public async Task <IActionResult> Create(HandlerContext context, CancellationToken cancellationToken)
        {
            try
            {
                var oauthClient = await _clientAuthenticationHelper.AuthenticateClient(context.Request.HttpHeader, context.Request.RequestData, context.Request.Certificate, context.Request.IssuerName, cancellationToken, ErrorCodes.INVALID_REQUEST);

                context.SetClient(oauthClient);
                var user = await _bcAuthorizeRequestValidator.ValidateCreate(context, cancellationToken);

                context.SetUser(user);
                var requestedExpiry = context.Request.RequestData.GetRequestedExpiry();
                var interval        = context.Request.RequestData.GetInterval();
                if (requestedExpiry == null)
                {
                    requestedExpiry = _options.AuthRequestExpirationTimeInSeconds;
                }

                var currentDateTime = DateTime.UtcNow;
                var openidClient    = oauthClient as OpenIdClient;
                var permissions     = await GetPermissions(context.Client.ClientId, context.User.Id, cancellationToken);

                var bcAuthorize = Domains.BCAuthorize.Create(
                    currentDateTime.AddSeconds(requestedExpiry.Value),
                    oauthClient.ClientId,
                    interval ?? _options.DefaultBCAuthorizeWaitIntervalInSeconds,
                    openidClient.BCClientNotificationEndpoint,
                    openidClient.BCTokenDeliveryMode,
                    context.Request.RequestData.GetScopesFromAuthorizationRequest(),
                    context.User.Id,
                    context.Request.RequestData.GetClientNotificationToken(),
                    permissions);
                bcAuthorize.IncrementNextFetchTime();
                await _bcAuthorizeRepository.Add(bcAuthorize, cancellationToken);

                await _bcAuthorizeRepository.SaveChanges(cancellationToken);

                foreach (var grp in permissions.GroupBy(p => p.ConsentId))
                {
                    await _bcNotificationService.Notify(context, bcAuthorize.Id, grp.ToArray(), cancellationToken);
                }

                return(new OkObjectResult(new JObject
                {
                    { BCAuthenticationResponseParameters.AuthReqId, bcAuthorize.Id },
                    { BCAuthenticationResponseParameters.ExpiresIn, requestedExpiry.Value }
                }));
            }
            catch (OAuthUnauthorizedException ex)
            {
                return(BaseCredentialsHandler.BuildError(HttpStatusCode.Unauthorized, ex.Code, ex.Message));
            }
            catch (OAuthException ex)
            {
                return(BaseCredentialsHandler.BuildError(HttpStatusCode.BadRequest, ex.Code, ex.Message));
            }
        }
Esempio n. 2
0
        public virtual Task <IActionResult> Handle(HandlerContext context, CancellationToken token)
        {
            var handler = _handlers.FirstOrDefault(h => h.GrantType == context.Request.RequestData.GetGrantType());

            if (handler == null)
            {
                return(Task.FromResult(BaseCredentialsHandler.BuildError(HttpStatusCode.BadRequest, ErrorCodes.INVALID_GRANT, ErrorMessages.BAD_GRANT_TYPE)));
            }

            return(handler.Handle(context, token));
        }
Esempio n. 3
0
        public virtual async Task <IActionResult> UpdateUserByScimId(string id, [FromBody] JObject jObj, CancellationToken cancellationToken)
        {
            try
            {
                await _updateUserBySCIMIdHandler.Handle(id, jObj, cancellationToken);

                return(new NoContentResult());
            }
            catch (OAuthUserNotFoundException ex)
            {
                return(BaseCredentialsHandler.BuildError(HttpStatusCode.NotFound, ex.Code, ex.Message));
            }
        }
Esempio n. 4
0
        public virtual async Task <IActionResult> GetUserByScimId(string id, CancellationToken cancellationToken)
        {
            try
            {
                var result = await _getUserBySCIMIdHandler.Handle(id, cancellationToken);

                return(new OkObjectResult(result));
            }
            catch (OAuthUserNotFoundException ex)
            {
                return(BaseCredentialsHandler.BuildError(HttpStatusCode.NotFound, ex.Code, ex.Message));
            }
        }
Esempio n. 5
0
        public virtual async Task <IActionResult> AddUserByScimId([FromBody] JObject jObj, CancellationToken cancellationToken)
        {
            try
            {
                var result = await _addOAuthUserBySCIMIdHandler.Handle(jObj, cancellationToken);

