public async Task <IActionResult> Authorize( [EnableIntegratedWebClient, ModelBinder(typeof(AuthorizationRequestModelBinder))] AuthorizationRequest authorization) { if (!authorization.IsValid) { return(this.InvalidAuthorization(authorization.Error)); } var authorizationResult = await _sessionManager.IsAuthorizedAsync(authorization); if (authorizationResult.Status == AuthorizationStatus.Forbidden) { return(this.InvalidAuthorization(authorizationResult.Error)); } if (authorizationResult.Status == AuthorizationStatus.LoginRequired) { return(RedirectToLogin(nameof(AccountController.Login), "Account", authorization.Message)); } var context = authorization.CreateTokenGeneratingContext( authorizationResult.User, authorizationResult.Application); AddAmbientClaims(context); await _tokenManager.IssueTokensAsync(context); var response = await _authorizationResponseFactory.CreateAuthorizationResponseAsync(context); await _sessionManager.StartSessionAsync(authorizationResult.User, authorizationResult.Application); return(this.ValidAuthorization(response)); }
public async Task <IActionResult> Authorize( [EnableIntegratedWebClient, ModelBinder(typeof(AuthorizationRequestModelBinder))] AuthorizationRequest authorization) { if (!authorization.IsValid) { return(this.InvalidAuthorization(authorization.Error)); } var authorizationResult = await _sessionManager.IsAuthorizedAsync(authorization); if (authorizationResult.Status == AuthorizationStatus.Forbidden) { return(this.InvalidAuthorization(authorizationResult.Error)); } if (authorizationResult.Status == AuthorizationStatus.LoginRequired) { return(RedirectToLogin(nameof(AccountController.Login), "Account", authorization.Message)); } var context = authorization.CreateTokenGeneratingContext( authorizationResult.User, authorizationResult.Application); context.AmbientClaims.Add(new Claim("policy", "signinsignup")); context.AmbientClaims.Add(new Claim("version", "1.0")); context.AmbientClaims.Add(new Claim("tenantId", "CDF07358 -BA97-470F-93CD-FC46E1B57F99")); await _tokenManager.IssueTokensAsync(context); var response = await _authorizationResponseFactory.CreateAuthorizationResponseAsync(context); await _sessionManager.StartSessionAsync(authorizationResult.User, authorizationResult.Application); return(this.ValidAuthorization(response)); }