internal AntiForgeryWorker(IAntiForgeryTokenSerializer serializer, IAntiForgeryConfig config, ITokenStore tokenStore, ITokenValidator validator)
{
_serializer = serializer;
_config = config;
_tokenStore = tokenStore;
_validator = validator;
}
public UserInfoEndpoint(IdentityServerOptions options, ITokenValidator tokenValidator, IUserInfoResponseGenerator generator, BearerTokenUsageValidator tokenUsageValidator, IEventService events, ILogger<UserInfoEndpoint> logger)
{
_options = options;
_tokenValidator = tokenValidator;
_tokenUsageValidator = tokenUsageValidator;
_generator = generator;
_events = events;
_logger = logger;
}
internal AntiForgeryWorker([NotNull] IAntiForgeryTokenSerializer serializer,
[NotNull] AntiForgeryOptions config,
[NotNull] ITokenStore tokenStore,
[NotNull] ITokenGenerator generator,
[NotNull] ITokenValidator validator)
{
_serializer = serializer;
_config = config;
_tokenStore = tokenStore;
_generator = generator;
_validator = validator;
}
public HttpSecurityTokenRefreshHandler(ISecurityConfiguration configuration, IApiCommandAsync apiCommand, ITokenRefreshRequestBuilder requestBuilder, ITokenValidator validator)
: base(configuration, apiCommand, validator)
{
_requestBuilder = requestBuilder ?? throw new ArgumentNullException(nameof(requestBuilder));
}
/// <summary> Constructor. </summary>
/// <param name="validator"> The validator. </param>
/// <param name="logger"> The logger. </param>
public DelegationGrantValidator(ITokenValidator validator, ILogger <DelegationGrantValidator> logger)
{
_validator = validator;
_logger = logger;
}
/// <summary>
/// Initializes a new instance of the <see cref="IntrospectionRequestValidator"/> class.
/// </summary>
/// <param name="tokenValidator">The token validator.</param>
/// <param name="logger">The logger.</param>
public IntrospectionRequestValidator(ITokenValidator tokenValidator, ILogger <IntrospectionRequestValidator> logger)
{
_tokenValidator = tokenValidator;
_logger = logger;
}
/// <inheritdoc />
public LocalApiAuthenticationHandler(IOptionsMonitor <LocalApiAuthenticationOptions> options, ILoggerFactory logger, UrlEncoder encoder, ISystemClock clock, ITokenValidator tokenValidator)
: base(options, logger, encoder, clock)
{
_tokenValidator = tokenValidator;
_logger = logger.CreateLogger <LocalApiAuthenticationHandler>();
}
public static IAppBuilder RequiresStatelessAuth(this IAppBuilder app, ITokenValidator tokenValidator)
{
return app.Use<RequiresStatelessAuth>(tokenValidator);
}
/// <summary>
/// Initializes a new instance of the <see cref="SecurityController"/> class.
/// </summary>
/// <param name="accountRepository">The repository used for Account data access.</param>
/// <param name="tokenFactory">The factory used to create new tokens.</param>
/// <param name="tokenValidator">The validator used to validate tokens.</param>
/// <param name="refreshTokenRepository">The repository used for RefreshToken data access.</param>
public SecurityController(ISingleKeyRepository <Account> accountRepository, ITokenFactory tokenFactory, ITokenValidator tokenValidator, ISingleKeyRepository <RefreshToken> refreshTokenRepository)
{
AccountRepository = accountRepository;
TokenFactory = tokenFactory;
RefreshTokenRepository = refreshTokenRepository;
TokenValidator = tokenValidator;
}
public TokenRequestBaseValidator(IdentityServerOptions options, IAuthorizationCodeStore authorizationCodeStore, ExtensionGrantValidator extensionGrantValidator, ICustomTokenRequestValidator customRequestValidator, IResourceValidator resourceValidator, IResourceStore resourceStore, ITokenValidator tokenValidator, IRefreshTokenService refreshTokenService, IEventService events, IResourceOwnerPasswordValidator resourceOwnerValidator, IProfileService profile, IDeviceCodeValidator deviceCodeValidator, ISystemClock clock, ILogger logger, ValidatedTokenRequest validatedRequest)
{
_options = options;
_authorizationCodeStore = authorizationCodeStore;
_extensionGrantValidator = extensionGrantValidator;
_customRequestValidator = customRequestValidator;
_resourceValidator = resourceValidator;
_resourceStore = resourceStore;
_tokenValidator = tokenValidator;
_refreshTokenService = refreshTokenService;
_events = events;
_resourceOwnerValidator = resourceOwnerValidator;
_profile = profile;
_deviceCodeValidator = deviceCodeValidator;
_clock = clock;
_logger = logger;
_validatedRequest = validatedRequest;
}
public static IAppBuilder RequiresStatelessAuth(this IAppBuilder app, ITokenValidator tokenValidator, StatelessAuthOptions options = null)
{
return(app.Use <StatelessAuth>(tokenValidator, options));
}
/// <summary>
/// Creates a new instance of <see cref="DelegationGrantValidator"/>.
