public async Task <TokenRawResult> ProcessRawAsync(IFormCollection formCollection)
{
_logger.LogTrace("Processing token request.");
var rawResult = new TokenRawResult();
// validate HTTP
if (formCollection.IsNullOrEmpty())
{
_logger.LogWarning($"Invalid {nameof(formCollection)} for token endpoint");
rawResult.TokenErrorResult = Error(OidcConstants.TokenErrors.InvalidRequest);
return(rawResult);
}
var clientId = formCollection[OidcConstants.TokenRequest.ClientId];
var client = await _clients.FindEnabledClientByIdAsync(clientId);
if (client == null)
{
_logger.LogError($"No client with id '{clientId}' found. aborting");
rawResult.TokenErrorResult = Error($"{OidcConstants.TokenRequest.ClientId} bad",
$"No client with id '{clientId}' found. aborting");
return(rawResult);
}
var clientSecretValidationResult = new ClientSecretValidationResult
{
IsError = false,
Client = client,
Secret = null
};
// validate request
var form = formCollection.AsNameValueCollection();
_logger.LogTrace("Calling into token request validator: {type}", _requestValidator.GetType().FullName);
var requestResult = await _requestValidator.ValidateRequestAsync(form, clientSecretValidationResult);
if (requestResult.IsError)
{
await _events.RaiseAsync(new TokenIssuedFailureEvent(requestResult));
rawResult.TokenErrorResult = Error(requestResult.Error, requestResult.ErrorDescription, requestResult.CustomResponse);
return(rawResult);
}
// create response
_logger.LogTrace("Calling into token request response generator: {type}", _responseGenerator.GetType().FullName);
var response = await _responseGenerator.ProcessAsync(requestResult);
await _events.RaiseAsync(new TokenIssuedSuccessEvent(response, requestResult));
LogTokens(response, requestResult);
// return result
_logger.LogDebug("Token request success.");
rawResult.TokenResult = new TokenResult(response);
return(rawResult);
}
public async Task <RevocationRawResult> ProcessRawRevocationAsync(IFormCollection formCollection)
{
_logger.LogTrace("Processing token request.");
var rawResult = new RevocationRawResult()
{
StatusCodeResult = new StatusCodeResult(HttpStatusCode.BadRequest)
};
// validate HTTP
if (formCollection.IsNullOrEmpty())
{
_logger.LogWarning($"Invalid {nameof(formCollection)} for token endpoint");
rawResult.ErrorResult = ErrorRevocation(OidcConstants.TokenErrors.InvalidRequest);
return(rawResult);
}
var clientId = formCollection[OidcConstants.TokenRequest.ClientId];
var client = await _clients.FindEnabledClientByIdAsync(clientId);
if (client == null)
{
_logger.LogError($"No client with id '{clientId}' found. aborting");
rawResult.ErrorResult = ErrorRevocation($"{OidcConstants.TokenRequest.ClientId} bad");
return(rawResult);
}
var clientValidationResult = new ClientSecretValidationResult
{
IsError = false,
Client = client,
Secret = null
};
// validate request
var form = formCollection.AsNameValueCollection();
_logger.LogTrace("Calling into token revocation request validator: {type}", _requestValidator.GetType().FullName);
var requestValidationResult = await _revocationRequestValidator.ValidateRequestAsync(form, clientValidationResult.Client);
if (requestValidationResult.IsError)
{
rawResult.ErrorResult = new TokenRevocationErrorResult(requestValidationResult.Error);
return(rawResult);
}
_logger.LogTrace("Calling into token revocation response generator: {type}", _responseGenerator.GetType().FullName);
var response = await _revocationResponseGenerator.ProcessAsync(requestValidationResult);
if (response.Success)
{
_logger.LogInformation("Token successfully revoked");
await _events.RaiseAsync(new TokenRevokedSuccessEvent(requestValidationResult, requestValidationResult.Client));
}
else
{
_logger.LogInformation("No matching token found");
}
if (response.Error.IsPresent())
{
rawResult.ErrorResult = new TokenRevocationErrorResult(response.Error);
return(rawResult);
}
rawResult.StatusCodeResult = new StatusCodeResult(HttpStatusCode.OK);
return(rawResult);
}
