Esempio n. 1
0
        public async Task <ActionResult <RedirectResponse> > Consent(string consent_challenge)
        {
            var consent = await _hydra.GetConsentInfo(consent_challenge);

            var user = await _userManager.FindByNameAsync(consent.Subject);

            if (user == null)
            {
                var response = await _hydra.RejectConsent(new RejectRequest
                {
                    Error            = "user-not-found",
                    ErrorDescription = "no user match this subject",
                    ErrorDebug       = $"Subject {consent.Subject} is not found",
                    StatusCode       = 404,
                }, consent_challenge);

                return(BadRequest(response));
            }
            var roles = await _userManager.GetRolesAsync(user);

            var requestContent = new AcceptConsentRequest(consent, roles.ToArray(), user);
            var acceptResponse = await _hydra.AcceptConsent(requestContent, consent_challenge);

            var signInLog = await _db.SignInLogs.FirstAsync(u => u.LoginChallenge == consent.LoginChallenge);

            signInLog.ConsentChallenge  = consent_challenge;
            signInLog.RequestedScope    = string.Join(",", consent.RequestedScope);
            signInLog.GrantedScope      = string.Join(",", requestContent.GrantScope);
            signInLog.AcceptedConsentAt = DateTimeOffset.Now;
            _db.Update(signInLog);
            await _db.SaveChangesAsync();

            return(acceptResponse);
        }
Esempio n. 2
0
        public async Task <RedirectResponse> AcceptConsent(AcceptConsentRequest requestContent, string challenge)
        {
            var authURL              = $"{Constant.GetAuthURL()}/oauth2/auth/requests/consent/accept?consent_challenge={challenge}";
            var client               = GetClient();
            var requestBodyString    = JsonSerializer.Serialize(requestContent);
            var stringRequestContent = new StringContent(requestBodyString, Encoding.UTF8, "application/json");
            var response             = await client.PutAsync(authURL, stringRequestContent);

            var stringContent = await response.Content.ReadAsStringAsync();

            if (response.StatusCode == HttpStatusCode.OK)
            {
                var acceptResponse = JsonSerializer.Deserialize <RedirectResponse>(stringContent);
                return(acceptResponse);
            }
            throw new Exception(stringContent);
        }
Esempio n. 3
0
        public async Task <ActionResult <AcceptConsentResponse> > Consent(string consent_challenge)
        {
            var consent = await _hydra.GetConsentInfo(consent_challenge);

            var user = await _userManager.FindByIdAsync(consent.Subject);

            if (user == null)
            {
                return(BadRequest(IDPErrors.UserNotFound));
            }
            var roles = await _userManager.GetRolesAsync(user);

            // var roles = new[] { "user.admin", "user.get" };
            var requestContent = new AcceptConsentRequest(consent, roles.ToArray(), user);
            var acceptResponse = await _hydra.AcceptConsent(requestContent, consent_challenge);

            return(acceptResponse);
        }