private async Task <IntrospectionResponse> GetIntrospectionResponse( Oauth2IntrospectionOptions oauth2IntrospectionOptions, string token) { Uri uri = null; var url = oauth2IntrospectionOptions.InstrospectionEndPoint; if (!Uri.TryCreate(url, UriKind.Absolute, out uri)) { throw new ArgumentException(ErrorDescriptions.TheIntrospectionEndPointIsNotAWellFormedUrl); } if (string.IsNullOrWhiteSpace(oauth2IntrospectionOptions.ClientId)) { throw new ArgumentException(string.Format(ErrorDescriptions.TheParameterCannotBeEmpty, nameof(oauth2IntrospectionOptions.ClientId))); } if (string.IsNullOrWhiteSpace(oauth2IntrospectionOptions.ClientSecret)) { throw new ArgumentException(string.Format(ErrorDescriptions.TheParameterCannotBeEmpty, nameof(oauth2IntrospectionOptions.ClientSecret))); } var introspectionRequestParameters = new Dictionary <string, string> { { Constants.IntrospectionRequestNames.Token, token }, { Constants.IntrospectionRequestNames.TokenTypeHint, "access_token" }, { Constants.IntrospectionRequestNames.ClientId, oauth2IntrospectionOptions.ClientId }, { Constants.IntrospectionRequestNames.ClientSecret, oauth2IntrospectionOptions.ClientSecret } }; var requestContent = new FormUrlEncodedContent(introspectionRequestParameters); var requestMessage = new HttpRequestMessage(HttpMethod.Post, oauth2IntrospectionOptions.InstrospectionEndPoint); requestMessage.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json")); requestMessage.Content = requestContent; var response = await _httpClient.SendAsync(requestMessage); if (!response.IsSuccessStatusCode) { return(null); } var content = await response.Content.ReadAsStringAsync(); return(ParseIntrospection(content)); }
public Oauth2IntrospectionMiddleware( RequestDelegate next, IApplicationBuilder app, IOptions <TOptions> options) { if (next == null) { throw new ArgumentNullException(nameof(next)); } if (options == null) { throw new ArgumentNullException(nameof(options)); } _next = next; _options = options.Value; var handler = _options.BackChannelHttpHandler; if (handler == null) { handler = new HttpClientHandler(); #if NETSTANDARD handler.ServerCertificateCustomValidationCallback = delegate { return(true); }; #else ServicePointManager.ServerCertificateValidationCallback += (sender, cert, chain, sslPolicyErrors) => true; #endif } _httpClient = new HttpClient(handler); var nullAuthenticationBuilder = app.New(); var nullAuthenticationOptions = new NullAuthenticationOptions { AutomaticAuthenticate = true, AutomaticChallenge = true }; nullAuthenticationBuilder.UseMiddleware <NullAuthenticationMiddleware>(Options.Create(nullAuthenticationOptions)); nullAuthenticationBuilder.Run(ctx => next(ctx)); _nullAuthenticationNext = nullAuthenticationBuilder.Build(); }
public static IApplicationBuilder UseAuthenticationWithIntrospection(this IApplicationBuilder app, Oauth2IntrospectionOptions oauth2IntrospectionOptions) { if (app == null) { throw new ArgumentNullException(nameof(app)); } if (oauth2IntrospectionOptions == null) { throw new ArgumentNullException(nameof(oauth2IntrospectionOptions)); } return(app.UseMiddleware <Oauth2IntrospectionMiddleware <Oauth2IntrospectionOptions> >(app, Options.Create(oauth2IntrospectionOptions))); }