public static IIdentityServerBuilder AddIdentityServer(this IServiceCollection services, Action<IdentityServerOptions> setupAction = null)
        {
            services.AddAuthentication();

            var options = new IdentityServerOptions();

            if (setupAction != null)
            {
                setupAction(options);
            }

            services.AddInstance(options);
            services.AddTransient<IdentityServerContext>();

            services.AddEndpoints(options.Endpoints);
            services.AddCoreValidators();
            services.AddPluggableValidators();
            services.AddResponseGenerators();

            services.AddSecretParsers();
            services.AddSecretValidators();

            services.AddInMemoryTransientStores();
            services.AddCoreServices();
            services.AddHostServices();

            return new IdentityServerBuilder(services);
        }
Exemplo n.º 2
0
 public UserInfoEndpoint(IdentityServerOptions options, ITokenValidator tokenValidator, IUserInfoResponseGenerator generator, BearerTokenUsageValidator tokenUsageValidator, IEventService events, ILogger<UserInfoEndpoint> logger)
 {
     _options = options;
     _tokenValidator = tokenValidator;
     _tokenUsageValidator = tokenUsageValidator;
     _generator = generator;
     _events = events;
     _logger = logger;
 }
 public DiscoveryEndpoint(IdentityServerOptions options, IdentityServerContext context, IScopeStore scopes, ILogger<DiscoveryEndpoint> logger, ISigningKeyService keyService, CustomGrantValidator customGrants, SecretParser parsers)
 {
     _options = options;
     _scopes = scopes;
     _logger = logger;
     _keyService = keyService;
     _context = context;
     _customGrants = customGrants;
     _parsers = parsers;
 }
        public static IIdentityServerBuilder AddIdentityServer(this IServiceCollection services, Action<IdentityServerOptions> setupAction = null)
        {
            var options = new IdentityServerOptions();

            if (setupAction != null)
            {
                setupAction(options);
            }

            return services.AddIdentityServer(options);
        }
Exemplo n.º 5
0
        public TokenValidator(IdentityServerOptions options, IdentityServerContext context, IClientStore clients, ITokenHandleStore tokenHandles, ICustomTokenValidator customValidator, ISigningKeyService keyService, ILogger<TokenValidator> logger)
        {
            _options = options;
            _context = context;
            _clients = clients;
            _tokenHandles = tokenHandles;
            _customValidator = customValidator;
            _keyService = keyService;
            _logger = logger;

            _log = new TokenValidationLog();
        }
Exemplo n.º 6
0
        public static AuthorizeRequestValidator CreateAuthorizeRequestValidator(
            IdentityServerOptions options = null,
            IScopeStore scopes = null,
            IClientStore clients = null,
            IProfileService profile = null,
            ICustomRequestValidator customValidator = null,
            IRedirectUriValidator uriValidator = null,
            ScopeValidator scopeValidator = null,
            IDictionary<string, object> environment = null)
        {
            if (options == null)
            {
                options = TestIdentityServerOptions.Create();
            }

            if (scopes == null)
            {
                scopes = new InMemoryScopeStore(TestScopes.Get());
            }

            if (clients == null)
            {
                clients = new InMemoryClientStore(TestClients.Get());
            }

            if (customValidator == null)
            {
                customValidator = new DefaultCustomRequestValidator();
            }

            if (uriValidator == null)
            {
                uriValidator = new StrictRedirectUriValidator();
            }

            if (scopeValidator == null)
            {
                scopeValidator = new ScopeValidator(scopes, new LoggerFactory());
            }

            var sessionCookie = new SessionCookie(IdentityServerContextHelper.Create(null, options));

            return new AuthorizeRequestValidator(
                options,
                clients,
                customValidator,
                uriValidator,
                scopeValidator,
                sessionCookie,
                new Logger<AuthorizeRequestValidator>(new LoggerFactory())
            );
        }
        public TokenRequestValidator(IdentityServerOptions options, IAuthorizationCodeStore authorizationCodes, IRefreshTokenStore refreshTokens, IUserService users, CustomGrantValidator customGrantValidator, ICustomRequestValidator customRequestValidator, ScopeValidator scopeValidator, IEventService events, ILoggerFactory loggerFactory)
        {
            _logger = loggerFactory.CreateLogger<TokenRequestValidator>();

