forked from openiddict/openiddict-core
-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathOpenIddictClientOwinHandlers.Session.cs
More file actions
92 lines (79 loc) · 4.12 KB
/
OpenIddictClientOwinHandlers.Session.cs
File metadata and controls
92 lines (79 loc) · 4.12 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
/*
* Licensed under the Apache License, Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0)
* See https://github.com/openiddict/openiddict-core for more information concerning
* the license and the contributors participating to this project.
*/
using System.Collections.Immutable;
using Owin;
namespace OpenIddict.Client.Owin;
public static partial class OpenIddictClientOwinHandlers
{
public static class Session
{
public static ImmutableArray<OpenIddictClientHandlerDescriptor> DefaultHandlers { get; } =
[
/*
* End session request processing:
*/
ProcessQueryRequest.Descriptor,
/*
* Post-logout redirection request extraction:
*/
ExtractGetOrPostRequest<ExtractPostLogoutRedirectionRequestContext>.Descriptor,
/*
* Post-logout redirection request handling:
*/
EnablePassthroughMode<HandlePostLogoutRedirectionRequestContext, RequirePostLogoutRedirectionEndpointPassthroughEnabled>.Descriptor,
/*
* Post-logout redirection response handling:
*/
AttachHttpResponseCode<ApplyPostLogoutRedirectionResponseContext>.Descriptor,
AttachCacheControlHeader<ApplyPostLogoutRedirectionResponseContext>.Descriptor,
ProcessPassthroughErrorResponse<ApplyPostLogoutRedirectionResponseContext, RequirePostLogoutRedirectionEndpointPassthroughEnabled>.Descriptor,
ProcessLocalErrorResponse<ApplyPostLogoutRedirectionResponseContext>.Descriptor
];
/// <summary>
/// Contains the logic responsible for processing end session requests using 302 redirects.
/// Note: this handler is not used when the OpenID Connect request is not initially handled by OWIN.
/// </summary>
public sealed class ProcessQueryRequest : IOpenIddictClientHandler<ApplyEndSessionRequestContext>
{
/// <summary>
/// Gets the default descriptor definition assigned to this handler.
/// </summary>
public static OpenIddictClientHandlerDescriptor Descriptor { get; }
= OpenIddictClientHandlerDescriptor.CreateBuilder<ApplyEndSessionRequestContext>()
.AddFilter<RequireOwinRequest>()
.UseSingletonHandler<ProcessQueryRequest>()
.SetOrder(250_000)
.SetType(OpenIddictClientHandlerType.BuiltIn)
.Build();
/// <inheritdoc/>
public ValueTask HandleAsync(ApplyEndSessionRequestContext context)
{
ArgumentNullException.ThrowIfNull(context);
// This handler only applies to OWIN requests. If the HTTP context cannot be resolved,
// this may indicate that the request was incorrectly processed by another server stack.
var response = context.Transaction.GetOwinRequest()?.Context.Response ??
throw new InvalidOperationException(SR.GetResourceString(SR.ID0120));
var location = context.EndSessionEndpoint;
// Note: while initially not allowed by the core OAuth 2.0 specification, multiple parameters
// with the same name are used by derived drafts like the OAuth 2.0 token exchange specification.
// For consistency, multiple parameters with the same name are also supported by this endpoint.
foreach (var (key, value) in
from parameter in context.Request.GetParameters()
let values = (ImmutableArray<string?>?) parameter.Value
where values is not null
from value in values.GetValueOrDefault()
where !string.IsNullOrEmpty(value)
select (parameter.Key, Value: value))
{
location = WebUtilities.AddQueryString(location, key, value);
}
response.Redirect(location);
context.HandleRequest();
return ValueTask.CompletedTask;
}
}
}
}