private async Task <IHttpActionResult> CreateAuthorizeResponseAsync(ValidatedAuthorizeRequest request)
{
var response = await _responseGenerator.CreateResponseAsync(request);
if (request.CanCreateAnonymousToken())
{
IssueAnonymousLoginCookies(request);
}
if (request.ResponseMode == Constants.ResponseModes.Json)
{
await RaiseSuccessEventAsync();
return(new AuthorizeJsonResult(response, Request));
}
if (request.ResponseMode == Constants.ResponseModes.Query ||
request.ResponseMode == Constants.ResponseModes.Fragment)
{
Logger.DebugFormat("Adding client {0} to client list cookie for subject {1}", request.ClientId, request.Subject.GetSubjectId());
_clientListCookie.AddClient(request.ClientId);
await RaiseSuccessEventAsync();
return(new AuthorizeRedirectResult(response, _options));
}
if (request.ResponseMode == Constants.ResponseModes.FormPost)
{
Logger.DebugFormat("Adding client {0} to client list cookie for subject {1}", request.ClientId, request.Subject.GetSubjectId());
_clientListCookie.AddClient(request.ClientId);
await RaiseSuccessEventAsync();
return(new AuthorizeFormPostResult(response, Request));
}
Logger.Error("Unsupported response mode. Aborting.");
throw new InvalidOperationException("Unsupported response mode");
}
public async Task <AuthorizeResponse> CreateImplicitFlowResponseAsync(ValidatedAuthorizeRequest request, string authorizationCode = null)
{
Logger.Info("Creating Implicit Flow response.");
string accessTokenValue = null;
int accessTokenLifetime = 0;
var responseTypes = request.ResponseType.FromSpaceSeparatedString();
if (responseTypes.Contains(Constants.ResponseTypes.Token))
{
var tokenRequest = new TokenCreationRequest
{
Subject = request.Subject,
Client = request.Client,
Scopes = request.ValidatedScopes.GrantedScopes,
CreateAnonymousToken = request.CanCreateAnonymousToken(),
ValidatedRequest = request
};
var accessToken = await _tokenService.CreateAccessTokenAsync(tokenRequest);
accessTokenLifetime = accessToken.Lifetime;
accessTokenValue = await _tokenService.CreateSecurityTokenAsync(accessToken);
}
string jwt = null;
if (responseTypes.Contains(Constants.ResponseTypes.IdToken))
{
var tokenRequest = new TokenCreationRequest
{
ValidatedRequest = request,
Subject = request.Subject,
Client = request.Client,
Scopes = request.ValidatedScopes.GrantedScopes,
CreateAnonymousToken = request.CanCreateAnonymousToken(),
Nonce = request.Raw.Get(Constants.AuthorizeRequest.Nonce),
IncludeAllIdentityClaims = !request.AccessTokenRequested,
AccessTokenToHash = accessTokenValue,
AuthorizationCodeToHash = authorizationCode
};
var idToken = await _tokenService.CreateIdentityTokenAsync(tokenRequest);
jwt = await _tokenService.CreateSecurityTokenAsync(idToken);
}
var response = new AuthorizeResponse
{
Request = request,
RedirectUri = request.RedirectUri,
AccessToken = accessTokenValue,
AccessTokenLifetime = accessTokenLifetime,
IdentityToken = jwt,
State = request.State,
Scope = request.ValidatedScopes.GrantedScopes.ToSpaceSeparatedString(),
};
if (request.IsOpenIdRequest)
{
response.SessionState = GenerateSessionStateValue(request);
}
return(response);
}
