public override Task ValidateClientRedirectUri(OAuthValidateClientRedirectUriContext context)
        {
            if (context.ClientId == _publicClientId)
                context.Validated();  

            return Task.FromResult<object>(null);
        }
        /// <summary>
        /// Called to validate that the context.ClientId is a registered "client_id", and that the context.RedirectUri a "redirect_uri"
        /// registered for that client. This only occurs when processing the Authorize endpoint. The application MUST implement this
        /// call, and it MUST validate both of those factors before calling context.Validated. If the context.Validated method is called
        /// with a given redirectUri parameter, then IsValidated will only become true if the incoming redirect URI matches the given redirect URI.
        /// If context.Validated is not called the request will not proceed further.
        /// </summary>
        /// <param name="context">The context of the event carries information in and results out.</param>
        /// <returns>Task to enable asynchronous execution</returns>
        public override async Task ValidateClientRedirectUri(OAuthValidateClientRedirectUriContext context)
        {
            this.options.Logger.DebugFormat("Validating client id and redirect uri");

            // Only proceed if client id and redirect uri is provided
            if (string.IsNullOrEmpty(context.ClientId) || string.IsNullOrEmpty(context.RedirectUri))
            {
                this.options.Logger.WarnFormat("Client id ({0}) or client secret ({1}) is invalid", context.ClientId, context.RedirectUri);

                return;
            }

            this.options.Logger.DebugFormat("Authenticating client '{0}' and redirect uri '{1}'", context.ClientId, context.RedirectUri);

            var client = await this.options.ClientManager.AuthenticateClientAsync(context.ClientId, context.RedirectUri);

            if (!client.Identity.IsAuthenticated)
            {
                context.Rejected();

                this.options.Logger.WarnFormat("Client '{0}' and redirect uri '{1}' was not authenticated", context.ClientId, context.RedirectUri);

                return;
            }

            this.options.Logger.DebugFormat("Client '{0}' and redirect uri '{1}' was successfully authenticated", context.ClientId, context.RedirectUri);

            context.OwinContext.GetOAuthContext().ClientId = context.ClientId;
            context.OwinContext.GetOAuthContext().RedirectUri = context.RedirectUri;

            context.Validated(context.RedirectUri);
        }
        public override Task ValidateClientRedirectUri(OAuthValidateClientRedirectUriContext context)
        {
            if (context.ClientId != _publicClientId) return Task.FromResult<object>(null);

            var expectedRootUri = new Uri(context.Request.Uri, "/");

            if (expectedRootUri.AbsoluteUri == context.RedirectUri) context.Validated();

            return Task.FromResult<object>(null);
        }
 private Task ValidateClientRedirectUri(OAuthValidateClientRedirectUriContext context)
 {
   
     if (context.ClientId == ClientId)
     {
         context.Validated();
     }
    
     return Task.FromResult(0);
 }
        public override Task ValidateClientRedirectUri(OAuthValidateClientRedirectUriContext context)
        {
            Uri uri;
            if (Uri.TryCreate(context.RedirectUri, UriKind.Absolute, out uri))
            {
                context.Validated();

                return Task.FromResult(0);
            }
            return base.ValidateClientRedirectUri(context);
        }
        public override Task ValidateClientRedirectUri(OAuthValidateClientRedirectUriContext context)
        {
            if (context.ClientId == _publicClientId) {
                Uri expectedRootUri = new Uri(context.Request.Uri, "/externalLogin"); // modified by Stephen

                if (expectedRootUri.AbsoluteUri == context.RedirectUri) {
                    context.Validated();
                }
            }

            return Task.FromResult<object>(null);
        }
        public override Task ValidateClientRedirectUri(OAuthValidateClientRedirectUriContext context)
        {
            if (context.ClientId != _publicClientId) return null;

            var expectedRootUri = new Uri(context.Request.Uri, "/");

            if (expectedRootUri.AbsoluteUri == context.RedirectUri)
            {
                context.Validated();
            }

            return null;
        }
        public override Task ValidateClientRedirectUri(OAuthValidateClientRedirectUriContext context)
        {
            if (context.ClientId == _publicClientId)
            {
                Uri expectedRootUri = new Uri(context.Request.Uri, "/");

                if (true /*expectedRootUri.AbsoluteUri == context.RedirectUri*/)
                {
                    context.Validated();
                }
            }

