public ClientUpdateInputDto()
{
Client = new ClientUpdateDto();
}
public virtual async Task <ClientDto> UpdateAsync(Guid id, ClientUpdateDto input)
{
var client = await ClientRepository.GetAsync(id);
#region Basic
if (!string.Equals(client.ClientId, input.ClientId, StringComparison.InvariantCultureIgnoreCase))
{
client.ClientId = input.ClientId;
}
if (!string.Equals(client.ClientUri, input.ClientUri, StringComparison.InvariantCultureIgnoreCase))
{
client.ClientUri = input.ClientUri;
}
if (!string.Equals(client.ClientName, input.ClientName, StringComparison.InvariantCultureIgnoreCase))
{
client.ClientName = input.ClientName;
}
if (!string.Equals(client.BackChannelLogoutUri, input.BackChannelLogoutUri, StringComparison.InvariantCultureIgnoreCase))
{
client.BackChannelLogoutUri = input.BackChannelLogoutUri;
}
if (!string.Equals(client.FrontChannelLogoutUri, input.FrontChannelLogoutUri, StringComparison.InvariantCultureIgnoreCase))
{
client.FrontChannelLogoutUri = input.FrontChannelLogoutUri;
}
if (!string.Equals(client.ClientClaimsPrefix, input.ClientClaimsPrefix, StringComparison.InvariantCultureIgnoreCase))
{
client.ClientClaimsPrefix = input.ClientClaimsPrefix;
}
if (!string.Equals(client.Description, input.Description, StringComparison.InvariantCultureIgnoreCase))
{
client.Description = input.Description;
}
if (!string.Equals(client.LogoUri, input.LogoUri, StringComparison.InvariantCultureIgnoreCase))
{
client.LogoUri = input.LogoUri;
}
if (!string.Equals(client.UserCodeType, input.UserCodeType, StringComparison.InvariantCultureIgnoreCase))
{
client.UserCodeType = input.UserCodeType;
}
if (!string.Equals(client.PairWiseSubjectSalt, input.PairWiseSubjectSalt, StringComparison.InvariantCultureIgnoreCase))
{
client.PairWiseSubjectSalt = input.PairWiseSubjectSalt;
}
if (!string.Equals(client.ProtocolType, input.ProtocolType, StringComparison.InvariantCultureIgnoreCase))
{
client.ProtocolType = input.ProtocolType;
}
if (!string.Equals(client.AllowedIdentityTokenSigningAlgorithms, input.AllowedIdentityTokenSigningAlgorithms, StringComparison.InvariantCultureIgnoreCase))
{
client.AllowedIdentityTokenSigningAlgorithms = input.AllowedIdentityTokenSigningAlgorithms;
}
client.AbsoluteRefreshTokenLifetime = input.AbsoluteRefreshTokenLifetime;
client.AccessTokenLifetime = input.AccessTokenLifetime;
client.AccessTokenType = input.AccessTokenType;
client.AllowAccessTokensViaBrowser = input.AllowAccessTokensViaBrowser;
client.AllowOfflineAccess = input.AllowOfflineAccess;
client.AllowPlainTextPkce = input.AllowPlainTextPkce;
client.AllowRememberConsent = input.AllowRememberConsent;
client.AlwaysIncludeUserClaimsInIdToken = input.AlwaysIncludeUserClaimsInIdToken;
client.AlwaysSendClientClaims = input.AlwaysSendClientClaims;
client.AuthorizationCodeLifetime = input.AuthorizationCodeLifetime;
client.BackChannelLogoutSessionRequired = input.BackChannelLogoutSessionRequired;
client.DeviceCodeLifetime = input.DeviceCodeLifetime;
client.ConsentLifetime = input.ConsentLifetime ?? client.ConsentLifetime;
client.Enabled = input.Enabled;
client.RequireRequestObject = input.RequireRequestObject;
client.EnableLocalLogin = input.EnableLocalLogin;
client.FrontChannelLogoutSessionRequired = input.FrontChannelLogoutSessionRequired;
client.IdentityTokenLifetime = input.IdentityTokenLifetime;
client.IncludeJwtId = input.IncludeJwtId;
client.RefreshTokenExpiration = input.RefreshTokenExpiration;
client.RefreshTokenUsage = input.RefreshTokenUsage;
client.RequireClientSecret = input.RequireClientSecret;
client.RequireConsent = input.RequireConsent;
client.RequirePkce = input.RequirePkce;
client.SlidingRefreshTokenLifetime = input.SlidingRefreshTokenLifetime;
client.UpdateAccessTokenClaimsOnRefresh = input.UpdateAccessTokenClaimsOnRefresh;
client.UserSsoLifetime = input.UserSsoLifetime ?? client.UserSsoLifetime;
#endregion
#region AllowScope
// 删除未在身份资源和Api资源中的作用域
client.AllowedScopes.RemoveAll(scope => !input.AllowedScopes.Any(inputScope => scope.Scope == inputScope.Scope));
