protected virtual void SetDefaultApplicationType(OpenIdClient openidClient)
{
if (string.IsNullOrWhiteSpace(openidClient.ApplicationType))
{
openidClient.ApplicationType = "web";
}
}
public async Task Should_successfully_authenticate_query()
{
var response = await OpenIdClient.RequestTokenAsync(RequestFactory.CorrectPasswordAuthenticationRequest());
response.AccessToken.Should().NotBeNullOrWhiteSpace();
response.ExpiresInSeconds.Should().BeGreaterThan(0);
}
protected virtual void SetDefaultSubjectType(OpenIdClient openidClient)
{
if (string.IsNullOrWhiteSpace(openidClient.SubjectType))
{
openidClient.SubjectType = _openIDHostOptions.DefaultSubjectType;
}
}
protected virtual void SetRequestObjectEncryptionAlg(OpenIdClient openidClient)
{
if (!string.IsNullOrWhiteSpace(openidClient.RequestObjectEncryptionAlg) && string.IsNullOrWhiteSpace(openidClient.RequestObjectEncryptionEnc))
{
openidClient.RequestObjectEncryptionEnc = A128CBCHS256EncHandler.ENC_NAME;
}
}
protected virtual void SetUserInfoEncryptedResponseAlg(OpenIdClient openidClient)
{
if (!string.IsNullOrWhiteSpace(openidClient.UserInfoEncryptedResponseAlg) && string.IsNullOrWhiteSpace(openidClient.UserInfoEncryptedResponseEnc))
{
openidClient.UserInfoEncryptedResponseEnc = A128CBCHS256EncHandler.ENC_NAME;
}
}
protected BaseTests(ITestOutputHelper output)
{
var testData = AuthTestData.LoadFromJsonFile();
var log = new TestLog(output);
RequestFactory = new OpenIdRequestFactory(testData);
OpenIdClient = OpenIdClientFactory.CreateTestClient(testData.OpenIdServer, log);
}
private async Task ShouldFail(PasswordTokenRequest request)
{
Func <Task> action = () => OpenIdClient.RequestTokenAsync(request);
var exception = (await action.Should().ThrowAsync <OpenIdException>()).Which;
Console.WriteLine(exception);
}
protected void EnrichOpenIdClient(OpenIdClient openidClient)
{
EnrichClient(openidClient);
SetDefaultApplicationType(openidClient);
SetDefaultSubjectType(openidClient);
SetDefaultIdTokenResponseAlg(openidClient);
SetDefaultMaxAge(openidClient);
SetDefaultIdTokenEncryptedResponseAlg(openidClient);
SetUserInfoEncryptedResponseAlg(openidClient);
SetRequestObjectEncryptionAlg(openidClient);
}
private async Task <string> GetFirstAmr(IEnumerable <string> acrValues, OpenIdClient client)
{
var acr = await _amrHelper.FetchDefaultAcr(acrValues, client);
if (acr == null)
{
return(null);
}
return(acr.AuthenticationMethodReferences.First());
}
public void LbtnOpenIDAddClick(object sender, EventArgs e)
{
OpenIdClient openID = new OpenIdClient();
openID.Identity = this.TxtOpenIDNew.Text;
UserProfile.Current.OpenID = openID.Identity;
UserProfile.Current.Save();
//openID.AuthVersion = ProtocolVersion.V2_0;
//openID.ReturnUrl = new Uri(string.Format("{0}://{1}:{2}{3}", Request.Url.Scheme, Request.Url.Host, Request.Url.Port, Request.Path));
//openID.BeginAuth();
openID.CreateRequest(false, true);
}
protected void EnrichOpenIdClient(OpenIdClient openidClient, HandlerContext handlerContext)
{
EnrichClient(openidClient);
SetDefaultApplicationType(openidClient);
SetDefaultSubjectType(openidClient);
SetDefaultIdTokenResponseAlg(openidClient);
SetDefaultMaxAge(openidClient);
SetDefaultIdTokenEncryptedResponseAlg(openidClient);
SetUserInfoEncryptedResponseAlg(openidClient);
SetRequestObjectEncryptionAlg(openidClient);
SetBCNotification(openidClient, handlerContext);
