public async Task StartAsync(CancellationToken cancellationToken)
{
using IServiceScope scope = _serviceProvider.CreateScope();
QuorraDbContext context = scope.ServiceProvider.GetRequiredService <QuorraDbContext>();
await context.Database.EnsureCreatedAsync(cancellationToken);
IOpenIddictApplicationManager manager = scope.ServiceProvider.GetRequiredService <IOpenIddictApplicationManager>();
if (await manager.FindByClientIdAsync("console", cancellationToken) is null)
{
await manager.CreateAsync(new OpenIddictApplicationDescriptor
{
ClientId = "console",
ClientSecret = "388D45FA-B36B-4988-BA59-B187D329C207",
DisplayName = "My client application",
Permissions =
{
OpenIddictConstants.Permissions.Endpoints.Token,
OpenIddictConstants.Permissions.GrantTypes.ClientCredentials,
OpenIddictConstants.Permissions.GrantTypes.RefreshToken,
OpenIddictConstants.Permissions.Prefixes.Scope + "api"
}
}, cancellationToken);
}
if (await manager.FindByClientIdAsync("postman", cancellationToken) is null)
{
await manager.CreateAsync(new OpenIddictApplicationDescriptor
{
ClientId = "postman",
ClientSecret = "postman-secret",
DisplayName = "Postman",
RedirectUris = { new Uri("https://oauth.pstmn.io/v1/callback") },
Permissions =
{
OpenIddictConstants.Permissions.Endpoints.Authorization,
OpenIddictConstants.Permissions.Endpoints.Token,
OpenIddictConstants.Permissions.GrantTypes.AuthorizationCode,
OpenIddictConstants.Permissions.GrantTypes.ClientCredentials,
OpenIddictConstants.Permissions.GrantTypes.RefreshToken,
OpenIddictConstants.Permissions.Prefixes.Scope + "api",
OpenIddictConstants.Permissions.ResponseTypes.Code
}
}, cancellationToken);
}
}
public async Task <WorkplaceCredentialsDto> CreateWorkplaceAsync(WorkplaceDescriptorDto workplaceDescriptor)
{
var credentials = CreateCredentials(workplaceDescriptor);
var permissions = new List <string>(8);
permissions.AddRange(workplaceDescriptor.Scopes.Select(s => "scp:" + s));
permissions.AddRange(new[] {
OpenIddictConstants.Permissions.Endpoints.Token,
OpenIddictConstants.Permissions.GrantTypes.ClientCredentials
});
var application = new PskApplication
{
ClientId = credentials.ClientId,
DisplayName = workplaceDescriptor.DisplayName,
Permissions = JsonConvert.SerializeObject(permissions),
TenantId = workplaceDescriptor.TenantId,
BranchOfficeId = workplaceDescriptor.BranchOfficeId,
DepartmentId = workplaceDescriptor.DepartmentId,
ApplicationType = "workplace_" + workplaceDescriptor.WorkplaceType
};
await _oidcAppManager.CreateAsync(application, credentials.ClientSecret);
return(credentials);
}
public static async Task AddClient(this IOpenIddictApplicationManager manager, Action <OpenIddictApplicationDescriptor> descriptor, CancellationToken cancellationToken = default)
{
var application = new OpenIddictApplicationDescriptor();
descriptor(application);
if (string.IsNullOrEmpty(application.ClientId))
{
throw new ArgumentNullException();
}
if (await manager.FindByClientIdAsync(application.ClientId, cancellationToken) is not null)
{
return;
}
await manager.CreateAsync(application, cancellationToken);
}
private async static Task CreateIfNotExistAndSeedDatabase(IOpenIddictApplicationManager applicationManager)
{
var clientId = "BlazorApp13";
var app = await applicationManager.FindByClientIdAsync(clientId);
if (app is null)
{
if (await applicationManager.FindByClientIdAsync(clientId) is null)
{
var descriptor = new OpenIddictApplicationDescriptor
{
ClientId = clientId,
DisplayName = "Blazor App 13",
