public async Task <ClientSecretValidationResult> ValidateAsync(HttpContext context)
{
_logger.LogTrace("Start client validation");
var fail = new ClientSecretValidationResult
{
IsError = true
};
var parsedSecret = await _parser.ParseAsync(context);
if (parsedSecret == null)
{
await RaiseFailureEvent("unknown", "No client id or secret found");
_logger.LogInformation("No client secret found");
return(fail);
}
// load client
var client = await _clients.FindClientByIdAsync(parsedSecret.Id);
if (client == null)
{
await RaiseFailureEvent(parsedSecret.Id, "Unknown client");
_logger.LogInformation("No client with that id found. aborting");
return(fail);
}
var result = await _validator.ValidateAsync(parsedSecret, client.ClientSecrets);
if (result.Success)
{
_logger.LogInformation("Client validation success");
var success = new ClientSecretValidationResult
{
IsError = false,
Client = client
};
await RaiseSuccessEvent(client.ClientId);
return(success);
}
await RaiseFailureEvent(client.ClientId, "Invalid client secret");
_logger.LogWarning("Client validation failed client {clientId}.", client.ClientId);
return(fail);
}
public async Task <ScopeSecretValidationResult> ValidateAsync(HttpContext context)
{
_logger.LogTrace("Start scope validation");
var fail = new ScopeSecretValidationResult
{
IsError = true
};
var parsedSecret = await _parser.ParseAsync(context);
if (parsedSecret == null)
{
await RaiseFailureEvent("unknown", "No scope id or secret found");
_logger.LogInformation("No scope secret found");
return(fail);
}
// load scope
var scope = (await _scopes.FindScopesAsync(new[] { parsedSecret.Id })).FirstOrDefault();
if (scope == null)
{
await RaiseFailureEvent(parsedSecret.Id, "Unknown scope");
_logger.LogInformation("No scope with that name found. aborting");
return(fail);
}
var result = await _validator.ValidateAsync(parsedSecret, scope.ScopeSecrets);
if (result.Success)
{
_logger.LogInformation("Scope validation success");
var success = new ScopeSecretValidationResult
{
IsError = false,
Scope = scope
};
await RaiseSuccessEvent(scope.Name);
return(success);
}
await RaiseFailureEvent(scope.Name, "Invalid client secret");
_logger.LogInformation("Scope validation failed.");
return(fail);
}
