public async Task <JwsPayload> GenerateAccessToken(Common.Models.Client client, IEnumerable <string> scopes, string issuerName) { if (client == null) { throw new ArgumentNullException(nameof(client)); } if (scopes == null) { throw new ArgumentNullException(nameof(scopes)); } var timeKeyValuePair = await GetExpirationAndIssuedTime(); var expirationInSeconds = timeKeyValuePair.Key; var issuedAtTime = timeKeyValuePair.Value; var jwsPayload = new JwsPayload(); jwsPayload.Add(StandardClaimNames.Audiences, new[] { client.ClientId }); jwsPayload.Add(StandardClaimNames.Issuer, issuerName); jwsPayload.Add(StandardClaimNames.ExpirationTime, expirationInSeconds); jwsPayload.Add(StandardClaimNames.Iat, issuedAtTime); jwsPayload.Add(StandardClaimNames.Scopes, scopes); return(jwsPayload); }
public Task <bool> InsertAsync(Common.Models.Client newClient) { if (newClient == null) { throw new ArgumentNullException(nameof(newClient)); } newClient.CreateDateTime = DateTime.UtcNow; _clients.Add(newClient.Copy()); return(Task.FromResult(true)); }
public Task <bool> DeleteAsync(Common.Models.Client newClient) { if (newClient == null) { throw new ArgumentNullException(nameof(newClient)); } var client = _clients.FirstOrDefault(c => c.ClientId == newClient.ClientId); if (client == null) { return(Task.FromResult(false)); } _clients.Remove(client); return(Task.FromResult(true)); }
public Task <bool> UpdateAsync(Common.Models.Client newClient) { if (newClient == null) { throw new ArgumentNullException(nameof(newClient)); } var client = _clients.FirstOrDefault(c => c.ClientId == newClient.ClientId); client.ClientName = newClient.ClientName; client.ClientUri = newClient.ClientUri; client.Contacts = newClient.Contacts; client.DefaultAcrValues = newClient.DefaultAcrValues; client.DefaultMaxAge = newClient.DefaultMaxAge; client.GrantTypes = newClient.GrantTypes; client.IdTokenEncryptedResponseAlg = newClient.IdTokenEncryptedResponseAlg; client.IdTokenEncryptedResponseEnc = newClient.IdTokenEncryptedResponseEnc; client.IdTokenSignedResponseAlg = newClient.IdTokenSignedResponseAlg; client.InitiateLoginUri = newClient.InitiateLoginUri; client.JsonWebKeys = newClient.JsonWebKeys; client.JwksUri = newClient.JwksUri; client.LogoUri = newClient.LogoUri; client.PolicyUri = newClient.PolicyUri; client.PostLogoutRedirectUris = newClient.PostLogoutRedirectUris; client.RedirectionUrls = newClient.RedirectionUrls; client.RequestObjectEncryptionAlg = newClient.RequestObjectEncryptionAlg; client.RequestObjectEncryptionEnc = newClient.RequestObjectEncryptionEnc; client.RequestObjectSigningAlg = newClient.RequestObjectSigningAlg; client.RequestUris = newClient.RequestUris; client.RequireAuthTime = newClient.RequireAuthTime; client.RequirePkce = newClient.RequirePkce; client.ResponseTypes = newClient.ResponseTypes; client.ScimProfile = newClient.ScimProfile; client.Secrets = newClient.Secrets; client.SectorIdentifierUri = newClient.SectorIdentifierUri; client.SubjectType = newClient.SubjectType; client.TokenEndPointAuthMethod = newClient.TokenEndPointAuthMethod; client.TokenEndPointAuthSigningAlg = newClient.TokenEndPointAuthSigningAlg; client.TosUri = newClient.TosUri; client.UpdateDateTime = DateTime.UtcNow; client.UserInfoEncryptedResponseAlg = newClient.UserInfoEncryptedResponseAlg; client.UserInfoEncryptedResponseEnc = newClient.UserInfoEncryptedResponseEnc; client.UserInfoSignedResponseAlg = newClient.UserInfoSignedResponseAlg; client.AllowedScopes = newClient.AllowedScopes; return(Task.FromResult(true)); }
