/// <summary>
/// Prepares the login request.
/// </summary>
/// <param name="frontChannelParameters">extra parameters to send to the authorize endpoint.</param>
/// /// <param name="cancellationToken">A token that can be used to cancel the request</param>
/// <returns>State for initiating the authorize request and processing the response</returns>
public virtual async Task <AuthorizeState> PrepareLoginAsync(FrontChannelParameters frontChannelParameters = null, CancellationToken cancellationToken = default)
{
_logger.LogTrace("PrepareLoginAsync");
await EnsureConfigurationAsync(cancellationToken);
return(_authorizeClient.CreateAuthorizeState(frontChannelParameters));
}
internal string CreateAuthorizeUrl(string state, string nonce, string codeChallenge,
FrontChannelParameters frontChannelParameters)
{
_logger.LogTrace("CreateAuthorizeUrl");
var parameters = CreateAuthorizeParameters(state, nonce, codeChallenge, frontChannelParameters);
var request = new RequestUrl(_options.ProviderInformation.AuthorizeEndpoint);
return(request.Create(parameters));
}
internal Parameters CreateAuthorizeParameters(
string state,
string nonce,
string codeChallenge,
FrontChannelParameters frontChannelParameters)
{
_logger.LogTrace("CreateAuthorizeParameters");
var parameters = new Parameters
{
{ OidcConstants.AuthorizeRequest.ResponseType, OidcConstants.ResponseTypes.Code },
{ OidcConstants.AuthorizeRequest.Nonce, nonce },
{ OidcConstants.AuthorizeRequest.State, state },
{ OidcConstants.AuthorizeRequest.CodeChallenge, codeChallenge },
{ OidcConstants.AuthorizeRequest.CodeChallengeMethod, OidcConstants.CodeChallengeMethods.Sha256 },
};
if (_options.ClientId.IsPresent())
{
parameters.Add(OidcConstants.AuthorizeRequest.ClientId, _options.ClientId);
}
if (_options.Scope.IsPresent())
{
parameters.Add(OidcConstants.AuthorizeRequest.Scope, _options.Scope);
}
if (_options.RedirectUri.IsPresent())
{
parameters.Add(OidcConstants.AuthorizeRequest.RedirectUri, _options.RedirectUri);
}
if (frontChannelParameters != null)
{
foreach (var resource in frontChannelParameters.Resource)
{
parameters.Add(OidcConstants.AuthorizeRequest.Resource, resource);
}
foreach (var entry in frontChannelParameters.Extra)
{
parameters.Add(entry.Key, entry.Value);
}
}
return(parameters);
}
public AuthorizeState CreateAuthorizeState(FrontChannelParameters frontChannelParameters)
{
_logger.LogTrace("CreateAuthorizeStateAsync");
var pkce = _crypto.CreatePkceData();
var state = new AuthorizeState
{
Nonce = _crypto.CreateNonce(),
State = _crypto.CreateState(),
RedirectUri = _options.RedirectUri,
CodeVerifier = pkce.CodeVerifier,
};
state.StartUrl = CreateAuthorizeUrl(state.State, state.Nonce, pkce.CodeChallenge, frontChannelParameters);
_logger.LogDebug(LogSerializer.Serialize(state));
return(state);
}