Added AuthorizeRequest class, which is no longer present in IdentityModel.Client.

Note that this will ultimately be eliminated when moving to using OIDCClient.
7 years ago · df086fe0de
--- a/src/Mobile/eShopOnContainers/eShopOnContainers.Core/Services/Identity/AuthorizeRequest.cs
+++ b/src/Mobile/eShopOnContainers/eShopOnContainers.Core/Services/Identity/AuthorizeRequest.cs
@ -0,0 +1,23 @@
 using System;
 using System.Collections.Generic;
 using System.Linq;
 using System.Net;

 namespace eShopOnContainers.Core.Services.Identity
 {
    public class AuthorizeRequest
    {
        readonly Uri _authorizeEndpoint;

        public AuthorizeRequest(string authorizeEndpoint)
        {
            _authorizeEndpoint = new Uri(authorizeEndpoint);
        }

        public string Create(IDictionary<string, string> values)
        {
            var queryString = string.Join("&", values.Select(kvp => string.Format("{0}={1}", WebUtility.UrlEncode(kvp.Key), WebUtility.UrlEncode(kvp.Value))).ToArray());
            return string.Format("{0}?{1}", _authorizeEndpoint.AbsoluteUri, queryString);
        }
    }
 }
--- a/src/Mobile/eShopOnContainers/eShopOnContainers.Core/Services/Identity/IdentityService.cs
+++ b/src/Mobile/eShopOnContainers/eShopOnContainers.Core/Services/Identity/IdentityService.cs
@ -7,7 +7,6 @@ using eShopOnContainers.Core.Services.RequestProvider;
 using eShopOnContainers.Core.Models.Token;
 using eShopOnContainers.Core.Helpers;
 using IdentityModel;
 using IdentityModel.Client;
 using PCLCrypto;
 using static PCLCrypto.WinRTCrypto;

@ -26,26 +25,25 @@ namespace eShopOnContainers.Core.Services.Identity
        public string CreateAuthorizationRequest()
        {
            // Create URI to authorization endpoint
            //var authorizeRequest = new AuthorizeRequest(GlobalSetting.Instance.IdentityEndpoint);
            var authorizeRequest = new AuthorizeRequest(GlobalSetting.Instance.IdentityEndpoint);

            //// Dictionary with values for the authorize request
            //var dic = new Dictionary<string, string>();
            //dic.Add("client_id", GlobalSetting.Instance.ClientId);
            //dic.Add("client_secret", GlobalSetting.Instance.ClientSecret);
            //dic.Add("response_type", "code id_token");
            //dic.Add("scope", "openid profile basket orders locations marketing offline_access");
            //dic.Add("redirect_uri", GlobalSetting.Instance.IdentityCallback);
            //dic.Add("nonce", Guid.NewGuid().ToString("N"));
            //dic.Add("code_challenge", CreateCodeChallenge());
            //dic.Add("code_challenge_method", "S256");
            // Dictionary with values for the authorize request
            var dic = new Dictionary<string, string>();
            dic.Add("client_id", GlobalSetting.Instance.ClientId);
            dic.Add("client_secret", GlobalSetting.Instance.ClientSecret);
            dic.Add("response_type", "code id_token");
            dic.Add("scope", "openid profile basket orders locations marketing offline_access");
            dic.Add("redirect_uri", GlobalSetting.Instance.IdentityCallback);
            dic.Add("nonce", Guid.NewGuid().ToString("N"));
            dic.Add("code_challenge", CreateCodeChallenge());
            dic.Add("code_challenge_method", "S256");

            //// Add CSRF token to protect against cross-site request forgery attacks.
            //var currentCSRFToken = Guid.NewGuid().ToString("N");
            //dic.Add("state", currentCSRFToken);
            // Add CSRF token to protect against cross-site request forgery attacks.
            var currentCSRFToken = Guid.NewGuid().ToString("N");
            dic.Add("state", currentCSRFToken);

            //var authorizeUri = authorizeRequest.Create(dic);
            //return authorizeUri;
            return string.Empty;
            var authorizeUri = authorizeRequest.Create(dic);
            return authorizeUri;
        }

        public string CreateLogoutRequest(string token)