-
Notifications
You must be signed in to change notification settings - Fork 0
Authentication
Matthias edited this page Apr 14, 2020
·
5 revisions
The logic for the authentication can be found here.
- User wants to link the TimeCockpit account
- Server responds with an unique link
- User goes to the link and gets redirected to the TimeCockpit login
- User logs in
- Server receives the callback and saves the refresh token
- User can use the bot
TODO: Create an graph for that
The entire process basically looks like this:
The ASP.NET configuration can be found in Startup.cs. There we have to set all the needed options to be able to use the existing ASP.NET wrappers around the code grant flow.
var refreshToken = await HttpContext.GetTokenAsync(CookieAuthenticationDefaults.AuthenticationScheme, "refresh_token");//
// Find the discovery endpoint
//
var discoveryResponse = await client.GetDiscoveryDocumentAsync("https://auth.timecockpit.com/");
//
// Send request to the auth endpoint
//
var response = await client.RequestRefreshTokenAsync(new RefreshTokenRequest
{
Address = discoveryResponse.TokenEndpoint,
ClientId = _configuration["TimeCockpit-ClientId"],
ClientSecret = _configuration["TimeCockpit-ClientSecret"],
Scope = "openid offline_access",
RefreshToken = oldRefreshToken,
ClientCredentialStyle = ClientCredentialStyle.AuthorizationHeader
});
// Could not renew the tokens
if (response.IsError)
{
return default;
}
//
// Get the new access and refresh token
//
var accessToken = response.AccessToken;
var refreshToken = response.RefreshToken;