public override Task ValidateClientRedirectUri(OAuthValidateClientRedirectUriContext context) { if (context.ClientId == _publicClientId) context.Validated(); return Task.FromResult<object>(null); }
/// <summary> /// Called to validate that the context.ClientId is a registered "client_id", and that the context.RedirectUri a "redirect_uri" /// registered for that client. This only occurs when processing the Authorize endpoint. The application MUST implement this /// call, and it MUST validate both of those factors before calling context.Validated. If the context.Validated method is called /// with a given redirectUri parameter, then IsValidated will only become true if the incoming redirect URI matches the given redirect URI. /// If context.Validated is not called the request will not proceed further. /// </summary> /// <param name="context">The context of the event carries information in and results out.</param> /// <returns>Task to enable asynchronous execution</returns> public override async Task ValidateClientRedirectUri(OAuthValidateClientRedirectUriContext context) { this.options.Logger.DebugFormat("Validating client id and redirect uri"); // Only proceed if client id and redirect uri is provided if (string.IsNullOrEmpty(context.ClientId) || string.IsNullOrEmpty(context.RedirectUri)) { this.options.Logger.WarnFormat("Client id ({0}) or client secret ({1}) is invalid", context.ClientId, context.RedirectUri); return; } this.options.Logger.DebugFormat("Authenticating client '{0}' and redirect uri '{1}'", context.ClientId, context.RedirectUri); var client = await this.options.ClientManager.AuthenticateClientAsync(context.ClientId, context.RedirectUri); if (!client.Identity.IsAuthenticated) { context.Rejected(); this.options.Logger.WarnFormat("Client '{0}' and redirect uri '{1}' was not authenticated", context.ClientId, context.RedirectUri); return; } this.options.Logger.DebugFormat("Client '{0}' and redirect uri '{1}' was successfully authenticated", context.ClientId, context.RedirectUri); context.OwinContext.GetOAuthContext().ClientId = context.ClientId; context.OwinContext.GetOAuthContext().RedirectUri = context.RedirectUri; context.Validated(context.RedirectUri); }
public override Task ValidateClientRedirectUri(OAuthValidateClientRedirectUriContext context) { if (context.ClientId != _publicClientId) return Task.FromResult<object>(null); var expectedRootUri = new Uri(context.Request.Uri, "/"); if (expectedRootUri.AbsoluteUri == context.RedirectUri) context.Validated(); return Task.FromResult<object>(null); }
private Task ValidateClientRedirectUri(OAuthValidateClientRedirectUriContext context) { if (context.ClientId == ClientId) { context.Validated(); } return Task.FromResult(0); }
public override Task ValidateClientRedirectUri(OAuthValidateClientRedirectUriContext context) { Uri uri; if (Uri.TryCreate(context.RedirectUri, UriKind.Absolute, out uri)) { context.Validated(); return Task.FromResult(0); } return base.ValidateClientRedirectUri(context); }
public override Task ValidateClientRedirectUri(OAuthValidateClientRedirectUriContext context) { if (context.ClientId == _publicClientId) { Uri expectedRootUri = new Uri(context.Request.Uri, "/externalLogin"); // modified by Stephen if (expectedRootUri.AbsoluteUri == context.RedirectUri) { context.Validated(); } } return Task.FromResult<object>(null); }
public override Task ValidateClientRedirectUri(OAuthValidateClientRedirectUriContext context) { if (context.ClientId != _publicClientId) return null; var expectedRootUri = new Uri(context.Request.Uri, "/"); if (expectedRootUri.AbsoluteUri == context.RedirectUri) { context.Validated(); } return null; }