/// </summary>
/// <param name="validator">Validates an access token.</param>
public DelegationGrantValidator(ITokenValidator validator)
{
_validator = validator ?? throw new ArgumentNullException(nameof(validator));
}
public StatelessAuth GetStatelessAuth(Func <IDictionary <string, object>, Task> nextFunc, ITokenValidator tokenValidator = null, StatelessAuthOptions statelessAuthOptions = null)
{
tokenValidator = tokenValidator ?? GetFakeTokenValidator();
statelessAuthOptions = statelessAuthOptions ?? GetStatelessAuthOptions();
return(new StatelessAuth(nextFunc, tokenValidator, statelessAuthOptions));
}
/// <summary>
/// Constructor
/// </summary>
/// <param name="hangfireConfiguration">Hangfire Configuration</param>
/// <param name="oAuthTokenValidatorConfiguration">OAuthTokenValidator Configuration</param>
/// <param name="tokenValidator">TokenValidator instance</param>
public OwinStartup(IHangfireConfiguration hangfireConfiguration, IOAuthTokenValidatorConfiguration oAuthTokenValidatorConfiguration, ITokenValidator tokenValidator)
{
_hangfireConfiguration = hangfireConfiguration;
_authTokenValidatorConfiguration = oAuthTokenValidatorConfiguration;
_tokenValidator = tokenValidator;
}
public CustomerFunctions(ITokenValidator tokenValidator, IJsonHttpContentValidator jsonHttpContentValidator, IDataRepository <Customer> customerRepository)
{
this.tokenValidator = tokenValidator ?? throw new ArgumentNullException(nameof(tokenValidator));
this.jsonHttpContentValidator = jsonHttpContentValidator ?? throw new ArgumentNullException(nameof(jsonHttpContentValidator));
this.customerRepository = customerRepository ?? throw new ArgumentNullException(nameof(customerRepository));
}
public RequiresStatelessAuth GetStatelessAuth(Func<IDictionary<string, object>, Task> nextFunc, ITokenValidator tokenValidator = null)
{
tokenValidator = tokenValidator ?? GetFakeTokenValidator();
return new RequiresStatelessAuth(nextFunc, tokenValidator);
}
public LimitedAccessGrantValidator(IOptions <LimitedAccessGrantValidatorOptions> options, ITokenValidator tokenValidator)
{
_options = options.Value;
_tokenValidator = tokenValidator;
}
/// <summary>
/// Initializes a new instance of the <see cref="UserInfoRequestValidator" /> class.
