コード例 #1
0
        protected async Task <JObject> EnrichOAuthClient(HandlerContext context, OAuthClient oauthClient)
        {
            var jObj                      = context.Request.Data;
            var clientId                  = Guid.NewGuid().ToString();
            var clientSecret              = Guid.NewGuid().ToString();
            var grantTypes                = GetDefaultGrantTypes(jObj);
            var scopes                    = GetDefaultScopes(jObj);
            var tokenEndpointAuthMethod   = GetDefaultTokenAuthMethod(jObj);
            var responseTypes             = GetDefaultResponseTypes(jObj);
            var redirectUris              = jObj.GetRedirectUrisFromRegisterRequest();
            var clientNames               = jObj.GetClientNamesFromRegisterRequest();
            var clientUris                = jObj.GetClientUrisFromRegisterRequest();
            var logoUris                  = jObj.GetLogoUrisFromRegisterRequest();
            var contacts                  = jObj.GetContactsFromRegisterRequest();
            var tosUris                   = jObj.GetTosUrisFromRegisterRequest();
            var policyUris                = jObj.GetPolicyUrisFromRegisterRequest();
            var jwksUri                   = jObj.GetJwksUriFromRegisterRequest();
            var jwks                      = jObj.GetJwksFromRegisterRequest();
            var softwareStatement         = jObj.GetSoftwareStatementFromRegisterRequest();
            var softwareId                = jObj.GetSoftwareIdFromRegisterRequest();
            var softwareVersion           = jObj.GetSoftwareVersionFromRegisterRequest();
            var tokenSignedResponseAlg    = jObj.GetTokenSignedResponseAlgFromRegisterRequest();
            var tokenEncryptedResponseAlg = jObj.GetTokenEncryptedResponseAlgFromRegisterRequest();
            var tokenEncryptedResponseEnc = jObj.GetTokenEncryptedResponseEncFromRegisterRequest();

            if (!clientNames.Any(c => string.IsNullOrWhiteSpace(c.Key)))
            {
                clientNames.Add(string.Empty, clientId);
            }

            if (string.IsNullOrWhiteSpace(tokenSignedResponseAlg))
            {
                tokenSignedResponseAlg = RSA256SignHandler.ALG_NAME;
            }

            if (!string.IsNullOrWhiteSpace(tokenEncryptedResponseAlg) && string.IsNullOrWhiteSpace(tokenEncryptedResponseEnc))
            {
                tokenEncryptedResponseEnc = A128CBCHS256EncHandler.ENC_NAME;
            }

            var supportedScopes = await _oauthScopeRepository.FindOAuthScopesByNames(scopes);

            oauthClient.ClientId = clientId;
            oauthClient.TokenEndPointAuthMethod = tokenEndpointAuthMethod;
            oauthClient.GrantTypes                          = grantTypes.ToList();
            oauthClient.ResponseTypes                       = responseTypes;
            oauthClient.Contacts                            = contacts == null ? new List <string>() : contacts.ToList();
            oauthClient.JwksUri                             = jwksUri;
            oauthClient.JsonWebKeys                         = jwks == null ? new List <SimpleIdServer.Jwt.JsonWebKey>() : jwks.ToList();
            oauthClient.SoftwareId                          = softwareId;
            oauthClient.SoftwareVersion                     = softwareVersion;
            oauthClient.RedirectionUrls                     = redirectUris.ToList();
            oauthClient.PreferredTokenProfile               = OauthHostOptions.DefaultTokenProfile;
            oauthClient.AllowedScopes                       = supportedScopes.ToList();
            oauthClient.TokenSignedResponseAlg              = tokenSignedResponseAlg;
            oauthClient.TokenEncryptedResponseAlg           = tokenEncryptedResponseAlg;
            oauthClient.TokenEncryptedResponseEnc           = tokenEncryptedResponseEnc;
            oauthClient.RefreshTokenExpirationTimeInSeconds = 60 * 30;
            oauthClient.TokenExpirationTimeInSeconds        = 60 * 30;
            foreach (var kvp in clientNames)
            {
                oauthClient.AddClientName(kvp.Key, kvp.Value);
            }

            foreach (var kvp in clientUris)
            {
                oauthClient.AddClientUri(kvp.Key, kvp.Value);
            }

            foreach (var kvp in logoUris)
            {
                oauthClient.AddLogoUri(kvp.Key, kvp.Value);
            }

            foreach (var kvp in tosUris)
            {
                oauthClient.AddTosUri(kvp.Key, kvp.Value);
            }

            foreach (var kvp in policyUris)
            {
                oauthClient.AddPolicyUri(kvp.Key, kvp.Value);
            }

            oauthClient.AddSharedSecret(clientSecret);
            var currentDateTime = DateTime.UtcNow;
            var result          = new JObject();

