private IHttpActionResult CreateConsentResult(
ValidatedAuthorizeRequest validatedRequest,
UserConsent consent,
NameValueCollection requestParameters,
string errorMessage)
{
var env = Request.GetOwinEnvironment();
var consentModel = new ConsentViewModel
{
SiteName = _options.SiteName,
SiteUrl = env.GetIdentityServerBaseUrl(),
ErrorMessage = errorMessage,
CurrentUser = User.GetName(),
ClientName = validatedRequest.Client.ClientName,
ClientUrl = validatedRequest.Client.ClientUri,
ClientLogoUrl = validatedRequest.Client.LogoUri != null ? validatedRequest.Client.LogoUri : null,
IdentityScopes = validatedRequest.GetIdentityScopes(),
ResourceScopes = validatedRequest.GetResourceScopes(),
AllowRememberConsent = validatedRequest.Client.AllowRememberConsent,
RememberConsent = consent != null ? consent.RememberConsent : true,
LoginWithDifferentAccountUrl = Url.Route(Constants.RouteNames.Oidc.SwitchUser, null).AddQueryString(requestParameters.ToQueryString()),
LogoutUrl = Url.Route(Constants.RouteNames.Oidc.EndSession, null),
ConsentUrl = Url.Route(Constants.RouteNames.Oidc.Consent, null).AddQueryString(requestParameters.ToQueryString()),
AntiForgery = AntiForgeryTokenValidator.GetAntiForgeryHiddenInput(Request.GetOwinEnvironment())
};
return(new ConsentActionResult(_viewService, consentModel));
}
private async Task <IHttpActionResult> RenderLoginPage(SignInMessage message, string signInMessageId, string errorMessage = null, string username = null, bool rememberMe = false)
{
if (message == null)
{
throw new ArgumentNullException("message");
}
username = username ?? GetLastUsernameFromCookie();
var providers = await GetExternalProviders(message, signInMessageId);
if (errorMessage != null)
{
Logger.InfoFormat("rendering login page with error message: {0}", errorMessage);
}
else
{
if (_authenticationOptions.EnableLocalLogin == false && providers.Count() == 1)
{
// no local login and only one provider -- redirect to provider
Logger.Info("no local login and only one provider -- redirect to provider");
var url = Request.GetOwinEnvironment().GetIdentityServerHost();
url += providers.First().Href;
return(Redirect(url));
}
else
{
Logger.Info("rendering login page");
}
}
var loginPageLinks = PrepareLoginPageLinks(signInMessageId, _authenticationOptions.LoginPageLinks);
var loginModel = new LoginViewModel
{
SiteName = _options.SiteName,
SiteUrl = Request.GetIdentityServerBaseUrl(),
CurrentUser = await GetNameFromPrimaryAuthenticationType(),
ExternalProviders = providers,
AdditionalLinks = loginPageLinks,
ErrorMessage = errorMessage,
LoginUrl = _options.AuthenticationOptions.EnableLocalLogin ? Url.Route(Constants.RouteNames.Login, new { signin = signInMessageId }) : null,
AllowRememberMe = _options.AuthenticationOptions.CookieOptions.AllowRememberMe,
RememberMe = _options.AuthenticationOptions.CookieOptions.AllowRememberMe && rememberMe,
LogoutUrl = Url.Route(Constants.RouteNames.Logout, null),
AntiForgery = AntiForgeryTokenValidator.GetAntiForgeryHiddenInput(Request.GetOwinEnvironment()),
Username = username
};
return(new LoginActionResult(_viewService, loginModel, message));
}
private async Task <IHttpActionResult> RenderLogoutPromptPage(string id = null)
{
var clientName = await GetClientNameFromSignOutMessageId(id);
var env = Request.GetOwinEnvironment();
var logoutModel = new LogoutViewModel
{
SiteName = _options.SiteName,
SiteUrl = env.GetIdentityServerBaseUrl(),
CurrentUser = await GetNameFromPrimaryAuthenticationType(),
LogoutUrl = Url.Route(Constants.RouteNames.Logout, new { id = id }),
AntiForgery = AntiForgeryTokenValidator.GetAntiForgeryHiddenInput(Request.GetOwinEnvironment()),
ClientName = clientName
};
return(new LogoutActionResult(_viewService, env, logoutModel));
}
private async Task <IHttpActionResult> RenderPermissionsPage(string error = null)
{
var env = Request.GetOwinEnvironment();
var clients = await this.clientPermissionsService.GetClientPermissionsAsync(User.GetSubjectId());
var vm = new ClientPermissionsViewModel
{
SiteName = options.SiteName,
SiteUrl = env.GetIdentityServerBaseUrl(),
CurrentUser = User.GetName(),
LogoutUrl = Url.Link(Constants.RouteNames.Logout, null),
RevokePermissionUrl = Url.Link(Constants.RouteNames.ClientPermissions, null),
AntiForgery = AntiForgeryTokenValidator.GetAntiForgeryHiddenInput(env),
Clients = clients,
ErrorMessage = error
};
return(new ClientPermissionsActionResult(this.viewSvc, Request.GetOwinEnvironment(), vm));
}