@@ -38,22 +38,20 @@ protected override async Task<AuthenticationTicket> CreateTicketAsync(
3838 var principal = new ClaimsPrincipal ( identity ) ;
3939 var ticket = new AuthenticationTicket ( principal , properties , Scheme . Name ) ;
4040
41- // Return the authentication ticket as-is if the
42- // user information endpoint has not been set.
41+ // Return the authentication ticket as-is if the user information endpoint has not been set.
4342 if ( string . IsNullOrEmpty ( Options . UserInformationEndpoint ) )
4443 {
4544 Logger . LogInformation ( "The userinfo request was skipped because no userinfo endpoint was configured." ) ;
4645
47- return ticket ;
46+ return await RunAuthenticatedEventAsync ( ) ;
4847 }
4948
50- // Return the authentication ticket as-is
51- // if the application key has not been set.
49+ // Return the authentication ticket as-is if the application key has not been set.
5250 if ( string . IsNullOrEmpty ( Options . ApplicationKey ) )
5351 {
5452 Logger . LogInformation ( "The userinfo request was skipped because no application key was configured." ) ;
5553
56- return ticket ;
54+ return await RunAuthenticatedEventAsync ( ) ;
5755 }
5856
5957 // Note: prior to April 2018, the Steam identifier was prefixed with an HTTP base address.
@@ -68,12 +66,12 @@ protected override async Task<AuthenticationTicket> CreateTicketAsync(
6866 identifier = identifier . Substring ( SteamAuthenticationConstants . Namespaces . LegacyIdentifier . Length ) ;
6967 }
7068
71- // Return the authentication ticket as-is if the claimed identifier is malformed.
69+ // Prevent the sign-in operation from completing if the claimed identifier is malformed.
7270 else
7371 {
7472 Logger . LogWarning ( "The userinfo request was skipped because an invalid identifier was received: {Identifier}." , identifier ) ;
7573
76- return ticket ;
74+ throw new InvalidOperationException ( $ "The OpenID claimed identifier ' { identifier } ' is not valid." ) ;
7775 }
7876
7977 var address = QueryHelpers . AddQueryString ( Options . UserInformationEndpoint , new Dictionary < string , string >
@@ -95,7 +93,7 @@ protected override async Task<AuthenticationTicket> CreateTicketAsync(
9593 /* Headers: */ response . Headers . ToString ( ) ,
9694 /* Body: */ await response . Content . ReadAsStringAsync ( ) ) ;
9795
98- return ticket ;
96+ throw new HttpRequestException ( "An error occurred while retrieving the user profile from Steam." ) ;
9997 }
10098
10199 var payload = JObject . Parse ( await response . Content . ReadAsStringAsync ( ) ) ;
@@ -110,22 +108,27 @@ protected override async Task<AuthenticationTicket> CreateTicketAsync(
110108 identity . AddClaim ( new Claim ( ClaimTypes . Name , profile , ClaimValueTypes . String , Options . ClaimsIssuer ) ) ;
111109 }
112110
113- var context = new OpenIdAuthenticatedContext ( Context , Scheme , Options , ticket )
114- {
115- User = payload
116- } ;
111+ return await RunAuthenticatedEventAsync ( payload ) ;
117112
118- // Copy the attributes to the context object.
119- foreach ( var attribute in attributes )
113+ async Task < AuthenticationTicket > RunAuthenticatedEventAsync ( JObject user = null )
120114 {
121- context . Attributes . Add ( attribute ) ;
115+ var context = new OpenIdAuthenticatedContext ( Context , Scheme , Options , ticket )
116+ {
117+ User = user ?? new JObject ( )
118+ } ;
119+
120+ // Copy the attributes to the context object.
121+ foreach ( var attribute in attributes )
122+ {
123+ context . Attributes . Add ( attribute ) ;
124+ }
125+
126+ await Events . Authenticated ( context ) ;
127+
128+ // Note: return the authentication ticket associated
129+ // with the notification to allow replacing the ticket.
130+ return context . Ticket ;
122131 }
123-
124- await Events . Authenticated ( context ) ;
125-
126- // Note: return the authentication ticket associated
127- // with the notification to allow replacing the ticket.
128- return context . Ticket ;
129132 }
130133
131134 private new OpenIdAuthenticationEvents Events => ( OpenIdAuthenticationEvents ) base . Events ;
0 commit comments