private void AddOrUpdateClientRedirectUrl(Client currentClient, string modelRedirectUrl) { // Ensure the client redirect url collection is not null if (currentClient.RedirectUris == null) { currentClient.RedirectUris = new List <ClientRedirectUri>(); } // Currently, the api works with only one client redirect uri. ClientRedirectUri currentClientRedirectUri = currentClient.RedirectUris.FirstOrDefault(); // Add new redirectUri if ((currentClientRedirectUri != null && currentClientRedirectUri.RedirectUri != modelRedirectUrl) || currentClientRedirectUri == null) { // Remove all redirect uris as we may have only one. currentClient.RedirectUris.Clear(); currentClient.RedirectUris.Add(new ClientRedirectUri() { Client = currentClient, RedirectUri = modelRedirectUrl }); } }
public HttpResponseMessage Post(string id, ClientRedirectModel model) { if (!ModelState.IsValid) { return(Request.CreateResponse(HttpStatusCode.BadRequest, ModelState.GetErrors())); } var client = this.config.Clients.All.SingleOrDefault(x => x.ClientId == id); if (client == null) { return(Request.CreateResponse(HttpStatusCode.NotFound)); } var item = new ClientRedirectUri { Uri = model.Uri, Description = model.Description }; client.RedirectUris.Add(item); this.config.SaveChanges(); var response = Request.CreateResponse(HttpStatusCode.OK, item); return(response); }
public async Task <ClientRedirectUri> AddRedirectUri(ClientRedirectUri redirectUri, string clientId) { var client = await _context.Clients.SingleAsync(c => c.ClientId == clientId); redirectUri.Client = client; _context.ClientRedirectUris.Add(redirectUri); await _context.SaveChangesAsync(); return(redirectUri); }
public async Task AddRedirectUri(string uri, int clientDbId) { var client = await _dbContext.Clients.FirstOrDefaultAsync(c => c.Id == clientDbId); if (client == null) { throw new ArgumentException($"No Client with id: {clientDbId}"); } var clientRedirectUri = new ClientRedirectUri { Uri = uri.ToLower(), Client = client }; _dbContext.ClientRedirectUri.Add(clientRedirectUri); await _dbContext.SaveChangesAsync(); }
public async Task OnPostAsync() { // Arrange const string redirectUri1OriginalRedirectUri = "Original RedirectUri"; const string redirectUri1EditedRedirectUri = "Edited RedirectUri"; const string newRedirectUriRedirectUri = "New RedirectUri"; var databaseName = $"{DatabaseNamePrefix}.{nameof(OnPostAsync)}"; var options = new DbContextOptionsBuilder <IdentityServerDbContext>() .UseInMemoryDatabase(databaseName) .Options; RedirectUrisModel redirectUris; IActionResult post; var redirectUri1 = new ClientRedirectUri { Id = Random.Next(), RedirectUri = redirectUri1OriginalRedirectUri }; var redirectUri2 = new ClientRedirectUri { Id = Random.Next() }; var clientId = Random.Next(); var client = new Client { Id = clientId, RedirectUris = new List <ClientRedirectUri> { redirectUri1, redirectUri2 } }; using (var context = new IdentityServerDbContext(options, _configurationStoreOptions.Object, _operationalStoreOptions.Object)) { context.Add(client); await context.SaveChangesAsync().ConfigureAwait(false); } // Act using (var context = new IdentityServerDbContext(options, _configurationStoreOptions.Object, _operationalStoreOptions.Object)) { redirectUris = new RedirectUrisModel(context) { Client = new Client { Id = clientId, RedirectUris = new List <ClientRedirectUri> { new ClientRedirectUri { Id = redirectUri1.Id, RedirectUri = redirectUri1EditedRedirectUri }, new ClientRedirectUri { RedirectUri = newRedirectUriRedirectUri } } } }; post = await redirectUris.OnPostAsync().ConfigureAwait(false); } // Assert using (var context = new IdentityServerDbContext(options, _configurationStoreOptions.Object, _operationalStoreOptions.Object)) { client = await context.Clients .Include(x => x.RedirectUris) .SingleOrDefaultAsync(x => x.Id.Equals(clientId)) .ConfigureAwait(false); redirectUri1 = client.RedirectUris.SingleOrDefault(x => x.Id.Equals(redirectUri1.Id)); redirectUri2 = client.RedirectUris.SingleOrDefault(x => x.Id.Equals(redirectUri2.Id)); var newRedirectUri = client.RedirectUris.SingleOrDefault(x => x.RedirectUri.Equals(newRedirectUriRedirectUri)); Assert.NotNull(redirectUri1); Assert.Equal(redirectUri1EditedRedirectUri, redirectUri1.RedirectUri); Assert.Null(redirectUri2); Assert.NotNull(newRedirectUri); } var result = Assert.IsType <RedirectToPageResult>(post); Assert.Equal("../Details/RedirectUris", result.PageName); Assert.Collection(result.RouteValues, routeValue => { var(key, value) = routeValue; Assert.Equal(nameof(Client.Id), key); Assert.Equal(redirectUris.Client.Id, value); }); }
private void AddClients(Client ct) { var client = new Client <Guid>() { AbsoluteRefreshTokenLifetime = ct.AbsoluteRefreshTokenLifetime, AccessTokenLifetime = ct.AccessTokenLifetime, AccessTokenType = ct.AccessTokenType, AllowAccessToAllGrantTypes = ct.AllowAccessToAllCustomGrantTypes, AllowAccessToAllScopes = ct.AllowAccessToAllScopes, AllowClientCredentialsOnly = ct.AllowClientCredentialsOnly, AllowPromptNone = ct.AllowPromptNone, AllowRememberConsent = ct.AllowRememberConsent, AlwaysSendClientClaims = ct.AlwaysSendClientClaims, AuthorizationCodeLifetime = ct.AuthorizationCodeLifetime, ClientId = ct.ClientId, ClientName = ct.ClientName, ClientUri = ct.ClientUri, EnableLocalLogin = ct.EnableLocalLogin, Enabled = ct.Enabled, Flow = ct.Flow, IdentityTokenLifetime = ct.IdentityTokenLifetime, IncludeJwtId = ct.IncludeJwtId, LogoUri = ct.LogoUri, LogoutSessionRequired = ct.LogoutSessionRequired, LogoutUri = ct.LogoutUri, PrefixClientClaims = ct.PrefixClientClaims, RefreshTokenExpiration = ct.RefreshTokenExpiration, RefreshTokenUsage = ct.RefreshTokenUsage, RequireConsent = ct.RequireConsent, //设置为true会有问题? SlidingRefreshTokenLifetime = ct.SlidingRefreshTokenLifetime, UpdateAccessTokenOnRefresh = ct.UpdateAccessTokenClaimsOnRefresh }; client.ClientSecrets = new List <ClientSecret <Guid> >(); client.AllowedScopes = new List <ClientScope <Guid> >(); client.RedirectUris = new List <ClientRedirectUri <Guid> >(); client.IdentityProviderRestrictions = new List <ClientProviderRestriction <Guid> >(); client.PostLogoutRedirectUris = new List <ClientPostLogoutRedirectUri <Guid> >(); client.AllowedCustomGrantTypes = new List <ClientCustomGrantType <Guid> >(); client.Claims = new List <ClientClaim <Guid> >(); client.AllowedCorsOrigins = new List <ClientCorsOrigin <Guid> >(); //Add Secrets foreach (var secret in ct.ClientSecrets) { var clientSecret = new ClientSecret <Guid>() { Description = secret.Description, Expiration = secret.Expiration.HasValue ? (DateTime?)secret.Expiration.Value.DateTime : null, Type = secret.Type, Value = secret.Value }; client.ClientSecrets.Add(clientSecret); } //Add Scopes foreach (var scope in ct.AllowedScopes) { var allowedScope = new ClientScope <Guid>() { Scope = scope }; client.AllowedScopes.Add(allowedScope); } //Add RedirectUris foreach (var redirectUri in ct.RedirectUris) { var clientRedirectUri = new ClientRedirectUri <Guid>() { Uri = redirectUri }; client.RedirectUris.Add(clientRedirectUri); } //Add ProviderRestrictions foreach (var provider in ct.IdentityProviderRestrictions) { var clientProviderRestriction = new ClientProviderRestriction <Guid>() { Provider = provider }; client.IdentityProviderRestrictions.Add(clientProviderRestriction); } //Add ClientPostLogoutRedirectUri foreach (var postLogoutRedirectUri in ct.PostLogoutRedirectUris) { var clientPostLogoutRedirectUri = new ClientPostLogoutRedirectUri <Guid>() { Uri = postLogoutRedirectUri }; client.PostLogoutRedirectUris.Add(clientPostLogoutRedirectUri); } //Add ClientCustomGrantTypes foreach (var customGrantType in ct.AllowedCustomGrantTypes) { var clientCustomerGrantType = new ClientCustomGrantType <Guid>() { GrantType = customGrantType }; client.AllowedCustomGrantTypes.Add(clientCustomerGrantType); } //Add ClientClaims foreach (var claim in ct.Claims) { var clientClaim = new ClientClaim <Guid>() { Type = claim.Type, Value = claim.Value }; client.Claims.Add(clientClaim); } //Add ClientCorsOrigins foreach (var corsOrigin in ct.AllowedCorsOrigins) { var clientCorsOrigin = new ClientCorsOrigin <Guid>() { Origin = corsOrigin }; client.AllowedCorsOrigins.Add(clientCorsOrigin); } _clientContext.Clients.Add(client); _clientContext.SaveChanges(); }
