public void Filter(List <string> existingClientIds)
{
Clients = Clients.Where(x => !existingClientIds.Contains(x.ClientId)).ToList();
ClientSecrets = ClientSecrets.Where(x => !existingClientIds.Contains(x.Client.ClientId)).ToList();
AllowedGrantTypes = AllowedGrantTypes.Where(x => !existingClientIds.Contains(x.Client.ClientId)).ToList();
RedirectUris = RedirectUris.Where(x => !existingClientIds.Contains(x.Client.ClientId)).ToList();
PostLogoutRedirectUris = PostLogoutRedirectUris.Where(x => !existingClientIds.Contains(x.Client.ClientId)).ToList();
AllowedScopes = AllowedScopes.Where(x => !existingClientIds.Contains(x.Client.ClientId)).ToList();
Claims = Claims.Where(x => !existingClientIds.Contains(x.Client.ClientId)).ToList();
AllowedCorsOrigins = AllowedCorsOrigins.Where(x => !existingClientIds.Contains(x.Client.ClientId)).ToList();
IdentityProviderRestrictions = IdentityProviderRestrictions.Where(x => !existingClientIds.Contains(x.Client.ClientId)).ToList();
Properties = Properties.Where(x => !existingClientIds.Contains(x.Client.ClientId)).ToList();
}
public override bool Equals(object obj)
{
var other = obj as ClientModel;
if (other == null)
{
return(false);
}
var result =
AbsoluteRefreshTokenLifetime.SafeEquals(other.AbsoluteRefreshTokenLifetime) &&
AccessTokenLifetime.SafeEquals(other.AccessTokenLifetime) &&
AccessTokenType.SafeEquals(other.AccessTokenType) &&
AllowAccessTokensViaBrowser.SafeEquals(other.AllowAccessTokensViaBrowser) &&
AllowedCorsOrigins.SafeListEquals(other.AllowedCorsOrigins) &&
AllowedGrantTypes.SafeListEquals(other.AllowedGrantTypes) &&
AllowedScopes.SafeListEquals(other.AllowedScopes) &&
AllowOfflineAccess.SafeEquals(other.AllowOfflineAccess) &&
AllowPlainTextPkce.SafeEquals(other.AllowPlainTextPkce) &&
AllowRememberConsent.SafeEquals(other.AllowRememberConsent) &&
AlwaysSendClientClaims.SafeEquals(other.AlwaysSendClientClaims) &&
AuthorizationCodeLifetime.SafeEquals(other.AuthorizationCodeLifetime) &&
Claims.SafeListEquals(other.Claims) &&
ClientId.SafeEquals(other.ClientId) &&
ClientName.SafeEquals(other.ClientName) &&
ClientSecrets.SafeListEquals(other.ClientSecrets) &&
ClientUri.SafeEquals(other.ClientUri) &&
Enabled.SafeEquals(other.Enabled) &&
EnableLocalLogin.SafeEquals(other.EnableLocalLogin) &&
IdentityProviderRestrictions.SafeListEquals(other.IdentityProviderRestrictions) &&
IdentityTokenLifetime.SafeEquals(other.IdentityTokenLifetime) &&
IncludeJwtId.SafeEquals(other.IncludeJwtId) &&
LogoUri.SafeEquals(other.LogoUri) &&
LogoutSessionRequired.SafeEquals(other.LogoutSessionRequired) &&
LogoutUri.SafeEquals(other.LogoutUri) &&
PostLogoutRedirectUris.SafeListEquals(other.PostLogoutRedirectUris) &&
PrefixClientClaims.SafeEquals(other.PrefixClientClaims) &&
ProtocolType.SafeEquals(other.ProtocolType) &&
RedirectUris.SafeListEquals(other.RedirectUris) &&
RefreshTokenExpiration.SafeEquals(other.RefreshTokenExpiration) &&
RefreshTokenUsage.SafeEquals(other.RefreshTokenUsage) &&
RequireClientSecret.SafeEquals(other.RequireClientSecret) &&
RequireConsent.SafeEquals(other.RequireConsent) &&
RequirePkce.SafeEquals(other.RequirePkce) &&
SlidingRefreshTokenLifetime.SafeEquals(other.SlidingRefreshTokenLifetime) &&
UpdateAccessTokenClaimsOnRefresh.SafeEquals(other.UpdateAccessTokenClaimsOnRefresh);
return(result);
}
/// <summary>
/// Gets the hash code
/// </summary>
/// <returns>Hash code</returns>
public override int GetHashCode()
{
unchecked // Overflow is fine, just wrap
