private ConsentViewModel CreateConsentViewModel( ConsentInputModel model, string returnUrl, AuthorizationRequest request) { var vm = new ConsentViewModel { RememberConsent = model?.RememberConsent ?? true, ScopesConsented = model?.ScopesConsented ?? Enumerable.Empty <string>(), Description = model?.Description, ReturnUrl = returnUrl, ClientName = request.Client.ClientName ?? request.Client.ClientId, ClientUrl = request.Client.ClientUri, ClientLogoUrl = request.Client.LogoUri, AllowRememberConsent = request.Client.AllowRememberConsent }; vm.IdentityScopes = request.ValidatedResources.Resources.IdentityResources.Select(x => CreateScopeViewModel(x, vm.ScopesConsented.Contains(x.Name) || model == null)).ToArray(); var apiScopes = new List <ScopeViewModel>(); foreach (var parsedScope in request.ValidatedResources.ParsedScopes) { var apiScope = request.ValidatedResources.Resources.FindApiScope(parsedScope.ParsedName); if (apiScope != null) { var scopeVm = CreateScopeViewModel(parsedScope, apiScope, vm.ScopesConsented.Contains(parsedScope.RawValue) || model == null); apiScopes.Add(scopeVm); } } if (ConsentOptions.EnableOfflineAccess && request.ValidatedResources.Resources.OfflineAccess) { apiScopes.Add(GetOfflineAccessScope(vm.ScopesConsented.Contains(IdentityServer4.IdentityServerConstants.StandardScopes.OfflineAccess) || model == null)); } vm.ApiScopes = apiScopes; return(vm); }
// GET: Consent public ActionResult Index() { var consent = consentInfoProvider.Get(TrackingConsentGenerator.CONSENT_NAME); if (consent != null) { var model = new ConsentViewModel { ConsentShortText = consent.GetConsentText(Thread.CurrentThread.CurrentUICulture.Name).ShortText }; var contact = ContactManagementContext.CurrentContact; if ((contact != null) && consentAgreementService.IsAgreed(contact, consent)) { model.IsConsentAgreed = true; } return(PartialView("_TrackingConsent", model)); } return(new EmptyResult()); }
private ConsentViewModel CreateConsentViewModel( ConsentInputModel model, string returnUrl, AuthorizationRequest request, Client client, Resources resources) { var viewModel = new ConsentViewModel { RememberConsent = model?.RememberConsent ?? true, ScopesConsented = model?.ScopesConsented ?? Enumerable.Empty <string>(), ReturnUrl = returnUrl, ClientName = client.ClientName ?? client.ClientId, ClientUrl = client.ClientUri, ClientLogoUrl = client.LogoUri, AllowRememberConsent = client.AllowRememberConsent }; viewModel.IdentityScopes = resources.IdentityResources .Select(x => CreateScopeViewModel(x, viewModel.ScopesConsented.Contains(x.Name) || model == null)) .ToArray(); viewModel.ResourceScopes = resources.ApiResources .SelectMany(x => x.Scopes) .Select(x => CreateScopeViewModel(x, viewModel.ScopesConsented.Contains(x.Name) || model == null)) .ToArray(); if (ConsentOptions.EnableOfflineAccess && resources.OfflineAccess) { viewModel.ResourceScopes = viewModel.ResourceScopes .Union(new[] { GetOfflineAccessScope( viewModel.ScopesConsented.Contains(IdentityServer4.IdentityServerConstants.StandardScopes.OfflineAccess) || model == null) }); } return(viewModel); }
//配置ConsentViewModel private ConsentViewModel CreateConsentViewModel( ConsentInputModel model, string returnUrl, AuthorizationRequest request, Client client, Resources resources) { var vm = new ConsentViewModel(); vm.RememberConsent = model?.RememberConsent ?? true; vm.ScopesConsented = model?.ScopesConsented ?? Enumerable.Empty <string>(); vm.ReturnUrl = returnUrl; vm.ClientName = client.ClientName ?? client.ClientId; vm.ClientUrl = client.ClientUri; vm.ClientLogoUrl = client.LogoUri; vm.AllowRememberConsent = client.AllowRememberConsent; vm.IdentityScopes = resources.IdentityResources.Select(x => CreateScopeViewModel(x, vm.ScopesConsented.Contains(x.Name) || model == null)).ToArray(); vm.ResourceScopes = resources.ApiResources.SelectMany(x => x.Scopes).Select(x => CreateScopeViewModel(x, vm.ScopesConsented.Contains(x.Name) || model == null)).ToArray(); return(vm); }
