Esempio n. 1
0
        /// <summary>
        /// Updates an existing authorization.
        /// </summary>
        /// <param name="authorization">The authorization to update.</param>
        /// <param name="operation">The delegate used to update the authorization based on the given descriptor.</param>
        /// <param name="cancellationToken">The <see cref="CancellationToken"/> that can be used to abort the operation.</param>
        /// <returns>
        /// A <see cref="Task"/> that can be used to monitor the asynchronous operation.
        /// </returns>
        public virtual async Task UpdateAsync([NotNull] TAuthorization authorization,
                                              [NotNull] Func <OpenIddictAuthorizationDescriptor, Task> operation, CancellationToken cancellationToken = default)
        {
            if (operation == null)
            {
                throw new ArgumentNullException(nameof(operation));
            }

            var descriptor = new OpenIddictAuthorizationDescriptor
            {
                ApplicationId = await Store.GetApplicationIdAsync(authorization, cancellationToken),
                Status        = await Store.GetStatusAsync(authorization, cancellationToken),
                Subject       = await Store.GetSubjectAsync(authorization, cancellationToken),
                Type          = await Store.GetTypeAsync(authorization, cancellationToken)
            };

            foreach (var scope in await Store.GetScopesAsync(authorization, cancellationToken))
            {
                descriptor.Scopes.Add(scope);
            }

            await operation(descriptor);
            await PopulateAsync(authorization, descriptor, cancellationToken);
            await UpdateAsync(authorization, cancellationToken);
        }
Esempio n. 2
0
        /// <summary>
        /// Creates a new authorization.
        /// </summary>
        /// <param name="descriptor">The authorization descriptor.</param>
        /// <param name="cancellationToken">The <see cref="CancellationToken"/> that can be used to abort the operation.</param>
        /// <returns>
        /// A <see cref="Task"/> that can be used to monitor the asynchronous operation, whose result returns the authorization.
        /// </returns>
        public virtual async Task <TAuthorization> CreateAsync([NotNull] OpenIddictAuthorizationDescriptor descriptor, CancellationToken cancellationToken)
        {
            if (descriptor == null)
            {
                throw new ArgumentNullException(nameof(descriptor));
            }

            // If no type was explicitly specified, assume that
            // the authorization is a permanent authorization.
            if (string.IsNullOrEmpty(descriptor.Type))
            {
                descriptor.Type = OpenIddictConstants.AuthorizationTypes.Permanent;
            }

            await ValidateAsync(descriptor, cancellationToken);

            try
            {
                return(await Store.CreateAsync(descriptor, cancellationToken));
            }

            catch (Exception exception)
            {
                Logger.LogError(exception, "An exception occurred while trying to create a new authorization.");

                throw;
            }
        }
Esempio n. 3
0
        /// <summary>
        /// Validates the authorization to ensure it's in a consistent state.
        /// </summary>
        /// <param name="authorization">The authorization.</param>
        /// <param name="cancellationToken">The <see cref="CancellationToken"/> that can be used to abort the operation.</param>
        /// <returns>
        /// A <see cref="Task"/> that can be used to monitor the asynchronous operation.
        /// </returns>
        protected virtual async Task ValidateAsync([NotNull] TAuthorization authorization, CancellationToken cancellationToken)
        {
            if (authorization == null)
            {
                throw new ArgumentNullException(nameof(authorization));
            }

            var descriptor = new OpenIddictAuthorizationDescriptor
            {
                Status  = await Store.GetStatusAsync(authorization, cancellationToken),
                Subject = await Store.GetSubjectAsync(authorization, cancellationToken),
                Type    = await Store.GetTypeAsync(authorization, cancellationToken)
            };

            await ValidateAsync(descriptor, cancellationToken);
        }
Esempio n. 4
0
        /// <summary>
        /// Creates a new permanent authorization based on the specified parameters.
        /// </summary>
        /// <param name="principal">The principal associated with the authorization.</param>
        /// <param name="subject">The subject associated with the authorization.</param>
        /// <param name="client">The client associated with the authorization.</param>
        /// <param name="type">The authorization type.</param>
        /// <param name="scopes">The minimal scopes associated with the authorization.</param>
        /// <param name="properties">The authentication properties associated with the authorization.</param>
        /// <param name="cancellationToken">The <see cref="CancellationToken"/> that can be used to abort the operation.</param>
        /// <returns>
        /// A <see cref="Task"/> that can be used to monitor the asynchronous operation, whose result returns the authorization.
        /// </returns>
        public virtual Task <TAuthorization> CreateAsync(
            [NotNull] ClaimsPrincipal principal, [NotNull] string subject,
            [NotNull] string client, [NotNull] string type, ImmutableArray <string> scopes,
            [CanBeNull] ImmutableDictionary <string, string> properties, CancellationToken cancellationToken = default)
        {
            if (principal == null)
            {
                throw new ArgumentNullException(nameof(principal));
            }

            if (string.IsNullOrEmpty(subject))
            {
                throw new ArgumentException("The subject cannot be null or empty.", nameof(subject));
            }

            if (string.IsNullOrEmpty(client))
            {
                throw new ArgumentException("The client identifier cannot be null or empty.", nameof(client));
            }

            if (string.IsNullOrEmpty(type))
            {
                throw new ArgumentException("The type cannot be null or empty.", nameof(type));
            }

