private void CreateInputModel(string returnUrl, Client client, Resources resources)
{
bool showDefault = false; // if page is loading for the first time, this is used to set default scope checkboxes to checked
if (Input == null)
{
showDefault = true;
Input = new InputModel
{
RememberConsent = true
};
}
ScopesConsented = ScopesConsented ??= Enumerable.Empty <string>();
Input.ReturnUrl = returnUrl;
ClientName = client.ClientName ?? client.ClientId;
ClientUrl = client.ClientUri;
ClientLogoUrl = client.LogoUri;
AllowRememberConsent = client.AllowRememberConsent;
IdentityScopes = resources.IdentityResources.Select(x => CreateScopeViewModel(x, ScopesConsented.Contains(x.Name) || showDefault)).ToList();
ResourceScopes = resources.ApiResources.SelectMany(x => x.Scopes).Select(x => CreateScopeViewModel(x, ScopesConsented.Contains(x.Name) || showDefault)).ToList();
if (ConsentOptions.EnableOfflineAccess && resources.OfflineAccess)
{
ResourceScopes = ResourceScopes.Union(new ScopeViewModel[] {
GetOfflineAccessScope(ScopesConsented.Contains(IdentityServer4.IdentityServerConstants.StandardScopes.OfflineAccess) || showDefault)
}).ToList();
}
}
public ConsentViewModel(ConsentInputModel model, string returnUrl, AuthorizationRequest request, Client client, Resources scopes)
{
RememberConsent = model?.RememberConsent ?? true;
ScopesConsented = model?.ScopesConsented ?? Enumerable.Empty <string>();
ReturnUrl = returnUrl;
ClientName = client.ClientName;
ClientUrl = client.ClientUri;
ClientLogoUrl = client.LogoUri;
AllowRememberConsent = client.AllowRememberConsent;
IdentityScopes = scopes.IdentityResources.Select(x => new ScopeViewModel()
{
Name = x.Name,
Description = x.Description,
DisplayName = x.DisplayName,
Emphasize = x.Emphasize,
Required = x.Required,
Checked = (ScopesConsented.Contains(x.Name) || model == null) || x.Required
}).ToArray();
ResourceScopes = scopes.ApiResources.Select(x => new ScopeViewModel/*(ScopesConsented.Contains(x.Name) || model == null)*/
{
Name = x.Name,
Description = x.Description,
DisplayName = x.DisplayName,
Checked = (ScopesConsented.Contains(x.Name) || model == null)
}).ToArray();
}
public ConsentViewModel(ConsentInputModel model, string returnUrl, AuthorizationRequest request, Client client, Resources resources)
{
RememberConsent = model?.RememberConsent ?? true;
ScopesConsented = model?.ScopesConsented ?? Enumerable.Empty <string>();
ReturnUrl = returnUrl;
ClientName = client.ClientName;
ClientUrl = client.ClientUri;
ClientLogoUrl = client.LogoUri;
AllowRememberConsent = client.AllowRememberConsent;
IdentityScopes = resources.IdentityResources.Select(x => new ScopeViewModel(x, ScopesConsented.Contains(x.Name) || model == null)).ToArray();
ResourceScopes = resources.ApiScopes.Select(x => new ScopeViewModel(x, ScopesConsented.Contains(x.Name) || model == null)).ToArray();
}
public ConsentViewModel(ConsentInputModel model, string returnUrl, AuthorizationRequest request, Client client, Resources resources)
{
RememberConsent = model?.RememberConsent ?? true;
ScopesConsented = model?.ScopesConsented ?? Enumerable.Empty <string>();
ReturnUrl = returnUrl;
ClientName = client.ClientName;
ClientUrl = client.ClientUri;
ClientLogoUrl = client.LogoUri;
AllowRememberConsent = client.AllowRememberConsent;
IdentityScopes = resources.IdentityResources.Select(x => new ScopeViewModel(x, ScopesConsented.Contains(x.Name) || model == null)).ToArray();
ResourceScopes = resources.ApiResources.SelectMany(x => x.Scopes).Select(x => new ScopeViewModel(x, ScopesConsented.Contains(x.Name) || model == null)).ToArray();
if (resources.OfflineAccess)
{
ResourceScopes = ResourceScopes.Union(new ScopeViewModel[] {
ScopeViewModel.GetOfflineAccess(ScopesConsented.Contains(IdentityServerConstants.StandardScopes.OfflineAccess) || model == null)
});
}
}
/*****************************************/
/* helper APIs for the ConsentController */
/*****************************************/
private async Task <ProcessConsentResult> ProcessConsent(bool confirmed)
{
var result = new ProcessConsentResult();
// validate return url is still valid
var request = await _interaction.GetAuthorizationContextAsync(Input.ReturnUrl);
if (request == null)
{
return(result);
}
ConsentResponse grantedConsent = null;
// user clicked 'no' - send back the standard 'access_denied' response
if (!confirmed)
{
grantedConsent = ConsentResponse.Denied;
// emit event
await _events.RaiseAsync(new ConsentDeniedEvent(User.GetSubjectId(), request.ClientId, request.ScopesRequested));
}
//user clicked 'yes' - validate the data
else
{
// if the user consented to some scope, build the response model
if (ScopesConsented != null && ScopesConsented.Any())
{
var scopes = ScopesConsented;
if (ConsentOptions.EnableOfflineAccess == false)
{
scopes = scopes.Where(x => x != IdentityServer4.IdentityServerConstants.StandardScopes.OfflineAccess);
}
grantedConsent = new ConsentResponse
{
RememberConsent = Input.RememberConsent,
ScopesConsented = scopes.ToArray()
};
// emit event
await _events.RaiseAsync(new ConsentGrantedEvent(User.GetSubjectId(), request.ClientId, request.ScopesRequested, grantedConsent.ScopesConsented, grantedConsent.RememberConsent));
}
else
{
result.ValidationError = ConsentOptions.MustChooseOneErrorMessage;
}
}
if (grantedConsent != null)
{
// communicate outcome of consent back to identityserver
await _interaction.GrantConsentAsync(request, grantedConsent);
// indicate that's it ok to redirect back to authorization endpoint
result.RedirectUri = Input.ReturnUrl;
result.ClientId = request.ClientId;
}
else
{
// we need to redisplay the consent UI
await BuildInputModelAsync(Input.ReturnUrl);
_showView = true;
}
return(result);
}
public ConsentViewModel(ConsentInputModel model, string consentId, ConsentRequest request, Client client, IEnumerable <Scope> scopes, ILocalizationService localization)
{
RememberConsent = model?.RememberConsent ?? true;
ScopesConsented = model?.ScopesConsented ?? Enumerable.Empty <string>();
ConsentId = consentId;
ClientName = client.ClientName;
ClientUrl = client.ClientUri;
ClientLogoUrl = client.LogoUri;
AllowRememberConsent = client.AllowRememberConsent;
IdentityScopes = scopes.Where(x => x.Type == ScopeType.Identity).Select(x => new ScopeViewModel(localization, x, ScopesConsented.Contains(x.Name) || model == null)).ToArray();
ResourceScopes = scopes.Where(x => x.Type == ScopeType.Resource).Select(x => new ScopeViewModel(localization, x, ScopesConsented.Contains(x.Name) || model == null)).ToArray();
}
