public virtual async Task <bool> HandleRequestAsync() { var notification = new MatchEndpointContext(Context, Scheme, Options); if (Options.AuthorizationEndpointPath.HasValue && Options.AuthorizationEndpointPath.IsEquivalentTo(Request.Path)) { notification.MatchAuthorizationEndpoint(); } else if (Options.ConfigurationEndpointPath.HasValue && Options.ConfigurationEndpointPath.IsEquivalentTo(Request.Path)) { notification.MatchConfigurationEndpoint(); } else if (Options.CryptographyEndpointPath.HasValue && Options.CryptographyEndpointPath.IsEquivalentTo(Request.Path)) { notification.MatchCryptographyEndpoint(); } else if (Options.IntrospectionEndpointPath.HasValue && Options.IntrospectionEndpointPath.IsEquivalentTo(Request.Path)) { notification.MatchIntrospectionEndpoint(); } else if (Options.LogoutEndpointPath.HasValue && Options.LogoutEndpointPath.IsEquivalentTo(Request.Path)) { notification.MatchLogoutEndpoint(); } else if (Options.RevocationEndpointPath.HasValue && Options.RevocationEndpointPath.IsEquivalentTo(Request.Path)) { notification.MatchRevocationEndpoint(); } else if (Options.TokenEndpointPath.HasValue && Options.TokenEndpointPath.IsEquivalentTo(Request.Path)) { notification.MatchTokenEndpoint(); } else if (Options.UserinfoEndpointPath.HasValue && Options.UserinfoEndpointPath.IsEquivalentTo(Request.Path)) { notification.MatchUserinfoEndpoint(); } await Provider.MatchEndpoint(notification); if (notification.Result != null) { if (notification.Result.Handled) { Logger.LogDebug("The request was handled in user code."); return(true); } else if (notification.Result.Skipped) { Logger.LogDebug("The default request handling was skipped from user code."); return(false); } } // Reject non-HTTPS requests handled by ASOS if AllowInsecureHttp is not set to true. if (!Options.AllowInsecureHttp && !Request.IsHttps) { // Return the native error page for endpoints involving the user participation. if (notification.IsAuthorizationEndpoint || notification.IsLogoutEndpoint) { Logger.LogWarning("The current request was rejected because the OpenID Connect server middleware " + "has been configured to reject HTTP requests. To permanently disable the transport " + "security requirement, set 'OpenIdConnectServerOptions.AllowInsecureHttp' to 'true'."); return(await SendNativePageAsync(new OpenIdConnectResponse { Error = OpenIdConnectConstants.Errors.InvalidRequest, ErrorDescription = "This server only accepts HTTPS requests." })); } // Return a JSON error for endpoints that don't involve the user participation. else if (notification.IsConfigurationEndpoint || notification.IsCryptographyEndpoint || notification.IsIntrospectionEndpoint || notification.IsRevocationEndpoint || notification.IsTokenEndpoint || notification.IsUserinfoEndpoint) { Logger.LogWarning("The current request was rejected because the OpenID Connect server middleware " + "has been configured to reject HTTP requests. To permanently disable the transport " + "security requirement, set 'OpenIdConnectServerOptions.AllowInsecureHttp' to 'true'."); return(await SendPayloadAsync(new OpenIdConnectResponse { Error = OpenIdConnectConstants.Errors.InvalidRequest, ErrorDescription = "This server only accepts HTTPS requests." })); } } if (notification.IsAuthorizationEndpoint) { return(await InvokeAuthorizationEndpointAsync()); } else if (notification.IsConfigurationEndpoint) { return(await InvokeConfigurationEndpointAsync()); } else if (notification.IsCryptographyEndpoint) { return(await InvokeCryptographyEndpointAsync()); } else if (notification.IsIntrospectionEndpoint) { return(await InvokeIntrospectionEndpointAsync()); } else if (notification.IsLogoutEndpoint) { return(await InvokeLogoutEndpointAsync()); } else if (notification.IsRevocationEndpoint) { return(await InvokeRevocationEndpointAsync()); } else if (notification.IsTokenEndpoint) { return(await InvokeTokenEndpointAsync()); } else if (notification.IsUserinfoEndpoint) { return(await InvokeUserinfoEndpointAsync()); } return(false); }
/// <summary> /// Represents an event called for each HTTP request to determine if /// it should be handled by the OpenID Connect server middleware. /// </summary> /// <param name="context">The context instance associated with this event.</param> /// <returns>A <see cref="Task"/> that can be used to monitor the asynchronous operation.</returns> public virtual Task MatchEndpoint(MatchEndpointContext context) => OnMatchEndpoint(context);