private static string MapGrantType(ClientGrantType grantType) { switch (grantType) { case ClientGrantType.ClientCredentials: return(GrantType.ClientCredentials); case ClientGrantType.ResourceOwnerPassword: return(GrantType.ResourceOwnerPassword); case ClientGrantType.AuthorizationCode: return(GrantType.AuthorizationCode); case ClientGrantType.DeviceFlow: return(GrantType.DeviceFlow); case ClientGrantType.Hybrid: return(GrantType.Hybrid); case ClientGrantType.Implicit: return(GrantType.Implicit); default: return(string.Empty); } }
public async Task <string> AddGrantType(ClientGrantType grant) { string result = ""; int grantId = 0; await Task.Run(() => { using (/*var*/ ctx /*= new ResourceConfigDbContext()*/) { ctx.ClientGrantTypes.Add(grant); ctx.SaveChanges(); grantId = grant.Id; result = "Grant " + grantId + "added successfully"; } }); return(result); }
public void RemoveAllowedGrantType(ClientGrantType grantType) { if (!_allowedGrantTypes.Contains(grantType)) { throw new EntityValidationException("This grant type is not currently allowed."); } var e = new RemovedAllowedGrantTypeEvent() { GrantType = grantType, ClientId = Id, OccurredOn = DateTime.UtcNow }; _changes.Add(e); EventHandler.AllowedGrantTypeRemoved(this, e); }
public async Task<IActionResult> AddClientGrantType([FromRoute]string clientId, [FromRoute]string grantType) { var client = await _configurationDbContext.Clients.SingleOrDefaultAsync(x => x.ClientId == clientId); if (client == null) { return NotFound(); } var grantTypeToAdd = new ClientGrantType { GrantType = grantType, ClientId = client.Id }; client.AllowedGrantTypes = new List<ClientGrantType> { grantTypeToAdd }; await _configurationDbContext.SaveChangesAsync(); return Ok(new GrantTypeInfo { Id = grantTypeToAdd.Id, Name = grantTypeToAdd.GrantType }); }
public Client ToEntity(Client client) { if (client.AllowedGrantTypes == null) { client.AllowedGrantTypes = new List <ClientGrantType>(); } client.Id = this.Id; client.ClientName = this.ClientName; client.ClientId = this.ClientId; client.Description = this.Description; foreach (var allowedGrantType in this.AllowedGrantTypes) { var grantType = client.AllowedGrantTypes.FirstOrDefault(a => a.Id == allowedGrantType.Id); if (grantType == null) { grantType = new ClientGrantType { Id = allowedGrantType.Id, ClientId = this.Id }; client.AllowedGrantTypes.Add(grantType); } else { grantType.GrantType = allowedGrantType.GrantType; } switch (allowedGrantType.GrantType.ToLower()) { case "clientcredentials": grantType.GrantType = "client_credentials"; break; case "resourceownerpassword": grantType.GrantType = "password"; break; case "hybrid": grantType.GrantType = "hybrid"; break; case "code": grantType.GrantType = "authorization_code"; break; case "implicit": grantType.GrantType = "implicit"; break; default: grantType.GrantType = allowedGrantType.GrantType; break; } } client.RequirePkce = this.RequirePkce; client.RequireClientSecret = this.RequireClientSecret; client.Enabled = this.Enabled; client.Created = this.Created; client.Updated = this.Updated; client.LastAccessed = this.LastAccessed; client.AllowOfflineAccess = this.AllowOfflineAccess; client.IdentityTokenLifetime = this.IdentityTokenLifetime; client.RequireConsent = this.RequireConsent; client.AllowAccessTokensViaBrowser = this.AllowAccessTokensViaBrowser; return(client); }
public async Task OnPostAsync() { // Arrange const string grantType1OriginalGrantType = "Original GrantType"; const string grantType1EditedGrantType = "Edited GrantType"; const string newGrantTypeGrantType = "New GrantType"; var databaseName = $"{DatabaseNamePrefix}.{nameof(OnPostAsync)}"; var options = new DbContextOptionsBuilder <IdentityServerDbContext>() .UseInMemoryDatabase(databaseName) .Options; GrantTypesModel grantTypes; IActionResult post; var grantType1 = new ClientGrantType { Id = Random.Next(), GrantType = grantType1OriginalGrantType }; var grantType2 = new ClientGrantType { Id = Random.Next() }; var clientId = Random.Next(); var client = new Client { Id = clientId, AllowedGrantTypes = new List <ClientGrantType> { grantType1, grantType2 } }; using (var context = new IdentityServerDbContext(options, _configurationStoreOptions.Object, _operationalStoreOptions.Object)) { context.Add(client); await context.SaveChangesAsync().ConfigureAwait(false); } // Act using (var context = new IdentityServerDbContext(options, _configurationStoreOptions.Object, _operationalStoreOptions.Object)) { grantTypes = new GrantTypesModel(context) { Client = new Client { Id = clientId, AllowedGrantTypes = new List <ClientGrantType> { new ClientGrantType { Id = grantType1.Id, GrantType = grantType1EditedGrantType }, new ClientGrantType { GrantType = newGrantTypeGrantType } } } }; post = await grantTypes.OnPostAsync().ConfigureAwait(false); } // Assert using (var context = new IdentityServerDbContext(options, _configurationStoreOptions.Object, _operationalStoreOptions.Object)) { client = await context.Clients .Include(x => x.AllowedGrantTypes) .SingleOrDefaultAsync(x => x.Id.Equals(clientId)) .ConfigureAwait(false); grantType1 = client.AllowedGrantTypes.SingleOrDefault(x => x.Id.Equals(grantType1.Id)); grantType2 = client.AllowedGrantTypes.SingleOrDefault(x => x.Id.Equals(grantType2.Id)); var newGrantType = client.AllowedGrantTypes.SingleOrDefault(x => x.GrantType.Equals(newGrantTypeGrantType)); Assert.NotNull(grantType1); Assert.Equal(grantType1EditedGrantType, grantType1.GrantType); Assert.Null(grantType2); Assert.NotNull(newGrantType); } var result = Assert.IsType <RedirectToPageResult>(post); Assert.Equal("../Details/GrantTypes", result.PageName); Assert.Collection(result.RouteValues, routeValue => { var(key, value) = routeValue; Assert.Equal(nameof(Client.Id), key); Assert.Equal(grantTypes.Client.Id, value); }); }
public IActionResult EditClient(EditClientModel model, [FromServices] ConfigurationDbContext configContext) { // Validate it's an actual client var foundClient = configContext.Clients.Where(c => c.ClientId == model.ClientId).FirstOrDefault(); if (foundClient != null) { foundClient.ClientName = model.Name; foundClient.ClientUri = model.HomepageUrl; foundClient.LogoUri = model.LogoUrl; foundClient.Updated = DateTime.Now; configContext.Entry(foundClient).State = EntityState.Modified; // Update the redirect URL for this client var results = configContext.Set <ClientRedirectUri>().Where(c => c.ClientId == foundClient.Id).ToList(); if (results != null) { configContext.RemoveRange(results); } var newUri = new ClientRedirectUri(); newUri.Client = foundClient; newUri.ClientId = foundClient.Id; newUri.RedirectUri = model.CallbackUrl; configContext.Add(newUri); // Generate the origin for the callback Uri redirect = new Uri(model.CallbackUrl); string origin = redirect.Scheme + "://" + redirect.Host; // Update the allowed origin for this client var corsOrigins = configContext.Set <ClientCorsOrigin>().Where(c => c.ClientId == foundClient.Id).ToList(); if (corsOrigins != null) { configContext.RemoveRange(corsOrigins); } var newOrigin = new ClientCorsOrigin(); newOrigin.Client = foundClient; newOrigin.ClientId = foundClient.Id; newOrigin.Origin = origin; configContext.Add(newUri); // Update their allowed grants var curGrants = configContext.Set <ClientGrantType>().Where(c => c.ClientId == foundClient.Id).ToList(); if (curGrants != null) { configContext.RemoveRange(curGrants); } foreach (var grantType in model.AllowedGrants) { var newGrant = new ClientGrantType(); newGrant.Client = foundClient; newGrant.ClientId = foundClient.Id; newGrant.GrantType = grantType; configContext.Add(newGrant); } // Update their allowed scopes var curScopes = configContext.Set <ClientScope>().Where(c => c.ClientId == foundClient.Id).ToList(); if (curScopes != null) { configContext.RemoveRange(curScopes); } foreach (var scope in model.AllowedScopes) { var newScope = new ClientScope(); newScope.Client = foundClient; newScope.ClientId = foundClient.Id; newScope.Scope = scope; configContext.Add(newScope); } // Save all the changed configContext.SaveChanges(); // Clear the client cache RemoveCachedClient(model.ClientId); return(new JsonResult(new { success = true })); } return(new JsonResult(new { success = false, message = "Client does not exist." })); }
