public async Task <ActionResult> PostRevoke()
{
if (Request.Form == null)
{
throw new ArgumentNullException(nameof(Request.Form));
}
var serializer = new ParamSerializer();
var revocationRequest = serializer.Deserialize <RevocationRequest>(Request.Form);
// 1. Fetch the authorization header
StringValues authorizationHeader;
AuthenticationHeaderValue authenticationHeaderValue = null;
if (Request.Headers.TryGetValue("Authorization", out authorizationHeader))
{
var authorizationHeaderValue = authorizationHeader.First();
var splittedAuthorizationHeaderValue = authorizationHeaderValue.Split(' ');
if (splittedAuthorizationHeaderValue.Count() == 2)
{
authenticationHeaderValue = new AuthenticationHeaderValue(
splittedAuthorizationHeaderValue[0],
splittedAuthorizationHeaderValue[1]);
}
}
// 2. Revoke the token
var issuerName = Request.GetAbsoluteUriWithVirtualPath();
await _tokenActions.RevokeToken(revocationRequest.ToParameter(), authenticationHeaderValue, GetCertificate(), issuerName);
return(new OkResult());
}
public async Task <Introspection> Post()
{
if (Request.Form == null)
{
throw new ArgumentNullException(nameof(Request.Form));
}
var serializer = new ParamSerializer();
var introspectionRequest = serializer.Deserialize <IntrospectionRequest>(Request.Form);
StringValues authorizationHeader;
AuthenticationHeaderValue authenticationHeaderValue = null;
if (Request.Headers.TryGetValue("Authorization", out authorizationHeader))
{
var authorizationHeaderValue = authorizationHeader.First();
var splittedAuthorizationHeaderValue = authorizationHeaderValue.Split(' ');
if (splittedAuthorizationHeaderValue.Count() == 2)
{
authenticationHeaderValue = new AuthenticationHeaderValue(
splittedAuthorizationHeaderValue[0],
splittedAuthorizationHeaderValue[1]);
}
}
var result = await _introspectionActions.PostIntrospection(introspectionRequest.ToParameter(), authenticationHeaderValue);
return(result.ToDto());
}
public void DeserializeCollection()
{
var serializer = new ParamSerializer();
var collection = new NameValueCollection
{
{ "Prop1", "test" },
{ "Prop2", "10" },
{ "Prop3", "32.45" },
{ "Prop4", "true" },
{ "Prop5", "2013-10-03" },
{ "Prop6", "test1" },
{ "Prop6", "test2" },
{ "Prop6", "test3" },
{ "Prop6", "test4" },
};
var startObj = new FakeObject
{
Prop1 = "test",
Prop2 = 10,
Prop3 = 32.45,
Prop4 = true,
Prop5 = new DateTime(2013, 10, 3),
Prop6 = new[] { "test1", "test2", "test3", "test4" },
};
var endObj = serializer.Deserialize<FakeObject>(collection);
Assert.AreEqual(startObj, endObj);
}
public void DeserializeCollection()
{
var serializer = new ParamSerializer();
var collection = new NameValueCollection
{
{ "Prop1", "test" },
{ "Prop2", "10" },
{ "Prop3", "32.45" },
{ "Prop4", "true" },
{ "Prop5", "2013-10-03" },
{ "Prop6", "test1" },
{ "Prop6", "test2" },
{ "Prop6", "test3" },
{ "Prop6", "test4" },
};
var startObj = new FakeObject
{
Prop1 = "test",
Prop2 = 10,
Prop3 = 32.45,
Prop4 = true,
Prop5 = new DateTime(2013, 10, 3),
Prop6 = new[] { "test1", "test2", "test3", "test4" },
};
var endObj = serializer.Deserialize <FakeObject>(collection);
Assert.AreEqual(startObj, endObj);
}
public async Task <Microsoft.AspNetCore.Mvc.ActionResult> Get()
{
var query = Request.Query;
if (query == null)
{
throw new IdentityServerException(
ErrorCodes.InvalidRequestCode,
ErrorDescriptions.RequestIsNotValid);
}
var serializer = new ParamSerializer();
var authorizationRequest = serializer.Deserialize <AuthorizationRequest>(query);
authorizationRequest = await ResolveAuthorizationRequest(authorizationRequest);
var authenticatedUser = await this.GetAuthenticatedUser(_authenticateOptions.CookieName);
