public async Task <JObject> Handle(string clientId, HandlerContext handlerContext, CancellationToken cancellationToken) { var oauthClient = await GetClient(clientId, handlerContext, cancellationToken); var extractedClient = ExtractClient(handlerContext); if (extractedClient.ClientId != oauthClient.ClientId) { Logger.LogError("the client identifier must be identical"); throw new OAuthException(ErrorCodes.INVALID_REQUEST, ErrorMessages.CLIENT_IDENTIFIER_MUST_BE_IDENTICAL); } extractedClient.ClientId = oauthClient.ClientId; extractedClient.SetClientSecret(oauthClient.ClientSecret, oauthClient.ClientSecretExpirationTime); extractedClient.RegistrationAccessToken = oauthClient.RegistrationAccessToken; extractedClient.UpdateDateTime = DateTime.UtcNow; extractedClient.CreateDateTime = oauthClient.CreateDateTime; await _oauthClientValidator.Validate(extractedClient, cancellationToken); await OAuthClientRepository.Update(extractedClient, cancellationToken); await OAuthClientRepository.SaveChanges(cancellationToken); Logger.LogInformation($"the client '{clientId}' has been updated"); return(null); }
public virtual async Task <BaseClient> GetClient(string clientId, HandlerContext handlerContext, CancellationToken cancellationToken) { var accessToken = handlerContext.Request.GetToken(AutenticationSchemes.Bearer, AutenticationSchemes.Basic); if (string.IsNullOrWhiteSpace(accessToken)) { Logger.LogError("access token is missing"); throw new OAuthUnauthorizedException(ErrorCodes.INVALID_TOKEN, ErrorMessages.MISSING_ACCESS_TOKEN); } var clients = await OAuthClientRepository.Find(new Persistence.Parameters.SearchClientParameter { RegistrationAccessToken = accessToken }, cancellationToken); if (!clients.Content.Any()) { Logger.LogError($"access token '{accessToken}' is invalid"); throw new OAuthUnauthorizedException(ErrorCodes.INVALID_TOKEN, ErrorMessages.BAD_ACCESS_TOKEN); } var client = clients.Content.First(); if (client.ClientId != clientId) { client.RegistrationAccessToken = null; await OAuthClientRepository.Update(client, cancellationToken); await OAuthClientRepository.SaveChanges(cancellationToken); Logger.LogError($"access token '{accessToken}' can be used for the client '{client.ClientId}' and not for the client '{clientId}'"); throw new OAuthUnauthorizedException(ErrorCodes.INVALID_TOKEN, string.Format(ErrorMessages.ACCESS_TOKEN_VALID_CLIENT, client.ClientId, clientId)); } return(client); }