コード例 #1
0
        private async Task InitializeAsync(IServiceProvider services)
        {
            // Create a new service scope to ensure the database context is correctly disposed when this methods returns.
            using (var scope = services.GetRequiredService <IServiceScopeFactory>().CreateScope())
            {
                var context = scope.ServiceProvider.GetRequiredService <ApplicationDbContext>();
                await context.Database.EnsureCreatedAsync();

                var manager = scope.ServiceProvider
                              .GetRequiredService <OpenIddictApplicationManager <OpenIddictApplication> >();

                const string clientId = "my-client";
                if (await manager.FindByClientIdAsync(clientId) == null)
                {
                    var descriptor = new OpenIddictApplicationDescriptor
                    {
                        ClientId     = clientId,
                        DisplayName  = "My Client",
                        RedirectUris = { new Uri("https://localhost:5001") },
                        Permissions  =
                        {
                            OpenIddictConstants.Permissions.Endpoints.Authorization,
                            OpenIddictConstants.Permissions.GrantTypes.Implicit,
                            // allow the openid scope
                            OpenIddictConstants.Permissions.Scopes.Profile,
                        }
                    };

                    await manager.CreateAsync(descriptor);
                }
            }
        }
コード例 #2
0
ファイル: Program.cs プロジェクト: davidparker/Cierge
        private static async Task InitializeAsync(IServiceProvider services, CancellationToken cancellationToken)
        {
            using (var scope = services.GetRequiredService <IServiceScopeFactory>().CreateScope())
            {
                // Add OpenIddict clients
                var iddictManager = scope.ServiceProvider.GetRequiredService <OpenIddictApplicationManager <OpenIddictApplication> >();
                if (await iddictManager.FindByClientIdAsync("client-app", cancellationToken) == null)
                {
                    var descriptor = new OpenIddictApplicationDescriptor
                    {
                        ClientId               = "client-app",
                        DisplayName            = "Test Client App",
                        PostLogoutRedirectUris = { new Uri("http://localhost:8000/signout-oidc") },
                        RedirectUris           = { new Uri("http://localhost:8000/signin-oidc") },
                    };

                    await iddictManager.CreateAsync(descriptor, cancellationToken);
                }

                // Create roles
                var      roleManager = scope.ServiceProvider.GetRequiredService <RoleManager <IdentityRole> >();
                string[] roleNames   = { "Administrator" };
                foreach (var roleName in roleNames)
                {
                    if (!await roleManager.RoleExistsAsync(roleName))
                    {
                        await roleManager.CreateAsync(new IdentityRole(roleName));
                    }
                }
            }
        }
コード例 #3
0
        private async Task AddOpenIdConnectApplication(IConfiguration configuration)
        {
            if (await _openIddictApplicationManager.FindByClientIdAsync("botw") == null)
            {
                var host = configuration["HostUrl"].ToString();

                var descriptor = new OpenIddictApplicationDescriptor
                {
                    ClientId               = "botw",
                    DisplayName            = "Best of the Worst",
                    PostLogoutRedirectUris = { new Uri($"{host}signout-oidc") },
                    RedirectUris           = { new Uri(host) },
                    Permissions            =
                    {
                        OpenIddictConstants.Permissions.Endpoints.Authorization,
                        OpenIddictConstants.Permissions.Endpoints.Token,
                        OpenIddictConstants.Permissions.GrantTypes.Implicit,
                        OpenIddictConstants.Permissions.GrantTypes.Password,
                        OpenIddictConstants.Permissions.GrantTypes.RefreshToken,
                        OpenIddictConstants.Permissions.Scopes.Email,
                        OpenIddictConstants.Permissions.Scopes.Profile,
                        OpenIddictConstants.Permissions.Scopes.Roles,
                    }
                };

                await _openIddictApplicationManager.CreateAsync(descriptor);
            }
        }
コード例 #4
0
        public async Task <Audience> SetupAudience(string appName, string displayName)
        {
            //todo: implement name check
            string   clientId      = Guid.NewGuid().ToString().Replace("-", "").Substring(0, 15).ToUpper();
            var      AudiencesRepo = _dbContext.Audiences;
            string   secret        = Guid.NewGuid().ToString().ToUpper();
            string   base64Secret  = Convert.ToBase64String(Encoding.UTF8.GetBytes(secret));
            Audience Audience      = new Audience();

            Audience.AppName      = appName;
            Audience.ClientId     = clientId;
            Audience.ClientSecret = secret;
            Audience.CreatedOn    = DateTime.Now;
            await AudiencesRepo.AddAsync(Audience);

            var descriptor = new OpenIddictApplicationDescriptor
            {
                ClientId     = clientId,
                ClientSecret = base64Secret,
                DisplayName  = displayName,
                Permissions  =
                {
                    OpenIddictConstants.Permissions.Endpoints.Token,
                    OpenIddictConstants.Permissions.GrantTypes.ClientCredentials,
                    OpenIddictConstants.Permissions.GrantTypes.Password,
                    OpenIddictConstants.Permissions.GrantTypes.RefreshToken
                }
            };

            await _openIddictConnectStore.CreateAsync(descriptor);

            await _dbContext.SaveChangesAsync();

