public async Task GetAllResources_WhenAllResourcesRequested_ExpectAllResourcesIncludingHidden(DbContextOptions <ConfigurationDbContext> options)
{
var visibleIdentityResource = CreateIdentityTestResource();
var visibleApiResource = CreateApiResourceTestResource();
var visibleApiScope = CreateApiScopeTestResource();
var hiddenIdentityResource = new IdentityResource {
Name = Guid.NewGuid().ToString(), ShowInDiscoveryDocument = false
};
var hiddenApiResource = new ApiResource
{
Name = Guid.NewGuid().ToString(),
Scopes = { Guid.NewGuid().ToString() },
ShowInDiscoveryDocument = false
};
var hiddenApiScope = new ApiScope
{
Name = Guid.NewGuid().ToString(),
ShowInDiscoveryDocument = false
};
using (var context = new ConfigurationDbContext(options))
{
context.IdentityResources.Add(visibleIdentityResource.ToEntity());
context.ApiResources.Add(visibleApiResource.ToEntity());
context.ApiScopes.Add(visibleApiScope.ToEntity());
context.IdentityResources.Add(hiddenIdentityResource.ToEntity());
context.ApiResources.Add(hiddenApiResource.ToEntity());
context.ApiScopes.Add(hiddenApiScope.ToEntity());
context.SaveChanges();
}
Resources resources;
using (var context = new ConfigurationDbContext(options))
{
var store = new ResourceStore(context, FakeLogger <ResourceStore> .Create(), new NoneCancellationTokenProvider());
resources = await store.GetAllResourcesAsync();
}
Assert.NotNull(resources);
Assert.NotEmpty(resources.IdentityResources);
Assert.NotEmpty(resources.ApiResources);
Assert.NotEmpty(resources.ApiScopes);
Assert.Contains(resources.IdentityResources, x => x.Name == visibleIdentityResource.Name);
Assert.Contains(resources.IdentityResources, x => x.Name == hiddenIdentityResource.Name);
Assert.Contains(resources.ApiResources, x => x.Name == visibleApiResource.Name);
Assert.Contains(resources.ApiResources, x => x.Name == hiddenApiResource.Name);
Assert.Contains(resources.ApiScopes, x => x.Name == visibleApiScope.Name);
Assert.Contains(resources.ApiScopes, x => x.Name == hiddenApiScope.Name);
}
ScopeViewModel CreateScopeViewModel(ApiScope scope)
{
return(new ScopeViewModel
{
Name = scope.Name,
DisplayName = scope.DisplayName,
Description = scope.Description,
Emphasize = scope.Emphasize,
Required = scope.Required,
});
}
public async Task <ResultResponseDto> AddAsync(ApiResourceAddRequestDto dto)
{
var result = dto.ValidResult();
if (!result.Success)
{
return(Result.ReFailure <ResultResponseDto>(result));
}
ApiResource apiResource = new ApiResource(dto.Name, dto.DisplayName, dto.UserClaims);
apiResource.Description = dto.Description;
//获取数据商店
IApiResourceRepositories dataStore = this.ServiceProvider.GetRequiredService <IApiResourceRepositories>();
if (await dataStore.GetIdAsync(apiResource.Name) > 0)
{
return(Result.ReFailure <ResultResponseDto>(apiResource.Name + " Api资源已经存在", ResultCodes.InvalidParameter));
}
//添加秘钥
foreach (var item in dto.Secrets)
{
Secret secret = new Secret(item.Value, item.Type, item.Description, item.Expiration);
if (!secret.IsValid())
{
return(Result.ReFailure <ResultResponseDto>("请求参数错误", ResultCodes.InvalidParameter));
}
apiResource.Secrets.Add(secret);
}
//添加包含范围
foreach (var item in dto.Scopes)
{
ApiScope scope = Mapper.Map <ApiScope>(item);
if (!scope.IsValid())
{
return(Result.ReFailure <ResultResponseDto>("请求参数错误", ResultCodes.InvalidParameter));
}
//判断数据库以及当前Api资源是否存在当前Api范围
if (await dataStore.GetScopeIdAsync(scope.Name) > 0 || apiResource.Scopes.ToList().Exists(f => f.Name == scope.Name))
{
return(Result.ReFailure <ResultResponseDto>(scope.Name + "Api范围已经存在", ResultCodes.InvalidParameter));
}
apiResource.Scopes.Add(scope);
}
if (!apiResource.IsValid())
{
return(Result.ReFailure <ResultResponseDto>("请求参数错误,Api资源不合法", ResultCodes.InvalidParameter));
}
base.State = apiResource;
await base.WriteStateAsync();
return(Result.ReSuccess <ResultResponseDto>());
}
public IActionResult AddScope()
{
var scope = new ApiScope {
Name = "api_meteo_scope", Enabled = true
};
_confContext.ApiScopes.Add(scope.ToEntity());
_confContext.SaveChanges();
return(Ok());
}
/// <summary>
/// Determines if client is allowed access to the API scope.
