protected override void ProcessRecord()
{
var db = new ClientConfigurationDbContext(this.ConnectionString, this.Schema);
var client = new Thinktecture.IdentityServer.Core.Models.Client
{
ClientId = this.ClientId,
ClientName = this.ClientName,
ClientSecrets = (from s in this.ClientSecrets
select new Thinktecture.IdentityServer.Core.Models.ClientSecret(s)).ToList(),
Flow = this.Flow,
Enabled = this.Enabled,
RequireConsent = this.RequireConsent,
AllowRememberConsent = this.AllowRememberConsent,
ClientUri = this.ClientUri,
LogoUri = this.LogoUri,
RedirectUris = this.RedirectUris,
PostLogoutRedirectUris = this.PostLogoutUris,
ScopeRestrictions = this.ScopeRestrictions,
IdentityProviderRestrictions = this.IdentityProviderRestrictions,
AccessTokenType = this.AccessTokenType,
AccessTokenLifetime = this.TokensLifetime,
IdentityTokenLifetime = this.TokensLifetime,
AuthorizationCodeLifetime = this.TokensLifetime // bad
};
db.Clients.Add(client.ToEntity());
db.SaveChanges();
WriteObject(client);
}
/// Using EF6
public Ids3RootDTO GetIds3ClientsRoot()
{
using (ClientConfigurationDbContext clientCtx = new ClientConfigurationDbContext(Ids3ConnectiionString))
{
var clients = clientCtx.Clients
.Include(x => x.Claims)
.Include(x => x.AllowedCorsOrigins)
.Include(x => x.AllowedCustomGrantTypes)
.Include(x => x.ClientSecrets)
.Include(x => x.RedirectUris)
.Include(x => x.PostLogoutRedirectUris)
.Include(x => x.AllowedScopes)
.Include(x => x.IdentityProviderRestrictions)
.Include(x => x.AllowedCustomGrantTypes)
//.Include(x => x.Properties)
.AsNoTracking().ToArray();
// Assume that App uses 3 contexts in the same database
using (ScopeConfigurationDbContext scopeCtx = new ScopeConfigurationDbContext(Ids3ConnectiionString))
{
var scopes = scopeCtx.Scopes
.Include(x => x.ScopeClaims)
.Include(x => x.ScopeSecrets)
.AsNoTracking().ToArray();
return(new Ids3RootDTO
{
Clients = clients,
Scopes = scopes
});
}
}
}
public static void SetUp(EntityFrameworkServiceOptions options)
{
using (var db = new ClientConfigurationDbContext(options.ConnectionString, options.Schema))
{
if (!db.Clients.Any())
{
foreach (var c in Clients.Get())
{
var e = c.ToEntity();
db.Clients.Add(e);
}
db.SaveChanges();
}
}
using (var db = new ScopeConfigurationDbContext(options.ConnectionString, options.Schema))
{
if (!db.Scopes.Any())
{
foreach (var s in Scopes.Get())
{
var e = s.ToEntity();
db.Scopes.Add(e);
}
db.SaveChanges();
}
}
}
public static void InitClientAndScopeSampleDatas(EntityFrameworkServiceOptions options)
{
var clients = InMemoryClient.clients;
using (var db = new ClientConfigurationDbContext(options.ConnectionString, options.Schema))
{
if (!db.Clients.Any())
{
foreach (var c in clients)
{
var e = c.ToEntity();
db.Clients.Add(e);
}
db.SaveChanges();
}
}
var scopes = InMemoryScope.scopes;
using (var db = new ScopeConfigurationDbContext(options.ConnectionString, options.Schema))
{
if (!db.Scopes.Any())
{
foreach (var s in scopes)
{
var e = s.ToEntity();
db.Scopes.Add(e);
}
db.SaveChanges();
}
}
}
protected override void ProcessRecord()
{
var db = new ClientConfigurationDbContext(this.ConnectionString, this.Schema);
var entity = db.Clients.First(s => s.ClientId == this.ClientId);
db.Clients.Remove(entity);
db.SaveChanges();
}
public string RegisterUser(string name, string role, string emailaddress)
{