{
var hashCode = 41;
// Suitable nullity checks etc, of course :)
if (ClientId != null)
{
hashCode = hashCode * 59 + ClientId.GetHashCode();
}
if (Name != null)
{
hashCode = hashCode * 59 + Name.GetHashCode();
}
if (AllowedGrantTypes != null)
{
hashCode = hashCode * 59 + AllowedGrantTypes.GetHashCode();
}
if (RedirectUris != null)
{
hashCode = hashCode * 59 + RedirectUris.GetHashCode();
}
if (AllowedCorsOrigins != null)
{
hashCode = hashCode * 59 + AllowedCorsOrigins.GetHashCode();
}
if (PostLogoutRedirectUris != null)
{
hashCode = hashCode * 59 + PostLogoutRedirectUris.GetHashCode();
}
if (AllowedScopes != null)
{
hashCode = hashCode * 59 + AllowedScopes.GetHashCode();
}
if (ClientSecrets != null)
{
hashCode = hashCode * 59 + ClientSecrets.GetHashCode();
}
if (HashedClientSecrets != null)
{
hashCode = hashCode * 59 + HashedClientSecrets.GetHashCode();
}
hashCode = hashCode * 59 + AllowedOfflineAccess.GetHashCode();
return(hashCode);
}
}
public override object Clone()
{
return(new OpenIdClient
{
ClientId = ClientId,
ClientNames = ClientNames == null ? new List <OAuthTranslation>() : ClientNames.Select(c => (OAuthTranslation)c.Clone()).ToList(),
ClientUris = ClientUris == null ? new List <OAuthTranslation>() : ClientUris.Select(c => (OAuthTranslation)c.Clone()).ToList(),
LogoUris = LogoUris == null ? new List <OAuthTranslation>() : LogoUris.Select(c => (OAuthTranslation)c.Clone()).ToList(),
PolicyUris = PolicyUris == null ? new List <OAuthTranslation>() : PolicyUris.Select(c => (OAuthTranslation)c.Clone()).ToList(),
TosUris = TosUris == null ? new List <OAuthTranslation>() : TosUris.Select(c => (OAuthTranslation)c.Clone()).ToList(),
CreateDateTime = CreateDateTime,
JwksUri = JwksUri,
RefreshTokenExpirationTimeInSeconds = RefreshTokenExpirationTimeInSeconds,
UpdateDateTime = UpdateDateTime,
TokenEndPointAuthMethod = TokenEndPointAuthMethod,
TokenExpirationTimeInSeconds = TokenExpirationTimeInSeconds,
Secrets = Secrets == null ? new List <ClientSecret>() : Secrets.Select(s => (ClientSecret)s.Clone()).ToList(),
AllowedScopes = AllowedScopes == null ? new List <OpenIdScope>() : AllowedScopes.Select(s => (OpenIdScope)s.Clone()).ToList(),
JsonWebKeys = JsonWebKeys == null ? new List <JsonWebKey>() : JsonWebKeys.Select(j => (JsonWebKey)j.Clone()).ToList(),
GrantTypes = GrantTypes.ToList(),
RedirectionUrls = RedirectionUrls.ToList(),
PreferredTokenProfile = PreferredTokenProfile,
TokenEncryptedResponseAlg = TokenEncryptedResponseAlg,
TokenEncryptedResponseEnc = TokenEncryptedResponseEnc,
TokenSignedResponseAlg = TokenSignedResponseAlg,
ResponseTypes = ResponseTypes.ToList(),
Contacts = Contacts.ToList(),
SoftwareId = SoftwareId,
SoftwareVersion = SoftwareVersion,
ApplicationType = ApplicationType,
DefaultAcrValues = DefaultAcrValues.ToList(),
DefaultMaxAge = DefaultMaxAge,
IdTokenEncryptedResponseAlg = IdTokenEncryptedResponseAlg,
IdTokenEncryptedResponseEnc = IdTokenEncryptedResponseEnc,
IdTokenSignedResponseAlg = IdTokenSignedResponseAlg,
PairWiseIdentifierSalt = PairWiseIdentifierSalt,
RequestObjectEncryptionAlg = RequestObjectEncryptionAlg,
RequestObjectEncryptionEnc = RequestObjectEncryptionEnc,
RequestObjectSigningAlg = RequestObjectSigningAlg,
RequireAuthTime = RequireAuthTime,
SectorIdentifierUri = SectorIdentifierUri,
SubjectType = SubjectType,
UserInfoEncryptedResponseAlg = UserInfoEncryptedResponseAlg,
UserInfoEncryptedResponseEnc = UserInfoEncryptedResponseEnc,