            AddNotEmpty(result, RegisterResponseParameters.ClientId, clientId);
            AddNotEmpty(result, RegisterResponseParameters.ClientSecret, clientSecret);
            AddNotEmpty(result, RegisterResponseParameters.ClientIdIssuedAt, currentDateTime.ConvertToUnixTimestamp().ToString());
            if (OauthHostOptions.ClientSecretExpirationInSeconds != null)
            {
                AddNotEmpty(result, RegisterResponseParameters.ClientSecretExpiresAt, currentDateTime.AddSeconds(OauthHostOptions.ClientSecretExpirationInSeconds.Value).ConvertToUnixTimestamp().ToString());
            }

            AddNotEmpty(result, RegisterRequestParameters.GrantTypes, grantTypes);
            AddNotEmpty(result, RegisterRequestParameters.RedirectUris, redirectUris);
            AddNotEmpty(result, RegisterRequestParameters.TokenEndpointAuthMethod, tokenEndpointAuthMethod);
            AddNotEmpty(result, RegisterRequestParameters.ResponseTypes, responseTypes);
            AddNotEmpty(result, RegisterRequestParameters.ClientName, clientNames);
            AddNotEmpty(result, RegisterRequestParameters.ClientUri, clientUris);
            AddNotEmpty(result, RegisterRequestParameters.LogoUri, logoUris);
            if (scopes.Any())
            {
                AddNotEmpty(result, RegisterRequestParameters.Scope, string.Join(" ", scopes));
            }

            AddNotEmpty(result, RegisterRequestParameters.Contacts, contacts);
            AddNotEmpty(result, RegisterRequestParameters.TosUri, tosUris);
            AddNotEmpty(result, RegisterRequestParameters.PolicyUri, policyUris);
            AddNotEmpty(result, RegisterRequestParameters.JwksUri, jwksUri);
            AddNotEmpty(result, RegisterRequestParameters.Jwks, jwks);
            AddNotEmpty(result, RegisterRequestParameters.SoftwareId, softwareId);
            AddNotEmpty(result, RegisterRequestParameters.SoftwareVersion, softwareVersion);
            AddNotEmpty(result, RegisterRequestParameters.SoftwareStatement, softwareStatement);
            return(result);
        }
コード例 #2
0
        public static void EnrichDomain(this JObject jObj, OAuthClient result)
        {
            result.ClientId = jObj.GetClientId();
            result.TokenEndPointAuthMethod = jObj.GetTokenEndpointAuthMethod();
            result.GrantTypes      = jObj.GetGrantTypes();
            result.ResponseTypes   = jObj.GetResponseTypes();
            result.Contacts        = jObj.GetContacts();
            result.JwksUri         = jObj.GetJwksUri();
            result.JsonWebKeys     = jObj.GetJwks();
            result.SoftwareId      = jObj.GetSoftwareId();
            result.SoftwareVersion = jObj.GetSoftwareVersion();
            result.RedirectionUrls = jObj.GetRedirectUris();
            result.AllowedScopes   = jObj.GetScopes().Select(_ => new OAuthScope
            {
                Name = _
            });
            result.TokenSignedResponseAlg    = jObj.GetTokenSignedResponseAlg();
            result.TokenEncryptedResponseAlg = jObj.GetTokenEncryptedResponseAlg();
            result.TokenEncryptedResponseEnc = jObj.GetTokenEncryptedResponseEnc();
            result.RegistrationAccessToken   = jObj.GetRegistrationAccessToken();
            result.TlsClientAuthSubjectDN    = jObj.GetTlsClientAuthSubjectDn();
            result.TlsClientAuthSanDNS       = jObj.GetTlsClientAuthSanDNS();
            result.TlsClientAuthSanURI       = jObj.GetTlsClientAuthSanUri();
            result.TlsClientAuthSanIP        = jObj.GetTlsClientAuthSanIP();
            result.TlsClientAuthSanEmail     = jObj.GetTlsClientAuthSanEmail();
            var clientSecret = jObj.GetClientSecret();

            if (!string.IsNullOrWhiteSpace(clientSecret))
            {
                result.Secrets = new List <ClientSecret>
                {
                    new ClientSecret(ClientSecretTypes.SharedSecret, clientSecret, null)
                };
            }

            Dictionary <string, string> clientNames = jObj.GetClientNames(),
                                        clientUris  = jObj.GetClientUris(),
                                        logoUris    = jObj.GetLogoUris(),
                                        tosUris     = jObj.GetTosUris(),
                                        policyUris  = jObj.GetPolicyUris();

            foreach (var kvp in clientNames)
            {
                result.AddClientName(kvp.Key, kvp.Value);
            }

            foreach (var kvp in clientUris)
            {
                result.AddClientUri(kvp.Key, kvp.Value);
            }

            foreach (var kvp in logoUris)
            {
                result.AddLogoUri(kvp.Key, kvp.Value);
            }

            foreach (var kvp in tosUris)
            {
                result.AddTosUri(kvp.Key, kvp.Value);
            }

            foreach (var kvp in policyUris)
            {
                result.AddPolicyUri(kvp.Key, kvp.Value);
            }
        }