public async Task <IEndpointResult> CreateLoginResultAsync(ValidatedAuthorizeRequest request)
{
var signin = new SignInRequest();
// let the login page know the client requesting authorization
signin.ClientId = request.ClientId;
// pass through display mode to signin service
if (request.DisplayMode.IsPresent())
{
signin.DisplayMode = request.DisplayMode;
}
// pass through ui locales to signin service
if (request.UiLocales.IsPresent())
{
signin.UiLocales = request.UiLocales;
}
// pass through login_hint
if (request.LoginHint.IsPresent())
{
signin.LoginHint = request.LoginHint;
}
// look for well-known acr value -- idp
var idp = request.GetIdP();
if (idp.IsPresent())
{
signin.IdP = idp;
}
// look for well-known acr value -- tenant
var tenant = request.GetTenant();
if (tenant.IsPresent())
{
signin.Tenant = tenant;
}
// process acr values
var acrValues = request.GetAcrValues();
if (acrValues.Any())
{
signin.AcrValues = acrValues;
}
var message = new Message <SignInRequest>(signin)
{
ResponseUrl = _context.GetIdentityServerBaseUrl().EnsureTrailingSlash() + Constants.RoutePaths.Oidc.AuthorizeAfterLogin,
AuthorizeRequestParameters = request.Raw.ToDictionary()
};
await _signInRequestStore.WriteAsync(message);
return(new LoginPageResult(message.Id));
}
public override Task ExecuteAsync(IdentityServerContext context)
{
if (!Url.IsLocalUrl())
{
// this converts the relative redirect path to an absolute one if we're
// redirecting to a different server
ParamValue = context.GetIdentityServerBaseUrl().EnsureTrailingSlash() + ParamValue.RemoveLeadingSlash();
}
return(base.ExecuteAsync(context));
}
public Task ExecuteAsync(IdentityServerContext context)
{
var redirect = context.GetIdentityServerBaseUrl().EnsureTrailingSlash() + Path.RemoveLeadingSlash();
if (Id.IsPresent())
{
redirect = redirect.AddQueryString("id=" + Id);
}
context.HttpContext.Response.Redirect(redirect);
return(Task.FromResult(0));
}
public async Task <IActionResult> Index(string id)
{
_logger.LogDebug("Login started - base url = " + _context.GetIdentityServerBaseUrl());
var vm = new LoginViewModel();
if (id != null)
{
var request = await _signInInteraction.GetRequestAsync(id);
if (request != null)
{
vm.Username = request.LoginHint;
vm.SignInId = id;
}
}
return(View(vm));
}
public virtual Task ExecuteAsync(IdentityServerContext context)
{
var redirect = Url;
if (redirect.IsLocalUrl())
{
if (redirect.StartsWith("~/"))
{
redirect = redirect.Substring(1);
}
redirect = context.GetIdentityServerBaseUrl().EnsureTrailingSlash() + redirect.RemoveLeadingSlash();
}
if (ParamValue.IsPresent())
{
redirect = redirect.AddQueryString(ParamName + "=" + UrlEncoder.Default.Encode(ParamValue));
}
context.HttpContext.Response.Redirect(redirect);
return(Task.FromResult(0));
}
private async Task <IEndpointResult> ExecuteDiscoDocAsync(HttpContext context)
{
_logger.LogTrace("Start discovery request");
var baseUrl = _context.GetIdentityServerBaseUrl().EnsureTrailingSlash();
var allScopes = await _scopes.GetScopesAsync(publicOnly : true);
var showScopes = new List <Scope>();
var document = new DiscoveryDocument
{
issuer = _context.GetIssuerUri(),
subject_types_supported = new[] { "public" },
id_token_signing_alg_values_supported = new[] { Constants.SigningAlgorithms.RSA_SHA_256 }
};
// scopes
if (_options.DiscoveryOptions.ShowIdentityScopes)
{
showScopes.AddRange(allScopes.Where(s => s.Type == ScopeType.Identity));
}
if (_options.DiscoveryOptions.ShowResourceScopes)
{
showScopes.AddRange(allScopes.Where(s => s.Type == ScopeType.Resource));
}
if (showScopes.Any())
{
document.scopes_supported = showScopes.Where(s => s.ShowInDiscoveryDocument).Select(s => s.Name).ToArray();
}
// claims
if (_options.DiscoveryOptions.ShowClaims)
{
var claims = new List <string>();
foreach (var s in allScopes)
{
claims.AddRange(from c in s.Claims
where s.Type == ScopeType.Identity
select c.Name);
}
document.claims_supported = claims.Distinct().ToArray();
}
// grant types
if (_options.DiscoveryOptions.ShowGrantTypes)
{
var standardGrantTypes = Constants.SupportedGrantTypes.AsEnumerable();
if (this._options.AuthenticationOptions.EnableLocalLogin == false)
{
standardGrantTypes = standardGrantTypes.Where(type => type != OidcConstants.GrantTypes.Password);
}
var showGrantTypes = new List <string>(standardGrantTypes);
if (_options.DiscoveryOptions.ShowCustomGrantTypes)
{
showGrantTypes.AddRange(_customGrants.GetAvailableGrantTypes());
}
document.grant_types_supported = showGrantTypes.ToArray();
}
// response types
if (_options.DiscoveryOptions.ShowResponseTypes)
{
document.response_types_supported = Constants.SupportedResponseTypes.ToArray();
}
// response modes
if (_options.DiscoveryOptions.ShowResponseModes)
{
document.response_modes_supported = Constants.SupportedResponseModes.ToArray();
}
// token endpoint authentication methods
if (_options.DiscoveryOptions.ShowTokenEndpointAuthenticationMethods)
{
document.token_endpoint_auth_methods_supported = _parsers.GetAvailableAuthenticationMethods().ToArray();
}
// endpoints
if (_options.DiscoveryOptions.ShowEndpoints)
{
if (_options.Endpoints.EnableEndSessionEndpoint)
{
document.http_logout_supported = true;
}
if (_options.Endpoints.EnableAuthorizeEndpoint)
{
document.authorization_endpoint = baseUrl + Constants.RoutePaths.Oidc.Authorize;
}
if (_options.Endpoints.EnableTokenEndpoint)
{
document.token_endpoint = baseUrl + Constants.RoutePaths.Oidc.Token;
}
if (_options.Endpoints.EnableUserInfoEndpoint)
{
document.userinfo_endpoint = baseUrl + Constants.RoutePaths.Oidc.UserInfo;
}
if (_options.Endpoints.EnableEndSessionEndpoint)
{
document.end_session_endpoint = baseUrl + Constants.RoutePaths.Oidc.EndSession;
}
if (_options.Endpoints.EnableCheckSessionEndpoint)
{
document.check_session_iframe = baseUrl + Constants.RoutePaths.Oidc.CheckSession;
}
if (_options.Endpoints.EnableTokenRevocationEndpoint)
{
document.revocation_endpoint = baseUrl + Constants.RoutePaths.Oidc.Revocation;
}
if (_options.Endpoints.EnableIntrospectionEndpoint)
{
document.introspection_endpoint = baseUrl + Constants.RoutePaths.Oidc.Introspection;
}
}
if (_options.DiscoveryOptions.ShowKeySet)
{
if (_options.SigningCertificate != null)
{
document.jwks_uri = baseUrl + Constants.RoutePaths.Oidc.DiscoveryWebKeys;
}
}
return(new DiscoveryDocumentResult(document, _options.DiscoveryOptions.CustomEntries));
}