/// </summary>
/// <param name="tokenValidator">The token validator.</param>
/// <param name="logger">The logger.</param>
public UserInfoRequestValidator(ITokenValidator tokenValidator, ILogger <UserInfoRequestValidator> logger)
{
_tokenValidator = tokenValidator;
_logger = logger;
}
public UserFunctions(IJsonTextSerializer jsonTextSerializer, ITokenValidator tokenValidator, IDataRepository <User> userRepository)
{
this.jsonTextSerializer = jsonTextSerializer ?? throw new ArgumentNullException(nameof(jsonTextSerializer));
this.tokenValidator = tokenValidator ?? throw new ArgumentNullException(nameof(tokenValidator));
this.userRepository = userRepository ?? throw new ArgumentNullException(nameof(userRepository));
}
public UsuarioCargoController(IUsuarioCargoService usuarioCargoService, IApiResponseMessage apiResponseMessage, ITokenValidator tokenValidator)
{
_usuarioCargoService = usuarioCargoService;
_util = apiResponseMessage;
_tokenValidator = tokenValidator;
}
public AdminController(SignInManager <AppUser> signInManager, UserManager <AppUser> userManager, ITokenValidator validator)
{
_signInManager = signInManager;
_userManager = userManager;
_validator = validator;
}
public TokenExchangeExtensionGrantValidator(ITokenValidator tokenValidator)
{
_tokenValidator = tokenValidator;
}
public ServiceAccountGrantValidator(ITokenValidator validator)
{
_validator = validator;
}
private void CreatePluginFunctions(
IReadOnlyCollection <AbstractClaimsMappingDefinition> claimsMappings,
IReadOnlyCollection <AbstractFunctionDefinition> functionDefinitions)
{
foreach (AbstractFunctionDefinition functionDefinition in functionDefinitions)
{
PluginFunctions pluginFunctions = new PluginFunctions();
pluginFunctions.Handler = functionDefinition.FunctionHandler;
if (functionDefinition.OutputBinding != null)
{
if (functionDefinition.OutputBinding.OutputBindingConverterType != null)
{
pluginFunctions.OutputBindingConverter = (originatingCommand, input) =>
{
IOutputBindingConverter converter =
(IOutputBindingConverter)ServiceProvider.GetService(functionDefinition.OutputBinding
.OutputBindingConverterType);
return(converter.Convert(originatingCommand, input));
};
}
else if (functionDefinition.OutputBinding.OutputBindingConverterFunction != null)
{
pluginFunctions.OutputBindingConverter = (originatingCommand, input) =>
((Func <object, object, object>)functionDefinition.OutputBinding.OutputBindingConverterFunction
.Handler)(originatingCommand, input);
}
}
if (functionDefinition.DeserializeFunction != null)
{
pluginFunctions.Deserialize = (body, enforceSecurityProperties) =>
((Func <string, bool, object>)functionDefinition.SerializeFunction.Handler)(body, enforceSecurityProperties);
}
else
{
pluginFunctions.Deserialize = (body, enforceSecurityProperties) =>
CreateSerializer(functionDefinition).Deserialize(functionDefinition.CommandType, body,
enforceSecurityProperties);
}
if (functionDefinition.SerializeFunction != null)
{
pluginFunctions.Serialize = (obj, enforceSecurityProperties) =>
((Func <object, bool, string>)functionDefinition.SerializeFunction.Handler)(obj,
enforceSecurityProperties);
}
else
{
pluginFunctions.Serialize = (content, enforceSecurityProperties) =>
CreateSerializer(functionDefinition).Serialize(content, enforceSecurityProperties);
}
if (functionDefinition.ValidatorFunction != null)
{
pluginFunctions.Validate = obj =>
((Func <object, object>)functionDefinition.ValidatorFunction.Handler)(obj);
}
else
{
pluginFunctions.Validate = command =>
{
var validator = (FunctionMonkey.Abstractions.Validation.IValidator)
ServiceProvider.GetService(
typeof(FunctionMonkey.Abstractions.Validation.IValidator));
var validationResult = validator.Validate(command);
return(validationResult);
};
}
if (functionDefinition.IsValidFunction != null)
{
