private ICollection <string> BuildScopes()
{
var ret = new HashSet <string>();
foreach (var scope in AllowedScopes.Split('|'))
{
ret.Add(scope);
}
foreach (var api in ApiResource())
{
ret.Add(api.Name);
}
ret.Add(IdentityServerConstants.StandardScopes.OfflineAccess);
return(ret);
}
internal IdentityServer4.EntityFramework.Entities.Client ToClient()
{
var redirectUris = RedirectUris?.Split(new[] { "\r\n" }, StringSplitOptions.RemoveEmptyEntries)
.Where(cors => !string.IsNullOrWhiteSpace(cors) && cors.IsUrl()).ToList();
var allowedCorsOrigins = AllowedCorsOrigins?.Split(new[] { "\r\n" }, StringSplitOptions.RemoveEmptyEntries)
.Where(cors => !string.IsNullOrWhiteSpace(cors) && cors.IsUrl()).ToList();
var client = new Models.Client
{
AbsoluteRefreshTokenLifetime = AbsoluteRefreshTokenLifetime,
AccessTokenLifetime = AccessTokenLifetime,
AccessTokenType = AccessTokenType,
AllowAccessTokensViaBrowser = AllowAccessTokensViaBrowser,
AllowedCorsOrigins = allowedCorsOrigins,
AllowedGrantTypes = GetAllowedGrantTypes(),
AllowedScopes = AllowedScopes?.Split(new[] { " " }, StringSplitOptions.RemoveEmptyEntries)
.Where(cors => !string.IsNullOrWhiteSpace(cors)).ToList(),
AllowOfflineAccess = AllowOfflineAccess,
AllowPlainTextPkce = AllowPlainTextPkce,
AllowRememberConsent = AllowRememberConsent,
AlwaysIncludeUserClaimsInIdToken = AlwaysIncludeUserClaimsInIdToken,
AlwaysSendClientClaims = AlwaysSendClientClaims,
AuthorizationCodeLifetime = AuthorizationCodeLifetime,
BackChannelLogoutSessionRequired = BackChannelLogoutSessionRequired,
BackChannelLogoutUri = BackChannelLogoutUri,
ClientClaimsPrefix = ClientClaimsPrefix,
ClientId = ClientId,
ClientName = ClientName,
ClientUri = ClientUri,
ConsentLifetime = ConsentLifetime,
Description = Description,
DeviceCodeLifetime = DeviceCodeLifetime,
Enabled = Enabled,
EnableLocalLogin = EnableLocalLogin,
FrontChannelLogoutSessionRequired = FrontChannelLogoutSessionRequired,
FrontChannelLogoutUri = FrontChannelLogoutUri,
IdentityProviderRestrictions =
IdentityProviderRestrictions?.Split("\r\n", StringSplitOptions.RemoveEmptyEntries),
IdentityTokenLifetime = IdentityTokenLifetime,
IncludeJwtId = IncludeJwtId,
LogoUri = LogoUri,
PairWiseSubjectSalt = PairWiseSubjectSalt,
PostLogoutRedirectUris = PostLogoutRedirectUris?
.Split(new[] { "\r\n" }, StringSplitOptions.RemoveEmptyEntries)
.Where(cors => !string.IsNullOrWhiteSpace(cors) && cors.IsUrl()).ToList(),
// Properties
ProtocolType = ProtocolType,
RedirectUris = redirectUris,
RefreshTokenExpiration = RefreshTokenExpiration,
RefreshTokenUsage = RefreshTokenUsage,
RequireClientSecret = RequireClientSecret,
RequireConsent = RequireConsent,
RequirePkce = RequirePkce,
SlidingRefreshTokenLifetime = SlidingRefreshTokenLifetime,
UpdateAccessTokenClaimsOnRefresh = UpdateAccessTokenClaimsOnRefresh,
UserCodeType = UserCodeType,
UserSsoLifetime = UserSsoLifetime,
};
var secrets = ClientSecrets?.Split("\r\n", StringSplitOptions.RemoveEmptyEntries)
.Select(x => new Secret(x.Sha256())).ToList();
if (secrets != null && secrets.Count == 0)
{
client.ClientSecrets = secrets;
}
return(client.ToEntity());
}