diff --git a/src/OpenIddict.Client.AspNetCore/OpenIddictClientAspNetCoreHandlers.cs b/src/OpenIddict.Client.AspNetCore/OpenIddictClientAspNetCoreHandlers.cs index 4ecf99c6..04be9a7c 100644 --- a/src/OpenIddict.Client.AspNetCore/OpenIddictClientAspNetCoreHandlers.cs +++ b/src/OpenIddict.Client.AspNetCore/OpenIddictClientAspNetCoreHandlers.cs @@ -58,7 +58,19 @@ public static partial class OpenIddictClientAspNetCoreHandlers */ ResolveHostSignOutProperties.Descriptor, ValidateTransportSecurityRequirementForSignOut.Descriptor, - GenerateLogoutCorrelationCookie.Descriptor) + GenerateLogoutCorrelationCookie.Descriptor, + + /* + * Error processing: + */ + // Note: these handler registrations are only used as a last resort for errors that are not + // returned by an OpenIddict endpoint (e.g errors returned during a failed challenge demand). + // + // Errors returned by an OpenIddict endpoint are handled via the Apply*Response events. + AttachHttpResponseCode.Descriptor, + AttachCacheControlHeader.Descriptor, + ProcessStatusCodePagesErrorResponse.Descriptor, + ProcessLocalErrorResponse.Descriptor) .AddRange(Authentication.DefaultHandlers) .AddRange(Session.DefaultHandlers); @@ -1035,7 +1047,7 @@ public static partial class OpenIddictClientAspNetCoreHandlers = OpenIddictClientHandlerDescriptor.CreateBuilder() .AddFilter() .UseSingletonHandler>() - .SetOrder(100_000) + .SetOrder(int.MaxValue - 100_000) .SetType(OpenIddictClientHandlerType.BuiltIn) .Build(); @@ -1122,7 +1134,7 @@ public static partial class OpenIddictClientAspNetCoreHandlers .AddFilter() .AddFilter() .UseSingletonHandler>() - .SetOrder(100_000) + .SetOrder(AttachCacheControlHeader.Descriptor.Order + 1_000) .SetType(OpenIddictClientHandlerType.BuiltIn) .Build(); diff --git a/src/OpenIddict.Client.Owin/OpenIddictClientOwinHandlers.cs b/src/OpenIddict.Client.Owin/OpenIddictClientOwinHandlers.cs index 6f91ddeb..659d5706 100644 --- a/src/OpenIddict.Client.Owin/OpenIddictClientOwinHandlers.cs +++ b/src/OpenIddict.Client.Owin/OpenIddictClientOwinHandlers.cs @@ -53,7 +53,18 @@ public static partial class OpenIddictClientOwinHandlers */ ResolveHostSignOutProperties.Descriptor, ValidateTransportSecurityRequirementForSignOut.Descriptor, - GenerateLogoutCorrelationCookie.Descriptor) + GenerateLogoutCorrelationCookie.Descriptor, + + /* + * Error processing: + */ + // Note: these handler registrations are only used as a last resort for errors that are not + // returned by an OpenIddict endpoint (e.g errors returned during a failed challenge demand). + // + // Errors returned by an OpenIddict endpoint are handled via the Apply*Response events. + AttachHttpResponseCode.Descriptor, + AttachCacheControlHeader.Descriptor, + ProcessLocalErrorResponse.Descriptor) .AddRange(Authentication.DefaultHandlers) .AddRange(Session.DefaultHandlers); @@ -1097,7 +1108,7 @@ public static partial class OpenIddictClientOwinHandlers = OpenIddictClientHandlerDescriptor.CreateBuilder() .AddFilter() .UseSingletonHandler>() - .SetOrder(100_000) + .SetOrder(int.MaxValue - 100_000) .SetType(OpenIddictClientHandlerType.BuiltIn) .Build(); @@ -1303,7 +1314,7 @@ public static partial class OpenIddictClientOwinHandlers .AddFilter() .AddFilter() .UseSingletonHandler>() - .SetOrder(100_000) + .SetOrder(AttachCacheControlHeader.Descriptor.Order + 1_000) .SetType(OpenIddictClientHandlerType.BuiltIn) .Build(); diff --git a/src/OpenIddict.Client.SystemIntegration/OpenIddictClientSystemIntegrationHandlerFilters.cs b/src/OpenIddict.Client.SystemIntegration/OpenIddictClientSystemIntegrationHandlerFilters.cs index 234aeeed..8d0be75a 100644 --- a/src/OpenIddict.Client.SystemIntegration/OpenIddictClientSystemIntegrationHandlerFilters.cs +++ b/src/OpenIddict.Client.SystemIntegration/OpenIddictClientSystemIntegrationHandlerFilters.cs @@ -147,7 +147,6 @@ public static class OpenIddictClientSystemIntegrationHandlerFilters return new(mode is