/// <summary> /// Called for each request to the Token endpoint to determine if the request is valid and should continue. /// The default behavior when using the OAuthAuthorizationServerProvider is to assume well-formed requests, with /// validated client credentials, should continue processing. An application may add any additional constraints. /// </summary> /// <param name="context">The context of the event carries information in and results out.</param> /// <returns>Task to enable asynchronous execution</returns> public override async Task ValidateTokenRequest(OAuthValidateTokenRequestContext context) { this.options.Logger.Debug("Token request is valid"); // Store grant type in context context.OwinContext.GetOAuthContext().GrantType = context.TokenRequest.GrantType; context.Validated(); }
public override Task ValidateTokenRequest(OAuthValidateTokenRequestContext context) { //context.Request.Body.Position = 0; //var reader = new StreamReader(context.Request.Body); //var body = reader.ReadToEnd(); return(base.ValidateTokenRequest(context)); }
public override Task ValidateTokenRequest(OAuthValidateTokenRequestContext context) { var _userAccountService = UserAccountServiceFactory.Create(); if (context.TokenRequest.IsResourceOwnerPasswordCredentialsGrantType) { if (_userAccountService.Authenticate(context.TokenRequest.ResourceOwnerPasswordCredentialsGrant.Scope[0], context.TokenRequest.ResourceOwnerPasswordCredentialsGrant.UserName, context.TokenRequest.ResourceOwnerPasswordCredentialsGrant.Password)) { context.Validated(); } } if (context.TokenRequest.IsRefreshTokenGrantType) { var token = context.TokenRequest.Parameters.Get("refresh_token"); if (!string.IsNullOrEmpty(token)) { context.Validated(); } } return(Task.FromResult <object>(null)); }
private async Task ValidateTokenRequest(OAuthValidateTokenRequestContext context) { var output = context.Request.Get <TextWriter>("host.TraceOutput"); output.WriteLine("Token Request {0} {1}", context.ClientContext.ClientId, context.TokenRequest.GrantType); }
/// <summary> /// Called for each request to the Token endpoint to determine if the request is valid and should continue. /// The default behavior when using the OAuthAuthorizationServerProvider is to assume well-formed requests, with /// validated client credentials, should continue processing. An application may add any additional constraints. /// </summary> /// <param name="context">The context of the event carries information in and results out.</param> /// <returns>Task to enable asynchronous execution</returns> public override async Task ValidateTokenRequest(OAuthValidateTokenRequestContext context) { this.options.Logger.Debug("Token request is valid"); // Store grant type in context context.OwinContext.GetOAuthContext().GrantType = context.TokenRequest.GrantType; context.Validated(); }
/// <summary> /// 验证 access_token 的请求 /// </summary> /// <param name="context"></param> /// <returns></returns> public override async Task ValidateTokenRequest(OAuthValidateTokenRequestContext context) { if (context.TokenRequest.IsClientCredentialsGrantType) { context.Validated(); } else { context.Rejected(); } }
/// <summary> /// 验证 access_token 的请求 /// </summary> public override async Task ValidateTokenRequest(OAuthValidateTokenRequestContext context) { if (context.TokenRequest.IsAuthorizationCodeGrantType || context.TokenRequest.IsRefreshTokenGrantType || context.TokenRequest.IsResourceOwnerPasswordCredentialsGrantType) { context.Validated(); } else { context.Rejected(); } }
private void WriteCorsHeaders(CorsResult result, OAuthValidateTokenRequestContext context) { var headers = result.ToResponseHeaders(); if (headers != null) { foreach (var header in headers) { context.Response.Headers.Append(header.Key, header.Value); } } }
public override async Task ValidateTokenRequest(OAuthValidateTokenRequestContext context) { // valide la requète de token // dans note cas on accepte les requètes de type "authorize code" et "refresh_token" if (context.TokenRequest.IsAuthorizationCodeGrantType || context.TokenRequest.IsRefreshTokenGrantType) { context.Validated(); } else { context.Rejected(); } }
public override async Task ValidateTokenRequest(OAuthValidateTokenRequestContext context) { // valide la requète de token // dans note cas on accepte les requètes de type "authorize code" et "refresh_token" if (context.TokenRequest.IsAuthorizationCodeGrantType || context.TokenRequest.IsRefreshTokenGrantType) { context.Validated(); } else { context.Rejected(); } }
