public async Task <JObject> Handle(string clientId, HandlerContext handlerContext, CancellationToken cancellationToken)
{
var oauthClient = await GetClient(clientId, handlerContext, cancellationToken);
var extractedClient = ExtractClient(handlerContext);
if (extractedClient.ClientId != oauthClient.ClientId)
{
Logger.LogError("the client identifier must be identical");
throw new OAuthException(ErrorCodes.INVALID_REQUEST, ErrorMessages.CLIENT_IDENTIFIER_MUST_BE_IDENTICAL);
}
if (extractedClient.Secrets.Any() && extractedClient.Secrets.First(_ => _.Type == ClientSecretTypes.SharedSecret).Value != oauthClient.Secrets.First(_ => _.Type == ClientSecretTypes.SharedSecret).Value)
{
Logger.LogError("the client secret must be identical");
throw new OAuthException(ErrorCodes.INVALID_REQUEST, ErrorMessages.CLIENT_SECRET_MUST_BE_IDENTICAL);
}
extractedClient.ClientId = clientId;
extractedClient.Secrets = oauthClient.Secrets;
extractedClient.RegistrationAccessToken = oauthClient.RegistrationAccessToken;
extractedClient.UpdateDateTime = DateTime.UtcNow;
extractedClient.CreateDateTime = oauthClient.CreateDateTime;
await _oauthClientValidator.Validate(extractedClient, cancellationToken);
await OAuthClientCommandRepository.Update(extractedClient, cancellationToken);
await OAuthClientCommandRepository.SaveChanges(cancellationToken);
Logger.LogInformation($"the client '{clientId}' has been updated");
return(null);
}
public async Task <JObject> Handle(HandlerContext handlerContext, CancellationToken cancellationToken)
{
await ExtractSoftwareStatement(handlerContext.Request.Data);
var oauthClient = ExtractClient(handlerContext);
await _oauthClientValidator.Validate(oauthClient, cancellationToken);
OAuthClientCommandRepository.Add(oauthClient);
await OAuthClientCommandRepository.SaveChanges(cancellationToken);
return(BuildResponse(oauthClient, handlerContext.Request.IssuerName));
}
/// <summary>
/// 验证请求中的客户端Id与客户端密钥的合法性
/// </summary>
/// <param name="context"></param>
/// <returns></returns>
public override async Task ValidateClientAuthentication(OAuthValidateClientAuthenticationContext context)
{
string clientId, clientSecret;
context.TryGetBasicCredentials(out clientId, out clientSecret);
//判断客户端Id与客户端密钥的合法性,不合法的拦截
bool validated = await _ioAuthClientValidator.Validate(clientId, clientSecret);
if (!validated)
{
context.SetError("invalid_client", "client is not valid.");
return;
}
context.Validated(clientId);
await base.ValidateClientAuthentication(context);
}