public Result <int> Update(ClientModel model, int id) { try { var result = new Result <int>(); var existingClient = clientContext.Clients .Where(x => x.Id == id) .Include(x => x.AllowedScopes) .Include(x => x.ClientSecrets) .Include(x => x.RedirectUris) .Include(x => x.PostLogoutRedirectUris) .Include(x => x.AllowedCorsOrigins) .Include(x => x.IdentityProviderRestrictions) .Include(x => x.Claims) .Include(x => x.AllowedCustomGrantTypes) .SingleOrDefault(); if (existingClient == null) { result.Exists = false; return(result); } var duplicateClientId = clientContext.Clients .Where(x => x.ClientId == model.ClientId) .FirstOrDefault(); if (duplicateClientId != null && duplicateClientId.Id != id) { throw new Exception("pre-existing clientid"); } clientContext.Entry(existingClient).CurrentValues.SetValues(model); // copy all values from object #region Update related properties var exRedirectUris = existingClient.RedirectUris.ToList(); //delete redirect uri's that have been removed foreach (var item in exRedirectUris) { if (!model.RedirectUris.Any(x => x.Id == item.Id)) { existingClient.RedirectUris.Remove(item); } } if (model.RedirectUris != null && model.RedirectUris.Any()) { //update and add new uris foreach (var item in model.RedirectUris) { var exRedirectUri = existingClient.RedirectUris.FirstOrDefault(x => x.Id == item.Id); if (exRedirectUri != null) { clientContext.Entry(exRedirectUri).CurrentValues.SetValues(item); } else { var redirectUri = new ClientRedirectUri { Uri = item.Uri, }; existingClient.RedirectUris.Add(redirectUri); } } } //delete post redirect uri's that have been removed var exPostRedirectUris = existingClient.PostLogoutRedirectUris.ToList(); foreach (var item in exPostRedirectUris) { if (!model.PostLogoutRedirectUris.Any(x => x.Id == item.Id)) { existingClient.PostLogoutRedirectUris.Remove(item); } } if (model.PostLogoutRedirectUris != null && model.PostLogoutRedirectUris.Any()) { foreach (var item in model.PostLogoutRedirectUris) { var exPostRedirectUri = existingClient.PostLogoutRedirectUris.FirstOrDefault(x => x.Id == item.Id); if (exPostRedirectUri != null) { clientContext.Entry(exPostRedirectUri).CurrentValues.SetValues(item); } else { var postRedirectUri = new ClientPostLogoutRedirectUri { Uri = item.Uri, }; existingClient.PostLogoutRedirectUris.Add(postRedirectUri); } } } //update and add new post redirect uris var exIdProvRestrictions = existingClient.IdentityProviderRestrictions.ToList(); foreach (var item in exIdProvRestrictions) { if (!model.IdentityProviderRestrictions.Any(x => x.Id == item.Id)) { existingClient.IdentityProviderRestrictions.Remove(item); } } if (model.IdentityProviderRestrictions != null && model.IdentityProviderRestrictions.Any()) { foreach (var item in model.IdentityProviderRestrictions) { var exIdProvRestriction = existingClient.IdentityProviderRestrictions.FirstOrDefault(x => x.Id == item.Id); if (exIdProvRestriction != null) { clientContext.Entry(exIdProvRestriction).CurrentValues.SetValues(item); } else { var IdentityProvRestriction = new ClientIdPRestriction { Provider = item.Provider, }; existingClient.IdentityProviderRestrictions.Add(exIdProvRestriction); } } } //update and add new post redirect uris //delete post redirect uri's that have been removed //delete allowed scopes that have been removed var exScopes = existingClient.AllowedScopes.ToList(); foreach (var item in exScopes) { if (!model.AllowedScopes.Any(x => x.Id == item.Id)) { existingClient.AllowedScopes.Remove(item); } } if (model.AllowedScopes != null && model.AllowedScopes.Any()) { foreach (var item in model.AllowedScopes) { var exScope = existingClient.AllowedScopes.FirstOrDefault(x => x.Id == item.Id); if (exScope != null) { clientContext.Entry(exScope).CurrentValues.SetValues(item); } else { var newScope = new ClientScope { Scope = item.Scope, }; existingClient.AllowedScopes.Add(newScope); } } } //delete client claims that have been removed var exClaims = existingClient.Claims.ToList(); foreach (var item in exClaims) { if (!model.Claims.Any(x => x.Id == item.Id)) { existingClient.Claims.Remove(item); } } if (model.Claims != null && model.Claims.Any()) { //update and add new post redirect uris foreach (var item in model.Claims) { var exClaim = existingClient.Claims.FirstOrDefault(x => x.Id == item.Id); if (exClaim != null) { clientContext.Entry(exClaim).CurrentValues.SetValues(item); } else { var newClaim = new ClientClaim { Type = item.Type, Value = item.Value }; existingClient.Claims.Add(newClaim); } } } //delete client claims that have been removed var exAllowedCors = existingClient.AllowedCorsOrigins.ToList(); foreach (var item in exAllowedCors) { if (!model.AllowedCorsOrigins.Any(x => x.Id == item.Id)) { existingClient.AllowedCorsOrigins.Remove(item); } } if (model.AllowedCorsOrigins != null && model.AllowedCorsOrigins.Any()) { //update and add new post redirect uris foreach (var item in model.AllowedCorsOrigins) { var exAllowedCor = existingClient.AllowedCorsOrigins.FirstOrDefault(x => x.Id == item.Id); if (exAllowedCor != null) { clientContext.Entry(exAllowedCor).CurrentValues.SetValues(item); } else { var newClientCor = new ClientCorsOrigin { Origin = item.Origin }; existingClient.AllowedCorsOrigins.Add(newClientCor); } } } //delete custom grant types that have been removed var exCustomGrants = existingClient.AllowedCustomGrantTypes.ToList(); foreach (var item in exCustomGrants) { if (!model.AllowedCustomGrantTypes.Any(x => x.Id == item.Id)) { existingClient.AllowedCustomGrantTypes.Remove(item); } } if (model.AllowedCustomGrantTypes != null && model.AllowedCustomGrantTypes.Any()) { //update and add new post redirect uris foreach (var item in model.AllowedCustomGrantTypes) { var exCustomGrant = existingClient.AllowedCustomGrantTypes.FirstOrDefault(x => x.Id == item.Id); if (exCustomGrant != null) { clientContext.Entry(exCustomGrant).CurrentValues.SetValues(item); } else { var newCustomGrant = new ClientCustomGrantType { GrantType = item.GrantType }; existingClient.AllowedCustomGrantTypes.Add(newCustomGrant); } } } //delete custom grant types that have been removed var exSecrets = existingClient.ClientSecrets.ToList(); foreach (var item in exSecrets) { if (!model.ClientSecrets.Any(x => x.Id == item.Id)) { existingClient.ClientSecrets.Remove(item); } } if (model.ClientSecrets != null && model.ClientSecrets.Any()) { //update and add new post redirect uris foreach (var item in model.ClientSecrets) { var exSecret = existingClient.ClientSecrets.FirstOrDefault(x => x.Id == item.Id); if (exSecret != null) { exSecret.Value = exSecret.Value; clientContext.Entry(exSecret).CurrentValues.SetValues(item); } else { var newSecret = new ClientSecret { Type = item.Type, Value = item.Value.Sha256(), Expiration = item.Expiration, Description = item.Description, }; existingClient.ClientSecrets.Add(newSecret); } } } #endregion clientContext.SaveChanges(); result.Exists = true; result.Response = existingClient.Id; result.CustomValue = existingClient.ClientName; return(result); } catch (Exception ex) { ErrorLogger.Log(ex); throw; } }
//Redirect uri public static RedirectUrisModel ToModel(this ClientRedirectUri entity) { return(entity.MapTo <ClientRedirectUri, RedirectUrisModel>()); }