            return Task.FromResult<object>(null);
        }
        public override Task ValidateClientRedirectUri(OAuthValidateClientRedirectUriContext context)
        {
            if (context.ClientId == _publicClientId)
            {
                Uri expectedRootUri = FullRootUri(HttpContext.Current);

                if (expectedRootUri.AbsoluteUri == context.RedirectUri)
                {
                    context.Validated();
                }
            }

            return Task.FromResult<object>(null);
        }
        public override Task ValidateClientRedirectUri(OAuthValidateClientRedirectUriContext context)
        {
            if (context.ClientId == "self")
            {
                var expectedRootUri = new Uri(context.Request.Uri, "/");

                if (expectedRootUri.AbsoluteUri == context.RedirectUri)
                {
                    context.Validated();
                }
            }

            return Task.FromResult(0);
        }
Esempio n. 11
0
        public override System.Threading.Tasks.Task ValidateClientRedirectUri(OAuthValidateClientRedirectUriContext context)
        {
            if (context.ClientId == _publicClientId)
            {
                Uri expectedRootUri = new Uri(context.Request.Uri, "/");

                if (expectedRootUri.AbsoluteUri == context.RedirectUri)
                {
                    context.Validated();
                }
            }

            return System.Threading.Tasks.Task.FromResult<object>(null);
        }
        public override Task ValidateClientRedirectUri(OAuthValidateClientRedirectUriContext context)
        {
            if (context.ClientId == publicClientId)
            {
                Uri expectedRootUri = new Uri(context.Request.Uri, "/" + this.externalAuthPageUrl);

                if (expectedRootUri.AbsoluteUri == context.RedirectUri)
                {
                    context.Validated();
                }
            }

            return Task.FromResult<object>(null);
        }
        public override Task ValidateClientRedirectUri(OAuthValidateClientRedirectUriContext context)
        {
            if (context.ClientId == _publicClientId)
            {
                Uri expectedRootUri = new Uri(context.Request.Uri, "/");
                Uri redirectUri = new Uri(context.RedirectUri);

                if (expectedRootUri.Authority == redirectUri.Authority)
                {
                    context.Validated();
                }
            }

            return Task.FromResult<object>(null);
        }
        public override Task ValidateClientRedirectUri(OAuthValidateClientRedirectUriContext context)
        {
            //if (context.ClientId == _publicClientId)
            //{
            //    Uri expectedRootUri = new Uri(context.Request.Uri, "/");

            //    if (expectedRootUri.AbsoluteUri == context.RedirectUri)
            //    {
            //        context.Validated();
            //    }
            //}
            if (context.ClientId == _publicClientId)
            {
                context.Validated();
            }
            return Task.FromResult<object>(null);
        }
        public override Task ValidateClientRedirectUri(OAuthValidateClientRedirectUriContext context)
        {
            if (context.ClientId == this.publicClientId)
            {
                var expectedRootUri = new Uri(context.Request.Uri, "/");
                if (expectedRootUri.AbsoluteUri == context.RedirectUri)
                {
                    context.Validated();
                }
                else if (context.ClientId == "web")
                {
                    var expectedUri = new Uri(context.Request.Uri, "/");
                    context.Validated(expectedUri.AbsoluteUri);
                }
            }

            return Task.FromResult<object>(null);
        }
        public override Task ValidateClientRedirectUri(OAuthValidateClientRedirectUriContext context)
        {
            var authCookie = context.Request.Cookies[FormsAuthentication.FormsCookieName];
            var authTicket = FormsAuthentication.Decrypt(authCookie);

            if (authTicket.Expired)
                context.Rejected();
            else
                context.Validated();

            //We validated that Client Id and Reditect Uri are indeed what we expect
            //if (context.ClientId == "123456" && context.RedirectUri.Contains("localhost"))
            //    context.Validated();
            //else
            //    context.Rejected();

            return Task.FromResult<object>(null);
        }
        public override Task ValidateClientRedirectUri(OAuthValidateClientRedirectUriContext context)
        {
            if (context.ClientId != _publicClientId)
            {
                return Task.FromResult(0);
            }

