Пример #1
0
        public async Task Get(CancellationToken token)
        {
            var jObjBody    = Request.Query.ToJObject();
            var claimName   = User.Claims.FirstOrDefault(c => c.Type == ClaimTypes.NameIdentifier);
            var userSubject = claimName == null ? string.Empty : claimName.Value;
            var context     = new HandlerContext(new HandlerContextRequest(Request.GetAbsoluteUriWithVirtualPath(), userSubject, jObjBody, null, Request.Cookies), new HandlerContextResponse(Response.Cookies));

            try
            {
                string url;
                var    authorizationResponse = await _authorizationRequestHandler.Handle(context, token);

                if (authorizationResponse.Type == AuthorizationResponseTypes.RedirectUrl)
                {
                    var redirectUrlAuthorizationResponse = authorizationResponse as RedirectURLAuthorizationResponse;
                    url = QueryHelpers.AddQueryString(redirectUrlAuthorizationResponse.RedirectUrl, redirectUrlAuthorizationResponse.QueryParameters);
                    _responseModeHandler.Handle(jObjBody, redirectUrlAuthorizationResponse, HttpContext);
                    return;
                }

                var redirectActionAuthorizationResponse = authorizationResponse as RedirectActionAuthorizationResponse;
                var parameters = new List <KeyValuePair <string, string> >();
                foreach (var record in redirectActionAuthorizationResponse.QueryParameters)
                {
                    var jArr = record.Value as JArray;
                    if (jArr != null)
                    {
                        foreach (var rec in jArr)
                        {
                            parameters.Add(new KeyValuePair <string, string>(record.Key, rec.ToString()));
                        }
                    }
                    else
                    {
                        parameters.Add(new KeyValuePair <string, string>(record.Key, record.Value.ToString()));
                    }
                }

                var queryCollection = new QueryBuilder(parameters);
                var issuer          = Request.GetAbsoluteUriWithVirtualPath();
                var returnUrl       = $"{issuer}/{Constants.EndPoints.Authorization}{queryCollection.ToQueryString()}";
                var uiLocales       = context.Request.Data.GetUILocalesFromAuthorizationRequest();
                url = Url.Action(redirectActionAuthorizationResponse.Action, redirectActionAuthorizationResponse.ControllerName, new
                {
                    ReturnUrl  = _dataProtector.Protect(returnUrl),
                    area       = redirectActionAuthorizationResponse.Area,
                    ui_locales = string.Join(" ", uiLocales)
                });
                HttpContext.Response.Redirect(url);
            }
            catch (OAuthExceptionBadRequestURIException ex)
            {
                await BuildErrorResponse(context, ex, true);
            }
            catch (OAuthException ex)
            {
                await BuildErrorResponse(context, ex);
            }
        }
Пример #2
0
        public async Task Reject(RejectConsentViewModel viewModel, CancellationToken cancellationToken)
        {
            var unprotectedUrl = _dataProtector.Unprotect(viewModel.ReturnUrl);
            var query          = unprotectedUrl.GetQueries().ToJObj();
            var clientId       = query.GetClientIdFromAuthorizationRequest();
            var oauthClient    = await _oauthClientRepository.FindOAuthClientById(clientId, cancellationToken);

            query = await _extractRequestHelper.Extract(Request.GetAbsoluteUriWithVirtualPath(), query, oauthClient);

            var redirectUri = query.GetRedirectUriFromAuthorizationRequest();
            var state       = query.GetStateFromAuthorizationRequest();
            var jObj        = new JObject
            {
                { ErrorResponseParameters.Error, ErrorCodes.ACCESS_DENIED },
                { ErrorResponseParameters.ErrorDescription, ErrorMessages.ACCESS_REVOKED_BY_RESOURCE_OWNER }
            };

            if (!string.IsNullOrWhiteSpace(state))
            {
                jObj.Add(ErrorResponseParameters.State, state);
            }

            var dic = jObj.ToEnumerable().ToDictionary(kvp => kvp.Key, kvp => kvp.Value);
            var redirectUrlAuthorizationResponse = new RedirectURLAuthorizationResponse(redirectUri, dic);

            _responseModeHandler.Handle(query, redirectUrlAuthorizationResponse, HttpContext);
        }
Пример #3
0
        public async Task Get()
        {
            var      jObjBody      = Request.Query.ToJObject();
            var      claimName     = User.Claims.FirstOrDefault(c => c.Type == ClaimTypes.NameIdentifier);
            var      claimAuthTime = User.Claims.FirstOrDefault(c => c.Type == ClaimTypes.AuthenticationInstant);
            var      userSubject   = claimName == null ? string.Empty : claimName.Value;
            DateTime?authTime      = null;
            DateTime auth;

            if (claimAuthTime != null && !string.IsNullOrWhiteSpace(claimAuthTime.Value) && DateTime.TryParse(claimAuthTime.Value, out auth))
            {
                authTime = auth;
            }

            var context = new HandlerContext(new HandlerContextRequest(Request.GetAbsoluteUriWithVirtualPath(), userSubject, authTime, jObjBody, null, Request.Cookies), new HandlerContextResponse(Response.Cookies));

            try
            {
                string url;
                var    authorizationResponse = await _authorizationRequestHandler.Handle(context);

                if (authorizationResponse.Type == AuthorizationResponseTypes.RedirectUrl)
                {
                    var redirectUrlAuthorizationResponse = authorizationResponse as RedirectURLAuthorizationResponse;
                    url = QueryHelpers.AddQueryString(redirectUrlAuthorizationResponse.RedirectUrl, redirectUrlAuthorizationResponse.QueryParameters);
                    _responseModeHandler.Handle(jObjBody, redirectUrlAuthorizationResponse, HttpContext);
                    return;
                }

                var redirectActionAuthorizationResponse = authorizationResponse as RedirectActionAuthorizationResponse;
                var parameters = new List <KeyValuePair <string, string> >();
                foreach (var record in redirectActionAuthorizationResponse.QueryParameters)
                {
                    var jArr = record.Value as JArray;
                    if (jArr != null)
                    {
                        foreach (var rec in jArr)
                        {
                            parameters.Add(new KeyValuePair <string, string>(record.Key, rec.ToString()));
                        }
                    }
                    else
                    {
                        parameters.Add(new KeyValuePair <string, string>(record.Key, record.Value.ToString()));
                    }
                }

                var queryCollection = new QueryBuilder(parameters);
                var issuer          = Request.GetAbsoluteUriWithVirtualPath();
                var returnUrl       = $"{issuer}/{Constants.EndPoints.Authorization}{queryCollection.ToQueryString()}";
                url = Url.Action(redirectActionAuthorizationResponse.Action, redirectActionAuthorizationResponse.ControllerName, new { ReturnUrl = _dataProtector.Protect(returnUrl), area = redirectActionAuthorizationResponse.Area });
                HttpContext.Response.Redirect(url);
            }
            catch (OAuthException ex)
            {
                var jObj = new JObject
                {
                    { ErrorResponseParameters.Error, ex.Code },
                    { ErrorResponseParameters.ErrorDescription, ex.Message }
                };
                var payload = Encoding.UTF8.GetBytes(jObj.ToString());
                HttpContext.Response.StatusCode = (int)HttpStatusCode.BadRequest;
                await HttpContext.Response.Body.WriteAsync(payload, 0, payload.Length);
            }
        }