private void ApplyClientSecrets(IdentityServer4.EntityFramework.Entities.Client client, Oauth2ClientSubmit oauth2ClientSubmit) { client.ClientSecrets = new List <ClientSecret>(); if (oauth2ClientSubmit.HashedClientSecrets != null && oauth2ClientSubmit.HashedClientSecrets.Count > 0) { foreach (var hashedClientSecret in oauth2ClientSubmit.HashedClientSecrets) { client.ClientSecrets.Add(new ClientSecret { Client = client, Value = hashedClientSecret }); } } else { foreach (var clientSecret in oauth2ClientSubmit.ClientSecrets) { client.ClientSecrets.Add(new ClientSecret { Client = client, Value = clientSecret.Sha256() }); } } }
private async Task RemoveClientRelationsAsync(Client client) { //Remove old allowed scopes var clientScopes = await _dbContext.ClientScopes.Where(x => x.Client.Id == client.Id).ToListAsync(); _dbContext.ClientScopes.RemoveRange(clientScopes); //Remove old grant types var clientGrantTypes = await _dbContext.ClientGrantTypes.Where(x => x.Client.Id == client.Id).ToListAsync(); _dbContext.ClientGrantTypes.RemoveRange(clientGrantTypes); //Remove old redirect uri var clientRedirectUris = await _dbContext.ClientRedirectUris.Where(x => x.Client.Id == client.Id).ToListAsync(); _dbContext.ClientRedirectUris.RemoveRange(clientRedirectUris); //Remove old client cors var clientCorsOrigins = await _dbContext.ClientCorsOrigins.Where(x => x.Client.Id == client.Id).ToListAsync(); _dbContext.ClientCorsOrigins.RemoveRange(clientCorsOrigins); //Remove old client id restrictions var clientIdPRestrictions = await _dbContext.ClientIdPRestrictions.Where(x => x.Client.Id == client.Id).ToListAsync(); _dbContext.ClientIdPRestrictions.RemoveRange(clientIdPRestrictions); //Remove old client post logout redirect var clientPostLogoutRedirectUris = await _dbContext.ClientPostLogoutRedirectUris.Where(x => x.Client.Id == client.Id).ToListAsync(); _dbContext.ClientPostLogoutRedirectUris.RemoveRange(clientPostLogoutRedirectUris); }
public async Task <int> RemoveClientAsync(Client client) { using (var dbContext = ConnectionDatabase.Get(_configuration)) { return(await dbContext.ExecuteAsync("delete from Clients where Id=@Id;", new { client.Id })); } }
public async Task <ActionResult> CreateCors(int id, ClientUriInputModel model) { if (ModelState.IsValid) { IdentityServer4.EntityFramework.Entities.Client client = _context.Clients.Include(x => x.AllowedCorsOrigins).FirstOrDefaultAsync(n => n.Id == model.ClientId).Result; if (client == null) { TempData["ErrorMessage"] = "Neznámý klient."; return(RedirectToAction(nameof(Index))); } client.AllowedCorsOrigins.Add(new ClientCorsOrigin { ClientId = model.ClientId, Origin = model.Uri }); try { await _context.SaveChangesAsync(); return(RedirectToAction("Details", new { id = model.ClientId })); } catch (Exception) { TempData["ErrorMessage"] = "Aktualizace klienta se nepodařila."; return(RedirectToAction("Details", new { id = model.ClientId })); } } return(View(model)); }
public async Task Create(ClientDto clientDto) { ValidateClientDto(clientDto); await AddApiResourceIfMissing(clientDto.AllowedScopes); var grantType = GetGrantType(clientDto); var client = new Client { ClientId = clientDto.Username, AllowedGrantTypes = new List <ClientGrantType> { new ClientGrantType { GrantType = grantType } }, ClientSecrets = new List <ClientSecret> { new ClientSecret { Value = clientDto.Password.Sha256() } }, AllowedScopes = clientDto.AllowedScopes.Select(x => new ClientScope { Scope = x.Name }).ToList() }; await _clientRepository.Add(client); }
