diff --git a/src/OpenIddict.Abstractions/OpenIddictBuilder.cs b/src/OpenIddict.Abstractions/OpenIddictBuilder.cs
index 88acb436..ab10dd05 100644
--- a/src/OpenIddict.Abstractions/OpenIddictBuilder.cs
+++ b/src/OpenIddict.Abstractions/OpenIddictBuilder.cs
@@ -35,4 +35,4 @@ namespace Microsoft.Extensions.DependencyInjection
[EditorBrowsable(EditorBrowsableState.Never)]
public IServiceCollection Services { get; }
}
-}
\ No newline at end of file
+}
diff --git a/src/OpenIddict.Core/OpenIddictCoreBuilder.cs b/src/OpenIddict.Core/OpenIddictCoreBuilder.cs
index 522fd3dc..9c8a4ec4 100644
--- a/src/OpenIddict.Core/OpenIddictCoreBuilder.cs
+++ b/src/OpenIddict.Core/OpenIddictCoreBuilder.cs
@@ -780,4 +780,4 @@ namespace Microsoft.Extensions.DependencyInjection
return Configure(options => options.DefaultTokenType = type);
}
}
-}
\ No newline at end of file
+}
diff --git a/src/OpenIddict.Server/IOpenIddictServerEvent.cs b/src/OpenIddict.Server/IOpenIddictServerEvent.cs
new file mode 100644
index 00000000..6b371320
--- /dev/null
+++ b/src/OpenIddict.Server/IOpenIddictServerEvent.cs
@@ -0,0 +1,7 @@
+namespace OpenIddict.Server
+{
+ ///
+ /// Represents an OpenIddict server event.
+ ///
+ public interface IOpenIddictServerEvent { }
+}
diff --git a/src/OpenIddict.Server/IOpenIddictServerEventHandler.cs b/src/OpenIddict.Server/IOpenIddictServerEventHandler.cs
new file mode 100644
index 00000000..d620c2ff
--- /dev/null
+++ b/src/OpenIddict.Server/IOpenIddictServerEventHandler.cs
@@ -0,0 +1,25 @@
+using System.Threading;
+using System.Threading.Tasks;
+using JetBrains.Annotations;
+
+namespace OpenIddict.Server
+{
+ ///
+ /// Represents a handler able to process events.
+ ///
+ /// The type of the events handled by this instance.
+ public interface IOpenIddictServerEventHandler where TEvent : class, IOpenIddictServerEvent
+ {
+ ///
+ /// Processes the event.
+ ///
+ /// The event to process.
+ ///
+ /// The that can be used to abort the operation.
+ ///
+ ///
+ /// A that can be used to monitor the asynchronous operation.
+ ///
+ Task HandleAsync([NotNull] TEvent notification, CancellationToken cancellationToken);
+ }
+}
diff --git a/src/OpenIddict.Server/IOpenIddictServerEventService.cs b/src/OpenIddict.Server/IOpenIddictServerEventService.cs
new file mode 100644
index 00000000..0549bf1f
--- /dev/null
+++ b/src/OpenIddict.Server/IOpenIddictServerEventService.cs
@@ -0,0 +1,22 @@
+using System.Threading;
+using System.Threading.Tasks;
+using JetBrains.Annotations;
+
+namespace OpenIddict.Server
+{
+ ///
+ /// Dispatches events by invoking the corresponding handlers.
+ ///
+ public interface IOpenIddictServerEventService
+ {
+ ///
+ /// Publishes a new event.
+ ///
+ /// The type of the event to publish.
+ /// The event to publish.
+ /// The that can be used to abort the operation.
+ /// A that can be used to monitor the asynchronous operation.
+ Task PublishAsync([NotNull] TEvent notification, CancellationToken cancellationToken = default)
+ where TEvent : class, IOpenIddictServerEvent;
+ }
+}
diff --git a/src/OpenIddict.Server/Internal/OpenIddictServerProvider.Authentication.cs b/src/OpenIddict.Server/Internal/OpenIddictServerProvider.Authentication.cs
index fe0597f5..e4dd4f44 100644
--- a/src/OpenIddict.Server/Internal/OpenIddictServerProvider.Authentication.cs
+++ b/src/OpenIddict.Server/Internal/OpenIddictServerProvider.Authentication.cs
@@ -110,7 +110,8 @@ namespace OpenIddict.Server
}
}
- await base.ExtractAuthorizationRequest(context);
+ await GetEventService(context.HttpContext.RequestServices)
+ .PublishAsync(new OpenIddictServerEvents.ExtractAuthorizationRequest(context));
}
public override async Task ValidateAuthorizationRequest([NotNull] ValidateAuthorizationRequestContext context)
@@ -441,7 +442,8 @@ namespace OpenIddict.Server
context.Validate();
- await base.ValidateAuthorizationRequest(context);
+ await GetEventService(context.HttpContext.RequestServices)
+ .PublishAsync(new OpenIddictServerEvents.ValidateAuthorizationRequest(context));
}
public override async Task HandleAuthorizationRequest([NotNull] HandleAuthorizationRequestContext context)
@@ -493,7 +495,8 @@ namespace OpenIddict.Server
return;
}
- await base.HandleAuthorizationRequest(context);
+ await GetEventService(context.HttpContext.RequestServices)
+ .PublishAsync(new OpenIddictServerEvents.HandleAuthorizationRequest(context));
}
public override async Task ApplyAuthorizationResponse([NotNull] ApplyAuthorizationResponseContext context)
@@ -534,7 +537,8 @@ namespace OpenIddict.Server
}
}
- await base.ApplyAuthorizationResponse(context);
+ await GetEventService(context.HttpContext.RequestServices)
+ .PublishAsync(new OpenIddictServerEvents.ApplyAuthorizationResponse(context));
}
}
-}
\ No newline at end of file
+}
diff --git a/src/OpenIddict.Server/Internal/OpenIddictServerProvider.Discovery.cs b/src/OpenIddict.Server/Internal/OpenIddictServerProvider.Discovery.cs
index 6dba5d7f..b3d630b4 100644
--- a/src/OpenIddict.Server/Internal/OpenIddictServerProvider.Discovery.cs
+++ b/src/OpenIddict.Server/Internal/OpenIddictServerProvider.Discovery.cs
@@ -13,6 +13,14 @@ namespace OpenIddict.Server
{
public partial class OpenIddictServerProvider : OpenIdConnectServerProvider
{
+ public override Task ExtractConfigurationRequest([NotNull] ExtractConfigurationRequestContext context)
+ => GetEventService(context.HttpContext.RequestServices)
+ .PublishAsync(new OpenIddictServerEvents.ExtractConfigurationRequest(context));
+
+ public override Task ValidateConfigurationRequest([NotNull] ValidateConfigurationRequestContext context)
+ => GetEventService(context.HttpContext.RequestServices)
+ .PublishAsync(new OpenIddictServerEvents.ValidateConfigurationRequest(context));
+
public override Task HandleConfigurationRequest([NotNull] HandleConfigurationRequestContext context)
{
var options = (OpenIddictServerOptions) context.Options;
@@ -41,7 +49,27 @@ namespace OpenIddict.Server
context.Metadata[OpenIdConnectConstants.Metadata.RequestParameterSupported] = false;
context.Metadata[OpenIdConnectConstants.Metadata.RequestUriParameterSupported] = false;
- return base.HandleConfigurationRequest(context);
+ return GetEventService(context.HttpContext.RequestServices).PublishAsync(new OpenIddictServerEvents.HandleConfigurationRequest(context));
}
+
+ public override Task ApplyConfigurationResponse([NotNull] ApplyConfigurationResponseContext context)
+ => GetEventService(context.HttpContext.RequestServices)
+ .PublishAsync(new OpenIddictServerEvents.ApplyConfigurationResponse(context));
+
+ public override Task ExtractCryptographyRequest([NotNull] ExtractCryptographyRequestContext context)
+ => GetEventService(context.HttpContext.RequestServices)
+ .PublishAsync(new OpenIddictServerEvents.ExtractCryptographyRequest(context));
+
+ public override Task ValidateCryptographyRequest([NotNull] ValidateCryptographyRequestContext context)
+ => GetEventService(context.HttpContext.RequestServices)
+ .PublishAsync(new OpenIddictServerEvents.ValidateCryptographyRequest(context));
+
+ public override Task HandleCryptographyRequest([NotNull] HandleCryptographyRequestContext context)
+ => GetEventService(context.HttpContext.RequestServices)
+ .PublishAsync(new OpenIddictServerEvents.HandleCryptographyRequest(context));
+
+ public override Task ApplyCryptographyResponse([NotNull] ApplyCryptographyResponseContext context)
+ => GetEventService(context.HttpContext.RequestServices)
+ .PublishAsync(new OpenIddictServerEvents.ApplyCryptographyResponse(context));
}
-}
\ No newline at end of file
+}
diff --git a/src/OpenIddict.Server/Internal/OpenIddictServerProvider.Exchange.cs b/src/OpenIddict.Server/Internal/OpenIddictServerProvider.Exchange.cs
index b1884b9d..ccb1ace3 100644
--- a/src/OpenIddict.Server/Internal/OpenIddictServerProvider.Exchange.cs
+++ b/src/OpenIddict.Server/Internal/OpenIddictServerProvider.Exchange.cs
@@ -21,6 +21,10 @@ namespace OpenIddict.Server
{
public partial class OpenIddictServerProvider : OpenIdConnectServerProvider
{
+ public override Task ExtractTokenRequest([NotNull] ExtractTokenRequestContext context)
+ => GetEventService(context.HttpContext.RequestServices)
+ .PublishAsync(new OpenIddictServerEvents.ExtractTokenRequest(context));
+
public override async Task ValidateTokenRequest([NotNull] ValidateTokenRequestContext context)
{
var options = (OpenIddictServerOptions) context.Options;
@@ -293,7 +297,8 @@ namespace OpenIddict.Server
context.Validate();
- await base.ValidateTokenRequest(context);
+ await GetEventService(context.HttpContext.RequestServices)
+ .PublishAsync(new OpenIddictServerEvents.ValidateTokenRequest(context));
}
public override async Task HandleTokenRequest([NotNull] HandleTokenRequestContext context)
@@ -316,7 +321,8 @@ namespace OpenIddict.Server
// the user code to handle the token request.
context.SkipToNextMiddleware();
- await base.HandleTokenRequest(context);
+ await GetEventService(context.HttpContext.RequestServices)
+ .PublishAsync(new OpenIddictServerEvents.HandleTokenRequest(context));
return;
}
@@ -408,7 +414,12 @@ namespace OpenIddict.Server
// the user code to handle the token request.
