public async Task <string> GetToken(string userName, string password)
{
var user = await UserManager.FindByNameAsync(userName);
if (user is null)
{
throw new Exception($"Not found user by name {userName}.");
}
var result = await SignInManager.CheckPasswordSignInAsync(user, password, false);
if (result.Succeeded)
{
var token = await IdentityServerTools.IssueClientJwtAsync(
clientId : "Internal",
lifetime : 3600,
scopes : new string[] { IdentityServerConstants.StandardScopes.OpenId, IdentityServerConstants.StandardScopes.Profile },
audiences : Options.JwtAudiences,
additionalClaims : new Claim[] {
new Claim(JwtClaimTypes.Subject, user.Id),
new Claim(JwtClaimTypes.Name, user.UserName),
});
return(token);
}
else
{
throw new Exception($"Failed to login.");
}
}
public JwtTokenProvider(
IHttpContextAccessor contextAccessor,
ITokenCreationService tokenCreation,
ISystemClock clock)
{
_identityServerTools = new IdentityServerTools(contextAccessor, tokenCreation, clock);
}
public async Task <object> Post([FromServices] IdentityServerTools tools)
{
//var model = JsonConvert.DeserializeObject<DemoModel>(data);
var token = await tools.IssueClientJwtAsync(
clientId : "client1",
lifetime : 2,
scopes : new[] { "api1", "api2", "api_100000" },
audiences : new[] { "identity", "trieudk_aud" },
additionalClaims : new List <Claim>
{
new Claim(type: "trieudk_claims1", value: "trieudk_claims1"),
new Claim(type: "trieudk_claims2", value: "trieudk_claims2"),
new Claim(type: "trieudk_claims3", value: "trieudk_claims3"),
});
var token1 = await tools.IssueJwtAsync(
lifetime : 2,
claims :
new List <Claim>
{
new Claim(type: "trieudk_claims1", value: "trieudk_claims1"),
new Claim(type: "trieudk_claims2", value: "trieudk_claims2"),
new Claim(type: "trieudk_claims3", value: "trieudk_claims3"),
},
issuer : "trieudk_issuer");
return(token + "---------------------------" + token1);
}
public AccountController(
UserManager <User> userManager,
SignInManager <User> signInManager,
IIdentityServerInteractionService interaction,
IClientStore clientStore,
IAuthenticationSchemeProvider schemeProvider,
IEventService events,
IdentityServerTools tools,
//ConfigurationDbContext configurationDbContext,
IConfiguration configuration,
INotificationHelper notificationHelper,
UserProfileService userProfileService,
OtpKey otpKey,
TssIdentityDbContext tssIdentityDbContext)
{
_userManager = userManager;
_signInManager = signInManager;
_interaction = interaction;
_clientStore = clientStore;
_schemeProvider = schemeProvider;
_events = events;
_tools = tools;
//_configurationDbContext = configurationDbContext;
_configurationRoot = (IConfigurationRoot)configuration;
_notificationHelper = notificationHelper;
_userProfileService = userProfileService;
_otpKey = otpKey;
_tssIdentityDbContext = tssIdentityDbContext;
}
public AccountController(
IdentityServerTools tools,
RoleManager <IdentityRole> roleManager,
UserManager <AppUser> userManager,
IPersistedGrantService persistedGrantService,
SignInManager <AppUser> signInManager,
IEmailSender emailSender,
ISmsSender smsSender,
ILoggerFactory loggerFactory,
IIdentityServerInteractionService interaction,
IClientStore clientStore,
IOptions <AppSettings> appSettings,
IBus eventBus
)
{
_tools = tools;
_roleManager = roleManager;
_appSettings = appSettings.Value;
_userManager = userManager;
_persistedGrantService = persistedGrantService;
_signInManager = signInManager;
_emailSender = emailSender;
_smsSender = smsSender;
_logger = loggerFactory.CreateLogger <AccountController>();
_interaction = interaction;
_clientStore = clientStore;
_eventBus = eventBus;
}
/// <summary>
/// Constructor
/// </summary>
/// <param name="userStore">LDAP User Store</param>
/// <param name="events">IEventService</param>
/// <param name="tools">IdentityServerTools</param>
public LdapController(
ILdapUserStore userStore,
IEventService events,
IdentityServerTools tools)
{
this.userStore = userStore;
this.events = events;
this.tools = tools;
}
public IdentityServerService(IServiceProvider services, IdentityDbContext dbContext, UserManager <ApplicationUser> userManager, SignInManager <ApplicationUser> signInManager, IdentityServerTools identityServerTools, IOptions <IdentityServerModuleOption> options)
{
Services = services;
DbContext = dbContext;
UserManager = userManager;
IdentityServerTools = identityServerTools;
SignInManager = signInManager;
Options = options.Value;
}
public ExternalAuthController(
UserManager <AppUser> userManager,
SignInManager <AppUser> signInManager,
IdentityServerTools identityServerTools
)
{
_userManager = userManager;
_signInManager = signInManager;
_identityServerTools = identityServerTools;
}
public BackChannelLogoutClient(
//IHttpContextAccessor httpContext,
IdentityServerTools tools,
HttpClient backChannelClient,
ILogger <BackChannelLogoutClient> logger)
{
//_httpContext = httpContext;
_tools = tools;
_backChannelClient = backChannelClient;
_logger = logger;
}
public ClientController(
ConfigurationDbContext _configDb,
UserDbContext _userDB,
IStringLocalizer <ClientController> localizer,
IdentityServerTools tools)
{
userDB = _userDB;
configDb = _configDb;
l = localizer;
_tools = tools;
}
public AccountController
(IAccountService accSrv,
IClaimsHelper helper,
IdentityServerTools identityServer,
IUserService userSrv)
{
_accSrv = accSrv;
_helper = helper;
_identityServer = identityServer;
_userSrv = userSrv;
}
/// <summary>
/// Constructor.
