internal async Task <IEndpointResult> ProcessAuthorizeRequestAsync(NameValueCollection parameters, ClaimsPrincipal user, ConsentResponse consent, HttpContext context)
{
if (user != null)
{
Logger.LogDebug("User in authorize request: {subjectId}", user.GetSubjectId());
}
else
{
Logger.LogDebug("No user present in authorize request");
}
// validate request
var result = await _validator.ValidateAsync(parameters, user);
if (result.IsError)
{
return(await CreateErrorResultAsync(
"Request validation failed",
result.ValidatedRequest,
result.Error,
result.ErrorDescription));
}
var request = result.ValidatedRequest;
LogRequest(request);
// determine user interaction
var interactionResult = await _interactionGenerator.ProcessInteractionAsync(request, consent);
if (interactionResult.IsError)
{
return(await CreateErrorResultAsync("Interaction generator error", request, interactionResult.Error, interactionResult.ErrorDescription, false));
}
if (interactionResult.IsLogin)
{
return(new LoginPageResult(request, _loginUrlProcessor));
}
if (interactionResult.IsConsent)
{
return(new ConsentPageResult(request));
}
if (interactionResult.IsRedirect)
{
return(new CustomRedirectResult(request, interactionResult.RedirectUrl));
}
request.ClientIp = context.GetRequestIp();
request.Device = context
.GetHeaderValueAs <string>("User-Agent")
.GetDevice();
var response = await _authorizeResponseGenerator.CreateResponseAsync(request);
await RaiseResponseEventAsync(response);
LogResponse(response);
return(new AuthorizeResult(response));
}
public Task <InteractionResponse> ProcessInteractionAsync(ValidatedAuthorizeRequest request, ConsentResponse consent = null)
{
if (request.Subject?.IsAnonymous() == true)
{
return(Task.FromResult(new InteractionResponse {
IsLogin = true
}));
}
return(_inner.ProcessInteractionAsync(request, consent));
}
internal async Task <IEndpointResult> ProcessAuthorizeRequestAsync(NameValueCollection parameters, ClaimsPrincipal user, ConsentResponse consent)
{
if (user != null)
{
_logger.LogTrace("User in authorize request: name:{0}, sub:{1}", user.GetName(), user.GetSubjectId());
}
else
{
_logger.LogTrace("No user present in authorize request");
}
// validate request
var result = await _validator.ValidateAsync(parameters, user);
if (result.IsError)
{
return(await ErrorPageAsync(
result.ErrorType,
result.Error,
result.ValidatedRequest));
}
var request = result.ValidatedRequest;
// determine user interaction
var interactionResult = await _interactionGenerator.ProcessInteractionAsync(request, consent);
if (interactionResult.IsError)
{
return(await ErrorPageAsync(
interactionResult.Error.ErrorType,
interactionResult.Error.Error,
request));
}
if (interactionResult.IsLogin)
{
return(await LoginPageAsync(request));
}
if (interactionResult.IsConsent)
{
return(await ConsentPageAsync(request));
}
// issue response
return(await SuccessfulAuthorizationAsync(request));
}
protected async Task <IEndpointResult> ProcessAuthorizeRequestAsync(NameValueCollection parameters, ClaimsPrincipal user, ConsentResponse consent)
{
// validate request
var result = await _validator.ValidateAsync(parameters, user);
if (result.IsError)
{
return(await CreateErrorResultAsync(
"Request validation failed",
result.ValidatedRequest,
result.Error,
result.ErrorDescription));
}
var request = result.ValidatedRequest;
// determine user interaction
var interactionResult = await _interactionGenerator.ProcessInteractionAsync(request, consent);
if (interactionResult.IsError)
{
return(await CreateErrorResultAsync("Interaction generator error", request, interactionResult.Error));
}
if (interactionResult.IsLogin)
{
return(new LoginPageResult(request));
}
if (interactionResult.IsConsent)
{
return(new ConsentPageResult(request));
}
if (interactionResult.IsRedirect)
{
return(new CustomRedirectResult(request, interactionResult.RedirectUrl));
}
var response = await _authorizeResponseGenerator.CreateResponseAsync(request);
await RaiseResponseEventAsync(response);
return(new AuthorizeResult(response));
}
internal async Task <IEndpointResult> ProcessAuthorizeRequestAsync(NameValueCollection parameters, ClaimsPrincipal user, bool checkConsentResponse = false)
{
if (user != null)
{
Logger.LogDebug("User in authorize request: {subjectId}", user.GetSubjectId());
}
else
{
Logger.LogDebug("No user present in authorize request");
}
if (checkConsentResponse && _authorizationParametersMessageStore != null)
{
var messageStoreId = parameters[Constants.AuthorizationParamsStore.MessageStoreIdParameterName];
var entry = await _authorizationParametersMessageStore.ReadAsync(messageStoreId);
parameters = entry?.Data.FromFullDictionary() ?? new NameValueCollection();
await _authorizationParametersMessageStore.DeleteAsync(messageStoreId);
}
// validate request
var result = await _validator.ValidateAsync(parameters, user);
if (result.IsError)
{
return(await CreateErrorResultAsync(
"Request validation failed",
result.ValidatedRequest,
result.Error,
result.ErrorDescription));
}
string consentRequestId = null;
try
{
Message <ConsentResponse> consent = null;
if (checkConsentResponse)
{
var consentRequest = new ConsentRequest(result.ValidatedRequest.Raw, user?.GetSubjectId());
consentRequestId = consentRequest.Id;
consent = await _consentResponseStore.ReadAsync(consentRequestId);
if (consent != null && consent.Data == null)
{
return(await CreateErrorResultAsync("consent message is missing data"));
}
}
var request = result.ValidatedRequest;
LogRequest(request);
// determine user interaction
var interactionResult = await _interactionGenerator.ProcessInteractionAsync(request, consent?.Data);
if (interactionResult.IsError)
{
return(await CreateErrorResultAsync("Interaction generator error", request, interactionResult.Error, interactionResult.ErrorDescription, false));
}
if (interactionResult.IsLogin)
{
return(new LoginPageResult(request));
}
if (interactionResult.IsConsent)
{
return(new ConsentPageResult(request));
}
if (interactionResult.IsRedirect)
{
return(new CustomRedirectResult(request, interactionResult.RedirectUrl));
}
var response = await _authorizeResponseGenerator.CreateResponseAsync(request);
await RaiseResponseEventAsync(response);
LogResponse(response);
return(new AuthorizeResult(response));
}
finally
{
if (consentRequestId != null)
{
await _consentResponseStore.DeleteAsync(consentRequestId);
}
}
}