Handle back channel failure gracefully
1. Check the response states code. If it is out of 2XX range, compose a readable message and throw in an exception. 2. Capture the exception in HandleRemoteAuthenticateAsync and translate it into AuthenticateResult.
This commit is contained in:
parent
ecb3b90984
commit
312edaafb4
|
|
@ -1,6 +1,7 @@
|
||||||
// Copyright (c) .NET Foundation. All rights reserved.
|
// Copyright (c) .NET Foundation. All rights reserved.
|
||||||
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
|
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
|
||||||
|
|
||||||
|
using System;
|
||||||
using System.Globalization;
|
using System.Globalization;
|
||||||
using System.Net.Http;
|
using System.Net.Http;
|
||||||
using System.Security.Claims;
|
using System.Security.Claims;
|
||||||
|
|
@ -35,7 +36,11 @@ namespace Microsoft.AspNetCore.Authentication.Facebook
|
||||||
}
|
}
|
||||||
|
|
||||||
var response = await Backchannel.GetAsync(endpoint, Context.RequestAborted);
|
var response = await Backchannel.GetAsync(endpoint, Context.RequestAborted);
|
||||||
response.EnsureSuccessStatusCode();
|
if (!response.IsSuccessStatusCode)
|
||||||
|
{
|
||||||
|
var errorMessage = $"Failed to retrived Facebook user information ({response.StatusCode}) Please check if the authentication information is correct and the corresponding Google API is enabled.";
|
||||||
|
throw new InvalidOperationException(errorMessage);
|
||||||
|
}
|
||||||
|
|
||||||
var payload = JObject.Parse(await response.Content.ReadAsStringAsync());
|
var payload = JObject.Parse(await response.Content.ReadAsStringAsync());
|
||||||
|
|
||||||
|
|
@ -119,7 +124,7 @@ namespace Microsoft.AspNetCore.Authentication.Facebook
|
||||||
{
|
{
|
||||||
identity.AddClaim(new Claim(ClaimTypes.Name, name, ClaimValueTypes.String, Options.ClaimsIssuer));
|
identity.AddClaim(new Claim(ClaimTypes.Name, name, ClaimValueTypes.String, Options.ClaimsIssuer));
|
||||||
}
|
}
|
||||||
|
|
||||||
var timeZone = FacebookHelper.GetTimeZone(payload);
|
var timeZone = FacebookHelper.GetTimeZone(payload);
|
||||||
if (!string.IsNullOrEmpty(timeZone))
|
if (!string.IsNullOrEmpty(timeZone))
|
||||||
{
|
{
|
||||||
|
|
|
||||||
|
|
@ -32,7 +32,11 @@ namespace Microsoft.AspNetCore.Authentication.Google
|
||||||
request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", tokens.AccessToken);
|
request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", tokens.AccessToken);
|
||||||
|
|
||||||
var response = await Backchannel.SendAsync(request, Context.RequestAborted);
|
var response = await Backchannel.SendAsync(request, Context.RequestAborted);
|
||||||
response.EnsureSuccessStatusCode();
|
if (!response.IsSuccessStatusCode)
|
||||||
|
{
|
||||||
|
var errorMessage = $"Failed to retrived Google user information ({response.StatusCode}) Please check if the authentication information is correct and the corresponding Google API is enabled.";
|
||||||
|
throw new InvalidOperationException(errorMessage);
|
||||||
|
}
|
||||||
|
|
||||||
var payload = JObject.Parse(await response.Content.ReadAsStringAsync());
|
var payload = JObject.Parse(await response.Content.ReadAsStringAsync());
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,7 @@
|
||||||
// Copyright (c) .NET Foundation. All rights reserved.
|
// Copyright (c) .NET Foundation. All rights reserved.
|
||||||
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
|
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
|
||||||
|
|
||||||
|
using System;
|
||||||
using System.Net.Http;
|
using System.Net.Http;
|
||||||
using System.Net.Http.Headers;
|
using System.Net.Http.Headers;
|
||||||
using System.Security.Claims;
|
using System.Security.Claims;
|
||||||
|
|
@ -25,7 +26,11 @@ namespace Microsoft.AspNetCore.Authentication.MicrosoftAccount
|
||||||
request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", tokens.AccessToken);
|
request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", tokens.AccessToken);
|
||||||
|
|
||||||
var response = await Backchannel.SendAsync(request, Context.RequestAborted);
|
var response = await Backchannel.SendAsync(request, Context.RequestAborted);
|
||||||
response.EnsureSuccessStatusCode();
|
if (!response.IsSuccessStatusCode)
|
||||||
|
{
|
||||||
|
var errorMessage = $"Failed to retrived Microsoft user information ({response.StatusCode}) Please check if the authentication information is correct and the corresponding Google API is enabled.";
|
||||||
|
throw new InvalidOperationException(errorMessage);
|
||||||
|
}
|
||||||
|
|
||||||
var payload = JObject.Parse(await response.Content.ReadAsStringAsync());
|
var payload = JObject.Parse(await response.Content.ReadAsStringAsync());
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -119,7 +119,15 @@ namespace Microsoft.AspNetCore.Authentication.OAuth
|
||||||
properties.StoreTokens(authTokens);
|
properties.StoreTokens(authTokens);
|
||||||
}
|
}
|
||||||
|
|
||||||
return AuthenticateResult.Success(await CreateTicketAsync(identity, properties, tokens));
|
try
|
||||||
|
{
|
||||||
|
var ticket = await CreateTicketAsync(identity, properties, tokens);
|
||||||
|
return AuthenticateResult.Success(ticket);
|
||||||
|
}
|
||||||
|
catch (Exception ex)
|
||||||
|
{
|
||||||
|
return AuthenticateResult.Fail(ex);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
protected virtual async Task<OAuthTokenResponse> ExchangeCodeAsync(string code, string redirectUri)
|
protected virtual async Task<OAuthTokenResponse> ExchangeCodeAsync(string code, string redirectUri)
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue