diff --git a/src/Mobile/eShopOnContainers/eShopOnContainers.Core/Services/Identity/AuthorizeRequest.cs b/src/Mobile/eShopOnContainers/eShopOnContainers.Core/Services/Identity/AuthorizeRequest.cs new file mode 100644 index 000000000..23a4aabc3 --- /dev/null +++ b/src/Mobile/eShopOnContainers/eShopOnContainers.Core/Services/Identity/AuthorizeRequest.cs @@ -0,0 +1,23 @@ +using System; +using System.Collections.Generic; +using System.Linq; +using System.Net; + +namespace eShopOnContainers.Core.Services.Identity +{ + public class AuthorizeRequest + { + readonly Uri _authorizeEndpoint; + + public AuthorizeRequest(string authorizeEndpoint) + { + _authorizeEndpoint = new Uri(authorizeEndpoint); + } + + public string Create(IDictionary values) + { + var queryString = string.Join("&", values.Select(kvp => string.Format("{0}={1}", WebUtility.UrlEncode(kvp.Key), WebUtility.UrlEncode(kvp.Value))).ToArray()); + return string.Format("{0}?{1}", _authorizeEndpoint.AbsoluteUri, queryString); + } + } +} diff --git a/src/Mobile/eShopOnContainers/eShopOnContainers.Core/Services/Identity/IdentityService.cs b/src/Mobile/eShopOnContainers/eShopOnContainers.Core/Services/Identity/IdentityService.cs index fc326e1ac..a9d0d2c82 100644 --- a/src/Mobile/eShopOnContainers/eShopOnContainers.Core/Services/Identity/IdentityService.cs +++ b/src/Mobile/eShopOnContainers/eShopOnContainers.Core/Services/Identity/IdentityService.cs @@ -7,7 +7,6 @@ using eShopOnContainers.Core.Services.RequestProvider; using eShopOnContainers.Core.Models.Token; using eShopOnContainers.Core.Helpers; using IdentityModel; -using IdentityModel.Client; using PCLCrypto; using static PCLCrypto.WinRTCrypto; @@ -26,26 +25,25 @@ namespace eShopOnContainers.Core.Services.Identity public string CreateAuthorizationRequest() { // Create URI to authorization endpoint - //var authorizeRequest = new AuthorizeRequest(GlobalSetting.Instance.IdentityEndpoint); + var authorizeRequest = new AuthorizeRequest(GlobalSetting.Instance.IdentityEndpoint); - //// Dictionary with values for the authorize request - //var dic = new Dictionary(); - //dic.Add("client_id", GlobalSetting.Instance.ClientId); - //dic.Add("client_secret", GlobalSetting.Instance.ClientSecret); - //dic.Add("response_type", "code id_token"); - //dic.Add("scope", "openid profile basket orders locations marketing offline_access"); - //dic.Add("redirect_uri", GlobalSetting.Instance.IdentityCallback); - //dic.Add("nonce", Guid.NewGuid().ToString("N")); - //dic.Add("code_challenge", CreateCodeChallenge()); - //dic.Add("code_challenge_method", "S256"); + // Dictionary with values for the authorize request + var dic = new Dictionary(); + dic.Add("client_id", GlobalSetting.Instance.ClientId); + dic.Add("client_secret", GlobalSetting.Instance.ClientSecret); + dic.Add("response_type", "code id_token"); + dic.Add("scope", "openid profile basket orders locations marketing offline_access"); + dic.Add("redirect_uri", GlobalSetting.Instance.IdentityCallback); + dic.Add("nonce", Guid.NewGuid().ToString("N")); + dic.Add("code_challenge", CreateCodeChallenge()); + dic.Add("code_challenge_method", "S256"); - //// Add CSRF token to protect against cross-site request forgery attacks. - //var currentCSRFToken = Guid.NewGuid().ToString("N"); - //dic.Add("state", currentCSRFToken); + // Add CSRF token to protect against cross-site request forgery attacks. + var currentCSRFToken = Guid.NewGuid().ToString("N"); + dic.Add("state", currentCSRFToken); - //var authorizeUri = authorizeRequest.Create(dic); - //return authorizeUri; - return string.Empty; + var authorizeUri = authorizeRequest.Create(dic); + return authorizeUri; } public string CreateLogoutRequest(string token)