public async Task <ConsentViewModel> BuildConsentViewModel(string returnUrl) { var request = await _identityServerInteractionService.GetAuthorizationContextAsync(returnUrl); if (request == null) { return(null); } var client = await _clientStore.FindClientByIdAsync(request.ClientId); var resource = await _resourceStore.FindEnabledResourcesByScopeAsync(request.ScopesRequested); ConsentViewModel model = new ConsentViewModel(); model.ClientName = client.ClientName; model.ClientLogoUrl = client.LogoUri; model.IdentityScopes = resource.IdentityResources.Select(r => new ScopeViewModel { Name = r.Name, DisplayName = r.DisplayName, Description = r.Description, Checked = r.Required, Required = r.Required, Emphasize = r.Emphasize }); model.ResorceScopes = resource.ApiResources.SelectMany(x => x.Scopes) .Select(r => new ScopeViewModel { Name = r.Name, DisplayName = r.DisplayName, Description = r.Description, Checked = r.Required, Required = r.Required, Emphasize = r.Emphasize }); model.ReturnUrl = returnUrl; return(model); }
public ConsentViewModel GetConsentViewModel(string returnUrl, ClientViewModel client, IList <ScopeViewModel> scopes, IList <IdentityResourceViewModel> identityResources) { var selectableIdentityResources = m_genericViewModelFactory.GetSelectableViewmodelList(identityResources); selectableIdentityResources.ForEach(x => x.IsSelected = x.Item.Required); var selectableScopes = m_genericViewModelFactory.GetSelectableViewmodelList(scopes); selectableScopes.ForEach(x => x.IsSelected = x.Item.Required); var viewModel = new ConsentViewModel { RememberConsent = true, ReturnUrl = returnUrl, Client = client, IdentityResources = selectableIdentityResources, Scopes = selectableScopes, }; return(viewModel); }
public async Task <IActionResult> Index(ConsentViewModel model) { var result = await ProcessConsent(model); if (result.IsRedirect) { if (await _clientStore.IsPkceClientAsync(result.ClientId)) { // if the client is PKCE then we assume it's native, so this change in how to // return the response is for better UX for the end user. return(View("Redirect", result.RedirectUri)); } return(Redirect(result.RedirectUri)); } if (result.HasValidationError) { ModelState.AddModelError("", result.ValidationError); } return(View("Error")); }
public static ConsentModel ToModel(this ConsentViewModel model) { if (model == null) { return(null); } var entity = new ConsentModel { SignatureId = model.SignatureId, SignatureBlob = Convert.FromBase64String(model.SignatureBlob), ContactId = model.ContactId, AuthorizedBy = model.AuthorizedBy, ContactName = model.ContactName, ContactDateofBirth = model.ContactDateofBirth, IsActive = model.IsActive, ModifiedOn = model.ModifiedOn, ModifiedBy = model.ModifiedBy, ForceRollback = model.ForceRollback }; return(entity); }
public async Task <IActionResult> Index(ConsentViewModel model) { if (model is null) { throw new ArgumentNullException(nameof(model)); } if (!ModelState.IsValid) { return(View(model)); } var returnUrl = model.ReturnUrl; var result = await _consentService.GrantConsent(returnUrl, User.GetSubjectId()); if (result.IsSuccess) { return(Redirect(returnUrl.ToString())); } return(View("Error")); }
private IHttpActionResult CreateConsentResult( ValidatedAuthorizeRequest validatedRequest, UserConsent consent, NameValueCollection requestParameters, string errorMessage) { string loginWithDifferentAccountUrl = null; if (validatedRequest.HasIdpAcrValue() == false) { loginWithDifferentAccountUrl = Url.Route(Constants.RouteNames.Oidc.SwitchUser, null) .AddQueryString(requestParameters.ToQueryString()); } var env = Request.GetOwinEnvironment(); var consentModel = new ConsentViewModel { RequestId = env.GetRequestId(), SiteName = _options.SiteName, SiteUrl = env.GetIdentityServerBaseUrl(), ErrorMessage = errorMessage, CurrentUser = env.GetCurrentUserDisplayName(), LogoutUrl = env.GetIdentityServerLogoutUrl(), ClientName = validatedRequest.Client.ClientName, ClientUrl = validatedRequest.Client.ClientUri, ClientLogoUrl = validatedRequest.Client.LogoUri, IdentityScopes = validatedRequest.GetIdentityScopes(this._localizationService), ResourceScopes = validatedRequest.GetResourceScopes(this._localizationService), AllowRememberConsent = validatedRequest.Client.AllowRememberConsent, RememberConsent = consent == null || consent.RememberConsent, LoginWithDifferentAccountUrl = loginWithDifferentAccountUrl, ConsentUrl = Url.Route(Constants.RouteNames.Oidc.Consent, null).AddQueryString(requestParameters.ToQueryString()), AntiForgery = _antiForgeryToken.GetAntiForgeryToken() }; return(new ConsentActionResult(_viewService, consentModel, validatedRequest)); }
public async Task <ConsentViewModel> BuildConsentViewModel(string returnUrl) { var request = await _identityServerInteractionService.GetAuthorizationContextAsync(returnUrl); if (request == null) { return(null); } var client = await _clientStore.FindEnabledClientByIdAsync(request.ClientId); if (client == null) { return(null); } var resources = await _resourceStore.FindEnabledResourcesByScopeAsync(request.ScopesRequested); if (resources == null) { return(null); } var consentViewModel = new ConsentViewModel(); consentViewModel.ClientName = client.ClientName; consentViewModel.ClientLogoUrl = client.LogoUri; consentViewModel.ClientUrl = client.ClientUri; consentViewModel.AllowRememberConsent = client.AllowRememberConsent; consentViewModel.IdentityScopes = resources.IdentityResources.Select(p => CreateScopViewModel(p)); consentViewModel.ResourceScopes = resources.ApiResources.SelectMany(p => p.Scopes).Select(p => CreateScopViewModel(p)); consentViewModel.ReturnUrl = returnUrl; return(consentViewModel); }
private async Task <ConsentViewModel> CreateConsentViewModel( ConsentInputModel model, string returnUrl, AuthorizationRequest request, Client client, Resources resources) { var vm = new ConsentViewModel { RememberConsent = model?.RememberConsent ?? true, ScopesConsented = model?.ScopesConsented ?? Enumerable.Empty <string>(), ReturnUrl = returnUrl, ClientName = client.ClientName ?? client.ClientId, ClientUrl = client.ClientUri, ClientLogoUrl = client.LogoUri, AllowRememberConsent = client.AllowRememberConsent }; UserModel user = await _userManager.GetUserAsync(HttpContext.User); if (user == null) { throw new AuthenticationException("Invalid login info."); } vm.IdentityScopes = resources.IdentityResources.Select(x => CreateScopeViewModel(x, user, vm.ScopesConsented.Contains(x.Name) || model == null)).ToArray(); vm.ResourceScopes = resources.ApiResources.SelectMany(x => x.Scopes).Select(x => CreateScopeViewModel(x, vm.ScopesConsented.Contains(x.Name) || model == null)).ToArray(); if (ConsentOptions.EnableOfflineAccess && resources.OfflineAccess) { vm.ResourceScopes = vm.ResourceScopes.Union(new ScopeViewModel[] { GetOfflineAccessScope(vm.ScopesConsented.Contains(IdentityServer4.IdentityServerConstants.StandardScopes.OfflineAccess) || model == null) }); } return(vm); }
public Task <Stream> Consent(ConsentViewModel model, ValidatedAuthorizeRequest authorizeRequest) { return(Task.FromResult(RunTemplate("consent", model, authorizeRequest.ClientId))); }
