/// <inheritdoc/>
    public async Task SendLoginRequestAsync(BackchannelUserLoginRequest request)
    {
        var url = await _issuerNameService.GetCurrentAsync();

        url += "/ciba?id=" + request.InternalId;
        _logger.LogWarning("IBackchannelAuthenticationUserNotificationService not implemented. But for testing, visit {url} to simulate what a user might need to do to complete the request.", url);
    }
    public async Task <IActionResult> OnGet(string id)
    {
        LoginRequest = await _backchannelAuthenticationInteraction.GetLoginRequestByInternalIdAsync(id);

        if (LoginRequest == null)
        {
            _logger.LogWarning("Invalid backchannel login id {id}", id);
            return(RedirectToPage("/home/error/index"));
        }

        return(Page());
    }
Esempio n. 3
0
 private ViewModel BuildViewModelAsync(BackchannelUserLoginRequest request, string id, InputModel model = null)
 {
     if (request is null)
     {
         throw new InvalidOperationException(_localizer["Invalid login request id."]);
     }
     if (request.Subject.GetSubjectId() == User.GetSubjectId())
     {
         return(CreateConsentViewModel(model, id, request));
     }
     throw new InvalidOperationException(_localizer["SubjectIds don't match."]);
 }
Esempio n. 4
0
        private ViewModel CreateConsentViewModel(InputModel model,
                                                 string id,
                                                 BackchannelUserLoginRequest request)
        {
            var vm = new ViewModel
            {
                Input = new InputModel
                {
                    Id = id
                },
                ClientName     = request.Client.ClientName ?? request.Client.ClientId,
                ClientUrl      = request.Client.ClientUri,
                ClientLogoUrl  = request.Client.LogoUri,
                BindingMessage = request.BindingMessage
            };

            vm.IdentityScopes = request.ValidatedResources.Resources.IdentityResources
                                .Select(x => CreateScopeViewModel(x, model?.ScopesConsented == null || model.ScopesConsented?.Contains(x.Name) == true))
                                .ToArray();

            var resourceIndicators = request.RequestedResourceIndicators ?? Enumerable.Empty <string>();
            var apiResources       = request.ValidatedResources.Resources.ApiResources.Where(x => resourceIndicators.Contains(x.Name));

            var apiScopes = new List <ScopeViewModel>();

            foreach (var parsedScope in request.ValidatedResources.ParsedScopes)
            {
                var apiScope = request.ValidatedResources.Resources.FindApiScope(parsedScope.ParsedName);
                if (apiScope != null)
                {
                    var scopeVm = CreateScopeViewModel(parsedScope, apiScope, model == null || model.ScopesConsented?.Contains(parsedScope.RawValue) == true);
                    scopeVm.Resources = apiResources.Where(x => x.Scopes.Contains(parsedScope.ParsedName))
                                        .Select(x => new ResourceViewModel
                    {
                        Name        = x.Name,
                        DisplayName = x.DisplayName ?? x.Name,
                    }).ToArray();
                    apiScopes.Add(scopeVm);
                }
            }
            if (ConsentOptions.EnableOfflineAccess && request.ValidatedResources.Resources.OfflineAccess)
            {
                apiScopes.Add(GetOfflineAccessScope(model == null || model.ScopesConsented?.Contains(StandardScopes.OfflineAccess) == true));
            }
            vm.ApiScopes = apiScopes;

            return(vm);
        }
        public async Task SendLoginRequestAsync(BackchannelUserLoginRequest request)
        {
            var htmlMessage = await CreateMessage(request).ConfigureAwait(false);

            var subject = _localizer["Authorization request"];

            using var content = new StringContent(JsonSerializer.Serialize(new Email
            {
                Addresses = new string[] { request.Subject.FindFirst(c => c.Type == JwtClaimTypes.Email)?.Value },
                Message   = htmlMessage,
                Subject   = subject
            }), Encoding.UTF8, "application/json");
            using var response = await _httpClient.PostAsync(_options.Value.ApiUrl, content)
                                 .ConfigureAwait(false);

            response.EnsureSuccessStatusCode();
        }
        private async Task <string> CreateMessage(BackchannelUserLoginRequest request)
        {
            var client  = request.Client;
            var builder = new StringBuilder();

            if (client.LogoUri is not null)
            {
                builder.Append("<div><img src=\"");
                builder.Append(client.LogoUri);
                builder.Append("\"></div>");
            }

            builder.Append(_localizer["{0} is requesting your permission", client.ClientName]);

            if (!string.IsNullOrEmpty(request.BindingMessage))
            {
                builder.Append("<div>");
                builder.Append(_localizer["Verify that this identifier matches what the client is displaying: {0}", request.BindingMessage]);
                builder.Append("</div>");
            }

            builder.Append("<div>");
            builder.Append(_localizer[" Do you wish to continue?", client.ClientName]);
            builder.Append("</div>");

            var issuer = await _nameService.GetCurrentAsync().ConfigureAwait(false);

            if (!issuer.EndsWith('/'))
            {
                issuer += "/";
            }

            builder.Append("<div>");
            builder.Append("<a href =\"");
            builder.Append(issuer);
            builder.Append("ciba/consent?id=");
            builder.Append(request.InternalId);
            builder.Append("\">");
            builder.Append(_localizer["Yes, Continue"]);
            builder.Append("</a>");
            builder.Append("</div>");

            return(builder.ToString());
        }
Esempio n. 7
0
 public Task SendLoginRequestAsync(BackchannelUserLoginRequest request)
 {
     LoginRequest = request;
     return(Task.CompletedTask);
 }