/// </summary>
/// <param name="clock"></param>
/// <param name="tools"></param>
/// <param name="backChannelLogoutHttpClient"></param>
/// <param name="logger"></param>
public DefaultBackChannelLogoutService(
ISystemClock clock,
IdentityServerTools tools,
BackChannelLogoutHttpClient backChannelLogoutHttpClient,
ILogger <IBackChannelLogoutService> logger)
{
Clock = clock;
Tools = tools;
HttpClient = backChannelLogoutHttpClient;
Logger = logger;
}
public TokenService(
IAppSecretRepository appSecretRepository,
UserManager <ApplicationUser> userManager,
IdentityServerTools tools,
IOrganisationService organisationService)
{
this.appSecretRepository = appSecretRepository;
this.userManager = userManager;
this.tools = tools;
this.organisationService = organisationService;
}
public LoginHandler(
IEventBus eventBus,
ICommandValidator <Login> validator,
IUserRepository userRepository,
IdentityServerTools identityServerTools,
IUserClaimsFactory userClaimsFactory)
: base(eventBus, validator)
{
_userRepository = userRepository;
_identityServerTools = identityServerTools;
_userClaimsFactory = userClaimsFactory;
}
public AppUserService(
IRepository <AppUser, Guid> appUserRepo,
IdentityUserManager userManager,
IdentityServerTools tools) : base(appUserRepo)
{
this.userManager = userManager;
this.tools = tools;
//GetPolicyName = ASPCoreMVCPermissions.UserManager.Default;
//GetListPolicyName = ASPCoreMVCPermissions.UserManager.Default;
//CreatePolicyName = ASPCoreMVCPermissions.UserManager.Default;
//UpdatePolicyName = ASPCoreMVCPermissions.UserManager.Default;
//DeletePolicyName = ASPCoreMVCPermissions.UserManager.Default;
}
private static async Task CreateToken(
HttpContext context,
IdentityServerTokenRequest request,
IdentityServerTools identityServerTools)
{
var token = await identityServerTools.IssueJwtAsync(
lifetime : request.Lifetime,
claims : request.Claims);
var response = new IdentityServerTokenResponse
{
Token = token,
};
await context.Response.WriteJsonAsync(response);
}
/// <summary>
/// Issues the client JWT.