context.SkipToNextMiddleware();
- await base.HandleTokenRequest(context);
+ await GetEventService(context.HttpContext.RequestServices)
+ .PublishAsync(new OpenIddictServerEvents.HandleTokenRequest(context));
}
+
+ public override Task ApplyTokenResponse([NotNull] ApplyTokenResponseContext context)
+ => GetEventService(context.HttpContext.RequestServices)
+ .PublishAsync(new OpenIddictServerEvents.ApplyTokenResponse(context));
}
-}
\ No newline at end of file
+}
diff --git a/src/OpenIddict.Server/Internal/OpenIddictServerProvider.Helpers.cs b/src/OpenIddict.Server/Internal/OpenIddictServerProvider.Helpers.cs
index 8182a42a..9e934677 100644
--- a/src/OpenIddict.Server/Internal/OpenIddictServerProvider.Helpers.cs
+++ b/src/OpenIddict.Server/Internal/OpenIddictServerProvider.Helpers.cs
@@ -682,7 +682,11 @@ namespace OpenIddict.Server
}
}
- private static ILogger GetLogger(IServiceProvider provider) => provider.GetRequiredService>();
+ private static ILogger GetLogger(IServiceProvider provider)
+ => provider.GetRequiredService>();
+
+ private static IOpenIddictServerEventService GetEventService(IServiceProvider provider)
+ => provider.GetRequiredService();
private static IOpenIddictApplicationManager GetApplicationManager(IServiceProvider provider)
=> provider.GetService() ?? throw new InvalidOperationException(new StringBuilder()
@@ -709,4 +713,4 @@ namespace OpenIddict.Server
.ToString());
}
-}
\ No newline at end of file
+}
diff --git a/src/OpenIddict.Server/Internal/OpenIddictServerProvider.Introspection.cs b/src/OpenIddict.Server/Internal/OpenIddictServerProvider.Introspection.cs
index b5494654..e40bc89f 100644
--- a/src/OpenIddict.Server/Internal/OpenIddictServerProvider.Introspection.cs
+++ b/src/OpenIddict.Server/Internal/OpenIddictServerProvider.Introspection.cs
@@ -18,6 +18,10 @@ namespace OpenIddict.Server
{
public partial class OpenIddictServerProvider : OpenIdConnectServerProvider
{
+ public override Task ExtractIntrospectionRequest([NotNull] ExtractIntrospectionRequestContext context)
+ => GetEventService(context.HttpContext.RequestServices)
+ .PublishAsync(new OpenIddictServerEvents.ExtractIntrospectionRequest(context));
+
public override async Task ValidateIntrospectionRequest([NotNull] ValidateIntrospectionRequestContext context)
{
var options = (OpenIddictServerOptions) context.Options;
@@ -98,7 +102,8 @@ namespace OpenIddict.Server
context.Validate();
- await base.ValidateIntrospectionRequest(context);
+ await GetEventService(context.HttpContext.RequestServices)
+ .PublishAsync(new OpenIddictServerEvents.ValidateIntrospectionRequest(context));
}
public override async Task HandleIntrospectionRequest([NotNull] HandleIntrospectionRequestContext context)
@@ -185,7 +190,12 @@ namespace OpenIddict.Server
}
}
- await base.HandleIntrospectionRequest(context);
+ await GetEventService(context.HttpContext.RequestServices)
+ .PublishAsync(new OpenIddictServerEvents.HandleIntrospectionRequest(context));
}
+
+ public override Task ApplyIntrospectionResponse([NotNull] ApplyIntrospectionResponseContext context)
+ => GetEventService(context.HttpContext.RequestServices)
+ .PublishAsync(new OpenIddictServerEvents.ApplyIntrospectionResponse(context));
}
-}
\ No newline at end of file
+}
diff --git a/src/OpenIddict.Server/Internal/OpenIddictServerProvider.Revocation.cs b/src/OpenIddict.Server/Internal/OpenIddictServerProvider.Revocation.cs
index 67d3d221..d60bad43 100644
--- a/src/OpenIddict.Server/Internal/OpenIddictServerProvider.Revocation.cs
+++ b/src/OpenIddict.Server/Internal/OpenIddictServerProvider.Revocation.cs
@@ -19,6 +19,10 @@ namespace OpenIddict.Server
{
public partial class OpenIddictServerProvider : OpenIdConnectServerProvider
{
+ public override Task ExtractRevocationRequest([NotNull] ExtractRevocationRequestContext context)
+ => GetEventService(context.HttpContext.RequestServices)
+ .PublishAsync(new OpenIddictServerEvents.ExtractRevocationRequest(context));
+
public override async Task ValidateRevocationRequest([NotNull] ValidateRevocationRequestContext context)
{
var options = (OpenIddictServerOptions) context.Options;
@@ -164,7 +168,8 @@ namespace OpenIddict.Server
context.Validate();
- await base.ValidateRevocationRequest(context);
+ await GetEventService(context.HttpContext.RequestServices)
+ .PublishAsync(new OpenIddictServerEvents.ValidateRevocationRequest(context));
}
public override async Task HandleRevocationRequest([NotNull] HandleRevocationRequestContext context)
@@ -239,7 +244,12 @@ namespace OpenIddict.Server
context.Revoked = true;
- await base.HandleRevocationRequest(context);
+ await GetEventService(context.HttpContext.RequestServices)
+ .PublishAsync(new OpenIddictServerEvents.HandleRevocationRequest(context));
}
+
+ public override Task ApplyRevocationResponse([NotNull] ApplyRevocationResponseContext context)
+ => GetEventService(context.HttpContext.RequestServices)
+ .PublishAsync(new OpenIddictServerEvents.ApplyRevocationResponse(context));
}
-}
\ No newline at end of file
+}
diff --git a/src/OpenIddict.Server/Internal/OpenIddictServerProvider.Serialization.cs b/src/OpenIddict.Server/Internal/OpenIddictServerProvider.Serialization.cs
index b7484786..c22b9838 100644
--- a/src/OpenIddict.Server/Internal/OpenIddictServerProvider.Serialization.cs
+++ b/src/OpenIddict.Server/Internal/OpenIddictServerProvider.Serialization.cs
@@ -34,7 +34,7 @@ namespace OpenIddict.Server
context.HandleResponse();
}
- await base.DeserializeAccessToken(context);
+ await GetEventService(context.HttpContext.RequestServices).PublishAsync(new OpenIddictServerEvents.DeserializeAccessToken(context));
}
public override async Task DeserializeAuthorizationCode([NotNull] DeserializeAuthorizationCodeContext context)
@@ -53,9 +53,12 @@ namespace OpenIddict.Server
// Prevent the OpenID Connect server middleware from using its default logic.
context.HandleResponse();
- await base.DeserializeAuthorizationCode(context);
+ await GetEventService(context.HttpContext.RequestServices).PublishAsync(new OpenIddictServerEvents.DeserializeAuthorizationCode(context));
}
+ public override Task DeserializeIdentityToken(DeserializeIdentityTokenContext context)
+ => GetEventService(context.HttpContext.RequestServices).PublishAsync(new OpenIddictServerEvents.DeserializeIdentityToken(context));
+
public override async Task DeserializeRefreshToken([NotNull] DeserializeRefreshTokenContext context)
{
var options = (OpenIddictServerOptions) context.Options;
@@ -72,7 +75,7 @@ namespace OpenIddict.Server
// Prevent the OpenID Connect server middleware from using its default logic.
context.HandleResponse();
- await base.DeserializeRefreshToken(context);
+ await GetEventService(context.HttpContext.RequestServices).PublishAsync(new OpenIddictServerEvents.DeserializeRefreshToken(context));
}
public override async Task SerializeAccessToken([NotNull] SerializeAccessTokenContext context)
@@ -99,7 +102,7 @@ namespace OpenIddict.Server
// Otherwise, let the OpenID Connect server middleware
// serialize the token using its default internal logic.
- await base.SerializeAccessToken(context);
+ await GetEventService(context.HttpContext.RequestServices).PublishAsync(new OpenIddictServerEvents.SerializeAccessToken(context));
}
public override async Task SerializeAuthorizationCode([NotNull] SerializeAuthorizationCodeContext context)
@@ -128,9 +131,12 @@ namespace OpenIddict.Server
// Otherwise, let the OpenID Connect server middleware
// serialize the token using its default internal logic.
- await base.SerializeAuthorizationCode(context);
+ await GetEventService(context.HttpContext.RequestServices).PublishAsync(new OpenIddictServerEvents.SerializeAuthorizationCode(context));
}
+ public override Task SerializeIdentityToken(SerializeIdentityTokenContext context)
+ => GetEventService(context.HttpContext.RequestServices).PublishAsync(new OpenIddictServerEvents.SerializeIdentityToken(context));
+
public override async Task SerializeRefreshToken([NotNull] SerializeRefreshTokenContext context)
{
var options = (OpenIddictServerOptions) context.Options;
@@ -157,7 +163,7 @@ namespace OpenIddict.Server
// Otherwise, let the OpenID Connect server middleware
// serialize the token using its default internal logic.
- await base.SerializeRefreshToken(context);
+ await GetEventService(context.HttpContext.RequestServices).PublishAsync(new OpenIddictServerEvents.SerializeRefreshToken(context));
}
}
-}
\ No newline at end of file
+}
diff --git a/src/OpenIddict.Server/Internal/OpenIddictServerProvider.Session.cs b/src/OpenIddict.Server/Internal/OpenIddictServerProvider.Session.cs
index 21abdf41..487110a2 100644
--- a/src/OpenIddict.Server/Internal/OpenIddictServerProvider.Session.cs
+++ b/src/OpenIddict.Server/Internal/OpenIddictServerProvider.Session.cs
@@ -81,7 +81,8 @@ namespace OpenIddict.Server
}
}
- await base.ExtractLogoutRequest(context);
+ await GetEventService(context.HttpContext.RequestServices)
+ .PublishAsync(new OpenIddictServerEvents.ExtractLogoutRequest(context));
}
public override async Task ValidateLogoutRequest([NotNull] ValidateLogoutRequestContext context)
@@ -158,7 +159,8 @@ namespace OpenIddict.Server
context.Validate();
- await base.ValidateLogoutRequest(context);
+ await GetEventService(context.HttpContext.RequestServices)
+ .PublishAsync(new OpenIddictServerEvents.ValidateLogoutRequest(context));
}
public override async Task HandleLogoutRequest([NotNull] HandleLogoutRequestContext context)
@@ -210,7 +212,8 @@ namespace OpenIddict.Server
return;
}
- await base.HandleLogoutRequest(context);
+ await GetEventService(context.HttpContext.RequestServices)
+ .PublishAsync(new OpenIddictServerEvents.HandleLogoutRequest(context));
}
public override async Task ApplyLogoutResponse([NotNull] ApplyLogoutResponseContext context)
@@ -251,7 +254,8 @@ namespace OpenIddict.Server
}
}
- await base.ApplyLogoutResponse(context);
+ await GetEventService(context.HttpContext.RequestServices)
+ .PublishAsync(new OpenIddictServerEvents.ApplyLogoutResponse(context));
}
}
-}
\ No newline at end of file
+}
diff --git a/src/OpenIddict.Server/Internal/OpenIddictServerProvider.Userinfo.cs b/src/OpenIddict.Server/Internal/OpenIddictServerProvider.Userinfo.cs
index d7bb2d15..a550b40b 100644
--- a/src/OpenIddict.Server/Internal/OpenIddictServerProvider.Userinfo.cs
+++ b/src/OpenIddict.Server/Internal/OpenIddictServerProvider.Userinfo.cs
@@ -24,7 +24,20 @@ namespace OpenIddict.Server
// the user code to handle the userinfo request.
