Esempio n. 1
0
        public ActionResult HandleRequest(AuthorizeRequest request)
        {
            //
            // first round of validation:
            // missing, invalid, or mismatching redirection URI or
            // missing or invalid client id
            // show error page to user
            //

            Client client;
            var    error = CheckRequest(request, out client);

            if (error != null)
            {
                return(error);
            }

            // implicit grant
            if (request.response_type.Equals(OAuth2Constants.ResponseTypes.Token, StringComparison.Ordinal) ||
                request.response_type.Equals(OAuth2Constants.ResponseTypes.Code, StringComparison.Ordinal))
            {
                if (Configuration.OAuth2.EnableConsent)
                {
                    RelyingParty rp;
                    if (RPRepository.TryGet(request.scope, out rp))
                    {
                        // show resource name, uri and client name
                        // client is trying to access resource on your behalf
                        var vm = new OAuth2ConsentViewModel
                        {
                            ResourceUri  = rp.Realm.AbsoluteUri,
                            ResourceName = rp.Name,
                            ClientName   = client.ClientId
                        };

                        return(View("ShowConsent", vm));
                    }
                }
                else
                {
                    var grantResult = PerformGrant(request, client);
                    if (grantResult != null)
                    {
                        return(grantResult);
                    }
                }
            }

            // todo: return appropiate error
            return(Error(client.RedirectUri, OAuth2Constants.Errors.UnsupportedResponseType, request.state));
        }
        public ActionResult HandleRequest(AuthorizeRequest request)
        {
            Tracing.Information("OAuth2 HandleRequest endpoint invoked");

            // check client
            Client client;
            var    error = CheckRequest(request, out client);

            if (error != null)
            {
                return(error);
            }

            RelyingParty rp;

            if (!RPRepository.TryGet(request.scope, out rp))
            {
                Tracing.Error("RP not found for scope : " + request.scope);
                return(ClientError(client.RedirectUri, OAuth2Constants.Errors.InvalidScope, request.response_type, request.state));
            }

            if (Configuration.OAuth2.EnableConsent)
            {
                // show resource name, uri and client name
                // client is trying to access resource on your behalf
                var vm = new OAuth2ConsentViewModel
                {
                    ResourceUri         = rp.Realm.AbsoluteUri,
                    ResourceName        = rp.Name,
                    ClientName          = client.ClientId,
                    RefreshTokenEnabled = client.AllowRefreshToken
                };

                return(View("ShowConsent", vm));
            }
            else
            {
                var grantResult = PerformGrant(request, client);
                if (grantResult != null)
                {
                    return(grantResult);
                }
            }

            // we don't know exactly why, so use ServerError
            Tracing.Error("Authorization Endpoint failed");
            return(ClientError(client.RedirectUri, OAuth2Constants.Errors.ServerError, request.response_type, request.state));
        }
        public ActionResult HandleRequest(AuthorizeRequest request)
        {
            logger.Info("OAuth2 HandleRequest endpoint invoked");

            // check client
            Client client;
            var error = CheckRequest(request, out client);
            if (error != null) return error;

            RelyingParty rp;
            if (!RPRepository.TryGet(request.scope, out rp))
            {

                logger.Error("RP not found for scope : " + request.scope);
                return ClientError(client.RedirectUri, OAuth2Constants.Errors.InvalidScope, request.response_type, request.state);
            }

            if (Configuration.OAuth2.EnableConsent)
            {
                // show resource name, uri and client name
                // client is trying to access resource on your behalf
                var vm = new OAuth2ConsentViewModel
                {
                    ResourceUri = rp.Realm.AbsoluteUri,
                    ResourceName = rp.Name,
                    ClientName = client.ClientId,
                    RefreshTokenEnabled = client.AllowRefreshToken
                };

                return View("ShowConsent", vm);
            }
            else
            {
                var grantResult = PerformGrant(request, client);
                if (grantResult != null) return grantResult;
            }

            // we don't know exactly why, so use ServerError
            logger.Error("Authorization Endpoint failed");
            return ClientError(client.RedirectUri, OAuth2Constants.Errors.InvalidRequest, request.response_type, request.state);
        }
        public ActionResult HandleRequest(AuthorizeRequest request)
        {
            // check client
            Client client;
            var error = CheckRequest(request, out client);
            if (error != null) return error;

            if (Configuration.OAuth2.EnableConsent)
            {
                RelyingParty rp;
                if (RPRepository.TryGet(request.scope, out rp))
                {
                    // show resource name, uri and client name
                    // client is trying to access resource on your behalf
                    var vm = new OAuth2ConsentViewModel
                    {
                        ResourceUri = rp.Realm.AbsoluteUri,
                        ResourceName = rp.Name,
                        ClientName = client.ClientId,
                        RefreshTokenEnabled = client.AllowRefreshToken
                    };

                    return View("ShowConsent", vm);
                }
                else
                {
                    // unknown RP - error out
                    return ClientError(client.RedirectUri, OAuth2Constants.Errors.InvalidScope, request.response_type, request.state);
                }
            }
            else
            {
                var grantResult = PerformGrant(request, client);
                if (grantResult != null) return grantResult;
            }

            return ClientError(client.RedirectUri, OAuth2Constants.Errors.InvalidRequest, request.response_type, request.state);
        }
        public ActionResult HandleRequest(AuthorizeRequest request)
        {
            //
            // first round of validation:
            // missing, invalid, or mismatching redirection URI or
            // missing or invalid client id
            // show error page to user
            //

            Client client;
            var error = CheckRequest(request, out client);
            if (error != null) return error;

            // implicit grant
            if (request.response_type.Equals(OAuth2Constants.ResponseTypes.Token, StringComparison.Ordinal) ||
                request.response_type.Equals(OAuth2Constants.ResponseTypes.Code, StringComparison.Ordinal))
            {
                if (Configuration.OAuth2.EnableConsent)
                {
                    RelyingParty rp;
                    if (RPRepository.TryGet(request.scope, out rp))
                    {
                        // show resource name, uri and client name
                        // client is trying to access resource on your behalf
                        var vm = new OAuth2ConsentViewModel
                        {
                            ResourceUri = rp.Realm.AbsoluteUri,
                            ResourceName = rp.Name,
                            ClientName = client.ClientId
                        };

                        return View("ShowConsent", vm);
                    }
                }
                else
                {
                    var grantResult = PerformGrant(request, client);
                    if (grantResult != null) return grantResult;
                }
            }

            // todo: return appropiate error
            return Error(client.RedirectUri, OAuth2Constants.Errors.UnsupportedResponseType, request.state);
        }