OpenIddictClientSystemIntegrationAuthenticationMode.WebAuthenticationBroker); } #endif - return new(false); } } diff --git a/src/OpenIddict.Client/OpenIddictClientHandlers.Authentication.cs b/src/OpenIddict.Client/OpenIddictClientHandlers.Authentication.cs index f7cd2c81..846d182b 100644 --- a/src/OpenIddict.Client/OpenIddictClientHandlers.Authentication.cs +++ b/src/OpenIddict.Client/OpenIddictClientHandlers.Authentication.cs @@ -382,7 +382,7 @@ public static partial class OpenIddictClientHandlers = OpenIddictClientHandlerDescriptor.CreateBuilder() .AddFilter() .UseScopedHandler>() - .SetOrder(int.MaxValue - 100_000) + .SetOrder(500_000) .SetType(OpenIddictClientHandlerType.BuiltIn) .Build(); diff --git a/src/OpenIddict.Client/OpenIddictClientHandlers.Session.cs b/src/OpenIddict.Client/OpenIddictClientHandlers.Session.cs index c1355ef9..b85ee094 100644 --- a/src/OpenIddict.Client/OpenIddictClientHandlers.Session.cs +++ b/src/OpenIddict.Client/OpenIddictClientHandlers.Session.cs @@ -373,7 +373,7 @@ public static partial class OpenIddictClientHandlers = OpenIddictClientHandlerDescriptor.CreateBuilder() .AddFilter() .UseScopedHandler>() - .SetOrder(int.MaxValue - 100_000) + .SetOrder(500_000) .SetType(OpenIddictClientHandlerType.BuiltIn) .Build(); diff --git a/src/OpenIddict.Client/OpenIddictClientHandlers.cs b/src/OpenIddict.Client/OpenIddictClientHandlers.cs index 0fed01d4..0bcc69d5 100644 --- a/src/OpenIddict.Client/OpenIddictClientHandlers.cs +++ b/src/OpenIddict.Client/OpenIddictClientHandlers.cs @@ -144,7 +144,8 @@ public static partial class OpenIddictClientHandlers /* * Error processing: */ - AttachErrorParameters.Descriptor) + AttachErrorParameters.Descriptor, + AttachCustomErrorParameters.Descriptor) .AddRange(Authentication.DefaultHandlers) .AddRange(Device.DefaultHandlers) @@ -6056,6 +6057,34 @@ public static partial class OpenIddictClientHandlers context.Response.ErrorDescription = context.ErrorDescription; context.Response.ErrorUri = context.ErrorUri; + return default; + } + } + + /// + /// Contains the logic responsible for attaching the parameters + /// populated from user-defined handlers to the error response. + /// + public sealed class AttachCustomErrorParameters : IOpenIddictClientHandler + { + /// + /// Gets the default descriptor definition assigned to this handler. + /// + public static OpenIddictClientHandlerDescriptor Descriptor { get; } + = OpenIddictClientHandlerDescriptor.CreateBuilder() + .UseSingletonHandler() + .SetOrder(100_000) + .SetType(OpenIddictClientHandlerType.BuiltIn) + .Build(); + + /// + public ValueTask HandleAsync(ProcessErrorContext context) + { + if (context is null) + { + throw new ArgumentNullException(nameof(context)); + } + if (context.Parameters.Count > 0) { foreach (var parameter in context.Parameters) diff --git a/src/OpenIddict.Server/OpenIddictServerHandlers.Authentication.cs b/src/OpenIddict.Server/OpenIddictServerHandlers.Authentication.cs index 51f035da..f35078be 100644 --- a/src/OpenIddict.Server/OpenIddictServerHandlers.Authentication.cs +++ b/src/OpenIddict.Server/OpenIddictServerHandlers.Authentication.cs @@ -309,7 +309,7 @@ public static partial class OpenIddictServerHandlers = OpenIddictServerHandlerDescriptor.CreateBuilder() .AddFilter() .UseScopedHandler>() - .SetOrder(int.MaxValue - 100_000) + .SetOrder(500_000) .SetType(OpenIddictServerHandlerType.BuiltIn) .Build(); diff --git a/src/OpenIddict.Server/OpenIddictServerHandlers.Device.cs b/src/OpenIddict.Server/OpenIddictServerHandlers.Device.cs index d3d108fe..d57c6b5c 100644 --- a/src/OpenIddict.Server/OpenIddictServerHandlers.Device.cs +++ b/src/OpenIddict.Server/OpenIddictServerHandlers.Device.cs @@ -301,7 +301,7 @@ public static partial class OpenIddictServerHandlers = OpenIddictServerHandlerDescriptor.CreateBuilder() .AddFilter() .UseScopedHandler>() - .SetOrder(int.MaxValue - 100_000) + .SetOrder(500_000) .SetType(OpenIddictServerHandlerType.BuiltIn) .Build(); @@ -1099,7 +1099,7 @@ public