context.SkipToNextMiddleware();
- return base.ExtractUserinfoRequest(context);
+ return GetEventService(context.HttpContext.RequestServices)
+ .PublishAsync(new OpenIddictServerEvents.ExtractUserinfoRequest(context));
}
+
+ public override Task ValidateUserinfoRequest([NotNull] ValidateUserinfoRequestContext context)
+ => GetEventService(context.HttpContext.RequestServices)
+ .PublishAsync(new OpenIddictServerEvents.ValidateUserinfoRequest(context));
+
+ public override Task HandleUserinfoRequest([NotNull] HandleUserinfoRequestContext context)
+ => GetEventService(context.HttpContext.RequestServices)
+ .PublishAsync(new OpenIddictServerEvents.HandleUserinfoRequest(context));
+
+ public override Task ApplyUserinfoResponse([NotNull] ApplyUserinfoResponseContext context)
+ => GetEventService(context.HttpContext.RequestServices)
+ .PublishAsync(new OpenIddictServerEvents.ApplyUserinfoResponse(context));
}
-}
\ No newline at end of file
+}
diff --git a/src/OpenIddict.Server/Internal/OpenIddictServerProvider.cs b/src/OpenIddict.Server/Internal/OpenIddictServerProvider.cs
index 96d35517..29216a0b 100644
--- a/src/OpenIddict.Server/Internal/OpenIddictServerProvider.cs
+++ b/src/OpenIddict.Server/Internal/OpenIddictServerProvider.cs
@@ -20,6 +20,10 @@ namespace OpenIddict.Server
[EditorBrowsable(EditorBrowsableState.Never)]
public partial class OpenIddictServerProvider : OpenIdConnectServerProvider
{
+ public override Task MatchEndpoint([NotNull] MatchEndpointContext context)
+ => GetEventService(context.HttpContext.RequestServices)
+ .PublishAsync(new OpenIddictServerEvents.MatchEndpoint(context));
+
public override Task ProcessChallengeResponse([NotNull] ProcessChallengeResponseContext context)
{
Debug.Assert(context.Request.IsAuthorizationRequest() ||
@@ -34,7 +38,8 @@ namespace OpenIddict.Server
context.Response.AddParameter(parameter.Item2, parameter.Item3);
}
- return base.ProcessChallengeResponse(context);
+ return GetEventService(context.HttpContext.RequestServices)
+ .PublishAsync(new OpenIddictServerEvents.ProcessChallengeResponse(context));
}
public override async Task ProcessSigninResponse([NotNull] ProcessSigninResponseContext context)
@@ -164,7 +169,8 @@ namespace OpenIddict.Server
context.Ticket.RemoveProperty(parameter.Item1);
}
- await base.ProcessSigninResponse(context);
+ await GetEventService(context.HttpContext.RequestServices)
+ .PublishAsync(new OpenIddictServerEvents.ProcessSigninResponse(context));
}
public override Task ProcessSignoutResponse([NotNull] ProcessSignoutResponseContext context)
@@ -178,61 +184,8 @@ namespace OpenIddict.Server
context.Response.AddParameter(parameter.Item2, parameter.Item3);
}
- return base.ProcessSignoutResponse(context);
- }
-
- public void Import([NotNull] OpenIdConnectServerProvider provider)
- {
- OnMatchEndpoint = provider.MatchEndpoint;
-
- OnExtractAuthorizationRequest = provider.ExtractAuthorizationRequest;
- OnExtractConfigurationRequest = provider.ExtractConfigurationRequest;
- OnExtractCryptographyRequest = provider.ExtractCryptographyRequest;
- OnExtractIntrospectionRequest = provider.ExtractIntrospectionRequest;
- OnExtractLogoutRequest = provider.ExtractLogoutRequest;
- OnExtractRevocationRequest = provider.ExtractRevocationRequest;
- OnExtractTokenRequest = provider.ExtractTokenRequest;
- OnExtractUserinfoRequest = provider.ExtractUserinfoRequest;
- OnValidateAuthorizationRequest = provider.ValidateAuthorizationRequest;
- OnValidateConfigurationRequest = provider.ValidateConfigurationRequest;
- OnValidateCryptographyRequest = provider.ValidateCryptographyRequest;
- OnValidateIntrospectionRequest = provider.ValidateIntrospectionRequest;
- OnValidateLogoutRequest = provider.ValidateLogoutRequest;
- OnValidateRevocationRequest = provider.ValidateRevocationRequest;
- OnValidateTokenRequest = provider.ValidateTokenRequest;
- OnValidateUserinfoRequest = provider.ValidateUserinfoRequest;
-
- OnHandleAuthorizationRequest = provider.HandleAuthorizationRequest;
- OnHandleConfigurationRequest = provider.HandleConfigurationRequest;
- OnHandleCryptographyRequest = provider.HandleCryptographyRequest;
- OnHandleIntrospectionRequest = provider.HandleIntrospectionRequest;
- OnHandleLogoutRequest = provider.HandleLogoutRequest;
- OnHandleRevocationRequest = provider.HandleRevocationRequest;
- OnHandleTokenRequest = provider.HandleTokenRequest;
- OnHandleUserinfoRequest = provider.HandleUserinfoRequest;
-
- OnApplyAuthorizationResponse = provider.ApplyAuthorizationResponse;
- OnApplyConfigurationResponse = provider.ApplyConfigurationResponse;
- OnApplyCryptographyResponse = provider.ApplyCryptographyResponse;
- OnApplyIntrospectionResponse = provider.ApplyIntrospectionResponse;
- OnApplyLogoutResponse = provider.ApplyLogoutResponse;
- OnApplyRevocationResponse = provider.ApplyRevocationResponse;
- OnApplyTokenResponse = provider.ApplyTokenResponse;
- OnApplyUserinfoResponse = provider.ApplyUserinfoResponse;
-
- OnProcessChallengeResponse = provider.ProcessChallengeResponse;
- OnProcessSigninResponse = provider.ProcessSigninResponse;
- OnProcessSignoutResponse = provider.ProcessSignoutResponse;
-
- OnDeserializeAccessToken = provider.DeserializeAccessToken;
- OnDeserializeAuthorizationCode = provider.DeserializeAuthorizationCode;
- OnDeserializeIdentityToken = provider.DeserializeIdentityToken;
- OnDeserializeRefreshToken = provider.DeserializeRefreshToken;
-
- OnSerializeAccessToken = provider.SerializeAccessToken;
- OnSerializeAuthorizationCode = provider.SerializeAuthorizationCode;
- OnSerializeIdentityToken = provider.SerializeIdentityToken;
- OnSerializeRefreshToken = provider.SerializeRefreshToken;
+ return GetEventService(context.HttpContext.RequestServices)
+ .PublishAsync(new OpenIddictServerEvents.ProcessSignoutResponse(context));
}
}
-}
\ No newline at end of file
+}
diff --git a/src/OpenIddict.Server/OpenIddictServerBuilder.cs b/src/OpenIddict.Server/OpenIddictServerBuilder.cs
index 973f720f..a0d932a1 100644
--- a/src/OpenIddict.Server/OpenIddictServerBuilder.cs
+++ b/src/OpenIddict.Server/OpenIddictServerBuilder.cs
@@ -12,8 +12,9 @@ using System.IO;
using System.Linq;
using System.Reflection;
using System.Security.Cryptography.X509Certificates;
+using System.Threading;
+using System.Threading.Tasks;
using AspNet.Security.OpenIdConnect.Primitives;
-using AspNet.Security.OpenIdConnect.Server;
using JetBrains.Annotations;
using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.DataProtection;
@@ -48,6 +49,98 @@ namespace Microsoft.Extensions.DependencyInjection
[EditorBrowsable(EditorBrowsableState.Never)]
public IServiceCollection Services { get; }
+ ///
+ /// Registers an event handler for the specified event type.
+ ///
+ /// The handler added to the DI container.
+ /// The .
+ [EditorBrowsable(EditorBrowsableState.Advanced)]
+ public OpenIddictServerBuilder AddEventHandler(
+ [NotNull] IOpenIddictServerEventHandler handler)
+ where TEvent : class, IOpenIddictServerEvent
+ {
+ if (handler == null)
+ {
+ throw new ArgumentNullException(nameof(handler));
+ }
+
+ Services.AddSingleton(handler);
+
+ return this;
+ }
+
+ ///
+ /// Registers an event handler for the specified event type.
+ ///
+ /// The handler added to the DI container.
+ /// The .
+ [EditorBrowsable(EditorBrowsableState.Advanced)]
+ public OpenIddictServerBuilder AddEventHandler([NotNull] Func handler)
+ where TEvent : class, IOpenIddictServerEvent
+ => AddEventHandler((notification, cancellationToken) => handler(notification));
+
+ ///
+ /// Registers an event handler for the specified event type.
+ ///
+ /// The handler added to the DI container.
+ /// The .
+ [EditorBrowsable(EditorBrowsableState.Advanced)]
+ public OpenIddictServerBuilder AddEventHandler([NotNull] Func handler)
+ where TEvent : class, IOpenIddictServerEvent
+ {
+ if (handler == null)
+ {
+ throw new ArgumentNullException(nameof(handler));
+ }
+
+ return AddEventHandler(new OpenIddictServerEventHandler(handler));
+ }
+
+ ///
+ /// Registers an event handler for the specified event type.
+ ///
+ /// The type of the event.
+ /// The type of the handler.
+ /// The lifetime of the registered service.
+ /// The .
+ [EditorBrowsable(EditorBrowsableState.Advanced)]
+ public OpenIddictServerBuilder AddEventHandler(
+ ServiceLifetime lifetime = ServiceLifetime.Scoped)
+ where TEvent : class, IOpenIddictServerEvent
+ where THandler : IOpenIddictServerEventHandler
+ => AddEventHandler(typeof(THandler));
+
+ ///
+ /// Registers an event handler for the specified event type.
+ ///
+ /// The type of the handler.
+ /// The lifetime of the registered service.
+ /// The .
+ [EditorBrowsable(EditorBrowsableState.Advanced)]
+ public OpenIddictServerBuilder AddEventHandler(
+ [NotNull] Type type, ServiceLifetime lifetime = ServiceLifetime.Scoped)
+ where TEvent : class, IOpenIddictServerEvent
+ {
+ if (type == null)
+ {
+ throw new ArgumentNullException(nameof(type));
+ }
+
+ if (lifetime == ServiceLifetime.Transient)
+ {
+ throw new ArgumentException("Handlers cannot be registered as transient services.", nameof(lifetime));
+ }
+
+ if (!typeof(IOpenIddictServerEventHandler).IsAssignableFrom(type))
+ {
+ throw new ArgumentException("The specified type is invalid.", nameof(type));
+ }
+
+ Services.Add(new ServiceDescriptor(typeof(IOpenIddictServerEventHandler), type, lifetime));
+
+ return this;
+ }
+
///
/// Amends the default OpenIddict server configuration.
///
@@ -145,7 +238,7 @@ namespace Microsoft.Extensions.DependencyInjection
if (string.IsNullOrEmpty(password))
{
- throw new ArgumentNullException(nameof(password));
+ throw new ArgumentException("The password cannot be null or empty.", nameof(password));
}
return Configure(options => options.SigningCredentials.AddCertificate(assembly, resource, password));
@@ -167,7 +260,7 @@ namespace Microsoft.Extensions.DependencyInjection
if (string.IsNullOrEmpty(password))
{
- throw new ArgumentNullException(nameof(password));
+ throw new ArgumentException("The password cannot be null or empty.", nameof(password));
}
return Configure(options => options.SigningCredentials.AddCertificate(stream, password));
@@ -194,7 +287,7 @@ namespace Microsoft.Extensions.DependencyInjection
if (string.IsNullOrEmpty(password))
{
- throw new ArgumentNullException(nameof(password));
+ throw new ArgumentException("The password cannot be null or empty.", nameof(password));
}
return Configure(options => options.SigningCredentials.AddCertificate(stream, password, flags));
@@ -513,24 +606,6 @@ namespace Microsoft.Extensions.DependencyInjection
return Configure(options => options.Claims.UnionWith(claims));
}
- ///
- /// Registers an application-specific OpenID Connect server provider whose events
- /// are automatically invoked for each request handled by the OpenIddict server handler.
- /// Using this method is NOT recommended if you're not familiar with the OIDC events model.
- ///
- /// The custom service.
- /// The .
- [EditorBrowsable(EditorBrowsableState.Advanced)]
- public OpenIddictServerBuilder RegisterProvider([NotNull] OpenIdConnectServerProvider provider)
- {
- if (provider == null)
- {
- throw new ArgumentNullException(nameof(provider));
- }
-
- return Configure(options => options.ApplicationProvider = provider);
- }
-
///
/// Registers the specified scopes as supported scopes so
/// they can be returned as part of the discovery document.
@@ -660,4 +735,4 @@ namespace Microsoft.Extensions.DependencyInjection
public OpenIddictServerBuilder UseRollingTokens()
=> Configure(options => options.UseRollingTokens = true);
}
-}
\ No newline at end of file
+}
diff --git a/src/OpenIddict.Server/OpenIddictServerEvent.cs b/src/OpenIddict.Server/OpenIddictServerEvent.cs
new file mode 100644
index 00000000..bc6d0b34
--- /dev/null
+++ b/src/OpenIddict.Server/OpenIddictServerEvent.cs
@@ -0,0 +1,24 @@
+using System;
+using JetBrains.Annotations;
+
+namespace OpenIddict.Server
+{
+ ///
+ /// Represents an OpenIddict server event.
+ ///
+ /// The type of the context instance associated with the event.
+ public class OpenIddictServerEvent : IOpenIddictServerEvent where TContext : class
+ {
+ ///
+ /// Creates a new instance of .
+ ///
+ /// The context instance associated with the event.
+ public OpenIddictServerEvent([NotNull] TContext context)
+ => Context = context ?? throw new ArgumentNullException(nameof(context));
+
+ ///
+ /// Gets the context instance associated with the event.
+ ///
+ public TContext Context { get; }
+ }
+}
diff --git a/src/OpenIddict.Server/OpenIddictServerEventHandler.cs b/src/OpenIddict.Server/OpenIddictServerEventHandler.cs
new file mode 100644
index 00000000..5986cc49
--- /dev/null
+++ b/src/OpenIddict.Server/OpenIddictServerEventHandler.cs
@@ -0,0 +1,46 @@
+using System;
+using System.Threading;
+using System.Threading.Tasks;
+using JetBrains.Annotations;
+
+namespace OpenIddict.Server
+{
+ ///
+ /// Represents a handler able to process events.
