public async Task CreateAsync(OspClient ospClient) { ArgumentValidation.Validate(nameof(ospClient), ospClient); var session = await _repository.StartSessionAsync(); session.StartTransaction(); await _clientCollection.InsertAsync(session, ospClient); await session.CommitTransactionAsync(); }
public async Task UpdateAsync(string clientId, OspClient client) { ArgumentValidation.ValidateString(nameof(clientId), clientId); ArgumentValidation.Validate(nameof(client), client); var session = await _repository.StartSessionAsync(); session.StartTransaction(); var dbClient = await GetClientByClientId(session, clientId); if (dbClient == null) { throw new EntityNotFoundException($"Client id '{clientId}' does not exist."); } await _clientCollection.ReplaceByIdAsync(session, dbClient.Id, client); await session.CommitTransactionAsync(); }
public async Task <IActionResult> Post([Required][FromBody] ClientDto clientDto) { if (!ModelState.IsValid) { return(BadRequest(ModelState)); } if (await _ospClientStore.FindClientByIdAsync(clientDto.ClientId) != null) { return(Conflict($"Client with id '{clientDto.ClientId}' already exists.")); } var appClient = new OspClient { RequirePkce = true, RequireClientSecret = false, AccessTokenType = AccessTokenType.Jwt, AllowAccessTokensViaBrowser = true, AlwaysIncludeUserClaimsInIdToken = true, RequireConsent = false }; ApplyToClient(appClient, clientDto); try { await _ospClientStore.CreateAsync(appClient); await ClearCacheAsync(); return(Ok()); } catch (Exception e) { return(BadRequest(new InternalServerError(e.Message))); } }
private async Task CreateClients() { var ospJobServices = await _clientStore.FindClientByIdAsync(CommonConstants.JobServicesClientId); if (ospJobServices == null) { var appClient = new OspClient { ClientId = CommonConstants.JobServicesClientId, ClientName = Texts.Backend_JobServices_UserSchema_JobServices_DisplayName, ClientUri = _ospJobServicesOptions.PublicUrl, AllowedGrantTypes = new[] { OidcConstants.GrantTypes.Implicit }, RequirePkce = true, RequireClientSecret = false, AccessTokenType = AccessTokenType.Jwt, AllowAccessTokensViaBrowser = true, AlwaysIncludeUserClaimsInIdToken = true, RedirectUris = { _ospJobServicesOptions.PublicUrl.EnsureEndsWith("/") + "signin-oidc" }, PostLogoutRedirectUris = { _ospJobServicesOptions.PublicUrl.EnsureEndsWith("/") }, AllowedCorsOrigins = { _ospJobServicesOptions.PublicUrl.TrimEnd('/') }, AllowedScopes = { CommonConstants.Scopes.OpenId, CommonConstants.Scopes.Profile, CommonConstants.Scopes.Email, JwtClaimTypes.Role } }; await _clientStore.CreateAsync(appClient); } var ospJobServiceSwaggerClient = await _clientStore.FindClientByIdAsync(CommonConstants.JobServicesSwaggerClientId); if (ospJobServiceSwaggerClient == null) { var appClient = new OspClient { ClientId = CommonConstants.JobServicesSwaggerClientId, ClientName = Texts.Backend_JobServices_UserSchema_Swagger_DisplayName, ClientUri = _ospJobServicesOptions.PublicUrl, AllowedGrantTypes = new[] { OidcConstants.GrantTypes.AuthorizationCode }, RequirePkce = true, RequireClientSecret = false, AccessTokenType = AccessTokenType.Jwt, AllowAccessTokensViaBrowser = true, AlwaysIncludeUserClaimsInIdToken = true, RedirectUris = { _ospJobServicesOptions.PublicUrl.EnsureEndsWith("/swagger/oauth2-redirect.html") }, PostLogoutRedirectUris = { _ospJobServicesOptions.PublicUrl.EnsureEndsWith("/") }, AllowedCorsOrigins = { _ospJobServicesOptions.PublicUrl.TrimEnd('/') }, AllowedScopes = { CommonConstants.Scopes.OpenId, CommonConstants.Scopes.Profile, CommonConstants.Scopes.Email, JwtClaimTypes.Role, CommonConstants.JobApiFullAccess, CommonConstants.JobApiReadOnly } }; await _clientStore.CreateAsync(appClient); } }
private async Task CreateClients() { var ospToolClient = await _clientStore.FindClientByIdAsync(CommonConstants.OspToolClientId); if (ospToolClient == null) { var appClient = new OspClient { ClientId = CommonConstants.OspToolClientId, // no interactive user, use the clientId/secret for authentication AllowedGrantTypes = new[] { OidcConstants.GrantTypes.DeviceCode }, // secret for authentication ClientSecrets = { new Secret(CommonConstants.OspToolClientSecret.Sha256()) }, AllowOfflineAccess = true, // scopes that client has access to AllowedScopes = { IdentityServerConstants.StandardScopes.OpenId, IdentityServerConstants.StandardScopes.Profile, IdentityServerConstants.StandardScopes.Email, JwtClaimTypes.Role, CommonConstants.SystemApiFullAccess, CommonConstants.IdentityApiFullAccess, CommonConstants.JobApiFullAccess } }; await _clientStore.CreateAsync(appClient); } var ospIdentityServiceSwaggerClient = await _clientStore.FindClientByIdAsync(CommonConstants.IdentityServicesSwaggerClientId); if (ospIdentityServiceSwaggerClient == null) { var appClient = new OspClient { ClientId = CommonConstants.IdentityServicesSwaggerClientId, ClientName = Texts.Backend_IdentityServices_UserSchema_Swagger_DisplayName, ClientUri = _ospIdentityOptions.AuthorityUrl, AllowedGrantTypes = new[] { OidcConstants.GrantTypes.AuthorizationCode }, RequirePkce = true, RequireClientSecret = false, AccessTokenType = AccessTokenType.Jwt, AllowAccessTokensViaBrowser = true, AlwaysIncludeUserClaimsInIdToken = true, RedirectUris = { _ospIdentityOptions.AuthorityUrl.EnsureEndsWith("/swagger/oauth2-redirect.html") }, PostLogoutRedirectUris = { _ospIdentityOptions.AuthorityUrl.EnsureEndsWith("/") }, AllowedCorsOrigins = { _ospIdentityOptions.AuthorityUrl.TrimEnd('/') }, AllowedScopes = { CommonConstants.Scopes.OpenId, CommonConstants.Scopes.Profile, CommonConstants.Scopes.Email, JwtClaimTypes.Role, CommonConstants.IdentityApiFullAccess, CommonConstants.IdentityApiReadOnly } }; await _clientStore.CreateAsync(appClient); } }