public static ScopeViewModel CreateScopeViewModel(ParsedScopeValue parsedScopeValue, ApiScope apiScope, bool check) => new ScopeViewModel
{
Value = parsedScopeValue.RawValue,
DisplayName = apiScope.DisplayName ?? apiScope.Name,
Description = apiScope.Description,
Emphasize = apiScope.Emphasize,
Required = apiScope.Required,
Checked = check || apiScope.Required
};
public ScopeViewModel CreateScopeViewModel(ParsedScopeValue parsedScopeValue, ApiScope apiScope, bool check)
{
return(new ScopeViewModel {
Value = parsedScopeValue.RawValue,
// todo: use the parsed scope value in the display?
DisplayName = apiScope.DisplayName ?? apiScope.Name,
Description = apiScope.Description,
Emphasize = apiScope.Emphasize,
Required = apiScope.Required,
Checked = check || apiScope.Required
});
}
public ScopeViewModel CreateScopeViewModel(ParsedScopeValue parsedScopeValue, ApiScope apiScope, bool check)
{
return(new ScopeViewModel
{
Checked = check || apiScope.Required,
Description = apiScope.Description,
DisplayName = apiScope.DisplayName ?? apiScope.Name,
Emphasize = apiScope.Emphasize,
Required = apiScope.Required,
Value = parsedScopeValue.RawValue
});
}
public static ScopeViewModel CreateScopeViewModel(ParsedScopeValue parsedScopeValue, ApiScope apiScope, bool check)
{
var displayName = apiScope.DisplayName ?? apiScope.Name;
if (!string.IsNullOrWhiteSpace(parsedScopeValue.ParsedParameter))
{
displayName += ":" + parsedScopeValue.ParsedParameter;
}
return(new ScopeViewModel {
Value = parsedScopeValue.RawValue,
DisplayName = displayName,
Description = apiScope.Description,
Emphasize = apiScope.Emphasize,
Required = apiScope.Required,
Checked = check || apiScope.Required
});
}
private static AuthingScopeItem CreateApiScope(ParsedScopeValue parsedScopeValue, ApiScope apiScope, bool check)
{
var displayName = apiScope.DisplayName ?? apiScope.Name;
if (!string.IsNullOrWhiteSpace(parsedScopeValue.ParsedParameter))
{
displayName += ":" + parsedScopeValue.ParsedParameter;
}
return(new AuthingScopeItem
{
Value = parsedScopeValue.RawValue,
DisplayName = displayName,
Description = apiScope.Description,
Emphasize = apiScope.Emphasize,
Required = apiScope.Required,
Checked = check || apiScope.Required
});
}
/// <summary>
/// Validates that the requested scopes is contained in the store, and the client is allowed to request it.
/// </summary>
/// <param name="client"></param>
/// <param name="resourcesFromStore"></param>
/// <param name="requestedScope"></param>
/// <param name="result"></param>
/// <returns></returns>
protected virtual async Task ValidateScopeAsync(
Client client,
Resources resourcesFromStore,
ParsedScopeValue requestedScope,
ResourceValidationResult result)
{
if (requestedScope.ParsedName == IdentityServerConstants.StandardScopes.OfflineAccess)
{
if (await IsClientAllowedOfflineAccessAsync(client))
{
result.Resources.OfflineAccess = true;
result.ParsedScopes.Add(new ParsedScopeValue(IdentityServerConstants.StandardScopes.OfflineAccess));
}
else
{
result.InvalidScopes.Add(IdentityServerConstants.StandardScopes.OfflineAccess);
}
}
else
{
var identity = resourcesFromStore.FindIdentityResourcesByScope(requestedScope.ParsedName);
if (identity != null)
{
if (await IsClientAllowedIdentityResourceAsync(client, identity))
{
result.ParsedScopes.Add(requestedScope);
result.Resources.IdentityResources.Add(identity);
}
else
{
result.InvalidScopes.Add(requestedScope.RawValue);
}
}
else
{
var apiScope = resourcesFromStore.FindApiScope(requestedScope.ParsedName);
if (apiScope != null)
{
if (await IsClientAllowedApiScopeAsync(client, apiScope))
{
result.ParsedScopes.Add(requestedScope);
result.Resources.ApiScopes.Add(apiScope);
var apis = resourcesFromStore.FindApiResourcesByScope(apiScope.Name);
foreach (var api in apis)
{
result.Resources.ApiResources.Add(api);
}
}
else
{
result.InvalidScopes.Add(requestedScope.RawValue);
}
}
else
{
_logger.LogError("Scope {scope} not found in store or not supported by requested resource indicators.", requestedScope.ParsedName);
result.InvalidScopes.Add(requestedScope.RawValue);
}
}
}
}
public ScopeViewModel CreateScopeViewModel(ParsedScopeValue parsedScopeValue, ApiScope apiScope, bool check) =>
/// <inheritdoc /> public static async Task <TMetadata> ResolveMetadata <TMetadata>(this IParsedScopeMetadataService metadataService, ParsedScopeValue parsedScope, CultureInfo culture = null) where TMetadata : ParsedScopeMetadata => (TMetadata)(await metadataService.ResolveMetadata(parsedScope, culture));
protected virtual async Task ValidateScopeAsync(Client client, Resources resourcesFromStore, ParsedScopeValue requestedScope, ResourceValidationResult result)
{
if (requestedScope.ParsedName == "offline_access")
{
if (await IsClientAllowedOfflineAccessAsync(client))
{
result.Resources.OfflineAccess = true;
result.ParsedScopes.Add(new ParsedScopeValue("offline_access"));
}
else
{
result.InvalidScopes.Add("offline_access");
}
return;
}
IdentityResource identity = resourcesFromStore.FindIdentityResourcesByScope(requestedScope.ParsedName);
if (identity != null)
{
if (await IsClientAllowedIdentityResourceAsync(client, identity))
{
result.ParsedScopes.Add(requestedScope);
result.Resources.IdentityResources.Add(identity);
}
else
{
result.InvalidScopes.Add(requestedScope.RawValue);
}
return;
}
ApiScope apiScope = resourcesFromStore.FindApiScope(requestedScope.ParsedName);
if (apiScope != null)
{
if (await IsClientAllowedApiScopeAsync(client, apiScope))
{
result.ParsedScopes.Add(requestedScope);
result.Resources.ApiScopes.Add(apiScope);
foreach (ApiResource item in resourcesFromStore.FindApiResourcesByScope(apiScope.Name))
{
result.Resources.ApiResources.Add(item);
}
}
else
{
result.InvalidScopes.Add(requestedScope.RawValue);
}
}
else
{
_logger.LogError("Scope {scope} not found in store.", requestedScope.ParsedName);
result.InvalidScopes.Add(requestedScope.RawValue);
}
}