            return(Audience);
        }
コード例 #5
0
        private async Task AddClient(StartupClientData client, bool isVip = false)
        {
            using (var scope = _services.GetRequiredService <IServiceScopeFactory>().CreateScope())
            {
                var manager = scope.ServiceProvider.GetRequiredService <OpenIddictApplicationManager <OpenIddictApplication> >();

                if (await manager.FindByClientIdAsync(client.ClientId) == null)
                {
                    var descriptor = new OpenIddictApplicationDescriptor
                    {
                        ClientId     = client.ClientId,
                        ClientSecret = client.ClientSecret,
                        DisplayName  = client.DisplayName,
                        Permissions  =
                        {
                            //OpenIddictConstants.Permissions.Endpoints.Authorization,
                            OpenIddictConstants.Permissions.Endpoints.Token,
                            //OpenIddictConstants.Permissions.Endpoints.Logout,
                            OpenIddictConstants.Permissions.Scopes.Email,
                            OpenIddictConstants.Permissions.Scopes.Profile,
                            OpenIddictConstants.Permissions.Scopes.Roles,
                            OpenIddictConstants.Permissions.GrantTypes.ClientCredentials,
                        }
                    };

                    if (isVip)
                    {
                        descriptor.Permissions.Add($"{OpenIddictConstants.Permissions.Prefixes.Scope}is_vip");
                    }

                    await manager.CreateAsync(descriptor);
                }
            }
        }
コード例 #6
0
ファイル: Program.cs プロジェクト: Temitope-A/barco-cierge
        private static async Task InitializeAsync(IServiceProvider services, CancellationToken cancellationToken)
        {
            using (var scope = services.GetRequiredService <IServiceScopeFactory>().CreateScope())
            {
                // Add OpenIddict clients
                var iddictManager = scope.ServiceProvider.GetRequiredService <OpenIddictApplicationManager <OpenIddictApplication> >();

                if (await iddictManager.FindByClientIdAsync("barco-rota", cancellationToken) == null)
                {
                    var descriptor = new OpenIddictApplicationDescriptor
                    {
                        ClientId               = "barco-rota",
                        DisplayName            = "Barco Rota",
                        PostLogoutRedirectUris = { new Uri("https://barcorota.azurewebsites.net/signout-oidc") },
                        RedirectUris           = { new Uri("https://barcorota.azurewebsites.net/signin-oidc") },
                    };

                    await iddictManager.CreateAsync(descriptor, cancellationToken);
                }

                // Create roles
                var      roleManager = scope.ServiceProvider.GetRequiredService <RoleManager <IdentityRole> >();
                string[] roleNames   = { Constants.ADMIN_ROLE, Constants.BARCO_ROLE, Constants.ROTA_ROLE, Constants.WOLF_ROLE };
                foreach (var roleName in roleNames)
                {
                    if (!await roleManager.RoleExistsAsync(roleName))
                    {
                        await roleManager.CreateAsync(new IdentityRole(roleName));
                    }
                }
            }
        }
コード例 #7
0
        private async Task InitializeAsync(IServiceProvider services)
        {
            // Create a new service scope to ensure the database context is correctly disposed when this methods returns.
            using (var scope = services.GetRequiredService <IServiceScopeFactory>().CreateScope())
            {
                var context = scope.ServiceProvider.GetRequiredService <ApplicationDbContext>();
                await context.Database.EnsureCreatedAsync();

                var manager = scope.ServiceProvider.GetRequiredService <OpenIddictApplicationManager <OpenIddictApplication> >();

                if (await manager.FindByClientIdAsync("console") == null)
                {
                    var descriptor = new OpenIddictApplicationDescriptor
                    {
                        ClientId     = "console",
                        ClientSecret = "388D45FA-B36B-4988-BA59-B187D329C207",
                        DisplayName  = "My client application",
                        Permissions  =
                        {
                            OpenIddictConstants.Permissions.Endpoints.Token,
                            OpenIddictConstants.Permissions.GrantTypes.ClientCredentials
                        }
                    };

                    await manager.CreateAsync(descriptor);
                }
            }
        }
コード例 #8
0
        private async Task InitializeAsync(IServiceProvider services)
        {
            using (var scope = services.GetRequiredService <IServiceScopeFactory>().CreateScope())
            {
                var context = scope.ServiceProvider.GetRequiredService <AuthenticationServerContext>();
                await context.Database.EnsureCreatedAsync();

                var manager = scope.ServiceProvider.GetRequiredService <OpenIddictApplicationManager <OpenIddictApplication> >();

                if (await manager.FindByClientIdAsync("LKG.App") == null)
                {
                    var descriptor = new OpenIddictApplicationDescriptor
                    {
                        ClientId     = "LKG.App",
                        ClientSecret = "73dfecb1-2ccf-4b5d-9293-5361adc5e02f",
                        DisplayName  = "Админка сервисов",
                        RedirectUris = { new Uri("http://localhost:10234/lkg/signin-oidc") },
                        Permissions  =
                        {
                            OpenIddictConstants.Permissions.Endpoints.Authorization,
                            OpenIddictConstants.Permissions.Endpoints.Token,
                            OpenIddictConstants.Permissions.GrantTypes.AuthorizationCode,
                            OpenIddictConstants.Permissions.GrantTypes.RefreshToken,
                            OpenIddictConstants.Permissions.Scopes.Profile
                        }
                    };