public static Common.Models.Client Copy(this Common.Models.Client client) { return(new Common.Models.Client { AllowedScopes = client.AllowedScopes == null ? new List <Scope>() : client.AllowedScopes.Select(s => s.Copy()).ToList(), ApplicationType = client.ApplicationType, ClientId = client.ClientId, ClientName = client.ClientName, ClientUri = client.ClientUri, Contacts = client.Contacts == null ? new List <string>() : client.Contacts.ToList(), CreateDateTime = client.CreateDateTime, DefaultAcrValues = client.DefaultAcrValues, DefaultMaxAge = client.DefaultMaxAge, GrantTypes = client.GrantTypes == null ? new List <GrantType>() : client.GrantTypes.ToList(), IdTokenEncryptedResponseAlg = client.IdTokenEncryptedResponseAlg, IdTokenEncryptedResponseEnc = client.IdTokenEncryptedResponseEnc, IdTokenSignedResponseAlg = client.IdTokenSignedResponseAlg, InitiateLoginUri = client.InitiateLoginUri, JsonWebKeys = client.JsonWebKeys == null ? new List <Common.JsonWebKey>() : client.JsonWebKeys.Select(j => j.Copy()).ToList(), JwksUri = client.JwksUri, LogoUri = client.LogoUri, PolicyUri = client.PolicyUri, PostLogoutRedirectUris = client.PostLogoutRedirectUris == null ? new List <string>() : client.PostLogoutRedirectUris.ToList(), RedirectionUrls = client.RedirectionUrls == null ? new List <string>() : client.RedirectionUrls.ToList(), RequestObjectEncryptionAlg = client.RequestObjectEncryptionAlg, RequestObjectEncryptionEnc = client.RequestObjectEncryptionEnc, RequestObjectSigningAlg = client.RequestObjectSigningAlg, RequestUris = client.RequestUris == null ? new List <string>() : client.RequestUris.ToList(), RequireAuthTime = client.RequireAuthTime, RequirePkce = client.RequirePkce, ResponseTypes = client.ResponseTypes == null ? new List <ResponseType>() : client.ResponseTypes.ToList(), ScimProfile = client.ScimProfile, Secrets = client.Secrets == null ? new List <ClientSecret>() : client.Secrets.Select(s => s.Copy()).ToList(), SectorIdentifierUri = client.SectorIdentifierUri, SubjectType = client.SubjectType, TokenEndPointAuthMethod = client.TokenEndPointAuthMethod, TokenEndPointAuthSigningAlg = client.TokenEndPointAuthSigningAlg, TosUri = client.TosUri, UpdateDateTime = client.UpdateDateTime, UserInfoEncryptedResponseAlg = client.UserInfoEncryptedResponseAlg, UserInfoEncryptedResponseEnc = client.UserInfoEncryptedResponseEnc, UserInfoSignedResponseAlg = client.UserInfoSignedResponseAlg }); }
private async Task <AuthenticationResult> ValidateJwsPayLoad(JwsPayload jwsPayload) { // The checks are coming from this url : http://openid.net/specs/openid-connect-core-1_0.html#ClientAuthentication var expectedIssuer = await _configurationService.GetIssuerNameAsync(); var jwsIssuer = jwsPayload.Issuer; var jwsSubject = jwsPayload.GetClaimValue(Jwt.Constants.StandardResourceOwnerClaimNames.Subject); var jwsAudiences = jwsPayload.Audiences; var expirationDateTime = jwsPayload.ExpirationTime.ConvertFromUnixTimestamp(); Common.Models.Client client = null; // 1. Check the issuer is correct. if (!string.IsNullOrWhiteSpace(jwsIssuer)) { client = await _clientRepository.GetClientByIdAsync(jwsIssuer); } // 2. Check the client is correct. if (client == null || jwsSubject != jwsIssuer) { return(new AuthenticationResult(null, ErrorDescriptions.TheClientIdPassedInJwtIsNotCorrect)); } // 3. Check if the audience is correct if (jwsAudiences == null || !jwsAudiences.Any() || !jwsAudiences.Any(j => j.Contains(expectedIssuer))) { return(new AuthenticationResult(null, ErrorDescriptions.TheAudiencePassedInJwtIsNotCorrect)); } // 4. Check the expiration time if (DateTime.UtcNow > expirationDateTime) { return(new AuthenticationResult(null, ErrorDescriptions.TheReceivedJwtHasExpired)); } return(new AuthenticationResult(client, null)); }
public void AddNewClient(int id, string lastName, string firstName, string password, int employeeId, ClientTypeEnum clientTypeId) { using (var httpClient = new HttpClient()) { httpClient.BaseAddress = new Uri(URLSERVERBASE); var client = new Common.Models.Client() { Id = id, FirstName = firstName, LastName = lastName, Password = password, RegisterationDate = DateTime.Now, RegisteredBy = employeeId, ClientTypeId = clientTypeId }; httpClient.DefaultRequestHeaders.Clear(); httpClient.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json")); var response = httpClient.PostAsJsonAsync("api/Clients/AddClient", client).Result; if (!response.IsSuccessStatusCode) { throw new Exception("Can't add this client"); } } }
public Task <JwsPayload> GenerateAccessToken(Common.Models.Client client, IEnumerable <string> scopes, string issuerName) { return(GenerateAccessToken(new[] { client.ClientId }, scopes, issuerName)); }