public void Json_is_valid_post_body_type() { var result = ContentNegotiation.DetectBodyType(ApplicationJson); result.Success.Should().BeTrue(); result.ContentType.ToString().Should().Be(ApplicationJson); }
public void Form_urlencoded_is_valid_post_body_type() { var result = ContentNegotiation.DetectBodyType(FormUrlEncoded); result.Success.Should().BeTrue(); result.ContentType.ToString().Should().Be(FormUrlEncoded); }
protected virtual Task <bool> PostAsync(IOwinEnvironment context, IClient client, ContentNegotiationResult contentNegotiationResult, CancellationToken cancellationToken) { var rawBodyContentType = context.Request.Headers.GetString("Content-Type"); var bodyContentTypeDetectionResult = ContentNegotiation.DetectBodyType(rawBodyContentType); if (!bodyContentTypeDetectionResult.Success) { throw new Exception($"The Content-Type '{rawBodyContentType}' is invalid."); } if (contentNegotiationResult.ContentType == ContentType.Json) { return(PostJsonAsync(context, client, bodyContentTypeDetectionResult.ContentType, cancellationToken)); } if (contentNegotiationResult.ContentType == ContentType.Html) { return(PostHtmlAsync(context, client, bodyContentTypeDetectionResult.ContentType, cancellationToken)); } // Do nothing and pass on to next middleware. return(Task.FromResult(false)); }
protected override async Task <bool> PostAsync(IOwinEnvironment context, IClient client, ContentNegotiationResult contentNegotiationResult, CancellationToken cancellationToken) { Caching.AddDoNotCacheHeaders(context); var rawBodyContentType = context.Request.Headers.GetString("Content-Type"); var bodyContentTypeDetectionResult = ContentNegotiation.DetectBodyType(rawBodyContentType); var isValidContentType = bodyContentTypeDetectionResult.Success && bodyContentTypeDetectionResult.ContentType == ContentType.FormUrlEncoded; if (!isValidContentType) { await Error.Create <OauthInvalidRequest>(context, cancellationToken); return(true); } var requestBody = await context.Request.GetBodyAsStringAsync(cancellationToken); var formData = FormContentParser.Parse(requestBody, _logger); var grantType = formData.GetString("grant_type"); if (string.IsNullOrEmpty(grantType)) { await Error.Create <OauthInvalidRequest>(context, cancellationToken); return(true); } try { if (grantType.Equals("client_credentials", StringComparison.OrdinalIgnoreCase) && _configuration.Web.Oauth2.Client_Credentials.Enabled) { await ExecuteClientCredentialsFlow(context, client, cancellationToken); return(true); } if (grantType.Equals("password", StringComparison.OrdinalIgnoreCase) && _configuration.Web.Oauth2.Password.Enabled) { var username = WebUtility.UrlDecode(formData.GetString("username")); var password = WebUtility.UrlDecode(formData.GetString("password")); await ExecutePasswordFlow(context, client, username, password, cancellationToken); return(true); } if (grantType.Equals("refresh_token", StringComparison.OrdinalIgnoreCase) && _configuration.Web.Oauth2.Password.Enabled) { var refreshToken = WebUtility.UrlDecode(formData.GetString("refresh_token")); await ExecuteRefreshFlow(context, client, refreshToken, cancellationToken); return(true); } } catch (ResourceException rex) { // Special handling of API errors for the OAuth route return(await Error.Create(context, new OauthError(rex.Message, rex.GetProperty("error")), cancellationToken)); } return(await Error.Create <OauthUnsupportedGrant>(context, cancellationToken)); }
public void TextHtml_is_valid_post_body_type() { var result = ContentNegotiation.DetectBodyType(TextHtml); result.Success.Should().BeFalse(); }
public void TextPlain_is_valid_post_body_type() { var result = ContentNegotiation.DetectBodyType("text/plain"); result.Success.Should().BeFalse(); }