Esempio n. 1
0
        public async Task <ActionResult> Authorize(ClientAuthorisationModel model)
        {
            if (!string.IsNullOrEmpty(Request.Form.Get("Grant")))
            {
                var client =
                    await _clientManager.FindClientByIdAsync(model.Id).ConfigureAwait(false);

                if (client == null)
                {
                    var errorModel = new AuthErrorModel("Invalid request", "Unknown client");
                    return(View("AuthorizeError", errorModel));
                }
                var user = User.Identity as ClaimsIdentity;
                if (!user.HasClaim(CustomClaimTypes.AuthorisedClient, client.Id))
                {
                    var result = await UserManager.AddClaimAsync(user.GetUserId(), new Claim(CustomClaimTypes.AuthorisedClient, client.Id)).ConfigureAwait(false);
                }
            }
            else if (!string.IsNullOrEmpty(Request.Form.Get("Logout")))
            {
                AuthenticationManager.SignOut(DefaultAuthenticationTypes.ApplicationCookie);
                AuthenticationManager.Challenge(DefaultAuthenticationTypes.ApplicationCookie);
                return(new HttpUnauthorizedResult());
            }
            var redirectUri = $"{Paths.AuthorisePath}?{Request.RawUrl.Split('?')[1]}";

            return(Redirect(redirectUri));
        }
Esempio n. 2
0
        public ActionResult Authorize()
        {
            var clientId    = Server.UrlDecode(Request.QueryString.Get("client_id"));
            var redirectUri = Server.UrlDecode(Request.QueryString.Get("redirect_uri"));
            var client      = _clientManager.Clients.SingleOrDefault(c => c.Id == clientId && c.RedirectUrl == redirectUri);

            if (client == null)
            {
                var errorModel = new AuthErrorModel("Invalid request", "Invalid request. Unknown client");
                return(View("AuthorizeError", errorModel));
            }
            var user = User.Identity as ClaimsIdentity;

            if (user.HasClaim(c => c.Type.Equals(CustomClaimTypes.AuthorisedClient) && c.Value.Equals(client.Id)))
            {
                ViewBag.UserAlreadyAuthorisedClient = true;
            }
            var viewModel = new ClientAuthorisationModel
            {
                Id          = client.Id,
                Name        = client.Name,
                RedirectUrl = client.RedirectUrl
            };

            viewModel.Scopes.AddRange(_scopeContext.ToList()
                                      .Where(s => client.Scopes.Contains(s.Name)).Select(i => i.Description));
            return(View(viewModel));
        }