Esempio n. 1
0
                /// <inheritdoc/>
                public async ValueTask HandleAsync(ProcessRequestContext context)
                {
                    if (context is null)
                    {
                        throw new ArgumentNullException(nameof(context));
                    }

                    var notification = new ValidateLogoutRequestContext(context.Transaction);
                    await _dispatcher.DispatchAsync(notification);

                    // Store the context object in the transaction so it can be later retrieved by handlers
                    // that want to access the redirect_uri without triggering a new validation process.
                    context.Transaction.SetProperty(typeof(ValidateLogoutRequestContext).FullName !, notification);

                    if (notification.IsRequestHandled)
                    {
                        context.HandleRequest();
                        return;
                    }

                    else if (notification.IsRequestSkipped)
                    {
                        context.SkipRequest();
                        return;
                    }

                    else if (notification.IsRejected)
                    {
                        context.Reject(
                            error: notification.Error ?? Errors.InvalidRequest,
                            description: notification.ErrorDescription,
                            uri: notification.ErrorUri);
                        return;
                    }

                    context.Logger.LogInformation(SR.GetResourceString(SR.ID6125));
                }
        /// <summary>
        /// Retrieves a list of scopes using their name.
        /// </summary>
        /// <param name="names">The names associated with the scopes.</param>
        /// <param name="cancellationToken">The <see cref="CancellationToken"/> that can be used to abort the operation.</param>
        /// <returns>The scopes corresponding to the specified names.</returns>
        public virtual IAsyncEnumerable <TScope> FindByNamesAsync(
            ImmutableArray <string> names, CancellationToken cancellationToken = default)
        {
            if (names.Any(name => string.IsNullOrEmpty(name)))
            {
                throw new ArgumentException(SR.GetResourceString(SR.ID0203), nameof(names));
            }

            var scopes = Options.CurrentValue.DisableEntityCaching ?
                         Store.FindByNamesAsync(names, cancellationToken) :
                         Cache.FindByNamesAsync(names, cancellationToken);

            if (Options.CurrentValue.DisableAdditionalFiltering)
            {
                return(scopes);
            }

            // SQL engines like Microsoft SQL Server or MySQL are known to use case-insensitive lookups by default.
            // To ensure a case-sensitive comparison is enforced independently of the database/table/query collation
            // used by the store, a second pass using string.Equals(StringComparison.Ordinal) is manually made here.

            return(ExecuteAsync(cancellationToken));

            async IAsyncEnumerable <TScope> ExecuteAsync([EnumeratorCancellation] CancellationToken cancellationToken)
Esempio n. 3
0
        /// <inheritdoc/>
        public virtual async ValueTask DeleteAsync(TAuthorization authorization, CancellationToken cancellationToken)
        {
            Check.NotNull(authorization, nameof(authorization));

            try
            {
                await GetDatabase().RemoveAsync(authorization, cancellationToken: cancellationToken);
            }
            catch (CouchConflictException ex)
            {
                throw new OpenIddictExceptions.ConcurrencyException(SR.GetResourceString(SR.ID0239), ex);
            }

            // Get database to delete documents.
            var delDb = GetDatabase <DeleteDocument>(Discriminator);

            // Get the tokens associated with the authorization.
            var tokens = await GetDatabase <CouchDbOpenIddictToken>()
                         .GetViewAsync(OpenIddictViews.Token <CouchDbOpenIddictToken> .AuthorizationId);

            // Delete the tokens associated with the authorization.
            await delDb.AddOrUpdateRangeAsync(
                tokens.Select(x => new DeleteDocument(x.Id, x.Value)).ToArray());
        }
Esempio n. 4
0
        /// <inheritdoc/>
        public virtual async IAsyncEnumerable <TToken> FindAsync(string subject,
                                                                 string client, [EnumeratorCancellation] CancellationToken cancellationToken)
        {
            if (string.IsNullOrEmpty(subject))
            {
                throw new ArgumentException(SR.GetResourceString(SR.ID0198), nameof(subject));
            }

            if (string.IsNullOrEmpty(client))
            {
                throw new ArgumentException(SR.GetResourceString(SR.ID0124), nameof(client));
            }

            var part = $"type({Options.CurrentValue.TokenTypeName}))";

            var tok = typeof(TToken).As <TToken>();
            var app = typeof(OpenIddictDgraphApplication).As <OpenIddictDgraphApplication>();

            var sbf = tok.GetColumnName(f => f.Subject);
            var apf = tok.GetColumnName(f => f.ApplicationId);
            var clf = app.GetColumnName(f => f.ClientId);

            var clientIsApp = Uid.IsValid(client);

            var apFilter = clientIsApp ? $"uid($client)" : $"eq({clf}, $client)";

