internal async Task <IEndpointResult> ProcessAuthorizeRequestAsync(NameValueCollection parameters, ClaimsPrincipal user, ConsentResponse consent, HttpContext context) { if (user != null) { Logger.LogDebug("User in authorize request: {subjectId}", user.GetSubjectId()); } else { Logger.LogDebug("No user present in authorize request"); } // validate request var result = await _validator.ValidateAsync(parameters, user); if (result.IsError) { return(await CreateErrorResultAsync( "Request validation failed", result.ValidatedRequest, result.Error, result.ErrorDescription)); } var request = result.ValidatedRequest; LogRequest(request); // determine user interaction var interactionResult = await _interactionGenerator.ProcessInteractionAsync(request, consent); if (interactionResult.IsError) { return(await CreateErrorResultAsync("Interaction generator error", request, interactionResult.Error, interactionResult.ErrorDescription, false)); } if (interactionResult.IsLogin) { return(new LoginPageResult(request, _loginUrlProcessor)); } if (interactionResult.IsConsent) { return(new ConsentPageResult(request)); } if (interactionResult.IsRedirect) { return(new CustomRedirectResult(request, interactionResult.RedirectUrl)); } request.ClientIp = context.GetRequestIp(); request.Device = context .GetHeaderValueAs <string>("User-Agent") .GetDevice(); var response = await _authorizeResponseGenerator.CreateResponseAsync(request); await RaiseResponseEventAsync(response); LogResponse(response); return(new AuthorizeResult(response)); }
public Task <InteractionResponse> ProcessInteractionAsync(ValidatedAuthorizeRequest request, ConsentResponse consent = null) { if (request.Subject?.IsAnonymous() == true) { return(Task.FromResult(new InteractionResponse { IsLogin = true })); } return(_inner.ProcessInteractionAsync(request, consent)); }
internal async Task <IEndpointResult> ProcessAuthorizeRequestAsync(NameValueCollection parameters, ClaimsPrincipal user, ConsentResponse consent) { if (user != null) { _logger.LogTrace("User in authorize request: name:{0}, sub:{1}", user.GetName(), user.GetSubjectId()); } else { _logger.LogTrace("No user present in authorize request"); } // validate request var result = await _validator.ValidateAsync(parameters, user); if (result.IsError) { return(await ErrorPageAsync( result.ErrorType, result.Error, result.ValidatedRequest)); } var request = result.ValidatedRequest; // determine user interaction var interactionResult = await _interactionGenerator.ProcessInteractionAsync(request, consent); if (interactionResult.IsError) { return(await ErrorPageAsync( interactionResult.Error.ErrorType, interactionResult.Error.Error, request)); } if (interactionResult.IsLogin) { return(await LoginPageAsync(request)); } if (interactionResult.IsConsent) { return(await ConsentPageAsync(request)); } // issue response return(await SuccessfulAuthorizationAsync(request)); }
protected async Task <IEndpointResult> ProcessAuthorizeRequestAsync(NameValueCollection parameters, ClaimsPrincipal user, ConsentResponse consent) { // validate request var result = await _validator.ValidateAsync(parameters, user); if (result.IsError) { return(await CreateErrorResultAsync( "Request validation failed", result.ValidatedRequest, result.Error, result.ErrorDescription)); } var request = result.ValidatedRequest; // determine user interaction var interactionResult = await _interactionGenerator.ProcessInteractionAsync(request, consent); if (interactionResult.IsError) { return(await CreateErrorResultAsync("Interaction generator error", request, interactionResult.Error)); } if (interactionResult.IsLogin) { return(new LoginPageResult(request)); } if (interactionResult.IsConsent) { return(new ConsentPageResult(request)); } if (interactionResult.IsRedirect) { return(new CustomRedirectResult(request, interactionResult.RedirectUrl)); } var response = await _authorizeResponseGenerator.CreateResponseAsync(request); await RaiseResponseEventAsync(response); return(new AuthorizeResult(response)); }
internal async Task <IEndpointResult> ProcessAuthorizeRequestAsync(NameValueCollection parameters, ClaimsPrincipal user, bool checkConsentResponse = false) { if (user != null) { Logger.LogDebug("User in authorize request: {subjectId}", user.GetSubjectId()); } else { Logger.LogDebug("No user present in authorize request"); } if (checkConsentResponse && _authorizationParametersMessageStore != null) { var messageStoreId = parameters[Constants.AuthorizationParamsStore.MessageStoreIdParameterName]; var entry = await _authorizationParametersMessageStore.ReadAsync(messageStoreId); parameters = entry?.Data.FromFullDictionary() ?? new NameValueCollection(); await _authorizationParametersMessageStore.DeleteAsync(messageStoreId); } // validate request var result = await _validator.ValidateAsync(parameters, user); if (result.IsError) { return(await CreateErrorResultAsync( "Request validation failed", result.ValidatedRequest, result.Error, result.ErrorDescription)); } string consentRequestId = null; try { Message <ConsentResponse> consent = null; if (checkConsentResponse) { var consentRequest = new ConsentRequest(result.ValidatedRequest.Raw, user?.GetSubjectId()); consentRequestId = consentRequest.Id; consent = await _consentResponseStore.ReadAsync(consentRequestId); if (consent != null && consent.Data == null) { return(await CreateErrorResultAsync("consent message is missing data")); } } var request = result.ValidatedRequest; LogRequest(request); // determine user interaction var interactionResult = await _interactionGenerator.ProcessInteractionAsync(request, consent?.Data); if (interactionResult.IsError) { return(await CreateErrorResultAsync("Interaction generator error", request, interactionResult.Error, interactionResult.ErrorDescription, false)); } if (interactionResult.IsLogin) { return(new LoginPageResult(request)); } if (interactionResult.IsConsent) { return(new ConsentPageResult(request)); } if (interactionResult.IsRedirect) { return(new CustomRedirectResult(request, interactionResult.RedirectUrl)); } var response = await _authorizeResponseGenerator.CreateResponseAsync(request); await RaiseResponseEventAsync(response); LogResponse(response); return(new AuthorizeResult(response)); } finally { if (consentRequestId != null) { await _consentResponseStore.DeleteAsync(consentRequestId); } } }