public GoogleExternalAuthenticationConfiguration()
{
DefaultScopes = new List <string>(new [] { "openid", "email", "profile" });
AllowedScopes = DefaultScopes.ToList();
// TODO Production / Hide values
var clientIdAsByteArray = Convert.FromBase64String("NTA1MjAyNjgxNDkwLWhmMWE2ZDBoczF0dDgwcjExNW10YzhydHJvYmVrYWdpLmFwcHMuZ29vZ2xldXNlcmNvbnRlbnQuY29t");
var clientId = Encoding.UTF8.GetString(clientIdAsByteArray);
var clientPasswordAsByteArray = Convert.FromBase64String("S0JUZjU4X09VLTU1MzdoZ1V1Q3Vtbl9h");
var clientPassword = Encoding.UTF8.GetString(clientPasswordAsByteArray);
ClientId = clientId;
ClientSecret = clientPassword;
var scopesAsString = string.Join(" ", DefaultScopes);
if (string.IsNullOrEmpty(scopesAsString))
{
return;
}
var scopesToAdd = scopesAsString.Split(" ").Where(s => !string.IsNullOrEmpty(s)).ToList();
foreach (var scope in scopesToAdd.Distinct().Where(scope => !AllowedScopes.Contains(scope)))
{
AllowedScopes.Add(scope);
}
}
public async Task <List <ClientViewModel> > GetByUserIdAsync(string userId)
{
List <ClientViewModel> result = null;
var userXClients = await _userXClientRepository.ToListAsync(x => x.UserId == userId);
if (userXClients?.Count > 0)
{
var clientIds = userXClients.Select(x => x.ClientId).ToList();
var clients = _configurationDbContext.Clients.Where(x => clientIds.Contains(x.ClientId)).ToList();
if (clients?.Count > 0)
{
result = new List <ClientViewModel>();
foreach (var item in clients)
{
var client = await _clientStore.FindClientByIdAsync(item.ClientId);
result.Add(new ClientViewModel
{
ClientId = client.ClientId,
ClientName = client.ClientName,
ClientSecret = client.ClientSecrets.FirstOrDefault().Description,
PostLogoutRedirectUrl = client.PostLogoutRedirectUris.FirstOrDefault(),
RedirectUrl = client.RedirectUris.FirstOrDefault(),
RequireConsent = client.RequireConsent,
AllowedScope = client.AllowedScopes.Where(x => !AllowedScopes.Contains(x)).SingleOrDefault()
});
}
}
}
return(result);
}
public async Task <(bool Succeeded, string ErrorMsg)> UpdateAsync(string userId, string clientId, string clientName, string redirectUrl, string postLogoutRedirectUrl, bool requireConsent, string allowedScope)
{
bool succeeded = false;
string errorMsg = string.Empty;
var userXClient = await _userXClientRepository.SingleOrDefaultAsync(x => x.UserId == userId && x.ClientId == clientId);
if (userXClient != null)
{
var client = _configurationDbContext.Clients.SingleOrDefault(x => x.ClientId == clientId);
if (client != null)
{
//update redirectUri
var redirectUri = await _clientRedirectUriRepository.SingleOrDefaultAsync(x => x.ClientId == client.Id);
if (redirectUri != null)
{
redirectUri.RedirectUri = redirectUrl;
await _clientRedirectUriRepository.UpdateAsync(redirectUri);
}
//update allowedScope
var scope = await _clientScopeRepository.SingleOrDefaultAsync(x => !AllowedScopes.Contains(x.Scope) && x.ClientId == client.Id);
if (scope == null)
{
scope = new ClientScope
{
ClientId = client.Id,
Scope = allowedScope
};
await _clientScopeRepository.InsertAsync(scope);
}
else
{
scope.Scope = allowedScope;
await _clientScopeRepository.UpdateAsync(scope);
}
//update client
client.ClientName = clientName;
client.RequireConsent = requireConsent;
_configurationDbContext.Clients.Update(client);
await _configurationDbContext.SaveChangesAsync();
succeeded = true;
}
}
else
{
errorMsg = "你没有权限更新";
}
return(succeeded, errorMsg);
}
