Пример #1
0
        public StatusResponse Index(string ma_client_id, string device_code)
        {
            var authRequest = _context.AuthRequests.FirstOrDefault(a => a.ClientId == ma_client_id && a.DeviceCode == device_code);

            if (authRequest == null)
            {
                return(new StatusResponse
                {
                    status = "NotFound"
                });
            }

            if (authRequest.Status == AuthRequestStatus.Complete.ToString())
            {
                // Remove auth request from DB once a complete status is returned
                _context.AuthRequests.Remove(authRequest);
                _context.SaveChanges();
            }

            return(new StatusResponse
            {
                status = authRequest.Status,
                code = authRequest.Code,
                error = authRequest.Error
            });
        }
Пример #2
0
        public ActionResult Callback(string code, string error, string state)
        {
            var authRequest = _context.AuthRequests.FirstOrDefault(a => a.UserCode == state);

            if (authRequest == null || authRequest.Status != AuthRequestStatus.Pending)
            {
                return(RedirectToAction("error", "login"));
            }

            authRequest.Code   = code;
            authRequest.Error  = error;
            authRequest.Status = AuthRequestStatus.Complete;

            _context.SaveChanges();

            if (!string.IsNullOrWhiteSpace(error) || string.IsNullOrWhiteSpace(code))
            {
                return(RedirectToAction("error", "login"));
            }
            else
            {
                return(RedirectToAction("success", "login"));
            }
        }
Пример #3
0
        public CodeResponse Index(string ma_provider, string ma_client_id)
        {
            string error = null;

            if (!ValidateRequest(ma_provider, ma_client_id, out error))
            {
                return(new CodeResponse
                {
                    error = error
                });
            }

            var authRequest = new AuthRequest
            {
                Provider   = ma_provider,
                ClientId   = ma_client_id,
                DeviceCode = Guid.NewGuid().ToString().ToLower(),
                Expires    = DateTime.UtcNow.AddSeconds(_config.Value.ExpirySeconds),
                Status     = AuthRequestStatus.Pending
            };

            authRequest.UserCode = this.Hashid.Encode(authRequest.Id).ToUpper();
            _context.AuthRequests.Add(authRequest);

            int count       = 0;
            var queryParams = HttpUtility.ParseQueryString(Request.QueryString.ToString());

            foreach (var param in queryParams.AllKeys)
            {
                if (param != null &&
                    param != "ma_provider" &&
                    param != "ma_client_id")
                {
                    if (!ValidateParameter(count, param, queryParams[param], out error))
                    {
                        return(new CodeResponse
                        {
                            error = error
                        });
                    }

                    _context.AuthRequestParams.Add(new AuthRequestParam
                    {
                        AuthRequestId = authRequest.Id,
                        Name          = param,
                        Value         = queryParams[param]
                    });

                    count++;

                    if (count > MAX_PARAMS)
                    {
                        return(new CodeResponse
                        {
                            error = $"Number of parameters exceeds maximum of {MAX_PARAMS}."
                        });
                    }
                }
            }

            _context.SaveChanges();

            // Perform cleanup of existing auth requests
            Cleanup();

            return(new CodeResponse
            {
                device_code = authRequest.DeviceCode,
                user_code = authRequest.UserCode,
                expires_in = _config.Value.ExpirySeconds,
                verification_url = _config.Value.VerificationUrl
            });
        }