private DeviceAuthorizationViewModel CreateConsentViewModel(string userCode, DeviceAuthorizationInputModel model, Client client, Resources resources)
{
var vm = new DeviceAuthorizationViewModel
{
UserCode = userCode,
RememberConsent = model?.RememberConsent ?? true,
ScopesConsented = model?.ScopesConsented ?? Enumerable.Empty <string>(),
ClientName = client.ClientName ?? client.ClientId,
ClientUrl = client.ClientUri,
ClientLogoUrl = client.LogoUri,
AllowRememberConsent = client.AllowRememberConsent
};
vm.IdentityScopes = resources.IdentityResources.Select(x => CreateScopeViewModel(x, vm.ScopesConsented.Contains(x.Name) || model == null)).ToArray();
vm.ResourceScopes = resources.ApiResources.SelectMany(x => x.Scopes).Select(x => CreateScopeViewModel(x, vm.ScopesConsented.Contains(x.Name) || model == null)).ToArray();
if (ConsentOptions.EnableOfflineAccess && resources.OfflineAccess)
{
vm.ResourceScopes = vm.ResourceScopes.Union(new[]
{
GetOfflineAccessScope(vm.ScopesConsented.Contains(global::IdentityServer4.IdentityServerConstants.StandardScopes.OfflineAccess) || model == null)
});
}
return(vm);
}
public async Task <IActionResult> Callback(DeviceAuthorizationViewModel viewModel)
{
var request = await _deviceFlowInteractionService.GetAuthorizationContextAsync(viewModel.UserCode);
if (request == null)
{
return(View("Error"));
}
if (viewModel.Button == "no")
{
return(View("Error"));
}
if (viewModel.Button == "yes")
{
var grantedConsent = new ConsentResponse()
{
RememberConsent = true,
ScopesConsented = request.ScopesRequested
};
await _deviceFlowInteractionService.HandleRequestAsync(viewModel.UserCode, grantedConsent);
}
return(View("Success", "Successfully authorized device"));
}
private DeviceAuthorizationViewModel CreateConsentViewModel(string userCode, DeviceAuthorizationInputModel model, DeviceFlowAuthorizationRequest request)
{
var viewModel = new DeviceAuthorizationViewModel {
UserCode = userCode,
Description = model?.Description,
RememberConsent = model?.RememberConsent ?? true,
ScopesConsented = model?.ScopesConsented ?? Enumerable.Empty <string>(),
ClientName = request.Client.ClientName ?? request.Client.ClientId,
ClientUrl = request.Client.ClientUri,
ClientLogoUrl = request.Client.LogoUri,
AllowRememberConsent = request.Client.AllowRememberConsent
};
viewModel.IdentityScopes = request.ValidatedResources.Resources.IdentityResources.Select(x => CreateScopeViewModel(x, viewModel.ScopesConsented.Contains(x.Name) || model == null)).ToArray();
var apiScopes = new List <ScopeViewModel>();
foreach (var parsedScope in request.ValidatedResources.ParsedScopes)
{
var apiScope = request.ValidatedResources.Resources.FindApiScope(parsedScope.ParsedName);
if (apiScope != null)
{
var scopeViewModel = CreateScopeViewModel(parsedScope, apiScope, viewModel.ScopesConsented.Contains(parsedScope.RawValue) || model == null);
apiScopes.Add(scopeViewModel);
}
}
if (ConsentOptions.EnableOfflineAccess && request.ValidatedResources.Resources.OfflineAccess)
{
apiScopes.Add(GetOfflineAccessScope(viewModel.ScopesConsented.Contains(IdentityServerConstants.StandardScopes.OfflineAccess) || model == null));
}
viewModel.ApiScopes = apiScopes;
return(viewModel);
}
public async Task <IActionResult> OnPostAsync(string userCode)
{
Model = await BuildViewModelAsync(userCode);
if (Model == null)
{
return(RedirectToPage("/Error"));
}
return(Page());
}
public async Task <IActionResult> OnGetAsync()
{
var userCodeParamName = _options.Value.UserInteraction.DeviceVerificationUserCodeParameter;
var userCode = Request.Query[userCodeParamName];
if (!string.IsNullOrWhiteSpace(userCode))
{
Model = await BuildViewModelAsync(userCode);
if (Model == null)
{
return(RedirectToPage("/Error"));
}
Model.ConfirmUserCode = true;
}
return(Page());
}