var parameter = authorizationRequest.ToParameter();
var actionResult = await _authorizationActions.GetAuthorization(parameter, authenticatedUser);
if (actionResult.Type == TypeActionResult.RedirectToCallBackUrl)
{
var redirectUrl = new Uri(authorizationRequest.RedirectUri);
return(this.CreateRedirectHttpTokenResponse(redirectUrl,
_actionResultParser.GetRedirectionParameters(actionResult),
actionResult.RedirectInstruction.ResponseMode));
}
if (actionResult.Type == TypeActionResult.RedirectToAction)
{
if (actionResult.RedirectInstruction.Action == IdentityServerEndPoints.AuthenticateIndex ||
actionResult.RedirectInstruction.Action == IdentityServerEndPoints.ConsentIndex)
{
// Force the resource owner to be reauthenticated
if (actionResult.RedirectInstruction.Action == IdentityServerEndPoints.AuthenticateIndex)
{
authorizationRequest.Prompt = Enum.GetName(typeof(PromptParameter), PromptParameter.login);
}
// Set the process id into the request.
if (!string.IsNullOrWhiteSpace(actionResult.ProcessId))
{
authorizationRequest.ProcessId = actionResult.ProcessId;
}
// Add the encoded request into the query string
var encryptedRequest = _dataProtector.Protect(authorizationRequest);
actionResult.RedirectInstruction.AddParameter(Core.Constants.StandardAuthorizationResponseNames.AuthorizationCodeName,
encryptedRequest);
}
var url = GetRedirectionUrl(this.Request, actionResult.RedirectInstruction.Action);
var uri = new Uri(url);
var redirectionUrl = uri.AddParametersInQuery(_actionResultParser.GetRedirectionParameters(actionResult));
return(new RedirectResult(redirectionUrl.AbsoluteUri));
}
return(null);
}
protected void Page_Load(object sender, EventArgs e)
{
var serializer = new ParamSerializer();
var foo = serializer.Deserialize <Foo>(Request.Form);
this.ResponseOutput.Text = JsonConvert.SerializeObject(foo);
}
protected void Page_Load(object sender, EventArgs e)
{
var serializer = new ParamSerializer();
var foo = serializer.Deserialize<Foo>(Request.Form);
this.ResponseOutput.Text = JsonConvert.SerializeObject(foo);
}
public async Task <TokenResponse> PostToken()
{
var certificate = GetCertificate();
if (Request.Form == null)
{
throw new ArgumentNullException(nameof(Request.Form));
}
var serializer = new ParamSerializer();
var tokenRequest = serializer.Deserialize <TokenRequest>(Request.Form);
GrantedToken result = null;
StringValues authorizationHeader;
AuthenticationHeaderValue authenticationHeaderValue = null;
if (Request.Headers.TryGetValue("Authorization", out authorizationHeader))
{
var authorizationHeaderValue = authorizationHeader.First();
var splittedAuthorizationHeaderValue = authorizationHeaderValue.Split(' ');
if (splittedAuthorizationHeaderValue.Count() == 2)
{
authenticationHeaderValue = new AuthenticationHeaderValue(
splittedAuthorizationHeaderValue[0],
splittedAuthorizationHeaderValue[1]);
}
}
switch (tokenRequest.GrantType)
{
case GrantTypes.password:
var resourceOwnerParameter = tokenRequest.ToResourceOwnerGrantTypeParameter();
result = await _tokenActions.GetTokenByResourceOwnerCredentialsGrantType(resourceOwnerParameter, authenticationHeaderValue, certificate);
break;
case GrantTypes.authorization_code:
var authCodeParameter = tokenRequest.ToAuthorizationCodeGrantTypeParameter();
result = await _tokenActions.GetTokenByAuthorizationCodeGrantType(
authCodeParameter,
authenticationHeaderValue);
break;
case GrantTypes.refresh_token:
var refreshTokenParameter = tokenRequest.ToRefreshTokenGrantTypeParameter();
result = await _tokenActions.GetTokenByRefreshTokenGrantType(refreshTokenParameter);
break;
case GrantTypes.client_credentials:
