public virtual async Task AuthorizationCodeFlow_Login_CallbackAsync(HttpContext httpContext) { Trace.Write("AuthorizationCodeFlow_Login_CallbackAsync"); var context = new SVAuthRequestContext(SVX_Principal, httpContext); var idp = CreateModelAuthorizationServer(); var rawReq = detach_concdst_conckey(ref context, " "); // See if any subclasses need us to use their special // AuthorizationRequest subclass. var dummyAuthorizationRequest = new AuthorizationRequest(); // This design is following the original Auth.JS as closely as // possible. Arguably, we should give concrete subclasses full // control of unmarshalling, just like marshalling. The original // parseHttpMessage supports both requests (query) and responses, // but here we know which is which. // ~ REDACTED 2016-06-01 // var authorizationResponse = (AuthorizationResponse)Utils.ObjectFromQuery( // context.http.Request.Query, LoginCallbackRequestType); var authorizationResponse = (AuthorizationResponse)Utils.ObjectFromQueryString( rawReq, LoginCallbackRequestType); messageStructures.authorizationResponse.ImportWithModel(authorizationResponse, () => { idp.FakeCodeEndpoint(dummyAuthorizationRequest, authorizationResponse); }, SVX.Channel.GenerateNew(SVX_Principal), // unknown producer context.channel); var accessTokenRequest = SVX.SVX_Ops.Call(createAccessTokenRequest, authorizationResponse); messageStructures.accessTokenRequest.Export(accessTokenRequest, idp.SVX_Principal, null); /*string concdst = httpContext.Request.Query["concdst"]; * if (concdst != null) * accessTokenRequest.redirect_uri += "?concdst=" + Uri.EscapeDataString(concdst); * string conckey = httpContext.Request.Query["conckey"]; * if (conckey != null) * accessTokenRequest.redirect_uri += "&conckey=" + Uri.EscapeDataString(conckey);*/ var rawAccessTokenRequest = marshalAccessTokenRequest(accessTokenRequest); var rawAccessTokenResponse = await Utils.PerformHttpRequestAsync(rawAccessTokenRequest); Trace.Write("Got AccessTokenResponse"); var accessTokenResponse = (AccessTokenResponse)JsonConvert.DeserializeObject( Utils.ReadContent(rawAccessTokenResponse.Content), AccessTokenResponseType); messageStructures.accessTokenResponse.ImportDirectResponseWithModel(accessTokenResponse, () => { idp.FakeTokenEndpoint(accessTokenRequest, accessTokenResponse); }, idp.SVX_Principal, SVX_Principal); var userProfileRequest = SVX.SVX_Ops.Call(createUserProfileRequest, accessTokenResponse); messageStructures.userProfileRequest.Export(userProfileRequest, idp.SVX_Principal, null); var rawUserProfileRequest = marshalUserProfileRequest(userProfileRequest); var rawUserProfileResponse = await Utils.PerformHttpRequestAsync(rawUserProfileRequest); Trace.Write("Got UserProfileResponse"); var userProfileResponse = (UserProfileResponse)JsonConvert.DeserializeObject( Utils.ReadContent(rawUserProfileResponse.Content), UserProfileResponseType); messageStructures.userProfileResponse.ImportDirectResponseWithModel(userProfileResponse, () => { idp.FakeUserProfileEndpoint(userProfileRequest, userProfileResponse); }, idp.SVX_Principal, SVX_Principal); var conclusion = SVX.SVX_Ops.Call(createConclusion, authorizationResponse, userProfileResponse); await AuthenticationDone(conclusion, context); }
public abstract string /*Uri*/ marshalAuthorizationRequest(AuthorizationRequest authorizationRequest);