/*****************************************/ /* helper APIs for the ConsentController */ /*****************************************/ private async Task <ProcessConsentResult> ProcessConsent(ConsentInputModel model) { var result = new ProcessConsentResult(); // validate return url is still valid var request = await _interaction.GetAuthorizationContextAsync(model.ReturnUrl); if (request == null) { return(result); } ConsentResponse grantedConsent = null; // user clicked 'no' - send back the standard 'access_denied' response if (model?.Button == "no") { grantedConsent = ConsentResponse.Denied; // emit event await _events.RaiseAsync(new ConsentDeniedEvent (User.GetSubjectId(), request.ClientId, request.ScopesRequested)); } // user clicked 'yes' - validate the data else if (model?.Button == "yes") { // if the user consented to some scope, build the response model if (model.ScopesConsented != null && model.ScopesConsented.Any()) { var scopes = model.ScopesConsented; if (ConsentOptions.EnableOfflineAccess == false) { scopes = scopes.Where(x => x != IdentityServer4.IdentityServerConstants.StandardScopes.OfflineAccess); } grantedConsent = new ConsentResponse { RememberConsent = model.RememberConsent, ScopesConsented = scopes.ToArray() }; // emit event await _events.RaiseAsync(new ConsentGrantedEvent (User.GetSubjectId(), request.ClientId, request.ScopesRequested, grantedConsent.ScopesConsented, grantedConsent.RememberConsent)); } else { result.ValidationError = ConsentOptions.MustChooseOneErrorMessage; } } else { result.ValidationError = ConsentOptions.InvalidSelectionErrorMessage; } if (grantedConsent != null) { // communicate outcome of consent back to identityserver await _interaction.GrantConsentAsync(request, grantedConsent); // indicate that's it ok to redirect back to authorization endpoint result.RedirectUri = model.ReturnUrl; result.ClientId = request.ClientId; } else { // we need to redisplay the consent UI result.ViewModel = await BuildViewModelAsync(model.ReturnUrl, model); } return(result); }
private async Task <ProcessConsentResult> ProcessConsent(ConsentInputModel model) { var result = new ProcessConsentResult(); // 验证URL是否有效 var request = await _interaction.GetAuthorizationContextAsync(model.ReturnUrl); if (request == null) { return(result); } ConsentResponse grantedConsent = null; if (model.Button == "no") { grantedConsent = ConsentResponse.Denied; } else if (model.Button == "yes") { if (model.ScopesConsented != null && model.ScopesConsented.Any()) { var scopes = model.ScopesConsented.ToList(); //获取所有 var identitResource = await _resourceStore.FindIdentityResourcesByScopeAsync(request.ScopesRequested); //if (identitResource != null && identitResource.Any()) //{ // //获取不显示在界面,但是必须项Required的 // identitResource.Where(i => !i.ShowInDiscoveryDocument && i.Required).ToList() // .ForEach(f => { scopes.Add(f.Name); }); //} //if (ConsentOptions.EnableOfflineAccess == false) //{ // scopes = scopes.Where(x => x != IdentityServer4.IdentityServerConstants.StandardScopes.OfflineAccess); //} grantedConsent = new ConsentResponse { RememberConsent = model.RememberConsent, ScopesConsented = scopes.ToArray() }; } else { result.ValidationError = ConsentOptions.MustChooseOneErrorMessage; } } else { result.ValidationError = ConsentOptions.InvalidSelectionErrorMessage; } if (grantedConsent != null) { // 把同意的结果发送给 identityserver await _interaction.GrantConsentAsync(request, grantedConsent); // indicate that's it ok to redirect back to authorization endpoint result.RedirectUri = model.ReturnUrl; //var ck = new Uri(model.ReturnUrl); //result.RedirectUri = "http://localhost:5006/"; result.ClientId = request.ClientId; var id = _configurationDbContext.Clients.ToList().Find(f => f.ClientId == request.ClientId).Id; var entity = _applicationDbContext.applicationUseAuthorizations.FirstOrDefault(_ => _.ClientId == id); ////判断是否授权过 //if (entity != null && !entity.Enabled) //{ // entity.Enabled = true; // _applicationDbContext.Update(entity); // _applicationDbContext.SaveChanges(); //} //else //{ // //给用户添加第三方授权信息 // await _applicationDbContext.AddAsync(new ApplicationUseAuthorization // { // ClientId = id, // Enabled = true // }); // ////给用户添加第三方授权信息 // //_applicationDbContext.applicationUseAuthorizations.Add(new ApplicationUseAuthorization // //{ // // ClientId = id, // // Enabled = true // //}); // //_applicationDbContext.SaveChanges(); //} } else { // we need to redisplay the consent UI result.ViewModel = await BuildViewModelAsync(model.ReturnUrl, model); } return(result); }