private async Task <ProcessConsentResultPM> ProcessConsentAsync(ConsentInputVM model)
{
var result = new ProcessConsentResultPM();
ConsentResponseSM grantedConsent = null;
// user clicked 'no' - send back the standard 'access_denied' response
if (model.Button == "no")
{
grantedConsent = ConsentResponseSM.Denied;
}
// user clicked 'yes' - validate the data
else if (model.Button == "yes" && model != null)
{
// if the user consented to some scope, build the response model
if (model.ScopesConsented != null && model.ScopesConsented.Any())
{
var scopes = model.ScopesConsented;
if (ConsentOptionsOM.EnableOfflineAccess == false)
{
scopes = scopes.Where(x => x != _securableService.GetOfflineAccessScopeName()); // IdentityServer4.IdentityServerConstants.StandardScopes.OfflineAccess);
}
grantedConsent = new ConsentResponseSM
{
RememberConsent = model.RememberConsent,
ScopesConsented = scopes.ToArray()
};
}
else
{
result.ValidationError = ConsentOptionsOM.MustChooseOneErrorMessage;
}
}
else
{
result.ValidationError = ConsentOptionsOM.InvalidSelectionErrorMessage;
}
if (grantedConsent != null)
{
// communicate outcome of consent back to identityserver
var granted = await _securableService.GrantConsentAsync(model.ReturnUrl, grantedConsent);
if (!granted)
{
return(result);
}
// indicate that's it ok to redirect back to authorization endpoint
result.RedirectUri = model.ReturnUrl;
}
else
{
// we need to redisplay the consent UI
result.ViewModel = await ConsentVMFactory.BuildConsentVMAsync(_securableService, _logger, model.ReturnUrl, model);
}
return(result);
}
public async Task <IActionResult> Index(string returnUrl)
{
var vm = await ConsentVMFactory.BuildConsentVMAsync(_securableService, _logger, returnUrl);
if (vm != null)
{
return(View("Index", vm));
}
return(View("Error"));
}