/// <summary>
/// Updates authorization state with a success response from the Authorization Server.
/// </summary>
/// <param name="authorizationState">The authorization state to update.</param>
/// <param name="authorizationSuccess">The authorization success message obtained from the authorization server.</param>
internal void UpdateAuthorizationWithResponse(IAuthorizationState authorizationState, EndUserAuthorizationSuccessAuthCodeResponse authorizationSuccess)
{
Requires.NotNull(authorizationState, "authorizationState");
Requires.NotNull(authorizationSuccess, "authorizationSuccess");
var accessTokenRequest = new AccessTokenAuthorizationCodeRequestC(this.AuthorizationServer)
{
ClientIdentifier = this.ClientIdentifier,
Callback = authorizationState.Callback,
AuthorizationCode = authorizationSuccess.AuthorizationCode,
};
this.ApplyClientCredential(accessTokenRequest);
IProtocolMessage accessTokenResponse = this.Channel.Request(accessTokenRequest);
var accessTokenSuccess = accessTokenResponse as AccessTokenSuccessResponse;
var failedAccessTokenResponse = accessTokenResponse as AccessTokenFailedResponse;
if (accessTokenSuccess != null)
{
UpdateAuthorizationWithResponse(authorizationState, accessTokenSuccess);
}
else
{
authorizationState.Delete();
string error = failedAccessTokenResponse != null ? failedAccessTokenResponse.Error : "(unknown)";
ErrorUtilities.ThrowProtocol(ClientStrings.CannotObtainAccessTokenWithReason, error);
}
}
public static void SignOut()
{
LoggedInUserIdentity currentUser = Authentication.GetCurrentUserIdentity();
// If the current user is not a stockwinners user, delete their third party authorization state
if (currentUser != null && currentUser.IdentityProvider != IdentityProvider.Stockwinners)
{
IAuthorizationState authorizationState = AuthenticationClientFactory.Instance.GetAuthenticationClient(currentUser.IdentityProvider).ProcessUserAuthorization();
if (authorizationState != null)
{
authorizationState.Delete();
}
}
// Sign out of regular forms authentication
FormsAuthentication.SignOut();
}
/// <summary>
/// Scans the incoming request for an authorization response message.
/// </summary>
/// <param name="authorizationState">The authorization.</param>
/// <param name="response">The incoming authorization response message.</param>
/// <returns>
/// The granted authorization, or <c>null</c> if the incoming HTTP request did not contain an authorization server response or authorization was rejected.
/// </returns>
internal IAuthorizationState ProcessUserAuthorization(IAuthorizationState authorizationState, IDirectedProtocolMessage response)
{
EndUserAuthorizationSuccessAccessTokenResponse accessTokenSuccess;
EndUserAuthorizationSuccessAuthCodeResponse authCodeSuccess;
if ((accessTokenSuccess = response as EndUserAuthorizationSuccessAccessTokenResponse) != null)
{
UpdateAuthorizationWithResponse(authorizationState, accessTokenSuccess);
}
else if ((authCodeSuccess = response as EndUserAuthorizationSuccessAuthCodeResponse) != null)
{
this.UpdateAuthorizationWithResponse(authorizationState, authCodeSuccess);
}
else if (response is EndUserAuthorizationFailedResponse)
{
authorizationState.Delete();
return(null);
}
return(authorizationState);
}
/// <summary>
/// Scans the incoming request for an authorization response message.
/// </summary>
/// <param name="authorizationState">The authorization.</param>
/// <param name="response">The incoming authorization response message.</param>
/// <param name="cancellationToken">The cancellation token.</param>
/// <returns>
/// The granted authorization, or <c>null</c> if the incoming HTTP request did not contain an authorization server response or authorization was rejected.
/// </returns>
internal async Task <IAuthorizationState> ProcessUserAuthorizationAsync(IAuthorizationState authorizationState, IDirectedProtocolMessage response, CancellationToken cancellationToken)
{
Requires.NotNull(authorizationState, "authorizationState");
Requires.NotNull(response, "response");
EndUserAuthorizationSuccessAccessTokenResponse accessTokenSuccess;
EndUserAuthorizationSuccessAuthCodeResponse authCodeSuccess;
if ((accessTokenSuccess = response as EndUserAuthorizationSuccessAccessTokenResponse) != null)
{
UpdateAuthorizationWithResponse(authorizationState, accessTokenSuccess);
}
else if ((authCodeSuccess = response as EndUserAuthorizationSuccessAuthCodeResponse) != null)
{
await this.UpdateAuthorizationWithResponseAsync(authorizationState, authCodeSuccess, cancellationToken);
}
else if (response is EndUserAuthorizationFailedResponse)
{
authorizationState.Delete();
return(null);
}
return(authorizationState);
}
/// <summary>
/// Updates authorization state with a success response from the Authorization Server.
/// </summary>
/// <param name="authorizationState">The authorization state to update.</param>
/// <param name="authorizationSuccess">The authorization success message obtained from the authorization server.</param>
/// <param name="cancellationToken">The cancellation token.</param>
/// <returns>
/// A task that completes with the asynchronous operation.