UserInfoSignedResponseAlg = UserInfoSignedResponseAlg
});
}
private ICollection <string> BuildScopes()
{
var ret = new HashSet <string>();
foreach (var scope in AllowedScopes.Split('|'))
{
ret.Add(scope);
}
foreach (var api in ApiResource())
{
ret.Add(api.Name);
}
ret.Add(IdentityServerConstants.StandardScopes.OfflineAccess);
return(ret);
}
public virtual object Clone()
{
return(new OAuthClient
{
ClientId = ClientId,
ClientNames = ClientNames == null ? new List <OAuthTranslation>() : ClientNames.Select(c => (OAuthTranslation)c.Clone()).ToList(),
ClientUris = ClientUris == null ? new List <OAuthTranslation>() : ClientUris.Select(c => (OAuthTranslation)c.Clone()).ToList(),
LogoUris = LogoUris == null ? new List <OAuthTranslation>() : LogoUris.Select(c => (OAuthTranslation)c.Clone()).ToList(),
PolicyUris = PolicyUris == null ? new List <OAuthTranslation>() : PolicyUris.Select(c => (OAuthTranslation)c.Clone()).ToList(),
TosUris = TosUris == null ? new List <OAuthTranslation>() : TosUris.Select(c => (OAuthTranslation)c.Clone()).ToList(),
CreateDateTime = CreateDateTime,
JwksUri = JwksUri,
RefreshTokenExpirationTimeInSeconds = RefreshTokenExpirationTimeInSeconds,
UpdateDateTime = UpdateDateTime,
TokenEndPointAuthMethod = TokenEndPointAuthMethod,
TokenExpirationTimeInSeconds = TokenExpirationTimeInSeconds,
Secrets = Secrets == null ? new List <ClientSecret>() : Secrets.Select(s => (ClientSecret)s.Clone()).ToList(),
AllowedScopes = AllowedScopes == null ? new List <OAuthScope>() : AllowedScopes.Select(s => (OAuthScope)s.Clone()).ToList(),
JsonWebKeys = JsonWebKeys == null ? new List <JsonWebKey>() : JsonWebKeys.Select(j => (JsonWebKey)j.Clone()).ToList(),
GrantTypes = GrantTypes.ToList(),
RedirectionUrls = RedirectionUrls.ToList(),
PreferredTokenProfile = PreferredTokenProfile,
TokenEncryptedResponseAlg = TokenEncryptedResponseAlg,
TokenEncryptedResponseEnc = TokenEncryptedResponseEnc,
TokenSignedResponseAlg = TokenSignedResponseAlg,
ResponseTypes = ResponseTypes.ToList(),
Contacts = Contacts.ToList(),
SoftwareId = SoftwareId,
SoftwareVersion = SoftwareVersion,
RegistrationAccessToken = RegistrationAccessToken,
PostLogoutRedirectUris = PostLogoutRedirectUris.ToList(),
TlsClientAuthSanDNS = TlsClientAuthSanDNS,
TlsClientAuthSanEmail = TlsClientAuthSanEmail,
TlsClientAuthSanIP = TlsClientAuthSanIP,
TlsClientAuthSanURI = TlsClientAuthSanURI,
TlsClientAuthSubjectDN = TlsClientAuthSubjectDN
});
}
public IdentityServer4.Models.Client GenerateClient()
{
if (AllowOfflineAccess)
{
AllowedScopes.Add(IdentityServerConstants.StandardScopes.OfflineAccess);
}
return(new IdentityServer4.Models.Client
{
ClientId = _clientId,
ClientName = ClientName,
AllowedGrantTypes = GrantTypes.ResourceOwnerPassword,
Description = _secret,
ClientSecrets =
{
new Secret(_secret.Sha256())
},
AllowedScopes = AllowedScopes,
AllowOfflineAccess = AllowOfflineAccess,
AccessTokenLifetime = AccessTokenLifetime,
AbsoluteRefreshTokenLifetime = AbsoluteRefreshTokenLifetime,
});
}
public async Task <List <ClientViewModel> > GetByUserIdAsync(string userId)
{
List <ClientViewModel> result = null;
var userXClients = await _userXClientRepository.ToListAsync(x => x.UserId == userId);
if (userXClients?.Count > 0)
{
var clientIds = userXClients.Select(x => x.ClientId).ToList();
var clients = _configurationDbContext.Clients.Where(x => clientIds.Contains(x.ClientId)).ToList();
if (clients?.Count > 0)
{
result = new List <ClientViewModel>();
