private async Task UpdateRedirectUris(string clientId, ClientRegisteration registration)
{
var redirectUriResponse = await _clientUriStore.GetAsync(new PageRequest
{
Filter = $"{nameof(ClientUri.ClientId)} eq '{clientId}'"
}).ConfigureAwait(false);
foreach (var item in redirectUriResponse.Items)
{
if (!registration.RedirectUris.Any(u => u == item.Uri))
{
await _clientUriStore.DeleteAsync(item.Id).ConfigureAwait(false);
}
}
foreach (var redirectUri in registration.RedirectUris)
{
if (!redirectUriResponse.Items.Any(u => u.Uri == redirectUri))
{
await _clientUriStore.CreateAsync(new ClientUri
{
ClientId = clientId,
Id = Guid.NewGuid().ToString(),
Kind = UriKinds.Cors | UriKinds.Redirect,
Uri = redirectUri
}).ConfigureAwait(false);
}
}
}
private static void SeedRelyingPartyClaimMappings(IAdminStore <Entity.RelyingPartyClaimMapping> relyingPartyClaimMappingStore, Entity.RelyingParty relyingParty)
{
if (relyingParty.ClaimMappings == null)
{
return;
}
foreach (var mapping in relyingParty.ClaimMappings)
{
try
{
relyingPartyClaimMappingStore.CreateAsync(new Entity.RelyingPartyClaimMapping
{
FromClaimType = mapping.FromClaimType,
Id = Guid.NewGuid().ToString(),
RelyingPartyId = relyingParty.Id,
ToClaimType = mapping.ToClaimType
}).GetAwaiter().GetResult();
}
catch (ArgumentException)
{
// silent
}
}
}
private async Task UpdateGrantTypes(string clientId, ClientRegisteration registration)
{
var grantTypeResponse = await _clientGrantTypeStore.GetAsync(new PageRequest
{
Filter = $"{nameof(ClientGrantType.ClientId)} eq '{clientId}'"
}).ConfigureAwait(false);
foreach (var item in grantTypeResponse.Items)
{
if (!registration.GrantTypes.Any(g => g == item.GrantType))
{
await _clientGrantTypeStore.DeleteAsync(item.Id).ConfigureAwait(false);
}
}
foreach (var grantType in registration.GrantTypes)
{
if (!grantTypeResponse.Items.Any(u => u.GrantType == grantType))
{
await _clientGrantTypeStore.CreateAsync(new ClientGrantType
{
ClientId = clientId,
Id = Guid.NewGuid().ToString(),
GrantType = grantType
}).ConfigureAwait(false);
}
}
}
private async Task UpdatePropertyAsync(string clientId, ClientRegisteration registration, PageResponse <ClientProperty> propertiesResponse, string values, string key)
{
var property = propertiesResponse.Items.FirstOrDefault(p => p.Key == key);
if ((registration.Contacts == null || !registration.Contacts.Any()) && property != null)
{
await _clientPropertyStore.DeleteAsync(property.Id).ConfigureAwait(false);
}
if (registration.Contacts == null || !registration.Contacts.Any())
{
if (property == null)
{
await _clientPropertyStore.CreateAsync(new ClientProperty
{
ClientId = clientId,
Id = Guid.NewGuid().ToString(),
Key = key,
Value = values
}).ConfigureAwait(false);
}
else if (property.Value != values)
{
property.Value = values;
await _clientPropertyStore.UpdateAsync(property).ConfigureAwait(false);
}
}
}
private static void SeedClientUris(IAdminStore <Entity.ClientUri> clientUriStore, IdentityServer4.Models.Client client)
{
var uris = client.RedirectUris.Select(o => new Entity.ClientUri
{
Id = Guid.NewGuid().ToString(),
ClientId = client.ClientId,
Uri = o
}).ToList();
foreach (var origin in client.AllowedCorsOrigins)
{
var cors = new Uri(origin);
var uri = uris.FirstOrDefault(u => cors.CorsMatch(u.Uri));
var corsUri = new Uri(origin);
var sanetized = $"{corsUri.Scheme.ToUpperInvariant()}://{corsUri.Host.ToUpperInvariant()}:{corsUri.Port}";
if (uri == null)
{
uris.Add(new Entity.ClientUri
{
Id = Guid.NewGuid().ToString(),
ClientId = client.ClientId,
Uri = origin,
Kind = Entity.UriKinds.Cors,
SanetizedCorsUri = sanetized
});
continue;
}
uri.SanetizedCorsUri = sanetized;
uri.Kind = Entity.UriKinds.Redirect | Entity.UriKinds.Cors;
}
foreach (var postLogout in client.PostLogoutRedirectUris)
{
var uri = uris.FirstOrDefault(u => u.Uri == postLogout);
if (uri == null)
{
uris.Add(new Entity.ClientUri
{
Id = Guid.NewGuid().ToString(),
ClientId = client.ClientId,
Uri = postLogout,
Kind = Entity.UriKinds.PostLogout
});
continue;
}
uri.Kind |= Entity.UriKinds.Redirect;
}
foreach (var uri in uris)
{
clientUriStore.CreateAsync(uri).GetAwaiter().GetResult();
}
}
private static void SeedClientScopes(IAdminStore <Entity.ClientScope> clientScopeStore, Duende.IdentityServer.Models.Client client)
{
foreach (var clientScope in client.AllowedScopes)
{
clientScopeStore.CreateAsync(new Entity.ClientScope
{
ClientId = client.ClientId,
Scope = clientScope,
Id = Guid.NewGuid().ToString()
}).GetAwaiter().GetResult();
}
}
private static void SeedClientGrantType(IAdminStore <Entity.ClientGrantType> clientGrantTypeStore, IdentityServer4.Models.Client client)
{
foreach (var grantType in client.AllowedGrantTypes)
{
clientGrantTypeStore.CreateAsync(new Entity.ClientGrantType
{
ClientId = client.ClientId,
GrantType = grantType,
Id = Guid.NewGuid().ToString()
}).GetAwaiter().GetResult();
}
}
private static void SeedApiApiScopes(IAdminStore <Entity.ApiApiScope> apiApiScopeStore, IdentityServer4.Models.ApiResource resource)
{
foreach (var apiScope in resource.Scopes)
{
apiApiScopeStore.CreateAsync(new Entity.ApiApiScope
{
ApiId = resource.Name,
ApiScopeId = apiScope,
Id = Guid.NewGuid().ToString()
}).GetAwaiter().GetResult();
}
}
private static void SeedIdentityClaims(IAdminStore <Entity.IdentityClaim> identityClaimStore, IdentityServer4.Models.IdentityResource resource)
{
foreach (var claim in resource.UserClaims)
{
identityClaimStore.CreateAsync(new Entity.IdentityClaim
{
Id = Guid.NewGuid().ToString(),
IdentityId = resource.Name,
Type = claim
}).GetAwaiter().GetResult();
}
}
private static void SeedClientRestrictions(IAdminStore <Entity.ClientIdpRestriction> clientIdpRestrictionStore, IdentityServer4.Models.Client client)
{
foreach (var restriction in client.IdentityProviderRestrictions)
{
clientIdpRestrictionStore.CreateAsync(new Entity.ClientIdpRestriction
{
ClientId = client.ClientId,
Id = Guid.NewGuid().ToString(),
Provider = restriction
}).GetAwaiter().GetResult();
}
}
private static void SeedApiScopeClaims(IAdminStore <Entity.ApiScopeClaim> apiScopeClaimStore, Duende.IdentityServer.Models.ApiScope resource)
{
foreach (var claim in resource.UserClaims)
{
apiScopeClaimStore.CreateAsync(new Entity.ApiScopeClaim
{
ApiScopeId = resource.Name,
Id = Guid.NewGuid().ToString(),
Type = claim
}).GetAwaiter().GetResult();
}
}
private static void SeedClientClaims(IAdminStore <Entity.ClientClaim> clientClaimStore, IdentityServer4.Models.Client client)
{
foreach (var claim in client.Claims)
{
clientClaimStore.CreateAsync(new Entity.ClientClaim
{
ClientId = client.ClientId,
Id = Guid.NewGuid().ToString(),
Type = claim.Type,
Value = claim.Value
}).GetAwaiter().GetResult();
}
}
private static void SeedApiProperties(IAdminStore <Entity.ApiProperty> apiPropertyStore, IdentityServer4.Models.ApiResource resource)
{
foreach (var property in resource.Properties)
{
apiPropertyStore.CreateAsync(new Entity.ApiProperty
{
ApiId = resource.Name,
Id = Guid.NewGuid().ToString(),
Key = property.Key,
Value = property.Value
}).GetAwaiter().GetResult();
}
}
private static void SeedClientProperties(IAdminStore <Entity.ClientProperty> clientPropertyStore, IdentityServer4.Models.Client client)
{
foreach (var property in client.Properties)
{
clientPropertyStore.CreateAsync(new Entity.ClientProperty
{
ClientId = client.ClientId,
Id = Guid.NewGuid().ToString(),
Key = property.Key,
Value = property.Value
}).GetAwaiter().GetResult();
}
}
private static void SeedIdentityProperties(IAdminStore <Entity.IdentityProperty> identityPropertyStore, Duende.IdentityServer.Models.IdentityResource resource)