static partial class OpenIddictServerHandlers = OpenIddictServerHandlerDescriptor.CreateBuilder() .AddFilter() .UseScopedHandler>() - .SetOrder(int.MaxValue - 100_000) + .SetOrder(500_000) .SetType(OpenIddictServerHandlerType.BuiltIn) .Build(); diff --git a/src/OpenIddict.Server/OpenIddictServerHandlers.Discovery.cs b/src/OpenIddict.Server/OpenIddictServerHandlers.Discovery.cs index 3cc8d27a..aa28612c 100644 --- a/src/OpenIddict.Server/OpenIddictServerHandlers.Discovery.cs +++ b/src/OpenIddict.Server/OpenIddictServerHandlers.Discovery.cs @@ -281,7 +281,7 @@ public static partial class OpenIddictServerHandlers = OpenIddictServerHandlerDescriptor.CreateBuilder() .AddFilter() .UseScopedHandler>() - .SetOrder(int.MaxValue - 100_000) + .SetOrder(500_000) .SetType(OpenIddictServerHandlerType.BuiltIn) .Build(); @@ -1021,7 +1021,7 @@ public static partial class OpenIddictServerHandlers = OpenIddictServerHandlerDescriptor.CreateBuilder() .AddFilter() .UseScopedHandler>() - .SetOrder(int.MaxValue - 100_000) + .SetOrder(500_000) .SetType(OpenIddictServerHandlerType.BuiltIn) .Build(); diff --git a/src/OpenIddict.Server/OpenIddictServerHandlers.Exchange.cs b/src/OpenIddict.Server/OpenIddictServerHandlers.Exchange.cs index 0e4dda6a..6ddb26ad 100644 --- a/src/OpenIddict.Server/OpenIddictServerHandlers.Exchange.cs +++ b/src/OpenIddict.Server/OpenIddictServerHandlers.Exchange.cs @@ -306,7 +306,7 @@ public static partial class OpenIddictServerHandlers = OpenIddictServerHandlerDescriptor.CreateBuilder() .AddFilter() .UseScopedHandler>() - .SetOrder(int.MaxValue - 100_000) + .SetOrder(500_000) .SetType(OpenIddictServerHandlerType.BuiltIn) .Build(); diff --git a/src/OpenIddict.Server/OpenIddictServerHandlers.Introspection.cs b/src/OpenIddict.Server/OpenIddictServerHandlers.Introspection.cs index e29f87c3..5ccf7442 100644 --- a/src/OpenIddict.Server/OpenIddictServerHandlers.Introspection.cs +++ b/src/OpenIddict.Server/OpenIddictServerHandlers.Introspection.cs @@ -299,7 +299,7 @@ public static partial class OpenIddictServerHandlers = OpenIddictServerHandlerDescriptor.CreateBuilder() .AddFilter() .UseScopedHandler>() - .SetOrder(int.MaxValue - 100_000) + .SetOrder(500_000) .SetType(OpenIddictServerHandlerType.BuiltIn) .Build(); diff --git a/src/OpenIddict.Server/OpenIddictServerHandlers.Revocation.cs b/src/OpenIddict.Server/OpenIddictServerHandlers.Revocation.cs index f09205a2..cfbe50c5 100644 --- a/src/OpenIddict.Server/OpenIddictServerHandlers.Revocation.cs +++ b/src/OpenIddict.Server/OpenIddictServerHandlers.Revocation.cs @@ -246,7 +246,7 @@ public static partial class OpenIddictServerHandlers = OpenIddictServerHandlerDescriptor.CreateBuilder() .AddFilter() .UseScopedHandler>() - .SetOrder(int.MaxValue - 100_000) + .SetOrder(500_000) .SetType(OpenIddictServerHandlerType.BuiltIn) .Build(); diff --git a/src/OpenIddict.Server/OpenIddictServerHandlers.Session.cs b/src/OpenIddict.Server/OpenIddictServerHandlers.Session.cs index 57ef3eb7..f9583966 100644 --- a/src/OpenIddict.Server/OpenIddictServerHandlers.Session.cs +++ b/src/OpenIddict.Server/OpenIddictServerHandlers.Session.cs @@ -286,7 +286,7 @@ public static partial class OpenIddictServerHandlers = OpenIddictServerHandlerDescriptor.CreateBuilder() .AddFilter() .UseScopedHandler>() - .SetOrder(int.MaxValue - 100_000) + .SetOrder(500_000) .SetType(OpenIddictServerHandlerType.BuiltIn) .Build(); diff --git a/src/OpenIddict.Server/OpenIddictServerHandlers.Userinfo.cs b/src/OpenIddict.Server/OpenIddictServerHandlers.Userinfo.cs index b1948199..0a6e03ef 100644 --- a/src/OpenIddict.Server/OpenIddictServerHandlers.Userinfo.cs +++ b/src/OpenIddict.Server/OpenIddictServerHandlers.Userinfo.cs @@ -271,7 +271,7 @@ public static partial class OpenIddictServerHandlers = OpenIddictServerHandlerDescriptor.CreateBuilder() .AddFilter() .UseScopedHandler>() - .SetOrder(int.MaxValue - 100_000) + .SetOrder(500_000) .SetType(OpenIddictServerHandlerType.BuiltIn) .Build();