C# (CSharp) AuthenticationRequest.Validate Examples

Example #1

File: Broker.cs Project: waliarubal/ActiveDirectoryBroker

        public AuthenticationResponse Authenticate(AuthenticationRequest request)
        {
            var response = new AuthenticationResponse();

            if (request == null)
            {
                response.Message = "Empty request received.";
                return(response);
            }

            response.Message = request.Validate();
            if (!string.IsNullOrEmpty(response.Message))
            {
                return(response);
            }

            try
            {
                using (var context = new PrincipalContext(ContextType.Domain, request.Domain))
                {
                    response.IsValid = context.ValidateCredentials(request.UserName, request.Password, ContextOptions.Negotiate);
                    response.Message = response.IsValid ? string.Empty : "Invalid user name and/or password.";
                }
            }
            catch (Exception ex)
            {
                response.Message = ex.Message;
            }


            return(response);
        }

Example #2

        private void ValidateAuthenticationRequest(OidcDownClient client, AuthenticationRequest authenticationRequest, bool requireCodeFlow)
        {
            try
            {
                var  responseType   = authenticationRequest.ResponseType.ToSpaceList();
                bool isImplicitFlow = !responseType.Contains(IdentityConstants.ResponseTypes.Code);
                authenticationRequest.Validate(isImplicitFlow);

                if (requireCodeFlow)
                {
                    if (responseType.Where(rt => !rt.Equals(IdentityConstants.ResponseTypes.Code)).Any())
                    {
                        throw new OAuthRequestException($"Require '{IdentityConstants.ResponseTypes.Code}' flow with PKCE.")
                              {
                                  RouteBinding = RouteBinding, Error = IdentityConstants.ResponseErrors.InvalidRequest
                              };
                    }
                }

                if (!client.RedirectUris.Any(u => u.Equals(authenticationRequest.RedirectUri, StringComparison.InvariantCultureIgnoreCase)))
                {
                    throw new OAuthRequestException($"Invalid redirect Uri '{authenticationRequest.RedirectUri}'.")
                          {
                              RouteBinding = RouteBinding, Error = IdentityConstants.ResponseErrors.InvalidRequest
                          };
                }

                if (!client.ClientId.Equals(authenticationRequest.ClientId, StringComparison.InvariantCultureIgnoreCase))
                {
                    throw new OAuthRequestException($"Invalid client id '{authenticationRequest.ClientId}'.")
                          {
                              RouteBinding = RouteBinding, Error = IdentityConstants.ResponseErrors.InvalidClient
                          };
                }

                if (!authenticationRequest.Scope.Contains(IdentityConstants.DefaultOidcScopes.OpenId))
                {
                    throw new OAuthRequestException($"Require '{IdentityConstants.DefaultOidcScopes.OpenId}' scope.")
                          {
                              RouteBinding = RouteBinding, Error = IdentityConstants.ResponseErrors.InvalidScope
                          };
                }
                var resourceScopes = oauthResourceScopeLogic.GetResourceScopes(client as TClient);
                var invalidScope   = authenticationRequest.Scope.ToSpaceList().Where(s => !(resourceScopes.Select(rs => rs).Contains(s) || (client.Scopes != null && client.Scopes.Select(ps => ps.Scope).Contains(s))) && IdentityConstants.DefaultOidcScopes.OpenId != s);
                if (invalidScope.Count() > 0)
                {
                    throw new OAuthRequestException($"Invalid scope '{authenticationRequest.Scope}'.")
                          {
                              RouteBinding = RouteBinding, Error = IdentityConstants.ResponseErrors.InvalidScope
                          };
                }

                ValidateResponseType(client, authenticationRequest, responseType);

                if (!authenticationRequest.ResponseMode.IsNullOrEmpty())
                {
                    var invalidResponseMode = !(new[] { IdentityConstants.ResponseModes.Fragment, IdentityConstants.ResponseModes.Query, IdentityConstants.ResponseModes.FormPost }.Contains(authenticationRequest.ResponseMode));
                    if (invalidResponseMode)
                    {
                        throw new OAuthRequestException($"Invalid response mode '{authenticationRequest.ResponseMode}'.")
                              {
                                  RouteBinding = RouteBinding, Error = IdentityConstants.ResponseErrors.InvalidRequest
                              };
                    }
                }
            }
            catch (ArgumentException ex)
            {
                throw new OAuthRequestException(ex.Message, ex)
                      {
                          RouteBinding = RouteBinding, Error = IdentityConstants.ResponseErrors.InvalidRequest
                      };
            }
        }