SetFrontChannel(openidClient, handlerContext);
SetBackchannelLogoutSupported(openidClient, handlerContext);
}
public async Task Enrich(JwsPayload jwsPayload, OpenIdClient client)
{
var subject = jwsPayload.GetClaimValue(Jwt.Constants.UserClaims.Subject);
using (var httpClient = new HttpClient())
{
var request = new HttpRequestMessage
{
RequestUri = new Uri(_httpClaimsSourceOptions.Url),
Method = HttpMethod.Get,
// Content = new StringContent(JsonConvert.SerializeObject(new { sub = subject }), Encoding.UTF8, "application/json")
};
if (!string.IsNullOrWhiteSpace(_httpClaimsSourceOptions.ApiToken))
{
request.Headers.Add("Authorization", $"Bearer {_httpClaimsSourceOptions.ApiToken}");
}
var result = await httpClient.SendAsync(request).ConfigureAwait(false);
var json = await result.Content.ReadAsStringAsync().ConfigureAwait(false);
var kvp = result.Content.Headers.FirstOrDefault(k => k.Key == "Content-Type");
if (!kvp.Equals(default(KeyValuePair <string, IEnumerable <string> >)) && !string.IsNullOrWhiteSpace(kvp.Key) && result.IsSuccessStatusCode)
{
string jwt = null;
JwsPayload jObj = null;
if (kvp.Value.Any(v => v.Contains("application/json")))
{
jObj = JsonConvert.DeserializeObject <JwsPayload>(json);
jwt = await _jwtBuilder.BuildClientToken(client, jObj, client.IdTokenSignedResponseAlg, client.IdTokenEncryptedResponseAlg, client.IdTokenEncryptedResponseEnc);
}
else if (kvp.Value.Any(v => v.Contains("application/jwt")))
{
throw new NotImplementedException();
/*
* jwt = json;
* jObj = Extract(json);
*/
}
if (!string.IsNullOrWhiteSpace(jwt))
{
ClaimsSourceHelper.AddAggregate(jwsPayload, jObj, jwt, _httpClaimsSourceOptions.Name);
}
}
}
}
protected void Page_Load(object sender, EventArgs e)
{
user = DataObject.Load <DataObjectUser>(UserProfile.Current.UserId, null, true);
if (user.State != ObjectState.Added)
{
if (!string.IsNullOrEmpty(user.OpenID))
{
this.LitOpenIDCur.Text = user.OpenID;
}
else
{
this.LitOpenIDCur.Text = language.GetString("MessageOpenIdNone");
}
}
if (!IsPostBack)
{
OpenIdClient openID = new OpenIdClient();
switch (openID.RequestedMode)
{
case RequestedMode.IdResolution:
openID.Identity = UserProfile.Current.OpenID;
if (openID.ValidateResponse())
{
OpenIdUser openIDUser = openID.RetrieveUser();
user.OpenID = openIDUser.Identity;
user.Update(UserDataContext.GetUserDataContext());
UserProfile.Current.OpenID = string.Empty;
UserProfile.Current.Save();
this.LitOpenIDMsg.Text = language.GetString("MessageOpenIdConfirmed");
this.LitOpenIDCur.Text = user.OpenID;
}
else
{
this.LitOpenIDMsg.Text = language.GetString("MessageOpenIdNotConfirmed");
}
break;
case RequestedMode.CanceledByUser:
this.LitOpenIDMsg.Text = language.GetString("MessageOpenIdCanceled");
break;
}
}
}
protected async Task SendLogoutToken(OpenIdClient openIdClient, string sessionId, CancellationToken cancellationToken)
{
if (string.IsNullOrWhiteSpace(openIdClient.BackChannelLogoutUri))
{
return;
}
var currentDateTime = DateTime.UtcNow;
var events = new JObject
{
{ "http://schemas.openid.net/event/backchannel-logout", new JObject() }
};
var jwsPayload = new JwsPayload
{
{ Jwt.Constants.OAuthClaims.Issuer, Request.GetAbsoluteUriWithVirtualPath() },
{ Jwt.Constants.UserClaims.Subject, User.Claims.First(c => c.Type == ClaimTypes.NameIdentifier).Value },
{ Jwt.Constants.OAuthClaims.Audiences, openIdClient.ClientId },
