public async Task <IActionResult> Index(string returnUrl, CancellationToken cancellationToken) { if (string.IsNullOrWhiteSpace(returnUrl)) { return(RedirectToAction("Index", "Errors", new { code = "invalid_request", ReturnUrl = $"{Request.Path}{Request.QueryString}", area = string.Empty })); } try { var query = Unprotect(returnUrl).GetQueries().ToJObj(); var clientId = query.GetClientIdFromAuthorizationRequest(); var client = await OAuthClientQueryRepository.FindOAuthClientById(clientId, cancellationToken); var loginHint = query.GetLoginHintFromAuthorizationRequest(); return(View(new AuthenticateViewModel(returnUrl, loginHint, _translationHelper.Translate(client.ClientNames), _translationHelper.Translate(client.LogoUris), _translationHelper.Translate(client.TosUris), _translationHelper.Translate(client.PolicyUris)))); } catch (CryptographicException) { return(RedirectToAction("Index", "Errors", new { code = "invalid_request", ReturnUrl = $"{Request.Path}{Request.QueryString}", area = string.Empty })); } }
public async Task <IActionResult> Index(string returnUrl, CancellationToken cancellationToken) { if (string.IsNullOrWhiteSpace(returnUrl)) { return(RedirectToAction("Index", "Errors", new { code = "invalid_request", ReturnUrl = $"{Request.Path}{Request.QueryString}", area = string.Empty })); } try { var schemes = await _authenticationSchemeProvider.GetAllSchemesAsync(); var query = Unprotect(returnUrl).GetQueries().ToJObj(); var clientId = query.GetClientIdFromAuthorizationRequest(); var client = await OAuthClientQueryRepository.FindOAuthClientById(clientId, cancellationToken); var loginHint = query.GetLoginHintFromAuthorizationRequest(); var externalIdProviders = schemes.Where(s => !string.IsNullOrWhiteSpace(s.DisplayName)); return(View(new AuthenticateViewModel( loginHint, returnUrl, _translationHelper.Translate(client.ClientNames), _translationHelper.Translate(client.LogoUris), _translationHelper.Translate(client.TosUris), _translationHelper.Translate(client.PolicyUris), externalIdProviders.Select(e => new OpenID.UI.ViewModels.ExternalIdProvider { AuthenticationScheme = e.Name, DisplayName = e.DisplayName }).ToList()))); } catch (CryptographicException) { return(RedirectToAction("Index", "Errors", new { code = "invalid_request", ReturnUrl = $"{Request.Path}{Request.QueryString}", area = string.Empty })); } }
public virtual async Task <OAuthClient> GetClient(string clientId, HandlerContext handlerContext, CancellationToken cancellationToken) { var accessToken = handlerContext.Request.GetToken(AutenticationSchemes.Bearer, AutenticationSchemes.Basic); if (string.IsNullOrWhiteSpace(accessToken)) { Logger.LogError("access token is missing"); throw new OAuthUnauthorizedException(ErrorCodes.INVALID_TOKEN, ErrorMessages.MISSING_ACCESS_TOKEN); } var clients = await OAuthClientQueryRepository.Find(new Persistence.Parameters.SearchClientParameter { RegistrationAccessToken = accessToken }, cancellationToken); if (!clients.Content.Any()) { Logger.LogError($"access token '{accessToken}' is invalid"); throw new OAuthUnauthorizedException(ErrorCodes.INVALID_TOKEN, ErrorMessages.BAD_ACCESS_TOKEN); } var client = clients.Content.First(); if (client.ClientId != clientId) { client.RegistrationAccessToken = null; await OAuthClientCommandRepository.Update(client, cancellationToken); await OAuthClientCommandRepository.SaveChanges(cancellationToken); Logger.LogError($"access token '{accessToken}' can be used for the client '{client.ClientId}' and not for the client '{clientId}'"); throw new OAuthUnauthorizedException(ErrorCodes.INVALID_TOKEN, string.Format(ErrorMessages.ACCESS_TOKEN_VALID_CLIENT, client.ClientId, clientId)); } return(client); }