                    await manager.CreateAsync(descriptor);
                }
            }
        }
コード例 #9
0
        public static async Task CreateClientApps(OpenIddictApplicationManager <OpenIddictApplication> manager,
                                                  CancellationToken cancellationToken)
        {
            if (await manager.FindByClientIdAsync(ClientAppHelper.CLIENT_WEB_ID,
                                                  cancellationToken) == null)
            {
                var descriptor = new OpenIddictApplicationDescriptor
                {
                    ClientId               = ClientAppHelper.CLIENT_WEB_ID,
                    ClientSecret           = ClientAppHelper.CLIENT_WEB_SECRET,
                    DisplayName            = "Imanage Web App",
                    PostLogoutRedirectUris = { new Uri("https://imanage.azurewebsites.net/connect/token") },
                    RedirectUris           = { new Uri("https://imanage.azurewebsites.net/connect/token") },
                    Type        = OpenIddictConstants.ClientTypes.Hybrid,
                    Permissions =
                    {
                        OpenIddictConstants.Permissions.Endpoints.Token,
                        OpenIddictConstants.Permissions.GrantTypes.Password,
                        OpenIddictConstants.Permissions.GrantTypes.RefreshToken,
                        OpenIddictConstants.Permissions.Scopes.Email,
                        OpenIddictConstants.Permissions.Scopes.Profile,
                        OpenIddictConstants.Permissions.Scopes.Roles
                    }
                };

                await manager.CreateAsync(descriptor, cancellationToken);
            }
        }
コード例 #10
0
        public async static Task InitializeDbAsync(this IServiceProvider services, CancellationToken cancellationToken)
        {
            // Create a new service scope to ensure the database context is correctly disposed when this methods returns.
            using (var scope = services.GetRequiredService <IServiceScopeFactory>().CreateScope())
            {
                var context = scope.ServiceProvider.GetRequiredService <AppDbContext>();
                await context.Database.EnsureCreatedAsync();

                var manager = scope.ServiceProvider.GetRequiredService <OpenIddictApplicationManager <OpenIddictApplication <string> > >();

                if (await manager.FindByClientIdAsync("angular_client_s6BhdRkqt3", cancellationToken) == null)
                {
                    var descriptor = new OpenIddictApplicationDescriptor
                    {
                        ClientId               = "angular_client_s6BhdRkqt3",
                        DisplayName            = "public_client",
                        RedirectUris           = { new Uri("https://localhost:44329/players") },
                        PostLogoutRedirectUris = { new Uri("https://localhost:44329/login") }
                    };

                    await manager.CreateAsync(descriptor, cancellationToken);
                }

                await DbInitializer.InitializeAsync(context);
            }
        }
コード例 #11
0
        public override async Task PopulateAsync(TApplication application,
                                                 OpenIddictApplicationDescriptor descriptor, CancellationToken cancellationToken = default)
        {
            if (application == null)
            {
                throw new ArgumentNullException(nameof(application));
            }

            if (descriptor == null)
            {
                throw new ArgumentNullException(nameof(descriptor));
            }

            if (descriptor is OpenIdApplicationDescriptor model)
            {
                if (Store is IOpenIdApplicationStore <TApplication> store)
                {
                    await store.SetRolesAsync(application, model.Roles.ToImmutableArray(), cancellationToken);
                }
                else
                {
                    var properties = await Store.GetPropertiesAsync(application, cancellationToken);

                    properties[OpenIdConstants.Properties.Roles] = JArray.FromObject(model.Roles);

                    await Store.SetPropertiesAsync(application, properties, cancellationToken);
                }
            }

            await base.PopulateAsync(application, descriptor, cancellationToken);
        }
コード例 #12
0
        public override async ValueTask PopulateAsync(TApplication application,
                                                      OpenIddictApplicationDescriptor descriptor, CancellationToken cancellationToken = default)
        {
            if (application == null)
            {
                throw new ArgumentNullException(nameof(application));
            }

            if (descriptor == null)
            {
                throw new ArgumentNullException(nameof(descriptor));
            }

            if (descriptor is OpenIdApplicationDescriptor model)
            {
                if (Store is IOpenIdApplicationStore <TApplication> store)
                {
                    await store.SetRolesAsync(application, model.Roles.ToImmutableArray(), cancellationToken);
                }
                else
                {
                    var properties = await Store.GetPropertiesAsync(application, cancellationToken);

                    properties = properties.SetItem(OpenIdConstants.Properties.Roles, JsonSerializer.Deserialize <JsonElement>(
                                                        JsonSerializer.Serialize(model.Roles, new JsonSerializerOptions
                    {
                        Encoder = JavaScriptEncoder.UnsafeRelaxedJsonEscaping
                    })));

                    await Store.SetPropertiesAsync(application, properties, cancellationToken);
                }
            }

            await base.PopulateAsync(application, descriptor, cancellationToken);
        }
コード例 #13
0
        private static async Task AddClientApplications(ApplicationDbContext context, OpenIddictApplicationManager <OpenIddictApplication> manager)
        {
            const string clientId = "socialarts.club";

            var app = await manager.FindByClientIdAsync(clientId);

            if (app != null)
            {
                await manager.DeleteAsync(app);
            }

