public async Task <IActionResult> Create(HandlerContext context, CancellationToken cancellationToken)
{
try
{
var oauthClient = await _clientAuthenticationHelper.AuthenticateClient(context.Request.HttpHeader, context.Request.RequestData, context.Request.Certificate, context.Request.IssuerName, cancellationToken, ErrorCodes.INVALID_REQUEST);
context.SetClient(oauthClient);
var user = await _bcAuthorizeRequestValidator.ValidateCreate(context, cancellationToken);
context.SetUser(user);
var requestedExpiry = context.Request.RequestData.GetRequestedExpiry();
var interval = context.Request.RequestData.GetInterval();
if (requestedExpiry == null)
{
requestedExpiry = _options.AuthRequestExpirationTimeInSeconds;
}
var currentDateTime = DateTime.UtcNow;
var openidClient = oauthClient as OpenIdClient;
var permissions = await GetPermissions(context.Client.ClientId, context.User.Id, cancellationToken);
var bcAuthorize = Domains.BCAuthorize.Create(
currentDateTime.AddSeconds(requestedExpiry.Value),
oauthClient.ClientId,
interval ?? _options.DefaultBCAuthorizeWaitIntervalInSeconds,
openidClient.BCClientNotificationEndpoint,
openidClient.BCTokenDeliveryMode,
context.Request.RequestData.GetScopesFromAuthorizationRequest(),
context.User.Id,
context.Request.RequestData.GetClientNotificationToken(),
permissions);
bcAuthorize.IncrementNextFetchTime();
await _bcAuthorizeRepository.Add(bcAuthorize, cancellationToken);
await _bcAuthorizeRepository.SaveChanges(cancellationToken);
foreach (var grp in permissions.GroupBy(p => p.ConsentId))
{
await _bcNotificationService.Notify(context, bcAuthorize.Id, grp.ToArray(), cancellationToken);
}
return(new OkObjectResult(new JObject
{
{ BCAuthenticationResponseParameters.AuthReqId, bcAuthorize.Id },
{ BCAuthenticationResponseParameters.ExpiresIn, requestedExpiry.Value }
}));
}
catch (OAuthUnauthorizedException ex)
{
return(BaseCredentialsHandler.BuildError(HttpStatusCode.Unauthorized, ex.Code, ex.Message));
}
catch (OAuthException ex)
{
return(BaseCredentialsHandler.BuildError(HttpStatusCode.BadRequest, ex.Code, ex.Message));
}
}
public virtual Task <IActionResult> Handle(HandlerContext context, CancellationToken token)
{
var handler = _handlers.FirstOrDefault(h => h.GrantType == context.Request.RequestData.GetGrantType());
if (handler == null)
{
return(Task.FromResult(BaseCredentialsHandler.BuildError(HttpStatusCode.BadRequest, ErrorCodes.INVALID_GRANT, ErrorMessages.BAD_GRANT_TYPE)));
}
return(handler.Handle(context, token));
}
public virtual async Task <IActionResult> UpdateUserByScimId(string id, [FromBody] JObject jObj, CancellationToken cancellationToken)
{
try
{
await _updateUserBySCIMIdHandler.Handle(id, jObj, cancellationToken);
return(new NoContentResult());
}
catch (OAuthUserNotFoundException ex)
{
return(BaseCredentialsHandler.BuildError(HttpStatusCode.NotFound, ex.Code, ex.Message));
}
}
public virtual async Task <IActionResult> GetUserByScimId(string id, CancellationToken cancellationToken)
{
try
{
var result = await _getUserBySCIMIdHandler.Handle(id, cancellationToken);
return(new OkObjectResult(result));
}
catch (OAuthUserNotFoundException ex)
{
return(BaseCredentialsHandler.BuildError(HttpStatusCode.NotFound, ex.Code, ex.Message));
}
}
public virtual async Task <IActionResult> AddUserByScimId([FromBody] JObject jObj, CancellationToken cancellationToken)
{
try
{
var result = await _addOAuthUserBySCIMIdHandler.Handle(jObj, cancellationToken);
return(new NoContentResult());
}
catch (OAuthException ex)
{
return(BaseCredentialsHandler.BuildError(HttpStatusCode.BadRequest, ex.Code, ex.Message));
