public async Task <ClientPostLogoutRedirectUri> AddPostLogoutRedirectUri(ClientPostLogoutRedirectUri postLogoutRedirectUri, string clientId) { var client = await _context.Clients.SingleAsync(c => c.ClientId == clientId); postLogoutRedirectUri.Client = client; _context.ClientPostLogoutRedirectUris.Add(postLogoutRedirectUri); await _context.SaveChangesAsync(); return(postLogoutRedirectUri); }
public void UpdateClientAuthorization(int id, ClientDto clientDto) { Client client = this.Session.Get <Client>(id); if (client == null) { throw new FluentValidationException($"客户端{id}不存在。"); } client.FrontChannelLogoutUri = clientDto.FrontChannelLogoutUri; client.FrontChannelLogoutSessionRequired = clientDto.FrontChannelLogoutSessionRequired; client.BackChannelLogoutUri = clientDto.BackChannelLogoutUri; client.BackChannelLogoutSessionRequired = clientDto.BackChannelLogoutSessionRequired; client.EnableLocalLogin = clientDto.EnableLocalLogin; client.UserSsoLifetime = clientDto.UserSsoLifetime; var transaction = this.Session.BeginTransaction(); try { this.Session.Update(client); this.Session.CreateQuery("delete from ClientPostLogoutRedirectUri where ClientId=:ClientId") .SetInt32("ClientId", id) .ExecuteUpdate(); clientDto.PostLogoutRedirectUris.ForEach(postLogoutRedirectUri => { ClientPostLogoutRedirectUri clientPostLogoutRedirectUri = new ClientPostLogoutRedirectUri(); clientPostLogoutRedirectUri.ClientId = client.Id; clientPostLogoutRedirectUri.PostLogoutRedirectUri = postLogoutRedirectUri; this.Session.Save(clientPostLogoutRedirectUri); }); this.Session.CreateQuery("delete from ClientIdPRestriction where ClientId=:ClientId") .SetInt32("ClientId", id) .ExecuteUpdate(); clientDto.IdentityProviderRestrictions.ForEach(provider => { ClientIdPRestriction clientIdPRestriction = new ClientIdPRestriction(); clientIdPRestriction.ClientId = client.Id; clientIdPRestriction.Provider = provider; this.Session.Save(clientIdPRestriction); }); transaction.Commit(); } catch (Exception ex) { transaction.Rollback(); throw ex; } }
public async Task AddPostLogoutRedirectUri(string uri, int clientDbId) { var client = await _dbContext.Clients.FirstOrDefaultAsync(c => c.Id == clientDbId); if (client == null) { throw new ArgumentException($"No Client with id: {clientDbId}"); } var clientPostLogoutRedirectUri = new ClientPostLogoutRedirectUri { Uri = uri.ToLower(), Client = client }; _dbContext.ClientPostLogoutRedirectUris.Add(clientPostLogoutRedirectUri); await _dbContext.SaveChangesAsync(); }
private void AddClients(Client ct) { var client = new Client <Guid>() { AbsoluteRefreshTokenLifetime = ct.AbsoluteRefreshTokenLifetime, AccessTokenLifetime = ct.AccessTokenLifetime, AccessTokenType = ct.AccessTokenType, AllowAccessToAllGrantTypes = ct.AllowAccessToAllCustomGrantTypes, AllowAccessToAllScopes = ct.AllowAccessToAllScopes, AllowClientCredentialsOnly = ct.AllowClientCredentialsOnly, AllowPromptNone = ct.AllowPromptNone, AllowRememberConsent = ct.AllowRememberConsent, AlwaysSendClientClaims = ct.AlwaysSendClientClaims, AuthorizationCodeLifetime = ct.AuthorizationCodeLifetime, ClientId = ct.ClientId, ClientName = ct.ClientName, ClientUri = ct.ClientUri, EnableLocalLogin = ct.EnableLocalLogin, Enabled = ct.Enabled, Flow = ct.Flow, IdentityTokenLifetime = ct.IdentityTokenLifetime, IncludeJwtId = ct.IncludeJwtId, LogoUri = ct.LogoUri, LogoutSessionRequired = ct.LogoutSessionRequired, LogoutUri = ct.LogoutUri, PrefixClientClaims = ct.PrefixClientClaims, RefreshTokenExpiration = ct.RefreshTokenExpiration, RefreshTokenUsage = ct.RefreshTokenUsage, RequireConsent = ct.RequireConsent, //设置为true会有问题? SlidingRefreshTokenLifetime = ct.SlidingRefreshTokenLifetime, UpdateAccessTokenOnRefresh = ct.UpdateAccessTokenClaimsOnRefresh }; client.ClientSecrets = new List <ClientSecret <Guid> >(); client.AllowedScopes = new List <ClientScope <Guid> >(); client.RedirectUris = new List <ClientRedirectUri <Guid> >(); client.IdentityProviderRestrictions = new List <ClientProviderRestriction <Guid> >(); client.PostLogoutRedirectUris = new List <ClientPostLogoutRedirectUri <Guid> >(); client.AllowedCustomGrantTypes = new List <ClientCustomGrantType <Guid> >(); client.Claims = new List <ClientClaim <Guid> >(); client.AllowedCorsOrigins = new List <ClientCorsOrigin <Guid> >(); //Add Secrets foreach (var secret in ct.ClientSecrets) { var clientSecret = new ClientSecret <Guid>() { Description = secret.Description, Expiration = secret.Expiration.HasValue ? (DateTime?)secret.Expiration.Value.DateTime : null, Type = secret.Type, Value = secret.Value }; client.ClientSecrets.Add(clientSecret); } //Add Scopes foreach (var scope in ct.AllowedScopes) { var allowedScope = new ClientScope <Guid>() { Scope = scope }; client.AllowedScopes.Add(allowedScope); } //Add RedirectUris foreach (var redirectUri in ct.RedirectUris) { var clientRedirectUri = new ClientRedirectUri <Guid>() { Uri = redirectUri }; client.RedirectUris.Add(clientRedirectUri); } //Add ProviderRestrictions foreach (var provider in ct.IdentityProviderRestrictions) { var clientProviderRestriction = new ClientProviderRestriction <Guid>() { Provider = provider }; client.IdentityProviderRestrictions.Add(clientProviderRestriction); } //Add ClientPostLogoutRedirectUri foreach (var postLogoutRedirectUri in ct.PostLogoutRedirectUris) { var clientPostLogoutRedirectUri = new ClientPostLogoutRedirectUri <Guid>() { Uri = postLogoutRedirectUri }; client.PostLogoutRedirectUris.Add(clientPostLogoutRedirectUri); } //Add ClientCustomGrantTypes foreach (var customGrantType in ct.AllowedCustomGrantTypes) { var clientCustomerGrantType = new ClientCustomGrantType <Guid>() { GrantType = customGrantType }; client.AllowedCustomGrantTypes.Add(clientCustomerGrantType); } //Add ClientClaims foreach (var claim in ct.Claims) { var clientClaim = new ClientClaim <Guid>() { Type = claim.Type, Value = claim.Value }; client.Claims.Add(clientClaim); } //Add ClientCorsOrigins foreach (var corsOrigin in ct.AllowedCorsOrigins) { var clientCorsOrigin = new ClientCorsOrigin <Guid>() { Origin = corsOrigin }; client.AllowedCorsOrigins.Add(clientCorsOrigin); } _clientContext.Clients.Add(client); _clientContext.SaveChanges(); }
public Result <int> Update(ClientModel model, int id) { try { var result = new Result <int>(); var existingClient = clientContext.Clients .Where(x => x.Id == id) .Include(x => x.AllowedScopes) .Include(x => x.ClientSecrets) .Include(x => x.RedirectUris) .Include(x => x.PostLogoutRedirectUris) .Include(x => x.AllowedCorsOrigins) .Include(x => x.IdentityProviderRestrictions) .Include(x => x.Claims) .Include(x => x.AllowedCustomGrantTypes) .SingleOrDefault(); if (existingClient == null) { result.Exists = false; return(result); } var duplicateClientId = clientContext.Clients .Where(x => x.ClientId == model.ClientId) .FirstOrDefault(); if (duplicateClientId != null && duplicateClientId.Id != id) { throw new Exception("pre-existing clientid"); } clientContext.Entry(existingClient).CurrentValues.SetValues(model); // copy all values from object #region Update related properties var exRedirectUris = existingClient.RedirectUris.ToList(); //delete redirect uri's that have been removed foreach (var item in exRedirectUris) { if (!model.RedirectUris.Any(x => x.Id == item.Id)) { existingClient.RedirectUris.Remove(item); } } if (model.RedirectUris != null && model.RedirectUris.Any()) { //update and add new uris foreach (var item in model.RedirectUris) { var exRedirectUri = existingClient.RedirectUris.FirstOrDefault(x => x.Id == item.Id); if (exRedirectUri != null) { clientContext.Entry(exRedirectUri).CurrentValues.SetValues(item); } else { var redirectUri = new ClientRedirectUri { Uri = item.Uri, }; existingClient.RedirectUris.Add(redirectUri); } } } //delete post redirect uri's that have been removed var exPostRedirectUris = existingClient.PostLogoutRedirectUris.ToList(); foreach (var item in exPostRedirectUris) { if (!model.PostLogoutRedirectUris.Any(x => x.Id == item.Id)) { existingClient.PostLogoutRedirectUris.Remove(item); } } if (model.PostLogoutRedirectUris != null && model.PostLogoutRedirectUris.Any()) { foreach (var item in model.PostLogoutRedirectUris) { var exPostRedirectUri = existingClient.PostLogoutRedirectUris.FirstOrDefault(x => x.Id == item.Id); if (exPostRedirectUri != null) { clientContext.Entry(exPostRedirectUri).CurrentValues.SetValues(item); } else { var postRedirectUri = new ClientPostLogoutRedirectUri { Uri = item.Uri, }; existingClient.PostLogoutRedirectUris.Add(postRedirectUri); } } } //update and add new post redirect uris var exIdProvRestrictions = existingClient.IdentityProviderRestrictions.ToList(); foreach (var item in exIdProvRestrictions) { if (!model.IdentityProviderRestrictions.Any(x => x.Id == item.Id)) { existingClient.IdentityProviderRestrictions.Remove(item); } } if (model.IdentityProviderRestrictions != null && model.IdentityProviderRestrictions.Any()) { foreach (var item in model.IdentityProviderRestrictions) { var exIdProvRestriction = existingClient.IdentityProviderRestrictions.FirstOrDefault(x => x.Id == item.Id); if (exIdProvRestriction != null) { clientContext.Entry(exIdProvRestriction).CurrentValues.SetValues(item); } else { var IdentityProvRestriction = new ClientIdPRestriction { Provider = item.Provider, }; existingClient.IdentityProviderRestrictions.Add(exIdProvRestriction); } } } //update and add new post redirect uris //delete post redirect uri's that have been removed //delete allowed scopes that have been removed var exScopes = existingClient.AllowedScopes.ToList(); foreach (var item in exScopes) { if (!model.AllowedScopes.Any(x => x.Id == item.Id)) { existingClient.AllowedScopes.Remove(item); } } if (model.AllowedScopes != null && model.AllowedScopes.Any()) { foreach (var item in model.AllowedScopes) { var exScope = existingClient.AllowedScopes.FirstOrDefault(x => x.Id == item.Id); if (exScope != null) { clientContext.Entry(exScope).CurrentValues.SetValues(item); } else { var newScope = new ClientScope { Scope = item.Scope, }; existingClient.AllowedScopes.Add(newScope); } } } //delete client claims that have been removed var exClaims = existingClient.Claims.ToList(); foreach (var item in exClaims) { if (!model.Claims.Any(x => x.Id == item.Id)) { existingClient.Claims.Remove(item); } } if (model.Claims != null && model.Claims.Any()) { //update and add new post redirect uris foreach (var item in model.Claims) { var exClaim = existingClient.Claims.FirstOrDefault(x => x.Id == item.Id); if (exClaim != null) { clientContext.Entry(exClaim).CurrentValues.SetValues(item); } else { var newClaim = new ClientClaim { Type = item.Type, Value = item.Value }; existingClient.Claims.Add(newClaim); } } } //delete client claims that have been removed var exAllowedCors = existingClient.AllowedCorsOrigins.ToList(); foreach (var item in exAllowedCors) { if (!model.AllowedCorsOrigins.Any(x => x.Id == item.Id)) { existingClient.AllowedCorsOrigins.Remove(item); } } if (model.AllowedCorsOrigins != null && model.AllowedCorsOrigins.Any()) { //update and add new post redirect uris foreach (var item in model.AllowedCorsOrigins) { var exAllowedCor = existingClient.AllowedCorsOrigins.FirstOrDefault(x => x.Id == item.Id); if (exAllowedCor != null) { clientContext.Entry(exAllowedCor).CurrentValues.SetValues(item); } else { var newClientCor = new ClientCorsOrigin { Origin = item.Origin }; existingClient.AllowedCorsOrigins.Add(newClientCor); } } } //delete custom grant types that have been removed var exCustomGrants = existingClient.AllowedCustomGrantTypes.ToList(); foreach (var item in exCustomGrants) { if (!model.AllowedCustomGrantTypes.Any(x => x.Id == item.Id)) { existingClient.AllowedCustomGrantTypes.Remove(item); } } if (model.AllowedCustomGrantTypes != null && model.AllowedCustomGrantTypes.Any()) { //update and add new post redirect uris foreach (var item in model.AllowedCustomGrantTypes) { var exCustomGrant = existingClient.AllowedCustomGrantTypes.FirstOrDefault(x => x.Id == item.Id); if (exCustomGrant != null) { clientContext.Entry(exCustomGrant).CurrentValues.SetValues(item); } else { var newCustomGrant = new ClientCustomGrantType { GrantType = item.GrantType }; existingClient.AllowedCustomGrantTypes.Add(newCustomGrant); } } } //delete custom grant types that have been removed var exSecrets = existingClient.ClientSecrets.ToList(); foreach (var item in exSecrets) { if (!model.ClientSecrets.Any(x => x.Id == item.Id)) { existingClient.ClientSecrets.Remove(item); } } if (model.ClientSecrets != null && model.ClientSecrets.Any()) { //update and add new post redirect uris foreach (var item in model.ClientSecrets) { var exSecret = existingClient.ClientSecrets.FirstOrDefault(x => x.Id == item.Id); if (exSecret != null) { exSecret.Value = exSecret.Value; clientContext.Entry(exSecret).CurrentValues.SetValues(item); } else { var newSecret = new ClientSecret { Type = item.Type, Value = item.Value.Sha256(), Expiration = item.Expiration, Description = item.Description, }; existingClient.ClientSecrets.Add(newSecret); } } } #endregion clientContext.SaveChanges(); result.Exists = true; result.Response = existingClient.Id; result.CustomValue = existingClient.ClientName; return(result); } catch (Exception ex) { ErrorLogger.Log(ex); throw; } }
public async Task OnPostAsync() { // Arrange const string postLogoutRedirectUri1OriginalRedirectUri = "Original PostLogoutRedirectUri"; const string postLogoutRedirectUri1EditedRedirectUri = "Edited PostLogoutRedirectUri"; const string newPostLogoutRedirectUriRedirectUri = "New PostLogoutRedirectUri"; var databaseName = $"{DatabaseNamePrefix}.{nameof(OnPostAsync)}"; var options = new DbContextOptionsBuilder <IdentityServerDbContext>() .UseInMemoryDatabase(databaseName) .Options; PostLogoutRedirectUrisModel postLogoutRedirectUris; IActionResult post; var postLogoutRedirectUri1 = new ClientPostLogoutRedirectUri { Id = Random.Next(), PostLogoutRedirectUri = postLogoutRedirectUri1OriginalRedirectUri }; var postLogoutRedirectUri2 = new ClientPostLogoutRedirectUri { Id = Random.Next() }; var clientId = Random.Next(); var client = new Client { Id = clientId, PostLogoutRedirectUris = new List <ClientPostLogoutRedirectUri> { postLogoutRedirectUri1, postLogoutRedirectUri2 } }; using (var context = new IdentityServerDbContext(options, _configurationStoreOptions.Object, _operationalStoreOptions.Object)) { context.Add(client); await context.SaveChangesAsync().ConfigureAwait(false); } // Act using (var context = new IdentityServerDbContext(options, _configurationStoreOptions.Object, _operationalStoreOptions.Object)) { postLogoutRedirectUris = new PostLogoutRedirectUrisModel(context) { Client = new Client { Id = clientId, PostLogoutRedirectUris = new List <ClientPostLogoutRedirectUri> { new ClientPostLogoutRedirectUri { Id = postLogoutRedirectUri1.Id, PostLogoutRedirectUri = postLogoutRedirectUri1EditedRedirectUri }, new ClientPostLogoutRedirectUri { PostLogoutRedirectUri = newPostLogoutRedirectUriRedirectUri } } } }; post = await postLogoutRedirectUris.OnPostAsync().ConfigureAwait(false); } // Assert using (var context = new IdentityServerDbContext(options, _configurationStoreOptions.Object, _operationalStoreOptions.Object)) { client = await context.Clients .Include(x => x.PostLogoutRedirectUris) .SingleOrDefaultAsync(x => x.Id.Equals(clientId)) .ConfigureAwait(false); postLogoutRedirectUri1 = client.PostLogoutRedirectUris.SingleOrDefault(x => x.Id.Equals(postLogoutRedirectUri1.Id)); postLogoutRedirectUri2 = client.PostLogoutRedirectUris.SingleOrDefault(x => x.Id.Equals(postLogoutRedirectUri2.Id)); var newPostLogoutRedirectUri = client.PostLogoutRedirectUris.SingleOrDefault(x => x.PostLogoutRedirectUri.Equals(newPostLogoutRedirectUriRedirectUri)); Assert.NotNull(postLogoutRedirectUri1); Assert.Equal(postLogoutRedirectUri1EditedRedirectUri, postLogoutRedirectUri1.PostLogoutRedirectUri); Assert.Null(postLogoutRedirectUri2); Assert.NotNull(newPostLogoutRedirectUri); } var result = Assert.IsType <RedirectToPageResult>(post); Assert.Equal("../Details/PostLogoutRedirectUris", result.PageName); Assert.Collection(result.RouteValues, routeValue => { var(key, value) = routeValue; Assert.Equal(nameof(Client.Id), key); Assert.Equal(postLogoutRedirectUris.Client.Id, value); }); }
//Post-logout uri public static PostLogoutUrisModel ToModel(this ClientPostLogoutRedirectUri entity) { return(entity.MapTo <ClientPostLogoutRedirectUri, PostLogoutUrisModel>()); }