49 lines
1.6 KiB
C#
49 lines
1.6 KiB
C#
// Copyright (c) Duende Software. All rights reserved.
|
|
// See LICENSE in the project root for license information.
|
|
|
|
using Duende.IdentityServer.Services;
|
|
using Microsoft.AspNetCore.Authentication;
|
|
using Microsoft.AspNetCore.Authorization;
|
|
using Microsoft.AspNetCore.Mvc;
|
|
using Microsoft.AspNetCore.Mvc.RazorPages;
|
|
|
|
namespace Microser.IdS.Pages.ExternalLogin
|
|
{
|
|
[AllowAnonymous]
|
|
[SecurityHeaders]
|
|
public class Challenge : PageModel
|
|
{
|
|
private readonly IIdentityServerInteractionService _interactionService;
|
|
|
|
public Challenge(IIdentityServerInteractionService interactionService)
|
|
{
|
|
_interactionService = interactionService;
|
|
}
|
|
|
|
public IActionResult OnGet(string scheme, string? returnUrl)
|
|
{
|
|
if (string.IsNullOrEmpty(returnUrl)) returnUrl = "~/";
|
|
|
|
// validate returnUrl - either it is a valid OIDC URL or back to a local page
|
|
if (Url.IsLocalUrl(returnUrl) == false && _interactionService.IsValidReturnUrl(returnUrl) == false)
|
|
{
|
|
// user might have clicked on a malicious link - should be logged
|
|
throw new ArgumentException("invalid return URL");
|
|
}
|
|
|
|
// start challenge and roundtrip the return URL and scheme
|
|
var props = new AuthenticationProperties
|
|
{
|
|
RedirectUri = Url.Page("/externallogin/callback"),
|
|
|
|
Items =
|
|
{
|
|
{ "returnUrl", returnUrl },
|
|
{ "scheme", scheme },
|
|
}
|
|
};
|
|
|
|
return Challenge(props, scheme);
|
|
}
|
|
}
|
|
} |