예제 #1
0
        public void PostConfigure(OAuth2IntrospectionOptions options)
        {
            options.Validate();

            options.IntrospectionClient = new AsyncLazy <IntrospectionClient>(() => InitializeIntrospectionClient(options));
            options.LazyIntrospections  = new ConcurrentDictionary <string, AsyncLazy <IntrospectionResponse> >();
        }
예제 #2
0
        public OAuthTokenValidator([NotNull] OAuth2IntrospectionOptions options, ILog log)
        {
            var optionsConfigurator = new PostConfigureOAuth2IntrospectionOptions();

            _options = options;
            optionsConfigurator.PostConfigure(_options);
            _log = log.CreateComponentScope(nameof(OAuthTokenValidator));
        }
예제 #3
0
        private static async Task <IntrospectionClient> InitializeIntrospectionClient(OAuth2IntrospectionOptions options)
        {
            string endpoint;

            if (IsPresent(options.IntrospectionEndpoint))
            {
                endpoint = options.IntrospectionEndpoint;
            }
            else
            {
                endpoint = await GetIntrospectionEndpointFromDiscoveryDocument(options).ConfigureAwait(false);

                options.IntrospectionEndpoint = endpoint;
            }

            IntrospectionClient client;

            if (options.IntrospectionHttpHandler != null)
            {
                client = new IntrospectionClient(
                    endpoint,
                    headerStyle: options.BasicAuthenticationHeaderStyle,
                    innerHttpMessageHandler: options.IntrospectionHttpHandler);
            }
            else
            {
                client = new IntrospectionClient(endpoint);
            }

            client.Timeout = options.DiscoveryTimeout;
            return(client);
        }
예제 #4
0
        private static async Task <string> GetIntrospectionEndpointFromDiscoveryDocument(OAuth2IntrospectionOptions options)
        {
            DiscoveryClient client;

            if (options.DiscoveryHttpHandler != null)
            {
                client = new DiscoveryClient(options.Authority, options.DiscoveryHttpHandler);
            }
            else
            {
                client = new DiscoveryClient(options.Authority);
            }

            client.Timeout = options.DiscoveryTimeout;
            client.Policy  = options.DiscoveryPolicy ?? new DiscoveryPolicy();

            var discoveryResponse = await client.GetAsync().ConfigureAwait(false);

            if (discoveryResponse.IsError)
            {
                if (discoveryResponse.ErrorType == ResponseErrorType.Http)
                {
                    throw new InvalidOperationException($"Discovery endpoint {client.Url} is unavailable: {discoveryResponse.Error}");
                }
                if (discoveryResponse.ErrorType == ResponseErrorType.PolicyViolation)
                {
                    throw new InvalidOperationException($"Policy error while contacting the discovery endpoint {client.Url}: {discoveryResponse.Error}");
                }
                if (discoveryResponse.ErrorType == ResponseErrorType.Exception)
                {
                    throw new InvalidOperationException($"Error parsing discovery document from {client.Url}: {discoveryResponse.Error}");
                }
            }

            return(discoveryResponse.IntrospectionEndpoint);
        }