public ActionResult HandleRequest(AuthorizeRequest request)
{
Tracing.Information("OAuth2 HandleRequest endpoint invoked");
// check client
Client client;
var error = CheckRequest(request, out client);
if (error != null)
{
return(error);
}
RelyingParty rp;
if (!RPRepository.TryGet(request.scope, out rp))
{
Tracing.Error("RP not found for scope : " + request.scope);
return(ClientError(client.RedirectUri, OAuth2Constants.Errors.InvalidScope, request.response_type,
request.state));
}
if (Configuration.OAuth2.EnableConsent)
{
// show resource name, uri and client name
// client is trying to access resource on your behalf
var vm = new OAuth2ConsentViewModel
{
ResourceUri = rp.Realm.AbsoluteUri,
ResourceName = rp.Name,
ClientName = client.ClientId,
RefreshTokenEnabled = client.AllowRefreshToken
};
return(View("ShowConsent", vm));
}
var grantResult = PerformGrant(request, client);
if (grantResult != null)
{
return(grantResult);
}
// we don't know exactly why, so use ServerError
Tracing.Error("Authorization Endpoint failed");
return(ClientError(client.RedirectUri, OAuth2Constants.Errors.InvalidRequest, request.response_type,
request.state));
}
public ActionResult HandleRequest(AuthorizeRequest request)
{
Tracing.Information("OAuth2 HandleRequest endpoint invoked");
// check client
Client client;
var error = CheckRequest(request, out client);
if (error != null) return error;
RelyingParty rp;
if (!RPRepository.TryGet(request.scope, out rp))
{
Tracing.Error("RP not found for scope : " + request.scope);
return ClientError(client.RedirectUri, OAuth2Constants.Errors.InvalidScope, request.response_type,
request.state);
}
if (Configuration.OAuth2.EnableConsent)
{
// show resource name, uri and client name
// client is trying to access resource on your behalf
var vm = new OAuth2ConsentViewModel
{
ResourceUri = rp.Realm.AbsoluteUri,
ResourceName = rp.Name,
ClientName = client.ClientId,
RefreshTokenEnabled = client.AllowRefreshToken
};
return View("ShowConsent", vm);
}
var grantResult = PerformGrant(request, client);
if (grantResult != null) return grantResult;
// we don't know exactly why, so use ServerError
Tracing.Error("Authorization Endpoint failed");
return ClientError(client.RedirectUri, OAuth2Constants.Errors.InvalidRequest, request.response_type,
request.state);
}