foreach (var item in clients)
{
var client = await _clientStore.FindClientByIdAsync(item.ClientId);
result.Add(new ClientViewModel
{
ClientId = client.ClientId,
ClientName = client.ClientName,
ClientSecret = client.ClientSecrets.FirstOrDefault().Description,
PostLogoutRedirectUrl = client.PostLogoutRedirectUris.FirstOrDefault(),
RedirectUrl = client.RedirectUris.FirstOrDefault(),
RequireConsent = client.RequireConsent,
AllowedScope = client.AllowedScopes.Where(x => !AllowedScopes.Contains(x)).SingleOrDefault()
});
}
}
}
return(result);
}
/// <summary>
/// Returns true if Oauth2ClientSubmit instances are equal
/// </summary>
/// <param name="other">Instance of Oauth2ClientSubmit to be compared</param>
/// <returns>Boolean</returns>
public bool Equals(Oauth2ClientSubmit other)
{
if (other is null)
{
return(false);
}
if (ReferenceEquals(this, other))
{
return(true);
}
return
((
ClientId == other.ClientId ||
ClientId != null &&
ClientId.Equals(other.ClientId)
) &&
(
Name == other.Name ||
Name != null &&
Name.Equals(other.Name)
) &&
(
AllowedGrantTypes == other.AllowedGrantTypes ||
AllowedGrantTypes != null &&
other.AllowedGrantTypes != null &&
AllowedGrantTypes.SequenceEqual(other.AllowedGrantTypes)
) &&
(
RedirectUris == other.RedirectUris ||
RedirectUris != null &&
other.RedirectUris != null &&
RedirectUris.SequenceEqual(other.RedirectUris)
) &&
(
AllowedCorsOrigins == other.AllowedCorsOrigins ||
AllowedCorsOrigins != null &&
other.AllowedCorsOrigins != null &&
AllowedCorsOrigins.SequenceEqual(other.AllowedCorsOrigins)
) &&
(
PostLogoutRedirectUris == other.PostLogoutRedirectUris ||
PostLogoutRedirectUris != null &&
other.PostLogoutRedirectUris != null &&
PostLogoutRedirectUris.SequenceEqual(other.PostLogoutRedirectUris)
) &&
(
AllowedScopes == other.AllowedScopes ||
AllowedScopes != null &&
other.AllowedScopes != null &&
AllowedScopes.SequenceEqual(other.AllowedScopes)
) &&
(
ClientSecrets == other.ClientSecrets ||
ClientSecrets != null &&
other.ClientSecrets != null &&
ClientSecrets.SequenceEqual(other.ClientSecrets)
) &&
(
HashedClientSecrets == other.HashedClientSecrets ||
HashedClientSecrets != null &&
other.HashedClientSecrets != null &&
HashedClientSecrets.SequenceEqual(other.HashedClientSecrets)
) &&
(
AllowedOfflineAccess == other.AllowedOfflineAccess ||
AllowedOfflineAccess.Equals(other.AllowedOfflineAccess)
) &&
(
AccessTokenLifetime == other.AccessTokenLifetime ||
AccessTokenLifetime.Equals(other.AccessTokenLifetime)
) &&
(
IdentityTokenLifetime == other.IdentityTokenLifetime ||
IdentityTokenLifetime.Equals(other.IdentityTokenLifetime)
) &&
(
RequireConsent == other.RequireConsent ||
RequireConsent.Equals(other.RequireConsent)
));
}
public virtual ClientScope FindScope(string scope)
{
return(AllowedScopes.FirstOrDefault(r => r.Scope == scope));
}
public async Task <(bool Succeeded, string ErrorMsg)> UpdateAsync(string userId, string clientId, string clientName, string redirectUrl, string postLogoutRedirectUrl, bool requireConsent, string allowedScope)
{
bool succeeded = false;
string errorMsg = string.Empty;
var userXClient = await _userXClientRepository.SingleOrDefaultAsync(x => x.UserId == userId && x.ClientId == clientId);
if (userXClient != null)
{
var client = _configurationDbContext.Clients.SingleOrDefault(x => x.ClientId == clientId);
if (client != null)
{
//update redirectUri
var redirectUri = await _clientRedirectUriRepository.SingleOrDefaultAsync(x => x.ClientId == client.Id);
