protected override async Task <bool> HandleUnauthorizedAsync(ChallengeContext context) { if (context == null) { throw new ArgumentNullException(nameof(context)); } var properties = new AuthenticationProperties(context.Properties); if (string.IsNullOrEmpty(properties.RedirectUri)) { properties.RedirectUri = CurrentUri; } var callBackUri = BuildRedirectUri(Options.CallbackPath); var requestToken = await ObtainRequestTokenAsync(callBackUri, properties); // If CallbackConfirmed is false, this will throw // var requestToken = await ObtainRequestTokenAsync(BuildRedirectUri(Options.CallbackPath), properties); var authenticationEndpoint = AuthenticationEndpoint + requestToken.Token; var cookieOptions = new CookieOptions { HttpOnly = true, Secure = Request.IsHttps, Expires = Options.SystemClock.UtcNow.Add(Options.RemoteAuthenticationTimeout), }; Response.Cookies.Append(StateCookie, Options.StateDataFormat.Protect(requestToken), cookieOptions); var redirectContext = new DevAuthRedirectToAuthorizationEndpointContext( Context, Options, properties, authenticationEndpoint); await Options.Events.RedirectToAuthorizationEndpoint(redirectContext); return(true); }
/// <summary> /// Called when a Challenge causes a redirect to authorize endpoint in the DevAuth middleware /// </summary> /// <param name="context">Contains redirect URI and <see cref="Http.Authentication.AuthenticationProperties"/> of the challenge </param> public virtual Task RedirectToAuthorizationEndpoint(DevAuthRedirectToAuthorizationEndpointContext context) => OnRedirectToAuthorizationEndpoint(context);