/// <summary> /// 验证 access_token 的请求 /// </summary> public override Task ValidateTokenRequest(OAuthValidateTokenRequestContext context) { if (context.TokenRequest.IsAuthorizationCodeGrantType || context.TokenRequest.IsClientCredentialsGrantType || context.TokenRequest.IsRefreshTokenGrantType || context.TokenRequest.IsResourceOwnerPasswordCredentialsGrantType) { context.Validated(); } else { context.Rejected(); } return(Task.FromResult <object>(null)); }
/// <summary> /// 验证Token请求,限制授权模式 /// </summary> /// <param name="context"></param> /// <returns></returns> public override Task ValidateTokenRequest(OAuthValidateTokenRequestContext context) { //设置暂时只支持密码模式 if (context.TokenRequest.IsResourceOwnerPasswordCredentialsGrantType) { context.Validated(); } else { context.Rejected(); return(Task.FromResult <object>(null)); } return(base.ValidateTokenRequest(context)); }
public override Task ValidateTokenRequest(OAuthValidateTokenRequestContext context) { if (context.TokenRequest.IsResourceOwnerPasswordCredentialsGrantType) { var svc = context.OwinContext.Environment.GetUserAccountService <UserAccount>(); var client = svc.GetByUsername("clients", context.ClientContext.ClientId); var scopes = context.TokenRequest.ResourceOwnerPasswordCredentialsGrant.Scope; if (scopes.All(scope => client.HasClaim("scope", scope))) { context.Validated(); } } return(Task.FromResult <object>(null)); }
/// <summary> /// 验证 access_token 的请求 /// </summary> /// <param name="context"></param> /// <returns></returns> public override async Task ValidateTokenRequest(OAuthValidateTokenRequestContext context) { if (context.TokenRequest.IsClientCredentialsGrantType) { context.Validated(); } //if (context.TokenRequest.IsAuthorizationCodeGrantType || context.TokenRequest.IsRefreshTokenGrantType) //{ // context.Validated(); //} else { context.Rejected(); } }
/// <summary> /// Called at the final stage of a successful Token endpoint request. An application may implement this call in order to do any final /// modification of the claims being used to issue access or refresh tokens. This call may also be used in order to add additional /// response parameters to the Token endpoint's json response body. /// </summary> /// <param name="context">The context of the event carries information in and results out.</param> /// <returns> /// Task to enable asynchronous execution /// </returns> /// <remarks> /// This validates the grant_type accepted and also processes CORS /// </remarks> public override Task ValidateTokenRequest(OAuthValidateTokenRequestContext context) { //TODO: Determine which grant types will will actually support - these will probably be the only ones if (!context.TokenRequest.IsAuthorizationCodeGrantType && !context.TokenRequest.IsResourceOwnerPasswordCredentialsGrantType && !context.TokenRequest.IsRefreshTokenGrantType) { context.Rejected(); context.SetError("invalid_grant_type", "Only grant_type=authorization_code, grant_type=password or grant_type=refresh_token are accepted by this server."); return(Task.FromResult(0)); } ProcessCors(context); return(base.ValidateTokenRequest(context)); }
/// <summary> /// /// </summary> /// <param name="context"></param> /// <returns></returns> public override Task ValidateTokenRequest(OAuthValidateTokenRequestContext context) { return(Task.Factory.StartNew(() => { if (context.TokenRequest.IsAuthorizationCodeGrantType) { context.Validated(); } else if (context.TokenRequest.IsRefreshTokenGrantType) { context.Validated(); } else { context.SetCustomError("请求类型有误"); } })); }
public override async Task ValidateTokenRequest(OAuthValidateTokenRequestContext context) { if (!ObjectId.TryParse(context.ClientContext.ClientId, out var mongoObjectId)) { context.SetError("invalid_request"); return; } var client = await _clientManager.FindClientByIdAsync(context.ClientContext.ClientId); if (client == null) { context.SetError("invalid_client"); } else { context.Validated(); } }
