public async Task <ActionResult> Authorize([FromForm] PostAuthorizeRequest request, CancellationToken ct)
{
var client = await _ioAuthClientsService.GetByClientIdAsync(request.client_id, ct);
if (!client.IsValid())
{
return(BadRequest("Client not found"));
}
if (!client.IsMatchRedirectUri(request))
{
return(BadRequest("Invalid redirect uri"));
}
if (!client.IsScopesInclude(request.scope))
{
return(BadRequest("Invalid scopes"));
}
var response = await _oauthService.AuthorizeAsync(
request.Country,
request.Login,
request.Password,
request.response_type,
request.redirect_uri,
request.state,
IpAddress,
UserAgent,
request.scope.ToScopeList(),
client.Audience,
ct);
if (response.IsInvalidCredentials)
{
var newRequest = new GetAuthorizeRequest
{
client_id = request.client_id,
response_type = request.response_type,
scope = request.scope,
state = request.state,
redirect_uri = request.redirect_uri,
IsInvalidCredentials = true
};
return(RedirectToAction("Authorize", newRequest));
}
return(Redirect(response.CallbackUri));
}
