前回はAuthorization Code Grantを書いたので、今回はImplicit Grantを書いてみます。
https://qiita.com/namikitakeo/items/b41d66fe88ab563bd13a
今回はAuthorizationコントローラーのみ修正します。
http://localhost:5000/op/auth
Controllers/AuthController.cs
usingSystem;usingSystem.IO;usingSystem.Collections.Generic;usingSystem.Linq;usingSystem.Threading.Tasks;usingMicrosoft.AspNetCore.Http;usingMicrosoft.AspNetCore.Mvc;usingMicrosoft.EntityFrameworkCore;usingmyop.Models;namespacemyop.Controllers{[Route("op/[controller]")][ApiController]publicclassAuthController:ControllerBase{privatereadonlymyopContext_context;stringCLIENT_ID;stringRESPONSE_TYPE;stringREDIRECT_URI;stringSCOPE;stringSTATE;publicAuthController(myopContextcontext){_context=context;}// GET: op/auth[HttpGet]publicasyncTask<ActionResult>doGet(){CLIENT_ID=HttpContext.Request.Query["client_id"].ToString();RESPONSE_TYPE=HttpContext.Request.Query["response_type"].ToString();REDIRECT_URI=HttpContext.Request.Query["redirect_uri"].ToString();SCOPE=HttpContext.Request.Query["scope"].ToString();STATE=HttpContext.Request.Query["state"].ToString();varclient=await_context.Clients.FindAsync(CLIENT_ID);if(client==null){returnnull;}if(client.RedirectUri!=REDIRECT_URI)returnnull;stringrandom=Guid.NewGuid().ToString("N").ToUpper();stringparam;if(RESPONSE_TYPE=="code"){if(client.GrantType!="authorization_code")returnnull;varcode=newCode{Id=random,UserId="admin",Query=HttpContext.Request.QueryString.Value.Substring(1),Iat=DateTime.Now};_context.Add(code);param="?code="+random+"&state="+STATE;}elseif(RESPONSE_TYPE=="token"){if(client.GrantType!="implicit")returnnull;vartoken=await_context.Tokens.FindAsync("admin");if(token!=null){_context.Tokens.Remove(token);await_context.SaveChangesAsync();}token=newToken{Id="admin",AccessToken=random,ExpiresIn=60,TokenType="bearer",Scope=SCOPE,Iat=DateTime.Now};_context.Add(token);param="#access_token="+random+"&token_type=bearer&state="+STATE;}else{returnnull;}await_context.SaveChangesAsync();returnRedirect(REDIRECT_URI+param);}}}