var clientCredentialsParameter = tokenRequest.ToClientCredentialsGrantTypeParameter();
result = await _tokenActions.GetTokenByClientCredentialsGrantType(clientCredentialsParameter, authenticationHeaderValue);
break;
}
return(result.ToDto());
}
public void SerializeDeserialize_Simple()
{
var serializer = new ParamSerializer();
var startObj = new { a = "1", b = "2" };
var endObj = serializer.Deserialize(serializer.Serialize(startObj));
var startObjStr = JsonConvert.SerializeObject(startObj);
var endObjStr = JsonConvert.SerializeObject(endObj);
Assert.AreEqual(startObjStr, endObjStr);
}
public void SerializeDeserialize_Complex()
{
var serializer = new ParamSerializer();
var startObj =
new { a = new object[] { "1", "2", new { d = "8", e = "9" } }, b = "2", c = new { f = "10", g = "11" } };
var endObj = serializer.Deserialize(serializer.Serialize(startObj));
var startObjStr = JsonConvert.SerializeObject(startObj);
var endObjStr = JsonConvert.SerializeObject(endObj);
Assert.AreEqual(startObjStr, endObjStr);
}
public async Task RevokeSessionCallback()
{
var authenticatedUser = await _authenticationService.GetAuthenticatedUser(this, Constants.CookieNames.CookieName);
if (authenticatedUser == null || !authenticatedUser.Identity.IsAuthenticated)
{
await this.DisplayInternalHtml("SimpleIdentityServer.Host.Views.UserNotConnected.html");
return;
}
var query = Request.Query;
var serializer = new ParamSerializer();
RevokeSessionRequest request = null;
if (query != null)
{
request = serializer.Deserialize <RevokeSessionRequest>(query);
}
Response.Cookies.Delete(Core.Constants.SESSION_ID);
await _authenticationService.SignOutAsync(HttpContext, Constants.CookieNames.CookieName, new Microsoft.AspNetCore.Authentication.AuthenticationProperties());
if (request != null && !string.IsNullOrWhiteSpace(request.PostLogoutRedirectUri) && !string.IsNullOrWhiteSpace(request.IdTokenHint))
{
var jws = await _jwtParser.UnSignAsync(request.IdTokenHint);
if (jws != null)
{
var claim = jws.FirstOrDefault(c => c.Key == StandardClaimNames.Azp);
if (!claim.Equals(default(KeyValuePair <string, object>)) && claim.Value != null)
{
var client = await _clientRepository.GetClientByIdAsync(claim.Value.ToString());
if (client != null)
{
if (client.PostLogoutRedirectUris != null && client.PostLogoutRedirectUris.Contains(request.PostLogoutRedirectUri))
{
var redirectUrl = request.PostLogoutRedirectUri;
if (!string.IsNullOrWhiteSpace(request.State))
{
redirectUrl = $"{redirectUrl}?state={request.State}";
}
Response.Redirect(redirectUrl);
return;
}
}
}
}
}
await this.DisplayInternalHtml("SimpleIdentityServer.Host.Views.RevokeSessionCallback.html");
}
void IXmlSerializable.ReadXml(XmlReader reader)
{
reader.MoveToContent();
bool empty = reader.IsEmptyElement;
Unk04 = int.Parse(reader.GetAttribute(nameof(Unk04)));
reader.ReadStartElement();
if (!empty)
{
while (reader.IsStartElement(nameof(Param)))
{
Params.Add((Param)ParamSerializer.Deserialize(reader));
}
reader.ReadEndElement();
}
}
public async Task <ActionResult> PostRevoke()
{
try
{
if (Request.Form == null)
{
return(BuildError(ErrorCodes.InvalidRequestCode, "no parameter in body request", HttpStatusCode.BadRequest));
}
}
catch (Exception)
{
return(BuildError(ErrorCodes.InvalidRequestCode, "no parameter in body request", HttpStatusCode.BadRequest));
}
var nameValueCollection = new NameValueCollection();
foreach (var kvp in Request.Form)
{
nameValueCollection.Add(kvp.Key, kvp.Value);
}
var serializer = new ParamSerializer();
var revocationRequest = serializer.Deserialize <RevocationRequest>(nameValueCollection);
