protected virtual async Task <HandleRequestResult> HandleAccessDeniedErrorAsync(AuthenticationProperties properties)
        {
            Logger.AccessDeniedError();
            var context = new AccessDeniedContext(Context, Scheme, Options)
            {
                AccessDeniedPath   = Options.AccessDeniedPath,
                Properties         = properties,
                ReturnUrl          = properties?.RedirectUri,
                ReturnUrlParameter = Options.ReturnUrlParameter
            };
            await Events.AccessDenied(context);

            if (context.Result != null)
            {
                if (context.Result.Handled)
                {
                    Logger.AccessDeniedContextHandled();
                }
                else if (context.Result.Skipped)
                {
                    Logger.AccessDeniedContextSkipped();
                }

                return(context.Result);
            }

            // If an access denied endpoint was specified, redirect the user agent.
            // Otherwise, invoke the RemoteFailure event for further processing.
            if (context.AccessDeniedPath.HasValue)
            {
                string uri = context.AccessDeniedPath;
                if (!string.IsNullOrEmpty(context.ReturnUrlParameter) && !string.IsNullOrEmpty(context.ReturnUrl))
                {
                    uri = QueryHelpers.AddQueryString(uri, context.ReturnUrlParameter, context.ReturnUrl);
                }
                Response.Redirect(uri);

                return(HandleRequestResult.Handle());
            }

            return(HandleRequestResult.Fail("Access was denied by the resource owner or by the remote server.", properties));
        }
Exemplo n.º 2
0
 /// <summary>
 /// Discontinue all processing for this request and return to the client.
 /// The caller is responsible for generating the full response.
 /// </summary>
 public void HandleResponse() => Result = HandleRequestResult.Handle();