public void Filter(List <string> existingClientIds) { Clients = Clients.Where(x => !existingClientIds.Contains(x.ClientId)).ToList(); ClientSecrets = ClientSecrets.Where(x => !existingClientIds.Contains(x.Client.ClientId)).ToList(); AllowedGrantTypes = AllowedGrantTypes.Where(x => !existingClientIds.Contains(x.Client.ClientId)).ToList(); RedirectUris = RedirectUris.Where(x => !existingClientIds.Contains(x.Client.ClientId)).ToList(); PostLogoutRedirectUris = PostLogoutRedirectUris.Where(x => !existingClientIds.Contains(x.Client.ClientId)).ToList(); AllowedScopes = AllowedScopes.Where(x => !existingClientIds.Contains(x.Client.ClientId)).ToList(); Claims = Claims.Where(x => !existingClientIds.Contains(x.Client.ClientId)).ToList(); AllowedCorsOrigins = AllowedCorsOrigins.Where(x => !existingClientIds.Contains(x.Client.ClientId)).ToList(); IdentityProviderRestrictions = IdentityProviderRestrictions.Where(x => !existingClientIds.Contains(x.Client.ClientId)).ToList(); Properties = Properties.Where(x => !existingClientIds.Contains(x.Client.ClientId)).ToList(); }
public override bool Equals(object obj) { var other = obj as ClientModel; if (other == null) { return(false); } var result = AbsoluteRefreshTokenLifetime.SafeEquals(other.AbsoluteRefreshTokenLifetime) && AccessTokenLifetime.SafeEquals(other.AccessTokenLifetime) && AccessTokenType.SafeEquals(other.AccessTokenType) && AllowAccessTokensViaBrowser.SafeEquals(other.AllowAccessTokensViaBrowser) && AllowedCorsOrigins.SafeListEquals(other.AllowedCorsOrigins) && AllowedGrantTypes.SafeListEquals(other.AllowedGrantTypes) && AllowedScopes.SafeListEquals(other.AllowedScopes) && AllowOfflineAccess.SafeEquals(other.AllowOfflineAccess) && AllowPlainTextPkce.SafeEquals(other.AllowPlainTextPkce) && AllowRememberConsent.SafeEquals(other.AllowRememberConsent) && AlwaysSendClientClaims.SafeEquals(other.AlwaysSendClientClaims) && AuthorizationCodeLifetime.SafeEquals(other.AuthorizationCodeLifetime) && Claims.SafeListEquals(other.Claims) && ClientId.SafeEquals(other.ClientId) && ClientName.SafeEquals(other.ClientName) && ClientSecrets.SafeListEquals(other.ClientSecrets) && ClientUri.SafeEquals(other.ClientUri) && Enabled.SafeEquals(other.Enabled) && EnableLocalLogin.SafeEquals(other.EnableLocalLogin) && IdentityProviderRestrictions.SafeListEquals(other.IdentityProviderRestrictions) && IdentityTokenLifetime.SafeEquals(other.IdentityTokenLifetime) && IncludeJwtId.SafeEquals(other.IncludeJwtId) && LogoUri.SafeEquals(other.LogoUri) && LogoutSessionRequired.SafeEquals(other.LogoutSessionRequired) && LogoutUri.SafeEquals(other.LogoutUri) && PostLogoutRedirectUris.SafeListEquals(other.PostLogoutRedirectUris) && PrefixClientClaims.SafeEquals(other.PrefixClientClaims) && ProtocolType.SafeEquals(other.ProtocolType) && RedirectUris.SafeListEquals(other.RedirectUris) && RefreshTokenExpiration.SafeEquals(other.RefreshTokenExpiration) && RefreshTokenUsage.SafeEquals(other.RefreshTokenUsage) && RequireClientSecret.SafeEquals(other.RequireClientSecret) && RequireConsent.SafeEquals(other.RequireConsent) && RequirePkce.SafeEquals(other.RequirePkce) && SlidingRefreshTokenLifetime.SafeEquals(other.SlidingRefreshTokenLifetime) && UpdateAccessTokenClaimsOnRefresh.SafeEquals(other.UpdateAccessTokenClaimsOnRefresh); return(result); }
