public async Task Empty_Parameters() { var parameters = new NameValueCollection(); var result = await _validator.ValidateRequestAsync(parameters, _client); result.IsError.Should().BeTrue(); result.Error.Should().Be(OidcConstants.TokenErrors.InvalidRequest); }
private async Task <IEndpointResult> ProcessRevocationRequestAsync(HttpContext context) { _logger.LogDebug("Start revocation request."); // validate client var clientValidationResult = await _clientValidator.ValidateAsync(context); if (clientValidationResult.IsError) { return(new TokenRevocationErrorResult(OidcConstants.TokenErrors.InvalidClient)); } _logger.LogTrace("Client validation successful"); // validate the token request var form = (await context.Request.ReadFormAsync()).AsNameValueCollection(); _logger.LogTrace("Calling into token revocation request validator: {type}", _requestValidator.GetType().FullName); var requestValidationResult = await _requestValidator.ValidateRequestAsync(form, clientValidationResult.Client); if (requestValidationResult.IsError) { return(new TokenRevocationErrorResult(requestValidationResult.Error)); } _logger.LogTrace("Calling into token revocation response generator: {type}", _responseGenerator.GetType().FullName); var response = await _responseGenerator.ProcessAsync(requestValidationResult); if (response.Success) { _logger.LogInformation("Token successfully revoked"); await _events.RaiseAsync(new TokenRevokedSuccessEvent(requestValidationResult, requestValidationResult.Client)); } else { _logger.LogInformation("No matching token found"); } if (response.Error.IsPresent()) { return(new TokenRevocationErrorResult(response.Error)); } return(new StatusCodeResult(HttpStatusCode.OK)); }
public async Task <RevocationRawResult> ProcessRawRevocationAsync(IFormCollection formCollection) { _logger.LogTrace("Processing token request."); var rawResult = new RevocationRawResult() { StatusCodeResult = new StatusCodeResult(HttpStatusCode.BadRequest) }; // validate HTTP if (formCollection.IsNullOrEmpty()) { _logger.LogWarning($"Invalid {nameof(formCollection)} for token endpoint"); rawResult.ErrorResult = ErrorRevocation(OidcConstants.TokenErrors.InvalidRequest); return(rawResult); } var clientId = formCollection[OidcConstants.TokenRequest.ClientId]; var client = await _clients.FindEnabledClientByIdAsync(clientId); if (client == null) { _logger.LogError($"No client with id '{clientId}' found. aborting"); rawResult.ErrorResult = ErrorRevocation($"{OidcConstants.TokenRequest.ClientId} bad"); return(rawResult); } var clientValidationResult = new ClientSecretValidationResult { IsError = false, Client = client, Secret = null }; // validate request var form = formCollection.AsNameValueCollection(); _logger.LogTrace("Calling into token revocation request validator: {type}", _requestValidator.GetType().FullName); var requestValidationResult = await _revocationRequestValidator.ValidateRequestAsync(form, clientValidationResult.Client); if (requestValidationResult.IsError) { rawResult.ErrorResult = new TokenRevocationErrorResult(requestValidationResult.Error); return(rawResult); } _logger.LogTrace("Calling into token revocation response generator: {type}", _responseGenerator.GetType().FullName); var response = await _revocationResponseGenerator.ProcessAsync(requestValidationResult); if (response.Success) { _logger.LogInformation("Token successfully revoked"); await _events.RaiseAsync(new TokenRevokedSuccessEvent(requestValidationResult, requestValidationResult.Client)); } else { _logger.LogInformation("No matching token found"); } if (response.Error.IsPresent()) { rawResult.ErrorResult = new TokenRevocationErrorResult(response.Error); return(rawResult); } rawResult.StatusCodeResult = new StatusCodeResult(HttpStatusCode.OK); return(rawResult); }
private async Task <IEndpointResult> ProcessRevocationRequestAsync(HttpContext context) { _logger.LogDebug("Start revocation request."); // validate client var clientResult = await _clientValidator.ValidateAsync(context); var client = clientResult.Client; if (client == null) { return(new RevocationErrorResult(OidcConstants.TokenErrors.InvalidClient)); } _logger.LogTrace("Client validation successful"); // validate the token request var form = (await context.Request.ReadFormAsync()).AsNameValueCollection(); var requestResult = await _requestValidator.ValidateRequestAsync(form, client); if (requestResult.IsError) { return(new RevocationErrorResult(requestResult.Error)); } var success = false; // revoke tokens if (requestResult.TokenTypeHint == Constants.TokenTypeHints.AccessToken) { _logger.LogTrace("Hint was for access token"); success = await RevokeAccessTokenAsync(requestResult.Token, client); } else if (requestResult.TokenTypeHint == Constants.TokenTypeHints.RefreshToken) { _logger.LogTrace("Hint was for refresh token"); success = await RevokeRefreshTokenAsync(requestResult.Token, client); } else { _logger.LogTrace("No hint for token type"); success = await RevokeAccessTokenAsync(requestResult.Token, client); if (!success) { success = await RevokeRefreshTokenAsync(requestResult.Token, client); requestResult.TokenTypeHint = Constants.TokenTypeHints.RefreshToken; } else { requestResult.TokenTypeHint = Constants.TokenTypeHints.AccessToken; } } if (success) { _logger.LogInformation("Token successfully revoked"); await _events.RaiseAsync(new TokenRevokedSuccessEvent(requestResult, client)); } else { _logger.LogInformation("No matching token found"); } return(new StatusCodeResult(HttpStatusCode.OK)); }