var clientIdGenerator = new ClientIdGenerator();
var clientSecretGenerator = new ClientSecretGenerator();
var repository = new ClientRepository.ClientRepository();
var connectionString = ConfigurationManager.ConnectionStrings["OAuthWCF.IdSrv"].ConnectionString;
var options = new EntityFrameworkServiceOptions {
ConnectionString = connectionString
};
IClientConfigurationDbContext clientdb = new ClientConfigurationDbContext
{
Database =
{
Connection =
{
ConnectionString = connectionString
}
}
};
var clients = new[]
{
new Client
{
ClientId = clientIdGenerator.GenerateClientIdAsync(clientdb),
ClientSecrets = new List <Secret>
{
clientSecretGenerator.GenerateSecret(clientdb)
},
ClientName = name,
Flow = Flows.ClientCredentials,
AllowedScopes = new List <string>
{
role
},
Enabled = true,
Claims = new List <Claim>()
{
new Claim(ClaimTypes.Name, name),
new Claim(ClaimTypes.Role, role),
new Claim(ClaimTypes.Email, emailaddress)
},
AllowClientCredentialsOnly = true
}
};
repository.Add(clients, options);
return(string.Join(".", clients.First().ClientId, clients.First().ClientSecrets.First()));
}
public static void ConfigureClients(IEnumerable <Client> clients, EntityFrameworkServiceOptions options)
{
using (var db = new ClientConfigurationDbContext(options.ConnectionString, options.Schema))
{
if (!db.Clients.Any())
{
foreach (var c in clients)
{
var e = c.ToEntity();
db.Clients.Add(e);
}
db.SaveChanges();
}
}
}
public void SetupClients(IEnumerable <Client> clients, EntityFrameworkServiceOptions options)
{
using (var context = new ClientConfigurationDbContext(options.ConnectionString, options.Schema))
{
if (context.Clients.Any())
{
return;
}
foreach (var client in clients)
{
context.Clients.Add(client.ToEntity());
}
context.SaveChanges();
}
}
protected override void ProcessRecord()
{
var db = new ClientConfigurationDbContext(this.ConnectionString, this.Schema);
if (!string.IsNullOrEmpty(this.ClientId))
{
var client = db.Clients.FirstOrDefault(s => s.ClientId == this.ClientId);
WriteObject(client.ToModel());
}
else
{
var dbclients = db.Clients.ToList();
var clients = from c in dbclients select c.ToModel();
WriteObject(clients);
}
}
public List <Claim> GetClientClaims(string clientId, string clientSecret,
EntityFrameworkServiceOptions options)
{
var list = new List <Claim>();
var secret = new Secret(clientSecret);
using (var context =
new ClientConfigurationDbContext(options.ConnectionString))
{
var client =
context.Clients.First(
v => v.ClientId == clientId);
foreach (var clientClaim in client.Claims)
{
list.Add(new Claim(clientClaim.Type, clientClaim.Value));
}
}
return(list);
}
public void CanAddAndDeleteClientRedirectUri()
{
using (var db = new ClientConfigurationDbContext(ConfigConnectionStringName))
{
db.Clients.Add(new Client
{
ClientId = "test-client",
ClientName = "Test Client"
});
db.SaveChanges();
}
using (var db = new ClientConfigurationDbContext(ConfigConnectionStringName))
{
var client = db.Clients.First();
client.RedirectUris.Add(new ClientRedirectUri
{
Uri = "https://redirect-uri-1"
});
db.SaveChanges();
}
using (var db = new ClientConfigurationDbContext(ConfigConnectionStringName))
{
var client = db.Clients.First();
var redirectUri = client.RedirectUris.First();
client.RedirectUris.Remove(redirectUri);
db.SaveChanges();
}
using (var db = new ClientConfigurationDbContext(ConfigConnectionStringName))