foreach (var inputScope in input.AllowedScopes)
{
if (client.FindScope(inputScope.Scope) == null)
{
client.AddScope(inputScope.Scope);
}
}
#endregion
#region RedirectUris
// 删除不存在的uri
client.RedirectUris.RemoveAll(uri => !input.RedirectUris.Any(inputRedirectUri => uri.RedirectUri == inputRedirectUri.RedirectUri));
foreach (var inputRedirectUri in input.RedirectUris)
{
if (client.FindRedirectUri(inputRedirectUri.RedirectUri) == null)
{
client.AddRedirectUri(inputRedirectUri.RedirectUri);
}
}
#endregion
#region AllowedGrantTypes
// 删除不存在的验证类型
client.AllowedGrantTypes.RemoveAll(grantType => !input.AllowedGrantTypes.Any(inputGrantType => grantType.GrantType == inputGrantType.GrantType));
foreach (var inputGrantType in input.AllowedGrantTypes)
{
if (client.FindGrantType(inputGrantType.GrantType) == null)
{
client.AddGrantType(inputGrantType.GrantType);
}
}
#endregion
#region AllowedCorsOrigins
// 删除不存在的同源域名
client.AllowedCorsOrigins.RemoveAll(corsOrigin => !input.AllowedCorsOrigins.Any(inputCorsOrigin => corsOrigin.Origin == inputCorsOrigin.Origin));
foreach (var inputCorsOrigin in input.AllowedCorsOrigins)
{
if (client.FindCorsOrigin(inputCorsOrigin.Origin) == null)
{
client.AddCorsOrigin(inputCorsOrigin.Origin);
}
}
#endregion
#region PostLogoutRedirectUris
// 删除不存在的登录重定向域名
client.PostLogoutRedirectUris.RemoveAll(uri =>
!input.PostLogoutRedirectUris.Any(inputLogoutRedirectUri => uri.PostLogoutRedirectUri == inputLogoutRedirectUri.PostLogoutRedirectUri));
foreach (var inputLogoutRedirectUri in input.PostLogoutRedirectUris)
{
if (client.FindPostLogoutRedirectUri(inputLogoutRedirectUri.PostLogoutRedirectUri) == null)
{
client.AddPostLogoutRedirectUri(inputLogoutRedirectUri.PostLogoutRedirectUri);
}
}
#endregion
#region IdentityProviderRestrictions
// 删除身份认证限制提供商
client.IdentityProviderRestrictions.RemoveAll(provider =>
!input.IdentityProviderRestrictions.Any(inputProvider => provider.Provider == inputProvider.Provider));
foreach (var inputProvider in input.IdentityProviderRestrictions)
{
if (client.FindIdentityProviderRestriction(inputProvider.Provider) == null)
{
client.AddIdentityProviderRestriction(inputProvider.Provider);
}
}
#endregion
#region Secrets
if (await IsGrantAsync(AbpIdentityServerPermissions.Clients.ManageSecrets))
{
// 移除已经不存在的客户端密钥
client.ClientSecrets.RemoveAll(secret => !input.ClientSecrets.Any(inputSecret => secret.Value == inputSecret.Value && secret.Type == inputSecret.Type));
foreach (var inputSecret in input.ClientSecrets)
{
// 先对加密过的进行过滤
if (client.FindSecret(inputSecret.Value, inputSecret.Type) != null)
{
continue;
}
var inputSecretValue = inputSecret.Value.Sha256(); // TODO: 通过可选配置来加密
var clientSecret = client.FindSecret(inputSecretValue, inputSecret.Type);
if (clientSecret == null)
{
client.AddSecret(inputSecretValue, inputSecret.Expiration, inputSecret.Type, inputSecret.Description);
}
}
}
#endregion
#region Properties
if (await IsGrantAsync(AbpIdentityServerPermissions.Clients.ManageProperties))
{
// 移除不存在的属性
client.Properties.RemoveAll(prop => !input.Properties.Any(inputProp => prop.Key == inputProp.Key));
foreach (var inputProp in input.Properties)
{
if (client.FindProperty(inputProp.Key, inputProp.Value) == null)
{
client.AddProperty(inputProp.Key, inputProp.Value);
}
}
}
#endregion
#region Claims
if (await IsGrantAsync(AbpIdentityServerPermissions.Clients.ManageClaims))
{
// 移除已经不存在的客户端声明
client.Claims.RemoveAll(secret => !input.Claims.Any(inputClaim => secret.Value == inputClaim.Value && secret.Type == inputClaim.Type));
foreach (var inputClaim in input.Claims)
{
if (client.FindClaim(inputClaim.Value, inputClaim.Type) == null)
{
client.AddClaim(inputClaim.Value, inputClaim.Type);
}
}
}
#endregion
client = await ClientRepository.UpdateAsync(client);
await CurrentUnitOfWork.SaveChangesAsync();
return(ObjectMapper.Map <Client, ClientDto>(client));
}
public virtual async Task <ClientDto> UpdateAsync(Guid id, ClientUpdateDto input)
{
return(await ClientAppService.UpdateAsync(id, input));
}