pluginFunctions.IsValid = (Func <object, bool>)functionDefinition.IsValidFunction.Handler;
}
else
{
pluginFunctions.IsValid = validationResult =>
{
ValidationResult castValidationResult = (ValidationResult)validationResult;
return(castValidationResult.IsValid);
};
}
if (functionDefinition is HttpFunctionDefinition httpFunctionDefinition)
{
if (httpFunctionDefinition.TokenValidatorFunction != null)
{
if (httpFunctionDefinition.TokenValidatorFunction.IsAsync)
{
pluginFunctions.ValidateToken =
(Func <string, Task <ClaimsPrincipal> >)httpFunctionDefinition.TokenValidatorFunction
.Handler;
}
else
{
pluginFunctions.ValidateToken = authorizationHeader => Task.FromResult(
((Func <string, ClaimsPrincipal>)httpFunctionDefinition.TokenValidatorFunction
.Handler)(authorizationHeader)
);
}
if (claimsMappings == null)
{
pluginFunctions.BindClaims = (principal, command) => Task.FromResult(command);
}
else
{
var mapperFunc = ImmutableCommandClaimsMapperBuilder.Build(httpFunctionDefinition, claimsMappings);
pluginFunctions.BindClaims = (principal, command) => Task.FromResult(mapperFunc(command, principal));
}
}
else
{
pluginFunctions.ValidateToken = async(authorizationHeader) =>
{
/*var tokenValidator = (FunctionMonkey.Abstractions.ITokenValidator)
* ServiceProvider.GetService(httpFunctionDefinition
* .TokenValidatorType);*/
ITokenValidator tokenValidator = ServiceProvider.GetService <ITokenValidator>();
ClaimsPrincipal principal = await tokenValidator.ValidateAsync(authorizationHeader);
return(principal);
};
pluginFunctions.BindClaims = async(principal, command) =>
{
var claimsBinder = (FunctionMonkey.Abstractions.ICommandClaimsBinder)
ServiceProvider.GetService(
typeof(FunctionMonkey.Abstractions.ICommandClaimsBinder));
var claimsBinderTask = claimsBinder.BindAsync(principal, command);
if (claimsBinderTask == null)
{
return(claimsBinder.Bind(principal, command));
}
return(await claimsBinderTask);
};
}
pluginFunctions.IsAuthorized = async(principal, httpVerb, requestUrl) =>
{
var claimsPrincipalAuthorization = (IClaimsPrincipalAuthorization)
ServiceProvider.GetService(httpFunctionDefinition.ClaimsPrincipalAuthorizationType);
return(await claimsPrincipalAuthorization.IsAuthorized(principal, httpVerb, requestUrl));
};
if (HasResponseFunctions(httpFunctionDefinition))
{
if (httpFunctionDefinition.CreateValidationFailureResponseFunction != null)
{
pluginFunctions.CreateValidationFailureResponse =
(Func <object, object, Task <IActionResult> >)
httpFunctionDefinition.CreateValidationFailureResponseFunction.Handler;
}
else
{
pluginFunctions.CreateValidationFailureResponse = (cmd, vr) => null;
}
if (httpFunctionDefinition.CreateResponseForResultFunction != null)
{
pluginFunctions.CreateResponseForResult =
(Func <object, object, Task <IActionResult> >)httpFunctionDefinition
.CreateResponseForResultFunction.Handler;
}
else
{
pluginFunctions.CreateResponseForResult = (cmd, result) => null;
}
if (httpFunctionDefinition.CreateResponseFunction != null)
{
pluginFunctions.CreateResponse =
(Func <object, Task <IActionResult> >)httpFunctionDefinition.CreateResponseFunction.Handler;
}
else
{
pluginFunctions.CreateResponse = cmd => null;
}
if (httpFunctionDefinition.CreateResponseFromExceptionFunction != null)
{
pluginFunctions.CreateResponseFromException =
(Func <object, Exception, Task <IActionResult> >)httpFunctionDefinition.CreateResponseFromExceptionFunction.Handler;
}
else
{
pluginFunctions.CreateResponseFromException = (cmd, ex) => null;
}
}
else if (httpFunctionDefinition.HttpResponseHandlerType != null)
{
pluginFunctions.CreateValidationFailureResponse = (command, validationResult) =>
{
var responseHandler =
(IHttpResponseHandler)ServiceProvider.GetService(
httpFunctionDefinition.HttpResponseHandlerType);
return(responseHandler.CreateValidationFailureResponse(command, (ValidationResult)validationResult));
