public override Task ValidateClientRedirectUri(OAuthValidateClientRedirectUriContext context)
{
var authCookie = context.Request.Cookies[FormsAuthentication.FormsCookieName];
var authTicket = FormsAuthentication.Decrypt(authCookie);
if (authTicket.Expired)
context.Rejected();
else
context.Validated();
//We validated that Client Id and Reditect Uri are indeed what we expect
//if (context.ClientId == "123456" && context.RedirectUri.Contains("localhost"))
// context.Validated();
//else
// context.Rejected();
return Task.FromResult<object>(null);
}
/// <summary>
/// Called to validate that the context.ClientId is a registered "client_id", and that the context.RedirectUri a "redirect_uri"
/// registered for that client. This only occurs when processing the Authorize endpoint. The application MUST implement this
/// call, and it MUST validate both of those factors before calling context.Validated. If the context.Validated method is called
/// with a given redirectUri parameter, then IsValidated will only become true if the incoming redirect URI matches the given redirect URI.
/// If context.Validated is not called the request will not proceed further.
/// </summary>
/// <param name="context">The context of the event carries information in and results out.</param>
/// <returns>Task to enable asynchronous execution</returns>
public override async Task ValidateClientRedirectUri(OAuthValidateClientRedirectUriContext context)
{
this.options.Logger.DebugFormat("Validating client id and redirect uri");
// Only proceed if client id and redirect uri is provided
if (string.IsNullOrEmpty(context.ClientId) || string.IsNullOrEmpty(context.RedirectUri))
{
this.options.Logger.WarnFormat("Client id ({0}) or client secret ({1}) is invalid", context.ClientId, context.RedirectUri);
return;
}
this.options.Logger.DebugFormat("Authenticating client '{0}' and redirect uri '{1}'", context.ClientId, context.RedirectUri);
var client = await this.options.ClientManager.AuthenticateClientAsync(context.ClientId, context.RedirectUri);
if (!client.Identity.IsAuthenticated)
{
context.Rejected();
this.options.Logger.WarnFormat("Client '{0}' and redirect uri '{1}' was not authenticated", context.ClientId, context.RedirectUri);
return;
}
this.options.Logger.DebugFormat("Client '{0}' and redirect uri '{1}' was successfully authenticated", context.ClientId, context.RedirectUri);
context.OwinContext.GetOAuthContext().ClientId = context.ClientId;
context.OwinContext.GetOAuthContext().RedirectUri = context.RedirectUri;
context.Validated(context.RedirectUri);
}
public override async Task ValidateClientRedirectUri(OAuthValidateClientRedirectUriContext context)
{
var app =
await new ApplicationDbContext().Apps.FirstOrDefaultAsync(c => c.ClientId == context.ClientId);
if (app != null)
{
context.Validated(app.RedirectUrl);
}
else
{
context.Rejected();
}
}
