public async Task <IdentityServiceResult> ValidateScopeAsync( ApplicationManager <TApplication> manager, TApplication application, string scope) { var errors = new List <IdentityServiceError>(); if (string.IsNullOrWhiteSpace(scope)) { errors.Add(ErrorDescriber.InvalidScope(scope)); } else if (!string.IsNullOrEmpty(manager.Options.AllowedScopeCharacters) && scope.Any(c => !manager.Options.AllowedScopeCharacters.Contains(c))) { errors.Add(ErrorDescriber.InvalidScope(scope)); } else if (manager.Options.MaxScopeLength.HasValue && scope.Length > manager.Options.MaxScopeLength) { errors.Add(ErrorDescriber.InvalidScope(scope)); } else { var scopes = await manager.FindScopesAsync(application); if (scopes != null && scopes.Contains(scope, StringComparer.OrdinalIgnoreCase)) { errors.Add(ErrorDescriber.DuplicateScope(scope)); } } return(errors.Count > 0 ? IdentityServiceResult.Failed(errors.ToArray()) : IdentityServiceResult.Success); }
public async Task <IdentityServiceResult> UpdateScopeAsync(TApplication application, string oldScope, string newScope) { var scopeStore = GetScopeStore(); var scope = await FindScopeAsync(application, oldScope); if (scope == null) { return(IdentityServiceResult.Failed(ErrorDescriber.ScopeNotFound(oldScope))); } var validation = await ValidateScopeAsync(application, newScope); if (!validation.Succeeded) { return(validation); } var result = await scopeStore.UpdateScopeAsync(application, oldScope, newScope, CancellationToken); if (!result.Succeeded) { return(result); } return(await scopeStore.UpdateAsync(application, CancellationToken)); }
public async Task <IdentityServiceResult> UnregisterLogoutUriAsync(TApplication application, string logoutUri) { ThrowIfDisposed(); if (application == null) { throw new ArgumentNullException(nameof(application)); } if (logoutUri == null) { throw new ArgumentNullException(nameof(logoutUri)); } var redirectStore = GetRedirectUriStore(); var registeredUri = await FindRegisteredLogoutUriAsync(application, logoutUri); if (registeredUri == null) { return(IdentityServiceResult.Failed(ErrorDescriber.LogoutUriNotFound(logoutUri))); } var result = await redirectStore.UnregisterLogoutRedirectUriAsync(application, logoutUri, CancellationToken); if (!result.Succeeded) { return(result); } return(await redirectStore.UpdateAsync(application, CancellationToken)); }
public async Task <IdentityServiceResult> UpdateRedirectUriAsync(TApplication application, string oldRedirectUri, string newRedirectUri) { var redirectStore = GetRedirectUriStore(); var registeredUri = await FindRegisteredUriAsync(application, oldRedirectUri); if (registeredUri == null) { return(IdentityServiceResult.Failed(ErrorDescriber.RedirectUriNotFound(oldRedirectUri))); } var validation = await ValidateRedirectUriAsync(application, newRedirectUri); if (!validation.Succeeded) { return(validation); } var result = await redirectStore.UpdateRedirectUriAsync(application, oldRedirectUri, newRedirectUri, CancellationToken); if (!result.Succeeded) { return(result); } return(await redirectStore.UpdateAsync(application, CancellationToken)); }
public async Task <IdentityServiceResult> AddClientSecretAsync(TApplication application, string clientSecret) { ThrowIfDisposed(); var store = GetClientSecretStore(); if (application == null) { throw new ArgumentNullException(nameof(application)); } var hash = await store.GetClientSecretHashAsync(application, CancellationToken); if (hash != null) { return(IdentityServiceResult.Failed(ErrorDescriber.ApplicationAlreadyHasClientSecret())); } var result = await UpdateClientSecretHashAsync(store, application, clientSecret); if (!result.Succeeded) { return(result); } return(await UpdateAsync(application)); }
public async Task <IdentityServiceResult> ValidateAsync( ApplicationManager <TApplication> manager, TApplication application) { var errors = new List <IdentityServiceError>(); await ValidateNameAsync(manager, application, errors); await ValidateClientIdAsync(manager, application, errors); return(errors.Count > 0 ? IdentityServiceResult.Failed(errors.ToArray()) : IdentityServiceResult.Success); }
public static IdentityServiceResult Failed(params IdentityServiceError[] errors) { var result = new IdentityServiceResult { Succeeded = false }; if (errors != null) { result._errors.AddRange(errors); } return(result); }
public async Task <IdentityServiceResult> ValidateRedirectUriAsync( ApplicationManager <TApplication> manager, TApplication application, string redirectUri) { var errors = new List <IdentityServiceError>(); var redirectUris = await manager.FindRegisteredUrisAsync(application); if (redirectUris.Contains(redirectUri, StringComparer.OrdinalIgnoreCase)) { errors.Add(ErrorDescriber.DuplicateRedirectUri(redirectUri)); } if (!manager.Options.AllowedRedirectUris.Contains(redirectUri, StringComparer.OrdinalIgnoreCase)) { if (!Uri.TryCreate(redirectUri, UriKind.Absolute, out var parsedUri)) { errors.Add(ErrorDescriber.InvalidRedirectUri(redirectUri)); } else { if (!parsedUri.Scheme.Equals("https", StringComparison.OrdinalIgnoreCase)) { errors.Add(ErrorDescriber.NoHttpsUri(redirectUri)); } var logoutUris = await manager.FindRegisteredUrisAsync(application); var regularLogoutUris = logoutUris.Except(manager.Options.AllowedLogoutUris, StringComparer.Ordinal); var regularRedirectUris = redirectUris.Except(manager.Options.AllowedRedirectUris, StringComparer.Ordinal); var allApplicationUris = regularRedirectUris.Concat(regularLogoutUris); foreach (var nonSpecialUri in allApplicationUris) { var existingUri = new Uri(nonSpecialUri, UriKind.Absolute); if (!parsedUri.Host.Equals(existingUri.Host, StringComparison.OrdinalIgnoreCase)) { errors.Add(ErrorDescriber.DifferentDomains()); break; } } } } return(errors.Count > 0 ? IdentityServiceResult.Failed(errors.ToArray()) : IdentityServiceResult.Success); }
public async Task <IdentityServiceResult> RemoveScopeAsync(TApplication application, string scope) { var scopeStore = GetScopeStore(); var foundScope = await FindScopeAsync(application, scope); if (foundScope == null) { return(IdentityServiceResult.Failed(ErrorDescriber.ScopeNotFound(scope))); } var result = await scopeStore.RemoveScopeAsync(application, scope, CancellationToken); if (!result.Succeeded) { return(result); } return(await scopeStore.UpdateAsync(application, CancellationToken)); }
private async Task <IdentityServiceResult> ValidateApplicationAsync(TApplication application) { var errors = new List <IdentityServiceError>(); foreach (var v in ApplicationValidators) { var result = await v.ValidateAsync(this, application); if (!result.Succeeded) { errors.AddRange(result.Errors); } } if (errors.Count > 0) { return(IdentityServiceResult.Failed(errors.ToArray())); } return(IdentityServiceResult.Success); }