            var descriptor = new OpenIddictAuthorizationDescriptor
            {
                ApplicationId = client,
                Principal     = principal,
                Status        = OpenIddictConstants.Statuses.Valid,
                Subject       = subject,
                Type          = type
            };

            descriptor.Scopes.UnionWith(scopes);

            if (properties != null)
            {
                foreach (var property in properties)
                {
                    descriptor.Properties.Add(property);
                }
            }

            return(CreateAsync(descriptor, cancellationToken));
        }
        /// <summary>
        /// Creates a new authorization based on the specified descriptor.
        /// </summary>
        /// <param name="descriptor">The authorization descriptor.</param>
        /// <param name="cancellationToken">The <see cref="CancellationToken"/> that can be used to abort the operation.</param>
        /// <returns>
        /// A <see cref="Task"/> that can be used to monitor the asynchronous operation, whose result returns the authorization.
        /// </returns>
        public virtual async Task <TAuthorization> CreateAsync([NotNull] OpenIddictAuthorizationDescriptor descriptor, CancellationToken cancellationToken)
        {
            if (descriptor == null)
            {
                throw new ArgumentNullException(nameof(descriptor));
            }

            var authorization = await Store.InstantiateAsync(cancellationToken);

            if (authorization == null)
            {
                throw new InvalidOperationException("An error occurred while trying to create a new authorization.");
            }

            await PopulateAsync(authorization, descriptor, cancellationToken);

            return(await CreateAsync(authorization, cancellationToken));
        }
Esempio n. 6
0
        /// <summary>
        /// Validates the authorization descriptor to ensure it's in a consistent state.
        /// </summary>
        /// <param name="descriptor">The authorization descriptor.</param>
        /// <param name="cancellationToken">The <see cref="CancellationToken"/> that can be used to abort the operation.</param>
        /// <returns>
        /// A <see cref="Task"/> that can be used to monitor the asynchronous operation.
        /// </returns>
        protected virtual Task ValidateAsync([NotNull] OpenIddictAuthorizationDescriptor descriptor, CancellationToken cancellationToken)
        {
            if (descriptor == null)
            {
                throw new ArgumentNullException(nameof(descriptor));
            }

            if (string.IsNullOrEmpty(descriptor.Type))
            {
                throw new ArgumentException("The authorization type cannot be null or empty.", nameof(descriptor));
            }

            if (!string.Equals(descriptor.Type, OpenIddictConstants.AuthorizationTypes.AdHoc, StringComparison.OrdinalIgnoreCase) &&
                !string.Equals(descriptor.Type, OpenIddictConstants.AuthorizationTypes.Permanent, StringComparison.OrdinalIgnoreCase))
            {
                throw new ArgumentException("The specified authorization type is not supported by the default token manager.");
            }

            if (string.IsNullOrEmpty(descriptor.Status))
            {
                throw new ArgumentException("The status cannot be null or empty.");
            }

            if (string.IsNullOrEmpty(descriptor.Subject))
            {
                throw new ArgumentException("The subject cannot be null or empty.");
            }

            // Ensure that the scopes are not null or empty and do not contain spaces.
            foreach (var scope in descriptor.Scopes)
            {
                if (string.IsNullOrEmpty(scope))
                {
                    throw new ArgumentException("Scopes cannot be null or empty.", nameof(descriptor));
                }

                if (scope.Contains(OpenIddictConstants.Separators.Space))
                {
                    throw new ArgumentException("Scopes cannot contain spaces.", nameof(descriptor));
                }
            }

            return(Task.CompletedTask);
        }
Esempio n. 7
0
        /// <summary>
        /// Populates the authorization using the specified descriptor.
        /// </summary>
        /// <param name="authorization">The authorization.</param>
        /// <param name="descriptor">The descriptor.</param>
        /// <param name="cancellationToken">The <see cref="CancellationToken"/> that can be used to abort the operation.</param>
        /// <returns>
        /// A <see cref="Task"/> that can be used to monitor the asynchronous operation.
        /// </returns>
        protected virtual async Task PopulateAsync([NotNull] TAuthorization authorization,
                                                   [NotNull] OpenIddictAuthorizationDescriptor descriptor, CancellationToken cancellationToken = default)
        {
            if (authorization == null)
            {
                throw new ArgumentNullException(nameof(authorization));
            }

            if (descriptor == null)
            {
                throw new ArgumentNullException(nameof(descriptor));
            }

            await Store.SetApplicationIdAsync(authorization, descriptor.ApplicationId, cancellationToken);

            await Store.SetScopesAsync(authorization, ImmutableArray.CreateRange(descriptor.Scopes), cancellationToken);

            await Store.SetStatusAsync(authorization, descriptor.Status, cancellationToken);

            await Store.SetSubjectAsync(authorization, descriptor.Subject, cancellationToken);

            await Store.SetTypeAsync(authorization, descriptor.Type, cancellationToken);
        }
Esempio n. 8
0
 /// <summary>
 /// Creates a new authorization.
 /// </summary>
 /// <param name="descriptor">The authorization descriptor.</param>
 /// <param name="cancellationToken">The <see cref="CancellationToken"/> that can be used to abort the operation.</param>
 /// <returns>
 /// A <see cref="Task"/> that can be used to monitor the asynchronous operation, whose result returns the authorization.
 /// </returns>
 public abstract Task <TAuthorization> CreateAsync([NotNull] OpenIddictAuthorizationDescriptor descriptor, CancellationToken cancellationToken);