private async Task <bool> InvokeReplyPathAsync()
        {
            if (Options.CallbackPath.HasValue && Options.CallbackPath == Request.Path)
            {
                // TODO: error responses

                AuthenticationTicket ticket = await AuthenticateAsync();

                if (ticket == null)
                {
                    _logger.WriteWarning("Invalid return state, unable to redirect.");
                    Response.StatusCode = 500;
                    return(true);
                }

                var context = new AzureADReturnEndpointContext(Context, ticket);
                context.SignInAsAuthenticationType = Options.SignInAsAuthenticationType;
                context.RedirectUri = ticket.Properties.RedirectUri;

                await Options.Provider.ReturnEndpoint(context);

                if (context.SignInAsAuthenticationType != null && context.Identity != null)
                {
                    ClaimsIdentity grantIdentity = context.Identity;
                    if (!string.Equals(grantIdentity.AuthenticationType, context.SignInAsAuthenticationType, StringComparison.Ordinal))
                    {
                        grantIdentity = new ClaimsIdentity(
                            grantIdentity.Claims,
                            context.SignInAsAuthenticationType,
                            grantIdentity.NameClaimType,
                            grantIdentity.RoleClaimType);
                    }
                    Context.Authentication.SignIn(context.Properties, grantIdentity);
                }

                if (!context.IsRequestCompleted && context.RedirectUri != null)
                {
                    string redirectUri = context.RedirectUri;
                    if (context.Identity == null)
                    {
                        // add a redirect hint that sign-in failed in some way
                        redirectUri = WebUtilities.AddQueryString(redirectUri, "error", "internal");
                    }
                    Response.Redirect(redirectUri);
                    context.RequestCompleted();
                }

                return(context.IsRequestCompleted);
            }
            return(false);
        }
예제 #2
0
        private async Task <bool> InvokeReplyPathAsync()
        {
            if (Options.CallbackPath.HasValue && Options.CallbackPath == Request.Path)
            {
                AuthenticationTicket ticket = await AuthenticateAsync();

                if (ticket == null)
                {
                    LogWarning("Invalid return state, unable to redirect.");
                    Response.StatusCode = 400;
                    return(true);
                }

                var context = new AzureADReturnEndpointContext(Context, ticket)
                {
                    SignInAsAuthenticationType = Options.SignInAsAuthenticationType,
                    RedirectUri = ticket.Properties.RedirectUri
                };

                await Options.Provider.ReturnEndpoint(context);

                if (context.SignInAsAuthenticationType != null && context.Identity != null)
                {
                    ClaimsIdentity grantIdentity = context.Identity;
                    if (!string.Equals(grantIdentity.AuthenticationType, context.SignInAsAuthenticationType, StringComparison.Ordinal))
                    {
                        grantIdentity = new ClaimsIdentity(
                            grantIdentity.Claims,
                            context.SignInAsAuthenticationType,
                            grantIdentity.NameClaimType,
                            grantIdentity.RoleClaimType);
                    }
                    Context.Authentication.SignIn(context.Properties, grantIdentity);
                }

                if (!context.IsRequestCompleted && context.RedirectUri != null)
                {
                    string redirectUri = context.RedirectUri;
                    if (context.Identity == null)
                    {
                        // parse authorization errors and include them on callback URL
                        var query = context.Response.Get <IDictionary <string, string[]> >("Microsoft.Owin.Query#dictionary");
                        if (query != null)
                        {
                            if (query.ContainsKey("error"))
                            {
                                redirectUri = WebUtilities.AddQueryString(redirectUri, "error", query["error"].FirstOrDefault());
                            }
                            if (query.ContainsKey("error_subcode"))
                            {
                                redirectUri = WebUtilities.AddQueryString(redirectUri, "error_subcode", query["error_subcode"].FirstOrDefault());
                            }
                            if (query.ContainsKey("error_description"))
                            {
                                redirectUri = WebUtilities.AddQueryString(redirectUri, "error_description", query["error_description"].FirstOrDefault());
                            }
                        }
                        else
                        {
                            // add a redirect hint that sign-in failed in some way
                            redirectUri = WebUtilities.AddQueryString(redirectUri, "error", "internal");
                        }
                    }

                    Response.Redirect(redirectUri);
                    context.RequestCompleted();
                }

                return(context.IsRequestCompleted);
            }
            return(false);
        }
예제 #3
0
 /// <summary>
 /// Invoked prior to the <see cref="System.Security.Claims.ClaimsIdentity"/> being saved in a local cookie and the browser being redirected to the originally requested URL.
 /// </summary>
 /// <param name="context"></param>
 /// <returns>A <see cref="Task"/> representing the completed operation.</returns>
 public virtual Task ReturnEndpoint(AzureADReturnEndpointContext context)
 {
     return(OnReturnEndpoint(context));
 }