private IHttpActionResult CreateConsentResult(
ValidatedAuthorizeRequest validatedRequest,
UserConsent consent,
NameValueCollection requestParameters,
string errorMessage)
{
var env = Request.GetOwinEnvironment();
var consentModel = new ConsentViewModel
{
RequestId = env.GetRequestId(),
SiteName = _options.SiteName,
SiteUrl = env.GetIdentityServerBaseUrl(),
ErrorMessage = errorMessage,
CurrentUser = User.GetName(),
ClientName = validatedRequest.Client.ClientName,
ClientUrl = validatedRequest.Client.ClientUri,
ClientLogoUrl = validatedRequest.Client.LogoUri ?? null,
IdentityScopes = validatedRequest.GetIdentityScopes(this._localizationService),
ResourceScopes = validatedRequest.GetResourceScopes(this._localizationService),
AllowRememberConsent = validatedRequest.Client.AllowRememberConsent,
RememberConsent = consent != null ? consent.RememberConsent : true,
LoginWithDifferentAccountUrl = Url.Route(Constants.RouteNames.Oidc.SwitchUser, null).AddQueryString(requestParameters.ToQueryString()),
LogoutUrl = Url.Route(Constants.RouteNames.Oidc.EndSession, null),
ConsentUrl = Url.Route(Constants.RouteNames.Oidc.Consent, null).AddQueryString(requestParameters.ToQueryString()),
AntiForgery = _antiForgeryToken.GetAntiForgeryToken()
};
return(new ConsentActionResult(_viewService, consentModel));
}
private async Task <IHttpActionResult> RenderPermissionsPage(string error = null)
{
var env = Request.GetOwinEnvironment();
var clients = await this.clientPermissionsService.GetClientPermissionsAsync(User.GetSubjectId());
var vm = new ClientPermissionsViewModel
{
RequestId = env.GetRequestId(),
SiteName = options.SiteName,
SiteUrl = env.GetIdentityServerBaseUrl(),
CurrentUser = User.GetName(),
LogoutUrl = env.GetIdentityServerLogoutUrl(),
RevokePermissionUrl = Request.GetOwinContext().GetPermissionsPageUrl(),
AntiForgery = antiForgeryToken.GetAntiForgeryToken(),
Clients = clients,
ErrorMessage = error
};
return(new ClientPermissionsActionResult(this.viewSvc, Request.GetOwinEnvironment(), vm));
}
private async Task <IHttpActionResult> RenderLoginPage(SignInMessage message, string signInMessageId, string errorMessage = null, string username = null, bool rememberMe = false)
{
if (message == null)
{
throw new ArgumentNullException("message");
}
username = GetUserNameForLoginPage(message, username);
var isLocalLoginAllowedForClient = await IsLocalLoginAllowedForClient(message);
var isLocalLoginAllowed = isLocalLoginAllowedForClient && options.AuthenticationOptions.EnableLocalLogin;
var idpRestrictions = await clientStore.GetIdentityProviderRestrictionsAsync(message.ClientId);
var providers = context.GetExternalAuthenticationProviders(idpRestrictions);
var providerLinks = context.GetLinksFromProviders(providers, signInMessageId);
var visibleLinks = providerLinks.FilterHiddenLinks();
var client = await clientStore.FindClientByIdAsync(message.ClientId);
if (errorMessage != null)
{
Logger.InfoFormat("rendering login page with error message: {0}", errorMessage);
}
else
{
if (isLocalLoginAllowed == false)
{
if (options.AuthenticationOptions.EnableLocalLogin)
{
Logger.Info("local login disabled");
}
if (isLocalLoginAllowedForClient)
{
Logger.Info("local login disabled for the client");
}
string url = null;
if (!providerLinks.Any())
{
Logger.Info("no providers registered for client");
return(RenderErrorPage());
}
else if (providerLinks.Count() == 1)
{
Logger.Info("only one provider for client");
url = providerLinks.First().Href;
}
else if (visibleLinks.Count() == 1)
{
Logger.Info("only one visible provider");
url = visibleLinks.First().Href;
}
if (url.IsPresent())
{
Logger.InfoFormat("redirecting to provider URL: {0}", url);
return(Redirect(url));
}
}
Logger.Info("rendering login page");
}
var loginPageLinks = options.AuthenticationOptions.LoginPageLinks.Render(Request.GetIdentityServerBaseUrl(), signInMessageId);
var loginModel = new LoginViewModel
{
RequestId = context.GetRequestId(),
SiteName = options.SiteName,
SiteUrl = Request.GetIdentityServerBaseUrl(),
ExternalProviders = visibleLinks,
AdditionalLinks = loginPageLinks,
ErrorMessage = errorMessage,
LoginUrl = isLocalLoginAllowed ? Url.Route(Constants.RouteNames.Login, new { signin = signInMessageId }) : null,
AllowRememberMe = options.AuthenticationOptions.CookieOptions.AllowRememberMe,
RememberMe = options.AuthenticationOptions.CookieOptions.AllowRememberMe && rememberMe,
CurrentUser = context.GetCurrentUserDisplayName(),
LogoutUrl = context.GetIdentityServerLogoutUrl(),
AntiForgery = antiForgeryToken.GetAntiForgeryToken(),
Username = username,
ClientName = client != null ? client.ClientName : null,
ClientUrl = client != null ? client.ClientUri : null,
ClientLogoUrl = client != null ? client.LogoUri : null
};
return(new LoginActionResult(viewService, loginModel, message));
}
