protected void Page_Load(object sender, EventArgs e)
{
try
{
if (!Request.IsSecureConnection)
{
throw new HttpException((int)HttpStatusCode.Forbidden, Resources.LocalizedText.oAuthErrNotSecure);
}
if (!IsPostBack)
{
if ((m_pendingRequest = this.authorizationServer.ReadAuthorizationRequest()) == null)
{
throw new HttpException((int)HttpStatusCode.BadRequest, Resources.LocalizedText.oAuthErrMissingRequest);
}
MFBOauth2Client client = (MFBOauth2Client)authorizationServer.AuthorizationServerServices.GetClient(m_pendingRequest.ClientIdentifier);
if (Uri.Compare(m_pendingRequest.Callback, new Uri(client.Callback), UriComponents.HostAndPort | UriComponents.PathAndQuery, UriFormat.UriEscaped, StringComparison.CurrentCultureIgnoreCase) != 0)
{
throw new HttpException((int)HttpStatusCode.BadRequest, Resources.LocalizedText.oAuthErrBadRedirectURL);
}
HashSet <string> allowedScopes = OAuthUtilities.SplitScopes(client.Scope);
if (!m_pendingRequest.Scope.IsSubsetOf(allowedScopes))
{
throw new HttpException((int)HttpStatusCode.BadRequest, Resources.LocalizedText.oAuthErrUnauthorizedScopes);
}
IEnumerable <MFBOAuthScope> requestedScopes = MFBOauthServer.ScopesFromStrings(m_pendingRequest.Scope);
// See if there are any scopes that are requested that are not allowed.
IEnumerable <string> lstScopes = MFBOauthServer.ScopeDescriptions(requestedScopes);
mvScopesRequested.SetActiveView(lstScopes.Count() == 0 ? vwNoScopes : vwRequestedScopes);
rptPermissions.DataSource = lstScopes;
rptPermissions.DataBind();
ViewState[szVSKeyPendingRequest] = m_pendingRequest;
lblClientName.Text = client.ClientName;
}
else
{
m_pendingRequest = (EndUserAuthorizationRequest)ViewState[szVSKeyPendingRequest];
}
}
catch (HttpException ex)
{
RejectWithError(ex.Message);
}
catch (MyFlightbook.MyFlightbookException ex)
{
lblErr.Text = ex.Message;
mvAuthorize.SetActiveView(vwErr);
}
}
protected void Page_Load(object sender, EventArgs e)
{
try
{
if (!Request.IsSecureConnection)
{
throw new HttpException((int)HttpStatusCode.Forbidden, Resources.LocalizedText.oAuthErrNotSecure);
}
if (!IsPostBack)
{
if ((m_pendingRequest = this.authorizationServer.ReadAuthorizationRequest()) == null)
{
throw new HttpException((int)HttpStatusCode.BadRequest, Resources.LocalizedText.oAuthErrMissingRequest);
}
MFBOauth2Client client = (MFBOauth2Client)authorizationServer.AuthorizationServerServices.GetClient(m_pendingRequest.ClientIdentifier);
bool fIsValidCallback = false;
foreach (string callback in client.Callbacks)
{
if (Uri.Compare(m_pendingRequest.Callback, new Uri(callback), UriComponents.HostAndPort | UriComponents.PathAndQuery, UriFormat.SafeUnescaped, StringComparison.CurrentCultureIgnoreCase) == 0)
{
fIsValidCallback = true;
break;
}
}
if (!fIsValidCallback)
{
throw new HttpException((int)HttpStatusCode.BadRequest, String.Format(System.Globalization.CultureInfo.CurrentCulture, Resources.LocalizedText.oAuthErrBadRedirectURL, m_pendingRequest.Callback.ToString()));
}
HashSet <string> allowedScopes = OAuthUtilities.SplitScopes(client.Scope);
if (!m_pendingRequest.Scope.IsSubsetOf(allowedScopes))
{
throw new HttpException((int)HttpStatusCode.BadRequest, Resources.LocalizedText.oAuthErrUnauthorizedScopes);
}
IEnumerable <MFBOAuthScope> requestedScopes = MFBOauthServer.ScopesFromStrings(m_pendingRequest.Scope);
// See if there are any scopes that are requested that are not allowed.
IEnumerable <string> lstScopes = MFBOauthServer.ScopeDescriptions(requestedScopes);
mvScopesRequested.SetActiveView(!lstScopes.Any() ? vwNoScopes : vwRequestedScopes);
rptPermissions.DataSource = lstScopes;
rptPermissions.DataBind();
ViewState[szVSKeyPendingRequest] = m_pendingRequest;
lblClientName.Text = HttpUtility.HtmlEncode(client.ClientName);
}
else
{
m_pendingRequest = (EndUserAuthorizationRequest)ViewState[szVSKeyPendingRequest];
}
}
catch (Exception ex) when(ex is HttpException || ex is ProtocolException || ex is ProtocolFaultResponseException || ex is MyFlightbook.MyFlightbookException)
{
lblErr.Text = ex.Message;
mvAuthorize.SetActiveView(vwErr);
}
}
