public async Task ExecuteAsync(HttpContext context)
{
Init(context);
if (_result.SessionId != null)
{
_clientList.RemoveCookie(_result.SessionId);
}
if (_result.LogoutId != null)
{
await _logoutMessageStore.DeleteAsync(_result.LogoutId);
}
if (_result.IsError)
{
context.Response.StatusCode = (int)HttpStatusCode.BadRequest;
}
else
{
context.Response.SetNoCache();
AddXfoHeaders(context);
AddCspHeaders(context);
var html = GetHtml();
await context.Response.WriteHtmlAsync(html);
}
}
internal async Task <IEndpointResult> ProcessAuthorizeAfterLoginAsync(IdentityServerContext context)
{
_logger.LogInformation("Start Authorize Request (after login)");
if (!context.HttpContext.Request.Query.ContainsKey("id"))
{
_logger.LogWarning("id query parameter is missing.");
return(await ErrorPageAsync(ErrorTypes.User, nameof(Messages.UnexpectedError), null));
}
var id = context.HttpContext.Request.Query["id"].First();
var message = await _signInResponseStore.ReadAsync(id);
if (message == null)
{
_logger.LogWarning("signin message is missing.");
return(await ErrorPageAsync(ErrorTypes.User, nameof(Messages.UnexpectedError), null));
}
if (message.AuthorizeRequestParameters == null)
{
_logger.LogWarning("signin message is missing AuthorizeRequestParameters data.");
return(await ErrorPageAsync(ErrorTypes.User, nameof(Messages.UnexpectedError), null));
}
var user = await _context.GetIdentityServerUserAsync();
var result = await ProcessAuthorizeRequestAsync(message.AuthorizeRequestParameters.ToNameValueCollection(), user, null);
await _signInResponseStore.DeleteAsync(id);
_logger.LogInformation("End Authorize Request. Result type: {0}", result?.GetType().ToString() ?? "-none-");
return(result);
}
private async Task ClearSignoutMessageIdAsync(HttpRequest request)
{
var logoutId = request.Query[_context.Options.UserInteractionOptions.LogoutIdParameter].FirstOrDefault();
if (logoutId != null)
{
await _logoutMessageStore.DeleteAsync(logoutId);
}
}
internal async Task <IEndpointResult> ProcessAuthorizeAfterConsentAsync(HttpContext context)
{
_logger.LogDebug("Start authorize request (after consent)");
var user = await context.GetIdentityServerUserAsync();
if (user == null)
{
return(await CreateErrorResultAsync("User is not authenticated"));
}
var parameters = context.Request.Query.AsNameValueCollection();
var consentRequest = new ConsentRequest(parameters, user.GetSubjectId());
var consent = await _consentResponseStore.ReadAsync(consentRequest.Id);
if (consent == null)
{
return(await CreateErrorResultAsync("consent message is missing"));
}
try
{
if (consent.Data == null)
{
return(await CreateErrorResultAsync("consent message is missing data"));
}
var result = await ProcessAuthorizeRequestAsync(parameters, user, consent.Data);
_logger.LogTrace("End Authorize Request. Result type: {0}", result?.GetType().ToString() ?? "-none-");
return(result);
}
finally
{
await _consentResponseStore.DeleteAsync(consentRequest.Id);
}
}
internal async Task <IEndpointResult> ProcessAuthorizeAfterConsentAsync(IdentityServerContext context)
{
_logger.LogInformation("Start authorize request (after consent)");
var user = await _context.GetIdentityServerUserAsync();
if (user == null)
{
_logger.LogError("User is not authenticated.");
return(await ErrorPageAsync(ErrorTypes.User, nameof(Messages.UnexpectedError), null));
}
var parameters = context.HttpContext.Request.Query.AsNameValueCollection();
var consentRequest = new ConsentRequest(parameters, user.GetSubjectId());
var consent = await _consentResponseStore.ReadAsync(consentRequest.Id);
if (consent == null)
{
_logger.LogError("consent message is missing.");
return(await ErrorPageAsync(ErrorTypes.User, nameof(Messages.UnexpectedError), null));
}
if (consent.Data == null)
{
_logger.LogError("consent message is missing Consent data.");
return(await ErrorPageAsync(ErrorTypes.User, nameof(Messages.UnexpectedError), null));
}
var result = await ProcessAuthorizeRequestAsync(parameters, user, consent.Data);
await _consentResponseStore.DeleteAsync(consentRequest.Id);
_logger.LogInformation("End Authorize Request. Result type: {0}", result?.GetType().ToString() ?? "-none-");
return(result);
}
public async Task ClearRequestAsync(string requestId)
{
await _requestStore.DeleteAsync(requestId);
}
