本文整理汇总了C#中Thinktecture.AuthorizationServer.Models.ValidatedRequest类的典型用法代码示例。如果您正苦于以下问题:C# ValidatedRequest类的具体用法?C# ValidatedRequest怎么用?C# ValidatedRequest使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
ValidatedRequest类属于Thinktecture.AuthorizationServer.Models命名空间,在下文中一共展示了ValidatedRequest类的20个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的C#代码示例。
示例1: CreateTokenResponseFromAuthorizationCode
public virtual TokenResponse CreateTokenResponseFromAuthorizationCode(TokenHandle handle, ITokenHandleManager handleManager)
{
var resourceOwner = Principal.Create(
"OAuth2",
handle.ResourceOwner.ToClaims().ToArray());
var validatedRequest = new ValidatedRequest
{
Client = handle.Client,
Application = handle.Application,
Scopes = handle.Scopes
};
var response = CreateTokenResponse(validatedRequest, resourceOwner);
if (handle.CreateRefreshToken)
{
var refreshTokenHandle = TokenHandle.CreateRefreshTokenHandle(
resourceOwner.GetSubject(),
handle.Client,
handle.Application,
resourceOwner.Claims,
handle.Scopes,
handle.RefreshTokenExpiration);
handleManager.Add(refreshTokenHandle);
response.RefreshToken = refreshTokenHandle.HandleId;
}
handleManager.Delete(handle.HandleId);
return response;
}
开发者ID:pksorensen,项目名称:Thinktecture.AuthorizationServer,代码行数:33,代码来源:TokenService.cs
示例2: ProcessAssertionGrant
private HttpResponseMessage ProcessAssertionGrant(ValidatedRequest validatedRequest)
{
ClaimsPrincipal principal;
try
{
Tracing.Information("Calling assertion grant handler for assertion: " + validatedRequest.Assertion);
principal = _assertionGrantValidator.ValidateAssertion(validatedRequest);
}
catch (Exception ex)
{
Tracing.Error("Unhandled exception in assertion grant handler: " + ex.ToString());
throw;
}
if (principal == null)
{
Tracing.Error("Assertion grant handler failed to validate assertion");
return Request.CreateOAuthErrorResponse(OAuthConstants.Errors.InvalidGrant);
}
var sts = new TokenService(_config.GlobalConfiguration);
var response = sts.CreateTokenResponse(validatedRequest, principal);
return Request.CreateTokenResponse(response);
}
开发者ID:WilliamDoman,项目名称:Thinktecture.AuthorizationServer,代码行数:25,代码来源:TokenController.cs
示例3: ProcessClientCredentialsRequest
private HttpResponseMessage ProcessClientCredentialsRequest(ValidatedRequest validatedRequest)
{
Tracing.Information("Processing refresh token request");
var sts = new TokenService(_config.GlobalConfiguration);
var response = sts.CreateTokenResponse(validatedRequest);
return Request.CreateTokenResponse(response);
}
开发者ID:nanderto,项目名称:Thinktecture.AuthorizationServer,代码行数:8,代码来源:TokenController.cs
示例4: CreateTokenResponseFromRefreshToken
public virtual TokenResponse CreateTokenResponseFromRefreshToken(TokenHandle handle, ITokenHandleManager handleManager)
{
var resourceOwner = Principal.Create(
"OAuth2",
handle.ResourceOwner.ToClaims().ToArray());
var validatedRequest = new ValidatedRequest
{
Client = handle.Client,
Application = handle.Application,
Scopes = handle.Scopes,
};
var response = CreateTokenResponse(validatedRequest, resourceOwner);
response.RefreshToken = handle.HandleId;
return response;
}
开发者ID:Excelsior-Charles,项目名称:Thinktecture.AuthorizationServer,代码行数:18,代码来源:TokenService.cs
示例5: CreateTokenResponse
public virtual TokenResponse CreateTokenResponse(ValidatedRequest request, ClaimsPrincipal resourceOwner = null)
{
try
{
var claims = CreateClaims(request, resourceOwner);
var token = CreateToken(request, claims);
return new TokenResponse
{
AccessToken = WriteToken(token),
ExpiresIn = request.Application.TokenLifetime * 60,
TokenType = "Bearer"
};
}
catch (Exception ex)
{
Tracing.Error(ex.ToString());
throw;
}
}
开发者ID:smartpcr,项目名称:AuthorizationServer,代码行数:20,代码来源:TokenService.cs
示例6: PerformGrant
private ActionResult PerformGrant(ValidatedRequest validatedRequest)
{
// implicit grant
if (validatedRequest.ResponseType.Equals(OAuthConstants.ResponseTypes.Token, StringComparison.Ordinal))
{
return PerformImplicitGrant(validatedRequest);
}
// authorization code grant
if (validatedRequest.ResponseType.Equals(OAuthConstants.ResponseTypes.Code, StringComparison.Ordinal))
