From 739e710d042be0327d3d2b5e276ec8e8aec82e74 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?K=C3=A9vin=20Chalet?= Date: Sun, 5 Mar 2023 15:02:15 +0100 Subject: [PATCH] Remove the try/catch around WebAuthenticationBroker.AuthenticateAsync() --- ...ystemIntegrationHandlers.Authentication.cs | 109 ++++++++---------- 1 file changed, 48 insertions(+), 61 deletions(-) diff --git a/src/OpenIddict.Client.SystemIntegration/OpenIddictClientSystemIntegrationHandlers.Authentication.cs b/src/OpenIddict.Client.SystemIntegration/OpenIddictClientSystemIntegrationHandlers.Authentication.cs index f5cf6520..e24c3814 100644 --- a/src/OpenIddict.Client.SystemIntegration/OpenIddictClientSystemIntegrationHandlers.Authentication.cs +++ b/src/OpenIddict.Client.SystemIntegration/OpenIddictClientSystemIntegrationHandlers.Authentication.cs @@ -98,70 +98,57 @@ public static partial class OpenIddictClientSystemIntegrationHandlers // doesn't return until the specified callback URI is reached or the modal closed by the user. // To accomodate OpenIddict's model, successful results are processed as any other callback request. - try + // Note: IAsyncOperation.AsTask(context.CancellationToken) is deliberately not used here as + // the asynchronous operation returned by the web authentication broker is not cancellable. + switch (await WebAuthenticationBroker.AuthenticateAsync( + options : WebAuthenticationOptions.None, + requestUri : OpenIddictHelpers.AddQueryStringParameters( + uri: new Uri(context.AuthorizationEndpoint, UriKind.Absolute), + parameters: context.Transaction.Request.GetParameters().ToDictionary( + parameter => parameter.Key, + parameter => new StringValues((string?[]?) parameter.Value))), + callbackUri: new Uri(context.RedirectUri, UriKind.Absolute))) { - // Note: IAsyncOperation.AsTask(context.CancellationToken) is deliberately not used here as - // the asynchronous operation returned by the web authentication broker is not cancellable. - switch (await WebAuthenticationBroker.AuthenticateAsync( - options : WebAuthenticationOptions.None, - requestUri : OpenIddictHelpers.AddQueryStringParameters( - uri: new Uri(context.AuthorizationEndpoint, UriKind.Absolute), - parameters: context.Transaction.Request.GetParameters().ToDictionary( - parameter => parameter.Key, - parameter => new StringValues((string?[]?) parameter.Value))), - callbackUri: new Uri(context.RedirectUri, UriKind.Absolute))) - { - case { ResponseStatus: WebAuthenticationStatus.Success } result: - await _service.HandleWebAuthenticationResultAsync(result, context.CancellationToken); - context.HandleRequest(); - return; - - // Since the result of this operation is known by the time WebAuthenticationBroker.AuthenticateAsync() - // returns, some errors can directly be handled and surfaced here, as part of the challenge handling. - - case { ResponseStatus: WebAuthenticationStatus.UserCancel }: - context.Reject( - error: Errors.AccessDenied, - description: SR.GetResourceString(SR.ID2149), - uri: SR.FormatID8000(SR.ID2149)); - - return; - - case { ResponseStatus: WebAuthenticationStatus.ErrorHttp } result: - context.Reject( - error: result.ResponseErrorDetail switch - { - 400 => Errors.InvalidRequest, - 401 => Errors.InvalidToken, - 403 => Errors.InsufficientAccess, - 429 => Errors.SlowDown, - 500 => Errors.ServerError, - 503 => Errors.TemporarilyUnavailable, - _ => Errors.ServerError - }, - description: SR.FormatID2161(result.ResponseErrorDetail), - uri: SR.FormatID8000(SR.ID2161)); - - return; - - default: - context.Reject( - error: Errors.ServerError, - description: SR.GetResourceString(SR.ID2136), - uri: SR.FormatID8000(SR.ID2136)); - - return; - } - } + case { ResponseStatus: WebAuthenticationStatus.Success } result: + await _service.HandleWebAuthenticationResultAsync(result, context.CancellationToken); + context.HandleRequest(); + return; - catch - { - context.Reject( - error: Errors.ServerError, - description: SR.GetResourceString(SR.ID2136), - uri: SR.FormatID8000(SR.ID2136)); + // Since the result of this operation is known by the time WebAuthenticationBroker.AuthenticateAsync() + // returns, some errors can directly be handled and surfaced here, as part of the challenge handling. - return; + case { ResponseStatus: WebAuthenticationStatus.UserCancel }: + context.Reject( + error: Errors.AccessDenied, + description: SR.GetResourceString(SR.ID2149), + uri: SR.FormatID8000(SR.ID2149)); + + return; + + case { ResponseStatus: WebAuthenticationStatus.ErrorHttp } result: + context.Reject( + error: result.ResponseErrorDetail switch + { + 400 => Errors.InvalidRequest, + 401 => Errors.InvalidToken, + 403 => Errors.InsufficientAccess, + 429 => Errors.SlowDown, + 500 => Errors.ServerError, + 503 => Errors.TemporarilyUnavailable, + _ => Errors.ServerError + }, + description: SR.FormatID2161(result.ResponseErrorDetail), + uri: SR.FormatID8000(SR.ID2161)); + + return; + + default: + context.Reject( + error: Errors.ServerError, + description: SR.GetResourceString(SR.ID2136), + uri: SR.FormatID8000(SR.ID2136)); + + return; } #else throw new PlatformNotSupportedException(SR.GetResourceString(SR.ID0392));