IReverseCallClient <EventHorizonConsumerToProducerMessage, EventHorizonProducerToConsumerMessage, ConsumerSubscriptionRequest, Contracts.SubscriptionResponse, ConsumerRequest, ConsumerResponse> CreateClient( MicroserviceAddress microserviceAddress, CancellationToken cancellationToken) { var client = _clientManager.Get <Contracts.Consumer.ConsumerClient>( microserviceAddress.Host, microserviceAddress.Port); return(_reverseCallClients.GetFor <EventHorizonConsumerToProducerMessage, EventHorizonProducerToConsumerMessage, ConsumerSubscriptionRequest, Contracts.SubscriptionResponse, ConsumerRequest, ConsumerResponse>( () => client.Subscribe(cancellationToken: cancellationToken), (message, arguments) => message.SubscriptionRequest = arguments, message => message.SubscriptionResponse, message => message.Request, (message, response) => message.Response = response, (arguments, context) => arguments.CallContext = context, request => request.CallContext, (response, context) => response.CallContext = context, message => message.Ping, (message, pong) => message.Pong = pong, TimeSpan.FromSeconds(7))); }
private Client ValidateClient(ClaimsPrincipal clientPrincipal, Application application) { if (clientPrincipal == null || !clientPrincipal.Identity.IsAuthenticated) { Tracing.Error("Anonymous client."); return(null); } var clientIdClaim = clientPrincipal.FindFirst("client_id"); if (clientIdClaim == null) { Tracing.Error("No client_id provided."); return(null); } var passwordClaim = clientPrincipal.FindFirst("secret"); if (passwordClaim == null) { Tracing.Error("No client secret provided."); return(null); } var client = _clientManager.Get(clientIdClaim.Value); if (client == null) { Tracing.Error("Unable to find client in repository."); return(null); } if (!client.ValidateSharedSecret(passwordClaim.Value)) { Tracing.Error("Invalid client secret."); return(null); } return(client); }
/// <inheritdoc /> public IReverseCallClient <TConnectArguments, TConnectResponse, TRequest, TResponse> GetFor <TClient, TClientMessage, TServerMessage, TConnectArguments, TConnectResponse, TRequest, TResponse>( IReverseCallClientProtocol <TClient, TClientMessage, TServerMessage, TConnectArguments, TConnectResponse, TRequest, TResponse> protocol, string host, int port, TimeSpan pingInterval = default) where TClient : ClientBase <TClient> where TClientMessage : IMessage, new() where TServerMessage : IMessage, new() where TConnectArguments : class where TConnectResponse : class where TRequest : class where TResponse : class { var client = _clientManager.Get <TClient>(host, port); return(new ReverseCallClient <TClient, TClientMessage, TServerMessage, TConnectArguments, TConnectResponse, TRequest, TResponse>( protocol, client, pingInterval == default ? _defaultPingInterval : pingInterval, _metrics, _loggerFactory.CreateLogger <ReverseCallClient <TClient, TClientMessage, TServerMessage, TConnectArguments, TConnectResponse, TRequest, TResponse> >())); }
// GET: Clients public ActionResult Index() { return(View(manager.Get())); }
public async Task <IEnumerable <Client> > Index() { return(await _manager.Get()); }
public ValidatedRequest Validate(Application application, AuthorizeRequest request) { // If the request fails due to a missing, invalid, or mismatching // redirection URI, or if the client identifier is missing or invalid, // the authorization server SHOULD inform the resource owner of the // error and MUST NOT automatically redirect the user-agent to the // invalid redirection URI. var validatedRequest = new ValidatedRequest(); // validate request model binding if (request == null) { throw new AuthorizeRequestResourceOwnerException("Invalid request parameters."); } validatedRequest.Application = application; Tracing.InformationFormat("OAuth2 application: {0} ({1})", validatedRequest.Application.Name, validatedRequest.Application.Namespace); validatedRequest.ShowRememberConsent = application.AllowRememberConsentDecision; // make sure redirect uri is present if (string.IsNullOrWhiteSpace(request.redirect_uri)) { throw new AuthorizeRequestResourceOwnerException("Missing redirect URI"); } // validate client if (string.IsNullOrWhiteSpace(request.client_id)) { throw new AuthorizeRequestResourceOwnerException("Missing client identifier"); } var client = _clientManager.Get(request.client_id); if (client == null) { throw new AuthorizeRequestResourceOwnerException("Invalid client: " + request.client_id); } validatedRequest.Client = client; Tracing.InformationFormat("Client: {0} ({1})", validatedRequest.Client.Name, validatedRequest.Client.ClientId); // make sure redirect_uri is a valid uri, and in case of http is over ssl Uri redirectUri; if (Uri.TryCreate(request.redirect_uri, UriKind.Absolute, out redirectUri)) { if (redirectUri.Scheme == Uri.UriSchemeHttp) { throw new AuthorizeRequestClientException( "Redirect URI not over SSL : " + request.redirect_uri, new Uri(request.redirect_uri), OAuthConstants.Errors.InvalidRequest, string.Empty, validatedRequest.State); } // make sure redirect uri is registered with client var validUri = validatedRequest.Client.RedirectUris.Get(request.redirect_uri); if (validUri == null) { throw new AuthorizeRequestResourceOwnerException("Invalid redirect URI: " + request.redirect_uri); } validatedRequest.RedirectUri = validUri; Tracing.InformationFormat("Redirect URI: {0} ({1})", validatedRequest.RedirectUri.Uri, validatedRequest.RedirectUri.Description); } else { var message = "Invalid redirect URI: " + request.redirect_uri; Tracing.Error(message); throw new AuthorizeRequestResourceOwnerException("Invalid redirect URI: " + request.redirect_uri); } // check state if (!string.IsNullOrWhiteSpace(request.state)) { validatedRequest.State = request.state; Tracing.Information("State: " + validatedRequest.State); } else { Tracing.Information("No state supplied."); } // validate response type if (String.IsNullOrWhiteSpace(request.response_type)) { throw new AuthorizeRequestClientException( "response_type is null or empty", new Uri(validatedRequest.RedirectUri.Uri), OAuthConstants.Errors.InvalidRequest, string.Empty, validatedRequest.State); } // check response type (only code and token are supported) if (!request.response_type.Equals(OAuthConstants.ResponseTypes.Token, StringComparison.Ordinal) && !request.response_type.Equals(OAuthConstants.ResponseTypes.Code, StringComparison.Ordinal)) { throw new AuthorizeRequestClientException( "response_type is not token or code: " + request.response_type, new Uri(validatedRequest.RedirectUri.Uri), OAuthConstants.Errors.UnsupportedResponseType, string.Empty, validatedRequest.State); } validatedRequest.ResponseType = request.response_type; Tracing.Information("Response type: " + validatedRequest.ResponseType); if (request.response_type == OAuthConstants.ResponseTypes.Code) { ValidateCodeResponseType(validatedRequest, request); } else if (request.response_type == OAuthConstants.ResponseTypes.Token) { ValidateTokenResponseType(validatedRequest, request); } else { throw new AuthorizeRequestClientException( "Invalid response_type: " + request.response_type, new Uri(validatedRequest.RedirectUri.Uri), OAuthConstants.Errors.UnsupportedResponseType, request.response_type, validatedRequest.State); } ValidateScopes(request, validatedRequest); // TODO: fix based upon past "remember me" settings validatedRequest.ShowConsent = client.RequireConsent || application.RequireConsent; Tracing.Information("Authorize request validation successful."); return(validatedRequest); }