public async Task <IActionResult> PostAuthorizeAsync([FromBody] ConsentAuthorizeRequest authorizeRequest)
{
var authorizeResponse = new ConsentAuthorizeResponse
{
Authorized = false,
Subject = authorizeRequest.Subject
};
if (string.IsNullOrWhiteSpace(authorizeRequest.Subject))
{
authorizeResponse.Error = new ConsentBaseResponse.ConsentError
{
StatusCode = (int)HttpStatusCode.BadRequest,
Message = "bad subject"
};
return(Unauthorized(authorizeResponse));
}
// we are a SubjectAndScopes controller so scopes have to be present;
if (authorizeRequest.Scopes == null || !authorizeRequest.Scopes.Any())
{
authorizeResponse.Error = new ConsentBaseResponse.ConsentError
{
StatusCode = (int)HttpStatusCode.BadRequest,
Message = "No scopes where requested!"
};
return(Unauthorized(authorizeResponse));
}
// check if user is in our database.
//authorizeResponse.Authorized = authorizeRequest.Subject == "good" || authorizeRequest.Subject == "104758924428036663951" ;
authorizeResponse.Authorized = true; // accept all.
if (authorizeResponse.Authorized)
{
authorizeResponse.Scopes = authorizeRequest.Scopes;
authorizeResponse.Claims = new List <ConsentAuthorizeResponse.ConsentAuthorizeClaim>
{
new ConsentAuthorizeResponse.ConsentAuthorizeClaim
{
Type = "geo_location",
Value = "Canada"
}
};
authorizeResponse.CustomPayload = new MyCustom
{
ConsentAuthorizeRequest = authorizeRequest,
Name = nameof(MyCustom), Value = 1234,
Properties = new List <MyCustom.Inner>()
{
new MyCustom.Inner()
{
Name = GuidS,
Value = 1
},
new MyCustom.Inner()
{
Name = GuidS,
Value = 2
}
}
};
}
else
{
authorizeResponse.Error = new ConsentBaseResponse.ConsentError
{
StatusCode = (int)HttpStatusCode.BadRequest,
Message = "User is bad!"
};
}
if (authorizeResponse.Authorized)
{
return(Ok(authorizeResponse));
}
return(Unauthorized(authorizeResponse));
}
public async Task <ConsentAuthorizeResponse> PostAuthorizationRequestAsync(
ConsentDiscoveryDocumentResponse discovery,
ConsentAuthorizeRequest requestObject)
{
try
{
var httpClient = new HttpClient();
using var httpResponse = await PostJsonContentAsync(discovery.AuthorizeEndpoint, httpClient, requestObject);
if (!httpResponse.IsSuccessStatusCode)
{
var result = new ConsentAuthorizeResponse()
{
Subject = requestObject.Subject,
Scopes = requestObject.Scopes,
Authorized = false,
Error = new Error
{
Message = $"StatusCode={httpResponse.StatusCode}",
StatusCode = (int)httpResponse.StatusCode
}
};
if (httpResponse.Content is object)
{
var contentText = await httpResponse.Content.ReadAsStringAsync();
result.Error.Message = contentText;
}
_logger.LogError($"statusCode={httpResponse.StatusCode},content=\'{result.Error.Message}\'");
return(result);
}
if (httpResponse.Content is object && httpResponse.Content.Headers.ContentType.MediaType == "application/json")
{
var contentStream = await httpResponse.Content.ReadAsStreamAsync();
var consentAuthorizeResponse = await System.Text.Json.JsonSerializer.DeserializeAsync <ConsentAuthorizeResponse>(contentStream, new System.Text.Json.JsonSerializerOptions {
IgnoreNullValues = true, PropertyNameCaseInsensitive = true
});
return(consentAuthorizeResponse);
}
throw new Exception("HTTP Response was invalid and cannot be deserialised.");
}
catch (Exception ex)
{
var result = new ConsentAuthorizeResponse()
{
Subject = requestObject.Subject,
Scopes = requestObject.Scopes,
Authorized = false,
Error = new Error
{
Message = ex.Message,
StatusCode = (int)HttpStatusCode.BadRequest
}
};
return(result);
}
}
