Exemplo n.º 1
0
        /// <summary>
        /// Saves the authentication client.
        /// </summary>
        /// <param name="authScopeId">The authentication scope identifier.</param>
        private void SaveAuthClient(int authScopeId)
        {
            var isNew = authScopeId.Equals(0);

            var authClient = new AuthClient();

            var editAllowed = authClient.IsAuthorized(Authorization.EDIT, CurrentPerson);

            if (!editAllowed)
            {
                DisplayErrorMessage("The current user is not authorized to make changes.");
                return;
            }

            var rockContext       = new RockContext();
            var authClientService = new AuthClientService(rockContext);

            if (isNew)
            {
                authClientService.Add(authClient);
            }
            else
            {
                authClient = authClientService.Get(authScopeId);
            }

            if (authClient == null)
            {
                DisplayErrorMessage("The Auth Client with the specified Id was found.");
                return;
            }

            if (tbClientSecret.Text.IsNullOrWhiteSpace())
            {
                DisplayErrorMessage("A Client Secret is required.");
                return;
            }

            authClient.Name     = tbName.Text;
            authClient.IsActive = cbActive.Checked;
            authClient.ClientId = tbClientId.Text;

            authClient.RedirectUri           = tbRedirectUri.Text;
            authClient.PostLogoutRedirectUri = tbPostLogoutRedirectUri.Text;

            if (tbClientSecret.Text != CLIENT_SECRET_PLACE_HOLDER)
            {
                var entityTypeName        = EntityTypeCache.Get <Rock.Security.Authentication.Database>().Name;
                var databaseAuth          = AuthenticationContainer.GetComponent(entityTypeName) as Rock.Security.Authentication.Database;
                var encryptedClientSecret = databaseAuth.EncryptString(tbClientSecret.Text);
                authClient.ClientSecretHash = encryptedClientSecret;
            }

            var activeClaims   = GetActiveClaims(rockContext).Select(ac => ac.ScopeName).Distinct();
            var selectedClaims = new List <string>(activeClaims.Count());
            var selectedScopes = new List <string>(activeClaims.Count());

            foreach (var scope in activeClaims)
            {
                var checkboxList = litClaims.FindControl(scope) as RockCheckBoxList;
                if (checkboxList == null)
                {
                    continue;
                }
                var selectedScopeClaims = checkboxList.SelectedValues;
                selectedClaims.AddRange(selectedScopeClaims);
                if (selectedScopeClaims.Any())
                {
                    selectedScopes.Add(scope);
                }
            }

            authClient.AllowedClaims = selectedClaims.ToJson();
            authClient.AllowedScopes = selectedScopes.ToJson();
            rockContext.SaveChanges();
        }