Esempio n. 1
0
        public virtual async Task AuthorizationCodeFlow_Login_CallbackAsync(HttpContext httpContext)
        {
            Trace.Write("AuthorizationCodeFlow_Login_CallbackAsync");
            var context = new SVAuthRequestContext(SVX_Principal, httpContext);
            var idp     = CreateModelAuthorizationServer();
            var rawReq  = detach_concdst_conckey(ref context, "  ");

            // See if any subclasses need us to use their special
            // AuthorizationRequest subclass.
            var dummyAuthorizationRequest = new AuthorizationRequest();

            // This design is following the original Auth.JS as closely as
            // possible.  Arguably, we should give concrete subclasses full
            // control of unmarshalling, just like marshalling.  The original
            // parseHttpMessage supports both requests (query) and responses,
            // but here we know which is which.
            // ~ REDACTED 2016-06-01
            //   var authorizationResponse = (AuthorizationResponse)Utils.ObjectFromQuery(
            //       context.http.Request.Query, LoginCallbackRequestType);
            var authorizationResponse = (AuthorizationResponse)Utils.ObjectFromQueryString(
                rawReq, LoginCallbackRequestType);

            messageStructures.authorizationResponse.ImportWithModel(authorizationResponse,
                                                                    () => { idp.FakeCodeEndpoint(dummyAuthorizationRequest, authorizationResponse); },
                                                                    SVX.Channel.GenerateNew(SVX_Principal), // unknown producer
                                                                    context.channel);

            var accessTokenRequest = SVX.SVX_Ops.Call(createAccessTokenRequest, authorizationResponse);

            messageStructures.accessTokenRequest.Export(accessTokenRequest, idp.SVX_Principal, null);

            /*string concdst = httpContext.Request.Query["concdst"];
             * if (concdst != null)
             *  accessTokenRequest.redirect_uri += "?concdst=" + Uri.EscapeDataString(concdst);
             * string conckey = httpContext.Request.Query["conckey"];
             * if (conckey != null)
             *  accessTokenRequest.redirect_uri += "&conckey=" + Uri.EscapeDataString(conckey);*/
            var rawAccessTokenRequest  = marshalAccessTokenRequest(accessTokenRequest);
            var rawAccessTokenResponse = await Utils.PerformHttpRequestAsync(rawAccessTokenRequest);

            Trace.Write("Got AccessTokenResponse");

            var accessTokenResponse = (AccessTokenResponse)JsonConvert.DeserializeObject(
                Utils.ReadContent(rawAccessTokenResponse.Content), AccessTokenResponseType);

            messageStructures.accessTokenResponse.ImportDirectResponseWithModel(accessTokenResponse,
                                                                                () => { idp.FakeTokenEndpoint(accessTokenRequest, accessTokenResponse); },
                                                                                idp.SVX_Principal, SVX_Principal);

            var userProfileRequest = SVX.SVX_Ops.Call(createUserProfileRequest, accessTokenResponse);

            messageStructures.userProfileRequest.Export(userProfileRequest, idp.SVX_Principal, null);
            var rawUserProfileRequest  = marshalUserProfileRequest(userProfileRequest);
            var rawUserProfileResponse = await Utils.PerformHttpRequestAsync(rawUserProfileRequest);

            Trace.Write("Got UserProfileResponse");
            var userProfileResponse = (UserProfileResponse)JsonConvert.DeserializeObject(
                Utils.ReadContent(rawUserProfileResponse.Content), UserProfileResponseType);

            messageStructures.userProfileResponse.ImportDirectResponseWithModel(userProfileResponse,
                                                                                () => { idp.FakeUserProfileEndpoint(userProfileRequest, userProfileResponse); },
                                                                                idp.SVX_Principal, SVX_Principal);

            var conclusion = SVX.SVX_Ops.Call(createConclusion, authorizationResponse, userProfileResponse);

            await AuthenticationDone(conclusion, context);
        }
Esempio n. 2
0
 public abstract string /*Uri*/ marshalAuthorizationRequest(AuthorizationRequest authorizationRequest);