public override async Task ApplyAuthorizationResponse(ApplyAuthorizationResponseContext context)
{
if (!String.IsNullOrWhiteSpace(context.Error))
{
return;
}
TService = context.HttpContext.RequestServices.GetRequiredService <TokenService>();
ApplicationDbContext db = context.HttpContext.RequestServices.GetRequiredService <ApplicationDbContext>();
ClaimsPrincipal claimsUser = context.HttpContext.User;
// Implicit grant is the only flow that gets their token issued here.
Token access = new Token()
{
GrantType = OpenIdConnectConstants.GrantTypes.Implicit,
TokenType = OpenIdConnectConstants.TokenUsages.AccessToken,
Value = context.AccessToken,
};
OAuthClient client = db.ClientApplications.First(x => x.ClientId == context.Request.ClientId);
if (client == null)
{
return;
}
if (client.SubordinateTokenLimits == null)
{
access.RateLimit = RateLimit.DefaultImplicitLimit;
}
else
{
access.RateLimit = client.SubordinateTokenLimits;
}
await TService.WriteNewTokenToDatabase(context.Request.ClientId, access, claimsUser);
}
private void _stripUnnecessaryResponseParameters(ApplyAuthorizationResponseContext context)
{
_stripC(context.Response);
if (context.Request.IsImplicitFlow())
{
// Implicit Grant does not supply the Scopes in the response.
context.Response.RemoveParameter("scope");
}
}
public override Task ApplyAuthorizationResponse(ApplyAuthorizationResponseContext context)
{
if (context.Error == null)
{
foreach (var property in context.Ticket.Properties.Items)
{
if (!property.Key.StartsWith("."))
{
context.Response.AddParameter(property.Key, new OpenIdConnectParameter(property.Value));
}
}
}
return(Task.FromResult(0));
}
public override async Task ApplyAuthorizationResponse([NotNull] ApplyAuthorizationResponseContext context)
{
var options = (OpenIddictServerOptions)context.Options;
// Note: as this stage, the request associated with the context may be null if an error
// occurred very early in the pipeline (e.g an invalid HTTP verb was used by the caller).
// Remove the authorization request from the distributed cache.
if (options.EnableRequestCaching && !string.IsNullOrEmpty(context.Request?.RequestId))
{
// Note: the cache key is always prefixed with a specific marker
// to avoid collisions with the other types of cached requests.
var key = OpenIddictConstants.Environment.AuthorizationRequest + context.Request.RequestId;
// Note: the ApplyAuthorizationResponse event is called for both successful
// and errored authorization responses but discrimination is not necessary here,
// as the authorization request must be removed from the distributed cache in both cases.
await options.Cache.RemoveAsync(key);
}
if (!options.ApplicationCanDisplayErrors && !string.IsNullOrEmpty(context.Error) &&
string.IsNullOrEmpty(context.RedirectUri))
{
// Determine if the status code pages middleware has been enabled for this request.
// If it was not registered or enabled, let the OpenID Connect server middleware render
// a default error page instead of delegating the rendering to the status code middleware.
var feature = context.HttpContext.Features.Get <IStatusCodePagesFeature>();
if (feature != null && feature.Enabled)
{
// Replace the default status code to return a 400 response.
context.HttpContext.Response.StatusCode = 400;
// Mark the request as fully handled to prevent the OpenID Connect server middleware
// from displaying the default error page and to allow the status code pages middleware
// to rewrite the response using the logic defined by the developer when registering it.
context.HandleResponse();
return;
}
}
await _eventService.PublishAsync(new OpenIddictServerEvents.ApplyAuthorizationResponse(context));
}
public override async Task ApplyAuthorizationResponse([NotNull] ApplyAuthorizationResponseContext context)
{
var services = context.HttpContext.RequestServices.GetRequiredService <OpenIddictServices <TApplication, TAuthorization, TScope, TToken> >();
// Remove the authorization request from the distributed cache.
if (!string.IsNullOrEmpty(context.Request.RequestId))
{
// Note: the cache key is always prefixed with a specific marker
// to avoid collisions with the other types of cached requests.
var key = OpenIddictConstants.Environment.AuthorizationRequest + context.Request.RequestId;
// Note: the ApplyAuthorizationResponse event is called for both successful
// and errored authorization responses but discrimination is not necessary here,
// as the authorization request must be removed from the distributed cache in both cases.
await services.Options.Cache.RemoveAsync(key);
}
if (!context.Options.ApplicationCanDisplayErrors && !string.IsNullOrEmpty(context.Response.Error) &&
string.IsNullOrEmpty(context.Response.RedirectUri))
{
// Determine if the status code pages middleware has been enabled for this request.
// If it was not registered or enabled, let the OpenID Connect server middleware render
// a default error page instead of delegating the rendering to the status code middleware.
var feature = context.HttpContext.Features.Get <IStatusCodePagesFeature>();
if (feature != null && feature.Enabled)
{
// Replace the default status code to return a 400 response.
context.HttpContext.Response.StatusCode = 400;
// Mark the request as fully handled to prevent the OpenID Connect server middleware
// from displaying the default error page and to allow the status code pages middleware
// to rewrite the response using the logic defined by the developer when registering it.
context.HandleResponse();
}
}
}
public override Task ApplyAuthorizationResponse(ApplyAuthorizationResponseContext context)
{
context.Response.State = context.Request.State;
_stripUnnecessaryResponseParameters(context);
return(base.ApplyAuthorizationResponse(context));
}
public Task ApplyAuthorizationResponse(ApplyAuthorizationResponseContext context)
{
throw new NotImplementedException();
}