{
return PerformAuthorizationCodeGrant(validatedRequest);
}
return null;
}
开发者ID:nanderto,项目名称:Thinktecture.AuthorizationServer,代码行数:16,代码来源:AuthorizeController.cs
示例7: PerformAuthorizationCodeGrant
private ActionResult PerformAuthorizationCodeGrant(ValidatedRequest validatedRequest)
{
var handle = StoredGrant.CreateAuthorizationCode(
validatedRequest.Client,
validatedRequest.Application,
validatedRequest.RedirectUri.Uri,
ClaimsPrincipal.Current.FilterInternalClaims(),
validatedRequest.Scopes,
validatedRequest.RequestingRefreshToken,
validatedRequest.RequestedRefreshTokenExpiration);
_handleManager.Add(handle);
var tokenString = string.Format("code={0}", handle.GrantId);
if (!string.IsNullOrWhiteSpace(validatedRequest.State))
{
tokenString = string.Format("{0}&state={1}", tokenString, Server.UrlEncode(validatedRequest.State));
}
var redirectString = string.Format("{0}?{1}",
validatedRequest.RedirectUri.Uri,
tokenString);
return Redirect(redirectString);
}
开发者ID:nanderto,项目名称:Thinktecture.AuthorizationServer,代码行数:25,代码来源:AuthorizeController.cs
示例8: Validate
public ValidatedRequest Validate(Application application, AuthorizeRequest request)
{
// If the request fails due to a missing, invalid, or mismatching
// redirection URI, or if the client identifier is missing or invalid,
// the authorization server SHOULD inform the resource owner of the
// error and MUST NOT automatically redirect the user-agent to the
// invalid redirection URI.
var validatedRequest = new ValidatedRequest();
// validate request model binding
if (request == null)
{
throw new AuthorizeRequestResourceOwnerException("Invalid request parameters.");
}
validatedRequest.Application = application;
Tracing.InformationFormat("OAuth2 application: {0} ({1})",
validatedRequest.Application.Name,
validatedRequest.Application.Namespace);
validatedRequest.ShowRememberConsent = application.AllowRememberConsentDecision;
// make sure redirect uri is present
if (string.IsNullOrWhiteSpace(request.redirect_uri))
{
throw new AuthorizeRequestResourceOwnerException("Missing redirect URI");
}
// validate client
if (string.IsNullOrWhiteSpace(request.client_id))
{
throw new AuthorizeRequestResourceOwnerException("Missing client identifier");
}
var client = _clientManager.Get(request.client_id);
if (client == null)
{
throw new AuthorizeRequestResourceOwnerException("Invalid client: " + request.client_id);
}
validatedRequest.Client = client;
Tracing.InformationFormat("Client: {0} ({1})",
validatedRequest.Client.Name,
validatedRequest.Client.ClientId);
// make sure redirect_uri is a valid uri, and in case of http is over ssl
Uri redirectUri;
if (Uri.TryCreate(request.redirect_uri, UriKind.Absolute, out redirectUri))
{
if (redirectUri.Scheme == Uri.UriSchemeHttp)
{
throw new AuthorizeRequestClientException(
"Redirect URI not over SSL : " + request.redirect_uri,
new Uri(request.redirect_uri),
OAuthConstants.Errors.InvalidRequest,
string.Empty,
validatedRequest.State);
}
// make sure redirect uri is registered with client
var validUri = validatedRequest.Client.RedirectUris.Get(request.redirect_uri);
if (validUri == null)
{
throw new AuthorizeRequestResourceOwnerException("Invalid redirect URI: " + request.redirect_uri);
}
validatedRequest.RedirectUri = validUri;
Tracing.InformationFormat("Redirect URI: {0} ({1})",
validatedRequest.RedirectUri.Uri,
validatedRequest.RedirectUri.Description);
}
else
{
var message = "Invalid redirect URI: " + request.redirect_uri;
Tracing.Error(message);
throw new AuthorizeRequestResourceOwnerException("Invalid redirect URI: " + request.redirect_uri);
}
// check state
if (!string.IsNullOrWhiteSpace(request.state))
{
validatedRequest.State = request.state;
Tracing.Information("State: " + validatedRequest.State);
}
else
{
Tracing.Information("No state supplied.");
}
// validate response type
if (String.IsNullOrWhiteSpace(request.response_type))
{
throw new AuthorizeRequestClientException(
"response_type is null or empty",
new Uri(validatedRequest.RedirectUri.Uri),
OAuthConstants.Errors.InvalidRequest,
//.........这里部分代码省略.........
