public async Task <ActionResult> Execute(AuthorizationParameter authorizationParameter, IPrincipal principal, Core.Common.Models.Client client, string issuerName)
{
if (authorizationParameter == null)
{
throw new ArgumentNullException(nameof(authorizationParameter));
}
if (client == null)
{
throw new ArgumentNullException(nameof(client));
}
if (string.IsNullOrWhiteSpace(authorizationParameter.Nonce))
{
throw new IdentityServerExceptionWithState(
ErrorCodes.InvalidRequestCode,
string.Format(ErrorDescriptions.MissingParameter, Constants.StandardAuthorizationRequestParameterNames.NonceName),
authorizationParameter.State);
}
var claimsPrincipal = principal == null ? null : principal as ClaimsPrincipal;
_oauthEventSource.StartHybridFlow(
authorizationParameter.ClientId,
authorizationParameter.Scope,
authorizationParameter.Claims == null ? string.Empty : authorizationParameter.Claims.ToString());
var result = await _processAuthorizationRequest.ProcessAsync(authorizationParameter, claimsPrincipal, client, issuerName);
if (!_clientValidator.CheckGrantTypes(client, GrantType.@implicit, GrantType.authorization_code))
{
throw new IdentityServerExceptionWithState(
ErrorCodes.InvalidRequestCode,
string.Format(ErrorDescriptions.TheClientDoesntSupportTheGrantType,
authorizationParameter.ClientId,
"implicit"),
authorizationParameter.State);
}
if (result.Type == TypeActionResult.RedirectToCallBackUrl)
{
if (claimsPrincipal == null)
{
throw new IdentityServerExceptionWithState(
ErrorCodes.InvalidRequestCode,
ErrorDescriptions.TheResponseCannotBeGeneratedBecauseResourceOwnerNeedsToBeAuthenticated,
authorizationParameter.State);
}
await _generateAuthorizationResponse.ExecuteAsync(result, authorizationParameter, claimsPrincipal, client, issuerName);
}
var actionTypeName = Enum.GetName(typeof(TypeActionResult), result.Type);
_oauthEventSource.EndHybridFlow(
authorizationParameter.ClientId,
actionTypeName,
result.RedirectInstruction == null ? string.Empty : Enum.GetName(typeof(IdentityServerEndPoints), result.RedirectInstruction.Action));
return(result);
}
public async Task <ActionResult> Execute(AuthorizationParameter authorizationParameter, IPrincipal principal, Client client)
{
if (authorizationParameter == null)
{
throw new ArgumentNullException(nameof(authorizationParameter));
}
if (client == null)
{
throw new ArgumentNullException(nameof(client));
}
var claimsPrincipal = principal == null ? null : principal as ClaimsPrincipal;
_simpleIdentityServerEventSource.StartAuthorizationCodeFlow(
authorizationParameter.ClientId,
authorizationParameter.Scope,
authorizationParameter.Claims == null ? string.Empty : authorizationParameter.Claims.ToString());
var result = await _processAuthorizationRequest.ProcessAsync(authorizationParameter, claimsPrincipal, client);
if (!_clientValidator.CheckGrantTypes(client, GrantType.authorization_code)) // 1. Check the client is authorized to use the authorization_code flow.