public override Task ValidateClientRedirectUri(OAuthValidateClientRedirectUriContext context) { if (context.ClientId == _publicClientId) { Uri expectedRootUri = new Uri(context.Request.Uri, "/"); if (true /*expectedRootUri.AbsoluteUri == context.RedirectUri*/) { context.Validated(); } } return Task.FromResult<object>(null); }
public override Task ValidateClientRedirectUri(OAuthValidateClientRedirectUriContext context) { if (context.ClientId == _publicClientId) { Uri expectedRootUri = FullRootUri(HttpContext.Current); if (expectedRootUri.AbsoluteUri == context.RedirectUri) { context.Validated(); } } return Task.FromResult<object>(null); }
public override Task ValidateClientRedirectUri(OAuthValidateClientRedirectUriContext context) { if (context.ClientId == "self") { var expectedRootUri = new Uri(context.Request.Uri, "/"); if (expectedRootUri.AbsoluteUri == context.RedirectUri) { context.Validated(); } } return Task.FromResult(0); }
public override System.Threading.Tasks.Task ValidateClientRedirectUri(OAuthValidateClientRedirectUriContext context) { if (context.ClientId == _publicClientId) { Uri expectedRootUri = new Uri(context.Request.Uri, "/"); if (expectedRootUri.AbsoluteUri == context.RedirectUri) { context.Validated(); } } return System.Threading.Tasks.Task.FromResult<object>(null); }
public override Task ValidateClientRedirectUri(OAuthValidateClientRedirectUriContext context) { if (context.ClientId == publicClientId) { Uri expectedRootUri = new Uri(context.Request.Uri, "/" + this.externalAuthPageUrl); if (expectedRootUri.AbsoluteUri == context.RedirectUri) { context.Validated(); } } return Task.FromResult<object>(null); }
public override Task ValidateClientRedirectUri(OAuthValidateClientRedirectUriContext context) { if (context.ClientId == _publicClientId) { Uri expectedRootUri = new Uri(context.Request.Uri, "/"); Uri redirectUri = new Uri(context.RedirectUri); if (expectedRootUri.Authority == redirectUri.Authority) { context.Validated(); } } return Task.FromResult<object>(null); }
public override Task ValidateClientRedirectUri(OAuthValidateClientRedirectUriContext context) { //if (context.ClientId == _publicClientId) //{ // Uri expectedRootUri = new Uri(context.Request.Uri, "/"); // if (expectedRootUri.AbsoluteUri == context.RedirectUri) // { // context.Validated(); // } //} if (context.ClientId == _publicClientId) { context.Validated(); } return Task.FromResult<object>(null); }
public override Task ValidateClientRedirectUri(OAuthValidateClientRedirectUriContext context) { if (context.ClientId == this.publicClientId) { var expectedRootUri = new Uri(context.Request.Uri, "/"); if (expectedRootUri.AbsoluteUri == context.RedirectUri) { context.Validated(); } else if (context.ClientId == "web") { var expectedUri = new Uri(context.Request.Uri, "/"); context.Validated(expectedUri.AbsoluteUri); } } return Task.FromResult<object>(null); }
public override Task ValidateClientRedirectUri(OAuthValidateClientRedirectUriContext context) { var authCookie = context.Request.Cookies[FormsAuthentication.FormsCookieName]; var authTicket = FormsAuthentication.Decrypt(authCookie); if (authTicket.Expired) context.Rejected(); else context.Validated(); //We validated that Client Id and Reditect Uri are indeed what we expect //if (context.ClientId == "123456" && context.RedirectUri.Contains("localhost")) // context.Validated(); //else // context.Rejected(); return Task.FromResult<object>(null); }
public override Task ValidateClientRedirectUri(OAuthValidateClientRedirectUriContext context) { if (context.ClientId != _publicClientId) { return Task.FromResult(0); } Uri expectedRootUri = new Uri(context.Request.Uri, "/"); string windowsStoreRedirectUri = ConfigurationManager.AppSettings["windowsStoreRedirectUri"]; if (expectedRootUri.AbsoluteUri == context.RedirectUri || (windowsStoreRedirectUri != null && new Uri(windowsStoreRedirectUri).AbsoluteUri == context.RedirectUri)) { context.Validated(); } return Task.FromResult(0); }
