public override Task ValidateAuthorizeRequest(OAuthValidateAuthorizeRequestContext context) { if (!ObjectId.TryParse(context.AuthorizeRequest.ClientId, out var mongoObjectId)) { context.SetError("invalid_request"); return(Task.CompletedTask); } var client = _clientManager.Clients.FirstOrDefault( c => c.Id.Equals(context.AuthorizeRequest.ClientId) && c.RedirectUrl.Equals(context.AuthorizeRequest.RedirectUri)); if (client == null) { context.SetError("invalid_client"); } else { context.Validated(); } return(Task.CompletedTask); }
private async Task ValidateAuthorizeRequest(OAuthValidateAuthorizeRequestContext context) { var clientManager = context.OwinContext.Get <ApplicationClientManager>(); var clientScopes = await clientManager.GetUserRolesAsync(context.AuthorizeRequest.ClientId); var oauthScopes = new List <dynamic> { new { scope = "scope_base", order = 0 }, new { scope = "scope_userinfo", order = 0 } }; var scopes = context.AuthorizeRequest.Scope; var isInScopes = scopes.Any(s => { return(oauthScopes.Any(w => w.order > 0 && w.scope.Equals(s, StringComparison.OrdinalIgnoreCase))); }); if (!isInScopes) { context.ClientContext.Rejected(); context.Rejected(); context.SetError("invalid_scope", "Invalid Scope"); return; } context.Validated(); await Task.FromResult(0); }