public Uri CreateResponse(IAuthorizationContext context) { UriBuilder result = new UriBuilder(context.RedirectUri); NameValueCollection queryComponents = GetContextToModify(context); if (context.Error != null) { BuildResponseValues(queryComponents, context.Error.ToResponseValues()); SetModifiedContext(context, result, queryComponents); return result.Uri; } IDictionary<string, object> responseValues; if (context.ResponseType == Parameters.ResponseTypeValues.AuthorizationCode) responseValues = ((ITokenizer)context.AuthorizationGrant).ToResponseValues(); else if (context.ResponseType == Parameters.ResponseTypeValues.AccessToken) responseValues = ((ITokenizer)context.Token).ToResponseValues(); else throw new InvalidOperationException("invalid type"); BuildResponseValues(queryComponents, responseValues); queryComponents[Parameters.State] = context.State; SetModifiedContext(context, result, queryComponents); return result.Uri; }
public AuthService(IUserManager userManager, ISessionManager sessionManager, IAuthorizationContext authorizationContext, IServerConfigurationManager config) { AuthorizationContext = authorizationContext; _config = config; SessionManager = sessionManager; UserManager = userManager; }
public void CreateAuthorizationGrant(IAuthorizationContext context) { try { InspectRequest(context); IEnumerable<ContextProcessor<IAuthorizationContext>> processors = ServiceLocator.Current.GetAllInstances<ContextProcessor<IAuthorizationContext>>(); bool handled = false; foreach (ContextProcessor<IAuthorizationContext> processor in processors) { if (!processor.IsSatisfiedBy(context)) continue; processor.Process(context); handled = true; break; } if (!handled) throw Errors.UnsupportedResponseType(context, context.ResponseType); if (!context.IsApproved) throw Errors.AccessDenied(context); } catch (OAuthErrorResponseException<IAuthorizationContext> ex) { context.Error = new ErrorResponse { Error = ex.Error, ErrorDescription = ex.Message, ErrorUri = ex.ErrorUri }; } }
private void SetModifiedContext(IAuthorizationContext context, UriBuilder builder, NameValueCollection components) { if (context.ResponseType == Parameters.ResponseTypeValues.AccessToken) builder.Fragment = UriHelper.ReconstructQueryString(components); else builder.Query = UriHelper.ReconstructQueryString(components); }
public AuthService(IUserManager userManager, IAuthorizationContext authorizationContext, IServerConfigurationManager config, IConnectManager connectManager, ISessionManager sessionManager, IDeviceManager deviceManager) { AuthorizationContext = authorizationContext; _config = config; DeviceManager = deviceManager; SessionManager = sessionManager; ConnectManager = connectManager; UserManager = userManager; }
private void InspectRequest(IAuthorizationContext context) { AssertNoAuthorizationToken(context); AssertIsClient(context); AssertRedirectUriIsValid(context); AssertResourceOwnerIdIsNotBlank(context); new SpecificationInspector().Inspect(context); // always run the known inspectors IEnumerable<IContextInspector<IAuthorizationContext>> inspectors = ServiceLocator.Current.GetAllInstances<IContextInspector<IAuthorizationContext>>(); foreach (IContextInspector<IAuthorizationContext> inspector in inspectors) inspector.Inspect(context); }
public IAuthorizationGrant IssueAuthorizationGrant(IAuthorizationContext context) { AuthorizationGrant grant = new AuthorizationGrant(); Client client = ClientRepo.FindClient(context.Client.ClientId); grant.Client = client; grant.ResourceOwnerId = context.ResourceOwnerUsername; //grant.IsApproved = false; //grant.ExpiresIn = 120; // 2 minutes grant.Code = Guid.NewGuid().ToString(); grant.IssuedOn = SharpOAuth2.Provider.Utility.Epoch.ToEpoch(DateTime.Now); grant.Scope = string.Join(" ", context.Scope); TokenRepo.AddAuthorizationGrant(grant); return grant; }