public override Task ValidateClientRedirectUri(OAuthValidateClientRedirectUriContext context) { if (!String.IsNullOrEmpty(context.ClientId) && context.ClientId != PublicClientId) { var app = _applicationRepository.GetById(context.ClientId, true); if (app == null) return Task.FromResult(0); if (!context.Request.Uri.AbsoluteUri.StartsWith(app.Url)) return Task.FromResult(0); context.Validated(context.Request.Uri.AbsoluteUri); } else { if (!context.Request.Uri.AbsoluteUri.StartsWith(context.Request.Uri.Authority)) return Task.FromResult(0); context.Validated(context.Request.Uri.AbsoluteUri); } return Task.FromResult(0); }
public override Task ValidateClientRedirectUri(OAuthValidateClientRedirectUriContext context) { // TODO: REFACTOR > code identical to CORS, same clients if (_registeredClients == null) { _registeredClients = new Collection<Uri>(); string[] domains = ConfigurationManager.AppSettings["CORS"].Split(';'); foreach (var domain in domains) { _registeredClients.Add(new Uri(domain)); } } var client = new Uri(context.RedirectUri); if (context.ClientId == _publicClientId && _registeredClients.Any(o => o.IsBaseOf(client))) { context.Validated(); } return Task.FromResult<object>(null); }
public override Task ValidateClientRedirectUri(OAuthValidateClientRedirectUriContext context) { if (context.ClientId == _publicClientId) { //BEGIN MODIFIED BY JLC /* Uri expectedRootUri = new Uri(context.Request.Uri, "/"); if (expectedRootUri.AbsoluteUri == context.RedirectUri) { context.Validated(); } **/ context.Validated(); //TODO: Is this still compliant with oAuth 2.0????????????????? //END MODIFIED BY JLC } return Task.FromResult<object>(null); }
private Task <bool> SendErrorRedirectAsync( OAuthValidateClientRedirectUriContext clientContext, BaseValidatingContext <OAuthAuthorizationServerOptions> validatingContext) { if (clientContext == null) { throw new ArgumentNullException("clientContext"); } string error = validatingContext.HasError ? validatingContext.Error : Constants.Errors.InvalidRequest; string errorDescription = validatingContext.HasError ? validatingContext.ErrorDescription : null; string errorUri = validatingContext.HasError ? validatingContext.ErrorUri : null; if (!clientContext.IsValidated) { // write error in response body if client_id or redirect_uri have not been validated return(SendErrorPageAsync(error, errorDescription, errorUri)); } // redirect with error if client_id and redirect_uri have been validated string location = WebUtilities.AddQueryString(clientContext.RedirectUri, Constants.Parameters.Error, error); if (!string.IsNullOrEmpty(errorDescription)) { location = WebUtilities.AddQueryString(location, Constants.Parameters.ErrorDescription, errorDescription); } if (!string.IsNullOrEmpty(errorUri)) { location = WebUtilities.AddQueryString(location, Constants.Parameters.ErrorUri, errorUri); } // if a state parameter was provided, include it in the redirect location IList <string> stateValues = clientContext.Request.Query.GetValues(Constants.Parameters.State); if (stateValues != null && stateValues.Count == 1) { location = WebUtilities.AddQueryString(location, Constants.Parameters.State, stateValues[0]); } Response.Redirect(location); // request is handled, does not pass on to application return(Task.FromResult(true)); }
public override Task ValidateClientRedirectUri(OAuthValidateClientRedirectUriContext context) { if (context.ClientId == _publicClientId) { var referer = context.Request.Headers["Referer"]; var returnUrl = context.Request.Query != null ? context.Request.Query.Get("redirect_uri") ?? null : null; var expectedUri = referer != null ? new Uri(referer) : returnUrl != null ? new Uri(returnUrl) : context.Request.Uri; Uri expectedRootUri = new Uri(expectedUri, "/access_token.html"); if (expectedRootUri.AbsoluteUri == context.RedirectUri) { context.Validated(); } } return Task.FromResult<object>(null); }
