqlServer(
- Configuration.GetConnectionString("DefaultConnection")));
- services.AddIdentity<IdentityUser, IdentityRole>()
- .AddDefaultUI(UIFramework.Bootstrap4)
- .AddEntityFrameworkStores<ApplicationDbContext>();
- services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_2);
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement