public static async Task <ClaimsPrincipal> CreateClaimsPrincipalAsync(OpenIddictApplicationManager <BTCPayOpenIdClient> applicationManager,
OpenIddictAuthorizationManager <BTCPayOpenIdAuthorization> authorizationManager,
IdentityOptions identityOptions,
SignInManager <ApplicationUser> signInManager,
OpenIddictRequest request,
ApplicationUser user)
{
var principal = await signInManager.CreateUserPrincipalAsync(user);
if (!request.IsAuthorizationCodeGrantType() && !request.IsRefreshTokenGrantType())
{
principal.SetScopes(request.GetScopes().Restrict(principal));
}
else if (request.IsAuthorizationCodeGrantType() &&
string.IsNullOrEmpty(principal.GetInternalAuthorizationId()))
{
var app = await applicationManager.FindByClientIdAsync(request.ClientId);
var authorizationId = await IsUserAuthorized(authorizationManager, request, user.Id, app.Id);
if (!string.IsNullOrEmpty(authorizationId))
{
principal.SetInternalAuthorizationId(authorizationId);
}
}
principal.SetDestinations(identityOptions);
return(principal);
}
public static async Task <string> IsUserAuthorized(
OpenIddictAuthorizationManager <BTCPayOpenIdAuthorization> authorizationManager,
OpenIdConnectRequest request, string userId, string applicationId)
{
var authorizations =
await authorizationManager.ListAsync(queryable =>
queryable.Where(authorization =>
authorization.Subject.Equals(userId, StringComparison.OrdinalIgnoreCase) &&
applicationId.Equals(authorization.Application.Id, StringComparison.OrdinalIgnoreCase) &&
authorization.Status.Equals(OpenIddictConstants.Statuses.Valid,
StringComparison.OrdinalIgnoreCase)));
if (authorizations.Length > 0)
{
var scopeTasks = authorizations.Select(authorization =>
(authorizationManager.GetScopesAsync(authorization).AsTask(), authorization.Id));
await Task.WhenAll(scopeTasks.Select((tuple) => tuple.Item1));
var authorizationsWithSufficientScopes = scopeTasks
.Select((tuple) => (tuple.Id, Scopes: tuple.Item1.Result))
.Where((tuple) => !request.GetScopes().Except(tuple.Scopes).Any());
if (authorizationsWithSufficientScopes.Any())
{
return(authorizationsWithSufficientScopes.First().Id);
}
}
return(null);
}
public LogoutEventHandler(
OpenIddictApplicationManager <BTCPayOpenIdClient> applicationManager,
OpenIddictAuthorizationManager <BTCPayOpenIdAuthorization> authorizationManager,
SignInManager <ApplicationUser> signInManager, IOptions <IdentityOptions> identityOptions) : base(
applicationManager, authorizationManager,
signInManager, identityOptions)
{
}
public RefreshTokenGrantTypeEventHandler(
OpenIddictApplicationManager <BTCPayOpenIdClient> applicationManager,
OpenIddictAuthorizationManager <BTCPayOpenIdAuthorization> authorizationManager,
SignInManager <ApplicationUser> signInManager,
IOptions <IdentityOptions> identityOptions, UserManager <ApplicationUser> userManager) : base(
applicationManager, authorizationManager, signInManager,
identityOptions, userManager)
{
}
public OpenIdGrantHandlerCheckCanSignIn(
OpenIddictApplicationManager <BTCPayOpenIdClient> applicationManager,
OpenIddictAuthorizationManager <BTCPayOpenIdAuthorization> authorizationManager,
SignInManager <ApplicationUser> signInManager,
IOptions <IdentityOptions> identityOptions, UserManager <ApplicationUser> userManager) : base(
applicationManager, authorizationManager, signInManager,
identityOptions)
{
_userManager = userManager;
}
public OpenIddictProvider(
ILogger <OpenIddictProvider> logger,
OpenIddictApplicationManager <Applications> applications,
OpenIddictAuthorizationManager <Authorization> authorizations,
OpenIddictScopeManager <OpenIddict.Models.OpenIddictScope> scopes,
OpenIddictTokenManager <Token> tokens,
IConfigurationRoot config) : base(logger, applications, authorizations, scopes, tokens)
{
// config.GetSection("ValidIssuers").getva
_validIssuers = config.GetSection("ValidIssuers")?.Get <List <String> >();
}
public PasswordGrantTypeEventHandler(
OpenIddictApplicationManager <BTCPayOpenIdClient> applicationManager,
OpenIddictAuthorizationManager <BTCPayOpenIdAuthorization> authorizationManager,
SignInManager <ApplicationUser> signInManager,
UserManager <ApplicationUser> userManager,
IOptions <IdentityOptions> identityOptions, U2FService u2FService) : base(applicationManager,
authorizationManager, signInManager, identityOptions)
{
_userManager = userManager;
_u2FService = u2FService;
}
public ClientCredentialsGrantTypeEventHandler(
OpenIddictApplicationManager <BTCPayOpenIdClient> applicationManager,
OpenIddictAuthorizationManager <BTCPayOpenIdAuthorization> authorizationManager,
SignInManager <ApplicationUser> signInManager,
IOptions <IdentityOptions> identityOptions,
UserManager <ApplicationUser> userManager) : base(applicationManager, authorizationManager, signInManager,
identityOptions)
{
_applicationManager = applicationManager;
_userManager = userManager;
}
protected BaseOpenIdGrantHandler(
OpenIddictApplicationManager <BTCPayOpenIdClient> applicationManager,
OpenIddictAuthorizationManager <BTCPayOpenIdAuthorization> authorizationManager,
SignInManager <ApplicationUser> signInManager,
IOptions <IdentityOptions> identityOptions)
{
_applicationManager = applicationManager;
_authorizationManager = authorizationManager;
_signInManager = signInManager;
_identityOptions = identityOptions;
}
public AuthorizationController(
OpenIddictApplicationManager <OpenIddictApplication> applicationManager,
OpenIddictAuthorizationManager <OpenIddictAuthorization> authorizationManager,
OpenIddictScopeManager <OpenIddictScope> scopeManager,
SignInManager <ApplicationUser> signInManager,
UserManager <ApplicationUser> userManager)
{
_applicationManager = applicationManager;
_authorizationManager = authorizationManager;
_scopeManager = scopeManager;
_signInManager = signInManager;
_userManager = userManager;
}
public AuthorizationController(
OpenIddictApplicationManager <BTCPayOpenIdClient> applicationManager,
SignInManager <ApplicationUser> signInManager,
OpenIddictAuthorizationManager <BTCPayOpenIdAuthorization> authorizationManager,
UserManager <ApplicationUser> userManager,
IOptions <IdentityOptions> identityOptions)
{
_applicationManager = applicationManager;
_signInManager = signInManager;
_authorizationManager = authorizationManager;
_userManager = userManager;
_IdentityOptions = identityOptions;
}
public AuthorizationController(
OpenIddictApplicationManager <OpenIddictApplication> applicationManager,
OpenIddictAuthorizationManager <OpenIddictAuthorization> authorizationManager,
IOptions <IdentityOptions> identityOptions,
SignInManager <ApplicationUser> signInManager,
UserManager <ApplicationUser> userManager)
{
this.applicationManager = applicationManager;
this.authorizationManager = authorizationManager;
this.identityOptions = identityOptions;
this.signInManager = signInManager;
this.userManager = userManager;
}
public AuthorizationController(
OpenIddictApplicationManager <DynamoIdentityApplication> applicationManager,
SignInManager <ApplicationUser> signInManager,
UserManager <ApplicationUser> userManager,
OpenIddictAuthorizationManager <DynamoIdentityAuthorization> authorizationManager,
DeviceCodeManager <DynamoIdentityDeviceCode> deviceCodeManager,
DeviceCodeOptions deviceCodeOptions)
{
_applicationManager = applicationManager;
_signInManager = signInManager;
_userManager = userManager;
_authorizationManager = authorizationManager as ApplicationAuthorizationManager <DynamoIdentityAuthorization>;
_deviceCodeManager = deviceCodeManager;
_deviceCodeOptions = deviceCodeOptions;
}
public AuthorizationController(
UserManager <ApplicationUser> userManager,
SignInManager <ApplicationUser> signInManager,
IEmailSender emailSender,
ILogger <AuthorizationController> logger,
IConfiguration configuration,
ApplicationDbContext ctx,
OpenIddictTokenManager <OpenIddictToken> tokenManager,
OpenIddictAuthorizationManager <OpenIddictAuthorization> authorizationManager
)
{
_userManager = userManager;
_signInManager = signInManager;
_emailSender = emailSender;
_logger = logger;
_config = configuration;
_ctx = ctx;
_tokenManager = tokenManager;
_authorizationManager = authorizationManager;
}
public static async Task <AuthenticationTicket> CreateAuthenticationTicket(
OpenIddictApplicationManager <BTCPayOpenIdClient> applicationManager,
OpenIddictAuthorizationManager <BTCPayOpenIdAuthorization> authorizationManager,
IdentityOptions identityOptions,
SignInManager <ApplicationUser> signInManager,
OpenIdConnectRequest request,
ApplicationUser user,
AuthenticationProperties properties = null)
{
// Create a new ClaimsPrincipal containing the claims that
// will be used to create an id_token, a token or a code.
var principal = await signInManager.CreateUserPrincipalAsync(user);
// Create a new authentication ticket holding the user identity.
var ticket = new AuthenticationTicket(principal, properties,
OpenIddictServerDefaults.AuthenticationScheme);
if (!request.IsAuthorizationCodeGrantType() && !request.IsRefreshTokenGrantType())
{
ticket.SetScopes(request.GetScopes());
}
else if (request.IsAuthorizationCodeGrantType() &&
string.IsNullOrEmpty(ticket.GetInternalAuthorizationId()))
{
var app = await applicationManager.FindByClientIdAsync(request.ClientId);
var authorizationId = await IsUserAuthorized(authorizationManager, request, user.Id, app.Id);
if (!string.IsNullOrEmpty(authorizationId))
{
ticket.SetInternalAuthorizationId(authorizationId);
}
}
foreach (var claim in ticket.Principal.Claims)
{
claim.SetDestinations(GetDestinations(identityOptions, claim, ticket));
}
return(ticket);
}
public GmapsController(
UserManager <ApplicationUser> userManager,
SignInManager <ApplicationUser> signInManager,
IEmailSender emailSender,
ILogger <AuthorizationController> logger,
IConfiguration configuration,
ApplicationDbContext ctx,
OpenIddictTokenManager <OpenIddictToken> tokenManager,
OpenIddictAuthorizationManager <OpenIddictAuthorization> authorizationManager
)
{
_userManager = userManager;
_signInManager = signInManager;
_emailSender = emailSender;
_logger = logger;
_config = configuration;
_ctx = ctx;
var GoogleConfig = _config.GetSection("ExternalIdentities").GetSection("Google");
_googleApiKey = GoogleConfig["api_key"];
}
public PruneExpiredTokensJob(OpenIddictTokenManager <OpenIddictToken> openIddictTokenManager, OpenIddictAuthorizationManager <OpenIddictAuthorization> openIddictAuthorizationManager)
{
_openIddictTokenManager = openIddictTokenManager;
_openIddictAuthorizationManager = openIddictAuthorizationManager;
}