public static void ConfigurationDbContextSeed(this ModelBuilder modelBuilder) { var clientGrantTypeEntity = new ClientGrantType { Id = -1, GrantType = GrantType.ResourceOwnerPassword, ClientId = -1, }; var clientScopes = new[] { new ClientScope { ClientId = -1, Id = -1, Scope = "record-keep-api" }, new ClientScope { ClientId = -1, Id = -2, Scope = IdentityServerConstants.StandardScopes.OpenId }, new ClientScope { ClientId = -1, Id = -3, Scope = IdentityServerConstants.StandardScopes.Profile } }; var client = new Client { ClientId = "record-keep", AccessTokenType = AccessTokenType.Jwt, RequireClientSecret = false, AllowOfflineAccess = false, AllowAccessTokensViaBrowser = true }; var clientEntity = client.ToEntity(); clientEntity.Id = -1; var apiResourceClaimEntity = new ApiResourceClaim { Id = -1, ApiResourceId = -1, Type = JwtClaimTypes.Name }; var apiResourceScopesEntity = new ApiScope { Name = "record-keep-api", Id = -1, DisplayName = "Record Keep API", ApiResourceId = -1, }; var apiResource = new ApiResource { Name = "record-keep-api", DisplayName = "Record Keep API" }; var apiResourceEntity = apiResource.ToEntity(); apiResourceEntity.Id = -1; var openIdIdentity = new IdentityResources.OpenId().ToEntity(); var profileIdentity = new IdentityResources.Profile().ToEntity(); openIdIdentity.Id = -1; profileIdentity.Id = -2; var identityClaimOpenId = new IdentityClaim { Id = -1, Type = JwtClaimTypes.Subject, IdentityResourceId = -1 }; var identityClaims = new List <IdentityClaim> { identityClaimOpenId }; var index = -2; foreach (var claims in profileIdentity.UserClaims) { identityClaims.Add(new IdentityClaim { Id = index, Type = claims.Type, IdentityResourceId = -2, }); index--; } openIdIdentity.UserClaims = new List <IdentityClaim>(); profileIdentity.UserClaims = new List <IdentityClaim>(); modelBuilder.Entity <ClientGrantType>().HasData(clientGrantTypeEntity); modelBuilder.Entity <ClientScope>().HasData(clientScopes); modelBuilder.Entity <IdentityServer4.EntityFramework.Entities.Client>().HasData(clientEntity); modelBuilder.Entity <ApiResourceClaim>().HasData(apiResourceClaimEntity); modelBuilder.Entity <ApiScope>().HasData(apiResourceScopesEntity); modelBuilder.Entity <IdentityServer4.EntityFramework.Entities.ApiResource>().HasData(apiResourceEntity); modelBuilder.Entity <IdentityResource>().HasData(openIdIdentity, profileIdentity); modelBuilder.Entity <IdentityClaim>().HasData(identityClaims); }
public Task <string> UpdateGrantType(ClientGrantType dto) { throw new NotImplementedException(); }
public IActionResult Delete(Guid clientId, ClientGrantType grantType) { _clientService.RemoveAllowedGrantType(clientId, grantType); return(NoContent()); }
public IActionResult Create(Guid clientId, ClientGrantType grantType) { _clientService.AddAllowedGrantType(clientId, grantType); return(NoContent()); }
public void UpdateClientBasic(int id, ClientDto clientDto) { Client client = this.Session.Get <Client>(id); if (client == null) { throw new FluentValidationException($"客户端{id}不存在。"); } client.Description = clientDto.Description; client.ProtocolType = clientDto.ProtocolType; client.RequireClientSecret = clientDto.RequireClientSecret; client.RequirePkce = clientDto.RequirePkce; client.AllowPlainTextPkce = clientDto.AllowPlainTextPkce; client.AllowOfflineAccess = clientDto.AllowOfflineAccess; client.AllowAccessTokensViaBrowser = clientDto.AllowAccessTokensViaBrowser; client.Enabled = clientDto.Enabled; var transaction = this.Session.BeginTransaction(); try { this.Session.Update(client); this.Session.CreateQuery("delete from ClientScope where ClientId=:ClientId") .SetInt32("ClientId", id) .ExecuteUpdate(); clientDto.AllowedScopes.ForEach(scope => { ClientScope clientScope = new ClientScope(); clientScope.ClientId = client.Id; clientScope.Scope = scope; this.Session.Save(clientScope); }); this.Session.CreateQuery("delete from ClientRedirectUri where ClientId=:ClientId") .SetInt32("ClientId", id) .ExecuteUpdate(); clientDto.RedirectUris.ForEach(redirectUri => { ClientRedirectUri clientRedirectUri = new ClientRedirectUri(); clientRedirectUri.ClientId = client.Id; clientRedirectUri.RedirectUri = redirectUri; this.Session.Save(clientRedirectUri); }); this.Session.CreateQuery("delete from ClientGrantType where ClientId=:ClientId") .SetInt32("ClientId", id) .ExecuteUpdate(); clientDto.AllowedGrantTypes.ForEach(grantType => { ClientGrantType clientGrantType = new ClientGrantType(); clientGrantType.ClientId = client.Id; clientGrantType.GrantType = grantType; this.Session.Save(clientGrantType); }); transaction.Commit(); } catch (Exception) { transaction.Rollback(); throw; } }
public void RemoveAllowedGrantType(Guid id, ClientGrantType grantType) { PerformActionOnClient(id, c => c.RemoveAllowedGrantType(grantType)); }