private static ClientDto MapClientEntityToDto(Client client) { var result = new ClientDto { Id = client.Id, ClientId = client.ClientId, Name = client.ClientName ?? "No Name Assigned", Uri = client.ClientUri ?? "No Url Assigned", RequireConsent = client.RequireConsent, AllowOfflineAccess = client.AllowOfflineAccess, IsEnabled = client.Enabled, ProtocolType = client.ProtocolType ?? "No Protocol Assigned", AccessTokenLifetime = client.AccessTokenLifetime.ToString() }; if (client.ClientSecrets != null) { result.ClientSecret = new ClientSecretDto { Value = client.ClientSecrets.First().Value, ExpirationDate = client.ClientSecrets.First().Expiration }; } if (client.AllowedGrantTypes != null) { result.AllowedGrantTypes = client.AllowedGrantTypes.Select(clientGrantType => clientGrantType.GrantType) .ToList(); } return(result); }
private static void AddOrUpdateClientSecret(Client currentClient, string modelClientSecretDescription) { // Ensure the client secrets collection is not null if (currentClient.ClientSecrets == null) { currentClient.ClientSecrets = new List <ClientSecret>(); } var currentClientSecret = currentClient.ClientSecrets.FirstOrDefault(); // Add new secret if ((currentClientSecret != null && currentClientSecret.Description != modelClientSecretDescription) || currentClientSecret == null) { // Remove all secrets as we may have only one valid. currentClient.ClientSecrets.Clear(); currentClient.ClientSecrets.Add(new ClientSecret { Client = currentClient, Value = modelClientSecretDescription.Sha256(), Type = IdentityServerConstants.ParsedSecretTypes.SharedSecret, Description = modelClientSecretDescription }); } }
private void ApplyClientAllowedCorsOrigins(IdentityServer4.EntityFramework.Entities.Client client, Oauth2ClientSubmit oauth2ClientSubmit, bool dryRun, SecurityContractDryRunResult securityContractDryRunResult) { client.AllowedCorsOrigins = new List <ClientCorsOrigin>(); if (oauth2ClientSubmit.AllowedCorsOrigins != null && oauth2ClientSubmit.AllowedCorsOrigins.Any()) { foreach (var corsOrigin in oauth2ClientSubmit.AllowedCorsOrigins) { if (string.IsNullOrWhiteSpace(corsOrigin)) { var errMessage = $"[client.clientId: '{oauth2ClientSubmit.ClientId}']: Empty or null 'allowedCorsOrigin' element declared for client: '{oauth2ClientSubmit.ClientId}'"; if (dryRun) { securityContractDryRunResult.ValidationErrors.Add(errMessage); } else { throw new InvalidFormatException(errMessage); } } client.AllowedCorsOrigins.Add(new ClientCorsOrigin { Client = client, Origin = corsOrigin }); } } }
private static void SetMvcBasedClient(Client client) { // Ensure the client redirect url collection is not null if (client.AllowedGrantTypes == null) { client.AllowedGrantTypes = new List <ClientGrantType>(); } client.AllowedGrantTypes.Clear(); client.AllowedGrantTypes = new List <ClientGrantType> { new ClientGrantType { Client = client, GrantType = OidcConstants.GrantTypes.AuthorizationCode }, new ClientGrantType { Client = client, GrantType = OidcConstants.GrantTypes.RefreshToken }, new ClientGrantType { Client = client, GrantType = OidcConstants.GrantTypes.JwtBearer } }; }
/// <summary> /// Add new client, this method doesn't save client secrets, client claims, client properties /// </summary> /// <param name="client"></param> /// <returns>This method return new client id</returns> public async Task <int> AddClientAsync(Client client) { _dbContext.Clients.Add(client); await AutoSaveChangesAsync(); return(client.Id); }
public static ClientModel FromEntity(IdentityServer4.EntityFramework.Entities.Client client) { var config = new MapperConfiguration(cfg => cfg.CreateMap <IdentityServer4.Models.Client, ClientModel>()); var mapper = config.CreateMapper(); var model = mapper.Map <ClientModel>(client.ToModel()); model.Id = client.Id; return(model); }
public void UpdatePostLogoutRedirectUris( IdentityServer4.EntityFramework.Entities.Client client, List <string> postLogoutRedirectUris) { IdentityServer4.Models.Client clientModel = new IdentityServer4.Models.Client(); clientModel.PostLogoutRedirectUris = postLogoutRedirectUris; client.PostLogoutRedirectUris = clientModel.ToEntity().PostLogoutRedirectUris; }
