Beispiel #1
0
        private ICollection <string> BuildScopes()
        {
            var ret = new HashSet <string>();

            foreach (var scope in AllowedScopes.Split('|'))
            {
                ret.Add(scope);
            }

            foreach (var api in ApiResource())
            {
                ret.Add(api.Name);
            }

            ret.Add(IdentityServerConstants.StandardScopes.OfflineAccess);
            return(ret);
        }
Beispiel #2
0
        internal IdentityServer4.EntityFramework.Entities.Client ToClient()
        {
            var redirectUris = RedirectUris?.Split(new[] { "\r\n" }, StringSplitOptions.RemoveEmptyEntries)
                               .Where(cors => !string.IsNullOrWhiteSpace(cors) && cors.IsUrl()).ToList();
            var allowedCorsOrigins = AllowedCorsOrigins?.Split(new[] { "\r\n" }, StringSplitOptions.RemoveEmptyEntries)
                                     .Where(cors => !string.IsNullOrWhiteSpace(cors) && cors.IsUrl()).ToList();
            var client = new Models.Client
            {
                AbsoluteRefreshTokenLifetime = AbsoluteRefreshTokenLifetime,
                AccessTokenLifetime          = AccessTokenLifetime,
                AccessTokenType             = AccessTokenType,
                AllowAccessTokensViaBrowser = AllowAccessTokensViaBrowser,
                AllowedCorsOrigins          = allowedCorsOrigins,
                AllowedGrantTypes           = GetAllowedGrantTypes(),
                AllowedScopes = AllowedScopes?.Split(new[] { " " }, StringSplitOptions.RemoveEmptyEntries)
                                .Where(cors => !string.IsNullOrWhiteSpace(cors)).ToList(),
                AllowOfflineAccess               = AllowOfflineAccess,
                AllowPlainTextPkce               = AllowPlainTextPkce,
                AllowRememberConsent             = AllowRememberConsent,
                AlwaysIncludeUserClaimsInIdToken = AlwaysIncludeUserClaimsInIdToken,
                AlwaysSendClientClaims           = AlwaysSendClientClaims,
                AuthorizationCodeLifetime        = AuthorizationCodeLifetime,
                BackChannelLogoutSessionRequired = BackChannelLogoutSessionRequired,
                BackChannelLogoutUri             = BackChannelLogoutUri,
                ClientClaimsPrefix               = ClientClaimsPrefix,
                ClientId           = ClientId,
                ClientName         = ClientName,
                ClientUri          = ClientUri,
                ConsentLifetime    = ConsentLifetime,
                Description        = Description,
                DeviceCodeLifetime = DeviceCodeLifetime,
                Enabled            = Enabled,
                EnableLocalLogin   = EnableLocalLogin,
                FrontChannelLogoutSessionRequired = FrontChannelLogoutSessionRequired,
                FrontChannelLogoutUri             = FrontChannelLogoutUri,
                IdentityProviderRestrictions      =
                    IdentityProviderRestrictions?.Split("\r\n", StringSplitOptions.RemoveEmptyEntries),
                IdentityTokenLifetime = IdentityTokenLifetime,
                IncludeJwtId          = IncludeJwtId,
                LogoUri                = LogoUri,
                PairWiseSubjectSalt    = PairWiseSubjectSalt,
                PostLogoutRedirectUris = PostLogoutRedirectUris?
                                         .Split(new[] { "\r\n" }, StringSplitOptions.RemoveEmptyEntries)
                                         .Where(cors => !string.IsNullOrWhiteSpace(cors) && cors.IsUrl()).ToList(),
                // Properties
                ProtocolType                     = ProtocolType,
                RedirectUris                     = redirectUris,
                RefreshTokenExpiration           = RefreshTokenExpiration,
                RefreshTokenUsage                = RefreshTokenUsage,
                RequireClientSecret              = RequireClientSecret,
                RequireConsent                   = RequireConsent,
                RequirePkce                      = RequirePkce,
                SlidingRefreshTokenLifetime      = SlidingRefreshTokenLifetime,
                UpdateAccessTokenClaimsOnRefresh = UpdateAccessTokenClaimsOnRefresh,
                UserCodeType                     = UserCodeType,
                UserSsoLifetime                  = UserSsoLifetime,
            };

            var secrets = ClientSecrets?.Split("\r\n", StringSplitOptions.RemoveEmptyEntries)
                          .Select(x => new Secret(x.Sha256())).ToList();

            if (secrets != null && secrets.Count == 0)
            {
                client.ClientSecrets = secrets;
            }

            return(client.ToEntity());
        }