diff --git a/Controllers/AuthController.cs b/Controllers/AuthController.cs index 38b3274..106fdf4 100644 --- a/Controllers/AuthController.cs +++ b/Controllers/AuthController.cs @@ -6,6 +6,7 @@ using System.Threading.Tasks; using System.Net.Http; using Newtonsoft.Json.Linq; using Newtonsoft.Json; +using System.Net.Http.Formatting; namespace qbridge.Controllers { @@ -60,15 +61,16 @@ namespace qbridge.Controllers } - +bugbug: It's not prompting for the company I want like the playground does...what's up with that? Is it because I need to follow the OpenID method rather than the "web app" method?? [HttpGet("Start/{qboid}")] - public async Task GetAsync([FromQuery]string qboid) + public async Task GetAsync([FromRoute]string qboid) { - if(string.IsNullOrWhiteSpace(qboid)){ - + if (string.IsNullOrWhiteSpace(qboid)) + { + return BadRequest("QBOID value is required"); } - + //GET THE DISCOVERY DOCUMENT //Discovery document contains the actual current endpoints to use for various ops await GetQBDiscoveryDocument(); @@ -94,7 +96,7 @@ namespace qbridge.Controllers {"scope", "openid" }, {"redirect_uri",REDIRECT_URI }, {"response_type","code"}, - {"state","MyUniqueStateID"} + {"state",qboid} }; url = Microsoft.AspNetCore.WebUtilities.QueryHelpers.AddQueryString(AuthorizationEndpoint, queryParams); @@ -133,7 +135,7 @@ namespace qbridge.Controllers request.Headers.Add("Accept", "application/json"); request.Headers.Add("User-Agent", "AyaNova-QBridge"); request.Headers.Add("Authorization", "Basic " + Base64Encode(CLIENT_ID + ":" + CLIENT_SECRET)); - + var bodyParams = new Dictionary() { {"code", code }, @@ -159,18 +161,18 @@ namespace qbridge.Controllers return Content($"TOKEN: {AccessTokenObject.ToString()}"); -/* -Actual response example: + /* + Actual response example: -TOKEN: { - "access_token": "eyJlbmMiOiJBMTI4Q0JDLUhTMjU2IiwiYWxnIjoiZGlyIn0..jUV9qU1fnLn8U1KWBj7VuQ.0734yzJslW7Mp9pOIh6NTQZO-hEFJp_5R2JIJecQkJ866rWg9U3FVilwTaBmMEtC3AR4AxJva1nf_LU4JJNA2_EWtRxItHXbVsa54yk5-uELr-42IKjIXlWm1vWQQnkJRye8gZvy6LJAVmbL8exX3WIDHZjauObvLYEifgWAx2HhYrkWfTwY0T4trxxMOmjRMHARXsi-4VPTuMZNgSLEf0ipu7UVepb6lM4T0rXtUHTFwp1W4-dbwbihD7OX6eBS68LX4FIGno6kxMB89sGOf8JUEx6wKyTg7GBll64aOEAf6_hqkh7dIjyLmDXtfyQvB8K77QHTGpPVQOVw8O66_QSx4ePiI6WFhQtUTIdKSlO8w3pmcVcq-iEnAP2GJlwgg1zMBb83QX1LRICjsGMYZwSMNBPlNcuasBcKHJSa3TftTqcm1DB35Cn1CY7Ulte8y4ClkjXQztdL4fJRFUpMCSZ-QSYfgGCfhATM7YE1ErFaXhgpCwsYxACU6G7mDSC9AcTuCupAVSDOas9tuuqsndETahXrhrp83NZMukXgnhv9eC_ac3N6jcog-hjvzsvkNfjSEqyiMWaC3yNQx5Qp0LDCsd2Byx3Feg8QUqhmI8XK6on1fxyJeZxv4o3kyciSVF6KzgJMgB6mYjv-tQ2tpjvCxb2AkSoI2tRkUic9UoRUsWZBNOLmZr8nw6xZ_e1IYkU9gWkh0hmiWB648onghQPWIJOl5hak1a5HSaoEQbkL_ouZwIMWgM2M02GeFrEr.m1xIClqQIgBZyDDcjfPvAg", - "x_refresh_token_expires_in": 15552000, - "refresh_token": "AB11584991271bMYG1tOJ3YyUw7CeaeI2ctbrwD2kZQ6AXnAbd", - "token_type": "bearer", - "expires_in": 3600, - "id_token": "eyJraWQiOiJPUElDUFJEMDkxODIwMTQiLCJhbGciOiJSUzI1NiJ9.eyJzdWIiOiIxNDQ5OGQwYi00YjcxLTQ0MDUtYmM1OS1hMWM2YmQ1YjVhZjAiLCJhdWQiOlsiQUJqNzBXdjVnRGF1RmQ5S2dLRnd1dnBRamZ6VHdFZ29kRUc4dG5CYlM4bVNRaE5yWkoiXSwiYXV0aF90aW1lIjoxNTY5NDMxODAxLCJpc3MiOiJodHRwczpcL1wvb2F1dGgucGxhdGZvcm0uaW50dWl0LmNvbVwvb3BcL3YxIiwiZXhwIjoxNTY5NDQyODcxLCJpYXQiOjE1Njk0MzkyNzF9.U6tjszRUnjBxktbb1pZoekotCSpxeHlHA-Gfy1RzEhAG0bj1gZlH5ksOhjaSE_PNx4WRKRL1fSvg5o59BTb-9iFyUZ7eiOF9Wny-C-kvxTlgnapX2H8TwNr5kKQWznuxwTzMzFVSq6REr5Ywad6B5tovzV5CG2Gan1tKxyR3ST0" -} - */ + TOKEN: { + "access_token": "eyJlbmMiOiJBMTI4Q0JDLUhTMjU2IiwiYWxnIjoiZGlyIn0..jUV9qU1fnLn8U1KWBj7VuQ.0734yzJslW7Mp9pOIh6NTQZO-hEFJp_5R2JIJecQkJ866rWg9U3FVilwTaBmMEtC3AR4AxJva1nf_LU4JJNA2_EWtRxItHXbVsa54yk5-uELr-42IKjIXlWm1vWQQnkJRye8gZvy6LJAVmbL8exX3WIDHZjauObvLYEifgWAx2HhYrkWfTwY0T4trxxMOmjRMHARXsi-4VPTuMZNgSLEf0ipu7UVepb6lM4T0rXtUHTFwp1W4-dbwbihD7OX6eBS68LX4FIGno6kxMB89sGOf8JUEx6wKyTg7GBll64aOEAf6_hqkh7dIjyLmDXtfyQvB8K77QHTGpPVQOVw8O66_QSx4ePiI6WFhQtUTIdKSlO8w3pmcVcq-iEnAP2GJlwgg1zMBb83QX1LRICjsGMYZwSMNBPlNcuasBcKHJSa3TftTqcm1DB35Cn1CY7Ulte8y4ClkjXQztdL4fJRFUpMCSZ-QSYfgGCfhATM7YE1ErFaXhgpCwsYxACU6G7mDSC9AcTuCupAVSDOas9tuuqsndETahXrhrp83NZMukXgnhv9eC_ac3N6jcog-hjvzsvkNfjSEqyiMWaC3yNQx5Qp0LDCsd2Byx3Feg8QUqhmI8XK6on1fxyJeZxv4o3kyciSVF6KzgJMgB6mYjv-tQ2tpjvCxb2AkSoI2tRkUic9UoRUsWZBNOLmZr8nw6xZ_e1IYkU9gWkh0hmiWB648onghQPWIJOl5hak1a5HSaoEQbkL_ouZwIMWgM2M02GeFrEr.m1xIClqQIgBZyDDcjfPvAg", + "x_refresh_token_expires_in": 15552000, + "refresh_token": "AB11584991271bMYG1tOJ3YyUw7CeaeI2ctbrwD2kZQ6AXnAbd", + "token_type": "bearer", + "expires_in": 