public async Task <IActionResult> Index(InputViewModel viewModel)
{
ConsentProcessResult result = await consentService.ProcessResult(viewModel);
if (result.IsRedirect)
{
return(Redirect(result.RedirectUrl));
}
else
{
if (!string.IsNullOrEmpty(result.ValidateError))
{
ModelState.AddModelError("", result.ValidateError);
}
}
return(View(result.consentViewModel));
}
public async Task <ConsentProcessResult> ProcessResult(InputViewModel viewModel)
{
ConsentProcessResult result = new ConsentProcessResult();
ConsentResponse consentResponse = null;
if (viewModel.Button == "no")
{
consentResponse = ConsentResponse.Denied;
}
else
{
if (viewModel.ScopesConsented != null && viewModel.ScopesConsented.Any())
{
var scopes = viewModel.ScopesConsented;
consentResponse = new ConsentResponse
{
RememberConsent = viewModel.RememberConsent,
ScopesConsented = scopes
};
}
else
{
result.ValidateError = "请至少选择一个选择";
}
}
var request = await identityServerInteractionService.GetAuthorizationContextAsync(viewModel.ReturnUrl);
if (consentResponse != null)
{
await identityServerInteractionService.GrantConsentAsync(request, consentResponse);//使用service 验证同意的部分
result.RedirectUrl = viewModel.ReturnUrl;
}
var client = await clientStore.FindClientByIdAsync(request.ClientId);
var resources = await resourceStore.FindResourcesByScopeAsync(client.AllowedScopes);
ConsentViewModel consentViewModel = CreateConsentViewModel(request, client, resources);
result.consentViewModel = consentViewModel;
return(result);
}
public async Task <ConsentProcessResult> ProcessConsent(ConsentInputModel model)
{
var result = new ConsentProcessResult();
ConsentResponse grantedConsent = null;
// user clicked 'no' - send back the standard 'access_denied' response
if (model.Button == "no")
{
grantedConsent = ConsentResponse.Denied;
}
// user clicked 'yes' - validate the data
else if (model.Button == "yes" && model != null)
{
// if the user consented to some scope, build the response model
if (model.ScopesConsented != null && model.ScopesConsented.Any())
{
var scopes = model.ScopesConsented;
if (ConsentOptions.EnableOfflineAccess == false)
{
scopes = scopes.Where(x => x != IdentityServer4.IdentityServerConstants.StandardScopes.OfflineAccess);
}
grantedConsent = new ConsentResponse
{
RememberConsent = model.RememberConsent,
ScopesConsented = scopes.ToArray()
};
}
else
{
result.ValidationError = ConsentOptions.MustChooseOneErrorMessage;
}
}
else
{
result.ValidationError = ConsentOptions.InvalidSelectionErrorMessage;
}
if (grantedConsent != null)
{
// validate return url is still valid
var request = await _interaction.GetAuthorizationContextAsync(model.ReturnUrl);
if (request == null)
{
return(result);
}
// communicate outcome of consent back to identityserver
await _interaction.GrantConsentAsync(request, grantedConsent);
// indicate that's it ok to redirect back to authorization endpoint
result.RedirectUri = model.ReturnUrl;
}
else
{
// we need to redisplay the consent UI
result.ViewModel = await BuildViewModelAsync(model.ReturnUrl, model);
}
return(result);
}