/// <summary> /// Gets the hash code /// </summary> /// <returns>Hash code</returns> public override int GetHashCode() { unchecked // Overflow is fine, just wrap { var hashCode = 41; // Suitable nullity checks etc, of course :) if (ClientId != null) { hashCode = hashCode * 59 + ClientId.GetHashCode(); } if (Name != null) { hashCode = hashCode * 59 + Name.GetHashCode(); } if (AllowedGrantTypes != null) { hashCode = hashCode * 59 + AllowedGrantTypes.GetHashCode(); } if (RedirectUris != null) { hashCode = hashCode * 59 + RedirectUris.GetHashCode(); } if (AllowedCorsOrigins != null) { hashCode = hashCode * 59 + AllowedCorsOrigins.GetHashCode(); } if (PostLogoutRedirectUris != null) { hashCode = hashCode * 59 + PostLogoutRedirectUris.GetHashCode(); } if (AllowedScopes != null) { hashCode = hashCode * 59 + AllowedScopes.GetHashCode(); } if (ClientSecrets != null) { hashCode = hashCode * 59 + ClientSecrets.GetHashCode(); } if (HashedClientSecrets != null) { hashCode = hashCode * 59 + HashedClientSecrets.GetHashCode(); } hashCode = hashCode * 59 + AllowedOfflineAccess.GetHashCode(); return(hashCode); } }
public override object Clone() { return(new OpenIdClient { ClientId = ClientId, ClientNames = ClientNames == null ? new List <OAuthTranslation>() : ClientNames.Select(c => (OAuthTranslation)c.Clone()).ToList(), ClientUris = ClientUris == null ? new List <OAuthTranslation>() : ClientUris.Select(c => (OAuthTranslation)c.Clone()).ToList(), LogoUris = LogoUris == null ? new List <OAuthTranslation>() : LogoUris.Select(c => (OAuthTranslation)c.Clone()).ToList(), PolicyUris = PolicyUris == null ? new List <OAuthTranslation>() : PolicyUris.Select(c => (OAuthTranslation)c.Clone()).ToList(), TosUris = TosUris == null ? new List <OAuthTranslation>() : TosUris.Select(c => (OAuthTranslation)c.Clone()).ToList(), CreateDateTime = CreateDateTime, JwksUri = JwksUri, RefreshTokenExpirationTimeInSeconds = RefreshTokenExpirationTimeInSeconds, UpdateDateTime = UpdateDateTime, TokenEndPointAuthMethod = TokenEndPointAuthMethod, TokenExpirationTimeInSeconds = TokenExpirationTimeInSeconds, Secrets = Secrets == null ? new List <ClientSecret>() : Secrets.Select(s => (ClientSecret)s.Clone()).ToList(), AllowedScopes = AllowedScopes == null ? new List <OpenIdScope>() : AllowedScopes.Select(s => (OpenIdScope)s.Clone()).ToList(), JsonWebKeys = JsonWebKeys == null ? new List <JsonWebKey>() : JsonWebKeys.Select(j => (JsonWebKey)j.Clone()).ToList(), GrantTypes = GrantTypes.ToList(), RedirectionUrls = RedirectionUrls.ToList(), PreferredTokenProfile = PreferredTokenProfile, TokenEncryptedResponseAlg = TokenEncryptedResponseAlg, TokenEncryptedResponseEnc = TokenEncryptedResponseEnc, TokenSignedResponseAlg = TokenSignedResponseAlg, ResponseTypes = ResponseTypes.ToList(), Contacts = Contacts.ToList(), SoftwareId = SoftwareId, SoftwareVersion = SoftwareVersion, ApplicationType = ApplicationType, DefaultAcrValues = DefaultAcrValues.ToList(), DefaultMaxAge = DefaultMaxAge, IdTokenEncryptedResponseAlg = IdTokenEncryptedResponseAlg, IdTokenEncryptedResponseEnc = IdTokenEncryptedResponseEnc, IdTokenSignedResponseAlg = IdTokenSignedResponseAlg, PairWiseIdentifierSalt = PairWiseIdentifierSalt, RequestObjectEncryptionAlg = RequestObjectEncryptionAlg, RequestObjectEncryptionEnc = RequestObjectEncryptionEnc, RequestObjectSigningAlg = RequestObjectSigningAlg, RequireAuthTime = RequireAuthTime, SectorIdentifierUri = SectorIdentifierUri, SubjectType = SubjectType, UserInfoEncryptedResponseAlg = UserInfoEncryptedResponseAlg, UserInfoEncryptedResponseEnc = UserInfoEncryptedResponseEnc, UserInfoSignedResponseAlg = UserInfoSignedResponseAlg }); }
