public IActionResult Authorize([FromQuery] string client_id, [FromQuery] string response_type, [FromQuery] Uri redirect_uri, [FromServices] ITokenService tokenService) { // check if we have a redirect_uri if (redirect_uri == null) { throw new TokenServiceException(nTokenServiceErrors.ErrorMissingRedirectUri); } // validate our paramters if (client_id == null || client_id.Length == 0) { return(new RedirectResult(redirect_uri.ToString() + "?server_error=Missing client_id")); } if (response_type == null || response_type.Length == 0) { return(new RedirectResult(redirect_uri.ToString() + "?server_error=Missing response_type")); } // ask the token service implementation for the oAuth2 clinet var oAuth2Client = tokenService.FindClientById(client_id); if (oAuth2Client == null) { return(new RedirectResult(redirect_uri.ToString() + "?server_error=Invalid client_id")); } // verify redirectURI if (!oAuth2Client.RedirectUris.Contains(redirect_uri)) { return(new RedirectResult(redirect_uri.ToString() + "?server_error=RedirectUri mismatch")); } // fullfill the requested grant IGrantService grantService = null; switch (response_type) { case "token": grantService = new GrantTokenService(); break; case "code": grantService = new GrantCodeService(); break; } // check if we found a grant service if (grantService == null) { return(new RedirectResult(redirect_uri.ToString() + "?server_error=Invalid or not supported grant type")); } // execute the grant operation var grantResult = grantService.ExecuteAuthorizeOperation(User, oAuth2Client, tokenService); // redirect to the final destination return(new RedirectResult(QueryHelpers.AddQueryString(redirect_uri.ToString(), grantResult))); }
public IActionResult Token(OAuthTokenRequestModel requestModel, [FromServices] ITokenService tokenService) { // check if we have a grant_type if (requestModel.grant_type == null || requestModel.grant_type.Length == 0) { return(new JsonResult(new { error = "grant missing", error_description = "value for grant_type is missing" })); } // read the client_id / client_secret from authentication header if exists and missing in the model string authHeader = Request.Headers["Authorization"]; if (requestModel.client_id == null && authHeader != null && authHeader.StartsWith("Basic")) { string encodedUsernamePassword = authHeader.Substring("Basic ".Length).Trim(); Encoding encoding = Encoding.GetEncoding("iso-8859-1"); string usernamePassword = encoding.GetString(Convert.FromBase64String(encodedUsernamePassword)); int seperatorIndex = usernamePassword.IndexOf(':'); requestModel.client_id = usernamePassword.Substring(0, seperatorIndex); requestModel.client_secret = usernamePassword.Substring(seperatorIndex + 1); } // validate our paramters if (requestModel.client_id == null || requestModel.client_id.Length == 0) { return(new JsonResult(new { error = "client_id missing", error_description = "value for client_id is missing" })); } if (requestModel.client_secret == null || requestModel.client_secret.Length == 0) { return(new JsonResult(new { error = "client_secret missing", error_description = "value for client_secret is missing" })); } // ask the token service implementation for the oAuth2 clinet var oAuth2Client = tokenService.FindClientById(requestModel.client_id); if (oAuth2Client == null) { return(new JsonResult(new { error = "invalid client_id", error_description = "the given client_id is invalid" })); } // check if the secrets are the same if (!oAuth2Client.ClientSecret.Equals(requestModel.client_secret)) { return(new JsonResult(new { error = "client_secret mismatch", error_description = "the provided client_secret does not fit" })); } // select the correct grantservice IGrantService grantService = null; switch (requestModel.grant_type) { case "authorization_code": grantService = new GrantCodeService(); break; case "client_credentials": grantService = new GrantClientCredentialsService(); break; } // check if we found a grant service if (grantService == null) { return(new JsonResult(new { error = "not supported grant", error_description = "Didn't not found a supported grant service for " + requestModel.grant_type })); } // execute the grant operation var grantResult = grantService.ExecuteTokenOperation(oAuth2Client, tokenService, requestModel.code); // done return(new JsonResult(grantResult)); }
public HomeController(IAwardService awardService, IGrantService grantService) { this.awardService = awardService; this.grantService = grantService; }
public GrantController(IGrantService serv, IDetection detection) { _device = detection.Device; _service = serv; }