/// <summary>
/// Saves the authentication claim.
/// </summary>
/// <param name="authClaimId">The authentication claim identifier.</param>
private void SaveAuthClaim(int authClaimId)
{
var isNew = authClaimId.Equals(0);
var authScopeId = AuthScopeId;
if (authScopeId == null)
{
DisplayErrorMessage("The auth scope id is required to create a auth claim.");
return;
}
var authClaim = new AuthClaim();
var editAllowed = authClaim.IsAuthorized(Authorization.EDIT, CurrentPerson);
if (!editAllowed)
{
DisplayErrorMessage("The current user is not authorized to make changes.");
return;
}
using (var rockContext = new RockContext())
{
var authClaimService = new AuthClaimService(rockContext);
if (isNew)
{
authClaim.ScopeId = authScopeId.Value;
authClaimService.Add(authClaim);
}
else
{
authClaim = authClaimService.Get(authClaimId);
}
if (authClaim == null)
{
DisplayErrorMessage("The Auth Claim with the specified Id was found.");
return;
}
if (!authClaim.IsSystem)
{
authClaim.Name = tbClaimName.Text;
authClaim.Value = tbClaimValue.Text;
authClaim.IsActive = cbClaimActive.Checked;
}
authClaim.PublicName = tbClaimPublicName.Text;
rockContext.SaveChanges();
}
dlgClaimDetails.Hide();
BindGrid();
}
/// <summary>
/// Binds the grid.
/// </summary>
private void BindGrid()
{
var authScopeId = AuthScopeId;
if (authScopeId == null)
{
return;
}
using (var rockContext = new RockContext())
{
var authClaimService = new AuthClaimService(rockContext);
var authClaimQuery = authClaimService
.Queryable()
.AsNoTracking()
.Where(ac => ac.ScopeId == authScopeId);
if (tbName.Text.IsNotNullOrWhiteSpace())
{
authClaimQuery = authClaimQuery.Where(s => s.Name.Contains(tbName.Text));
}
if (tbPublicName.Text.IsNotNullOrWhiteSpace())
{
authClaimQuery = authClaimQuery.Where(s => s.PublicName.Contains(tbPublicName.Text));
}
if (ddlActiveFilter.SelectedIndex > -1)
{
switch (ddlActiveFilter.SelectedValue)
{
case "active":
authClaimQuery = authClaimQuery.Where(s => s.IsActive);
break;
case "inactive":
authClaimQuery = authClaimQuery.Where(s => !s.IsActive);
break;
}
}
// Sort
var sortProperty = gAuthClaims.SortProperty;
if (sortProperty == null)
{
sortProperty = new SortProperty(new GridViewSortEventArgs("Name", SortDirection.Ascending));
}
authClaimQuery = authClaimQuery.Sort(sortProperty);
gAuthClaims.SetLinqDataSource(authClaimQuery);
gAuthClaims.DataBind();
}
}
/// <summary>
/// Shows the detail.
/// </summary>
/// <param name="authClaimId">The authentication claim identifier.</param>
public void ShowDetail(int authClaimId)
{
AuthClaim authClaim = null;
var isNew = authClaimId.Equals(0);
if (!isNew)
{
dlgClaimDetails.Title = ActionTitle.Edit("Claim").FormatAsHtmlTitle();
using (var rockContext = new RockContext())
{
authClaim = new AuthClaimService(rockContext).Get(authClaimId);
}
}
else
{
dlgClaimDetails.Title = ActionTitle.Add("Claim").FormatAsHtmlTitle();
}
if (authClaim == null)
{
if (!isNew)
{
DisplayErrorMessage("The Auth Claim with the specified Id was found.");
return;
}
authClaim = new AuthClaim {
Id = 0, IsActive = true
};
}
hfAuthClaimId.Value = authClaim.Id.ToString();
tbClaimName.Text = authClaim.Name;
tbClaimPublicName.Text = authClaim.PublicName;
tbClaimValue.Text = authClaim.Value;
cbClaimActive.Checked = authClaim.IsActive;
nbEditModeMessage.Text = string.Empty;
if (authClaim.IsSystem)
{
tbClaimName.Enabled = false;
tbClaimValue.Visible = false;
cbClaimActive.Enabled = false;
nbEditModeMessage.Text = EditModeMessage.System(Rock.Model.AuthClaim.FriendlyTypeName);
}
dlgClaimDetails.Show();
}
/// <summary>
/// Gets the active claims.
/// </summary>
/// <param name="rockContext">The rock context.</param>
/// <returns></returns>
private IEnumerable <ClaimsModel> GetActiveClaims(RockContext rockContext)
{
var authClaimService = new AuthClaimService(rockContext);
return(authClaimService
.Queryable()
.AsNoTracking()
.Where(ac => ac.IsActive)
.Where(ac => ac.Scope.IsActive)
.Select(ac => new ClaimsModel
{
ClaimName = ac.Name,
ClaimPublicName = ac.PublicName,
ScopeName = ac.Scope.Name,
ScopePublicName = ac.Scope.PublicName
})
.OrderBy(ac => ac.ScopePublicName)
.ThenBy(ac => ac.ClaimName));
}
/// <summary>
/// Handles the Delete event of the gUserLogins control.
/// </summary>
/// <param name="sender">The source of the event.</param>
/// <param name="e">The <see cref="RowEventArgs" /> instance containing the event data.</param>
protected void gAuthClaims_Delete(object sender, RowEventArgs e)
{
bool canEdit = IsUserAuthorized(Authorization.EDIT);
if (canEdit)
{
using (var rockContext = new RockContext())
{
var authClaimService = new AuthClaimService(rockContext);
var authClaim = authClaimService.Get(e.RowKeyId);
if (authClaim != null)
{
authClaimService.Delete(authClaim);
rockContext.SaveChanges();
}
}
}
BindGrid();
}
/// <summary>
/// Gets the requested scopes.
/// </summary>
/// <returns></returns>
private List <string> GetRequestedScopes()
{
var scopes = new List <string> {
"Authorization"
};
var owinContext = Context.GetOwinContext();
var request = owinContext.GetOpenIdConnectRequest();
var requestedScopes = request.GetScopes();
var rockContext = new RockContext();
var authClientService = new AuthClientService(rockContext);
var clientAllowedClaims = authClientService
.Queryable()
.Where(ac => ac.ClientId == request.ClientId)
.Select(ac => ac.AllowedClaims).FirstOrDefault();
var parsedAllowedClientClaims = clientAllowedClaims.FromJsonOrNull <List <string> >();
if (parsedAllowedClientClaims == null)
{
return(new List <string>());
}
var authClaimService = new AuthClaimService(rockContext);
var activeAllowedClientClaims = authClaimService
.Queryable()
.Where(ac => parsedAllowedClientClaims.Contains(ac.Name))
.Where(ac => ac.IsActive)
.Where(ac => requestedScopes.Contains(ac.Scope.Name))
.Select(ac => new { Scope = ac.Scope.PublicName, Claim = ac.PublicName })
.GroupBy(ac => ac.Scope, ac => ac.Claim)
.ToList()
.Select(ac => new { Scope = ac.Key, Claims = string.Join(", ", ac.ToArray()) });
scopes.AddRange(activeAllowedClientClaims.Select(ac => ac.Scope == ac.Claims ? ac.Scope : ac.Scope + " (" + ac.Claims + ")"));
return(scopes);
//return scopeString.SplitDelimitedValues().ToList();
}