{
throw new IdentityServerExceptionWithState(
ErrorCodes.InvalidRequestCode,
string.Format(ErrorDescriptions.TheClientDoesntSupportTheGrantType,
authorizationParameter.ClientId,
"authorization_code"),
authorizationParameter.State);
}
if (result.Type == TypeActionResult.RedirectToCallBackUrl)
{
if (claimsPrincipal == null)
{
throw new IdentityServerExceptionWithState(
ErrorCodes.InvalidRequestCode,
ErrorDescriptions.TheResponseCannotBeGeneratedBecauseResourceOwnerNeedsToBeAuthenticated,
authorizationParameter.State);
}
await _generateAuthorizationResponse.ExecuteAsync(result, authorizationParameter, claimsPrincipal, client);
}
var actionTypeName = Enum.GetName(typeof(TypeActionResult), result.Type);
_simpleIdentityServerEventSource.EndAuthorizationCodeFlow(
authorizationParameter.ClientId,
actionTypeName,
result.RedirectInstruction == null ? string.Empty : Enum.GetName(typeof(IdentityServerEndPoints), result.RedirectInstruction.Action));
return(result);
}
public async Task <ActionResult> Execute(AuthorizationParameter authorizationParameter, Client client, string issuerName, string authenticatedSubject = null, double?authInst = null)
{
if (authorizationParameter == null)
{
throw new ArgumentNullException(nameof(authorizationParameter));
}
if (client == null)
{
throw new ArgumentNullException(nameof(client));
}
if (string.IsNullOrWhiteSpace(authorizationParameter.Nonce))
{
throw new IdentityServerExceptionWithState(
ErrorCodes.InvalidRequestCode,
string.Format(ErrorDescriptions.MissingParameter, Constants.StandardAuthorizationRequestParameterNames.NonceName),
authorizationParameter.State);
}
_oAuthEventSource.StartImplicitFlow(
authorizationParameter.ClientId,
authorizationParameter.Scope,
authorizationParameter.Claims == null ? string.Empty : authorizationParameter.Claims.ToString());
if (!_clientValidator.CheckGrantTypes(client, GrantType.@implicit))
{
throw new IdentityServerExceptionWithState(
ErrorCodes.InvalidRequestCode,
string.Format(ErrorDescriptions.TheClientDoesntSupportTheGrantType,
authorizationParameter.ClientId,
"implicit"),
authorizationParameter.State);
}
var result = await _processAuthorizationRequest.ProcessAsync(authorizationParameter, client, issuerName, authenticatedSubject, authInst).ConfigureAwait(false);
if (result.Type == TypeActionResult.RedirectToCallBackUrl)
{
await _generateAuthorizationResponse.ExecuteAsync(result, authorizationParameter, client, issuerName, authenticatedSubject).ConfigureAwait(false);
}
var actionTypeName = Enum.GetName(typeof(TypeActionResult), result.Type);
_oAuthEventSource.EndImplicitFlow(
authorizationParameter.ClientId,
actionTypeName,
result.RedirectInstruction == null ? string.Empty : Enum.GetName(typeof(IdentityServerEndPoints), result.RedirectInstruction.Action));
return(result);
}
public async Task <ActionResult> Execute(AuthorizationParameter authorizationParameter, Core.Common.Models.Client client, string issuerName, string authenticatedSubject = null, double?authInst = null)
{
if (authorizationParameter == null)
{
throw new ArgumentNullException(nameof(authorizationParameter));
}
if (client == null)
{
throw new ArgumentNullException(nameof(client));
}
_oAuthEventSource.StartAuthorizationCodeFlow(
authorizationParameter.ClientId,
authorizationParameter.Scope,
authorizationParameter.Claims == null ? string.Empty : authorizationParameter.Claims.ToString());
var result = await _processAuthorizationRequest.ProcessAsync(authorizationParameter, client, issuerName, authenticatedSubject, authInst);
if (!_clientValidator.CheckGrantTypes(client, GrantType.authorization_code)) // 1. Check the client is authorized to use the authorization_code flow.
{
throw new IdentityServerExceptionWithState(
ErrorCodes.InvalidRequestCode,
string.Format(ErrorDescriptions.TheClientDoesntSupportTheGrantType,
authorizationParameter.ClientId,
"authorization_code"),
authorizationParameter.State);
}
if (result.Type == TypeActionResult.RedirectToCallBackUrl)
{
if (string.IsNullOrWhiteSpace(authenticatedSubject))
{
throw new IdentityServerExceptionWithState(
ErrorCodes.InvalidRequestCode,
ErrorDescriptions.TheResponseCannotBeGeneratedBecauseResourceOwnerNeedsToBeAuthenticated,
authorizationParameter.State);
}
await _generateAuthorizationResponse.ExecuteAsync(result, authorizationParameter, client, issuerName, authenticatedSubject).ConfigureAwait(false);
}
var actionTypeName = Enum.GetName(typeof(TypeActionResult), result.Type);
_oAuthEventSource.EndAuthorizationCodeFlow(
authorizationParameter.ClientId,
actionTypeName,
result.RedirectInstruction == null ? string.Empty : Enum.GetName(typeof(IdentityServerEndPoints), result.RedirectInstruction.Action));
return(result);
}