protected override Task ApplyResponseChallengeAsync() { if (Response.StatusCode != 401) { return(Task.FromResult <object>(null)); } AuthenticationResponseChallenge challenge = Helper.LookupChallenge(Options.AuthenticationType, Options.AuthenticationMode); if (challenge != null) { string baseUri = Request.Scheme + Uri.SchemeDelimiter + Request.Host + Request.PathBase; string currentUri = baseUri + Request.Path + Request.QueryString; string redirectUri = string.IsNullOrEmpty(Options.UnionCallbackPath) ? baseUri : Options.UnionCallbackPath + Options.CallbackPath; AuthenticationProperties properties = challenge.Properties; if (string.IsNullOrEmpty(properties.RedirectUri)) { properties.RedirectUri = currentUri; } // OAuth2 10.12 CSRF GenerateCorrelationId(properties); // comma separated string scope = string.Join(",", Options.Scope); string state = Options.StateDataFormat.Protect(properties); //store state var stateKey = StateKeeper.Put(state); string authorizationEndpoint = Options.AuthorizationEndpoint + "?appid=" + Uri.EscapeDataString(Options.AppId ?? string.Empty) + "&redirect_uri=" + Uri.EscapeDataString(redirectUri) + "&scope=" + Uri.EscapeDataString(scope) + "&response_type=code&state=" + Uri.EscapeDataString(stateKey) + "#wechat_redirect"; var redirectContext = new WeChatApplyRedirectContext( Context, Options, properties, authorizationEndpoint); Options.Provider.ApplyRedirect(redirectContext); } return(Task.FromResult <object>(null)); }
/// <summary> /// Called when a Challenge causes a redirect to authorize endpoint in the WeChat middleware /// </summary> /// <param name="context">Contains redirect URI and <see cref="AuthenticationProperties"/> of the challenge </param> public virtual void ApplyRedirect(WeChatApplyRedirectContext context) { OnApplyRedirect(context); }