private async Task <AuthenticationTicket> DeserializeAuthorizationCodeAsync(string code, OpenIdConnectMessage request)
{
var notification = new DeserializeAuthorizationCodeContext(Context, Options, request, code)
{
DataFormat = Options.AuthorizationCodeFormat
};
await Options.Provider.DeserializeAuthorizationCode(notification);
if (notification.HandledResponse || notification.Ticket != null)
{
return(notification.Ticket);
}
else if (notification.Skipped)
{
return(null);
}
var buffer = await Options.Cache.GetAsync($"asos-authorization-code:{code}");
if (buffer == null)
{
return(null);
}
using (var stream = new MemoryStream(buffer))
using (var reader = new StreamReader(stream)) {
// Because authorization codes are guaranteed to be unique, make sure
// to remove the current code from the global store before using it.
await Options.Cache.RemoveAsync($"asos-authorization-code:{code}");
var ticket = notification.DataFormat?.Unprotect(await reader.ReadToEndAsync());
if (ticket == null)
{
return(null);
}
// Ensure the received ticket is an authorization code.
if (!ticket.IsAuthorizationCode())
{
Options.Logger.LogDebug("The received token was not an authorization code: {Code}.", code);
return(null);
}
return(ticket);
}
}
private async Task <AuthenticationTicket> DeserializeAuthorizationCodeAsync(string code, OpenIdConnectRequest request)
{
var notification = new DeserializeAuthorizationCodeContext(Context, Options, request, code)
{
DataFormat = Options.AuthorizationCodeFormat
};
await Options.Provider.DeserializeAuthorizationCode(notification);
if (notification.HandledResponse || notification.Ticket != null)
{
notification.Ticket.SetTokenUsage(OpenIdConnectConstants.TokenUsages.AuthorizationCode);
return(notification.Ticket);
}
else if (notification.Skipped)
{
return(null);
}
if (notification.DataFormat == null)
{
throw new InvalidOperationException("A data formatter must be provided.");
}
var ticket = notification.DataFormat.Unprotect(code);
if (ticket == null)
{
Logger.LogTrace("The received token was invalid or malformed: {Code}.", code);
return(null);
}
// Note: since the data formatter relies on a data protector using different "purposes" strings
// per token type, the ticket returned by Unprotect() is guaranteed to be an authorization code.
ticket.SetTokenUsage(OpenIdConnectConstants.TokenUsages.AuthorizationCode);
Logger.LogTrace("The authorization code '{Code}' was successfully validated using " +
"the specified token data format: {Claims} ; {Properties}.",
code, ticket.Identity.Claims, ticket.Properties.Dictionary);
return(ticket);
}
private async Task <AuthenticationTicket> DeserializeAuthorizationCodeAsync(string code, OpenIdConnectRequest request)
{
var notification = new DeserializeAuthorizationCodeContext(Context, Options, request, code)
{
DataFormat = Options.AuthorizationCodeFormat
};
await Options.Provider.DeserializeAuthorizationCode(notification);
if (notification.HandledResponse || notification.Ticket != null)
{
notification.Ticket.SetUsage(OpenIdConnectConstants.Usages.AuthorizationCode);
return(notification.Ticket);
}
else if (notification.Skipped)
{
return(null);
}
var ticket = notification.DataFormat?.Unprotect(code);
if (ticket == null)
{
return(null);
}
// Ensure the received ticket is an authorization code.
if (!ticket.IsAuthorizationCode())
{
Logger.LogDebug("The received token was not an authorization code: {Code}.", code);
return(null);
}
return(ticket);
}
/// <summary> /// Represents an event called when deserializing an authorization code. /// </summary> /// <param name="context">The context instance associated with this event.</param> /// <returns>A <see cref="Task"/> that can be used to monitor the asynchronous operation.</returns> public virtual Task DeserializeAuthorizationCode(DeserializeAuthorizationCodeContext context) => OnDeserializeAuthorizationCode(context);