Add sample for embedded Lock

Samples/embedded-lock/.bowerrc

@@ -0,0 +1,3 @@
+{
+  "directory": "wwwroot/lib"
+}

Samples/embedded-lock/Auth0Extensions.cs

@@ -0,0 +1,102 @@
+using System;
+using System.Security.Claims;
+using System.Security.Cryptography;
+using System.Threading.Tasks;
+using Microsoft.AspNetCore.Authentication;
+using Microsoft.AspNetCore.Authentication.Cookies;
+using Microsoft.AspNetCore.Authentication.OpenIdConnect;
+using Microsoft.AspNetCore.Builder;
+using Microsoft.AspNetCore.Http;
+using Microsoft.AspNetCore.Http.Authentication;
+using Microsoft.Extensions.DependencyInjection;
+using Microsoft.Extensions.Options;
+
+namespace SampleMvcApp
+{
+    public static class Auth0Extensions
+    {
+        private static readonly RandomNumberGenerator CryptoRandom = RandomNumberGenerator.Create();
+        private const string CorrelationPrefix = ".AspNetCore.Correlation.";
+        private const string CorrelationProperty = ".xsrf";
+        private const string CorrelationMarker = "N";
+        private const string NonceProperty = "N";
+
+        private static string BuildRedirectUri(HttpRequest request, PathString redirectPath)
+        {
+            return request.Scheme + "://" + request.Host + request.PathBase + redirectPath;
+        }
+
+        private static void GenerateCorrelationId(HttpContext httpContext, OpenIdConnectOptions options, AuthenticationProperties properties)
+        {
+            if (properties == null)
+            {
+                throw new ArgumentNullException(nameof(properties));
+            }
+
+            var bytes = new byte[32];
+            CryptoRandom.GetBytes(bytes);
+            var correlationId = Base64UrlTextEncoder.Encode(bytes);
+
+            var cookieOptions = new CookieOptions
+            {
+                HttpOnly = true,
+                Secure = httpContext.Request.IsHttps,
+                Expires = properties.ExpiresUtc
+            };
+
+            properties.Items[CorrelationProperty] = correlationId;
+
+            var cookieName = CorrelationPrefix + options.AuthenticationScheme + "." + correlationId;
+
+            httpContext.Response.Cookies.Append(cookieName, CorrelationMarker, cookieOptions);
+        }
+
+        public static LockContext GenerateLockContext(this HttpContext httpContext, OpenIdConnectOptions options, string returnUrl = null)
+        {
+            LockContext lockContext = new LockContext();
+
+            // Set the options
+            lockContext.ClientId = options.ClientId;
+
+            // retrieve the domain from the authority
+            Uri authorityUri;
+            if (Uri.TryCreate(options.Authority, UriKind.Absolute, out authorityUri))
+            {
+                lockContext.Domain = authorityUri.Host;
+            }
+
+            // Set the redirect
+            string callbackUrl = BuildRedirectUri(httpContext.Request, options.CallbackPath);
+            lockContext.CallbackUrl = callbackUrl;
+
+            // Add the nonce.
+            var nonce = options.ProtocolValidator.GenerateNonce();
+            httpContext.Response.Cookies.Append(
+                OpenIdConnectDefaults.CookieNoncePrefix + options.StringDataFormat.Protect(nonce),
+                NonceProperty,
+                new CookieOptions
+                {
+                    HttpOnly = true,
+                    Secure = httpContext.Request.IsHttps,
+                    Expires = DateTime.UtcNow + options.ProtocolValidator.NonceLifetime
+                });
+            lockContext.Nonce = nonce;
+
+            // Since we are handling the 1st leg of the Auth (redirecting to /authorize), we need to generate the correlation ID so the 
+            // OAuth middleware can validate it correctly once it picks up from the 2nd leg (receiving the code)
+            var properties = new AuthenticationProperties()
+            {
+                ExpiresUtc = options.SystemClock.UtcNow.Add(options.RemoteAuthenticationTimeout),
+                RedirectUri = returnUrl ?? "/"
+            };
+            properties.Items[OpenIdConnectDefaults.RedirectUriForCodePropertiesKey] = callbackUrl;
+            GenerateCorrelationId(httpContext, options, properties);
+
+            // Generate State
+            lockContext.State = Uri.EscapeDataString(options.StateDataFormat.Protect(properties));
+
+            // return the Lock context
+            return lockContext;
+        }
+    }
+}