/// </summary>
/// <param name="tools">The tools.</param>
/// <param name="clientId">The client identifier.</param>
/// <param name="lifetime">The lifetime.</param>
/// <param name="scopes">The scopes.</param>
/// <param name="audiences">The audiences.</param>
/// <param name="additionalClaims">Additional claims</param>
/// <returns></returns>
public static async Task <string> IssueClientJwtAsync(this IdentityServerTools tools,
string clientId,
int lifetime,
IEnumerable <string> scopes = null,
IEnumerable <string> audiences = null,
IEnumerable <Claim> additionalClaims = null)
{
var claims = new HashSet <Claim>(new ClaimComparer());
var options = tools.ServiceProvider.GetRequiredService <IdentityServerOptions>();
if (additionalClaims != null)
{
foreach (var claim in additionalClaims)
{
claims.Add(claim);
}
}
claims.Add(new Claim(JwtClaimTypes.ClientId, clientId));
if (!scopes.IsNullOrEmpty())
{
foreach (var scope in scopes)
{
claims.Add(new Claim(JwtClaimTypes.Scope, scope));
}
}
if (options.EmitStaticAudienceClaim)
{
claims.Add(new Claim(
JwtClaimTypes.Audience,
string.Format(IdentityServerConstants.AccessTokenAudience, (await tools.IssuerNameService.GetCurrentAsync()).EnsureTrailingSlash())));
}
if (!audiences.IsNullOrEmpty())
{
foreach (var audience in audiences)
{
claims.Add(new Claim(JwtClaimTypes.Audience, audience));
}
}
return(await tools.IssueJwtAsync(lifetime, claims));
}
private static async Task CreateClientToken(
HttpContext context,
IdentityServerClientTokenRequest request,
IdentityServerTools identityServerTools)
{
var token = await identityServerTools.IssueClientJwtAsync(
lifetime : request.Lifetime,
clientId : request.ClientId,
scopes : request.Scopes,
audiences : request.Audiences);
var response = new IdentityServerTokenResponse
{
Token = token,
};
await context.Response.WriteJsonAsync(response);
}
public async Task <ActionResult <string> > Login([FromBody] UserLoginRequest request)
{
var user = await UserManager.FindByNameAsync(request.UserName);
if (user is null)
{
return(NotFound());
}
var result = await SignInManager.CheckPasswordSignInAsync(user, request.Password, false);
if (result.Succeeded)
{
if (!await Service.Exists(user.Id))
{
await Service.Create(new AcBlog.Data.Models.User
{
Name = user.UserName,
NickName = user.UserName,
Email = user.UserName,
Id = user.Id
});
}
var token = await IdentityServerTools.IssueClientJwtAsync(
clientId : "Internal",
lifetime : 3600,
scopes : new string[] { IdentityServerConstants.StandardScopes.OpenId, IdentityServerConstants.StandardScopes.Profile },
audiences : new string[] { "AcBlog.Server.ApiAPI" },
additionalClaims : new Claim[] {
new Claim(JwtClaimTypes.Subject, user.Id),
new Claim(JwtClaimTypes.Name, user.UserName),
});
return(token);
}
else
{
return(Unauthorized());
}
}
/// <summary>
/// Invokes the middleware.
/// </summary>
/// <param name="context">The context.</param>
/// <param name="identityServerTools">The identity server tools.</param>
/// <returns>The task.</returns>
public async Task Invoke(HttpContext context, IdentityServerTools identityServerTools)
{
var body = GetBody(context);
if (context.Request.Path.StartsWithSegments(new PathString("/api/test/token/create")))
{
var request = JsonConvert.DeserializeObject <IdentityServerTokenRequest>(body);
await CreateToken(context, request, identityServerTools);
return;
}
if (context.Request.Path.StartsWithSegments(new PathString("/api/test/token/create-client")))
{
var request = JsonConvert.DeserializeObject <IdentityServerClientTokenRequest>(body);
await CreateClientToken(context, request, identityServerTools);
return;
}
await this.next(context);
}
public ApiClient(IdentityServerTools identityServerTools)
{
_identityServerTools = identityServerTools;
}
public SomeService(IdentityServerTools identityServerTools)
{
_identityServerTools = identityServerTools;
}
public UserServicesImpl(UserManager <ApplicationUser> userManager, SignInManager <ApplicationUser> signInManager, IdentityServerTools tools)
{
_userManager = userManager;
_signInManager = signInManager;
_tools = tools;
}
public LocalTokenClient(IdentityServerTools tools)
{
this.tools = tools;
}
public JwtTokenGenerator(IdentityServerTools identityServerTools,
IHttpContextAccessor httpcontextaccessor)
{
_identityServerTools = identityServerTools;
_httpcontextaccessor = httpcontextaccessor;
}
/// <summary>
/// Initializes a new instance of the <see cref="TokenController"/> class.
/// </summary>
/// <param name="identityServerTools">The identity server tools.</param>
public TokenController(IdentityServerTools identityServerTools)
{
this.identityServerTools =
identityServerTools ?? throw new ArgumentNullException(nameof(identityServerTools));
}
public UsersController(UserManager <ApplicationUser> userManager, SignInManager <ApplicationUser> signInManager, IdentityServerTools identityServerTools, IBlogService service) : base(service.UserService)
{
UserManager = userManager;
IdentityServerTools = identityServerTools;
SignInManager = signInManager;
}
public AuthService(ghettoBasaContext context, IdentityServerTools serverTools)
{
ctx = context;
_tools = serverTools;
}
public AccessTokenIssuer(IdentityServerTools tools)
{
_tools = tools;
}
public JwtTokenService(IdentityServerTools tools)
{
_tools = tools;
}
