public void Properties_Map() { var model = new Client() { Properties = { { "foo1", "bar1" }, { "foo2", "bar2" }, } }; var mappedEntity = model.ToEntity(); mappedEntity.Properties.Count.Should().Be(2); var foo1 = mappedEntity.Properties.FirstOrDefault(x => x.Key == "foo1"); foo1.Should().NotBeNull(); foo1.Value.Should().Be("bar1"); var foo2 = mappedEntity.Properties.FirstOrDefault(x => x.Key == "foo2"); foo2.Should().NotBeNull(); foo2.Value.Should().Be("bar2"); var mappedModel = mappedEntity.ToModel(); mappedModel.Properties.Count.Should().Be(2); mappedModel.Properties.ContainsKey("foo1").Should().BeTrue(); mappedModel.Properties.ContainsKey("foo2").Should().BeTrue(); mappedModel.Properties["foo1"].Should().Be("bar1"); mappedModel.Properties["foo2"].Should().Be("bar2"); }
public void Can_Map() { var model = new Client(); var mappedEntity = model.ToEntity(); var mappedModel = mappedEntity.ToModel(); Assert.NotNull(mappedModel); Assert.NotNull(mappedEntity); }
public async Task CreateAsync(CreateClientModel model) { var client = new Duende.IdentityServer.Models.Client(); client.ClientId = model.ClientId.Trim(); client.ClientName = model.Name?.Trim(); if (model.Flow == Flow.ClientCredentials) { client.AllowedGrantTypes = GrantTypes.ClientCredentials; } else { client.AllowedGrantTypes = GrantTypes.Code; } _context.Clients.Add(client.ToEntity()); await _context.SaveChangesAsync(); }
public void missing_values_should_use_defaults() { var entity = new Duende.IdentityServer.EntityFramework.Entities.Client { ClientSecrets = new System.Collections.Generic.List <Duende.IdentityServer.EntityFramework.Entities.ClientSecret> { new Duende.IdentityServer.EntityFramework.Entities.ClientSecret { } } }; var def = new Client { ClientSecrets = { new Duende.IdentityServer.Models.Secret("foo") } }; var model = entity.ToModel(); model.ProtocolType.Should().Be(def.ProtocolType); model.ClientSecrets.First().Type.Should().Be(def.ClientSecrets.First().Type); }
private static void SeedClientGrantType(IAdminStore <Entity.ClientGrantType> clientGrantTypeStore, ISModels.Client client) { foreach (var grantType in client.AllowedGrantTypes) { try { clientGrantTypeStore.CreateAsync(new Entity.ClientGrantType { ClientId = client.ClientId, GrantType = grantType, Id = Guid.NewGuid().ToString() }).GetAwaiter().GetResult(); } catch (ArgumentException) { // silent } } }
private static void SeedClientClaims(IAdminStore <Entity.ClientClaim> clientClaimStore, ISModels.Client client) { foreach (var claim in client.Claims) { try { clientClaimStore.CreateAsync(new Entity.ClientClaim { ClientId = client.ClientId, Id = Guid.NewGuid().ToString(), Type = claim.Type, Value = claim.Value }).GetAwaiter().GetResult(); } catch (ArgumentException) { // silent } } }
private static void SeedClientSecrets(IAdminStore <Entity.ClientSecret> clientSecretStore, ISModels.Client client) { foreach (var secret in client.ClientSecrets) { try { clientSecretStore.CreateAsync(new Entity.ClientSecret { ClientId = client.ClientId, Description = secret.Description, Expiration = secret.Expiration, Id = Guid.NewGuid().ToString(), Type = secret.Type, Value = secret.Value }).GetAwaiter().GetResult(); } catch (ArgumentException) { // silent } } }
private static void SeedClientRestrictions(IAdminStore <Entity.ClientIdpRestriction> clientIdpRestrictionStore, ISModels.Client client) { foreach (var restriction in client.IdentityProviderRestrictions) { try { clientIdpRestrictionStore.CreateAsync(new Entity.ClientIdpRestriction { ClientId = client.ClientId, Id = Guid.NewGuid().ToString(), Provider = restriction }).GetAwaiter().GetResult(); } catch (ArgumentException) { // silent } } }
private static void SeedClientProperties(IAdminStore <Entity.ClientProperty> clientPropertyStore, ISModels.Client client) { foreach (var property in client.Properties) { try { clientPropertyStore.CreateAsync(new Entity.ClientProperty { ClientId = client.ClientId, Id = Guid.NewGuid().ToString(), Key = property.Key, Value = property.Value }).GetAwaiter().GetResult(); } catch (ArgumentException) { // silent } } }
