protected void HandleCodeExchange(ITokenRequest TokenRequest, DataModels.Client Client) { DataModels.TokenResponse res = CodeGrantHanldler.Exchange <DataModels.TokenResponse>(TokenRequest, Client); if (res == null) { throw new DataModels.TokenRequestError(DataModels.ErrorCodes.server_error, "Unknown error exchanging code"); } res.state = TokenRequest.state; string uri = GetRedirectURI(TokenRequest, Client); if (string.IsNullOrWhiteSpace(uri)) { throw new DataModels.TokenRequestError(DataModels.ErrorCodes.invalid_request, "No Redirect URI provided and no Registered Redirect URI available"); } UriBuilder bldr = new UriBuilder(uri); bldr.Query = res.ToURIString(); Response.StatusCode = (int)System.Net.HttpStatusCode.Redirect; Response.AddHeader("Location", bldr.ToString()); return; }
protected void HandleCodeGrant(ITokenRequest TokenRequest, DataModels.Client Client) { if (Client.type == DataModels.ClientTypes.user_agent_based_application || string.IsNullOrWhiteSpace(Client.secret)) { throw new DataModels.TokenRequestError(DataModels.ErrorCodes.unauthorized_client, "Only secure clients are supported for code grants"); } DataModels.ResourceOwner owner = Authenticate(); if (owner == null) { return; } DataModels.Approval approval = Approve(Client, owner, TokenRequest.scope); if (approval == null) { return; } DataModel.AuthorizationCode code = CodeGrantHanldler.Authorize(TokenRequest, approval, Client, owner); if (code == null) { throw new DataModels.TokenRequestError(DataModels.ErrorCodes.server_error, "Unknown server error"); } string redirect = GetRedirectURI(TokenRequest, Client); UriBuilder bldr = new UriBuilder(redirect); string queryParms = "code=" + code.authorization_code; if (!string.IsNullOrWhiteSpace(code.scope)) { queryParms += "&scope=" + code.scope.UrlEncode(); } if (TokenRequest.state != null) { queryParms += "&state=" + TokenRequest.state.UrlEncode(); } bldr.Query = queryParms; Response.StatusCode = (int)System.Net.HttpStatusCode.Redirect; Response.AddHeader("Location", bldr.ToString()); return; }