public RequestAuthorizeParams GetAuthorizeParams()
{
RequestAuthorizeParams paramters = new RequestAuthorizeParams();
paramters.ClientId = current.Request.QueryString[Constants.ClientIdParameter];
paramters.ResponseType = current.Request.QueryString[Constants.ResponseTypeParameter];
paramters.RedirectUri = current.Request.QueryString[Constants.RedirectUriParameter];
paramters.State = current.Request.QueryString[Constants.StateParameter];
paramters.Scope = current.Request.QueryString[Constants.ScopeParameter];
//// Make sure a valid client id was supplied
if (string.IsNullOrEmpty(paramters.ClientId))
{
if (string.IsNullOrEmpty(paramters.RedirectUri))
{
DoRedirectUriError(Constants.OAUTH2_ERROR_INVALID_CLIENT, null, current.Request.RawUrl, paramters.State);
}
DoRedirectUriError(Constants.OAUTH2_HTTP_FOUND, Constants.OAUTH2_ERROR_INVALID_CLIENT, null, paramters.State);
}
//// redirect_uri is not required if already established via other channels
//// check an existing redirect URI against the one supplied
string redirect_uri = GetRedirectUri(paramters.ClientId);
//// getRedirectUri() should return FALSE if the given client ID is invalid
//// this probably saves us from making a separate db call, and simplifies the method set
if (string.IsNullOrEmpty(redirect_uri))
DoRedirectUriError(Constants.OAUTH2_ERROR_INVALID_CLIENT, null, null, paramters.State);
//// At least one of: existing redirect URI or input redirect URI must be specified
if (string.IsNullOrEmpty(paramters.RedirectUri))
DoRedirectUriError(Constants.OAUTH2_HTTP_FOUND, Constants.OAUTH2_ERROR_INVALID_REQUEST, null, paramters.State);
//// If there's an existing uri and one from input, verify that they match
if (!redirect_uri.Equals(paramters.RedirectUri, StringComparison.CurrentCultureIgnoreCase))
{
DoRedirectUriError(Constants.OAUTH2_ERROR_REDIRECT_URI_MISMATCH, null, null, paramters.State);
}
//// type and client_id are required
if (string.IsNullOrEmpty(paramters.ResponseType))
DoRedirectUriError(Constants.OAUTH2_ERROR_INVALID_REQUEST, Constants.OAUTH2_ERROR_UNSUPPORTED_RESPONSE_TYPE, null, paramters.State);
//// Check requested auth response type against the list of supported types
List<string> responseTypes = GetSupportedAuthResponseTypes();
if (!responseTypes.Contains(paramters.ResponseType))
DoRedirectUriError(Constants.OAUTH2_ERROR_UNSUPPORTED_RESPONSE_TYPE, null, null, paramters.State);
//// Validate that the requested scope is supported
if (!string.IsNullOrEmpty(paramters.Scope))
{
List<string> scopes = GetSupportedScopes();
if (!scopes.Contains(paramters.Scope))
DoRedirectUriError(Constants.OAUTH2_ERROR_INVALID_SCOPE, null, null, paramters.State);
}
return paramters;
}
public RequestAuthorizeParams GetAuthorizeParams()
{
RequestAuthorizeParams paramters = new RequestAuthorizeParams();
paramters.ClientId = current.Request.QueryString[Constants.ClientIdParameter];
paramters.ResponseType = current.Request.QueryString[Constants.ResponseTypeParameter];
paramters.RedirectUri = current.Request.QueryString[Constants.RedirectUriParameter];
paramters.State = current.Request.QueryString[Constants.StateParameter];
paramters.Scope = current.Request.QueryString[Constants.ScopeParameter];
//// Make sure a valid client id was supplied
if (string.IsNullOrEmpty(paramters.ClientId))
{
if (string.IsNullOrEmpty(paramters.RedirectUri))
{
DoRedirectUriError(Constants.OAUTH2_ERROR_INVALID_CLIENT, null, current.Request.RawUrl, paramters.State);
}
DoRedirectUriError(Constants.OAUTH2_HTTP_FOUND, Constants.OAUTH2_ERROR_INVALID_CLIENT, null, paramters.State);
}
//// redirect_uri is not required if already established via other channels
//// check an existing redirect URI against the one supplied
string redirect_uri = GetRedirectUri(paramters.ClientId);
//// getRedirectUri() should return FALSE if the given client ID is invalid
//// this probably saves us from making a separate db call, and simplifies the method set
if (string.IsNullOrEmpty(redirect_uri))
{
DoRedirectUriError(Constants.OAUTH2_ERROR_INVALID_CLIENT, null, null, paramters.State);
}
//// At least one of: existing redirect URI or input redirect URI must be specified
if (string.IsNullOrEmpty(paramters.RedirectUri))
{
DoRedirectUriError(Constants.OAUTH2_HTTP_FOUND, Constants.OAUTH2_ERROR_INVALID_REQUEST, null, paramters.State);
}
//// If there's an existing uri and one from input, verify that they match
if (!redirect_uri.Equals(paramters.RedirectUri, StringComparison.CurrentCultureIgnoreCase))
{
DoRedirectUriError(Constants.OAUTH2_ERROR_REDIRECT_URI_MISMATCH, null, null, paramters.State);
}
//// type and client_id are required
if (string.IsNullOrEmpty(paramters.ResponseType))
{
DoRedirectUriError(Constants.OAUTH2_ERROR_INVALID_REQUEST, Constants.OAUTH2_ERROR_UNSUPPORTED_RESPONSE_TYPE, null, paramters.State);
}
//// Check requested auth response type against the list of supported types
List <string> responseTypes = GetSupportedAuthResponseTypes();
if (!responseTypes.Contains(paramters.ResponseType))
{
DoRedirectUriError(Constants.OAUTH2_ERROR_UNSUPPORTED_RESPONSE_TYPE, null, null, paramters.State);
}
//// Validate that the requested scope is supported
if (!string.IsNullOrEmpty(paramters.Scope))
{
List <string> scopes = GetSupportedScopes();
if (!scopes.Contains(paramters.Scope))
{
DoRedirectUriError(Constants.OAUTH2_ERROR_INVALID_SCOPE, null, null, paramters.State);
}
}
return(paramters);
}