private ConsentViewModel BuildConsentViewModel(ConsentInputModel model, Client client, Resources resources, string returnUrl) { var scopesConsented = (model?.ScopesConsented ?? new string[0]).ToList(); var identityScopes = resources.IdentityResources.Select(ir => new Scope ( ir.Name, ir.DisplayName, ir.Description, scopesConsented.Contains(ir.Name) || model == null || ir.Required, ir.Emphasize, ir.Required )) .ToList(); var resourceScopes = resources.ApiResources.SelectMany(ar => ar.Scopes).Select(s => new Scope ( s.Name, s.DisplayName, s.Description, scopesConsented.Contains(s.Name) || model == null || s.Required, s.Emphasize, s.Required )) .ToList(); if (ConsentConfig.EnableOfflineAccess && resources.OfflineAccess) { resourceScopes = resourceScopes.Union(new[] { new Scope ( IdentityServerConstants.StandardScopes.OfflineAccess, "Offline access", "Access to your applications and resources, even when you are offline", scopesConsented.Contains(IdentityServerConstants.StandardScopes.OfflineAccess) || model == null, true, false ) }) .ToList(); } var viewModel = new ConsentViewModel ( client.ClientName ?? client.ClientId, client.ClientUri, client.LogoUri, identityScopes, resourceScopes, client.AllowRememberConsent ) { RememberConsent = model?.RememberConsent ?? true, ReturnUrl = returnUrl, ScopesConsented = scopesConsented }; return(viewModel); }
public async Task <IActionResult> Consent([FromForm] ConsentInputModel inputModel) { ConsentResponse grantedConsent = null; string returnUrl = null; string validationError = null; ConsentViewModel viewModel = null; if (inputModel.GrantConsent) { if (inputModel.ScopesConsented != null && inputModel.ScopesConsented.Any()) { var scopes = inputModel.ScopesConsented; if (ConsentConfig.EnableOfflineAccess == false) { scopes = scopes.Where(s => s != IdentityServerConstants.StandardScopes.OfflineAccess); } grantedConsent = new ConsentResponse { RememberConsent = inputModel.RememberConsent, ScopesConsented = scopes.ToList() }; } else { validationError = "You must pick at least one permission"; } } else { grantedConsent = ConsentResponse.Denied; } if (grantedConsent != null) { var authorizationRequest = await _interactionService.GetAuthorizationContextAsync(inputModel.ReturnUrl); if (authorizationRequest != null) { await _interactionService.GrantConsentAsync(authorizationRequest, grantedConsent); returnUrl = inputModel.ReturnUrl; } } else { viewModel = await BuildConsentViewModelAsync(inputModel.ReturnUrl, inputModel); } if (viewModel != null) { if (validationError != null) { ModelState.AddModelError("", "Error granting consent"); } return(View("Consent", viewModel)); } if (returnUrl != null) { return(Redirect(returnUrl)); } return(View("Error")); }
/// <summary> /// Loads the HTML for the user consent page. /// </summary> /// <param name="model">The model.</param> /// <param name="authorizeRequest">The validated authorize request.</param> /// <returns> /// Stream for the HTML /// </returns> public virtual Task <Stream> Consent(ConsentViewModel model, ValidatedAuthorizeRequest authorizeRequest) { return(Render(model, ConsentView)); }
public ConsentActionResult(IViewService viewSvc, IDictionary <string, object> env, ConsentViewModel model) : base(async() => await viewSvc.Consent(env, model)) { if (viewSvc == null) { throw new ArgumentNullException("viewSvc"); } if (env == null) { throw new ArgumentNullException("env"); } if (model == null) { throw new ArgumentNullException("model"); } }
public Response <ConsentViewModel> AddConsentSignature(ConsentViewModel consentModel) { return(consentRepository.AddConsentSignature(consentModel)); }
private void PolicyLinkBtn_Click(object sender, EventArgs e) { ConsentViewModel.OpenPrivacyPolicyLink(); }
