public override Task ValidateClientRedirectUri(OAuthValidateClientRedirectUriContext context) { var authCookie = context.Request.Cookies[FormsAuthentication.FormsCookieName]; var authTicket = FormsAuthentication.Decrypt(authCookie); if (authTicket.Expired) context.Rejected(); else context.Validated(); //We validated that Client Id and Reditect Uri are indeed what we expect //if (context.ClientId == "123456" && context.RedirectUri.Contains("localhost")) // context.Validated(); //else // context.Rejected(); return Task.FromResult<object>(null); }
/// <summary> /// Called to validate that the context.ClientId is a registered "client_id", and that the context.RedirectUri a "redirect_uri" /// registered for that client. This only occurs when processing the Authorize endpoint. The application MUST implement this /// call, and it MUST validate both of those factors before calling context.Validated. If the context.Validated method is called /// with a given redirectUri parameter, then IsValidated will only become true if the incoming redirect URI matches the given redirect URI. /// If context.Validated is not called the request will not proceed further. /// </summary> /// <param name="context">The context of the event carries information in and results out.</param> /// <returns>Task to enable asynchronous execution</returns> public override async Task ValidateClientRedirectUri(OAuthValidateClientRedirectUriContext context) { this.options.Logger.DebugFormat("Validating client id and redirect uri"); // Only proceed if client id and redirect uri is provided if (string.IsNullOrEmpty(context.ClientId) || string.IsNullOrEmpty(context.RedirectUri)) { this.options.Logger.WarnFormat("Client id ({0}) or client secret ({1}) is invalid", context.ClientId, context.RedirectUri); return; } this.options.Logger.DebugFormat("Authenticating client '{0}' and redirect uri '{1}'", context.ClientId, context.RedirectUri); var client = await this.options.ClientManager.AuthenticateClientAsync(context.ClientId, context.RedirectUri); if (!client.Identity.IsAuthenticated) { context.Rejected(); this.options.Logger.WarnFormat("Client '{0}' and redirect uri '{1}' was not authenticated", context.ClientId, context.RedirectUri); return; } this.options.Logger.DebugFormat("Client '{0}' and redirect uri '{1}' was successfully authenticated", context.ClientId, context.RedirectUri); context.OwinContext.GetOAuthContext().ClientId = context.ClientId; context.OwinContext.GetOAuthContext().RedirectUri = context.RedirectUri; context.Validated(context.RedirectUri); }
public override async Task ValidateClientRedirectUri(OAuthValidateClientRedirectUriContext context) { var app = await new ApplicationDbContext().Apps.FirstOrDefaultAsync(c => c.ClientId == context.ClientId); if (app != null) { context.Validated(app.RedirectUrl); } else { context.Rejected(); } }