            var query = "query Q($client: string, $subject: string)" + Options.CurrentValue.TokenFullQuery
                        .Replace(part, $"eq({sbf}, $subject)) @cascade @filter({part}")
                        .Replace($"{apf}", $"{apf} @filter({apFilter})");

            var database = await Context.GetDatabaseAsync(cancellationToken);

            using var txn = (Txn)database.NewTransaction(true, true, cancellationToken);

            var result = await txn.QueryWithVars <TToken>("oidc_token", query, new()
            {
        /// <summary>
        /// Registers the OpenIddict core services in the DI container.
        /// </summary>
        /// <param name="builder">The services builder used by OpenIddict to register new services.</param>
        /// <remarks>This extension can be safely called multiple times.</remarks>
        /// <returns>The <see cref="OpenIddictBuilder"/>.</returns>
        public static OpenIddictCoreBuilder AddCore(this OpenIddictBuilder builder)
        {
            if (builder == null)
            {
                throw new ArgumentNullException(nameof(builder));
            }

            builder.Services.AddLocalization();
            builder.Services.AddLogging();
            builder.Services.AddMemoryCache();
            builder.Services.AddOptions();

            builder.Services.TryAddScoped(typeof(OpenIddictApplicationManager <>));
            builder.Services.TryAddScoped(typeof(OpenIddictAuthorizationManager <>));
            builder.Services.TryAddScoped(typeof(OpenIddictScopeManager <>));
            builder.Services.TryAddScoped(typeof(OpenIddictTokenManager <>));

            builder.Services.TryAddScoped(typeof(IOpenIddictApplicationCache <>), typeof(OpenIddictApplicationCache <>));
            builder.Services.TryAddScoped(typeof(IOpenIddictAuthorizationCache <>), typeof(OpenIddictAuthorizationCache <>));
            builder.Services.TryAddScoped(typeof(IOpenIddictScopeCache <>), typeof(OpenIddictScopeCache <>));
            builder.Services.TryAddScoped(typeof(IOpenIddictTokenCache <>), typeof(OpenIddictTokenCache <>));

            builder.Services.TryAddScoped <IOpenIddictApplicationStoreResolver, OpenIddictApplicationStoreResolver>();
            builder.Services.TryAddScoped <IOpenIddictAuthorizationStoreResolver, OpenIddictAuthorizationStoreResolver>();
            builder.Services.TryAddScoped <IOpenIddictScopeStoreResolver, OpenIddictScopeStoreResolver>();
            builder.Services.TryAddScoped <IOpenIddictTokenStoreResolver, OpenIddictTokenStoreResolver>();

            builder.Services.TryAddScoped(provider =>
            {
                var options = provider.GetRequiredService <IOptionsMonitor <OpenIddictCoreOptions> >().CurrentValue;
                if (options.DefaultApplicationType == null)
                {
                    throw new InvalidOperationException(SR.GetResourceString(SR.ID1272));
                }

                return((IOpenIddictApplicationManager)provider.GetRequiredService(
                           typeof(OpenIddictApplicationManager <>).MakeGenericType(options.DefaultApplicationType)));
            });

            builder.Services.TryAddScoped(provider =>
            {
                var options = provider.GetRequiredService <IOptionsMonitor <OpenIddictCoreOptions> >().CurrentValue;
                if (options.DefaultAuthorizationType == null)
                {
                    throw new InvalidOperationException(SR.GetResourceString(SR.ID1273));
                }

                return((IOpenIddictAuthorizationManager)provider.GetRequiredService(
                           typeof(OpenIddictAuthorizationManager <>).MakeGenericType(options.DefaultAuthorizationType)));
            });

            builder.Services.TryAddScoped(provider =>
            {
                var options = provider.GetRequiredService <IOptionsMonitor <OpenIddictCoreOptions> >().CurrentValue;
                if (options.DefaultScopeType == null)
                {
                    throw new InvalidOperationException(SR.GetResourceString(SR.ID1274));
                }

                return((IOpenIddictScopeManager)provider.GetRequiredService(
                           typeof(OpenIddictScopeManager <>).MakeGenericType(options.DefaultScopeType)));
            });

            builder.Services.TryAddScoped(provider =>
            {
                var options = provider.GetRequiredService <IOptionsMonitor <OpenIddictCoreOptions> >().CurrentValue;
                if (options.DefaultTokenType == null)
                {
                    throw new InvalidOperationException(SR.GetResourceString(SR.ID1275));
                }

                return((IOpenIddictTokenManager)provider.GetRequiredService(
                           typeof(OpenIddictTokenManager <>).MakeGenericType(options.DefaultTokenType)));
            });

