public async Task <ActionResult> GetAuthorization(AuthorizationParameter parameter, IPrincipal claimsPrincipal, string issuerName)
{
var processId = Guid.NewGuid().ToString();
_eventPublisher.Publish(new AuthorizationRequestReceived(Guid.NewGuid().ToString(), processId, _payloadSerializer.GetPayload(parameter), 0));
try
{
var client = await _authorizationCodeGrantTypeParameterValidator.ValidateAsync(parameter);
ActionResult actionResult = null;
_oauthEventSource.StartAuthorization(parameter.ClientId,
parameter.ResponseType,
parameter.Scope,
parameter.Claims == null ? string.Empty : parameter.Claims.ToString());
if (client.RequirePkce)
{
if (string.IsNullOrWhiteSpace(parameter.CodeChallenge) || parameter.CodeChallengeMethod == null)
{
throw new IdentityServerExceptionWithState(ErrorCodes.InvalidRequestCode, string.Format(ErrorDescriptions.TheClientRequiresPkce, parameter.ClientId), parameter.State);
}
}
var responseTypes = _parameterParserHelper.ParseResponseTypes(parameter.ResponseType);
var authorizationFlow = _authorizationFlowHelper.GetAuthorizationFlow(responseTypes, parameter.State);
switch (authorizationFlow)
{
case AuthorizationFlow.AuthorizationCodeFlow:
actionResult = await _getAuthorizationCodeOperation.Execute(parameter, claimsPrincipal, client, issuerName);
break;
case AuthorizationFlow.ImplicitFlow:
actionResult = await _getTokenViaImplicitWorkflowOperation.Execute(parameter, claimsPrincipal, client, issuerName);
break;
case AuthorizationFlow.HybridFlow:
actionResult = await _getAuthorizationCodeAndTokenViaHybridWorkflowOperation.Execute(parameter, claimsPrincipal, client, issuerName);
break;
}
if (actionResult != null)
{
var actionTypeName = Enum.GetName(typeof(TypeActionResult), actionResult.Type);
var actionName = string.Empty;
if (actionResult.Type == TypeActionResult.RedirectToAction)
{
var actionEnum = actionResult.RedirectInstruction.Action;
actionName = Enum.GetName(typeof(IdentityServerEndPoints), actionEnum);
}
var serializedParameters = actionResult.RedirectInstruction == null || actionResult.RedirectInstruction.Parameters == null ? String.Empty :
actionResult.RedirectInstruction.Parameters.SerializeWithJavascript();
_oauthEventSource.EndAuthorization(actionTypeName,
actionName,
serializedParameters);
}
_eventPublisher.Publish(new AuthorizationGranted(Guid.NewGuid().ToString(), processId, _payloadSerializer.GetPayload(actionResult), 1));
actionResult.ProcessId = processId;
actionResult.Amr = _amrHelper.GetAmr(_resourceOwnerAuthenticateHelper.GetAmrs(), parameter.AmrValues);
return(actionResult);
}
catch (IdentityServerException ex)
{
_eventPublisher.Publish(new OAuthErrorReceived(Guid.NewGuid().ToString(), processId, ex.Code, ex.Message, 1));
throw;
}
}