/// </summary>
/// <param name="client"></param>
/// <param name="apiScope"></param>
/// <returns></returns>
protected virtual Task <bool> IsClientAllowedApiScopeAsync(Client client, ApiScope apiScope)
{
var allowed = client.AllowedScopes.Contains(apiScope.Name);
if (!allowed)
{
_logger.LogError("Client {client} is not allowed access to scope {scope}.", client.ClientId, apiScope.Name);
}
return(Task.FromResult(allowed));
}
protected virtual async Task ValidateScopeAsync(Client client, Resources resourcesFromStore, ParsedScopeValue requestedScope, ResourceValidationResult result)
{
if (requestedScope.ParsedName == "offline_access")
{
if (await IsClientAllowedOfflineAccessAsync(client))
{
result.Resources.OfflineAccess = true;
result.ParsedScopes.Add(new ParsedScopeValue("offline_access"));
}
else
{
result.InvalidScopes.Add("offline_access");
}
return;
}
IdentityResource identity = resourcesFromStore.FindIdentityResourcesByScope(requestedScope.ParsedName);
if (identity != null)
{
if (await IsClientAllowedIdentityResourceAsync(client, identity))
{
result.ParsedScopes.Add(requestedScope);
result.Resources.IdentityResources.Add(identity);
}
else
{
result.InvalidScopes.Add(requestedScope.RawValue);
}
return;
}
ApiScope apiScope = resourcesFromStore.FindApiScope(requestedScope.ParsedName);
if (apiScope != null)
{
if (await IsClientAllowedApiScopeAsync(client, apiScope))
{
result.ParsedScopes.Add(requestedScope);
result.Resources.ApiScopes.Add(apiScope);
foreach (ApiResource item in resourcesFromStore.FindApiResourcesByScope(apiScope.Name))
{
result.Resources.ApiResources.Add(item);
}
}
else
{
result.InvalidScopes.Add(requestedScope.RawValue);
}
}
else
{
_logger.LogError("Scope {scope} not found in store.", requestedScope.ParsedName);
result.InvalidScopes.Add(requestedScope.RawValue);
}
}
public virtual async Task <int> DeleteApiScopeAsync(ApiScope apiScope)
{
var resourceScopeToDelete = await DbContext.ApiResourceScopes.SingleOrDefaultAsync(x => x.Scope.Equals(apiScope.Name));
DbContext.ApiResourceScopes.Remove(resourceScopeToDelete);
var apiScopeToDelete = await DbContext.ApiScopes.SingleOrDefaultAsync(x => x.Id == apiScope.Id);
DbContext.ApiScopes.Remove(apiScopeToDelete);
return(await AutoSaveChangesAsync());
}
public virtual async Task <int> UpdateApiScopeAsync(int apiResourceId, ApiScope apiScope)
{
////Remove old relations
await RemoveApiScopeClaimsAsync(apiScope);
///Remove properties
//Update with new data
DbContext.ApiScopes.Update(apiScope);
return(await AutoSaveChangesAsync());
}
public async Task <IActionResult> CreateApiScope([FromBody] ApiScope model)
{
if (!ModelState.IsValid)
{
