protected async Task <IHttpActionResult> ProcessRequestAsync(NameValueCollection parameters, UserConsent consent = null)
{
_logger.Start("OIDC authorize endpoint.");
///////////////////////////////////////////////////////////////
// validate protocol parameters
//////////////////////////////////////////////////////////////
var result = _validator.ValidateProtocol(parameters);
var request = _validator.ValidatedRequest;
if (result.IsError)
{
return(this.AuthorizeError(
result.ErrorType,
result.Error,
request.ResponseMode,
request.RedirectUri,
request.State));
}
var interaction = _interactionGenerator.ProcessLogin(request, User as ClaimsPrincipal);
if (interaction.IsError)
{
return(this.AuthorizeError(interaction.Error));
}
if (interaction.IsLogin)
{
return(this.RedirectToLogin(interaction.SignInMessage, request.Raw, _settings));
}
// user must be authenticated at this point
if (!User.Identity.IsAuthenticated)
{
throw new InvalidOperationException("User is not authenticated");
}
request.Subject = User as ClaimsPrincipal;
///////////////////////////////////////////////////////////////
// validate client
//////////////////////////////////////////////////////////////
result = await _validator.ValidateClientAsync();
if (result.IsError)
{
return(this.AuthorizeError(
result.ErrorType,
result.Error,
request.ResponseMode,
request.RedirectUri,
request.State));
}
interaction = await _interactionGenerator.ProcessConsentAsync(request, consent);
if (interaction.IsError)
{
return(this.AuthorizeError(interaction.Error));
}
if (interaction.IsConsent)
{
return(CreateConsentResult(request, request.Raw, interaction.ConsentError));
}
return(await CreateAuthorizeResponseAsync(request));
}
protected async Task <IHttpActionResult> ProcessRequestAsync(NameValueCollection parameters, UserConsent consent = null)
{
if (!_options.AuthorizeEndpoint.IsEnabled)
{
Logger.Warn("Endpoint is disabled. Aborting");
return(NotFound());
}
///////////////////////////////////////////////////////////////
// validate protocol parameters
//////////////////////////////////////////////////////////////
var result = _validator.ValidateProtocol(parameters);
var request = _validator.ValidatedRequest;
if (result.IsError)
{
return(this.AuthorizeError(
result.ErrorType,
result.Error,
request.ResponseMode,
request.RedirectUri,
request.State));
}
var loginInteraction = _interactionGenerator.ProcessLogin(request, User as ClaimsPrincipal);
if (loginInteraction.IsError)
{
return(this.AuthorizeError(loginInteraction.Error));
}
if (loginInteraction.IsLogin)
{
return(this.RedirectToLogin(loginInteraction.SignInMessage, request.Raw, _options));
}
// user must be authenticated at this point
if (!User.Identity.IsAuthenticated)
{
throw new InvalidOperationException("User is not authenticated");
}
request.Subject = User as ClaimsPrincipal;
///////////////////////////////////////////////////////////////
// validate client
//////////////////////////////////////////////////////////////
result = await _validator.ValidateClientAsync();
if (result.IsError)
{
return(this.AuthorizeError(
result.ErrorType,
result.Error,
request.ResponseMode,
request.RedirectUri,
request.State));
}
var consentInteraction = await _interactionGenerator.ProcessConsentAsync(request, consent);
if (consentInteraction.IsError)
{
return(this.AuthorizeError(consentInteraction.Error));
}
if (consentInteraction.IsConsent)
{
Logger.Info("Showing consent screen");
return(CreateConsentResult(request, consent, request.Raw, consentInteraction.ConsentError));
}
return(await CreateAuthorizeResponseAsync(request));
}