            _options = options;
            _authorizationCodes = authorizationCodes;
            _refreshTokens = refreshTokens;
            _users = users;
            _customGrantValidator = customGrantValidator;
            _customRequestValidator = customRequestValidator;
            _scopeValidator = scopeValidator;
            _events = events;
        }
 public AuthorizeInteractionResponseGenerator(
     ILogger<AuthorizeInteractionResponseGenerator> logger, 
     IdentityServerOptions options, 
     IConsentService consent, 
     IUserService users, 
     ILocalizationService localizationService)
 {
     _logger = logger;
     _options = options;
     _consent = consent;
     _users = users;
     _localizationService = localizationService;
 }
 public AuthorizeInteractionResponseGenerator(
     ILogger<AuthorizeInteractionResponseGenerator> logger, 
     IdentityServerOptions options, 
     IConsentService consent, 
     IProfileService profile, 
     ILocalizationService localizationService)
 {
     _logger = logger;
     _options = options;
     _consent = consent;
     _profile = profile;
     _localizationService = localizationService;
 }
Exemplo n.º 10
0
        public TokenRequestValidator(IdentityServerOptions options, IAuthorizationCodeStore authorizationCodes, IRefreshTokenStore refreshTokens, IResourceOwnerPasswordValidator resourceOwnerValidator, IProfileService profile, CustomGrantValidator customGrantValidator, ICustomRequestValidator customRequestValidator, ScopeValidator scopeValidator, IEventService events, ILoggerFactory loggerFactory)
        {
            _logger = loggerFactory.CreateLogger<TokenRequestValidator>();

            _options = options;
            _authorizationCodes = authorizationCodes;
            _refreshTokens = refreshTokens;
            _resourceOwnerValidator = resourceOwnerValidator;
            _profile = profile;
            _customGrantValidator = customGrantValidator;
            _customRequestValidator = customRequestValidator;
            _scopeValidator = scopeValidator;
            _events = events;
        }
        public static IdentityServerOptions Create()
        {
            var options = new IdentityServerOptions
            {
                IssuerUri = "https://idsrv3.com",
                SiteName = "IdentityServer3 - test",
                //todo
                //DataProtector = new NoDataProtector(),
            };

            options.SigningCertificate = TestCert.Load();
            
            return options;
        }
Exemplo n.º 12
0
 public AuthorizeRequestValidator(
     IdentityServerOptions options, 
     IClientStore clients, 
     ICustomRequestValidator customValidator, 
     IRedirectUriValidator uriValidator, 
     ScopeValidator scopeValidator,
     SessionCookie sessionCookie,
     ILogger<AuthorizeRequestValidator> logger)
 {
     _options = options;
     _clients = clients;
     _customValidator = customValidator;
     _uriValidator = uriValidator;
     _scopeValidator = scopeValidator;
     _sessionCookie = sessionCookie;
     _logger = logger;
 }
        public async Task RefreshTokenTooLong()
        {
            var store = new InMemoryRefreshTokenStore();
            var client = await _clients.FindClientByIdAsync("roclient");
            var options = new IdentityServerOptions();

            var validator = Factory.CreateTokenRequestValidator(
                refreshTokens: store);
            var longRefreshToken = "x".Repeat(options.InputLengthRestrictions.RefreshToken + 1);

            var parameters = new NameValueCollection();
            parameters.Add(OidcConstants.TokenRequest.GrantType, "refresh_token");
            parameters.Add(OidcConstants.TokenRequest.RefreshToken, longRefreshToken);

            var result = await validator.ValidateRequestAsync(parameters, client);

            result.IsError.Should().BeTrue();
            result.Error.Should().Be(OidcConstants.TokenErrors.InvalidGrant);
        }
        public async Task AuthorizationCodeTooLong()
        {
            var client = await _clients.FindClientByIdAsync("codeclient");
            var store = new InMemoryAuthorizationCodeStore();
            var options = new IdentityServerOptions();

            var code = new AuthorizationCode
            {
                Client = client,
                IsOpenId = true,
                RedirectUri = "https://server/cb",
            };

            await store.StoreAsync("valid", code);

            var validator = Factory.CreateTokenRequestValidator(
                authorizationCodeStore: store);
            var longCode = "x".Repeat(options.InputLengthRestrictions.AuthorizationCode + 1);

            var parameters = new NameValueCollection();
            parameters.Add(OidcConstants.TokenRequest.GrantType, OidcConstants.GrantTypes.AuthorizationCode);
            parameters.Add(OidcConstants.TokenRequest.Code, longCode);
            parameters.Add(OidcConstants.TokenRequest.RedirectUri, "https://server/cb");

            var result = await validator.ValidateRequestAsync(parameters, client);

            result.IsError.Should().BeTrue();
            result.Error.Should().Be(OidcConstants.TokenErrors.InvalidGrant);
        }
Exemplo n.º 15
0
        public static TokenRequestValidator CreateTokenRequestValidator(
            IdentityServerOptions options = null,
            IScopeStore scopes = null,
            IAuthorizationCodeStore authorizationCodeStore = null,
            IRefreshTokenStore refreshTokens = null,
            IResourceOwnerPasswordValidator resourceOwnerValidator = null,
            IProfileService profile = null,
            IEnumerable<ICustomGrantValidator> customGrantValidators = null,
            ICustomRequestValidator customRequestValidator = null,
            ScopeValidator scopeValidator = null)
        {
            if (options == null)
            {
                options = TestIdentityServerOptions.Create();
            }