+ ///
+ /// The type of the events handled by this instance.
+ public class OpenIddictServerEventHandler : IOpenIddictServerEventHandler
+ where TEvent : class, IOpenIddictServerEvent
+ {
+ private readonly Func _handler;
+
+ ///
+ /// Creates a new event using the specified handler delegate.
+ ///
+ /// The event handler delegate
+ public OpenIddictServerEventHandler([NotNull] Func handler)
+ => _handler = handler ?? throw new ArgumentNullException(nameof(handler));
+
+ ///
+ /// Processes the event.
+ ///
+ /// The event to process.
+ ///
+ /// The that can be used to abort the operation.
+ ///
+ ///
+ /// A that can be used to monitor the asynchronous operation.
+ ///
+ public async Task HandleAsync(TEvent notification, CancellationToken cancellationToken)
+ {
+ if (notification == null)
+ {
+ throw new ArgumentNullException(nameof(notification));
+ }
+
+ cancellationToken.ThrowIfCancellationRequested();
+
+ await _handler.Invoke(notification, cancellationToken);
+ }
+ }
+}
diff --git a/src/OpenIddict.Server/OpenIddictServerEventService.cs b/src/OpenIddict.Server/OpenIddictServerEventService.cs
new file mode 100644
index 00000000..96499e03
--- /dev/null
+++ b/src/OpenIddict.Server/OpenIddictServerEventService.cs
@@ -0,0 +1,151 @@
+using System;
+using System.Threading;
+using System.Threading.Tasks;
+using AspNet.Security.OpenIdConnect.Primitives;
+using JetBrains.Annotations;
+using Microsoft.AspNetCore.Authentication;
+using Microsoft.Extensions.DependencyInjection;
+using static OpenIddict.Server.OpenIddictServerEvents;
+
+namespace OpenIddict.Server
+{
+ ///
+ /// Dispatches notifications by invoking the corresponding handlers.
+ ///
+ public class OpenIddictServerEventService : IOpenIddictServerEventService
+ {
+ private readonly IServiceProvider _provider;
+
+ public OpenIddictServerEventService([NotNull] IServiceProvider provider)
+ {
+ _provider = provider;
+ }
+
+ ///
+ /// Publishes a new event.
+ ///
+ /// The type of the event to publish.
+ /// The event to publish.
+ /// The that can be used to abort the operation.
+ /// A that can be used to monitor the asynchronous operation.
+ public async Task PublishAsync([NotNull] TEvent notification, CancellationToken cancellationToken = default)
+ where TEvent : class, IOpenIddictServerEvent
+ {
+ if (notification == null)
+ {
+ throw new ArgumentNullException(nameof(notification));
+ }
+
+ foreach (var handler in _provider.GetServices>())
+ {
+ cancellationToken.ThrowIfCancellationRequested();
+
+ await handler.HandleAsync(notification, cancellationToken);
+
+ // Note: the following logic determines whether next handlers should be invoked
+ // depending on whether the underlying event context was substantially updated.
+ switch (notification)
+ {
+ case MatchEndpoint value when value.Context.State != EventResultState.Continue: return;
+ case MatchEndpoint value when value.Context.IsAuthorizationEndpoint ||
+ value.Context.IsConfigurationEndpoint ||
+ value.Context.IsCryptographyEndpoint ||
+ value.Context.IsIntrospectionEndpoint ||
+ value.Context.IsLogoutEndpoint ||
+ value.Context.IsRevocationEndpoint ||
+ value.Context.IsTokenEndpoint ||
+ value.Context.IsUserinfoEndpoint: return;
+
+ case ExtractAuthorizationRequest value when value.Context.State != EventResultState.Continue: return;
+ case ExtractConfigurationRequest value when value.Context.State != EventResultState.Continue: return;
+ case ExtractCryptographyRequest value when value.Context.State != EventResultState.Continue: return;
+ case ExtractIntrospectionRequest value when value.Context.State != EventResultState.Continue: return;
+ case ExtractLogoutRequest value when value.Context.State != EventResultState.Continue: return;
+ case ExtractRevocationRequest value when value.Context.State != EventResultState.Continue: return;
+ case ExtractTokenRequest value when value.Context.State != EventResultState.Continue: return;
+ case ExtractUserinfoRequest value when value.Context.State != EventResultState.Continue: return;
+
+ case ValidateAuthorizationRequest value when value.Context.State != EventResultState.Continue: return;
+ case ValidateConfigurationRequest value when value.Context.State != EventResultState.Continue: return;
+ case ValidateCryptographyRequest value when value.Context.State != EventResultState.Continue: return;
+ case ValidateIntrospectionRequest value when value.Context.State != EventResultState.Continue: return;
+ case ValidateLogoutRequest value when value.Context.State != EventResultState.Continue: return;
+ case ValidateRevocationRequest value when value.Context.State != EventResultState.Continue: return;
+ case ValidateTokenRequest value when value.Context.State != EventResultState.Continue: return;
+ case ValidateUserinfoRequest value when value.Context.State != EventResultState.Continue: return;
+
+ case ValidateAuthorizationRequest value when value.Context.IsRejected: return;
+ case ValidateConfigurationRequest value when value.Context.IsRejected: return;
+ case ValidateCryptographyRequest value when value.Context.IsRejected: return;
+ case ValidateIntrospectionRequest value when value.Context.IsRejected: return;
+ case ValidateLogoutRequest value when value.Context.IsRejected: return;
+ case ValidateRevocationRequest value when value.Context.IsRejected: return;
+ case ValidateTokenRequest value when value.Context.IsRejected: return;
+ case ValidateUserinfoRequest value when value.Context.IsRejected: return;
+
+ case ValidateIntrospectionRequest value when value.Context.IsSkipped: return;
+ case ValidateRevocationRequest value when value.Context.IsSkipped: return;
+ case ValidateTokenRequest value when value.Context.IsSkipped: return;
+
+ case HandleAuthorizationRequest value when value.Context.State != EventResultState.Continue: return;
+ case HandleConfigurationRequest value when value.Context.State != EventResultState.Continue: return;
+ case HandleCryptographyRequest value when value.Context.State != EventResultState.Continue: return;
+ case HandleIntrospectionRequest value when value.Context.State != EventResultState.Continue: return;
+ case HandleLogoutRequest value when value.Context.State != EventResultState.Continue: return;
+ case HandleRevocationRequest value when value.Context.State != EventResultState.Continue: return;
+ case HandleTokenRequest value when value.Context.State != EventResultState.Continue: return;
+ case HandleUserinfoRequest value when value.Context.State != EventResultState.Continue: return;
+
+ case HandleAuthorizationRequest value when value.Context.Ticket != null: return;
+
+ case HandleTokenRequest value when value.Context.Ticket != null &&
+ !value.Context.Request.IsAuthorizationCodeGrantType() &&
+ !value.Context.Request.IsRefreshTokenGrantType(): return;
+
+ case HandleTokenRequest value when value.Context.Ticket == null &&
+ (value.Context.Request.IsAuthorizationCodeGrantType() ||
+ value.Context.Request.IsRefreshTokenGrantType()): return;
+
+ case HandleAuthorizationRequest value when value.Context.Ticket != null: return;
+
+ case ProcessChallengeResponse value when value.Context.State != EventResultState.Continue: return;
+ case ProcessSigninResponse value when value.Context.State != EventResultState.Continue: return;
+ case ProcessSignoutResponse value when value.Context.State != EventResultState.Continue: return;
+
+ case ProcessChallengeResponse value when value.Context.IsRejected: return;
+ case ProcessSigninResponse value when value.Context.IsRejected: return;
+ case ProcessSignoutResponse value when value.Context.IsRejected: return;
+
+ case ApplyAuthorizationResponse value when value.Context.State != EventResultState.Continue: return;
+ case ApplyConfigurationResponse value when value.Context.State != EventResultState.Continue: return;
+ case ApplyCryptographyResponse value when value.Context.State != EventResultState.Continue: return;
+ case ApplyIntrospectionResponse value when value.Context.State != EventResultState.Continue: return;
+ case ApplyLogoutResponse value when value.Context.State != EventResultState.Continue: return;
+ case ApplyRevocationResponse value when value.Context.State != EventResultState.Continue: return;
+ case ApplyTokenResponse value when value.Context.State != EventResultState.Continue: return;
+ case ApplyUserinfoResponse value when value.Context.State != EventResultState.Continue: return;
+
+ case DeserializeAuthorizationCode value when value.Context.State != EventResultState.Continue: return;
+ case DeserializeAccessToken value when value.Context.State != EventResultState.Continue: return;
+ case DeserializeIdentityToken value when value.Context.State != EventResultState.Continue: return;
+ case DeserializeRefreshToken value when value.Context.State != EventResultState.Continue: return;
+
+ case DeserializeAuthorizationCode value when value.Context.Ticket != null: return;
+ case DeserializeAccessToken value when value.Context.Ticket != null: return;
+ case DeserializeIdentityToken value when value.Context.Ticket != null: return;
+ case DeserializeRefreshToken value when value.Context.Ticket != null: return;
+
+ case SerializeAuthorizationCode value when value.Context.State != EventResultState.Continue: return;
+ case SerializeAccessToken value when value.Context.State != EventResultState.Continue: return;
+ case SerializeIdentityToken value when value.Context.State != EventResultState.Continue: return;
+ case SerializeRefreshToken value when value.Context.State != EventResultState.Continue: return;
+
+ case SerializeAuthorizationCode value when !string.IsNullOrEmpty(value.Context.AuthorizationCode): return;
+ case SerializeAccessToken value when !string.IsNullOrEmpty(value.Context.AccessToken): return;
+ case SerializeIdentityToken value when !string.IsNullOrEmpty(value.Context.IdentityToken): return;
+ case SerializeRefreshToken value when !string.IsNullOrEmpty(value.Context.RefreshToken): return;
+ }
+ }
+ }
+ }
+}
diff --git a/src/OpenIddict.Server/OpenIddictServerEvents.cs b/src/OpenIddict.Server/OpenIddictServerEvents.cs
new file mode 100644
index 00000000..d4de707b
--- /dev/null
+++ b/src/OpenIddict.Server/OpenIddictServerEvents.cs
@@ -0,0 +1,565 @@
+using AspNet.Security.OpenIdConnect.Server;
+using JetBrains.Annotations;
+
+namespace OpenIddict.Server
+{
+ ///
+ /// Contains common events used by the OpenIddict server handler.
+ ///
+ public static class OpenIddictServerEvents
+ {
+ ///
+ /// Represents an event called for each HTTP request to determine if
+ /// it should be handled by the OpenID Connect server middleware.
+ ///
+ public sealed class MatchEndpoint : OpenIddictServerEvent
+ {
+ ///
+ /// Creates a new instance of .
+ ///
+ /// The context instance associated with the notification.
+ public MatchEndpoint([NotNull] MatchEndpointContext context) : base(context) { }
+ }
+
+ ///
+ /// Represents an event called for each request to the authorization endpoint to give the user code
+ /// a chance to manually extract the authorization request from the ambient HTTP context.
+ ///
+ public sealed class ExtractAuthorizationRequest : OpenIddictServerEvent
+ {
+ ///
+ /// Creates a new instance of .
+ ///
+ /// The context instance associated with the notification.
+ public ExtractAuthorizationRequest([NotNull] ExtractAuthorizationRequestContext context) : base(context) { }
+ }
+
+ ///
+ /// Represents an event called for each request to the configuration endpoint to give the user code
+ /// a chance to manually extract the configuration request from the ambient HTTP context.
+ ///
+ public sealed class ExtractConfigurationRequest : OpenIddictServerEvent
+ {
+ ///
+ /// Creates a new instance of .
+ ///
+ /// The context instance associated with the notification.
+ public ExtractConfigurationRequest([NotNull] ExtractConfigurationRequestContext context) : base(context) { }
+ }
+
+ ///
+ /// Represents an event called for each request to the cryptography endpoint to give the user code
+ /// a chance to manually extract the cryptography request from the ambient HTTP context.
+ ///
+
+ public sealed class ExtractCryptographyRequest : OpenIddictServerEvent
+ {
+ ///
+ /// Creates a new instance of .
+ ///
+ /// The context instance associated with the notification.
