public async override Task Invoke(IOwinContext context)
{
string code = context.Request.Query["code"];
if (code != null)
{
//extract state
string state = context.Request.Query["state"];
string session_state = context.Request.Query["session_state"];
string signedInUserID = context.Authentication.User.FindFirst(System.IdentityModel.Claims.ClaimTypes.NameIdentifier).Value;
HttpContextBase hcb = context.Environment["System.Web.HttpContextBase"] as HttpContextBase;
SessionTokenCache theCache = new SessionTokenCache(signedInUserID, hcb);
ConfidentialClientApplication cca = new ConfidentialClientApplication(options.ClientId, options.RedirectUri,
new ClientCredential(options.ClientSecret), theCache);
//validate state
CodeRedemptionData crd = OAuth2RequestManager.ValidateState(state, hcb);
if (crd != null)
{//if valid
//redeem code
try
{
AuthenticationResult result = await cca.AcquireTokenByAuthorizationCodeAsync(crd.Scopes, code);
HttpContext.Current.Session.Add("IsAdmin", true);
}
catch (Exception ee)
{
}
//redirect to original requestor
context.Response.StatusCode = 302;
context.Response.Headers.Set("Location", crd.RequestOriginatorUrl);
}
else
{
context.Response.StatusCode = 302;
context.Response.Headers.Set("Location", "/Error?message=" + "code_redeem_failed");
}
}
else
{
await this.Next.Invoke(context);
}
}
public async override Task Invoke(IOwinContext context)
{
string code = context.Request.Query["code"];
if (code != null)
{
//extract state
string state = context.Request.Query["state"];
string session_state = context.Request.Query["session_state"];
HttpContextBase hcb = context.Environment["System.Web.HttpContextBase"] as HttpContextBase;
SessionTokenCacheProvider sessionTokenCacheProvider = new SessionTokenCacheProvider(hcb);
IConfidentialClientApplication cca = AuthorizationCodeProvider.CreateClientApplication(options.ClientId, options.RedirectUri, new ClientCredential(options.ClientSecret), sessionTokenCacheProvider);
//validate state
CodeRedemptionData crd = OAuth2RequestManager.ValidateState(state, hcb);
if (crd != null)
{//if valid
//redeem code
try
{
AuthorizationCodeProvider authorizationCodeProvider = new AuthorizationCodeProvider(cca, crd.Scopes);
await authorizationCodeProvider.GetTokenByAuthorizationCodeAsync(code);
HttpContext.Current.Session.Add("IsAdmin", true);
}
catch (Exception ee)
{
}
//redirect to original requestor
context.Response.StatusCode = 302;
context.Response.Headers.Set("Location", crd.RequestOriginatorUrl);
}
else
{
context.Response.StatusCode = 302;
context.Response.Headers.Set("Location", "/Error?message=" + "code_redeem_failed");
}
}
else
{
await this.Next.Invoke(context);
}
}