};
pluginFunctions.CreateResponseForResult = (command, result) =>
{
var responseHandler =
(IHttpResponseHandler)ServiceProvider.GetService(
httpFunctionDefinition.HttpResponseHandlerType);
return(responseHandler.CreateResponse(command, result));
};
pluginFunctions.CreateResponse = command =>
{
var responseHandler =
(IHttpResponseHandler)ServiceProvider.GetService(
httpFunctionDefinition.HttpResponseHandlerType);
return(responseHandler.CreateResponse(command));
};
pluginFunctions.CreateResponseFromException = (command, exception) =>
{
var responseHandler =
(IHttpResponseHandler)ServiceProvider.GetService(
httpFunctionDefinition.HttpResponseHandlerType);
return(responseHandler.CreateResponseFromException(command, exception));
};
}
else
{
pluginFunctions.CreateValidationFailureResponse = (cmd, vr) => null;
pluginFunctions.CreateResponseForResult = (cmd, result) => null;
pluginFunctions.CreateResponse = cmd => null;
pluginFunctions.CreateResponseFromException = (cmd, ex) => null;
}
}
;
PluginFunctions.Add(functionDefinition.Name, pluginFunctions);
}
}
public SecurityTokenHandler(ITokenSerialiser tokenSerialiser, ITokenValidator tokenValidator, IUserClaimsProvider <Tuple <Saml2SecurityToken, HandleTokenContext> > identityProvider)
{
this._tokenSerialiser = tokenSerialiser;
this._tokenValidator = tokenValidator;
this._identityProvider = identityProvider;
}
public TokenExchangeExtensionGrantValidator(ITokenValidator validator)
{
_validator = validator ?? throw new ArgumentNullException(nameof(validator));
}
public DelegationGrantValidator(ITokenValidator validator)
{
_validator = validator;
}
public static IAppBuilder RequiresStatelessAuth(this IAppBuilder app, ITokenValidator tokenValidator, StatelessAuthOptions options = null)
{
return app.Use<StatelessAuth>(tokenValidator, options);
}
internal AntiForgeryWorker(IAntiForgeryTokenSerializer serializer, IAntiForgeryConfig config, ITokenStore tokenStore, ITokenValidator validator)
{
_serializer = serializer;
_config = config;
_tokenStore = tokenStore;
_validator = validator;
}
public PermisoController(IPermisoService permisoService, IApiResponseMessage util, ITokenValidator tokenValidator)
{
_permisoService = permisoService;
_util = util;
_tokenValidator = tokenValidator;
}
public SsnController(IApiResponseMessage apiResponseMessage, ISesionService sesionService, ITokenValidator tokenValidator)
{
_apiResponseMessage = apiResponseMessage;
_tokenValidator = tokenValidator;
_sesionService = sesionService;
}
public StatelessAuth(Func<IDictionary<string, object>, Task> nextFunc, ITokenValidator tokenValidator, StatelessAuthOptions statelessAuthOptions)
{
this.nextFunc = nextFunc;
this.tokenValidator = tokenValidator;
this.statelessAuthOptions = statelessAuthOptions;
}
public IntrospectionRequestValidator(ITokenValidator tokenValidator)
{
_tokenValidator = tokenValidator;
}
public CustomGrantValidator(ITokenValidator validator)
{
}
public AuthenticatieServiceEndpoint(StatelessServiceContext context, ITokenValidator validator)
: base(context)
{
_validator = validator;
}
public RequiresStatelessAuth(Func<IDictionary<string, object>, Task> nextFunc, ITokenValidator tokenValidator)
{
this.nextFunc = nextFunc;
this.tokenValidator = tokenValidator;
}
public static TokenRequestValidator CreateTokenRequestValidator(
IdentityServerOptions options = null,
IResourceStore resourceStore = null,
IAuthorizationCodeStore authorizationCodeStore = null,
IRefreshTokenStore refreshTokenStore = null,
IResourceOwnerPasswordValidator resourceOwnerValidator = null,
IProfileService profile = null,
IDeviceCodeValidator deviceCodeValidator = null,
IEnumerable <IExtensionGrantValidator> extensionGrantValidators = null,
ICustomTokenRequestValidator customRequestValidator = null,
ITokenValidator tokenValidator = null,
