protected override void ApplyResponseChallenge() { if (ShouldConvertChallengeToForbidden()) { Response.StatusCode = 403; return; } if (Response.StatusCode != 401) { return; } // When Automatic should redirect on 401 even if there wasn't an explicit challenge. if (ChallengeContext == null && !Options.AutomaticAuthentication) { return; } string baseUri = Request.Scheme + "://" + Request.Host + Request.PathBase; string currentUri = baseUri + Request.Path + Request.QueryString; string redirectUri = baseUri + Options.CallbackPath; AuthenticationProperties properties; if (ChallengeContext == null) { properties = new AuthenticationProperties(); } else { properties = new AuthenticationProperties(ChallengeContext.Properties); } if (string.IsNullOrEmpty(properties.RedirectUri)) { properties.RedirectUri = currentUri; } // OAuth2 10.12 CSRF GenerateCorrelationId(properties); string authorizationEndpoint = BuildChallengeUrl(properties, redirectUri); var redirectContext = new OAuthApplyRedirectContext( Context, Options, properties, authorizationEndpoint); Options.Notifications.ApplyRedirect(redirectContext); }
protected override Task <bool> HandleUnauthorizedAsync([NotNull] ChallengeContext context) { var properties = new AuthenticationProperties(context.Properties); if (string.IsNullOrEmpty(properties.RedirectUri)) { properties.RedirectUri = CurrentUri; } // OAuth2 10.12 CSRF GenerateCorrelationId(properties); var authorizationEndpoint = BuildChallengeUrl(properties, BuildRedirectUri(Options.CallbackPath)); var redirectContext = new OAuthApplyRedirectContext( Context, Options, properties, authorizationEndpoint); Options.Notifications.ApplyRedirect(redirectContext); return(Task.FromResult(true)); }
/// <summary> /// Called when a Challenge causes a redirect to authorize endpoint in the OAuth middleware. /// </summary> /// <param name="context">Contains redirect URI and <see cref="AuthenticationProperties"/> of the challenge.</param> public virtual void ApplyRedirect(OAuthApplyRedirectContext context) { OnApplyRedirect(context); }