public IActionResult EditClient(EditClientModel model, [FromServices] ConfigurationDbContext configContext) { // Validate it's an actual client var foundClient = configContext.Clients.Where(c => c.ClientId == model.ClientId).FirstOrDefault(); if (foundClient != null) { foundClient.ClientName = model.Name; foundClient.ClientUri = model.HomepageUrl; foundClient.LogoUri = model.LogoUrl; foundClient.Updated = DateTime.Now; configContext.Entry(foundClient).State = EntityState.Modified; // Update the redirect URL for this client var results = configContext.Set <ClientRedirectUri>().Where(c => c.ClientId == foundClient.Id).ToList(); if (results != null) { configContext.RemoveRange(results); } var newUri = new ClientRedirectUri(); newUri.Client = foundClient; newUri.ClientId = foundClient.Id; newUri.RedirectUri = model.CallbackUrl; configContext.Add(newUri); // Generate the origin for the callback Uri redirect = new Uri(model.CallbackUrl); string origin = redirect.Scheme + "://" + redirect.Host; // Update the allowed origin for this client var corsOrigins = configContext.Set <ClientCorsOrigin>().Where(c => c.ClientId == foundClient.Id).ToList(); if (corsOrigins != null) { configContext.RemoveRange(corsOrigins); } var newOrigin = new ClientCorsOrigin(); newOrigin.Client = foundClient; newOrigin.ClientId = foundClient.Id; newOrigin.Origin = origin; configContext.Add(newUri); // Update their allowed grants var curGrants = configContext.Set <ClientGrantType>().Where(c => c.ClientId == foundClient.Id).ToList(); if (curGrants != null) { configContext.RemoveRange(curGrants); } foreach (var grantType in model.AllowedGrants) { var newGrant = new ClientGrantType(); newGrant.Client = foundClient; newGrant.ClientId = foundClient.Id; newGrant.GrantType = grantType; configContext.Add(newGrant); } // Update their allowed scopes var curScopes = configContext.Set <ClientScope>().Where(c => c.ClientId == foundClient.Id).ToList(); if (curScopes != null) { configContext.RemoveRange(curScopes); } foreach (var scope in model.AllowedScopes) { var newScope = new ClientScope(); newScope.Client = foundClient; newScope.ClientId = foundClient.Id; newScope.Scope = scope; configContext.Add(newScope); } // Save all the changed configContext.SaveChanges(); // Clear the client cache RemoveCachedClient(model.ClientId); return(new JsonResult(new { success = true })); } return(new JsonResult(new { success = false, message = "Client does not exist." })); }
public void UpdateClientBasic(int id, ClientDto clientDto) { Client client = this.Session.Get <Client>(id); if (client == null) { throw new FluentValidationException($"客户端{id}不存在。"); } client.Description = clientDto.Description; client.ProtocolType = clientDto.ProtocolType; client.RequireClientSecret = clientDto.RequireClientSecret; client.RequirePkce = clientDto.RequirePkce; client.AllowPlainTextPkce = clientDto.AllowPlainTextPkce; client.AllowOfflineAccess = clientDto.AllowOfflineAccess; client.AllowAccessTokensViaBrowser = clientDto.AllowAccessTokensViaBrowser; client.Enabled = clientDto.Enabled; var transaction = this.Session.BeginTransaction(); try { this.Session.Update(client); this.Session.CreateQuery("delete from ClientScope where ClientId=:ClientId") .SetInt32("ClientId", id) .ExecuteUpdate(); clientDto.AllowedScopes.ForEach(scope => { ClientScope clientScope = new ClientScope(); clientScope.ClientId = client.Id; clientScope.Scope = scope; this.Session.Save(clientScope); }); this.Session.CreateQuery("delete from ClientRedirectUri where ClientId=:ClientId") .SetInt32("ClientId", id) .ExecuteUpdate(); clientDto.RedirectUris.ForEach(redirectUri => { ClientRedirectUri clientRedirectUri = new ClientRedirectUri(); clientRedirectUri.ClientId = client.Id; clientRedirectUri.RedirectUri = redirectUri; this.Session.Save(clientRedirectUri); }); this.Session.CreateQuery("delete from ClientGrantType where ClientId=:ClientId") .SetInt32("ClientId", id) .ExecuteUpdate(); clientDto.AllowedGrantTypes.ForEach(grantType => { ClientGrantType clientGrantType = new ClientGrantType(); clientGrantType.ClientId = client.Id; clientGrantType.GrantType = grantType; this.Session.Save(clientGrantType); }); transaction.Commit(); } catch (Exception) { transaction.Rollback(); throw; } }