{ Jwt.Constants.OAuthClaims.Iat, currentDateTime.ConvertToUnixTimestamp() },
{ Jwt.Constants.OAuthClaims.Jti, Guid.NewGuid().ToString() },
{ Jwt.Constants.OAuthClaims.Events, events }
};
if (openIdClient.BackChannelLogoutSessionRequired)
{
jwsPayload.Add(Jwt.Constants.OAuthClaims.Sid, sessionId);
}
var logoutToken = await _jwtBuilder.Sign(jwsPayload, openIdClient.TokenSignedResponseAlg, cancellationToken);
using (var httpClient = _httpClientFactory.GetHttpClient())
{
var body = new FormUrlEncodedContent(new List <KeyValuePair <string, string> >
{
new KeyValuePair <string, string>("logout_token", logoutToken)
});
var request = new HttpRequestMessage
{
Method = HttpMethod.Post,
Content = body,
RequestUri = new Uri(openIdClient.BackChannelLogoutUri)
};
await httpClient.SendAsync(request);
}
}
protected void OpenIDButtonClick(object sender, EventArgs e)
{
if (!string.IsNullOrEmpty(this.TxtOpenID.Text))
{
OpenIdClient openID = new OpenIdClient();
openID.Identity = this.TxtOpenID.Text;
UserProfile.Current.OpenID = openID.Identity;
UserProfile.Current.Save();
SimpleRegistration simpleRegistration = new SimpleRegistration(openID);
simpleRegistration.RequiredFields = "nickname,email";
simpleRegistration.OptionalFields = "fullname,gender";
openID.CreateRequest(false, true);
}
else
{
LitOpenIDMsg.Text = language.GetString("MessageOpenIDMissing");
}
}
protected string BuildFrontChannelLogoutUrl(OpenIdClient client, string sessionId)
{
if (string.IsNullOrWhiteSpace(client.FrontChannelLogoutUri))
{
return(null);
}
var url = client.FrontChannelLogoutUri;
if (client.FrontChannelLogoutSessionRequired)
{
var issuer = Request.GetAbsoluteUriWithVirtualPath();
url = QueryHelpers.AddQueryString(url, new Dictionary <string, string>
{
{ Jwt.Constants.OAuthClaims.Issuer, issuer },
{ Jwt.Constants.OAuthClaims.Sid, sessionId }
});
}
return(url);
}
public static void RegisterAuth()
{
OAuthWebSecurity.RegisterTwitterClient(
consumerKey: "85CmzrPeNbfDBLqQDhZWvJvj2",
consumerSecret: "X6dW6my1ypjUAebxZVINn2QIrFrvJ2oe5hddLgi827JOv5nFjF");
OAuthWebSecurity.RegisterFacebookClient(
appId: "960531237445623",
appSecret: "cd7f8a90861694ae5e252bfe6fd6a699");
OAuthWebSecurity.RegisterGoogleClient();
//var extraData = new Dictionary<string, object>();
//extraData.Add("clientId", "000-000.apps.googleusercontent.com");
//extraData.Add("clientSecret", "00000000000");
//OAuthWebSecurity.RegisterGoogleClient("google", extraData);
OAuthWebSecurity.RegisterYahooClient();
var MyOpenIdClient = new OpenIdClient("myopenid", WellKnownProviders.MyOpenId);
OAuthWebSecurity.RegisterClient(MyOpenIdClient, "myOpenID", null);
}
public async Task <string> Handle(string language, JObject jObj, CancellationToken cancellationToken)
{
var currentDateTime = DateTime.UtcNow;
DateTime?expirationDateTime = null;
if (_options.ClientSecretExpirationInSeconds != null)
{
expirationDateTime = currentDateTime.AddSeconds(_options.ClientSecretExpirationInSeconds.Value);
}
var parameter = jObj.ToCreateOpenIdClientParameter();
var openidClient = OpenIdClient.Create(parameter.ApplicationKind.Value,
parameter.ClientName,
language,
expirationDateTime,
_options.DefaultTokenExpirationTimeInSeconds,
_options.DefaultRefreshTokenExpirationTimeInSeconds);
await _oauthClientRepository.Add(openidClient, cancellationToken);
await _oauthClientRepository.SaveChanges(cancellationToken);
