Пример #1
0
        /// <summary>
        /// Creates a anonymous user.
        /// </summary>
        /// <param name="user">The anonymous user.</param>
        /// <returns></returns>
        public async virtual Task CreateAsync(IAnonymousUser user = null)
        {
            user = user ?? await _anonUserFactory.CreateAsync();

            if (user == null)
            {
                throw new InvalidOperationException(nameof(user));
            }

            DeleteAnonymousIdCookie();
            AppendAnonymousIdCookie(user.Id);
        }
        /// <summary>
        ///  Validates authorize request parameters.
        /// </summary>
        /// <param name="parameters"></param>
        /// <param name="subject"></param>
        /// <returns></returns>
        public async Task <AuthorizeRequestValidationResult> ValidateAsync(NameValueCollection parameters, ClaimsPrincipal subject = null)
        {
            if (parameters == null)
            {
                throw new ArgumentNullException(nameof(parameters));
            }

            var responseMode = parameters.Get(IdentityModel.OidcConstants.AuthorizeRequest.ResponseMode);
            var acrValues    = parameters.Get(IdentityModel.OidcConstants.AuthorizeRequest.AcrValues);

            if (acrValues == Constants.KnownAcrValues.Anonymous && responseMode == OidcConstants.ResponseModes.Json)
            {
                // source validator dont support "json" response mode
                // the "json" response mode only for anonymous requests
                parameters.Remove(IdentityModel.OidcConstants.AuthorizeRequest.ResponseMode);

                var result = await _inner.ValidateAsync(parameters, subject);

                if (!result.IsError)
                {
                    if (subject == null)
                    {
                        // create anon user
                        var anonUser = await _anonUserFactory.CreateAsync();

                        await _anonUserManager.CreateAsync(anonUser);

                        // and sign in with "anon" authentication method
                        await _anonSignInManager.SignInAsync(anonUser);

                        // reload the current user
                        result.ValidatedRequest.Subject = await _userSession.GetUserAsync();
                    }

                    // return "json" response mode back
                    result.ValidatedRequest.ResponseMode = OidcConstants.ResponseModes.Json;

                    // set anonymous token lifetime
                    // https://github.com/IdentityServer/IdentityServer4/issues/3578
                    if (result.ValidatedRequest.Subject.IsAnonymous())
                    {
                        result.ValidatedRequest.AccessTokenLifetime = _options.AccessTokenLifetime;
                    }
                }

                return(result);
            }

            return(await _inner.ValidateAsync(parameters, subject));
        }