            var descriptor = new OpenIddictApplicationDescriptor
            {
                ClientId    = clientId,
                DisplayName = clientId,
                // TODO: Read this from configuration.
                RedirectUris =
                {
                    new Uri("https://localhost:5001/MyProgressJournal"),
                    new Uri("https://socialarts.club/MyProgressJournal")
                },
                Permissions =
                {
                    OpenIddictConstants.Permissions.Endpoints.Authorization,
                    OpenIddictConstants.Permissions.GrantTypes.Implicit,
                    OpenIddictConstants.Permissions.Scopes.OpenId,
                }
            };

            await manager.CreateAsync(descriptor);
        }
コード例 #14
0
        /// <summary>
        /// Creates a new application based on the specified descriptor.
        /// Note: the default implementation automatically hashes the client
        /// secret before storing it in the database, for security reasons.
        /// </summary>
        /// <param name="descriptor">The application descriptor.</param>
        /// <param name="cancellationToken">The <see cref="CancellationToken"/> that can be used to abort the operation.</param>
        /// <returns>
        /// A <see cref="Task"/> that can be used to monitor the asynchronous operation,
        /// whose result returns the unique identifier associated with the application.
        /// </returns>
        public override async Task <TApplication> CreateAsync(OpenIddictApplicationDescriptor descriptor, CancellationToken cancellationToken)
        {
            if (descriptor == null)
            {
                throw new ArgumentNullException(nameof(descriptor));
            }

            TApplication application = new Application() as TApplication;

            if (application == null)
            {
                throw new InvalidOperationException("An error occurred while trying to create a new application");
            }

            //await PopulateAsync(application, descriptor, cancellationToken);

            var secret = await Store.GetClientSecretAsync(application, cancellationToken);

            if (!string.IsNullOrEmpty(secret))
            {
                await Store.SetClientSecretAsync(application, /* secret: */ null, cancellationToken);

                return(await CreateAsync(application, secret, cancellationToken));
            }

            return(await CreateAsync(application, cancellationToken));
        }
コード例 #15
0
        private static async Task InitializeApiClientAsync(IServiceProvider services, CancellationToken cancellationToken)
        {
            var manager = services.GetRequiredService <OpenIddictApplicationManager <OpenIddictApplication> >();
            var clients = services.GetRequiredService <IConfiguration>().GetSection("Init").GetSection("ApiClients");

            foreach (var client in clients.GetChildren())
            {
                var clientId     = client.GetValue <string>("ClientId");
                var clientSecret = client.GetValue <string>("ClientSecret");
                var displayName  = client.GetValue <string>("DisplayName");
                var c            = await manager.FindByClientIdAsync(clientId, cancellationToken);

                if (c != null)
                {
                    continue;
                }
                var descriptor = new OpenIddictApplicationDescriptor
                {
                    ClientId     = clientId,
                    ClientSecret = clientSecret,
                    DisplayName  = displayName
                };
                await manager.CreateAsync(descriptor, cancellationToken);
            }
        }
コード例 #16
0
        public async Task <ActionResult <OAuthAppSearchResult> > SearchAsync(OAuthAppSearchCriteria criteria)
        {
            if (criteria.Sort.IsNullOrEmpty())
            {
                criteria.Sort = "DisplayName:ASC";
            }

            var apps = await _manager.ListAsync(x =>
                                                x.OrderBySortInfos(criteria.SortInfos).Skip(criteria.Skip).Take(criteria.Take));

            var appsTasks = apps.Select(async x =>
            {
                var descriptor = new OpenIddictApplicationDescriptor();
                await _manager.PopulateAsync(descriptor, x);
                descriptor.ClientSecret = "";
                return(descriptor);
            }).ToList();

            var result = new OAuthAppSearchResult
            {
                Results    = await Task.WhenAll(appsTasks),
                TotalCount = (int)await _manager.CountAsync()
            };

            return(result);
        }
コード例 #17
0
ファイル: Startup.cs プロジェクト: codeex/openiddict-core
        private async Task InitializeAsync(IServiceProvider services)
        {
            // Create a new service scope to ensure the database context is correctly disposed when this methods returns.
            using (var scope = services.GetRequiredService <IServiceScopeFactory>().CreateScope())
            {
                var context = scope.ServiceProvider.GetRequiredService <ApplicationDbContext>();
                await context.Database.EnsureCreatedAsync();

                var manager = scope.ServiceProvider.GetRequiredService <OpenIddictApplicationManager <OpenIddictApplication> >();

                if (await manager.FindByClientIdAsync("mvc") == null)
                {
                    var descriptor = new OpenIddictApplicationDescriptor
                    {
                        ClientId               = "mvc",
                        ClientSecret           = "901564A5-E7FE-42CB-B10D-61EF6A8F3654",
                        DisplayName            = "MVC client application",
                        PostLogoutRedirectUris = { new Uri("http://localhost:53507/signout-callback-oidc") },
                        RedirectUris           = { new Uri("http://localhost:53507/signin-oidc") },
                        Permissions            =
                        {
                            OpenIddictConstants.Permissions.Endpoints.Authorization,
                            OpenIddictConstants.Permissions.Endpoints.Logout,
                            OpenIddictConstants.Permissions.Endpoints.Token,
                            OpenIddictConstants.Permissions.GrantTypes.AuthorizationCode,
                            OpenIddictConstants.Permissions.GrantTypes.RefreshToken
                        }
                    };

