protected override async Task <bool> GetHtmlAsync(IOwinEnvironment context, IClient client, CancellationToken cancellationToken)
{
var queryString = QueryStringParser.Parse(context.Request.QueryString, _logger);
var spToken = queryString.GetString("sptoken");
if (string.IsNullOrEmpty(spToken))
{
return(await HttpResponse.Redirect(context, _configuration.Web.ForgotPassword.Uri));
}
var application = await client.GetApplicationAsync(_configuration.Application.Href, cancellationToken);
try
{
await application.VerifyPasswordResetTokenAsync(spToken, cancellationToken);
var viewModelBuilder = new ChangePasswordFormViewModelBuilder(client, _configuration);
var changePasswordViewModel = viewModelBuilder.Build();
await RenderViewAsync(context, _configuration.Web.ChangePassword.View, changePasswordViewModel, cancellationToken);
return(true);
}
catch (ResourceException)
{
return(await HttpResponse.Redirect(context, _configuration.Web.ChangePassword.ErrorUri));
}
}
protected override async Task <bool> PostHtmlAsync(IOwinEnvironment context, IClient client, ContentType bodyContentType, CancellationToken cancellationToken)
{
var queryString = QueryStringParser.Parse(context.Request.QueryString, _logger);
var body = await context.Request.GetBodyAsStringAsync(cancellationToken);
var model = PostBodyParser.ToModel <ChangePasswordPostModel>(body, bodyContentType, _logger);
var formData = FormContentParser.Parse(body, _logger);
var stateToken = formData.GetString(StringConstants.StateTokenName);
var parsedStateToken = new StateTokenParser(client, _configuration.Client.ApiKey, stateToken, _logger);
if (!parsedStateToken.Valid)
{
var viewModelBuilder = new ChangePasswordFormViewModelBuilder(client, _configuration);
var changePasswordViewModel = viewModelBuilder.Build();
changePasswordViewModel.Errors.Add("An error occurred. Please try again.");
await RenderViewAsync(context, _configuration.Web.ChangePassword.View, changePasswordViewModel, cancellationToken);
return(true);
}
if (!model.Password.Equals(model.ConfirmPassword, StringComparison.Ordinal))
{
var viewModelBuilder = new ChangePasswordFormViewModelBuilder(client, _configuration);
var changePasswordViewModel = viewModelBuilder.Build();
changePasswordViewModel.Errors.Add("Passwords do not match.");
await RenderViewAsync(context, _configuration.Web.ChangePassword.View, changePasswordViewModel, cancellationToken);
return(true);
}
var spToken = queryString.GetString("sptoken");
var application = await client.GetApplicationAsync(_configuration.Application.Href, cancellationToken);
IAccount account;
try
{
account = await application.VerifyPasswordResetTokenAsync(spToken, cancellationToken);
}
catch (ResourceException)
{
return(await HttpResponse.Redirect(context, _configuration.Web.ChangePassword.ErrorUri));
}
var preChangePasswordContext = new PreChangePasswordContext(context, account);
await _handlers.PreChangePasswordHandler(preChangePasswordContext, cancellationToken);
try
{
await application.ResetPasswordAsync(spToken, model.Password, cancellationToken);
}
catch (ResourceException rex)
{
var viewModelBuilder = new ChangePasswordFormViewModelBuilder(client, _configuration);
var changePasswordViewModel = viewModelBuilder.Build();
changePasswordViewModel.Errors.Add(rex.Message);
await RenderViewAsync(context, _configuration.Web.ChangePassword.View, changePasswordViewModel, cancellationToken);
return(true);
}
var postChangePasswordContext = new PostChangePasswordContext(context, account);
await _handlers.PostChangePasswordHandler(postChangePasswordContext, cancellationToken);
// TODO autologin
return(await HttpResponse.Redirect(context, _configuration.Web.ChangePassword.NextUri));
}