D4VID
/
oauth-server
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'e6e6c73471'
${ noResults }
oauth-server/OAuthServer/Controllers/OAuthController.cs

78 lines
2.5 KiB
Raw Blame History

using System.ComponentModel.DataAnnotations;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using OAuthServer.Services;
namespace OAuthServer.Controllers;
[ApiController]
[Route("oauth")]
public class OAuthController : ControllerBase {
private readonly ILogger<OAuthController> _logger;
private readonly JwtService _jwt;
public OAuthController(ILogger<OAuthController> logger, JwtService jwt) {
_logger = logger;
_jwt = jwt;
}
[Authorize]
[HttpGet("authorize")]
// ReSharper disable InconsistentNaming
public ActionResult Authorize(
[Required, Url] string redirect_uri,
string response_type,
string client_id,
string state
) {
if (string.IsNullOrEmpty(response_type) || string.IsNullOrEmpty(client_id) || string.IsNullOrEmpty(state)) {
return Redirect($"{redirect_uri}?error=invalid_request");
}
if (response_type != "code") {
return Redirect($"{redirect_uri}?error=unsupported_response_type&state={state}");
}
if (client_id != "lmao") {
return Redirect($"{redirect_uri}?error=access_denied&error_description=Invalid+client+id&state={state}");
}
// TODO: generate code
string code = Guid.NewGuid().ToString();
return Redirect($"{redirect_uri}?code={code}&state={state}");
}
public record GenerateTokenRequest(
string? grant_type,
string? code,
string? redirect_uri,
string? client_id,
string? client_secret
);
[HttpPost("token")]
[Consumes("application/x-www-form-urlencoded")]
public ActionResult GenerateToken([FromForm] GenerateTokenRequest request) {
if (string.IsNullOrEmpty(request.grant_type) || string.IsNullOrEmpty(request.code) ||
string.IsNullOrEmpty(request.redirect_uri) ||
string.IsNullOrEmpty(request.client_id)) {
return BadRequest(new {error = "invalid_request"});
}
if (request.grant_type != "authorization_code") {
return BadRequest(new {error = "unsupported_grant_type"});
}
if (request.client_id != "lmao") {
return BadRequest(new {error = "invalid_client"});
}
string token = _jwt.GenerateToken();
Response.Headers.Append("Cache-Control", "no-store");
Response.Headers.Append("Pragma", "no-cache");
return Ok(new {access_token = token, token_type = "bearer"});
}
}
Reference in new issue View Git Blame Copy Permalink