private bool ValidateClaimValues( string[] claimValues, ClaimParameter claimParameter) { if (claimParameter.EssentialParameterExist && (claimValues == null || claimValues.Any()) && claimParameter.Essential) { return(false); } if (claimParameter.ValueParameterExist && (claimValues == null || !claimValues.Contains(claimParameter.Value))) { return(false); } if (claimParameter.ValuesParameterExist && claimParameter.Values != null && (claimValues == null || !claimParameter.Values.All(c => claimValues.Contains(c)))) { return(false); } return(true); }
private bool ValidateClaimValue( string claimValue, ClaimParameter claimParameter) { if (claimParameter.EssentialParameterExist && string.IsNullOrWhiteSpace(claimValue) && claimParameter.Essential) { return(false); } if (claimParameter.ValueParameterExist && claimValue != claimParameter.Value) { return(false); } if (claimParameter.ValuesParameterExist && claimParameter.Values != null && claimParameter.Values.Contains(claimValue)) { return(false); } return(true); }
private static ClaimParameter[] FillInClaimsParameter( JToken token, IEnumerable <ClaimParameter> claimParameters) { var children = token.Children() .Select( child => { var record = new ClaimParameter { Name = ((JProperty)child).Name, Parameters = new Dictionary <string, object>() }; var subChild = child.Children().FirstOrDefault(); if (subChild != null) { var parameters = JsonConvert.DeserializeObject <Dictionary <string, object> >(subChild.ToString()) !; record = record with { Parameters = parameters }; } return(record); }); return(claimParameters.Concat(children).ToArray()); }
private void FillInResourceOwnerClaimsByClaimsParameter( JwsPayload jwsPayload, List <ClaimParameter> claimParameters, ClaimsPrincipal claimsPrincipal, AuthorizationParameter authorizationParameter) { var state = authorizationParameter == null ? string.Empty : authorizationParameter.State; // 1. Fill-In the subject - set the subject as an essential claim if (claimParameters.All(c => c.Name != Jwt.Constants.StandardResourceOwnerClaimNames.Subject)) { var essentialSubjectClaimParameter = new ClaimParameter { Name = Jwt.Constants.StandardResourceOwnerClaimNames.Subject, Parameters = new Dictionary <string, object> { { Constants.StandardClaimParameterValueNames.EssentialName, true } } }; claimParameters.Add(essentialSubjectClaimParameter); } // 2. Fill-In all the other resource owner claims if (claimParameters == null || !claimParameters.Any()) { return; } var resourceOwnerClaimParameters = claimParameters .Where(c => Jwt.Constants.AllStandardResourceOwnerClaimNames.Contains(c.Name)) .ToList(); if (resourceOwnerClaimParameters.Any()) { var requestedClaimNames = resourceOwnerClaimParameters.Select(r => r.Name); var resourceOwnerClaims = GetClaims(requestedClaimNames, claimsPrincipal); foreach (var resourceOwnerClaimParameter in resourceOwnerClaimParameters) { var resourceOwnerClaim = resourceOwnerClaims.FirstOrDefault(c => c.Key == resourceOwnerClaimParameter.Name); var resourceOwnerClaimValue = resourceOwnerClaim.Equals(default(KeyValuePair <string, string>)) ? string.Empty : resourceOwnerClaim.Value; var isClaimValid = ValidateClaimValue(resourceOwnerClaimValue, resourceOwnerClaimParameter); if (!isClaimValid) { throw new IdentityServerExceptionWithState(ErrorCodes.InvalidGrant, string.Format(ErrorDescriptions.TheClaimIsNotValid, resourceOwnerClaimParameter.Name), state); } jwsPayload.Add(resourceOwnerClaim.Key, resourceOwnerClaim.Value); } } }
private bool ValidateClaimValue(object claimValue, ClaimParameter claimParameter) { if (claimParameter.EssentialParameterExist && (claimValue == null || string.IsNullOrWhiteSpace(claimValue.ToString())) && claimParameter.Essential) { return(false); } if (claimParameter.ValueParameterExist && claimValue.ToString() != claimParameter.Value) { return(false); } if (claimParameter.ValuesParameterExist && claimParameter.Values != null && claimParameter.Values.Contains(claimValue)) { return(false); } return(true); }
private static void FillInClaimsParameter( JToken token, List <ClaimParameter> claimParameters) { foreach (var child in token.Children()) { var record = new ClaimParameter { Name = ((JProperty)child).Name, Parameters = new Dictionary <string, object>() }; claimParameters.Add(record); var subChild = child.Children().FirstOrDefault(); if (subChild == null) { continue; } var parameters = JsonConvert.DeserializeObject <Dictionary <string, object> >(subChild.ToString()); record.Parameters = parameters; } }