/*****************************************/
/* helper APIs for the ConsentController */
/*****************************************/
private async Task <ProcessConsentResult> ProcessConsent(ConsentInputModel model)
{
var result = new ProcessConsentResult();
// validate return url is still valid
var request = await _interaction.GetAuthorizationContextAsync(model.ReturnUrl);
if (request == null)
{
return(result);
}
ConsentResponse grantedConsent = null;
// user clicked 'no' - send back the standard 'access_denied' response
if (model?.Button == "no")
{
grantedConsent = ConsentResponse.Denied;
// emit event
await _events.RaiseAsync(new ConsentDeniedEvent (User.GetSubjectId(), request.ClientId, request.ScopesRequested));
}
// user clicked 'yes' - validate the data
else if (model?.Button == "yes")
{
// if the user consented to some scope, build the response model
if (model.ScopesConsented != null && model.ScopesConsented.Any())
{
var scopes = model.ScopesConsented;
if (ConsentOptions.EnableOfflineAccess == false)
{
scopes = scopes.Where(x => x != IdentityServer4.IdentityServerConstants.StandardScopes.OfflineAccess);
}
grantedConsent = new ConsentResponse {
RememberConsent = model.RememberConsent,
ScopesConsented = scopes.ToArray()
};
// emit event
await _events.RaiseAsync(new ConsentGrantedEvent (User.GetSubjectId(), request.ClientId, request.ScopesRequested, grantedConsent.ScopesConsented, grantedConsent.RememberConsent));
}
else
{
result.ValidationError = ConsentOptions.MustChooseOneErrorMessage;
}
}
else
{
result.ValidationError = ConsentOptions.InvalidSelectionErrorMessage;
}
if (grantedConsent != null)
{
// communicate outcome of consent back to identityserver
await _interaction.GrantConsentAsync(request, grantedConsent);
// indicate that's it ok to redirect back to authorization endpoint
result.RedirectUri = model.ReturnUrl;
result.ClientId = request.ClientId;
}
else
{
// we need to redisplay the consent UI
result.ViewModel = await BuildViewModelAsync(model.ReturnUrl, model);
}
return(result);
}
private async Task <ProcessConsentResult> ProcessConsent(ConsentInputModel model)
{
var result = new ProcessConsentResult();
// 验证URL是否有效
var request = await _interaction.GetAuthorizationContextAsync(model.ReturnUrl);
if (request == null)
{
return(result);
}
ConsentResponse grantedConsent = null;
if (model.Button == "no")
{
grantedConsent = ConsentResponse.Denied;
}
else if (model.Button == "yes")
{
if (model.ScopesConsented != null && model.ScopesConsented.Any())
{
var scopes = model.ScopesConsented.ToList();
//获取所有
var identitResource = await _resourceStore.FindIdentityResourcesByScopeAsync(request.ScopesRequested);
//if (identitResource != null && identitResource.Any())
//{
// //获取不显示在界面,但是必须项Required的
// identitResource.Where(i => !i.ShowInDiscoveryDocument && i.Required).ToList()
// .ForEach(f => { scopes.Add(f.Name); });
//}
//if (ConsentOptions.EnableOfflineAccess == false)
//{
// scopes = scopes.Where(x => x != IdentityServer4.IdentityServerConstants.StandardScopes.OfflineAccess);
//}
grantedConsent = new ConsentResponse
{
RememberConsent = model.RememberConsent,
ScopesConsented = scopes.ToArray()
};
}
else
{
result.ValidationError = ConsentOptions.MustChooseOneErrorMessage;
}
}
else
{
result.ValidationError = ConsentOptions.InvalidSelectionErrorMessage;
}
if (grantedConsent != null)
{
// 把同意的结果发送给 identityserver
await _interaction.GrantConsentAsync(request, grantedConsent);
// indicate that's it ok to redirect back to authorization endpoint
result.RedirectUri = model.ReturnUrl;
//var ck = new Uri(model.ReturnUrl);
//result.RedirectUri = "http://localhost:5006/";
result.ClientId = request.ClientId;
var id = _configurationDbContext.Clients.ToList().Find(f => f.ClientId == request.ClientId).Id;
var entity = _applicationDbContext.applicationUseAuthorizations.FirstOrDefault(_ => _.ClientId == id);
////判断是否授权过
//if (entity != null && !entity.Enabled)
//{
// entity.Enabled = true;
// _applicationDbContext.Update(entity);
// _applicationDbContext.SaveChanges();
//}
//else
//{
// //给用户添加第三方授权信息
// await _applicationDbContext.AddAsync(new ApplicationUseAuthorization
// {
// ClientId = id,
// Enabled = true
// });
// ////给用户添加第三方授权信息
// //_applicationDbContext.applicationUseAuthorizations.Add(new ApplicationUseAuthorization
// //{
// // ClientId = id,
// // Enabled = true
// //});
// //_applicationDbContext.SaveChanges();
//}
}
else
{
// we need to redisplay the consent UI
result.ViewModel = await BuildViewModelAsync(model.ReturnUrl, model);
}
return(result);
}