RedirectUris = { new Uri($"{HOSTNAME}/authentication/login-callback") },
PostLogoutRedirectUris = { new Uri($"{HOSTNAME}/authentication/logout-callback") },
//ConsentType = OpenIddictConstants.ConsentTypes.Implicit,
Permissions =
{
OpenIddictConstants.Permissions.Endpoints.Authorization,
OpenIddictConstants.Permissions.Endpoints.Token,
OpenIddictConstants.Permissions.Endpoints.Logout,
OpenIddictConstants.Permissions.GrantTypes.AuthorizationCode,
OpenIddictConstants.Permissions.GrantTypes.RefreshToken,
OpenIddictConstants.Permissions.Scopes.Email,
OpenIddictConstants.Permissions.Scopes.Profile,
OpenIddictConstants.Permissions.Scopes.Roles
},
Requirements =
{
OpenIddictConstants.Requirements.Features.ProofKeyForCodeExchange
}
};
await applicationManager.CreateAsync(descriptor);
}
}
}
public async Task <IActionResult> Register(RegisterViewModel model)
{
if (await _manager.FindByClientIdAsync(model.ClientId) == null)
{
var descriptor = new OpenIddictApplicationDescriptor
{
ClientId = model.ClientId,
ClientSecret = model.ClientSecret,
DisplayName = model.DisplayName,
PostLogoutRedirectUris = { model.PostLogoutRedirectUris },
RedirectUris = { model.RedirectUris },
Permissions =
{
OpenIddictConstants.Permissions.Endpoints.Authorization,
OpenIddictConstants.Permissions.Endpoints.Logout,
OpenIddictConstants.Permissions.Endpoints.Token,
OpenIddictConstants.Permissions.GrantTypes.AuthorizationCode,
OpenIddictConstants.Permissions.GrantTypes.RefreshToken,
OpenIddictConstants.Permissions.Scopes.Email,
CustomScopes.PermissionMeasurements(),
CustomScopes.PermissionGender(),
CustomScopes.PermissionName()
}
};
var setApplicationResult = _manager.CreateAsync(descriptor);
if (!setApplicationResult.IsFaulted)
{
StatusMessage = "Your application has been registered";
return(RedirectToAction(nameof(Register)));
}
ModelState.AddModelError(String.Empty, setApplicationResult.Exception.Message);
}
//if we get here something is wrong re displaying form.
StatusMessage = "Error: Something went wrong";
return(RedirectToAction(nameof(Register)));
}
public async Task <ActionResult <OpenIddictApplicationDescriptor> > AddAsync(OpenIddictApplicationDescriptor form)
{
var res = await _store.CreateAsync(form);
return(CreatedAtRoute("", res));
}
private async Task CreateApplicationsAsync()
{
var app1 = (OpenIddictApplicationModel)await _applicationManager.CreateAsync(new OpenIddictApplicationDescriptor
{
ClientId = AbpOpenIddictTestData.App1ClientId,
ConsentType = OpenIddictConstants.ConsentTypes.Explicit,
DisplayName = "Test Application",
RedirectUris =
{
new Uri("https://abp.io")
},
PostLogoutRedirectUris =
{
new Uri("https://abp.io")
},
Permissions =
{
OpenIddictConstants.Permissions.Endpoints.Authorization,
OpenIddictConstants.Permissions.Endpoints.Token,
OpenIddictConstants.Permissions.Endpoints.Device,
OpenIddictConstants.Permissions.Endpoints.Introspection,
OpenIddictConstants.Permissions.Endpoints.Revocation,
OpenIddictConstants.Permissions.Endpoints.Logout,
OpenIddictConstants.Permissions.GrantTypes.AuthorizationCode,
OpenIddictConstants.Permissions.GrantTypes.Implicit,
OpenIddictConstants.Permissions.GrantTypes.Password,
OpenIddictConstants.Permissions.GrantTypes.RefreshToken,
OpenIddictConstants.Permissions.GrantTypes.DeviceCode,
OpenIddictConstants.Permissions.GrantTypes.ClientCredentials,
OpenIddictConstants.Permissions.ResponseTypes.Code,
OpenIddictConstants.Permissions.ResponseTypes.CodeIdToken,
OpenIddictConstants.Permissions.ResponseTypes.CodeIdTokenToken,
OpenIddictConstants.Permissions.ResponseTypes.CodeToken,
