public async Task <IEndpointResult> ProcessAsync(HttpContext context) { if (HttpMethods.IsGet(context.Request.Method)) { var user = await _userSession.GetUserAsync(); var parameters = context.Request.Query.AsNameValueCollection(); var result = await _validator.ValidateAsync(parameters, user); if (!result.IsError) { var request = result.ValidatedRequest; if (request.IsAnonymous() && request.ResponseMode == OidcConstants.ResponseModes.Json) { var response = await _authorizeResponseGenerator.CreateResponseAsync(request); return(new AuthorizeResult(response)); } } } // call source handler var innerHandler = _handlerProvider.GetByPath("/connect/authorize"); return(await innerHandler.ProcessAsync(context)); }
internal async Task <IEndpointResult> ProcessAuthorizeRequestAsync(NameValueCollection parameters, ClaimsPrincipal user, ConsentResponse consent, HttpContext context) { if (user != null) { Logger.LogDebug("User in authorize request: {subjectId}", user.GetSubjectId()); } else { Logger.LogDebug("No user present in authorize request"); } // validate request var result = await _validator.ValidateAsync(parameters, user); if (result.IsError) { return(await CreateErrorResultAsync( "Request validation failed", result.ValidatedRequest, result.Error, result.ErrorDescription)); } var request = result.ValidatedRequest; LogRequest(request); // determine user interaction var interactionResult = await _interactionGenerator.ProcessInteractionAsync(request, consent); if (interactionResult.IsError) { return(await CreateErrorResultAsync("Interaction generator error", request, interactionResult.Error, interactionResult.ErrorDescription, false)); } if (interactionResult.IsLogin) { return(new LoginPageResult(request, _loginUrlProcessor)); } if (interactionResult.IsConsent) { return(new ConsentPageResult(request)); } if (interactionResult.IsRedirect) { return(new CustomRedirectResult(request, interactionResult.RedirectUrl)); } request.ClientIp = context.GetRequestIp(); request.Device = context .GetHeaderValueAs <string>("User-Agent") .GetDevice(); var response = await _authorizeResponseGenerator.CreateResponseAsync(request); await RaiseResponseEventAsync(response); LogResponse(response); return(new AuthorizeResult(response)); }
protected async Task <IEndpointResult> ProcessAuthorizeRequestAsync(NameValueCollection parameters, ClaimsPrincipal user, ConsentResponse consent) { // validate request var result = await _validator.ValidateAsync(parameters, user); if (result.IsError) { return(await CreateErrorResultAsync( "Request validation failed", result.ValidatedRequest, result.Error, result.ErrorDescription)); } var request = result.ValidatedRequest; // determine user interaction var interactionResult = await _interactionGenerator.ProcessInteractionAsync(request, consent); if (interactionResult.IsError) { return(await CreateErrorResultAsync("Interaction generator error", request, interactionResult.Error)); } if (interactionResult.IsLogin) { return(new LoginPageResult(request)); } if (interactionResult.IsConsent) { return(new ConsentPageResult(request)); } if (interactionResult.IsRedirect) { return(new CustomRedirectResult(request, interactionResult.RedirectUrl)); } var response = await _authorizeResponseGenerator.CreateResponseAsync(request); await RaiseResponseEventAsync(response); return(new AuthorizeResult(response)); }
public async Task <IEndpointResult> CreateAuthorizeResultAsync(ValidatedAuthorizeRequest request) { var response = await _responseGenerator.CreateResponseAsync(request); return(await CreateAuthorizeResultAsync(response)); }
internal async Task <IEndpointResult> ProcessAuthorizeRequestAsync(NameValueCollection parameters, ClaimsPrincipal user, bool checkConsentResponse = false) { if (user != null) { Logger.LogDebug("User in authorize request: {subjectId}", user.GetSubjectId()); } else { Logger.LogDebug("No user present in authorize request"); } if (checkConsentResponse && _authorizationParametersMessageStore != null) { var messageStoreId = parameters[Constants.AuthorizationParamsStore.MessageStoreIdParameterName]; var entry = await _authorizationParametersMessageStore.ReadAsync(messageStoreId); parameters = entry?.Data.FromFullDictionary() ?? new NameValueCollection(); await _authorizationParametersMessageStore.DeleteAsync(messageStoreId); } // validate request var result = await _validator.ValidateAsync(parameters, user); if (result.IsError) { return(await CreateErrorResultAsync( "Request validation failed", result.ValidatedRequest, result.Error, result.ErrorDescription)); } string consentRequestId = null; try { Message <ConsentResponse> consent = null; if (checkConsentResponse) { var consentRequest = new ConsentRequest(result.ValidatedRequest.Raw, user?.GetSubjectId()); consentRequestId = consentRequest.Id; consent = await _consentResponseStore.ReadAsync(consentRequestId); if (consent != null && consent.Data == null) { return(await CreateErrorResultAsync("consent message is missing data")); } } var request = result.ValidatedRequest; LogRequest(request); // determine user interaction var interactionResult = await _interactionGenerator.ProcessInteractionAsync(request, consent?.Data); if (interactionResult.IsError) { return(await CreateErrorResultAsync("Interaction generator error", request, interactionResult.Error, interactionResult.ErrorDescription, false)); } if (interactionResult.IsLogin) { return(new LoginPageResult(request)); } if (interactionResult.IsConsent) { return(new ConsentPageResult(request)); } if (interactionResult.IsRedirect) { return(new CustomRedirectResult(request, interactionResult.RedirectUrl)); } var response = await _authorizeResponseGenerator.CreateResponseAsync(request); await RaiseResponseEventAsync(response); LogResponse(response); return(new AuthorizeResult(response)); } finally { if (consentRequestId != null) { await _consentResponseStore.DeleteAsync(consentRequestId); } } }