// 1. Fetch the authorization header
StringValues authorizationHeader;
AuthenticationHeaderValue authenticationHeaderValue = null;
if (Request.Headers.TryGetValue("Authorization", out authorizationHeader))
{
var authorizationHeaderValue = authorizationHeader.First();
var splittedAuthorizationHeaderValue = authorizationHeaderValue.Split(' ');
if (splittedAuthorizationHeaderValue.Count() == 2)
{
authenticationHeaderValue = new AuthenticationHeaderValue(
splittedAuthorizationHeaderValue[0],
splittedAuthorizationHeaderValue[1]);
}
}
// 2. Revoke the token
var issuerName = Request.GetAbsoluteUriWithVirtualPath();
await _tokenActions.RevokeToken(revocationRequest.ToParameter(), authenticationHeaderValue, GetCertificate(), issuerName);
return(new OkResult());
}
public async Task <IActionResult> Post()
{
try
{
if (Request.Form == null)
{
return(BuildError(ErrorCodes.InvalidRequestCode, "no parameter in body request", HttpStatusCode.BadRequest));
}
}
catch (Exception)
{
return(BuildError(ErrorCodes.InvalidRequestCode, "no parameter in body request", HttpStatusCode.BadRequest));
}
var nameValueCollection = new NameValueCollection();
foreach (var kvp in Request.Form)
{
nameValueCollection.Add(kvp.Key, kvp.Value);
}
var s = Thread.CurrentThread.ManagedThreadId;
var serializer = new ParamSerializer();
var introspectionRequest = serializer.Deserialize <IntrospectionRequest>(nameValueCollection);
StringValues authorizationHeader;
AuthenticationHeaderValue authenticationHeaderValue = null;
if (Request.Headers.TryGetValue("Authorization", out authorizationHeader))
{
var authorizationHeaderValue = authorizationHeader.First();
var splittedAuthorizationHeaderValue = authorizationHeaderValue.Split(' ');
if (splittedAuthorizationHeaderValue.Count() == 2)
{
authenticationHeaderValue = new AuthenticationHeaderValue(
splittedAuthorizationHeaderValue[0],
splittedAuthorizationHeaderValue[1]);
}
}
var issuerName = Request.GetAbsoluteUriWithVirtualPath();
var result = await _introspectionActions.PostIntrospection(introspectionRequest.ToParameter(), authenticationHeaderValue, issuerName);
return(new OkObjectResult(result.ToDto()));
}
public async Task <ActionResult> PostRevoke()
{
if (Request.Form == null)
{
throw new ArgumentNullException(nameof(Request.Form));
}
var nameValueCollection = new NameValueCollection();
foreach (var kvp in Request.Form)
{
nameValueCollection.Add(kvp.Key, kvp.Value);
}
var serializer = new ParamSerializer();
var revocationRequest = serializer.Deserialize <RevocationRequest>(nameValueCollection);
// 1. Fetch the authorization header
StringValues authorizationHeader;
AuthenticationHeaderValue authenticationHeaderValue = null;
if (Request.Headers.TryGetValue("Authorization", out authorizationHeader))
{
var authorizationHeaderValue = authorizationHeader.First();
var splittedAuthorizationHeaderValue = authorizationHeaderValue.Split(' ');
if (splittedAuthorizationHeaderValue.Count() == 2)
{
authenticationHeaderValue = new AuthenticationHeaderValue(
splittedAuthorizationHeaderValue[0],
splittedAuthorizationHeaderValue[1]);
}
}
// 2. Revoke the token
await _tokenActions.RevokeToken(revocationRequest.ToParameter(), authenticationHeaderValue);
return(new OkResult());
}
public async Task <Introspection> Post()
{
if (Request.Form == null)
{
throw new ArgumentNullException(nameof(Request.Form));
}
var nameValueCollection = new NameValueCollection();
foreach (var kvp in Request.Form)
{
nameValueCollection.Add(kvp.Key, kvp.Value);
}
var s = Thread.CurrentThread.ManagedThreadId;
var serializer = new ParamSerializer();
var introspectionRequest = serializer.Deserialize <IntrospectionRequest>(nameValueCollection);