OpenIddictConstants.Permissions.ResponseTypes.IdToken,
OpenIddictConstants.Permissions.ResponseTypes.IdTokenToken,
OpenIddictConstants.Permissions.ResponseTypes.None,
OpenIddictConstants.Permissions.ResponseTypes.Token,
OpenIddictConstants.Permissions.Scopes.Roles,
OpenIddictConstants.Permissions.Scopes.Profile,
OpenIddictConstants.Permissions.Scopes.Email,
OpenIddictConstants.Permissions.Scopes.Address,
OpenIddictConstants.Permissions.Scopes.Phone,
OpenIddictConstants.Permissions.Prefixes.Scope + AbpOpenIddictTestData.Scope1Name
}
});
AbpOpenIddictTestData.App1Id = app1.Id;
var app2 = (OpenIddictApplicationModel)await _applicationManager.CreateAsync(new OpenIddictApplicationDescriptor
{
ClientId = AbpOpenIddictTestData.App2ClientId,
ConsentType = OpenIddictConstants.ConsentTypes.Explicit,
DisplayName = "Test Application",
RedirectUris =
{
new Uri("https://abp.io")
},
PostLogoutRedirectUris =
{
new Uri("https://abp.io")
},
Permissions =
{
OpenIddictConstants.Permissions.Endpoints.Authorization,
OpenIddictConstants.Permissions.Endpoints.Token,
OpenIddictConstants.Permissions.Endpoints.Device,
OpenIddictConstants.Permissions.Endpoints.Introspection,
OpenIddictConstants.Permissions.Endpoints.Revocation,
OpenIddictConstants.Permissions.Endpoints.Logout,
OpenIddictConstants.Permissions.GrantTypes.AuthorizationCode,
OpenIddictConstants.Permissions.GrantTypes.Implicit,
OpenIddictConstants.Permissions.GrantTypes.Password,
OpenIddictConstants.Permissions.GrantTypes.RefreshToken,
OpenIddictConstants.Permissions.GrantTypes.DeviceCode,
OpenIddictConstants.Permissions.GrantTypes.ClientCredentials,
OpenIddictConstants.Permissions.ResponseTypes.Code,
OpenIddictConstants.Permissions.ResponseTypes.CodeIdToken,
OpenIddictConstants.Permissions.ResponseTypes.CodeIdTokenToken,
OpenIddictConstants.Permissions.ResponseTypes.CodeToken,
OpenIddictConstants.Permissions.ResponseTypes.IdToken,
OpenIddictConstants.Permissions.ResponseTypes.IdTokenToken,
OpenIddictConstants.Permissions.ResponseTypes.None,
OpenIddictConstants.Permissions.ResponseTypes.Token,
OpenIddictConstants.Permissions.Scopes.Roles,
OpenIddictConstants.Permissions.Scopes.Profile,
OpenIddictConstants.Permissions.Scopes.Email,
OpenIddictConstants.Permissions.Scopes.Address,
OpenIddictConstants.Permissions.Scopes.Phone,
OpenIddictConstants.Permissions.Prefixes.Scope + AbpOpenIddictTestData.Scope1Name,
OpenIddictConstants.Permissions.Prefixes.Scope + AbpOpenIddictTestData.Scope2Name,
}
});
AbpOpenIddictTestData.App2Id = app2.Id;
}
public async Task SeedAsync(DataSeedContext context)
{
if (await _scopeManager.FindByNameAsync("AbpAPI") == null)
{
await _scopeManager.CreateAsync(new OpenIddictScopeDescriptor()
{
Name = "AbpAPI",
DisplayName = "Abp API access",
DisplayNames =
{
[CultureInfo.GetCultureInfo("zh-Hans")] = "演示 API 访问",
[CultureInfo.GetCultureInfo("tr")] = "API erişimi"
},
Resources =
{
"AbpAPIResource"
}
});
}
if (await _applicationManager.FindByClientIdAsync("AbpApp") == null)
{
await _applicationManager.CreateAsync(new OpenIddictApplicationDescriptor
{
ClientId = "AbpApp",
ClientSecret = "1q2w3e*",
ConsentType = OpenIddictConstants.ConsentTypes.Explicit,
DisplayName = "Abp Application",
PostLogoutRedirectUris =
{
new Uri("https://localhost:44302/signout-callback-oidc"),
new Uri("http://localhost:4200")
},
RedirectUris =
{
new Uri("https://localhost:44302/signin-oidc"),
new Uri("http://localhost:4200")
},
Permissions =
{
OpenIddictConstants.Permissions.Endpoints.Authorization,
