public async Task Invoke(HttpContext context, ICredentialsProvider credentialsProvider, IAdditionalClaimsProvider additionalClaimsProvider)
{
if (context.Request.Path.Value.Equals(_options.TokenEndpointPath))
{
if (context.Request.ContentType != "application/x-www-form-urlencoded")
{
context.Response.StatusCode = StatusCodes.Status400BadRequest;
context.Response.ContentType = "application/json;charset=utf-8";
await context.Response.WriteAsync("[\"invalid-content-type\"]");
return;
}
try
{
AuthServerRequest authRequest = CreateAuthServerRequestObject(context.Request);
// Now, we have to investigate authRequest
if (authRequest.GrantType == "password") // resource owner
{
if (!(await credentialsProvider.AreUserCredentialsValidAsync(authRequest.Username, authRequest.Password)))
{
context.Response.StatusCode = StatusCodes.Status401Unauthorized;
context.Response.ContentType = "application/json;charset=utf-8";
await context.Response.WriteAsync($"[\"{AuthServerMessages.InvalidUserCredentials}\"]");
return;
}
}
else if (authRequest.GrantType == "client") // private client
{
if (!(await credentialsProvider.AreClientCredentialsValidAsync(authRequest.ClientId, authRequest.ClientSecret)))
{
context.Response.StatusCode = StatusCodes.Status401Unauthorized;
context.Response.ContentType = "application/json;charset=utf-8";
await context.Response.WriteAsync($"[\"{AuthServerMessages.InvalidUserCredentials}\"]");
return;
}
}
// Now, we construct the response
await WriteResponseAsync(authRequest, _options.Issuer, context.Response, additionalClaimsProvider);
return;
}
catch (Exception e)
{
context.Response.StatusCode = StatusCodes.Status400BadRequest;
context.Response.ContentType = "application/json;charset=utf-8";
await context.Response.WriteAsync($"[\"{e.Message}\"]");
return;
}
}
await _next.Invoke(context);
}