StringValues authorizationHeader;
AuthenticationHeaderValue authenticationHeaderValue = null;
if (Request.Headers.TryGetValue("Authorization", out authorizationHeader))
{
var authorizationHeaderValue = authorizationHeader.First();
var splittedAuthorizationHeaderValue = authorizationHeaderValue.Split(' ');
if (splittedAuthorizationHeaderValue.Count() == 2)
{
authenticationHeaderValue = new AuthenticationHeaderValue(
splittedAuthorizationHeaderValue[0],
splittedAuthorizationHeaderValue[1]);
}
}
var result = await _introspectionActions.PostIntrospection(introspectionRequest.ToParameter(), authenticationHeaderValue);
return(result.ToDto());
}
public void SerializeDeserialize_Simple()
{
var serializer = new ParamSerializer();
var startObj = new { a = "1", b = "2" };
var endObj = serializer.Deserialize(serializer.Serialize(startObj));
var startObjStr = JsonConvert.SerializeObject(startObj);
var endObjStr = JsonConvert.SerializeObject(endObj);
Assert.AreEqual(startObjStr, endObjStr);
}
public void SerializeDeserialize_Complex()
{
var serializer = new ParamSerializer();
var startObj =
new { a = new object[] { "1", "2", new { d = "8", e = "9" } }, b = "2", c = new { f = "10", g = "11" } };
var endObj = serializer.Deserialize(serializer.Serialize(startObj));
var startObjStr = JsonConvert.SerializeObject(startObj);
var endObjStr = JsonConvert.SerializeObject(endObj);
Assert.AreEqual(startObjStr, endObjStr);
}
public async Task <IActionResult> Get()
{
var query = Request.Query;
if (query == null)
{
return(BuildError(ErrorCodes.InvalidRequestCode, "no parameter in body request", HttpStatusCode.BadRequest));
}
var originUrl = this.GetOriginUrl();
var sessionId = GetSessionId();
var serializer = new ParamSerializer();
var authorizationRequest = serializer.Deserialize <AuthorizationRequest>(query);
authorizationRequest = await ResolveAuthorizationRequest(authorizationRequest).ConfigureAwait(false);
authorizationRequest.OriginUrl = originUrl;
authorizationRequest.SessionId = sessionId;
var authenticatedUser = await _authenticationService.GetAuthenticatedUser(this, Constants.CookieNames.CookieName);
var parameter = authorizationRequest.ToParameter();
var issuerName = Request.GetAbsoluteUriWithVirtualPath();
string authenticatedSubject = null;
double?authInstant = null;
if (authenticatedUser != null)
{
authenticatedSubject = authenticatedUser.GetSubject();
var authInstantClaim = authenticatedUser.Claims.FirstOrDefault(c => c.Type == Core.Common.StandardClaimNames.AuthenticationTime || c.Type == ClaimTypes.AuthenticationInstant);
if (authInstantClaim != null)
{
authInstant = double.Parse(authInstantClaim.Value);
}
}
var actionResult = await _authorizationActions.GetAuthorization(parameter, issuerName, authenticatedSubject, authInstant);
if (actionResult.Type == TypeActionResult.RedirectToCallBackUrl)
{
var redirectUrl = new Uri(authorizationRequest.RedirectUri);
return(this.CreateRedirectHttpTokenResponse(redirectUrl,
_actionResultParser.GetRedirectionParameters(actionResult),
actionResult.RedirectInstruction.ResponseMode));
}
if (actionResult.Type == TypeActionResult.RedirectToAction)
{
if (actionResult.RedirectInstruction.Action == IdentityServerEndPoints.AuthenticateIndex ||
actionResult.RedirectInstruction.Action == IdentityServerEndPoints.ConsentIndex)
{
// Force the resource owner to be reauthenticated
if (actionResult.RedirectInstruction.Action == IdentityServerEndPoints.AuthenticateIndex)
{
authorizationRequest.Prompt = Enum.GetName(typeof(PromptParameter), PromptParameter.login);
}
// Set the process id into the request.