Samples/embedded-lock/Controllers/AccountController.cs

@@ -0,0 +1,46 @@
+using Microsoft.AspNetCore.Authentication.Cookies;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.AspNetCore.Http.Authentication;
+using Microsoft.Extensions.Options;
+using Microsoft.AspNetCore.Builder;
+using Microsoft.AspNetCore.Authorization;
+
+namespace SampleMvcApp.Controllers
+{
+    public class AccountController : Controller
+    {
+        IOptions<OpenIdConnectOptions> _options;
+
+        public AccountController(IOptions<OpenIdConnectOptions> options)
+        {
+            _options = options;
+        }
+
+        public IActionResult Login(string returnUrl = "/")
+        {
+            var lockContext = HttpContext.GenerateLockContext(_options.Value, returnUrl);
+
+            return View(lockContext);
+        }
+
+        [Authorize]
+        public IActionResult Logout()
+        {
+            HttpContext.Authentication.SignOutAsync("Auth0");
+            HttpContext.Authentication.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme);
+
+            return RedirectToAction("Index", "Home");
+        }
+
+        /// <summary>
+        /// This is just a helper action to enable you to easily see all claims related to a user. It helps when debugging your
+        /// application to see the in claims populated from the Auth0 ID Token
+        /// </summary>
+        /// <returns></returns>
+        [Authorize]
+        public IActionResult Claims()
+        {
+            return View();
+        }
+    }
+}

Samples/embedded-lock/Controllers/HomeController.cs

@@ -0,0 +1,22 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Threading.Tasks;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.AspNetCore.Authorization;
+
+namespace SampleMvcApp.Controllers
+{
+    public class HomeController : Controller
+    {
+        public IActionResult Index()
+        {
+            return View();
+        }
+
+        public IActionResult Error()
+        {
+            return View();
+        }
+    }
+}

Samples/embedded-lock/LockContext.cs

@@ -0,0 +1,12 @@
+namespace SampleMvcApp
+{
+    public class LockContext
+    {
+        public string CallbackUrl { get; set; }
+        public string ClientId { get; set; }
+        public string ClientSecret { get; set; }
+        public string Domain { get; set; }
+        public string Nonce { get; set; }
+        public string State { get; set; }
+    }
+}

Samples/embedded-lock/Program.cs

@@ -0,0 +1,24 @@
+using System;
+using System.Collections.Generic;
+using System.IO;
+using System.Linq;
+using System.Threading.Tasks;
+using Microsoft.AspNetCore.Hosting;
+
+namespace SampleMvcApp
+{
+    public class Program
+    {
+        public static void Main(string[] args)
+        {
+            var host = new WebHostBuilder()
+                .UseKestrel()
+                .UseContentRoot(Directory.GetCurrentDirectory())
+                .UseIISIntegration()
+                .UseStartup<Startup>()
+                .Build();
+
+            host.Run();
+        }
+    }
+}

Samples/embedded-lock/Properties/launchSettings.json

@@ -0,0 +1,27 @@
+{
+  "iisSettings": {
+    "windowsAuthentication": false,
+    "anonymousAuthentication": true,
+    "iisExpress": {
+      "applicationUrl": "http://localhost:5000/",
+      "sslPort": 0
+    }
+  },
+  "profiles": {
+    "IIS Express": {
+      "commandName": "IISExpress",
+      "launchBrowser": true,
+      "environmentVariables": {
+        "ASPNETCORE_ENVIRONMENT": "Development"
+      }
+    },
+    "SampleMvcApp": {
+      "commandName": "Project",
+      "launchBrowser": true,
+      "launchUrl": "http://localhost:5000",
+      "environmentVariables": {
+        "ASPNETCORE_ENVIRONMENT": "Development"
+      }
+    }
+  }
+}