tsai
/
openiddict-core
mirror of https://github.com/openiddict/openiddict-core.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Versatile OpenID Connect stack for ASP.NET Core and Microsoft.Owin (compatible with ASP.NET 4.6.1)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
980 Commits
2 Branches
79 Tags
29 MiB
 
 
 
 
 
 
Tree: 62f3e6ff85
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '62f3e6ff85'
${ noResults }
openiddict-core/src/OpenIddict.Client/OpenIddictClientHandlers.Ex...

73 lines
3.0 KiB
Raw Blame History

/*
* Licensed under the Apache License, Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0)
* See https://github.com/openiddict/openiddict-core for more information concerning
* the license and the contributors participating to this project.
*/
using System.Collections.Immutable;
using System.Text.Json;
namespace OpenIddict.Client;
public static partial class OpenIddictClientHandlers
{
public static class Exchange
{
public static ImmutableArray<OpenIddictClientHandlerDescriptor> DefaultHandlers { get; } = ImmutableArray.Create(
/*
* Token response handling:
*/
HandleErrorResponse<HandleTokenResponseContext>.Descriptor,
ValidateWellKnownParameters.Descriptor);
/// <summary>
/// Contains the logic responsible of validating the well-known parameters contained in the token response.
/// </summary>
public class ValidateWellKnownParameters : IOpenIddictClientHandler<HandleTokenResponseContext>
{
/// <summary>
/// Gets the default descriptor definition assigned to this handler.
/// </summary>
public static OpenIddictClientHandlerDescriptor Descriptor { get; }
= OpenIddictClientHandlerDescriptor.CreateBuilder<HandleTokenResponseContext>()
.UseSingletonHandler<ValidateWellKnownParameters>()
.SetOrder(int.MinValue + 100_000)
.SetType(OpenIddictClientHandlerType.BuiltIn)
.Build();
/// <inheritdoc/>
public ValueTask HandleAsync(HandleTokenResponseContext context!!)
{
foreach (var parameter in context.Response.GetParameters())
{
if (ValidateParameterType(parameter.Key, parameter.Value.Value))
{
continue;
}
context.Reject(
error: Errors.ServerError,
description: SR.FormatID2107(parameter.Key),
uri: SR.FormatID8000(SR.ID2107));
return default;
}
return default;
static bool ValidateParameterType(string name, object? value) => name switch
{
// The 'expires_in' parameter MUST be formatted as a numeric date value.
Parameters.ExpiresIn => value is long or JsonElement { ValueKind: JsonValueKind.Number },
// The 'access_token', 'id_token' and 'refresh_token' parameters MUST be formatted as unique strings.
Parameters.AccessToken or Parameters.IdToken or Parameters.RefreshToken
=> value is string or JsonElement { ValueKind: JsonValueKind.String },
// Parameters that are not in the well-known list can be of any type.
_ => true
};
}
}
}
}