Пример #1
0
        protected override async Task <bool> HandleUnauthorizedAsync([NotNull] ChallengeContext context)
        {
            var properties = new AuthenticationProperties(context.Properties);

            if (string.IsNullOrEmpty(properties.RedirectUri))
            {
                properties.RedirectUri = CurrentUri;
            }

            var requestToken = await ObtainRequestTokenAsync(Options.ConsumerKey, Options.ConsumerSecret, BuildRedirectUri(Options.CallbackPath), properties);

            if (requestToken.CallbackConfirmed)
            {
                var twitterAuthenticationEndpoint = AuthenticationEndpoint + requestToken.Token;

                var cookieOptions = new CookieOptions
                {
                    HttpOnly = true,
                    Secure   = Request.IsHttps
                };

                Response.Cookies.Append(StateCookie, Options.StateDataFormat.Protect(requestToken), cookieOptions);

                var redirectContext = new TwitterApplyRedirectContext(
                    Context, Options,
                    properties, twitterAuthenticationEndpoint);
                Options.Notifications.ApplyRedirect(redirectContext);
                return(true);
            }
            else
            {
                Logger.LogError("requestToken CallbackConfirmed!=true");
            }
            return(false); // REVIEW: Make sure this should not stop other handlers
        }
Пример #2
0
 /// <summary>
 /// Called when a Challenge causes a redirect to authorize endpoint in the Twitter middleware
 /// </summary>
 /// <param name="context">Contains redirect URI and <see cref="AuthenticationProperties"/> of the challenge </param>
 public virtual void ApplyRedirect(TwitterApplyRedirectContext context)
 {
     OnApplyRedirect(context);
 }
Пример #3
0
        protected override async Task ApplyResponseChallengeAsync()
        {
            if (ShouldConvertChallengeToForbidden())
            {
                Response.StatusCode = 403;
                return;
            }

            if (Response.StatusCode != 401)
            {
                return;
            }

            // When Automatic should redirect on 401 even if there wasn't an explicit challenge.
            if (ChallengeContext == null && !Options.AutomaticAuthentication)
            {
                return;
            }

            string requestPrefix = Request.Scheme + "://" + Request.Host;
            string callBackUrl   = requestPrefix + RequestPathBase + Options.CallbackPath;

            AuthenticationProperties properties;

            if (ChallengeContext == null)
            {
                properties = new AuthenticationProperties();
            }
            else
            {
                properties = new AuthenticationProperties(ChallengeContext.Properties);
            }
            if (string.IsNullOrEmpty(properties.RedirectUri))
            {
                properties.RedirectUri = requestPrefix + Request.PathBase + Request.Path + Request.QueryString;
            }

            RequestToken requestToken = await ObtainRequestTokenAsync(Options.ConsumerKey, Options.ConsumerSecret, callBackUrl, properties);

            if (requestToken.CallbackConfirmed)
            {
                string twitterAuthenticationEndpoint = AuthenticationEndpoint + requestToken.Token;

                var cookieOptions = new CookieOptions
                {
                    HttpOnly = true,
                    Secure   = Request.IsHttps
                };

                Response.Cookies.Append(StateCookie, Options.StateDataFormat.Protect(requestToken), cookieOptions);

                var redirectContext = new TwitterApplyRedirectContext(
                    Context, Options,
                    properties, twitterAuthenticationEndpoint);
                Options.Notifications.ApplyRedirect(redirectContext);
            }
            else
            {
                _logger.LogError("requestToken CallbackConfirmed!=true");
            }
        }