if (!string.IsNullOrWhiteSpace(actionResult.ProcessId))
{
authorizationRequest.ProcessId = actionResult.ProcessId;
}
// Add the encoded request into the query string
if (actionResult.AmrLst != null)
{
authorizationRequest.AmrValues = string.Join(" ", actionResult.AmrLst);
}
var encryptedRequest = _dataProtector.Protect(authorizationRequest);
actionResult.RedirectInstruction.AddParameter(Core.Constants.StandardAuthorizationResponseNames.AuthorizationCodeName, encryptedRequest);
}
var url = GetRedirectionUrl(Request, actionResult.AmrLst == null || !actionResult.AmrLst.Any() ? null : actionResult.AmrLst.First(), actionResult.RedirectInstruction.Action);
var uri = new Uri(url);
var redirectionUrl = uri.AddParametersInQuery(_actionResultParser.GetRedirectionParameters(actionResult));
return(new RedirectResult(redirectionUrl.AbsoluteUri));
}
return(null);
}
public static T Deserialize <T>(this ParamSerializer paramSerializer, IQueryCollection query)
{
return(paramSerializer.Deserialize <T>(ConvertNameValueCollection(query)));
}
public static T Deserialize <T>(this ParamSerializer paramSerializer, IFormCollection form)
{
return(paramSerializer.Deserialize <T>(ConvertNameValueCollection(form)));
}
public async Task <IActionResult> PostToken()
{
var certificate = GetCertificate();
try
{
if (Request.Form == null)
{
return(BuildError(ErrorCodes.InvalidRequestCode, "no parameter in body request", HttpStatusCode.BadRequest));
}
}
catch (Exception)
{
return(BuildError(ErrorCodes.InvalidRequestCode, "no parameter in body request", HttpStatusCode.BadRequest));
}
var serializer = new ParamSerializer();
var tokenRequest = serializer.Deserialize <TokenRequest>(Request.Form);
GrantedToken result = null;
StringValues authorizationHeader;
AuthenticationHeaderValue authenticationHeaderValue = null;
if (Request.Headers.TryGetValue("Authorization", out authorizationHeader))
{
var authorizationHeaderValue = authorizationHeader.First();
var splittedAuthorizationHeaderValue = authorizationHeaderValue.Split(' ');
if (splittedAuthorizationHeaderValue.Count() == 2)
{
authenticationHeaderValue = new AuthenticationHeaderValue(
splittedAuthorizationHeaderValue[0],
splittedAuthorizationHeaderValue[1]);
}
}
var issuerName = Request.GetAbsoluteUriWithVirtualPath();
switch (tokenRequest.GrantType)
{
case GrantTypes.password:
var resourceOwnerParameter = tokenRequest.ToResourceOwnerGrantTypeParameter();
result = await _tokenActions.GetTokenByResourceOwnerCredentialsGrantType(resourceOwnerParameter, authenticationHeaderValue, certificate, issuerName);
break;
case GrantTypes.authorization_code:
var authCodeParameter = tokenRequest.ToAuthorizationCodeGrantTypeParameter();
result = await _tokenActions.GetTokenByAuthorizationCodeGrantType(authCodeParameter, authenticationHeaderValue, certificate, issuerName);
break;
case GrantTypes.refresh_token:
var refreshTokenParameter = tokenRequest.ToRefreshTokenGrantTypeParameter();
result = await _tokenActions.GetTokenByRefreshTokenGrantType(refreshTokenParameter, authenticationHeaderValue, certificate, issuerName);
break;
case GrantTypes.client_credentials:
var clientCredentialsParameter = tokenRequest.ToClientCredentialsGrantTypeParameter();
result = await _tokenActions.GetTokenByClientCredentialsGrantType(clientCredentialsParameter, authenticationHeaderValue, certificate, issuerName);
break;
case GrantTypes.uma_ticket:
var tokenIdParameter = tokenRequest.ToTokenIdGrantTypeParameter();