                    await manager.CreateAsync(descriptor);
                }

                // To test this sample with Postman, use the following settings:
                //
                // * Authorization URL: http://localhost:54540/connect/authorize
                // * Access token URL: http://localhost:54540/connect/token
                // * Client ID: postman
                // * Client secret: [blank] (not used with public clients)
                // * Scope: openid email profile roles
                // * Grant type: authorization code
                // * Request access token locally: yes
                if (await manager.FindByClientIdAsync("postman") == null)
                {
                    var descriptor = new OpenIddictApplicationDescriptor
                    {
                        ClientId     = "postman",
                        DisplayName  = "Postman",
                        RedirectUris = { new Uri("https://www.getpostman.com/oauth2/callback") },
                        Permissions  =
                        {
                            OpenIddictConstants.Permissions.Endpoints.Authorization,
                            OpenIddictConstants.Permissions.Endpoints.Token,
                            OpenIddictConstants.Permissions.GrantTypes.AuthorizationCode
                        }
                    };

                    await manager.CreateAsync(descriptor);
                }
            }
        }
コード例 #18
0
        private async Task InitializeIdentityDbAsync(IServiceProvider services, CancellationToken cancellationToken)
        {
            using var scope = services.GetRequiredService <IServiceScopeFactory>().CreateScope();
            var manager = scope.ServiceProvider.GetRequiredService <OpenIddictApplicationManager <OpenIddictApplication> >();

            if (await manager.FindByClientIdAsync("SBSC.base", cancellationToken) == null)
            {
                var descriptor = new OpenIddictApplicationDescriptor
                {
                    ClientId     = "SBSC.base",
                    ClientSecret = "178e196b-04b5-40ff-b235-7ac541eed1c9",
                    DisplayName  = "SBSC base Api client",
                    Type         = OpenIddictConstants.ClientTypes.Hybrid,
                    Permissions  =
                    {
                        OpenIddictConstants.Permissions.Endpoints.Token,
                        OpenIddictConstants.Permissions.GrantTypes.Password,
                        OpenIddictConstants.Permissions.GrantTypes.RefreshToken,
                        OpenIddictConstants.Permissions.Scopes.Email,
                        OpenIddictConstants.Permissions.Scopes.Profile,
                        OpenIddictConstants.Permissions.Scopes.Roles
                    }
                };

                await manager.CreateAsync(descriptor, cancellationToken);
            }
        }
コード例 #19
0
    public async Task <string> Handle(Request request)
    {
        if (!await RegistrationIsEnabledOrNecessary())
        {
            throw new Exception("Application registration is disabled");
        }

        await _validator.GuardAsync(request);

        var existingApp = await _applicationManager.FindByClientIdAsync(request.ClientId !);

        if (existingApp != null)
        {
            throw new ValidationException(new[] { new ValidationFailure(nameof(request.ClientId), $"ClientId {request.ClientId} already exists") });
        }

        var application = new OpenIddictApplicationDescriptor
        {
            ClientId     = request.ClientId,
            ClientSecret = request.ClientSecret,
            DisplayName  = request.DisplayName,
            Permissions  =
            {
                OpenIddictConstants.Permissions.Endpoints.Token,
                OpenIddictConstants.Permissions.GrantTypes.ClientCredentials,
                OpenIddictConstants.Permissions.Prefixes.Scope + SecurityConstants.Scopes.AdminApiFullAccess
            },
        };

        await _applicationManager.CreateAsync(application);

        return($"Registered client {request.ClientId} successfully.");
    }
コード例 #20
0
        private async Task AddOpenIdConnectOptions(IConfiguration configuration)
        {
            if (await _openIddictApplicationManager.FindByClientIdAsync("cleanarchitecture") == null)
            {
                var host = configuration["HostUrl"].ToString();

                var descriptor = new OpenIddictApplicationDescriptor
                {
                    ClientId               = "cleanarchitecture",
                    DisplayName            = "CleanArchitecture",
                    PostLogoutRedirectUris = { new Uri($"{host}signout-oidc") },
                    RedirectUris           = { new Uri(host) },
                    Permissions            =
                    {
                        OpenIddictConstants.Permissions.Endpoints.Authorization,
                        OpenIddictConstants.Permissions.Endpoints.Token,
                        OpenIddictConstants.Permissions.GrantTypes.Implicit,
                        OpenIddictConstants.Permissions.GrantTypes.Password,
                        OpenIddictConstants.Permissions.GrantTypes.RefreshToken
                    }
                };

                await _openIddictApplicationManager.CreateAsync(descriptor);
            }
        }
コード例 #21
0
    private static async Task RegisterApplicationsAsync(IServiceProvider provider)
    {
        var manager = provider.GetRequiredService <IOpenIddictApplicationManager>();