return(openidClient.ClientId);
}
protected virtual void CheckBC(OpenIdClient openIdClient)
{
if (!string.IsNullOrWhiteSpace(openIdClient.BCTokenDeliveryMode))
{
if (!SIDOpenIdConstants.AllStandardNotificationModes.Contains(openIdClient.BCTokenDeliveryMode))
{
throw new OAuthException(ErrorCodes.INVALID_CLIENT_METADATA, ErrorMessages.INVALID_BC_DELIVERY_MODE);
}
if (openIdClient.BCTokenDeliveryMode == SIDOpenIdConstants.StandardNotificationModes.Ping ||
openIdClient.BCTokenDeliveryMode == SIDOpenIdConstants.StandardNotificationModes.Push)
{
if (string.IsNullOrWhiteSpace(openIdClient.BCClientNotificationEndpoint))
{
throw new OAuthException(ErrorCodes.INVALID_CLIENT_METADATA, string.Format(OAuth.ErrorMessages.MISSING_PARAMETER, OpenIdClientParameters.BCClientNotificationEndpoint));
}
}
}
if (!string.IsNullOrWhiteSpace(openIdClient.BCClientNotificationEndpoint))
{
if (!Uri.TryCreate(openIdClient.BCClientNotificationEndpoint, UriKind.Absolute, out Uri uri))
{
throw new OAuthException(ErrorCodes.INVALID_CLIENT_METADATA, ErrorMessages.INVALID_BC_CLIENT_NOTIFICATION_EDP);
}
if (uri.Scheme != "https")
{
throw new OAuthException(ErrorCodes.INVALID_CLIENT_METADATA, ErrorMessages.INVALID_HTTPS_BC_CLIENT_NOTIFICATION_EDP);
}
}
if (!string.IsNullOrWhiteSpace(openIdClient.BCAuthenticationRequestSigningAlg))
{
CheckSignature(openIdClient.BCAuthenticationRequestSigningAlg, ErrorMessages.UNSUPPORTED_BC_AUTHENTICATION_REQUEST_SIGNING_ALG);
}
}
public static OpenIdClient CreateTestClient(string openIdServerUrl, ILog log) => OpenIdClient.Create(new RequestTimeouts(), new TestingHttpClientConfiguration(openIdServerUrl), log);
protected async Task <string> GetFirstAmr(IEnumerable <string> acrValues, IEnumerable <AuthorizationRequestClaimParameter> claims, OpenIdClient client, CancellationToken cancellationToken)
{
var acr = await _amrHelper.FetchDefaultAcr(acrValues, claims, client, cancellationToken);
if (acr == null)
{
return(null);
}
return(acr.AuthenticationMethodReferences.First());
}
public async Task <AuthenticationContextClassReference> FetchDefaultAcr(IEnumerable <string> requestedAcrValues, IEnumerable <AuthorizationRequestClaimParameter> requestedClaims, OpenIdClient openIdClient, CancellationToken cancellationToken)
{
var defaultAcr = await GetSupportedAcr(requestedAcrValues, cancellationToken);
if (defaultAcr == null)
{
var acrClaim = requestedClaims.FirstOrDefault(r => r.Name == OAuthClaims.Acr);
if (acrClaim != null)
{
defaultAcr = await GetSupportedAcr(acrClaim.Values, cancellationToken);
if (defaultAcr == null && acrClaim.IsEssential)
{
throw new OAuthException(ErrorCodes.ACCESS_DENIED, ErrorMessages.NO_ESSENTIAL_ACR_IS_SUPPORTED);
}
}
if (defaultAcr == null)
{
var acrs = new List <string>();
acrs.AddRange(openIdClient.DefaultAcrValues);
acrs.Add(_options.DefaultAcrValue);
defaultAcr = await GetSupportedAcr(acrs, cancellationToken);
}
}
return(defaultAcr);
}
public Task Enrich(JwsPayload jwsPayload, OpenIdClient openidClient, CancellationToken cancellationToken)
{
ClaimsSourceHelper.AddDistribute(jwsPayload, _distributeHttpClaimsSourceOptions.Name, _distributeHttpClaimsSourceOptions.Url,
_distributeHttpClaimsSourceOptions.ApiToken, _distributeHttpClaimsSourceOptions.ClaimNames);
return(Task.FromResult(0));
}
public async Task <AuthenticationContextClassReference> FetchDefaultAcr(IEnumerable <string> requestedAcrValues, OpenIdClient openidClient)