private static void CommonInvalidRequestSpecificationTest(IAuthorizationContext context, string parameter) { IContextInspector<IAuthorizationContext> inspector = new SpecificationInspector(); try { inspector.Inspect(context); Assert.Fail("No exception was thrown"); } catch (OAuthErrorResponseException<IAuthorizationContext> ex) { Assert.AreEqual(Parameters.ErrorParameters.ErrorValues.InvalidRequest, ex.Error); Assert.AreEqual("The '" + parameter + "' parameter is required and missing, unsupported, or malformed", ex.Message); } catch (Exception) { Assert.Fail("Threw an unexpected exception"); } }
private async Task ValidateDomainOwnershipAsync(IAuthorizationContext authorizationContext, CancellationToken cancellationToken) { cancellationToken.ThrowIfCancellationRequested(); var authorization = await authorizationContext.Resource(); var domainName = authorization.Identifier.Value; _logger.LogDebug("Requesting authorization to create certificate for {domainName}", domainName); cancellationToken.ThrowIfCancellationRequested(); var httpChallenge = await authorizationContext.Http(); cancellationToken.ThrowIfCancellationRequested(); if (httpChallenge == null) { throw new InvalidOperationException($"Did not receive challenge information for challenge type {ChallengeTypes.Http01}"); } var keyAuth = httpChallenge.KeyAuthz; _challengeStore.AddChallengeResponse(httpChallenge.Token, keyAuth); cancellationToken.ThrowIfCancellationRequested(); _logger.LogDebug("Requesting completion of challenge to prove ownership of domain {domainName}", domainName); var challenge = await httpChallenge.Validate(); var retries = 60; var delay = TimeSpan.FromSeconds(2); while (retries > 0) { retries--; cancellationToken.ThrowIfCancellationRequested(); authorization = await authorizationContext.Resource(); _logger.LogAcmeAction("GetAuthorization", authorization); switch (authorization.Status) { case AuthorizationStatus.Valid: return; case AuthorizationStatus.Pending: await Task.Delay(delay); continue; case AuthorizationStatus.Invalid: throw InvalidAuthorizationError(authorization); case AuthorizationStatus.Revoked: throw new InvalidOperationException($"The authorization to verify domainName '{domainName}' has been revoked."); case AuthorizationStatus.Expired: throw new InvalidOperationException($"The authorization to verify domainName '{domainName}' has expired."); default: throw new ArgumentOutOfRangeException("Unexpected response from server while validating domain ownership."); } } throw new TimeoutException("Timed out waiting for domain ownership validation."); }
public VideosService(ILibraryManager libraryManager, IUserManager userManager, IDtoService dtoService, IItemRepository itemRepo, IFileSystem fileSystem, IServerConfigurationManager config, IAuthorizationContext authContext) { _libraryManager = libraryManager; _userManager = userManager; _dtoService = dtoService; _itemRepo = itemRepo; _fileSystem = fileSystem; _config = config; _authContext = authContext; }
/// <summary> /// Initializes a new instance of the <see cref="BaseItemsByNameService{TItemType}" /> class. /// </summary> /// <param name="userManager">The user manager.</param> /// <param name="libraryManager">The library manager.</param> /// <param name="userDataRepository">The user data repository.</param> /// <param name="itemRepository">The item repository.</param> /// <param name="dtoService">The dto service.</param> protected BaseItemsByNameService(IUserManager userManager, ILibraryManager libraryManager, IUserDataManager userDataRepository, IItemRepository itemRepository, IDtoService dtoService, IAuthorizationContext authorizationContext) { UserManager = userManager; LibraryManager = libraryManager; UserDataRepository = userDataRepository; ItemRepository = itemRepository; DtoService = dtoService; AuthorizationContext = authorizationContext; }