+ public ExtractCryptographyRequest([NotNull] ExtractCryptographyRequestContext context) : base(context) { }
+ }
+
+ ///
+ /// Represents an event called for each request to the introspection endpoint to give the user code
+ /// a chance to manually extract the introspection request from the ambient HTTP context.
+ ///
+ public sealed class ExtractIntrospectionRequest : OpenIddictServerEvent
+ {
+ ///
+ /// Creates a new instance of .
+ ///
+ /// The context instance associated with the notification.
+ public ExtractIntrospectionRequest([NotNull] ExtractIntrospectionRequestContext context) : base(context) { }
+ }
+
+ ///
+ /// Represents an event called for each request to the logout endpoint to give the user code
+ /// a chance to manually extract the logout request from the ambient HTTP context.
+ ///
+ public sealed class ExtractLogoutRequest : OpenIddictServerEvent
+ {
+ ///
+ /// Creates a new instance of .
+ ///
+ /// The context instance associated with the notification.
+ public ExtractLogoutRequest([NotNull] ExtractLogoutRequestContext context) : base(context) { }
+ }
+
+ ///
+ /// Represents an event called for each request to the revocation endpoint to give the user code
+ /// a chance to manually extract the revocation request from the ambient HTTP context.
+ ///
+ public sealed class ExtractRevocationRequest : OpenIddictServerEvent
+ {
+ ///
+ /// Creates a new instance of .
+ ///
+ /// The context instance associated with the notification.
+ public ExtractRevocationRequest([NotNull] ExtractRevocationRequestContext context) : base(context) { }
+ }
+
+ ///
+ /// Represents an event called for each request to the token endpoint to give the user code
+ /// a chance to manually extract the token request from the ambient HTTP context.
+ ///
+ public sealed class ExtractTokenRequest : OpenIddictServerEvent
+ {
+ ///
+ /// Creates a new instance of .
+ ///
+ /// The context instance associated with the notification.
+ public ExtractTokenRequest([NotNull] ExtractTokenRequestContext context) : base(context) { }
+ }
+
+ ///
+ /// Represents an event called for each request to the userinfo endpoint to give the user code
+ /// a chance to manually extract the userinfo request from the ambient HTTP context.
+ ///
+ public sealed class ExtractUserinfoRequest : OpenIddictServerEvent
+ {
+ ///
+ /// Creates a new instance of .
+ ///
+ /// The context instance associated with the notification.
+ public ExtractUserinfoRequest([NotNull] ExtractUserinfoRequestContext context) : base(context) { }
+ }
+
+ ///
+ /// Represents an event called for each request to the authorization endpoint
+ /// to determine if the request is valid and should continue to be processed.
+ ///
+ public sealed class ValidateAuthorizationRequest : OpenIddictServerEvent
+ {
+ ///
+ /// Creates a new instance of .
+ ///
+ /// The context instance associated with the notification.
+ public ValidateAuthorizationRequest([NotNull] ValidateAuthorizationRequestContext context) : base(context) { }
+ }
+
+ ///
+ /// Represents an event called for each request to the configuration endpoint
+ /// to determine if the request is valid and should continue to be processed.
+ ///
+ public sealed class ValidateConfigurationRequest : OpenIddictServerEvent
+ {
+ ///
+ /// Creates a new instance of .
+ ///
+ /// The context instance associated with the notification.
+ public ValidateConfigurationRequest([NotNull] ValidateConfigurationRequestContext context) : base(context) { }
+ }
+
+ ///
+ /// Represents an event called for each request to the cryptography endpoint
+ /// to determine if the request is valid and should continue to be processed.
+ ///
+ public sealed class ValidateCryptographyRequest : OpenIddictServerEvent
+ {
+ ///
+ /// Creates a new instance of .
+ ///
+ /// The context instance associated with the notification.
+ public ValidateCryptographyRequest([NotNull] ValidateCryptographyRequestContext context) : base(context) { }
+ }
+
+ ///
+ /// Represents an event called for each request to the introspection endpoint
+ /// to determine if the request is valid and should continue to be processed.
+ ///
+ public sealed class ValidateIntrospectionRequest : OpenIddictServerEvent
+ {
+ ///
+ /// Creates a new instance of .
+ ///
+ /// The context instance associated with the notification.
+ public ValidateIntrospectionRequest([NotNull] ValidateIntrospectionRequestContext context) : base(context) { }
+ }
+
+ ///
+ /// Represents an event called for each request to the logout endpoint
+ /// to determine if the request is valid and should continue to be processed.
+ ///
+ public sealed class ValidateLogoutRequest : OpenIddictServerEvent
+ {
+ ///
+ /// Creates a new instance of .
+ ///
+ /// The context instance associated with the notification.
+ public ValidateLogoutRequest([NotNull] ValidateLogoutRequestContext context) : base(context) { }
+ }
+
+ ///
+ /// Represents an event called for each request to the revocation endpoint
+ /// to determine if the request is valid and should continue to be processed.
+ ///
+ public sealed class ValidateRevocationRequest : OpenIddictServerEvent
+ {
+ ///
+ /// Creates a new instance of .
+ ///
+ /// The context instance associated with the notification.
+ public ValidateRevocationRequest([NotNull] ValidateRevocationRequestContext context) : base(context) { }
+ }
+
+ ///
+ /// Represents an event called for each request to the token endpoint
+ /// to determine if the request is valid and should continue to be processed.
+ ///
+ public sealed class ValidateTokenRequest : OpenIddictServerEvent
+ {
+ ///
+ /// Creates a new instance of .
+ ///
+ /// The context instance associated with the notification.
+ public ValidateTokenRequest([NotNull] ValidateTokenRequestContext context) : base(context) { }
+ }
+
+ ///
+ /// Represents an event called for each request to the userinfo endpoint
+ /// to determine if the request is valid and should continue to be processed.
+ ///
+ public sealed class ValidateUserinfoRequest : OpenIddictServerEvent
+ {
+ ///
+ /// Creates a new instance of .
+ ///
+ /// The context instance associated with the notification.
+ public ValidateUserinfoRequest([NotNull] ValidateUserinfoRequestContext context) : base(context) { }
+ }
+
+ ///
+ /// Represents an event called for each validated authorization request
+ /// to allow the user code to decide how the request should be handled.
+ ///
+ public sealed class HandleAuthorizationRequest : OpenIddictServerEvent
+ {
+ ///
+ /// Creates a new instance of .
+ ///
+ /// The context instance associated with the notification.
+ public HandleAuthorizationRequest([NotNull] HandleAuthorizationRequestContext context) : base(context) { }
+ }
+
+ ///
+ /// Represents an event called for each validated configuration request
+ /// to allow the user code to decide how the request should be handled.
+ ///
+ public sealed class HandleConfigurationRequest : OpenIddictServerEvent
+ {
+ ///
+ /// Creates a new instance of .
+ ///
+ /// The context instance associated with the notification.
+ public HandleConfigurationRequest([NotNull] HandleConfigurationRequestContext context) : base(context) { }
+ }
+
+ ///
+ /// Represents an event called for each validated cryptography request
+ /// to allow the user code to decide how the request should be handled.
+ ///
+ public sealed class HandleCryptographyRequest : OpenIddictServerEvent
+ {
+ ///
+ /// Creates a new instance of .
+ ///
+ /// The context instance associated with the notification.
+ public HandleCryptographyRequest([NotNull] HandleCryptographyRequestContext context) : base(context) { }
+ }
+
+ ///
+ /// Represents an event called for each validated introspection request
+ /// to allow the user code to decide how the request should be handled.
+ ///
+ public sealed class HandleIntrospectionRequest : OpenIddictServerEvent
+ {
+ ///
+ /// Creates a new instance of .
+ ///
+ /// The context instance associated with the notification.
+ public HandleIntrospectionRequest([NotNull] HandleIntrospectionRequestContext context) : base(context) { }
+ }
+
+ ///
+ /// Represents an event called for each validated logout request
+ /// to allow the user code to decide how the request should be handled.
+ ///
+ public sealed class HandleLogoutRequest : OpenIddictServerEvent
+ {
+ ///
+ /// Creates a new instance of .
+ ///
+ /// The context instance associated with the notification.
+ public HandleLogoutRequest([NotNull] HandleLogoutRequestContext context) : base(context) { }
+ }
+
+ ///
+ /// Represents an event called for each validated revocation request
+ /// to allow the user code to decide how the request should be handled.
+ ///
+ public sealed class HandleRevocationRequest : OpenIddictServerEvent
+ {
+ ///
+ /// Creates a new instance of .
+ ///
+ /// The context instance associated with the notification.
+ public HandleRevocationRequest([NotNull] HandleRevocationRequestContext context) : base(context) { }
+ }
+
+ ///
+ /// Represents an event called for each validated token request
+ /// to allow the user code to decide how the request should be handled.
+ ///
+ public sealed class HandleTokenRequest : OpenIddictServerEvent
+ {
+ ///
+ /// Creates a new instance of .
+ ///
+ /// The context instance associated with the notification.
+ public HandleTokenRequest([NotNull] HandleTokenRequestContext context) : base(context) { }
+ }
+
+ ///
+ /// Represents an event called for each validated userinfo request
+ /// to allow the user code to decide how the request should be handled.
+ ///
+ public sealed class HandleUserinfoRequest : OpenIddictServerEvent
+ {
+ ///
+ /// Creates a new instance of .
+ ///
+ /// The context instance associated with the notification.
+ public HandleUserinfoRequest([NotNull] HandleUserinfoRequestContext context) : base(context) { }
+ }
+
+ ///
+ /// Represents an event called when processing a challenge response.
+ ///
+ public sealed class ProcessChallengeResponse : OpenIddictServerEvent
+ {
+ ///
+ /// Creates a new instance of .
+ ///
+ /// The context instance associated with the notification.
+ public ProcessChallengeResponse([NotNull] ProcessChallengeResponseContext context) : base(context) { }
+ }
+
+ ///
+ /// Represents an event called when processing a sign-in response.
+ ///
+ public sealed class ProcessSigninResponse : OpenIddictServerEvent
+ {
+ ///
+ /// Creates a new instance of .
+ ///
+ /// The context instance associated with the notification.
+ public ProcessSigninResponse([NotNull] ProcessSigninResponseContext context) : base(context) { }
+ }
+
+ ///
+ /// Represents an event called when processing a sign-out response.
+ ///
+ public sealed class ProcessSignoutResponse : OpenIddictServerEvent
+ {
+ ///
+ /// Creates a new instance of .
+ ///
+ /// The context instance associated with the notification.
+ public ProcessSignoutResponse([NotNull] ProcessSignoutResponseContext context) : base(context) { }
+ }
+
+ ///
+ /// Represents an event called before the authorization response is returned to the caller.
+ ///
+ public sealed class ApplyAuthorizationResponse : OpenIddictServerEvent
+ {
+ ///
+ /// Creates a new instance of .
+ ///
+ /// The context instance associated with the notification.
+ public ApplyAuthorizationResponse([NotNull] ApplyAuthorizationResponseContext context) : base(context) { }
+ }
+
+ ///
+ /// Represents an event called before the configuration response is returned to the caller.
+ ///
+ public sealed class ApplyConfigurationResponse : OpenIddictServerEvent
+ {
+ ///
+ /// Creates a new instance of .
+ ///
+ /// The context instance associated with the notification.
+ public ApplyConfigurationResponse([NotNull] ApplyConfigurationResponseContext context) : base(context) { }
+ }
+
+ ///
+ /// Represents an event called before the cryptography response is returned to the caller.
+ ///
+ public sealed class ApplyCryptographyResponse : OpenIddictServerEvent
+ {
+ ///
+ /// Creates a new instance of .
+ ///
+ /// The context instance associated with the notification.
+ public ApplyCryptographyResponse([NotNull] ApplyCryptographyResponseContext context) : base(context) { }
+ }
+
+ ///
+ /// Represents an event called before the introspection response is returned to the caller.
+ ///
+ public sealed class ApplyIntrospectionResponse : OpenIddictServerEvent
+ {
+ ///
+ /// Creates a new instance of .
+ ///
+ /// The context instance associated with the notification.
+ public ApplyIntrospectionResponse([NotNull] ApplyIntrospectionResponseContext context) : base(context) { }
+ }
+
+ ///
+ /// Represents an event called before the logout response is returned to the caller.
