public override Task ValidateAuthorizeRequest(OAuthValidateAuthorizeRequestContext context)
{
if (!ObjectId.TryParse(context.AuthorizeRequest.ClientId, out var mongoObjectId))
{
context.SetError("invalid_request");
return(Task.CompletedTask);
}
var client =
_clientManager.Clients.FirstOrDefault(
c => c.Id.Equals(context.AuthorizeRequest.ClientId) &&
c.RedirectUrl.Equals(context.AuthorizeRequest.RedirectUri));
if (client == null)
{
context.SetError("invalid_client");
}
else
{
context.Validated();
}
return(Task.CompletedTask);
}
private async Task ValidateAuthorizeRequest(OAuthValidateAuthorizeRequestContext context)
{
var clientManager = context.OwinContext.Get <ApplicationClientManager>();
var clientScopes = await clientManager.GetUserRolesAsync(context.AuthorizeRequest.ClientId);
var oauthScopes = new List <dynamic> {
new { scope = "scope_base", order = 0 }, new { scope = "scope_userinfo", order = 0 }
};
var scopes = context.AuthorizeRequest.Scope;
var isInScopes = scopes.Any(s =>
{
return(oauthScopes.Any(w => w.order > 0 && w.scope.Equals(s, StringComparison.OrdinalIgnoreCase)));
});
if (!isInScopes)
{
context.ClientContext.Rejected();
context.Rejected();
context.SetError("invalid_scope", "Invalid Scope");
return;
}
context.Validated();
await Task.FromResult(0);
}
