public AuthorizeFormPostResult(AuthorizeResponse response, HttpRequestMessage request) { _response = response; _request = request; }
public async Task<AuthorizeResponse> CreateCodeFlowResponseAsync(ValidatedAuthorizeRequest request) { Logger.Info("Creating Authorization Code Flow response."); var code = await CreateCodeAsync(request); var response = new AuthorizeResponse { Request = request, RedirectUri = request.RedirectUri, Code = code, State = request.State }; if (request.IsOpenIdRequest) { response.SessionState = GenerateSessionStateValue(request); } return response; }
async Task<IHttpActionResult> AuthorizeErrorAsync(ErrorTypes errorType, string error, ValidatedAuthorizeRequest request) { await RaiseFailureEventAsync(error); // show error message to user if (errorType == ErrorTypes.User) { var env = Request.GetOwinEnvironment(); var errorModel = new ErrorViewModel { RequestId = env.GetRequestId(), SiteName = _options.SiteName, SiteUrl = env.GetIdentityServerBaseUrl(), CurrentUser = env.GetCurrentUserDisplayName(), LogoutUrl = env.GetIdentityServerLogoutUrl(), ErrorMessage = LookupErrorMessage(error) }; var errorResult = new ErrorActionResult(_viewService, errorModel); return errorResult; } // return error to client var response = new AuthorizeResponse { Request = request, IsError = true, Error = error, State = request.State, RedirectUri = request.RedirectUri }; if (request.ResponseMode == Constants.ResponseModes.FormPost) { return new AuthorizeFormPostResult(response, Request); } else { return new AuthorizeRedirectResult(response, _options); } }
public async Task<AuthorizeResponse> CreateImplicitFlowResponseAsync(ValidatedAuthorizeRequest request, string authorizationCode = null) { Logger.Info("Creating Implicit Flow response."); string accessTokenValue = null; int accessTokenLifetime = 0; var responseTypes = request.ResponseType.FromSpaceSeparatedString(); if (responseTypes.Contains(Constants.ResponseTypes.Token)) { var tokenRequest = new TokenCreationRequest { Subject = request.Subject, Client = request.Client, Scopes = request.ValidatedScopes.GrantedScopes, ValidatedRequest = request }; var accessToken = await _tokenService.CreateAccessTokenAsync(tokenRequest); accessTokenLifetime = accessToken.Lifetime; accessTokenValue = await _tokenService.CreateSecurityTokenAsync(accessToken); } string jwt = null; if (responseTypes.Contains(Constants.ResponseTypes.IdToken)) { var tokenRequest = new TokenCreationRequest { ValidatedRequest = request, Subject = request.Subject, Client = request.Client, Scopes = request.ValidatedScopes.GrantedScopes, Nonce = request.Raw.Get(Constants.AuthorizeRequest.Nonce), IncludeAllIdentityClaims = !request.AccessTokenRequested, AccessTokenToHash = accessTokenValue, AuthorizationCodeToHash = authorizationCode }; var idToken = await _tokenService.CreateIdentityTokenAsync(tokenRequest); jwt = await _tokenService.CreateSecurityTokenAsync(idToken); } var response = new AuthorizeResponse { Request = request, RedirectUri = request.RedirectUri, AccessToken = accessTokenValue, AccessTokenLifetime = accessTokenLifetime, IdentityToken = jwt, State = request.State, Scope = request.ValidatedScopes.GrantedScopes.ToSpaceSeparatedString(), }; if (request.IsOpenIdRequest) { response.SessionState = GenerateSessionStateValue(request); } return response; }
public AuthorizeRedirectResult(AuthorizeResponse response, IdentityServerOptions options) { _response = response; _options = options; }