/// <summary> /// Loads the HTML for the user consent page. /// </summary> /// <param name="model"> /// The model. /// </param> /// <returns> /// The <see cref="ActionResult"/>. /// </returns> public ActionResult Consent(ConsentViewModel model) { return(this.View(model)); }
public async Task <IActionResult> OnGet(string returnUrl) { ConsentVM = await BuildViewModelAsync(returnUrl); return(Page()); }
public virtual Task <Stream> Consent(ConsentViewModel model, ValidatedAuthorizeRequest authorizeRequest) { throw new NotImplementedException(); }
public async Task <IActionResult> GenerateAuthorisationCode([FromBody] ConsentViewModel vm) { if (!ModelState.IsValid) { return(new JsonResult(new { status = 400, message = "Validation failed", data = ModelState }) { StatusCode = StatusCodes.Status400BadRequest }); } Application application = await _applicationService.FindAsync(vm.ApplicationId); if (application == null) { return(new JsonResult(new { status = 400, message = "Invalid application id specified - please provide the application's GUID and not it's client id" }) { StatusCode = StatusCodes.Status400BadRequest }); } User user = (User)HttpContext.Items["User"]; /* * At this point we've verified the application ID being sent back is legitimate and that user is logged * in - indicating they have instructed us to generate an authorisation code for this application to * access their account. * * At this point we must validate this claim - if there is no user application record found, * the user has likely not been through the OAuth prompt and this request should be immediately * dropped since this request is malicious. */ UserApplication userApplication = await _userApplicationService.FindByUserAndApplicationAsync(user, application); if (userApplication == null) { return(new JsonResult(new { status = 400, message = "No user application link found - applications are not allowed to link to accounts " + "without explicit user consent!" }) { StatusCode = StatusCodes.Status403Forbidden }); } AuthorisationCode authCode = await _authorisationCodeService.CreateAsync(user, application); /* * At this point in the process the user has consented to this application getting access * to their account and an authorisation token has been created, the user will be sent * back to the client with this authorisation token */ await _userApplicationService.AuthoriseApplicationAsync(user, application); return(Ok(new { status = 200, message = "Authorisation code generated successfully", data = new { authorisationCode = authCode.Code } })); }
partial void PrivacyPolicy_TouchUpInside(UIButton sender) { ConsentViewModel.OpenPrivacyPolicyLink(); }
void OnPrivacyPolicyPressed(object sender, EventArgs eventArgs) { ConsentViewModel.OpenPrivacyPolicyLink(); }
public virtual Task<System.IO.Stream> Consent(IDictionary<string, object> env, ConsentViewModel model) { return Render(model, "consent"); }
public virtual Task <Stream> Consent(IDictionary <string, object> env, ConsentViewModel model) { return(Render(model, "consent")); }
private async Task <ProcessConsentResult> BuildProcessConsentResultAsync(ConsentResponse grantedConsent, ConsentViewModel model, AuthorizationRequest request) { // communicate outcome of consent back to identityserver await _interaction.GrantConsentAsync(request, grantedConsent); // indicate that's it ok to redirect back to authorization endpoint return(new ProcessConsentResult(model.ReturnUrl, request.ClientId)); }
/// <summary> /// Loads the HTML for the user consent page. /// </summary> /// <param name="model">The model.</param> /// <returns> /// Stream for the HTML /// </returns> public virtual Task <Stream> Consent(ConsentViewModel model) { return(Render(model, "consent")); }
public Task <Stream> Consent(ConsentViewModel model, ValidatedAuthorizeRequest authorizeRequest) { return(Render(model, "consent")); }