Esempio n. 1
0
        protected override Task ApplyResponseChallengeAsync()
        {
            if (Response.StatusCode != 401)
            {
                return(Task.FromResult <object>(null));
            }

            var challenge = Helper.LookupChallenge(Options.AuthenticationType, Options.AuthenticationMode);

            if (challenge == null)
            {
                return(Task.FromResult <object>(null));
            }

            string baseUri     = Request.Scheme + Uri.SchemeDelimiter + this.GetHostName() + Request.PathBase;
            string currentUri  = baseUri + Request.Path + Request.QueryString;
            string redirectUri = baseUri + Options.CallbackPath;

            var properties = challenge.Properties;

            if (string.IsNullOrEmpty(properties.RedirectUri))
            {
                properties.RedirectUri = currentUri;
            }

            string codeVerifier  = string.Empty;
            string codeChallenge = string.Empty;

            if (Options.RequirePkce)
            {
                codeVerifier  = CryptoRandom.CreateUniqueId(32);
                codeChallenge = codeVerifier.ToSha256().TrimEnd('=').Replace('+', '-').Replace('/', '_');

                properties.Dictionary.Add(PkceCodeVerifierKey, codeVerifier);
            }

            // OAuth2 10.12 CSRF
            GenerateCorrelationId(properties);

            string state = Options.StateDataFormat.Protect(properties);

            string authorizationEndpoint =
                Options.Endpoints.AuthorizationEndpoint +
                "?response_type=code" +
                "&scope=*" +
                "&client_id=" + Uri.EscapeDataString(Options.ClientId) +
                "&redirect_uri=" + Uri.EscapeDataString(redirectUri) +
                "&state=" + Uri.EscapeDataString(state);

            if (Options.RequirePkce)
            {
                authorizationEndpoint += "&code_challenge=" + codeChallenge + "&code_challenge_method=S256";
            }

            var redirectContext = new GeocachingApplyRedirectContext(
                Context, Options,
                properties, authorizationEndpoint);

            Options.Provider.ApplyRedirect(redirectContext);

            return(Task.FromResult <object>(null));
        }
Esempio n. 2
0
 /// <summary>
 /// Called when a Challenge causes a redirect to authorize endpoint in the Geocaching middleware
 /// </summary>
 /// <param name="context">Contains redirect URI and <see cref="AuthenticationProperties"/> of the challenge </param>
 public virtual void ApplyRedirect(GeocachingApplyRedirectContext context)
 {
     OnApplyRedirect(context);
 }