return(new BadRequestObjectResult(ModelState));
}
await _apiScopeService.AddApiScopeAsync(model);
return(Ok());
}
private ScopeViewModel CreateScopeViewModel(ApiScope scope, bool check)
{
return(new ScopeViewModel
{
Name = scope.Name,
DisplayName = scope.DisplayName,
Description = scope.Description,
Emphasize = scope.Emphasize,
Required = scope.Required,
Checked = check || scope.Required
});
}
public ScopeViewModel CreateScopeViewModel(ParsedScopeValue parsedScopeValue, ApiScope apiScope, bool check)
{
return(new ScopeViewModel
{
Value = parsedScopeValue.RawValue,
DisplayName = apiScope.DisplayName ?? apiScope.Name,
Description = apiScope.Description,
Emphasize = apiScope.Emphasize,
Required = apiScope.Required,
Checked = check || apiScope.Required
});
}
public async Task InsertNewApiScope(ApiScope apiScope)
{
var apiScopeEntity = apiScope.MapApiScopes();
await using var connection = new SqlConnection(_connectionString);
await connection.OpenAsync();
var query =
$"insert into {_options.DbSchema}.ApiScopes (Name, DisplayName, Description, Required, Emphasize, ShowInDiscoveryDocument, Enabled)" +
$" VALUES (@Name, @DisplayName, @Description, @Required, @Emphasize, @ShowInDiscoveryDocument, @Enabled)";
await connection.ExecuteAsync(query, apiScopeEntity);
}
/// <summary>
/// Add new api scope
/// </summary>
/// <param name="apiResourceId"></param>
/// <param name="apiScope"></param>
/// <returns>This method return new api scope id</returns>
public virtual async Task <int> AddApiScopeAsync(int apiResourceId, ApiScope apiScope)
{
var apiResource = await DbContext.ApiResources.Where(x => x.Id == apiResourceId).SingleOrDefaultAsync();
apiScope.ApiResource = apiResource;
DbContext.ApiScopes.Add(apiScope);
await AutoSaveChangesAsync();
return(apiScope.Id);
}
public static ApiScopes MapApiScopes(this ApiScope scope)
{
return(new ApiScopes
{
Name = scope.Name,
DisplayName = scope.DisplayName,
Description = scope.Description,
Required = scope.Required,
Emphasize = scope.Emphasize,
ShowInDiscoveryDocument = scope.ShowInDiscoveryDocument,
Enabled = scope.Enabled
});
}
/// <summary>
/// Add ApiScope
/// </summary>
/// <param name="dto"></param>
/// <returns></returns>
public ApiScope BuildApiScope(ApiScopeBindingDto dto)
{
var scope = new ApiScope {
Name = dto.Name,
DisplayName = dto.DisplayName,
Description = dto.Description,
ApiResourceId = dto.ApiResourceId,
Emphasize = true
};
return(scope);
}
ScopeModel CreateScopeModel(ParsedScopeValue parsedScopeValue, ApiScope apiScope, bool check)
{
return(new ScopeModel
{
Value = parsedScopeValue.RawValue,
// todo: use the parsed scope value in the display?