private ICollection <string> BuildScopes() { var ret = new HashSet <string>(); foreach (var scope in AllowedScopes.Split('|')) { ret.Add(scope); } foreach (var api in ApiResource()) { ret.Add(api.Name); } ret.Add(IdentityServerConstants.StandardScopes.OfflineAccess); return(ret); }
public virtual object Clone() { return(new OAuthClient { ClientId = ClientId, ClientNames = ClientNames == null ? new List <OAuthTranslation>() : ClientNames.Select(c => (OAuthTranslation)c.Clone()).ToList(), ClientUris = ClientUris == null ? new List <OAuthTranslation>() : ClientUris.Select(c => (OAuthTranslation)c.Clone()).ToList(), LogoUris = LogoUris == null ? new List <OAuthTranslation>() : LogoUris.Select(c => (OAuthTranslation)c.Clone()).ToList(), PolicyUris = PolicyUris == null ? new List <OAuthTranslation>() : PolicyUris.Select(c => (OAuthTranslation)c.Clone()).ToList(), TosUris = TosUris == null ? new List <OAuthTranslation>() : TosUris.Select(c => (OAuthTranslation)c.Clone()).ToList(), CreateDateTime = CreateDateTime, JwksUri = JwksUri, RefreshTokenExpirationTimeInSeconds = RefreshTokenExpirationTimeInSeconds, UpdateDateTime = UpdateDateTime, TokenEndPointAuthMethod = TokenEndPointAuthMethod, TokenExpirationTimeInSeconds = TokenExpirationTimeInSeconds, Secrets = Secrets == null ? new List <ClientSecret>() : Secrets.Select(s => (ClientSecret)s.Clone()).ToList(), AllowedScopes = AllowedScopes == null ? new List <OAuthScope>() : AllowedScopes.Select(s => (OAuthScope)s.Clone()).ToList(), JsonWebKeys = JsonWebKeys == null ? new List <JsonWebKey>() : JsonWebKeys.Select(j => (JsonWebKey)j.Clone()).ToList(), GrantTypes = GrantTypes.ToList(), RedirectionUrls = RedirectionUrls.ToList(), PreferredTokenProfile = PreferredTokenProfile, TokenEncryptedResponseAlg = TokenEncryptedResponseAlg, TokenEncryptedResponseEnc = TokenEncryptedResponseEnc, TokenSignedResponseAlg = TokenSignedResponseAlg, ResponseTypes = ResponseTypes.ToList(), Contacts = Contacts.ToList(), SoftwareId = SoftwareId, SoftwareVersion = SoftwareVersion, RegistrationAccessToken = RegistrationAccessToken, PostLogoutRedirectUris = PostLogoutRedirectUris.ToList(), TlsClientAuthSanDNS = TlsClientAuthSanDNS, TlsClientAuthSanEmail = TlsClientAuthSanEmail, TlsClientAuthSanIP = TlsClientAuthSanIP, TlsClientAuthSanURI = TlsClientAuthSanURI, TlsClientAuthSubjectDN = TlsClientAuthSubjectDN }); }
public IdentityServer4.Models.Client GenerateClient() { if (AllowOfflineAccess) { AllowedScopes.Add(IdentityServerConstants.StandardScopes.OfflineAccess); } return(new IdentityServer4.Models.Client { ClientId = _clientId, ClientName = ClientName, AllowedGrantTypes = GrantTypes.ResourceOwnerPassword, Description = _secret, ClientSecrets = { new Secret(_secret.Sha256()) }, AllowedScopes = AllowedScopes, AllowOfflineAccess = AllowOfflineAccess, AccessTokenLifetime = AccessTokenLifetime, AbsoluteRefreshTokenLifetime = AbsoluteRefreshTokenLifetime, }); }
