public TokenValidator(
IdentityServerOptions options,
IIssuerNameService issuerNameService,
IClientStore clients,
IProfileService profile,
IReferenceTokenStore referenceTokenStore,
ICustomTokenValidator customValidator,
IKeyMaterialService keys,
ISessionCoordinationService sessionCoordinationService,
ISystemClock clock,
ILogger <TokenValidator> logger)
{
_options = options;
_issuerNameService = issuerNameService;
_clients = clients;
_profile = profile;
_referenceTokenStore = referenceTokenStore;
_customValidator = customValidator;
_keys = keys;
_sessionCoordinationService = sessionCoordinationService;
_clock = clock;
_logger = logger;
_log = new TokenValidationLog();
}
/// <summary>
/// Initializes a new instance of the <see cref="DefaultRefreshTokenService" /> class.
/// </summary>
public ServerSideSessionRefreshTokenService(
Decorator <IRefreshTokenService> inner,
ISessionCoordinationService sessionCoordinationService)
{
Inner = inner.Instance;
SessionCoordinationService = sessionCoordinationService;
}
/// <summary>
/// Invokes the middleware.
/// </summary>
/// <param name="context">The context.</param>
/// <param name="router">The router.</param>
/// <param name="userSession">The user session.</param>
/// <param name="events">The event service.</param>
/// <param name="issuerNameService">The issuer name service</param>
/// <param name="sessionCoordinationService"></param>
/// <returns></returns>
public async Task Invoke(
HttpContext context,
IEndpointRouter router,
IUserSession userSession,
IEventService events,
IIssuerNameService issuerNameService,
ISessionCoordinationService sessionCoordinationService)
{
// this will check the authentication session and from it emit the check session
// cookie needed from JS-based signout clients.
await userSession.EnsureSessionIdCookieAsync();
context.Response.OnStarting(async() =>
{
if (context.GetSignOutCalled())
{
_logger.LogDebug("SignOutCalled set; processing post-signout session cleanup.");
// this clears our session id cookie so JS clients can detect the user has signed out
await userSession.RemoveSessionIdCookieAsync();
var user = await userSession.GetUserAsync();
if (user != null)
{
var session = new UserSession
{
SubjectId = user.GetSubjectId(),
SessionId = await userSession.GetSessionIdAsync(),
DisplayName = user.GetDisplayName(),
ClientIds = (await userSession.GetClientListAsync()).ToList(),
Issuer = await issuerNameService.GetCurrentAsync()
};
await sessionCoordinationService.ProcessLogoutAsync(session);
}
}
});
try
{
var endpoint = router.Find(context);
if (endpoint != null)
{
var endpointType = endpoint.GetType().FullName;
using var activity = Tracing.BasicActivitySource.StartActivity("IdentityServerProtocolRequest");
activity?.SetTag(Tracing.Properties.EndpointType, endpointType);
LicenseValidator.ValidateIssuer(await issuerNameService.GetCurrentAsync());
_logger.LogInformation("Invoking IdentityServer endpoint: {endpointType} for {url}", endpointType, context.Request.Path.ToString());
var result = await endpoint.ProcessAsync(context);
if (result != null)
{
_logger.LogTrace("Invoking result: {type}", result.GetType().FullName);
await result.ExecuteAsync(context);
}
return;
}
}
catch (Exception ex)
{
await events.RaiseAsync(new UnhandledExceptionEvent(ex));
_logger.LogCritical(ex, "Unhandled exception: {exception}", ex.Message);
throw;
}
await _next(context);
}