            Uri expectedRootUri = new Uri(context.Request.Uri, "/");
            string windowsStoreRedirectUri = ConfigurationManager.AppSettings["windowsStoreRedirectUri"];

            if (expectedRootUri.AbsoluteUri == context.RedirectUri ||
                (windowsStoreRedirectUri != null && new Uri(windowsStoreRedirectUri).AbsoluteUri == context.RedirectUri))
            {
                context.Validated();
            }

            return Task.FromResult(0);
        }
        public override Task ValidateClientRedirectUri(OAuthValidateClientRedirectUriContext context) {
            if (!String.IsNullOrEmpty(context.ClientId) && context.ClientId != PublicClientId) {
                var app = _applicationRepository.GetById(context.ClientId, true);
                if (app == null)
                    return Task.FromResult(0);

                if (!context.Request.Uri.AbsoluteUri.StartsWith(app.Url))
                    return Task.FromResult(0);

                context.Validated(context.Request.Uri.AbsoluteUri);
            } else {
                if (!context.Request.Uri.AbsoluteUri.StartsWith(context.Request.Uri.Authority))
                    return Task.FromResult(0);

                context.Validated(context.Request.Uri.AbsoluteUri);
            }

            return Task.FromResult(0);
        }
 public override Task ValidateClientRedirectUri(OAuthValidateClientRedirectUriContext context)
 {
     // TODO: REFACTOR > code identical to CORS, same clients
     if (_registeredClients == null)
     {
         _registeredClients = new Collection<Uri>();
         string[] domains = ConfigurationManager.AppSettings["CORS"].Split(';');
         foreach (var domain in domains)
         {
             _registeredClients.Add(new Uri(domain));
         }
     }
     var client = new Uri(context.RedirectUri);
     if (context.ClientId == _publicClientId && _registeredClients.Any(o => o.IsBaseOf(client)))
     {
         context.Validated();
     }
     return Task.FromResult<object>(null);
 }
        public override Task ValidateClientRedirectUri(OAuthValidateClientRedirectUriContext context)
        {
            if (context.ClientId == _publicClientId)
            {
                //BEGIN MODIFIED BY JLC
                /*
                Uri expectedRootUri = new Uri(context.Request.Uri, "/");

                if (expectedRootUri.AbsoluteUri == context.RedirectUri)
                {
                    context.Validated();
                }
                **/
                context.Validated();
                //TODO: Is this still compliant with oAuth 2.0?????????????????
                //END MODIFIED BY JLC
            }

            return Task.FromResult<object>(null);
        }
Esempio n. 21
0
        private Task <bool> SendErrorRedirectAsync(
            OAuthValidateClientRedirectUriContext clientContext,
            BaseValidatingContext <OAuthAuthorizationServerOptions> validatingContext)
        {
            if (clientContext == null)
            {
                throw new ArgumentNullException("clientContext");
            }

            string error            = validatingContext.HasError ? validatingContext.Error : Constants.Errors.InvalidRequest;
            string errorDescription = validatingContext.HasError ? validatingContext.ErrorDescription : null;
            string errorUri         = validatingContext.HasError ? validatingContext.ErrorUri : null;

            if (!clientContext.IsValidated)
            {
                // write error in response body if client_id or redirect_uri have not been validated
                return(SendErrorPageAsync(error, errorDescription, errorUri));
            }

            // redirect with error if client_id and redirect_uri have been validated
            string location = WebUtilities.AddQueryString(clientContext.RedirectUri, Constants.Parameters.Error, error);

            if (!string.IsNullOrEmpty(errorDescription))
            {
                location = WebUtilities.AddQueryString(location, Constants.Parameters.ErrorDescription, errorDescription);
            }
            if (!string.IsNullOrEmpty(errorUri))
            {
                location = WebUtilities.AddQueryString(location, Constants.Parameters.ErrorUri, errorUri);
            }
            // if a state parameter was provided, include it in the redirect location
            IList <string> stateValues = clientContext.Request.Query.GetValues(Constants.Parameters.State);

            if (stateValues != null && stateValues.Count == 1)
            {
                location = WebUtilities.AddQueryString(location, Constants.Parameters.State, stateValues[0]);
            }
            Response.Redirect(location);
            // request is handled, does not pass on to application
            return(Task.FromResult(true));
        }
        public override Task ValidateClientRedirectUri(OAuthValidateClientRedirectUriContext context)
        {
            if (context.ClientId == _publicClientId)
            {
                var referer = context.Request.Headers["Referer"];

                var returnUrl = context.Request.Query != null
                    ? context.Request.Query.Get("redirect_uri") ?? null
                    : null;

                var expectedUri = referer != null ? new Uri(referer) : returnUrl != null ? new Uri(returnUrl) : context.Request.Uri;