public async Task <List <ClientViewModel> > GetByUserIdAsync(string userId) { List <ClientViewModel> result = null; var userXClients = await _userXClientRepository.ToListAsync(x => x.UserId == userId); if (userXClients?.Count > 0) { var clientIds = userXClients.Select(x => x.ClientId).ToList(); var clients = _configurationDbContext.Clients.Where(x => clientIds.Contains(x.ClientId)).ToList(); if (clients?.Count > 0) { result = new List <ClientViewModel>(); foreach (var item in clients) { var client = await _clientStore.FindClientByIdAsync(item.ClientId); result.Add(new ClientViewModel { ClientId = client.ClientId, ClientName = client.ClientName, ClientSecret = client.ClientSecrets.FirstOrDefault().Description, PostLogoutRedirectUrl = client.PostLogoutRedirectUris.FirstOrDefault(), RedirectUrl = client.RedirectUris.FirstOrDefault(), RequireConsent = client.RequireConsent, AllowedScope = client.AllowedScopes.Where(x => !AllowedScopes.Contains(x)).SingleOrDefault() }); } } } return(result); }
/// <summary> /// Returns true if Oauth2ClientSubmit instances are equal /// </summary> /// <param name="other">Instance of Oauth2ClientSubmit to be compared</param> /// <returns>Boolean</returns> public bool Equals(Oauth2ClientSubmit other) { if (other is null) { return(false); } if (ReferenceEquals(this, other)) { return(true); } return (( ClientId == other.ClientId || ClientId != null && ClientId.Equals(other.ClientId) ) && ( Name == other.Name || Name != null && Name.Equals(other.Name) ) && ( AllowedGrantTypes == other.AllowedGrantTypes || AllowedGrantTypes != null && other.AllowedGrantTypes != null && AllowedGrantTypes.SequenceEqual(other.AllowedGrantTypes) ) && ( RedirectUris == other.RedirectUris || RedirectUris != null && other.RedirectUris != null && RedirectUris.SequenceEqual(other.RedirectUris) ) && ( AllowedCorsOrigins == other.AllowedCorsOrigins || AllowedCorsOrigins != null && other.AllowedCorsOrigins != null && AllowedCorsOrigins.SequenceEqual(other.AllowedCorsOrigins) ) && ( PostLogoutRedirectUris == other.PostLogoutRedirectUris || PostLogoutRedirectUris != null && other.PostLogoutRedirectUris != null && PostLogoutRedirectUris.SequenceEqual(other.PostLogoutRedirectUris) ) && ( AllowedScopes == other.AllowedScopes || AllowedScopes != null && other.AllowedScopes != null && AllowedScopes.SequenceEqual(other.AllowedScopes) ) && ( ClientSecrets == other.ClientSecrets || ClientSecrets != null && other.ClientSecrets != null && ClientSecrets.SequenceEqual(other.ClientSecrets) ) && ( HashedClientSecrets == other.HashedClientSecrets || HashedClientSecrets != null && other.HashedClientSecrets != null && HashedClientSecrets.SequenceEqual(other.HashedClientSecrets) ) && ( AllowedOfflineAccess == other.AllowedOfflineAccess || AllowedOfflineAccess.Equals(other.AllowedOfflineAccess) ) && ( AccessTokenLifetime == other.AccessTokenLifetime || AccessTokenLifetime.Equals(other.AccessTokenLifetime) ) && ( IdentityTokenLifetime == other.IdentityTokenLifetime || IdentityTokenLifetime.Equals(other.IdentityTokenLifetime) ) && ( RequireConsent == other.RequireConsent || RequireConsent.Equals(other.RequireConsent) )); }
public virtual ClientScope FindScope(string scope) { return(AllowedScopes.FirstOrDefault(r => r.Scope == scope)); }
public async Task <(bool Succeeded, string ErrorMsg)> UpdateAsync(string userId, string clientId, string clientName, string redirectUrl, string postLogoutRedirectUrl, bool requireConsent, string allowedScope) { bool succeeded = false; string errorMsg = string.Empty; var userXClient = await _userXClientRepository.SingleOrDefaultAsync(x => x.UserId == userId && x.ClientId == clientId); if (userXClient != null) { var client = _configurationDbContext.Clients.SingleOrDefault(x => x.ClientId == clientId); if (client != null) { //update redirectUri var redirectUri = await _clientRedirectUriRepository.SingleOrDefaultAsync(x => x.ClientId == client.Id); if (redirectUri != null) { redirectUri.RedirectUri = redirectUrl; await _clientRedirectUriRepository.UpdateAsync(redirectUri); } //update allowedScope var scope = await _clientScopeRepository.SingleOrDefaultAsync(x => !AllowedScopes.Contains(x.Scope) && x.ClientId == client.Id); if (scope == null) { scope = new ClientScope { ClientId = client.Id, Scope = allowedScope }; await _clientScopeRepository.InsertAsync(scope); } else { scope.Scope = allowedScope; await _clientScopeRepository.UpdateAsync(scope); } //update client client.ClientName = clientName; client.RequireConsent = requireConsent; _configurationDbContext.Clients.Update(client); await _configurationDbContext.SaveChangesAsync(); succeeded = true; } } else { errorMsg = "你没有权限更新"; } return(succeeded, errorMsg); }
public void RemoveScope(string scope) { AllowedScopes.RemoveAll(r => r.Scope == scope); }
public void AddScope(string scope) { AllowedScopes.AddIfNotContains(new RouteAllowedScope(Id, scope)); }
public void AddEmptyScope() => AllowedScopes.Add(new SimpleValue <string>(String.Empty));
public void UpdateEntity(IdentityServer4.EntityFramework.Entities.Client entity) { entity.Enabled = Enabled; entity.ClientId = ClientId; entity.ProtocolType = ProtocolType; entity.RequireClientSecret = RequireClientSecret; entity.ClientName = ClientName; entity.Description = Description; entity.ClientUri = ClientUri; entity.LogoUri = LogoUri; entity.RequireConsent = RequireConsent; entity.AllowRememberConsent = AllowRememberConsent; entity.AlwaysIncludeUserClaimsInIdToken = AlwaysIncludeUserClaimsInIdToken; entity.AllowedGrantTypes = AllowedGrantTypes.Select(x => new ClientGrantType { GrantType = x, }).ToList(); entity.RequirePkce = RequirePkce; entity.AllowPlainTextPkce = AllowPlainTextPkce; entity.AllowAccessTokensViaBrowser = AllowAccessTokensViaBrowser; entity.RedirectUris = RedirectUris.Select(x => new ClientRedirectUri { RedirectUri = x, }).ToList(); entity.PostLogoutRedirectUris = PostLogoutRedirectUris.Select(x => new ClientPostLogoutRedirectUri { PostLogoutRedirectUri = x, }).ToList(); entity.FrontChannelLogoutUri = FrontChannelLogoutUri; entity.FrontChannelLogoutSessionRequired = FrontChannelLogoutSessionRequired; entity.BackChannelLogoutUri = BackChannelLogoutUri; entity.BackChannelLogoutSessionRequired = BackChannelLogoutSessionRequired; entity.AllowOfflineAccess = AllowOfflineAccess; entity.AllowedScopes = AllowedScopes.Select(x => new ClientScope { Scope = x, }).ToList(); entity.IdentityTokenLifetime = IdentityTokenLifetime; entity.AccessTokenLifetime = AccessTokenLifetime; entity.AuthorizationCodeLifetime = AuthorizationCodeLifetime; entity.ConsentLifetime = ConsentLifetime; entity.AbsoluteRefreshTokenLifetime = AbsoluteRefreshTokenLifetime; entity.SlidingRefreshTokenLifetime = SlidingRefreshTokenLifetime; entity.RefreshTokenUsage = (int)RefreshTokenUsage; entity.UpdateAccessTokenClaimsOnRefresh = UpdateAccessTokenClaimsOnRefresh; entity.RefreshTokenExpiration = (int)RefreshTokenExpiration; entity.AccessTokenType = (int)AccessTokenType; entity.EnableLocalLogin = EnableLocalLogin; entity.IdentityProviderRestrictions = IdentityProviderRestrictions.Select(x => new ClientIdPRestriction { Provider = x, }).ToList(); entity.IncludeJwtId = IncludeJwtId; entity.AlwaysSendClientClaims = AlwaysSendClientClaims; entity.ClientClaimsPrefix = ClientClaimsPrefix; entity.PairWiseSubjectSalt = PairWiseSubjectSalt; entity.AllowedCorsOrigins = AllowedCorsOrigins.Select(x => new ClientCorsOrigin { Origin = x, }).ToList(); entity.UserSsoLifetime = UserSsoLifetime; entity.UserCodeType = UserCodeType; entity.DeviceCodeLifetime = DeviceCodeLifetime; }
