public static async Task <ConsentVM> BuildConsentVMAsync(ISecurableService securableService, ILogger logger, string returnUrl, ConsentInputVM model = null)
{
AuthorisationRequestSM request = await securableService.GetAuthorizationContextAsync(returnUrl);
if (request != null)
{
var client = await securableService.FindEnabledClientByIdAsync(request.ClientId);
if (client != null)
{
var resources = await securableService.FindEnabledResourcesByScopeAsync(request.ScopesRequested);
if (resources != null && (resources.IdentityResources.Any() || resources.ApiResources.Any()))
{
return(CreateConsentViewModel(securableService, model, returnUrl, request, client, resources));
}
else
{
logger.LogError("No scopes matching: {0}", request.ScopesRequested.Aggregate((x, y) => x + ", " + y));
}
}
else
{
logger.LogError("Invalid client id: {0}", request.ClientId);
}
}
else
{
logger.LogError("No consent request matching request: {0}", returnUrl);
}
return(null);
}
public static async Task <LoginVM> BuildLoginVMAsync(ISecurableService securableService, IAuthenticationSchemeProvider schemeProvider, string returnUrl)
{
var context = await securableService.GetAuthorizationContextAsync(returnUrl);
if (context?.IdP != null)
{
// this is meant to short circuit the UI and only trigger the one external IdP
return(new LoginVM
{
EnableLocalLogin = false,
ReturnUrl = returnUrl,
Username = context?.LoginHint,
ExternalProviders = new ExternalProviderPM[] { new ExternalProviderPM {
AuthenticationScheme = context.IdP
} }
});
}
var schemes = await schemeProvider.GetAllSchemesAsync();
var providers = schemes
.Where(x => x.DisplayName != null ||
(x.Name.Equals(AccountOptionsOM.WindowsAuthenticationSchemeName, StringComparison.OrdinalIgnoreCase))
)
.Select(x => new ExternalProviderPM
{
DisplayName = x.Name == "Windows" ? x.Name : x.DisplayName,
AuthenticationScheme = x.Name
}).ToList();
var allowLocal = true;
if (context?.ClientId != null)
{
var client = await securableService.FindEnabledClientByIdAsync(context.ClientId);
if (client != null)
{
allowLocal = client.EnableLocalLogin;
if (client.IdentityProviderRestrictions != null && client.IdentityProviderRestrictions.Any())
{
providers = providers.Where(provider => client.IdentityProviderRestrictions.Contains(provider.AuthenticationScheme)).ToList();
}
}
}
return(new LoginVM
{
AllowRememberLogin = AccountOptionsOM.AllowRememberLogin,
EnableLocalLogin = allowLocal && AccountOptionsOM.AllowLocalLogin,
ReturnUrl = returnUrl,
Username = context?.LoginHint,
ExternalProviders = providers.ToArray()
});
}