var getTokenByTicketIdResponse = await _umaTokenActions.GetTokenByTicketId(tokenIdParameter, _authorizationServerOptions.OpenidWellKnownConfiguration, issuerName);
if (!getTokenByTicketIdResponse.IsValid)
{
var errorResponse = new ErrorResponse
{
Error = Errors.ErrorCodes.NotAuthorized
};
var errorDetails = new List <object>();
foreach (var policyResult in getTokenByTicketIdResponse.ResourceValidationResult.AuthorizationPoliciesResult)
{
var dic = new Dictionary <string, object>
{
{ "status", policyResult.Type.ToString() },
{ "details", policyResult.ErrorDetails }
};
if (policyResult.Policy != null)
{
dic.Add("policy_id", policyResult.Policy.Id);
}
errorDetails.Add(dic);
}
errorResponse.ErrorDetails = errorDetails;
return(new JsonResult(errorResponse)
{
StatusCode = (int)HttpStatusCode.InternalServerError
});
}
result = getTokenByTicketIdResponse.GrantedToken;
break;
}
return(new OkObjectResult(result.ToDto()));
}
public async Task <IActionResult> PostToken()
{
var certificate = GetCertificate();
try
{
if (Request.Form == null)
{
return(BuildError(ErrorCodes.InvalidRequestCode, "no parameter in body request", HttpStatusCode.BadRequest));
}
}
catch (Exception)
{
return(BuildError(ErrorCodes.InvalidRequestCode, "no parameter in body request", HttpStatusCode.BadRequest));
}
var serializer = new ParamSerializer();
var tokenRequest = serializer.Deserialize <TokenRequest>(Request.Form);
GrantedToken result = null;
StringValues authorizationHeader;
AuthenticationHeaderValue authenticationHeaderValue = null;
if (Request.Headers.TryGetValue("Authorization", out authorizationHeader))
{
var authorizationHeaderValue = authorizationHeader.First();
var splittedAuthorizationHeaderValue = authorizationHeaderValue.Split(' ');
if (splittedAuthorizationHeaderValue.Count() == 2)
{
authenticationHeaderValue = new AuthenticationHeaderValue(
splittedAuthorizationHeaderValue[0],
splittedAuthorizationHeaderValue[1]);
}
}
var issuerName = Request.GetAbsoluteUriWithVirtualPath();
switch (tokenRequest.GrantType)
{
case GrantTypes.password:
var resourceOwnerParameter = tokenRequest.ToResourceOwnerGrantTypeParameter();
result = await _tokenActions.GetTokenByResourceOwnerCredentialsGrantType(resourceOwnerParameter, authenticationHeaderValue, certificate, issuerName);
break;
case GrantTypes.authorization_code:
var authCodeParameter = tokenRequest.ToAuthorizationCodeGrantTypeParameter();
result = await _tokenActions.GetTokenByAuthorizationCodeGrantType(authCodeParameter, authenticationHeaderValue, certificate, issuerName);
break;
case GrantTypes.refresh_token:
var refreshTokenParameter = tokenRequest.ToRefreshTokenGrantTypeParameter();
result = await _tokenActions.GetTokenByRefreshTokenGrantType(refreshTokenParameter, authenticationHeaderValue, certificate, issuerName);
break;
case GrantTypes.client_credentials:
var clientCredentialsParameter = tokenRequest.ToClientCredentialsGrantTypeParameter();
result = await _tokenActions.GetTokenByClientCredentialsGrantType(clientCredentialsParameter, authenticationHeaderValue, certificate, issuerName);
break;
case GrantTypes.uma_ticket:
var tokenIdParameter = tokenRequest.ToTokenIdGrantTypeParameter();
result = await _umaTokenActions.GetTokenByTicketId(tokenIdParameter, authenticationHeaderValue, certificate, issuerName);
break;
}
return(new OkObjectResult(result.ToDto()));
}
public static T Deserialize <T>(this ParamSerializer paramSerializer, NameValueCollection input)
{
return(paramSerializer.Deserialize <T>(ConvertNameValueCollection(input)));
}