public virtual async Task <int> UpdateClientAsync(Client client, bool updateClientClaims = false, bool updateClientProperties = false) { //Remove old relations await RemoveClientRelationsAsync(client, updateClientClaims, updateClientProperties); //Update with new data DbContext.Clients.Update(client); return(await AutoSaveChangesAsync()); }
public async Task UpdateClient(Client client) { if (client == null) { throw new ArgumentNullException(nameof(client)); } _configurationDbContext.Clients.Update(client); await _configurationDbContext.SaveChangesAsync(); }
public void UpdateRedirectUris( IdentityServer4.EntityFramework.Entities.Client client, List <string> redirectUris ) { IdentityServer4.Models.Client clientModel = new IdentityServer4.Models.Client(); clientModel.RedirectUris = redirectUris; client.RedirectUris = clientModel.ToEntity().RedirectUris; }
public void UpdateClient(SharedModels.Client client) { IdentityServer4.EntityFramework.Entities.Client clientModel = MapBllToDal(client); var deleteobj = _applicationClientRepository.GetClientByClientId(clientModel.ClientId); _applicationClientRepository.DeleteClient(deleteobj); _applicationClientRepository.AddClient(clientModel); //_applicationClientRepository.UpdateClient(clientModel); }
public async Task <int> UpdateClientAsync(Client client) { //Remove old relations await RemoveClientRelationsAsync(client); //Update with new data _dbContext.Clients.Update(client); return(await AutoSaveChangesAsync()); }
public void UpdateAllowedScopes( IdentityServer4.EntityFramework.Entities.Client client, List <string> allowedScopes ) { IdentityServer4.Models.Client clientModel = new IdentityServer4.Models.Client(); clientModel.AllowedScopes = allowedScopes; client.AllowedScopes = clientModel.ToEntity().AllowedScopes; }
public void AddClient(SharedModels.Client client) { IdentityServer4.EntityFramework.Entities.Client clientModel = MapBllToDal(client); try { _applicationClientRepository.AddClient(clientModel); } catch (Exception e) { throw e; } }
private async Task RemoveClientRelationsAsync(Client client) { using (var dbContext = ConnectionDatabase.Get(_configuration)) { await dbContext.ExecuteAsync(@"delete from ClientScopes where ClientId=@Id; delete from ClientGrantTypes where ClientId=@Id; delete from ClientRedirectUris where ClientId=@Id; delete from ClientCorsOrigins where ClientId=@Id; delete from ClientIdPRestrictions where ClientId=@Id; delete from ClientPostLogoutRedirectUris where ClientId=@Id;", new { client.Id }); } }
public void RemoveClient( int id ) { IdentityServer4.EntityFramework.Entities.Client client = _repository.FirstOrDefault(id); if (client == null) { throw new Exception("不存在的客户端"); } _repository.Remove(client); }
public async Task <Oauth2Client> ApplyClientDefinitionAsync(Oauth2ClientSubmit oauth2ClientSubmit, bool dryRun, SecurityContractDryRunResult securityContractDryRunResult) { logger.Debug($"[client.clientId: '{oauth2ClientSubmit.ClientId}']: Applying client definition for client: '{oauth2ClientSubmit.ClientId}'."); IdentityServer4.EntityFramework.Entities.Client client = await identityClientRepository.GetByClientIdAsync(oauth2ClientSubmit.ClientId); bool newClient = false; if (client == null) { client = new IdentityServer4.EntityFramework.Entities.Client(); newClient = true; } client.AllowOfflineAccess = oauth2ClientSubmit.AllowedOfflineAccess; client.ClientId = oauth2ClientSubmit.ClientId; client.ClientName = oauth2ClientSubmit.Name; // The following properties of clients are not externally configurable, but we do need to add them th clients to get the desired behaviour. client.UpdateAccessTokenClaimsOnRefresh = true; client.AlwaysSendClientClaims = true; client.AlwaysIncludeUserClaimsInIdToken = true; client.RequireConsent = false; if (oauth2ClientSubmit.AccessTokenLifetime > 0) { client.AccessTokenLifetime = oauth2ClientSubmit.AccessTokenLifetime; } if (oauth2ClientSubmit.IdentityTokenLifetime > 0) { client.IdentityTokenLifetime = oauth2ClientSubmit.IdentityTokenLifetime; } client.RefreshTokenExpiration = (int)TokenExpiration.Absolute; client.RefreshTokenUsage = (int)TokenUsage.OneTimeOnly; ApplyClientAllowedScopes(client, oauth2ClientSubmit); ApplyClientAllowedGrantTypes(client, oauth2ClientSubmit); ApplyClientSecrets(client, oauth2ClientSubmit); ApplyClientRedirectUris(client, oauth2ClientSubmit); ApplyClientPostLogoutRedirectUris(client, oauth2ClientSubmit); ApplyClientAllowedCorsOrigins(client, oauth2ClientSubmit, dryRun, securityContractDryRunResult); if (newClient) { logger.Debug($"[client.clientId: '{oauth2ClientSubmit.ClientId}']: Client '{oauth2ClientSubmit.ClientId}' does not exist. Creating it."); return(mapper.Map <Oauth2Client>(await identityClientRepository.CreateAsync(client))); } logger.Debug($"[client.clientId: '{oauth2ClientSubmit.ClientId}']: Client '{oauth2ClientSubmit.ClientId}' already exists. Updating it."); return(mapper.Map <Oauth2Client>(await identityClientRepository.UpdateAsync(client))); }
private void ApplyClientAllowedGrantTypes(IdentityServer4.EntityFramework.Entities.Client client, Oauth2ClientSubmit oauth2ClientSubmit) { client.AllowedGrantTypes = new List <ClientGrantType>(); foreach (var grantType in oauth2ClientSubmit.AllowedGrantTypes) { client.AllowedGrantTypes.Add(new ClientGrantType { Client = client, GrantType = grantType }); } }
private void ApplyClientRedirectUris(IdentityServer4.EntityFramework.Entities.Client client, Oauth2ClientSubmit oauth2ClientSubmit) { client.RedirectUris = new List <ClientRedirectUri>(); foreach (var redirectUri in oauth2ClientSubmit.RedirectUris) { client.RedirectUris.Add(new ClientRedirectUri { Client = client, RedirectUri = redirectUri }); } }
private async Task RemoveClientRelationsAsync(Client client, bool updateClientClaims, bool updateClientProperties) { //Remove old allowed scopes var clientScopes = await DbContext.ClientScopes.Where(x => x.Client.Id == client.Id).ToListAsync(); DbContext.ClientScopes.RemoveRange(clientScopes); //Remove old grant types var clientGrantTypes = await DbContext.ClientGrantTypes.Where(x => x.Client.Id == client.Id).ToListAsync(); DbContext.ClientGrantTypes.RemoveRange(clientGrantTypes); //Remove old redirect uri var clientRedirectUris = await DbContext.ClientRedirectUris.Where(x => x.Client.Id == client.Id).ToListAsync(); DbContext.ClientRedirectUris.RemoveRange(clientRedirectUris); //Remove old client cors var clientCorsOrigins = await DbContext.ClientCorsOrigins.Where(x => x.Client.Id == client.Id).ToListAsync(); DbContext.ClientCorsOrigins.RemoveRange(clientCorsOrigins); //Remove old client id restrictions var clientIdPRestrictions = await DbContext.ClientIdPRestrictions.Where(x => x.Client.Id == client.Id).ToListAsync(); DbContext.ClientIdPRestrictions.RemoveRange(clientIdPRestrictions); //Remove old client post logout redirect var clientPostLogoutRedirectUris = await DbContext.ClientPostLogoutRedirectUris.Where(x => x.Client.Id == client.Id).ToListAsync(); DbContext.ClientPostLogoutRedirectUris.RemoveRange(clientPostLogoutRedirectUris); //Remove old client claims if (updateClientClaims) { var clientClaims = await DbContext.ClientClaims.Where(x => x.Client.Id == client.Id).ToListAsync(); DbContext.ClientClaims.RemoveRange(clientClaims); } //Remove old client properties if (updateClientProperties) { var clientProperties = await DbContext.ClientProperties.Where(x => x.Client.Id == client.Id).ToListAsync(); DbContext.ClientProperties.RemoveRange(clientProperties); } }
public async Task <bool> CanInsertClientAsync(Client client, bool isCloned = false) { if (client.Id == 0 || isCloned) { var existsWithClientName = await _dbContext.Clients.Where(x => x.ClientId == client.ClientId).SingleOrDefaultAsync(); return(existsWithClientName == null); } else { var existsWithClientName = await _dbContext.Clients.Where(x => x.ClientId == client.ClientId && x.Id != client.Id).SingleOrDefaultAsync(); return(existsWithClientName == null); } }
