using Autodesk.Forge; using Microsoft.AspNetCore.Mvc; using System; using System.Threading.Tasks; namespace forgeSample.Controllers { [ApiController] public class OAuthController : ControllerBase { // As both internal & public tokens are used for all visitors // we don't need to request a new token on every request, so let's // cache them using static variables. Note we still need to refresh // them after the expires_in time (in seconds) private static dynamic InternalToken { get; set; } private static dynamic PublicToken { get; set; } /// /// Get access token with public (viewables:read) scope /// [HttpGet] [Route("api/forge/oauth/token")] public async Task GetPublicAsync() { if (PublicToken == null || PublicToken.ExpiresAt < DateTime.UtcNow) { PublicToken = await Get2LeggedTokenAsync(new Scope[] { Scope.ViewablesRead }); PublicToken.ExpiresAt = DateTime.UtcNow.AddSeconds(PublicToken.expires_in); } return PublicToken; } /// /// Get access token with internal (write) scope /// public static async Task GetInternalAsync() { if (InternalToken == null || InternalToken.ExpiresAt < DateTime.UtcNow) { InternalToken = await Get2LeggedTokenAsync(new Scope[] { Scope.BucketCreate, Scope.BucketRead, Scope.BucketDelete, Scope.DataRead, Scope.DataWrite, Scope.DataCreate, Scope.CodeAll }); InternalToken.ExpiresAt = DateTime.UtcNow.AddSeconds(InternalToken.expires_in); } return InternalToken; } /// /// Get the access token from Autodesk /// private static async Task Get2LeggedTokenAsync(Scope[] scopes) { TwoLeggedApi oauth = new TwoLeggedApi(); string grantType = "client_credentials"; dynamic bearer = await oauth.AuthenticateAsync( GetAppSetting("FORGE_CLIENT_ID"), GetAppSetting("FORGE_CLIENT_SECRET"), grantType, scopes); return bearer; } /// /// Reads appsettings from web.config /// public static string GetAppSetting(string settingKey) { return Environment.GetEnvironmentVariable(settingKey).Trim(); } } }