                return(new NoContentResult());
            }
            catch (OAuthException ex)
            {
                return(BaseCredentialsHandler.BuildError(HttpStatusCode.BadRequest, ex.Code, ex.Message));
            }
        }
Esempio n. 6
0
        public virtual async Task <IActionResult> GetOTPQRByEmailCode(string id, CancellationToken cancellationToken)
        {
            try
            {
                var result = await _getOTPQRCodeHandler.Handle(id, SimpleIdServer.Jwt.Constants.UserClaims.Email, cancellationToken);

                return(GetImage(result));
            }
            catch (OAuthUserNotFoundException ex)
            {
                return(BaseCredentialsHandler.BuildError(HttpStatusCode.NotFound, ex.Code, ex.Message));
            }
        }
        public async Task <IActionResult> Disable(string id, CancellationToken cancellationToken)
        {
            try
            {
                await _disableAuthSchemeProviderHandler.Handle(id, cancellationToken);

                return(new NoContentResult());
            }
            catch (UnknownAuthSchemeProviderException ex)
            {
                return(BaseCredentialsHandler.BuildError(HttpStatusCode.NotFound, ex.Code, ex.Message));
            }
        }
        public async Task <IActionResult> Get(string id, CancellationToken cancellationToken)
        {
            try
            {
                var result = await _getAuthSchemeProviderHandler.Handle(id, cancellationToken);

                return(new OkObjectResult(result));
            }
            catch (UnknownAuthSchemeProviderException ex)
            {
                return(BaseCredentialsHandler.BuildError(HttpStatusCode.NotFound, ex.Code, ex.Message));
            }
        }
        public async Task <IActionResult> UpdateOptions(string id, [FromBody] JObject jObj, CancellationToken cancellationToken)
        {
            try
            {
                await _updateAuthSchemeProviderOptionsHandler.Handle(id, jObj, cancellationToken);

                return(new NoContentResult());
            }
            catch (UnknownAuthSchemeProviderException ex)
            {
                return(BaseCredentialsHandler.BuildError(HttpStatusCode.NotFound, ex.Code, ex.Message));
            }
            catch (OAuthException ex)
            {
                return(BaseCredentialsHandler.BuildError(HttpStatusCode.BadRequest, ex.Code, ex.Message));
            }
        }
Esempio n. 10
0
        public async Task <IActionResult> Handle(HandlerContext context, CancellationToken cancellationToken)
        {
            try
            {
                var deviceRegistrationToken = context.Request.RequestData.GetDeviceRegistrationToken();
                var user = await _bcDeviceRegistrationValidator.Validate(context, cancellationToken);

                user.DeviceRegistrationToken = deviceRegistrationToken;
                await _oauthUserCommandRepository.Update(user, cancellationToken);

                await _oauthUserCommandRepository.SaveChanges(cancellationToken);

                return(new NoContentResult());
            }
            catch (OAuthException ex)
            {
                return(BaseCredentialsHandler.BuildError(HttpStatusCode.BadRequest, ex.Code, ex.Message));
            }
        }
        public async Task <IActionResult> Reject(HandlerContext context, CancellationToken cancellationToken)
        {
            try
            {
                var authRequest = await _bcAuthorizeRequestValidator.ValidateReject(context, cancellationToken);

                authRequest.Reject();
                await RejectPermissions(authRequest.Permissions, cancellationToken);

                await _bcAuthorizeRepository.Update(authRequest, cancellationToken);

                await _bcAuthorizeRepository.SaveChanges(cancellationToken);

                return(new NoContentResult());
            }
            catch (OAuthException ex)
            {
                return(BaseCredentialsHandler.BuildError(HttpStatusCode.BadRequest, ex.Code, ex.Message));
            }
        }
        public async Task <IActionResult> Confirm(HandlerContext context, CancellationToken cancellationToken)
        {
            try
            {
                var validationResult = await _bcAuthorizeRequestValidator.ValidateConfirm(context, cancellationToken);

                context.SetUser(validationResult.User);
                validationResult.Authorize.Confirm(context.Request.RequestData.GetPermissionIds());
                await ConfirmPermissions(validationResult.Authorize.Permissions.Where(p => p.IsConfirmed), cancellationToken);

                await _bcAuthorizeRepository.Update(validationResult.Authorize, cancellationToken);

                await _bcAuthorizeRepository.SaveChanges(cancellationToken);

                return(new NoContentResult());
            }
            catch (OAuthException ex)
            {
                return(BaseCredentialsHandler.BuildError(HttpStatusCode.BadRequest, ex.Code, ex.Message));
            }
        }