private static async Task <Policy> GetPolicy(PolicyClientOptions options) { // discover endpoints from metadata var disco = await DiscoveryClient.GetAsync(options.IdentityServerEndpoint); if (disco.IsError) { throw new InvalidCredentialException("Invalid - " + disco.Error); } var tokenClient = new TokenClient(disco.TokenEndpoint, options.ClientId, options.ClientSecret); var tokenResponse = await tokenClient.RequestClientCredentialsAsync(options.PolicyServerApiName); if (tokenResponse.IsError) { throw new InvalidCredentialException("Invalid token - " + tokenResponse.Error); } // call policy server var client = new HttpClient(); client.SetBearerToken(tokenResponse.AccessToken); var response = await client.GetAsync($"{options.PolicyServerEndpoint}/policies/{options.PolicyName}?secret={options.PolicySecret}"); if (!response.IsSuccessStatusCode) { throw new HttpRequestException("Unsuccessful request - " + response.StatusCode); } var content = await response.Content.ReadAsStringAsync(); return(JsonConvert.DeserializeObject <Policy>(content)); }
public CachingPolicyClientService( PolicyClientOptions options, T inner, ICache <PolicyResult> cache, ILogger <CachingPolicyClientService <T> > logger ) { _options = options; _inner = inner; _cache = cache; _logger = logger; }
/// <summary> /// Adds the policy server client. /// </summary> /// <param name="services">The services.</param> /// <param name="policyClientOptions">Option settings</param> /// <returns></returns> public static PolicyServerBuilder AddPolicyServerClient(this IServiceCollection services, Action <PolicyClientOptions> policyClientOptions) { var options = new PolicyClientOptions(); policyClientOptions.Invoke(options); if (string.IsNullOrWhiteSpace(options.IdentityServerEndpoint)) { throw new InvalidOperationException("IdentityServerEndpoint is not configured"); } if (string.IsNullOrWhiteSpace(options.ClientId)) { throw new InvalidOperationException("ClientId is not configured"); } if (string.IsNullOrWhiteSpace(options.PolicyServerEndpoint)) { throw new InvalidOperationException("PolicyServerEndpoint is not configured"); } if (string.IsNullOrWhiteSpace(options.PolicyName)) { throw new InvalidOperationException("PolicyName is not configured"); } if (string.IsNullOrWhiteSpace(options.PolicySecret)) { throw new InvalidOperationException("PolicySecret is not configured"); } if (string.IsNullOrWhiteSpace(options.PolicyServerApiName)) { throw new InvalidOperationException("PolicyServerApiName is not configured"); } services.Configure(policyClientOptions); var policy = GetPolicy(options).Result; services.AddSingleton(policy); var policyAction = new Action <Policy>(x => { x.Roles = policy.Roles; x.Permissions = policy.Permissions; }); services.Configure(policyAction); services.AddTransient <IPolicyServerRuntimeClient, PolicyServerRuntimeClient>(); services.AddScoped(provider => provider.GetRequiredService <IOptionsSnapshot <Policy> >().Value); services.AddScoped(provider => provider.GetRequiredService <IOptionsSnapshot <PolicyClientOptions> >().Value); return(new PolicyServerBuilder(services)); }
public DefaultPolicyClientService( PolicyClientOptions options ) { _options = options; }