开发者ID:kahneraja,项目名称:Thinktecture.AuthorizationServer,代码行数:101,代码来源:AuthorizeRequestValidator.cs
示例9: ValidateRefreshTokenGrant
private void ValidateRefreshTokenGrant(ValidatedRequest validatedRequest, TokenRequest request)
{
if (_handleManager == null)
{
throw new ArgumentNullException("HandleManager");
}
if (!validatedRequest.Client.AllowRefreshToken)
{
throw new TokenRequestValidationException(
"Refresh tokens not allowed for client",
OAuthConstants.Errors.UnauthorizedClient);
}
// check for refresh token
if (string.IsNullOrWhiteSpace(request.Refresh_Token))
{
throw new TokenRequestValidationException(
"Missing refresh token",
OAuthConstants.Errors.InvalidGrant);
}
validatedRequest.RefreshToken = request.Refresh_Token;
Tracing.Information("Refresh token: " + validatedRequest.RefreshToken);
// check for refresh token in datastore
var handle = _handleManager.Get(validatedRequest.RefreshToken);
if (handle == null)
{
throw new TokenRequestValidationException(
"Refresh token not found: " + validatedRequest.RefreshToken,
OAuthConstants.Errors.InvalidGrant);
}
validatedRequest.StoredGrant = handle;
Tracing.Information("Token handle found: " + handle.GrantId);
// make sure the refresh token has an expiration time
if (validatedRequest.StoredGrant.Expiration == null)
{
throw new TokenRequestValidationException(
"No expiration time set for refresh token. That's not allowed.",
OAuthConstants.Errors.InvalidGrant);
}
// make sure refresh token has not expired
if (DateTime.UtcNow > validatedRequest.StoredGrant.Expiration)
{
throw new TokenRequestValidationException(
"Refresh token expired.",
OAuthConstants.Errors.InvalidGrant);
}
// check the client binding
if (handle.Client.ClientId != validatedRequest.Client.ClientId)
{
throw new TokenRequestValidationException(
string.Format("Client {0} is trying to refresh token from {1}.", validatedRequest.Client.ClientId, handle.Client.ClientId),
OAuthConstants.Errors.InvalidGrant);
}
}
开发者ID:murat0058,项目名称:AuthorizationServer,代码行数:61,代码来源:TokenRequestValidator.cs
示例10: ValidateScopes
private static void ValidateScopes(ValidatedRequest validatedRequest, TokenRequest request)
{
// validate scope
if (string.IsNullOrWhiteSpace(request.Scope))
{
throw new TokenRequestValidationException(
"Missing scope",
OAuthConstants.Errors.InvalidScope);
}
// make sure client is allowed to request all scope
var requestedScopes = request.Scope.Split(' ').ToList();
List<Scope> resultingScopes;
if (validatedRequest.Application.Scopes.TryValidateScopes(validatedRequest.Client.ClientId, requestedScopes, out resultingScopes))
{
validatedRequest.Scopes = resultingScopes;
Tracing.InformationFormat("Requested scopes: {0}", request.Scope);
}
else
{
throw new TokenRequestValidationException(
"Invalid scope",
OAuthConstants.Errors.InvalidScope);
}
}
开发者ID:Excelsior-Charles,项目名称:Thinktecture.AuthorizationServer,代码行数:26,代码来源:TokenRequestValidator.cs
示例11: ValidateAssertionGrant
private void ValidateAssertionGrant(ValidatedRequest validatedRequest, TokenRequest request)
{
ValidateScopes(validatedRequest, request);
if (validatedRequest.Client.Flow != OAuthFlow.Assertion)
{
throw new TokenRequestValidationException(
"Assertion flow not allowed for client",
OAuthConstants.Errors.UnauthorizedClient);
}
}
开发者ID:murat0058,项目名称:AuthorizationServer,代码行数:11,代码来源:TokenRequestValidator.cs
