private async Task <ProcessConsentResult> ProcessConsent(ConsentInputModel model)
{
var result = new ProcessConsentResult();
var request = await _interactionService.GetAuthorizationContextAsync(model.ReturnUrl);
if (request == null)
{
return(result);
}
ConsentResponse grantedConsent = null;
switch (model.Button)
{
case "no":
{
grantedConsent = ConsentResponse.Denied;
await _eventService.RaiseAsync(new ConsentDeniedEvent(User.GetSubjectId(), result.ClientId, request.ScopesRequested));
break;
}
case "yes":
{
if (model.ScopesConsented != null && model.ScopesConsented.Any())
{
var scopes = model.ScopesConsented;
if (ConsentOptions.EnableOfflineAccess == false)
{
scopes = scopes.Where(x => x != IdentityServerConstants.StandardScopes.OfflineAccess);
}
grantedConsent = new ConsentResponse
{
RememberConsent = model.RememberConsent,
ScopesConsented = scopes.ToArray()
};
await _eventService.RaiseAsync(new ConsentGrantedEvent(User.GetSubjectId(), request.ClientId,
request.ScopesRequested, grantedConsent.ScopesConsented, grantedConsent.RememberConsent));
}
else
{
result.ValidationError = ConsentOptions.MustChooseOneErrorMessage;
}
break;
}
default:
{
result.ValidationError = ConsentOptions.InvalidSelectionErrorMessage;
break;
}
}
if (grantedConsent != null)
{
await _interactionService.GrantConsentAsync(request, grantedConsent);
result.RedirectUri = model.ReturnUrl;
result.ClientId = request.ClientId;
}
else
{
result.ViewModel = await BuildViewModelAsync(model.ReturnUrl, model);
}
return(result);
}
/*****************************************/
/* helper APIs for the ConsentController */
/*****************************************/
private async Task <ProcessConsentResult> ProcessConsent(ConsentInputModel model)
{
var result = new ProcessConsentResult();
// validate return url is still valid
var request = await _interaction.GetAuthorizationContextAsync(model.ReturnUrl);
if (request == null)
{
return(result);
}
ConsentResponse grantedConsent = null;
// user clicked 'no' - send back the standard 'access_denied' response
if (model?.Button == "no")
{
grantedConsent = ConsentResponse.Denied;
// emit event
await _events.RaiseAsync(new ConsentDeniedEvent(User.GetSubjectId(), request.ClientId, request.ScopesRequested));
}
// user clicked 'yes' - validate the data
else if (model?.Button == "yes")
{
// if the user consented to some scope, build the response model
if (model.ScopesConsented != null && model.ScopesConsented.Any())
{
var scopes = model.ScopesConsented;
if (ConsentOptions.EnableOfflineAccess == false)
{
scopes = scopes.Where(x => x != IdentityServer4.IdentityServerConstants.StandardScopes.OfflineAccess);
}
grantedConsent = new ConsentResponse
{
RememberConsent = model.RememberConsent,
ScopesConsented = scopes.ToArray()
};
// emit event
await _events.RaiseAsync(new ConsentGrantedEvent(User.GetSubjectId(), request.ClientId, request.ScopesRequested, grantedConsent.ScopesConsented, grantedConsent.RememberConsent));
}
else
{
result.ValidationError = ConsentOptions.MustChooseOneErrorMessage;
}
}
else
{
result.ValidationError = ConsentOptions.InvalidSelectionErrorMessage;
}
if (grantedConsent != null)
{
// communicate outcome of consent back to identityserver
await _interaction.GrantConsentAsync(request, grantedConsent);
// indicate that's it ok to redirect back to authorization endpoint
result.RedirectUri = model.ReturnUrl;
result.ClientId = request.ClientId;
}
else
{
// we need to redisplay the consent UI
result.ViewModel = await BuildViewModelAsync(model.ReturnUrl, model);
}
return(result);
}
/*****************************************/
/* helper APIs for the ConsentController */
/*****************************************/
private async Task <ProcessConsentResult> ProcessConsent(ConsentInputModel model)
{
var result = new ProcessConsentResult();
ConsentResponse grantedConsent = null;
switch (model.Button)
{
// user clicked 'no' - send back the standard 'access_denied' response
// user clicked 'yes' - validate the data
case "no":
grantedConsent = ConsentResponse.Denied;
;
break;
case "yes" when model != null:
{
// if the user consented to some scope, build the response model
if (model.ScopesConsented != null && model.ScopesConsented.Any())
{
var scopes = model.ScopesConsented;
if (ConsentOptions.EnableOfflineAccess == false)
{
scopes = scopes.Where(x =>
x != IdentityServer4.IdentityServerConstants.StandardScopes.OfflineAccess);
}
grantedConsent = new ConsentResponse {
RememberConsent = model.RememberConsent,
ScopesConsented = scopes.ToArray()
};
}
else
{
result.ValidationError = ConsentOptions.MustChooseOneErrorMessage;
}
break;
}
default:
result.ValidationError = ConsentOptions.InvalidSelectionErrorMessage;
break;
}
if (grantedConsent != null)
{
// validate return url is still valid
var request = await this._interaction.GetAuthorizationContextAsync(model.ReturnUrl);
if (request == null)
{
return(result);
}
// communicate outcome of consent back to identityserver
await this._interaction.GrantConsentAsync(request, grantedConsent);
// indicate that's it ok to redirect back to authorization endpoint
result.RedirectUri = model.ReturnUrl;
}
else
{
// we need to redisplay the consent UI
result.ViewModel = await this.BuildViewModelAsync(model.ReturnUrl, model);
}
return(result);
}