private static void SeedClientUris(IAdminStore <Entity.ClientUri> clientUriStore, ISModels.Client client) { var uris = client.RedirectUris.Select(o => new Entity.ClientUri { Id = Guid.NewGuid().ToString(), ClientId = client.ClientId, Uri = o }).ToList(); foreach (var origin in client.AllowedCorsOrigins) { var cors = new Uri(origin); var uri = uris.FirstOrDefault(u => cors.CorsMatch(u.Uri)); var corsUri = new Uri(origin); var sanetized = $"{corsUri.Scheme.ToUpperInvariant()}://{corsUri.Host.ToUpperInvariant()}:{corsUri.Port}"; if (uri == null) { uris.Add(new Entity.ClientUri { Id = Guid.NewGuid().ToString(), ClientId = client.ClientId, Uri = origin, Kind = Entity.UriKinds.Cors, SanetizedCorsUri = sanetized }); continue; } uri.SanetizedCorsUri = sanetized; uri.Kind = Entity.UriKinds.Redirect | Entity.UriKinds.Cors; } foreach (var postLogout in client.PostLogoutRedirectUris) { var uri = uris.FirstOrDefault(u => u.Uri == postLogout); if (uri == null) { uris.Add(new Entity.ClientUri { Id = Guid.NewGuid().ToString(), ClientId = client.ClientId, Uri = postLogout, Kind = Entity.UriKinds.PostLogout }); continue; } uri.Kind |= Entity.UriKinds.Redirect; } foreach (var uri in uris) { try { clientUriStore.CreateAsync(uri).GetAwaiter().GetResult(); } catch (ArgumentException) { // silent } } }
public static Duende.IdentityServer.Models.Client ToDuende(this IdentityServer3.EntityFramework.Entities.Client client) { if (client == null) { return(null); } var mappedClient = new Duende.IdentityServer.Models.Client(); mappedClient.AbsoluteRefreshTokenLifetime = client.AbsoluteRefreshTokenLifetime; mappedClient.AccessTokenLifetime = client.AccessTokenLifetime; mappedClient.AccessTokenType = client.AccessTokenType == AccessTokenType.Jwt ? Duende.IdentityServer.Models.AccessTokenType.Jwt : Duende.IdentityServer.Models.AccessTokenType.Reference; mappedClient.AllowAccessTokensViaBrowser = client.AllowAccessTokensViaBrowser; mappedClient.AllowOfflineAccess = client.AllowedScopes != null && client.AllowedScopes.Any(x => x.Scope == "offline_access"); mappedClient.AllowPlainTextPkce = false; // not an option in IdentityServer 3 mappedClient.AllowRememberConsent = client.AllowRememberConsent; mappedClient.AllowedCorsOrigins = client.AllowedCorsOrigins?.Select(x => x.Origin).ToList(); mappedClient.AllowedGrantTypes = client.Flow.ToGrantTypes(); mappedClient.AlwaysIncludeUserClaimsInIdToken = false; // not an option per client in IdentityServer 3 mappedClient.AlwaysSendClientClaims = client.AlwaysSendClientClaims; mappedClient.AuthorizationCodeLifetime = client.AuthorizationCodeLifetime; mappedClient.Claims = client.Claims?.Select(x => new ClientClaim(x.Type, x.Value)).ToList(); mappedClient.ClientName = client.ClientName; mappedClient.ClientId = client.ClientId; mappedClient.ClientClaimsPrefix = client.PrefixClientClaims ? "client_" : null; mappedClient.ClientSecrets = client.ClientSecrets?.Select(x => x.ToDuende()).ToList(); mappedClient.ClientUri = client.ClientUri; mappedClient.Enabled = client.Enabled; mappedClient.EnableLocalLogin = client.EnableLocalLogin; mappedClient.FrontChannelLogoutSessionRequired = client.LogoutSessionRequired; mappedClient.FrontChannelLogoutUri = client.LogoutUri; mappedClient.IdentityProviderRestrictions = client.IdentityProviderRestrictions?.Select(x => x.Provider).ToList(); mappedClient.IdentityTokenLifetime = client.IdentityTokenLifetime; mappedClient.IncludeJwtId = client.IncludeJwtId; mappedClient.LogoUri = client.LogoUri; mappedClient.PostLogoutRedirectUris = client.PostLogoutRedirectUris?.Select(x => x.Uri).ToList(); mappedClient.ProtocolType = IdentityServerConstants.ProtocolTypes.OpenIdConnect; mappedClient.RedirectUris = client.RedirectUris?.Select(x => x.Uri).ToList(); mappedClient.RefreshTokenExpiration = client.RefreshTokenExpiration == IdentityServer3.Core.Models.TokenExpiration.Absolute ? Duende.IdentityServer.Models.TokenExpiration.Absolute : Duende.IdentityServer.Models.TokenExpiration.Sliding; mappedClient.RefreshTokenUsage = client.RefreshTokenUsage == IdentityServer3.Core.Models.TokenUsage.OneTimeOnly ? Duende.IdentityServer.Models.TokenUsage.OneTimeOnly : Duende.IdentityServer.Models.TokenUsage.ReUse; mappedClient.RequireClientSecret = true; // not an option in IdentityServer 3 mappedClient.RequireConsent = client.RequireConsent; mappedClient.RequirePkce = client.Flow == Flows.AuthorizationCodeWithProofKey || client.Flow == Flows.HybridWithProofKey; mappedClient.SlidingRefreshTokenLifetime = client.SlidingRefreshTokenLifetime; mappedClient.UpdateAccessTokenClaimsOnRefresh = client.UpdateAccessTokenOnRefresh; mappedClient.AllowedScopes = client.AllowedScopes?.Select(x => x.Scope).ToList(); mappedClient.AllowedScopes?.Remove("offline_access"); if (client.Flow == Flows.Custom && client.AllowedCustomGrantTypes != null && client.AllowedCustomGrantTypes.Any()) { mappedClient.AllowedGrantTypes = client.AllowedCustomGrantTypes?.Select(x => x.GrantType).ToList(); } return(mappedClient); }