public ActionResult HandleRequest(AuthorizeRequest request) { // // first round of validation: // missing, invalid, or mismatching redirection URI or // missing or invalid client id // show error page to user // Client client; var error = CheckRequest(request, out client); if (error != null) { return(error); } // implicit grant if (request.response_type.Equals(OAuth2Constants.ResponseTypes.Token, StringComparison.Ordinal) || request.response_type.Equals(OAuth2Constants.ResponseTypes.Code, StringComparison.Ordinal)) { if (Configuration.OAuth2.EnableConsent) { RelyingParty rp; if (RPRepository.TryGet(request.scope, out rp)) { // show resource name, uri and client name // client is trying to access resource on your behalf var vm = new OAuth2ConsentViewModel { ResourceUri = rp.Realm.AbsoluteUri, ResourceName = rp.Name, ClientName = client.ClientId }; return(View("ShowConsent", vm)); } } else { var grantResult = PerformGrant(request, client); if (grantResult != null) { return(grantResult); } } } // todo: return appropiate error return(Error(client.RedirectUri, OAuth2Constants.Errors.UnsupportedResponseType, request.state)); }
public ActionResult HandleRequest(AuthorizeRequest request) { Tracing.Information("OAuth2 HandleRequest endpoint invoked"); // check client Client client; var error = CheckRequest(request, out client); if (error != null) { return(error); } RelyingParty rp; if (!RPRepository.TryGet(request.scope, out rp)) { Tracing.Error("RP not found for scope : " + request.scope); return(ClientError(client.RedirectUri, OAuth2Constants.Errors.InvalidScope, request.response_type, request.state)); } if (Configuration.OAuth2.EnableConsent) { // show resource name, uri and client name // client is trying to access resource on your behalf var vm = new OAuth2ConsentViewModel { ResourceUri = rp.Realm.AbsoluteUri, ResourceName = rp.Name, ClientName = client.ClientId, RefreshTokenEnabled = client.AllowRefreshToken }; return(View("ShowConsent", vm)); } else { var grantResult = PerformGrant(request, client); if (grantResult != null) { return(grantResult); } } // we don't know exactly why, so use ServerError Tracing.Error("Authorization Endpoint failed"); return(ClientError(client.RedirectUri, OAuth2Constants.Errors.ServerError, request.response_type, request.state)); }
public ActionResult HandleRequest(AuthorizeRequest request) { logger.Info("OAuth2 HandleRequest endpoint invoked"); // check client Client client; var error = CheckRequest(request, out client); if (error != null) return error; RelyingParty rp; if (!RPRepository.TryGet(request.scope, out rp)) { logger.Error("RP not found for scope : " + request.scope); return ClientError(client.RedirectUri, OAuth2Constants.Errors.InvalidScope, request.response_type, request.state); } if (Configuration.OAuth2.EnableConsent) { // show resource name, uri and client name // client is trying to access resource on your behalf var vm = new OAuth2ConsentViewModel { ResourceUri = rp.Realm.AbsoluteUri, ResourceName = rp.Name, ClientName = client.ClientId, RefreshTokenEnabled = client.AllowRefreshToken }; return View("ShowConsent", vm); } else { var grantResult = PerformGrant(request, client); if (grantResult != null) return grantResult; } // we don't know exactly why, so use ServerError logger.Error("Authorization Endpoint failed"); return ClientError(client.RedirectUri, OAuth2Constants.Errors.InvalidRequest, request.response_type, request.state); }
public ActionResult HandleRequest(AuthorizeRequest request) { // check client Client client; var error = CheckRequest(request, out client); if (error != null) return error; if (Configuration.OAuth2.EnableConsent) { RelyingParty rp; if (RPRepository.TryGet(request.scope, out rp)) { // show resource name, uri and client name // client is trying to access resource on your behalf var vm = new OAuth2ConsentViewModel { ResourceUri = rp.Realm.AbsoluteUri, ResourceName = rp.Name, ClientName = client.ClientId, RefreshTokenEnabled = client.AllowRefreshToken }; return View("ShowConsent", vm); } else { // unknown RP - error out return ClientError(client.RedirectUri, OAuth2Constants.Errors.InvalidScope, request.response_type, request.state); } } else { var grantResult = PerformGrant(request, client); if (grantResult != null) return grantResult; } return ClientError(client.RedirectUri, OAuth2Constants.Errors.InvalidRequest, request.response_type, request.state); }
public ActionResult HandleRequest(AuthorizeRequest request) { // // first round of validation: // missing, invalid, or mismatching redirection URI or // missing or invalid client id // show error page to user // Client client; var error = CheckRequest(request, out client); if (error != null) return error; // implicit grant if (request.response_type.Equals(OAuth2Constants.ResponseTypes.Token, StringComparison.Ordinal) || request.response_type.Equals(OAuth2Constants.ResponseTypes.Code, StringComparison.Ordinal)) { if (Configuration.OAuth2.EnableConsent) { RelyingParty rp; if (RPRepository.TryGet(request.scope, out rp)) { // show resource name, uri and client name // client is trying to access resource on your behalf var vm = new OAuth2ConsentViewModel { ResourceUri = rp.Realm.AbsoluteUri, ResourceName = rp.Name, ClientName = client.ClientId }; return View("ShowConsent", vm); } } else { var grantResult = PerformGrant(request, client); if (grantResult != null) return grantResult; } } // todo: return appropiate error return Error(client.RedirectUri, OAuth2Constants.Errors.UnsupportedResponseType, request.state); }