            if (scopes == null)
            {
                scopes = new InMemoryScopeStore(TestScopes.Get());
            }

            if (resourceOwnerValidator == null)
            {
                resourceOwnerValidator = new TestResourceOwnerPasswordValidator();
            }

            if (profile == null)
            {
                profile = new TestProfileService();
            }

            if (customRequestValidator == null)
            {
                customRequestValidator = new DefaultCustomRequestValidator();
            }

            CustomGrantValidator aggregateCustomValidator;
            if (customGrantValidators == null)
            {
                aggregateCustomValidator = new CustomGrantValidator(new [] { new TestGrantValidator() }, new Logger<CustomGrantValidator>(new LoggerFactory()));
            }
            else
            {
                aggregateCustomValidator = new CustomGrantValidator(customGrantValidators, new Logger<CustomGrantValidator>(new LoggerFactory()));
            }

            if (refreshTokens == null)
            {
                refreshTokens = new InMemoryRefreshTokenStore();
            }

            if (scopeValidator == null)
            {
                scopeValidator = new ScopeValidator(scopes, new LoggerFactory());
            }

            return new TokenRequestValidator(
                options,
                authorizationCodeStore,
                refreshTokens,
                resourceOwnerValidator,
                profile,
                aggregateCustomValidator,
                customRequestValidator,
                scopeValidator,
                new DefaultEventService(new LoggerFactory()),
                new LoggerFactory());
        }
 public IdentityServerContext(IHttpContextAccessor contextAccessor, IdentityServerOptions options)
 {
     HttpContext = contextAccessor.HttpContext;
     Options = options;
 }
 public static IdentityServerContext Create(HttpContext context = null, IdentityServerOptions options = null)
 {
     var accessor = new HttpContextAccessor();
     accessor.HttpContext = context ?? new DefaultHttpContext();
     return new IdentityServerContext(accessor, options ?? new IdentityServerOptions());
 }
Exemplo n.º 18
0
 /// <summary>
 /// Creates the parser with options
 /// </summary>
 /// <param name="options">IdentityServer options</param>
 public PostBodySecretParser(IdentityServerOptions options, ILoggerFactory loggerFactory)
 {
     _logger = loggerFactory.CreateLogger<PostBodySecretParser>();
     _options = options;
 }
Exemplo n.º 19
0
 /// <summary>
 /// Creates the parser with a reference to identity server options
 /// </summary>
 /// <param name="options">IdentityServer options</param>
 public BasicAuthenticationSecretParser(IdentityServerOptions options, ILoggerFactory loggerFactory)
 {
     _options = options;
     _logger = loggerFactory.CreateLogger<BasicAuthenticationSecretParser>();
 }
Exemplo n.º 20
0
        public static IIdentityServerBuilder AddIdentityServer(this IServiceCollection services, IdentityServerOptions options)
        {
            services.AddSingleton(options);

            services.AddAuthentication();

            services.AddTransient<IdentityServerContext>();

            services.AddEndpoints(options.Endpoints);
            services.AddCoreValidators();
            services.AddPluggableValidators();
            services.AddResponseGenerators();

            services.AddSecretParsers();
            services.AddSecretValidators();

            services.AddInMemoryTransientStores();
            services.AddCoreServices();
            services.AddHostServices();

            return new IdentityServerBuilder(services);
        }
 public BasicAuthenticationSecretParsing()
 {
     _options = new IdentityServerOptions();
     _parser = new BasicAuthenticationSecretParser(_options, new LoggerFactory());
 }
 /// <summary>
 /// Initializes the services with identity server options
 /// </summary>
 /// <param name="options"></param>
 public DefaultSigningKeyService(IdentityServerOptions options)
 {
     _options = options;
 }
        public async Task Reference_Token_Too_Long()
        {
            var store = new InMemoryTokenHandleStore();
            var validator = Factory.CreateTokenValidator(store);
            var options = new IdentityServerOptions();

            var longToken = "x".Repeat(options.InputLengthRestrictions.TokenHandle + 1);
            var result = await validator.ValidateAccessTokenAsync(longToken);

            result.IsError.Should().BeTrue();
            result.Error.Should().Be(OidcConstants.ProtectedResourceErrors.InvalidToken);
        }
 public FormPostCredentialExtraction()
 {
     _options = new IdentityServerOptions();
     _parser = new PostBodySecretParser(_options, new LoggerFactory());
 }