private static Uri CreateRedirectHttp(Uri uri, RouteValueDictionary parameters, string responseMode) { return(responseMode switch { ResponseModes.Fragment => uri.AddParametersInFragment(parameters), _ => uri.AddParametersInQuery(parameters) });
public static RedirectResult CreateRedirectHttpTokenResponse( this Uri uri, RouteValueDictionary parameters, string responseMode) { switch (responseMode) { case ResponseModes.Fragment: uri = uri.AddParametersInFragment(parameters); break; case ResponseModes.Query: uri = uri.AddParametersInQuery(parameters); break; case ResponseModes.None: break; case ResponseModes.FormPost: break; default: throw new ArgumentOutOfRangeException(nameof(responseMode), responseMode, null); } return(new RedirectResult(uri.AbsoluteUri)); }
public async Task <Microsoft.AspNetCore.Mvc.ActionResult> Get() { var query = Request.Query; if (query == null) { throw new IdentityServerException( ErrorCodes.InvalidRequestCode, ErrorDescriptions.RequestIsNotValid); } var serializer = new ParamSerializer(); var authorizationRequest = serializer.Deserialize <AuthorizationRequest>(query); authorizationRequest = await ResolveAuthorizationRequest(authorizationRequest); var authenticatedUser = await this.GetAuthenticatedUser(_authenticateOptions.CookieName); var parameter = authorizationRequest.ToParameter(); var actionResult = await _authorizationActions.GetAuthorization(parameter, authenticatedUser); if (actionResult.Type == TypeActionResult.RedirectToCallBackUrl) { var redirectUrl = new Uri(authorizationRequest.RedirectUri); return(this.CreateRedirectHttpTokenResponse(redirectUrl, _actionResultParser.GetRedirectionParameters(actionResult), actionResult.RedirectInstruction.ResponseMode)); } if (actionResult.Type == TypeActionResult.RedirectToAction) { if (actionResult.RedirectInstruction.Action == IdentityServerEndPoints.AuthenticateIndex || actionResult.RedirectInstruction.Action == IdentityServerEndPoints.ConsentIndex) { // Force the resource owner to be reauthenticated if (actionResult.RedirectInstruction.Action == IdentityServerEndPoints.AuthenticateIndex) { authorizationRequest.Prompt = Enum.GetName(typeof(PromptParameter), PromptParameter.login); } // Set the process id into the request. if (!string.IsNullOrWhiteSpace(actionResult.ProcessId)) { authorizationRequest.ProcessId = actionResult.ProcessId; } // Add the encoded request into the query string var encryptedRequest = _dataProtector.Protect(authorizationRequest); actionResult.RedirectInstruction.AddParameter(Core.Constants.StandardAuthorizationResponseNames.AuthorizationCodeName, encryptedRequest); } var url = GetRedirectionUrl(this.Request, actionResult.RedirectInstruction.Action); var uri = new Uri(url); var redirectionUrl = uri.AddParametersInQuery(_actionResultParser.GetRedirectionParameters(actionResult)); return(new RedirectResult(redirectionUrl.AbsoluteUri)); } return(null); }
/// <summary> /// Create a redirection HTTP response message based on the response mode. /// </summary> /// <param name="controller"></param> /// <param name="uri"></param> /// <param name="parameters"></param> /// <param name="responseMode"></param> /// <returns></returns> public static string CreateRedirectHttp( this Controller controller, Uri uri, RouteValueDictionary parameters, ResponseMode responseMode) { switch (responseMode) { case ResponseMode.fragment: uri = uri.AddParametersInFragment(parameters); break; default: uri = uri.AddParametersInQuery(parameters); break; } return(uri.ToString()); }
public static RedirectResult CreateRedirectHttpTokenResponse( this Controller controller, Uri uri, RouteValueDictionary parameters, ResponseMode responseMode) { switch (responseMode) { case ResponseMode.fragment: uri = uri.AddParametersInFragment(parameters); break; case ResponseMode.query: uri = uri.AddParametersInQuery(parameters); break; } return(new RedirectResult(uri.AbsoluteUri)); }
public async Task <IActionResult> Get() { var query = Request.Query; if (query == null) { return(BuildError(ErrorCodes.InvalidRequestCode, "no parameter in body request", HttpStatusCode.BadRequest)); } var originUrl = this.GetOriginUrl(); var sessionId = GetSessionId(); var serializer = new ParamSerializer(); var authorizationRequest = serializer.Deserialize <AuthorizationRequest>(query); authorizationRequest = await ResolveAuthorizationRequest(authorizationRequest).ConfigureAwait(false); authorizationRequest.OriginUrl = originUrl; authorizationRequest.SessionId = sessionId; var authenticatedUser = await _authenticationService.GetAuthenticatedUser(this, Constants.CookieNames.CookieName); var parameter = authorizationRequest.ToParameter(); var issuerName = Request.GetAbsoluteUriWithVirtualPath(); string authenticatedSubject = null; double?authInstant = null; if (authenticatedUser != null) { authenticatedSubject = authenticatedUser.GetSubject(); var authInstantClaim = authenticatedUser.Claims.FirstOrDefault(c => c.Type == Core.Common.StandardClaimNames.AuthenticationTime || c.Type == ClaimTypes.AuthenticationInstant); if (authInstantClaim != null) { authInstant = double.Parse(authInstantClaim.Value); } } var actionResult = await _authorizationActions.GetAuthorization(parameter, issuerName, authenticatedSubject, authInstant); if (actionResult.Type == TypeActionResult.RedirectToCallBackUrl) { var redirectUrl = new Uri(authorizationRequest.RedirectUri); return(this.CreateRedirectHttpTokenResponse(redirectUrl, _actionResultParser.GetRedirectionParameters(actionResult), actionResult.RedirectInstruction.ResponseMode)); } if (actionResult.Type == TypeActionResult.RedirectToAction) { if (actionResult.RedirectInstruction.Action == IdentityServerEndPoints.AuthenticateIndex || actionResult.RedirectInstruction.Action == IdentityServerEndPoints.ConsentIndex) { // Force the resource owner to be reauthenticated if (actionResult.RedirectInstruction.Action == IdentityServerEndPoints.AuthenticateIndex) { authorizationRequest.Prompt = Enum.GetName(typeof(PromptParameter), PromptParameter.login); } // Set the process id into the request. if (!string.IsNullOrWhiteSpace(actionResult.ProcessId)) { authorizationRequest.ProcessId = actionResult.ProcessId; } // Add the encoded request into the query string if (actionResult.AmrLst != null) { authorizationRequest.AmrValues = string.Join(" ", actionResult.AmrLst); } var encryptedRequest = _dataProtector.Protect(authorizationRequest); actionResult.RedirectInstruction.AddParameter(Core.Constants.StandardAuthorizationResponseNames.AuthorizationCodeName, encryptedRequest); } var url = GetRedirectionUrl(Request, actionResult.AmrLst == null || !actionResult.AmrLst.Any() ? null : actionResult.AmrLst.First(), actionResult.RedirectInstruction.Action); var uri = new Uri(url); var redirectionUrl = uri.AddParametersInQuery(_actionResultParser.GetRedirectionParameters(actionResult)); return(new RedirectResult(redirectionUrl.AbsoluteUri)); } return(null); }