ScopeValidator scopeValidator = null)
{
if (options == null)
{
options = TestIdentityServerOptions.Create();
}
if (resourceStore == null)
{
resourceStore = new InMemoryResourcesStore(TestScopes.GetIdentity(), TestScopes.GetApis());
}
if (resourceOwnerValidator == null)
{
resourceOwnerValidator = new TestResourceOwnerPasswordValidator();
}
if (profile == null)
{
profile = new TestProfileService();
}
if (deviceCodeValidator == null)
{
deviceCodeValidator = new TestDeviceCodeValidator();
}
if (customRequestValidator == null)
{
customRequestValidator = new DefaultCustomTokenRequestValidator();
}
ExtensionGrantValidator aggregateExtensionGrantValidator;
if (extensionGrantValidators == null)
{
aggregateExtensionGrantValidator = new ExtensionGrantValidator(new[] { new TestGrantValidator() }, TestLogger.Create <ExtensionGrantValidator>());
}
else
{
aggregateExtensionGrantValidator = new ExtensionGrantValidator(extensionGrantValidators, TestLogger.Create <ExtensionGrantValidator>());
}
if (authorizationCodeStore == null)
{
authorizationCodeStore = CreateAuthorizationCodeStore();
}
if (refreshTokenStore == null)
{
refreshTokenStore = CreateRefreshTokenStore();
}
if (scopeValidator == null)
{
scopeValidator = new ScopeValidator(resourceStore, new LoggerFactory().CreateLogger <ScopeValidator>());
}
if (tokenValidator == null)
{
tokenValidator = CreateTokenValidator(refreshTokenStore: refreshTokenStore, profile: profile);
}
return(new TokenRequestValidator(
options,
authorizationCodeStore,
resourceOwnerValidator,
profile,
deviceCodeValidator,
aggregateExtensionGrantValidator,
customRequestValidator,
scopeValidator,
tokenValidator,
new TestEventService(), new StubClock(), TestLogger.Create <TokenRequestValidator>()));
}
/// <summary>
/// Initializes a new instance of the <see cref="TokenRequestValidator"/> class.
/// </summary>
/// <param name="options">The options.</param>
/// <param name="authorizationCodeStore">The authorization code store.</param>
/// <param name="resourceOwnerValidator">The resource owner validator.</param>
/// <param name="profile">The profile.</param>
/// <param name="extensionGrantValidator">The extension grant validator.</param>
/// <param name="customRequestValidator">The custom request validator.</param>
/// <param name="scopeValidator">The scope validator.</param>
/// <param name="tokenValidator"></param>
/// <param name="events">The events.</param>
/// <param name="clock">The clock.</param>
/// <param name="logger">The logger.</param>
public TokenRequestValidator(IdentityServerOptions options, IAuthorizationCodeStore authorizationCodeStore, IResourceOwnerPasswordValidator resourceOwnerValidator, IProfileService profile, ExtensionGrantValidator extensionGrantValidator, ICustomTokenRequestValidator customRequestValidator, ScopeValidator scopeValidator, ITokenValidator tokenValidator, IEventService events, ISystemClock clock, ILogger <TokenRequestValidator> logger)
{
_logger = logger;
_options = options;
_clock = clock;
_authorizationCodeStore = authorizationCodeStore;
_resourceOwnerValidator = resourceOwnerValidator;
_profile = profile;
_extensionGrantValidator = extensionGrantValidator;
_customRequestValidator = customRequestValidator;
_scopeValidator = scopeValidator;
_tokenValidator = tokenValidator;
_events = events;
}
public StatelessAuth GetStatelessAuth(Func<IDictionary<string, object>, Task> nextFunc, ITokenValidator tokenValidator = null, StatelessAuthOptions statelessAuthOptions = null)
{
tokenValidator = tokenValidator ?? GetFakeTokenValidator();
statelessAuthOptions = statelessAuthOptions ?? GetStatelessAuthOptions();
return new StatelessAuth(nextFunc, tokenValidator, statelessAuthOptions);
}
public IntrospectionRequestValidator(ITokenValidator tokenValidator)
{
_tokenValidator = tokenValidator;
}