DisplayName = apiScope.DisplayName ?? apiScope.Name,
Description = apiScope.Description,
Emphasize = apiScope.Emphasize,
Required = apiScope.Required,
Checked = check || apiScope.Required
});
}
public async Task GetAllResources_WhenAllResourcesRequested_ExpectAllResourcesIncludingHidden()
{
var visibleIdentityResource = CreateIdentityTestResource();
var visibleApiResource = CreateApiResourceTestResource();
var visibleApiScope = CreateApiScopeTestResource();
var hiddenIdentityResource = new IdentityResource {
Name = Guid.NewGuid().ToString(), ShowInDiscoveryDocument = false
};
var hiddenApiResource = new ApiResource
{
Name = Guid.NewGuid().ToString(),
Scopes = { Guid.NewGuid().ToString() },
ShowInDiscoveryDocument = false
};
var hiddenApiScope = new ApiScope
{
Name = Guid.NewGuid().ToString(),
ShowInDiscoveryDocument = false
};
await _context.IdentityResources.AddAsync(visibleIdentityResource.ToEntity());
await _context.ApiResources.AddAsync(visibleApiResource.ToEntity());
await _context.ApiScopes.AddAsync(visibleApiScope.ToEntity());
await _context.IdentityResources.AddAsync(hiddenIdentityResource.ToEntity());
await _context.ApiResources.AddAsync(hiddenApiResource.ToEntity());
await _context.ApiScopes.AddAsync(hiddenApiScope.ToEntity());
Resources resources;
var store = new ResourceStore(_context, FakeLogger <ResourceStore> .Create());
resources = await store.GetAllResourcesAsync();
Assert.NotNull(resources);
Assert.NotEmpty(resources.IdentityResources);
Assert.NotEmpty(resources.ApiResources);
Assert.NotEmpty(resources.ApiScopes);
Assert.Contains(resources.IdentityResources, x => x.Name == visibleIdentityResource.Name);
Assert.Contains(resources.IdentityResources, x => x.Name == hiddenIdentityResource.Name);
Assert.Contains(resources.ApiResources, x => x.Name == visibleApiResource.Name);
Assert.Contains(resources.ApiResources, x => x.Name == hiddenApiResource.Name);
Assert.Contains(resources.ApiScopes, x => x.Name == visibleApiScope.Name);
Assert.Contains(resources.ApiScopes, x => x.Name == hiddenApiScope.Name);
}
public ApiScope ToScope()
{
var result = new ApiScope(
Data.Name,
Data.DisplayName ?? string.Empty,
Data.UserClaims ?? Enumerable.Empty <string>())
{
Enabled = !Data.Disabled,
Emphasize = Data.Emphasize,
Required = Data.Required
};
return(result);
}
public async Task <ApiScope> AddAsync(ApiScope apiScope)
{
try
{
var result = await this.DbContext.AddAsync(apiScope);
this.DbContext.SaveChanges();
return(result.Entity);
}
catch (Exception ex)
{
throw ex;
}
}
public async Task <int> UpdateApiScopeAsync(int apiResourceId, ApiScope apiScope)
{
var apiResource = await _dbContext.ApiResources.Where(x => x.Id == apiResourceId).SingleOrDefaultAsync();
apiScope.ApiResource = apiResource;
//Remove old relations
await RemoveApiScopeClaimsAsync(apiScope);
//Update with new data
_dbContext.ApiScopes.Update(apiScope);
return(await AutoSaveChangesAsync());
}
protected internal virtual ScopeViewModel CreateScopeViewModel(ApiScope apiScope)
{
if (apiScope == null)
{
throw new ArgumentNullException(nameof(apiScope));
}
var model = this.CreateScopeViewModelInternal(apiScope);
model.Emphasize = apiScope.Emphasize;
model.Required = apiScope.Required;
return(model);
}
/// <summary>
/// Converts from.
