public async Task <bool> SetTicket(UMAPermissionTicket umaPermissionTicket)
{
var payload = Encoding.UTF8.GetBytes(JsonConvert.SerializeObject(umaPermissionTicket));
await _distributedCache.SetAsync(umaPermissionTicket.Id, payload, new DistributedCacheEntryOptions
{
SlidingExpiration = TimeSpan.FromSeconds(_umaHostOptions.ValidityPeriodPermissionTicketInSeconds)
});
return(true);
}
private async Task Check(UMAPermissionTicket permissionTicket)
{
var resourceIds = permissionTicket.Records.Select(r => r.ResourceId);
var umaResources = await _umaResourceQueryRepository.FindByIdentifiers(resourceIds);
var unknownResources = resourceIds.Where(rid => !umaResources.Any(r => r.Id == rid));
if (unknownResources.Any())
{
throw new UMAInvalidResourceException();
}
var unknownScopes = permissionTicket.Records.Where(rec => !rec.Scopes.All(sc => umaResources.First(r => r.Id == rec.ResourceId).Scopes.Contains(sc)));
if (unknownScopes.Any())
{
throw new UMAInvalidResourceScopeException();
}
}