{
var acrs = new List <string>();
acrs.AddRange(requestedAcrValues);
if (openidClient.DefaultAcrValues.Any())
{
acrs.AddRange(openidClient.DefaultAcrValues);
}
if (!string.IsNullOrWhiteSpace(_openidHostOptions.DefaultAcrValue))
{
acrs.Add(_openidHostOptions.DefaultAcrValue);
}
foreach (var acrValue in acrs)
{
var acr = await _authenticationContextClassReferenceRepository.FindACRByName(acrValue);
if (acr != null)
{
return(acr);
}
}
return(null);
}
protected override void CheckRequestObject(JwsHeader header, JwsPayload jwsPayload, OpenIdClient openidClient, HandlerContext context)
{
base.CheckRequestObject(header, jwsPayload, openidClient, context);
if (!jwsPayload.ContainsKey(Jwt.Constants.OAuthClaims.ExpirationTime))
{
throw new OAuthException(ErrorCodes.INVALID_REQUEST, string.Format(ErrorMessages.MISSING_PARAMETER, Jwt.Constants.OAuthClaims.ExpirationTime));
}
var currentDateTime = DateTime.UtcNow.ConvertToUnixTimestamp();
var exp = jwsPayload.GetExpirationTime();
if (currentDateTime > exp)
{
throw new OAuthException(ErrorCodes.INVALID_REQUEST_OBJECT, ErrorMessages.REQUEST_OBJECT_IS_EXPIRED);
}
var audiences = jwsPayload.GetAudiences();
if (audiences.Any() && !audiences.Contains(context.Request.IssuerName))
{
throw new OAuthException(ErrorCodes.INVALID_REQUEST_OBJECT, ErrorMessages.REQUEST_OBJECT_BAD_AUDIENCE);
}
}
private void HandleOpenIDLogin()
{
OpenIdClient openID = new OpenIdClient();
switch (openID.RequestedMode)
{
case RequestedMode.IdResolution:
openID.Identity = UserProfile.Current.OpenID;
if (openID.ValidateResponse())
{
OpenIdUser openIDUser = openID.RetrieveUser();
UserProfile.Current.OpenID = string.Empty;
UserProfile.Current.Save();
CSBooster_DataContext csb = new CSBooster_DataContext(Helper.GetSiemeConnectionString());
var user = csb.hisp_DataObject_GetUserIDByOpenID(openIDUser.Identity).ElementAtOrDefault(0);
if (user != null) // User exists
{
MembershipUser membershipUser = Membership.GetUser(user.USR_ID);
if (membershipUser != null)
{
PerformLogin(membershipUser.UserName);
}
}
else // User doesn't exist
{
string nickname = openIDUser.GetValue("openid.sreg.nickname");
string email = openIDUser.GetValue("openid.sreg.email");
string fullname = openIDUser.GetValue("openid.sreg.fullname") ?? nickname;
string gender = openIDUser.GetValue("openid.sreg.gender");
string firstname = string.Empty;
string lastname = string.Empty;
if (!string.IsNullOrEmpty(nickname) && !string.IsNullOrEmpty(email))
{
string[] splitFullname = fullname.Split(' ');
if (splitFullname.Length > 0)
{
firstname = splitFullname[0];
}
if (splitFullname.Length > 1)
{
lastname = splitFullname[1];
}
if (DataObjectUser.CreateUser(AuthenticationType.OpenID, openIDUser.Identity, nickname, email, firstname, lastname, gender))
{
PerformLogin(nickname);
}
}
else
{
LitOpenIDMsg.Text = language.GetString("MessageOpenIDNoDataReceived");
}
}
}
else
{
LitOpenIDMsg.Text = language.GetString("MessageOpenIDLoginNotSuccess");
}
break;
case RequestedMode.CanceledByUser:
LitOpenIDMsg.Text = language.GetString("MessageOpenIDLoginCancel");
break;
}
}
protected virtual void CheckRequestObject(JwsHeader header, JwsPayload jwsPayload, OpenIdClient openidClient, HandlerContext context)
{
if (jwsPayload == null)
{
throw new OAuthException(ErrorCodes.INVALID_REQUEST, OAuth.ErrorMessages.INVALID_JWS_REQUEST_PARAMETER);
