public async Task <ClientSecretValidationResult> ValidateAsync(HttpContext context) { var fail = new ClientSecretValidationResult() { IsError = true, Error = OidcConstants.TokenErrors.InvalidClient, }; if (!_plugins.Any()) { await RaiseFailureEventAsync("unknown", "No client id found"); fail.ErrorDescription = "No IClientSecretValidatorPlugin were found!"; _logger.LogError(fail.ErrorDescription); return(fail); } var parsedSecret = await _parser.ParseAsync(context); if (parsedSecret == null) { await RaiseFailureEventAsync("unknown", "No client id found"); fail.ErrorDescription = "No client identifier found"; _logger.LogError(fail.ErrorDescription); return(fail); } // load client var client = await _clients.FindEnabledClientByIdAsync(parsedSecret.Id); if (client == null) { await RaiseFailureEventAsync(parsedSecret.Id, "Unknown client"); fail.ErrorDescription = $"No client with id '{parsedSecret.Id}' found. aborting"; _logger.LogError(fail.ErrorDescription); return(fail); } foreach (var plugin in _plugins) { var result = await plugin.ValidateAsync(context); if (result.IsError) { return(result); } } var success = new ClientSecretValidationResult { IsError = false, Client = client, Secret = parsedSecret }; return(success); }
/// <summary> /// Validates the current request. /// </summary> /// <param name="context">The context.</param> /// <returns></returns> public async Task <ClientSecretValidationResult> ValidateAsync(HttpContext context) { _logger.LogDebug("Start client validation"); var fail = new ClientSecretValidationResult { IsError = true }; var parsedSecret = await _parser.ParseAsync(context); if (parsedSecret == null) { await RaiseFailureEventAsync("unknown", "No client id found"); _logger.LogError("No client identifier found"); return(fail); } // load client var client = await _clients.FindEnabledClientByIdAsync(parsedSecret.Id); if (client == null) { await RaiseFailureEventAsync(parsedSecret.Id, "Unknown client"); _logger.LogError("No client with id '{clientId}' found. aborting", parsedSecret.Id); return(fail); } var form = (await context.Request.ReadFormAsync()).AsNameValueCollection(); var grantType = form.Get(OidcConstants.TokenRequest.GrantType); if (grantType == OidcConstants.GrantTypes.RefreshToken) { // upcast; ClientExtra clientExtra = client as ClientExtra; if (!clientExtra.RequireRefreshClientSecret) { _logger.LogDebug("Public Client - skipping secret validation success"); _logger.LogDebug("Client validation success"); var success = new ClientSecretValidationResult { IsError = false, Client = client, Secret = parsedSecret }; await RaiseSuccessEventAsync(client.ClientId, parsedSecret.Type); return(success); } } return(await StockClientSecretValidator.ValidateAsync(context)); }
public async Task <ClientRequestIdentity> GetClientRequestIdentityAsync(HttpContext httpContext) { var parsedSecret = await _parser.ParseAsync(httpContext); if (parsedSecret != null) { var identity = new ClientRequestIdentity { Path = httpContext.Request.Path.ToString().ToLowerInvariant(), HttpVerb = httpContext.Request.Method.ToLowerInvariant(), ClientId = parsedSecret.Id }; return(identity); } return(null); }
/// <summary> /// 登录校验密钥 /// </summary> /// <param name="context"></param> /// <returns></returns> public async Task <ClientSecretValidationResult> ValidateAsync(HttpContext context) { var _signInManager = (SignInManager <ApplicationUser>)context.RequestServices.GetService(typeof(SignInManager <ApplicationUser>)); _logger.LogDebug("Start client validation"); //错误返回 var fail = new ClientSecretValidationResult { IsError = true }; //根据上下文查找密钥 var parsedSecret = await _parser.ParseAsync(context); if (parsedSecret == null) { await RaiseFailureEventAsync("unknown", "No client id found"); _logger.LogError("No client identifier found"); return(fail); } // 加载客户端配置 var client = await _clients.FindEnabledClientByIdAsync(parsedSecret.Id); if (client == null) { await RaiseFailureEventAsync(parsedSecret.Id, "Unknown client"); _logger.LogError("No client with id '{clientId}' found. aborting", parsedSecret.Id); return(fail); } SecretValidationResult secretValidationResult = null; if (!client.RequireClientSecret || client.IsImplicitOnly()) { _logger.LogDebug("Public Client - skipping secret validation success"); } else { //验证客户端密钥 secretValidationResult = await _validator.ValidateAsync(parsedSecret, client.ClientSecrets); if (secretValidationResult.Success == false) { await RaiseFailureEventAsync(client.ClientId, "Invalid client secret"); _logger.LogError("Client secret validation failed for client: {clientId}.", client.ClientId); return(fail); } } _logger.LogDebug("Client validation success"); //var user = await _signInManager.UserManager.FindByNameAsync(context.User.Identity.Name); //var claimsPrincipal = await _signInManager.ClaimsFactory.CreateAsync(user); var success = new ClientSecretValidationResult { IsError = false, Client = client, Secret = parsedSecret, Confirmation = secretValidationResult?.Confirmation }; await RaiseSuccessEventAsync(client.ClientId, parsedSecret.Type); return(success); }
/// <summary> /// Validates the secret on the current request. /// </summary> /// <param name="context">The context.</param> /// <returns></returns> public async Task <ApiSecretValidationResult> ValidateAsync(HttpContext context) { _logger.LogTrace("Start API validation"); var fail = new ApiSecretValidationResult { IsError = true }; var parsedSecret = await _parser.ParseAsync(context); if (parsedSecret == null) { await RaiseFailureEventAsync("unknown", "No API id or secret found"); _logger.LogError("No API secret found"); return(fail); } // load API resource var api = await _resources.FindApiResourceAsync(parsedSecret.Id); if (api == null) { await RaiseFailureEventAsync(parsedSecret.Id, "Unknown API resource"); _logger.LogError("No API resource with that name found. aborting"); return(fail); } if (api.Enabled == false) { await RaiseFailureEventAsync(parsedSecret.Id, "API resource not enabled"); _logger.LogError("API resource not enabled. aborting."); return(fail); } var result = await _validator.ValidateAsync(parsedSecret, api.ApiSecrets); if (result.Success) { _logger.LogDebug("API resource validation success"); var success = new ApiSecretValidationResult { IsError = false, Resource = api }; await RaiseSuccessEventAsync(api.Name, parsedSecret.Type); return(success); } await RaiseFailureEventAsync(api.Name, "Invalid API secret"); _logger.LogError("API validation failed."); return(fail); }