public async Task <IActionResult> Exchange(OpenIdConnectRequest request)
{
if (request.IsClientCredentialsGrantType())
{
// Note: the client credentials are automatically validated by OpenIddict:
// if client_id or client_secret are invalid, this action won't be invoked.
var application = await OpenIdAppManager.FindByClientIdAsync(request.ClientId);
if (application == null)
{
return(BadRequest(new OpenIdConnectResponse
{
Error = OpenIdConnectConstants.Errors.InvalidClient,
ErrorDescription = "The client application was not found in the database."
}));
}
// Create a new authentication ticket.
var ticket = CreateTicket(request, application);
return(SignIn(ticket.Principal, ticket.Properties, ticket.AuthenticationScheme));
}
return(BadRequest(new OpenIdConnectResponse
{
Error = OpenIdConnectConstants.Errors.UnsupportedGrantType,
ErrorDescription = "The specified grant type is not supported."
}));
}
public async Task <IActionResult> CreateApp(ManageAccountModel model)
{
if (ModelState.IsValid)
{
if (string.IsNullOrEmpty(model.Secret))
{
model.Secret = Guid.NewGuid().ToString();
}
//New App
var newAppId = await OpenIdAppManager.CreateAsync(new DefaultOpenIddictApplication
{
ClientId = Guid.NewGuid().ToString(),
ClientSecret = Crypto.HashPassword(model.Secret),
DisplayName = model.Name,
// Note: use "public" for JS/mobile/desktop applications
// and "confidential" for server-side applications.
Type = OpenIddictConstants.ClientTypes.Confidential
});
//New UserApp
_identityContext.UserApplications.Add(new AspNetUserOpenIddictApplication
{
AppId = newAppId,
UserId = User.FindFirstValue(ClaimTypes.NameIdentifier),
SecretClearText = model.Secret
});
_identityContext.SaveChanges();
return(RedirectToAction("Manage"));
}
//Model error
model.OpenIdApps = await GetUserOpenIdApps();
return(View("Manage", model));
}