{
var client = db.Clients.First();
Assert.Equal(0, client.RedirectUris.Count());
}
}
public void CanAddAndDeleteClientScopes()
{
using (var db = new ClientConfigurationDbContext(ConfigConnectionStringName))
{
db.Clients.Add(new Client
{
ClientId = "test-client-scopes",
ClientName = "Test Client"
});
db.SaveChanges();
}
using (var db = new ClientConfigurationDbContext(ConfigConnectionStringName))
{
var client = db.Clients.First();
client.AllowedScopes.Add(new ClientScope
{
Scope = "test"
});
db.SaveChanges();
}
using (var db = new ClientConfigurationDbContext(ConfigConnectionStringName))
{
var client = db.Clients.First();
var scope = client.AllowedScopes.First();
client.AllowedScopes.Remove(scope);
db.SaveChanges();
}
using (var db = new ClientConfigurationDbContext(ConfigConnectionStringName))
{
var client = db.Clients.First();
Assert.Equal(0, client.AllowedScopes.Count());
}
}
public EntityFrameworkClientReader(ClientConfigurationDbContext context)
{
this.context = context ?? throw new ArgumentNullException(nameof(context));
}
public IdentityAdminCoreManagerTests()
{
_identityAdminManagerService = new IdentityAdminManagerService("IdSvr3ConfigAdmin");
using (var db = new ClientConfigurationDbContext(ConnectionString))
{
var allClients = db.Clients.Where(p => true);
foreach (var c in allClients)
{
db.Clients.Remove(c);
}
db.SaveChanges();
var testClient = new Client
{
ClientId = "IdToTest",
ClientName = _clientName,
Enabled = true,
Flow = Flows.Implicit,
RequireConsent = true,
AllowRememberConsent = true,
RedirectUris = new List <ClientRedirectUri>()
{
new ClientRedirectUri {
Id = 1, Uri = "www.redirect.com"
}
},
PostLogoutRedirectUris = new List <ClientPostLogoutRedirectUri>()
{
new ClientPostLogoutRedirectUri {
Id = 1, Uri = "www.postRedirectUri.com"
}
},
AllowedScopes = new List <ClientScope>()
{
new ClientScope {
Scope = "read", Id = 1
}
},
AccessTokenType = AccessTokenType.Jwt,
ClientSecrets = new List <ClientSecret> {
new ClientSecret {
Id = 1, Description = "removeMe", Type = "ssssshhh", Value = "nothing to see here"
}
},
IdentityProviderRestrictions = new List <ClientIdPRestriction>()
{
new ClientIdPRestriction {
Id = 1, Provider = "www.provideme.com"
}
},
AllowedCustomGrantTypes = new List <ClientCustomGrantType> {
new ClientCustomGrantType {
Id = 1, GrantType = "Authorization Grant"
}
},
Claims = new List <ClientClaim> {
new ClientClaim {
Id = 1, Value = "tester", Type = "role"
}
},
AllowedCorsOrigins = new List <ClientCorsOrigin> {
new ClientCorsOrigin {
Id = 1, Origin = "www.CrossOriginMe.com"
}
}
};
db.Clients.Add(testClient);
db.SaveChanges();
_clientSubject = testClient.Id.ToString();
}
using (var db = new ScopeConfigurationDbContext(ConnectionString))
{
var allScopes = db.Scopes.Where(p => true);
foreach (var c in allScopes)
{
db.Scopes.Remove(c);
}
db.SaveChanges();
var testScope = new Scope {
Name = _scopeName, ScopeClaims = new List <ScopeClaim> {
new ScopeClaim {
Id = 1, Description = "To Test", Name = "testScope"
}
}
};
db.Scopes.Add(testScope);
db.SaveChanges();
_scopeSubject = testScope.Id.ToString();
}
}
protected override void ProcessRecord()
{
var db = new ClientConfigurationDbContext(this.ConnectionString, this.Schema);
var entity = db.Clients.Single(c => c.ClientId == this.Client.ClientId);
var currentId = entity.Id;
var currentclient = entity.ToModel();
