Beispiel #1
0
        public void When_No_Amr_Then_Exception_Is_Thrown()
        {
            // ARRANGE
            InitializeFakeObjects();

            // ACT & ASSERTS
            var exception = Assert.Throws <IdentityServerException>(() => _amrHelper.GetAmr(new List <string>(), new[] { "pwd" }));

            Assert.NotNull(exception);
            Assert.Equal(Errors.ErrorCodes.InternalError, exception.Code);
            Assert.Equal(Errors.ErrorDescriptions.NoActiveAmr, exception.Message);
        }
Beispiel #2
0
        public Task <ResourceOwner> Authenticate(string login, string password, IEnumerable <string> exceptedAmrValues)
        {
            if (string.IsNullOrWhiteSpace(login))
            {
                throw new ArgumentNullException(nameof(login));
            }

            if (string.IsNullOrWhiteSpace(password))
            {
                throw new ArgumentNullException(nameof(password));
            }

            var currentAmrs = _services.Select(s => s.Amr);
            var amr         = _amrHelper.GetAmr(currentAmrs, exceptedAmrValues);
            var service     = _services.FirstOrDefault(s => s.Amr == amr);

            return(service.AuthenticateResourceOwnerAsync(login, password));
        }
        public async Task <ActionResult> GetAuthorization(AuthorizationParameter parameter, IPrincipal claimsPrincipal, string issuerName)
        {
            var processId = Guid.NewGuid().ToString();

            _eventPublisher.Publish(new AuthorizationRequestReceived(Guid.NewGuid().ToString(), processId, _payloadSerializer.GetPayload(parameter), 0));
            try
            {
                var client = await _authorizationCodeGrantTypeParameterValidator.ValidateAsync(parameter);

                ActionResult actionResult = null;
                _oauthEventSource.StartAuthorization(parameter.ClientId,
                                                     parameter.ResponseType,
                                                     parameter.Scope,
                                                     parameter.Claims == null ? string.Empty : parameter.Claims.ToString());
                if (client.RequirePkce)
                {
                    if (string.IsNullOrWhiteSpace(parameter.CodeChallenge) || parameter.CodeChallengeMethod == null)
                    {
                        throw new IdentityServerExceptionWithState(ErrorCodes.InvalidRequestCode, string.Format(ErrorDescriptions.TheClientRequiresPkce, parameter.ClientId), parameter.State);
                    }
                }

                var responseTypes     = _parameterParserHelper.ParseResponseTypes(parameter.ResponseType);
                var authorizationFlow = _authorizationFlowHelper.GetAuthorizationFlow(responseTypes, parameter.State);
                switch (authorizationFlow)
                {
                case AuthorizationFlow.AuthorizationCodeFlow:
                    actionResult = await _getAuthorizationCodeOperation.Execute(parameter, claimsPrincipal, client, issuerName);

                    break;

                case AuthorizationFlow.ImplicitFlow:
                    actionResult = await _getTokenViaImplicitWorkflowOperation.Execute(parameter, claimsPrincipal, client, issuerName);

                    break;

                case AuthorizationFlow.HybridFlow:
                    actionResult = await _getAuthorizationCodeAndTokenViaHybridWorkflowOperation.Execute(parameter, claimsPrincipal, client, issuerName);

                    break;
                }

                if (actionResult != null)
                {
                    var actionTypeName = Enum.GetName(typeof(TypeActionResult), actionResult.Type);
                    var actionName     = string.Empty;
                    if (actionResult.Type == TypeActionResult.RedirectToAction)
                    {
                        var actionEnum = actionResult.RedirectInstruction.Action;
                        actionName = Enum.GetName(typeof(IdentityServerEndPoints), actionEnum);
                    }

                    var serializedParameters = actionResult.RedirectInstruction == null || actionResult.RedirectInstruction.Parameters == null ? String.Empty :
                                               actionResult.RedirectInstruction.Parameters.SerializeWithJavascript();
                    _oauthEventSource.EndAuthorization(actionTypeName,
                                                       actionName,
                                                       serializedParameters);
                }

                _eventPublisher.Publish(new AuthorizationGranted(Guid.NewGuid().ToString(), processId, _payloadSerializer.GetPayload(actionResult), 1));
                actionResult.ProcessId = processId;
                actionResult.Amr       = _amrHelper.GetAmr(_resourceOwnerAuthenticateHelper.GetAmrs(), parameter.AmrValues);
                return(actionResult);
            }
            catch (IdentityServerException ex)
            {
                _eventPublisher.Publish(new OAuthErrorReceived(Guid.NewGuid().ToString(), processId, ex.Code, ex.Message, 1));
                throw;
            }
        }