        if (await manager.FindByClientIdAsync("spa_client") is null)
        {
            await manager.CreateAsync(new OpenIddictApplicationDescriptor
            {
                ClientId = "spa_client",
                // ClientSecret = "901564A5-E7FE-42CB-B10D-61EF6A8F3654",
                ConsentType            = ConsentTypes.Implicit,
                DisplayName            = "SPA Client Application",
                PostLogoutRedirectUris =
                {
                    new Uri("https://localhost:5001"),
                    new Uri("http://localhost:4200")
                },
                RedirectUris =
                {
                    new Uri("https://localhost:5001"),
                    new Uri("http://localhost:4200")
                },
                Permissions =
                {
                    Permissions.Endpoints.Authorization,
                    Permissions.Endpoints.Logout,
                    Permissions.Endpoints.Token,
                    Permissions.GrantTypes.AuthorizationCode,
                    Permissions.GrantTypes.RefreshToken,
                    Permissions.ResponseTypes.Code,
                    Permissions.Scopes.Email,
                    Permissions.Scopes.Profile,
                    Permissions.Scopes.Roles,
                    Permissions.Prefixes.Scope + "server_scope",
                    Permissions.Prefixes.Scope + "api_scope"
                },
                Requirements =
                {
                    Requirements.Features.ProofKeyForCodeExchange
                }
            });
        }

        if (await manager.FindByClientIdAsync("api_service") == null)
        {
            var descriptor = new OpenIddictApplicationDescriptor
            {
                ClientId     = "api_service",
                DisplayName  = "API Service",
                ClientSecret = "my-api-secret",
                Permissions  =
                {
                    Permissions.Endpoints.Introspection
                }
            };

            await manager.CreateAsync(descriptor);
        }
    }
コード例 #22
0
        public static OpenIddictApplicationDescriptor CopyClaims(this OpenIddictApplicationDescriptor application, IUser claims)
        {
            foreach (var group in claims.Claims.GroupBy(x => x.Type))
            {
                application.Properties[group.Key] = CreateParameter(group.Select(x => x.Value));
            }

            return(application);
        }
コード例 #23
0
        private async Task SeedAsync(IServiceProvider services, IFeatureCollection serverFeatures, CancellationToken cancellationToken)
        {
            // Create a new service scope to ensure the database context is correctly disposed when this methods returns.
            using (var scope = services.GetRequiredService <IServiceScopeFactory>().CreateScope())
            {
                var context = scope.ServiceProvider.GetRequiredService <ApplicationIdentityDbContext>();
                await context.Database.EnsureCreatedAsync();

                var manager = scope.ServiceProvider.GetRequiredService <OpenIddictApplicationManager <OpenIddictApplication> >();
                var url     = serverFeatures.Get <IServerAddressesFeature>();

                System.Console.WriteLine(url.Addresses.Count);

                /* var app = await manager.FindByClientIdAsync("mvc", cancellationToken);
                 *
                 * if (app != null)
                 * {
                 *  await manager.DeleteAsync(app, cancellationToken);
                 * } */

                if (await manager.FindByClientIdAsync("mvc", cancellationToken) == null)
                {
                    var application = new OpenIddictApplicationDescriptor
                    {
                        ClientId               = "mvc",
                        ClientSecret           = "916fb5e0-95b5-4d62-9341-bacba3044076",
                        DisplayName            = "MVC client application",
                        PostLogoutRedirectUris = { new Uri("http://localhost:5000/signout-callback-oidc") },
                        RedirectUris           = { new Uri("http://localhost:5000/signin-oidc") }
                    };

                    await manager.CreateAsync(application, cancellationToken);
                }

                // To test this sample with Postman, use the following settings:
                //
                // * Authorization URL: http://localhost:54540/connect/authorize
                // * Access token URL: http://localhost:54540/connect/token
                // * Client ID: postman
                // * Client secret: [blank] (not used with public clients)
                // * Scope: openid email profile roles
                // * Grant type: authorization code
                // * Request access token locally: yes
                if (await manager.FindByClientIdAsync("postman", cancellationToken) == null)
                {
                    var application = new OpenIddictApplicationDescriptor
                    {
                        ClientId     = "postman",
                        DisplayName  = "Postman",
                        RedirectUris = { new Uri("https://www.getpostman.com/oauth2/callback") }
                    };

                    await manager.CreateAsync(application, cancellationToken);
                }
            }
        }
コード例 #24
0
        private async Task InitializeAsync(IServiceProvider services)
        {
            // Create a new service scope to ensure the database context is correctly disposed when this methods returns.
            using (var scope = services.GetRequiredService <IServiceScopeFactory>().CreateScope())
            {
                var context = scope.ServiceProvider.GetRequiredService <ApplicationDbContext>();
                await context.Database.EnsureCreatedAsync();

                var manager = scope.ServiceProvider.GetRequiredService <OpenIddictApplicationManager <OpenIddictApplication> >();

                if (await manager.FindByClientIdAsync("MobileApp") == null)
                {
                    var descriptor = new OpenIddictApplicationDescriptor
                    {
                        ClientId               = "MobileApp",
                        ClientSecret           = "901564A5-E7FE-42CB-B10D-61EF6A8F3654",
                        DisplayName            = "Mobile client application",
                        PostLogoutRedirectUris = { new Uri("https://localhost:44342/signout-callback-oidc") },
                        RedirectUris           = { new Uri("https://localhost:44342/signin-oidc") },
                        Permissions            =
                        {
                            OpenIddictConstants.Permissions.Endpoints.Authorization,
                            OpenIddictConstants.Permissions.Endpoints.Logout,
                            OpenIddictConstants.Permissions.Endpoints.Token,
                            OpenIddictConstants.Permissions.GrantTypes.AuthorizationCode,
                            OpenIddictConstants.Permissions.GrantTypes.RefreshToken,
                        }
                    };

