public async Task <TokenRawResult> ProcessRawAsync(IFormCollection formCollection)
        {
            _logger.LogTrace("Processing token request.");

            var rawResult = new TokenRawResult();

            // validate HTTP
            if (formCollection.IsNullOrEmpty())
            {
                _logger.LogWarning($"Invalid {nameof(formCollection)} for token endpoint");
                rawResult.TokenErrorResult = Error(OidcConstants.TokenErrors.InvalidRequest);
                return(rawResult);
            }

            var clientId = formCollection[OidcConstants.TokenRequest.ClientId];
            var client   = await _clients.FindEnabledClientByIdAsync(clientId);

            if (client == null)
            {
                _logger.LogError($"No client with id '{clientId}' found. aborting");
                rawResult.TokenErrorResult = Error($"{OidcConstants.TokenRequest.ClientId} bad",
                                                   $"No client with id '{clientId}' found. aborting");
                return(rawResult);
            }

            var clientSecretValidationResult = new ClientSecretValidationResult
            {
                IsError = false,
                Client  = client,
                Secret  = null
            };

            // validate request
            var form = formCollection.AsNameValueCollection();

            _logger.LogTrace("Calling into token request validator: {type}", _requestValidator.GetType().FullName);
            var requestResult = await _requestValidator.ValidateRequestAsync(form, clientSecretValidationResult);

            if (requestResult.IsError)
            {
                await _events.RaiseAsync(new TokenIssuedFailureEvent(requestResult));

                rawResult.TokenErrorResult = Error(requestResult.Error, requestResult.ErrorDescription, requestResult.CustomResponse);
                return(rawResult);
            }

            // create response
            _logger.LogTrace("Calling into token request response generator: {type}", _responseGenerator.GetType().FullName);
            var response = await _responseGenerator.ProcessAsync(requestResult);

            await _events.RaiseAsync(new TokenIssuedSuccessEvent(response, requestResult));

            LogTokens(response, requestResult);

            // return result
            _logger.LogDebug("Token request success.");
            rawResult.TokenResult = new TokenResult(response);
            return(rawResult);
        }
        private async Task <IEndpointResult> ProcessTokenRequestAsync(HttpContext context)
        {
            _logger.LogDebug("Start token request.");
            // validate request
            var form     = (await context.Request.ReadFormAsync()).AsNameValueCollection();
            var userName = form.Get(OidcConstants.TokenRequest.UserName);
            var password = form.Get(OidcConstants.TokenRequest.Password);
            var scope    = form.Get(OidcConstants.TokenRequest.Scope);

            if (scope == "phone_number")
            {
                var getUserByPhoneNumber = await _usersService.GetByPhoneNumberOTP(userName, password);

                if (getUserByPhoneNumber != null)
                {
                    form.Remove("username");
                    form.Remove("password");
                    form.Remove("scope");
                    form.Add("username", getUserByPhoneNumber.Username);
                    form.Add("password", getUserByPhoneNumber.Password);
                    scope = null;
                    //form.Add("scope", "openid");
                }
            }
            // validate client
            var clientResult = await _clientValidator.ValidateAsync(context);

            if (clientResult.Client == null)
            {
                return(Error(OidcConstants.TokenErrors.InvalidClient));
            }

            // validate request
            //var form = (await context.Request.ReadFormAsync()).AsNameValueCollection();
            _logger.LogTrace("Calling into token request validator: {type}", _requestValidator.GetType().FullName);
            var requestResult = await _requestValidator.ValidateRequestAsync(form, clientResult);

            if (requestResult.IsError)
            {
                await _events.RaiseAsync(new TokenIssuedFailureEvent(requestResult));

                return(Error(requestResult.Error, requestResult.ErrorDescription, requestResult.CustomResponse));
            }

            // create response
            _logger.LogTrace("Calling into token request response generator: {type}", _responseGenerator.GetType().FullName);
            var response = await _responseGenerator.ProcessAsync(requestResult);

            await _events.RaiseAsync(new TokenIssuedSuccessEvent(response, requestResult));

            LogTokens(response, requestResult);

            // return result
            _logger.LogDebug("Token request success.");
            return(new TokenResult(response));
        }
Example #3
0
        private async Task <IEndpointResult> ProcessTokenRequestAsync(HttpContext context)
        {
            _logger.LogTrace("Start token request.");

            // validate client
            var clientResult = await _clientValidator.ValidateAsync(context);

            if (clientResult.Client == null)
            {
                _logger.LogDebug("Invalid client");
                return(Error(OidcConstants.TokenErrors.InvalidClient));
            }

            // validate request
            var form = (await context.Request.ReadFormAsync()).AsNameValueCollection();

            if (_logger.IsEnabled(LogLevel.Trace))
            {
                _logger.LogTrace("Calling into token request validator: {type}", _requestValidator.GetType().FullName);
            }

            var requestResult = await _requestValidator.ValidateRequestAsync(form, clientResult);

            if (requestResult.IsError)
            {
                _logger.LogDebug("Token issued failure");
                await _events.RaiseAsync(new TokenIssuedFailureEvent(requestResult));

                return(Error(requestResult.Error, requestResult.ErrorDescription, requestResult.CustomResponse));
            }

            _logger.LogDebug("Get IP address and device type");
            requestResult.ValidatedRequest.ClientIp = context.GetRequestIp();
            requestResult.ValidatedRequest.Device   = context
                                                      .GetHeaderValueAs <string>("User-Agent")
                                                      .GetDevice();

            // create response
            if (_logger.IsEnabled(LogLevel.Trace))
            {
                _logger.LogTrace("Calling into token request response generator: {type}", _responseGenerator.GetType().FullName);
            }

            var response = await _responseGenerator.ProcessAsync(requestResult);

            _logger.LogTrace("Raise token issued successfully event");
            await _events.RaiseAsync(new TokenIssuedSuccessEvent(response, requestResult));

            LogTokens(response, requestResult);

            // return result
            _logger.LogDebug("Token request success.");
            return(new TokenResult(response));
        }
Example #4
0
        private async Task <IEndpointResult> ProcessTokenRequestAsync(HttpContext context)
        {
            _logger.LogDebug("Start token request.");

            // validate client
            var clientResult = await _clientValidator.ValidateAsync(context);

            if (clientResult.Client == null)
            {
                return(Error(OidcConstants.TokenErrors.InvalidClient));
            }

            // validate request
            var form = (await context.Request.ReadFormAsync()).AsNameValueCollection();

            _logger.LogTrace("Calling into token request validator: {type}", _requestValidator.GetType().FullName);
            var requestResult = await _requestValidator.ValidateRequestAsync(form, clientResult);

            if (requestResult.IsError)
            {
                await _events.RaiseAsync(new TokenIssuedFailureEvent(requestResult));

                return(Error(requestResult.Error, requestResult.ErrorDescription, requestResult.CustomResponse));
            }

            // create response
            _logger.LogTrace("Calling into token request response generator: {type}", _responseGenerator.GetType().FullName);
            var response = await _responseGenerator.ProcessAsync(requestResult);

            await _events.RaiseAsync(new TokenIssuedSuccessEvent(response, requestResult));

            LogTokens(response, requestResult);

            // return result
            _logger.LogDebug("Token request success.");
            return(new TokenResult(response));
        }