if (redirectUri != null)
{
redirectUri.RedirectUri = redirectUrl;
await _clientRedirectUriRepository.UpdateAsync(redirectUri);
}
//update allowedScope
var scope = await _clientScopeRepository.SingleOrDefaultAsync(x => !AllowedScopes.Contains(x.Scope) && x.ClientId == client.Id);
if (scope == null)
{
scope = new ClientScope
{
ClientId = client.Id,
Scope = allowedScope
};
await _clientScopeRepository.InsertAsync(scope);
}
else
{
scope.Scope = allowedScope;
await _clientScopeRepository.UpdateAsync(scope);
}
//update client
client.ClientName = clientName;
client.RequireConsent = requireConsent;
_configurationDbContext.Clients.Update(client);
await _configurationDbContext.SaveChangesAsync();
succeeded = true;
}
}
else
{
errorMsg = "你没有权限更新";
}
return(succeeded, errorMsg);
}
public void RemoveScope(string scope)
{
AllowedScopes.RemoveAll(r => r.Scope == scope);
}
public void AddScope(string scope)
{
AllowedScopes.AddIfNotContains(new RouteAllowedScope(Id, scope));
}
public void AddEmptyScope() => AllowedScopes.Add(new SimpleValue <string>(String.Empty));
public void UpdateEntity(IdentityServer4.EntityFramework.Entities.Client entity)
{
entity.Enabled = Enabled;
entity.ClientId = ClientId;
entity.ProtocolType = ProtocolType;
entity.RequireClientSecret = RequireClientSecret;
entity.ClientName = ClientName;
entity.Description = Description;
entity.ClientUri = ClientUri;
entity.LogoUri = LogoUri;
entity.RequireConsent = RequireConsent;
entity.AllowRememberConsent = AllowRememberConsent;
entity.AlwaysIncludeUserClaimsInIdToken = AlwaysIncludeUserClaimsInIdToken;
entity.AllowedGrantTypes = AllowedGrantTypes.Select(x => new ClientGrantType
{
GrantType = x,
}).ToList();
entity.RequirePkce = RequirePkce;
entity.AllowPlainTextPkce = AllowPlainTextPkce;
entity.AllowAccessTokensViaBrowser = AllowAccessTokensViaBrowser;
entity.RedirectUris = RedirectUris.Select(x => new ClientRedirectUri
{
RedirectUri = x,
}).ToList();
entity.PostLogoutRedirectUris = PostLogoutRedirectUris.Select(x => new ClientPostLogoutRedirectUri
{
PostLogoutRedirectUri = x,
}).ToList();
entity.FrontChannelLogoutUri = FrontChannelLogoutUri;
entity.FrontChannelLogoutSessionRequired = FrontChannelLogoutSessionRequired;
entity.BackChannelLogoutUri = BackChannelLogoutUri;
entity.BackChannelLogoutSessionRequired = BackChannelLogoutSessionRequired;
entity.AllowOfflineAccess = AllowOfflineAccess;
entity.AllowedScopes = AllowedScopes.Select(x => new ClientScope
{
Scope = x,
}).ToList();
entity.IdentityTokenLifetime = IdentityTokenLifetime;
entity.AccessTokenLifetime = AccessTokenLifetime;
entity.AuthorizationCodeLifetime = AuthorizationCodeLifetime;
entity.ConsentLifetime = ConsentLifetime;
entity.AbsoluteRefreshTokenLifetime = AbsoluteRefreshTokenLifetime;
entity.SlidingRefreshTokenLifetime = SlidingRefreshTokenLifetime;
entity.RefreshTokenUsage = (int)RefreshTokenUsage;
entity.UpdateAccessTokenClaimsOnRefresh = UpdateAccessTokenClaimsOnRefresh;
entity.RefreshTokenExpiration = (int)RefreshTokenExpiration;
entity.AccessTokenType = (int)AccessTokenType;
entity.EnableLocalLogin = EnableLocalLogin;
entity.IdentityProviderRestrictions = IdentityProviderRestrictions.Select(x => new ClientIdPRestriction
{
Provider = x,
}).ToList();
entity.IncludeJwtId = IncludeJwtId;
entity.AlwaysSendClientClaims = AlwaysSendClientClaims;
entity.ClientClaimsPrefix = ClientClaimsPrefix;
entity.PairWiseSubjectSalt = PairWiseSubjectSalt;
