Ejemplo n.º 1
0
        /// <inheritdoc/>
        public async Task <IEndpointResult> ProcessCompleteAuthorizeRequestAsync(
            NameValueCollection parameters,
            HttpContext context,
            ClaimsPrincipal principal = null)
        {
            _logger.LogTrace("Processing complete authorize request");
            if (_authorizationParametersMessageStore != null)
            {
                _logger.LogTrace("Check parameters from message store");
                var messageStoreId = parameters[Constants.AuthorizationParamsStore.MessageStoreIdParameterName];
                var entry          = await _authorizationParametersMessageStore.ReadAsync(messageStoreId);

                parameters = entry?.Data.FromFullDictionary() ?? new NameValueCollection();

                _logger.LogTrace("Remove parameters from message store");
                await _authorizationParametersMessageStore.DeleteAsync(messageStoreId);
            }

            _logger.LogTrace("Get user session");
            var user = principal ?? await _userSession.GetUserAsync();

            var consentRequest = new ConsentRequest(parameters, user?.GetSubjectId());
            var consent        = await _consentResponseStore.ReadAsync(consentRequest.Id);

            if (consent != null && consent.Data == null)
            {
                _logger.LogWarning("Consent message is missing data");
                return(await _authorizeRequestHandler.CreateErrorResultAsync("consent message is missing data"));
            }

            try
            {
                _logger.LogTrace("Authorize Request processing");
                var result = await _authorizeRequestHandler.ProcessAuthorizeRequestAsync(parameters, user, consent?.Data, context);

                _logger.LogTrace("End Authorize Request. Result type: {0}", result?.GetType().ToString() ?? "-none-");
                return(result);
            }
            finally
            {
                if (consent != null)
                {
                    await _consentResponseStore.DeleteAsync(consentRequest.Id);
                }

                _logger.LogTrace("Complete authorize request completed.");
            }
        }
        public override async Task <IEndpointResult> ProcessAsync(HttpContext context)
        {
            if (!HttpMethods.IsGet(context.Request.Method))
            {
                Logger.LogWarning("Invalid HTTP method for authorize endpoint.");
                return(new StatusCodeResult(HttpStatusCode.MethodNotAllowed));
            }

            Logger.LogDebug("Start authorize callback request");

            var parameters = context.Request.Query.AsNameValueCollection();

            if (_authorizationParametersMessageStore != null)
            {
                var messageStoreId = parameters[Constants.AuthorizationParamsStore.MessageStoreIdParameterName];
                var entry          = await _authorizationParametersMessageStore.ReadAsync(messageStoreId);

                parameters = entry?.Data.FromFullDictionary() ?? new NameValueCollection();

                await _authorizationParametersMessageStore.DeleteAsync(messageStoreId);
            }

            var user = await UserSession.GetUserAsync();

            var consentRequest = new ConsentRequest(parameters, user?.GetSubjectId());
            var consent        = await _consentResponseStore.ReadAsync(consentRequest.Id);

            if (consent != null && consent.Data == null)
            {
                return(await CreateErrorResultAsync("consent message is missing data"));
            }

            try
            {
                var result = await ProcessAuthorizeRequestAsync(parameters, user, consent?.Data);

                Logger.LogTrace("End Authorize Request. Result type: {0}", result?.GetType().ToString() ?? "-none-");

                return(result);
            }
            finally
            {
                if (consent != null)
                {
                    await _consentResponseStore.DeleteAsync(consentRequest.Id);
                }
            }
        }
Ejemplo n.º 3
0
    internal async Task <IEndpointResult> ProcessAuthorizeRequestAsync(NameValueCollection parameters, ClaimsPrincipal user, bool checkConsentResponse = false)
    {
        if (user != null)
        {
            Logger.LogDebug("User in authorize request: {subjectId}", user.GetSubjectId());
        }
        else
        {
            Logger.LogDebug("No user present in authorize request");
        }

        if (checkConsentResponse && _authorizationParametersMessageStore != null)
        {
            var messageStoreId = parameters[Constants.AuthorizationParamsStore.MessageStoreIdParameterName];
            var entry          = await _authorizationParametersMessageStore.ReadAsync(messageStoreId);

            parameters = entry?.Data.FromFullDictionary() ?? new NameValueCollection();

            await _authorizationParametersMessageStore.DeleteAsync(messageStoreId);
        }

        // validate request
        var result = await _validator.ValidateAsync(parameters, user);

        if (result.IsError)
        {
            return(await CreateErrorResultAsync(
                       "Request validation failed",
                       result.ValidatedRequest,
                       result.Error,
                       result.ErrorDescription));
        }

        string consentRequestId = null;

        try
        {
            Message <ConsentResponse> consent = null;

            if (checkConsentResponse)
            {
                var consentRequest = new ConsentRequest(result.ValidatedRequest.Raw, user?.GetSubjectId());
                consentRequestId = consentRequest.Id;
                consent          = await _consentResponseStore.ReadAsync(consentRequestId);

                if (consent != null && consent.Data == null)
                {
                    return(await CreateErrorResultAsync("consent message is missing data"));
                }
            }

            var request = result.ValidatedRequest;
            LogRequest(request);

            // determine user interaction
            var interactionResult = await _interactionGenerator.ProcessInteractionAsync(request, consent?.Data);

            if (interactionResult.IsError)
            {
                return(await CreateErrorResultAsync("Interaction generator error", request, interactionResult.Error, interactionResult.ErrorDescription, false));
            }
            if (interactionResult.IsLogin)
            {
                return(new LoginPageResult(request));
            }
            if (interactionResult.IsConsent)
            {
                return(new ConsentPageResult(request));
            }
            if (interactionResult.IsRedirect)
            {
                return(new CustomRedirectResult(request, interactionResult.RedirectUrl));
            }

            var response = await _authorizeResponseGenerator.CreateResponseAsync(request);

            await RaiseResponseEventAsync(response);

            LogResponse(response);

            return(new AuthorizeResult(response));
        }
        finally
        {
            if (consentRequestId != null)
            {
                await _consentResponseStore.DeleteAsync(consentRequestId);
            }
        }
    }