public override async Task <bool> InvokeAsync()
{
var matchRequestContext = new OAuthMatchEndpointContext(Context, Options);
if (Options.AuthorizeEndpointPath.HasValue && Options.AuthorizeEndpointPath == Request.Path)
{
matchRequestContext.MatchesAuthorizeEndpoint();
}
else if (Options.TokenEndpointPath.HasValue && Options.TokenEndpointPath == Request.Path)
{
matchRequestContext.MatchesTokenEndpoint();
}
await Options.Provider.MatchEndpoint(matchRequestContext);
if (matchRequestContext.IsRequestCompleted)
{
return(true);
}
if (matchRequestContext.IsAuthorizeEndpoint || matchRequestContext.IsTokenEndpoint)
{
if (!Options.AllowInsecureHttp &&
String.Equals(Request.Scheme, Uri.UriSchemeHttp, StringComparison.OrdinalIgnoreCase))
{
_logger.WriteWarning("Authorization server ignoring http request because AllowInsecureHttp is false.");
return(false);
}
if (matchRequestContext.IsAuthorizeEndpoint)
{
return(await InvokeAuthorizeEndpointAsync());
}
if (matchRequestContext.IsTokenEndpoint)
{
await InvokeTokenEndpointAsync();
return(true);
}
}
return(false);
}
/// <summary>
/// Called to determine if an incoming request is treated as an Authorize or Token
/// endpoint. If Options.AuthorizeEndpointPath or Options.TokenEndpointPath
/// are assigned values, then handling this event is optional and context.IsAuthorizeEndpoint and context.IsTokenEndpoint
/// will already be true if the request path matches.
/// </summary>
/// <param name="context">The context of the event carries information in and results out.</param>
/// <returns>Task to enable asynchronous execution</returns>
public virtual Task MatchEndpoint(OAuthMatchEndpointContext context)
{
return(OnMatchEndpoint.Invoke(context));
}