示例12: ProcessResourceOwnerCredentialRequest
private HttpResponseMessage ProcessResourceOwnerCredentialRequest(ValidatedRequest validatedRequest)
{
Tracing.Information("Processing resource owner credential request");
ClaimsPrincipal principal;
try
{
principal = _rocv.Validate(validatedRequest.UserName, validatedRequest.Password);
}
catch (Exception ex)
{
Tracing.Error("Resource owner credential validation failed: " + ex.ToString());
throw;
}
if (principal != null && principal.Identity.IsAuthenticated)
{
var response = _tokenService.CreateTokenResponse(validatedRequest, principal);
// check if refresh token is enabled for the client
if (validatedRequest.Client.AllowRefreshToken && validatedRequest.Application.AllowRefreshToken)
{
var handle = StoredGrant.CreateRefreshTokenHandle(
principal.GetSubject(),
validatedRequest.Client,
validatedRequest.Application,
principal.Claims,
validatedRequest.Scopes,
DateTime.UtcNow.AddYears(5));
_handleManager.Add(handle);
response.RefreshToken = handle.GrantId;
}
return Request.CreateTokenResponse(response);
}
else
{
return Request.CreateOAuthErrorResponse(OAuthConstants.Errors.InvalidGrant);
}
}
开发者ID:rzontar,项目名称:Thinktecture.AuthorizationServer,代码行数:41,代码来源:TokenController.cs
示例13: ProcessRefreshTokenRequest
private HttpResponseMessage ProcessRefreshTokenRequest(ValidatedRequest validatedRequest)
{
Tracing.Information("Processing refresh token request");
var response = _tokenService.CreateTokenResponse(validatedRequest.StoredGrant, _handleManager);
return Request.CreateTokenResponse(response);
}
开发者ID:rzontar,项目名称:Thinktecture.AuthorizationServer,代码行数:7,代码来源:TokenController.cs
示例14: ProcessAuthorizationCodeRequest
private HttpResponseMessage ProcessAuthorizationCodeRequest(ValidatedRequest validatedRequest)
{
Tracing.Information("Processing authorization code request");
var tokenService = new TokenService(_config.GlobalConfiguration);
var response = tokenService.CreateTokenResponse(validatedRequest.TokenHandle, _handleManager);
return Request.CreateTokenResponse(response);
}
开发者ID:Excelsior-Charles,项目名称:Thinktecture.AuthorizationServer,代码行数:9,代码来源:TokenController.cs
示例15: CreateTokenResponseFromRefreshToken
public virtual TokenResponse CreateTokenResponseFromRefreshToken(StoredGrant handle, IStoredGrantManager handleManager)
{
var resourceOwner = Principal.Create(
"OAuth2",
handle.ResourceOwner.ToClaims().ToArray());
if (DateTime.UtcNow > handle.Expiration)
{
throw new InvalidOperationException("Refresh token has expired.");
}
var validatedRequest = new ValidatedRequest
{
Client = handle.Client,
Application = handle.Application,
Scopes = handle.Scopes,
};
var response = CreateTokenResponse(validatedRequest, resourceOwner);
if (handle.CreateRefreshToken)
{
StoredGrant refreshTokenHandle;
if (validatedRequest.Application.AllowSlidingRefreshTokenExpiration)
{
var rememberTimeSpan = handle.Expiration.Subtract(handle.Created);
var newRefreshTokenExpiration = DateTime.UtcNow.Add(rememberTimeSpan);
refreshTokenHandle = StoredGrant.CreateRefreshTokenHandle(
resourceOwner.GetSubject(),
handle.Client,
handle.Application,
resourceOwner.Claims,
handle.Scopes,
newRefreshTokenExpiration,
createRefreshToken: validatedRequest.Client.AllowRefreshToken && validatedRequest.Application.AllowRefreshToken);
}
else
{
