public Client UpdateClient(OAuth2.DataModels.Client Client)
{
const string sql = "UPDATE `Client` SET `name` = COALESCE(@name, `name`), `description` = COALESCE(@description, `description`), `secret` = COALESCE(@secret, `secret`), `redirect_uri` = COALESCE(@redirect_uri, `redirect_uri`), `type` = COALESCE(@type, `type`), `icon` = COALESCE(@icon, `icon`), `allowed_scope` = COALESCE(@allowed_scope, `allowed_scope`), `contact_email` = COALESCE(@contact_email, `contact_email`), `owned_by` = COALESCE(@owned_by, `owned_by`), `service_account` = COALESCE(@service_account, `service_account`) WHERE id = @id";
using (IDbConnection db = DBFactory.Open())
{
if (db.Execute(sql, new { name = Client.name, description = Client.description, secret = Client.secret, redirect_uri = Client.redirect_uri, type = Client.type, icon = Client.icon, allowed_scope = Client.allowed_scope, contact_email = Client.contact_email, owned_by = Client.owned_by, service_account = Client.service_account, id = Client.id }) != 0)
{
return(GetClientByID(Client.id));
}
return(null);
}
}
public Client SetClient(OAuth2.DataModels.Client Client, string ResourceOwner)
{
const string sql = "UPDATE `Client` SET `name` = @name, `description` = @description, `secret` = @secret, `redirect_uri` = @redirect_uri, `type` = @type, `icon` = @icon, `allowed_scope` = @allowed_scope, `contact_email` = @contact_email, `owned_by` = @owned_by, `service_account` = @service_account WHERE id = @id AND (COALESCE(`owned_by`,'NULL') = COALESCE(@current_owned_by, 'NULL'));";
using (IDbConnection db = DBFactory.Open())
{
if (db.Execute(sql, new { name = Client.name, description = Client.description, secret = Client.secret, redirect_uri = Client.redirect_uri, type = Client.type, icon = Client.icon, allowed_scope = Client.allowed_scope, contact_email = Client.contact_email, owned_by = Client.owned_by, service_account = Client.service_account, id = Client.id, current_owned_by = ResourceOwner }) != 0)
{
return(GetClientByID(Client.id));
}
return(null);
}
}
public OAuth2.DataModels.TokenResponse Get(TokenRequest request)
{
if (request.response_type == null)
{
Response.StatusCode = 400;
throw new OAuth2.DataModels.TokenRequestError()
{
error = OAuth2.DataModels.ErrorCodes.invalid_request,
error_description = "Missing or invalid response type. Valid: token, code",
};
}
if (request.response_type.Value != AuthTypes.code && request.response_type.Value != AuthTypes.token)
{
throw new DataModels.TokenRequestError(DataModels.ErrorCodes.unsupported_response_type, "Only the 'code' and 'token' response types are supported for get operations");
}
OAuth2.DataModels.Client client = ValidateClient(request.client_id, request.client_password, false, false);
Uri clientUri = ValidateRedirectURI(request.redirect_uri, client.redirect_uri);
switch (request.response_type.Value)
{
case AuthTypes.token:
HandleTokenGrant(request, client);
return(null);
case AuthTypes.code:
HandleCodeGrant(request, client);
return(null);
}
Response.StatusCode = 500;
throw new OAuth2.DataModels.TokenRequestError()
{
error = OAuth2.DataModels.ErrorCodes.server_error,
error_description = "Unknow server error"
};
}
public OAuth2.DataModels.TokenResponse Post(TokenRequest request)
{
if (request.grant_type == null || request.grant_type.Value == AuthTypes.code || request.grant_type.Value == AuthTypes.token)
{
Response.StatusCode = 400;
throw new OAuth2.DataModels.TokenRequestError()
{
error = OAuth2.DataModels.ErrorCodes.invalid_request,
error_description = "Missing or invalid grant type. Valid: " + string.Join(", ", EnumValuesExtension <AuthTypes> .GetValues().Where((cur) => cur != AuthTypes.token && cur != AuthTypes.code))
};
}
OAuth2.DataModels.Client client = ValidateClient(request.client_id, request.client_password);
Uri clientUri = ValidateRedirectURI(request.redirect_uri, client.redirect_uri);
switch (request.grant_type.Value)
{
case AuthTypes.client_credentials:
return(HandleClientCredentialsGrant(request, client));
case AuthTypes.password:
return(HandlePasswordGrant(request, client));
case AuthTypes.authorization_code:
HandleCodeExchange(request, client);
return(null);
case AuthTypes.refresh_token:
HandleRefreshTokenGrant(request, client);
return(null);
default:
throw new DataModels.TokenRequestError(DataModels.ErrorCodes.invalid_request, string.Format("Grant Type {0} is not supported", request.grant_type.Value));
}
}
protected DataModels.Client ValidateClient(string ClientID, string ClientPassword, bool CheckPasswordIfNotWebClient = true, bool RequirePasswordForWebClients = true)
{
if (string.IsNullOrEmpty(ClientID))
{
Response.StatusCode = 400;
throw new OAuth2.DataModels.TokenRequestError()
{
error = OAuth2.DataModels.ErrorCodes.invalid_request,
error_description = "Missing client id"
};
}
OAuth2.DataModels.Client client = ClientModel.GetClientByID(ClientID);
if (client == null)
{
Response.StatusCode = 400;
throw new OAuth2.DataModels.TokenRequestError()
{
error = OAuth2.DataModels.ErrorCodes.unauthorized_client,
error_description = "invalid client id or client password specified"
};
}
if ((((client.type == DataModels.ClientTypes.web_application && RequirePasswordForWebClients) || (CheckPasswordIfNotWebClient && !string.IsNullOrWhiteSpace(client.secret))) && ClientPassword != client.secret))
{
Response.StatusCode = 400;
throw new OAuth2.DataModels.TokenRequestError()
{
error = OAuth2.DataModels.ErrorCodes.unauthorized_client,
error_description = "invalid client id or client password specified"
};
}
return(client);
}
public Client UpdateClient(OAuth2.DataModels.Client Client, OAuth2.DataModels.ResourceOwner ResourceOwner)
{
return(UpdateClient(Client, ResourceOwner.id));
}
public bool ClientExists(OAuth2.DataModels.Client Client)
{
return(ClientExists(Client.id));
}
public bool DeleteClient(OAuth2.DataModels.Client Client)
{
return(DeleteClient(Client.id));
}
public bool DeleteClient(OAuth2.DataModels.Client Client, OAuth2.DataModels.ResourceOwner ResourceOwner)
{
return(DeleteClient(Client.id, ResourceOwner.id));
}