var attachedEntry = db.Entry(entity);
var newentity = this.Client.ToEntity();
newentity.Id = currentId;
attachedEntry.CurrentValues.SetValues(newentity);
// Synchronize nav properties - FIXME ugly
foreach (var uri in currentclient.RedirectUris.Union(this.Client.RedirectUris).Distinct())
{
if (currentclient.RedirectUris.Contains(uri) && !this.Client.RedirectUris.Contains(uri))
{
var urientity = entity.RedirectUris.First(x => x.Uri == uri);
db.Entry(urientity).State = System.Data.Entity.EntityState.Deleted;
entity.RedirectUris.Remove(urientity);
}
else if (!currentclient.RedirectUris.Contains(uri) && this.Client.RedirectUris.Contains(uri))
{
entity.RedirectUris.Add(new ClientRedirectUri()
{
Uri = uri
});
}
}
foreach (var uri in currentclient.PostLogoutRedirectUris.Union(this.Client.PostLogoutRedirectUris).Distinct())
{
if (currentclient.PostLogoutRedirectUris.Contains(uri) && !this.Client.PostLogoutRedirectUris.Contains(uri))
{
var urientity = entity.PostLogoutRedirectUris.First(x => x.Uri == uri);
db.Entry(urientity).State = System.Data.Entity.EntityState.Deleted;
entity.PostLogoutRedirectUris.Remove(urientity);
}
else if (!currentclient.PostLogoutRedirectUris.Contains(uri) && this.Client.PostLogoutRedirectUris.Contains(uri))
{
entity.PostLogoutRedirectUris.Add(new ClientPostLogoutRedirectUri()
{
Uri = uri
});
}
}
foreach (var gt in currentclient.CustomGrantTypeRestrictions.Union(this.Client.CustomGrantTypeRestrictions).Distinct())
{
if (currentclient.CustomGrantTypeRestrictions.Contains(gt) && !this.Client.CustomGrantTypeRestrictions.Contains(gt))
{
var gtentity = entity.CustomGrantTypeRestrictions.First(x => x.GrantType == gt);
db.Entry(gtentity).State = System.Data.Entity.EntityState.Deleted;
entity.CustomGrantTypeRestrictions.Remove(gtentity);
}
else if (!currentclient.CustomGrantTypeRestrictions.Contains(gt) && this.Client.CustomGrantTypeRestrictions.Contains(gt))
{
entity.CustomGrantTypeRestrictions.Add(new ClientGrantTypeRestriction()
{
GrantType = gt
});
}
}
foreach (var scope in currentclient.ScopeRestrictions.Union(this.Client.ScopeRestrictions).Distinct())
{
if (currentclient.ScopeRestrictions.Contains(scope) && !this.Client.ScopeRestrictions.Contains(scope))
{
var scopenetity = entity.ScopeRestrictions.First(x => x.Scope == scope);
db.Entry(scopenetity).State = System.Data.Entity.EntityState.Deleted;
entity.ScopeRestrictions.Remove(scopenetity);
}
else if (!currentclient.ScopeRestrictions.Contains(scope) && this.Client.ScopeRestrictions.Contains(scope))
{
entity.ScopeRestrictions.Add(new ClientScopeRestriction()
{
Scope = scope
});
}
}
foreach (var provider in currentclient.IdentityProviderRestrictions.Union(this.Client.IdentityProviderRestrictions).Distinct())
{
if (currentclient.IdentityProviderRestrictions.Contains(provider) && !this.Client.ScopeRestrictions.Contains(provider))
{
var idpentity = entity.IdentityProviderRestrictions.First(x => x.Provider == provider);
db.Entry(idpentity).State = System.Data.Entity.EntityState.Deleted;
entity.IdentityProviderRestrictions.Remove(idpentity);
}
else if (!currentclient.IdentityProviderRestrictions.Contains(provider) && this.Client.IdentityProviderRestrictions.Contains(provider))
{
entity.IdentityProviderRestrictions.Add(new ClientIdPRestriction()
{
Provider = provider
});
}
}