}
}
public virtual async Task <IActionResult> GetOTPQRByEmailCode(string id, CancellationToken cancellationToken)
{
try
{
var result = await _getOTPQRCodeHandler.Handle(id, SimpleIdServer.Jwt.Constants.UserClaims.Email, cancellationToken);
return(GetImage(result));
}
catch (OAuthUserNotFoundException ex)
{
return(BaseCredentialsHandler.BuildError(HttpStatusCode.NotFound, ex.Code, ex.Message));
}
}
public async Task <IActionResult> Disable(string id, CancellationToken cancellationToken)
{
try
{
await _disableAuthSchemeProviderHandler.Handle(id, cancellationToken);
return(new NoContentResult());
}
catch (UnknownAuthSchemeProviderException ex)
{
return(BaseCredentialsHandler.BuildError(HttpStatusCode.NotFound, ex.Code, ex.Message));
}
}
public async Task <IActionResult> Get(string id, CancellationToken cancellationToken)
{
try
{
var result = await _getAuthSchemeProviderHandler.Handle(id, cancellationToken);
return(new OkObjectResult(result));
}
catch (UnknownAuthSchemeProviderException ex)
{
return(BaseCredentialsHandler.BuildError(HttpStatusCode.NotFound, ex.Code, ex.Message));
}
}
public async Task <IActionResult> UpdateOptions(string id, [FromBody] JObject jObj, CancellationToken cancellationToken)
{
try
{
await _updateAuthSchemeProviderOptionsHandler.Handle(id, jObj, cancellationToken);
return(new NoContentResult());
}
catch (UnknownAuthSchemeProviderException ex)
{
return(BaseCredentialsHandler.BuildError(HttpStatusCode.NotFound, ex.Code, ex.Message));
}
catch (OAuthException ex)
{
return(BaseCredentialsHandler.BuildError(HttpStatusCode.BadRequest, ex.Code, ex.Message));
}
}
public async Task <IActionResult> Handle(HandlerContext context, CancellationToken cancellationToken)
{
try
{
var deviceRegistrationToken = context.Request.RequestData.GetDeviceRegistrationToken();
var user = await _bcDeviceRegistrationValidator.Validate(context, cancellationToken);
user.DeviceRegistrationToken = deviceRegistrationToken;
await _oauthUserCommandRepository.Update(user, cancellationToken);
await _oauthUserCommandRepository.SaveChanges(cancellationToken);
return(new NoContentResult());
}
catch (OAuthException ex)
{
return(BaseCredentialsHandler.BuildError(HttpStatusCode.BadRequest, ex.Code, ex.Message));
}
}
public async Task <IActionResult> Reject(HandlerContext context, CancellationToken cancellationToken)
{
try
{
var authRequest = await _bcAuthorizeRequestValidator.ValidateReject(context, cancellationToken);
authRequest.Reject();
await RejectPermissions(authRequest.Permissions, cancellationToken);
await _bcAuthorizeRepository.Update(authRequest, cancellationToken);
await _bcAuthorizeRepository.SaveChanges(cancellationToken);
return(new NoContentResult());
}
catch (OAuthException ex)
{
return(BaseCredentialsHandler.BuildError(HttpStatusCode.BadRequest, ex.Code, ex.Message));
}
}
public async Task <IActionResult> Confirm(HandlerContext context, CancellationToken cancellationToken)
{
try
{
var validationResult = await _bcAuthorizeRequestValidator.ValidateConfirm(context, cancellationToken);
context.SetUser(validationResult.User);
validationResult.Authorize.Confirm(context.Request.RequestData.GetPermissionIds());
await ConfirmPermissions(validationResult.Authorize.Permissions.Where(p => p.IsConfirmed), cancellationToken);
await _bcAuthorizeRepository.Update(validationResult.Authorize, cancellationToken);
await _bcAuthorizeRepository.SaveChanges(cancellationToken);
return(new NoContentResult());
}
catch (OAuthException ex)
{
return(BaseCredentialsHandler.BuildError(HttpStatusCode.BadRequest, ex.Code, ex.Message));
}
}