}
if (!string.IsNullOrWhiteSpace(openidClient.RequestObjectSigningAlg) && header.Alg != openidClient.RequestObjectSigningAlg)
{
throw new OAuthException(ErrorCodes.INVALID_REQUEST_OBJECT, ErrorMessages.INVALID_SIGNATURE_ALG);
}
if (!jwsPayload.ContainsKey(OAuth.DTOs.AuthorizationRequestParameters.ResponseType))
{
throw new OAuthException(ErrorCodes.INVALID_REQUEST_OBJECT, ErrorMessages.MISSING_RESPONSE_TYPE_CLAIM);
}
if (!jwsPayload.ContainsKey(OAuth.DTOs.AuthorizationRequestParameters.ClientId))
{
throw new OAuthException(ErrorCodes.INVALID_REQUEST_OBJECT, ErrorMessages.MISSING_CLIENT_ID_CLAIM);
}
if (!jwsPayload[OAuth.DTOs.AuthorizationRequestParameters.ResponseType].ToString().Split(' ').OrderBy(s => s).SequenceEqual(context.Request.RequestData.GetResponseTypesFromAuthorizationRequest().OrderBy(s => s)))
{
throw new OAuthException(ErrorCodes.INVALID_REQUEST_OBJECT, ErrorMessages.INVALID_RESPONSE_TYPE_CLAIM);
}
if (jwsPayload[OAuth.DTOs.AuthorizationRequestParameters.ClientId].ToString() != context.Client.ClientId)
{
throw new OAuthException(ErrorCodes.INVALID_REQUEST_OBJECT, ErrorMessages.INVALID_CLIENT_ID_CLAIM);
}
}
protected virtual void SetBackchannelLogoutSupported(OpenIdClient openidClient, HandlerContext handlerContext)
{
openidClient.BackChannelLogoutSessionRequired = handlerContext.Request.RequestData.GetBackChannelLogoutSessionRequired();
openidClient.BackChannelLogoutUri = handlerContext.Request.RequestData.GetBackChannelLogoutUri();
}
public ValidationResult(JwsPayload payload, OpenIdClient client)
{
Payload = payload;
Client = client;
}
protected override async Task <JObject> Create(HandlerContext context)
{
var jObj = context.Request.Data;
var applicationType = GetDefaultApplicationType(jObj);
var sectorIdentifierUri = jObj.GetSectorIdentifierUriFromRegisterRequest();
var subjectType = jObj.GetSubjectTypeFromRegisterRequest();
var idTokenSignedResponseAlg = jObj.GetIdTokenSignedResponseAlgFromRegisterRequest();
var idTokenEncryptedResponseAlg = jObj.GetIdTokenEncryptedResponseAlgFromRegisterRequest();
var idTokenEncryptedResponseEnc = jObj.GetIdTokenEncryptedResponseEncFromRegisterRequest();
var userInfoSignedResponseAlg = jObj.GetUserInfoSignedResponseAlgFromRegisterRequest();
var userInfoEncryptedResponseAlg = jObj.GetUserInfoEncryptedResponseAlgFromRegisterRequest();
var userInfoEncryptedResponseEnc = jObj.GetUserInfoEncryptedResponseEncFromRegisterRequest();
var requestObjectSigningAlg = jObj.GetRequestObjectSigningAlgFromRegisterRequest();
var requestObjectEncryptionAlg = jObj.GetRequestObjectEncryptionAlgFromRegisterRequest();
var requestObjectEncryptionEnc = jObj.GetRequestObjectEncryptionEncFromRegisterRequest();
var defaultMaxAge = jObj.GetDefaultMaxAgeFromRegisterRequest();
var requireAuthTime = jObj.GetRequireAuhTimeFromRegisterRequest();
var acrValues = jObj.GetDefaultAcrValuesFromRegisterRequest();
var postLogoutRedirectUris = jObj.GetPostLogoutRedirectUrisFromRegisterRequest();
if (string.IsNullOrWhiteSpace(subjectType))
{
subjectType = _openIDHostOptions.DefaultSubjectType;
}
if (string.IsNullOrWhiteSpace(idTokenSignedResponseAlg))
{
idTokenSignedResponseAlg = RSA256SignHandler.ALG_NAME;
}
if (defaultMaxAge == null)
{
defaultMaxAge = _openIDHostOptions.DefaultMaxAge;
}
if (requireAuthTime == null)
{
requireAuthTime = false;
}