/// </returns>
internal async Task UpdateAuthorizationWithResponseAsync(IAuthorizationState authorizationState, EndUserAuthorizationSuccessAuthCodeResponse authorizationSuccess, CancellationToken cancellationToken) {
Requires.NotNull(authorizationState, "authorizationState");
Requires.NotNull(authorizationSuccess, "authorizationSuccess");
var accessTokenRequest = new AccessTokenAuthorizationCodeRequestC(this.AuthorizationServer) {
ClientIdentifier = this.ClientIdentifier,
Callback = authorizationState.Callback,
AuthorizationCode = authorizationSuccess.AuthorizationCode,
};
this.ApplyClientCredential(accessTokenRequest);
IProtocolMessage accessTokenResponse = await this.Channel.RequestAsync(accessTokenRequest, cancellationToken);
var accessTokenSuccess = accessTokenResponse as AccessTokenSuccessResponse;
var failedAccessTokenResponse = accessTokenResponse as AccessTokenFailedResponse;
if (accessTokenSuccess != null) {
UpdateAuthorizationWithResponse(authorizationState, accessTokenSuccess);
} else {
authorizationState.Delete();
string error = failedAccessTokenResponse != null ? failedAccessTokenResponse.Error : "(unknown)";
ErrorUtilities.ThrowProtocol(ClientStrings.CannotObtainAccessTokenWithReason, error);
}
}
/// <summary>
/// Scans the incoming request for an authorization response message.
/// </summary>
/// <param name="authorizationState">The authorization.</param>
/// <param name="response">The incoming authorization response message.</param>
/// <returns>
/// The granted authorization, or <c>null</c> if the incoming HTTP request did not contain an authorization server response or authorization was rejected.
/// </returns>
internal IAuthorizationState ProcessUserAuthorization(IAuthorizationState authorizationState, IDirectedProtocolMessage response) {
Requires.NotNull(authorizationState, "authorizationState");
Requires.NotNull(response, "response");
EndUserAuthorizationSuccessAccessTokenResponse accessTokenSuccess;
EndUserAuthorizationSuccessAuthCodeResponse authCodeSuccess;
if ((accessTokenSuccess = response as EndUserAuthorizationSuccessAccessTokenResponse) != null) {
UpdateAuthorizationWithResponse(authorizationState, accessTokenSuccess);
} else if ((authCodeSuccess = response as EndUserAuthorizationSuccessAuthCodeResponse) != null) {
this.UpdateAuthorizationWithResponse(authorizationState, authCodeSuccess);
} else if (response is EndUserAuthorizationFailedResponse) {
authorizationState.Delete();
return null;
}
return authorizationState;
}
/// <summary>
/// Updates authorization state with a success response from the Authorization Server.
/// </summary>
/// <param name="authorizationState">The authorization state to update.</param>
/// <param name="authorizationSuccess">The authorization success message obtained from the authorization server.</param>
internal void UpdateAuthorizationWithResponse(IAuthorizationState authorizationState, EndUserAuthorizationSuccessAuthCodeResponse authorizationSuccess) {
Requires.NotNull(authorizationState, "authorizationState");
Requires.NotNull(authorizationSuccess, "authorizationSuccess");
var accessTokenRequest = new AccessTokenAuthorizationCodeRequest(this.AuthorizationServer) {
ClientIdentifier = this.ClientIdentifier,
ClientSecret = this.ClientSecret,
Callback = authorizationState.Callback,
AuthorizationCode = authorizationSuccess.AuthorizationCode,
};
IProtocolMessage accessTokenResponse = this.Channel.Request(accessTokenRequest);
var accessTokenSuccess = accessTokenResponse as AccessTokenSuccessResponse;
var failedAccessTokenResponse = accessTokenResponse as AccessTokenFailedResponse;
if (accessTokenSuccess != null) {
UpdateAuthorizationWithResponse(authorizationState, accessTokenSuccess);
} else {
authorizationState.Delete();
string error = failedAccessTokenResponse != null ? failedAccessTokenResponse.Error : "(unknown)";
ErrorUtilities.ThrowProtocol(OAuthStrings.CannotObtainAccessTokenWithReason, error);
}
}
/// <summary>
/// Scans the incoming request for an authorization response message.
/// </summary>
/// <param name="authorizationState">The authorization.</param>
/// <param name="response">The incoming authorization response message.</param>
/// <param name="cancellationToken">The cancellation token.</param>
/// <returns>
/// The granted authorization, or <c>null</c> if the incoming HTTP request did not contain an authorization server response or authorization was rejected.
/// </returns>
internal async Task<IAuthorizationState> ProcessUserAuthorizationAsync(IAuthorizationState authorizationState, IDirectedProtocolMessage response, CancellationToken cancellationToken) {
Requires.NotNull(authorizationState, "authorizationState");
Requires.NotNull(response, "response");
EndUserAuthorizationSuccessAccessTokenResponse accessTokenSuccess;
EndUserAuthorizationSuccessAuthCodeResponse authCodeSuccess;
if ((accessTokenSuccess = response as EndUserAuthorizationSuccessAccessTokenResponse) != null) {
UpdateAuthorizationWithResponse(authorizationState, accessTokenSuccess);
} else if ((authCodeSuccess = response as EndUserAuthorizationSuccessAuthCodeResponse) != null) {
await this.UpdateAuthorizationWithResponseAsync(authorizationState, authCodeSuccess, cancellationToken);
} else if (response is EndUserAuthorizationFailedResponse) {
authorizationState.Delete();
return null;
}
return authorizationState;
}