/// <summary> /// Initializes a new instance of the <see cref="GamesService" /> class. /// </summary> /// <param name="userManager">The user manager.</param> /// <param name="userDataRepository">The user data repository.</param> /// <param name="libraryManager">The library manager.</param> /// <param name="itemRepo">The item repo.</param> /// <param name="dtoService">The dto service.</param> public GamesService(IUserManager userManager, IUserDataManager userDataRepository, ILibraryManager libraryManager, IItemRepository itemRepo, IDtoService dtoService, IAuthorizationContext authContext) { _userManager = userManager; _userDataRepository = userDataRepository; _libraryManager = libraryManager; _itemRepo = itemRepo; _dtoService = dtoService; _authContext = authContext; }
public bool IsAccessApproved(IAuthorizationContext context) { InspectRequest(context); return ServiceFactory.ClientService.IsAccessGranted(context.Client, context.Scope, context.ResourceOwnerUsername); }
private void AssertRedirectUriIsValid(IAuthorizationContext context) { if (!ServiceFactory.ClientService.ValidateRedirectUri(context)) throw new OAuthFatalException(string.Format(CultureInfo.CurrentUICulture, AuthorizationEndpointResources.InvalidRedirectUri, context.RedirectUri.ToString())); }
public GetTokenDtoAuthorizationHandler(IApplicationUserContext applicationUserContext, IAuthorizationContext <ApplicationUserContext> context) : base(applicationUserContext, context) { AllowAnonymous = true; }
public SavePortfolioTransactionAuthorizationHandler(IApplicationUserContext applicationUserContext, IAuthorizationContext <int> context) : base(applicationUserContext, context) { IsLoggedIn(); }
private void AssertResourceOwnerIdIsNotBlank(IAuthorizationContext context) { if (string.IsNullOrWhiteSpace(context.ResourceOwnerUsername)) throw new OAuthFatalException(AuthorizationEndpointResources.ResourceOwnerNotIncluded); }
private string GetResource(IAuthorizationContext authorizationContext) { authorizationContext.TryGet <Resource>("Resource", out var resource); return(resource != null ? resource.Value : "default"); }
public UserLibraryService(IUserManager userManager, ILibraryManager libraryManager, IUserDataManager userDataRepository, IDtoService dtoService, IUserViewManager userViewManager, IFileSystem fileSystem, IAuthorizationContext authContext) { _userManager = userManager; _libraryManager = libraryManager; _userDataRepository = userDataRepository; _dtoService = dtoService; _userViewManager = userViewManager; _fileSystem = fileSystem; _authContext = authContext; }
public Task <AuthorizationResult> GetAuthorizationResult(IReadOnlyCollection <string> options, IAuthorizationContext authorizationContext) { if (!_userContext.IsSupportConsoleUser()) { return(IsAuthorizedResult()); } if (!IsAuthorized(GetResource(authorizationContext), authorizationContext)) { return(IsNotAuthorizedResult(new Tier2UserAccessNotGranted())); } return(IsAuthorizedResult()); }
protected override void Execute(IAuthorizationContext context) { context.HasPermission = false; }
private void AssertNoAuthorizationToken(IAuthorizationContext context) { if (context.Token != null) throw new OAuthFatalException(AuthorizationEndpointResources.AuthorizationContextContainsToken); }
public SessionContext(IUserManager userManager, IAuthorizationContext authContext, ISessionManager sessionManager) { _userManager = userManager; _authContext = authContext; _sessionManager = sessionManager; }
public SessionsService(ISessionManager sessionManager, IServerApplicationHost appHost, IUserManager userManager, IAuthorizationContext authContext, IAuthenticationRepository authRepo, IDeviceManager deviceManager, ISessionContext sessionContext) { _sessionManager = sessionManager; _userManager = userManager; _authContext = authContext; _authRepo = authRepo; _deviceManager = deviceManager; _sessionContext = sessionContext; _appHost = appHost; }