foreach (var secret in currentclient.ClientSecrets.Union(this.Client.ClientSecrets).Distinct())
{
if (currentclient.ClientSecrets.Any(x => x.Value == secret.Value) && !this.Client.ClientSecrets.Any(x => x.Value == secret.Value))
{
entity.ClientSecrets.Remove(entity.ClientSecrets.First(x => x.Value == secret.Value));
}
else if (!currentclient.ClientSecrets.Any(x => x.Value == secret.Value) && this.Client.ClientSecrets.Any(x => x.Value == secret.Value))
{
entity.ClientSecrets.Add(new Thinktecture.IdentityServer.EntityFramework.Entities.ClientSecret
{
ClientSecretType = secret.ClientSecretType,
Description = secret.ClientSecretType,
Expiration = secret.Expiration,
Value = secret.Value
});
}
}
foreach (var claim in currentclient.Claims.Union(this.Client.Claims).Distinct())
{
if (currentclient.Claims.Any(x => x.Type == claim.Type) && !this.Client.Claims.Any(x => x.Type == claim.Type))
{
entity.Claims.Remove(entity.Claims.First(x => x.Type == claim.Type && x.Value == claim.Value));
}
else if (!currentclient.Claims.Any(x => x.Type == claim.Type) && this.Client.Claims.Any(x => x.Type == claim.Type))
{
entity.Claims.Add(new Thinktecture.IdentityServer.EntityFramework.Entities.ClientClaim()
{
Type = claim.Type,
Value = claim.Value
});
}
}
try
{
db.SaveChanges();
}
catch (System.Data.Entity.Infrastructure.DbUpdateException dbue)
{
WriteError(new ErrorRecord(dbue.InnerException, "DbUpdateException", ErrorCategory.WriteError, entity));
throw dbue;
}
WriteObject(entity.ToModel());
}
public static void Configure(EntityFrameworkServiceOptions options)
{
using (var db = new ScopeConfigurationDbContext(options.ConnectionString, options.Schema))
{
if (!db.Scopes.Any())
{
foreach (var s in StandardScopes.All)
{
var e = s.ToEntity();
db.Scopes.Add(e);
}
foreach (var s in StandardScopes.AllAlwaysInclude)
{
var e = s.ToEntity();
db.Scopes.Add(e);
}
db.SaveChanges();
}
}
using (var db = new Context(options.ConnectionString))
{
if (!db.Users.Any())
{
using (var userManager = new UserManager(new UserStore(db)))
{
var defaultUserPassword = "******"; // Must be atleast 6 characters
var user = new User
{
UserName = "******",
FirstName = "Luke",
LastName = "Skywalker",
Email = "*****@*****.**",
EmailConfirmed = true
};
userManager.Create(user, defaultUserPassword);
userManager.AddClaim(user.Id,
new Claim(Core.Constants.ClaimTypes.WebSite, "https://www.johanbostrom.se/"));
}
db.SaveChanges();
}
}
using (var db = new ClientConfigurationDbContext(options.ConnectionString, options.Schema))
{
if (!db.Clients.Any())
{
var defaultHybridClient = new Client
{
ClientName = "Default Hybrid Client",
ClientId = "default.hybrid",
Flow = Flows.Hybrid,
ClientSecrets = new List <Secret>
{
new Secret("default.hybrid.password".Sha256())
},
AllowedScopes = new List <string>
{
Core.Constants.StandardScopes.OpenId,
Core.Constants.StandardScopes.Profile,
Core.Constants.StandardScopes.Email,
Core.Constants.StandardScopes.Roles,
Core.Constants.StandardScopes.Address,
Core.Constants.StandardScopes.Phone,
Core.Constants.StandardScopes.OfflineAccess
},
ClientUri = "https://localhost:44300/",
RequireConsent = false,
AccessTokenType = AccessTokenType.Reference,
RedirectUris = new List <string>(),
PostLogoutRedirectUris = new List <string>
{
"https://localhost:44300/"
},
LogoutSessionRequired = true
};
db.Clients.Add(defaultHybridClient.ToEntity());
db.SaveChanges();
}
}
}