/// <summary>
/// Validates the current request.
/// </summary>
/// <param name="context">The context.</param>
/// <returns></returns>
public async Task <ClientSecretValidationResult> ValidateAsync(HttpContext context)
{
_logger.LogDebug("Start client validation");
var fail = new ClientSecretValidationResult
{
IsError = true
};
var parsedSecret = await _parser.ParseAsync(context);
if (parsedSecret == null)
{
await RaiseFailureEventAsync("unknown", "No client id found");
_logger.LogError("No client identifier found");
return(fail);
}
// load client
var client = await _clients.FindEnabledClientByIdAsync(parsedSecret.Id);
if (client == null)
{
await RaiseFailureEventAsync(parsedSecret.Id, "Unknown client");
_logger.LogError("No client with id '{clientId}' found. aborting", parsedSecret.Id);
return(fail);
}
var form = (await context.Request.ReadFormAsync()).AsNameValueCollection();
var grantType = form.Get(OidcConstants.TokenRequest.GrantType);
if (grantType == OidcConstants.GrantTypes.RefreshToken)
{
// upcast;
ClientExtra clientExtra = client as ClientExtra;
if (!clientExtra.RequireRefreshClientSecret)
{
_logger.LogDebug("Public Client - skipping secret validation success");
_logger.LogDebug("Client validation success");
var success = new ClientSecretValidationResult
{
IsError = false,
Client = client,
Secret = parsedSecret
};
await RaiseSuccessEventAsync(client.ClientId, parsedSecret.Type);
return(success);
}
}
return(await StockClientSecretValidator.ValidateAsync(context));
}
/// <summary>
/// Determines whether a redirect URI is valid for a client.
/// </summary>
/// <param name="requestedUri">The requested URI.</param>
/// <param name="client">The client.</param>
/// <returns>
/// <c>true</c> is the URI is valid; <c>false</c> otherwise.
/// </returns>
public virtual Task <bool> IsRedirectUriValidAsync(string requestedUri, Client client)
{
try
{
ClientExtra clientExtra = client as ClientExtra;
if (clientExtra.AllowArbitraryLocalRedirectUris &&
(requestedUri.Contains("://127.0.0.1") || requestedUri.Contains("://localhost"))
)
{
return(Task.FromResult(true));
}
}
catch
{
// eatit
}
return(Task.FromResult(StringCollectionContainsString(client.RedirectUris, requestedUri)));
}
public async Task <IdentityResult> InsertClient(
TUser user,
ClientExtra model,
CancellationToken cancellationToken = default(CancellationToken))
{
cancellationToken.ThrowIfCancellationRequested();
ThrowIfDisposed();
model.ThrowIfNull(nameof(model));
try
{
var dto = model.ToNeo4jEntity();
var result = await AddClientToUserAsync(user, dto, cancellationToken);
if (!result.Succeeded)
{
return(result);
}
foreach (var mod in model.Claims)
{
var dtoClaim = mod.ToNeo4jEntity();
result = await AddClaimToClientAsync(dto, dtoClaim, cancellationToken);
if (!result.Succeeded)
{
return(result);
}
}
foreach (var mod in model.AllowedScopes)
{
var dtoScope = mod.ToNeo4jClientScopeEntity();
result = await AddScopeToClientAsync(dto, dtoScope, cancellationToken);
if (!result.Succeeded)
{
return(result);
}
}
foreach (var mod in model.ClientSecrets)
{
var dtoSecret = mod.ToNeo4jClientSecretEntity();
result = await AddSecretToClientAsync(dto, dtoSecret, cancellationToken);
if (!result.Succeeded)
{
return(result);
}
}
foreach (var mod in model.IdentityProviderRestrictions)
{
var dtoIdentityProviderRestrictions = mod.ToNeo4JClientIdpRestrictionEntity();
result = await AddIdPRestrictionToClientAsync(dto, dtoIdentityProviderRestrictions, cancellationToken);
if (!result.Succeeded)
{
return(result);
}
}
foreach (var mod in model.Properties)
{
var propertyDTO = mod.ToNeo4jClientPropertyEntity();
result = await AddPropertyToClientAsync(dto, propertyDTO, cancellationToken);
if (!result.Succeeded)
{
return(result);
}
}
foreach (var mod in model.AllowedCorsOrigins)
{
var allowedCorsOriginsDTO = mod.ToNeo4jClientCorsOriginEntity();
result = await AddCorsOriginToClientAsync(dto, allowedCorsOriginsDTO, cancellationToken);
if (!result.Succeeded)
{
return(result);
}
}
foreach (var mod in model.AllowedGrantTypes)
{
var allowedGrantTypesDTO = mod.ToNeo4jClientAllowedGrantTypeEntity();
result = await AddAllowedGrantTypeToClientAsync(dto, allowedGrantTypesDTO, cancellationToken);
if (!result.Succeeded)
{
return(result);
}
}
foreach (var mod in model.PostLogoutRedirectUris)
{
var postLogoutRedirectUrisDTO = mod.ToNeo4jClientPostLogoutRedirectUriEntity();
result = await AddPostLogoutRedirectUriToClientAsync(dto, postLogoutRedirectUrisDTO, cancellationToken);
if (!result.Succeeded)
{
return(result);
}
}
foreach (var mod in model.RedirectUris)
{
var redirectUriDTO = mod.ToNeo4jClientRedirectUriEntity();
result = await AddRedirectUriToClientAsync(dto, redirectUriDTO, cancellationToken);
if (!result.Succeeded)
{
return(result);
}
}
return(IdentityResult.Success);
}
catch (ClientException ex)
{
return(ex.ToIdentityResult());
}
// AddClientToUserAsync
}
public async Task OnGetAsync(int id)
{
TenantId = _sessionTenantAccessor.TenantId;
Entity = await _adminServices.GetClientByIdAsync(TenantId, id);
}
public Task TokenRevokedAsync(ClientExtra clientExtra, string subjectId)
{
return(Task.CompletedTask);
}
