private Identity.Clients.Models.ResourceDetail[] GetAll() { if (_all != null) { return(_all); } _all = _svc.LoadAll().Result; return(_all); }
public async Task <Client> FindClientByIdAsync(string clientId) { try { var model = await _svc.LoadDetail(clientId); var allowedScopes = _resources.LoadAll().Result .Where(r => r.Type == ResourceType.Identity && r.Default) .Select(r => r.Name) .ToArray(); foreach (string scope in allowedScopes) { if (model.Scopes.HasValue() && !model.Scopes.Contains(scope)) { model.Scopes += " " + scope; } } string clientUrl = model.RedirectUrls .Select(u => u.Value) .FirstOrDefault(); if (!string.IsNullOrEmpty(clientUrl)) { var url = new Uri(clientUrl); clientUrl = url.AbsoluteUri.Substring(0, url.AbsoluteUri.Length - url.AbsolutePath.Length); } Client client = new Client { // defaults // BackChannelLogoutSessionRequired = true, // FrontChannelLogoutSessionRequired = true, // IncludeJwtId = false, // EnableLocalLogin = true, // RequireClientSecret = true, // AccessTokenType = AccessTokenType.Jwt, // ProtocolType = "oidc", // AllowPlainTextPkce = false, RequireClientSecret = false, // client Enabled = model.Enabled, ClientId = model.Name, ClientName = model.DisplayName, Description = model.Description, AllowedGrantTypes = model.Grants.Split(" "), AllowedScopes = model.Scopes?.Split(" "), PairWiseSubjectSalt = model.PairWiseSubjectSalt, RequirePkce = model.RequirePkce, AllowAccessTokensViaBrowser = model.AllowAccessTokensViaBrowser, // consent behavior RequireConsent = model.RequireConsent, AllowRememberConsent = model.ConsentLifetime.ToSeconds() > 0, ConsentLifetime = model.ConsentLifetime.ToSeconds() > 0 ? model.ConsentLifetime.ToSeconds() : (int?)null, // token behavior AlwaysIncludeUserClaimsInIdToken = model.AlwaysIncludeUserClaimsInIdToken, IdentityTokenLifetime = model.IdentityTokenLifetime.ToSeconds(), AccessTokenLifetime = model.AccessTokenLifetime.ToSeconds(), AuthorizationCodeLifetime = model.AuthorizationCodeLifetime.ToSeconds(), // refresh behavior AllowOfflineAccess = model.AllowOfflineAccess, UpdateAccessTokenClaimsOnRefresh = model.UpdateAccessTokenClaimsOnRefresh, AbsoluteRefreshTokenLifetime = model.AbsoluteRefreshTokenLifetime.ToSeconds(), SlidingRefreshTokenLifetime = model.SlidingRefreshTokenLifetime.ToSeconds(), RefreshTokenUsage = model.UseOneTimeRefreshTokens ? TokenUsage.OneTimeOnly : TokenUsage.ReUse, RefreshTokenExpiration = model.SlidingRefreshTokenLifetime.ToSeconds() > 0 ? TokenExpiration.Sliding : TokenExpiration.Absolute, // client claims AlwaysSendClientClaims = model.AlwaysSendClientClaims, ClientClaimsPrefix = model.ClientClaimsPrefix, Claims = model.Claims.Select(c => new IdentityServer4.Models.ClientClaim(c.Type, c.Value)).ToArray(), // urls ClientUri = model.Url, LogoUri = model.LogoUrl, BackChannelLogoutUri = model.BackChannelLogoutUrl, FrontChannelLogoutUri = model.FrontChannelLogoutUrl, RedirectUris = model.RedirectUrls.Select(u => u.Value).ToArray(), PostLogoutRedirectUris = model.PostLogoutUrls.Select(u => u.Value).ToArray(), AllowedCorsOrigins = model.CorsUrls.Select(u => u.Value).ToArray(), // secrets ClientSecrets = model.Secrets.Select(s => new Secret { Value = s.Value, Expiration = s.Expiration, Type = s.Type, Description = s.Description }).ToArray(), }; if (client.AllowedCorsOrigins.Count == 0 && clientUrl.HasValue()) { client.AllowedCorsOrigins = new string[] { clientUrl } } ; return(client); } catch (Exception ex) { _logger.LogError(ex, "Error"); } return(null); }