public ActionResult HandleRequest(AuthorizeRequest request)
{
//
// first round of validation:
// missing, invalid, or mismatching redirection URI or
// missing or invalid client id
// show error page to user
//
Client client;
var error = CheckRequest(request, out client);
if (error != null)
{
return(error);
}
// implicit grant
if (request.response_type.Equals(OAuth2Constants.ResponseTypes.Token, StringComparison.Ordinal) ||
request.response_type.Equals(OAuth2Constants.ResponseTypes.Code, StringComparison.Ordinal))
{
if (Configuration.OAuth2.EnableConsent)
{
RelyingParty rp;
if (RPRepository.TryGet(request.scope, out rp))
{
// show resource name, uri and client name
// client is trying to access resource on your behalf
var vm = new OAuth2ConsentViewModel
{
ResourceUri = rp.Realm.AbsoluteUri,
ResourceName = rp.Name,
ClientName = client.ClientId
};
return(View("ShowConsent", vm));
}
}
else
{
var grantResult = PerformGrant(request, client);
if (grantResult != null)
{
return(grantResult);
}
}
}
// todo: return appropiate error
return(Error(client.RedirectUri, OAuth2Constants.Errors.UnsupportedResponseType, request.state));
}
public ActionResult HandleRequest(AuthorizeRequest request)
{
Tracing.Information("OAuth2 HandleRequest endpoint invoked");
// check client
Client client;
var error = CheckRequest(request, out client);
if (error != null)
{
return(error);
}
RelyingParty rp;
if (!RPRepository.TryGet(request.scope, out rp))
{
Tracing.Error("RP not found for scope : " + request.scope);
return(ClientError(client.RedirectUri, OAuth2Constants.Errors.InvalidScope, request.response_type, request.state));
}
if (Configuration.OAuth2.EnableConsent)
{
// show resource name, uri and client name
// client is trying to access resource on your behalf
var vm = new OAuth2ConsentViewModel
{
ResourceUri = rp.Realm.AbsoluteUri,
ResourceName = rp.Name,
ClientName = client.ClientId,
RefreshTokenEnabled = client.AllowRefreshToken
};
return(View("ShowConsent", vm));
}
else
{
var grantResult = PerformGrant(request, client);
if (grantResult != null)
{
return(grantResult);
}
}
// we don't know exactly why, so use ServerError
Tracing.Error("Authorization Endpoint failed");
return(ClientError(client.RedirectUri, OAuth2Constants.Errors.ServerError, request.response_type, request.state));
}
public ActionResult HandleRequest(AuthorizeRequest request)
{
logger.Info("OAuth2 HandleRequest endpoint invoked");
// check client
Client client;
var error = CheckRequest(request, out client);
if (error != null) return error;
RelyingParty rp;
if (!RPRepository.TryGet(request.scope, out rp))
{
logger.Error("RP not found for scope : " + request.scope);
return ClientError(client.RedirectUri, OAuth2Constants.Errors.InvalidScope, request.response_type, request.state);
}
if (Configuration.OAuth2.EnableConsent)
{
// show resource name, uri and client name
// client is trying to access resource on your behalf
var vm = new OAuth2ConsentViewModel
{
ResourceUri = rp.Realm.AbsoluteUri,
ResourceName = rp.Name,
ClientName = client.ClientId,
RefreshTokenEnabled = client.AllowRefreshToken
};
return View("ShowConsent", vm);
}
else
{
var grantResult = PerformGrant(request, client);
if (grantResult != null) return grantResult;
}
// we don't know exactly why, so use ServerError
logger.Error("Authorization Endpoint failed");
return ClientError(client.RedirectUri, OAuth2Constants.Errors.InvalidRequest, request.response_type, request.state);
}
public ActionResult HandleRequest(AuthorizeRequest request)
{
// check client
Client client;
var error = CheckRequest(request, out client);
if (error != null) return error;
if (Configuration.OAuth2.EnableConsent)
{
RelyingParty rp;
if (RPRepository.TryGet(request.scope, out rp))
{
// show resource name, uri and client name
// client is trying to access resource on your behalf
var vm = new OAuth2ConsentViewModel
{
ResourceUri = rp.Realm.AbsoluteUri,
ResourceName = rp.Name,
ClientName = client.ClientId,
RefreshTokenEnabled = client.AllowRefreshToken
};
return View("ShowConsent", vm);
}
else
{
// unknown RP - error out
return ClientError(client.RedirectUri, OAuth2Constants.Errors.InvalidScope, request.response_type, request.state);
}
}
else
{
var grantResult = PerformGrant(request, client);
if (grantResult != null) return grantResult;
}
return ClientError(client.RedirectUri, OAuth2Constants.Errors.InvalidRequest, request.response_type, request.state);
}
public ActionResult HandleRequest(AuthorizeRequest request)
{
//
// first round of validation:
// missing, invalid, or mismatching redirection URI or
// missing or invalid client id
// show error page to user
//
Client client;
var error = CheckRequest(request, out client);
if (error != null) return error;
// implicit grant
if (request.response_type.Equals(OAuth2Constants.ResponseTypes.Token, StringComparison.Ordinal) ||
request.response_type.Equals(OAuth2Constants.ResponseTypes.Code, StringComparison.Ordinal))
{
if (Configuration.OAuth2.EnableConsent)
{
RelyingParty rp;
if (RPRepository.TryGet(request.scope, out rp))
{
// show resource name, uri and client name
// client is trying to access resource on your behalf
var vm = new OAuth2ConsentViewModel
{
ResourceUri = rp.Realm.AbsoluteUri,
ResourceName = rp.Name,
ClientName = client.ClientId
};
return View("ShowConsent", vm);
}
}
else
{
var grantResult = PerformGrant(request, client);
if (grantResult != null) return grantResult;
}
}
// todo: return appropiate error
return Error(client.RedirectUri, OAuth2Constants.Errors.UnsupportedResponseType, request.state);
}