private static Client ConvertToIs4Client(BookingPartnerTable bookingPartner)
{
if (bookingPartner == null)
{
return(null);
}
return(new Client
{
Enabled = bookingPartner.Registered,
ClientId = bookingPartner.ClientId,
ClientName = bookingPartner.Name,
AllowedGrantTypes = bookingPartner.GrantTypes == null ? new List <string>() : bookingPartner.GrantTypes.ToList(),
ClientSecrets = bookingPartner.ClientSecret == null ? new List <Secret>() : new List <Secret> {
new Secret(bookingPartner.ClientSecret)
},
AllowedScopes = bookingPartner.Scope == null ? new List <string>() : bookingPartner.Scope.Split(' ').ToList(),
Claims = bookingPartner.ClientId == null ? new List <System.Security.Claims.Claim>() : new List <System.Security.Claims.Claim>()
{
new System.Security.Claims.Claim("https://openactive.io/clientId", bookingPartner.ClientId)
},
ClientClaimsPrefix = "",
AlwaysSendClientClaims = true,
AlwaysIncludeUserClaimsInIdToken = true,
AllowOfflineAccess = true,
UpdateAccessTokenClaimsOnRefresh = true,
RedirectUris = bookingPartner.RedirectUris == null ? new List <string>() : bookingPartner.RedirectUris.ToList(),
RequireConsent = true,
RequirePkce = true,
LogoUri = bookingPartner.LogoUri,
ClientUri = bookingPartner.ClientUri
});
}
public static async Task <BookingPartnerViewModel> Build(long?sellerUserId = null)
{
var bookingPartners = sellerUserId.HasValue
? await BookingPartnerTable.GetBySellerUserId(sellerUserId.Value)
: await BookingPartnerTable.Get();
var list = (await Task.WhenAll(bookingPartners.Select(async bookingPartner =>
{
var bookingStatistics = await BookingStatistics.Get(bookingPartner.ClientId);
return(new BookingPartnerModel
{
ClientId = bookingPartner.ClientId,
ClientName = bookingPartner.Name,
ClientLogoUrl = bookingPartner.LogoUri,
ClientUrl = bookingPartner.ClientUri,
RestoreAccessUrl = bookingPartner.RestoreAccessUri,
BookingPartner = bookingPartner,
SellersEnabled = bookingStatistics.SellersEnabled,
BookingsByBroker = bookingStatistics.BookingsByBroker
});
}))).ToList();
return(new BookingPartnerViewModel {
BookingPartners = list
});
}
public async Task <IActionResult> RegenerateKey([FromForm] string clientId)
{
var bookingPartner = await BookingPartnerTable.GetByClientId(clientId);
await BookingPartnerTable.SetKey(clientId, KeyGenerator.GenerateInitialAccessToken(bookingPartner.Name));
return(Redirect($"/booking-partners/edit/{clientId}"));
}
public async Task <IActionResult> Suspend([FromForm] string clientId)
{
var client = await _clients.FindClientByIdAsync(clientId);
client.AllowedScopes.Remove("openactive-openbooking");
await _events.RaiseAsync(new GrantsRevokedEvent(User.GetSubjectId(), clientId));
await BookingPartnerTable.UpdateScope(clientId, "openid profile openactive-ordersfeed", true);
return(Redirect("/booking-partners/seller-admin"));
}
public async Task <IActionResult> RegenerateAllKeys([FromForm] string clientId)
{
var bookingPartner = await BookingPartnerTable.GetByClientId(clientId);
await BookingPartnerTable.ResetKey(clientId, KeyGenerator.GenerateInitialAccessToken(bookingPartner.Name));
// TODO: Is this cached in memory, does it need updating??