            builder.Services.TryAddSingleton <IStringLocalizer <OpenIddictResources> >(provider =>
            {
                // Note: the string localizer factory is deliberately not resolved from
                // the DI container to ensure the built-in .resx files are always used
                // even if the factory was replaced by a different implementation in DI.
                var factory = new ResourceManagerStringLocalizerFactory(
                    localizationOptions: Options.Create(new LocalizationOptions()),
                    loggerFactory: NullLoggerFactory.Instance);

                return(new StringLocalizer <OpenIddictResources>(factory));
            });

            return(new OpenIddictCoreBuilder(builder.Services));
        }
Esempio n. 6
0
        /// <summary>
        /// Registers the OpenIddict core services in the DI container.
        /// </summary>
        /// <param name="builder">The services builder used by OpenIddict to register new services.</param>
        /// <remarks>This extension can be safely called multiple times.</remarks>
        /// <returns>The <see cref="OpenIddictBuilder"/>.</returns>
        public static OpenIddictCoreBuilder AddCore(this OpenIddictBuilder builder)
        {
            if (builder is null)
            {
                throw new ArgumentNullException(nameof(builder));
            }

            builder.Services.AddLogging();
            builder.Services.AddMemoryCache();
            builder.Services.AddOptions();

            builder.Services.TryAddScoped(typeof(OpenIddictApplicationManager <>));
            builder.Services.TryAddScoped(typeof(OpenIddictAuthorizationManager <>));
            builder.Services.TryAddScoped(typeof(OpenIddictScopeManager <>));
            builder.Services.TryAddScoped(typeof(OpenIddictTokenManager <>));

            builder.Services.TryAddScoped(typeof(IOpenIddictApplicationCache <>), typeof(OpenIddictApplicationCache <>));
            builder.Services.TryAddScoped(typeof(IOpenIddictAuthorizationCache <>), typeof(OpenIddictAuthorizationCache <>));
            builder.Services.TryAddScoped(typeof(IOpenIddictScopeCache <>), typeof(OpenIddictScopeCache <>));
            builder.Services.TryAddScoped(typeof(IOpenIddictTokenCache <>), typeof(OpenIddictTokenCache <>));

            builder.Services.TryAddScoped <IOpenIddictApplicationStoreResolver, OpenIddictApplicationStoreResolver>();
            builder.Services.TryAddScoped <IOpenIddictAuthorizationStoreResolver, OpenIddictAuthorizationStoreResolver>();
            builder.Services.TryAddScoped <IOpenIddictScopeStoreResolver, OpenIddictScopeStoreResolver>();
            builder.Services.TryAddScoped <IOpenIddictTokenStoreResolver, OpenIddictTokenStoreResolver>();

            builder.Services.TryAddScoped(provider =>
            {
                var options = provider.GetRequiredService <IOptionsMonitor <OpenIddictCoreOptions> >().CurrentValue;
                if (options.DefaultApplicationType is null)
                {
                    throw new InvalidOperationException(SR.GetResourceString(SR.ID0273));
                }

                return((IOpenIddictApplicationManager)provider.GetRequiredService(
                           typeof(OpenIddictApplicationManager <>).MakeGenericType(options.DefaultApplicationType)));
            });

            builder.Services.TryAddScoped(provider =>
            {
                var options = provider.GetRequiredService <IOptionsMonitor <OpenIddictCoreOptions> >().CurrentValue;
                if (options.DefaultAuthorizationType is null)
                {
                    throw new InvalidOperationException(SR.GetResourceString(SR.ID0274));
                }

                return((IOpenIddictAuthorizationManager)provider.GetRequiredService(
                           typeof(OpenIddictAuthorizationManager <>).MakeGenericType(options.DefaultAuthorizationType)));
            });

            builder.Services.TryAddScoped(provider =>
            {
                var options = provider.GetRequiredService <IOptionsMonitor <OpenIddictCoreOptions> >().CurrentValue;
                if (options.DefaultScopeType is null)
                {
                    throw new InvalidOperationException(SR.GetResourceString(SR.ID0275));
                }

                return((IOpenIddictScopeManager)provider.GetRequiredService(
                           typeof(OpenIddictScopeManager <>).MakeGenericType(options.DefaultScopeType)));
            });

            builder.Services.TryAddScoped(provider =>
            {
                var options = provider.GetRequiredService <IOptionsMonitor <OpenIddictCoreOptions> >().CurrentValue;
                if (options.DefaultTokenType is null)
                {
                    throw new InvalidOperationException(SR.GetResourceString(SR.ID0276));
                }

                return((IOpenIddictTokenManager)provider.GetRequiredService(
                           typeof(OpenIddictTokenManager <>).MakeGenericType(options.DefaultTokenType)));
            });

            return(new OpenIddictCoreBuilder(builder.Services));
        }