                Uri expectedRootUri = new Uri(expectedUri, "/access_token.html");
                
                if (expectedRootUri.AbsoluteUri == context.RedirectUri)
                {
                    context.Validated();
                }
            }

            return Task.FromResult<object>(null);
        }
        public override Task ValidateClientRedirectUri(OAuthValidateClientRedirectUriContext context)
        {
            if (context.ClientId == _publicClientId)
            {
                var httpRequest = ((System.Web.HttpContextBase)context.OwinContext.Environment["System.Web.HttpContextBase"]).Request;
                var path = string.Format("{0}/", httpRequest.ApplicationPath.TrimEnd('/'));

                Uri expectedRootUri = new Uri(context.Request.Uri, path);

                if (expectedRootUri.AbsoluteUri == context.RedirectUri)
                {
                    context.Validated();
                }
                else if (context.ClientId == "web")
                {
                    var expectedUri = new Uri(context.Request.Uri, path);
                    context.Validated(expectedUri.AbsoluteUri);
                }
            }

            return Task.FromResult<object>(null);
        }
        public override Task ValidateClientRedirectUri(OAuthValidateClientRedirectUriContext context)
        {
            if (context.ClientId == _publicClientId)
            {
                Uri requestUri = context.Request.Uri;
                Uri redirectUri = new Uri(context.RedirectUri);
                if (redirectUri.Host == requestUri.Host && "/".Equals(redirectUri.AbsolutePath, StringComparison.OrdinalIgnoreCase))
                {
                    if (!string.IsNullOrEmpty(redirectUri.Query))
                    {
                        NameValueCollection queryString = HttpUtility.ParseQueryString(redirectUri.Query);
                        string returnData = queryString["rd"];
                        if (!string.IsNullOrEmpty(returnData))
                        {
                            //TODO: check if json is valid
                            context.Validated();
                        }
                    }
                }
            }

            return Task.FromResult<object>(null);
        }
 /// <summary>
 /// Called to validate that the context.ClientId is a registered "client_id", and that the context.RedirectUri a "redirect_uri" 
 /// registered for that client. This only occurs when processing the Authorize endpoint. The application MUST implement this
 /// call, and it MUST validate both of those factors before calling context.Validated. If the context.Validated method is called
 /// with a given redirectUri parameter, then IsValidated will only become true if the incoming redirect URI matches the given redirect URI. 
 /// If context.Validated is not called the request will not proceed further. 
 /// </summary>
 /// <param name="context">The context of the event carries information in and results out.</param>
 /// <returns>Task to enable asynchronous execution</returns>
 public virtual Task ValidateClientRedirectUri(OAuthValidateClientRedirectUriContext context)
 {
     return OnValidateClientRedirectUri.Invoke(context);
 }
Esempio n. 26
0
 /// <summary>
 /// Called to validate that the context.ClientId is a registered "client_id", and that the context.RedirectUri a "redirect_uri"
 /// registered for that client. This only occurs when processing the Authorize endpoint. The application MUST implement this
 /// call, and it MUST validate both of those factors before calling context.Validated. If the context.Validated method is called
 /// with a given redirectUri parameter, then IsValidated will only become true if the incoming redirect URI matches the given redirect URI.
 /// If context.Validated is not called the request will not proceed further.
 /// </summary>
 /// <param name="context">The context of the event carries information in and results out.</param>
 /// <returns>Task to enable asynchronous execution</returns>
 public virtual Task ValidateClientRedirectUri(OAuthValidateClientRedirectUriContext context)
 {
     return(OnValidateClientRedirectUri.Invoke(context));
 }
 /// <summary>
 /// 验证重定向域名是否符合当前客户端Id创建时填写的主域名
 /// </summary>
 /// <param name="context"></param>
 /// <returns></returns>
 public async override Task ValidateClientRedirectUri(OAuthValidateClientRedirectUriContext context)
 {
     string redirectUri = await _clientValidator.GetRedirectUrl(context.ClientId);
     if (redirectUri != null)
     {
         context.Validated(redirectUri);
     }
     await Task.FromResult(0);
 }
        private async Task <bool> InvokeAuthorizeEndpointAsync()
        {
            var authorizeRequest = new AuthorizeEndpointRequest(Request.Query);

            var clientContext = new OAuthValidateClientRedirectUriContext(
                Context,
                Options,
                authorizeRequest.ClientId,
                authorizeRequest.RedirectUri);