public override Task ValidateClientRedirectUri(OAuthValidateClientRedirectUriContext context) { if (context.ClientId == _publicClientId) { var httpRequest = ((System.Web.HttpContextBase)context.OwinContext.Environment["System.Web.HttpContextBase"]).Request; var path = string.Format("{0}/", httpRequest.ApplicationPath.TrimEnd('/')); Uri expectedRootUri = new Uri(context.Request.Uri, path); if (expectedRootUri.AbsoluteUri == context.RedirectUri) { context.Validated(); } else if (context.ClientId == "web") { var expectedUri = new Uri(context.Request.Uri, path); context.Validated(expectedUri.AbsoluteUri); } } return Task.FromResult<object>(null); }
public override Task ValidateClientRedirectUri(OAuthValidateClientRedirectUriContext context) { if (context.ClientId == _publicClientId) { Uri requestUri = context.Request.Uri; Uri redirectUri = new Uri(context.RedirectUri); if (redirectUri.Host == requestUri.Host && "/".Equals(redirectUri.AbsolutePath, StringComparison.OrdinalIgnoreCase)) { if (!string.IsNullOrEmpty(redirectUri.Query)) { NameValueCollection queryString = HttpUtility.ParseQueryString(redirectUri.Query); string returnData = queryString["rd"]; if (!string.IsNullOrEmpty(returnData)) { //TODO: check if json is valid context.Validated(); } } } } return Task.FromResult<object>(null); }
/// <summary> /// Called to validate that the context.ClientId is a registered "client_id", and that the context.RedirectUri a "redirect_uri" /// registered for that client. This only occurs when processing the Authorize endpoint. The application MUST implement this /// call, and it MUST validate both of those factors before calling context.Validated. If the context.Validated method is called /// with a given redirectUri parameter, then IsValidated will only become true if the incoming redirect URI matches the given redirect URI. /// If context.Validated is not called the request will not proceed further. /// </summary> /// <param name="context">The context of the event carries information in and results out.</param> /// <returns>Task to enable asynchronous execution</returns> public virtual Task ValidateClientRedirectUri(OAuthValidateClientRedirectUriContext context) { return OnValidateClientRedirectUri.Invoke(context); }
/// <summary> /// Called to validate that the context.ClientId is a registered "client_id", and that the context.RedirectUri a "redirect_uri" /// registered for that client. This only occurs when processing the Authorize endpoint. The application MUST implement this /// call, and it MUST validate both of those factors before calling context.Validated. If the context.Validated method is called /// with a given redirectUri parameter, then IsValidated will only become true if the incoming redirect URI matches the given redirect URI. /// If context.Validated is not called the request will not proceed further. /// </summary> /// <param name="context">The context of the event carries information in and results out.</param> /// <returns>Task to enable asynchronous execution</returns> public virtual Task ValidateClientRedirectUri(OAuthValidateClientRedirectUriContext context) { return(OnValidateClientRedirectUri.Invoke(context)); }
/// <summary> /// 验证重定向域名是否符合当前客户端Id创建时填写的主域名 /// </summary> /// <param name="context"></param> /// <returns></returns> public async override Task ValidateClientRedirectUri(OAuthValidateClientRedirectUriContext context) { string redirectUri = await _clientValidator.GetRedirectUrl(context.ClientId); if (redirectUri != null) { context.Validated(redirectUri); } await Task.FromResult(0); }