public void AddScope([NotNull] string scope) { AllowedScopes.Add(new ClientScopeDto(Id, scope)); }
public void RemoveAllScopes() { AllowedScopes.Clear(); }
public void RemoveScope(string scope) { AllowedScopes.RemoveAll(x => x.Scope.Equals(scope, StringComparison.CurrentCultureIgnoreCase)); }
public ClientScopeDto FindScope(string scope) { return AllowedScopes.FirstOrDefault(r => r.Scope == scope); }
internal IdentityServer4.EntityFramework.Entities.Client ToClient() { var redirectUris = RedirectUris?.Split(new[] { "\r\n" }, StringSplitOptions.RemoveEmptyEntries) .Where(cors => !string.IsNullOrWhiteSpace(cors) && cors.IsUrl()).ToList(); var allowedCorsOrigins = AllowedCorsOrigins?.Split(new[] { "\r\n" }, StringSplitOptions.RemoveEmptyEntries) .Where(cors => !string.IsNullOrWhiteSpace(cors) && cors.IsUrl()).ToList(); var client = new Models.Client { AbsoluteRefreshTokenLifetime = AbsoluteRefreshTokenLifetime, AccessTokenLifetime = AccessTokenLifetime, AccessTokenType = AccessTokenType, AllowAccessTokensViaBrowser = AllowAccessTokensViaBrowser, AllowedCorsOrigins = allowedCorsOrigins, AllowedGrantTypes = GetAllowedGrantTypes(), AllowedScopes = AllowedScopes?.Split(new[] { " " }, StringSplitOptions.RemoveEmptyEntries) .Where(cors => !string.IsNullOrWhiteSpace(cors)).ToList(), AllowOfflineAccess = AllowOfflineAccess, AllowPlainTextPkce = AllowPlainTextPkce, AllowRememberConsent = AllowRememberConsent, AlwaysIncludeUserClaimsInIdToken = AlwaysIncludeUserClaimsInIdToken, AlwaysSendClientClaims = AlwaysSendClientClaims, AuthorizationCodeLifetime = AuthorizationCodeLifetime, BackChannelLogoutSessionRequired = BackChannelLogoutSessionRequired, BackChannelLogoutUri = BackChannelLogoutUri, ClientClaimsPrefix = ClientClaimsPrefix, ClientId = ClientId, ClientName = ClientName, ClientUri = ClientUri, ConsentLifetime = ConsentLifetime, Description = Description, DeviceCodeLifetime = DeviceCodeLifetime, Enabled = Enabled, EnableLocalLogin = EnableLocalLogin, FrontChannelLogoutSessionRequired = FrontChannelLogoutSessionRequired, FrontChannelLogoutUri = FrontChannelLogoutUri, IdentityProviderRestrictions = IdentityProviderRestrictions?.Split("\r\n", StringSplitOptions.RemoveEmptyEntries), IdentityTokenLifetime = IdentityTokenLifetime, IncludeJwtId = IncludeJwtId, LogoUri = LogoUri, PairWiseSubjectSalt = PairWiseSubjectSalt, PostLogoutRedirectUris = PostLogoutRedirectUris? .Split(new[] { "\r\n" }, StringSplitOptions.RemoveEmptyEntries) .Where(cors => !string.IsNullOrWhiteSpace(cors) && cors.IsUrl()).ToList(), // Properties ProtocolType = ProtocolType, RedirectUris = redirectUris, RefreshTokenExpiration = RefreshTokenExpiration, RefreshTokenUsage = RefreshTokenUsage, RequireClientSecret = RequireClientSecret, RequireConsent = RequireConsent, RequirePkce = RequirePkce, SlidingRefreshTokenLifetime = SlidingRefreshTokenLifetime, UpdateAccessTokenClaimsOnRefresh = UpdateAccessTokenClaimsOnRefresh, UserCodeType = UserCodeType, UserSsoLifetime = UserSsoLifetime, }; var secrets = ClientSecrets?.Split("\r\n", StringSplitOptions.RemoveEmptyEntries) .Select(x => new Secret(x.Sha256())).ToList(); if (secrets != null && secrets.Count == 0) { client.ClientSecrets = secrets; } return(client.ToEntity()); }