huahaofeng
/
aspnetcore
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Log the error inforamtion when redeem auth code

This commit is contained in:
Troy Dai 2016-09-21 16:18:59 -07:00
parent ddeef1f9ac
commit 28932a7795
2 changed files with 77 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
src/Microsoft.AspNetCore.Authentication.OpenIdConnect/LoggingExtensions.cs
View File

@ -37,7 +37,8 @@ namespace Microsoft.Extensions.Logging
private static Action<ILogger, string, Exception> _invalidLogoutQueryStringRedirectUrl;
private static Action<ILogger, Exception> _nullOrEmptyAuthorizationResponseState;
private static Action<ILogger, Exception> _unableToReadAuthorizationResponseState;
private static Action<ILogger, string, string, string, Exception> _authorizationResponseError;
private static Action<ILogger, string, string, string, Exception> _responseError;
private static Action<ILogger, string, string, string, int, Exception> _responseErrorWithStatusCode;
private static Action<ILogger, Exception> _exceptionProcessingMessage;
private static Action<ILogger, Exception> _accessTokenNotAvailable;
private static Action<ILogger, Exception> _retrievingClaims;
@ -106,10 +107,14 @@ namespace Microsoft.Extensions.Logging
eventId: 11,
logLevel: LogLevel.Debug,
formatString: "Unable to read the message.State.");
_authorizationResponseError = LoggerMessage.Define<string, string, string>(
_responseError = LoggerMessage.Define<string, string, string>(
eventId: 12,
logLevel: LogLevel.Error,
formatString: "Message contains error: '{Error}', error_description: '{ErrorDescription}', error_uri: '{ErrorUri}'.");
_responseErrorWithStatusCode = LoggerMessage.Define<string, string, string, int>(
eventId: 49,
logLevel: LogLevel.Error,
formatString: "Message contains error: '{Error}', error_description: '{ErrorDescription}', error_uri: '{ErrorUri}', status code '{StatusCode}'.");
_updatingConfiguration = LoggerMessage.Define(
eventId: 13,
logLevel: LogLevel.Debug,
@ -380,9 +385,14 @@ namespace Microsoft.Extensions.Logging
_unableToReadAuthorizationResponseState(logger, null);
}
public static void AuthorizationResponseError(this ILogger logger, string error, string errorDescription, string errorUri)
public static void ResponseError(this ILogger logger, string error, string errorDescription, string errorUri)
{
_authorizationResponseError(logger, error, errorDescription, errorUri, null);
_responseError(logger, error, errorDescription, errorUri, null);
}
public static void ResponseErrorWithStatusCode(this ILogger logger, string error, string errorDescription, string errorUri, int statusCode)
{
_responseErrorWithStatusCode(logger, error, errorDescription, errorUri, statusCode, null);
}
public static void ExceptionProcessingMessage(this ILogger logger, Exception ex)

77
src/Microsoft.AspNetCore.Authentication.OpenIdConnect/OpenIdConnectHandler.cs
View File