                    await manager.CreateAsync(descriptor);
                }

                if (await manager.FindByClientIdAsync("angular-app") == null)
                {
                    var descriptorTest = new OpenIddictApplicationDescriptor
                    {
                        ClientId               = "test-app",
                        DisplayName            = "Angular Application",
                        ClientSecret           = "901564A5-E7GE-42CB-B10D-61EF6A8F3654",
                        PostLogoutRedirectUris = { new Uri("https://oidcdebugger.com/debug") },
                        RedirectUris           = { new Uri("https://oidcdebugger.com/debug") },
                        Permissions            =
                        {
                            OpenIddictConstants.Permissions.Endpoints.Authorization,
                            OpenIddictConstants.Permissions.Endpoints.Logout,
                            OpenIddictConstants.Permissions.Endpoints.Token,
                            OpenIddictConstants.Permissions.GrantTypes.AuthorizationCode,
                            OpenIddictConstants.Permissions.GrantTypes.RefreshToken
                        }
                    };


                    await manager.CreateAsync(descriptorTest);
                }
            }
        }
コード例 #25
0
    public async override ValueTask PopulateAsync(OpenIddictApplicationDescriptor descriptor, OpenIddictApplicationModel application, CancellationToken cancellationToken = default)
    {
        await base.PopulateAsync(descriptor, application, cancellationToken);

        if (descriptor is AbpApplicationDescriptor model)
        {
            application.ClientUri = model.ClientUri;
            application.LogoUri   = model.LogoUri;
        }
    }
コード例 #26
0
        private async Task InitializeAsync(IServiceProvider services)
        {
            using (var scope = services.GetRequiredService <IServiceScopeFactory>().CreateScope())
            {
                var context = scope.ServiceProvider.GetRequiredService <AuthorizationDbContext>();
                await context.Database.EnsureCreatedAsync();

                await CreateApplicationsAsync();
                await CreateScopesAsync();

                async Task CreateApplicationsAsync()
                {
                    var manager = scope.ServiceProvider.GetRequiredService <OpenIddictApplicationManager <OpenIddictApplication> >();

                    if (await manager.FindByClientIdAsync("angular-app") == null)
                    {
                        var descriptor = new OpenIddictApplicationDescriptor
                        {
                            ClientId               = "angular-app",
                            DisplayName            = "Angular app client application",
                            PostLogoutRedirectUris = { new Uri("https://localhost:44382/bye") },
                            RedirectUris           = { new Uri("https://localhost:44382/auth-callback"), new Uri("https://localhost:44382/silentrefresh") },
                            Permissions            =
                            {
                                OpenIddictConstants.Permissions.Endpoints.Authorization,
                                OpenIddictConstants.Permissions.Endpoints.Logout,
                                OpenIddictConstants.Permissions.GrantTypes.Implicit,
                                OpenIddictConstants.Permissions.Scopes.Email,
                                OpenIddictConstants.Permissions.Scopes.Profile,
                                OpenIddictConstants.Permissions.Scopes.Roles,
                                OpenIddictConstants.Permissions.Prefixes.Scope + "api1"
                            }
                        };

                        await manager.CreateAsync(descriptor);
                    }
                }

                async Task CreateScopesAsync()
                {
                    var manager = scope.ServiceProvider.GetRequiredService <OpenIddictScopeManager <OpenIddictScope> >();

                    if (await manager.FindByNameAsync("api1") == null)
                    {
                        var descriptor = new OpenIddictScopeDescriptor
                        {
                            Name      = "api1",
                            Resources = { "resource-server-1" }
                        };

                        await manager.CreateAsync(descriptor);
                    }
                }
            }
        }
コード例 #27
0
        public async Task StartAsync(CancellationToken cancellationToken)
        {
            using var scope = _serviceProvider.CreateScope();

            var openIdDictManager = scope.ServiceProvider.GetRequiredService <OpenIddictApplicationManager <OpenIddictEntityFrameworkCoreApplication> >();
            var context           = scope.ServiceProvider.GetRequiredService <ApplicationDbContext>();
            await context.Database.EnsureCreatedAsync();

            var client = await openIdDictManager.FindByClientIdAsync("client1");

            if (client != null)
            {
                await openIdDictManager.DeleteAsync(client);
            }

            var clientDetails = new OpenIddictApplicationDescriptor
            {
                ClientId     = "client1",
                ClientSecret = "secret",
                RedirectUris = { new Uri("https://oidcdebugger.com/debug") },
                DisplayName  = "My client application",
                Permissions  =
                {
                    Permissions.Endpoints.Authorization,
                    Permissions.Endpoints.Token,
                    Permissions.GrantTypes.AuthorizationCode,
                    Permissions.GrantTypes.RefreshToken,
                    Permissions.ResponseTypes.Code
                }
            };
            await openIdDictManager.CreateAsync(clientDetails);

            var userManager = scope.ServiceProvider.GetRequiredService <UserManager <ApplicationUser> >();
            var testUser    = await userManager.FindByEmailAsync("test@localhost");

            if (testUser != null)
            {
                await userManager.DeleteAsync(testUser);
            }

            var newUser = new ApplicationUser()
            {
                Email           = "test@localhost",
                EmailConfirmed  = true,
                NormalizedEmail = "test@localhost",
                UserName        = "******"
            };
            var result = await userManager.CreateAsync(newUser, "Password123+");

            if (!result.Succeeded)
            {
                throw new Exception("Failed to create a test user.");
            }
        }
コード例 #28
0
        public static async Task InitializeAsync(IServiceProvider services, CancellationToken cancellationToken)
        {
            using (var scope = services.GetRequiredService <IServiceScopeFactory>().CreateScope())
            {
                var context = scope.ServiceProvider.GetRequiredService <MappedUserContext>();
                await context.Database.EnsureCreatedAsync(cancellationToken);
            }