public SubtitleService(ILibraryManager libraryManager, ISubtitleManager subtitleManager, ISubtitleEncoder subtitleEncoder, IMediaSourceManager mediaSourceManager, IProviderManager providerManager, IFileSystem fileSystem, IAuthorizationContext authContext) { _libraryManager = libraryManager; _subtitleManager = subtitleManager; _subtitleEncoder = subtitleEncoder; _mediaSourceManager = mediaSourceManager; _providerManager = providerManager; _fileSystem = fileSystem; _authContext = authContext; }
private void AssertIsClient(IAuthorizationContext context) { if (!ServiceFactory.ClientService.IsClient(context)) throw Errors.UnauthorizedClient(context, context.Client); }
/// <summary> /// Initializes a new instance of the <see cref="LibraryService" /> class. /// </summary> public LibraryService(IItemRepository itemRepo, ILibraryManager libraryManager, IUserManager userManager, IDtoService dtoService, IUserDataManager userDataManager, IAuthorizationContext authContext, IActivityManager activityManager, ILocalizationManager localization) { _itemRepo = itemRepo; _libraryManager = libraryManager; _userManager = userManager; _dtoService = dtoService; _userDataManager = userDataManager; _authContext = authContext; _activityManager = activityManager; _localization = localization; }
/// <summary> /// Initializes a new instance of the <see cref="ImageService" /> class. /// </summary> public ImageService(IUserManager userManager, ILibraryManager libraryManager, IProviderManager providerManager, IItemRepository itemRepo, IImageProcessor imageProcessor, IFileSystem fileSystem, IAuthorizationContext authContext) { _userManager = userManager; _libraryManager = libraryManager; _providerManager = providerManager; _itemRepo = itemRepo; _imageProcessor = imageProcessor; _fileSystem = fileSystem; _authContext = authContext; }
private NameValueCollection GetContextToModify(IAuthorizationContext context) { if (context.ResponseType == Parameters.ResponseTypeValues.AccessToken) return new NameValueCollection(); else return HttpUtility.ParseQueryString(context.RedirectUri.Query); }
/// <summary> /// Initializes a new instance of the <see cref="TvShowsService" /> class. /// </summary> /// <param name="userManager">The user manager.</param> /// <param name="userDataManager">The user data repository.</param> /// <param name="libraryManager">The library manager.</param> public TvShowsService(IUserManager userManager, IUserDataManager userDataManager, ILibraryManager libraryManager, IItemRepository itemRepo, IDtoService dtoService, ITVSeriesManager tvSeriesManager, IAuthorizationContext authContext) { _userManager = userManager; _userDataManager = userDataManager; _libraryManager = libraryManager; _itemRepo = itemRepo; _dtoService = dtoService; _tvSeriesManager = tvSeriesManager; _authContext = authContext; }
public DynamicHlsService(IServerConfigurationManager serverConfig, IUserManager userManager, ILibraryManager libraryManager, IIsoManager isoManager, IMediaEncoder mediaEncoder, IFileSystem fileSystem, IDlnaManager dlnaManager, ISubtitleEncoder subtitleEncoder, IDeviceManager deviceManager, IMediaSourceManager mediaSourceManager, IZipClient zipClient, IJsonSerializer jsonSerializer, IAuthorizationContext authorizationContext, INetworkManager networkManager) : base(serverConfig, userManager, libraryManager, isoManager, mediaEncoder, fileSystem, dlnaManager, subtitleEncoder, deviceManager, mediaSourceManager, zipClient, jsonSerializer, authorizationContext) { NetworkManager = networkManager; }
public GetListPortfolioTransactionsConsolidationDtoAuthorizationHandler(IApplicationUserContext applicationUserContext, IAuthorizationContext <List <PortfolioTransactionsConsolidationDto> > context) : base(applicationUserContext, context) { IsLoggedIn(); }
/// <summary> /// Initializes a new instance of the <see cref="MoviesService" /> class. /// </summary> public MoviesService(IUserManager userManager, ILibraryManager libraryManager, IDtoService dtoService, IServerConfigurationManager config, IAuthorizationContext authContext) { _userManager = userManager; _libraryManager = libraryManager; _dtoService = dtoService; _config = config; _authContext = authContext; }