Пример #1
0
        public async Task <JObject> Handle(string clientId, HandlerContext handlerContext, CancellationToken cancellationToken)
        {
            var oauthClient = await GetClient(clientId, handlerContext, cancellationToken);

            var extractedClient = ExtractClient(handlerContext);

            if (extractedClient.ClientId != oauthClient.ClientId)
            {
                Logger.LogError("the client identifier must be identical");
                throw new OAuthException(ErrorCodes.INVALID_REQUEST, ErrorMessages.CLIENT_IDENTIFIER_MUST_BE_IDENTICAL);
            }

            extractedClient.ClientId = oauthClient.ClientId;
            extractedClient.SetClientSecret(oauthClient.ClientSecret, oauthClient.ClientSecretExpirationTime);
            extractedClient.RegistrationAccessToken = oauthClient.RegistrationAccessToken;
            extractedClient.UpdateDateTime          = DateTime.UtcNow;
            extractedClient.CreateDateTime          = oauthClient.CreateDateTime;
            await _oauthClientValidator.Validate(extractedClient, cancellationToken);

            await OAuthClientRepository.Update(extractedClient, cancellationToken);

            await OAuthClientRepository.SaveChanges(cancellationToken);

            Logger.LogInformation($"the client '{clientId}' has been updated");
            return(null);
        }
Пример #2
0
        public virtual async Task <BaseClient> GetClient(string clientId, HandlerContext handlerContext, CancellationToken cancellationToken)
        {
            var accessToken = handlerContext.Request.GetToken(AutenticationSchemes.Bearer, AutenticationSchemes.Basic);

            if (string.IsNullOrWhiteSpace(accessToken))
            {
                Logger.LogError("access token is missing");
                throw new OAuthUnauthorizedException(ErrorCodes.INVALID_TOKEN, ErrorMessages.MISSING_ACCESS_TOKEN);
            }

            var clients = await OAuthClientRepository.Find(new Persistence.Parameters.SearchClientParameter
            {
                RegistrationAccessToken = accessToken
            }, cancellationToken);

            if (!clients.Content.Any())
            {
                Logger.LogError($"access token '{accessToken}' is invalid");
                throw new OAuthUnauthorizedException(ErrorCodes.INVALID_TOKEN, ErrorMessages.BAD_ACCESS_TOKEN);
            }

            var client = clients.Content.First();

            if (client.ClientId != clientId)
            {
                client.RegistrationAccessToken = null;
                await OAuthClientRepository.Update(client, cancellationToken);

                await OAuthClientRepository.SaveChanges(cancellationToken);

                Logger.LogError($"access token '{accessToken}' can be used for the client '{client.ClientId}' and not for the client '{clientId}'");
                throw new OAuthUnauthorizedException(ErrorCodes.INVALID_TOKEN, string.Format(ErrorMessages.ACCESS_TOKEN_VALID_CLIENT, client.ClientId, clientId));
            }

            return(client);
        }