public async Task Empty_Parameters()
{
var parameters = new NameValueCollection();
var result = await _validator.ValidateRequestAsync(parameters, _client);
result.IsError.Should().BeTrue();
result.Error.Should().Be(OidcConstants.TokenErrors.InvalidRequest);
}
private async Task <IEndpointResult> ProcessRevocationRequestAsync(HttpContext context)
{
_logger.LogDebug("Start revocation request.");
// validate client
var clientValidationResult = await _clientValidator.ValidateAsync(context);
if (clientValidationResult.IsError)
{
return(new TokenRevocationErrorResult(OidcConstants.TokenErrors.InvalidClient));
}
_logger.LogTrace("Client validation successful");
// validate the token request
var form = (await context.Request.ReadFormAsync()).AsNameValueCollection();
_logger.LogTrace("Calling into token revocation request validator: {type}", _requestValidator.GetType().FullName);
var requestValidationResult = await _requestValidator.ValidateRequestAsync(form, clientValidationResult.Client);
if (requestValidationResult.IsError)
{
return(new TokenRevocationErrorResult(requestValidationResult.Error));
}
_logger.LogTrace("Calling into token revocation response generator: {type}", _responseGenerator.GetType().FullName);
var response = await _responseGenerator.ProcessAsync(requestValidationResult);
if (response.Success)
{
_logger.LogInformation("Token successfully revoked");
await _events.RaiseAsync(new TokenRevokedSuccessEvent(requestValidationResult, requestValidationResult.Client));
}
else
{
_logger.LogInformation("No matching token found");
}
if (response.Error.IsPresent())
{
return(new TokenRevocationErrorResult(response.Error));
}
return(new StatusCodeResult(HttpStatusCode.OK));
}
public async Task <RevocationRawResult> ProcessRawRevocationAsync(IFormCollection formCollection)
{
_logger.LogTrace("Processing token request.");
var rawResult = new RevocationRawResult()
{
StatusCodeResult = new StatusCodeResult(HttpStatusCode.BadRequest)
};
// validate HTTP
if (formCollection.IsNullOrEmpty())
{
_logger.LogWarning($"Invalid {nameof(formCollection)} for token endpoint");
rawResult.ErrorResult = ErrorRevocation(OidcConstants.TokenErrors.InvalidRequest);
return(rawResult);
}
var clientId = formCollection[OidcConstants.TokenRequest.ClientId];
var client = await _clients.FindEnabledClientByIdAsync(clientId);
if (client == null)
{
_logger.LogError($"No client with id '{clientId}' found. aborting");
rawResult.ErrorResult = ErrorRevocation($"{OidcConstants.TokenRequest.ClientId} bad");
return(rawResult);
}
var clientValidationResult = new ClientSecretValidationResult
{
IsError = false,
Client = client,
Secret = null
};
// validate request
var form = formCollection.AsNameValueCollection();
_logger.LogTrace("Calling into token revocation request validator: {type}", _requestValidator.GetType().FullName);
var requestValidationResult = await _revocationRequestValidator.ValidateRequestAsync(form, clientValidationResult.Client);
if (requestValidationResult.IsError)
{
rawResult.ErrorResult = new TokenRevocationErrorResult(requestValidationResult.Error);
return(rawResult);
}
_logger.LogTrace("Calling into token revocation response generator: {type}", _responseGenerator.GetType().FullName);
var response = await _revocationResponseGenerator.ProcessAsync(requestValidationResult);
if (response.Success)
{
_logger.LogInformation("Token successfully revoked");
await _events.RaiseAsync(new TokenRevokedSuccessEvent(requestValidationResult, requestValidationResult.Client));
}
else
{
_logger.LogInformation("No matching token found");
}
if (response.Error.IsPresent())
{
rawResult.ErrorResult = new TokenRevocationErrorResult(response.Error);
return(rawResult);
}
rawResult.StatusCodeResult = new StatusCodeResult(HttpStatusCode.OK);
return(rawResult);
}
private async Task <IEndpointResult> ProcessRevocationRequestAsync(HttpContext context)
{
_logger.LogDebug("Start revocation request.");
// validate client
var clientResult = await _clientValidator.ValidateAsync(context);
var client = clientResult.Client;
if (client == null)
{
return(new RevocationErrorResult(OidcConstants.TokenErrors.InvalidClient));
}
_logger.LogTrace("Client validation successful");
// validate the token request
var form = (await context.Request.ReadFormAsync()).AsNameValueCollection();
var requestResult = await _requestValidator.ValidateRequestAsync(form, client);
if (requestResult.IsError)
{
return(new RevocationErrorResult(requestResult.Error));
}
var success = false;
// revoke tokens
if (requestResult.TokenTypeHint == Constants.TokenTypeHints.AccessToken)
{
_logger.LogTrace("Hint was for access token");
success = await RevokeAccessTokenAsync(requestResult.Token, client);
}
else if (requestResult.TokenTypeHint == Constants.TokenTypeHints.RefreshToken)
{
_logger.LogTrace("Hint was for refresh token");
success = await RevokeRefreshTokenAsync(requestResult.Token, client);
}
else
{
_logger.LogTrace("No hint for token type");
success = await RevokeAccessTokenAsync(requestResult.Token, client);
if (!success)
{
success = await RevokeRefreshTokenAsync(requestResult.Token, client);
requestResult.TokenTypeHint = Constants.TokenTypeHints.RefreshToken;
}
else
{
requestResult.TokenTypeHint = Constants.TokenTypeHints.AccessToken;
}
}
if (success)
{
_logger.LogInformation("Token successfully revoked");
await _events.RaiseAsync(new TokenRevokedSuccessEvent(requestResult, client));
}
else
{
_logger.LogInformation("No matching token found");
}
return(new StatusCodeResult(HttpStatusCode.OK));
}
