/// <inheritdoc />
public async Task <LoginResult> LoginAsync(object extraParameters = null, CancellationToken cancellationToken = default)
{
var finalExtraParameters = AppendTelemetry(extraParameters);
if (_options.MaxAge.HasValue)
{
finalExtraParameters["max_age"] = _options.MaxAge.Value.TotalSeconds.ToString("0");
}
var loginRequest = new LoginRequest {
FrontChannelExtraParameters = new Parameters(finalExtraParameters)
};
Debug.WriteLine($"Using Callback URL '{OidcClient.Options.RedirectUri}'. Ensure this is an Allowed Callback URL for application/client ID {_options.ClientId}.");
var result = await OidcClient.LoginAsync(loginRequest, cancellationToken);
if (!result.IsError)
{
if (finalExtraParameters.ContainsKey("organization"))
{
_idTokenRequirements.Organization = finalExtraParameters["organization"];
}
await IdTokenValidator.AssertTokenMeetsRequirements(_idTokenRequirements, result.IdentityToken); // Nonce is created & tested by OidcClient
}
return(result);
}
static async Task <BoolValue <string> > validateIdTokenAsync(string idToken)
{
var validator = new IdTokenValidator();
var validated = await validator.ValidateAsync(idToken);
return(validated
? BoolValue <string> .Success(idToken)
: BoolValue <string> .Fail(validated.Message, validated.Exception));
}
/// <inheritdoc/>
public async Task <RefreshTokenResult> RefreshTokenAsync(string refreshToken, object extraParameters = null, CancellationToken cancellationToken = default)
{
var result = await OidcClient.RefreshTokenAsync(refreshToken, AppendTelemetry(extraParameters), cancellationToken);
if (!result.IsError)
{
await IdTokenValidator.AssertTokenMeetsRequirements(_idTokenRequirements, result.IdentityToken); // Nonce is created & tested by OidcClient
}
return(result);
}
/// <inheritdoc/>
public async Task <RefreshTokenResult> RefreshTokenAsync(string refreshToken, object extraParameters = null, CancellationToken cancellationToken = default)
{
var finalExtraParameters = AppendTelemetry(extraParameters);
var result = await OidcClient.RefreshTokenAsync(refreshToken, new Parameters(finalExtraParameters), cancellationToken);
if (!result.IsError)
{
if (finalExtraParameters.ContainsKey("Organization"))
{
_idTokenRequirements.Organization = finalExtraParameters["Organization"];
}
await IdTokenValidator.AssertTokenMeetsRequirements(_idTokenRequirements, result.IdentityToken); // Nonce is created & tested by OidcClient
}
return(result);
}
private Task ValidateToken(string token, IdTokenRequirements reqs = null, DateTime?when = null, ISignatureVerifier signatureVerifier = null)
{
return(IdTokenValidator.AssertTokenMeetsRequirements(reqs ?? defaultReqs, token, when ?? tokensWereValid, signatureVerifier ?? rs256NoSignature));
}
