public IActionResult ProcessFlow(HttpRequest request)
        {
            var(clientSecret, validCredentials) = ExtractAndValidateClientCredentials(request);

            if (!validCredentials)
            {
                return(_flowResponses.InvalidClient());
            }

            var success = new JsonResult(new AccessTokenResponse
            {
                AccessToken = _jwtGenerator.GenerateToken(clientSecret),
                ExpiresIn   = (int)TimeSpan.FromMinutes(10).TotalSeconds,
                TokenType   = "Bearer"
            })
            {
                StatusCode = (int)HttpStatusCode.OK
            };

            return(success);
        }
Example #2
0
        public IActionResult ProcessFlow(HttpRequest request)
        {
            var(clientSecret, validCredentials) = ExtractAndValidateClientCredentials(request);

            if (!validCredentials)
            {
                return(_flowResponses.InvalidClient());
            }

            if (!request.Form.ContainsKey("username") ||
                !request.Form.ContainsKey("password") ||
                string.IsNullOrWhiteSpace(request.Form["username"]) ||
                string.IsNullOrWhiteSpace(request.Form["password"]))
            {
                return(_flowResponses.InvalidRequest());
            }

            var username = request.Form["username"];
            var password = request.Form["password"];

            if (!_userCredentialValidator.ValidateCredentials(username, password))
            {
                return(_flowResponses.InvalidGrant());
            }

            var success = new JsonResult(new AccessTokenResponse
            {
                AccessToken = _jwtGenerator.GenerateToken(clientSecret),
                ExpiresIn   = (int)TimeSpan.FromMinutes(10).TotalSeconds,
                TokenType   = "Bearer"
            })
            {
                StatusCode = (int)HttpStatusCode.OK
            };

            return(success);
        }
        public IActionResult ProcessFlow(HttpRequest request)
        {
            var code        = request.Form["code"];
            var redirectUri = request.Form["redirect_uri"];
            var clientId    = request.Form["client_id"];

            if (string.IsNullOrWhiteSpace(clientId) || !_clientManager.IsValidClient(clientId))
            {
                return(_flowResponses.InvalidClient());
            }

            if (!_clientGrantManager.ClientHasGrantType(clientId, GrantType.AuthorizationCode))
            {
                return(_flowResponses.UnauthorizedClient());
            }

            if (string.IsNullOrWhiteSpace(redirectUri) || string.IsNullOrWhiteSpace(code) ||
                !_authorizationCodeValidator.IsValidAuthorizationCode(code, clientId))
            {
                return(_flowResponses.InvalidRequest());
            }

            return(_flowResponses.AccessToken(code));
        }