public

Windows Live Sts That Returns Email, Name Claims

  • Download Gist
Windows Live Sts Controller
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.IO;
using System.Web.Mvc;
using System.Runtime.Serialization;
using System.Runtime.Serialization.Json;
 
using Microsoft.IdentityModel.Protocols.WSFederation;
using Microsoft.IdentityModel.SecurityTokenService;
using Microsoft.IdentityModel.Web;
 
using Web.Core;
 
namespace Web.LiveSts.Controllers
{
[DataContract]
public class AccessTokenResult : BaseJsonResult
{
[DataMember(Name = "access_token")]
public string AccessToken { get; set; }
 
[DataMember(Name = "expires_in")]
public int ExpiresIn { get; set; }
 
[DataMember(Name = "scope")]
public string Scope { get; set; }
 
[DataMember(Name = "token_type")]
public string TokenType { get; set; }
}
 
[DataContract]
public class MeResult : BaseJsonResult
{
[DataMember(Name = "id")]
public string Id { get; set; }
 
[DataMember(Name = "name")]
public string Name { get; set; }
 
[DataMember(Name = "emails")]
public EmailResult Emails { get; set; }
}
 
[DataContract]
public class EmailResult : BaseJsonResult
{
[DataMember(Name = "preferred")]
public string Preferred { get; set; }
 
[DataMember(Name = "account")]
public string Account { get; set; }
 
[DataMember(Name = "personal")]
public string Personal { get; set; }
 
[DataMember(Name = "business")]
public string Business { get; set; }
 
}
 
public class HomeController : Controller
{
public ActionResult Index(string code)
{
string action = Request.QueryString[WSFederationConstants.Parameters.Action];
string domainUrl = Url.AbsoluteAction(string.Empty, string.Empty);
 
if (action == WSFederationConstants.Actions.SignIn && !string.IsNullOrEmpty(code))
{
System.Net.WebClient client = new System.Net.WebClient();
client.Headers.Add("Content-Type", "application/x-www-form-urlencoded");
string response = client.UploadString("https://oauth.live.com/token", string.Format("client_id={0}&redirect_uri={1}&client_secret={2}&code={3}&grant_type=authorization_code",
System.Configuration.ConfigurationManager.AppSettings["WindowsLiveClientIdFor-" + domainUrl],
Server.UrlEncode(Request.Url.OriginalString.Replace("&code=" + code, string.Empty)),
Server.UrlEncode(System.Configuration.ConfigurationManager.AppSettings["WindowsLiveClientSecretFor-" + domainUrl]),
code));
 
AccessTokenResult auth = new JsonProvider<AccessTokenResult>().GetResult(response);
MeResult profile = new JsonProvider<MeResult>().GetResult(new System.Net.WebClient().DownloadString("https://apis.live.net/v5.0/me?access_token=" + auth.AccessToken));
 
SignInRequestMessage requestMessage = (SignInRequestMessage)WSFederationMessage.CreateFromUri(Request.Url);
if (profile != null)
{
Microsoft.IdentityModel.SecurityTokenService.SecurityTokenService sts = new CustomSecurityTokenService(CustomSecurityTokenServiceConfiguration.Current(Url.AbsoluteAction("", "")), profile);
SignInResponseMessage responseMessage = FederatedPassiveSecurityTokenServiceOperations.ProcessSignInRequest(requestMessage, User, sts);
 
return new ContentResult
{
Content = responseMessage.WriteFormPost()
};
}
else
{
throw new UnauthorizedAccessException();
}
}
else if (action == WSFederationConstants.Actions.SignOut)
{
SignOutRequestMessage signoutMessage = (SignOutRequestMessage)WSFederationMessage.CreateFromUri(Request.Url);
 
FederatedAuthentication.SessionAuthenticationModule.SignOut();
if (!string.IsNullOrWhiteSpace(signoutMessage.Reply))
{
return Redirect(signoutMessage.Reply);
}
 
System.Web.Security.FormsAuthentication.SignOut();
}
 
if (string.IsNullOrEmpty(code))
return Redirect(string.Format("https://oauth.live.com/authorize?client_id={0}&scope=wl.signin%20wl.emails&response_type=code&redirect_uri={1}",
System.Configuration.ConfigurationManager.AppSettings["WindowsLiveClientIdFor-" + domainUrl],
Server.UrlEncode(Request.Url.OriginalString)));
 
return Content("");
}
}
}

Please sign in to comment on this gist.

Something went wrong with that request. Please try again.