private static async Task <TokenIntrospectionResponse> LoadClaimsForToken(
            string token,
            HttpContext context,
            AuthenticationScheme scheme,
            OAuth2IntrospectionEvents events,
            OAuth2IntrospectionOptions options)
        {
            var introspectionClient = await options.IntrospectionClient.Value.ConfigureAwait(false);

            using var request = CreateTokenIntrospectionRequest(token, context, scheme, events, options);
            return(await introspectionClient.IntrospectTokenAsync(request).ConfigureAwait(false));
        }
        private static async Task <AuthenticateResult> ReportNonSuccessAndReturn(
            string error,
            HttpContext httpContext,
            AuthenticationScheme scheme,
            OAuth2IntrospectionEvents events,
            OAuth2IntrospectionOptions options)
        {
            var authenticationFailedContext = new AuthenticationFailedContext(httpContext, scheme, options)
            {
                Error = error
            };

            await events.AuthenticationFailed(authenticationFailedContext);

            if (authenticationFailedContext.Result != null)
            {
                return(authenticationFailedContext.Result);
            }

            return(AuthenticateResult.Fail(error));
        }
        private static TokenIntrospectionRequest CreateTokenIntrospectionRequest(
            string token,
            HttpContext context,
            AuthenticationScheme scheme,
            OAuth2IntrospectionEvents events,
            OAuth2IntrospectionOptions options)
        {
            if (options.ClientSecret == null && options.ClientAssertionExpirationTime <= DateTime.UtcNow)
            {
                lock (options.AssertionUpdateLockObj)
                {
                    if (options.ClientAssertionExpirationTime <= DateTime.UtcNow)
                    {
                        var updateClientAssertionContext = new UpdateClientAssertionContext(context, scheme, options)
                        {
                            ClientAssertion = options.ClientAssertion ?? new ClientAssertion()
                        };

                        events.UpdateClientAssertion(updateClientAssertionContext);

                        options.ClientAssertion = updateClientAssertionContext.ClientAssertion;
                        options.ClientAssertionExpirationTime =
                            updateClientAssertionContext.ClientAssertionExpirationTime;
                    }
                }
            }

            return(new TokenIntrospectionRequest
            {
                Token = token,
                TokenTypeHint = options.TokenTypeHint,
                Address = options.IntrospectionEndpoint,
                ClientId = options.ClientId,
                ClientSecret = options.ClientSecret,
                ClientAssertion = options.ClientAssertion ?? new ClientAssertion(),
                ClientCredentialStyle = options.ClientCredentialStyle,
                AuthorizationHeaderStyle = options.AuthorizationHeaderStyle,
            });
        }
        private static async Task <AuthenticateResult> CreateTicket(
            IEnumerable <Claim> claims,
            string token,
            HttpContext httpContext,
            AuthenticationScheme scheme,
            OAuth2IntrospectionEvents events,
            OAuth2IntrospectionOptions options)
        {
            var authenticationType = options.AuthenticationType ?? scheme.Name;
            var id        = new ClaimsIdentity(claims, authenticationType, options.NameClaimType, options.RoleClaimType);
            var principal = new ClaimsPrincipal(id);

            var tokenValidatedContext = new TokenValidatedContext(httpContext, scheme, options)
            {
                Principal     = principal,
                SecurityToken = token
            };

            await events.TokenValidated(tokenValidatedContext);

            if (tokenValidatedContext.Result != null)
            {
                return(tokenValidatedContext.Result);
            }

            if (options.SaveToken)
            {
                tokenValidatedContext.Properties.StoreTokens(new[]
                {
                    new AuthenticationToken {
                        Name = "access_token", Value = token
                    }
                });
            }

            tokenValidatedContext.Success();
            return(tokenValidatedContext.Result);
        }
Exemplo n.º 5
0
 /// <summary>
 /// Dafault options constructor
 /// </summary>
 public OAuth2IntrospectionOptions()
 {
     Events = new OAuth2IntrospectionEvents();
 }