public async Task <IActionResult> Authorize(
[EnableIntegratedWebClient, ModelBinder(typeof(AuthorizationRequestModelBinder))] AuthorizationRequest authorization)
{
if (!authorization.IsValid)
{
return(this.InvalidAuthorization(authorization.Error));
}
var authorizationResult = await _sessionManager.IsAuthorizedAsync(authorization);
if (authorizationResult.Status == AuthorizationStatus.Forbidden)
{
return(this.InvalidAuthorization(authorizationResult.Error));
}
if (authorizationResult.Status == AuthorizationStatus.LoginRequired)
{
return(RedirectToLogin(nameof(AccountController.Login), "Account", authorization.Message));
}
var context = authorization.CreateTokenGeneratingContext(
authorizationResult.User,
authorizationResult.Application);
AddAmbientClaims(context);
await _tokenManager.IssueTokensAsync(context);
var response = await _authorizationResponseFactory.CreateAuthorizationResponseAsync(context);
await _sessionManager.StartSessionAsync(authorizationResult.User, authorizationResult.Application);
return(this.ValidAuthorization(response));
}
public async Task <IActionResult> Authorize(
[EnableIntegratedWebClient, ModelBinder(typeof(AuthorizationRequestModelBinder))] AuthorizationRequest authorization)
{
if (!authorization.IsValid)
{
return(this.InvalidAuthorization(authorization.Error));
}
var authorizationResult = await _sessionManager.IsAuthorizedAsync(authorization);
if (authorizationResult.Status == AuthorizationStatus.Forbidden)
{
return(this.InvalidAuthorization(authorizationResult.Error));
}
if (authorizationResult.Status == AuthorizationStatus.LoginRequired)
{
return(RedirectToLogin(nameof(AccountController.Login), "Account", authorization.Message));
}
var context = authorization.CreateTokenGeneratingContext(
authorizationResult.User,
authorizationResult.Application);
context.AmbientClaims.Add(new Claim("policy", "signinsignup"));
context.AmbientClaims.Add(new Claim("version", "1.0"));
context.AmbientClaims.Add(new Claim("tenantId", "CDF07358 -BA97-470F-93CD-FC46E1B57F99"));
await _tokenManager.IssueTokensAsync(context);
var response = await _authorizationResponseFactory.CreateAuthorizationResponseAsync(context);
await _sessionManager.StartSessionAsync(authorizationResult.User, authorizationResult.Application);
return(this.ValidAuthorization(response));
}