            // Create a new service scope to ensure the database context is correctly disposed when this methods returns.
            using (var scope = services.GetRequiredService <IServiceScopeFactory>().CreateScope())
            {
                var context = scope.ServiceProvider.GetRequiredService <DbContext>();
                await context.Database.EnsureCreatedAsync(cancellationToken);

                var manager = scope.ServiceProvider.GetRequiredService <OpenIddictApplicationManager <OpenIddictApplication> >();

                //Copy and add other clients as needed
                //This is a sample, please manage this properly in the database :)
                if (await manager.FindByClientIdAsync("mvc", cancellationToken) == null)
                {
                    var descriptor = new OpenIddictApplicationDescriptor
                    {
                        ClientId               = "mvc",
                        ClientSecret           = "901564A5-E7FE-42CB-B10D-61EF6A8F3654",
                        DisplayName            = "MVC client application",
                        PostLogoutRedirectUris = { new Uri("http://localhost:53507/signout-callback-oidc") },
                        RedirectUris           = { new Uri("http://localhost:53507/signin-oidc") }
                    };

                    await manager.CreateAsync(descriptor, cancellationToken);
                }

                // To test this sample with Postman, use the following settings:
                //
                // * Authorization URL: http://localhost:62210/connect/authorize
                // * Access token URL: http://localhost:62210/connect/token
                // * Client ID: postman
                // * Client secret: [blank] (not used with public clients)
                // * Scope: openid email profile roles
                // * Grant type: authorization code
                // * Request access token locally: yes
                if (await manager.FindByClientIdAsync("postman", cancellationToken) == null)
                {
                    var descriptor = new OpenIddictApplicationDescriptor
                    {
                        ClientId     = "postman",
                        DisplayName  = "Postman",
                        RedirectUris = { new Uri("https://www.getpostman.com/oauth2/callback") }
                    };

                    await manager.CreateAsync(descriptor, cancellationToken);
                }
            }
        }
コード例 #29
0
        public static async Task RegisterOpenIddictClientApp(this IApplicationBuilder app, IHostingEnvironment env)
        {
            if (env.IsDevelopment())
            {
                // Create a new service scope to ensure the database context is correctly disposed when this methods returns.
                using (var scope = app.ApplicationServices.GetRequiredService <IServiceScopeFactory>().CreateScope())
                {
                    var context = scope.ServiceProvider.GetRequiredService <ApplicationDbContext>();
                    if (!context.AllMigrationsApplied())
                    {
                        //await context.Database.EnsureCreatedAsync();
                        await context.Database.MigrateAsync();
                    }

                    // Note: when using a custom entity or a custom key type, replace OpenIddictApplication by the appropriate type.
                    var manager = scope.ServiceProvider.GetRequiredService <OpenIddictApplicationManager <OpenIddictApplication> >();
                    CancellationToken cancellationToken = CancellationToken.None;

                    string clientIdentifier = Startup.Configuration["Auth:ClientId"];
                    if (await manager.FindByClientIdAsync(clientIdentifier, cancellationToken) == null)
                    {
                        string clientSecret = Startup.Configuration["Auth:ClientSecret"]; // "[client secret]";
                        string redirectUri  = Startup.Configuration["Auth:RedirectUrl"];  // "[redirect uri]";
                        var    descriptor   = new OpenIddictApplicationDescriptor
                        {
                            ClientId = clientIdentifier,
                            //ClientSecret = clientSecret.Sha256(),
                            RedirectUris = { new Uri(redirectUri) }
                        };

                        await manager.CreateAsync(descriptor, cancellationToken);
                    }

                    var userManager = scope.ServiceProvider.GetService <UserManager <ApplicationUser> >();
                    if (!userManager.Users.Any())
                    {
                        var user = new ApplicationUser()
                        {
                            UserName = "******"
                        };
                        var result = await userManager.CreateAsync(user, "12345");

                        if (result.Succeeded)
                        {
                            //user created
                        }
                        else
                        {
                            //failed
                        }
                    }
                }
            }
        }
コード例 #30
0
        public async Task <BTCPayOpenIdClient> RegisterOpenIdClient(OpenIddictApplicationDescriptor descriptor, string secret = null)
        {
            var openIddictApplicationManager = parent.PayTester.GetService <OpenIddictApplicationManager <BTCPayOpenIdClient> >();
            var client = new BTCPayOpenIdClient {
                ApplicationUserId = UserId
            };
            await openIddictApplicationManager.PopulateAsync(client, descriptor);

            await openIddictApplicationManager.CreateAsync(client, secret);

            return(client);
        }