Created

Embed URL

HTTPS clone URL

SSH clone URL

You can clone with HTTPS or SSH.

Download Gist

Windows Live Sts That Returns Email, Name Claims

View Windows Live Sts Controller
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.IO;
using System.Web.Mvc;
using System.Runtime.Serialization;
using System.Runtime.Serialization.Json;
 
using Microsoft.IdentityModel.Protocols.WSFederation;
using Microsoft.IdentityModel.SecurityTokenService;
using Microsoft.IdentityModel.Web;
 
using Web.Core;
 
namespace Web.LiveSts.Controllers
{
[DataContract]
public class AccessTokenResult : BaseJsonResult
{
[DataMember(Name = "access_token")]
public string AccessToken { get; set; }
 
[DataMember(Name = "expires_in")]
public int ExpiresIn { get; set; }
 
[DataMember(Name = "scope")]
public string Scope { get; set; }
 
[DataMember(Name = "token_type")]
public string TokenType { get; set; }
}
 
[DataContract]
public class MeResult : BaseJsonResult
{
[DataMember(Name = "id")]
public string Id { get; set; }
 
[DataMember(Name = "name")]
public string Name { get; set; }
 
[DataMember(Name = "emails")]
public EmailResult Emails { get; set; }
}
 
[DataContract]
public class EmailResult : BaseJsonResult
{
[DataMember(Name = "preferred")]
public string Preferred { get; set; }
 
[DataMember(Name = "account")]
public string Account { get; set; }
 
[DataMember(Name = "personal")]
public string Personal { get; set; }
 
[DataMember(Name = "business")]
public string Business { get; set; }
 
}
 
public class HomeController : Controller
{
public ActionResult Index(string code)
{
string action = Request.QueryString[WSFederationConstants.Parameters.Action];
string domainUrl = Url.AbsoluteAction(string.Empty, string.Empty);
 
if (action == WSFederationConstants.Actions.SignIn && !string.IsNullOrEmpty(code))
{
System.Net.WebClient client = new System.Net.WebClient();
client.Headers.Add("Content-Type", "application/x-www-form-urlencoded");
string response = client.UploadString("https://oauth.live.com/token", string.Format("client_id={0}&redirect_uri={1}&client_secret={2}&code={3}&grant_type=authorization_code",
System.Configuration.ConfigurationManager.AppSettings["WindowsLiveClientIdFor-" + domainUrl],
Server.UrlEncode(Request.Url.OriginalString.Replace("&code=" + code, string.Empty)),
Server.UrlEncode(System.Configuration.ConfigurationManager.AppSettings["WindowsLiveClientSecretFor-" + domainUrl]),
code));
 
AccessTokenResult auth = new JsonProvider<AccessTokenResult>().GetResult(response);
MeResult profile = new JsonProvider<MeResult>().GetResult(new System.Net.WebClient().DownloadString("https://apis.live.net/v5.0/me?access_token=" + auth.AccessToken));
 
SignInRequestMessage requestMessage = (SignInRequestMessage)WSFederationMessage.CreateFromUri(Request.Url);
if (profile != null)
{
Microsoft.IdentityModel.SecurityTokenService.SecurityTokenService sts = new CustomSecurityTokenService(CustomSecurityTokenServiceConfiguration.Current(Url.AbsoluteAction("", "")), profile);
SignInResponseMessage responseMessage = FederatedPassiveSecurityTokenServiceOperations.ProcessSignInRequest(requestMessage, User, sts);
 
return new ContentResult
{
Content = responseMessage.WriteFormPost()
};
}
else
{
throw new UnauthorizedAccessException();
}
}
else if (action == WSFederationConstants.Actions.SignOut)
{
SignOutRequestMessage signoutMessage = (SignOutRequestMessage)WSFederationMessage.CreateFromUri(Request.Url);
 
FederatedAuthentication.SessionAuthenticationModule.SignOut();
if (!string.IsNullOrWhiteSpace(signoutMessage.Reply))
{
return Redirect(signoutMessage.Reply);
}
 
System.Web.Security.FormsAuthentication.SignOut();
}
 
if (string.IsNullOrEmpty(code))
return Redirect(string.Format("https://oauth.live.com/authorize?client_id={0}&scope=wl.signin%20wl.emails&response_type=code&redirect_uri={1}",
System.Configuration.ConfigurationManager.AppSettings["WindowsLiveClientIdFor-" + domainUrl],
Server.UrlEncode(Request.Url.OriginalString)));
 
return Content("");
}
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.