{
foreach (var property in resource.Properties)
{
identityPropertyStore.CreateAsync(new Entity.IdentityProperty
{
Id = Guid.NewGuid().ToString(),
IdentityId = resource.Name,
Key = property.Key,
Value = property.Value
}).GetAwaiter().GetResult();
}
}
public async Task <string> CreateRequestAsync(models.BackChannelAuthenticationRequest request)
{
var clientId = GetClientId(request);
var subjectId = GetSubjectId(request);
request.InternalId ??= Guid.NewGuid().ToString();
var entity = CreateEntity(request, clientId, subjectId, request.CreationTime.AddSeconds(request.Lifetime));
entity = await _store.CreateAsync(entity).ConfigureAwait(false);
return(entity.SessionId);
}
private static void SeedClientSecrets(IAdminStore <Entity.ClientSecret> clientSecretStore, IdentityServer4.Models.Client client)
{
foreach (var secret in client.ClientSecrets)
{
clientSecretStore.CreateAsync(new Entity.ClientSecret
{
ClientId = client.ClientId,
Description = secret.Description,
Expiration = secret.Expiration,
Id = Guid.NewGuid().ToString(),
Type = secret.Type,
Value = secret.Value
}).GetAwaiter().GetResult();
}
}
private static void SeedApiSecrets(IAdminStore <Entity.ApiSecret> apiSecretStore, IdentityServer4.Models.ApiResource resource)
{
foreach (var secret in resource.ApiSecrets)
{
apiSecretStore.CreateAsync(new Entity.ApiSecret
{
ApiId = resource.Name,
Expiration = secret.Expiration,
Description = secret.Description,
Id = Guid.NewGuid().ToString(),
Type = secret.Type,
Value = secret.Value
}).GetAwaiter().GetResult();
}
}
public async Task <string> GetOneTimeToken()
{
var tokenResult = await _provider.RequestAccessToken().ConfigureAwait(false);
tokenResult.TryGetToken(out AccessToken token);
var state = await _stateProvider.GetAuthenticationStateAsync().ConfigureAwait(false);
var oneTimeToken = await _store.CreateAsync(new OneTimeToken
{
ClientId = _options.Value.ProviderOptions.ClientId,
UserId = state.User.Claims.First(c => c.Type == "sub").Value,
Data = token.Value
}).ConfigureAwait(false);
return(oneTimeToken.Id);
}
public async Task <string> StoreAuthorizationCodeAsync(AuthorizationCode code)
{
code = code ?? throw new ArgumentNullException(nameof(code));
var newEntity = new Entity.AuthorizationCode
{
Id = Guid.NewGuid().ToString(),
ClientId = code.ClientId,
Data = _serializer.Serialize(code),
Expiration = code.CreationTime.AddSeconds(code.Lifetime)
};
var entity = await _store.CreateAsync(newEntity).ConfigureAwait(false);
return(entity.Id);
}
private async Task AddResourceAsync(string clientId, IEnumerable <ClientLocalizedResource> items, IEnumerable <LocalizableProperty> propertyList)
{
foreach (var property in propertyList)
{
if (!items.Any(i => i.ResourceKind == EntityResourceKind.DisplayName && i.Value != property.Value))
{
await _clientResourceStore.CreateAsync(new ClientLocalizedResource
{
ClientId = clientId,
Id = Guid.NewGuid().ToString(),
ResourceKind = EntityResourceKind.DisplayName,
CultureId = property.Culture,
Value = property.Value
}).ConfigureAwait(false);
}
}
}
public Task StoreDeviceAuthorizationAsync(string deviceCode, string userCode, Models.DeviceCode data)
{
deviceCode = deviceCode ?? throw new ArgumentNullException(nameof(deviceCode));
userCode = userCode ?? throw new ArgumentNullException(nameof(userCode));
data = data ?? throw new ArgumentNullException(nameof(data));
var entity = new DeviceCode
{
Code = deviceCode,
UserCode = userCode,
Data = _serializer.Serialize(data),
ClientId = data.ClientId,
SubjectId = data.Subject?.FindFirst(JwtClaimTypes.Subject).Value,
Expiration = data.CreationTime.AddSeconds(data.Lifetime),
};
return(_store.CreateAsync(entity));
}
