private async Task <IntrospectionResponse> GetIntrospectionResponse(
Oauth2IntrospectionOptions oauth2IntrospectionOptions,
string token)
{
Uri uri = null;
var url = oauth2IntrospectionOptions.InstrospectionEndPoint;
if (!Uri.TryCreate(url, UriKind.Absolute, out uri))
{
throw new ArgumentException(ErrorDescriptions.TheIntrospectionEndPointIsNotAWellFormedUrl);
}
if (string.IsNullOrWhiteSpace(oauth2IntrospectionOptions.ClientId))
{
throw new ArgumentException(string.Format(ErrorDescriptions.TheParameterCannotBeEmpty, nameof(oauth2IntrospectionOptions.ClientId)));
}
if (string.IsNullOrWhiteSpace(oauth2IntrospectionOptions.ClientSecret))
{
throw new ArgumentException(string.Format(ErrorDescriptions.TheParameterCannotBeEmpty, nameof(oauth2IntrospectionOptions.ClientSecret)));
}
var introspectionRequestParameters = new Dictionary <string, string>
{
{ Constants.IntrospectionRequestNames.Token, token },
{ Constants.IntrospectionRequestNames.TokenTypeHint, "access_token" },
{ Constants.IntrospectionRequestNames.ClientId, oauth2IntrospectionOptions.ClientId },
{ Constants.IntrospectionRequestNames.ClientSecret, oauth2IntrospectionOptions.ClientSecret }
};
var requestContent = new FormUrlEncodedContent(introspectionRequestParameters);
var requestMessage = new HttpRequestMessage(HttpMethod.Post, oauth2IntrospectionOptions.InstrospectionEndPoint);
requestMessage.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
requestMessage.Content = requestContent;
var response = await _httpClient.SendAsync(requestMessage);
if (!response.IsSuccessStatusCode)
{
return(null);
}
var content = await response.Content.ReadAsStringAsync();
return(ParseIntrospection(content));
}
public Oauth2IntrospectionMiddleware(
RequestDelegate next,
IApplicationBuilder app,
IOptions <TOptions> options)
{
if (next == null)
{
throw new ArgumentNullException(nameof(next));
}
if (options == null)
{
throw new ArgumentNullException(nameof(options));
}
_next = next;
_options = options.Value;
var handler = _options.BackChannelHttpHandler;
if (handler == null)
{
handler = new HttpClientHandler();
#if NETSTANDARD
handler.ServerCertificateCustomValidationCallback = delegate { return(true); };
#else
ServicePointManager.ServerCertificateValidationCallback += (sender, cert, chain, sslPolicyErrors) => true;
#endif
}
_httpClient = new HttpClient(handler);
var nullAuthenticationBuilder = app.New();
var nullAuthenticationOptions = new NullAuthenticationOptions
{
AutomaticAuthenticate = true,
AutomaticChallenge = true
};
nullAuthenticationBuilder.UseMiddleware <NullAuthenticationMiddleware>(Options.Create(nullAuthenticationOptions));
nullAuthenticationBuilder.Run(ctx => next(ctx));
_nullAuthenticationNext = nullAuthenticationBuilder.Build();
}
public static IApplicationBuilder UseAuthenticationWithIntrospection(this IApplicationBuilder app, Oauth2IntrospectionOptions oauth2IntrospectionOptions)
{
if (app == null)
{
throw new ArgumentNullException(nameof(app));
}
if (oauth2IntrospectionOptions == null)
{
throw new ArgumentNullException(nameof(oauth2IntrospectionOptions));
}
return(app.UseMiddleware <Oauth2IntrospectionMiddleware <Oauth2IntrospectionOptions> >(app, Options.Create(oauth2IntrospectionOptions)));
}
