public override async Task ApplyAuthorizationResponse(ApplyAuthorizationResponseContext context) { if (!String.IsNullOrWhiteSpace(context.Error)) { return; } TService = context.HttpContext.RequestServices.GetRequiredService <TokenService>(); ApplicationDbContext db = context.HttpContext.RequestServices.GetRequiredService <ApplicationDbContext>(); ClaimsPrincipal claimsUser = context.HttpContext.User; // Implicit grant is the only flow that gets their token issued here. Token access = new Token() { GrantType = OpenIdConnectConstants.GrantTypes.Implicit, TokenType = OpenIdConnectConstants.TokenUsages.AccessToken, Value = context.AccessToken, }; OAuthClient client = db.ClientApplications.First(x => x.ClientId == context.Request.ClientId); if (client == null) { return; } if (client.SubordinateTokenLimits == null) { access.RateLimit = RateLimit.DefaultImplicitLimit; } else { access.RateLimit = client.SubordinateTokenLimits; } await TService.WriteNewTokenToDatabase(context.Request.ClientId, access, claimsUser); }
private void _stripUnnecessaryResponseParameters(ApplyAuthorizationResponseContext context) { _stripC(context.Response); if (context.Request.IsImplicitFlow()) { // Implicit Grant does not supply the Scopes in the response. context.Response.RemoveParameter("scope"); } }
public override Task ApplyAuthorizationResponse(ApplyAuthorizationResponseContext context) { if (context.Error == null) { foreach (var property in context.Ticket.Properties.Items) { if (!property.Key.StartsWith(".")) { context.Response.AddParameter(property.Key, new OpenIdConnectParameter(property.Value)); } } } return(Task.FromResult(0)); }
public override async Task ApplyAuthorizationResponse([NotNull] ApplyAuthorizationResponseContext context) { var options = (OpenIddictServerOptions)context.Options; // Note: as this stage, the request associated with the context may be null if an error // occurred very early in the pipeline (e.g an invalid HTTP verb was used by the caller). // Remove the authorization request from the distributed cache. if (options.EnableRequestCaching && !string.IsNullOrEmpty(context.Request?.RequestId)) { // Note: the cache key is always prefixed with a specific marker // to avoid collisions with the other types of cached requests. var key = OpenIddictConstants.Environment.AuthorizationRequest + context.Request.RequestId; // Note: the ApplyAuthorizationResponse event is called for both successful // and errored authorization responses but discrimination is not necessary here, // as the authorization request must be removed from the distributed cache in both cases. await options.Cache.RemoveAsync(key); } if (!options.ApplicationCanDisplayErrors && !string.IsNullOrEmpty(context.Error) && string.IsNullOrEmpty(context.RedirectUri)) { // Determine if the status code pages middleware has been enabled for this request. // If it was not registered or enabled, let the OpenID Connect server middleware render // a default error page instead of delegating the rendering to the status code middleware. var feature = context.HttpContext.Features.Get <IStatusCodePagesFeature>(); if (feature != null && feature.Enabled) { // Replace the default status code to return a 400 response. context.HttpContext.Response.StatusCode = 400; // Mark the request as fully handled to prevent the OpenID Connect server middleware // from displaying the default error page and to allow the status code pages middleware // to rewrite the response using the logic defined by the developer when registering it. context.HandleResponse(); return; } } await _eventService.PublishAsync(new OpenIddictServerEvents.ApplyAuthorizationResponse(context)); }
public override async Task ApplyAuthorizationResponse([NotNull] ApplyAuthorizationResponseContext context) { var services = context.HttpContext.RequestServices.GetRequiredService <OpenIddictServices <TApplication, TAuthorization, TScope, TToken> >(); // Remove the authorization request from the distributed cache. if (!string.IsNullOrEmpty(context.Request.RequestId)) { // Note: the cache key is always prefixed with a specific marker // to avoid collisions with the other types of cached requests. var key = OpenIddictConstants.Environment.AuthorizationRequest + context.Request.RequestId; // Note: the ApplyAuthorizationResponse event is called for both successful // and errored authorization responses but discrimination is not necessary here, // as the authorization request must be removed from the distributed cache in both cases. await services.Options.Cache.RemoveAsync(key); } if (!context.Options.ApplicationCanDisplayErrors && !string.IsNullOrEmpty(context.Response.Error) && string.IsNullOrEmpty(context.Response.RedirectUri)) { // Determine if the status code pages middleware has been enabled for this request. // If it was not registered or enabled, let the OpenID Connect server middleware render // a default error page instead of delegating the rendering to the status code middleware. var feature = context.HttpContext.Features.Get <IStatusCodePagesFeature>(); if (feature != null && feature.Enabled) { // Replace the default status code to return a 400 response. context.HttpContext.Response.StatusCode = 400; // Mark the request as fully handled to prevent the OpenID Connect server middleware // from displaying the default error page and to allow the status code pages middleware // to rewrite the response using the logic defined by the developer when registering it. context.HandleResponse(); } } }
public override Task ApplyAuthorizationResponse(ApplyAuthorizationResponseContext context) { context.Response.State = context.Request.State; _stripUnnecessaryResponseParameters(context); return(base.ApplyAuthorizationResponse(context)); }
public Task ApplyAuthorizationResponse(ApplyAuthorizationResponseContext context) { throw new NotImplementedException(); }