refreshTokenHandle = StoredGrant.CreateRefreshTokenHandle(
resourceOwner.GetSubject(),
handle.Client,
handle.Application,
resourceOwner.Claims,
handle.Scopes,
handle.Expiration,
createRefreshToken: validatedRequest.Client.AllowRefreshToken && validatedRequest.Application.AllowRefreshToken);
}
response.RefreshToken = refreshTokenHandle.GrantId;
handleManager.Add(refreshTokenHandle);
handleManager.Delete(handle.GrantId);
}
else
{
response.RefreshToken = handle.GrantId;
}
return response;
}
开发者ID:Excape,项目名称:Thinktecture.AuthorizationServer,代码行数:61,代码来源:TokenService.cs
示例16: ValidateClientCredentialsGrant
private void ValidateClientCredentialsGrant(ValidatedRequest validatedRequest, TokenRequest request)
{
if (validatedRequest.Client.Flow != OAuthFlow.Client)
{
throw new TokenRequestValidationException(
"Client flow not allowed for client",
OAuthConstants.Errors.UnsupportedGrantType);
}
ValidateScopes(validatedRequest, request);
}
开发者ID:Excelsior-Charles,项目名称:Thinktecture.AuthorizationServer,代码行数:11,代码来源:TokenRequestValidator.cs
示例17: Validate
public ValidatedRequest Validate(Application application, TokenRequest request, ClaimsPrincipal clientPrincipal)
{
var validatedRequest = new ValidatedRequest();
// validate request model binding
if (request == null)
{
throw new TokenRequestValidationException(
"Invalid request parameters.",
OAuthConstants.Errors.InvalidRequest);
}
validatedRequest.Application = application;
Tracing.InformationFormat("OAuth2 application: {0} ({1})",
validatedRequest.Application.Name,
validatedRequest.Application.Namespace);
// grant type is required
if (string.IsNullOrWhiteSpace(request.Grant_Type))
{
throw new TokenRequestValidationException(
"Missing grant_type",
OAuthConstants.Errors.UnsupportedGrantType);
}
validatedRequest.GrantType = request.Grant_Type;
Tracing.Information("Grant type: " + validatedRequest.GrantType);
// validate client credentials
var client = ValidateClient(clientPrincipal, validatedRequest.Application);
if (client == null)
{
throw new TokenRequestValidationException(
"Invalid client: " + ClaimsPrincipal.Current.Identity.Name,
OAuthConstants.Errors.InvalidClient);
}
validatedRequest.Client = client;
Tracing.InformationFormat("Client: {0} ({1})",
validatedRequest.Client.Name,
validatedRequest.Client.ClientId);
switch (request.Grant_Type)
{
case OAuthConstants.GrantTypes.AuthorizationCode:
ValidateCodeGrant(validatedRequest, request);
break;
case OAuthConstants.GrantTypes.Password:
ValidatePasswordGrant(validatedRequest, request);
break;
case OAuthConstants.GrantTypes.RefreshToken:
ValidateRefreshTokenGrant(validatedRequest, request);
break;
case OAuthConstants.GrantTypes.ClientCredentials:
ValidateClientCredentialsGrant(validatedRequest, request);
break;
default:
throw new TokenRequestValidationException(
"Invalid grant_type: " + request.Grant_Type,
OAuthConstants.Errors.UnsupportedGrantType);
}
Tracing.Information("Token request validation successful.");
return validatedRequest;
}
开发者ID:Excelsior-Charles,项目名称:Thinktecture.AuthorizationServer,代码行数:65,代码来源:TokenRequestValidator.cs
示例18: ValidateCodeGrant
private void ValidateCodeGrant(ValidatedRequest validatedRequest, TokenRequest request)
{
if (_handleManager == null)
{
throw new ArgumentNullException("HandleManager");
}
if (validatedRequest.Client.Flow != OAuthFlow.Code)
