예제 #1
0
        public async Task Get(CancellationToken token)
        {
            var jObjBody    = Request.Query.ToJObject();
            var claimName   = User.Claims.FirstOrDefault(c => c.Type == ClaimTypes.NameIdentifier);
            var userSubject = claimName == null ? string.Empty : claimName.Value;
            var context     = new HandlerContext(new HandlerContextRequest(Request.GetAbsoluteUriWithVirtualPath(), userSubject, jObjBody, null, Request.Cookies), new HandlerContextResponse(Response.Cookies));

            try
            {
                string url;
                var    authorizationResponse = await _authorizationRequestHandler.Handle(context, token);

                if (authorizationResponse.Type == AuthorizationResponseTypes.RedirectUrl)
                {
                    var redirectUrlAuthorizationResponse = authorizationResponse as RedirectURLAuthorizationResponse;
                    url = QueryHelpers.AddQueryString(redirectUrlAuthorizationResponse.RedirectUrl, redirectUrlAuthorizationResponse.QueryParameters);
                    _responseModeHandler.Handle(jObjBody, redirectUrlAuthorizationResponse, HttpContext);
                    return;
                }

                var redirectActionAuthorizationResponse = authorizationResponse as RedirectActionAuthorizationResponse;
                var parameters = new List <KeyValuePair <string, string> >();
                foreach (var record in redirectActionAuthorizationResponse.QueryParameters)
                {
                    var jArr = record.Value as JArray;
                    if (jArr != null)
                    {
                        foreach (var rec in jArr)
                        {
                            parameters.Add(new KeyValuePair <string, string>(record.Key, rec.ToString()));
                        }
                    }
                    else
                    {
                        parameters.Add(new KeyValuePair <string, string>(record.Key, record.Value.ToString()));
                    }
                }

                var queryCollection = new QueryBuilder(parameters);
                var issuer          = Request.GetAbsoluteUriWithVirtualPath();
                var returnUrl       = $"{issuer}/{Constants.EndPoints.Authorization}{queryCollection.ToQueryString()}";
                var uiLocales       = context.Request.Data.GetUILocalesFromAuthorizationRequest();
                url = Url.Action(redirectActionAuthorizationResponse.Action, redirectActionAuthorizationResponse.ControllerName, new
                {
                    ReturnUrl  = _dataProtector.Protect(returnUrl),
                    area       = redirectActionAuthorizationResponse.Area,
                    ui_locales = string.Join(" ", uiLocales)
                });
                HttpContext.Response.Redirect(url);
            }
            catch (OAuthExceptionBadRequestURIException ex)
            {
                await BuildErrorResponse(context, ex, true);
            }
            catch (OAuthException ex)
            {
                await BuildErrorResponse(context, ex);
            }
        }
예제 #2
0
        public async Task Get()
        {
            var      jObjBody      = Request.Query.ToJObject();
            var      claimName     = User.Claims.FirstOrDefault(c => c.Type == ClaimTypes.NameIdentifier);
            var      claimAuthTime = User.Claims.FirstOrDefault(c => c.Type == ClaimTypes.AuthenticationInstant);
            var      userSubject   = claimName == null ? string.Empty : claimName.Value;
            DateTime?authTime      = null;
            DateTime auth;

            if (claimAuthTime != null && !string.IsNullOrWhiteSpace(claimAuthTime.Value) && DateTime.TryParse(claimAuthTime.Value, out auth))
            {
                authTime = auth;
            }

            var context = new HandlerContext(new HandlerContextRequest(Request.GetAbsoluteUriWithVirtualPath(), userSubject, authTime, jObjBody, null, Request.Cookies), new HandlerContextResponse(Response.Cookies));

            try
            {
                string url;
                var    authorizationResponse = await _authorizationRequestHandler.Handle(context);

                if (authorizationResponse.Type == AuthorizationResponseTypes.RedirectUrl)
                {
                    var redirectUrlAuthorizationResponse = authorizationResponse as RedirectURLAuthorizationResponse;
                    url = QueryHelpers.AddQueryString(redirectUrlAuthorizationResponse.RedirectUrl, redirectUrlAuthorizationResponse.QueryParameters);
                    _responseModeHandler.Handle(jObjBody, redirectUrlAuthorizationResponse, HttpContext);
                    return;
                }

                var redirectActionAuthorizationResponse = authorizationResponse as RedirectActionAuthorizationResponse;
                var parameters = new List <KeyValuePair <string, string> >();
                foreach (var record in redirectActionAuthorizationResponse.QueryParameters)
                {
                    var jArr = record.Value as JArray;
                    if (jArr != null)
                    {
                        foreach (var rec in jArr)
                        {
                            parameters.Add(new KeyValuePair <string, string>(record.Key, rec.ToString()));
                        }
                    }
                    else
                    {
                        parameters.Add(new KeyValuePair <string, string>(record.Key, record.Value.ToString()));
                    }
                }

                var queryCollection = new QueryBuilder(parameters);
                var issuer          = Request.GetAbsoluteUriWithVirtualPath();
                var returnUrl       = $"{issuer}/{Constants.EndPoints.Authorization}{queryCollection.ToQueryString()}";
                url = Url.Action(redirectActionAuthorizationResponse.Action, redirectActionAuthorizationResponse.ControllerName, new { ReturnUrl = _dataProtector.Protect(returnUrl), area = redirectActionAuthorizationResponse.Area });
                HttpContext.Response.Redirect(url);
            }
            catch (OAuthException ex)
            {
                var jObj = new JObject
                {
                    { ErrorResponseParameters.Error, ex.Code },
                    { ErrorResponseParameters.ErrorDescription, ex.Message }
                };
                var payload = Encoding.UTF8.GetBytes(jObj.ToString());
                HttpContext.Response.StatusCode = (int)HttpStatusCode.BadRequest;
                await HttpContext.Response.Body.WriteAsync(payload, 0, payload.Length);
            }
        }