public override Task ValidateTokenRequest(OAuthValidateTokenRequestContext context) { if (context.TokenRequest.IsResourceOwnerPasswordCredentialsGrantType) { var svc = context.OwinContext.Environment.GetUserAccountService <UserAccount>(); //var client = svc.GetByUsername("users", context.Request.ReadFormAsync().Result["username"]); //var scopes = context.TokenRequest.ResourceOwnerPasswordCredentialsGrant.Scope; //if (scopes.All(scope=>client.HasClaim("role", "people"))) //{ // context.Validated(); //} /* Custom validation for authenticated client to request access token */ var client = svc.GetByUsername(context.TokenRequest.ResourceOwnerPasswordCredentialsGrant.UserName); if (svc.Authenticate("users", context.TokenRequest.ResourceOwnerPasswordCredentialsGrant.UserName, context.TokenRequest.ResourceOwnerPasswordCredentialsGrant.Password)) { context.Validated(); } } return(Task.FromResult <object>(null)); }
/// <summary> /// 验证 access_token 的请求 /// </summary> public override async Task ValidateTokenRequest(OAuthValidateTokenRequestContext context) { logger.Debug("ValidateTokenRequest"); if ( context.TokenRequest.IsAuthorizationCodeGrantType || context.TokenRequest.IsClientCredentialsGrantType || context.TokenRequest.IsRefreshTokenGrantType || context.TokenRequest.IsResourceOwnerPasswordCredentialsGrantType ) { /* * Marks this context as validated by the application. IsValidated becomes true * and HasError becomes false as a result of calling. */ var validateResult = await Task.FromResult(context.Validated()); } else { context.Rejected(); } }
public override async Task ValidateTokenRequest(OAuthValidateTokenRequestContext context) { await Task.FromResult(context.Validated()); }
private void ProcessCors(OAuthValidateTokenRequestContext context) { var accessControlRequestMethodHeaders = context.Request.Headers.GetCommaSeparatedValues(CorsConstants.AccessControlRequestMethod); var originHeaders = context.Request.Headers.GetCommaSeparatedValues(CorsConstants.Origin); var accessControlRequestHeaders = context.Request.Headers.GetCommaSeparatedValues(CorsConstants.AccessControlRequestMethod); var corsRequest = new CorsRequestContext { Host = context.Request.Host.Value, HttpMethod = context.Request.Method, Origin = originHeaders?.FirstOrDefault(), RequestUri = context.Request.Uri, AccessControlRequestMethod = accessControlRequestMethodHeaders?.FirstOrDefault() }; if (accessControlRequestHeaders != null) { foreach (var header in context.Request.Headers.GetCommaSeparatedValues(CorsConstants.AccessControlRequestMethod)) { corsRequest.AccessControlRequestHeaders.Add(header); } } var engine = new CorsEngine(); if (corsRequest.IsPreflight) { try { // Make sure Access-Control-Request-Method is valid. var test = new HttpMethod(corsRequest.AccessControlRequestMethod); } catch (ArgumentException) { context.Response.StatusCode = (int)HttpStatusCode.BadRequest; context.SetError("Access Control Request Method Cannot Be Null Or Empty"); //context.RequestCompleted(); return; } catch (FormatException) { context.Response.StatusCode = (int)HttpStatusCode.BadRequest; context.SetError("Invalid Access Control Request Method"); //context.RequestCompleted(); return; } var result = engine.EvaluatePolicy(corsRequest, _options.CorsPolicy); if (!result.IsValid) { context.Response.StatusCode = (int)HttpStatusCode.BadRequest; context.SetError(string.Join(" | ", result.ErrorMessages)); //context.RequestCompleted(); return; } WriteCorsHeaders(result, context); } else { var result = engine.EvaluatePolicy(corsRequest, _options.CorsPolicy); if (result.IsValid) { WriteCorsHeaders(result, context); } } }
public static void SetCustomError(this OAuthValidateTokenRequestContext context, string msg) { context.Rejected(); ResponseWrite(context.Response, msg); }
public Task ValidateTokenRequest(OAuthValidateTokenRequestContext context) { throw new NotImplementedException(); }
public Task ValidateTokenRequest(OAuthValidateTokenRequestContext context) { throw new NotImplementedException(); }
/// <summary> /// 验证令牌 /// </summary> /// <param name="context"></param> /// <returns></returns> public override Task ValidateTokenRequest(OAuthValidateTokenRequestContext context) { context.Validated(); return(Task.FromResult <object>(context)); }
public override async Task ValidateTokenRequest(OAuthValidateTokenRequestContext context) { await base.ValidateTokenRequest(context); }
public override Task ValidateTokenRequest(OAuthValidateTokenRequestContext context) { if (context.TokenRequest.IsResourceOwnerPasswordCredentialsGrantType) { var svc = context.OwinContext.Environment.GetUserAccountService<UserAccount>(); var client = svc.GetByUsername("clients", context.ClientContext.ClientId); var scopes = context.TokenRequest.ResourceOwnerPasswordCredentialsGrant.Scope; if (scopes.All(scope=>client.HasClaim("scope", scope))) { context.Validated(); } } return Task.FromResult<object>(null); }