if (!string.IsNullOrWhiteSpace(idTokenEncryptedResponseAlg) && string.IsNullOrWhiteSpace(idTokenEncryptedResponseEnc))
{
idTokenEncryptedResponseEnc = A128CBCHS256EncHandler.ENC_NAME;
}
if (!string.IsNullOrWhiteSpace(userInfoEncryptedResponseAlg) && string.IsNullOrWhiteSpace(userInfoEncryptedResponseEnc))
{
userInfoEncryptedResponseEnc = A128CBCHS256EncHandler.ENC_NAME;
}
if (!string.IsNullOrWhiteSpace(requestObjectEncryptionAlg) && string.IsNullOrWhiteSpace(requestObjectEncryptionEnc))
{
requestObjectEncryptionEnc = A128CBCHS256EncHandler.ENC_NAME;
}
var openidClient = new OpenIdClient();
var result = await EnrichOAuthClient(context, openidClient);
openidClient.ApplicationType = applicationType;
openidClient.SectorIdentifierUri = sectorIdentifierUri;
openidClient.SubjectType = subjectType;
openidClient.IdTokenSignedResponseAlg = idTokenSignedResponseAlg;
openidClient.IdTokenEncryptedResponseAlg = idTokenEncryptedResponseAlg;
openidClient.IdTokenEncryptedResponseEnc = idTokenEncryptedResponseEnc;
openidClient.UserInfoSignedResponseAlg = userInfoSignedResponseAlg;
openidClient.UserInfoEncryptedResponseAlg = userInfoEncryptedResponseAlg;
openidClient.UserInfoEncryptedResponseEnc = userInfoEncryptedResponseEnc;
openidClient.RequestObjectSigningAlg = requestObjectSigningAlg;
openidClient.RequestObjectEncryptionAlg = requestObjectEncryptionAlg;
openidClient.RequestObjectEncryptionEnc = requestObjectEncryptionEnc;
openidClient.DefaultMaxAge = defaultMaxAge;
openidClient.RequireAuthTime = requireAuthTime.Value;
openidClient.DefaultAcrValues = acrValues.ToList();
openidClient.PostLogoutRedirectUris = postLogoutRedirectUris.ToList();
OAuthClientCommandRepository.Add(openidClient);
await OAuthClientCommandRepository.SaveChanges();
AddNotEmpty(result, RegisterRequestParameters.ApplicationType, applicationType);
AddNotEmpty(result, RegisterRequestParameters.SectorIdentifierUri, sectorIdentifierUri);
AddNotEmpty(result, RegisterRequestParameters.SubjectType, subjectType);
AddNotEmpty(result, RegisterRequestParameters.IdTokenSignedResponseAlg, idTokenSignedResponseAlg);
AddNotEmpty(result, RegisterRequestParameters.IdTokenEncryptedResponseAlg, idTokenEncryptedResponseAlg);
AddNotEmpty(result, RegisterRequestParameters.IdTokenEncryptedResponseEnc, idTokenEncryptedResponseEnc);
AddNotEmpty(result, RegisterRequestParameters.UserInfoSignedResponseAlg, userInfoSignedResponseAlg);
AddNotEmpty(result, RegisterRequestParameters.UserInfoEncryptedResponseAlg, userInfoEncryptedResponseAlg);
AddNotEmpty(result, RegisterRequestParameters.UserInfoEncryptedResponseEnc, userInfoEncryptedResponseEnc);
AddNotEmpty(result, RegisterRequestParameters.RequestObjectSigningAlg, requestObjectSigningAlg);
AddNotEmpty(result, RegisterRequestParameters.RequestObjectEncryptionAlg, requestObjectEncryptionAlg);
AddNotEmpty(result, RegisterRequestParameters.RequestObjectEncryptionEnc, requestObjectEncryptionEnc);
if (defaultMaxAge != null)
{
AddNotEmpty(result, RegisterRequestParameters.DefaultMaxAge, defaultMaxAge.Value.ToString().ToLowerInvariant());
}
AddNotEmpty(result, RegisterRequestParameters.RequireAuthTime, requireAuthTime.Value.ToString().ToLowerInvariant());
AddNotEmpty(result, RegisterRequestParameters.DefaultAcrValues, acrValues);
AddNotEmpty(result, RegisterRequestParameters.PostLogoutRedirectUris, postLogoutRedirectUris);
return(result);
}
