protected override async Task <bool> GetHtmlAsync(IOwinEnvironment context, IClient client, CancellationToken cancellationToken) { var queryString = QueryStringParser.Parse(context.Request.QueryString, _logger); var spToken = queryString.GetString("sptoken"); if (string.IsNullOrEmpty(spToken)) { return(await HttpResponse.Redirect(context, _configuration.Web.ForgotPassword.Uri)); } var application = await client.GetApplicationAsync(_configuration.Application.Href, cancellationToken); try { await application.VerifyPasswordResetTokenAsync(spToken, cancellationToken); var viewModelBuilder = new ChangePasswordFormViewModelBuilder(client, _configuration); var changePasswordViewModel = viewModelBuilder.Build(); await RenderViewAsync(context, _configuration.Web.ChangePassword.View, changePasswordViewModel, cancellationToken); return(true); } catch (ResourceException) { return(await HttpResponse.Redirect(context, _configuration.Web.ChangePassword.ErrorUri)); } }
protected override async Task <bool> PostHtmlAsync(IOwinEnvironment context, IClient client, ContentType bodyContentType, CancellationToken cancellationToken) { var queryString = QueryStringParser.Parse(context.Request.QueryString, _logger); var body = await context.Request.GetBodyAsStringAsync(cancellationToken); var model = PostBodyParser.ToModel <ChangePasswordPostModel>(body, bodyContentType, _logger); var formData = FormContentParser.Parse(body, _logger); var stateToken = formData.GetString(StringConstants.StateTokenName); var parsedStateToken = new StateTokenParser(client, _configuration.Client.ApiKey, stateToken, _logger); if (!parsedStateToken.Valid) { var viewModelBuilder = new ChangePasswordFormViewModelBuilder(client, _configuration); var changePasswordViewModel = viewModelBuilder.Build(); changePasswordViewModel.Errors.Add("An error occurred. Please try again."); await RenderViewAsync(context, _configuration.Web.ChangePassword.View, changePasswordViewModel, cancellationToken); return(true); } if (!model.Password.Equals(model.ConfirmPassword, StringComparison.Ordinal)) { var viewModelBuilder = new ChangePasswordFormViewModelBuilder(client, _configuration); var changePasswordViewModel = viewModelBuilder.Build(); changePasswordViewModel.Errors.Add("Passwords do not match."); await RenderViewAsync(context, _configuration.Web.ChangePassword.View, changePasswordViewModel, cancellationToken); return(true); } var spToken = queryString.GetString("sptoken"); var application = await client.GetApplicationAsync(_configuration.Application.Href, cancellationToken); IAccount account; try { account = await application.VerifyPasswordResetTokenAsync(spToken, cancellationToken); } catch (ResourceException) { return(await HttpResponse.Redirect(context, _configuration.Web.ChangePassword.ErrorUri)); } var preChangePasswordContext = new PreChangePasswordContext(context, account); await _handlers.PreChangePasswordHandler(preChangePasswordContext, cancellationToken); try { await application.ResetPasswordAsync(spToken, model.Password, cancellationToken); } catch (ResourceException rex) { var viewModelBuilder = new ChangePasswordFormViewModelBuilder(client, _configuration); var changePasswordViewModel = viewModelBuilder.Build(); changePasswordViewModel.Errors.Add(rex.Message); await RenderViewAsync(context, _configuration.Web.ChangePassword.View, changePasswordViewModel, cancellationToken); return(true); } var postChangePasswordContext = new PostChangePasswordContext(context, account); await _handlers.PostChangePasswordHandler(postChangePasswordContext, cancellationToken); // TODO autologin return(await HttpResponse.Redirect(context, _configuration.Web.ChangePassword.NextUri)); }