+ ///
+ public sealed class ApplyLogoutResponse : OpenIddictServerEvent
+ {
+ ///
+ /// Creates a new instance of .
+ ///
+ /// The context instance associated with the notification.
+ public ApplyLogoutResponse([NotNull] ApplyLogoutResponseContext context) : base(context) { }
+ }
+
+ ///
+ /// Represents an event called before the revocation response is returned to the caller.
+ ///
+ public sealed class ApplyRevocationResponse : OpenIddictServerEvent
+ {
+ ///
+ /// Creates a new instance of .
+ ///
+ /// The context instance associated with the notification.
+ public ApplyRevocationResponse([NotNull] ApplyRevocationResponseContext context) : base(context) { }
+ }
+
+ ///
+ /// Represents an event called before the token response is returned to the caller.
+ ///
+ public sealed class ApplyTokenResponse : OpenIddictServerEvent
+ {
+ ///
+ /// Creates a new instance of .
+ ///
+ /// The context instance associated with the notification.
+ public ApplyTokenResponse([NotNull] ApplyTokenResponseContext context) : base(context) { }
+ }
+
+ ///
+ /// Represents an event called before the userinfo response is returned to the caller.
+ ///
+ public sealed class ApplyUserinfoResponse : OpenIddictServerEvent
+ {
+ ///
+ /// Creates a new instance of .
+ ///
+ /// The context instance associated with the notification.
+ public ApplyUserinfoResponse([NotNull] ApplyUserinfoResponseContext context) : base(context) { }
+ }
+
+ ///
+ /// Represents an event called when serializing an authorization code.
+ ///
+ public sealed class SerializeAuthorizationCode : OpenIddictServerEvent
+ {
+ ///
+ /// Creates a new instance of .
+ ///
+ /// The context instance associated with the notification.
+ public SerializeAuthorizationCode([NotNull] SerializeAuthorizationCodeContext context) : base(context) { }
+ }
+
+ ///
+ /// Represents an event called when serializing an access token.
+ ///
+ public sealed class SerializeAccessToken : OpenIddictServerEvent
+ {
+ ///
+ /// Creates a new instance of .
+ ///
+ /// The context instance associated with the notification.
+ public SerializeAccessToken([NotNull] SerializeAccessTokenContext context) : base(context) { }
+ }
+
+ ///
+ /// Represents an event called when serializing an identity token.
+ ///
+ public sealed class SerializeIdentityToken : OpenIddictServerEvent
+ {
+ ///
+ /// Creates a new instance of .
+ ///
+ /// The context instance associated with the notification.
+ public SerializeIdentityToken([NotNull] SerializeIdentityTokenContext context) : base(context) { }
+ }
+
+ ///
+ /// Represents an event called when serializing a refresh token.
+ ///
+ public sealed class SerializeRefreshToken : OpenIddictServerEvent
+ {
+ ///
+ /// Creates a new instance of .
+ ///
+ /// The context instance associated with the notification.
+ public SerializeRefreshToken([NotNull] SerializeRefreshTokenContext context) : base(context) { }
+ }
+
+ ///
+ /// Represents an event called when deserializing an authorization code.
+ ///
+ public sealed class DeserializeAuthorizationCode : OpenIddictServerEvent
+ {
+ ///
+ /// Creates a new instance of .
+ ///
+ /// The context instance associated with the notification.
+ public DeserializeAuthorizationCode([NotNull] DeserializeAuthorizationCodeContext context) : base(context) { }
+ }
+
+ ///
+ /// Represents an event called when deserializing an access token.
+ ///
+ public sealed class DeserializeAccessToken : OpenIddictServerEvent
+ {
+ ///
+ /// Creates a new instance of .
+ ///
+ /// The context instance associated with the notification.
+ public DeserializeAccessToken([NotNull] DeserializeAccessTokenContext context) : base(context) { }
+ }
+
+ ///
+ /// Represents an event called when deserializing an identity token.
+ ///
+ public sealed class DeserializeIdentityToken : OpenIddictServerEvent
+ {
+ ///
+ /// Creates a new instance of .
+ ///
+ /// The context instance associated with the notification.
+ public DeserializeIdentityToken([NotNull] DeserializeIdentityTokenContext context) : base(context) { }
+ }
+
+ ///
+ /// Represents an event called when deserializing a refresh token.
+ ///
+ public sealed class DeserializeRefreshToken : OpenIddictServerEvent
+ {
+ ///
+ /// Creates a new instance of .
+ ///
+ /// The context instance associated with the notification.
+ public DeserializeRefreshToken([NotNull] DeserializeRefreshTokenContext context) : base(context) { }
+ }
+ }
+}
diff --git a/src/OpenIddict.Server/OpenIddictServerExtensions.cs b/src/OpenIddict.Server/OpenIddictServerExtensions.cs
index 7a56f9f8..2b0f52f4 100644
--- a/src/OpenIddict.Server/OpenIddictServerExtensions.cs
+++ b/src/OpenIddict.Server/OpenIddictServerExtensions.cs
@@ -14,6 +14,7 @@ using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.DataProtection;
using Microsoft.Extensions.Caching.Distributed;
+using Microsoft.Extensions.DependencyInjection.Extensions;
using Microsoft.Extensions.Options;
using Microsoft.IdentityModel.Tokens;
using OpenIddict.Server;
@@ -36,6 +37,7 @@ namespace Microsoft.Extensions.DependencyInjection
}
builder.Services.AddAuthentication();
+ builder.Services.TryAddScoped();
return new OpenIddictServerBuilder(builder.Services);
}
@@ -210,18 +212,6 @@ namespace Microsoft.Extensions.DependencyInjection
options.Scopes.Add(OpenIdConnectConstants.Scopes.OfflineAccess);
}
- // If an application provider was registered, import the events into the main provider.
- if (options.ApplicationProvider != null)
- {
- var provider = options.Provider as OpenIddictServerProvider;
- if (provider == null)
- {
- throw new InvalidOperationException("The specified OpenID Connect server provider is not compatible.");
- }
-
- provider.Import(options.ApplicationProvider);
- }
-
return app.UseOpenIdConnectServer(options);
}
}
diff --git a/src/OpenIddict.Server/OpenIddictServerOptions.cs b/src/OpenIddict.Server/OpenIddictServerOptions.cs
index dc596aa4..18e4f4e8 100644
--- a/src/OpenIddict.Server/OpenIddictServerOptions.cs
+++ b/src/OpenIddict.Server/OpenIddictServerOptions.cs
@@ -33,12 +33,6 @@ namespace OpenIddict.Server
///
public bool AcceptAnonymousClients { get; set; }
- ///
- /// Gets or sets the user-provided that the OpenIddict server
- /// invokes to enable developer control over the entire authentication/authorization process.
- ///
- public OpenIdConnectServerProvider ApplicationProvider { get; set; }
-
///
/// Gets or sets the distributed cache used by OpenIddict. If no cache is explicitly
/// provided, the cache registered in the dependency injection container is used.
diff --git a/src/OpenIddict.Validation/IOpenIddictValidationEvent.cs b/src/OpenIddict.Validation/IOpenIddictValidationEvent.cs
new file mode 100644
index 00000000..4e8bc57a
--- /dev/null
+++ b/src/OpenIddict.Validation/IOpenIddictValidationEvent.cs
@@ -0,0 +1,7 @@
+namespace OpenIddict.Validation
+{
+ ///
+ /// Represents an OpenIddict validation event.
+ ///
+ public interface IOpenIddictValidationEvent { }
+}
diff --git a/src/OpenIddict.Validation/IOpenIddictValidationEventHandler.cs b/src/OpenIddict.Validation/IOpenIddictValidationEventHandler.cs
new file mode 100644
index 00000000..6bb304c5
--- /dev/null
+++ b/src/OpenIddict.Validation/IOpenIddictValidationEventHandler.cs
@@ -0,0 +1,25 @@
+using System.Threading;
+using System.Threading.Tasks;
+using JetBrains.Annotations;
+
+namespace OpenIddict.Validation
+{
+ ///
+ /// Represents a handler able to process events.
+ ///
+ /// The type of the events handled by this instance.
+ public interface IOpenIddictValidationEventHandler where TEvent : class, IOpenIddictValidationEvent
+ {
+ ///
+ /// Processes the event.
+ ///
+ /// The event to process.
+ ///
+ /// The that can be used to abort the operation.
+ ///
+ ///
+ /// A that can be used to monitor the asynchronous operation.
+ ///
+ Task HandleAsync([NotNull] TEvent notification, CancellationToken cancellationToken);
+ }
+}
diff --git a/src/OpenIddict.Validation/IOpenIddictValidationEventService.cs b/src/OpenIddict.Validation/IOpenIddictValidationEventService.cs
new file mode 100644
index 00000000..06ea4fd8
--- /dev/null
+++ b/src/OpenIddict.Validation/IOpenIddictValidationEventService.cs
@@ -0,0 +1,22 @@
+using System.Threading;
+using System.Threading.Tasks;
+using JetBrains.Annotations;
+
+namespace OpenIddict.Validation
+{
+ ///
+ /// Dispatches events by invoking the corresponding handlers.
+ ///
+ public interface IOpenIddictValidationEventService
+ {
+ ///
+ /// Publishes a new event.
+ ///
+ /// The type of the event to publish.
+ /// The event to publish.
+ /// The that can be used to abort the operation.
+ /// A that can be used to monitor the asynchronous operation.
+ Task PublishAsync([NotNull] TEvent notification, CancellationToken cancellationToken = default)
+ where TEvent : class, IOpenIddictValidationEvent;
+ }
+}
diff --git a/src/OpenIddict.Validation/Internal/OpenIddictValidationEvents.cs b/src/OpenIddict.Validation/Internal/OpenIddictValidationProvider.cs
similarity index 73%
rename from src/OpenIddict.Validation/Internal/OpenIddictValidationEvents.cs
rename to src/OpenIddict.Validation/Internal/OpenIddictValidationProvider.cs
index af18805d..630e011f 100644
--- a/src/OpenIddict.Validation/Internal/OpenIddictValidationEvents.cs
+++ b/src/OpenIddict.Validation/Internal/OpenIddictValidationProvider.cs
@@ -20,13 +20,21 @@ namespace OpenIddict.Validation
/// Provides the logic necessary to extract, validate and handle OAuth2 requests.
///
[EditorBrowsable(EditorBrowsableState.Never)]
- public class OpenIddictValidationEvents : OAuthValidationEvents
+ public class OpenIddictValidationProvider : OAuthValidationEvents
{
+ public override Task ApplyChallenge([NotNull] ApplyChallengeContext context)
+ => context.HttpContext.RequestServices.GetRequiredService()
+ .PublishAsync(new OpenIddictValidationEvents.ApplyChallenge(context));
+
+ public override Task CreateTicket([NotNull] CreateTicketContext context)
+ => context.HttpContext.RequestServices.GetRequiredService()
+ .PublishAsync(new OpenIddictValidationEvents.CreateTicket(context));
+
public override async Task DecryptToken([NotNull] DecryptTokenContext context)
{
var options = (OpenIddictValidationOptions) context.Options;
- var logger = context.HttpContext.RequestServices.GetRequiredService>();
+ var logger = context.HttpContext.RequestServices.GetRequiredService>();
if (options.UseReferenceTokens)
{
@@ -86,16 +94,16 @@ namespace OpenIddict.Validation
context.HandleResponse();
}
- await base.DecryptToken(context);
+ await context.HttpContext.RequestServices.GetRequiredService()
+ .PublishAsync(new OpenIddictValidationEvents.DecryptToken(context));
}
- public void Import([NotNull] OAuthValidationEvents events)
- {
- OnApplyChallenge = events.ApplyChallenge;
- OnCreateTicket = events.CreateTicket;
- OnDecryptToken = events.DecryptToken;
- OnRetrieveToken = events.RetrieveToken;
- OnValidateToken = events.ValidateToken;
- }
+ public override Task RetrieveToken([NotNull] RetrieveTokenContext context)
+ => context.HttpContext.RequestServices.GetRequiredService()
+ .PublishAsync(new OpenIddictValidationEvents.RetrieveToken(context));
+
+ public override Task ValidateToken([NotNull] ValidateTokenContext context)
+ => context.HttpContext.RequestServices.GetRequiredService()
+ .PublishAsync(new OpenIddictValidationEvents.ValidateToken(context));
}
}
diff --git a/src/OpenIddict.Validation/OpenIddictValidationBuilder.cs b/src/OpenIddict.Validation/OpenIddictValidationBuilder.cs
index be66ab92..c059e8a8 100644
--- a/src/OpenIddict.Validation/OpenIddictValidationBuilder.cs
+++ b/src/OpenIddict.Validation/OpenIddictValidationBuilder.cs
@@ -8,10 +8,10 @@ using System;
using System.ComponentModel;
using System.Linq;
using System.Reflection;
-using AspNet.Security.OAuth.Validation;
+using System.Threading;
+using System.Threading.Tasks;
using JetBrains.Annotations;
using Microsoft.AspNetCore.DataProtection;
-using Microsoft.Extensions.DependencyInjection.Extensions;
using OpenIddict.Validation;
namespace Microsoft.Extensions.DependencyInjection
@@ -41,6 +41,98 @@ namespace Microsoft.Extensions.DependencyInjection
[EditorBrowsable(EditorBrowsableState.Never)]
public IServiceCollection Services { get; }
+ ///
+ /// Registers an event handler for the specified event type.