            if (!String.IsNullOrEmpty(authorizeRequest.RedirectUri))
            {
                bool acceptableUri = true;
                Uri  validatingUri;
                if (!Uri.TryCreate(authorizeRequest.RedirectUri, UriKind.Absolute, out validatingUri))
                {
                    // The redirection endpoint URI MUST be an absolute URI
                    // http://tools.ietf.org/html/rfc6749#section-3.1.2
                    acceptableUri = false;
                }
                else if (!String.IsNullOrEmpty(validatingUri.Fragment))
                {
                    // The endpoint URI MUST NOT include a fragment component.
                    // http://tools.ietf.org/html/rfc6749#section-3.1.2
                    acceptableUri = false;
                }
                else if (!Options.AllowInsecureHttp &&
                         String.Equals(validatingUri.Scheme, Uri.UriSchemeHttp, StringComparison.OrdinalIgnoreCase))
                {
                    // The redirection endpoint SHOULD require the use of TLS
                    // http://tools.ietf.org/html/rfc6749#section-3.1.2.1
                    acceptableUri = false;
                }
                if (!acceptableUri)
                {
                    clientContext.SetError(Constants.Errors.InvalidRequest);
                    return(await SendErrorRedirectAsync(clientContext, clientContext));
                }
            }

            await Options.Provider.ValidateClientRedirectUri(clientContext);

            if (!clientContext.IsValidated)
            {
                _logger.WriteVerbose("Unable to validate client information");
                return(await SendErrorRedirectAsync(clientContext, clientContext));
            }

            var validatingContext = new OAuthValidateAuthorizeRequestContext(
                Context,
                Options,
                authorizeRequest,
                clientContext);

            if (string.IsNullOrEmpty(authorizeRequest.ResponseType))
            {
                _logger.WriteVerbose("Authorize endpoint request missing required response_type parameter");
                validatingContext.SetError(Constants.Errors.InvalidRequest);
            }
            else if (!authorizeRequest.IsAuthorizationCodeGrantType &&
                     !authorizeRequest.IsImplicitGrantType)
            {
                _logger.WriteVerbose("Authorize endpoint request contains unsupported response_type parameter");
                validatingContext.SetError(Constants.Errors.UnsupportedResponseType);
            }
            else
            {
                await Options.Provider.ValidateAuthorizeRequest(validatingContext);
            }

            if (!validatingContext.IsValidated)
            {
                // an invalid request is not processed further
                return(await SendErrorRedirectAsync(clientContext, validatingContext));
            }

            _clientContext            = clientContext;
            _authorizeEndpointRequest = authorizeRequest;

            var authorizeEndpointContext = new OAuthAuthorizeEndpointContext(Context, Options);

            await Options.Provider.AuthorizeEndpoint(authorizeEndpointContext);

            return(authorizeEndpointContext.IsRequestCompleted);
        }
        private Task ValidateClientRedirectUri(OAuthValidateClientRedirectUriContext context)
        {
            // TODO: Validar a client id e retornar a url de redirect
            //if (context.ClientId == Clients.Client1.Id)
            //{
            //    context.Validated(Clients.Client1.RedirectUrl);
            //}
            //else if (context.ClientId == Clients.Client2.Id)
            //{
            //    context.Validated(Clients.Client2.RedirectUrl);
            //}
            context.Validated();

            return Task.FromResult(0);
        }
 public override async Task ValidateClientRedirectUri(OAuthValidateClientRedirectUriContext context)
 {
     // appelé pour valider la redirect_uri. 
     // dans la vraie vie, on valide vraiment :)
     context.Validated(context.RedirectUri);
 }
 public override Task ValidateClientRedirectUri(OAuthValidateClientRedirectUriContext context)
 {
     if (context.ClientId == this._publicClientId && new Uri(context.Request.Uri, "/").AbsoluteUri == context.RedirectUri)
         context.Validated();
     return (Task)Task.FromResult<object>((object)null);
 }
Esempio n. 32
0
 private Task ValidateClientRedirectUri(OAuthValidateClientRedirectUriContext context)
 {
     if (context.ClientId == "123456")
     {
         context.Validated("http://localhost:18002/Katana.Sandbox.WebClient/ClientApp.aspx");
     }
     else if (context.ClientId == "7890ab")
     {
         context.Validated("http://localhost:18002/Katana.Sandbox.WebClient/ClientPageSignIn.html");
     }
     return Task.FromResult(0);
 }
 public override Task ValidateClientRedirectUri(OAuthValidateClientRedirectUriContext context)
 {
     return base.ValidateClientRedirectUri(context);
 }