//var client = await _clients.FindClientByIdAsync(clientId);
//client.ClientSecrets = new List<Secret>() { new Secret(clientSecret.Sha256()) };
return(Redirect($"/booking-partners/edit/{clientId}"));
}
public async Task <IActionResult> Create([FromForm] string email, [FromForm] string bookingPartnerName)
{
var newBookingPartner = new BookingPartnerTable
{
ClientId = Guid.NewGuid().ToString(),
Name = bookingPartnerName,
ClientSecret = null,
Email = email,
Registered = false,
InitialAccessToken = KeyGenerator.GenerateInitialAccessToken(bookingPartnerName),
InitialAccessTokenKeyValidUntil = DateTime.Now.AddDays(2),
CreatedDate = DateTime.Now,
BookingsSuspended = false
};
await BookingPartnerTable.Add(newBookingPartner);
return(Redirect($"/booking-partners/edit/{newBookingPartner.ClientId}"));
}
private static async Task <BookingPartnerModel> BuildBookingPartnerModel(string clientId)
{
// var client = await _clients.FindClientByIdAsync(clientId);
var bookingPartner = await BookingPartnerTable.GetByClientId(clientId);
if (bookingPartner == null)
{
return(null);
}
return(new BookingPartnerModel
{
ClientId = bookingPartner.ClientId,
ClientName = bookingPartner.Name,
ClientLogoUrl = bookingPartner.LogoUri,
ClientUrl = bookingPartner.ClientUri,
BookingPartner = bookingPartner
});
}
public async Task <Client> FindClientByIdAsync(string clientId)
{
var bookingPartner = await BookingPartnerTable.GetByClientId(clientId);
return(ConvertToIs4Client(bookingPartner));
}
public async Task <IActionResult> PostAsync([FromBody] ClientRegistrationModel model)
{
model.GrantTypes ??= new[] { OidcConstants.GrantTypes.AuthorizationCode, OidcConstants.GrantTypes.RefreshToken };
if (model.GrantTypes.Any(x => x == OidcConstants.GrantTypes.Implicit) || model.GrantTypes.Any(x => x == OidcConstants.GrantTypes.AuthorizationCode))
{
if (!model.RedirectUris.Any())
{
return(BadRequest("A redirect URI is required for the supplied grant type."));
}
if (model.RedirectUris.Any(redirectUri => !Uri.IsWellFormedUriString(redirectUri, UriKind.Absolute)))
{
return(BadRequest("One or more of the redirect URIs are invalid."));
}
}
// generate a secret for the client
var key = KeyGenerator.GenerateSecret();
var registrationKey = string.Empty;
if (Request.Headers.TryGetValue("Authorization", out var headerValues))
{
registrationKey = headerValues.FirstOrDefault().Substring("Bearer ".Length);
}
// update the booking system
var bookingPartner = await BookingPartnerTable.GetByInitialAccessToken(registrationKey);
if (bookingPartner == null)
{
return(Unauthorized("Initial Access Token is not valid, or is expired"));
}
bookingPartner.Registered = true;
bookingPartner.ClientSecret = key.Sha256();
bookingPartner.Name = model.ClientName;
bookingPartner.ClientUri = model.ClientUri;
bookingPartner.RestoreAccessUri = model.ClientRegistrationUri;
bookingPartner.LogoUri = model.LogoUri;
bookingPartner.GrantTypes = model.GrantTypes;
bookingPartner.RedirectUris = model.RedirectUris;
bookingPartner.Scope = model.Scope;
await BookingPartnerTable.Save(bookingPartner);
// Read the updated client from the database and reflect back in the request
var client = await _clients.FindClientByIdAsync(bookingPartner.ClientId);
if (bookingPartner.ClientSecret != client.ClientSecrets?.FirstOrDefault()?.Value)
{
return(Problem(title: "New client secret not updated in cache", statusCode: 500));
}
var response = new ClientRegistrationResponse
{
ClientId = client.ClientId,
ClientSecret = key,
ClientName = client.ClientName,
ClientUri = client.ClientUri,
LogoUri = client.LogoUri,
GrantTypes = client.AllowedGrantTypes.ToArray(),
RedirectUris = client.RedirectUris.ToArray(),
Scope = string.Join(' ', client.AllowedScopes)
};
var baseUrl = $"{Request.Scheme}://{Request.Host.Value}/connect/register";
return(Created($"{baseUrl}/{client.ClientId}", response));
}
