huahaofeng
/
aspnetcore
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Handle back channel failure gracefully 

1. Check the response states code. If it is out of 2XX range, compose a
readable message and throw in an exception.
2. Capture the exception in HandleRemoteAuthenticateAsync and translate
it into AuthenticateResult.
This commit is contained in:
Troy Dai 2016-07-20 16:15:58 -07:00
parent ecb3b90984
commit 312edaafb4
4 changed files with 27 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
src/Microsoft.AspNetCore.Authentication.Facebook/FacebookHandler.cs
View File

@ -1,6 +1,7 @@
// Copyright (c) .NET Foundation. All rights reserved.
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using System;
using System.Globalization;
using System.Net.Http;
using System.Security.Claims;
@ -35,7 +36,11 @@ namespace Microsoft.AspNetCore.Authentication.Facebook
}
var response = await Backchannel.GetAsync(endpoint, Context.RequestAborted);
response.EnsureSuccessStatusCode();
if (!response.IsSuccessStatusCode)
{
var errorMessage = $"Failed to retrived Facebook user information ({response.StatusCode}) Please check if the authentication information is correct and the corresponding Google API is enabled.";
throw new InvalidOperationException(errorMessage);
}
var payload = JObject.Parse(await response.Content.ReadAsStringAsync());
@ -119,7 +124,7 @@ namespace Microsoft.AspNetCore.Authentication.Facebook
{
identity.AddClaim(new Claim(ClaimTypes.Name, name, ClaimValueTypes.String, Options.ClaimsIssuer));
}
var timeZone = FacebookHelper.GetTimeZone(payload);
if (!string.IsNullOrEmpty(timeZone))
{

6
src/Microsoft.AspNetCore.Authentication.Google/GoogleHandler.cs
View File

@ -32,7 +32,11 @@ namespace Microsoft.AspNetCore.Authentication.Google
request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", tokens.AccessToken);
var response = await Backchannel.SendAsync(request, Context.RequestAborted);
response.EnsureSuccessStatusCode();
if (!response.IsSuccessStatusCode)
{
var errorMessage = $"Failed to retrived Google user information ({response.StatusCode}) Please check if the authentication information is correct and the corresponding Google API is enabled.";
throw new InvalidOperationException(errorMessage);
}
var payload = JObject.Parse(await response.Content.ReadAsStringAsync());

7
src/Microsoft.AspNetCore.Authentication.MicrosoftAccount/MicrosoftAccountHandler.cs
View File

@ -1,6 +1,7 @@
// Copyright (c) .NET Foundation. All rights reserved.
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using System;
using System.Net.Http;
using System.Net.Http.Headers;
using System.Security.Claims;
@ -25,7 +26,11 @@ namespace Microsoft.AspNetCore.Authentication.MicrosoftAccount
request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", tokens.AccessToken);
var response = await Backchannel.SendAsync(request, Context.RequestAborted);
response.EnsureSuccessStatusCode();
if (!response.IsSuccessStatusCode)
{
var errorMessage = $"Failed to retrived Microsoft user information ({response.StatusCode}) Please check if the authentication information is correct and the corresponding Google API is enabled.";
throw new InvalidOperationException(errorMessage);
}
var payload = JObject.Parse(await response.Content.ReadAsStringAsync());

10
src/Microsoft.AspNetCore.Authentication.OAuth/OAuthHandler.cs
View File

@ -119,7 +119,15 @@ namespace Microsoft.AspNetCore.Authentication.OAuth
properties.StoreTokens(authTokens);
}
return AuthenticateResult.Success(await CreateTicketAsync(identity, properties, tokens));
try
{
var ticket = await CreateTicketAsync(identity, properties, tokens);
return AuthenticateResult.Success(ticket);
}
catch (Exception ex)
{
return AuthenticateResult.Fail(ex);
}
}
protected virtual async Task<OAuthTokenResponse> ExchangeCodeAsync(string code, string redirectUri)