+ ///
+ /// The handler added to the DI container.
+ /// The .
+ [EditorBrowsable(EditorBrowsableState.Advanced)]
+ public OpenIddictValidationBuilder AddEventHandler(
+ [NotNull] IOpenIddictValidationEventHandler handler)
+ where TEvent : class, IOpenIddictValidationEvent
+ {
+ if (handler == null)
+ {
+ throw new ArgumentNullException(nameof(handler));
+ }
+
+ Services.AddSingleton(handler);
+
+ return this;
+ }
+
+ ///
+ /// Registers an event handler for the specified event type.
+ ///
+ /// The handler added to the DI container.
+ /// The .
+ [EditorBrowsable(EditorBrowsableState.Advanced)]
+ public OpenIddictValidationBuilder AddEventHandler([NotNull] Func handler)
+ where TEvent : class, IOpenIddictValidationEvent
+ => AddEventHandler((notification, cancellationToken) => handler(notification));
+
+ ///
+ /// Registers an event handler for the specified event type.
+ ///
+ /// The handler added to the DI container.
+ /// The .
+ [EditorBrowsable(EditorBrowsableState.Advanced)]
+ public OpenIddictValidationBuilder AddEventHandler([NotNull] Func handler)
+ where TEvent : class, IOpenIddictValidationEvent
+ {
+ if (handler == null)
+ {
+ throw new ArgumentNullException(nameof(handler));
+ }
+
+ return AddEventHandler(new OpenIddictValidationEventHandler(handler));
+ }
+
+ ///
+ /// Registers an event handler for the specified event type.
+ ///
+ /// The type of the event.
+ /// The type of the handler.
+ /// The lifetime of the registered service.
+ /// The .
+ [EditorBrowsable(EditorBrowsableState.Advanced)]
+ public OpenIddictValidationBuilder AddEventHandler(
+ ServiceLifetime lifetime = ServiceLifetime.Scoped)
+ where TEvent : class, IOpenIddictValidationEvent
+ where THandler : IOpenIddictValidationEventHandler
+ => AddEventHandler(typeof(THandler));
+
+ ///
+ /// Registers an event handler for the specified event type.
+ ///
+ /// The type of the handler.
+ /// The lifetime of the registered service.
+ /// The .
+ [EditorBrowsable(EditorBrowsableState.Advanced)]
+ public OpenIddictValidationBuilder AddEventHandler(
+ [NotNull] Type type, ServiceLifetime lifetime = ServiceLifetime.Scoped)
+ where TEvent : class, IOpenIddictValidationEvent
+ {
+ if (type == null)
+ {
+ throw new ArgumentNullException(nameof(type));
+ }
+
+ if (lifetime == ServiceLifetime.Transient)
+ {
+ throw new ArgumentException("Handlers cannot be registered as transient services.", nameof(lifetime));
+ }
+
+ if (!typeof(IOpenIddictValidationEventHandler).IsAssignableFrom(type))
+ {
+ throw new ArgumentException("The specified type is invalid.", nameof(type));
+ }
+
+ Services.Add(new ServiceDescriptor(typeof(IOpenIddictValidationEventHandler), type, lifetime));
+
+ return this;
+ }
+
///
/// Amends the default OpenIddict validation configuration.
///
@@ -80,23 +172,6 @@ namespace Microsoft.Extensions.DependencyInjection
return Configure(options => options.Audiences.UnionWith(audiences));
}
- ///
- /// Registers application-specific OAuth2 validation events that are automatically
- /// invoked for each request handled by the OpenIddict validation handler.
- ///
- /// The custom service.
- /// The .
- [EditorBrowsable(EditorBrowsableState.Advanced)]
- public OpenIddictValidationBuilder RegisterEvents([NotNull] OAuthValidationEvents events)
- {
- if (events == null)
- {
- throw new ArgumentNullException(nameof(events));
- }
-
- return Configure(options => options.ApplicationEvents = events);
- }
-
///
/// Configures OpenIddict not to return the authentication error
/// details as part of the standard WWW-Authenticate response header.
@@ -143,4 +218,4 @@ namespace Microsoft.Extensions.DependencyInjection
public OpenIddictValidationBuilder UseReferenceTokens()
=> Configure(options => options.UseReferenceTokens = true);
}
-}
\ No newline at end of file
+}
diff --git a/src/OpenIddict.Validation/OpenIddictValidationEvent.cs b/src/OpenIddict.Validation/OpenIddictValidationEvent.cs
new file mode 100644
index 00000000..ec75eeb6
--- /dev/null
+++ b/src/OpenIddict.Validation/OpenIddictValidationEvent.cs
@@ -0,0 +1,24 @@
+using System;
+using JetBrains.Annotations;
+
+namespace OpenIddict.Validation
+{
+ ///
+ /// Represents an OpenIddict validation event.
+ ///
+ /// The type of the context instance associated with the event.
+ public class OpenIddictValidationEvent : IOpenIddictValidationEvent where TContext : class
+ {
+ ///
+ /// Creates a new instance of .
+ ///
+ /// The context instance associated with the event.
+ public OpenIddictValidationEvent([NotNull] TContext context)
+ => Context = context ?? throw new ArgumentNullException(nameof(context));
+
+ ///
+ /// Gets the context instance associated with the event.
+ ///
+ public TContext Context { get; }
+ }
+}
diff --git a/src/OpenIddict.Validation/OpenIddictValidationEventHandler.cs b/src/OpenIddict.Validation/OpenIddictValidationEventHandler.cs
new file mode 100644
index 00000000..896373e3
--- /dev/null
+++ b/src/OpenIddict.Validation/OpenIddictValidationEventHandler.cs
@@ -0,0 +1,46 @@
+using System;
+using System.Threading;
+using System.Threading.Tasks;
+using JetBrains.Annotations;
+
+namespace OpenIddict.Validation
+{
+ ///
+ /// Represents a handler able to process events.
+ ///
+ /// The type of the events handled by this instance.
+ public class OpenIddictValidationEventHandler : IOpenIddictValidationEventHandler
+ where TEvent : class, IOpenIddictValidationEvent
+ {
+ private readonly Func _handler;
+
+ ///
+ /// Creates a new event using the specified handler delegate.
+ ///
+ /// The event handler delegate
+ public OpenIddictValidationEventHandler([NotNull] Func handler)
+ => _handler = handler ?? throw new ArgumentNullException(nameof(handler));
+
+ ///
+ /// Processes the event.
+ ///
+ /// The event to process.
+ ///
+ /// The that can be used to abort the operation.
+ ///
+ ///
+ /// A that can be used to monitor the asynchronous operation.
+ ///
+ public async Task HandleAsync(TEvent notification, CancellationToken cancellationToken)
+ {
+ if (notification == null)
+ {
+ throw new ArgumentNullException(nameof(notification));
+ }
+
+ cancellationToken.ThrowIfCancellationRequested();
+
+ await _handler.Invoke(notification, cancellationToken);
+ }
+ }
+}
diff --git a/src/OpenIddict.Validation/OpenIddictValidationEventService.cs b/src/OpenIddict.Validation/OpenIddictValidationEventService.cs
new file mode 100644
index 00000000..4908a900
--- /dev/null
+++ b/src/OpenIddict.Validation/OpenIddictValidationEventService.cs
@@ -0,0 +1,64 @@
+using System;
+using System.Threading;
+using System.Threading.Tasks;
+using JetBrains.Annotations;
+using Microsoft.AspNetCore.Authentication;
+using Microsoft.Extensions.DependencyInjection;
+
+namespace OpenIddict.Validation
+{
+ ///
+ /// Dispatches notifications by invoking the corresponding handlers.
+ ///
+ public class OpenIddictValidationEventService : IOpenIddictValidationEventService
+ {
+ private readonly IServiceProvider _provider;
+
+ public OpenIddictValidationEventService([NotNull] IServiceProvider provider)
+ {
+ _provider = provider;
+ }
+
+ ///
+ /// Publishes a new event.
+ ///
+ /// The type of the event to publish.
+ /// The event to publish.
+ /// The that can be used to abort the operation.
+ /// A that can be used to monitor the asynchronous operation.
+ public async Task PublishAsync([NotNull] TEvent notification, CancellationToken cancellationToken = default)
+ where TEvent : class, IOpenIddictValidationEvent
+ {
+ if (notification == null)
+ {
+ throw new ArgumentNullException(nameof(notification));
+ }
+
+ foreach (var handler in _provider.GetServices>())
+ {
+ cancellationToken.ThrowIfCancellationRequested();
+
+ await handler.HandleAsync(notification, cancellationToken);
+
+ // Note: the following logic determines whether next handlers should be invoked
+ // depending on whether the underlying event context was substantially updated.
+ switch (notification)
+ {
+ case OpenIddictValidationEvents.ApplyChallenge value when value.Context.State != EventResultState.Continue: return;
+
+ case OpenIddictValidationEvents.CreateTicket value when value.Context.State != EventResultState.Continue: return;
+ case OpenIddictValidationEvents.CreateTicket value when value.Context.Ticket == null: return;
+
+ case OpenIddictValidationEvents.DecryptToken value when value.Context.State != EventResultState.Continue: return;
+ case OpenIddictValidationEvents.DecryptToken value when value.Context.Ticket != null: return;
+
+ case OpenIddictValidationEvents.RetrieveToken value when value.Context.State != EventResultState.Continue: return;
+ case OpenIddictValidationEvents.RetrieveToken value when value.Context.Ticket != null: return;
+
+ case OpenIddictValidationEvents.ValidateToken value when value.Context.State != EventResultState.Continue: return;
+ case OpenIddictValidationEvents.ValidateToken value when value.Context.Ticket == null: return;
+ }
+ }
+ }
+ }
+}
diff --git a/src/OpenIddict.Validation/OpenIddictValidationEvents.cs b/src/OpenIddict.Validation/OpenIddictValidationEvents.cs
new file mode 100644
index 00000000..333bb7bd
--- /dev/null
+++ b/src/OpenIddict.Validation/OpenIddictValidationEvents.cs
@@ -0,0 +1,71 @@
+using AspNet.Security.OAuth.Validation;
+using JetBrains.Annotations;
+
+namespace OpenIddict.Validation
+{
+ ///
+ /// Contains common events used by the OpenIddict validation handler.
+ ///
+ public static class OpenIddictValidationEvents
+ {
+ ///
+ /// Invoked when a challenge response is returned to the caller.
+ ///
+ public sealed class ApplyChallenge : OpenIddictValidationEvent
+ {
+ ///
+ /// Creates a new instance of .
+ ///
+ /// The context instance associated with the notification.
+ public ApplyChallenge([NotNull] ApplyChallengeContext context) : base(context) { }
+ }
+
+ ///
+ /// Invoked when a ticket is to be created from an introspection response.
+ ///
+ public sealed class CreateTicket : OpenIddictValidationEvent
+ {
+ ///
+ /// Creates a new instance of .
+ ///
+ /// The context instance associated with the notification.
+ public CreateTicket([NotNull] CreateTicketContext context) : base(context) { }
+ }
+
+ ///
+ /// Invoked when a token is to be decrypted.
