public override Task GrantAuthorizationCode( OAuthGrantAuthorizationCodeContext context) { IAdfsAuthorizationProvider authorizationProvider = context.OwinContext .GetAutofacLifetimeScope() .Resolve <IAdfsAuthorizationProvider>(); return(base.GrantAuthorizationCode(context)); }
/// <summary> /// Called when a request to the Token endpoint arrives with a "grant_type" of "authorization_code". This occurs after the Authorize /// endpoint as redirected the user-agent back to the client with a "code" parameter, and the client is exchanging that for an "access_token". /// The claims and properties /// associated with the authorization code are present in the context.Ticket. The application must call context.Validated to instruct the Authorization /// Server middleware to issue an access token based on those claims and properties. The call to context.Validated may be given a different /// AuthenticationTicket or ClaimsIdentity in order to control which information flows from authorization code to access token. /// The default behavior when using the OAuthAuthorizationServerProvider is to flow information from the authorization code to /// the access token unmodified. /// See also http://tools.ietf.org/html/rfc6749#section-4.1.3 /// </summary> /// <param name="context">The context of the event carries information in and results out.</param> /// <returns>Task to enable asynchronous execution</returns> public override async Task GrantAuthorizationCode(OAuthGrantAuthorizationCodeContext context) { this.options.Logger.Debug("Authenticating authorization code flow"); var user = context.Ticket.Identity; // Add grant type claim user.RemoveClaim(x => x.Type == Constants.ClaimType.GrantType); user.AddClaim(new Claim(Constants.ClaimType.GrantType, Constants.GrantTypes.AuthorizationCode)); context.Validated(user); }
/// <summary> /// Called when a request to the Token endpoint arrives with a "grant_type" of "authorization_code". This occurs after the Authorize /// endpoint as redirected the user-agent back to the client with a "code" parameter, and the client is exchanging that for an "access_token". /// The claims and properties /// associated with the authorization code are present in the context.Ticket. The application must call context.Validated to instruct the Authorization /// Server middleware to issue an access token based on those claims and properties. The call to context.Validated may be given a different /// AuthenticationTicket or ClaimsIdentity in order to control which information flows from authorization code to access token. /// The default behavior when using the OAuthAuthorizationServerProvider is to flow information from the authorization code to /// the access token unmodified. /// See also http://tools.ietf.org/html/rfc6749#section-4.1.3 /// </summary> /// <param name="context">The context of the event carries information in and results out.</param> /// <returns>Task to enable asynchronous execution</returns> public override async Task GrantAuthorizationCode(OAuthGrantAuthorizationCodeContext context) { this.options.Logger.Debug("Authenticating authorization code flow"); var user = new SentinelPrincipal(context.Ticket.Identity); // Add grant type claim user.Identity.RemoveClaim(x => x.Type == ClaimType.GrantType); user.Identity.AddClaim(ClaimType.GrantType, GrantType.AuthorizationCode); context.Validated(user.Identity.AsClaimsIdentity()); }
public override async Task GrantAuthorizationCode(OAuthGrantAuthorizationCodeContext context) { if (context.Ticket.Identity.IsAuthenticated) { var identity = new ClaimsIdentity(context.Ticket.Identity.Claims, "Bearer"); var client = await _clientManager.FindClientByIdAsync(context.Ticket.Properties.Dictionary["client_id"]); foreach (var scope in client.Scopes) { identity.AddClaim(new Claim(CustomClaimTypes.AuthorisedScopes, scope)); } context.Validated(context.Ticket); } else { context.OwinContext.Authentication.Challenge(DefaultAuthenticationTypes.ApplicationCookie); } context.Validated(context.Ticket); }
/// <summary> /// Called when a request to the Token endpoint arrives with a "grant_type" of "authorization_code". This occurs after the Authorize /// endpoint as redirected the user-agent back to the client with a "code" parameter, and the client is exchanging that for an "access_token". /// The claims and properties /// associated with the authorization code are present in the context.Ticket. The application must call context.Validated to instruct the Authorization /// Server middleware to issue an access token based on those claims and properties. The call to context.Validated may be given a different /// AuthenticationTicket or ClaimsIdentity in order to control which information flows from authorization code to access token. /// The default behavior when using the OAuthAuthorizationServerProvider is to flow information from the authorization code to /// the access token unmodified. /// See also http://tools.ietf.org/html/rfc6749#section-4.1.3 /// </summary> /// <param name="context">The context of the event carries information in and results out.</param> /// <returns>Task to enable asynchronous execution</returns> public virtual Task GrantAuthorizationCode(OAuthGrantAuthorizationCodeContext context) { return OnGrantAuthorizationCode.Invoke(context); }
public override Task GrantAuthorizationCode(OAuthGrantAuthorizationCodeContext context) { return(base.GrantAuthorizationCode(context)); }
public Task GrantAuthorizationCode(OAuthGrantAuthorizationCodeContext context) { throw new NotImplementedException(); }
public override Task GrantAuthorizationCode(OAuthGrantAuthorizationCodeContext context) { return base.GrantAuthorizationCode(context); }
/// <summary> /// AuthorizationCode /// </summary> /// <param name="context"></param> /// <returns></returns> public override Task GrantAuthorizationCode(OAuthGrantAuthorizationCodeContext context) { context.OwinContext.Set(_asGrantType, GrantTypes.AuthorizationCode); return(base.GrantAuthorizationCode(context)); }