Esempio n. 1
0
        public override async Task ValidateLogoutRequest([NotNull] ValidateLogoutRequestContext context)
        {
            var services = context.HttpContext.RequestServices.GetRequiredService <OpenIddictServices <TApplication, TAuthorization, TScope, TToken> >();

            // Skip validation if the optional post_logout_redirect_uri
            // parameter was missing from the logout request.
            if (string.IsNullOrEmpty(context.PostLogoutRedirectUri))
            {
                services.Logger.LogInformation("The logout request validation process was skipped because " +
                                               "the post_logout_redirect_uri parameter was missing.");

                context.Skip();

                return;
            }

            var application = await services.Applications.FindByLogoutRedirectUri(context.PostLogoutRedirectUri);

            if (application == null)
            {
                services.Logger.LogError("The logout request was rejected because the client application corresponding " +
                                         "to the specified post_logout_redirect_uri was not found in the database: " +
                                         "'{PostLogoutRedirectUri}'.", context.PostLogoutRedirectUri);

                context.Reject(
                    error: OpenIdConnectConstants.Errors.InvalidClient,
                    description: "Invalid post_logout_redirect_uri.");

                return;
            }

            context.Validate();
        }
Esempio n. 2
0
        public override async Task ValidateLogoutRequest(ValidateLogoutRequestContext context)
        {
            var database = context.HttpContext.RequestServices.GetRequiredService <ApplicationContext>();

            // Skip validation if the post_logout_redirect_uri parameter was missing.
            if (string.IsNullOrEmpty(context.PostLogoutRedirectUri))
            {
                context.Skip();

                return;
            }

            // Note: ValidateClientLogoutRedirectUri is not invoked when post_logout_redirect_uri is null.
            // When provided, post_logout_redirect_uri must exactly match the address registered by the client application.
            if (!await database.Applications.AnyAsync(application => application.LogoutRedirectUri == context.PostLogoutRedirectUri))
            {
                context.Reject(
                    error: OpenIdConnectConstants.Errors.InvalidClient,
                    description: "Invalid post_logout_redirect_uri");

                return;
            }

            context.Validate();
        }
Esempio n. 3
0
        public override async Task ValidateLogoutRequest([NotNull] ValidateLogoutRequestContext context)
        {
            var services = context.HttpContext.RequestServices.GetRequiredService <OpenIddictServices <TUser, TApplication> >();

            // Skip validation if the optional post_logout_redirect_uri
            // parameter was missing from the logout request.
            if (string.IsNullOrEmpty(context.PostLogoutRedirectUri))
            {
                context.Skip();

                return;
            }

            var application = await services.Applications.FindApplicationByLogoutRedirectUri(context.PostLogoutRedirectUri);

            if (application == null)
            {
                context.Reject(
                    error: OpenIdConnectConstants.Errors.InvalidClient,
                    description: "Invalid post_logout_redirect_uri.");

                return;
            }

            context.Validate();
        }
        public override async Task ValidateLogoutRequest(ValidateLogoutRequestContext context) {
            var database = context.HttpContext.RequestServices.GetRequiredService<ApplicationContext>();

            // Skip validation if the post_logout_redirect_uri parameter was missing.
            if (string.IsNullOrEmpty(context.PostLogoutRedirectUri)) {
                context.Skip();

                return;
            }

            // When provided, post_logout_redirect_uri must exactly match the address registered by the client application.
            if (!await database.Applications.AnyAsync(application => application.LogoutRedirectUri == context.PostLogoutRedirectUri)) {
                context.Reject(
                    error: OpenIdConnectConstants.Errors.InvalidClient,
                    description: "Invalid post_logout_redirect_uri");

                return;
            }

            context.Validate();
        }
Esempio n. 5
0
        public override async Task ValidateLogoutRequest([NotNull] ValidateLogoutRequestContext context)
        {
            var clientMgr = context.HttpContext.RequestServices.GetRequiredService <OidcClientManager>();

            // Skip validation if the post_logout_redirect_uri parameter was missing.
            if (string.IsNullOrEmpty(context.PostLogoutRedirectUri))
            {
                context.Skip();

                return;
            }

            // When provided, post_logout_redirect_uri must exactly match the address registered by the client application.
            if (!clientMgr.IsValidPostLogoutRedirectUri(context.PostLogoutRedirectUri))
            {
                context.Reject(
                    error: OpenIdConnectConstants.Errors.InvalidClient,
                    description: "Invalid post_logout_redirect_uri");

                return;
            }

            context.Validate();
        }