{
throw new TokenRequestValidationException(
"Code flow not allowed for client",
OAuthConstants.Errors.UnsupportedGrantType);
}
// code needs to be present
if (string.IsNullOrWhiteSpace(request.Code))
{
throw new TokenRequestValidationException(
"Missing authorization code",
OAuthConstants.Errors.InvalidGrant);
}
validatedRequest.AuthorizationCode = request.Code;
Tracing.Information("Authorization code: " + validatedRequest.AuthorizationCode);
// check for authorization code in datastore
var handle = _handleManager.Get(validatedRequest.AuthorizationCode);
if (handle == null)
{
throw new TokenRequestValidationException(
"Authorization code not found: " + validatedRequest.AuthorizationCode,
OAuthConstants.Errors.InvalidGrant);
}
validatedRequest.TokenHandle = handle;
Tracing.Information("Token handle found: " + handle.HandleId);
// check the client binding
if (handle.Client.ClientId != validatedRequest.Client.ClientId)
{
throw new TokenRequestValidationException(
string.Format("Client {0} is trying to request token using an authorization code from {1}.", validatedRequest.Client.ClientId, handle.Client.ClientId),
OAuthConstants.Errors.InvalidGrant);
}
// redirect URI is required
if (string.IsNullOrWhiteSpace(request.Redirect_Uri))
{
throw new TokenRequestValidationException(
string.Format("Redirect URI is missing"),
OAuthConstants.Errors.InvalidRequest);
}
// check if redirect URI from authorize and token request match
if (!handle.RedirectUri.Equals(request.Redirect_Uri))
{
throw new TokenRequestValidationException(
string.Format("Redirect URI in token request ({0}), does not match redirect URI from authorize request ({1})", validatedRequest.RedirectUri, handle.RedirectUri),
OAuthConstants.Errors.InvalidRequest);
}
}
开发者ID:Excelsior-Charles,项目名称:Thinktecture.AuthorizationServer,代码行数:61,代码来源:TokenRequestValidator.cs
示例19: PerformImplicitGrant
private ActionResult PerformImplicitGrant(ValidatedRequest validatedRequest)
{
Tracing.Information("Performing implict grant");
var sts = new TokenService(this._config.GlobalConfiguration);
var response = sts.CreateTokenResponse(validatedRequest, ClaimsPrincipal.Current);
var tokenString = string.Format("access_token={0}&token_type={1}&expires_in={2}",
response.AccessToken,
response.TokenType,
response.ExpiresIn);
if (!string.IsNullOrWhiteSpace(validatedRequest.State))
{
tokenString = string.Format("{0}&state={1}", tokenString, Server.UrlEncode(validatedRequest.State));
}
var redirectString = string.Format("{0}#{1}",
validatedRequest.RedirectUri.Uri,
tokenString);
Tracing.Information("Sending token response to redirect URI");
return Redirect(redirectString);
}
开发者ID:nanderto,项目名称:Thinktecture.AuthorizationServer,代码行数:24,代码来源:AuthorizeController.cs
示例20: CreateClaims
protected virtual IEnumerable<Claim> CreateClaims(ValidatedRequest request, ClaimsPrincipal resourceOwner = null)
{
var claims = new List<Claim>();
claims.AddRange(CreateRequestClaims(request));
if (resourceOwner != null)
{
claims.AddRange(CreateResourceOwnerClaims(resourceOwner));
}
return claims;
}
开发者ID:pksorensen,项目名称:Thinktecture.AuthorizationServer,代码行数:13,代码来源:TokenService.cs
注:本文中的Thinktecture.AuthorizationServer.Models.ValidatedRequest类示例由纯净天空整理自Github/MSDocs等源码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。 |
客服电话
APP下载
官方微信
请发表评论