entity.AllowedCorsOrigins = AllowedCorsOrigins.Select(x => new ClientCorsOrigin
{
Origin = x,
}).ToList();
entity.UserSsoLifetime = UserSsoLifetime;
entity.UserCodeType = UserCodeType;
entity.DeviceCodeLifetime = DeviceCodeLifetime;
}
public void AddScope([NotNull] string scope)
{
AllowedScopes.Add(new ClientScopeDto(Id, scope));
}
public void RemoveAllScopes()
{
AllowedScopes.Clear();
}
public void RemoveScope(string scope)
{
AllowedScopes.RemoveAll(x => x.Scope.Equals(scope, StringComparison.CurrentCultureIgnoreCase));
}
public ClientScopeDto FindScope(string scope)
{
return AllowedScopes.FirstOrDefault(r => r.Scope == scope);
}
internal IdentityServer4.EntityFramework.Entities.Client ToClient()
{
var redirectUris = RedirectUris?.Split(new[] { "\r\n" }, StringSplitOptions.RemoveEmptyEntries)
.Where(cors => !string.IsNullOrWhiteSpace(cors) && cors.IsUrl()).ToList();
var allowedCorsOrigins = AllowedCorsOrigins?.Split(new[] { "\r\n" }, StringSplitOptions.RemoveEmptyEntries)
.Where(cors => !string.IsNullOrWhiteSpace(cors) && cors.IsUrl()).ToList();
var client = new Models.Client
{
AbsoluteRefreshTokenLifetime = AbsoluteRefreshTokenLifetime,
AccessTokenLifetime = AccessTokenLifetime,
AccessTokenType = AccessTokenType,
AllowAccessTokensViaBrowser = AllowAccessTokensViaBrowser,
AllowedCorsOrigins = allowedCorsOrigins,
AllowedGrantTypes = GetAllowedGrantTypes(),
AllowedScopes = AllowedScopes?.Split(new[] { " " }, StringSplitOptions.RemoveEmptyEntries)
.Where(cors => !string.IsNullOrWhiteSpace(cors)).ToList(),
AllowOfflineAccess = AllowOfflineAccess,
AllowPlainTextPkce = AllowPlainTextPkce,
AllowRememberConsent = AllowRememberConsent,
AlwaysIncludeUserClaimsInIdToken = AlwaysIncludeUserClaimsInIdToken,
AlwaysSendClientClaims = AlwaysSendClientClaims,
AuthorizationCodeLifetime = AuthorizationCodeLifetime,
BackChannelLogoutSessionRequired = BackChannelLogoutSessionRequired,
BackChannelLogoutUri = BackChannelLogoutUri,
ClientClaimsPrefix = ClientClaimsPrefix,
ClientId = ClientId,
ClientName = ClientName,
ClientUri = ClientUri,
ConsentLifetime = ConsentLifetime,
Description = Description,
DeviceCodeLifetime = DeviceCodeLifetime,
Enabled = Enabled,
EnableLocalLogin = EnableLocalLogin,
FrontChannelLogoutSessionRequired = FrontChannelLogoutSessionRequired,
FrontChannelLogoutUri = FrontChannelLogoutUri,
IdentityProviderRestrictions =
IdentityProviderRestrictions?.Split("\r\n", StringSplitOptions.RemoveEmptyEntries),
IdentityTokenLifetime = IdentityTokenLifetime,
IncludeJwtId = IncludeJwtId,
LogoUri = LogoUri,
PairWiseSubjectSalt = PairWiseSubjectSalt,
PostLogoutRedirectUris = PostLogoutRedirectUris?
.Split(new[] { "\r\n" }, StringSplitOptions.RemoveEmptyEntries)
.Where(cors => !string.IsNullOrWhiteSpace(cors) && cors.IsUrl()).ToList(),
// Properties
ProtocolType = ProtocolType,
RedirectUris = redirectUris,
RefreshTokenExpiration = RefreshTokenExpiration,
RefreshTokenUsage = RefreshTokenUsage,
RequireClientSecret = RequireClientSecret,
RequireConsent = RequireConsent,
RequirePkce = RequirePkce,
SlidingRefreshTokenLifetime = SlidingRefreshTokenLifetime,
UpdateAccessTokenClaimsOnRefresh = UpdateAccessTokenClaimsOnRefresh,
UserCodeType = UserCodeType,
UserSsoLifetime = UserSsoLifetime,
};
var secrets = ClientSecrets?.Split("\r\n", StringSplitOptions.RemoveEmptyEntries)
.Select(x => new Secret(x.Sha256())).ToList();
if (secrets != null && secrets.Count == 0)
{
client.ClientSecrets = secrets;
}
return(client.ToEntity());
}