3600, + "id_token": "eyJraWQiOiJPUElDUFJEMDkxODIwMTQiLCJhbGciOiJSUzI1NiJ9.eyJzdWIiOiIxNDQ5OGQwYi00YjcxLTQ0MDUtYmM1OS1hMWM2YmQ1YjVhZjAiLCJhdWQiOlsiQUJqNzBXdjVnRGF1RmQ5S2dLRnd1dnBRamZ6VHdFZ29kRUc4dG5CYlM4bVNRaE5yWkoiXSwiYXV0aF90aW1lIjoxNTY5NDMxODAxLCJpc3MiOiJodHRwczpcL1wvb2F1dGgucGxhdGZvcm0uaW50dWl0LmNvbVwvb3BcL3YxIiwiZXhwIjoxNTY5NDQyODcxLCJpYXQiOjE1Njk0MzkyNzF9.U6tjszRUnjBxktbb1pZoekotCSpxeHlHA-Gfy1RzEhAG0bj1gZlH5ksOhjaSE_PNx4WRKRL1fSvg5o59BTb-9iFyUZ7eiOF9Wny-C-kvxTlgnapX2H8TwNr5kKQWznuxwTzMzFVSq6REr5Ywad6B5tovzV5CG2Gan1tKxyR3ST0" + } + */ //https://localhost:5001/oauthredirect?state=bar&code=foo // return Content($"State: {state}, Code: {code}"); @@ -234,10 +236,24 @@ TOKEN: { - [HttpGet("Revoke/{id}")] - public async Task RevokeAsync() + [HttpGet("Revoke/{tokenToRevoke}")] + public async Task RevokeAsync([FromRoute]string tokenToRevoke) { //Revoke the access token for the app for the unique ID specified + /* + + POST https://developer.api.intuit.com/v2/oauth2/tokens/revoke HTTP/1.1 +Accept: application/json +Authorization: Basic UTM0dVBvRDIwanp2OUdxNXE1dmlMemppcTlwM1d2 + NzRUdDNReGkwZVNTTDhFRWwxb0g6VEh0WEJlR3dheEtZSlVNaFhzeGxma1l + XaFg3ZlFlRzFtN2szTFRwbw== +Content-Type: application/json + +{ + "token": "{bearerToken or refreshToken}" +} + + */ //GET THE DISCOVERY DOCUMENT //Discovery document contains the actual current endpoints to use for various ops @@ -255,35 +271,36 @@ TOKEN: { } - - - var request = new HttpRequestMessage(HttpMethod.Post, revocation_endpoint); request.Headers.Add("Accept", "application/json"); request.Headers.Add("User-Agent", "AyaNova-QBridge"); request.Headers.Add("Authorization", "Basic " + Base64Encode(CLIENT_ID + ":" + CLIENT_SECRET)); - - var bodyParams = new Dictionary() - { - {"code", code }, - {"redirect_uri", REDIRECT_URI }, - {"grant_type","authorization_code"} - }; - request.Content = new FormUrlEncodedContent(bodyParams); + + // var bodyParams = new Dictionary() + // { + // {"code", code }, + // {"redirect_uri", REDIRECT_URI }, + // {"grant_type","authorization_code"} + // }; + + + string jfrag = $"{{\"token\":\"{tokenToRevoke}\"}}"; + + request.Content = new StringContent(jfrag, System.Text.Encoding.UTF8, "application/json"); var client = _clientFactory.CreateClient(); + var response = await client.SendAsync(request); - JObject AccessTokenObject = null; + if (response.IsSuccessStatusCode) { - string data = await response.Content.ReadAsStringAsync(); - AccessTokenObject = JObject.Parse(data); + return Content("Token revoked"); } else { - AccessTokenObject = null; + return Content("Token revocation FAILED!"); }