@ -507,14 +507,7 @@ namespace Microsoft.AspNetCore.Authentication.OpenIdConnect
// if any of the error fields are set, throw error null
if (!string.IsNullOrEmpty(authorizationResponse.Error))
{
Logger.AuthorizationResponseError(
authorizationResponse.Error,
authorizationResponse.ErrorDescription ?? "ErrorDecription null",
authorizationResponse.ErrorUri ?? "ErrorUri null");
return AuthenticateResult.Fail(new OpenIdConnectProtocolException(
string.Format(CultureInfo.InvariantCulture, Resources.MessageContainsError, authorizationResponse.Error,
authorizationResponse.ErrorDescription ?? "ErrorDecription null", authorizationResponse.ErrorUri ?? "ErrorUri null")));
return AuthenticateResult.Fail(CreateOpenIdConnectProtocolException(authorizationResponse, response: null));
}
if (_configuration == null && Options.ConfigurationManager != null)
@ -590,6 +583,7 @@ namespace Microsoft.AspNetCore.Authentication.OpenIdConnect
{
return result;
}
authorizationResponse = tokenResponseReceivedContext.ProtocolMessage;
tokenEndpointResponse = tokenResponseReceivedContext.TokenEndpointResponse;
@ -684,20 +678,50 @@ namespace Microsoft.AspNetCore.Authentication.OpenIdConnect
}
/// <summary>
/// Redeems the authorization code for tokens at the token endpoint
/// Redeems the authorization code for tokens at the token endpoint.
/// </summary>
/// <param name="tokenEndpointRequest">The request that will be sent to the token endpoint and is available for customization.</param>
/// <returns>OpenIdConnect message that has tokens inside it.</returns>
protected virtual async Task<OpenIdConnectMessage> RedeemAuthorizationCodeAsync(OpenIdConnectMessage tokenEndpointRequest)
{
Logger.RedeemingCodeForTokens();
var requestMessage = new HttpRequestMessage(HttpMethod.Post, _configuration.TokenEndpoint);
requestMessage.Content = new FormUrlEncodedContent(tokenEndpointRequest.Parameters);
var responseMessage = await Backchannel.SendAsync(requestMessage);
responseMessage.EnsureSuccessStatusCode();
var tokenResonse = await responseMessage.Content.ReadAsStringAsync();
var jsonTokenResponse = JObject.Parse(tokenResonse);
return new OpenIdConnectMessage(jsonTokenResponse);
var contentMediaType = responseMessage.Content.Headers.ContentType?.MediaType;
if (string.IsNullOrEmpty(contentMediaType))
{
Logger.LogDebug($"Unexpected token response format. Status Code: {(int)responseMessage.StatusCode}. Content-Type header is missing.");
}
else if (!string.Equals(contentMediaType, "application/json", StringComparison.OrdinalIgnoreCase))
{
Logger.LogDebug($"Unexpected token response format. Status Code: {(int)responseMessage.StatusCode}. Content-Type {responseMessage.Content.Headers.ContentType}.");
}
// Error handling:
// 1. If the response body can't be parsed as json, throws.
// 2. If the response's status code is not in 2XX range, throw OpenIdConnectProtocolException. If the body is correct parsed,
// pass the error information from body to the exception.
OpenIdConnectMessage message;
try
{
var responseContent = await responseMessage.Content.ReadAsStringAsync();
message = new OpenIdConnectMessage(responseContent);
}
catch (Exception ex)
{
throw new OpenIdConnectProtocolException($"Failed to parse token response body as JSON. Status Code: {(int)responseMessage.StatusCode}. Content-Type: {responseMessage.Content.Headers.ContentType}", ex);
}
if (!responseMessage.IsSuccessStatusCode)
{
throw CreateOpenIdConnectProtocolException(message, responseMessage);
}
return message;
}
/// <summary>
@ -1016,7 +1040,10 @@ namespace Microsoft.AspNetCore.Authentication.OpenIdConnect
return authorizationCodeReceivedContext;
}
private async Task<TokenResponseReceivedContext> RunTokenResponseReceivedEventAsync(OpenIdConnectMessage message, OpenIdConnectMessage tokenEndpointResponse, AuthenticationProperties properties)
private async Task<TokenResponseReceivedContext> RunTokenResponseReceivedEventAsync(
OpenIdConnectMessage message,
OpenIdConnectMessage tokenEndpointResponse,
AuthenticationProperties properties)
{
Logger.TokenResponseReceived();
var eventContext = new TokenResponseReceivedContext(Context, Options, properties)
@ -1157,5 +1184,27 @@ namespace Microsoft.AspNetCore.Authentication.OpenIdConnect
return BuildRedirectUri(uri);
}
private OpenIdConnectProtocolException CreateOpenIdConnectProtocolException(OpenIdConnectMessage message, HttpResponseMessage response)
{
var description = message.ErrorDescription ?? "error_description is null";
var errorUri = message.ErrorUri ?? "error_uri is null";
if (response != null)
{
Logger.ResponseErrorWithStatusCode(message.Error, description, errorUri, (int)response.StatusCode);
}
else
{
Logger.ResponseError(message.Error, description, errorUri);
}
return new OpenIdConnectProtocolException(string.Format(
CultureInfo.InvariantCulture,
Resources.MessageContainsError,
message.Error,
description,
errorUri));
}
}
}