protected void HandleCodeExchange(ITokenRequest TokenRequest, DataModels.Client Client)
{
DataModels.TokenResponse res = CodeGrantHanldler.Exchange <DataModels.TokenResponse>(TokenRequest, Client);
if (res == null)
{
throw new DataModels.TokenRequestError(DataModels.ErrorCodes.server_error, "Unknown error exchanging code");
}
res.state = TokenRequest.state;
string uri = GetRedirectURI(TokenRequest, Client);
if (string.IsNullOrWhiteSpace(uri))
{
throw new DataModels.TokenRequestError(DataModels.ErrorCodes.invalid_request, "No Redirect URI provided and no Registered Redirect URI available");
}
UriBuilder bldr = new UriBuilder(uri);
bldr.Query = res.ToURIString();
Response.StatusCode = (int)System.Net.HttpStatusCode.Redirect;
Response.AddHeader("Location", bldr.ToString());
return;
}
protected void HandleCodeGrant(ITokenRequest TokenRequest, DataModels.Client Client)
{
if (Client.type == DataModels.ClientTypes.user_agent_based_application || string.IsNullOrWhiteSpace(Client.secret))
{
throw new DataModels.TokenRequestError(DataModels.ErrorCodes.unauthorized_client, "Only secure clients are supported for code grants");
}
DataModels.ResourceOwner owner = Authenticate();
if (owner == null)
{
return;
}
DataModels.Approval approval = Approve(Client, owner, TokenRequest.scope);
if (approval == null)
{
return;
}
DataModel.AuthorizationCode code = CodeGrantHanldler.Authorize(TokenRequest, approval, Client, owner);
if (code == null)
{
throw new DataModels.TokenRequestError(DataModels.ErrorCodes.server_error, "Unknown server error");
}
string redirect = GetRedirectURI(TokenRequest, Client);
UriBuilder bldr = new UriBuilder(redirect);
string queryParms = "code=" + code.authorization_code;
if (!string.IsNullOrWhiteSpace(code.scope))
{
queryParms += "&scope=" + code.scope.UrlEncode();
}
if (TokenRequest.state != null)
{
queryParms += "&state=" + TokenRequest.state.UrlEncode();
}
bldr.Query = queryParms;
Response.StatusCode = (int)System.Net.HttpStatusCode.Redirect;
Response.AddHeader("Location", bldr.ToString());
return;
}