OpenIddictConstants.Permissions.Endpoints.Token,
OpenIddictConstants.Permissions.Endpoints.Device,
OpenIddictConstants.Permissions.Endpoints.Introspection,
OpenIddictConstants.Permissions.Endpoints.Revocation,
OpenIddictConstants.Permissions.Endpoints.Logout,
OpenIddictConstants.Permissions.GrantTypes.AuthorizationCode,
OpenIddictConstants.Permissions.GrantTypes.Implicit,
OpenIddictConstants.Permissions.GrantTypes.Password,
OpenIddictConstants.Permissions.GrantTypes.RefreshToken,
OpenIddictConstants.Permissions.GrantTypes.DeviceCode,
OpenIddictConstants.Permissions.GrantTypes.ClientCredentials,
OpenIddictConstants.Permissions.ResponseTypes.Code,
OpenIddictConstants.Permissions.ResponseTypes.CodeIdToken,
OpenIddictConstants.Permissions.ResponseTypes.CodeIdTokenToken,
OpenIddictConstants.Permissions.ResponseTypes.CodeToken,
OpenIddictConstants.Permissions.ResponseTypes.IdToken,
OpenIddictConstants.Permissions.ResponseTypes.IdTokenToken,
OpenIddictConstants.Permissions.ResponseTypes.None,
OpenIddictConstants.Permissions.ResponseTypes.Token,
OpenIddictConstants.Permissions.Scopes.Roles,
OpenIddictConstants.Permissions.Scopes.Profile,
OpenIddictConstants.Permissions.Scopes.Email,
OpenIddictConstants.Permissions.Scopes.Address,
OpenIddictConstants.Permissions.Scopes.Phone,
OpenIddictConstants.Permissions.Prefixes.Scope + "AbpAPI"
}
});
}
if (await _applicationManager.FindByClientIdAsync("AbpBlazorWASMApp") == null)
{
await _applicationManager.CreateAsync(new OpenIddictApplicationDescriptor
{
ClientId = "AbpBlazorWASMApp",
ConsentType = OpenIddictConstants.ConsentTypes.Explicit,
DisplayName = "Abp Blazor WASM Application",
PostLogoutRedirectUris =
{
new Uri("https://localhost:44304/authentication/logout-callback")
},
RedirectUris =
{
new Uri("https://localhost:44304/authentication/login-callback")
},
Permissions =
{
OpenIddictConstants.Permissions.Endpoints.Authorization,
OpenIddictConstants.Permissions.Endpoints.Token,
OpenIddictConstants.Permissions.Endpoints.Device,
OpenIddictConstants.Permissions.Endpoints.Introspection,
OpenIddictConstants.Permissions.Endpoints.Revocation,
OpenIddictConstants.Permissions.Endpoints.Logout,
OpenIddictConstants.Permissions.GrantTypes.AuthorizationCode,
OpenIddictConstants.Permissions.GrantTypes.Implicit,
OpenIddictConstants.Permissions.GrantTypes.Password,
OpenIddictConstants.Permissions.GrantTypes.RefreshToken,
OpenIddictConstants.Permissions.GrantTypes.DeviceCode,
OpenIddictConstants.Permissions.GrantTypes.ClientCredentials,
OpenIddictConstants.Permissions.ResponseTypes.Code,
OpenIddictConstants.Permissions.ResponseTypes.CodeIdToken,
OpenIddictConstants.Permissions.ResponseTypes.CodeIdTokenToken,
OpenIddictConstants.Permissions.ResponseTypes.CodeToken,
OpenIddictConstants.Permissions.ResponseTypes.IdToken,
OpenIddictConstants.Permissions.ResponseTypes.IdTokenToken,
OpenIddictConstants.Permissions.ResponseTypes.None,
OpenIddictConstants.Permissions.ResponseTypes.Token,
OpenIddictConstants.Permissions.Scopes.Roles,
OpenIddictConstants.Permissions.Scopes.Profile,
OpenIddictConstants.Permissions.Scopes.Email,
OpenIddictConstants.Permissions.Scopes.Address,
OpenIddictConstants.Permissions.Scopes.Phone,
OpenIddictConstants.Permissions.Prefixes.Scope + "AbpAPI"
}
});
}
}
public async Task <ActionResult <OpenIddictApplication> > AddApplicationAsync(OpenIddictApplication application)
{
if (await _manager.FindByClientIdAsync(application.ClientId !) == null)
{
return((OpenIddictApplication)(await _manager.CreateAsync(application)));
}
