public RequestAuthorizeParams GetAuthorizeParams() { RequestAuthorizeParams paramters = new RequestAuthorizeParams(); paramters.ClientId = current.Request.QueryString[Constants.ClientIdParameter]; paramters.ResponseType = current.Request.QueryString[Constants.ResponseTypeParameter]; paramters.RedirectUri = current.Request.QueryString[Constants.RedirectUriParameter]; paramters.State = current.Request.QueryString[Constants.StateParameter]; paramters.Scope = current.Request.QueryString[Constants.ScopeParameter]; //// Make sure a valid client id was supplied if (string.IsNullOrEmpty(paramters.ClientId)) { if (string.IsNullOrEmpty(paramters.RedirectUri)) { DoRedirectUriError(Constants.OAUTH2_ERROR_INVALID_CLIENT, null, current.Request.RawUrl, paramters.State); } DoRedirectUriError(Constants.OAUTH2_HTTP_FOUND, Constants.OAUTH2_ERROR_INVALID_CLIENT, null, paramters.State); } //// redirect_uri is not required if already established via other channels //// check an existing redirect URI against the one supplied string redirect_uri = GetRedirectUri(paramters.ClientId); //// getRedirectUri() should return FALSE if the given client ID is invalid //// this probably saves us from making a separate db call, and simplifies the method set if (string.IsNullOrEmpty(redirect_uri)) DoRedirectUriError(Constants.OAUTH2_ERROR_INVALID_CLIENT, null, null, paramters.State); //// At least one of: existing redirect URI or input redirect URI must be specified if (string.IsNullOrEmpty(paramters.RedirectUri)) DoRedirectUriError(Constants.OAUTH2_HTTP_FOUND, Constants.OAUTH2_ERROR_INVALID_REQUEST, null, paramters.State); //// If there's an existing uri and one from input, verify that they match if (!redirect_uri.Equals(paramters.RedirectUri, StringComparison.CurrentCultureIgnoreCase)) { DoRedirectUriError(Constants.OAUTH2_ERROR_REDIRECT_URI_MISMATCH, null, null, paramters.State); } //// type and client_id are required if (string.IsNullOrEmpty(paramters.ResponseType)) DoRedirectUriError(Constants.OAUTH2_ERROR_INVALID_REQUEST, Constants.OAUTH2_ERROR_UNSUPPORTED_RESPONSE_TYPE, null, paramters.State); //// Check requested auth response type against the list of supported types List<string> responseTypes = GetSupportedAuthResponseTypes(); if (!responseTypes.Contains(paramters.ResponseType)) DoRedirectUriError(Constants.OAUTH2_ERROR_UNSUPPORTED_RESPONSE_TYPE, null, null, paramters.State); //// Validate that the requested scope is supported if (!string.IsNullOrEmpty(paramters.Scope)) { List<string> scopes = GetSupportedScopes(); if (!scopes.Contains(paramters.Scope)) DoRedirectUriError(Constants.OAUTH2_ERROR_INVALID_SCOPE, null, null, paramters.State); } return paramters; }
public RequestAuthorizeParams GetAuthorizeParams() { RequestAuthorizeParams paramters = new RequestAuthorizeParams(); paramters.ClientId = current.Request.QueryString[Constants.ClientIdParameter]; paramters.ResponseType = current.Request.QueryString[Constants.ResponseTypeParameter]; paramters.RedirectUri = current.Request.QueryString[Constants.RedirectUriParameter]; paramters.State = current.Request.QueryString[Constants.StateParameter]; paramters.Scope = current.Request.QueryString[Constants.ScopeParameter]; //// Make sure a valid client id was supplied if (string.IsNullOrEmpty(paramters.ClientId)) { if (string.IsNullOrEmpty(paramters.RedirectUri)) { DoRedirectUriError(Constants.OAUTH2_ERROR_INVALID_CLIENT, null, current.Request.RawUrl, paramters.State); } DoRedirectUriError(Constants.OAUTH2_HTTP_FOUND, Constants.OAUTH2_ERROR_INVALID_CLIENT, null, paramters.State); } //// redirect_uri is not required if already established via other channels //// check an existing redirect URI against the one supplied string redirect_uri = GetRedirectUri(paramters.ClientId); //// getRedirectUri() should return FALSE if the given client ID is invalid //// this probably saves us from making a separate db call, and simplifies the method set if (string.IsNullOrEmpty(redirect_uri)) { DoRedirectUriError(Constants.OAUTH2_ERROR_INVALID_CLIENT, null, null, paramters.State); } //// At least one of: existing redirect URI or input redirect URI must be specified if (string.IsNullOrEmpty(paramters.RedirectUri)) { DoRedirectUriError(Constants.OAUTH2_HTTP_FOUND, Constants.OAUTH2_ERROR_INVALID_REQUEST, null, paramters.State); } //// If there's an existing uri and one from input, verify that they match if (!redirect_uri.Equals(paramters.RedirectUri, StringComparison.CurrentCultureIgnoreCase)) { DoRedirectUriError(Constants.OAUTH2_ERROR_REDIRECT_URI_MISMATCH, null, null, paramters.State); } //// type and client_id are required if (string.IsNullOrEmpty(paramters.ResponseType)) { DoRedirectUriError(Constants.OAUTH2_ERROR_INVALID_REQUEST, Constants.OAUTH2_ERROR_UNSUPPORTED_RESPONSE_TYPE, null, paramters.State); } //// Check requested auth response type against the list of supported types List <string> responseTypes = GetSupportedAuthResponseTypes(); if (!responseTypes.Contains(paramters.ResponseType)) { DoRedirectUriError(Constants.OAUTH2_ERROR_UNSUPPORTED_RESPONSE_TYPE, null, null, paramters.State); } //// Validate that the requested scope is supported if (!string.IsNullOrEmpty(paramters.Scope)) { List <string> scopes = GetSupportedScopes(); if (!scopes.Contains(paramters.Scope)) { DoRedirectUriError(Constants.OAUTH2_ERROR_INVALID_SCOPE, null, null, paramters.State); } } return(paramters); }