+ ///
+ public sealed class DecryptToken : OpenIddictValidationEvent
+ {
+ ///
+ /// Creates a new instance of .
+ ///
+ /// The context instance associated with the notification.
+ public DecryptToken([NotNull] DecryptTokenContext context) : base(context) { }
+ }
+
+ ///
+ /// Invoked when a token is to be parsed from a newly-received request.
+ ///
+ public sealed class RetrieveToken : OpenIddictValidationEvent
+ {
+ ///
+ /// Creates a new instance of .
+ ///
+ /// The context instance associated with the notification.
+ public RetrieveToken([NotNull] RetrieveTokenContext context) : base(context) { }
+ }
+
+ ///
+ /// Invoked when a token is to be validated, before final processing.
+ ///
+ public sealed class ValidateToken : OpenIddictValidationEvent
+ {
+ ///
+ /// Creates a new instance of .
+ ///
+ /// The context instance associated with the notification.
+ public ValidateToken([NotNull] ValidateTokenContext context) : base(context) { }
+ }
+ }
+}
diff --git a/src/OpenIddict.Validation/OpenIddictValidationExtensions.cs b/src/OpenIddict.Validation/OpenIddictValidationExtensions.cs
index 66f61287..bbcac8d4 100644
--- a/src/OpenIddict.Validation/OpenIddictValidationExtensions.cs
+++ b/src/OpenIddict.Validation/OpenIddictValidationExtensions.cs
@@ -9,6 +9,7 @@ using JetBrains.Annotations;
using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.DataProtection;
+using Microsoft.Extensions.DependencyInjection.Extensions;
using Microsoft.Extensions.Options;
using OpenIddict.Validation;
@@ -33,6 +34,7 @@ namespace Microsoft.Extensions.DependencyInjection
}
builder.Services.AddAuthentication();
+ builder.Services.TryAddScoped();
return new OpenIddictValidationBuilder(builder.Services);
}
@@ -94,18 +96,6 @@ namespace Microsoft.Extensions.DependencyInjection
options.AccessTokenFormat = new TicketDataFormat(protector);
}
- // If application events have been registered, import the events into the main provider.
- if (options.ApplicationEvents != null)
- {
- var events = options.Events as OpenIddictValidationEvents;
- if (events == null)
- {
- throw new InvalidOperationException("The specified OAuth2 validation events are not compatible.");
- }
-
- events.Import(options.ApplicationEvents);
- }
-
return app.UseOAuthValidation(options);
}
}
diff --git a/src/OpenIddict.Validation/OpenIddictValidationOptions.cs b/src/OpenIddict.Validation/OpenIddictValidationOptions.cs
index cc275271..3e7d097e 100644
--- a/src/OpenIddict.Validation/OpenIddictValidationOptions.cs
+++ b/src/OpenIddict.Validation/OpenIddictValidationOptions.cs
@@ -4,7 +4,6 @@
* the license and the contributors participating to this project.
*/
-using System;
using AspNet.Security.OAuth.Validation;
namespace OpenIddict.Validation
@@ -19,15 +18,9 @@ namespace OpenIddict.Validation
///
public OpenIddictValidationOptions()
{
- Events = new OpenIddictValidationEvents();
+ Events = new OpenIddictValidationProvider();
}
- ///
- /// Gets or sets the user-provided that the OpenIddict
- /// validation handler invokes to enable developer control over the entire authentication process.
- ///
- public OAuthValidationEvents ApplicationEvents { get; set; }
-
///
/// Gets or sets a boolean indicating whether reference tokens are used.
///
diff --git a/test/OpenIddict.Server.Tests/OpenIddictServerBuilderTests.cs b/test/OpenIddict.Server.Tests/OpenIddictServerBuilderTests.cs
index 9b30edf4..f5ca73a5 100644
--- a/test/OpenIddict.Server.Tests/OpenIddictServerBuilderTests.cs
+++ b/test/OpenIddict.Server.Tests/OpenIddictServerBuilderTests.cs
@@ -7,8 +7,9 @@
using System;
using System.IdentityModel.Tokens.Jwt;
using System.Reflection;
+using System.Threading;
+using System.Threading.Tasks;
using AspNet.Security.OpenIdConnect.Primitives;
-using AspNet.Security.OpenIdConnect.Server;
using Microsoft.AspNetCore.DataProtection;
using Microsoft.AspNetCore.Http;
using Microsoft.Extensions.DependencyInjection;
@@ -16,11 +17,63 @@ using Microsoft.Extensions.Options;
using Microsoft.IdentityModel.Tokens;
using Moq;
using Xunit;
+using static OpenIddict.Server.OpenIddictServerEvents;
namespace OpenIddict.Server.Tests
{
public class OpenIddictServerBuilderTests
{
+ [Fact]
+ public void AddEventHandler_HandlerIsAttached()
+ {
+ // Arrange
+ var services = CreateServices();
+ var builder = CreateBuilder(services);
+ var handler = new OpenIddictServerEventHandler(
+ (notification, cancellationToken) => Task.FromResult(0));
+
+ // Act
+ builder.AddEventHandler(handler);
+
+ // Assert
+ Assert.Contains(services, service =>
+ service.ServiceType == typeof(IOpenIddictServerEventHandler) &&
+ service.ImplementationInstance == handler);
+ }
+
+ [Fact]
+ public void AddEventHandler_ThrowsAnExceptionForInvalidHandlerType()
+ {
+ // Arrange
+ var services = CreateServices();
+ var builder = CreateBuilder(services);
+
+ // Act and assert
+ var exception = Assert.Throws(delegate
+ {
+ return builder.AddEventHandler(typeof(object));
+ });
+
+ Assert.Equal("type", exception.ParamName);
+ Assert.StartsWith("The specified type is invalid.", exception.Message);
+ }
+
+ [Fact]
+ public void AddEventHandler_HandlerIsRegistered()
+ {
+ // Arrange
+ var services = CreateServices();
+ var builder = CreateBuilder(services);
+
+ // Act
+ builder.AddEventHandler();
+
+ // Assert
+ Assert.Contains(services, service =>
+ service.ServiceType == typeof(IOpenIddictServerEventHandler) &&
+ service.ImplementationType == typeof(CustomHandler));
+ }
+
[Fact]
public void Configure_OptionsAreCorrectlyAmended()
{
@@ -583,22 +636,6 @@ namespace OpenIddict.Server.Tests
Assert.Equal(new Uri("http://www.fabrikam.com/"), options.Issuer);
}
- [Fact]
- public void RegisterProvider_ProviderIsAttached()
- {
- // Arrange
- var services = CreateServices();
- var builder = CreateBuilder(services);
-
- // Act
- builder.RegisterProvider(new OpenIdConnectServerProvider());
-
- var options = GetOptions(services);
-
- // Assert
- Assert.NotNull(options.ApplicationProvider);
- }
-
[Fact]
public void RegisterClaims_ClaimsAreAdded()
{
@@ -703,5 +740,12 @@ namespace OpenIddict.Server.Tests
var options = provider.GetRequiredService>();
return options.Value;
}
+
+ public class CustomHandler : OpenIddictServerEventHandler
+ {
+ public CustomHandler(Func handler) : base(handler)
+ {
+ }
+ }
}
}
diff --git a/test/OpenIddict.Validation.Tests/Internal/OpenIddictValidationEventsTests.cs b/test/OpenIddict.Validation.Tests/Internal/OpenIddictValidationProviderTests.cs
similarity index 99%
rename from test/OpenIddict.Validation.Tests/Internal/OpenIddictValidationEventsTests.cs
rename to test/OpenIddict.Validation.Tests/Internal/OpenIddictValidationProviderTests.cs
index dd464132..3cea76f5 100644
--- a/test/OpenIddict.Validation.Tests/Internal/OpenIddictValidationEventsTests.cs
+++ b/test/OpenIddict.Validation.Tests/Internal/OpenIddictValidationProviderTests.cs
@@ -35,7 +35,7 @@ using Xunit;
namespace OpenIddict.Validation.Tests
{
- public class OpenIddictValidationEventsTests
+ public class OpenIddictValidationProviderTests
{
[Fact]
public async Task DecryptToken_ThrowsAnExceptionWhenTokenManagerIsNotRegistered()
diff --git a/test/OpenIddict.Validation.Tests/OpenIddictValidationBuilderTests.cs b/test/OpenIddict.Validation.Tests/OpenIddictValidationBuilderTests.cs
index 76fba718..264ca19c 100644
--- a/test/OpenIddict.Validation.Tests/OpenIddictValidationBuilderTests.cs
+++ b/test/OpenIddict.Validation.Tests/OpenIddictValidationBuilderTests.cs
@@ -4,62 +4,100 @@
* the license and the contributors participating to this project.
*/
-using AspNet.Security.OAuth.Validation;
+using System;
+using System.Threading;
+using System.Threading.Tasks;
using Microsoft.AspNetCore.DataProtection;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Options;
using Xunit;
+using static OpenIddict.Validation.OpenIddictValidationEvents;
namespace OpenIddict.Validation.Tests
{
public class OpenIddictValidationBuilderTests
{
[Fact]
- public void Configure_OptionsAreCorrectlyAmended()
+ public void AddEventHandler_HandlerIsAttached()
{
// Arrange
var services = CreateServices();
var builder = CreateBuilder(services);
+ var handler = new OpenIddictValidationEventHandler(
+ (notification, cancellationToken) => Task.FromResult(0));
// Act
- builder.Configure(configuration => configuration.ClaimsIssuer = "custom_issuer");
+ builder.AddEventHandler(handler);
- var options = GetOptions(services);
+ // Assert
+ Assert.Contains(services, service =>
+ service.ServiceType == typeof(IOpenIddictValidationEventHandler) &&
+ service.ImplementationInstance == handler);
+ }
+
+ [Fact]
+ public void AddEventHandler_ThrowsAnExceptionForInvalidHandlerType()
+ {
+ // Arrange
+ var services = CreateServices();
+ var builder = CreateBuilder(services);
+
+ // Act and assert
+ var exception = Assert.Throws(delegate
+ {
+ return builder.AddEventHandler(typeof(object));
+ });
+
+ Assert.Equal("type", exception.ParamName);
+ Assert.StartsWith("The specified type is invalid.", exception.Message);
+ }
+
+ [Fact]
+ public void AddEventHandler_HandlerIsRegistered()
+ {
+ // Arrange
+ var services = CreateServices();
+ var builder = CreateBuilder(services);
+
+ // Act
+ builder.AddEventHandler();
// Assert
- Assert.Equal("custom_issuer", options.ClaimsIssuer);
+ Assert.Contains(services, service =>
+ service.ServiceType == typeof(IOpenIddictValidationEventHandler) &&
+ service.ImplementationType == typeof(CustomHandler));
}
[Fact]
- public void AddAudiences_AudiencesAreAdded()
+ public void Configure_OptionsAreCorrectlyAmended()
{
// Arrange
var services = CreateServices();
var builder = CreateBuilder(services);
// Act
- builder.AddAudiences("Fabrikam", "Contoso");
+ builder.Configure(configuration => configuration.ClaimsIssuer = "custom_issuer");
var options = GetOptions(services);
// Assert
- Assert.Equal(new[] { "Fabrikam", "Contoso" }, options.Audiences);
+ Assert.Equal("custom_issuer", options.ClaimsIssuer);
}
[Fact]
- public void RegisterEvents_EventsAreAttached()
+ public void AddAudiences_AudiencesAreAdded()
{
// Arrange
var services = CreateServices();
var builder = CreateBuilder(services);
// Act
- builder.RegisterEvents(new OAuthValidationEvents());
+ builder.AddAudiences("Fabrikam", "Contoso");
var options = GetOptions(services);
// Assert
- Assert.NotNull(options.ApplicationEvents);
+ Assert.Equal(new[] { "Fabrikam", "Contoso" }, options.Audiences);
}
[Fact]
@@ -137,5 +175,12 @@ namespace OpenIddict.Validation.Tests
var provider = services.BuildServiceProvider();
return provider.GetRequiredService>().Value;
}
+
+ public class CustomHandler : OpenIddictValidationEventHandler
+ {
+ public CustomHandler(Func handler) : base(handler)
+ {
+ }
+ }
}
}