private void WriteCorsHeaders(CorsResult result, OAuthValidateTokenRequestContext context) { var headers = result.ToResponseHeaders(); if (headers != null) { foreach (var header in headers) { context.Response.Headers.Append(header.Key, header.Value); } } }
public override Task ValidateTokenRequest(OAuthValidateTokenRequestContext context) { return base.ValidateTokenRequest(context); }
public override Task ValidateTokenRequest(OAuthValidateTokenRequestContext context) { if (context.TokenRequest.IsResourceOwnerPasswordCredentialsGrantType) { var svc = context.OwinContext.Environment.GetUserAccountService<UserAccount>(); //var client = svc.GetByUsername("users", context.Request.ReadFormAsync().Result["username"]); //var scopes = context.TokenRequest.ResourceOwnerPasswordCredentialsGrant.Scope; //if (scopes.All(scope=>client.HasClaim("role", "people"))) //{ // context.Validated(); //} /* Custom validation for authenticated client to request access token */ var client = svc.GetByUsername(context.TokenRequest.ResourceOwnerPasswordCredentialsGrant.UserName); if (svc.Authenticate("users", context.TokenRequest.ResourceOwnerPasswordCredentialsGrant.UserName, context.TokenRequest.ResourceOwnerPasswordCredentialsGrant.Password)) { context.Validated(); } } return Task.FromResult<object>(null); }
/// <summary> /// Called for each request to the Token endpoint to determine if the request is valid and should continue. /// The default behavior when using the OAuthAuthorizationServerProvider is to assume well-formed requests, with /// validated client credentials, should continue processing. An application may add any additional constraints. /// </summary> /// <param name="context">The context of the event carries information in and results out.</param> /// <returns>Task to enable asynchronous execution</returns> public virtual Task ValidateTokenRequest(OAuthValidateTokenRequestContext context) { return OnValidateTokenRequest.Invoke(context); }
/// <summary> /// /// </summary> /// <param name="context"></param> /// <returns></returns> public override Task ValidateTokenRequest(OAuthValidateTokenRequestContext context) { return(base.ValidateTokenRequest(context)); }
private void ProcessCors(OAuthValidateTokenRequestContext context) { var accessControlRequestMethodHeaders = context.Request.Headers.GetCommaSeparatedValues(CorsConstants.AccessControlRequestMethod); var originHeaders = context.Request.Headers.GetCommaSeparatedValues(CorsConstants.Origin); var accessControlRequestHeaders = context.Request.Headers.GetCommaSeparatedValues(CorsConstants.AccessControlRequestMethod); var corsRequest = new CorsRequestContext { Host = context.Request.Host.Value, HttpMethod = context.Request.Method, Origin = originHeaders == null ? null : originHeaders.FirstOrDefault(), RequestUri = context.Request.Uri, AccessControlRequestMethod = accessControlRequestMethodHeaders == null ? null : accessControlRequestMethodHeaders.FirstOrDefault() }; if (accessControlRequestHeaders != null) { foreach (var header in context.Request.Headers.GetCommaSeparatedValues(CorsConstants.AccessControlRequestMethod)) { corsRequest.AccessControlRequestHeaders.Add(header); } } var engine = new CorsEngine(); if (corsRequest.IsPreflight) { try { // Make sure Access-Control-Request-Method is valid. var test = new HttpMethod(corsRequest.AccessControlRequestMethod); } catch (ArgumentException) { context.Response.StatusCode = (int)HttpStatusCode.BadRequest; context.SetError("Access Control Request Method Cannot Be Null Or Empty"); //context.RequestCompleted(); return; } catch (FormatException) { context.Response.StatusCode = (int)HttpStatusCode.BadRequest; context.SetError("Invalid Access Control Request Method"); //context.RequestCompleted(); return; } var result = engine.EvaluatePolicy(corsRequest, _options.CorsPolicy); if (!result.IsValid) { context.Response.StatusCode = (int)HttpStatusCode.BadRequest; context.SetError(string.Join(" | ", result.ErrorMessages)); //context.RequestCompleted(); return; } WriteCorsHeaders(result, context); } else { var result = engine.EvaluatePolicy(corsRequest, _options.CorsPolicy); if (result.IsValid) { WriteCorsHeaders(result, context); } } }
private async Task ValidateTokenRequest(OAuthValidateTokenRequestContext context) { var output = context.Request.Get<TextWriter>("host.TraceOutput"); output.WriteLine("Token Request {0} {1}", context.ClientContext.ClientId, context.TokenRequest.GrantType); }