private static void SeedClientRestrictions(IAdminStore <Entity.ClientIdpRestriction> clientIdpRestrictionStore, ISModels.Client client)
{
foreach (var restriction in client.IdentityProviderRestrictions)
{
try
{
clientIdpRestrictionStore.CreateAsync(new Entity.ClientIdpRestriction
{
ClientId = client.ClientId,
Id = Guid.NewGuid().ToString(),
Provider = restriction
}).GetAwaiter().GetResult();
}
catch (ArgumentException)
{
// silent
}
}
}
private static void SeedIdentityClaims(IAdminStore <Entity.IdentityClaim> identityClaimStore, ISModels.IdentityResource resource)
{
foreach (var claim in resource.UserClaims)
{
try
{
identityClaimStore.CreateAsync(new Entity.IdentityClaim
{
Id = Guid.NewGuid().ToString(),
IdentityId = resource.Name,
Type = claim
}).GetAwaiter().GetResult();
}
catch (ArgumentException)
{
// silent
}
}
}
private static void SeedClientGrantType(IAdminStore <Entity.ClientGrantType> clientGrantTypeStore, ISModels.Client client)
{
foreach (var grantType in client.AllowedGrantTypes)
{
try
{
clientGrantTypeStore.CreateAsync(new Entity.ClientGrantType
{
ClientId = client.ClientId,
GrantType = grantType,
Id = Guid.NewGuid().ToString()
}).GetAwaiter().GetResult();
}
catch (ArgumentException)
{
// silent
}
}
}
private static void SeedApiApiScopes(IAdminStore <Entity.ApiApiScope> apiApiScopeStore, ISModels.ApiResource resource)
{
foreach (var apiScope in resource.Scopes)
{
try
{
apiApiScopeStore.CreateAsync(new Entity.ApiApiScope
{
ApiId = resource.Name,
ApiScopeId = apiScope,
Id = Guid.NewGuid().ToString()
}).GetAwaiter().GetResult();
}
catch (ArgumentException)
{
// silent
}
}
}
private static void SeedClientProperties(IAdminStore <Entity.ClientProperty> clientPropertyStore, ISModels.Client client)
{
foreach (var property in client.Properties)
{
try
{
clientPropertyStore.CreateAsync(new Entity.ClientProperty
{
ClientId = client.ClientId,
Id = Guid.NewGuid().ToString(),
Key = property.Key,
Value = property.Value
}).GetAwaiter().GetResult();
}
catch (ArgumentException)
{
// silent
}
}
}
private static void SeedClientClaims(IAdminStore <Entity.ClientClaim> clientClaimStore, ISModels.Client client)
{
foreach (var claim in client.Claims)
{
try
{
clientClaimStore.CreateAsync(new Entity.ClientClaim
{
ClientId = client.ClientId,
Id = Guid.NewGuid().ToString(),
Type = claim.Type,
Value = claim.Value
}).GetAwaiter().GetResult();
}
catch (ArgumentException)
{
// silent
}
}
}
private static void SeedIdentityProperties(IAdminStore <Entity.IdentityProperty> identityPropertyStore, ISModels.IdentityResource resource)
{
foreach (var property in resource.Properties)
{
try
{
identityPropertyStore.CreateAsync(new Entity.IdentityProperty
{
Id = Guid.NewGuid().ToString(),
IdentityId = resource.Name,
Key = property.Key,
Value = property.Value
}).GetAwaiter().GetResult();
}
catch (ArgumentException)
{
// silent
}
}
}
/// <summary>
/// Creates a new role in a store as an asynchronous operation.
/// </summary>
/// <param name="role">The role to create in the store.</param>
/// <param name="cancellationToken">The <see cref="CancellationToken"/> used to propagate notifications that the operation should be canceled.</param>
/// <returns>A <see cref="Task{TResult}"/> that represents the <see cref="IdentityResult"/> of the asynchronous query.</returns>
public async virtual Task <IdentityResult> CreateAsync(TRole role, CancellationToken cancellationToken)
{
cancellationToken.ThrowIfCancellationRequested();
ThrowIfDisposed();
AssertNotNull(role, nameof(role));
try
{
var created = await _roleStore.CreateAsync(role.ToRole(), cancellationToken).ConfigureAwait(false);
role.Id = created.Id;
return(IdentityResult.Success);
}
catch (Exception e)
{
return(IdentityResult.Failed(new IdentityError
{
Code = e.GetType().Name,
Description = e.Message
}));
}
}