protected GoodIdEndpoint(
IncomingRequest incomingRequest,
string clientId,
RsaPrivateKey signingKey,
RsaPrivateKey encryptionKey,
OpenIdRequestSource requestSource,
string redirectUri,
Acr acr,
int?maxAge,
ServiceLocator serviceLocator)
{
if (string.IsNullOrEmpty(clientId))
{
throw new GoodIdException($"{nameof(clientId)} can not be empty");
}
if (maxAge.HasValue && (maxAge.Value < MAX_AGE_MIN_VALUE || maxAge.Value > MAX_AGE_MAX_VALUE))
{
throw new GoodIdException($"{nameof(maxAge)} must be null or an int in the range [{MAX_AGE_MIN_VALUE}, {MAX_AGE_MAX_VALUE}]");
}
mIncomingRequest = incomingRequest;
mClientId = clientId;
mSigningKey = signingKey;
mEncryptionKey = encryptionKey;
mRequestSource = requestSource;
mRedirectUri = redirectUri;
mAcr = acr;
mMaxAge = maxAge;
mServiceLocator = serviceLocator;
}
public IActionResult SaveData()
{
try
{
sSelectedAcr = (Acr)int.Parse(Request.Form["acr"]);
}
catch (Exception e)
{
mLogger.LogWarning($"Error type:{e.GetType()}\nError message: {e.Message}\nTrace:{e.StackTrace}");
HttpContext.Session.SetString("error", "Error setting the ACR: " + e.Message);
}
try
{
string claims = sSelectedclaims.ToString();
if (string.IsNullOrEmpty(Request.Form["claims"]) == false)
{
claims = Request.Form["claims"];
}
sSelectedclaims = JToken.Parse(claims);
}
catch (Exception e)
{
mLogger.LogWarning($"Error type:{e.GetType()}\nError message: {e.Message}\nTrace:{e.StackTrace}\nValues:{Request.Form["claims"]}");
HttpContext.Session.SetString("error", "Error setting the Claims: " + e.Message);
}
var fullUrl = this.Url.Action("Index", "GoodID", null, Request.Scheme);
return(new RedirectResult(fullUrl));
}
public string ToJson(
string clientId,
string redirectUri,
GoodIdServerConfig goodIdServerConfig,
Acr acr = Acr.LEVEL_DEFAULT,
int?maxAge = null
)
{
AddAcr(acr);
var obj = new JObject
{
["iss"] = clientId,
["aud"] = goodIdServerConfig.AudienceUri,
["response_type"] = RESPONSE_TYPE_CODE,
["client_id"] = clientId,
["redirect_uri"] = redirectUri,
["scope"] = SCOPE_OPENID,
["claims"] = mClaims
};
if (maxAge.HasValue)
{
obj["max_age"] = maxAge.Value;
}
return(obj.ToString(Newtonsoft.Json.Formatting.None));
}
public void CheckClaim(JToken token)
{
Acr acr = idToken["acr"].ToObject <Acr>();
string user = token.Value <string>();
if (acr < Acr.LEVEL_3)
{
if (string.IsNullOrEmpty(user) == false)
{
throw new ValidationException("Unverifiable user claim");
}
return;
}
if (string.IsNullOrEmpty(user) == true)
{
throw new ValidationException("Missing user claim");
}
}
public static GoodIdEndpoint CreateGoodIDEndpoint(
ServiceLocator serviceLocator,
IncomingRequest incomingRequest,
string clientId,
RsaPrivateKey signingKey,
RsaPrivateKey encryptionKey,
OpenIdRequestSource openIdRequestSource,
string redirectUri,
Acr acr = Acr.LEVEL_DEFAULT,
int?maxAge = null
)
{
try
{
var goodIdServerConfig = serviceLocator.ServerConfig;
var sessionDataHandler = serviceLocator.SessionDataHandler;
var stateNonceHandler = serviceLocator.StateNonceHandler;
return(new GoodIdRequestBuilderEndpoint(
incomingRequest,
clientId,
signingKey,
encryptionKey,
openIdRequestSource,
redirectUri,
acr,
maxAge,
serviceLocator
));
}catch (GoodIdException) {
throw;
}
catch (Exception e) {
throw new GoodIdException("Unknown error: " + e.Message);
}
}
public OpenIdRequestObject(string claims)
{
try
{
mClaims = JObject.Parse(claims);
}
catch (Exception)
{
throw new GoodIdException($"{nameof(claims)} must be valid json");
}
if (mClaims["id_token"]?["acr"]?["value"] != null)
{
try
{
Acr acr = (Acr)(int)mClaims["id_token"]["acr"]["value"];
}
catch (Exception)
{
throw new GoodIdException("Acr must be a valid acr value");
}
}
}
internal GoodIdRequestBuilderEndpoint(
IncomingRequest incomingRequest,
string clientId,
RsaPrivateKey signingKey,
RsaPrivateKey encryptionKey,
OpenIdRequestSource requestSource,
string redirectUri,
Acr acr,
int?maxAge,
ServiceLocator serviceLocator
)
: base(
incomingRequest,
clientId,
signingKey,
encryptionKey,
requestSource,
redirectUri,
acr,
maxAge,
serviceLocator
)
{
}
void AddAcr(Acr acr)
{
if (mClaims["id_token"] == null)
{
mClaims["id_token"] = new JObject();
}
if (mClaims["id_token"]["acr"] == null)
{
mClaims["id_token"]["acr"] = new JObject();
}
if (mClaims["id_token"]["acr"]["value"] == null)
{
mClaims["id_token"]["acr"]["value"] = ((int)acr).ToString();
}
else
{
var oldAcr = (int)mClaims["id_token"]["acr"]["value"];
// ACR value must be a string
mClaims["id_token"]["acr"]["value"] = Math.Max(oldAcr, (int)acr).ToString();
}
}
public TipViewModel(ICalculationService calculationService, Acr.MvvmCross.Plugins.Settings.ISettingsService settingsService)
{
_calculationService = calculationService;
_settingsService = settingsService;
}
public SettingsViewModel(Acr.MvvmCross.Plugins.Settings.ISettingsService settingsService)
{
_settingsService = settingsService;
}