public async Task <IActionResult> ClientCredentials()
{
if (TempData.ContainsKey(_clientCredentials))
{
TempData.Remove(_clientCredentials);
}
var currentRoleUserEmail = HttpContext.User.GetNormalisedEmail();
var authorisedOrgIds = HttpContext.User.GetOrganisationIds();
HttpContext.Session.SetString(_roleUserEmail, currentRoleUserEmail);
var clients = await _identityManagementRepository.GetAuthorisedClientsByEmailAsync(currentRoleUserEmail, authorisedOrgIds);
var isDeveloper = await _identityManagementRepository.CheckHasDeveloperRoleUserByEmailAsync(currentRoleUserEmail, authorisedOrgIds);
var model = new ClientCredentialsViewModel()
{
AbleToAddClient = isDeveloper,
CurrentRoleUserEmail = currentRoleUserEmail,
Clients = clients.Select(x => new ClientViewModel(x.Id, x.ClientName))
.ToList()
};
return(View(model));
}
public async Task <string> GetClientCredentialsToken(ClientCredentialsViewModel clientCredentials)
{
using var serverClient = new HttpClient();
var appSettings = new AppSettings();
var authorityUrl = appSettings.Common.IdentityServer.Authority;
var discoveryDocument = await serverClient.GetDiscoveryDocumentAsync(authorityUrl);
var tokenResponse = await serverClient.RequestClientCredentialsTokenAsync(
new ClientCredentialsTokenRequest
{
RequestUri = new Uri(discoveryDocument.TokenEndpoint),
GrantType = "client_credentials",
ClientId = clientCredentials.ClientId,
ClientSecret = clientCredentials.ClientSecret,
Scope = clientCredentials.Scope ?? "my.admin.scope",
});
return(tokenResponse.AccessToken);
}