public void UpdateSecrets( IdentityServer4.EntityFramework.Entities.Client client, List <string> clientSecrets ) { List <IdentityServer4.Models.Secret> SecretModels = new List <IdentityServer4.Models.Secret>(); clientSecrets.ForEach(e => { SecretModels.Add(new IdentityServer4.Models.Secret(e.Sha256())); }); IdentityServer4.Models.Client clientModel = new IdentityServer4.Models.Client(); clientModel.ClientSecrets = SecretModels; client.ClientSecrets = clientModel.ToEntity().ClientSecrets; }
public void ApplyClientPostLogoutRedirectUris(IdentityServer4.EntityFramework.Entities.Client client, Oauth2ClientSubmit oauth2ClientSubmit) { client.PostLogoutRedirectUris = new List <ClientPostLogoutRedirectUri>(); if (oauth2ClientSubmit.PostLogoutRedirectUris != null && oauth2ClientSubmit.PostLogoutRedirectUris.Any()) { foreach (var postLogoutRedirectUri in oauth2ClientSubmit.PostLogoutRedirectUris) { client.PostLogoutRedirectUris.Add(new ClientPostLogoutRedirectUri { Client = client, PostLogoutRedirectUri = postLogoutRedirectUri }); } } }
public async Task <MachineClientCreateCommandResult> Handle(MachineClientCreateCommand request, CancellationToken cancellationToken) { var client = new IdentityServer4.EntityFramework.Entities.Client() { ClientId = Guid.NewGuid().ToString(), ClientName = request.Name, AllowedGrantTypes = new List <ClientGrantType> { new ClientGrantType { GrantType = IdentityServer4.Models.GrantType.ClientCredentials } }, AllowedScopes = request.AllowedScopes.Select(x => new ClientScope { Scope = x }).ToList(), ClientSecrets = new List <ClientSecret> { new ClientSecret { Expiration = DateTime.UtcNow.AddYears(2), Description = "Example Secret", Value = "thesecret".Sha256(), Created = DateTime.UtcNow, Type = IdentityServerConstants.SecretTypes.SharedSecret } }, RequirePkce = false, RequireClientSecret = true }; await _context.Clients.AddAsync(client, cancellationToken); await _context.SaveChangesAsync(cancellationToken); return(new MachineClientCreateCommandResult { ClientId = client.ClientId, Name = client.ClientName, GrantTypes = client.AllowedGrantTypes.Select(x => x.GrantType).ToList(), RedirectUris = client.RedirectUris.Select(x => x.RedirectUri).ToList(), Scopes = client.AllowedScopes.Select(x => x.Scope).ToList() }); }
public async Task <IActionResult> AddClients(ClientsViewModel args) { if (ModelState.IsValid) { var scoper = new List <ClientScope>(); args.allowed_scopes?.ForEach(x => { scoper.Add(new ClientScope { Scope = x }); }); var corss = new List <ClientCorsOrigin>(); args.allowed_cors_origins?.ForEach(x => { corss.Add(new ClientCorsOrigin { Origin = x }); }); var grants = new List <ClientGrantType>(); args.allowed_grant_types?.ForEach(x => { grants.Add(new ClientGrantType { GrantType = x }); }); var client = new IdentityServer4.EntityFramework.Entities.Client { ClientId = args.client_id, ClientName = args.client_name, ClientSecrets = new List <ClientSecret> { new ClientSecret { Value = args.client_secrets.Sha256() } }, AllowedScopes = scoper, AllowedCorsOrigins = corss, // RedirectUris = new List<ClientRedirectUri> { new ClientRedirectUri { RedirectUri = args.redirect_uris } }, //PostLogoutRedirectUris = new List<ClientPostLogoutRedirectUri> { new ClientPostLogoutRedirectUri { PostLogoutRedirectUri=args.post_logout_redirect_uris} }, AllowedGrantTypes = grants }; _context.Clients.Add(client); var resutlt = await _context.SaveChangesAsync(); if (resutlt > 0) { return(RedirectToAction("Clients")); } ModelState.AddModelError(string.Empty, "Client添加失败"); return(View(args)); } ModelState.AddModelError(string.Empty, "参数验证错误"); return(RedirectToAction("AddClients")); }