Exemple #1
0
        private async Task <OpenIdServerSettings> GetServerSettingsAsync(IOpenIdServerService service)
        {
            var settings = await service.GetSettingsAsync();

            if ((await service.ValidateSettingsAsync(settings)).Any(result => result != ValidationResult.Success))
            {
                _logger.LogWarning("The OpenID Connect module is not correctly configured.");

                return(null);
            }

            return(settings);
        }
Exemple #2
0
        public override async Task <IDisplayResult> UpdateAsync(OpenIdServerSettings settings, IUpdateModel updater, string groupId)
        {
            var user = _httpContextAccessor.HttpContext?.User;

            if (user == null || !await _authorizationService.AuthorizeAsync(user, Permissions.ManageServerSettings))
            {
                return(null);
            }

            if (groupId == SettingsGroupId)
            {
                var model = new OpenIdServerSettingsViewModel();
                await updater.TryUpdateModelAsync(model, Prefix);

                settings.TestingModeEnabled          = model.TestingModeEnabled;
                settings.AccessTokenFormat           = model.AccessTokenFormat;
                settings.Authority                   = model.Authority;
                settings.CertificateStoreLocation    = model.CertificateStoreLocation;
                settings.CertificateStoreName        = model.CertificateStoreName;
                settings.CertificateThumbprint       = model.CertificateThumbprint;
                settings.EnableTokenEndpoint         = model.EnableTokenEndpoint;
                settings.EnableAuthorizationEndpoint = model.EnableAuthorizationEndpoint;
                settings.EnableLogoutEndpoint        = model.EnableLogoutEndpoint;
                settings.EnableUserInfoEndpoint      = model.EnableUserInfoEndpoint;
                settings.AllowPasswordFlow           = model.AllowPasswordFlow;
                settings.AllowClientCredentialsFlow  = model.AllowClientCredentialsFlow;
                settings.AllowAuthorizationCodeFlow  = model.AllowAuthorizationCodeFlow;
                settings.AllowRefreshTokenFlow       = model.AllowRefreshTokenFlow;
                settings.AllowImplicitFlow           = model.AllowImplicitFlow;
                settings.UseRollingTokens            = model.UseRollingTokens;

                foreach (var result in await _serverService.ValidateSettingsAsync(settings))
                {
                    if (result != ValidationResult.Success)
                    {
                        var key = result.MemberNames.FirstOrDefault() ?? string.Empty;
                        updater.ModelState.AddModelError(key, result.ErrorMessage);
                    }
                }

                // If the settings are valid, reload the current tenant.
                if (updater.ModelState.IsValid)
                {
                    _shellHost.ReloadShellContext(_shellSettings);
                }
            }

            return(Edit(settings));
        }
        public async Task <IActionResult> IndexPost()
        {
            if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageServerSettings))
            {
                return(Forbid());
            }

            var settings = await _serverService.GetSettingsAsync();

            var shape = await _serverSettingsDisplayManager.UpdateEditorAsync(settings, updater : _updateModelAccessor.ModelUpdater, isNew : false);

            if (!ModelState.IsValid)
            {
                return(View(shape));
            }

            foreach (var result in await _serverService.ValidateSettingsAsync(settings))
            {
                if (result != ValidationResult.Success)
                {
                    var key = result.MemberNames.FirstOrDefault() ?? string.Empty;
                    ModelState.AddModelError(key, result.ErrorMessage);
                }
            }

            if (!ModelState.IsValid)
            {
                return(View(shape));
            }

            await _serverService.UpdateSettingsAsync(settings);

            _notifier.Success(H["OpenID server configuration successfully updated."]);

            await _shellHost.ReloadShellContextAsync(_shellSettings);

            return(RedirectToAction(nameof(Index)));
        }
Exemple #4
0
        public override async Task <IDisplayResult> UpdateAsync(OpenIdServerSettings settings, BuildEditorContext context)
        {
            var user = _httpContextAccessor.HttpContext?.User;

            if (user == null || !await _authorizationService.AuthorizeAsync(user, Permissions.ManageServerSettings))
            {
                return(null);
            }

            if (context.GroupId == SettingsGroupId)
            {
                var model = new OpenIdServerSettingsViewModel();
                await context.Updater.TryUpdateModelAsync(model, Prefix);

                settings.TestingModeEnabled = model.TestingModeEnabled;
                settings.AccessTokenFormat  = model.AccessTokenFormat;
                settings.Authority          = model.Authority;

                settings.CertificateStoreLocation = model.CertificateStoreLocation;
                settings.CertificateStoreName     = model.CertificateStoreName;
                settings.CertificateThumbprint    = model.CertificateThumbprint;

                settings.AuthorizationEndpointPath = model.EnableAuthorizationEndpoint ?
                                                     new PathString("/connect/authorize") : PathString.Empty;
                settings.LogoutEndpointPath = model.EnableLogoutEndpoint ?
                                              new PathString("/connect/logout") : PathString.Empty;
                settings.TokenEndpointPath = model.EnableTokenEndpoint ?
                                             new PathString("/connect/token") : PathString.Empty;
                settings.UserinfoEndpointPath = model.EnableUserInfoEndpoint ?
                                                new PathString("/connect/userinfo") : PathString.Empty;

                if (model.AllowAuthorizationCodeFlow)
                {
                    settings.GrantTypes.Add(GrantTypes.AuthorizationCode);
                }
                else
                {
                    settings.GrantTypes.Remove(GrantTypes.AuthorizationCode);
                }

                if (model.AllowImplicitFlow)
                {
                    settings.GrantTypes.Add(GrantTypes.Implicit);
                }
                else
                {
                    settings.GrantTypes.Remove(GrantTypes.Implicit);
                }

                if (model.AllowClientCredentialsFlow)
                {
                    settings.GrantTypes.Add(GrantTypes.ClientCredentials);
                }
                else
                {
                    settings.GrantTypes.Remove(GrantTypes.ClientCredentials);
                }

                if (model.AllowPasswordFlow)
                {
                    settings.GrantTypes.Add(GrantTypes.Password);
                }
                else
                {
                    settings.GrantTypes.Remove(GrantTypes.Password);
                }

                if (model.AllowRefreshTokenFlow)
                {
                    settings.GrantTypes.Add(GrantTypes.RefreshToken);
                }
                else
                {
                    settings.GrantTypes.Remove(GrantTypes.RefreshToken);
                }

                settings.UseRollingTokens = model.UseRollingTokens;

                foreach (var result in await _serverService.ValidateSettingsAsync(settings))
                {
                    if (result != ValidationResult.Success)
                    {
                        var key = result.MemberNames.FirstOrDefault() ?? string.Empty;
                        context.Updater.ModelState.AddModelError(key, result.ErrorMessage);
                    }
                }

                // If the settings are valid, reload the current tenant.
                if (context.Updater.ModelState.IsValid)
                {
                    await _shellHost.ReloadShellContextAsync(_shellSettings);
                }
            }

            return(await EditAsync(settings, context));
        }