/// </summary>
/// <param name="model">The model.</param>
/// <returns></returns>
public ApiScopeDetails ConvertFrom(ApiScope model)
{
if (model == null)
{
return(null);
}
return(new ApiScopeDetails
{
Enabled = model.Enabled,
DisplayName = model.DisplayName,
Name = model.Name,
Description = model.Description
});
}
public static Models.ApiScope ToModel(this ApiScope entity)
{
return(entity is null ? null : new Models.ApiScope
{
Description = entity.Description,
DisplayName = entity.DisplayName,
Emphasize = entity.Emphasize,
Enabled = entity.Enabled,
Name = entity.Name,
Properties = entity.Properties,
Required = entity.Required,
ShowInDiscoveryDocument = entity.ShowInDiscoveryDocument,
UserClaims = entity.UserClaims
});
}
public async Task SetApiScopeAsync(ApiScope apiScope, SetApiParam param, CancellationToken cancellationToken)
{
var config = await GetConfigDaoAsync(param.Authority, cancellationToken);
var newApis = config.Apis == null ? new List <ApiScope>() : new List <ApiScope>(config.Apis);
var oldApi = newApis.Where(e => e.Name.Equals(apiScope.Name, StringComparison.Ordinal)).FirstOrDefault();
if (oldApi != null)
{
newApis.Remove(oldApi);
}
newApis.Add(apiScope);
config.Apis = newApis;
await SetConfigDaoAsync(param.Authority, cancellationToken, config);
}
public async Task <bool> CanInsertApiScopeAsync(ApiScope apiScope)
{
if (apiScope.Id == 0)
{
var existsWithSameName = await _dbContext.ApiScopes.Where(x => x.Name == apiScope.Name).SingleOrDefaultAsync();
return(existsWithSameName == null);
}
else
{
var existsWithSameName = await _dbContext.ApiScopes.Where(x => x.Name == apiScope.Name && x.Id != apiScope.Id).SingleOrDefaultAsync();
return(existsWithSameName == null);
}
}
public static IEnumerable <ApiScope> GetApiScopes()
{
List <ApiScope> apiScopes = new List <ApiScope>();
foreach (var item in ApiNames)
{
var configuration = Configuration.GetSection(item);
string[] names = configuration.GetSection("ApiScope").Value.Split(",");
foreach (var name in names)
{
ApiScope apiScope = new ApiScope(name, name);
apiScopes.Add(apiScope);
}
}
return(apiScopes);
}
public static ApiScopeModel FromEntity(ApiScope apiScope)
{
return(new ApiScopeModel
{
Id = apiScope.Id,
Enabled = apiScope.Enabled,
Name = apiScope.Name,
DisplayName = apiScope.DisplayName,
Description = apiScope.Description,
Required = apiScope.Required,
Emphasize = apiScope.Emphasize,
ShowInDiscoveryDocument = apiScope.ShowInDiscoveryDocument,
UserClaims = apiScope.UserClaims,
Properties = apiScope.Properties,
});
}
private ScopeViewModel ToModel(ApiScope entity)
{
return(new ScopeViewModel
{
Id = entity.Id,
Enabled = entity.Enabled,
Name = entity.Name,
DisplayName = entity.DisplayName,
Description = entity.Description,
Required = entity.Required,
ShowInDiscoveryDocument = entity.ShowInDiscoveryDocument,
Emphasize = entity.Emphasize,
UserClaims = entity.UserClaims
.Select(x => x.Type).ToList()
});
}
private void HandleCollectionProperties(ScopeViewModel model, ApiScope apiScope)
{
// deassign them
if (apiScope.UserClaims != null)
{
apiScope.UserClaims.Clear();
}
// assign them
apiScope.UserClaims = model.UserClaims
.Select(x => new ApiScopeClaim
{
Scope = apiScope,
Type = x
}).ToList();
}
public async Task Serialize_ApiScope_Test()
{
await Task.CompletedTask;
var apiScope = new ApiScope();
var json = JsonConvert.SerializeObject(apiScope, this.JsonSerializerSettings);
Assert.AreEqual("{}", json);
apiScope = new ApiScope
{
Name = "name"
};
json = JsonConvert.SerializeObject(apiScope, this.JsonSerializerSettings);
Assert.AreEqual("{\"Name\":\"name\"}", json);
}