private async Task <bool> InvokeAuthorizeEndpointAsync() { var authorizeRequest = new AuthorizeEndpointRequest(Request.Query); var clientContext = new OAuthValidateClientRedirectUriContext( Context, Options, authorizeRequest.ClientId, authorizeRequest.RedirectUri); if (!String.IsNullOrEmpty(authorizeRequest.RedirectUri)) { bool acceptableUri = true; Uri validatingUri; if (!Uri.TryCreate(authorizeRequest.RedirectUri, UriKind.Absolute, out validatingUri)) { // The redirection endpoint URI MUST be an absolute URI // http://tools.ietf.org/html/rfc6749#section-3.1.2 acceptableUri = false; } else if (!String.IsNullOrEmpty(validatingUri.Fragment)) { // The endpoint URI MUST NOT include a fragment component. // http://tools.ietf.org/html/rfc6749#section-3.1.2 acceptableUri = false; } else if (!Options.AllowInsecureHttp && String.Equals(validatingUri.Scheme, Uri.UriSchemeHttp, StringComparison.OrdinalIgnoreCase)) { // The redirection endpoint SHOULD require the use of TLS // http://tools.ietf.org/html/rfc6749#section-3.1.2.1 acceptableUri = false; } if (!acceptableUri) { clientContext.SetError(Constants.Errors.InvalidRequest); return(await SendErrorRedirectAsync(clientContext, clientContext)); } } await Options.Provider.ValidateClientRedirectUri(clientContext); if (!clientContext.IsValidated) { _logger.WriteVerbose("Unable to validate client information"); return(await SendErrorRedirectAsync(clientContext, clientContext)); } var validatingContext = new OAuthValidateAuthorizeRequestContext( Context, Options, authorizeRequest, clientContext); if (string.IsNullOrEmpty(authorizeRequest.ResponseType)) { _logger.WriteVerbose("Authorize endpoint request missing required response_type parameter"); validatingContext.SetError(Constants.Errors.InvalidRequest); } else if (!authorizeRequest.IsAuthorizationCodeGrantType && !authorizeRequest.IsImplicitGrantType) { _logger.WriteVerbose("Authorize endpoint request contains unsupported response_type parameter"); validatingContext.SetError(Constants.Errors.UnsupportedResponseType); } else { await Options.Provider.ValidateAuthorizeRequest(validatingContext); } if (!validatingContext.IsValidated) { // an invalid request is not processed further return(await SendErrorRedirectAsync(clientContext, validatingContext)); } _clientContext = clientContext; _authorizeEndpointRequest = authorizeRequest; var authorizeEndpointContext = new OAuthAuthorizeEndpointContext(Context, Options); await Options.Provider.AuthorizeEndpoint(authorizeEndpointContext); return(authorizeEndpointContext.IsRequestCompleted); }
private Task ValidateClientRedirectUri(OAuthValidateClientRedirectUriContext context) { // TODO: Validar a client id e retornar a url de redirect //if (context.ClientId == Clients.Client1.Id) //{ // context.Validated(Clients.Client1.RedirectUrl); //} //else if (context.ClientId == Clients.Client2.Id) //{ // context.Validated(Clients.Client2.RedirectUrl); //} context.Validated(); return Task.FromResult(0); }
public override async Task ValidateClientRedirectUri(OAuthValidateClientRedirectUriContext context) { // appelé pour valider la redirect_uri. // dans la vraie vie, on valide vraiment :) context.Validated(context.RedirectUri); }
public override Task ValidateClientRedirectUri(OAuthValidateClientRedirectUriContext context) { if (context.ClientId == this._publicClientId && new Uri(context.Request.Uri, "/").AbsoluteUri == context.RedirectUri) context.Validated(); return (Task)Task.FromResult<object>((object)null); }
private Task ValidateClientRedirectUri(OAuthValidateClientRedirectUriContext context) { if (context.ClientId == "123456") { context.Validated("http://localhost:18002/Katana.Sandbox.WebClient/ClientApp.aspx"); } else if (context.ClientId == "7890ab") { context.Validated("http://localhost:18002/Katana.Sandbox.WebClient/ClientPageSignIn.html"); } return Task.FromResult(0); }
public override Task ValidateClientRedirectUri(OAuthValidateClientRedirectUriContext context) { return base.ValidateClientRedirectUri(context); }