/// <inheritdoc/> public virtual async Task <BackchannelAuthenticationResponse> ProcessAsync(BackchannelAuthenticationRequestValidationResult validationResult) { using var activity = Tracing.BasicActivitySource.StartActivity("BackchannelAuthenticationResponseGenerator.Process"); if (validationResult == null) { throw new ArgumentNullException(nameof(validationResult)); } if (validationResult.ValidatedRequest == null) { throw new ArgumentNullException(nameof(validationResult.ValidatedRequest)); } if (validationResult.ValidatedRequest.Client == null) { throw new ArgumentNullException(nameof(validationResult.ValidatedRequest.Client)); } Logger.LogTrace("Creating response for backchannel authentication request"); var request = new BackChannelAuthenticationRequest { CreationTime = Clock.UtcNow.UtcDateTime, ClientId = validationResult.ValidatedRequest.ClientId, RequestedScopes = validationResult.ValidatedRequest.ValidatedResources.RawScopeValues, RequestedResourceIndicators = validationResult.ValidatedRequest.RequestedResourceIndiators, Subject = validationResult.ValidatedRequest.Subject, Lifetime = validationResult.ValidatedRequest.Expiry, AuthenticationContextReferenceClasses = validationResult.ValidatedRequest.AuthenticationContextReferenceClasses, Tenant = validationResult.ValidatedRequest.Tenant, IdP = validationResult.ValidatedRequest.IdP, BindingMessage = validationResult.ValidatedRequest.BindingMessage, }; var requestId = await BackChannelAuthenticationRequestStore.CreateRequestAsync(request); var interval = validationResult.ValidatedRequest.Client.PollingInterval ?? Options.Ciba.DefaultPollingInterval; var response = new BackchannelAuthenticationResponse() { AuthenticationRequestId = requestId, ExpiresIn = request.Lifetime, Interval = interval, }; await UserLoginService.SendLoginRequestAsync(new BackchannelUserLoginRequest { InternalId = request.InternalId, Subject = validationResult.ValidatedRequest.Subject, Client = validationResult.ValidatedRequest.Client, ValidatedResources = validationResult.ValidatedRequest.ValidatedResources, RequestedResourceIndicators = validationResult.ValidatedRequest.RequestedResourceIndiators, BindingMessage = validationResult.ValidatedRequest.BindingMessage, AuthenticationContextReferenceClasses = validationResult.ValidatedRequest.AuthenticationContextReferenceClasses, Tenant = validationResult.ValidatedRequest.Tenant, IdP = validationResult.ValidatedRequest.IdP, }); return(response); }
private static async Task <TokenResponse> RequestTokenAsync(BackchannelAuthenticationResponse authorizeResponse) { var disco = await _cache.GetAsync(); if (disco.IsError) { throw new Exception(disco.Error); } var client = new HttpClient(); while (true) { var response = await client.RequestBackchannelAuthenticationTokenAsync(new BackchannelAuthenticationTokenRequest { Address = disco.TokenEndpoint, ClientId = "ciba", ClientSecret = "secret", AuthenticationRequestId = authorizeResponse.AuthenticationRequestId }); if (response.IsError) { if (response.Error == OidcConstants.TokenErrors.AuthorizationPending || response.Error == OidcConstants.TokenErrors.SlowDown) { Console.WriteLine($"{response.Error}...waiting."); Thread.Sleep(authorizeResponse.Interval.Value * 1000); } else { throw new Exception(response.Error); } } else { return(response); } } }
private void LogResponse(BackchannelAuthenticationResponse response, BackchannelAuthenticationRequestValidationResult requestResult) { _logger.LogTrace("BackchannelAuthenticationResponse: {@response} for subject {subjectId}", response, requestResult.ValidatedRequest.Subject.GetSubjectId()); }
public BackchannelAuthenticationResult(BackchannelAuthenticationResponse response) { Response = response ?? throw new ArgumentNullException(nameof(response)); }